} // make sure the ids we are going to work with are sane $messageids = array(); foreach (array_keys($vbulletin->GPC['pm']) as $pmid) { $pmid = intval($pmid); $messageids["{$pmid}"] = $pmid; } unset($pmid); ($hook = vBulletinHook::fetch_hook('private_managepm_start')) ? eval($hook) : false; // now switch the $dowhat... switch ($vbulletin->GPC['dowhat']) { // ***************************** // move messages to a new folder case 'move': $totalmessages = sizeof($messageids); $messageids = sign_client_string(serialize($messageids)); $folderoptions = construct_folder_jump(0, 0, array($vbulletin->GPC['folderid'], -1)); switch ($vbulletin->GPC['folderid']) { case -1: $fromfolder = $vbphrase['sent_items']; break; case 0: $fromfolder = $vbphrase['inbox']; break; default: $folders = unserialize($vbulletin->userinfo['pmfolders']); $fromfolder = $folders["{$vbulletin->GPC['folderid']}"]; } ($hook = vBulletinHook::fetch_hook('private_managepm_move')) ? eval($hook) : false; if ($folderoptions) { $templatename = 'pm_movepm';
} // ###################### Do delete the attachment #################### if ($_POST['do'] == 'dodelete') { $vbulletin->input->clean_array_gpc('p', array('attachmentid' => TYPE_UINT)); $attachdata =& datamanager_init('Attachment', $vbulletin, ERRTYPE_CP, 'attachment'); $attachdata->condition = "attachmentid = " . $vbulletin->GPC['attachmentid']; $attachdata->log = false; $attachdata->delete(true, false); define('CP_REDIRECT', 'attachment.php?do=intro'); print_stop_message('deleted_attachment_successfully'); } // ###################### Mass Delete attachments #################### if ($_REQUEST['do'] == 'massdelete') { $vbulletin->input->clean_array_gpc('r', array('a_delete' => TYPE_ARRAY_UINT)); print_form_header('attachment', 'domassdelete'); construct_hidden_code('a_delete', sign_client_string(serialize($vbulletin->GPC['a_delete']))); print_table_header($vbphrase['confirm_deletion']); print_description_row($vbphrase['are_you_sure_you_want_to_delete_these_attachments']); print_submit_row($vbphrase['yes'], '', 2, $vbphrase['no']); } // ###################### Mass Delete attachments #################### if ($_POST['do'] == 'domassdelete') { $vbulletin->input->clean_array_gpc('p', array('a_delete' => TYPE_STR)); $delete = @unserialize(verify_client_string($vbulletin->GPC['a_delete'])); if ($delete and is_array($delete)) { $ids = implode(',', $delete); $attachdata =& datamanager_init('Attachment', $vbulletin, ERRTYPE_CP, 'attachment'); $attachdata->condition = "attachmentid IN (-1," . $db->escape_string($ids) . ")"; $attachdata->log = false; $attachdata->delete(true, false); }
function check_all_checkable(toggle) { var els = YAHOO.util.Dom.getElementsByClassName('checkable'); for (var i = 0; i < els.length; i++) { els[i].checked = toggle.checked; } } // --> </script> <?php print_form_header('prefix', 'savepermissions'); print_table_header($vbphrase['edit_thread_prefix_permissions']); construct_hidden_code('prefixids', sign_client_string(serialize($prefixids))); construct_hidden_code('shownusergroups', sign_client_string(serialize(array_keys($vbulletin->usergroupcache)))); print_description_row(construct_phrase($vbphrase['editing_permissions_for_x'], implode(', ', $prefix_html))); if (count(array_unique($prefixdefaults)) <= 1) { print_yes_no_row($vbphrase['allow_new_groups_to_use_selected_prefixes'], 'default', $prefixdefaults[0]); } else { $conflict_options_default = array('-1' => $vbphrase['leave_default_permissions_unchanged'], '0' => $vbphrase['new_groups_may_use_selected_prefixes'], '1' => $vbphrase['new_groups_may_not_use_selected_prefixes']); print_label_row($vbphrase['allow_new_groups_to_use_selected_prefixes'], "<label