function member_login($user_login)
{
$wp_user_data = get_user_by('login', $user_login);
$vb_user_id = get_user_meta($wp_user_data->ID, 'vbulletin_user_id', true);
if (empty($vb_user_id)) {
return;
}
include VBULLETIN_PATH . '/includes/functions_login.php';
$GLOBALS['vbulletin']->userinfo = verify_id('user', $vb_user_id, true, true, 0);
process_new_login(null, 0, null);
$GLOBALS['vbulletin']->session->save();
}
/**
* Load object from an id
*
* @param int $id
* @return vB_Legacy_Calendar
*/
public static function create_from_id($id)
{
global $_CALENDAROPTIONS, $_CALENDARHOLIDAYS;
$calendarinfo = verify_id('calendar', intval($id), false, true);
$getoptions = convert_bits_to_array($calendarinfo['options'], $_CALENDAROPTIONS);
$calendarinfo = array_merge($calendarinfo, $getoptions);
$geteaster = convert_bits_to_array($calendarinfo['holidays'], $_CALENDARHOLIDAYS);
$calendarinfo = array_merge($calendarinfo, $geteaster);
if ($calendarinfo) {
return self::create_from_record($calendarinfo);
} else {
return null;
}
}
public function process()
{
vB::$vbulletin->input->clean_array_gpc('p', array('userid' => TYPE_UINT, 'tab' => TYPE_NOHTML, 'mindateline' => TYPE_UNIXTIME, 'maxdateline' => TYPE_UNIXTIME, 'minscore' => TYPE_NUM, 'minid' => TYPE_STR, 'maxid' => TYPE_STR, 'pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT));
vB::$vbulletin->GPC['ajax'] = 1;
vB_dB_Assertor::init(vB::$vbulletin->db, vB::$vbulletin->userinfo);
vB_ProfileCustomize::getUserTheme(vB::$vbulletin->GPC['userid']);
$userhastheme = vB_ProfileCustomize::getUserThemeType(vB::$vbulletin->GPC['userid']) == 1 ? 1 : 0;
$showusercss = vB::$vbulletin->userinfo['options'] & vB::$vbulletin->bf_misc_useroptions['showusercss'] ? 1 : 0;
if ($userhastheme and $showusercss) {
define('AS_PROFILE', true);
}
$userinfo = verify_id('user', vB::$vbulletin->GPC['userid'], 1, 1);
$this->fetchMemberStreamSql(vB::$vbulletin->GPC['tab'], $userinfo['userid']);
$this->processExclusions();
$this->setPage(1, vB::$vbulletin->GPC['perpage']);
$result = $this->fetchStream();
$this->processAjax($result);
}
public function output()
{
global $vbulletin, $threadid, $postid, $db, $VB_API_WHITELIST;
require_once DIR . '/includes/functions_bigthree.php';
$threadinfo = verify_id('thread', $threadid, 1, 1);
if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
$vbulletin->userinfo['lastvisit'] = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
}
$coventry = fetch_coventry('string');
$posts = $db->query_first("\n\t\t\tSELECT MIN(postid) AS postid\n\t\t\tFROM " . TABLE_PREFIX . "post\n\t\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\t\tAND visible = 1\n\t\t\t\tAND dateline > " . intval($vbulletin->userinfo['lastvisit']) . "\n\t\t\t\t" . ($coventry ? "AND userid NOT IN ({$coventry})" : "") . "\n\t\t\tLIMIT 1\n\t\t");
if ($posts['postid']) {
$postid = $posts['postid'];
} else {
$postid = $threadinfo['lastpostid'];
}
loadAPI('showthread');
include DIR . '/showthread.php';
}
/**
* Creates new thread or gives error and then redirects user
*
* @param string Title of thread
* @param string Message of post
* @param integer ForumID for thread
* @param boolean Allow guest posts
*/
function create_new_thread($title = 'Defauglt Title', $message = 'Defagult Message', $id = 3, $guest = false)
{
// set some globals
global $forumperms, $vbulletin, $vbphrase;
// init some variables
$fail = 0;
$errors = array();
$newpost = array();
// init post information
if ($guest and $vbulletin->userinfo['userid'] == 0) {
$newpost['username'] = $vbphrase['guest'];
}
$newpost['title'] = $title;
$newpost['message'] = $message;
$newpost['signature'] = '0';
if ($vbulletin->userinfo['signature'] != '') {
$newpost['signature'] = '1';
}
$newpost['parseurl'] = '1';
$newpost['emailupdate'] = '9999';
// attempt thread create
$foruminfo = verify_id('forum', $id, 0, 1);
if (!$foruminfo['forumid']) {
$fail = 1;
}
$forumperms = fetch_permissions($foruminfo['forumid']);
if (!function_exists('build_new_post')) {
require_once DIR . '/includes/functions_newpost.php';
}
build_new_post('thread', $foruminfo, array(), array(), $newpost, $errors);
if (sizeof($errors) > 0) {
$fail = 1;
}
// do redirection
if (!$fail) {
$vbulletin->url = $vbulletin->options['bburl'] . '/showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p=" . $newpost['postid'] . "#post" . $newpost['postid'];
eval(print_standard_redirect('redirect_postthanks'));
} else {
$vbulletin->url = $vbulletin->options['bburl'];
eval(print_standard_redirect($vbphrase['error'] . ': ' . $vbphrase['redirecting'], 0, 1));
}
}
/**
* Verifies that the infractionlevelid is valid and set points and expires if user hasn't explicitly set them
*
* @param integer infractionleveid key
*
* @return boolean
*/
function verify_infractionlevelid(&$infractionlevelid)
{
if ($infractionlevelid != $this->existing['infractionlevelid']) {
if (!($infractionlevel = $this->info['infractionlevel']) and !($infractionlevel = verify_id('infractionlevel', $infractionlevelid, 0, 1))) {
$this->error('invalidid');
return false;
} else {
if (!$this->setfields['points']) {
$points = intval($infractionlevel['points']);
if ($infractionlevel['warning'] and $this->info['warning']) {
$points = 0;
}
$this->set('points', $points);
}
if (!$this->setfields['expires']) {
switch ($infractionlevel['period']) {
case 'H':
$expires = TIMENOW + $infractionlevel['expires'] * 3600;
break;
# HOURS
# HOURS
case 'D':
$expires = TIMENOW + $infractionlevel['expires'] * 86400;
break;
# DAYS
# DAYS
case 'M':
$expires = TIMENOW + $infractionlevel['expires'] * 2592000;
break;
# MONTHS
# MONTHS
case 'N':
$expires = 0;
break;
# NEVER
}
$this->set('expires', $expires);
}
}
}
return true;
}
/**
* Fetches information about the selected custompage with permission checks
*
* @param integer The custompage we want info about
* @param string The type of customblock that we are working with (page or block)
* @param bool Should an error be displayed when block is not found
* @param bool Should a permission check be performed as well
*
* @return array Array of information about the custom page or prints an error if it doesn't exist / permission problems
*/
function verify_blog_customblock($customblockid, $type = null, $alert = true, $perm_check = true)
{
global $vbulletin, $vbphrase;
if (!($blockinfo = fetch_customblock_info($customblockid)))
{
if ($alert)
{
standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
}
else
{
return 0;
}
}
else if ($type AND $blockinfo['type'] != $type)
{
standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
}
$blockinfo['userinfo'] = verify_id('user', $blockinfo['userid'], 1, 1, 10);
if ($perm_check)
{
if ($vbulletin->userinfo['userid'] != $blockinfo['userinfo']['userid'] AND empty($blockinfo['userinfo']['bloguserid']))
{
standard_error(fetch_error('blog_noblog', $blockinfo['userinfo']['username']));
}
if (!$blockinfo['userinfo']['canviewmyblog'])
{
print_no_permission();
}
if (in_coventry($blockinfo['userinfo']['userid']) AND !can_moderate_blog())
{
standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
}
if ($vbulletin->userinfo['userid'] == $blockinfo['userinfo']['userid'] AND !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']))
{
print_no_permission();
}
if ($vbulletin->userinfo['userid'] != $blockinfo['userinfo']['userid'] AND !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']))
{
// Can't view other's entries so off you go to your own blog.
