$percent = round($percent, 2); } if ($percent > 100) { $percent = 100; } if (!empty($memprofile['icq'])) { $memprofile['icq'] = intval($memprofile['icq']); } else { $memprofile['icq'] = ''; } $awaybit = ''; if ($memprofile['away'] == 1 && $mybb->settings['allowaway'] != 0) { $lang->away_note = $lang->sprintf($lang->away_note, $memprofile['username']); $awaydate = my_date($mybb->settings['dateformat'], $memprofile['awaydate']); if (!empty($memprofile['awayreason'])) { $reason = $parser->parse_badwords($memprofile['awayreason']); $awayreason = htmlspecialchars_uni($reason); } else { $awayreason = $lang->away_no_reason; } if ($memprofile['returndate'] == '') { $returndate = "{$lang->unknown}"; } else { $returnhome = explode("-", $memprofile['returndate']); // PHP native date functions use integers so timestamps for years after 2038 will not work // Thus we use adodb_mktime if ($returnhome[2] >= 2038) { require_once MYBB_ROOT . "inc/functions_time.php"; $returnmkdate = adodb_mktime(0, 0, 0, $returnhome[1], $returnhome[0], $returnhome[2]); $returndate = my_date($mybb->settings['dateformat'], $returnmkdate, "", 1, true); } else {
} $tofromusername = build_profile_link($tofromusername, $tofromuid); $denyreceipt = ''; if ($message['icon'] > 0 && $icon_cache[$message['icon']]) { $icon = $icon_cache[$message['icon']]; $icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']); $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); eval("\$icon = \"" . $templates->get("private_messagebit_icon") . "\";"); } else { $icon = '	'; } if (!trim($message['subject'])) { $message['subject'] = $lang->pm_no_subject; } $message['subject'] = $parser->parse_badwords($message['subject']); if (my_strlen($message['subject']) > 50) { $message['subject'] = htmlspecialchars_uni(my_substr($message['subject'], 0, 50) . "..."); } else { $message['subject'] = htmlspecialchars_uni($message['subject']); } if ($message['folder'] != "3") { $senddate = my_date('relative', $message['dateline']); } else { $senddate = $lang->not_sent; } $foldername = $foldernames[$message['folder']]; // What we do here is parse the post using our post parser, then strip the tags from it $parser_options = array('allow_html' => 0, 'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1); $message['message'] = strip_tags($parser->parse_message($message['message'], $parser_options)); if (my_strlen($message['message']) > 200) {
/** * Build a post bit * * @param array The post data * @param int The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post) * @return string The built post bit */ function build_postbit($post, $post_type = 0) { global $db, $altbg, $theme, $mybb, $postcounter; global $titlescache, $page, $templates, $forumpermissions, $attachcache; global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid; global $plugins, $parser, $cache, $ignored_users, $hascustomtitle; $hascustomtitle = 0; // Set default values for any fields not provided here foreach (array('subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm') as $post_field) { if (empty($post[$post_field])) { $post[$post_field] = ''; } } // Set up the message parser if it doesn't already exist. if (!$parser) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $unapproved_shade = ''; if ($post['visible'] == 0 && $post_type == 0) { $altbg = $unapproved_shade = 'trow_shaded'; } elseif ($altbg == 'trow1') { $altbg = 'trow2'; } else { $altbg = 'trow1'; } $post['fid'] = $fid; switch ($post_type) { case 1: // Message preview global $forum; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = 0; break; case 2: // Private message global $message, $pmid; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; break; case 3: // Announcement global $announcementarray, $message; $parser_options['allow_html'] = $announcementarray['allowhtml']; $parser_options['allow_mycode'] = $announcementarray['allowmycode']; $parser_options['allow_smilies'] = $announcementarray['allowsmilies']; $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; break; default: // Regular post global $forum, $thread, $tid; $oldforum = $forum; $id = intval($post['pid']); $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } break; } // Sanatize our custom profile fields for use in templates, if people choose to use them foreach ($post as $post_field => $field_value) { if (substr($post_field, 0, 3) != 'fid') { continue; } $post[$post_field] = htmlspecialchars_uni($field_value); } if (!$postcounter) { // Used to show the # of the post if ($page > 1) { if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) { $mybb->settings['postsperpage'] = 20; } $postcounter = $mybb->settings['postsperpage'] * ($page - 1); } else { $postcounter = 0; } $post_extra_style = "border-top-width: 0;"; } elseif ($mybb->input['mode'] == "threaded") { $post_extra_style = "border-top-width: 0;"; } else { $post_extra_style = "margin-top: 5px;"; } if (!$altbg) { // Define the alternate background colour if this is the first post $altbg = "trow1"; } $postcounter++; // Format the post date and time using my_date $post['postdate'] = my_date($mybb->settings['dateformat'], $post['dateline']); $post['posttime'] = my_date($mybb->settings['timeformat'], $post['dateline']); // Dont want any little 'nasties' in the subject $post['subject'] = $parser->parse_badwords($post['subject']); // Pm's have been htmlspecialchars_uni()'ed already. if ($post_type != 2) { $post['subject'] = htmlspecialchars_uni($post['subject']); } if (empty($post['subject'])) { $post['subject'] = ' '; } $post['author'] = $post['uid']; // Get the usergroup if ($post['userusername']) { if (!$post['displaygroup']) { $post['displaygroup'] = $post['usergroup']; } $usergroup = $groupscache[$post['displaygroup']]; } else { $usergroup = $groupscache[1]; } if (!is_array($titlescache)) { $cached_titles = $cache->read("usertitles"); if (!empty($cached_titles)) { foreach ($cached_titles as $usertitle) { $titlescache[$usertitle['posts']] = $usertitle; } } if (is_array($titlescache)) { krsort($titlescache); } unset($usertitle, $cached_titles); } // Work out the usergroup/title stuff $post['groupimage'] = ''; if (!empty($usergroup['image'])) { $language = $mybb->settings['bblanguage']; if (!empty($mybb->user['language'])) { $language = $mybb->user['language']; } $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']); $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']); eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";"); if ($mybb->settings['postlayout'] == "classic") { $post['groupimage'] .= "<br />"; } } if ($post['userusername']) { // This post was made by a registered user $post['username'] = $post['userusername']; $post['profilelink_plain'] = get_profile_link($post['uid']); $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']); $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']); if (trim($post['usertitle']) != "") { $hascustomtitle = 1; } if ($usergroup['usertitle'] != "" && !$hascustomtitle) { $post['usertitle'] = $usergroup['usertitle']; } elseif (is_array($titlescache) && !$usergroup['usertitle']) { reset($titlescache); foreach ($titlescache as $key => $titleinfo) { if ($post['postnum'] >= $key) { if (!$hascustomtitle) { $post['usertitle'] = $titleinfo['title']; } $post['stars'] = $titleinfo['stars']; $post['starimage'] = $titleinfo['starimage']; break; } } } if ($usergroup['stars']) { $post['stars'] = $usergroup['stars']; } if (empty($post['starimage'])) { $post['starimage'] = $usergroup['starimage']; } if ($post['starimage'] && $post['stars']) { // Only display stars if we have an image to use... $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']); $post['userstars'] = ''; for ($i = 0; $i < $post['stars']; ++$i) { $post['userstars'] .= "<img src=\"" . $post['starimage'] . "\" border=\"0\" alt=\"*\" />"; } $post['userstars'] .= "<br />"; } $postnum = $post['postnum']; $post['postnum'] = my_number_format($post['postnum']); // Determine the status to show for the user (Online/Offline/Away) $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if ($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_online") . "\";"); } else { if ($post['away'] == 1 && $mybb->settings['allowaway'] != 0) { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_away") . "\";"); } else { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";"); } } if ($post['avatar'] != "" && ($mybb->user['showavatars'] != 0 || !$mybb->user['uid'])) { $post['avatar'] = htmlspecialchars_uni($post['avatar']); $avatar_dimensions = explode("|", $post['avatardimensions']); if ($avatar_dimensions[0] && $avatar_dimensions[1]) { list($max_width, $max_height) = explode("x", my_strtolower($mybb->settings['postmaxavatarsize'])); if ($avatar_dimensions[0] > $max_width || $avatar_dimensions[1] > $max_height) { require_once MYBB_ROOT . "inc/functions_image.php"; $scaled_dimensions = scale_image($avatar_dimensions[0], $avatar_dimensions[1], $max_width, $max_height); $avatar_width_height = "width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\""; } else { $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\""; } } eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";"); $post['avatar_padding'] = "padding-right: 10px;"; } else { $post['useravatar'] = ''; $post['avatar_padding'] = ''; } eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";"); if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) { eval("\$post['button_pm'] = \"" . $templates->get("postbit_pm") . "\";"); } if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid']) { if (!$post['pid']) { $post['pid'] = 0; } eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";"); } if ($post['website'] != "") { $post['website'] = htmlspecialchars_uni($post['website']); eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";"); } else { $post['button_www'] = ""; } if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) { eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";"); } else { $post['button_email'] = ""; } $post['userregdate'] = my_date($mybb->settings['regdateformat'], $post['regdate']); // Work out the reputation this user has (only show if not announcement) if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) { $post['userreputation'] = get_reputation($post['reputation'], $post['uid']); eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";"); } // Showing the warning level? (only show if not announcement) if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) { $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); if ($warning_level > 100) { $warning_level = 100; } $warning_level = get_colored_warning_level($warning_level); // If we can warn them, it's not the same person, and we're in a PM or a post. if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) { eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";"); $warning_link = "warnings.php?uid={$post['uid']}"; } else { $warning_link = "usercp.php"; } eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";"); } eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";"); } else { // Message was posted by a guest or an unknown user $post['profilelink'] = format_name($post['username'], 1); if ($usergroup['usertitle']) { $post['usertitle'] = $usergroup['usertitle']; } else { $post['usertitle'] = $lang->guest; } $usergroup['title'] = $lang->na; $post['userregdate'] = $lang->na; $post['postnum'] = $lang->na; $post['button_profile'] = ''; $post['button_email'] = ''; $post['button_www'] = ''; $post['signature'] = ''; $post['button_pm'] = ''; $post['button_find'] = ''; $post['onlinestatus'] = ''; $post['replink'] = ''; eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";"); } $post['button_edit'] = ''; $post['button_quickdelete'] = ''; $post['button_quote'] = ''; $post['button_quickquote'] = ''; $post['button_report'] = ''; // For private messages, fetch the reply/forward/delete icons if ($post_type == 2 && $post['pmid']) { global $replyall; eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";"); eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";"); eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";"); if ($replyall == true) { eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";"); } } if (!