for=\"sel_ug{$usergroupid}\" class=\"smallfont\">" . $vbphrase['set_default_permissions'] . ": <select name=\"conflict[{$usergroupid}]\" id=\"sel_ug{$usergroupid}\">" . construct_select_options($conflict_options_default, '-1') . "</select>"); } print_description_row('<label for="cb_allbox"><input type="checkbox" name="allbox" id="cb_allbox" onclick="check_all_checkable(this)"' . (empty($usergroupperms) ? ' checked="checked"' : '') . " />{$vbphrase['check_uncheck_all']}</label>", false, 2, 'thead'); foreach ($vbulletin->usergroupcache as $usergroupid => $usergroup) { if (in_array($usergroupid, $conflicts)) { print_label_row("<label for=\"cb_ug{$usergroupid}\"><input type=\"checkbox\" disabled=\"disabled\" id=\"cb_ug{$usergroupid}\" />{$usergroup['title']}</label>", "<label for=\"sel_ug{$usergroupid}\" class=\"smallfont\">" . $vbphrase['resolve_permission_conflict'] . ": <select name=\"conflict[{$usergroupid}]\" id=\"sel_ug{$usergroupid}\">" . construct_select_options($conflict_options, 0) . "</select>"); } else { print_description_row("<label for=\"cb_ug{$usergroupid}\"><input type=\"checkbox\" name=\"usergroup[{$usergroupid}]\" id=\"cb_ug{$usergroupid}\" class=\"checkable\"" . (empty($usergroupperms["{$usergroupid}"]) ? ' checked="checked"' : '') . " />{$usergroup['title']}</label>"); } }
function do_login_redirect() { global $vbulletin, $vbphrase; $vbulletin->input->fetch_basepath(); if ( $vbulletin->url == 'login.php' OR $vbulletin->url == $vbulletin->options['forumhome'] . '.php' OR strpos($vbulletin->url, 'do=logout') !== false OR (!$vbulletin->options['allowmultiregs'] AND strpos($vbulletin->url, $vbulletin->basepath . 'register.php') === 0) ) { $vbulletin->url = $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']; } else { $vbulletin->url = fetch_replaced_session_url($vbulletin->url); $vbulletin->url = preg_replace('#^/+#', '/', $vbulletin->url); // bug 3654 don't ask why } $temp = strpos($vbulletin->url, '?'); if ($temp) { $formfile = substr($vbulletin->url, 0, $temp); } else { $formfile =& $vbulletin->url; } $postvars = $vbulletin->GPC['postvars']; ($hook = vBulletinHook::fetch_hook('login_redirect')) ? eval($hook) : false; // recache the global group to get the stuff from the new language $globalgroup = $vbulletin->db->query_first_slave(" SELECT phrasegroup_global, languagecode, charset FROM " . TABLE_PREFIX . "language WHERE languageid = " . intval($vbulletin->userinfo['languageid'] ? $vbulletin->userinfo['languageid'] : $vbulletin->options['languageid']) ); if ($globalgroup) { $vbphrase = array_merge($vbphrase, unserialize($globalgroup['phrasegroup_global'])); if (vB_Template_Runtime::fetchStyleVar('charset') != $globalgroup['charset']) { // change the character set in a bunch of places - a total hack global $headinclude; $headinclude = str_replace( "content=\"text/html; charset=" . vB_Template_Runtime::fetchStyleVar('charset') . "\"", "content=\"text/html; charset=$globalgroup[charset]\"", $headinclude ); vB_Template_Runtime::addStyleVar('charset', $globalgroup['charset'], 'imgdir'); $vbulletin->userinfo['lang_charset'] = $globalgroup['charset']; exec_headers(); } if ($vbulletin->GPC['postvars']) { $postvars = @unserialize(verify_client_string($vbulletin->GPC['postvars'])); if ($postvars['securitytoken'] = 'guest') { $vbulletin->userinfo['securitytoken_raw'] = sha1($vbulletin->userinfo['userid'] . sha1($vbulletin->userinfo['salt']) . sha1(COOKIE_SALT)); $vbulletin->userinfo['securitytoken'] = TIMENOW . '-' . sha1(TIMENOW . $vbulletin->userinfo['securitytoken_raw']); $postvars['securitytoken'] = $vbulletin->userinfo['securitytoken']; $vbulletin->GPC['postvars'] = sign_client_string(serialize($postvars)); } } vB_Template_Runtime::addStyleVar('languagecode', $globalgroup['languagecode']); } eval(print_standard_redirect('redirect_login', true, true, $vbulletin->userinfo['languageid'])); }