exec_header_redirect("blog.php?$session[sessionurl]u=" . $vbulletin->userinfo['userid']);
}
}
return $blockinfo;
}
function user_name_cell($user_name, $user_id = 0)
{
global $vbulletin, $usermenus, $vbphrase, $user_name_tags;
static $users;
if (empty($users) or is_array($users) and !array_key_exists($user_name, $users)) {
$users[$user_name] = verify_id('user', $user_id, false);
}
// show linked username only for existing users
if (!$users[$user_name] or 0 > $user_id) {
return " <b>" . $user_name . "</b>";
}
$elid = rand() . '_' . rand() . '_' . $user_id;
$out = "<span id=\"usermenu_uid_" . $elid . "\" class=\"vbmenu_control\">" . "<script type=\"text/javascript\">vbmenu_register(\"usermenu_uid_" . $elid . "\" ); </script>" . "</span> " . "<a target=\"_blank\" href=\"" . $vbulletin->options['bburl'] . "/member.php?" . $vbulletin->session->vars['sessionurl'] . "u=" . $user_id . "\"><b>" . $user_name_tags[$user_id]['opentag'] . $user_name . $user_name_tags[$user_id]['closetag'] . "</b></a>";
$usermenus[$elid] = "<div class=\"vbmenu_popup\" id=\"usermenu_uid_" . $elid . "_menu\" style=\"display:none\">" . "<table cellpadding=\"4\" cellspacing=\"1\" border=\"0\">" . "<tr>" . " <td class=\"vbmenu_option\"><a href=\"?" . $vbulletin->session->vars['sessionurl'] . "userid=" . urlencode($user_id) . "\">" . $vbphrase['private_messages'] . " " . $user_name . "</a></td>" . "</tr>" . "<tr>" . " <td class=\"vbmenu_option\"><a target=\"_blank\" href=\"user.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&u=" . $user_id . "\">" . $vbphrase['edit_user_profile'] . "</a></td>" . "</tr>" . "</table>" . "</div>";
return $out;
}
if (!($vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or !($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers'])) {
print_no_permission();
}
if (!($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_visitor_messaging'])) {
print_no_permission();
}
$vbulletin->input->clean_array_gpc('r', array('u' => TYPE_UINT, 'u2' => TYPE_UINT, 'perpage' => TYPE_UINT, 'pagenumber' => TYPE_UINT, 'showignored' => TYPE_BOOL, 'vmid' => TYPE_UINT));
($hook = vBulletinHook::fetch_hook('converse_start')) ? eval($hook) : false;
if ($vbulletin->GPC['vmid']) {
$vminfo = verify_visitormessage($vbulletin->GPC['vmid']);
if (($vminfo['postuserid'] != $vbulletin->GPC['u'] or $vminfo['userid'] != $vbulletin->GPC['u2']) and ($vminfo['userid'] != $vbulletin->GPC['u'] or $vminfo['postuserid'] != $vbulletin->GPC['u2'])) {
standard_error(fetch_error('invalidid', $vbphrase['visitor_message'], $vbulletin->options['contactuslink']));
}
}
$userinfo = verify_id('user', $vbulletin->GPC['u'], true, true, FETCH_USERINFO_USERCSS | FETCH_USERINFO_ISFRIEND);
$userinfo2 = verify_id('user', $vbulletin->GPC['u2'], true, true, FETCH_USERINFO_USERCSS | FETCH_USERINFO_ISFRIEND);
// $userinfo will never be vbulletin->userinfo
// $userinfo2 may be vbulletin->userinfo
if ($userinfo2['userid'] == $vbulletin->userinfo['userid']) {
$viewself = true;
}
cache_permissions($userinfo, false);
if (!$userinfo['vm_enable'] and !can_moderate(0, 'canmoderatevisitormessages') or $userinfo['vm_contactonly'] and !$userinfo['bbuser_iscontact_of_user'] and !can_moderate(0, 'canmoderatevisitormessages')) {
print_no_permission();
}
if (!$userinfo2['vm_enable'] and (!can_moderate(0, 'canmoderatevisitormessages') or $viewself) or $userinfo2['vm_contactonly'] and !$userinfo2['bbuser_iscontact_of_user'] and !can_moderate(0, 'canmoderatevisitormessages') and !$viewself) {
print_no_permission();
}
require_once DIR . '/includes/functions_user.php';
if (!can_view_profile_section($userinfo['userid'], 'visitor_messaging') or !can_view_profile_section($userinfo2['userid'], 'visitor_messaging')) {
print_no_permission();
function get_article_comments($article, $associated_thread_id, $userinfo, &$pageno, &$perpage, &$total)
{
require_once DIR . '/includes/functions_misc.php';
require_once DIR . '/includes/functions.php';
require_once DIR . '/includes/functions_databuild.php';
require_once DIR . '/includes/functions_bigthree.php';
$posts_out = array();
fetch_phrase_group('posting');
$threadinfo = verify_id('thread', $associated_thread_id, 0, 1);
$foruminfo = verify_id('forum', $threadinfo['forumid'], 0, 1);
//First let's see if we have forum/thread view permissions. If not,
// we're done
if (!($permissions = can_view_thread($article->getNodeId(), $userinfo))) {
return array();
}
$forumperms = fetch_permissions($threadinfo['forumid']);
//Normally this thread will be wide open, so let's get the list first
// without checking. We'll verify each post anyway.
//get our results
$results = get_comments($permissions, $associated_thread_id);
$record_count = count($results);
if (!$results or !count($results)) {
return array();
}
//we accept the parameter "last" for pageno.
if ($pageno == FR_LAST_POST) {
$pageno = intval(($record_count + $perpage - 1) / $perpage);
$first = ($pageno - 1) * $perpage;
} else {
$pageno = max(1, intval($pageno));
$first = $perpage * ($pageno - 1);
}
//Let's trim off the results we need.
//This also tells us if we should show the "next" button.
