public function actionGetOnline() { $session_model = $this->_getSessionModel(); $bypass_privacy = $this->_getUserModel()->canBypassUserPrivacy(); $visitor = XenForo_Visitor::getInstance(); $online = $session_model->getSessionActivityRecords(array('cutOff' => array('>', $session_model->getOnlineStatusTimeout()), 'getInvisible' => $bypass_privacy, 'getUnconfirmed' => $bypass_privacy, 'forceInclude' => true), array('join' => XenForo_Model_Session::FETCH_USER, 'order' => 'view_date')); $online = $session_model->addSessionActivityDetailsToList($online); $totals = $session_model->getSessionActivityQuickList($visitor->toArray(), array('cutOff' => array('>', $session_model->getOnlineStatusTimeout())), $visitor['user_id'] ? $visitor->toArray() : null); $online_users = array(); foreach ($online as $rec) { if (!$rec['user_id']) { continue; } $activity = ''; if ($rec['activityDescription'] instanceof XenForo_Phrase) { $activity = $rec['activityDescription']->render(); } $out = array('userid' => $rec['user_id'], 'username' => prepare_utf8_string(strip_tags($rec['username']))); if ($activity != '') { $out['activity'] = prepare_utf8_string($activity); } if ($visitor->getUserId() == $rec['user_id']) { $out['me'] = true; } $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($rec, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } $online_users[] = $out; } return array('users' => $online_users, 'num_guests' => $totals['guests']); }
public function actionGetSubscriptions() { $page = max($this->_input->filterSingle('page', XenForo_Input::UINT), 1); $perpage = $this->_input->filterSingle('perpage', XenForo_Input::UINT); if (!$perpage) { $perpage = XenForo_Application::get('options')->discussionsPerPage; } $previewtype = $this->_input->filterSingle('previewtype', XenForo_Input::UINT); if (!$previewtype) { $previewtype = 2; } $visitor = XenForo_Visitor::getInstance(); $watch_model = $this->_getThreadWatchModel(); $threads = $watch_model->getThreadsWatchedByUser($visitor['user_id'], false, array('join' => XenForo_Model_Thread::FETCH_FORUM | XenForo_Model_Thread::FETCH_USER, 'readUserId' => $visitor['user_id'], 'page' => $page, 'perPage' => $perpage, 'postCountUserId' => $visitor['user_id'], 'permissionCombinationId' => $visitor['permission_combination_id'])); $threads = $watch_model->unserializePermissionsInList($threads, 'node_permission_cache'); $threads = $watch_model->getViewableThreadsFromList($threads); $threads = $this->_prepareWatchedThreads($threads); $total = $watch_model->countThreadsWatchedByUser($visitor['user_id']); $this->canonicalizePageNumber($page, $perpage, $total, 'watched/threads/all'); $thread_data = array(); $thread_model = $this->_getThreadModel(); $post_model = $this->getModelFromCache('XenForo_Model_Post'); $preview_length = XenForo_Application::get('options')->discussionPreviewLength; $formatter = XenForo_BbCode_Formatter_Base::create('XenForo_BbCode_Formatter_Text'); $parser = new XenForo_BbCode_Parser($formatter); foreach ($threads as &$thread) { $out = array('thread_id' => $thread['thread_id'], 'forum_title' => prepare_utf8_string($thread['node_title']), 'new_posts' => $thread['isNew'], 'forum_id' => $thread['node_id'], 'total_posts' => $thread['reply_count'] + 1, 'thread_title' => prepare_utf8_string(strip_tags($thread['title'])), 'post_lastposttime' => prepare_utf8_string(XenForo_Locale::dateTime($thread['last_post_date'], 'absolute'))); if ($previewtype == 1) { $out += array('post_username' => prepare_utf8_string(strip_tags($thread['username'])), 'post_userid' => $thread['user_id']); } else { $out += array('post_username' => prepare_utf8_string(strip_tags($thread['last_post_username'])), 'post_userid' => $thread['last_post_user_id']); } $post = $post_model->getPostById($thread[$previewtype == 1 ? 'first_post_id' : 'last_post_id'], array('join' => XenForo_Model_Post::FETCH_USER)); $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($post, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } $preview = ''; if ($preview_length) { $preview = $parser->render($post['message']); } if ($preview != '') { $out['thread_preview'] = prepare_utf8_string(html_entity_decode($preview)); } if ($thread['discussion_type'] == 'poll') { $out['poll'] = true; } $thread_data[] = $out; } $out = array('threads' => $thread_data, 'total_threads' => $total); return $out; }
public function actionGetProfile() { $visitor = XenForo_Visitor::getInstance(); $permissions = $visitor->getPermissions(); $session_model = $this->getModelFromCache('XenForo_Model_Session'); $userid = $this->_input->filterSingle('userid', XenForo_Input::UINT); if (!$userid) { $userid = XenForo_Visitor::getUserId(); } try { $user = $this->getHelper('UserProfile')->assertUserProfileValidAndViewable($userid, array('join' => XenForo_Model_User::FETCH_LAST_ACTIVITY)); } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } $online_info = $session_model->getSessionActivityRecords(array('user_id' => $user['user_id'], 'cutOff' => array('>', $session_model->getOnlineStatusTimeout()))); $is_online = false; if (count($online_info) == 1) { $is_online = true; } $posts = $user['message_count']; $joindate = prepare_utf8_string(XenForo_Locale::date($user['register_date'], 'absolute')); $out = array('username' => prepare_utf8_string(strip_tags($user['username'])), 'posts' => $posts, 'joindate' => $joindate, 'online' => $is_online, 'avatar_upload' => $visitor->canUploadAvatar()); $maxFileSize = XenForo_Permission::hasPermission($permissions, 'avatar', 'maxFileSize'); if ($maxFileSize > 0) { $out['avatar_resize'] = true; } $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } if ($visitor->hasAdminPermission('ban')) { $out['ban'] = true; } // New Profile Fields $groups = array(); // About $out_group = array('name' => 'about', 'values' => array(array('name' => prepare_utf8_string(fr_get_phrase('messages')), 'value' => strval($posts)), array('name' => prepare_utf8_string(fr_get_phrase('joined')), 'value' => $joindate), array('name' => prepare_utf8_string(fr_get_phrase('likes_received')), 'value' => strval($user['like_count'])))); $groups[] = $out_group; // Additional information $out_group = array('name' => 'additional'); // Status if (!empty($user['status'])) { $out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('status')), 'value' => prepare_utf8_string($user['status'])); } // Location if (!empty($user['location'])) { $out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('location')), 'value' => prepare_utf8_string($user['location'])); } // Occupation if (!empty($user['occupation'])) { $out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('occupation')), 'value' => prepare_utf8_string($user['occupation'])); } // About if (!empty($user['about'])) { $out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('about')), 'value' => prepare_utf8_string(remove_bbcode($user['about'], true, true))); } if (count($out_group['values'])) { $groups[] = $out_group; } $out['groups'] = $groups; return $out; }
function do_get_post() { global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $postinfo; $vbulletin->input->clean_array_gpc('r', array('type' => TYPE_STR)); $type = 'html'; if ($vbulletin->GPC['type']) { $type = $vbulletin->GPC['type']; } if (!$postinfo['postid']) { standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])); } if ((!$postinfo['visible'] or $postinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) { standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])); } if ((!$threadinfo['visible'] or $threadinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) { standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])); } $forumperms = fetch_permissions($threadinfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { json_error(ERR_NO_PERMISSION); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { json_error(ERR_NO_PERMISSION); } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $post = $db->query_first_slave("\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t user.*, userfield.*, usertextfield.*,\n\t " . iif($foruminfo['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t IF(user.displaygroupid=0, user.usergroupid, user.displaygroupid) AS displaygroupid, infractiongroupid,\n\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline, editlog.reason AS edit_reason, editlog.hashistory,\n\t\tpostparsed.pagetext_html, postparsed.hasimages,\n\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight\n\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t\t" . iif($foruminfo['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t\t{$hook_query_joins}\n\t\tWHERE post.postid = {$postid}\n "); $types = vB_Types::instance(); $contenttypeid = $types->getContentTypeID('vBForum_Post'); $attachments = $db->query_read_slave("\n\t\tSELECT\n\t\t\tfd.thumbnail_dateline, fd.filesize, IF(fd.thumbnail_filesize > 0, 1, 0) AS hasthumbnail, fd.thumbnail_filesize,\n\t\t\ta.dateline, a.state, a.attachmentid, a.counter, a.contentid AS postid, a.filename,\n\t\t\ttype.contenttypes\n\t\tFROM " . TABLE_PREFIX . "attachment AS a\n\t\tINNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (a.filedataid = fd.filedataid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "attachmenttype AS type ON (fd.extension = type.extension)\n\t\tWHERE\n\t\t\ta.contentid = {$postid}\n\t\t\t\tAND\n\t\t\ta.contenttypeid = {$contenttypeid}\n\t\tORDER BY a.attachmentid\n\t"); $fr_images = array(); while ($attachment = $db->fetch_array($attachments)) { $lfilename = strtolower($attachment['filename']); if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) { $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']); if ($vbulletin->options['attachthumbs']) { $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1'; } $fr_images[] = $tmp; } } $postbits = ''; $postbit_obj =& $postbit_factory->fetch_postbit('post'); $postbit_obj->cachable = $post_cachable; $postbits .= $postbit_obj->construct_postbit($post); if ($type == 'html') { $bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $vbulletin->templatecache['bbcode_quote'] = ' <div style=\\"margin:0px; margin-top:0px;\\"> <table cellpadding=\\"$stylevar[cellpadding]\\" cellspacing=\\"0\\" border=\\"0\\" width=\\"100%\\"> <tr> <td class=\\"alt2\\" style=\\"border:1px solid #777777;\\"> ".(($show[\'username\']) ? (" <div> " . construct_phrase("$vbphrase[originally_posted_by_x]", "$username") . " </div> <div style=\\"font-style:italic\\">$message</div> ") : (" $message "))." </td> </tr> </table> </div> '; $css = <<<EOF <style type="text/css"> body { margin: 0; padding: 3; font: 13px Arial, Helvetica, sans-serif; } .alt2 { background-color: #e6edf5; font: 13px Arial, Helvetica, sans-serif; } html { -webkit-text-size-adjust: none; } </style> EOF; $html = $css . $bbcode_parser->parse($post['pagetext']); $image = ''; } else { if ($type == 'facebook') { $html = fetch_censored_text(strip_bbcode(strip_quotes($post['pagetext']), false, true)); if (count($fr_images)) { $image = $fr_images[0]['img']; } } } // Figure out if we can post $canpost = true; if ($threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) { $canpost = false; } if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) { $canpost = false; } if (!$threadinfo['open']) { if (!can_moderate($threadinfo['forumid'], 'canopenclose')) { $canpost = false; } } if (($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) { $canpost = false; } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and $vbulletin->userinfo['userid'] == $threadinfo['postuserid']) { $canpost = false; } // Avatar work $avatarurl = ''; if ($post['avatarurl']) { $avatarurl = process_avatarurl($post['avatarurl']); } // Get post date/time $postdate = vbdate($vbulletin->options['dateformat'], $post['dateline'], 1); $posttime = vbdate($vbulletin->options['timeformat'], $post['dateline']); // Parse the post for quotes and inline images list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $post['allowsmilie'] && $usesmilies); $out = array('html' => prepare_utf8_string($html), 'post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'forum_title' => prepare_utf8_string($foruminfo['title_clean']), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'] ? (string) $post['posts'] : '0', 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'canpost' => $canpost, 'quotable' => $nuked_quotes, 'canattach' => $forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid'], 'edittext' => prepare_utf8_string($post['pagetext'])); if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } if ($post['editlink']) { $out['canedit'] = true; } if ($image != '') { $out['image'] = $image; } return $out; }
