/** * Returns the maximum compatible editor mode depending on permissions, options and browser * * @param integer The requested editor mode (-1 = user default, 0 = simple textarea, 1 = standard editor controls, 2 = wysiwyg controls) * @param string Editor type (full = 'fe', quick reply = 'qr') * * @return integer The maximum possible mode (0, 1, 2) */ function is_wysiwyg_compatible($userchoice = -1, $editormode = 'fe') { global $vbulletin; // Netscape 4... don't even bother to check user choice as the toolbars won't work if (is_browser('netscape') or is_browser('webtv')) { return 0; } // check for a standard setting if ($userchoice == -1) { $userchoice = $vbulletin->userinfo['showvbcode']; } // unserialize the option if we need to if (!is_array($vbulletin->options['editormodes_array'])) { $vbulletin->options['editormodes_array'] = unserialize($vbulletin->options['editormodes']); } // make sure we have a valid editor mode to check switch ($editormode) { case 'fe': case 'qr': case 'qe': break; default: $editormode = 'fe'; } // check board options for toolbar permissions if ($userchoice > $vbulletin->options['editormodes_array']["{$editormode}"]) { $choice = $vbulletin->options['editormodes_array']["{$editormode}"]; } else { $choice = $userchoice; } // Legacy Hook 'editor_wysiwyg_compatible' Removed // if ($choice == 2) { if (!is_browser('opera') or is_browser('opera', '9.0')) { // Check Mozilla Browsers if (is_browser('firebird', '0.6.1') or is_browser('camino', '0.9') or is_browser('mozilla', '20030312') and !is_browser('firebird') and !is_browser('camino')) { return 2; } else { if (is_browser('ie', '5.5') and !is_browser('mac')) { return 2; } else { if (false and is_browser('opera', '9.0')) { return 2; } else { return 1; } } } } else { // browser is incompatible - return standard toolbar return 1; } } else { // return standard or no toolbar return $choice; } }
/** * @param $browser * @param string $content * * @return bool|string */ function is_browser_shorcode($browser, $content = "") { $browser = shortcode_atts(array( 'name' => '', 'version' => '' ), $browser, 'is_browser'); if (is_browser($browser['name'], $browser['version'])) { return ($content); } else { return FALSE; } }
function construct_nav_option($title, $url) { // creates an <option> or <a href for the left-panel of index.php // (depending on value of $cpnavjs) // NOTE: '&' . $vbulletin->session->vars['sessionurl'] will be AUTOMATICALLY added to the URL - do not add to your link! global $vbulletin, $options; static $sessionlink, $bubblefix; if (!isset($options)) { $options = array(); if ($vbulletin->session->vars['sessionurl'] == '') { $sessionlink = ''; } else { $sessionlink = "&s=" . $vbulletin->session->vars['sessionhash']; } // only include the bubble-fix for IE - ignore when encountering the Konqueror/Safari event model if (is_browser('ie')) { $bubblefix = ' onclick="nobub()"'; } else { $bubblefix = ''; } } $options[] = "\t\t<div class=\"navlink-normal\" onclick=\"nav_goto('{$url}{$sessionlink}');\" onmouseover=\"this.className='navlink-hover';\" onmouseout=\"this.className='navlink-normal'\"><a href=\"{$url}{$sessionlink}\"{$bubblefix}>{$title}</a></div>\n"; }
/** * Constructor. Sets up the tag list. * * @param vB_Registry Reference to registry object * @param array List of tags to parse * @param boolean Whether to append custom tags (they will not be parsed anyway) */ function vB_BbCodeParser_Wysiwyg(&$registry, $tag_list = array(), $append_custom_tags = true) { parent::vB_BbCodeParser($registry, $tag_list, $append_custom_tags); // change all unparsable tags to use the unparsable callback foreach ($this->unparsed_tags as $remove) { if (isset($this->tag_list['option']["{$remove}"])) { $this->tag_list['option']["{$remove}"]['callback'] = 'handle_wysiwyg_unparsable'; unset($this->tag_list['option']["{$remove}"]['html'], $this->tag_list['option']["{$remove}"]['strip_space_after']); } if (isset($this->tag_list['no_option']["{$remove}"])) { $this->tag_list['no_option']["{$remove}"]['callback'] = 'handle_wysiwyg_unparsable'; unset($this->tag_list['no_option']["{$remove}"]['html'], $this->tag_list['option']["{$remove}"]['strip_space_after']); } } // make the "pre" tags use the correct handler foreach (array('code', 'php', 'html') as $pre_tag) { if (isset($this->tag_list['no_option']["{$pre_tag}"])) { $this->tag_list['no_option']["{$pre_tag}"]['callback'] = 'handle_preformatted_tag'; unset($this->tag_list['no_option']["{$pre_tag}"]['html'], $this->tag_list['option']["{$pre_tag}"]['strip_space_after']); } } $this->type = is_browser('ie') ? 'ie' : 'moz_css'; }
/** * Helper function for fetching the line end format. * * @return String 'win', 'unix', or 'mac' based on the user's browser.. */ function get_line_end_format() { if (is_browser('win')) { return 'win'; } elseif (is_browser('unix')) { return 'unix'; } elseif (is_browser('mac')) { return 'mac'; } else { return 'unix'; } }
function file_download($filestring, $filename, $filetype = 'application/octet-stream') { if (!isset($isIE)) { static $isIE; $isIE = iif(is_browser('ie') or is_browser('opera'), true, false); } if ($isIE and $filetype == 'application/octet-stream') { $filetype = 'application/octetstream'; } if (preg_match('~&#([0-9]+);~', $filename)) { if (function_exists('iconv')) { $filename = @iconv(vB_Template_Runtime::fetchStyleVar('charset'), 'UTF-8//IGNORE', $filename); } $filename = preg_replace_callback('~&#([0-9]+);~', 'convert_int_to_utf8_callback', $filename); $filename_charset = 'utf-8'; } else { $filename_charset = vB_Template_Runtime::fetchStyleVar('charset'); } $filename = preg_replace('#[\\r\\n]#', '', $filename); // Opera and IE have not a clue about this, mozilla puts on incorrect extensions. if (is_browser('mozilla')) { $filename = "filename*=" . $filename_charset . "''" . rawurlencode($filename); } else { // other browsers seem to want names in UTF-8 if ($filename_charset != 'utf-8' and function_exists('iconv')) { $filename = @iconv($filename_charset, 'UTF-8//IGNORE', $filename); } // Should just make this (!is_browser('ie')) if (is_browser('opera') or is_browser('konqueror') or is_browser('safari')) { // Opera / konqueror does not support encoded file names $filename = 'filename="' . str_replace('"', '', $filename) . '"'; } else { // encode the filename to stay within spec $filename = 'filename="' . rawurlencode($filename) . '"'; } } header('Content-Type: ' . $filetype); header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Content-Disposition: attachment; ' . $filename); header('Content-Length: ' . strlen($filestring)); header('Cache-Control: private, must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); echo $filestring; exit; }
{ $filename = "filename*=" . $filename_charset . "''" . rawurlencode($filename); } else { // other browsers seem to want names in UTF-8 if ($filename_charset != 'utf-8' AND function_exists('iconv')) { $filename_conv = iconv($filename_charset, 'UTF-8//IGNORE', $filename); if ($filename_conv !== false) { $filename = $filename_conv; } } if (is_browser('opera') OR is_browser('konqueror') OR is_browser('safari')) { // Opera / Konqueror does not support encoded file names $filename = 'filename="' . str_replace('"', '', $filename) . '"'; } else { // encode the filename to stay within spec $filename = 'filename="' . rawurlencode($filename) . '"'; } } if (in_array($extension, array('jpg', 'jpe', 'jpeg', 'gif', 'png'))) { header("Content-disposition: inline; $filename"); header('Content-transfer-encoding: binary');
/** * Prints a row containing template search javascript controls */ function print_template_javascript() { global $stylevar, $vbphrase, $vbulletin; print_phrase_ref_popup_javascript(); echo '<script type="text/javascript" src="../clientscript/vbulletin_templatemgr.js"></script>'; echo '<script type="text/javascript"> <!-- var textarea_id = "' . $vbulletin->textarea_id . '"; var vbphrase = { \'not_found\' : "' . fetch_js_safe_string($vbphrase['not_found']) . '" }; // --> </script> '; print_label_row(iif(is_browser('ie') or is_browser('mozilla', '20040707'), $vbphrase['search_in_template'], $vbphrase['additional_functions']), iif(is_browser('ie') or is_browser('mozilla', '1.7'), ' <input type="text" class="bginput" name="string" accesskey="t" value="' . htmlspecialchars_uni($vbulletin->GPC['searchstring']) . '" size="20" onChange="n=0;" tabindex="1" /> <input type="button" class="button" style="font-weight:normal" value=" ' . $vbphrase['find'] . ' " accesskey="f" onClick="findInPage(document.cpform.string.value);" tabindex="1" /> ') . '<input type="button" class="button" style="font-weight:normal" value=" ' . $vbphrase['copy'] . ' " accesskey="c" onclick="HighlightAll();" tabindex="1" /> <input type="button" class="button" style="font-weight:normal" value="' . $vbphrase['view_quickref'] . '" accesskey="v" onclick="js_open_phrase_ref(0, 0);" tabindex="1" /> '); }
/** * Handles a [quote] tag. Displays a string in an area indicating it was quoted from someone/somewhere else. * * @param string The body of the quote. * @param string If tag has option, the original user to post. * * @return string HTML representation of the tag. */ function handle_bbcode_quote($message, $username = '') { global $vbulletin, $vbphrase, $stylevar, $show; // remove smilies from username $username = $this->strip_smilies($username); if (preg_match('/^(.+)(?<!&#[0-9]{3}|&#[0-9]{4}|&#[0-9]{5});\\s*(\\d+)\\s*$/U', $username, $match)) { $username = $match[1]; $postid = $match[2]; } else { $postid = 0; } $username = $this->do_word_wrap($username); $show['username'] = iif($username != '', true, false); $message = $this->strip_front_back_whitespace($message, 1); if ($this->options['cachable'] == false) { $show['iewidthfix'] = (is_browser('ie') and !is_browser('ie', 6)); } else { // this post may be cached, so we can't allow this "fix" to be included in that cache $show['iewidthfix'] = false; } $template = $this->printable ? 'bbcode_quote_printable' : 'bbcode_quote'; eval('$html = "' . fetch_template($template) . '";'); return $html; }
require_once CWD . '/includes/init.php'; $vbulletin->input->clean_array_gpc('r', array('referrerid' => TYPE_UINT, 'postid' => TYPE_UINT, 'threadid' => TYPE_UINT, 'forumid' => TYPE_INT, 'pollid' => TYPE_UINT, 'a' => TYPE_STR, 'mode' => TYPE_STR, 'nojs' => TYPE_BOOL)); $vbulletin->input->clean_array_gpc('p', array('ajax' => TYPE_BOOL)); // ############################################################################# // turn off popups if they are not available to this browser if ($vbulletin->options['usepopups']) { if (is_browser('ie', 5) and !is_browser('mac') or is_browser('mozilla') or is_browser('firebird') or is_browser('opera', 7) or is_browser('webkit') or is_browser('konqueror', 3.2)) { // use popups } else { // don't use popups $vbulletin->options['usepopups'] = 0; } } // ############################################################################# // set a variable used by the spacer templates to detect IE versions less than 6 $show['old_explorer'] = (is_browser('ie') and !is_browser('ie', 6)); // ############################################################################# // read the list of collapsed menus from the 'vbulletin_collapse' cookie $vbcollapse = array(); if (!empty($vbulletin->GPC['vbulletin_collapse'])) { $val = preg_split('#\\n#', $vbulletin->GPC['vbulletin_collapse'], -1, PREG_SPLIT_NO_EMPTY); foreach ($val as $key) { $vbcollapse["collapseobj_{$key}"] = 'display:none;'; $vbcollapse["collapseimg_{$key}"] = '_collapsed'; $vbcollapse["collapsecel_{$key}"] = '_collapsed'; } unset($val); } // ############################################################################# // start server too busy $servertoobusy = false;
