/** * Parses the post for BB code. */ function parse_bbcode() { if ($this->post['announcementoptions'] & $this->registry->bf_misc_announcementoptions['allowbbcode'] and $this->post['announcementoptions'] & $this->registry->bf_misc_announcementoptions['parseurl']) { require_once DIR . '/includes/functions_newpost.php'; $this->post['pagetext'] = convert_url_to_bbcode($this->post['pagetext']); } $this->post['message'] = $this->bbcode_parser->parse($this->post['pagetext'], 'announcement', $this->post['announcementoptions'] & $this->registry->bf_misc_announcementoptions['allowsmilies']); }
// process the remaining list of items to be inserted foreach ($items as $uniquehash => $item) { $feed =& $feeds["{$item['rssfeedid']}"]; $feed['rssoptions'] = intval($feed['rssoptions']); if ($feed['rssoptions'] & $vbulletin->bf_misc_feedoptions['html2bbcode']) { $body_template = nl2br($feed['bodytemplate']); } else { $body_template = $feed['bodytemplate']; } $pagetext = $feed['xml']->parse_template($body_template, $item); if ($feed['rssoptions'] & $vbulletin->bf_misc_feedoptions['html2bbcode']) { $pagetext = $html_parser->parse_wysiwyg_html_to_bbcode($pagetext, false, true); // disable for announcements $feed['rssoptions'] = $feed['rssoptions'] & ~$vbulletin->bf_misc_feedoptions['allowhtml']; } $pagetext = convert_url_to_bbcode($pagetext); // insert the forumid of this item into an array for the update_forum_counters() function later $update_forumids["{$feed['forumid']}"] = true; switch ($feed['itemtype']) { // insert item as announcement case 'announcement': // init announcement datamanager $itemdata =& datamanager_init('Announcement', $vbulletin, $error_type); $itemdata->set_info('forum', fetch_foruminfo($feed['forumid'])); $itemdata->set_info('user', $feed); $itemdata->set('userid', $feed['userid']); $itemdata->set('forumid', $feed['forumid']); $itemdata->set('title', strip_bbcode($html_parser->parse_wysiwyg_html_to_bbcode($feed['xml']->parse_template($feed['titletemplate'], $item)))); $itemdata->set('pagetext', $pagetext); $itemdata->set('startdate', TIMENOW); $itemdata->set('enddate', TIMENOW + 86400 * ($feed['endannouncement'] > 0 ? $feed['endannouncement'] : 7) - 1);
} if (!can_moderate($threadinfo['forumid'], 'caneditpoll') and $vbulletin->options['addpolltimeout'] and TIMENOW - $vbulletin->options['addpolltimeout'] * 60 > $threadinfo['dateline']) { eval(standard_error(fetch_error('polltimeout', $vbulletin->options['addpolltimeout']))); } if (!$threadinfo['open']) { eval(standard_error(fetch_error('threadclosed'))); } if ($vbulletin->options['maxpolloptions'] > 0 and $polloptions > $vbulletin->options['maxpolloptions']) { $polloptions = $vbulletin->options['maxpolloptions']; } if ($vbulletin->GPC['parseurl'] and $foruminfo['allowbbcode']) { require_once DIR . '/includes/functions_newpost.php'; $counter = 0; while ($counter++ < $polloptions) { // 0..Pollnum-1 we want, as arrays start with 0 $vbulletin->GPC['options']["{$counter}"] = convert_url_to_bbcode($vbulletin->GPC['options']["{$counter}"]); } } // check question and if 2 options or more were given $counter = 0; $optioncount = 0; $badoption = ''; while ($counter++ < $polloptions) { // 0..Pollnum-1 we want, as arrays start with 0 if ($vbulletin->options['maxpolllength'] and vbstrlen($vbulletin->GPC['options']["{$counter}"]) > $vbulletin->options['maxpolllength']) { $badoption .= iif($badoption, ', ') . $counter; } if (!empty($vbulletin->GPC['options']["{$counter}"])) { $optioncount++; } }
/** * Verifies and saves a signature for current logged in user. Returns the signature. * @param string $signature * @param array $filedataids * @return string */ public function saveSignature($signature, $filedataids = array()) { // This code is based on profile.php $options = vB::getDatastore()->getValue('options'); // *********************** CHECKS ********************** // ***************************************************** $userid = vB::getCurrentSession()->get('userid'); $userid = intval($userid); if ($userid <= 0) { throw new vB_Exception_Api('no_permission_logged_out'); } $userContext = vB::getUserContext($userid); if (!$userContext->hasPermission('genericpermissions', 'canusesignature') or !$userContext->hasPermission('genericpermissions', 'canmodifyprofile')) { throw new vB_Exception_Api('no_permission_signatures'); } if (!empty($filedataids)) { if (!$userContext->hasPermission('signaturepermissions', 'cansigpic')) { throw new vB_Exception_Api('no_permission_images'); } // Max number of images in the sig if imgs are allowed. if ($maxImages = $userContext->getLimit('sigmaximages')) { if (count($filedataids) > $maxImages) { throw new vB_Exception_Api('max_attachments_reached'); } } } // Count the raw characters in the signature if ($maxRawChars = $userContext->getLimit('sigmaxrawchars') and vB_String::vbStrlen($signature) > $maxRawChars) { throw new vB_Exception_Api('sigtoolong_includingbbcode', array($maxRawChars)); } // ***************************************************** //Convert signature to BBcode $bbcodeAPI = vB_Api::instanceInternal('bbcode'); $signature = $bbcodeAPI->parseWysiwygHtmlToBbcode($signature); //removing consecutive spaces $signature = preg_replace('# +#', ' ', $signature); $hasBbcode = $bbcodeAPI->hasBbcode($signature); if ($hasBbcode and !