function get_thread_by_unread_func($xmlrpc_params)
{
global $db, $mybb;
$input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::STRING, 'posts_per_request' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params);
if (preg_match('/^ann_/', $input['topic_id'])) {
$_GET["aid"] = intval(str_replace('ann_', '', $input['topic_id']));
return get_announcement_func($xmlrpc_params);
}
$thread = get_thread($input['topic_id']);
if (!empty($thread['closed'])) {
$moved = explode("|", $thread['closed']);
if ($moved[0] == "moved") {
$thread = get_thread($moved[1]);
}
}
if (is_moderator($thread['fid'])) {
$visible = "AND (p.visible='0' OR p.visible='1')";
} else {
$visible = "AND p.visible='1'";
}
$cutoff = 0;
if ($mybb->settings['threadreadcut'] > 0) {
$cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24;
}
$query = $db->query("select min(p.pid) as pid from " . TABLE_PREFIX . "posts p\n LEFT JOIN " . TABLE_PREFIX . "threadsread tr on p.tid = tr.tid and tr.uid = '{$mybb->user['uid']}'\n where p.tid='{$thread['tid']}' and p.uid != '{$mybb->user['uid']}' and (p.dateline > tr.dateline or tr.dateline is null) and p.dateline > {$cutoff} {$visible}\n ");
$pid = $db->fetch_field($query, 'pid');
if (!$pid) {
$query = $db->query("select p.pid from " . TABLE_PREFIX . "posts p\n where p.tid='{$thread['tid']}' {$visible}\n order by p.dateline desc\n limit 1");
$pid = $db->fetch_field($query, 'pid');
}
return get_thread_by_post_func(new xmlrpcval(array(new xmlrpcval($pid, "string"), new xmlrpcval($input['posts_per_request'], 'int'), new xmlrpcval(!!$input['return_html'], 'boolean')), 'array'));
}
function is_moderator_or_die()
{
if (!is_moderator($_SESSION['username'])) {
die("Must be a moderator to access this part of the website");
}
return true;
}
/**
This is where you perform the action when the API is called, the parameter given is an instance of stdClass, this method should return an instance of stdClass.
*/
public function action()
{
global $mybb, $db;
if ($this->is_authenticated()) {
return $this->get_user();
} elseif (isset($mybb->input["sessionid"]) && is_string($mybb->input["sessionid"])) {
$sid = $db->escape_string($mybb->input["sessionid"]);
$query = $db->query("SELECT s.uid FROM " . TABLE_PREFIX . "sessions s WHERE s.sid = '{$sid}'");
$result = $db->fetch_array($query);
if (empty($result)) {
throw new UnauthorizedException("Not connected.");
} else {
$uid = $result['uid'];
// no need to escape this, it's just been retrieved from db
$query = $db->query("\n\t\t\t\t\tSELECT u.*, f.*\n\t\t\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\t\t\t\tWHERE u.uid='{$uid}'\n\t\t\t\t\tLIMIT 1\n\t\t\t\t");
$user = (object) $db->fetch_array($query);
if (empty($user)) {
throw new UnauthorizedException("Not connected");
}
$user->ismoderator = is_moderator("", "", $uid);
return $user;
}
} else {
throw new UnauthorizedException("Not connected.");
}
}
function fetch_forum_announcements($pid = 0, $depth = 1)
{
global $mybb, $db, $lang, $announcements, $templates, $announcements_forum, $moderated_forums;
static $forums_by_parent, $forum_cache, $parent_forums;
if (!is_array($forum_cache)) {
$forum_cache = cache_forums();
}
if (!is_array($parent_forums) && $mybb->user['issupermod'] != 1) {
// Get a list of parentforums to show for normal moderators
$parent_forums = array();
foreach ($moderated_forums as $mfid) {
$parent_forums = array_merge($parent_forums, explode(',', $forum_cache[$mfid]['parentlist']));
}
}
if (!is_array($forums_by_parent)) {
foreach ($forum_cache as $forum) {
$forums_by_parent[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum;
}
}
if (!is_array($forums_by_parent[$pid])) {
return;
}
foreach ($forums_by_parent[$pid] as $children) {
foreach ($children as $forum) {
if ($forum['active'] == 0 || !is_moderator($forum['fid'])) {
// Check if this forum is a parent of a moderated forum
if (in_array($forum['fid'], $parent_forums)) {
// A child is moderated, so print out this forum's title. RECURSE!
$trow = alt_trow();
eval("\$announcements_forum .= \"" . $templates->get("modcp_announcements_forum_nomod") . "\";");
} else {
// No subforum is moderated by this mod, so safely continue
continue;
}
} else {
// This forum is moderated by the user, so print out the forum's title, and its announcements
$trow = alt_trow();
$padding = 40 * ($depth - 1);
eval("\$announcements_forum .= \"" . $templates->get("modcp_announcements_forum") . "\";");
if ($announcements[$forum['fid']]) {
foreach ($announcements[$forum['fid']] as $aid => $announcement) {
$trow = alt_trow();
if ($announcement['enddate'] < TIME_NOW && $announcement['enddate'] != 0) {
$icon = "<img src=\"images/minioff.gif\" alt=\"({$lang->expired})\" title=\"{$lang->expired_announcement}\" style=\"vertical-align: middle;\" /> ";
} else {
$icon = "<img src=\"images/minion.gif\" alt=\"({$lang->active})\" title=\"{$lang->active_announcement}\" style=\"vertical-align: middle;\" /> ";
}
$subject = htmlspecialchars_uni($announcement['subject']);
eval("\$announcements_forum .= \"" . $templates->get("modcp_announcements_announcement") . "\";");
}
}
}
// Build the list for any sub forums of this forum
if ($forums_by_parent[$forum['fid']]) {
fetch_forum_announcements($forum['fid'], $depth + 1);
}
}
}
}
function remove_attachment_func($xmlrpc_params)
{
global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
chdir("../");
$lang->load("member");
$parser = new postParser();
$input = Tapatalk_Input::filterXmlInput(array('attachment_id' => Tapatalk_Input::INT, 'forum_id' => Tapatalk_Input::INT, 'group_id' => Tapatalk_Input::STRING, 'post_id' => Tapatalk_Input::INT), $xmlrpc_params);
$fid = $input['forum_id'];
$forum = get_forum($fid);
if (!$forum) {
return xmlrespfalse($lang->error_invalidforum);
}
$forumpermissions = forum_permissions($fid);
if ($forum['open'] == 0 || $forum['type'] != "f") {
return xmlrespfalse($lang->error_closedinvalidforum);
}
if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $mybb->user['suspendposting'] == 1) {
return tt_no_permission();
}
tt_check_forum_password($forum['fid']);
$posthash = $input['group_id'];
$mybb->input['posthash'] = $posthash;
// If we're removing an attachment that belongs to an existing post, some security checks...