($hook = kleeja_run_hook('down_go_page')) ? eval($hook) : null; //run hook //start download ,, if (!is_readable($path_file)) { ($hook = kleeja_run_hook('down_file_not_exists')) ? eval($hook) : null; //run hook big_error('----', 'Error - can not open file.'); } if (!($size = @filesize($path_file))) { $size = $d_size; } $name = empty($rn) ? $n : $rn; if (is_browser('mozilla')) { $h_name = "filename*=UTF-8''" . rawurlencode(htmlspecialchars_decode($name)); } else { if (is_browser('opera, safari, konqueror')) { $h_name = 'filename="' . str_replace('"', '', htmlspecialchars_decode($name)) . '"'; } else { $h_name = 'filename="' . rawurlencode(htmlspecialchars_decode($name)) . '"'; } } //Figure out the MIME type (if not specified) $ext = array_pop(explode('.', $path_file)); $mime_type = get_mime_for_header($ext); if (@ob_get_length()) { @ob_end_clean(); } // required for IE, otherwise Content-Disposition may be ignored if (@ini_get('zlib.output_compression')) { @ini_set('zlib.output_compression', 'Off'); }
/** * Browser detection * returns whether or not the visiting browser is the one specified [part of kleeja style system] * i.e. is_browser('ie6') -> true or false * i.e. is_browser('ie, opera') -> true or false */ function is_browser($b) { //is there , which mean -OR- if (strpos($b, ',') !== false) { $e = explode(',', $b); foreach ($e as $n) { if (is_browser(trim($n))) { return true; } } return false; } //if no agent, let's take the worst case $u_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars((string) strtolower($_SERVER['HTTP_USER_AGENT'])) : (function_exists('getenv') ? getenv('HTTP_USER_AGENT') : ''); $t = trim(preg_replace('/[0-9.]/', '', $b)); $r = trim(preg_replace('/[a-z]/', '', $b)); $return = false; switch ($t) { case 'ie': $return = strpos($u_agent, trim('msie ' . $r)) !== false ? true : false; break; case 'firefox': $return = strpos(str_replace('/', ' ', $u_agent), trim('firefox ' . $r)) !== false ? true : false; break; case 'safari': $return = strpos($u_agent, trim('safari/' . $r)) !== false ? true : false; break; case 'chrome': $return = strpos($u_agent, trim('chrome ' . $r)) !== false ? true : false; break; case 'flock': $return = strpos($u_agent, trim('flock ' . $r)) !== false ? true : false; break; case 'opera': $return = strpos($u_agent, trim('opera ' . $r)) !== false ? true : false; break; case 'konqueror': $return = strpos($u_agent, trim('konqueror/' . $r)) !== false ? true : false; break; case 'mozilla': $return = strpos($u_agent, trim('gecko/' . $r)) !== false ? true : false; break; case 'webkit': $return = strpos($u_agent, trim('applewebkit/' . $r)) !== false ? true : false; break; /** * Mobile Phones are so popular those days, so we have to support them ... * This is still in our test lab. * @see http://en.wikipedia.org/wiki/List_of_user_agents_for_mobile_phones **/ /** * Mobile Phones are so popular those days, so we have to support them ... * This is still in our test lab. * @see http://en.wikipedia.org/wiki/List_of_user_agents_for_mobile_phones **/ case 'mobile': $mobile_agents = array('iPhone;', 'iPod;', 'iPad;', 'BlackBerry', 'Android', 'HTC', 'IEMobile', 'LG/', 'LG-', 'LGE-', 'MOT-', 'Nokia', 'SymbianOS', 'nokia_', 'PalmSource', 'webOS', 'SAMSUNG-', 'SEC-SGHU', 'SonyEricsson'); $return = false; foreach ($mobile_agents as $agent) { if (strpos($u_agent, $agent) !== false) { $return = true; break; } } break; } ($hook = kleeja_run_hook('is_browser_func')) ? eval($hook) : null; //run hook return $return; }
/** * Returns the maximum compatible editor mode depending on permissions, options and browser * * @param integer The requested editor mode (-1 = user default, 0 = simple textarea, 1 = standard editor controls, 2 = wysiwyg controls) * @param string Editor type (full = 'fe', quick reply = 'qr') * * @return integer The maximum possible mode (0, 1, 2) */ function is_wysiwyg_compatible($userchoice = -1, $editormode = 'fe') { global $vbulletin; // Netscape 4... don't even bother to check user choice as the toolbars won't work if (is_browser('netscape') OR is_browser('webtv')) { return 0; } // check for a standard setting if ($userchoice == -1) { $userchoice = $vbulletin->userinfo['showvbcode']; } // unserialize the option if we need to if (!is_array($vbulletin->options['editormodes_array'])) { $vbulletin->options['editormodes_array'] = unserialize($vbulletin->options['editormodes']); } // make sure we have a valid editor mode to check switch ($editormode) { case 'fe': case 'qr': case 'qe': break; default: $editormode = 'fe'; } // check board options for toolbar permissions if ($userchoice > $vbulletin->options['editormodes_array']["$editormode"]) { $choice = $vbulletin->options['editormodes_array']["$editormode"]; } else { $choice = $userchoice; } $hook_return = null; ($hook = vBulletinHook::fetch_hook('editor_wysiwyg_compatible')) ? eval($hook) : false; if ($hook_return !== null) { return $hook_return; } if ($choice == 2) // attempting to use WYSIWYG, check that we really can { if (!is_browser('opera') OR is_browser('opera', '9.0')) { // Check Mozilla Browsers if (is_browser('firebird', '0.6.1') OR is_browser('camino', '0.9') OR (is_browser('mozilla', '20030312') AND !is_browser('firebird') AND !is_browser('camino'))) { return 2; } else if (is_browser('ie', '5.5') AND !is_browser('mac')) { return 2; } else if (false AND is_browser('opera', '9.0')) { return 2; } else { return 1; } } else { // browser is incompatible - return standard toolbar return 1; } } else { // return standard or no toolbar return $choice; } }
/** * Cleans output to be parsed into the uri. * Setting $canonical is useful for creating redirect url's that cannot be * encoded for redirects. * * @param string $fragment * @param bool $canonical - Whether to encode for output * @return string */ public static function clean_fragment($fragment, $canonical = false) { global $vbulletin; if (class_exists('vBulletinHook', false)) { ($hook = vBulletinHook::fetch_hook('friendlyurl_clean_fragment')) ? eval($hook) : false; } // Convert to UTF-8 if (self::UNI_CONVERT == $vbulletin->options['friendlyurl_unicode']) { // convert to UTF-8 $fragment = to_utf8($fragment, $vbulletin->userinfo['lang_charset']); // convert NCRs $fragment = unhtmlspecialchars($fragment, true); } else { if (self::UNI_STRIP == $vbulletin->options['friendlyurl_unicode']) { // strip NCRs $fragment = stripncrs($fragment); } } // Remove url entities $fragment = self::clean_entities($fragment); // Prepare the URL for output if (!$canonical and self::UNI_CONVERT == $vbulletin->options['friendlyurl_unicode'] and 'UTF-8' != $vbulletin->userinfo['lang_charset']) { if (is_browser('ie')) { if ($vbulletin->options['friendlyurl_ncrencode']) { $fragment = ncrencode($fragment, true); } } else { $fragment = urlencode($fragment); } } else { if ($canonical and self::UNI_IGNORE == $vbulletin->options['friendlyurl_unicode']) { // ensure NCRs are converted $fragment = unhtmlspecialchars($fragment, true); } } return $fragment; }
); $messagearea = " <script type=\"text/javascript\"> <!-- var threaded_mode = $threadedmode; var require_click = $show[qr_require_click]; var is_last_page = $show[allow_ajax_qr]; // leave for people with cached JS files var allow_ajax_qr = $show[allow_ajax_qr]; var last_post_id = $LASTPOSTID; var ajax_last_post = " . intval($effective_lastpost) . "; // --> </script> $messagearea "; if (is_browser('mozilla') AND $show['wysiwyg'] == 2) { // Mozilla WYSIWYG can't have the QR collapse button, // so remove that and force QR to be expanded $show['quickreply_collapse'] = false; unset( $vbcollapse["collapseobj_quickreply"], $vbcollapse["collapseimg_quickreply"], $vbcollapse["collapsecel_quickreply"] ); } else { $show['quickreply_collapse'] = true; }
$navbits = construct_navbits($navbits); eval('$navbar = "' . fetch_template('navbar') . '";'); // ############################################################################# // setup $show variables $show['lightbox'] = ($vbulletin->options['lightboxenabled'] and $vbulletin->options['usepopups']); $show['search'] = (!$show['search_engine'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['cansearch'] and $vbulletin->options['enablesearches'] and ($vbulletin->userinfo['userid'] or !$vbulletin->options['hvcheck_search'] or !$vbulletin->options['hv_type'])); $show['subscribed'] = iif($threadinfo['issubscribed'], true, false); $show['threadrating'] = iif($forum['allowratings'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canthreadrate'], true, false); $show['ratethread'] = iif($show['threadrating'] and (!$threadinfo['vote'] or $vbulletin->options['votechange']), true, false); $show['closethread'] = iif($threadinfo['open'], true, false); $show['unstick'] = iif($threadinfo['sticky'], true, false); $show['reputation'] = ($vbulletin->options['reputationenable'] and $vbulletin->userinfo['userid'] and $vbulletin->userinfo['permissions']['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup']); // next/prev links don't work for search engines or non-lastpost sort orders $show['next_prev_links'] = (!$show['search_engine'] and ($foruminfo['defaultsortfield'] == 'lastpost' or !$foruminfo['defaultsortfield'])); // deals with this: http://www.vbulletin.com/forum/project.php?issueid=22750 - don't apply for IE < 7 $stylevar['margin_3px_fix'] = (!is_browser('ie') or is_browser('ie', 7)) ? 3 - $stylevar['cellpadding'] : 0; $pagenumber = $vbulletin->GPC['pagenumber']; if (!$show['threadrating'] or !$vbulletin->options['allowthreadedmode']) { $nodhtmlcolspan = 'colspan="2"'; } eval('$ad_location[\'ad_showthread_beforeqr\'] = "' . fetch_template('ad_showthread_beforeqr') . '";'); ($hook = vBulletinHook::fetch_hook('showthread_complete')) ? eval($hook) : false; // ############################################################################# // output page eval('print_output("' . fetch_template('SHOWTHREAD') . '");'); /*======================================================================*\ || #################################################################### || # Downloaded: 22:41, Fri Oct 10th 2008 || # CVS: $RCSfile$ - $Revision: 27544 $ || #################################################################### \*======================================================================*/