public function actionFindNew() { $do = $this->_input->filterSingle('do', XenForo_Input::STRING); $days = $this->_input->filterSingle('days', XenForo_Input::UINT); $page = max($this->_input->filterSingle('page', XenForo_Input::UINT), 1); $perpage = $this->_input->filterSingle('perpage', XenForo_Input::UINT); if (!$perpage) { $perpage = XenForo_Application::get('options')->discussionsPerPage; } $previewtype = $this->_input->filterSingle('previewtype', XenForo_Input::UINT); if (!$previewtype) { $previewtype = 2; } $thread_model = $this->_getThreadModel(); $search_model = $this->_getSearchModel(); $post_model = $this->getModelFromCache('XenForo_Model_Post'); $user_model = $this->getModelFromCache('XenForo_Model_User'); $node_model = $this->getModelFromCache('XenForo_Model_Node'); $userid = XenForo_Visitor::getUserId(); $options = array('limit' => XenForo_Application::get('options')->maximumSearchResults); if ($do == 'getdaily') { if ($days < 0 || $days > 30) { $days = 3; } $search_options = $options + array('order' => 'last_post_date', 'orderDirection' => 'desc'); $threadids = array_keys($thread_model->getThreads(array('last_post_date' => array('>', XenForo_Application::$time - 86400 * $days), 'deleted' => false, 'moderated' => false), $search_options)); $search_type = 'recent-threads'; } else { $threadids = $thread_model->getUnreadThreadIds($userid, $options); $search_type = 'new-threads'; } $exclude = XenForo_Application::get('options')->forumrunnerExcludeForums; if (!$exclude) { $exclude = array(); } $forums = $node_model->getViewableNodeList(null, true); foreach ($exclude as $remove) { fr_remove_node_and_children($forums, $remove); } $forums = array_keys($forums); $results = array(); foreach ($threadids as $threadid) { $thread = $thread_model->getThreadById($threadid); if (!in_array($thread['node_id'], $forums)) { continue; } $results[] = array(XenForo_Model_Search::CONTENT_TYPE => 'thread', XenForo_Model_Search::CONTENT_ID => $threadid); } $results = $search_model->getViewableSearchResults($results); if (!$results) { return $this->noResults(); } $search = $search_model->insertSearch($results, $search_type, '', array(), 'date', false); $search_id = $search['search_id']; $resultids = $search_model->sliceSearchResultsToPage($search, $page, $perpage); $results = $search_model->getSearchResultsForDisplay($resultids); if (!$results) { return $this->noResults(); } $thread_data = array(); $preview_length = XenForo_Application::get('options')->discussionPreviewLength; foreach ($results['results'] as $result) { $thread = $result['content']; $post = $post_model->getPostById($thread[$previewtype == 1 ? 'first_post_id' : 'last_post_id'], array('join' => XenForo_Model_Post::FETCH_USER)); $preview = ''; if ($preview_length) { $preview = preview_chop(XenForo_Helper_String::bbCodeStrip(XenForo_Helper_String::censorString($post['message']), true), $preview_length); } $out = array('thread_id' => $thread['thread_id'], 'new_posts' => $thread['isNew'], 'forum_id' => $thread['node_id'], 'total_posts' => $thread['reply_count'] + 1, 'forum_title' => prepare_utf8_string(strip_tags($thread['node_title'])), 'thread_title' => prepare_utf8_string(XenForo_Helper_String::censorString($thread['title'])), 'post_lastposttime' => prepare_utf8_string(XenForo_Locale::dateTime($thread['last_post_date'], 'absolute'))); if ($previewtype == 1) { $out['post_username'] = prepare_utf8_string(strip_tags($thread['username'])); $out['post_userid'] = $thread['user_id']; } else { $out['post_username'] = prepare_utf8_string(strip_tags($thread['last_post_username'])); $out['post_userid'] = $thread['last_post_user_id']; } $user = $user_model->getUserById($out['post_userid']); if ($user !== false) { $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } } if ($preview != '') { $out['thread_preview'] = prepare_utf8_string(html_entity_decode($preview)); } if ($thread['discussion_type'] == 'poll') { $out['poll'] = true; } if ($thread['prefix_id']) { $phrase = new XenForo_Phrase('thread_prefix_' . $thread['prefix_id']); $out['prefix'] = prepare_utf8_string(strip_tags($phrase->render(false))); } $thread_data[] = $out; } $out = array('threads' => $thread_data, 'total_threads' => $search['result_count'], 'searchid' => $search_id); return $out; }
function get_article_comments($article, $associated_thread_id, $userinfo, &$pageno, &$perpage, &$total) { require_once DIR . '/includes/functions_misc.php'; require_once DIR . '/includes/functions.php'; require_once DIR . '/includes/functions_databuild.php'; require_once DIR . '/includes/functions_bigthree.php'; $posts_out = array(); fetch_phrase_group('posting'); $threadinfo = verify_id('thread', $associated_thread_id, 0, 1); $foruminfo = verify_id('forum', $threadinfo['forumid'], 0, 1); //First let's see if we have forum/thread view permissions. If not, // we're done if (!($permissions = can_view_thread($article->getNodeId(), $userinfo))) { return array(); } $forumperms = fetch_permissions($threadinfo['forumid']); //Normally this thread will be wide open, so let's get the list first // without checking. We'll verify each post anyway. //get our results $results = get_comments($permissions, $associated_thread_id); $record_count = count($results); if (!$results or !count($results)) { return array(); } //we accept the parameter "last" for pageno. if ($pageno == FR_LAST_POST) { $pageno = intval(($record_count + $perpage - 1) / $perpage); $first = ($pageno - 1) * $perpage; } else { $pageno = max(1, intval($pageno)); $first = $perpage * ($pageno - 1); } //Let's trim off the results we need. //This also tells us if we should show the "next" button. $post_array = array_slice($results, $first, $perpage, true); if (!$post_array) { return array(); } $firstpostid = false; $displayed_dateline = 0; if (vB::$vbulletin->options['threadmarking'] and vB::$vbulletin->userinfo['userid']) { $threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - vB::$vbulletin->options['markinglimit'] * 86400); } else { $threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid'])); if (!$threadview) { $threadview = vB::$vbulletin->userinfo['lastvisit']; } } require_once DIR . '/includes/functions_user.php'; $show['inlinemod'] = false; $postids = array(); $postids = ' post.postid in (' . implode(', ', $post_array) . ')'; $posts = vB::$vbulletin->db->query_read($sql = "\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t user.*, userfield.*, usertextfield.*,\n\t " . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t " . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n\t editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n\t editlog.reason AS edit_reason, editlog.hashistory,\n\t postparsed.pagetext_html, postparsed.hasimages,\n\t sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,\n\t customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight\n\t " . iif(!($permissions['genericpermissions'] & vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), vB::$vbulletin->profilefield['hidden']) . "\n\t {$hook_query_fields}\n\t FROM " . TABLE_PREFIX . "post AS post\n\t LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t " . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t {$deljoin}\n\t LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)\n\t {$hook_query_joins}\n\t WHERE {$postids}\n\t ORDER BY post.dateline\n\t "); if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { vB::$vbulletin->options['attachthumbs'] = 0; } if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { vB::$vbulletin->options['viewattachedimages'] = 0; } $postcount = count($postid_array); $counter = 0; $postbits = ''; vB::$vbulletin->noheader = true; while ($post = vB::$vbulletin->db->fetch_array($posts)) { if (!$privileges['can_moderate_forums']) { if ($privileges['is_coventry'] or $post['visible'] == 2) { continue; } } // post/thread is deleted by moderator and we don't have permission to see it if (!($post['visible'] or $privileges['can_moderate_posts'])) { continue; } if (!intval($post['userid'])) { $post['avatarid'] = false; } else { if (!$post['hascustomavatar']) { if ($post['profilepic']) { $post['hascustomavatar'] = 1; $post['avatarid'] = true; $post['avatarpath'] = "./image.php?u=" . $post['userid'] . "&dateline=" . $post['profilepicdateline'] . "&type=profile"; $post['avwidth'] = $post['ppwidth']; $post['avheight'] = $post['ppheight']; } else { $post['hascustomavatar'] = 1; $post['avatarid'] = true; // explicity setting avatarurl to allow guests comments to show unknown avatar $post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif'; $post['avwidth'] = 60; $post['avheight'] = 60; } } } if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) { continue; } if ($post['visible'] == 1 and !$tachyuser) { ++$counter; if ($postorder) { $post['postcount'] = --$postcount; } else { $post['postcount'] = ++$postcount; } } if ($tachyuser) { $fetchtype = 'post_global_ignore'; } else { if ($ignore["{$post['userid']}"]) { $fetchtype = 'post_ignore'; } else { if ($post['visible'] == 2) { $fetchtype = 'post_deleted'; } else { $fetchtype = 'post'; } } } if (vB::$vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) { $fetchtype = 'post'; } if (!$firstpostid) { $firstpostid = $post['postid']; } $post['islastshown'] = $post['postid'] == $lastpostid; $post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1); $post['islastshown'] = $post['postid'] == $lastpostid; $post['attachments'] = $postattach["{$post['postid']}"]; $canedit = false; if (!$threadinfo['isdeleted'] and !$post['isdeleted'] and (can_moderate($threadinfo['forumid'], 'caneditposts') or $threadinfo['open'] and $post['userid'] == vB::$vbulletin->userinfo['userid'] and $forumperms & vB::$vbulletin->bf_ugp_forumpermissions['caneditpost'] and ($post['dateline'] >= TIMENOW - vB::$vbulletin->options['edittimelimit'] * 60 or vB::$vbulletin->options['edittimelimit'] == 0))) { $canedit = true; } // Get post date/time $postdate = vbdate(vB::$vbulletin->options['dateformat'], $post['dateline'], 1); $posttime = vbdate(vB::$vbulletin->options['timeformat'], $post['dateline']); $attachments = array(); $fr_images = array(); // Attachments (images). if (count($post['attachments']) > 0) { foreach ($post['attachments'] as $attachment) { $lfilename = strtolower($attachment['filename']); if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) { $fr_images[] = array('img' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'], 'tmb' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1'); } } } // Parse the post for quotes and inline images list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], false); if (count($fr_images) > 0) { $text .= "<br/>"; foreach ($fr_images as $attachment) { $text .= "<img src=\"{$attachment['img']}\"/>"; } } foreach ($images as $image) { $fr_images[] = array('img' => $image); } $avatarurl = ''; // Avatar work if (vB::$vbulletin->options['avatarenabled']) { require_once DIR . '/includes/functions_user.php'; $userinfo = fetch_userinfo($post['userid'], FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfo); if ($userinfo['avatarurl']) { $avatarurl = process_avatarurl($userinfo['avatarurl']); } } $tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'], 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images, 'image_thumbs' => array()); // Soft Deleted if ($post['visible'] == 2) { $tmp['deleted'] = true; $tmp['del_username'] = prepare_utf8_string($post['del_username']); if ($post['del_reason']) { $tmp['del_reason'] = prepare_utf8_string($post['del_reason']); } } else { $tmp['text'] = $text; $tmp['quotable'] = $nuked_quotes; if ($canedit) { $tmp['canedit'] = true; $tmp['edittext'] = prepare_utf8_string($post['pagetext']); } } if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } $posts_out[] = $tmp; } if ($LASTPOST['dateline'] > $displayed_dateline) { $displayed_dateline = $LASTPOST['dateline']; if ($displayed_dateline <= $threadview) { $updatethreadcookie = true; } } // Set thread last view if ($displayed_dateline and $displayed_dateline > $threadview) { mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline); } vB::$vbulletin->db->free_result($posts); unset($post); $total = $record_count; return $posts_out; }
function do_showresults($searchid, $pagenumber = 1, $perpage = 25) { global $vbulletin, $db, $show, $vbphrase, $current_user, $show; $vbulletin->options['threadpreview'] = FR_PREVIEW_LEN; $vbulletin->input->clean_array_gpc('r', array('previewtype' => TYPE_INT)); $previewtype = $vbulletin->GPC['previewtype']; if (!$previewtype) { $previewtype = 1; } $bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); // Get exclude IDs $exclude_ids = @explode(',', $vbulletin->options['forumrunner_exclude']); if (in_array('-1', $exclude_ids)) { $exclude_ids = array(); } if ($results = vB_Search_Results::create_from_searchid($current_user, $searchid)) { $pages = $results->get_page($pagenumber, $perpage, 10000); } else { $pages = array(); } if (count($pages) == 0) { $threads[]['error'] = strip_tags(fetch_error('searchnoresults', '')); return array('threads' => $threads, 'total_threads' => count($threads)); } $thread_data = array(); $skipped = 0; foreach ($pages as $item) { switch (get_class($item)) { case 'vBForum_Search_Result_Thread': $thread = $item->get_thread(); $foruminfo = fetch_foruminfo($thread->get_field('forumid')); $parentlist = explode(',', substr($foruminfo['parentlist'], 0, -3)); $skip = false; foreach ($parentlist as $parent_id) { if (in_array($parent_id, $exclude_ids)) { $skip = true; } } if ($thread->get_field('visible') == 2) { $skip = true; } if ($skip) { $skipped++; continue; } $lastread = $thread->get_forum()->get_last_read_by_current_user($current_user); $legacy_thread = process_thread_array($thread->get_record(), $lastread); $date = vbdate($vbulletin->options['dateformat'], $thread->get_field('lastpost')); $time = vbdate($vbulletin->options['timeformat'], $thread->get_field('lastpost')); $previewinfo = $db->query_first_slave("\n\t\tSELECT *\n\t\tFROM " . TABLE_PREFIX . "post\n\t\tWHERE postid = " . $thread->get_field($previewtype == 1 ? 'firstpostid' : 'lastpostid') . "\n\t "); $preview = ''; if (method_exists($bbcode_parser, 'get_preview')) { $preview = $bbcode_parser->get_preview(fetch_censored_text($previewinfo['pagetext']), 200); } else { // vB4 prior to vB4.0.4 did not have get_preview() list($text, $nuked_quotes, $images) = parse_post($previewinfo['pagetext'], true, array()); $preview = preview_chop(fetch_censored_text($nuked_quotes), 200); } $avatarurl = ''; if ($previewinfo['userid'] > 0) { $userinfoavatar = fetch_userinfo($previewinfo['userid'], FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfoavatar, true, false); if ($userinfoavatar['avatarurl'] != '') { $avatarurl = process_avatarurl($userinfoavatar['avatarurl']); } unset($userinfoavatar); } $tmp = array('thread_id' => $thread->get_field('threadid'), 'new_posts' => $show['gotonewpost'], 'forum_id' => $thread->get_field('forumid'), 'total_posts' => $thread->get_field('replycount'), 'forum_title' => prepare_utf8_string(strip_tags($foruminfo['title'])), 'thread_title' => prepare_utf8_string(strip_tags($thread->get_field('title'))), 'thread_preview' => prepare_utf8_string(preview_chop(strip_tags(strip_bbcode(html_entity_decode($preview))), FR_PREVIEW_LEN)), 'post_userid' => $previewinfo['userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($date) . ' ' . $time), 'post_username' => prepare_utf8_string(strip_tags($previewinfo['username']))); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } if ($thread->get_field('prefixid')) { $prefixid = $thread->get_field('prefixid'); $tmp['prefix'] = prepare_utf8_string(strip_tags($vbphrase["prefix_{$prefixid}_title_plain"])); } if ($thread->get_field('attach')) { $tmp['attach'] = true; } if ($thread->get_field('pollid')) { $tmp['poll'] = true; } $thread_data[] = $tmp; break; case 'vBForum_Search_Result_Post': $post = $item->get_post(); $thread = $post->get_thread(); $foruminfo = fetch_foruminfo($thread->get_field('forumid')); $parentlist = explode(',', substr($foruminfo['parentlist'], 0, -3)); $skip = false; foreach ($parentlist as $parent_id) { if (in_array($parent_id, $exclude_ids)) { $skip = true; } } if ($post->get_field('visible') == 2) { $skip = true; } if ($skip) { $skipped++; continue; } $date = vbdate($vbulletin->options['dateformat'], $post->get_field('dateline')); $time = vbdate($vbulletin->options['timeformat'], $post->get_field('dateline')); $avatarurl = ''; if ($post->get_field('userid') > 0) { $userinfoavatar = fetch_userinfo($post->get_field('userid'), FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfoavatar, true, false); if ($userinfoavatar['avatarurl'] != '') { $avatarurl = process_avatarurl($userinfoavatar['avatarurl']); } unset($userinfoavatar); } $tmp = array('thread_id' => $post->get_field('threadid'), 'post_id' => $post->get_field('postid'), 'jump_to_post' => 1, 'forum_id' => $thread->get_field('forumid'), 'forum_title' => prepare_utf8_string(strip_tags($foruminfo['title'])), 'thread_title' => prepare_utf8_string(strip_tags($thread->get_field('title'))), 'thread_preview' => prepare_utf8_string(preview_chop(htmlspecialchars_uni(fetch_censored_text(strip_bbcode(strip_quotes(html_entity_decode($post->get_field('pagetext'))), false, true))), FR_PREVIEW_LEN)), 'post_userid' => $post->get_field('userid'), 'post_lastposttime' => prepare_utf8_string(date_trunc($date) . ' ' . $time), 'post_username' => prepare_utf8_string(strip_tags($post->get_field('username')))); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } if ($thread->get_field('prefixid')) { $prefixid = $thread->get_field('prefixid'); $tmp['prefix'] = prepare_utf8_string(strip_tags($vbphrase["prefix_{$prefixid}_title_plain"])); } if ($post->get_field('attach')) { $tmp['attach'] = true; } $thread_data[] = $tmp; break; } } $out = array(); if (is_array($thread_data) && count($thread_data) > 0) { $out['threads'] = $thread_data; $out['total_threads'] = max($results->get_confirmed_count() - $skipped, 0); } else { $out['threads'] = array(); $out['total_threads'] = 0; } $out['searchid'] = $searchid; return $out; }
