} else { $voteselected[0] = 'selected="selected"'; $votechecked[0] = 'checked="checked"'; } } // ********************************************************************************* // set page number if ($vbulletin->GPC['pagenumber'] < 1) { $vbulletin->GPC['pagenumber'] = 1; } else { if ($vbulletin->GPC['pagenumber'] > ceil(($thread['replycount'] + 1) / $perpage)) { $vbulletin->GPC['pagenumber'] = ceil(($thread['replycount'] + 1) / $perpage); } } // verify that we are at the canonical SEO url and redirect to this if not verify_seo_url('thread|js', $threadinfo, array('pagenumber' => $vbulletin->GPC['pagenumber'])); // ********************************************************************************* // update views counter, moved after seo re-direct. if ($vbulletin->options['threadviewslive']) { // doing it as they happen; for optimization purposes, this cannot use a DM! $db->shutdown_query("\n\t\tUPDATE " . TABLE_PREFIX . "thread\n\t\tSET views = views + 1\n\t\tWHERE threadid = " . intval($threadinfo['threadid'])); } else { // or doing it once an hour $db->shutdown_query("\n\t\tINSERT INTO " . TABLE_PREFIX . "threadviews (threadid)\n\t\tVALUES (" . intval($threadinfo['threadid']) . ')'); } // ********************************************************************************* // initialise some stuff... $limitlower = ($vbulletin->GPC['pagenumber'] - 1) * $perpage; $limitupper = $vbulletin->GPC['pagenumber'] * $perpage; $counter = 0; if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
{ print_no_permission(); } // disable thread preview if we can't view threads if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { $vbulletin->options['threadpreview'] = 0; } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); // verify that we are at the canonical SEO url // and redirect to this if not verify_seo_url('forum', $foruminfo, array('pagenumber' => $_REQUEST['pagenumber'])); // get vbulletin->iforumcache - for use by makeforumjump and forums list // fetch the forum even if they are invisible since its needed // for the title but we'll unset that further down // also fetch subscription info for $show['subscribed'] variable cache_ordered_forums(1, 1, $vbulletin->userinfo['userid']); $show['newthreadlink'] = iif(!$show['search_engine'] AND $foruminfo['allowposting'], true, false); $show['threadicons'] = iif ($foruminfo['allowicons'], true, false); $show['threadratings'] = iif ($foruminfo['allowratings'], true, false); $show['subscribed_to_forum'] = ($vbulletin->forumcache["$foruminfo[forumid]"]['subscribeforumid'] != '' ? true : false); if (!$daysprune) { if ($vbulletin->userinfo['daysprune'])
} $templater->register('vbulletin', $vbulletin); $content = $templater->render(); } // ####################################################################### if ($_REQUEST['do'] == 'list') { $vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT, 'month' => TYPE_UINT, 'year' => TYPE_UINT, 'day' => TYPE_UINT, 'blogtype' => TYPE_NOHTML, 'commenttype' => TYPE_NOHTML, 'type' => TYPE_STR, 'blogcategoryid' => TYPE_INT, 'userid' => TYPE_UINT, 'username' => TYPE_NOHTML, 'tag' => TYPE_NOHTML, 'span' => TYPE_UINT, 'featured' => TYPE_STR)); require_once DIR . '/includes/class_bbcode_blog.php'; if ($vbulletin->GPC['username']) { $user = $db->query_first_slave("SELECT userid FROM " . TABLE_PREFIX . "user WHERE username = '******'username']) . "'"); $vbulletin->GPC['userid'] = $user['userid']; } if ($vbulletin->GPC['userid']) { $userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1, 10); $show['entry_userinfo'] = false; verify_seo_url('blog', $userinfo, array('pagenumber' => $_REQUEST['pagenumber']), 'userid', 'username'); if ($vbulletin->userinfo['userid'] != $userinfo['userid'] and empty($userinfo['bloguserid'])) { standard_error(fetch_error('blog_noblog', $userinfo['username'])); } if (!$userinfo['canviewmyblog']) { print_no_permission(); } if (in_coventry($userinfo['userid']) and !can_moderate_blog()) { standard_error(fetch_error('invalidid', $vbphrase['blog'], $vbulletin->options['contactuslink'])); } if ($vbulletin->userinfo['userid'] == $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])) { print_no_permission(); } if ($vbulletin->userinfo['userid'] != $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) { // Can't view other's entries so off you go to your own blog. $bloginfo = array('userid' => $vbulletin->userinfo['userid'], 'title' => $vbulletin->userinfo['blog_title'] ? $vbulletin->userinfo['blog_title'] : $vbulletin->userinfo['username']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) OR !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { print_no_permission(); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) AND ($thread['postuserid'] != $vbulletin->userinfo['userid'] OR $vbulletin->userinfo['userid'] == 0)) { print_no_permission(); } // ********************************************************************************* // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); // verify that we are at the canonical SEO url // and redirect to this if not verify_seo_url('thread|js', $threadinfo, array('pagenumber' => $_REQUEST['pagenumber'])); // ********************************************************************************* // jump page if thread is actually a redirect if ($thread['open'] == 10) { $destthreadinfo = fetch_threadinfo($threadinfo['pollid']); exec_header_redirect(fetch_seo_url('thread|js', $destthreadinfo, $pageinfo)); } // ********************************************************************************* // get ignored users $ignore = array(); if (trim($vbulletin->userinfo['ignorelist'])) { $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
