public function output()
{
global $vbulletin;
$vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT));
// verify the userid exists, don't want useless entries in our table.
if ($vbulletin->GPC['userid'] and $vbulletin->GPC['userid'] != $vbulletin->userinfo['userid']) {
if (!($userinfo = fetch_userinfo($vbulletin->GPC['userid']))) {
standard_error(fetch_error('invalidid', $vbphrase['user'], $vbulletin->options['contactuslink']));
}
// are we a member of this user's blog?
if (!is_member_of_blog($vbulletin->userinfo, $userinfo)) {
print_no_permission();
}
$userid = $userinfo['userid'];
/* Blog posting check */
if (!($userinfo['permissions']['vbblog_entry_permissions'] & $vbulletin->bf_ugp_vbblog_entry_permissions['blog_canpost']) or !($userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])) {
print_no_permission();
}
} else {
$userinfo =& $vbulletin->userinfo;
$userid = '';
/* Blog posting check, no guests! */
if (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) or !($vbulletin->userinfo['permissions']['vbblog_entry_permissions'] & $vbulletin->bf_ugp_vbblog_entry_permissions['blog_canpost']) or !$vbulletin->userinfo['userid']) {
print_no_permission();
}
}
require_once DIR . '/includes/blog_functions_shared.php';
prepare_blog_category_permissions($userinfo, true);
$globalcats = $this->construct_category($userinfo, 'global');
$localcats = $this->construct_category($userinfo, 'local');
return array('globalcategorybits' => $globalcats, 'localcategorybits' => $localcats);
}
protected function fetchCanViewBlogComment($blogtextid)
{
if (!($blogtextrecord = $this->content['blogtext'][$blogtextid])) {
return false;
}
$blogrecord = $this->content['blog'][$blogtextrecord['blogid']];
$state = array('visible');
if (can_moderate_blog('canmoderatecomments') or is_member_of_blog(vB::$vbulletin->userinfo, $blogrecord)) {
$state[] = 'moderation';
}
if (!in_array($blogtextrecord['state'], $state)) {
return false;
}
return $this->fetchCanViewBlogEntry($blogtextrecord['blogid']);
}
function post_save_each($doquery = true)
{
$blogid = intval($this->fetch_field('blogid'));
$userid = intval($this->fetch_field('userid'));
$blogtextid = $this->fetch_field('blogtextid');
$postedby_userid = intval($this->fetch_field('postedby_userid'));
require_once(DIR . '/vb/search/indexcontroller/queue.php');
vb_Search_Indexcontroller_Queue::indexQueue('vBBlog', 'BlogEntry', 'index', $blogid);
vb_Search_Indexcontroller_Queue::indexQueue('vBBlog', 'BlogComment', 'group_data_change', $blogid);
if (!$condition AND $this->info['addtags'])
{
// invalidate users tag cloud
$dataman =& datamanager_init('Blog_User', $this->registry, ERRTYPE_SILENT);
$info = array('bloguserid' => $userid);
$dataman->set_existing($info);
$dataman->set('tagcloud', '');
$dataman->save();
}
$this->build_category_counters();
build_blog_stats();
// Insert entry for moderation
if ($this->fetch_field('state') == 'moderation')
{
/*insert query*/
$this->dbobject->query_write("
INSERT IGNORE INTO " . TABLE_PREFIX . "blog_moderation
(primaryid, type, dateline)
VALUES
($blogid, 'blogid', " . TIMENOW . ")
");
}
// Insert entry for moderation
if (!$this->condition AND ($this->fetch_field('state') == 'moderation' OR $this->fetch_field('state') == 'draft') OR $this->fetch_field('pending'))
{
$userinfo = array('bloguserid' => $userid);
$userdata =& datamanager_init('Blog_user', $this->registry, ERRTYPE_SILENT);
$userdata->set_existing($userinfo);
if ($this->fetch_field('state') == 'moderation' OR $this->fetch_field('state') == 'draft')
{
$userdata->set($this->fetch_field('state'), $this->fetch_field('state') . ' + 1', false);
}
if ($this->fetch_field('pending'))
{
$userdata->set('pending', 'pending + 1', false);
}
$userdata->save();
}
// Send Email Notification
if (((!$this->condition AND !$this->fetch_field('pending')) OR $this->info['send_notification']) AND ($this->fetch_field('state') == 'visible' OR $this->fetch_field('state') == 'moderation') AND $this->registry->options['enableemail'])
{
$lastposttime = $this->dbobject->query_first("
SELECT MAX(dateline) AS dateline
FROM " . TABLE_PREFIX . "blog AS blog
WHERE blogid = $blogid
AND dateline < " . $this->fetch_field('dateline') . "
AND state = 'visible'
");
$entrytitle = unhtmlspecialchars($this->fetch_field('title'));
if (defined('VBBLOG_PERMS') AND $this->registry->userinfo['userid'] == $this->fetch_field('userid'))
{
$blogtitle = unhtmlspecialchars($this->registry->userinfo['blog_title']);
$username = unhtmlspecialchars($this->registry->userinfo['username']);
$userinfo =& $this->registry->userinfo;
}
else
{
if (!defined('VBBLOG_PERMS'))
{ // Tell the fetch_userinfo plugin that we need the blog fields in case this class is being called by a non blog script
define('VBBLOG_PERMS', true);
}
$userinfo = fetch_userinfo($this->fetch_field('userid'), 1);
cache_permissions($userinfo, false);
$blogtitle = unhtmlspecialchars($userinfo['blog_title']);
if ($userinfo['userid'] != $this->fetch_field('userid'))
{
$userinfo2 = fetch_userinfo($this->fetch_field('userid'), 1);
$username = unhtmlspecialchars($userinfo2['username']);
}
else
{
$username = unhtmlspecialchars($userinfo['username']);
}
}
require_once(DIR . '/includes/class_bbcode_alt.php');
$plaintext_parser = new vB_BbCodeParser_PlainText($this->registry, fetch_tag_list());
$pagetext_cache = array(); // used to cache the results per languageid for speed
$pagetext_orig =& $this->fetch_field('pagetext', 'blog_text');
($hook = vBulletinHook::fetch_hook('blog_user_notification_start')) ? eval($hook) : false;
$useremails = $this->dbobject->query_read_slave("
SELECT
user.*,
blog_subscribeuser.blogsubscribeuserid,
bm.blogmoderatorid,
ignored.relationid AS ignoreid, buddy.relationid AS buddyid,
bu.isblogmoderator, IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid
FROM " . TABLE_PREFIX . "blog_subscribeuser AS blog_subscribeuser
INNER JOIN " . TABLE_PREFIX . "user AS user ON (blog_subscribeuser.userid = user.userid)
LEFT JOIN " . TABLE_PREFIX . "blog_moderator AS bm ON (bm.userid = user.userid)
LEFT JOIN " . TABLE_PREFIX . "userlist AS buddy ON (buddy.userid = $userid AND buddy.relationid = user.userid AND buddy.type = 'buddy')
LEFT JOIN " . TABLE_PREFIX . "userlist AS ignored ON (ignored.userid = $userid AND ignored.relationid = user.userid AND ignored.type = 'ignore')
LEFT JOIN " . TABLE_PREFIX . "blog_user AS bu ON (bu.bloguserid = user.userid)
WHERE
blog_subscribeuser.bloguserid = $userid
AND
" . ($userid == $postedby_userid ? "blog_subscribeuser.userid <> $userid AND" : "") . "
blog_subscribeuser.type = 'email'
AND
user.usergroupid <> 3
AND
user.lastactivity >= " . intval($lastposttime['dateline']) . "
");
vbmail_start();
$setoptions = $this->fetch_field('options');
