/**
  * Code to run after Saving a Visitor Message
  *
  * @param	boolean	Do the query?
  */
 function post_save_once($doquery = true)
 {
     $vmid = intval($this->fetch_field('vmid'));
     if (!$this->condition) {
         if ($this->fetch_field('userid')) {
             $this->insert_dupehash($this->fetch_field('userid'));
         }
     }
     if (!$this->info['profileuser']) {
         $this->info['profileuser'] = fetch_userinfo($this->fetch_field('userid'));
     }
     if ($this->info['profileuser'] and !in_coventry($this->fetch_field('postuserid'), true)) {
         $userdata =& datamanager_init('User', $this->registry, ERRTYPE_SILENT);
         $userdata->set_existing($this->info['profileuser']);
         if ($this->fetch_field('state') == 'visible') {
             if (!$this->condition and !$this->fetch_field('messageread')) {
                 // new vm, not been read, visible -> increase unread count
                 $userdata->set('vmunreadcount', 'vmunreadcount + 1', false);
             } else {
                 if ($this->condition and $this->fetch_field('messageread') and isset($this->existing['messageread']) and !$this->existing['messageread']) {
                     // existing vm going from unread to read -> decrease unread count
                     // isset() check ensures that messageread info was explicitly passed in
                     $userdata->set('vmunreadcount', 'vmunreadcount - 1', false);
                 }
             }
         }
         if ($this->fetch_field('state') == 'visible' and $this->existing['state'] == 'moderation') {
             // moderated message made visible -> decrease moderated count
             $userdata->set('vmmoderatedcount', 'vmmoderatedcount - 1', false);
         } else {
             if ($this->fetch_field('state') == 'moderation' and $this->fetch_field('state') != $this->existing['state']) {
                 // message is moderated and wasn't moderated before -> increase moderated count
                 $userdata->set('vmmoderatedcount', 'vmmoderatedcount + 1', false);
             }
         }
         $userdata->save();
     }
     if ($this->fetch_field('state') == 'moderation') {
         /*insert query*/
         $this->dbobject->query_write("\n\t\t\t\tINSERT IGNORE INTO " . TABLE_PREFIX . "moderation\n\t\t\t\t\t(primaryid, type, dateline)\n\t\t\t\tVALUES\n\t\t\t\t\t({$vmid}, 'visitormessage', " . TIMENOW . ")\n\t\t\t");
     } else {
         if ($this->fetch_field('state') == 'visible' and $this->existing['state'] == 'moderation') {
             // message was made visible, remove the moderation record
             $this->dbobject->query_write("\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "moderation\n\t\t\t\tWHERE primaryid = {$vmid} AND type = 'visitormessage'\n\t\t\t");
         }
     }
     ($hook = vBulletinHook::fetch_hook('visitormessagedata_postsave')) ? eval($hook) : false;
 }
Exemple #2
0
    }
    ($hook = vBulletinHook::fetch_hook('misc_showattachments_start')) ? eval($hook) : false;
    $forumperms = fetch_permissions($threadinfo['forumid']);
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
        print_no_permission();
    }
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or !$vbulletin->userinfo['userid'])) {
        print_no_permission();
    }
    $attachs = $db->query_read_slave("\n\t\tSELECT attachment.*\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tINNER JOIN " . TABLE_PREFIX . "attachment AS attachment ON (attachment.postid=post.postid AND attachment.visible=1)\n\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\tAND post.visible = 1\n\t\tORDER BY filename DESC\n\t");
    if ($db->num_rows($attachs)) {
        require_once DIR . '/includes/functions_bigthree.php';
        while ($attachment = $db->fetch_array($attachs)) {
            // hide users in Coventry
            $ast = '';
            if (in_coventry($attachment['userid']) and !can_moderate($threadinfo['forumid'])) {
                continue;
            }
            $attachment['filename'] = fetch_censored_text(htmlspecialchars_uni($attachment['filename']));
            $attachment['attachmentextension'] = strtolower(file_extension($attachment['filename']));
            $attachment['filesize'] = vb_number_format($attachment['filesize'], 1, true);
            exec_switch_bg();
            eval('$attachments .= "' . fetch_template('attachmentbit') . '";');
        }
        ($hook = vBulletinHook::fetch_hook('misc_showattachments_complete')) ? eval($hook) : false;
        eval('print_output("' . fetch_template('ATTACHMENTS') . '");');
    } else {
        eval(standard_error(fetch_error('noattachments')));
    }
}
// ############################### start show avatars ###############################
Exemple #3
0
/**
* Fetches and prepares posts for quoting. Returned text is BB code.
*
* @param	array	Array of post IDs to pull from
* @param	integer	The ID of the thread that is being quoted into
* @param	integer	Returns the number of posts that were unquoted because of the value of the next argument
* @param	array	Returns the IDs of the posts that were actually quoted
* @param	string	Controls what posts are successfully quoted: all, only (only the thread ID), other (only other thread IDs)
* @param	boolean	Whether to undo the htmlspecialchars calls; useful when returning HTML to be entered via JS
*/
function fetch_quotable_posts($quote_postids, $threadid, &$unquoted_posts, &$quoted_post_ids, $limit_thread = 'only', $unhtmlspecialchars = false)
{
    global $vbulletin;
    $unquoted_posts = 0;
    $quoted_post_ids = array();
    $quote_postids = array_diff_assoc(array_unique(array_map('intval', $quote_postids)), array(0));
    // limit to X number of posts
    if ($vbulletin->options['mqlimit'] > 0) {
        $quote_postids = array_slice($quote_postids, 0, $vbulletin->options['mqlimit']);
    }
    if (empty($quote_postids)) {
        // nothing to quote
        return '';
    }
    $hook_query_fields = $hook_query_joins = '';
    ($hook = vBulletinHook::fetch_hook('quotable_posts_query')) ? eval($hook) : false;
    $quote_post_data = $vbulletin->db->query_read_slave("\n\t\tSELECT post.postid, post.title, post.pagetext, post.dateline, post.userid, post.visible AS postvisible,\n\t\t\tIF(user.username <> '', user.username, post.username) AS username,\n\t\t\tthread.threadid, thread.title AS threadtitle, thread.postuserid, thread.visible AS threadvisible,\n\t\t\tforum.forumid, forum.password\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (post.userid = user.userid)\n\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread ON (post.threadid = thread.threadid)\n\t\tINNER JOIN " . TABLE_PREFIX . "forum AS forum ON (thread.forumid = forum.forumid)\n\t\t{$hook_query_joins}\n\t\tWHERE post.postid IN (" . implode(',', $quote_postids) . ")\n\t");
    $quote_posts = array();
    while ($quote_post = $vbulletin->db->fetch_array($quote_post_data)) {
        if ((!$quote_post['postvisible'] or $quote_post['postvisible'] == 2) and !can_moderate($quote_post['forumid']) or (!$quote_post['threadvisible'] or $quote_post['threadvisible'] == 2) and !can_moderate($quote_post['forumid'])) {
            // no permission to view this post
            continue;
        }
        $forumperms = fetch_permissions($quote_post['forumid']);
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($quote_post['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($quote_post['forumid'], $quote_post['password'], false) or in_coventry($quote_post['postuserid']) and !can_moderate($quote_post['forumid']) or in_coventry($quote_post['userid']) and !can_moderate($quote_post['forumid'])) {
            // no permission to view this post
            continue;
        }
        if ($limit_thread == 'only' and $quote_post['threadid'] != $threadid or $limit_thread == 'other' and $quote_post['threadid'] == $threadid or $limit_thread == 'all') {
            $unquoted_posts++;
            continue;
        }
        $skip_post = false;
        ($hook = vBulletinHook::fetch_hook('quotable_posts_logic')) ? eval($hook) : false;
        if ($skip_post) {
            continue;
        }
        $quote_posts["{$quote_post['postid']}"] = $quote_post;
    }
    $message = '';
    foreach ($quote_postids as $quote_postid) {
        if (!isset($quote_posts["{$quote_postid}"])) {
            continue;
        }
        $quote_post =& $quote_posts["{$quote_postid}"];
        $originalposter = fetch_quote_username($quote_post['username'] . ";{$quote_post['postid']}");
        $postdate = vbdate($vbulletin->options['dateformat'], $quote_post['dateline']);
        $posttime = vbdate($vbulletin->options['timeformat'], $quote_post['dateline']);
        $pagetext = htmlspecialchars_uni($quote_post['pagetext']);
        $pagetext = trim(strip_quotes($pagetext));
        ($hook = vBulletinHook::fetch_hook('newreply_quote')) ? eval($hook) : false;
        eval('$message .= "' . fetch_template('newpost_quote', 0, false) . '\\n";');
        $quoted_post_ids[] = $quote_postid;
    }
    if ($unhtmlspecialchars) {
        $message = unhtmlspecialchars($message);
    }
    return $message;
}
Exemple #4
0
	function post_save_each($doquery = true)
	{
		$blogid = intval($this->fetch_field('blogid'));
		$blogtextid = intval($this->fetch_field('blogtextid'));
		$userid = intval($this->fetch_field('userid'));

		$this->post_save_each_blogtext($doquery);

		require_once(DIR . '/vb/search/indexcontroller/queue.php');
		vb_Search_Indexcontroller_Queue::indexQueue('vBBlog', 'BlogComment', 'index', $blogtextid);

		require_once(DIR . '/vb/search/indexcontroller/queue.php');
		vb_Search_Indexcontroller_Queue::indexQueue('vBBlog', 'BlogComment', 'index', $blogtextid);

		if ($this->info['blog'] AND ($attach = intval($this->info['newattach']) OR !$this->condition))
		{
			// things that apply to a new comment and an edit
			$blog =& datamanager_init('Blog', $this->registry, ERRTYPE_SILENT, 'blog');
			$blog->set_existing($this->info['blog']);

			if ($attach)
			{
				$blog->set('attach', "attach + $attach", false);
			}
		}

		if (!$this->condition)
		{ // things that apply just to a new comment
			if ($this->fetch_field('dateline') == TIMENOW)
			{
				$this->insert_dupehash($this->fetch_field('blogid'));
			}

			if ($this->fetch_field('state') == 'visible' AND $this->info['blog'] AND $this->info['blog']['state'] == 'visible')
			{
				$blog->set('comments_visible', 'comments_visible + 1', false);


				if (in_coventry($userid, true))
				{
					// posted by someone in coventry, so don't update the blog last post time
					// just put it in this person's tachy last post table

					$replaceval = "$userid,
						$blogid,
						" . intval(TIMENOW) . ",
						'" . $this->dbobject->escape_string($this->fetch_field('username')) . "',
						$blogtextid
					";

					$this->dbobject->query_write("
						REPLACE INTO " . TABLE_PREFIX . "blog_tachyentry
							(userid, blogid, lastcomment, lastcommenter, lastblogtextid)
						VALUES
							($replaceval)
					");
				}
				else
				{
					$blog->set('lastcomment', TIMENOW);
					$blog->set('lastcommenter', $this->fetch_field('username'));
					$blog->set('lastblogtextid', $blogtextid);

					// empty out the tachy posts for this blog
					$this->dbobject->query_write("
						DELETE FROM " . TABLE_PREFIX . "blog_tachyentry
						WHERE blogid = $blogid
					");

					// Send Email Notification
					if ($this->registry->options['enableemail'])
					{
						$lastposttime = $this->dbobject->query_first("
							SELECT MAX(dateline) AS dateline
							FROM " . TABLE_PREFIX . "blog_text AS blog_text
							WHERE blogid = $blogid
								AND dateline < " . $this->fetch_field('dateline') . "
								AND state = 'visible'
						");

						$entrytitle = unhtmlspecialchars($this->info['blog']['title']);
						if (defined('VBBLOG_PERMS') AND $this->registry->userinfo['userid'] == $this->info['blog']['userid'])
						{
							$blogtitle = unhtmlspecialchars($this->registry->userinfo['blog_title']);
							$username = unhtmlspecialchars($this->registry->userinfo['username']);
							$userinfo =& $this->registry->userinfo;
						}
						else
						{
							if (!defined('VBBLOG_PERMS'))
							{	// Tell the fetch_userinfo plugin that we need the blog fields in case this class is being called by a non blog script
								define('VBBLOG_PERMS', true);
							}
							$userinfo = fetch_userinfo($this->info['blog']['userid'], 1);
							cache_permissions($userinfo, false);
							$blogtitle = unhtmlspecialchars($userinfo['blog_title']);
							if ($userinfo['userid'] != $this->fetch_field('userid'))
							{
								$userinfo2 = fetch_userinfo($this->fetch_field('userid'), 1);
								$username = unhtmlspecialchars($userinfo2['username']);
							}
							else
							{
								$username = unhtmlspecialchars($userinfo['username']);
							}
						}

						require_once(DIR . '/includes/class_bbcode_alt.php');
						$plaintext_parser = new vB_BbCodeParser_PlainText($this->registry, fetch_tag_list());
						$pagetext_cache = array(); // used to cache the results per languageid for speed

						$pagetext_orig =& $this->fetch_field('pagetext');

						($hook = vBulletinHook::fetch_hook('blog_post_notification_start')) ? eval($hook) : false;

						$useremails = $this->dbobject->query_read_slave("
							SELECT
								user.*,
								blog_subscribeentry.blogsubscribeentryid,
								blog_moderator.blogmoderatorid,
								ignored.relationid AS ignoreid,
								buddy.relationid AS buddyid,
								blog.categories,
								blog.options
							FROM " . TABLE_PREFIX . "blog_subscribeentry AS blog_subscribeentry
							INNER JOIN " . TABLE_PREFIX . "user AS user ON (blog_subscribeentry.userid = user.userid)
							LEFT JOIN " . TABLE_PREFIX . "blog_moderator AS blog_moderator ON (blog_moderator.userid = user.userid)
							LEFT JOIN " . TABLE_PREFIX . "userlist AS buddy ON (buddy.userid = $userinfo[userid] AND buddy.relationid = user.userid AND buddy.type = 'buddy')
							LEFT JOIN " . TABLE_PREFIX . "userlist AS ignored ON (ignored.userid = $userinfo[userid] AND ignored.relationid = user.userid AND ignored.type = 'ignore')
							LEFT JOIN " . TABLE_PREFIX . "blog AS blog ON (blog.blogid = blog_subscribeentry.blogid)
							WHERE blog_subscribeentry.blogid = $blogid AND
								blog_subscribeentry.type = 'email' AND
								user.usergroupid <> 3 AND
								user.userid <> " . intval($userid) . " AND
								user.lastactivity >= " . intval($lastposttime['dateline']) . "
						");

						vbmail_start();

						$evalemail = array();
						while ($touser = $this->dbobject->fetch_array($useremails))
						{
							if (!($this->registry->usergroupcache["$touser[usergroupid]"]['genericoptions'] & $this->registry->bf_ugp_genericoptions['isnotbannedgroup']))
							{
								continue;
							}

							cache_permissions($touser, false);
							// Check if entry is private, only send to blog owner, contacts, and moderators if so
							if ($touser['options'] & $this->bitfields['options']['private'] AND !$touser['blogmoderatorid'] AND !$touser['buddyid'] AND !is_member_of_blog($touser, $userinfo))
							{
								continue;
							}

							prepare_blog_category_permissions($touser);
							$entrycats = explode(',', $touser['categories']);
							if (array_intersect($touser['blogcategorypermissions']['cantview'], $entrycats) AND $userinfo['userid'] != $touser['userid'])
							{
								continue;
							}
							else if ($userinfo['userid'] != $touser['userid'] AND !($touser['permissions']['vbblog_general_permissions'] & $this->registry->bf_ugp_vbblog_general_permissions['blog_canviewothers']))
							{
								continue;
							}
							else if ($userinfo['userid'] == $touser['userid'] AND !($touser['permissions']['vbblog_general_permissions'] & $this->registry->bf_ugp_vbblog_general_permissions['blog_canviewown']))
							{
								continue;
							}
							else if (
								!$touser['blogmoderatorid']
									AND
								!($touser['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel'])
									AND
								!($touser['permissions']['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['ismoderator'])
									AND
								(!$userinfo['ignore_canviewmyblog'] OR !$touser['ignoreid'])
									AND
								(!$userinfo['buddy_canviewmyblog'] OR !$touser['buddyid'])
									AND
								(!$userinfo['member_canviewmyblog'] OR (!$userinfo['buddy_canviewmyblog'] AND $touser['budyid']) OR (!$userinfo['ignore_canviewmyblog'] AND $touser['ignoreid']))
									AND
								!is_member_of_blog($touser, $userinfo)
							)
							{
								continue;
							}

							$touser['username'] = unhtmlspecialchars($touser['username']);
							$touser['languageid'] = iif($touser['languageid'] == 0, $this->registry->options['languageid'], $touser['languageid']);
							$touser['auth'] = md5($touser['userid'] . $touser['blogsubscribeentryid'] . $touser['salt'] . COOKIE_SALT);

							if (empty($evalemail))
							{
								$email_texts = $this->dbobject->query_read_slave("
									SELECT text, languageid, fieldname
									FROM " . TABLE_PREFIX . "phrase
									WHERE fieldname IN ('emailsubject', 'emailbody') AND varname = 'blog_entry_notify'
								");

								while ($email_text = $this->dbobject->fetch_array($email_texts))
								{
									$emails["$email_text[languageid]"]["$email_text[fieldname]"] = $email_text['text'];
								}

								require_once(DIR . '/includes/functions_misc.php');

								foreach ($emails AS $languageid => $email_text)
								{
									// lets cycle through our array of notify phrases
									$text_message = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailbody']), $emails['-1']['emailbody'], $email_text['emailbody'])));
									$text_message = replace_template_variables($text_message);
									$text_subject = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailsubject']), $emails['-1']['emailsubject'], $email_text['emailsubject'])));
									$text_subject = replace_template_variables($text_subject);

									$evalemail["$languageid"] = '
										$message = "' . $text_message . '";
										$subject = "' . $text_subject . '";
									';
								}
							}

							// parse the page text into plain text, taking selected language into account
							if (!isset($pagetext_cache["$touser[languageid]"]))
							{
								$plaintext_parser->set_parsing_language($touser['languageid']);
								$pagetext_cache["$touser[languageid]"] = $plaintext_parser->parse($pagetext_orig);
							}
							$pagetext = $pagetext_cache["$touser[languageid]"];

							($hook = vBulletinHook::fetch_hook('blog_post_notification_message')) ? eval($hook) : false;

							eval(iif(empty($evalemail["$touser[languageid]"]), $evalemail["-1"], $evalemail["$touser[languageid]"]));

							vbmail($touser['email'], $subject, $message);
						}

						unset($plaintext_parser, $pagetext_cache);

						vbmail_end();
					}
				}
			}
			else if ($this->fetch_field('state') == 'moderation' AND $this->info['blog'])
			{
				$blog->set('comments_moderation', 'comments_moderation + 1', false);
			}
		}

		if ($this->condition AND $this->info['emailupdate'] == 'none' AND ($userid != $this->registry->userinfo['userid'] OR ($userid == $this->registry->userinfo['userid'] AND $this->info['blog']['entrysubscribed'])))
		{
			$this->dbobject->query_write("
				DELETE FROM " . TABLE_PREFIX . "blog_subscribeentry
				WHERE blogid = $blogid AND userid = $userid
			");
		}
		else if ($this->info['emailupdate'] == 'email' OR $this->info['emailupdate'] == 'usercp')
		{
			$this->dbobject->query_write("
				REPLACE INTO " . TABLE_PREFIX . "blog_subscribeentry
				(blogid, dateline, type, userid)
				VALUES
				($blogid, " . TIMENOW . ", '" . $this->info['emailupdate'] . "', $userid)
			");
		}

		if (is_object($blog))
		{
			$blog->save();
		}

		if (!$this->condition)
		{
			if ($this->fetch_field('state') == 'moderation' AND $this->info['blog'])
			{
				$blogman =& datamanager_init('Blog_User', $this->registry, ERRTYPE_SILENT);
				$userinfo = array('bloguserid' => $this->info['blog']['userid']);
				$blogman->set_existing($userinfo);
				$blogman->set('comments_moderation', 'comments_moderation + 1', false);
				$blogman->save();
			}
		}

		if ($this->fetch_field('state') == 'moderation')
		{
			/*insert query*/
			$this->dbobject->query_write("INSERT IGNORE INTO " . TABLE_PREFIX . "blog_moderation (primaryid, type, dateline) VALUES ($blogtextid, 'blogtextid', " . TIMENOW . ")");
		}