$post_type) { // Figure out if we need to show an "edited by" message $post['editedmsg'] = ''; if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) { $post['editdate'] = my_date($mybb->settings['dateformat'], $post['edittime']); $post['edittime'] = my_date($mybb->settings['timeformat'], $post['edittime']); $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate'], $post['edittime']); $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']); eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";"); } if ((is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid']) && $mybb->user['uid'] != 0) { eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";"); } // Quick Delete button $can_delete = 0; if ($mybb->user['uid'] == $post['uid']) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete = 1; } } } if ((is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0) { eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } // Inline moderation stuff if ($ismod) { if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) { $inlinecheck = "checked=\"checked\""; $inlinecount++; } else { $inlinecheck = ""; } eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";"); if ($post['visible'] == 0) { $invisiblepost = 1; } } else { $post['inlinecheck'] = ""; } $post['postlink'] = get_post_link($post['pid'], $post['tid']); eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";"); global $forum, $thread; if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid']))) { eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";"); } if ($forumpermissions['canpostreplys'] != 0 && ($thread['closed'] != 1 || is_moderator($fid)) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) { eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";"); } if ($mybb->user['uid'] != "0") { eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";"); } if ($mybb->settings['logip'] != "no") { if ($mybb->settings['logip'] == "show") { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";"); } else { if ($mybb->settings['logip'] == "hide" && is_moderator($fid, "canviewips")) { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";"); } else { $post['iplogged'] = ""; } } } else { $post['iplogged'] = ""; } } elseif ($post_type == 3) { if ($mybb->usergroup['issupermod'] == 1 || is_moderator($fid)) { eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";"); eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";"); } } if ($post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } // If we have incoming search terms to highlight - get it done. if (!empty($mybb->input['highlight'])) { $parser_options['highlight'] = $mybb->input['highlight']; $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']); } $post['message'] = $parser->parse_message($post['message'], $parser_options); get_post_attachments($id, $post); if ($post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts'])) { $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($usergroup['signofollow']) { $sig_parser['nofollow_on'] = 1; } $post['signature'] = $parser->parse_message($post['signature'], $sig_parser); eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";"); } else { $post['signature'] = ""; } $icon_cache = $cache->read("posticons"); if ($post['icon'] > 0 && $icon_cache[$post['icon']]) { $icon = $icon_cache[$post['icon']]; $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); $post['icon'] = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" style=\"vertical-align: middle;\" /> "; } else { $post['icon'] = ""; } $post_visibility = ''; switch ($post_type) { case 1: // Message preview $post = $plugins->run_hooks("postbit_prev", $post); break; case 2: // Private message $post = $plugins->run_hooks("postbit_pm", $post); break; case 3: // Announcement $post = $plugins->run_hooks("postbit_announcement", $post); break; default: // Regular post $post = $plugins->run_hooks("postbit", $post); // Is this author on the ignore list of the current user? Hide this post $ignore_bit = ''; if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) { $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']); eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";"); $post_visibility = "display: none;"; } break; } if ($mybb->settings['postlayout'] == "classic") { eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";"); } else { eval("\$postbit = \"" . $templates->get("postbit") . "\";"); } $GLOBALS['post'] = ""; return $postbit; }
} if ($page > $pages || $page <= 0) { $page = 1; } if ($page) { $start = ($page - 1) * $perpage; } else { $start = 0; $page = 1; } $multipage = multipage($unapproved_threads, $perpage, $page, "modcp.php?action=modqueue&type=threads"); $query = $db->query("\n\t\t\tSELECT t.tid, t.dateline, t.fid, t.subject, t.username AS threadusername, p.message AS postmessage, u.username AS username, t.uid\n\t\t\tFROM " . TABLE_PREFIX . "threads t\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "posts p ON (p.pid=t.firstpost)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=t.uid)\n\t\t\tWHERE t.visible='0' {$tflist_queue_threads}\n\t\t\tORDER BY t.lastpost DESC\n\t\t\tLIMIT {$start}, {$perpage}\n\t\t"); $threads = ''; while ($thread = $db->fetch_array($query)) { $altbg = alt_trow(); $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); $thread['threadlink'] = get_thread_link($thread['tid']); $forum_link = get_forum_link($thread['fid']); $forum_name = $forum_cache[$thread['fid']]['name']; $threaddate = my_date('relative', $thread['dateline']); if ($thread['username'] == "") { if ($thread['threadusername'] != "") { $profile_link = $thread['threadusername']; } else { $profile_link = $lang->guest; } } else { $profile_link = build_profile_link($thread['username'], $thread['uid']); } $thread['postmessage'] = nl2br(htmlspecialchars_uni($thread['postmessage'])); eval("\$forum = \"" . $templates->get("modcp_modqueue_link_forum") . "\";");
// Get the thread details from the database. $thread = get_thread($mybb->input['tid']); // Get thread prefix if there is one. $thread['threadprefix'] = ''; $thread['displayprefix'] = ''; if ($thread['prefix'] != 0) { $threadprefix = build_prefixes($thread['prefix']); if ($threadprefix['prefix']) { $thread['threadprefix'] = $threadprefix['prefix'] . ' '; $thread['displayprefix'] = $threadprefix['displaystyle'] . ' '; } } if (substr($thread['closed'], 0, 6) == "moved|") { $thread['tid'] = 0; } $reply_subject = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($reply_subject); // Subject too long? Shorten it to avoid error message if (my_strlen($reply_subject) > 85) { $reply_subject = my_substr($reply_subject, 0, 82) . '...'; } $reply_subject = htmlspecialchars_uni($reply_subject); $tid = $thread['tid']; $fid = $thread['fid']; if (!$thread['username']) { $thread['username'] = $lang->guest; } $visibleonly = "AND visible='1'"; $visibleonly2 = "AND p.visible='1' AND t.visible='1'"; // Is the currently logged in user a moderator of this forum? if (is_moderator($fid)) {
} // Fetch attachments assigned to this post. if ($mybb->get_input('pid', MyBB::INPUT_INT)) { $attachwhere = "pid='" . $mybb->get_input('pid', MyBB::INPUT_INT) . "'"; } else { $attachwhere = "posthash='" . $db->escape_string($mybb->get_input('posthash')) . "'"; } $query = $db->simple_select("attachments", "*", $attachwhere); while ($attachment = $db->fetch_array($query)) { $attachcache[0][$attachment['aid']] = $attachment; } $postbit = build_postbit($post, 1); eval("\$preview = \"" . $templates->get("previewpost") . "\";"); } } $subject = htmlspecialchars_uni($parser->parse_badwords($subject)); $posthash = htmlspecialchars_uni($mybb->get_input('posthash')); // Do we have attachment errors? if (count($errors) > 0) { $reply_errors = inline_error($errors); } // Get a listing of the current attachments. if ($mybb->settings['enableattachments'] != 0 && $forumpermissions['canpostattachments'] != 0) { $attachcount = 0; if ($pid) { $attachwhere = "pid='{$pid}'"; } else { $attachwhere = "posthash='" . $db->escape_string($posthash) . "'"; } $attachments = ''; $query = $db->simple_select("attachments", "*", $attachwhere);
function firstpreview_pm() { global $mybb, $db, $charset, $headerinclude, $header; $header = '<div class="arrow-down"></div>' . $header; // Add jQuery and noConflict for MyBB 1.6.* $jquery = ''; $noconflict = ''; if ($mybb->version < "1.7.0") { $jquery = '<script type="text/javascript"> //<![CDATA[ if (!window.jQuery) { document.write(unescape("%3Cscript src=\\"http://code.jquery.com/jquery-latest.min.js\\" type=\\"text/javascript\\"%3E%3C/script%3E")); } //]]> </script>'; $noconflict = 'jQuery.noConflict();'; } // Background color $bg_color = '#aaaaaa'; if (isset($mybb->settings['firstpreview_bg']) && preg_match('/^#([0-9a-f]{1,6})$/i', $mybb->settings['firstpreview_bg'])) { $bg_color = htmlspecialchars_uni($mybb->settings['firstpreview_bg']); } // Close button $close_preview = '#close_preview{display:none;cursor:pointer;background:#000;color:#fff;float:right;font-size:1em;font-weight:bold;text-align:center;width:20px;height:20px;border-radius:5px}'; if (isset($mybb->settings['firstpreview_close']) && $mybb->settings['firstpreview_close'] == 1) { $close_preview = '#close_preview{cursor:pointer;background:#000;color:#fff;float:right;font-size:1em;font-weight:bold;text-align:center;width:20px;height:20px;border-radius:5px}'; } // Insert the code $headerinclude .= ' <!-- start: first_preview_plugin --> <style type="text/css"> .modal_firstpost{text-align:left;border-radius:7px;-moz-border-radius:7px;-webkit-border-radius:7px;border:1px solid ' . $bgcolor . ';display:none;position:absolute;z-index:29000;width:390px;height:180px;overflow:hidden} .fpreview{z-index:29001;width:390px;height:180px;overflow:auto;background:' . $bg_color . '} .arrow-down{display:none;position:absolute;z-index:28999;width:0;height:0;border-left:20px solid transparent;border-right:20px solid transparent;border-top:20px solid ' . $bg_color . '} .prev_content{padding:10px;height:auto;word-wrap:break-word;-webkit-hyphens:auto;-moz-hyphens:auto;-ms-hyphens:auto;-o-hyphens:auto;hyphens:auto;background:none} ' . $close_preview . ' </style> ' . $jquery . ' <script type="text/javascript"> //<![CDATA[ ' . $noconflict . ' <!-- if(use_xmlhttprequest == 1) { jQuery(document).ready(function(e){e(".pmprev").on("touchenter mouseenter",function(){id=e(this).attr("id");pmid=id.replace(/[^\\d.]/g,"");var t=e(this).offset().left;var n=e(this).offset().top-200;showPost=setTimeout(function(){e.ajax({url:"private.php?pmid="+pmid+"&firstpm=1",type:"post",complete:function(t){e(".modal_firstpost").html(t.responseText)}});e(".modal_firstpost").fadeIn("slow");e(".modal_firstpost").css("top",n);e(".modal_firstpost").css("left",t);e(".arrow-down").fadeIn("slow");e(".arrow-down").css("top",n+180);e(".arrow-down").css("left",t+20);},1500)});e(".pmprev").on("mouseleave touchleave touchend",function(){clearTimeout(showPost);});e(".modal_firstpost").on("mouseleave touchmove",function(){e(".modal_firstpost").fadeOut("slow");e(".arrow-down").fadeOut("fast")});e(".modal_firstpost").on("click", "#close_preview", function(){e(".modal_firstpost").fadeOut("slow");e(".arrow-down").fadeOut("fast")})}); } //]]> </script> <!-- end: first_preview_plugin --> '; // Get the pm preview if (isset($mybb->input['firstpm']) && $mybb->input['firstpm'] == 1 && $mybb->request_method == "post") { $pmid = (int) $mybb->input['pmid']; $query = $db->simple_select('privatemessages', '*', "pmid = '" . $pmid . "'"); $pm = $db->fetch_array($query); // Load the users own messages only if ($pm['uid'] != $mybb->user['uid']) { return; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject'])); $user = get_user($pm['fromid']); $idtype = 'pmid'; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $user['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; $pm['message'] = $parser->parse_message($pm['message'], $parser_options); $pmdate = my_date($mybb->settings['dateformat'], $pm['dateline']); $pmtime = my_date($mybb->settings['timeformat'], $pm['dateline']); $pmsent = ' (' . $pmdate . ', ' . $pmtime . ')'; if (isset($mybb->settings['firstpreview_html']) && $mybb->settings['firstpreview_html'] != 1) { $pm['message'] = strip_tags($pm['message'], "<br><p><ul><ol><li>"); } if (!empty($mybb->settings['firstpreview_length']) && $mybb->settings['firstpreview_length'] != "0" && my_strlen($pm['message']) > (int) $mybb->settings['firstpreview_length']) { $pm['message'] = preg_replace("!<a([^>]+)>!isU", "", $pm['message']); $pm['message'] = str_replace("</a>", "", $pm['message']); $pm['message'] = my_substr($pm['message'], 0, (int) $mybb->settings['firstpreview_length']) . '...<p><a href="private.php?action=read&pmid=' . (int) $pm['pmid'] . '">more</a></p>'; } $preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span>\n\t\t<div class=\"thead\" style=\"text-align:center; font-weight:bold; min-height:20px;\">" . $pm['subject'] . "</div>\n\t\t<div class=\"tcat\" style=\"padding-left:10px;\">" . build_profile_link(format_name(htmlspecialchars_uni($user['username']), (int) $user['usergroup'], (int) $user['displaygroup']), (int) $pm['fromid']) . "<span class=\"smalltext\">" . $pmsent . "</span></div>\n\t\t<div class=\"prev_content\">" . $pm['message'] . "</div>\n\t\t</div>"; header("Content-type: text/plain; charset={$charset}"); echo $preview; exit; } }
