function get_thread_by_unread_func($xmlrpc_params) { global $db, $mybb; $input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::STRING, 'posts_per_request' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params); if (preg_match('/^ann_/', $input['topic_id'])) { $_GET["aid"] = intval(str_replace('ann_', '', $input['topic_id'])); return get_announcement_func($xmlrpc_params); } $thread = get_thread($input['topic_id']); if (!empty($thread['closed'])) { $moved = explode("|", $thread['closed']); if ($moved[0] == "moved") { $thread = get_thread($moved[1]); } } if (is_moderator($thread['fid'])) { $visible = "AND (p.visible='0' OR p.visible='1')"; } else { $visible = "AND p.visible='1'"; } $cutoff = 0; if ($mybb->settings['threadreadcut'] > 0) { $cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24; } $query = $db->query("select min(p.pid) as pid from " . TABLE_PREFIX . "posts p\n LEFT JOIN " . TABLE_PREFIX . "threadsread tr on p.tid = tr.tid and tr.uid = '{$mybb->user['uid']}'\n where p.tid='{$thread['tid']}' and p.uid != '{$mybb->user['uid']}' and (p.dateline > tr.dateline or tr.dateline is null) and p.dateline > {$cutoff} {$visible}\n "); $pid = $db->fetch_field($query, 'pid'); if (!$pid) { $query = $db->query("select p.pid from " . TABLE_PREFIX . "posts p\n where p.tid='{$thread['tid']}' {$visible}\n order by p.dateline desc\n limit 1"); $pid = $db->fetch_field($query, 'pid'); } return get_thread_by_post_func(new xmlrpcval(array(new xmlrpcval($pid, "string"), new xmlrpcval($input['posts_per_request'], 'int'), new xmlrpcval(!!$input['return_html'], 'boolean')), 'array')); }
function is_moderator_or_die() { if (!is_moderator($_SESSION['username'])) { die("Must be a moderator to access this part of the website"); } return true; }
/** This is where you perform the action when the API is called, the parameter given is an instance of stdClass, this method should return an instance of stdClass. */ public function action() { global $mybb, $db; if ($this->is_authenticated()) { return $this->get_user(); } elseif (isset($mybb->input["sessionid"]) && is_string($mybb->input["sessionid"])) { $sid = $db->escape_string($mybb->input["sessionid"]); $query = $db->query("SELECT s.uid FROM " . TABLE_PREFIX . "sessions s WHERE s.sid = '{$sid}'"); $result = $db->fetch_array($query); if (empty($result)) { throw new UnauthorizedException("Not connected."); } else { $uid = $result['uid']; // no need to escape this, it's just been retrieved from db $query = $db->query("\n\t\t\t\t\tSELECT u.*, f.*\n\t\t\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\t\t\t\tWHERE u.uid='{$uid}'\n\t\t\t\t\tLIMIT 1\n\t\t\t\t"); $user = (object) $db->fetch_array($query); if (empty($user)) { throw new UnauthorizedException("Not connected"); } $user->ismoderator = is_moderator("", "", $uid); return $user; } } else { throw new UnauthorizedException("Not connected."); } }
function fetch_forum_announcements($pid = 0, $depth = 1) { global $mybb, $db, $lang, $announcements, $templates, $announcements_forum, $moderated_forums; static $forums_by_parent, $forum_cache, $parent_forums; if (!is_array($forum_cache)) { $forum_cache = cache_forums(); } if (!is_array($parent_forums) && $mybb->user['issupermod'] != 1) { // Get a list of parentforums to show for normal moderators $parent_forums = array(); foreach ($moderated_forums as $mfid) { $parent_forums = array_merge($parent_forums, explode(',', $forum_cache[$mfid]['parentlist'])); } } if (!is_array($forums_by_parent)) { foreach ($forum_cache as $forum) { $forums_by_parent[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum; } } if (!is_array($forums_by_parent[$pid])) { return; } foreach ($forums_by_parent[$pid] as $children) { foreach ($children as $forum) { if ($forum['active'] == 0 || !is_moderator($forum['fid'])) { // Check if this forum is a parent of a moderated forum if (in_array($forum['fid'], $parent_forums)) { // A child is moderated, so print out this forum's title. RECURSE! $trow = alt_trow(); eval("\$announcements_forum .= \"" . $templates->get("modcp_announcements_forum_nomod") . "\";"); } else { // No subforum is moderated by this mod, so safely continue continue; } } else { // This forum is moderated by the user, so print out the forum's title, and its announcements $trow = alt_trow(); $padding = 40 * ($depth - 1); eval("\$announcements_forum .= \"" . $templates->get("modcp_announcements_forum") . "\";"); if ($announcements[$forum['fid']]) { foreach ($announcements[$forum['fid']] as $aid => $announcement) { $trow = alt_trow(); if ($announcement['enddate'] < TIME_NOW && $announcement['enddate'] != 0) { $icon = "<img src=\"images/minioff.gif\" alt=\"({$lang->expired})\" title=\"{$lang->expired_announcement}\" style=\"vertical-align: middle;\" /> "; } else { $icon = "<img src=\"images/minion.gif\" alt=\"({$lang->active})\" title=\"{$lang->active_announcement}\" style=\"vertical-align: middle;\" /> "; } $subject = htmlspecialchars_uni($announcement['subject']); eval("\$announcements_forum .= \"" . $templates->get("modcp_announcements_announcement") . "\";"); } } } // Build the list for any sub forums of this forum if ($forums_by_parent[$forum['fid']]) { fetch_forum_announcements($forum['fid'], $depth + 1); } } } }
function remove_attachment_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; chdir("../"); $lang->load("member"); $parser = new postParser(); $input = Tapatalk_Input::filterXmlInput(array('attachment_id' => Tapatalk_Input::INT, 'forum_id' => Tapatalk_Input::INT, 'group_id' => Tapatalk_Input::STRING, 'post_id' => Tapatalk_Input::INT), $xmlrpc_params); $fid = $input['forum_id']; $forum = get_forum($fid); if (!$forum) { return xmlrespfalse($lang->error_invalidforum); } $forumpermissions = forum_permissions($fid); if ($forum['open'] == 0 || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } tt_check_forum_password($forum['fid']); $posthash = $input['group_id']; $mybb->input['posthash'] = $posthash; // If we're removing an attachment that belongs to an existing post, some security checks... $query = $db->simple_select("attachments", "pid", "aid='{$input['attachment_id']}'"); $attachment = $db->fetch_array($query); $pid = $attachment['pid']; if ($pid > 0) { if ($pid != $input['post_id']) { return xmlrespfalse("The attachment you are trying to remove does not belong to this post"); } $query = $db->simple_select("posts", "*", "pid='{$pid}'"); $post = $db->fetch_array($query); if (!$post['pid']) { return xmlrespfalse($lang->error_invalidpost); } // Get thread info $tid = $post['tid']; $thread = get_thread($tid); if (!$thread['tid']) { return xmlrespfalse($lang->error_invalidthread); } if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } if ($forumpermissions['caneditposts'] == 0) { return tt_no_permission(); } if ($mybb->user['uid'] != $post['uid']) { return tt_no_permission(); } } } else { $pid = 0; } require_once MYBB_ROOT . "inc/functions_upload.php"; remove_attachment($pid, $mybb->input['posthash'], $input['attachment_id']); return xmlresptrue(); }
