function postcopy_main($data) { global $mybb, $db; require_once MYBB_ROOT . "inc/datahandlers/post.php"; $forumID = "1"; //Forum ID to monitor for new posts $destForum = "1"; //Forum ID to copy posts to $prefixIDNew = "1"; // Thread prefix to apply to copied thread $posterUID = "1"; //UserID of the user you want to "post" the new thread, or you can edit the data below to use the original posters ID. if ($data->data['fid'] === $forumID) { $query = $db->query("SELECT example, example2, example3 FROM " . TABLE_PREFIX . "threadfields_data WHERE tid = " . $data->tid); //Select Xthreads data $tfields = $db->fetch_array($query); $thIns = array('fid' => $destForum, 'prefix' => $prefixIDNew, 'subject' => $data->data['subject'], 'icon' => $data->data['icon'], 'uid' => $posterUID, 'username' => $data->data['username'], 'dateline' => TIME_NOW, 'message' => "<b>Username:</b> " . $data->data['username'] . "<br /><b>Example: </b> " . $tfields['example'] . "<br /><b>Example2: </b> " . $tfields['example2'] . " <br /><b>Example3: </b> " . $tfields['example3'] . "<br /><b>Body:</b> " . $data->data['message'], 'ipaddress' => $data->data['ipaddress']); $new_thread['options'] = array("signature" => $data->data['options']['signature'], "subscriptionmethod" => $data->data['options']['subscriptionmethod'], "disablesmilies" => $data->data['options']['disablesmilies']); $posthandler = new PostDataHandler("insert"); $posthandler->action = "thread"; $posthandler->set_data($thIns); $valid_thread = $posthandler->validate_post(); $post_errors = array(); if (!$valid_thread) { $post_errors = $posthandler->get_friendly_errors(); } if (count($post_errors) > 0) { $thread_errors = inline_error($post_errors); $mybb->input['action'] = "newthread"; } else { $posthandler->insert_thread(); } } }
/** This is where you perform the action when the API is called, the parameter given is an instance of stdClass, this method should return an instance of stdClass. */ public function action() { global $mybb; require_once MYBB_ROOT . 'inc/functions_post.php'; require_once MYBB_ROOT . '/inc/datahandlers/post.php'; if (isset($mybb->input["subject"]) && is_string($mybb->input["subject"]) && isset($mybb->input["forumid"]) && is_numeric($mybb->input["forumid"]) && isset($mybb->input["message"]) && is_string($mybb->input["message"]) && isset($mybb->input["ipaddress"]) && is_string($mybb->input["ipaddress"])) { $subject = $mybb->input["subject"]; $forumid = (int) $mybb->input["forumid"]; $message = $mybb->input["message"]; $ipaddress = $mybb->input["ipaddress"]; $prefix = isset($mybb->input["prefix"]) && is_string($mybb->input["prefix"]) ? $mybb->input["prefix"] : null; $icon = isset($mybb->input["icon"]) && is_string($mybb->input["icon"]) ? $mybb->input["icon"] : null; $savedraft = isset($mybb->input["savedraft"]) && in_array($mybb->input["savedraft"], array("1", "0")) ? (int) $mybb->input["savedraft"] : 0; $subscriptionmethod = isset($mybb->input["subscriptionmethod"]) && in_array($mybb->input["subscriptionmethod"], array("", "none", "instant")) ? $mybb->input["subscriptionmethod"] : ""; $signature = isset($mybb->input["signature"]) && in_array($mybb->input["signature"], array("1", "0")) ? (int) $mybb->input["signature"] : 0; $disablesmilies = isset($mybb->input["disablesmilies"]) && in_array($mybb->input["disablesmilies"], array("1", "0")) ? (int) $mybb->input["disablesmilies"] : 0; $modclosethread = isset($mybb->input["modclosethread"]) && in_array($mybb->input["modclosethread"], array("1", "0")) ? (int) $mybb->input["modclosethread"] : 0; $modstickthread = isset($mybb->input["modstickthread"]) && in_array($mybb->input["modstickthread"], array("1", "0")) ? (int) $mybb->input["modstickthread"] : 0; // let's start $posthandler = new PostDataHandler('insert'); $posthandler->action = 'thread'; $data = array("uid" => $this->get_user()->uid, "username" => $this->get_user()->username, "subject" => $subject, "fid" => $forumid, "prefix" => $prefix, "message" => $message, "ipaddress" => $ipaddress, "icon" => $icon, "savedraft" => $savedraft, "options" => array("subscriptionmethod" => $subscriptionmethod, "signature" => $signature, "disablesmilies" => $disablesmilies)); if (isset($this->get_user()->is_moderator) && $this->get_user()->is_moderator) { $data[] = array("closethread" => $modclosethread, "stickthread" => $modstickthread); } $posthandler->set_data($data); if (!$posthandler->validate_thread()) { throw new BadRequestException((object) $posthandler->get_friendly_errors()); } return (object) $posthandler->insert_thread(); } }
