protected function fetchCanViewAlbum($albumid) { if (!$this->fetchCanViewAlbums() or !($album = $this->content['album'][$albumid])) { return false; } if (!($userinfo = $this->content['user'][$album['userid']])) { return false; } cache_permissions($userinfo, false); if (!can_moderate(0, 'caneditalbumpicture') and !($userinfo['permissions']['albumpermissions'] & vB::$vbulletin->bf_ugp_albumpermissions['canalbum'])) { return false; } if (!can_view_profile_section($album['userid'], 'albums')) { // private album that we can not see return false; } require_once DIR . '/includes/functions_album.php'; if ($album['state'] == 'private' and !can_view_private_albums($album['userid'], $album['buddy'])) { // private album that we can not see return false; } else { if ($album['state'] == 'profile' and !can_view_profile_albums($album['userid'])) { // profile album that we can not see return false; } } return true; }
else if ( $userinfo['vm_contactonly'] AND !can_moderate(0, 'canmoderatevisitormessages') AND $userinfo['userid'] != $vbulletin->userinfo['userid'] AND !$userinfo['bbuser_iscontact_of_user'] ) { // are you a contact? print_no_permission(); } require_once(DIR . '/includes/functions_user.php'); if (!can_view_profile_section($userinfo['userid'], 'visitor_messaging')) { print_no_permission(); } cache_permissions($userinfo, false); if ($userinfo['usergroupid'] == 4 AND !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) { print_no_permission(); } $canpostmessage = ( $userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers'] AND $vbulletin->userinfo['userid'] AND (
} } } if ($show['reputationcol']) { $checkperms = cache_permissions($userinfo, false); fetch_reputation_image($userinfo, $checkperms); } $can_view_profile_pic = ( $show['profilepiccol'] AND $userinfo['profilepic'] AND ($userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canprofilepic'] OR $userinfo['adminprofilepic']) ); if ($userinfo['profilepicrequirement'] AND !can_view_profile_section($userinfo['userid'], 'profile_picture', $userinfo['profilepicrequirement'], $userinfo)) { $can_view_profile_pic = false; } if ($can_view_profile_pic) { if ($vbulletin->options['usefileavatar']) { $userinfo['profilepicurl'] = $vbulletin->options['profilepicurl'] . '/profilepic' . $userinfo['userid'] . '_' . $userinfo['profilepicrevision'] . '.gif'; } else { $userinfo['profilepicurl'] = 'image.php?' . $vbulletin->session->vars['sessionurl'] . 'u=' . $userinfo['userid'] . "&dateline=$userinfo[profilepicdateline]&type=profile"; } $userinfo['profilepic'] = "<img src=\"" . $userinfo['profilepicurl'] . "\" alt=\"\" title=\"" . construct_phrase($vbphrase['xs_picture'], $userinfo['username']) . "\" border=\"0\"";
$navbar = render_navbar_template($navbits); $url =& $vbulletin->url; $templater = vB_Template::create('mailform'); $templater->register_page_templates(); $templater->register('message', $message); $templater->register('navbar', $navbar); $templater->register('subject', $subject); $templater->register('url', $url); $templater->register('userinfo', $userinfo); print_output($templater->render()); } else { require_once(DIR . '/includes/functions_user.php'); if (!can_view_profile_section($userinfo['userid'], 'contactinfo')) { standard_error(fetch_error('user_chosen_privacy_prevents_viewing')); } // show the user's email address $destusername = $userinfo['username']; eval(standard_error(fetch_error('showemail', $destusername, htmlspecialchars_uni($userinfo['email'])))); } } } // ############################### start do mail member ############################### if ($_POST['do'] == 'domailmember') { $vbulletin->input->clean_array_gpc('p', array(
} else { $image =& vB_Image::fetch_library($vbulletin, 'regimage'); } } $db->close(); $image->print_image_from_string($imageinfo['answer'], $moveabout); } else { if ($vbulletin->GPC['userid']) { $vbulletin->input->clean_array_gpc('r', array('dateline' => TYPE_UINT)); $filedata = 'filedata'; if ($vbulletin->GPC['type'] == 'profile') { $table = 'customprofilepic'; $can_view_profile_pic = ($vbulletin->options['profilepicenabled'] and ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseeprofilepic'] or $vbulletin->userinfo['userid'] == $vbulletin->GPC['userid'])); if ($can_view_profile_pic) { require_once DIR . '/includes/functions_user.php'; if (!can_view_profile_section($vbulletin->GPC['userid'], 'profile_picture')) { $can_view_profile_pic = false; } } // No permissions to see profile pics if (!$can_view_profile_pic) { exec_shut_down(); // Update location with 'No permission to view profile picture' header('Content-type: image/gif'); readfile(DIR . '/' . $vbulletin->options['cleargifurl']); exit; } } else { if ($vbulletin->GPC['type'] == 'sigpic') { $table = 'sigpic'; } else {