public function actionGetConversation() { $conversationid = $this->_input->filterSingle('conversationid', XenForo_Input::UINT); $signature = $this->_input->filterSingle('signature', XenForo_Input::UINT); $page = max($this->_input->filterSingle('page', XenForo_Input::UINT), 1); $perpage = $this->_input->filterSingle('perpage', XenForo_Input::UINT); if (!$perpage) { $perpage = XenForo_Application::get('options')->messagesPerPage; } $conversation_model = $this->_getConversationModel(); $session_model = $this->getModelFromCache('XenForo_Model_Session'); try { $conversation_info = $this->_getConversationOrError($conversationid); } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } $gotomessageid = 0; if ($page == FR_LAST_POST) { if (!$conversation_info['last_read_date']) { $page = 1; } else { if ($conversation_info['last_read_date'] >= $conversation_info['last_message_date']) { $first_unread = false; } else { $first_unread = $conversation_model->getNextMessageInConversation($conversationid, $conversation_info['last_read_date']); } if (!$first_unread || $first_unread['message_id'] == $conversation_info['last_message_id']) { $page = floor($conversation_info['reply_count'] / $perpage) + 1; $gotomessageid = $conversation_info['last_message_id']; } else { $before = $conversation_model->countMessagesBeforeDateInConversation($conversationid, $first_unread['message_date']); $page = floor($before / $perpage) + 1; $gotomessageid = $first_unread['message_id']; } } } $recipients = $conversation_model->getConversationRecipients($conversationid); $messages = $conversation_model->getConversationMessages($conversationid, array('page' => $page, 'perPage' => $perpage)); $max = $conversation_model->getMaximumMessageDate($messages); if ($max > $conversation_info['last_read_date']) { $conversation_model->markConversationAsRead($conversationid, XenForo_Visitor::getUserId(), $max, $conversation_info['last_message_date']); } $messages = $conversation_model->prepareMessages($messages, $conversation_info); $user_model = $this->getModelFromCache('XenForo_Model_User'); foreach ($messages as &$message) { $user = $user_model->getUserById($message['user_id']); $online_info = $session_model->getSessionActivityRecords(array('user_id' => $message['user_id'], 'cutOff' => array('>', $session_model->getOnlineStatusTimeout()))); $is_online = false; if (count($online_info) == 1) { $is_online = true; } list($text, $nuked_quotes, $images) = parse_post(fr_strip_smilies($this, XenForo_Helper_String::censorString($message['message'])), true); $fr_images = array(); foreach ($images as $image) { $fr_images[] = array('img' => $image); } $avatarurl = ''; if ($user !== false) { $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } } $out = array('post_id' => $message['message_id'], 'thread_id' => $message['conversation_id'], 'username' => prepare_utf8_string(strip_tags($message['username'])), 'joindate' => prepare_utf8_string(XenForo_Locale::date($message['register_date'], 'absolute')), 'usertitle' => XenForo_Template_Helper_Core::helperUserTitle($user), 'numposts' => $user ? $user['message_count'] : 0, 'userid' => $message['user_id'], 'online' => $is_online, 'post_timestamp' => prepare_utf8_string(XenForo_Locale::dateTime($message['message_date'], 'absolute')), 'fr_images' => $fr_images, 'text' => $text, 'quotable' => $nuked_quotes); if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } if ($signature) { $sig = trim(strip_tags(remove_bbcode($message['signature'], true, true), '<a>')); $sig = str_replace(array("\t", "\r"), array('', ''), $sig); $sig = str_replace("\n\n", "\n", $sig); $out['sig'] = prepare_utf8_string($sig); } $message_data[] = $out; } $out = array('posts' => $message_data, 'total_posts' => $conversation_info['reply_count'] + 1, 'page' => $page, 'canattach' => false, 'canpost' => true, 'title' => prepare_utf8_string(XenForo_Helper_String::censorString($conversation_info['title'])), 'thread_link' => process_avatarurl(XenForo_Link::buildPublicLink('conversations', $conversation_info))); if ($gotomessageid) { $out['gotopostid'] = $gotomessageid; } $r = array_values($conversation_model->getConversationRecipients($conversationid)); $recipients = ''; for ($i = 0; $i < count($r); $i++) { if ($i != 0) { $recipients .= ', '; } $recipients .= prepare_utf8_string(strip_tags($r[$i]['username'])); } $out['recipients'] = $recipients; return $out; }
function do_get_pm() { global $vbulletin, $db; require_once DIR . '/includes/class_postbit.php'; require_once DIR . '/includes/functions_bigthree.php'; $vbulletin->input->clean_array_gpc('r', array('pmid' => TYPE_UINT, 'showhistory' => TYPE_BOOL)); ($hook = vBulletinHook::fetch_hook('private_showpm_start')) ? eval($hook) : false; $pm = $db->query_first_slave("\n\t\tSELECT\n\t\t\tpm.*, pmtext.*,\n\t\t\t" . iif($vbulletin->options['privallowicons'], "icon.title AS icontitle, icon.iconpath,") . "\n\t\t\tIF(ISNULL(pmreceipt.pmid), 0, 1) AS receipt, pmreceipt.readtime, pmreceipt.denied,\n\t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight\n\t\tFROM " . TABLE_PREFIX . "pm AS pm\n\t\tLEFT JOIN " . TABLE_PREFIX . "pmtext AS pmtext ON(pmtext.pmtextid = pm.pmtextid)\n\t\t" . iif($vbulletin->options['privallowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = pmtext.iconid)") . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "pmreceipt AS pmreceipt ON(pmreceipt.pmid = pm.pmid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = pmtext.fromuserid)\n\t\tWHERE pm.userid=" . $vbulletin->userinfo['userid'] . " AND pm.pmid=" . $vbulletin->GPC['pmid'] . "\n\t"); if (!$pm) { json_error(strip_tags(fetch_error('invalidid', $vbphrase['private_message'], $vbulletin->options['contactuslink']))); } $folderjump = construct_folder_jump(0, $pm['folderid']); // do read receipt $show['receiptprompt'] = $show['receiptpopup'] = false; if ($pm['receipt'] == 1 and $pm['readtime'] == 0 and $pm['denied'] == 0) { if ($permissions['pmpermissions'] & $vbulletin->bf_ugp_pmpermissions['candenypmreceipts']) { // set it to denied just now as some people might have ad blocking that stops the popup appearing $show['receiptprompt'] = $show['receiptpopup'] = true; $receipt_question_js = addslashes_js(construct_phrase($vbphrase['x_has_requested_a_read_receipt'], unhtmlspecialchars($pm['fromusername'])), '"'); $db->shutdown_query("UPDATE " . TABLE_PREFIX . "pmreceipt SET denied = 1 WHERE pmid = {$pm['pmid']}"); } else { // they can't deny pm receipts so do not show a popup or prompt $db->shutdown_query("UPDATE " . TABLE_PREFIX . "pmreceipt SET readtime = " . TIMENOW . " WHERE pmid = {$pm['pmid']}"); } } else { if ($pm['receipt'] == 1 and $pm['denied'] == 1) { $show['receiptprompt'] = true; } } $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $postbit_obj =& $postbit_factory->fetch_postbit('pm'); $pm_postbit = $pm; $postbit = $postbit_obj->construct_postbit($pm_postbit); // update message to show read if ($pm['messageread'] == 0) { $db->shutdown_query("UPDATE " . TABLE_PREFIX . "pm SET messageread=1 WHERE userid=" . $vbulletin->userinfo['userid'] . " AND pmid={$pm['pmid']}"); if ($pm['folderid'] >= 0) { $userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdm->set_existing($vbulletin->userinfo); $userdm->set('pmunread', 'IF(pmunread >= 1, pmunread - 1, 0)', false); $userdm->save(true, true); unset($userdm); } } $cclist = array(); $bcclist = array(); $ccrecipients = ''; $bccrecipients = ''; $touser = unserialize($pm['touserarray']); if (!is_array($touser)) { $touser = array(); } foreach ($touser as $key => $item) { if (is_array($item)) { foreach ($item as $subkey => $subitem) { $userinfo = array('userid' => $subkey, 'username' => $subitem); $templater = vB_Template::create('pm_messagelistbit_user'); $templater->register('userinfo', $userinfo); ${$key . 'list'}[] = $templater->render(); } } else { $userinfo = array('username' => $item, 'userid' => $key); $templater = vB_Template::create('pm_messagelistbit_user'); $templater->register('userinfo', $userinfo); $bcclist[] = $templater->render(); } } if (count($cclist) > 1 or is_array($touser['cc']) and !in_array($vbulletin->userinfo['username'], $touser['cc']) or $vbulletin->userinfo['userid'] == $pm['fromuserid'] and $pm['folderid'] == -1) { if (!empty($cclist)) { $ccrecipients = implode("\r\n", $cclist); } if (!empty($bcclist) and $vbulletin->userinfo['userid'] == $pm['fromuserid'] and $pm['folderid'] == -1) { if (empty($cclist) and count($bcclist == 1)) { $ccrecipients = implode("\r\n", $bcclist); } else { $bccrecipients = implode("\r\n", $bcclist); } } $show['recipients'] = true; } $pm['senddate'] = vbdate($vbulletin->options['dateformat'], $pm['dateline']); $pm['sendtime'] = vbdate($vbulletin->options['timeformat'], $pm['dateline']); list($text, $nuked_quotes, $images) = parse_post($pm['message'], $vbulletin->options['privallowsmilies'] && $usesmiles); $fr_images = array(); foreach ($images as $image) { $fr_images[] = array('img' => $image); } // Avatar work $avatarurl = ''; if ($pm_postbit['avatarurl']) { $avatarurl = process_avatarurl($pm_postbit['avatarurl']); } $to_users = unserialize($pm['touserarray']); $users = array(); if ($to_users !== false) { if ($to_users['cc']) { $users = $to_users['cc']; } else { $users = $to_users; } } $out = array('id' => $pm['pmid'], 'pm_unread' => $pm['messageread'] == 0, 'username' => prepare_utf8_string(strip_tags($pm['fromusername'])), 'to_usernames' => prepare_utf8_string(implode('; ', $users)), 'userid' => $pm['fromuserid'], 'title' => prepare_utf8_string($pm['title']), 'online' => fetch_online_status(fetch_userinfo($pm['fromuserid']), false), 'message' => $text, 'quotable' => $nuked_quotes, 'fr_images' => $fr_images, 'pm_timestamp' => prepare_utf8_string(date_trunc($pm['senddate'] . ' ' . $pm['sendtime']))); if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } return $out; }
function do_online() { global $vbulletin, $db; $showmembers = true; $showguests = true; $showspiders = true; $datecut = TIMENOW - $vbulletin->options['cookietimeout']; $wol_event = array(); $wol_pm = array(); $wol_calendar = array(); $wol_user = array(); $wol_forum = array(); $wol_link = array(); $wol_thread = array(); $wol_post = array(); $sqlsort = 'user.username'; $sortfield = 'username'; $hook_query_fields = $hook_query_joins = $hook_query_where = ''; ($hook = vBulletinHook::fetch_hook('online_query')) ? eval($hook) : false; $allusers = $db->query_read_slave("\n\tSELECT\n\t user.username, session.useragent, session.location, session.lastactivity, user.userid, user.options, session.host, session.badlocation, session.incalendar, user.aim, user.icq, user.msn, user.yahoo, user.skype,\n\t IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n\t{$hook_query_fields}\n\tFROM " . TABLE_PREFIX . "session AS session\n\t" . iif($vbulletin->options['WOLguests'], " LEFT JOIN " . TABLE_PREFIX . "user AS user USING (userid) ", ", " . TABLE_PREFIX . "user AS user") . "\n\t{$hook_query_joins}\n\tWHERE session.lastactivity > {$datecut}\n\t" . iif(!$vbulletin->options['WOLguests'], " AND session.userid = user.userid", "") . "\n\t{$hook_query_where}\n\tORDER BY {$sqlsort} {$sortorder}\n "); require_once DIR . '/includes/class_postbit.php'; while ($users = $db->fetch_array($allusers)) { if ($users['userid']) { // Reg'd Member if (!$showmembers) { continue; } $users = array_merge($users, convert_bits_to_array($users['options'], $vbulletin->bf_misc_useroptions)); $key = $users['userid']; if ($key == $vbulletin->userinfo['userid']) { // in case this is the first view for the user, fake it that show up to themself $foundviewer = true; } if (empty($userinfo["{$key}"]['lastactivity']) or $userinfo["{$key}"]['lastactivity'] < $users['lastactivity']) { unset($userinfo["{$key}"]); // need this to sort by lastactivity $userinfo["{$key}"] = $users; fetch_musername($users); $userinfo["{$key}"]['musername'] = $users['musername']; $userinfo["{$key}"]['useragent'] = htmlspecialchars_uni($users['useragent']); $userinfoavatar = fetch_userinfo($key, FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfoavatar, true, false); if ($userinfoavatar['avatarurl'] != '') { $userinfo["{$key}"]['avatarurl'] = process_avatarurl($userinfoavatar['avatarurl']); } unset($userinfoavatar); if ($users['invisible']) { if ($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehidden'] or $key == $vbulletin->userinfo['userid']) { $userinfo["{$key}"]['hidden'] = '*'; $userinfo["{$key}"]['invisible'] = 0; } } if ($vbulletin->options['WOLresolve'] and $permissions['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlineip']) { $userinfo["{$key}"]['host'] = @gethostbyaddr($users['host']); } $userinfo["{$key}"]['buddy'] = $buddy["{$key}"]; } } else { // Guest or Spider.. $spider = ''; if ($vbulletin->options['enablespiders'] and !empty($vbulletin->wol_spiders)) { if (preg_match('#(' . $vbulletin->wol_spiders['spiderstring'] . ')#si', $users['useragent'], $agent)) { $agent = strtolower($agent[1]); // Check ip address if (!empty($vbulletin->wol_spiders['agents']["{$agent}"]['lookup'])) { $ourip = ip2long($users['host']); foreach ($vbulletin->wol_spiders['agents']["{$agent}"]['lookup'] as $key => $ip) { if ($ip['startip'] and $ip['endip']) { if ($ourip >= $ip['startip'] and $ourip <= $ip['endip']) { $spider = $vbulletin->wol_spiders['agents']["{$agent}"]; break; } } else { if ($ip['startip'] == $ourip) { $spider = $vbulletin->wol_spiders['agents']["{$agent}"]; break; } } } } else { $spider = $vbulletin->wol_spiders['agents']["{$agent}"]; } } } if ($spider) { if (!