$evalemail = array();
while ($touser = $this->dbobject->fetch_array($useremails))
{
cache_permissions($touser, false);
// only send private entries to contacts and moderators
if ($setoptions["{$this->bitfields['options']['private']}"] AND !$touser['buddyid'] AND !$touser['blogmoderatorid'] AND !is_member_of_blog($touser, $userinfo))
{
continue;
}
if (!($this->registry->usergroupcache["$touser[usergroupid]"]['genericoptions'] & $this->registry->bf_ugp_genericoptions['isnotbannedgroup']))
{
continue;
}
if ($this->fetch_field('state') == 'moderation')
{
if ($touser['userid'] != $userid AND !can_moderate_blog('canmoderateentries', $touser))
{
continue;
}
}
if (!empty($this->info['categories']))
{
prepare_blog_category_permissions($touser);
if (array_intersect($touser['blogcategorypermissions']['cantview'], $this->info['categories']) AND $userinfo['userid'] != $touser['userid'])
{
continue;
}
}
if (!($touser['permissions']['vbblog_general_permissions'] & $this->registry->bf_ugp_vbblog_general_permissions['blog_canviewothers']))
{
continue;
}
else if (
!$touser['blogmoderatorid']
AND
!($touser['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'])
AND
!($touser['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['ismoderator'])
AND
(!$userinfo['ignore_canviewmyblog'] OR !$touser['ignoreid'])
AND
(!$userinfo['buddy_canviewmyblog'] OR !$touser['buddyid'])
AND
(!$userinfo['member_canviewmyblog'] OR (!$userinfo['buddy_canviewmyblog'] AND $touser['budyid']) OR (!$userinfo['ignore_canviewmyblog'] AND $touser['ignoreid']))
AND
!is_member_of_blog($touser, $userinfo)
)
{
continue;
}
$touser['username'] = unhtmlspecialchars($touser['username']);
$touser['languageid'] = iif($touser['languageid'] == 0, $this->registry->options['languageid'], $touser['languageid']);
$touser['auth'] = md5($touser['userid'] . $touser['blogsubscribeuserid'] . $touser['salt'] . COOKIE_SALT);
if (empty($evalemail))
{
$email_texts = $this->dbobject->query_read_slave("
SELECT text, languageid, fieldname
FROM " . TABLE_PREFIX . "phrase
WHERE fieldname IN ('emailsubject', 'emailbody') AND varname = 'blog_user_notify'
");
while ($email_text = $this->dbobject->fetch_array($email_texts))
{
$emails["$email_text[languageid]"]["$email_text[fieldname]"] = $email_text['text'];
}
require_once(DIR . '/includes/functions_misc.php');
foreach ($emails AS $languageid => $email_text)
{
// lets cycle through our array of notify phrases
$text_message = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailbody']), $emails['-1']['emailbody'], $email_text['emailbody'])));
$text_message = replace_template_variables($text_message);
$text_subject = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailsubject']), $emails['-1']['emailsubject'], $email_text['emailsubject'])));
$text_subject = replace_template_variables($text_subject);
$evalemail["$languageid"] = '
$message = "' . $text_message . '";
$subject = "' . $text_subject . '";
';
}
}
// parse the page text into plain text, taking selected language into account
if (!isset($pagetext_cache["$touser[languageid]"]))
{
$plaintext_parser->set_parsing_language($touser['languageid']);
$pagetext_cache["$touser[languageid]"] = $plaintext_parser->parse($pagetext_orig);
}
$pagetext = $pagetext_cache["$touser[languageid]"];
($hook = vBulletinHook::fetch_hook('blog_user_notification_message')) ? eval($hook) : false;
eval(iif(empty($evalemail["$touser[languageid]"]), $evalemail["-1"], $evalemail["$touser[languageid]"]));
vbmail($touser['email'], $subject, $message);
}
unset($plaintext_parser, $pagetext_cache);
vbmail_end();
}
$this->post_save_each_blogtext($doquery);
if ($this->fetch_field('dateline') <= TIMENOW)
{
$this->insert_dupehash($this->fetch_field('blogid'));
}
if ($this->condition AND $this->info['emailupdate'] == 'none' AND ($userid != $this->registry->userinfo['userid'] OR ($userid == $this->registry->userinfo['userid'] AND $this->existing['entrysubscribed'])))
{
$this->dbobject->query_write("
DELETE FROM " . TABLE_PREFIX . "blog_subscribeentry
WHERE blogid = $blogid AND userid = $userid
");
}
else if ($this->info['emailupdate'] == 'email' OR $this->info['emailupdate'] == 'usercp')
{
$this->dbobject->query_write("
REPLACE INTO " . TABLE_PREFIX . "blog_subscribeentry
(blogid, dateline, type, userid)
VALUES
($blogid, " . TIMENOW . ", '" . $this->info['emailupdate'] . "', $userid)
");
}
($hook = vBulletinHook::fetch_hook('blog_fpdata_postsave')) ? eval($hook) : false;
}
$saveparsed .= ',';
}
$saveparsed .= "({$comment['blogtextid']}, " . intval($bloginfo['lastcomment']) . ', ' . intval($response_handler->parsed_cache['has_images']) . ", '" . $db->escape_string($response_handler->parsed_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
}
if ($comment['dateline'] > $displayed_dateline) {
$displayed_dateline = $comment['dateline'];
}
if ($comment['state'] == 'deleted' or $ignore["{$comment['userid']}"]) {
// be aware $factory->create can change $response['state']
$show['quickload'] = true;
}
}
$show['delete'] = true;
$show['undelete'] = true;
$show['approve'] = true;
$show['inlinemod'] = (($show['delete'] or $show['approve'] or $show['undelete']) and (can_moderate_blog() or !empty($userinfo) and is_member_of_blog($vbulletin->userinfo, $userinfo)));
if ($userinfo) {
$blogheader = parse_blog_description($userinfo);
$sidebar =& build_user_sidebar($userinfo, $month, $year);
$navbits[fetch_seo_url('blog', array('userid' => $userinfo['userid'], 'title' => $blogheader['title']))] = $blogheader['title'];
} else {
$sidebar =& build_overview_sidebar();
}
if ($type) {
$navbits[] = $vbphrase[$type . '_comments'];
} else {
$navbits[] = $vbphrase['comments'];
}
if ($vbulletin->options['quickedit']) {
$show['quickedit'] = true;
$templater = vB_Template::create('editor_clientscript');
/**
* Prepare any data needed for the output
*
* @param string The id of the block
* @param array Options specific to the block
*/
function prepare_output($id = '', $options = array())
{
global $show, $vbphrase;
if (!$this->registry->userinfo['userid'])
{
prepare_blog_category_permissions($this->registry->userinfo);
}
$show['lastentry'] = true;
$this->block_data['entries'] = vb_number_format($this->profile->userinfo['entries']);
$this->block_data['lastblogtitle'] = '';
$this->block_data['lastblogdate'] = $vbphrase['never'];
$this->block_data['lastblogtime'] = '';
$memberblogs = explode(',', $this->profile->userinfo['memberblogids']);
if (count($memberblogs) > 1)
{
$sqland = array(
"bu.bloguserid IN (" . $this->profile->userinfo['memberblogids'] . ")"
);
if (!($this->registry->userinfo['permissions']['vbblog_general_permissions'] & $this->registry->bf_ugp_vbblog_general_permissions['blog_canviewothers']))
{
