/** * Check against XSS * * NOTE: When this function is updated, please also update classIncomingEmail::cleanMessage() * * @access public * @param string Original string * @param boolean Fix script HTML tags * @return string "Cleaned" text */ public function checkXss($txt = '', $fixScript = false, $tag = '') { //----------------------------------------- // Opening script tags... // Check for spaces and new lines... //----------------------------------------- if ($fixScript) { $txt = preg_replace('#<(\\s+?)?s(\\s+?)?c(\\s+?)?r(\\s+?)?i(\\s+?)?p(\\s+?)?t#is', "<script", $txt); $txt = preg_replace('#<(\\s+?)?/(\\s+?)?s(\\s+?)?c(\\s+?)?r(\\s+?)?i(\\s+?)?p(\\s+?)?t#is', "</script", $txt); } /* got a tag? */ if ($tag) { $tag = strip_tags($tag, '<br>'); switch ($tag) { case 'entry': case 'blog': case 'topic': case 'post': $test = str_replace(array('"', "'", '"', '''), "", $txt); if (!is_numeric($test)) { $txt = false; } break; case 'acronym': $test = str_replace(array('"', "'", '"', '''), "", $txt); $test1 = str_replace(array('<', ">", '[', ']'), "", $test); //IPSText::alphanumericalClean( $test, '.+&#; ' ); if ($test != $test1) { $txt = false; } break; case 'email': $test = str_replace(array('"', "'", '"', '''), "", $txt); $test = IPSText::checkEmailAddress($test) ? $txt : FALSE; break; case 'font': /* Make sure it's clean */ $test = str_replace(array('"', "'", '"', '''), "", $txt); $test1 = IPSText::alphanumericalClean($test, '#.+, '); if ($test != $test1) { $txt = false; } break; case 'background': case 'color': /* Make sure it's clean */ $test = str_replace(array('"', "'", '"', '''), "", $txt); /* Make rgb() safe */ $test = preg_replace('#rgb(a)?\\(([^\\)]+?)\\)#i', '', $test); $test1 = IPSText::alphanumericalClean($test, '#.+, '); if ($test != $test1) { $txt = false; } break; default: $_regex = null; $_bbcodes = $this->cache->getCache('bbcode'); $_regex = $_bbcodes[$tag]['bbcode_custom_regex']; if ($_regex) { $test = str_replace(array('"', "'", '"', '''), "", $txt); if (!preg_match($_regex, $test)) { $txt = false; } } break; } /* If we didn't actually get any option data, then return false */ $test = str_replace(array('"', "'", '"', '''), "", $txt); if (strlen($txt) and strlen($test) < 1) { $txt = false; } if ($txt === false) { return false; } /* Still here? Safety, then */ $txt = strip_tags($txt, '<br>'); if (strpos($txt, '[') !== false or strpos($txt, ']') !== false) { $txt = str_replace(array('[', ']'), array('[', ']'), $txt); } } /* Attempt to make JS safe */ $txt = IPSText::xssMakeJavascriptSafe($txt); return $txt; }
/** * Build the actual output to show * * @access protected * @param array $content Image URL to link to * @return string Content to replace bbcode with */ protected function _buildOutput($content) { $content = trim($content); //----------------------------------------- // Too many images? //----------------------------------------- $existing = $this->cache->getCache('_tmp_bbcode_images', false); $existing = intval($existing) + 1; if ($this->settings['max_images'] and $this->caches['_tmp_section'] != 'signatures') { if ($existing > $this->settings['max_images']) { $this->error = 'too_many_img'; return $content; } } $this->cache->updateCacheWithoutSaving('_tmp_bbcode_images', $existing); //----------------------------------------- // Some security checking //----------------------------------------- $content = preg_replace('#(https|http|ftp)&\\#(058|58);//#', '\\1://', $content); if (IPSText::xssCheckUrl($content) !== TRUE) { return $content; } foreach ($this->cache->getCache('bbcode') as $bbcode) { $_tags = $this->_retrieveTags(); foreach ($_tags as $tag) { if (stripos($content, '[' . $tag) !