$query = $db->simple_select("attachments", "pid", "aid='{$input['attachment_id']}'");
$attachment = $db->fetch_array($query);
$pid = $attachment['pid'];
if ($pid > 0) {
if ($pid != $input['post_id']) {
return xmlrespfalse("The attachment you are trying to remove does not belong to this post");
}
$query = $db->simple_select("posts", "*", "pid='{$pid}'");
$post = $db->fetch_array($query);
if (!$post['pid']) {
return xmlrespfalse($lang->error_invalidpost);
}
// Get thread info
$tid = $post['tid'];
$thread = get_thread($tid);
if (!$thread['tid']) {
return xmlrespfalse($lang->error_invalidthread);
}
if (!is_moderator($fid, "caneditposts")) {
if ($thread['closed'] == 1) {
return xmlrespfalse($lang->redirect_threadclosed);
}
if ($forumpermissions['caneditposts'] == 0) {
return tt_no_permission();
}
if ($mybb->user['uid'] != $post['uid']) {
return tt_no_permission();
}
}
} else {
$pid = 0;
}
require_once MYBB_ROOT . "inc/functions_upload.php";
remove_attachment($pid, $mybb->input['posthash'], $input['attachment_id']);
return xmlresptrue();
}
function get_inbox_stat_func($xmlrpc_params)
{
global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
$input = Tapatalk_Input::filterXmlInput(array('pm_last_checked_time' => Tapatalk_Input::STRING, 'subscribed_topic_last_checked_time' => Tapatalk_Input::STRING), $xmlrpc_params);
// PMs
$query = $db->simple_select("privatemessages", "COUNT(*) AS pms_unread", "uid='" . $mybb->user['uid'] . "' AND status = '0' AND folder = '1'");
$pmcount = $db->fetch_field($query, "pms_unread");
// Subscribed threads
$visible = "AND t.visible != 0";
if (is_moderator() == true) {
$visible = '';
}
if ($mybb->settings['threadreadcut'] > 0) {
$cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24;
}
$query = $db->query("\n\t\tSELECT COUNT(ts.tid) as threads\n\t\tFROM " . TABLE_PREFIX . "threadsubscriptions ts\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid = ts.tid)\n\t\tleft join " . TABLE_PREFIX . "threadsread tr on t.tid = tr.tid and tr.uid = '{$mybb->user['uid']}'\n\t\tWHERE ts.uid = '" . $mybb->user['uid'] . "' and (tr.dateline < t.lastpost or tr.dateline is null) and t.lastpost > {$cutoff} {$visible}\n\t");
$threadcount = $db->fetch_field($query, "threads");
$result = new xmlrpcval(array('inbox_unread_count' => new xmlrpcval($pmcount, 'int'), 'subscribed_topic_unread_count' => new xmlrpcval($threadcount, 'int')), 'struct');
return new xmlrpcresp($result);
}
function get_thread_by_post_func($xmlrpc_params)
{
global $db, $mybb, $position;
$input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'posts_per_request' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params);
$post = get_post($input['post_id']);
if (!$input['posts_per_request']) {
$input['posts_per_request'] = 20;
}
if (is_moderator($post['fid'])) {
$visible = "AND (visible='0' OR visible='1')";
} else {
$visible = "AND visible='1'";
}
$query = $db->simple_select("posts", "COUNT(*) AS position", "pid < '{$input['post_id']}' and tid='{$post['tid']}' {$visible}");
$position = $db->fetch_field($query, 'position');
$page = floor($position / $input['posts_per_request']) + 1;
$position = $position + 1;
$response = get_thread_func(new xmlrpcval(array(new xmlrpcval($post['tid'], "string"), new xmlrpcval(($page - 1) * $input['posts_per_request'], 'int'), new xmlrpcval(($page - 1) * $input['posts_per_request'] + $input['posts_per_request'], 'int'), new xmlrpcval(!!$input['return_html'], 'boolean')), 'array'));
return $response;
}
function global_auth_check_user($type, $key, $global_u_access, $is_admin)
{
$auth_user = 0;
if (!empty($global_u_access)) {
$result = 0;
switch ($type) {
case AUTH_ACL:
$result = $global_u_access[$key];
case AUTH_MOD:
$result = $result || is_moderator($global_u_access['group_id']);
case AUTH_ADMIN:
$result = $result || $is_admin;
break;
}
$auth_user = $auth_user || $result;
} else {
$auth_user = $is_admin;
}
return $auth_user;
}
function lasteditlock()
{
global $db, $mybb, $forum;
if ($mybb->input['action'] == "edit_post" || $mybb->input['action'] == "editpost") {
$post = get_post(intval($mybb->input['pid']));
$msg = "Sorry you can't edit a post once a moderator has edited it.";
if (!is_moderator($forum['fid'], "canviewips") && ($post['edituid'] != $mybb->user['uid'] && $post['edituid'] != 0)) {
switch ($mybb->input['action']) {
case edit_post:
xmlhttp_error($msg);
break;
case editpost:
error($msg);
break;
}
if ($mybb->input['do'] == "update_post") {
error($msg);
}
}
}
}
function theme_notes_end($p_page, $p_url)
{
global $g_primary_dark_color, $g_note_add_page, $g_admin_manage_notes, $g_admin_page, $s_add_note_link, $s_manage, $s_admin;
$c_url = urlencode($p_page);
$t_page_id = page_get_id($p_page);
echo <<<EOT
\t\t\t\t<tr bgcolor="{$g_primary_dark_color}">
\t\t\t\t\t<td align="right">
\t\t\t\t\t\t<a href="{$g_note_add_page}?f_page_id={$t_page_id}&f_url={$c_url}">{$s_add_note_link}</a>
EOT;
if (is_moderator()) {
echo <<<EOT
\t\t\t\t| <a href="{$g_admin_manage_notes}?f_page_id={$t_page_id}&f_url={$c_url}">{$s_manage}</a>
\t\t\t\t| <a href="{$g_admin_page}">{$s_admin}</a>
EOT;
}
echo <<<EOT
\t\t\t\t\t</td>
\t\t\t\t</tr>
\t\t\t</table>
\t\t</div>
EOT;
}
/**
* Fetch the attachments for a specific post and parse inline [attachment=id] code.
* Note: assumes you have $attachcache, an array of attachments set up.
*
* @param int The ID of the item.
* @param array The post or item passed by reference.
*/
function get_post_attachments($id, &$post)
{
global $attachcache, $mybb, $theme, $templates, $forumpermissions, $lang;
$validationcount = 0;
$tcount = 0;
if (isset($attachcache[$id]) && is_array($attachcache[$id])) {
// This post has 1 or more attachments
foreach ($attachcache[$id] as $aid => $attachment) {
if ($attachment['visible']) {
// There is an attachment thats visible!
