function newThread($newpost, $posterid = '') { global $vbulletin; if ($posterid == '') { $posterid = $vbulletin->userinfo['userid']; } $threadman =& datamanager_init('Thread_FirstPost', $vbulletin, ERRTYPE_ARRAY, 'threadpost'); $foruminfo = fetch_foruminfo($newpost['forumid']); $threadinfo = array(); $threadman->set_info('forum', $foruminfo); $threadman->set_info('thread', $threadinfo); $threadman->setr('forumid', $newpost['forumid']); $threadman->setr('userid', $posterid); $threadman->setr('pagetext', $newpost['pagetext']); $threadman->setr('title', $newpost['title']); $threadman->setr('showsignature', $signature); $threadman->set('allowsmilie', $newpost['allowsmilie']); $threadman->set('visible', $newpost['visible']); $threadman->set_info('parseurl', $newpost['parseurl']); $threadman->set('prefixid', $newpost['prefixid']); $idpack['threadid'] = $threadman->save(); $result = $vbulletin->db->query_read("SELECT `firstpostid` FROM `" . TABLE_PREFIX . "thread` WHERE `threadid`='{$idpack['threadid']}'"); $row = $vbulletin->db->fetch_row($result); $idpack['postid'] = $row[0]; return $idpack; }
/** * Load object from an id * * @param int $id * @return vB_Legacy_Forum */ public static function create_from_id($id) { $foruminfo = fetch_foruminfo($id); //try to work with bad data integrity. There are dbs out there //with threads that belong to a nonexistant forum. if ($foruminfo) { return self::create_from_record($foruminfo); } else { return null; } }
function fetch_forum($forumid) { global $vbulletin; if ($forumid == -1) { return array('title' => str($vbulletin->options['bbtitle']), 'threadcount' => 0); } // Don't use cache as it doesn't include threadcount by default $foruminfo = fetch_foruminfo($forumid, false); if (!$foruminfo) { return false; } return array('id' => intval($foruminfo['forumid']), 'title' => str($foruminfo['title'], true), 'description' => str($foruminfo['description'], true), 'threadcount' => intval($foruminfo['threadcount']), 'replycount' => intval($foruminfo['replycount'])); }
/** * Load object from an id * * @param int $id * @return vB_Legacy_Forum */ public static function create_from_id($id) { //the cache get prefilled with abbreviated data that is *different* from what //the query in fetch_foruminfo provides. We can skip the cache, but that means //we never cache, even if we want to. //this is going to prove to be a problem. //There is an incomplete copy stored in cache. Not sure why, // but it consistently doesn't give me the lastthreadid unless I pass "false" // to prevent reading from cache $foruminfo = fetch_foruminfo($id, false); //try to work with bad data integrity. There are dbs out there //with threads that belong to a nonexistant forum. if ($foruminfo) { return self::create_from_record($foruminfo); } else { return null; } }
/** * Returns whether or not the visiting user can view the specified password-protected forum * * @param integer Forum ID * @param string Provided password * @param boolean If true, show error when access is denied * * @return boolean */ function verify_forum_password($forumid, $password, $showerror = true) { global $vbulletin; if (!$password OR ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) OR ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator']) OR can_moderate($forumid)) { return true; } $foruminfo = fetch_foruminfo($forumid); $parents = explode(',', $foruminfo['parentlist']); foreach ($parents AS $fid) { // get the pwd from any parent forums -- allows pwd cookies to cascade down if ($temp = fetch_bbarray_cookie('forumpwd', $fid) AND $temp === md5($vbulletin->userinfo['userid'] . $password)) { return true; } } // didn't match the password in any cookie if ($showerror) { require_once(DIR . '/includes/functions_misc.php'); $security_token_html = '<input type="hidden" name="securitytoken" value="' . $vbulletin->userinfo['securitytoken'] . '" />'; // forum password is bad - show error // TODO convert the 'forumpasswordmissoing' phrase to vB4 eval(standard_error(fetch_error('forumpasswordmissing', $vbulletin->session->vars['sessionhash'], $vbulletin->scriptpath, $forumid, construct_post_vars_html() . $security_token_html, 10, 1 ))); } else { // forum password is bad - return false return false; } }
print_table_header($vbphrase['forum_based_permission_duplicator']); print_forum_chooser($vbphrase['copy_permissions_from_forum'], 'forumid_from', -1); print_label_row($vbphrase['copy_permissions_to_forums'], "<span class=\"smallfont\">{$forumlist}</span>", '', 'top', 'forumlist'); //print_chooser_row($vbphrase['only_copy_permissions_from_group'], 'limitugid', 'usergroup', -1, $vbphrase['all_usergroups']); print_yes_no_row($vbphrase['overwrite_duplicate_entries'], 'overwritedupes_forum', 0); print_yes_no_row($vbphrase['overwrite_inherited_entries'], 'overwriteinherited_forum', 0); print_submit_row($vbphrase['go']); } // ###################### Start do duplicate (group-based) ####################### if ($_POST['do'] == 'doduplicate_group') { $vbulletin->input->clean_array_gpc('p', array('ugid_from' => TYPE_INT, 'limitforumid' => TYPE_INT, 'overwritedupes_group' => TYPE_INT, 'overwriteinherited_group' => TYPE_INT, 'usergrouplist' => TYPE_ARRAY)); if (sizeof($vbulletin->GPC['usergrouplist']) == 0) { print_stop_message('invalid_usergroup_specified'); } if ($vbulletin->GPC['limitforumid'] > 0) { $foruminfo = fetch_foruminfo($vbulletin->GPC['limitforumid']); $forumsql = "AND forumpermission.forumid IN ({$foruminfo['parentlist']})"; $childforum = "AND forumpermission.forumid IN ({$foruminfo['childlist']})"; } else { $childforum = ''; $forumsql = ''; } foreach ($vbulletin->GPC['usergrouplist'] as $ugid_to => $confirm) { $ugid_to = intval($ugid_to); if ($vbulletin->GPC['ugid_from'] == $ugid_to or $confirm != 1) { continue; } $forumsql_local = ''; $existing = $db->query_read("\n\t\t\tSELECT forumpermission.forumid, forum.parentlist\n\t\t\tFROM " . TABLE_PREFIX . "forumpermission AS forumpermission, " . TABLE_PREFIX . "forum AS forum\n\t\t\tWHERE forumpermission.forumid = forum.forumid\n\t\t\t\tAND usergroupid = {$ugid_to}\n\t\t\t\t{$forumsql}\n\t\t\t\t{$forumsql_local}\n\t\t"); $perm_set = array(); while ($thisperm = $db->fetch_array($existing)) {
$highlight = explode(' ', $highlight); $highlight = str_replace($regexfind, $regexreplace, $highlight); foreach ($highlight as $val) { if ($val = trim($val)) { $replacewords[] = htmlspecialchars_uni($val); } } } } // ********************************************************************************* // make the forum jump in order to fill the forum caches $navpopup = array('id' => 'showthread_navpopup', 'title' => $foruminfo['title_clean'], 'link' => fetch_seo_url('thread', $threadinfo)); construct_quick_nav($navpopup); // ********************************************************************************* // get forum info $forum = fetch_foruminfo($thread['forumid']); $foruminfo =& $forum; // ********************************************************************************* // check forum permissions $forumperms = fetch_permissions($thread['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { print_no_permission(); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($thread['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { print_no_permission(); } // ********************************************************************************* // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); // ********************************************************************************* // jump page if thread is actually a redirect
/** * Does the report * * @param string The Reason for the report * @param array Information regarding the item being reported * */ function do_report($reason, &$iteminfo) { global $vbphrase; $this->iteminfo =& $iteminfo; $reportinfo = array('rusername' => unhtmlspecialchars($this->registry->userinfo['username']), 'ruserid' => $this->registry->userinfo['userid'], 'remail' => $this->registry->userinfo['email']); if ($this->registry->options['postmaxchars'] > 0) { $reportinfo['reason'] = substr($reason, 0, $this->registry->options['postmaxchars']); } else { $reportinfo['reason'] = $reason; } $reportthread = ($rpforumid = $this->registry->options['rpforumid'] and $rpforuminfo = fetch_foruminfo($rpforumid)); $reportemail = ($this->registry->options['enableemail'] and $this->registry->options['rpemail']); $mods = array(); $reportinfo['modlist'] = ''; $moderators = $this->fetch_affected_moderators(); if ($moderators) { while ($moderator = $this->registry->db->fetch_array($moderators)) { $mods["{$moderator['userid']}"] = $moderator; $reportinfo['modlist'] .= (!empty($reportinfo['modlist']) ? ', ' : '') . unhtmlspecialchars($moderator['username']); } } if (empty($reportinfo['modlist'])) { $reportinfo['modlist'] = $vbphrase['n_a']; } $this->set_reportinfo($reportinfo); if ($reportthread) { // Determine if we need to create a thread or a post if (!$this->iteminfo['reportthreadid'] or !($rpthreadinfo = fetch_threadinfo($this->iteminfo['reportthreadid'])) or $rpthreadinfo and ($rpthreadinfo['isdeleted'] or !$rpthreadinfo['visible'] or $rpthreadinfo['forumid'] != $rpforuminfo['forumid'])) { eval(fetch_email_phrases('report' . $this->phrasekey . '_newthread', 0)); if (!$this->registry->options['rpuserid'] or !($userinfo = fetch_userinfo($this->registry->options['rpuserid']))) { $userinfo =& $this->registry->userinfo; } $threadman =& datamanager_init('Thread_FirstPost', $this->registry, ERRTYPE_SILENT, 'threadpost'); $threadman->set_info('forum', $rpforuminfo); $threadman->set_info('is_automated', true); $threadman->set_info('skip_moderator_email', true); $threadman->set_info('mark_thread_read', true); $threadman->set_info('parseurl', true); $threadman->set('allowsmilie', true); $threadman->set('userid', $userinfo['userid']); $threadman->setr_info('user', $userinfo); $threadman->set('title', $subject); $threadman->set('pagetext', $message); $threadman->set('forumid', $rpforuminfo['forumid']); $threadman->set('visible', 1); if ($userinfo['userid'] != $this->registry->userinfo['userid']) { // not posting as the current user, IP won't make sense $threadman->set('ipaddress', ''); } $rpthreadid = $threadman->save(); if ($this->update_item_reportid($rpthreadid)) { $threadman->set_info('skip_moderator_email', false); $threadman->email_moderators(array('newthreademail', 'newpostemail')); $this->iteminfo['reportthreadid'] = 0; $rpthreadinfo = array('threadid' => $rpthreadid, 'forumid' => $rpforuminfo['forumid'], 'postuserid' => $userinfo['userid']); // check the permission of the other user $userperms = fetch_permissions($rpthreadinfo['forumid'], $userinfo['userid'], $userinfo); if ($userperms & $this->registry->bf_ugp_forumpermissions['canview'] and $userperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'] and $userinfo['autosubscribe'] != -1) { $this->registry->db->query_write("\n\t\t\t\t\t\t\tINSERT IGNORE INTO " . TABLE_PREFIX . "subscribethread\n\t\t\t\t\t\t\t\t(userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t(" . $userinfo['userid'] . ", {$rpthreadinfo['threadid']}, {$userinfo['autosubscribe']}, 0, 1)\n\t\t\t\t\t\t"); } } else { // Delete the thread we just created if ($delthread = fetch_threadinfo($rpthreadid)) { $threadman =& datamanager_init('Thread', $this->registry, ERRTYPE_SILENT, 'threadpost'); $threadman->set_existing($delthread); $threadman->delete($rpforuminfo['countposts'], true, NULL, false); unset($threadman); } $this->refetch_iteminfo(); } } if ($this->iteminfo['reportthreadid'] and $rpthreadinfo = fetch_threadinfo($this->iteminfo['reportthreadid']) and !$rpthreadinfo['isdeleted'] and $rpthreadinfo['visible'] == 1 and $rpthreadinfo['forumid'] == $rpforuminfo['forumid']) { eval(fetch_email_phrases('reportitem_newpost', 0)); // Already reported, thread still exists/visible, and thread is in the right forum. // Technically, if the thread exists but is in the wrong forum, we should create the // thread, but that should only occur in a race condition. if (!$this->registry->options['rpuserid'] or !$userinfo and !($userinfo = fetch_userinfo($this->registry->options['rpuserid']))) { $userinfo =& $this->registry->userinfo; } $postman =& datamanager_init('Post', $this->registry, ERRTYPE_STANDARD, 'threadpost'); $postman->set_info('thread', $rpthreadinfo); $postman->set_info('forum', $rpforuminfo); $postman->set_info('is_automated', true); $postman->set_info('parseurl', true); $postman->set('threadid', $rpthreadinfo['threadid']); $postman->set('userid', $userinfo['userid']); $postman->set('allowsmilie', true); $postman->set('visible', true); $postman->set('title', $subject); $postman->set('pagetext', $message); if ($userinfo['userid'] != $this->registry->userinfo['userid']) { // not posting as the current user, IP won't make sense $postman->set('ipaddress', ''); } $postman->save(); unset($postman); } } if ($reportemail) { $threadinfo['title'] = unhtmlspecialchars($threadinfo['title']); $postinfo['title'] = unhtmlspecialchars($postinfo['title']); if (empty($mods) or $this->registry->options['rpemail'] == 2) { $moderators = $this->fetch_affected_super_moderators($mods); if ($moderators) { while ($moderator = $this->registry->db->fetch_array($moderators)) { $mods["{$moderator['userid']}"] = $moderator; } } } ($hook = vBulletinHook::fetch_hook('report_send_process')) ? eval($hook) : false; foreach ($mods as $userid => $moderator) { if (!empty($moderator['email'])) { $this->send_moderator_email($moderator, $rpthreadinfo, $reportinfo); } } ($hook = vBulletinHook::fetch_hook('report_send_complete')) ? eval($hook) : false; } }
$itemtype = 'announcement'; $threadactiontime = 0; if (defined('IN_CONTROL_PANEL')) { echo "<li><a href=\"{$itemlink}\" target=\"feed\">{$itemtitle}</a></li>"; } $rsslog_insert_sql[] = "({$item['rssfeedid']}, {$itemid}, '{$itemtype}', '" . $vbulletin->db->escape_string($uniquehash) . "', '" . $vbulletin->db->escape_string($item['contenthash']) . "', " . TIMENOW . ", {$threadactiontime})"; $cronlog_items["{$item['rssfeedid']}"][] = "\t<li>{$vbphrase[$itemtype]} <a href=\"{$itemlink}\" target=\"logview\"><em>{$itemtitle}</em></a></li>"; } break; // insert item as thread // insert item as thread case 'thread': default: // init thread/firstpost datamanager $itemdata =& datamanager_init('Thread_FirstPost', $vbulletin, $error_type, 'threadpost'); $itemdata->set_info('forum', fetch_foruminfo($feed['forumid'])); $itemdata->set_info('user', $feed); $itemdata->set_info('is_automated', 'rss'); $itemdata->set_info('chop_title', true); $itemdata->set('iconid', $feed['iconid']); $itemdata->set('sticky', $feed['rssoptions'] & $vbulletin->bf_misc_feedoptions['stickthread'] ? 1 : 0); $itemdata->set('forumid', $feed['forumid']); $itemdata->set('prefixid', $feed['prefixid']); $itemdata->set('userid', $feed['userid']); $itemdata->set('title', strip_bbcode($html_parser->parse_wysiwyg_html_to_bbcode($feed['xml']->parse_template($feed['titletemplate'], $item)))); $itemdata->set('pagetext', $pagetext); $itemdata->set('visible', $feed['rssoptions'] & $vbulletin->bf_misc_feedoptions['moderatethread'] ? 0 : 1); $itemdata->set('allowsmilie', $feed['rssoptions'] & $vbulletin->bf_misc_feedoptions['allowsmilies'] ? 1 : 0); $itemdata->set('showsignature', $feed['rssoptions'] & $vbulletin->bf_misc_feedoptions['showsignature'] ? 1 : 0); $itemdata->set('ipaddress', ''); $threadactiontime = $feed['threadactiondelay'] > 0 ? TIMENOW + $feed['threadactiondelay'] * 3600 : 0;