== false) { return $content; } } } //----------------------------------------- // Allowed type? //----------------------------------------- /* Load parser */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/text/parser.php', 'classes_text_parser'); $parser = new $classToLoad(); if (!$parser->isAllowedImgUrl($content)) { $this->error = 'invalid_ext'; return $content; } //----------------------------------------- // URL filtering? //----------------------------------------- if (!$parser->isAllowedUrl($content)) { $this->error = 'domain_not_allowed'; return $content; } if (stristr($content, $this->settings['board_url'] . '/' . PUBLIC_DIRECTORY . '/style_emoticons/')) { return "<img src='" . IPSText::xssMakeJavascriptSafe($content) . "' alt='{$this->lang->words['bbcode_img_alt']}' class='bbc_emoticon' />"; } else { /* @link http://community.invisionpower.com/resources/bugs.html/_/ip-board/img-tag-no-http-r40534 */ if (substr($content, 0, 4) != 'http') { $content = 'http://' . $content; } return "<img src='" . IPSText::xssMakeJavascriptSafe($content) . "' alt='{$this->lang->words['bbcode_img_alt']}' class='bbc_img' />"; } }
/** * Build the actual output to show * * @access protected * @param array $content Image URL to link to * @return string Content to replace bbcode with */ protected function _buildOutput($content) { $content = trim($content); //----------------------------------------- // Too many images? //----------------------------------------- $existing = $this->cache->getCache('_tmp_bbcode_images', false); $existing = intval($existing) + 1; if ($this->settings['max_images'] and $this->caches['_tmp_section'] != 'signatures') { if ($existing > $this->settings['max_images']) { $this->error = 'too_many_img'; return $content; } } $this->cache->updateCacheWithoutSaving('_tmp_bbcode_images', $existing); //----------------------------------------- // Some security checking //----------------------------------------- if (IPSText::xssCheckUrl($content) !== TRUE) { return $content; } foreach ($this->cache->getCache('bbcode') as $bbcode) { $_tags = $this->_retrieveTags(); foreach ($_tags as $tag) { if (stripos($content, '[' . $tag) !== false) { return $content; } } } //----------------------------------------- // Allowed type? //----------------------------------------- if ($this->settings['img_ext']) { $path = @parse_url(html_entity_decode($content), PHP_URL_PATH); $pieces = explode('.', $path); $ext = array_pop($pieces); $ext = strtolower($ext); if (!in_array($ext, explode(',', str_replace('.', '', strtolower($this->settings['img_ext']))))) { $this->error = 'invalid_ext'; return $content; } } //----------------------------------------- // URL filtering? //----------------------------------------- if ($this->settings['ipb_use_url_filter']) { $list_type = $this->settings['ipb_url_filter_option'] == "black" ? "blacklist" : "whitelist"; if ($this->settings['ipb_url_' . $list_type]) { $list_values = array(); $list_values = explode("\n", str_replace("\r", "", $this->settings['ipb_url_' . $list_type])); if ($list_type == 'whitelist') { $list_values[] = "http://{$_SERVER['HTTP_HOST']}/*"; } if (count($list_values)) { $good_url = 0; foreach ($list_values as $my_url) { if (!trim($my_url)) { continue; } $my_url = preg_quote($my_url, '/'); $my_url = str_replace('\\*', "(.*?)", $my_url); if ($list_type == "blacklist") { if (preg_match('/' . $my_url . '/i', $content)) { $this->error = 'domain_not_allowed'; return $content; } } else { if (preg_match('/' . $my_url . '/i', $content)) { $good_url = 1; } } } if (!$good_url and $list_type == "whitelist") { $this->error = 'domain_not_allowed'; return $content; } } } } return "<span rel='lightbox'><img src='" . IPSText::xssMakeJavascriptSafe($content) . "' alt='{$this->lang->words['bbcode_img_alt']}' class='bbc_img' /></span>"; }