function get_inbox_stat_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $input = Tapatalk_Input::filterXmlInput(array('pm_last_checked_time' => Tapatalk_Input::STRING, 'subscribed_topic_last_checked_time' => Tapatalk_Input::STRING), $xmlrpc_params); // PMs $query = $db->simple_select("privatemessages", "COUNT(*) AS pms_unread", "uid='" . $mybb->user['uid'] . "' AND status = '0' AND folder = '1'"); $pmcount = $db->fetch_field($query, "pms_unread"); // Subscribed threads $visible = "AND t.visible != 0"; if (is_moderator() == true) { $visible = ''; } if ($mybb->settings['threadreadcut'] > 0) { $cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24; } $query = $db->query("\n\t\tSELECT COUNT(ts.tid) as threads\n\t\tFROM " . TABLE_PREFIX . "threadsubscriptions ts\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid = ts.tid)\n\t\tleft join " . TABLE_PREFIX . "threadsread tr on t.tid = tr.tid and tr.uid = '{$mybb->user['uid']}'\n\t\tWHERE ts.uid = '" . $mybb->user['uid'] . "' and (tr.dateline < t.lastpost or tr.dateline is null) and t.lastpost > {$cutoff} {$visible}\n\t"); $threadcount = $db->fetch_field($query, "threads"); $result = new xmlrpcval(array('inbox_unread_count' => new xmlrpcval($pmcount, 'int'), 'subscribed_topic_unread_count' => new xmlrpcval($threadcount, 'int')), 'struct'); return new xmlrpcresp($result); }
function get_thread_by_post_func($xmlrpc_params) { global $db, $mybb, $position; $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'posts_per_request' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params); $post = get_post($input['post_id']); if (!$input['posts_per_request']) { $input['posts_per_request'] = 20; } if (is_moderator($post['fid'])) { $visible = "AND (visible='0' OR visible='1')"; } else { $visible = "AND visible='1'"; } $query = $db->simple_select("posts", "COUNT(*) AS position", "pid < '{$input['post_id']}' and tid='{$post['tid']}' {$visible}"); $position = $db->fetch_field($query, 'position'); $page = floor($position / $input['posts_per_request']) + 1; $position = $position + 1; $response = get_thread_func(new xmlrpcval(array(new xmlrpcval($post['tid'], "string"), new xmlrpcval(($page - 1) * $input['posts_per_request'], 'int'), new xmlrpcval(($page - 1) * $input['posts_per_request'] + $input['posts_per_request'], 'int'), new xmlrpcval(!!$input['return_html'], 'boolean')), 'array')); return $response; }
function global_auth_check_user($type, $key, $global_u_access, $is_admin) { $auth_user = 0; if (!empty($global_u_access)) { $result = 0; switch ($type) { case AUTH_ACL: $result = $global_u_access[$key]; case AUTH_MOD: $result = $result || is_moderator($global_u_access['group_id']); case AUTH_ADMIN: $result = $result || $is_admin; break; } $auth_user = $auth_user || $result; } else { $auth_user = $is_admin; } return $auth_user; }
function lasteditlock() { global $db, $mybb, $forum; if ($mybb->input['action'] == "edit_post" || $mybb->input['action'] == "editpost") { $post = get_post(intval($mybb->input['pid'])); $msg = "Sorry you can't edit a post once a moderator has edited it."; if (!is_moderator($forum['fid'], "canviewips") && ($post['edituid'] != $mybb->user['uid'] && $post['edituid'] != 0)) { switch ($mybb->input['action']) { case edit_post: xmlhttp_error($msg); break; case editpost: error($msg); break; } if ($mybb->input['do'] == "update_post") { error($msg); } } } }
function theme_notes_end($p_page, $p_url) { global $g_primary_dark_color, $g_note_add_page, $g_admin_manage_notes, $g_admin_page, $s_add_note_link, $s_manage, $s_admin; $c_url = urlencode($p_page); $t_page_id = page_get_id($p_page); echo <<<EOT \t\t\t\t<tr bgcolor="{$g_primary_dark_color}"> \t\t\t\t\t<td align="right"> \t\t\t\t\t\t<a href="{$g_note_add_page}?f_page_id={$t_page_id}&f_url={$c_url}">{$s_add_note_link}</a> EOT; if (is_moderator()) { echo <<<EOT \t\t\t\t| <a href="{$g_admin_manage_notes}?f_page_id={$t_page_id}&f_url={$c_url}">{$s_manage}</a> \t\t\t\t| <a href="{$g_admin_page}">{$s_admin}</a> EOT; } echo <<<EOT \t\t\t\t\t</td> \t\t\t\t</tr> \t\t\t</table> \t\t</div> EOT; }
/** * Fetch the attachments for a specific post and parse inline [attachment=id] code. * Note: assumes you have $attachcache, an array of attachments set up. * * @param int The ID of the item. * @param array The post or item passed by reference. */ function get_post_attachments($id, &$post) { global $attachcache, $mybb, $theme, $templates, $forumpermissions, $lang; $validationcount = 0; $tcount = 0; if (isset($attachcache[$id]) && is_array($attachcache[$id])) { // This post has 1 or more attachments foreach ($attachcache[$id] as $aid => $attachment) { if ($attachment['visible']) { // There is an attachment thats visible! $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); $attachment['filesize'] = get_friendly_size($attachment['filesize']); $ext = get_extension($attachment['filename']); if ($ext == "jpeg" || $ext == "gif" || $ext == "bmp" || $ext == "png" || $ext == "jpg") { $isimage = true; } else { $isimage = false; } $attachment['icon'] = get_attachment_icon($ext); // Support for [attachment=id] code if (stripos($post['message'], "[attachment=" . $attachment['aid'] . "]") !== false) { // Show as thumbnail IF image is big && thumbnail exists && setting=='thumb' // Show as full size image IF setting=='fullsize' || (image is small && permissions allow) // Show as download for all other cases if ($attachment['thumbnail'] != "SMALL" && $attachment['thumbnail'] != "" && $mybb->settings['attachthumbnails'] == "yes") { eval("\$attbit = \"" . $templates->get("postbit_attachments_thumbnails_thumbnail") . "\";"); } elseif (($attachment['thumbnail'] == "SMALL" && $forumpermissions['candlattachments'] == 1 || $mybb->settings['attachthumbnails'] == "no") && $isimage) { eval("\$attbit = \"" . $templates->get("postbit_attachments_images_image") . "\";"); } else { eval("\$attbit = \"" . $templates->get("postbit_attachments_attachment") . "\";"); } $post['message'] = preg_replace("#\\[attachment=" . $attachment['aid'] . "]#si", $attbit, $post['message']); } else { // Show as thumbnail IF image is big && thumbnail exists && setting=='thumb' // Show as full size image IF setting=='fullsize' || (image is small && permissions allow) // Show as download for all other cases if ($attachment['thumbnail'] != "SMALL" && $attachment['thumbnail'] != "" && $mybb->settings['attachthumbnails'] == "yes") { eval("\$post['thumblist'] .