Exemple #1
0
 public function output()
 {
     global $vbulletin;
     if (!isset($vbulletin->userinfo['permissions']['cms'])) {
         vBCMS_Permissions::getUserPerms();
     }
     $publishlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canpublish']);
     $viewlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['allview']);
     $rst = vB::$vbulletin->db->query_read_slave("SELECT node.nodeid, node.parentnode, node.url, node.permissionsfrom,\n\t\t\tnode.setpublish, node.publishdate, node.noderight, info.title FROM " . TABLE_PREFIX . "cms_node AS node INNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = node.nodeid\n\t\t\t WHERE node.contenttypeid = " . vB_Types::instance()->getContentTypeID("vBCms_Section") . "  AND\n\t\t((node.permissionsfrom IN ({$viewlist})  AND node.hidden = 0 ) OR (node.permissionsfrom IN ({$publishlist})))\n\t\t\t ORDER BY node.nodeleft");
     $nodes = array();
     $noderight = 0;
     while ($record = vB::$vbulletin->db->fetch_array($rst)) {
         if (!in_array($record['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canedit']) and !(in_array($record['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canview']) and $record['setpublish'] == '1' and $record['publishdate'] < TIMENOW) or $record['noderight'] < $noderight) {
             //We need to skip this record and all its children
             $noderight = $record['permissionsfrom'];
             continue;
         }
         $nodes[] = $record;
     }
     if (count($nodes)) {
         reset($nodes);
         $nodes = $this->setNavArray($nodes);
         return $nodes;
     }
 }
 public function output()
 {
     global $vbulletin;
     $sectionid = 1;
     //First we'll generate the category list
     //compose the sql
     $rst = vB::$vbulletin->db->query_read($sql = "SELECT parent.category AS parentcat, cat.categoryid, cat.category,\n\t\tcat.catleft, cat.catright, info.title AS node, parentnode.nodeid, count(nodecat.nodeid) as qty\n\tFROM " . TABLE_PREFIX . "cms_node AS node\n\t\tINNER JOIN " . TABLE_PREFIX . "cms_node AS parentnode ON (node.nodeleft >= parentnode.nodeleft AND node.nodeleft <= parentnode.noderight)\n\t\tINNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = parentnode.nodeid\n\tINNER JOIN " . TABLE_PREFIX . "cms_category AS parent on parent.parentnode = node.nodeid\n\t\tINNER JOIN " . TABLE_PREFIX . "cms_category AS cat ON (cat.catleft >= parent.catleft AND cat.catleft <= parent.catright)\n\t\tLEFT JOIN " . TABLE_PREFIX . "cms_nodecategory AS nodecat ON nodecat.categoryid = cat.categoryid\n\t\tWHERE parentnode.nodeid = " . $sectionid . " AND " . vBCMS_Permissions::getPermissionString() . "\n\t\tGROUP BY parent.category, cat.categoryid, cat.category,\n\t\tcat.catleft, cat.catright, info.title, parentnode.nodeid\n\t\tORDER BY node.nodeleft, catleft;");
     $parents = array();
     $level = 0;
     $nodes = array();
     if ($record = vB::$vbulletin->db->fetch_array($rst)) {
         $record['level'] = $level;
         $record['route_info'] = $record['categoryid'] . ($record['category'] != '' ? '-' . str_replace(' ', '-', $record['category']) : '');
         $nodes[strtolower($record['category'])] = $parents[0] = $record;
         $last_category = -1;
         while ($record = vB::$vbulletin->db->fetch_array($rst)) {
             $record['route_info'] = $record['categoryid'] . ($record['category'] != '' ? '-' . str_replace(' ', '-', $record['category']) : '');
             if ($record['categoryid'] == $last_category) {
                 continue;
             }
             //note that since we're already sorted by by catleft we don't need to check that.
             while (intval($record['catright']) > intval($parents['level']['catright']) and $level > 0) {
                 $level--;
             }
             $level++;
             $record['level'] = $level;
             $nodes[strtolower($record['category'])] = $parents[$level] = $record;
             $last_category = $record['categoryid'];
         }
     }
     ksort($nodes);
     return $nodes;
 }
Exemple #3
0
	public function can_add_tag()
	{
		if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
		{
			vBCMS_Permissions::getUserPerms();
		}
		//until we have better developed permissions, limit tagging
		//to item editors only.
		return vBCMS_Permissions::canEdit($this->fetch_content_info()->getNodeId());
	}
Exemple #4
0
 protected function fetchCanViewCmsArticle($nodeid)
 {
     // The process query handles the infernal CMS
     if (!($node = $this->content['cms_node'][$nodeid])) {
         return false;
     }
     if ($node['publishdate'] > TIMENOW or !$node['published']) {
         return false;
     }
     $canview = vBCMS_Permissions::canView($node['nodeid']);
     return $canview;
 }
Exemple #5
0
	/**
	 * Authorise the current user for the current action.
	 */
	protected function authorizeAction()
	{
		
		if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
		{
			vBCMS_Permissions::getUserPerms();
		}
		
		if (!(vB::$vbulletin->userinfo['permissions']['cms']['admin']))
		{
			throw (new vB_Exception_AccessDenied());
		}
	}
Exemple #6
0
 public function process()
 {
     if (!vB::$vbulletin->products['vbcms']) {
         return true;
     }
     if (!$this->content['cms_nodeid']) {
         return true;
     }
     $nodes = vB::$db->query_read_slave("\n\t\t\tSELECT\n\t\t\t\tnode.nodeid AS n_nodeid, node.url AS n_url, node.comments_enabled AS n_comments_enabled, node.userid AS n_userid,\n\t\t\t\tni.viewcount AS n_viewcount, ni.title AS n_title, ni.html_title AS n_html_title, a.contentid AS n_contentid,\n\t\t\t\ta.pagetext AS a_pagetext, a.contentid AS a_contentid, node.nodeid AS a_nodeid, node.parentnode AS n_parentnode,\n\t\t\t\tthread.replycount AS n_replycount, node.publishdate AS n_publishdate, node.setpublish AS n_published\n\t\t\tFROM " . TABLE_PREFIX . "cms_node AS node\n\t\t\tINNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS ni ON (node.nodeid = ni.nodeid)\n\t\t\tINNER JOIN " . TABLE_PREFIX . "cms_article AS a ON (node.contentid = a.contentid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = ni.associatedthreadid)\n\t\t\tWHERE\n\t\t\t\tnode.nodeid IN (" . implode(",", array_keys($this->content['cms_nodeid'])) . ")\n\t\t\t\t\tAND\n\t\t\t\t" . vBCMS_Permissions::getPermissionString() . "\n\t\t");
     while ($node = vB::$db->fetch_array($nodes)) {
         $this->content['cms_node'][$node['n_nodeid']] = $this->parse_array($node, 'n_');
         $this->content['cms_article'][$node['a_contentid']] = $this->parse_array($node, 'a_');
         $this->content['userid'][$node['n_userid']] = 1;
     }
     $this->content['cms_nodeid'] = array();
 }
Exemple #7
0
 public function process()
 {
     if (!vB::$vbulletin->products['vbcms']) {
         return true;
     }
     if (!$this->content['cms_postid']) {
         return true;
     }
     $posts = vB::$db->query_read_slave("\n\t\t\tSELECT\n\t\t\t\tp.pagetext AS p_pagetext, p.postid AS p_postid, p.threadid AS p_threadid, p.title AS p_title, p.visible AS p_visible, p.userid AS p_userid, p.username AS p_username,\n\t\t\t\tni.nodeid AS p_nodeid, ni.viewcount AS ni_viewcount, node.nodeid AS ni_nodeid, ni.title AS ni_title, ni.html_title AS ni_html_title,\n\t\t\t\tnode.url AS ni_url, node.comments_enabled AS ni_comments_enabled, node.userid AS ni_userid, node.parentnode AS ni_parentnode,\n\t\t\t\ta.pagetext AS a_pagetext, a.contentid AS a_contentid, node.nodeid AS a_nodeid, a.contentid AS ni_contentid, thread.replycount AS ni_replycount,\n\t\t\t\tnode.publishdate AS ni_publishdate, node.setpublish AS ni_published, thread.forumid AS p_forumid\n\t\t\tFROM " . TABLE_PREFIX . "post AS p\n\t\t\tINNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS ni ON (p.threadid = ni.associatedthreadid)\n\t\t\tINNER JOIN " . TABLE_PREFIX . "cms_node AS node ON (ni.nodeid = node.nodeid)\n\t\t\tINNER JOIN " . TABLE_PREFIX . "cms_article AS a ON (node.contentid = a.contentid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = p.threadid)\n\t\t\tWHERE\n\t\t\t\tp.postid IN (" . implode(",", array_keys($this->content['cms_postid'])) . ")\n\t\t\t\t\tAND\n\t\t\t\t" . vBCMS_Permissions::getPermissionString() . "\n\t\t");
     while ($post = vB::$db->fetch_array($posts)) {
         unset($this->content['cms_nodeid'][$post['ni_nodeid']]);
         $this->content['cms_post'][$post['p_postid']] = $this->parse_array($post, 'p_');
         $this->content['userid'][$post['p_userid']] = 1;
         if (!$this->content['cms_node'][$post['ni_nodeid']]) {
             $this->content['cms_node'][$post['ni_nodeid']] = $this->parse_array($post, 'ni_');
             $this->content['cms_article'][$post['a_contentid']] = $this->parse_array($post, 'a_');
             $this->content['userid'][$post['ni_userid']] = 1;
         }
     }
     $this->content['cms_postid'] = array();
 }
Exemple #8
0
	public function getCount()
	{
		$hook_query_fields = $hook_query_joins = $hook_query_where = '';
		($hook = vBulletinHook::fetch_hook($this->query_hook)) ? eval($hook) : false;

		// Internal hooks for loading content with QUERY_BASIC


		//		if ($this->requireLoad(vBCms_Item_Content::INFO_CONTENT))
		//		{
		$content_query_fields = $this->getContentQueryFields();
		$content_query_joins = $this->getContentQueryJoins();
		$content_query_where = $this->getContentQueryWhere();
		//		}

		$filter_notcontenttype = $this->getFilterNotContentTypeSql();

		//make sure permissions are loaded.
		if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
		{
			vBCMS_Permissions::getUserPerms();
		}
		if (!count(vB::$vbulletin->userinfo['permissions']['cms']['allview']))
		{
			return false;
		}
		$sql = "SELECT count(node.nodeid) AS qty
		FROM " . TABLE_PREFIX . "cms_node AS node"
		.	($this->filter_node ?
		" INNER JOIN " . TABLE_PREFIX . "cms_node AS rootnode
			ON rootnode.nodeid = " . intval($this->filter_node) : '') .
		"	$content_query_joins
		$hook_query_joins
		LEFT JOIN " . TABLE_PREFIX . "cms_sectionorder AS sectionorder ON sectionorder.sectionid = " . intval($this->filter_node) ."
			AND sectionorder.nodeid = node.nodeid
		WHERE (1=1) ".
		($this->filter_contenttype ? "AND node.contenttypeid = " . intval($this->filter_contenttype) . " " : '') .
		($this->filter_contentid ? "AND node.contentid = " . intval($this->contentid) . " ": '') .
		($this->filter_node ? "AND (node.nodeleft >= rootnode.nodeleft AND node.nodeleft <= rootnode.noderight) AND node.nodeleft != rootnode.nodeleft " : '') .
		($this->filter_nosections ? "AND node.issection != '1' " : '') .
		($this->filter_onlysections ? "AND node.issection = '1' " : '') .
		($this->filter_userid ? "AND node.userid = " . intval($this->filter_userid) . " " : '') .
		($this->filter_published ? "AND node.setpublish = '1' AND node.publishdate <= " . intval(TIMENOW) . " " : '') .
		($this->filter_unpublished ? "AND node.setpublish = '0' OR node.publishdate > " . intval(TIMENOW) . " " : '') . "
		" . ((($this->filter_contenttype AND ($this->filter_contenttype == vB_Types::instance()->getContentTypeID("vBCms_Section"))) OR $this->filter_onlysections)
		? '' : "AND node.new != 1 ")
		. 				 (intval($this->filter_node_exact) ? "AND (node.parentnode = " . $this->filter_node_exact . " OR sectionorder.displayorder > 0 )": '')
		. (($this->orderby == 5) ? " AND sectionorder.displayorder > 0 " : '') .

