/** * Prints a row containing form elements to input a date & time * * Resulting form element names: $name[day], $name[month], $name[year], $name[hour], $name[minute] * * @param string Title for row * @param string Base name for form elements - $name[day], $name[month], $name[year] etc. * @param mixed Unix timestamp to be represented by the form fields OR SQL date field (yyyy-mm-dd) * @param boolean Whether or not to show the time input components, or only the date * @param boolean If true, expect an SQL date field from the unix timestamp parameter instead (for birthdays) * @param string Vertical alignment for the row */ function print_time_row($title, $name = 'date', $unixtime = '', $showtime = true, $birthday = false, $valign = 'middle') { global $vbphrase, $vbulletin, $stylevar; static $datepicker_output = false; if (!$datepicker_output) { echo ' <script type="text/javascript" src="../clientscript/vbulletin_date_picker.js"></script> <script type="text/javascript"> <!-- vbphrase["sunday"] = "' . $vbphrase['sunday'] . '"; vbphrase["monday"] = "' . $vbphrase['monday'] . '"; vbphrase["tuesday"] = "' . $vbphrase['tuesday'] . '"; vbphrase["wednesday"] = "' . $vbphrase['wednesday'] . '"; vbphrase["thursday"] = "' . $vbphrase['thursday'] . '"; vbphrase["friday"] = "' . $vbphrase['friday'] . '"; vbphrase["saturday"] = "' . $vbphrase['saturday'] . '"; --> </script> '; $datepicker_output = true; } $monthnames = array(0 => '- - - -', 1 => $vbphrase['january'], 2 => $vbphrase['february'], 3 => $vbphrase['march'], 4 => $vbphrase['april'], 5 => $vbphrase['may'], 6 => $vbphrase['june'], 7 => $vbphrase['july'], 8 => $vbphrase['august'], 9 => $vbphrase['september'], 10 => $vbphrase['october'], 11 => $vbphrase['november'], 12 => $vbphrase['december']); if (is_array($unixtime)) { require_once DIR . '/includes/functions_misc.php'; $unixtime = vbmktime(0, 0, 0, $unixtime['month'], $unixtime['day'], $unixtime['year']); } if ($birthday) { // mktime() on win32 doesn't support dates before 1970 so we can't fool with a negative timestamp if ($unixtime == '') { $month = 0; $day = ''; $year = ''; } else { $temp = explode('-', $unixtime); $month = intval($temp[0]); $day = intval($temp[1]); if ($temp[2] == '0000') { $year = ''; } else { $year = intval($temp[2]); } } } else { if ($unixtime) { $month = vbdate('n', $unixtime, false, false); $day = vbdate('j', $unixtime, false, false); $year = vbdate('Y', $unixtime, false, false); $hour = vbdate('G', $unixtime, false, false); $minute = vbdate('i', $unixtime, false, false); } } $cell = array(); $cell[] = "<label for=\"{$name}_month\">{$vbphrase['month']}</label><br /><select name=\"{$name}[month]\" id=\"{$name}_month\" tabindex=\"1\" class=\"bginput\"" . iif($vbulletin->debug, " title=\"name="{$name}" . "[month]"\"") . ">\n" . construct_select_options($monthnames, $month) . "\t\t</select>"; $cell[] = "<label for=\"{$name}_date\">{$vbphrase['day']}</label><br /><input type=\"text\" class=\"bginput\" name=\"{$name}[day]\" id=\"{$name}_date\" value=\"{$day}\" size=\"4\" maxlength=\"2\" tabindex=\"1\"" . iif($vbulletin->debug, " title=\"name="{$name}" . "[day]"\"") . ' />'; $cell[] = "<label for=\"{$name}_year\">{$vbphrase['year']}</label><br /><input type=\"text\" class=\"bginput\" name=\"{$name}[year]\" id=\"{$name}_year\" value=\"{$year}\" size=\"4\" maxlength=\"4\" tabindex=\"1\"" . iif($vbulletin->debug, " title=\"name="{$name}" . "[year]"\"") . ' />'; if ($showtime) { $cell[] = $vbphrase['hour'] . '<br /><input type="text" tabindex="1" class="bginput" name="' . $name . '[hour]" value="' . $hour . '" size="4"' . iif($vbulletin->debug, " title=\"name="{$name}" . "[hour]"\"") . ' />'; $cell[] = $vbphrase['minute'] . '<br /><input type="text" tabindex="1" class="bginput" name="' . $name . '[minute]" value="' . $minute . '" size="4"' . iif($vbulletin->debug, " title=\"name="{$name}" . "[minute]"\"") . ' />'; } $inputs = ''; foreach ($cell as $html) { $inputs .= "\t\t<td><span class=\"smallfont\">{$html}</span></td>\n"; } print_label_row($title, "<div id=\"ctrl_{$name}\"><table cellpadding=\"0\" cellspacing=\"2\" border=\"0\"><tr>\n{$inputs}\t\n</tr></table></div>", '', 'top', $name); echo "<script type=\"text/javascript\"> new vB_DatePicker(\"{$name}_year\", \"{$name}_\", \"" . $vbulletin->userinfo['startofweek'] . "\"); </script>\r\n"; }