print_form_header('thread', 'dothreads'); construct_hidden_code('type', 'move'); print_table_header($vbphrase['move_threads']); print_moderator_forum_chooser('destforumid', -1, '', $vbphrase['destination_forum'], false, false, true, 'none'); print_move_prune_rows('canmassmove'); print_submit_row($vbphrase['move_threads']); } // ###################### Start thread move/prune by options ####################### if ($_POST['do'] == 'dothreads') { $vbulletin->input->clean_array_gpc('p', array('thread' => TYPE_ARRAY, 'destforumid' => TYPE_INT)); if ($vbulletin->GPC['thread']['forumid'] == 0) { print_stop_message('please_complete_required_fields'); } $whereclause = fetch_thread_move_prune_sql($vbulletin->GPC['thread'], $forumids, $vbulletin->GPC['type']); if ($vbulletin->GPC['type'] == 'move') { $foruminfo = fetch_foruminfo($vbulletin->GPC['destforumid']); if (!$foruminfo) { print_stop_message('invalid_destination_forum_specified'); } if (!$foruminfo['cancontainthreads'] or $foruminfo['link']) { print_stop_message('destination_forum_cant_contain_threads'); } } $fullquery = "\n\t\tSELECT COUNT(*) AS count\n\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\tLEFT JOIN " . TABLE_PREFIX . "forum AS forum ON(forum.forumid = thread.forumid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON(deletionlog.primaryid = thread.threadid AND deletionlog.type = 'thread')\n\t\tWHERE {$whereclause}\n\t"; $count = $db->query_first($fullquery); if (!$count['count']) { print_stop_message('no_threads_matched_your_query'); } print_form_header('thread', 'dothreadsall'); construct_hidden_code('type', $vbulletin->GPC['type']); construct_hidden_code('criteria', sign_client_string(serialize($vbulletin->GPC['thread'])));
} $templater = vB_Template::create('postrelease_vb4_postbits'); $postbits = $templater->render(); } } else { if (isset($pr_data)) { vB_Template::preRegister('postrelease_vb4_postbits_mobile', array('prx_author' => $prx_author)); vB_Template::preRegister('postrelease_vb4_postbits_mobile', array('prx_author_url' => $prx_author_url)); vB_Template::preRegister('postrelease_vb4_postbits_mobile', array('prx_author_img' => $prx_author_img)); vB_Template::preRegister('postrelease_vb4_postbits_mobile', array('prx_title' => $prx_title)); vB_Template::preRegister('postrelease_vb4_postbits_mobile', array('prx_body' => $prx_body)); } $templater = vB_Template::create('postrelease_vb4_postbits_mobile'); $postbits = $templater->render(); } $foruminfo = fetch_foruminfo($prx_forum_id); $navbits = array(); if (SIMPLE_VERSION > 410) { $navbits[fetch_seo_url('forumhome', array())] = $vbphrase['forum']; } else { $navbits[$vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']] = $vbphrase['forum']; } $parentlist = array_reverse(explode(',', substr($foruminfo['parentlist'], 0, -3))); foreach ($parentlist as $forumID) { $forumTitle = $vbulletin->forumcache["{$forumID}"]['title']; $navbits[fetch_seo_url('forum', array('forumid' => $forumID, 'title' => $forumTitle))] = $forumTitle; } $navbits[''] = $prx_title; $navbits = construct_navbits($navbits); $navbar = render_navbar_template($navbits); if ($mobile == 0) {
function create_associated_thread($article) { $foruminfo = fetch_foruminfo(vB::$vbulletin->options['vbcmsforumid']); if (!$foruminfo) { return false; } $dataman =& datamanager_init('Thread_FirstPost', vB::$vbulletin, ERRTYPE_ARRAY, 'threadpost'); //$dataman->set('prefixid', $post['prefixid']); // set info $dataman->set_info('preview', ''); $dataman->set_info('parseurl', true); $dataman->set_info('posthash', ''); $dataman->set_info('forum', $foruminfo); $dataman->set_info('thread', array()); $dataman->set_info('show_title_error', false); // set options $dataman->set('showsignature', true); $dataman->set('allowsmilie', false); // set data //title and message are needed for dupcheck later $title = new vB_Phrase('vbcms', 'comment_thread_title', htmlspecialchars_decode($article->getTitle())); $message = new vB_Phrase('vbcms', 'comment_thread_firstpost', vBCms_Route_Content::getURL(array('node' => $article->getUrlSegment()))); $dataman->set('userid', $article->getUserId()); $dataman->set('title', $title); $dataman->set('pagetext', $message); $dataman->set('iconid', ''); $dataman->set('visible', 1); $dataman->setr('forumid', $foruminfo['forumid']); $errors = array(); $dataman->pre_save(); $errors = array_merge($errors, $dataman->errors); vB_Cache::instance()->event($article->getCacheEvents()); if (sizeof($errors) > 0) { return false; } if (!($id = $dataman->save())) { throw new vB_Exception_Content('Could not create comments thread for content'); } return $id; }
function build_forum_counters($forumid, $censor = false) { global $vbulletin; $forumid = intval($forumid); $foruminfo = fetch_foruminfo($forumid); if (!$foruminfo) { // prevent fatal errors when a forum doesn't exist return; } require_once(DIR . '/includes/functions_bigthree.php'); $coventry = fetch_coventry('string', true); $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "tachyforumcounter WHERE forumid = $forumid"); $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "tachyforumpost WHERE forumid = $forumid"); if ($coventry) { // Thread count $tachy_db = $vbulletin->db->query_read(" SELECT thread.postuserid, COUNT(*) AS threadcount FROM " . TABLE_PREFIX . "thread AS thread WHERE thread.postuserid IN ($coventry) AND thread.visible = 1 AND thread.open <> 10 AND thread.forumid = $forumid GROUP BY thread.postuserid "); $tachystats = array(); while ($tachycounter = $vbulletin->db->fetch_array($tachy_db)) { $tachystats["$tachycounter[postuserid]"]['threads'] = $tachycounter['threadcount']; } $tachy_db = $vbulletin->db->query_read(" SELECT post.userid, COUNT(*) AS replycount FROM " . TABLE_PREFIX . "post AS post INNER JOIN " . TABLE_PREFIX . "thread AS thread ON (post.threadid = thread.threadid) WHERE post.userid IN ($coventry) AND post.visible = 1 AND thread.forumid = $forumid GROUP BY post.userid "); while ($tachycounter = $vbulletin->db->fetch_array($tachy_db)) { if (!isset($tachystats["$tachycounter[userid]"])) { $tachystats["$tachycounter[userid]"]['threads'] = 0; } $tachystats["$tachycounter[userid]"]['replies'] = $tachycounter['replycount']; } foreach ($tachystats AS $user => $stats) { $vbulletin->db->query_write(" REPLACE INTO " . TABLE_PREFIX . "tachyforumcounter (userid, forumid, threadcount, replycount) VALUES (" . intval($user) . ", " . intval($forumid) . ", " . intval($stats['threads']) . ", " . intval($stats['replies']) . ") "); } } $totals = $vbulletin->db->query_first(" SELECT COUNT(*) AS threads, SUM(thread.replycount) AS replies FROM " . TABLE_PREFIX . "thread AS thread WHERE thread.forumid = $forumid AND visible = 1 AND open <> 10 " . ($coventry ? " AND thread.postuserid NOT IN ($coventry)" : '') ); $totals['replies'] += $totals['threads']; $lastthread = $vbulletin->db->query_first(" SELECT thread.* FROM " . TABLE_PREFIX . "thread AS thread WHERE forumid = $forumid AND visible = 1 AND open <> 10 " . ($coventry ? "AND thread.postuserid NOT IN ($coventry)" : '') ." ORDER BY lastpost DESC LIMIT 1 "); if ($coventry) { $tachy_posts = array(); $tachy_db = $vbulletin->db->query_read(" SELECT thread.*, tachythreadpost.* FROM " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost INNER JOIN " . TABLE_PREFIX . "thread AS thread ON (tachythreadpost.threadid = thread.threadid) WHERE thread.forumid = $forumid AND tachythreadpost.lastpost > " . intval($lastthread['lastpost']) . " AND thread.visible = 1 AND thread.open <> 10 ORDER BY tachythreadpost.lastpost DESC "); while ($tachy = $vbulletin->db->fetch_array($tachy_db)) { if (!isset($tachy_posts["$tachy[userid]"])) { $tachy_posts["$tachy[userid]"] = $tachy; } } $tachy_replace = array(); foreach ($tachy_posts AS $tachy) { if ($censor) { $tachy['title'] = fetch_censored_text($tachy['title']); } $tachy_replace[] = " ($tachy[userid], $forumid, $tachy[lastpost], '" . $vbulletin->db->escape_string($tachy['lastposter']) ."', $tachy[lastposterid], '" . $vbulletin->db->escape_string($tachy['title']) . "', $tachy[threadid], $tachy[iconid], $tachy[lastpostid], '" . $vbulletin->db->escape_string($tachy['prefixid']) . "') "; } if ($tachy_replace) { $vbulletin->db->query_write(" REPLACE INTO " . TABLE_PREFIX . "tachyforumpost (userid, forumid, lastpost, lastposter, lastposterid, lastthread, lastthreadid, lasticonid, lastpostid, lastprefixid) VALUES " . implode(', ', $tachy_replace) ); } } //done, update the forum $forumdm =& datamanager_init('Forum', $vbulletin, ERRTYPE_SILENT); $forumdm->set_existing($foruminfo); $forumdm->set_info('rebuild', 1); $forumdm->set('threadcount', $totals['threads'], true, false); $forumdm->set('replycount', $totals['replies'],true, false); $forumdm->set('lastpost', $lastthread['lastpost'], true, false); $forumdm->set('lastposter', $lastthread['lastposter'], true, false); $forumdm->set('lastposterid', $lastthread['lastposterid'], true, false); $forumdm->set('lastpostid', $lastthread['lastpostid'], true, false); if ($censor) { $forumdm->set('lastthread', fetch_censored_text($lastthread['title']), true, false); } else { $forumdm->set('lastthread', $lastthread['title'], true, false); } $forumdm->set('lastthreadid', $lastthread['threadid'], true, false); $forumdm->set('lasticonid', ($lastthread['pollid'] ? -1 : $lastthread['iconid']), true, false); $forumdm->set('lastprefixid', $lastthread['prefixid'], true, false); $forumdm->set_info('disable_cache_rebuild', true); $forumdm->save(); unset($forumdm); }
/** * Creates a new thread to use for comments * * @param int $forumid - The forum to create the thread in * @param int $node - The node to associate with the thread * @return int - The id of the new thread */ protected function createAssociatedThread($forumid, $node) { $foruminfo = fetch_foruminfo($forumid); if (!$foruminfo) { return false; } $dataman =& datamanager_init('Thread_FirstPost', vB::$vbulletin, ERRTYPE_ARRAY, 'threadpost'); //$dataman->set('prefixid', $post['prefixid']); // set info $dataman->set_info('preview', ''); $dataman->set_info('parseurl', true); $dataman->set_info('posthash', ''); $dataman->set_info('forum', $foruminfo); $dataman->set_info('thread', array()); $dataman->set_info('show_title_error', false); // set options $dataman->set('showsignature', true); $dataman->set('allowsmilie', false); // set data //title and message are needed for dupcheck later $title = new vB_Phrase('vbcms', 'comment_thread_title', htmlspecialchars_decode($node->getTitle())); $message = new vB_Phrase('vbcms', 'comment_thread_firstpost', $this->getPageURL()); $dataman->set('userid', $node->getUserId()); $dataman->set('title', $title); $dataman->set('pagetext', $message); $dataman->set('iconid', ''); $dataman->set('visible', 1); $dataman->setr('forumid', $foruminfo['forumid']); $errors = array(); // done! //($hook = vBulletinHook::fetch_hook('newpost_process')) ? eval($hook) : false; $dataman->pre_save(); $errors = array_merge($errors, $dataman->errors); vB_Cache::instance()->event($this->content->getCacheEvents()); if (sizeof($errors) > 0) { return false; } if (!($id = $dataman->save())) { throw (new vB_Exception_Content('Could not create comments thread for content')); } return $id; }
print_yes_no_row($vbphrase['enabled'], 'enabled', $podcast['enabled']); print_podcast_chooser($vbphrase['category'], 'categoryid', $podcast['categoryid']); print_input_row($vbphrase['media_author'] . '<dfn>' . construct_phrase($vbphrase['maximum_chars_x'], 255) . '</dfn>', 'author', $podcast['author']); print_input_row($vbphrase['owner_name'] . '<dfn>' . construct_phrase($vbphrase['maximum_chars_x'], 255), 'ownername', $podcast['ownername']); print_input_row($vbphrase['owner_email'] . '<dfn>' . construct_phrase($vbphrase['maximum_chars_x'], 255), 'owneremail', $podcast['owneremail']); print_input_row($vbphrase['image_url'], 'image', $podcast['image']); print_input_row($vbphrase['subtitle'] . '<dfn>' . construct_phrase($vbphrase['maximum_chars_x'], 255) . '</dfn>', 'subtitle', $podcast['subtitle']); print_textarea_row($vbphrase['keywords'] . '<dfn>' . construct_phrase($vbphrase['maximum_chars_x'], 255) . '</dfn>', 'keywords', $podcast['keywords'], 2, 40); print_textarea_row($vbphrase['summary'] . '<dfn>' . construct_phrase($vbphrase['maximum_chars_x'], 4000) . '</dfn>', 'summary', $podcast['summary'], 4, 40); print_yes_no_row($vbphrase['explicit'], 'explicit', $podcast['explicit']); print_submit_row($vbphrase['save']); } // ###################### Start add podcast ####################### if ($_POST['do'] == 'updatepodcast') { $vbulletin->input->clean_array_gpc('p', array('categoryid' => TYPE_UINT, 'explicit' => TYPE_BOOL, 'enabled' => TYPE_BOOL, 'author' => TYPE_STR, 'owneremail' => TYPE_STR, 'ownername' => TYPE_STR, 'image' => TYPE_STR, 'subtitle' => TYPE_STR, 'keywords' => TYPE_STR, 'summary' => TYPE_STR)); if (!($forum = fetch_foruminfo($vbulletin->GPC['forumid'], false))) { print_stop_message('invalid_forum_specified'); } require_once DIR . '/includes/adminfunctions_misc.php'; $category = fetch_podcast_categoryarray($vbulletin->GPC['categoryid']); $db->query_write("\r\n\t\tREPLACE INTO " . TABLE_PREFIX . "podcast (forumid, enabled, categoryid, category, author, image, explicit, keywords, owneremail, ownername, subtitle, summary)\r\n\t\tVALUES (\r\n\t\t\t{$forum['forumid']},\r\n\t\t\t" . intval($vbulletin->GPC['enabled']) . ",\r\n\t\t\t" . $vbulletin->GPC['categoryid'] . ",\r\n\t\t\t'" . $db->escape_string(serialize($category)) . "',\r\n\t\t\t'" . $db->escape_string($vbulletin->GPC['author']) . "',\r\n\t\t\t'" . $db->escape_string($vbulletin->GPC['image']) . "',\r\n\t\t\t" . intval($vbulletin->GPC['explicit']) . ",\r\n\t\t\t'" . $db->escape_string($vbulletin->GPC['keywords']) . "',\r\n\t\t\t'" . $db->escape_string($vbulletin->GPC['owneremail']) . "',\r\n\t\t\t'" . $db->escape_string($vbulletin->GPC['ownername']) . "',\r\n\t\t\t'" . $db->escape_string($vbulletin->GPC['subtitle']) . "',\r\n\t\t\t'" . $db->escape_string($vbulletin->GPC['summary']) . "'\r\n\t\t)\r\n\t"); build_forum_permissions(); define('CP_REDIRECT', 'forum.php?do=modify'); print_stop_message('updated_podcast_settings_successfully'); } print_cp_footer(); /*======================================================================*\ || #################################################################### || # Downloaded: 23:48, Wed Mar 24th 2010 || # CVS: $RCSfile$ - $Revision: 35469 $ || ####################################################################
