/**
* Prints a row containing form elements to input a date & time
*
* Resulting form element names: $name[day], $name[month], $name[year], $name[hour], $name[minute]
*
* @param string Title for row
* @param string Base name for form elements - $name[day], $name[month], $name[year] etc.
* @param mixed Unix timestamp to be represented by the form fields OR SQL date field (yyyy-mm-dd)
* @param boolean Whether or not to show the time input components, or only the date
* @param boolean If true, expect an SQL date field from the unix timestamp parameter instead (for birthdays)
* @param string Vertical alignment for the row
*/
function print_time_row($title, $name = 'date', $unixtime = '', $showtime = true, $birthday = false, $valign = 'middle')
{
global $vbphrase, $vbulletin, $stylevar;
static $datepicker_output = false;
if (!$datepicker_output) {
echo '
<script type="text/javascript" src="../clientscript/vbulletin_date_picker.js"></script>
<script type="text/javascript">
<!--
vbphrase["sunday"] = "' . $vbphrase['sunday'] . '";
vbphrase["monday"] = "' . $vbphrase['monday'] . '";
vbphrase["tuesday"] = "' . $vbphrase['tuesday'] . '";
vbphrase["wednesday"] = "' . $vbphrase['wednesday'] . '";
vbphrase["thursday"] = "' . $vbphrase['thursday'] . '";
vbphrase["friday"] = "' . $vbphrase['friday'] . '";
vbphrase["saturday"] = "' . $vbphrase['saturday'] . '";
-->
</script>
';
$datepicker_output = true;
}
$monthnames = array(0 => '- - - -', 1 => $vbphrase['january'], 2 => $vbphrase['february'], 3 => $vbphrase['march'], 4 => $vbphrase['april'], 5 => $vbphrase['may'], 6 => $vbphrase['june'], 7 => $vbphrase['july'], 8 => $vbphrase['august'], 9 => $vbphrase['september'], 10 => $vbphrase['october'], 11 => $vbphrase['november'], 12 => $vbphrase['december']);
if (is_array($unixtime)) {
require_once DIR . '/includes/functions_misc.php';
$unixtime = vbmktime(0, 0, 0, $unixtime['month'], $unixtime['day'], $unixtime['year']);
}
if ($birthday) {
// mktime() on win32 doesn't support dates before 1970 so we can't fool with a negative timestamp
if ($unixtime == '') {
$month = 0;
$day = '';
$year = '';
} else {
$temp = explode('-', $unixtime);
$month = intval($temp[0]);
$day = intval($temp[1]);
if ($temp[2] == '0000') {
$year = '';
} else {
$year = intval($temp[2]);
}
}
} else {
if ($unixtime) {
$month = vbdate('n', $unixtime, false, false);
$day = vbdate('j', $unixtime, false, false);
$year = vbdate('Y', $unixtime, false, false);
$hour = vbdate('G', $unixtime, false, false);
$minute = vbdate('i', $unixtime, false, false);
}
}
$cell = array();
$cell[] = "<label for=\"{$name}_month\">{$vbphrase['month']}</label><br /><select name=\"{$name}[month]\" id=\"{$name}_month\" tabindex=\"1\" class=\"bginput\"" . iif($vbulletin->debug, " title=\"name="{$name}" . "[month]"\"") . ">\n" . construct_select_options($monthnames, $month) . "\t\t</select>";
$cell[] = "<label for=\"{$name}_date\">{$vbphrase['day']}</label><br /><input type=\"text\" class=\"bginput\" name=\"{$name}[day]\" id=\"{$name}_date\" value=\"{$day}\" size=\"4\" maxlength=\"2\" tabindex=\"1\"" . iif($vbulletin->debug, " title=\"name="{$name}" . "[day]"\"") . ' />';
$cell[] = "<label for=\"{$name}_year\">{$vbphrase['year']}</label><br /><input type=\"text\" class=\"bginput\" name=\"{$name}[year]\" id=\"{$name}_year\" value=\"{$year}\" size=\"4\" maxlength=\"4\" tabindex=\"1\"" . iif($vbulletin->debug, " title=\"name="{$name}" . "[year]"\"") . ' />';
if ($showtime) {
$cell[] = $vbphrase['hour'] . '<br /><input type="text" tabindex="1" class="bginput" name="' . $name . '[hour]" value="' . $hour . '" size="4"' . iif($vbulletin->debug, " title=\"name="{$name}" . "[hour]"\"") . ' />';
$cell[] = $vbphrase['minute'] . '<br /><input type="text" tabindex="1" class="bginput" name="' . $name . '[minute]" value="' . $minute . '" size="4"' . iif($vbulletin->debug, " title=\"name="{$name}" . "[minute]"\"") . ' />';
}
$inputs = '';
foreach ($cell as $html) {
$inputs .= "\t\t<td><span class=\"smallfont\">{$html}</span></td>\n";
}
print_label_row($title, "<div id=\"ctrl_{$name}\"><table cellpadding=\"0\" cellspacing=\"2\" border=\"0\"><tr>\n{$inputs}\t\n</tr></table></div>", '', 'top', $name);
echo "<script type=\"text/javascript\"> new vB_DatePicker(\"{$name}_year\", \"{$name}_\", \"" . $vbulletin->userinfo['startofweek'] . "\"); </script>\r\n";
}
<div class="darkbg" style="border: 2px inset"><ul class="darkbg">
<li class="modtoday">' . $vbphrase['today'] . '</li>
<li class="modyesterday">' . $vbphrase['yesterday'] . '</li>
<li class="modlasttendays">' . construct_phrase($vbphrase['within_the_last_x_days'], '10') . '</li>
<li class="modsincetendays">' . construct_phrase($vbphrase['more_than_x_days_ago'], '10') . '</li>
<li class="modsincethirtydays"> ' . construct_phrase($vbphrase['more_than_x_days_ago'], '30') . '</li>
</ul></div>
');
print_table_footer();
print_form_header('', '');
print_table_header($vbphrase['moderators']);
echo "<tr valign=\"top\">\n\t<td class=\"" . fetch_row_bgclass() . "\" colspan=\"2\">";
echo "<div class=\"darkbg\" style=\"padding: 4px; border: 2px inset; text-align: {$stylevar['left']}\">";