$userContext->hasPermission('signaturepermissions', 'canbbcode')) { throw new vB_Exception_Api('bbcode_not_allowed'); } // add # to color tags using hex if it's not there $signature = preg_replace('#\\[color=("|"|\'|)([a-f0-9]{6})\\1]#i', '[color=\\1#\\2\\1]', $signature); // Turn the text into bb code. if ($userContext->hasPermission('signaturepermissions', 'canbbcodelink')) { // Get the files we need require_once DIR . '/includes/functions_newpost.php'; $signature = convert_url_to_bbcode($signature); } // Create the parser with the users sig permissions require_once DIR . '/includes/class_sigparser.php'; $sig_parser = new vB_SignatureParser(vB::get_registry(), $bbcodeAPI->fetchTagList(), $userid); // Parse the signature $paresed = $sig_parser->parse($signature); if ($error_num = count($sig_parser->errors)) { $e = new vB_Exception_Api(); foreach ($sig_parser->errors as $tag => $error_phrase) { if (is_array($error_phrase)) { $phrase_name = key($error_phrase); $params = $error_phrase[$phrase_name]; $e->add_error($phrase_name, $params); } else { $e->add_error($error_phrase, array($tag)); } } throw $e; } unset($sig_parser); // Count the characters after stripping in the signature if ($maxChars = $userContext->getLimit('sigmaxchars') and vB_String::vbStrlen(vB_String::stripBbcode($signature, false, false, false)) > $maxChars) { throw new vB_Exception_Api('sigtoolong_excludingbbcode', array($maxChars)); } if (($maxLines = $userContext->getLimit('sigmaxlines')) > 0) { require_once DIR . '/includes/class_sigparser_char.php'; $char_counter = new vB_SignatureParser_CharCount(vB::get_registry(), $bbcodeAPI->fetchTagList(), $userid); $line_count_text = $char_counter->parse(trim($signature)); if ($options['softlinebreakchars'] > 0) { // implicitly wrap after X characters without a break //trim it to get rid of the trailing whitechars that are inserted by the replace $line_count_text = trim(preg_replace('#([^\\r\\n]{' . $options['softlinebreakchars'] . '})#', "\\1\n", $line_count_text)); } // + 1, since 0 linebreaks still means 1 line $line_count = substr_count($line_count_text, "\n") + 1; if ($line_count > $maxLines) { throw new vB_Exception_Api('sigtoomanylines', array($maxLines)); } } // ***************************************************** // Censored Words $signature = vB_String::fetchCensoredText($signature); // init user data manager $userinfo = vB_User::fetchUserInfo($userid); $userdata = new vB_Datamanager_User(vB_DataManager_Constants::ERRTYPE_STANDARD); $userdata->set_existing($userinfo); $userdata->set('signature', $signature); // Legacy Hook 'profile_updatesignature_complete' Removed // // Decresing the refcount for the images that were previously used in the signature if (!empty($userinfo['signature'])) { preg_match_all('#\\[ATTACH\\=CONFIG\\]n(\\d+)\\[/ATTACH\\]#si', $userinfo['signature'], $matches); if (!empty($matches[1])) { $attachmentids = implode(", ", $matches[1]); vB::getDbAssertor()->assertQuery('decrementFiledataRefcount', array('filedataid' => $attachmentids)); vB::getDbAssertor()->assertQuery('filedata', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE, vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'filedataid', 'value' => $attachmentids, 'operator' => vB_dB_Query::OPERATOR_EQ), array('field' => 'refcount', 'value' => 0, 'operator' => vB_dB_Query::OPERATOR_EQ)), 'publicview' => 0)); } } $userdata->save(); // I did not put this in the userdm as it only applies to saveSiganture // Clear autosave table of this items entry vB::getDbAssertor()->delete('vBForum:autosavetext', array('userid' => $userid, 'nodeid' => 0, 'parentid' => 0)); // update userinfo $this->library->clearUserInfo(array($userid)); return $bbcodeAPI->parseSignature($userid, $signature, true); }
public function fetch_shouts($limit = 20, $userid = 0) { if ($userid < 1) { $query = $this->vbulletin->db->query("\n SELECT * FROM " . TABLE_PREFIX . "jb_firebolt_shout\n WHERE pmto = '0' OR pmto = '" . intval($this->vbulletin->userinfo['userid']) . "' OR userid = '" . $this->vbulletin->userinfo['userid'] . "'\n ORDER BY id DESC LIMIT 0," . intval($limit)); } else { $query = $this->vbulletin->db->query("\n SELECT * FROM " . TABLE_PREFIX . "jb_firebolt_shout\n WHERE\n ( userid = '" . intval($userid) . "' && pmto = '" . intval($this->vbulletin->userinfo['userid']) . "' )\n OR\n ( userid = '" . intval($this->vbulletin->userinfo['userid']) . "' && pmto = '" . intval($userid) . "' )\n ORDER BY id DESC LIMIT 0," . intval($limit)); } $output = ''; if ($this->usersettings['banned']) { $notice = 'You are currently banned from the shoutbox.'; } else { $notice = $this->vbulletin->options['jb_firebolt_notice']; } if (trim($notice) != null) { $bbcode_parser = new vB_BbCodeParser($this->vbulletin, fetch_tag_list()); if (!function_exists('convert_url_to_bbcode')) { require_once DIR . '/includes/functions_newpost.php'; } $notice = convert_url_to_bbcode($notice); $notice = $bbcode_parser->parse_bbcode($notice, true, false, false); $output .