public function actionGetOnline() { $session_model = $this->_getSessionModel(); $bypass_privacy = $this->_getUserModel()->canBypassUserPrivacy(); $visitor = XenForo_Visitor::getInstance(); $online = $session_model->getSessionActivityRecords(array('cutOff' => array('>', $session_model->getOnlineStatusTimeout()), 'getInvisible' => $bypass_privacy, 'getUnconfirmed' => $bypass_privacy, 'forceInclude' => true), array('join' => XenForo_Model_Session::FETCH_USER, 'order' => 'view_date')); $online = $session_model->addSessionActivityDetailsToList($online); $totals = $session_model->getSessionActivityQuickList($visitor->toArray(), array('cutOff' => array('>', $session_model->getOnlineStatusTimeout())), $visitor['user_id'] ? $visitor->toArray() : null); $online_users = array(); foreach ($online as $rec) { if (!$rec['user_id']) { continue; } $activity = ''; if ($rec['activityDescription'] instanceof XenForo_Phrase) { $activity = $rec['activityDescription']->render(); } $out = array('userid' => $rec['user_id'], 'username' => prepare_utf8_string(strip_tags($rec['username']))); if ($activity != '') { $out['activity'] = prepare_utf8_string($activity); } if ($visitor->getUserId() == $rec['user_id']) { $out['me'] = true; } $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($rec, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } $online_users[] = $out; } return array('users' => $online_users, 'num_guests' => $totals['guests']); }
public function actionGetSubscriptions() { $page = max($this->_input->filterSingle('page', XenForo_Input::UINT), 1); $perpage = $this->_input->filterSingle('perpage', XenForo_Input::UINT); if (!$perpage) { $perpage = XenForo_Application::get('options')->discussionsPerPage; } $previewtype = $this->_input->filterSingle('previewtype', XenForo_Input::UINT); if (!$previewtype) { $previewtype = 2; } $visitor = XenForo_Visitor::getInstance(); $watch_model = $this->_getThreadWatchModel(); $threads = $watch_model->getThreadsWatchedByUser($visitor['user_id'], false, array('join' => XenForo_Model_Thread::FETCH_FORUM | XenForo_Model_Thread::FETCH_USER, 'readUserId' => $visitor['user_id'], 'page' => $page, 'perPage' => $perpage, 'postCountUserId' => $visitor['user_id'], 'permissionCombinationId' => $visitor['permission_combination_id'])); $threads = $watch_model->unserializePermissionsInList($threads, 'node_permission_cache'); $threads = $watch_model->getViewableThreadsFromList($threads); $threads = $this->_prepareWatchedThreads($threads); $total = $watch_model->countThreadsWatchedByUser($visitor['user_id']); $this->canonicalizePageNumber($page, $perpage, $total, 'watched/threads/all'); $thread_data = array(); $thread_model = $this->_getThreadModel(); $post_model = $this->getModelFromCache('XenForo_Model_Post'); $preview_length = XenForo_Application::get('options')->discussionPreviewLength; $formatter = XenForo_BbCode_Formatter_Base::create('XenForo_BbCode_Formatter_Text'); $parser = new XenForo_BbCode_Parser($formatter); foreach ($threads as &$thread) { $out = array('thread_id' => $thread['thread_id'], 'forum_title' => prepare_utf8_string($thread['node_title']), 'new_posts' => $thread['isNew'], 'forum_id' => $thread['node_id'], 'total_posts' => $thread['reply_count'] + 1, 'thread_title' => prepare_utf8_string(strip_tags($thread['title'])), 'post_lastposttime' => prepare_utf8_string(XenForo_Locale::dateTime($thread['last_post_date'], 'absolute'))); if ($previewtype == 1) { $out += array('post_username' => prepare_utf8_string(strip_tags($thread['username'])), 'post_userid' => $thread['user_id']); } else { $out += array('post_username' => prepare_utf8_string(strip_tags($thread['last_post_username'])), 'post_userid' => $thread['last_post_user_id']); } $post = $post_model->getPostById($thread[$previewtype == 1 ? 'first_post_id' : 'last_post_id'], array('join' => XenForo_Model_Post::FETCH_USER)); $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($post, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } $preview = ''; if ($preview_length) { $preview = $parser->render($post['message']); } if ($preview != '') { $out['thread_preview'] = prepare_utf8_string(html_entity_decode($preview)); } if ($thread['discussion_type'] == 'poll') { $out['poll'] = true; } $thread_data[] = $out; } $out = array('threads' => $thread_data, 'total_threads' => $total); return $out; }
function do_get_profile() { global $vbulletin; $userinfo = vB_Api::instance('user')->fetchUserInfo(); $cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('userid' => vB_Cleaner::TYPE_UINT)); if (!$userinfo['userid'] && !$cleaned['userid']) { return json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN); } if (!$cleaned['userid']) { $cleaned['userid'] = $userinfo['userid']; } $profile = vB_Api::instance('user')->fetchProfileInfo($cleaned['userid']); if (empty($profile)) { return json_error(ERR_NO_PERMISSION); } $values = array(); foreach ($profile['customFields']['default'] as $name => $value) { $value = $value['val']; if ($value === null) { $value = ''; } $values[] = array('name' => (string) new vB_Phrase('cprofilefield', $name), 'value' => $value); } $groups = array(); $groups[] = array('name' => 'about', 'values' => $values); $out = array('username' => prepare_utf8_string($profile['username']), 'joindate' => prepare_utf8_string(fr_date($profile['joindate'])), 'posts' => $profile['posts'], 'online' => fr_get_user_online($profile['lastactivity']), 'avatar_upload' => $profile['canuseavatar'] ? true : false, 'groups' => $groups); $avatarurl = vB_Library::instance('vb4_functions')->avatarUrl($cleaned['userid']); if ($avatarurl) { $out['avatarurl'] = $avatarurl; } cache_moderators(); cache_permissions($vbulletin->userinfo); $canbanuser = ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or can_moderate(0, 'canbanusers')); if ($canbanuser) { $out['ban'] = true; } return $out; }
function parse_post($text, $allowsmilie = false) { global $nuke_quotes, $fr_platform, $images; $images = array(); if (is_ipb()) { // Replace <br.*/> with \n $text = preg_replace('#<br.*?/>#is', "\n", $text); } $smilies = false; $v = process_input(array('smilies' => BOOLEAN)); if (isset($v['smilies'])) { $smilies = $v['smilies'] === true; } // Trim each line $lines = preg_split("/\n/", $text); for ($i = 0; $i < count($lines); $i++) { $lines[$i] = trim($lines[$i]); } $text = join("\n", $lines); $text = prepare_utf8_string($text, false); $bbcode = new StringParser_BBCode(); $bbcode->setGlobalCaseSensitive(false); // Handle default BBCode $bbcode->addCode('quote', 'callback_replace', 'handle_quotes', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('url', 'usecontent?', 'handle_url', array('usecontent_param' => 'default'), 'link', array('listitem', 'block', 'inline'), array('link')); $bbcode->addCode('source', 'usecontent?', 'handle_url', array('usecontent_param' => 'default'), 'link', array('listitem', 'block', 'inline'), array('link')); if (!is_mybb()) { // myBB wonky attachment codes are already handled $bbcode->addCode('attach', 'callback_replace', 'handle_attach', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); } $bbcode->addCode('attach', 'callback_replace', 'handle_attach', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('img', 'callback_replace', 'handle_image', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('imgl', 'callback_replace', 'handle_image', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('imgr', 'callback_replace', 'handle_image', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); //$bbcode->addCode('spoiler', 'callback_replace', 'handle_spoiler', array(), 'inline', //array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('b', 'callback_replace', 'handle_bbcode_bold', array('usecontent_param' => array('default')), 'inline', array('listitem', 'block', 'inline', 'link'), array()); $bbcode->addCode('i', 'callback_replace', 'handle_bbcode_italic', array('usecontent_param' => array('default')), 'inline', array('listitem', 'block', 'inline', 'link'), array()); $bbcode->addCode('color', 'callback_replace', 'handle_bbcode_color', array('usecontent_param' => array('default')), 'inline', array('listitem', 'block', 'inline', 'link'), array()); $bbcode->setCodeFlag('color', 'closetag', BBCODE_CLOSETAG_MUSTEXIST); // Video Link BBCode $bbcode->addCode('yt', 'callback_replace', 'fr_handle_youtube', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('youtube', 'callback_replace', 'fr_handle_youtube', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('video', 'callback_replace', 'handle_video', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('ame', 'callback_replace', 'handle_video', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('media', 'callback_replace', is_xen() ? 'handle_xen_media' : 'handle_video', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); $bbcode->addCode('tex', 'callback_replace', 'fr_handle_tex', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array('')); if (function_exists('fr_branded_bbcode_handler')) { @fr_branded_bbcode_handler($bbcode); } if (is_mybb()) { $bbcode->setMixedAttributeTypes(true); } $nuked_quotes = $text; $text = htmlspecialchars_uni($text); $nuke_quotes = true; $nuked_quotes = $bbcode->parse($nuked_quotes); if (is_ipb()) { $nuked_quotes = ipb_handle_attachments($nuked_quotes); } $nuke_quotes = false; $text = $bbcode->parse($text); if (is_ipb()) { $text = ipb_handle_attachments($text); } // Snag out images preg_match_all('#\\[IMG\\](.*?)\\[/IMG\\]#is', $text, $matches); $text = preg_replace("#\\[IMG\\](.*?)\\[/IMG\\]#is", '', $text); $nuked_quotes = preg_replace("#\\[IMG\\](.*?)\\[/IMG\\]#is", '', $nuked_quotes); if ($smilies) { if (is_vb()) { global $vbulletin; $parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $text = $parser->parse_smilies($text, false); $text = preg_replace_callback('#img src="(.*?)"#is', parse_post_callback, $text); } } $text = preg_replace("#\n\n\n+#", "\n\n", $text); $text = preg_replace("#\n#", "<br/>", $text); $text = remove_bbcode($text); $nuked_quotes = preg_replace("#\n\n\n+#", "\n\n", $nuked_quotes); $nuked_quotes = remove_bbcode($nuked_quotes); return array($text, $nuked_quotes, $images); }
function do_get_forum_data() { global $vbulletin, $db, $show, $vbphrase; $vbulletin->input->clean_array_gpc('r', array('forumids' => TYPE_STR)); if (!$vbulletin->GPC['forumids'] || strlen($vbulletin->GPC['forumids']) == 0) { return array('forums' => array()); } cache_ordered_forums(1, 1); $forumids = split(',', $vbulletin->GPC['forumids']); $forum_data = array(); foreach ($forumids as $forumid) { $foruminfo = fetch_foruminfo($forumid); $type = 'old'; if (is_array($foruminfo) and !empty($foruminfo['link'])) { // see if it is a redirect $type = 'link'; } else { if ($vbulletin->userinfo['lastvisitdate'] == -1) { $type = 'new'; } else { if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $userlastvisit = !empty($foruminfo['forumread']) ? $foruminfo['forumread'] : TIMENOW - $vbulletin->options['markinglimit'] * 86400; } else { $forumview = intval(fetch_bbarray_cookie('forum_view', $foruminfo['forumid'])); //use which one produces the highest value, most likely cookie $userlastvisit = $forumview > $vbulletin->userinfo['lastvisit'] ? $forumview : $vbulletin->userinfo['lastvisit']; } if ($foruminfo['lastpost'] and $userlastvisit < $foruminfo['lastpost']) { $type = 'new'; } else { $type = 'old'; } } } // If this forum has a password, check to see if we have // the proper cookie. If so, don't prompt for one $password = false; if ($foruminfo['password']) { $pw_ok = verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false); if (!$pw_ok) { $password = true; } } $out = array('id' => $foruminfo['forumid'], 'new' => $type == 'new' ? true : false, 'name' => prepare_utf8_string(strip_tags($foruminfo['title'])), 'password' => $password); $icon = fr_get_forum_icon($foruminfo['forumid'], $foruminfo == 'new'); if ($icon) { $out['icon'] = $icon; } if ($foruminfo['link'] != '') { $link = fr_fix_url($foruminfo['link']); if (is_int($link)) { $out['id'] = $link; } else { $out['link'] = $link; } $linkicon = fr_get_forum_icon($foruminfo['forumid'], false, true); if ($linkicon) { $out['icon'] = $linkicon; } } if ($foruminfo['description'] != '') { $desc = prepare_utf8_string(strip_tags($foruminfo['description'])); if (strlen($desc) > 0) { $out['desc'] = $desc; } } $forum_data[] = $out; } return array('forums' => $forum_data); }
$msgargs = array(base64_encode(prepare_utf8_string($vbulletin->options['bbtitle']))); $pmpart = 0; if ($haspm) { if (count($pms) > 1) { $msgargs[] = base64_encode(count($pms)); $pmpart = 2; } else { $first_pm = array_shift($pms); $msgargs[] = base64_encode(prepare_utf8_string($first_pm['fromusername'])); $pmpart = 1; } } $subpart = 0; if ($hassub) { if (count($subs) > 1) { $msgargs[] = base64_encode(count($subs)); $subpart = 2; } else { $first_sub = array_shift($subs); $msgargs[] = base64_encode(prepare_utf8_string($first_sub['title'])); $subpart = 1; } } $out_msg[] = array('u' => $user['fr_username'], 'b' => $user['b'], 'pm' => $haspm, 'subs' => $hassub, 'm' => "__FR_PUSH_{$pmpart}PM_{$subpart}SUB", 'a' => $msgargs, 't' => $total); } // Send our update to Forum Runner central push server. Silently fail if // necessary. if (count($out_msg) > 0) { $snoopy = new snoopy(); $snoopy->submit('http://push.forumrunner.com/push.php', array('k' => $mykey, 'm' => serialize($out_msg), 'v' => $fr_version, 'p' => $fr_platform)); }
