function newpoints_shop_page() { global $mybb, $db, $lang, $cache, $theme, $header, $templates, $plugins, $headerinclude, $footer, $options, $inline_errors; if (!$mybb->user['uid']) { return; } newpoints_lang_load("newpoints_shop"); if ($mybb->input['action'] == "do_shop") { verify_post_check($mybb->input['postcode']); $plugins->run_hooks("newpoints_do_shop_start"); switch ($mybb->input['shop_action']) { case 'buy': $plugins->run_hooks("newpoints_shop_buy_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } if (floatval($item['price']) > floatval($mybb->user['newpoints'])) { $errors[] = $lang->newpoints_shop_not_enough; } if ($item['infinite'] != 1 && $item['stock'] <= 0) { $errors[] = $lang->newpoints_shop_out_of_stock; } if ($item['limit'] != 0) { // Get how many items of this type we have in our inventory $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { $myitems = array(); } // If more than or equal to $item['limit'] -> FAILED if (count(array_keys($myitems, $item['iid'])) >= $item['limit']) { $errors[] = $lang->newpoints_shop_limit_reached; } } if (!empty($errors)) { $inline_errors = inline_error($errors, $lang->newpoints_shop_inline_errors); $mybb->input = array(); $mybb->input['action'] = 'shop'; } else { $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { $myitems = array(); } $myitems[] = $item['iid']; $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); // update stock if ($item['infinite'] != 1) { $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] - 1), 'iid=\'' . $item['iid'] . '\''); } // get money from user newpoints_addpoints($mybb->user['uid'], -floatval($item['price'])); if (!empty($item['pm'])) { // send PM if item has private message newpoints_send_pm(array('subject' => $lang->newpoints_shop_bought_item_pm_subject, 'message' => $item['pm'], 'touid' => $mybb->user['uid'], 'receivepms' => 1), -1); } $plugins->run_hooks("newpoints_shop_buy_end", $item); // log purchase newpoints_log('shop_purchase', $lang->sprintf($lang->newpoints_shop_purchased_log, $item['iid'], $item['price'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop", $lang->newpoints_shop_item_bought, $lang->newpoints_shop_item_bought_title); } break; case 'send': $plugins->run_hooks("newpoints_shop_send_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $lang->newpoints_shop_action = $lang->newpoints_shop_send_item; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 2; $shop_action = 'do_send'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"50%\"><strong>" . $lang->newpoints_shop_send_item_username . ":</strong><br /><small>" . $lang->newpoints_shop_send_item_message . "</small></td><td class=\"trow1\" width=\"50%\"><input type=\"text\" class=\"textbox\" name=\"username\" value=\"\"></td>"; $plugins->run_hooks("newpoints_shop_send_end"); eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";"); output_page($page); break; case 'do_send': $plugins->run_hooks("newpoints_shop_do_send_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $username = trim($mybb->input['username']); if (!($user = newpoints_getuser_byname($username))) { error($lang->newpoints_shop_invalid_user); } else { if ($user['uid'] == $mybb->user['uid']) { error($lang->newpoints_shop_cant_send_item_self); } // send item to the selected user $useritems = @unserialize($user['newpoints_items']); if (!$useritems) { $useritems = array(); } $useritems[] = $item['iid']; $db->update_query('users', array('newpoints_items' => serialize($useritems)), 'uid=\'' . $user['uid'] . '\''); // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); $plugins->run_hooks("newpoints_shop_do_send_end"); // send pm to user newpoints_send_pm(array('subject' => $lang->newpoints_shop_item_received_title, 'message' => $lang->sprintf($lang->newpoints_shop_item_received, htmlspecialchars_uni($mybb->user['username']), htmlspecialchars_uni($item['name'])), 'touid' => $user['uid'], 'receivepms' => 1), -1); // log newpoints_log('shop_send', $lang->sprintf($lang->newpoints_shop_sent_log, $item['iid'], $user['uid'], $user['username'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sent, $lang->newpoints_shop_item_sent_title); } break; case 'sell': $plugins->run_hooks("newpoints_shop_sell_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $lang->newpoints_shop_action = $lang->newpoints_shop_sell_item; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 1; $shop_action = 'do_sell'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"100%\">" . $lang->sprintf($lang->newpoints_shop_sell_item_confirm, htmlspecialchars_uni($item['name']), newpoints_format_points(floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])) . "</td>"; $plugins->run_hooks("newpoints_shop_sell_end"); eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";"); output_page($page); break; case 