/** * Returns the HTML for multi-page navigation without a fully know result set * * This handles multipage navigation when we don't have a count for the * resultset. The follow things must be true for this logic to work correctly * * 1) $confirmedcount is less than or equal to the total number of results * 2) if $confirmedcount is not the total number of results, it must be at * least equal to the "count" of the last result displayed in the window. * * These assumptions allow us to display the window links knowing that they will * be valid without knowing the full extent of the result set. * * @see fetch_seo_url * @param integer Page number being displayed * @param integer Number of pages to show before and after current page * @param integer Number of items to be displayed per page * @param integer Number of items confirmed in the results * @param string Base address for links eg: showthread.php?t=99{&page=4} * @param string Ending portion of address for links * @param string The base link for seo urls (if this is used address will not be) * @param array Additonal object info for generating the seo urls * @param array Additonal page info for generating the seo urls * * @todo is it correct to include the pagenav hooks here? Do we need other hooks * to replace them? * @return string Page navigation HTML */ function construct_window_page_nav ( $pagenumber, $window, $perpage, $confirmedcount, $address, $address2 = '', $anchor = '', $seolink = '', $objectinfo = '', $pageinfo = '' ) { global $vbulletin, $vbphrase, $show; $curpage = 0; $pagenavarr = array(); $firstlink = ''; $prevlink = ''; $lastlink = ''; $nextlink = ''; if ($confirmedcount <= $perpage) { $show['pagenav'] = false; return ''; } $show['pagenav'] = true; $confirmedpages = ceil($confirmedcount / $perpage); //window style page navs don't permit "jump to end" logic $show['jumppage'] = false; $show['last'] = false; $show['prev'] = false; $show['next'] = false; $show['first'] = false; $bits = parse_url($address); $jumpaddress = $bits['path']; $querybits = explode('&', $bits['query'] . $address2); $hiddenfields = ''; if (!empty($querybits)) { foreach ($querybits AS $bit) { if ($bit) { $bitinfo = explode('=', $bit); $hiddenfields .= "<input type=\"hidden\" name=\"$bitinfo[0]\" value=\"$bitinfo[1]\" />"; } } } $hiddenfields .= "<input type=\"hidden\" name=\"s\" value=\"" . vB::$vbulletin->session->fetch_sessionhash() . "\" /> <input type=\"hidden\" name=\"securitytoken\" value=\"" . vB::$vbulletin->userinfo['securitytoken'] . "\" />"; if ($seolink) { $show['pagelinks'] = false; $use_qmark = 0; } else { $firstaddress = $prevaddress = $nextaddress = $lastaddress = $address; $show['pagelinks'] = true; $use_qmark = strpos($address, '?') ? 0 : 1; } if ($pagenumber > 1) { $prevpage = $pagenumber - 1; $prevnumbers = fetch_start_end_total_array($prevpage, $perpage, $confirmedcount); if ($seolink) { $pageinfo['page'] = $prevpage; $prevaddress = fetch_seo_url($seolink, $objectinfo, $pageinfo); } $show['prev'] = true; } if ($pagenumber < $confirmedpages) { $nextpage = $pagenumber + 1; if ($seolink) { $pageinfo['page'] = $nextpage; $nextaddress = fetch_seo_url($seolink, $objectinfo, $pageinfo); } $nextnumbers = fetch_start_end_total_array($nextpage, $perpage, $confirmedcount); $show['next'] = true; } if (($pagenumber - $window) > 1) { $firstnumbers = fetch_start_end_total_array(1, $perpage, $confirmedcount); if ($seolink) { unset($pageinfo['page']); $firstaddress = fetch_seo_url($seolink, $objectinfo, $pageinfo); } $show['first'] = true; } for ($curpage = ($pagenumber - $window); $curpage <= $pagenumber+$window AND $curpage <= $confirmedpages; $curpage++) { if ($curpage < 1) { continue; } else if ($curpage == $pagenumber) { $numbers = fetch_start_end_total_array($curpage, $perpage, $confirmedcount); $templater = vB_Template::create('pagenav_curpage_window'); $templater->register('curpage', $curpage); $templater->register('numbers', $numbers); $templater->register('use_qmark', $use_qmark); $templater->register('total', $total); $pagenavarr[] = $templater->render(); } else { if ($seolink) { $pageinfo['page'] = $curpage; $address = fetch_seo_url($seolink, $objectinfo, $pageinfo); $show['curpage'] = false; } else { $show['curpage'] = ($curpage != 1); } $pagenumbers = fetch_start_end_total_array($curpage, $perpage, $confirmedcount); $templater = vB_Template::create('pagenav_pagelink_window'); $templater->register('address', $address); $templater->register('address2', $address2); $templater->register('anchor', $anchor); $templater->register('curpage', $curpage); $templater->register('pagenumbers', $pagenumbers); $templater->register('total', $total); $templater->register('use_qmark', $use_qmark); $pagenavarr[] = $templater->render(); } } if (LANGUAGE_DIRECTION == 'rtl' AND (is_browser('ie') AND is_browser('ie') < 8)) { $pagenavarr = array_reverse($pagenavarr); } $pagenav = implode('', $pagenavarr); $templater = vB_Template::create('pagenav_window'); $templater->register('address2', $address2); $templater->register('anchor', $anchor); $templater->register('firstaddress', $firstaddress); $templater->register('firstnumbers', $firstnumbers); $templater->register('jumpaddress', $address); $templater->register('lastaddress', $lastaddress); $templater->register('lastnumbers', $lastnumbers); $templater->register('nextaddress', $nextaddress); $templater->register('nextnumbers', $nextnumbers); $templater->register('nextpage', $nextpage); $templater->register('pagenav', $pagenav); $templater->register('pagenumber', $pagenumber); $templater->register('prevaddress', $prevaddress); $templater->register('prevnumbers', $prevnumbers); $templater->register('prevpage', $prevpage); $templater->register('total', $total); $templater->register('totalpages', $confirmedpages); $templater->register('use_qmark', $use_qmark); $templater->register('hiddenfields', $hiddenfields); $pagenav = $templater->render(); return $pagenav; }
// get total members and newest member from template $numbermembers = vb_number_format($vbulletin->userstats['numbermembers']); $newuserinfo = array( 'userid' => $vbulletin->userstats['newuserid'], 'username' => $vbulletin->userstats['newusername'] ); $activemembers = vb_number_format($vbulletin->userstats['activemembers']); $show['activemembers'] = ($vbulletin->options['activememberdays'] > 0 AND ($vbulletin->options['activememberoptions'] & 2)) ? true : false; $ad_location['board_after_forums'] = vB_Template::create('ad_board_after_forums')->render(); $ad_location['board_below_whats_going_on'] = vB_Template::create('ad_board_below_whats_going_on')->render(); // ### SIDEBAR ################################################# $show['sidebar'] = false; // disable blocks for ie6 if ($vbulletin->options['enablesidebar'] AND !(is_browser('ie') AND !is_browser('ie', 7))) { $blockmanager = vB_BlockManager::create($vbulletin); $sidebar = $blockmanager->getSidebarHTML(); if ($sidebar) { $show['sidebar'] = true; } $show['sidebarposition'] = vB_Template_Runtime::fetchStyleVar($vbulletin->options['sidebarposition'] == 0 ? 'left' : 'right'); } // ### ALL DONE! SPIT OUT THE HTML AND LET'S GET OUTTA HERE... ### ($hook = vBulletinHook::fetch_hook('forumhome_complete')) ? eval($hook) : false; $navbar = render_navbar_template(construct_navbits($navbits));
function do_get_thread() { global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $vault, $vbphrase; $vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT, 'password' => TYPE_STR, 'signature' => TYPE_BOOL)); if (empty($threadinfo['threadid'])) { json_error(ERR_INVALID_THREAD); } $threadedmode = 0; $threadid = $vbulletin->GPC['threadid']; // Goto first unread post? if ($vbulletin->GPC['pagenumber'] == FR_LAST_POST) { $threadinfo = verify_id('thread', $threadid, 1, 1); if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $vbulletin->userinfo['lastvisit'] = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400); } else { if (($tview = intval(fetch_bbarray_cookie('thread_lastview', $threadid))) > $vbulletin->userinfo['lastvisit']) { $vbulletin->userinfo['lastvisit'] = $tview; } } $coventry = fetch_coventry('string'); $posts = $db->query_first("\n\t SELECT MIN(postid) AS postid\n\t FROM " . TABLE_PREFIX . "post\n\t WHERE threadid = {$threadinfo['threadid']}\n\t AND visible = 1\n\t AND dateline > " . intval($vbulletin->userinfo['lastvisit']) . "\n\t " . ($coventry ? "AND userid NOT IN ({$coventry})" : "") . "\n\t LIMIT 1\n\t"); if ($posts['postid']) { $postid = $posts['postid']; } else { $postid = $threadinfo['lastpostid']; } } // ********************************************************************************* // workaround for header redirect issue from forms with enctype in IE // (use a scrollIntoView javascript call in the <body> onload event) $onload = ''; // ********************************************************************************* // set $perpage $perpage = max(FR_MIN_PERPAGE, min($vbulletin->GPC['perpage'], FR_MAX_PERPAGE)); // FRNR //$perpage = sanitize_maxposts($vbulletin->GPC['perpage']); // ********************************************************************************* // set post order if ($vbulletin->userinfo['postorder'] == 0) { $postorder = ''; } else { $postorder = 'DESC'; } // ********************************************************************************* // get thread info $thread = verify_id('thread', $threadid, 1, 1); $threadinfo =& $thread; ($hook = vBulletinHook::fetch_hook('showthread_getinfo')) ? eval($hook) : false; // ********************************************************************************* // check for visible / deleted thread if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts') or $thread['isdeleted'] and !can_moderate($thread['forumid'])) { json_error(ERR_INVALID_THREAD); } // ********************************************************************************* // Tachy goes to coventry if (in_coventry($thread['postuserid']) and !can_moderate($thread['forumid'])) { json_error(ERR_INVALID_THREAD); } // FRNR Start // Check the forum password (set necessary cookies) if ($vbulletin->GPC['password'] && $foruminfo['password'] == $vbulletin->GPC['password']) { // set a temp cookie for guests if (!