$attachment['filename'] = htmlspecialchars_uni($attachment['filename']);
$attachment['filesize'] = get_friendly_size($attachment['filesize']);
$ext = get_extension($attachment['filename']);
if ($ext == "jpeg" || $ext == "gif" || $ext == "bmp" || $ext == "png" || $ext == "jpg") {
$isimage = true;
} else {
$isimage = false;
}
$attachment['icon'] = get_attachment_icon($ext);
// Support for [attachment=id] code
if (stripos($post['message'], "[attachment=" . $attachment['aid'] . "]") !== false) {
// Show as thumbnail IF image is big && thumbnail exists && setting=='thumb'
// Show as full size image IF setting=='fullsize' || (image is small && permissions allow)
// Show as download for all other cases
if ($attachment['thumbnail'] != "SMALL" && $attachment['thumbnail'] != "" && $mybb->settings['attachthumbnails'] == "yes") {
eval("\$attbit = \"" . $templates->get("postbit_attachments_thumbnails_thumbnail") . "\";");
} elseif (($attachment['thumbnail'] == "SMALL" && $forumpermissions['candlattachments'] == 1 || $mybb->settings['attachthumbnails'] == "no") && $isimage) {
eval("\$attbit = \"" . $templates->get("postbit_attachments_images_image") . "\";");
} else {
eval("\$attbit = \"" . $templates->get("postbit_attachments_attachment") . "\";");
}
$post['message'] = preg_replace("#\\[attachment=" . $attachment['aid'] . "]#si", $attbit, $post['message']);
} else {
// Show as thumbnail IF image is big && thumbnail exists && setting=='thumb'
// Show as full size image IF setting=='fullsize' || (image is small && permissions allow)
// Show as download for all other cases
if ($attachment['thumbnail'] != "SMALL" && $attachment['thumbnail'] != "" && $mybb->settings['attachthumbnails'] == "yes") {
eval("\$post['thumblist'] .= \"" . $templates->get("postbit_attachments_thumbnails_thumbnail") . "\";");
if ($tcount == 5) {
$thumblist .= "<br />";
$tcount = 0;
}
++$tcount;
} elseif (($attachment['thumbnail'] == "SMALL" && $forumpermissions['candlattachments'] == 1 || $mybb->settings['attachthumbnails'] == "no") && $isimage) {
eval("\$post['imagelist'] .= \"" . $templates->get("postbit_attachments_images_image") . "\";");
} else {
eval("\$post['attachmentlist'] .= \"" . $templates->get("postbit_attachments_attachment") . "\";");
}
}
} else {
$validationcount++;
}
}
if ($validationcount > 0 && is_moderator($post['fid'])) {
if ($validationcount == 1) {
$postbit_unapproved_attachments = $lang->postbit_unapproved_attachment;
} else {
$postbit_unapproved_attachments = $lang->sprintf($lang->postbit_unapproved_attachments, $validationcount);
}
eval("\$post['attachmentlist'] .= \"" . $templates->get("postbit_attachments_attachment_unapproved") . "\";");
}
if ($post['thumblist']) {
eval("\$post['attachedthumbs'] = \"" . $templates->get("postbit_attachments_thumbnails") . "\";");
}
if ($post['imagelist']) {
eval("\$post['attachedimages'] = \"" . $templates->get("postbit_attachments_images") . "\";");
}
if ($post['attachmentlist'] || $post['thumblist'] || $post['imagelist']) {
eval("\$post['attachments'] = \"" . $templates->get("postbit_attachments") . "\";");
}
}
}
}
$db->delete_query("threadratings", "uid='{$user['uid']}'");
// Update forum stats
update_stats(array('numusers' => '-1'));
// Update forums & threads if user is the lastposter
$db->update_query("posts", array('uid' => 0), "uid='{$user['uid']}'");
$db->update_query("threads", array('uid' => 0), "uid='{$user['uid']}'");
$db->update_query("forums", array("lastposteruid" => 0), "lastposteruid = '{$user['uid']}'");
$db->update_query("threads", array("lastposteruid" => 0), "lastposteruid = '{$user['uid']}'");
// Did this user have an uploaded avatar?
if ($user['avatartype'] == "upload") {
// Removes the ./ at the beginning the timestamp on the end...
@unlink("../" . substr($user['avatar'], 2, -20));
}
// Was this user a moderator?
if (is_moderator($user['uid'])) {
$db->delete_query("moderators", "id='{$user['uid']}' AND isgroup = '0'");
$cache->update_moderators();
}
$plugins->run_hooks("admin_user_users_delete_commit");
// Log admin action
log_admin_action($user['uid'], $user['username']);
flash_message($lang->success_user_deleted, 'success');
admin_redirect("index.php?module=user-users");
} else {
$page->output_confirm_action("index.php?module=user-users&action=delete&uid={$user['uid']}", $lang->user_deletion_confirmation);
}
}
if ($mybb->input['action'] == "referrers") {
$plugins->run_hooks("admin_user_users_referrers");
$page->add_breadcrumb_item($lang->show_referrers);
}
// Hide signature option if no permission
$option_signature = '';
if ($mybb->usergroup['canusesig'] && !$mybb->user['suspendsignature']) {
eval("\$option_signature = \"" . $templates->get('showthread_quickreply_options_signature') . "\";");
}
if (isset($mybb->user['emailnotify']) && $mybb->user['emailnotify'] == 1) {
$postoptionschecked['emailnotify'] = 'checked="checked"';
}
$posthash = md5($mybb->user['uid'] . random_str());
eval("\$quickreply = \"" . $templates->get("showthread_quickreply") . "\";");
}
// If the user is a moderator, show the moderation tools.
if ($ismod) {
$customthreadtools = $customposttools = '';
if (is_moderator($forum['fid'], "canusecustomtools") && (!empty($forum_stats[-1]['modtools']) || !empty($forum_stats[$forum['fid']]['modtools']))) {
switch ($db->type) {
case "pgsql":
case "sqlite":
$query = $db->simple_select("modtools", "tid, name, type", "','||forums||',' LIKE '%,{$fid},%' OR ','||forums||',' LIKE '%,-1,%' OR forums=''");
break;
default:
$query = $db->simple_select("modtools", "tid, name, type", "CONCAT(',',forums,',') LIKE '%,{$fid},%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums=''");
}
while ($tool = $db->fetch_array($query)) {
if ($tool['type'] == 'p') {
eval("\$customposttools .= \"" . $templates->get("showthread_inlinemoderation_custom_tool") . "\";");
} else {
eval("\$customthreadtools .= \"" . $templates->get("showthread_moderationoptions_custom_tool") . "\";");
}
}
/**
* Builds a friendly named Who's Online location from an "activity" and array of user data. Assumes fetch_wol_activity has already been called.
*
* @param array Array containing activity and essential IDs.
* @return string Location name for the activity being performed.