'do_sell': $plugins->run_hooks("newpoints_shop_do_sell_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); // update stock if ($item['infinite'] != 1) { $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] + 1), 'iid=\'' . $item['iid'] . '\''); } newpoints_addpoints($mybb->user['uid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent']); $plugins->run_hooks("newpoints_shop_do_sell_end"); // log newpoints_log('shop_sell', $lang->sprintf($lang->newpoints_shop_sell_log, $item['iid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sell, $lang->newpoints_shop_item_sell_title); break; default: error_no_permission(); } $plugins->run_hooks("newpoints_do_shop_end"); } // shop page if ($mybb->input['action'] == "shop") { $plugins->run_hooks("newpoints_shop_start"); if ($mybb->input['shop_action'] == 'view') { // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $item['name'] = htmlspecialchars_uni($item['name']); $item['description'] = htmlspecialchars_uni($item['description']); // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } $item['price'] = newpoints_format_points($item['price']); if ($item['price'] > $mybb->user['newpoints']) { $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>'; } // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } if ($item['infinite'] == 1) { $item['stock'] = $lang->newpoints_shop_infinite; } else { $item['stock'] = intval($item['stock']); } if ($item['sendable'] == 1) { $item['sendable'] = $lang->newpoints_shop_yes; } else { $item['sendable'] = $lang->newpoints_shop_no; } if ($item['sellable'] == 1) { $item['sellable'] = $lang->newpoints_shop_yes; } else { $item['sellable'] = $lang->newpoints_shop_no; } eval("\$page = \"" . $templates->get('newpoints_shop_view_item') . "\";"); } elseif ($mybb->input['shop_action'] == 'myitems') { $uid = intval($mybb->input['uid']); $uidpart = ''; if ($uid > 0) { $user = get_user($uid); // we're viewing someone else's inventory if (!empty($user)) { // we can't view others inventories if we don't have enough previleges if ($mybb->settings['newpoints_shop_viewothers'] != 1 && $mybb->usergroup['cancp'] != 1 && $mybb->user['uid'] != $uid) { error_no_permission(); } $myitems = @unserialize($user['newpoints_items']); $lang->newpoints_shop_myitems = $lang->sprintf($lang->newpoints_shop_items_username, htmlspecialchars_uni($user['username'])); $uidpart = "&uid=" . $uid; // we need this for pagination } else { $myitems = @unserialize($mybb->user['newpoints_items']); } } else { $myitems = @unserialize($mybb->user['newpoints_items']); } $items = ''; $newrow = true; $invert_bgcolor = alt_trow(); if ($mybb->settings['newpoints_shop_sendable'] != 1) { $sendable = false; } else { $sendable = true; } if ($mybb->settings['newpoints_shop_sellable'] != 1) { $sellable = false; } else { $sellable = true; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $parser_options = array('allow_mycode' => 1, 'allow_smilies' => 1, 'allow_imgcode' => 0, 'allow_html' => 0, 'filter_badwords' => 1); if (!empty($myitems)) { // pagination $per_page = 10; $mybb->input['page'] = intval($mybb->input['page']); if ($mybb->input['page'] && $mybb->input['page'] > 1) { $mybb->input['page'] = intval($mybb->input['page']); $start = $mybb->input['page'] * $per_page - $per_page; } else { $mybb->input['page'] = 1; $start = 0; } // total items $total_rows = $db->fetch_field($db->simple_select("newpoints_shop_items", "COUNT(iid) as items", 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')'), "items"); // multi-page if ($total_rows > $per_page) { $multipage = multipage($total_rows, $per_page, $mybb->input['page'], $mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems" . $uidpart); } $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')', array('limit' => "{$start}, {$per_page}")); while ($item = $db->fetch_array($query)) { if ($newrow === true) { $trstart = '<tr>'; $trend = ''; $newrow = false; } elseif ($newrow === false) { $trstart = ''; $trend = '</tr>'; $newrow = true; } if ($sellable === true && $item['sellable']) { if ($sendable === true && $item['sendable']) { $tdstart = '<td width="50%">'; } else { $tdstart = '<td width="100%">'; } $sell = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="sell"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_sell . '"></form></td>'; } else { $sell = ''; } if ($sendable === true && $item['sendable']) { if ($sell == '') { $tdstart = '<td width="100%">'; } else { $tdstart = '<td width="50%">'; } $send = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="send"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_send . '"></form></td>'; } else { $send = ''; } if (!