function ps_GetTopDownloads($NumOfRows) { global $mybb, $db, $templates, $theme, $lang, $parser, $unviewables, $under_mod_forums_arr, $vcheck, $ps_align; if (!is_object($parser)) { require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new postParser(); } $query = $db->query("\n\t\tSELECT p.subject,t.fid,t.visible,a.pid,a.downloads,a.filename \n\t\tFROM " . TABLE_PREFIX . "attachments a \n\t\tLEFT JOIN " . TABLE_PREFIX . "posts p ON (p.pid = a.pid) \n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid = p.tid) \n\t\tWHERE (t.visible = '1' " . $vcheck . ") \n\t\t" . $unviewables['string'] . " \n\t\tAND t.closed NOT LIKE 'moved|%' \n\t\tAND t.visible != '-2' \n\t\tAND a.thumbnail = '' \n\t\tGROUP BY p.pid \n\t\tORDER BY a.downloads DESC \n\t\tLIMIT 0," . $NumOfRows); $query_icon = $db->query("SELECT extension,icon FROM " . TABLE_PREFIX . "attachtypes"); while ($result_icon = $db->fetch_array($query_icon)) { $mimicon[$result_icon['extension']] = $result_icon['icon']; } while ($top_downloads = $db->fetch_array($query)) { $subject_long = htmlspecialchars_uni($parser->parse_badwords($top_downloads['subject'])); $pid = $top_downloads['pid']; $subject = htmlspecialchars_uni(ps_SubjectLength($parser->parse_badwords($top_downloads['subject']), NULL, true)); $downloadnum = $top_downloads['downloads']; $attach_icon = $mimicon[get_extension($top_downloads['filename'])]; $highlight = ps_GetHighlight($top_downloads); $postlink = get_post_link($pid) . "#pid" . $pid; eval("\$topdownloads_row .= \"" . $templates->get("prostats_topdownloads_row") . "\";"); } eval("\$column_topdownloads = \"" . $templates->get("prostats_topdownloads") . "\";"); return $column_topdownloads; }
function asb_rand_quote_get_quote($settings, $width) { global $db, $mybb, $templates, $lang, $theme; if (!$lang->asb_addon) { $lang->load('asb_addon'); } // get forums user cannot view $unviewable = get_unviewable_forums(true); if ($unviewable) { $unviewwhere = " AND p.fid NOT IN ({$unviewable})"; } // get inactive forums $inactive = get_inactive_forums(); if ($inactive) { $inactivewhere = " AND p.fid NOT IN ({$inactive})"; } if ($settings['important_threads_only']) { $important_threads = ' AND NOT t.sticky=0'; } // build the exclude conditions $show['fids'] = asb_build_id_list($settings['forum_show_list'], 'p.fid'); $show['tids'] = asb_build_id_list($settings['thread_show_list'], 'p.tid'); $hide['fids'] = asb_build_id_list($settings['forum_hide_list'], 'p.fid'); $hide['tids'] = asb_build_id_list($settings['thread_hide_list'], 'p.tid'); $where['show'] = asb_build_SQL_where($show, ' OR '); $where['hide'] = asb_build_SQL_where($hide, ' OR ', ' NOT '); $query_where = $important_threads . $unviewwhere . $inactivewhere . asb_build_SQL_where($where, ' AND ', ' AND '); $post_query = $db->query("\n\t\tSELECT\n\t\t\tp.pid, p.message, p.fid, p.tid, p.subject, p.uid,\n\t\t\tu.username, u.usergroup, u.displaygroup, u.avatar,\n\t\t\tt.sticky\n\t\tFROM {$db->table_prefix}posts p\n\t\tLEFT JOIN {$db->table_prefix}users u ON (u.uid=p.uid)\n\t\tLEFT JOIN {$db->table_prefix}threads t ON (t.tid=p.tid)\n\t\tWHERE\n\t\t\tp.visible='1'{$query_where}\n\t\tORDER BY\n\t\t\tRAND()\n\t\tLIMIT 1;"); // if there was 1 . . . if ($db->num_rows($post_query) == 0) { return false; } $rand_post = $db->fetch_array($post_query); // build a post parser require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new postParser(); // we just need the text and smilies (we'll parse them after we check length) $pattern = "|[[\\/\\!]*?[^\\[\\]]*?]|si"; $new_message = asb_strip_url(preg_replace($pattern, '$1', $rand_post['message'])); // get some dimensions that make sense in relation to column width $asb_width = (int) $width; $asb_inner_size = $asb_width * 0.83; $avatar_size = (int) ($asb_inner_size / 5); $font_size = $asb_width / 4.5; $font_size = max(10, min(16, $font_size)); $username_font_size = (int) ($font_size * 0.9); $title_font_size = (int) ($font_size * 0.65); $message_font_size = (int) $font_size; if (strlen($new_message) < $settings['min_length']) { if ($settings['default_text']) { $new_message = $settings['default_text']; } else { // nothing to show return false; } } if ($settings['max_length'] && strlen($new_message) > $settings['max_length']) { $new_message = substr($new_message, 0, $settings['max_length']) . ' . . .'; } // set up the user name link so that it displays correctly for the display group of the user $plain_text_username = htmlspecialchars_uni($rand_post['username']); $username = format_name($plain_text_username, $rand_post['usergroup'], $rand_post['displaygroup']); $author_link = get_profile_link($rand_post['uid']); $post_link = get_post_link($rand_post['pid'], $rand_post['tid']) . '#pid' . $rand_post['pid']; $thread_link = get_thread_link($rand_post['tid']); // allow smilies, but kill $parser_options = array("allow_smilies" => 1); $new_message = str_replace(array('<br />', '/me'), array('', " * {$plain_text_username}"), $parser->parse_message($new_message . ' ', $parser_options)); // if the user has an avatar then display it, otherwise force the default avatar. $avatar_filename = "{$theme['imgdir']}/default_avatar.gif"; if ($rand_post['avatar'] != '') { $avatar_filename = $rand_post['avatar']; } $avatar_alt = $lang->sprintf($lang->asb_random_quote_users_profile, $plain_text_username); eval("\$read_more = \"" . $templates->get('asb_rand_quote_read_more') . "\";"); if (my_strlen($rand_post['subject']) > 40) { $rand_post['subject'] = my_substr($rand_post['subject'], 0, 40) . ' . . .'; } if (substr(strtolower($rand_post['subject']), 0, 3) == 're:') { $rand_post['subject'] = substr($rand_post['subject'], 3); } $rand_post['subject'] = htmlspecialchars_uni($parser->parse_badwords($rand_post['subject'])); $thread_title_link = <<<EOF <strong><a href="{$thread_link}" title="{$lang->asb_random_quotes_read_more_threadlink_title}"><span style="font-size: {$title_font_size}px;">{$rand_post['subject']}</span></a></strong> EOF; // eval() the template eval("\$this_quote = \"" . $templates->get("asb_rand_quote_sidebox") . "\";"); return $this_quote; }
function get_announcement_list($foruminfo, $fid) { // Gather forum stats global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $time, $mybbgroups, $cache; $has_announcements = $has_modtools = false; $forum_stats = $cache->read("forumsdisplay"); $parser = new postParser(); if (is_array($forum_stats)) { if (!empty($forum_stats[-1]['modtools']) || !empty($forum_stats[$fid]['modtools'])) { // Mod tools are specific to forums, not parents $has_modtools = true; } if (!empty($forum_stats[-1]['announcements']) || !empty($forum_stats[$fid]['announcements'])) { // Global or forum-specific announcements $has_announcements = true; } } $parentlist = $foruminfo['parentlist']; $parentlistexploded = explode(",", $parentlist); foreach ($parentlistexploded as $mfid) { if (!empty($forum_stats[$mfid]['announcements'])) { $has_announcements = true; } } $announcementlist = $topic_list = array(); if ($has_announcements == true) { $limit = ''; $announcements = ''; if ($mybb->settings['announcementlimit']) { $limit = "LIMIT 0, " . $mybb->settings['announcementlimit']; } $sql = build_parent_list($fid, "fid", "OR", $parentlist); $time = TIME_NOW; $query = $db->query("\n\t\t\tSELECT a.*, u.username\n\t\t\tFROM " . TABLE_PREFIX . "announcements a\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=a.uid)\n\t\t\tWHERE a.startdate<='{$time}' AND (a.enddate>='{$time}' OR a.enddate='0') AND ({$sql} OR fid='-1')\n\t\t\tORDER BY a.startdate DESC {$limit}\n\t\t"); // See if this announcement has been read in our announcement array $cookie = array(); if (isset($mybb->cookies['mybb']['announcements'])) { $cookie = my_unserialize(stripslashes($mybb->cookies['mybb']['announcements'])); } $announcementlist = ''; $bgcolor = alt_trow(true); // Reset the trow colors while ($announcement = $db->fetch_array($query)) { if ($announcement['startdate'] > $mybb->user['lastvisit'] && !$cookie[$announcement['aid']]) { $new_class = ' class="subject_new"'; $folder = "newfolder"; } else { $new_class = ' class="subject_old"'; $folder = "folder"; } // Mmm, eat those announcement cookies if they're older than our last visit if (isset($cookie[$announcement['aid']]) && $cookie[$announcement['aid']] < $mybb->user['lastvisit']) { unset($cookie[$announcement['aid']]); } $announcement['announcementlink'] = get_announcement_link($announcement['aid']); $announcement['subject'] = $parser->parse_badwords($announcement['subject']); $announcement['subject'] = htmlspecialchars_uni($announcement['subject']); $postdate = my_date('relative', $announcement['startdate']); $announcement['profilelink'] = build_profile_link($announcement['username'], $announcement['uid']); $announcementlist[] = $announcement; } if (empty($cookie)) { // Clean up cookie crumbs my_setcookie('mybb[announcements]', 0, TIME_NOW - 60 * 60 * 24 * 365); } else { if (!empty($cookie)) { my_setcookie("mybb[announcements]", addslashes(serialize($cookie)), -1); } } foreach ($announcementlist as $announce) { $user_info = get_user($announce['uid']); $icon_url = absolute_url($user_info['avatar']); $xmlrpc_topic = new xmlrpcval(array('forum_id' => new xmlrpcval($fid, 'string'), 'topic_id' => new xmlrpcval('ann_' . $announce['aid'], 'string'), 'topic_title' => new xmlrpcval(basic_clean($announce['subject']), 'base64'), 'topic_author_id' => new xmlrpcval($announce['uid'], 'string'), 'topic_author_name' => new xmlrpcval(basic_clean($announce['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($icon_url), 'string'), 'reply_number' => new xmlrpcval(0, 'int'), 'view_number' => new xmlrpcval(0, 'int'), 'short_content' => new xmlrpcval(process_short_content($announce['message'], $parser), 'base64')), 'struct'); $topic_list[] = $xmlrpc_topic; } } $response = new xmlrpcval(array('total_topic_num' => new xmlrpcval(count($announcementlist), 'int'), 'forum_id' => new xmlrpcval($fid), 'forum_name' => new xmlrpcval(basic_clean($foruminfo['name']), 'base64'), 'can_post' => new xmlrpcval(false, 'boolean'), 'can_upload' => new xmlrpcval(false, 'boolean'), 'topics' => new xmlrpcval($topic_list, 'array')), 'struct'); return new xmlrpcresp($response); }
$load_all = intval($mybb->input['load_all_quotes']); while ($quoted_post = $db->fetch_array($query)) { // Only show messages for the current thread if ($quoted_post['tid'] == $tid || $load_all == 1) { // If this post was the post for which a quote button was clicked, set the subject if ($pid == $quoted_post['pid']) { $subject = preg_replace('#RE:\\s?#i', '', $quoted_post['subject']); $subject = "RE: " . $subject; } if ($quoted_post['userusername']) { $quoted_post['username'] = $quoted_post['userusername']; } $quoted_post['message'] = preg_replace('#(^|\\r|\\n)/me ([^\\r\\n<]*)#i', "\\1* {$quoted_post['username']} \\2", $quoted_post['message']); $quoted_post['message'] = preg_replace('#(^|\\r|\\n)/slap ([^\\r\\n<]*)#i', "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", $quoted_post['message']); $quoted_post['message'] = preg_replace("#\\[attachment=([0-9]+?)\\]#i", '', $quoted_post['message']); $quoted_post['message'] = $parser->parse_badwords($quoted_post['message']); $message .= "[quote='{$quoted_post['username']}' pid='{$quoted_post['pid']}' dateline='{$quoted_post['dateline']}']\n{$quoted_post['message']}\n[/quote]\n\n"; $quoted_ids[] = $quoted_post['pid']; } else { ++$external_quotes; } } if ($external_quotes > 0) { if ($external_quotes == 1) { $multiquote_text = $lang->multiquote_external_one; $multiquote_deselect = $lang->multiquote_external_one_deselect; $multiquote_quote = $lang->multiquote_external_one_quote; } else { $multiquote_text = $lang->sprintf($lang->multiquote_external, $external_quotes); $multiquote_deselect = $lang->multiquote_external_deselect; $multiquote_quote = $lang->multiquote_external_quote;