		// Email blog owner here based on their settings

		($hook = vBulletinHook::fetch_hook('blog_textdata_postsave')) ? eval($hook) : false;
	}
Exemple #5
0
 /**
  * Prepares the User's last post information
  *
  */
 function prepare_lastpost()
 {
     global $show, $vbphrase;
     $this->prepared['lastposttitle'] = '';
     if ($this->registry->options['profilelastpost'] and $this->userinfo['lastpost'] and !in_coventry($this->userinfo['userid'])) {
         if ($this->userinfo['lastpostid'] and $getlastpost = $this->registry->db->query_first_slave("\n\t\t\t\tSELECT thread.title, thread.threadid, thread.forumid, post.postid, post.dateline\n\t\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\t\t\tWHERE post.postid = " . $this->userinfo['lastpostid'] . "\n\t\t\t\t\tAND post.visible = 1\n\t\t\t\t\tAND thread.visible = 1\n\t\t\t")) {
             $getperms = fetch_permissions($getlastpost['forumid']);
             if ($getperms & $this->registry->bf_ugp_forumpermissions['canview']) {
                 $this->prepared['lastposttitle'] = $getlastpost['title'];
                 $this->prepared['lastposturl'] = 'showthread.php?' . $this->registry->session->vars['sessionurl'] . "p={$getlastpost['postid']}#post{$getlastpost['postid']}";
                 $this->prepared['lastpostdate'] = vbdate($this->registry->options['dateformat'], $getlastpost['dateline'], true);
                 $this->prepared['lastposttime'] = vbdate($this->registry->options['timeformat'], $getlastpost['dateline']);
             }
         }
         if ($this->prepared['lastposttitle'] === '') {
             $getlastposts = $this->registry->db->query_read_slave("\n\t\t\t\t\tSELECT thread.title, thread.threadid, thread.forumid, post.postid, post.dateline\n\t\t\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\t\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\t\t\t\tWHERE thread.visible = 1\n\t\t\t\t\t\tAND post.userid  = " . $this->userinfo['userid'] . "\n\t\t\t\t\t\tAND post.visible = 1\n\t\t\t\t\tORDER BY post.dateline DESC\n\t\t\t\t\tLIMIT 20\n\t\t\t\t");
             while ($getlastpost = $this->registry->db->fetch_array($getlastposts)) {
                 $getperms = fetch_permissions($getlastpost['forumid']);
                 if ($getperms & $this->registry->bf_ugp_forumpermissions['canview']) {
                     $this->prepared['lastposttitle'] = $getlastpost['title'];
                     $this->prepared['lastposturl'] = 'showthread.php?' . $this->registry->session->vars['sessionurl'] . "p={$getlastpost['postid']}#post{$getlastpost['postid']}";
                     $this->prepared['lastpostdate'] = vbdate($this->registry->options['dateformat'], $getlastpost['dateline'], true);
                     $this->prepared['lastposttime'] = vbdate($this->registry->options['timeformat'], $getlastpost['dateline']);
                     break;
                 }
             }
         }
     }
     $this->prepared['lastpost'] = true;
 }
Exemple #6
0
	/**
	* Determines whether the post should actually be displayed.
	*
	* @return	bool	True if the post should be displayed; false otherwise
	*/
	function is_displayable()
	{
		// hide users in Coventry from non-staff members
		if ($tachyuser = in_coventry($this->post['userid']) AND !can_moderate($this->thread['forumid']))
		{
			return false;
		}
		return true;
	}
	/**
	* Create a message object for the specified message
	*
	* @param	array	message information
	*
	* @return	vB_Visitor_Message
	*/
	function &create($message, $type = '')
	{
		$class_name = 'vB_Visitor_Message_';

		if ($type)
		{
			$class_name .= $type . '_';
		}

		switch ($message['state'])
		{
			case 'deleted':
				$class_name .= 'Deleted';
				break;

			case 'moderation':
			case 'visible':
			default:
			{
				if (in_coventry($message['userid']) AND !empty($message['ignored']))
				{
					$class_name .= 'Global_Ignored';
				}
				else if (!empty($message['ignored']))
				{
					$class_name .= 'Ignored';
				}
				else
				{
					$class_name .= 'Message';
				}
			}
		}

		($hook = vBulletinHook::fetch_hook('visitor_messagebit_factory')) ? eval($hook) : false;

		if (class_exists($class_name, false))
		{
			return new $class_name($this->registry, $this, $this->bbcode, $this->userinfo, $message);
		}
		else
		{
			trigger_error('vB_Visitor_MessageFactory::create(): Invalid type ' . htmlspecialchars_uni($class_name) . '.', E_USER_ERROR);
		}
	}
Exemple #8
0
 $pagenum = $vbulletin->GPC['pagenumber'] > 0 ? $vbulletin->GPC['pagenumber'] : 1;
 $maxpages = ceil($search['resultcount'] / $perpage);
 if ($pagenum > $maxpages) {
     $pagenum = $maxpages;
 }
 if (!$vbulletin->GPC['start']) {
     $vbulletin->GPC['start'] = ($pagenum - 1) * $perpage;
     $previous_results = $vbulletin->GPC['start'];
 } else {
     $previous_results = ($pagenum - 1) * $perpage;
 }
 $previouspage = $pagenum - 1;
 $nextpage = $pagenum + 1;
 $hook_query_fields = $hook_query_joins = $hook_query_where = '';
 ($hook = vBulletinHook::fetch_hook('blog_search_results_query')) ? eval($hook) : false;
 $results = $db->query_read("\r\n\t\tSELECT blog.*, blog_searchresult.offset, IF(blog_user.title <> '', blog_user.title, blog.username) AS blogtitle\r\n\t\t" . (($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) ? "\r\n\t\t,IF(blog_tachyentry.userid IS NULL, blog.lastcomment, blog_tachyentry.lastcomment) AS lastcomment\r\n\t\t,IF(blog_tachyentry.userid IS NULL, blog.lastcommenter, blog_tachyentry.lastcommenter) AS lastcommenter\r\n\t\t,IF(blog_tachyentry.userid IS NULL, blog.lastblogtextid, blog_tachyentry.lastblogtextid) AS lastblogtextid\r\n\t\t" : "") . "\r\n\t\t\t{$hook_query_fields}\r\n\t\tFROM " . TABLE_PREFIX . "blog_searchresult AS blog_searchresult\r\n\t\tINNER JOIN " . TABLE_PREFIX . "blog AS blog ON (blog_searchresult.id = blog.blogid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "blog_user AS blog_user ON (blog_user.bloguserid = blog.userid)\r\n\t\t" . (($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) ? "\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "blog_tachyentry AS blog_tachyentry ON (blog_tachyentry.blogid = blog.blogid AND blog_tachyentry.userid = " . $vbulletin->userinfo['userid'] . ")\r\n\t\t" : "") . "\r\n\t\t{$hook_query_joins}\r\n\t\tWHERE blog_searchresult.blogsearchid = {$search['blogsearchid']}\r\n\t\t\tAND blog_searchresult.offset >= " . $vbulletin->GPC['start'] . "\r\n\t\t{$hook_query_where}\r\n\t\tORDER BY offset\r\n\t\tLIMIT {$perpage}\r\n\t");
 $resultbits = '';
 while ($blog = $db->fetch_array($results)) {
     $canmoderation = (can_moderate_blog('canmoderatecomments') or $vbulletin->userinfo['userid'] == $blog['userid']);
     $blog['trackbacks_total'] = $blog['trackback_visible'] + ($canmoderation ? $blog['trackback_moderation'] : 0);
     $blog['comments_total'] = $blog['comments_visible'] + ($canmoderation ? $blog['comments_moderation'] : 0);
     $blog['lastcommenter_encoded'] = urlencode($blog['lastcommenter']);
     $blog['lastposttime'] = vbdate($vbulletin->options['timeformat'], $blog['lastcomment']);
     $blog['lastpostdate'] = vbdate($vbulletin->options['dateformat'], $blog['lastcomment'], true);
     $show['blogtitle'] = $blog['blogtitle'] != $blog['username'];
     $templater = vB_Template::create('blog_search_results_result');
     $templater->register('blog', $blog);
     $resultbits .= $templater->render();
 }
 $next_result = $previous_results + $db->num_rows($results) + 1;
 $show['next_page'] = $next_result <= $search['resultcount'];
/**
 * Fetches the Picture Comment HTML for a single picture
 *
 * @param	array	Information regarding the picture
 * @param	array	(return) Statistics regarding the messages shown
 * @param	integer	The current page pumber
 * @param	integer	The number of comments per page
 * @param	integer	A specific comment ID to focus on (causes pagenumber to be ignored)
 * @param	boolean	Whether to show ignored messages in their full
 *
 * @return	string	The HTML for the picture comments
 *
 */
function fetch_picturecommentbits($pictureinfo, &$messagestats, &$pagenumber, &$perpage, $commentid = 0, $showignored = false)
{
	global $vbulletin, $vbphrase, $show;

	require_once(DIR . '/includes/class_bbcode.php');
	require_once(DIR . '/includes/class_picturecomment.php');

	if ($vbulletin->options['globalignore'] != '' AND !can_moderate(0, 'candeletepicturecomments') AND !can_moderate(0, 'canremovepicturecomments'))
	{
		require_once(DIR . '/includes/functions_bigthree.php');

		$coventry = fetch_coventry('string');
	}

	$messagestats = array();
	$state = array('visible');
	$state_or = array();
	if (fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo))
	{
		$state[] = 'moderation';
	}
	else if ($vbulletin->userinfo['userid'])
	{
		$state_or[] = "(picturecomment.postuserid = " . $vbulletin->userinfo['userid'] . " AND state = 'moderation')";
	}

	if (can_moderate(0, 'canmoderatepicturecomments') OR ($vbulletin->userinfo['userid'] == $pictureinfo['userid'] AND $vbulletin->userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canmanagepiccomment']))
	{
		$state[] = 'deleted';
		$deljoinsql = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (picturecomment.commentid = deletionlog.primaryid AND deletionlog.type = 'picturecomment')";
	}
	else
	{
		$deljoinsql = '';
	}

	$state_or[] = "picturecomment.state IN ('" . implode("','", $state) . "')";

	$perpage = (!$perpage OR $perpage > $vbulletin->options['pc_maxperpage']) ? $vbulletin->options['pc_perpage'] : $perpage;

	if ($commentid AND $commentinfo = fetch_picturecommentinfo($pictureinfo['filedataid'], $pictureinfo['userid'], $commentid))
	{
		$getpagenum = $vbulletin->db->query_first("
			SELECT COUNT(*) AS comments
			FROM " . TABLE_PREFIX . "picturecomment AS picturecomment
			WHERE
				filedataid = $pictureinfo[filedataid]
					AND
				userid = $pictureinfo[userid]
					AND
				(" . implode(" OR ", $state_or) . ")
					AND
				dateline <= $commentinfo[dateline]
			" . ($coventry ? "AND picturecomment.postuserid NOT IN (" . $coventry . ")" : '' ) . "
		");
		$pagenumber = ceil($getpagenum['comments'] / $perpage);
	}

	do
	{
		if (!$pagenumber)
		{
			$pagenumber = 1;
		}
		$start = ($pagenumber - 1) * $perpage;

		$hook_query_fields = $hook_query_joins = $hook_query_where = '';
		($hook = vBulletinHook::fetch_hook('picture_comment_query')) ? eval($hook) : false;

		$messagebits = '';
		$messages = $vbulletin->db->query_read("
			SELECT SQL_CALC_FOUND_ROWS
				picturecomment.*, user.*, picturecomment.ipaddress AS messageipaddress
				" . ($deljoinsql ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "
				" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, filedata_thumb, NOT ISNULL(customavatar.userid) AS hascustom" : "") . "
				$hook_query_fields
			FROM " . TABLE_PREFIX . "picturecomment AS picturecomment
			LEFT JOIN " . TABLE_PREFIX . "user AS user ON (picturecomment.postuserid = user.userid)
			" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid)
			LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "
			$deljoinsql
			$hook_query_joins
			WHERE
				picturecomment.filedataid = $pictureinfo[filedataid]
					AND
				picturecomment.userid = $pictureinfo[userid]
					AND (" . implode(" OR ", $state_or) . ")
			" . ($coventry ? "AND picturecomment.postuserid NOT IN (" . $coventry . ")" : '' ) . "
				$hook_query_where
			ORDER BY picturecomment.dateline
			LIMIT $start, $perpage
		");

		list($messagestats['total']) = $vbulletin->db->query_first("SELECT FOUND_ROWS()", DBARRAY_NUM);
		if ($start >= $messagestats['total'])
		{
			$pagenumber = ceil($messagestats['total'] / $perpage);
		}
	}
	while ($start >= $messagestats['total'] AND $messagestats['total']);

	$messagestats['start'] = $start + 1;
	$messagestats['end'] = min($start + $perpage, $messagestats['total']);

	$bbcode = new vB_BbCodeParser($vbulletin, fetch_tag_list());
	$factory = new vB_Picture_CommentFactory($vbulletin, $bbcode, $pictureinfo);

	$messagebits = '';

	$firstrecord = array();
	$read_ids = array();

	if ($vbulletin->userinfo['userid'] AND !$showignored)
	{
		$ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
	}
	else
	{
		$ignorelist = array();
	}

	while ($message = $vbulletin->db->fetch_array($messages))
	{
		if (!$firstrecord)
		{
			$firstrecord = $message;
		}

		if ($ignorelist AND in_array($message['postuserid'], $ignorelist))
		{
			$message['ignored'] = true;
		}

		if (!$showignored AND in_coventry($message['postuserid']))
		{
			$message['ignored'] = true;
		}

		$response_handler =& $factory->create($message);
		$response_handler->cachable = false;
		$messagebits .= $response_handler->construct();

		if (!$message['messageread'] AND $message['state'] == 'visible' AND $pictureinfo['userid'] == $vbulletin->userinfo['userid'])
		{
			$read_ids[] = $message['commentid'];
		}

		$messagestats['lastcomment'] = $message['dateline'];
	}

	if ($pictureinfo['userid'] == $vbulletin->userinfo['userid'])
	{
		$readpcs = 0;

		if (!empty($read_ids))
		{
			$readpcs = sizeof($read_ids);
			$vbulletin->db->query_write("UPDATE " . TABLE_PREFIX . "picturecomment SET messageread = 1 WHERE commentid IN (" . implode(',', $read_ids) . ")");
		}

		if ($vbulletin->userinfo['pcunreadcount'] - $readpcs > 0 AND $vbulletin->options['globalignore'] != '')
		{
			build_picture_comment_counters($vbulletin->userinfo['userid']);
		}
		else if ($readpcs)
		{
			$vbulletin->db->query_write("
				UPDATE " . TABLE_PREFIX . "user
				SET
					 pcunreadcount = IF(pcunreadcount >= $readpcs, pcunreadcount - $readpcs, 0)
				WHERE
					userid = " . $vbulletin->userinfo['userid']
			);
		}
	}
	$messagestats['perpage'] = $perpage;

	$show['delete'] = fetch_user_picture_message_perm('candeletemessages', $pictureinfo);
	$show['undelete'] = fetch_user_picture_message_perm('canundeletemessages', $pictureinfo);
	$show['approve'] = fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo);
	$show['inlinemod'] = ($show['delete'] OR $show['undelete'] OR $show['approve']);

	return $messagebits;
}
/**
* Fetches information about the selected custompage with permission checks
*
* @param	integer	The custompage we want info about
* @param	string	The type of customblock that we are working with (page or block)
* @param	bool		Should an error be displayed when block is not found
* @param	bool		Should a permission check be performed as well
*
* @return	array	Array of information about the custom page or prints an error if it doesn't exist / permission problems
*/
function verify_blog_customblock($customblockid, $type = null, $alert = true, $perm_check = true)
{
	global $vbulletin, $vbphrase;

	if (!($blockinfo = fetch_customblock_info($customblockid)))
	{
		if ($alert)
		{
			standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
		}
		else
		{
			return 0;
		}
	}
	else if ($type AND $blockinfo['type'] != $type)
	{
		standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
	}

	$blockinfo['userinfo'] = verify_id('user', $blockinfo['userid'], 1, 1, 10);

	if ($perm_check)
	{
		if ($vbulletin->userinfo['userid'] != $blockinfo['userinfo']['userid'] AND empty($blockinfo['userinfo']['bloguserid']))
		{
			standard_error(fetch_error('blog_noblog', $blockinfo['userinfo']['username']));
		}

		if (!$blockinfo['userinfo']['canviewmyblog'])
		{
			print_no_permission();
		}
		if (in_coventry($blockinfo['userinfo']['userid']) AND !can_moderate_blog())
		{
			standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
		}

		if ($vbulletin->userinfo['userid'] == $blockinfo['userinfo']['userid'] AND !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']))
		{
			print_no_permission();
		}

		if ($vbulletin->userinfo['userid'] != $blockinfo['userinfo']['userid'] AND !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']))
		{
			// Can't view other's entries so off you go to your own blog.
			exec_header_redirect("blog.php?$session[sessionurl]u=" . $vbulletin->userinfo['userid']);
		}
	}