*/
function build_friendly_wol_location($user_activity)
{
global $db, $lang, $uid_list, $aid_list, $pid_list, $tid_list, $fid_list, $ann_list, $eid_list, $plugins, $parser, $mybb;
global $threads, $forums, $forums_linkto, $forum_cache, $posts, $announcements, $events, $usernames, $attachments;
// Fetch forum permissions for this user
$unviewableforums = get_unviewable_forums();
$inactiveforums = get_inactive_forums();
$fidnot = '';
$unviewablefids = $inactivefids = array();
if ($unviewableforums) {
$fidnot = " AND fid NOT IN ({$unviewableforums})";
$unviewablefids = explode(',', $unviewableforums);
}
if ($inactiveforums) {
$fidnot .= " AND fid NOT IN ({$inactiveforums})";
$inactivefids = explode(',', $inactiveforums);
}
// Fetch any users
if (!is_array($usernames) && count($uid_list) > 0) {
$uid_sql = implode(",", $uid_list);
if ($uid_sql != $mybb->user['uid']) {
$query = $db->simple_select("users", "uid,username", "uid IN ({$uid_sql})");
while ($user = $db->fetch_array($query)) {
$usernames[$user['uid']] = $user['username'];
}
} else {
$usernames[$mybb->user['uid']] = $mybb->user['username'];
}
}
// Fetch any attachments
if (!is_array($attachments) && count($aid_list) > 0) {
$aid_sql = implode(",", $aid_list);
$query = $db->simple_select("attachments", "aid,pid", "aid IN ({$aid_sql})");
while ($attachment = $db->fetch_array($query)) {
$attachments[$attachment['aid']] = $attachment['pid'];
$pid_list[] = $attachment['pid'];
}
}
// Fetch any announcements
if (!is_array($announcements) && count($ann_list) > 0) {
$aid_sql = implode(",", $ann_list);
$query = $db->simple_select("announcements", "aid,subject", "aid IN ({$aid_sql}) {$fidnot}");
while ($announcement = $db->fetch_array($query)) {
$announcement_title = htmlspecialchars_uni($parser->parse_badwords($announcement['subject']));
$announcements[$announcement['aid']] = $announcement_title;
}
}
// Fetch any posts
if (!is_array($posts) && count($pid_list) > 0) {
$pid_sql = implode(",", $pid_list);
$query = $db->simple_select("posts", "pid,tid", "pid IN ({$pid_sql}) {$fidnot}");
while ($post = $db->fetch_array($query)) {
$posts[$post['pid']] = $post['tid'];
$tid_list[] = $post['tid'];
}
}
// Fetch any threads
if (!is_array($threads) && count($tid_list) > 0) {
$perms = array();
$tid_sql = implode(",", $tid_list);
$query = $db->simple_select('threads', 'uid, fid, tid, subject, visible, prefix', "tid IN({$tid_sql}) {$fidnot}");
$threadprefixes = build_prefixes();
while ($thread = $db->fetch_array($query)) {
$thread['threadprefix'] = '';
if ($thread['prefix'] && !empty($threadprefixes[$thread['prefix']])) {
$thread['threadprefix'] = $threadprefixes[$thread['prefix']]['displaystyle'];
}
if (empty($perms[$thread['fid']])) {
$perms[$thread['fid']] = forum_permissions($thread['fid']);
}
if (isset($perms[$thread['fid']]['canonlyviewownthreads']) && $perms[$thread['fid']]['canonlyviewownthreads'] == 1 && $thread['uid'] != $mybb->user['uid'] && !is_moderator($thread['fid'])) {
continue;
}
if (is_moderator($thread['fid']) || $thread['visible'] == 1) {
$thread_title = '';
if ($thread['threadprefix']) {
$thread_title = $thread['threadprefix'] . ' ';
}
$thread_title .= htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
$threads[$thread['tid']] = $thread_title;
$fid_list[] = $thread['fid'];
}
}
}
// Fetch any forums
if (!is_array($forums) && count($fid_list) > 0) {
$fidnot = array_merge($unviewablefids, $inactivefids);
foreach ($forum_cache as $fid => $forum) {
if (in_array($fid, $fid_list) && !in_array($fid, $fidnot)) {
$forums[$fid] = $forum['name'];
$forums_linkto[$fid] = $forum['linkto'];
}
}
}
// And finaly any events
if (!is_array($events) && count($eid_list) > 0) {
$eid_sql = implode(",", $eid_list);
$query = $db->simple_select("events", "eid,name", "eid IN ({$eid_sql})");
while ($event = $db->fetch_array($query)) {
$events[$event['eid']] = htmlspecialchars_uni($parser->parse_badwords($event['name']));
}
}
// Now we've got everything we need we can put a name to the location
switch ($user_activity['activity']) {
// announcement.php functions
case "announcements":
if (!empty($announcements[$user_activity['ann']])) {
$location_name = $lang->sprintf($lang->viewing_announcements, get_announcement_link($user_activity['ann']), $announcements[$user_activity['ann']]);
} else {
$location_name = $lang->viewing_announcements2;
}
break;
// attachment.php actions
// attachment.php actions
case "attachment":
$pid = $attachments[$user_activity['aid']];
$tid = $posts[$pid];
if (!empty($threads[$tid])) {
$location_name = $lang->sprintf($lang->viewing_attachment2, $user_activity['aid'], $threads[$tid], get_thread_link($tid));
} else {
$location_name = $lang->viewing_attachment;
}
break;
// calendar.php functions
// calendar.php functions
case "calendar":
$location_name = $lang->viewing_calendar;
break;
case "calendar_event":
if (!empty($events[$user_activity['eid']])) {
$location_name = $lang->sprintf($lang->viewing_event2, get_event_link($user_activity['eid']), $events[$user_activity['eid']]);
} else {
$location_name = $lang->viewing_event;
}
break;
case "calendar_addevent":
$location_name = $lang->adding_event;
break;
case "calendar_editevent":
$location_name = $lang->editing_event;
break;
case "contact":
$location_name = $lang->viewing_contact_us;
break;
// editpost.php functions
// editpost.php functions
case "editpost":
$location_name = $lang->editing_post;
break;
// forumdisplay.php functions
// forumdisplay.php functions
case "forumdisplay":
if (!empty($forums[$user_activity['fid']])) {
if ($forums_linkto[$user_activity['fid']]) {
$location_name = $lang->sprintf($lang->forum_redirect_to, get_forum_link($user_activity['fid']), $forums[$user_activity['fid']]);
} else {
$location_name = $lang->sprintf($lang->viewing_forum2, get_forum_link($user_activity['fid']), $forums[$user_activity['fid']]);
}
} else {
$location_name = $lang->viewing_forum;
}
break;
// index.php functions
// index.php functions
case "index":
$location_name = $lang->sprintf($lang->viewing_index, $mybb->settings['bbname']);
break;
// managegroup.php functions
// managegroup.php functions
case "managegroup":
$location_name = $lang->managing_group;
break;
// member.php functions
// member.php functions
case "member_activate":
$location_name = $lang->activating_account;
break;
case "member_profile":
if (!empty($usernames[$user_activity['uid']])) {
$location_name = $lang->sprintf($lang->viewing_profile2, get_profile_link($user_activity['uid']), $usernames[$user_activity['uid']]);
} else {
$location_name = $lang->viewing_profile;
}
break;
case "member_register":
$location_name = $lang->registering;
break;
case "member":
case "member_login":
// Guest or member?