$onlyusfids = array(); // Check group permissions if we can't view threads not started by us $group_permissions = forum_permissions(); foreach ($group_permissions as $fid => $forum_permissions) { if ($forum_permissions['canonlyviewownthreads'] == 1) { $onlyusfids[] = $fid; } } if (!empty($onlyusfids)) { $permsql .= "AND ((fid IN(" . implode(',', $onlyusfids) . ") AND uid='{$mybb->user['uid']}') OR fid NOT IN(" . implode(',', $onlyusfids) . "))"; } // Get the threads to syndicate. $query = $db->simple_select("threads", "subject, tid, dateline, firstpost", "visible='1' AND closed NOT LIKE 'moved|%' {$permsql} {$forumlist}", array('order_by' => 'dateline', 'order_dir' => 'DESC', 'limit' => $thread_limit)); // Loop through all the threads. while ($thread = $db->fetch_array($query)) { $items[$thread['tid']] = array("title" => $parser->parse_badwords($thread['subject']), "link" => $channel['link'] . get_thread_link($thread['tid']), "date" => $thread['dateline']); $firstposts[] = $thread['firstpost']; } if (!empty($firstposts)) { $firstpostlist = "pid IN(" . $db->escape_string(implode(',', $firstposts)) . ")"; $attachments = array(); $query = $db->simple_select("attachments", "*", $firstpostlist); while ($attachment = $db->fetch_array($query)) { if (!isset($attachments[$attachment['pid']])) { $attachments[$attachment['pid']] = array(); } $attachments[$attachment['pid']][] = $attachment; } $query = $db->simple_select("posts", "message, edittime, tid, fid, pid", $firstpostlist, array('order_by' => 'dateline', 'order_dir' => 'desc')); while ($post = $db->fetch_array($query)) { $parser_options = array("allow_html" => $forumcache[$post['fid']]['allowhtml'], "allow_mycode" => $forumcache[$post['fid']]['allowmycode'], "allow_smilies" => $forumcache[$post['fid']]['allowsmilies'], "allow_imgcode" => $forumcache[$post['fid']]['allowimgcode'], "allow_videocode" => $forumcache[$post['fid']]['allowvideocode'], "filter_badwords" => 1, "filter_cdata" => 1);
$bgcolor = alt_trow(true); // Reset the trow colors while ($announcement = $db->fetch_array($query)) { if ($announcement['startdate'] > $mybb->user['lastvisit'] && !$cookie[$announcement['aid']]) { $new_class = ' class="subject_new"'; $folder = "newfolder"; } else { $new_class = ' class="subject_old"'; $folder = "folder"; } // Mmm, eat those announcement cookies if they're older than our last visit if (isset($cookie[$announcement['aid']]) && $cookie[$announcement['aid']] < $mybb->user['lastvisit']) { unset($cookie[$announcement['aid']]); } $announcement['announcementlink'] = get_announcement_link($announcement['aid']); $announcement['subject'] = $parser->parse_badwords($announcement['subject']); $announcement['subject'] = htmlspecialchars_uni($announcement['subject']); $postdate = my_date('relative', $announcement['startdate']); $announcement['profilelink'] = build_profile_link($announcement['username'], $announcement['uid']); if ($mybb->settings['allowthreadratings'] != 0 && $foruminfo['allowtratings'] != 0 && $fpermissions['canviewthreads'] != 0) { eval("\$rating = \"" . $templates->get("forumdisplay_announcement_rating") . "\";"); $lpbackground = "trow2"; } else { $rating = ''; $lpbackground = "trow1"; } if ($ismod) { eval("\$modann = \"" . $templates->get("forumdisplay_announcements_announcement_modbit") . "\";"); } else { $modann = ''; }
function get_subscribed_topic_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $lang->load("usercp"); $parser = new postParser(); $input = Tapatalk_Input::filterXmlInput(array('start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT), $xmlrpc_params); if ($mybb->user['uid'] == 0 || $mybb->usergroup['canusercp'] == 0) { return tt_no_permission(); } $query = $db->simple_select("forumpermissions", "*", "gid='" . $db->escape_string($mybb->user['usergroup']) . "'"); while ($permissions = $db->fetch_array($query)) { $permissioncache[$permissions['gid']][$permissions['fid']] = $permissions; } while ($forum = $db->fetch_array($query)) { if ($mybb->user['uid'] == 0) { if ($forumsread[$forum['fid']]) { $forum['lastread'] = $forumsread[$forum['fid']]; } } $readforums[$forum['fid']] = $forum['lastread']; } require_once MYBB_ROOT . "inc/functions_forumlist.php"; $fpermissions = forum_permissions(); list($start, $limit) = process_page($input['start_num'], $input['last_num']); // Thread visiblity $visible = "AND t.visible != 0"; if (is_moderator() == true) { $visible = ''; } // Do Multi Pages $query = $db->query("\n\t\tSELECT COUNT(ts.tid) as threads\n\t\tFROM " . TABLE_PREFIX . "threadsubscriptions ts\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid = ts.tid)\n\t\tWHERE ts.uid = '" . $mybb->user['uid'] . "' {$visible}\n\t"); $threadcount = $db->fetch_field($query, "threads"); // Fetch subscriptions $query = $db->query("\n\t\tSELECT s.*, t.*, t.username AS threadusername, u.username, u.username, u.avatar, if({$mybb->user['uid']} > 0 and s.uid = {$mybb->user['uid']}, 1, 0) as subscribed, po.message, f.name as forumname, IF(b.lifted > UNIX_TIMESTAMP() OR b.lifted = 0, 1, 0) as isbanned\n\t\tFROM " . TABLE_PREFIX . "threadsubscriptions s\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (s.tid=t.tid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid = t.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "banned b ON (b.uid = t.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "posts po ON (po.pid = t.firstpost)\n\t\tleft join " . TABLE_PREFIX . "forums f on f.fid = t.fid\n\t\tWHERE s.uid='" . $mybb->user['uid'] . "' {$visible}\n\t\tORDER BY t.lastpost DESC\n\t\tLIMIT {$start}, {$limit}\n\t"); while ($subscription = $db->fetch_array($query)) { $forumpermissions = $fpermissions[$subscription['fid']]; if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { // Hmm, you don't have permission to view this thread - unsubscribe! $del_subscriptions[] = $subscription['tid']; } else { if ($subscription['tid']) { $subscriptions[$subscription['tid']] = $subscription; } } } if (is_array($del_subscriptions)) { $tids = implode(',', $del_subscriptions); if ($tids) { $db->delete_query("threadsubscriptions", "tid IN ({$tids}) AND uid='{$mybb->user['uid']}'"); } } $topic_list = array(); if (is_array($subscriptions)) { $tids = implode(",", array_keys($subscriptions)); // Build a forum cache. $query = $db->query("\n\t\t\tSELECT f.fid, fr.dateline AS lastread\n\t\t\tFROM " . TABLE_PREFIX . "forums f\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "forumsread fr ON (fr.fid=f.fid AND fr.uid='{$mybb->user['uid']}')\n\t\t\tWHERE f.active != 0\n\t\t\tORDER BY pid, disporder\n\t\t"); while ($forum = $db->fetch_array($query)) { if ($mybb->user['uid'] == 0) { if ($forumsread[$forum['fid']]) { $forum['lastread'] = $forumsread[$forum['fid']]; } } $readforums[$forum['fid']] = $forum['lastread']; } // Read threads if ($mybb->settings['threadreadcut'] > 0) { $query = $db->simple_select("threadsread", "*", "uid='{$mybb->user['uid']}' AND tid IN ({$tids})"); while ($readthread = $db->fetch_array($query)) { $subscriptions[$readthread['tid']]['lastread'] = $readthread['dateline']; } } // Now we can build our subscription list foreach ($subscriptions as $thread) { $bgcolor = alt_trow(); $folder = ''; $prefix = ''; // If this thread has a prefix, insert a space between prefix and subject if ($thread['prefix'] != 0) { $thread['threadprefix'] .= ' '; } // Sanitize $thread['subject'] = $parser->parse_badwords($thread['subject']); $gotounread = ''; $isnew = 0; $donenew = 0; $lastread = 0; $unreadpost = 0; if ($mybb->settings['threadreadcut'] > 0 && $mybb->user['uid']) { $forum_read = $readforums[$thread['fid']]; $read_cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24; if ($forum_read == 0 || $forum_read < $read_cutoff) { $forum_read = $read_cutoff; } } else { $forum_read = $forumsread[$thread['fid']]; } if ($mybb->settings['threadreadcut'] > 0 && $thread['lastpost'] > $forum_read) { $cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24; } if ($thread['lastpost'] > $cutoff) { if ($thread['lastpost'] > $cutoff) { if ($thread['lastread']) { $lastread = $thread['lastread']; } else { $lastread = 1; } } } if (!$lastread) { $readcookie = $threadread = my_get_array_cookie("threadread", $thread['tid']); if ($readcookie > $forum_read) { $lastread = $readcookie; } else { $lastread = $forum_read; } } if ($thread['lastpost'] > $lastread && $lastread) { $unreadpost = 1; } $topic_list[] = new xmlrpcval(array('forum_id' => new xmlrpcval($thread['fid'], 'string'), 'forum_name' => new xmlrpcval(basic_clean($thread['forumname']), 'base64'), 'topic_id' => new xmlrpcval($thread['tid'], 'string'), 'topic_title' => new xmlrpcval($thread['subject'], 'base64'), 'topic_author_id' => new xmlrpcval($thread['uid'], 'string'), 'post_author_name' => new xmlrpcval($thread['username'], 'base64'), 'can_subscribe' => new xmlrpcval(true, 'boolean'), 'is_subscribed' => new xmlrpcval((bool) $thread['subscribed'], 'boolean'), 'is_closed' => new xmlrpcval((bool) $thread['closed'], 'boolean'), 'short_content' => new xmlrpcval(process_short_content($thread['message'], $parser), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($thread['avatar']), 'string'), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($thread['lastpost']), 'dateTime.iso8601'), 'reply_number' => new xmlrpcval($thread['replies'], 'int'), 'view_number' => new xmlrpcval($thread['views'], 'int'), 'new_post' => new xmlrpcval($unreadpost, 'boolean'), 'can_delete' => new xmlrpcval(is_moderator($thread['fid'], "candeleteposts"), 'boolean'), 'can_close' => new xmlrpcval(is_moderator($thread['fid'], "canopenclosethreads"), 'boolean'), 'can_approve' => new xmlrpcval(is_moderator($thread['fid'], "canopenclosethreads"), 'boolean'), 'can_stick' => new xmlrpcval(is_moderator($thread['fid'], "canmanagethreads"), 'boolean'), 'can_merge' => new xmlrpcval(is_moderator($thread['fid'], "canmanagethreads"), 'boolean'), 'can_merge_post' => new xmlrpcval(is_moderator($thread['fid'], "canmanagethreads"), 'boolean'), 'can_move' => new xmlrpcval(is_moderator($thread['fid'], "canmovetononmodforum"), 'boolean'), 'can_ban' => new xmlrpcval($mybb->usergroup['canmodcp'] == 1, 'boolean'), 'can_rename' => new xmlrpcval(false, 'boolean'), 'is_ban' => new xmlrpcval($thread['isbanned'], 'boolean'), 'is_sticky' => new xmlrpcval($thread['sticky'], 'boolean'), 'is_approved' => new xmlrpcval(!!$thread['visible'], 'boolean'), 'is_deleted' => new xmlrpcval(false, 'boolean')), 'struct'); } } $result = new xmlrpcval(array('total_topic_num' => new xmlrpcval($threadcount, 'int'), 'topics' => new xmlrpcval($topic_list, 'array')), 'struct'); return new xmlrpcresp($result); }
