Exemple #1
0
 public function getData()
 {
     if ($this->config['newposts_forumids']) {
         if (in_array(-1, $this->config['newposts_forumids'])) {
             $forumids = array_keys($this->registry->forumcache);
         } else {
             $forumids = $this->config['newposts_forumids'];
         }
     } else {
         $forumids = array_keys($this->registry->forumcache);
     }
     foreach ($forumids as $forumid) {
         $forumperms =& $this->registry->userinfo['forumpermissions']["{$forumid}"];
         if ($forumperms & $this->registry->bf_ugp_forumpermissions['canview'] and $forumperms & $this->registry->bf_ugp_forumpermissions['canviewothers'] and $forumperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'] and verify_forum_password($forumid, $this->registry->forumcache["{$forumid}"]['password'], false)) {
             $forumchoice[] = $forumid;
         }
     }
     if (!empty($forumchoice)) {
         $forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")";
         // remove threads from users on the global ignore list if user is not a moderator
         $globalignore = '';
         if (trim($this->registry->options['globalignore']) != '') {
             require_once DIR . '/includes/functions_bigthree.php';
             if ($Coventry = fetch_coventry('string')) {
                 $globalignore = "AND post.userid NOT IN ({$Coventry}) ";
             }
         }
         $datecut = TIMENOW - $this->config['datecut'] * 86400;
         $posts = $this->registry->db->query_read_slave("\n\t\t\t\tSELECT post.dateline, post.pagetext AS message, post.allowsmilie, post.postid,\n\t\t\t\t\tthread.threadid, thread.title, thread.prefixid, post.attach,\n\t\t\t\t\tforum.forumid,\n\t\t\t\t\tuser.*\n\t\t\t\t\t" . ($this->registry->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\t\tJOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = post.threadid)\n\t\t\t\tJOIN " . TABLE_PREFIX . "forum AS forum ON(forum.forumid = thread.forumid)\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (post.userid = user.userid)\n\t\t\t\t" . ($this->registry->products['vbcms'] ? " LEFT JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.associatedthreadid = thread.threadid \n" : '') . ($this->registry->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\tWHERE 1=1\n\t\t\t\t{$forumsql}\n\t\t\t\tAND thread.visible = 1\n\t\t\t\tAND post.visible = 1\n\t\t\t\tAND thread.open <> 10\n\t\t\t\tAND post.dateline > {$datecut}\n\t\t\t\t{$globalignore}\n\t\t\t\t" . ($this->userinfo['ignorelist'] ? "AND post.userid NOT IN (" . implode(',', explode(' ', $this->userinfo['ignorelist'])) . ")" : '') . ($this->registry->products['vbcms'] ? " AND info.associatedthreadid IS NULL " : '') . "\n\t\t\tORDER BY post.dateline DESC\n\t\t\tLIMIT 0," . intval($this->config['newposts_limit']) . "\n\t\t\t");
         while ($post = $this->registry->db->fetch_array($posts)) {
             //$post['url'] = fetch_seo_url('thread', $post, array('p' => $post['postid'])) . '#post' . $post['postid'];
             //$post['newposturl'] = fetch_seo_url('thread', $post, array('goto' => 'newpost'));
             // trim the title after fetching the urls
             //$post['title'] = fetch_trimmed_title($post['title'], $this->config['newposts_titlemaxchars']);
             //still need to censor the title
             $post['title'] = fetch_censored_text($post['title']);
             $post['date'] = vbdate($this->registry->options['dateformat'], $post['dateline'], true);
             $post['time'] = vbdate($this->registry->options['timeformat'], $post['dateline']);
             $post['message'] = $this->get_summary($post['message'], $this->config['newposts_messagemaxchars']);
             // get avatar
             $this->fetch_avatarinfo($post);
             $postarray[$post['postid']] = $post;
         }
         return $postarray;
     }
 }
Exemple #2
0
function fr_construct_forum_bit($parentid, $depth = 0, $subsonly = 0)
{
    global $vbulletin, $vbphrase, $show;
    global $imodcache, $lastpostarray, $counters, $inforum;
    // Get exclude IDs
    $exclude_ids = @explode(',', $vbulletin->options['forumrunner_exclude']);
    if (in_array('-1', $exclude_ids)) {
        $exclude_ids = array();
    }
    if (in_array($parentid, $exclude_ids)) {
        return;
    }
    // this function takes the constant MAXFORUMDEPTH as its guide for how
    // deep to recurse down forum lists. if MAXFORUMDEPTH is not defined,
    // it will assume a depth of 2.
    // call fetch_last_post_array() first to get last post info for forums
    if (!is_array($lastpostarray)) {
        fetch_last_post_array($parentid);
    }
    if (empty($vbulletin->iforumcache["{$parentid}"])) {
        return;
    }
    if (!defined('MAXFORUMDEPTH')) {
        define('MAXFORUMDEPTH', 2);
    }
    $forumbits = '';
    $depth++;
    if ($parentid == -1) {
        $parent_is_category = false;
    } else {
        $parentforum = $vbulletin->forumcache[$parentid];
        $parent_is_category = !(bool) ($parentforum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']);
    }
    foreach ($vbulletin->iforumcache["{$parentid}"] as $forumid) {
        if (in_array($forumid, $exclude_ids)) {
            continue;
        }
        // grab the appropriate forum from the $vbulletin->forumcache
        $forum = $vbulletin->forumcache["{$forumid}"];
        //$lastpostforum = $vbulletin->forumcache["$lastpostarray[$forumid]"];
        $lastpostforum = empty($lastpostarray[$forumid]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"];
        if (!$forum['displayorder'] or !($forum['options'] & $vbulletin->bf_misc_forumoptions['active'])) {
            continue;
        }
        $forumperms = $vbulletin->userinfo['forumpermissions']["{$forumid}"];
        $lastpostforumperms = empty($lastpostarray[$forumid]) ? 0 : $vbulletin->userinfo['forumpermissions']["{$lastpostarray[$forumid]}"];
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) and ($vbulletin->forumcache["{$forumid}"]['showprivate'] == 1 or !$vbulletin->forumcache["{$forumid}"]['showprivate'] and !$vbulletin->options['showprivateforums'])) {
            // no permission to view current forum
            continue;
        }
        if ($subsonly) {
            $childforumbits = fr_construct_forum_bit($forum['forumid'], 1, $subsonly);
        } else {
            if ($depth < MAXFORUMDEPTH) {
                $childforumbits = fr_construct_forum_bit($forum['forumid'], $depth, $subsonly);
            } else {
                $childforumbits = '';
            }
        }
        // do stuff if we are not doing subscriptions only, or if we ARE doing subscriptions,
        // and the forum has a subscribedforumid
        if (!$subsonly or $subsonly and !empty($forum['subscribeforumid'])) {
            $GLOBALS['forumshown'] = true;
            // say that we have shown at least one forum
            if ($forum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']) {
                // get appropriate suffix for template name
                $tempext = '_post';
            } else {
                $tempext = '_nopost';
            }
            if (!$vbulletin->options['showforumdescription']) {
                // blank forum description if set to not show
                $forum['description'] = '';
            }
            // dates & thread title
            $lastpostinfo = empty($lastpostarray["{$forumid}"]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"];
            // compare last post time for this forum with the last post time specified by
            // the $lastpostarray, and if it's less, use the last post info from the forum
            // specified by $lastpostarray
            if (!empty($lastpostinfo) and $vbulletin->forumcache["{$lastpostarray[$forumid]}"]['lastpost'] > 0) {
                if (!($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $lastpostinfo['lastposter'] != $vbulletin->userinfo['username']) {
                    $forum['lastpostinfo'] = $vbphrase['private'];
                } else {
                    $lastpostinfo['lastpostdate'] = vbdate($vbulletin->options['dateformat'], $lastpostinfo['lastpost'], 1);
                    $lastpostinfo['lastposttime'] = vbdate($vbulletin->options['timeformat'], $lastpostinfo['lastpost']);
                    $lastpostinfo['trimthread'] = fetch_trimmed_title(fetch_censored_text($lastpostinfo['lastthread']));
                    if ($lastpostinfo['lastprefixid'] and $vbulletin->options['showprefixlastpost']) {
                        $lastpostinfo['prefix'] = $vbulletin->options['showprefixlastpost'] == 2 ? $vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_rich"] : htmlspecialchars_uni($vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_plain"]);
                    } else {
                        $lastpostinfo['prefix'] = '';
                    }
                    if ($vbulletin->forumcache["{$lastpostforum['forumid']}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons'] and $icon = fetch_iconinfo($lastpostinfo['lasticonid'])) {
                        $show['icon'] = true;
                    } else {
                        $show['icon'] = false;
                    }
                    $show['lastpostinfo'] = (!$lastpostforum['password'] or verify_forum_password($lastpostforum['forumid'], $lastpostforum['password'], false));
                    $pageinfo_lastpost = array('p' => $lastpostinfo['lastpostid']);
                    $pageinfo_newpost = array('goto' => 'newpost');
                    $threadinfo = array('title' => $lastpostinfo['lastthread'], 'threadid' => $lastpostinfo['lastthreadid']);
                }
            } else {
                if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
                    $forum['lastpostinfo'] = $vbphrase['private'];
                } else {
                    $forum['lastpostinfo'] = $vbphrase['never'];
                }
            }
            // do light bulb
            $forum['statusicon'] = fetch_forum_lightbulb($forumid, $lastpostinfo, $forum);
            // add lock to lightbulb if necessary
            // from 3.6.9 & 3.7.0 we now show locks only if a user can not post AT ALL
            // previously it was just if they could not create new threads
            if ($vbulletin->options['showlocks'] and !$forum['link'] and (!($forum['options'] & $vbulletin->bf_misc_forumoptions['allowposting']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostnew']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) {
                $forum['statusicon'] .= '_lock';
            }
            // get counters from the counters cache ( prepared by fetch_last_post_array() )
            $forum['threadcount'] = $counters["{$forum['forumid']}"]['threadcount'];
            $forum['replycount'] = $counters["{$forum['forumid']}"]['replycount'];
            // get moderators ( this is why we needed cache_moderators() )
            if ($vbulletin->options['showmoderatorcolumn']) {
                $showmods = array();
                $listexploded = explode(',', $forum['parentlist']);
                foreach ($listexploded as $parentforumid) {
                    if (!isset($imodcache["{$parentforumid}"]) or $parentforumid == -1) {
                        continue;
                    }
                    foreach ($imodcache["{$parentforumid}"] as $moderator) {
                        if (isset($showmods["{$moderator['userid']}"])) {
                            continue;
                        }
                        ($hook = vBulletinHook::fetch_hook('forumbit_moderator')) ? eval($hook) : false;
                        $showmods["{$moderator['userid']}"] = true;
                        if (!isset($forum['moderators'])) {
                            $forum['moderators'] = '';
                        }
                    }
                }
                if (!isset($forum['moderators'])) {
                    $forum['moderators'] = '';
                }
            }
            if ($forum['link']) {
                $forum['replycount'] = '-';
                $forum['threadcount'] = '-';
                $forum['lastpostinfo'] = '-';
            } else {
                $forum['replycount'] = vb_number_format($forum['replycount']);
                $forum['threadcount'] = vb_number_format($forum['threadcount']);
            }
            if (($subsonly or $depth == MAXFORUMDEPTH) and $vbulletin->options['subforumdepth'] > 0) {
                //$forum['subforums'] = construct_subforum_bit($forumid, ($forum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads'] ) );
                $forum['subforums'] = '';
            } else {
                $forum['subforums'] = '';
            }
            $forum['browsers'] = 0;
            $children = explode(',', $forum['childlist']);
            foreach ($children as $childid) {
                $forum['browsers'] += isset($inforum["{$childid}"]) ? $inforum["{$childid}"] : 0;
            }
            if ($depth == 1 and $tempext == '_nopost') {
                global $vbcollapse;
                $collapseobj_forumid =& $vbcollapse["collapseobj_forumbit_{$forumid}"];
                $collapseimg_forumid =& $vbcollapse["collapseimg_forumbit_{$forumid}"];
                $show['collapsebutton'] = true;
            } else {
                $show['collapsebutton'] = false;
            }
            $show['forumsubscription'] = $subsonly ? true : false;
            $show['forumdescription'] = $forum['description'] != '' ? true : false;
            $show['subforums'] = $forum['subforums'] != '' ? true : false;
            $show['browsers'] = ($vbulletin->options['displayloggedin'] and !$forum['link'] and $forum['browsers'] ? true : false);
            // FRNR Start
            // If this forum has a password, check to see if we have
            // the proper cookie.  If so, don't prompt for one
            $password = 0;
            if ($forum['password']) {
                $pw_ok = verify_forum_password($forum['forumid'], $forum['password'], false);
                if (!$pw_ok) {
                    $password = 1;
                }
            }
            $new = array('id' => $forum['forumid'], 'new' => $forum['statusicon'] == 'new' ? true : false, 'name' => prepare_utf8_string(strip_tags($forum['title'])), 'password' => $password);
            $icon = fr_get_forum_icon($forum['forumid'], $forum['statusicon'] == 'new' ? true : false);
            if ($icon) {
                $new['icon'] = $icon;
            }
            if ($forum['link'] != '') {
                $link = fr_fix_url($forum['link']);
                if (is_int($link)) {
                    $new['id'] = $link;
                } else {
                    $new['link'] = $link;
                }
                $linkicon = fr_get_forum_icon($forum['forumid'], false, true);
                if ($linkicon) {
                    $new['icon'] = $linkicon;
                }
            }
            if ($forum['description'] != '') {
                $desc = prepare_utf8_string(strip_tags($forum['description']));
                if (strlen($desc) > 0) {
                    $new['desc'] = $desc;
                }
            }
            $out[] = $new;
            // FRNR End
        } else {
            $forumbits .= $childforumbits;
        }
    }
    return $out;
}
Exemple #3
0
/**
* Fetches and prepares posts for quoting. Returned text is BB code.
*
* @param	array	Array of post IDs to pull from
* @param	integer	The ID of the thread that is being quoted into
* @param	integer	Returns the number of posts that were unquoted because of the value of the next argument
* @param	array	Returns the IDs of the posts that were actually quoted
* @param	string	Controls what posts are successfully quoted: all, only (only the thread ID), other (only other thread IDs)
* @param	boolean	Whether to undo the htmlspecialchars calls; useful when returning HTML to be entered via JS
*/
function fetch_quotable_posts($quote_postids, $threadid, &$unquoted_posts, &$quoted_post_ids, $limit_thread = 'only', $unhtmlspecialchars = false)
{
    global $vbulletin;
    $unquoted_posts = 0;
    $quoted_post_ids = array();
    $quote_postids = array_diff_assoc(array_unique(array_map('intval', $quote_postids)), array(0));
    // limit to X number of posts
    if ($vbulletin->options['mqlimit'] > 0) {
        $quote_postids = array_slice($quote_postids, 0, $vbulletin->options['mqlimit']);
    }
    if (empty($quote_postids)) {
        // nothing to quote
        return '';
    }
    $hook_query_fields = $hook_query_joins = '';
    ($hook = vBulletinHook::fetch_hook('quotable_posts_query')) ? eval($hook) : false;
    $quote_post_data = $vbulletin->db->query_read_slave("\n\t\tSELECT post.postid, post.title, post.pagetext, post.dateline, post.userid, post.visible AS postvisible,\n\t\t\tIF(user.username <> '', user.username, post.username) AS username,\n\t\t\tthread.threadid, thread.title AS threadtitle, thread.postuserid, thread.visible AS threadvisible,\n\t\t\tforum.forumid, forum.password\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (post.userid = user.userid)\n\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread ON (post.threadid = thread.threadid)\n\t\tINNER JOIN " . TABLE_PREFIX . "forum AS forum ON (thread.forumid = forum.forumid)\n\t\t{$hook_query_joins}\n\t\tWHERE post.postid IN (" . implode(',', $quote_postids) . ")\n\t");
    $quote_posts = array();
    while ($quote_post = $vbulletin->db->fetch_array($quote_post_data)) {
        if ((!$quote_post['postvisible'] or $quote_post['postvisible'] == 2) and !can_moderate($quote_post['forumid']) or (!$quote_post['threadvisible'] or $quote_post['threadvisible'] == 2) and !can_moderate($quote_post['forumid'])) {
            // no permission to view this post
            continue;
        }
        $forumperms = fetch_permissions($quote_post['forumid']);
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($quote_post['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($quote_post['forumid'], $quote_post['password'], false) or in_coventry($quote_post['postuserid']) and !can_moderate($quote_post['forumid']) or in_coventry($quote_post['userid']) and !can_moderate($quote_post['forumid'])) {
            // no permission to view this post
            continue;
        }
        if ($limit_thread == 'only' and $quote_post['threadid'] != $threadid or $limit_thread == 'other' and $quote_post['threadid'] == $threadid or $limit_thread == 'all') {
            $unquoted_posts++;
            continue;
        }
        $skip_post = false;
        ($hook = vBulletinHook::fetch_hook('quotable_posts_logic')) ? eval($hook) : false;
        if ($skip_post) {
            continue;
        }
        $quote_posts["{$quote_post['postid']}"] = $quote_post;
    }
    $message = '';
    foreach ($quote_postids as $quote_postid) {
        if (!isset($quote_posts["{$quote_postid}"])) {
            continue;
        }
        $quote_post =& $quote_posts["{$quote_postid}"];
        $originalposter = fetch_quote_username($quote_post['username'] . ";{$quote_post['postid']}");
        $postdate = vbdate($vbulletin->options['dateformat'], $quote_post['dateline']);
        $posttime = vbdate($vbulletin->options['timeformat'], $quote_post['dateline']);
        $pagetext = htmlspecialchars_uni($quote_post['pagetext']);
        $pagetext = trim(strip_quotes($pagetext));
        ($hook = vBulletinHook::fetch_hook('newreply_quote')) ? eval($hook) : false;
        eval('$message .= "' . fetch_template('newpost_quote', 0, false) . '\\n";');
        $quoted_post_ids[] = $quote_postid;
    }
    if ($unhtmlspecialchars) {
        $message = unhtmlspecialchars($message);
    }
    return $message;
}
Exemple #4
0
 /**
  * Verifies permissions to attach content to posts
  *
  * @param	array	Contenttype information - bypass reading environment settings
  *
  * @return	boolean
  */
 public function verify_permissions($info = array())
 {
     global $show;
     if ($info) {
         $this->values['postid'] = $info['postid'];
         $this->values['threadid'] = $info['threadid'];
         $this->values['forumid'] = $info['forumid'];
     } else {
         $this->values['postid'] = intval($this->values['p']) ? intval($this->values['p']) : intval($this->values['postid']);
         $this->values['threadid'] = intval($this->values['t']) ? intval($this->values['t']) : intval($this->values['threadid']);
         $this->values['forumid'] = intval($this->values['f']) ? intval($this->values['f']) : intval($this->values['forumid']);
     }
     if ($this->values['postid']) {
         if (!($this->postinfo = fetch_postinfo($this->values['postid']))) {
             return false;
         }
         $this->values['threadid'] = $this->postinfo['threadid'];
     }
     if ($this->values['threadid']) {
         if (!($this->threadinfo = fetch_threadinfo($this->values['threadid']))) {
             return false;
         }
         $this->values['forumid'] = $this->threadinfo['forumid'];
     }
     if ($this->values['forumid'] and !($this->foruminfo = fetch_foruminfo($this->values['forumid']))) {
         return false;
     }
     if (!$this->foruminfo and !$this->threadinfo and !($this->postinfo and $this->values['editpost'])) {
         return false;
     }
     $forumperms = fetch_permissions($this->foruminfo['forumid']);
     // No permissions to post attachments in this forum or no permission to view threads in this forum.
     if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canpostattachment']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canview']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'])) {
         return false;
     }
     if (!$this->postinfo and !$this->foruminfo['allowposting'] or $this->foruminfo['link'] or !$this->foruminfo['cancontainthreads']) {
         return false;
     }
     if ($this->threadinfo) {
         if ($this->threadinfo['isdeleted'] or !$this->threadinfo['visible'] and !can_moderate($this->threadinfo['forumid'], 'canmoderateposts')) {
             return false;
         }
         if (!$this->threadinfo['open']) {
             if (!can_moderate($this->threadinfo['forumid'], 'canopenclose')) {
                 return false;
             }
         }
         if ($this->registry->userinfo['userid'] != $this->threadinfo['postuserid'] and (!($forumperms & $this->registry->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canreplyothers']))) {
             return false;
         }
         // don't call this part on editpost.php (which will have a $postid)
         if (!$this->postinfo and !($forumperms & $this->registry->bf_ugp_forumpermissions['canreplyown']) and $this->registry->userinfo['userid'] == $this->threadinfo['postuserid']) {
             return false;
         }
     } else {
         if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canpostnew'])) {
             return false;
         }
     }
     if ($this->postinfo) {
         if (!can_moderate($this->threadinfo['forumid'], 'caneditposts')) {
             if (!($forumperms & $this->registry->bf_ugp_forumpermissions['caneditpost'])) {
                 return false;
             } else {
                 if ($this->registry->userinfo['userid'] != $this->postinfo['userid']) {
                     // check user owns this post
                     return false;
                 } else {
                     // check for time limits
                     if ($this->postinfo['dateline'] < TIMENOW - $this->registry->options['edittimelimit'] * 60 and $this->registry->options['edittimelimit']) {
                         return false;
                     }
                 }
             }
         }
         $this->contentid = $this->postinfo['postid'];
         $this->userinfo = fetch_userinfo($this->postinfo['userid']);
         cache_permissions($this->userinfo, true);
     } else {
         $this->userinfo = $this->registry->userinfo;
     }
     // check if there is a forum password and if so, ensure the user has it set
     verify_forum_password($this->foruminfo['forumid'], $this->foruminfo['password'], false);
     if (!$this->foruminfo['allowposting']) {
         $show['attachoption'] = false;
         $show['forumclosed'] = true;
     }
     return true;
 }
Exemple #5
0
// *********************************************************************************
// get forum info
$forum = fetch_foruminfo($thread['forumid']);
$foruminfo =& $forum;
// *********************************************************************************
// check forum permissions
$forumperms = fetch_permissions($thread['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
    print_no_permission();
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($thread['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
    print_no_permission();
}
// *********************************************************************************
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
// *********************************************************************************
// jump page if thread is actually a redirect
if ($thread['open'] == 10) {
    $destthreadinfo = fetch_threadinfo($threadinfo['pollid']);
    exec_header_redirect(fetch_seo_url('thread|js', $destthreadinfo, $pageinfo));
}
// *********************************************************************************
// get ignored users
$ignore = array();
if (trim($vbulletin->userinfo['ignorelist'])) {
    $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
    foreach ($ignorelist as $ignoreuserid) {
        $ignore["{$ignoreuserid}"] = 1;
    }
}
Exemple #6
0
 // set display terms
 $display = array('words' => array(), 'highlight' => array(), 'common' => array(), 'users' => array(), 'forums' => $display['forums'], 'options' => array('starteronly' => false, 'childforums' => true, 'action' => $_REQUEST['do']));
 ($hook = vBulletinHook::fetch_hook('search_getnew_display')) ? eval($hook) : false;
 // get moderator cache for forum password purposes
 if ($vbulletin->userinfo['userid']) {
     cache_moderators();
 }
 // get forum ids for all forums user is allowed to view
 foreach ($forumids as $key => $forumid) {
     if (is_array($includearray) and empty($includearray["{$forumid}"])) {
         unset($forumids["{$key}"]);
         continue;
     }
     $fperms =& $vbulletin->userinfo['forumpermissions']["{$forumid}"];
     $forum =& $vbulletin->forumcache["{$forumid}"];
     if (!($fperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($fperms & $vbulletin->bf_ugp_forumpermissions['cansearch']) or !verify_forum_password($forumid, $forum['password'], false)) {
         unset($forumids["{$key}"]);
     }
 }
 if (empty($forumids)) {
     eval(standard_error(fetch_error('invalidid', $vbphrase['forum'], $vbulletin->options['contactuslink'])));
 }
 if ($_REQUEST['do'] == 'getnew' and $vbulletin->userinfo['userid'] and $vbulletin->options['threadmarking'] and !$vbulletin->GPC['oldmethod']) {
     $marking_join = "\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")\n\t\t\tINNER JOIN " . TABLE_PREFIX . "forum AS forum ON (forum.forumid = thread.forumid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "forumread AS forumread ON (forumread.forumid = forum.forumid AND forumread.userid = " . $vbulletin->userinfo['userid'] . ")\n\t\t";
     $cutoff = TIMENOW - $vbulletin->options['markinglimit'] * 86400;
     $lastpost_where = "\n\t\t\tAND thread.lastpost > IF(threadread.readtime IS NULL, {$cutoff}, threadread.readtime)\n\t\t\tAND thread.lastpost > IF(forumread.readtime IS NULL, {$cutoff}, forumread.readtime)\n\t\t\tAND thread.lastpost > {$cutoff}\n\t\t";
     $post_lastpost_where = "\n\t\t\tAND post.dateline > IF(threadread.readtime IS NULL, {$cutoff}, threadread.readtime)\n\t\t\tAND post.dateline > IF(forumread.readtime IS NULL, {$cutoff}, forumread.readtime)\n\t\t\tAND post.dateline > {$cutoff}\n\t\t";
 } else {
     $marking_join = '';
     $lastpost_where = "AND thread.lastpost >= {$datecut}";
     $post_lastpost_where = "AND post.dateline >= {$datecut}";
function construct_forum_bit($parentid, $depth = 0, $subsonly = 0)
{
    global $vbulletin, $vbphrase, $show;
    global $imodcache, $lastpostarray, $counters, $inforum;
    // this function takes the constant MAXFORUMDEPTH as its guide for how
    // deep to recurse down forum lists. if MAXFORUMDEPTH is not defined,
    // it will assume a depth of 2.
    // call fetch_last_post_array() first to get last post info for forums
    if (!is_array($lastpostarray)) {
        fetch_last_post_array($parentid);
    }
    if (empty($vbulletin->iforumcache["{$parentid}"])) {
        return;
    }
    if (!defined('MAXFORUMDEPTH')) {
        define('MAXFORUMDEPTH', 2);
    }
    $forumbits = '';
    $depth++;
    if ($parentid == -1) {
        $parent_is_category = false;
    } else {
        $parentforum = $vbulletin->forumcache[$parentid];
        $parent_is_category = !(bool) ($parentforum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']);
    }
    foreach ($vbulletin->iforumcache["{$parentid}"] as $forumid) {
        // grab the appropriate forum from the $vbulletin->forumcache
        $forum = $vbulletin->forumcache["{$forumid}"];
        //$lastpostforum = $vbulletin->forumcache["$lastpostarray[$forumid]"];
        $lastpostforum = empty($lastpostarray[$forumid]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"];
        if (!$forum['displayorder'] or !($forum['options'] & $vbulletin->bf_misc_forumoptions['active'])) {
            continue;
        }
        $forumperms = $vbulletin->userinfo['forumpermissions']["{$forumid}"];
        $lastpostforumperms = empty($lastpostarray[$forumid]) ? 0 : $vbulletin->userinfo['forumpermissions']["{$lastpostarray[$forumid]}"];
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) and ($vbulletin->forumcache["{$forumid}"]['showprivate'] == 1 or !$vbulletin->forumcache["{$forumid}"]['showprivate'] and !$vbulletin->options['showprivateforums'])) {
            // no permission to view current forum
            continue;
        }
        if ($subsonly) {
            $childforumbits = construct_forum_bit($forum['forumid'], 1, $subsonly);
        } else {
            if ($depth < MAXFORUMDEPTH) {
                $childforumbits = construct_forum_bit($forum['forumid'], $depth, $subsonly);
            } else {
                $childforumbits = '';
            }
        }
        // do stuff if we are not doing subscriptions only, or if we ARE doing subscriptions,
        // and the forum has a subscribedforumid
        if (!$subsonly or $subsonly and !empty($forum['subscribeforumid'])) {
            $GLOBALS['forumshown'] = true;
            // say that we have shown at least one forum
            if ($forum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']) {
                // get appropriate suffix for template name
                $tempext = '_post';
            } else {
                $tempext = '_nopost';
            }
            if (!$vbulletin->options['showforumdescription']) {
                // blank forum description if set to not show
                $forum['description'] = '';
            }
            // dates & thread title
            $lastpostinfo = empty($lastpostarray["{$forumid}"]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"];
            // compare last post time for this forum with the last post time specified by
            // the $lastpostarray, and if it's less, use the last post info from the forum
            // specified by $lastpostarray
            if (!empty($lastpostinfo) and $vbulletin->forumcache["{$lastpostarray[$forumid]}"]['lastpost'] > 0) {
                if (!($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $lastpostinfo['lastposter'] != $vbulletin->userinfo['username']) {
                    $forum['lastpostinfo'] = $vbphrase['private'];
                } else {
                    $lastpostinfo['lastpostdate'] = vbdate($vbulletin->options['dateformat'], $lastpostinfo['lastpost'], 1);
                    $lastpostinfo['lastposttime'] = vbdate($vbulletin->options['timeformat'], $lastpostinfo['lastpost']);
                    $lastpostinfo['trimthread'] = fetch_trimmed_title(fetch_censored_text($lastpostinfo['lastthread']));
                    if ($lastpostinfo['lastprefixid'] and $vbulletin->options['showprefixlastpost']) {
                        $lastpostinfo['prefix'] = $vbulletin->options['showprefixlastpost'] == 2 ? $vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_rich"] : htmlspecialchars_uni($vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_plain"]);
                    } else {
                        $lastpostinfo['prefix'] = '';
                    }
                    if ($vbulletin->forumcache["{$lastpostforum['forumid']}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons'] and $icon = fetch_iconinfo($lastpostinfo['lasticonid'])) {
                        $show['icon'] = true;
                    } else {
                        $show['icon'] = false;
                    }
                    $show['lastpostinfo'] = (!$lastpostforum['password'] or verify_forum_password($lastpostforum['forumid'], $lastpostforum['password'], false));
                    $pageinfo_lastpost = array('p' => $lastpostinfo['lastpostid']);
                    $pageinfo_newpost = array('goto' => 'newpost');
                    $threadinfo = array('title' => $lastpostinfo['lastthread'], 'threadid' => $lastpostinfo['lastthreadid']);
                    // prepare the member action drop-down menu
                    $memberaction_dropdown = construct_memberaction_dropdown(fetch_lastposter_userinfo($lastpostinfo));
                    $templater = vB_Template::create('forumhome_lastpostby');
                    $templater->register('icon', $icon);
                    $templater->register('memberaction_dropdown', $memberaction_dropdown);
                    $templater->register('lastpostinfo', $lastpostinfo);
                    $templater->register('pageinfo_lastpost', $pageinfo_lastpost);
                    $templater->register('pageinfo_newpost', $pageinfo_newpost);
                    $templater->register('threadinfo', $threadinfo);
                    $forum['lastpostinfo'] = $templater->render();
                }
            } else {
                if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
                    $forum['lastpostinfo'] = $vbphrase['private'];
                } else {
                    $forum['lastpostinfo'] = $vbphrase['never'];
                }
            }
            // do light bulb
            $forum['statusicon'] = fetch_forum_lightbulb($forumid, $lastpostinfo, $forum);
            // add lock to lightbulb if necessary
            // from 3.6.9 & 3.7.0 we now show locks only if a user can not post AT ALL
            // previously it was just if they could not create new threads
            if ($vbulletin->options['showlocks'] and !$forum['link'] and (!($forum['options'] & $vbulletin->bf_misc_forumoptions['allowposting']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostnew']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) {
                $forum['statusicon'] .= '_lock';
            }
            // get posting permissions
            $forum['allowposting'] = true;
            if (!($forum['options'] & $vbulletin->bf_misc_forumoptions['allowposting'])) {
                $forum['allowposting'] = false;
            }
            // get counters from the counters cache ( prepared by fetch_last_post_array() )
            $forum['threadcount'] = $counters["{$forum['forumid']}"]['threadcount'];
            $forum['replycount'] = $counters["{$forum['forumid']}"]['replycount'];
            // get moderators ( this is why we needed cache_moderators() )
            if ($vbulletin->options['showmoderatorcolumn']) {
                $clc = 0;
                $showmods = array();
                $forum['moderators'] = array();
                $listexploded = explode(',', $forum['parentlist']);
                foreach ($listexploded as $parentforumid) {
                    if (!isset($imodcache["{$parentforumid}"]) or $parentforumid == -1) {
                        continue;
                    }
                    foreach ($imodcache["{$parentforumid}"] as $moderator) {
                        if (isset($showmods["{$moderator['userid']}"])) {
                            continue;
                        }
                        ($hook = vBulletinHook::fetch_hook('forumbit_moderator')) ? eval($hook) : false;
                        $clc++;
                        $showmods["{$moderator['userid']}"] = true;
                        $moderator['comma'] = $vbphrase['comma_space'];
                        $forum['moderators'][$clc] = $moderator;
                    }
                }
                // Last element
                if ($clc) {
                    $forum['moderators'][$clc]['comma'] = '';
                }
            }
            if ($forum['link']) {
                $forum['replycount'] = '-';
                $forum['threadcount'] = '-';
                $forum['lastpostinfo'] = '-';
            } else {
                $forum['replycount'] = vb_number_format($forum['replycount']);
                $forum['threadcount'] = vb_number_format($forum['threadcount']);
            }
            $subforums = array();
            if (($subsonly or $depth == MAXFORUMDEPTH) and $vbulletin->options['subforumdepth'] > 0) {
                $subforums = construct_subforum_bit($forumid);
                $clc = sizeof($subforums);
                // Last element
                if ($clc) {
                    $subforums[$clc - 1]['comma'] = '';
                }
            }
            $forum['browsers'] = 0;
            $children = explode(',', $forum['childlist']);
            foreach ($children as $childid) {
                $forum['browsers'] += isset($inforum["{$childid}"]) ? $inforum["{$childid}"] : 0;
            }
            if ($depth == 1 and $tempext == '_nopost') {
                global $vbcollapse;
                $collapseobj_forumid =& $vbcollapse["collapseobj_forumbit_{$forumid}"];
                $collapseimg_forumid =& $vbcollapse["collapseimg_forumbit_{$forumid}"];
                $show['collapsebutton'] = true;
            } else {
                $show['collapsebutton'] = false;
            }
            $show['forumsubscription'] = !empty($forum['subscribeforumid']);
            $show['forumdescription'] = $forum['description'] != '' ? true : false;
            $show['subforums'] = !empty($subforums) ? true : false;
            $show['browsers'] = ($vbulletin->options['displayloggedin'] and !$forum['link'] and $forum['browsers'] ? true : false);
            if ($show['subforums']) {
                $templater = vB_Template::create("forumhome_subforums");
                $templater->register('subforums', $subforums);
                $forum['subforums'] = $templater->render();
            }
            $perms = fetch_permissions($forumid, 0, array('userid' => 0, 'usergroupid' => 1), false);
            // VBIV-14011, Always skip Calendar Permissions
            $show['externalrss'] = ($vbulletin->options['externalrss'] and $perms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] and $perms & $vbulletin->bf_ugp_forumpermissions['canviewothers']);
            // build the template for the current forum
            ($hook = vBulletinHook::fetch_hook('forumbit_display')) ? eval($hook) : false;
            $templater = vB_Template::create("forumhome_forumbit_level{$depth}{$tempext}");
            $templater->register('childforumbits', $childforumbits);
            $templater->register('collapseimg_forumid', $collapseimg_forumid);
            $templater->register('collapseobj_forumid', $collapseobj_forumid);
            $templater->register('forum', $forum);
            $templater->register('forumid', $forumid);
            $templater->register('parent_is_category', $parent_is_category);
            $forumbits .= $templater->render();
        } else {
            $forumbits .= $childforumbits;
        }
    }
    return $forumbits;
}
Exemple #8
0
$show['avatarlink'] = $vbulletin->options['avatarenabled'];
$show['profilepiclink'] = ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canprofilepic'] and $vbulletin->options['profilepicenabled']);
$show['wollink'] = $vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonline'];
$show['spacer'] = true;
// used in postbit template
if (THIS_SCRIPT == 'register') {
    // see 3.6 bug 876 -- causes double redirect and error when activating
    $show['dst_correction'] = false;
} else {
    $show['dst_correction'] = (($vbulletin->session->vars['loggedin'] == 1 or $vbulletin->session->created or THIS_SCRIPT == 'usercp') and $vbulletin->userinfo['dstauto'] == 1 and $vbulletin->userinfo['userid']);
}
$show['contactus'] = ($vbulletin->options['contactuslink'] and (!$vbulletin->userinfo['userid'] and $vbulletin->options['contactustype'] or $vbulletin->userinfo['userid']));
$show['forumdesc'] = ($vbulletin->options['nav_forumdesc'] and trim($foruminfo['description']) != '' and in_array(THIS_SCRIPT, array('newthread', 'newreply', 'forumdisplay', 'showthread', 'announcement', 'editpost', 'poll', 'report', 'sendmessage', 'threadrate')));
$show['foruminfo'] = (THIS_SCRIPT == 'forumdisplay' and $vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) ? true : false;
if (THIS_SCRIPT == 'showthread' and $threadinfo['threadid']) {
    if (!($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) or (!$threadinfo['visible'] and !can_moderate($foruminfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($foruminfo['forumid'])) or in_coventry($threadinfo['postuserid']) and !can_moderate($foruminfo['forumid']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
        $show['threadinfo'] = false;
    } else {
        $show['threadinfo'] = true;
    }
} else {
    $show['threadinfo'] = false;
}
// you may define this if you don't want the password in the login box to be zapped onsubmit; good for integration
$show['nopasswordempty'] = defined('DISABLE_PASSWORD_CLEARING') ? 1 : 0;
// this nees to be an int for the templates
$ad_location = array();
// parse some global templates
eval('$gobutton = "' . fetch_template('gobutton') . '";');
eval('$spacer_open = "' . fetch_template('spacer_open') . '";');
eval('$spacer_close = "' . fetch_template('spacer_close') . '";');
Exemple #9
0
	/**
	* Get forums the user is unable to view.
	*
	*	Need to verify that this makes sense in general code stolen from search
	* logic and search specific param removed.
	*
	*	This value is calculated once and the list is returned on subsequent calls
	*
	*	@return array(int) list of hidden forum ids 
	*/
	public function getHiddenForums()
	{
		if (is_null($this->hidden_forums))
		{
			$this->hidden_forums = array();
			foreach ($this->registry->userinfo['forumpermissions'] AS $forumid => $fperms)
			{
				$forum = fetch_foruminfo($forumid);
				if (
					!$this->hasForumPermission($forumid, 'canview') OR 
					!verify_forum_password($forumid, $forum['password'], false)  
				)
				{
					$this->hidden_forums[] = $forumid;
				}
			}
		}
		return $this->hidden_forums;
	}
Exemple #10
0
	/**
	 * Populates a view with the expected info from a content item.
	 *
	 * @param vB_View $view
	 * @param int $viewtype
	 */
	protected function populateViewContent(vB_View $view, $viewtype = self::VIEW_PAGE, $increment_count = true)
	{
		global $show;
		$this->content->requireInfo(vBCms_Item_Content::INFO_BASIC);
		$this->content->requireInfo(vBCms_Item_Content::INFO_CONTENT);
		$this->content->requireInfo(vBCms_Item_Content::INFO_CONFIG);
		$this->content->requireInfo(vBCms_Item_Content::INFO_NODE);
		$this->content->requireInfo(vBCms_Item_Content::INFO_PARENTS);

