Exemple #1
0
     }
     $attachcount++;
     if (!$foruminfo['allowposting']) {
         $error = $vbphrase['this_forum_is_not_accepting_new_attachments'];
         $errors[] = array('filename' => $attachment['name'], 'error' => $error);
     } else {
         if ($vbulletin->options['attachlimit'] and $attachcount > $vbulletin->options['attachlimit']) {
             $error = construct_phrase($vbphrase['you_may_only_attach_x_files_per_post'], $vbulletin->options['attachlimit']);
             $errors[] = array('filename' => $attachment['name'], 'error' => $error);
         } else {
             if ($attachmentid = $upload->process_upload($attachment)) {
                 if ($vbulletin->userinfo['userid'] != $postinfo['userid'] and can_moderate($threadinfo['forumid'], 'caneditposts')) {
                     $postinfo['attachmentid'] =& $attachmentid;
                     $postinfo['forumid'] =& $foruminfo['forumid'];
                     require_once DIR . '/includes/functions_log_error.php';
                     log_moderator_action($postinfo, 'attachment_uploaded');
                 }
             } else {
                 $attachcount--;
             }
             if ($error = $upload->fetch_error()) {
                 $errors[] = array('filename' => is_array($attachment) ? $attachment['name'] : $attachment, 'error' => $error);
             }
         }
     }
 }
 ($hook = vBulletinHook::fetch_hook('newattachment_attach')) ? eval($hook) : false;
 if (!empty($errors)) {
     $errorlist = '';
     foreach ($errors as $error) {
         $filename = htmlspecialchars_uni($error['filename']);
Exemple #2
0
    // Validate Messages
    $messages = $db->query_read_slave("\n\t\tSELECT gm.gmid, gm.state, gm.groupid, gm.dateline, gm.postuserid, gm.postusername,\n\t\t\tsocialgroup.name AS group_name, socialgroup.creatoruserid\n\t\tFROM " . TABLE_PREFIX . "groupmessage AS gm\n\t\tLEFT JOIN " . TABLE_PREFIX . "socialgroup AS socialgroup ON (socialgroup.groupid = gm.groupid)\n\t\tWHERE gmid IN ({$messageids})\n\t\t\tAND state = 'deleted'\n\t");
    while ($message = $db->fetch_array($messages)) {
        $message['is_group_owner'] = $message['creatoruserid'] == $vbulletin->userinfo['userid'];
        $messagearray["{$message['gmid']}"] = $message;
        $grouplist["{$message['groupid']}"] = true;
    }
    if (empty($messagearray)) {
        standard_error(fetch_error('you_did_not_select_any_valid_messages'));
    }
    $db->query_write("\n\t\tDELETE FROM " . TABLE_PREFIX . "deletionlog\n\t\tWHERE type = 'groupmessage' AND\n\t\t\tprimaryid IN(" . implode(',', array_keys($messagearray)) . ")\n\t");
    $db->query_write("\n\t\tUPDATE " . TABLE_PREFIX . "groupmessage\n\t\tSET state = 'visible'\n\t\tWHERE gmid IN(" . implode(',', array_keys($messagearray)) . ")\n\t");
    foreach ($grouplist as $groupid => $foo) {
        build_group_counters($groupid);
    }
    foreach ($messagearray as $message) {
        if (!$message['is_group_owner']) {
            log_moderator_action($message, 'gm_by_x_for_y_undeleted', array($message['postusername'], $message['group_name']));
        }
    }
    // empty cookie
    setcookie('vbulletin_inlinegmessage', '', TIMENOW - 3600, '/');
    ($hook = vBulletinHook::fetch_hook('group_inlinemod_undelete')) ? eval($hook) : false;
    eval(print_standard_redirect('redirect_inline_undeletedmessages', true, $forceredirect));
}
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 09:39, Wed Nov 5th 2008
|| # SVN: $Revision: 27889 $
|| ####################################################################
\*======================================================================*/
 function insert_moderator_log()
 {
     if ($this->modlog) {
         require_once DIR . '/includes/functions_log_error.php';
         $threadid = intval(($tid = $this->fetch_field('threadid')) ? $tid : $this->info['thread']['threadid']);
         $forumid = intval(($fid = $this->fetch_field('forumid')) ? $fid : $this->info['forum']['forumid']);
         if (can_moderate($forumid)) {
             foreach ($this->modlog as $entry) {
                 $entry['forumid'] = $forumid;
                 $entry['threadid'] = $threadid;
                 log_moderator_action($entry, $entry['type'], $entry['action']);
             }
         }
         $this->modlog = array();
     }
 }
Exemple #4
0
    // Verify incoming POST request
    verify_post_check($mybb->get_input('my_post_key'));
    // Fetch the existing reputation for this user given by our current user if there is one.
    $query = $db->query("\n\t\tSELECT r.*, u.username\n\t\tFROM " . TABLE_PREFIX . "reputation r\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=r.adduid)\n\t\tWHERE rid = '" . $mybb->get_input('rid', MyBB::INPUT_INT) . "'\n\t");
    $existing_reputation = $db->fetch_array($query);
    // Only administrators, super moderators, as well as users who gave a specifc vote can delete one.
    if ($mybb->usergroup['issupermod'] != 1 && ($mybb->usergroup['candeletereputations'] != 1 || $existing_reputation['adduid'] != $mybb->user['uid'] || $mybb->user['uid'] == 0)) {
        error_no_permission();
    }
    // Delete the specified reputation
    $db->delete_query("reputation", "uid='{$uid}' AND rid='" . $mybb->get_input('rid', MyBB::INPUT_INT) . "'");
    // Recount the reputation of this user - keep it in sync.
    $query = $db->simple_select("reputation", "SUM(reputation) AS reputation_count", "uid='{$uid}'");
    $reputation_value = $db->fetch_field($query, "reputation_count");
    // Create moderator log
    log_moderator_action(array("uid" => $user['uid'], "username" => $user['username']), $lang->sprintf($lang->delete_reputation_log, $existing_reputation['username'], $existing_reputation['adduid']));
    $db->update_query("users", array('reputation' => (int) $reputation_value), "uid='{$uid}'");
    redirect("reputation.php?uid={$uid}", $lang->vote_deleted_message);
}
// Otherwise, show a listing of reputations for the given user.
if (!$mybb->input['action']) {
    if ($mybb->usergroup['canviewprofiles'] == 0) {
        // Reputation page is a part of a profile
        error_no_permission();
    }
    // Set display group to their user group if they don't have a display group.
    if (!$user['displaygroup']) {
        $user['displaygroup'] = $user['usergroup'];
    }
    // Fetch display group properties.
    $displaygroupfields = array('title', 'description', 'namestyle', 'usertitle', 'stars', 'starimage', 'image', 'usereputationsystem');
Exemple #5
0
        if ($existing_ban) {
            $update_array = array('gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 'dateline' => TIME_NOW, 'bantime' => $db->escape_string($mybb->get_input('liftafter')), 'lifted' => $db->escape_string($lifted), 'reason' => $db->escape_string($banreason));
            $db->update_query('banned', $update_array, "uid='{$user['uid']}'");
        } else {
            $insert_array = array('uid' => $user['uid'], 'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 'oldgroup' => (int) $user['usergroup'], 'oldadditionalgroups' => (string) $user['additionalgroups'], 'olddisplaygroup' => (int) $user['displaygroup'], 'admin' => (int) $mybb->user['uid'], 'dateline' => TIME_NOW, 'bantime' => $db->escape_string($mybb->get_input('liftafter')), 'lifted' => $db->escape_string($lifted), 'reason' => $db->escape_string($banreason));
            $db->insert_query('banned', $insert_array);
        }
        // Move the user to the banned group
        $update_array = array('usergroup' => $mybb->get_input('usergroup', MyBB::INPUT_INT), 'displaygroup' => 0, 'additionalgroups' => '');
        $db->update_query('users', $update_array, "uid = {$user['uid']}");
        $cache->update_banned();
        // Log edit or add ban
        if ($existing_ban) {
            log_moderator_action(array("uid" => $user['uid'], "username" => $user['username']), $lang->edited_user_ban);
        } else {
            log_moderator_action(array("uid" => $user['uid'], "username" => $user['username']), $lang->banned_user);
        }
        $plugins->run_hooks("modcp_do_banuser_end");
        if ($existing_ban) {
            redirect("modcp.php?action=banning", $lang->redirect_banuser_updated);
        } else {
            redirect("modcp.php?action=banning", $lang->redirect_banuser);
        }
    } else {
        $mybb->input['action'] = "banuser";
    }
}
if ($mybb->input['action'] == "banuser") {
    add_breadcrumb($lang->mcp_nav_banning, "modcp.php?action=banning");
    if ($mybb->usergroup['canbanusers'] == 0) {
        error_no_permission();
Exemple #6
0
        $socialgroupmemberdm = datamanager_init('SocialGroupMember', $vbulletin);
        $vbulletin->GPC['ids'][] = 0;
        $ids = implode(', ', $vbulletin->GPC['ids']);
        $invites = $vbulletin->db->query_read("\n\t\t\tSELECT * FROM " . TABLE_PREFIX . "socialgroupmember\n\t\t\tWHERE groupid = " . $group['groupid'] . " AND userid IN({$ids})" . ($_POST['do'] == 'cancelinvites' ? " AND type = 'invited'" : ''));
        while ($invite = $vbulletin->db->fetch_array($invites)) {
            ($hook = vBulletinHook::fetch_hook('group_kickmember')) ? eval($hook) : false;
            if ($invite['userid'] != $group['creatoruserid']) {
                $socialgroupmemberdm->set_existing($invite);