$status_class = "trow_reputation_positive"; $vote_type_class = "reputation_positive"; $vote_type = $lang->positive; } } $vote_reputation = "({$vote_reputation})"; // Format the date this reputation was last modified $last_updated_date = my_date('relative', $reputation_vote['dateline']); $last_updated = $lang->sprintf($lang->last_updated, $last_updated_date); // Is this rating specific to a post? $postrep_given = ''; if ($reputation_vote['pid']) { $postrep_given = $lang->sprintf($lang->postrep_given_nolink, $user['username']); if (isset($post_reputation[$reputation_vote['pid']])) { $thread_link = get_thread_link($post_reputation[$reputation_vote['pid']]['tid']); $subject = htmlspecialchars_uni($parser->parse_badwords($post_reputation[$reputation_vote['pid']]['subject'])); $thread_link = $lang->sprintf($lang->postrep_given_thread, $thread_link, $subject); $link = get_post_link($reputation_vote['pid']) . "#pid{$reputation_vote['pid']}"; $postrep_given = $lang->sprintf($lang->postrep_given, $link, $user['username'], $thread_link); } } // Does the current user have permission to delete this reputation? Show delete link $delete_link = ''; if ($mybb->usergroup['issupermod'] == 1 || $mybb->usergroup['candeletereputations'] == 1 && $reputation_vote['adduid'] == $mybb->user['uid'] && $mybb->user['uid'] != 0) { eval("\$delete_link = \"" . $templates->get("reputation_vote_delete") . "\";"); } $report_link = ''; if ($mybb->user['uid'] != 0) { eval("\$report_link = \"" . $templates->get("reputation_vote_report") . "\";"); } // Parse smilies in the reputation vote
function save_raw_post_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $lang->load("editpost"); $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'post_title' => Tapatalk_Input::STRING, 'post_content' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'editreason' => Tapatalk_Input::STRING), $xmlrpc_params); $parser = new postParser(); // No permission for guests if (!$mybb->user['uid']) { return tt_no_permission(); } // Get post info $pid = $input['post_id']; $query = $db->simple_select("posts", "*", "pid='{$pid}'"); $post = $db->fetch_array($query); if (empty($input['post_title'])) { $input['post_title'] = $post['subject']; } if (!$post['pid']) { return xmlrespfalse($lang->error_invalidpost); } // Get thread info $tid = $post['tid']; $thread = get_thread($tid); if (!$thread['tid']) { return xmlrespfalse($lang->error_invalidthread); } $thread['subject'] = htmlspecialchars_uni($thread['subject']); // Get forum info $fid = $post['fid']; $forum = get_forum($fid); if (!$forum || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } $forumpermissions = forum_permissions($fid); if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } if ($forumpermissions['caneditposts'] == 0) { return tt_no_permission(); } if ($mybb->user['uid'] != $post['uid']) { return tt_no_permission(); } // Edit time limit $time = TIME_NOW; if ($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < $time - $mybb->settings['edittimelimit'] * 60) { $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); return xmlrespfalse($lang->edit_time_limit); } } // Check if this forum is password protected and we have a valid password tt_check_forum_password($forum['fid']); // Set up posthandler. require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("update"); $posthandler->action = "post"; // Set the post data that came from the input to the $post array. $post = array("pid" => $pid, "subject" => $input['post_title'], "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "edit_uid" => $mybb->user['uid'], "message" => $input['post_content']); if (version_compare($mybb->version, '1.8.0', '>=') && !empty($input['editreason'])) { $post["editreason"] = $input['editreason']; } // get subscription status $query = $db->simple_select("threadsubscriptions", 'notification', "uid='" . intval($mybb->user['uid']) . "' AND tid='" . intval($tid) . "'"); $substatus = $db->fetch_array($query); // Set up the post options from the input. $post['options'] = array("signature" => 1, "subscriptionmethod" => isset($substatus['notification']) ? $substatus['notification'] == 1 ? 'instant' : 'none' : '', "disablesmilies" => 0); $posthandler->set_data($post); // Now let the post handler do all the hard work. if (!$posthandler->validate_post()) { $post_errors = $posthandler->get_friendly_errors(); return xmlrespfalse(implode(" :: ", $post_errors)); } else { $postinfo = $posthandler->update_post(); $visible = $postinfo['visible']; $first_post = $postinfo['first_post']; // Help keep our attachments table clean. $db->delete_query("attachments", "filename='' OR filesize<1"); if ($visible == 0 && $first_post && !is_moderator($fid, "", $mybb->user['uid'])) { $state = 1; } else { if ($visible == 0 && !is_moderator($fid, "", $mybb->user['uid'])) { $state = 1; } else { $state = 0; } } } $pid = intval($pid); if (!empty($input['group_id_esc'])) { $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'"); } // update thread attachment account if (count($input['attachment_id_array']) > 0) { update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array']))); } $post = get_post($pid); $parser_options = array(); $parser_options['allow_html'] = false; $parser_options['allow_mycode'] = true; $parser_options['allow_smilies'] = false; $parser_options['allow_imgcode'] = true; $parser_options['allow_videocode'] = true; $parser_options['nl2br'] = (bool) $input['return_html']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } $post['message'] = $parser->parse_message($post['message'], $parser_options); $post['subject'] = $parser->parse_badwords($post['subject']); $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'state' => new xmlrpcval($state, 'int'), 'post_title' => new xmlrpcval($post['subject'], 'base64'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64')), 'struct'); return new xmlrpcresp($result); }
if ($thread['visible'] != 1 && $ismod == false || $thread['visible'] > 1 && $ismod == true) { error($lang->error_invalidthread); } add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions"); add_breadcrumb($lang->nav_addsubscription); $forumpermissions = forum_permissions($thread['fid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']) { error_no_permission(); } $referrer = ''; if ($server_http_referer) { $referrer = $server_http_referer; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']); $lang->subscribe_to_thread = $lang->sprintf($lang->subscribe_to_thread, $thread['subject']); $notification_none_checked = $notification_email_checked = $notification_pm_checked = ''; if ($mybb->user['subscriptionmethod'] == 1 || $mybb->user['subscriptionmethod'] == 0) { $notification_none_checked = "checked=\"checked\""; } else { if ($mybb->user['subscriptionmethod'] == 2) { $notification_email_checked = "checked=\"checked\""; } else { if ($mybb->user['subscriptionmethod'] == 3) { $notification_pm_checked = "checked=\"checked\""; } } } $plugins->run_hooks("usercp2_addsubscription_thread");
$banlift = $lang->unknown; } // Display a nice warning to the user eval('$bannedwarning = "' . $templates->get('global_bannedwarning') . '";'); } $lang->ajax_loading = str_replace("'", "\\'", $lang->ajax_loading); // Check if this user has a new private message. $pm_notice = ''; if (isset($mybb->user['pmnotice']) && $mybb->user['pmnotice'] == 2 && $mybb->user['pms_unread'] > 0 && $mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] != 0 && $mybb->usergroup['canview'] != 0 && ($current_page != "private.php" || $mybb->get_input('action') != "read")) { if (!isset($parser)) { require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new postParser(); } $query = $db->query("\n\t\tSELECT pm.subject, pm.pmid, fu.username AS fromusername, fu.uid AS fromuid\n\t\tFROM " . TABLE_PREFIX . "privatemessages pm\n\t\tLEFT JOIN " . TABLE_PREFIX . "users fu on (fu.uid=pm.fromid)\n\t\tWHERE pm.folder = '1' AND pm.uid = '{$mybb->user['uid']}' AND pm.status = '0'\n\t\tORDER BY pm.dateline DESC\n\t\tLIMIT 1\n\t"); $pm = $db->fetch_array($query); $pm['subject'] = $parser->parse_badwords($pm['subject']); if ($pm['fromuid'] == 0) { $pm['fromusername'] = $lang->mybb_engine; $user_text = $pm['fromusername']; } else { $user_text = build_profile_link($pm['fromusername'], $pm['fromuid']); } if ($mybb->user['pms_unread'] == 1) { $privatemessage_text = $lang->sprintf($lang->newpm_notice_one, $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject'])); } else { $privatemessage_text = $lang->sprintf($lang->newpm_notice_multiple, $mybb->user['pms_unread'], $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject'])); } eval('$pm_notice = "' . $templates->get('global_pm_alert') . '";'); } if ($mybb->settings['awactialert'] == 1 && $mybb->usergroup['cancp'] == 1) { $awaitingusers = $cache->read('awaitingactivation');
/** * Build a post bit * * @param array $post The post data * @param int $post_type The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post) * @return string The built post bit */ function build_postbit($post, $post_type = 0) { global $db, $altbg, $theme, $mybb, $postcounter, $profile_fields; global $titlescache, $page, $templates, $forumpermissions, $attachcache; global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid; global $plugins, $parser, $cache, $ignored_users, $hascustomtitle; $hascustomtitle = 0; // Set default values for any fields not provided here foreach (array('pid', 'aid', 'pmid', 'posturl', 'button_multiquote', 'subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_purgespammer', 'button_pm', 'button_pubkey', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm', 'replink', 'warninglevel') as $post_field) { if (empty($post[$post_field])) { $post[$post_field] = ''; } } // Set up the message parser if it doesn't already exist. if (!$parser) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } if (!function_exists("purgespammer_show")) { require_once MYBB_ROOT . "inc/functions_user.php"; } $unapproved_shade = ''; if (isset($post['visible']) && $post['visible'] == 0 && $post_type == 0) { $altbg = $unapproved_shade = 'unapproved_post'; } elseif (isset($post['visible']) && $post['visible'] == -1 && $post_type == 0) { $altbg = $unapproved_shade = 'unapproved_post deleted_post'; } elseif ($altbg == 'trow1') { $altbg = 'trow2'; } else { $altbg = 'trow1'; } $post['fid'] = $fid; switch ($post_type) { case 1: // Message preview global $forum; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = 0; break; case 2: // Private message global $message, $pmid; $idtype = 'pmid'; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; break; case 3: // Announcement global $announcementarray, $message; $parser_options['allow_html'] = $announcementarray['allowhtml']; $parser_options['allow_mycode'] = $announcementarray['allowmycode']; $parser_options['allow_smilies'] = $announcementarray['allowsmilies']; $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $announcementarray['aid']; break; default: // Regular post global $forum, $thread, $tid; $oldforum = $forum; $id = (int) $post['pid']; $idtype = 'pid'; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } break; } if (!$postcounter) { // Used to show the # of the post if ($page > 1) { if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) { $mybb->settings['postsperpage'] = 20; } $postcounter = $mybb->settings['postsperpage'] * ($page - 1); } else { $postcounter = 0; } $post_extra_style = "border-top-width: 0;"; } elseif ($mybb->input['mode'] == "threaded") { $post_extra_style = "border-top-width: 0;"; } else { $post_extra_style = "margin-top: 5px;"; } if (!$altbg) { // Define the alternate background colour if this is the first post $altbg = "trow1"; } $postcounter++; // Format the post date and time using my_date //$post['postdate'] = my_date('relative', $post['dateline']); $post['postdate'] = date('Y-m-d', $post['dateline']); // Dont want any little 'nasties' in the subject $post['subject'] = $parser->parse_badwords($post['subject']); // Pm's have been htmlspecialchars_uni()'ed already. if ($post_type != 2) { $post['subject'] = htmlspecialchars_uni($post['subject']); } if (empty($post['subject'])) { $post['subject'] = ' '; } $post['author'] = $post['uid']; $post['subject_title'] = $post['subject']; // Get the usergroup if ($post['userusername']) { if (!$post['displaygroup']) { $post['displaygroup'] = $post['usergroup']; } $usergroup = $groupscache[$post['displaygroup']]; } else { $usergroup = $groupscache[1]; } if (!is_array($titlescache)) { $cached_titles = $cache->read("usertitles"); if (!empty($cached_titles)) { foreach ($cached_titles as $usertitle) { $titlescache[$usertitle['posts']] = $usertitle; } } if (is_array($titlescache)) { krsort($titlescache); } unset($usertitle, $cached_titles); } // Work out the usergroup/title stuff $post['groupimage'] = ''; if (!empty($usergroup['image'])) { $language = $mybb->settings['bblanguage']; if (!empty($mybb->user['language'])) { $language = $mybb->user['language']; } $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']); $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']); eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";"); if ($mybb->settings['postlayout'] == "classic") { $post['groupimage'] .