= "<b>Notice:</b> " . $notice . "<br />"; } if (!$this->usersettings['banned']) { while ($shout = $this->vbulletin->db->fetch_array($query)) { $bbcode_parser = new vB_BbCodeParser($this->vbulletin, fetch_tag_list()); if (!function_exists('convert_url_to_bbcode')) { require_once DIR . '/includes/functions_newpost.php'; } $sdate = vbdate($this->vbulletin->options['dateformat'], $shout['shouttime']); $stime = vbdate($this->vbulletin->options['timeformat'], $shout['shouttime']); $message = $shout['shout']; $message = convert_url_to_bbcode($message); $message = $bbcode_parser->parse_bbcode($message, true, false, false); if (trim($message) == null) { $this->vbulletin->db->query("\n DELETE FROM " . TABLE_PREFIX . "jb_firebolt_shout\n WHERE id = '" . intval($shout['id']) . "'\n "); continue; } $user = fetch_userinfo($shout['userid']); if (!$this->vbulletin->options['jb_firebolt_new_shout_layout']) { $message = $this->stylize($message, $user['userid']); } if ($this->vbulletin->options['jb_firebolt_new_shout_layout']) { $username = $user['username']; $templater = vB_Template::create('jb_firebolt_shout_modern'); $templater->register('user', $user); } else { $username = fetch_musername($user); $templater = vB_Template::create('jb_firebolt_shout'); } $templater->register('sdate', $sdate); $templater->register('stime', $stime); $templater->register('username', $username); $templater->register('message', $message); $output .= $templater->render(); } } return $output; }
} } } if ($upload == true) { if (!strstr("|" . str_replace(" ", "|", $dl->ext) . "|", $ext)) { $errors['message'] .= '<center>' . $vbphrase['ecdownloads_invalid_extension'] . ': ' . $dl->ext . '</center><br />'; } } if (!isset($errors)) { $_POST['desc'] = $_POST['message']; if ($_POST['wysiwyg'] == 1) { $_POST['desc'] = convert_wysiwyg_html_to_bbcode($_POST['message'], 0); } else { $_POST['desc'] =& $_POST['message']; } $_POST['desc'] = convert_url_to_bbcode($_POST['desc']); if ($upload) { $newfilename = TIMENOW % 100000 . '-' . $_FILES['upload']['name']; if (move_uploaded_file($_FILES['upload']['tmp_name'], $dl->url . $newfilename)) { chmod($dl->url . $newfilename, 0666); $size = @filesize($dl->url . $newfilename); } else { $errors['message'] .= '<center><span style="color: red;">The upload failed! Upload error.</span></center><br />'; } } else { if ($link) { $newfilename = $_POST['link']; if ($_POST['size'] == '') { $size = @filesize($newfilename); } else { if (is_numeric($_POST['size'])) {
if ($vbulletin->options['maxpolllength'] and vbstrlen($vbulletin->GPC['options']["{$counter}"]) > $vbulletin->options['maxpolllength']) { $badoption .= $badoption ? $vbphrase['comma_space'] . $counter : $counter; } if ($vbulletin->options['maximages'] or $vbulletin->options['maxvideos']) { $maximgtest .= $vbulletin->GPC['options']["{$counter}"]; } } if ($badoption) { eval(standard_error(fetch_error('polloptionlength', $vbulletin->options['maxpolllength'], $badoption))); } $optioncount = 0; require_once DIR . '/includes/functions_newpost.php'; foreach ($vbulletin->GPC['options'] as $counter => $optionvalue) { if ($optionvalue != '') { if ($vbulletin->GPC['parseurl'] and $foruminfo['allowbbcode']) { $optionvalue = convert_url_to_bbcode($optionvalue); } $poll->set_option($optionvalue, $counter - 1, intval($vbulletin->GPC['pollvotes']["{$counter}"])); $optioncount++; } else { $poll->set_option('', $counter - 1); } } if ($vbulletin->GPC['pollquestion'] == '' or $optioncount < 2) { eval(standard_error(fetch_error('noquestionoption'))); } if (TIMENOW + $vbulletin->GPC['timeout'] * 86400 >= 2147483647) { // maximuim size of a 32 bit integer eval(standard_error(fetch_error('maxpolltimeout'))); } // check max images|videos
/** * Basic options to perform on all pagetext type fields * * @param string Page text * * @param bool Whether the text is valid * @param bool Whether to run the case stripper */ function verify_pagetext(&$pagetext, $noshouting = true) { require_once DIR . '/includes/functions_newpost.php'; $pagetext = preg_replace('/&#(0*32|x0*20);/', ' ', $pagetext); $pagetext = trim($pagetext); // remove empty bbcodes //$pagetext = $this->strip_empty_bbcode($pagetext); // add # to color tags using hex if it's not there $pagetext = preg_replace('#\\[color=("|"|\'|)([a-f0-9]{6})\\1]#i', '[color=\\1#\\2\\1]', $pagetext); // strip alignment codes that are closed and then immediately reopened $pagetext = preg_replace('#\\[/(left|center|right)\\]([\\r\\n]*)\\[\\1\\]#i', '\\2', $pagetext); // remove [/list=x remnants if (stristr($pagetext, '[/list=') != false) { $pagetext = preg_replace('#\\[/list=[a-z0-9]+\\]#siU', '[/list]', $pagetext); } // remove extra whitespace between [list] and first element // -- unnecessary now, bbcode parser handles leading spaces after a list tag //$pagetext = preg_replace('#(\[list(=("|"|\'|)([^\]]*)\\3)?