$vbulletin->userinfo['userid']) { set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password'])); } else { set_bbarray_cookie('forumpwd', $foruminfo['forumid'], md5($vbulletin->userinfo['userid'] . $vbulletin->GPC['password']), 1); } } // FRNR End // ********************************************************************************* // do word wrapping for the thread title if ($vbulletin->options['wordwrap'] != 0) { $thread['title'] = fetch_word_wrapped_string($thread['title']); } $thread['title'] = fetch_censored_text($thread['title']); $thread['meta_description'] = strip_bbcode(strip_quotes($thread['description']), false, true); $thread['meta_description'] = htmlspecialchars_uni(fetch_censored_text(fetch_trimmed_title($thread['meta_description'], 500, false))); // ********************************************************************************* // words to highlight from the search engine if (!empty($vbulletin->GPC['highlight'])) { $highlight = preg_replace('#\\*+#s', '*', $vbulletin->GPC['highlight']); if ($highlight != '*') { $regexfind = array('\\*', '\\<', '\\>'); $regexreplace = array('[\\w.:@*/?=]*?', '<', '>'); $highlight = preg_quote(strtolower($highlight), '#'); $highlight = explode(' ', $highlight); $highlight = str_replace($regexfind, $regexreplace, $highlight); foreach ($highlight as $val) { if ($val = trim($val)) { $replacewords[] = htmlspecialchars_uni($val); } } } } // ********************************************************************************* // make the forum jump in order to fill the forum caches $navpopup = array('id' => 'showthread_navpopup', 'title' => $foruminfo['title_clean'], 'link' => fetch_seo_url('thread', $threadinfo)); construct_quick_nav($navpopup); // ********************************************************************************* // get forum info $forum = fetch_foruminfo($thread['forumid']); $foruminfo =& $forum; // ********************************************************************************* // check forum permissions $forumperms = fetch_permissions($thread['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { json_error(ERR_NO_PERMISSION); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($thread['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { json_error(ERR_NO_PERMISSION); } // ********************************************************************************* // check if there is a forum password and if so, ensure the user has it set if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'])) { // FRNR json_error(ERR_NEED_PASSWORD, RV_NEED_FORUM_PASSWORD); } // verify that we are at the canonical SEO url // and redirect to this if not //verify_seo_url('thread|js', $threadinfo, array('pagenumber' => $_REQUEST['pagenumber'])); // ********************************************************************************* // jump page if thread is actually a redirect if ($thread['open'] == 10) { $destthreadinfo = fetch_threadinfo($threadinfo['pollid']); exec_header_redirect(fetch_seo_url('thread|js', $destthreadinfo, $pageinfo)); } // ********************************************************************************* // get ignored users $ignore = array(); if (trim($vbulletin->userinfo['ignorelist'])) { $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY); foreach ($ignorelist as $ignoreuserid) { $ignore["{$ignoreuserid}"] = 1; } } DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore))); // ********************************************************************************* // filter out deletion notices if can't be seen if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canseedelnotice'] or can_moderate($threadinfo['forumid'])) { $deljoin = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON(post.postid = deletionlog.primaryid AND deletionlog.type = 'post')"; } else { $deljoin = ''; } $show['viewpost'] = can_moderate($threadinfo['forumid']) ? true : false; $show['managepost'] = iif(can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts'), true, false); $show['approvepost'] = can_moderate($threadinfo['forumid'], 'canmoderateposts') ? true : false; $show['managethread'] = can_moderate($threadinfo['forumid'], 'canmanagethreads') ? true : false; $show['approveattachment'] = can_moderate($threadinfo['forumid'], 'canmoderateattachments') ? true : false; $show['inlinemod'] = (!$show['threadedmode'] and ($show['managethread'] or $show['managepost'] or $show['approvepost'])) ? true : false; $show['spamctrls'] = ($show['inlinemod'] and $show['managepost']); $url = $show['inlinemod'] ? SCRIPTPATH : ''; // build inline moderation popup if ($show['popups'] and $show['inlinemod']) { $threadadmin_imod_menu_post = vB_Template::create('threadadmin_imod_menu_post')->render(); } else { $threadadmin_imod_menu_post = ''; } // ********************************************************************************* // find the page that we should be on to display this post if (!empty($postid) and $threadedmode == 0) { $postinfo = verify_id('post', $postid, 1, 1); $threadid = $postinfo['threadid']; $getpagenum = $db->query_first("\n \t\tSELECT COUNT(*) AS posts\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tWHERE threadid = {$threadid} AND visible = 1\n \t\tAND dateline " . iif(!$postorder, '<=', '>=') . " {$postinfo['dateline']}\n \t"); $vbulletin->GPC['pagenumber'] = ceil($getpagenum['posts'] / $perpage); } // ********************************************************************************* // update views counter if ($vbulletin->options['threadviewslive']) { // doing it as they happen; for optimization purposes, this cannot use a DM! $db->shutdown_query("\n \t\tUPDATE " . TABLE_PREFIX . "thread\n \t\tSET views = views + 1\n \t\tWHERE threadid = " . intval($threadinfo['threadid'])); } else { // or doing it once an hour $db->shutdown_query("\n \t\tINSERT INTO " . TABLE_PREFIX . "threadviews (threadid)\n \t\tVALUES (" . intval($threadinfo['threadid']) . ')'); } // ********************************************************************************* // display ratings if enabled $show['rating'] = false; if ($forum['allowratings'] == 1) { if ($thread['votenum'] > 0) { $thread['voteavg'] = vb_number_format($thread['votetotal'] / $thread['votenum'], 2); $thread['rating'] = intval(round($thread['votetotal'] / $thread['votenum'])); if ($thread['votenum'] >= $vbulletin->options['showvotes']) { $show['rating'] = true; } } devdebug("threadinfo[vote] = {$threadinfo['vote']}"); if ($threadinfo['vote']) { $voteselected["{$threadinfo['vote']}"] = 'selected="selected"'; $votechecked["{$threadinfo['vote']}"] = 'checked="checked"'; } else { $voteselected[0] = 'selected="selected"'; $votechecked[0] = 'checked="checked"'; } } // ********************************************************************************* // set page number if ($vbulletin->GPC['pagenumber'] < 1) { $vbulletin->GPC['pagenumber'] = 1; } else { if ($vbulletin->GPC['pagenumber'] > ceil(($thread['replycount'] + 1) / $perpage)) { $vbulletin->GPC['pagenumber'] = ceil(($thread['replycount'] + 1) / $perpage); } } // ********************************************************************************* // initialise some stuff... $limitlower = ($vbulletin->GPC['pagenumber'] - 1) * $perpage; $limitupper = $vbulletin->GPC['pagenumber'] * $perpage; $counter = 0; if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400); } else { $threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid'])); if (!$threadview) { $threadview = $vbulletin->userinfo['lastvisit']; } } $threadinfo['threadview'] = intval($threadview); $displayed_dateline = 0; ################################################################################ ############################### SHOW POLL ###################################### ################################################################################ $poll = ''; if ($thread['pollid']) { $pollbits = ''; $counter = 1; $pollid = $thread['pollid']; $show['editpoll'] = iif(can_moderate($threadinfo['forumid'], 'caneditpoll'), true, false); // get poll info $pollinfo = $db->query_first_slave("\n \t\tSELECT *\n \t\tFROM " . TABLE_PREFIX . "poll\n \t\tWHERE pollid = {$pollid}\n \t"); require_once DIR . '/includes/class_bbcode.php'; $bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $pollinfo['question'] = $bbcode_parser->parse(unhtmlspecialchars($pollinfo['question']), $forum['forumid'], true); $splitoptions = explode('|||', $pollinfo['options']); $splitoptions = array_map('rtrim', $splitoptions); $splitvotes = explode('|||', $pollinfo['votes']); $showresults = 0; $uservoted = 0; if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canvote'])) { $nopermission = 1; } if (!$pollinfo['active'] or !$thread['open'] or $pollinfo['dateline'] + $pollinfo['timeout'] * 86400 < TIMENOW and $pollinfo['timeout'] != 0 or $nopermission) { //thread/poll is closed, ie show results no matter what $showresults = 1; } else { //get userid, check if user already voted $voted = intval(fetch_bbarray_cookie('poll_voted', $pollid)); if ($voted) { $uservoted = 1; } } ($hook = vBulletinHook::fetch_hook('showthread_poll_start')) ? eval($hook) : false; if ($pollinfo['timeout'] and !$showresults) { $pollendtime = vbdate($vbulletin->options['timeformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400); $pollenddate = vbdate($vbulletin->options['dateformat'], $pollinfo['dateline'] + $pollinfo['timeout'] * 86400); $show['pollenddate'] = true; } else { $show['pollenddate'] = false; } foreach ($splitvotes as $index => $value) { $pollinfo['numbervotes'] += $value; } if ($vbulletin->userinfo['userid'] > 0) { $pollvotes = $db->query_read_slave("\n \t\t\tSELECT voteoption\n \t\t\tFROM " . TABLE_PREFIX . "pollvote\n \t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . " AND pollid = {$pollid}\n \t\t"); if ($db->num_rows($pollvotes) > 0) { $uservoted = 1; } } if ($showresults or $uservoted) { if ($uservoted) { $uservote = array(); while ($pollvote = $db->fetch_array($pollvotes)) { $uservote["{$pollvote['voteoption']}"] = 1; } } } $left = vB_Template_Runtime::fetchStyleVar('left'); $right = vB_Template_Runtime::fetchStyleVar('right'); $option['open'] = $left[0]; $option['close'] = $right[0]; foreach ($splitvotes as $index => $value) { $arrayindex = $index + 1; $option['uservote'] = iif($uservote["{$arrayindex}"], true, false); $option['question'] = $bbcode_parser->parse($splitoptions["{$index}"], $forum['forumid'], true); // public link if ($pollinfo['public'] and $value) { $option['votes'] = '<a href="poll.php?' . $vbulletin->session->vars['sessionurl'] . 'do=showresults&pollid=' . $pollinfo['pollid'] . '">' . vb_number_format($value) . '</a>'; } else { $option['votes'] = vb_number_format($value); //get the vote count for the option } $option['number'] = $counter; //number of the option //Now we check if the user has voted or not if ($showresults or $uservoted) { // user did vote or poll is closed if ($value <= 0) { $option['percentraw'] = 0; } else { if ($pollinfo['multiple']) { $option['percentraw'] = $value < $pollinfo['voters'] ? $value / $pollinfo['voters'] * 100 : 100; } else { $option['percentraw'] = $value < $pollinfo['numbervotes'] ? $value / $pollinfo['numbervotes'] * 100 : 100; } } $option['percent'] = vb_number_format($option['percentraw'], 2); $option['graphicnumber'] = $option['number'] % 6 + 1; $option['barnumber'] = round($option['percent']) * 2; $option['remainder'] = 201 - $option['barnumber']; // Phrase parts below if ($nopermission) { $pollstatus = $vbphrase['you_may_not_vote_on_this_poll']; } else { if ($showresults) { $pollstatus = $vbphrase['this_poll_is_closed']; } else { if ($uservoted) { $pollstatus = $vbphrase['you_have_already_voted_on_this_poll']; } } } ($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false; $templater = vB_Template::create('pollresult'); $templater->register('names', $names); $templater->register('option', $option); $pollbits .