= \"" . $templates->get("postbit_attachments_thumbnails_thumbnail") . "\";"); if ($tcount == 5) { $thumblist .= "<br />"; $tcount = 0; } ++$tcount; } elseif (($attachment['thumbnail'] == "SMALL" && $forumpermissions['candlattachments'] == 1 || $mybb->settings['attachthumbnails'] == "no") && $isimage) { eval("\$post['imagelist'] .= \"" . $templates->get("postbit_attachments_images_image") . "\";"); } else { eval("\$post['attachmentlist'] .= \"" . $templates->get("postbit_attachments_attachment") . "\";"); } } } else { $validationcount++; } } if ($validationcount > 0 && is_moderator($post['fid'])) { if ($validationcount == 1) { $postbit_unapproved_attachments = $lang->postbit_unapproved_attachment; } else { $postbit_unapproved_attachments = $lang->sprintf($lang->postbit_unapproved_attachments, $validationcount); } eval("\$post['attachmentlist'] .= \"" . $templates->get("postbit_attachments_attachment_unapproved") . "\";"); } if ($post['thumblist']) { eval("\$post['attachedthumbs'] = \"" . $templates->get("postbit_attachments_thumbnails") . "\";"); } if ($post['imagelist']) { eval("\$post['attachedimages'] = \"" . $templates->get("postbit_attachments_images") . "\";"); } if ($post['attachmentlist'] || $post['thumblist'] || $post['imagelist']) { eval("\$post['attachments'] = \"" . $templates->get("postbit_attachments") . "\";"); } } }
} $db->delete_query("threadratings", "uid='{$user['uid']}'"); // Update forum stats update_stats(array('numusers' => '-1')); // Update forums & threads if user is the lastposter $db->update_query("posts", array('uid' => 0), "uid='{$user['uid']}'"); $db->update_query("threads", array('uid' => 0), "uid='{$user['uid']}'"); $db->update_query("forums", array("lastposteruid" => 0), "lastposteruid = '{$user['uid']}'"); $db->update_query("threads", array("lastposteruid" => 0), "lastposteruid = '{$user['uid']}'"); // Did this user have an uploaded avatar? if ($user['avatartype'] == "upload") { // Removes the ./ at the beginning the timestamp on the end... @unlink("../" . substr($user['avatar'], 2, -20)); } // Was this user a moderator? if (is_moderator($user['uid'])) { $db->delete_query("moderators", "id='{$user['uid']}' AND isgroup = '0'"); $cache->update_moderators(); } $plugins->run_hooks("admin_user_users_delete_commit"); // Log admin action log_admin_action($user['uid'], $user['username']); flash_message($lang->success_user_deleted, 'success'); admin_redirect("index.php?module=user-users"); } else { $page->output_confirm_action("index.php?module=user-users&action=delete&uid={$user['uid']}", $lang->user_deletion_confirmation); } } if ($mybb->input['action'] == "referrers") { $plugins->run_hooks("admin_user_users_referrers"); $page->add_breadcrumb_item($lang->show_referrers);
} // Hide signature option if no permission $option_signature = ''; if ($mybb->usergroup['canusesig'] && !$mybb->user['suspendsignature']) { eval("\$option_signature = \"" . $templates->get('showthread_quickreply_options_signature') . "\";"); } if (isset($mybb->user['emailnotify']) && $mybb->user['emailnotify'] == 1) { $postoptionschecked['emailnotify'] = 'checked="checked"'; } $posthash = md5($mybb->user['uid'] . random_str()); eval("\$quickreply = \"" . $templates->get("showthread_quickreply") . "\";"); } // If the user is a moderator, show the moderation tools. if ($ismod) { $customthreadtools = $customposttools = ''; if (is_moderator($forum['fid'], "canusecustomtools") && (!empty($forum_stats[-1]['modtools']) || !empty($forum_stats[$forum['fid']]['modtools']))) { switch ($db->type) { case "pgsql": case "sqlite": $query = $db->simple_select("modtools", "tid, name, type", "','||forums||',' LIKE '%,{$fid},%' OR ','||forums||',' LIKE '%,-1,%' OR forums=''"); break; default: $query = $db->simple_select("modtools", "tid, name, type", "CONCAT(',',forums,',') LIKE '%,{$fid},%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums=''"); } while ($tool = $db->fetch_array($query)) { if ($tool['type'] == 'p') { eval("\$customposttools .= \"" . $templates->get("showthread_inlinemoderation_custom_tool") . "\";"); } else { eval("\$customthreadtools .= \"" . $templates->get("showthread_moderationoptions_custom_tool") . "\";"); } }
/** * Builds a friendly named Who's Online location from an "activity" and array of user data. Assumes fetch_wol_activity has already been called. * * @param array Array containing activity and essential IDs. * @return string Location name for the activity being performed. */ function build_friendly_wol_location($user_activity) { global $db, $lang, $uid_list, $aid_list, $pid_list, $tid_list, $fid_list, $ann_list, $eid_list, $plugins, $parser, $mybb; global $threads, $forums, $forums_linkto, $forum_cache, $posts, $announcements, $events, $usernames, $attachments; // Fetch forum permissions for this user $unviewableforums = get_unviewable_forums(); $inactiveforums = get_inactive_forums(); $fidnot = ''; $unviewablefids = $inactivefids = array(); if ($unviewableforums) { $fidnot = " AND fid NOT IN ({$unviewableforums})"; $unviewablefids = explode(',', $unviewableforums); } if ($inactiveforums) { $fidnot .