<div class="darkbg" style="border: 2px inset"><ul class="darkbg"> <li class="modtoday">' . $vbphrase['today'] . '</li> <li class="modyesterday">' . $vbphrase['yesterday'] . '</li> <li class="modlasttendays">' . construct_phrase($vbphrase['within_the_last_x_days'], '10') . '</li> <li class="modsincetendays">' . construct_phrase($vbphrase['more_than_x_days_ago'], '10') . '</li> <li class="modsincethirtydays"> ' . construct_phrase($vbphrase['more_than_x_days_ago'], '30') . '</li> </ul></div> '); print_table_footer(); print_form_header('', ''); print_table_header($vbphrase['moderators']); echo "<tr valign=\"top\">\n\t<td class=\"" . fetch_row_bgclass() . "\" colspan=\"2\">"; echo "<div class=\"darkbg\" style=\"padding: 4px; border: 2px inset; text-align: {$stylevar['left']}\">"; // get the timestamp for the beginning of today, according to bbuserinfo's timezone require_once DIR . '/includes/functions_misc.php'; $unixtoday = vbmktime(0, 0, 0, vbdate('m', TIMENOW, false, false), vbdate('d', TIMENOW, false, false), vbdate('Y', TIMENOW, false, false)); $list = array(); $curforum = -1; if ($db->num_rows($forums)) { while ($forum = $db->fetch_array($forums)) { $modlist["{$forum['userid']}"]++; if ($curforum != $forum['forumid']) { $curforum = $forum['forumid']; if ($countforums++ != 0) { echo "\t\t</ul>\n\t\t</ul>\n\t</li>\n\t</ul>\n"; } echo "\n\t<ul>\n\t<li><b><a href=\"../forumdisplay.php?" . $vbulletin->session->vars['sessionurl'] . "f={$forum['forumid']}\">{$forum['title']}</a></b>\n"; echo "\n\t\t<ul>{$vbphrase['moderators']}\n\t<ul>\n"; } if ($forum['lastactivity'] >= $unixtoday) { $onlinecolor = 'modtoday';
print_time_row($vbphrase['end_date'], 'enddate', TIMENOW, 1, 0, 'middle'); print_submit_row($vbphrase['find']); } // ############################# start show referrers ######################### if ($_POST['do'] == 'showreferrers') { $vbulletin->input->clean_array_gpc('p', array('startdate' => vB_Cleaner::TYPE_ARRAY_INT, 'enddate' => vB_Cleaner::TYPE_ARRAY_INT)); require_once DIR . '/includes/functions_misc.php'; $datequery = ''; if ($vbulletin->GPC['startdate']['month']) { $datestartText = vbmktime(intval($vbulletin->GPC['startdate']['hour']), intval($vbulletin->GPC['startdate']['minute']), 0, intval($vbulletin->GPC['startdate']['month']), intval($vbulletin->GPC['startdate']['day']), intval($vbulletin->GPC['startdate']['year'])); $datestart = vbdate($vbulletin->options['dateformat'] . ' ' . $vbulletin->options['timeformat'], $datestartText); } else { $vbulletin->GPC['startdate'] = 0; } if ($vbulletin->GPC['enddate']['month']) { $dateendText = vbmktime(intval($vbulletin->GPC['enddate']['hour']), intval($vbulletin->GPC['enddate']['minute']), 0, intval($vbulletin->GPC['enddate']['month']), intval($vbulletin->GPC['enddate']['day']), intval($vbulletin->GPC['enddate']['year'])); $dateend = vbdate($vbulletin->options['dateformat'] . ' ' . $vbulletin->options['timeformat'], $dateendText); } else { $vbulletin->GPC['enddate'] = 0; } if ($datestart or $dateend) { $refperiod = construct_phrase($vbphrase['x_to_y'], $datestart, $dateend); } else { $refperiod = $vbphrase['all_time']; } try { $users = vB_Api::instanceInternal('user')->fetchReferrers($vbulletin->GPC['startdate'], $vbulletin->GPC['enddate']); } catch (vB_Exception_Api $ex) { print_stop_message2($ex->getMessage()); } if (!count($users)) {
/** * Does the actual work to make a variable safe * * @param mixed The data we want to make safe * @param integer The type of the data * * @return mixed */ function &do_clean(&$data, $type) { static $booltypes = array('1', 'yes', 'y', 'true'); switch ($type) { case TYPE_INT: $data = intval($data); break; case TYPE_UINT: $data = ($data = intval($data)) < 0 ? 0 : $data; break; case TYPE_NUM: $data = strval($data) + 0; break; case TYPE_UNUM: $data = strval($data) + 0; $data = $data < 0 ? 0 : $data; break; case TYPE_BINARY: $data = strval($data); break; case TYPE_STR: $data = trim(strval($data)); break; case TYPE_NOTRIM: $data = strval($data); break; case TYPE_NOHTML: $data = htmlspecialchars_uni(trim(strval($data))); break; case TYPE_BOOL: $data = in_array(strtolower($data), $booltypes) ? 1 : 0; break; case TYPE_ARRAY: $data = is_array($data) ? $data : array(); break; case TYPE_NOHTMLCOND: $data = trim(strval($data)); if (strcspn($data, '<>"') < strlen($data) or strpos($data, '&') !== false and !preg_match('/&(#[0-9]+|amp|lt|gt|quot);/si', $data)) { // data is not htmlspecialchars because it still has characters or entities it shouldn't $data = htmlspecialchars_uni($data); } break; case TYPE_FILE: // perhaps redundant :p if (is_array($data)) { if (is_array($data['name'])) { $files = count($data['name']); for ($index = 0; $index < $files; $index++) { $data['name']["{$index}"] = trim(strval($data['name']["{$index}"])); $data['type']["{$index}"] = trim(strval($data['type']["{$index}"])); $data['tmp_name']["{$index}"] = trim(strval($data['tmp_name']["{$index}"])); $data['error']["{$index}"] = intval($data['error']["{$index}"]); $data['size']["{$index}"] = intval($data['size']["{$index}"]); } } else { $data['name'] = trim(strval($data['name'])); $data['type'] = trim(strval($data['type'])); $data['tmp_name'] = trim(strval($data['tmp_name'])); $data['error'] = intval($data['error']); $data['size'] = intval($data['size']); } } else { $data = array('name' => '', 'type' => '', 'tmp_name' => '', 'error' => 0, 'size' => 4); } break; case TYPE_UNIXTIME: if (is_array($data)) { $data = $this->clean($data, TYPE_ARRAY_UINT); if ($data['month'] and $data['day'] and $data['year']) { require_once DIR . '/includes/functions_misc.php'; $data = vbmktime($data['hour'], $data['minute'], $data['second'], $data['month'], $data['day'], $data['year']); } else { $data = 0; } } else { $data = ($data = intval($data)) < 0 ? 