if ($mybb->user['uid'] == 0) {
$location_name = $lang->logging_in;
} else {
$location_name = $lang->logging_in_plain;
}
break;
case "member_logout":
$location_name = $lang->logging_out;
break;
case "member_emailuser":
$location_name = $lang->emailing_user;
break;
case "member_rate":
$location_name = $lang->rating_user;
break;
case "member_resendactivation":
$location_name = $lang->member_resendactivation;
break;
case "member_lostpw":
$location_name = $lang->member_lostpw;
break;
// memberlist.php functions
// memberlist.php functions
case "memberlist":
$location_name = $lang->viewing_memberlist;
break;
// misc.php functions
// misc.php functions
case "misc_dstswitch":
$location_name = $lang->changing_dst;
break;
case "misc_whoposted":
if (!empty($threads[$user_activity['tid']])) {
$location_name = $lang->sprintf($lang->viewing_whoposted2, get_thread_link($user_activity['tid']), $threads[$user_activity['tid']]);
} else {
$location_name = $lang->viewing_whoposted;
}
break;
case "misc_markread":
$location_name = $lang->sprintf($lang->marking_read, $mybb->post_code);
break;
case "misc_help":
$location_name = $lang->viewing_helpdocs;
break;
case "misc_buddypopup":
$location_name = $lang->viewing_buddylist;
break;
case "misc_smilies":
$location_name = $lang->viewing_smilies;
break;
case "misc_syndication":
$location_name = $lang->viewing_syndication;
break;
case "misc_imcenter":
$location_name = $lang->viewing_imcenter;
break;
// modcp.php functions
// modcp.php functions
case "modcp_modlogs":
$location_name = $lang->viewing_modlogs;
break;
case "modcp_announcements":
$location_name = $lang->managing_announcements;
break;
case "modcp_finduser":
$location_name = $lang->search_for_user;
break;
case "modcp_warninglogs":
$location_name = $lang->managing_warninglogs;
break;
case "modcp_ipsearch":
$location_name = $lang->searching_ips;
break;
case "modcp_report":
$location_name = $lang->viewing_reports;
break;
case "modcp_new_announcement":
$location_name = $lang->adding_announcement;
break;
case "modcp_delete_announcement":
$location_name = $lang->deleting_announcement;
break;
case "modcp_edit_announcement":
$location_name = $lang->editing_announcement;
break;
case "modcp_mod_queue":
$location_name = $lang->managing_modqueue;
break;
case "modcp_editprofile":
$location_name = $lang->editing_user_profiles;
break;
case "modcp_banning":
$location_name = $lang->managing_bans;
break;
case "modcp":
$location_name = $lang->viewing_modcp;
break;
// moderation.php functions
// moderation.php functions
case "moderation":
$location_name = $lang->using_modtools;
break;
// newreply.php functions
// newreply.php functions
case "newreply":
if (!empty($threads[$user_activity['tid']])) {
$location_name = $lang->sprintf($lang->replying_thread2, get_thread_link($user_activity['tid']), $threads[$user_activity['tid']]);
} else {
$location_name = $lang->replying_thread;
}
break;
// newthread.php functions
// newthread.php functions
case "newthread":
if (!empty($forums[$user_activity['fid']])) {
$location_name = $lang->sprintf($lang->posting_thread2, get_forum_link($user_activity['fid']), $forums[$user_activity['fid']]);
} else {
$location_name = $lang->posting_thread;
}
break;
// online.php functions
// online.php functions
case "wol":
$location_name = $lang->viewing_wol;
break;
case "woltoday":
$location_name = $lang->viewing_woltoday;
break;
// polls.php functions
// polls.php functions
case "newpoll":
$location_name = $lang->creating_poll;
break;
case "editpoll":
$location_name = $lang->editing_poll;
break;
case "showresults":
$location_name = $lang->viewing_pollresults;
break;
case "vote":
$location_name = $lang->voting_poll;
break;
// printthread.php functions
// printthread.php functions
case "printthread":
if (!empty($threads[$user_activity['tid']])) {
$location_name = $lang->sprintf($lang->printing_thread2, get_thread_link($user_activity['tid']), $threads[$user_activity['tid']]);
} else {
$location_name = $lang->printing_thread;
}
break;
// private.php functions
// private.php functions
case "private_send":
$location_name = $lang->sending_pm;
break;
case "private_read":
$location_name = $lang->reading_pm;
break;
case "private_folders":
$location_name = $lang->editing_pmfolders;
break;
case "private":
$location_name = $lang->using_pmsystem;
break;
/* Ratethread functions */
/* Ratethread functions */
case "ratethread":
$location_name = $lang->rating_thread;
break;
// report.php functions
// report.php functions
case "report":
$location_name = $lang->reporting_post;
break;
// reputation.php functions
// reputation.php functions
case "reputation":
$location_name = $lang->sprintf($lang->giving_reputation, get_profile_link($user_activity['uid']), $usernames[$user_activity['uid']]);
break;
case "reputation_report":
if (!empty($usernames[$user_activity['uid']])) {
$location_name = $lang->sprintf($lang->viewing_reputation_report, "reputation.php?uid={$user_activity['uid']}", $usernames[$user_activity['uid']]);
} else {
$location_name = $lang->sprintf($lang->viewing_reputation_report2);
}
break;
// search.php functions
// search.php functions
case "search":
$location_name = $lang->sprintf($lang->searching_forum, $mybb->settings['bbname']);
break;
// showthread.php functions
// showthread.php functions
case "showthread":
if (!empty($threads[$user_activity['tid']])) {
$pagenote = '';
$location_name = $lang->sprintf($lang->reading_thread2, get_thread_link($user_activity['tid']), $threads[$user_activity['tid']], $pagenote);
} else {
$location_name = $lang->reading_thread;
}
break;
case "showpost":
if (!empty($posts[$user_activity['pid']]) && !empty($threads[$posts[$user_activity['pid']]])) {
$pagenote = '';
$location_name = $lang->sprintf($lang->reading_thread2, get_thread_link($posts[$user_activity['pid']]), $threads[$posts[$user_activity['pid']]], $pagenote);
} else {
$location_name = $lang->reading_thread;
}
break;
// showteam.php functions
// showteam.php functions
case "showteam":
$location_name = $lang->viewing_team;
break;
// stats.php functions
// stats.php functions
case "stats":
$location_name = $lang->viewing_stats;
break;
// usercp.php functions
// usercp.php functions
case "usercp_profile":
$location_name = $lang->updating_profile;
break;
case "usercp_editlists":
$location_name = $lang->managing_buddyignorelist;
break;
case "usercp_options":
$location_name = $lang->updating_options;
break;
case "usercp_editsig":
$location_name = $lang->editing_signature;
break;
case "usercp_avatar":
$location_name = $lang->changing_avatar;
break;
case "usercp_subscriptions":
$location_name = $lang->viewing_subscriptions;
break;
case "usercp_favorites":
$location_name = $lang->viewing_favorites;
break;
case "usercp_notepad":
$location_name = $lang->editing_pad;
break;
case "usercp_password":
$location_name = $lang->editing_password;
break;
case "usercp":
$location_name = $lang->user_cp;
break;
case "usercp2_favorites":
$location_name = $lang->managing_favorites;
break;
case "usercp2_subscriptions":
$location_name = $lang->managing_subscriptions;
break;
case "portal":
$location_name = $lang->viewing_portal;
break;
// sendthread.php functions
// sendthread.php functions
case "sendthread":
$location_name = $lang->sending_thread;
break;
// warnings.php functions
// warnings.php functions
case "warnings_revoke":
$location_name = $lang->revoking_warning;
break;
case "warnings_warn":
$location_name = $lang->warning_user;
break;
case "warnings_view":
$location_name = $lang->viewing_warning;
break;
case "warnings":
$location_name = $lang->managing_warnings;
break;
}
$plugin_array = array('user_activity' => &$user_activity, 'location_name' => &$location_name);
$plugins->run_hooks("build_friendly_wol_location_end", $plugin_array);
if (isset($user_activity['nopermission']) && $user_activity['nopermission'] == 1) {
$location_name = $lang->viewing_noperms;
}
if (!$location_name) {
$location_name = $lang->sprintf($lang->unknown_location, $user_activity['location']);
}
return $location_name;
}
}
}
} else {
$accesserror = 1;
}
if ($accesserror == 1) {
redirect_header("viewtopic.php?topic_id={$topic_id}&post_id={$post_id}&order={$order}&viewmode={$viewmode}&pid={$pid}&forum={$forum}", 2, _MD_NORIGHTTOPOST);
exit;
}
// Ok, looks like we're good.
