public function output()
{
global $vbulletin;
if (!isset($vbulletin->userinfo['permissions']['cms'])) {
vBCMS_Permissions::getUserPerms();
}
$publishlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canpublish']);
$viewlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['allview']);
$rst = vB::$vbulletin->db->query_read_slave("SELECT node.nodeid, node.parentnode, node.url, node.permissionsfrom,\n\t\t\tnode.setpublish, node.publishdate, node.noderight, info.title FROM " . TABLE_PREFIX . "cms_node AS node INNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = node.nodeid\n\t\t\t WHERE node.contenttypeid = " . vB_Types::instance()->getContentTypeID("vBCms_Section") . " AND\n\t\t((node.permissionsfrom IN ({$viewlist}) AND node.hidden = 0 ) OR (node.permissionsfrom IN ({$publishlist})))\n\t\t\t ORDER BY node.nodeleft");
$nodes = array();
$noderight = 0;
while ($record = vB::$vbulletin->db->fetch_array($rst)) {
if (!in_array($record['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canedit']) and !(in_array($record['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canview']) and $record['setpublish'] == '1' and $record['publishdate'] < TIMENOW) or $record['noderight'] < $noderight) {
//We need to skip this record and all its children
$noderight = $record['permissionsfrom'];
continue;
}
$nodes[] = $record;
}
if (count($nodes)) {
reset($nodes);
$nodes = $this->setNavArray($nodes);
return $nodes;
}
}
/**
* determine which records are viewable by this user.
*
* @param mixed $user : current user object
* @param array $ids : array of article contentids
* @param mixed $gids : not applicable here- group id's for those types which are groupable
* @return array of (viewable id's, rejected groups)
*/
public function fetch_validated_list($user, $ids, $gids)
{
//We need to pull parentnode and permissionsfrom from the table.
$sql = "SELECT node.contentid, node.nodeid, node.parentnode, node.permissionsfrom, node.setpublish,
node.userid, node.publishdate, node.hidden, node.nosearch, node.userid FROM " .
TABLE_PREFIX . "cms_node AS node INNER JOIN " . TABLE_PREFIX . "cms_article AS article
ON article.contentid = node.contentid AND node.contenttypeid = " .
vB_Types::instance()->getContentTypeID('vBCms_Article') . " WHERE article.contentid in ("
. implode(', ', $ids) . ")";
$canview = array();
$hidden = array();
$rst = vB::$vbulletin->db->query_read($sql);
if ($rst)
{
// make sure user cms permissions are stored in the registry
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
while($record = vB::$vbulletin->db->fetch_array($rst))
{
if (in_array($record['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canedit']) OR
($record['userid'] == vB::$vbulletin->userinfo['userid']))
{
$canview[] = $record['contentid'];
}
else if (in_array($record['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canview'])
AND ($record['setpublish'] > 0) AND ($record['publishdate'] <= TIMENOW))
{
$canview[] = $record['contentid'];
}
else
{
$hidden[] = $record['parentnode'];
}
}
//And let's store the permissionsfrom in case we need it.
vBCMS_Permissions::setPermissionsfrom($record['nodeid'], $record['permissionsfrom'],
$record['hidden'], $record['setpublish'], $record['publishdate'], $record['userid']);
}
if (count($canview))
{
$articles = vBCms_Search_Result_Article::create_array($canview);
}
else
{
$articles = array();
}
return array('list' => $articles, 'groups_rejected' => $hidden);
}
public function can_add_tag()
{
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
//until we have better developed permissions, limit tagging
//to item editors only.
return vBCMS_Permissions::canEdit($this->fetch_content_info()->getNodeId());
}
/**
* Authorise the current user for the current action.
*/
protected function authorizeAction()
{
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
if (!(vB::$vbulletin->userinfo['permissions']['cms']['admin']))
{
throw (new vB_Exception_AccessDenied());
}
}
/**
* this will create an array of result objects from an array of ids()
*
* @param array of integer $ids
* @return array of objects
*/
public function create_array($ids)
{
$contenttypeid = vB_Types::instance()->getContentTypeID(
'vBCms_StaticHtml');
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
if ($rst = vB::$vbulletin->db->query_read("SELECT n.nodeid as itemid, n.setpublish,
u.username,n.nodeid, u.userid, i.html_title, n.permissionsfrom, n.hidden, n.url,
nc1.value AS previewtext, nc.value AS pagetext, i.title, i.description, n.publishdate, n.parentnode,
parent.title AS parenttitle, parent.html_title AS parent_html_title
FROM " . TABLE_PREFIX . "cms_node AS n
LEFT JOIN " . TABLE_PREFIX . "cms_nodeinfo i ON i.nodeid = n.nodeid
LEFT JOIN " . TABLE_PREFIX . "cms_nodeinfo AS parent ON parent.nodeid = n.parentnode
LEFT JOIN " . TABLE_PREFIX . "user u ON u.userid = n.userid
LEFT JOIN " . TABLE_PREFIX . "cms_nodeconfig AS nc ON nc.nodeid = n.nodeid AND nc.name = 'pagetext'
LEFT JOIN " . TABLE_PREFIX . "cms_nodeconfig AS nc1 ON nc1.nodeid = n.nodeid AND nc1.name = 'previewtext'
WHERE n.nodeid IN (" . implode(', ', $ids) .
")"))
{
while ($search_result = vB::$vbulletin->db->fetch_array($rst))
{
vBCMS_Permissions::setPermissionsfrom($search_result['nodeid'], $search_result['$permissionsfrom'], $search_result['hidden'],
$search_result['setpublish'], $search_result['publishdate'] );
//check permissions
if (!vBCMS_Permissions::canView($search_result['nodeid']))
{
continue;
}
$item = new vBCms_Search_Result_StaticPage();
$item->itemid = $search_result['itemid'];
$item->contenttypeid = $contenttypeid;
if ($rst1 = vB::$vbulletin->db->query_read("SELECT cat.categoryid, cat.category FROM " .
TABLE_PREFIX . "cms_nodecategory nc INNER JOIN " . TABLE_PREFIX .
"cms_category cat ON nc.categoryid = cat.categoryid WHERE nc.nodeid = " .
$search_result['nodeid']))
{
while($record = vB::$vbulletin->db->fetch_array($rst1))
{
$record['category_url'] = vB_Route::create('vBCms_Route_List', "category/" . $record['route_info'] . "/1")->getCurrentURL();
$categories[$record['categoryid']] = $record;
}
}
// if ($rst1 = vB::$vbulletin->db->query_read("SELECT cat.categoryid, cat.category FROM " .
// TABLE_PREFIX . "cms_nodecategory nc INNER JOIN " . TABLE_PREFIX .
// "cms_category cat ON nc.categoryid = cat.categoryid WHERE nc.nodeid = " .
// $search_result['nodeid']))
// {
// while($record = vB::$vbulletin->db->fetch_array($rst1))
// {
// $categories[$record['categoryid']] = $record;
// }
// }
$search_result['categories'] = $categories;
$item->record = $search_result;
$items[$search_result['itemid']] = $item;
}
return $items;
}
return false;
}
/**
* Determines whether the current user can publish the content.