function do_get_thread() { global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $vault, $vbphrase; $vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT, 'password' => TYPE_STR, 'signature' => TYPE_BOOL)); if (empty($threadinfo['threadid'])) { json_error(ERR_INVALID_THREAD); } $threadedmode = 0; $threadid = $vbulletin->GPC['threadid']; // Goto first unread post? if ($vbulletin->GPC['pagenumber'] == FR_LAST_POST) { $threadinfo = verify_id('thread', $threadid, 1, 1); if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $vbulletin->userinfo['lastvisit'] = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400); } else { if (($tview = intval(fetch_bbarray_cookie('thread_lastview', $threadid))) > $vbulletin->userinfo['lastvisit']) { $vbulletin->userinfo['lastvisit'] = $tview; } } $coventry = fetch_coventry('string'); $posts = $db->query_first("\n\t SELECT MIN(postid) AS postid\n\t FROM " . TABLE_PREFIX . "post\n\t WHERE threadid = {$threadinfo['threadid']}\n\t AND visible = 1\n\t AND dateline > " . intval($vbulletin->userinfo['lastvisit']) . "\n\t " . ($coventry ? "AND userid NOT IN ({$coventry})" : "") . "\n\t LIMIT 1\n\t"); if ($posts['postid']) { $postid = $posts['postid']; } else { $postid = $threadinfo['lastpostid']; } } // ********************************************************************************* // workaround for header redirect issue from forms with enctype in IE // (use a scrollIntoView javascript call in the <body> onload event) $onload = ''; // ********************************************************************************* // set $perpage $perpage = max(FR_MIN_PERPAGE, min($vbulletin->GPC['perpage'], FR_MAX_PERPAGE)); // FRNR //$perpage = sanitize_maxposts($vbulletin->GPC['perpage']); // ********************************************************************************* // set post order if ($vbulletin->userinfo['postorder'] == 0) { $postorder = ''; } else { $postorder = 'DESC'; } // ********************************************************************************* // get thread info $thread = verify_id('thread', $threadid, 1, 1); $threadinfo =& $thread; ($hook = vBulletinHook::fetch_hook('showthread_getinfo')) ? eval($hook) : false; // ********************************************************************************* // check for visible / deleted thread if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts') or $thread['isdeleted'] and !can_moderate($thread['forumid'])) { json_error(ERR_INVALID_THREAD); } // ********************************************************************************* // Tachy goes to coventry if (in_coventry($thread['postuserid']) and !can_moderate($thread['forumid'])) { json_error(ERR_INVALID_THREAD); } // FRNR Start // Check the forum password (set necessary cookies) if ($vbulletin->GPC['password'] && $foruminfo['password'] == $vbulletin->GPC['password']) { // set a temp cookie for guests if (!$vbulletin->userinfo['userid']) { set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password'])); } else { set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']), 1); } } // FRNR End // ********************************************************************************* // do word wrapping for the thread title if ($vbulletin->options['wordwrap'] != 0) { $thread['title'] = fetch_word_wrapped_string($thread['title']); } $thread['title'] = fetch_censored_text($thread['title']); $thread['meta_description'] = strip_bbcode(strip_quotes($thread['description']), false, true); $thread['meta_description'] = htmlspecialchars_uni(fetch_censored_text(fetch_trimmed_title($thread['meta_description'], 500, false))); // ********************************************************************************* // words to highlight from the search engine if (!empty($vbulletin->GPC['highlight'])) { $highlight = preg_replace('#\\*+#s', '*', $vbulletin->GPC['highlight']); if ($highlight != '*') { $regexfind = array('\\*', '\\<', '\\>'); $regexreplace = array('[\\w.:@*/?=]*?', '<', '>'); $highlight = preg_quote(strtolower($highlight), '#'); $highlight = explode(' ', $highlight); $highlight = str_replace($regexfind, $regexreplace, $highlight); foreach ($highlight as $val) { if ($val = trim($val)) { $replacewords[] = htmlspecialchars_uni($val); } } } } // ********************************************************************************* // make the forum jump in order to fill the forum caches $navpopup = array('id' => 'showthread_navpopup', 'title' => $foruminfo['title_clean'], 'link' => fetch_seo_url('thread', $threadinfo)); construct_quick_nav($navpopup); // ********************************************************************************* // get forum info $forum = fetch_foruminfo($thread['forumid']); $foruminfo =& $forum; // ********************************************************************************* // check forum permissions $forumperms = fetch_permissions($thread['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { json_error(ERR_NO_PERMISSION); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($thread['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { json_error(ERR_NO_PERMISSION); } // ********************************************************************************* // check if there is a forum password and if so, ensure the user has it set if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'])) { // FRNR json_error(ERR_NEED_PASSWORD, RV_NEED_FORUM_PASSWORD); } // verify that we are at the canonical SEO url // and redirect to this if not //verify_seo_url('thread|js', $threadinfo, array('pagenumber' => $_REQUEST['pagenumber'])); // ********************************************************************************* // jump page if thread is actually a redirect if ($thread['open'] == 10) { $destthreadinfo = fetch_threadinfo($threadinfo['pollid']); exec_header_redirect(fetch_seo_url('thread|js', $destthreadinfo, $pageinfo)); } // ********************************************************************************* // get ignored users $ignore = array(); if (trim($vbulletin->userinfo['ignorelist'])) { $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY); foreach ($ignorelist as $ignoreuserid) { $ignore["{$ignoreuserid}"] = 1; } } DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore))); // ********************************************************************************* // filter out deletion notices if can't be seen if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canseedelnotice'] or can_moderate($threadinfo['forumid'])) { $deljoin = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON(post.postid = deletionlog.primaryid AND deletionlog.type = 'post')"; } else { $deljoin = ''; } $show['viewpost'] = can_moderate($threadinfo['forumid']) ? true : false; $show['managepost'] = iif(can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts'), true, false); $show['approvepost'] = can_moderate($threadinfo['forumid'], 'canmoderateposts') ? true : false; $show['managethread'] = can_moderate($threadinfo['forumid'], 'canmanagethreads') ? true : false; $show['approveattachment'] = can_moderate($threadinfo['forumid'], 'canmoderateattachments') ? true : false; $show['inlinemod'] = (!$show['threadedmode'] and ($show['managethread'] or $show['managepost'] or $show['approvepost'])) ? true : false; $show['spamctrls'] = ($show['inlinemod'] and $show['managepost']); $url = $show['inlinemod'] ? SCRIPTPATH : ''; // build inline moderation popup if ($show['popups'] and $show['inlinemod']) { $threadadmin_imod_menu_post = vB_Template::create('threadadmin_imod_menu_post')->render(); } else { $threadadmin_imod_menu_post = ''; } // ********************************************************************************* // find the page that we should be on to display this post if (!empty($postid) and $threadedmode == 0) { $postinfo = verify_id('post', $postid, 1, 1); $threadid = $postinfo['threadid']; $getpagenum = $db->query_first("\n \t\tSELECT COUNT(*) AS posts\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tWHERE threadid = {$threadid} AND visible = 1\n \t\tAND dateline " . iif(!$postorder, '<=', '>=') . " {$postinfo['dateline']}\n \t"); $vbulletin->GPC['pagenumber'] = ceil($getpagenum['posts'] / $perpage); } // ********************************************************************************* // update views counter if ($vbulletin->options['threadviewslive']) { // doing it as they happen; for optimization purposes, this cannot use a DM! $db->shutdown_query("\n \t\tUPDATE " . TABLE_PREFIX . "thread\n \t\tSET views = views + 1\n \t\tWHERE threadid = " . intval($threadinfo['threadid'])); } else { // or doing it once an hour $db->shutdown_query("\n \t\tINSERT INTO " . TABLE_PREFIX . "threadviews (threadid)\n \t\tVALUES (" . intval($threadinfo['threadid']) . ')'); } // ********************************************************************************* // display ratings if enabled $show['rating'] = false; if ($forum['allowratings'] == 1) { if ($thread['votenum'] > 0) { $thread['voteavg'] = vb_number_format($thread['votetotal'] / $thread['votenum'], 2); $thread['rating'] = intval(round($thread['votetotal'] / $thread['votenum'])); if ($thread['votenum'] >= $vbulletin->options['showvotes']) { $show['rating'] = true; } } devdebug("threadinfo[vote] = {$threadinfo['vote']}"); if ($threadinfo['vote']) { $voteselected["{$threadinfo['vote']}"] = 'selected="selected"'; $votechecked["{$threadinfo['vote']}"] = 'checked="checked"'; } else { $voteselected[0] = 'selected="selected"'; $votechecked[0] = 'checked="checked"'; } } // ********************************************************************************* // set page number if ($vbulletin->GPC['pagenumber'] < 1) { $vbulletin->GPC['pagenumber'] = 1; } else { if ($vbulletin->GPC['pagenumber'] > ceil(($thread['replycount'] + 1) / $perpage)) { $vbulletin->GPC['pagenumber'] = ceil(($thread['replycount'] + 1) / $perpage); } } // ********************************************************************************* // initialise some stuff... $limitlower = ($vbulletin->GPC['pagenumber'] - 1) * $perpage; $limitupper = $vbulletin->GPC['pagenumber'] * $perpage; $counter = 0; if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400); } else { $threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid'])); if (!$threadview) { $threadview = $vbulletin->userinfo['lastvisit']; } } $threadinfo['threadview'] = intval($threadview); $displayed_dateline = 0; ################################################################################ ############################### SHOW POLL ###################################### ################################################################################ $poll = ''; if ($thread['pollid']) { $pollbits = ''; $counter = 1; $pollid = $thread['pollid']; $show['editpoll'] = iif(can_moderate($threadinfo['forumid'], 'caneditpoll'), true, false); // get poll info $pollinfo = $db->query_first_slave("\n \t\tSELECT *\n \t\tFROM " . TABLE_PREFIX . "poll\n \t\tWHERE pollid = {$pollid}\n \t"); require_once DIR . '/includes/class_bbcode.php'; $bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $pollinfo['question'] = $bbcode_parser->parse(unhtmlspecialchars($pollinfo['question']), $forum['forumid'], true); $splitoptions = explode('|||', $pollinfo['options']); $splitoptions = array_map('rtrim', $splitoptions); $splitvotes = explode('|||', $pollinfo['votes']); $showresults = 0; $uservoted = 0; if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canvote'])) { $nopermission = 1; } if (!$pollinfo['active'] or !$thread['open'] or $pollinfo['dateline'] + $pollinfo['timeout'] * 86400 < TIMENOW and $pollinfo['timeout'] != 0 or $nopermission) { //thread/poll is closed, ie show results no matter what $showresults = 1; } else { //get userid, check if user already voted $voted = intval(fetch_bbarray_cookie('poll_voted', $pollid)); if ($voted) { $uservoted = 1; } } ($hook = vBulletinHook::fetch_hook('showthread_poll_start')) ? eval($hook) : false; if ($pollinfo['timeout'] and !$showresults) { $pollendtime = vbdate($vbulletin->options['timeformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400); $pollenddate = vbdate($vbulletin->options['dateformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400); $show['pollenddate'] = true; } else { $show['pollenddate'] = false; } foreach ($splitvotes as $index => $value) { $pollinfo['numbervotes'] += $value; } if ($vbulletin->userinfo['userid'] > 0) { $pollvotes = $db->query_read_slave("\n \t\t\tSELECT voteoption\n \t\t\tFROM " . TABLE_PREFIX . "pollvote\n \t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . " AND pollid = {$pollid}\n \t\t"); if ($db->num_rows($pollvotes) > 0) { $uservoted = 1; } } if ($showresults or $uservoted) { if ($uservoted) { $uservote = array(); while ($pollvote = $db->fetch_array($pollvotes)) { $uservote["{$pollvote['voteoption']}"] = 1; } } } $left = vB_Template_Runtime::fetchStyleVar('left'); $right = vB_Template_Runtime::fetchStyleVar('right'); $option['open'] = $left[0]; $option['close'] = $right[0]; foreach ($splitvotes as $index => $value) { $arrayindex = $index + 1; $option['uservote'] = iif($uservote["{$arrayindex}"], true, false); $option['question'] = $bbcode_parser->parse($splitoptions["{$index}"], $forum['forumid'], true); // public link if ($pollinfo['public'] and $value) { $option['votes'] = '<a href="poll.php?' . $vbulletin->session->vars['sessionurl'] . 'do=showresults&pollid=' . $pollinfo['pollid'] . '">' . vb_number_format($value) . '</a>'; } else { $option['votes'] = vb_number_format($value); //get the vote count for the option } $option['number'] = $counter; //number of the option //Now we check if the user has voted or not if ($showresults or $uservoted) { // user did vote or poll is closed if ($value <= 0) { $option['percentraw'] = 0; } else { if ($pollinfo['multiple']) { $option['percentraw'] = $value < $pollinfo['voters'] ? $value / $pollinfo['voters'] * 100 : 100; } else { $option['percentraw'] = $value < $pollinfo['numbervotes'] ? $value / $pollinfo['numbervotes'] * 100 : 100; } } $option['percent'] = vb_number_format($option['percentraw'], 2); $option['graphicnumber'] = $option['number'] % 6 + 1; $option['barnumber'] = round($option['percent']) * 2; $option['remainder'] = 201 - $option['barnumber']; // Phrase parts below if ($nopermission) { $pollstatus = $vbphrase['you_may_not_vote_on_this_poll']; } else { if ($showresults) { $pollstatus = $vbphrase['this_poll_is_closed']; } else { if ($uservoted) { $pollstatus = $vbphrase['you_have_already_voted_on_this_poll']; } } } ($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false; $templater = vB_Template::create('pollresult'); $templater->register('names', $names); $templater->register('option', $option); $pollbits .= $templater->render(); } else { ($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false; if ($pollinfo['multiple']) { $templater = vB_Template::create('polloption_multiple'); $templater->register('option', $option); $pollbits .= $templater->render(); } else { $templater = vB_Template::create('polloption'); $templater->register('option', $option); $pollbits .