= " AND fid NOT IN ({$inactiveforums})"; $inactivefids = explode(',', $inactiveforums); } // Fetch any users if (!is_array($usernames) && count($uid_list) > 0) { $uid_sql = implode(",", $uid_list); if ($uid_sql != $mybb->user['uid']) { $query = $db->simple_select("users", "uid,username", "uid IN ({$uid_sql})"); while ($user = $db->fetch_array($query)) { $usernames[$user['uid']] = $user['username']; } } else { $usernames[$mybb->user['uid']] = $mybb->user['username']; } } // Fetch any attachments if (!is_array($attachments) && count($aid_list) > 0) { $aid_sql = implode(",", $aid_list); $query = $db->simple_select("attachments", "aid,pid", "aid IN ({$aid_sql})"); while ($attachment = $db->fetch_array($query)) { $attachments[$attachment['aid']] = $attachment['pid']; $pid_list[] = $attachment['pid']; } } // Fetch any announcements if (!is_array($announcements) && count($ann_list) > 0) { $aid_sql = implode(",", $ann_list); $query = $db->simple_select("announcements", "aid,subject", "aid IN ({$aid_sql}) {$fidnot}"); while ($announcement = $db->fetch_array($query)) { $announcement_title = htmlspecialchars_uni($parser->parse_badwords($announcement['subject'])); $announcements[$announcement['aid']] = $announcement_title; } } // Fetch any posts if (!is_array($posts) && count($pid_list) > 0) { $pid_sql = implode(",", $pid_list); $query = $db->simple_select("posts", "pid,tid", "pid IN ({$pid_sql}) {$fidnot}"); while ($post = $db->fetch_array($query)) { $posts[$post['pid']] = $post['tid']; $tid_list[] = $post['tid']; } } // Fetch any threads if (!is_array($threads) && count($tid_list) > 0) { $perms = array(); $tid_sql = implode(",", $tid_list); $query = $db->simple_select('threads', 'uid, fid, tid, subject, visible, prefix', "tid IN({$tid_sql}) {$fidnot}"); $threadprefixes = build_prefixes(); while ($thread = $db->fetch_array($query)) { $thread['threadprefix'] = ''; if ($thread['prefix'] && !empty($threadprefixes[$thread['prefix']])) { $thread['threadprefix'] = $threadprefixes[$thread['prefix']]['displaystyle']; } if (empty($perms[$thread['fid']])) { $perms[$thread['fid']] = forum_permissions($thread['fid']); } if (isset($perms[$thread['fid']]['canonlyviewownthreads']) && $perms[$thread['fid']]['canonlyviewownthreads'] == 1 && $thread['uid'] != $mybb->user['uid'] && !is_moderator($thread['fid'])) { continue; } if (is_moderator($thread['fid']) || $thread['visible'] == 1) { $thread_title = ''; if ($thread['threadprefix']) { $thread_title = $thread['threadprefix'] . ' '; } $thread_title .= htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); $threads[$thread['tid']] = $thread_title; $fid_list[] = $thread['fid']; } } } // Fetch any forums if (!is_array($forums) && count($fid_list) > 0) { $fidnot = array_merge($unviewablefids, $inactivefids); foreach ($forum_cache as $fid => $forum) { if (in_array($fid, $fid_list) && !in_array($fid, $fidnot)) { $forums[$fid] = $forum['name']; $forums_linkto[$fid] = $forum['linkto']; } } } // And finaly any events if (!is_array($events) && count($eid_list) > 0) { $eid_sql = implode(",", $eid_list); $query = $db->simple_select("events", "eid,name", "eid IN ({$eid_sql})"); while ($event = $db->fetch_array($query)) { $events[$event['eid']] = htmlspecialchars_uni($parser->parse_badwords($event['name'])); } } // Now we've got everything we need we can put a name to the location switch ($user_activity['activity']) { // announcement.php functions case "announcements": if (!empty($announcements[$user_activity['ann']])) { $location_name = $lang->sprintf($lang->viewing_announcements, get_announcement_link($user_activity['ann']), $announcements[$user_activity['ann']]); } else { $location_name = $lang->viewing_announcements2; } break; // attachment.php actions // attachment.php actions case "attachment": $pid = $attachments[$user_activity['aid']]; $tid = $posts[$pid]; if (!empty($threads[$tid])) { $location_name = $lang->sprintf($lang->viewing_attachment2, $user_activity['aid'], $threads[$tid], get_thread_link($tid)); } else { $location_name = $lang->viewing_attachment; } break; // calendar.php functions // calendar.php functions case "calendar": $location_name = $lang->viewing_calendar; break; case "calendar_event": if (!empty($events[$user_activity['eid']])) { $location_name = $lang->sprintf($lang->viewing_event2, get_event_link($user_activity['eid']), $events[$user_activity['eid']]); } else { $location_name = $lang->viewing_event; } break; case "calendar_addevent": $location_name = $lang->adding_event; break; case "calendar_editevent": $location_name = $lang->editing_event; break; case "contact": $location_name = $lang->viewing_contact_us; break; // editpost.php functions // editpost.php functions case "editpost": $location_name = $lang->editing_post; break; // forumdisplay.php functions // forumdisplay.php functions case "forumdisplay": if (!empty($forums[$user_activity['fid']])) { if ($forums_linkto[$user_activity['fid']]) { $location_name = $lang->sprintf($lang->forum_redirect_to, get_forum_link($user_activity['fid']), $forums[$user_activity['fid']]); } else { $location_name = $lang->sprintf($lang->viewing_forum2, get_forum_link($user_activity['fid']), $forums[$user_activity['fid']]); } } else { $location_name = $lang->viewing_forum; } break; // index.php functions // index.php functions case "index": $location_name = $lang->sprintf($lang->viewing_index, $mybb->settings['bbname']); break; // managegroup.php functions // managegroup.php functions case "managegroup": $location_name = $lang->managing_group; break; // member.php functions // member.php functions case "member_activate": $location_name = $lang->activating_account; break; case "member_profile": if (!empty($usernames[$user_activity['uid']])) { $location_name = $lang->sprintf($lang->viewing_profile2, get_profile_link($user_activity['uid']), $usernames[$user_activity['uid']]); } else { $location_name = $lang->viewing_profile; } break; case "member_register": $location_name = $lang->registering; break; case "member": case "member_login": // Guest or member? if ($mybb->user['uid'] == 0) { $location_name = $lang->logging_in; } else { $location_name = $lang->logging_in_plain; } break; case "member_logout": $location_name = $lang->logging_out; break; case "member_emailuser": $location_name = $lang->emailing_user; break; case "member_rate": $location_name = $lang->rating_user; break; case "member_resendactivation": $location_name = $lang->member_resendactivation; break; case "member_lostpw": $location_name = $lang->member_lostpw; break; // memberlist.php functions // memberlist.php functions case "memberlist": $location_name = $lang->viewing_memberlist; break; // misc.php functions // misc.php functions case "misc_dstswitch": $location_name = $lang->changing_dst; break; case "misc_whoposted": if (!empty($threads[$user_activity['tid']])) { $location_name = $lang->sprintf($lang->viewing_whoposted2, get_thread_link($user_activity['tid']), $threads[$user_activity['tid']]); } else { $location_name = $lang->viewing_whoposted; } break; case "misc_markread": $location_name = $lang->sprintf($lang->marking_read, $mybb->post_code); break; case "misc_help": $location_name = $lang->viewing_helpdocs; break; case "misc_buddypopup": $location_name = $lang->viewing_buddylist; break; case "misc_smilies": $location_name = $lang->viewing_smilies; break; case "misc_syndication": $location_name = $lang->viewing_syndication; break; case "misc_imcenter": $location_name = $lang->viewing_imcenter; break; // modcp.php functions // modcp.php functions case "modcp_modlogs": $location_name = $lang->viewing_modlogs; break; case "modcp_announcements": $location_name = $lang->managing_announcements; break; case "modcp_finduser": $location_name = $lang->search_for_user; break; case "modcp_warninglogs": $location_name = $lang->managing_warninglogs; break; case "modcp_ipsearch": $location_name = $lang->searching_ips; break; case "modcp_report": $location_name = $lang->viewing_reports; break; case "modcp_new_announcement": $location_name = $lang->adding_announcement; break; case "modcp_delete_announcement": $location_name = $lang->deleting_announcement; break; case "modcp_edit_announcement": $location_name = $lang->editing_announcement; break; case "modcp_mod_queue": $location_name = $lang->managing_modqueue; break; case "modcp_editprofile": $location_name = $lang->editing_user_profiles; break; case "modcp_banning": $location_name = $lang->managing_bans; break; case "modcp": $location_name = $lang->viewing_modcp; break; // moderation.php functions // moderation.php functions case "moderation": $location_name = $lang->using_modtools; break; // newreply.php functions // newreply.php functions case "newreply": if (!empty($threads[$user_activity['tid']])) { $location_name = $lang->sprintf($lang->replying_thread2, get_thread_link($user_activity['tid']), $threads[$user_activity['tid']]); } else { $location_name = $lang->replying_thread; } break; // newthread.php functions // newthread.php functions case "newthread": if (!empty($forums[$user_activity['fid']])) { $location_name = $lang->sprintf($lang->posting_thread2, get_forum_link($user_activity['fid']), $forums[$user_activity['fid']]); } else { $location_name = $lang->posting_thread; } break; // online.php functions // online.php functions case "wol": $location_name = $lang->viewing_wol; break; case "woltoday": $location_name = $lang->viewing_woltoday; break; // polls.php functions // polls.php functions case "newpoll": $location_name = $lang->creating_poll; break; case "editpoll": $location_name = $lang->editing_poll; break; case "showresults": $location_name = $lang->viewing_pollresults; break; case "vote": $location_name = $lang->voting_poll; break; // printthread.php functions // printthread.php functions case "printthread": if (!empty($threads[$user_activity['tid']])) { $location_name = $lang->sprintf($lang->printing_thread2, get_thread_link($user_activity['tid']), $threads[$user_activity['tid']]); } else { $location_name = $lang->printing_thread; } break; // private.php functions // private.php functions case "private_send": $location_name = $lang->sending_pm; break; case "private_read": $location_name = $lang->reading_pm; break; case "private_folders": $location_name = $lang->editing_pmfolders; break; case "private": $location_name = $lang->using_pmsystem; break; /* Ratethread functions */ /* Ratethread functions */ case "ratethread": $location_name = $lang->rating_thread; break; // report.php functions // report.php functions case "report": $location_name = $lang->reporting_post; break; // reputation.php functions // reputation.php functions case "reputation": $location_name = $lang->sprintf($lang->giving_reputation, get_profile_link($user_activity['uid']), $usernames[$user_activity['uid']]); break; case "reputation_report": if (!empty($usernames[$user_activity['uid']])) { $location_name = $lang->sprintf($lang->viewing_reputation_report, "reputation.php?uid={$user_activity['uid']}", $usernames[$user_activity['uid']]); } else { $location_name = $lang->sprintf($lang->viewing_reputation_report2); } break; // search.php functions // search.php functions case "search": $location_name = $lang->sprintf($lang->searching_forum, $mybb->settings['bbname']); break; // showthread.php functions // showthread.php functions case "showthread": if (!empty($threads[$user_activity['tid']])) { $pagenote = ''; $location_name = $lang->sprintf($lang->reading_thread2, get_thread_link($user_activity['tid']), $threads[$user_activity['tid']], $pagenote); } else { $location_name = $lang->reading_thread; } break; case "showpost": if (!empty($posts[$user_activity['pid']]) && !empty($threads[$posts[$user_activity['pid']]])) { $pagenote = ''; $location_name = $lang->sprintf($lang->reading_thread2, get_thread_link($posts[$user_activity['pid']]), $threads[$posts[$user_activity['pid']]], $pagenote); } else { $location_name = $lang->reading_thread; } break; // showteam.php functions // showteam.php functions case "showteam": $location_name = $lang->viewing_team; break; // stats.php functions // stats.php functions case "stats": $location_name = $lang->viewing_stats; break; // usercp.php functions // usercp.php functions case "usercp_profile": $location_name = $lang->updating_profile; break; case "usercp_editlists": $location_name = $lang->managing_buddyignorelist; break; case "usercp_options": $location_name = $lang->updating_options; break; case "usercp_editsig": $location_name = $lang->editing_signature; break; case "usercp_avatar": $location_name = $lang->changing_avatar; break; case "usercp_subscriptions": $location_name = $lang->viewing_subscriptions; break; case "usercp_favorites": $location_name = $lang->viewing_favorites; break; case "usercp_notepad": $location_name = $lang->editing_pad; break; case "usercp_password": $location_name = $lang->editing_password; break; case "usercp": $location_name = $lang->user_cp; break; case "usercp2_favorites": $location_name = $lang->managing_favorites; break; case "usercp2_subscriptions": $location_name = $lang->managing_subscriptions; break; case "portal": $location_name = $lang->viewing_portal; break; // sendthread.php functions // sendthread.php functions case "sendthread": $location_name = $lang->sending_thread; break; // warnings.php functions // warnings.php functions case "warnings_revoke": $location_name = $lang->revoking_warning; break; case "warnings_warn": $location_name = $lang->warning_user; break; case "warnings_view": $location_name = $lang->viewing_warning; break; case "warnings": $location_name = $lang->managing_warnings; break; } $plugin_array = array('user_activity' => &$user_activity, 'location_name' => &$location_name); $plugins->run_hooks("build_friendly_wol_location_end", $plugin_array); if (isset($user_activity['nopermission']) && $user_activity['nopermission'] == 1) { $location_name = $lang->viewing_noperms; } if (!$location_name) { $location_name = $lang->sprintf($lang->unknown_location, $user_activity['location']); } return $location_name; }