/** * Modern profile * * @return @e void [Outputs to screen] */ protected function _viewModern() { //----------------------------------------- // INIT //----------------------------------------- $member_id = intval($this->request['id']) ? intval($this->request['id']) : intval($this->request['MID']); if (!$member_id) { $this->registry->output->showError('profiles_no_member', 10246.0, null, null, 404); } //----------------------------------------- // Grab all data... //----------------------------------------- $member = IPSMember::load($member_id, 'profile_portal,pfields_content,sessions,groups', 'id'); //----------------------------------------- // Can we access? //----------------------------------------- if (!$this->memberData['g_mem_info'] && $this->memberData['member_id'] != $member['member_id']) { $this->registry->output->showError('profiles_off', 10245, null, null, 403); } $tab = substr(IPSText::alphanumericalClean(str_replace('..', '', trim($this->request['tab']))), 0, 20); $firsttab = ''; $friends = array(); $visitors = array(); $comment_perpage = 5; $pips = 0; $default_tab = ''; $tabs = array(); $_tabs = array(); $_positions = array(0 => 0); $_member_ids = array(); $sql_extra = ''; $pass = 0; $mod = 0; $_todays_date = getdate(); $_rCustom = intval($this->request['removeCustomization']); $_dCustom = intval($this->request['disableCustomization']); $time_adjust = $this->settings['time_adjust'] == "" ? 0 : $this->settings['time_adjust']; $board_posts = $this->caches['stats']['total_topics'] + $this->caches['stats']['total_replies']; $seenFiles = array(); /* Removing customization? */ if ($_rCustom and ($member_id == $this->memberData['member_id'] or $this->memberData['g_access_cp'] or $this->memberData['g_is_supmod'] and !$member['g_access_cp']) and $this->request['secure_key'] == $this->member->form_hash) { IPSMember::save($member_id, array('extendedProfile' => array('pp_customization' => serialize(array())))); } else { if ($_rCustom) { $this->registry->output->showError('profile_no_remove_perm', '10246.-1', null, null, 403); } } /* Disable? */ if ($_dCustom and ($this->memberData['g_access_cp'] or $this->memberData['g_is_supmod'] and !$member['g_access_cp']) and $this->request['secure_key'] == $this->member->form_hash) { IPSMember::save($member_id, array('core' => array('bw_disable_customization' => 1))); } else { if ($_dCustom) { $this->registry->output->showError('profile_no_remove_perm', '10246.-1', null, null, 403); } } if (!$member['member_id']) { $this->registry->output->showError('profiles_no_member', 10246, null, null, 404); } /* Member banned or is spammer? */ if (IPSMember::isInactive($member) && !$this->memberData['g_is_supmod']) { $this->registry->output->showError('profiles_not_active', '10246.1', null, null, 403); } //----------------------------------------- // Configure tabs //----------------------------------------- foreach (IPSLib::getEnabledApplications() as $appDir => $app) { /* Path to tabs */ $custom_path = IPSLib::getAppDir($appDir) . '/extensions/profileTabs'; if (is_dir($custom_path)) { foreach (new DirectoryIterator($custom_path) as $f) { if (!$f->isDot() && !$f->isDir()) { $file = $f->getFileName(); if ($file[0] == '.') { continue; } if (preg_match('#\\.conf\\.php$#i', $file)) { $classname = str_replace(".conf.php", "", $file); /* Block the old about me file */ if ($classname == 'aboutme') { continue; } $CONFIG = array(); require $custom_path . '/' . $file; /*noLibHook*/ //------------------------------- // Allowed to use? //------------------------------- if ($CONFIG['plugin_enabled']) { /* Block friends tab if we have disabled friends or friends feature is shut off */ if ($CONFIG['plugin_key'] == 'friends' and (!