public function login()
{
$username = jget('username', 'txt');
$password = jget('password');
$openid = jget('openid');
if ($username == "" || $password == "") {
json_error("无法登录,用户名或密码不能为空");
}
if ($this->Config['login_by_uid']) {
is_numeric($username) && json_error("禁止使用UID登录");
}
if ($GLOBALS['_J']['plugins']['func']['login']) {
hookscript('login', 'funcs', array('param' => $this->Post, 'step' => 'check'), 'login');
}
$rets = jsg_member_login($username, $password);
$uid = (int) $rets['uid'];
if ($uid < 1) {
json_error(array_iconv($this->Config['charset'], 'utf-8', $rets['error']));
}
$r = false;
if ($openid && $uid) {
$r = jlogic('wechat')->do_bind($openid, $uid);
}
if ($r) {
json_result("绑定成功!");
} else {
json_error("绑定失败!");
}
}
public function run()
{
header('Access-Control-Allow-Origin: *');
date_default_timezone_set('Asia/Seoul');
user()->login();
if ($model = http_input('model')) {
list($model_name, $class_name, $method_name) = explode('.', $model);
$uc_first_class_name = ucfirst($class_name);
$namespace = "of\\{$model_name}\\{$uc_first_class_name}";
$obj = new $namespace();
return $obj->{$method_name}();
}
switch ($doing = http_input('do')) {
default:
if (strpos($doing, '.')) {
$doing = str_replace('.', '\\', $doing);
} else {
$doing = ucfirst($doing);
}
$name = "of\\{$doing}";
$obj = new $name();
$obj->runAjax();
json_error(-40444, "Nothing to do");
return null;
}
}
protected function executeImpl(ArrayAdapter $params)
{
$action = $params->str('action');
$gallery = $params->str('gallery');
switch ($action) {
case 'creategall':
PsGallery::makeNew($gallery, $params->str('name'));
break;
case 'save':
PsGallery::inst($gallery)->saveGallery($params->str('name'), $params->arr('images'));
break;
case 'imgadd':
PsGallery::inst($gallery)->addWebImg($params->arr('img'));
break;
case 'imgdel':
if ($params->bool('web')) {
PsGallery::inst($gallery)->deleteWebImg($params->str('file'));
} else {
PsGallery::inst($gallery)->deleteLocalImg($params->str('file'));
}
break;
default:
json_error("Unknown action [{$action}].");
}
return new AjaxSuccess();
}
/**
* 로그인 과정을 진행한다.
*
* 입력 정보는 HTTP input 의 idx_member 와 session_id 로 들어오며,
* 회원 정보를 $sys->member 에 저장하고,
* 회원 번호를 리턴한다.
*
* 이것은 module/ajax/DataLayer.php 의 회원 로그인과 비슷하며,
*
* ajax 의 model=.... 와 같이 호출하는 경우, overframe/ajax/Ajax.php 의 run() 에 의해서 호출된다.
*
* @return mixed 회원번호 또는 ajax 에러 메세지.
*/
public function login()
{
global $sys;
$in = http_input();
$in['remember'] = 'Y';
sys()->log(" =========> UserLayer::login() in: ");
if (empty($in['idx_member'])) {
return FALSE;
}
if (isset($in['idx_member']) && $in['idx_member'] && isset($in['session_id'])) {
$member = $sys->member->get($in['idx_member']);
if (empty($member)) {
json_error(-508, "User not found. Wrong idx_member.");
}
if ($this->session_id($member) != $in['session_id']) {
json_error(-507, "Wrong user session id. Your IP and location information has been reported to admin.");
}
} else {
sys()->log(" =====> No. login. in[idx_member] and in[action] is not member_register_submit, in[id], in[password] is empty. ");
return FALSE;
}
$sys->member->idx = $member['idx'];
$sys->member->info = $member;
return $sys->member->idx;
}
/**
* Validate the provided API key.