= $templater->render(); } } $counter++; } if ($pollinfo['multiple']) { $pollinfo['numbervotes'] = $pollinfo['voters']; $show['multiple'] = true; } if ($pollinfo['public']) { $show['publicwarning'] = true; } else { $show['publicwarning'] = false; } $displayed_dateline = $threadinfo['lastpost']; ($hook = vBulletinHook::fetch_hook('showthread_poll_complete')) ? eval($hook) : false; if ($showresults or $uservoted) { $templater = vB_Template::create('pollresults_table'); $templater->register('pollbits', $pollbits); $templater->register('pollenddate', $pollenddate); $templater->register('pollendtime', $pollendtime); $templater->register('pollinfo', $pollinfo); $templater->register('pollstatus', $pollstatus); $poll = $templater->render(); } else { $templater = vB_Template::create('polloptions_table'); $templater->register('pollbits', $pollbits); $templater->register('pollenddate', $pollenddate); $templater->register('pollendtime', $pollendtime); $templater->register('pollinfo', $pollinfo); $poll = $templater->render(); } } // work out if quickreply should be shown or not if ($vbulletin->options['quickreply'] and !$thread['isdeleted'] and !is_browser('netscape') and $vbulletin->userinfo['userid'] and ($vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown'] or $vbulletin->userinfo['userid'] != $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']) and ($thread['open'] or can_moderate($threadinfo['forumid'], 'canopenclose')) and !fetch_require_hvcheck('post')) { $show['quickreply'] = true; } else { $show['quickreply'] = false; $show['wysiwyg'] = 0; $quickreply = ''; } $show['largereplybutton'] = (!$thread['isdeleted'] and !$show['threadedmode'] and $forum['allowposting'] and !$show['search_engine']); if (!$forum['allowposting']) { $show['quickreply'] = false; } $show['multiquote_global'] = ($vbulletin->options['multiquote'] and $vbulletin->userinfo['userid']); if ($show['multiquote_global']) { $vbulletin->input->clean_array_gpc('c', array('vbulletin_multiquote' => TYPE_STR)); $vbulletin->GPC['vbulletin_multiquote'] = explode(',', $vbulletin->GPC['vbulletin_multiquote']); } // post is cachable if option is enabled, last post is newer than max age, and this user // isn't showing a sessionhash $post_cachable = ($vbulletin->options['cachemaxage'] > 0 and TIMENOW - $vbulletin->options['cachemaxage'] * 60 * 60 * 24 <= $thread['lastpost'] and $vbulletin->session->vars['sessionurl'] == ''); $saveparsed = ''; $save_parsed_sigs = ''; ($hook = vBulletinHook::fetch_hook('showthread_post_start')) ? eval($hook) : false; ################################################################################ ####################### SHOW THREAD IN LINEAR MODE ############################# ################################################################################ if ($threadedmode == 0) { // allow deleted posts to not be counted in number of posts displayed on the page; // prevents issue with page count on forum display being incorrect $ids = array(); $lastpostid = 0; $hook_query_joins = $hook_query_where = ''; ($hook = vBulletinHook::fetch_hook('showthread_query_postids')) ? eval($hook) : false; if (empty($deljoin) and !$show['approvepost']) { $totalposts = $threadinfo['replycount'] + 1; if (can_moderate($thread['forumid'])) { $coventry = ''; } else { $coventry = fetch_coventry('string'); } $getpostids = $db->query_read("\n \t\t\tSELECT post.postid\n \t\t\tFROM " . TABLE_PREFIX . "post AS post\n \t\t\t{$hook_query_joins}\n \t\t\tWHERE post.threadid = {$threadid}\n \t\t\t\tAND post.visible = 1\n \t\t\t\t" . ($coventry ? "AND post.userid NOT IN ({$coventry})" : '') . "\n \t\t\t\t{$hook_query_where}\n \t\t\tORDER BY post.dateline {$postorder}\n \t\t\tLIMIT {$limitlower}, {$perpage}\n \t\t"); while ($post = $db->fetch_array($getpostids)) { if (!isset($qrfirstpostid)) { $qrfirstpostid = $post['postid']; } $qrlastpostid = $post['postid']; $ids[] = $post['postid']; } $db->free_result($getpostids); $lastpostid = $qrlastpostid; } else { $getpostids = $db->query_read("\n \t\t\tSELECT post.postid, post.visible, post.userid\n \t\t\tFROM " . TABLE_PREFIX . "post AS post\n \t\t\t{$hook_query_joins}\n \t\t\tWHERE post.threadid = {$threadid}\n \t\t\t\tAND post.visible IN (1\n \t\t\t\t" . (!empty($deljoin) ? ",2" : "") . "\n \t\t\t\t" . ($show['approvepost'] ? ",0" : "") . "\n \t\t\t\t)\n \t\t\t\t{$hook_query_where}\n \t\t\tORDER BY post.dateline {$postorder}\n \t\t"); $totalposts = 0; if ($limitlower != 0) { $limitlower++; } while ($post = $db->fetch_array($getpostids)) { if (!isset($qrfirstpostid)) { $qrfirstpostid = $post['postid']; } $qrlastpostid = $post['postid']; if ($post['visible'] == 1 and !in_coventry($post['userid']) and !$ignore[$post['userid']]) { $totalposts++; } if ($totalposts < $limitlower or $totalposts > $limitupper) { continue; } // remember, these are only added if they're going to be displayed $ids[] = $post['postid']; $lastpostid = $post['postid']; } $db->free_result($getpostids); } // '0' inside parenthesis in unlikely case we have no ids for this page // (this could happen if the replycount is wrong in the db) $postids = "post.postid IN (0" . implode(',', $ids) . ")"; // load attachments if ($thread['attach']) { require_once DIR . '/packages/vbattach/attach.php'; $attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post'); $postattach = $attach->fetch_postattach(0, $ids); } $hook_query_fields = $hook_query_joins = ''; ($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false; $posts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*, usertextfield.*,\n \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n \t\t\t" . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n \t\t\t{$deljoin}\n \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n \t\t\t{$hook_query_joins}\n \t\tWHERE {$postids}\n \t\tORDER BY post.dateline {$postorder}\n \t"); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { $vbulletin->options['attachthumbs'] = 0; } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { $vbulletin->options['viewattachedimages'] = 0; } $postcount = ($vbulletin->GPC['pagenumber'] - 1) * $perpage; if ($postorder) { // Newest first $postcount = $totalposts - $postcount + 1; } $counter = 0; $postbits = ''; $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->thread =& $thread; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); while ($post = $db->fetch_array($posts)) { if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) { continue; } if ($post['visible'] == 1 and !$tachyuser) { ++$counter; if ($postorder) { $post['postcount'] = --$postcount; } else { $post['postcount'] = ++$postcount; } } if ($tachyuser) { $fetchtype = 'post_global_ignore'; } else { if ($ignore["{$post['userid']}"]) { $fetchtype = 'post_ignore'; } else { if ($post['visible'] == 2) { $fetchtype = 'post_deleted'; } else { $fetchtype = 'post'; } } } if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) { $fetchtype = 'post'; } if ($fetchtype != 'post' && $fetchtype != 'post_deleted') { continue; } ($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false; $postbit_obj =& $postbit_factory->fetch_postbit($fetchtype); if ($fetchtype == 'post') { $postbit_obj->highlight =& $replacewords; } $postbit_obj->cachable = $post_cachable; $post['islastshown'] = $post['postid'] == $lastpostid; $post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1); $post['islastshown'] = $post['postid'] == $lastpostid; $post['attachments'] = $postattach["{$post['postid']}"]; $parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false); $postbits .= $postbit_obj->construct_postbit($post); // Only show after the first post, counter isn't incremented for deleted/moderated posts if ($post['isfirstshown']) { $postbits .= vB_Template::create('ad_showthread_firstpost')->render(); } if ($post_cachable and $post['pagetext_html'] == '') { if (!empty($saveparsed)) { $saveparsed .= ','; } $saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")"; } if (!empty($postbit_obj->sig_cache) and $post['userid']) { if (!empty($save_parsed_sigs)) { $save_parsed_sigs .= ','; } $save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")"; } // get first and last post ids for this page (for big reply buttons) if (!isset($FIRSTPOSTID)) { $FIRSTPOSTID = $post['postid']; } $LASTPOSTID = $post['postid']; if ($post['dateline'] > $displayed_dateline) { $displayed_dateline = $post['dateline']; if ($displayed_dateline <= $threadview) { $updatethreadcookie = true; } } // FRNR Start // find out if first post $getpost = $db->query_first("\n SELECT firstpostid\n FROM " . TABLE_PREFIX . "thread\n WHERE threadid = {$threadinfo['threadid']}\n "); $isfirstpost = $getpost['firstpostid'] == $post['postid']; $candelete = false; if ($isfirstpost and can_moderate($threadinfo['forumid'], 'canmanagethreads')) { $candelete = true; } else { if (!$isfirstpost and can_moderate($threadinfo['forumid'], 'candeleteposts')) { $candelete = true; } else { if (($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and !$isfirstpost or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $isfirstpost) and $vbulletin->userinfo['userid'] == $post['userid']) { $candelete = true; } } } // Get post date/time $postdate = vbdate($vbulletin->options['dateformat'], $post['dateline'], 1); $posttime = vbdate($vbulletin->options['timeformat'], $post['dateline']); $fr_images = array(); $docattach = array(); // Attachments (images). if (is_array($post['attachments']) && count($post['attachments']) > 0) { foreach ($post['attachments'] as $attachment) { $lfilename = strtolower($attachment['filename']); if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) { $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']); if ($vbulletin->options['attachthumbs']) { $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1'; } $fr_images[] = $tmp; } if (strpos($lfilename, '.pdf') !== false) { $docattach[] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']; } } } // Parse the post for quotes and inline images list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $post['allowsmilie'] && $usesmilies); if (count($fr_images) > 0) { $text .= "<br/>"; foreach ($fr_images as $attachment) { $text .= "<img src=\"{$attachment['img']}\"/>"; } } foreach ($images as $image) { $fr_images[] = array('img' => $image); } $avatarurl = ''; // Avatar work if ($post['avatarurl']) { $avatarurl = process_avatarurl($post['avatarurl']); } $tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'forum_title' => prepare_utf8_string($foruminfo['title_clean']), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'] ? (string) $post['posts'] : '0', 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'online' => fetch_online_status(fetch_userinfo($post['userid']), false), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images); if ($candelete) { $tmp['candelete'] = true; } // Soft Deleted if ($post['visible'] == 2) { $tmp['deleted'] = true; $tmp['del_username'] = prepare_utf8_string($post['del_username']); if ($post['del_reason']) { $tmp['del_reason'] = prepare_utf8_string($post['del_reason']); } } else { $tmp['text'] = $text; $tmp['quotable'] = $nuked_quotes; if ($post['editlink']) { $tmp['canedit'] = true; $tmp['edittext'] = prepare_utf8_string($post['pagetext']); } } if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } if (count($docattach) > 0) { $tmp['docattach'] = $docattach; } if ($vbulletin->GPC['signature']) { $sig = trim(remove_bbcode(strip_tags($post['signatureparsed']), true, true), '<a>'); $sig = str_replace(array("\t", "\r"), array('', ''), $sig); $sig = str_replace("\n\n", "\n", $sig); $tmp['sig'] = prepare_utf8_string($sig); } // Begin Support for Post Thanks Hack - http://www.vbulletin.org/forum/showthread.php?t=122944 if ($vbulletin->userinfo['userid'] && function_exists('post_thanks_off') && function_exists('can_thank_this_post') && function_exists('thanked_already') && function_exists('fetch_thanks')) { if (!post_thanks_off($thread['forumid'], $post, $thread['firstpostid'], THIS_SCRIPT)) { global $ids; if (can_thank_this_post($post, $thread['isdeleted'])) { $tmp['canlike'] = true; } if (thanked_already($post, 0, true)) { $tmp['likes'] = true; if (!$vbulletin->options['post_thanks_delete_own']) { $tmp['canlike'] = $tmp['likes'] = false; } } $thanks = fetch_thanks($post['postid']); $thank_users = array(); if (is_array($thanks)) { foreach ($thanks as $thank) { $thank_users[] = $thank['username']; } } if (count($thank_users)) { $tmp['likestext'] = prepare_utf8_string($vbphrase['fr_thanked_by'] . ': ' . join(', ', $thank_users)); $tmp['likesusers'] = join(', ', $thank_users); } } } // End Support for Post Thanks Hack $posts_out[] = $tmp; // FRNR End } $db->free_result($posts); unset($post); if ($postbits == '' and $vbulletin->GPC['pagenumber'] > 1) { $pageinfo = array('page' => $vbulletin->GPC['pagenumber'] - 1); if (!empty($vbulletin->GPC['perpage'])) { $pageinfo['pp'] = $perpage; } if (!empty($vbulletin->GPC['highlight'])) { $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']); } exec_header_redirect(fetch_seo_url('thread|js', $threadinfo, $pageinfo)); } DEVDEBUG("First Post: {$FIRSTPOSTID}; Last Post: {$LASTPOSTID}"); $pageinfo = array(); if ($vbulletin->GPC['highlight']) { $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']); } if (!empty($vbulletin->GPC['perpage'])) { $pageinfo['pp'] = $perpage; } $pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $totalposts, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo); if ($thread['lastpost'] > $threadview) { if ($firstnew) { $firstunread = fetch_seo_url('thread', $threadinfo, array('page' => $vbulletin->GPC['pagenumber'])) . '#post' . $firstnew; $show['firstunreadlink'] = true; } else { $firstunread = fetch_seo_url('thread', $threadinfo, array('goto' => 'newpost')); $show['firstunreadlink'] = true; } } else { $firstunread = ''; $show['firstunreadlink'] = false; } if ($vbulletin->userinfo['postorder']) { // disable ajax qr when displaying linear newest first $show['allow_ajax_qr'] = 0; } else { // only allow ajax on the last page of a thread when viewing oldest first $show['allow_ajax_qr'] = $vbulletin->GPC['pagenumber'] == ceil($totalposts / $perpage) ? 1 : 0; } ################################################################################ ################ SHOW THREAD IN THREADED OR HYBRID MODE ######################## ################################################################################ } else { // ajax qr doesn't work with threaded controls $show['allow_ajax_qr'] = 0; require_once DIR . '/includes/functions_threadedmode.php'; // save data $ipostarray = array(); $postarray = array(); $userarray = array(); $postparent = array(); $postorder = array(); $hybridposts = array(); $deletedparents = array(); $totalposts = 0; $links = ''; $cache_postids = ''; $hook_query_fields = $hook_query_joins = $hook_query_where = ''; ($hook = vBulletinHook::fetch_hook('showthread_query_postids_threaded')) ? eval($hook) : false; // get all posts $listposts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\t{$hook_query_joins}\n \t\tWHERE threadid = {$threadid}\n \t\t\t{$hook_query_where}\n \t\tORDER BY postid\n \t"); // $toppostid is the first post in the thread // $curpostid is the postid passed from the URL, or if not specified, the first post in the thread $ids = array(); while ($post = $db->fetch_array($listposts)) { if ($post['visible'] == 2 and !$deljoin or $post['visible'] == 0 and !