$member['pp_setting_count_friends'] or !$this->settings['friends_enabled'])) { continue; } $CONFIG['app'] = $appDir; $_position = $this->_getTabPosition($_positions, $CONFIG['plugin_order']); $_tabs[$_position] = $CONFIG; $_positions[] = $_position; } } } } } } ksort($_tabs); foreach ($_tabs as $_pos => $data) { $data['_lang'] = isset($this->lang->words[$data['plugin_lang_bit']]) ? $this->lang->words[$data['plugin_lang_bit']] : $data['plugin_name']; $tabs[$data['plugin_key']] = $data; } if ($tab && @is_file(IPSLib::getAppDir($tabs[$tab]['app']) . '/extensions/profileTabs/' . $tab . '.php')) { $default_tab = $tabs[$tab]['app'] . ':' . $tab; /* Update <title> */ $this->lang->words['page_title_pp'] .= ': ' . $tabs[$tab]['_lang']; } else { $default_tab = 'core:info'; } $friends = $this->_getRandomFriends($member); /* Check USER permalink... */ $this->registry->getClass('output')->checkPermalink($member['members_seo_name'] ? $member['members_seo_name'] : IPSText::makeSeoTitle($member['members_display_name'])); /* Build data */ $member = IPSMember::buildDisplayData($member, array('customFields' => 1, 'cfSkinGroup' => 'profile', 'checkFormat' => 1, 'cfGetGroupData' => 1, 'signature' => 1, 'spamStatus' => 1)); //----------------------------------------- // Recent visitor? //----------------------------------------- if ($member['member_id'] != $this->memberData['member_id'] && !IPSMember::isLoggedInAnon($this->memberData)) { $this->_addRecentVisitor($member, $this->memberData['member_id']); } //----------------------------------------- // DST? //----------------------------------------- if ($member['dst_in_use'] == 1) { $member['time_offset'] += 1; } //----------------------------------------- // Format extra user data //----------------------------------------- $member['_age'] = $member['bday_year'] ? date('Y') - $member['bday_year'] : 0; if ($member['bday_month'] > date('n')) { $member['_age'] -= 1; } else { if ($member['bday_month'] == date('n')) { if ($member['bday_day'] > date('j')) { $member['_age'] -= 1; } } } $member['_local_time'] = $member['time_offset'] != "" ? gmstrftime($this->settings['clock_long'], time() + $member['time_offset'] * 3600 + $time_adjust * 60) : ''; $member['g_title'] = IPSMember::makeNameFormatted($member['g_title'], $member['g_id'], $member['prefix'], $member['suffix']); $member['_bday_month'] = $member['bday_month'] ? $this->lang->words['M_' . $member['bday_month']] : 0; //----------------------------------------- // Visitors //----------------------------------------- if ($member['pp_setting_count_visitors']) { $_pp_last_visitors = unserialize($member['pp_last_visitors']); $_visitor_info = array(); if (is_array($_pp_last_visitors)) { krsort($_pp_last_visitors); $_members = IPSMember::load(array_values($_pp_last_visitors), 'extendedProfile'); foreach ($_members as $_id => $_member) { $_visitor_info[$_id] = IPSMember::buildDisplayData($_member, array('reputation' => 0, 'warn' => 0)); } foreach ($_pp_last_visitors as $_time => $_id) { if (!