= $templater->render(); } else { ($hook = vBulletinHook::fetch_hook('showthread_polloption')) ? eval($hook) : false; if ($pollinfo['multiple']) { $templater = vB_Template::create('polloption_multiple'); $templater->register('option', $option); $pollbits .= $templater->render(); } else { $templater = vB_Template::create('polloption'); $templater->register('option', $option); $pollbits .= $templater->render(); } } $counter++; } if ($pollinfo['multiple']) { $pollinfo['numbervotes'] = $pollinfo['voters']; $show['multiple'] = true; } if ($pollinfo['public']) { $show['publicwarning'] = true; } else { $show['publicwarning'] = false; } $displayed_dateline = $threadinfo['lastpost']; ($hook = vBulletinHook::fetch_hook('showthread_poll_complete')) ? eval($hook) : false; if ($showresults or $uservoted) { $templater = vB_Template::create('pollresults_table'); $templater->register('pollbits', $pollbits); $templater->register('pollenddate', $pollenddate); $templater->register('pollendtime', $pollendtime); $templater->register('pollinfo', $pollinfo); $templater->register('pollstatus', $pollstatus); $poll = $templater->render(); } else { $templater = vB_Template::create('polloptions_table'); $templater->register('pollbits', $pollbits); $templater->register('pollenddate', $pollenddate); $templater->register('pollendtime', $pollendtime); $templater->register('pollinfo', $pollinfo); $poll = $templater->render(); } } // work out if quickreply should be shown or not if ($vbulletin->options['quickreply'] and !$thread['isdeleted'] and !is_browser('netscape') and $vbulletin->userinfo['userid'] and ($vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown'] or $vbulletin->userinfo['userid'] != $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']) and ($thread['open'] or can_moderate($threadinfo['forumid'], 'canopenclose')) and !fetch_require_hvcheck('post')) { $show['quickreply'] = true; } else { $show['quickreply'] = false; $show['wysiwyg'] = 0; $quickreply = ''; } $show['largereplybutton'] = (!$thread['isdeleted'] and !$show['threadedmode'] and $forum['allowposting'] and !$show['search_engine']); if (!$forum['allowposting']) { $show['quickreply'] = false; } $show['multiquote_global'] = ($vbulletin->options['multiquote'] and $vbulletin->userinfo['userid']); if ($show['multiquote_global']) { $vbulletin->input->clean_array_gpc('c', array('vbulletin_multiquote' => TYPE_STR)); $vbulletin->GPC['vbulletin_multiquote'] = explode(',', $vbulletin->GPC['vbulletin_multiquote']); } // post is cachable if option is enabled, last post is newer than max age, and this user // isn't showing a sessionhash $post_cachable = ($vbulletin->options['cachemaxage'] > 0 and TIMENOW - $vbulletin->options['cachemaxage'] * 60 * 60 * 24 <= $thread['lastpost'] and $vbulletin->session->vars['sessionurl'] == ''); $saveparsed = ''; $save_parsed_sigs = ''; ($hook = vBulletinHook::fetch_hook('showthread_post_start')) ? eval($hook) : false; ################################################################################ ####################### SHOW THREAD IN LINEAR MODE ############################# ################################################################################ if ($threadedmode == 0) { // allow deleted posts to not be counted in number of posts displayed on the page; // prevents issue with page count on forum display being incorrect $ids = array(); $lastpostid = 0; $hook_query_joins = $hook_query_where = ''; ($hook = vBulletinHook::fetch_hook('showthread_query_postids')) ? eval($hook) : false; if (empty($deljoin) and !$show['approvepost']) { $totalposts = $threadinfo['replycount'] + 1; if (can_moderate($thread['forumid'])) { $coventry = ''; } else { $coventry = fetch_coventry('string'); } $getpostids = $db->query_read("\n \t\t\tSELECT post.postid\n \t\t\tFROM " . TABLE_PREFIX . "post AS post\n \t\t\t{$hook_query_joins}\n \t\t\tWHERE post.threadid = {$threadid}\n \t\t\t\tAND post.visible = 1\n \t\t\t\t" . ($coventry ? "AND post.userid NOT IN ({$coventry})" : '') . "\n \t\t\t\t{$hook_query_where}\n \t\t\tORDER BY post.dateline {$postorder}\n \t\t\tLIMIT {$limitlower}, {$perpage}\n \t\t"); while ($post = $db->fetch_array($getpostids)) { if (!isset($qrfirstpostid)) { $qrfirstpostid = $post['postid']; } $qrlastpostid = $post['postid']; $ids[] = $post['postid']; } $db->free_result($getpostids); $lastpostid = $qrlastpostid; } else { $getpostids = $db->query_read("\n \t\t\tSELECT post.postid, post.visible, post.userid\n \t\t\tFROM " . TABLE_PREFIX . "post AS post\n \t\t\t{$hook_query_joins}\n \t\t\tWHERE post.threadid = {$threadid}\n \t\t\t\tAND post.visible IN (1\n \t\t\t\t" . (!empty($deljoin) ? ",2" : "") . "\n \t\t\t\t" . ($show['approvepost'] ? ",0" : "") . "\n \t\t\t\t)\n \t\t\t\t{$hook_query_where}\n \t\t\tORDER BY post.dateline {$postorder}\n \t\t"); $totalposts = 0; if ($limitlower != 0) { $limitlower++; } while ($post = $db->fetch_array($getpostids)) { if (!isset($qrfirstpostid)) { $qrfirstpostid = $post['postid']; } $qrlastpostid = $post['postid']; if ($post['visible'] == 1 and !in_coventry($post['userid']) and !$ignore[$post['userid']]) { $totalposts++; } if ($totalposts < $limitlower or $totalposts > $limitupper) { continue; } // remember, these are only added if they're going to be displayed $ids[] = $post['postid']; $lastpostid = $post['postid']; } $db->free_result($getpostids); } // '0' inside parenthesis in unlikely case we have no ids for this page // (this could happen if the replycount is wrong in the db) $postids = "post.postid IN (0" . implode(',', $ids) . ")"; // load attachments if ($thread['attach']) { require_once DIR . '/packages/vbattach/attach.php'; $attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post'); $postattach = $attach->fetch_postattach(0, $ids); } $hook_query_fields = $hook_query_joins = ''; ($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false; $posts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*, usertextfield.*,\n \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n \t\t\t" . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n \t\t\t{$deljoin}\n \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n \t\t\t{$hook_query_joins}\n \t\tWHERE {$postids}\n \t\tORDER BY post.dateline {$postorder}\n \t"); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { $vbulletin->options['attachthumbs'] = 0; } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { $vbulletin->options['viewattachedimages'] = 0; } $postcount = ($vbulletin->GPC['pagenumber'] - 1) * $perpage; if ($postorder) { // Newest first $postcount = $totalposts - $postcount + 1; } $counter = 0; $postbits = ''; $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->thread =& $thread; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); while ($post = $db->fetch_array($posts)) { if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) { continue; } if ($post['visible'] == 1 and !$tachyuser) { ++$counter; if ($postorder) { $post['postcount'] = --$postcount; } else { $post['postcount'] = ++$postcount; } } if ($tachyuser) { $fetchtype = 'post_global_ignore'; } else { if ($ignore["{$post['userid']}"]) { $fetchtype = 'post_ignore'; } else { if ($post['visible'] == 2) { $fetchtype = 'post_deleted'; } else { $fetchtype = 'post'; } } } if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) { $fetchtype = 'post'; } if ($fetchtype != 'post' && $fetchtype != 'post_deleted') { continue; } ($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false; $postbit_obj =& $postbit_factory->fetch_postbit($fetchtype); if ($fetchtype == 'post') { $postbit_obj->highlight =& $replacewords; } $postbit_obj->cachable = $post_cachable; $post['islastshown'] = $post['postid'] == $lastpostid; $post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1); $post['islastshown'] = $post['postid'] == $lastpostid; $post['attachments'] = $postattach["{$post['postid']}"]; $parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false); $postbits .= $postbit_obj->construct_postbit($post); // Only show after the first post, counter isn't incremented for deleted/moderated posts if ($post['isfirstshown']) { $postbits .= vB_Template::create('ad_showthread_firstpost')->render(); } if ($post_cachable and $post['pagetext_html'] == '') { if (!empty($saveparsed)) { $saveparsed .= ','; } $saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")"; } if (!empty($postbit_obj->sig_cache) and $post['userid']) { if (!empty($save_parsed_sigs)) { $save_parsed_sigs .= ','; } $save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")"; } // get first and last post ids for this page (for big reply buttons) if (!isset($FIRSTPOSTID)) { $FIRSTPOSTID = $post['postid']; } $LASTPOSTID = $post['postid']; if ($post['dateline'] > $displayed_dateline) { $displayed_dateline = $post['dateline']; if ($displayed_dateline <= $threadview) { $updatethreadcookie = true; } } // FRNR Start // find out if first post $getpost = $db->query_first("\n SELECT firstpostid\n FROM " . TABLE_PREFIX . "thread\n WHERE threadid = {$threadinfo['threadid']}\n "); $isfirstpost = $getpost['firstpostid'] == $post['postid']; $candelete = false; if ($isfirstpost and can_moderate($threadinfo['forumid'], 'canmanagethreads')) { $candelete = true; } else { if (!$isfirstpost and can_moderate($threadinfo['forumid'], 'candeleteposts')) { $candelete = true; } else { if (($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and !$isfirstpost or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $isfirstpost) and $vbulletin->userinfo['userid'] == $post['userid']) { $candelete = true; } } } // Get post date/time $postdate = vbdate($vbulletin->options['dateformat'], $post['dateline'], 1); $posttime = vbdate($vbulletin->options['timeformat'], $post['dateline']); $fr_images = array(); $docattach = array(); // Attachments (images). if (is_array($post['attachments']) && count($post['attachments']) > 0) { foreach ($post['attachments'] as $attachment) { $lfilename = strtolower($attachment['filename']); if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) { $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']); if ($vbulletin->options['attachthumbs']) { $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1'; } $fr_images[] = $tmp; } if (strpos($lfilename, '.pdf') !== false) { $docattach[] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']; } } } // Parse the post for quotes and inline images list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $post['allowsmilie'] && $usesmilies); if (count($fr_images) > 0) { $text .