                $socialgroupmemberdm->delete();
            }
        }
        unset($socialgroupmemberdm);
    }
    if (!$group['is_owner'] and can_moderate(0, 'candeletesocialgroups')) {
        require_once DIR . '/includes/functions_log_error.php';
        log_moderator_action($group, 'social_group_x_members_managed', array($group['name']));
    }
    if ($group['members'] - sizeof($ids) <= 1 and $_REQUEST['do'] == 'kickmembers') {
        $vbulletin->url = 'group.php?' . $vbulletin->session->vars['sessionurl'] . 'groupid=' . $group['groupid'];
    } else {
        $vbulletin->url = 'group.php?' . $vbulletin->session->vars['sessionurl'] . 'do=manage' . ($_REQUEST['do'] == 'kickmembers' ? 'members' : '') . '&amp;groupid=' . $group['groupid'];
    }
    ($hook = vBulletinHook::fetch_hook('group_kickmember_complete')) ? eval($hook) : false;
    $phrase = $_POST['do'] == 'cancelinvites' ? 'successfully_removed_invites' : 'successfully_kicked_members';
    eval(print_standard_redirect($phrase));
}
// #######################################################################
if ($_POST['do'] == 'pendingmembers') {
    if (!fetch_socialgroup_modperm('caninvitemoderatemembers', $group)) {
        print_no_permission();
    }
Exemple #7
0
    if (TIMENOW + $vbulletin->GPC['timeout'] * 86400 >= 2147483647) {
        // maximuim size of a 32 bit integer
        eval(standard_error(fetch_error('maxpolltimeout')));
    }
    $poll->set('question', $vbulletin->GPC['pollquestion']);
    $poll->set('active', $vbulletin->GPC['closepoll'] ? 0 : 1);
    $poll->set('timeout', $vbulletin->GPC['timeout']);
    // only let a poll go from public to private, not the other way about
    if ($pollinfo['public']) {
        $poll->set('public', $vbulletin->GPC['public']);
    }
    ($hook = vBulletinHook::fetch_hook('poll_update_process')) ? eval($hook) : false;
    $poll->save();
    $pollinfo['threadid'] = $threadinfo['threadid'];
    require_once DIR . '/includes/functions_log_error.php';
    log_moderator_action($pollinfo, 'poll_edited');
    ($hook = vBulletinHook::fetch_hook('poll_update_complete')) ? eval($hook) : false;
    $vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}";
    eval(print_standard_redirect('redirect_editthanks'));
}
// ############################### start show results without vote ###############################
if ($_REQUEST['do'] == 'showresults') {
    if (!$pollinfo['pollid']) {
        eval(standard_error(fetch_error('invalidid', $vbphrase['poll'], $vbulletin->options['contactuslink'])));
    }
    ($hook = vBulletinHook::fetch_hook('poll_results_start')) ? eval($hook) : false;
    $counter = 1;
    $pollbits = '';
    $bbcode_parser =& new vB_BbCodeParser($vbulletin, fetch_tag_list());
    $pollinfo['question'] = $bbcode_parser->parse(unhtmlspecialchars($pollinfo['question']), $foruminfo['forumid'], 1);
    $splitoptions = explode('|||', $pollinfo['options']);
Exemple #8
0
        } else {
            $hard_delete = false;
        }
        $dataman =& datamanager_init('PictureComment', $vbulletin, ERRTYPE_STANDARD);
        $dataman->set_existing($commentinfo);
        if ($pictureuser = fetch_userinfo($pictureinfo['userid'])) {
            $dataman->set_info('pictureuser', $pictureuser);
        }
        $dataman->set_info('pictureinfo', $pictureinfo);
        $dataman->set_info('hard_delete', $hard_delete);
        $dataman->set_info('reason', $vbulletin->GPC['reason']);
        $dataman->delete();
        unset($dataman);
        if ($comentinfo['postuserid'] != $vbulletin->userinfo['userid'] and (can_moderate(0, 'candeletepicturecomments') or can_moderate(0, 'canremovepicturecomments'))) {
            require_once DIR . '/includes/functions_log_error.php';
            log_moderator_action($pictureinfo, $hard_delete ? 'pc_by_x_on_y_removed' : 'pc_by_x_on_y_soft_deleted', array($commentinfo['postusername'], fetch_trimmed_title($pictureinfo['caption'], 50)));
        }
        print_standard_redirect('picturecomment_deleted');
    } else {
        print_standard_redirect('picturecomment_nodelete');
    }
}
// ############################### start retrieve ip ###############################
if ($_REQUEST['do'] == 'viewip') {
    // check moderator permissions for getting ip
    if (!can_moderate(0, 'canviewips')) {
        print_no_permission();
    }
    if (!$commentinfo['commentid']) {
        standard_error(fetch_error('invalidid', $vbphrase['comment'], $vbulletin->options['contactuslink']));
    }
Exemple #9
0
     $modlogdata['tid'] = $tid;
     if ($firstpost) {
         if ($forumpermissions['candeletethreads'] == 1 || is_moderator($fid, "candeletethreads")) {
             delete_thread($tid);
             mark_reports($tid, "thread");
             log_moderator_action($modlogdata, $lang->thread_deleted);
             redirect(get_forum_link($fid), $lang->redirect_threaddeleted);
         } else {
             error_no_permission();
         }
     } else {
         if ($forumpermissions['candeleteposts'] == 1 || is_moderator($fid, "candeleteposts")) {
             // Select the first post before this
             delete_post($pid, $tid);
             mark_reports($pid, "post");
             log_moderator_action($modlogdata, $lang->post_deleted);
             $query = $db->simple_select("posts", "pid", "tid='{$tid}' AND dateline <= '{$post['dateline']}'", array("limit" => 1, "order_by" => "dateline", "order_dir" => "desc"));
             $next_post = $db->fetch_array($query);
             if ($next_post['pid']) {
                 $redirect = get_post_link($next_post['pid'], $tid) . "#pid{$next_post['pid']}";
             } else {
                 $redirect = get_thread_link($tid);
             }
             redirect($redirect, $lang->redirect_postdeleted);
         } else {
             error_no_permission();
         }
     }
 } else {
     error($lang->redirect_nodelete);
 }
Exemple #10
0
        $merge_thread->save();
        if ($vbulletin->GPC['redirect'] == 'expires') {
            $db->query_write("\n\t\t\t\tINSERT INTO " . TABLE_PREFIX . "threadredirect\n\t\t\t\t\t(threadid, expires)\n\t\t\t\tVALUES\n\t\t\t\t\t({$mergethreadinfo['threadid']}, {$expires})\n\t\t\t");
        }
    } else {
        // remove remnants of merge thread
        $merge_thread->delete(false, true, NULL, false);
    }
    unset($merge_thread);
    build_thread_counters($threadinfo['threadid']);
    build_forum_counters($threadinfo['forumid']);
    if ($mergethreadinfo['forumid'] != $threadinfo['forumid']) {
        build_forum_counters($mergethreadinfo['forumid']);
    }
    vB_ActivityStream_Populate_Forum_Thread::rebuild_thread(array($threadinfo['threadid'], $mergethreadinfo['threadid']));
    log_moderator_action($threadinfo, 'thread_merged_with_x', $mergethreadinfo['title']);
    ($hook = vBulletinHook::fetch_hook('threadmanage_merge_complete')) ? eval($hook) : false;
    $vbulletin->url = fetch_seo_url('thread', $threadinfo);
    print_standard_redirect('redirect_mergethread');
}
// ############################### start stick / unstick thread ###############################
if ($_POST['do'] == 'stick') {
    if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
        if (can_moderate($threadinfo['forumid'])) {
            print_no_permission();
        } else {
            eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])));
        }
    }
    if (!can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
        print_no_permission();
Exemple #11
0
    $db->query_write("\n\t\tUPDATE " . TABLE_PREFIX . "groupmessage\n\t\tSET state = 'visible'\n\t\tWHERE gmid IN(" . implode(',', array_keys($messagearray)) . ")\n\t");
    foreach (array_keys($messagearray) as $gmid) {
        vB_Search_Indexcontroller_Queue::indexQueue('vBForum', 'SocialGroupMessage', 'index', $gmid, null, null);
    }
    foreach (array_keys($discussionlist) as $discussionid) {
        build_discussion_counters($discussionid);
    }
    foreach (array_keys($grouplist) as $groupid) {
        build_group_counters($groupid);
    }
    foreach ($messagearray as $message) {
        if (!$message['is_group_owner']) {
            if ($message['firstpost']) {
                log_moderator_action($message, 'discussion_by_x_for_y_undeleted', array($message['postusername'], $message['group_name']));
            } else {
                log_moderator_action($message, 'gm_by_x_in_y_for_z_undeleted', array($message['postusername'], $message['discussion_name'], $message['group_name']));
            }
        }
    }
    // empty cookie
    setcookie($inline_cookie, '', TIMENOW - 3600, '/');
    ($hook = vBulletinHook::fetch_hook('group_inlinemod_undelete')) ? eval($hook) : false;
    if ($inline_discussion) {
        print_standard_redirect('redirect_inline_undeleteddiscussions', true, $forceredirect);
    } else {
        print_standard_redirect('redirect_inline_undeletedmessages', true, $forceredirect);
    }
}
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 03:13, Sat Sep 7th 2013
Exemple #12
0
	/**
	* pre_delete function - extend if the contenttype needs to do anything
	*
	* @param	array		list of deleted attachment ids to delete
	* @param	boolean	verify permission to delete
	*
	* @return	boolean
	*/
	public function pre_delete($list, $checkperms = true)
	{
		@ignore_user_abort(true);