$sqland[] = "bu.bloguserid = " . $this->registry->userinfo['userid'];
}
if (!($this->registry->userinfo['permissions']['vbblog_general_permissions'] & $this->registry->bf_ugp_vbblog_general_permissions['blog_canviewown']) AND $this->registry->userinfo['userid'])
{
$sqland[] = "bu.bloguserid <> " . $this->registry->userinfo['userid'];
}
if (trim($this->registry->options['globalignore']) != '')
{
require_once(DIR . '/includes/functions_bigthree.php');
if ($coventry = fetch_coventry('string') AND !can_moderate_blog())
{
$sqland[] = "bu.bloguserid NOT IN ($coventry)";
}
}
$sqlor = array();
$sqljoin = array();
if (!can_moderate_blog())
{
if ($this->registry->userinfo['userid'])
{
$sqlor[] = "bu.bloguserid IN (" . $this->registry->userinfo['memberblogids'] . ")";
$sqlor[] = "(options_ignore & " . $this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " AND ignored.relationid IS NOT NULL)";
$sqlor[] = "(options_buddy & " . $this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " AND buddy.relationid IS NOT NULL)";
$sqlor[] = "(options_member & " . $this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " AND (options_buddy & " .$this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " OR buddy.relationid IS NULL) AND (options_ignore & " . $this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " OR ignored.relationid IS NULL))";
$sqland[] = "(" . implode(" OR ", $sqlor) . ")";
$sqljoin[] = "LEFT JOIN " . TABLE_PREFIX . "userlist AS buddy ON (buddy.userid = bu.bloguserid AND buddy.relationid = " . $this->registry->userinfo['userid'] . " AND buddy.type = 'buddy')";
$sqljoin[] = "LEFT JOIN " . TABLE_PREFIX . "userlist AS ignored ON (ignored.userid = bu.bloguserid AND ignored.relationid = " . $this->registry->userinfo['userid'] . " AND ignored.type = 'ignore')";
}
else
{
$sqland[] = "options_guest & " . $this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'];
$sqland[] = "~blog.options & " . $this->registry->bf_misc_vbblogoptions['private'];
}
}
if ($this->registry->userinfo['userid'] AND in_coventry($this->registry->userinfo['userid'], true))
{
$sqlfields[] = "IF(blog_tachyentry.userid IS NULL, blog.lastcomment, blog_tachyentry.lastcomment) AS lastcomment";
$sqlfields[] = "IF(blog_tachyentry.userid IS NULL, blog.lastcommenter, blog_tachyentry.lastcommenter) AS lastcommenter";
$sqlfields[] = "IF(blog_tachyentry.userid IS NULL, blog.lastblogtextid, blog_tachyentry.lastblogtextid) AS lastblogtextid";
$sqljoin[] = "LEFT JOIN " . TABLE_PREFIX . "blog_tachyentry AS blog_tachyentry ON (blog_tachyentry.blogid = bu.lastblogid AND blog_tachyentry.userid = " . $this->registry->userinfo['userid'] . ")";
$sqljoin[] = "LEFT JOIN " . TABLE_PREFIX . "blog_text AS blog_text ON (blog_text.blogtextid = IF(blog_tachyentry.userid IS NULL, blog.lastblogtextid, blog_tachyentry.lastblogtextid))";
}
else
{
$sqljoin[] = "LEFT JOIN " . TABLE_PREFIX . "blog_text AS blog_text ON (blog_text.blogtextid = bu.lastblogtextid)";
}
$temp = $show['inlinemod'];
$show['inlinemod'] = false;
$blogs = $this->registry->db->query_read_slave("
SELECT
user.*,
IF(bu.title, bu.title, user.username) AS blogtitle, user.userid, user.username,
bu.lastblog, bu.lastblogid AS lastblogid, bu.lastblogtitle,
bu.lastcomment, bu.lastblogtextid AS lastblogtextid, bu.lastcommenter, bu.options_member, bu.options_buddy,
bu.ratingnum, bu.ratingtotal, bu.title, bu.entries, bu.comments, bu.title, blog.categories,
blog2.categories AS categories_lastcomment
FROM " . TABLE_PREFIX . "blog_user AS bu
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = bu.bloguserid)
LEFT JOIN " . TABLE_PREFIX . "blog AS blog ON (blog.blogid = bu.lastblogid)
" . (!empty($sqljoin) ? implode("\r\n", $sqljoin) : "") . "
LEFT JOIN " . TABLE_PREFIX . "blog AS blog2 ON (blog2.blogid = blog_text.blogid)
WHERE " . implode("\r\n\tAND ", $sqland) . "
");
while ($blog = $this->registry->db->fetch_array($blogs))
{
$blog = array_merge($blog, convert_bits_to_array($blog['options'], $this->registry->bf_misc_useroptions));
$blog = array_merge($blog, convert_bits_to_array($blog['adminoptions'], $this->registry->bf_misc_adminoptions));
$show['private'] = false;
if (can_moderate() AND $blog['userid'] != $this->registry->userinfo['userid'])
{
$membercanview = $blog['options_member'] & $this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'];
$buddiescanview = $blog['options_buddy'] & $this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'];
if (!$membercanview AND (!$blog['buddyid'] OR !$buddiescanview))
{
$show['private'] = true;
}
}
$blog['entries'] = vb_number_format($blog['entries']);
$blog['comments'] = vb_number_format($blog['comments']);
$blog['lastentrydate'] = vbdate($this->registry->options['dateformat'], $blog['lastblog'], true);
$blog['lastentrytime'] = vbdate($this->registry->options['timeformat'], $blog['lastblog']);
$blog['entrytitle'] = fetch_trimmed_title($blog['lastblogtitle'], 20);
if ($blog['title'])
{
$blog['title'] = fetch_trimmed_title($blog['title'], 50);
}
$lastentrycats = explode(',', $blog['categories']);
$lastcommentcats = explode(',', $blog['categories_lastcomment']);
$show['lastentry'] = array_intersect($this->registry->userinfo['blogcategorypermissions']['cantview'], $lastentrycats) ? false : true;
$show['lastcomment'] = array_intersect($this->registry->userinfo['blogcategorypermissions']['cantview'], $lastcommentcats) ? false : true;
$templater = vB_Template::create('blog_blog_row');
$templater->register('blog', $blog);
$templater->register('thread', $thread);
$groupbits .= $templater->render();
}
$this->block_data['groupblogs'] = $groupbits;
$show['inlinemod'] = $temp;
}
if (!in_coventry($this->profile->userinfo['userid']) AND ($this->profile->userinfo['lastblog']))
{
$sql_and = array();
$state = array('visible');
$sql_and[] = "blog.state IN('" . implode("', '", $state) . "')";
$sql_and[] = "blog.dateline <= " . TIMENOW;
$sql_and[] = "blog.pending = 0";
$sql_and[] = "blog.userid = " . $this->profile->userinfo['userid'];
if (!can_moderate_blog() AND $this->profile->userinfo['userid'] != $this->registry->userinfo['userid'] AND !$bloginfo['buddyid'])
{
$sql_and[] = "~blog.options & " . $this->registry->bf_misc_vbblogoptions['private'];
}
if (!empty($this->registry->userinfo['blogcategorypermissions']['cantview']) AND $this->profile->userinfo['userid'] != $this->registry->userinfo['userid'])
{
$joinsql = "LEFT JOIN " . TABLE_PREFIX . "blog_categoryuser AS cu ON (cu.blogid = blog.blogid AND cu.blogcategoryid IN (" . implode(", ", $this->registry->userinfo['blogcategorypermissions']['cantview']) . "))";
$sql_and[] = "cu.blogcategoryid IS NULL";
}
$blogids = array();
$blogs = $this->registry->db->query_read_slave("
SELECT blog.blogid, blog.attach
FROM " . TABLE_PREFIX . "blog AS blog