0 : $data; } break; // null actions should be deifned here so we can still catch typos below // null actions should be deifned here so we can still catch typos below case TYPE_NOCLEAN: break; default: if ($this->registry->debug) { trigger_error('vB_Input_Cleaner::do_clean() Invalid data type specified', E_USER_WARNING); } } // strip out characters that really have no business being in non-binary data switch ($type) { case TYPE_STR: case TYPE_NOTRIM: case TYPE_NOHTML: case TYPE_NOHTMLCOND: $data = str_replace(chr(0), '', $data); } return $data; }
} else { if ($vbulletin->GPC['limitstart'] > 0 and $limitfinish >= $countusers['users']) { print_submit_row($vbphrase['first_page'], 0, 6, $vbphrase['prev_page'], '', true); } else { print_table_footer(); } } } } } // ###################### Start status ####################### if ($_POST['do'] == 'status') { $vbulletin->input->clean_array_gpc('p', array('subscriptionlogid' => TYPE_INT, 'status' => TYPE_INT, 'regdate' => TYPE_ARRAY_INT, 'expirydate' => TYPE_ARRAY_INT, 'username' => TYPE_NOHTML)); require_once DIR . '/includes/functions_misc.php'; $regdate = vbmktime($vbulletin->GPC['regdate']['hour'], $vbulletin->GPC['regdate']['minute'], 0, $vbulletin->GPC['regdate']['month'], $vbulletin->GPC['regdate']['day'], $vbulletin->GPC['regdate']['year']); $expirydate = vbmktime($vbulletin->GPC['expirydate']['hour'], $vbulletin->GPC['expirydate']['minute'], 0, $vbulletin->GPC['expirydate']['month'], $vbulletin->GPC['expirydate']['day'], $vbulletin->GPC['expirydate']['year']); if ($expirydate < 0 or $expirydate <= $regdate) { print_stop_message('invalid_subscription_length'); } if ($vbulletin->GPC['userid']) { // already existing entry if (!$vbulletin->GPC['status']) { $db->query_write("\n\t\t\t\tUPDATE " . TABLE_PREFIX . "subscriptionlog\n\t\t\t\tSET regdate = {$regdate}, expirydate = {$expirydate}\n\t\t\t\tWHERE userid = " . $vbulletin->GPC['userid'] . "\n\t\t\t\t\tAND subscriptionid = " . $vbulletin->GPC['subscriptionid'] . "\n\t\t\t"); $subobj->delete_user_subscription($vbulletin->GPC['subscriptionid'], $vbulletin->GPC['userid']); } else { $subobj->build_user_subscription($vbulletin->GPC['subscriptionid'], -1, $vbulletin->GPC['userid'], $regdate, $expirydate, false); } } else { $userinfo = $db->query_first("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\tWHERE username = '******'username']) . "'\n\t\t"); if (!$userinfo['userid']) { print_stop_message('no_users_matched_your_query');
$announcementinfo['title'] = fetch_censored_text($announcementinfo['title']); } else { if (!can_moderate($vbulletin->GPC['forumid'], 'canannounce')) { // show no permission print_no_permission(); } $announcementinfo = array( 'forumid' => $vbulletin->GPC['forumid'], 'title' => '', 'pagetext' => '', 'startdate' => TIMENOW, 'enddate' => vbmktime(0, 0, 0, vbdate('n', TIMENOW, false, false) + 1, vbdate('j', TIMENOW, false, false), vbdate('Y', TIMENOW, false, false)), 'announcementoptions' => 29 ); $show['editing_mode'] = false; } $announcementinfo['title_safe'] = htmlspecialchars($announcementinfo['title']); // checkboxes $checked = array(); foreach ($vbulletin->bf_misc_announcementoptions AS $key => $val) { $checked["$key"] = ($announcementinfo['announcementoptions'] & $val ? ' checked="checked"' : ''); }
if ($day > gmdate('t', gmmktime(12, 0, 0, $month, $day, $year))) { // Invalid day, toss it out $day = 0; } } $today = getdate(TIMENOW - $vbulletin->options['hourdiff']); if (($year > $today['year'] or $month > $today['mon'] and $year == $today['year']) and ($userinfo and !is_member_of_blog($vbulletin->userinfo, $userinfo) or !$userinfo and !$vbulletin->userinfo['userid'])) { print_no_permission(); } require_once DIR . '/includes/functions_misc.php'; if ($day) { $starttime = vbmktime(0, 0, 0, $month, $day, $year); $endtime = vbmktime(0, 0, 0, $month, $day + 1, $year); } else { $starttime = vbmktime(0, 0, 0, $month, 1, $year); $endtime = vbmktime(0, 0, 0, $month + 1, 1, $year); } $sql1[] = "blog.dateline >= {$starttime}"; $sql1[] = "blog.dateline < {$endtime}"; $orderby = "blog.dateline DESC"; $orderby_union = "dateline_order DESC"; } else { switch ($vbulletin->GPC['blogtype']) { case 'best': $blogtype = 'best'; $sql1[] = "blog.ratingnum >= " . intval($vbulletin->options['vbblog_ratingpost']); if (!$userinfo) { $sql2[] = "blog.ratingnum >= " . intval($vbulletin->options['vbblog_ratingpost']); } $orderby = "blog.rating DESC, blog.blogid"; $orderby_union = "rating_order DESC, blogid_order";