		// init lists
		$this->lists = array(
			'grouplist'   => array(),
		);

		if ($checkperms)
		{
			// Verify that we have permission to view these attachmentids
			$attachmultiple = new vB_Attachment_Display_Multiple($this->registry);
			$attachments = $attachmultiple->fetch_results("a.attachmentid IN (" . implode(", ", $list) . ")");

			if (count($list) != count($attachments))
			{
				return false;
			}
		}
		$ids = $this->registry->db->query_read("
			SELECT
				a.attachmentid, a.userid, IF(a.contentid = 0, 1, 0) AS inprogress, a.caption,
				sg.name, sg.groupid, IF(sg.creatoruserid = {$this->registry->userinfo['userid']}, 1, 0) AS is_owner,
				user.username
			FROM " . TABLE_PREFIX . "attachment AS a
			LEFT JOIN " . TABLE_PREFIX . "socialgroup AS sg ON (a.contentid = sg.groupid)
			LEFT JOIN " . TABLE_PREFIX . "user AS user ON (a.userid = user.userid)
			WHERE
				a.attachmentid IN (" . implode(", ", $list) . ")
		");
		while ($id = $this->registry->db->fetch_array($ids))
		{
			if ($checkperms AND !$id['inprogress'] AND $id['userid'] != $this->registry->userinfo['userid'] AND !fetch_socialgroup_modperm('canremovepicture', $id))
			{
				return false;
			}

			if ($id['groupid'])
			{
				$this->lists['grouplist']["{$id['groupid']}"]["{$id['attachmentid']}"] = 1;

				if ($this->log)
				{
					if (!$id['is_owner'] AND $id['userid'] != $this->registry->userinfo['userid'])
					{
						// TODO : What does $picture want and fix modlog display in the admincp as it does not filter attachmentid properly on contenttype
						$picture = array();
						require_once(DIR . '/includes/functions_log_error.php');
						log_moderator_action($picture, 'social_group_picture_x_in_y_removed', array(fetch_trimmed_title($id['caption'], 50), $id['name']));
					}
				}
			}
		}
		return true;
	}
/**
 * Delete ban
 */
function shoutboxUnban()
{
    global $mybb, $db, $lang;
    if (isset($mybb->input['id']) && isset($mybb->input['token'])) {
        $lang->load('dvz_reports');
        verify_post_check($mybb->input['token']);
        $id = $db->escape_string($mybb->input['id']);
        $data = $db->write_query("select " . TABLE_PREFIX . "dvz_reports_banned.uid, " . TABLE_PREFIX . "dvz_reports_banned.id, " . TABLE_PREFIX . "users.username\r\n                from " . TABLE_PREFIX . "dvz_reports_banned\r\n                JOIN " . TABLE_PREFIX . "users ON " . TABLE_PREFIX . "dvz_reports_banned.uid = " . TABLE_PREFIX . "users.uid\r\n                WHERE " . TABLE_PREFIX . "dvz_reports_banned.id = '{$id}';");
        //Validate ban existance
        if ($data->num_rows === 0) {
            redirect('modcp.php?action=shoutbox_banned');
            die;
        }
        $data = $data->fetch_assoc();
        //Delete ban and log action
        $db->delete_query('dvz_reports_banned', 'id=' . $id);
        //Log action
        $logdata = array('uid' => htmlspecialchars_uni($data['uid']), 'username' => htmlspecialchars_uni($data['username']));
        log_moderator_action($logdata, $lang->unban_user);
        redirect('modcp.php?action=shoutbox_banned');
        die;
    }
    //Redirect
    redirect('modcp.php?action=shoutbox_banned');
    die;
}
Exemple #14
0
	/**
	* pre_delete function - extend if the contenttype needs to do anything
	*
	* @param	array		list of deleted attachment ids to delete
	* @param	boolean	verify permission to delete
	*
	* @return	boolean
	*/
	public function pre_delete($list, $checkperms = true)
	{
		@ignore_user_abort(true);

		// init lists
		$this->lists = array(
			'bloglist'   => array(),
		);

		if ($checkperms)
		{
			// Verify that we have permission to view these attachmentids
			$attachmultiple = new vB_Attachment_Display_Multiple($this->registry);
			$attachments = $attachmultiple->fetch_results("a.attachmentid IN (" . implode(", ", $list) . ")");

			if (count($list) != count($attachments))
			{
				return false;
			}
		}

		$replaced = array();
		$ids = $this->registry->db->query_read("
			SELECT
				a.attachmentid, a.userid, IF(a.contentid = 0, 1, 0) AS inprogress,
				blog.blogid, blog.firstblogtextid, blog.dateline AS blog_dateline, blog.state, blog.postedby_userid,
				bu.memberids, bu.memberblogids,
				gm.permissions AS grouppermissions,
				user.membergroupids, user.usergroupid, user.infractiongroupids,
				blog_deletionlog.moddelete AS del_moddelete, blog_deletionlog.userid AS del_userid, blog_deletionlog.username AS del_username, blog_deletionlog.reason AS del_reason
			FROM " . TABLE_PREFIX . "attachment AS a
			LEFT JOIN " . TABLE_PREFIX . "blog AS blog ON (blog.blogid = a.contentid)
			LEFT JOIN " . TABLE_PREFIX . "blog_user AS bu ON (bu.bloguserid = blog.userid)
			LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = blog.userid)
			LEFT JOIN " . TABLE_PREFIX . "blog_groupmembership AS gm ON (blog.userid = gm.bloguserid AND gm.userid = " . $this->registry->userinfo['userid'] . ")
			LEFT JOIN " . TABLE_PREFIX . "blog_deletionlog AS blog_deletionlog ON (blog.blogid = blog_deletionlog.primaryid AND blog_deletionlog.type = 'blogid')
			WHERE
				a.attachmentid IN (" . implode(", ", $list) . ")
		");
		while ($id = $this->registry->db->fetch_array($ids))
		{
			cache_permissions($id, false);
			if ($checkperms AND !$id['inprogress'] AND !fetch_entry_perm('edit', $id))
			{
				return false;
			}

			if ($id['blogid'])
			{
				$this->lists['bloglist']["{$id['blogid']}"]++;