$joinsql
WHERE " . implode("\r\n\tAND ", $sql_and) . "
ORDER BY blog.dateline DESC
LIMIT 5
");
while ($blog = $this->registry->db->fetch_array($blogs))
{
$blogids[] = $blog['blogid'];
$attachcount += $blog['attach'];
}
if ($blogids)
{
// Query Attachments
if ($attachcount)
{
require_once(DIR . '/packages/vbattach/attach.php');
$attach = new vB_Attach_Display_Content($this->registry, 'vBBlog_BlogEntry');
$postattach = $attach->fetch_postattach(0, $blogids);
}
$this->block_data['lastblogtitle'] = $this->profile->userinfo['lastblogtitle'];
$this->block_data['lastblogdate'] = vbdate($this->registry->options['dateformat'], $this->profile->userinfo['lastblog']);
$this->block_data['lastblogtime'] = vbdate($this->registry->options['timeformat'], $this->profile->userinfo['lastblog'], true);
$categories = array();
$cats = $this->registry->db->query_read_slave("
SELECT blogid, title, blog_category.blogcategoryid, blog_categoryuser.userid, blog_category.userid AS creatorid
FROM " . TABLE_PREFIX . "blog_categoryuser AS blog_categoryuser
LEFT JOIN " . TABLE_PREFIX . "blog_category AS blog_category ON (blog_category.blogcategoryid = blog_categoryuser.blogcategoryid)
WHERE blogid IN (" . implode(',', $blogids) . ")
ORDER BY blogid, displayorder
");
while ($cat = $this->registry->db->fetch_array($cats))
{
$categories["$cat[blogid]"][] = $cat;
}
require_once(DIR . '/includes/class_bbcode_blog.php');
require_once(DIR . '/includes/class_blog_entry.php');
$bbcode = new vB_BbCodeParser_Blog_Snippet($this->registry, fetch_tag_list());
$factory = new vB_Blog_EntryFactory($this->registry, $bbcode, $categories);
$first = true;
// Last Five Entries
$entries = $this->registry->db->query_read_slave("
SELECT blog.*, blog.options AS blogoptions, blog_text.pagetext, blog_text.allowsmilie, blog_text.ipaddress, blog_text.reportthreadid,
blog_text.ipaddress AS blogipaddress,
user.*, userfield.*, usertextfield.*
" . (($this->registry->options['threadvoted'] AND $this->registry->userinfo['userid']) ? ', blog_rate.vote' : '') . "
" . (!($this->registry->userinfo['permissions']['genericpermissions'] & $this->registry->bf_ugp_genericpermissions['canseehiddencustomfields']) ? $this->registry->profilefield['hidden'] : "") . "
" . (($this->registry->options['threadmarking'] AND $this->registry->userinfo['userid']) ? ", blog_read.readtime AS blogread, blog_userread.readtime AS bloguserread" : "") . "
FROM " . TABLE_PREFIX . "blog AS blog
INNER JOIN " . TABLE_PREFIX . "blog_text AS blog_text ON (blog_text.blogtextid = blog.firstblogtextid)
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (blog.userid = user.userid)
LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)
LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)
" . (($this->registry->options['threadmarking'] AND $this->registry->userinfo['userid']) ? "
LEFT JOIN " . TABLE_PREFIX . "blog_read AS blog_read ON (blog_read.blogid = blog.blogid AND blog_read.userid = " . $this->registry->userinfo['userid'] . ")
LEFT JOIN " . TABLE_PREFIX . "blog_userread AS blog_userread ON (blog_userread.bloguserid = blog.userid AND blog_userread.userid = " . $this->registry->userinfo['userid'] . ")
" : "") . "
" . (($this->registry->options['threadvoted'] AND $this->registry->userinfo['userid']) ? "LEFT JOIN " . TABLE_PREFIX . "blog_rate AS blog_rate ON (blog_rate.blogid = blog.blogid AND blog_rate.userid = " . $this->registry->userinfo['userid'] . ")" : '') . "
WHERE blog.blogid IN (" . implode(',', $blogids) . ")
ORDER BY blog.dateline DESC
LIMIT 5
");
while ($blog = $this->registry->db->fetch_array($entries))
{
if ($first)
{
$show['latestentry'] = true;
$first = false;
}
else
{
$show['latestentry'] = false;
}
$entry_handler =& $factory->create($blog, '_Profile');
$entry_handler->cachable = false;
$entry_handler->excerpt = true;
$entry_handler->attachments = $postattach["$blog[blogid]"];
$this->block_data['latestentries'] .= $entry_handler->construct();
}
// Comments
$state = array('visible');
$commentstate = array('visible');
$sql_and = array();
$sql_and[] = "blog.state IN('" . implode("', '", $state) . "')";
$sql_and[] = "blog.dateline <= " . TIMENOW;
$sql_and[] = "blog.pending = 0";
$sql_and[] = "blog_text.state IN('" . implode("', '", $commentstate) . "')";
$sql_and[] = "blog.firstblogtextid <> blog_text.blogtextid";
$sql_and[] = "blog_text.bloguserid = " . $this->profile->userinfo['userid'];
if (!can_moderate_blog() AND !is_member_of_blog($this->registry->userinfo, $this->profile->userinfo) AND !$bloginfo['buddyid'])
{
$sql_and[] = "~blog.options & " . $this->registry->bf_misc_vbblogoptions['private'];
}
if (!empty($this->registry->userinfo['blogcategorypermissions']['cantview']) AND $this->profile->userinfo['userid'] != $this->registry->userinfo['userid'])
{
$joinsql = "LEFT JOIN " . TABLE_PREFIX . "blog_categoryuser AS cu ON (cu.blogid = blog.blogid AND cu.blogcategoryid IN (" . implode(", ", $this->registry->userinfo['blogcategorypermissions']['cantview']) . "))";
$sql_and[] = "cu.blogcategoryid IS NULL";
}
$this->registry->options['vbblog_snippet'] = 20;
require_once(DIR . '/includes/class_blog_response.php');
$bbcode = new vB_BbCodeParser_Blog_Snippet_Featured($this->registry, fetch_tag_list());
$factory = new vB_Blog_ResponseFactory($this->registry, $bbcode, $bloginfo);
$comments = $this->registry->db->query_read_slave("
SELECT
blog_text.username AS postusername, blog_text.ipaddress AS blogipaddress, blog_text.state, blog_text.blogtextid, blog_text.title, blog_text.dateline, blog_text.pagetext, blog_text.allowsmilie,
blog.userid AS blog_userid, blog.blogid, blog.title AS entrytitle, blog.state AS blog_state, blog.firstblogtextid, blog.options AS blogoptions, blog_user.memberids, blog_user.memberblogids, blog.postedby_userid, blog.postedby_username,
user2.usergroupid AS blog_usergroupid, user2.infractiongroupids AS blog_inractiongroupids, user2.membergroupids AS blog_membergroupids,
user.*,
blog_user.title AS blogtitle,
IF(user.displaygroupid = 0, user.usergroupid, user.displaygroupid) AS displaygroupid, user.infractiongroupid, options_ignore, options_buddy, options_member, options_guest, blog.userid AS blog_userid,
blog.state AS blog_state, blog.firstblogtextid
" . ($this->registry->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "
" . (($this->registry->options['threadmarking'] AND $this->registry->userinfo['userid']) ? ", blog_read.readtime AS blogread, blog_userread.readtime AS bloguserread" : "") . "
" . ($vbulletin->userinfo['userid'] ? ", gm.permissions AS grouppermissions" : "") . "
FROM " . TABLE_PREFIX . "blog_text AS blog_text
LEFT JOIN " . TABLE_PREFIX . "blog AS blog ON (blog.blogid = blog_text.blogid)
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = blog_text.userid)