	return $blockinfo;
}
Exemple #11
0
function get_article_comments($article, $associated_thread_id, $userinfo, &$pageno, &$perpage, &$total)
{
    require_once DIR . '/includes/functions_misc.php';
    require_once DIR . '/includes/functions.php';
    require_once DIR . '/includes/functions_databuild.php';
    require_once DIR . '/includes/functions_bigthree.php';
    $posts_out = array();
    fetch_phrase_group('posting');
    $threadinfo = verify_id('thread', $associated_thread_id, 0, 1);
    $foruminfo = verify_id('forum', $threadinfo['forumid'], 0, 1);
    //First let's see if we have forum/thread view permissions. If not,
    // we're done
    if (!($permissions = can_view_thread($article->getNodeId(), $userinfo))) {
        return array();
    }
    $forumperms = fetch_permissions($threadinfo['forumid']);
    //Normally this thread will be wide open, so let's get the list first
    // without checking. We'll verify each post anyway.
    //get our results
    $results = get_comments($permissions, $associated_thread_id);
    $record_count = count($results);
    if (!$results or !count($results)) {
        return array();
    }
    //we accept the parameter "last" for pageno.
    if ($pageno == FR_LAST_POST) {
        $pageno = intval(($record_count + $perpage - 1) / $perpage);
        $first = ($pageno - 1) * $perpage;
    } else {
        $pageno = max(1, intval($pageno));
        $first = $perpage * ($pageno - 1);
    }
    //Let's trim off the results we need.
    //This also tells us if we should show the "next" button.
    $post_array = array_slice($results, $first, $perpage, true);
    if (!$post_array) {
        return array();
    }
    $firstpostid = false;
    $displayed_dateline = 0;
    if (vB::$vbulletin->options['threadmarking'] and vB::$vbulletin->userinfo['userid']) {
        $threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - vB::$vbulletin->options['markinglimit'] * 86400);
    } else {
        $threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
        if (!$threadview) {
            $threadview = vB::$vbulletin->userinfo['lastvisit'];
        }
    }
    require_once DIR . '/includes/functions_user.php';
    $show['inlinemod'] = false;
    $postids = array();
    $postids = ' post.postid in (' . implode(', ', $post_array) . ')';
    $posts = vB::$vbulletin->db->query_read($sql = "\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t    user.*, userfield.*, usertextfield.*,\n\t    " . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t    " . iif(vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t    " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t    " . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n\t    editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n\t    editlog.reason AS edit_reason, editlog.hashistory,\n\t    postparsed.pagetext_html, postparsed.hasimages,\n\t    sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t    sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t    IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,\n\t    customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight\n\t    " . iif(!($permissions['genericpermissions'] & vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), vB::$vbulletin->profilefield['hidden']) . "\n\t    {$hook_query_fields}\n\t    FROM " . TABLE_PREFIX . "post AS post\n\t    LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t    LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t    LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t    " . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t    " . iif(vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t    " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t    {$deljoin}\n\t    LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t    LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t    LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t    LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t    LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)\n\t    {$hook_query_joins}\n\t    WHERE {$postids}\n\t    ORDER BY post.dateline\n\t    ");
    if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
        vB::$vbulletin->options['attachthumbs'] = 0;
    }
    if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
        vB::$vbulletin->options['viewattachedimages'] = 0;
    }
    $postcount = count($postid_array);
    $counter = 0;
    $postbits = '';
    vB::$vbulletin->noheader = true;
    while ($post = vB::$vbulletin->db->fetch_array($posts)) {
        if (!$privileges['can_moderate_forums']) {
            if ($privileges['is_coventry'] or $post['visible'] == 2) {
                continue;
            }
        }
        // post/thread is deleted by moderator and we don't have permission to see it
        if (!($post['visible'] or $privileges['can_moderate_posts'])) {
            continue;
        }
        if (!intval($post['userid'])) {
            $post['avatarid'] = false;
        } else {
            if (!$post['hascustomavatar']) {
                if ($post['profilepic']) {
                    $post['hascustomavatar'] = 1;
                    $post['avatarid'] = true;
                    $post['avatarpath'] = "./image.php?u=" . $post['userid'] . "&amp;dateline=" . $post['profilepicdateline'] . "&amp;type=profile";
                    $post['avwidth'] = $post['ppwidth'];
                    $post['avheight'] = $post['ppheight'];
                } else {
                    $post['hascustomavatar'] = 1;
                    $post['avatarid'] = true;
                    // explicity setting avatarurl to allow guests comments to show unknown avatar
                    $post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif';
                    $post['avwidth'] = 60;
                    $post['avheight'] = 60;
                }
            }
        }
        if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
            continue;
        }
        if ($post['visible'] == 1 and !$tachyuser) {
            ++$counter;
            if ($postorder) {
                $post['postcount'] = --$postcount;
            } else {
                $post['postcount'] = ++$postcount;
            }
        }
        if ($tachyuser) {
            $fetchtype = 'post_global_ignore';
        } else {
            if ($ignore["{$post['userid']}"]) {
                $fetchtype = 'post_ignore';
            } else {
                if ($post['visible'] == 2) {
                    $fetchtype = 'post_deleted';
                } else {
                    $fetchtype = 'post';
                }
            }
        }
        if (vB::$vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
            $fetchtype = 'post';
        }
        if (!$firstpostid) {
            $firstpostid = $post['postid'];
        }
        $post['islastshown'] = $post['postid'] == $lastpostid;
        $post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1);
        $post['islastshown'] = $post['postid'] == $lastpostid;
        $post['attachments'] = $postattach["{$post['postid']}"];
        $canedit = false;
        if (!$threadinfo['isdeleted'] and !$post['isdeleted'] and (can_moderate($threadinfo['forumid'], 'caneditposts') or $threadinfo['open'] and $post['userid'] == vB::$vbulletin->userinfo['userid'] and $forumperms & vB::$vbulletin->bf_ugp_forumpermissions['caneditpost'] and ($post['dateline'] >= TIMENOW - vB::$vbulletin->options['edittimelimit'] * 60 or vB::$vbulletin->options['edittimelimit'] == 0))) {
            $canedit = true;
        }
        // Get post date/time
        $postdate = vbdate(vB::$vbulletin->options['dateformat'], $post['dateline'], 1);
        $posttime = vbdate(vB::$vbulletin->options['timeformat'], $post['dateline']);
        $attachments = array();
        $fr_images = array();
        // Attachments (images).
        if (count($post['attachments']) > 0) {
            foreach ($post['attachments'] as $attachment) {
                $lfilename = strtolower($attachment['filename']);
                if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
                    $fr_images[] = array('img' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'], 'tmb' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1');
                }
            }
        }
        // Parse the post for quotes and inline images
        list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], false);
        if (count($fr_images) > 0) {
            $text .= "<br/>";
            foreach ($fr_images as $attachment) {
                $text .= "<img src=\"{$attachment['img']}\"/>";
            }
        }
        foreach ($images as $image) {
            $fr_images[] = array('img' => $image);
        }
        $avatarurl = '';
        // Avatar work
        if (vB::$vbulletin->options['avatarenabled']) {
            require_once DIR . '/includes/functions_user.php';
            $userinfo = fetch_userinfo($post['userid'], FETCH_USERINFO_AVATAR);
            fetch_avatar_from_userinfo($userinfo);
            if ($userinfo['avatarurl']) {
                $avatarurl = process_avatarurl($userinfo['avatarurl']);
            }
        }
        $tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'], 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images, 'image_thumbs' => array());
        // Soft Deleted
        if ($post['visible'] == 2) {
            $tmp['deleted'] = true;
            $tmp['del_username'] = prepare_utf8_string($post['del_username']);
            if ($post['del_reason']) {
                $tmp['del_reason'] = prepare_utf8_string($post['del_reason']);
            }
        } else {
            $tmp['text'] = $text;
            $tmp['quotable'] = $nuked_quotes;
            if ($canedit) {
                $tmp['canedit'] = true;
                $tmp['edittext'] = prepare_utf8_string($post['pagetext']);
            }
        }
        if ($avatarurl != '') {
            $tmp['avatarurl'] = $avatarurl;
        }
        $posts_out[] = $tmp;
    }
    if ($LASTPOST['dateline'] > $displayed_dateline) {
        $displayed_dateline = $LASTPOST['dateline'];
        if ($displayed_dateline <= $threadview) {
            $updatethreadcookie = true;
        }
    }
    // Set thread last view
    if ($displayed_dateline and $displayed_dateline > $threadview) {
        mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline);
    }
    vB::$vbulletin->db->free_result($posts);
    unset($post);
    $total = $record_count;
    return $posts_out;
}
Exemple #12
0
 $sql_or = array();
 ($hook = vBulletinHook::fetch_hook('blog_comments_start')) ? eval($hook) : false;
 // Set Perpage .. this limits it to 10. Any reason for more?
 if ($vbulletin->GPC['perpage'] == 0 or $vbulletin->GPC['perpage'] > $vbulletin->options['blog_commentsperpage']) {
     $perpage = $vbulletin->options['blog_commentsperpage'];
 } else {
     $perpage = $vbulletin->GPC['perpage'];
 }
 if ($vbulletin->GPC['userid']) {
     $userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1, 10);
     cache_permissions($userinfo, false);
     $show['entry_userinfo'] = false;
     if (!$userinfo['canviewmyblog']) {
         print_no_permission();
     }
     if (in_coventry($userinfo['userid']) and !can_moderate_blog()) {
         standard_error(fetch_error('invalidid', $vbphrase['blog'], $vbulletin->options['contactuslink']));
     }
     if ($vbulletin->userinfo['userid'] == $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])) {
         print_no_permission();
     }
     if ($vbulletin->userinfo['userid'] != $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) {
         if ($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) {
             // Can't view other's entries so off you go to your own blog.
             $bloginfo = array('userid' => $vbulletin->userinfo['userid'], 'title' => $vbulletin->userinfo['blog_title'] ? $vbulletin->userinfo['blog_title'] : $vbulletin->userinfo['username']);
             exec_header_redirect(fetch_seo_url('blog|js', $bloginfo));
         } else {
             print_no_permission();
         }
     }
     $sql_and[] = "blog_text.bloguserid = {$userinfo['userid']}";
 /**
  * Loads assorted show variables. Ideally, these would be used in templates,
  * but sometimes they're used within code.
  */
 public function load_show_variables()
 {
     parent::load_show_variables();
     global $vbulletin, $show, $threadinfo, $foruminfo;
     $show['foruminfo'] = (THIS_SCRIPT == 'forumdisplay' and $vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']);
     if (THIS_SCRIPT == 'showthread' and $threadinfo['threadid']) {
         if (!($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) or (!$threadinfo['visible'] and !can_moderate($foruminfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($foruminfo['forumid'])) or in_coventry($threadinfo['postuserid']) and !can_moderate($foruminfo['forumid']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
             $show['threadinfo'] = false;
         } else {
             $show['threadinfo'] = true;
         }
     } else {
         $show['threadinfo'] = false;
     }
 }
Exemple #14
0
    $start = ($pagenumber - 1) * $perpage;
    $messages = $db->query_read_slave("\n\t(\n\t\tSELECT\n\t\t\tvisitormessage.*, visitormessage.dateline AS pmdateline, user.*, visitormessage.ipaddress AS messageipaddress, visitormessage.userid AS profileuserid\n\t\t\t{$delsql1}\n\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, filedata_thumb, NOT ISNULL(customavatar.userid) AS hascustom" : "") . "\n\t\t\t{$hook_query_fields1}\n\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t{$deljoinsql1}\n\t\t{$hook_query_joins1}\n\t\tWHERE " . implode(" AND ", $sql1) . "\n\t\t{$hook_query_where1}\n\t)\n\tUNION\n\t(\n\t\tSELECT\n\t\t\tvisitormessage.*, visitormessage.dateline AS pmdateline, user.*, visitormessage.ipaddress AS messageipaddress, visitormessage.userid AS profileuserid\n\t\t\t" . ($deljoinsql2 ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "\n\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, filedata_thumb, NOT ISNULL(customavatar.userid) AS hascustom" : "") . "\n\t\t\t{$hook_query_fields2}\n\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t{$deljoinsql2}\n\t\t{$hook_query_joins2}\n\t\tWHERE " . implode(" AND ", $sql2) . "\n\t\t{$hook_query_where2}\n\t)\n\tORDER BY pmdateline DESC\n\tLIMIT {$start}, {$perpage}\n\t");
    $messagetotal = $db->found_rows();
    if ($start >= $messagetotal) {
        $pagenumber = ceil($messagetotal / $perpage);
    }
} while ($start >= $messagetotal and $messagetotal);
$block_data = array('messagestart' => $start + 1, 'messageend' => min($start + $perpage, $messagetotal), 'fromconverse' => 1);
$prepared = array('vm_total' => $messagetotal);
$bbcode = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$factory = new vB_Visitor_MessageFactory($vbulletin, $bbcode, $userinfo2);
$show['conversepage'] = true;
$block_data['messagebits'] = '';
$have_inlinemod = false;
while ($message = $db->fetch_array($messages)) {
    if (in_coventry($message['postuserid']) and !$vbulletin->GPC['showignored']) {
        $message['ignored'] = true;
    }
    if ($message['profileuserid'] == $vbulletin->userinfo['userid'] and $message['state'] == 'visible' and !$message['messageread']) {
        $read_ids[] = $message['vmid'];
    }
    $response_handler =& $factory->create($message);
    $response_handler->converse = false;
    $response_handler->cachable = false;
    $block_data['messagebits'] .= $response_handler->construct();
    if ($show['inlinemod']) {
        $have_inlinemod = true;
    }
    $block_data['lastcomment'] = !$block_data['lastcomment'] ? $message['dateline'] : $block_data['lastcomment'];
}
// our profile and ids that need read
Exemple #15
0
function do_get_thread()
{
    global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $vault, $vbphrase;
    $vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT, 'password' => TYPE_STR, 'signature' => TYPE_BOOL));
    if (empty($threadinfo['threadid'])) {
        json_error(ERR_INVALID_THREAD);
    }
    $threadedmode = 0;
    $threadid = $vbulletin->GPC['threadid'];
    // Goto first unread post?
    if ($vbulletin->GPC['pagenumber'] == FR_LAST_POST) {
        $threadinfo = verify_id('thread', $threadid, 1, 1);
        if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
            $vbulletin->userinfo['lastvisit'] = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
        } else {
            if (($tview = intval(fetch_bbarray_cookie('thread_lastview', $threadid))) > $vbulletin->userinfo['lastvisit']) {
                $vbulletin->userinfo['lastvisit'] = $tview;
            }
        }
        $coventry = fetch_coventry('string');
        $posts = $db->query_first("\n\t    SELECT MIN(postid) AS postid\n\t    FROM " . TABLE_PREFIX . "post\n\t    WHERE threadid = {$threadinfo['threadid']}\n\t    AND visible = 1\n\t    AND dateline > " . intval($vbulletin->userinfo['lastvisit']) . "\n\t    " . ($coventry ? "AND userid NOT IN ({$coventry})" : "") . "\n\t    LIMIT 1\n\t");
        if ($posts['postid']) {
            $postid = $posts['postid'];
        } else {
            $postid = $threadinfo['lastpostid'];
        }
    }
    // *********************************************************************************
    // workaround for header redirect issue from forms with enctype in IE
    // (use a scrollIntoView javascript call in the <body> onload event)
    $onload = '';
    // *********************************************************************************
    // set $perpage
    $perpage = max(FR_MIN_PERPAGE, min($vbulletin->GPC['perpage'], FR_MAX_PERPAGE));
    // FRNR
    //$perpage = sanitize_maxposts($vbulletin->GPC['perpage']);
    // *********************************************************************************
    // set post order
    if ($vbulletin->userinfo['postorder'] == 0) {
        $postorder = '';
    } else {
        $postorder = 'DESC';
    }
    // *********************************************************************************
    // get thread info
    $thread = verify_id('thread', $threadid, 1, 1);
    $threadinfo =& $thread;
    ($hook = vBulletinHook::fetch_hook('showthread_getinfo')) ? eval($hook) : false;
    // *********************************************************************************
    // check for visible / deleted thread
    if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts') or $thread['isdeleted'] and !can_moderate($thread['forumid'])) {
        json_error(ERR_INVALID_THREAD);
    }
    // *********************************************************************************
    // Tachy goes to coventry
    if (in_coventry($thread['postuserid']) and !can_moderate($thread['forumid'])) {
        json_error(ERR_INVALID_THREAD);
    }
    // FRNR Start
    // Check the forum password (set necessary cookies)
    if ($vbulletin->GPC['password'] && $foruminfo['password'] == $vbulletin->GPC['password']) {
        // set a temp cookie for guests
        if (!$vbulletin->userinfo['userid']) {
            set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']));
        } else {
            set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']), 1);
        }
    }
    // FRNR End
    // *********************************************************************************
    // do word wrapping for the thread title
    if ($vbulletin->options['wordwrap'] != 0) {
        $thread['title'] = fetch_word_wrapped_string($thread['title']);
    }
    $thread['title'] = fetch_censored_text($thread['title']);
    $thread['meta_description'] = strip_bbcode(strip_quotes($thread['description']), false, true);
    $thread['meta_description'] = htmlspecialchars_uni(fetch_censored_text(fetch_trimmed_title($thread['meta_description'], 500, false)));
    // *********************************************************************************
    // words to highlight from the search engine
    if (!empty($vbulletin->GPC['highlight'])) {
        $highlight = preg_replace('#\\*+#s', '*', $vbulletin->GPC['highlight']);
        if ($highlight != '*') {
            $regexfind = array('\\*', '\\<', '\\>');
            $regexreplace = array('[\\w.:@*/?=]*?', '<', '>');
            $highlight = preg_quote(strtolower($highlight), '#');
            $highlight = explode(' ', $highlight);
            $highlight = str_replace($regexfind, $regexreplace, $highlight);
            foreach ($highlight as $val) {
                if ($val = trim($val)) {
                    $replacewords[] = htmlspecialchars_uni($val);
                }
            }
        }
    }
    // *********************************************************************************
    // make the forum jump in order to fill the forum caches
    $navpopup = array('id' => 'showthread_navpopup', 'title' => $foruminfo['title_clean'], 'link' => fetch_seo_url('thread', $threadinfo));
    construct_quick_nav($navpopup);
    // *********************************************************************************
    // get forum info
    $forum = fetch_foruminfo($thread['forumid']);
    $foruminfo =& $forum;
    // *********************************************************************************
    // check forum permissions
    $forumperms = fetch_permissions($thread['forumid']);
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
        json_error(ERR_NO_PERMISSION);
    }
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($thread['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
        json_error(ERR_NO_PERMISSION);
    }
    // *********************************************************************************
    // check if there is a forum password and if so, ensure the user has it set
    if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'])) {
        // FRNR
        json_error(ERR_NEED_PASSWORD, RV_NEED_FORUM_PASSWORD);
    }
    // verify that we are at the canonical SEO url
    // and redirect to this if not
    //verify_seo_url('thread|js', $threadinfo, array('pagenumber' => $_REQUEST['pagenumber']));
    // *********************************************************************************
    // jump page if thread is actually a redirect
    if ($thread['open'] == 10) {
        $destthreadinfo = fetch_threadinfo($threadinfo['pollid']);
        exec_header_redirect(fetch_seo_url('thread|js', $destthreadinfo, $pageinfo));
    }
    // *********************************************************************************
    // get ignored users
    $ignore = array();
    if (trim($vbulletin->userinfo['ignorelist'])) {
        $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
        foreach ($ignorelist as $ignoreuserid) {
            $ignore["{$ignoreuserid}"] = 1;
        }
    }
    DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore)));
    // *********************************************************************************
    // filter out deletion notices if can't be seen
    if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canseedelnotice'] or can_moderate($threadinfo['forumid'])) {
        $deljoin = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON(post.postid = deletionlog.primaryid AND deletionlog.type = 'post')";
    } else {
        $deljoin = '';
    }
    $show['viewpost'] = can_moderate($threadinfo['forumid']) ? true : false;
    $show['managepost'] = iif(can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts'), true, false);
    $show['approvepost'] = can_moderate($threadinfo['forumid'], 'canmoderateposts') ? true : false;
    $show['managethread'] = can_moderate($threadinfo['forumid'], 'canmanagethreads') ? true : false;
    $show['approveattachment'] = can_moderate($threadinfo['forumid'], 'canmoderateattachments') ? true : false;
    $show['inlinemod'] = (!$show['threadedmode'] and ($show['managethread'] or $show['managepost'] or $show['approvepost'])) ? true : false;
    $show['spamctrls'] = ($show['inlinemod'] and $show['managepost']);
    $url = $show['inlinemod'] ? SCRIPTPATH : '';
    // build inline moderation popup
    if ($show['popups'] and $show['inlinemod']) {
        $threadadmin_imod_menu_post = vB_Template::create('threadadmin_imod_menu_post')->render();
    } else {
        $threadadmin_imod_menu_post = '';
    }
    // *********************************************************************************
    // find the page that we should be on to display this post
    if (!empty($postid) and $threadedmode == 0) {
        $postinfo = verify_id('post', $postid, 1, 1);
        $threadid = $postinfo['threadid'];
        $getpagenum = $db->query_first("\n    \t\tSELECT COUNT(*) AS posts\n    \t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\tWHERE threadid = {$threadid} AND visible = 1\n    \t\tAND dateline " . iif(!$postorder, '<=', '>=') . " {$postinfo['dateline']}\n    \t");
        $vbulletin->GPC['pagenumber'] = ceil($getpagenum['posts'] / $perpage);
    }
    // *********************************************************************************
    // update views counter
    if ($vbulletin->options['threadviewslive']) {
        // doing it as they happen; for optimization purposes, this cannot use a DM!
        $db->shutdown_query("\n    \t\tUPDATE " . TABLE_PREFIX . "thread\n    \t\tSET views = views + 1\n    \t\tWHERE threadid = " . intval($threadinfo['threadid']));
    } else {
        // or doing it once an hour
        $db->shutdown_query("\n    \t\tINSERT INTO " . TABLE_PREFIX . "threadviews (threadid)\n    \t\tVALUES (" . intval($threadinfo['threadid']) . ')');
    }
    // *********************************************************************************
    // display ratings if enabled
    $show['rating'] = false;
    if ($forum['allowratings'] == 1) {
        if ($thread['votenum'] > 0) {
            $thread['voteavg'] = vb_number_format($thread['votetotal'] / $thread['votenum'], 2);
            $thread['rating'] = intval(round($thread['votetotal'] / $thread['votenum']));
            if ($thread['votenum'] >= $vbulletin->options['showvotes']) {
                $show['rating'] = true;
            }
        }
        devdebug("threadinfo[vote] = {$threadinfo['vote']}");
        if ($threadinfo['vote']) {
            $voteselected["{$threadinfo['vote']}"] = 'selected="selected"';
            $votechecked["{$threadinfo['vote']}"] = 'checked="checked"';
        } else {
            $voteselected[0] = 'selected="selected"';
            $votechecked[0] = 'checked="checked"';
        }
    }
    // *********************************************************************************
    // set page number
    if ($vbulletin->GPC['pagenumber'] < 1) {
        $vbulletin->GPC['pagenumber'] = 1;
    } else {
        if ($vbulletin->GPC['pagenumber'] > ceil(($thread['replycount'] + 1) / $perpage)) {
            $vbulletin->GPC['pagenumber'] = ceil(($thread['replycount'] + 1) / $perpage);
        }
    }
    // *********************************************************************************
    // initialise some stuff...
    $limitlower = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
    $limitupper = $vbulletin->GPC['pagenumber'] * $perpage;
    $counter = 0;
    if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
        $threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
    } else {
        $threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
        if (!$threadview) {
            $threadview = $vbulletin->userinfo['lastvisit'];
        }
    }
    $threadinfo['threadview'] = intval($threadview);
    $displayed_dateline = 0;
    ################################################################################
    ############################### SHOW POLL ######################################
    ################################################################################
    $poll = '';
    if ($thread['pollid']) {
        $pollbits = '';
        $counter = 1;
        $pollid = $thread['pollid'];
        $show['editpoll'] = iif(can_moderate($threadinfo['forumid'], 'caneditpoll'), true, false);
        // get poll info
        $pollinfo = $db->query_first_slave("\n    \t\tSELECT *\n    \t\tFROM " . TABLE_PREFIX . "poll\n    \t\tWHERE pollid = {$pollid}\n    \t");
        require_once DIR . '/includes/class_bbcode.php';
        $bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
        $pollinfo['question'] = $bbcode_parser->parse(unhtmlspecialchars($pollinfo['question']), $forum['forumid'], true);
        $splitoptions = explode('|||', $pollinfo['options']);
        $splitoptions = array_map('rtrim', $splitoptions);
        $splitvotes = explode('|||', $pollinfo['votes']);
        $showresults = 0;
        $uservoted = 0;
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canvote'])) {
            $nopermission = 1;
        }
        if (!$pollinfo['active'] or !$thread['open'] or $pollinfo['dateline'] + $pollinfo['timeout'] * 86400 < TIMENOW and $pollinfo['timeout'] != 0 or $nopermission) {
            //thread/poll is closed, ie show results no matter what
            $showresults = 1;
        } else {
            //get userid, check if user already voted
            $voted = intval(fetch_bbarray_cookie('poll_voted', $pollid));
            if ($voted) {
                $uservoted = 1;
            }
        }
        ($hook = vBulletinHook::fetch_hook('showthread_poll_start')) ? eval($hook) : false;
        if ($pollinfo['timeout'] and !$showresults) {
            $pollendtime = vbdate($vbulletin->options['timeformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400);
            $pollenddate = vbdate($vbulletin->options['dateformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400);
            $show['pollenddate'] = true;
        } else {
            $show['pollenddate'] = false;
        }
        foreach ($splitvotes as $index => $value) {
            $pollinfo['numbervotes'] += $value;
        }
        if ($vbulletin->userinfo['userid'] > 0) {
            $pollvotes = $db->query_read_slave("\n    \t\t\tSELECT voteoption\n    \t\t\tFROM " . TABLE_PREFIX . "pollvote\n    \t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . " AND pollid = {$pollid}\n    \t\t");
            if ($db->num_rows($pollvotes) > 0) {
                $uservoted = 1;
            }
        }
        if ($showresults or $uservoted) {
            if ($uservoted) {
                $uservote = array();
                while ($pollvote = $db->fetch_array($pollvotes)) {
                    $uservote["{$pollvote['voteoption']}"] = 1;
                }
            }
        }
        $left = vB_Template_Runtime::fetchStyleVar('left');
        $right = vB_Template_Runtime::fetchStyleVar('right');
        $option['open'] = $left[0];
        $option['close'] = $right[0];
        foreach ($splitvotes as $index => $value) {
            $arrayindex = $index + 1;
            $option['uservote'] = iif($uservote["{$arrayindex}"], true, false);
            $option['question'] = $bbcode_parser->parse($splitoptions["{$index}"], $forum['forumid'], true);
            // public link
            if ($pollinfo['public'] and $value) {
                $option['votes'] = '<a href="poll.php?' . $vbulletin->session->vars['sessionurl'] . 'do=showresults&amp;pollid=' . $pollinfo['pollid'] . '">' . vb_number_format($value) . '</a>';
            } else {
                $option['votes'] = vb_number_format($value);
                //get the vote count for the option
            }
            $option['number'] = $counter;
            //number of the option
            //Now we check if the user has voted or not
            if ($showresults or $uservoted) {
                // user did vote or poll is closed
                if ($value <= 0) {
                    $option['percentraw'] = 0;
                } else {
                    if ($pollinfo['multiple']) {
                        $option['percentraw'] = $value < $pollinfo['voters'] ? $value / $pollinfo['voters'] * 100 : 100;
                    } else {
                        $option['percentraw'] = $value < $pollinfo['numbervotes'] ? $value / $pollinfo['numbervotes'] * 100 : 100;
                    }
                }
                $option['percent'] = vb_number_format($option['percentraw'], 2);
                $option['graphicnumber'] = $option['number'] % 6 + 1;
                $option['barnumber'] = round($option['percent']) * 2;
                $option['remainder'] = 201 - $option['barnumber'];
                // Phrase parts below
                if ($nopermission) {
                    $pollstatus = $vbphrase['you_may_not_vote_on_this_poll'];
                } else {
                    if ($showresults) {
                        $pollstatus = $vbphrase['this_poll_is_closed'];
                    } else {
                        if ($uservoted) {
                            $pollstatus = $vbphrase['you_have_already_voted_on_this_poll'];
                        }
                    }
                }
                ($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false;
                $templater = vB_Template::create('pollresult');
                $templater->register('names', $names);
                $templater->register('option', $option);
                $pollbits .= $templater->render();
            } else {
                ($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false;
                if ($pollinfo['multiple']) {
                    $templater = vB_Template::create('polloption_multiple');
                    $templater->register('option', $option);
                    $pollbits .= $templater->render();
                } else {
                    $templater = vB_Template::create('polloption');
                    $templater->register('option', $option);
                    $pollbits .= $templater->render();
                }
            }
            $counter++;
        }
        if ($pollinfo['multiple']) {
            $pollinfo['numbervotes'] = $pollinfo['voters'];
            $show['multiple'] = true;
        }
        if ($pollinfo['public']) {
            $show['publicwarning'] = true;
        } else {
            $show['publicwarning'] = false;
        }
        $displayed_dateline = $threadinfo['lastpost'];
        ($hook = vBulletinHook::fetch_hook('showthread_poll_complete')) ? eval($hook) : false;
        if ($showresults or $uservoted) {
            $templater = vB_Template::create('pollresults_table');
            $templater->register('pollbits', $pollbits);
            $templater->register('pollenddate', $pollenddate);
            $templater->register('pollendtime', $pollendtime);
            $templater->register('pollinfo', $pollinfo);
            $templater->register('pollstatus', $pollstatus);
            $poll = $templater->render();
        } else {
            $templater = vB_Template::create('polloptions_table');
            $templater->register('pollbits', $pollbits);
            $templater->register('pollenddate', $pollenddate);
            $templater->register('pollendtime', $pollendtime);
            $templater->register('pollinfo', $pollinfo);
            $poll = $templater->render();
        }
    }
    // work out if quickreply should be shown or not
    if ($vbulletin->options['quickreply'] and !$thread['isdeleted'] and !is_browser('netscape') and $vbulletin->userinfo['userid'] and ($vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown'] or $vbulletin->userinfo['userid'] != $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']) and ($thread['open'] or can_moderate($threadinfo['forumid'], 'canopenclose')) and !fetch_require_hvcheck('post')) {
        $show['quickreply'] = true;
    } else {
        $show['quickreply'] = false;
        $show['wysiwyg'] = 0;
        $quickreply = '';
    }
    $show['largereplybutton'] = (!$thread['isdeleted'] and !$show['threadedmode'] and $forum['allowposting'] and !$show['search_engine']);
    if (!$forum['allowposting']) {
        $show['quickreply'] = false;
    }