function do_get_pm() { global $vbulletin, $db; require_once DIR . '/includes/class_postbit.php'; require_once DIR . '/includes/functions_bigthree.php'; $vbulletin->input->clean_array_gpc('r', array('pmid' => TYPE_UINT, 'showhistory' => TYPE_BOOL)); ($hook = vBulletinHook::fetch_hook('private_showpm_start')) ? eval($hook) : false; $pm = $db->query_first_slave("\n\t\tSELECT\n\t\t\tpm.*, pmtext.*,\n\t\t\t" . iif($vbulletin->options['privallowicons'], "icon.title AS icontitle, icon.iconpath,") . "\n\t\t\tIF(ISNULL(pmreceipt.pmid), 0, 1) AS receipt, pmreceipt.readtime, pmreceipt.denied,\n\t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight\n\t\tFROM " . TABLE_PREFIX . "pm AS pm\n\t\tLEFT JOIN " . TABLE_PREFIX . "pmtext AS pmtext ON(pmtext.pmtextid = pm.pmtextid)\n\t\t" . iif($vbulletin->options['privallowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = pmtext.iconid)") . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "pmreceipt AS pmreceipt ON(pmreceipt.pmid = pm.pmid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = pmtext.fromuserid)\n\t\tWHERE pm.userid=" . $vbulletin->userinfo['userid'] . " AND pm.pmid=" . $vbulletin->GPC['pmid'] . "\n\t"); if (!$pm) { json_error(strip_tags(fetch_error('invalidid', $vbphrase['private_message'], $vbulletin->options['contactuslink']))); } $folderjump = construct_folder_jump(0, $pm['folderid']); // do read receipt $show['receiptprompt'] = $show['receiptpopup'] = false; if ($pm['receipt'] == 1 and $pm['readtime'] == 0 and $pm['denied'] == 0) { if ($permissions['pmpermissions'] & $vbulletin->bf_ugp_pmpermissions['candenypmreceipts']) { // set it to denied just now as some people might have ad blocking that stops the popup appearing $show['receiptprompt'] = $show['receiptpopup'] = true; $receipt_question_js = addslashes_js(construct_phrase($vbphrase['x_has_requested_a_read_receipt'], unhtmlspecialchars($pm['fromusername'])), '"'); $db->shutdown_query("UPDATE " . TABLE_PREFIX . "pmreceipt SET denied = 1 WHERE pmid = {$pm['pmid']}"); } else { // they can't deny pm receipts so do not show a popup or prompt $db->shutdown_query("UPDATE " . TABLE_PREFIX . "pmreceipt SET readtime = " . TIMENOW . " WHERE pmid = {$pm['pmid']}"); } } else { if ($pm['receipt'] == 1 and $pm['denied'] == 1) { $show['receiptprompt'] = true; } } $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $postbit_obj =& $postbit_factory->fetch_postbit('pm'); $pm_postbit = $pm; $postbit = $postbit_obj->construct_postbit($pm_postbit); // update message to show read if ($pm['messageread'] == 0) { $db->shutdown_query("UPDATE " . TABLE_PREFIX . "pm SET messageread=1 WHERE userid=" . $vbulletin->userinfo['userid'] . " AND pmid={$pm['pmid']}"); if ($pm['folderid'] >= 0) { $userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdm->set_existing($vbulletin->userinfo); $userdm->set('pmunread', 'IF(pmunread >= 1, pmunread - 1, 0)', false); $userdm->save(true, true); unset($userdm); } } $cclist = array(); $bcclist = array(); $ccrecipients = ''; $bccrecipients = ''; $touser = unserialize($pm['touserarray']); if (!is_array($touser)) { $touser = array(); } foreach ($touser as $key => $item) { if (is_array($item)) { foreach ($item as $subkey => $subitem) { $userinfo = array('userid' => $subkey, 'username' => $subitem); $templater = vB_Template::create('pm_messagelistbit_user'); $templater->register('userinfo', $userinfo); ${$key . 'list'}[] = $templater->render(); } } else { $userinfo = array('username' => $item, 'userid' => $key); $templater = vB_Template::create('pm_messagelistbit_user'); $templater->register('userinfo', $userinfo); $bcclist[] = $templater->render(); } } if (count($cclist) > 1 or is_array($touser['cc']) and !in_array($vbulletin->userinfo['username'], $touser['cc']) or $vbulletin->userinfo['userid'] == $pm['fromuserid'] and $pm['folderid'] == -1) { if (!empty($cclist)) { $ccrecipients = implode("\r\n", $cclist); } if (!empty($bcclist) and $vbulletin->userinfo['userid'] == $pm['fromuserid'] and $pm['folderid'] == -1) { if (empty($cclist) and count($bcclist == 1)) { $ccrecipients = implode("\r\n", $bcclist); } else { $bccrecipients = implode("\r\n", $bcclist); } } $show['recipients'] = true; } $pm['senddate'] = vbdate($vbulletin->options['dateformat'], $pm['dateline']); $pm['sendtime'] = vbdate($vbulletin->options['timeformat'], $pm['dateline']); list($text, $nuked_quotes, $images) = parse_post($pm['message'], $vbulletin->options['privallowsmilies'] && $usesmiles); $fr_images = array(); foreach ($images as $image) { $fr_images[] = array('img' => $image); } // Avatar work $avatarurl = ''; if ($pm_postbit['avatarurl']) { $avatarurl = process_avatarurl($pm_postbit['avatarurl']); } $to_users = unserialize($pm['touserarray']); $users = array(); if ($to_users !== false) { if ($to_users['cc']) { $users = $to_users['cc']; } else { $users = $to_users; } } $out = array('id' => $pm['pmid'], 'pm_unread' => $pm['messageread'] == 0, 'username' => prepare_utf8_string(strip_tags($pm['fromusername'])), 'to_usernames' => prepare_utf8_string(implode('; ', $users)), 'userid' => $pm['fromuserid'], 'title' => prepare_utf8_string($pm['title']), 'online' => fetch_online_status(fetch_userinfo($pm['fromuserid']), false), 'message' => $text, 'quotable' => $nuked_quotes, 'fr_images' => $fr_images, 'pm_timestamp' => prepare_utf8_string(date_trunc($pm['senddate'] . ' ' . $pm['sendtime']))); if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } return $out; }
function do_search() { global $vbulletin, $db, $search_type, $globals, $current_user; $args = process_input(array('forumid' => INTEGER)); $vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT)); if (!$current_user->hasPermission('forumpermissions', 'cansearch')) { $threads[]['error'] = ERR_NO_PERMISSION; return array('threads' => $threads, 'total_threads' => 1); } if (!$vbulletin->options['enablesearches']) { $threads[]['error'] = strip_tags(fetch_error('searchdisabled')); return array('threads' => $threads, 'total_threads' => 1); } if ($args['forumid']) { $vbulletin->GPC['forumchoice'][] = $args['forumid']; } $vbulletin->GPC['childforums'] = true; $vbulletin->GPC_exists['childforums'] = true; $vbulletin->GPC['prefixchoice'] = array(); $vbulletin->GPC_exists['prefixchoice'] = true; $searchid = -1; $errors = array(); // Disable NoSpam! $vbulletin->options['nospam_onoff'] = false; do_process_search($searchid, $errors); if (is_array($errors)) { // Detect and use Sphinx if its installed if ($errors['sphinx']) { $forumrunner = true; ($hook = vBulletinHook::fetch_hook('search_start')) ? eval($hook) : false; } if (count($errors) > 0) { // Errors Print them out as non-clickable rows. foreach (array_map('fetch_error', $errors) as $error) { $threads[]['error'] = prepare_utf8_string(strip_tags($error)); } return array('threads' => $threads, 'total_threads' => count($threads)); } } return do_showresults($searchid, $vbulletin->GPC['pagenumber'], $vbulletin->GPC['perpage']); }
function do_get_post() { global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $postinfo; $vbulletin->input->clean_array_gpc('r', array('type' => TYPE_STR)); $type = 'html'; if ($vbulletin->GPC['type']) { $type = $vbulletin->GPC['type']; } if (!$postinfo['postid']) { standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])); } if ((!$postinfo['visible'] or $postinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) { standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])); } if ((!$threadinfo['visible'] or $threadinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) { standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])); } $forumperms = fetch_permissions($threadinfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { json_error(ERR_NO_PERMISSION); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { json_error(ERR_NO_PERMISSION); } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $post = $db->query_first_slave("\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t user.*, userfield.*, usertextfield.*,\n\t " . iif($foruminfo['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t IF(user.displaygroupid=0, user.usergroupid, user.displaygroupid) AS displaygroupid, infractiongroupid,\n\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline, editlog.reason AS edit_reason, editlog.hashistory,\n\t\tpostparsed.pagetext_html, postparsed.hasimages,\n\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight\n\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t\t" . iif($foruminfo['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t\t{$hook_query_joins}\n\t\tWHERE post.postid = {$postid}\n "); $types = vB_Types::instance(); $contenttypeid = $types->getContentTypeID('vBForum_Post'); $attachments = $db->query_read_slave("\n\t\tSELECT\n\t\t\tfd.thumbnail_dateline, fd.filesize, IF(fd.thumbnail_filesize > 0, 1, 0) AS hasthumbnail, fd.thumbnail_filesize,\n\t\t\ta.dateline, a.state, a.attachmentid, a.counter, a.contentid AS postid, a.filename,\n\t\t\ttype.contenttypes\n\t\tFROM " . TABLE_PREFIX . "attachment AS a\n\t\tINNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (a.filedataid = fd.filedataid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "attachmenttype AS type ON (fd.extension = type.extension)\n\t\tWHERE\n\t\t\ta.contentid = {$postid}\n\t\t\t\tAND\n\t\t\ta.contenttypeid = {$contenttypeid}\n\t\tORDER BY a.attachmentid\n\t"); $fr_images = array(); while ($attachment = $db->fetch_array($attachments)) { $lfilename = strtolower($attachment['filename']); if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) { $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']); if ($vbulletin->options['attachthumbs']) { $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1'; } $fr_images[] = $tmp; } } $postbits = ''; $postbit_obj =& $postbit_factory->fetch_postbit('post'); $postbit_obj->cachable = $post_cachable; $postbits .= $postbit_obj->construct_postbit($post); if ($type == 'html') { $bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $vbulletin->templatecache['bbcode_quote'] = ' <div style=\\"margin:0px; margin-top:0px;\\"> <table cellpadding=\\"$stylevar[cellpadding]\\" cellspacing=\\"0\\" border=\\"0\\" width=\\"100%\\"> <tr> <td class=\\"alt2\\" style=\\"border:1px solid #777777;\\"> ".(($show[\'username\']) ? (" <div> " . construct_phrase("$vbphrase[originally_posted_by_x]", "$username") . " </div> <div style=\\"font-style:italic\\">$message</div> ") : (" $message "))." </td> </tr> </table> </div> '; $css = <<<EOF <style type="text/css"> body { margin: 0; padding: 3; font: 13px Arial, Helvetica, sans-serif; } .alt2 { background-color: #e6edf5; font: 13px Arial, Helvetica, sans-serif; } html { -webkit-text-size-adjust: none; } </style> EOF; $html = $css . $bbcode_parser->parse($post['pagetext']); $image = ''; } else { if ($type == 'facebook') { $html = fetch_censored_text(strip_bbcode(strip_quotes($post['pagetext']), false, true)); if (count($fr_images)) { $image = $fr_images[0]['img']; } } } // Figure out if we can post $canpost = true; if ($threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) { $canpost = false; } if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) { $canpost = false; } if (!$threadinfo['open']) { if (!can_moderate($threadinfo['forumid'], 'canopenclose')) { $canpost = false; } } if (($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) { $canpost = false; } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and $vbulletin->userinfo['userid'] == $threadinfo['postuserid']) { $canpost = false; } // Avatar work $avatarurl = ''; if ($post['avatarurl']) { $avatarurl = process_avatarurl($post['avatarurl']); } // Get post date/time $postdate = vbdate($vbulletin->options['dateformat'], $post['dateline'], 1); $posttime = vbdate($vbulletin->options['timeformat'], $post['dateline']); // Parse the post for quotes and inline images list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $post['allowsmilie'] && $usesmilies); $out = array('html' => prepare_utf8_string($html), 'post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'forum_title' => prepare_utf8_string($foruminfo['title_clean']), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'] ? (string) $post['posts'] : '0', 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'canpost' => $canpost, 'quotable' => $nuked_quotes, 'canattach' => $forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid'], 'edittext' => prepare_utf8_string($post['pagetext'])); if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } if ($post['editlink']) { $out['canedit'] = true; } if ($image != '') { $out['image'] = $image; } return $out; }