$show['approvepost'] or in_coventry($post['userid']) and !can_moderate($thread['forumid'])) { $deletedparents["{$post['postid']}"] = iif(isset($deletedparents["{$post['parentid']}"]), $deletedparents["{$post['parentid']}"], $post['parentid']); continue; } if (empty($toppostid)) { $toppostid = $post['postid']; } if (empty($postid)) { if (empty($curpostid)) { $curpostid = $post['postid']; if ($threadedmode == 2 and empty($vbulletin->GPC['postid'])) { $vbulletin->GPC['postid'] = $curpostid; } $curpostparent = $post['parentid']; } } else { if ($post['postid'] == $postid) { $curpostid = $post['postid']; $curpostparent = $post['parentid']; } } $postparent["{$post['postid']}"] = $post['parentid']; $ipostarray["{$post['parentid']}"][] = $post['postid']; $postarray["{$post['postid']}"] = $post; $userarray["{$post['userid']}"] = $db->escape_string($post['username']); $totalposts++; $ids[] = $post['postid']; } $db->free_result($listposts); // hooks child posts up to new parent if actual parent has been deleted or hidden if (count($deletedparents) > 0) { foreach ($deletedparents as $dpostid => $dparentid) { if (is_array($ipostarray[$dpostid])) { foreach ($ipostarray[$dpostid] as $temppostid) { $postparent[$temppostid] = $dparentid; $ipostarray[$dparentid][] = $temppostid; $postarray[$temppostid]['parentid'] = $dparentid; } unset($ipostarray[$dpostid]); } if ($curpostparent == $dpostid) { $curpostparent = $dparentid; } } } unset($post, $listposts, $deletedparents); if ($thread['attach']) { require_once DIR . '/packages/vbattach/attach.php'; $attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post'); $postattach = $attach->fetch_postattach(0, $ids); } // get list of usernames from post list $userjs = ''; foreach ($userarray as $userid => $username) { if ($userid) { $userjs .= "pu[{$userid}] = \"" . addslashes_js($username) . "\";\n"; } } unset($userarray, $userid, $username); $parent_postids = fetch_post_parentlist($curpostid); if (!$parent_postids) { $currentdepth = 0; } else { $currentdepth = sizeof(explode(',', $parent_postids)); } sort_threaded_posts(); if (empty($curpostid)) { eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']))); } if ($threadedmode == 2) { $numhybrids = sizeof($hybridposts); if ($vbulletin->GPC['pagenumber'] < 1) { $vbulletin->GPC['pagenumber'] = 1; } $startat = ($vbulletin->GPC['pagenumber'] - 1) * $perpage; if ($startat > $numhybrids) { $vbulletin->GPC['pagenumber'] = 1; $startat = 0; } $endat = $startat + $perpage; for ($i = $startat; $i < $endat; $i++) { if (isset($hybridposts["{$i}"])) { if (!isset($FIRSTPOSTID)) { $FIRSTPOSTID = $hybridposts["{$i}"]; } $cache_postids .= ",{$hybridposts[$i]}"; $LASTPOSTID = $hybridposts["{$i}"]; } } $pageinfo = array('p' => $vbulletin->GPC['postid']); if ($vbulletin->GPC['highlight']) { $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']); } if (!empty($vbulletin->GPC['perpage'])) { $pageinfo['pp'] = $perpage; } $pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $numhybrids, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo); } else { $FIRSTPOSTID = $curpostid; $LASTPOSTID = $curpostid; // sort out which posts to cache: if (!$vbulletin->options['threaded_maxcache']) { $vbulletin->options['threaded_maxcache'] = 999999; } // cache $vbulletin->options['threaded_maxcache'] posts // take 0.25 from above $curpostid // and take 0.75 below if (sizeof($postorder) <= $vbulletin->options['threaded_maxcache']) { $startat = 0; } else { if ($curpostidkey + $vbulletin->options['threaded_maxcache'] * 0.75 > sizeof($postorder)) { $startat = sizeof($postorder) - $vbulletin->options['threaded_maxcache']; } else { if ($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25 < 0) { $startat = 0; } else { $startat = intval($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25); } } } unset($curpostidkey); foreach ($postorder as $postkey => $pid) { if ($postkey > $startat + $vbulletin->options['threaded_maxcache']) { break; } if ($postkey >= $startat and empty($morereplies["{$pid}"])) { $cache_postids .= ',' . $pid; } } // get next/previous posts for each post in the list // key: NAVJS[postid][0] = prev post, [1] = next post $NAVJS = array(); $prevpostid = 0; foreach ($postorder as $pid) { $NAVJS["{$pid}"][0] = $prevpostid; $NAVJS["{$prevpostid}"][1] = $pid; $prevpostid = $pid; } $NAVJS["{$toppostid}"][0] = $pid; //prev button for first post $NAVJS["{$pid}"][1] = $toppostid; //next button for last post $navjs = ''; foreach ($NAVJS as $pid => $info) { $navjs .= "pn[{$pid}] = \"{$info['0']},{$info['1']}\";\n"; } } unset($ipostarray, $postparent, $postorder, $NAVJS, $postid, $info, $prevpostid, $postkey); $cache_postids = substr($cache_postids, 1); if (empty($cache_postids)) { // umm... something weird happened. Just prevent an error. eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']))); } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; ($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false; $cacheposts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*, usertextfield.*,\n \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,') . "\n \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n \t\t\t" . iif($deljoin, "deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,") . "\n \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n \t\t\t{$deljoin}\n \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n \t\t\t{$hook_query_joins}\n \t\tWHERE post.postid IN (" . $cache_postids . ") {$hook_query_where}\n \t"); // re-initialise the $postarray variable $postarray = array(); while ($post = $db->fetch_array($cacheposts)) { $postarray["{$post['postid']}"] = $post; } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { $vbulletin->options['viewattachedimages'] = 0; $vbulletin->options['attachthumbs'] = 0; } // init $postcount = 0; $postbits = ''; $saveparsed = ''; $jspostbits = ''; $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->thread =& $thread; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); foreach (explode(',', $cache_postids) as $id) { // get the post from the post array if (!isset($postarray["{$id}"])) { continue; } $post = $postarray["{$id}"]; if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) { continue; } if ($tachyuser) { $fetchtype = 'post_global_ignore'; } else { if ($ignore["{$post['userid']}"]) { $fetchtype = 'post_ignore'; } else { if ($post['visible'] == 2) { $fetchtype = 'post_deleted'; } else { $fetchtype = 'post'; } } } if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) { $fetchtype = 'post'; } ($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false; $postbit_obj =& $postbit_factory->fetch_postbit($fetchtype); if ($fetchtype == 'post') { $postbit_obj->highlight =& $replacewords; } $postbit_obj->cachable = $post_cachable; $post['postcount'] = ++$postcount; $post['attachments'] =& $postattach["{$post['postid']}"]; $parsed_postcache = array('text' => '', 'images' => 1); $bgclass = 'alt2'; if ($threadedmode == 2) { $postbits .= $postbit_obj->construct_postbit($post); } else { $postbit = $postbit_obj->construct_postbit($post); if ($curpostid == $post['postid']) { $curpostdateline = $post['dateline']; $curpostbit = $postbit; } $postbit = preg_replace('#</script>#i', "<\\/scr' + 'ipt>", addslashes_js($postbit)); $jspostbits .= "pd[{$post['postid']}] = '{$postbit}';\n"; } // end threaded mode if ($post_cachable and $post['pagetext_html'] == '') { if (!empty($saveparsed)) { $saveparsed .= ','; } $saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "'," . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")"; } if (!empty($postbit_obj->sig_cache) and $post['userid']) { if (!empty($save_parsed_sigs)) { $save_parsed_sigs .= ','; } $save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")"; } if ($post['dateline'] > $displayed_dateline) { $displayed_dateline = $post['dateline']; if ($displayed_dateline <= $threadview) { $updatethreadcookie = true; } } } // end while ($post) $db->free_result($cacheposts); if ($threadedmode == 1) { $postbits = $curpostbit; } $templater = vB_Template::create('showthread_list'); $templater->register('curpostid', $curpostid); $templater->register('highlightwords', $highlightwords); $templater->register('jspostbits', $jspostbits); $templater->register('links', $links); $templater->register('navjs', $navjs); $templater->register('threadedmode', $threadedmode); $templater->register('userjs', $userjs); $threadlist = $templater->render(); unset($curpostbit, $post, $cacheposts, $parsed_postcache, $postbit); } ################################################################################ ########################## END LINEAR / THREADED ############################### ################################################################################ $effective_lastpost = max($displayed_dateline, $thread['lastpost']); // ********************************************************************************* //set thread last view if ($thread['pollid'] and $vbulletin->options['updatelastpost'] and ($displayed_dateline == $thread['lastpost'] or $threadview == $thread['lastpost']) and $pollinfo['lastvote'] > $thread['lastpost']) { $displayed_dateline = $pollinfo['lastvote']; } if ((!$vbulletin->GPC['posted'] or $updatethreadcookie) and $displayed_dateline and $displayed_dateline > $threadview) { mark_thread_read($threadinfo, $foruminfo, $vbulletin->userinfo['userid'], $displayed_dateline); } // FRNR Below fr_update_subsent($threadinfo['threadid'], $displayed_dateline); if (!is_array($posts_out)) { $posts_out = array(); } // Figure out if we can post $canpost = true; if ($threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) { $canpost = false; } if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) { $canpost = false; } if (!$threadinfo['open']) { if (!can_moderate($threadinfo['forumid'], 'canopenclose')) { $canpost = false; } } if (($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) { $canpost = false; } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and $vbulletin->userinfo['userid'] == $threadinfo['postuserid']) { $canpost = false; } $mod = 0; if (can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts')) { $mod |= MOD_DELETEPOST; } if (can_moderate($threadinfo['forumid'], 'canmanagethreads')) { if ($threadinfo['sticky']) { $mod |= MOD_UNSTICK; } else { $mod |= MOD_STICK; } } if ($threadinfo['visible'] != 2 and can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts') or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and ($vbulletin->options['edittimelimit'] == 0 or $threadinfo['dateline'] > TIMENOW - $vbulletin->options['edittimelimit'] * 60)) { $mod |= MOD_DELETETHREAD; } if (can_moderate($threadinfo['forumid'], 'canopenclose') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) { if ($threadinfo['open']) { $mod |= MOD_CLOSE; } else { $mod |= MOD_OPEN; } } if (can_moderate($threadinfo['forumid'], 'canmanagethreads') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canmove'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) { $mod |= MOD_MOVETHREAD; } if ($show['spamctrls']) { $mod |= MOD_SPAM_CONTROLS; } $out = array('posts' => $posts_out, 'total_posts' => $totalposts, 'page' => $vbulletin->GPC['pagenumber'], 'canpost' => $canpost ? 1 : 0, 'mod' => $mod, 'pollid' => $thread['pollid'], 'subscribed' => $threadinfo['issubscribed'] ? 1 : 0, 'title' => prepare_utf8_string($thread['title']), 'canattach' => $forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid']); if ($postid) { $out['gotopostid'] = $postid; } return $out; }
function editPost($edit) { global $vbulletin; $postinfo = fetch_postinfo($edit['postid']); $foruminfo = fetch_foruminfo($edit['forumid']); $threadinfo = fetch_threadinfo($edit['threadid']); $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost'); $threadman->set_existing($threadinfo); $threadman->set_info('forum', $foruminfo); $threadman->set_info('thread', $threadinfo); $threadman->set('title', $edit['title']); $threadman->set('prefixid', $edit['prefixid']); $threadman->save(); $postman =& datamanager_init('Post', $vbulletin, ERRTYPE_ARRAY, 'threadpost'); $postman->set_existing($postinfo); $postman->setr('title', $edit['title']); $postman->setr('pagetext', $edit['pagetext']); $postman->save(); }
} verify_forum_password($foruminfo['forumid'], $foruminfo['password']); if (trim($foruminfo['link']) != '') { exec_header_redirect($foruminfo['link'], true); } $title = "{$threadinfo['prefix_plain_html']} {$threadinfo['title']} [{$vbphrase['archive']}] " . ($p > 1 ? ' - ' . construct_phrase($vbphrase['page_x'], $p) : '') . " - {$title}"; $p = intval($p); $metatags = "<meta name=\"keywords\" content=\"{$threadinfo['prefix_plain_html']} {$threadinfo['title']}, " . $vbulletin->options['keywords'] . "\" />\n\t<meta name=\"description\" content=\"[{$vbphrase['archive']}] " . ($p > 1 ? construct_phrase($vbphrase['page_x'], $p) . " " : "") . "{$threadinfo['prefix_plain_html']} {$threadinfo['title']} {$foruminfo['title_clean']}\" />\n\t"; } else { if ($f) { $do = 'forum'; $forumperms = $vbulletin->userinfo['forumpermissions'][$f]; if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) { exit; } $foruminfo = fetch_foruminfo($f, false); if (trim($foruminfo['link']) != '') { // add session hash to local links if necessary if (preg_match('#^([a-z0-9_]+\\.php)(\\?.*$)?#i', $foruminfo['link'], $match)) { if ($match[2]) { // we have a ?xyz part, put session url at beginning if necessary $query_string = preg_replace('/([^a-z0-9])(s|sessionhash)=[a-z0-9]{32}(&|&)?/', '\\1', $match[2]); $foruminfo['link'] = $match[1] . '?' . $vbulletin->session->vars['sessionurl_js'] . substr($query_string, 1); } else { $foruminfo['link'] .= $vbulletin->session->vars['sessionurl_q']; } } exec_header_redirect($foruminfo['link'], true); } verify_forum_password($foruminfo['forumid'], $foruminfo['password']); $title = "{$foruminfo['title_clean']} [{$vbphrase['archive']}]" . ($p > 1 ? ' - ' . construct_phrase($vbphrase['page_x'], $p) : '') . " - {$title}";
if (!$postinfo['postid'] or $postinfo['isdeleted'] or !$postinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) { eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']))); } if (!$threadinfo['threadid'] or $threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) { eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink']))); } if ($vbulletin->options['wordwrap']) { $threadinfo['title'] = fetch_word_wrapped_string($threadinfo['title']); } // get permissions info $_permsgetter_ = 'edit post'; $forumperms = fetch_permissions($threadinfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { print_no_permission(); } $foruminfo = fetch_foruminfo($threadinfo['forumid'], false); // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); // need to get last post-type information cache_ordered_forums(1); // determine if we are allowed to be updating the thread's info $can_update_thread = ($threadinfo['firstpostid'] == $postinfo['postid'] and (can_moderate($threadinfo['forumid'], 'caneditthreads') or $postinfo['dateline'] + $vbulletin->options['editthreadtitlelimit'] * 60 > TIMENOW)); // ############################### start permissions checking ############################### if ($_REQUEST['do'] == 'deletepost') { // is post being deleted? if so check delete specific permissions if (!can_moderate($threadinfo['forumid'], 'candeleteposts')) { if (!$threadinfo['open']) { $vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$postinfo['threadid']}"; eval(print_standard_redirect('redirect_threadclosed')); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'])) {