$vbulletin->input->clean_array_gpc('p', array('issue_id' => TYPE_INT, 'award_id' => TYPE_INT, 'awarduserid' => TYPE_INT, 'awardusername' => TYPE_STR, 'issue_reason' => TYPE_STR, 'issue_time' => TYPE_ARRAY_INT)); if (!empty($vbulletin->GPC['awarduserid'])) { $user = $db->query_first("\n\t\t\tSELECT userid, username\n\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\tWHERE userid = " . $vbulletin->GPC['awarduserid'] . "\n\t\t"); } else { if (!empty($vbulletin->GPC['awardusername'])) { $user = $db->query_first("\n\t\t\tSELECT userid, username\n\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\tWHERE username = '******'awardusername'] . "'\n\t\t"); } else { print_stop_message('please_complete_required_fields'); } } if (empty($user)) { // no users found! print_stop_message('no_users_matched_your_query'); } require_once DIR . '/includes/functions_misc.php'; $vbulletin->GPC['issue_time'] = vbmktime(intval($vbulletin->GPC['issue_time']['hour']), intval($vbulletin->GPC['issue_time']['minute']), 0, intval($vbulletin->GPC['issue_time']['month']), intval($vbulletin->GPC['issue_time']['day']), intval($vbulletin->GPC['issue_time']['year'])); $db->query_write("\n\t\tUPDATE " . TABLE_PREFIX . "award_user\n\t\tSET \n\t\t\tuserid = '" . $user['userid'] . "',\n\t\t\tissue_reason = '" . addslashes($vbulletin->GPC['issue_reason']) . "',\n\t\t\tissue_time = '" . addslashes($vbulletin->GPC['issue_time']) . "'\n\t\tWHERE issue_id = " . $vbulletin->GPC['issue_id'] . "\n\t"); define('CP_REDIRECT', 'award.php?do=awardusers&award_id=' . $vbulletin->GPC['award_id']); print_stop_message('give_award_to_user_x_successfully', $user['username']); } // ###################### Start edit ####################### if ($_REQUEST['do'] == 'editissuedaward') { $vbulletin->input->clean_array_gpc('r', array('issue_id' => TYPE_INT)); if (empty($vbulletin->GPC['issue_id'])) { print_stop_message('no_awards_defined'); } $award = $db->query_first("\n\t\tSELECT au.*, aw.* \n\t\tFROM " . TABLE_PREFIX . "award_user AS au\n\t\tLEFT JOIN " . TABLE_PREFIX . "award AS aw ON (aw.award_id = au.award_id)\n\t\tWHERE au.issue_id = " . $vbulletin->GPC['issue_id'] . "\n\t"); print_form_header(); print_table_header(construct_phrase($vbphrase['x_y_id_z'], $vbphrase['award_name'], $award['award_name'], $award['award_id']), 4, 0); echo "\n <col align=\"center\" style=\"white-space:nowrap\"></col>\n <col width=\"50%\" align=\"{$stylevar['left']}\"></col>\n <col align=\"center\" style=\"white-space:nowrap\"></col>\n <col align=\"center\" style=\"white-space:nowrap\"></col>\n "; print_cells_row(array($vbphrase['award_name'], $vbphrase['award_description'], $vbphrase['award_icon'], $vbphrase['award_image']), 1, '', -1);
/** * Construct a calendar table for the sidebar * * @param integer Month * @param integer Year * @param integer Userinfo * * @return string HTML output */ function construct_calendar($month, $year, $userinfo = null) { global $vbulletin, $vbphrase, $vbcollapse, $show; require_once(DIR . '/includes/functions_misc.php'); $months = array( 1 => 'january', 2 => 'february', 3 => 'march', 4 => 'april', 5 => 'may', 6 => 'june', 7 => 'july', 8 => 'august', 9 => 'september', 10 => 'october', 11 => 'november', 12 => 'december' ); $days = array( 1 => 'sunday', 2 => 'monday', 3 => 'tuesday', 4 => 'wednesday', 5 => 'thursday', 6 => 'friday', 7 => 'saturday', ); if ($userinfo) { $userid = $userinfo['userid']; } $monthname = $vbphrase["$months[$month]"]; //$nextmonth = ($month == 12) ? 1 : $month + 1; //$prevmonth = ($month == 1) ? 12 : $month - 1; //$nextyear = ($month == 12) ? ($year == 2037 ? 1970 : $year + 1) : $year; //$prevyear = ($month == 1) ? ($year == 1970 ? 2037 : $year - 1) : $year; $startdate = getdate(gmmktime(12, 0, 0, $month, 1, $year)); $calendarrows = ''; // set up which days will be shown $vbulletin->userinfo['startofweek'] = ($vbulletin->userinfo['startofweek'] < 1 OR $vbulletin->userinfo['startofweek'] > 7) ? 1 : $vbulletin->userinfo['startofweek']; $weekstart = $vbulletin->userinfo['startofweek']; for ($i = 0; $i < 7; $i++) { $dayvarname = 'day' . ($i + 1); $$dayvarname = $vbphrase[ $days[$weekstart] . '_short']; $weekstart++; if ($weekstart == 8) { $weekstart = 1; } } $curday = 1; while (gmdate('w', gmmktime(0, 0, 0, $month, $curday, $year)) + 1 != $vbulletin->userinfo['startofweek']) { $curday--; } $totaldays = gmdate('t', gmmktime(0, 0, 0, $month, 1, $year)); if ( ($totaldays != 30 OR (gmdate('w', gmmktime(0, 0, 0, $month, 30, $year)) + 1) != $vbulletin->userinfo['startofweek']) AND ( ($totaldays != 31 OR ( gmdate('w', gmmktime(0, 0, 0, $month, 31, $year)) != $vbulletin->userinfo['startofweek'] AND (gmdate('w', gmmktime(0, 0, 0, $month, 31, $year)) + 1) != $vbulletin->userinfo['startofweek'] ) ) ) ) { $curday = $curday - 7; if ($totaldays == 28 AND gmdate('w', gmmktime(0, 0, 0, $month, 