/** * Create the thread * */ function createthread() { global $mybb, $event, $db; if ($event['private'] != 1) { require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("insert"); $posthandler->action = "thread"; $posthandler->admin_override = true; $uid = $mybb->user['uid']; $username = $mybb->user['username']; $message = $mybb->input['description']; $subject = "[" . $event['start_date']['day'] . '.' . $event['start_date']['month'] . '.' . $event['start_date']['year'] . '] - ' . $db->escape_string($event['name']); $new_thread = array("fid" => $mybb->settings['eventcal_id'], "subject" => $subject, "uid" => $uid, "username" => $username, "message" => $message, "ipaddress" => get_ip()); $posthandler->set_data($new_thread); $validate = $posthandler->validate_thread(); if ($validate) { $tinfo = $posthandler->insert_thread(); } header("Location: showthread.php?tid=" . $tinfo['tid']); } }
$editreason = @mb_convert_encoding($editreason, $charset, "UTF-8"); } else { if (my_strtolower($charset) == "iso-8859-1") { $message = utf8_decode($message); $editreason = utf8_decode($editreason); } } } } // Set up posthandler. require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("update"); $posthandler->action = "post"; // Set the post data that came from the input to the $post array. $updatepost = array("pid" => $post['pid'], "message" => $message, "editreason" => $editreason, "edit_uid" => $mybb->user['uid']); $posthandler->set_data($updatepost); // Now let the post handler do all the hard work. if (!$posthandler->validate_post()) { $post_errors = $posthandler->get_friendly_errors(); xmlhttp_error($post_errors); } else { $postinfo = $posthandler->update_post(); $visible = $postinfo['visible']; if ($visible == 0 && !is_moderator($post['fid'], "canviewunapprove")) { // Is it the first post? if ($thread['firstpost'] == $post['pid']) { echo json_encode(array("moderation_thread" => $lang->thread_moderation, 'url' => $mybb->settings['bburl'] . '/' . get_forum_link($thread['fid']), "message" => $post['message'])); exit; } else { echo json_encode(array("moderation_post" => $lang->post_moderation, 'url' => $mybb->settings['bburl'] . '/' . get_thread_link($thread['tid']), "message" => $post['message'])); exit;
/** * Execute Normal and Inline Thread Moderation * * @param array Moderation information * @param mixed Thread IDs * @return boolean true */ function execute_thread_moderation($thread_options, $tids) { global $db, $mybb; $tid = intval($tids[0]); // Take the first thread to get thread data from $query = $db->simple_select("threads", 'fid', "tid='{$tid}'"); $thread = $db->fetch_array($query); // If deleting threads, only do that if ($thread_options['deletethread'] == 1) { foreach ($tids as $tid) { $this->delete_thread($tid); } } else { if ($thread_options['mergethreads'] == 1 && count($tids) > 1) { $tid_list = implode(',', $tids); $options = array('order_by' => 'dateline', 'order_dir' => 'DESC'); $query = $db->simple_select("threads", 'tid, subject', "tid IN ({$tid_list})", $options); // Select threads from newest to oldest $last_tid = 0; while ($tid = $db->fetch_array($query)) { if ($last_tid != 0) { $this->merge_threads($last_tid, $tid['tid'], $tid['subject']); // And keep merging them until we get down to one thread. } $last_tid = $tid['tid']; } } if ($thread_options['deletepoll'] == 1) { foreach ($tids as $tid) { $this->delete_poll($tid); } } if ($thread_options['removeredirects'] == 1) { foreach ($tids as $tid) { $this->remove_redirects($tid); } } if ($thread_options['approvethread'] == 'approve') { $this->approve_threads($tids, $thread['fid']); } elseif ($thread_options['approvethread'] == 'unapprove') { $this->unapprove_threads($tids, $thread['fid']); } elseif ($thread_options['approvethread'] == 'toggle') { $this->toggle_thread_visibility($tids, $thread['fid']); } if ($thread_options['openthread'] == 'open') { $this->open_threads($tids); } elseif ($thread_options['openthread'] == 'close') { $this->close_threads($tids); } elseif ($thread_options['openthread'] == 'toggle') { $this->toggle_thread_status($tids); } if ($thread_options['threadprefix'] != '-1') { $this->apply_thread_prefix($tids, $thread_options['threadprefix']); // Update thread prefix } if (my_strtolower(trim($thread_options['newsubject'])) != '{subject}') { $this->change_thread_subject($tids, $thread_options['newsubject']); } if (!empty($thread_options['addreply'])) { $tid_list = implode(',', $tids); $query = $db->simple_select("threads", 'fid, subject, tid, firstpost, closed', "tid IN ({$tid_list}) AND closed NOT LIKE 'moved|%'"); require_once MYBB_ROOT . "inc/datahandlers/post.php"; // Loop threads adding a reply to each one while ($thread = $db->fetch_array($query)) { $posthandler = new PostDataHandler("insert"); if (empty($thread_options['replysubject'])) { $new_subject = 'RE: ' . $thread['subject']; } else { $new_subject = str_ireplace('{username}', $mybb->user['username'], $thread_options['replysubject']); $new_subject = str_ireplace('{subject}', $thread['subject'], $new_subject); } // Set the post data that came from the input to the $post array. $post = array("tid" => $thread['tid'], "replyto" => $thread['firstpost'], "fid" => $thread['fid'], "subject" => $new_subject, "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "message" => $thread_options['addreply'], "ipaddress" => $db->escape_string(get_ip())); // Set up the post options from the input. $post['options'] = array("signature" => 1, "emailnotify" => 0, "disablesmilies" => 0); if ($thread['closed'] == 1) { // Keep this thread closed $post['modoptions']['closethread'] = 1; } $posthandler->set_data($post); if ($posthandler->validate_post($post)) { $posthandler->insert_post($post); } } } if ($thread_options['movethread'] > 0 && $thread_options['movethread'] != $thread['fid']) { if ($thread_options['movethreadredirect'] == 1) { $time = TIME_NOW + $thread_options['movethreadredirectexpire'] * 86400; foreach ($tids as $tid) { $this->move_thread($tid, $thread_options['movethread'], 'redirect', $time); } } else { $this->move_threads($tids, $thread_options['movethread']); } } if ($thread_options['copythread'] > 0 || $thread_options['copythread'] == -2) { if ($thread_options['copythread'] == -2) { $thread_options['copythread'] = $thread['fid']; } foreach ($tids as $tid) { $new_tid = $this->move_thread($tid, $thread_options['copythread'], 'copy'); } } } return true; }
} $uid = 0; } else { $username = $mybb->user['username']; $uid = $mybb->user['uid']; } // Set up posthandler. require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("insert"); $posthandler->action = "post"; // Set the post data that came from the input to the $post array. $post = array("tid" => $mybb->get_input('tid', MyBB::INPUT_INT), "replyto" => $mybb->get_input('replyto', MyBB::INPUT_INT), "fid" => $thread['fid'], "subject" => $mybb->get_input('subject'), "icon" => $mybb->get_input('icon', MyBB::INPUT_INT), "uid" => $uid, "username" => $username, "message" => $mybb->get_input('message'), "ipaddress" => $session->packedip, "posthash" => $mybb->get_input('posthash')); if (isset($mybb->input['pid'])) { $post['pid'] = $mybb->get_input('pid', MyBB::INPUT_INT); } $posthandler->set_data($post); // Now let the post handler do all the hard work. $valid_post = $posthandler->verify_message(); $valid_subject = $posthandler->verify_subject(); // guest post --> verify author if ($post['uid'] == 0) { $valid_username = $posthandler->verify_author(); } else { $valid_username = true; } $post_errors = array(); // Fetch friendly error messages if this is an invalid post if (!$valid_post || !$valid_subject || !$valid_username) { $post_errors = $posthandler->get_friendly_errors(); } // One or more errors returned, fetch error list and throw to newreply page