} } $cell[] = $output; } else { $cell[] = $user["{$varname}"]; } } } if ($vbulletin->GPC['display']['options']) { $cell[] = "\n\t<select name=\"u{$user['userid']}\" onchange=\"js_usergroup_jump({$user['userid']});\" class=\"bginput\">\n\t\t\t<option value=\"edit\">{$vbphrase['view']} / " . $vbphrase['edit_user'] . "</option>" . iif(!empty($user['email']), "<option value=\"" . unhtmlspecialchars($user[email]) . "\">" . $vbphrase['send_password_to_user'] . "</option>") . "\n\t\t\t<option value=\"access\">" . $vbphrase['edit_access_masks'] . "</option>\n\t\t\t<option value=\"kill\">" . $vbphrase['delete_user'] . "</option>\n\t</select><input type=\"button\" class=\"button\" value=\"" . $vbphrase['go'] . "\" onclick=\"js_usergroup_jump({$user['userid']});\" />\n\t"; } print_cells_row($cell); } construct_hidden_code('serializeduser', sign_client_string(serialize($vbulletin->GPC['user']))); construct_hidden_code('serializedprofile', sign_client_string(serialize($vbulletin->GPC['profile']))); construct_hidden_code('serializeddisplay', sign_client_string(serialize($vbulletin->GPC['display']))); construct_hidden_code('limitnumber', $vbulletin->GPC['limitnumber']); construct_hidden_code('orderby', $vbulletin->GPC['orderby']); construct_hidden_code('direction', $vbulletin->GPC['direction']); if ($vbulletin->GPC['limitstart'] == 0 and $countusers['users'] > $vbulletin->GPC['limitnumber']) { construct_hidden_code('limitstart', $vbulletin->GPC['limitstart'] + $vbulletin->GPC['limitnumber'] + 1); print_submit_row($vbphrase['next_page'], 0, $colspan); } else { if ($limitfinish < $countusers['users']) { construct_hidden_code('limitstart', $vbulletin->GPC['limitstart'] + $vbulletin->GPC['limitnumber'] + 1); print_submit_row($vbphrase['next_page'], 0, $colspan, $vbphrase['prev_page'], '', true); } else { if ($vbulletin->GPC['limitstart'] > 0 and $limitfinish >= $countusers['users']) { print_submit_row($vbphrase['first_page'], 0, $colspan, $vbphrase['prev_page'], '', true); } else { print_table_footer();
/** * Returns a hidden input field containing the serialized $_POST array * * @return string HTML code containing hidden fields */ function construct_post_vars_html() { global $vbulletin; $vbulletin->input->clean_gpc('p', 'postvars', TYPE_BINARY); if ($vbulletin->GPC['postvars'] != '' and verify_client_string($vbulletin->GPC['postvars']) !== false) { return '<input type="hidden" name="postvars" value="' . htmlspecialchars_uni($vbulletin->GPC['postvars']) . '" />' . "\n"; } else { if ($vbulletin->superglobal_size['_POST'] > 0) { return '<input type="hidden" name="postvars" value="' . htmlspecialchars_uni(sign_client_string(serialize($_POST))) . '" />' . "\n"; } else { return ''; } } }