		if ($_REQUEST['goto'] == 'newcomment')
		{
			require_once DIR . '/includes/functions_bigthree.php' ;

			$record = vB::$vbulletin->db->query_first("SELECT associatedthreadid
				FROM " . TABLE_PREFIX . "cms_nodeinfo WHERE nodeid = " . $this->getNodeId());
			$threadid = $record['associatedthreadid'];
			$threadinfo = verify_id('thread', $threadid, 1, 1);

			if (vB::$vbulletin->options['threadmarking'] AND vB::$vbulletin->userinfo['userid'])
			{
				vB::$vbulletin->userinfo['lastvisit'] = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - (vB::$vbulletin->options['markinglimit'] * 86400));
			}
			else if (($tview = intval(fetch_bbarray_cookie('thread_lastview', $threadid))) > vB::$vbulletin->userinfo['lastvisit'])
			{
				vB::$vbulletin->userinfo['lastvisit'] = $tview;
			}

			$coventry = fetch_coventry('string');
			$posts = vB::$vbulletin->db->query_first("
				SELECT MIN(postid) AS postid
				FROM " . TABLE_PREFIX . "post
				WHERE threadid = $threadinfo[threadid]
					AND visible = 1
					AND dateline > " . intval(vB::$vbulletin->userinfo['lastvisit']) . "
					". ($coventry ? "AND userid NOT IN ($coventry)" : "") . "
				LIMIT 1
			");

			$target_url = vB_Router::getURL();
			$join_char = strpos($target_url,'?') ? '&amp;' : '?';
			if ($posts['postid'])
			{
				exec_header_redirect($target_url . $join_char . "commentid=" . $posts['postid'] . "#post$posts[postid]");
			}
			else
			{
				exec_header_redirect($target_url . $join_char . "commentid=" . $threadinfo['lastpostid'] . "#post$threadinfo[lastpostid]");
			}
		}
		if ($_REQUEST['commentid'])
		{
			vB::$vbulletin->input->clean_array_gpc('r', array(
				'commentid' => vB_Input::TYPE_INT,
			));
			$postinfo = verify_id('post', vB::$vbulletin->GPC['commentid'], 1, 1);
			$record = vB::$vbulletin->db->query_first("SELECT associatedthreadid
				FROM " . TABLE_PREFIX . "cms_nodeinfo WHERE nodeid = " . $this->getNodeId());
			$threadid = $record['associatedthreadid'];

			// if comment id and node id do not match, we ignore commentid
			if ($postinfo['threadid'] == $threadid)
			{
				$getpagenum = vB::$vbulletin->db->query_first("
					SELECT COUNT(*) AS posts
					FROM " . TABLE_PREFIX . "post AS post
					WHERE threadid = $threadid AND visible = 1
					AND dateline <= $postinfo[dateline]
				");
				$_REQUEST['commentpage'] = ceil($getpagenum['posts'] / 20);
			}
		}

		if ($_REQUEST['do']== 'apply' OR $_REQUEST['do'] == 'update' OR $_REQUEST['do'] == 'movenode')
		{
			$this->SaveData($view);
		}

		($hook = vBulletinHook::fetch_hook('vbcms_article_populate_start')) ? eval($hook) : false;

		//Now we need to get the settings for turning off content. There is the "settingsforboth" flag, which says whether we even apply
		// the settings to the current page, and there are the six "show" variables.

		if ($_REQUEST['do'] == 'delete' AND $this->content->canEdit())
		{
			$dm = $this->content->getDM();
			$dm->delete();
			$this->cleanContentCache();

			// Create route to redirect the user to
			$route = new vBCms_Route_Content();
			$route->node = $this->content->getParentId();
			$_REQUEST['do'] = '';
			throw (new vB_Exception_Reroute($route));
		}

		//When we come from the link to upgrade a blog post, blog, or forum post, the
		// router puts us here.
		$settings_for = $this->content->getSettingsForboth();
		$showfor_this = (((self::VIEW_PAGE == $viewtype)
			AND ($settings_for == 0)) OR ((self::VIEW_PREVIEW == $viewtype)
			AND ($settings_for == 2))) ? 0 : 1;

		$view->showtitle = (($showfor_this AND !$this->content->getShowTitle()))? 0 : 1;
		$view->showpreviewonly = (($showfor_this AND !$this->content->getShowPreviewonly()))? 0 : 1;
		$view->showuser = (($showfor_this AND !$this->content->getShowUser()))? 0 : 1;
		$view->showupdated = (($showfor_this AND !$this->content->getShowUpdated()))? 0 : 1;
		$view->showviewcount = (($showfor_this AND !$this->content->getShowViewcount()))? 0 : 1;
		$view->showpublishdate = (($showfor_this AND !$this->content->getShowPublishdate()))? 0 : 1;
		$view->lastupdated = $this->content->getLastUpdated();
		$showpreviewonly = (($showfor_this AND !$this->content->getShowPreviewonly()))? 0 : 1;

		parent::populateViewContent($view, $viewtype);

		$segments = array('node' => vBCms_Item_Content::buildUrlSegment($this->content->getNodeId(), $this->content->getUrl()), 'action' =>'view');
		$view->page_url =  vBCms_Route_Content::getURL($segments);

		if ($this->editing)
		{
			$view->pagetext = $this->content->getPageText();
		}
		else
		{
			$rendered = $this->content->getRendered($this->data_saved);
			$view->pagetext = $rendered['pages'][$this->parameters['page']];

			if ($this->content->canDownload())
			{
				$view->attachments = $rendered['attachments'];
				$view->showattachments = empty($rendered['viewinfo']) ? 0 : 1 ;


				if (!empty($rendered['viewinfo']))
				{
					foreach ($rendered['viewinfo'] as $key => $viewbit)
					{
						$view->$key = $viewbit;
					}
				}
			}

			$view->parenttitle = $this->content->getParentTitle();

			$view->showattachments = empty($view->attachments) ? 0 : 1 ;

			if (!empty($viewinfo))
			{
				foreach ($viewinfo as $key => $viewbit)
				{
					$view->$key = $viewbit;
				}
			}

			$view->pagelist = $rendered['pagelist'];
			$view->nodesegment = $this->content->getUrlSegment();
			$view->current_page = $this->parameters['page'];
			if ($this->content->canDownload())
			{
				$show['lightbox'] = (vB::$vbulletin->options['lightboxenabled'] AND vB::$vbulletin->options['usepopups']);
			}
		}

		// Only break pages for the page view
		if ((self::VIEW_PAGE == $viewtype) OR (self::VIEW_PREVIEW == $viewtype))
		{
			if (self::VIEW_PAGE == $viewtype)
			{
				if ($increment_count)
				{
					//update the view count
					vB::$vbulletin->db->query_write("UPDATE " . TABLE_PREFIX .
							"cms_nodeinfo set viewcount = viewcount + 1 where nodeid = " . $this->content->getNodeId());
				}

				//tagging code
				require_once DIR . '/includes/class_taggablecontent.php';
				$taggable = vB_Taggable_Content_Item::create(vB::$vbulletin, $this->content->getContentTypeId(),
					$this->content->getContentId(), $this->content);
				$view->tags = $taggable->fetch_rendered_tag_list();
				$view->tag_count = $taggable->fetch_existing_tag_count();
				$view->showtags = vB::$vbulletin->options['threadtagging'];

				// promoted threadid
				if ($promoted_threadid = $this->content->getThreadId())
				{
					if ($promoted_threadid = verify_id('thread', $promoted_threadid, false))
					{
						// get threadinfo
						$threadinfo = fetch_threadinfo($promoted_threadid);
						$forumperms = fetch_permissions($threadinfo['forumid']);
						$view->threadinfo = $threadinfo;
						// check permissions
						if ($threadinfo['visible'] != 1)
						{
							$promoted_threadid = false;
						}
						else if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canview'])
							OR !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canviewthreads'])
							OR (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canviewothers'])
								AND ($threadinfo['postuserid'] != vB::$vbulletin->userinfo['userid'] OR vB::$vbulletin->userinfo['userid'] == 0)
							))
						{
							$promoted_threadid = false;
						}
						else
						{
							// check forum password
							$foruminfo = fetch_foruminfo($threadinfo['forumid']);

							if ($foruminfo['password'] AND !verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false))
							{
								$promoted_threadid = false;
							}
						}

						$view->promoted_threadid = $promoted_threadid;
					}
				}

				// get pagelist for navigation
				$view->postitle = $this->content->getPostTitle();
				$view->poststarter = $this->content->getPostStarter();
				$view->postauthor = $this->content->getPostAuthor();
				$view->postid = ($this->content->getPostId());
				$view->threadid = $this->content->getThreadId();
				$view->blogpostid = ($this->content->getBlogPostId());
				$view->post_started = ($this->content->getPostStarted());
				$view->post_posted = ($this->content->getPostPosted());
				$view->promoted_blogid = $this->content->getBlogId();

				//make links to original post and/or blog if appropriate
				if ($view->promoted_blogid)
				{
					$view->blog_url = fetch_seo_url('blog',
						array('userid' => $this->content->getPostStarter(),
						'blog_title' => $this->content->getPostTitle()));
				}
				else if ($view->threadid)
				{
					$threadinfo = vB::$vbulletin->db->query_first("SELECT threadid, title FROM " .
						TABLE_PREFIX . "thread where threadid = " . $view->threadid);

					if ($threadinfo)
					{
						$post_url = fetch_seo_url('thread', $threadinfo);
						$post_url .= (strpos($post_url, '?' ) ? '&amp;p=' :  '?p=') . $view->postid .
							'#post' . $view->postid;
						$view->post_url = $post_url;
					}
				}

				$view->comment_count = $this->content->getReplyCount();
				$join_char = strpos($view->page_url,'?') ? '&amp;' : '?';
				$view->newcomment_url = $view->page_url . "#new_comment";
				$view->authorid = ($this->content->getUserId());
				$view->authorname = ($this->content->getUsername());
				$view->viewcount = ($this->content->getViewCount());
				$view->replycount = ($this->content->getReplyCount());
				$view->can_edit = ($this->content->canEdit() OR $this->content->canPublish()) ? 1 : 0;
				$view->parentid = $this->content->getParentId();

				// facebook options
				if (is_facebookenabled())
				{
					// display the like button for this article?
					$view->fblikebutton = construct_fblikebutton();
				}

				//check to see if there is an associated thread.
				if ($associatedthreadid = $this->content->getAssociatedThreadId()
					and $this->content->getComments_Enabled())
				{
					$comment_block = new vBCms_Comments();
					$view->comment_block = $comment_block->getPageView($this->content->getNodeId(),
						$view->page_url);
				}
			}
			else if (self::VIEW_PREVIEW == $viewtype)
			{
				if ($showpreviewonly)
				{
					$view->previewtext = $this->content->getPreviewText();
					$view->preview_chopped = 1;
				}
				else
				{
					$view->previewtext = $view->pagetext;

					if (count($view->pagelist) > 1)
					{
						$view->preview_chopped = 1;
					}
				}

				$segments = array('node' => $this->content->getNodeId() . '-' . $this->content->getUrl(), 'action' =>'edit');
				$view->edit_url =  vBCms_Route_Content::getURL($segments) ;
				$view->read_more_phrase = new vB_Phrase('vbcms', 'read_more');
				$view->parenttitle = $this->content->getParentTitle();
				$view->pagetext = $pagetext;
				$view->setpublish = $view->published = $this->content->getPublished();
				$view->publishdate = $this->content->getPublishDateLocal();
				$view->promoted_blogid = $this->content->getBlogId();
				$view->comment_count = $this->content->getReplyCount();
				$join_char = strpos($view->page_url,'?') ? '&amp;' : '?';
				$view->newcomment_url = $view->page_url . "#new_comment";
				$view->authorid = ($this->content->getUserId());
				$view->authorname = ($this->content->getUsername());
				$view->viewcount = ($this->content->getViewCount());
				$view->replycount = ($this->content->getReplyCount());
				$view->postid = ($this->content->getPostId());
				$view->blogpostid = $this->content->getBlogPostId();
				$view->can_edit = ($this->content->canEdit() OR $this->content->canPublish()) ? 1 : 0;
				$view->parentid = $this->content->getParentId();
				$view->post_started = $this->content->getPostStarted();
				$view->post_posted = $this->content->getPostPosted();


				//We need to check rights. If this user doesn't have download rights we hide the image.
				if ($this->content->canDownload())
				{
					if ($view->previewimage= $this->content->getPreviewImage())
					{
						$view->imagewidth= $this->content->getImageWidth();
						$view->imageheight= $this->content->getImageHeight();
					}

					if ($view->previewvideo= $this->content->getPreviewVideo())
					{
						$view->haspreviewvideo = true;
					}
				}
				else
				{
					$view->previewimage = false;
					$view->previewvideo = false;
				}

				if (($associatedthreadid = $this->content->getAssociatedThreadId())
					AND $this->content->getComments_Enabled() AND intval($this->content->getReplyCount()) > 0)
				{
					$view->echo_comments = 1;
					$view->comment_count = $this->content->getReplyCount();
				}
				else
				{
					$view->echo_comments = 0;
					$view->comment_count = 0;
				}
			}
		}

		//If this was promoted from a blog or post, we need to verify the permissions.
		if (intval($view->blogpostid))
		{
			$view->can_view_post =
				(!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) ?
				0 : 1 ;
		}
		else if (intval($view->postid))
		{
			$user = new vB_Legacy_CurrentUser();
			if ($post = vB_Legacy_Post::create_from_id($view->postid))
			{
				$view->can_view_post = $post->can_view($user) ? 1 : 0;
			}
		}