    $show['multiquote_global'] = ($vbulletin->options['multiquote'] and $vbulletin->userinfo['userid']);
    if ($show['multiquote_global']) {
        $vbulletin->input->clean_array_gpc('c', array('vbulletin_multiquote' => TYPE_STR));
        $vbulletin->GPC['vbulletin_multiquote'] = explode(',', $vbulletin->GPC['vbulletin_multiquote']);
    }
    // post is cachable if option is enabled, last post is newer than max age, and this user
    // isn't showing a sessionhash
    $post_cachable = ($vbulletin->options['cachemaxage'] > 0 and TIMENOW - $vbulletin->options['cachemaxage'] * 60 * 60 * 24 <= $thread['lastpost'] and $vbulletin->session->vars['sessionurl'] == '');
    $saveparsed = '';
    $save_parsed_sigs = '';
    ($hook = vBulletinHook::fetch_hook('showthread_post_start')) ? eval($hook) : false;
    ################################################################################
    ####################### SHOW THREAD IN LINEAR MODE #############################
    ################################################################################
    if ($threadedmode == 0) {
        // allow deleted posts to not be counted in number of posts displayed on the page;
        // prevents issue with page count on forum display being incorrect
        $ids = array();
        $lastpostid = 0;
        $hook_query_joins = $hook_query_where = '';
        ($hook = vBulletinHook::fetch_hook('showthread_query_postids')) ? eval($hook) : false;
        if (empty($deljoin) and !$show['approvepost']) {
            $totalposts = $threadinfo['replycount'] + 1;
            if (can_moderate($thread['forumid'])) {
                $coventry = '';
            } else {
                $coventry = fetch_coventry('string');
            }
            $getpostids = $db->query_read("\n    \t\t\tSELECT post.postid\n    \t\t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\t\t{$hook_query_joins}\n    \t\t\tWHERE post.threadid = {$threadid}\n    \t\t\t\tAND post.visible = 1\n    \t\t\t\t" . ($coventry ? "AND post.userid NOT IN ({$coventry})" : '') . "\n    \t\t\t\t{$hook_query_where}\n    \t\t\tORDER BY post.dateline {$postorder}\n    \t\t\tLIMIT {$limitlower}, {$perpage}\n    \t\t");
            while ($post = $db->fetch_array($getpostids)) {
                if (!isset($qrfirstpostid)) {
                    $qrfirstpostid = $post['postid'];
                }
                $qrlastpostid = $post['postid'];
                $ids[] = $post['postid'];
            }
            $db->free_result($getpostids);
            $lastpostid = $qrlastpostid;
        } else {
            $getpostids = $db->query_read("\n    \t\t\tSELECT post.postid, post.visible, post.userid\n    \t\t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\t\t{$hook_query_joins}\n    \t\t\tWHERE post.threadid = {$threadid}\n    \t\t\t\tAND post.visible IN (1\n    \t\t\t\t" . (!empty($deljoin) ? ",2" : "") . "\n    \t\t\t\t" . ($show['approvepost'] ? ",0" : "") . "\n    \t\t\t\t)\n    \t\t\t\t{$hook_query_where}\n    \t\t\tORDER BY post.dateline {$postorder}\n    \t\t");
            $totalposts = 0;
            if ($limitlower != 0) {
                $limitlower++;
            }
            while ($post = $db->fetch_array($getpostids)) {
                if (!isset($qrfirstpostid)) {
                    $qrfirstpostid = $post['postid'];
                }
                $qrlastpostid = $post['postid'];
                if ($post['visible'] == 1 and !in_coventry($post['userid']) and !$ignore[$post['userid']]) {
                    $totalposts++;
                }
                if ($totalposts < $limitlower or $totalposts > $limitupper) {
                    continue;
                }
                // remember, these are only added if they're going to be displayed
                $ids[] = $post['postid'];
                $lastpostid = $post['postid'];
            }
            $db->free_result($getpostids);
        }
        // '0' inside parenthesis in unlikely case we have no ids for this page
        // (this could happen if the replycount is wrong in the db)
        $postids = "post.postid IN (0" . implode(',', $ids) . ")";
        // load attachments
        if ($thread['attach']) {
            require_once DIR . '/packages/vbattach/attach.php';
            $attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
            $postattach = $attach->fetch_postattach(0, $ids);
        }
        $hook_query_fields = $hook_query_joins = '';
        ($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false;
        $posts = $db->query_read("\n    \t\tSELECT\n    \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n    \t\t\tuser.*, userfield.*, usertextfield.*,\n    \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n    \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n    \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n    \t\t\t" . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n    \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n    \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n    \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n    \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n    \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n    \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n    \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n    \t\t\t{$hook_query_fields}\n    \t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n    \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n    \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n    \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n    \t\t\t{$deljoin}\n    \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n    \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n    \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n    \t\t\t{$hook_query_joins}\n    \t\tWHERE {$postids}\n    \t\tORDER BY post.dateline {$postorder}\n    \t");
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
            $vbulletin->options['attachthumbs'] = 0;
        }
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
            $vbulletin->options['viewattachedimages'] = 0;
        }
        $postcount = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
        if ($postorder) {
            // Newest first
            $postcount = $totalposts - $postcount + 1;
        }
        $counter = 0;
        $postbits = '';
        $postbit_factory = new vB_Postbit_Factory();
        $postbit_factory->registry =& $vbulletin;
        $postbit_factory->forum =& $foruminfo;
        $postbit_factory->thread =& $thread;
        $postbit_factory->cache = array();
        $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
        while ($post = $db->fetch_array($posts)) {
            if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
                continue;
            }
            if ($post['visible'] == 1 and !$tachyuser) {
                ++$counter;
                if ($postorder) {
                    $post['postcount'] = --$postcount;
                } else {
                    $post['postcount'] = ++$postcount;
                }
            }
            if ($tachyuser) {
                $fetchtype = 'post_global_ignore';
            } else {
                if ($ignore["{$post['userid']}"]) {
                    $fetchtype = 'post_ignore';
                } else {
                    if ($post['visible'] == 2) {
                        $fetchtype = 'post_deleted';
                    } else {
                        $fetchtype = 'post';
                    }
                }
            }
            if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
                $fetchtype = 'post';
            }
            if ($fetchtype != 'post' && $fetchtype != 'post_deleted') {
                continue;
            }
            ($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;
            $postbit_obj =& $postbit_factory->fetch_postbit($fetchtype);
            if ($fetchtype == 'post') {
                $postbit_obj->highlight =& $replacewords;
            }
            $postbit_obj->cachable = $post_cachable;
            $post['islastshown'] = $post['postid'] == $lastpostid;
            $post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1);
            $post['islastshown'] = $post['postid'] == $lastpostid;
            $post['attachments'] = $postattach["{$post['postid']}"];
            $parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false);
            $postbits .= $postbit_obj->construct_postbit($post);
            // Only show after the first post, counter isn't incremented for deleted/moderated posts
            if ($post['isfirstshown']) {
                $postbits .= vB_Template::create('ad_showthread_firstpost')->render();
            }
            if ($post_cachable and $post['pagetext_html'] == '') {
                if (!empty($saveparsed)) {
                    $saveparsed .= ',';
                }
                $saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
            }
            if (!empty($postbit_obj->sig_cache) and $post['userid']) {
                if (!empty($save_parsed_sigs)) {
                    $save_parsed_sigs .= ',';
                }
                $save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
            }
            // get first and last post ids for this page (for big reply buttons)
            if (!isset($FIRSTPOSTID)) {
                $FIRSTPOSTID = $post['postid'];
            }
            $LASTPOSTID = $post['postid'];
            if ($post['dateline'] > $displayed_dateline) {
                $displayed_dateline = $post['dateline'];
                if ($displayed_dateline <= $threadview) {
                    $updatethreadcookie = true;
                }
            }
            // FRNR Start
            // find out if first post
            $getpost = $db->query_first("\n                    SELECT firstpostid\n                    FROM " . TABLE_PREFIX . "thread\n                    WHERE threadid = {$threadinfo['threadid']}\n                ");
            $isfirstpost = $getpost['firstpostid'] == $post['postid'];
            $candelete = false;
            if ($isfirstpost and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
                $candelete = true;
            } else {
                if (!$isfirstpost and can_moderate($threadinfo['forumid'], 'candeleteposts')) {
                    $candelete = true;
                } else {
                    if (($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and !$isfirstpost or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $isfirstpost) and $vbulletin->userinfo['userid'] == $post['userid']) {
                        $candelete = true;
                    }
                }
            }
            // Get post date/time
            $postdate = vbdate($vbulletin->options['dateformat'], $post['dateline'], 1);
            $posttime = vbdate($vbulletin->options['timeformat'], $post['dateline']);
            $fr_images = array();
            $docattach = array();
            // Attachments (images).
            if (is_array($post['attachments']) && count($post['attachments']) > 0) {
                foreach ($post['attachments'] as $attachment) {
                    $lfilename = strtolower($attachment['filename']);
                    if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
                        $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']);
                        if ($vbulletin->options['attachthumbs']) {
                            $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1';
                        }
                        $fr_images[] = $tmp;
                    }
                    if (strpos($lfilename, '.pdf') !== false) {
                        $docattach[] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'];
                    }
                }
            }
            // Parse the post for quotes and inline images
            list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $post['allowsmilie'] && $usesmilies);
            if (count($fr_images) > 0) {
                $text .= "<br/>";
                foreach ($fr_images as $attachment) {
                    $text .= "<img src=\"{$attachment['img']}\"/>";
                }
            }
            foreach ($images as $image) {
                $fr_images[] = array('img' => $image);
            }
            $avatarurl = '';
            // Avatar work
            if ($post['avatarurl']) {
                $avatarurl = process_avatarurl($post['avatarurl']);
            }
            $tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'forum_title' => prepare_utf8_string($foruminfo['title_clean']), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'] ? (string) $post['posts'] : '0', 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'online' => fetch_online_status(fetch_userinfo($post['userid']), false), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images);
            if ($candelete) {
                $tmp['candelete'] = true;
            }
            // Soft Deleted
            if ($post['visible'] == 2) {
                $tmp['deleted'] = true;
                $tmp['del_username'] = prepare_utf8_string($post['del_username']);
                if ($post['del_reason']) {
                    $tmp['del_reason'] = prepare_utf8_string($post['del_reason']);
                }
            } else {
                $tmp['text'] = $text;
                $tmp['quotable'] = $nuked_quotes;
                if ($post['editlink']) {
                    $tmp['canedit'] = true;
                    $tmp['edittext'] = prepare_utf8_string($post['pagetext']);
                }
            }
            if ($avatarurl != '') {
                $tmp['avatarurl'] = $avatarurl;
            }
            if (count($docattach) > 0) {
                $tmp['docattach'] = $docattach;
            }
            if ($vbulletin->GPC['signature']) {
                $sig = trim(remove_bbcode(strip_tags($post['signatureparsed']), true, true), '<a>');
                $sig = str_replace(array("\t", "\r"), array('', ''), $sig);
                $sig = str_replace("\n\n", "\n", $sig);
                $tmp['sig'] = prepare_utf8_string($sig);
            }
            // Begin Support for Post Thanks Hack - http://www.vbulletin.org/forum/showthread.php?t=122944
            if ($vbulletin->userinfo['userid'] && function_exists('post_thanks_off') && function_exists('can_thank_this_post') && function_exists('thanked_already') && function_exists('fetch_thanks')) {
                if (!post_thanks_off($thread['forumid'], $post, $thread['firstpostid'], THIS_SCRIPT)) {
                    global $ids;
                    if (can_thank_this_post($post, $thread['isdeleted'])) {
                        $tmp['canlike'] = true;
                    }
                    if (thanked_already($post, 0, true)) {
                        $tmp['likes'] = true;
                        if (!$vbulletin->options['post_thanks_delete_own']) {
                            $tmp['canlike'] = $tmp['likes'] = false;
                        }
                    }
                    $thanks = fetch_thanks($post['postid']);
                    $thank_users = array();
                    if (is_array($thanks)) {
                        foreach ($thanks as $thank) {
                            $thank_users[] = $thank['username'];
                        }
                    }
                    if (count($thank_users)) {
                        $tmp['likestext'] = prepare_utf8_string($vbphrase['fr_thanked_by'] . ': ' . join(', ', $thank_users));
                        $tmp['likesusers'] = join(', ', $thank_users);
                    }
                }
            }
            // End Support for Post Thanks Hack
            $posts_out[] = $tmp;
            // FRNR End
        }
        $db->free_result($posts);
        unset($post);
        if ($postbits == '' and $vbulletin->GPC['pagenumber'] > 1) {
            $pageinfo = array('page' => $vbulletin->GPC['pagenumber'] - 1);
            if (!empty($vbulletin->GPC['perpage'])) {
                $pageinfo['pp'] = $perpage;
            }
            if (!empty($vbulletin->GPC['highlight'])) {
                $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
            }
            exec_header_redirect(fetch_seo_url('thread|js', $threadinfo, $pageinfo));
        }
        DEVDEBUG("First Post: {$FIRSTPOSTID}; Last Post: {$LASTPOSTID}");
        $pageinfo = array();
        if ($vbulletin->GPC['highlight']) {
            $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
        }
        if (!empty($vbulletin->GPC['perpage'])) {
            $pageinfo['pp'] = $perpage;
        }
        $pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $totalposts, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo);
        if ($thread['lastpost'] > $threadview) {
            if ($firstnew) {
                $firstunread = fetch_seo_url('thread', $threadinfo, array('page' => $vbulletin->GPC['pagenumber'])) . '#post' . $firstnew;
                $show['firstunreadlink'] = true;
            } else {
                $firstunread = fetch_seo_url('thread', $threadinfo, array('goto' => 'newpost'));
                $show['firstunreadlink'] = true;
            }
        } else {
            $firstunread = '';
            $show['firstunreadlink'] = false;
        }
        if ($vbulletin->userinfo['postorder']) {
            // disable ajax qr when displaying linear newest first
            $show['allow_ajax_qr'] = 0;
        } else {
            // only allow ajax on the last page of a thread when viewing oldest first
            $show['allow_ajax_qr'] = $vbulletin->GPC['pagenumber'] == ceil($totalposts / $perpage) ? 1 : 0;
        }
        ################################################################################
        ################ SHOW THREAD IN THREADED OR HYBRID MODE ########################
        ################################################################################
    } else {
        // ajax qr doesn't work with threaded controls
        $show['allow_ajax_qr'] = 0;
        require_once DIR . '/includes/functions_threadedmode.php';
        // save data
        $ipostarray = array();
        $postarray = array();
        $userarray = array();
        $postparent = array();
        $postorder = array();
        $hybridposts = array();
        $deletedparents = array();
        $totalposts = 0;
        $links = '';
        $cache_postids = '';
        $hook_query_fields = $hook_query_joins = $hook_query_where = '';
        ($hook = vBulletinHook::fetch_hook('showthread_query_postids_threaded')) ? eval($hook) : false;
        // get all posts
        $listposts = $db->query_read("\n    \t\tSELECT\n    \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n    \t\t\tuser.*, userfield.*\n    \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n    \t\t\t{$hook_query_fields}\n    \t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n    \t\t{$hook_query_joins}\n    \t\tWHERE threadid = {$threadid}\n    \t\t\t{$hook_query_where}\n    \t\tORDER BY postid\n    \t");
        // $toppostid is the first post in the thread
        // $curpostid is the postid passed from the URL, or if not specified, the first post in the thread
        $ids = array();
        while ($post = $db->fetch_array($listposts)) {
            if ($post['visible'] == 2 and !$deljoin or $post['visible'] == 0 and !$show['approvepost'] or in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
                $deletedparents["{$post['postid']}"] = iif(isset($deletedparents["{$post['parentid']}"]), $deletedparents["{$post['parentid']}"], $post['parentid']);
                continue;
            }
            if (empty($toppostid)) {
                $toppostid = $post['postid'];
            }
            if (empty($postid)) {
                if (empty($curpostid)) {
                    $curpostid = $post['postid'];
                    if ($threadedmode == 2 and empty($vbulletin->GPC['postid'])) {
                        $vbulletin->GPC['postid'] = $curpostid;
                    }
                    $curpostparent = $post['parentid'];
                }
            } else {
                if ($post['postid'] == $postid) {
                    $curpostid = $post['postid'];
                    $curpostparent = $post['parentid'];
                }
            }
            $postparent["{$post['postid']}"] = $post['parentid'];
            $ipostarray["{$post['parentid']}"][] = $post['postid'];
            $postarray["{$post['postid']}"] = $post;
            $userarray["{$post['userid']}"] = $db->escape_string($post['username']);
            $totalposts++;
            $ids[] = $post['postid'];
        }
        $db->free_result($listposts);
        // hooks child posts up to new parent if actual parent has been deleted or hidden
        if (count($deletedparents) > 0) {
            foreach ($deletedparents as $dpostid => $dparentid) {
                if (is_array($ipostarray[$dpostid])) {
                    foreach ($ipostarray[$dpostid] as $temppostid) {
                        $postparent[$temppostid] = $dparentid;
                        $ipostarray[$dparentid][] = $temppostid;
                        $postarray[$temppostid]['parentid'] = $dparentid;
                    }
                    unset($ipostarray[$dpostid]);
                }
                if ($curpostparent == $dpostid) {
                    $curpostparent = $dparentid;
                }
            }
        }
        unset($post, $listposts, $deletedparents);
        if ($thread['attach']) {
            require_once DIR . '/packages/vbattach/attach.php';
            $attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
            $postattach = $attach->fetch_postattach(0, $ids);
        }
        // get list of usernames from post list
        $userjs = '';
        foreach ($userarray as $userid => $username) {
            if ($userid) {
                $userjs .= "pu[{$userid}] = \"" . addslashes_js($username) . "\";\n";
            }
        }
        unset($userarray, $userid, $username);
        $parent_postids = fetch_post_parentlist($curpostid);
        if (!$parent_postids) {
            $currentdepth = 0;
        } else {
            $currentdepth = sizeof(explode(',', $parent_postids));
        }
        sort_threaded_posts();
        if (empty($curpostid)) {
            eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])));
        }
        if ($threadedmode == 2) {
            $numhybrids = sizeof($hybridposts);
            if ($vbulletin->GPC['pagenumber'] < 1) {
                $vbulletin->GPC['pagenumber'] = 1;
            }
            $startat = ($vbulletin->GPC['pagenumber'] - 1) * $perpage;
            if ($startat > $numhybrids) {
                $vbulletin->GPC['pagenumber'] = 1;
                $startat = 0;
            }
            $endat = $startat + $perpage;
            for ($i = $startat; $i < $endat; $i++) {
                if (isset($hybridposts["{$i}"])) {
                    if (!isset($FIRSTPOSTID)) {
                        $FIRSTPOSTID = $hybridposts["{$i}"];
                    }
                    $cache_postids .= ",{$hybridposts[$i]}";
                    $LASTPOSTID = $hybridposts["{$i}"];
                }
            }
            $pageinfo = array('p' => $vbulletin->GPC['postid']);
            if ($vbulletin->GPC['highlight']) {
                $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']);
            }
            if (!empty($vbulletin->GPC['perpage'])) {
                $pageinfo['pp'] = $perpage;
            }
            $pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $numhybrids, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo);
        } else {
            $FIRSTPOSTID = $curpostid;
            $LASTPOSTID = $curpostid;
            // sort out which posts to cache:
            if (!$vbulletin->options['threaded_maxcache']) {
                $vbulletin->options['threaded_maxcache'] = 999999;
            }
            // cache $vbulletin->options['threaded_maxcache'] posts
            // take 0.25 from above $curpostid
            // and take 0.75 below
            if (sizeof($postorder) <= $vbulletin->options['threaded_maxcache']) {
                $startat = 0;
            } else {
                if ($curpostidkey + $vbulletin->options['threaded_maxcache'] * 0.75 > sizeof($postorder)) {
                    $startat = sizeof($postorder) - $vbulletin->options['threaded_maxcache'];
                } else {
                    if ($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25 < 0) {
                        $startat = 0;
                    } else {
                        $startat = intval($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25);
                    }
                }
            }
            unset($curpostidkey);
            foreach ($postorder as $postkey => $pid) {
                if ($postkey > $startat + $vbulletin->options['threaded_maxcache']) {
                    break;
                }
                if ($postkey >= $startat and empty($morereplies["{$pid}"])) {
                    $cache_postids .= ',' . $pid;
                }
            }
            // get next/previous posts for each post in the list
            // key: NAVJS[postid][0] = prev post, [1] = next post
            $NAVJS = array();
            $prevpostid = 0;
            foreach ($postorder as $pid) {
                $NAVJS["{$pid}"][0] = $prevpostid;
                $NAVJS["{$prevpostid}"][1] = $pid;
                $prevpostid = $pid;
            }
            $NAVJS["{$toppostid}"][0] = $pid;
            //prev button for first post
            $NAVJS["{$pid}"][1] = $toppostid;
            //next button for last post
            $navjs = '';
            foreach ($NAVJS as $pid => $info) {
                $navjs .= "pn[{$pid}] = \"{$info['0']},{$info['1']}\";\n";
            }
        }
        unset($ipostarray, $postparent, $postorder, $NAVJS, $postid, $info, $prevpostid, $postkey);
        $cache_postids = substr($cache_postids, 1);
        if (empty($cache_postids)) {
            // umm... something weird happened. Just prevent an error.
            eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])));
        }
        $hook_query_fields = $hook_query_joins = $hook_query_where = '';
        ($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false;
        $cacheposts = $db->query_read("\n    \t\tSELECT\n    \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n    \t\t\tuser.*, userfield.*, usertextfield.*,\n    \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n    \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,') . "\n    \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n    \t\t\t" . iif($deljoin, "deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,") . "\n    \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n    \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n    \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n    \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n    \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n    \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n    \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n    \t\t\t{$hook_query_fields}\n    \t\tFROM " . TABLE_PREFIX . "post AS post\n    \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n    \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n    \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n    \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n    \t\t\t{$deljoin}\n    \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n    \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n    \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n    \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n    \t\t\t{$hook_query_joins}\n    \t\tWHERE post.postid IN (" . $cache_postids . ") {$hook_query_where}\n    \t");
        // re-initialise the $postarray variable
        $postarray = array();
        while ($post = $db->fetch_array($cacheposts)) {
            $postarray["{$post['postid']}"] = $post;
        }
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
            $vbulletin->options['viewattachedimages'] = 0;
            $vbulletin->options['attachthumbs'] = 0;
        }
        // init
        $postcount = 0;
        $postbits = '';
        $saveparsed = '';
        $jspostbits = '';
        $postbit_factory = new vB_Postbit_Factory();
        $postbit_factory->registry =& $vbulletin;
        $postbit_factory->forum =& $foruminfo;
        $postbit_factory->thread =& $thread;
        $postbit_factory->cache = array();
        $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
        foreach (explode(',', $cache_postids) as $id) {
            // get the post from the post array
            if (!isset($postarray["{$id}"])) {
                continue;
            }
            $post = $postarray["{$id}"];
            if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
                continue;
            }
            if ($tachyuser) {
                $fetchtype = 'post_global_ignore';
            } else {
                if ($ignore["{$post['userid']}"]) {
                    $fetchtype = 'post_ignore';
                } else {
                    if ($post['visible'] == 2) {
                        $fetchtype = 'post_deleted';
                    } else {
                        $fetchtype = 'post';
                    }
                }
            }
            if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
                $fetchtype = 'post';
            }
            ($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;
            $postbit_obj =& $postbit_factory->fetch_postbit($fetchtype);
            if ($fetchtype == 'post') {
                $postbit_obj->highlight =& $replacewords;
            }
            $postbit_obj->cachable = $post_cachable;
            $post['postcount'] = ++$postcount;
            $post['attachments'] =& $postattach["{$post['postid']}"];
            $parsed_postcache = array('text' => '', 'images' => 1);
            $bgclass = 'alt2';
            if ($threadedmode == 2) {
                $postbits .= $postbit_obj->construct_postbit($post);
            } else {
                $postbit = $postbit_obj->construct_postbit($post);
                if ($curpostid == $post['postid']) {
                    $curpostdateline = $post['dateline'];
                    $curpostbit = $postbit;
                }
                $postbit = preg_replace('#</script>#i', "<\\/scr' + 'ipt>", addslashes_js($postbit));
                $jspostbits .= "pd[{$post['postid']}] = '{$postbit}';\n";
            }
            // end threaded mode
            if ($post_cachable and $post['pagetext_html'] == '') {
                if (!empty($saveparsed)) {
                    $saveparsed .= ',';
                }
                $saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "'," . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
            }
            if (!empty($postbit_obj->sig_cache) and $post['userid']) {
                if (!empty($save_parsed_sigs)) {
                    $save_parsed_sigs .= ',';
                }
                $save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
            }
            if ($post['dateline'] > $displayed_dateline) {
                $displayed_dateline = $post['dateline'];
                if ($displayed_dateline <= $threadview) {
                    $updatethreadcookie = true;
                }
            }
        }
        // end while ($post)
        $db->free_result($cacheposts);
        if ($threadedmode == 1) {
            $postbits = $curpostbit;
        }
        $templater = vB_Template::create('showthread_list');
        $templater->register('curpostid', $curpostid);
        $templater->register('highlightwords', $highlightwords);
        $templater->register('jspostbits', $jspostbits);
        $templater->register('links', $links);
        $templater->register('navjs', $navjs);
        $templater->register('threadedmode', $threadedmode);
        $templater->register('userjs', $userjs);
        $threadlist = $templater->render();
        unset($curpostbit, $post, $cacheposts, $parsed_postcache, $postbit);
    }
    ################################################################################
    ########################## END LINEAR / THREADED ###############################
    ################################################################################
    $effective_lastpost = max($displayed_dateline, $thread['lastpost']);
    // *********************************************************************************
    //set thread last view
    if ($thread['pollid'] and $vbulletin->options['updatelastpost'] and ($displayed_dateline == $thread['lastpost'] or $threadview == $thread['lastpost']) and $pollinfo['lastvote'] > $thread['lastpost']) {
        $displayed_dateline = $pollinfo['lastvote'];
    }
    if ((!$vbulletin->GPC['posted'] or $updatethreadcookie) and $displayed_dateline and $displayed_dateline > $threadview) {
        mark_thread_read($threadinfo, $foruminfo, $vbulletin->userinfo['userid'], $displayed_dateline);
    }
    // FRNR Below
    fr_update_subsent($threadinfo['threadid'], $displayed_dateline);
    if (!is_array($posts_out)) {
        $posts_out = array();
    }
    // Figure out if we can post
    $canpost = true;
    if ($threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
        $canpost = false;
    }
    if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) {
        $canpost = false;
    }
    if (!$threadinfo['open']) {
        if (!can_moderate($threadinfo['forumid'], 'canopenclose')) {
            $canpost = false;
        }
    }
    if (($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) {
        $canpost = false;
    }
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and $vbulletin->userinfo['userid'] == $threadinfo['postuserid']) {
        $canpost = false;
    }
    $mod = 0;
    if (can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts')) {
        $mod |= MOD_DELETEPOST;
    }
    if (can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
        if ($threadinfo['sticky']) {
            $mod |= MOD_UNSTICK;
        } else {
            $mod |= MOD_STICK;
        }
    }
    if ($threadinfo['visible'] != 2 and can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts') or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and ($vbulletin->options['edittimelimit'] == 0 or $threadinfo['dateline'] > TIMENOW - $vbulletin->options['edittimelimit'] * 60)) {
        $mod |= MOD_DELETETHREAD;
    }
    if (can_moderate($threadinfo['forumid'], 'canopenclose') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) {
        if ($threadinfo['open']) {
            $mod |= MOD_CLOSE;
        } else {
            $mod |= MOD_OPEN;
        }
    }
    if (can_moderate($threadinfo['forumid'], 'canmanagethreads') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canmove'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) {
        $mod |= MOD_MOVETHREAD;
    }
    if ($show['spamctrls']) {
        $mod |= MOD_SPAM_CONTROLS;
    }
    $out = array('posts' => $posts_out, 'total_posts' => $totalposts, 'page' => $vbulletin->GPC['pagenumber'], 'canpost' => $canpost ? 1 : 0, 'mod' => $mod, 'pollid' => $thread['pollid'], 'subscribed' => $threadinfo['issubscribed'] ? 1 : 0, 'title' => prepare_utf8_string($thread['title']), 'canattach' => $forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid']);
    if ($postid) {
        $out['gotopostid'] = $postid;
    }
    return $out;
}
Exemple #16
0
	private static function renderResult($userinfo, $post_array, $permissions,
		$forumperms, $target_url, $nodeid)
	{