if (!$count['count']) { print_stop_message('no_threads_matched_your_query'); } print_form_header('thread', 'dothreadsall'); construct_hidden_code('type', $vbulletin->GPC['type']); construct_hidden_code('criteria', sign_client_string(serialize($vbulletin->GPC['thread']))); print_table_header(construct_phrase($vbphrase['x_thread_matches_found'], $count['count'])); if ($vbulletin->GPC['type'] == 'prune') { print_submit_row($vbphrase['prune_all_threads'], ''); } else { construct_hidden_code('destforumid', $vbulletin->GPC['destforumid']); print_submit_row($vbphrase['move_all_threads'], ''); } print_form_header('thread', 'dothreadssel'); construct_hidden_code('type', $vbulletin->GPC['type']); construct_hidden_code('criteria', sign_client_string(serialize($vbulletin->GPC['thread']))); print_table_header(construct_phrase($vbphrase['x_thread_matches_found'], $count['count'])); if ($vbulletin->GPC['type'] == 'prune') { print_submit_row($vbphrase['prune_threads_selectively'], ''); } else { construct_hidden_code('destforumid', $vbulletin->GPC['destforumid']); print_submit_row($vbphrase['move_threads_selectively'], ''); } } // ###################### Start move/prune all matching ####################### if ($_POST['do'] == 'dothreadsall') { $vbulletin->input->clean_array_gpc('p', array('criteria' => TYPE_BINARY, 'destforumid' => TYPE_INT)); $thread = @unserialize(verify_client_string($vbulletin->GPC['criteria'])); if (!is_array($thread) or sizeof($thread) == 0) { print_stop_message('please_complete_required_fields'); }
} $vbulletin->db->show_errors(); print_table_break(); } print_table_header($vbphrase['results'], 3); print_cells_row(array($vbphrase['table'], $vbphrase['action'], $vbphrase['message']), 1); if (!empty($vbulletin->GPC['tablelist']) and ($vbulletin->GPC['optimizetables'] or $vbulletin->GPC['repairtables'])) { foreach ($vbulletin->GPC['tablelist'] as $tablename) { exec_sql_table_check($tablename); } } else { print_description_row($vbphrase['nothing_to_do'], 0, 3); } construct_hidden_code('optimizetables', $vbulletin->GPC['optimizetables']); construct_hidden_code('repairtables', $vbulletin->GPC['repairtables']); construct_hidden_code('tableserial', sign_client_string(serialize($vbulletin->GPC['tablelist']))); print_submit_row($vbphrase['repeat_process'], '', 3); } // ######################### Start table list #################### if ($_REQUEST['do'] == 'list') { print_form_header('repair', 'dorepair', 0, 1, 'cpform'); print_table_header($vbphrase['repair_optimize_tables'], 5); $headings = array(); $headings[] = $vbphrase['table']; $headings[] = $vbphrase['data_length']; $headings[] = $vbphrase['index_length']; $headings[] = $vbphrase['overhead']; $headings[] = "<input type=\"checkbox\" name=\"allbox\" id=\"allbox\" title=\"{$vbphrase['check_all']}\" onclick=\"js_check_all(this.form);\" /><label for=\"allbox\">{$vbphrase['check_all']}</label>"; print_cells_row($headings, 1); $mysqlversion = $db->query_first("SELECT VERSION() AS version"); $tables = $db->query_write("SHOW TABLE STATUS");
/** * Replaces all those none safe characters so we dont waste space in array cookie values with URL entities * * @param string Cookie array * @param string Direction ('get' or 'set') * * @return array */ function convert_bbarray_cookie($cookie, $dir = 'get') { if ($dir == 'set') { $cookie = str_replace(array('"', ':', ';'), array('.', '-', '_'), $cookie); // prefix cookie with 32 character hash $cookie = sign_client_string($cookie); } else { if (($cookie = verify_client_string($cookie)) !== false) { $cookie = str_replace(array('.', '-', '_'), array('"', ':', ';'), $cookie); } else { $cookie = ''; } } return $cookie; }