} $numpolloptions = "2"; } } // If we're preving a post then generate the preview. if ($mybb->input['previewpost']) { // Set up posthandler. require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("insert"); $posthandler->action = "thread"; // Set the thread data that came from the input to the $thread array. $new_thread = array("fid" => $forum['fid'], "prefix" => $mybb->input['threadprefix'], "subject" => $mybb->input['subject'], "icon" => $mybb->input['icon'], "uid" => $uid, "username" => $username, "message" => $mybb->input['message'], "ipaddress" => get_ip(), "posthash" => $mybb->input['posthash']); if ($pid != '') { $new_thread['pid'] = $pid; } $posthandler->set_data($new_thread); // Now let the post handler do all the hard work. $valid_thread = $posthandler->verify_message(); $valid_subject = $posthandler->verify_subject(); // guest post --> verify author if ($new_thread['uid'] == 0) { $valid_username = $posthandler->verify_author(); } else { $valid_username = true; } $post_errors = array(); // Fetch friendly error messages if this is an invalid post if (!$valid_thread || !$valid_subject || !$valid_username) { $post_errors = $posthandler->get_friendly_errors(); } // One or more errors returned, fetch error list and throw to newreply page
function save_raw_post_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $lang->load("editpost"); $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'post_title' => Tapatalk_Input::STRING, 'post_content' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'editreason' => Tapatalk_Input::STRING), $xmlrpc_params); $parser = new postParser(); // No permission for guests if (!$mybb->user['uid']) { return tt_no_permission(); } // Get post info $pid = $input['post_id']; $query = $db->simple_select("posts", "*", "pid='{$pid}'"); $post = $db->fetch_array($query); if (empty($input['post_title'])) { $input['post_title'] = $post['subject']; } if (!$post['pid']) { return xmlrespfalse($lang->error_invalidpost); } // Get thread info $tid = $post['tid']; $thread = get_thread($tid); if (!$thread['tid']) { return xmlrespfalse($lang->error_invalidthread); } $thread['subject'] = htmlspecialchars_uni($thread['subject']); // Get forum info $fid = $post['fid']; $forum = get_forum($fid); if (!$forum || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } $forumpermissions = forum_permissions($fid); if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } if ($forumpermissions['caneditposts'] == 0) { return tt_no_permission(); } if ($mybb->user['uid'] != $post['uid']) { return tt_no_permission(); } // Edit time limit $time = TIME_NOW; if ($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < $time - $mybb->settings['edittimelimit'] * 60) { $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); return xmlrespfalse($lang->edit_time_limit); } } // Check if this forum is password protected and we have a valid password tt_check_forum_password($forum['fid']); // Set up posthandler. require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("update"); $posthandler->action = "post"; // Set the post data that came from the input to the $post array. $post = array("pid" => $pid, "subject" => $input['post_title'], "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "edit_uid" => $mybb->user['uid'], "message" => $input['post_content']); if (version_compare($mybb->version, '1.8.0', '>=') && !empty($input['editreason'])) { $post["editreason"] = $input['editreason']; } // get subscription status $query = $db->simple_select("threadsubscriptions", 'notification', "uid='" . intval($mybb->user['uid']) . "' AND tid='" . intval($tid) . "'"); $substatus = $db->fetch_array($query); // Set up the post options from the input. $post['options'] = array("signature" => 1, "subscriptionmethod" => isset($substatus['notification']) ? $substatus['notification'] == 1 ? 'instant' : 'none' : '', "disablesmilies" => 0); $posthandler->set_data($post); // Now let the post handler do all the hard work. if (!$posthandler->validate_post()) { $post_errors = $posthandler->get_friendly_errors(); return xmlrespfalse(implode(" :: ", $post_errors)); } else { $postinfo = $posthandler->update_post(); $visible = $postinfo['visible']; $first_post = $postinfo['first_post']; // Help keep our attachments table clean. $db->delete_query("attachments", "filename='' OR filesize<1"); if ($visible == 0 && $first_post && !is_moderator($fid, "", $mybb->user['uid'])) { $state = 1; } else { if ($visible == 0 && !is_moderator($fid, "", $mybb->user['uid'])) { $state = 1; } else { $state = 0; } } } $pid = intval($pid); if (!empty($input['group_id_esc'])) { $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'"); } // update thread attachment account if (count($input['attachment_id_array']) > 0) { update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array']))); } $post = get_post($pid); $parser_options = array(); $parser_options['allow_html'] = false; $parser_options['allow_mycode'] = true; $parser_options['allow_smilies'] = false; $parser_options['allow_imgcode'] = true; $parser_options['allow_videocode'] = true; $parser_options['nl2br'] = (bool) $input['return_html']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } $post['message'] = $parser->parse_message($post['message'], $parser_options); $post['subject'] = $parser->parse_badwords($post['subject']); $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'state' => new xmlrpcval($state, 'int'), 'post_title' => new xmlrpcval($post['subject'], 'base64'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64')), 'struct'); return new xmlrpcresp($result); }
function m_rename_topic_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $modlogdata; $lang->load("editpost"); $input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::INT, 'title' => Tapatalk_Input::STRING, 'prefix' => Tapatalk_Input::INT), $xmlrpc_params); $parser = new postParser(); // Get post info $thread = get_thread($input['topic_id']); if (!$thread['tid']) { return xmlrespfalse($lang->error_invalidthread); } $forumpermissions = forum_permissions($thread['fid']); // No permission for guests if ($mybb->user['uid'] == 0) { return tt_no_permission(); } // Get forum info $fid = $thread['fid']; $forum = get_forum($fid); if (!$forum || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } if ($forumpermissions['caneditposts'] == 0) { return tt_no_permission(); } if ($mybb->user['uid'] != $thread['uid']) { return tt_no_permission(); } // Edit time limit $time = TIME_NOW; if ($mybb->settings['edittimelimit'] != 0 && $thread['dateline'] < $time - $mybb->settings['edittimelimit'] * 60) { $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); return xmlrespfalse($lang->edit_time_limit); } } // Check if this forum is password protected and we have a valid password tt_check_forum_password($forum['fid']); // Set up posthandler. require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("update"); $posthandler->action = "post"; // Set the post data that came from the input to the $post array. $post = array("pid" => $thread['firstpost'], "subject" => $input['title'], "prefix" => $input['prefix']); $posthandler->set_data($post); // Now let the post handler do all the hard work. if (!$posthandler->validate_post()) { $post_errors = $posthandler->get_friendly_errors(); return xmlrespfalse(implode(" :: ", $post_errors)); } else { $postinfo = $posthandler->update_post(); $response = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'is_login_mod' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval("", 'base64')), 'struct'); return new xmlrpcresp($response); } }
/** * Updates a thread in the database * * @param array $data Thread data * @param boolean $inline_errors Defines if we want a formatted error string or an array * @return array|string * @return array|string When true it will return an array with threadID, postID and status of being visible - false = error array or inline string */ function updateThread($data, $inline_errors = true) { if (!isset($data['tid'])) { $this->_errorAndDie('Function <i>updateThread</i>: Must pass thread id in array parameter - Required array key is <i>tid</i>'); } // Posthandler is used for a post, so let's fetch the thread-post $thread = $this->getThread($data['tid']); $data['pid'] = $thread['firstpost']; require_once MYBB_ROOT . 'inc/functions_post.php'; require_once MYBB_ROOT . '/inc/datahandlers/post.php'; $posthandler = new PostDataHandler('update'); $posthandler->action = 'post'; $posthandler->set_data($data); if (!$posthandler->validate_post()) { $errors = $posthandler->get_friendly_errors(); return $inline_errors === true ? inline_error($errors) : $errors; } return $posthandler->update_post(); }
/** * Inserts a thread into the database * * @param array $data Thread data * @param boolean $inline_errors Defines if we want a formatted error string or an array * @return array|string * @return array|string When true it will return an array with threadID, postID and status of being visible - false = error array or inline string */ function createThread($data, $inline_errors = true) { require_once MYBB_ROOT . 'inc/functions_post.php'; require_once MYBB_ROOT . '/inc/datahandlers/post.php'; $posthandler = new PostDataHandler('insert'); $posthandler->action = 'thread'; $posthandler->set_data($data); if (!$posthandler->validate_thread()) { $errors = $posthandler->get_friendly_errors(); return $inline_errors === true ? inline_error($errors) : $errors; } return $posthandler->insert_thread(); }