/** * Collect parser options and misc data and fully parse the string into an HTML version * * @param string Unparsed text * @param int|str ID number of the forum whose parsing options should be used or a "special" string * @param bool Whether to allow smilies in this post (if the option is allowed) * @param bool Whether to parse the text as an image count check * @param string Preparsed text ([img] tags should not be parsed) * @param int Whether the preparsed text has images * @param bool Whether the parsed post is cachable * * @return string Parsed text */ function parse($text, $forumid = 0, $allowsmilie = true, $isimgcheck = false, $parsedtext = '', $parsedhasimages = 3, $cachable = false) { global $calendarinfo; $donl2br = true; if (empty($forumid)) { $forumid = 'nonforum'; } switch ($forumid) { // Parse Calendar case 'calendar': $dohtml = $calendarinfo['allowhtml']; $dobbcode = $calendarinfo['allowbbcode']; $dobbimagecode = $calendarinfo['allowimgcode']; $dosmilies = $calendarinfo['allowsmilies']; break; // parse private message // parse private message case 'privatemessage': $dohtml = $this->registry->options['privallowhtml']; $dobbcode = $this->registry->options['privallowbbcode']; $dobbimagecode = $this->registry->options['privallowbbimagecode']; $dosmilies = $this->registry->options['privallowsmilies']; break; // parse user note // parse user note case 'usernote': $dohtml = $this->registry->options['unallowhtml']; $dobbcode = $this->registry->options['unallowvbcode']; $dobbimagecode = $this->registry->options['unallowimg']; $dosmilies = $this->registry->options['unallowsmilies']; break; // parse signature // parse signature case 'signature': if (!empty($this->parse_userinfo['permissions'])) { $dohtml = $this->parse_userinfo['permissions']['signaturepermissions'] & $this->registry->bf_ugp_signaturepermissions['allowhtml']; $dobbcode = $this->parse_userinfo['permissions']['signaturepermissions'] & $this->registry->bf_ugp_signaturepermissions['canbbcode']; $dobbimagecode = $this->parse_userinfo['permissions']['signaturepermissions'] & $this->registry->bf_ugp_signaturepermissions['allowimg']; $dosmilies = $this->parse_userinfo['permissions']['signaturepermissions'] & $this->registry->bf_ugp_signaturepermissions['allowsmilies']; break; } // else fall through to nonforum // parse non-forum item // else fall through to nonforum // parse non-forum item case 'nonforum': $dohtml = $this->registry->options['allowhtml']; $dobbcode = $this->registry->options['allowbbcode']; $dobbimagecode = $this->registry->options['allowbbimagecode']; $dosmilies = $this->registry->options['allowsmilies']; break; // parse announcement // parse announcement case 'announcement': global $post; $dohtml = $post['announcementoptions'] & $this->registry->bf_misc_announcementoptions['allowhtml']; if ($dohtml) { $donl2br = false; } $dobbcode = $post['announcementoptions'] & $this->registry->bf_misc_announcementoptions['allowbbcode']; $dobbimagecode = $post['announcementoptions'] & $this->registry->bf_misc_announcementoptions['allowbbcode']; $dosmilies = $allowsmilie; break; // parse visitor/group/picture message // parse visitor/group/picture message case 'visitormessage': case 'groupmessage': case 'picturecomment': case 'socialmessage': $dohtml = $this->registry->options['allowhtml']; $dobbcode = $this->registry->options['allowbbcode']; $dobbimagecode = true; // this tag can be disabled manually; leaving as true means old usages remain (as documented) $dosmilies = $this->registry->options['allowsmilies']; break; // parse forum item // parse forum item default: if (intval($forumid)) { $forum = fetch_foruminfo($forumid); $dohtml = $forum['allowhtml']; $dobbimagecode = $forum['allowimages']; $dosmilies = $forum['allowsmilies']; $dobbcode = $forum['allowbbcode']; } // else they'll basically just default to false -- saves a query in certain circumstances break; } if (!$allowsmilie) { $dosmilies = false; } ($hook = vBulletinHook::fetch_hook('bbcode_parse_start')) ? eval($hook) : false; if (!empty($parsedtext)) { if ($parsedhasimages) { return $this->handle_bbcode_img($parsedtext, $dobbimagecode, $parsedhasimages); } else { return $parsedtext; } } else { return $this->do_parse($text, $dohtml, $dosmilies, $dobbcode, $dobbimagecode, $donl2br, $cachable); } }
/** * Prepares the templates for a message editor * * @param string The text to be initially loaded into the editor * @param boolean Is the initial text HTML (rather than plain text or bbcode)? * @param mixed Forum ID of the forum into which we are posting. Special rules apply for values of 'privatemessage', 'usernote', 'calendar', 'announcement' and 'nonforum'. Can be an object of vB_Editor_Override as well. * @param boolean Allow smilies? * @param boolean Parse smilies in the text of the message? * @param boolean Allow attachments? * @param string Editor type - either 'fe' for full editor or 'qr' for quick reply * @param string Force the editor to use the specified value as its editorid, rather than making one up * @param array Information for the image popup * @param array Content type handled by this editor, used to set specific CSS * * @return string Editor ID */ function construct_edit_toolbar($text = '', $ishtml = false, $forumid = 0, $allowsmilie = true, $parsesmilie = true, $can_attach = false, $editor_type = 'fe', $force_editorid = '', $attachinfo = array(), $content = 'content') { // standard stuff global $vbulletin, $vbphrase, $show; // templates generated by this function global $messagearea, $smiliebox, $disablesmiliesoption, $checked, $vBeditTemplate; // misc stuff built by this function global $istyles; // counter for editorid static $editorcount = 0; if (is_object($forumid) and $forumid instanceof vB_Editor_Override) { $editor_override = $forumid; } else { $editor_override = null; } // determine what we can use // this was moved up here as I need the switch to determine if bbcode is enabled // to determine if a toolbar is usable if ($forumid == 'signature') { $sig_perms =& $vbulletin->userinfo['permissions']['signaturepermissions']; $sig_perms_bits =& $vbulletin->bf_ugp_signaturepermissions; $can_toolbar = $sig_perms & $sig_perms_bits['canbbcode'] ? true : false; $show['img_bbcode'] = $sig_perms & $sig_perms_bits['allowimg'] ? true : false; $show['font_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodefont'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_FONT) ? true : false; $show['size_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodesize'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_SIZE) ? true : false; $show['color_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodecolor'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_COLOR) ? true : false; $show['basic_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodebasic'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_BASIC) ? true : false; $show['align_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodealign'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_ALIGN) ? true : false; $show['list_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodelist'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_LIST) ? true : false; $show['code_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodecode'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_CODE) ? true : false; $show['html_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodehtml'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_HTML) ? true : false; $show['php_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodephp'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_PHP) ? true : false; $show['url_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodelink'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_URL) ? true : false; $show['quote_bbcode'] = $sig_perms & $sig_perms_bits['canbbcodequote'] ? true : false; } else { require_once DIR . '/includes/class_bbcode.php'; $show['font_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_FONT ? true : false; $show['size_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_SIZE ? true : false; $show['color_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_COLOR ? true : false; $show['basic_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_BASIC ? true : false; $show['align_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_ALIGN ? true : false; $show['list_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_LIST ? true : false; $show['code_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_CODE ? true : false; $show['html_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_HTML ? true : false; $show['php_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_PHP ? true : false; $show['url_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_URL ? true : false; $show['quote_bbcode'] = true; // can't disable this anywhere but in sigs } $ajax_extra = ''; $allow_custom_bbcode = true; if (empty($forumid)) { $forumid = 'nonforum'; } switch ($forumid) { case 'privatemessage': $can_toolbar = $vbulletin->options['privallowbbcode']; $show['img_bbcode'] = $vbulletin->options['privallowbbimagecode']; break; case 'calendar': global $calendarinfo; $can_toolbar = $calendarinfo['allowbbcode']; $show['img_bbcode'] = $calendarinfo['allowimgcode']; $ajax_extra = "calendarid={$calendarinfo['calendarid']}"; break; case 'announcement': $can_toolbar = true; $show['img_bbcode'] = true; break; case 'signature': // see above -- these are handled earlier break; case 'visitormessage': case 'groupmessage': case 'picturecomment': switch ($forumid) { case 'groupmessage': $allowedoption = $vbulletin->options['sg_allowed_bbcode']; break; case 'picturecomment': $allowedoption = $vbulletin->options['pc_allowed_bbcode']; break; default: $allowedoption = $vbulletin->options['vm_allowed_bbcode']; break; } $show['font_bbcode'] = ($show['font_bbcode'] and $allowedoption & ALLOW_BBCODE_FONT) ? true : false; $show['size_bbcode'] = ($show['size_bbcode'] and $allowedoption & ALLOW_BBCODE_SIZE) ? true : false; $show['color_bbcode'] = ($show['color_bbcode'] and $allowedoption & ALLOW_BBCODE_COLOR) ? true : false; $show['basic_bbcode'] = ($show['basic_bbcode'] and $allowedoption & ALLOW_BBCODE_BASIC) ? true : false; $show['align_bbcode'] = ($show['align_bbcode'] and $allowedoption & ALLOW_BBCODE_ALIGN) ? true : false; $show['list_bbcode'] = ($show['list_bbcode'] and $allowedoption & ALLOW_BBCODE_LIST) ? true : false; $show['code_bbcode'] = ($show['code_bbcode'] and $allowedoption & ALLOW_BBCODE_CODE) ? true : false; $show['html_bbcode'] = ($show['html_bbcode'] and $allowedoption & ALLOW_BBCODE_HTML) ? true : false; $show['php_bbcode'] = ($show['php_bbcode'] and $allowedoption & ALLOW_BBCODE_PHP) ? true : false; $show['url_bbcode'] = ($show['url_bbcode'] and $allowedoption & ALLOW_BBCODE_URL) ? true : false; $show['quote_bbcode'] = ($show['quote_bbcode'] and $allowedoption & ALLOW_BBCODE_QUOTE) ? true : false; $show['img_bbcode'] = $allowedoption & ALLOW_BBCODE_IMG ? true : false; $can_toolbar = ($show['font_bbcode'] or $show['size_bbcode'] or $show['color_bbcode'] or $show['basic_bbcode'] or $show['align_bbcode'] or $show['list_bbcode'] or $show['code_bbcode'] or $show['html_bbcode'] or $show['php_bbcode'] or $show['url_bbcode'] or $show['quote_bbcode'] or $show['img_bbcode']); $allow_custom_bbcode = $allowedoption & ALLOW_BBCODE_CUSTOM ? true : false; break; case 'nonforum': $can_toolbar = $vbulletin->options['allowbbcode']; $show['img_bbcode'] = $vbulletin->options['allowbbimagecode']; break; default: if ($editor_override) { $editor_settings = $editor_override->get_editor_settings(); $can_toolbar = $editor_settings['can_toolbar']; $allow_custom_bbcode = $editor_settings['allow_custom_bbcode']; // note: set $show variables directly as necessary in your get_editor_settings function } else { if (intval($forumid)) { $forum = fetch_foruminfo($forumid); $can_toolbar = $forum['allowbbcode']; $show['img_bbcode'] = $forum['allowimages']; } else { $can_toolbar = false; $show['img_bbcode'] = false; } } // Legacy Hook 'editor_toolbar_switch' Removed // break; } // set the editor mode if (isset($_REQUEST['wysiwyg'])) { // 2 = wysiwyg; 1 = standard if ($_REQUEST['wysiwyg']) { $vbulletin->userinfo['showvbcode'] = 2; } else { if ($vbulletin->userinfo['showvbcode'] == 0) { $vbulletin->userinfo['showvbcode'] = 0; } else { $vbulletin->userinfo['showvbcode'] = 1; } } } $toolbartype = $can_toolbar ? is_wysiwyg_compatible(-1, $editor_type) : 0; $show['wysiwyg_compatible'] = is_wysiwyg_compatible(2, $editor_type) == 2; $show['editor_toolbar'] = $toolbartype > 0; $templater = vB_Template::create('editor_toolbar_colors'); $colors = $templater->render(); switch ($editor_type) { case 'qr': if ($force_editorid == '') { $editorid = 'vB_Editor_QR'; } else { $editorid = $force_editorid; } $editor_height = 100; $editor_template_name = 'showthread_quickreply'; break; case 'qr_small': if ($force_editorid == '') { $editorid = 'vB_Editor_QR'; } else { $editorid = $force_editorid; } $editor_height = 60; $editor_template_name = 'showthread_quickreply'; break; case 'qr_pm': if ($force_editorid == '') { $editorid = 'vB_Editor_QR'; } else { $editorid = $force_editorid; } $editor_height = 120; $editor_template_name = 'pm_quickreply'; break; case 'qe': case 'qenr': if ($force_editorid == '') { $editorid = 'vB_Editor_QE'; } else { $editorid = $force_editorid; } $editor_height = 200; $editor_template_name = 'postbit_quickedit'; break; /* case 'qenr': if ($force_editorid == '') { $editorid = 'vB_Editor_QE'; } else { $editorid = $force_editorid; } $editor_height = 200; $editor_template_name = 'memberinfo_quickedit'; break; */ /* case 'qenr': if ($force_editorid == '') { $editorid = 'vB_Editor_QE'; } else { $editorid = $force_editorid; } $editor_height = 200; $editor_template_name = 'memberinfo_quickedit'; break; */ default: if ($editor_override) { $editorcount++; $editor_info = $editor_override->get_editor_type(array('force_editorid' => $force_editorid, 'editor_count' => $editorcount, 'editor_type' => $editor_type, 'toolbar_type' => $toolbartype)); $editorid = $editor_info['editor_id']; $editor_height = $editor_info['editor_height']; $editor_template_name = $editor_info['editor_template_name']; } else { if ($force_editorid == '') { $editorid = 'vB_Editor_' . str_pad(++$editorcount, 3, 0, STR_PAD_LEFT); } else { $editorid = $force_editorid; } // set the height of the editor based on the editor_height cookie if it exists $editor_height = $vbulletin->input->clean_gpc('c', 'editor_height', vB_Cleaner::TYPE_UINT); $editor_height = $editor_height > 100 ? $editor_height : 250; $editor_template_name = $toolbartype ? 'editor_toolbar_on' : 'editor_toolbar_off'; } break; } // init the variables used by the templates built by this function $vBeditJs = array('normalmode' => 'false'); $vBeditTemplate = array('clientscript' => '', 'fontfeedback' => '', 'sizefeedback' => '', 'smiliepopup' => ''); $extrabuttons = ''; // Legacy Hook 'editor_toolbar_start' Removed // // show a post editing toolbar of some sort if ($show['editor_toolbar']) { if ($can_attach) { $show['attach'] = true; } // get extra buttons... experimental at the moment $extrabuttons = construct_editor_extra_buttons($editorid, $allow_custom_bbcode); if ($toolbartype == 2 or defined('VB_API') and VB_API === true) { // got to parse the message to be displayed from bbcode into HTML if ($text !