} } } else { $accesserror = 1; } if ($accesserror == 1) { redirect_header("viewtopic.php?topic_id={$topic_id}&post_id={$post_id}&order={$order}&viewmode={$viewmode}&pid={$pid}&forum={$forum}", 2, _MD_NORIGHTTOPOST); exit; } // Ok, looks like we're good. } else { $accesserror = 0; if ($forumdata['forum_access'] == 3) { if ($xoopsUser) { if (!$xoopsUser->isAdmin($xoopsModule->mid())) { if (!is_moderator($forum, $xoopsUser->uid())) { $accesserror = 1; } } } else { $accesserror = 1; } } elseif ($forumdata['forum_access'] == 1 && !$xoopsUser) { $accesserror = 1; } if ($accesserror == 1) { redirect_header("viewtopic.php?topic_id={$topic_id}&post_id={$post_id}&order={$order}&viewmode={$viewmode}&pid={$pid}&forum={$forum}", 2, _MD_NORIGHTTOPOST); exit; } } include XOOPS_ROOT_PATH . '/header.php';
function show_forum($forum, $start, $sort_style, $user) { $gotoStr = ""; $nav = show_page_nav($forum, $start); if ($nav) { $gotoStr = "<div align=\"right\">{$nav}</div><br />"; } echo $gotoStr; // Display the navbar start_forum_table(array("", tra("Threads"), tra("Posts"), tra("Author"), tra("Views"), "<nobr>" . tra("Last post") . "</nobr>")); $sticky_first = !$user || !$user->prefs->ignore_sticky_posts; // Show hidden threads if logged in user is a moderator // $show_hidden = is_moderator($user, $forum); $threads = get_forum_threads($forum->id, $start, THREADS_PER_PAGE, $sort_style, $show_hidden, $sticky_first); if ($user) { $subs = BoincSubscription::enum("userid={$user->id}"); } // Run through the list of threads, displaying each of them $n = 0; $i = 0; foreach ($threads as $thread) { $owner = BoincUser::lookup_id($thread->owner); $unread = thread_is_unread($user, $thread); //if ($thread->status==1){ // This is an answered helpdesk thread if ($user && is_subscribed($thread, $subs)) { echo '<tr class="row_hd' . $n . '">'; } else { echo '<tr class="row' . $n . '">'; } echo '<td width="1%"><nobr>'; if ($user && $thread->rating() > $user->prefs->high_rating_threshold) { show_image(EMPHASIZE_IMAGE, "This message has a high average rating", "Highly rated"); } if ($user && $thread->rating() < $user->prefs->low_rating_threshold) { show_image(FILTER_IMAGE, "This message has a low average rating", "Low rated"); } if ($thread->hidden) { echo "[hidden]"; } if ($unread) { if ($thread->sticky) { if ($thread->locked) { show_image(NEW_IMAGE_STICKY_LOCKED, "This thread is sticky and locked, and you haven't read it yet", "sticky/locked/unread"); } else { show_image(NEW_IMAGE_STICKY, "This thread is sticky and you haven't read it yet", "sticky/unread"); } } else { if ($thread->locked) { show_image(NEW_IMAGE_LOCKED, "You haven't read this thread yet, and it's locked", "unread/locked"); } else { show_image(NEW_IMAGE, "You haven't read this thread yet", "unread"); } } } else { if ($thread->sticky) { if ($thread->locked) { show_image(IMAGE_STICKY_LOCKED, "This thread is sticky and locked", "sticky/locked"); } else { show_image(IMAGE_STICKY, "This thread is sticky", "sticky"); } } else { if ($thread->locked) { show_image(IMAGE_LOCKED, "This thread is locked", "locked"); } } } echo "</nobr></td>"; $titlelength = 48; $title = $thread->title; if (strlen($title) > $titlelength) { $title = substr($title, 0, $titlelength) . "..."; } $title = cleanup_title($title); echo '<td class="threadline"> <a href="forum_thread.php?id=' . $thread->id . '"><strong>' . $title . '</strong></a> <br /></td>'; $n = ($n + 1) % 2; echo '<td class="numbers leftborder">' . ($thread->replies + 1) . '</td> <td class="author leftborder">' . user_links($owner) . '</td> <td class="numbers leftborder">' . $thread->views . '</td> <td class="lastpost leftborder">' . time_diff_str($thread->timestamp, time()) . '</td> </tr>'; flush(); } end_table(); echo "<br />{$gotoStr}"; // show page links }
$pid = $attachment['pid']; $post = get_post($pid); $thread = get_thread($post['tid']); if (!$thread['tid'] && !$mybb->input['thumbnail']) { error($lang->error_invalidthread); } $fid = $thread['fid']; // Get forum info $forum = get_forum($fid); // Permissions $forumpermissions = forum_permissions($fid); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'] || $forumpermissions['candlattachments'] == 0 && !$mybb->input['thumbnail']) { error_no_permission(); } // Error if attachment is invalid or not visible if (!$attachment['aid'] || !$attachment['attachname'] || !is_moderator($fid) && ($attachment['visible'] != 1 || $thread['visible'] != 1 || $post['visible'] != 1)) { error($lang->error_invalidattachment); } if (!$mybb->input['thumbnail']) { $attachupdate = array("downloads" => $attachment['downloads'] + 1); $db->update_query("attachments", $attachupdate, "aid='{$attachment['aid']}'"); } // basename isn't UTF-8 safe. This is a workaround. $attachment['filename'] = ltrim(basename(' ' . $attachment['filename'])); $plugins->run_hooks("attachment_end"); if ($mybb->input['thumbnail']) { $ext = get_extension($attachment['thumbnail']); switch ($ext) { case "gif": $type = "image/gif"; break;
$f_perm_sql = " AND t.fid NOT IN ({$unviewable_forums})"; } if ($inactiveforums) { $f_perm_sql .= " AND t.fid NOT IN ({$inactiveforums})"; } $visible = " AND t.visible != 0"; if (is_moderator() == true) { $visible = ''; } $query = $db->query("\n\t\tSELECT t.*, t.username AS threadusername, u.username\n\t\tFROM " . TABLE_PREFIX . "threads t\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid = t.uid)\n\t\tWHERE t.uid='" . $mybb->user['uid'] . "' AND t.firstpost != 0 AND t.visible >= 0 {$visible}{$f_perm_sql}\n\t\tORDER BY t.lastpost DESC\n\t\tLIMIT 0, 5\n\t"); // Figure out whether we can view these threads... $threadcache = array(); $fpermissions = forum_permissions(); while ($thread = $db->fetch_array($query)) { // Moderated, and not moderator? if ($thread['visible'] == 0 && is_moderator($thread['fid'], "canviewunapprove") === false) { continue; } $forumpermissions = $fpermissions[$thread['fid']]; if ($forumpermissions['canview'] != 0 || $forumpermissions['canviewthreads'] != 0) { $threadcache[$thread['tid']] = $thread; } } $latest_threads = ''; if (!empty($threadcache)) { $tids = implode(",", array_keys($threadcache)); // Read Forums $query = $db->query("\n\t\t\tSELECT f.fid, fr.dateline AS lastread\n\t\t\tFROM " . TABLE_PREFIX . "forums f\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')\n\t\t\tWHERE f.active != 0\n\t\t\tORDER BY pid, disporder\n\t\t"); while ($forum = $db->fetch_array($query)) { $readforums[$forum['fid']] = $forum['lastread']; }