// get the timestamp for the beginning of today, according to bbuserinfo's timezone
require_once DIR . '/includes/functions_misc.php';
$unixtoday = vbmktime(0, 0, 0, vbdate('m', TIMENOW, false, false), vbdate('d', TIMENOW, false, false), vbdate('Y', TIMENOW, false, false));
$list = array();
$curforum = -1;
if ($db->num_rows($forums)) {
while ($forum = $db->fetch_array($forums)) {
$modlist["{$forum['userid']}"]++;
if ($curforum != $forum['forumid']) {
$curforum = $forum['forumid'];
if ($countforums++ != 0) {
echo "\t\t</ul>\n\t\t</ul>\n\t</li>\n\t</ul>\n";
}
echo "\n\t<ul>\n\t<li><b><a href=\"../forumdisplay.php?" . $vbulletin->session->vars['sessionurl'] . "f={$forum['forumid']}\">{$forum['title']}</a></b>\n";
echo "\n\t\t<ul>{$vbphrase['moderators']}\n\t<ul>\n";
}
if ($forum['lastactivity'] >= $unixtoday) {
$onlinecolor = 'modtoday';
print_time_row($vbphrase['end_date'], 'enddate', TIMENOW, 1, 0, 'middle');
print_submit_row($vbphrase['find']);
}
// ############################# start show referrers #########################
if ($_POST['do'] == 'showreferrers') {
$vbulletin->input->clean_array_gpc('p', array('startdate' => vB_Cleaner::TYPE_ARRAY_INT, 'enddate' => vB_Cleaner::TYPE_ARRAY_INT));
require_once DIR . '/includes/functions_misc.php';
$datequery = '';
if ($vbulletin->GPC['startdate']['month']) {
$datestartText = vbmktime(intval($vbulletin->GPC['startdate']['hour']), intval($vbulletin->GPC['startdate']['minute']), 0, intval($vbulletin->GPC['startdate']['month']), intval($vbulletin->GPC['startdate']['day']), intval($vbulletin->GPC['startdate']['year']));
$datestart = vbdate($vbulletin->options['dateformat'] . ' ' . $vbulletin->options['timeformat'], $datestartText);
} else {
$vbulletin->GPC['startdate'] = 0;
}
if ($vbulletin->GPC['enddate']['month']) {
$dateendText = vbmktime(intval($vbulletin->GPC['enddate']['hour']), intval($vbulletin->GPC['enddate']['minute']), 0, intval($vbulletin->GPC['enddate']['month']), intval($vbulletin->GPC['enddate']['day']), intval($vbulletin->GPC['enddate']['year']));
$dateend = vbdate($vbulletin->options['dateformat'] . ' ' . $vbulletin->options['timeformat'], $dateendText);
} else {
$vbulletin->GPC['enddate'] = 0;
}
if ($datestart or $dateend) {
$refperiod = construct_phrase($vbphrase['x_to_y'], $datestart, $dateend);
} else {
$refperiod = $vbphrase['all_time'];
}
try {
$users = vB_Api::instanceInternal('user')->fetchReferrers($vbulletin->GPC['startdate'], $vbulletin->GPC['enddate']);
} catch (vB_Exception_Api $ex) {
print_stop_message2($ex->getMessage());
}
if (!count($users)) {
/**
* Does the actual work to make a variable safe
*
* @param mixed The data we want to make safe
* @param integer The type of the data
*
* @return mixed
*/
function &do_clean(&$data, $type)
{
static $booltypes = array('1', 'yes', 'y', 'true');
switch ($type) {
case TYPE_INT:
$data = intval($data);
break;
case TYPE_UINT:
$data = ($data = intval($data)) < 0 ? 0 : $data;
break;
case TYPE_NUM:
$data = strval($data) + 0;
break;
case TYPE_UNUM:
$data = strval($data) + 0;
$data = $data < 0 ? 0 : $data;
break;
case TYPE_BINARY:
$data = strval($data);
break;
case TYPE_STR:
$data = trim(strval($data));
break;
case TYPE_NOTRIM:
$data = strval($data);
break;
case TYPE_NOHTML:
$data = htmlspecialchars_uni(trim(strval($data)));
break;
case TYPE_BOOL:
$data = in_array(strtolower($data), $booltypes) ? 1 : 0;
break;
case TYPE_ARRAY:
$data = is_array($data) ? $data : array();
break;
case TYPE_NOHTMLCOND:
$data = trim(strval($data));
if (strcspn($data, '<>"') < strlen($data) or strpos($data, '&') !== false and !preg_match('/&(#[0-9]+|amp|lt|gt|quot);/si', $data)) {
// data is not htmlspecialchars because it still has characters or entities it shouldn't
$data = htmlspecialchars_uni($data);
}
break;
case TYPE_FILE:
// perhaps redundant :p
if (is_array($data)) {
if (is_array($data['name'])) {
$files = count($data['name']);
for ($index = 0; $index < $files; $index++) {
$data['name']["{$index}"] = trim(strval($data['name']["{$index}"]));
$data['type']["{$index}"] = trim(strval($data['type']["{$index}"]));
$data['tmp_name']["{$index}"] = trim(strval($data['tmp_name']["{$index}"]));
$data['error']["{$index}"] = intval($data['error']["{$index}"]);
$data['size']["{$index}"] = intval($data['size']["{$index}"]);
}
} else {
$data['name'] = trim(strval($data['name']));
$data['type'] = trim(strval($data['type']));
$data['tmp_name'] = trim(strval($data['tmp_name']));
$data['error'] = intval($data['error']);
$data['size'] = intval($data['size']);
}
} else {
$data = array('name' => '', 'type' => '', 'tmp_name' => '', 'error' => 0, 'size' => 4);
}
break;
case TYPE_UNIXTIME:
if (is_array($data)) {
$data = $this->clean($data, TYPE_ARRAY_UINT);
if ($data['month'] and $data['day'] and $data['year']) {
require_once DIR . '/includes/functions_misc.php';
$data = vbmktime($data['hour'], $data['minute'], $data['second'], $data['month'], $data['day'], $data['year']);
} else {
$data = 0;
}
} else {
$data = ($data = intval($data)) < 0 ? 0 : $data;
}
break;
// null actions should be deifned here so we can still catch typos below
// null actions should be deifned here so we can still catch typos below