*
* @return bool
*/
public function canPublish()
{
//See canView for the logic
$this->assertContent();
if (! isset($vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
return $this->content->canPublish();
}
/**
* pre_delete function - extend if the contenttype needs to do anything
*
* @param array list of deleted attachment ids to delete
* @param boolean verify permission to delete
*
* @return boolean
*/
public function pre_delete($list, $checkperms = true)
{
if (!isset($this->contentid) and !vB::$vbulletin->GPC_exists['values'])
{
vB::$vbulletin->input->clean_array_gpc('r', array(
'f' => vB_Input::TYPE_UINT
));
}
if (!isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
if (vB::$vbulletin->GPC_exists['values'] and isset(vB::$vbulletin->GPC['values']['f']))
{
$this->contentid = vB::$vbulletin->GPC['values']['f'];
return vBCMS_Permissions::canEdit($this->contentid);
}
if (count($list))
{
$rst = vB::$vbulletin->db->query_read("
SELECT DISTINCT node.permissionsfrom
FROM " . TABLE_PREFIX . "attachment AS attach
INNER JOIN " . TABLE_PREFIX . "cms_node AS node ON (node.nodeid = attach.contentid AND node.contenttypeid = attach.contenttypeid)
WHERE
attachmentid IN (" . implode(',' , $list) . ")
");
while ($record = vB::$vbulletin->db->fetch_array($rst))
{
if (!in_array($record['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canedit']))
{
return false;
}
}
return true;
}
}
/**
* Fetches the standard page view for a widget.
*
* @param bool $skip_errors - If using a collection, omit widgets that throw errors
* @return vBCms_View_Widget - The resolved view, or array of views
*/
public function getPageView()
{
$this->assertWidget();
if (! isset($vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
// Create view
$config = $this->widget->getConfig();
if (!isset($config['template_name']) OR ($config['template_name'] == '') )
{
$config['template_name'] = 'vbcms_widget_sectionnav_page';
}
$canviewlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['viewonly']);
$caneditlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canedit']);
$for_node = intval($this->content->getContentTypeId()) == intval(vb_Types::instance()->getContentTypeID("vBCms_Section")) ?
$this->content->getNodeId() : $this->content->getParentId();
// Create view
$view = new vBCms_View_Widget($config['template_name']);
if ( $link_nodes = vB_Cache::instance()->read($cache_key = $this->getHash($this->widget->getId(), $for_node), false, true))
{
$links_before = $link_nodes['links_before'];
$links_above = $link_nodes['links_above'];
$links_sibling = $link_nodes['links_sibling'];
$links_children = $link_nodes['links_children'];
$links_after = $link_nodes['links_after'];
$myself = $link_nodes['myself'];
}
else
{
//If we're on a section, we show for this nodeid. If we're on
// on a leaf-type node we show for the parent
$section_possibles = vBCms_ContentManager::getSections();
$my_left = $this->content->getNodeLeft();
$my_right = $this->content->getNodeRight();
$my_parent = $this->content->getParentId();
$my_nodeid = $this->content->getNodeId();
$my_title = '';
$links_above = array();
$links_before = array();
$links_above = array();
$links_sibling = array();
$links_after = array();
$links_children = array();
$top_level = array();
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']) )
{
vBCMS_Permissions::getUserPerms();
}
$route = new vBCms_Route_Content();
$route->setParameter('action', 'view');
$homeid = $sections[0]['nodeid'];
//Now let's scan the array;
$indent = 0;
$i = 1;
$noderight = 0;
//Let's remove items we're not supposed to see.
$sections= array();
foreach ($section_possibles as $key => $section)
{
if (/** This user has permissions to view this record **/
( in_array($section['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canedit'])
OR (in_array($section['permissionsfrom'],vB::$vbulletin->userinfo['permissions']['cms']['canview'] )
AND $section['setpublish'] == '1' AND $section['publishdate'] < TIMENOW ))
AND /** This user also has rights to the parents **/
($section['noderight'] > $noderight))
{
$sections[] = $section;
}
else
{
//So the children will be skipped
$noderight = $section['noderight'];
}
}
//First the sections ahead of us
while($i < count($sections) AND $my_left > $sections[$i]['nodeleft'])
{
$route->node = $sections[$i]['nodeid'] . (strlen($sections[$i]['url']) ? '-' . $sections[$i]['url'] : '' );
//see if it's a top-level
if ($sections[$i]['parentnode'] == $homeid)
{
$links_before[] = array('title' => $sections[$i]['title'],
'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => 0);
}//is it a sibling?
else if ($my_parent == $sections[$i]['parentnode'])
{
$links_sibling[] = array('title' => $sections[$i]['title'],
'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => 0);
}
$i++;
}
//Now our parentage and children
while($i < count($sections) AND $my_right > $sections[$i]['nodeleft'])
{
$route->node = $sections[$i]['nodeid'] . (strlen($sections[$i]['url']) ? '-' . $sections[$i]['url'] : '' );
if ($my_nodeid == $sections[$i]['parentnode'])
{
$links_children[] = array('title' => $sections[$i]['title'],
'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => ($indent) * 10);
}
else if ($my_nodeid == $sections[$i]['nodeid'])
{
$myself = array('title' => $sections[$i]['title'],
'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => $indent * 10);
}
else
{
$links_above[] = array('title' => $sections[$i]['title'],
'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => $indent * 10);
$my_title = $sections[$i]['title'];
$indent++;
}
$i++;
}
//Now the afters
while ($i < count($sections))
{
$route->node = $sections[$i]['nodeid'] . (strlen($sections[$i]['url']) ? '-' . $sections[$i]['url'] : '' );
if ($sections[$i]['parentnode'] == $homeid)
{
$links_after[] = array('title' => $sections[$i]['title'],
'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => 0);
}
else if ($my_parent == $sections[$i]['parentnode'])
{
$links_sibling[] = array('title' => $sections[$i]['title'],
'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => 0);
}
$i++;
}
foreach($links_sibling as $key => $value)
{
$links_sibling[$key]['indent'] = $indent * 10;
}
$route->node = $sections[1]['nodeid'] . (strlen($sections[1]['url']) ? '-' . $sections[1]['url'] : '' );
//We have the pieces, now let's string them together;
//Top level first
$links_before = array_merge(array(array('title' => $sections[0]['title'],
'sectionurl' => $route->getCurrentUrl(array('node' =>$route->node, 'action' => 'view')), 'indent' => 0)), $links_before);
//Now write to the cache
vB_Cache::instance()->write($cache_key,
array('links_before' => $links_before, 'links_above' => $links_above,
'links_sibling' => $links_sibling , 'links_after' => $links_after,
'links_children' => $links_children, 'myself' => $myself ), $this->cache_ttl,
array('section_nav_' . $for_node, 'sections_updated'));
}
//The first record is the root
$view->links_before = $links_before;
$view->links_above = $links_above;
$view->links_sibling = $links_sibling;
$view->links_children = $links_children;
$view->links_after = $links_after;
$view->myself = $myself;
$view->widget_title = $this->widget->getTitle();
return $view;
}
/**
* Template method that does all the work to display an issue note, including processing the template
*
* @return string Templated note output
*/
function construct()
{
global $vbulletin;
($hook = vBulletinHook::fetch_hook('blog_entry_display_start')) ? eval($hook) : false;
// preparation for display...
$this->prepare_start();
if ($this->blog['userid'])
{
$this->process_registered_user();
}
else
{
$this->process_unregistered_user();
}
$this->process_date_status();
$this->process_display();
$this->process_text();
$this->process_attachments();
$this->prepare_end();
// actual display...