$post_array = array_slice($results, $first, $perpage, true);
if (!$post_array) {
return array();
}
$firstpostid = false;
$displayed_dateline = 0;
if (vB::$vbulletin->options['threadmarking'] and vB::$vbulletin->userinfo['userid']) {
$threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - vB::$vbulletin->options['markinglimit'] * 86400);
} else {
$threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
if (!$threadview) {
$threadview = vB::$vbulletin->userinfo['lastvisit'];
}
}
require_once DIR . '/includes/functions_user.php';
$show['inlinemod'] = false;
$postids = array();
$postids = ' post.postid in (' . implode(', ', $post_array) . ')';
$posts = vB::$vbulletin->db->query_read($sql = "\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t user.*, userfield.*, usertextfield.*,\n\t " . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t " . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n\t editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n\t editlog.reason AS edit_reason, editlog.hashistory,\n\t postparsed.pagetext_html, postparsed.hasimages,\n\t sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,\n\t customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight\n\t " . iif(!($permissions['genericpermissions'] & vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), vB::$vbulletin->profilefield['hidden']) . "\n\t {$hook_query_fields}\n\t FROM " . TABLE_PREFIX . "post AS post\n\t LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t " . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t {$deljoin}\n\t LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)\n\t {$hook_query_joins}\n\t WHERE {$postids}\n\t ORDER BY post.dateline\n\t ");
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
vB::$vbulletin->options['attachthumbs'] = 0;
}
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
vB::$vbulletin->options['viewattachedimages'] = 0;
}
$postcount = count($postid_array);
$counter = 0;
$postbits = '';
vB::$vbulletin->noheader = true;
while ($post = vB::$vbulletin->db->fetch_array($posts)) {
if (!$privileges['can_moderate_forums']) {
if ($privileges['is_coventry'] or $post['visible'] == 2) {
continue;
}
}
// post/thread is deleted by moderator and we don't have permission to see it
if (!($post['visible'] or $privileges['can_moderate_posts'])) {
continue;
}
if (!intval($post['userid'])) {
$post['avatarid'] = false;
} else {
if (!$post['hascustomavatar']) {
if ($post['profilepic']) {
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
$post['avatarpath'] = "./image.php?u=" . $post['userid'] . "&dateline=" . $post['profilepicdateline'] . "&type=profile";
$post['avwidth'] = $post['ppwidth'];
$post['avheight'] = $post['ppheight'];
} else {
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
// explicity setting avatarurl to allow guests comments to show unknown avatar
$post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif';
$post['avwidth'] = 60;
$post['avheight'] = 60;
}
}
}
if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
continue;
}
if ($post['visible'] == 1 and !$tachyuser) {
++$counter;
if ($postorder) {
$post['postcount'] = --$postcount;
} else {
$post['postcount'] = ++$postcount;
}
}
if ($tachyuser) {
$fetchtype = 'post_global_ignore';
} else {
if ($ignore["{$post['userid']}"]) {
$fetchtype = 'post_ignore';
} else {
if ($post['visible'] == 2) {
$fetchtype = 'post_deleted';
} else {
$fetchtype = 'post';
}
}
}
if (vB::$vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
$fetchtype = 'post';
}
if (!$firstpostid) {
$firstpostid = $post['postid'];
}
$post['islastshown'] = $post['postid'] == $lastpostid;
$post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1);
$post['islastshown'] = $post['postid'] == $lastpostid;
$post['attachments'] = $postattach["{$post['postid']}"];
$canedit = false;
if (!$threadinfo['isdeleted'] and !$post['isdeleted'] and (can_moderate($threadinfo['forumid'], 'caneditposts') or $threadinfo['open'] and $post['userid'] == vB::$vbulletin->userinfo['userid'] and $forumperms & vB::$vbulletin->bf_ugp_forumpermissions['caneditpost'] and ($post['dateline'] >= TIMENOW - vB::$vbulletin->options['edittimelimit'] * 60 or vB::$vbulletin->options['edittimelimit'] == 0))) {
$canedit = true;
}
// Get post date/time
$postdate = vbdate(vB::$vbulletin->options['dateformat'], $post['dateline'], 1);
$posttime = vbdate(vB::$vbulletin->options['timeformat'], $post['dateline']);
$attachments = array();
$fr_images = array();
// Attachments (images).
if (count($post['attachments']) > 0) {
foreach ($post['attachments'] as $attachment) {
$lfilename = strtolower($attachment['filename']);
if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
$fr_images[] = array('img' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'], 'tmb' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1');
}
}
}
// Parse the post for quotes and inline images
list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], false);
if (count($fr_images) > 0) {
$text .= "<br/>";
foreach ($fr_images as $attachment) {
$text .= "<img src=\"{$attachment['img']}\"/>";
}
}
foreach ($images as $image) {
$fr_images[] = array('img' => $image);
}
$avatarurl = '';
// Avatar work
if (vB::$vbulletin->options['avatarenabled']) {
require_once DIR . '/includes/functions_user.php';
$userinfo = fetch_userinfo($post['userid'], FETCH_USERINFO_AVATAR);
fetch_avatar_from_userinfo($userinfo);
if ($userinfo['avatarurl']) {
$avatarurl = process_avatarurl($userinfo['avatarurl']);
}
}
$tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'], 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images, 'image_thumbs' => array());
// Soft Deleted
if ($post['visible'] == 2) {
$tmp['deleted'] = true;
$tmp['del_username'] = prepare_utf8_string($post['del_username']);
if ($post['del_reason']) {
$tmp['del_reason'] = prepare_utf8_string($post['del_reason']);
}
} else {
$tmp['text'] = $text;
$tmp['quotable'] = $nuked_quotes;
if ($canedit) {
$tmp['canedit'] = true;
$tmp['edittext'] = prepare_utf8_string($post['pagetext']);
}
}
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
$posts_out[] = $tmp;
}
if ($LASTPOST['dateline'] > $displayed_dateline) {
$displayed_dateline = $LASTPOST['dateline'];
if ($displayed_dateline <= $threadview) {
$updatethreadcookie = true;
}
}
// Set thread last view
if ($displayed_dateline and $displayed_dateline > $threadview) {
mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline);
}
vB::$vbulletin->db->free_result($posts);
unset($post);
$total = $record_count;
return $posts_out;
}
eval(standard_error(fetch_error('invalidid', $vbphrase['forum'], $vbulletin->options['contactuslink'])));
} else {
exec_header_redirect($vbulletin->config['Misc']['admincpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('moderator.php?' . $vbulletin->session->vars['sessionurl_js'] . "do=add&f={$foruminfo['forumid']}"));
}
} else {
print_no_permission();
}
}
// #############################################################################
if ($_REQUEST['do'] == 'postannouncement') {
$vbulletin->input->clean_gpc('r', 'formumid', TYPE_INT);
exec_header_redirect('announcement.php?' . $vbulletin->session->vars['sessionurl_js'] . 'do=edit&f=' . $vbulletin->GPC['forumid']);
}
if ($_REQUEST['do'] == 'useroptions') {
$vbulletin->input->clean_gpc('r', 'userid', TYPE_UINT);
$userid = verify_id('user', $vbulletin->GPC['userid']);
if (can_administer('canadminusers')) {
exec_header_redirect($vbulletin->config['Misc']['admincpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('user.php?' . $vbulletin->session->vars['sessionurl_js'] . "do=edit&u={$userid}"));
} else {
if (can_moderate(0, 'canviewprofile')) {
exec_header_redirect($vbulletin->config['Misc']['modcpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('user.php?' . $vbulletin->session->vars['sessionurl_js'] . "do=viewuser&u={$userid}"));
} else {
print_no_permission();
}
}
}
// #############################################################################
if ($_REQUEST['do'] == 'move') {
if (!$foruminfo['forumid']) {
eval(standard_error(fetch_error('invalidid', $vbphrase['forum'], $vbulletin->options['contactuslink'])));
}
$show['approvepost'] = can_moderate($threadinfo['forumid'], 'canmoderateposts') ? true : false;
$show['managethread'] = can_moderate($threadinfo['forumid'], 'canmanagethreads') ? true : false;
$show['approveattachment'] = can_moderate($threadinfo['forumid'], 'canmoderateattachments') ? true : false;
$show['inlinemod'] = (!$show['threadedmode'] and ($show['managethread'] or $show['managepost'] or $show['approvepost'])) ? true : false;
$show['spamctrls'] = ($show['inlinemod'] and $show['managepost']);
$url = $show['inlinemod'] ? SCRIPTPATH : '';
// build inline moderation popup
if ($show['popups'] and $show['inlinemod']) {
eval('$threadadmin_imod_menu_post = "' . fetch_template('threadadmin_imod_menu_post') . '";');
} else {
$threadadmin_imod_menu_post = '';
}
// *********************************************************************************
// find the page that we should be on to display this post
if (!empty($postid) and $threadedmode == 0) {
$postinfo = verify_id('post', $postid, 1, 1);
$threadid = $postinfo['threadid'];
$getpagenum = $db->query_first("\n\t\tSELECT COUNT(*) AS posts\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tWHERE threadid = {$threadid} AND visible = 1\n\t\tAND dateline " . iif(!$postorder, '<=', '>=') . " {$postinfo['dateline']}\n\t");
$vbulletin->GPC['pagenumber'] = ceil($getpagenum['posts'] / $perpage);
}
// *********************************************************************************
// update views counter
if ($vbulletin->options['threadviewslive']) {
// doing it as they happen; for optimization purposes, this cannot use a DM!