} else {
$accesserror = 0;
if ($forumdata['forum_access'] == 3) {
if ($xoopsUser) {
if (!$xoopsUser->isAdmin($xoopsModule->mid())) {
if (!is_moderator($forum, $xoopsUser->uid())) {
$accesserror = 1;
}
}
} else {
$accesserror = 1;
}
} elseif ($forumdata['forum_access'] == 1 && !$xoopsUser) {
$accesserror = 1;
}
if ($accesserror == 1) {
redirect_header("viewtopic.php?topic_id={$topic_id}&post_id={$post_id}&order={$order}&viewmode={$viewmode}&pid={$pid}&forum={$forum}", 2, _MD_NORIGHTTOPOST);
exit;
}
}
include XOOPS_ROOT_PATH . '/header.php';
function show_forum($forum, $start, $sort_style, $user)
{
$gotoStr = "";
$nav = show_page_nav($forum, $start);
if ($nav) {
$gotoStr = "<div align=\"right\">{$nav}</div><br />";
}
echo $gotoStr;
// Display the navbar
start_forum_table(array("", tra("Threads"), tra("Posts"), tra("Author"), tra("Views"), "<nobr>" . tra("Last post") . "</nobr>"));
$sticky_first = !$user || !$user->prefs->ignore_sticky_posts;
// Show hidden threads if logged in user is a moderator
//
$show_hidden = is_moderator($user, $forum);
$threads = get_forum_threads($forum->id, $start, THREADS_PER_PAGE, $sort_style, $show_hidden, $sticky_first);
if ($user) {
$subs = BoincSubscription::enum("userid={$user->id}");
}
// Run through the list of threads, displaying each of them
$n = 0;
$i = 0;
foreach ($threads as $thread) {
$owner = BoincUser::lookup_id($thread->owner);
$unread = thread_is_unread($user, $thread);
//if ($thread->status==1){
// This is an answered helpdesk thread
if ($user && is_subscribed($thread, $subs)) {
echo '<tr class="row_hd' . $n . '">';
} else {
echo '<tr class="row' . $n . '">';
}
echo '<td width="1%"><nobr>';
if ($user && $thread->rating() > $user->prefs->high_rating_threshold) {
show_image(EMPHASIZE_IMAGE, "This message has a high average rating", "Highly rated");
}
if ($user && $thread->rating() < $user->prefs->low_rating_threshold) {
show_image(FILTER_IMAGE, "This message has a low average rating", "Low rated");
}
if ($thread->hidden) {
echo "[hidden]";
}
if ($unread) {
if ($thread->sticky) {
if ($thread->locked) {
show_image(NEW_IMAGE_STICKY_LOCKED, "This thread is sticky and locked, and you haven't read it yet", "sticky/locked/unread");
} else {
show_image(NEW_IMAGE_STICKY, "This thread is sticky and you haven't read it yet", "sticky/unread");
}
} else {
if ($thread->locked) {
show_image(NEW_IMAGE_LOCKED, "You haven't read this thread yet, and it's locked", "unread/locked");
} else {
show_image(NEW_IMAGE, "You haven't read this thread yet", "unread");
}
}
} else {
if ($thread->sticky) {
if ($thread->locked) {
show_image(IMAGE_STICKY_LOCKED, "This thread is sticky and locked", "sticky/locked");
} else {
show_image(IMAGE_STICKY, "This thread is sticky", "sticky");
}
} else {
if ($thread->locked) {
show_image(IMAGE_LOCKED, "This thread is locked", "locked");
}
}
}
echo "</nobr></td>";
$titlelength = 48;
$title = $thread->title;
if (strlen($title) > $titlelength) {
$title = substr($title, 0, $titlelength) . "...";
}
$title = cleanup_title($title);
echo '<td class="threadline">
<a href="forum_thread.php?id=' . $thread->id . '"><strong>' . $title . '</strong></a>
<br /></td>';
$n = ($n + 1) % 2;
echo '<td class="numbers leftborder">' . ($thread->replies + 1) . '</td>
<td class="author leftborder">' . user_links($owner) . '</td>
<td class="numbers leftborder">' . $thread->views . '</td>
<td class="lastpost leftborder">' . time_diff_str($thread->timestamp, time()) . '</td>
</tr>';
flush();
}
end_table();
echo "<br />{$gotoStr}";
// show page links
}
$pid = $attachment['pid'];
$post = get_post($pid);
$thread = get_thread($post['tid']);
if (!$thread['tid'] && !$mybb->input['thumbnail']) {
error($lang->error_invalidthread);
}
$fid = $thread['fid'];
// Get forum info
$forum = get_forum($fid);
// Permissions
$forumpermissions = forum_permissions($fid);
if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'] || $forumpermissions['candlattachments'] == 0 && !$mybb->input['thumbnail']) {
error_no_permission();
}
// Error if attachment is invalid or not visible
if (!$attachment['aid'] || !$attachment['attachname'] || !is_moderator($fid) && ($attachment['visible'] != 1 || $thread['visible'] != 1 || $post['visible'] != 1)) {
error($lang->error_invalidattachment);
}
if (!$mybb->input['thumbnail']) {
$attachupdate = array("downloads" => $attachment['downloads'] + 1);
$db->update_query("attachments", $attachupdate, "aid='{$attachment['aid']}'");
}
// basename isn't UTF-8 safe. This is a workaround.
$attachment['filename'] = ltrim(basename(' ' . $attachment['filename']));
$plugins->run_hooks("attachment_end");
if ($mybb->input['thumbnail']) {
$ext = get_extension($attachment['thumbnail']);
switch ($ext) {
case "gif":
$type = "image/gif";
break;
$f_perm_sql = " AND t.fid NOT IN ({$unviewable_forums})";
}
if ($inactiveforums) {
$f_perm_sql .= " AND t.fid NOT IN ({$inactiveforums})";
}
$visible = " AND t.visible != 0";
if (is_moderator() == true) {
$visible = '';
}
$query = $db->query("\n\t\tSELECT t.*, t.username AS threadusername, u.username\n\t\tFROM " . TABLE_PREFIX . "threads t\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid = t.uid)\n\t\tWHERE t.uid='" . $mybb->user['uid'] . "' AND t.firstpost != 0 AND t.visible >= 0 {$visible}{$f_perm_sql}\n\t\tORDER BY t.lastpost DESC\n\t\tLIMIT 0, 5\n\t");
// Figure out whether we can view these threads...
$threadcache = array();
$fpermissions = forum_permissions();
while ($thread = $db->fetch_array($query)) {
// Moderated, and not moderator?
if ($thread['visible'] == 0 && is_moderator($thread['fid'], "canviewunapprove") === false) {
continue;
}
$forumpermissions = $fpermissions[$thread['fid']];
if ($forumpermissions['canview'] != 0 || $forumpermissions['canviewthreads'] != 0) {
$threadcache[$thread['tid']] = $thread;
}
}
$latest_threads = '';
if (!empty($threadcache)) {
$tids = implode(",", array_keys($threadcache));
// Read Forums
$query = $db->query("\n\t\t\tSELECT f.fid, fr.dateline AS lastread\n\t\t\tFROM " . TABLE_PREFIX . "forums f\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')\n\t\t\tWHERE f.active != 0\n\t\t\tORDER BY pid, disporder\n\t\t");
while ($forum = $db->fetch_array($query)) {
$readforums[$forum['fid']] = $forum['lastread'];
}
?>
<?php
echo $user_profile['lastName'];
?>
(<?php
echo $user_profile['username'];
?>
)'s profile</b><br>
<br>
<?php
}
?>
<?php
if (is_moderator($_SESSION['username'])) {
if (!is_moderator($user_profile['username'])) {
echo '<a class="btn btn-success btn-block" href="profile.php?action=addmoderator&id=' . $user_profile['username'] . '">Promote to Moderator</a><br><br>';
} else {
echo '<a class="btn btn-warning btn-block" href="profile.php?action=removemoderator&id=' . $user_profile['username'] . '">Demote to User</a><br><br>';
}
}
?>
<div class="panel panel-default">
<div class="panel-heading"><?php
echo $user_profile['username'];
?>
's Favorite Artists</div>
<div class="panel-body">
<ul class="list-group">
<?php
$favorites = get_all_usernames_and_favorites_per_favorite($username);
// Display a thread.