function new_topic_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $thread_info, $pid, $tid, $visible, $fid, $new_thread; $lang->load("newthread"); $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT, 'subject' => Tapatalk_Input::STRING, 'message' => Tapatalk_Input::STRING, 'prefix_id' => Tapatalk_Input::STRING, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING), $xmlrpc_params); $fid = $input['forum_id']; // Fetch forum information. $forum = get_forum($fid); if (!$forum) { return xmlrespfalse($lang->error_invalidforum); } $forumpermissions = forum_permissions($fid); if ($forum['open'] == 0 || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } // Check if this forum is password protected and we have a valid password tt_check_forum_password($forum['fid']); // Check the maximum posts per day for this user if ($mybb->settings['maxposts'] > 0 && $mybb->usergroup['cancp'] != 1) { $daycut = TIME_NOW - 60 * 60 * 24; $query = $db->simple_select("posts", "COUNT(*) AS posts_today", "uid='{$mybb->user['uid']}' AND visible='1' AND dateline>{$daycut}"); $post_count = $db->fetch_field($query, "posts_today"); if ($post_count >= $mybb->settings['maxposts']) { $lang->error_maxposts = $lang->sprintf($lang->error_maxposts, $mybb->settings['maxposts']); return xmlrespfalse($lang->error_maxposts); } } $username = $mybb->user['username']; $uid = $mybb->user['uid']; // Attempt to see if this post is a duplicate or not if ($uid > 0) { $user_check = "p.uid='{$uid}'"; } else { $user_check = "p.ipaddress='" . $db->escape_string($session->ipaddress) . "'"; } if (!$mybb->input['savedraft'] && !$pid) { $query = $db->simple_select("posts p", "p.pid", "{$user_check} AND p.fid='{$forum['fid']}' AND p.subject='{$input['subject_esc']}' AND p.message='{$input['message_esc']}'"); $duplicate_check = $db->fetch_field($query, "pid"); if ($duplicate_check) { return xmlrespfalse($lang->error_post_already_submitted); } } // Set up posthandler. require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("insert"); $posthandler->action = "thread"; // Set the thread data that came from the input to the $thread array. $new_thread = array("fid" => $forum['fid'], "subject" => $input['subject'], "prefix" => $input['prefix_id'], "icon" => 0, "uid" => $uid, "username" => $username, "message" => $input['message'], "ipaddress" => get_ip(), "posthash" => $input['group_id_esc']); $new_thread['savedraft'] = 0; // Set up the thread options from the input. $new_thread['options'] = array("signature" => 1, "subscriptionmethod" => $mybb->user['subscriptionmethod'] == 0 ? '' : $mybb->user['subscriptionmethod'], "disablesmilies" => 0); $posthandler->set_data($new_thread); // Now let the post handler do all the hard work. $valid_thread = $posthandler->validate_thread(); $post_errors = array(); // Fetch friendly error messages if this is an invalid thread if (!$valid_thread) { $post_errors = $posthandler->get_friendly_errors(); return xmlrespfalse(implode(" :: ", $post_errors)); } $thread_info = $posthandler->insert_thread(); $tid = $thread_info['tid']; $pid = $thread_info['pid']; $visible = $thread_info['visible']; if ($pid != '') { if (!empty($input['group_id_esc'])) { $db->update_query("attachments", array("pid" => intval($pid)), "posthash='{$input['group_id_esc']}'"); } } tapatalk_push_newtopic(); tapatalk_push_quote(); tapatalk_push_tag(); // Mark thread as read require_once MYBB_ROOT . "inc/functions_indicators.php"; mark_thread_read($tid, $fid); $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'topic_id' => new xmlrpcval($tid, 'string'), 'state' => new xmlrpcval($visible ? 0 : 1, 'int')), 'struct'); return new xmlrpcresp($result); }