case TYPE_NOCLEAN:
break;
default:
if ($this->registry->debug) {
trigger_error('vB_Input_Cleaner::do_clean() Invalid data type specified', E_USER_WARNING);
}
}
// strip out characters that really have no business being in non-binary data
switch ($type) {
case TYPE_STR:
case TYPE_NOTRIM:
case TYPE_NOHTML:
case TYPE_NOHTMLCOND:
$data = str_replace(chr(0), '', $data);
}
return $data;
}
} else {
if ($vbulletin->GPC['limitstart'] > 0 and $limitfinish >= $countusers['users']) {
print_submit_row($vbphrase['first_page'], 0, 6, $vbphrase['prev_page'], '', true);
} else {
print_table_footer();
}
}
}
}
}
// ###################### Start status #######################
if ($_POST['do'] == 'status') {
$vbulletin->input->clean_array_gpc('p', array('subscriptionlogid' => TYPE_INT, 'status' => TYPE_INT, 'regdate' => TYPE_ARRAY_INT, 'expirydate' => TYPE_ARRAY_INT, 'username' => TYPE_NOHTML));
require_once DIR . '/includes/functions_misc.php';
$regdate = vbmktime($vbulletin->GPC['regdate']['hour'], $vbulletin->GPC['regdate']['minute'], 0, $vbulletin->GPC['regdate']['month'], $vbulletin->GPC['regdate']['day'], $vbulletin->GPC['regdate']['year']);
$expirydate = vbmktime($vbulletin->GPC['expirydate']['hour'], $vbulletin->GPC['expirydate']['minute'], 0, $vbulletin->GPC['expirydate']['month'], $vbulletin->GPC['expirydate']['day'], $vbulletin->GPC['expirydate']['year']);
if ($expirydate < 0 or $expirydate <= $regdate) {
print_stop_message('invalid_subscription_length');
}
if ($vbulletin->GPC['userid']) {
// already existing entry
if (!$vbulletin->GPC['status']) {
$db->query_write("\n\t\t\t\tUPDATE " . TABLE_PREFIX . "subscriptionlog\n\t\t\t\tSET regdate = {$regdate}, expirydate = {$expirydate}\n\t\t\t\tWHERE userid = " . $vbulletin->GPC['userid'] . "\n\t\t\t\t\tAND subscriptionid = " . $vbulletin->GPC['subscriptionid'] . "\n\t\t\t");
$subobj->delete_user_subscription($vbulletin->GPC['subscriptionid'], $vbulletin->GPC['userid']);
} else {
$subobj->build_user_subscription($vbulletin->GPC['subscriptionid'], -1, $vbulletin->GPC['userid'], $regdate, $expirydate, false);
}
} else {
$userinfo = $db->query_first("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\tWHERE username = '******'username']) . "'\n\t\t");
if (!$userinfo['userid']) {
print_stop_message('no_users_matched_your_query');
$announcementinfo['title'] = fetch_censored_text($announcementinfo['title']);
}
else
{
if (!can_moderate($vbulletin->GPC['forumid'], 'canannounce'))
{
// show no permission
print_no_permission();
}
$announcementinfo = array(
'forumid' => $vbulletin->GPC['forumid'],
'title' => '',
'pagetext' => '',
'startdate' => TIMENOW,
'enddate' => vbmktime(0, 0, 0, vbdate('n', TIMENOW, false, false) + 1, vbdate('j', TIMENOW, false, false), vbdate('Y', TIMENOW, false, false)),
'announcementoptions' => 29
);
$show['editing_mode'] = false;
}
$announcementinfo['title_safe'] = htmlspecialchars($announcementinfo['title']);
// checkboxes
$checked = array();
foreach ($vbulletin->bf_misc_announcementoptions AS $key => $val)
{
$checked["$key"] = ($announcementinfo['announcementoptions'] & $val ? ' checked="checked"' : '');
}
if ($day > gmdate('t', gmmktime(12, 0, 0, $month, $day, $year))) {
// Invalid day, toss it out
$day = 0;
}
}
$today = getdate(TIMENOW - $vbulletin->options['hourdiff']);
if (($year > $today['year'] or $month > $today['mon'] and $year == $today['year']) and ($userinfo and !is_member_of_blog($vbulletin->userinfo, $userinfo) or !$userinfo and !$vbulletin->userinfo['userid'])) {
print_no_permission();
}
require_once DIR . '/includes/functions_misc.php';
if ($day) {
$starttime = vbmktime(0, 0, 0, $month, $day, $year);
$endtime = vbmktime(0, 0, 0, $month, $day + 1, $year);
} else {
$starttime = vbmktime(0, 0, 0, $month, 1, $year);
$endtime = vbmktime(0, 0, 0, $month + 1, 1, $year);
}
$sql1[] = "blog.dateline >= {$starttime}";
$sql1[] = "blog.dateline < {$endtime}";
$orderby = "blog.dateline DESC";
$orderby_union = "dateline_order DESC";
} else {
switch ($vbulletin->GPC['blogtype']) {
case 'best':
$blogtype = 'best';
$sql1[] = "blog.ratingnum >= " . intval($vbulletin->options['vbblog_ratingpost']);
if (!$userinfo) {
$sql2[] = "blog.ratingnum >= " . intval($vbulletin->options['vbblog_ratingpost']);
}
$orderby = "blog.rating DESC, blog.blogid";
$orderby_union = "rating_order DESC, blogid_order";
$vbulletin->input->clean_array_gpc('p', array('issue_id' => TYPE_INT, 'award_id' => TYPE_INT, 'awarduserid' => TYPE_INT, 'awardusername' => TYPE_STR, 'issue_reason' => TYPE_STR, 'issue_time' => TYPE_ARRAY_INT));
if (!empty($vbulletin->GPC['awarduserid'])) {
$user = $db->query_first("\n\t\t\tSELECT userid, username\n\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\tWHERE userid = " . $vbulletin->GPC['awarduserid'] . "\n\t\t");
} else {
if (!empty($vbulletin->GPC['awardusername'])) {
$user = $db->query_first("\n\t\t\tSELECT userid, username\n\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\tWHERE username = '******'awardusername'] . "'\n\t\t");
} else {
print_stop_message('please_complete_required_fields');
}
}
if (empty($user)) {
// no users found!