		if (!count($post_array))
		{
			return '';
		}
		require_once DIR . '/includes/functions_bigthree.php' ;
		require_once DIR . '/includes/class_postbit.php' ;

		fetch_phrase_group('showthread');
		fetch_phrase_group('postbit');

		global $vbphrase;
		global $template_hook;
		global $show;
		global $thread;
		$thread = $thread->get_record();
		$threadinfo = verify_id('thread', $thread['threadid'], 1, 1);
		$foruminfo = verify_id('forum', $threadinfo['forumid'], 1, 1);
		$firstpostid = false;

		$displayed_dateline = 0;
		if (vB::$vbulletin->options['threadmarking'] AND vB::$vbulletin->userinfo['userid'])
		{
			$threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - (vB::$vbulletin->options['markinglimit'] * 86400));
		}
		else
		{
			$threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
			if (!$threadview)
			{
				$threadview = vB::$vbulletin->userinfo['lastvisit'];
			}
		}
		require_once DIR . '/includes/functions_user.php';
		$show['inlinemod'] = false;
		$postids = array();

		if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
		{
			vBCMS_Permissions::getUserPerms();
		}



		$postids = ' post.postid in ('
 			. implode(', ', $post_array) .')';


		$posts =  vB::$vbulletin->db->query_read($sql = "
			SELECT
			post.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,
			user.*, userfield.*, usertextfield.*,
			" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "
			" . iif( vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "
			" . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "
				" . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "
				editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,
				editlog.reason AS edit_reason, editlog.hashistory,
				postparsed.pagetext_html, postparsed.hasimages,
				sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,
				sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,
				IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,
			 	customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight
				" . iif(!($permissions['genericpermissions'] &  vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']),  vB::$vbulletin->profilefield['hidden']) . "
				$hook_query_fields
			FROM " . TABLE_PREFIX . "post AS post
			LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)
			LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)
			LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)
			" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "
			" . iif( vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "
			" . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "
				$deljoin
			LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)
			LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")
			LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")
			LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)
			LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)
				$hook_query_joins
			WHERE $postids
			ORDER BY post.dateline
		");

		if (!($forumperms &  vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) AND !($forumperms &  vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment']))
		{
			 vB::$vbulletin->options['attachthumbs'] = 0;
		}

		if (!($forumperms &  vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment']))
		{
			 vB::$vbulletin->options['viewattachedimages'] = 0;
		}

		$postcount = count($postid_array);