$blog =& $this->blog;
$status =& $this->status;
global $show, $vbphrase;
global $spacer_open, $spacer_close;
global $bgclass, $altbgclass;
exec_switch_bg();
$show['readmore'] = $this->readmore;
$show['ignoreduser'] = ($this->ignored_users[$this->blog['userid']]);
// prepare the member action drop-down menu
$memberaction_dropdown = construct_memberaction_dropdown($blog);
//set up the ad for the first blog entry
global $ad_location;
if ($this->is_first)
{
$ad_location['bloglist_first_entry'] = vB_Template::create('ad_bloglist_first_entry')->render();
}
($hook = vBulletinHook::fetch_hook('blog_entry_display_complete')) ? eval($hook) : false;
$templater = vB_Template::create($this->template);
$templater->register('blog', $blog);
$templater->register('memberaction_dropdown', $memberaction_dropdown);
$templater->register('status', $status);
$templater->register('is_first', $this->is_first);
$templater->register('ad_location', $ad_location);
if ($vbulletin->products['vbcms'])
{
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
require_once DIR . '/packages/vbcms/permissions.php';
vBCMS_Permissions::getUserPerms();
}
if (count(vB::$vbulletin->userinfo['permissions']['cms']['canpublish']))
{
$templater->register('promote_sectionid', vB::$vbulletin->userinfo['permissions']['cms']['canpublish'][0]);
$templater->register('articletypeid', vB_Types::instance()->getContentTypeID('vBCms_Article'));
$promote_url = vB_Route::create('vBCms_Route_Content', '1/addcontent/')->getCurrentURL();
$promote_url .= (strrpos($promote_url, '?') ? '&' : '?') .
'contenttypeid=' . vB_Types::instance()->getContentTypeID('vBCms_Article') .
"&blogid=" . $blog['blogid'] . '&parentid=1';
$templater->register('promote_url', $promote_url);
}
}
$output = $templater->render(($this->registry->GPC['ajax']));
return $output;
}
private static function renderResult($userinfo, $post_array, $permissions,
$forumperms, $target_url, $nodeid)
{
if (!count($post_array))
{
return '';
}
require_once DIR . '/includes/functions_bigthree.php' ;
require_once DIR . '/includes/class_postbit.php' ;
fetch_phrase_group('showthread');
fetch_phrase_group('postbit');
global $vbphrase;
global $template_hook;
global $show;
global $thread;
$thread = $thread->get_record();
$threadinfo = verify_id('thread', $thread['threadid'], 1, 1);
$foruminfo = verify_id('forum', $threadinfo['forumid'], 1, 1);
$firstpostid = false;
$displayed_dateline = 0;
if (vB::$vbulletin->options['threadmarking'] AND vB::$vbulletin->userinfo['userid'])
{
$threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - (vB::$vbulletin->options['markinglimit'] * 86400));
}
else
{
$threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
if (!$threadview)
{
$threadview = vB::$vbulletin->userinfo['lastvisit'];
}
}
require_once DIR . '/includes/functions_user.php';
$show['inlinemod'] = false;
$postids = array();
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
$postids = ' post.postid in ('
. implode(', ', $post_array) .')';
$posts = vB::$vbulletin->db->query_read($sql = "
SELECT
post.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,
user.*, userfield.*, usertextfield.*,
" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "
" . iif( vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "
" . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "
" . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "
editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,
editlog.reason AS edit_reason, editlog.hashistory,
postparsed.pagetext_html, postparsed.hasimages,
sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,
sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,
IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,
customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight
" . iif(!($permissions['genericpermissions'] & vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), vB::$vbulletin->profilefield['hidden']) . "
$hook_query_fields
FROM " . TABLE_PREFIX . "post AS post
LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)
LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)
LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)
" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "
" . iif( vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "
" . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "
$deljoin
LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)
LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")
LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")
LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)
LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)
$hook_query_joins
WHERE $postids
ORDER BY post.dateline
");
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) AND !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment']))
{
vB::$vbulletin->options['attachthumbs'] = 0;
}
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment']))
{
vB::$vbulletin->options['viewattachedimages'] = 0;
}
$postcount = count($postid_array);
$counter = 0;
$postbits = '';
vB::$vbulletin->noheader = true;
$postbit_factory = new vB_Postbit_Factory();
$postbit_factory->registry = vB::$vbulletin;
$postbit_factory->forum = $foruminfo;
$postbit_factory->thread = $thread;
$postbit_factory->cache = array();
$postbit_factory->bbcode_parser = new vB_BbCodeParser( vB::$vbulletin, fetch_tag_list());
//We need to tell the parser to handle quotes differently.
$postbit_factory->bbcode_parser->set_quote_template('vbcms_bbcode_quote');
$postbit_factory->bbcode_parser->set_quote_vars(array('page_url' => $target_url .
(strpos($target_url, '?') == false ? '?' : '&')));
$show['return_node'] = $nodeid;
$show['avatar'] = 1;
while ($post = vB::$vbulletin->db->fetch_array($posts))
{
if (! self::canViewPost($post, $permissions) )
{
continue;
}
if (! intval($post['userid']))
{
$post['avatarid'] = false;
}
else if (!$post['hascustomavatar'])
{
if ($post['profilepic'])
{
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
$post['avatarpath'] = "./image.php?u=" . $post['userid'] . "&dateline=" . $post['profilepicdateline'] . "&type=profile";
$post['avwidth'] = $post['ppwidth'];
$post['avheight'] = $post['ppheight'];
}
else
{
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
// explicity setting avatarurl to allow guests comments to show unknown avatar
$post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif';
$post['avwidth'] = 60;
$post['avheight'] = 60;
}
}
if ($tachyuser = in_coventry($post['userid']) AND !can_moderate($thread['forumid']))
{
continue;
}
if ($post['visible'] == 1 AND !$tachyuser)
{
++$counter;
if ($postorder)
{
$post['postcount'] = --$postcount;
}
else
{
$post['postcount'] = ++$postcount;
}
}
if ($tachyuser)
{
$fetchtype = 'post_global_ignore';
}
else if ($ignore["$post[userid]"])
{
$fetchtype = 'post_ignore';
}
else if ($post['visible'] == 2)
{
$fetchtype = 'post_deleted';
}
else
{
$fetchtype = 'post';
}
if (
( vB::$vbulletin->GPC['viewfull'] AND $post['postid'] == $postinfo['postid'] AND $fetchtype != 'post')
AND
(can_moderate($threadinfo['forumid']) OR !$post['isdeleted'])
)
{
$fetchtype = 'post';
}
($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false;
$postbit_obj = $postbit_factory->fetch_postbit($fetchtype);
$postbit_obj->set_template_prefix('vbcms_');
if ($fetchtype == 'post')
{
$postbit_obj->highlight = $replacewords;
}
if (!$firstpostid)
{
$firstpostid = $post['postid'];
}
$post['islastshown'] = ($post['postid'] == $lastpostid);
$post['isfirstshown'] = ($counter == 1 AND $fetchtype == 'post' AND $post['visible'] == 1);
$post['islastshown'] = ($post['postid'] == $lastpostid);
$post['attachments'] = $postattach["$post[postid]"];
$parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false);
$this_postbit = $postbit_obj->construct_postbit($post);
$this_template = vB_Template::create('vbcms_comments_detail');
$this_template->register('postid', $post['postid'] );
$this_template->register('postbit', $this_postbit);
$this_template->register('indent', $post_array[$this_key]['level'] * $pixel_indent);
$postbits .= $this_template->render();
$LASTPOST = $post;
// Only show after the first post, counter isn't incremented for deleted/moderated posts
if ($post_cachable AND $post['pagetext_html'] == '')
{
if (!empty($saveparsed))
{
$saveparsed .= ',';
}
$saveparsed .= "($post[postid], " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")";
}
if (!empty($postbit_obj->sig_cache) AND $post['userid'])
{
if (!empty($save_parsed_sigs))
{
$save_parsed_sigs .= ',';
}
$save_parsed_sigs .= "($post[userid], " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")";
}
}
if ($LASTPOST['dateline'] > $displayed_dateline)
{
$displayed_dateline = $LASTPOST['dateline'];
if ($displayed_dateline <= $threadview)
{
$updatethreadcookie = true;
}
}
if ($firstpostid)
{
$this_template->register('FIRSTPOSTID', $firstpostid );
}
if ($lastpostid)
{
$this_template->register('LASTPOSTID', $lastpostid);
}
// Set thread last view
if ($displayed_dateline AND $displayed_dateline > $threadview)
{
mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline);
}
vB::$vbulletin->db->free_result($posts);
unset($post);
return $postbits;
}
/**
* Fetches the SQL for loading.