= "<br/>"; foreach ($fr_images as $attachment) { $text .= "<img src=\"{$attachment['img']}\"/>"; } } foreach ($images as $image) { $fr_images[] = array('img' => $image); } $avatarurl = ''; // Avatar work if ($post['avatarurl']) { $avatarurl = process_avatarurl($post['avatarurl']); } $tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'forum_title' => prepare_utf8_string($foruminfo['title_clean']), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'] ? (string) $post['posts'] : '0', 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'online' => fetch_online_status(fetch_userinfo($post['userid']), false), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images); if ($candelete) { $tmp['candelete'] = true; } // Soft Deleted if ($post['visible'] == 2) { $tmp['deleted'] = true; $tmp['del_username'] = prepare_utf8_string($post['del_username']); if ($post['del_reason']) { $tmp['del_reason'] = prepare_utf8_string($post['del_reason']); } } else { $tmp['text'] = $text; $tmp['quotable'] = $nuked_quotes; if ($post['editlink']) { $tmp['canedit'] = true; $tmp['edittext'] = prepare_utf8_string($post['pagetext']); } } if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } if (count($docattach) > 0) { $tmp['docattach'] = $docattach; } if ($vbulletin->GPC['signature']) { $sig = trim(remove_bbcode(strip_tags($post['signatureparsed']), true, true), '<a>'); $sig = str_replace(array("\t", "\r"), array('', ''), $sig); $sig = str_replace("\n\n", "\n", $sig); $tmp['sig'] = prepare_utf8_string($sig); } // Begin Support for Post Thanks Hack - http://www.vbulletin.org/forum/showthread.php?t=122944 if ($vbulletin->userinfo['userid'] && function_exists('post_thanks_off') && function_exists('can_thank_this_post') && function_exists('thanked_already') && function_exists('fetch_thanks')) { if (!post_thanks_off($thread['forumid'], $post, $thread['firstpostid'], THIS_SCRIPT)) { global $ids; if (can_thank_this_post($post, $thread['isdeleted'])) { $tmp['canlike'] = true; } if (thanked_already($post, 0, true)) { $tmp['likes'] = true; if (!$vbulletin->options['post_thanks_delete_own']) { $tmp['canlike'] = $tmp['likes'] = false; } } $thanks = fetch_thanks($post['postid']); $thank_users = array(); if (is_array($thanks)) { foreach ($thanks as $thank) { $thank_users[] = $thank['username']; } } if (count($thank_users)) { $tmp['likestext'] = prepare_utf8_string($vbphrase['fr_thanked_by'] . ': ' . join(', ', $thank_users)); $tmp['likesusers'] = join(', ', $thank_users); } } } // End Support for Post Thanks Hack $posts_out[] = $tmp; // FRNR End } $db->free_result($posts); unset($post); if ($postbits == '' and $vbulletin->GPC['pagenumber'] > 1) { $pageinfo = array('page' => $vbulletin->GPC['pagenumber'] - 1); if (!empty($vbulletin->GPC['perpage'])) { $pageinfo['pp'] = $perpage; } if (!empty($vbulletin->GPC['highlight'])) { $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']); } exec_header_redirect(fetch_seo_url('thread|js', $threadinfo, $pageinfo)); } DEVDEBUG("First Post: {$FIRSTPOSTID}; Last Post: {$LASTPOSTID}"); $pageinfo = array(); if ($vbulletin->GPC['highlight']) { $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']); } if (!empty($vbulletin->GPC['perpage'])) { $pageinfo['pp'] = $perpage; } $pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $totalposts, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo); if ($thread['lastpost'] > $threadview) { if ($firstnew) { $firstunread = fetch_seo_url('thread', $threadinfo, array('page' => $vbulletin->GPC['pagenumber'])) . '#post' . $firstnew; $show['firstunreadlink'] = true; } else { $firstunread = fetch_seo_url('thread', $threadinfo, array('goto' => 'newpost')); $show['firstunreadlink'] = true; } } else { $firstunread = ''; $show['firstunreadlink'] = false; } if ($vbulletin->userinfo['postorder']) { // disable ajax qr when displaying linear newest first $show['allow_ajax_qr'] = 0; } else { // only allow ajax on the last page of a thread when viewing oldest first $show['allow_ajax_qr'] = $vbulletin->GPC['pagenumber'] == ceil($totalposts / $perpage) ? 1 : 0; } ################################################################################ ################ SHOW THREAD IN THREADED OR HYBRID MODE ######################## ################################################################################ } else { // ajax qr doesn't work with threaded controls $show['allow_ajax_qr'] = 0; require_once DIR . '/includes/functions_threadedmode.php'; // save data $ipostarray = array(); $postarray = array(); $userarray = array(); $postparent = array(); $postorder = array(); $hybridposts = array(); $deletedparents = array(); $totalposts = 0; $links = ''; $cache_postids = ''; $hook_query_fields = $hook_query_joins = $hook_query_where = ''; ($hook = vBulletinHook::fetch_hook('showthread_query_postids_threaded')) ? eval($hook) : false; // get all posts $listposts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\t{$hook_query_joins}\n \t\tWHERE threadid = {$threadid}\n \t\t\t{$hook_query_where}\n \t\tORDER BY postid\n \t"); // $toppostid is the first post in the thread // $curpostid is the postid passed from the URL, or if not specified, the first post in the thread $ids = array(); while ($post = $db->fetch_array($listposts)) { if ($post['visible'] == 2 and !$deljoin or $post['visible'] == 0 and !$show['approvepost'] or in_coventry($post['userid']) and !can_moderate($thread['forumid'])) { $deletedparents["{$post['postid']}"] = iif(isset($deletedparents["{$post['parentid']}"]), $deletedparents["{$post['parentid']}"], $post['parentid']); continue; } if (empty($toppostid)) { $toppostid = $post['postid']; } if (empty($postid)) { if (empty($curpostid)) { $curpostid = $post['postid']; if ($threadedmode == 2 and empty($vbulletin->GPC['postid'])) { $vbulletin->GPC['postid'] = $curpostid; } $curpostparent = $post['parentid']; } } else { if ($post['postid'] == $postid) { $curpostid = $post['postid']; $curpostparent = $post['parentid']; } } $postparent["{$post['postid']}"] = $post['parentid']; $ipostarray["{$post['parentid']}"][] = $post['postid']; $postarray["{$post['postid']}"] = $post; $userarray["{$post['userid']}"] = $db->escape_string($post['username']); $totalposts++; $ids[] = $post['postid']; } $db->free_result($listposts); // hooks child posts up to new parent if actual parent has been deleted or hidden if (count($deletedparents) > 0) { foreach ($deletedparents as $dpostid => $dparentid) { if (is_array($ipostarray[$dpostid])) { foreach ($ipostarray[$dpostid] as $temppostid) { $postparent[$temppostid] = $dparentid; $ipostarray[$dparentid][] = $temppostid; $postarray[$temppostid]['parentid'] = $dparentid; } unset($ipostarray[$dpostid]); } if ($curpostparent == $dpostid) { $curpostparent = $dparentid; } } } unset($post, $listposts, $deletedparents); if ($thread['attach']) { require_once DIR . '/packages/vbattach/attach.php'; $attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post'); $postattach = $attach->fetch_postattach(0, $ids); } // get list of usernames from post list $userjs = ''; foreach ($userarray as $userid => $username) { if ($userid) { $userjs .= "pu[{$userid}] = \"" . addslashes_js($username) . "\";\n"; } } unset($userarray, $userid, $username); $parent_postids = fetch_post_parentlist($curpostid); if (!$parent_postids) { $currentdepth = 0; } else { $currentdepth = sizeof(explode(',', $parent_postids)); } sort_threaded_posts(); if (empty($curpostid)) { eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']))); } if ($threadedmode == 2) { $numhybrids = sizeof($hybridposts); if ($vbulletin->GPC['pagenumber'] < 1) { $vbulletin->GPC['pagenumber'] = 1; } $startat = ($vbulletin->GPC['pagenumber'] - 1) * $perpage; if ($startat > $numhybrids) { $vbulletin->GPC['pagenumber'] = 1; $startat = 0; } $endat = $startat + $perpage; for ($i = $startat; $i < $endat; $i++) { if (isset($hybridposts["{$i}"])) { if (!isset($FIRSTPOSTID)) { $FIRSTPOSTID = $hybridposts["{$i}"]; } $cache_postids .= ",{$hybridposts[$i]}"; $LASTPOSTID = $hybridposts["{$i}"]; } } $pageinfo = array('p' => $vbulletin->GPC['postid']); if ($vbulletin->GPC['highlight']) { $pageinfo['highlight'] = urlencode($vbulletin->GPC['highlight']); } if (!empty($vbulletin->GPC['perpage'])) { $pageinfo['pp'] = $perpage; } $pagenav = construct_page_nav($vbulletin->GPC['pagenumber'], $perpage, $numhybrids, 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}", '', '', 'thread', $threadinfo, $pageinfo); } else { $FIRSTPOSTID = $curpostid; $LASTPOSTID = $curpostid; // sort out which posts to cache: if (!$vbulletin->options['threaded_maxcache']) { $vbulletin->options['threaded_maxcache'] = 999999; } // cache $vbulletin->options['threaded_maxcache'] posts // take 0.25 from above $curpostid // and take 0.75 below if (sizeof($postorder) <= $vbulletin->options['threaded_maxcache']) { $startat = 0; } else { if ($curpostidkey + $vbulletin->options['threaded_maxcache'] * 0.75 > sizeof($postorder)) { $startat = sizeof($postorder) - $vbulletin->options['threaded_maxcache']; } else { if ($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25 < 0) { $startat = 0; } else { $startat = intval($curpostidkey - $vbulletin->options['threaded_maxcache'] * 0.25); } } } unset($curpostidkey); foreach ($postorder as $postkey => $pid) { if ($postkey > $startat + $vbulletin->options['threaded_maxcache']) { break; } if ($postkey >= $startat and empty($morereplies["{$pid}"])) { $cache_postids .= ',' . $pid; } } // get next/previous posts for each post in the list // key: NAVJS[postid][0] = prev post, [1] = next post $NAVJS = array(); $prevpostid = 0; foreach ($postorder as $pid) { $NAVJS["{$pid}"][0] = $prevpostid; $NAVJS["{$prevpostid}"][1] = $pid; $prevpostid = $pid; } $NAVJS["{$toppostid}"][0] = $pid; //prev button for first post $NAVJS["{$pid}"][1] = $toppostid; //next button for last post $navjs = ''; foreach ($NAVJS as $pid => $info) { $navjs .= "pn[{$pid}] = \"{$info['0']},{$info['1']}\";\n"; } } unset($ipostarray, $postparent, $postorder, $NAVJS, $postid, $info, $prevpostid, $postkey); $cache_postids = substr($cache_postids, 1); if (empty($cache_postids)) { // umm... something weird happened. Just prevent an error. eval(standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']))); } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; ($hook = vBulletinHook::fetch_hook('showthread_query')) ? eval($hook) : false; $cacheposts = $db->query_read("\n \t\tSELECT\n \t\t\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n \t\t\tuser.*, userfield.*, usertextfield.*,\n \t\t\t" . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n \t\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,') . "\n \t\t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n \t\t\t" . iif($deljoin, "deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,") . "\n \t\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n \t\t\teditlog.reason AS edit_reason, editlog.hashistory,\n \t\t\tpostparsed.pagetext_html, postparsed.hasimages,\n \t\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n \t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n \t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n \t\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n \t\t\t{$hook_query_fields}\n \t\tFROM " . TABLE_PREFIX . "post AS post\n \t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n \t\t" . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n \t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n \t\t" . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n \t\t\t{$deljoin}\n \t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n \t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n \t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n \t\t\t{$hook_query_joins}\n \t\tWHERE post.postid IN (" . $cache_postids . ") {$hook_query_where}\n \t"); // re-initialise the $postarray variable $postarray = array(); while ($post = $db->fetch_array($cacheposts)) { $postarray["{$post['postid']}"] = $post; } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { $vbulletin->options['viewattachedimages'] = 0; $vbulletin->options['attachthumbs'] = 0; } // init $postcount = 0; $postbits = ''; $saveparsed = ''; $jspostbits = ''; $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->thread =& $thread; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); foreach (explode(',', $cache_postids) as $id) { // get the post from the post array if (!isset($postarray["{$id}"])) { continue; } $post = $postarray["{$id}"]; if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) { continue; } if ($tachyuser) { $fetchtype = 'post_global_ignore'; } else { if ($ignore["{$post['userid']}"]) { $fetchtype = 'post_ignore'; } else { if ($post['visible'] == 2) { $fetchtype = 'post_deleted'; } else { $fetchtype = 'post'; } } } if ($vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) { $fetchtype = 'post'; } ($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false; $postbit_obj =& $postbit_factory->fetch_postbit($fetchtype); if ($fetchtype == 'post') { $postbit_obj->highlight =& $replacewords; } $postbit_obj->cachable = $post_cachable; $post['postcount'] = ++$postcount; $post['attachments'] =& $postattach["{$post['postid']}"]; $parsed_postcache = array('text' => '', 'images' => 1); $bgclass = 'alt2'; if ($threadedmode == 2) { $postbits .= $postbit_obj->construct_postbit($post); } else { $postbit = $postbit_obj->construct_postbit($post); if ($curpostid == $post['postid']) { $curpostdateline = $post['dateline']; $curpostbit = $postbit; } $postbit = preg_replace('#</script>#i', "<\\/scr' + 'ipt>", addslashes_js($postbit)); $jspostbits .= "pd[{$post['postid']}] = '{$postbit}';\n"; } // end threaded mode if ($post_cachable and $post['pagetext_html'] == '') { if (!empty($saveparsed)) { $saveparsed .= ','; } $saveparsed .= "({$post['postid']}, " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . $db->escape_string($postbit_obj->post_cache['text']) . "'," . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")"; } if (!empty($postbit_obj->sig_cache) and $post['userid']) { if (!empty($save_parsed_sigs)) { $save_parsed_sigs .= ','; } $save_parsed_sigs .= "({$post['userid']}, " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . $db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")"; } if ($post['dateline'] > $displayed_dateline) { $displayed_dateline = $post['dateline']; if ($displayed_dateline <= $threadview) { $updatethreadcookie = true; } } } // end while ($post) $db->free_result($cacheposts); if ($threadedmode == 1) { $postbits = $curpostbit; } $templater = vB_Template::create('showthread_list'); $templater->register('curpostid', $curpostid); $templater->register('highlightwords', $highlightwords); $templater->register('jspostbits', $jspostbits); $templater->register('links', $links); $templater->register('navjs', $navjs); $templater->register('threadedmode', $threadedmode); $templater->register('userjs', $userjs); $threadlist = $templater->render(); unset($curpostbit, $post, $cacheposts, $parsed_postcache, $postbit); } ################################################################################ ########################## END LINEAR / THREADED ############################### ################################################################################ $effective_lastpost = max($displayed_dateline, $thread['lastpost']); // ********************************************************************************* //set thread last view if ($thread['pollid'] and $vbulletin->options['updatelastpost'] and ($displayed_dateline == $thread['lastpost'] or $threadview == $thread['lastpost']) and $pollinfo['lastvote'] > $thread['lastpost']) { $displayed_dateline = $pollinfo['lastvote']; } if ((!$vbulletin->GPC['posted'] or $updatethreadcookie) and $displayed_dateline and $displayed_dateline > $threadview) { mark_thread_read($threadinfo, $foruminfo, $vbulletin->userinfo['userid'], $displayed_dateline); } // FRNR Below fr_update_subsent($threadinfo['threadid'], $displayed_dateline); if (!is_array($posts_out)) { $posts_out = array(); } // Figure out if we can post $canpost = true; if ($threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) { $canpost = false; } if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) { $canpost = false; } if (!$threadinfo['open']) { if (!can_moderate($threadinfo['forumid'], 'canopenclose')) { $canpost = false; } } if (($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) { $canpost = false; } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and $vbulletin->userinfo['userid'] == $threadinfo['postuserid']) { $canpost = false; } $mod = 0; if (can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts')) { $mod |= MOD_DELETEPOST; } if (can_moderate($threadinfo['forumid'], 'canmanagethreads')) { if ($threadinfo['sticky']) { $mod |= MOD_UNSTICK; } else { $mod |= MOD_STICK; } } if ($threadinfo['visible'] != 2 and can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts') or $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'] and $vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and ($vbulletin->options['edittimelimit'] == 0 or $threadinfo['dateline'] > TIMENOW - $vbulletin->options['edittimelimit'] * 60)) { $mod |= MOD_DELETETHREAD; } if (can_moderate($threadinfo['forumid'], 'canopenclose') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) { if ($threadinfo['open']) { $mod |= MOD_CLOSE; } else { $mod |= MOD_OPEN; } } if (can_moderate($threadinfo['forumid'], 'canmanagethreads') or $forumperms & $vbulletin->bf_ugp_forumpermissions['canmove'] and $threadinfo['postuserid'] == $vbulletin->userinfo['userid']) { $mod |= MOD_MOVETHREAD; } if ($show['spamctrls']) { $mod |= MOD_SPAM_CONTROLS; } $out = array('posts' => $posts_out, 'total_posts' => $totalposts, 'page' => $vbulletin->GPC['pagenumber'], 'canpost' => $canpost ? 1 : 0, 'mod' => $mod, 'pollid' => $thread['pollid'], 'subscribed' => $threadinfo['issubscribed'] ? 1 : 0, 'title' => prepare_utf8_string($thread['title']), 'canattach' => $forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid']); if ($postid) { $out['gotopostid'] = $postid; } return $out; }
print_stylevar_row($vbphrase['netscape_4'], 'textareacols_ns4'); print_stylevar_row($vbphrase['netscape_6'], 'textareacols_ns6'); */ print_table_header($vbphrase['miscellaneous'], 3); print_stylevar_row($vbphrase['html_doctype'], 'htmldoctype'); /* // this is now held with the language settings print_stylevar_row($vbphrase['html_content_type'], 'contenttype'); */ ($hook = vBulletinHook::fetch_hook('stylevar_edit_misc')) ? eval($hook) : false; print_table_break(' '); } // ############################################################################# // MAIN CSS if ($vbulletin->GPC['dowhat'] == 'maincss' or $vbulletin->GPC['dowhat'] == 'css' or $vbulletin->GPC['dowhat'] == 'all') { construct_hidden_code('dowhat[css]', 1); if (is_browser('mozilla')) { ?> <script type="text/javascript"> window.onresize = redo_fieldset; var target_fieldsets = new Array(); var z = 0; function redo_fieldset() { for (m = 0; m < z; m++) { if (typeof(target_fieldsets[m]) != "undefined") { reflow_fieldset(target_fieldsets[m], false); } } }
// ##################### DEFINE IMPORTANT CONSTANTS ####################### define('CVS_REVISION', '$RCSfile$ - $Revision: 84490 $'); // #################### PRE-CACHE TEMPLATES AND DATA ###################### global $phrasegroups, $specialtemplates, $vbphrase, $vbulletin, $usercache, $numcolors, $colorPickerType, $colorPickerWidth; $phrasegroups = array('cpuser', 'forum', 'timezone', 'user'); $specialtemplates = array(); // ########################## REQUIRE BACK-END ############################ require_once dirname(__FILE__) . '/global.php'; require_once DIR . '/includes/adminfunctions_user.php'; $assertor = vB::getDbAssertor(); // ######################## CHECK ADMIN PERMISSIONS ####################### if (!can_administer('canadminusers')) { print_cp_no_permission(); } $vbulletin->input->clean_array_gpc('r', array('avatarid' => vB_Cleaner::TYPE_INT, 'userid' => vB_Cleaner::TYPE_INT)); if (is_browser('webkit') and $vbulletin->GPC['avatarid'] and empty($_POST['do'])) { $_POST['do'] = $_REQUEST['do'] = 'updateavatar'; } // ############################# LOG ACTION ############################### log_admin_action(!empty($vbulletin->GPC['userid']) ? 'user id = ' . $vbulletin->GPC['userid'] : ''); // ######################################################################## // ######################### START MAIN SCRIPT ############################ // ######################################################################## print_cp_header($vbphrase['user_manager']); // ###################### Start Remove User's Subscriptions ####################### if ($_REQUEST['do'] == 'removesubs') { print_delete_confirmation('user', $vbulletin->GPC['userid'], 'usertools', 'killsubs', 'subscriptions'); } // ###################### Start Remove User's Subscriptions ####################### if ($_POST['do'] == 'killsubs') { vB::getDbAssertor()->delete('vBForum:subscribediscussion', array('userid' => $vbulletin->GPC['userid']));