		$counter = 0;
		$postbits = '';
		 vB::$vbulletin->noheader = true;
		$postbit_factory = new vB_Postbit_Factory();
		$postbit_factory->registry =  vB::$vbulletin;
		$postbit_factory->forum = $foruminfo;
		$postbit_factory->thread = $thread;
		$postbit_factory->cache = array();
		$postbit_factory->bbcode_parser = new vB_BbCodeParser( vB::$vbulletin, fetch_tag_list());
		//We need to tell the parser to handle quotes differently.
		$postbit_factory->bbcode_parser->set_quote_template('vbcms_bbcode_quote');
		$postbit_factory->bbcode_parser->set_quote_vars(array('page_url' => $target_url .
			(strpos($target_url, '?') == false ? '?' : '&')));
		$show['return_node'] = $nodeid;
		$show['avatar'] = 1;

		while ($post =  vB::$vbulletin->db->fetch_array($posts))
		{
			if (! self::canViewPost($post, $permissions) )
			{
				continue;
			}

			if (! intval($post['userid']))
			{
				$post['avatarid'] = false;
			}
			else if (!$post['hascustomavatar'])
			{
				if ($post['profilepic'])
				{
					$post['hascustomavatar'] = 1;
					$post['avatarid'] = true;
					$post['avatarpath'] = "./image.php?u=" . $post['userid']  . "&amp;dateline=" . $post['profilepicdateline'] . "&amp;type=profile";
					$post['avwidth'] = $post['ppwidth'];
					$post['avheight'] = $post['ppheight'];
				}
				else
				{
					$post['hascustomavatar'] = 1;
					$post['avatarid'] = true;
					// explicity setting avatarurl to allow guests comments to show unknown avatar
					$post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif';
					$post['avwidth'] = 60;
					$post['avheight'] = 60;
				}
			}

			if ($tachyuser = in_coventry($post['userid']) AND !can_moderate($thread['forumid']))
			{
				continue;
			}

			if ($post['visible'] == 1 AND !$tachyuser)
			{
				++$counter;
				if ($postorder)
				{
					$post['postcount'] = --$postcount;
				}
				else
				{
					$post['postcount'] = ++$postcount;
				}
			}

			if ($tachyuser)
			{
				$fetchtype = 'post_global_ignore';
			}
			else if ($ignore["$post[userid]"])
			{
				$fetchtype = 'post_ignore';
			}
			else if ($post['visible'] == 2)
			{
				$fetchtype = 'post_deleted';
			}
			else
			{
				$fetchtype = 'post';
			}

			if (
				( vB::$vbulletin->GPC['viewfull'] AND $post['postid'] == $postinfo['postid'] AND $fetchtype != 'post')
				AND
				(can_moderate($threadinfo['forumid']) OR !$post['isdeleted'])
				)
			{
				$fetchtype = 'post';
			}

			($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;

			$postbit_obj = $postbit_factory->fetch_postbit($fetchtype);
			$postbit_obj->set_template_prefix('vbcms_');

			if ($fetchtype == 'post')
			{
				$postbit_obj->highlight = $replacewords;
			}

			if (!$firstpostid)
			{
				$firstpostid = $post['postid'];
			}

			$post['islastshown'] = ($post['postid'] == $lastpostid);
			$post['isfirstshown'] = ($counter == 1 AND $fetchtype == 'post' AND $post['visible'] == 1);
			$post['islastshown'] = ($post['postid'] == $lastpostid);
			$post['attachments'] = $postattach["$post[postid]"];

			$parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false);


			$this_postbit = $postbit_obj->construct_postbit($post);

			$this_template = vB_Template::create('vbcms_comments_detail');
			$this_template->register('postid', $post['postid'] );
			$this_template->register('postbit', $this_postbit);
			$this_template->register('indent', $post_array[$this_key]['level'] * $pixel_indent);

			$postbits .= $this_template->render();
			$LASTPOST = $post;

			// Only show after the first post, counter isn't incremented for deleted/moderated posts

			if ($post_cachable AND $post['pagetext_html'] == '')
			{
				if (!empty($saveparsed))
				{
					$saveparsed .= ',';
				}
				$saveparsed .= "($post[postid], " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
			}

			if (!empty($postbit_obj->sig_cache) AND $post['userid'])
			{
				if (!empty($save_parsed_sigs))
				{
					$save_parsed_sigs .= ',';
				}
				$save_parsed_sigs .= "($post[userid], " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
			}
		}


		if ($LASTPOST['dateline'] > $displayed_dateline)
		{
			$displayed_dateline = $LASTPOST['dateline'];
			if ($displayed_dateline <= $threadview)
			{
				$updatethreadcookie = true;
			}
		}

		if ($firstpostid)
		{
			$this_template->register('FIRSTPOSTID', $firstpostid );
		}

		if ($lastpostid)
		{
			$this_template->register('LASTPOSTID', $lastpostid);
		}
		// Set thread last view
		if ($displayed_dateline AND $displayed_dateline > $threadview)
		{
			mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline);
		}

		vB::$vbulletin->db->free_result($posts);
		unset($post);
		return $postbits;
	}
Exemple #17
0
	$hook_query_fields = $hook_query_joins = $hook_query_where = '';
	($hook = vBulletinHook::fetch_hook('blog_search_results_query')) ? eval($hook) : false;

	$results = $db->query_read("
		SELECT blog.*, blog_searchresult.offset, IF(blog_user.title <> '', blog_user.title, blog.username) AS blogtitle
		" . (($vbulletin->userinfo['userid'] AND in_coventry($vbulletin->userinfo['userid'], true)) ? "
		,IF(blog_tachyentry.userid IS NULL, blog.lastcomment, blog_tachyentry.lastcomment) AS lastcomment
		,IF(blog_tachyentry.userid IS NULL, blog.lastcommenter, blog_tachyentry.lastcommenter) AS lastcommenter
		,IF(blog_tachyentry.userid IS NULL, blog.lastblogtextid, blog_tachyentry.lastblogtextid) AS lastblogtextid
		" : "") . "
			$hook_query_fields
		FROM " . TABLE_PREFIX . "blog_searchresult AS blog_searchresult
		INNER JOIN " . TABLE_PREFIX . "blog AS blog ON (blog_searchresult.id = blog.blogid)
		LEFT JOIN " . TABLE_PREFIX . "blog_user AS blog_user ON (blog_user.bloguserid = blog.userid)
		" . (($vbulletin->userinfo['userid'] AND in_coventry($vbulletin->userinfo['userid'], true)) ? "
		LEFT JOIN " . TABLE_PREFIX . "blog_tachyentry AS blog_tachyentry ON (blog_tachyentry.blogid = blog.blogid AND blog_tachyentry.userid = " . $vbulletin->userinfo['userid'] . ")
		" : "") . "
		$hook_query_joins
		WHERE blog_searchresult.blogsearchid = $search[blogsearchid]
			AND blog_searchresult.offset >= " . $vbulletin->GPC['start'] . "
		$hook_query_where
		ORDER BY offset
		LIMIT $perpage
	");

	$resultbits = '';
	while ($blog = $db->fetch_array($results))
	{
		$canmoderation = (can_moderate_blog('canmoderatecomments') OR $vbulletin->userinfo['userid'] == $blog['userid']);
		$blog['trackbacks_total'] = $blog['trackback_visible'] + ($canmoderation ? $blog['trackback_moderation'] : 0);
 /**
  * Code to run after saving a picture comment
  *
  * @param	boolean	Do the query?
  */
 function post_save_once($doquery = true)
 {
     $commentid = intval($this->fetch_field('commentid'));
     if (!$this->condition) {
         if ($this->fetch_field('pictureid')) {
             $this->insert_dupehash($this->fetch_field('pictureid'));
         }
         if ($this->info['pictureuser'] and !in_coventry($this->fetch_field('postuserid'), true)) {
             $userdata =& datamanager_init('User', $this->registry, ERRTYPE_STANDARD);
             $userdata->set_existing($this->info['pictureuser']);
             if (!$this->fetch_field('messageread') and $this->fetch_field('state') == 'visible') {
                 $userdata->set('pcunreadcount', 'pcunreadcount + 1', false);
             } else {
                 if ($this->fetch_field('state') == 'moderation') {
                     $userdata->set('pcmoderatedcount', 'pcmoderatedcount + 1', false);
                 }
             }
             $userdata->save();
         }
     }
     if ($this->fetch_field('state') == 'moderation') {
         /*insert query*/
         $this->dbobject->query_write("\n\t\t\t\tINSERT IGNORE INTO " . TABLE_PREFIX . "moderation\n\t\t\t\t\t(primaryid, type, dateline)\n\t\t\t\tVALUES\n\t\t\t\t\t({$commentid}, 'picturecomment', " . TIMENOW . ")\n\t\t\t");
     }
     ($hook = vBulletinHook::fetch_hook('picturecommentdata_postsave')) ? eval($hook) : false;
 }
Exemple #19
0
                // wrong username / password
                exec_strike_user($vbulletin->userinfo['username']);
                $error_message = fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes);
                $do = 'error';
            }
        }
    }
}
if ($do == 'error') {
} else {
    if ($t) {
        $do = 'thread';
        $threadinfo = fetch_threadinfo($t);
        $foruminfo = fetch_foruminfo($threadinfo['forumid']);
        $forumperms = $vbulletin->userinfo['forumpermissions'][$foruminfo['forumid']];
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or in_coventry($threadinfo['postuserid']) or $threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
            exit;
        }
        verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
        if (trim($foruminfo['link']) != '') {
            exec_header_redirect($foruminfo['link'], true);
        }
        $title = "{$threadinfo['prefix_plain_html']} {$threadinfo['title']} [{$vbphrase['archive']}] " . ($p > 1 ? ' - ' . construct_phrase($vbphrase['page_x'], $p) : '') . " - {$title}";
        $p = intval($p);
        $metatags = "<meta name=\"keywords\" content=\"{$threadinfo['prefix_plain_html']} {$threadinfo['title']}, " . $vbulletin->options['keywords'] . "\" />\n\t<meta name=\"description\" content=\"[{$vbphrase['archive']}] " . ($p > 1 ? construct_phrase($vbphrase['page_x'], $p) . " " : "") . "{$threadinfo['prefix_plain_html']} {$threadinfo['title']} {$foruminfo['title_clean']}\" />\n\t";
    } else {
        if ($f) {
            $do = 'forum';
            $forumperms = $vbulletin->userinfo['forumpermissions'][$f];
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
                exit;
Exemple #20
0
 /**
  * Prepare any data needed for the output
  *
  * @param	string	The id of the block
  * @param	array	Options specific to the block
  */
 function prepare_output($id = '', $options = array())
 {
     global $show, $vbphrase, $messagearea, $vBeditTemplate;
     require_once DIR . '/includes/functions_visitormessage.php';
     require_once DIR . '/includes/class_bbcode.php';
     require_once DIR . '/includes/class_visitormessage.php';
     if (is_array($options)) {
         $options = array_merge($this->option_defaults, $options);
     } else {
         $options = $this->option_defaults;
     }
     if ($options['vmid']) {
         $messageinfo = verify_visitormessage($options['vmid'], false);
     }
     $state = array('visible');
     if (fetch_visitor_message_perm('canmoderatevisitormessages', $this->profile->userinfo)) {
         $state[] = 'moderation';
     }
     if (can_moderate(0, 'canmoderatevisitormessages') or $this->registry->userinfo['userid'] == $this->profile->userinfo['userid'] and $this->registry->userinfo['permissions']['visitormessagepermissions'] & $this->registry->bf_ugp_visitormessagepermissions['canmanageownprofile']) {
         $state[] = 'deleted';
         $deljoinsql = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (visitormessage.vmid = deletionlog.primaryid AND deletionlog.type = 'visitormessage')";
     } else {
         $deljoinsql = '';
     }
     $state_or = array("visitormessage.state IN ('" . implode("','", $state) . "')");
     // Get the viewing user's moderated posts
     if ($this->registry->userinfo['userid'] and !fetch_visitor_message_perm('canmoderatevisitormessages', $this->profile->userinfo)) {
         $state_or[] = "(visitormessage.postuserid = " . $this->registry->userinfo['userid'] . " AND state = 'moderation')";
     }
     $perpage = (!$options['perpage'] or $options['perpage'] > $this->registry->options['vm_maxperpage']) ? $this->registry->options['vm_perpage'] : $options['perpage'];
     if ($messageinfo['vmid']) {
         $getpagenum = $this->registry->db->query_first("\n\t\t\t\tSELECT COUNT(*) AS comments\n\t\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\t\tWHERE userid = " . $this->profile->userinfo['userid'] . "\n\t\t\t\t\tAND (" . implode(" OR ", $state_or) . ")\n\t\t\t\t\tAND dateline >= {$messageinfo['dateline']}\n\t\t\t");
         $options['pagenumber'] = ceil($getpagenum['comments'] / $perpage);
     }
     $pagenumber = $options['pagenumber'];
     do {
         if (!$pagenumber or $options['tab'] != $id and $options['tab'] != '') {
             $pagenumber = 1;
         }
         $start = ($pagenumber - 1) * $perpage;
         $hook_query_fields = $hook_query_joins = $hook_query_where = '';
         ($hook = vBulletinHook::fetch_hook('member_profileblock_visitormessage_query')) ? eval($hook) : false;
         if ($this->registry->options['globalignore'] != '') {
             if (!can_moderate(0, 'candeletevisitormessages') and !can_moderate(0, 'canremovevisitormessages')) {
                 require_once DIR . '/includes/functions_bigthree.php';
                 $coventry = fetch_coventry('string');
             }
         }
         $messagebits = '';
         $messages = $this->registry->db->query_read("\n\t\t\t\tSELECT " . (!isset($this->profile->prepared['vm_total']) ? "SQL_CALC_FOUND_ROWS" : "") . "\n\t\t\t\t\tvisitormessage.*, user.*, visitormessage.ipaddress AS messageipaddress\n\t\t\t\t\t" . ($this->registry->userinfo['userid'] ? ",IF(userlist.userid IS NOT NULL, 1, 0) AS bbuser_iscontact_of_user" : "") . "\n\t\t\t\t\t" . ($deljoinsql ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "\n\t\t\t\t\t" . ($this->registry->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, filedata_thumb, NOT ISNULL(customavatar.userid) AS hascustom" : "") . "\n\t\t\t\t\t{$hook_query_fields}\n\t\t\t\tFROM " . TABLE_PREFIX . "visitormessage AS visitormessage\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (visitormessage.postuserid = user.userid)\n\t\t\t\t" . ($this->registry->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.userid = user.userid AND userlist.type = 'buddy' AND userlist.relationid = " . $this->registry->userinfo['userid'] . ")" : "") . "\n\t\t\t\t" . ($this->registry->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\t\t{$deljoinsql}\n\t\t\t\t{$hook_query_joins}\n\t\t\t\tWHERE visitormessage.userid = " . $this->profile->userinfo['userid'] . "\n\t\t\t\t\tAND (" . implode(" OR ", $state_or) . ")\n\t\t\t\t" . ($coventry ? "AND visitormessage.postuserid NOT IN (" . $coventry . ")" : '') . "\n\t\t\t\t\t{$hook_query_where}\n\t\t\t\tORDER BY visitormessage.dateline DESC\n\t\t\t\tLIMIT {$start}, {$perpage}\n\t\t\t");
         if (!isset($this->profile->prepared['vm_total'])) {
             list($messagetotal) = $this->registry->db->query_first("SELECT FOUND_ROWS()", DBARRAY_NUM);
         } else {
             $messagetotal = $this->profile->prepared['vm_total'];
         }
         if ($start >= $messagetotal) {
             $pagenumber = ceil($messagetotal / $perpage);
         }
     } while ($start >= $messagetotal and $messagetotal);
     $this->block_data['messagestart'] = $start + 1;
     $this->block_data['messageend'] = min($start + $perpage, $messagetotal);
     $bbcode = new vB_BbCodeParser($this->registry, fetch_tag_list());
     $factory = new vB_Visitor_MessageFactory($this->registry, $bbcode, $this->profile->userinfo);
     $messagebits = '';
     if ($this->registry->userinfo['userid'] and empty($options['showignored'])) {
         $ignorelist = preg_split('/( )+/', trim($this->registry->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
     } else {
         $ignorelist = array();
     }
     $firstrecord = array();
     $read_ids = array();
     while ($message = $this->registry->db->fetch_array($messages)) {
         // Process user.options
         $message = array_merge($message, convert_bits_to_array($message['options'], $this->registry->bf_misc_useroptions));
         if (!$firstrecord) {
             $firstrecord = $message;
         }
         if ($ignorelist and in_array($message['postuserid'], $ignorelist)) {
             $message['ignored'] = true;
         }
         if (empty($options['showignored']) and in_coventry($message['postuserid'])) {
             $message['ignored'] = true;
         }
         $response_handler =& $factory->create($message);
         $response_handler->converse = true;
         if (!$message['vm_enable'] and (!can_moderate(0, 'canmoderatevisitormessages') or $this->registry->userinfo['userid'] == $message['postuserid']) or $message['vm_contactonly'] and !can_moderate(0, 'canmoderatevisitormessages') and $message['postuserid'] != $this->registry->userinfo['userid'] and !$message['bbuser_iscontact_of_user']) {
             $response_handler->converse = false;
         }
         $response_handler->cachable = false;
         $messagebits .= $response_handler->construct();
         if (!$message['messageread'] and $message['state'] == 'visible') {
             $read_ids[] = $message['vmid'];
         }
         $lastcomment = !$lastcomment ? $message['dateline'] : $lastcomment;
     }
     $readvms = 0;
     // If it's our profile and the visible or default tab then we hope they've read it
     // if ($this->profile->userinfo['userid'] == $this->registry->userinfo['userid'] AND ($options['tab'] == $id OR $options['tab'] == '') AND !empty($read_ids))
     if ($this->profile->userinfo['userid'] == $this->registry->userinfo['userid']) {
         if (!empty($read_ids)) {
             $readvms = sizeof($read_ids);
             $this->registry->db->query_write("UPDATE " . TABLE_PREFIX . "visitormessage SET messageread = 1 WHERE vmid IN (" . implode(',', $read_ids) . ")");
         }
         if ($this->profile->userinfo['vmunreadcount'] - $readvms > 0 and $this->registry->options['globalignore'] != '') {
             // We still have unread VMs somewhere, and Tachy is enabled
             build_visitor_message_counters($this->profile->userinfo['userid']);
         } else {
             if ($readvms) {
                 // This is more than likely on the second page
                 $this->registry->db->query_write("\n\t\t\t\t\tUPDATE " . TABLE_PREFIX . "user\n\t\t\t\t\tSET vmunreadcount = IF(vmunreadcount >= {$readvms}, vmunreadcount - {$readvms}, 0)\n\t\t\t\t\tWHERE userid = " . $this->registry->userinfo['userid']);
             }
         }
     }
     if ($pagenumber == 1 and (!isset($this->profile->prepared['vm_total']) or !isset($this->profile->prepared['lastvm_time']) or !isset($this->profile->prepared['lastvm_date']))) {
         $pminfo = array('dateline' => $firstrecord['dateline'], 'messages' => $messagetotal);
     } else {
         $pminfo = null;
     }
     $this->profile->prepare('vm_total', $pminfo);
     $this->block_data['messagebits'] = $messagebits;
     $this->block_data['lastcomment'] = $lastcomment;
     $show['delete'] = fetch_visitor_message_perm('candeletevisitormessages', $this->profile->userinfo);
     $show['undelete'] = fetch_visitor_message_perm('canundeletevisitormessages', $this->profile->userinfo);
     $show['approve'] = fetch_visitor_message_perm('canmoderatevisitormessages', $this->profile->userinfo);
     $show['inlinemod'] = ($show['delete'] or $show['undelete'] or $show['approve']);
     // Only allow AJAX QC on the first page
     $show['quickcomment'] = $show['post_visitor_message'];
     $show['allow_ajax_qc'] = ($pagenumber == 1 and $messagetotal) ? 1 : 0;
     $pageinfo = array('tab' => $id);
     if ($options['perpage'] != $this->registry->options['vm_perpage']) {
         $pageindo['pp'] = $options['perpage'];
     }
     if (!empty($options['showignored'])) {
         $pageinfo['showignored'] = 1;
     }
     $this->block_data['pagenav'] = construct_page_nav($pagenumber, $perpage, $messagetotal, '', '', $id, 'member', $this->profile->userinfo, $pageinfo);
     $this->block_data['messagetotal'] = $messagetotal;
     $show['view_conversation'] = (!$this->profile->prepared['myprofile'] and THIS_SCRIPT != 'converse' and $this->registry->userinfo['vm_enable']);
     if ($show['quickcomment']) {
         require_once DIR . '/includes/functions_editor.php';
         $this->block_data['editorid'] = construct_edit_toolbar('', false, 'visitormessage', $this->registry->options['allowsmilies'], true, false, 'qr_small', '', array(), 'content', 'vBForum_VisitorMessage', 0, $this->profile->userinfo['userid']);
         $this->block_data['messagearea'] = $messagearea;
         $this->block_data['clientscript'] = $vBeditTemplate['clientscript'];
     }
 }
Exemple #21
0
		{
			$xml->add_tag('error', 'nopermission');
			$xml->print_xml();
		}

		// check if there is a forum password and if so, ensure the user has it set
		verify_forum_password($foruminfo['forumid'], $foruminfo['password']);