LEFT JOIN " . TABLE_PREFIX . "user AS user2 ON (user2.userid = blog.userid)
LEFT JOIN " . TABLE_PREFIX . "blog_user AS blog_user ON (blog_user.bloguserid = blog.userid)
" . (($this->registry->options['threadmarking'] AND $this->registry->userinfo['userid']) ? "
LEFT JOIN " . TABLE_PREFIX . "blog_read AS blog_read ON (blog_read.blogid = blog.blogid AND blog_read.userid = " . $this->registry->userinfo['userid'] . ")
LEFT JOIN " . TABLE_PREFIX . "blog_userread AS blog_userread ON (blog_userread.bloguserid = blog.userid AND blog_userread.userid = " . $this->registry->userinfo['userid'] . ")
" : "") . "
" . ($vbulletin->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "blog_groupmembership AS gm ON (blog.userid = gm.bloguserid AND gm.userid = " . $vbulletin->userinfo['userid'] . ")" : '') . "
" . ($this->registry->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "
$joinsql
WHERE " . implode("\r\n\tAND ", $sql_and) . "
ORDER BY blog_text.dateline DESC
LIMIT 5
");
while ($comment = $this->registry->db->fetch_array($comments))
{
$bloginfo = array(
'blogid' => $comment['blogid'],
'userid' => $comment['blog_userid'],
'state' => $comment['blog_state'],
'firstblogtextid' => $comment['firstblogtextid'],
'blogread' => $comment['blogread'],
'bloguserread' => $comment['bloguserread'],
'usergroupid' => $comment['blog_usergroupid'],
'infractiongroupids' => $comment['blog_infractiongroupids'],
'membergroupids' => $comment['blog_membergroupids'],
'memberids' => $comment['memberids'],
'memberblogids' => $comment['memberblogids'],
'postedby_userid' => $comment['postedby_userid'],
'postedby_username' => $comment['postedby_username'],
'grouppermissions' => $comment['grouppermissions'],
);
cache_permissions($bloginfo, false);
$response_handler->bloginfo =& $bloginfo;
$response_handler =& $factory->create($comment, 'Comment_Profile');
$response_handler->cachable = false;
$response_handler->linkblog = true;
$this->block_data['commentsreceived'] .= $response_handler->construct();
}
}
}
}
/**
* Converts are blog ids to titles for Who's Online
*
* @return void
*/
function blog_online_ids_titles()
{
global $blogids, $blogtextids, $blogtrackbackids, $bloguserids, $vbulletin;
global $wol_blog, $wol_blogtext, $wol_blogtrackback, $wol_bloguser, $wol_user;
if ($blogtrackbackids)
{
$blograckbackidquery = $vbulletin->db->query_read_slave("
SELECT blogid, blogtrackbackid
FROM " . TABLE_PREFIX . "blog_trackback
WHERE blogtrackbackid IN (0$blogtrackbackids)
");
while ($blogtrackbackidqueryr = $vbulletin->db->fetch_array($blogtrackbackidquery))
{
$blogids .= ',' . $blogtrackbackidqueryr['blogid'];
$wol_blogtrackback["$blogtrackbackidqueryr[blogtrackbackid]"] = $blogtrackbackidqueryr['blogid'];
}
}
if ($blogtextids)
{
$blogtextidquery = $vbulletin->db->query_read_slave("
SELECT blogid, blogtextid, title
FROM " . TABLE_PREFIX . "blog_text
WHERE blogtextid IN (0$blogtextids)
");
while ($blogtextidqueryr = $vbulletin->db->fetch_array($blogtextidquery))
{
$blogids .= ',' . $blogtextidqueryr['blogid'];
$wol_blogtext["$blogtextidqueryr[blogtextid]"]['blogid'] = $blogtextidqueryr['blogid'];
$wol_blogtext["$blogtextidqueryr[blogtextid]"]['title'] = $blogtextidqueryr['title'];
}
}
if ($blogids)
{
$blogresults = $vbulletin->db->query_read_slave("
SELECT blog.title, blogid, blog.userid, state, blog.options
FROM " . TABLE_PREFIX . "blog AS blog
LEFT JOIN " . TABLE_PREFIX . "blog_user AS blog_user ON (blog_user.bloguserid = blog.userid)
WHERE blogid IN (0$blogids)
");
while ($blogresult = $vbulletin->db->fetch_array($blogresults))
{
$wol_blog["$blogresult[blogid]"]['title'] = $blogresult['title'];
$wol_blog["$blogresult[blogid]"]['userid'] = $blogresult['userid'];
$wol_blog["$blogresult[blogid]"]['state'] = $blogresult['state'];
$wol_blog["$blogresult[blogid]"]['private'] = ($blogresult['options'] & $vbulletin->bf_misc_vbblogoptions['private']);
$bloguserids .= ",$blogresult[userid]";
}
}
if ($bloguserids)
{
$fields = $joins = '';
if ($vbulletin->userinfo['userid'])
{
$fields = ", ignored.relationid AS ignoreid, buddy.relationid AS buddyid";
$joins = "
LEFT JOIN " . TABLE_PREFIX . "userlist AS ignored ON (ignored.userid = bu.bloguserid AND ignored.relationid = " . $vbulletin->userinfo['userid'] . " AND ignored.type = 'ignore')
LEFT JOIN " . TABLE_PREFIX . "userlist AS buddy ON (buddy.userid = bu.bloguserid AND buddy.relationid = " . $vbulletin->userinfo['userid'] . " AND buddy.type = 'buddy')
";
}
$userresults = $vbulletin->db->query_read_slave("
SELECT bu.title, bu.bloguserid, bu.options_member, bu.options_guest, bu.options_buddy, bu.options_ignore, bu.memberids, bu.memberblogids,
user.userid, user.username, IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, user.infractiongroupid, user.usergroupid, user.membergroupids
$fields
FROM " . TABLE_PREFIX . "blog_user AS bu
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (bu.bloguserid = user.userid)
$joins
WHERE bu.bloguserid IN (0$bloguserids)
");
while ($userresult = $vbulletin->db->fetch_array($userresults))
{
cache_permissions($userresult, false);
fetch_musername($userresult);
$wol_user["$userresult[userid]"] = $userresult['musername'];
$member = ($userresult['options_member'] & $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] ? 1 : 0);
$guest = ($userresult['options_guest'] & $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] ? 1 : 0);
$buddy = ($userresult['options_buddy'] & $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] ? 1 : 0);
$ignore = ($userresult['options_ignore'] & $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] ? 1 : 0);
$wol_bloguser["$userresult[bloguserid]"]['title'] = $userresult['title'];
$wol_bloguser["$userresult[bloguserid]"]['canviewmyblog'] =
(
(
!$userresult['buddyid']
OR
$buddy
)
AND
(
!$userresult['ignoreid']
OR
$ignore
)
AND
(
(
$member
AND
$vbulletin->userinfo['userid']
)
OR
(
$guest
AND
!$vbulletin->userinfo['userid']
)
)
OR
(
$ignore
AND
$userresult['ignoreid']
)
OR
(
$buddy
AND
$userresult['buddyid']
)
OR
$userresult['userid'] == $vbulletin->userinfo['userid']
OR
can_moderate_blog()
OR
is_member_of_blog($vbulletin->userinfo, $userresult)
) ? true : false;
}
}
}
/**
* Fetches the permission value for a specific blog comment
*
* @param string The permission to check
* @param array An array of information about the blog entry
* @param array An array of information about the blog comment
*
* @return boolean Returns true if they have the permission else false
*/
function fetch_comment_perm($perm, $entryinfo = null, $blogtextinfo = null)
{
global $vbulletin;
// Only moderator can manage a comment that is in a moderated/deleted post, not even the owner of the post can manage in this situation.