public function actionGetPost() { // Whole function is an ugly hack. Revisit later. global $dependencies, $zresponse; $postid = $this->_input->filterSingle('postid', XenForo_Input::UINT); $type = $this->_input->filterSingle('type', XenForo_Input::STRING); $signature = $this->_input->filterSingle('signature', XenForo_Input::UINT); if (!$type || $type == '') { $type = 'html'; } $user_model = $this->getModelFromCache('XenForo_Model_User'); $session_model = $this->getModelFromCache('XenForo_Model_Session'); $thread_model = $this->getModelFromCache('XenForo_Model_Thread'); $forum_model = $this->getModelFromCache('XenForo_Model_Forum'); $attachment_model = $this->getModelFromCache('XenForo_Model_Attachment'); $helper = $this->getHelper('ForumThreadPost'); try { list($post, $thread, $forum) = $helper->assertPostValidAndViewable($postid); } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } $post_model = $this->_getPostModel(); $post = $post_model->getPostById($postid, array('join' => XenForo_Model_Post::FETCH_THREAD | XenForo_Model_Post::FETCH_FORUM | XenForo_Model_Post::FETCH_USER | XenForo_Model_Post::FETCH_USER_PROFILE)); $user = $user_model->getUserById($post['user_id']); $online_info = $session_model->getSessionActivityRecords(array('user_id' => $post['user_id'], 'cutOff' => array('>', $session_model->getOnlineStatusTimeout()))); $is_online = false; if (count($online_info) == 1) { $is_online = true; } $avatarurl = ''; if ($user !== false) { $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } } $attachments = $attachment_model->getAttachmentsByContentId('post', $postid); $message = fr_strip_smilies($this, $post['message']); list($text, $nuked_quotes, $images) = parse_post($message, true, array()); $image = ''; if ($type == 'html') { $css = <<<EOF <style type="text/css"> body { margin: 0; padding: 3; font: 13px Arial, Helvetica, sans-serif; } .alt2 { background-color: #e6edf5; font: 13px Arial, Helvetica, sans-serif; } html { -webkit-text-size-adjust: none; } </style> EOF; $formatter = XenForo_BbCode_Formatter_Base::create('ForumRunner_BbCode_Formatter_BbCode_Post', array('smilies' => XenForo_Application::get('smilies'))); $parser = new XenForo_BbCode_Parser($formatter); $html = $css . $parser->render($message); if ($signature && $post['signature']) { $html .= '<div style="border-top: 1px dashed grey; font-size: 9pt; margin-top: 5px; padding: 5px 0 0;">' . $parser->render(fr_strip_smilies($this, $post['signature'])) . '</div>'; } } else { if ($type == 'facebook') { $html = XenForo_Helper_String::censorString(XenForo_Helper_String::bbCodeStrip($message, true)); if (count($attachments)) { $attachments = array_values($attachments); $link = XenForo_Link::buildPublicLink('attachments', $attachments[0]); $image = fr_get_xenforo_bburl() . '/' . $link; } } } $post_page = floor($post['position'] / XenForo_Application::get('options')->messagesPerPage) + 1; $out = array('post_id' => $post['post_id'], 'thread_id' => $post['thread_id'], 'forum_id' => $post['node_id'], 'forum_title' => prepare_utf8_string(strip_tags($post['node_title'])), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string(XenForo_Locale::date($post['register_date'], 'absolute')), 'usertitle' => XenForo_Template_Helper_Core::helperUserTitle($user), 'numposts' => $user ? $user['message_count'] : 0, 'userid' => $post['user_id'], 'title' => prepare_utf8_string($post['title']), 'online' => $is_online, 'post_timestamp' => prepare_utf8_string(XenForo_Locale::dateTime($post['post_date'], 'absolute')), 'html' => prepare_utf8_string($html), 'quotable' => $nuked_quotes, 'canpost' => $thread_model->canReplyToThread($thread, $forum), 'canattach' => $forum_model->canUploadAndManageAttachment($forum), 'post_link' => fr_get_xenforo_bburl() . '/' . XenForo_Link::buildPublicLink('threads', $thread, array('page' => $post_page)) . '#post-' . $post['post_id']); if ($image != '') { $out['image'] = $image; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } return $out; }
function do_showresults($searchid, $pagenumber = 1, $perpage = 25) { global $vbulletin, $db, $show, $vbphrase, $current_user, $show; $vbulletin->options['threadpreview'] = FR_PREVIEW_LEN; $vbulletin->input->clean_array_gpc('r', array('previewtype' => TYPE_INT)); $previewtype = $vbulletin->GPC['previewtype']; if (!$previewtype) { $previewtype = 1; } $bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); // Get exclude IDs $exclude_ids = @explode(',', $vbulletin->options['forumrunner_exclude']); if (in_array('-1', $exclude_ids)) { $exclude_ids = array(); } if ($results = vB_Search_Results::create_from_searchid($current_user, $searchid)) { $pages = $results->get_page($pagenumber, $perpage, 10000); } else { $pages = array(); } if (count($pages) == 0) { $threads[]['error'] = strip_tags(fetch_error('searchnoresults', '')); return array('threads' => $threads, 'total_threads' => count($threads)); } $thread_data = array(); $skipped = 0; foreach ($pages as $item) { switch (get_class($item)) { case 'vBForum_Search_Result_Thread': $thread = $item->get_thread(); $foruminfo = fetch_foruminfo($thread->get_field('forumid')); $parentlist = explode(',', substr($foruminfo['parentlist'], 0, -3)); $skip = false; foreach ($parentlist as $parent_id) { if (in_array($parent_id, $exclude_ids)) { $skip = true; } } if ($thread->get_field('visible') == 2) { $skip = true; } if ($skip) { $skipped++; continue; } $lastread = $thread->get_forum()->get_last_read_by_current_user($current_user); $legacy_thread = process_thread_array($thread->get_record(), $lastread); $date = vbdate($vbulletin->options['dateformat'], $thread->get_field('lastpost')); $time = vbdate($vbulletin->options['timeformat'], $thread->get_field('lastpost')); $previewinfo = $db->query_first_slave("\n\t\tSELECT *\n\t\tFROM " . TABLE_PREFIX . "post\n\t\tWHERE postid = " . $thread->get_field($previewtype == 1 ? 'firstpostid' : 'lastpostid') . "\n\t "); $preview = ''; if (method_exists($bbcode_parser, 'get_preview')) { $preview = $bbcode_parser->get_preview(fetch_censored_text($previewinfo['pagetext']), 200); } else { // vB4 prior to vB4.0.4 did not have get_preview() list($text, $nuked_quotes, $images) = parse_post($previewinfo['pagetext'], true, array()); $preview = preview_chop(fetch_censored_text($nuked_quotes), 200); } $avatarurl = ''; if ($previewinfo['userid'] > 0) { $userinfoavatar = fetch_userinfo($previewinfo['userid'], FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfoavatar, true, false); if ($userinfoavatar['avatarurl'] != '') { $avatarurl = process_avatarurl($userinfoavatar['avatarurl']); } unset($userinfoavatar); } $tmp = array('thread_id' => $thread->get_field('threadid'), 'new_posts' => $show['gotonewpost'], 'forum_id' => $thread->get_field('forumid'), 'total_posts' => $thread->get_field('replycount'), 'forum_title' => prepare_utf8_string(strip_tags($foruminfo['title'])), 'thread_title' => prepare_utf8_string(strip_tags($thread->get_field('title'))), 'thread_preview' => prepare_utf8_string(preview_chop(strip_tags(strip_bbcode(html_entity_decode($preview))), FR_PREVIEW_LEN)), 'post_userid' => $previewinfo['userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($date) . ' ' . $time), 'post_username' => prepare_utf8_string(strip_tags($previewinfo['username']))); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } if ($thread->get_field('prefixid')) { $prefixid = $thread->get_field('prefixid'); $tmp['prefix'] = prepare_utf8_string(strip_tags($vbphrase["prefix_{$prefixid}_title_plain"])); } if ($thread->get_field('attach')) { $tmp['attach'] = true; } if ($thread->get_field('pollid')) { $tmp['poll'] = true; } $thread_data[] = $tmp; break; case 'vBForum_Search_Result_Post': $post = $item->get_post(); $thread = $post->get_thread(); $foruminfo = fetch_foruminfo($thread->get_field('forumid')); $parentlist = explode(',', substr($foruminfo['parentlist'], 0, -3)); $skip = false; foreach ($parentlist as $parent_id) { if (in_array($parent_id, $exclude_ids)) { $skip = true; } } if ($post->get_field('visible') == 2) { $skip = true; } if ($skip) { $skipped++; continue; } $date = vbdate($vbulletin->options['dateformat'], $post->get_field('dateline')); $time = vbdate($vbulletin->options['timeformat'], $post->get_field('dateline')); $avatarurl = ''; if ($post->get_field('userid') > 0) { $userinfoavatar = fetch_userinfo($post->get_field('userid'), FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfoavatar, true, false); if ($userinfoavatar['avatarurl'] != '') { $avatarurl = process_avatarurl($userinfoavatar['avatarurl']); } unset($userinfoavatar); } $tmp = array('thread_id' => $post->get_field('threadid'), 'post_id' => $post->get_field('postid'), 'jump_to_post' => 1, 'forum_id' => $thread->get_field('forumid'), 'forum_title' => prepare_utf8_string(strip_tags($foruminfo['title'])), 'thread_title' => prepare_utf8_string(strip_tags($thread->get_field('title'))), 'thread_preview' => prepare_utf8_string(preview_chop(htmlspecialchars_uni(fetch_censored_text(strip_bbcode(strip_quotes(html_entity_decode($post->get_field('pagetext'))), false, true))), FR_PREVIEW_LEN)), 'post_userid' => $post->get_field('userid'), 'post_lastposttime' => prepare_utf8_string(date_trunc($date) . ' ' . $time), 'post_username' => prepare_utf8_string(strip_tags($post->get_field('username')))); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } if ($thread->get_field('prefixid')) { $prefixid = $thread->get_field('prefixid'); $tmp['prefix'] = prepare_utf8_string(strip_tags($vbphrase["prefix_{$prefixid}_title_plain"])); } if ($post->get_field('attach')) { $tmp['attach'] = true; } $thread_data[] = $tmp; break; } } $out = array(); if (is_array($thread_data) && count($thread_data) > 0) { $out['threads'] = $thread_data; $out['total_threads'] = max($results->get_confirmed_count() - $skipped, 0); } else { $out['threads'] = array(); $out['total_threads'] = 0; } $out['searchid'] = $searchid; return $out; }
function get_article_comments($article, $associated_thread_id, $userinfo, &$pageno, &$perpage, &$total) { require_once DIR . '/includes/functions_misc.php'; require_once DIR . '/includes/functions.php'; require_once DIR . '/includes/functions_databuild.php'; require_once DIR . '/includes/functions_bigthree.php'; $posts_out = array(); fetch_phrase_group('posting'); $threadinfo = verify_id('thread', $associated_thread_id, 0, 1); $foruminfo = verify_id('forum', $threadinfo['forumid'], 0, 1); //First let's see if we have forum/thread view permissions. If not, // we're done if (!($permissions = can_view_thread($article->getNodeId(), $userinfo))) { return array(); } $forumperms = fetch_permissions($threadinfo['forumid']); //Normally this thread will be wide open, so let's get the list first // without checking. We'll verify each post anyway. //get our results $results = get_comments($permissions, $associated_thread_id); $record_count = count($results); if (!$results or !count($results)) { return array(); } //we accept the parameter "last" for pageno. if ($pageno == FR_LAST_POST) { $pageno = intval(($record_count + $perpage - 1) / $perpage); $first = ($pageno - 1) * $perpage; } else { $pageno = max(1, intval($pageno)); $first = $perpage * ($pageno - 1); } //Let's trim off the results we need. //This also tells us if we should show the "next" button. $post_array = array_slice($results, $first, $perpage, true); if (!$post_array) { return array(); } $firstpostid = false; $displayed_dateline = 0; if (vB::$vbulletin->options['threadmarking'] and vB::$vbulletin->userinfo['userid']) { $threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - vB::$vbulletin->options['markinglimit'] * 86400); } else { $threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid'])); if (!$threadview) { $threadview = vB::$vbulletin->userinfo['lastvisit']; } } require_once DIR . '/includes/functions_user.php'; $show['inlinemod'] = false; $postids = array(); $postids = ' post.postid in (' . implode(', ', $post_array) . ')'; $posts = vB::$vbulletin->db->query_read($sql = "\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t user.*, userfield.*, usertextfield.*,\n\t " . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t " . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n\t editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n\t editlog.reason AS edit_reason, editlog.hashistory,\n\t postparsed.pagetext_html, postparsed.hasimages,\n\t sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,\n\t customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight\n\t " . iif(!($permissions['genericpermissions'] & vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), vB::$vbulletin->profilefield['hidden']) . "\n\t {$hook_query_fields}\n\t FROM " . TABLE_PREFIX . "post AS post\n\t LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t " . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t {$deljoin}\n\t LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)\n\t {$hook_query_joins}\n\t WHERE {$postids}\n\t ORDER BY post.dateline\n\t "); if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { vB::$vbulletin->options['attachthumbs'] = 0; } if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { vB::$vbulletin->options['viewattachedimages'] = 0; } $postcount = count($postid_array); $counter = 0; $postbits = ''; vB::$vbulletin->noheader = true; while ($post = vB::$vbulletin->db->fetch_array($posts)) { if (!$privileges['can_moderate_forums']) { if ($privileges['is_coventry'] or $post['visible'] == 2) { continue; } } // post/thread is deleted by moderator and we don't have permission to see it if (!($post['visible'] or $privileges['can_moderate_posts'])) { continue; } if (!intval($post['userid'])) { $post['avatarid'] = false; } else { if (!$post['hascustomavatar']) { if ($post['profilepic']) { $post['hascustomavatar'] = 1; $post['avatarid'] = true; $post['avatarpath'] = "./image.php?u=" . $post['userid'] . "&dateline=" . $post['profilepicdateline'] . "&type=profile"; $post['avwidth'] = $post['ppwidth']; $post['avheight'] = $post['ppheight']; } else { $post['hascustomavatar'] = 1; $post['avatarid'] = true; // explicity setting avatarurl to allow guests comments to show unknown avatar $post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif'; $post['avwidth'] = 60; $post['avheight'] = 60; } } } if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) { continue; } if ($post['visible'] == 1 and !$tachyuser) { ++$counter; if ($postorder) { $post['postcount'] = --$postcount; } else { $post['postcount'] = ++$postcount; } } if ($tachyuser) { $fetchtype = 'post_global_ignore'; } else { if ($ignore["{$post['userid']}"]) { $fetchtype = 'post_ignore'; } else { if ($post['visible'] == 2) { $fetchtype = 'post_deleted'; } else { $fetchtype = 'post'; } } } if (vB::$vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) { $fetchtype = 'post'; } if (!$firstpostid) { $firstpostid = $post['postid']; } $post['islastshown'] = $post['postid'] == $lastpostid; $post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1); $post['islastshown'] = $post['postid'] == $lastpostid; $post['attachments'] = $postattach["{$post['postid']}"]; $canedit = false; if (!$threadinfo['isdeleted'] and !