1, $year)) == ($vbulletin->userinfo['startofweek'] - 1)) { $curday = $curday - 7; } } $sql1 = array(); if (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) { $sql[] = "userid = " . $vbulletin->userinfo['userid']; } if (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) AND $vbulletin->userinfo['userid']) { if (!empty($sql)) { // can't view own blog or others' blog // This condition should not be reachable $sql1[] = "1 <> 1"; } else { $sql1[] = "blog.userid <> " . $vbulletin->userinfo['userid']; } } $state = array('visible'); if (can_moderate_blog('canmoderateentries')) { $state[] = 'moderation'; } if (can_moderate_blog()) { $state[] = 'deleted'; } $sql1join = array(); if (!can_moderate_blog()) { $sql1join[] = "LEFT JOIN " . TABLE_PREFIX . "blog_user AS blog_user ON (blog_user.bloguserid = blog.userid)"; if ($vbulletin->userinfo['userid']) { $userlist_sql = array(); $userlist_sql[] = "(options_ignore & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " AND ignored.relationid IS NOT NULL)"; $userlist_sql[] = "(options_buddy & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " AND buddy.relationid IS NOT NULL)"; $userlist_sql[] = "(options_member & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " AND (options_buddy & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " OR buddy.relationid IS NULL) AND (options_ignore & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " OR ignored.relationid IS NULL))"; $sql1[] = "(" . implode(" OR ", $userlist_sql) . ")"; $sql1join[] = "LEFT JOIN " . TABLE_PREFIX . "userlist AS buddy ON (buddy.userid = blog.userid AND buddy.relationid = " . $vbulletin->userinfo['userid'] . " AND buddy.type = 'buddy')"; $sql1join[] = "LEFT JOIN " . TABLE_PREFIX . "userlist AS ignored ON (ignored.userid = blog.userid AND ignored.relationid = " . $vbulletin->userinfo['userid'] . " AND ignored.type = 'ignore')"; $sql1[] = "(~blog.options & " . $vbulletin->bf_misc_vbblogoptions['private'] . " OR (options_buddy & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog'] . " AND buddy.relationid IS NOT NULL))"; } else { $sql1[] = "options_guest & " . $vbulletin->bf_misc_vbblogsocnetoptions['canviewmyblog']; $sql1[] = "~blog.options & " . $vbulletin->bf_misc_vbblogoptions['private']; } } $prevdays = 1; while (gmdate('w', gmmktime(0, 0, 0, $month + 1, $prevdays, $year)) + 1 != $vbulletin->userinfo['startofweek']) { $prevdays--; } $adddays = 0; if ($prevdays <= 0) { $adddays = $prevdays + 6; } require_once(DIR . '/includes/functions_misc.php'); $starttime = vbmktime(0, 0, 0, $month, $curday, $year); $endtime = vbmktime(0, 0, 0, $month + 1, 1 + $adddays, $year); $endtime = ($endtime > TIMENOW) ? TIMENOW : $endtime; $sql1[] = "state IN('" . implode("', '", $state) . "')"; $sql1['date1'] = "dateline >= $starttime"; $sql1['date2'] = "dateline < $endtime"; if ($userinfo['userid']) { $sql1[] = "blog.userid = $userinfo[userid]"; } $sql2 = array(); if ($userinfo AND is_member_of_blog($vbulletin->userinfo, $userinfo)) { $sql2[] = "blog.userid = $userinfo[userid]"; $sql2['date1'] = "dateline >= $starttime"; $sql2['date2'] = "dateline < " . vbmktime(0, 0, 0, $month + 1, 1 + $adddays, $year); } else if (!$userinfo AND $vbulletin->userinfo['userid'] AND $vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) { // blogs that I am a member of here .... $sql2[] = "blog.userid IN (" . $vbulletin->userinfo['memberblogids'] . ")"; $sql2['date1'] = "dateline >= $starttime"; $sql2['date2'] = "dateline < " . vbmktime(0, 0, 0, $month + 1, 1 + $adddays, $year); } if (!empty($vbulletin->userinfo['blogcategorypermissions']['cantview'])) { $sql1join[] = "LEFT JOIN " . TABLE_PREFIX . "blog_categoryuser AS cu ON (cu.blogid = blog.blogid AND cu.blogcategoryid IN (" . implode(", ", $vbulletin->userinfo['blogcategorypermissions']['cantview']) . "))"; $sql1[] = "cu.blogcategoryid IS NULL"; } $blogcache = array(); $blogs = $vbulletin->db->query_read_slave(" " . (!empty($sql2) ? "(" : "") . " SELECT COUNT(*) AS total, FROM_UNIXTIME(dateline - " . $vbulletin->options['hourdiff'] . ", '%c-%e-%Y') AS period FROM " . TABLE_PREFIX . "blog AS blog " . (!empty($sql1join) ? implode("\r\n", $sql1join) : "") . " WHERE " . implode(" AND ", $sql1) . " GROUP BY period " . (!empty($sql2) ? ") UNION ( SELECT COUNT(*) AS total, FROM_UNIXTIME(dateline - " . $vbulletin->options['hourdiff'] . ", '%c-%e-%Y') AS period FROM " . TABLE_PREFIX . "blog AS blog WHERE " . implode(" AND ", $sql2) . " GROUP BY period )" : "") . " "); while ($blog = $vbulletin->db->fetch_array($blogs)) { $blogcache["$blog[period]"] += $blog['total']; } $today = getdate(TIMENOW - $vbulletin->options['hourdiff']); while (!$monthcomplete) { $calendarrows .= '<tr>'; for ($i = 0; $i < 7; $i++) { if ($curday <= 0) { $currentmonth = ($month - 1 == 0) ? 12 : $month - 1; $currentyear = ($currentmonth == 12) ? $year - 1 : $year; } else if ($curday > $totaldays) { $currentmonth = ($month + 1 > 12) ? 