		($this->filter_ignorepermissions ? '' : " AND " .  vBCMS_Permissions::getPermissionString())
		.
		"
		$filter_notcontenttype
		$content_query_where
		$hook_query_where ";

		if ($record = vB::$vbulletin->db->query_first($sql))
		{
			return intval($record['qty']);
		}
	}
Exemple #9
0
	private static function renderResult($userinfo, $post_array, $permissions,
		$forumperms, $target_url, $nodeid)
	{

		if (!count($post_array))
		{
			return '';
		}
		require_once DIR . '/includes/functions_bigthree.php' ;
		require_once DIR . '/includes/class_postbit.php' ;

		fetch_phrase_group('showthread');
		fetch_phrase_group('postbit');

		global $vbphrase;
		global $template_hook;
		global $show;
		global $thread;
		$thread = $thread->get_record();
		$threadinfo = verify_id('thread', $thread['threadid'], 1, 1);
		$foruminfo = verify_id('forum', $threadinfo['forumid'], 1, 1);
		$firstpostid = false;

		$displayed_dateline = 0;
		if (vB::$vbulletin->options['threadmarking'] AND vB::$vbulletin->userinfo['userid'])
		{
			$threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - (vB::$vbulletin->options['markinglimit'] * 86400));
		}
		else
		{
			$threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
			if (!$threadview)
			{
				$threadview = vB::$vbulletin->userinfo['lastvisit'];
			}
		}
		require_once DIR . '/includes/functions_user.php';
		$show['inlinemod'] = false;
		$postids = array();

		if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
		{
			vBCMS_Permissions::getUserPerms();
		}



		$postids = ' post.postid in ('
 			. implode(', ', $post_array) .')';


		$posts =  vB::$vbulletin->db->query_read($sql = "
			SELECT
			post.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,
			user.*, userfield.*, usertextfield.*,
			" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "
			" . iif( vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "
			" . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "
				" . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "
				editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,
				editlog.reason AS edit_reason, editlog.hashistory,
				postparsed.pagetext_html, postparsed.hasimages,
				sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,
				sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,
				IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,
			 	customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight
				" . iif(!($permissions['genericpermissions'] &  vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']),  vB::$vbulletin->profilefield['hidden']) . "
				$hook_query_fields
			FROM " . TABLE_PREFIX . "post AS post
			LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)
			LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)
			LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)
			" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "
			" . iif( vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "
			" . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "
				$deljoin
			LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)
			LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")
			LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")
			LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)
			LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)
				$hook_query_joins
			WHERE $postids
			ORDER BY post.dateline
		");

		if (!($forumperms &  vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) AND !($forumperms &  vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment']))
		{
			 vB::$vbulletin->options['attachthumbs'] = 0;
		}

		if (!($forumperms &  vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment']))
		{
			 vB::$vbulletin->options['viewattachedimages'] = 0;
		}

		$postcount = count($postid_array);

		$counter = 0;
		$postbits = '';
		 vB::$vbulletin->noheader = true;
		$postbit_factory = new vB_Postbit_Factory();
		$postbit_factory->registry =  vB::$vbulletin;
		$postbit_factory->forum = $foruminfo;
		$postbit_factory->thread = $thread;
		$postbit_factory->cache = array();
		$postbit_factory->bbcode_parser = new vB_BbCodeParser( vB::$vbulletin, fetch_tag_list());
		//We need to tell the parser to handle quotes differently.
		$postbit_factory->bbcode_parser->set_quote_template('vbcms_bbcode_quote');
		$postbit_factory->bbcode_parser->set_quote_vars(array('page_url' => $target_url .
			(strpos($target_url, '?') == false ? '?' : '&')));
		$show['return_node'] = $nodeid;
		$show['avatar'] = 1;

		while ($post =  vB::$vbulletin->db->fetch_array($posts))
		{
			if (! self::canViewPost($post, $permissions) )
			{
				continue;
			}

			if (! intval($post['userid']))
			{
				$post['avatarid'] = false;
			}
			else if (!$post['hascustomavatar'])
			{
				if ($post['profilepic'])
				{
					$post['hascustomavatar'] = 1;
					$post['avatarid'] = true;
					$post['avatarpath'] = "./image.php?u=" . $post['userid']  . "&amp;dateline=" . $post['profilepicdateline'] . "&amp;type=profile";
					$post['avwidth'] = $post['ppwidth'];
					$post['avheight'] = $post['ppheight'];
				}
				else
				{
					$post['hascustomavatar'] = 1;
					$post['avatarid'] = true;
					// explicity setting avatarurl to allow guests comments to show unknown avatar
					$post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif';
					$post['avwidth'] = 60;
					$post['avheight'] = 60;
				}
			}

			if ($tachyuser = in_coventry($post['userid']) AND !can_moderate($thread['forumid']))
			{
				continue;
			}

			if ($post['visible'] == 1 AND !$tachyuser)
			{
				++$counter;
				if ($postorder)
				{
					$post['postcount'] = --$postcount;
				}
				else
				{
					$post['postcount'] = ++$postcount;
				}
			}

			if ($tachyuser)
			{
				$fetchtype = 'post_global_ignore';
			}
			else if ($ignore["$post[userid]"])
			{
				$fetchtype = 'post_ignore';
			}
			else if ($post['visible'] == 2)
			{
				$fetchtype = 'post_deleted';
			}
			else
			{
				$fetchtype = 'post';
			}

			if (
				( vB::$vbulletin->GPC['viewfull'] AND $post['postid'] == $postinfo['postid'] AND $fetchtype != 'post')
				AND
				(can_moderate($threadinfo['forumid']) OR !$post['isdeleted'])
				)
			{
				$fetchtype = 'post';
			}

			($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;

			$postbit_obj = $postbit_factory->fetch_postbit($fetchtype);
			$postbit_obj->set_template_prefix('vbcms_');

			if ($fetchtype == 'post')
			{
				$postbit_obj->highlight = $replacewords;
			}

			if (!$firstpostid)
			{
				$firstpostid = $post['postid'];
			}

			$post['islastshown'] = ($post['postid'] == $lastpostid);
			$post['isfirstshown'] = ($counter == 1 AND $fetchtype == 'post' AND $post['visible'] == 1);
			$post['islastshown'] = ($post['postid'] == $lastpostid);
			$post['attachments'] = $postattach["$post[postid]"];

			$parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false);


			$this_postbit = $postbit_obj->construct_postbit($post);

			$this_template = vB_Template::create('vbcms_comments_detail');
			$this_template->register('postid', $post['postid'] );
			$this_template->register('postbit', $this_postbit);
			$this_template->register('indent', $post_array[$this_key]['level'] * $pixel_indent);

			$postbits .= $this_template->render();
			$LASTPOST = $post;

			// Only show after the first post, counter isn't incremented for deleted/moderated posts

			if ($post_cachable AND $post['pagetext_html'] == '')
			{
				if (!empty($saveparsed))
				{
					$saveparsed .= ',';
				}
				$saveparsed .= "($post[postid], " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
			}

			if (!empty($postbit_obj->sig_cache) AND $post['userid'])
			{
				if (!empty($save_parsed_sigs))
				{
					$save_parsed_sigs .= ',';
				}
				$save_parsed_sigs .= "($post[userid], " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
			}
		}


		if ($LASTPOST['dateline'] > $displayed_dateline)
		{
			$displayed_dateline = $LASTPOST['dateline'];
			if ($displayed_dateline <= $threadview)
			{
				$updatethreadcookie = true;
			}
		}

		if ($firstpostid)
		{
			$this_template->register('FIRSTPOSTID', $firstpostid );
		}

		if ($lastpostid)
		{
			$this_template->register('LASTPOSTID', $lastpostid);
		}
		// Set thread last view
		if ($displayed_dateline AND $displayed_dateline > $threadview)
		{
			mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline);
		}

		vB::$vbulletin->db->free_result($posts);
		unset($post);
		return $postbits;
	}
Exemple #10
0
$show['pingback'] = ($vbulletin->options['vbblog_pingback'] and $vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canreceivepingback'] ? true : false);
$show['trackback'] = ($vbulletin->options['vbblog_trackback'] and $vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canreceivepingback'] ? true : false);
$show['notify'] = ($vbulletin->options['vbblog_notifylinks'] and $vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_cansendpingback'] ? true : false);
$navbits = array();
/* Check they can view a blog, any blog */
if (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) {
    if (!$vbulletin->userinfo['userid'] or !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])) {
        print_no_permission();
    }
}
($hook = vBulletinHook::fetch_hook('blog_start')) ? eval($hook) : false;
//We'll need this in a bit. This is the info to mark as escalate to Article
if ($vbulletin->products['vbcms']) {
    if (!isset(vB::$vbulletin->userinfo['permissions']['cms'])) {
        require_once DIR . '/packages/vbcms/permissions.php';
        vBCMS_Permissions::getUserPerms();
    }
}
// #######################################################################
if ($_REQUEST['do'] == 'blog') {
    $vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'goto' => TYPE_STR, 'uh' => TYPE_BOOL));
    $bloginfo = verify_blog($blogid);
    verify_seo_url('entry', $bloginfo, array('pagenumber' => $_REQUEST['pagenumber']));
    track_blog_visit($bloginfo['userid']);
    $wheresql = array();
    $state = array('visible');
    ($hook = vBulletinHook::fetch_hook('blog_entry_start')) ? eval($hook) : false;
    if (can_moderate_blog('canmoderateentries') or is_member_of_blog($vbulletin->userinfo, $bloginfo)) {
        $state[] = 'moderation';
    }
    if (can_moderate_blog() or is_member_of_blog($vbulletin->userinfo, $bloginfo)) {
Exemple #11
0
	/** This function gets the article information based on the defined criteria
	*
	 * @return	array
	 */
	protected function getContent()
	{
		// First, compose the sql
		$sql = "SELECT node.contenttypeid, node.url, node.publishdate, node.userid,
		node.setpublish, node.publicpreview, info.title, user.username, node.showuser,
		node.nodeid, node.contenttypeid, thread.replycount FROM "
		. TABLE_PREFIX . "cms_node AS node
		INNER JOIN "	. TABLE_PREFIX . "contenttype AS type on type.contenttypeid = node.contenttypeid
		INNER JOIN "	. TABLE_PREFIX . "cms_nodeinfo AS info on info.nodeid = node.nodeid "
		. ( (($this->config['categories'] != '') AND ($this->config['categories'] != '0')) ?
			" INNER JOIN " . TABLE_PREFIX .
		"cms_nodecategory nc ON nc.nodeid = node.nodeid " : '') .	"
		LEFT JOIN "	. TABLE_PREFIX . "user AS user ON user.userid = node.userid
		LEFT JOIN "	. TABLE_PREFIX . "thread AS thread ON thread.threadid = info.associatedthreadid
		WHERE type.isaggregator = '0' AND " . vBCMS_Permissions::getPermissionString() ;
	