\])\s+#i', "\\1\n", $pagetext); // censor main message text $pagetext = fetch_censored_text($pagetext); // parse URLs in message text if ($this->info['parseurl']) { $pagetext = convert_url_to_bbcode($pagetext); } // remove sessionhash from urls: require_once DIR . '/includes/functions_login.php'; $pagetext = fetch_removed_sessionhash($pagetext); if ($noshouting) { $pagetext = fetch_no_shouting_text($pagetext); } require_once DIR . '/includes/functions_video.php'; $pagetext = parse_video_bbcode($pagetext); return true; }
public function get_custom_fields() { require_once DIR . '/includes/functions_newpost.php'; $fielddefs = self::get_calendar_custom_fields($this->get_field("calendarid")); $customfields = unserialize($this->get_field('customfields')); $field_data = array(); foreach ($fielddefs as $fielddef) { $fielddef['options'] = unserialize($fielddef['options']); $optionval = $customfields["{$fielddef['calendarcustomfieldid']}"]; // Skip this value if a user entered entry exists but no longer allowed if (!$fielddef['allowentry']) { if (!(is_array($fielddef['options']) and in_array($optionval, $fielddef['options']))) { continue; } } $customoption = parse_calendar_bbcode(convert_url_to_bbcode(unhtmlspecialchars($optionval))); $field_data[] = array('title' => $fielddef['title'], 'value' => $customoption); } return $field_data; }
<?php require '../../model/MensagemChat.php'; $curdir = getcwd(); chdir('/home/ccvteam/public_html/forum'); require_once '/home/ccvteam/public_html/forum/global.php'; require_once '/home/ccvteam/public_html/forum/includes/class_bbcode.php'; require_once '/home/ccvteam/public_html/forum/includes/functions_newpost.php'; chdir($curdir); $userid = $vbulletin->userinfo['userid']; if ($userid != '0') { $shouter = utf8_encode($vbulletin->userinfo['musername']); // clean input $vbulletin->input->clean_array_gpc('p', array('message' => TYPE_STR)); $shout = $vbulletin->GPC['message']; // trata aspas $shout = addslashes($shout); // trata ajax urlencoded $shout = convert_urlencoded_unicode($shout); // convert links $shout = convert_url_to_bbcode($shout); // parseador de bbCode $parser =& new vB_BbCodeParser($vbulletin, fetch_tag_list()); // do_parse($text, $do_html = false, $do_smilies = true, $do_bbcode = true , $do_imgcode = true, $do_nl2br = true, $cachable = false) $shout = $parser->do_parse($shout, false, true, true, false, false, false); $timestamp = date("Y-m-d H:i:s"); $msg = new MensagemChat($shout, $shouter, $timestamp, $userid); $msg->Save(); }
/** * Fetches announcements by channel ID * * @param int $channelid (optional) Channel ID * @param int $announcementid (optional) Announcement ID * * @throws vB_Exception_Api no_permission if the user doesn't have permission to view the announcements * * @return array Announcements, each element is an array containing all the fields * in the announcement table and username, avatarurl, and the individual * options from the announcementoptions bitfield-- dohtml, donl2br, * dobbcode, dobbimagecode, dosmilies. */ public function fetch($channelid = 0, $announcementid = 0) { $usercontext = vB::getUserContext(); $userapi = vB_Api::instanceInternal('user'); $channelapi = vB_Api::instanceInternal('content_channel'); $parentids = array(); // Check channel permission if ($channelid) { // This is to verify $channelid $channelapi->fetchChannelById($channelid); if (!$usercontext->getChannelPermission('forumpermissions', 'canview', $channelid)) { throw new vB_Exception_Api('no_permission'); } $parents = vB_Library::instance('node')->getParents($channelid); foreach ($parents as $parent) { if ($parent['nodeid'] != 1) { $parentids[] = $parent['nodeid']; } } } $data = array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'startdate', 'value' => vB::getRequest()->getTimeNow(), 'operator' => vB_dB_Query::OPERATOR_LTE), array('field' => 'enddate', 'value' => vB::getRequest()->getTimeNow(), 'operator' => vB_dB_Query::OPERATOR_GTE))); if ($parentids) { $parentids[] = -1; // We should always include -1 for global announcements $data[vB_dB_Query::CONDITIONS_KEY][] = array('field' => 'nodeid', 'value' => $parentids); } elseif ($channelid) { $channelid = array($channelid, -1); // We should always include -1 for global announcements $data[vB_dB_Query::CONDITIONS_KEY][] = array('field' => 'nodeid', 'value' => $channelid); } else { $data[vB_dB_Query::CONDITIONS_KEY][] = array('field' => 'nodeid', 'value' => '-1'); } $announcements = $this->assertor->getRows('vBForum:announcement', $data, array('field' => array('startdate', 'announcementid'), 'direction' => array(vB_dB_Query::SORT_DESC, vB_dB_Query::SORT_DESC))); if (!