				if ($this->log)
				{
					if (($this->registry->userinfo['permissions']['genericoptions'] & $this->registry->bf_ugp_genericoptions['showeditedby']) AND $id['p_dateline'] < (TIMENOW - ($this->registry->options['noeditedbytime'] * 60)))
					{
						if (empty($replaced["$id[firstblogtextid]"]))
						{
							/*insert query*/
							$this->registry->db->query_write("
								REPLACE INTO " . TABLE_PREFIX . "blog_editlog
										(blogtextid, userid, username, dateline)
								VALUES
									(
										$id[firstblogtextid],
										" . $this->registry->userinfo['userid'] . ",
										'" . $this->registry->db->escape_string($this->registry->userinfo['username']) . "',
										" . TIMENOW . "
									)
							");
							$replaced["$id[firstblogtextid]"] = true;
						}
					}
					if (!is_member_of_blog($this->registry->userinfo, $id) AND can_moderate_blog('caneditentries'))
					{
						$bloginfo = array(
							'blogid'       => $id['blogid'],
							'attachmentid' => $id['attachmentid'],
						);
						require_once(DIR . '/includes/blog_functions_log_error.php');
						log_moderator_action($bloginfo, 'attachment_removed');
					}
				}
			}
		}
		return true;
	}
 if (count($pids) < 1) {
     error($lang->error_inline_nopostsselected);
 }
 if (!is_moderator_by_pids($pids)) {
     error_no_permission();
 }
 // Get threads which are associated with the posts
 $tids = array();
 $options = array('order_by' => 'dateline', 'order_dir' => 'asc');
 $query = $db->simple_select("posts", "DISTINCT tid", "pid IN (" . implode(',', $pids) . ")", $options);
 while ($row = $db->fetch_array($query)) {
     $tids[] = $row['tid'];
 }
 $ret = $custommod->execute(intval($mybb->input['action']), $tids, $pids);
 $lang->custom_tool = $lang->sprintf($lang->custom_tool, $tool['name']);
 log_moderator_action($modlogdata, $lang->custom_tool);
 if ($mybb->input['inlinetype'] == 'search') {
     clearinline($mybb->input['searchid'], 'search');
     $lang->redirect_customtool_search = $lang->sprintf($lang->redirect_customtool_search, $tool['name']);
     $return_url = htmlspecialchars_uni($mybb->input['url']);
     redirect($return_url, $lang->redirect_customtool_search);
 } else {
     clearinline($tid, 'thread');
     if ($ret == 'forum') {
         $lang->redirect_customtool_forum = $lang->sprintf($lang->redirect_customtool_forum, $tool['name']);
         moderation_redirect(get_forum_link($fid), $lang->redirect_customtool_forum);
     } else {
         $lang->redirect_customtool_thread = $lang->sprintf($lang->redirect_customtool_thread, $tool['name']);
         moderation_redirect(get_thread_link($tid), $lang->redirect_customtool_thread);
     }
 }
function replyban_run()
{
    global $db, $mybb, $lang, $templates, $theme, $headerinclude, $header, $footer, $replyban, $moderation;
    $lang->load("replyban");
    if ($mybb->input['action'] != "replyban" && $mybb->input['action'] != "do_replyban" && $mybb->input['action'] != "liftreplyban") {
        return;
    }
    if ($mybb->input['action'] == "replyban") {
        $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
        $thread = get_thread($tid);
        if (!is_moderator($thread['fid'], "canmanagethreads")) {
            error_no_permission();
        }
        if (!$thread['tid']) {
            error($lang->error_invalidthread);
        }
        $thread['subject'] = htmlspecialchars_uni($thread['subject']);
        $lang->reply_bans_for = $lang->sprintf($lang->reply_bans_for, $thread['subject']);
        check_forum_password($thread['fid']);
        build_forum_breadcrumb($thread['fid']);
        add_breadcrumb($thread['subject'], get_thread_link($thread['tid']));
        add_breadcrumb($lang->reply_bans);
        $query = $db->query("\r\n\t\t\tSELECT r.*, u.username\r\n\t\t\tFROM " . TABLE_PREFIX . "replybans r\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (r.uid=u.uid)\r\n\t\t\tWHERE r.tid='{$thread['tid']}'\r\n\t\t\tORDER BY r.dateline DESC\r\n\t\t");
        while ($ban = $db->fetch_array($query)) {
            $ban['reason'] = htmlspecialchars_uni($ban['reason']);
            $ban['username'] = build_profile_link($ban['username'], $ban['uid']);
            if ($ban['lifted'] == 0) {
                $ban['lifted'] = $lang->permanent;
            } else {
                $ban['lifted'] = my_date('relative', $ban['lifted'], '', 2);
            }
            $alt_bg = alt_trow();
            eval("\$ban_bit .= \"" . $templates->get("moderation_replyban_bit") . "\";");
        }
        if (!$ban_bit) {
            eval("\$ban_bit = \"" . $templates->get("moderation_replyban_no_bans") . "\";");
        }
        // Generate the banned times dropdown
        $liftlist = '';
        $bantimes = fetch_ban_times();
        foreach ($bantimes as $time => $title) {
            $selected = '';
            if (isset($banned['bantime']) && $banned['bantime'] == $time) {
                $selected = " selected=\"selected\"";
            }
            $thattime = '';
            if ($time != '---') {
                $dateline = TIME_NOW;
                if (isset($banned['dateline'])) {
                    $dateline = $banned['dateline'];
                }
                $thatime = my_date("D, jS M Y @ g:ia", ban_date2timestamp($time, $dateline));
                $thattime = " ({$thatime})";
            }
            eval("\$liftlist .= \"" . $templates->get("moderation_replyban_liftlist") . "\";");
        }
        eval("\$replyban = \"" . $templates->get("moderation_replyban") . "\";");
        output_page($replyban);
    }
    if ($mybb->input['action'] == "do_replyban" && $mybb->request_method == "post") {
        // Verify incoming POST request
        verify_post_check($mybb->get_input('my_post_key'));
        $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
        $thread = get_thread($tid);
        if (!is_moderator($thread['fid'], "canmanagethreads")) {
            error_no_permission();
        }
        if (!$thread['tid']) {
            error($lang->error_invalidthread);
        }
        $user = get_user_by_username($mybb->input['username'], array('fields' => array('username')));
        if (!$user['uid']) {
            error($lang->error_invaliduser);
        }
        $mybb->input['reason'] = $mybb->get_input('reason');
        if (!trim($mybb->input['reason'])) {
            error($lang->error_missing_reason);
        }
        $query = $db->simple_select('replybans', 'rid', "uid='{$user['uid']}' AND tid='{$thread['tid']}'");
        $existingban = $db->fetch_field($query, 'rid');
        if ($existingban > 0) {
            error($lang->error_alreadybanned);
        }
        if ($mybb->get_input('liftban') == '---') {
            $lifted = 0;
        } else {
            $lifted = ban_date2timestamp($mybb->get_input('liftban'), 0);
        }
        $reason = my_substr($mybb->input['reason'], 0, 240);
        $insert_array = array('uid' => $user['uid'], 'tid' => $thread['tid'], 'dateline' => TIME_NOW, 'reason' => $db->escape_string($reason), 'lifted' => $db->escape_string($lifted));
        $db->insert_query('replybans', $insert_array);
        log_moderator_action(array("tid" => $thread['tid'], "fid" => $thread['fid'], "uid" => $user['uid'], "username" => $user['username']), $lang->user_reply_banned);
        moderation_redirect("moderation.php?action=replyban&tid={$thread['tid']}", $lang->redirect_user_banned_replying);
    }
    if ($mybb->input['action'] == "liftreplyban") {
        // Verify incoming POST request
        verify_post_check($mybb->get_input('my_post_key'));
        $rid = $mybb->get_input('rid', MyBB::INPUT_INT);
        $query = $db->simple_select("replybans", "*", "rid='{$rid}'");
        $ban = $db->fetch_array($query);
        if (!$ban['rid']) {
            error($lang->error_invalidreplyban);
        }
        $thread = get_thread($ban['tid']);
        $user = get_user($ban['uid']);
        if (!$thread['tid']) {
            error($lang->error_invalidthread);
        }
        if (!is_moderator($thread['fid'], "canmanagethreads")) {
            error_no_permission();
        }
        $db->delete_query("replybans", "rid='{$ban['rid']}'");
        log_moderator_action(array("tid" => $thread['tid'], "fid" => $thread['fid'], "uid" => $user['uid'], "username" => $user['username']), $lang->user_reply_banned_lifted);
        moderation_redirect("moderation.php?action=replyban&tid={$thread['tid']}", $lang->redirect_reply_ban_lifted);
    }
    exit;
}
Exemple #17
0
 /**
  * Insert a thread into the database.
  *
  * @return array Array of new thread details, tid and visibility.
  */
 function insert_thread()
 {
     global $db, $mybb, $plugins, $cache, $lang;
     // Yes, validating is required.
     if (!$this->get_validated()) {
         die("The thread needs to be validated before inserting it into the DB.");
     }
     if (count($this->get_errors()) > 0) {
         die("The thread is not valid.");
     }
     $thread =& $this->data;
     // Fetch the forum this thread is being made in
     $forum = get_forum($thread['fid']);
     // This thread is being saved as a draft.
     if ($thread['savedraft']) {
         $visible = -2;
     } else {
         $forumpermissions = forum_permissions($thread['fid'], $thread['uid']);
         // Decide on the visibility of this post.
         if ($forumpermissions['modthreads'] == 1 && !is_moderator($thread['fid'], "", $thread['uid'])) {
             $visible = 0;
         } else {
             $visible = 1;
         }
         // Are posts from this user being moderated? Change visibility
         if ($mybb->user['uid'] == $thread['uid'] && $mybb->user['moderateposts'] == 1) {
             $visible = 0;
         }
     }
     // Have a post ID but not a thread ID - fetch thread ID
     if (!empty($thread['pid']) && !$thread['tid']) {
         $query = $db->simple_select("posts", "tid", "pid='{$thread['pid']}");
         $thread['tid'] = $db->fetch_field($query, "tid");
     }
     if (isset($thread['pid']) && $thread['pid'] > 0) {
         $query = $db->simple_select("posts", "pid", "pid='{$thread['pid']}' AND uid='{$thread['uid']}' AND visible='-2'");
         $draft_check = $db->fetch_field($query, "pid");
     } else {
         $draft_check = false;
     }
     // Are we updating a post which is already a draft? Perhaps changing it into a visible post?
     if ($draft_check) {
         $this->thread_insert_data = array("subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "lastpost" => (int) $thread['dateline'], "lastposter" => $db->escape_string($thread['username']), "visible" => $visible);
         $plugins->run_hooks("datahandler_post_insert_thread", $this);
         $db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'");
         $this->post_insert_data = array("subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "message" => $db->escape_string($thread['message']), "ipaddress" => $db->escape_binary(my_inet_pton(get_ip())), "includesig" => $thread['options']['signature'], "smilieoff" => $thread['options']['disablesmilies'], "visible" => $visible);
         $plugins->run_hooks("datahandler_post_insert_thread_post", $this);
         $db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'");
         $this->tid = $thread['tid'];
         $this->pid = $thread['pid'];
     } else {
         $this->thread_insert_data = array("fid" => $thread['fid'], "subject" => $db->escape_string($thread['subject']), "prefix" => (int) $thread['prefix'], "icon" => (int) $thread['icon'], "uid" => $thread['uid'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "lastpost" => (int) $thread['dateline'], "lastposter" => $db->escape_string($thread['username']), "views" => 0, "replies" => 0, "visible" => $visible, "notes" => '');