= "<br />"; } } if ($post['userusername']) { // This post was made by a registered user $post['username'] = $post['userusername']; $post['profilelink_plain'] = get_profile_link($post['uid']); $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']); $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']); if (trim($post['usertitle']) != "") { $hascustomtitle = 1; } if ($usergroup['usertitle'] != "" && !$hascustomtitle) { $post['usertitle'] = $usergroup['usertitle']; } elseif (is_array($titlescache) && !$usergroup['usertitle']) { reset($titlescache); foreach ($titlescache as $key => $titleinfo) { if ($post['postnum'] >= $key) { if (!$hascustomtitle) { $post['usertitle'] = $titleinfo['title']; } $post['stars'] = $titleinfo['stars']; $post['starimage'] = $titleinfo['starimage']; break; } } } $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); if ($usergroup['stars']) { $post['stars'] = $usergroup['stars']; } if (empty($post['starimage'])) { $post['starimage'] = $usergroup['starimage']; } if ($post['starimage'] && $post['stars']) { // Only display stars if we have an image to use... $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']); $post['userstars'] = ''; for ($i = 0; $i < $post['stars']; ++$i) { eval("\$post['userstars'] .= \"" . $templates->get("postbit_userstar", 1, 0) . "\";"); } $post['userstars'] .= "<br />"; } $postnum = $post['postnum']; $post['postnum'] = my_number_format($post['postnum']); $post['threadnum'] = my_number_format($post['threadnum']); // Determine the status to show for the user (Online/Offline/Away) /* $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_online")."\";"); } else { if($post['away'] == 1 && $mybb->settings['allowaway'] != 0) { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_away")."\";"); } else { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_offline")."\";"); } } */ // Show as always offline eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";"); $post['useravatar'] = ''; if (isset($mybb->user['showavatars']) && $mybb->user['showavatars'] != 0 || $mybb->user['uid'] == 0) { $useravatar = format_avatar($post['avatar'], $post['avatardimensions'], $mybb->settings['postmaxavatarsize']); eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";"); } $post['button_find'] = ''; if ($mybb->usergroup['cansearch'] == 1) { eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";"); } if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) { //eval("\$post['button_pm'] = \"".$templates->get("postbit_pm")."\";"); } $post['button_rep'] = ''; if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid'] && $post['visible'] == 1) { if (!$post['pid']) { $post['pid'] = 0; } eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";"); } if ($post['website'] != "" && !is_member($mybb->settings['hidewebsite']) && $usergroup['canchangewebsite'] == 1) { $post['website'] = htmlspecialchars_uni($post['website']); eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";"); } else { $post['button_www'] = ""; } if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) { eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";"); } else { $post['button_email'] = ""; } $post['userregdate'] = $lang->na; //my_date($mybb->settings['regdateformat'], $post['regdate']); // Work out the reputation this user has (only show if not announcement) if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) { $post['userreputation'] = get_reputation($post['reputation'], $post['uid']); eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";"); } // Showing the warning level? (only show if not announcement) if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) { if ($mybb->settings['maxwarningpoints'] < 1) { $mybb->settings['maxwarningpoints'] = 10; } $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); if ($warning_level > 100) { $warning_level = 100; } $warning_level = get_colored_warning_level($warning_level); // If we can warn them, it's not the same person, and we're in a PM or a post. if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) { eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";"); $warning_link = "warnings.php?uid={$post['uid']}"; } else { $post['button_warn'] = ''; $warning_link = "usercp.php"; } eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";"); } if ($post_type != 3 && $post_type != 1 && purgespammer_show($post['postnum'], $post['usergroup'], $post['uid'])) { eval("\$post['button_purgespammer'] = \"" . $templates->get('postbit_purgespammer') . "\";"); } // Display profile fields on posts - only if field is filled in if (is_array($profile_fields)) { foreach ($profile_fields as $field) { $fieldfid = "fid{$field['fid']}"; if (!empty($post[$fieldfid])) { $post['fieldvalue'] = ''; $post['fieldname'] = htmlspecialchars_uni($field['name']); $thing = explode("\n", $field['type'], "2"); $type = trim($thing[0]); $useropts = explode("\n", $post[$fieldfid]); if (is_array($useropts) && ($type == "multiselect" || $type == "checkbox")) { foreach ($useropts as $val) { if ($val != '') { eval("\$post['fieldvalue_option'] .= \"" . $templates->get("postbit_profilefield_multiselect_value") . "\";"); } } if ($post['fieldvalue_option'] != '') { eval("\$post['fieldvalue'] .= \"" . $templates->get("postbit_profilefield_multiselect") . "\";"); } } else { $field_parser_options = array("allow_html" => $field['allowhtml'], "allow_mycode" => $field['allowmycode'], "allow_smilies" => $field['allowsmilies'], "allow_imgcode" => $field['allowimgcode'], "allow_videocode" => $field['allowvideocode'], "filter_badwords" => 1); if ($customfield['type'] == "textarea") { $field_parser_options['me_username'] = $post['username']; } else { $field_parser_options['nl2br'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $field_parser_options['allow_imgcode'] = 0; } $post['fieldvalue'] = $parser->parse_message($post[$fieldfid], $field_parser_options); } eval("\$post['profilefield'] .= \"" . $templates->get("postbit_profilefield") . "\";"); } } } eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";"); } else { // Message was posted by a guest or an unknown user $post['profilelink'] = format_name($post['username'], 1); if ($usergroup['usertitle']) { $post['usertitle'] = $usergroup['usertitle']; } else { $post['usertitle'] = $lang->guest; } $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); $usergroup['title'] = $lang->na; $post['userregdate'] = $lang->na; $post['postnum'] = $lang->na; $post['button_profile'] = ''; $post['button_email'] = ''; $post['button_www'] = ''; $post['signature'] = ''; $post['button_pm'] = $lang->na; $post['button_find'] = ''; $post['onlinestatus'] = ''; $post['replink'] = ''; eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";"); } $post['button_edit'] = ''; $post['button_quickdelete'] = ''; $post['button_quickrestore'] = ''; $post['button_quote'] = ''; $post['button_quickquote'] = ''; $post['button_report'] = ''; $post['button_reply_pm'] = ''; $post['button_replyall_pm'] = ''; $post['button_forward_pm'] = ''; $post['button_delete_pm'] = ''; // For private messages, fetch the reply/forward/delete icons if ($post_type == 2 && $post['pmid']) { global $replyall; eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";"); eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";"); eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";"); if ($replyall == true) { eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";"); } } $post['editedmsg'] = ''; if (!$post_type) { // Figure out if we need to show an "edited by" message if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) { //$post['editdate'] = my_date('relative', $post['edittime']); $post['editdate'] = $lang->na; $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate']); $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']); $editreason = ""; if ($post['editreason'] != "") { $post['editreason'] = $parser->parse_badwords($post['editreason']); $post['editreason'] = htmlspecialchars_uni($post['editreason']); eval("\$editreason = \"" . $templates->get("postbit_editedby_editreason") . "\";"); } eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";"); } $time = TIME_NOW; if (is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid'] && $thread['closed'] != 1 && $mybb->usergroup['edittimelimit'] == 0 && $mybb->user['uid'] != 0) { eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";"); } // Quick Delete button $can_delete_thread = $can_delete_post = 0; if ($mybb->user['uid'] == $post['uid'] && $thread['closed'] == 0) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete_thread = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete_post = 1; } } } $postbit_qdelete = $postbit_qrestore = ''; if ($mybb->user['uid'] != 0) { if ((is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts") || $can_delete_post == 1) && $postcounter != 1) { $postbit_qdelete = $lang->postbit_qdelete_post; $display = ''; if ($post['visible'] == -1) { $display = "none"; } eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } else { if ((is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads") || $can_delete_thread == 1) && $postcounter == 1) { $postbit_qdelete = $lang->postbit_qdelete_thread; $display = ''; if ($post['visible'] == -1) { $display = "none"; } eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } } // Restore Post if (is_moderator($fid, "canrestoreposts") && $postcounter != 1) { $display = "none"; if ($post['visible'] == -1) { $display = ''; } $postbit_qrestore = $lang->postbit_qrestore_post; eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";"); } else { if (is_moderator($fid, "canrestorethreads") && $postcounter == 1) { $display = "none"; if ($post['visible'] == -1) { $display = ""; } $postbit_qrestore = $lang->postbit_qrestore_thread; eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";"); } } } // Inline moderation stuff if ($ismod) { if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) { $inlinecheck = "checked=\"checked\""; $inlinecount++; } else { $inlinecheck = ""; } eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";"); if ($post['visible'] == 0) { $invisiblepost = 1; } } else { $post['inlinecheck'] = ""; } $post['postlink'] = get_post_link($post['pid'], $post['tid']); $post_number = my_number_format($postcounter); eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";"); global $forum, $thread; if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid'], "canpostclosedthreads")) && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1)) { eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";"); } if ($forumpermissions['canpostreplys'] != 0 && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1) && ($thread['closed'] != 1 || is_moderator($fid, "canpostclosedthreads")) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) { eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";"); } if ($mybb->user['uid'] != "0") { eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";"); } } elseif ($post_type == 3) { if ($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanageannounce'] == 1 && is_moderator($fid, "canmanageannouncements")) { eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";"); eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";"); } } $post['iplogged'] = ''; $show_ips = $mybb->settings['logip']; //$ipaddress = my_inet_ntop($db->unescape_binary($post['ipaddress'])); $ipaddress = '127.0.0.1'; // Show post IP addresses... PMs now can have IP addresses too as of 1.8! if ($post_type == 2) { $show_ips = $mybb->settings['showpmip']; } if (!