$announcements) { return array(); } else { $results = array(); $bf_misc_announcementoptions = vB::getDatastore()->getValue('bf_misc_announcementoptions'); foreach ($announcements as $k => $post) { $userinfo = $userapi->fetchUserinfo($post['userid'], array(vB_Api_User::USERINFO_AVATAR, vB_Api_User::USERINFO_SIGNPIC)); $announcements[$k]['username'] = $userinfo['username']; $announcements[$k]['avatarurl'] = $userapi->fetchAvatar($post['userid']); $announcements[$k]['dohtml'] = $post['announcementoptions'] & $bf_misc_announcementoptions['allowhtml']; if ($announcements[$k]['dohtml']) { $announcements[$k]['donl2br'] = false; } else { $announcements[$k]['donl2br'] = true; } $announcements[$k]['dobbcode'] = $post['announcementoptions'] & $bf_misc_announcementoptions['allowbbcode']; $announcements[$k]['dobbimagecode'] = $post['announcementoptions'] & $bf_misc_announcementoptions['allowbbcode']; $announcements[$k]['dosmilies'] = $post['announcementoptions'] & $bf_misc_announcementoptions['allowsmilies']; if ($announcements[$k]['dobbcode'] and $post['announcementoptions'] & $bf_misc_announcementoptions['parseurl']) { require_once DIR . '/includes/functions_newpost.php'; $announcements[$k]['pagetext'] = convert_url_to_bbcode($post['pagetext']); } } return $announcements; } }
function do_send_pm() { global $vbulletin, $db, $permissions; if (!$vbulletin->userinfo['userid']) { json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN); } $vbulletin->input->clean_array_gpc('r', array('wysiwyg' => TYPE_BOOL, 'title' => TYPE_NOHTML, 'message' => TYPE_STR, 'parseurl' => TYPE_BOOL, 'savecopy' => TYPE_BOOL, 'signature' => TYPE_BOOL, 'disablesmilies' => TYPE_BOOL, 'receipt' => TYPE_BOOL, 'preview' => TYPE_STR, 'recipients' => TYPE_STR, 'bccrecipients' => TYPE_STR, 'iconid' => TYPE_UINT, 'forward' => TYPE_BOOL, 'folderid' => TYPE_INT, 'sendanyway' => TYPE_BOOL)); if ($vbulletin->GPC['message']) { $vbulletin->GPC['message'] = prepare_remote_utf8_string($vbulletin->GPC['message']); } if ($vbulletin->GPC['title']) { $vbulletin->GPC['title'] = prepare_remote_utf8_string($vbulletin->GPC['title']); } if ($vbulletin->GPC['recipients']) { $vbulletin->GPC['recipients'] = prepare_remote_utf8_string($vbulletin->GPC['recipients']); } $vbulletin->GPC['savecopy'] = true; if ($permissions['pmquota'] < 1) { json_error(ERR_NO_PERMISSION); } else { if (!$vbulletin->userinfo['receivepm']) { json_error(strip_tags(fetch_error('pm_turnedoff')), RV_POST_ERROR); } } if (fetch_privatemessage_throttle_reached($vbulletin->userinfo['userid'])) { json_error(strip_tags(fetch_error('pm_throttle_reached', $vbulletin->userinfo['permissions']['pmthrottlequantity'], $vbulletin->options['pmthrottleperiod'])), RV_POST_ERROR); } // include useful functions require_once DIR . '/includes/functions_newpost.php'; // parse URLs in message text if ($vbulletin->options['privallowbbcode'] and $vbulletin->GPC['parseurl']) { $vbulletin->GPC['message'] = convert_url_to_bbcode($vbulletin->GPC['message']); } $pm['message'] =& $vbulletin->GPC['message']; $pm['title'] =& $vbulletin->GPC['title']; $pm['parseurl'] =& $vbulletin->GPC['parseurl']; $pm['savecopy'] =& $vbulletin->GPC['savecopy']; $pm['signature'] =& $vbulletin->GPC['signature']; $pm['disablesmilies'] =& $vbulletin->GPC['disablesmilies']; $pm['sendanyway'] =& $vbulletin->GPC['sendanyway']; $pm['receipt'] =& $vbulletin->GPC['receipt']; $pm['recipients'] =& $vbulletin->GPC['recipients']; $pm['bccrecipients'] =& $vbulletin->GPC['bccrecipients']; $pm['pmid'] =& $vbulletin->GPC['pmid']; $pm['iconid'] =& $vbulletin->GPC['iconid']; $pm['forward'] =& $vbulletin->GPC['forward']; $pm['folderid'] =& $vbulletin->GPC['folderid']; // ************************************************************* // PROCESS THE MESSAGE AND INSERT IT INTO THE DATABASE $errors = array(); // catches errors if ($vbulletin->userinfo['pmtotal'] > $permissions['pmquota'] or $vbulletin->userinfo['pmtotal'] == $permissions['pmquota'] and $pm['savecopy']) { json_error(strip_tags(fetch_error('yourpmquotaexceeded')), RV_POST_ERROR); } // create the DM to do error checking and insert the new PM $pmdm =& datamanager_init('PM', $vbulletin, ERRTYPE_ARRAY); $pmdm->set_info('savecopy', $pm['savecopy']); $pmdm->set_info('receipt', $pm['receipt']); $pmdm->set_info('cantrackpm', $cantrackpm); $pmdm->set_info('forward', $pm['forward']); $pmdm->set_info('bccrecipients', $pm['bccrecipients']); if ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) { $pmdm->overridequota = true; } $pmdm->set('fromuserid', $vbulletin->userinfo['userid']); $pmdm->set('fromusername', $vbulletin->userinfo['username']); $pmdm->setr('title', $pm['title']); $pmdm->set_recipients($pm['recipients'], $permissions, 'cc'); $pmdm->set_recipients($pm['bccrecipients'], $permissions, 'bcc'); $pmdm->setr('message', $pm['message']); $pmdm->setr('iconid', $pm['iconid']); $pmdm->set('dateline', TIMENOW); $pmdm->setr('showsignature', $pm['signature']); $pmdm->set('allowsmilie', $pm['disablesmilies'] ? 