* $required_query is used to identify which query to build for classes that
* have multiple queries for fetching info.
*
* This can safely be based on $this->required_info as long as a consitent
* flag is used for identifying the query.
*
* @param int $required_query - The required query
* @param bool $force_rebuild - Whether to rebuild the string
*
* @return string
*/
protected function getLoadQuery($required_query = self::QUERY_BASIC, $force_rebuild = false)
{
// Hooks should check the required query before populating the hook vars
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook($this->query_hook)) ? eval($hook) : false;
// Internal hooks for loading content with QUERY_BASIC
$content_query_fields = $content_query_joins = $content_query_where = '';
// if ($this->requireLoad(vBCms_Item_Content::INFO_CONTENT))
// {
$content_query_fields = $this->getContentQueryFields();
$content_query_joins = $this->getContentQueryJoins();
$content_query_where = $this->getContentQueryWhere();
// }
// Content item queries
if (self::QUERY_BASIC == $required_query)
{
$calc_rows = $this->requireLoad(vBCms_Item_Content::INFO_BASIC) ? 'SQL_CALC_FOUND_ROWS' : '';
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
require_once DIR . '/packages/vbcms/permissions.php';
vBCMS_Permissions::getUserPerms();
}
//We need a nodeid for the displayorder below
if ($this->filter_node_exact AND !$this->filter_node )
{
$this->filter_node = $this->filter_node_exact;
}
//enforce the max_records limits
if ($this->max_records)
{
$this->paginate = true;
if (!$this->start)
{
$this->start = 0;
}
$this->quantity = $this->max_records;
}
$filter_notcontenttype = $this->getFilterNotContentTypeSql();
$sql = "SELECT $calc_rows node.nodeid AS itemid" .
($this->requireLoad(vBCms_Item_Content::INFO_BASIC) ?
" ,(node.nodeleft = 1) AS isroot, node.nodeid, node.contenttypeid, node.contentid, node.url, node.parentnode, node.styleid, node.userid,
node.layoutid, node.publishdate, node.setpublish, node.issection, parent.permissionsfrom as parentpermissions,
node.showrating,
node.permissionsfrom, node.publicpreview, node.shownav, node.hidden, node.nosearch " : '') .
($this->requireLoad(vBCms_Item_Content::INFO_NODE) ?
", info.description, info.title, info.viewcount, info.creationdate, info.workflowdate,
info.workflowstatus, info.workflowcheckedout, info.workflowlevelid, info.associatedthreadid,
user.username, sectionorder.displayorder" : '') .
($this->requireLoad(vBCms_Item_Content::INFO_DEPTH) ?
", (COUNT(pdepth.nodeid) - 1) AS depth" : '') . "
$content_query_fields
$hook_query_fields
FROM " . TABLE_PREFIX . "cms_node AS node " .
($this->requireLoad(vBCms_Item_Content::INFO_NODE) ? "
INNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = node.nodeid
LEFT JOIN " . TABLE_PREFIX . "user AS user ON user.userid = node.userid
LEFT JOIN " . TABLE_PREFIX . "cms_sectionorder AS sectionorder ON sectionorder.sectionid = node.parentnode
AND sectionorder.nodeid = node.nodeid" : '')
. ($this->requireLoad(self::INFO_BASIC) ? "
LEFT JOIN " . TABLE_PREFIX . "cms_node AS parent ON parent.nodeid = node.parentnode " : '')
. ($this->filter_node ?
"INNER JOIN " . TABLE_PREFIX . "cms_node AS rootnode
ON rootnode.nodeid = " . intval($this->filter_node) : '') .
($this->requireLoad(vBCms_Item_Content::INFO_DEPTH) ?
" LEFT JOIN " . TABLE_PREFIX . "cms_node AS pdepth ON (node.nodeleft >= pdepth.nodeleft AND node.nodeleft <=pdepth.noderight>" : '') .
" $content_query_joins
$hook_query_joins
WHERE node.new != 1 " .
($this->itemid ? " AND node.nodeid IN (" . implode(',', $this->itemid) . ") " : '') .
($this->filter_ignorepermissions ? '' : " AND " . vBCMS_Permissions::getPermissionString())
.
((($this->filter_contenttype AND ($this->filter_contenttype == vB_Types::instance()->getContentTypeID("vBCms_Section"))) OR $this->filter_onlysections)
? '' : "AND node.new != 1 ") .
($this->filter_contenttype ? "AND node.contenttypeid = " . intval($this->filter_contenttype) . " " : '') .
($this->filter_contentid ? "AND node.contentid = " . intval($this->contentid) . " ": '') .
($this->filter_node ? "AND (node.nodeleft >= rootnode.nodeleft AND node.nodeleft <= rootnode.noderight) AND node.nodeleft != rootnode.nodeleft " : '') .
($this->filter_nosections ? "AND node.issection != '1' " : '') .
($this->filter_onlysections ? "AND node.issection = '1' " : '') .
($this->filter_userid ? "AND node.userid = " . intval($this->filter_userid) . " " : '') .
($this->visible_only ? "AND node.hidden = 0 " : '') .
(intval($this->filter_node_exact) ? "AND (node.parentnode = " .
$this->filter_node_exact . " OR sectionorder.displayorder > 0 )": '').
($this->filter_published ? "AND node.setpublish = '1' AND node.publishdate <= " . intval(TIMENOW) . " " : '') .
($this->filter_unpublished ? "AND node.setpublish = '0' OR node.publishdate > " . intval(TIMENOW) . " " : '') . "
$content_query_where
$hook_query_where " .
($this->requireLoad(vBCms_Item_Content::INFO_DEPTH) ?
" GROUP BY node.nodeid " : '') .
(isset($this->orderby) ? " ORDER BY " . $this->orderby :
($this->requireLoad(vBCms_Item_Content::INFO_NODE) ? " ORDER BY CASE WHEN sectionorder.displayorder > 0 THEN sectionorder.displayorder ELSE 9999999 END ASC,
node.publishdate DESC" : 'ORDER BY node.setpublish DESC, node.publishdate DESC' ))
.
($this->paginate ?
" LIMIT " . intval($this->start) . ', ' . intval($this->quantity) : '');
return $sql;
}
else if (self::QUERY_PARENTS == $required_query)
{
return
"SELECT node.nodeid AS itemid, parent.nodeid, parent.url, parent.styleid, parent.layoutid, parent.publishdate,
parent.setpublish, parent.hidden, info.title, info.description
$hook_query_fields
FROM " . TABLE_PREFIX . "cms_node AS node
INNER JOIN " . TABLE_PREFIX . "cms_node AS parent ON (node.nodeleft >= parent.nodeleft AND node.nodeleft <= parent.noderight)
INNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = parent.nodeid
LEFT JOIN " . TABLE_PREFIX . "cms_sectionorder AS ord ON ord.nodeid = node.nodeid AND ord.sectionid = node.parentnode " .