$showspiders) { continue; } $guests["{$count}"] = $users; $guests["{$count}"]['spider'] = $spider['name']; $guests["{$count}"]['spidertype'] = $spider['type']; } else { if (!$showguests) { continue; } $guests["{$count}"] = $users; } $guests["{$count}"]['username'] = $vbphrase['guest']; $guests["{$count}"]['invisible'] = 0; $guests["{$count}"]['displaygroupid'] = 1; fetch_musername($guests["{$count}"]); if ($vbulletin->options['WOLresolve'] and $permissions['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlineip']) { $guests["{$count}"]['host'] = @gethostbyaddr($users['host']); } $guests["{$count}"]['count'] = $count + 1; $guests["{$count}"]['useragent'] = htmlspecialchars_uni($users['useragent']); $count++; ($hook = vBulletinHook::fetch_hook('online_user')) ? eval($hook) : false; } } $online_users = array(); if (is_array($userinfo)) { foreach ($userinfo as $userid => $user) { if ($user['invisible']) { continue; } $tmp = array('userid' => $userid, 'username' => prepare_utf8_string(strip_tags($user['username']))); if ($user['userid'] == $vbulletin->userinfo['userid']) { $tmp['me'] = true; } if ($user['avatarurl'] != '') { $tmp['avatarurl'] = $user['avatarurl']; } $online_users[] = $tmp; } } $numguests = 0; if (is_array($guests)) { $numguests = count($guests); } return array('users' => $online_users, 'num_guests' => $numguests); }
private function processSearch(&$search) { $vals = $this->_input->filter(array('page' => XenForo_Input::UINT, 'perpage' => XenForo_Input::UINT, 'previewtype' => XenForo_Input::UINT, 'starteronly' => XenForo_Input::UINT)); $vals['page'] = max($vals['page'], 1); $vals['perpage'] = min(XenForo_Application::get('options')->discussionsPerPage, $vals['perpage']); if (!$vals['perpage']) { $vals['perpage'] = XenForo_Application::get('options')->discussionsPerPage; } if (!$vals['previewtype']) { $vals['previewtype'] = 2; } if ($vals['starteronly']) { $vals['previewtype'] = 1; } $search_model = $this->_getSearchModel(); $search_id = $search['search_id']; $resultids = $search_model->sliceSearchResultsToPage($search, $vals['page'], $vals['perpage']); $results = $search_model->getSearchResultsForDisplay($resultids); if (!$results) { return $this->sendError(new XenForo_Phrase('no_results_found')); } $post_model = $this->getModelFromCache('XenForo_Model_Post'); $user_model = $this->getModelFromCache('XenForo_Model_User'); $thread_data = array(); $preview_length = XenForo_Application::get('options')->discussionPreviewLength; foreach ($results['results'] as $result) { $thread = $result['content']; $is_post = $result['content_type'] == 'post'; if ($is_post) { $post = $post_model->getPostById($thread['post_id'], array('join' => XenForo_Model_Post::FETCH_USER)); } else { $post = $post_model->getPostById($thread[$vals['previewtype'] == 1 ? 'first_post_id' : 'last_post_id'], array('join' => XenForo_Model_Post::FETCH_USER)); } $preview = ''; if ($preview_length) { $preview = preview_chop(XenForo_Helper_String::bbCodeStrip(XenForo_Helper_String::censorString($thread['message']), true), $preview_length); } $out = array('thread_id' => $thread['thread_id'], 'new_posts' => $thread['isNew'], 'forum_id' => $thread['node_id'], 'total_posts' => $thread['reply_count'] + 1, 'forum_title' => prepare_utf8_string(strip_tags($thread['node_title'])), 'thread_title' => prepare_utf8_string(XenForo_Helper_String::censorString($thread['title']))); if ($is_post) { $out += array('post_id' => $thread['post_id'], 'jump_to_post' => 1, 'post_username' => prepare_utf8_string(strip_tags($thread['username'])), 'post_userid' => $thread['user_id'], 'post_lastposttime' => prepare_utf8_string(XenForo_Locale::dateTime($thread['post_date'], 'absolute'))); } else { if ($vals['previewtype'] == 1) { $out += array('post_username' => prepare_utf8_string(strip_tags($thread['username'])), 'post_userid' => $thread['user_id']); } else { $out += array('post_username' => prepare_utf8_string(strip_tags($thread['last_post_username'])), 'post_userid' => $thread['last_post_user_id']); } $out['post_lastposttime'] = prepare_utf8_string(XenForo_Locale::dateTime($thread['last_post_date'], 'absolute')); } $user = $user_model->getUserById($out['post_userid']); if ($user !== false) { $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } } if ($preview != '') { $out['thread_preview'] = prepare_utf8_string(html_entity_decode($preview)); } if ($thread['discussion_type'] == 'poll') { $out['poll'] = true; } if ($thread['prefix_id']) { $phrase = new XenForo_Phrase('thread_prefix_' . $thread['prefix_id']); $out['prefix'] = prepare_utf8_string(strip_tags($phrase->render(false))); } $thread_data[] = $out; } $out = array('threads' => $thread_data, 'total_threads' => $search['result_count'], 'searchid' => $search_id); return $out; }
function do_get_announcement() { global $vbulletin, $db, $foruminfo; if (empty($foruminfo['forumid'])) { json_error(ERR_INVALID_FORUM); } $usesmilies = false; // begin vbulletin $forumlist = ''; if ($announcementinfo['forumid'] > -1 or $vbulletin->GPC['forumid']) { $foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 1, 1); $curforumid = $foruminfo['forumid']; $forumperms = fetch_permissions($foruminfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { json_error(ERR_NO_PERMISSION); } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); $forumlist = fetch_forum_clause_sql($foruminfo['forumid'], 'announcement.forumid'); } else { if (!$announcementinfo['announcementid']) { json_error(ERR_INVALID_ANNOUNCEMENT); } } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $announcements = $db->query_read_slave("\n\t\tSELECT announcement.announcementid, announcement.announcementid AS postid, startdate, enddate, announcement.title, pagetext, announcementoptions, views, announcement.pagetext,\n\t\t\tuser.*, userfield.*, usertextfield.*,\n\t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t" . ($vbulletin->userinfo['userid'] ? ", NOT ISNULL(announcementread.announcementid) AS readannouncement" : "") . "\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "announcement AS announcement\n\t\t" . ($vbulletin->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "announcementread AS announcementread ON(announcementread.announcementid = announcement.announcementid AND announcementread.userid = " . $vbulletin->userinfo['userid'] . ")" : "") . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = announcement.userid)\n\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid=user.avatarid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid=announcement.userid)" : "") . "\n\t\t{$hook_query_joins}\n\t\tWHERE\n\t\t\t" . ($vbulletin->GPC['announcementid'] ? "announcement.announcementid = " . $vbulletin->GPC['announcementid'] : "startdate <= " . TIMENOW . " AND enddate >= " . TIMENOW . " " . (!empty($forumlist) ? "AND {$forumlist}" : "")) . "\n\t\t\t{$hook_query_where}\n\t\tORDER BY startdate DESC, announcementid DESC\n\t"); if ($db->num_rows($announcements) == 0) { // no announcements json_error(ERR_INVALID_ANNOUNCEMENT); } if (!$vbulletin->options['oneannounce'] and $vbulletin->GPC['announcementid'] and !empty($forumlist)) { $anncount = $db->query_first_slave("\n\t\t\tSELECT COUNT(*) AS total\n\t\t\tFROM " . TABLE_PREFIX . "announcement AS announcement\n\t\t\tWHERE startdate <= " . TIMENOW . "\n\t\t\t\tAND enddate >= " . TIMENOW . "\n\t\t\t\tAND {$forumlist}\n\t\t"); $anncount['total'] = intval($anncount['total']); $show['viewall'] = $anncount['total'] > 1 ? true : false; } else { $show['viewall'] = false; } require_once DIR . '/includes/class_postbit.php'; $show['announcement'] = true; $counter = 0; $anncids = array(); $announcebits = ''; $announceread = array(); $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); while ($post = $db->fetch_array($announcements)) { $postbit_obj =& $postbit_factory->fetch_postbit('announcement'); $post['counter'] = ++$counter; $postbit_obj->construct_postbit($post); $anncids[] = $post['announcementid']; $announceread[] = "({$post['announcementid']}, " . $vbulletin->userinfo['userid'] . ")"; // FRNR start $fr_images = array(); $docattach = array(); // Attachments (images). if (is_array($post['attachments']) && count($post['attachments']) > 0) { foreach ($post['attachments'] as $attachment) { $lfilename = strtolower($attachment['filename']); if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) { $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']); if ($vbulletin->options['attachthumbs']) { $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1'; } $fr_images[] = $tmp; } if (strpos($lfilename, '.pdf') !== false) { $docattach[] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']; } } } // Parse the post for quotes and inline images list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $usesmilies, $attachments); if (count($fr_images) > 0) { $text .= "<br/>"; foreach ($fr_images as $attachment) { $text .= "<img src=\"{$attachment['img']}\"/>"; } } foreach ($images as $image) { $fr_images[] = array('img' => $image); } // Avatar work $avatarurl = ''; if ($post['avatarurl']) { $avatarurl = process_avatarurl($post['avatarurl']); } $tmp = array('username' => prepare_utf8_string(strip_tags($post['username'])), 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'text' => $text, 'post_timestamp' => prepare_utf8_string(date_trunc($post['startdate'])), 'fr_images' => $fr_images); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } $posts_out[] = $tmp; } if (!empty($anncids)) { $db->shutdown_query("\n\t\t\tUPDATE " . TABLE_PREFIX . "announcement\n\t\t\tSET views = views + 1\n\t\t\tWHERE announcementid IN (" . implode(', ', $anncids) . ")\n\t\t"); if ($vbulletin->userinfo['userid']) { $db->shutdown_query("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "announcementread\n\t\t\t\t\t(announcementid, userid)\n\t\t\t\tVALUES\n\t\t\t\t\t" . implode(', ', $announceread) . "\n\t\t\t"); } } if (!is_array($posts_out)) { $posts_out = array(); } return array('posts' => $posts_out, 'total_posts' => count($posts_out)); }
private function processThreads(&$threads, $previewtype) { $thread_data = array(); $thread_model = $this->_getThreadModel(); $post_model = $this->getModelFromCache('XenForo_Model_Post'); $preview_length = XenForo_Application::get('options')->discussionPreviewLength; foreach ($threads as &$thread) { // For each thread, get the first post/last post information as requested by user if ($thread_model->isRedirect($thread)) { // Redirect thread XXX RKJ continue; } $out = array('thread_id' => $thread['thread_id'], 'new_posts' => $thread['isNew'], 'forum_id' => $thread['node_id'], 'total_posts' => $thread['reply_count'] + 1, 'thread_title' => prepare_utf8_string(strip_tags($thread['title'])), 'post_lastposttime' => prepare_utf8_string(XenForo_Locale::dateTime($thread['last_post_date']))); if ($previewtype == 1) { $out += array('post_username' => prepare_utf8_string(strip_tags($thread['username'])), 'post_userid' => $thread['user_id']); } else { $out += array('post_username' => prepare_utf8_string(strip_tags($thread['last_post_username'])), 'post_userid' => $thread['last_post_user_id']); } $post = $post_model->getPostById($thread[$previewtype == 1 ? 'first_post_id' : 'last_post_id'], array('join' => XenForo_Model_Post::FETCH_USER)); $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($post, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } $preview = ''; if ($preview_length) { $preview = preview_chop(XenForo_Helper_String::bbCodeStrip($post['message'], true), $preview_length); } if ($preview != '') { $out['thread_preview'] = prepare_utf8_string(html_entity_decode($preview)); } if ($thread['discussion_type'] == 'poll') { $out['poll'] = true; } if ($thread['prefix_id'] && isset($this->_prefixes[$thread['prefix_id']])) { $out['prefix'] = prepare_utf8_string(strip_tags($this->_prefixes[$thread['prefix_id']])); } $thread_data[] = $out; } return $thread_data; }