		if (($this->config['categories'] != '') AND ($this->config['categories'] != '0') )
		{
			$sql .= "\n AND nc.categoryid IN (" . $this->config['categories'] . ")\n";
		}

		if (($this->config['sections'] != '') AND ($this->config['sections'] != '0'))
		{

			$sql .= "\n AND node.parentnode IN (" . $this->config['sections'] . ")\n";
		}

		if (isset($this->config['days']) AND (intval($this->config['days'])) )
		{
			$sql .= "\n AND node.publishdate > " . (TIMENOW - (86400 * $this->config['days'])) . "\n";
		}

		$sql .= "\n ORDER BY node.publishdate DESC LIMIT " . $this->config['count'];
		$items = array();
	
		//Execute
		if ($rst = vB::$db->query_read($sql))
		{
			$current_record = array('contentid' => -1);
			//now build the results array
			while($item = vB::$db->fetch_array($rst))
			{
				$item['categories'] = array();
				$item['tags'] = array();
				$class = vB_Types::instance()->getContentTypeClass($item['contenttypeid']);
				$package = vB_Types::instance()->getContentTypePackage($item['contenttypeid']);
				$node = vBCms_Content::create($package, $class, $item['nodeid']);
				$item['pagetext'] = $item['previewtext'] = '';
					
				//get the avatar
				if (vB::$vbulletin->options['avatarenabled'])
				{
					$item['avatar'] = fetch_avatar_url($item['userid']);
				}
				
				if (method_exists($node, 'getPageText'))
				{
					$item['pagetext'] = fetch_censored_text($node->getPageText());
				}
				
				if (method_exists($node, 'getPreviewText'))
				{
					$item['previewtext'] = fetch_censored_text($node->getPreviewText());
				}
				else if (!empty($item['pagetext']))
				{
					$item['previewtext'] = vB_Search_Searchtools::getSummary($item['pagetext'], 200);
				}
				
				if (method_exists($node, 'getPreviewImage'))
				{
					$item['pagetext'] = fetch_censored_text($node->getPageText());
				}
								
				$items[$item['nodeid']]  = $item;
			}

			//Let's get the tags and the categories
			// we can do that with one query each.
			if (count($articles))
			{
				//first let's get categories
				$nodeids = implode(', ', array_keys($item));
				$sql = "SELECT nc.nodeid, nc.categoryid, category.category FROM " . TABLE_PREFIX . "cms_nodecategory AS nc
				INNER JOIN "	. TABLE_PREFIX . "cms_category AS category ON category.categoryid = nc.categoryid
				WHERE nc.nodeid IN ($nodeids)";
				if ($rst = vB::$db->query_read($sql))
				{
					while ($record = vB::$db->fetch_array($rst))
					{
						$route_info = $record['categoryid'] .
							($record['category'] != '' ? '-' . str_replace(' ', '-', $record['category']) : '');
						$record['route_info'] = $route_info;
						$record['category_url'] = vB_Route::create('vBCms_Route_List', "category/" . $record['route_info'] . "/1")->getCurrentURL();

						$items[$record['nodeid']]['categories'][$record['categoryid']] = $record;
					}
				}

				//next tags;
				$sql = "SELECT tag.tagid, node.nodeid, tag.tagtext FROM " .
				TABLE_PREFIX . "cms_node AS node INNER JOIN " .	TABLE_PREFIX .
				"tagcontent AS tc ON (tc.contentid = node.contentid AND  tc.contenttypeid = node.contenttypeid)
				INNER JOIN " .	TABLE_PREFIX .
				"tag AS tag ON tag.tagid = tc.tagid
				 WHERE node.nodeid IN ($nodeids) ";
				if ($rst = vB::$db->query_read($sql))
				{
					while ($record = vB::$db->fetch_array($rst))
					{
						$items[$record['nodeid']]['tags'][$record['tagid']] = $record['tagtext'];
					}
				}
			}
		}
		return $items;
	}
Exemple #12
0
	/**
	 * Fetches the standard page view for a widget.
	 *
	 * @param bool $skip_errors					- If using a collection, omit widgets that throw errors
	 * @return vBCms_View_Widget				- The resolved view, or array of views
	 */
	public function getPageView()
	{

		$this->assertWidget();

		if (! isset($vbulletin->userinfo['permissions']['cms']))
		{
			vBCMS_Permissions::getUserPerms();
		}
		// Create view
		$config = $this->widget->getConfig();
		if (!isset($config['template_name']) OR ($config['template_name'] == '') )
		{
			$config['template_name'] = 'vbcms_widget_sectionnav_page';
		}

		$canviewlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['viewonly']);
		$caneditlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canedit']);
		$for_node = intval($this->content->getContentTypeId()) == intval(vb_Types::instance()->getContentTypeID("vBCms_Section")) ?
			$this->content->getNodeId() : $this->content->getParentId();
		// Create view
		$view = new vBCms_View_Widget($config['template_name']);
		if ( $link_nodes = vB_Cache::instance()->read($cache_key = $this->getHash($this->widget->getId(), $for_node), false, true))
		{
			$links_before = $link_nodes['links_before'];
			$links_above = $link_nodes['links_above'];
			$links_sibling = $link_nodes['links_sibling'];
			$links_children = $link_nodes['links_children'];
			$links_after = $link_nodes['links_after'];
			$myself = $link_nodes['myself'];
		}
		else
		{
			//If we're on a section, we show for this nodeid. If we're on
			// on a leaf-type node we show for the parent

			$section_possibles = vBCms_ContentManager::getSections();
			$my_left = $this->content->getNodeLeft();
			$my_right = $this->content->getNodeRight();
			$my_parent = $this->content->getParentId();
			$my_nodeid = $this->content->getNodeId();
			$my_title = '';

			$links_above = array();
			$links_before = array();
			$links_above = array();
			$links_sibling = array();
			$links_after = array();
			$links_children = array();
			$top_level = array();

			if (! isset(vB::$vbulletin->userinfo['permissions']['cms']) )
			{
				vBCMS_Permissions::getUserPerms();
			}
			$route = new vBCms_Route_Content();
			$route->setParameter('action', 'view');

			$homeid = $sections[0]['nodeid'];
			//Now let's scan the array;
			$indent = 0;
			$i = 1;
			$noderight = 0;
			//Let's remove items we're not supposed to see.
			$sections= array();
			foreach ($section_possibles as $key => $section)
			{
				if (/** This user has permissions to view this record **/
					( in_array($section['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canedit'])
					OR (in_array($section['permissionsfrom'],vB::$vbulletin->userinfo['permissions']['cms']['canview'] )
					AND $section['setpublish'] == '1' AND $section['publishdate'] < TIMENOW ))
					AND /** This user also has rights to the parents **/
					($section['noderight'] > $noderight))
				{
					$sections[] = $section;
				}
				else
				{
					//So the children will be skipped
					$noderight = $section['noderight'];
				}
			}

			//First the sections ahead of us
			while($i < count($sections) AND $my_left > $sections[$i]['nodeleft'])
			{
				$route->node = $sections[$i]['nodeid'] . (strlen($sections[$i]['url']) ? '-' . $sections[$i]['url'] : '' );

				//see if it's a top-level
				if ($sections[$i]['parentnode'] == $homeid)
				{
					$links_before[] =  array('title' => $sections[$i]['title'],
					'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => 0);
				}//is it a sibling?
				else if ($my_parent == $sections[$i]['parentnode'])
				{
					$links_sibling[] =  array('title' => $sections[$i]['title'],
						 'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => 0);
				}

				$i++;
			}

			//Now our parentage and children
			while($i < count($sections)  AND $my_right > $sections[$i]['nodeleft'])
			{
				$route->node = $sections[$i]['nodeid'] . (strlen($sections[$i]['url']) ? '-' . $sections[$i]['url'] : '' );
				if ($my_nodeid == $sections[$i]['parentnode'])
				{
					$links_children[] =  array('title' => $sections[$i]['title'],
						 'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => ($indent) * 10);
				}
				else if ($my_nodeid == $sections[$i]['nodeid'])
				{
					$myself =  array('title' => $sections[$i]['title'],
						 'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => $indent * 10);
			}
				else
			{
					$links_above[] =  array('title' => $sections[$i]['title'],
						 'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => $indent * 10);
					$my_title = $sections[$i]['title'];
					$indent++;

				}
				$i++;
			}

			//Now the afters
			while ($i < count($sections))
			{
				$route->node = $sections[$i]['nodeid'] . (strlen($sections[$i]['url']) ? '-' . $sections[$i]['url'] : '' );

				if ($sections[$i]['parentnode'] == $homeid)
				{
					$links_after[] =  array('title' => $sections[$i]['title'],
					'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => 0);
				}
				else if ($my_parent == $sections[$i]['parentnode'])
				{
					$links_sibling[] =  array('title' => $sections[$i]['title'],
						 'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => 0);
				}
				$i++;
			}

			foreach($links_sibling as $key => $value)
			{
				$links_sibling[$key]['indent'] = $indent * 10;
			}

			$route->node = $sections[1]['nodeid'] . (strlen($sections[1]['url']) ? '-' . $sections[1]['url'] : '' );
			//We have the pieces, now let's string them together;
			//Top level first

			$links_before = array_merge(array(array('title' => $sections[0]['title'],
					'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => 0)), $links_before);
			//Now write to the cache
			vB_Cache::instance()->write($cache_key,
				   array('links_before' => $links_before, 'links_above' => $links_above,
				   'links_sibling' => $links_sibling , 'links_after' => $links_after,
				   'links_children' => $links_children, 'myself' => $myself ), $this->cache_ttl,
					array('section_nav_' . $for_node, 'sections_updated'));
		}