$hook_query_joins . "
WHERE node.nodeid IN (" . implode(',', $this->itemid) . ")
AND parent.nodeid != node.nodeid
$hook_query_where
ORDER BY parent.nodeleft, ord.displayorder"
;
}
else if (self::QUERY_CONFIG == $required_query)
{
return
"SELECT nodeid AS itemid, name, value, serialized
$hook_query_fields
FROM " . TABLE_PREFIX . "cms_nodeconfig
$hook_query_joins
WHERE nodeid IN (" . implode(',', $this->itemdid) . ")
$hook_query_where
";
}
throw (new vB_Exception_Model('Invalid query id \'' . htmlspecialchars_uni($required_query) . '\' specified for collection'));
}
/**
* Fetches the standard page view for a widget.
*
* @param bool $skip_errors - If using a collection, omit widgets that throw errors
* @return vBCms_View_Widget - The resolved view, or array of views
*/
public function getPageView()
{
$this->assertWidget();
if (! isset($vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
$config = $this->widget->getConfig();
if (!isset($config['template_name']) OR ($config['template_name'] == '') )
{
$config['template_name'] = $this->default_template;
}
$view = new vBCms_View_Widget($config['template_name']);
$view->widget_title = $this->widget->getTitle();
$view->menu_static = ($config['menu_type'] == 1 ? 'true' : 'false');
$view->show_all_tree_elements_threshold = $config['show_all_tree_elements_threshold'];
//see if we can get from cache;
if ($sectionlist = vB_Cache::instance()->read($this->getHash($this->widget->getId(), 'all'), true, true))
{
$view->nodelist = $this->arrangeSection($sectionlist, $this->content->getNodeId());
$view->nodes = $this->setNavArray($sectionlist);
return $view;
}
$publishlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canpublish']);
$viewlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['allview']);
$rst = vB::$vbulletin->db->query_read("SELECT node.nodeid, node.parentnode, node.url, node.permissionsfrom,
node.setpublish, node.publishdate, node.noderight, info.title FROM " . TABLE_PREFIX .
"cms_node AS node INNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = node.nodeid
WHERE node.contenttypeid = " .
vB_Types::instance()->getContentTypeID("vBCms_Section") . " AND
((node.permissionsfrom IN ($viewlist) AND node.hidden = 0 ) OR (node.permissionsfrom IN ($publishlist)))
ORDER BY node.nodeleft");
$nodes = array();
$noderight = 0;
while($record = vB::$vbulletin->db->fetch_array($rst))
{
if (/** This user doesn have permissions to view this record **/
(! in_array($record['permissionsfrom'],vB::$vbulletin->userinfo['permissions']['cms']['canedit'])
AND !(in_array($record['permissionsfrom'], vB::$vbulletin->userinfo['permissions']['cms']['canview'] )
AND $record['setpublish'] == '1' AND $record['publishdate'] < TIMENOW ))
OR /** This user didn't have rights to a parent **/
($record['noderight'] < $noderight))
{
//We need to skip this record and all its children
$noderight = $record['permissionsfrom'];
continue;
}
$nodes[] = $record;
}
if (count($nodes))
{
vB_Cache::instance()->write($this->getHash($this->widget->getId(), 'all'),
$nodes, $this->cache_ttl, array('sections_updated'));
reset($nodes);
$view->nodelist = $this->arrangeSection($nodes, $this->content->getNodeId());
$view->nodes = $this->setNavArray($nodes);
return $view;
}
return false;
}
public function getCount()
{
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook($this->query_hook)) ? eval($hook) : false;
// Internal hooks for loading content with QUERY_BASIC
// if ($this->requireLoad(vBCms_Item_Content::INFO_CONTENT))
// {
$content_query_fields = $this->getContentQueryFields();
$content_query_joins = $this->getContentQueryJoins();
$content_query_where = $this->getContentQueryWhere();
// }
$filter_notcontenttype = $this->getFilterNotContentTypeSql();
//make sure permissions are loaded.
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
if (!count(vB::$vbulletin->userinfo['permissions']['cms']['allview']))
{
return false;
}
$sql = "SELECT count(node.nodeid) AS qty
FROM " . TABLE_PREFIX . "cms_node AS node"
. ($this->filter_node ?
" INNER JOIN " . TABLE_PREFIX . "cms_node AS rootnode
ON rootnode.nodeid = " . intval($this->filter_node) : '') .
" $content_query_joins
$hook_query_joins
LEFT JOIN " . TABLE_PREFIX . "cms_sectionorder AS sectionorder ON sectionorder.sectionid = " . intval($this->filter_node) ."
AND sectionorder.nodeid = node.nodeid
WHERE (1=1) ".
($this->filter_contenttype ? "AND node.contenttypeid = " . intval($this->filter_contenttype) . " " : '') .
($this->filter_contentid ? "AND node.contentid = " . intval($this->contentid) . " ": '') .
($this->filter_node ? "AND (node.nodeleft >= rootnode.nodeleft AND node.nodeleft <= rootnode.noderight) AND node.nodeleft != rootnode.nodeleft " : '') .
($this->filter_nosections ? "AND node.issection != '1' " : '') .
($this->filter_onlysections ? "AND node.issection = '1' " : '') .
($this->filter_userid ? "AND node.userid = " . intval($this->filter_userid) . " " : '') .
($this->filter_published ? "AND node.setpublish = '1' AND node.publishdate <= " . intval(TIMENOW) . " " : '') .
($this->filter_unpublished ? "AND node.setpublish = '0' OR node.publishdate > " . intval(TIMENOW) . " " : '') . "
" . ((($this->filter_contenttype AND ($this->filter_contenttype == vB_Types::instance()->getContentTypeID("vBCms_Section"))) OR $this->filter_onlysections)
? '' : "AND node.new != 1 ")
. (intval($this->filter_node_exact) ? "AND (node.parentnode = " . $this->filter_node_exact . " OR sectionorder.displayorder > 0 )": '')
. (($this->orderby == 5) ? " AND sectionorder.displayorder > 0 " : '') .
($this->filter_ignorepermissions ? '' : " AND " . vBCMS_Permissions::getPermissionString())
.
"
$filter_notcontenttype
$content_query_where
$hook_query_where ";
if ($record = vB::$vbulletin->db->query_first($sql))
{
return intval($record['qty']);
}
}
public static function getNodeSearchResults()
{
global $vbulletin;
global $vbphrase;
global $phrasegroups;
require_once DIR . '/includes/functions_databuild.php';
require_once DIR . '/includes/functions.php';
fetch_phrase_group('cpcms');
if (! isset($vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
$vbulletin->input->clean_array_gpc('r', array(
'title_filter' => TYPE_STR,
'contenttypeid' => TYPE_UINT,
'state_filter' => TYPE_UINT,
'formid' => TYPE_STR,
'author_filter' => TYPE_UINT));
$filters = array("node.permissionsfrom in (" . implode(',', array_unique(
array_merge($vbulletin->userinfo['permissions']['cms']['cancreate'],
$vbulletin->userinfo['permissions']['cms']['canedit'],
$vbulletin->userinfo['permissions']['cms']['canpublish']))) . ") ");
if ($vbulletin->GPC_exists['title_filter'])
{
$filters[] = " lower(info2.title) like '%" . strtolower($vbulletin->GPC['title_filter']) . "%' ";
}
if ($vbulletin->GPC_exists['state_filter'])
{
switch(intval($vbulletin->GPC['state_filter']))
{
case 1:
$filters[] = " node2.setpublish = 0 ";
break;
case 2:
$filters[] = " node2.setpublish > 0 AND node.publishdate <= " . TIMENOW;
break;
case 3:
$filters[] = " node2.setpublish > 0 AND node.publishdate > " . TIMENOW;
break;
} // switch
}
if ($vbulletin->GPC_exists['author_filter'])
{
$filters[] = "node2.userid =" . intval($vbulletin->GPC['author_filter']);
}
if ($vbulletin->GPC_exists['contenttypeid'])
{
$filters[] = "node2.contenttypeid =" . $vbulletin->GPC['contenttypeid'];
}
$filters[] = "node2.new != 1";
$sql = "SELECT DISTINCT info.title AS section, node.nodeid AS parentid,
node2.nodeid, user.username, node2.setpublish, node2.publishdate, node2.nodeleft, node2.noderight
FROM " . TABLE_PREFIX . "cms_node AS node INNER JOIN " .
TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = node.nodeid
INNER JOIN " . TABLE_PREFIX .
"cms_node node2 ON (node2.nodeleft >= node.nodeleft AND node2.nodeleft <= node.noderight)
INNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info2 ON info2.nodeid = node2.nodeid
LEFT JOIN " . TABLE_PREFIX . "user AS user ON user.userid = node2.userid
WHERE " . implode (" AND ", $filters) .
" ORDER BY node2.nodeleft, node.nodeleft";
if ($rst = $vbulletin->db->query_read($sql))
{
//Now it's simple. We walk down the list, composing the
// parentage as we go.
$results = array();
$counter = 0;
$row = $vbulletin->db->fetch_array($rst);
$current_nodeid = intval(-1);
$parentnames = array();
$lastnode = $row;
while($row)
{
// If the current record isn't a child of the last record,
// put out the current record. Since we're already sorted by nodeleft, we
// only need to worry about noderight
if (intval($row['nodeid']) != $current_nodeid)
{
$counter++;
$published = (intval($lastnode['setpublish']) ? $vbphrase['published'] . ' ' .
vbdate($vbulletin->options['dateformat'], $lastnode['publishdate']) : $vbphrase['unpublished']);
$results [$lastnode['nodeid']] = array('leaf' => $lastnode['section'],
'contenttype' => $vbphrase[strtolower($lastnode['class'])],
'nodeid' => $lastnode['nodeid'], 'counter' => $counter,
'author' => $lastnode['username'], 'published' => $published, 'parent' => implode('>', $parentnames) );
$current_nodeid = intval($row['nodeid']);
$parentnames = array();
$lastnode = $row;
}
else
{
$parentnames[] = $lastnode['section'];
$lastnode = $row;
}
$row = $vbulletin->db->fetch_array($rst);
}
}
//at the end we have to display one more record.
$counter++;
$published = (intval($lastnode['setpublish']) ? $vbphrase['published'] . ' ' .
vbdate($vbulletin->options['dateformat'], $lastnode['publishdate']) : $vbphrase['unpublished']);
$results [$lastnode['nodeid']] = array('leaf' => $lastnode['section'],
'contenttype' => $vbphrase[strtolower($lastnode['class'])],
'nodeid' => $lastnode['nodeid'], 'counter' => $counter,
'author' => $lastnode['username'], 'published' => $published, 'parent' => implode('>', $parentnames) );
$template = vB_Template::create('vbcms_ajax_leafresult');
$template->register('nodelist', $results) ;
$template->register('count', $counter);
$template->register('formid',($vbulletin->GPC_exists['formid']? $vbulletin->GPC['formid'] : 'cms_section_data'));
return $template->render();
}
/** Creates the publish editor at the top right of the edit section
*
* @return mixed
*
****/
public function getPublishEditor($submit_url, $formid, $showpreview = true, $showcomments = true,
$publicpreview = false, $comments_enabled = false, $pagination_links = 1)
{
if ($this->canPublish())
{
$pub_view = new vB_View('vbcms_edit_publisher');
$pub_view->formid = $formid;
$pub_view->setpublish = $this->setpublish;
// if this is an unpublished article then we display publish to facebook
if (is_facebookenabled() AND vB::$vbulletin->options['fbfeednewarticle'] AND !$this->setpublish)
{
// only display box if user is connectected to facebook
$pub_view->showfbpublishcheckbox = is_userfbconnected();
}
//Get date is a most annoying function for us. It takes a Unix time stamp
// and converts it to server local time. We need to compensate for the difference between
// server time (date('Z')) and usertime (vBCms_ContentManager::getTimeOffset(vB::$vbulletin->userinfo))
$offset = vBCms_ContentManager::getTimeOffset(vB::$vbulletin->userinfo) - date('Z');
if (intval($this->publishdate))
{
$pub_view->publishdate = $this->publishdate ;
}
else
{
// get the current date/time dependent on user locality
$pub_view->publishdate = TIMENOW;
}
$then = getdate(intval($pub_view->publishdate) + $offset);
$pub_view->hour = $then['hours'];
$pub_view->minute = $then['minutes'];
//we need to parse out the date and time
//Are we using a 24 hour clock?
if ((strpos(vB::$vbulletin->options['timeformat'], 'G') !== false) OR
(strpos( vB::$vbulletin->options['timeformat'], 'H') !== false))
{
$pub_view->show24 = 1;
}
else
{
$pub_view->show24 = 0;
$pub_view->offset = $pub_view->hour >= 12 ? 'PM' : 'AM';
if ($pub_view->hour > 12)
{
$pub_view->hour -= 12;
}
}
$pub_view->title = $this->title;
$pub_view->html_title = $this->html_title;
$pub_view->username = $this->username;
$pub_view->dateformat = vB::$vbulletin->options['dateformat'];
// get the appropriate date format string for the
// publish date calendar based on user's locale
$pub_view->calendardateformat = (!empty(vB::$vbulletin->userinfo['lang_dateoverride']) ? '%Y/%m/%d' : 'Y/m/d');
$pub_view->groups = $this->getReaderGroups();
$pub_view->parents = $this->getParentage();
$pub_view->submit_url = $submit_url;
$pub_view->sectiontypeid = vb_Types::instance()->getContentTypeID("vBCms_Section");
$pub_view->parents = $this->getParentage();
$pub_view->showtitle = $this->getShowTitle();
$pub_view->showuser = $this->getShowUser();
$pub_view->showpreviewonly = $this->getShowPreviewonly();
$pub_view->showupdated = $this->getShowUpdated();
$pub_view->showviewcount = $this->getShowViewcount();
$pub_view->showpublishdate = $this->getShowPublishdate();
$pub_view->settingsforboth = $this->getSettingsForboth();
$pub_view->showall = $this->getShowall();
$pub_view->includechildren = $this->getIncludeChildren();
$pub_view->showrating = $this->getShowRating();
$pub_view->hidden = $this->getHidden();
$pub_view->pagination_links = $pagination_links;
$pub_view->show_pagination_link =
($this->contenttypeid == vb_Types::instance()->getContentTypeID("vBCms_Section") ) ? 1 : 0;
$pub_view->shownav = $this->getShowNav();
$pub_view->show_shownav =
($this->contenttypeid == vb_Types::instance()->getContentTypeID("vBCms_Section") ) ? 0 : 1;
$pub_view->nosearch = $this->getNoSearch();
$sectionid = (1 == $this->nodeid) ? 1 : $this->parentnode;
$pub_view->hours24 = vB::$vbulletin->options['dateformat'];
if ($this->contenttypeid == $pub_view->sectiontypeid)
{
$pub_view->show_categories = 0;
$pub_view->is_section = 1;
$pub_view->show_showsettings = 0;
}
else
{
$pub_view->show_categories = 1;
$pub_view->categories = $this->getThisCategories();
$pub_view->show_showsettings = 1;
$pub_view->is_section = 0;
$pub_view->sectionid = $this->parentnode;
}
if ($pub_view->show_htmloption = (
$this->contenttypeid == vb_Types::instance()->getContentTypeID("vBCms_Article") // this is limited here to article but could be moved to any contenttype
AND
$this->canusehtml // this is set by some of the member functions above...