$_visitor_info[$_id]['members_display_name_short']) { $_visitor_info[$_id] = IPSMember::buildDisplayData(IPSMember::setUpGuest(), array('reputation' => 0, 'warn' => 0)); } $_visitor_info[$_id]['_visited_date'] = ipsRegistry::getClass('class_localization')->getDate($_time, 'TINY'); $_visitor_info[$_id]['members_display_name_short'] = $_visitor_info[$_id]['members_display_name_short'] ? $_visitor_info[$_id]['members_display_name_short'] : $this->lang->words['global_guestname']; $visitors[] = $_visitor_info[$_id]; if (count($visitors) == 5) { break; } } } } //----------------------------------------- // Online location //----------------------------------------- $member = IPSMember::getLocation($member); //----------------------------------------- // Add profile view //----------------------------------------- $this->DB->insert('profile_portal_views', array('views_member_id' => $member['member_id']), true); //----------------------------------------- // Grab default tab... //----------------------------------------- $tab_html = ''; if ($tab) { if (@is_file(IPSLib::getAppDir($tabs[$tab]['app']) . '/extensions/profileTabs/' . $tab . '.php')) { require IPSLib::getAppDir('members') . '/sources/tabs/pluginParentClass.php'; /*noLibHook*/ $classToLoad = IPSLib::loadLibrary(IPSLib::getAppDir($tabs[$tab]['app']) . '/extensions/profileTabs/' . $tab . '.php', 'profile_' . $tab, $tabs[$tab]['app']); $plugin = new $classToLoad($this->registry); $tab_html = $plugin->return_html_block($member); } } //----------------------------------------- // Set description tag //----------------------------------------- $_desc = $member['pp_about_me'] ? $member['pp_about_me'] : $member['signature']; if ($_desc) { $this->registry->output->addMetaTag('description', $member['members_display_name'] . ': ' . IPSText::xssMakeJavascriptSafe(IPSText::getTextClass('bbcode')->stripAllTags($_desc))); } /* Reputation */ if ($this->settings['reputation_protected_groups']) { if (in_array($member['member_group_id'], explode(",", $this->settings['reputation_protected_groups']))) { $this->settings['reputation_show_profile'] = false; } } //----------------------------------------- // Try to "fix" empty custom field groups //----------------------------------------- foreach ($member['custom_fields'] as $group => $mdata) { if ($group != 'profile_info' and $group != 'contact') { if (is_array($member['custom_fields'][$group]) and count($member['custom_fields'][$group])) { $_count = 0; foreach ($member['custom_fields'][$group] as $key => $value) { if ($value) { $_count++; } } if (!$_count) { unset($member['custom_fields'][$group]); } } } else { if ($group == 'contact') { $show_contact = false; foreach ($member['custom_fields'][$group] as $key => $value) { $_val = preg_replace('/<!--(.|\\s)*?-->/', '', $value); if ($_val) { $show_contact = true; break; } } } } } //----------------------------------------- // Format signature //----------------------------------------- if ($member['signature']) { IPSText::getTextClass('bbcode')->parse_html = $member['g_dohtml']; IPSText::getTextClass('bbcode')->parse_nl2br = 1; IPSText::getTextClass('bbcode')->parse_smilies = 0; IPSText::getTextClass('bbcode')->parse_bbcode = 1; IPSText::getTextClass('bbcode')->parsing_section = 'signatures'; IPSText::getTextClass('bbcode')->parsing_mgroup = $member['member_group_id']; IPSText::getTextClass('bbcode')->parsing_mgroup_others = $member['mgroup_others']; $member['signature'] = IPSText::getTextClass('bbcode')->preDisplayParse($member['signature']); $member['signature'] = $this->registry->getClass('output')->getTemplate('global')->signature_separator($member['signature']); } //----------------------------------------- // Format 'About me' //----------------------------------------- if ($member['pp_about_me']) { IPSText::getTextClass('bbcode')->parse_html = $member['g_dohtml']; IPSText::getTextClass('bbcode')->parse_nl2br = 1; IPSText::getTextClass('bbcode')->parse_smilies = 1; IPSText::getTextClass('bbcode')->parse_bbcode = 1; IPSText::getTextClass('bbcode')->parsing_section = 'aboutme'; IPSText::getTextClass('bbcode')->parsing_mgroup = $member['member_group_id']; IPSText::getTextClass('bbcode')->parsing_mgroup_others = $member['mgroup_others']; $member['pp_about_me'] = IPSText::getTextClass('bbcode')->preDisplayParse(IPSText::getTextClass('bbcode')->preDbParse($member['pp_about_me'])); } /* final data */ if ($default_tab == 'core:info') { /* Load status class */ if (!