public function actionGetThread() { $threadid = $this->_input->filterSingle('threadid', XenForo_Input::UINT); $postid = $this->_input->filterSingle('postid', XenForo_Input::UINT); $signature = $this->_input->filterSingle('signature', XenForo_Input::UINT); $page = max($this->_input->filterSingle('page', XenForo_Input::UINT), 1); $perpage = $this->_input->filterSingle('perpage', XenForo_Input::UINT); if (!$perpage) { $perpage = XenForo_Application::get('options')->messagesPerPage; } $visitor = XenForo_Visitor::getInstance(); $user_model = $this->getModelFromCache('XenForo_Model_User'); $thread_model = $this->_getThreadModel(); $post_model = $this->_getPostModel(); $forum_model = $this->_getForumModel(); $session_model = $this->getModelFromCache('XenForo_Model_Session'); $helper = $this->getHelper('ForumThreadPost'); $post_helper = new ForumRunner_ControllerHelper_Post($this); try { list($thread_info, $forum_info) = $helper->assertThreadValidAndViewable($threadid, array('readUserId' => $visitor['user_id'], 'watchUserId' => $visitor['user_id']), array('readUserId' => $visitor['user_id'])); } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } $gotopostid = 0; if ($page == FR_LAST_POST) { // Figure out our last post page and post id $options = $post_model->getPermissionBasedPostFetchOptions($thread_info, $forum_info); $read_date = $thread_model->getMaxThreadReadDate($thread_info, $forum_info); $first_unread = $post_model->getNextPostInThread($threadid, $read_date, $options); if (!$first_unread) { $first_unread = $post_model->getLastPostInThread($threadid, $options); } if ($first_unread) { $page = floor($first_unread['position'] / $perpage) + 1; $gotopostid = $first_unread['post_id']; } else { $page = 1; } } else { if ($postid) { try { list($tpost, $tthread, $tforum) = $helper->assertPostValidAndViewable($postid); } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } $page = floor($tpost['position'] / $perpage) + 1; $gotopostid = $postid; } } if ($thread_model->isRedirect($thread_info)) { // Redirect thread! XXX RKJ } $this->canonicalizePageNumber($page, $perpage, $thread_info['reply_count'] + 1, 'threads', $thread_info); $post_options = array_merge($post_model->getPermissionBasedPostFetchOptions($thread_info, $forum_info), array('perPage' => $perpage, 'page' => $page, 'join' => XenForo_Model_Post::FETCH_USER | XenForo_Model_Post::FETCH_USER_PROFILE | XenForo_Model_Post::FETCH_FORUM, 'likeUserId' => $visitor['user_id'])); if (!empty($post_options['deleted'])) { $post_options['join'] |= XenForo_Model_Post::FETCH_DELETION_LOG; } $posts = $post_model->getPostsInThread($threadid, $post_options); $posts = $post_model->getAndMergeAttachmentsIntoPosts($posts); $mod = array(); $perms = $visitor->getNodePermissions($thread_info['node_id']); $thread_mod = $thread_model->addInlineModOptionToThread($thread_info, $forum_info, $perms); $max_post_date = $first_unread = $deleted = $moderated = 0; foreach ($posts as &$post) { $post_mod = $post_model->addInlineModOptionToPost($post, $thread_info, $forum_info, $perms); $mod = array_merge($mod, $post_mod); $post = $post_model->preparePost($post, $thread_info, $forum_info, $perms); if ($post['post_date'] > $max_post_date) { $max_post_date = $post['post_date']; } if ($post['isDeleted']) { $deleted++; } if ($post['isModerated']) { $moderated++; } if (!$first_unread && $post['isNew']) { $first_unread = $post['post_id']; } } $thread_model->markThreadRead($thread_info, $forum_info, $max_post_date, $visitor['user_id']); fr_update_subsent($thread_info['thread_id'], $max_post_date); $thread_model->logThreadView($threadid); $post_data = array(); foreach ($posts as &$post) { $user = $user_model->getUserById($post['user_id']); $online_info = $session_model->getSessionActivityRecords(array('user_id' => $post['user_id'], 'cutOff' => array('>', $session_model->getOnlineStatusTimeout()))); $is_online = false; if (count($online_info) == 1) { $is_online = true; } $fr_images = $docattach = array(); if (isset($post['attachments']) && is_array($post['attachments'])) { foreach ($post['attachments'] as $attachment) { $ext = strtolower($attachment['extension']); $link = XenForo_Link::buildPublicLink('attachments', $attachment); if ($ext == 'jpe' || $ext == 'jpeg' || $ext == 'png' || $ext == 'gif' || $ext == 'jpg') { $data = array('img' => fr_get_xenforo_bburl() . '/' . $link); if ($attachment['thumbnailUrl']) { $data['tmb'] = fr_get_xenforo_bburl() . '/' . $attachment['thumbnailUrl']; } $fr_images[] = $data; } else { if ($ext == 'pdf') { $docattach[] = fr_get_xenforo_bburl() . '/' . $link; } } } } list($text, $nuked_quotes, $images) = parse_post(fr_strip_smilies($this, XenForo_Helper_String::censorString($post['message'])), true); if (count($fr_images) > 0) { $text .= "<br/>"; foreach ($fr_images as $attachment) { $text .= "<img src=\"{$attachment['img']}\"/>"; } } foreach ($images as $image) { $fr_images[] = array('img' => $image); } $avatarurl = ''; if ($user !== false) { $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } } $post_page = floor($post['position'] / XenForo_Application::get('options')->messagesPerPage) + 1; $out = array('post_id' => $post['post_id'], 'thread_id' => $post['thread_id'], 'forum_id' => $post['node_id'], 'forum_title' => prepare_utf8_string(strip_tags($post['node_title'])), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string(XenForo_Locale::date($post['register_date'], 'absolute')), 'usertitle' => strip_tags(XenForo_Template_Helper_Core::helperUserTitle($user)), 'numposts' => $user ? $user['message_count'] : 0, 'userid' => $post['user_id'], 'canlike' => $post['canLike'] ? true : false, 'likes' => $post['like_date'] > 0 ? true : false, 'title' => prepare_utf8_string(XenForo_Helper_String::censorString($post['title'])), 'online' => $is_online, 'post_timestamp' => prepare_utf8_string(XenForo_Locale::dateTime($post['post_date'], 'absolute')), 'post_link' => fr_get_xenforo_bburl() . '/' . XenForo_Link::buildPublicLink('threads', $thread_info, array('page' => $post_page)) . '#post-' . $post['post_id'], 'fr_images' => $fr_images); if ($post['canDelete']) { $out['candelete'] = true; } if ($post['likes']) { $out['likestext'] = prepare_utf8_string($post_helper->likesHtml($post['post_id'], $post['likes'], $post['like_date'], $post['likeUsers'])); $like_users = ''; for ($i = 0; $i < count($post['likeUsers']); $i++) { if ($i != 0) { $like_users .= ', '; } $like_users .= $post['likeUsers'][$i]['username']; } $out['likesusers'] = prepare_utf8_string($like_users); } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } if ($post['message_state'] == 'deleted') { $out += array('deleted' => true, 'del_username' => prepare_utf8_string(strip_tags($post['delete_username']))); if ($post['delete_reason']) { $out['del_reason'] = prepare_utf8_string($post['delete_reason']); } } else { if ($post['canEdit']) { $out += array('canedit' => $post['canEdit']); } $out += array('text' => $text, 'quotable' => $nuked_quotes, 'edittext' => prepare_utf8_string($post['message'])); } if (count($docattach)) { $out['docattach'] = $docattach; } if ($signature) { $sig = trim(strip_tags(remove_bbcode($post['signature'], true, true), '<a>')); $sig = str_replace(array("\t", "\r"), array('', ''), $sig); $sig = str_replace("\n\n", "\n", $sig); $out['sig'] = prepare_utf8_string($sig); } $post_data[] = $out; } $out = array('posts' => $post_data, 'total_posts' => $thread_info['reply_count'] + 1, 'page' => $page, 'canpost' => $thread_model->canReplyToThread($thread_info, $forum_info), 'canattach' => $forum_model->canUploadAndManageAttachment($forum_info), 'title' => prepare_utf8_string(XenForo_Helper_String::censorString($thread_info['title'])), 'thread_link' => process_avatarurl(XenForo_Link::buildPublicLink('threads', $thread_info, array('page' => $page))), 'subscribed' => $thread_info['thread_is_watched'] ? 1 : 0); if ($gotopostid) { $out['gotopostid'] = $gotopostid; } if ($thread_info['discussion_type'] == 'poll') { $poll_model = $this->_getPollModel(); $poll = $poll_model->getPollByContent('thread', $threadid); if ($poll) { $out['pollid'] = $poll['poll_id']; } } $modbit = 0; if (isset($mod['delete']) && $mod['delete']) { $modbit |= MOD_DELETEPOST; } if ($thread_info['sticky'] && isset($thread_mod['unstick']) && $thread_mod['unstick']) { $modbit |= MOD_UNSTICK; } if (!$thread_info['sticky'] && isset($thread_mod['stick']) && $thread_mod['stick']) { $modbit |= MOD_STICK; } if (isset($thread_mod['delete']) && $thread_mod['delete']) { $modbit |= MOD_DELETETHREAD; } XenForo_Application::setDebugMode(true); if ($thread_info['discussion_open'] && isset($thread_mod['lock']) && $thread_mod['lock']) { $modbit |= MOD_CLOSE; } if (!$thread_info['discussion_open'] && isset($thread_mod['unlock']) && $thread_mod['unlock']) { $modbit |= MOD_OPEN; } if (isset($thread_mod['move']) && $thread_mod['move']) { $modbit |= MOD_MOVETHREAD; } if (XenForo_Permission::hasPermission($visitor['permissions'], 'general', 'cleanSpam')) { $modbit |= MOD_SPAM_CONTROLS; } $out['mod'] = $modbit; return $out; }
function do_get_profile() { global $vbulletin, $db, $show, $vbphrase, $permissions, $imodcache; $vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT)); if (!$vbulletin->userinfo['userid'] && !$vbulletin->GPC['userid']) { json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN); } if (!($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or !($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers'])) { json_error(ERR_NO_PERMISSION); } if (!$vbulletin->GPC['userid']) { $vbulletin->GPC['userid'] = $vbulletin->userinfo['userid']; } $fetch_userinfo_options = FETCH_USERINFO_AVATAR | FETCH_USERINFO_LOCATION | FETCH_USERINFO_PROFILEPIC | FETCH_USERINFO_SIGPIC | FETCH_USERINFO_USERCSS | FETCH_USERINFO_ISFRIEND; $userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, $fetch_userinfo_options); if ($userinfo['usergroupid'] == 4 and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) { json_error(ERR_NO_PERMISSION); } $posts = $userinfo['posts']; $joindate = vbdate($vbulletin->options['dateformat'], $userinfo['joindate']); $out = array('username' => html_entity_decode($userinfo['username']), 'online' => fetch_online_status($userinfo, false), 'avatar_upload' => $vbulletin->options['avatarenabled'] && $permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canuseavatar'], 'posts' => $posts, 'joindate' => $joindate); $avatarurl_info = fetch_avatar_url($userinfo['userid']); if ($avatarurl_info) { $out['avatarurl'] = process_avatarurl($avatarurl_info[0]); } cache_moderators(); $canbanuser = ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or can_moderate(0, 'canbanusers')); if ($canbanuser) { $out['ban'] = true; } $groups = array(); // About $out_group = array('name' => 'about', 'values' => array(array('name' => prepare_utf8_string($vbphrase['posts']), 'value' => strval(vb_number_format($userinfo['posts']))), array('name' => prepare_utf8_string($vbphrase['join_date']), 'value' => vbdate($vbulletin->options['dateformat'], $userinfo['joindate'])))); if (function_exists('itrader_user')) { itrader_user($userinfo); $out_group['values'][] = array('name' => 'iTrader', 'value' => vb_number_format($userinfo['tradescore']) . ', ' . $userinfo['tradepcnt'] . '%'); $out += array('itrader_score' => vb_number_format($userinfo['tradescore']), 'itrader_percent' => $userinfo['tradepcnt'] . '%'); } $groups[] = $out_group; $profileobj = new vB_UserProfile($vbulletin, $userinfo); $blockfactory = new vB_ProfileBlockFactory($vbulletin, $profileobj); $profileblock =& $blockfactory->fetch('ProfileFields'); $profileblock->build_field_data(false); $profile = $profileblock->categories[0]; // Additional information if (count($profile)) { $out_group = array('name' => 'additional'); foreach ($profile as $profilefield) { $field_value = $userinfo["field{$profilefield['profilefieldid']}"]; fetch_profilefield_display($profilefield, $field_value); if (!strlen(trim($field_value))) { continue; } $out_group['values'][] = array('name' => prepare_utf8_string($profilefield['title']), 'value' => prepare_utf8_string($profilefield['value'])); } if (count($out_group['values'])) { $groups[] = $out_group; } } $out['groups'] = $groups; return $out; }
public function actionGetPost() { // Whole function is an ugly hack. Revisit later. global $dependencies, $zresponse; $postid = $this->_input->filterSingle('postid', XenForo_Input::UINT); $type = $this->_input->filterSingle('type', XenForo_Input::STRING); $signature = $this->_input->filterSingle('signature', XenForo_Input::UINT); if (!$type || $type == '') { $type = 'html'; } $user_model = $this->getModelFromCache('XenForo_Model_User'); $session_model = $this->getModelFromCache('XenForo_Model_Session'); $thread_model = $this->getModelFromCache('XenForo_Model_Thread'); $forum_model = $this->getModelFromCache('XenForo_Model_Forum'); $attachment_model = $this->getModelFromCache('XenForo_Model_Attachment'); $helper = $this->getHelper('ForumThreadPost'); try { list($post, $thread, $forum) = $helper->assertPostValidAndViewable($postid); } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } $post_model = $this->_getPostModel(); $post = $post_model->getPostById($postid, array('join' => XenForo_Model_Post::FETCH_THREAD | XenForo_Model_Post::FETCH_FORUM | XenForo_Model_Post::FETCH_USER | XenForo_Model_Post::FETCH_USER_PROFILE)); $user = $user_model->getUserById($post['user_id']); $online_info = $session_model->getSessionActivityRecords(array('user_id' => $post['user_id'], 'cutOff' => array('>', $session_model->getOnlineStatusTimeout()))); $is_online = false; if (count($online_info) == 1) { $is_online = true; } $avatarurl = ''; if ($user !== false) { $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } } $attachments = $attachment_model->getAttachmentsByContentId('post', $postid); $message = fr_strip_smilies($this, $post['message']); list($text, $nuked_quotes, $images) = parse_post($message, true, array()); $image = ''; if ($type == 'html') { $css = <<<EOF <style type="text/css"> body { margin: 0; padding: 3; font: 13px Arial, Helvetica, sans-serif; } .alt2 { background-color: #e6edf5; font: 13px Arial, Helvetica, sans-serif; } html { -webkit-text-size-adjust: none; } </style> EOF; $formatter = XenForo_BbCode_Formatter_Base::create('ForumRunner_BbCode_Formatter_BbCode_Post', array('smilies' => XenForo_Application::get('smilies'))); $parser = new XenForo_BbCode_Parser($formatter); $html = $css . $parser->render($message); if ($signature && $post['signature']) { $html .= '<div style="border-top: 1px dashed grey; font-size: 9pt; margin-top: 5px; padding: 5px 0 0;">' . $parser->render(fr_strip_smilies($this, $post['signature'])) . '</div>'; } } else { if ($type == 'facebook') { $html = XenForo_Helper_String::censorString(XenForo_Helper_String::bbCodeStrip($message, true)); if (count($attachments)) { $attachments = array_values($attachments); $link = XenForo_Link::buildPublicLink('attachments', $attachments[0]); $image = fr_get_xenforo_bburl() . '/' . $link; } } } $post_page = floor($post['position'] / XenForo_Application::get('options')->messagesPerPage) + 1; $out = array('post_id' => $post['post_id'], 'thread_id' => $post['thread_id'], 'forum_id' => $post['node_id'], 'forum_title' => prepare_utf8_string(strip_tags($post['node_title'])), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string(XenForo_Locale::date($post['register_date'], 'absolute')), 'usertitle' => XenForo_Template_Helper_Core::helperUserTitle($user), 'numposts' => $user ? $user['message_count'] : 0, 'userid' => $post['user_id'], 'title' => prepare_utf8_string($post['title']), 'online' => $is_online, 'post_timestamp' => prepare_utf8_string(XenForo_Locale::dateTime($post['post_date'], 'absolute')), 'html' => prepare_utf8_string($html), 'quotable' => $nuked_quotes, 'canpost' => $thread_model->canReplyToThread($thread, $forum), 'canattach' => $forum_model->canUploadAndManageAttachment($forum), 'post_link' => fr_get_xenforo_bburl() . '/' . XenForo_Link::buildPublicLink('threads', $thread, array('page' => $post_page)) . '#post-' . $post['post_id']); if ($image != '') { $out['image'] = $image; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } return $out; }