		//The first record is the root

		$view->links_before = $links_before;
		$view->links_above = $links_above;
		$view->links_sibling = $links_sibling;
		$view->links_children = $links_children;
		$view->links_after = $links_after;
		$view->myself = $myself;
		$view->widget_title = $this->widget->getTitle();

		return $view;
	}
Exemple #13
0
	/**
	 * Fetches the standard page view for a widget.
	 *
	 * @param bool $skip_errors					- If using a collection, omit widgets that throw errors
	 * @return vBCms_View_Widget				- The resolved view, or array of views
	 */
	public function getPageView()
	{

		$this->assertWidget();

		if (! isset($vbulletin->userinfo['permissions']['cms']))
		{
			vBCMS_Permissions::getUserPerms();
		}
		$config = $this->widget->getConfig();

		if (!isset($config['template_name']) OR ($config['template_name'] == '') )
		{
			$config['template_name'] = $this->default_template;
		}

		$view = new vBCms_View_Widget($config['template_name']);
		$view->widget_title = $this->widget->getTitle();
		$view->menu_static = ($config['menu_type'] == 1 ? 'true' : 'false');
		$view->show_all_tree_elements_threshold = $config['show_all_tree_elements_threshold'];


		//see if we can get from cache;
		if ($sectionlist = vB_Cache::instance()->read($this->getHash($this->widget->getId(), 'all'), true, true))
		{
			$view->nodelist = $this->arrangeSection($sectionlist, $this->content->getNodeId());
			$view->nodes = $this->setNavArray($sectionlist);
			return $view;
		}

		$publishlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canpublish']);
		$viewlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['allview']);
			$rst = vB::$vbulletin->db->query_read("SELECT node.nodeid, node.parentnode, node.url, node.permissionsfrom,
			node.setpublish, node.publishdate, node.noderight, info.title FROM " . TABLE_PREFIX .
			"cms_node AS node INNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = node.nodeid
			 WHERE node.contenttypeid = " .
		vB_Types::instance()->getContentTypeID("vBCms_Section") . "  AND
		((node.permissionsfrom IN ($viewlist)  AND node.hidden = 0 ) OR (node.permissionsfrom IN ($publishlist)))
			 ORDER BY node.nodeleft");
		$nodes = array();
		$noderight = 0;

		while($record = vB::$vbulletin->db->fetch_array($rst))
		{
			if (/** This user doesn have permissions to view this record **/
				(! in_array($record['permissionsfrom'],vB::$vbulletin->userinfo['permissions']['cms']['canedit'])
				AND !(in_array($record['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canview'] )
				AND $record['setpublish'] == '1' AND $record['publishdate'] < TIMENOW ))
				OR /** This user didn't have rights to a parent **/
				($record['noderight'] < $noderight))
			{
				//We need to skip this record and all its children
				$noderight = $record['permissionsfrom'];
				continue;
			}
			$nodes[] = $record;
		}

		if (count($nodes))
		{
			vB_Cache::instance()->write($this->getHash($this->widget->getId(), 'all'),
				$nodes, $this->cache_ttl, array('sections_updated'));
			reset($nodes);
			$view->nodelist = $this->arrangeSection($nodes, $this->content->getNodeId());
			$view->nodes = $this->setNavArray($nodes);
			return $view;
		}
		return false;
	}
Exemple #14
0
 	public static function getPermissionString($userid = false)
 	{
 		if (($userid === false) AND ($userid !== 0))
 		{
 			$userid = vB::$vbulletin->userinfo['userid'];
 		}

 		if (($userid == vB::$vbulletin->userinfo['userid']) AND self::$permission_string)
 		{
 			return self::$permission_string;
 		}


 		require_once DIR . '/includes/class_bootstrap_framework.php' ;
 		vB_Bootstrap_Framework::init();

 		$can_view = array();
 		$blocked = array();
 		$perms = self::getPerms($userid);

 		//We need to block out unpublished sections.
		$sections = vBCms_ContentManager::getSections();
 		foreach($sections as $section)
 		{
 			$can_view_this = (intval($section['setpublish']) > 0) && ($section['publishdate'] < TIMENOW);
 			if (!$can_view_this)
 			{
 				$blocked[$section['nodeid']] = 1;
 				if (isset($can_view[$section['nodeid']]))
 				{
 					unset($can_view[$section['nodeid']]);
 				}
 			}
 			else if (!isset($can_view[$section['nodeid']]) AND ! isset($blocked[$section['nodeid']]))
 			{
 				$can_view[$section['nodeid']] = 1;
 			}
 		}

 		$canedit = array_unique(array_merge($perms['canedit'],
 				$perms['canpublish']));
 		self::$permission_string = "( (node.permissionsfrom IN (" . implode(',', $canedit) .
			"))";

 		if (intval($userid))
 		{
 			self::$permission_string .= " OR (node.userid =" . vB::$vbulletin->userinfo['userid'] . ") ";
 		}

 		if (!empty($can_view))
 		{
 			self::$permission_string .= " OR ( node.permissionsfrom in (" .
 				implode(',', $perms['canview']) . ") AND (node.parentnode IN (" .
				implode(',', array_keys($can_view)) . ")" .
				(isset($can_view[1]) ? " OR node.nodeid = 1" : "") . "))";
 		}

 		self::$permission_string .= ")";
 		return self::$permission_string;
 	}
	/**
	 * Fetches the standard page view for a widget.
	 *
	 * @param bool $skip_errors					- If using a collection, omit widgets that throw errors
	 * @return vBCms_View_Widget				- The resolved view, or array of views
	 */
	public function getPageView()
	{
		$this->assertWidget();

		$config = $this->widget->getConfig();
		if (!isset($config['template_name']) OR ($config['template_name'] == '') )
		{
			$config['template_name'] = 'vbcms_widget_categorynavcurrent_page';
		}

		// Create view
		$view = new vBCms_View_Widget($config['template_name']);
		$this->sectionid = $this->content->getContentTypeId() == vb_Types::instance()->getContentTypeID("vBCms_Section") ?
			$this->content->getNodeId() : $this->content->getParentId();

		try
		{
			$categoryid = max(1, intval(vB_Router::getSegment('value')));
		}
		catch (vB_Exception_Router $e)
		{
			$categoryid = 0;
		}

		if (!$nodes = vB_Cache::instance()->read($cache_key = $this->getHash($this->widget->getId(), $this->sectionid), true, true
			))
		{
			//First we'll generate the category list

			//compose the sql
			$rst = vB::$vbulletin->db->query_read($sql = "SELECT  parent.category AS parentcat, cat.categoryid, cat.category,
			cat.catleft, cat.catright, info.title AS node, node.nodeid, count(nodecat.nodeid) as qty
      	FROM " . TABLE_PREFIX . "cms_node AS node
			INNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = node.nodeid
      	INNER JOIN " . TABLE_PREFIX . "cms_category AS parent on parent.parentnode = node.nodeid
			INNER JOIN " . TABLE_PREFIX . "cms_category AS cat ON (cat.catleft >= parent.catleft AND cat.catleft <= parent.catright)
			LEFT JOIN " . TABLE_PREFIX . "cms_nodecategory AS nodecat ON nodecat.categoryid = cat.categoryid
			WHERE node.nodeid = " . $this->sectionid . " AND " . vBCMS_Permissions::getPermissionString() . "
			GROUP BY parent.category, cat.categoryid, cat.category,
			cat.catleft, cat.catright, info.title
			ORDER BY catleft;");

			$parents = array();
			$level = 0;
			$nodes = array();
			if ($record = vB::$vbulletin->db->fetch_array($rst))
			{
				$record['level'] = $level;
				$record['route_info'] = $record['categoryid'] .
					($record['category'] != '' ? '-' . str_replace(' ', '-', $record['category']) : '');
				$nodes[strtolower($record['category'])] = $parents[0] = $record;
				$last_category = -1;

				while($record = vB::$vbulletin->db->fetch_array($rst))
				{
					$record['route_info'] = $record['categoryid'] .
						($record['category'] != '' ? '-' . str_replace(' ', '-', $record['category']) : '');

					if ($record['categoryid'] == $last_category )
					{
						continue;
					}

					//note that since we're already sorted by by catleft we don't need to check that.
					while((intval($record['catright']) > intval($parents['level']['catright'])) AND $level > 0)
					{
						$level--;
					}
					$level++;
					$record['level'] = $level;

					$nodes[strtolower($record['category'])] = $parents[$level] = $record;
					$last_category = $record['categoryid'];
				}
			}
			ksort($nodes);
			$key = array_keys($nodes);
			$size = sizeOf($key);
			for ($i = 0; $i < $size; $i++)
			{
				if ($categoryid == $nodes[$key[$i]]['categoryid'])
				{
					$nodes[$key[$i]]['myself'] = true;
				}
				else
				{
					$nodes[$key[$i]]['myself'] = false;
				}
			}
			vB_Cache::instance()->write($cache_key,
				$nodes, $this->cache_ttl, 'categories_updated');
		}

		foreach ($nodes as $nodeid => $record)
		{
			$route = vB_Route::create('vBCms_Route_List', "category/" . $record['route_info'] . "/1")->getCurrentURL();
			$nodes[$nodeid]['view_url'] = $route;

		}
		// Modify $nodes to add myself var (currently selected category)


		$view->widget_title = $this->widget->getTitle();
		$view->nodes = $nodes;
		return $view;
	}
Exemple #16
0
	private function getPublished($year, $month)
	{
		//Getting the start date is easy. Getting the end date is a bit complex. Leap years and all that.
		//Easiest way is to get the start of the next month and subract a second.
		//Ensure permissions are loaded

		$hash = self::getMyHash($year, $month);

		if (!($articles = vB_Cache::instance()->read($hash, true, false)))
		{
			$offset = vBCms_ContentManager::getTimeOffset(vB::$vbulletin->userinfo);
			$start = gmmktime (0, 0, 0, $month, 1, $year);
			$weekday = gmdate('w', $start);
			$start -= $offset;
			$end = gmmktime (0, 0, 0, ($month == 12 ? 1 : $month + 1 ), 1, ($month == 12 ? $year + 1 : $year )) - $offset - 1;
			$articles = array();
			$rst = vB::$vbulletin->db->query_read($sql = "SELECT node.nodeid, node.publishdate, node.setpublish FROM " .
			TABLE_PREFIX . "cms_node AS node INNER JOIN "  . TABLE_PREFIX . "cms_nodeinfo AS info
			ON info.nodeid = node.nodeid WHERE node.setpublish > 0 AND node.publishdate BETWEEN $start AND $end
			AND node.contenttypeid <> " . vB_Types::instance()->getContentTypeID("vBCms_Section") .
			" AND " . vBCMS_Permissions::getPermissionString() .  " AND hidden = 0
			ORDER BY node.publishdate LIMIT 5000" );
	