print_stop_message('no_users_matched_your_query');
}
require_once DIR . '/includes/functions_misc.php';
$vbulletin->GPC['issue_time'] = vbmktime(intval($vbulletin->GPC['issue_time']['hour']), intval($vbulletin->GPC['issue_time']['minute']), 0, intval($vbulletin->GPC['issue_time']['month']), intval($vbulletin->GPC['issue_time']['day']), intval($vbulletin->GPC['issue_time']['year']));
$db->query_write("\n\t\tUPDATE " . TABLE_PREFIX . "award_user\n\t\tSET \n\t\t\tuserid = '" . $user['userid'] . "',\n\t\t\tissue_reason = '" . addslashes($vbulletin->GPC['issue_reason']) . "',\n\t\t\tissue_time = '" . addslashes($vbulletin->GPC['issue_time']) . "'\n\t\tWHERE issue_id = " . $vbulletin->GPC['issue_id'] . "\n\t");
define('CP_REDIRECT', 'award.php?do=awardusers&award_id=' . $vbulletin->GPC['award_id']);
print_stop_message('give_award_to_user_x_successfully', $user['username']);
}
// ###################### Start edit #######################
if ($_REQUEST['do'] == 'editissuedaward') {
$vbulletin->input->clean_array_gpc('r', array('issue_id' => TYPE_INT));
if (empty($vbulletin->GPC['issue_id'])) {
print_stop_message('no_awards_defined');
}
$award = $db->query_first("\n\t\tSELECT au.*, aw.* \n\t\tFROM " . TABLE_PREFIX . "award_user AS au\n\t\tLEFT JOIN " . TABLE_PREFIX . "award AS aw ON (aw.award_id = au.award_id)\n\t\tWHERE au.issue_id = " . $vbulletin->GPC['issue_id'] . "\n\t");
print_form_header();
print_table_header(construct_phrase($vbphrase['x_y_id_z'], $vbphrase['award_name'], $award['award_name'], $award['award_id']), 4, 0);
echo "\n <col align=\"center\" style=\"white-space:nowrap\"></col>\n <col width=\"50%\" align=\"{$stylevar['left']}\"></col>\n <col align=\"center\" style=\"white-space:nowrap\"></col>\n <col align=\"center\" style=\"white-space:nowrap\"></col>\n ";
print_cells_row(array($vbphrase['award_name'], $vbphrase['award_description'], $vbphrase['award_icon'], $vbphrase['award_image']), 1, '', -1);
/**
* Construct a calendar table for the sidebar
*
* @param integer Month
* @param integer Year
* @param integer Userinfo
*
* @return string HTML output
*/
function construct_calendar($month, $year, $userinfo = null)
{
global $vbulletin, $vbphrase, $vbcollapse, $show;
require_once(DIR . '/includes/functions_misc.php');
$months = array(
1 => 'january',
2 => 'february',
3 => 'march',
4 => 'april',
5 => 'may',
6 => 'june',
7 => 'july',
8 => 'august',
9 => 'september',
10 => 'october',
11 => 'november',
12 => 'december'
);
$days = array(
1 => 'sunday',
2 => 'monday',
3 => 'tuesday',
4 => 'wednesday',
5 => 'thursday',
6 => 'friday',
7 => 'saturday',
);
if ($userinfo)
{
$userid = $userinfo['userid'];
}
$monthname = $vbphrase["$months[$month]"];
//$nextmonth = ($month == 12) ? 1 : $month + 1;
//$prevmonth = ($month == 1) ? 12 : $month - 1;
//$nextyear = ($month == 12) ? ($year == 2037 ? 1970 : $year + 1) : $year;
//$prevyear = ($month == 1) ? ($year == 1970 ? 2037 : $year - 1) : $year;
$startdate = getdate(gmmktime(12, 0, 0, $month, 1, $year));
$calendarrows = '';
// set up which days will be shown
$vbulletin->userinfo['startofweek'] = ($vbulletin->userinfo['startofweek'] < 1 OR $vbulletin->userinfo['startofweek'] > 7) ? 1 : $vbulletin->userinfo['startofweek'];
$weekstart = $vbulletin->userinfo['startofweek'];
for ($i = 0; $i < 7; $i++)
{
$dayvarname = 'day' . ($i + 1);
$$dayvarname = $vbphrase[ $days[$weekstart] . '_short'];
$weekstart++;
if ($weekstart == 8)
{
$weekstart = 1;
}
}
$curday = 1;
while (gmdate('w', gmmktime(0, 0, 0, $month, $curday, $year)) + 1 != $vbulletin->userinfo['startofweek'])
{
$curday--;
}
$totaldays = gmdate('t', gmmktime(0, 0, 0, $month, 1, $year));
if (
($totaldays != 30 OR (gmdate('w', gmmktime(0, 0, 0, $month, 30, $year)) + 1) != $vbulletin->userinfo['startofweek'])
AND
(
($totaldays != 31 OR
(
gmdate('w', gmmktime(0, 0, 0, $month, 31, $year)) != $vbulletin->userinfo['startofweek']
AND
(gmdate('w', gmmktime(0, 0, 0, $month, 31, $year)) + 1) != $vbulletin->userinfo['startofweek']
)
)
)
)
{
$curday = $curday - 7;
if ($totaldays == 28 AND gmdate('w', gmmktime(0, 0, 0, $month, 1, $year)) == ($vbulletin->userinfo['startofweek'] - 1))
{
$curday = $curday - 7;
}
}
$sql1 = array();
if (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']))
{
$sql[] = "userid = " . $vbulletin->userinfo['userid'];
}
if (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) AND $vbulletin->userinfo['userid'])
{
if (!empty($sql))
{ // can't view own blog or others' blog