		$view->poststarter = array('userid' => $this->content->getPostStarter(),
			'username' => $this->content->getPostAuthor());
		$view->setpublish = $this->content->getSetPublish();
		$view->publishdate = $this->content->getPublishDate();
		$view->published = $this->content->getPublished() ?
			1 : 0;

		$view->publishdatelocal = vbdate(vB::$vbulletin->options['dateformat'], $this->content->getPublishDate());
		$view->publishtimelocal = vbdate( vB::$vbulletin->options['timeformat'], $this->content->getPublishDate() );

		//Get links to the author, section, and categories search pages
		//categories- this comes as an array
		$view->categories = $this->content->getCategories();
		$route_info = 'author/' . $this->content->getUserid() .
			($this->content->getUsername() != '' ? '-' . str_replace(' ', '-',
				vB_Search_Searchtools::stripHtmlTags($this->content->getUsername())) : '');
		$view->author_url = vB_Route::create('vBCms_Route_List', "$route_info/1")->getCurrentURL();

		// prepare the member action drop-down menu
		$view->memberaction_dropdown = construct_memberaction_dropdown(fetch_userinfo($this->content->getUserId()));

		//Section
		$route_info = 'section/' .$this->content->getParentId() .
			($this->content->getParentURLSegment() != '' ? '-' . str_replace(' ', '-',
				vB_Search_Searchtools::stripHtmlTags($this->content->getParentURLSegment())) : '');
		$view->section_list_url = vB_Route::create('vBCms_Route_List', "$route_info")->getCurrentURL();
		//and the content
		$route_info = $this->content->getParentId() .
			($this->content->getParentURLSegment() != '' ? '-' . str_replace(' ', '-',
				vB_Search_Searchtools::stripHtmlTags($this->content->getParentURLSegment())) : '');
		$view->section_url = vB_Route::create('vBCms_Route_Content', $route_info)->getCurrentURL();

		$view->html_title = $this->content->getHtmlTitle();
		$view->title = $this->content->getTitle();
		$view->contenttypeid = vB_Types::instance()->getContentTypeID("vBCms_Article");
		$view->dateformat = vB::$vbulletin->options['dateformat'];
		$view->showrating = $this->content->getShowRating();
		($hook = vBulletinHook::fetch_hook('vbcms_article_populate_end')) ? eval($hook) : false;
		$this->content->cacheNow();
		return $view;
	}
Exemple #11
0
function handle_attach($action, $attributes, $content, $params, $node_object)
{
    global $vbulletin, $fr_platform, $db, $contenttype, $images, $nuke_quotes;
    if ($action == 'validate') {
        return true;
    }
    if (!is_numeric($content)) {
        return $content;
    }
    $attachmentid = intval($content);
    if ($fr_platform == 'vb40') {
        $_REQUEST['attachmentid'] = $attachmentid;
        if (!($attach =& vB_Attachment_Display_Single_Library::fetch_library($vbulletin, $contenttype, true, $attachmentid))) {
            return '';
        }
        $result = $attach->verify_attachment();
        if ($result !== true) {
            return '';
        }
        $url = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachmentid;
        if (!$nuke_quotes) {
            $images[] = $url;
        }
        return "<img src=\"{$url}\"/>";
    } else {
        if ($fr_platform == 'vb38' || $fr_platform == 'vb37' || $fr_platform == 'vb36') {
            if (!($attachmentinfo = $db->query_first_slave("\n\t    SELECT filename, attachment.postid, attachment.userid, attachmentid, attachment.extension,\n\t    " . (!empty($vbulletin->GPC['thumb']) ? 'thumbnail_dateline AS dateline, thumbnail_filesize AS filesize,' : 'attachment.dateline, filesize,') . "\n\t    attachment.visible, attachmenttype.newwindow, mimetype, thread.forumid, thread.threadid, thread.postuserid,\n\t    post.visible AS post_visible, thread.visible AS thread_visible\n\t    {$hook_query_fields}\n\t    FROM " . TABLE_PREFIX . "attachment AS attachment\n\t    LEFT JOIN " . TABLE_PREFIX . "attachmenttype AS attachmenttype ON (attachmenttype.extension = attachment.extension)\n\t    LEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = attachment.postid)\n\t    LEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (post.threadid = thread.threadid)\n\t    {$hook_query_joins}\n\t    WHERE " . ($vbulletin->GPC['postid'] ? "attachment.postid = " . $vbulletin->GPC['postid'] : "attachmentid = " . $attachmentid) . "\n\t    {$hook_query_where}\n\t    "))) {
                return '';
            }
            if ($attachmentinfo['postid'] == 0) {
                // Attachment that is in progress but hasn't been finalized
                if ($vbulletin->userinfo['userid'] != $attachmentinfo['userid'] and !can_moderate($attachmentinfo['forumid'], 'caneditposts')) {
                    // Person viewing did not upload it
                    return '';
                }
                // else allow user to view the attachment (from the attachment manager for example)
            } else {
                $forumperms = fetch_permissions($attachmentinfo['forumid']);
                $threadinfo = array('threadid' => $attachmentinfo['threadid']);
                // used for session.inthread
                $foruminfo = array('forumid' => $attachmentinfo['forumid']);
                // used for session.inforum
                # Block attachments belonging to soft deleted posts and threads
                if (!can_moderate($attachmentinfo['forumid']) and ($attachmentinfo['post_visible'] == 2 or $attachmentinfo['thread_visible'] == 2)) {
                    return '';
                }
                # Block attachments belonging to moderated posts and threads
                if (!can_moderate($attachmentinfo['forumid'], 'canmoderateposts') and ($attachmentinfo['post_visible'] == 0 or $attachmentinfo['thread_visible'] == 0)) {
                    return '';
                }
                $viewpermission = $forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'];
                $viewthumbpermission = ($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'] or $forumperms & $vbulletin->bf_ugp_forumpermissions['canseethumbnails']);
                if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($attachmentinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
                    return '';
                } else {
                    if ($vbulletin->GPC['thumb'] and !$viewthumbpermission or !$vbulletin->GPC['thumb'] and !$viewpermission) {
                        return '';
                    }
                }
                // check if there is a forum password and if so, ensure the user has it set
                verify_forum_password($attachmentinfo['forumid'], $vbulletin->forumcache["{$attachmentinfo['forumid']}"]['password']);
                if (!$attachmentinfo['visible'] and !can_moderate($attachmentinfo['forumid'], 'canmoderateattachments') and $attachmentinfo['userid'] != $vbulletin->userinfo['userid']) {
                    print_no_permission();
                }
            }
            $url = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachmentid;
            if (!$nuke_quotes) {
                $images[] = $url;
                return "<img src=\"{$url}\"/>";
            } else {
                return '';
            }
        } else {
            return '';
        }
    }
}
Exemple #12
0
	/**
	 * Fetches the array of posts
	 *
	 * @return array				- the post information
	 */
	private function getPosts()
	{
		require_once DIR . "/includes/functions_user.php";
		require_once DIR . "/includes/class_bbcode.php";
		$datecut = TIMENOW - ($this->config['days'] * 86400);

		if (empty(vB::$vbulletin->userinfo['forumpermissions']))
		{
			require_once DIR . "/includes/functions.php";
			cache_permissions($userinfo);
		}
		$postarray = array();
		//we have some existing settings with config['forumchoice'] set to 0=> ''; That's no good
		if (empty($this->config['forumchoice']))
		{
			$this->config['forumchoice'] = array();
		}
		else if (is_array($this->config['forumchoice']) AND ($this->config['forumchoice'][0] == '') )
		{
			unset($this->config['forumchoice'][0]);
		}

		if (is_array($this->config['forumchoice']) AND in_array('subscribed', $this->config['forumchoice']))
		{
			$subscribejoin = " LEFT JOIN " . TABLE_PREFIX .	"subscribeforum AS subscribeforum
				ON (subscribeforum.forumid = forum.forumid AND subscribeforum.userid = " . vB::$vbulletin->userinfo['userid'] .
			" ) ";
		}
		else
		{
			$subscribejoin = '';

		}
		$forumids = array_keys(vB::$vbulletin->forumcache);
		foreach ($forumids AS $forumid)
		{
			$forumperms =& vB::$vbulletin->userinfo['forumpermissions']["$forumid"];
			if ($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canview']
				AND ($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canviewothers'])
				AND (($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canviewthreads']))
				AND verify_forum_password($forumid, vB::$vbulletin->forumcache["$forumid"]['password'], false)
				)
			{
					//Don't include the comments forum.
				if (vB::$vbulletin->options['vbcmsforumid'] AND (intval(vB::$vbulletin->options['vbcmsforumid']) == intval($forumid)))
				{
					continue;
				}
				//Or, if the user selected forums, anything not on the list.
				else if (! empty($this->config['forumchoice']) AND !in_array($forumid, $this->config['forumchoice']))
				{
					continue;
				}
				$forumchoice[] = $forumid;
			}
		}

		if (!empty($forumchoice) )
		{
			$forumsql = " AND (" . (empty($subscribejoin) ? '' : "subscribeforum.forumid IS NOT NULL OR ") . " thread.forumid IN(" . implode(',', $forumchoice) . ")";
			$associatedthread = (vB::$vbulletin->options['vbcmsforumid'] ?
					" AND (thread.forumid <> " . vB::$vbulletin->options['vbcmsforumid'] . ") )" : '');
		}
		else if (! empty($subscribejoin))
		{
			$forumsql = " AND subscribeforum.forumid IS NOT NULL ";
		}
		else
		{
			return $postarray;
		}

		$posts = vB::$vbulletin->db->query_read_slave($sql = "
			SELECT post.dateline, post.pagetext, post.allowsmilie, post.postid,
				thread.threadid, thread.title, thread.prefixid, post.attach, thread.replycount,
				forum.forumid, post.title AS posttitle, post.dateline AS postdateline,
				user.userid, user.username
				" . (vB::$vbulletin->options['avatarenabled'] ? ",avatar.avatarpath,
				(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,
				customavatar.width AS avwidth,customavatar.height AS avheight" : "") .
		 "	FROM " . TABLE_PREFIX . "post AS post
			JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = post.threadid)
			JOIN " . TABLE_PREFIX . "forum AS forum ON(forum.forumid = thread.forumid)
			LEFT JOIN " . TABLE_PREFIX . "user AS user ON (post.userid = user.userid)
			" . (vB::$vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "
			$subscribejoin
			WHERE 1=1
				$forumsql
				$associatedthread
				AND thread.visible = 1
				AND post.visible = 1
				AND thread.open <> 10
				AND post.dateline > $datecut
				$globalignore
				" . ($this->userinfo['ignorelist'] ? "AND post.userid NOT IN (" . implode(',', explode(' ', $this->userinfo['ignorelist'])) . ")": '') . "
			ORDER BY post.dateline DESC
			LIMIT 0," . intval($this->config['count']) . "
		");

		$parser = new vB_BbCodeParser(vB::$vbulletin, fetch_tag_list());
		$optionval = vB::$vbulletin->bf_misc_forumoptions['allowhtml'];
		while ($post = vB::$vbulletin->db->fetch_array($posts))
		{
			$post['title'] = fetch_trimmed_title($post['title'], $this->config['newposts_titlemaxchars']);

			$allow_html = ((vB::$vbulletin->forumcache[$post['forumid']]['options'] & $optionval) AND $this->config['allow_html'] ? 1 : 0);
			$post['previewtext'] = fetch_censored_text($parser->get_preview($post['pagetext'], $this->default_previewlen, $allow_html));
			$post['pagetext'] = fetch_censored_text($parser->do_parse($post['pagetext'], $allow_html));

			$post['url'] = fetch_seo_url('thread', $post, array('p' => $post['postid'])) . '#post' . $post['postid'];
			$post['newposturl'] = fetch_seo_url('thread', $post, array('goto' => 'newpost'));
			$post['date'] = vbdate(vB::$vbulletin->options['dateformat'], $post['dateline'], true);
			$post['time'] = vbdate(vB::$vbulletin->options['timeformat'], $post['dateline']);

			if (intval($post['userid']) AND vB::$vbulletin->options['avatarenabled'])
			{
				$avatar = fetch_avatar_from_record($post);
			}
			else
			{
				$avatar = false;
			}

			$post['avatarurl'] = isset($avatar[0]) ? $avatar[0] : false;
			unset($avatar);
			$postarray[$post['postid']] = $post;
		}

		return $postarray;

	}
Exemple #13
0
function do_get_forum_data()
{
    global $vbulletin, $db, $show, $vbphrase;
    $vbulletin->input->clean_array_gpc('r', array('forumids' => TYPE_STR));
    if (!$vbulletin->GPC['forumids'] || strlen($vbulletin->GPC['forumids']) == 0) {
        return array('forums' => array());
    }
    cache_ordered_forums(1, 1);
    $forumids = split(',', $vbulletin->GPC['forumids']);
    $forum_data = array();
    foreach ($forumids as $forumid) {
        $foruminfo = fetch_foruminfo($forumid);
        $type = 'old';
        if (is_array($foruminfo) and !empty($foruminfo['link'])) {
            // see if it is a redirect
            $type = 'link';
        } else {
            if ($vbulletin->userinfo['lastvisitdate'] == -1) {
                $type = 'new';
            } else {
                if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
                    $userlastvisit = !empty($foruminfo['forumread']) ? $foruminfo['forumread'] : TIMENOW - $vbulletin->options['markinglimit'] * 86400;
                } else {
                    $forumview = intval(fetch_bbarray_cookie('forum_view', $foruminfo['forumid']));
                    //use which one produces the highest value, most likely cookie
                    $userlastvisit = $forumview > $vbulletin->userinfo['lastvisit'] ? $forumview : $vbulletin->userinfo['lastvisit'];
                }
                if ($foruminfo['lastpost'] and $userlastvisit < $foruminfo['lastpost']) {
                    $type = 'new';
                } else {
                    $type = 'old';
                }
            }
        }
        // If this forum has a password, check to see if we have
        // the proper cookie.  If so, don't prompt for one
        $password = false;
        if ($foruminfo['password']) {
            $pw_ok = verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false);
            if (!$pw_ok) {
                $password = true;
            }
        }
        $out = array('id' => $foruminfo['forumid'], 'new' => $type == 'new' ? true : false, 'name' => prepare_utf8_string(strip_tags($foruminfo['title'])), 'password' => $password);
        $icon = fr_get_forum_icon($foruminfo['forumid'], $foruminfo == 'new');
        if ($icon) {
            $out['icon'] = $icon;
        }
        if ($foruminfo['link'] != '') {
            $link = fr_fix_url($foruminfo['link']);
            if (is_int($link)) {
                $out['id'] = $link;
            } else {
                $out['link'] = $link;
            }
            $linkicon = fr_get_forum_icon($foruminfo['forumid'], false, true);
            if ($linkicon) {
                $out['icon'] = $linkicon;
            }
        }
        if ($foruminfo['description'] != '') {
            $desc = prepare_utf8_string(strip_tags($foruminfo['description']));
            if (strlen($desc) > 0) {
                $out['desc'] = $desc;
            }
        }
        $forum_data[] = $out;
    }
    return array('forums' => $forum_data);
}
Exemple #14
0
function do_get_announcement()
{
    global $vbulletin, $db, $foruminfo;
    if (empty($foruminfo['forumid'])) {
        json_error(ERR_INVALID_FORUM);
    }
    $usesmilies = false;
    // begin vbulletin
    $forumlist = '';
    if ($announcementinfo['forumid'] > -1 or $vbulletin->GPC['forumid']) {
        $foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 1, 1);
        $curforumid = $foruminfo['forumid'];
        $forumperms = fetch_permissions($foruminfo['forumid']);
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
            json_error(ERR_NO_PERMISSION);
        }
        // check if there is a forum password and if so, ensure the user has it set
        verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
        $forumlist = fetch_forum_clause_sql($foruminfo['forumid'], 'announcement.forumid');
    } else {
        if (!$announcementinfo['announcementid']) {
            json_error(ERR_INVALID_ANNOUNCEMENT);
        }
    }
    $hook_query_fields = $hook_query_joins = $hook_query_where = '';
    $announcements = $db->query_read_slave("\n\t\tSELECT announcement.announcementid, announcement.announcementid AS postid, startdate, enddate, announcement.title, pagetext, announcementoptions, views, announcement.pagetext,\n\t\t\tuser.*, userfield.*, usertextfield.*,\n\t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t" . ($vbulletin->userinfo['userid'] ? ", NOT ISNULL(announcementread.announcementid) AS readannouncement" : "") . "\n\t\t\t{$hook_query_fields}\n\t\tFROM  " . TABLE_PREFIX . "announcement AS announcement\n\t\t" . ($vbulletin->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "announcementread AS announcementread ON(announcementread.announcementid = announcement.announcementid AND announcementread.userid = " . $vbulletin->userinfo['userid'] . ")" : "") . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = announcement.userid)\n\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid=user.avatarid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid=announcement.userid)" : "") . "\n\t\t{$hook_query_joins}\n\t\tWHERE\n\t\t\t" . ($vbulletin->GPC['announcementid'] ? "announcement.announcementid = " . $vbulletin->GPC['announcementid'] : "startdate <= " . TIMENOW . " AND enddate >= " . TIMENOW . " " . (!empty($forumlist) ? "AND {$forumlist}" : "")) . "\n\t\t\t{$hook_query_where}\n\t\tORDER BY startdate DESC, announcementid DESC\n\t");
    if ($db->num_rows($announcements) == 0) {
        // no announcements
        json_error(ERR_INVALID_ANNOUNCEMENT);
    }
    if (!$vbulletin->options['oneannounce'] and $vbulletin->GPC['announcementid'] and !empty($forumlist)) {
        $anncount = $db->query_first_slave("\n\t\t\tSELECT COUNT(*) AS total\n\t\t\tFROM " . TABLE_PREFIX . "announcement AS announcement\n\t\t\tWHERE startdate <= " . TIMENOW . "\n\t\t\t\tAND enddate >= " . TIMENOW . "\n\t\t\t\tAND {$forumlist}\n\t\t");
        $anncount['total'] = intval($anncount['total']);
        $show['viewall'] = $anncount['total'] > 1 ? true : false;
    } else {
        $show['viewall'] = false;
    }
    require_once DIR . '/includes/class_postbit.php';
    $show['announcement'] = true;
    $counter = 0;
    $anncids = array();
    $announcebits = '';
    $announceread = array();
    $postbit_factory = new vB_Postbit_Factory();
    $postbit_factory->registry =& $vbulletin;
    $postbit_factory->forum =& $foruminfo;
    $postbit_factory->cache = array();
    $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
    while ($post = $db->fetch_array($announcements)) {
        $postbit_obj =& $postbit_factory->fetch_postbit('announcement');
        $post['counter'] = ++$counter;
        $postbit_obj->construct_postbit($post);
        $anncids[] = $post['announcementid'];
        $announceread[] = "({$post['announcementid']}, " . $vbulletin->userinfo['userid'] . ")";
        // FRNR start
        $fr_images = array();
        $docattach = array();
        // Attachments (images).
        if (is_array($post['attachments']) && count($post['attachments']) > 0) {
            foreach ($post['attachments'] as $attachment) {
                $lfilename = strtolower($attachment['filename']);
                if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
                    $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']);
                    if ($vbulletin->options['attachthumbs']) {
                        $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1';
                    }
                    $fr_images[] = $tmp;
                }
                if (strpos($lfilename, '.pdf') !== false) {
                    $docattach[] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'];
                }
            }
        }
        // Parse the post for quotes and inline images
        list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $usesmilies, $attachments);
        if (count($fr_images) > 0) {
            $text .= "<br/>";
            foreach ($fr_images as $attachment) {
                $text .= "<img src=\"{$attachment['img']}\"/>";
            }
        }
        foreach ($images as $image) {
            $fr_images[] = array('img' => $image);
        }
        // Avatar work
        $avatarurl = '';
        if ($post['avatarurl']) {
            $avatarurl = process_avatarurl($post['avatarurl']);
        }
        $tmp = array('username' => prepare_utf8_string(strip_tags($post['username'])), 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'text' => $text, 'post_timestamp' => prepare_utf8_string(date_trunc($post['startdate'])), 'fr_images' => $fr_images);
        if ($avatarurl != '') {
            $tmp['avatarurl'] = $avatarurl;
        }
        $posts_out[] = $tmp;
    }
    if (!empty($anncids)) {
        $db->shutdown_query("\n\t\t\tUPDATE " . TABLE_PREFIX . "announcement\n\t\t\tSET views = views + 1\n\t\t\tWHERE announcementid IN (" . implode(', ', $anncids) . ")\n\t\t");
        if ($vbulletin->userinfo['userid']) {
            $db->shutdown_query("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "announcementread\n\t\t\t\t\t(announcementid, userid)\n\t\t\t\tVALUES\n\t\t\t\t\t" . implode(', ', $announceread) . "\n\t\t\t");
        }
    }
    if (!is_array($posts_out)) {
        $posts_out = array();
    }
    return array('posts' => $posts_out, 'total_posts' => count($posts_out));
}
Exemple #15
0
 public function verify_ui_permissions()
 {
     global $vbulletin;
     if (!$vbulletin->options['threadtagging']) {
         print_no_permission();
     }
     global $vbphrase;
     $threadinfo = $this->fetch_content_info();
     // *********************************************************************************
     // check for visible / deleted thread
     if (!$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'])) {
         eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $this->registry->options['contactuslink'])));
     }
     // *********************************************************************************
     // jump page if thread is actually a redirect
     if ($threadinfo['open'] == 10) {
         $destthreadinfo = fetch_threadinfo($threadinfo['pollid']);
         exec_header_redirect('thread|js', $destthreadinfo);
     }
     // *********************************************************************************
     // Tachy goes to coventry
     if (in_coventry($threadinfo['postuserid']) and !can_moderate($threadinfo['forumid'])) {
         eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $this->registry->options['contactuslink'])));
     }
     // *********************************************************************************
     // get forum info
     $foruminfo = fetch_foruminfo($threadinfo['forumid']);
     // *********************************************************************************
     // check forum permissions
     $forumperms = fetch_permissions($threadinfo['forumid']);
     if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canview']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'])) {
         print_no_permission();
     }
     if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $this->registry->userinfo['userid'] or $this->registry->userinfo['userid'] == 0)) {
         print_no_permission();
     }
     // *********************************************************************************
     // check if there is a forum password and if so, ensure the user has it set
     verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
     //		return $show;
 }
Exemple #16
0
		$forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")";
	}
	else
	{
		$forumsql = "";
	}
}
else
{
	foreach (array_keys($vbulletin->forumcache) AS $forumid)
	{
		$forumperms =& $vbulletin->userinfo['forumpermissions']["$forumid"];
		if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']
			AND ($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])
			AND (($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) OR in_array($vbulletin->GPC['type'], array('JS', 'XML'))) // JS/XML only shows titles
			AND verify_forum_password($forumid, $vbulletin->forumcache["$forumid"]['password'], false)
		)
		{
			$forumchoice[] = $forumid;
		}
	}

	if (!empty($forumchoice))
	{
		$forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")";
	}
	else
	{
		$forumsql = "";
	}
}
Exemple #17
0
function construct_online_bit($userinfo, $doall = 0)
{
	global $vbulletin, $limitlower, $limitupper, $vbphrase, $ipclass, $show;
	global $wol_album, $wol_attachment, $wol_calendar, $wol_event, $wol_inf, $wol_pm, $wol_post,
		$wol_search, $wol_socialgroup, $wol_thread, $wol_user;
	static $count;

	$count++;
	$show['nopermission'] = false;
	$show['lockedout'] = false;
	$show['errormessage'] = false;

	if ($doall == 1 AND ($count > $limitupper OR $count < $limitlower))
	{
		return '';
	}

	if ($userinfo['attachmentid'])
	{
		$postid = $wol_attachment["$userinfo[attachmentid]"];
	}
	else
	{
		$postid = $userinfo['postid'];
	}
	if ($postid)
	{
		$threadid = $wol_post["$postid"];
	}
	else
	{
		$threadid = $userinfo['threadid'];
	}
	$forumid = $userinfo['forumid'];
	$calendarid = $userinfo['calendarid'];
	$eventid = $userinfo['eventid'];
	$searchid = $userinfo['searchid'];
	$groupid = $userinfo['socialgroupid'];
	$albumid = $userinfo['albumid'];

	if ($albumid)
	{
		require_once(DIR . '/includes/functions_album.php');
		$albumname = fetch_censored_text($wol_album["$albumid"]['title']);
		$canviewalbum = true;
		if ($wol_album["$albumid"]['state'] == 'profile' AND !can_view_profile_albums($wol_album["$albumid"]['userid']))
		{
			$canviewalbum = false;
		}
		else if ($wol_album["$albumid"]['state'] == 'private' AND !can_view_private_albums($wol_album["$albumid"]['userid']))
		{
			$canviewalbum = false;
		}
	}

	if ($groupid)
	{
		$groupname = fetch_censored_text($wol_socialgroup["$groupid"]['name']);
		$canviewgroup = true;
	}

	if ($searchid)
	{
		$searchquery = $wol_search["$searchid"]['query'];
		$searchuser = $wol_search["$searchid"]['searchuser'];
		$searchuserid = $wol_search["$searchid"]['userid'];
	}
	if (!$forumid AND isset($wol_thread["$threadid"]['forumid']))
	{
		$forumid = $wol_thread["$threadid"]['forumid'];
	}
	else if (!$forumid AND isset($wol_thread["$wol_post[$postid]"]['forumid']))
	{
		$forumid = $wol_thread["$wol_post[$postid]"]['forumid'];
	}
	$threadtitle = fetch_censored_text($wol_thread["$threadid"]['title']);
	$threadprefix = ($wol_thread["$threadid"]['prefixid'] ? $vbphrase['prefix_' . $wol_thread["$threadid"]['prefixid'] . '_title_rich'] . ' ' : '');
	$canview = $vbulletin->userinfo['forumpermissions']["$forumid"] & $vbulletin->bf_ugp_forumpermissions['canview'];
	$canviewothers = $vbulletin->userinfo['forumpermissions']["$forumid"] & $vbulletin->bf_ugp_forumpermissions['canviewothers'];
	$canviewthreads = $vbulletin->userinfo['forumpermissions']["$forumid"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads'];
	$postuserid = $wol_thread["$threadid"]['postuserid'];
	$forumtitle = $vbulletin->forumcache["$forumid"]['title'];
	$threadpreview = $wol_thread["$threadid"]['preview'];

	if (!$calendarid AND isset($wol_event["$eventid"]['calendarid']))
	{
		$calendarid = $wol_event["$eventid"]['calendarid'];
	}
	$eventtitle = htmlspecialchars_uni($wol_event["$eventid"]['title']);
	$eventpostuserid = $wol_event["$eventid"]['postuserid'];
	$calendartitle = $wol_calendar["$calendarid"];
	$canviewcalendar = $vbulletin->userinfo['calendarpermissions']["$calendarid"] & $vbulletin->bf_ugp_calendarpermissions['canviewcalendar'];
	$canviewothersevent = $vbulletin->userinfo['calendarpermissions']["$calendarid"] & $vbulletin->bf_ugp_calendarpermissions['canviewothersevent'];

	if (($wol_thread["$threadid"]['isdeleted'] OR !$wol_thread["$threadid"]['visible']) AND !can_moderate($forumid))
	{
		$threadviewable = 0;
	}
	else
	{
		$threadviewable = 1;
	}

	if ($threadviewable AND $threadtitle AND $canview AND ($canviewothers OR $postuserid == $vbulletin->userinfo['userid']) AND verify_forum_password($forumid, $vbulletin->forumcache["$forumid"]['password'], false))
	{
		$seetitle = 1;
	}
	if ($forumtitle AND ($canview OR $vbulletin->forumcache["$forumid"]['showprivate'] > 1 OR (!$vbulletin->forumcache["$forumid"]['showprivate'] AND $vbulletin->options['showprivateforums'])))
	{
		$seeforum = 1;
	}
	if ($eventtitle AND $canviewcalendar AND ($canviewothersevent OR $eventpostuserid == $vbulletin->userinfo['userid']))
	{
		$seeevent = 1;
	}
	if ($calendartitle AND $canviewcalendar)
	{
		$seecalendar = 1;
	}
	if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'])
	{
		if ($userinfo['pmid'])
		{
			$seeuserid = $wol_pm["$userinfo[pmid]"];
		}
		else if ($userinfo['searchid'])
		{
			$seeuserid = $wol_search["$searchid"]['targetuserid'];
		}
		else if ($userinfo['infractionid'])
		{
			$seeuserid = $wol_inf["$userinfo[infractionid]"]['userid'];
		}
		else
		{
			$seeuserid = $userinfo['targetuserid'];
		}
		$username = $wol_user["$seeuserid"]['musername'];
	}

	if (strpos($userinfo['location'], 'route:') === 0)
	{
		$handled = false;