			$nextday = $start + 86400;
			$dom = 1;
			$articles[1] = array('data' => array(), 'time' => $start + 1, 'wday' => $weekday);
			//Now we want to end with an array of day => array('data ' => array, 'time' => unixtime)
			//So we need to build the array as we go.

			while($record = vB::$vbulletin->db->fetch_array($rst))
			{
				//see if we need to advance to a new date
				if (intval($record['publishdate']) > $nextday)
				{
					while (intval($record['publishdate']) > $nextday)
					{
						$nextday += 86400;
						$start += 86400;
						$dom ++;
						$weekday = ($weekday == 6 ? 0 : ($weekday + 1));
						$articles[$dom] = array('data' => array(), 'time' => $start + 1, 'wday' => $weekday);
					}

				}

				if ($record['setpublish'])
				{
					$articles[$dom]['data'][] = $record;
				}
			}
	
			//we may have some days at the end without articles.
			while($end > $start + 86400 )
			{
				$dom++;
				$weekday = ($weekday == 6 ? 0 : ($weekday + 1));
				$articles[$dom] = array('data' => array(), 'time' => $start + 1, 'wday' => $weekday);
				$start += 86400;
			}

			vB_Cache::instance()->write($hash ,
				$articles, 1440, array('cms_calendar_published', 'sections_updated'));
		}

		//Now we want to turn this into an array of week=>(array(1-7);
		$week = 1;
		$calendar = array(1 => array());
	
		//Pad the start with empty records as needed
		if ($articles[1]['wday'] != 0)
		{
			for ($i = 0; $i < $articles[1]['wday']; $i++)
			{
				$calendar[1][$i] = array('count' => 0, 'url' => '', 'day' => '');
			}

		}
		$monthday = 1;
		$route = new vBCms_Route_List;
		while($monthday <= count($articles))
		{
			//If we've filled a week, we need to advance
			$count = 0;
			foreach ($articles[$monthday]['data'] as $record)
			{
				$count = 1;
				$url = $route->getCurrentUrl(array('type' =>'day', 'value' => $articles[$monthday]['time'])) ;
				break;
			}

			$calendar[$week][$articles[$monthday]['wday']] = array('count' => $count,
			'url' => $url,
			'day' =>($monthday ? $monthday : '') );

			if (($articles[$monthday]['wday'] == 6) AND ($monthday < count($articles)))
			{
				$week++;
				$calendar[$week] = array();
			}
			$monthday++;
		}
		

		//We need to fill out a full week. Note that monthday is now one past the last day of the month
		if ($articles[$monthday - 1]['wday'] < 6)
		{
			for ($i = $articles[$monthday - 1]['wday'] + 1; $i <= 6 ; $i++)
			$calendar[$week][$i] = array('count' => 0,
				'url' => '', 'day' => '');
		}
		unset($route);
		return $calendar;
	}
Exemple #17
0
/** Checks to see if the current user has at least read access to the CMS root node.
*
* @return	boolean
**/
function can_see_cms()
{
    global $vbulletin;
    if (!$vbulletin->products['vbcms']) {
        return false;
    }
    if (class_exists('vBCMS_Permissions', false)) {
        return vBCMS_Permissions::canView(1);
    }
    $ids = array();
    $rawids = explode(',', $vbulletin->userinfo['usergroupid'] . ',' . $vbulletin->userinfo['membergroupids']);
    foreach ($rawids as $id) {
        if (($id = intval($id)) > 0) {
            $ids[] = $id;
        }
    }
    if (!empty($ids)) {
        $perms = $vbulletin->db->query_first("\n\t\t\tSELECT MAX(permissions & 1) AS perm\n\t\t\tFROM " . TABLE_PREFIX . "cms_permissions\n\t\t\tWHERE nodeid = 1 AND usergroupid IN (" . implode(',', $ids) . ")\n\t\t");
        return intval($perms['perm']) > 0;
    }
    return false;
}
Exemple #18
0
	/**
	 * This does the actual work of creating the navigation elements. This needs some
	 * styling, but we'll do that later.
	 * We use the existing search functionality. It's already all there, we just need
	 * to
	 *
	 * @return string;
	 */
	private function makeResults($config)
	{
		//Start by generating the sql and executing it.
		$sql = "SELECT post.postid, thread.threadid, node.nodeid, info.title,
		  user.username as cms_author, node.userid AS cms_authorid,
		  thread.replycount, node.url, post.userid
		  from " . TABLE_PREFIX . "cms_node AS node
		  INNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON node.nodeid = info.nodeid
		  INNER JOIN " . TABLE_PREFIX . "user AS user ON user.userid = node.userid
		  INNER JOIN " . TABLE_PREFIX . "thread AS thread ON thread.threadid = info.associatedthreadid
		  INNER JOIN " . TABLE_PREFIX . "post AS post ON post.threadid = thread.threadid
		  WHERE node.comments_enabled > 0 AND node.setpublish > 0 AND
        post.postid <> thread.firstpostid AND post.dateline > ".
		 (TIMENOW - intval($config['days']) * 86400) . " AND " .
		 vBCMS_Permissions::getPermissionString() . " AND thread.visible = 1 AND post.visible = 1
		 ORDER BY post.dateline DESC LIMIT 50";

		$rst = vB::$vbulletin->db->query_read($sql);
		$blocked_threads = array();
		$results = array();
		while($record = vB::$vbulletin->db->fetch_array($rst) AND count($results) < $config['count'])
		{
			$results[]= $record;
		}

		return $results;
	}
Exemple #19
0
	/**
	 * pre_delete function - extend if the contenttype needs to do anything
	 *
	 * @param	array		list of deleted attachment ids to delete
	 * @param	boolean	verify permission to delete
	 *
	 * @return	boolean
	 */
	public function pre_delete($list, $checkperms = true)
	{
		if (!isset($this->contentid) and !vB::$vbulletin->GPC_exists['values'])
		{
			vB::$vbulletin->input->clean_array_gpc('r', array(
				'f' => vB_Input::TYPE_UINT
			));
		}

		if (!isset(vB::$vbulletin->userinfo['permissions']['cms']))
		{
			vBCMS_Permissions::getUserPerms();
		}

		if (vB::$vbulletin->GPC_exists['values'] and isset(vB::$vbulletin->GPC['values']['f']))
		{
			$this->contentid = vB::$vbulletin->GPC['values']['f'];
			return vBCMS_Permissions::canEdit($this->contentid);
		}

		if (count($list))
		{
			$rst = vB::$vbulletin->db->query_read("
				SELECT DISTINCT node.permissionsfrom
				FROM " . TABLE_PREFIX . "attachment AS attach
				INNER JOIN " . TABLE_PREFIX . "cms_node AS node ON (node.nodeid = attach.contentid AND node.contenttypeid = attach.contenttypeid)
			 	WHERE
					attachmentid IN (" . implode(',' , $list) . ")
			 ");
			while ($record = vB::$vbulletin->db->fetch_array($rst))
			{
				if (!in_array($record['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canedit']))
				{
					return false;
				}
			}
			return true;
		}
	}
Exemple #20
0
	/**
	 * Fetches the SQL for loading.
	 * $required_query is used to identify which query to build for classes that
	 * have multiple queries for fetching info.
	 *
	 * This can safely be based on $this->required_info as long as a consitent
	 * flag is used for identifying the query.
	 *
	 * @param int $required_query				- The required query
	 * @param bool $force_rebuild				- Whether to rebuild the string
	 *
	 * @return string
	 */
	protected function getLoadQuery($required_query = self::QUERY_BASIC, $force_rebuild = false)
	{
		// Hooks should check the required query before populating the hook vars
		$hook_query_fields = $hook_query_joins = $hook_query_where = '';
		($hook = vBulletinHook::fetch_hook($this->query_hook)) ? eval($hook) : false;
		// Internal hooks for loading content with QUERY_BASIC

		$content_query_fields = $content_query_joins = $content_query_where = '';
//		if ($this->requireLoad(vBCms_Item_Content::INFO_CONTENT))
//		{
 			$content_query_fields = $this->getContentQueryFields();
			$content_query_joins = $this->getContentQueryJoins();
			$content_query_where = $this->getContentQueryWhere();
//		}

		// Content item queries
		if (self::QUERY_BASIC == $required_query)
		{
			$calc_rows = $this->requireLoad(vBCms_Item_Content::INFO_BASIC) ? 'SQL_CALC_FOUND_ROWS' : '';
			if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
			{
				require_once DIR . '/packages/vbcms/permissions.php';
				vBCMS_Permissions::getUserPerms();
			}

			//We need a nodeid for the displayorder below
			if ($this->filter_node_exact AND !$this->filter_node )
			{
				$this->filter_node = $this->filter_node_exact;
			}

			//enforce the max_records limits
			if ($this->max_records)
			{
				$this->paginate = true;

				if (!$this->start)
				{
					$this->start = 0;
				}
				$this->quantity = $this->max_records;
			}

			$filter_notcontenttype = $this->getFilterNotContentTypeSql();