?> <?php echo $user_profile['lastName']; ?> (<?php echo $user_profile['username']; ?> )'s profile</b><br> <br> <?php } ?> <?php if (is_moderator($_SESSION['username'])) { if (!is_moderator($user_profile['username'])) { echo '<a class="btn btn-success btn-block" href="profile.php?action=addmoderator&id=' . $user_profile['username'] . '">Promote to Moderator</a><br><br>'; } else { echo '<a class="btn btn-warning btn-block" href="profile.php?action=removemoderator&id=' . $user_profile['username'] . '">Demote to User</a><br><br>'; } } ?> <div class="panel panel-default"> <div class="panel-heading"><?php echo $user_profile['username']; ?> 's Favorite Artists</div> <div class="panel-body"> <ul class="list-group"> <?php $favorites = get_all_usernames_and_favorites_per_favorite($username);
// Display a thread. // Display a thread. case "thread": $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); // Fetch the forum this thread is in $forum = get_forum($thread['fid']); if (!$forum['fid'] || $forum['password'] != '') { archive_error($lang->error_invalidforum); } // Check if we have permission to view this thread $forumpermissions = forum_permissions($forum['fid']); if ($forumpermissions['canview'] != 1 || $forumpermissions['canviewthreads'] != 1) { archive_error_no_permission(); } if ($thread['visible'] != 1) { if (is_moderator($forum['fid'])) { archive_error($lang->sprintf($lang->error_unapproved_thread, $mybb->settings['bburl'] . "/" . get_thread_link($thread['tid'], $page))); } else { archive_error($lang->error_invalidthread); } } if ($forumpermissions['canonlyviewownthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) { archive_error_no_permission(); } check_forum_password_archive($forum['fid']); // Build the navigation build_forum_breadcrumb($forum['fid'], 1); add_breadcrumb($thread['subject']); archive_header($thread['subject'], $thread['subject'], $mybb->settings['bburl'] . "/" . get_thread_link($thread['tid'], $page)); $plugins->run_hooks("archive_thread_start"); if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) {
if ($mybb->input['action'] == "edit_announcement") { if ($mybb->usergroup['canmanageannounce'] == 0) { error_no_permission(); } $aid = $mybb->get_input('aid', MyBB::INPUT_INT); add_breadcrumb($lang->mcp_nav_announcements, "modcp.php?action=announcements"); add_breadcrumb($lang->edit_announcement, "modcp.php?action=edit_announcements&aid={$aid}"); // Get announcement if (!isset($announcement)) { $query = $db->simple_select("announcements", "*", "aid='{$aid}'"); $announcement = $db->fetch_array($query); } if (!$announcement) { error($lang->error_invalid_announcement); } if ($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1 || $announcement['fid'] != -1 && !is_moderator($announcement['fid'], "canmanageannouncements") || $unviewableforums && in_array($announcement['fid'], $unviewableforums)) { error_no_permission(); } if (!$announcement['startdate']) { // No start date? Make it now. $announcement['startdate'] = TIME_NOW; } $makeshift_end = false; if (!$announcement['enddate']) { $makeshift_end = true; $makeshift_time = TIME_NOW; if ($announcement['startdate']) { $makeshift_time = $announcement['startdate']; } // No end date? Make it a year from now. $announcement['enddate'] = $makeshift_time + 60 * 60 * 24 * 366;
$inactive = get_inactive_forums(); if ($inactive) { $sql[] = "p.fid NOT IN ({$inactive})"; } if (!$mybb->user['ismoderator']) { $sql[] = "p.visible='1'"; $sql[] = "t.visible='1'"; } $sql = implode(' AND ', $sql); $query = $db->query("\n\t\t\tSELECT p.pid, p.uid, p.fid, p.visible, p.message, t.tid, t.subject, t.visible AS thread_visible\n\t\t\tFROM " . TABLE_PREFIX . "posts p\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n\t\t\tWHERE {$sql}\n\t\t"); $forumpermissions = array(); while ($post = $db->fetch_array($query)) { if (($post['visible'] == 0 || $post['thread_visible'] == 0) && !is_moderator($post['fid'], 'canviewunapprove')) { continue; } if (($post['visible'] == -1 || $post['thread_visible'] == -1) && !is_moderator($post['fid'], 'canviewdeleted')) { continue; } if (!isset($forumpermissions[$post['fid']])) { $forumpermissions[$post['fid']] = forum_permissions($post['fid']); } // Make sure we can view this post if (isset($forumpermissions[$post['fid']]['canonlyviewownthreads']) && $forumpermissions[$post['fid']]['canonlyviewownthreads'] == 1 && $post['uid'] != $mybb->user['uid']) { continue; } $post_reputation[$post['pid']] = $post; } } $reputation_votes = ''; foreach ($reputation_cache as $reputation_vote) { // Get the reputation for the user who posted this comment
" class="img-circle profile-pic left"> <p class="info"> <a href="<?php echo base_url('person/profile/' . $reply->PERSON_ID); ?> " class="name"><strong><?php echo $reply->DISPLAY_NAME; ?> </strong></a> <span class="date"><?php echo $reply->TIME; ?> </span> <br> <?php if (is_person($reply->PERSON_ID) || is_admin() || is_moderator($post->POST_ID)) { ?> <a href="<?php echo base_url('post/edit_reply/' . $reply->POST_ID); ?> " class="tag yellow"><span class="glyphicon glyphicon-pencil"></span> Edit</a> <a href="<?php echo base_url('post/remove/' . $post->POST_ID . '/' . $reply->POST_ID); ?> " class="tag red"><span class="glyphicon glyphicon-trash"></span> Remove</a> <?php } ?> <?php if (!is_person($reply->PERSON_ID)) { ?>
?> </a> <?php } ?> Date: <?php echo $comment['postDate']; ?> <br> Comment: <?php echo $comment['comment']; ?> <br> <?php if ($comment['username'] == $_SESSION['username'] || is_moderator($_SESSION['username'])) { ?> (<a href="comment.php?action=editcomment&id=<?php echo $details['artistId']; ?> &commentId=<?php echo $comment['commentId']; ?> ">Edit</a> | <a href="comment.php?action=deletecomment&artistId=<?php echo $details['artistId']; ?> &id=<?php echo $comment['commentId']; ?> ">Delete</a>)<br> <?php