1 : $month + 1; $currentyear = ($currentmonth == 1) ? $year + 1 : $year; } else { $currentmonth = $month; $currentyear = $year; } $day = gmdate('j', gmmktime(0, 0, 0, $month, $curday, $year)); $show['thismonth'] = ($curday > 0 AND $curday <= $totaldays) ? true : false; $show['highlighttoday'] = ($currentmonth == $today['mon'] AND $currentyear == $today['year'] AND $day == $today['mday'] AND $show['thismonth']) ? true : false; $show['daylink'] = false; if (!empty($blogcache["$currentmonth-$day-$currentyear"])) { $total = $blogcache["$currentmonth-$day-$currentyear"]; $show['daylink'] = true; } $curday++; $templater = vB_Template::create('blog_sidebar_calendar_day'); $templater->register('pageinfo_current', array('m' => $currentmonth, 'y' => $currentyear, 'd' => $day)); $templater->register('userinfo', $userinfo); $templater->register('currentmonth', $currentmonth); $templater->register('currentyear', $currentyear); $templater->register('day', $day); $templater->register('userid', $userid); $templater->register('total', $total); $calendarrows .= $templater->render(); } $calendarrows .= '</tr>'; if ($curday > $totaldays) { $monthcomplete = true; } } unset($sql1['date1'], $sql1['date2'], $sql2['date1'], $sql2['date2']); $starttime = vbmktime(0, 0, 0, $month, 0, $year); $endtime = vbmktime(0, 0, 0, $month + 1, 0, $year); $endtime = ($endtime > TIMENOW) ? TIMENOW : $endtime; $show['nextmonth'] = $show['prevmonth'] = false; // Get first event before this month $sql1['date1'] = "dateline < $starttime"; if ($sql2) { $sql2['date1'] = "dateline < $starttime"; } $preventries = $vbulletin->db->query_read_slave(" " . (!empty($sql2) ? "(" : "") . " SELECT MAX(dateline) AS dateline FROM " . TABLE_PREFIX . "blog AS blog " . (!empty($sql1join) ? implode("\r\n", $sql1join) : "") . " WHERE " . implode(" AND ", $sql1) . " " . (!empty($sql2) ? ") UNION ( SELECT MAX(dateline) AS dateline FROM " . TABLE_PREFIX . "blog AS blog WHERE " . implode(" AND ", $sql2) . " )" : "") . " "); $preventry = 0; while ($entry = $vbulletin->db->fetch_array($preventries)) { if ($entry['dateline'] AND ($entry['dateline'] > $preventry OR !$preventry)) { $preventry = $entry['dateline']; } } if ($preventry) { $prevmonth = vbdate('n', $preventry); $prevyear = vbdate('Y', $preventry); $show['prevmonth'] = true; } if ( // Member of blog, viewing blog ($userinfo AND is_member_of_blog($vbulletin->userinfo, $userinfo)) OR // Registered user viewing front page (!$userinfo AND $vbulletin->userinfo['userid']) OR ($year < $today['year']) OR ($month < $today['mon']) ) { // Get first event after this month unset($sql1['date1'], $sql2['date1']); $sql1['date1'] = "dateline >= $endtime"; if ($sql2) { $sql2['date1'] = "dateline >= $endtime"; } $postentries = $vbulletin->db->query_read_slave(" " . (!empty($sql2) ? "(" : "") . " SELECT MIN(dateline) AS dateline FROM " . TABLE_PREFIX . "blog AS blog " . (!empty($sql1join) ? implode("\r\n", $sql1join) : "") . " WHERE " . implode(" AND ", $sql1) . " " . (!empty($sql2) ? ") UNION ( SELECT MIN(dateline) AS dateline FROM " . TABLE_PREFIX . "blog AS blog WHERE " . implode(" AND ", $sql2) . " )" : "") . " "); $postentry = 0; while ($entry = $vbulletin->db->fetch_array($postentries)) { if ($entry['dateline'] AND ($entry['dateline'] < $postentry OR !$postentry)) { $postentry = $entry['dateline']; } } if ($postentry) { $nextmonth = vbdate('n', $postentry); $nextyear = vbdate('Y', $postentry); $show['nextmonth'] = true; } } $templater = vB_Template::create('blog_sidebar_calendar'); $templater->register('pageinfo_prev', array('m' => $prevmonth, 'y' => $prevyear)); $templater->register('pageinfo_next', array('m' => $nextmonth, 'y' => $nextyear)); $templater->register('pageinfo_current', array('m' => $month, 'y' => $year)); $templater->register('userinfo', $userinfo); $templater->register('userid', $userid); $templater->register('prevmonth', $prevmonth); $templater->register('prevyear', $prevyear); $templater->register('nextmonth', $nextmonth); $templater->register('nextyear', $nextyear); $templater->register('month', $month); $templater->register('year', $year); $templater->register('monthname', $monthname); $templater->register('calendarrows', $calendarrows); for ($x = 1; $x <= 7; $x++) { $templater->register("day$x", ${day . $x}); } return $templater->render(); }
/** * Makes a printable date from a daily-formatted group date (yyyymmdd). * * @param string Group date (yyyymmdd) * * @return string Printable version of that date */ function make_group_date($groupid) { global $vbulletin; preg_match('#^(\\d{4})(\\d{2})(\\d{2})$#', $groupid, $match); // use yesterday/today option if they chose to use that (otherwise just show dates) return vbdate($vbulletin->options['dateformat'], vbmktime(0, 0, 0, $match[2], $match[3], $match[1]), $vbulletin->options['yestoday'] == 1); }