$post['isdeleted'] and (can_moderate($threadinfo['forumid'], 'caneditposts') or $threadinfo['open'] and $post['userid'] == vB::$vbulletin->userinfo['userid'] and $forumperms & vB::$vbulletin->bf_ugp_forumpermissions['caneditpost'] and ($post['dateline'] >= TIMENOW - vB::$vbulletin->options['edittimelimit'] * 60 or vB::$vbulletin->options['edittimelimit'] == 0))) { $canedit = true; } // Get post date/time $postdate = vbdate(vB::$vbulletin->options['dateformat'], $post['dateline'], 1); $posttime = vbdate(vB::$vbulletin->options['timeformat'], $post['dateline']); $attachments = array(); $fr_images = array(); // Attachments (images). if (count($post['attachments']) > 0) { foreach ($post['attachments'] as $attachment) { $lfilename = strtolower($attachment['filename']); if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) { $fr_images[] = array('img' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'], 'tmb' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1'); } } } // Parse the post for quotes and inline images list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], false); if (count($fr_images) > 0) { $text .= "<br/>"; foreach ($fr_images as $attachment) { $text .= "<img src=\"{$attachment['img']}\"/>"; } } foreach ($images as $image) { $fr_images[] = array('img' => $image); } $avatarurl = ''; // Avatar work if (vB::$vbulletin->options['avatarenabled']) { require_once DIR . '/includes/functions_user.php'; $userinfo = fetch_userinfo($post['userid'], FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfo); if ($userinfo['avatarurl']) { $avatarurl = process_avatarurl($userinfo['avatarurl']); } } $tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'], 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images, 'image_thumbs' => array()); // Soft Deleted if ($post['visible'] == 2) { $tmp['deleted'] = true; $tmp['del_username'] = prepare_utf8_string($post['del_username']); if ($post['del_reason']) { $tmp['del_reason'] = prepare_utf8_string($post['del_reason']); } } else { $tmp['text'] = $text; $tmp['quotable'] = $nuked_quotes; if ($canedit) { $tmp['canedit'] = true; $tmp['edittext'] = prepare_utf8_string($post['pagetext']); } } if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } $posts_out[] = $tmp; } if ($LASTPOST['dateline'] > $displayed_dateline) { $displayed_dateline = $LASTPOST['dateline']; if ($displayed_dateline <= $threadview) { $updatethreadcookie = true; } } // Set thread last view if ($displayed_dateline and $displayed_dateline > $threadview) { mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline); } vB::$vbulletin->db->free_result($posts); unset($post); $total = $record_count; return $posts_out; }
function fr_construct_forum_bit($parentid, $depth = 0, $subsonly = 0) { global $vbulletin, $vbphrase, $show; global $imodcache, $lastpostarray, $counters, $inforum; // Get exclude IDs $exclude_ids = @explode(',', $vbulletin->options['forumrunner_exclude']); if (in_array('-1', $exclude_ids)) { $exclude_ids = array(); } if (in_array($parentid, $exclude_ids)) { return; } // this function takes the constant MAXFORUMDEPTH as its guide for how // deep to recurse down forum lists. if MAXFORUMDEPTH is not defined, // it will assume a depth of 2. // call fetch_last_post_array() first to get last post info for forums if (!is_array($lastpostarray)) { fetch_last_post_array($parentid); } if (empty($vbulletin->iforumcache["{$parentid}"])) { return; } if (!defined('MAXFORUMDEPTH')) { define('MAXFORUMDEPTH', 2); } $forumbits = ''; $depth++; if ($parentid == -1) { $parent_is_category = false; } else { $parentforum = $vbulletin->forumcache[$parentid]; $parent_is_category = !(bool) ($parentforum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']); } foreach ($vbulletin->iforumcache["{$parentid}"] as $forumid) { if (in_array($forumid, $exclude_ids)) { continue; } // grab the appropriate forum from the $vbulletin->forumcache $forum = $vbulletin->forumcache["{$forumid}"]; //$lastpostforum = $vbulletin->forumcache["$lastpostarray[$forumid]"]; $lastpostforum = empty($lastpostarray[$forumid]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"]; if (!$forum['displayorder'] or !($forum['options'] & $vbulletin->bf_misc_forumoptions['active'])) { continue; } $forumperms = $vbulletin->userinfo['forumpermissions']["{$forumid}"]; $lastpostforumperms = empty($lastpostarray[$forumid]) ? 0 : $vbulletin->userinfo['forumpermissions']["{$lastpostarray[$forumid]}"]; if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) and ($vbulletin->forumcache["{$forumid}"]['showprivate'] == 1 or !$vbulletin->forumcache["{$forumid}"]['showprivate'] and !$vbulletin->options['showprivateforums'])) { // no permission to view current forum continue; } if ($subsonly) { $childforumbits = fr_construct_forum_bit($forum['forumid'], 1, $subsonly); } else { if ($depth < MAXFORUMDEPTH) { $childforumbits = fr_construct_forum_bit($forum['forumid'], $depth, $subsonly); } else { $childforumbits = ''; } } // do stuff if we are not doing subscriptions only, or if we ARE doing subscriptions, // and the forum has a subscribedforumid if (!$subsonly or $subsonly and !empty($forum['subscribeforumid'])) { $GLOBALS['forumshown'] = true; // say that we have shown at least one forum if ($forum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']) { // get appropriate suffix for template name $tempext = '_post'; } else { $tempext = '_nopost'; } if (!$vbulletin->options['showforumdescription']) { // blank forum description if set to not show $forum['description'] = ''; } // dates & thread title $lastpostinfo = empty($lastpostarray["{$forumid}"]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"]; // compare last post time for this forum with the last post time specified by // the $lastpostarray, and if it's less, use the last post info from the forum // specified by $lastpostarray if (!empty($lastpostinfo) and $vbulletin->forumcache["{$lastpostarray[$forumid]}"]['lastpost'] > 0) { if (!($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $lastpostinfo['lastposter'] != $vbulletin->userinfo['username']) { $forum['lastpostinfo'] = $vbphrase['private']; } else { $lastpostinfo['lastpostdate'] = vbdate($vbulletin->options['dateformat'], $lastpostinfo['lastpost'], 1); $lastpostinfo['lastposttime'] = vbdate($vbulletin->options['timeformat'], $lastpostinfo['lastpost']); $lastpostinfo['trimthread'] = fetch_trimmed_title(fetch_censored_text($lastpostinfo['lastthread'])); if ($lastpostinfo['lastprefixid'] and $vbulletin->options['showprefixlastpost']) { $lastpostinfo['prefix'] = $vbulletin->options['showprefixlastpost'] == 2 ? $vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_rich"] : htmlspecialchars_uni($vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_plain"]); } else { $lastpostinfo['prefix'] = ''; } if ($vbulletin->forumcache["{$lastpostforum['forumid']}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons'] and $icon = fetch_iconinfo($lastpostinfo['lasticonid'])) { $show['icon'] = true; } else { $show['icon'] = false; } $show['lastpostinfo'] = (!$lastpostforum['password'] or verify_forum_password($lastpostforum['forumid'], $lastpostforum['password'], false)); $pageinfo_lastpost = array('p' => $lastpostinfo['lastpostid']); $pageinfo_newpost = array('goto' => 'newpost'); $threadinfo = array('title' => $lastpostinfo['lastthread'], 'threadid' => $lastpostinfo['lastthreadid']); } } else { if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) { $forum['lastpostinfo'] = $vbphrase['private']; } else { $forum['lastpostinfo'] = $vbphrase['never']; } } // do light bulb $forum['statusicon'] = fetch_forum_lightbulb($forumid, $lastpostinfo, $forum); // add lock to lightbulb if necessary // from 3.6.9 & 3.7.0 we now show locks only if a user can not post AT ALL // previously it was just if they could not create new threads if ($vbulletin->options['showlocks'] and !$forum['link'] and (!($forum['options'] & $vbulletin->bf_misc_forumoptions['allowposting']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostnew']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) { $forum['statusicon'] .= '_lock'; } // get counters from the counters cache ( prepared by fetch_last_post_array() ) $forum['threadcount'] = $counters["{$forum['forumid']}"]['threadcount']; $forum['replycount'] = $counters["{$forum['forumid']}"]['replycount']; // get moderators ( this is why we needed cache_moderators() ) if ($vbulletin->options['showmoderatorcolumn']) { $showmods = array(); $listexploded = explode(',', $forum['parentlist']); foreach ($listexploded as $parentforumid) { if (!isset($imodcache["{$parentforumid}"]) or $parentforumid == -1) { continue; } foreach ($imodcache["{$parentforumid}"] as $moderator) { if (isset($showmods["{$moderator['userid']}"])) { continue; } ($hook = vBulletinHook::fetch_hook('forumbit_moderator')) ? eval($hook) : false; $showmods["{$moderator['userid']}"] = true; if (!isset($forum['moderators'])) { $forum['moderators'] = ''; } } } if (!isset($forum['moderators'])) { $forum['moderators'] = ''; } } if ($forum['link']) { $forum['replycount'] = '-'; $forum['threadcount'] = '-'; $forum['lastpostinfo'] = '-'; } else { $forum['replycount'] = vb_number_format($forum['replycount']); $forum['threadcount'] = vb_number_format($forum['threadcount']); } if (($subsonly or $depth == MAXFORUMDEPTH) and $vbulletin->options['subforumdepth'] > 0) { //$forum['subforums'] = construct_subforum_bit($forumid, ($forum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads'] ) ); $forum['subforums'] = ''; } else { $forum['subforums'] = ''; } $forum['browsers'] = 0; $children = explode(',', $forum['childlist']); foreach ($children as $childid) { $forum['browsers'] += isset($inforum["{$childid}"]) ? $inforum["{$childid}"] : 0; } if ($depth == 1 and $tempext == '_nopost') { global $vbcollapse; $collapseobj_forumid =& $vbcollapse["collapseobj_forumbit_{$forumid}"]; $collapseimg_forumid =& $vbcollapse["collapseimg_forumbit_{$forumid}"]; $show['collapsebutton'] = true; } else { $show['collapsebutton'] = false; } $show['forumsubscription'] = $subsonly ? true : false; $show['forumdescription'] = $forum['description'] != '' ? true : false; $show['subforums'] = $forum['subforums'] != '' ? true : false; $show['browsers'] = ($vbulletin->options['displayloggedin'] and !$forum['link'] and $forum['browsers'] ? true : false); // FRNR Start // If this forum has a password, check to see if we have // the proper cookie. If so, don't prompt for one $password = 0; if ($forum['password']) { $pw_ok = verify_forum_password($forum['forumid'], $forum['password'], false); if (!$pw_ok) { $password = 1; } } $new = array('id' => $forum['forumid'], 'new' => $forum['statusicon'] == 'new' ? true : false, 'name' => prepare_utf8_string(strip_tags($forum['title'])), 'password' => $password); $icon = fr_get_forum_icon($forum['forumid'], $forum['statusicon'] == 'new' ? true : false); if ($icon) { $new['icon'] = $icon; } if ($forum['link'] != '') { $link = fr_fix_url($forum['link']); if (is_int($link)) { $new['id'] = $link; } else { $new['link'] = $link; } $linkicon = fr_get_forum_icon($forum['forumid'], false, true); if ($linkicon) { $new['icon'] = $linkicon; } } if ($forum['description'] != '') { $desc = prepare_utf8_string(strip_tags($forum['description'])); if (strlen($desc) > 0) { $new['desc'] = $desc; } } $out[] = $new; // FRNR End } else { $forumbits .= $childforumbits; } } return $out; }
public function actionGetConversation() { $conversationid = $this->_input->filterSingle('conversationid', XenForo_Input::UINT); $signature = $this->_input->filterSingle('signature', XenForo_Input::UINT); $page = max($this->_input->filterSingle('page', XenForo_Input::UINT), 1); $perpage = $this->_input->filterSingle('perpage', XenForo_Input::UINT); if (!$perpage) { $perpage = XenForo_Application::get('options')->messagesPerPage; } $conversation_model = $this->_getConversationModel(); $session_model = $this->getModelFromCache('XenForo_Model_Session'); try { $conversation_info = $this->_getConversationOrError($conversationid); } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } $gotomessageid = 0; if ($page == FR_LAST_POST) { if (!$conversation_info['last_read_date']) { $page = 1; } else { if ($conversation_info['last_read_date'] >= $conversation_info['last_message_date']) { $first_unread = false; } else { $first_unread = $conversation_model->getNextMessageInConversation($conversationid, $conversation_info['last_read_date']); } if (!$first_unread || $first_unread['message_id'] == $conversation_info['last_message_id']) { $page = floor($conversation_info['reply_count'] / $perpage) + 1; $gotomessageid = $conversation_info['last_message_id']; } else { $before = $conversation_model->countMessagesBeforeDateInConversation($conversationid, $first_unread['message_date']); $page = floor($before / $perpage) + 1; $gotomessageid = $first_unread['message_id']; } } } $recipients = $conversation_model->getConversationRecipients($conversationid); $messages = $conversation_model->getConversationMessages($conversationid, array('page' => $page, 'perPage' => $perpage)); $max = $conversation_model->getMaximumMessageDate($messages); if ($max > $conversation_info['last_read_date']) { $conversation_model->markConversationAsRead($conversationid, XenForo_Visitor::getUserId(), $max, $conversation_info['last_message_date']); } $messages = $conversation_model->prepareMessages($messages, $conversation_info); $user_model = $this->getModelFromCache('XenForo_Model_User'); foreach ($messages as &$message) { $user = $user_model->getUserById($message['user_id']); $online_info = $session_model->getSessionActivityRecords(array('user_id' => $message['user_id'], 'cutOff' => array('>', $session_model->getOnlineStatusTimeout()))); $is_online = false; if (count($online_info) == 1) { $is_online = true; } list($text, $nuked_quotes, $images) = parse_post(fr_strip_smilies($this, XenForo_Helper_String::censorString($message['message'])), true); $fr_images = array(); foreach ($images as $image) { $fr_images[] = array('img' => $image); } $avatarurl = ''; if ($user !== false) { $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } } $out = array('post_id' => $message['message_id'], 'thread_id' => $message['conversation_id'], 'username' => prepare_utf8_string(strip_tags($message['username'])), 'joindate' => prepare_utf8_string(XenForo_Locale::date($message['register_date'], 'absolute')), 'usertitle' => XenForo_Template_Helper_Core::helperUserTitle($user), 'numposts' => $user ? $user['message_count'] : 0, 'userid' => $message['user_id'], 'online' => $is_online, 'post_timestamp' => prepare_utf8_string(XenForo_Locale::dateTime($message['message_date'], 'absolute')), 'fr_images' => $fr_images, 'text' => $text, 'quotable' => $nuked_quotes); if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } if ($signature) { $sig = trim(strip_tags(remove_bbcode($message['signature'], true, true), '<a>')); $sig = str_replace(array("\t", "\r"), array('', ''), $sig); $sig = str_replace("\n\n", "\n", $sig); $out['sig'] = prepare_utf8_string($sig); } $message_data[] = $out; } $out = array('posts' => $message_data, 'total_posts' => $conversation_info['reply_count'] + 1, 'page' => $page, 'canattach' => false, 'canpost' => true, 'title' => prepare_utf8_string(XenForo_Helper_String::censorString($conversation_info['title'])), 'thread_link' => process_avatarurl(XenForo_Link::buildPublicLink('conversations', $conversation_info))); if ($gotomessageid) { $out['gotopostid'] = $gotomessageid; } $r = array_values($conversation_model->getConversationRecipients($conversationid)); $recipients = ''; for ($i = 0; $i < count($r); $i++) { if ($i != 0) { $recipients .= ', '; } $recipients .= prepare_utf8_string(strip_tags($r[$i]['username'])); } $out['recipients'] = $recipients; return $out; }