		$location = substr($userinfo['location'], strlen('route:'));
		$location = explode('|', $location);

		if (sizeof($location) == 4)
		{
			try
			{
				if (!defined('VB_FRAMEWORK'))
				{
					require_once(DIR . '/includes/class_bootstrap_framework.php');
					vB_Bootstrap_Framework::init();
				}

				list($route_path, $phrasegroup, $phrasekey, $title) = $location;
				$route_path = urldecode($route_path);
				$title = urldecode($title);
				$route = vB_Router::createRoute($route_path);

				$userinfo['action'] = new vB_Phrase($phrasegroup, $phrasekey);
				$userinfo['where'] = '<a href="' . $route->getCurrentUrl() . '">' . htmlspecialchars_uni($title) . '</a>';

				if (vB::$vbulletin->session->vars['sessionhash'])
				{
					$userinfo['where'] .= '&amp;s=' . vB::$vbulletin->session->vars['sessionhash'];
				}

				$handled = true;
			}
			catch (vB_Exception $e){}
		}
	}

	if (!$handled)
	{
		switch($userinfo['activity'])
		{
			case 'visitormessage_posting':
				$userinfo['action'] = $vbphrase['posting_visitor_message'];
				break;
			case 'visitormessage_delete':
				$userinfo['action'] = $vbphrase['deleting_visitor_message'];
				break;
			case 'viewingipaddress':
				$userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</b></i>';
				if (can_moderate())
				{
					$userinfo['action'] = $vbphrase['viewing_ip_address'];
				}
				break;
			case 'visitormessage_reporting':
				$userinfo['action'] = $vbphrase['reporting_visitor_message'];
				break;

			case 'posthistory':
				$userinfo['action'] = $vbphrase['viewing_post_history'];
				if ($seetitle)
				{
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title']), array('p' => $postid)) . "#post$postid\" title=\"$threadpreview\">$threadtitle</a>";
				}
				break;

			case 'tags':
				$userinfo['action'] = $vbphrase['managing_tags'];
				break;

			case 'tag_list':
				$userinfo['action'] = $vbphrase['viewing_tag_list'];
				break;

			case 'socialgroups_join':
				$userinfo['action'] = $vbphrase['joining_social_group'];
				if ($canviewgroup)
				{
					$userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid=$groupid\">$groupname</a>";
				}
				break;
			case 'socialgroups_leave':
				$userinfo['action'] = $vbphrase['leaving_social_group'];
				if ($canviewgroup)
				{
					$userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid=$groupid\">$groupname</a>";
				}
				break;
			case 'socialgroups_edit':
				$userinfo['action'] = $vbphrase['editing_social_group'];
				if ($canviewgroup)
				{
					$userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid=$groupid\">$groupname</a>";
				}
				break;
			case 'socialgroups_view':
				$userinfo['action'] = $vbphrase['viewing_social_group'];
				if ($canviewgroup)
				{
					$userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid=$groupid\">$groupname</a>";
				}
				break;
			case 'socialgroups_memberlist':
				$userinfo['action'] = $vbphrase['viewing_social_group_memberlist'];
				if ($canviewgroup)
				{
					$userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewmembers&amp;groupid=$groupid\">$groupname</a>";
				}
				break;
			case 'socialgroups_delete':
				$userinfo['action'] = $vbphrase['deleting_social_group'];
				if ($canviewgroup)
				{
					$userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewmembers&amp;groupid=$groupid\">$groupname</a>";
				}
				break;
			case 'socialgroups_create':
				$userinfo['action'] = $vbphrase['creating_social_group'];
				break;
			case 'socialgroups_list':
				$userinfo['action'] = $vbphrase['viewing_social_group_list'];
				if ($canviewgroup)
				{
					$userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid=$groupid\">$groupname</a>";
				}
				break;
			case 'socialgroups_subscriptions':
				$userinfo['action'] = $vbphrase['viewing_social_group_subscriptions'];
				break;

			case 'group_inlinemod':
				$userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
				break;
			case 'showthread':
				$userinfo['action'] = $vbphrase['viewing_thread'];
				if ($seetitle)
				{
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>";
				}
				break;
			case 'showpost':
				$userinfo['action'] = $vbphrase['viewing_thread'];
				if ($seetitle)
				{
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title']), array('p' => $postid)) . "#post$postid\" title=\"$threadpreview\">$threadtitle</a>";
				}
				break;
			case 'forumdisplay':
				$userinfo['action'] = $vbphrase['viewing_forum'];
				if ($seeforum)
				{
					if ($vbulletin->forumcache["$forumid"]['link'])
					{
						$userinfo['action'] = $vbphrase['followed_forum_link'];
					}
					$userinfo['where'] = '<a href="' . fetch_seo_url('forum', array('forumid' => $forumid, 'title' => $forumtitle)) . "\">$forumtitle</a>";
				}
				break;
			case 'newthread':
				$userinfo['action'] = $vbphrase['creating_thread'];
				if ($seeforum)
				{
					$userinfo['where'] = '<a href="' . fetch_seo_url('forum', array('forumid' => $forumid, 'title' => $forumtitle)) . "\">$forumtitle</a>";
				}
				break;
			case 'newreply':
				$userinfo['action'] = $vbphrase['replying_to_thread'];
				if ($seetitle)
				{
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>";
				}
				break;
			case 'attachments':
			case 'manageattachment':
				$userinfo['action'] = $vbphrase['managing_attachments'];
				break;
			case 'attachment':
				$userinfo['action'] = $vbphrase['viewing_attachment'];
				break;
			case 'index':
				$userinfo['action'] = $vbphrase['viewing_index'];
				$userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . '</a>';
				break;
			case 'online':
				$userinfo['action'] = $vbphrase['viewing_whos_online'];
				break;
			case 'searchnew':
				$userinfo['action'] = $vbphrase['viewing_new_posts'];
				$userinfo['where'] = '<a href="search.php?' . $vbulletin->session->vars['sessionurl'] . "do=getnew\">$vbphrase[new_posts]</a>";
				break;
			case 'search':
				$userinfo['action'] = $vbphrase['searching_forums'];
				if ($searchid AND $vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'])
				{
					if ($searchquery)
					{
						$userinfo['where'] = construct_phrase($vbphrase['query_x'], htmlspecialchars_uni($searchquery));
					}
					if ($searchuser AND $wol_search["$searchid"]['targetuserid'])
					{
						if ($searchquery)
						{
							$userinfo['where'] .= '<br />';
						}
						$userinfo['where'] .= construct_phrase($vbphrase['user_x'], '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>");
					}
				}
				break;
			case 'mail':
				$userinfo['action'] = $vbphrase['emailing'];
				if ($seeuserid)
				{
					$userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>";
				}
				break;
			case 'getinfo':
				$userinfo['action'] = $vbphrase['viewing_user_profile'];
				if ($seeuserid)
				{
					$userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>";
				}
				break;
			case 'converse':
				$userinfo['action'] = $vbphrase['viewing_conversation'];
				if ($seeuserid AND $wol_user["{$userinfo['guestuserid']}"])
				{
					$userinfo['where'] = construct_phrase($vbphrase['x_and_y_converse'], '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>", '<a href="' . fetch_seo_url('member', array('userid' => $userinfo['guestuserid'], 'username' => $wol_user["{$userinfo['guestuserid']}"])) . "\">$username</a>");
				}
				break;
			case 'editprofile':
				$userinfo['action'] = $vbphrase['modifying_profile'];
				break;
			case 'editoptions':
				$userinfo['action'] = $vbphrase['modifying_options'];
				break;
			case 'lostpw':
			case 'editpassword':
				$userinfo['action'] = $vbphrase['modifying_password'];
				break;
			case 'editavatar':
				$userinfo['action'] = $vbphrase['modifying_avatar'];
				break;
			case 'editprofilepic':
				$userinfo['action'] = $vbphrase['modifying_profilepic'];
				break;
			case 'editsignature':
				$userinfo['action'] = $vbphrase['modifying_signature'];
				break;
			case 'markread':
				$userinfo['where'] = $vbphrase['marking_forums_read'];
				break;
			case 'whoposted':
				if ($seetitle)
				{
					$userinfo['action'] = $vbphrase['viewing_who_posted'];
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>";
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_thread'];
				}
				break;
			case 'showattachments':
				if ($seetitle)
				{
					$userinfo['action'] = $vbphrase['viewing_attachment_list'];
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>";
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_thread'];
				}
				break;
			case 'showgroups':
				$userinfo['action'] = $vbphrase['viewing_forum_leaders'];
				break;
			case 'login':
				$userinfo['action'] = $vbphrase['logging_in'];
				break;
			case 'logout':
				if ($userinfo['badlocation'])
				{
					$userinfo['action'] = $vbphrase['logging_out'];
				}
				break;
			case 'archive':
				$userinfo['action'] = $vbphrase['viewing_archives'];
				if ($seetitle)
				{
					$userinfo['where'] = $threadprefix . "<a href=\"archive/index.php/t-$threadid.html\" title=\"$threadpreview\">$threadtitle</a>";
				}
				else if ($seeforum)
				{
					$userinfo['where'] = "<a href=\"archive/index.php/f-$forumid.html\">$forumtitle</a>";
				}
				break;
			case 'pm':
				$userinfo['action'] = $vbphrase['private_messaging'];
				if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'])
				{
					if ($seeuserid)
					{
						$userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>";
					}
					if ($userinfo['values']['do'] == 'newpm' OR $userinfo['values']['do'] == 'insertpm' OR $userinfo['values']['do'] == 'newmessage')
					{
						$userinfo['action'] = $vbphrase['creating_private_message'];
					}
					else if ($userinfo['values']['do'] == 'editfolders' OR $userinfo['action']['do'] == 'updatefolders')
					{
						$userinfo['action'] = $vbphrase['modifying_private_message_folders'];
					}
					else if ($userinfo['values']['do'] == 'trackpm' OR $userinfo['values']['do'] == 'deletepmreceipt')
					{
						$userinfo['action'] = $vbphrase['tracking_private_messages'];
					}
					else if ($userinfo['values']['do'] == 'showpm')
					{
						$userinfo['action'] = $vbphrase['viewing_private_message'];
					}
					else if ($userinfo['values']['do'] == 'downloadpm')
					{
						$userinfo['action'] = $vbphrase['downloading_private_messages'];
					}

				}
				break;
			case 'addbuddy':
			case 'addignore':
			case 'buddyignore':
				$userinfo['action'] = $vbphrase['modifying_contact_ignore_list'];
				break;
			case 'subfolders':
				$userinfo['action'] = $vbphrase['modifying_subscription_folders'];
				break;
			case 'subscription':
				$userinfo['action'] = $vbphrase['viewing_subscribed_threads'];
				break;
			case 'addsubforum':
				$userinfo['action'] = $vbphrase['subscribing_to_forum'];
				if ($seeforum)
				{
					$userinfo['where'] = '<a href="' . fetch_seo_url('forum', array('forumid' => $forumid, 'title' => $forumtitle)) . "\">$forumtitle</a>";
				}
				break;
			case 'addsubthread':
				$userinfo['action'] = $vbphrase['subscribing_to_thread'];
				if ($seetitle)
				{
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>";
				}
				break;
			case 'remsubthread':
				$userinfo['action'] = $vbphrase['deleting_subscribed_threads'];
				break;
			case 'remsubforum':
				$userinfo['action'] = $vbphrase['deleting_subscribed_forums'];
				break;
			case 'usercp':
				$userinfo['action'] = $vbphrase['viewing_user_control_panel'];
				break;
			case 'memberlistsearch':
				$userinfo['action'] = $vbphrase['searching_member_list'];
				break;
			case 'memberlist':
				$userinfo['action'] = $vbphrase['viewing_member_list'];
				break;

			case 'member_inlinemod':
				$userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
				if (can_moderate())
				{
					if ($seeuserid)
					{
						$userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>";
					}
				}
			break;

			case 'inlinemod':
				$userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
				if (can_moderate())
				{
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>";
					switch ($userinfo['values']['do'])
					{
						case 'open':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_opening_threads'] . '</i>';
							break;
						case 'close':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_closing_threads'] . '</i>';
							break;
						case 'stick':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_sticking_threads'] . '</i>';
							break;
						case 'unstick':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_unsticking_threads'] . '</i>';
							break;
						case 'deletethread':
						case 'dodeletethreads':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_deleting_threads'] . '</i>';
							break;
						case 'undeletethread':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_undeleting_threads'] . '</i>';
							break;
						case 'approvethread':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_approving_threads'] . '</i>';
							break;
						case 'unapprovethread':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_unapproving_threads'] . '</i>';
							break;

						case 'movethread':
						case 'domovethreads':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_moving_threads'] . '</i>';
							break;

						case 'mergethread':
						case 'domergethreads':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_merging_threads'] . '</i>';
							break;

						case 'deleteposts':
						case 'dodeleteposts':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_deleting_posts'] . '</i>';
							break;

						case 'undeleteposts':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_undeleting_posts'] . '</i>';
							break;
						case 'approveposts':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_approving_posts'] . '</i>';
							break;
						case 'unapproveposts':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_unapproving_posts'] . '</i>';
							break;

						case 'mergeposts':
						case 'domergeposts':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_merging_posts'] . '</i>';
							break;

						case 'moveposts':
						case 'domoveposts':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_moving_posts'] . '</i>';
							break;

						case 'clearthread':
						case 'clearpost':
							$userinfo['action'] = '<i>' . $vbphrase['inline_mod_clear'] . '</i>';
							break;
						case 'spampost':
						case 'dodeletespam':
						case 'spamconfirm':
							$userinfo['action'] = '<i>' . $vbphrase['managing_spam'] . '</i>';
							break;

					}
				}
				break;

			case 'postings':
				$userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</b></i>';
				if (can_moderate($forumid) AND $threadtitle AND $canview AND ($canviewothers OR $postuserid == $vbulletin->userinfo['userid']))
				{
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) ."\" title=\"$threadpreview\">$threadtitle</a>";
					switch ($userinfo['values']['do'])
					{
						case 'editthread':
						case 'updatethread':
							$userinfo['action'] = '<i>' . $vbphrase['modifying_thread'] . '</i>';
							break;
						case 'openclosethread':
							$userinfo['action'] = '<i>' . $vbphrase['open_close_thread'] . '</i>';
							break;
						case 'movethread':
							$userinfo['action'] = '<i>' .$vbphrase['choosing_forum_to_move_thread_to'] . '</i>';
							break;
						case 'domovethread':
							switch($userinfo['values']['method'])
							{
								case 'copy':
									$userinfo['action'] = '<i>' . $vbphrase['copying_thread_to_forum'] . '</i>';
									break;
								case 'move':
									$userinfo['action'] = '<i>' . $vbphrase['moving_thread_to_forum'] . '</i>';
									break;
								case 'movered':
									$userinfo['action'] = '<i>' . $vbphrase['moving_thread_with_redirect_to_forum'] . '</i>';
									break;
							}
							$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a><br />" .
											'<a href="' . fetch_seo_url('forum', array('forumid' => $forumid, 'title' => $forumtitle)) . "\">$forumtitle</a>";
							break;
						case 'deletethread':
						case 'dodeletethread':
							$userinfo['action'] = '<i>' . $vbphrase['deleting_thread'] . '</i>';
							break;
						case 'deleteposts':
						case 'dodeleteposts':
							$userinfo['where'] = '<i>' . $vbphrase['deleting_posts'] . '</i>';
							break;
						case 'merge':
						case 'domergethread':
							$userinfo['where'] = '<i>' . $vbphrase['merging_threads'] . '</i>';
							break;
						case 'stick':
							$userinfo['where'] = '<i>' . $vbphrase['stick_unstick_thread'] . '</i>';
							break;
						case 'getip':
							$userinfo['where'] = '<i>' . $vbphrase['viewing_ip_address'] . '</i>';
							break;
						case 'removeredirect':
							$userinfo['where'] = '<i>' . $vbphrase['deleting_redirect'] . '</i>';
							break;
					}
				}
				break;
			case 'register':
				$userinfo['action'] = $vbphrase['registering'];
				break;
			case 'requestemail':
				$userinfo['action'] = $vbphrase['request_activation_code'];
				break;
			case 'activate':
				$userinfo['action'] = $vbphrase['activating_registration'];
				break;
			case 'announcement':
				$userinfo['action'] = $vbphrase['viewing_announcement'];
				if ($seeforum)
				{
					$userinfo['where'] = '<a href="announcement.php?' . $vbulletin->session->vars['sessionurl'] . "f=$forumid\">$forumtitle</a>";
				}
				break;
			case 'usergroup':
				$userinfo['action'] = $vbphrase['modifying_usergroups'];
				break;
			case 'polls':
				switch ($userinfo['values']['do'])
				{
					case 'showresults':
						$userinfo['action'] = $vbphrase['viewing_poll'];
						break;
					case '':
					case 'newpoll':
					case 'postpoll':
						$userinfo['action'] = $vbphrase['creating_poll'];
						if ($seeforum)
						{
							$userinfo['where'] = '<a href="' . fetch_seo_url('forum', array('forumid' => $forumid, 'title' => $forumtitle)) . "\">$forumtitle</a>";
						}
						break;
					case 'polledit':
					case 'updatepoll':
						$userinfo['action'] = $vbphrase['modifying_poll'];
						break;
					case 'pollvote':
						$userinfo['action'] = $vbphrase['voting'];
						break;
				}
				break;
			case 'showsmilies':
				$userinfo['action'] = $vbphrase['viewing_smilies'];
				break;
			case 'showavatars':
				$userinfo['action'] = $vbphrase['viewing_avatars'];
				break;
			case 'bbcode':
				$userinfo['action'] = $vbphrase['viewing_bb_code'];
				break;
			case 'faq':
				$userinfo['action'] = $vbphrase['viewing_faq'];
				break;
			case 'edit':
				$userinfo['action'] = $vbphrase['modifying_post'];
				if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] AND $seetitle)
				{
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title']), array('p' => $postid)) ."#post$postid\" title=\"$threadpreview\">$threadtitle</a>";
				}
				break;
			case 'sendto':
				$userinfo['action'] = $vbphrase['sending_thread_to_friend'];
				if ($seetitle)
				{
					$userinfo['where'] = $threadprefix . '<a href="printthread.php?' . $vbulletin->session->vars['sessionurl'] . "t=$threadid\" title=\"$threadpreview\">$threadtitle</a>";
				}
				break;
			case 'contactus':
				$userinfo['action'] = $vbphrase['sending_forum_feedback'];
				break;
			case 'aim':
				$userinfo['action'] = $vbphrase['sending_aim_message'];
				if ($seeuserid)
				{
					$userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>";
				}
				break;
			case 'msn':
				$userinfo['action'] = $vbphrase['sending_msn_message'];
				if ($seeuserid)
				{
					$userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>";
				}
				break;
			case 'yahoo':
				$userinfo['action'] = $vbphrase['sending_yahoo_message'];
				if ($seeuserid)
				{
					$userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>";
				}
				break;
			case 'icq':
				$userinfo['action'] = $vbphrase['sending_icq_message'];
				if ($seeuserid)
				{
					$userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>";
				}
				break;
			case 'skype':
				$userinfo['action'] = $vbphrase['sending_skype_message'];
				if ($seeuserid)
				{
					$userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>";
				}
				break;
			case 'report':
				if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] AND $seetitle)
				{
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title']), array('p' => $postid)) ."#post$postid\" title=\"$threadpreview\">$threadtitle</a>";
				}
				$userinfo['action'] = $vbphrase['reporting_post'];
				break;
			case 'printthread':
				$userinfo['action'] = $vbphrase['viewing_printable_version'];
				if ($seetitle)
				{
					$userinfo['where'] = $threadprefix . '<a href="printthread.php?' . $vbulletin->session->vars['sessionurl'] . "t=$threadid\" title=\"$threadpreview\">$threadtitle</a>";
				}
				break;
			case 'calendarweek':
				$userinfo['action'] = $vbphrase['viewing_calendar'];
				if ($seecalendar)
				{
					if ($userinfo['week'])
					{
						$week = "&amp;week=$userinfo[week]";
					}
					$userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displayweek&amp;c=$calendarid$week\">$calendartitle</a>";

				}
				break;
			case 'calendarmonth';
				$userinfo['action'] = $vbphrase['viewing_calendar'];
				if ($seecalendar)
				{
					$userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displaymonth&amp;c=$calendarid&amp;month=$userinfo[month]&amp;year=$userinfo[year]\">$calendartitle</a>";
				}
				break;
			case 'calendaryear';
				$userinfo['action'] = $vbphrase['viewing_calendar'];
				if ($seecalendar)
				{
					if ($userinfo['year'])
					{
						$year = "&amp;year=$userinfo[year]";
					}
					$userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displayyear&amp;c=$calendarid$year\">$calendartitle</a>";
				}
				break;
			case 'calendarday':
				$userinfo['action'] = $vbphrase['viewing_calendar'];
				if ($seecalendar)
				{
					$userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getday&amp;c=$calendarid&amp;day=$userinfo[day]\">$calendartitle</a>";
				}
				break;
			case 'calendarevent':
				$userinfo['action'] = $vbphrase['viewing_event'];
				if ($seeevent)
				{
					$userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&amp;e=$eventid\">$eventtitle</a>";
				}
				break;
			case 'calendaradd':
			case 'calendaraddrecur':
				$userinfo['action'] = $vbphrase['creating_event'];
				if ($seecalendar)
				{
					$userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "c=$calendarid\">$calendartitle</a>";
				}
				break;
			case 'calendaredit':
				$userinfo['action'] = $vbphrase['modifying_event'];
				if ($seeevent)
				{
					$userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&amp;e=$eventid\">$eventtitle</a>";
				}
				break;
			case 'calreminder':
				$userinfo['action'] = $vbphrase['managing_reminder'];
				if ($seeevent)
				{
					$userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&amp;e=$eventid\">$eventtitle</a>";
				}
				break;
			case 'newusernote':
				$userinfo['action'] = $vbphrase['creating_user_note'];
				if ($seeuserid)
				{
					$userinfo['where'] = '<a href="usernote.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewuser&amp;u=$seeuserid\">$username</a>";
				}
				break;
			case 'usernote':
				$userinfo['action'] = $vbphrase['viewing_user_note'];
				if ($seeuserid)
				{
					$userinfo['where'] = '<a href="usernote.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewuser&amp;u=$seeuserid\">$username</a>";
				}
				break;
			case 'reputation':
				$userinfo['action'] = $vbphrase['giving_reputation'];
				if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] AND $seetitle)
				{
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>";
				}
				break;
			case 'joinrequests':
				$userinfo['action'] = $vbphrase['processing_joinrequests'];
				if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] AND $vbulletin->usergroupcache["$userinfo[usergroupid]"]['title'])
				{
					$userinfo['where'] = construct_phrase($vbphrase['viewing_x'], $vbulletin->usergroupcache["$userinfo[usergroupid]"]['title']);
				}
				break;
			case 'threadrate':
				$userinfo['action'] = $vbphrase['rating_thread'];
				if ($seetitle)
				{
					$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>";
				}
				break;
			case 'infractionreport':
				if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] OR $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction'])
				{
					$userinfo['action'] = $vbphrase['giving_infraction'];
					if ($seeuserid)
					{
						$userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>";
					}
					else if ($seetitle)
					{
						$userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title']), array('p' => $postid)) . "#post$postid\" title=\"$threadpreview\">$threadtitle</a>";
					}
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'infractionreverse':
				if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] OR $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction'])
				{
					$userinfo['action'] = $vbphrase['reversing_infraction'];
					if ($seeuserid)
					{
						$userinfo['where'] = '<a href="infraction.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;infractionid=$userinfo[infractionid]\">$username</a>";
					}
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'infractionview':
				if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] OR $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction'])
				{
					$userinfo['action'] = $vbphrase['viewing_infraction'];
					if ($seeuserid)
					{
						$userinfo['where'] = '<a href="infraction.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;infractionid=$userinfo[infractionid]\">$username</a>";
					}
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'modcp_deletedthreads':
				if (can_moderate())
				{
					$userinfo['action'] = $vbphrase['viewing_deleted_threads'];
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'modcp_deletedposts':
				if (can_moderate())
				{
					$userinfo['action'] = $vbphrase['viewing_deleted_posts'];
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'modcp_deletedvms':
				if (can_moderate(0,'canmoderatevisitormessages'))
				{
					$userinfo['action'] = $vbphrase['viewing_deleted_visitor_messages'];
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'modcp_deletedgms':
				if (can_moderate(0, 'canmoderategroupmessages'))
				{
					$userinfo['action'] = $vbphrase['viewing_deleted_social_group_messages'];
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'modcp_deletedpcs':
				if (can_moderate(0, 'canmoderatepicturecomments'))
				{
					$userinfo['action'] = $vbphrase['viewing_deleted_picture_comments'];
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'modcp_moderatedthreads':
				if (can_moderate(0, 'canmoderateposts'))
				{
					$userinfo['action'] = $vbphrase['viewing_moderated_threads'];
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'modcp_moderatedposts':
				if (can_moderate(0, 'canmoderateposts'))
				{
					$userinfo['action'] = $vbphrase['viewing_moderated_posts'];
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'modcp_moderatedvms':
				if (can_moderate(0, 'canmoderatevisitormessages'))
				{
					$userinfo['action'] = $vbphrase['viewing_moderated_visitor_messages'];
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'modcp_moderatedgms':
				if (can_moderate(0, 'canmoderategroupmessages'))
				{
					$userinfo['action'] = $vbphrase['viewing_moderated_social_group_messages'];
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'modcp_moderatedpcs':
				if (can_moderate(0, 'canmoderatepicturecomments'))
				{
					$userinfo['action'] = $vbphrase['viewing_moderated_picture_comments'];
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'modcp_moderatedattachments':
				if (can_moderate())
				{
					$userinfo['action'] = $vbphrase['viewing_moderated_attachments'];
				}
				else
				{
					$userinfo['action'] = $vbphrase['viewing_index'];
				}
				break;
			case 'payments':
				$userinfo['action'] = $vbphrase['viewing_paid_subscriptions'];
				break;
			case 'spider':
				$userinfo['action'] = $vbphrase['search_engine_spider'];
				break;
			case 'admincp':
				$userinfo['action'] = $vbphrase['admin_control_panel'];
				break;
			case 'admincplogin':
				$userinfo['action'] = $vbphrase['admin_control_panel_login'];
				break;
			case 'modcp':
				$userinfo['action'] = $vbphrase['moderator_control_panel'];
				break;
			case 'modcplogin':
				$userinfo['action'] = $vbphrase['moderator_control_panel_login'];
				break;
			case 'album_delete':
				$userinfo['action'] = $vbphrase['deleting_album'];
				break;