0 : 1); if (!$pm['forward']) { $pmdm->set_info('parentpmid', $pm['pmid']); } $pmdm->set_info('replypmid', $pm['pmid']); ($hook = vBulletinHook::fetch_hook('private_insertpm_process')) ? eval($hook) : false; $pmdm->pre_save(); // deal with user using receivepmbuddies sending to non-buddies if ($vbulletin->userinfo['receivepmbuddies'] and is_array($pmdm->info['recipients'])) { $users_not_on_list = array(); // get a list of super mod groups $smod_groups = array(); foreach ($vbulletin->usergroupcache as $ugid => $groupinfo) { if ($groupinfo['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator']) { // super mod group $smod_groups[] = $ugid; } } // now filter out all moderators (and super mods) from the list of recipients // to check against the buddy list $check_recipients = $pmdm->info['recipients']; $mods = $db->query_read_slave("\n\t\t\tSELECT user.userid\n\t\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "moderator AS moderator ON (moderator.userid = user.userid)\n\t\t\tWHERE user.userid IN (" . implode(',', array_keys($check_recipients)) . ")\n\t\t\t\tAND ((moderator.userid IS NOT NULL AND moderator.forumid <> -1)\n\t\t\t\t" . (!empty($smod_groups) ? "OR user.usergroupid IN (" . implode(',', $smod_groups) . ")" : '') . "\n\t\t\t\t)\n\t\t"); while ($mod = $db->fetch_array($mods)) { unset($check_recipients["{$mod['userid']}"]); } if (!empty($check_recipients)) { // filter those on our buddy list out $users = $db->query_read_slave("\n\t\t\t\tSELECT userlist.relationid\n\t\t\t\tFROM " . TABLE_PREFIX . "userlist AS userlist\n\t\t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\t\tAND userlist.relationid IN(" . implode(array_keys($check_recipients), ',') . ")\n\t\t\t\t\tAND type = 'buddy'\n\t\t\t"); while ($user = $db->fetch_array($users)) { unset($check_recipients["{$user['relationid']}"]); } } // what's left must be those who are neither mods or on our buddy list foreach ($check_recipients as $userid => $user) { $users_not_on_list["{$userid}"] = $user['username']; } if (!empty($users_not_on_list) and (!$vbulletin->GPC['sendanyway'] or !empty($errors))) { $users = ''; foreach ($users_not_on_list as $userid => $username) { $users .= "<li><a href=\"member.php?" . $vbulletin->session->vars['sessionurl'] . "u={$userid}\" target=\"profile\">{$username}</a></li>"; } $pmdm->error('pm_non_contacts_cant_reply', $users); } } // check for message flooding if ($vbulletin->options['pmfloodtime'] > 0 and !$vbulletin->GPC['preview']) { if (!($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) and !can_moderate()) { $floodcheck = $db->query_first("\n\t\t\t\tSELECT pmtextid, title, dateline\n\t\t\t\tFROM " . TABLE_PREFIX . "pmtext AS pmtext\n\t\t\t\tWHERE fromuserid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\tORDER BY dateline DESC\n\t\t\t"); if (($timepassed = TIMENOW - $floodcheck['dateline']) < $vbulletin->options['pmfloodtime']) { json_error(strip_tags(fetch_error('pmfloodcheck', $vbulletin->options['pmfloodtime'], $vbulletin->options['pmfloodtime'] - $timepassed)), RV_POST_ERROR); } } } // process errors if there are any $errors = array_merge($errors, $pmdm->errors); if (!empty($errors)) { json_error(strip_tags($errors[0]), RV_POST_ERROR); } else { if ($vbulletin->GPC['preview'] != '') { define('PMPREVIEW', 1); $foruminfo = array('forumid' => 'privatemessage', 'allowicons' => $vbulletin->options['privallowicons']); $preview = process_post_preview($pm); $_REQUEST['do'] = 'newpm'; } else { // everything's good! $pmdm->save(); // force pm counters to be rebuilt $vbulletin->userinfo['pmunread'] = -1; build_pm_counters(); } } return array('success' => 1); }
function photoplog_process_text($text, $catid, $is_title = false, $add_dots = false) { global $vbulletin, $vbphrase, $photoplog_categoryoptions, $photoplog_ds_catopts; static $photoplog_parser = false; $do_html = false; $do_smilies = false; $do_bbcode = false; $do_imgcode = false; $do_parseurl = false; $catid = intval($catid); if (!is_array($photoplog_ds_catopts)) { $photoplog_ds_catopts = array(); } if (in_array($catid, array_keys($photoplog_ds_catopts))) { $photoplog_categorybit = $photoplog_ds_catopts[$catid]['options']; $photoplog_catoptions = convert_bits_to_array($photoplog_categorybit, $photoplog_categoryoptions); $do_html = $photoplog_catoptions['allowhtml'] ? true : false; $do_smilies = $photoplog_catoptions['allowsmilies'] ? true : false; $do_bbcode = $photoplog_catoptions['allowbbcode'] ? true : false; $do_imgcode = $photoplog_catoptions['allowimgcode'] ? true : false; $do_parseurl = $photoplog_catoptions['allowparseurl'] ? true : false; } $text = fetch_censored_text($text); $text = fetch_word_wrapped_string($text); require_once DIR . '/includes/functions_newpost.php'; if ($is_title) { $text = fetch_no_shouting_text($text); $max_len = 255; if (vbstrlen($text) > $max_len) { $text = fetch_trimmed_title($text, $max_len); $text = photoplog_regexp_text($text); } if (empty($text)) { $text = $vbphrase['photoplog_untitled']; } $text = htmlspecialchars_uni($text); return $text; } if ($add_dots) { $max_len = 100; if ($vbulletin->options['lastthreadchars'] != 0) { $max_len = $vbulletin->options['lastthreadchars'] * 2; } } else { $max_len = min(vbstrlen($text), 15360000); if ($vbulletin->options['postmaxchars'] != 0) { $max_len = $vbulletin->options['postmaxchars']; } } if (vbstrlen($text) > $max_len) { $text = fetch_trimmed_title($text, $max_len); $text = photoplog_regexp_text($text); } if ($do_parseurl) { $text = convert_url_to_bbcode($text); } if (empty($text)) { $text = $vbphrase['photoplog_not_available']; } $text = fetch_no_shouting_text($text); if (!$photoplog_parser) { require_once DIR . '/includes/class_bbcode.php'; $photoplog_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); } $text = $photoplog_parser->do_parse($text, $do_html, $do_smilies, $do_bbcode, $do_imgcode, true, false); return $text; }
$customoption = ''; $customtitle = $value['title']; if (is_array($value['options'])) { foreach ($value['options'] as $key => $val) { if ($val == $eventfields["{$value['calendarcustomfieldid']}"]) { $customoption = $val; break; } } } // Skip this value if a user entered entry exists but no longer allowed if (!$value['allowentry'] and $customoption == '') { continue; } require_once DIR . '/includes/functions_newpost.php'; $customoption = parse_calendar_bbcode(convert_url_to_bbcode(unhtmlspecialchars($eventfields["{$value['calendarcustomfieldid']}"]))); $show['customoption'] = $customoption == '' ? false : true; if ($show['customoption']) { $show['customfields'] = true; } $templater = vB_Template::create('calendar_showeventsbit_customfield'); $templater->register('customoption', $customoption); $templater->register('customtitle', $customtitle); $customfields .= $templater->render(); } $show['holiday'] = false; // check for calendar moderator here. $show['caneditevent'] = true; if (!can_moderate_calendar($calendarinfo['calendarid'], 'caneditevents')) { if ($eventinfo['userid'] != $vbulletin->userinfo['userid']) { $show['caneditevent'] = false;
public function add($data, array $options = array(), $convertWysiwygTextToBbcode = true) { //Store this so we know whether we should call afterAdd() $skipTransaction = !empty($options['skipTransaction']); $this->checkPollOptions($data); // Add the poll options (answers) to the standard content add method $options array $options = array_merge($data['options'], $options); // Keep an array of *only* the poll options, without the other options in the standard array $pollOptions = $data['options']; if (isset($data['parseurl'])) { $parseurl = $data['parseurl']; if ($parseurl) { require_once DIR . '/includes/functions_newpost.php'; } } unset($data['options'], $data['parseurl']); // skip the index in the parent and do it here so it can include the options $data['noIndex'] = true; try { if (!$skipTransaction) { $this->assertor->beginTransaction(); } $options['skipTransaction'] = true; $result = parent::add($data, $options, $convertWysiwygTextToBbcode); // Save poll options foreach ($pollOptions as $option) { if (isset($parseurl) and $parseurl) { $option['title'] = convert_url_to_bbcode($option['title']); } // Insert new option $this->assertor->assertQuery('vBForum:polloption', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_INSERT, 'nodeid' => $result['nodeid'], 'title' => $option['title'])); } if (!$skipTransaction) { $this->assertor->commitTransaction(); } } catch (exception $e) { if (!$skipTransaction) { $this->assertor->rollbackTransaction(); } throw $e; } if (!$skipTransaction) { //The child classes that have their own transactions all set this to true so afterAdd is always called just once. $this->afterAdd($result['nodeid'], $data, $options, $result['cacheEvents'], $result['nodeVals']); } $this->updatePollCache($result['nodeid']); // do the indexing after the options are added $this->nodeApi->clearCacheEvents(array($result['nodeid'], $data['parentid'])); vB_Api::instance('Search')->index($result['nodeid']); return $result; }
)); ($hook = vBulletinHook::fetch_hook('visitor_message_post_start')) ? eval($hook) : false; // unwysiwygify the incoming data if ($vbulletin->GPC['wysiwyg']) { require_once(DIR . '/includes/functions_wysiwyg.php'); $vbulletin->GPC['message'] = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $vbulletin->options['allowhtml']); } // parse URLs in message text if ($vbulletin->options['allowbbcode'] AND $vbulletin->GPC['parseurl']) { require_once(DIR . '/includes/functions_newpost.php'); $vbulletin->GPC['message'] = convert_url_to_bbcode($vbulletin->GPC['message']); } $message = array( 'message' =>& $vbulletin->GPC['message'], 'userid' =>& $userinfo['userid'], 'postuserid' =>& $vbulletin->userinfo['userid'], 'disablesmilies' =>& $vbulletin->GPC['disablesmilies'], 'parseurl' =>& $vbulletin->GPC['parseurl'], ); if ($vbulletin->GPC['ajax']) { $message['message'] = convert_urlencoded_unicode($message['message']); }