function do_get_ban_data() { global $vbulletin, $db, $vbphrase; $ban_usergroups = $out = array(); // make a list of usergroups into which to move this user foreach ($vbulletin->usergroupcache as $usergroupid => $usergroup) { if (!($usergroup['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'])) { $ban_usergroups[$usergroupid] = prepare_utf8_string($usergroup['title']); } } $out['ban_usergroups'] = $ban_usergroups; return $out; }
public function actionGetForumData() { $forumids = $this->_input->filterSingle('forumids', XenForo_Input::STRING); if (empty($forumids)) { return array('forums' => array()); } $visitor = XenForo_Visitor::getInstance(); $forum_model = $this->_getForumModel(); $node_model = $this->_getNodeModel(); $helper = $this->getHelper('ForumThreadPost'); $exclude = XenForo_Application::get('options')->forumrunnerExcludeForums; if (!$exclude) { $exclude = array(); } $forums = split(',', $forumids); $forum_data = array(); foreach ($forums as $forumid) { if (in_array($forumid, $exclude)) { continue; } $node_info = $node_model->getNodeById($forumid); $forum_info = null; if ($node_info['node_type_id'] == 'Forum') { try { $forum_info = $helper->assertForumValidAndViewable($forumid, array('readUserId' => $visitor['user_id'])); } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } } else { if ($node_info['node_type_id'] == 'Category') { // We need to get the parent node_id info $node_info = $node_model->getNodeById($node_info['parent_node_id']); $tmp_data = $node_model->getNodeDataForListDisplay($node_info, 0); // Now, find our child and our data (mainly hasNew) $forum_info = $tmp_data['nodesGrouped'][$tmp_data['parentNodeId']][$forumid]; } } $hasNew = isset($forum_info['hasNew']) ? $forum_info['hasNew'] : isset($forum_info['forum_read_date']) && $forum_info['forum_read_date'] < $forum_info['last_post_date']; $out = array('id' => $forum_info['node_id'], 'new' => $hasNew, 'name' => prepare_utf8_string(strip_tags($forum_info['title']))); $icon = fr_get_forum_icon($forum_info['node_id'], $hasNew); if ($icon) { $out['icon'] = $icon; } if ($forum_info['description'] != '') { $desc = prepare_utf8_string(strip_tags($forum_info['description'])); if (strlen($desc)) { $out['desc'] = $desc; } } $forum_data[] = $out; } return array('forums' => $forum_data); }
public function actionGetPoll() { $threadid = $this->_input->filterSingle('threadid', XenForo_Input::UINT); $visitor = XenForo_Visitor::getInstance(); $helper = $this->getHelper('ForumThreadPost'); $thread_model = $this->_getThreadModel(); try { list($thread_info, $forum_info) = $helper->assertThreadValidAndViewable($threadid); } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } $poll_model = $this->_getPollModel(); $poll = $poll_model->getPollByContent('thread', $threadid); if (!$poll) { fr_no_permission(); } $poll = $poll_model->preparePoll($poll, $thread_model->canVoteOnPoll($thread_info, $forum_info)); $total_votes = XenForo_Application::get('db')->fetchOne(' SELECT COUNT(user_id) FROM xf_poll_vote WHERE poll_id = ? ', $poll['poll_id']); $options = array(); foreach ($poll['responses'] as $key => $option) { $percent = 0; if ($option['response_vote_count'] > 0) { $percent = $option['response_vote_count'] / $total_votes * 100; } $options[] = array('optionid' => $key, 'voted' => $option['hasVoted'], 'percent' => number_format($percent), 'title' => prepare_utf8_string(strip_tags(XenForo_Helper_String::censorString($option['response']))), 'votes' => $option['response_vote_count']); } $out = array('title' => prepare_utf8_string(strip_tags(XenForo_Helper_String::censorString($poll['question']))), 'pollstatus' => '', 'options' => $options, 'total' => $total_votes, 'canvote' => $poll['canVote']); if ($poll['multiple']) { $out['multiple'] = true; } return $out; }
public function fetchSpamData() { if (!XenForo_Visitor::getInstance()->hasPermission('general', 'cleanSpam')) { $phrase = new XenForo_Phrase('do_not_have_permission'); json_error($phrase->render()); } $visitor = XenForo_Visitor::getInstance(); $user_model = $this->getModelFromCache('XenForo_Model_User'); $thread_model = $this->getModelFromCache('XenForo_Model_Thread'); $post_model = $this->getModelFromCache('XenForo_Model_Post'); $threadid = $this->_input->filterSingle('threadid', XenForo_Input::UINT); $postids = $this->_input->filterSingle('postids', XenForo_Input::STRING); $helper = $this->getHelper('ForumThreadPost'); $userids = $users = $ips = array(); $can_view_ips = $user_model->canViewIps(); // If we have a thread id, figure out who started it if ($threadid) { try { list($thread_info, $forum_info) = $helper->assertThreadValidAndViewable($threadid, array('readUserId' => $visitor['user_id'], 'watchUserId' => $visitor['user_id']), array('readUserId' => $visitor['user_id'])); $user = $user_model->getUserById($thread_info['user_id']); if (!$user_model->couldBeSpammer($user)) { return array('no_spam' => true); } $userids[] = (string) $thread_info['user_id']; $users[] = prepare_utf8_string(strip_tags($thread_info['username'])); if ($can_view_ips) { list($post_info, $thread_info, $forum_info) = $helper->assertPostValidAndViewable($thread_info['first_post_id']); $ip_info = $this->getModelFromCache('XenForo_Model_Ip')->getContentIpInfo($post_info); $ips[] = $ip_info['contentIp']; } } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } } else { if ($postids) { $postids_array = preg_split('/,/', $postids); $posts = $post_model->getPostsByIds($postids_array, array('join' => XenForo_Model_Post::FETCH_THREAD)); foreach ($posts as $post) { $user = $user_model->getUserById($post['user_id']); if (!$user_model->couldBeSpammer($user)) { continue; } $userids[] = (string) $post['user_id']; $users[] = prepare_utf8_string(strip_tags($post['username'])); if ($can_view_ips) { $ip_info = $this->getModelFromCache('XenForo_Model_Ip')->getContentIpInfo($post); $ips[] = $ip_info['contentIp']; } } if (!count($userids)) { return array('no_spam' => true); } } } return array('userids' => $userids, 'users' => $users, 'ips' => $ips, 'punitive' => true); }
function do_get_profile() { global $vbulletin, $db, $show, $vbphrase, $permissions, $imodcache; $vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT)); if (!$vbulletin->userinfo['userid'] && !$vbulletin->GPC['userid']) { json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN); } if (!($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or !($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers'])) { json_error(ERR_NO_PERMISSION); } if (!$vbulletin->GPC['userid']) { $vbulletin->GPC['userid'] = $vbulletin->userinfo['userid']; } $fetch_userinfo_options = FETCH_USERINFO_AVATAR | FETCH_USERINFO_LOCATION | FETCH_USERINFO_PROFILEPIC | FETCH_USERINFO_SIGPIC | FETCH_USERINFO_USERCSS | FETCH_USERINFO_ISFRIEND; $userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, $fetch_userinfo_options); if ($userinfo['usergroupid'] == 4 and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) { json_error(ERR_NO_PERMISSION); } $posts = $userinfo['posts']; $joindate = vbdate($vbulletin->options['dateformat'], $userinfo['joindate']); $out = array('username' => html_entity_decode($userinfo['username']), 'online' => fetch_online_status($userinfo, false), 'avatar_upload' => $vbulletin->options['avatarenabled'] && $permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canuseavatar'], 'posts' => $posts, 'joindate' => $joindate); $avatarurl_info = fetch_avatar_url($userinfo['userid']); if ($avatarurl_info) { $out['avatarurl'] = process_avatarurl($avatarurl_info[0]); } cache_moderators(); $canbanuser = ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or can_moderate(0, 'canbanusers')); if ($canbanuser) { $out['ban'] = true; } $groups = array(); // About $out_group = array('name' => 'about', 'values' => array(array('name' => prepare_utf8_string($vbphrase['posts']), 'value' => strval(vb_number_format($userinfo['posts']))), array('name' => prepare_utf8_string($vbphrase['join_date']), 'value' => vbdate($vbulletin->options['dateformat'], $userinfo['joindate'])))); if (function_exists('itrader_user')) { itrader_user($userinfo); $out_group['values'][] = array('name' => 'iTrader', 'value' => vb_number_format($userinfo['tradescore']) . ', ' . $userinfo['tradepcnt'] . '%'); $out += array('itrader_score' => vb_number_format($userinfo['tradescore']), 'itrader_percent' => $userinfo['tradepcnt'] . '%'); } $groups[] = $out_group; $profileobj = new vB_UserProfile($vbulletin, $userinfo); $blockfactory = new vB_ProfileBlockFactory($vbulletin, $profileobj); $profileblock =& $blockfactory->fetch('ProfileFields'); $profileblock->build_field_data(false); $profile = $profileblock->categories[0]; // Additional information if (count($profile)) { $out_group = array('name' => 'additional'); foreach ($profile as $profilefield) { $field_value = $userinfo["field{$profilefield['profilefieldid']}"]; fetch_profilefield_display($profilefield, $field_value); if (!strlen(trim($field_value))) { continue; } $out_group['values'][] = array('name' => prepare_utf8_string($profilefield['title']), 'value' => prepare_utf8_string($profilefield['value'])); } if (count($out_group['values'])) { $groups[] = $out_group; } } $out['groups'] = $groups; return $out; }
function do_register() { global $vbulletin, $vbphrase, $db; if ($vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } if (!$vbulletin->options['forumrunner_enable_registration']) { json_error(ERR_NO_PERMISSION); } $vbulletin->input->clean_array_gpc('r', array('username' => TYPE_STR, 'email' => TYPE_STR, 'password' => TYPE_STR, 'password_md5' => TYPE_STR, 'birthday' => TYPE_STR, 'timezoneoffset' => TYPE_NUM)); // They are registering. Lets find out what fields are required. if (!