$db->shutdown_query("\n\t\tUPDATE " . TABLE_PREFIX . "thread\n\t\tSET views = views + 1\n\t\tWHERE threadid = " . intval($threadinfo['threadid']));
} else {
// or doing it once an hour
$db->shutdown_query("\n\t\tINSERT INTO " . TABLE_PREFIX . "threadviews (threadid)\n\t\tVALUES (" . intval($threadinfo['threadid']) . ')');
}
// *********************************************************************************
// display ratings if enabled
private static function renderResult($userinfo, $post_array, $permissions,
$forumperms, $target_url, $nodeid)
{
if (!count($post_array))
{
return '';
}
require_once DIR . '/includes/functions_bigthree.php' ;
require_once DIR . '/includes/class_postbit.php' ;
fetch_phrase_group('showthread');
fetch_phrase_group('postbit');
global $vbphrase;
global $template_hook;
global $show;
global $thread;
$thread = $thread->get_record();
$threadinfo = verify_id('thread', $thread['threadid'], 1, 1);
$foruminfo = verify_id('forum', $threadinfo['forumid'], 1, 1);
$firstpostid = false;
$displayed_dateline = 0;
if (vB::$vbulletin->options['threadmarking'] AND vB::$vbulletin->userinfo['userid'])
{
$threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - (vB::$vbulletin->options['markinglimit'] * 86400));
}
else
{
$threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
if (!$threadview)
{
$threadview = vB::$vbulletin->userinfo['lastvisit'];
}
}
require_once DIR . '/includes/functions_user.php';
$show['inlinemod'] = false;
$postids = array();
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
$postids = ' post.postid in ('
. implode(', ', $post_array) .')';
$posts = vB::$vbulletin->db->query_read($sql = "
SELECT
post.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,
user.*, userfield.*, usertextfield.*,
" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "
" . iif( vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "
" . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "
" . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "
editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,
editlog.reason AS edit_reason, editlog.hashistory,
postparsed.pagetext_html, postparsed.hasimages,
sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,
sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,
IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,
customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight
" . iif(!($permissions['genericpermissions'] & vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), vB::$vbulletin->profilefield['hidden']) . "
$hook_query_fields
FROM " . TABLE_PREFIX . "post AS post
LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)
LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)
LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)
" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "
" . iif( vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "
" . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "
$deljoin
LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)
LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")
LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")
LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)
LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)
$hook_query_joins
WHERE $postids
ORDER BY post.dateline
");
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) AND !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment']))
{
vB::$vbulletin->options['attachthumbs'] = 0;
}
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment']))
{
vB::$vbulletin->options['viewattachedimages'] = 0;
}
$postcount = count($postid_array);
$counter = 0;
$postbits = '';
vB::$vbulletin->noheader = true;
$postbit_factory = new vB_Postbit_Factory();
$postbit_factory->registry = vB::$vbulletin;
$postbit_factory->forum = $foruminfo;
$postbit_factory->thread = $thread;
$postbit_factory->cache = array();
$postbit_factory->bbcode_parser = new vB_BbCodeParser( vB::$vbulletin, fetch_tag_list());
//We need to tell the parser to handle quotes differently.
$postbit_factory->bbcode_parser->set_quote_template('vbcms_bbcode_quote');
$postbit_factory->bbcode_parser->set_quote_vars(array('page_url' => $target_url .
(strpos($target_url, '?') == false ? '?' : '&')));
$show['return_node'] = $nodeid;
$show['avatar'] = 1;
while ($post = vB::$vbulletin->db->fetch_array($posts))
{
if (! self::canViewPost($post, $permissions) )
{
continue;
}
if (! intval($post['userid']))
{
$post['avatarid'] = false;
}
else if (!$post['hascustomavatar'])
{
if ($post['profilepic'])
{
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
$post['avatarpath'] = "./image.php?u=" . $post['userid'] . "&dateline=" . $post['profilepicdateline'] . "&type=profile";
$post['avwidth'] = $post['ppwidth'];
$post['avheight'] = $post['ppheight'];
}
else
{
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
// explicity setting avatarurl to allow guests comments to show unknown avatar
$post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif';
$post['avwidth'] = 60;
$post['avheight'] = 60;
}
}
if ($tachyuser = in_coventry($post['userid']) AND !can_moderate($thread['forumid']))
{
continue;
}
if ($post['visible'] == 1 AND !$tachyuser)
{
++$counter;
if ($postorder)
{
$post['postcount'] = --$postcount;
}
else
{
$post['postcount'] = ++$postcount;
}
}
if ($tachyuser)
{
$fetchtype = 'post_global_ignore';
}
else if ($ignore["$post[userid]"])
{
$fetchtype = 'post_ignore';
}
else if ($post['visible'] == 2)
{
$fetchtype = 'post_deleted';
}
else
{
$fetchtype = 'post';
}
if (
( vB::$vbulletin->GPC['viewfull'] AND $post['postid'] == $postinfo['postid'] AND $fetchtype != 'post')
AND
(can_moderate($threadinfo['forumid']) OR !$post['isdeleted'])
)
{
$fetchtype = 'post';
}
($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;
$postbit_obj = $postbit_factory->fetch_postbit($fetchtype);
$postbit_obj->set_template_prefix('vbcms_');
if ($fetchtype == 'post')
{
$postbit_obj->highlight = $replacewords;
}
if (!$firstpostid)
{
$firstpostid = $post['postid'];
}
$post['islastshown'] = ($post['postid'] == $lastpostid);
$post['isfirstshown'] = ($counter == 1 AND $fetchtype == 'post' AND $post['visible'] == 1);
$post['islastshown'] = ($post['postid'] == $lastpostid);
$post['attachments'] = $postattach["$post[postid]"];
$parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false);
$this_postbit = $postbit_obj->construct_postbit($post);
$this_template = vB_Template::create('vbcms_comments_detail');
$this_template->register('postid', $post['postid'] );
$this_template->register('postbit', $this_postbit);
$this_template->register('indent', $post_array[$this_key]['level'] * $pixel_indent);
$postbits .= $this_template->render();
$LASTPOST = $post;
// Only show after the first post, counter isn't incremented for deleted/moderated posts
if ($post_cachable AND $post['pagetext_html'] == '')
{
if (!empty($saveparsed))
{
$saveparsed .= ',';
}
$saveparsed .= "($post[postid], " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
}
if (!empty($postbit_obj->sig_cache) AND $post['userid'])
{
if (!empty($save_parsed_sigs))
{
$save_parsed_sigs .= ',';