$send && !$sell) { $send = $lang->newpoints_shop_no_options; } $item['description'] = $parser->parse_message($item['description'], $parser_options); // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } $item['price'] = newpoints_format_points($item['price']); $item['quantity'] = count(array_keys($myitems, $item['iid'])); // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } $bgcolor = alt_trow(); $invert_bgcolor = alt_trow(); eval("\$items .= \"" . $trstart . $templates->get('newpoints_shop_myitems_item') . $trend . "\";"); } if (!$items) { eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";"); } else { if ($newrow === false) { eval("\$items .= \"" . $templates->get('newpoints_shop_myitems_item_empty') . "</tr>" . "\";"); $newrow = true; } } } else { eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";"); } eval("\$page = \"" . $templates->get('newpoints_shop_myitems') . "\";"); } else { // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 $itemsrate = floatval($grouprules['items_rate']); global $cats, $items; // get categories $query = $db->simple_select('newpoints_shop_categories', '*', '', array('order_by' => 'disporder', 'order_dir' => 'ASC')); while ($cat = $db->fetch_array($query)) { $categories[$cat['cid']] = $cat; } // get items and store them in their categories $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND cid>0', array('order_by' => 'disporder', 'order_dir' => 'ASC')); while ($item = $db->fetch_array($query)) { $items_array[$item['cid']][$item['iid']] = $item; } $cats = ''; $bgcolor = ''; $bgcolor = alt_trow(); // build items and categories if (!empty($categories)) { foreach ($categories as $cid => $category) { $items = ''; if ($category['items'] > 0 && !empty($items_array[$category['cid']])) { foreach ($items_array as $cid => $member) { if ($cid != $category['cid']) { continue; } $bgcolor = alt_trow(); foreach ($member as $iid => $item) { // skip hidden items if ($item['visible'] == 0) { continue; } if ($item['infinite'] == 1) { $item['stock'] = $lang->newpoints_shop_infinite; } if ($item['price'] > $mybb->user['newpoints']) { $enough_money = false; } else { $enough_money = true; } $item['name'] = htmlspecialchars_uni($item['name']); $item['description'] = htmlspecialchars_uni($item['description']); $item['price'] = newpoints_format_points($item['price'] * $itemsrate); // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } if (!$enough_money) { $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>'; } eval("\$items .= \"" . $templates->get('newpoints_shop_item') . "\";"); } } } else { eval("\$items = \"" . $templates->get('newpoints_shop_no_items') . "\";"); } // if it's not visible, don't show it if ($category['visible'] == 0) { continue; } // check if we have permissions to view the category if (!newpoints_shop_check_permissions($category['usergroups'])) { continue; } // Expanded by default feature global $extdisplay, $expcolimage, $expdisplay, $expaltext, $icon; $expdisplay = ''; if (intval($category['expanded']) == 0) { $expcolimage = "collapse_collapsed.gif"; $expdisplay = "display: none;"; $expaltext = "[+]"; } else { $expcolimage = "collapse.gif"; $expaltext = "[-]"; } // build icon if ($category['icon'] != '') { $category['icon'] = htmlspecialchars_uni($category['icon']); $category['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $category['icon'] . '" style="vertical-align:middle">'; } // sanitize html $category['description'] = htmlspecialchars_uni($category['description']); $category['name'] = htmlspecialchars_uni($category['name']); eval("\$cats .= \"" . $templates->get('newpoints_shop_category') . "\";"); } } else { eval("\$cats = \"" . $templates->get('newpoints_shop_no_cats') . "\";"); } eval("\$page = \"" . $templates->get('newpoints_shop') . "\";"); } $plugins->run_hooks("newpoints_shop_end"); // output page output_page($page); } }