$vbulletin->options['allowregistration']) { standard_error(fetch_error('noregister')); } $out = array(); if ($vbulletin->GPC['username']) { // Registering. $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY); $vbulletin->GPC['coppauser'] = false; $userdata->set_info('coppauser', false); $userdata->set_info('coppapassword', $vbulletin->GPC['password']); $userdata->set_bitfield('options', 'coppauser', false); $userdata->set('parentemail', ''); if (empty($vbulletin->GPC['username']) || empty($vbulletin->GPC['email']) || empty($vbulletin->GPC['password']) && empty($vbulletin->GPC['password_md5'])) { standard_error(fetch_error('fieldmissing')); } $vbulletin->GPC['password_md5'] = strtolower($vbulletin->GPC['password_md5']); $vbulletin->GPC['passwordconfirm_md5'] = strtolower($vbulletin->GPC['password_md5']); $userdata->set('email', $vbulletin->GPC['email']); $userdata->set('username', $vbulletin->GPC['username']); $userdata->set('password', $vbulletin->GPC['password_md5'] ? $vbulletin->GPC['password_md5'] : $vbulletin->GPC['password']); $userdata->set_bitfield('options', 'adminemail', 1); if ($vbulletin->options['verifyemail']) { $newusergroupid = 3; } else { if ($vbulletin->options['moderatenewmembers'] || $vbulletin->GPC['coppauser']) { $newusergroupid = 4; } else { $newusergroupid = 2; } } $userdata->set('usergroupid', $newusergroupid); $userdata->set('languageid', $vbulletin->userinfo['languageid']); $userdata->set_usertitle('', false, $vbulletin->usergroupcache["{$newusergroupid}"], false, false); $parts = preg_split('#/#', $vbulletin->GPC['birthday']); $day = $month = $year = ''; if ($parts[1]) { $day = $parts[1]; } if ($parts[0]) { $month = $parts[0]; } if ($parts[2]) { $year = $parts[2]; } $userdata->set('showbirthday', 0); $userdata->set('birthday', array('day' => $day, 'month' => $month, 'year' => $year)); $dst = 2; $userdata->set_dst($dst); $userdata->set('timezoneoffset', $vbulletin->GPC['timezoneoffset']); // register IP address $userdata->set('ipaddress', IPADDRESS); $userdata->pre_save(); if (count($userdata->errors)) { // Just return one error for now. json_error(strip_tags($userdata->errors[0])); } $vbulletin->userinfo['userid'] = $userid = $userdata->save(); if ($userid) { $userinfo = fetch_userinfo($userid); $userdata_rank =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdata_rank->set_existing($userinfo); $userdata_rank->set('posts', 0); $userdata_rank->save(); require_once DIR . '/includes/functions_login.php'; $vbulletin->session->created = false; process_new_login('', false, ''); // send new user email if ($vbulletin->options['newuseremail'] != '') { $username = $vbulletin->GPC['username']; $email = $vbulletin->GPC['email']; if ($birthday = $userdata->fetch_field('birthday')) { $bday = explode('-', $birthday); $year = vbdate('Y', TIMENOW, false, false); $month = vbdate('n', TIMENOW, false, false); $day = vbdate('j', TIMENOW, false, false); if ($year > $bday[2] and $bday[2] > 1901 and $bday[2] != '0000') { require_once DIR . '/includes/functions_misc.php'; $vbulletin->options['calformat1'] = mktimefix($vbulletin->options['calformat1'], $bday[2]); if ($bday[2] >= 1970) { $yearpass = $bday[2]; } else { $yearpass = $bday[2] + 28 * ceil((1970 - $bday[2]) / 28); } $birthday = vbdate($vbulletin->options['calformat1'], mktime(0, 0, 0, $bday[0], $bday[1], $yearpass), false, true, false); } else { $birthday = vbdate($vbulletin->options['calformat2'], mktime(0, 0, 0, $bday[0], $bday[1], 1992), false, true, false); } if ($birthday == '') { if ($bday[2] == '0000') { $birthday = "{$bday['0']}-{$bday['1']}"; } else { $birthday = "{$bday['0']}-{$bday['1']}-{$bday['2']}"; } } } if ($userdata->fetch_field('referrerid') and $vbulletin->GPC['referrername']) { $referrer = unhtmlspecialchars($vbulletin->GPC['referrername']); } else { $referrer = $vbphrase['n_a']; } $ipaddress = IPADDRESS; eval(fetch_email_phrases('newuser', 0)); $newemails = explode(' ', $vbulletin->options['newuseremail']); foreach ($newemails as $toemail) { if (trim($toemail)) { vbmail($toemail, $subject, $message); } } } $username = htmlspecialchars_uni($vbulletin->GPC['username']); $email = htmlspecialchars_uni($vbulletin->GPC['email']); // sort out emails and usergroups if ($vbulletin->options['verifyemail']) { $activateid = build_user_activation_id($userid, ($vbulletin->options['moderatenewmembers'] or $vbulletin->GPC['coppauser']) ? 4 : 2, 0); eval(fetch_email_phrases('activateaccount')); vbmail($email, $subject, $message, true); } else { if ($newusergroupid == 2) { if ($vbulletin->options['welcomemail']) { eval(fetch_email_phrases('welcomemail')); vbmail($email, $subject, $message); } } } ($hook = vBulletinHook::fetch_hook('register_addmember_complete')) ? eval($hook) : false; // Let them log in again. process_logout(); $out += array('emailverify' => $vbulletin->options['verifyemail'] ? true : false); } } else { $rules = preg_replace('/<a href=\\"(.*?)\\">(.*?)<\\/a>/', "\\2", $vbphrase['fr_register_forum_rules']); $out += array('rules' => prepare_utf8_string($rules), 'birthday' => $vbulletin->options['reqbirthday'] ? true : false); } return $out; }
function do_get_announcement() { global $vbulletin, $db, $foruminfo; if (empty($foruminfo['forumid'])) { json_error(ERR_INVALID_FORUM); } $usesmilies = false; // begin vbulletin $forumlist = ''; if ($announcementinfo['forumid'] > -1 or $vbulletin->GPC['forumid']) { $foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 1, 1); $curforumid = $foruminfo['forumid']; $forumperms = fetch_permissions($foruminfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { json_error(ERR_NO_PERMISSION); } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); $forumlist = fetch_forum_clause_sql($foruminfo['forumid'], 'announcement.forumid'); } else { if (!$announcementinfo['announcementid']) { json_error(ERR_INVALID_ANNOUNCEMENT); } } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $announcements = $db->query_read_slave("\n\t\tSELECT announcement.announcementid, announcement.announcementid AS postid, startdate, enddate, announcement.title, pagetext, announcementoptions, views, announcement.pagetext,\n\t\t\tuser.*, userfield.*, usertextfield.*,\n\t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t" . ($vbulletin->userinfo['userid'] ? ", NOT ISNULL(announcementread.announcementid) AS readannouncement" : "") . "\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "announcement AS announcement\n\t\t" . ($vbulletin->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "announcementread AS announcementread ON(announcementread.announcementid = announcement.announcementid AND announcementread.userid = " . $vbulletin->userinfo['userid'] . ")" : "") . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = announcement.userid)\n\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid=user.avatarid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid=announcement.userid)" : "") . "\n\t\t{$hook_query_joins}\n\t\tWHERE\n\t\t\t" . ($vbulletin->GPC['announcementid'] ? "announcement.announcementid = " . $vbulletin->GPC['announcementid'] : "startdate <= " . TIMENOW . " AND enddate >= " . TIMENOW . " " . (!empty($forumlist) ? "AND {$forumlist}" : "")) . "\n\t\t\t{$hook_query_where}\n\t\tORDER BY startdate DESC, announcementid DESC\n\t"); if ($db->num_rows($announcements) == 0) { // no announcements json_error(ERR_INVALID_ANNOUNCEMENT); } if (!$vbulletin->options['oneannounce'] and $vbulletin->GPC['announcementid'] and !empty($forumlist)) { $anncount = $db->query_first_slave("\n\t\t\tSELECT COUNT(*) AS total\n\t\t\tFROM " . TABLE_PREFIX . "announcement AS announcement\n\t\t\tWHERE startdate <= " . TIMENOW . "\n\t\t\t\tAND enddate >= " . TIMENOW . "\n\t\t\t\tAND {$forumlist}\n\t\t"); $anncount['total'] = intval($anncount['total']); $show['viewall'] = $anncount['total'] > 1 ? true : false; } else { $show['viewall'] = false; } require_once DIR . '/includes/class_postbit.php'; $show['announcement'] = true; $counter = 0; $anncids = array(); $announcebits = ''; $announceread = array(); $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); while ($post = $db->fetch_array($announcements)) { $postbit_obj =& $postbit_factory->fetch_postbit('announcement'); $post['counter'] = ++$counter; $postbit_obj->construct_postbit($post); $anncids[] = $post['announcementid']; $announceread[] = "({$post['announcementid']}, " . $vbulletin->userinfo['userid'] . ")"; // FRNR start $fr_images = array(); $docattach = array(); // Attachments (images). if (is_array($post['attachments']) && count($post['attachments']) > 0) { foreach ($post['attachments'] as $attachment) { $lfilename = strtolower($attachment['filename']); if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) { $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']); if ($vbulletin->options['attachthumbs']) { $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1'; } $fr_images[] = $tmp; } if (strpos($lfilename, '.pdf') !== false) { $docattach[] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']; } } } // Parse the post for quotes and inline images list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $usesmilies, $attachments); if (count($fr_images) > 0) { $text .= "<br/>"; foreach ($fr_images as $attachment) { $text .= "<img src=\"{$attachment['img']}\"/>"; } } foreach ($images as $image) { $fr_images[] = array('img' => $image); } // Avatar work $avatarurl = ''; if ($post['avatarurl']) { $avatarurl = process_avatarurl($post['avatarurl']); } $tmp = array('username' => prepare_utf8_string(strip_tags($post['username'])), 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'text' => $text, 'post_timestamp' => prepare_utf8_string(date_trunc($post['startdate'])), 'fr_images' => $fr_images); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } $posts_out[] = $tmp; } if (!empty($anncids)) { $db->shutdown_query("\n\t\t\tUPDATE " . TABLE_PREFIX . "announcement\n\t\t\tSET views = views + 1\n\t\t\tWHERE announcementid IN (" . implode(', ', $anncids) . ")\n\t\t"); if ($vbulletin->userinfo['userid']) { $db->shutdown_query("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "announcementread\n\t\t\t\t\t(announcementid, userid)\n\t\t\t\tVALUES\n\t\t\t\t\t" . implode(', ', $announceread) . "\n\t\t\t"); } } if (!is_array($posts_out)) { $posts_out = array(); } return array('posts' => $posts_out, 'total_posts' => count($posts_out)); }
public function actionLogin() { global $fr_version, $fr_platform; $vals = $this->_input->filter(array('username' => XenForo_Input::STRING, 'password' => XenForo_Input::STRING, 'md5_password' => XenForo_Input::STRING, 'fr_username' => XenForo_Input::STRING, 'fr_b' => XenForo_Input::UINT, 'token' => XenForo_Input::STRING)); $login_model = $this->_getLoginModel(); $user_model = $this->_getUserModel(); $options = XenForo_Application::get('options'); $navbg = ''; $style = $options->forumrunnerColor; if ($style) { // Convert to right style. iPhone needs r,g,b. Android needs #rrggbb. $color = convert_color($style); if (is_iphone() && strlen($color) == 7) { $r = hexdec(substr($color, 1, 2)); $g = hexdec(substr($color, 3, 2)); $b = hexdec(substr($color, 5, 2)); $color = "{$r},{$g},{$b}"; } $navbg = $color; } $authenticated = false; $requires_authentication = false; $out = array(); if (!$vals['username'] || !$vals['password'] && !$vals['md5_password']) { if (!XenForo_Visitor::getInstance()->hasPermission('general', 'view')) { $requires_authentication = true; } $options = XenForo_Application::get('options'); if (!$options->boardActive && !XenForo_Visitor::getInstance()->get('is_admin')) { $requires_authentication = true; } } else { $user_id = $user_model->validateAuthentication($vals['username'], $vals['password'], $error); if (!$user_id) { $login_model->logLoginAttempt($vals['username']); json_error($error->render(), RV_BAD_PASSWORD); } $login_model->clearLoginAttempts($vals['username']); $user_model->setUserRememberCookie($user_id); XenForo_Model_Ip::log($user_id, 'user', $user_id, 'login'); XenForo_Application::get('session')->changeUserId($user_id); XenForo_Visitor::setup($user_id); $out['username'] = prepare_utf8_string(XenForo_Visitor::getInstance()->get('username')); $authenticated = true; } $out += array('authenticated' => $authenticated, 'v' => $fr_version, 'p' => $fr_platform, 'requires_authentication' => $requires_authentication); if ($navbg != '') { $out['navbg'] = $navbg; } if (is_iphone() && $options->forumrunnerAdsAdMobPublisherIDiPhone) { $out['admob'] = $options->forumrunnerAdsAdMobPublisherIDiPhone; } else { if (is_android() && $options->forumrunnerAdsAdMobPublisherIDAndroid) { $out['admob'] = $options->forumrunnerAdsAdMobPublisherIDAndroid; } } if ($options->forumrunnerGoogleAnalyticsID && $options->forumrunnerGoogleAnalyticsID != '') { $out['gan'] = $options->forumrunnerGoogleAnalyticsID; } if ($options->forumrunnerFacebookApplicationID && $options->forumrunnerFacebookApplicationID != '') { $out['fb'] = $options->forumrunnerFacebookApplicationID; } if ($options->forumrunnerRegistration) { $out['reg'] = true; } fr_update_push_user($vals['fr_username'], $vals['fr_b'], $vals['token']); return $out; }
function fr_standard_error($error = '') { json_error(prepare_utf8_string(strip_tags($error))); }
public function actionFindNew() { $do = $this->_input->filterSingle('do', XenForo_Input::STRING); $days = $this->_input->filterSingle('days', XenForo_Input::UINT); $page = max($this->_input->filterSingle('page', XenForo_Input::UINT), 1); $perpage = $this->_input->filterSingle('perpage', XenForo_Input::UINT); if (!$perpage) { $perpage = XenForo_Application::get('options')->discussionsPerPage; } $previewtype = $this->_input->filterSingle('previewtype', XenForo_Input::UINT); if (!$previewtype) { $previewtype = 2; } $thread_model = $this->_getThreadModel(); $search_model = $this->_getSearchModel(); $post_model = $this->getModelFromCache('XenForo_Model_Post'); $user_model = $this->getModelFromCache('XenForo_Model_User'); $node_model = $this->getModelFromCache('XenForo_Model_Node'); $userid = XenForo_Visitor::getUserId(); $options = array('limit' => XenForo_Application::get('options')->maximumSearchResults); if ($do == 'getdaily') { if ($days < 0 || $days > 30) { $days = 3; } $search_options = $options + array('order' => 'last_post_date', 'orderDirection' => 'desc'); $threadids = array_keys($thread_model->getThreads(array('last_post_date' => array('>', XenForo_Application::$time - 86400 * $days), 'deleted' => false, 'moderated' => false), $search_options)); $search_type = 'recent-threads'; } else { $threadids = $thread_model->getUnreadThreadIds($userid, $options); $search_type = 'new-threads'; } $exclude = XenForo_Application::get('options')->forumrunnerExcludeForums; if (!$exclude) { $exclude = array(); } $forums = $node_model->getViewableNodeList(null, true); foreach ($exclude as $remove) { fr_remove_node_and_children($forums, $remove); } $forums = array_keys($forums); $results = array(); foreach ($threadids as $threadid) { $thread = $thread_model->getThreadById($threadid); if (!in_array($thread['node_id'], $forums)) { continue; } $results[] = array(XenForo_Model_Search::CONTENT_TYPE => 'thread', XenForo_Model_Search::CONTENT_ID => $threadid); } $results = $search_model->getViewableSearchResults($results); if (!$results) { return $this->noResults(); } $search = $search_model->insertSearch($results, $search_type, '', array(), 'date', false); $search_id = $search['search_id']; $resultids = $search_model->sliceSearchResultsToPage($search, $page, $perpage); $results = $search_model->getSearchResultsForDisplay($resultids); if (!$results) { return $this->noResults(); } $thread_data = array(); $preview_length = XenForo_Application::get('options')->discussionPreviewLength; foreach ($results['results'] as $result) { $thread = $result['content']; $post = $post_model->getPostById($thread[$previewtype == 1 ? 'first_post_id' : 'last_post_id'], array('join' => XenForo_Model_Post::FETCH_USER)); $preview = ''; if ($preview_length) { $preview = preview_chop(XenForo_Helper_String::bbCodeStrip(XenForo_Helper_String::censorString($post['message']), true), $preview_length); } $out = array('thread_id' => $thread['thread_id'], 'new_posts' => $thread['isNew'], 'forum_id' => $thread['node_id'], 'total_posts' => $thread['reply_count'] + 1, 'forum_title' => prepare_utf8_string(strip_tags($thread['node_title'])), 'thread_title' => prepare_utf8_string(XenForo_Helper_String::censorString($thread['title'])), 'post_lastposttime' => prepare_utf8_string(XenForo_Locale::dateTime($thread['last_post_date'], 'absolute'))); if ($previewtype == 1) { $out['post_username'] = prepare_utf8_string(strip_tags($thread['username'])); $out['post_userid'] = $thread['user_id']; } else { $out['post_username'] = prepare_utf8_string(strip_tags($thread['last_post_username'])); $out['post_userid'] = $thread['last_post_user_id']; } $user = $user_model->getUserById($out['post_userid']); if ($user !== false) { $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } } if ($preview != '') { $out['thread_preview'] = prepare_utf8_string(html_entity_decode($preview)); } if ($thread['discussion_type'] == 'poll') { $out['poll'] = true; } if ($thread['prefix_id']) { $phrase = new XenForo_Phrase('thread_prefix_' . $thread['prefix_id']); $out['prefix'] = prepare_utf8_string(strip_tags($phrase->render(false))); } $thread_data[] = $out; } $out = array('threads' => $thread_data, 'total_threads' => $search['result_count'], 'searchid' => $search_id); return $out; }