} $_REQUEST['do'] = 'donext'; } else { define('CP_REDIRECT', 'email.php?' . $vbulletin->session->vars['sessionurl']); print_stop_message('emails_sent_successfully'); } } } } // *************************** Link to next page of emails to send ********************** if ($_REQUEST['do'] == 'donext') { $vbulletin->GPC['startat'] += $vbulletin->GPC['perpage']; print_form_header('email', 'dosendmail', false, true, 'cpform_dosendmail'); construct_hidden_code('test', $vbulletin->GPC['test']); construct_hidden_code('serializeduser', sign_client_string(serialize($vbulletin->GPC['user']))); construct_hidden_code('serializedprofile', sign_client_string(serialize($vbulletin->GPC['profile']))); construct_hidden_code('from', $vbulletin->GPC['from']); construct_hidden_code('subject', $vbulletin->GPC['subject']); construct_hidden_code('message', $vbulletin->GPC['message']); construct_hidden_code('startat', $vbulletin->GPC['startat']); construct_hidden_code('perpage', $vbulletin->GPC['perpage']); print_submit_row($vbphrase['next_page'], 0); ?> <script type="text/javascript"> <!-- if (document.cpform_dosendmail) { function send_submit() { var submits = YAHOO.util.Dom.getElementsBy( function(element) { return (element.type == "submit") },
} $vbulletin->url = 'subscription.php?' . $vbulletin->session->vars['sessionurl'] . 'do=viewsubscription&folderid=' . $vbulletin->GPC['folderid']; eval(print_standard_redirect('redirect_subupdate')); break; // ************************* // Move to new Folder // ************************* // Move to new Folder case 'move': $ids = array(); foreach ($deletebox as $id) { $id = intval($id); $ids["{$id}"] = $id; } $numthreads = sizeof($ids); $ids = sign_client_string(serialize($ids)); unset($id, $deletebox); require_once DIR . '/includes/functions_misc.php'; if ($vbulletin->GPC['folderid'] === 'all') { $exclusions = false; } else { $exclusions = array($vbulletin->GPC['folderid'], -1); } $folderoptions = construct_folder_jump(1, 0, $exclusions); ($hook = vBulletinHook::fetch_hook('usersub_manage_move')) ? eval($hook) : false; if ($folderoptions) { if ($vbulletin->GPC['folderid'] === 'all') { $fromfolder = $vbphrase['all']; } else { $folders = unserialize($vbulletin->userinfo['subfolders']); $fromfolder = $folders["{$vbulletin->GPC['folderid']}"];
/** * Returns a hidden input field containing the serialized $_POST array * * @return string HTML code containing hidden fields */ function construct_post_vars_html() { global $vbulletin; $vbulletin->input->clean_gpc('p', 'postvars', vB_Cleaner::TYPE_BINARY); if ($vbulletin->GPC['postvars'] != '' and verify_client_string($vbulletin->GPC['postvars']) !== false) { return '<input type="hidden" name="postvars" value="' . htmlspecialchars_uni($vbulletin->GPC['postvars']) . '" />' . "\n"; } else { if (sizeof($_POST) > 0) { $string = json_encode($_POST); return '<input type="hidden" name="postvars" value="' . htmlspecialchars_uni(sign_client_string($string)) . '" />' . "\n"; } else { return ''; } } }
break; // ************************* // Move to new Folder case 'move': $ids = array(); foreach ($deletebox AS $id) { $id = intval($id); $ids["$id"] = $id; } $numthreads = sizeof($ids); $ids = sign_client_string(implode(',', $ids)); unset($id, $deletebox); require_once(DIR . '/includes/functions_misc.php'); if ($vbulletin->GPC['folderid'] === 'all') { $exclusions = false; } else { $exclusions = array($vbulletin->GPC['folderid'], -1); } $folderoptions = construct_folder_jump(1, 0, $exclusions);