				$sql = "SELECT $calc_rows node.nodeid AS itemid" .
				($this->requireLoad(vBCms_Item_Content::INFO_BASIC) ?
					"   ,(node.nodeleft = 1) AS isroot, node.nodeid, node.contenttypeid, node.contentid, node.url, node.parentnode, node.styleid, node.userid,
						node.layoutid, node.publishdate, node.setpublish, node.issection, parent.permissionsfrom as parentpermissions,
						node.showrating,
						node.permissionsfrom, node.publicpreview, node.shownav, node.hidden, node.nosearch " : '') .
				($this->requireLoad(vBCms_Item_Content::INFO_NODE) ?
					 ", info.description, info.title, info.viewcount, info.creationdate, info.workflowdate,
					 info.workflowstatus, info.workflowcheckedout, info.workflowlevelid, info.associatedthreadid,
					 user.username, sectionorder.displayorder" : '') .
				($this->requireLoad(vBCms_Item_Content::INFO_DEPTH) ?
					", (COUNT(pdepth.nodeid) - 1) AS depth" : '') . "
					 $content_query_fields
					 $hook_query_fields
				FROM " . TABLE_PREFIX . "cms_node AS node " .
				($this->requireLoad(vBCms_Item_Content::INFO_NODE) ? "
				INNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = node.nodeid
				LEFT JOIN " . TABLE_PREFIX . "user AS user ON user.userid = node.userid
				LEFT JOIN " . TABLE_PREFIX . "cms_sectionorder AS sectionorder ON sectionorder.sectionid = node.parentnode
				AND sectionorder.nodeid = node.nodeid" : '')
				. ($this->requireLoad(self::INFO_BASIC) ? "
				LEFT JOIN " . TABLE_PREFIX . "cms_node AS parent ON parent.nodeid = node.parentnode " : '')
				.	($this->filter_node ?
				"INNER JOIN " . TABLE_PREFIX . "cms_node AS rootnode
					ON rootnode.nodeid = " . intval($this->filter_node) : '') .
				($this->requireLoad(vBCms_Item_Content::INFO_DEPTH) ?
				" LEFT JOIN " . TABLE_PREFIX . "cms_node AS pdepth ON (node.nodeleft >= pdepth.nodeleft AND node.nodeleft <=pdepth.noderight>" : '') .
				"	$content_query_joins
				$hook_query_joins
				WHERE node.new != 1 " .
				($this->itemid ? " AND node.nodeid IN (" . implode(',', $this->itemid) . ") " : '') .
				($this->filter_ignorepermissions ? '' : " AND " . vBCMS_Permissions::getPermissionString())
				 .
				((($this->filter_contenttype AND ($this->filter_contenttype == vB_Types::instance()->getContentTypeID("vBCms_Section"))) OR $this->filter_onlysections)
					? '' : "AND node.new != 1 ") .
				($this->filter_contenttype ? "AND node.contenttypeid = " . intval($this->filter_contenttype) . " " : '') .
				($this->filter_contentid ? "AND node.contentid = " . intval($this->contentid) . " ": '') .
				($this->filter_node ? "AND (node.nodeleft >= rootnode.nodeleft AND node.nodeleft <= rootnode.noderight) AND node.nodeleft != rootnode.nodeleft " : '') .
				($this->filter_nosections ? "AND node.issection != '1' " : '') .
				($this->filter_onlysections ? "AND node.issection = '1' " : '') .
				($this->filter_userid ? "AND node.userid = " . intval($this->filter_userid) . " " : '') .
				($this->visible_only ? "AND node.hidden = 0 " : '') .
				(intval($this->filter_node_exact) ? "AND (node.parentnode = " .
					$this->filter_node_exact . " OR sectionorder.displayorder > 0 )": '').
				($this->filter_published ? "AND node.setpublish = '1' AND node.publishdate <= " . intval(TIMENOW) . " " : '') .
				($this->filter_unpublished ? "AND node.setpublish = '0' OR node.publishdate > " . intval(TIMENOW) . " " : '') . "
				$content_query_where
				$hook_query_where " .
				($this->requireLoad(vBCms_Item_Content::INFO_DEPTH) ?
					" GROUP BY node.nodeid " : '') .
				(isset($this->orderby) ? " ORDER BY " . $this->orderby :
					($this->requireLoad(vBCms_Item_Content::INFO_NODE) ? " ORDER BY CASE WHEN sectionorder.displayorder > 0 THEN sectionorder.displayorder ELSE 9999999 END ASC,
					 node.publishdate DESC" : 'ORDER BY node.setpublish DESC, node.publishdate DESC' ))

			 .
				($this->paginate ?
					" LIMIT " . intval($this->start) . ', ' . intval($this->quantity) : '');

			return $sql;


		}
		else if (self::QUERY_PARENTS == $required_query)
		{
			return
				"SELECT node.nodeid AS itemid, parent.nodeid, parent.url, parent.styleid, parent.layoutid, parent.publishdate,
						parent.setpublish, parent.hidden, info.title, info.description
				$hook_query_fields
				FROM " . TABLE_PREFIX . "cms_node AS node
				INNER JOIN " . TABLE_PREFIX . "cms_node AS parent ON (node.nodeleft >= parent.nodeleft AND node.nodeleft <= parent.noderight)
				INNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = parent.nodeid
				LEFT JOIN " . TABLE_PREFIX . "cms_sectionorder AS ord ON ord.nodeid = node.nodeid AND ord.sectionid = node.parentnode " .
					$hook_query_joins . "
				WHERE node.nodeid IN (" . implode(',', $this->itemid) . ")
				AND parent.nodeid != node.nodeid
				$hook_query_where
				ORDER BY parent.nodeleft, ord.displayorder"
			;
		}
		else if (self::QUERY_CONFIG == $required_query)
		{
			return
				"SELECT nodeid AS itemid, name, value, serialized
				$hook_query_fields
				FROM " . TABLE_PREFIX . "cms_nodeconfig
				$hook_query_joins
				WHERE nodeid IN (" . implode(',', $this->itemdid) . ")
				$hook_query_where
			";
		}

		throw (new vB_Exception_Model('Invalid query id \'' . htmlspecialchars_uni($required_query) . '\' specified for collection'));
	}
Exemple #21
0
	/** Checks to see if the user can create a specific type in a specific section
	 *	@param 	int sectionid
	 *
	 *	@return	bool
	 ***/
	public function canCreateHere($sectionid)
	{
		if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
		{
			vBCMS_Permissions::getPerms();
		}

		return in_array($sectionid, vB::$vbulletin->userinfo['permissions']['cms']['cancreate']) ;	}
Exemple #22
0
 /**
  * load the existing data
  *
  */
 private function load_data()
 {
     $sections = vBCms_ContentManager::getSections();
     $perms = vBCMS_Permissions::getPerms(0);
     $this->custom_priority['cms'] = array();
     $level = array();
     foreach ($sections as $nodeid => $section) {
         if (!$section['hidden'] and in_array($section['permissionsfrom'], $perms['canview'])) {
             $section['priority'] = false;
             $this->custom_priority['cms'][$section['nodeid']] = $section;
         }
     }
     $this->set_priorities('cms');
 }
Exemple #23
0
	/**
	 * this will create an array of result objects from an array of ids()
	 *
	 * @param array of integer $ids
	 * @return array of objects
	 */
	public function create_array($ids)
	{
		$contenttypeid = vB_Types::instance()->getContentTypeID(
			'vBCms_StaticHtml');
		if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
		{
			vBCMS_Permissions::getUserPerms();
		}

		if ($rst = vB::$vbulletin->db->query_read("SELECT n.nodeid as itemid, n.setpublish,
		u.username,n.nodeid, u.userid, i.html_title, n.permissionsfrom, n.hidden, n.url,
		nc1.value AS previewtext, nc.value AS pagetext, i.title, i.description, n.publishdate, n.parentnode,
		parent.title AS parenttitle, parent.html_title AS parent_html_title
		FROM " . TABLE_PREFIX . "cms_node AS n
  		LEFT JOIN " . TABLE_PREFIX . "cms_nodeinfo i ON i.nodeid = n.nodeid
  		LEFT JOIN " . TABLE_PREFIX . "cms_nodeinfo AS parent ON parent.nodeid = n.parentnode
  		LEFT JOIN " . TABLE_PREFIX . "user u ON u.userid = n.userid
  		LEFT JOIN " . TABLE_PREFIX . "cms_nodeconfig AS nc ON nc.nodeid = n.nodeid AND nc.name = 'pagetext'
  		LEFT JOIN " . TABLE_PREFIX . "cms_nodeconfig AS nc1 ON nc1.nodeid = n.nodeid AND nc1.name = 'previewtext'
		WHERE n.nodeid IN (" . implode(', ', $ids) .
			")"))
		{
			while ($search_result = vB::$vbulletin->db->fetch_array($rst))
			{
				vBCMS_Permissions::setPermissionsfrom($search_result['nodeid'], $search_result['$permissionsfrom'], $search_result['hidden'],
					$search_result['setpublish'], $search_result['publishdate'] );

				//check permissions
				if (!vBCMS_Permissions::canView($search_result['nodeid']))
				{
					continue;
				}
				$item = new vBCms_Search_Result_StaticPage();
				$item->itemid = $search_result['itemid'];
				$item->contenttypeid = $contenttypeid;

				if ($rst1 = vB::$vbulletin->db->query_read("SELECT cat.categoryid, cat.category FROM " .
					TABLE_PREFIX . "cms_nodecategory nc INNER JOIN " .	TABLE_PREFIX .
					"cms_category cat ON nc.categoryid = cat.categoryid WHERE nc.nodeid = " .
					$search_result['nodeid']))
				{
					while($record = vB::$vbulletin->db->fetch_array($rst1))
					{
						$record['category_url'] = vB_Route::create('vBCms_Route_List', "category/" . $record['route_info'] . "/1")->getCurrentURL();
						$categories[$record['categoryid']] = $record;
					}
				}

//				if ($rst1 = vB::$vbulletin->db->query_read("SELECT cat.categoryid, cat.category FROM " .
//					TABLE_PREFIX . "cms_nodecategory nc INNER JOIN " .	TABLE_PREFIX .
//					"cms_category cat ON nc.categoryid = cat.categoryid WHERE nc.nodeid = " .
//					$search_result['nodeid']))
//				{
//					while($record = vB::$vbulletin->db->fetch_array($rst1))
//					{
//						$categories[$record['categoryid']] = $record;
//					}
//				}

				$search_result['categories'] = $categories;
				$item->record = $search_result;
				$items[$search_result['itemid']] = $item;
			}
			return $items;
		}
		return false;
	}
Exemple #24
0
	/**
	 * Fetches views from aggregated content.
	 * Uses a minimum set of collections to fetch the required info for the content
	 * types specified.
	 *
	 * @param int $viewtype						- The viewtype to aggregate
	 * @return array vB_View
	 */
	protected function aggregateContent($viewtype = self::VIEW_PREVIEW, &$page_info = null)
	{
		if ((self::VIEW_AGGREGATE != $viewtype) AND (self::VIEW_PREVIEW != $viewtype) AND (self::VIEW_PAGE != $viewtype))
		{
			throw (new vB_Exception_Content('Viewtype specified for section aggregation is not valid: \'' . htmlspecialchars($viewtype) . '\''));
		}

		$this->config = $this->content->getConfig();


		// Only filter to published if section is published and user can't edit
		$filter_published = ($this->content->isPublished() AND (!$this->content->canEdit() AND !$this->content->canCreate()));
		$aggregate = new vBCms_Collection_Content_Section();
		$aggregate->requireInfo(vB_Model::QUERY_BASIC);

		$filter_node = $this->content->getIncludeChildren();
		//If this is a hidden section we ignore the hidden flag. Otherwise we don't show
		//hidden articles.
		$aggregate->setFilterHidden = (!$this->content->getHidden());

		if (!$this->config['pagination_links'] OR $this->config['simple_paging'])
		{
			$aggregate->setCount(false);
		}


		//This changes depending on whether we are displaying an edit or view page;
		if ($this->editing)
		{
			if (!$filter_node)
			{
				$aggregate->setFilterNodeExact($this->content->getNodeId());
			}
			else
			{
				$aggregate->filterNode($this->content->getNodeId());
			}
		}
		else //We're in view mode
		{
			//And what content to show. If the setting is 2, then that means show
			// subsection content. Otherwise only the section will show.
			if ($this->config['contentfrom'] != 2)
			{
				$aggregate->setFilterNodeExact($this->content->getNodeId());
			}
			else
			{
				$aggregate->filterNode($this->content->getNodeId());
			}
			$aggregate->setIncludepreview(true);

		}

		$aggregate->filterPublished($filter_published);
		$aggregate->requireInfo(vBCms_Item_Content::INFO_BASIC | vBCms_Item_Content::INFO_NODE);

		if ($this->canPublish())
		{
			$aggregate->filterVisible(false);
		}

		if (!intval($this->config['section_priority']) OR (intval($this->config['section_priority'])> 20) )
		{
			$this->config['section_priority'] = 1;
		}