*/
public function checkAuth()
{
$api = new API();
$api->key = $_GET['key'];
try {
$api->validate_key();
} catch (Exception $e) {
json_error($e->getMessage());
die;
}
}
/**
* Check that the object can be accessed.
*
* @param mixed $id Object ID
* @return boolean|WP_Error
*/
protected function check_object($id)
{
$id = (int) $id;
$post = get_post($id, ARRAY_A);
if (empty($id) || empty($post['ID'])) {
json_error(BigAppErr::$post['code'], BigAppErr::$post['msg'], "empty {$id}");
}
if (!json_check_post_permission($post, 'edit')) {
json_error(BigAppErr::$post['code'], BigAppErr::$post['msg'], "cant read:{$id}");
}
return true;
}
function do_upload_avatar()
{
$cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('upload' => vB_Cleaner::TYPE_FILE));
if (empty($cleaned['upload'])) {
return json_error(ERR_NO_PERMISSION);
}
$upload_result = vB_Api::instance('profile')->upload($cleaned['upload']);
if (!empty($upload_result['errors'])) {
return json_error(ERR_NO_PERMISSION);
}
return true;
}
/**
* Выполнение ajax действия
*
* @param AjaxClassProvider $provider
*/
function execute_ajax_action(AbstractAjaxAction $action = null)
{
/* Для безопасности не будем писать детали обработки */
if (!$action) {
json_error('Действие не опеределено');
}
$result = $action->execute();
$result = $result ? $result : 'Ошибка выполнения действия';
if ($result instanceof AjaxSuccess) {
json_success($result->getJsParams());
}
json_error($result);
}
function handle($args)
{
/*
* Make sure we have a search term.
*/
if (!isset($args['term']) || empty($args['term'])) {
json_error('Search term not provided.');
die;
}
/*
* Clean up the search term.
*/
$term = filter_var($args['term'], FILTER_SANITIZE_STRING);
/*
* Append an asterix to the search term, so that Solr can suggest autocomplete terms.
*/
$term .= '*';
/*
* Intialize Solarium.
*/
$client = new Solarium_Client($GLOBALS['solr_config']);
/*
* Set up our query.
*/
$query = $client->createSuggester();
$query->setHandler('suggest');
$query->setQuery($term);
$query->setOnlyMorePopular(TRUE);
$query->setCount(5);
$query->setCollate(TRUE);
/*
* Execute the query.
*/
$search_results = $client->suggester($query);
/*
* If there are no results.
*/
if (count($search_results) == 0) {
$response->terms = FALSE;
} else {
$response->terms = array();
foreach ($search_results as $term => $term_result) {
$i = 0;
foreach ($term_result as $suggestion) {
$response->terms[] = array('id' => $i, 'term' => $suggestion);
$i++;
}
}
}
$this->render($response, 'OK');
}
function process_work($pdo, $worker_id, $pool_id, $response, $json_id)
{
$q = $pdo->prepare('
INSERT IGNORE INTO work_data
(worker_id, pool_id, data, time_requested)
VALUES
(:worker_id, :pool_id, :data, UTC_TIMESTAMP())
');
$data = strtolower(substr($response->result->data, 0, 152));
if (!$q->execute(array(':worker_id' => $worker_id, ':pool_id' => $pool_id, ':data' => $data))) {
json_error('Database error on INSERT into work_data: ' . json_encode($q->errorInfo()), $json_id);
}
}
/**
* 设置AK SK
* @param ak,sk
*/
public function set_ak_sk($ak, $sk)
{
$ak = trim($ak);
$sk = trim($sk);
$st = false;
if (strlen($ak) == 32 && strlen($sk) == 32) {
$ak_sk = array('ak' => $ak, 'sk' => $sk);
$st = update_option("bigapp_ak_sk", json_encode($ak_sk));
$st = true;
} else {
json_error(BigAppErr::$server['code'], __lan("app key/app secret format is wrong"), "");
}
return $st;
}
function do_subscribe_thread()
{
$userinfo = vB_Api::instance('user')->fetchUserInfo();
if ($userinfo['userid'] < 1) {
return json_error(ERR_NO_PERMISSION);
}
$cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('threadid' => vB_Cleaner::TYPE_UINT));
if (empty($cleaned['threadid'])) {
return json_error(ERR_INVALID_SUB);
}
$result = vB_Api::instance('follow')->add($cleaned['threadid'], vB_Api_Follow::FOLLOWTYPE_CONTENT);
if (empty($result) || !empty($result['errors'])) {
return json_error(ERR_INVALID_SUB);
}
return true;
}
function do_get_announcement()
{
$cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('forumid' => vB_Cleaner::TYPE_UINT));
if (!isset($cleaned['forumid']) || $cleaned['forumid'] < 1) {
return json_error(ERR_NO_PERMISSION);
}
$result = vB_Api::instance('announcement')->fetch($cleaned['forumid']);
if ($result === null || isset($result['errors'])) {
return json_error(ERR_NO_PERMISSION);
}
$posts = array();
foreach ($result as $ann) {
$posts[] = fr_parse_post($ann);
}
return array('posts' => $posts, 'total_posts' => count($posts));
}
public function actionDeleteAttachment()
{
$vals = $this->_input->filter(array('attachmentid' => XenForo_Input::UINT, 'poststarttime' => XenForo_Input::STRING));
try {
$attachment = $this->_getAttachmentOrError($vals['attachmentid']);
} catch (Exception $e) {
$error = new XenForo_Phrase('do_not_have_permission');
json_error($error->render());
}
if (!$this->_getAttachmentModel()->canDeleteAttachment($attachment, $vals['poststarttime'])) {
$error = new XenForo_Phrase('do_not_have_permission');
json_error($error->render());
}
$dw = XenForo_DataWriter::create('XenForo_DataWriter_Attachment');
$dw->setExistingData($attachment, true);
$dw->delete();
return array('success' => true);
}
protected function executeImpl(ArrayAdapter $params)
{
$action = $params->str('action');
$controller = PsLogger::controller();
switch ($action) {
case 'reset':
$controller->clearLogs();
break;
case 'on':
$controller->setLoggingEnabled(true);
break;
case 'off':
$controller->setLoggingEnabled(false);
break;
default:
json_error("Unknown action [{$action}].");
}
return new AjaxSuccess();
}
function do_upload_attachment()
{
global $vbulletin, $db, $foruminfo, $attachlib;
$vbulletin->input->clean_gpc('f', 'attachment', TYPE_FILE);
// format vbulletin expects: $files[name][x]... we only have one per post
$vbulletin->GPC['attachment'] = array('name' => array($vbulletin->GPC['attachment']['name']), 'tmp_name' => array($vbulletin->GPC['attachment']['tmp_name']), 'error' => array($vbulletin->GPC['attachment']['error']), 'size' => array($vbulletin->GPC['attachment']['size']));
if ($vbulletin->GPC['flash'] and is_array($vbulletin->GPC['attachment'])) {
$vbulletin->GPC['attachment']['utf8_names'] = true;
}
$uploadids = $attachlib->upload($vbulletin->GPC['attachment'], array(), $vbulletin->GPC['filedata']);
$uploads = explode(',', $uploadids);
if (!empty($attachlib->errors)) {
$errorlist = '';
foreach ($attachlib->errors as $error) {
$filename = htmlspecialchars_uni($error['filename']);
$errormessage = $error['error'] ? $error['error'] : $vbphrase["{$error['errorphrase']}"];
json_error($errormessage, RV_UPLOAD_ERROR);
}
}
return array('attachmentid' => $uploads[0]);
}
function do_delete_attachment()
{
$userinfo = vB_Api::instance('user')->fetchUserInfo();
if ($userinfo['userid'] < 1) {
return json_error(ERR_NO_PERMISSION);
}
$cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('attachmentid' => vB_Cleaner::TYPE_UINT));
if (empty($cleaned['attachmentid'])) {
return json_error(ERR_NO_PERMISSION);
}
$fr_attach = vB_dB_Assertor::instance()->assertQuery('ForumRunner:getAttachmentMarkerById', array('id' => $cleaned['attachmentid']));
if (empty($fr_attach)) {