if (
// Deleted Post
($entryinfo['state'] == 'deleted' AND !can_moderate_blog('candeleteentries') AND ($perm != 'canviewcomments' OR !is_member_of_blog($vbulletin->userinfo, $entryinfo['userid'])))
OR
// Moderated Post
($entryinfo['state'] == 'moderation' AND !can_moderate_blog('canmoderateentries') AND ($perm != 'canviewcomments' OR !is_member_of_blog($vbulletin->userinfo, $entryinfo)))
)
{
return false;
}
switch ($perm)
{
case 'canviewcomments':
return
(
(
($blogtextinfo['state'] != 'deleted' OR can_moderate_blog('candeletecomments') OR is_member_of_blog($vbulletin->userinfo, $entryinfo))
AND
($blogtextinfo['state'] != 'moderation' OR is_member_of_blog($vbulletin->userinfo, $entryinfo) OR $vbulletin->userinfo['userid'] == $blogtextinfo['userid'] OR fetch_comment_perm('canmoderatecomments', $entryinfo, $blogtextinfo))
)
);
case 'caneditcomments':
return
(
(
$entryinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
)
OR
(
is_member_of_blog($vbulletin->userinfo, $entryinfo)
AND
$entryinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
AND
(
(
$vbulletin->userinfo['userid'] == $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanagecomments']
)
OR
(
$vbulletin->userinfo['userid'] != $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanageotherentry']
)
)
)
OR
(
($blogtextinfo['state'] == 'visible' OR $blogtextinfo['state'] == 'moderation')
AND
$blogtextinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_comment_permissions'] & $vbulletin->bf_ugp_vbblog_comment_permissions['blog_caneditowncomment']
)
OR
(
can_moderate_blog('caneditcomments')
AND
(
$blogtextinfo['state'] != 'moderation' OR fetch_comment_perm('canmoderatecomments', $entryinfo, $blogtextinfo)
)
AND
(
$blogtextinfo['state'] != 'deleted' OR fetch_comment_perm('candeletecomments', $entryinfo, $blogtextinfo)
)
)
);
case 'canmoderatecomments':
return
(
(
$entryinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
)
OR
(
is_member_of_blog($vbulletin->userinfo, $entryinfo)
AND
$entryinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
AND
(
(
$vbulletin->userinfo['userid'] == $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanagecomments']
)
OR
(
$vbulletin->userinfo['userid'] != $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanageotherentry']
)
)
)
OR
(
($blogtextinfo['state'] != 'deleted' OR can_moderate('candeletecomments'))
AND
can_moderate_blog('canmoderatecomments')
)
);
case 'candeletecomments':
return
(
(
$entryinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
)
OR
(
is_member_of_blog($vbulletin->userinfo, $entryinfo)
AND
$entryinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
AND
(
(
$vbulletin->userinfo['userid'] == $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanagecomments']
)
OR
(
$vbulletin->userinfo['userid'] != $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanageotherentry']
)
)
)
OR
(
can_moderate_blog('candeletecomments')
)
OR
(
$blogtextinfo['state'] == 'visible'
AND
$blogtextinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_comment_permissions'] & $vbulletin->bf_ugp_vbblog_comment_permissions['blog_candeleteowncomment']
)
);
case 'canremovecomments':
return
(
(
$entryinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
)
OR
(
is_member_of_blog($vbulletin->userinfo, $entryinfo)
AND
$entryinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
AND
(
(
$vbulletin->userinfo['userid'] == $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanagecomments']
)
)
)
OR
(
can_moderate_blog('canremovecomments')
)
);
case 'canundeletecomments':
return
(
(
$entryinfo['userid'] == $vbulletin->userinfo['userid']
AND
$vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
)
OR
(
is_member_of_blog($vbulletin->userinfo, $entryinfo)
AND
$entryinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']
AND
(
(
$vbulletin->userinfo['userid'] == $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanagecomments']
)
OR
(
$vbulletin->userinfo['userid'] != $entryinfo['postedby_userid']
AND
$entryinfo['grouppermissions'] & $vbulletin->bf_misc_vbbloggrouppermissions['canmanageotherentry']
)
)
)
OR
(
can_moderate_blog('candeletecomments')
)
);
default:
$handled = false;
($hook = vBulletinHook::fetch_hook('blog_fetch_comment_perm')) ? eval($hook) : false;
if (!$handled)
{
trigger_error('fetch_comment_perm(): Argument #1; Invalid permission specified', E_USER_ERROR);
}
}
}
/**
* pre_delete function - extend if the contenttype needs to do anything
*
* @param array list of deleted attachment ids to delete
* @param boolean verify permission to delete
*
* @return boolean
*/
public function pre_delete($list, $checkperms = true)
{
@ignore_user_abort(true);
// init lists
$this->lists = array(
'bloglist' => array(),
);
if ($checkperms)
{
// Verify that we have permission to view these attachmentids
$attachmultiple = new vB_Attachment_Display_Multiple($this->registry);
$attachments = $attachmultiple->fetch_results("a.attachmentid IN (" . implode(", ", $list) . ")");
if (count($list) != count($attachments))
{
return false;
}
}
$replaced = array();
$ids = $this->registry->db->query_read("
SELECT
a.attachmentid, a.userid, IF(a.contentid = 0, 1, 0) AS inprogress,
blog.blogid, blog.firstblogtextid, blog.dateline AS blog_dateline, blog.state, blog.postedby_userid,
bu.memberids, bu.memberblogids,
gm.permissions AS grouppermissions,
user.membergroupids, user.usergroupid, user.infractiongroupids,
blog_deletionlog.moddelete AS del_moddelete, blog_deletionlog.userid AS del_userid, blog_deletionlog.username AS del_username, blog_deletionlog.reason AS del_reason
FROM " . TABLE_PREFIX . "attachment AS a
LEFT JOIN " . TABLE_PREFIX . "blog AS blog ON (blog.blogid = a.contentid)
LEFT JOIN " . TABLE_PREFIX . "blog_user AS bu ON (bu.bloguserid = blog.userid)
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = blog.userid)
LEFT JOIN " . TABLE_PREFIX . "blog_groupmembership AS gm ON (blog.userid = gm.bloguserid AND gm.userid = " . $this->registry->userinfo['userid'] . ")
LEFT JOIN " . TABLE_PREFIX . "blog_deletionlog AS blog_deletionlog ON (blog.blogid = blog_deletionlog.primaryid AND blog_deletionlog.type = 'blogid')
WHERE
a.attachmentid IN (" . implode(", ", $list) . ")
");
while ($id = $this->registry->db->fetch_array($ids))
{
cache_permissions($id, false);
if ($checkperms AND !$id['inprogress'] AND !fetch_entry_perm('edit', $id))