// This condition should not be reachable
$sql1[] = "1 <> 1";
}
else
{
$sql1[] = "blog.userid <> " . $vbulletin->userinfo['userid'];
}
}
$state = array('visible');
if (can_moderate_blog('canmoderateentries'))
{
$state[] = 'moderation';
}
if (can_moderate_blog())
{
$state[] = 'deleted';
}
$sql1join = array();
if (!can_moderate_blog())
{
$sql1join[] = "LEFT JOIN " . TABLE_PREFIX . "blog_user AS blog_user ON (blog_user.bloguserid = blog.userid)";
if ($vbulletin->userinfo['userid'])
{
$userlist_sql = array();
$userlist_sql[] = "(options_ignore & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " AND ignored.relationid IS NOT NULL)";
$userlist_sql[] = "(options_buddy & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " AND buddy.relationid IS NOT NULL)";
$userlist_sql[] = "(options_member & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " AND (options_buddy & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " OR buddy.relationid IS NULL) AND (options_ignore & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " OR ignored.relationid IS NULL))";
$sql1[] = "(" . implode(" OR ", $userlist_sql) . ")";
$sql1join[] = "LEFT JOIN " . TABLE_PREFIX . "userlist AS buddy ON (buddy.userid = blog.userid AND buddy.relationid = " . $vbulletin->userinfo['userid'] . " AND buddy.type = 'buddy')";
$sql1join[] = "LEFT JOIN " . TABLE_PREFIX . "userlist AS ignored ON (ignored.userid = blog.userid AND ignored.relationid = " . $vbulletin->userinfo['userid'] . " AND ignored.type = 'ignore')";
$sql1[] = "(~blog.options & " . $vbulletin->bf_misc_vbblogoptions['private'] . "
OR
(options_buddy & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " AND buddy.relationid IS NOT NULL))";
}
else
{
$sql1[] = "options_guest & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'];
$sql1[] = "~blog.options & " . $vbulletin->bf_misc_vbblogoptions['private'];
}
}
$prevdays = 1;
while (gmdate('w', gmmktime(0, 0, 0, $month + 1, $prevdays, $year)) + 1 != $vbulletin->userinfo['startofweek'])
{
$prevdays--;
}
$adddays = 0;
if ($prevdays <= 0)
{
$adddays = $prevdays + 6;
}
require_once(DIR . '/includes/functions_misc.php');
$starttime = vbmktime(0, 0, 0, $month, $curday, $year);
$endtime = vbmktime(0, 0, 0, $month + 1, 1 + $adddays, $year);
$endtime = ($endtime > TIMENOW) ? TIMENOW : $endtime;
$sql1[] = "state IN('" . implode("', '", $state) . "')";
$sql1['date1'] = "dateline >= $starttime";
$sql1['date2'] = "dateline < $endtime";
if ($userinfo['userid'])
{
$sql1[] = "blog.userid = $userinfo[userid]";
}
$sql2 = array();
if ($userinfo AND is_member_of_blog($vbulletin->userinfo, $userinfo))
{
$sql2[] = "blog.userid = $userinfo[userid]";
$sql2['date1'] = "dateline >= $starttime";
$sql2['date2'] = "dateline < " . vbmktime(0, 0, 0, $month + 1, 1 + $adddays, $year);
}
else if (!$userinfo AND $vbulletin->userinfo['userid'] AND $vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])
{
// blogs that I am a member of here ....
$sql2[] = "blog.userid IN (" . $vbulletin->userinfo['memberblogids'] . ")";
$sql2['date1'] = "dateline >= $starttime";
$sql2['date2'] = "dateline < " . vbmktime(0, 0, 0, $month + 1, 1 + $adddays, $year);
}
if (!empty($vbulletin->userinfo['blogcategorypermissions']['cantview']))
{
$sql1join[] = "LEFT JOIN " . TABLE_PREFIX . "blog_categoryuser AS cu ON (cu.blogid = blog.blogid AND cu.blogcategoryid IN (" . implode(", ", $vbulletin->userinfo['blogcategorypermissions']['cantview']) . "))";
$sql1[] = "cu.blogcategoryid IS NULL";
}
$blogcache = array();
$blogs = $vbulletin->db->query_read_slave("
" . (!empty($sql2) ? "(" : "") . "
SELECT COUNT(*) AS total,
FROM_UNIXTIME(dateline - " . $vbulletin->options['hourdiff'] . ", '%c-%e-%Y') AS period
FROM " . TABLE_PREFIX . "blog AS blog
" . (!empty($sql1join) ? implode("\r\n", $sql1join) : "") . "
WHERE " . implode(" AND ", $sql1) . "
GROUP BY period
" . (!empty($sql2) ? ") UNION (
SELECT COUNT(*) AS total,
FROM_UNIXTIME(dateline - " . $vbulletin->options['hourdiff'] . ", '%c-%e-%Y') AS period
FROM " . TABLE_PREFIX . "blog AS blog
WHERE " . implode(" AND ", $sql2) . "
GROUP BY period
)" : "") . "
");
while ($blog = $vbulletin->db->fetch_array($blogs))
{
$blogcache["$blog[period]"] += $blog['total'];
}
$today = getdate(TIMENOW - $vbulletin->options['hourdiff']);
while (!$monthcomplete)
{
$calendarrows .= '<tr>';
for ($i = 0; $i < 7; $i++)
{
if ($curday <= 0)
{
$currentmonth = ($month - 1 == 0) ? 12 : $month - 1;
$currentyear = ($currentmonth == 12) ? $year - 1 : $year;
}