== '') { if ($editor_override) { $newpost['message'] = $editor_override->parse_for_wysiwyg($text, array('allowsmilies' => $allowsmilie and $parsesmilie, 'ishtml' => $ishtml)); } else { require_once DIR . '/includes/functions_wysiwyg.php'; $newpost['message'] = parse_wysiwyg_html($text, $ishtml, $forumid, iif($allowsmilie and $parsesmilie, 1, 0)); } } else { $newpost['message'] = ''; } $newpost['message'] = htmlspecialchars($newpost['message']); if (defined('VB_API') and VB_API === true) { if ($ishtml) { $newpost['message_bbcode'] = convert_wysiwyg_html_to_bbcode($text); } else { $newpost['message_bbcode'] = $text; } } } else { $newpost['message'] = $text; // set mode based on cookie set by javascript /*$vbulletin->input->clean_gpc('c', COOKIE_PREFIX . 'vbcodemode', vB_Cleaner::TYPE_INT); $modechecked[$vbulletin->GPC[COOKIE_PREFIX . 'vbcodemode']] = 'checked="checked"';*/ } } else { // do not show a post editing toolbar $newpost['message'] = $text; } // disable smilies option and clickable smilie $show['smiliebox'] = false; $smiliebox = ''; $smiliepopup = ''; $disablesmiliesoption = ''; if ($editor_type == 'qr' or $editor_type == 'qr_small') { // no smilies } else { if ($allowsmilie and $show['editor_toolbar']) { // deal with disable smilies option if (!isset($checked['disablesmilies'])) { $vbulletin->input->clean_gpc('r', 'disablesmilies', vB_Cleaner::TYPE_BOOL); $checked['disablesmilies'] = iif($vbulletin->GPC['disablesmilies'], 'checked="checked"'); } $templater = vB_Template::create('newpost_disablesmiliesoption'); $templater->register('checked', $checked); $disablesmiliesoption = $templater->render(); if ($toolbartype and $vbulletin->options['wysiwyg_smtotal'] > 0) { // query smilies $smilies = $vbulletin->db->query_read_slave("\n\t\t\t\tSELECT smilieid, smilietext, smiliepath, smilie.title,\n\t\t\t\t\timagecategory.title AS category\n\t\t\t\tFROM " . TABLE_PREFIX . "smilie AS smilie\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "imagecategory AS imagecategory USING(imagecategoryid)\n\t\t\t\tORDER BY imagecategory.displayorder, imagecategory.title, smilie.displayorder\n\t\t\t"); // get total number of smilies $totalsmilies = $vbulletin->db->num_rows($smilies); if ($totalsmilies > 0) { if ($vbulletin->options['wysiwyg_smtotal'] > 0) { $show['wysiwygsmilies'] = true; // smilie dropdown menu $i = 0; while ($smilie = $vbulletin->db->fetch_array($smilies)) { if ($prevcategory != $smilie['category']) { $prevcategory = $smilie['category']; $templater = vB_Template::create('editor_smilie_category'); $templater->register('smilie', $smilie); $smiliepopup .= $templater->render(); } if ($i++ < $vbulletin->options['wysiwyg_smtotal']) { $templater = vB_Template::create('editor_smilie_row'); $templater->register('smilie', $smilie); $smiliepopup .= $templater->render(); } else { $show['moresmilies'] = true; break; } } } else { $show['wysiwygsmilies'] = false; } $vbulletin->db->free_result($smilies); } } } } // Legacy Hook 'editor_toolbar_end' Removed // $templater = vB_Template::create('editor_clientscript'); $templater->register('vBeditJs', $vBeditJs); $templater->register('attachinfo', $attachinfo); $values = ''; if (!empty($attachinfo['values'])) { foreach ($attachinfo['values'] as $key => $value) { $values .= "\n\t\t\t\t\t{$key}: '" . addslashes_js($value) . "',\n\t\t\t\t"; } } $templater->register('values', $values); $vBeditTemplate['clientscript'] = $templater->render(); $ajax_extra = addslashes_js($ajax_extra); $editortype = $toolbartype == 2 ? 1 : 0; $show['is_wysiwyg_editor'] = intval($editortype); $templater = vB_Template::create($editor_template_name); $templater->register('extrabuttons', $extrabuttons); $templater->register('ajax_extra', $ajax_extra); $templater->register('editorid', $editorid); $templater->register('editortype', $editortype); $templater->register('editor_height', $editor_height); $templater->register('forumid', $editor_override ? $editor_override->get_parse_type() : $forumid); $templater->register('istyles', $istyles); $templater->register('newpost', $newpost); $templater->register('parsesmilie', $parsesmilie); $templater->register('smiliebox', $smiliebox); $templater->register('vBeditTemplate', $vBeditTemplate); $templater->register('fontnames', $fontnames); $templater->register('fontsizes', $fontsizes); $templater->register('colors', $colors); $templater->register('smiliepopup', $smiliepopup); $templater->register('attachinfo', $attachinfo); $templater->register('content', $content); $messagearea = $templater->render(); return $editorid; }
$dohtml = $vbulletin->options['privallowhtml']; break; case 'usernote': $dohtml = $vbulletin->options['unallowhtml']; break; case 'nonforum': $dohtml = $vbulletin->options['allowhtml']; break; case 'signature': $dohtml = ($vbulletin->userinfo['permissions']['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['allowhtml']); break; default: if (intval($vbulletin->GPC['parsetype'])) { $parsetype = intval($vbulletin->GPC['parsetype']); $foruminfo = fetch_foruminfo($parsetype); $dohtml = $foruminfo['allowhtml']; break; } else { $dohtml = false; } ($hook = vBulletinHook::fetch_hook('editor_switch_wysiwyg_to_standard')) ? eval($hook) : false; } $xml->add_tag('message', process_replacement_vars(convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $dohtml))); } $xml->print_xml(); }
/** * Collect parser options and misc data and fully parse the string into an HTML version * * @param string Unparsed text * @param int|str ID number of the forum whose parsing options should be used or a "special" string * @param bool Whether to allow smilies in this post (if the option is allowed) * @param bool Whether to parse the text as an image count check * @param string Preparsed text ([img] tags should not be parsed) * @param int Whether the preparsed text has images * @param bool Whether the parsed post is cachable * @param string Switch for dealing with nl2br * * @return string Parsed text */ public function parse($text, $forumid = 0, $allowsmilie = true, $isimgcheck = false, $parsedtext = '', $parsedhasimages = 3, $cachable = false, $htmlstate = null) { $this->forumid = $forumid; $donl2br = true; if (empty($forumid)) { $forumid = 'nonforum'; } switch ($forumid) { case 'calendar': case 'privatemessage': case 'usernote': case 'visitormessage': case 'groupmessage': case 'picturecomment': case 'socialmessage': $dohtml = $this->defaultOptions[$forumid]['dohtml']; $dobbcode = $this->defaultOptions[$forumid]['dobbcode']; $dobbimagecode = $this->defaultOptions[$forumid]['dobbimagecode']; $dosmilies = $this->defaultOptions[$forumid]['dosmilies']; break; // parse signature // parse signature case 'signature': if (!empty($this->parseUserinfo['permissions'])) { $dohtml = $this->parseUserinfo['permissions']['signaturepermissions'] & $this->registry->bf_ugp_signaturepermissions['allowhtml']; $dobbcode = $this->parseUserinfo['permissions']['signaturepermissions'] & $this->registry->bf_ugp_signaturepermissions['canbbcode']; $dobbimagecode = $this->parseUserinfo['permissions']['signaturepermissions'] & $this->registry->bf_ugp_signaturepermissions['allowimg']; $dosmilies = $this->parseUserinfo['permissions']['signaturepermissions'] & $this->registry->bf_ugp_signaturepermissions['allowsmilies']; break; } // else fall through to nonforum // parse non-forum item // else fall through to nonforum // parse non-forum item case 'nonforum': $dohtml = $this->defaultOptions['nonforum']['dohtml']; $dobbcode = $this->defaultOptions['nonforum']['dobbcode']; $dobbimagecode = $this->defaultOptions['nonforum']['dobbimagecode']; $dosmilies = $this->defaultOptions['nonforum']['dosmilies']; break; // parse announcement // parse announcement case 'announcement': global $post; $dohtml = $post['announcementoptions'] & $this->registry->bf_misc_announcementoptions['allowhtml']; if ($dohtml) { $donl2br = false; } $dobbcode = $post['announcementoptions'] & $this->registry->bf_misc_announcementoptions['allowbbcode']; $dobbimagecode = $post['announcementoptions'] & $this->registry->bf_misc_announcementoptions['allowbbcode']; $dosmilies = $allowsmilie; break; // parse forum item // parse forum item default: if (intval($forumid)) { $forum = fetch_foruminfo($forumid); $dohtml = $forum['allowhtml']; $dobbimagecode = $forum['allowimages']; $dosmilies = $forum['allowsmilies']; $dobbcode = $forum['allowbbcode']; } // else they'll basically just default to false -- saves a query in certain circumstances break; } if (!$allowsmilie) { $dosmilies = false; } // Legacy Hook 'bbcode_parse_start' Removed // if (!empty($parsedtext)) { if ($parsedhasimages) { return $this->handle_bbcode_img($parsedtext, $dobbimagecode, $parsedhasimages); } else { return $parsedtext; } } else { return $this->doParse($text, $dohtml, $dosmilies, $dobbcode, $dobbimagecode, $donl2br, $cachable, $htmlstate); } }
($hook = vBulletinHook::fetch_hook('infraction_start')) ? eval($hook) : false; // ######################### VERIFY POST OR USER ######################## if ($postinfo['postid']) { $infractioninfo = $db->query_first_slave("\n\t\tSELECT inf.*, user.username, user2.username AS actionusername\n\t\tFROM " . TABLE_PREFIX . "infraction AS inf\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (inf.whoadded = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user2 ON (inf.actionuserid = user2.userid)\n\t\tWHERE postid = {$postinfo['postid']}\n\t\tORDER BY inf.dateline DESC\n\t\tLIMIT 1\n\t"); $userinfo = fetch_userinfo($postinfo['userid']); } else { if ($vbulletin->GPC['infractionid']) { if (!($infractioninfo = $db->query_first_slave("\n\t\tSELECT inf.*, user.username, user2.username AS actionusername\n\t\tFROM " . TABLE_PREFIX . "infraction AS inf\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (inf.whoadded = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user2 ON (inf.actionuserid = user2.userid)\n\t\tWHERE infractionid = " . $vbulletin->GPC['infractionid'] . "\n\t"))) { eval(standard_error(fetch_error('invalidid', $vbphrase['infraction'], $vbulletin->options['contactuslink']))); } if ($infractioninfo['postid']) { // this infraction belongs to a post $postinfo = $threadinfo = $foruminfo = array(); if ($postinfo = fetch_postinfo($infractioninfo['postid'])) { if ($threadinfo = fetch_threadinfo($postinfo['threadid'])) { $foruminfo = fetch_foruminfo($threadinfo['forumid']); } } } $userinfo = fetch_userinfo($infractioninfo['userid']); } else { if ($vbulletin->GPC['userid']) { $userinfo = verify_id('user', $vbulletin->GPC['userid'], 0, 1, 15); if (!$userinfo['userid']) { eval(standard_error(fetch_error('invalidid', $vbphrase['user'], $vbulletin->options['contactuslink']))); } } else { eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']))); } } }
$navbits = construct_navbits(array('' => $vbphrase['user_control_panel'])); eval('$navbar = "' . fetch_template('navbar') . '";'); eval('print_output("' . fetch_template('USERCP_SHELL') . '");'); } // ########################################################################### // ########################### UPDATE SUBSCRIPTIONS ########################## // ########################################################################### if ($_REQUEST['action'] == "updatesubs") { if (!$vbulletin->userinfo['userid']) { print_no_permission(); } //get a list of all the forum ID's $tables = $db->query_read("\r\n\t\tSELECT forumid\r\n\t\tFROM " . TABLE_PREFIX . "forum\r\n\t"); //scan through the list to perform the subscription action while ($curr_forum = $db->fetch_array($tables)) { //get full forum info $curr_forum = fetch_foruminfo($curr_forum['forumid'], false); //if the user has permission to view the given forum, and if forum is postable... if ($perms = fetch_permissions($curr_forum["forumid"]) and $perms & $vbulletin->bf_ugp_forumpermissions['canview'] and $curr_forum["cancontainthreads"]) { $vbulletin->input->clean_gpc('r', 'forumid' . $curr_forum['forumid'], TYPE_UINT); $new_sublevel = $vbulletin->GPC["forumid" . $curr_forum["forumid"]]; if ($new_sublevel == 0) { $db->query_write("\r\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "subscribeforum\r\n\t\t\t\tWHERE userid = '" . $vbulletin->userinfo['userid'] . "'\r\n\t\t\t\tAND forumid = '" . $curr_forum['forumid'] . "'"); } else { $db->query_write("\r\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribeforum (userid, emailupdate, forumid)\r\n\t\t\t\t\tVALUES ('" . $vbulletin->userinfo['userid'] . "', '" . $new_sublevel . "', '" . $curr_forum['forumid'] . "')\r\n\t\t\t\t"); } } } $vbulletin->url = "subscribeforums.php"; eval(print_standard_redirect('ei_sub_forums_updated', true, true)); }
($hook = vBulletinHook::fetch_hook('visitor_message_getip')) ? eval($hook) : false; eval(standard_error(fetch_error('thread_displayip', long2ip($messageinfo['ipaddress']), htmlspecialchars_uni($messageinfo['hostaddress'])), '', 0)); } // ############################### start report ############################### if ($_REQUEST['do'] == 'report' OR $_POST['do'] == 'sendemail') { require_once(DIR . '/includes/class_reportitem.php'); if (!$vbulletin->userinfo['userid']) { print_no_permission(); } $reportthread = ($rpforumid = $vbulletin->options['rpforumid'] AND $rpforuminfo = fetch_foruminfo($rpforumid)); $reportemail = ($vbulletin->options['enableemail'] AND $vbulletin->options['rpemail']); if (!$reportthread AND !$reportemail) { eval(standard_error(fetch_error('emaildisabled'))); } $reportobj = new vB_ReportItem_VisitorMessage($vbulletin); $reportobj->set_extrainfo('user', $userinfo); $perform_floodcheck = $reportobj->need_floodcheck(); if ($perform_floodcheck) { $reportobj->perform_floodcheck_precommit(); }