{
return false;
}
if ($id['blogid'])
{
$this->lists['bloglist']["{$id['blogid']}"]++;
if ($this->log)
{
if (($this->registry->userinfo['permissions']['genericoptions'] & $this->registry->bf_ugp_genericoptions['showeditedby']) AND $id['p_dateline'] < (TIMENOW - ($this->registry->options['noeditedbytime'] * 60)))
{
if (empty($replaced["$id[firstblogtextid]"]))
{
/*insert query*/
$this->registry->db->query_write("
REPLACE INTO " . TABLE_PREFIX . "blog_editlog
(blogtextid, userid, username, dateline)
VALUES
(
$id[firstblogtextid],
" . $this->registry->userinfo['userid'] . ",
'" . $this->registry->db->escape_string($this->registry->userinfo['username']) . "',
" . TIMENOW . "
)
");
$replaced["$id[firstblogtextid]"] = true;
}
}
if (!is_member_of_blog($this->registry->userinfo, $id) AND can_moderate_blog('caneditentries'))
{
$bloginfo = array(
'blogid' => $id['blogid'],
'attachmentid' => $id['attachmentid'],
);
require_once(DIR . '/includes/blog_functions_log_error.php');
log_moderator_action($bloginfo, 'attachment_removed');
}
}
}
}
return true;
}
/**
* Fetch the user's ability to post a comment
*
* @param array $bloginfo from fetch_bloginfo or equivalent
* @param array $userinfo from fetch_userinfo or equivalent
*
* @return bool
*/
function fetch_can_comment($bloginfo, $userinfo)
{
global $vbulletin;
return (
$bloginfo['cancommentmyblog']
AND
($bloginfo['allowcomments'] OR is_member_of_blog($userinfo, $bloginfo) OR can_moderate_blog('', $userinfo))
AND
(
(($userinfo['permissions']['vbblog_comment_permissions'] & $vbulletin->bf_ugp_vbblog_comment_permissions['blog_cancommentown']) AND $bloginfo['userid'] == $userinfo['userid'])
OR
(($userinfo['permissions']['vbblog_comment_permissions'] & $vbulletin->bf_ugp_vbblog_comment_permissions['blog_cancommentothers']) AND $bloginfo['userid'] != $userinfo['userid'])
)
AND
(
(
$bloginfo['state'] == 'moderation'
AND
(
can_moderate_blog('canmoderateentries', $userinfo)
OR
(
$userinfo['userid']
AND
$bloginfo['userid'] == $userinfo['userid']
AND
$bloginfo['postedby_userid'] != $userinfo['userid']
AND
$bloginfo['membermoderate']
)
)
)
OR
$bloginfo['state'] == 'visible'
)
AND !$bloginfo['pending']
);
}
}
}
$show['delete'] = true;
$show['undelete'] = true;
$show['approve'] = true;
$show['inlinemod'] = (($show['delete'] OR $show['approve'] OR $show['undelete'])
AND
(
can_moderate_blog()
OR
(
!empty($userinfo)
AND
is_member_of_blog($vbulletin->userinfo, $userinfo)
)
));
if ($userinfo)
{
$blogheader = parse_blog_description($userinfo);
$sidebar =& build_user_sidebar($userinfo, $month, $year);
$navbits[fetch_seo_url('blog', array('userid' => $userinfo['userid'], 'title' => $blogheader['title']))] = $blogheader['title'];
}
else
{
$sidebar =& build_overview_sidebar();
}
if ($type)
function process_display()
{
global $show, $vbphrase;
static $delete, $approve;
$blog =& $this->blog;
if ($this->blog['ratingnum'] >= $this->registry->options['vbblog_ratingpost'] AND $this->blog['ratingnum'])
{
$this->blog['ratingavg'] = vb_number_format($this->blog['ratingtotal'] / $this->blog['ratingnum'], 2);
$this->blog['rating'] = intval(round($this->blog['ratingtotal'] / $this->blog['ratingnum']));
$show['rating'] = true;
}
else
{
$show['rating'] = false;
}
if (!$this->blog['blogtitle'])
{
$this->blog['blogtitle'] = $this->blog['username'];
}
$categorybits = array();
if (!empty($this->categories["{$this->blog[blogid]}"]))
{
foreach ($this->categories["{$this->blog[blogid]}"] AS $index => $category)
{
$category['blogtitle']= $this->blog['blogtitle'];
$show['cattitleonly'] = (!$category['creatorid'] AND !($this->registry->userinfo['blogcategorypermissions']["$category[blogcategoryid]"] & $this->registry->bf_ugp_vbblog_general_permissions['blog_canviewcategory']));
$templater = vB_Template::create('blog_entry_category');
$templater->register('category', $category);
$templater->register('pageinfo', array('blogcategoryid' => $category['blogcategoryid']));
$categorybits[] = $templater->render();
}
}
else
{
$category = array(
'blogcategoryid' => -1,
'title' => $vbphrase['uncategorized'],
'userid' => $this->blog['userid'],
'blogtitle' => $this->blog['blogtitle'],
);
$templater = vB_Template::create('blog_entry_category');
$templater->register('category', $category);
$templater->register('pageinfo', array('blogcategoryid' => $category['blogcategoryid']));
$categorybits[] = $templater->render();
}
$show['category'] = true;
$this->blog['categorybits'] = implode(', ', $categorybits);
$show['trackback_moderation'] = ($this->blog['trackback_moderation'] AND ($this->blog['userid'] == $this->registry->userinfo['userid'] OR can_moderate_blog('canmoderatecomments'))) ? true : false;
$show['comment_moderation'] = ($this->blog['hidden'] AND ($this->blog['userid'] == $this->registry->userinfo['userid'] OR can_moderate_blog('canmoderatecomments'))) ? true : false;
$show['edit'] = fetch_entry_perm('edit', $this->blog);
$show['delete'] = fetch_entry_perm('delete', $this->blog);
$show['remove'] = fetch_entry_perm('remove', $this->blog);
$show['undelete'] = fetch_entry_perm('undelete', $this->blog);
$show['approve'] = fetch_entry_perm('moderate', $this->blog);
$show['inlinemod'] = (($show['delete'] OR $show['remove'] OR $show['approve'] OR $show['undelete'])
AND
(
can_moderate_blog()
OR
(
!empty($this->userinfo)
AND
is_member_of_blog($this->registry->userinfo, $this->userinfo)
)
));
if ($this->blog['dateline'] > TIMENOW OR $this->blog['pending'])
{
$this->status['phrase'] = $vbphrase['pending_blog_entry'];
$this->status['image'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . "/blog/pending.gif";
$show['status'] = true;
}
else if ($this->blog['state'] == 'deleted')
{
$this->status['image'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . "/trashcan.gif";
$this->status['phrase'] = $vbphrase['deleted_blog_entry'];
$show['status'] = true;
}
else if ($this->blog['state'] == 'moderation')
{
$this->status['phrase'] = $vbphrase['moderated_blog_entry'];
$this->status['image'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . "/moderated.gif";
$show['status'] = true;
}
else if ($this->blog['state'] == 'draft')
{
$this->status['phrase'] = $vbphrase['draft_blog_entry'];
$this->status['image'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . "/blog/draft.gif";
