// check password
vB_User::execStrikeUser($vbulletin->userinfo['username']);
if ($vbulletin->GPC['logintype'] === 'cplogin' or $vbulletin->GPC['logintype'] === 'modcplogin') {
// log this error if attempting to access the control panel
require_once DIR . '/includes/functions_log_error.php';
log_vbulletin_error($vbulletin->GPC['vb_login_username'], 'security');
}
// $vbulletin->userinfo = $original_userinfo;
// For vB_API we need to unlogin the users we logged in before
if (defined('VB_API') and VB_API === true) {
$vbulletin->session->set('userid', 0);
$vbulletin->session->set('loggedin', 0);
}
if ($vbulletin->GPC['inlineverify'] and $vbulletin->userinfo) {
require_once DIR . '/includes/modfunctions.php';
show_inline_mod_login(true);
} else {
define('VB_ERROR_PERMISSION', true);
$show['useurl'] = true;
$show['specificerror'] = true;
$url = $vbulletin->url;
if ($vbulletin->options['usestrikesystem']) {
admin_login_error('badlogin_strikes_passthru', array('strikes' => $strikes + 1));
eval(standard_error(fetch_error('badlogin_strikes_passthru', vB5_Route::buildUrl('lostpw|fullurl'), $strikes + 1)));
} else {
admin_login_error('badlogin_passthru', array('strikes' => $strikes + 1));
eval(standard_error(fetch_error('badlogin_passthru', vB5_Route::buildUrl('lostpw|fullurl'), $strikes + 1)));
}
}
}
vB_User::execUnstrikeUser($vbulletin->GPC['vb_login_username']);
$gmessagelist = $vbulletin->input->clean($gmessagelist, TYPE_ARRAY_UINT);
$vbulletin->GPC['gmessagelist'] = array_unique(array_merge($gmessagelist, $vbulletin->GPC['gmessagelist']));
}
if (!$vbulletin->userinfo['userid']) {
print_no_permission();
}
switch ($_POST['do']) {
case 'doinlinedelete':
$inline_mod_authenticate = true;
break;
default:
$inline_mod_authenticate = false;
($hook = vBulletinHook::fetch_hook('group_inlinemod_authenticate_switch')) ? eval($hook) : false;
}
if ($inline_mod_authenticate and !inlinemod_authenticated()) {
show_inline_mod_login();
}
switch ($_POST['do']) {
case 'inlinedelete':
case 'inlineapprove':
case 'inlineunapprove':
case 'inlineundelete':
if (empty($vbulletin->GPC['gmessagelist'])) {
standard_error(fetch_error('you_did_not_select_any_valid_messages'));
}
if (count($vbulletin->GPC['gmessagelist']) > $itemlimit) {
standard_error(fetch_error('you_are_limited_to_working_with_x_messages', $itemlimit));
}
if ($vbulletin->GPC['userid']) {
$userinfo = fetch_userinfo($vbulletin->GPC['userid'], 1);
}
$gmessagelist = $vbulletin->input->clean($gmessagelist, TYPE_ARRAY_UINT);
$vbulletin->GPC['gmessagelist'] = array_unique(array_merge($gmessagelist, $vbulletin->GPC["{$messagelist}"]));
}
if (!$vbulletin->userinfo['userid']) {
print_no_permission();
}
switch ($_POST['do']) {
case 'doinlinedelete':
$inline_mod_authenticate = true;
break;
default:
$inline_mod_authenticate = false;
($hook = vBulletinHook::fetch_hook('group_inlinemod_authenticate_switch')) ? eval($hook) : false;
}
if ($inline_mod_authenticate and !inlinemod_authenticated()) {
show_inline_mod_login(false, true);
}
switch ($_POST['do']) {
case 'inlinedelete':
case 'inlineapprove':
case 'inlineunapprove':
case 'inlineundelete':
if (empty($vbulletin->GPC['gmessagelist'])) {
standard_error(fetch_error($inline_discussion ? 'you_did_not_select_any_valid_discussions' : 'you_did_not_select_any_valid_messages'));
}
if (count($vbulletin->GPC['gmessagelist']) > $itemlimit) {
standard_error(fetch_error($inline_discussion ? 'you_are_limited_to_working_with_x_discussions' : 'you_are_limited_to_working_with_x_messages', $itemlimit));
}
if ($vbulletin->GPC['userid']) {
$userinfo = fetch_userinfo($vbulletin->GPC['userid'], 1);
}