// Display a thread.
case "thread":
$thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
// Fetch the forum this thread is in
$forum = get_forum($thread['fid']);
if (!$forum['fid'] || $forum['password'] != '') {
archive_error($lang->error_invalidforum);
}
// Check if we have permission to view this thread
$forumpermissions = forum_permissions($forum['fid']);
if ($forumpermissions['canview'] != 1 || $forumpermissions['canviewthreads'] != 1) {
archive_error_no_permission();
}
if ($thread['visible'] != 1) {
if (is_moderator($forum['fid'])) {
archive_error($lang->sprintf($lang->error_unapproved_thread, $mybb->settings['bburl'] . "/" . get_thread_link($thread['tid'], $page)));
} else {
archive_error($lang->error_invalidthread);
}
}
if ($forumpermissions['canonlyviewownthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) {
archive_error_no_permission();
}
check_forum_password_archive($forum['fid']);
// Build the navigation
build_forum_breadcrumb($forum['fid'], 1);
add_breadcrumb($thread['subject']);
archive_header($thread['subject'], $thread['subject'], $mybb->settings['bburl'] . "/" . get_thread_link($thread['tid'], $page));
$plugins->run_hooks("archive_thread_start");
if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) {
if ($mybb->input['action'] == "edit_announcement") {
if ($mybb->usergroup['canmanageannounce'] == 0) {
error_no_permission();
}
$aid = $mybb->get_input('aid', MyBB::INPUT_INT);
add_breadcrumb($lang->mcp_nav_announcements, "modcp.php?action=announcements");
add_breadcrumb($lang->edit_announcement, "modcp.php?action=edit_announcements&aid={$aid}");
// Get announcement
if (!isset($announcement)) {
$query = $db->simple_select("announcements", "*", "aid='{$aid}'");
$announcement = $db->fetch_array($query);
}
if (!$announcement) {
error($lang->error_invalid_announcement);
}
if ($mybb->usergroup['issupermod'] != 1 && $announcement['fid'] == -1 || $announcement['fid'] != -1 && !is_moderator($announcement['fid'], "canmanageannouncements") || $unviewableforums && in_array($announcement['fid'], $unviewableforums)) {
error_no_permission();
}
if (!$announcement['startdate']) {
// No start date? Make it now.
$announcement['startdate'] = TIME_NOW;
}
$makeshift_end = false;
if (!$announcement['enddate']) {
$makeshift_end = true;
$makeshift_time = TIME_NOW;
if ($announcement['startdate']) {
$makeshift_time = $announcement['startdate'];
}
// No end date? Make it a year from now.
$announcement['enddate'] = $makeshift_time + 60 * 60 * 24 * 366;
$inactive = get_inactive_forums();
if ($inactive) {
$sql[] = "p.fid NOT IN ({$inactive})";
}
if (!$mybb->user['ismoderator']) {
$sql[] = "p.visible='1'";
$sql[] = "t.visible='1'";
}
$sql = implode(' AND ', $sql);
$query = $db->query("\n\t\t\tSELECT p.pid, p.uid, p.fid, p.visible, p.message, t.tid, t.subject, t.visible AS thread_visible\n\t\t\tFROM " . TABLE_PREFIX . "posts p\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n\t\t\tWHERE {$sql}\n\t\t");
$forumpermissions = array();
while ($post = $db->fetch_array($query)) {
if (($post['visible'] == 0 || $post['thread_visible'] == 0) && !is_moderator($post['fid'], 'canviewunapprove')) {
continue;
}
if (($post['visible'] == -1 || $post['thread_visible'] == -1) && !is_moderator($post['fid'], 'canviewdeleted')) {
continue;
}
if (!isset($forumpermissions[$post['fid']])) {
$forumpermissions[$post['fid']] = forum_permissions($post['fid']);
}
// Make sure we can view this post
if (isset($forumpermissions[$post['fid']]['canonlyviewownthreads']) && $forumpermissions[$post['fid']]['canonlyviewownthreads'] == 1 && $post['uid'] != $mybb->user['uid']) {
continue;
}
$post_reputation[$post['pid']] = $post;
}
}
$reputation_votes = '';
foreach ($reputation_cache as $reputation_vote) {
// Get the reputation for the user who posted this comment
" class="img-circle profile-pic left">
<p class="info">
<a href="<?php
echo base_url('person/profile/' . $reply->PERSON_ID);
?>
" class="name"><strong><?php
echo $reply->DISPLAY_NAME;
?>
</strong></a>
<span class="date"><?php
echo $reply->TIME;
?>
</span>
<br>
<?php
if (is_person($reply->PERSON_ID) || is_admin() || is_moderator($post->POST_ID)) {
?>
<a href="<?php
echo base_url('post/edit_reply/' . $reply->POST_ID);
?>
" class="tag yellow"><span class="glyphicon glyphicon-pencil"></span> Edit</a>
<a href="<?php
echo base_url('post/remove/' . $post->POST_ID . '/' . $reply->POST_ID);
?>
" class="tag red"><span class="glyphicon glyphicon-trash"></span> Remove</a>
<?php
}
?>
<?php
if (!is_person($reply->PERSON_ID)) {
?>
?>
</a>
<?php
}
?>
Date: <?php
echo $comment['postDate'];
?>
<br>
Comment: <?php
echo $comment['comment'];
?>
<br>
<?php
if ($comment['username'] == $_SESSION['username'] || is_moderator($_SESSION['username'])) {
?>
(<a href="comment.php?action=editcomment&id=<?php
echo $details['artistId'];
?>
&commentId=<?php
echo $comment['commentId'];
?>
">Edit</a> | <a href="comment.php?action=deletecomment&artistId=<?php
echo $details['artistId'];
?>
&id=<?php
echo $comment['commentId'];
?>
">Delete</a>)<br>
<?php
/**
* Verifies if a birthday is valid or not.
*
* @return boolean True when valid, false when invalid.
*/
function verify_birthday()
{
global $mybb;
$user =& $this->data;
$birthday =& $user['birthday'];
if (!is_array($birthday)) {
return true;
}
// Sanitize any input we have
$birthday['day'] = (int) $birthday['day'];
$birthday['month'] = (int) $birthday['month'];
$birthday['year'] = (int) $birthday['year'];
// Error if a day and month exists, and the birthday day and range is not in range
if ($birthday['day'] != 0 || $birthday['month'] != 0) {
if ($birthday['day'] < 1 || $birthday['day'] > 31 || $birthday['month'] < 1 || $birthday['month'] > 12 || $birthday['month'] == 2 && $birthday['day'] > 29) {
$this->set_error("invalid_birthday");
return false;
}
}
// Check if the day actually exists.