$show['status'] = true;
}
else
{
$show['status'] = false;
}
$show['private'] = false;
if ($blog['private'])
{
$show['private'] = true;
}
else if (can_moderate() AND !is_member_of_blog($this->registry->userinfo, $blog))
{
$membercanview = $blog['options_member'] & $this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'];
$buddiescanview = $blog['options_buddy'] & $this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'];
if (!$membercanview AND (!$blog['buddyid'] OR !$buddiescanview))
{
$show['private'] = true;
}
}
if ($this->blog['edit_userid'])
{
$this->blog['edit_date'] = vbdate($this->registry->options['dateformat'], $this->blog['edit_dateline'], true);
$this->blog['edit_time'] = vbdate($this->registry->options['timeformat'], $this->blog['edit_dateline']);
if ($this->blog['edit_reason'])
{
$this->blog['edit_reason'] = fetch_word_wrapped_string($this->blog['edit_reason']);
}
$show['entryedited'] = true;
}
else
{
$show['entryedited'] = false;
}
$show['tags'] = false;
if ($this->registry->options['vbblog_tagging'])
{
require_once(DIR . '/includes/blog_functions_tag.php');
$this->blog['tag_list'] = fetch_entry_tagbits($this->blog, $this->userinfo);
$show['tag_edit'] = (
(($this->registry->userinfo['permissions']['vbblog_entry_permissions'] & $this->registry->bf_ugp_vbblog_entry_permissions['blog_cantagown']) AND $this->bloginfo['userid'] == $this->registry->userinfo['userid'])
OR ($this->registry->userinfo['permissions']['vbblog_entry_permissions'] & $this->registry->bf_ugp_vbblog_entry_permissions['blog_cantagothers'])
OR (($this->registry->userinfo['permissions']['vbblog_entry_permissions'] & $this->registry->bf_ugp_vbblog_entry_permissions['blog_candeletetagown']) AND $this->bloginfo['userid'] == $this->registry->userinfo['userid'])
OR can_moderate_blog('caneditentries')
);
$show['tags'] = ($show['tag_edit'] OR $this->blog['taglist']);
$show['notags'] = !$this->blog['taglist'];
}
}
function process_display()
{
global $show;
if (empty($this->bloginfo))
{
if ($this->factory->blog_cache["{$this->response['blogid']}"])
{
$this->bloginfo = $this->factory->blog_cache["{$this->response['blogid']}"];
}
else
{
$this->bloginfo = array(
'blogid' => $this->response['blogid'],
'userid' => $this->response['blog_userid'],
'usergroupid' => $this->response['blog_usergroupid'],
'infractiongroupids' => $this->response['blog_infractiongroupids'],
'membergroupids' => $this->response['blog_membergroupids'],
'memberids' => $this->response['memberids'],
'memberblogids' => $this->response['memberblogids'],
'postedby_userid' => $this->response['postedby_userid'],
'postedby_username' => $this->response['postedby_username'],
'grouppermissions' => $this->response['grouppermissions'],
'membermoderate' => $this->response['membermoderate'],
'allowcomments' => $this->response['allowcomments'],
'state' => $this->response['blog_state'],
'pending' => $this->response['pending'],
);
if (!isset($this->factory->perm_cache_blog["{$this->bloginfo['userid']}"]))
{
$this->factory->perm_cache_blog["{$this->bloginfo['userid']}"] = cache_permissions($this->bloginfo, false);
}
else
{
$this->bloginfo['permissions'] =& $this->factory->perm_cache_blog["{$this->bloginfo['userid']}"];
}
foreach ($this->registry->bf_misc_vbblogsocnetoptions AS $optionname => $optionval)
{
if ($this->response['private'])
{
$this->bloginfo["guest_$optionname"] = false;
$this->bloginfo["ignore_$optionname"] = false;
$this->bloginfo["member_$optionname"] = false;
}
else
{
$this->bloginfo["member_$optionname"] = ($this->response['options_member'] & $optionval ? 1 : 0);
$this->bloginfo["guest_$optionname"] = ($this->response['options_guest'] & $optionval ? 1 : 0);
$this->bloginfo["ignore_$optionname"] = ($this->response['options_ignore'] & $optionval ? 1 : 0);
}
$this->bloginfo["buddy_$optionname"] = ($this->response['options_buddy'] & $optionval ? 1 : 0);
$this->bloginfo["$optionname"] = (
(
(
!$this->response['buddyid']
OR
$this->bloginfo["buddy_$optionname"]
)
AND
(
!$this->response['ignoreid']
OR
$this->bloginfo["ignore_$optionname"]
)
AND
(
(
$this->bloginfo["member_$optionname"]
AND
$this->registry->userinfo['userid']
)
OR
(
$this->bloginfo["guest_$optionname"]
AND
!$this->registry->userinfo['userid']
)
)
)
OR
(
$this->bloginfo["ignore_$optionname"]
AND
$this->response['ignoreid']
)
OR
(
$this->bloginfo["buddy_$optionname"]
AND
$this->response['buddyid']
)
OR
is_member_of_blog($this->registry->userinfo, $this->bloginfo)
OR
can_moderate_blog()
) ? true : false;
}
$this->factory->blog_cache["{$this->response['blogid']}"] = $this->bloginfo;
}
}
$show['quotecomment'] = fetch_can_comment($this->bloginfo, $this->registry->userinfo);
$show['entryposter'] = ($this->userinfo AND $this->response['userid'] == $this->bloginfo['postedby_userid']);
$show['moderation'] = ($this->response['state'] == 'moderation');
$show['private'] = false;
if ($this->response['private'])
{
$show['private'] = true;
}
else if (can_moderate() AND $this->response['blog_userid'] != $this->registry->userinfo['userid'])
{
$membercanview = $this->response['options_member'] & $this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'];
$buddiescanview = $this->response['options_buddy'] & $this->registry->bf_misc_vbblogsocnetoptions['canviewmyblog'];
if (!$membercanview AND (!$this->response['buddyid'] OR !$buddiescanview))
{
$show['private'] = true;
}
}
$show['edit'] = fetch_comment_perm('caneditcomments', $this->bloginfo, $this->response);
$show['inlinemod'] = (
(
fetch_comment_perm('canremovecomments', $this->bloginfo)
OR
fetch_comment_perm('candeletecomments', $this->bloginfo)
OR
fetch_comment_perm('canmoderatecomments', $this->bloginfo)
OR
fetch_comment_perm('canundeletecomments', $this->bloginfo)
)
AND
(
can_moderate_blog()
OR
(
!empty($this->userinfo)
AND
is_member_of_blog($this->registry->userinfo, $this->userinfo)
)
)
);
if ($this->response['edit_userid'])
{
$this->response['edit_date'] = vbdate($this->registry->options['dateformat'], $this->response['edit_dateline'], true);
$this->response['edit_time'] = vbdate($this->registry->options['timeformat'], $this->response['edit_dateline']);
if ($this->response['edit_reason'])
{
$this->response['edit_reason'] = fetch_word_wrapped_string($this->response['edit_reason']);
}
$show['commentedited'] = true;
}
else
{
$show['commentedited'] = false;
}
}