function do_get_subscriptions() { global $vbulletin, $db, $show, $vbphrase, $permissions, $subscribecounters; $vbulletin->options['threadpreview'] = FR_PREVIEW_LEN; if (!$vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } if (!$vbulletin->userinfo['userid'] and $_REQUEST['do'] != 'removesubscription' or $vbulletin->userinfo['userid'] and !($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or $vbulletin->userinfo['usergroupid'] == 4 or !($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'])) { json_error(ERR_NO_PERMISSION); } $thread_data = array(); $unread_subs = 0; // vbulletin expects folderid, but we will just get them all $vbulletin->input->clean_array_gpc('r', array('folderid' => TYPE_NOHTML, 'perpage' => TYPE_UINT, 'pagenumber' => TYPE_UINT, 'sortfield' => TYPE_NOHTML, 'sortorder' => TYPE_NOHTML, 'previewtype' => TYPE_INT)); $previewtype = $vbulletin->GPC['previewtype']; if (!$previewtype) { $previewtype = 1; } $vbulletin->GPC['folderid'] = 'all'; // Values that are reused in templates $sortfield =& $vbulletin->GPC['sortfield']; $perpage =& $vbulletin->GPC['perpage']; $pagenumber =& $vbulletin->GPC['pagenumber']; $folderid =& $vbulletin->GPC['folderid']; if ($folderid == 'all') { $getallfolders = true; $show['allfolders'] = true; } else { $folderid = intval($folderid); } $folderselect["{$folderid}"] = 'selected="selected"'; // Build folder jump require_once DIR . '/includes/functions_misc.php'; $folders = construct_folder_jump(1, $folderid, false, '', true); $templater = vB_Template::create('subscribe_folder_jump'); $templater->register('folders', $folders); $folderjump = $templater->render(); // look at sorting options: if ($vbulletin->GPC['sortorder'] != 'asc') { $vbulletin->GPC['sortorder'] = 'desc'; $sqlsortorder = 'DESC'; $order = array('desc' => 'selected="selected"'); } else { $sqlsortorder = ''; $order = array('asc' => 'selected="selected"'); } switch ($sortfield) { case 'title': case 'lastpost': case 'replycount': case 'views': case 'postusername': $sqlsortfield = 'thread.' . $sortfield; break; default: $handled = false; if (!$handled) { $sqlsortfield = 'thread.lastpost'; $sortfield = 'lastpost'; } } $sort = array($sortfield => 'selected="selected"'); if ($getallfolders) { $totalallthreads = array_sum($subscribecounters); } else { $totalallthreads = $subscribecounters["{$folderid}"]; } // set defaults sanitize_pageresults($totalallthreads, $pagenumber, $perpage, 200, $vbulletin->options['maxthreads']); // display threads $limitlower = ($pagenumber - 1) * $perpage + 1; $limitupper = $pagenumber * $perpage; if ($limitupper > $totalallthreads) { $limitupper = $totalallthreads; if ($limitlower > $totalallthreads) { $limitlower = $totalallthreads - $perpage; } } if ($limitlower <= 0) { $limitlower = 1; } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $getthreads = $db->query_read_slave("\n\t\tSELECT thread.threadid, emailupdate, subscribethreadid, thread.forumid, thread.postuserid\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "subscribethread AS subscribethread\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON(thread.threadid = subscribethread.threadid)\n\t\t{$hook_query_joins}\n\t\tWHERE subscribethread.userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\tAND thread.visible = 1\n\t\t\tAND canview = 1\n\t\t" . iif(!$getallfolders, "\tAND folderid = {$folderid}") . "\n\t\t\t{$hook_query_where}\n\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\tLIMIT " . ($limitlower - 1) . ", {$perpage}\n\t"); if ($totalthreads = $db->num_rows($getthreads)) { $forumids = array(); $threadids = array(); $emailupdate = array(); $killthreads = array(); while ($getthread = $db->fetch_array($getthreads)) { $forumperms = fetch_permissions($getthread['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or $getthread['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) { $killthreads["{$getthread['subscribethreadid']}"] = $getthread['subscribethreadid']; $totalallthreads--; continue; } $forumids["{$getthread['forumid']}"] = true; $threadids[] = $getthread['threadid']; $emailupdate["{$getthread['threadid']}"] = $getthread['emailupdate']; $subscribethread["{$getthread['threadid']}"] = $getthread['subscribethreadid']; } $threadids = implode(',', $threadids); } unset($getthread); $db->free_result($getthreads); if (!empty($killthreads)) { // Update thread subscriptions $vbulletin->db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "subscribethread\n\t\t\tSET canview = 0\n\t\t\tWHERE subscribethreadid IN (" . implode(', ', $killthreads) . ")\n\t\t"); } if (!empty($threadids)) { cache_ordered_forums(1); $colspan = 5; $show['threadicons'] = false; // get last read info for each thread $lastread = array(); foreach (array_keys($forumids) as $forumid) { if ($vbulletin->options['threadmarking']) { $lastread["{$forumid}"] = max($vbulletin->forumcache["{$forumid}"]['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400); } else { $lastread["{$forumid}"] = max(intval(fetch_bbarray_cookie('forum_view', $forumid)), $vbulletin->userinfo['lastvisit']); } if ($vbulletin->forumcache["{$forumid}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons']) { $show['threadicons'] = true; $colspan = 6; } } if ($previewtype == 1) { $previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,"; $previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.firstpostid)"; } else { $previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,"; $previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.lastpostid)"; } $hasthreads = true; $threadbits = ''; $pagenav = ''; $counter = 0; $toread = 0; $vbulletin->options['showvotes'] = intval($vbulletin->options['showvotes']); if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) { $lastpost_info = "IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost, " . "IF(tachythreadpost.userid IS NULL, thread.lastposter, tachythreadpost.lastposter) AS lastposter, " . "IF(tachythreadpost.userid IS NULL, thread.lastposterid, tachythreadpost.lastposterid) AS lastposterid, " . "IF(tachythreadpost.userid IS NULL, thread.lastpostid, tachythreadpost.lastpostid) AS lastpostid"; $tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ')'; } else { $lastpost_info = 'thread.lastpost, thread.lastposter, thread.lastposterid, thread.lastpostid'; $tachyjoin = ''; } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $threads = $db->query_read_slave("\n\t\t\tSELECT\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . ", thread.votenum, 0) AS votenum,\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . " AND thread.votenum > 0, thread.votetotal / thread.votenum, 0) AS voteavg,\n\t\t\t\tthread.votetotal,\n\t\t\t\t{$previewfield} thread.threadid, thread.title AS threadtitle, thread.forumid, thread.pollid,\n\t\t\t\tthread.open, thread.replycount, thread.postusername, thread.prefixid,\n\t\t\t\t{$lastpost_info}, thread.postuserid, thread.dateline, thread.views, thread.iconid AS threadiconid,\n\t\t\t\tthread.notes, thread.visible, thread.attach, thread.taglist\n\t\t\t\t" . ($vbulletin->options['threadmarking'] ? ", threadread.readtime AS threadread" : '') . "\n\t\t\t\t{$hook_query_fields}\n\t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t\t{$previewjoin}\n\t\t\t" . ($vbulletin->options['threadmarking'] ? " LEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")" : '') . "\n\t\t\t{$tachyjoin}\n\t\t\t{$hook_query_joins}\n\t\t\tWHERE thread.threadid IN ({$threadids})\n\t\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\t"); unset($sqlsortfield, $sqlsortorder); require_once DIR . '/includes/functions_forumdisplay.php'; // Get Dot Threads $dotthreads = fetch_dot_threads_array($threadids); if ($vbulletin->options['showdots'] and $vbulletin->userinfo['userid']) { $show['dotthreads'] = true; } else { $show['dotthreads'] = false; } if ($vbulletin->options['threadpreview'] and $vbulletin->userinfo['ignorelist']) { // Get Buddy List $buddy = array(); if (trim($vbulletin->userinfo['buddylist'])) { $buddylist = preg_split('/( )+/', trim($vbulletin->userinfo['buddylist']), -1, PREG_SPLIT_NO_EMPTY); foreach ($buddylist as $buddyuserid) { $buddy["{$buddyuserid}"] = 1; } } DEVDEBUG('buddies: ' . implode(', ', array_keys($buddy))); // Get Ignore Users $ignore = array(); if (trim($vbulletin->userinfo['ignorelist'])) { $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY); foreach ($ignorelist as $ignoreuserid) { if (!$buddy["{$ignoreuserid}"]) { $ignore["{$ignoreuserid}"] = 1; } } } DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore))); } $foruminfo['allowratings'] = true; $show['notificationtype'] = true; $show['threadratings'] = true; $show['threadrating'] = true; while ($thread = $db->fetch_array($threads)) { $threadid = $thread['threadid']; // build thread data $thread = process_thread_array($thread, $lastread["{$thread['forumid']}"]); switch ($emailupdate["{$thread['threadid']}"]) { case 0: $thread['notification'] = $vbphrase['none']; break; case 1: $thread['notification'] = $vbphrase['instant']; break; case 2: $thread['notification'] = $vbphrase['daily']; break; case 3: $thread['notification'] = $vbphrase['weekly']; break; default: $thread['notification'] = $vbphrase['n_a']; } $avatarurl = ''; if ($thread['lastpost_userid'] > 0) { $userinfoavatar = fetch_userinfo($thread['lastpost_userid'], FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfoavatar, true, false); if ($userinfoavatar['avatarurl'] != '') { $avatarurl = process_avatarurl($userinfoavatar['avatarurl']); } unset($userinfoavatar); } $tmp = array('thread_id' => $thread['threadid'], 'new_posts' => $show['gotonewpost'] ? true : false, 'forum_id' => $thread['forumid'], 'total_posts' => $thread['totalposts'] ? $thread['totalposts'] : 0, 'forum_title' => prepare_utf8_string($thread['forumtitle']), 'thread_title' => prepare_utf8_string($thread['threadtitle']), 'thread_preview' => prepare_utf8_string(preview_chop(html_entity_decode($thread['preview']), FR_PREVIEW_LEN)), 'post_userid' => $thread['lastpost_userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($thread['lastpostdate']) . ' ' . $thread['lastposttime']), 'post_username' => prepare_utf8_string(strip_tags($thread['lastpost_username']))); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } if ($thread['attach']) { $tmp['attach'] = true; } if ($thread['pollid']) { $tmp['poll'] = true; } $thread_data[] = $tmp; } $db->free_result($threads); unset($threadids); } else { $totalallthreads = 0; } $out = array('threads' => $thread_data, 'total_threads' => $totalallthreads); return $out; }
function do_get_forum() { global $vbulletin, $db, $show, $vbphrase, $foruminfo; $canpost = true; $vbulletin->input->clean_array_gpc('r', array('fid' => TYPE_INT, 'previewtype' => TYPE_INT)); $previewtype = $vbulletin->GPC['previewtype']; if (!$previewtype) { $previewtype = 1; } if (empty($foruminfo['forumid'])) { $forumid = -1; } else { $vbulletin->input->clean_array_gpc('r', array('password' => TYPE_STR)); // Check the forum password if ($vbulletin->GPC['password'] && $foruminfo['password'] == $vbulletin->GPC['password']) { // Set a temp cookie for guests if (!$vbulletin->userinfo['userid']) { set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password'])); } else { set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']), 1); } } $perpage = $vbulletin->input->clean_gpc('r', 'perpage', TYPE_UINT); $pagenumber = $vbulletin->input->clean_gpc('r', 'pagenumber', TYPE_UINT); $daysprune = $vbulletin->input->clean_gpc('r', 'daysprune', TYPE_INT); $sortfield = $vbulletin->input->clean_gpc('r', 'sortfield', TYPE_STR); // get permission to view forum $_permsgetter_ = 'forumdisplay'; $forumperms = fetch_permissions($foruminfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) { json_error(ERR_NO_PERMISSION); } // Check for forum password! if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) { json_error(ERR_NEED_PASSWORD, RV_NEED_FORUM_PASSWORD); } // Can we post in this forum? if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostnew'])) { $canpost = false; } $forumid = $foruminfo['forumid']; } // Can forum contain threads? $announcements_out = array(); // These $_REQUEST values will get used in the sort template so they are assigned to normal variables $perpage = $vbulletin->input->clean_gpc('r', 'perpage', TYPE_UINT); $pagenumber = $vbulletin->input->clean_gpc('r', 'pagenumber', TYPE_UINT); $daysprune = $vbulletin->input->clean_gpc('r', 'daysprune', TYPE_INT); $sortfield = $vbulletin->input->clean_gpc('r', 'sortfield', TYPE_STR); // get permission to view forum $_permsgetter_ = 'forumdisplay'; $forumperms = fetch_permissions($foruminfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) { json_error(ERR_NO_PERMISSION); } // disable thread preview if we can't view threads if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { $vbulletin->options['threadpreview'] = 0; } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); // verify that we are at the canonical SEO url // and redirect to this if not //verify_seo_url('forum', $foruminfo, array('pagenumber' => $_REQUEST['pagenumber'])); // get vbulletin->iforumcache - for use by makeforumjump and forums list // fetch the forum even if they are invisible since its needed // for the title but we'll unset that further down // also fetch subscription info for $show['subscribed'] variable cache_ordered_forums(1, 1, $vbulletin->userinfo['userid']); $show['newthreadlink'] = iif(!$show['search_engine'] and $foruminfo['allowposting'], true, false); $show['threadicons'] = iif($foruminfo['allowicons'], true, false); $show['threadratings'] = iif($foruminfo['allowratings'], true, false); $show['subscribed_to_forum'] = $vbulletin->forumcache["{$foruminfo['forumid']}"]['subscribeforumid'] != '' ? true : false; if (!$daysprune) { if ($vbulletin->userinfo['daysprune']) { $daysprune = $vbulletin->userinfo['daysprune']; } else { $daysprune = iif($foruminfo['daysprune'], $foruminfo['daysprune'], 30); } } $daysprune = -1; // FRNR // ### GET FORUMS, PERMISSIONS, MODERATOR iCACHES ######################## cache_moderators(); // draw nav bar $navbits = array(); $navbits[$vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']] = $vbphrase['forum']; $parentlist = array_reverse(explode(',', substr($foruminfo['parentlist'], 0, -3))); foreach ($parentlist as $forumID) { $forumTitle = $vbulletin->forumcache["{$forumID}"]['title']; $navbits[fetch_seo_url('forum', array('forumid' => $forumID, 'title' => $forumTitle))] = $forumTitle; } // pop the last element off the end of the $nav array so that we can show it without a link array_pop($navbits); $navbits[''] = $foruminfo['title']; $navbits = construct_navbits($navbits); $navbar = render_navbar_template($navbits); $moderatorslist = ''; $listexploded = explode(',', $foruminfo['parentlist']); $showmods = array(); $show['moderators'] = false; $totalmods = 0; foreach ($listexploded as $parentforumid) { if (!