private function processSearch(&$search) { $vals = $this->_input->filter(array('page' => XenForo_Input::UINT, 'perpage' => XenForo_Input::UINT, 'previewtype' => XenForo_Input::UINT, 'starteronly' => XenForo_Input::UINT)); $vals['page'] = max($vals['page'], 1); $vals['perpage'] = min(XenForo_Application::get('options')->discussionsPerPage, $vals['perpage']); if (!$vals['perpage']) { $vals['perpage'] = XenForo_Application::get('options')->discussionsPerPage; } if (!$vals['previewtype']) { $vals['previewtype'] = 2; } if ($vals['starteronly']) { $vals['previewtype'] = 1; } $search_model = $this->_getSearchModel(); $search_id = $search['search_id']; $resultids = $search_model->sliceSearchResultsToPage($search, $vals['page'], $vals['perpage']); $results = $search_model->getSearchResultsForDisplay($resultids); if (!$results) { return $this->sendError(new XenForo_Phrase('no_results_found')); } $post_model = $this->getModelFromCache('XenForo_Model_Post'); $user_model = $this->getModelFromCache('XenForo_Model_User'); $thread_data = array(); $preview_length = XenForo_Application::get('options')->discussionPreviewLength; foreach ($results['results'] as $result) { $thread = $result['content']; $is_post = $result['content_type'] == 'post'; if ($is_post) { $post = $post_model->getPostById($thread['post_id'], array('join' => XenForo_Model_Post::FETCH_USER)); } else { $post = $post_model->getPostById($thread[$vals['previewtype'] == 1 ? 'first_post_id' : 'last_post_id'], array('join' => XenForo_Model_Post::FETCH_USER)); } $preview = ''; if ($preview_length) { $preview = preview_chop(XenForo_Helper_String::bbCodeStrip(XenForo_Helper_String::censorString($thread['message']), true), $preview_length); } $out = array('thread_id' => $thread['thread_id'], 'new_posts' => $thread['isNew'], 'forum_id' => $thread['node_id'], 'total_posts' => $thread['reply_count'] + 1, 'forum_title' => prepare_utf8_string(strip_tags($thread['node_title'])), 'thread_title' => prepare_utf8_string(XenForo_Helper_String::censorString($thread['title']))); if ($is_post) { $out += array('post_id' => $thread['post_id'], 'jump_to_post' => 1, 'post_username' => prepare_utf8_string(strip_tags($thread['username'])), 'post_userid' => $thread['user_id'], 'post_lastposttime' => prepare_utf8_string(XenForo_Locale::dateTime($thread['post_date'], 'absolute'))); } else { if ($vals['previewtype'] == 1) { $out += array('post_username' => prepare_utf8_string(strip_tags($thread['username'])), 'post_userid' => $thread['user_id']); } else { $out += array('post_username' => prepare_utf8_string(strip_tags($thread['last_post_username'])), 'post_userid' => $thread['last_post_user_id']); } $out['post_lastposttime'] = prepare_utf8_string(XenForo_Locale::dateTime($thread['last_post_date'], 'absolute')); } $user = $user_model->getUserById($out['post_userid']); if ($user !== false) { $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } } if ($preview != '') { $out['thread_preview'] = prepare_utf8_string(html_entity_decode($preview)); } if ($thread['discussion_type'] == 'poll') { $out['poll'] = true; } if ($thread['prefix_id']) { $phrase = new XenForo_Phrase('thread_prefix_' . $thread['prefix_id']); $out['prefix'] = prepare_utf8_string(strip_tags($phrase->render(false))); } $thread_data[] = $out; } $out = array('threads' => $thread_data, 'total_threads' => $search['result_count'], 'searchid' => $search_id); return $out; }
public function actionGetProfile() { $visitor = XenForo_Visitor::getInstance(); $permissions = $visitor->getPermissions(); $session_model = $this->getModelFromCache('XenForo_Model_Session'); $userid = $this->_input->filterSingle('userid', XenForo_Input::UINT); if (!$userid) { $userid = XenForo_Visitor::getUserId(); } try { $user = $this->getHelper('UserProfile')->assertUserProfileValidAndViewable($userid, array('join' => XenForo_Model_User::FETCH_LAST_ACTIVITY)); } catch (Exception $e) { json_error($e->getControllerResponse()->errorText->render()); } $online_info = $session_model->getSessionActivityRecords(array('user_id' => $user['user_id'], 'cutOff' => array('>', $session_model->getOnlineStatusTimeout()))); $is_online = false; if (count($online_info) == 1) { $is_online = true; } $posts = $user['message_count']; $joindate = prepare_utf8_string(XenForo_Locale::date($user['register_date'], 'absolute')); $out = array('username' => prepare_utf8_string(strip_tags($user['username'])), 'posts' => $posts, 'joindate' => $joindate, 'online' => $is_online, 'avatar_upload' => $visitor->canUploadAvatar()); $maxFileSize = XenForo_Permission::hasPermission($permissions, 'avatar', 'maxFileSize'); if ($maxFileSize > 0) { $out['avatar_resize'] = true; } $avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm')); if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) { $avatarurl = ''; } if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } if ($visitor->hasAdminPermission('ban')) { $out['ban'] = true; } // New Profile Fields $groups = array(); // About $out_group = array('name' => 'about', 'values' => array(array('name' => prepare_utf8_string(fr_get_phrase('messages')), 'value' => strval($posts)), array('name' => prepare_utf8_string(fr_get_phrase('joined')), 'value' => $joindate), array('name' => prepare_utf8_string(fr_get_phrase('likes_received')), 'value' => strval($user['like_count'])))); $groups[] = $out_group; // Additional information $out_group = array('name' => 'additional'); // Status if (!empty($user['status'])) { $out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('status')), 'value' => prepare_utf8_string($user['status'])); } // Location if (!empty($user['location'])) { $out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('location')), 'value' => prepare_utf8_string($user['location'])); } // Occupation if (!empty($user['occupation'])) { $out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('occupation')), 'value' => prepare_utf8_string($user['occupation'])); } // About if (!empty($user['about'])) { $out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('about')), 'value' => prepare_utf8_string(remove_bbcode($user['about'], true, true))); } if (count($out_group['values'])) { $groups[] = $out_group; } $out['groups'] = $groups; return $out; }
function do_get_photos() { global $vbulletin, $db, $show, $vbphrase, $foruminfo, $userinfo, $albuminfo, $session, $contenttypeid; if (empty($albuminfo)) { standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } if ($vbulletin->GPC['addgroup'] and $albuminfo['userid'] != $vbulletin->userinfo['userid']) { print_no_permission(); } ($hook = vBulletinHook::fetch_hook('album_album')) ? eval($hook) : false; $perpage = 999999; $vbulletin->GPC['pagenumber'] = 1; $input_pagenumber = $vbulletin->GPC['pagenumber']; if (can_moderate(0, 'canmoderatepictures') or $albuminfo['userid'] == $vbulletin->userinfo['userid']) { $totalpictures = $albuminfo['visible'] + $albuminfo['moderation']; } else { $totalpictures = $albuminfo['visible']; } $total_pages = max(ceil($totalpictures / $perpage), 1); // 0 pictures still needs an empty page $pagenumber = $vbulletin->GPC['pagenumber'] > $total_pages ? $total_pages : $vbulletin->GPC['pagenumber']; $start = ($pagenumber - 1) * $perpage; $hook_query_fields = $hook_query_joins = $hook_query_where = ''; ($hook = vBulletinHook::fetch_hook('album_album_query')) ? eval($hook) : false; $pictures = $db->query_read("\n SELECT\n a.attachmentid, a.userid, a.caption, a.dateline, a.state,\n fd.filesize, IF(fd.thumbnail_filesize > 0, 1, 0) AS hasthumbnail, fd.thumbnail_dateline, fd.thumbnail_width, fd.thumbnail_height\n {$hook_query_fields}\n FROM " . TABLE_PREFIX . "attachment AS a\n INNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (fd.filedataid = a.filedataid)\n {$hook_query_joins}\n WHERE\n a.contentid = {$albuminfo['albumid']}\n AND\n a.contenttypeid = " . intval($contenttypeid) . "\n " . ((!can_moderate(0, 'canmoderatepictures') and $albuminfo['userid'] != $vbulletin->userinfo['userid']) ? "AND a.state = 'visible'" : "") . "\n {$hook_query_where}\n ORDER BY a.dateline DESC\n LIMIT {$start}, {$perpage}\n "); // work out the effective picturebit height/width including any borders and paddings; the +4 works around an IE float issue $picturebit_height = $vbulletin->options['album_thumbsize'] + (($usercss ? 0 : $stylevar['cellspacing']) + $stylevar['cellpadding']) * 2 + 4; $picturebit_width = $vbulletin->options['album_thumbsize'] + (($usercss ? 0 : $stylevar['cellspacing']) + $stylevar['cellpadding']) * 2; $out_photos = array(); $picnum = 0; while ($picture = $db->fetch_array($pictures)) { $picture = prepare_pictureinfo_thumb($picture, $albuminfo); if ($picnum % $vbulletin->options['album_pictures_perpage'] == 0) { $show['page_anchor'] = true; $page_anchor = $picnum / $vbulletin->options['album_pictures_perpage'] + 1; } else { $show['page_anchor'] = false; } $picnum++; if ($picture['state'] != 'visible') { continue; } ($hook = vBulletinHook::fetch_hook('album_album_picturebit')) ? eval($hook) : false; $photo_url = "attachment.php?{$session[sessionurl]}attachmentid={$picture['attachmentid']}"; $out_photos[] = array('photoid' => $picture['attachmentid'], 'userid' => $picture['userid'], 'caption' => prepare_utf8_string(strip_tags(fetch_censored_text($picture['caption']))), 'photo_date' => prepare_utf8_string($picture['date'] . ' ' . $picture['time']), 'photo_url' => fr_fix_url($photo_url), 'thumb_url' => fr_fix_url($photo_url . '&thumb=1')); } $show['add_picture_option'] = ($userinfo['userid'] == $vbulletin->userinfo['userid'] and fetch_count_overage($userinfo['userid'], $albuminfo[albumid], $vbulletin->userinfo['permissions']['albummaxpics']) <= 0 and (!$vbulletin->options['album_maxpicsperalbum'] or $totalpictures - $vbulletin->options['album_maxpicsperalbum'] < 0)); if ($albuminfo['state'] == 'private') { $show['personalalbum'] = true; $albumtype = $vbphrase['private_album_paren']; } else { if ($albuminfo['state'] == 'profile') { $show['personalalbum'] = true; $albumtype = $vbphrase['profile_album_paren']; } } $out = array('photos' => $out_photos, 'total_photos' => $totalpictures, 'can_add_photo' => $show['add_picture_option'] ? true : false); return $out; }