			case 'album_edit_album':
			{
				$userinfo['action'] = $vbphrase['editing_album'];
				if ($canviewalbum)
				{
					$userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid\">$albumname</a>";
				}
				break;
			}

			case 'album_new_album':
				$userinfo['action'] = $vbphrase['creating_album'];
				break;

			case 'album_edit_picture':
			{
				$userinfo['action'] = $vbphrase['editing_pictures'];
				if ($canviewalbum)
				{
					if (!empty($userinfo['attachmentid']))
					{
						$userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid&amp;attachmentid=" . $userinfo['attachmentid'] ."\">$albumname</a>";
					}
					else
					{
						$userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid\">$albumname</a>";
					}
				}
			}
			break;

			case 'album_upload':
			{
				$userinfo['action'] = $vbphrase['uploading_pictures'];
				if ($canviewalbum)
				{
					$userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid\">$albumname</a>";
				}
			}
			break;

			case 'album_picture':
			{
				$userinfo['action'] = $vbphrase['viewing_picture'];
				if ($canviewalbum)
				{
					if (!empty($userinfo['attachmentid']))
					{
						$userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid&amp;attachmentidid=" . $userinfo['attachmentid'] ."\">$albumname</a>";
					}
					else
					{
						$userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid\">$albumname</a>";
					}
				}
			}
			break;

			case 'album_album':
			{
				$userinfo['action'] = $vbphrase['viewing_album'];
				if ($canviewalbum)
				{
					$userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid\">$albumname</a>";
				}
			}
			break;

			case 'album_user':
			{
				$userinfo['action'] = $vbphrase['viewing_users_album'];
				if ($seeuserid)
				{
					$userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "userid=$seeuserid\">$username</a>";
				}
			}
			break;

			case 'album_unread_comments':
				$userinfo['action'] = $vbphrase['viewing_unread_picture_comments'];
				break;

			case 'album_moderated_comments':
				$userinfo['action'] = $vbphrase['viewing_picture_comments_awaiting_approval'];
				break;

			case 'picturecomment_posting':
				$userinfo['action'] = $vbphrase['posting_picture_comment'];
				break;

			case 'picturecomment_delete':
				$userinfo['action'] = $vbphrase['deleting_picture_comment'];
				break;

			case 'picturecomment_reporting':
				$userinfo['action'] = $vbphrase['reporting_picture_comment'];
				break;

			case 'picture_inlinemod':
				$userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
				break;
				
			case 'viewing_cms_content':
				require_once(DIR . '/includes/functions_login.php');
				$userinfo['action'] = $vbphrase['viewing_cms_content']  ;
				$userinfo['location'] = fetch_replaced_session_url(stripslashes($userinfo['location']));
				$userinfo['where'] = "<a href=\"$userinfo[location]\">$userinfo[location]</a>";
				break;
				
			case 'viewing_cms_list':
				require_once(DIR . '/includes/functions_login.php');
				$userinfo['action'] =$vbphrase['viewing_cms_list'] ;
				$userinfo['location'] = fetch_replaced_session_url(stripslashes($userinfo['location']));
				$userinfo['where'] = "<a href=\"$userinfo[location]\">$userinfo[location]</a>";
				break;

			default:
				$handled = false;
				($hook = vBulletinHook::fetch_hook('online_location_unknown')) ? eval($hook) : false;

				if ($handled == false)
				{
					if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad'])
					{
						require_once(DIR . '/includes/functions_login.php');
						$userinfo['location'] = fetch_replaced_session_url(stripslashes($userinfo['location']));
						$userinfo['where'] = "<a href=\"$userinfo[location]\">$userinfo[location]</a>";
						$userinfo['action'] = '<b>' . $vbphrase['unknown_location'] . '</b>';
					}
					else
					{
						// We were unable to parse the location
						$userinfo['action'] = $vbphrase['viewing_index'];
						$userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>";
					}
				}
		}
	}

	if ($userinfo['badlocation'] == 1)
	{ // User received 'no permissions screen'
		if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad'] OR $userinfo['userid'] == $vbulletin->userinfo['userid'])
		{
			$show['nopermission'] = true;
		}
		else
		{
			$userinfo['action'] = $vbphrase['viewing_index'];
			$userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>";
		}
	}
	else if ($userinfo['badlocation'] == 2)
	{ // Forum is locked
		$show['lockedout'] = true;
	}
	else if ($userinfo['badlocation'] == 3)
	{ // User received error screen
		if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad'] OR $userinfo['userid'] == $vbulletin->userinfo['userid'])
		{
			$show['errormessage'] = true;
		}
		else
		{
			$userinfo['action'] = $vbphrase['viewing_index'];
			$userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>";
		}
	}
	if (!($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinelocation']))
	{
		unset($userinfo['location']);
	}

	$userinfo['host_encoded'] = urlencode($userinfo['host']);

	if ($vbulletin->options['yestoday'] == 2)
	{
		$userinfo['time'] = vbdate($vbulletin->options['dateformat'], $userinfo['lastactivity'], 1);
	}
	else
	{
		$userinfo['time'] = vbdate($vbulletin->options['timeformat'], $userinfo['lastactivity']);
	}
	$wol_post['userid'] = $userinfo['userid'];
	$wol_post['username'] = $userinfo['realname'];

	($hook = vBulletinHook::fetch_hook('online_bit_complete')) ? eval($hook) : false;

	if ($doall)
	{
		$show['loggedinuser'] = iif($userinfo['userid'], true, false);
		$show['buddy'] = iif($userinfo['buddy'], true, false);
		if ($userinfo['spider'])
		{
			$show['spider'] = true;
			if (!$userinfo['spidertype'] OR !($spidertype = construct_phrase($vbphrase["x_spider_{$userinfo['spidertype']}"], $userinfo['spider'])))
			{
				$spidertype = construct_phrase($vbphrase['x_spider_searchspider'], $userinfo['spider']);
			}
		}
		else
		{
			$show['spider'] = false;
		}

		$show['reallocation'] = iif($userinfo['location'], true, false);
		$show['subscribed'] = iif($wol_thread["$threadid"]['issubscribed'] AND $seetitle, true, false);
		$show['where'] = iif($userinfo['where'], true, false);

		$templater = vB_Template::create('whosonlinebit');
			$templater->register('count', $count);
			$templater->register('ipclass', $ipclass);
			$templater->register('spidertype', $spidertype);
			$templater->register('userinfo', $userinfo);
		$onlinebits = $templater->render();
		return $onlinebits;
	}
	else
	{
		return $userinfo;
	}
}
Exemple #18
0
	public function getData()
	{
		if ($this->config['threads_forumids'])
		{
			if (in_array(-1, $this->config['threads_forumids']))
			{
				$forumids = array_keys($this->registry->forumcache);
			}
			else
			{
				$forumids = $this->config['threads_forumids'];
			}
		}
		else
		{
			$forumids = array_keys($this->registry->forumcache);
		}

		$datecut = TIMENOW - ($this->config['datecut'] * 86400);

		switch (intval($this->config['threads_type']))
		{
			case 0:
				$ordersql = " thread.dateline DESC";
				$datecutoffsql = " AND thread.dateline > $datecut";
				break;
			case 1:
				$ordersql = " thread.lastpost DESC";
				$datecutoffsql = " AND thread.lastpost > $datecut";
				break;
			case 2:
				$ordersql = " thread.replycount DESC";
				$datecutoffsql = " AND thread.dateline > $datecut";
				break;
			case 3:
				$ordersql = " thread.views DESC";
				$datecutoffsql = " AND thread.dateline > $datecut";
				break;
		}

		foreach ($forumids AS $forumid)
		{
			$forumperms =& $this->registry->userinfo['forumpermissions']["$forumid"];
			if ($forumperms & $this->registry->bf_ugp_forumpermissions['canview']
				AND ($forumperms & $this->registry->bf_ugp_forumpermissions['canviewothers'])
				AND (($forumperms & $this->registry->bf_ugp_forumpermissions['canviewthreads']))
				AND verify_forum_password($forumid, $this->registry->forumcache["$forumid"]['password'], false)
				)
			{
				$forumchoice[] = $forumid;
			}
		}

		if (!empty($forumchoice))
		{
			$forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")";

			// remove threads from users on the global ignore list if user is not a moderator
			$globalignore = '';
			if (trim($this->registry->options['globalignore']) != '')
			{
				require_once(DIR . '/includes/functions_bigthree.php');
				if ($Coventry = fetch_coventry('string'))
				{
					$globalignore = "AND thread.postuserid NOT IN ($Coventry) ";
				}
			}

			// query last threads from visible / chosen forums
			$threads = $this->registry->db->query_read_slave("
				SELECT thread.threadid, thread.title, thread.prefixid, post.attach,
					thread.postusername, thread.dateline, thread.lastpostid, thread.lastpost, thread.lastposterid, thread.lastposter, thread.replycount,
					forum.forumid, forum.title_clean as forumtitle,
					post.pagetext AS message, post.allowsmilie, post.postid,
					user.*
					" . ($this->registry->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "
				FROM " . TABLE_PREFIX . "thread AS thread
				INNER JOIN " . TABLE_PREFIX . "forum AS forum ON(forum.forumid = thread.forumid)
				LEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = thread.firstpostid)
				LEFT JOIN " . TABLE_PREFIX . "user AS user ON (thread.postuserid = user.userid)
				" . ($this->registry->products['vbcms'] ? " LEFT JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.associatedthreadid = thread.threadid \n" :  '')
			. ($this->registry->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "
			WHERE 1=1
				$forumsql
				AND thread.visible = 1
				AND post.visible = 1
				AND open <> 10
				$datecutoffsql
				$globalignore
				" . ($this->userinfo['ignorelist'] ? "AND thread.postuserid NOT IN (" . implode(',', explode(' ', $this->userinfo['ignorelist'])) . ")": '')
			. ($this->registry->products['vbcms'] ? " AND info.associatedthreadid IS NULL " :  '')
			. "
			ORDER BY$ordersql
			LIMIT 0," . intval($this->config['threads_limit']) . "
			");

			while ($thread = $this->registry->db->fetch_array($threads))
			{
//				$thread['url'] = fetch_seo_url('thread', $thread);
//				$thread['newposturl'] = fetch_seo_url('thread', $thread, array('goto' => 'newpost'));
//				$thread['lastposturl'] = fetch_seo_url('thread', $thread, array('p' => $thread['lastpostid'])) . '#post' . $thread['lastpostid'];

				// trim the title after fetching the urls
				//$thread['title'] = fetch_trimmed_title($thread['title'], $this->config['threads_titlemaxchars']);

				$thread['date'] = vbdate($this->registry->options['dateformat'], $thread['dateline'], true);
				$thread['time'] = vbdate($this->registry->options['timeformat'], $thread['dateline']);

				$thread['lastpostdate'] = vbdate($this->registry->options['dateformat'], $thread['lastpost'], true);
				$thread['lastposttime'] = vbdate($this->registry->options['timeformat'], $thread['lastpost']);

				// get avatar
				$this->fetch_avatarinfo($thread);