))
{
$pub_view->htmloption = $this->htmlstate;
}
$pub_view->show_categories = ($this->contenttypeid == $pub_view->sectiontypeid ? 0 : 1);
//get the nodes
$nodelist = vBCms_ContentManager::getSections(false);
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']) )
{
vBCMS_Permissions::getUserPerms();
}
foreach ($nodelist as $key => $node)
{
if (in_array(strval($node['permissionsfrom']), vB::$vbulletin->userinfo['permissions']['cms']['canpublish']))
{
$nodelist[$key]['selected'] = ($sectionid == $node['nodeid'] ? 'selected="selected"' : '');
}
else
{
unset($nodelist[$key]);
}
}
$pub_view->nodelist = $nodelist;
$pub_view->showpreview = $showpreview;
$pub_view->showcomments = $showcomments;
$pub_view->publicpreview = $publicpreview;
$pub_view->hidden = $this->hidden;
$pub_view->comments_enabled = $comments_enabled;
$pub_view->show_sections = (1 != $this->nodeid);
return $pub_view;
}
}
$show['pingback'] = ($vbulletin->options['vbblog_pingback'] and $vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canreceivepingback'] ? true : false);
$show['trackback'] = ($vbulletin->options['vbblog_trackback'] and $vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canreceivepingback'] ? true : false);
$show['notify'] = ($vbulletin->options['vbblog_notifylinks'] and $vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_cansendpingback'] ? true : false);
$navbits = array();
/* Check they can view a blog, any blog */
if (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) {
if (!$vbulletin->userinfo['userid'] or !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])) {
print_no_permission();
}
}
($hook = vBulletinHook::fetch_hook('blog_start')) ? eval($hook) : false;
//We'll need this in a bit. This is the info to mark as escalate to Article
if ($vbulletin->products['vbcms']) {
if (!isset(vB::$vbulletin->userinfo['permissions']['cms'])) {
require_once DIR . '/packages/vbcms/permissions.php';
vBCMS_Permissions::getUserPerms();
}
}
// #######################################################################
if ($_REQUEST['do'] == 'blog') {
$vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'goto' => TYPE_STR, 'uh' => TYPE_BOOL));
$bloginfo = verify_blog($blogid);
verify_seo_url('entry', $bloginfo, array('pagenumber' => $_REQUEST['pagenumber']));
track_blog_visit($bloginfo['userid']);
$wheresql = array();
$state = array('visible');
($hook = vBulletinHook::fetch_hook('blog_entry_start')) ? eval($hook) : false;
if (can_moderate_blog('canmoderateentries') or is_member_of_blog($vbulletin->userinfo, $bloginfo)) {
$state[] = 'moderation';
}
if (can_moderate_blog() or is_member_of_blog($vbulletin->userinfo, $bloginfo)) {
function do_get_cms_sections()
{
global $vbulletin, $db;
if (!isset($vbulletin->userinfo['permissions']['cms'])) {
vBCMS_Permissions::getUserPerms();
}
$publishlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canpublish']);
$viewlist = implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['allview']);
$result = $vbulletin->db->query_read("\n\tSELECT node.nodeid, node.parentnode, node.url, node.permissionsfrom, node.setpublish, node.publishdate, node.noderight, info.title\n\tFROM " . TABLE_PREFIX . "cms_node AS node\n\tINNER JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.nodeid = node.nodeid\n\tWHERE node.contenttypeid = " . vB_Types::instance()->getContentTypeID("vBCms_Section") . "\n\t AND ((node.permissionsfrom IN ({$viewlist}) AND node.hidden = 0) OR (node.permissionsfrom IN ({$publishlist})))\n\t ORDER BY node.nodeleft");
$sections = array();
while ($section = $vbulletin->db->fetch_array($result)) {
$sections[] = array('sectionid' => $section['nodeid'], 'title' => prepare_utf8_string(strip_tags($section['title'])));
}
return array('sections' => $sections);
}
public function get_results($user, $criteria)
{
global $vbulletin;
$db = $vbulletin->db;
$range_filters = $criteria->get_range_filters();
$equals_filters = $criteria->get_equals_filters();
$sort = $criteria->get_sort();
$direction = strtolower($criteria->get_sort_direction()) == 'desc' ? 'desc' : 'asc';
$sort_join = "";
$orderby = "";
$section_join = "";
$where = array();
//verify permissions
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
vBCMS_Permissions::getUserPerms();
}
if (! count(vB::$vbulletin->userinfo['permissions']['cms']['canview']))
{
return array();
}
if ($sort = 'dateline')
{
$orderby = 'node.publishdate ' . $direction;
}
else if ($sort = 'user')
{
$sort_join = "JOIN " . TABLE_PREFIX . "user AS user ON node.userid = user.userid";
$orderby = "user.username " . $direction . ", node.publishdate DESC";
}
else
{
$orderby = " node.publishdate DESC";
}
$results = array();
$where[] = " node.publishdate <= " . TIMENOW;
//get date cut -- but only if we're not using the threadmarking filter
if (isset($range_filters['datecut']))
{
//ignore any upper limit
$where[] = " node.publishdate >= " . $range_filters['datecut'][0];
}
else if (isset($range_filters['dateline']))
{
$where[] = " node.publishdate >= " . $range_filters['dateline'][0];
}
else if (isset($range_filters['days']))
{
$where[] = " node.publishdate >= " . $range_filters['days'][0];
}
else
{
$where[] = " node.publishdate >= " . TIMENOW - 86400 *
($vbulletin->GPC_exists['days'] ? $vbulletin->GPC['days'] : self::MAX_DAYS);
}
if (isset($equals_filters['userid']))
{
$where[] = " node.userid " .
(is_array($equals_filters['userid'][vB_Search_Core::OP_EQ]) ?
"in (" . implode(', ', $equals_filters['userid'][vB_Search_Core::OP_EQ])
. ") " :
" = " . $equals_filters['userid'][vB_Search_Core::OP_EQ]
);
}
else if ($vbulletin->GPC_exists['userid'])
{
$where[] = " node.userid = " . $vbulletin->GPC['userid'];
}
if ($vbulletin->GPC_exists['sectionid'])
{
$where[] = " parent.nodeid = " . $vbulletin->GPC['sectionid'];
$section_join = "INNER JOIN " . TABLE_PREFIX . "cms_node AS parent ON
(node.nodeleft >= parent.nodeleft AND node.nodeleft <= parent.noderight)";
}
if ($keywords = $criteria->get_keywords())
{
$searchcore_join = " INNER JOIN " . TABLE_PREFIX . "searchcore AS searchcore
ON searchcore.primaryid = node.contentid
AND searchcore.contenttypeid = node.contenttypeid";
$where[] = " MATCH (title, keywordtext) against "
. $db->escape_string($keywords) . " IN BOOLEAN MODE ";
}
if ($this->contenttypeid = $criteria->get_contenttypeid())
{
$where[] = " node.contenttypeid = " . $this->contenttypeid;
}
$q = "
SELECT node.nodeid, node.contenttypeid, node.contentid
FROM " . TABLE_PREFIX . "cms_node as node
$searchcore_join
$sort_join
$section_join
WHERE node.new != 1 AND node.nosearch != 1 AND ((node.permissionsfrom in (
" . implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canview']) .
") AND node.setpublish > 0 AND node.publishdate <= " . TIMENOW . " ) OR (node.permissionsfrom in (
" . implode(', ', vB::$vbulletin->userinfo['permissions']['cms']['canedit']) .
")) OR (node.userid = " . intval(vB::$vbulletin->userinfo['userid']) . ") )" .