$post_type || $post_type == 2) { if ($show_ips != "no" && !empty($post['ipaddress'])) { if ($show_ips == "show") { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";"); } else { if ($show_ips == "hide" && (is_moderator($fid, "canviewips") || $mybb->usergroup['issupermod'])) { $action = 'getip'; if ($post_type == 2) { $action = 'getpmip'; } eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";"); } } } } if (isset($post['smilieoff']) && $post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_imgcode'] = 0; } if ($mybb->user['showvideos'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_videocode'] = 0; } // If we have incoming search terms to highlight - get it done. if (!empty($mybb->input['highlight'])) { $parser_options['highlight'] = $mybb->input['highlight']; $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']); } $post['message'] = $parser->parse_message($post['message'], $parser_options); // Validate key $keyinfo = user_key_info($post['uid']); $post['signstatus']; if ($keyinfo['status'] == "OK") { $post['signstatus'] = "<span style=\"color: #07a407;\" title=\"Fingerprint: {$keyinfo['fingerprint']}\">✓ podpisano przez {$post['profilelink']}</span>"; } // Jid link $ujid = user_jid($post['uid']); $post['jidlink'] = $ujid; // User key $post['userpubkey'] = $keyinfo['key']; if ($keyinfo['key'] != "") { eval("\$post['button_pubkey'] = \"" . $templates->get("postbit_pubkey") . "\";"); } else { $post['button_pubkey']; } $post['attachments'] = ''; if ($mybb->settings['enableattachments'] != 0) { get_post_attachments($id, $post); } if (isset($post['includesig']) && $post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts']) && !is_member($mybb->settings['hidesignatures'])) { $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($usergroup['signofollow']) { $sig_parser['nofollow_on'] = 1; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $sig_parser['allow_imgcode'] = 0; } $post['signature'] = $parser->parse_message($post['signature'], $sig_parser); eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";"); } else { $post['signature'] = ""; } $icon_cache = $cache->read("posticons"); if (isset($post['icon']) && $post['icon'] > 0 && $icon_cache[$post['icon']]) { $icon = $icon_cache[$post['icon']]; $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); eval("\$post['icon'] = \"" . $templates->get("postbit_icon") . "\";"); } else { $post['icon'] = ""; } $post_visibility = $ignore_bit = ''; switch ($post_type) { case 1: // Message preview $post = $plugins->run_hooks("postbit_prev", $post); break; case 2: // Private message $post = $plugins->run_hooks("postbit_pm", $post); break; case 3: // Announcement $post = $plugins->run_hooks("postbit_announcement", $post); break; default: // Regular post $post = $plugins->run_hooks("postbit", $post); // Is this author on the ignore list of the current user? Hide this post if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) { $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']); eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";"); $post_visibility = "display: none;"; } break; } if ($mybb->settings['postlayout'] == "classic") { eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";"); } else { eval("\$postbit = \"" . $templates->get("postbit") . "\";"); } $GLOBALS['post'] = ""; return $postbit; }
// Make sure we can view this thread if ($forumpermissions[$thread['fid']]['canview'] == 0 || $forumpermissions[$thread['fid']]['canviewthreads'] == 0 || $forumpermissions[$thread['fid']]['canonlyviewownthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) { continue; } $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']); $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']); // Don't link to guest's profiles (they have no profile). if ($thread['lastposteruid'] == 0) { $lastposterlink = $thread['lastposter']; } else { $lastposterlink = build_profile_link($thread['lastposter'], $thread['lastposteruid']); } if (my_strlen($thread['subject']) > 25) { $thread['subject'] = my_substr($thread['subject'], 0, 25) . "..."; } $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); $thread['threadlink'] = get_thread_link($thread['tid']); $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); eval("\$threadlist .= \"" . $templates->get("portal_latestthreads_thread") . "\";"); $altbg = alt_trow(); } if ($threadlist) { // Show the table only if there are threads eval("\$latestthreads = \"" . $templates->get("portal_latestthreads") . "\";"); } } $announcements = ''; if (!empty($mybb->settings['portal_announcementsfid'])) { // Get latest news announcements // First validate announcement fids: $announcementsfids = explode(',', $mybb->settings['portal_announcementsfid']);
$user = get_user(intval($warning['uid'])); $page->add_breadcrumb_item($lang->warning_details, "index.php?module=tools-warninglog&action=view&wid={$warning['wid']}"); $page->output_header($lang->warning_details); $user_link = build_profile_link($user['username'], $user['uid'], "_blank"); if (is_array($warn_errors)) { $page->output_inline_error($warn_errors); $mybb->input['reason'] = htmlspecialchars_uni($mybb->input['reason']); } $table = new Table(); $post_link = ""; if ($warning['post_subject']) { if (!is_object($parser)) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']); $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']); $post_link = get_post_link($warning['pid']); $table->construct_cell("<strong>{$lang->warned_user}</strong><br /><br />{$user_link}"); $table->construct_cell("<strong>{$lang->post}</strong><br /><br /><a href=\"{$mybb->settings['bburl']}/{$post_link}\" target=\"_blank\">{$warning['post_subject']}</a>"); $table->construct_row(); } else { $table->construct_cell("<strong>{$lang->warned_user}</strong><br /><br />{$user_link}", array('colspan' => 2)); $table->construct_row(); } $issuedby = build_profile_link($warning['username'], $warning['issuedby'], "_blank"); $notes = nl2br(htmlspecialchars_uni($warning['notes'])); $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']) . ", " . my_date($mybb->settings['timeformat'], $warning['dateline']); if ($warning['type_title']) { $warning_type = $warning['type_title']; } else {
$thread_cache[$readthread['tid']]['lastread'] = $readthread['dateline']; } } foreach ($thread_cache as $thread) { $bgcolor = alt_trow(); $folder = ''; $prefix = ''; // Unapproved colour if (!$thread['visible']) { $bgcolor = 'trow_shaded'; } if ($thread['userusername']) { $thread['username'] = $thread['userusername']; } $thread['profilelink'] = build_profile_link($thread['username'], $thread['uid']); $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']); if ($icon_cache[$thread['icon']]) { $posticon = $icon_cache[$thread['icon']]; $icon = "<img src=\"" . $posticon['path'] . "\" alt=\"" . $posticon['name'] . "\" />"; } else { $icon = " "; } if ($thread['poll']) { $prefix = $lang->poll_prefix; } // Determine the folder $folder = ''; $folder_label = ''; if ($thread['dot_icon']) { $folder = "dot_";
require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Load global language phrases $lang->load("sendthread"); // Get thread info $tid = intval($mybb->input['tid']); $thread = get_thread($tid); // Get thread prefix $breadcrumbprefix = ''; if ($thread['prefix']) { $threadprefix = build_prefixes($thread['prefix']); if (isset($threadprefix['displaystyle'])) { $breadcrumbprefix = $threadprefix['displaystyle'] . ' '; } } $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); // Invalid thread if (!$thread['tid']) { error($lang->error_invalidthread); } // Guests cannot use this feature if (!$mybb->user['uid']) { error_no_permission(); } $fid = $thread['fid']; // Make navigation build_forum_breadcrumb($thread['fid']); add_breadcrumb($breadcrumbprefix . $thread['subject'], get_thread_link($thread['tid'])); add_breadcrumb($lang->nav_sendthread); // Get forum info $forum = get_forum($thread['fid']);
/** * Performs cleanup of a quoted message, such as replacing /me commands, before presenting quoted post to the user. * * @param array quoted post info, taken from the DB (requires the 'message', 'username', 'pid' and 'dateline' entries to be set; will use 'userusername' if present) * @param boolean whether to call remove_message_quotes() on the quoted message * @return string the cleaned up message, wrapped in a quote tag */ function parse_quoted_message(&$quoted_post, $remove_message_quotes = true) { global $parser, $lang, $plugins; if (!isset($parser)) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } // Swap username over if we have a registered user if ($quoted_post['userusername']) { $quoted_post['username'] = $quoted_post['userusername']; } // Clean up the message $quoted_post['message'] = preg_replace(array('#(^|\\r|\\n)/me ([^\\r\\n<]*)#i', '#(^|\\r|\\n)/slap ([^\\r\\n<]*)#i', '#\\[attachment=([0-9]+?)\\]#i'), array("\\1* {$quoted_post['username']} \\2", "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", ""), $quoted_post['message']); $quoted_post['message'] = $parser->parse_badwords($quoted_post['message']); if ($remove_message_quotes) { global $mybb; $max_quote_depth = intval($mybb->settings['maxquotedepth']); if ($max_quote_depth) { $quoted_post['message'] = remove_message_quotes($quoted_post['message'], $max_quote_depth - 1); // we're wrapping the message in a [quote] tag, so take away one quote depth level } } $quoted_post = $plugins->run_hooks("parse_quoted_message", $quoted_post); return "[quote='{$quoted_post['username']}' pid='{$quoted_post['pid']}' dateline='{$quoted_post['dateline']}']\n{$quoted_post['message']}\n[/quote]\n\n"; }
/** * Format an alert into it's output string to be used in both the main * alerts listing page and the popup. * * @param MybbStuff_MyAlerts_Entity_Alert $alert The alert to format. * * @return string The formatted alert string. */ public function formatAlert(MybbStuff_MyAlerts_Entity_Alert $alert, array $outputAlert) { $alertContent = $alert->getExtraDetails(); $threadLink = $this->buildShowLink($alert); return $this->lang->sprintf($this->lang->myalerts_post_threadauthor, $outputAlert['from_user'], htmlspecialchars_uni($this->parser->parse_badwords($alertContent['t_subject']))); }
/** * Insert a thread into the database. * * @return array Array of new thread details, tid and visibility. */ function insert_thread() { global $db, $mybb, $plugins, $cache, $lang; // Yes, validating is required. if (!$this->get_validated()) { die("The thread needs to be validated before inserting it into the DB."); } if (count($this->get_errors()) > 0) { die("The thread is not valid."); } $thread =& $this->data; // Fetch the forum this thread is being made in $forum = get_forum($thread['fid']); // This thread is being saved as a draft. if ($thread['savedraft']) { $visible = -2; } else { $forumpermissions = forum_permissions($thread['fid'], $thread['uid']); // Decide on the visibility of this post. if ($forumpermissions['modthreads'] == 1 && !is_moderator($thread['fid'], "", $thread['uid'])) { $visible = 0; } else { $visible = 1; } // Are posts from this user being moderated? Change visibility if ($mybb->user['uid'] == $thread['uid'] && $mybb->user['moderateposts'] == 1) { $visible = 0; } } // Have a post ID but not a thread ID - fetch thread ID if (!empty($thread['pid']) && !