require_once DIR . '/includes/functions_editor.php'; require_once DIR . '/includes/functions_newpost.php'; require_once DIR . '/includes/modfunctions.php'; if ($announcementinfo['announcementid']) { if (!can_moderate($announcementinfo['forumid'], 'canannounce')) { // show no permission print_no_permission(); } $show['editing_mode'] = true; $announcementinfo['title'] = fetch_censored_text($announcementinfo['title']); } else { if (!can_moderate($vbulletin->GPC['forumid'], 'canannounce')) { // show no permission print_no_permission(); } $announcementinfo = array('forumid' => $vbulletin->GPC['forumid'], 'title' => '', 'pagetext' => '', 'startdate' => TIMENOW, 'enddate' => vbmktime(0, 0, 0, vbdate('n', TIMENOW, false, false) + 1, vbdate('j', TIMENOW, false, false), vbdate('Y', TIMENOW, false, false)), 'announcementoptions' => 29); $show['editing_mode'] = false; } $announcementinfo['title_safe'] = htmlspecialchars_uni($announcementinfo['title']); // checkboxes $checked = array(); foreach ($vbulletin->bf_misc_announcementoptions as $key => $val) { $checked["{$key}"] = $announcementinfo['announcementoptions'] & $val ? ' checked="checked"' : ''; } // date fields foreach (array('start', 'end') as $date_type) { $GLOBALS["{$date_type}_date_array"] = array('day' => vbdate('j', $announcementinfo["{$date_type}date"], false, false), 'month' => vbdate('n', $announcementinfo["{$date_type}date"], false, false), 'year' => vbdate('Y', $announcementinfo["{$date_type}date"], false, false)); $GLOBALS["{$date_type}_month_selected"] = array(); for ($i = 1; $i <= 12; $i++) { $GLOBALS["{$date_type}_month_selected"]["{$i}"] = $i == $GLOBALS["{$date_type}_date_array"]['month'] ? ' selected="selected"' : ''; }
public function userReferrers($params, $db, $check_only = false) { if ($check_only) { return !empty($params['startdate']) and !empty($params['enddate']); } else { $params = vB::getCleaner()->cleanArray($params, array('startdate' => vB_Cleaner::TYPE_NOCLEAN, 'enddate' => vB_Cleaner::TYPE_NOCLEAN)); require_once DIR . '/includes/functions_misc.php'; if ($params['startdate']['month']) { $params['startdate'] = vbmktime(intval($params['startdate']['hour']), intval($params['startdate']['minute']), 0, intval($params['startdate']['month']), intval($params['startdate']['day']), intval($params['startdate']['year'])); $datequery = " AND users.joindate >= " . $params['startdate']; } else { $params['startdate'] = 0; } if ($params['enddate']['month']) { $params['enddate'] = vbmktime(intval($params['enddate']['hour']), intval($params['enddate']['minute']), 0, intval($params['enddate']['month']), intval($params['enddate']['day']), intval($params['enddate']['year'])); $datequery .= " AND users.joindate <= " . $params['enddate']; } else { $params['enddate'] = 0; } /* insert sql */ $sql = "\n\t\t\t\t\t\t\t\tSELECT COUNT(*) AS count, user.username, user.userid\n\t\t\t\t\t\t\t\tFROM " . TABLE_PREFIX . "user AS users\n\t\t\t\t\t\t\t\tINNER JOIN " . TABLE_PREFIX . "user AS user ON(users.referrerid = user.userid)\n\t\t\t\t\t\t\t\tWHERE users.referrerid <> 0\n\t\t\t\t\t\t\t\t\t\tAND users.usergroupid NOT IN (3,4)\n\t\t\t\t\t\t\t\t\t\t{$datequery}\n\t\t\t\t\t\t\t\tGROUP BY users.referrerid\n\t\t\t\t\t\t\t\tORDER BY count DESC, username ASC\n\t\t\t\t\t\t"; $resultclass = 'vB_dB_' . $this->db_type . '_result'; $result = new $resultclass($db, $sql); return $result; } }
$points[$key] = $vbulletin->input->do_clean($val, TYPE_UNUM); $changed = true; } } if ($changed) { $datastore_rec = array('title' => 'kbank_salary_options', 'data' => serialize($points), 'unserialize' => 1); if ($found) { $vbulletin->db->query_write(fetch_query_sql($datastore_rec, 'datastore', "WHERE title = 'kbank_salary_options'")); } else { $vbulletin->db->query_write(fetch_query_sql($datastore_rec, 'datastore')); } } } if ($vbulletin->GPC['from'] and $vbulletin->GPC['to']) { $vbulletin->GPC['from'] = vbmktime($vbulletin->GPC['from']['hour'], $vbulletin->GPC['from']['minute'], 0, $vbulletin->GPC['from']['month'], $vbulletin->GPC['from']['day'], $vbulletin->GPC['from']['year']); $vbulletin->GPC['to'] = vbmktime($vbulletin->GPC['to']['hour'], $vbulletin->GPC['to']['minute'], 0, $vbulletin->GPC['to']['month'], $vbulletin->GPC['to']['day'], $vbulletin->GPC['to']['year']); if ($vbulletin->GPC['from'] == $vbulletin->GPC['to']) { print_stop_message('kbank_salary_calc_samelog'); } include_once DIR . '/includes/functions_forumlist.php'; cache_moderators(); $mod_activity = array(); foreach ($imodcache as $forumid => $forummods) { if ($forumid > 0) { foreach ($forummods as $mod) { $tmp =& $mod_activity[$mod['userid']]; if (!is_array($tmp)) { $tmp = array('userid' => $mod['userid'], 'username' => $mod['username'], 'forumids' => array(), 'childs' => array()); } $tmp['forumids'][] = $forumid; $childs = explode(',', $vbulletin->forumcache[$forumid]['childlist']);