         $plugins->run_hooks("datahandler_post_insert_thread", $this);
         $this->tid = $db->insert_query("threads", $this->thread_insert_data);
         $this->post_insert_data = array("tid" => $this->tid, "fid" => $thread['fid'], "subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "uid" => $thread['uid'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "message" => $db->escape_string($thread['message']), "ipaddress" => $db->escape_binary(my_inet_pton(get_ip())), "includesig" => $thread['options']['signature'], "smilieoff" => $thread['options']['disablesmilies'], "visible" => $visible);
         $plugins->run_hooks("datahandler_post_insert_thread_post", $this);
         $this->pid = $db->insert_query("posts", $this->post_insert_data);
         // Now that we have the post id for this first post, update the threads table.
         $firstpostup = array("firstpost" => $this->pid);
         $db->update_query("threads", $firstpostup, "tid='{$this->tid}'");
     }
     // If we're not saving a draft there are some things we need to check now
     if (!$thread['savedraft']) {
         if ($thread['options']['subscriptionmethod'] != "" && $thread['uid'] > 0) {
             switch ($thread['options']['subscriptionmethod']) {
                 case "pm":
                     $notification = 2;
                     break;
                 case "email":
                     $notification = 1;
                     break;
                 default:
                     $notification = 0;
             }
             require_once MYBB_ROOT . "inc/functions_user.php";
             add_subscribed_thread($this->tid, $notification, $thread['uid']);
         }
         // Perform any selected moderation tools.
         if (is_moderator($thread['fid'], "", $thread['uid']) && is_array($thread['modoptions'])) {
             $lang->load($this->language_file, true);
             $modoptions = $thread['modoptions'];
             $modlogdata['fid'] = $thread['fid'];
             if (isset($thread['tid'])) {
                 $modlogdata['tid'] = $thread['tid'];
             }
             $modoptions_update = array();
             // Close the thread.
             if (!empty($modoptions['closethread'])) {
                 $modoptions_update['closed'] = 1;
                 log_moderator_action($modlogdata, $lang->thread_closed);
             }
             // Stick the thread.
             if (!empty($modoptions['stickthread'])) {
                 $modoptions_update['sticky'] = 1;
                 log_moderator_action($modlogdata, $lang->thread_stuck);
             }
             // Execute moderation options.
             if ($modoptions_update) {
                 $db->update_query('threads', $modoptions_update, "tid='{$this->tid}'");
             }
         }
         if ($visible == 1) {
             // If we have a registered user then update their post count and last post times.
             if ($thread['uid'] > 0) {
                 $user = get_user($thread['uid']);
                 $update_query = array();
                 // Only update the lastpost column of the user if the date of the thread is newer than their last post.
                 if ($thread['dateline'] > $user['lastpost']) {
                     // Yes this has a single quote within a double quote. It's not a bug.
                     $update_query['lastpost'] = "'{$thread['dateline']}'";
                 }
                 // Update the post count if this forum allows post counts to be tracked
                 if ($forum['usepostcounts'] != 0) {
                     $update_query['postnum'] = "postnum+1";
                 }
                 if ($forum['usethreadcounts'] != 0) {
                     $update_query['threadnum'] = 'threadnum+1';
                 }
                 // Only update the table if we need to.
                 if (!empty($update_query)) {
                     $db->update_query("users", $update_query, "uid='{$thread['uid']}'", 1, true);
                 }
             }
             if (!isset($forum['lastpost'])) {
                 $forum['lastpost'] = 0;
             }
             $done_users = array();
             // Queue up any forum subscription notices to users who are subscribed to this forum.
             $excerpt = my_substr($thread['message'], 0, $mybb->settings['subscribeexcerpt']) . $lang->emailbit_viewthread;
             // Parse badwords
             require_once MYBB_ROOT . "inc/class_parser.php";
             $parser = new postParser();
             $excerpt = $parser->parse_badwords($excerpt);
             $query = $db->query("\n\t\t\t\t\tSELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate\n\t\t\t\t\tFROM " . TABLE_PREFIX . "forumsubscriptions fs\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=fs.uid)\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (g.gid=u.usergroup)\n\t\t\t\t\tWHERE fs.fid='" . (int) $thread['fid'] . "'\n\t\t\t\t\tAND fs.uid != '" . (int) $thread['uid'] . "'\n\t\t\t\t\tAND u.lastactive > '{$forum['lastpost']}'\n\t\t\t\t\tAND g.isbannedgroup != 1\n\t\t\t\t");
             while ($subscribedmember = $db->fetch_array($query)) {
                 if ($done_users[$subscribedmember['uid']]) {
                     continue;
                 }
                 $done_users[$subscribedmember['uid']] = 1;
                 $forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']);
                 if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) {
                     continue;
                 }
                 if (!is_moderator($thread['fid'], "", $subscribedmember['uid']) && $forumpermissions['canonlyviewownthreads'] == 1) {
                     // In a 'view own only' forum and not a moderator
                     continue;
                 }
                 // Determine the language pack we'll be using to send this email in and load it if it isn't already.
                 if ($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) {
                     $uselang = $subscribedmember['language'];
                 } else {
                     if ($mybb->settings['bblanguage']) {
                         $uselang = $mybb->settings['bblanguage'];
                     } else {
                         $uselang = "english";
                     }
                 }
                 if ($uselang == $mybb->settings['bblanguage']) {
                     $emailsubject = $lang->emailsubject_forumsubscription;
                     $emailmessage = $lang->email_forumsubscription;
                 } else {
                     if (!isset($langcache[$uselang]['emailsubject_forumsubscription'])) {
                         $userlang = new MyLanguage();
                         $userlang->set_path(MYBB_ROOT . "inc/languages");
                         $userlang->set_language($uselang);
                         $userlang->load("messages");
                         $langcache[$uselang]['emailsubject_forumsubscription'] = $userlang->emailsubject_forumsubscription;
                         $langcache[$uselang]['email_forumsubscription'] = $userlang->email_forumsubscription;
                         unset($userlang);
                     }
                     $emailsubject = $langcache[$uselang]['emailsubject_forumsubscription'];
                     $emailmessage = $langcache[$uselang]['email_forumsubscription'];
                 }
                 $emailsubject = $lang->sprintf($emailsubject, $forum['name']);
                 $post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']);
                 $emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $thread['username'], $forum['name'], $mybb->settings['bbname'], $thread['subject'], $excerpt, $mybb->settings['bburl'], get_thread_link($this->tid), $thread['fid'], $post_code);
                 $new_email = array("mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => '');
                 $db->insert_query("mailqueue", $new_email);
                 unset($userlang);
                 $queued_email = 1;
             }
             // Have one or more emails been queued? Update the queue count
             if (isset($queued_email) && $queued_email == 1) {
                 $cache->update_mailqueue();
             }
         }
     }
     // Assign any uploaded attachments with the specific posthash to the newly created post.
     if ($thread['posthash']) {
         $thread['posthash'] = $db->escape_string($thread['posthash']);
         $attachmentassign = array("pid" => $this->pid, "posthash" => '');
         $db->update_query("attachments", $attachmentassign, "posthash='{$thread['posthash']}' AND pid='0'");
     }
     if ($visible == 1) {
         update_last_post($this->tid);
         update_forum_counters($thread['fid'], array("threads" => "+1", "posts" => "+1"));
         update_forum_lastpost($thread['fid']);
     } else {
         if ($visible == 0) {
             update_forum_counters($thread['fid'], array("unapprovedthreads" => "+1", "unapprovedposts" => "+1"));
         }
     }
     $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'");
     $attachmentcount = $db->fetch_field($query, "attachmentcount");
     if ($attachmentcount > 0) {
         update_thread_counters($this->tid, array("attachmentcount" => "+{$attachmentcount}"));
     }
     // Return the post's pid and whether or not it is visible.
     $this->return_values = array("pid" => $this->pid, "tid" => $this->tid, "visible" => $visible);
     $plugins->run_hooks("datahandler_post_insert_thread_end", $this);
     return $this->return_values;
 }
Exemple #18
0
        foreach ($unique_thread_user as $threadid => $users) {
            foreach ($users as $userid => $subscriptioninfo) {
                if ($subscriptioninfo['issubscribed'] and $subscriptioninfo['autosubscribe'] != -1) {
                    $insert_subscriptions[] = "({$userid}, {$destthreadinfo['threadid']}, {$subscriptioninfo['autosubscribe']}, 0, 1)";
                }
            }
        }
        if ($insert_subscriptions) {
            $db->query_write("\n\t\t\t\tINSERT IGNORE INTO " . TABLE_PREFIX . "subscribethread\n\t\t\t\t\t(userid, threadid, emailupdate, folderid, canview)\n\t\t\t\tVALUES\n\t\t\t\t\t" . implode(', ', $insert_subscriptions));
        }
        // need to check permissions on these threads
        update_subscriptions(array('threadids' => array($destthreadinfo['threadid'])));
    }
    build_thread_counters($destthreadinfo['threadid']);
    build_forum_counters($destforuminfo['forumid']);
    log_moderator_action($destthreadinfo, 'posts_copied_to_x', $destthreadinfo['threadid']);
    // empty cookie
    setcookie('vbulletin_inlinepost', '', TIMENOW - 3600, '/');
    ($hook = vBulletinHook::fetch_hook('inlinemod_docopyposts')) ? eval($hook) : false;
    $vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$destthreadinfo['threadid']}";
    eval(print_standard_redirect('redirect_inline_copiedposts', true, $forceredirect));
}
$navbits = construct_navbits($navbits);
eval('$navbar = "' . fetch_template('navbar') . '";');
($hook = vBulletinHook::fetch_hook('inlinemod_complete')) ? eval($hook) : false;
$url =& $vbulletin->url;
// spit out the final HTML if we have got this far
eval('$HTML = "' . fetch_template($template) . '";');
eval('print_output("' . fetch_template('THREADADMIN') . '");');
/*======================================================================*\
|| ####################################################################
Exemple #19
0
		UPDATE " . TABLE_PREFIX . "picturecomment
		SET state = 'visible'
		WHERE commentid IN(" . implode(',', array_keys($messagearray)) . ")
	");