				$threadarray[$thread['threadid']] = $thread;
			}
		}
		return $threadarray;
	}
Exemple #19
0
function do_get_post()
{
    global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $postinfo;
    $vbulletin->input->clean_array_gpc('r', array('type' => TYPE_STR));
    $type = 'html';
    if ($vbulletin->GPC['type']) {
        $type = $vbulletin->GPC['type'];
    }
    if (!$postinfo['postid']) {
        standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']));
    }
    if ((!$postinfo['visible'] or $postinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) {
        standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']));
    }
    if ((!$threadinfo['visible'] or $threadinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) {
        standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink']));
    }
    $forumperms = fetch_permissions($threadinfo['forumid']);
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
        json_error(ERR_NO_PERMISSION);
    }
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
        json_error(ERR_NO_PERMISSION);
    }
    // check if there is a forum password and if so, ensure the user has it set
    verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
    $postbit_factory = new vB_Postbit_Factory();
    $postbit_factory->registry =& $vbulletin;
    $postbit_factory->forum =& $foruminfo;
    $postbit_factory->cache = array();
    $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
    $post = $db->query_first_slave("\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t    user.*, userfield.*, usertextfield.*,\n\t    " . iif($foruminfo['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t    IF(user.displaygroupid=0, user.usergroupid, user.displaygroupid) AS displaygroupid, infractiongroupid,\n\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline, editlog.reason AS edit_reason, editlog.hashistory,\n\t\tpostparsed.pagetext_html, postparsed.hasimages,\n\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight\n\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t\t" . iif($foruminfo['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t\t{$hook_query_joins}\n\t\tWHERE post.postid = {$postid}\n    ");
    $types = vB_Types::instance();
    $contenttypeid = $types->getContentTypeID('vBForum_Post');
    $attachments = $db->query_read_slave("\n\t\tSELECT\n\t\t\tfd.thumbnail_dateline, fd.filesize, IF(fd.thumbnail_filesize > 0, 1, 0) AS hasthumbnail, fd.thumbnail_filesize,\n\t\t\ta.dateline, a.state, a.attachmentid, a.counter, a.contentid AS postid, a.filename,\n\t\t\ttype.contenttypes\n\t\tFROM " . TABLE_PREFIX . "attachment AS a\n\t\tINNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (a.filedataid = fd.filedataid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "attachmenttype AS type ON (fd.extension = type.extension)\n\t\tWHERE\n\t\t\ta.contentid = {$postid}\n\t\t\t\tAND\n\t\t\ta.contenttypeid = {$contenttypeid}\n\t\tORDER BY a.attachmentid\n\t");
    $fr_images = array();
    while ($attachment = $db->fetch_array($attachments)) {
        $lfilename = strtolower($attachment['filename']);
        if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
            $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']);
            if ($vbulletin->options['attachthumbs']) {
                $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1';
            }
            $fr_images[] = $tmp;
        }
    }
    $postbits = '';
    $postbit_obj =& $postbit_factory->fetch_postbit('post');
    $postbit_obj->cachable = $post_cachable;
    $postbits .= $postbit_obj->construct_postbit($post);
    if ($type == 'html') {
        $bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
        $vbulletin->templatecache['bbcode_quote'] = '
<div style=\\"margin:0px; margin-top:0px;\\">
	<table cellpadding=\\"$stylevar[cellpadding]\\" cellspacing=\\"0\\" border=\\"0\\" width=\\"100%\\">
	<tr>
		<td class=\\"alt2\\" style=\\"border:1px solid #777777;\\">
			".(($show[\'username\']) ? ("
				<div>
					" . construct_phrase("$vbphrase[originally_posted_by_x]", "$username") . "
				</div>
				<div style=\\"font-style:italic\\">$message</div>
			") : ("
				$message
			"))."
		</td>
	</tr>
	</table>
</div>
	';
        $css = <<<EOF
<style type="text/css">
body {
  margin: 0;
  padding: 3;
  font: 13px Arial, Helvetica, sans-serif;
}
.alt2 {
  background-color: #e6edf5;
  font: 13px Arial, Helvetica, sans-serif;
}
html {
    -webkit-text-size-adjust: none;
}
</style>
EOF;
        $html = $css . $bbcode_parser->parse($post['pagetext']);
        $image = '';
    } else {
        if ($type == 'facebook') {
            $html = fetch_censored_text(strip_bbcode(strip_quotes($post['pagetext']), false, true));
            if (count($fr_images)) {
                $image = $fr_images[0]['img'];
            }
        }
    }
    // Figure out if we can post
    $canpost = true;
    if ($threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
        $canpost = false;
    }
    if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) {
        $canpost = false;
    }
    if (!$threadinfo['open']) {
        if (!can_moderate($threadinfo['forumid'], 'canopenclose')) {
            $canpost = false;
        }
    }
    if (($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) {
        $canpost = false;
    }
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and $vbulletin->userinfo['userid'] == $threadinfo['postuserid']) {
        $canpost = false;
    }
    // Avatar work
    $avatarurl = '';
    if ($post['avatarurl']) {
        $avatarurl = process_avatarurl($post['avatarurl']);
    }
    // Get post date/time
    $postdate = vbdate($vbulletin->options['dateformat'], $post['dateline'], 1);
    $posttime = vbdate($vbulletin->options['timeformat'], $post['dateline']);
    // Parse the post for quotes and inline images
    list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $post['allowsmilie'] && $usesmilies);
    $out = array('html' => prepare_utf8_string($html), 'post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'forum_title' => prepare_utf8_string($foruminfo['title_clean']), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'] ? (string) $post['posts'] : '0', 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'canpost' => $canpost, 'quotable' => $nuked_quotes, 'canattach' => $forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid'], 'edittext' => prepare_utf8_string($post['pagetext']));
    if ($avatarurl != '') {
        $out['avatarurl'] = $avatarurl;
    }
    if ($post['editlink']) {
        $out['canedit'] = true;
    }
    if ($image != '') {
        $out['image'] = $image;
    }
    return $out;
}
Exemple #20
0
function do_report()
{
    global $vbulletin, $postinfo, $threadinfo, $foruminfo;
    if (!$vbulletin->userinfo['userid']) {
        json_error(ERR_NO_PERMISSION);
    }
    $reportthread = ($rpforumid = $vbulletin->options['rpforumid'] and $rpforuminfo = fetch_foruminfo($rpforumid));
    $reportemail = ($vbulletin->options['enableemail'] and $vbulletin->options['rpemail']);
    if (!$reportthread and !$reportemail) {
        standard_error(fetch_error('emaildisabled'));
    }
    $reportobj = new vB_ReportItem_Post($vbulletin);
    $reportobj->set_extrainfo('forum', $foruminfo);
    $reportobj->set_extrainfo('thread', $threadinfo);
    $perform_floodcheck = $reportobj->need_floodcheck();
    if ($perform_floodcheck) {
        $reportobj->perform_floodcheck_precommit();
    }
    $forumperms = fetch_permissions($threadinfo['forumid']);
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or $threadinfo['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
        json_error(ERR_NO_PERMISSION);
    }
    if (!$postinfo['postid']) {
        standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']));
    }
    if ((!$postinfo['visible'] or $postinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) {
        standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']));
    }
    if ((!$threadinfo['visible'] or $threadinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) {
        standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink']));
    }
    // check if there is a forum password and if so, ensure the user has it set
    verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
    ($hook = vBulletinHook::fetch_hook('report_start')) ? eval($hook) : false;
    $vbulletin->input->clean_array_gpc('p', array('reason' => TYPE_STR));
    if ($vbulletin->GPC['reason'] == '') {
        standard_error(fetch_error('noreason'));
    }
    if ($perform_floodcheck) {
        $reportobj->perform_floodcheck_commit();
    }
    $reportobj->do_report(prepare_remote_utf8_string($vbulletin->GPC['reason']), $postinfo);
    return array('success' => true);
}
Exemple #21
0
    // used for session.inthread
    $foruminfo = array('forumid' => $attachmentinfo['forumid']);
    // used for session.inforum
    # Block attachments belonging to soft deleted posts and threads
    if (!can_moderate($attachmentinfo['forumid']) and ($attachmentinfo['post_visible'] == 2 or $attachmentinfo['thread_visible'] == 2)) {
        eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])));
    }
    # Block attachments belonging to moderated posts and threads
    if (!can_moderate($attachmentinfo['forumid'], 'canmoderateposts') and ($attachmentinfo['post_visible'] == 0 or $attachmentinfo['thread_visible'] == 0)) {
        eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])));
    }
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($attachmentinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
        print_no_permission();
    }
    // check if there is a forum password and if so, ensure the user has it set
    verify_forum_password($attachmentinfo['forumid'], $vbulletin->forumcache["{$attachmentinfo['forumid']}"]['password']);
    if (!$attachmentinfo['visible'] and !can_moderate($attachmentinfo['forumid'], 'canmoderateattachments') and $attachmentinfo['userid'] != $vbulletin->userinfo['userid']) {
        eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])));
    }
}
// handle lightbox requests
if ($_REQUEST['do'] == 'lightbox') {
    require_once DIR . '/includes/class_xml.php';
    $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
    if (in_array(strtolower($attachmentinfo['extension']), array('jpg', 'jpeg', 'jpe', 'gif', 'png'))) {
        $uniqueid = $vbulletin->GPC['uniqueid'];
        $imagelink = 'attachment.php?' . $vbulletin->session->vars['sessionurl'] . 'attachmentid=' . $attachmentinfo['attachmentid'] . '&d=' . $attachmentinfo['dateline'];
        $attachmentinfo['date_string'] = vbdate($vbulletin->options['dateformat'], $attachmentinfo['dateline']);
        $attachmentinfo['time_string'] = vbdate($vbulletin->options['timeformat'], $attachmentinfo['dateline']);
        $show['newwindow'] = $attachmentinfo['newwindow'] ? true : false;
        ($hook = vBulletinHook::fetch_hook('attachment_lightbox')) ? eval($hook) : false;
Exemple #22
0
 private function getThreads($type)
 {
     global $vbulletin, $VB_API_REQUESTS;
     if ($vbulletin->options['mobilehomethreadforumids']) {
         $forumids = $this->verifycommaoption($vbulletin->options['mobilehomethreadforumids']);
     }
     if (!$forumids) {
         $forumids = array_keys($vbulletin->forumcache);
     }
     if ($type != 'last') {
         $datecut = TIMENOW - $vbulletin->options['mobilehomethreaddatecut'] * 86400;
     } else {
         $datecut = $vbulletin->userinfo['lastvisit'];
     }
     switch ($type) {
         case 'top':
             $ordersql = " thread.views DESC";
             $datecutoffsql = " AND thread.dateline > {$datecut}";
             break;
         case 'new':
             $ordersql = " thread.dateline DESC";
             $datecutoffsql = " AND thread.dateline > {$datecut}";
             break;
         case 'last':
             $ordersql = " thread.lastpost DESC";
             $datecutoffsql = " AND thread.lastpost > {$datecut}";
             break;
         default:
             return null;
     }
     foreach ($forumids as $forumid) {
         $forumperms =& $vbulletin->userinfo['forumpermissions']["{$forumid}"];
         if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] and verify_forum_password($forumid, $vbulletin->forumcache["{$forumid}"]['password'], false)) {
             $forumchoice[] = $forumid;
         }
     }
     if (!empty($forumchoice)) {
         $forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")";
         // remove threads from users on the global ignore list if user is not a moderator
         $globalignore = '';
         if (trim($vbulletin->options['globalignore']) != '') {
             require_once DIR . '/includes/functions_bigthree.php';
             if ($Coventry = fetch_coventry('string')) {
                 $globalignore = "AND thread.postuserid NOT IN ({$Coventry}) ";
             }
         }
         // query last threads from visible / chosen forums
         $threads = $vbulletin->db->query_read_slave("\n\t\t\t\tSELECT thread.threadid, thread.title, thread.prefixid, post.attach,\n\t\t\t\t\tthread.postusername, thread.dateline, thread.lastpostid, thread.lastpost AS threadlastpost, thread.lastposterid, thread.lastposter, thread.replycount, thread.views,\n\t\t\t\t\tforum.forumid, forum.title_clean as forumtitle,\n\t\t\t\t\tpost.pagetext AS message, post.allowsmilie, post.postid,\n\t\t\t\t\tuser.*\n\t\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t\t\tINNER JOIN " . TABLE_PREFIX . "forum AS forum ON(forum.forumid = thread.forumid)\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = thread.firstpostid)\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (thread.postuserid = user.userid)\n\t\t\t\t" . ($vbulletin->products['vbcms'] ? " LEFT JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.associatedthreadid = thread.threadid \n" : '') . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\tWHERE 1=1\n\t\t\t\t{$forumsql}\n\t\t\t\tAND thread.visible = 1\n\t\t\t\tAND post.visible = 1\n\t\t\t\tAND open <> 10\n\t\t\t\t{$datecutoffsql}\n\t\t\t\t{$globalignore}\n\t\t\t\t" . ($vbulletin->userinfo['ignorelist'] ? "AND thread.postuserid NOT IN (" . implode(',', explode(' ', $vbulletin->userinfo['ignorelist'])) . ")" : '') . ($vbulletin->products['vbcms'] ? " AND info.associatedthreadid IS NULL " : '') . "\n\t\t\tORDER BY{$ordersql}\n\t\t\tLIMIT 0, " . $vbulletin->options['mobilehomemaxitems'] . "\n\t\t\t");
         $i = 0;
         while ($thread = $vbulletin->db->fetch_array($threads)) {
             // still need to censor the title
             $thread['title'] = fetch_censored_text($thread['title']);
             // get avatar
             $this->fetch_avatarinfo($thread);
             $array[$i] = array('id' => $thread['threadid'], 'title' => $thread['title'], 'replycount' => $thread['replycount'], 'viewcount' => $thread['views'], 'userid' => $thread['userid'], 'username' => $thread['postusername'], 'avatarurl' => $thread['avatarurl'], 'type' => 'thread', 'time' => $thread['lastpost']);
             if ($VB_API_REQUESTS['api_version'] > 1) {
                 $array[$i]['lastposttime'] = $thread['threadlastpost'];
             } else {
                 $array[$i]['lastpostdate'] = date($vbulletin->options['dateformat'], $thread['threadlastpost']);
                 $array[$i]['lastposttime'] = date($vbulletin->options['timeformat'], $thread['threadlastpost']);
             }
             $i++;
         }
     }
     return $array;
 }
Exemple #23
0
 }
 $show['postinfo'] = ($infractioninfo['postid'] and $threadinfo);
 if ($infractioninfo['threadid'] and $disthreadinfo = fetch_threadinfo($infractioninfo['threadid'])) {
     $show['disthread'] = true;
     if ((!$disthreadinfo['visible'] or $disthreadinfo['isdeleted']) and !can_moderate($disthreadinfo['forumid'])) {
         $show['disthread'] = false;
     }
     $forumperms = fetch_permissions($disthreadinfo['forumid']);
     if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
         $show['disthread'] = false;
     }
     if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($disthreadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
         $show['disthread'] = false;
     }
     // check if there is a forum password and if so, ensure the user has it set
     if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
         $show['disthread'] = false;
     }
 } else {
     $show['disthread'] = false;
 }
 // draw nav bar
 $navbits = array();
 $parentlist = array_reverse(explode(',', $foruminfo['parentlist']));
 foreach ($parentlist as $forumID) {
     $forumTitle = $vbulletin->forumcache["{$forumID}"]['title'];
     $navbits['forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumID}"] = $forumTitle;
 }
 if ($postinfo['postid']) {
     $navbits['showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postinfo['postid']}#post{$postinfo['postid']}"] = $threadinfo['prefix_plain_html'] . ' ' . $threadinfo['title'];
 }
 /**
  * Loads assorted show variables. Ideally, these would be used in templates,
  * but sometimes they're used within code.
  */
 public function load_show_variables()
 {
     parent::load_show_variables();
     global $vbulletin, $show, $threadinfo, $foruminfo;
     $show['foruminfo'] = (THIS_SCRIPT == 'forumdisplay' and $vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']);
     if (THIS_SCRIPT == 'showthread' and $threadinfo['threadid']) {
         if (!($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) or (!$threadinfo['visible'] and !can_moderate($foruminfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($foruminfo['forumid'])) or in_coventry($threadinfo['postuserid']) and !can_moderate($foruminfo['forumid']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
             $show['threadinfo'] = false;
         } else {
             $show['threadinfo'] = true;
         }
     } else {
         $show['threadinfo'] = false;
     }
 }
Exemple #25
0
function fetch_search_forumids_array($parentid = -1, $depthmark = '')
{
    global $searchforumids, $vbulletin;
    static $indexed_forum_cache;
    if ($parentid == -1) {
        $searchforumids = array();
        $indexed_forum_cache = array();
        foreach ($vbulletin->forumcache as $forumid => $forum) {
            $indexed_forum_cache["{$forum['parentid']}"]["{$forumid}"] =& $vbulletin->forumcache["{$forumid}"];
        }
    }
    if (is_array($indexed_forum_cache["{$parentid}"])) {
        foreach ($indexed_forum_cache["{$parentid}"] as $forumid => $forum) {
            $forumperms =& $vbulletin->userinfo['forumpermissions']["{$forumid}"];
            if ($forum['displayorder'] != 0 and $forumperms & $vbulletin->bf_ugp_forumpermissions['canview'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['cansearch'] and $forum['options'] & $vbulletin->bf_misc_forumoptions['active'] and verify_forum_password($forum['forumid'], $forum['password'], false)) {
                $vbulletin->forumcache["{$forumid}"]['depthmark'] = $depthmark;
                $searchforumids[] = $forumid;
                fetch_search_forumids_array($forumid, $depthmark . FORUM_PREPEND);
            }
        }
    }
}
Exemple #26
0
    } else {
        if ($number_of_forums > 1) {
            $title = implode(',', $forumchoice);
        } else {
            $title = '';
        }
    }
    if (!empty($forumchoice)) {
        $forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")";
    } else {
        $forumsql = "";
    }
} else {
    foreach (array_keys($vbulletin->forumcache) as $forumid) {
        $forumperms =& $vbulletin->userinfo['forumpermissions']["{$forumid}"];
        if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'] and ($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] or in_array($vbulletin->GPC['type'], array('JS', 'XML'))) and verify_forum_password($forumid, $vbulletin->forumcache["{$forumid}"]['password'], false)) {
            $forumchoice[] = $forumid;
        }
    }
    if (!empty($forumchoice)) {
        $forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")";
    } else {
        $forumsql = "";
    }
}
if (empty($forumchoice)) {
    // no access to view selected forums
    exit;
}
switch ($vbulletin->GPC['type']) {
    case 'JS':
Exemple #27
0
function do_subscribe_thread()
{
    global $vbulletin, $db, $foruminfo, $threadinfo;
    if (!$vbulletin->userinfo['userid']) {
        json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN);
    }
    $vbulletin->input->clean_array_gpc('r', array('emailupdate' => TYPE_UINT, 'folderid' => TYPE_INT));
    $vbulletin->GPC['folderid'] = 0;
    if (!$foruminfo['forumid']) {
        json_error(ERR_INVALID_THREAD);
    }
    $forumperms = fetch_permissions($foruminfo['forumid']);
    if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
        json_error(ERR_INVALID_THREAD);
    }
    if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) {
        json_error(ERR_CANNOT_SUB_FORUM_CLOSED);
    }
    // check if there is a forum password and if so, ensure the user has it set
    if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) {
        json_error(ERR_CANNOT_SUB_PASSWORD);
    }
    if ($threadinfo['threadid']) {
        if (!$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts')) {
            json_error(ERR_INVALID_THREAD);
        }
        if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or ($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
            json_error(ERR_INVALID_THREAD);
        }
        /*insert query*/
        $db->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, " . $vbulletin->GPC['emailupdate'] . ", " . $vbulletin->GPC['folderid'] . ", 1)\n\t\t");
    } else {
        if ($foruminfo['forumid']) {
            /*insert query*/
            $db->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribeforum (userid, emailupdate, forumid)\n\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", " . $vbulletin->GPC['emailupdate'] . ", " . $vbulletin->GPC['forumid'] . ")\n\t\t");
        }
    }
    return array('success' => true);
}
Exemple #28
0
 protected function fetchCanViewForum($forumid)
 {
     return vB::$vbulletin->userinfo['forumpermissions']["{$forumid}"] & vB::$vbulletin->bf_ugp_forumpermissions['canview'] and verify_forum_password($forumid, vB::$vbulletin->forumcache["{$forumid}"]['password'], false);
 }
Exemple #29
0
function construct_online_bit($userinfo, $doall = 0)
{
    global $vbulletin, $limitlower, $limitupper, $stylevar, $vbphrase, $ipclass, $show;
    global $wol_album, $wol_attachment, $wol_calendar, $wol_event, $wol_inf, $wol_pm, $wol_post, $wol_search, $wol_socialgroup, $wol_thread, $wol_user;
    static $count;
    $count++;
    $show['nopermission'] = false;
    $show['lockedout'] = false;
    $show['errormessage'] = false;
    if ($doall == 1 and ($count > $limitupper or $count < $limitlower)) {
        return '';
    }
    if ($userinfo['attachmentid']) {
        $postid = $wol_attachment["{$userinfo['attachmentid']}"];
    } else {
        $postid = $userinfo['postid'];
    }
    if ($postid) {
        $threadid = $wol_post["{$postid}"];
    } else {
        $threadid = $userinfo['threadid'];
    }
    $forumid = $userinfo['forumid'];
    $calendarid = $userinfo['calendarid'];
    $eventid = $userinfo['eventid'];
    $searchid = $userinfo['searchid'];
    $groupid = $userinfo['socialgroupid'];
    $albumid = $userinfo['albumid'];
    if ($albumid) {
        require_once DIR . '/includes/functions_album.php';
        $albumname = fetch_censored_text($wol_album["{$albumid}"]['title']);
        $canviewalbum = true;
        if ($wol_album["{$albumid}"]['state'] == 'profile' and !can_view_profile_albums($wol_album["{$albumid}"]['userid'])) {
            $canviewalbum = false;
        } else {
            if ($wol_album["{$albumid}"]['state'] == 'private' and !can_view_private_albums($wol_album["{$albumid}"]['userid'])) {
                $canviewalbum = false;
            }
        }
    }
    if ($groupid) {
        $groupname = fetch_censored_text($wol_socialgroup["{$groupid}"]['name']);
        $canviewgroup = true;
    }
    if ($searchid) {
        $searchquery = $wol_search["{$searchid}"]['query'];
        $searchuser = $wol_search["{$searchid}"]['searchuser'];
        $searchuserid = $wol_search["{$searchid}"]['userid'];
    }
    if (!$forumid and isset($wol_thread["{$threadid}"]['forumid'])) {
        $forumid = $wol_thread["{$threadid}"]['forumid'];
    } else {
        if (!$forumid and isset($wol_thread["{$wol_post[$postid]}"]['forumid'])) {
            $forumid = $wol_thread["{$wol_post[$postid]}"]['forumid'];
        }
    }
    $threadtitle = fetch_censored_text($wol_thread["{$threadid}"]['title']);
    $threadprefix = $wol_thread["{$threadid}"]['prefixid'] ? $vbphrase['prefix_' . $wol_thread["{$threadid}"]['prefixid'] . '_title_rich'] . ' ' : '';
    $canview = $vbulletin->userinfo['forumpermissions']["{$forumid}"] & $vbulletin->bf_ugp_forumpermissions['canview'];
    $canviewothers = $vbulletin->userinfo['forumpermissions']["{$forumid}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers'];
    $canviewthreads = $vbulletin->userinfo['forumpermissions']["{$forumid}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads'];
    $postuserid = $wol_thread["{$threadid}"]['postuserid'];
    $forumtitle = $vbulletin->forumcache["{$forumid}"]['title'];
    $threadpreview = $wol_thread["{$threadid}"]['preview'];
    if (!$calendarid and isset($wol_event["{$eventid}"]['calendarid'])) {
        $calendarid = $wol_event["{$eventid}"]['calendarid'];
    }
    $eventtitle = htmlspecialchars_uni($wol_event["{$eventid}"]['title']);
    $eventpostuserid = $wol_event["{$eventid}"]['postuserid'];
    $calendartitle = $wol_calendar["{$calendarid}"];
    $canviewcalendar = $vbulletin->userinfo['calendarpermissions']["{$calendarid}"] & $vbulletin->bf_ugp_calendarpermissions['canviewcalendar'];
    $canviewothersevent = $vbulletin->userinfo['calendarpermissions']["{$calendarid}"] & $vbulletin->bf_ugp_calendarpermissions['canviewothersevent'];
    if (($wol_thread["{$threadid}"]['isdeleted'] or !$wol_thread["{$threadid}"]['visible']) and !can_moderate($forumid)) {
        $threadviewable = 0;
    } else {
        $threadviewable = 1;
    }
    if ($threadviewable and $threadtitle and $canview and ($canviewothers or $postuserid == $vbulletin->userinfo['userid']) and verify_forum_password($forumid, $vbulletin->forumcache["{$forumid}"]['password'], false)) {
        $seetitle = 1;
    }
    if ($forumtitle and ($canview or $vbulletin->forumcache["{$forumid}"]['showprivate'] > 1 or !$vbulletin->forumcache["{$forumid}"]['showprivate'] and $vbulletin->options['showprivateforums'])) {
        $seeforum = 1;
    }
    if ($eventtitle and $canviewcalendar and ($canviewothersevent or $eventpostuserid == $vbulletin->userinfo['userid'])) {
        $seeevent = 1;
    }
    if ($calendartitle and $canviewcalendar) {
        $seecalendar = 1;
    }
    if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) {
        if ($userinfo['pmid']) {
            $seeuserid = $wol_pm["{$userinfo['pmid']}"];
        } else {
            if ($userinfo['searchid']) {
                $seeuserid = $wol_search["{$searchid}"]['targetuserid'];
            } else {
                if ($userinfo['infractionid']) {
                    $seeuserid = $wol_inf["{$userinfo['infractionid']}"]['userid'];
                } else {
                    $seeuserid = $userinfo['targetuserid'];
                }
            }
        }
    }
    switch ($userinfo['activity']) {
        case 'visitormessage_posting':
            $userinfo['action'] = $vbphrase['posting_visitor_message'];
            break;
        case 'visitormessage_delete':
            $userinfo['action'] = $vbphrase['deleting_visitor_message'];
            break;
        case 'viewingipaddress':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</b></i>';
            if (can_moderate()) {
                $userinfo['action'] = $vbphrase['viewing_ip_address'];
            }
            break;
        case 'visitormessage_reporting':
            $userinfo['action'] = $vbphrase['reporting_visitor_message'];
            break;
        case 'posthistory':
            $userinfo['action'] = $vbphrase['viewing_post_history'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'tags':
            $userinfo['action'] = $vbphrase['managing_tags'];
            break;
        case 'tag_list':
            $userinfo['action'] = $vbphrase['viewing_tag_list'];
            break;
        case 'socialgroups_join':
            $userinfo['action'] = $vbphrase['joining_social_group'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_leave':
            $userinfo['action'] = $vbphrase['leaving_social_group'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_edit':
            $userinfo['action'] = $vbphrase['editing_social_group'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_view':
            $userinfo['action'] = $vbphrase['viewing_social_group'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_memberlist':
            $userinfo['action'] = $vbphrase['viewing_social_group_memberlist'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewmembers&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_delete':
            $userinfo['action'] = $vbphrase['deleting_social_group'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewmembers&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'socialgroups_create':
            $userinfo['action'] = $vbphrase['creating_social_group'];
            break;
        case 'socialgroups_list':
            $userinfo['action'] = $vbphrase['viewing_social_group_list'];
            if ($canviewgroup) {
                $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;groupid={$groupid}\">{$groupname}</a>";
            }
            break;
        case 'group_inlinemod':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
            break;
        case 'showthread':
            $userinfo['action'] = $vbphrase['viewing_thread'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'showpost':
            $userinfo['action'] = $vbphrase['viewing_thread'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'forumdisplay':
            $userinfo['action'] = $vbphrase['viewing_forum'];
            if ($seeforum) {
                if ($vbulletin->forumcache["{$forumid}"]['link']) {
                    $userinfo['action'] = $vbphrase['followed_forum_link'];
                }
                $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
            }
            break;
        case 'newthread':
            $userinfo['action'] = $vbphrase['creating_thread'];
            if ($seeforum) {
                $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
            }
            break;
        case 'newreply':
            $userinfo['action'] = $vbphrase['replying_to_thread'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'attachments':
            $userinfo['action'] = $vbphrase['viewing_attachments'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="misc.php?' . $vbulletin->session->vars['sessionurl'] . "do=attachments&amp;u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'manageattachment':
            $userinfo['action'] = $vbphrase['managing_attachments'];
            break;
        case 'attachment':
            $userinfo['action'] = $vbphrase['viewing_attachment'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'index':
            $userinfo['action'] = $vbphrase['viewing_index'];
            $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . '</a>';
            break;
        case 'online':
            $userinfo['action'] = $vbphrase['viewing_whos_online'];
            break;
        case 'searchnew':
            $userinfo['action'] = $vbphrase['viewing_new_posts'];
            $userinfo['where'] = '<a href="search.php?' . $vbulletin->session->vars['sessionurl'] . "do=getnew\">{$vbphrase['new_posts']}</a>";
            break;
        case 'search':
            $userinfo['action'] = $vbphrase['searching_forums'];
            if ($searchid and $vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) {
                if ($searchquery) {
                    $userinfo['where'] = construct_phrase($vbphrase['query_x'], htmlspecialchars_uni($searchquery));
                }
                if ($searchuser and $wol_search["{$searchid}"]['targetuserid']) {
                    if ($searchquery) {
                        $userinfo['where'] .= '<br />';
                    }
                    $userinfo['where'] .= construct_phrase($vbphrase['user_x'], '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>");
                }
            }
            break;
        case 'mail':
            $userinfo['action'] = $vbphrase['emailing'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'getinfo':
            $userinfo['action'] = $vbphrase['viewing_user_profile'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'converse':
            $userinfo['action'] = $vbphrase['viewing_conversation'];
            if ($seeuserid and $wol_user["{$userinfo['guestuserid']}"]) {
                $userinfo['where'] = construct_phrase($vbphrase['x_and_y_converse'], '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>", '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['guestuserid']}\">" . $wol_user["{$userinfo['guestuserid']}"] . "</a>");
            }
            break;
        case 'editprofile':
            $userinfo['action'] = $vbphrase['modifying_profile'];
            break;
        case 'editoptions':
            $userinfo['action'] = $vbphrase['modifying_options'];
            break;
        case 'lostpw':
        case 'editpassword':
            $userinfo['action'] = $vbphrase['modifying_password'];
            break;
        case 'editavatar':
            $userinfo['action'] = $vbphrase['modifying_avatar'];
            break;
        case 'editprofilepic':
            $userinfo['action'] = $vbphrase['modifying_profilepic'];
            break;
        case 'editsignature':
            $userinfo['action'] = $vbphrase['modifying_signature'];
            break;
        case 'markread':
            $userinfo['where'] = $vbphrase['marking_forums_read'];
            break;
        case 'whoposted':
            if ($seetitle) {
                $userinfo['action'] = $vbphrase['viewing_who_posted'];
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            } else {
                $userinfo['action'] = $vbphrase['viewing_thread'];
            }
            break;
        case 'showattachments':
            if ($seetitle) {
                $userinfo['action'] = $vbphrase['viewing_attachment_list'];
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            } else {
                $userinfo['action'] = $vbphrase['viewing_thread'];
            }
            break;
        case 'showgroups':
            $userinfo['action'] = $vbphrase['viewing_forum_leaders'];
            break;
        case 'login':
            $userinfo['action'] = $vbphrase['logging_in'];
            break;
        case 'logout':
            if ($userinfo['badlocation']) {
                $userinfo['action'] = $vbphrase['logging_out'];
            }
            break;
        case 'archive':
            $userinfo['action'] = $vbphrase['viewing_archives'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . "<a href=\"archive/index.php/t-{$threadid}.html\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            } else {
                if ($seeforum) {
                    $userinfo['where'] = "<a href=\"archive/index.php/f-{$forumid}.html\">{$forumtitle}</a>";
                }
            }
            break;
        case 'pm':
            $userinfo['action'] = $vbphrase['private_messaging'];
            if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) {
                if ($seeuserid) {
                    $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
                }
                if ($userinfo['values']['do'] == 'newpm' or $userinfo['values']['do'] == 'insertpm' or $userinfo['values']['do'] == 'newmessage') {
                    $userinfo['action'] = $vbphrase['creating_private_message'];
                } else {
                    if ($userinfo['values']['do'] == 'editfolders' or $userinfo['action']['do'] == 'updatefolders') {
                        $userinfo['action'] = $vbphrase['modifying_private_message_folders'];
                    } else {
                        if ($userinfo['values']['do'] == 'trackpm' or $userinfo['values']['do'] == 'deletepmreceipt') {
                            $userinfo['action'] = $vbphrase['tracking_private_messages'];
                        } else {
                            if ($userinfo['values']['do'] == 'showpm') {
                                $userinfo['action'] = $vbphrase['viewing_private_message'];
                            } else {
                                if ($userinfo['values']['do'] == 'downloadpm') {
                                    $userinfo['action'] = $vbphrase['downloading_private_messages'];
                                }
                            }
                        }
                    }
                }
            }
            break;
        case 'addbuddy':
        case 'addignore':
        case 'buddyignore':
            $userinfo['action'] = $vbphrase['modifying_contact_ignore_list'];