} print_submit_row($vbphrase['delete_selected_groups']); } else { print_cp_message($vbphrase['no_groups_found']); } } // ####################################################################### if ($_POST['do'] == 'delete') { $vbulletin->input->clean_array_gpc('p', array('ids' => TYPE_ARRAY_KEYS_INT)); if (empty($vbulletin->GPC['ids'])) { print_cp_message($vbphrase['you_did_not_select_any_groups']); } print_form_header('socialgroups', 'kill'); print_table_header($vbphrase['confirm_deletion']); print_description_row(construct_phrase($vbphrase['are_you_sure_you_want_to_delete_x_groups'], sizeof($vbulletin->GPC['ids'])), false, 2, '', 'center'); construct_hidden_code('ids', sign_client_string(serialize($vbulletin->GPC['ids']))); print_submit_row($vbphrase['yes'], 0, 2, $vbphrase['no']); } // ####################################################################### if ($_POST['do'] == 'kill') { $vbulletin->input->clean_array_gpc('p', array('ids' => TYPE_NOCLEAN)); $ids = @unserialize(verify_client_string($vbulletin->GPC['ids'])); if (is_array($ids) and !empty($ids)) { print_form_header('socialgroups', ''); print_table_header($vbphrase['deleting_groups']); $groups = $vbulletin->db->query_read("\n\t\t\tSELECT * FROM " . TABLE_PREFIX . "socialgroup\n\t\t\tWHERE groupid IN (" . implode(',', $ids) . ")\n\t\t"); if ($vbulletin->db->num_rows($groups) == 0) { print_description_row($vbphrase['no_groups_found']); } while ($group = $vbulletin->db->fetch_array($groups)) { $socialgroupdm = datamanager_init('SocialGroup', $vbulletin);
function do_login_redirect() { global $vbulletin, $vbphrase; $vbulletin->input->fetch_basepath(); //the clauses //url $vbulletin->url == 'login.php' and $vbulletin->url == $vbulletin->options['forumhome'] . '.php' //will never be true -- $vbulletin->url contains the full url path. //The second shouldn't be needed, the else clause seems to handle this just fine. //the first we'll change to match a partial url. if (preg_match('#login.php(?:\\?|$)#', $vbulletin->url) or strpos($vbulletin->url, 'do=logout') !== false or !$vbulletin->options['allowmultiregs'] and strpos($vbulletin->url, $vbulletin->basepath . 'register.php') === 0) { $vbulletin->url = fetch_seo_url('forumhome', array()); } else { $vbulletin->url = fetch_replaced_session_url($vbulletin->url); $vbulletin->url = preg_replace('#^/+#', '/', $vbulletin->url); // bug 3654 don't ask why } $temp = strpos($vbulletin->url, '?'); if ($temp) { $formfile = substr($vbulletin->url, 0, $temp); } else { $formfile =& $vbulletin->url; } $postvars = $vbulletin->GPC['postvars']; ($hook = vBulletinHook::fetch_hook('login_redirect')) ? eval($hook) : false; if (!VB_API) { // recache the global group to get the stuff from the new language $globalgroup = $vbulletin->db->query_first_slave("\n\t\t\tSELECT phrasegroup_global, languagecode, charset\n\t\t\tFROM " . TABLE_PREFIX . "language\n\t\t\tWHERE languageid = " . intval($vbulletin->userinfo['languageid'] ? $vbulletin->userinfo['languageid'] : $vbulletin->options['languageid'])); if ($globalgroup) { $vbphrase = array_merge($vbphrase, unserialize($globalgroup['phrasegroup_global'])); if (vB_Template_Runtime::fetchStyleVar('charset') != $globalgroup['charset']) { // change the character set in a bunch of places - a total hack global $headinclude; $headinclude = str_replace("content=\"text/html; charset=" . vB_Template_Runtime::fetchStyleVar('charset') . "\"", "content=\"text/html; charset={$globalgroup['charset']}\"", $headinclude); vB_Template_Runtime::addStyleVar('charset', $globalgroup['charset'], 'imgdir'); $vbulletin->userinfo['lang_charset'] = $globalgroup['charset']; exec_headers(); } if ($vbulletin->GPC['postvars']) { $postvars = @unserialize(verify_client_string($vbulletin->GPC['postvars'])); $postvars['login_redirect'] = true; if ($postvars['securitytoken'] == 'guest') { $vbulletin->userinfo['securitytoken_raw'] = sha1($vbulletin->userinfo['userid'] . sha1($vbulletin->userinfo['salt']) . sha1(COOKIE_SALT)); $vbulletin->userinfo['securitytoken'] = TIMENOW . '-' . sha1(TIMENOW . $vbulletin->userinfo['securitytoken_raw']); $postvars['securitytoken'] = $vbulletin->userinfo['securitytoken']; } $vbulletin->GPC['postvars'] = sign_client_string(serialize($postvars)); } vB_Template_Runtime::addStyleVar('languagecode', $globalgroup['languagecode']); } } print_standard_redirect(array('redirect_login', $vbulletin->userinfo['username']), true, true, $vbulletin->userinfo['languageid']); }