function do_get_subscriptions() { global $vbulletin, $db, $show, $vbphrase, $permissions, $subscribecounters; $vbulletin->options['threadpreview'] = FR_PREVIEW_LEN; if (!$vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } if (!$vbulletin->userinfo['userid'] and $_REQUEST['do'] != 'removesubscription' or $vbulletin->userinfo['userid'] and !($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or $vbulletin->userinfo['usergroupid'] == 4 or !($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'])) { json_error(ERR_NO_PERMISSION); } $thread_data = array(); $unread_subs = 0; // vbulletin expects folderid, but we will just get them all $vbulletin->input->clean_array_gpc('r', array('folderid' => TYPE_NOHTML, 'perpage' => TYPE_UINT, 'pagenumber' => TYPE_UINT, 'sortfield' => TYPE_NOHTML, 'sortorder' => TYPE_NOHTML, 'previewtype' => TYPE_INT)); $previewtype = $vbulletin->GPC['previewtype']; if (!$previewtype) { $previewtype = 1; } $vbulletin->GPC['folderid'] = 'all'; // Values that are reused in templates $sortfield =& $vbulletin->GPC['sortfield']; $perpage =& $vbulletin->GPC['perpage']; $pagenumber =& $vbulletin->GPC['pagenumber']; $folderid =& $vbulletin->GPC['folderid']; if ($folderid == 'all') { $getallfolders = true; $show['allfolders'] = true; } else { $folderid = intval($folderid); } $folderselect["{$folderid}"] = 'selected="selected"'; // Build folder jump require_once DIR . '/includes/functions_misc.php'; $folders = construct_folder_jump(1, $folderid, false, '', true); $templater = vB_Template::create('subscribe_folder_jump'); $templater->register('folders', $folders); $folderjump = $templater->render(); // look at sorting options: if ($vbulletin->GPC['sortorder'] != 'asc') { $vbulletin->GPC['sortorder'] = 'desc'; $sqlsortorder = 'DESC'; $order = array('desc' => 'selected="selected"'); } else { $sqlsortorder = ''; $order = array('asc' => 'selected="selected"'); } switch ($sortfield) { case 'title': case 'lastpost': case 'replycount': case 'views': case 'postusername': $sqlsortfield = 'thread.' . $sortfield; break; default: $handled = false; if (!$handled) { $sqlsortfield = 'thread.lastpost'; $sortfield = 'lastpost'; } } $sort = array($sortfield => 'selected="selected"'); if ($getallfolders) { $totalallthreads = array_sum($subscribecounters); } else { $totalallthreads = $subscribecounters["{$folderid}"]; } // set defaults sanitize_pageresults($totalallthreads, $pagenumber, $perpage, 200, $vbulletin->options['maxthreads']); // display threads $limitlower = ($pagenumber - 1) * $perpage + 1; $limitupper = $pagenumber * $perpage; if ($limitupper > $totalallthreads) { $limitupper = $totalallthreads; if ($limitlower > $totalallthreads) { $limitlower = $totalallthreads - $perpage; } } if ($limitlower <= 0) { $limitlower = 1; } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $getthreads = $db->query_read_slave("\n\t\tSELECT thread.threadid, emailupdate, subscribethreadid, thread.forumid, thread.postuserid\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "subscribethread AS subscribethread\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON(thread.threadid = subscribethread.threadid)\n\t\t{$hook_query_joins}\n\t\tWHERE subscribethread.userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\tAND thread.visible = 1\n\t\t\tAND canview = 1\n\t\t" . iif(!$getallfolders, "\tAND folderid = {$folderid}") . "\n\t\t\t{$hook_query_where}\n\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\tLIMIT " . ($limitlower - 1) . ", {$perpage}\n\t"); if ($totalthreads = $db->num_rows($getthreads)) { $forumids = array(); $threadids = array(); $emailupdate = array(); $killthreads = array(); while ($getthread = $db->fetch_array($getthreads)) { $forumperms = fetch_permissions($getthread['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or $getthread['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) { $killthreads["{$getthread['subscribethreadid']}"] = $getthread['subscribethreadid']; $totalallthreads--; continue; } $forumids["{$getthread['forumid']}"] = true; $threadids[] = $getthread['threadid']; $emailupdate["{$getthread['threadid']}"] = $getthread['emailupdate']; $subscribethread["{$getthread['threadid']}"] = $getthread['subscribethreadid']; } $threadids = implode(',', $threadids); } unset($getthread); $db->free_result($getthreads); if (!empty($killthreads)) { // Update thread subscriptions $vbulletin->db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "subscribethread\n\t\t\tSET canview = 0\n\t\t\tWHERE subscribethreadid IN (" . implode(', ', $killthreads) . ")\n\t\t"); } if (!empty($threadids)) { cache_ordered_forums(1); $colspan = 5; $show['threadicons'] = false; // get last read info for each thread $lastread = array(); foreach (array_keys($forumids) as $forumid) { if ($vbulletin->options['threadmarking']) { $lastread["{$forumid}"] = max($vbulletin->forumcache["{$forumid}"]['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400); } else { $lastread["{$forumid}"] = max(intval(fetch_bbarray_cookie('forum_view', $forumid)), $vbulletin->userinfo['lastvisit']); } if ($vbulletin->forumcache["{$forumid}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons']) { $show['threadicons'] = true; $colspan = 6; } } if ($previewtype == 1) { $previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,"; $previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.firstpostid)"; } else { $previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,"; $previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.lastpostid)"; } $hasthreads = true; $threadbits = ''; $pagenav = ''; $counter = 0; $toread = 0; $vbulletin->options['showvotes'] = intval($vbulletin->options['showvotes']); if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) { $lastpost_info = "IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost, " . "IF(tachythreadpost.userid IS NULL, thread.lastposter, tachythreadpost.lastposter) AS lastposter, " . "IF(tachythreadpost.userid IS NULL, thread.lastposterid, tachythreadpost.lastposterid) AS lastposterid, " . "IF(tachythreadpost.userid IS NULL, thread.lastpostid, tachythreadpost.lastpostid) AS lastpostid"; $tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ')'; } else { $lastpost_info = 'thread.lastpost, thread.lastposter, thread.lastposterid, thread.lastpostid'; $tachyjoin = ''; } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $threads = $db->query_read_slave("\n\t\t\tSELECT\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . ", thread.votenum, 0) AS votenum,\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . " AND thread.votenum > 0, thread.votetotal / thread.votenum, 0) AS voteavg,\n\t\t\t\tthread.votetotal,\n\t\t\t\t{$previewfield} thread.threadid, thread.title AS threadtitle, thread.forumid, thread.pollid,\n\t\t\t\tthread.open, thread.replycount, thread.postusername, thread.prefixid,\n\t\t\t\t{$lastpost_info}, thread.postuserid, thread.dateline, thread.views, thread.iconid AS threadiconid,\n\t\t\t\tthread.notes, thread.visible, thread.attach, thread.taglist\n\t\t\t\t" . ($vbulletin->options['threadmarking'] ? ", threadread.readtime AS threadread" : '') . "\n\t\t\t\t{$hook_query_fields}\n\t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t\t{$previewjoin}\n\t\t\t" . ($vbulletin->options['threadmarking'] ? " LEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")" : '') . "\n\t\t\t{$tachyjoin}\n\t\t\t{$hook_query_joins}\n\t\t\tWHERE thread.threadid IN ({$threadids})\n\t\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\t"); unset($sqlsortfield, $sqlsortorder); require_once DIR . '/includes/functions_forumdisplay.php'; // Get Dot Threads $dotthreads = fetch_dot_threads_array($threadids); if ($vbulletin->options['showdots'] and $vbulletin->userinfo['userid']) { $show['dotthreads'] = true; } else { $show['dotthreads'] = false; } if ($vbulletin->options['threadpreview'] and $vbulletin->userinfo['ignorelist']) { // Get Buddy List $buddy = array(); if (trim($vbulletin->userinfo['buddylist'])) { $buddylist = preg_split('/( )+/', trim($vbulletin->userinfo['buddylist']), -1, PREG_SPLIT_NO_EMPTY); foreach ($buddylist as $buddyuserid) { $buddy["{$buddyuserid}"] = 1; } } DEVDEBUG('buddies: ' . implode(', ', array_keys($buddy))); // Get Ignore Users $ignore = array(); if (trim($vbulletin->userinfo['ignorelist'])) { $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY); foreach ($ignorelist as $ignoreuserid) { if (!$buddy["{$ignoreuserid}"]) { $ignore["{$ignoreuserid}"] = 1; } } } DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore))); } $foruminfo['allowratings'] = true; $show['notificationtype'] = true; $show['threadratings'] = true; $show['threadrating'] = true; while ($thread = $db->fetch_array($threads)) { $threadid = $thread['threadid']; // build thread data $thread = process_thread_array($thread, $lastread["{$thread['forumid']}"]); switch ($emailupdate["{$thread['threadid']}"]) { case 0: $thread['notification'] = $vbphrase['none']; break; case 1: $thread['notification'] = $vbphrase['instant']; break; case 2: $thread['notification'] = $vbphrase['daily']; break; case 3: $thread['notification'] = $vbphrase['weekly']; break; default: $thread['notification'] = $vbphrase['n_a']; } $avatarurl = ''; if ($thread['lastpost_userid'] > 0) { $userinfoavatar = fetch_userinfo($thread['lastpost_userid'], FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfoavatar, true, false); if ($userinfoavatar['avatarurl'] != '') { $avatarurl = process_avatarurl($userinfoavatar['avatarurl']); } unset($userinfoavatar); } $tmp = array('thread_id' => $thread['threadid'], 'new_posts' => $show['gotonewpost'] ? true : false, 'forum_id' => $thread['forumid'], 'total_posts' => $thread['totalposts'] ? $thread['totalposts'] : 0, 'forum_title' => prepare_utf8_string($thread['forumtitle']), 'thread_title' => prepare_utf8_string($thread['threadtitle']), 'thread_preview' => prepare_utf8_string(preview_chop(html_entity_decode($thread['preview']), FR_PREVIEW_LEN)), 'post_userid' => $thread['lastpost_userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($thread['lastpostdate']) . ' ' . $thread['lastposttime']), 'post_username' => prepare_utf8_string(strip_tags($thread['lastpost_username']))); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } if ($thread['attach']) { $tmp['attach'] = true; } if ($thread['pollid']) { $tmp['poll'] = true; } $thread_data[] = $tmp; } $db->free_result($threads); unset($threadids); } else { $totalallthreads = 0; } $out = array('threads' => $thread_data, 'total_threads' => $totalallthreads); return $out; }
function do_online() { global $vbulletin, $db; $showmembers = true; $showguests = true; $showspiders = true; $datecut = TIMENOW - $vbulletin->options['cookietimeout']; $wol_event = array(); $wol_pm = array(); $wol_calendar = array(); $wol_user = array(); $wol_forum = array(); $wol_link = array(); $wol_thread = array(); $wol_post = array(); $sqlsort = 'user.username'; $sortfield = 'username'; $hook_query_fields = $hook_query_joins = $hook_query_where = ''; ($hook = vBulletinHook::fetch_hook('online_query')) ? eval($hook) : false; $allusers = $db->query_read_slave("\n\tSELECT\n\t user.username, session.useragent, session.location, session.lastactivity, user.userid, user.options, session.host, session.badlocation, session.incalendar, user.aim, user.icq, user.msn, user.yahoo, user.skype,\n\t IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n\t{$hook_query_fields}\n\tFROM " . TABLE_PREFIX . "session AS session\n\t" . iif($vbulletin->options['WOLguests'], " LEFT JOIN " . TABLE_PREFIX . "user AS user USING (userid) ", ", " . TABLE_PREFIX . "user AS user") . "\n\t{$hook_query_joins}\n\tWHERE session.lastactivity > {$datecut}\n\t" . iif(!$vbulletin->options['WOLguests'], " AND session.userid = user.userid", "") . "\n\t{$hook_query_where}\n\tORDER BY {$sqlsort} {$sortorder}\n "); require_once DIR . '/includes/class_postbit.php'; while ($users = $db->fetch_array($allusers)) { if ($users['userid']) { // Reg'd Member if (!$showmembers) { continue; } $users = array_merge($users, convert_bits_to_array($users['options'], $vbulletin->bf_misc_useroptions)); $key = $users['userid']; if ($key == $vbulletin->userinfo['userid']) { // in case this is the first view for the user, fake it that show up to themself $foundviewer = true; } if (empty($userinfo["{$key}"]['lastactivity']) or $userinfo["{$key}"]['lastactivity'] < $users['lastactivity']) { unset($userinfo["{$key}"]); // need this to sort by lastactivity $userinfo["{$key}"] = $users; fetch_musername($users); $userinfo["{$key}"]['musername'] = $users['musername']; $userinfo["{$key}"]['useragent'] = htmlspecialchars_uni($users['useragent']); $userinfoavatar = fetch_userinfo($key, FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfoavatar, true, false); if ($userinfoavatar['avatarurl'] != '') { $userinfo["{$key}"]['avatarurl'] = process_avatarurl($userinfoavatar['avatarurl']); } unset($userinfoavatar); if ($users['invisible']) { if ($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehidden'] or $key == $vbulletin->userinfo['userid']) { $userinfo["{$key}"]['hidden'] = '*'; $userinfo["{$key}"]['invisible'] = 0; } } if ($vbulletin->options['WOLresolve'] and $permissions['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlineip']) { $userinfo["{$key}"]['host'] = @gethostbyaddr($users['host']); } $userinfo["{$key}"]['buddy'] = $buddy["{$key}"]; } } else { // Guest or Spider.. $spider = ''; if ($vbulletin->options['enablespiders'] and !empty($vbulletin->wol_spiders)) { if (preg_match('#(' . $vbulletin->wol_spiders['spiderstring'] . ')#si', $users['useragent'], $agent)) { $agent = strtolower($agent[1]); // Check ip address if (!empty($vbulletin->wol_spiders['agents']["{$agent}"]['lookup'])) { $ourip = ip2long($users['host']); foreach ($vbulletin->wol_spiders['agents']["{$agent}"]['lookup'] as $key => $ip) { if ($ip['startip'] and $ip['endip']) { if ($ourip >= $ip['startip'] and $ourip <= $ip['endip']) { $spider = $vbulletin->wol_spiders['agents']["{$agent}"]; break; } } else { if ($ip['startip'] == $ourip) { $spider = $vbulletin->wol_spiders['agents']["{$agent}"]; break; } } } } else { $spider = $vbulletin->wol_spiders['agents']["{$agent}"]; } } } if ($spider) { if (!$showspiders) { continue; } $guests["{$count}"] = $users; $guests["{$count}"]['spider'] = $spider['name']; $guests["{$count}"]['spidertype'] = $spider['type']; } else { if (!$showguests) { continue; } $guests["{$count}"] = $users; } $guests["{$count}"]['username'] = $vbphrase['guest']; $guests["{$count}"]['invisible'] = 0; $guests["{$count}"]['displaygroupid'] = 1; fetch_musername($guests["{$count}"]); if ($vbulletin->options['WOLresolve'] and $permissions['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlineip']) { $guests["{$count}"]['host'] = @gethostbyaddr($users['host']); } $guests["{$count}"]['count'] = $count + 1; $guests["{$count}"]['useragent'] = htmlspecialchars_uni($users['useragent']); $count++; ($hook = vBulletinHook::fetch_hook('online_user')) ? eval($hook) : false; } } $online_users = array(); if (is_array($userinfo)) { foreach ($userinfo as $userid => $user) { if ($user['invisible']) { continue; } $tmp = array('userid' => $userid, 'username' => prepare_utf8_string(strip_tags($user['username']))); if ($user['userid'] == $vbulletin->userinfo['userid']) { $tmp['me'] = true; } if ($user['avatarurl'] != '') { $tmp['avatarurl'] = $user['avatarurl']; } $online_users[] = $tmp; } } $numguests = 0; if (is_array($guests)) { $numguests = count($guests); } return array('users' => $online_users, 'num_guests' => $numguests); }