} else { $authors = explode(";", $_POST['author'][$file]); foreach ($authors as $key => $value) { $author = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE `username`=" . $db->sql_prepare(trim($value))); if ($author['userid'] > 0) { $authors[$key] = '<a href="member.php?u=' . $author['userid'] . '">' . trim($value) . '</a>'; } else { $authors[$key] = trim($value); } $_POST['_author'][$file] = implode(", ", $authors); } } if ($_POST['desc'][$file] == '') { $_POST['desc'][$file] = $_POST['desc'][0]; } else { $_POST['desc'][$file] = convert_url_to_bbcode($_POST['desc'][$file]); } if ($_POST['pinned'][$file] == -1) { if ($_POST['pinned'][0] != -1) { $_POST['pinned'][$file] = $_POST['pinned'][0]; } } $_POST['size'][$file] = filesize($_POST['dir'] . stripslashes($_file)); $_POST['newfilename'][$file] = TIMENOW % 100000 . '-' . stripslashes($_file); if (is_readable($_POST['dir'] . stripslashes($_file))) { @copy($_POST['dir'] . stripslashes($_file), $dl->url . $_POST['newfilename'][$file]); if (file_exists($dl->url . $_POST['newfilename'][$file])) { $db->query_write("\r\n\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "dl2_files\r\n\t\t\t\t\t\t(`title`, `description`, `author`, `_author`, `uploader`, `uploaderid`, `url`, `dateadded`, `category`, `size`, `pin`)\r\n\t\t\t\t\tVALUES\r\n\t\t\t\t\t\t(" . $db->sql_prepare($_POST['dname'][$file]) . ", " . $db->sql_prepare($_POST['desc'][$file]) . ", " . $db->sql_prepare($_POST['author'][$file]) . ", " . $db->sql_prepare($_POST['_author'][$file]) . ", " . $db->sql_prepare($vbulletin->userinfo['username']) . ", " . $db->sql_prepare($vbulletin->userinfo['userid']) . ", " . $db->sql_prepare($_POST['newfilename'][$file]) . ", " . TIMENOW . ", " . $db->sql_prepare($_POST['category'][$file]) . ", " . $db->sql_prepare($_POST['size'][$file]) . ", " . $db->sql_prepare($_POST['pinned'][$file]) . ")\r\n\t\t\t\t"); array_push($success, '<a href="../downloads.php?do=file&id=' . $db->insert_id() . '">' . stripslashes($file) . '</a>'); } else { array_push($file_errors, $file);
$line_count_text = preg_replace('#([^\\r\\n]{' . $vbulletin->options['softlinebreakchars'] . '})#', "\\1\n", $line_count_text); } // + 1, since 0 linebreaks still means 1 line $line_count = substr_count($line_count_text, "\n") + 1; if ($line_count > $vbulletin->userinfo['permissions']['sigmaxlines']) { $vbulletin->GPC['preview'] = true; $errors[] = fetch_error('sigtoomanylines', $vbulletin->userinfo['permissions']['sigmaxlines']); } } if ($vbulletin->userinfo['permissions']['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['canbbcode']) { // Get the files we need require_once DIR . '/includes/functions_newpost.php'; // add # to color tags using hex if it's not there $signature = preg_replace('#\\[color=("|"|\'|)([a-f0-9]{6})\\1]#i', '[color=\\1#\\2\\1]', $signature); // Turn the text into bb code. $signature = convert_url_to_bbcode($signature); // Create the parser with the users sig permissions $sig_parser =& new vB_SignatureParser($vbulletin, fetch_tag_list(), $vbulletin->userinfo['permissions'], $vbulletin->userinfo['userid']); // Parse the signature $previewmessage = $sig_parser->parse($signature); if ($error_num = count($sig_parser->errors)) { foreach ($sig_parser->errors as $tag => $error_phrase) { $errors[] = fetch_error($error_phrase, $tag); } } unset($sig_parser, $tag_list, $sig_tag_token_array, $results); } // If they are previewing the signature or there were usergroup rules broken and there are $errors[] if (!empty($errors) or $vbulletin->GPC['preview'] != '') { if (!empty($errors)) { $errorlist = '';
} else { $blog['parseurl'] = ($vbulletin->userinfo['permissions']['vbblog_comment_permissions'] & $vbulletin->bf_ugp_vbblog_comment_permissions['blog_allowbbcode'] AND $vbulletin->GPC['parseurl']); } $blog['disablesmilies'] = $vbulletin->GPC['disablesmilies']; } $blog['blogid'] = $vbulletin->GPC['blogid']; $blog['username'] = $vbulletin->GPC['username']; // parse URLs in message text if ($blog['parseurl']) { require_once(DIR . '/includes/functions_newpost.php'); $blog['message'] = convert_url_to_bbcode($blog['message']); } $blogman =& datamanager_init('BlogText', $vbulletin, ERRTYPE_ARRAY, 'blog'); if ($blogtextid) { $show['edit'] = true; $blogman->set_existing($blogtextinfo); } else { // if the blog owner is forcing a comment OR board has comment enforcement on and we are following that policy if (($bloginfo['moderatecomments'] OR $vbulletin->options['blog_commentmoderation'] OR !($vbulletin->userinfo['permissions']['vbblog_comment_permissions'] & $vbulletin->bf_ugp_vbblog_comment_permissions['blog_followcommentmoderation'])) AND !can_moderate_blog('canmoderatecomments') AND $bloginfo['userid'] != $vbulletin->userinfo['userid']) {