}
$save_parsed_sigs .= "($post[userid], " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
}
}
if ($LASTPOST['dateline'] > $displayed_dateline)
{
$displayed_dateline = $LASTPOST['dateline'];
if ($displayed_dateline <= $threadview)
{
$updatethreadcookie = true;
}
}
if ($firstpostid)
{
$this_template->register('FIRSTPOSTID', $firstpostid );
}
if ($lastpostid)
{
$this_template->register('LASTPOSTID', $lastpostid);
}
// Set thread last view
if ($displayed_dateline AND $displayed_dateline > $threadview)
{
mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline);
}
vB::$vbulletin->db->free_result($posts);
unset($post);
return $postbits;
}
if ($vbulletin->userinfo['searchprefs'] != '') {
$prefs = array_merge($prefs, unserialize($vbulletin->userinfo['searchprefs']));
}
// if $forumid is specified, use it
if ($foruminfo['forumid']) {
$vbulletin->GPC['forumchoice'][] = $foruminfo['forumid'];
}
// if search conditions are specified in the URI, use them
foreach (array_keys($globals) as $varname) {
if ($vbulletin->GPC_exists["{$varname}"] and $varname != 'forumchoice' and $varname != 'prefixchoice' and $varname != 'humanverify') {
$prefs["{$varname}"] = $vbulletin->GPC["{$varname}"];
}
}
if ($vbulletin->GPC['searchthreadid']) {
$show['searchthread'] = true;
$threadinfo = verify_id('thread', $vbulletin->GPC['searchthreadid'], true, true);
$searchid = $threadinfo['threadid'];
// check for visible / deleted thread
if (in_coventry($threadinfo['postuserid']) and !can_moderate($threadinfo['forumid']) or $threadinfo['open'] == 10 or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'])) {
eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])));
}
$foruminfo = fetch_foruminfo($threadinfo['forumid']);
// *********************************************************************************
// check forum permissions
$forumperms = fetch_permissions($threadinfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
print_no_permission();
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
print_no_permission();
}
}
}
if ($vbulletin->GPC['pollid']) {
$pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1);
$pollid =& $pollinfo['pollid'];
}
} else {
if ($vbulletin->GPC['forumid']) {
$foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 0, 1);
$forumid =& $foruminfo['forumid'];
if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) {
$codestyleid =& $foruminfo['styleid'];
}
} else {
if ($vbulletin->GPC['pollid'] and THIS_SCRIPT == 'poll') {
$pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1);
$pollid =& $pollinfo['pollid'];
$threadinfo = $db->query_first("\n\t\tSELECT thread.*\n\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\tWHERE thread.pollid = " . $vbulletin->GPC['pollid'] . "\n\t\t\tAND open <> 10\n\t");
$threadid =& $threadinfo['threadid'];
$foruminfo = fetch_foruminfo($threadinfo['forumid']);
$forumid =& $foruminfo['forumid'];
if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) {
$codestyleid = $foruminfo['styleid'];
}
}
}
}
// #############################################################################
// ######################## START TEMPLATES & STYLES ###########################
// #############################################################################
$userselect = false;
if ($_REQUEST['do'] == 'editattachments') {
// Variables reused in templates
$perpage = $vbulletin->input->clean_gpc('r', 'perpage', TYPE_UINT);
$pagenumber = $vbulletin->input->clean_gpc('r', 'pagenumber', TYPE_UINT);
$showthumbs = $vbulletin->input->clean_gpc('r', 'showthumbs', TYPE_BOOL);
$vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT));
$templatename = 'modifyattachments';
$show['attachment_list'] = true;
if (!$vbulletin->GPC['userid'] or $vbulletin->GPC['userid'] == $vbulletin->userinfo['userid']) {
// show own attachments in user cp
$userid = $vbulletin->userinfo['userid'];
$username = $vbulletin->userinfo['username'];
$show['attachquota'] = true;
} else {
// show someone else's attachments
$userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1);
$userid = $userinfo['userid'];
$username = $userinfo['username'];
$show['otheruserid'] = true;
}
($hook = vBulletinHook::fetch_hook('profile_editattachments_start')) ? eval($hook) : false;
// Get forums that allow canview access
foreach ($vbulletin->userinfo['forumpermissions'] as $forumid => $perm) {
if ($perm & $vbulletin->bf_ugp_forumpermissions['canview'] and $perm & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] and $perm & $vbulletin->bf_ugp_forumpermissions['cangetattachment']) {
if ($userid != $vbulletin->userinfo['userid'] and !($perm & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
// Viewing non-self and don't have permission to view other's threads in this forum
continue;
}
$forumids .= ",{$forumid}";
}
}
print_label_row($title, construct_link_code($infraction['count'], "admininfraction.php?" . $vbulletin->session->vars['sessionurl'] . "do=dolist&infractionlevelid={$infraction['infractionlevelid']}&startstamp=1&endstamp=" . TIMENOW, false, '', true));
}
if ($db->num_rows($infractions)) {
print_table_footer();
}
}
if ($_REQUEST['do'] == 'list' or $_REQUEST['do'] == 'dolist') {
$vbulletin->input->clean_array_gpc('r', array('leftby' => TYPE_NOHTML, 'leftfor' => TYPE_NOHTML, 'userid' => TYPE_UINT, 'whoadded' => TYPE_UINT, 'pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT, 'orderby' => TYPE_NOHTML, 'start' => TYPE_ARRAY_UINT, 'end' => TYPE_ARRAY_UINT, 'startstamp' => TYPE_UINT, 'endstamp' => TYPE_UINT, 'status' => TYPE_NOHTML, 'infractionlevelid' => TYPE_INT));
$vbulletin->GPC['start'] = iif($vbulletin->GPC['startstamp'], $vbulletin->GPC['startstamp'], $vbulletin->GPC['start']);
$vbulletin->GPC['end'] = iif($vbulletin->GPC['endstamp'], $vbulletin->GPC['endstamp'], $vbulletin->GPC['end']);
if ($whoaddedinfo = verify_id('user', $vbulletin->GPC['whoadded'], 0, 1)) {
$vbulletin->GPC['leftby'] = $whoaddedinfo['username'];
} else {
$vbulletin->GPC['whoadded'] = 0;
}
if ($userinfo = verify_id('user', $vbulletin->GPC['userid'], 0, 1)) {
$vbulletin->GPC['leftfor'] = $userinfo['username'];
} else {
$vbulletin->GPC['userid'] = 0;
}
// Default View Values
if (!$vbulletin->GPC['start']) {
$vbulletin->GPC['start'] = TIMENOW - 3600 * 24 * 30;
}
if (!$vbulletin->GPC['end']) {
$vbulletin->GPC['end'] = TIMENOW;
}
if (!$vbulletin->GPC['status']) {
$vbulletin->GPC['status'] = 'all';
}
$statusoptions = array('all' => $vbphrase['all'], 'active' => $vbphrase['active'], 'expired' => $vbphrase['expired'], 'reversed' => $vbphrase['reversed']);
$user = fetch_userinfo($vbulletin->GPC['userid']);
if ($user) {
$userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
$userdm->set_existing($user);
$userdm->set('reputation', "reputation - {$diff}", false);
$userdm->save();
unset($userdm);
}
}
define('CP_REDIRECT', "adminreputation.php?do=list&u=" . $vbulletin->GPC['userid']);
print_stop_message('saved_reputation_successfully');
}
// *************************************************************************************************
if ($_POST['do'] == 'killreputation') {