else if ($curday > $totaldays)
{
$currentmonth = ($month + 1 > 12) ? 1 : $month + 1;
$currentyear = ($currentmonth == 1) ? $year + 1 : $year;
}
else
{
$currentmonth = $month;
$currentyear = $year;
}
$day = gmdate('j', gmmktime(0, 0, 0, $month, $curday, $year));
$show['thismonth'] = ($curday > 0 AND $curday <= $totaldays) ? true : false;
$show['highlighttoday'] = ($currentmonth == $today['mon'] AND $currentyear == $today['year'] AND $day == $today['mday'] AND $show['thismonth']) ? true : false;
$show['daylink'] = false;
if (!empty($blogcache["$currentmonth-$day-$currentyear"]))
{
$total = $blogcache["$currentmonth-$day-$currentyear"];
$show['daylink'] = true;
}
$curday++;
$templater = vB_Template::create('blog_sidebar_calendar_day');
$templater->register('pageinfo_current', array('m' => $currentmonth, 'y' => $currentyear, 'd' => $day));
$templater->register('userinfo', $userinfo);
$templater->register('currentmonth', $currentmonth);
$templater->register('currentyear', $currentyear);
$templater->register('day', $day);
$templater->register('userid', $userid);
$templater->register('total', $total);
$calendarrows .= $templater->render();
}
$calendarrows .= '</tr>';
if ($curday > $totaldays)
{
$monthcomplete = true;
}
}
unset($sql1['date1'], $sql1['date2'], $sql2['date1'], $sql2['date2']);
$starttime = vbmktime(0, 0, 0, $month, 0, $year);
$endtime = vbmktime(0, 0, 0, $month + 1, 0, $year);
$endtime = ($endtime > TIMENOW) ? TIMENOW : $endtime;
$show['nextmonth'] = $show['prevmonth'] = false;
// Get first event before this month
$sql1['date1'] = "dateline < $starttime";
if ($sql2)
{
$sql2['date1'] = "dateline < $starttime";
}
$preventries = $vbulletin->db->query_read_slave("
" . (!empty($sql2) ? "(" : "") . "
SELECT MAX(dateline) AS dateline
FROM " . TABLE_PREFIX . "blog AS blog
" . (!empty($sql1join) ? implode("\r\n", $sql1join) : "") . "
WHERE " . implode(" AND ", $sql1) . "
" . (!empty($sql2) ? ") UNION (
SELECT MAX(dateline) AS dateline
FROM " . TABLE_PREFIX . "blog AS blog
WHERE " . implode(" AND ", $sql2) . "
)" : "") . "
");
$preventry = 0;
while ($entry = $vbulletin->db->fetch_array($preventries))
{
if ($entry['dateline'] AND ($entry['dateline'] > $preventry OR !$preventry))
{
$preventry = $entry['dateline'];
}
}
if ($preventry)
{
$prevmonth = vbdate('n', $preventry);
$prevyear = vbdate('Y', $preventry);
$show['prevmonth'] = true;
}
if (
// Member of blog, viewing blog
($userinfo AND is_member_of_blog($vbulletin->userinfo, $userinfo))
OR
// Registered user viewing front page
(!$userinfo AND $vbulletin->userinfo['userid'])
OR
($year < $today['year'])
OR
($month < $today['mon'])
)
{
// Get first event after this month
unset($sql1['date1'], $sql2['date1']);
$sql1['date1'] = "dateline >= $endtime";
if ($sql2)
{
$sql2['date1'] = "dateline >= $endtime";
}
$postentries = $vbulletin->db->query_read_slave("
" . (!empty($sql2) ? "(" : "") . "
SELECT MIN(dateline) AS dateline
FROM " . TABLE_PREFIX . "blog AS blog
" . (!empty($sql1join) ? implode("\r\n", $sql1join) : "") . "
WHERE " . implode(" AND ", $sql1) . "
" . (!empty($sql2) ? ") UNION (
SELECT MIN(dateline) AS dateline
FROM " . TABLE_PREFIX . "blog AS blog
WHERE " . implode(" AND ", $sql2) . "
)" : "") . "
");
$postentry = 0;
while ($entry = $vbulletin->db->fetch_array($postentries))
{
if ($entry['dateline'] AND ($entry['dateline'] < $postentry OR !$postentry))
{
$postentry = $entry['dateline'];
}
}
if ($postentry)
{
$nextmonth = vbdate('n', $postentry);
$nextyear = vbdate('Y', $postentry);
$show['nextmonth'] = true;
}
}
$templater = vB_Template::create('blog_sidebar_calendar');
$templater->register('pageinfo_prev', array('m' => $prevmonth, 'y' => $prevyear));
$templater->register('pageinfo_next', array('m' => $nextmonth, 'y' => $nextyear));
$templater->register('pageinfo_current', array('m' => $month, 'y' => $year));
$templater->register('userinfo', $userinfo);
$templater->register('userid', $userid);
$templater->register('prevmonth', $prevmonth);
$templater->register('prevyear', $prevyear);
$templater->register('nextmonth', $nextmonth);
$templater->register('nextyear', $nextyear);
$templater->register('month', $month);
$templater->register('year', $year);
$templater->register('monthname', $monthname);
$templater->register('calendarrows', $calendarrows);
for ($x = 1; $x <= 7; $x++)
{
$templater->register("day$x", ${day . $x});
}
return $templater->render();
}
/**
* Makes a printable date from a daily-formatted group date (yyyymmdd).