function do_login_redirect() { global $vbulletin, $vbphrase; $vbulletin->input->fetch_basepath(); //the clauses //url $vbulletin->url == 'login.php' and $vbulletin->url == $vbulletin->options['forumhome'] . '.php' //will never be true -- $vbulletin->url contains the full url path. //The second shouldn't be needed, the else clause seems to handle this just fine. //the first we'll change to match a partial url. if (preg_match('#login.php(?:\\?|$)#', $vbulletin->url) or strpos($vbulletin->url, 'do=logout') !== false or !$vbulletin->options['allowmultiregs'] and strpos($vbulletin->url, $vbulletin->basepath . 'register.php') === 0) { $forumHome = vB_Library::instance('content_channel')->getForumHomeChannel(); $vbulletin->url = vB5_Route::buildUrl($forumHome['routeid'] . '|fullurl'); } else { $vbulletin->url = fetch_replaced_session_url($vbulletin->url); $vbulletin->url = preg_replace('#^/+#', '/', $vbulletin->url); // bug 3654 don't ask why } $temp = strpos($vbulletin->url, '?'); if ($temp) { $formfile = substr($vbulletin->url, 0, $temp); } else { $formfile =& $vbulletin->url; } $postvars = $vbulletin->GPC['postvars']; // Legacy Hook 'login_redirect' Removed // if (!VB_API) { // recache the global group to get the stuff from the new language $globalgroup = $vbulletin->db->query_first_slave("\n\t\t\tSELECT phrasegroup_global, languagecode, charset\n\t\t\tFROM " . TABLE_PREFIX . "language\n\t\t\tWHERE languageid = " . intval($vbulletin->userinfo['languageid'] ? $vbulletin->userinfo['languageid'] : $vbulletin->options['languageid'])); if ($globalgroup) { $vbphrase = array_merge($vbphrase, unserialize($globalgroup['phrasegroup_global'])); if (vB_Template_Runtime::fetchStyleVar('charset') != $globalgroup['charset']) { // change the character set in a bunch of places - a total hack global $headinclude; $headinclude = str_replace("content=\"text/html; charset=" . vB_Template_Runtime::fetchStyleVar('charset') . "\"", "content=\"text/html; charset={$globalgroup['charset']}\"", $headinclude); vB_Template_Runtime::addStyleVar('charset', $globalgroup['charset'], 'imgdir'); $vbulletin->userinfo['lang_charset'] = $globalgroup['charset']; exec_headers(); } if ($vbulletin->GPC['postvars']) { $postvars = array(); $client_string = verify_client_string($vbulletin->GPC['postvars']); if ($client_string) { $postvars = @json_decode($client_string, true); } if ($postvars['securitytoken'] == 'guest') { $vbulletin->userinfo['securitytoken_raw'] = sha1($vbulletin->userinfo['userid'] . sha1($vbulletin->userinfo['secret']) . sha1(vB_Request_Web::$COOKIE_SALT)); $vbulletin->userinfo['securitytoken'] = TIMENOW . '-' . sha1(TIMENOW . $vbulletin->userinfo['securitytoken_raw']); $postvars['securitytoken'] = $vbulletin->userinfo['securitytoken']; $vbulletin->GPC['postvars'] = sign_client_string(json_encode($postvars)); } } vB_Template_Runtime::addStyleVar('languagecode', $globalgroup['languagecode']); } } if ($vbulletin->GPC['logintype'] === 'cplogin' or $vbulletin->GPC['logintype'] === 'modcplogin') { require_once DIR . '/includes/adminfunctions.php'; print_cp_redirect($vbulletin->url); } else { eval(print_standard_redirect('redirect_login_gfrontredirect', true, true, $vbulletin->userinfo['languageid'])); } }