return json_error(ERR_NO_PERMISSION);
}
$result = vB_Api::instance('content_attach')->deleteAttachment($fr_attach['attachmentid']);
if (empty($result) || !empty($result['errors'])) {
return json_error(ERR_NO_PERMISSION);
}
vB_dB_Assertor::instance()->assertQuery('ForumRunner:deleteAttachmentMarker', array('id' => $cleaned['attachmentid']));
return true;
}
function do_online()
{
$userinfo = vB_Api::instance('user')->fetchUserInfo();
$result = vB_Api::instance('wol')->fetchAll();
$options = vB::get_datastore()->get_value('options');
if (is_null($result) || isset($result['errors'])) {
return json_error(ERR_NO_PERMISSION);
}
$user_counts = vB_Api::instance('wol')->fetchCounts();
if (is_null($user_counts) || isset($user_counts['errors'])) {
return json_error(ERR_NO_PERMISSION);
}
$users = array();
foreach ($result as $user) {
$user_final = array('username' => $user['username'], 'userid' => $user['userid'], 'avatarurl' => $options['bburl'] . '/' . $user['avatarpath']);
if (!empty($userinfo) && $user['userid'] === $userinfo['userid']) {
$user_final['me'] = true;
}
$users[] = $user_final;
}
return array('users' => $users, 'num_guests' => $user_counts['guests']);
}
/**
*
*
*/
public function attend()
{
$idx = user()->getIdx();
if (empty($idx)) {
json_error(-40443, "로그인을 하십시오.");
}
$id = user()->getUsername();
$meta = new PhilgoMeta();
$nick = $meta->get("google_store.{$id}");
if (empty($nick)) {
json_error(-40401, "앱 평가를 먼저 하셔야 출석을 할 수 있습니다.");
}
$date = date('Ymd');
$entity = $this->load("user_id={$idx} AND date={$date}");
if ($entity) {
$count = $this->count_consecutive_attend();
if ($count >= self::max_attend) {
json_error(-40448, "출석 이벤트를 완료하였습니다.");
} else {
$ymd = preg_replace('/([0-9]{4})([0-9]{2})([0-9]{2})/', "\$1년 \$2월 \$3일", $date);
json_error(-40448, "{$ymd}에 출근 도장을 이미 찍으셨습니다. 연속으로 {$count} 번 출근 도장을 찍으셨습니다.");
}
}
$entity = $this->create()->sets(array('user_id' => $idx, 'date' => $date))->save();
if ($entity) {
$count = $this->count_consecutive_attend();
if ($count >= 5) {
$meta = new PhilgoMeta();
$meta->set("attend.complete.{$idx}", time());
json_success(array('code' => 1, 'message' => "축하합니다. 출석 이벤트를 완료하였습니다."));
} else {
json_success(array('count' => $count));
}
} else {
json_error(-40041, "출근 실패");
}
}
function handle_json_rpc($object)
{
/*
if ($input == '') {
$input = file_get_contents('php://input');
}
*/
$input = $GLOBALS['HTTP_RAW_POST_DATA'];
$encoding = mb_detect_encoding($input, 'auto');
//convert to unicode
if ($encoding != 'UTF-8') {
$input = iconv($encoding, 'UTF-8', $input);
}
$input = json_decode($input);
header('Content-Type: text/plain');
// handle Errors
if (!$input) {
if ($GLOBALS['HTTP_RAW_POST_DATA'] == "") {
echo response(null, 0, array("code" => -32700, "message" => "Parse Error: no data"));
} else {
// json parse error
$error = json_error();
$id = extract_id();
echo response(null, $id, array("code" => -32700, "message" => "Parse Error: {$error}"));
}
exit;
} else {
$method = get_field($input, 'method', null);
$params = get_field($input, 'params', null);
$id = get_field($input, 'id', null);
// json rpc error
if (!($method && $id)) {
if (!$id) {
$id = extract_id();
}
if (!$method) {
$error = "no method";
} else {
if (!$id) {
$error = "no id";
} else {
$error = "unknown reason";
}
}
echo response(null, $id, array("code" => -32600, "message" => "Invalid Request: {$error}"));
exit;
}
}
// fix params (if params is null set it to empty array)
if (!$params) {
$params = array();
}
// if params is object change it to array
if (is_object($params)) {
if (count(get_object_vars($params)) == 0) {