$this->registry->isClassLoaded('memberStatus')) { $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/member/status.php', 'memberStatus'); $this->registry->setClass('memberStatus', new $classToLoad(ipsRegistry::instance())); } /* Fetch */ $status = $this->registry->getClass('memberStatus')->fetchMemberLatest($member['member_id']); } //----------------------------------------- // Warnings? //----------------------------------------- $warns = array(); if ($member['show_warn']) { if ($member['member_banned']) { $warns['ban'] = 0; $_warn = ipsRegistry::DB()->buildAndFetch(array('select' => 'wl_id', 'from' => 'members_warn_logs', 'where' => "wl_member={$member['member_id']} AND wl_suspend<>0 AND wl_suspend<>-2", 'order' => 'wl_date DESC', 'limit' => 1)); if ($_warn['wl_id']) { $warns['ban'] = $_warn['wl_id']; } } if ($member['temp_ban']) { $warns['suspend'] = 0; $_warn = ipsRegistry::DB()->buildAndFetch(array('select' => 'wl_id', 'from' => 'members_warn_logs', 'where' => "wl_member={$member['member_id']} AND wl_suspend<>0 AND wl_suspend<>-2", 'order' => 'wl_date DESC', 'limit' => 1)); if ($_warn['wl_id']) { $warns['suspend'] = $_warn['wl_id']; } } if ($member['restrict_post']) { $warns['rpa'] = 0; $_warn = ipsRegistry::DB()->buildAndFetch(array('select' => 'wl_id', 'from' => 'members_warn_logs', 'where' => "wl_member={$member['member_id']} AND wl_rpa<>0", 'order' => 'wl_date DESC', 'limit' => 1)); if ($_warn['wl_id']) { $warns['rpa'] = $_warn['wl_id']; } } if ($member['mod_posts']) { $warns['mq'] = 0; $_warn = ipsRegistry::DB()->buildAndFetch(array('select' => 'wl_id', 'from' => 'members_warn_logs', 'where' => "wl_member={$member['member_id']} AND wl_mq<>0", 'order' => 'wl_date DESC', 'limit' => 1)); if ($_warn['wl_id']) { $warns['mq'] = $_warn['wl_id']; } } } //----------------------------------------- // Add to output //----------------------------------------- $this->request['member_id'] = intval($this->request['showuser']); $this->member_name = $member['members_display_name']; $this->output = $this->registry->getClass('output')->getTemplate('profile')->profileModern($tabs, $member, $visitors, $default_tab, $tab_html, $friends, $status, $warns, $show_contact); }
/** * Shows the editor * print $editor->show( 'message', 'reply-topic-1244' ); * @param string Field * @param array Options: Auto save key, a unique key for the page. If supplied, editor will auto-save at regular intervals. Works for logged in members only * @param string Optional content */ public function show($fieldName, $options = array(), $content = '') { $showEditor = TRUE; /* Have we forced RTE? */ if (!empty($this->request['isRte'])) { $options['isRte'] = intval($this->request['isRte']); } $_autoSaveKeyOrig = !empty($options['autoSaveKey']) ? $options['autoSaveKey'] : ''; $options['editorName'] = !empty($options['editorName']) ? $options['editorName'] : $this->_fetchEditorName(); $options['autoSaveKey'] = $_autoSaveKeyOrig && $this->memberData['member_id'] ? $this->_generateAutoSaveKey($_autoSaveKeyOrig) : ''; $options['type'] = !empty($options['type']) && $options['type'] == 'mini' ? 'mini' : 'full'; $options['minimize'] = intval($options['minimize']); $options['height'] = intval($options['height']); $options['isTypingCallBack'] = !empty($options['isTypingCallBack']) ? $options['isTypingCallBack'] : ''; $options['noSmilies'] = !empty($options['noSmilies']) ? true : false; $options['delayInit'] = !empty($options['delayInit']) ? 