		// Let's set the order.
		$aggregate->setOrderBy($this->config['section_priority']);


		if (!intval($this->config['items_perhomepage']) OR (intval($this->config['items_perhomepage'])> 20) )
		{
			$this->config['items_perhomepage'] = 7;
		}


		$aggregate->paginate();
		$aggregate->paginateQuantity(intval($this->config['items_perhomepage']));

		if ($this->config['simple_paging'])
		{
			$aggregate->setMaxRecords(10 * $this->config['items_perhomepage']);
		}

		if ($this->editing)
		{
			$aggregate->paginatePage(1);
			$this->current_page = 1;
		}
		else
		{
			//what page are we rendering?
			vB::$vbulletin->input->clean_array_gpc('r', array('page' => TYPE_INT	));
			$this->current_page = (vB::$vbulletin->GPC_exists['page'] AND intval(vB::$vbulletin->GPC['page'])) ?
				vB::$vbulletin->GPC['page'] : 1;
			$aggregate->paginatePage($this->current_page);
		}
		$results = array();

		// If we only need the aggregate view then we don't need to get specific collections
		if (self::VIEW_AGGREGATE == $viewtype)
		{
			// get info flags for generic aggregate view
			$aggregate->requireInfo($this->getViewInfoFlags(self::VIEW_AGGREGATE));

			if (!$aggregate->getShown() AND $aggregate->getTotal())
			{
				throw (new vB_Exception_404());
			}
			$rawcount = $aggregate->getTotal();

			foreach ($aggregate AS $id => $content)
			{
				// get the content controller
				$controller = vB_Types::instance()->getContentTypeController($content->getContentTypeId(), $content);

				// set preview length
				$controller->setPreviewLength(400);

				// get the aggregate view from the controller
				$results[$id] = $controller->getAggregateView();
				if ($this->config['simple_paging'] AND count($results) >= intval($this->config['items_perhomepage']) )
				{
					break;
			}
		}
		}
		else
		{
			// Aggregated collection info for individual contenttypes.
			$collection_infos = array();

			// Individual content controllers
			$controllers = array();

			// Check that there were results for the selected page
			if (!$aggregate->getShown() AND $aggregate->getTotal())
			{
				throw (new vB_Exception_404());
			}

			// Get the individual collections required for each contenttype
			foreach ($aggregate AS $id => $content)
			{
				if ($this->config['simple_paging'] AND count($results) >= intval($this->config['items_perhomepage']) )
				{
					break;
				}

				// save an ordered space for the result
				$results[$id] = true;

				// get a controller for the specific type
				$controllers[$id] = vB_Types::instance()->getContentTypeController($content->getContentTypeId(), $content);

				// get required info flags for a preview
				$info_flags = $controllers[$id]->getViewInfoFlags(self::VIEW_PREVIEW);

				// get the appropriate collection class required for the preview
				$collection_class = $controllers[$id]->getCollectionClass($info_flags);

				// create the collection
				if (!isset($collection_infos[$collection_class]))
				{
					$collection_infos[$collection_class] = array();
				}

				// don't use the same collection where the required info differs
				if (!isset($collection_infos[$collection_class][$info_flags]))
				{
					$collection_infos[$collection_class][$info_flags] =
						array('collection' => new $collection_class, 'items' => array());
				}

				// add loaded content item to appropriate collection based on the class and required info
				$collection_infos[$collection_class][$info_flags]['items'][$id] = $content;
			}

			if (!sizeof($collection_infos))
			{
				return false;
			}
			vBCMS_Permissions::loadPermissionsfrom(array_keys($results));

			$nodeids = array();
			foreach ($collection_infos AS $collection_info)
			{
				foreach ($collection_info AS $info_flags => $collection_objects)
				{
					// add the loaded items to the collection
					$collection_objects['collection']->setCollection($collection_objects['items'], $aggregate->getLoadedInfoFlags());

					// require the rich preview info
					$collection_objects['collection']->requireInfo($info_flags);

					foreach ($collection_objects['collection'] AS $id => $item)
					{
						$nodeids[] = $id;
						if (count($results) > $this->config['items_perhomepage'])
						{
							break;
						}
					}
				}
			}

			// get the views from the unique collections
			foreach ($collection_infos AS $collection_info)
			{
				foreach ($collection_info AS $info_flags => $collection_objects)
				{
					// add the loaded items to the collection
					$collection_objects['collection']->setCollection($collection_objects['items'], $aggregate->getLoadedInfoFlags());

					// require the rich preview info
					$collection_objects['collection']->requireInfo($info_flags);

					// get the final item views
					foreach ($collection_objects['collection'] AS $id => $item)
					{
						if (isset($results[$id]))
						{
							// set preview length
							$controllers[$id]->setPreviewLength(400);

							// theoretically the updated item should already be assigned to it's controller
							if (!($results[$id] = $controllers[$id]->getPreview($this->config['preview_length'])))
							{
								unset($results[$id]);
							}

						}
					}
				}
			}
		}

		return array('aggregate' => $aggregate, 'results' => $results) ;

	}
Exemple #25
0
function do_get_cms_sections()
{
    global $vbulletin, $db;
    if (!isset($vbulletin->userinfo['permissions']['cms'])) {
        vBCMS_Permissions::getUserPerms();
    }
    $publishlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canpublish']);
    $viewlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['allview']);
    $result = $vbulletin->db->query_read("\n\tSELECT node.nodeid, node.parentnode, node.url, node.permissionsfrom, node.setpublish, node.publishdate, node.noderight, info.title\n\tFROM " . TABLE_PREFIX . "cms_node AS node\n\tINNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = node.nodeid\n\tWHERE node.contenttypeid = " . vB_Types::instance()->getContentTypeID("vBCms_Section") . "\n\t    AND ((node.permissionsfrom IN ({$viewlist})  AND node.hidden = 0) OR (node.permissionsfrom IN ({$publishlist})))\n\t    ORDER BY node.nodeleft");
    $sections = array();
    while ($section = $vbulletin->db->fetch_array($result)) {
        $sections[] = array('sectionid' => $section['nodeid'], 'title' => prepare_utf8_string(strip_tags($section['title'])));
    }
    return array('sections' => $sections);
}
Exemple #26
0
	/**
	 * Creates a new, empty content item to add to a node.
	 *
	 * @param vBCms_DM_Node $nodedm				- The DM of the node that the content is being created for
	 * @return int | false						- The id of the new content or false if not applicable
	 */
	public function createDefaultContent(vBCms_DM_Node $nodedm)
	{
		global $vbphrase;
		require_once DIR . '/includes/functions_databuild.php';
		fetch_phrase_group('cpcms');

		vB::$vbulletin->input->clean_array_gpc('r', array(
			'nodeid'        => vB_Input::TYPE_UINT,
			'parentnode'    => vB_Input::TYPE_UINT,
			'parentid'      => vB_Input::TYPE_UINT,
			'pagecontent'   => vB_Input::TYPE_STR,
			));

		//We should have a nodeid, but a parentnode is even better.
		($hook = vBulletinHook::fetch_hook($this->content_start_hook)) ? eval($hook) : false;

		if ($this->parent_node)
		{
			$parentnode = $this->parent_node;
		}
		else if (vB::$vbulletin->GPC_exists['parentnode'] AND intval(vB::$vbulletin->GPC['parentnode'] ))
		{
			$parentnode = vB::$vbulletin->GPC['parentnode'];
		}
		else if (vB::$vbulletin->GPC_exists['parentid'] AND intval(vB::$vbulletin->GPC['parentid'] ))
		{
			$parentnode = vB::$vbulletin->GPC['parentid'];
		}
		else if (vB::$vbulletin->GPC_exists['nodeid'] AND intval(vB::$vbulletin->GPC['nodeid'] )
			and $record = vB::$vbulletin->db->query_first("SELECT contenttypeid, nodeid, parentnode FROM " .
			TABLE_PREFIX . "cms_node where nodeid = " . vB::$vbulletin->GPC['nodeid'] ))
		{
			$parentnode = vB_Types::instance()->getContentTypeID("vBCms_Section") == $record['contenttypeid'] ?
				$record['nodeid'] : $record['parentnode'];
		}
		else
		{
			throw (new vB_Exception_Content('No valid parent node'));
		}
		$contenttypeid = vB_Types::instance()->getContentTypeID($this->package . '_'  . $this->class);

		//Verify Permissions
		if (!vBCMS_Permissions::canUseHtml($parentnode, $contenttypeid, vB::$vbulletin->userinfo['userid']))
		{
			throw (new vB_Exception_AccessDenied());
		}

		$this->config = array('pagetext' => $vbphrase['pagetext_goes_here'],
			'previewtext' => $vbphrase['preview_goes_here_desc']);
		$nodedm->set('config', $this->config);
		$nodedm->set('contenttypeid', $contenttypeid);
		$nodedm->set('parentnode', $parentnode);
		$nodedm->set('publicpreview', 1);
		$nodedm->set('comments_enabled', 1);
		$title = new vB_Phrase('vbcms', 'new_static_page');
		$nodedm->set('description', $title);
		$nodedm->set('title', $title);
		if (!($contentid = $nodedm->save()))
		{
			throw (new vB_Exception_Content('Failed to create default content for contenttype ' . get_class($this)));
		}

		($hook = vBulletinHook::fetch_hook($this->content_end_hook)) ? eval($hook) : false;
		return $contentid;
	}
Exemple #27
0
/** Checks to see if the current user has at least read access to the CMS root node.
*
* @return	boolean
**/

function can_see_cms()
{
	global $vbulletin;
	if (!$vbulletin->products['vbcms'])
	{
		return false;
	}

	if (class_exists('vBCMS_Permissions', false))
	{
		return vBCMS_Permissions::canView(1);
	}

	global $vbulletin;

	$sql = "SELECT MAX(permissions & 1) AS perm FROM " . TABLE_PREFIX . "cms_permissions
	WHERE	nodeid = 1 AND usergroupid in (" . $vbulletin->userinfo['usergroupid'] .
	($vbulletin->userinfo['membergroupids'] != '' ? ', ' . $vbulletin->userinfo['membergroupids'] : '' ) . ")";

	$perms = $vbulletin->db->query_first($sql );
	return (intval($perms['perm']) > 0);
}
Exemple #28
0
	public function get_results($user, $criteria)
	{
		global $vbulletin;
		$db = $vbulletin->db;

		$range_filters = $criteria->get_range_filters();
		$equals_filters = $criteria->get_equals_filters();
		$sort = $criteria->get_sort();
		$direction = strtolower($criteria->get_sort_direction()) == 'desc' ? 'desc' : 'asc';

		$sort_join = "";
		$orderby = "";
		$section_join = "";
		$where = array();