$vbulletin->input->clean_array_gpc('p', array('reputationid' => TYPE_INT));
$repinfo = verify_id('reputation', $vbulletin->GPC['reputationid'], 0, 1);
$user = fetch_userinfo($repinfo['userid']);
if ($user) {
$userdm =& datamanager_init('User', $vbulletin, ERRTYPE_CP);
$userdm->set_existing($user);
$userdm->set('reputation', $user['reputation'] - $repinfo['reputation']);
$userdm->save();
unset($userdm);
}
$db->query_write("\n\t\tDELETE FROM " . TABLE_PREFIX . "reputation\n\t\tWHERE reputationid = " . $vbulletin->GPC['reputationid']);
define('CP_REDIRECT', "adminreputation.php?do=list&u={$repinfo['userid']}");
print_stop_message('deleted_reputation_successfully');
}
// *************************************************************************************************
if ($_REQUEST['do'] == 'deletereputation') {
$vbulletin->input->clean_array_gpc('r', array('reputationid' => TYPE_INT));
}
}
if ($vbulletin->GPC['holidayid']) {
if ($eventinfo = $db->query_first_slave("\n\t\tSELECT *\n\t\tFROM " . TABLE_PREFIX . "holiday AS holiday\n\t\tWHERE holidayid = " . $vbulletin->GPC['holidayid'])) {
$eventinfo['visible'] = 1;
$eventinfo['holiday'] = 1;
$eventinfo['title'] = $vbphrase['holiday' . $eventinfo['holidayid'] . '_title'];
$eventinfo['event'] = $vbphrase['holiday' . $eventinfo['holidayid'] . '_desc'];
} else {
eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])));
}
}
if ($eventinfo['eventid'] and $eventinfo['userid'] != $vbulletin->userinfo['userid'] and !($vbulletin->userinfo['calendarpermissions']["{$eventinfo['calendarid']}"] & $vbulletin->bf_ugp_calendarpermissions['canviewothersevent'])) {
print_no_permission();
}
$calendarinfo = verify_id('calendar', $vbulletin->GPC['calendarid'], 1, 1);
$getoptions = convert_bits_to_array($calendarinfo['options'], $_CALENDAROPTIONS);
$calendarinfo = array_merge($calendarinfo, $getoptions);
$geteaster = convert_bits_to_array($calendarinfo['holidays'], $_CALENDARHOLIDAYS);
$calendarinfo = array_merge($calendarinfo, $geteaster);
$calendarid =& $calendarinfo['calendarid'];
$calview = htmlspecialchars_uni(fetch_bbarray_cookie('calendar', 'calview' . $calendarinfo['calendarid']));
$calmonth = intval(fetch_bbarray_cookie('calendar', 'calmonth'));
$calyear = intval(fetch_bbarray_cookie('calendar', 'calyear'));
$show['neweventlink'] = $vbulletin->userinfo['calendarpermissions'][$calendarid] & $vbulletin->bf_ugp_calendarpermissions['canpostevent'] ? true : false;
if (empty($_REQUEST['do'])) {
$defaultview = !empty($calendarinfo['weekly']) ? 'displayweek' : (!empty($calendarinfo['yearly']) ? 'displayyear' : 'displaymonth');
$_REQUEST['do'] = !empty($calview) ? $calview : $defaultview;
}
if ($vbulletin->GPC['sb']) {
// Allow showbirthdays to be turned on if they are off -- mainly for the birthday link from the front page
function goto_nextthread($threadid, $throwerror = true)
{
global $vbulletin;
$thread = verify_id('thread', $threadid, $throwerror, 1);
$forumperms = fetch_permissions($thread['forumid']);
// remove threads from users on the global ignore list if user is not a moderator
if ($coventry = fetch_coventry('string') and !can_moderate($thread['forumid'])) {
$globalignore = "AND postuserid NOT IN ({$coventry})";
} else {
$globalignore = '';
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
$limitothers = "AND postuserid = " . $vbulletin->userinfo['userid'] . " AND " . $vbulletin->userinfo['userid'] . " <> 0";
} else {
$limitothers = '';
}
if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) {
$lastpost_info = ",IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost";
$tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ')';
$lastpost_having = "HAVING lastpost > {$thread['lastpost']}";
} else {
$lastpost_info = "";
$tachyjoin = "";
$lastpost_having = "AND lastpost > {$thread['lastpost']}";
}
if ($getnextnewest = $vbulletin->db->query_first_slave("\n\t\tSELECT thread.threadid, thread.title\n\t\t\t{$lastpost_info}\n\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t{$tachyjoin}\n\t\tWHERE forumid = {$thread['forumid']}\n\t\t\tAND visible = 1\n\t\t\tAND open <> 10\n\t\t\t{$globalignore}\n\t\t\t{$limitothers}\n\t\t{$lastpost_having}\n\t\tORDER BY lastpost\n\t\tLIMIT 1\n\t")) {
$threadid = $getnextnewest['threadid'];
unset($thread);
} else {
if ($throwerror) {
eval(standard_error(fetch_error('nonextnewest')));
}
}
return $getnextnewest;
}
/**
* Extracts the threadid from the URL, correctly handles the different friendly URLs
*
* @param string The URL to try to pull the threadid from.
*
* @return integer Returns the threadid or 0 if no threadid is found.
*
*/
function extract_threadid_from_url($url)
{
global $vbulletin;
$threadid = 0;
// Disallow relative URLs, since the t=threadid in the URL refers to another thread
// Not needed since these URLs now redirect to the canonical URL?
if (stripos($url, 'goto=next') !== false) {
return $threadid;
}
$search = array('#[\\?&](?:threadid|t)=([0-9]+)#', '#showthread.php[\\?/]([0-9]+)#', '#/threads/([0-9]+)#');
foreach ($search as $regex) {
if (preg_match($regex, $url, $matches)) {
$threadid = intval($matches[1]);
break;
}
}
if (!$threadid) {
if (preg_match('#[\\?&](postid|p)=([0-9]+)#', $url, $matches)) {
$postid = verify_id('post', $matches[2], false);
if ($postid) {
$postinfo = fetch_postinfo($postid);
$threadid = intval($postinfo['threadid']);
}
}
}
return $threadid;
}
$expires = 0;
break;
case 'H':
default:
$expires = mktime(date('H') + $vbulletin->GPC['expires'], date('i'), date('s'), date('m'), date('d'), date('y'));
break;
}
$infdata->set('expires', $expires);
$infdata->set('points', $vbulletin->GPC['points']);
$infdata->set('customreason', $vbulletin->GPC['customreason']);
}
if ($vbulletin->GPC['points'] and empty($vbulletin->GPC['banreason']) and ($infractionban or $minimumpointsban and $vbulletin->GPC['points'] + $userinfo['ipoints'] >= $minimumpointsban)) {
$errors[] = 'invalid_banreason';
}
} else {
$infractionlevel = verify_id('infractionlevel', $vbulletin->GPC['infractionlevelid'], 1, 1);
if ($infractionlevel['extend']) {
if (isset($infcache["{$infractionlevel['infractionlevelid']}"]['expires'])) {
if ($infcache["{$infractionlevel['infractionlevelid']}"]['expires'] == 0) {
$infdata->set('expires', 0);
} else {
if (($expiretime = $infcache["{$infractionlevel['infractionlevelid']}"]['expires'] - TIMENOW) > 0) {
switch ($infractionlevel['period']) {
case 'D':
$expires = $expiretime + mktime(date('H'), date('i'), date('s'), date('m'), date('d') + $infractionlevel['expires'], date('y'));
break;
case 'M':
$expires = $expiretime + mktime(date('H'), date('i'), date('s'), date('m') + $infractionlevel['expires'], date('d'), date('y'));
break;
case 'N':
$expires = 0;
exec_header_redirect('member.php?' . $vbulletin->session->vars['sessionurl_js'] . "u={$moderatorinfo['userid']}");
} else {
if ($vbulletin->GPC['username'] != '' and !$vbulletin->GPC['userid']) {
$user = $db->query_first_slave("SELECT userid FROM " . TABLE_PREFIX . "user WHERE username = '******'username']) . "'");
$vbulletin->GPC['userid'] = $user['userid'];
}
}
}
}
}
if (!$vbulletin->GPC['userid']) {
eval(standard_error(fetch_error('unregistereduser')));