function reply_post_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $tid, $pid, $visible, $thread, $post; $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT, 'topic_id' => Tapatalk_Input::INT, 'subject' => Tapatalk_Input::STRING, 'text_body' => Tapatalk_Input::STRING, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params); $lang->load("newreply"); $parser = new Tapatalk_Parser(); $tid = $input['topic_id']; $options = array("limit" => 1); $query = $db->simple_select("threads", "*", "tid='" . $tid . "'"); if ($db->num_rows($query) == 0) { return xmlrespfalse($lang->error_invalidthread); } $thread = $db->fetch_array($query); $fid = $thread['fid']; // Get forum info $forum = get_forum($fid); if (!$forum) { return xmlrespfalse($lang->error_invalidforum); } $forumpermissions = forum_permissions($fid); if ($thread['visible'] == 0 && !is_moderator($fid) || $thread['visible'] < 0) { return xmlrespfalse($lang->error_invalidthread); } if ($forum['open'] == 0 || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostreplys'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } if ($forumpermissions['canonlyviewthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) { return tt_no_permission(); } tt_check_forum_password($forum['fid']); // Check to see if the thread is closed, and if the user is a mod. if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } } // Is the currently logged in user a moderator of this forum? if (is_moderator($fid)) { $ismod = true; } else { $ismod = false; } if (!empty($input['group_id'])) { $posthash = $input['group_id']; } else { $posthash = md5($thread['tid'] . $mybb->user['uid'] . random_str()); } if ($mybb->settings['maxposts'] > 0 && $mybb->usergroup['cancp'] != 1) { $daycut = TIME_NOW - 60 * 60 * 24; $query = $db->simple_select("posts", "COUNT(*) AS posts_today", "uid='{$mybb->user['uid']}' AND visible='1' AND dateline>{$daycut}"); $post_count = $db->fetch_field($query, "posts_today"); if ($post_count >= $mybb->settings['maxposts']) { $lang->error_maxposts = $lang->sprintf($lang->error_maxposts, $mybb->settings['maxposts']); return xmlrespfalse($lang->error_maxposts); } } $username = $mybb->user['username']; $uid = $mybb->user['uid']; $user_check = "p.uid='{$uid}'"; if (version_compare($mybb->version, '1.8.0', '<')) { $query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='" . $db->escape_string($mybb->input['subject']) . "' AND p.message='" . $db->escape_string($mybb->input['message']) . "' AND p.posthash='" . $db->escape_string($mybb->input['posthash']) . "' AND p.visible != '-2'"); } else { $query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='" . $db->escape_string($mybb->get_input('subject')) . "' AND p.message='" . $db->escape_string($mybb->get_input('message')) . "' AND p.visible != '-2' AND p.dateline>" . (TIME_NOW - 600)); } $duplicate_check = $db->fetch_field($query, "pid"); if ($duplicate_check) { return xmlrespfalse($lang->error_post_already_submitted); } require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("insert"); $post = array("tid" => $input['topic_id'], "replyto" => 0, "fid" => $thread['fid'], "subject" => $input['subject'], "icon" => 0, "uid" => $uid, "username" => $username, "message" => $input['text_body'], "ipaddress" => get_ip(), "posthash" => $posthash); if ($mybb->input['pid']) { $post['pid'] = $mybb->input['pid']; } $post['savedraft'] = 0; // Set up the post options from the input. $post['options'] = array("signature" => 1, "subscriptionmethod" => $mybb->user['subscriptionmethod'] == 0 ? '' : $mybb->user['subscriptionmethod'], "disablesmilies" => 0); $post['modoptions']['stickthread'] = $thread['sticky']; $post['modoptions']['closethread'] = $thread['closed']; $posthandler->set_data($post); // Now let the post handler do all the hard work. $valid_post = $posthandler->validate_post(); $post_errors = array(); // Fetch friendly error messages if this is an invalid post if (!$valid_post) { $post_errors = $posthandler->get_friendly_errors(); } // Mark thread as read require_once MYBB_ROOT . "inc/functions_indicators.php"; mark_thread_read($tid, $fid); // One or more errors returned, fetch error list and throw to newreply page if (count($post_errors) > 0) { return xmlrespfalse(implode(" :: ", $post_errors)); } else { $postinfo = $posthandler->insert_post(); $pid = $postinfo['pid']; $visible = $postinfo['visible']; tapatalk_push_reply(); tapatalk_push_quote(); tapatalk_push_tag(); // Deciding the fate if ($visible == -2) { $state = 1; } elseif ($visible == 1) { $state = 0; } else { $state = 1; } } $pid = intval($pid); if (!empty($input['group_id_esc'])) { $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'"); } // update thread attachment account