print_no_permission(); } if (!($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_albums']) or !($permissions['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canviewalbum'])) { print_no_permission(); } $navbits = array(); // checks for specific types if ($vbulletin->GPC['albumid']) { if (!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers'])) { print_no_permission(); } $albuminfo = fetch_albuminfo($vbulletin->GPC['albumid']); if (!$albuminfo) { standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } if (!can_view_profile_section($albuminfo['userid'], 'albums')) { // private album that we can not see standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } if ($albuminfo['state'] == 'private' and !can_view_private_albums($albuminfo['userid'])) { // private album that we can not see standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } else { if ($albuminfo['state'] == 'profile' and !can_view_profile_albums($albuminfo['userid'])) { // profile album that we can not see standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } } $pictureinfo = fetch_pictureinfo($vbulletin->GPC['attachmentid'], $vbulletin->GPC['albumid']); $navbits = array(fetch_seo_url('member', $albuminfo) => construct_phrase($vbphrase['xs_profile'], $albuminfo['username']), 'album.php?' . $vbulletin->session->vars['sessionurl'] . "u={$albuminfo['userid']}" => $vbphrase['albums'], 'album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albuminfo['albumid']}" => $albuminfo['title_html']); } else {
/** * Constructs the profile pic code for display on the blog page * * @param array vBulletin userinfo array * * @return void */ function fetch_profilepic_html(&$userinfo) { global $vbulletin, $show; if (empty($userinfo['permissions'])) { cache_permissions($userinfo, false); } if ($vbulletin->options['profilepicenabled'] AND $userinfo['profilepic'] AND ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseeprofilepic'] OR $vbulletin->userinfo['userid'] == $userinfo['userid']) AND ($userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canprofilepic'] OR $userinfo['adminprofilepic'])) { // Kill the comparison code in the blog for vB 4.0 if (version_compare($vbulletin->options['templateversion'], '3.8.0', '>=')) { require_once(DIR . '/includes/functions_user.php'); if (!can_view_profile_section($userinfo['userid'], 'profile_picture')) { $show['profilepic'] = false; return; } } if ($vbulletin->options['usefileavatar']) { $userinfo['profilepicurl'] = $vbulletin->options['profilepicurl'] . '/profilepic' . $userinfo['userid'] . '_' . $userinfo['profilepicrevision'] . '.gif'; } else { $userinfo['profilepicurl'] = 'image.php?' . $vbulletin->session->vars['sessionurl'] . 'u=' . $userinfo['userid'] . "&dateline=$userinfo[profilepicdateline]&type=profile"; } $userinfo['ppwidthpx'] = intval($userinfo['ppwidth']); $userinfo['ppheightpx'] = intval($userinfo['ppheight']); if ($userinfo['ppwidthpx'] AND $userinfo['ppheightpx']) { $userinfo['ppwidth'] = 'width="' . $userinfo['ppwidthpx'] . '"'; $userinfo['ppheight'] = 'height="' . $userinfo['ppheightpx'] . '"'; } else { $userinfo['ppwidth'] = ''; $userinfo['ppheight'] = ''; } $show['profilepic'] = true; } else { $userinfo['profilepicurl'] = ''; $show['profilepic'] = false; } }
protected function fetchCanViewVisitorMessage($vmid) { if (!($message = $this->content['visitormessage'][$vmid])) { return false; } if (!($userinfo = $this->content['user'][$message['userid']])) { return false; } if ($userinfo['usergroupid'] == 4 and !(vB::$vbulletin->userinfo['permissions']['adminpermissions'] & vB::$vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) { return false; } if ($userinfo['vm_contactonly'] and !can_moderate(0, 'canmoderatevisitormessages') and $userinfo['userid'] != vB::$vbulletin->userinfo['userid'] and !$userinfo['bbuser_iscontact_of_user'] or !$userinfo['vm_enable'] and (!can_moderate(0, 'canmoderatevisitormessages') or vB::$vbulletin->userinfo['userid'] == $userinfo['userid'])) { return false; } if (!$this->fetchCanViewMembers() or !(vB::$vbulletin->userinfo['forumpermissions'] & vB::$vbulletin->bf_ugp_forumpermissions['canview']) or !(vB::$vbulletin->options['socnet'] & vB::$vbulletin->bf_misc_socnet['enable_visitor_messaging'])) { return false; } if (!$this->content['user'][$message['userid']]) { return false; } if (!can_view_profile_section($message['userid'], 'visitor_messaging')) { return false; } require_once DIR . '/includes/functions_visitormessage.php'; if ($message['state'] == 'moderation' and !fetch_visitor_message_perm('canmoderatevisitormessages', $this->content['user'][$message['userid']], $message) and $message['postuserid'] != vB::$vbulletin->userinfo['userid']) { return false; } return true; }