$imodcache["{$parentforumid}"] or $parentforumid == -1) { continue; } foreach ($imodcache["{$parentforumid}"] as $moderator) { if ($showmods["{$moderator['userid']}"] === true) { continue; } $showmods["{$moderator['userid']}"] = true; $show['comma_leader'] = $moderatorslist != ''; $show['moderators'] = true; $totalmods++; } } // ### BUILD FORUMS LIST ################################################# // get an array of child forum ids for this forum $foruminfo['childlist'] = explode(',', $foruminfo['childlist']); // define max depth for forums display based on $vbulletin->options[forumhomedepth] define('MAXFORUMDEPTH', $vbulletin->options['forumdisplaydepth']); if (($vbulletin->options['showforumusers'] == 1 or $vbulletin->options['showforumusers'] == 2 or $vbulletin->options['showforumusers'] > 2 and $vbulletin->userinfo['userid']) and !$show['search_engine']) { $datecut = TIMENOW - $vbulletin->options['cookietimeout']; $forumusers = $db->query_read_slave("\n \t\tSELECT user.username, (user.options & " . $vbulletin->bf_misc_useroptions['invisible'] . ") AS invisible, user.usergroupid,\n \t\t\tsession.userid, session.inforum, session.lastactivity, session.badlocation,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\tFROM " . TABLE_PREFIX . "session AS session\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = session.userid)\n \t\tWHERE session.lastactivity > {$datecut}\n \t\tORDER BY" . iif($vbulletin->options['showforumusers'] == 1 or $vbulletin->options['showforumusers'] == 3, " username ASC,") . " lastactivity DESC\n \t"); $numberregistered = 0; $numberguest = 0; $doneuser = array(); if ($vbulletin->userinfo['userid']) { // fakes the user being in this forum $loggedin = array('userid' => $vbulletin->userinfo['userid'], 'username' => $vbulletin->userinfo['username'], 'invisible' => $vbulletin->userinfo['invisible'], 'invisiblemark' => $vbulletin->userinfo['invisiblemark'], 'inforum' => $foruminfo['forumid'], 'lastactivity' => TIMENOW, 'musername' => $vbulletin->userinfo['musername']); $numberregistered = 1; fetch_online_status($loggedin); $show['comma_leader'] = false; $doneuser["{$vbulletin->userinfo['userid']}"] = 1; } $inforum = array(); // this require the query to have lastactivity ordered by DESC so that the latest location will be the first encountered. while ($loggedin = $db->fetch_array($forumusers)) { if ($loggedin['badlocation']) { continue; } if (empty($doneuser["{$loggedin['userid']}"])) { if (in_array($loggedin['inforum'], $foruminfo['childlist']) and $loggedin['inforum'] != -1) { if (!$loggedin['userid']) { // this is a guest $numberguest++; $inforum["{$loggedin['inforum']}"]++; } else { $numberregistered++; $inforum["{$loggedin['inforum']}"]++; if (fetch_online_status($loggedin)) { fetch_musername($loggedin); $show['comma_leader'] = $activeusers != ''; } } } if ($loggedin['userid']) { $doneuser["{$loggedin['userid']}"] = 1; } } } if (!$vbulletin->userinfo['userid']) { $numberguest = $numberguest == 0 ? 1 : $numberguest; } $totalonline = $numberregistered + $numberguest; unset($joingroupid, $key, $datecut, $invisibleuser, $userinfo, $userid, $loggedin, $index, $value, $forumusers, $parentarray); $show['activeusers'] = true; } else { $show['activeusers'] = false; } // ############################################################################# // get read status for this forum and children $unreadchildforums = 0; foreach ($foruminfo['childlist'] as $val) { if ($val == -1 or $val == $foruminfo['forumid']) { continue; } if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $lastread_child = max($vbulletin->forumcache["{$val}"]['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400); } else { $lastread_child = max(intval(fetch_bbarray_cookie('forum_view', $val)), $vbulletin->userinfo['lastvisit']); } if ($vbulletin->forumcache["{$val}"]['lastpost'] > $lastread_child) { $unreadchildforums = 1; break; } } $forumbits = fr_construct_forum_bit($forumid); // admin tools $show['post_queue'] = can_moderate($foruminfo['forumid'], 'canmoderateposts'); $show['attachment_queue'] = can_moderate($foruminfo['forumid'], 'canmoderateattachments'); $show['mass_move'] = can_moderate($foruminfo['forumid'], 'canmassmove'); $show['mass_prune'] = can_moderate($foruminfo['forumid'], 'canmassprune'); $show['post_new_announcement'] = can_moderate($foruminfo['forumid'], 'canannounce'); $show['addmoderator'] = $permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']; $show['adminoptions'] = ($show['post_queue'] or $show['attachment_queue'] or $show['mass_move'] or $show['mass_prune'] or $show['addmoderator'] or $show['post_new_announcement']); $navpopup = array('id' => 'forumdisplay_navpopup', 'title' => $foruminfo['title_clean'], 'link' => fetch_seo_url('forum', $foruminfo)); construct_quick_nav($navpopup); ///////////////////////////////// if ($foruminfo['cancontainthreads']) { ///////////////////////////////// if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $foruminfo['forumread'] = $vbulletin->forumcache["{$foruminfo['forumid']}"]['forumread']; $lastread = max($foruminfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400); } else { $bbforumview = intval(fetch_bbarray_cookie('forum_view', $foruminfo['forumid'])); $lastread = max($bbforumview, $vbulletin->userinfo['lastvisit']); } // Inline Moderation $show['movethread'] = can_moderate($forumid, 'canmanagethreads') ? true : false; $show['deletethread'] = (can_moderate($forumid, 'candeleteposts') or can_moderate($forumid, 'canremoveposts')) ? true : false; $show['approvethread'] = can_moderate($forumid, 'canmoderateposts') ? true : false; $show['openthread'] = can_moderate($forumid, 'canopenclose') ? true : false; $show['inlinemod'] = ($show['movethread'] or $show['deletethread'] or $show['approvethread'] or $show['openthread']) ? true : false; $show['spamctrls'] = ($show['inlinemod'] and $show['deletethread']); $url = $show['inlinemod'] ? SCRIPTPATH : ''; // fetch popup menu if ($show['popups'] and $show['inlinemod']) { } else { $threadadmin_imod_thread_menu = ''; } // get announcements $announcebits = ''; if ($show['threadicons'] and $show['inlinemod']) { $announcecolspan = 6; } else { if (!$show['threadicons'] and !$show['inlinemod']) { $announcecolspan = 4; } else { $announcecolspan = 5; } } $mindate = TIMENOW - 2592000; // 30 days $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $announcements = $db->query_read_slave("\n \t\tSELECT\n \t\t\tannouncement.announcementid, startdate, title, announcement.views,\n \t\t\tuser.username, user.userid, user.usertitle, user.customtitle, user.usergroupid,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\t\t" . ($vbulletin->userinfo['userid'] ? ", NOT ISNULL(announcementread.announcementid) AS readannounce" : "") . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "announcement AS announcement\n \t\t" . ($vbulletin->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "announcementread AS announcementread ON (announcementread.announcementid = announcement.announcementid AND announcementread.userid = " . $vbulletin->userinfo['userid'] . ")" : "") . "\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = announcement.userid)\n \t\t{$hook_query_joins}\n \t\tWHERE startdate <= " . TIMENOW . "\n \t\t\tAND enddate >= " . TIMENOW . "\n \t\t\tAND " . fetch_forum_clause_sql($foruminfo['forumid'], 'forumid') . "\n \t\t\t{$hook_query_where}\n \t\tORDER BY startdate DESC, announcement.announcementid DESC\n \t\t" . iif($vbulletin->options['oneannounce'], "LIMIT 1")); while ($announcement = $db->fetch_array($announcements)) { fetch_musername($announcement); $announcement['title'] = fetch_censored_text($announcement['title']); $announcement['postdate'] = vbdate($vbulletin->options['dateformat'], $announcement['startdate']); if ($announcement['readannounce'] or $announcement['startdate'] <= $mindate) { $announcement['statusicon'] = 'old'; } else { $announcement['statusicon'] = 'new'; } $announcement['views'] = vb_number_format($announcement['views']); $announcementidlink = iif(!$vbulletin->options['oneannounce'], "&a={$announcement['announcementid']}"); // FRNR START if ($pagenumber == 1) { $avatarurl = ''; $userinfoavatar = fetch_userinfo($announcement['userid'], FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfoavatar, true, false); if ($userinfoavatar['avatarurl'] != '') { $avatarurl = process_avatarurl($userinfoavatar['avatarurl']); } unset($userinfoavatar); $tmp = array('thread_id' => $foruminfo['forumid'], 'announcement' => 1, 'new_posts' => $announcement['readannounce'] ? 0 : 1, 'thread_title' => prepare_utf8_string(strip_tags($announcement['title'])), 'thread_preview' => prepare_utf8_string(preview_chop(html_entity_decode($announcement['pagetext']), FR_PREVIEW_LEN)), 'post_userid' => $announcement['userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($announcement['postdate'])), 'post_username' => prepare_utf8_string(strip_tags($announcement['username']))); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } $announcements_out[] = $tmp; } // FRNR END } // display threads if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) { $limitothers = "AND postuserid = " . $vbulletin->userinfo['userid'] . " AND " . $vbulletin->userinfo['userid'] . " <> 0"; } else { $limitothers = ''; } if (can_moderate($foruminfo['forumid'])) { $redirectjoin = "LEFT JOIN " . TABLE_PREFIX . "threadredirect AS threadredirect ON(thread.open = 10 AND thread.threadid = threadredirect.threadid)"; } else { $redirectjoin = ''; } // filter out deletion notices if can't be seen if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canseedelnotice'] or can_moderate($foruminfo['forumid'])) { $canseedelnotice = true; $deljoin = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON(thread.threadid = deletionlog.primaryid AND deletionlog.type = 'thread')"; } else { $canseedelnotice = false; $deljoin = ''; } // remove threads from users on the global ignore list if user is not a moderator if ($Coventry = fetch_coventry('string') and !can_moderate($foruminfo['forumid'])) { $globalignore = "AND postuserid NOT IN ({$Coventry}) "; } else { $globalignore = ''; } // look at thread limiting options $stickyids = ''; $stickycount = 0; if ($daysprune != -1) { if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) { $tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ")"; $datecut = " AND (thread.lastpost >= " . (TIMENOW - $daysprune * 86400) . " OR tachythreadpost.lastpost >= " . (TIMENOW - $daysprune * 86400) . ")"; } else { $datecut = "AND lastpost >= " . (TIMENOW - $daysprune * 86400); $tachyjoin = ""; } $show['noposts'] = false; } else { $tachyjoin = ""; $datecut = ""; $show['noposts'] = true; } // complete form fields on page $daysprunesel = iif($daysprune == -1, 'all', $daysprune); $daysprunesel = array($daysprunesel => 'selected="selected"'); $vbulletin->input->clean_array_gpc('r', array('sortorder' => TYPE_NOHTML, 'prefixid' => TYPE_NOHTML)); // prefix options $prefix_options = fetch_prefix_html($foruminfo['forumid'], $vbulletin->GPC['prefixid']); $prefix_selected = array('anythread', 'anythread' => '', 'none' => ''); if ($vbulletin->GPC['prefixid']) { //no prefix id if ($vbulletin->GPC['prefixid'] == '-1') { $prefix_filter = "AND thread.prefixid = ''"; $prefix_selected['none'] = ' selected="selected"'; } else { if ($vbulletin->GPC['prefixid'] == '-2') { $prefix_filter = "AND thread.prefixid <> ''"; $prefix_selected['anyprefix'] = ' selected="selected"'; } else { $prefix_filter = "AND thread.prefixid = '" . $db->escape_string($vbulletin->GPC['prefixid']) . "'"; } } } else { $prefix_filter = ''; $prefix_selected['anythread'] = ' selected="selected"'; } // default sorting methods if (empty($sortfield)) { $sortfield = $foruminfo['defaultsortfield']; } if (empty($vbulletin->GPC['sortorder'])) { $vbulletin->GPC['sortorder'] = $foruminfo['defaultsortorder']; } // look at sorting options: if ('asc' != ($sortorder = $vbulletin->GPC['sortorder'])) { $sqlsortorder = 'DESC'; $order = array('desc' => 'checked="checked"'); $vbulletin->GPC['sortorder'] = 'desc'; } else { $sqlsortorder = ''; $order = array('asc' => 'checked="checked"'); } $sqlsortfield2 = ''; switch ($sortfield) { case 'title': $sqlsortfield = 'thread.title'; break; case 'lastpost': $sqlsortfield = 'lastpost'; break; case 'replycount': case 'views': $sqlsortfield = 'views'; case 'postusername': $sqlsortfield = $sortfield; break; case 'voteavg': if ($foruminfo['allowratings']) { $sqlsortfield = 'voteavg'; $sqlsortfield2 = 'votenum'; break; } case 'dateline': $sqlsortfield = 'thread.dateline'; break; // else, use last post // else, use last post default: $handled = false; if (!$handled) { $sqlsortfield = 'lastpost'; $sortfield = 'lastpost'; } } $sort = array($sortfield => 'selected="selected"'); $visiblethreads = " AND visible = 1"; /*if (!can_moderate($forumid, 'canmoderateposts')) { if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canseedelnotice'])) { $visiblethreads = " AND visible = 1 "; } else { $visiblethreads = " AND visible IN (1,2)"; } } else { $visiblethreads = " AND visible IN (0,1,2)"; }*/ $hook_query_fields = $hook_query_joins = $hook_query_where = ''; # Include visible IN (0,1,2) in order to hit upon the 4 column index $threadscount = $db->query_first_slave("\n \t\tSELECT COUNT(*) AS threads, SUM(IF(thread.lastpost > {$lastread} AND open <> 10, 1, 0)) AS newthread\n \t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "thread AS thread\n \t\t{$tachyjoin}\n \t\t{$hook_query_joins}\n \t\tWHERE forumid = {$foruminfo['forumid']}\n \t\t\tAND sticky = 0\n \t\t\t{$prefix_filter}\n \t\t\t{$visiblethreads}\n \t\t\t{$globalignore}\n \t\t\t{$limitothers}\n \t\t\t{$datecut}\n \t\t\t{$hook_query_where}\n \t"); $totalthreads = $threadscount['threads']; $newthreads = $threadscount['newthread']; // set defaults sanitize_pageresults($totalthreads, $pagenumber, $perpage, 200, $vbulletin->options['maxthreads']); // get number of sticky threads for the first page // on the first page there will be the sticky threads PLUS the $perpage other normal threads // not quite a bug, but a deliberate feature! if ($pagenumber == 1) { $stickies = $db->query_read_slave("\n \t\t\tSELECT thread.threadid, lastpost, open\n \t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n \t\t\tWHERE forumid = {$foruminfo['forumid']}\n \t\t\t\tAND sticky = 1\n \t\t\t\t{$prefix_filter}\n \t\t\t\t{$visiblethreads}\n \t\t\t\t{$limitothers}\n \t\t\t\t{$globalignore}\n \t\t"); while ($thissticky = $db->fetch_array($stickies)) { $stickycount++; if ($thissticky['lastpost'] >= $lastread and $thissticky['open'] != 10) { $newthreads++; } $stickyids .