*
* @param string Group date (yyyymmdd)
*
* @return string Printable version of that date
*/
function make_group_date($groupid)
{
global $vbulletin;
preg_match('#^(\\d{4})(\\d{2})(\\d{2})$#', $groupid, $match);
// use yesterday/today option if they chose to use that (otherwise just show dates)
return vbdate($vbulletin->options['dateformat'], vbmktime(0, 0, 0, $match[2], $match[3], $match[1]), $vbulletin->options['yestoday'] == 1);
}
require_once DIR . '/includes/functions_editor.php';
require_once DIR . '/includes/functions_newpost.php';
require_once DIR . '/includes/modfunctions.php';
if ($announcementinfo['announcementid']) {
if (!can_moderate($announcementinfo['forumid'], 'canannounce')) {
// show no permission
print_no_permission();
}
$show['editing_mode'] = true;
$announcementinfo['title'] = fetch_censored_text($announcementinfo['title']);
} else {
if (!can_moderate($vbulletin->GPC['forumid'], 'canannounce')) {
// show no permission
print_no_permission();
}
$announcementinfo = array('forumid' => $vbulletin->GPC['forumid'], 'title' => '', 'pagetext' => '', 'startdate' => TIMENOW, 'enddate' => vbmktime(0, 0, 0, vbdate('n', TIMENOW, false, false) + 1, vbdate('j', TIMENOW, false, false), vbdate('Y', TIMENOW, false, false)), 'announcementoptions' => 29);
$show['editing_mode'] = false;
}
$announcementinfo['title_safe'] = htmlspecialchars_uni($announcementinfo['title']);
// checkboxes
$checked = array();
foreach ($vbulletin->bf_misc_announcementoptions as $key => $val) {
$checked["{$key}"] = $announcementinfo['announcementoptions'] & $val ? ' checked="checked"' : '';
}
// date fields
foreach (array('start', 'end') as $date_type) {
$GLOBALS["{$date_type}_date_array"] = array('day' => vbdate('j', $announcementinfo["{$date_type}date"], false, false), 'month' => vbdate('n', $announcementinfo["{$date_type}date"], false, false), 'year' => vbdate('Y', $announcementinfo["{$date_type}date"], false, false));
$GLOBALS["{$date_type}_month_selected"] = array();
for ($i = 1; $i <= 12; $i++) {
$GLOBALS["{$date_type}_month_selected"]["{$i}"] = $i == $GLOBALS["{$date_type}_date_array"]['month'] ? ' selected="selected"' : '';
}
public function userReferrers($params, $db, $check_only = false)
{
if ($check_only) {
return !empty($params['startdate']) and !empty($params['enddate']);
} else {
$params = vB::getCleaner()->cleanArray($params, array('startdate' => vB_Cleaner::TYPE_NOCLEAN, 'enddate' => vB_Cleaner::TYPE_NOCLEAN));
require_once DIR . '/includes/functions_misc.php';
if ($params['startdate']['month']) {
$params['startdate'] = vbmktime(intval($params['startdate']['hour']), intval($params['startdate']['minute']), 0, intval($params['startdate']['month']), intval($params['startdate']['day']), intval($params['startdate']['year']));
$datequery = " AND users.joindate >= " . $params['startdate'];
} else {
$params['startdate'] = 0;
}
if ($params['enddate']['month']) {
$params['enddate'] = vbmktime(intval($params['enddate']['hour']), intval($params['enddate']['minute']), 0, intval($params['enddate']['month']), intval($params['enddate']['day']), intval($params['enddate']['year']));
$datequery .= " AND users.joindate <= " . $params['enddate'];
} else {
$params['enddate'] = 0;
}
/* insert sql */
$sql = "\n\t\t\t\t\t\t\t\tSELECT COUNT(*) AS count, user.username, user.userid\n\t\t\t\t\t\t\t\tFROM " . TABLE_PREFIX . "user AS users\n\t\t\t\t\t\t\t\tINNER JOIN " . TABLE_PREFIX . "user AS user ON(users.referrerid = user.userid)\n\t\t\t\t\t\t\t\tWHERE users.referrerid <> 0\n\t\t\t\t\t\t\t\t\t\tAND users.usergroupid NOT IN (3,4)\n\t\t\t\t\t\t\t\t\t\t{$datequery}\n\t\t\t\t\t\t\t\tGROUP BY users.referrerid\n\t\t\t\t\t\t\t\tORDER BY count DESC, username ASC\n\t\t\t\t\t\t";
$resultclass = 'vB_dB_' . $this->db_type . '_result';
$result = new $resultclass($db, $sql);
return $result;
}
}
$points[$key] = $vbulletin->input->do_clean($val, TYPE_UNUM);
$changed = true;
}
}
if ($changed) {
$datastore_rec = array('title' => 'kbank_salary_options', 'data' => serialize($points), 'unserialize' => 1);
if ($found) {
$vbulletin->db->query_write(fetch_query_sql($datastore_rec, 'datastore', "WHERE title = 'kbank_salary_options'"));
} else {
$vbulletin->db->query_write(fetch_query_sql($datastore_rec, 'datastore'));
}
}
}
if ($vbulletin->GPC['from'] and $vbulletin->GPC['to']) {
$vbulletin->GPC['from'] = vbmktime($vbulletin->GPC['from']['hour'], $vbulletin->GPC['from']['minute'], 0, $vbulletin->GPC['from']['month'], $vbulletin->GPC['from']['day'], $vbulletin->GPC['from']['year']);
$vbulletin->GPC['to'] = vbmktime($vbulletin->GPC['to']['hour'], $vbulletin->GPC['to']['minute'], 0, $vbulletin->GPC['to']['month'], $vbulletin->GPC['to']['day'], $vbulletin->GPC['to']['year']);
if ($vbulletin->GPC['from'] == $vbulletin->GPC['to']) {
print_stop_message('kbank_salary_calc_samelog');
}
include_once DIR . '/includes/functions_forumlist.php';
cache_moderators();
$mod_activity = array();
foreach ($imodcache as $forumid => $forummods) {
if ($forumid > 0) {
foreach ($forummods as $mod) {
$tmp =& $mod_activity[$mod['userid']];
if (!is_array($tmp)) {