$params = array();
} else {
$params = get_object_vars($params);
}
}
// call Service Method
try {
$class = get_class($object);
$methods = get_class_methods($class);
do_debug($methods);
if (strcmp($method, 'help') == 0) {
if (count($params) > 0) {
if (!in_array($params[0], $methods)) {
$no_method = 'There is no ' . $params[0] . ' method';
throw new Exception($no_method);
} else {
$static = get_class_vars($class);
$help_str_name = $params[0] . "_documentation";
//throw new Exception(implode(", ", $static));
if (array_key_exists($help_str_name, $static)) {
echo response($static[$help_str_name], $id, null);
} else {
throw new Exception($method . " method has no documentation");
}
}
} else {
$url = "http://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"];
$msg = 'PHP JSON-RPC - in "' . $url . "\"\n";
$msg .= "class \"{$class}\" has methods: " . implode(", ", array_slice($methods, 0, -1)) . " and " . $methods[count($methods) - 1] . ".";
echo response($msg, $id, null);
}
} else {
if (!in_array($method, $methods)) {
$msg = 'There is no ' . $method . ' method';
echo response(null, $id, array("code" => -32601, "message" => $msg));
} else {
//throw new Exception('x -> ' . json_encode($params));
$result = call_user_func_array(array($object, $method), $params);
echo response($result, $id, null);
}
}
exit;
} catch (Exception $e) {
//catch all exeption from user code
$msg = "Internal error: " . $e->getMessage();
echo response(null, $id, array("code" => -32603, "message" => $msg));
}
}
function require_authentification()
{
global $logged_in;
if (!$logged_in) {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
json_error("Authentification required.");
}
}
/**
* Delete a post
*
* @see WP_JSON_Posts::delete_post()
*/
public function delete_post($id, $force = false)
{
$id = (int) $id;
if (empty($id)) {
json_error(BigAppErr::$post['code'], BigAppErr::$post['msg'], "");
}
$post = get_post($id, ARRAY_A);
if ($post['post_type'] !== $this->type) {
json_error(BigAppErr::$post['code'], BigAppErr::$post['msg'], "");
}
return parent::delete_post($id, $force);
}
public function actionLike()
{
$postid = $this->_input->filterSingle('postid', XenForo_Input::UINT);
$helper = $this->getHelper('ForumThreadPost');
try {
list($post_info, $thread_info, $forum_info) = $helper->assertPostValidAndViewable($postid);
} catch (Exception $e) {
json_error($e->getControllerResponse()->errorText->render());
}
if (!$this->_getPostModel()->canLikePost($post_info, $thread_info, $forum_info, $error)) {
$phrase = new XenForo_Phrase($error);
json_error($phrase->render());
}
$like_model = $this->_getLikeModel();
$existing_like = $like_model->getContentLikeByLikeUser('post', $postid, XenForo_Visitor::getUserId());
if ($existing_like) {
$like_model->unlikeContent($existing_like);
} else {
$like_model->likeContent('post', $postid, $post_info['user_id']);
}
return array('success' => true);
}
/**
*
* @SWG\Api(
* path="/project/{uuid}/invite",
* description="API for project actions",
* @SWG\Operation(
* method="POST",
* type="ProjectInvite",
* summary="Invite a user to a project. You can either invite a member of your team by passing their uuid or by sending them an external email",
* @SWG\Parameter(
* name="uuid",
* description="UUID of the project",
* paramType="path",
* required=true,
* type="string"
* ),
* @SWG\Parameter(
* name="user_uuid",
* description="The uuid of the user you would like to invite (optional)",
* paramType="form",
* required=false,
* type="string"
* ),
* @SWG\Parameter(
* name="email",