		// Tachy goes to coventry
		if (in_coventry($threadinfo['postuserid']) AND !can_moderate($threadinfo['forumid']))
		{
			// do not show post if part of a thread from a user in Coventry and bbuser is not mod
			$xml->add_tag('error', 'nopermission');
			$xml->print_xml();
		}
		if (in_coventry($postinfo['userid']) AND !can_moderate($threadinfo['forumid']))
		{
			// do not show post if posted by a user in Coventry and bbuser is not mod
			$xml->add_tag('error', 'nopermission');
			$xml->print_xml();
		}

		$show['managepost'] = iif (can_moderate($threadinfo['forumid'], 'candeleteposts') OR can_moderate($threadinfo['forumid'], 'canremoveposts'), true, false);
		$show['approvepost'] = (can_moderate($threadinfo['forumid'], 'canmoderateposts')) ? true : false;
		$show['managethread'] = (can_moderate($threadinfo['forumid'], 'canmanagethreads')) ? true : false;
		$show['quick_edit_form_tag'] = ($show['managethread'] OR $show['managepost'] OR $show['approvepost']) ? false : true;

		// Is this the first post in the thread?
		$isfirstpost = $postinfo['postid'] == $threadinfo['firstpostid'] ? true : false;

		if ($isfirstpost AND can_moderate($threadinfo['forumid'], 'canmanagethreads'))
Exemple #22
0
/**
* Gets counter information and makes sure the forums are in the proper order
* for tree iteration. Changes will be made to the forum cache directly.
*
* @param	boolean	Whether or not to get the forum counter info
* @param	boolean	Whether to include invisible forums in the liast
* @param	integer	ID of the user that subscribed forums should be fetched for
*/
function cache_ordered_forums($getcounters = 0, $getinvisibles = 0, $userid = 0)
{
	global $vbulletin;

	// query forum table to get latest lastpost/lastthread info and counters
	if ($getcounters)
	{
		if ($vbulletin->userinfo['userid'] AND in_coventry($vbulletin->userinfo['userid'], true))
		{
			$tachyjoin = "
				LEFT JOIN " . TABLE_PREFIX . "tachyforumpost AS tachyforumpost ON
					(tachyforumpost.forumid = forum.forumid AND tachyforumpost.userid = " . $vbulletin->userinfo['userid'] . ")
				LEFT JOIN " . TABLE_PREFIX . "tachyforumcounter AS tachyforumcounter ON
					(tachyforumpost.forumid = forum.forumid AND tachyforumpost.userid = " . $vbulletin->userinfo['userid'] . ")
			";

			$counter_select = '
				forum.forumid,
				IF(tachyforumpost.userid IS NULL, forum.lastpost, tachyforumpost.lastpost) AS lastpost,
				IF(tachyforumpost.userid IS NULL, forum.lastposter, tachyforumpost.lastposter) AS lastposter,
				IF(tachyforumpost.userid IS NULL, forum.lastposterid, tachyforumpost.lastposterid) AS lastposterid,
				IF(tachyforumpost.userid IS NULL, forum.lastthread, tachyforumpost.lastthread) AS lastthread,
				IF(tachyforumpost.userid IS NULL, forum.lastthreadid, tachyforumpost.lastthreadid) AS lastthreadid,
				IF(tachyforumpost.userid IS NULL, forum.lasticonid, tachyforumpost.lasticonid) AS lasticonid,
				IF(tachyforumpost.userid IS NULL, forum.lastpostid, tachyforumpost.lastpostid) AS lastpostid,
				IF(tachyforumpost.userid IS NULL, forum.lastprefixid, tachyforumpost.lastprefixid) AS lastprefixid,
				IF(tachyforumcounter.userid IS NULL, forum.threadcount, forum.threadcount + tachyforumcounter.threadcount) AS threadcount,
				IF(tachyforumcounter.userid IS NULL, forum.replycount, forum.replycount + tachyforumcounter.replycount) AS replycount
			';
		}
		else
		{
			$tachyjoin = '';
			$counter_select = 'forum.forumid, forum.lastpost, forum.lastposter, forum.lastposterid, forum.lastthread, forum.lastthreadid, forum.lasticonid, forum.threadcount, forum.replycount, forum.lastpostid, forum.lastprefixid';
		}

		($hook = vBulletinHook::fetch_hook('cache_ordered_forums')) ? eval($hook) : false;

		// get subscribed forums too
		if ($userid)
		{
			$query = "
				SELECT subscribeforumid, $counter_select, user.usergroupid, user.homepage, user.options AS useroptions, IF(userlist.friend = 'yes', 1, 0) AS isfriend
					". iif($vbulletin->options['threadmarking'], ', forumread.readtime AS forumread') . "
				FROM " . TABLE_PREFIX . "forum AS forum
				LEFT JOIN " . TABLE_PREFIX . "subscribeforum AS subscribeforum ON (subscribeforum.forumid = forum.forumid AND subscribeforum.userid = $userid)
				" . iif($vbulletin->options['threadmarking'], " LEFT JOIN " . TABLE_PREFIX . "forumread AS forumread ON (forumread.forumid = forum.forumid AND forumread.userid = $userid)") . "
				LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = forum.lastposterid)
				LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.relationid = user.userid AND userlist.type = 'buddy' AND userlist.userid = " . $vbulletin->userinfo['userid'] . ")
				$tachyjoin
			";
		}
		// just get counters
		else
		{
			$query = "
				SELECT $counter_select, user.usergroupid, user.homepage, user.options AS useroptions, IF(userlist.friend = 'yes', 1, 0) AS isfriend
					". iif($vbulletin->options['threadmarking'] AND $vbulletin->userinfo['userid'], ', forumread.readtime AS forumread') . "
				FROM " . TABLE_PREFIX . "forum AS forum
				" . iif($vbulletin->options['threadmarking'] AND $vbulletin->userinfo['userid'], " LEFT JOIN " . TABLE_PREFIX . "forumread AS forumread ON (forumread.forumid = forum.forumid AND forumread.userid = " .  $vbulletin->userinfo['userid'] . ")") . "
				LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = forum.lastposterid)
				LEFT JOIN " . TABLE_PREFIX . "userlist AS userlist ON (userlist.relationid = user.userid AND userlist.type = 'buddy' AND userlist.userid = " . $vbulletin->userinfo['userid'] . ")
				$tachyjoin
			";
		}
	}
		// get subscribed forums
	else if ($userid)
	{
		$query = "
			SELECT subscribeforumid, forumid
			FROM " . TABLE_PREFIX . "subscribeforum
			WHERE userid = $userid
		";
	}
	// don't bother to query forum table, just use the cache
	else
	{
		$query = null;
	}

	if ($query !== null)
	{
		$db =& $vbulletin->db;

		$getthings = $db->query_read_slave($query);
		if ($db->num_rows($getthings))
		{
			while ($getthing = $db->fetch_array($getthings))
			{
				if (empty($vbulletin->forumcache["$getthing[forumid]"]))
				{
					$vbulletin->forumcache["$getthing[forumid]"] = $getthing;
				}
				else
				{
					// this adds the existing cache to $getthing without overwriting
					// any of $getthing's keys
					$vbulletin->forumcache["$getthing[forumid]"] = $getthing + $vbulletin->forumcache["$getthing[forumid]"];
				}
			}
		}
	}

	$vbulletin->iforumcache = array();

	foreach ($vbulletin->forumcache AS $forumid => $forum)
	{
		if ((!$forum['displayorder'] OR !($forum['options'] & $vbulletin->bf_misc_forumoptions['active'])) AND !$getinvisibles)
		{
			continue;
		}
		$forum['parentid'] = intval($forum['parentid']);
		$vbulletin->iforumcache["$forum[parentid]"]["$forumid"] = $forumid;
	}
}
Exemple #23
0
        $permQuery = "\n\t\t\tSELECT postid AS itemid, post.visible AS post_visible, thread.visible AS thread_visible, thread.forumid, thread.threadid, thread.postuserid, post.userid,\n\t\t\tIF(postuserid = " . $vbulletin->userinfo['userid'] . ", 'self', 'other') AS starter\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread ON(thread.threadid = post.threadid)\n\t\t\tWHERE postid IN(" . implode(', ', $orderedids) . ")\n\t\t\tAND thread.open <> 10\n\t\t";
        $hook_query_fields = $hook_query_joins = '';
        ($hook = vBulletinHook::fetch_hook('search_results_query_posts')) ? eval($hook) : false;
        // query post data
        $dataQuery = "\n\t\t\tSELECT post.postid, post.title AS posttitle, post.dateline AS postdateline,\n\t\t\t\tpost.iconid AS posticonid, post.pagetext, post.visible, post.attach,\n\t\t\t\tIF(post.userid = 0, post.username, user.username) AS username,\n\t\t\t\tthread.threadid, thread.title AS threadtitle, thread.iconid AS threadiconid, thread.replycount,\n\t\t\t\tIF(thread.views=0, thread.replycount+1, thread.views) as views, thread.firstpostid, thread.prefixid, thread.taglist,\n\t\t\t\tthread.pollid, thread.sticky, thread.open, thread.lastpost, thread.forumid, thread.visible AS thread_visible,\n\t\t\t\tuser.userid\n\t\t\t\t" . (can_moderate() ? ",pdeletionlog.userid AS pdel_userid, pdeletionlog.username AS pdel_username, pdeletionlog.reason AS pdel_reason" : "") . "\n\t\t\t\t" . (can_moderate() ? ",tdeletionlog.userid AS tdel_userid, tdeletionlog.username AS tdel_username, tdeletionlog.reason AS tdel_reason" : "") . "\n\t\t\t\t" . iif($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid'], ', threadread.readtime AS threadread') . "\n\t\t\t\t{$hook_query_fields}\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread ON(thread.threadid = post.threadid)\n\n\t\t\t" . (can_moderate() ? "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS tdeletionlog ON(thread.threadid = tdeletionlog.primaryid AND tdeletionlog.type = 'thread')\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "deletionlog AS pdeletionlog ON(post.postid = pdeletionlog.primaryid AND pdeletionlog.type = 'post')" : "") . "\n\n\t\t\t" . iif($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid'], " LEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")") . "\n\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t\t\t{$hook_query_joins}\n\t\t\tWHERE post.postid IN";
    } else {
        // query threads
        $permQuery = "\n\t\t\tSELECT threadid AS itemid, forumid, visible AS thread_visible, postuserid,\n\t\t\tIF(postuserid = " . $vbulletin->userinfo['userid'] . ", 'self', 'other') AS starter\n\t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t\tWHERE threadid IN(" . implode(', ', $orderedids) . ")\n\t\t\tAND thread.open <> 10\n\t\t";
        if ($vbulletin->options['threadpreview'] > 0) {
            $previewfield = "post.pagetext AS preview,";
            $previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.firstpostid)";
        } else {
            $previewfield = "";
            $previewjoin = "";
        }
        if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) {
            $tachyjoin = "\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON\n\t\t\t\t\t(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ")\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "tachythreadcounter AS tachythreadcounter ON\n\t\t\t\t\t(tachythreadcounter.threadid = thread.threadid AND tachythreadcounter.userid = " . $vbulletin->userinfo['userid'] . ")\n\t\t\t";
            $tachycolumns = '
				IF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount) AS replycount,
				IF(views<=IF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount), IF(tachythreadcounter.userid IS NULL, thread.replycount, thread.replycount + tachythreadcounter.replycount)+1, views) AS views,
				IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost,
				IF(tachythreadpost.userid IS NULL, thread.lastposter, tachythreadpost.lastposter) AS lastposter,
				IF(tachythreadpost.userid IS NULL, thread.lastpostid, tachythreadpost.lastpostid) AS lastpostid
			';
        } else {
            $tachyjoin = '';
            $tachycolumns = '
				replycount, IF(views<=replycount, replycount+1, views) AS views,
				thread.lastpost, thread.lastposter, thread.lastpostid
			';
        }
Exemple #24
0
}

$posts = $db->query_read_slave("
	SELECT post.*,post.username AS postusername,user.username
	FROM " . TABLE_PREFIX . "post AS post
	LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)
	WHERE post.threadid=$threadid AND post.visible=1
	ORDER BY dateline $postorder
	LIMIT $startat, " . $vbulletin->GPC['perpage'] . "
");

$postbits = '';
while ($post = $db->fetch_array($posts))
{
	// hide users in Coventry from non-staff members
	if ($tachyuser = in_coventry($post['userid']) AND !can_moderate($threadinfo['forumid']))
	{
		continue;
	}