$tmp = array('userid' => $mod['userid'], 'username' => $mod['username'], 'forumids' => array(), 'childs' => array());
}
$tmp['forumids'][] = $forumid;
$childs = explode(',', $vbulletin->forumcache[$forumid]['childlist']);
print_time_row($vbphrase['start_date'], 'start', $vbulletin->GPC['start'], false);
print_time_row($vbphrase['end_date'], 'end', $vbulletin->GPC['end'], false);
print_submit_row($vbphrase['go']);
}
// *************************************************************************************************
if ($_REQUEST['do'] == 'dolist') {
require_once DIR . '/includes/functions_misc.php';
if ($vbulletin->GPC['startstamp']) {
$vbulletin->GPC['start'] = $vbulletin->GPC['startstamp'];
} else {
$vbulletin->GPC['start'] = vbmktime(0, 0, 0, $vbulletin->GPC['start']['month'], $vbulletin->GPC['start']['day'], $vbulletin->GPC['start']['year']);
}
if ($vbulletin->GPC['endstamp']) {
$vbulletin->GPC['end'] = $vbulletin->GPC['endstamp'];
} else {
$vbulletin->GPC['end'] = vbmktime(23, 59, 59, $vbulletin->GPC['end']['month'], $vbulletin->GPC['end']['day'], $vbulletin->GPC['end']['year']);
}
if ($vbulletin->GPC['start'] >= $vbulletin->GPC['end']) {
print_stop_message('start_date_after_end');
}
if ($vbulletin->GPC['leftby']) {
if (!($leftby_user = $db->query_first("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\tWHERE username = '******'leftby']) . "'\n\t\t"))) {
print_stop_message('could_not_find_user_x', $vbulletin->GPC['leftby']);
}
$vbulletin->GPC['whoadded'] = $leftby_user['userid'];
}
if ($vbulletin->GPC['leftfor']) {
if (!($leftfor_user = $db->query_first("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\tWHERE username = '******'leftfor']) . "'\n\t\t"))) {
print_stop_message('could_not_find_user_x', $vbulletin->GPC['leftfor']);
}
$vbulletin->GPC['userid'] = $leftfor_user['userid'];
function fetch_period_group($itemtime)
{
global $vbphrase, $vbulletin;
static $periods;
// create the periods array if it does not exist
if (empty($periods)) {
$daynum = -1;
$i = 0;
// make $vbulletin->userinfo's startofweek setting agree with the date() function
$weekstart = $vbulletin->userinfo['startofweek'] - 1;
// get the timestamp for the beginning of today, according to vbulletin->userinfo's timezone
$timestamp = vbmktime(0, 0, 0, vbdate('m', TIMENOW, false, false), vbdate('d', TIMENOW, false, false), vbdate('Y', TIMENOW, false, false));
// initialize $periods array with stamp for today
$periods = array('today' => $timestamp);
// create periods for today, yesterday and all days until we hit the start of the week
while ($daynum != $weekstart and $i++ < 7) {
// take away 24 hours
$timestamp -= 86400;
// get the number of the current day
$daynum = vbdate('w', $timestamp, false, false);
if ($i == 1) {
$periods['yesterday'] = $timestamp;
} else {
$periods[strtolower(vbdate('l', $timestamp, false, false))] = $timestamp;
}
}
// create periods for Last Week, 2 Weeks Ago, 3 Weeks Ago and Last Month
$periods['last_week'] = $timestamp -= 7 * 86400;
$periods['2_weeks_ago'] = $timestamp -= 7 * 86400;
$periods['3_weeks_ago'] = $timestamp -= 7 * 86400;
$periods['last_month'] = $timestamp -= 7 * 86400;
}
foreach ($periods as $periodname => $periodtime) {
if ($itemtime >= $periodtime) {
return $periodname;
}
}
return 'older';
}
/**
* Verifies a date array as a valid unix timestamp
*
* @param array Date array containing day/month/year and optionally: hour/minute/second
*
* @return boolean
*/
function verify_date_array(&$date)
{
$date['year'] = intval($date['year']);
$date['month'] = intval($date['month']);
$date['day'] = intval($date['day']);
$date['hour'] = intval($date['hour']);
$date['minute'] = intval($date['minute']);
$date['second'] = intval($date['second']);
if ($date['year'] < 1970) {
return false;
} else {
if (checkdate($date['month'], $date['day'], $date['year'])) {
$date = vbmktime($date['hour'], $date['minute'], $date['second'], $date['month'], $date['day'], $date['year']);
return true;
} else {
return false;
}
}
}
if ($vbulletin->userinfo['permissions']['vbblog_entry_permissions'] & $vbulletin->bf_ugp_vbblog_entry_permissions['blog_allowbbcode'] AND $vbulletin->GPC['parseurl'])
{
require_once(DIR . '/includes/functions_newpost.php');
$vbulletin->GPC['message'] = convert_url_to_bbcode($vbulletin->GPC['message']);
}
// handle clicks on the 'save draft' button
if (!empty($vbulletin->GPC['draft']))
{
$vbulletin->GPC['status'] = 'draft';
}
if ($vbulletin->GPC['status'] == 'publish_on')
{
require_once(DIR . '/includes/functions_misc.php');
$blog['dateline'] = vbmktime($vbulletin->GPC['publish']['hour'], $vbulletin->GPC['publish']['minute'], 0, $vbulletin->GPC['publish']['month'], $vbulletin->GPC['publish']['day'], $vbulletin->GPC['publish']['year']);
}
$blogman =& datamanager_init('Blog_Firstpost', $vbulletin, ERRTYPE_ARRAY, 'blog');
if ($vbulletin->GPC['blogid'])
{ // Editing
$bloginfo = verify_blog($blogid);
/* Check edit blog */
if (!fetch_entry_perm('edit', $bloginfo))
{
print_no_permission();
}
$show['edit'] = true;
$userinfo = fetch_userinfo($bloginfo['userid']);
$blogman->set_existing($bloginfo);