* description="The email address of the external user you would like to invite (optional)",
* paramType="form",
* required=false,
* type="string"
* ),
* )
* )
*
* Invites a user to a project
* @param string $uuid
*/
private function project_invite($uuid = '')
{
$this->load->helper('notification');
$project = validate_project_uuid($uuid);
/* Validate that the team owner has a valid subscription or free trial */
validate_team_read($project->team_id);
/* Validate that they are the team owner */
validate_team_owner($project->team_id, get_user_id());
$user_uuid = $this->post('user_uuid', TRUE);
$email = $this->post('email', TRUE);
/* Validate that they have a valid subscription and can add a project */
validate_user_add(get_user_id(), $user_uuid);
if ($email) {
/** Look to see if there is an existing invite and resend it */
$invite = $this->Project_Invite->get_for_email_project($email, $project->id);
$invite_id = 0;
if ($invite && !$invite->user_id) {
$invite_id = $invite->id;
$key = $invite->key;
} else {
$key = random_string('unique');
$invite_id = $this->Project_Invite->add(array('email' => $email, 'project_id' => $project->id, 'key' => $key));
}
notify_project_invite_new_user($invite_id, get_user_id());
json_success("User invited successfully", array('invite_id' => $invite_id, 'email' => $email, 'key' => $key));
exit;
} else {
if ($user_uuid) {
$user = validate_user_uuid($user_uuid);
/* Validate that the user is on the project */
if (!$this->User->is_on_team(get_team_id(), $user->id)) {
json_error('The user you are inviting is not on your team. Please invite them to your team first.');
exit;
}
$invite = $this->Project_Invite->get_for_user_id_project($user->id, $project->id);
if ($invite) {
$invite_id = $invite->id;
$key = $invite->key;
} else {
$key = random_string('unique');
$invite_id = $this->Project_Invite->add(array('project_id' => $project->id, 'user_id' => $user->id, 'email' => $user->email, 'key' => $key));
}
notify_project_invite_new_user($invite_id, get_user_id());
json_success("User invited successfully", array('invite_id' => $invite_id, 'email' => $email, 'key' => $key));
exit;
}
}
json_error("You must provide either a user id or an email address to invite to this project.");
}
function _image_error($msg)
{
if ('normal' == $this->Type) {
echo "<script type='text/javascript'>window.parent.MessageBox('warning', '{$msg}');</script>";
exit;
} else {
json_error($msg);
}
}
C::t('news_viewer')->insert($addviewer);
}
}
$news['dateline'] = dgmdate($news[dateline], 'u');
$data = $news;
$message = 'success';
break;
default:
$result = false;
$message = '不存在的方法';
break;
}
if ($result) {
json_success($message, $data);
} else {
json_error($message);
}
function catList($catid = 0, $sql, $param)
{
global $_G;
//查询
$params = array('news');
$params[] = 'news_viewer';
$params[] = $_G['uid'];
$params = $param ? array_merge_recursive($params, $param) : $params;
foreach (C::t('news_cat')->fetch_all_by_pid($catid) as $value) {
$catids = $common = '';
$result[$value['catid']] = $value;
$sun = C::t('news_cat')->fetch_all_by_pid($value['catid']);
if ($sun) {
foreach ($sun as $s) {
/**
* Get term for a post type
*
* @param string $taxonomy Taxonomy slug
* @param string $term Term slug
* @param string $context Context (view/view-parent)
* @return array Term entity
* 获取当个分类信息的接口:action=get_taxonomy_term&taxonomy=category&term=3
*/
public function get_taxonomy_term($taxonomy, $term, $context = 'view')
{
if (!taxonomy_exists($taxonomy)) {
json_error(BigAppErr::$taxonomy['code'], BigAppErr::$taxonomy['msg'], "Invalid taxonomy ID.");