1 : 0; $options['smilies'] = $this->fetchEmoticons(); $options['bypassCKEditor'] = !empty($options['bypassCKEditor']) ? 1 : ($this->getRteEnabled() ? 0 : 1); $options['legacyMode'] = !empty($options['legacyMode']) ? $options['legacyMode'] : 'on'; $html = ''; /* Fetch disabled tags */ $parser = $this->_newParserObject(); $options['disabledTags'] = $parser->getDisabledTags(); $this->setLegacyMode($options['legacyMode'] == 'on' ? true : false); if (isset($options['recover'])) { $content = IPSText::xssMakeJavascriptSafe($_POST['Post']); } /* Try and sniff out entered HTML */ if (IN_ACP and empty($options['isHtml'])) { $options['isHtml'] = intval($this->_tryAndDetermineHtmlStatusTheHackyWay($content ? $content : $this->getContent())); } if (!empty($options['isHtml'])) { $this->setIsHtml(true); if (IN_ACP) { $options['type'] = 'ipsacp'; } } else { if ($this->getIsHtml()) { $options['isHtml'] = 1; } } /* inline content */ if ($content) { $this->setContent($this->getLegacyMode() ? str_replace('\\\'', '\'', $content) : $content); } /* Is this legacy bbcode? If we are using RTE, we need to send HTML. @link http://community.invisionpower.com/resources/bugs.html/_/ip-board/old-style-image-links-do-not-parse-in-editor-r42078 */ if ($parser->isBBCode($this->getContent())) { $this->setContent($parser->htmlToEditor($this->getContent())); } /* Store last editor ID in case calling scripts need it */ $this->settings['_lastEditorId'] = $options['editorName']; if (IN_ACP) { $html = $this->registry->getClass('output')->global_template->editor($fieldName, $this->getContent(), $options, $this->getAutoSavedContent($_autoSaveKeyOrig)); } else { $warningInfo = ''; $acknowledge = FALSE; //----------------------------------------- // Warnings //----------------------------------------- if (isset($options['warnInfo']) and $this->memberData['member_id']) { $message = ''; /* Have they been restricted from posting? */ if ($this->memberData['restrict_post']) { $data = IPSMember::processBanEntry($this->memberData['restrict_post']); if ($data['date_end']) { if (time() >= $data['date_end']) { IPSMember::save($this->memberData['member_id'], array('core' => array('restrict_post' => 0))); } else { $message = sprintf($this->lang->words['warnings_restrict_post_temp'], $this->lang->getDate($data['date_end'], 'JOINED')); } } else { $message = $this->lang->words['warnings_restrict_post_perm']; } if ($this->memberData['unacknowledged_warnings']) { $warn = ipsRegistry::DB()->buildAndFetch(array('select' => '*', 'from' => 'members_warn_logs', 'where' => "wl_member={$this->memberData['member_id']} AND wl_rpa<>0", 'order' => 'wl_date DESC', 'limit' => 1)); if ($warn['wl_id']) { $moredetails = "<a href='javascript:void(0);' onclick='warningPopup( this, {$warn['wl_id']} )'>{$this->lang->words['warnings_moreinfo']}</a>"; } } if ($options['warnInfo'] == 'full') { $this->registry->getClass('output')->showError("{$message} {$moredetails}", 103126, null, null, 403); } else { $showEditor = FALSE; } } /* Nope? - Requires a new if in case time restriction got just removed */ if (empty($message)) { /* Do they have any warnings they have to acknowledge? */ if ($this->memberData['unacknowledged_warnings']) { $unAcknowledgedWarns = ipsRegistry::DB()->buildAndFetch(array('select' => '*', 'from' => 'members_warn_logs', 'where' => "wl_member={$this->memberData['member_id']} AND wl_acknowledged=0", 'order' => 'wl_date DESC', 'limit' => 1)); if ($unAcknowledgedWarns['wl_id']) { if ($options['warnInfo'] == 