($where ? " AND " : '') . implode(' AND ', $where) . "
ORDER BY $orderby
LIMIT " . intval($vbulletin->options['maxresults']);
$entries = $db->query_read_slave($q);
while ($entry = $db->fetch_array($entries))
{
$results[] = array($entry['contenttypeid'], $entry['contentid'], $entry['nodeid']);
}
return $results;
}
/**
* Template method. Calls all the appropriate methods to build a post and then evaluates the template.
*
* @param array Post information
*
* @return string HTML for the post
*/
function construct_postbit(&$post)
{
global $ad_location;
$this->post =& $post;
$thread =& $this->thread;
$forum =& $this->forum;
// make sure we can display this post
if ($this->is_displayable() == false)
{
return '';
}
global $show, $vbphrase;
global $spacer_open, $spacer_close;
global $bgclass, $altbgclass;
exec_switch_bg();
$template_hook = array();
($hook = vBulletinHook::fetch_hook('postbit_display_start')) ? eval($hook) : false;
// put together each part of the post
$this->prep_post_start();
$this->process_date_status();
$this->process_edit_info();
$this->process_icon();
$this->process_ip();
if (!empty($this->post['userid']))
{
$this->process_registered_user();
$this->process_im_icons();
}
else
{
$this->process_unregistered_user();
}
$this->bbcode_parser->containerid = $this->post['postid'];
$this->parse_bbcode();
$this->process_attachments();
// finish prepping the post
$this->prep_post_end();
$pageinfo_post = array(
'p' => $post['postid']
);
if ($this->templatename != 'postbit')
{
$pageinfo_post['viewfull'] = 1;
}
// execute hook
($hook = vBulletinHook::fetch_hook('postbit_display_complete')) ? eval($hook) : false;
$show['last_ad'] = $show['first_ad'] = $show['first_adsense'] = false;
if ($post['isfirstshown'])
{
//this does not appear to be an ad slot, rather it appears to be some shim html
//that needs to be rendered if the firstpost google ad is included.
$template = vB_Template::create('ad_showthread_firstpost_sig');
$template->register('adsense_pub_id', $this->registry->adsense_pub_id);
$template->register('adsense_host_id', $this->registry->adsense_host_id);
$ad_location['ad_showthread_firstpost_sig'] = $template->render();
$template = vB_Template::create('ad_showthread_firstpost_start');
$template->register('adsense_pub_id', $this->registry->adsense_pub_id);
$template->register('adsense_host_id', $this->registry->adsense_host_id);
$ad_location['ad_showthread_firstpost_start'] = trim($template->render(true));
$ad_location['ad_showthread_firstpost_sig'] = vB_Template::create('ad_showthread_firstpost_sig')->render();
if ($ad_location['ad_showthread_firstpost_start'])
{
$show['first_ad'] = true;
}
if ($ad_location['thread_first_post_content'] = trim(vB_Template::create('ad_thread_first_post_content')->render(true)))
{
if (preg_match('#^<div id="ad_thread_first_post_content">.+</div>$#si', $ad_location['thread_first_post_content']))
{
$show['first_ad'] = true;
}
else
{
$ad_location['thread_first_post_content'] = '';
}
}
}
else if (
$post['islastshown']
AND
$ad_location['thread_last_post_content'] = trim(vB_Template::create('ad_thread_last_post_content')->render(true))
)
{
if (preg_match('#^<div id="ad_thread_last_post_content">.+</div>$#si', $ad_location['thread_last_post_content']))
{
$show['last_ad'] = true;
}
else
{
$ad_location['thread_last_post_content'] = '';
}
}
// prepare the member action drop-down menu
// pass the local template hook so that each drop-down gets its own hook (per-postbit)
$memberaction_dropdown = construct_memberaction_dropdown($post, $template_hook);
// evaluate template
$postid =& $post['postid'];
$templater = vB_Template::create($this->template_prefix . $this->templatename);
if ($this->add_promote_links AND $this->registry->products['vbcms'])
{
if (!isset($this->registry->userinfo['permissions']['cms']))
{
bootstrap_framework();
vBCMS_Permissions::getUserPerms();
}
if ($this->registry->userinfo['permissions']['cms']['canpublish'][0] != -1)
{
$templater->register('promote_sectionid', $this->registry->userinfo['permissions']['cms']['canpublish'][0]);
$templater->register('articletypeid', vB_Types::instance()->getContentTypeID('vBCms_Article'));
$promote_url = vB_Route::create('vBCms_Route_Content', '1/addcontent/')->getCurrentURL();
$promote_url .= (strrpos($promote_url, '?') ? '&' : '?') .
'contenttypeid=' . vB_Types::instance()->getContentTypeID('vBCms_Article') .
"&postid=" . $post['postid'] . '&parentid=1';
$templater->register('promote_url', $promote_url);
}
}
$templater->register('ad_location', $ad_location);
$templater->register('memberaction_dropdown', $memberaction_dropdown);
$templater->register('pageinfo_post', $pageinfo_post);
$templater->register('post', $post);
$templater->register('postid', $postid);
$templater->register('template_hook', $template_hook);
$templater->register('thread', $thread);
$postbit = $templater->render();
$templater = vB_Template::create('postbit_wrapper');
$templater->register('post', $post);
$templater->register('postbit', $postbit);
$templater->register('spacer_close', $spacer_close);
$templater->register('spacer_open', $spacer_open);
$retval = $templater->render();
return $retval;
}
/**
* Template method that does all the work to display an issue note, including processing the template
*
* @return string Templated note output
*/
function construct()
{
global $vbulletin;
($hook = vBulletinHook::fetch_hook('blog_comment_display_start')) ? eval($hook) : false;
// preparation for display...
$this->prepare_start();
if ($this->response['userid'])
{
$this->process_registered_user();
}
else
{
$this->process_unregistered_user();
}
$this->process_date_status();
$this->process_display();
$this->process_text();
$this->prepare_end();
// actual display...
$bloginfo =& $this->bloginfo;
$response =& $this->response;
global $show, $vbphrase;
global $spacer_open, $spacer_close;
global $bgclass, $altbgclass;
exec_switch_bg();
$show['readmore'] = $this->readmore;
($hook = vBulletinHook::fetch_hook('blog_comment_display_complete')) ? eval($hook) : false;
$this->response['blogtitle'] = $this->bloginfo['title'];
$pageinfo_ip = array(
'do' => 'viewip',
'bt' => $this->response['blogtextid'],
);
$templater = vB_Template::create($this->template);
$templater->register('response', $response);
$templater->register('pageinfo', $this->pageinfo);
$templater->register('pageinfo_ip', $pageinfo_ip);
if ($vbulletin->products['vbcms'])
{
require_once(DIR . '/includes/class_bootstrap_framework.php');
vB_Bootstrap_Framework::init();
if (! isset(vB::$vbulletin->userinfo['permissions']['cms']))
{
require_once DIR . '/packages/vbcms/permissions.php';
vBCMS_Permissions::getUserPerms();
}
if (count(vB::$vbulletin->userinfo['permissions']['cms']['cancreate']))
{
$templater->register('promote_sectionid', vB::$vbulletin->userinfo['permissions']['cms']['canpublish'][0]);
$templater->register('articletypeid', vB_Types::instance()->getContentTypeID('vBCms_Article'));
$promote_url = vB_Route::create('vBCms_Route_Content', '1/addcontent/')->getCurrentURL();
$promote_url .= (strrpos($promote_url, '?') ? '&' : '?') .
'contenttypeid=' . vB_Types::instance()->getContentTypeID('vBCms_Article') .
"&blogcommentid=" . $response['blogtextid'] . '&parentid=1';
$templater->register('promote_url', $promote_url);
}
}
return $templater->render(($this->registry->GPC['ajax']));
}