$thread['tid']) { $query = $db->simple_select("posts", "tid", "pid='{$thread['pid']}"); $thread['tid'] = $db->fetch_field($query, "tid"); } if (isset($thread['pid']) && $thread['pid'] > 0) { $query = $db->simple_select("posts", "pid", "pid='{$thread['pid']}' AND uid='{$thread['uid']}' AND visible='-2'"); $draft_check = $db->fetch_field($query, "pid"); } else { $draft_check = false; } // Are we updating a post which is already a draft? Perhaps changing it into a visible post? if ($draft_check) { $this->thread_insert_data = array("subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "lastpost" => (int) $thread['dateline'], "lastposter" => $db->escape_string($thread['username']), "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread", $this); $db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'"); $this->post_insert_data = array("subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "message" => $db->escape_string($thread['message']), "ipaddress" => $db->escape_binary(my_inet_pton(get_ip())), "includesig" => $thread['options']['signature'], "smilieoff" => $thread['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread_post", $this); $db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'"); $this->tid = $thread['tid']; $this->pid = $thread['pid']; } else { $this->thread_insert_data = array("fid" => $thread['fid'], "subject" => $db->escape_string($thread['subject']), "prefix" => (int) $thread['prefix'], "icon" => (int) $thread['icon'], "uid" => $thread['uid'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "lastpost" => (int) $thread['dateline'], "lastposter" => $db->escape_string($thread['username']), "views" => 0, "replies" => 0, "visible" => $visible, "notes" => ''); $plugins->run_hooks("datahandler_post_insert_thread", $this); $this->tid = $db->insert_query("threads", $this->thread_insert_data); $this->post_insert_data = array("tid" => $this->tid, "fid" => $thread['fid'], "subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "uid" => $thread['uid'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "message" => $db->escape_string($thread['message']), "ipaddress" => $db->escape_binary(my_inet_pton(get_ip())), "includesig" => $thread['options']['signature'], "smilieoff" => $thread['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread_post", $this); $this->pid = $db->insert_query("posts", $this->post_insert_data); // Now that we have the post id for this first post, update the threads table. $firstpostup = array("firstpost" => $this->pid); $db->update_query("threads", $firstpostup, "tid='{$this->tid}'"); } // If we're not saving a draft there are some things we need to check now if (!$thread['savedraft']) { if ($thread['options']['subscriptionmethod'] != "" && $thread['uid'] > 0) { switch ($thread['options']['subscriptionmethod']) { case "pm": $notification = 2; break; case "email": $notification = 1; break; default: $notification = 0; } require_once MYBB_ROOT . "inc/functions_user.php"; add_subscribed_thread($this->tid, $notification, $thread['uid']); } // Perform any selected moderation tools. if (is_moderator($thread['fid'], "", $thread['uid']) && is_array($thread['modoptions'])) { $lang->load($this->language_file, true); $modoptions = $thread['modoptions']; $modlogdata['fid'] = $thread['fid']; if (isset($thread['tid'])) { $modlogdata['tid'] = $thread['tid']; } $modoptions_update = array(); // Close the thread. if (!empty($modoptions['closethread'])) { $modoptions_update['closed'] = 1; log_moderator_action($modlogdata, $lang->thread_closed); } // Stick the thread. if (!empty($modoptions['stickthread'])) { $modoptions_update['sticky'] = 1; log_moderator_action($modlogdata, $lang->thread_stuck); } // Execute moderation options. if ($modoptions_update) { $db->update_query('threads', $modoptions_update, "tid='{$this->tid}'"); } } if ($visible == 1) { // If we have a registered user then update their post count and last post times. if ($thread['uid'] > 0) { $user = get_user($thread['uid']); $update_query = array(); // Only update the lastpost column of the user if the date of the thread is newer than their last post. if ($thread['dateline'] > $user['lastpost']) { // Yes this has a single quote within a double quote. It's not a bug. $update_query['lastpost'] = "'{$thread['dateline']}'"; } // Update the post count if this forum allows post counts to be tracked if ($forum['usepostcounts'] != 0) { $update_query['postnum'] = "postnum+1"; } if ($forum['usethreadcounts'] != 0) { $update_query['threadnum'] = 'threadnum+1'; } // Only update the table if we need to. if (!empty($update_query)) { $db->update_query("users", $update_query, "uid='{$thread['uid']}'", 1, true); } } if (!isset($forum['lastpost'])) { $forum['lastpost'] = 0; } $done_users = array(); // Queue up any forum subscription notices to users who are subscribed to this forum. $excerpt = my_substr($thread['message'], 0, $mybb->settings['subscribeexcerpt']) . $lang->emailbit_viewthread; // Parse badwords require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $excerpt = $parser->parse_badwords($excerpt); $query = $db->query("\n\t\t\t\t\tSELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate\n\t\t\t\t\tFROM " . TABLE_PREFIX . "forumsubscriptions fs\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=fs.uid)\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (g.gid=u.usergroup)\n\t\t\t\t\tWHERE fs.fid='" . (int) $thread['fid'] . "'\n\t\t\t\t\tAND fs.uid != '" . (int) $thread['uid'] . "'\n\t\t\t\t\tAND u.lastactive > '{$forum['lastpost']}'\n\t\t\t\t\tAND g.isbannedgroup != 1\n\t\t\t\t"); while ($subscribedmember = $db->fetch_array($query)) { if ($done_users[$subscribedmember['uid']]) { continue; } $done_users[$subscribedmember['uid']] = 1; $forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { continue; } if (!is_moderator($thread['fid'], "", $subscribedmember['uid']) && $forumpermissions['canonlyviewownthreads'] == 1) { // In a 'view own only' forum and not a moderator continue; } // Determine the language pack we'll be using to send this email in and load it if it isn't already. if ($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) { $uselang = $subscribedmember['language']; } else { if ($mybb->settings['bblanguage']) { $uselang = $mybb->settings['bblanguage']; } else { $uselang = "english"; } } if ($uselang == $mybb->settings['bblanguage']) { $emailsubject = $lang->emailsubject_forumsubscription; $emailmessage = $lang->email_forumsubscription; } else { if (!isset($langcache[$uselang]['emailsubject_forumsubscription'])) { $userlang = new MyLanguage(); $userlang->set_path(MYBB_ROOT . "inc/languages"); $userlang->set_language($uselang); $userlang->load("messages"); $langcache[$uselang]['emailsubject_forumsubscription'] = $userlang->emailsubject_forumsubscription; $langcache[$uselang]['email_forumsubscription'] = $userlang->email_forumsubscription; unset($userlang); } $emailsubject = $langcache[$uselang]['emailsubject_forumsubscription']; $emailmessage = $langcache[$uselang]['email_forumsubscription']; } $emailsubject = $lang->sprintf($emailsubject, $forum['name']); $post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']); $emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $thread['username'], $forum['name'], $mybb->settings['bbname'], $thread['subject'], $excerpt, $mybb->settings['bburl'], get_thread_link($this->tid), $thread['fid'], $post_code); $new_email = array("mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => ''); $db->insert_query("mailqueue", $new_email); unset($userlang); $queued_email = 1; } // Have one or more emails been queued? Update the queue count if (isset($queued_email) && $queued_email == 1) { $cache->update_mailqueue(); } } } // Assign any uploaded attachments with the specific posthash to the newly created post. if ($thread['posthash']) { $thread['posthash'] = $db->escape_string($thread['posthash']); $attachmentassign = array("pid" => $this->pid, "posthash" => ''); $db->update_query("attachments", $attachmentassign, "posthash='{$thread['posthash']}' AND pid='0'"); } if ($visible == 1) { update_last_post($this->tid); update_forum_counters($thread['fid'], array("threads" => "+1", "posts" => "+1")); update_forum_lastpost($thread['fid']); } else { if ($visible == 0) { update_forum_counters($thread['fid'], array("unapprovedthreads" => "+1", "unapprovedposts" => "+1")); } } $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'"); $attachmentcount = $db->fetch_field($query, "attachmentcount"); if ($attachmentcount > 0) { update_thread_counters($this->tid, array("attachmentcount" => "+{$attachmentcount}")); } // Return the post's pid and whether or not it is visible. $this->return_values = array("pid" => $this->pid, "tid" => $this->tid, "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread_end", $this); return $this->return_values; }
$numthreads = $stats['numthreads']; if ($numthreads == 0) { $thread_percent = "0"; } else { $thread_percent = $memprofile['threadnum'] * 100 / $numthreads; $thread_percent = round($thread_percent, 2); } if ($thread_percent > 100) { $thread_percent = 100; } $awaybit = ''; if ($memprofile['away'] == 1 && $mybb->settings['allowaway'] != 0) { $lang->away_note = $lang->sprintf($lang->away_note, $memprofile['username']); $awaydate = my_date($mybb->settings['dateformat'], $memprofile['awaydate']); if (!empty($memprofile['awayreason'])) { $reason = $parser->parse_badwords($memprofile['awayreason']); $awayreason = htmlspecialchars_uni($reason); } else { $awayreason = $lang->away_no_reason; } if ($memprofile['returndate'] == '') { $returndate = "{$lang->unknown}"; } else { $returnhome = explode("-", $memprofile['returndate']); // PHP native date functions use integers so timestamps for years after 2038 will not work // Thus we use adodb_mktime if ($returnhome[2] >= 2038) { require_once MYBB_ROOT . "inc/functions_time.php"; $returnmkdate = adodb_mktime(0, 0, 0, $returnhome[1], $returnhome[0], $returnhome[2]); $returndate = my_date($mybb->settings['dateformat'], $returnmkdate, "", 1, true); } else {
} $icon_cache = $cache->read("posticons"); $threadprefixes = build_prefixes(); $threads = ''; // Now we can build our subscription list foreach ($subscriptions as $thread) { $bgcolor = alt_trow(); $folder = ''; $prefix = ''; $thread['threadprefix'] = ''; // If this thread has a prefix, insert a space between prefix and subject if ($thread['prefix'] != 0 && !empty($threadprefixes[$thread['prefix']])) { $thread['threadprefix'] = $threadprefixes[$thread['prefix']]['displaystyle'] . ' '; } // Sanitize $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']); // Build our links $thread['threadlink'] = get_thread_link($thread['tid']); $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost"); // Fetch the thread icon if we have one if ($thread['icon'] > 0 && $icon_cache[$thread['icon']]) { $icon = $icon_cache[$thread['icon']]; $icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']); $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); eval("\$icon = \"" . $templates->get("usercp_subscriptions_thread_icon") . "\";"); } else { $icon = " "; } // Determine the folder
while ($attachment = $db->fetch_array($query)) { $attachcache[$attachment['pid']][$attachment['aid']] = $attachment; } require_once MYBB_ROOT . "inc/functions_post.php"; get_post_attachments($post['pid'], $post); } // Figure out if we need to show an "edited by" message // Only show if at least one of "showeditedby" or "showeditedbyadmin" is enabled if ($mybb->settings['showeditedby'] != 0 && $mybb->settings['showeditedbyadmin'] != 0) { $post['editdate'] = my_date('relative', TIME_NOW); $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate']); $post['editedprofilelink'] = build_profile_link($mybb->user['username'], $mybb->user['uid']); $post['editreason'] = trim($editreason); $editreason = ""; if ($post['editreason'] != "") { $post['editreason'] = $parser->parse_badwords($post['editreason']); $post['editreason'] = htmlspecialchars_uni($post['editreason']); eval("\$editreason = \"" . $templates->get("postbit_editedby_editreason") . "\";"); } eval("\$editedmsg = \"" . $templates->get("postbit_editedby") . "\";"); } // Send our headers. header("Content-type: application/json; charset={$charset}"); $editedmsg_response = null; if ($editedmsg) { $editedmsg_response = str_replace(array("\r", "\n"), "", $editedmsg); } $plugins->run_hooks("xmlhttp_update_post"); echo json_encode(array("message" => $post['message'] . "\n", "editedmsg" => $editedmsg_response)); exit; }
if (!$posthandler->validate_post()) { $post_errors = $posthandler->get_friendly_errors(); $errors = implode("\n\n", $post_errors); xmlhttp_error($errors); } else { $posthandler->update_post(); if ($ismod == true) { $modlogdata = array("tid" => $thread['tid'], "fid" => $forum['fid']); log_moderator_action($modlogdata, $lang->edited_post); } } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Send our headers. header("Content-type: text/plain; charset={$charset}"); $mybb->input['value'] = $parser->parse_badwords($mybb->input['value']); // Spit the subject back to the browser. echo substr($mybb->input['value'], 0, 120); // 120 is the varchar length for the subject column // Close the connection. exit; } else { if ($mybb->input['action'] == "edit_post") { // Fetch the post from the database. $post = get_post($mybb->input['pid']); // No result, die. if (!$post['pid']) { xmlhttp_error($lang->post_doesnt_exist); } // Fetch the thread associated with this post. $thread = get_thread($post['tid']);