if (count($input['attachment_id_array']) > 0) { update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array']))); } $post = get_post($pid); $parser_options = array(); $parser_options['allow_html'] = false; $parser_options['allow_mycode'] = true; $parser_options['allow_smilies'] = false; $parser_options['allow_imgcode'] = true; $parser_options['allow_videocode'] = true; $parser_options['nl2br'] = (bool) $input['return_html']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } $post['message'] = post_bbcode_clean($post['message']); $post['message'] = $parser->parse_message($post['message'], $parser_options); global $attachcache; $attachcache = array(); if ($thread['attachmentcount'] > 0) { // Now lets fetch all of the attachments for these posts. $query = $db->simple_select("attachments", "*", "pid='{$pid}'"); while ($attachment = $db->fetch_array($query)) { $attachcache[$attachment['pid']][$attachment['aid']] = $attachment; } } $attachment_list = process_post_attachments($post['pid'], $post); $can_delete = 0; if ($mybb->user['uid'] == $post['uid']) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete = 1; } } } $can_delete = (is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0; $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'post_id' => new xmlrpcval($postinfo['pid'], 'string'), 'state' => new xmlrpcval($state, 'int'), 'post_author_id' => new xmlrpcval($mybb->user['uid'], 'string'), 'post_author_name' => new xmlrpcval(basic_clean($mybb->user['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($mybb->user['avatar']), 'string'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64'), 'can_edit' => new xmlrpcval(is_moderator($fid, "caneditposts") || $thread['closed'] == 0 && $forumpermissions['caneditposts'] == 1, 'boolean'), 'can_delete' => new xmlrpcval($can_delete, 'boolean'), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode(TIME_NOW), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval(TIME_NOW, 'string'), 'attachments' => new xmlrpcval($attachment_list, 'array')), 'struct'); return new xmlrpcresp($result); }
function reportthread_dopost() { require_once MYBB_ROOT . "inc/datahandlers/post.php"; global $db, $mybb; if (intval($mybb->settings['rtt_enabled']) == 1 || preg_replace("/[^a-z]/i", "", $mybb->settings['rtt_enabled']) == "yes") { if ($mybb->input['type'] == 'post') { $title = "Reported Post By "; $post = get_post($mybb->input['pid']); $thread = get_thread($post['tid']); $forum = get_forum($thread['fid']); $tlink = get_thread_link($thread['tid']); $flink = get_forum_link($thread['fid']); $reason = $mybb->input['reason']; if ($reason === 'other') { $reason = $mybb->input['comment']; } $post_data = $mybb->user['username'] . " has reported a post.\r\n\r\nOriginal Thread: [url=" . $mybb->settings['bburl'] . "/{$tlink}]" . $thread['subject'] . "[/url]\r\nForum: [url=" . $mybb->settings['bburl'] . "/{$flink}]" . $forum['name'] . "[/url]\r\n\r\nReason Given:\r\n[quote=\"" . $mybb->user['username'] . "\" dateline=\"" . time() . "\"]" . $reason . "[/quote]\r\n\r\nPost Content:\r\n[quote=\"" . $post['username'] . "\" pid=\"" . $post['pid'] . "\" dateline=\"" . $post['dateline'] . "\"]" . $post['message'] . "[/quote]"; } else { if ($mybb->input['type'] == 'reputation') { $title = "Reported Reputation By "; $rep = get_reputation_point($mybb->input['pid']); $giver = get_user($rep['adduid']); $reason = $mybb->input['reason']; if ($reason === 'other') { $reason = $mybb->input['comment']; } $post_data = $mybb->user['username'] . " has reported a reputation point.\r\n\r\nReason Given:\r\n[quote=\"" . $mybb->user['username'] . "\" dateline=\"" . time() . "\"]" . $reason . "[/quote]\r\n\r\nReputation comment:\r\n[quote=\"" . $giver['username'] . "\" dateline=\"" . $rep['dateline'] . "\"]" . $rep['comments'] . "[/quote]"; } } $new_thread = array("fid" => $mybb->settings['rtt_fid'], "prefix" => 0, "subject" => $title . $mybb->user['username'], "icon" => 0, "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "message" => $post_data, "ipaddress" => get_ip(), "posthash" => md5($mybb->user['uid'] . random_str())); $posthandler = new PostDataHandler("insert"); $posthandler->action = "thread"; $posthandler->set_data($new_thread); if ($posthandler->validate_thread()) { $thread_info = $posthandler->insert_thread(); } } }