	foreach(array_keys($userlist) AS $userid)
	{
		build_picture_comment_counters($userid);
	}

	if (can_moderate(0, 'candeletepicturecomments'))
	{
		foreach ($messagearray AS $message)
		{
			log_moderator_action($message, 'pc_by_x_on_y_undeleted',
				array($message['postusername'], fetch_trimmed_title($message['picture_caption'], 50))
			);
		}
	}

	// empty cookie
	setcookie('vbulletin_inlinepicturecomment', '', TIMENOW - 3600, '/');

	($hook = vBulletinHook::fetch_hook('picturecomment_inlinemod_undelete')) ? eval($hook) : false;

	eval(print_standard_redirect('redirect_inline_undeletedmessages', true, $forceredirect));
}

/*======================================================================*\
|| ####################################################################
|| # 
Exemple #20
0
function m_ban_user_func($xmlrpc_params)
{
    global $input, $post, $thread, $forum, $pid, $tid, $fid, $modlogdata, $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $moderation, $parser;
    $input = Tapatalk_Input::filterXmlInput(array('user_name' => Tapatalk_Input::STRING, 'mode' => Tapatalk_Input::INT, 'reason_text' => Tapatalk_Input::STRING, 'expired' => Tapatalk_Input::INT), $xmlrpc_params);
    $ban_time = '---';
    if (!empty($input['expired'])) {
        $expired = intval($input['expired']);
        $year = date("Y", $expired) - date("Y", time());
        $month = date("m", $expired) - date("m", time());
        $day = date("d", $expired) - date("d", time());
        if ($year < 0) {
            $year = 0;
            $month = 0;
            $day = 0;
        }
        if ($month < 0) {
            $month = 0;
        }
        if ($day < 0) {
            $day = 0;
        }
        $ban_time = $day . '-' . $month . '-' . $year;
    }
    mod_setup();
    $lang->load("modcp");
    // Get the users info from their Username
    $query = $db->simple_select("users", "uid, username,usergroup, additionalgroups, displaygroup", "username = '******'user_name_esc']}'", array('limit' => 1));
    $user = $db->fetch_array($query);
    if (!$user['uid']) {
        return xmlrespfalse($lang->invalid_username);
    }
    if ($user['uid'] == $mybb->user['uid']) {
        return xmlrespfalse($lang->error_cannotbanself);
    }
    // Have permissions to ban this user?
    if (!modcp_can_manage_user($user['uid'])) {
        return xmlrespfalse($lang->error_cannotbanuser);
    }
    // Check for an incoming reason
    if (empty($input['reason_text'])) {
        return xmlrespfalse($lang->error_nobanreason);
    }
    // Check banned group
    $query = $db->simple_select("usergroups", "gid", "isbannedgroup=1", array('limit' => 1));
    $gid = $db->fetch_field($query, "gid");
    if (!$gid) {
        return xmlrespfalse($lang->error_nobangroup);
    }
    // If this is a new ban, we check the user isn't already part of a banned group
    $query = $db->simple_select("banned", "uid", "uid='{$user['uid']}'");
    if ($db->fetch_field($query, "uid")) {
        return xmlrespfalse($lang->error_useralreadybanned);
    }
    $insert_array = array('uid' => $user['uid'], 'gid' => $gid, 'oldgroup' => $user['usergroup'], 'oldadditionalgroups' => $user['additionalgroups'], 'olddisplaygroup' => $user['displaygroup'], 'admin' => intval($mybb->user['uid']), 'dateline' => TIME_NOW, 'bantime' => $ban_time, 'lifted' => 0, 'reason' => $input['reason_text_esc']);
    $db->insert_query('banned', $insert_array);
    // Move the user to the banned group
    $update_array = array('usergroup' => $gid, 'displaygroup' => 0, 'additionalgroups' => '');
    $db->update_query('users', $update_array, "uid = {$user['uid']}");
    // soft delete (unapprove) posts if necessary
    if ($input['mode'] == 2) {
        $db->update_query('posts', array("visible" => 0), "uid = {$user['uid']}");
        $db->update_query('threads', array("visible" => 0), "uid = {$user['uid']}");
    }
    $cache->update_banned();
    log_moderator_action(array("uid" => $user['uid'], "username" => $user['username']), $lang->banned_user);
    $response = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'is_login_mod' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval("", 'base64')), 'struct');
    return new xmlrpcresp($response);
}
Exemple #21
0
             if ($albuminfo['userid'] != $vbulletin->userinfo['userid'] and can_moderate(0, 'caneditalbumpicture')) {
                 require_once DIR . '/includes/functions_log_error.php';
                 log_moderator_action($picture, 'picture_x_in_y_by_z_deleted', array(fetch_trimmed_title($picture['caption'], 50), $albuminfo['title'], $userinfo['username']));
             }
         }
     } else {
         if ($picture['state'] == 'moderation' and can_moderate(0, 'canmoderatepictures') and $vbulletin->GPC['pictures']["{$picture['pictureid']}"]['approve']) {
             // need to increase picture counter
             $picturedata->set('state', 'visible');
             $updatecounter++;
         }
         $picturedata->set('caption', $vbulletin->GPC['pictures']["{$picture['pictureid']}"]['caption']);
         $picturedata->save();
         if ($albuminfo['userid'] != $vbulletin->userinfo['userid'] and $vbulletin->GPC['pictures']["{$picture['pictureid']}"]['caption'] != $picture['caption'] and can_moderate(0, 'caneditalbumpicture')) {
             require_once DIR . '/includes/functions_log_error.php';
             log_moderator_action($picture, 'picture_x_in_y_by_z_edited', array(fetch_trimmed_title($picture['caption'], 50), $albuminfo['title'], $userinfo['username']));
         }
         if ($picture['pictureid'] == $vbulletin->GPC['coverpictureid'] and $picturedata->fetch_field('state') == 'visible') {
             $new_coverid = $picture['pictureid'];
         } else {
             if (!$vbulletin->GPC['coverpictureid'] and !$new_coverid and !$albuminfo['coverpictureid'] and $picturedata->fetch_field('state') == 'visible') {
                 // not setting a cover and there's no existing cover -> set to this pic
                 $new_coverid = $picture['pictureid'];
             }
         }
     }
 }
 ($hook = vBulletinHook::fetch_hook('album_picture_update_complete')) ? eval($hook) : false;
 if ($new_coverid or $updatecounter) {
     $albumdata =& datamanager_init('Album', $vbulletin, ERRTYPE_SILENT);
     $albumdata->set_existing($albuminfo);
function undelete_post($postid, $countposts, $postinfo = NULL, $threadinfo = NULL, $counterupdate = true)
{
	global $vbulletin, $vbphrase;

	// Valid postinfo array will contain: postid, threadid, visible, userid, username, title
	// Invalid post or post is not deleted
	if (!$postinfo AND !$postinfo = fetch_postinfo($postid))
	{
		return;
	}

	// Valid threadinfo array will contain: threadid, forumid, visible, firstpostid
	if (!$threadinfo AND !$threadinfo = fetch_threadinfo($postinfo['threadid']))
	{
		return;
	}

	if ($threadinfo['firstpostid'] == $postid)
	{
		// undelete thread
		undelete_thread($threadinfo['threadid'], $countposts, $threadinfo);
		return;
	}

	// Post is not deleted
	if ($postinfo['visible'] != 2)
	{
		return;
	}

	// Only increment post for a visible thread in a counting forum
	if ($countposts AND $postinfo['userid'] AND $threadinfo['visible'] == 1)
	{
		$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
		$userdata->set_existing($postinfo);
		$userdata->set('posts', 'posts + 1', false);
		$userdata->set_ladder_usertitle_relative(1);
		$userdata->save();
		unset($userdata);
	}