	if ($tachyuser)
	{
		$show['adminignore'] = true;
		$bit_template = 'printthreadbit_ignore';
	}
	else if ($ignore["$post[userid]"])
	{
		$show['adminignore'] = false;
		$bit_template = 'printthreadbit_ignore';
	}
	else
Exemple #25
0
function goto_nextthread($threadid, $throwerror = true)
{
    global $vbulletin;
    $thread = verify_id('thread', $threadid, $throwerror, 1);
    $forumperms = fetch_permissions($thread['forumid']);
    // remove threads from users on the global ignore list if user is not a moderator
    if ($coventry = fetch_coventry('string') and !can_moderate($thread['forumid'])) {
        $globalignore = "AND postuserid NOT IN ({$coventry})";
    } else {
        $globalignore = '';
    }
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
        $limitothers = "AND postuserid = " . $vbulletin->userinfo['userid'] . " AND " . $vbulletin->userinfo['userid'] . " <> 0";
    } else {
        $limitothers = '';
    }
    if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) {
        $lastpost_info = ",IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost";
        $tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ')';
        $lastpost_having = "HAVING lastpost > {$thread['lastpost']}";
    } else {
        $lastpost_info = "";
        $tachyjoin = "";
        $lastpost_having = "AND lastpost > {$thread['lastpost']}";
    }
    if ($getnextnewest = $vbulletin->db->query_first_slave("\n\t\tSELECT thread.threadid, thread.title\n\t\t\t{$lastpost_info}\n\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t{$tachyjoin}\n\t\tWHERE forumid = {$thread['forumid']}\n\t\t\tAND visible = 1\n\t\t\tAND open <> 10\n\t\t\t{$globalignore}\n\t\t\t{$limitothers}\n\t\t{$lastpost_having}\n\t\tORDER BY lastpost\n\t\tLIMIT 1\n\t")) {
        $threadid = $getnextnewest['threadid'];
        unset($thread);
    } else {
        if ($throwerror) {
            eval(standard_error(fetch_error('nonextnewest')));
        }
    }
    return $getnextnewest;
}
Exemple #26
0
 /**
  * Accepts a list of recipients names to create the touserarray field
  *
  * @param	string	Single user name, or semi-colon separated list of user names
  * @param	array	$permissions array for sending user.
  *
  * @return	boolean
  */
 function set_recipients($recipientlist, &$permissions, $type = 'bcc')
 {
     $names = array();
     // names in the recipient list
     $users = array();
     // users from the recipient list found in the user table
     $notfound = array();
     // names from the recipient list NOT found in the user table
     $recipients = array();
     // users to whom the message WILL be sent
     $errors = array();
     $recipientlist = trim($recipientlist);
     $this->info['permissions'] =& $permissions;
     if (!empty($this->info['is_automated'])) {
         $this->overridequota = true;
     }
     // pmboxfull needs $fromusername defined
     if (($fromusername = $this->fetch_field('fromusername')) === null) {
         trigger_error('Set fromusername before calling set_recipients()', E_USER_ERROR);
     }
     if (($fromuserid = $this->fetch_field('fromuserid')) === null) {
         trigger_error('Set fromuserid before calling set_recipients()', E_USER_ERROR);
     }
     $fromuser = fetch_userinfo($fromuserid);
     // check for valid recipient string
     if ($recipientlist == '') {
         return false;
     }
     // split multiple recipients into an array
     if (preg_match('/(?<!&#[0-9]{3}|&#[0-9]{4}|&#[0-9]{5});/', $recipientlist)) {
         $recipientlist = preg_split('/(?<!&#[0-9]{3}|&#[0-9]{4}|&#[0-9]{5});/', $recipientlist, -1, PREG_SPLIT_NO_EMPTY);
         foreach ($recipientlist as $recipient) {
             $recipient = trim($recipient);
             if ($recipient != '') {
                 $names[] = htmlspecialchars_uni($recipient);
             }
         }
     } else {
         $names[] = htmlspecialchars_uni($recipientlist);
     }
     // check for max allowed recipients
     if ($permissions['pmsendmax'] > 0) {
         $this->info['numusers'] += sizeof($names);
     }
     // query recipients
     $checkusers = $this->dbobject->query_read_slave("\n\t\t\tSELECT usertextfield.*, user.*\n\t\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t\t\tWHERE username IN('" . implode('\', \'', array_map(array($this->dbobject, 'escape_string'), $names)) . "')\n\t\t\tORDER BY user.username\n\t\t");
     // build array of checked users
     while ($checkuser = $this->dbobject->fetch_array($checkusers)) {
         $lowname = vbstrtolower($checkuser['username']);
         $checkuserperms = fetch_permissions(0, $checkuser['userid'], $checkuser);
         if ($checkuserperms['pmquota'] < 1 and !$this->overridequota) {
             if ($checkuser['options'] & $this->registry->bf_misc_useroptions['receivepm']) {
                 // This will cause the 'can't receive pms' error below to be triggered
                 $checkuser['options'] -= $this->registry->bf_misc_useroptions['receivepm'];
             }
         }
         $users["{$lowname}"] = $checkuser;
     }
     // check to see if any recipients were not found
     foreach ($names as $name) {
         $lowname = vbstrtolower($name);
         if (!isset($users["{$lowname}"])) {
             $notfound[] = $name;
         }
     }
     if (!empty($notfound)) {
         $this->error('pmrecipientsnotfound', implode("</li>\r\n<li>", $notfound));
         return false;
     }
     // run through recipients to check if we can insert the message
     foreach ($users as $lowname => $user) {
         if (!($user['options'] & $this->registry->bf_misc_useroptions['receivepm']) and !$this->overridequota) {
             // recipient has private messaging disabled
             $this->error('pmrecipturnedoff', $user['username']);
             return false;
         } else {
             if ($user['options'] & $this->registry->bf_misc_useroptions['receivepmbuddies'] and strpos(" {$user['buddylist']} ", " {$fromuser['userid']} ") === false and !can_moderate() and !$this->overridequota) {
                 // recipient receives PMs only from buddies and sender is not on the list and not board staff
                 $this->error('pmrecipturnedoff', $user['username']);
                 return false;
             } else {
                 // don't allow a tachy user to sends pms to anyone other than himself
                 if (in_coventry($fromuser['userid'], true) and $user['userid'] != $fromuser['userid']) {
                     $this->info['tostring']["{$type}"]["{$user['userid']}"] = $user['username'];
                     continue;
                 } else {
                     if (strpos(" {$user['ignorelist']} ", ' ' . $fromuser['userid'] . ' ') !== false and !$this->overridequota) {
                         // recipient is ignoring sender
                         if ($permissions['adminpermissions'] & $this->registry->bf_ugp_adminpermissions['cancontrolpanel']) {
                             $recipients["{$lowname}"] = true;
                             $this->info['tostring']["{$type}"]["{$user['userid']}"] = $user['username'];
                         } else {
                             // bbuser is being ignored by recipient - do not send, but do not error
                             $this->info['tostring']["{$type}"]["{$user['userid']}"] = $user['username'];
                             continue;
                         }
                     } else {
                         cache_permissions($user, false);
                         if ($user['permissions'] < 1) {
                             // recipient has no pm permission
                             $this->error('pmusernotallowed', $user['username']);
                         } else {
                             if ($user['pmtotal'] >= $user['permissions']['pmquota'] and !$this->overridequota) {
                                 // recipient is over their pm quota, is the sender allowed to ignore it?
                                 if ($permissions['pmpermissions'] & $this->registry->bf_ugp_pmpermissions['canignorequota']) {
                                     $recipients["{$lowname}"] = true;
                                     $this->info['tostring']["{$type}"]["{$user['userid']}"] = $user['username'];
                                 } else {
                                     if ($user['usergroupid'] != 3 and $user['usergroupid'] != 4) {
                                         $touserinfo =& $user;
                                         eval(fetch_email_phrases('pmboxfull', $touserinfo['languageid'], '', 'email'));
                                         vbmail($touserinfo['email'], $emailsubject, $emailmessage, true);
                                         $this->error('pmquotaexceeded', $user['username']);
                                     } else {
                                         $this->error('pmquotaexceeded', $user['username']);
                                     }
                                 }
                             } else {
                                 if (!($user['options'] & $this->registry->bf_misc_useroptions['pmboxwarning']) and $user['permissions']['pmquota'] and ($user['pmtotal'] + 1) / $user['permissions']['pmquota'] >= 0.9) {
                                     // Send email about box being almost full
                                     $this->info['pmwarning']["{$user['userid']}"] = true;
                                 }
                                 // okay, send the message!
                                 $recipients["{$lowname}"] = true;
                                 $this->info['tostring']["{$type}"]["{$user['userid']}"] = $user['username'];
                             }
                         }
                     }
                 }
             }
         }
     }
     if (empty($this->errors)) {
         foreach ($recipients as $lowname => $bool) {
             $user =& $users["{$lowname}"];
             $this->info['recipients']["{$user['userid']}"] = $user;
         }
         return true;
     } else {
         return false;
     }
 }
Exemple #27
0
function do_get_subscriptions()
{
    global $vbulletin, $db, $show, $vbphrase, $permissions, $subscribecounters;
    $vbulletin->options['threadpreview'] = FR_PREVIEW_LEN;
    if (!$vbulletin->userinfo['userid']) {
        json_error(ERR_NO_PERMISSION);
    }
    if (!$vbulletin->userinfo['userid'] and $_REQUEST['do'] != 'removesubscription' or $vbulletin->userinfo['userid'] and !($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or $vbulletin->userinfo['usergroupid'] == 4 or !($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'])) {
        json_error(ERR_NO_PERMISSION);
    }
    $thread_data = array();
    $unread_subs = 0;
    // vbulletin expects folderid, but we will just get them all
    $vbulletin->input->clean_array_gpc('r', array('folderid' => TYPE_NOHTML, 'perpage' => TYPE_UINT, 'pagenumber' => TYPE_UINT, 'sortfield' => TYPE_NOHTML, 'sortorder' => TYPE_NOHTML, 'previewtype' => TYPE_INT));
    $previewtype = $vbulletin->GPC['previewtype'];
    if (!$previewtype) {
        $previewtype = 1;
    }
    $vbulletin->GPC['folderid'] = 'all';
    // Values that are reused in templates
    $sortfield =& $vbulletin->GPC['sortfield'];
    $perpage =& $vbulletin->GPC['perpage'];
    $pagenumber =& $vbulletin->GPC['pagenumber'];
    $folderid =& $vbulletin->GPC['folderid'];
    if ($folderid == 'all') {
        $getallfolders = true;
        $show['allfolders'] = true;
    } else {
        $folderid = intval($folderid);
    }
    $folderselect["{$folderid}"] = 'selected="selected"';
    // Build folder jump
    require_once DIR . '/includes/functions_misc.php';
    $folders = construct_folder_jump(1, $folderid, false, '', true);
    $templater = vB_Template::create('subscribe_folder_jump');
    $templater->register('folders', $folders);
    $folderjump = $templater->render();
    // look at sorting options:
    if ($vbulletin->GPC['sortorder'] != 'asc') {
        $vbulletin->GPC['sortorder'] = 'desc';
        $sqlsortorder = 'DESC';
        $order = array('desc' => 'selected="selected"');
    } else {
        $sqlsortorder = '';
        $order = array('asc' => 'selected="selected"');
    }
    switch ($sortfield) {
        case 'title':
        case 'lastpost':
        case 'replycount':
        case 'views':
        case 'postusername':
            $sqlsortfield = 'thread.' . $sortfield;
            break;
        default:
            $handled = false;
            if (!$handled) {
                $sqlsortfield = 'thread.lastpost';
                $sortfield = 'lastpost';
            }
    }
    $sort = array($sortfield => 'selected="selected"');
    if ($getallfolders) {
        $totalallthreads = array_sum($subscribecounters);
    } else {
        $totalallthreads = $subscribecounters["{$folderid}"];
    }
    // set defaults
    sanitize_pageresults($totalallthreads, $pagenumber, $perpage, 200, $vbulletin->options['maxthreads']);
    // display threads
    $limitlower = ($pagenumber - 1) * $perpage + 1;
    $limitupper = $pagenumber * $perpage;
    if ($limitupper > $totalallthreads) {
        $limitupper = $totalallthreads;
        if ($limitlower > $totalallthreads) {
            $limitlower = $totalallthreads - $perpage;
        }
    }
    if ($limitlower <= 0) {
        $limitlower = 1;
    }
    $hook_query_fields = $hook_query_joins = $hook_query_where = '';
    $getthreads = $db->query_read_slave("\n\t\tSELECT thread.threadid, emailupdate, subscribethreadid, thread.forumid, thread.postuserid\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "subscribethread AS subscribethread\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON(thread.threadid = subscribethread.threadid)\n\t\t{$hook_query_joins}\n\t\tWHERE subscribethread.userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\tAND thread.visible = 1\n\t\t\tAND canview = 1\n\t\t" . iif(!$getallfolders, "\tAND folderid = {$folderid}") . "\n\t\t\t{$hook_query_where}\n\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\tLIMIT " . ($limitlower - 1) . ", {$perpage}\n\t");
    if ($totalthreads = $db->num_rows($getthreads)) {
        $forumids = array();
        $threadids = array();
        $emailupdate = array();
        $killthreads = array();
        while ($getthread = $db->fetch_array($getthreads)) {
            $forumperms = fetch_permissions($getthread['forumid']);
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or $getthread['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
                $killthreads["{$getthread['subscribethreadid']}"] = $getthread['subscribethreadid'];
                $totalallthreads--;
                continue;
            }
            $forumids["{$getthread['forumid']}"] = true;
            $threadids[] = $getthread['threadid'];
            $emailupdate["{$getthread['threadid']}"] = $getthread['emailupdate'];
            $subscribethread["{$getthread['threadid']}"] = $getthread['subscribethreadid'];
        }
        $threadids = implode(',', $threadids);
    }
    unset($getthread);
    $db->free_result($getthreads);
    if (!empty($killthreads)) {
        // Update thread subscriptions
        $vbulletin->db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "subscribethread\n\t\t\tSET canview = 0\n\t\t\tWHERE subscribethreadid IN (" . implode(', ', $killthreads) . ")\n\t\t");
    }
    if (!empty($threadids)) {
        cache_ordered_forums(1);
        $colspan = 5;
        $show['threadicons'] = false;
        // get last read info for each thread
        $lastread = array();
        foreach (array_keys($forumids) as $forumid) {
            if ($vbulletin->options['threadmarking']) {
                $lastread["{$forumid}"] = max($vbulletin->forumcache["{$forumid}"]['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
            } else {
                $lastread["{$forumid}"] = max(intval(fetch_bbarray_cookie('forum_view', $forumid)), $vbulletin->userinfo['lastvisit']);
            }
            if ($vbulletin->forumcache["{$forumid}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons']) {
                $show['threadicons'] = true;
                $colspan = 6;
            }
        }
        if ($previewtype == 1) {
            $previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,";
            $previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.firstpostid)";
        } else {
            $previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,";
            $previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.lastpostid)";
        }
        $hasthreads = true;
        $threadbits = '';
        $pagenav = '';
        $counter = 0;
        $toread = 0;
        $vbulletin->options['showvotes'] = intval($vbulletin->options['showvotes']);
        if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) {
            $lastpost_info = "IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost, " . "IF(tachythreadpost.userid IS NULL, thread.lastposter, tachythreadpost.lastposter) AS lastposter, " . "IF(tachythreadpost.userid IS NULL, thread.lastposterid, tachythreadpost.lastposterid) AS lastposterid, " . "IF(tachythreadpost.userid IS NULL, thread.lastpostid, tachythreadpost.lastpostid) AS lastpostid";
            $tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ')';
        } else {
            $lastpost_info = 'thread.lastpost, thread.lastposter, thread.lastposterid, thread.lastpostid';
            $tachyjoin = '';
        }
        $hook_query_fields = $hook_query_joins = $hook_query_where = '';
        $threads = $db->query_read_slave("\n\t\t\tSELECT\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . ", thread.votenum, 0) AS votenum,\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . " AND thread.votenum > 0, thread.votetotal / thread.votenum, 0) AS voteavg,\n\t\t\t\tthread.votetotal,\n\t\t\t\t{$previewfield} thread.threadid, thread.title AS threadtitle, thread.forumid, thread.pollid,\n\t\t\t\tthread.open, thread.replycount, thread.postusername, thread.prefixid,\n\t\t\t\t{$lastpost_info}, thread.postuserid, thread.dateline, thread.views, thread.iconid AS threadiconid,\n\t\t\t\tthread.notes, thread.visible, thread.attach, thread.taglist\n\t\t\t\t" . ($vbulletin->options['threadmarking'] ? ", threadread.readtime AS threadread" : '') . "\n\t\t\t\t{$hook_query_fields}\n\t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t\t{$previewjoin}\n\t\t\t" . ($vbulletin->options['threadmarking'] ? " LEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")" : '') . "\n\t\t\t{$tachyjoin}\n\t\t\t{$hook_query_joins}\n\t\t\tWHERE thread.threadid IN ({$threadids})\n\t\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\t");
        unset($sqlsortfield, $sqlsortorder);
        require_once DIR . '/includes/functions_forumdisplay.php';
        // Get Dot Threads
        $dotthreads = fetch_dot_threads_array($threadids);
        if ($vbulletin->options['showdots'] and $vbulletin->userinfo['userid']) {
            $show['dotthreads'] = true;
        } else {
            $show['dotthreads'] = false;
        }
        if ($vbulletin->options['threadpreview'] and $vbulletin->userinfo['ignorelist']) {
            // Get Buddy List
            $buddy = array();
            if (trim($vbulletin->userinfo['buddylist'])) {
                $buddylist = preg_split('/( )+/', trim($vbulletin->userinfo['buddylist']), -1, PREG_SPLIT_NO_EMPTY);
                foreach ($buddylist as $buddyuserid) {
                    $buddy["{$buddyuserid}"] = 1;
                }
            }
            DEVDEBUG('buddies: ' . implode(', ', array_keys($buddy)));
            // Get Ignore Users
            $ignore = array();
            if (trim($vbulletin->userinfo['ignorelist'])) {
                $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
                foreach ($ignorelist as $ignoreuserid) {
                    if (!$buddy["{$ignoreuserid}"]) {
                        $ignore["{$ignoreuserid}"] = 1;
                    }
                }
            }
            DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore)));
        }
        $foruminfo['allowratings'] = true;
        $show['notificationtype'] = true;
        $show['threadratings'] = true;
        $show['threadrating'] = true;
        while ($thread = $db->fetch_array($threads)) {
            $threadid = $thread['threadid'];
            // build thread data
            $thread = process_thread_array($thread, $lastread["{$thread['forumid']}"]);
            switch ($emailupdate["{$thread['threadid']}"]) {
                case 0:
                    $thread['notification'] = $vbphrase['none'];
                    break;
                case 1:
                    $thread['notification'] = $vbphrase['instant'];
                    break;
                case 2:
                    $thread['notification'] = $vbphrase['daily'];
                    break;
                case 3:
                    $thread['notification'] = $vbphrase['weekly'];
                    break;
                default:
                    $thread['notification'] = $vbphrase['n_a'];
            }
            $avatarurl = '';
            if ($thread['lastpost_userid'] > 0) {
                $userinfoavatar = fetch_userinfo($thread['lastpost_userid'], FETCH_USERINFO_AVATAR);
                fetch_avatar_from_userinfo($userinfoavatar, true, false);
                if ($userinfoavatar['avatarurl'] != '') {
                    $avatarurl = process_avatarurl($userinfoavatar['avatarurl']);
                }
                unset($userinfoavatar);
            }
            $tmp = array('thread_id' => $thread['threadid'], 'new_posts' => $show['gotonewpost'] ? true : false, 'forum_id' => $thread['forumid'], 'total_posts' => $thread['totalposts'] ? $thread['totalposts'] : 0, 'forum_title' => prepare_utf8_string($thread['forumtitle']), 'thread_title' => prepare_utf8_string($thread['threadtitle']), 'thread_preview' => prepare_utf8_string(preview_chop(html_entity_decode($thread['preview']), FR_PREVIEW_LEN)), 'post_userid' => $thread['lastpost_userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($thread['lastpostdate']) . ' ' . $thread['lastposttime']), 'post_username' => prepare_utf8_string(strip_tags($thread['lastpost_username'])));
            if ($avatarurl != '') {
                $tmp['avatarurl'] = $avatarurl;
            }
            if ($thread['attach']) {
                $tmp['attach'] = true;
            }
            if ($thread['pollid']) {
                $tmp['poll'] = true;
            }
            $thread_data[] = $tmp;
        }
        $db->free_result($threads);
        unset($threadids);
    } else {
        $totalallthreads = 0;
    }
    $out = array('threads' => $thread_data, 'total_threads' => $totalallthreads);
    return $out;
}
Exemple #28
0
$show['avatarlink'] = $vbulletin->options['avatarenabled'];
$show['profilepiclink'] = ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canprofilepic'] and $vbulletin->options['profilepicenabled']);
$show['wollink'] = $vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonline'];
$show['spacer'] = true;
// used in postbit template
if (THIS_SCRIPT == 'register') {
    // see 3.6 bug 876 -- causes double redirect and error when activating
    $show['dst_correction'] = false;
} else {
    $show['dst_correction'] = (($vbulletin->session->vars['loggedin'] == 1 or $vbulletin->session->created or THIS_SCRIPT == 'usercp') and $vbulletin->userinfo['dstauto'] == 1 and $vbulletin->userinfo['userid']);
}
$show['contactus'] = ($vbulletin->options['contactuslink'] and (!$vbulletin->userinfo['userid'] and $vbulletin->options['contactustype'] or $vbulletin->userinfo['userid']));
$show['forumdesc'] = ($vbulletin->options['nav_forumdesc'] and trim($foruminfo['description']) != '' and in_array(THIS_SCRIPT, array('newthread', 'newreply', 'forumdisplay', 'showthread', 'announcement', 'editpost', 'poll', 'report', 'sendmessage', 'threadrate')));
$show['foruminfo'] = (THIS_SCRIPT == 'forumdisplay' and $vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) ? true : false;
if (THIS_SCRIPT == 'showthread' and $threadinfo['threadid']) {
    if (!($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) or (!$threadinfo['visible'] and !can_moderate($foruminfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($foruminfo['forumid'])) or in_coventry($threadinfo['postuserid']) and !can_moderate($foruminfo['forumid']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
        $show['threadinfo'] = false;
    } else {
        $show['threadinfo'] = true;
    }
} else {
    $show['threadinfo'] = false;
}
// you may define this if you don't want the password in the login box to be zapped onsubmit; good for integration
$show['nopasswordempty'] = defined('DISABLE_PASSWORD_CLEARING') ? 1 : 0;
// this nees to be an int for the templates
$ad_location = array();
// parse some global templates
eval('$gobutton = "' . fetch_template('gobutton') . '";');
eval('$spacer_open = "' . fetch_template('spacer_open') . '";');
eval('$spacer_close = "' . fetch_template('spacer_close') . '";');
 function post_save_each($doquery = true)
 {
     $postid = intval($this->fetch_field('postid'));
     if (!$this->condition and $this->fetch_field('dateline') == TIMENOW) {
         $this->insert_dupehash($this->fetch_field('threadid'));
     }
     $this->post_save_each_post($doquery);
     if ($this->info['thread'] and ($attach = intval($this->info['newattach']) or !$this->condition)) {
         $thread =& datamanager_init('Thread', $this->registry, ERRTYPE_SILENT, 'threadpost');
         $thread->set_existing($this->info['thread']);
         if ($attach) {
             $thread->set('attach', "attach + {$attach}", false);
         }
     }
     if (!$this->condition) {
         if ($this->fetch_field('dateline') == TIMENOW) {
             $this->insert_postlog_data();
         }
         if ($this->fetch_field('visible') == 1 and $this->info['thread']) {
             if (in_coventry($this->fetch_field('userid'), true)) {
                 $thread->set_info('coventry', array('in_coventry' => 1, 'userid' => $this->fetch_field('userid')));
             }
             if ($this->fetch_field('dateline') == TIMENOW) {
                 $thread->set('lastpost', TIMENOW);
                 $thread->set('lastposter', $this->fetch_field('username'));
                 $thread->set('lastpostid', $postid);
             }
             // update last post info for this thread
             if ($this->info['thread']['replycount'] % 10 == 0) {
                 $replies = $this->registry->db->query_first("\n\t\t\t\t\t\tSELECT COUNT(*)-1 AS replies\n\t\t\t\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\t\t\t\tWHERE threadid = " . intval($this->info['thread']['threadid']) . " AND\n\t\t\t\t\t\t\tpost.visible = 1\n\t\t\t\t\t");
                 $thread->set('replycount', $replies['replies']);
             } else {
                 $thread->set('replycount', 'replycount + 1', false);
             }
         } else {
             if ($this->fetch_field('visible') == 0 and $this->info['thread']) {
                 $thread->set('hiddencount', 'hiddencount + 1', false);
             }
         }
         /*if ($this->fetch_field('visible') == 1 AND !in_coventry($this->registry->userinfo['userid'], true))
         		{
         			// Send out subscription emails
         			exec_send_notification($this->fetch_field('threadid'), $this->registry->userinfo['userid'], $this->fetch_field('postid'));
         		}*/
     }
     if (is_object($thread)) {
         $thread->save();
     }
     if ($this->post['visible'] === 0) {
         $threadid = intval($this->fetch_field('threadid'));
         $postid = intval($this->fetch_field('postid'));
         /*insert query*/
         $this->dbobject->query_write("INSERT IGNORE INTO " . TABLE_PREFIX . "moderation (primaryid, type, dateline) VALUES ({$postid}, 'reply', " . TIMENOW . ")");
     }
     if ($this->info['forum']['podcast'] and $this->info['thread']['firstpostid'] == $postid) {
         $this->dbobject->query_write("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "podcastitem\n\t\t\t\t\t(postid, url, length, explicit, author, keywords, subtitle)\n\t\t\t\tVALUES\n\t\t\t\t\t(\n\t\t\t\t\t\t{$postid},\n\t\t\t\t\t\t'" . $this->dbobject->escape_string($this->info['podcasturl']) . "',\n\t\t\t\t\t\t" . intval($this->info['podcastsize']) . ",\n\t\t\t\t\t\t" . intval($this->info['podcastexplicit']) . ",\n\t\t\t\t\t\t'" . $this->dbobject->escape_string($this->info['podcastauthor']) . "',\n\t\t\t\t\t\t'" . $this->dbobject->escape_string($this->info['podcastkeywords']) . "',\n\t\t\t\t\t\t'" . $this->dbobject->escape_string($this->info['podcastsubtitle']) . "'\n\t\t\t\t\t)\n\t\t\t");
         // reset rss cache for this forum
         $this->dbobject->query_write("\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "externalcache\n\t\t\t\tWHERE forumid = " . intval($this->info['forum']['forumid']) . "\n\t\t\t");
     }
     if (!$this->condition) {
         $this->email_moderators('newpostemail');
     }
     ($hook = vBulletinHook::fetch_hook('postdata_postsave')) ? eval($hook) : false;
 }
Exemple #30
0
if (!$vbulletin->options['threadtagging']) {
    print_no_permission();
}
// *********************************************************************************
// check for visible / deleted thread
if (!$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'])) {
    eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])));
}
// *********************************************************************************
// jump page if thread is actually a redirect
if ($threadinfo['open'] == 10) {
    exec_header_redirect('showthread.php?' . $vbulletin->session->vars['sessionurl_js'] . "t={$threadinfo['pollid']}");
}
// *********************************************************************************
// Tachy goes to coventry
if (in_coventry($threadinfo['postuserid']) and !can_moderate($threadinfo['forumid'])) {
    eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])));
}
// *********************************************************************************
// get forum info
$foruminfo = fetch_foruminfo($threadinfo['forumid']);
// *********************************************************************************
// check forum permissions
$forumperms = fetch_permissions($threadinfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
    print_no_permission();
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
    print_no_permission();
}
// *********************************************************************************