'full') { $this->registry->getClass('output')->silentRedirect($this->registry->getClass('output')->buildUrl("app=members&module=profile&section=warnings&do=acknowledge&id={$unAcknowledgedWarns['wl_id']}")); } else { $this->lang->loadLanguageFile('public_profile', 'members'); $acknowledge = $unAcknowledgedWarns['wl_id']; } } } /* No? Are they on mod queue? */ if ($this->memberData['mod_posts']) { $data = IPSMember::processBanEntry($this->memberData['mod_posts']); if ($data['date_end']) { if (time() >= $data['date_end']) { IPSMember::save($this->memberData['member_id'], array('core' => array('mod_posts' => 0))); } else { $message = sprintf($this->lang->words['warnings_modqueue_temp'], $this->lang->getDate($data['date_end'], 'JOINED')); } } else { $message = $this->lang->words['warnings_modqueue_perm']; } if ($message) { $warn = ipsRegistry::DB()->buildAndFetch(array('select' => '*', 'from' => 'members_warn_logs', 'where' => "wl_member={$this->memberData['member_id']} AND wl_mq<>0", 'order' => 'wl_date DESC', 'limit' => 1)); if ($warn['wl_id']) { if ($this->registry->output->getAsMobileSkin()) { $moredetails = "<a href='{$this->registry->getClass('output')->buildUrl("app=members&module=profile&section=warnings")}'>{$this->lang->words['warnings_moreinfo']}</a>"; } else { $moredetails = "<a href='javascript:void(0);' onclick='warningPopup( this, {$warn['wl_id']} )'>{$this->lang->words['warnings_moreinfo']}</a>"; } } } } /* How about our group? - Requires a new if in case mod queue restriction got just removed */ if (empty($message) && $this->memberData['g_mod_preview']) { /* Do we only limit for x posts/days? */ if ($this->memberData['g_mod_post_unit']) { if ($this->memberData['gbw_mod_post_unit_type']) { /* Days.. .*/ if ($this->memberData['joined'] > time() - 86400 * $this->memberData['g_mod_post_unit']) { $message = sprintf($this->lang->words['ms_mod_q'] . ' ' . $this->lang->words['ms_mod_q_until'], $this->lang->getDate($this->memberData['joined'] + 86400 * $this->memberData['g_mod_post_unit'], 'long')); } } else { /* Posts */ if ($this->memberData['posts'] < $this->memberData['g_mod_post_unit']) { $message = sprintf($this->lang->words['ms_mod_q'] . ' ' . $this->lang->words['ms_mod_q_until_posts'], $this->memberData['g_mod_post_unit'] - $this->memberData['posts']); } } } else { /* No limit, but still checking moderating */ $message = $this->lang->words['ms_mod_q']; } } elseif ($options['modAll'] and !$this->memberData['g_avoid_q']) { $message = $this->lang->words['ms_mod_q']; } } if ($message) { $warningInfo = "{$message} {$moredetails}"; } } //----------------------------------------- // Show the editor //----------------------------------------- $parser = new class_text_parser_legacy(); $this->passSettings($parser); /* Mobile skin / app? */ if ($this->_canWeRte(true) !== true || $this->registry->output->getAsMobileSkin()) { $content = $this->toPlainTextArea($this->getContent()); } else { /* CKEditor decodes HTML entities */ $content = str_replace('&', '&', $this->getContent()); /* Take a stab at fixing up manually entered CODE tag */ //$content = $this->_fixManuallyEnteredCodeBoxesIntoRte( $content ); /* Convert to BBCode for non JS peoples */ $content = $parser->htmlToEditor($content); } /* Make sure the textarea isn't terminated early */ $content = str_ireplace('</textarea>', '</textarea>', $content); $bbcodeVersion = ''; if ($content) { $bbcodeVersion = $this->toPlainTextArea($parser->postEditor($content)); } $html = $this->registry->getClass('output')->getTemplate('editors')->editor($fieldName, $content, $options, $this->getAutoSavedContent($_autoSaveKeyOrig), $warningInfo, $acknowledge, $bbcodeVersion, $showEditor); } return $html; }