print_time_row($vbphrase['start_date'], 'start', $vbulletin->GPC['start'], false); print_time_row($vbphrase['end_date'], 'end', $vbulletin->GPC['end'], false); print_submit_row($vbphrase['go']); } // ************************************************************************************************* if ($_REQUEST['do'] == 'dolist') { require_once DIR . '/includes/functions_misc.php'; if ($vbulletin->GPC['startstamp']) { $vbulletin->GPC['start'] = $vbulletin->GPC['startstamp']; } else { $vbulletin->GPC['start'] = vbmktime(0, 0, 0, $vbulletin->GPC['start']['month'], $vbulletin->GPC['start']['day'], $vbulletin->GPC['start']['year']); } if ($vbulletin->GPC['endstamp']) { $vbulletin->GPC['end'] = $vbulletin->GPC['endstamp']; } else { $vbulletin->GPC['end'] = vbmktime(23, 59, 59, $vbulletin->GPC['end']['month'], $vbulletin->GPC['end']['day'], $vbulletin->GPC['end']['year']); } if ($vbulletin->GPC['start'] >= $vbulletin->GPC['end']) { print_stop_message('start_date_after_end'); } if ($vbulletin->GPC['leftby']) { if (!($leftby_user = $db->query_first("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\tWHERE username = '******'leftby']) . "'\n\t\t"))) { print_stop_message('could_not_find_user_x', $vbulletin->GPC['leftby']); } $vbulletin->GPC['whoadded'] = $leftby_user['userid']; } if ($vbulletin->GPC['leftfor']) { if (!($leftfor_user = $db->query_first("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\tWHERE username = '******'leftfor']) . "'\n\t\t"))) { print_stop_message('could_not_find_user_x', $vbulletin->GPC['leftfor']); } $vbulletin->GPC['userid'] = $leftfor_user['userid'];
function fetch_period_group($itemtime) { global $vbphrase, $vbulletin; static $periods; // create the periods array if it does not exist if (empty($periods)) { $daynum = -1; $i = 0; // make $vbulletin->userinfo's startofweek setting agree with the date() function $weekstart = $vbulletin->userinfo['startofweek'] - 1; // get the timestamp for the beginning of today, according to vbulletin->userinfo's timezone $timestamp = vbmktime(0, 0, 0, vbdate('m', TIMENOW, false, false), vbdate('d', TIMENOW, false, false), vbdate('Y', TIMENOW, false, false)); // initialize $periods array with stamp for today $periods = array('today' => $timestamp); // create periods for today, yesterday and all days until we hit the start of the week while ($daynum != $weekstart and $i++ < 7) { // take away 24 hours $timestamp -= 86400; // get the number of the current day $daynum = vbdate('w', $timestamp, false, false); if ($i == 1) { $periods['yesterday'] = $timestamp; } else { $periods[strtolower(vbdate('l', $timestamp, false, false))] = $timestamp; } } // create periods for Last Week, 2 Weeks Ago, 3 Weeks Ago and Last Month $periods['last_week'] = $timestamp -= 7 * 86400; $periods['2_weeks_ago'] = $timestamp -= 7 * 86400; $periods['3_weeks_ago'] = $timestamp -= 7 * 86400; $periods['last_month'] = $timestamp -= 7 * 86400; } foreach ($periods as $periodname => $periodtime) { if ($itemtime >= $periodtime) { return $periodname; } } return 'older'; }
/** * Verifies a date array as a valid unix timestamp * * @param array Date array containing day/month/year and optionally: hour/minute/second * * @return boolean */ function verify_date_array(&$date) { $date['year'] = intval($date['year']); $date['month'] = intval($date['month']); $date['day'] = intval($date['day']); $date['hour'] = intval($date['hour']); $date['minute'] = intval($date['minute']); $date['second'] = intval($date['second']); if ($date['year'] < 1970) { return false; } else { if (checkdate($date['month'], $date['day'], $date['year'])) { $date = vbmktime($date['hour'], $date['minute'], $date['second'], $date['month'], $date['day'], $date['year']); return true; } else { return false; } } }
if ($vbulletin->userinfo['permissions']['vbblog_entry_permissions'] & $vbulletin->bf_ugp_vbblog_entry_permissions['blog_allowbbcode'] AND $vbulletin->GPC['parseurl']) { require_once(DIR . '/includes/functions_newpost.php'); $vbulletin->GPC['message'] = convert_url_to_bbcode($vbulletin->GPC['message']); } // handle clicks on the 'save draft' button if (!empty($vbulletin->GPC['draft'])) { $vbulletin->GPC['status'] = 'draft'; } if ($vbulletin->GPC['status'] == 'publish_on') { require_once(DIR . '/includes/functions_misc.php'); $blog['dateline'] = vbmktime($vbulletin->GPC['publish']['hour'], $vbulletin->GPC['publish']['minute'], 0, $vbulletin->GPC['publish']['month'], $vbulletin->GPC['publish']['day'], $vbulletin->GPC['publish']['year']); } $blogman =& datamanager_init('Blog_Firstpost', $vbulletin, ERRTYPE_ARRAY, 'blog'); if ($vbulletin->GPC['blogid']) { // Editing $bloginfo = verify_blog($blogid); /* Check edit blog */ if (!fetch_entry_perm('edit', $bloginfo)) { print_no_permission(); } $show['edit'] = true; $userinfo = fetch_userinfo($bloginfo['userid']); $blogman->set_existing($bloginfo);