/** * Verifies if a birthday is valid or not. * * @return boolean True when valid, false when invalid. */ function verify_birthday() { global $mybb; $user =& $this->data; $birthday =& $user['birthday']; if (!is_array($birthday)) { return true; } // Sanitize any input we have $birthday['day'] = (int) $birthday['day']; $birthday['month'] = (int) $birthday['month']; $birthday['year'] = (int) $birthday['year']; // Error if a day and month exists, and the birthday day and range is not in range if ($birthday['day'] != 0 || $birthday['month'] != 0) { if ($birthday['day'] < 1 || $birthday['day'] > 31 || $birthday['month'] < 1 || $birthday['month'] > 12 || $birthday['month'] == 2 && $birthday['day'] > 29) { $this->set_error("invalid_birthday"); return false; } } // Check if the day actually exists. $months = get_bdays($birthday['year']); if ($birthday['month'] != 0 && $birthday['day'] > $months[$birthday['month'] - 1]) { $this->set_error("invalid_birthday"); return false; } // Error if a year exists and the year is out of range if ($birthday['year'] != 0 && $birthday['year'] < date("Y") - 100 || $birthday['year'] > date("Y")) { $this->set_error("invalid_birthday"); return false; } else { if ($birthday['year'] == date("Y")) { // Error if birth date is in future if ($birthday['month'] > date("m") || $birthday['month'] == date("m") && $birthday['day'] > date("d")) { $this->set_error("invalid_birthday"); return false; } } } // Error if COPPA is on, and the user hasn't verified their age / under 13 if ($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 || !$birthday['year'])) { $this->set_error("invalid_birthday_coppa"); return false; } elseif ($mybb->settings['coppa'] == "deny" && $birthday['year'] > date("Y") - 13 && !is_moderator()) { $this->set_error("invalid_birthday_coppa2"); return false; } // Make the user's birthday field if ($birthday['year'] != 0) { // If the year is specified, put together a d-m-y string $user['bday'] = $birthday['day'] . "-" . $birthday['month'] . "-" . $birthday['year']; } elseif ($birthday['day'] && $birthday['month']) { // If only a day and month are specified, put together a d-m string $user['bday'] = $birthday['day'] . "-" . $birthday['month'] . "-"; } else { // No field is specified, so return an empty string for an unknown birthday $user['bday'] = ''; } return true; }
} $plugins->run_hooks("usercp2_removesubscription_forum"); remove_subscribed_forum($forum['fid']); if ($server_http_referer) { $url = $server_http_referer; } else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionremoved); } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if (!$thread) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? if (is_moderator($thread['fid'])) { $ismod = true; } else { $ismod = false; } // Make sure we are looking at a real thread here. if ($thread['visible'] != 1 && $ismod == false || $thread['visible'] > 1 && $ismod == true) { error($lang->error_invalidthread); } $plugins->run_hooks("usercp2_removesubscription_thread"); remove_subscribed_thread($thread['tid']); if ($server_http_referer) { $url = $server_http_referer; } else { $url = "usercp.php?action=subscriptions"; }
function akismet_postbit(&$post) { global $templates, $mybb, $theme, $lang; if (!$mybb->settings['akismetswitch'] || !is_moderator($post['fid'])) { return; } if ($mybb->settings['akismetuidsignore']) { $akismet_uids_ignore = explode(',', $mybb->settings['akismetuidsignore']); if (in_array($usergroup, $akismet_uids_ignore)) { return; } } if (is_super_admin($post['uid'])) { return; } $lang->load("akismet", false, true); eval("\$post['button_spam'] = \"" . $templates->get("akismet_postbit_spam") . "\";"); }
break; } $x = "\nYour post was categorized as " . $c; $x .= mod_comment(); return $x; } $user = get_logged_in_user(); check_tokens($user->authenticator); BoincForumPrefs::lookup($user); $post = BoincPost::lookup_id(get_int('id')); if (!$post) { error_page("no such post"); } $thread = BoincThread::lookup_id($post->thread); $forum = BoincForum::lookup_id($thread->forum); if (!is_moderator($user, $forum)) { error_page(tra("You are not authorized to moderate this post.")); } // See if "action" is provided - either through post or get if (!post_str('action', true)) { if (!get_str('action', true)) { error_page(tra("You must specify an action...")); } else { $action = get_str('action'); } } else { $action = post_str('action'); } $explanation = null; if ($action == "hide") { $result = hide_post($post, $thread, $forum);
} $message = ''; // Are we loading all quoted posts or only those not in the current thread? if (empty($mybb->input['load_all'])) { $from_tid = "p.tid != '" . $mybb->get_input('tid', MyBB::INPUT_INT) . "' AND "; } else { $from_tid = ''; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); require_once MYBB_ROOT . "inc/functions_posting.php"; $plugins->run_hooks("xmlhttp_get_multiquoted_intermediate"); // Query for any posts in the list which are not within the specified thread $query = $db->query("\n\t\tSELECT p.subject, p.message, p.pid, p.tid, p.username, p.dateline, t.fid, p.visible, u.username AS userusername\n\t\tFROM " . TABLE_PREFIX . "posts p\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n\t\tWHERE {$from_tid}p.pid IN ({$quoted_posts}) {$unviewable_forums} {$inactiveforums}\n\t\tORDER BY p.dateline\n\t"); while ($quoted_post = $db->fetch_array($query)) { if (!is_moderator($quoted_post['fid'], "canviewunapprove") && $quoted_post['visible'] == 0) { continue; } $message .= parse_quoted_message($quoted_post, false); } if ($mybb->settings['maxquotedepth'] != '0') { $message = remove_message_quotes($message); } // Send our headers. header("Content-type: application/json; charset={$charset}"); $plugins->run_hooks("xmlhttp_get_multiquoted_end"); echo json_encode(array("message" => $message)); exit; } else { if ($mybb->input['action'] == "refresh_captcha") { $imagehash = $db->escape_string($mybb->get_input('imagehash'));
$foruminfo = $forum; if ($forum['rulestype'] == 3) { eval("\$forumrules = \"" . $templates->get("forumdisplay_rules") . "\";"); } else { if ($forum['rulestype'] == 2) { eval("\$forumrules = \"" . $templates->get("forumdisplay_rules_link") . "\";"); } } } $moderation_notice = ''; if (!is_moderator($forum['fid'], "canapproveunapproveattachs")) { if ($forumpermissions['modattachments'] == 1 && $forumpermissions['canpostattachments'] != 0) { $moderation_text = $lang->moderation_forum_attachments; eval('$moderation_notice = "' . $templates->get('global_moderation_notice') . '";'); } } if (!is_moderator($forum['fid'], "canapproveunapproveposts")) { if ($forumpermissions['modposts'] == 1) { $moderation_text = $lang->moderation_forum_posts; eval('$moderation_notice = "' . $templates->get('global_moderation_notice') . '";'); } if ($mybb->user['moderateposts'] == 1) { $moderation_text = $lang->moderation_user_posts; eval('$moderation_notice = "' . $templates->get('global_moderation_notice') . '";'); } } $plugins->run_hooks("newreply_end"); $forum['name'] = strip_tags($forum['name']); eval("\$newreply = \"" . $templates->get("newreply") . "\";"); output_page($newreply); }