	$deletiondata =& datamanager_init('Deletionlog_ThreadPost', $vbulletin, ERRTYPE_SILENT, 'deletionlog');
	$deletioninfo = array('type' => 'post', 'primaryid' => $postid);
	$deletiondata->set_existing($deletioninfo);
	$deletiondata->delete();
	unset($deletiondata, $deletioninfo);

	$postman =& datamanager_init('Post', $vbulletin, ERRTYPE_SILENT, 'threadpost');
	$postman->set_existing($postinfo);
	$postman->set('visible', 1);
	$postman->save();

	if ($counterupdate)
	{
		build_thread_counters($postinfo['threadid']);
		build_forum_counters($threadinfo['forumid']);
	}

	fetch_phrase_group('threadmanage');
	$postinfo['forumid'] = $threadinfo['forumid'];

	require_once(DIR . '/includes/functions_log_error.php');
	log_moderator_action($postinfo, 'post_y_by_x_undeleted', array($postinfo['title'], $postinfo['username']));
}
Exemple #23
0
    while ($message = $db->fetch_array($messages)) {
        if (!fetch_visitor_message_perm('canundeletevisitormessages', $userinfo, $message)) {
            standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_messages'));
        }
        $messagearray["{$message['vmid']}"] = $message;
        $userlist["{$message['userid']}"] = true;
    }
    if (empty($messagearray)) {
        standard_error(fetch_error('you_did_not_select_any_valid_messages'));
    }
    $db->query_write("\r\n\t\tDELETE FROM " . TABLE_PREFIX . "deletionlog\r\n\t\tWHERE type = 'visitormessage' AND\r\n\t\t\tprimaryid IN(" . implode(',', array_keys($messagearray)) . ")\r\n\t");
    $db->query_write("\r\n\t\tUPDATE " . TABLE_PREFIX . "visitormessage\r\n\t\tSET state = 'visible'\r\n\t\tWHERE vmid IN(" . implode(',', array_keys($messagearray)) . ")\r\n\t");
    foreach (array_keys($userlist) as $userid) {
        build_visitor_message_counters($userid);
    }
    if (can_moderate(0, 'candeletevisitormessages')) {
        foreach ($messagearray as $message) {
            log_moderator_action($message, 'vm_by_x_for_y_undeleted', array($message['postusername'], $message['profile_username']));
        }
    }
    // empty cookie
    setcookie('vbulletin_inlinevmessage', '', TIMENOW - 3600, '/');
    ($hook = vBulletinHook::fetch_hook('member_inlinemod_undelete')) ? eval($hook) : false;
    eval(print_standard_redirect('redirect_inline_undeletedmessages', true, $forceredirect));
}
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 23:48, Wed Mar 24th 2010
|| # SVN: $Revision: 32878 $
|| ####################################################################
\*======================================================================*/
Exemple #24
0
        $timeout = $mybb->get_input('timeout', MyBB::INPUT_INT);
    } else {
        $timeout = 0;
    }
    if ($mybb->get_input('maxoptions', MyBB::INPUT_INT) > 0 && $mybb->get_input('maxoptions', MyBB::INPUT_INT) < $numoptions) {
        $maxoptions = $mybb->get_input('maxoptions', MyBB::INPUT_INT);
    } else {
        $maxoptions = 0;
    }
    $updatedpoll = array("question" => $db->escape_string($mybb->input['question']), "options" => $db->escape_string($optionslist), "votes" => $db->escape_string($voteslist), "numoptions" => (int) $optioncount, "numvotes" => $numvotes, "timeout" => $timeout, "closed" => $postoptions['closed'], "multiple" => $postoptions['multiple'], "public" => $postoptions['public'], "maxoptions" => $maxoptions);
    $plugins->run_hooks("polls_do_editpoll_process");
    $db->update_query("polls", $updatedpoll, "pid='" . $mybb->get_input('pid', MyBB::INPUT_INT) . "'");
    $plugins->run_hooks("polls_do_editpoll_end");
    $modlogdata['fid'] = $thread['fid'];
    $modlogdata['tid'] = $thread['tid'];
    log_moderator_action($modlogdata, $lang->poll_edited);
    redirect(get_thread_link($thread['tid']), $lang->redirect_pollupdated);
}
if ($mybb->input['action'] == "showresults") {
    $query = $db->simple_select("polls", "*", "pid='" . $mybb->get_input('pid', MyBB::INPUT_INT) . "'");
    $poll = $db->fetch_array($query);
    if (!$poll) {
        error($lang->error_invalidpoll);
    }
    $tid = $poll['tid'];
    $thread = get_thread($tid);
    if (!$thread) {
        error($lang->error_invalidthread);
    }
    $fid = $thread['fid'];
    // Get forum info
Exemple #25
0
 /**
  * pre_delete function - extend if the contenttype needs to do anything
  *
  * @param	array		list of deleted attachment ids to delete
  * @param	boolean	verify permission to delete
  *
  * @return	boolean
  */
 public function pre_delete($list, $checkperms = true)
 {
     @ignore_user_abort(true);
     // init lists
     $this->lists = array('postlist' => array(), 'threadlist' => array());
     if ($checkperms) {
         // Verify that we have permission to view these attachmentids
         $attachmultiple = new vB_Attachment_Display_Multiple($this->registry);
         $attachments = $attachmultiple->fetch_results("a.attachmentid IN (" . implode(", ", $list) . ")");
         if (count($list) != count($attachments)) {
             return false;
         }
     }
     $ids = $this->registry->db->query_read("\n\t\t\tSELECT\n\t\t\t\ta.attachmentid, a.userid, IF(a.contentid = 0, 1, 0) AS inprogress,\n\t\t\t\tpost.postid, post.threadid, post.dateline AS p_dateline, post.userid AS post_userid,\n\t\t\t\tthread.forumid, thread.threadid, thread.open,\n\t\t\t\teditlog.hashistory\n\t\t\tFROM " . TABLE_PREFIX . "attachment AS a\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = a.contentid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = post.threadid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON (editlog.postid = post.postid)\n\t\t\tWHERE a.attachmentid IN (" . implode(", ", $list) . ")\n\t\t");
     while ($id = $this->registry->db->fetch_array($ids)) {
         if (!$id['inprogress'] and $checkperms) {
             if (!$id['open'] and !can_moderate($id['forumid'], 'canopenclose') and !$this->registry->options['allowclosedattachdel']) {
                 return false;
             } else {
                 if (!can_moderate($id['forumid'], 'caneditposts')) {
                     $forumperms = fetch_permissions($id['forumid']);
                     if (!($forumperms & $this->registry->bf_ugp_forumpermissions['caneditpost']) or $this->registry->userinfo['userid'] != $id['userid']) {
                         return false;
                     } else {
                         if (!$this->registry->options['allowattachdel'] and $this->registry->options['edittimelimit'] and $id['p_dateline'] < TIMENOW - $this->registry->options['edittimelimit'] * 60) {
                             return false;
                         }
                     }
                 }
             }
         }
         if ($id['postid']) {
             $this->lists['postlist']["{$id['postid']}"]++;
             if ($this->log) {
                 if ($this->registry->userinfo['permissions']['genericoptions'] & $this->registry->bf_ugp_genericoptions['showeditedby'] and $id['p_dateline'] < TIMENOW - $this->registry->options['noeditedbytime'] * 60) {
                     if (empty($replaced["{$id['postid']}"])) {
                         /*insert query*/
                         $this->registry->db->query_write("\n\t\t\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "editlog\n\t\t\t\t\t\t\t\t\t\t(postid, userid, username, dateline, hashistory)\n\t\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t\t({$id['postid']},\n\t\t\t\t\t\t\t\t\t" . $this->registry->userinfo['userid'] . ",\n\t\t\t\t\t\t\t\t\t'" . $this->registry->db->escape_string($this->registry->userinfo['username']) . "',\n\t\t\t\t\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t\t\t\t\t" . intval($id['hashistory']) . ")\n\t\t\t\t\t\t\t");
                         $replaced["{$id['postid']}"] = true;
                     }
                 }
                 if ($this->registry->userinfo['userid'] != $id['post_userid'] and can_moderate($id['forumid'], 'caneditposts')) {
                     $postinfo = array('postid' => &$id['postid'], 'threadid' => &$id['threadid'], 'forumid' => &$id['forumid'], 'attachmentid' => &$id['attachmentid']);
                     require_once DIR . '/includes/functions_log_error.php';
                     log_moderator_action($postinfo, 'attachment_removed');
                 }
             }
         }
         if ($id['threadid']) {
             $this->lists['threadlist']["{$id['threadid']}"]++;
         }
     }
     return true;
 }
Exemple #26
0
     // do we need to update the forum counters?
     $forumupdate = $foruminfo['lastthreadid'] == $threadinfo['threadid'] ? true : false;
 }
 // can this user open/close this thread if they want to?
 if ($vbulletin->GPC['openclose'] and ($threadinfo['postuserid'] != 0 and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] or can_moderate($threadinfo['forumid'], 'canopenclose'))) {
     $threadman->set('open', $threadman->fetch_field('open') == 1 ? 0 : 1);
 }
 if ($vbulletin->GPC['stickunstick'] and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
     $threadman->set('sticky', $threadman->fetch_field('sticky') == 1 ? 0 : 1);
 }
 ($hook = vBulletinHook::fetch_hook('editpost_update_thread')) ? eval($hook) : false;
 $threadman->save();
 // if this is a mod edit, then log it
 if ($vbulletin->userinfo['userid'] != $postinfo['userid'] and can_moderate($threadinfo['forumid'], 'caneditposts')) {
     $modlog = array('threadid' => $threadinfo['threadid'], 'forumid' => $threadinfo['forumid'], 'postid' => $postinfo['postid']);
     log_moderator_action($modlog, 'post_x_edited', $postinfo['title']);
 }
 require_once DIR . '/includes/functions_databuild.php';
 // do forum update if necessary
 if ($forumupdate) {
     build_forum_counters($threadinfo['forumid']);
 }
 // don't do thread subscriptions if we are doing quick edit
 if (!$vbulletin->GPC['ajax'] and !$vbulletin->GPC['quickeditnoajax']) {
     // ### DO THREAD SUBSCRIPTION ###
     // We use $postinfo[userid] so that we update the user who posted this, not the user who is editing this
     if (!$threadinfo['issubscribed'] and $edit['emailupdate'] != 9999) {
         // user is not subscribed to this thread so insert it
         /*insert query*/
         $db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES ({$postinfo['userid']}, {$threadinfo['threadid']}, {$edit['emailupdate']}, {$edit['folderid']}, 1)\n\t\t\t\t");
     } else {
Exemple #27
0
			$hard_delete = false;
		}