}
$data = get_term($term, $taxonomy);
if (empty($data) or is_wp_error($data)) {
json_error(BigAppErr::$taxonomy['code'], BigAppErr::$taxonomy['msg'], "Invalid taxonomy ID.");
}
return $this->prepare_taxonomy_term($data, $context);
}
}
}
// Disable this filter for DAFIF (no IATA data)
if ($iatafilter == "false" || $dbname == "airports_dafif") {
$sql .= " 1=1";
// dummy
} else {
$sql .= " iata != '' AND iata != 'N/A'";
}
}
if (!$offset) {
$offset = 0;
}
// Check result count
$sql2 = str_replace("*", "COUNT(*)", $sql);
$result2 = mysql_query($sql2, $db) or json_error('Operation ' . $param . ' failed: ' . $sql2);
if ($row = mysql_fetch_array($result2, MYSQL_NUM)) {
$max = $row[0];
}
$response = array("status" => 1, "offset" => $offset, "max" => $max);
// Fetch airport data
$sql .= " ORDER BY name LIMIT 10 OFFSET " . $offset;
$result = mysql_query($sql, $db) or die(json_encode(array("status" => 0, "message" => 'Operation ' . $param . ' failed: ' . $sql)));
while ($rows[] = mysql_fetch_assoc($result)) {
}
array_pop($rows);
foreach ($rows as &$row) {
if ($dbname == "airports_dafif" || $dbname == "airports_oa") {
$row["country"] = $row["code"];
}
if ($row["uid"] || $uid == $OF_ADMIN_UID) {
function do_subscribe_thread()
{
global $vbulletin, $db, $foruminfo, $threadinfo;
if (!$vbulletin->userinfo['userid']) {
json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN);
}
$vbulletin->input->clean_array_gpc('r', array('emailupdate' => TYPE_UINT, 'folderid' => TYPE_INT));
$vbulletin->GPC['folderid'] = 0;
if (!$foruminfo['forumid']) {
json_error(ERR_INVALID_THREAD);
}
$forumperms = fetch_permissions($foruminfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
json_error(ERR_INVALID_THREAD);
}
if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) {
json_error(ERR_CANNOT_SUB_FORUM_CLOSED);
}
// check if there is a forum password and if so, ensure the user has it set
if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
json_error(ERR_CANNOT_SUB_PASSWORD);
}
if ($threadinfo['threadid']) {
if (!$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts')) {
json_error(ERR_INVALID_THREAD);
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or ($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
json_error(ERR_INVALID_THREAD);
}
/*insert query*/
$db->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, " . $vbulletin->GPC['emailupdate'] . ", " . $vbulletin->GPC['folderid'] . ", 1)\n\t\t");
} else {
if ($foruminfo['forumid']) {
/*insert query*/
$db->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribeforum (userid, emailupdate, forumid)\n\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", " . $vbulletin->GPC['emailupdate'] . ", " . $vbulletin->GPC['forumid'] . ")\n\t\t");
}
}
return array('success' => true);
}
function do_ban_user()
{
$userinfo = vB_Api::instance('user')->fetchUserInfo();
if ($userinfo['userid'] < 1) {
return json_error(ERR_NO_PERMISSION);
}
$cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('userid' => vB_Cleaner::TYPE_UINT, 'usergroupid' => vB_Cleaner::TYPE_UINT, 'period' => vB_Cleaner::TYPE_STR, 'reason' => vB_Cleaner::TYPE_STR));
if (!isset($cleaned['userid']) || !isset($cleaned['period'])) {
return json_error(ERR_NO_PERMISSION);
}
!isset($cleaned['usergroupid']) || $cleaned['usergroupid'] < 1 ? $banusergroupid = 8 : ($banusergroupid = $cleaned['usergroupid']);
$user = vB_Api::instance('user')->banUsers(array($cleaned['userid']), $banusergroupid, $cleaned['period'], $cleaned['reason']);
if ($user === null || isset($user['errors'])) {
return false;
}
return true;
}