}
$fetch_userinfo_options = FETCH_USERINFO_AVATAR | FETCH_USERINFO_LOCATION | FETCH_USERINFO_PROFILEPIC | FETCH_USERINFO_SIGPIC | FETCH_USERINFO_USERCSS | FETCH_USERINFO_ISFRIEND;
($hook = vBulletinHook::fetch_hook('member_start_fetch_user')) ? eval($hook) : false;
$userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1, $fetch_userinfo_options);
if ($userinfo['usergroupid'] == 4 and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) {
print_no_permission();
}
$show['vcard'] = ($vbulletin->userinfo['userid'] and $userinfo['showvcard']);
if ($_REQUEST['do'] == 'vcard' and $show['vcard']) {
// source: http://www.ietf.org/rfc/rfc2426.txt
$text = "BEGIN:VCARD\r\n";
$text .= "VERSION:2.1\r\n";
$text .= "N:;{$userinfo['username']}\r\n";
$text .= "FN:{$userinfo['username']}\r\n";
$text .= "EMAIL;PREF;INTERNET:{$userinfo['email']}\r\n";
if (!empty($userinfo['birthday'][7]) and $userinfo['showbirthday'] == 2) {
$birthday = explode('-', $userinfo['birthday']);
$text .= "BDAY:{$birthday['2']}-{$birthday['0']}-{$birthday['1']}\r\n";
}
protected function load_content_info()
{
return verify_id('picture', $this->contentid, 1, 1);
}
$albuminfo = fetch_albuminfo($vbulletin->GPC['albumid']);
if (!$albuminfo) {
standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink']));
}
$vbulletin->GPC['userid'] = $albuminfo['userid'];
}
if ($vbulletin->GPC['pictureid']) {
$pictureinfo = fetch_pictureinfo($vbulletin->GPC['pictureid'], $albuminfo['albumid']);
if (!$pictureinfo) {
standard_error(fetch_error('invalidid', $vbphrase['picture'], $vbulletin->options['contactuslink']));
}
}
if (!$vbulletin->GPC['userid']) {
print_no_permission();
}
$userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1, FETCH_USERINFO_USERCSS);
// don't show stuff for users awaiting moderation
if ($userinfo['usergroupid'] == 4 and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) {
print_no_permission();
}
cache_permissions($userinfo, false);
if (!can_moderate(0, 'caneditalbumpicture') and !($userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canalbum'])) {
print_no_permission();
}
// determine if we can see this user's private albums and run the correct permission checks
if (!empty($albuminfo)) {
if ($albuminfo['state'] == 'private' and !can_view_private_albums($userinfo['userid'])) {
// private album that we can not see
standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink']));
} else {
if ($albuminfo['state'] == 'profile' and !can_view_profile_albums($userinfo['userid'])) {
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
print_no_permission();
}
if (!can_moderate($threadinfo['forumid'], 'caneditposts')) {
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['caneditpost'])) {
print_no_permission();
} else {
if ($vbulletin->userinfo['userid'] != $postinfo['userid']) {
print_no_permission();
}
}
}
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
$thread = verify_id('thread', $postinfo['threadid'], 1, 1);
$forum = fetch_foruminfo($thread['forumid']);
// #######################################################################
($hook = vBulletinHook::fetch_hook('posthistory_start')) ? eval($hook) : false;
// new ver is the max of the 2 compared version, old the min. Also, make sure they're different
$newver = max($vbulletin->GPC['oldver'], $vbulletin->GPC['newver']);
$oldver = min($vbulletin->GPC['oldver'], $vbulletin->GPC['newver']);
$oldver = $oldver == $newver ? 0 : $oldver;
$compare = array();
// when we are comparing the two versions
if ($_REQUEST['do'] == 'compare' and $newver and $oldver) {
$histories_result = $db->query_read_slave("\n\t\tSELECT *\n\t\tFROM " . TABLE_PREFIX . "postedithistory\n\t\tWHERE postedithistoryid IN (" . $newver . ", " . $oldver . ")\n\t\t\tAND postid = " . $postinfo['postid'] . "\n\t\tORDER BY dateline DESC\n\t");
}
// if there wasn't two versions then show the full list
if (empty($histories_result) or $db->num_rows($histories_result) < 2) {
$histories_result = $db->query_read_slave("\n\t\tSELECT *\n\t\tFROM " . TABLE_PREFIX . "postedithistory\n\t\tWHERE postid = " . $postinfo['postid'] . "\n\t\tORDER BY dateline DESC\n\t");
$templater->register('start_date_array', $start_date_array);
$templater->register('start_month_selected', $start_month_selected);
$templater->register('usernamecode', $usernamecode);
$templater->register('foruminfo', $foruminfo);
$templater->register('start_day_selected', $start_day_selected);
$templater->register('end_day_selected', $end_day_selected);
print_output($templater->render());
}
// #############################################################################
if ($_REQUEST['do'] == 'view')
{
$forumlist = '';
if ($announcementinfo['forumid'] > -1 OR $vbulletin->GPC['forumid'])
{
$foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 1, 1);
$curforumid = $foruminfo['forumid'];
$forumperms = fetch_permissions($foruminfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) OR !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']))
{
print_no_permission();
}
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
$forumlist = fetch_forum_clause_sql($foruminfo['forumid'], 'announcement.forumid');
}
else if (!$announcementinfo['announcementid'])
{
eval(standard_error(fetch_error('invalidid', $vbphrase['announcement'], $vbulletin->options['contactuslink'])));
function do_vote_poll()
{
global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $vbphrase;
if (empty($threadinfo['threadid'])) {
json_error(ERR_INVALID_THREAD);
}
$threadid = $vbulletin->GPC['threadid'];
$counter = 1;
$pollid = $threadinfo['pollid'];
if (!$pollid) {
json_error(ERR_INVALID_THREAD);
}
$forumperms = fetch_permissions($threadinfo['forumid']);
// Get Poll info
$pollinfo = verify_id('poll', $pollid, 0, 1);
if (!$pollinfo['pollid']) {
json_error(standard_error(fetch_error('invalidid', $vbphrase['poll'], $vbulletin->options['contactuslink'])));
}
$vbulletin->input->clean_array_gpc('r', array('options' => TYPE_STR));
$options = split(',', $vbulletin->GPC['options']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canvote'])) {
print_no_permission();
}
//check if poll is closed
if (!$pollinfo['active'] or !$threadinfo['open'] or $pollinfo['dateline'] + $pollinfo['timeout'] * 86400 < TIMENOW and $pollinfo['timeout'] != 0) {
//poll closed
json_error(standard_error(fetch_error('pollclosed')));
}
//check if an option was selected
if (true) {
// Query master to reduce the chance of multiple poll votes
if ($uservoteinfo = $db->query_first("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "pollvote\n\t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\tAND pollid = {$pollid}\n\t\t")) {
//the user has voted before
json_error(standard_error(fetch_error('useralreadyvote')));
}
$totaloptions = substr_count($pollinfo['options'], '|||') + 1;
//Error checking complete, lets get the options
if ($pollinfo['multiple']) {
$insertsql = '';
$skip_voters = false;
foreach ($options as $val) {
$val = intval($val);
if ($val > 0 and $val <= $totaloptions) {
$pollvote =& datamanager_init('PollVote', $vbulletin, ERRTYPE_STANDARD);