function hook_newpoints_do_shop_start() { global $mybb, $db, $lang, $cache, $theme, $header, $templates, $plugins, $headerinclude, $footer, $options, $inline_errors; if ($mybb->get_input('shop_action') == 'buy_sticky') { $do = false; } elseif ($mybb->get_input('shop_action') == 'do_buy_sticky') { $do = true; } else { return false; } if ($do) { $plugins->run_hooks('newpoints_shop_do_buy_sticky_start'); } else { $plugins->run_hooks('newpoints_shop_buy_sticky_start'); } if (!($item = newpoints_shop_get_item($mybb->get_input('iid', 1)))) { error($lang->newpoints_shop_invalid_item); } if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if (!$item['visible'] || !$cat['visible']) { error_no_permission(); } if (!$item['buy_sticky'] || $item['buy_sticky_time'] < 1) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $this->load_language(); if ($do) { // ~~~ @ https://github.com/PaulBender/Move-Posts/blob/master/inc/plugins/moveposts.php#L217 // if ($db->table_exists('google_seo')) { $regexp = "{$mybb->settings['bburl']}/{$mybb->settings['google_seo_url_threads']}"; if ($regexp) { $regexp = preg_quote($regexp, '#'); $regexp = str_replace('\\{\\$url\\}', '([^./]+)', $regexp); $regexp = str_replace('\\{url\\}', '([^./]+)', $regexp); $regexp = "#^{$regexp}\$#u"; } $url = $mybb->get_input('threadurl'); $url = preg_replace('/^([^#?]*)[#?].*$/u', '\\1', $url); $url = preg_replace($regexp, '\\1', $url); $url = urldecode($url); $query = $db->simple_select('google_seo', 'id', "idtype='4' AND url='{$db->escape_string($url)}'"); $redeemtid = $db->fetch_field($query, 'id'); } $realurl = explode('#', $mybb->get_input('threadurl')); $mybb->input['threadurl'] = $realurl[0]; if (substr($mybb->get_input('threadurl'), -4) == 'html') { preg_match('#thread-([0-9]+)?#i', $mybb->get_input('threadurl'), $threadmatch); preg_match('#post-([0-9]+)?#i', $mybb->get_input('threadurl'), $postmatch); if ($threadmatch[1]) { $parameters['tid'] = $threadmatch[1]; } if ($postmatch[1]) { $parameters['pid'] = $postmatch[1]; } } else { $splitloc = explode('.php', $mybb->get_input('threadurl')); $temp = explode('&', my_substr($splitloc[1], 1)); if (!empty($temp)) { for ($i = 0; $i < count($temp); $i++) { $temp2 = explode('=', $temp[$i], 2); $parameters[$temp2[0]] = $temp2[1]; } } else { $temp2 = explode('=', $splitloc[1], 2); $parameters[$temp2[0]] = $temp2[1]; } } if ($parameters['pid'] && !$parameters['tid']) { $query = $db->simple_select('posts', '*', "pid='" . (int) $parameters['pid'] . "'"); $post = $db->fetch_array($query); $redeemtid = $post['tid']; } elseif ($parameters['tid']) { $redeemtid = $parameters['tid']; } $thread = get_thread($redeemtid); // ~~~ // if (!$thread['tid'] || !$thread['visible'] || $thread['deletetime']) { error($lang->newpoints_buy_sticky_redeem_error_invalid); } if ($thread['sticky']) { error($lang->newpoints_buy_sticky_redeem_error_alreadystickied); } if ($thread['closed']) { error($lang->newpoints_buy_sticky_redeem_error_closedthread); } if ($thread['uid'] != $mybb->user['uid']) { error($lang->newpoints_buy_sticky_redeem_error_wronguser); } // We need more extensive permission checkings here late on.. require_once MYBB_ROOT . 'inc/class_moderation.php'; $moderation = new Moderation(); $lang->load('moderation'); $moderation->stick_threads($thread['tid']); log_moderator_action(array('fid' => $thread['fid'], 'tid' => $thread['tid']), $lang->sprintf($lang->mod_process, $lang->stuck)); newpoints_log('buy_sticky', $mybb->settings['bburl'] . '/' . get_thread_link($thread['tid']), $mybb->user['username'], $mybb->user['uid']); $rundate = TIME_NOW + $item['buy_sticky_time'] * 86400; $did = $db->insert_query("delayedmoderation", array('type' => $db->escape_string('stick'), 'delaydateline' => (int) $rundate, 'uid' => (int) $mybb->user['uid'], 'tids' => (int) $thread['tid'], 'fid' => (int) $thread['fid'], 'dateline' => TIME_NOW, 'inputs' => $db->escape_string(my_serialize(array('new_forum' => (int) $thread['fid'], 'method' => 'move', 'redirect_expire' => ''))))); $plugins->run_hooks('moderation_do_delayedmoderation'); // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), "uid='" . (int) $mybb->user['uid'] . "'"); $plugins->run_hooks('newpoints_shop_do_buy_sticky_end'); $message = $lang->sprintf($lang->newpoints_buy_sticky_redeem_done, my_date('relative', $rundate, '', 2)); redirect($mybb->settings['bburl'] . '/newpoints.php?action=shop&shop_action=myitems', $message, $lang->newpoints_buy_sticky_redeem_done_title); } else { $lang->newpoints_shop_action = $lang->newpoints_buy_sticky_redeem_title; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 2; $shop_action = 'do_buy_sticky'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"50%\"><strong>" . $lang->newpoints_buy_sticky_redeem_thread . ":</strong><br /><small>" . $lang->newpoints_buy_sticky_redeem_message . "</small></td><td class=\"trow1\" width=\"50%\"><input type=\"text\" class=\"textbox\" name=\"threadurl\" value=\"\"></td>"; $plugins->run_hooks('newpoints_shop_buy_sticky_end'); $page = eval($templates->render('newpoints_shop_do_action')); output_page($page); } exit; }