            break;
        case 'subfolders':
            $userinfo['action'] = $vbphrase['modifying_subscription_folders'];
            break;
        case 'subscription':
            $userinfo['action'] = $vbphrase['viewing_subscribed_threads'];
            break;
        case 'addsubforum':
            $userinfo['action'] = $vbphrase['subscribing_to_forum'];
            if ($seeforum) {
                $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
            }
            break;
        case 'addsubthread':
            $userinfo['action'] = $vbphrase['subscribing_to_thread'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'remsubthread':
            $userinfo['action'] = $vbphrase['deleting_subscribed_threads'];
            break;
        case 'remsubforum':
            $userinfo['action'] = $vbphrase['deleting_subscribed_forums'];
            break;
        case 'usercp':
            $userinfo['action'] = $vbphrase['viewing_user_control_panel'];
            break;
        case 'memberlistsearch':
            $userinfo['action'] = $vbphrase['searching_member_list'];
            break;
        case 'memberlist':
            $userinfo['action'] = $vbphrase['viewing_member_list'];
            break;
        case 'member_inlinemod':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
            if (can_moderate()) {
                if ($seeuserid) {
                    $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
                }
            }
            break;
        case 'inlinemod':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
            if (can_moderate()) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
                switch ($userinfo['values']['do']) {
                    case 'open':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_opening_threads'] . '</i>';
                        break;
                    case 'close':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_closing_threads'] . '</i>';
                        break;
                    case 'stick':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_sticking_threads'] . '</i>';
                        break;
                    case 'unstick':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unsticking_threads'] . '</i>';
                        break;
                    case 'deletethread':
                    case 'dodeletethreads':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_deleting_threads'] . '</i>';
                        break;
                    case 'undeletethread':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_undeleting_threads'] . '</i>';
                        break;
                    case 'approvethread':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_approving_threads'] . '</i>';
                        break;
                    case 'unapprovethread':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unapproving_threads'] . '</i>';
                        break;
                    case 'movethread':
                    case 'domovethreads':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_moving_threads'] . '</i>';
                        break;
                    case 'mergethread':
                    case 'domergethreads':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_merging_threads'] . '</i>';
                        break;
                    case 'deleteposts':
                    case 'dodeleteposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_deleting_posts'] . '</i>';
                        break;
                    case 'undeleteposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_undeleting_posts'] . '</i>';
                        break;
                    case 'approveposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_approving_posts'] . '</i>';
                        break;
                    case 'unapproveposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unapproving_posts'] . '</i>';
                        break;
                    case 'mergeposts':
                    case 'domergeposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_merging_posts'] . '</i>';
                        break;
                    case 'moveposts':
                    case 'domoveposts':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_moving_posts'] . '</i>';
                        break;
                    case 'clearthread':
                    case 'clearpost':
                        $userinfo['action'] = '<i>' . $vbphrase['inline_mod_clear'] . '</i>';
                        break;
                    case 'spampost':
                    case 'dodeletespam':
                    case 'spamconfirm':
                        $userinfo['action'] = '<i>' . $vbphrase['managing_spam'] . '</i>';
                        break;
                }
            }
            break;
        case 'postings':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</b></i>';
            if (can_moderate($forumid) and $threadtitle and $canview and ($canviewothers or $postuserid == $vbulletin->userinfo['userid'])) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
                switch ($userinfo['values']['do']) {
                    case 'editthread':
                    case 'updatethread':
                        $userinfo['action'] = '<i>' . $vbphrase['modifying_thread'] . '</i>';
                        break;
                    case 'openclosethread':
                        $userinfo['action'] = '<i>' . $vbphrase['open_close_thread'] . '</i>';
                        break;
                    case 'movethread':
                        $userinfo['action'] = '<i>' . $vbphrase['choosing_forum_to_move_thread_to'] . '</i>';
                        break;
                    case 'domovethread':
                        switch ($userinfo['values']['method']) {
                            case 'copy':
                                $userinfo['action'] = '<i>' . $vbphrase['copying_thread_to_forum'] . '</i>';
                                break;
                            case 'move':
                                $userinfo['action'] = '<i>' . $vbphrase['moving_thread_to_forum'] . '</i>';
                                break;
                            case 'movered':
                                $userinfo['action'] = '<i>' . $vbphrase['moving_thread_with_redirect_to_forum'] . '</i>';
                                break;
                        }
                        $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a><br />" . '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
                        break;
                    case 'deletethread':
                    case 'dodeletethread':
                        $userinfo['action'] = '<i>' . $vbphrase['deleting_thread'] . '</i>';
                        break;
                    case 'deleteposts':
                    case 'dodeleteposts':
                        $userinfo['where'] = '<i>' . $vbphrase['deleting_posts'] . '</i>';
                        break;
                    case 'merge':
                    case 'domergethread':
                        $userinfo['where'] = '<i>' . $vbphrase['merging_threads'] . '</i>';
                        break;
                    case 'stick':
                        $userinfo['where'] = '<i>' . $vbphrase['stick_unstick_thread'] . '</i>';
                        break;
                    case 'getip':
                        $userinfo['where'] = '<i>' . $vbphrase['viewing_ip_address'] . '</i>';
                        break;
                    case 'removeredirect':
                        $userinfo['where'] = '<i>' . $vbphrase['deleting_redirect'] . '</i>';
                        break;
                }
            }
            break;
        case 'register':
            $userinfo['action'] = $vbphrase['registering'];
            break;
        case 'requestemail':
            $userinfo['action'] = $vbphrase['request_activation_code'];
            break;
        case 'activate':
            $userinfo['action'] = $vbphrase['activating_registration'];
            break;
        case 'announcement':
            $userinfo['action'] = $vbphrase['viewing_announcement'];
            if ($seeforum) {
                $userinfo['where'] = '<a href="announcement.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
            }
            break;
        case 'usergroup':
            $userinfo['action'] = $vbphrase['modifying_usergroups'];
            break;
        case 'polls':
            switch ($userinfo['values']['do']) {
                case 'showresults':
                    $userinfo['action'] = $vbphrase['viewing_poll'];
                    break;
                case '':
                case 'newpoll':
                case 'postpoll':
                    $userinfo['action'] = $vbphrase['creating_poll'];
                    if ($seeforum) {
                        $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>";
                    }
                    break;
                case 'polledit':
                case 'updatepoll':
                    $userinfo['action'] = $vbphrase['modifying_poll'];
                    break;
                case 'pollvote':
                    $userinfo['action'] = $vbphrase['voting'];
                    break;
            }
            break;
        case 'showsmilies':
            $userinfo['action'] = $vbphrase['viewing_smilies'];
            break;
        case 'showavatars':
            $userinfo['action'] = $vbphrase['viewing_avatars'];
            break;
        case 'bbcode':
            $userinfo['action'] = $vbphrase['viewing_bb_code'];
            break;
        case 'faq':
            $userinfo['action'] = $vbphrase['viewing_faq'];
            break;
        case 'edit':
            $userinfo['action'] = $vbphrase['modifying_post'];
            if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'sendto':
            $userinfo['action'] = $vbphrase['sending_thread_to_friend'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="printthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'contactus':
            $userinfo['action'] = $vbphrase['sending_forum_feedback'];
            break;
        case 'aim':
            $userinfo['action'] = $vbphrase['sending_aim_message'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'msn':
            $userinfo['action'] = $vbphrase['sending_msn_message'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'yahoo':
            $userinfo['action'] = $vbphrase['sending_yahoo_message'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'icq':
            $userinfo['action'] = $vbphrase['sending_icq_message'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'skype':
            $userinfo['action'] = $vbphrase['sending_skype_message'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'report':
            if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            $userinfo['action'] = $vbphrase['reporting_post'];
            break;
        case 'printthread':
            $userinfo['action'] = $vbphrase['viewing_printable_version'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="printthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'calendarweek':
            $userinfo['action'] = $vbphrase['viewing_calendar'];
            if ($seecalendar) {
                if ($userinfo['week']) {
                    $week = "&amp;week={$userinfo['week']}";
                }
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displayweek&amp;c={$calendarid}{$week}\">{$calendartitle}</a>";
            }
            break;
        case 'calendarmonth':
            $userinfo['action'] = $vbphrase['viewing_calendar'];
            if ($seecalendar) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displaymonth&amp;c={$calendarid}&amp;month={$userinfo['month']}&amp;year={$userinfo['year']}\">{$calendartitle}</a>";
            }
            break;
        case 'calendaryear':
            $userinfo['action'] = $vbphrase['viewing_calendar'];
            if ($seecalendar) {
                if ($userinfo['year']) {
                    $year = "&amp;year={$userinfo['year']}";
                }
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displayyear&amp;c={$calendarid}{$year}\">{$calendartitle}</a>";
            }
            break;
        case 'calendarday':
            $userinfo['action'] = $vbphrase['viewing_calendar'];
            if ($seecalendar) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getday&amp;c={$calendarid}&amp;day={$userinfo['day']}\">{$calendartitle}</a>";
            }
            break;
        case 'calendarevent':
            $userinfo['action'] = $vbphrase['viewing_event'];
            if ($seeevent) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&amp;e={$eventid}\">{$eventtitle}</a>";
            }
            break;
        case 'calendaradd':
        case 'calendaraddrecur':
            $userinfo['action'] = $vbphrase['creating_event'];
            if ($seecalendar) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "c={$calendarid}\">{$calendartitle}</a>";
            }
            break;
        case 'calendaredit':
            $userinfo['action'] = $vbphrase['modifying_event'];
            if ($seeevent) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&amp;e={$eventid}\">{$eventtitle}</a>";
            }
            break;
        case 'calreminder':
            $userinfo['action'] = $vbphrase['managing_reminder'];
            if ($seeevent) {
                $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&amp;e={$eventid}\">{$eventtitle}</a>";
            }
            break;
        case 'newusernote':
            $userinfo['action'] = $vbphrase['creating_user_note'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="usernote.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewuser&amp;u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'usernote':
            $userinfo['action'] = $vbphrase['viewing_user_note'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="usernote.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewuser&amp;u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'reputation':
            $userinfo['action'] = $vbphrase['giving_reputation'];
            if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'joinrequests':
            $userinfo['action'] = $vbphrase['processing_joinrequests'];
            if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $vbulletin->usergroupcache["{$userinfo['usergroupid']}"]['title']) {
                $userinfo['where'] = construct_phrase($vbphrase['viewing_x'], $vbulletin->usergroupcache["{$userinfo['usergroupid']}"]['title']);
            }
            break;
        case 'threadrate':
            $userinfo['action'] = $vbphrase['rating_thread'];
            if ($seetitle) {
                $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
            }
            break;
        case 'infractionreport':
            if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] or $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) {
                $userinfo['action'] = $vbphrase['giving_infraction'];
                if ($seeuserid) {
                    $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
                } else {
                    if ($seetitle) {
                        $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>";
                    }
                }
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'infractionreverse':
            if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] or $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) {
                $userinfo['action'] = $vbphrase['reversing_infraction'];
                if ($seeuserid) {
                    $userinfo['where'] = '<a href="infraction.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;infractionid={$userinfo['infractionid']}\">{$wol_user[$seeuserid]}</a>";
                }
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'infractionview':
            if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] or $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) {
                $userinfo['action'] = $vbphrase['viewing_infraction'];
                if ($seeuserid) {
                    $userinfo['where'] = '<a href="infraction.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&amp;infractionid={$userinfo['infractionid']}\">{$wol_user[$seeuserid]}</a>";
                }
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_deletedthreads':
            if (can_moderate()) {
                $userinfo['action'] = $vbphrase['viewing_deleted_threads'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_deletedposts':
            if (can_moderate()) {
                $userinfo['action'] = $vbphrase['viewing_deleted_posts'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_deletedvms':
            if (can_moderate(0, 'canmoderatevisitormessages')) {
                $userinfo['action'] = $vbphrase['viewing_deleted_visitor_messages'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_deletedgms':
            if (can_moderate(0, 'canmoderategroupmessages')) {
                $userinfo['action'] = $vbphrase['viewing_deleted_social_group_messages'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_deletedpcs':
            if (can_moderate(0, 'canmoderatepicturecomments')) {
                $userinfo['action'] = $vbphrase['viewing_deleted_picture_comments'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedthreads':
            if (can_moderate(0, 'canmoderateposts')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_threads'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedposts':
            if (can_moderate(0, 'canmoderateposts')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_posts'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedvms':
            if (can_moderate(0, 'canmoderatevisitormessages')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_visitor_messages'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedgms':
            if (can_moderate(0, 'canmoderategroupmessages')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_social_group_messages'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedpcs':
            if (can_moderate(0, 'canmoderatepicturecomments')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_picture_comments'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'modcp_moderatedpictures':
            if (can_moderate(0, 'canmoderatepictures')) {
                $userinfo['action'] = $vbphrase['viewing_moderated_pictures'];
            } else {
                $userinfo['action'] = $vbphrase['viewing_index'];
            }
            break;
        case 'payments':
            $userinfo['action'] = $vbphrase['viewing_paid_subscriptions'];
            break;
        case 'spider':
            $userinfo['action'] = $vbphrase['search_engine_spider'];
            break;
        case 'admincp':
            $userinfo['action'] = $vbphrase['admin_control_panel'];
            break;
        case 'admincplogin':
            $userinfo['action'] = $vbphrase['admin_control_panel_login'];
            break;
        case 'modcp':
            $userinfo['action'] = $vbphrase['moderator_control_panel'];
            break;
        case 'modcplogin':
            $userinfo['action'] = $vbphrase['moderator_control_panel_login'];
            break;
        case 'album_delete':
            $userinfo['action'] = $vbphrase['deleting_album'];
            break;
        case 'album_edit_album':
            $userinfo['action'] = $vbphrase['editing_album'];
            if ($canviewalbum) {
                $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>";
            }
            break;
        case 'album_new_album':
            $userinfo['action'] = $vbphrase['creating_album'];
            break;
        case 'album_edit_picture':
            $userinfo['action'] = $vbphrase['editing_pictures'];
            if ($canviewalbum) {
                if (!empty($userinfo['pictureid'])) {
                    $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}&amp;pictureid=" . $userinfo['pictureid'] . "\">{$albumname}</a>";
                } else {
                    $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>";
                }
            }
            break;
        case 'album_upload':
            $userinfo['action'] = $vbphrase['uploading_pictures'];
            if ($canviewalbum) {
                $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>";
            }
            break;
        case 'album_picture':
            $userinfo['action'] = $vbphrase['viewing_picture'];
            if ($canviewalbum) {
                if (!empty($userinfo['pictureid'])) {
                    $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}&amp;pictureid=" . $userinfo['pictureid'] . "\">{$albumname}</a>";
                } else {
                    $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>";
                }
            }
            break;
        case 'album_album':
            $userinfo['action'] = $vbphrase['viewing_album'];
            if ($canviewalbum) {
                $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>";
            }
            break;
        case 'album_user':
            $userinfo['action'] = $vbphrase['viewing_users_album'];
            if ($seeuserid) {
                $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "userid={$seeuserid}\">{$wol_user[$seeuserid]}</a>";
            }
            break;
        case 'album_unread_comments':
            $userinfo['action'] = $vbphrase['viewing_unread_picture_comments'];
            break;
        case 'album_moderated_comments':
            $userinfo['action'] = $vbphrase['viewing_picture_comments_awaiting_approval'];
            break;
        case 'picturecomment_posting':
            $userinfo['action'] = $vbphrase['posting_picture_comment'];
            break;
        case 'picturecomment_delete':
            $userinfo['action'] = $vbphrase['deleting_picture_comment'];
            break;
        case 'picturecomment_reporting':
            $userinfo['action'] = $vbphrase['reporting_picture_comment'];
            break;
        case 'picture_inlinemod':
            $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>';
            break;
        default:
            $handled = false;
            ($hook = vBulletinHook::fetch_hook('online_location_unknown')) ? eval($hook) : false;
            if ($handled == false) {
                if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad']) {
                    require_once DIR . '/includes/functions_login.php';
                    $userinfo['location'] = fetch_replaced_session_url(stripslashes($userinfo['location']));
                    $userinfo['where'] = "<a href=\"{$userinfo['location']}\">{$userinfo['location']}</a>";
                    $userinfo['action'] = '<b>' . $vbphrase['unknown_location'] . '</b>';
                } else {
                    // We were unable to parse the location
                    $userinfo['action'] = $vbphrase['viewing_index'];
                    $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>";
                }
            }
    }
    if ($userinfo['badlocation'] == 1) {
        // User received 'no permissions screen'
        if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad'] or $userinfo['userid'] == $vbulletin->userinfo['userid']) {
            $show['nopermission'] = true;
        } else {
            $userinfo['action'] = $vbphrase['viewing_index'];
            $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>";
        }
    } else {
        if ($userinfo['badlocation'] == 2) {
            // Forum is locked
            $show['lockedout'] = true;
        } else {
            if ($userinfo['badlocation'] == 3) {
                // User received error screen
                if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad'] or $userinfo['userid'] == $vbulletin->userinfo['userid']) {
                    $show['errormessage'] = true;
                } else {
                    $userinfo['action'] = $vbphrase['viewing_index'];
                    $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>";
                }
            }
        }
    }
    if (!($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinelocation'])) {
        unset($userinfo['location']);
    }
    $userinfo['host_encoded'] = urlencode($userinfo['host']);
    if ($vbulletin->options['yestoday'] == 2) {
        $userinfo['time'] = vbdate($vbulletin->options['dateformat'], $userinfo['lastactivity'], 1);
    } else {
        $userinfo['time'] = vbdate($vbulletin->options['timeformat'], $userinfo['lastactivity']);
    }
    $wol_post['userid'] = $userinfo['userid'];
    $wol_post['username'] = $userinfo['realname'];
    ($hook = vBulletinHook::fetch_hook('online_bit_complete')) ? eval($hook) : false;
    if ($doall) {
        $show['loggedinuser'] = iif($userinfo['userid'], true, false);
        $show['buddy'] = iif($userinfo['buddy'], true, false);
        if ($userinfo['spider']) {
            $show['spider'] = true;
            if (!$userinfo['spidertype'] or !($spidertype = construct_phrase($vbphrase["x_spider_{$userinfo['spidertype']}"], $userinfo['spider']))) {
                $spidertype = construct_phrase($vbphrase['x_spider_searchspider'], $userinfo['spider']);
            }
        } else {
            $show['spider'] = false;
        }
        $show['reallocation'] = iif($userinfo['location'], true, false);
        $show['subscribed'] = iif($wol_thread["{$threadid}"]['issubscribed'] and $seetitle, true, false);
        $show['where'] = iif($userinfo['where'], true, false);
        eval('$onlinebits = "' . fetch_template('whosonlinebit') . '";');
        return $onlinebits;
    } else {
        return $userinfo;
    }
}
Exemple #30
0
function do_moderation()
{
    global $vbulletin, $db, $foruminfo, $forumperms, $threadinfo, $postinfo, $vbphrase, $threadid;
    $postlimit = 400;
    $threadlimit = 200;
    $threadarray = array();
    $postarray = array();
    $postinfos = array();
    $forumlist = array();
    $threadlist = array();
    switch ($_REQUEST['do']) {
        case 'openclosethread':
        case 'dodeletethread':
        case 'domovethread':
        case 'updatethread':
        case 'domergethread':
        case 'stick':
        case 'removeredirect':
        case 'deletethread':
        case 'deleteposts':
        case 'movethread':
        case 'copythread':
        case 'editthread':
        case 'mergethread':
        case 'moderatethread':
            if (!$threadinfo['threadid']) {
                standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink']));
            }
    }
    if ($_REQUEST['do'] == 'getforums') {
        $forums = array();
        get_forums(-1, $forums);
        return array('forums' => $forums);
    }
    if ($threadinfo['forumid']) {
        $forumperms = fetch_permissions($threadinfo['forumid']);
        if ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
            json_error(ERR_NO_PERMISSION);
        }
    }
    // Open/Close Thread
    if ($_POST['do'] == 'openclosethread') {
        if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
            if (can_moderate($threadinfo['forumid'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']));
            }
        }
        // permission check
        if (!can_moderate($threadinfo['forumid'], 'canopenclose')) {
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                if (!is_first_poster($threadid)) {
                    json_error(ERR_NO_PERMISSION);
                }
            }
        }
        // check if there is a forum password and if so, ensure the user has it set
        verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
        // handles mod log
        $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost');
        $threadman->set_existing($threadinfo);
        $threadman->set('open', $threadman->fetch_field('open') == 1 ? 0 : 1);
        ($hook = vBulletinHook::fetch_hook('threadmanage_openclose')) ? eval($hook) : false;
        $threadman->save();
    }
    // Stick/Unstick Thread
    if ($_POST['do'] == 'stick') {
        if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
            if (can_moderate($threadinfo['forumid'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']));
            }
        }
        if (!can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
            json_error(ERR_NO_PERMISSION);
        }
        // check if there is a forum password and if so, ensure the user has it set
        verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
        // handles mod log
        $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
        $threadman->set_existing($threadinfo);
        $threadman->set('sticky', $threadman->fetch_field('sticky') == 1 ? 0 : 1);
        ($hook = vBulletinHook::fetch_hook('threadmanage_stickunstick')) ? eval($hook) : false;
        $threadman->save();
    }
    // Delete Thread
    if ($_POST['do'] == 'dodeletethread') {
        $vbulletin->input->clean_array_gpc('p', array('deletetype' => TYPE_UINT, 'deletereason' => TYPE_STR, 'keepattachments' => TYPE_BOOL));
        $vbulletin->GPC['deletereason'] = prepare_remote_utf8_string($vbulletin->GPC['deletereason']);
        if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'canremoveposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
            if (can_moderate($threadinfo['forumid'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']));
            }
        }
        $physicaldel = false;
        if (!can_moderate($threadinfo['forumid'], 'candeleteposts') and !can_moderate($threadinfo['forumid'], 'canremoveposts')) {
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                if ($threadinfo['dateline'] < TIMENOW - $vbulletin->options['edittimelimit'] * 60 and $vbulletin->options['edittimelimit'] != 0) {
                    json_error(ERR_NO_PERMISSION);
                } else {
                    if (!$threadinfo['open']) {
                        json_error(ERR_NO_PERMISSION);
                    }
                    if (!is_first_poster($threadinfo['threadid'])) {
                        json_error(ERR_NO_PERMISSION);
                    }
                }
            }
        } else {
            if (!can_moderate($threadinfo['forumid'], 'canremoveposts')) {
                $physicaldel = false;
            } else {
                if (!can_moderate($threadinfo['forumid'], 'candeleteposts')) {
                    $physicaldel = true;
                } else {
                    $physicaldel = iif($vbulletin->GPC['deletetype'] == 1, false, true);
                }
            }
        }
        // check if there is a forum password and if so, ensure the user has it set
        verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
        $delinfo = array('userid' => $vbulletin->userinfo['userid'], 'username' => $vbulletin->userinfo['username'], 'reason' => $vbulletin->GPC['deletereason'], 'keepattachments' => $vbulletin->GPC['keepattachments']);
        $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost');
        $threadman->set_existing($threadinfo);
        $threadman->delete($foruminfo['countposts'], $physicaldel, $delinfo);
        unset($threadman);
        build_forum_counters($threadinfo['forumid']);
    }
    // Delete Posts
    if ($_POST['do'] == 'dodeleteposts') {
        $vbulletin->input->clean_array_gpc('p', array('postids' => TYPE_STR));
        $postids = explode(',', $vbulletin->GPC['postids']);
        foreach ($postids as $index => $postid) {
            if (intval($postid) == 0) {
                unset($postids["{$index}"]);
            } else {
                $postids["{$index}"] = intval($postid);
            }
        }
        if (empty($postids)) {
            standard_error(fetch_error('no_applicable_posts_selected'));
        }
        if (count($postids) > 400) {
            standard_error(fetch_error('you_are_limited_to_working_with_x_posts', $postlimit));
        }
        $vbulletin->input->clean_array_gpc('p', array('deletetype' => TYPE_UINT, 'keepattachments' => TYPE_BOOL, 'deletereason' => TYPE_STR));
        $vbulletin->GPC['deletereason'] = prepare_remote_utf8_string($vbulletin->GPC['deletereason']);
        $physicaldel = iif($vbulletin->GPC['deletetype'] == 1, false, true);
        // Validate posts
        $posts = $db->query_read_slave("\n\t\tSELECT post.postid, post.threadid, post.parentid, post.visible, post.title, post.userid AS posteruserid,\n\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.firstpostid, thread.visible AS thread_visible\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\tWHERE postid IN (" . implode(',', $postids) . ")\n\t\tORDER BY postid\n\t");
        $deletethreads = array();
        $firstpost = array();
        while ($post = $db->fetch_array($posts)) {
            $forumperms = fetch_permissions($post['forumid']);
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $post['postuserid'] != $vbulletin->userinfo['userid']) {
                json_error(ERR_NO_PERMISSION);
            }
            if ((!$post['visible'] or !$post['thread_visible']) and !can_moderate($post['forumid'], 'canmoderateposts')) {
                standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts'));
            } else {
                if (($post['visible'] == 2 or $post['thread_visible'] == 2) and !can_moderate($post['forumid'], 'candeleteposts')) {
                    standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                } else {
                    if (!can_moderate($post['forumid'], 'canremoveposts') and !can_moderate($post['forumid'], 'candeleteposts')) {
                        standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                    }
                }
            }
            if (!can_moderate($post['forumid'], 'canremoveposts') and $physicaldel) {
                standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
            } else {
                if (!physicaldel and (!can_moderate($post['forumid'], 'candeleteposts') and ($post['posteruserid'] != $vbulletin->userinfo['userid'] or !($vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['candeletepost'])))) {
                    standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                }
            }
            $postarray["{$post['postid']}"] = $post;
            $threadlist["{$post['threadid']}"] = true;
            $forumlist["{$post['forumid']}"] = true;
            if ($post['firstpostid'] == $post['postid']) {
                // deleting a thread so do not decremement the counters of any other posts in this thread
                $firstpost["{$post['threadid']}"] = true;
            } else {
                if (!empty($firstpost["{$post['threadid']}"])) {
                    $postarray["{$post['postid']}"]['skippostcount'] = true;
                }
            }
        }
        if (empty($postarray)) {
            standard_error(fetch_error('no_applicable_posts_selected'));
        }
        $firstpost = false;
        $gotothread = true;
        foreach ($postarray as $postid => $post) {
            $foruminfo = fetch_foruminfo($post['forumid']);
            $postman =& datamanager_init('Post', $vbulletin, ERRTYPE_SILENT, 'threadpost');
            $postman->set_existing($post);
            $postman->delete($foruminfo['countposts'] and !$post['skippostcount'], $post['threadid'], $physicaldel, array('userid' => $vbulletin->userinfo['userid'], 'username' => $vbulletin->userinfo['username'], 'reason' => $vbulletin->GPC['deletereason'], 'keepattachments' => $vbulletin->GPC['keepattachments']));
            unset($postman);
        }
        foreach (array_keys($threadlist) as $threadid) {
            build_thread_counters($threadid);
        }
        foreach (array_keys($forumlist) as $forumid) {
            build_forum_counters($forumid);
        }
        ($hook = vBulletinHook::fetch_hook('inlinemod_dodeleteposts')) ? eval($hook) : false;
    }
    // Move Thread
    if ($_POST['do'] == 'domovethread') {
        $vbulletin->input->clean_array_gpc('p', array('destforumid' => TYPE_UINT, 'redirect' => TYPE_STR, 'title' => TYPE_NOHTML, 'redirectprefixid' => TYPE_NOHTML, 'redirecttitle' => TYPE_NOHTML, 'period' => TYPE_UINT, 'frame' => TYPE_STR));
        $vbulletin->GPC['title'] = prepare_remote_utf8_string($vbulletin->GPC['title']);
        $vbulletin->GPC['redirecttitle'] = prepare_remote_utf8_string($vbulletin->GPC['redirecttitle']);
        $vbulletin->GPC['redirectprefixid'] = prepare_remote_utf8_string($vbulletin->GPC['redirectprefixid']);
        if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
            if (can_moderate($threadinfo['forumid'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']));
            }
        }
        // check whether dest can contain posts
        $destforumid = verify_id('forum', $vbulletin->GPC['destforumid']);
        $destforuminfo = fetch_foruminfo($destforumid);
        if (!$destforuminfo['cancontainthreads'] or $destforuminfo['link']) {
            standard_error(fetch_error('moveillegalforum'));
        }