$pollvote->set_info('skip_voters', $skip_voters);
$pollvote->set('pollid', $pollid);
$pollvote->set('votedate', TIMENOW);
$pollvote->set('voteoption', $val);
$pollvote->set('userid', $vbulletin->userinfo['userid']);
$pollvote->set('votetype', $val);
if (!$pollvote->save(true, false, false, false, true)) {
json_error(standard_error(fetch_error('useralreadyvote')));
}
$skip_voters = true;
}
}
} else {
if ($options[0] > 0 and $options[0] <= $totaloptions) {
$pollvote =& datamanager_init('PollVote', $vbulletin, ERRTYPE_STANDARD);
$pollvote->set('pollid', $pollid);
$pollvote->set('votedate', TIMENOW);
$pollvote->set('voteoption', $options[0]);
$pollvote->set('userid', $vbulletin->userinfo['userid']);
$pollvote->set('votetype', 0);
if (!$pollvote->save(true, false, false, false, true)) {
json_error(standard_error(fetch_error('useralreadyvote')));
}
}
}
// make last reply date == last vote date
if ($vbulletin->options['updatelastpost']) {
// option selected in CP
$threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
$threadman->set_existing($threadinfo);
$threadman->set('lastpost', TIMENOW);
$threadman->save();
}
($hook = vBulletinHook::fetch_hook('poll_vote_complete')) ? eval($hook) : false;
}
return array('success' => true);
}
standard_error(fetch_error('blog_markread_error', $vbulletin->session->vars['sessionurl'], $userinfo['userid'], $vbulletin->userinfo['logouthash'], $userinfo['username']));
}
mark_user_blog_read($userinfo['userid'], $vbulletin->userinfo['userid'], TIMENOW);
require_once DIR . '/includes/functions_login.php';
$vbulletin->url = fetch_replaced_session_url($vbulletin->url);
if (strpos($vbulletin->url, 'do=markread') !== false) {
$vbulletin->url = fetch_seo_url('blog', $userinfo, null, 'userid', 'blog_title');
}
eval(print_standard_redirect('blog_markread', true, true));
}
// ############################################################################
// ############################### GROUP MEMBERS ##########################
// ############################################################################
if ($_REQUEST['do'] == 'members') {
$vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT, 'perpage' => TYPE_UINT, 'pagenumber' => TYPE_UINT));
$userinfo = verify_id('user', $vbulletin->GPC['userid'], true, true);
cache_permissions($userinfo, false);
if ($vbulletin->userinfo['userid'] != $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']) or $vbulletin->userinfo['userid'] == $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) or !($userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canhavegroupblog']) or !$userinfo['memberids']) {
print_no_permission();
}
require_once DIR . '/includes/functions_user.php';
do {
$perpage = ($vbulletin->GPC['perpage'] > 30 or !$vbulletin->GPC['perpage']) ? 20 : $vbulletin->GPC['perpage'];
if (!$vbulletin->GPC['pagenumber']) {
$vbulletin->GPC['pagenumber'] = 1;
}
$start = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
$members = $db->query_read_slave("\r\n\t\t\tSELECT\r\n\t\t\t\tSQL_CALC_FOUND_ROWS\r\n\t\t\t\tgm.userid, user.*\r\n\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? ', avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, customavatar.width as avwidth, customavatar.height as avheight, customavatar.filedata_thumb' : '') . "\r\n\t\t\tFROM " . TABLE_PREFIX . "blog_groupmembership AS gm\r\n\t\t\tINNER JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = gm.userid)\r\n\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON (avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON (customavatar.userid = user.userid) " : '') . "\r\n\t\t\tWHERE\r\n\t\t\t\tgm.bloguserid = " . $vbulletin->GPC['userid'] . "\r\n\t\t\t\t\tAND\r\n\t\t\t\tgm.state = 'active'\r\n\t\t\tORDER BY user.username\r\n\t\t\tLIMIT {$start}, {$perpage}\r\n\t\t");
$membercount = $db->found_rows();
if ($start > $membercount) {
$vbulletin->GPC['pagenumber'] = ceil($membercount / $perpage);
/**
* Reads some context based on general input information
*/
public function read_input_context()
{
global $vbulletin;
parent::read_input_context();
global $postinfo, $threadinfo, $foruminfo, $pollinfo;
global $postid, $threadid, $forumid, $pollid;
$vbulletin->input->clean_array_gpc('r', array('postid' => vB_Cleaner::TYPE_UINT, 'threadid' => vB_Cleaner::TYPE_UINT, 'forumid' => vB_Cleaner::TYPE_INT, 'pollid' => vB_Cleaner::TYPE_UINT));
$codestyleid = 0;
// Init post/thread/forum values
$postinfo = array();
$threadinfo = array();
$foruminfo = array();
// automatically query $postinfo, $threadinfo & $foruminfo if $threadid exists
if ($vbulletin->GPC['postid'] and $postinfo = verify_id('post', $vbulletin->GPC['postid'], 0, 1)) {
$postid = $postinfo['postid'];
$vbulletin->GPC['threadid'] = $postinfo['threadid'];
}
// automatically query $threadinfo & $foruminfo if $threadid exists
if ($vbulletin->GPC['threadid'] and $threadinfo = verify_id('thread', $vbulletin->GPC['threadid'], 0, 1)) {
$threadid = $threadinfo['threadid'];
$vbulletin->GPC['forumid'] = $forumid = $threadinfo['forumid'];
if ($forumid) {
$foruminfo = fetch_foruminfo($threadinfo['forumid']);
if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) {
$codestyleid = $foruminfo['styleid'];
}
}
if ($vbulletin->GPC['pollid']) {
$pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1);
$pollid = $pollinfo['pollid'];
}
} else {
if ($vbulletin->GPC['forumid']) {
$foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 0, 1);
$forumid = $foruminfo['forumid'];
if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) {
$codestyleid = $foruminfo['styleid'];
}
} else {
if ($vbulletin->GPC['pollid'] and THIS_SCRIPT == 'poll') {
$pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1);
$pollid = $pollinfo['pollid'];
$threadinfo = fetch_threadinfo($pollinfo['threadid']);
$threadid = $threadinfo['threadid'];
$foruminfo = fetch_foruminfo($threadinfo['forumid']);
$forumid = $foruminfo['forumid'];
if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) {
$codestyleid = $foruminfo['styleid'];
}
}
}
}
// #############################################################################
// Redirect if this forum has a link
// check if this forum is a link to an outside site
if (!empty($foruminfo['link']) and trim($foruminfo['link']) != '' and (THIS_SCRIPT != 'subscription' or $_REQUEST['do'] != 'removesubscription')) {
// get permission to view forum
$_permsgetter_ = 'forumdisplay';
$forumperms = fetch_permissions($foruminfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
print_no_permission();
}
// add session hash to local links if necessary
if (preg_match('#^([a-z0-9_]+\\.php)(\\?.*$)?#i', $foruminfo['link'], $match)) {
if ($match[2]) {
// we have a ?xyz part, put session url at beginning if necessary
$query_string = preg_replace('/([^a-z0-9])(s|sessionhash)=[a-z0-9]{32}(&|&)?/', '\\1', $match[2]);
$foruminfo['link'] = $match[1] . '?' . vB::getCurrentSession()->get('sessionurl_js') . substr($query_string, 1);
} else {
$foruminfo['link'] .= vB::getCurrentSession()->get('sessionurl_q');
}
}
exec_header_redirect($foruminfo['link'], 301);
}
$this->force_styleid = $codestyleid;
}