		$dataman =& datamanager_init('VisitorMessage', $vbulletin, ERRTYPE_STANDARD);
		$dataman->set_existing($messageinfo);
		$dataman->set_info('hard_delete', $hard_delete);
		$dataman->set_info('reason', $vbulletin->GPC['reason']);

		$dataman->delete();
		unset($dataman);

		if ($messageinfo['postuserid'] != $vbulletin->userinfo['userid'] AND can_moderate(0, 'candeletevisitormessages'))
		{
			require_once(DIR . '/includes/functions_log_error.php');
			log_moderator_action($messageinfo,
				($hard_delete ? 'vm_by_x_for_y_removed' : 'vm_by_x_for_y_soft_deleted'),
				array($messageinfo['postusername'], $userinfo['username'])
			);
		}

		$vbulletin->url = fetch_seo_url('member', $userinfo);
		eval(print_standard_redirect('visitormessagedelete'));
	}
	else
	{
		$vbulletin->url = fetch_seo_url('member', $userinfo);
		eval(print_standard_redirect('visitormessage_nodelete'));
	}
}

// ############################### start retrieve ip ###############################
if ($_REQUEST['do'] == 'viewip')
                 $postman =& datamanager_init('Post', $vbulletin, ERRTYPE_SILENT, 'threadpost');
                 $postman->set_existing($postinfo);
                 $postman->delete($countposts, $postinfo['threadid'], can_moderate($postinfo['forumid'], 'canremoveposts'));
                 unset($postman);
                 $updatethread["{$postinfo['threadid']}"] = 1;
                 $updateforum["{$postinfo['forumid']}"] = 1;
             }
         }
     }
     if (!empty($postids)) {
         $postids = implode(',', $postids);
         $db->query_write("\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "moderation\n\t\t\t\tWHERE primaryid IN({$postids}) AND type = 'reply'\n\t\t\t");
     }
     if (!empty($modlog)) {
         require_once DIR . '/includes/functions_log_error.php';
         log_moderator_action($modlog, 'approved_post');
     }
 }
 vbmail_end();
 // Update post counts
 unset($userbyuserid[0]);
 // skip any guest posts
 if (!empty($userbyuserid)) {
     $userbypostcount = array();
     foreach ($userbyuserid as $postuserid => $postcount) {
         $alluserids .= ",{$postuserid}";
         $userbypostcount["{$postcount}"] .= ",{$postuserid}";
     }
     foreach ($userbypostcount as $postcount => $userids) {
         $casesql .= " WHEN userid IN (0{$userids}) THEN {$postcount}\n";
     }
Exemple #29
0
     // Set up posthandler.
     require_once MYBB_ROOT . "inc/datahandlers/post.php";
     $posthandler = new PostDataHandler("update");
     $posthandler->action = "post";
     // Set the post data that came from the input to the $post array.
     $updatepost = array("pid" => $post['pid'], "tid" => $thread['tid'], "subject" => $subject, "edit_uid" => $mybb->user['uid']);
     $posthandler->set_data($updatepost);
     // Now let the post handler do all the hard work.
     if (!$posthandler->validate_post()) {
         $post_errors = $posthandler->get_friendly_errors();
         xmlhttp_error($post_errors);
     } else {
         $posthandler->update_post();
         if ($ismod == true) {
             $modlogdata = array("tid" => $thread['tid'], "fid" => $forum['fid']);
             log_moderator_action($modlogdata, $lang->edited_post);
         }
     }
 }
 require_once MYBB_ROOT . "inc/class_parser.php";
 $parser = new postParser();
 // Send our headers.
 header("Content-type: application/json; charset={$charset}");
 $plugins->run_hooks("xmlhttp_edit_subject_end");
 $mybb->input['value'] = $parser->parse_badwords($mybb->get_input('value'));
 // Spit the subject back to the browser.
 $subject = substr($mybb->input['value'], 0, 120);
 // 120 is the varchar length for the subject column
 echo json_encode(array("subject" => '<a href="' . get_thread_link($thread['tid']) . '">' . htmlspecialchars_uni($subject) . '</a>'));
 // Close the connection.
 exit;
Exemple #30
0
 /**
  * Any code to run before deleting. Builds lists and updates mod log
  *
  * @param	Boolean Do the query?
  */
 function pre_delete($doquery = true)
 {
     @ignore_user_abort(true);
     // init lists
     $this->lists = array('idlist' => array(), 'postlist' => array(), 'threadlist' => array());
     $replaced = array();
     $ids = $this->registry->db->query_read("\n\t\t\tSELECT\n\t\t\t\tattachment.attachmentid,\n\t\t\t\tattachment.userid,\n\t\t\t\tpost.postid,\n\t\t\t\tpost.threadid,\n\t\t\t\tpost.dateline AS post_dateline,\n\t\t\t\tpost.userid AS post_userid,\n\t\t\t\tthread.forumid,\n\t\t\t\teditlog.hashistory\n\t\t\tFROM " . TABLE_PREFIX . "attachment AS attachment\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = attachment.postid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = post.threadid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON (editlog.postid = post.postid)\n\t\t\tWHERE " . $this->condition);
     while ($id = $this->registry->db->fetch_array($ids)) {
         $this->lists['idlist']["{$id['attachmentid']}"] = $id['userid'];
         if ($id['postid']) {
             $this->lists['postlist']["{$id['postid']}"]++;
             if ($this->log) {
                 if ($this->registry->userinfo['permissions']['genericoptions'] & $this->registry->bf_ugp_genericoptions['showeditedby'] and $id['post_dateline'] < TIMENOW - $this->registry->options['noeditedbytime'] * 60) {
                     if (empty($replaced["{$id['postid']}"])) {
                         /*insert query*/
                         $this->registry->db->query_write("\n\t\t\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "editlog\n\t\t\t\t\t\t\t\t\t\t(postid, userid, username, dateline, hashistory)\n\t\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t\t({$id['postid']},\n\t\t\t\t\t\t\t\t\t" . $this->registry->userinfo['userid'] . ",\n\t\t\t\t\t\t\t\t\t'" . $this->registry->db->escape_string($this->registry->userinfo['username']) . "',\n\t\t\t\t\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t\t\t\t\t" . intval($id['hashistory']) . ")\n\t\t\t\t\t\t\t");
                         $replaced["{$id['postid']}"] = true;
                     }
                 }
                 if ($this->registry->userinfo['userid'] != $id['post_userid'] and can_moderate($threadinfo['forumid'], 'caneditposts')) {
                     $postinfo['forumid'] =& $foruminfo['forumid'];
                     $postinfo = array('postid' => &$id['postid'], 'threadid' => &$id['threadid'], 'forumid' => &$id['forumid'], 'attachmentid' => &$id['attachmentid']);
                     require_once DIR . '/includes/functions_log_error.php';
                     log_moderator_action($postinfo, 'attachment_removed');
                 }
             }
         }
         if ($id['threadid']) {
             $this->lists['threadlist']["{$id['threadid']}"]++;
         }
     }
     if ($this->registry->db->num_rows($ids) == 0) {
         // nothing to delete
         return false;
     } else {
         // condition needs to have any attachment. replaced with TABLE_PREFIX . attachment
         // since DELETE doesn't suport table aliasing in some versions of MySQL
         // we needed the attachment. for the query run above at the start of this function
         $this->condition = preg_replace('#(attachment\\.)#si', TABLE_PREFIX . '\\1', $this->condition);
         return true;
     }
 }