$months = get_bdays($birthday['year']);
if ($birthday['month'] != 0 && $birthday['day'] > $months[$birthday['month'] - 1]) {
$this->set_error("invalid_birthday");
return false;
}
// Error if a year exists and the year is out of range
if ($birthday['year'] != 0 && $birthday['year'] < date("Y") - 100 || $birthday['year'] > date("Y")) {
$this->set_error("invalid_birthday");
return false;
} else {
if ($birthday['year'] == date("Y")) {
// Error if birth date is in future
if ($birthday['month'] > date("m") || $birthday['month'] == date("m") && $birthday['day'] > date("d")) {
$this->set_error("invalid_birthday");
return false;
}
}
}
// Error if COPPA is on, and the user hasn't verified their age / under 13
if ($mybb->settings['coppa'] == "enabled" && ($birthday['year'] == 0 || !$birthday['year'])) {
$this->set_error("invalid_birthday_coppa");
return false;
} elseif ($mybb->settings['coppa'] == "deny" && $birthday['year'] > date("Y") - 13 && !is_moderator()) {
$this->set_error("invalid_birthday_coppa2");
return false;
}
// Make the user's birthday field
if ($birthday['year'] != 0) {
// If the year is specified, put together a d-m-y string
$user['bday'] = $birthday['day'] . "-" . $birthday['month'] . "-" . $birthday['year'];
} elseif ($birthday['day'] && $birthday['month']) {
// If only a day and month are specified, put together a d-m string
$user['bday'] = $birthday['day'] . "-" . $birthday['month'] . "-";
} else {
// No field is specified, so return an empty string for an unknown birthday
$user['bday'] = '';
}
return true;
}
}
$plugins->run_hooks("usercp2_removesubscription_forum");
remove_subscribed_forum($forum['fid']);
if ($server_http_referer) {
$url = $server_http_referer;
} else {
$url = "usercp.php?action=forumsubscriptions";
}
redirect($url, $lang->redirect_forumsubscriptionremoved);
} else {
$thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
if (!$thread) {
error($lang->error_invalidthread);
}
// Is the currently logged in user a moderator of this forum?
if (is_moderator($thread['fid'])) {
$ismod = true;
} else {
$ismod = false;
}
// Make sure we are looking at a real thread here.
if ($thread['visible'] != 1 && $ismod == false || $thread['visible'] > 1 && $ismod == true) {
error($lang->error_invalidthread);
}
$plugins->run_hooks("usercp2_removesubscription_thread");
remove_subscribed_thread($thread['tid']);
if ($server_http_referer) {
$url = $server_http_referer;
} else {
$url = "usercp.php?action=subscriptions";
}
function akismet_postbit(&$post)
{
global $templates, $mybb, $theme, $lang;
if (!$mybb->settings['akismetswitch'] || !is_moderator($post['fid'])) {
return;
}
if ($mybb->settings['akismetuidsignore']) {
$akismet_uids_ignore = explode(',', $mybb->settings['akismetuidsignore']);
if (in_array($usergroup, $akismet_uids_ignore)) {
return;
}
}
if (is_super_admin($post['uid'])) {
return;
}
$lang->load("akismet", false, true);
eval("\$post['button_spam'] = \"" . $templates->get("akismet_postbit_spam") . "\";");
}
break;
}
$x = "\nYour post was categorized as " . $c;
$x .= mod_comment();
return $x;
}
$user = get_logged_in_user();
check_tokens($user->authenticator);
BoincForumPrefs::lookup($user);
$post = BoincPost::lookup_id(get_int('id'));
if (!$post) {
error_page("no such post");
}
$thread = BoincThread::lookup_id($post->thread);
$forum = BoincForum::lookup_id($thread->forum);
if (!is_moderator($user, $forum)) {
error_page(tra("You are not authorized to moderate this post."));
}
// See if "action" is provided - either through post or get
if (!post_str('action', true)) {
if (!get_str('action', true)) {
error_page(tra("You must specify an action..."));
} else {
$action = get_str('action');
}
} else {
$action = post_str('action');
}
$explanation = null;
if ($action == "hide") {
$result = hide_post($post, $thread, $forum);
}
$message = '';
// Are we loading all quoted posts or only those not in the current thread?
if (empty($mybb->input['load_all'])) {
$from_tid = "p.tid != '" . $mybb->get_input('tid', MyBB::INPUT_INT) . "' AND ";
} else {
$from_tid = '';
}
require_once MYBB_ROOT . "inc/class_parser.php";
$parser = new postParser();
require_once MYBB_ROOT . "inc/functions_posting.php";
$plugins->run_hooks("xmlhttp_get_multiquoted_intermediate");
// Query for any posts in the list which are not within the specified thread
$query = $db->query("\n\t\tSELECT p.subject, p.message, p.pid, p.tid, p.username, p.dateline, t.fid, p.visible, u.username AS userusername\n\t\tFROM " . TABLE_PREFIX . "posts p\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n\t\tWHERE {$from_tid}p.pid IN ({$quoted_posts}) {$unviewable_forums} {$inactiveforums}\n\t\tORDER BY p.dateline\n\t");
while ($quoted_post = $db->fetch_array($query)) {
if (!is_moderator($quoted_post['fid'], "canviewunapprove") && $quoted_post['visible'] == 0) {
continue;
}
$message .= parse_quoted_message($quoted_post, false);
}
if ($mybb->settings['maxquotedepth'] != '0') {
$message = remove_message_quotes($message);
}
// Send our headers.
header("Content-type: application/json; charset={$charset}");
$plugins->run_hooks("xmlhttp_get_multiquoted_end");
echo json_encode(array("message" => $message));
exit;
} else {
if ($mybb->input['action'] == "refresh_captcha") {
$imagehash = $db->escape_string($mybb->get_input('imagehash'));
$foruminfo = $forum;
if ($forum['rulestype'] == 3) {
eval("\$forumrules = \"" . $templates->get("forumdisplay_rules") . "\";");
} else {
if ($forum['rulestype'] == 2) {
eval("\$forumrules = \"" . $templates->get("forumdisplay_rules_link") . "\";");
}
}
}
$moderation_notice = '';
if (!is_moderator($forum['fid'], "canapproveunapproveattachs")) {
if ($forumpermissions['modattachments'] == 1 && $forumpermissions['canpostattachments'] != 0) {
$moderation_text = $lang->moderation_forum_attachments;
eval('$moderation_notice = "' . $templates->get('global_moderation_notice') . '";');
}
}
if (!is_moderator($forum['fid'], "canapproveunapproveposts")) {
if ($forumpermissions['modposts'] == 1) {
$moderation_text = $lang->moderation_forum_posts;
eval('$moderation_notice = "' . $templates->get('global_moderation_notice') . '";');
}
if ($mybb->user['moderateposts'] == 1) {
$moderation_text = $lang->moderation_user_posts;
eval('$moderation_notice = "' . $templates->get('global_moderation_notice') . '";');
}
}
$plugins->run_hooks("newreply_end");
$forum['name'] = strip_tags($forum['name']);
eval("\$newreply = \"" . $templates->get("newreply") . "\";");
output_page($newreply);
}