		//verify permissions
		if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
		{
			vBCMS_Permissions::getUserPerms();
		}

		if (! count(vB::$vbulletin->userinfo['permissions']['cms']['canview']))
		{
			return array();
		}

		if ($sort = 'dateline')
		{
			$orderby = 'node.publishdate ' . $direction;
		}
		else if ($sort = 'user')
		{
			$sort_join = "JOIN " . TABLE_PREFIX . "user AS user ON node.userid = user.userid";
			$orderby = "user.username " . $direction . ", node.publishdate DESC";
		}
		else
		{
			$orderby = " node.publishdate DESC";
		}

		$results = array();

		$where[] = " node.publishdate <= " . TIMENOW;
		//get date cut -- but only if we're not using the threadmarking filter
		if (isset($range_filters['datecut']))
		{
			//ignore any upper limit
			$where[] = " node.publishdate >= " . $range_filters['datecut'][0];
		}
		else if (isset($range_filters['dateline']))
		{
			$where[] = " node.publishdate >= " . $range_filters['dateline'][0];
		}
		else if (isset($range_filters['days']))
		{
			$where[] = " node.publishdate >= " . $range_filters['days'][0];
		}
		else
		{
			$where[] = " node.publishdate >= " . TIMENOW - 86400 *
				($vbulletin->GPC_exists['days'] ? $vbulletin->GPC['days'] : self::MAX_DAYS);
		}

		if (isset($equals_filters['userid']))
		{
			$where[] = " node.userid " .
				(is_array($equals_filters['userid'][vB_Search_Core::OP_EQ]) ?
					"in (" . implode(', ', $equals_filters['userid'][vB_Search_Core::OP_EQ])
						. ") " :
					" = " . $equals_filters['userid'][vB_Search_Core::OP_EQ]
				);
		}
		else if ($vbulletin->GPC_exists['userid'])
		{
			$where[] = " node.userid = " . $vbulletin->GPC['userid'];
		}

		if ($vbulletin->GPC_exists['sectionid'])
		{
			$where[] = " parent.nodeid = " . $vbulletin->GPC['sectionid'];
			$section_join = "INNER JOIN " . TABLE_PREFIX . "cms_node AS parent ON
				(node.nodeleft >= parent.nodeleft AND node.nodeleft <= parent.noderight)";
		}

		if ($keywords = $criteria->get_keywords())
		{
			$searchcore_join = " INNER JOIN " . TABLE_PREFIX . "searchcore AS searchcore
				ON searchcore.primaryid = node.contentid
				AND searchcore.contenttypeid = node.contenttypeid";
			$where[] = " MATCH  (title, keywordtext) against "
				 . $db->escape_string($keywords) . " IN BOOLEAN MODE ";
		}

		if ($this->contenttypeid = $criteria->get_contenttypeid())
		{
			$where[] = " node.contenttypeid = " . $this->contenttypeid;
		}

		$q = "
			SELECT node.nodeid, node.contenttypeid, node.contentid
			FROM " . TABLE_PREFIX . "cms_node as node
			$searchcore_join
			$sort_join
			$section_join
			WHERE node.new != 1 AND node.nosearch != 1 AND ((node.permissionsfrom in (
			" . implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canview']) .
			") AND node.setpublish > 0 AND node.publishdate <= " . TIMENOW . " ) OR (node.permissionsfrom in (
			" . implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canedit']) .
			")) OR (node.userid = " . intval(vB::$vbulletin->userinfo['userid']) . ") )"  .
			($where ? " AND " : '') . implode(' AND ', $where) . "
			ORDER BY $orderby
			LIMIT " . intval($vbulletin->options['maxresults']);

		$entries = $db->query_read_slave($q);

		while ($entry = $db->fetch_array($entries))
		{
			$results[] = array($entry['contenttypeid'], $entry['contentid'], $entry['nodeid']);
		}

		return $results;
	}
Exemple #29
0
	/**
	* Template method. Calls all the appropriate methods to build a post and then evaluates the template.
	*
	* @param	array	Post information
	*
	* @return	string	HTML for the post
	*/
	function construct_postbit(&$post)
	{
		global $ad_location;

		$this->post =& $post;
		$thread =& $this->thread;
		$forum =& $this->forum;

		// make sure we can display this post
		if ($this->is_displayable() == false)
		{
			return '';
		}

		global $show, $vbphrase;
		global $spacer_open, $spacer_close;

		global $bgclass, $altbgclass;
		exec_switch_bg();

		$template_hook = array();

		($hook = vBulletinHook::fetch_hook('postbit_display_start')) ? eval($hook) : false;

		// put together each part of the post
		$this->prep_post_start();

		$this->process_date_status();
		$this->process_edit_info();
		$this->process_icon();
		$this->process_ip();

		if (!empty($this->post['userid']))
		{
			$this->process_registered_user();
			$this->process_im_icons();
		}
		else
		{
			$this->process_unregistered_user();
		}

		$this->bbcode_parser->containerid = $this->post['postid'];
		$this->parse_bbcode();

		$this->process_attachments();

		// finish prepping the post
		$this->prep_post_end();

		$pageinfo_post = array(
			'p' => $post['postid']
		);
		if ($this->templatename != 'postbit')
		{
			$pageinfo_post['viewfull'] = 1;
		}

		// execute hook
		($hook = vBulletinHook::fetch_hook('postbit_display_complete')) ? eval($hook) : false;

		$show['last_ad'] = $show['first_ad'] = $show['first_adsense'] = false;
		if ($post['isfirstshown'])
		{
			//this does not appear to be an ad slot, rather it appears to be some shim html
			//that needs to be rendered if the firstpost google ad is included.
			$template = vB_Template::create('ad_showthread_firstpost_sig');
			$template->register('adsense_pub_id', $this->registry->adsense_pub_id);
			$template->register('adsense_host_id', $this->registry->adsense_host_id);
			$ad_location['ad_showthread_firstpost_sig'] = $template->render();

			$template = vB_Template::create('ad_showthread_firstpost_start');
			$template->register('adsense_pub_id', $this->registry->adsense_pub_id);
			$template->register('adsense_host_id', $this->registry->adsense_host_id);
			$ad_location['ad_showthread_firstpost_start'] = trim($template->render(true));

			$ad_location['ad_showthread_firstpost_sig'] = vB_Template::create('ad_showthread_firstpost_sig')->render();
			if ($ad_location['ad_showthread_firstpost_start'])
			{
				$show['first_ad'] = true;
			}

			if ($ad_location['thread_first_post_content'] = trim(vB_Template::create('ad_thread_first_post_content')->render(true)))
			{
				if (preg_match('#^<div id="ad_thread_first_post_content">.+</div>$#si', $ad_location['thread_first_post_content']))
				{
					$show['first_ad'] = true;
				}
				else
				{
					$ad_location['thread_first_post_content'] = '';
				}
			}
		}
		else if (
			$post['islastshown']
				AND
			$ad_location['thread_last_post_content'] = trim(vB_Template::create('ad_thread_last_post_content')->render(true))
		)
		{
			if (preg_match('#^<div id="ad_thread_last_post_content">.+</div>$#si', $ad_location['thread_last_post_content']))
			{
				$show['last_ad'] = true;
			}
			else
			{
				$ad_location['thread_last_post_content'] = '';
			}
		}

		// prepare the member action drop-down menu
		// pass the local template hook so that each drop-down gets its own hook (per-postbit)
		$memberaction_dropdown = construct_memberaction_dropdown($post, $template_hook);

		// evaluate template
		$postid =& $post['postid'];

		$templater = vB_Template::create($this->template_prefix . $this->templatename);
			if ($this->add_promote_links AND $this->registry->products['vbcms'])
			{
				if (!isset($this->registry->userinfo['permissions']['cms']))
				{
					bootstrap_framework();
					vBCMS_Permissions::getUserPerms();
				}

				if ($this->registry->userinfo['permissions']['cms']['canpublish'][0] != -1)
				{
					$templater->register('promote_sectionid', $this->registry->userinfo['permissions']['cms']['canpublish'][0]);
					$templater->register('articletypeid', vB_Types::instance()->getContentTypeID('vBCms_Article'));
					$promote_url = vB_Route::create('vBCms_Route_Content', '1/addcontent/')->getCurrentURL();
					$promote_url .= (strrpos($promote_url, '?') ? '&amp;' : '?') .
						'contenttypeid=' . vB_Types::instance()->getContentTypeID('vBCms_Article') .
						"&amp;postid=" . $post['postid'] . '&amp;parentid=1';
					$templater->register('promote_url', $promote_url);
				}
			}
			$templater->register('ad_location', $ad_location);
			$templater->register('memberaction_dropdown', $memberaction_dropdown);
			$templater->register('pageinfo_post', $pageinfo_post);
			$templater->register('post', $post);
			$templater->register('postid', $postid);
			$templater->register('template_hook', $template_hook);
			$templater->register('thread', $thread);
		$postbit = $templater->render();

		$templater = vB_Template::create('postbit_wrapper');
			$templater->register('post', $post);
			$templater->register('postbit', $postbit);
			$templater->register('spacer_close', $spacer_close);
			$templater->register('spacer_open', $spacer_open);
		$retval = $templater->render();

		return $retval;
	}
Exemple #30
0
	/**
	 * This gets a list of the publicly viewable "leaf" nodes. It was created for
	 * use by the sitemap builder but it seems it could have other uses.
	 *
	 * @param	int	$sortby	1:section order, then title, 2: title, 3:publish_date
	 * @return array
	 */
	public static function getPublicContent($startat = 0, $qty = 10000, $sortby = 1)
	{
		$perms = vBCMS_Permissions::getPerms(0);

		$sql = "SELECT node.nodeid, node.contenttypeid, node.hidden, info.title, parentinfo.title AS section,
		parent.nodeid AS sectionid, node.setpublish, node.publishdate, node.url FROM " . TABLE_PREFIX .
		"cms_node AS node INNER JOIN " . TABLE_PREFIX .	"cms_nodeinfo AS info ON info.nodeid = node.nodeid
		INNER JOIN " . TABLE_PREFIX .	"cms_node AS parent ON parent.nodeid = node.parentnode
		INNER JOIN " . TABLE_PREFIX .	"cms_nodeinfo AS parentinfo ON parentinfo.nodeid = parent.nodeid
		WHERE node.setpublish > 0 AND parent.setpublish > 0 AND parent.publishdate < " . TIMENOW .
		" AND node.publishdate < " . TIMENOW . " AND node.permissionsfrom IN (" .
		implode(',', $perms['canview']) . ") AND (node.contenttypeid <> " .
		vb_Types::instance()->getContentTypeID("vBCms_Section") . ") ";

		switch($sortby){
			case 3 :
				$sql .= " ORDER BY node.setpublish DESC";
				break;
			case 2 :
				$sql .= " ORDER BY info.title";
				break;
			default:
				$sql .= " ORDER BY parent.nodeleft, info.title";
		} // switch

		$sql .= " LIMIT $startat, $qty ";
		$rst = vB::$db->query_read($sql);
		$nodes = array();
		while($node = vB::$db->fetch_array($rst))
		{
			$nodes[$node['nodeid']] = $node;
		}
		return $nodes;
	}