/** * Marks a forum, its child forums and all contained posts as read * * @param integer Forum ID to be marked as read - leave blank to mark all forums as read * * @return array Array of affected forum IDs */ function mark_forums_read($forumid = false) { global $vbulletin; $db =& $vbulletin->db; $return_url = $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']; $return_phrase = 'markread'; $return_forumids = array(); if (!$forumid) { if ($vbulletin->userinfo['userid']) { // init user data manager $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD); $userdata->set_existing($vbulletin->userinfo); $userdata->set('lastactivity', TIMENOW); $userdata->set('lastvisit', TIMENOW - 1); $userdata->save(); if ($vbulletin->options['threadmarking']) { $query = ''; foreach ($vbulletin->forumcache as $fid => $finfo) { // mark the forum and all child forums read $query .= ", ({$fid}, " . $vbulletin->userinfo['userid'] . ", " . TIMENOW . ")"; } if ($query) { $query = substr($query, 2); $db->query_write("\n\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "forumread\n\t\t\t\t\t\t\t(forumid, userid, readtime)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t{$query}\n\t\t\t\t\t"); } } } else { vbsetcookie('lastvisit', TIMENOW); } $return_forumids = array_keys($vbulletin->forumcache); } else { // temp work around code, I need to find another way to mass set some values to the cookie $vbulletin->input->clean_gpc('c', COOKIE_PREFIX . 'forum_view', TYPE_STR); global $bb_cache_forum_view; $bb_cache_forum_view = @unserialize(convert_bbarray_cookie($vbulletin->GPC[COOKIE_PREFIX . 'forum_view'])); require_once DIR . '/includes/functions_misc.php'; $childforums = fetch_child_forums($forumid, 'ARRAY'); $return_forumids = $childforums; $return_forumids[] = $forumid; if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $query = "({$forumid}, " . $vbulletin->userinfo['userid'] . ", " . TIMENOW . ")"; foreach ($childforums as $child_forumid) { // mark the forum and all child forums read $query .= ", ({$child_forumid}, " . $vbulletin->userinfo['userid'] . ", " . TIMENOW . ")"; } $db->query_write("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "forumread\n\t\t\t\t\t(forumid, userid, readtime)\n\t\t\t\tVALUES\n\t\t\t\t\t{$query}\n\t\t\t"); require_once DIR . '/includes/functions_bigthree.php'; $foruminfo = fetch_foruminfo($forumid); $parent_marks = mark_forum_read($foruminfo, $vbulletin->userinfo['userid'], TIMENOW); if (is_array($parent_marks)) { $return_forumids = array_unique(array_merge($return_forumids, $parent_marks)); } } else { foreach ($childforums as $child_forumid) { // mark the forum and all child forums read $bb_cache_forum_view["{$child_forumid}"] = TIMENOW; } set_bbarray_cookie('forum_view', $forumid, TIMENOW); } if ($vbulletin->forumcache["{$forumid}"]['parentid'] == -1) { $return_url = $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']; } else { $return_url = 'forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . 'f=' . $vbulletin->forumcache["{$forumid}"]['parentid']; } $return_phrase = 'markread_single'; } return array('url' => $return_url, 'phrase' => $return_phrase, 'forumids' => $return_forumids); }
/** * Verifies permissions to attach content to posts * * @param array Contenttype information - bypass reading environment settings * * @return boolean */ public function verify_permissions($info = array()) { global $show; if ($info) { $this->values['postid'] = $info['postid']; $this->values['threadid'] = $info['threadid']; $this->values['forumid'] = $info['forumid']; } else { $this->values['postid'] = intval($this->values['p']) ? intval($this->values['p']) : intval($this->values['postid']); $this->values['threadid'] = intval($this->values['t']) ? intval($this->values['t']) : intval($this->values['threadid']); $this->values['forumid'] = intval($this->values['f']) ? intval($this->values['f']) : intval($this->values['forumid']); } if ($this->values['postid']) { if (!($this->postinfo = fetch_postinfo($this->values['postid']))) { return false; } $this->values['threadid'] = $this->postinfo['threadid']; } if ($this->values['threadid']) { if (!($this->threadinfo = fetch_threadinfo($this->values['threadid']))) { return false; } $this->values['forumid'] = $this->threadinfo['forumid']; } if ($this->values['forumid'] and !($this->foruminfo = fetch_foruminfo($this->values['forumid']))) { return false; } if (!$this->foruminfo and !$this->threadinfo and !($this->postinfo and $this->values['editpost'])) { return false; } $forumperms = fetch_permissions($this->foruminfo['forumid']); // No permissions to post attachments in this forum or no permission to view threads in this forum. if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canpostattachment']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canview']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'])) { return false; } if (!$this->postinfo and !$this->foruminfo['allowposting'] or $this->foruminfo['link'] or !$this->foruminfo['cancontainthreads']) { return false; } if ($this->threadinfo) { if ($this->threadinfo['isdeleted'] or !$this->threadinfo['visible'] and !can_moderate($this->threadinfo['forumid'], 'canmoderateposts')) { return false; } if (!$this->threadinfo['open']) { if (!can_moderate($this->threadinfo['forumid'], 'canopenclose')) { return false; } } if ($this->registry->userinfo['userid'] != $this->threadinfo['postuserid'] and (!($forumperms & $this->registry->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canreplyothers']))) { return false; } // don't call this part on editpost.php (which will have a $postid) if (!$this->postinfo and !($forumperms & $this->registry->bf_ugp_forumpermissions['canreplyown']) and $this->registry->userinfo['userid'] == $this->threadinfo['postuserid']) { return false; } } else { if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canpostnew'])) { return false; } } if ($this->postinfo) { if (!can_moderate($this->threadinfo['forumid'], 'caneditposts')) { if (!($forumperms & $this->registry->bf_ugp_forumpermissions['caneditpost'])) { return false; } else { if ($this->registry->userinfo['userid'] != $this->postinfo['userid']) { // check user owns this post return false; } else { // check for time limits if ($this->postinfo['dateline'] < TIMENOW - $this->registry->options['edittimelimit'] * 60 and $this->registry->options['edittimelimit']) { return false; } } } } $this->contentid = $this->postinfo['postid']; $this->userinfo = fetch_userinfo($this->postinfo['userid']); cache_permissions($this->userinfo, true); } else { $this->userinfo = $this->registry->userinfo; } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($this->foruminfo['forumid'], $this->foruminfo['password'], false); if (!$this->foruminfo['allowposting']) { $show['attachoption'] = false; $show['forumclosed'] = true; } return true; }
/** * Sends Thread subscription Notifications * * @param integer The Thread ID * @param integer The User ID making the Post * @param integer The Post ID of the new post * */ function exec_send_notification($threadid, $userid, $postid) { // $threadid = threadid to send from; // $userid = userid of who made the post // $postid = only sent if post is moderated -- used to get username correctly global $vbulletin, $message, $postusername; if (!$vbulletin->options['enableemail']) { return; } // include for fetch_phrase require_once DIR . '/includes/functions_misc.php'; $threadinfo = fetch_threadinfo($threadid); $foruminfo = fetch_foruminfo($threadinfo['forumid']); // get last reply time if ($postid) { $dateline = $vbulletin->db->query_first("\n\t\t\tSELECT dateline, pagetext\n\t\t\tFROM " . TABLE_PREFIX . "post\n\t\t\tWHERE postid = {$postid}\n\t\t"); $pagetext_orig = $dateline['pagetext']; $lastposttime = $vbulletin->db->query_first("\n\t\t\tSELECT MAX(dateline) AS dateline\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tWHERE threadid = {$threadid}\n\t\t\t\tAND dateline < {$dateline['dateline']}\n\t\t\t\tAND visible = 1\n\t\t"); } else { $lastposttime = $vbulletin->db->query_first("\n\t\t\tSELECT MAX(postid) AS postid, MAX(dateline) AS dateline\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tWHERE threadid = {$threadid}\n\t\t\t\tAND visible = 1\n\t\t"); $pagetext = $vbulletin->db->query_first("\n\t\t\tSELECT pagetext\n\t\t\tFROM " . TABLE_PREFIX . "post\n\t\t\tWHERE postid = {$lastposttime['postid']}\n\t\t"); $pagetext_orig = $pagetext['pagetext']; unset($pagetext); } $threadinfo['title'] = unhtmlspecialchars($threadinfo['title']); $foruminfo['title_clean'] = unhtmlspecialchars($foruminfo['title_clean']); $temp = $vbulletin->userinfo['username']; if ($postid) { $postinfo = fetch_postinfo($postid); $vbulletin->userinfo['username'] = unhtmlspecialchars($postinfo['username']); } else { $vbulletin->userinfo['username'] = unhtmlspecialchars(!$vbulletin->userinfo['userid'] ? $postusername : $vbulletin->userinfo['username']); } require_once DIR . '/includes/class_bbcode_alt.php'; $plaintext_parser =& new vB_BbCodeParser_PlainText($vbulletin, fetch_tag_list()); $pagetext_cache = array(); // used to cache the results per languageid for speed $mod_emails = fetch_moderator_newpost_emails('newpostemail', $foruminfo['parentlist'], $language_info); ($hook = vBulletinHook::fetch_hook('newpost_notification_start')) ? eval($hook) : false; $useremails = $vbulletin->db->query_read_slave("\n\t\tSELECT user.*, subscribethread.emailupdate, subscribethread.subscribethreadid\n\t\tFROM " . TABLE_PREFIX . "subscribethread AS subscribethread\n\t\tINNER JOIN " . TABLE_PREFIX . "user AS user ON (subscribethread.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup ON (usergroup.usergroupid = user.usergroupid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON (usertextfield.userid = user.userid)\n\t\tWHERE subscribethread.threadid = {$threadid} AND\n\t\t\tsubscribethread.emailupdate IN (1, 4) AND\n\t\t\tsubscribethread.canview = 1 AND\n\t\t\t" . ($userid ? "CONCAT(' ', IF(usertextfield.ignorelist IS NULL, '', usertextfield.ignorelist), ' ') NOT LIKE '% " . intval($userid) . " %' AND" : '') . "\n\t\t\tuser.usergroupid <> 3 AND\n\t\t\tuser.userid <> " . intval($userid) . " AND\n\t\t\tuser.lastactivity >= " . intval($lastposttime['dateline']) . " AND\n\t\t\t(usergroup.genericoptions & " . $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'] . ")\n\t"); vbmail_start(); $evalemail = array(); while ($touser = $vbulletin->db->fetch_array($useremails)) { if (!($vbulletin->usergroupcache["{$touser['usergroupid']}"]['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'])) { continue; } else { if (in_array($touser['email'], $mod_emails)) { // this user already received an email about this post via // a new post email for mods -- don't send another continue; } } $touser['username'] = unhtmlspecialchars($touser['username']); $touser['languageid'] = iif($touser['languageid'] == 0, $vbulletin->options['languageid'], $touser['languageid']); $touser['auth'] = md5($touser['userid'] . $touser['subscribethreadid'] . $touser['salt'] . COOKIE_SALT); if (empty($evalemail)) { $email_texts = $vbulletin->db->query_read_slave("\n\t\t\t\tSELECT text, languageid, fieldname\n\t\t\t\tFROM " . TABLE_PREFIX . "phrase\n\t\t\t\tWHERE fieldname IN ('emailsubject', 'emailbody') AND varname = 'notify'\n\t\t\t"); while ($email_text = $vbulletin->db->fetch_array($email_texts)) { $emails["{$email_text['languageid']}"]["{$email_text['fieldname']}"] = $email_text['text']; } require_once DIR . '/includes/functions_misc.php'; foreach ($emails as $languageid => $email_text) { // lets cycle through our array of notify phrases $text_message = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailbody']), $emails['-1']['emailbody'], $email_text['emailbody']))); $text_message = replace_template_variables($text_message); $text_subject = str_replace("\\'", "'", addslashes(iif(empty($email_text['emailsubject']), $emails['-1']['emailsubject'], $email_text['emailsubject']))); $text_subject = replace_template_variables($text_subject); $evalemail["{$languageid}"] = ' $message = "' . $text_message . '"; $subject = "' . $text_subject . '"; '; } } // parse the page text into plain text, taking selected language into account if (!isset($pagetext_cache["{$touser['languageid']}"])) { $plaintext_parser->set_parsing_language($touser['languageid']); $pagetext_cache["{$touser['languageid']}"] = $plaintext_parser->parse($pagetext_orig, $foruminfo['forumid']); } $pagetext = $pagetext_cache["{$touser['languageid']}"]; if ($threadinfo['prefixid']) { // need prefix in correct language $threadinfo['prefix_plain'] = fetch_phrase("prefix_{$threadinfo['prefixid']}_title_plain", 'global', '', false, true, $touser['languageid'], false) . ' '; } else { $threadinfo['prefix_plain'] = ''; } ($hook = vBulletinHook::fetch_hook('newpost_notification_message')) ? eval($hook) : false; eval(iif(empty($evalemail["{$touser['languageid']}"]), $evalemail["-1"], $evalemail["{$touser['languageid']}"])); if ($touser['emailupdate'] == 4 and !empty($touser['icq'])) { // instant notification by ICQ $touser['email'] = $touser['icq'] . '@pager.icq.com'; } vbmail($touser['email'], $subject, $message); } unset($plaintext_parser, $pagetext_cache); $vbulletin->userinfo['username'] = $temp; vbmail_end(); }
/** * Reads some context based on general input information */ public function read_input_context() { global $vbulletin; parent::read_input_context(); global $postinfo, $threadinfo, $foruminfo, $pollinfo; global $postid, $threadid, $forumid, $pollid; $vbulletin->input->clean_array_gpc('r', array('postid' => vB_Cleaner::TYPE_UINT, 'threadid' => vB_Cleaner::TYPE_UINT, 'forumid' => vB_Cleaner::TYPE_INT, 'pollid' => vB_Cleaner::TYPE_UINT)); $codestyleid = 0; // Init post/thread/forum values $postinfo = array(); $threadinfo = array(); $foruminfo = array(); // automatically query $postinfo, $threadinfo & $foruminfo if $threadid exists if ($vbulletin->GPC['postid'] and $postinfo = verify_id('post', $vbulletin->GPC['postid'], 0, 1)) { $postid = $postinfo['postid']; $vbulletin->GPC['threadid'] = $postinfo['threadid']; } // automatically query $threadinfo & $foruminfo if $threadid exists if ($vbulletin->GPC['threadid'] and $threadinfo = verify_id('thread', $vbulletin->GPC['threadid'], 0, 1)) { $threadid = $threadinfo['threadid']; $vbulletin->GPC['forumid'] = $forumid = $threadinfo['forumid']; if ($forumid) { $foruminfo = fetch_foruminfo($threadinfo['forumid']); if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) { $codestyleid = $foruminfo['styleid']; } } if ($vbulletin->GPC['pollid']) { $pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1); $pollid = $pollinfo['pollid']; } } else { if ($vbulletin->GPC['forumid']) { $foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 0, 1); $forumid = $foruminfo['forumid']; if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) { $codestyleid = $foruminfo['styleid']; } } else { if ($vbulletin->GPC['pollid'] and THIS_SCRIPT == 'poll') { $pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1); $pollid = $pollinfo['pollid']; $threadinfo = fetch_threadinfo($pollinfo['threadid']); $threadid = $threadinfo['threadid']; $foruminfo = fetch_foruminfo($threadinfo['forumid']); $forumid = $foruminfo['forumid']; if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) { $codestyleid = $foruminfo['styleid']; } } } } // ############################################################################# // Redirect if this forum has a link // check if this forum is a link to an outside site if (!empty($foruminfo['link']) and trim($foruminfo['link']) != '' and (THIS_SCRIPT != 'subscription' or $_REQUEST['do'] != 'removesubscription')) { // get permission to view forum $_permsgetter_ = 'forumdisplay'; $forumperms = fetch_permissions($foruminfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) { print_no_permission(); } // add session hash to local links if necessary if (preg_match('#^([a-z0-9_]+\\.php)(\\?.*$)?#i', $foruminfo['link'], $match)) { if ($match[2]) { // we have a ?xyz part, put session url at beginning if necessary $query_string = preg_replace('/([^a-z0-9])(s|sessionhash)=[a-z0-9]{32}(&|&)?/', '\\1', $match[2]); $foruminfo['link'] = $match[1] . '?' . vB::getCurrentSession()->get('sessionurl_js') . substr($query_string, 1); } else { $foruminfo['link'] .= vB::getCurrentSession()->get('sessionurl_q'); } } exec_header_redirect($foruminfo['link'], 301); } $this->force_styleid = $codestyleid; }