} } } } if (!$vbulletin->GPC['userid']) { eval(standard_error(fetch_error('unregistereduser'))); } $fetch_userinfo_options = FETCH_USERINFO_AVATAR | FETCH_USERINFO_LOCATION | FETCH_USERINFO_PROFILEPIC | FETCH_USERINFO_SIGPIC | FETCH_USERINFO_USERCSS | FETCH_USERINFO_ISFRIEND; ($hook = vBulletinHook::fetch_hook('member_start_fetch_user')) ? eval($hook) : false; $userinfo = verify_id('user', $vbulletin->GPC['userid'], true, true, $fetch_userinfo_options); if ($userinfo['usergroupid'] == 4 and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) { print_no_permission(); } // verify that we are at the canonical SEO url // and redirect to this if not verify_seo_url('member|js', $userinfo); /* Swap the show user css option before loading the profile. */ if ($_REQUEST['do'] == 'swapcss') { if (verify_security_token($vbulletin->GPC['token'], $vbulletin->userinfo['securitytoken_raw'])) { if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_profile_styling']) { $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD); $userdata->set_existing($vbulletin->userinfo); $userdata->set_bitfield('options', 'showusercss', $vbulletin->userinfo['options'] & $vbulletin->bf_misc_useroptions['showusercss'] ? 0 : 1); $userdata->save(); $vbulletin->url = fetch_seo_url('member', $userinfo); print_standard_redirect('redirect_usercss_toggled'); } } else { // Invalid token.
/** * Reads some context based on general input information */ public function read_input_context() { global $vbulletin; parent::read_input_context(); global $postinfo, $threadinfo, $foruminfo, $pollinfo; global $postid, $threadid, $forumid, $pollid; $vbulletin->input->clean_array_gpc('r', array('postid' => TYPE_UINT, 'threadid' => TYPE_UINT, 'forumid' => TYPE_INT, 'pollid' => TYPE_UINT)); $codestyleid = 0; // Init post/thread/forum values $postinfo = array(); $threadinfo = array(); $foruminfo = array(); // automatically query $postinfo, $threadinfo & $foruminfo if $threadid exists if ($vbulletin->GPC['postid'] and $postinfo = verify_id('post', $vbulletin->GPC['postid'], 0, 1)) { $postid = $postinfo['postid']; $vbulletin->GPC['threadid'] = $postinfo['threadid']; } // automatically query $threadinfo & $foruminfo if $threadid exists if ($vbulletin->GPC['threadid'] and $threadinfo = verify_id('thread', $vbulletin->GPC['threadid'], 0, 1)) { $threadid = $threadinfo['threadid']; $vbulletin->GPC['forumid'] = $forumid = $threadinfo['forumid']; if ($forumid) { $foruminfo = fetch_foruminfo($threadinfo['forumid']); if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) { $codestyleid = $foruminfo['styleid']; } } if ($vbulletin->GPC['pollid']) { $pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1); $pollid = $pollinfo['pollid']; } } else { if ($vbulletin->GPC['forumid']) { $foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 0, 1); $forumid = $foruminfo['forumid']; if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) { $codestyleid = $foruminfo['styleid']; } } else { if ($vbulletin->GPC['pollid'] and THIS_SCRIPT == 'poll') { $pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1); $pollid = $pollinfo['pollid']; $threadinfo = fetch_threadinfo($pollinfo['threadid']); $threadid = $threadinfo['threadid']; $foruminfo = fetch_foruminfo($threadinfo['forumid']); $forumid = $foruminfo['forumid']; if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) { $codestyleid = $foruminfo['styleid']; } } } } // ############################################################################# // Redirect if this forum has a link // check if this forum is a link to an outside site if (!empty($foruminfo['link']) and trim($foruminfo['link']) != '' and (THIS_SCRIPT != 'subscription' or $_REQUEST['do'] != 'removesubscription')) { // get permission to view forum $_permsgetter_ = 'forumdisplay'; $forumperms = fetch_permissions($foruminfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) { print_no_permission(); } // add session hash to local links if necessary if (preg_match('#^([a-z0-9_]+\\.php)(\\?.*$)?#i', $foruminfo['link'], $match)) { if ($match[2]) { // we have a ?xyz part, put session url at beginning if necessary $query_string = preg_replace('/([^a-z0-9])(s|sessionhash)=[a-z0-9]{32}(&|&)?/', '\\1', $match[2]); $foruminfo['link'] = $match[1] . '?' . $vbulletin->session->vars['sessionurl_js'] . substr($query_string, 1); } else { $foruminfo['link'] .= $vbulletin->session->vars['sessionurl_q']; } } verify_seo_url('forum', $foruminfo, array('pagenumber' => $_REQUEST['pagenumber'])); exec_header_redirect($foruminfo['link'], 301); } $this->force_styleid = $codestyleid; }