        if ($threadinfo['isdeleted'] and !can_moderate($destforuminfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($destforuminfo['forumid'], 'canmoderateposts')) {
            ## Insert proper phrase about not being able to move a hidden thread to a forum you can't moderateposts in or a deleted thread to a forum you can't deletethreads in
            standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']));
        }
        // check source forum permissions
        if (!can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canmove'])) {
                json_error(ERR_NO_PERMISSION);
            } else {
                if (!$threadinfo['open'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'])) {
                    json_error(ERR_NO_PERMISSION);
                }
                if (!is_first_poster($threadid)) {
                    json_error(ERR_NO_PERMISSION);
                }
            }
        }
        // check destination forum permissions
        $destforumperms = fetch_permissions($destforuminfo['forumid']);
        if (!($destforumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
            json_error(ERR_NO_PERMISSION);
        }
        // check if there is a forum password and if so, ensure the user has it set
        verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
        verify_forum_password($destforuminfo['forumid'], $destforuminfo['password']);
        // check to see if this thread is being returned to a forum it's already been in
        // if a redirect exists already in the destination forum, remove it
        if ($checkprevious = $db->query_first_slave("SELECT threadid FROM " . TABLE_PREFIX . "thread WHERE forumid = {$destforuminfo['forumid']} AND open = 10 AND pollid = {$threadid}")) {
            $old_redirect =& datamanager_init('Thread', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
            $old_redirect->set_existing($checkprevious);
            $old_redirect->delete(false, true, NULL, false);
            unset($old_redirect);
        }
        // check to see if this thread is being moved to the same forum it's already in but allow copying to the same forum
        if ($destforuminfo['forumid'] == $threadinfo['forumid'] and $vbulletin->GPC['redirect']) {
            standard_error(fetch_error('movesameforum'));
        }
        ($hook = vBulletinHook::fetch_hook('threadmanage_move_start')) ? eval($hook) : false;
        if ($vbulletin->GPC['title'] != '' and $vbulletin->GPC['title'] != $threadinfo['title']) {
            $oldtitle = $threadinfo['title'];
            $threadinfo['title'] = unhtmlspecialchars($vbulletin->GPC['title']);
            $updatetitle = true;
        } else {
            $oldtitle = $threadinfo['title'];
            $updatetitle = false;
        }
        if ($vbulletin->GPC['redirect'] == 'none') {
            $method = 'move';
        } else {
            $method = 'movered';
        }
        switch ($method) {
            // ***************************************************************
            // move the thread wholesale into the destination forum
            case 'move':
                // update forumid/notes and unstick to prevent abuse
                $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost');
                $threadman->set_info('skip_moderator_log', true);
                $threadman->set_existing($threadinfo);
                if ($updatetitle) {
                    $threadman->set('title', $threadinfo['title']);
                    if ($vbulletin->options['similarthreadsearch']) {
                        require_once DIR . '/includes/functions_search.php';
                        $threadman->set('similar', fetch_similar_threads(fetch_censored_text($vbulletin->GPC['title']), $threadinfo['threadid']));
                    }
                } else {
                    // Bypass check since title wasn't modified
                    $threadman->set('title', $threadinfo['title'], true, false);
                }
                $threadman->set('forumid', $destforuminfo['forumid']);
                // If mod can not manage threads in destination forum then unstick thread
                if (!can_moderate($destforuminfo['forumid'], 'canmanagethreads')) {
                    $threadman->set('sticky', 0);
                }
                ($hook = vBulletinHook::fetch_hook('threadmanage_move_simple')) ? eval($hook) : false;
                $threadman->save();
                log_moderator_action($threadinfo, 'thread_moved_to_x', $destforuminfo['title']);
                break;
                // ***************************************************************
                // ***************************************************************
                // move the thread into the destination forum and leave a redirect
            // ***************************************************************
            // ***************************************************************
            // move the thread into the destination forum and leave a redirect
            case 'movered':
                $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost');
                $threadman->set_info('skip_moderator_log', true);
                $threadman->set_existing($threadinfo);
                if ($updatetitle) {
                    $threadman->set('title', $threadinfo['title']);
                    if ($vbulletin->options['similarthreadsearch']) {
                        require_once DIR . '/includes/functions_search.php';
                        $threadman->set('similar', fetch_similar_threads(fetch_censored_text($vbulletin->GPC['title']), $threadinfo['threadid']));
                    }
                } else {
                    // Bypass check since title wasn't modified
                    $threadman->set('title', $threadinfo['title'], true, false);
                }
                $threadman->set('forumid', $destforuminfo['forumid']);
                // If mod can not manage threads in destination forum then unstick thread
                if (!can_moderate($destforuminfo['forumid'], 'canmanagethreads')) {
                    $threadman->set('sticky', 0);
                }
                ($hook = vBulletinHook::fetch_hook('threadmanage_move_redirect_orig')) ? eval($hook) : false;
                $threadman->save();
                unset($threadman);
                if ($threadinfo['visible'] == 1) {
                    // Insert redirect for visible thread
                    log_moderator_action($threadinfo, 'thread_moved_with_redirect_to_a', $destforuminfo['title']);
                    $redirdata = array('lastpost' => intval($threadinfo['lastpost']), 'forumid' => intval($threadinfo['forumid']), 'pollid' => intval($threadinfo['threadid']), 'open' => 10, 'replycount' => intval($threadinfo['replycount']), 'postusername' => $threadinfo['postusername'], 'postuserid' => intval($threadinfo['postuserid']), 'lastposter' => $threadinfo['lastposter'], 'dateline' => intval($threadinfo['dateline']), 'views' => intval($threadinfo['views']), 'iconid' => intval($threadinfo['iconid']), 'visible' => 1);
                    $redir =& datamanager_init('Thread', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
                    foreach (array_keys($redirdata) as $field) {
                        // bypassing the verify_* calls; this data should be valid as is
                        $redir->setr($field, $redirdata["{$field}"], true, false);
                    }
                    if ($updatetitle) {
                        if (empty($vbulletin->GPC['redirecttitle'])) {
                            $redir->set('title', $threadinfo['title']);
                        } else {
                            $redir->set('title', unhtmlspecialchars($vbulletin->GPC['redirecttitle']));
                        }
                    } else {
                        // Bypass check since title wasn't modified
                        if (empty($vbulletin->GPC['redirecttitle'])) {
                            $redir->set('title', $threadinfo['title'], true, false);
                        } else {
                            $redir->set('title', unhtmlspecialchars($vbulletin->GPC['redirecttitle']));
                        }
                    }
                    require_once DIR . '/includes/functions_prefix.php';
                    if (can_use_prefix($vbulletin->GPC['redirectprefixid'])) {
                        $redir->set('prefixid', $vbulletin->GPC['redirectprefixid']);
                    }
                    ($hook = vBulletinHook::fetch_hook('threadmanage_move_redirect_notice')) ? eval($hook) : false;
                    if ($redirthreadid = $redir->save() and $vbulletin->GPC['redirect'] == 'expires') {
                        switch ($vbulletin->GPC['frame']) {
                            case 'h':
                                $expires = mktime(date('H') + $vbulletin->GPC['period'], date('i'), date('s'), date('m'), date('d'), date('y'));
                                break;
                            case 'd':
                                $expires = mktime(date('H'), date('i'), date('s'), date('m'), date('d') + $vbulletin->GPC['period'], date('y'));
                                break;
                            case 'w':
                                $expires = $vbulletin->GPC['period'] * 60 * 60 * 24 * 7 + TIMENOW;
                                break;
                            case 'y':
                                $expires = mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y') + $vbulletin->GPC['period']);
                                break;
                            case 'm':
                            default:
                                $expires = mktime(date('H'), date('i'), date('s'), date('m') + $vbulletin->GPC['period'], date('d'), date('y'));
                        }
                        $db->query_write("\n\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "threadredirect\n\t\t\t\t\t\t\t(threadid, expires)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t({$redirthreadid}, {$expires})\n\t\t\t\t\t");
                    }
                    unset($redir);
                } else {
                    // leave no redirect for hidden or deleted threads
                    log_moderator_action($threadinfo, 'thread_moved_to_x', $destforuminfo['title']);
                }
                break;
                // ***************************************************************
        }
        // end switch($method)
        // kill the cache for the old thread
        delete_post_cache_threads(array($threadinfo['threadid']));
        // Update Post Count if we move from a counting forum to a non counting or vice-versa..
        // Source Dest  Visible Thread    Hidden Thread
        // Yes    Yes   ~           	  ~
        // Yes    No    -visible          ~
        // No     Yes   +visible          ~
        // No     No    ~                 ~
        if ($threadinfo['visible'] and ($method == 'move' or $method == 'movered') and ($foruminfo['countposts'] and !$destforuminfo['countposts'] or !$foruminfo['countposts'] and $destforuminfo['countposts'])) {
            $posts = $db->query_read_slave("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "post\n\t\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\t\tAND\tuserid > 0\n\t\t\t\tAND visible = 1\n\t\t");
            $userbyuserid = array();
            while ($post = $db->fetch_array($posts)) {
                if (!isset($userbyuserid["{$post['userid']}"])) {
                    $userbyuserid["{$post['userid']}"] = 1;
                } else {
                    $userbyuserid["{$post['userid']}"]++;
                }
            }
            if (!empty($userbyuserid)) {
                $userbypostcount = array();
                foreach ($userbyuserid as $postuserid => $postcount) {
                    $alluserids .= ",{$postuserid}";
                    $userbypostcount["{$postcount}"] .= ",{$postuserid}";
                }
                foreach ($userbypostcount as $postcount => $userids) {
                    $casesql .= " WHEN userid IN (0{$userids}) THEN {$postcount}";
                }
                $operator = $destforuminfo['countposts'] ? '+' : '-';
                $db->query_write("\n\t\t\t\tUPDATE " . TABLE_PREFIX . "user\n\t\t\t\tSET posts = CAST(posts AS SIGNED) {$operator}\n\t\t\t\t\tCASE\n\t\t\t\t\t\t{$casesql}\n\t\t\t\t\t\tELSE 0\n\t\t\t\t\tEND\n\t\t\t\tWHERE userid IN (0{$alluserids})\n\t\t\t");
            }
        }
        build_forum_counters($threadinfo['forumid']);
        if ($threadinfo['forumid'] != $destforuminfo['forumid']) {
            build_forum_counters($destforuminfo['forumid']);
        }
        // Update canview status of thread subscriptions
        update_subscriptions(array('threadids' => array($threadid)));
    }
    // Undelete Posts
    if ($_POST['do'] == 'undeleteposts') {
        $vbulletin->input->clean_array_gpc('p', array('postids' => TYPE_STR));
        $postids = explode(',', $vbulletin->GPC['postids']);
        foreach ($postids as $index => $postid) {
            if (intval($postid) == 0) {
                unset($postids["{$index}"]);
            } else {
                $postids["{$index}"] = intval($postid);
            }
        }
        if (empty($postids)) {
            standard_error(fetch_error('no_applicable_posts_selected'));
        }
        if (count($postids) > 400) {
            standard_error(fetch_error('you_are_limited_to_working_with_x_posts', $postlimit));
        }
        $postids = implode(',', $postids);
        // Validate posts
        $posts = $db->query_read_slave("\n\t\tSELECT post.postid, post.threadid, post.parentid, post.visible, post.title, post.userid,\n\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.firstpostid, thread.visible AS thread_visible,\n\t\t\tforum.options AS forum_options\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "forum AS forum USING (forumid)\n\t\tWHERE postid IN ({$postids})\n\t\t\tAND (post.visible = 2 OR (post.visible = 1 AND thread.visible = 2 AND post.postid = thread.firstpostid))\n\t\tORDER BY postid\n\t");
        $deletethreads = array();
        while ($post = $db->fetch_array($posts)) {
            $forumperms = fetch_permissions($post['forumid']);
            if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $post['postuserid'] != $vbulletin->userinfo['userid']) {
                json_error(ERR_NO_PERMISSION);
            }
            if ((!$post['visible'] or !$post['thread_visible']) and !can_moderate($post['forumid'], 'canmoderateposts')) {
                standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts'));
            } else {
                if (($post['visible'] == 2 or $post['thread_visible'] == 2) and !can_moderate($post['forumid'], 'candeleteposts')) {
                    standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                }
            }
            $postarray["{$post['postid']}"] = $post;
            $threadlist["{$post['threadid']}"] = true;
            $forumlist["{$post['forumid']}"] = true;
            if ($post['firstpostid'] == $post['postid']) {
                // undeleting a thread so need to update the $tinfo for any other posts in this thread
                $firstpost["{$post['threadid']}"] = true;
            } else {
                if (!empty($firstpost["{$post['threadid']}"])) {
                    $postarray["{$post['postid']}"]['thread_visible'] = 1;
                }
            }
        }
        if (is_array($postarray)) {
            foreach ($postarray as $postid => $post) {
                $tinfo = array('threadid' => $post['threadid'], 'forumid' => $post['forumid'], 'visible' => $post['thread_visible'], 'firstpostid' => $post['firstpostid']);
                undelete_post($post['postid'], $post['forum_options'] & $vbulletin->bf_misc_forumoptions['countposts'], $post, $tinfo, false);
            }
        }
        if (is_array($threadlist)) {
            foreach (array_keys($threadlist) as $threadid) {
                build_thread_counters($threadid);
            }
        }
        if (is_array($forumlist)) {
            foreach (array_keys($forumlist) as $forumid) {
                build_forum_counters($forumid);
            }
        }
    }
    // Delete As Spam
    if ($_REQUEST['do'] == 'dodeletespam') {
        $vbulletin->input->clean_array_gpc('p', array('type' => TYPE_STR));
        if ($vbulletin->GPC['type'] == 'post') {
            $vbulletin->input->clean_array_gpc('p', array('postids' => TYPE_STR));
            $postids = explode(',', $vbulletin->GPC['postids']);
            foreach ($postids as $index => $postid) {
                if (intval($postid) == 0) {
                    unset($postids["{$index}"]);
                } else {
                    $postids["{$index}"] = intval($postid);
                }
            }
            if (empty($postids)) {
                standard_error(fetch_error('no_applicable_posts_selected'));
            }
            if (count($postids) > $postlimit) {
                standard_error(fetch_error('you_are_limited_to_working_with_x_posts', $postlimit));
            }
        } else {
            $vbulletin->input->clean_array_gpc('p', array('threadid' => TYPE_STR));
            $threadids = explode(',', $vbulletin->GPC['threadid']);
            foreach ($threadids as $index => $threadid) {
                if (intval($threadid) == 0) {
                    unset($threadids["{$index}"]);
                } else {
                    $threadids["{$index}"] = intval($threadid);
                }
            }
            if (empty($threadids)) {
                standard_error(fetch_error('you_did_not_select_any_valid_threads'));
            }
            if (count($threadids) > $threadlimit) {
                standard_error(fetch_error('you_are_limited_to_working_with_x_threads', $threadlimit));
            }
        }
        $vbulletin->input->clean_array_gpc('p', array('banusers' => TYPE_BOOL, 'userids' => TYPE_STR));
        $banusers = false;
        if ($vbulletin->GPC['banusers']) {
            $banusers = true;
        }
        $vbulletin->GPC['userid'] = split(',', $vbulletin->GPC['userids']);
        $vbulletin->GPC_exists['userid'] = true;
        $userids = array();
        if ($vbulletin->GPC['type'] == 'thread') {
            // threads
            $threadarray = array();
            $threads = $db->query_read_slave("\n\t\t\tSELECT threadid, open, visible, forumid, title, prefixid, postuserid\n\t\t\tFROM " . TABLE_PREFIX . "thread\n\t\t\tWHERE threadid IN (" . implode(',', $threadids) . ")\n\t\t");
            while ($thread = $db->fetch_array($threads)) {
                $forumperms = fetch_permissions($thread['forumid']);
                if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $thread['postuserid'] != $vbulletin->userinfo['userid']) {
                    json_error(ERR_NO_PERMISSION);
                }
                $thread['prefix_plain_html'] = $thread['prefixid'] ? htmlspecialchars_uni($vbphrase["prefix_{$thread['prefixid']}_title_plain"]) . ' ' : '';
                if ($thread['open'] == 10) {
                    if (!can_moderate($thread['forumid'], 'canmanagethreads')) {
                        // No permission to remove redirects.
                        standard_error(fetch_error('you_do_not_have_permission_to_manage_thread_redirects', $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                    }
                } else {
                    if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts')) {
                        standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts'));
                    } else {
                        if ($thread['visible'] == 2 and !can_moderate($thread['forumid'], 'candeleteposts')) {
                            standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $vbphrase['n_a'], $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                        } else {
                            if (!can_moderate($thread['forumid'], 'canremoveposts')) {
                                if (!can_moderate($thread['forumid'], 'candeleteposts')) {
                                    standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                                }
                            } else {
                                if (!can_moderate($thread['forumid'], 'candeleteposts')) {
                                    if (!can_moderate($thread['forumid'], 'canremoveposts')) {
                                        standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                                    }
                                }
                            }
                        }
                    }
                }
                $threadarray["{$thread['threadid']}"] = $thread;
                $userids["{$thread['postuserid']}"] = true;
            }
            if (empty($threadarray)) {
                standard_error(fetch_error('you_did_not_select_any_valid_threads'));
            }
        } else {
            // posts
            // Validate posts
            $postarray = array();
            $posts = $db->query_read_slave("\n\t\t\tSELECT post.postid, post.threadid, post.visible, post.title, post.userid,\n\t\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.visible AS thread_visible, thread.firstpostid\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\t\tWHERE postid IN (" . implode(',', $postids) . ")\n\t\t");
            while ($post = $db->fetch_array($posts)) {
                $forumperms = fetch_permissions($post['forumid']);
                if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $post['postuserid'] != $vbulletin->userinfo['userid']) {
                    json_error(ERR_NO_PERMISSION);
                }
                if ((!$post['visible'] or !$post['thread_visible']) and !can_moderate($post['forumid'], 'canmoderateposts')) {
                    standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts'));
                } else {
                    if (($post['visible'] == 2 or $post['thread_visible'] == 2) and !can_moderate($post['forumid'], 'candeleteposts')) {
                        standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                    } else {
                        if (!can_moderate($post['forumid'], 'canremoveposts')) {
                            if (!can_moderate($post['forumid'], 'candeleteposts')) {
                                standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                            }
                        } else {
                            if (!can_moderate($post['forumid'], 'candeleteposts')) {
                                if (!can_moderate($post['forumid'], 'canremoveposts')) {
                                    standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title']));
                                }
                            }
                        }
                    }
                }
                $postarray["{$post['postid']}"] = $post;
                $userids["{$post['userid']}"] = true;
            }
            if (empty($postarray)) {
                standard_error(fetch_error('no_applicable_posts_selected'));
            }
        }
        $user_cache = array();
        foreach ($vbulletin->GPC['userid'] as $userid) {
            // check that userid appears somewhere in either posts / threads, if they don't then you're doing something naughty
            if (!isset($userids["{$userid}"])) {
                json_error(ERR_NO_PERMISSION);
            }
            $user_cache["{$userid}"] = fetch_userinfo($userid);
            cache_permissions($user_cache["{$userid}"]);
            $user_cache["{$userid}"]['joindate_string'] = vbdate($vbulletin->options['dateformat'], $user_cache["{$userid}"]['joindate']);
        }
        if ($banusers) {
            require_once DIR . '/includes/adminfunctions.php';
            require_once DIR . '/includes/functions_banning.php';
            if (!($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or can_moderate(0, 'canbanusers'))) {
                json_error(ERR_NO_PERMISSION);
            }
            // check that user has permission to ban the person they want to ban
            if (!($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) {
                foreach ($user_cache as $userid => $userinfo) {
                    if (can_moderate(0, '', $userinfo['userid'], $userinfo['usergroupid'] . (trim($userinfo['membergroupids']) ? ",{$userinfo['membergroupids']}" : '')) or $userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or $userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator'] or is_unalterable_user($userinfo['userid'])) {
                        standard_error(fetch_error('no_permission_ban_non_registered_users'));
                    }
                }
            } else {
                foreach ($user_cache as $userid => $userinfo) {
                    if ($userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or is_unalterable_user($userinfo['userid'])) {
                        standard_error(fetch_error('no_permission_ban_non_registered_users'));
                    }
                }
            }
        }
        $vbulletin->input->clean_array_gpc('p', array('deleteother' => TYPE_BOOL, 'type' => TYPE_STR, 'deletetype' => TYPE_UINT, 'deletereason' => TYPE_STR, 'keepattachments' => TYPE_BOOL));
        $vbulletin->GPC['deletereason'] = prepare_remote_utf8_string($vbulletin->GPC['deletereason']);
        // Check if we have users to punish
        if (!empty($user_cache)) {
            if ($banusers) {
                $vbulletin->input->clean_array_gpc('p', array('usergroupid' => TYPE_UINT, 'period' => TYPE_STR, 'reason' => TYPE_STR));
                $vbulletin->GPC['reason'] = prepare_remote_utf8_string($vbulletin->GPC['reason']);
                if (!isset($vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]) or $vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup']) {
                    standard_error(fetch_error('invalid_usergroup_specified'));
                }
                // check that the number of days is valid
                if ($vbulletin->GPC['period'] != 'PERMANENT' and !preg_match('#^(D|M|Y)_[1-9][0-9]?$#', $vbulletin->GPC['period'])) {
                    standard_error(fetch_error('invalid_ban_period_specified'));
                }
                if ($vbulletin->GPC['period'] == 'PERMANENT') {
                    // make this ban permanent
                    $liftdate = 0;
                } else {
                    // get the unixtime for when this ban will be lifted
                    $liftdate = convert_date_to_timestamp($vbulletin->GPC['period']);
                }
                $user_dms = array();
                $current_bans = $db->query_read("\n\t\t\t\t\tSELECT user.userid, userban.liftdate, userban.bandate\n\t\t\t\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "userban AS userban ON(userban.userid = user.userid)\n\t\t\t\t\tWHERE user.userid IN (" . implode(',', array_keys($user_cache)) . ")\n\t\t\t\t");
                while ($current_ban = $db->fetch_array($current_bans)) {
                    $userinfo = $user_cache["{$current_ban['userid']}"];
                    $userid = $userinfo['userid'];
                    if ($current_ban['bandate']) {
                        // they already have a ban, check if the current one is being made permanent, continue if its not
                        if ($liftdate and $liftdate < $current_ban['liftdate']) {
                            continue;
                        }
                        // there is already a record - just update this record
                        $db->query_write("\n\t\t\t\t\t\t\tUPDATE " . TABLE_PREFIX . "userban SET\n\t\t\t\t\t\t\tbandate = " . TIMENOW . ",\n\t\t\t\t\t\t\tliftdate = {$liftdate},\n\t\t\t\t\t\t\tadminid = " . $vbulletin->userinfo['userid'] . ",\n\t\t\t\t\t\t\treason = '" . $db->escape_string($vbulletin->GPC['reason']) . "'\n\t\t\t\t\t\t\tWHERE userid = {$userinfo['userid']}\n\t\t\t\t\t\t");
                    } else {
                        // insert a record into the userban table
                        /*insert query*/
                        $db->query_write("\n\t\t\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "userban\n\t\t\t\t\t\t\t(userid, usergroupid, displaygroupid, customtitle, usertitle, adminid, bandate, liftdate, reason)\n\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t({$userinfo['userid']}, {$userinfo['usergroupid']}, {$userinfo['displaygroupid']}, {$userinfo['customtitle']}, '" . $db->escape_string($userinfo['usertitle']) . "', " . $vbulletin->userinfo['userid'] . ", " . TIMENOW . ", {$liftdate}, '" . $db->escape_string($vbulletin->GPC['reason']) . "')\n\t\t\t\t\t\t");
                    }
                    // update the user record
                    $user_dms[$userid] =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
                    $user_dms[$userid]->set_existing($userinfo);
                    $user_dms[$userid]->set('usergroupid', $vbulletin->GPC['usergroupid']);
                    $user_dms[$userid]->set('displaygroupid', 0);
                    // update the user's title if they've specified a special user title for the banned group
                    if ($vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]['usertitle'] != '') {
                        $user_dms[$userid]->set('usertitle', $vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]['usertitle']);
                        $user_dms[$userid]->set('customtitle', 0);
                    }
                    $user_dms[$userid]->pre_save();
                }
                foreach ($user_dms as $userdm) {
                    $userdm->save();
                }
            }
        }
        // delete threads that are defined explicitly as spam by being ticked
        $physicaldel = $vbulletin->GPC['deletetype'] == 2 ? true : false;
        $skipped_user_prune = array();
        if ($vbulletin->GPC['deleteother'] and !empty($user_cache) and can_moderate(-1, 'canmassprune')) {
            $remove_all_posts = array();
            $user_checks = $db->query_read_slave("SELECT COUNT(*) AS total, userid AS userid FROM " . TABLE_PREFIX . "post WHERE userid IN (" . implode(', ', array_keys($user_cache)) . ") GROUP BY userid");
            while ($user_check = $db->fetch_array($user_checks)) {
                if (intval($user_check['total']) <= 50) {
                    $remove_all_posts[] = $user_check['userid'];
                } else {
                    $skipped_user_prune[] = $user_check['userid'];
                }
            }
            if (!empty($remove_all_posts)) {
                $threads = $db->query_read_slave("SELECT threadid FROM " . TABLE_PREFIX . "thread WHERE postuserid IN (" . implode(', ', $remove_all_posts) . ")");
                while ($thread = $db->fetch_array($threads)) {
                    $threadids[] = $thread['threadid'];
                }
                // Yes this can pick up firstposts of threads but we check later on when fetching info, so it won't matter if its already deleted
                $posts = $db->query_read_slave("SELECT postid FROM " . TABLE_PREFIX . "post WHERE userid IN (" . implode(', ', $remove_all_posts) . ")");
                while ($post = $db->fetch_array($posts)) {
                    $postids[] = $post['postid'];
                }
            }
        }
        if (!empty($threadids)) {
            // Validate threads
            $threads = $db->query_read_slave("\n\t\t\tSELECT threadid, open, visible, forumid, title, postuserid\n\t\t\tFROM " . TABLE_PREFIX . "thread\n\t\t\tWHERE threadid IN (" . implode(',', $threadids) . ")\n\t\t");
            while ($thread = $db->fetch_array($threads)) {
                $forumperms = fetch_permissions($thread['forumid']);
                if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $thread['postuserid'] != $vbulletin->userinfo['userid']) {
                    json_error(ERR_NO_PERMISSION);
                }
                if ($thread['open'] == 10 and !can_moderate($thread['forumid'], 'canmanagethreads')) {
                    // No permission to remove redirects.
                    standard_error(fetch_error('you_do_not_have_permission_to_manage_thread_redirects', $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                } else {
                    if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts')) {
                        standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts'));
                    } else {
                        if ($thread['visible'] == 2 and !can_moderate($thread['forumid'], 'candeleteposts')) {
                            standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $vbphrase['n_a'], $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                        } else {
                            if ($thread['open'] != 10) {
                                if (!can_moderate($thread['forumid'], 'canremoveposts') and $physicaldel) {
                                    standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                                } else {
                                    if (!can_moderate($thread['forumid'], 'candeleteposts') and !$physicaldel) {
                                        standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title']));
                                    }
                                }
                            }
                        }
                    }
                }
                $threadarray["{$thread['threadid']}"] = $thread;
                $forumlist["{$thread['forumid']}"] = true;
            }
        }
        $delinfo = array('userid' => $vbulletin->userinfo['userid'], 'username' => $vbulletin->userinfo['username'], 'reason' => $vbulletin->GPC['deletereason'], 'keepattachments' => $vbulletin->GPC['keepattachments']);
        foreach ($threadarray as $threadid => $thread) {
            $countposts = $vbulletin->forumcache["{$thread['forumid']}"]['options'] & $vbulletin->bf_misc_forumoptions['countposts'];
            if (!$physicaldel and $thread['visible'] == 2) {
                # Thread is already soft deleted
                continue;
            }
            $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
            $threadman->set_existing($thread);
            // Redirect
            if ($thread['open'] == 10) {
                $threadman->delete(false, true, $delinfo);
            } else {
                $threadman->delete($countposts, $physicaldel, $delinfo);
            }
            unset($threadman);
        }
        if (!empty($postids)) {
            // Validate Posts
            $posts = $db->query_read_slave("\n\t\t\tSELECT post.postid, post.threadid, post.parentid, post.visible, post.title,\n\t\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.firstpostid, thread.visible AS thread_visible\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\t\tWHERE postid IN (" . implode(',', $postids) . ")\n\t\t\tORDER BY postid\n\t\t");
            while ($post = $db->fetch_array($posts)) {
                $postarray["{$post['postid']}"] = $post;
                $threadlist["{$post['threadid']}"] = true;
                $forumlist["{$post['forumid']}"] = true;
                if ($post['firstpostid'] == $post['postid']) {
                    // deleting a thread so do not decremement the counters of any other posts in this thread
                    $firstpost["{$post['threadid']}"] = true;
                } else {
                    if (!empty($firstpost["{$post['threadid']}"])) {
                        $postarray["{$post['postid']}"]['skippostcount'] = true;
                    }
                }
            }
        }
        $gotothread = true;
        foreach ($postarray as $postid => $post) {
            $foruminfo = fetch_foruminfo($post['forumid']);
            $postman =& datamanager_init('Post', $vbulletin, ERRTYPE_SILENT, 'threadpost');
            $postman->set_existing($post);
            $postman->delete($foruminfo['countposts'] and !$post['skippostcount'], $post['threadid'], $physicaldel, $delinfo);
            unset($postman);
            if ($vbulletin->GPC['threadid'] == $post['threadid'] and $post['postid'] == $post['firstpostid']) {
                // we've deleted the thread that we activated this action from so we can only return to the forum
                $gotothread = false;
            } else {
                if ($post['postid'] == $postinfo['postid'] and $physicaldel) {
                    // we came in via a post, which we have deleted so we have to go back to the thread
                    $vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . 't=' . $vbulletin->GPC['threadid'];
                }
            }
        }
        foreach (array_keys($threadlist) as $threadid) {
            build_thread_counters($threadid);
        }
        foreach (array_keys($forumlist) as $forumid) {
            build_forum_counters($forumid);
        }
        // empty cookie
        if ($vbulletin->GPC['type'] == 'thread') {
            setcookie('vbulletin_inlinethread', '', TIMENOW - 3600, '/');
        } else {
            setcookie('vbulletin_inlinepost', '', TIMENOW - 3600, '/');
        }
    }
    return array('success' => true);
}