= ",{$thissticky['threadid']}"; } $db->free_result($stickies); unset($thissticky, $stickies); } $limitlower = ($pagenumber - 1) * $perpage; $limitupper = $pagenumber * $perpage; if ($limitupper > $totalthreads) { $limitupper = $totalthreads; if ($limitlower > $totalthreads) { $limitlower = $totalthreads - $perpage - 1; } } if ($limitlower < 0) { $limitlower = 0; } if ($foruminfo['allowratings']) { $vbulletin->options['showvotes'] = intval($vbulletin->options['showvotes']); $votequery = "\n \t\t\tIF(votenum >= " . $vbulletin->options['showvotes'] . ", votenum, 0) AS votenum,\n \t\t\tIF(votenum >= " . $vbulletin->options['showvotes'] . " AND votenum > 0, votetotal / votenum, 0) AS voteavg,\n \t\t"; } else { $votequery = ''; } if ($previewtype == 1) { $previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,"; $previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.firstpostid)"; } else { $previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,"; $previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.lastpostid)"; } if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) { $tachyjoin = "\n \t\t\tLEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON\n \t\t\t\t(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ")\n \t\t\tLEFT JOIN " . TABLE_PREFIX . "tachythreadcounter AS tachythreadcounter ON\n \t\t\t\t(tachythreadcounter.threadid = thread.threadid AND tachythreadcounter.userid = " . $vbulletin->userinfo['userid'] . ")\n \t\t"; $tachy_columns = "\n \t\t\tIF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost,\n \t\t\tIF(tachythreadpost.userid IS NULL, thread.lastposter, tachythreadpost.lastposter) AS lastposter,\n \t\t\tIF(tachythreadpost.userid IS NULL, thread.lastposterid, tachythreadpost.lastposterid) AS lastposterid,\n \t\t\tIF(tachythreadpost.userid IS NULL, thread.lastpostid, tachythreadpost.lastpostid) AS lastpostid,\n \t\t\tIF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount) AS replycount,\n \t\t\tIF(thread.views<=IF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount), IF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount)+1, thread.views) AS views\n \t\t"; } else { $tachyjoin = ''; $tachy_columns = 'thread.lastpost, thread.lastposter, thread.lastposterid, thread.lastpostid, thread.replycount, IF(thread.views<=thread.replycount, thread.replycount+1, thread.views) AS views'; } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $getthreadids = $db->query_read_slave("\n \t\tSELECT " . iif($sortfield == 'voteavg', $votequery) . " thread.threadid,\n \t\t\t{$tachy_columns}\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "thread AS thread\n \t\t{$tachyjoin}\n \t\t{$hook_query_joins}\n \t\tWHERE forumid = {$foruminfo['forumid']}\n \t\t\tAND sticky = 0\n \t\t\t{$prefix_filter}\n \t\t\t{$visiblethreads}\n \t\t\t{$globalignore}\n \t\t\t{$limitothers}\n \t\t\t{$datecut}\n \t\t\t{$hook_query_where}\n \t\tORDER BY sticky DESC, {$sqlsortfield} {$sqlsortorder}" . (!empty($sqlsortfield2) ? ", {$sqlsortfield2} {$sqlsortorder}" : '') . "\n \t\tLIMIT {$limitlower}, {$perpage}\n \t"); $ids = ''; while ($thread = $db->fetch_array($getthreadids)) { $ids .= ',' . $thread['threadid']; } $ids .= $stickyids; $db->free_result($getthreadids); unset($thread, $getthreadids); $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $threads = $db->query_read_slave("\n \t\tSELECT {$votequery} {$previewfield}\n \t\t\tthread.threadid, thread.title AS threadtitle, thread.forumid, pollid, open, postusername, postuserid, thread.iconid AS threadiconid,\n \t\t\tthread.dateline, notes, thread.visible, sticky, votetotal, thread.attach, {$tachy_columns},\n \t\t\tthread.prefixid, thread.taglist, hiddencount, deletedcount,\n \t\t\tuser.usergroupid, user.homepage, user.options AS useroptions, IF(userlist.friend = 'yes', 1, 0) AS isfriend\n \t\t\t" . (($vbulletin->options['threadsubscribed'] and $vbulletin->userinfo['userid']) ? ", NOT ISNULL(subscribethread.subscribethreadid) AS issubscribed" : "") . "\n \t\t\t" . ($deljoin ? ", deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "\n \t\t\t" . (($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) ? ", threadread.readtime AS threadread" : "") . "\n \t\t\t" . ($redirectjoin ? ", threadredirect.expires" : "") . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "thread AS thread\n \t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = thread.lastposterid)\n \t\t\tLEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.relationid = user.userid AND userlist.type = 'buddy' AND userlist.userid = " . $vbulletin->userinfo['userid'] . ")\n \t\t\t{$deljoin}\n \t\t\t" . (($vbulletin->options['threadsubscribed'] and $vbulletin->userinfo['userid']) ? " LEFT JOIN " . TABLE_PREFIX . "subscribethread AS subscribethread ON(subscribethread.threadid = thread.threadid AND subscribethread.userid = " . $vbulletin->userinfo['userid'] . " AND canview = 1)" : "") . "\n \t\t\t" . (($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) ? " LEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")" : "") . "\n \t\t\t{$previewjoin}\n \t\t\t{$tachyjoin}\n \t\t\t{$redirectjoin}\n \t\t\t{$hook_query_joins}\n \t\tWHERE thread.threadid IN (0{$ids}) {$hook_query_where}\n \t\tORDER BY sticky DESC, {$sqlsortfield} {$sqlsortorder}" . (!empty($sqlsortfield2) ? ", {$sqlsortfield2} {$sqlsortorder}" : '') . "\n \t"); unset($limitothers, $delthreadlimit, $deljoin, $datecut, $votequery, $sqlsortfield, $sqlsortorder, $threadids, $sqlsortfield2); // Get Dot Threads $dotthreads = fetch_dot_threads_array($ids); if ($vbulletin->options['showdots'] and $vbulletin->userinfo['userid']) { $show['dotthreads'] = true; } else { $show['dotthreads'] = false; } unset($ids); $pageinfo = array(); if ($vbulletin->GPC['prefixid']) { $pageinfo['prefixid'] = $vbulletin->GPC['prefixid']; } if ($vbulletin->GPC['daysprune']) { $pageinfo['daysprune'] = $daysprune; } $show['fetchseo'] = true; $oppositesort = $vbulletin->GPC['sortorder'] == 'asc' ? 'desc' : 'asc'; $pageinfo_voteavg = $pageinfo + array('sort' => 'voteavg', 'order' => 'voteavg' == $sortfield ? $oppositesort : 'desc'); $pageinfo_title = $pageinfo + array('sort' => 'title', 'order' => 'title' == $sortfield ? $oppositesort : 'asc'); $pageinfo_postusername = $pageinfo + array('sort' => 'postusername', 'order' => 'postusername' == $sortfield ? $oppositesort : 'asc'); $pageinfo_flastpost = $pageinfo + array('sort' => 'lastpost', 'order' => 'lastpost' == $sortfield ? $oppositesort : 'asc'); $pageinfo_replycount = $pageinfo + array('sort' => 'replycount', 'order' => 'replycount' == $sortfield ? $oppositesort : 'desc'); $pageinfo_views = $pageinfo + array('sort' => 'views', 'order' => 'views' == $sortfield ? $oppositesort : 'desc'); $pageinfo_sort = $pageinfo + array(sort => $sortfield, 'order' => $oppositesort, 'pp' => $perpage, 'page' => $pagenumber); if ($totalthreads > 0 or $stickyids) { if ($totalthreads > 0) { $limitlower++; } // check to see if there are any threads to display. If there are, do so, otherwise, show message if ($vbulletin->options['threadpreview'] > 0) { // Get Buddy List $buddy = array(); if (trim($vbulletin->userinfo['buddylist'])) { $buddylist = preg_split('/( )+/', trim($vbulletin->userinfo['buddylist']), -1, PREG_SPLIT_NO_EMPTY); foreach ($buddylist as $buddyuserid) { $buddy["{$buddyuserid}"] = 1; } } DEVDEBUG('buddies: ' . implode(', ', array_keys($buddy))); // Get Ignore Users $ignore = array(); if (trim($vbulletin->userinfo['ignorelist'])) { $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY); foreach ($ignorelist as $ignoreuserid) { if (!$buddy["{$ignoreuserid}"]) { $ignore["{$ignoreuserid}"] = 1; } } } DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore))); } $show['threads'] = true; $threadbits = ''; $threadbits_sticky = ''; $counter = 0; $toread = 0; while ($thread = $db->fetch_array($threads)) { // AND $counter++ < $perpage) // build thread data $thread = process_thread_array($thread, $lastread, $foruminfo['allowicons']); $realthreadid = $thread['realthreadid']; if ($thread['sticky']) { $threadbit =& $threadbits_sticky; } else { $threadbit =& $threadbits; } // Soft Deleted Thread if ($thread['visible'] == 2) { $thread['deletedcount']++; $show['threadtitle'] = (can_moderate($forumid) or $vbulletin->userinfo['userid'] != 0 and $vbulletin->userinfo['userid'] == $thread['postuserid']) ? true : false; $show['deletereason'] = !empty($thread['del_reason']) ? true : false; $show['viewthread'] = can_moderate($forumid) ? true : false; $show['managethread'] = (can_moderate($forumid, 'candeleteposts') or can_moderate($forumid, 'canremoveposts')) ? true : false; $show['moderated'] = ($thread['hiddencount'] > 0 and can_moderate($forumid, 'canmoderateposts')) ? true : false; $show['deletedthread'] = $canseedelnotice; } else { if (!$thread['visible']) { $thread['hiddencount']++; } $show['moderated'] = ($thread['hiddencount'] > 0 and can_moderate($forumid, 'canmoderateposts')) ? true : false; $show['deletedthread'] = ($thread['deletedcount'] > 0 and $canseedelnotice) ? true : false; $pageinfo_lastpage = array(); if ($show['pagenavmore']) { $pageinfo_lastpage['page'] = $thread['totalpages']; } $pageinfo_newpost = array('goto' => 'newpost'); $pageinfo_lastpost = array('p' => $thread['lastpostid']); // prepare the member action drop-down menu $memberaction_dropdown = construct_memberaction_dropdown(fetch_lastposter_userinfo($thread)); } // FRNR Start $avatarurl = ''; if ($thread['lastpost_userid'] > 0) { $userinfoavatar = fetch_userinfo($thread['lastpost_userid'], FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfoavatar, true, false); if ($userinfoavatar['avatarurl'] != '') { $avatarurl = process_avatarurl($userinfoavatar['avatarurl']); } unset($userinfoavatar); } $tmp = array('thread_id' => $thread['threadid'], 'new_posts' => $show['gotonewpost'] ? 1 : 0, 'forum_id' => $thread['forumid'], 'total_posts' => $thread['totalposts'] ? $thread['totalposts'] : 0, 'thread_title' => prepare_utf8_string(strip_tags($thread['threadtitle'])), 'thread_preview' => prepare_utf8_string(preview_chop(html_entity_decode($thread['preview']), FR_PREVIEW_LEN)), 'post_userid' => $thread['lastpost_userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($thread['lastpostdate']) . ' ' . $thread['lastposttime']), 'post_username' => prepare_utf8_string(strip_tags($thread['lastpost_username']))); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } if ($thread['prefixid']) { $tmp['prefix'] = prepare_utf8_string(strip_tags($vbphrase["prefix_{$thread['prefixid']}_title_plain"])); } if ($thread['attach']) { $tmp['attach'] = true; } if ($thread['pollid']) { $tmp['poll'] = true; } if ($thread['open'] == 10) { // Special case for redirect threads $tmp = array_merge($tmp, array('post_userid' => $thread['postuserid'], 'post_username' => prepare_utf8_string(strip_tags($thread['postusername'])), 'poll' => false)); } if ($thread['sticky']) { $thread_data_sticky[] = $tmp; } else { $thread_data[] = $tmp; } // FRNR Stop } $db->free_result($threads); unset($thread, $counter); $pageinfo_pagenav = array(); if (!empty($vbulletin->GPC['perpage'])) { $pageinfo_pagenav['pp'] = $perpage; } if (!empty($vbulletin->GPC['prefixid'])) { $pageinfo_pagenav['prefixid'] = $vbulletin->GPC['prefixid']; } if (!empty($vbulletin->GPC['sortfield'])) { $pageinfo_pagenav['sort'] = $sortfield; } if (!empty($vbulletin->GPC['sortorder'])) { $pageinfo_pagenav['order'] = $vbulletin->GPC['sortorder']; } if (!empty($vbulletin->GPC['daysprune'])) { $pageinfo_pagenav['daysprune'] = $daysprune; } $pagenav = construct_page_nav($pagenumber, $perpage, $totalthreads, 'forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$foruminfo['forumid']}", '', '', 'forum', $foruminfo, $pageinfo_pagenav); } unset($threads, $dotthreads); // get colspan for bottom bar $foruminfo['bottomcolspan'] = 5; if ($foruminfo['allowicons']) { $foruminfo['bottomcolspan']++; } if ($show['inlinemod']) { $foruminfo['bottomcolspan']++; } $show['threadslist'] = true; ///////////////////////////////// } else { $show['threadslist'] = false; $canpost = false; // FRNR } ///////////////////////////////// if (!$vbulletin->GPC['prefixid'] and $newthreads < 1 and $unreadchildforums < 1) { mark_forum_read($foruminfo, $vbulletin->userinfo['userid'], TIMENOW); } // FNRN Below $out = array(); if (is_array($thread_data) && count($thread_data) > 0) { $out['threads'] = $thread_data; } else { $out['threads'] = array(); } if (is_array($thread_data_sticky) && count($thread_data_sticky) > 0) { $out['threads_sticky'] = $thread_data_sticky; $out['total_sticky_threads'] = count($thread_data_sticky); } else { $out['threads_sticky'] = array(); $out['total_sticky_threads'] = 0; } // Announcements become #1 on the threads if (is_array($announcements_out) && count($announcements_out) == 1) { array_unshift($out['threads'], $announcements_out[0]); $totalthreads++; } $out['total_threads'] = $totalthreads ? $totalthreads : 0; if ($forumbits) { $out['forums'] = $forumbits; } else { $out['forums'] = array(); } $out['canpost'] = $canpost ? 1 : 0; $out['canattach'] = ($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid']); // Get thread prefixes for this forum (if any) $prefix_out = array(); if ($prefixsets = fetch_prefix_array($forumid)) { foreach ($prefixsets as $prefixsetid => $prefixes) { $optgroup_options = ''; foreach ($prefixes as $prefixid => $prefix) { if ($permcheck and !can_use_prefix($prefixid, $prefix['restrictions'])) { continue; } $optionvalue = $prefixid; $optiontitle = htmlspecialchars_uni($vbphrase["prefix_{$prefixid}_title_plain"]); $prefix_out[] = array('prefixid' => $prefixid, 'prefixcaption' => prepare_utf8_string($optiontitle)); } } } if ($foruminfo['options'] & $vbulletin->bf_misc_forumoptions['prefixrequired']) { $out['prefixrequired'] = true; } else { $out['prefixrequired'] = false; } $out['prefixes'] = $prefix_out; return $out; }