function quickReply() { global $vbulletin; // ********************************************************************************* // build quick reply if appropriate if ($show['quickreply']) { require_once DIR . '/includes/functions_editor.php'; $show['wysiwyg'] = $forum['allowbbcode'] ? is_wysiwyg_compatible() : 0; $istyles_js = construct_editor_styles_js(); // set show signature hidden field $showsig = iif($vbulletin->userinfo['signature'], 1, 0); // set quick reply initial id if ($threadedmode == 1) { $qrpostid = $curpostid; $show['qr_require_click'] = 0; } else { if ($vbulletin->options['quickreply'] == 2) { $qrpostid = 0; $show['qr_require_click'] = 1; } else { $qrpostid = 'who cares'; $show['qr_require_click'] = 0; } } $editorid = construct_edit_toolbar('', 0, $foruminfo['forumid'], $foruminfo['allowsmilies'] ? 1 : 0, 1, false, 'qr'); $messagearea = "\n\t\t\t<script type=\"text/javascript\">\n\t\t\t<!--\n\t\t\t\tvar threaded_mode = {$threadedmode};\n\t\t\t\tvar require_click = {$show['qr_require_click']};\n\t\t\t\tvar is_last_page = {$show['allow_ajax_qr']}; // leave for people with cached JS files\n\t\t\t\tvar allow_ajax_qr = {$show['allow_ajax_qr']};\n\t\t\t\tvar ajax_last_post = " . intval($effective_lastpost) . ";\n\t\t\t// -->\n\t\t\t</script>\n\t\t\t{$messagearea}\n\t\t"; if (is_browser('mozilla') and $show['wysiwyg'] == 2) { // Mozilla WYSIWYG can't have the QR collapse button, // so remove that and force QR to be expanded $show['quickreply_collapse'] = false; unset($vbcollapse["collapseobj_quickreply"], $vbcollapse["collapseimg_quickreply"], $vbcollapse["collapsecel_quickreply"]); } else { $show['quickreply_collapse'] = true; } } else { if ($show['ajax_js']) { require_once DIR . '/includes/functions_editor.php'; $vBeditJs = construct_editor_js_arrays(); eval('$vBeditTemplate[\'clientscript\'] = "' . fetch_template('editor_clientscript') . '";'); } } }
/** * Prints a row containing an <input type="file" /> * * @param string Title for row * @param string Name for file upload field * @param integer Max uploaded file size in bytes * @param integer Size of file upload field */ function print_upload_row($title, $name, $maxfilesize = 1000000, $size = 35) { global $vbulletin; construct_hidden_code('MAX_FILE_SIZE', $maxfilesize); // Don't style the file input for Opera or Firefox 3. #25838 $use_bginput = (is_browser('opera') or is_browser('firefox', 3) ? false : true); print_label_row($title, "<div id=\"ctrl_{$name}\"><input type=\"file\"" . ($use_bginput ? ' class="bginput"' : '') . " name=\"{$name}\" size=\"{$size}\" tabindex=\"1\"" . iif($vbulletin->debug, " title=\"name="{$name}"\"") . " /></div>", '', 'top', $name); }
if ($style['displayorder'] != $order or $style['userselect'] != $uperm) { $styleAPI->updateStyle($style[styleid], $style['title'], $style['parentid'], $uperm, $order, false, $style['guid']); } } $args = array(); parse_str(vB::getCurrentSession()->get('sessionurl'), $args); $args['do'] = 'modify'; print_cp_redirect2('template', $args); } // ############################################################################# // Main style generator display if ($_REQUEST['do'] == 'stylegenerator') { global $vbphrase, $vbulletin; $vbulletin->input->clean_array_gpc('p', array('data' => vB_Cleaner::TYPE_STR, 'parentid' => vB_Cleaner::TYPE_INT, 'name' => vB_Cleaner::TYPE_STR, 'displayorder' => vB_Cleaner::TYPE_INT, 'userselect' => vB_Cleaner::TYPE_STR)); $vbulletin->input->clean_array_gpc('r', array('save' => vB_Cleaner::TYPE_STR)); if (is_browser('ie') and !is_browser('ie', 7)) { print_stop_message2('style_generator_browser_not_supported'); } // Variables that decides who, what, when, where and how of saving the style. $styledata = $vbulletin->GPC['data']; $styleparentid = $vbulletin->GPC['parentid']; $styletitle = $vbulletin->GPC['name']; $styleanyversion = true; $styledisplayorder = $vbulletin->GPC['displayorder']; $styleuserselectable = $vbulletin->GPC['userselect']; // url response tell us where to save the xml $stylesave = $vbulletin->GPC['save']; if ($stylesave) { $version = ADMIN_VERSION_VBULLETIN; $stylexml = generate_style($styledata, $styleparentid, $styletitle, $styleanyversion, $styledisplayorder, $styleuserselectable, $version); }
$qrpostid = 'who cares'; $show['qr_require_click'] = 0; } } $posthash = md5(TIMENOW . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']); $poststarttime = TIMENOW; if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid'] and !empty($vbulletin->userinfo['attachmentextensions'])) { $contenttypeid = vB_Types::instance()->getContentTypeID('vBForum_Post'); } else { $contenttypeid = 0; } require_once DIR . '/includes/functions_file.php'; $attachinfo = fetch_attachmentinfo($posthash, $poststarttime, $contenttypeid, array('t' => $threadinfo['threadid'])); $editorid = construct_edit_toolbar('', 0, $foruminfo['forumid'], $foruminfo['allowsmilies'] ? 1 : 0, 1, false, 'qr', '', $attachinfo, 'forum', 'vBForum_Post', 0, $threadinfo['threadid']); $messagearea = "\n\t\t<script type=\"text/javascript\">\n\t\t<!--\n\t\t\tvar threaded_mode = {$threadedmode};\n\t\t\tvar require_click = {$show['qr_require_click']};\n\t\t\tvar is_last_page = {$show['allow_ajax_qr']}; // leave for people with cached JS files\n\t\t\tvar allow_ajax_qr = {$show['allow_ajax_qr']};\n\t\t\tvar last_post_id = {$LASTPOSTID};\n\t\t\tvar ajax_last_post = " . intval($effective_lastpost) . ";\n\t\t// -->\n\t\t</script>\n\t\t{$messagearea}\n\t"; if (is_browser('mozilla') and $show['wysiwyg'] == 2) { // Mozilla WYSIWYG can't have the QR collapse button, // so remove that and force QR to be expanded $show['quickreply_collapse'] = false; unset($vbcollapse["collapseobj_quickreply"], $vbcollapse["collapseimg_quickreply"], $vbcollapse["collapsecel_quickreply"]); } else { $show['quickreply_collapse'] = true; } } $show['quickedit'] = ($vbulletin->options['quickedit'] and $show['ajax_js']); // ############################################################################# // make a displayable version of the thread notes if (!empty($thread['notes'])) { $thread['notes'] = str_replace('. ', ".\\n", $thread['notes']); $shownotes = true; } else {
/** * Sets a cookie based on vBulletin environmental settings * * @param string Cookie name * @param mixed Value to store in the cookie * @param boolean If true, do not set an expiry date for the cookie * @param boolean Allow secure cookies (SSL) * @param boolean Set 'httponly' for cookies in supported browsers */ function vbsetcookie($name, $value = '', $permanent = true, $allowsecure = true, $httponly = false) { if (defined('NOCOOKIES')) { return; } global $vbulletin; if ($permanent) { $expire = TIMENOW + 60 * 60 * 24 * 365; } else { $expire = 0; } // IE for Mac doesn't support httponly $httponly = ($httponly and (is_browser('ie') and is_browser('mac'))) ? false : $httponly; // check for SSL $secure = (REQ_PROTOCOL === 'https' and $allowsecure) ? true : false; $name = COOKIE_PREFIX . $name; $filename = 'N/A'; $linenum = 0; if (!headers_sent($filename, $linenum)) { // consider showing an error message if they're not sent using above variables? if ($value === '' or $value === false) { // this will attempt to unset the cookie at each directory up the path. // ie, path to file = /test/vb3/. These will be unset: /, /test, /test/, /test/vb3, /test/vb3/ // This should hopefully prevent cookie conflicts when the cookie path is changed. if ($_SERVER['PATH_INFO'] or $_ENV['PATH_INFO']) { $scriptpath = $_SERVER['PATH_INFO'] ? $_SERVER['PATH_INFO'] : $_ENV['PATH_INFO']; } else { if ($_SERVER['REDIRECT_URL'] or $_ENV['REDIRECT_URL']) { $scriptpath = $_SERVER['REDIRECT_URL'] ? $_SERVER['REDIRECT_URL'] : $_ENV['REDIRECT_URL']; } else { $scriptpath = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']; } } $scriptpath = preg_replace(array('#/[^/]+\\.php$#i', '#/(' . preg_quote($vbulletin->config['Misc']['admincpdir'], '#') . '|' . preg_quote($vbulletin->config['Misc']['modcpdir'], '#') . ')(/|$)#i'), '', $scriptpath); $dirarray = explode('/', preg_replace('#/+$#', '', $scriptpath)); $alldirs = ''; $havepath = false; if (!defined('SKIP_AGGRESSIVE_LOGOUT')) { // sending this many headers has caused problems with a few // servers, especially with IIS. Defining SKIP_AGGRESSIVE_LOGOUT // reduces the number of cookie headers returned. foreach ($dirarray as $thisdir) { $alldirs .= "{$thisdir}"; if ($alldirs == $vbulletin->options['cookiepath'] or "{$alldirs}/" == $vbulletin->options['cookiepath']) { $havepath = true; } if (!empty($thisdir)) { // try unsetting without the / at the end exec_vbsetcookie($name, $value, $expire, $alldirs, $vbulletin->options['cookiedomain'], $secure, $httponly); } $alldirs .= "/"; exec_vbsetcookie($name, $value, $expire, $alldirs, $vbulletin->options['cookiedomain'], $secure, $httponly); } } if ($havepath == false) { exec_vbsetcookie($name, $value, $expire, $vbulletin->options['cookiepath'], $vbulletin->options['cookiedomain'], $secure, $httponly); } } else { exec_vbsetcookie($name, $value, $expire, $vbulletin->options['cookiepath'], $vbulletin->options['cookiedomain'], $secure, $httponly); } } else { if (empty($vbulletin->db->explain)) { //show some sort of error message global $templateassoc, $vbulletin; if (empty($templateassoc)) { // this is being called before templates have been cached, so just get the default one $template = $vbulletin->db->query_first_slave("\r\n\t\t\t\tSELECT templateid\r\n\t\t\t\tFROM " . TABLE_PREFIX . "template\r\n\t\t\t\tWHERE title = 'STANDARD_ERROR' AND styleid = -1\r\n\t\t\t"); $templateassoc = array('STANDARD_ERROR' => $template['templateid']); } eval(standard_error(fetch_error('cant_set_cookies', $filename, $linenum))); } } }
$bbcode_parser =& new vB_BbCodeParser($vbulletin, fetch_tag_list()); $bbcodes = $db->query_read_slave("SELECT * FROM " . TABLE_PREFIX . "bbcode ORDER BY bbcodetag, twoparams"); while ($bbcode = $db->fetch_array($bbcodes)) { $bbcode['output'] = $bbcode_parser->do_parse($bbcode['bbcodeexample'], false, false, true, false, true); $bbcode['bbcodeexample'] = htmlspecialchars_uni($bbcode['bbcodeexample']); if ($bbcode['twoparams']) { $bbcode['tag'] = '[' . $bbcode['bbcodetag'] . '=<span class="highlight">' . $vbphrase['option'] . '</span>]<span class="highlight">' . $vbphrase['value'] . '</span>[/' . $bbcode['bbcodetag'] . ']'; } else { $bbcode['tag'] = '[' . $bbcode['bbcodetag'] . ']<span class="highlight">' . $vbphrase['value'] . '</span>[/' . $bbcode['bbcodetag'] . ']'; } ($hook = vBulletinHook::fetch_hook('misc_bbcode_bit')) ? eval($hook) : false; eval('$template[\'bbcodebits\'] .= "' . fetch_template('help_bbcodes_bbcode') . '";'); eval('$template[\'bbcodelinks\'] .= "' . fetch_template('help_bbcodes_link') . '";'); } $navbits = construct_navbits(array('faq.php' . $vbulletin->session->vars['sessionurl_q'] => $vbphrase['faq'], '' => $vbphrase['bbcode_list'])); $show['iewidthfix'] = (is_browser('ie') and !is_browser('ie', 6)); $stylevar['codeblockwidth'] = 'auto'; $vbulletin->options['allowhtml'] = false; $vbulletin->options['allowbbcode'] = true; // ### CODE tag $specialbbcode['code'] = $bbcode_parser->parse("[code]<script type=\"text/javascript\">\n<!--\n\talert(\"Hello world!\");\n//-->\n</script>[/code]", 0, false); // ### HTML Tag $specialbbcode['html'] = $bbcode_parser->parse("[html]<img src=\"image.gif\" alt=\"image\" />\n<a href=\"testing.html\" target=\"_blank\">Testing</a>[/html]", 0, false); // ### PHP Tag $specialbbcode['php'] = $bbcode_parser->parse("[php]\$myvar = 'Hello World!';\nfor (\$i = 0; \$i < 10; \$i++)\n{\n\techo \$myvar . \"\\n\";\n}[/php]", 0, false); // ### Quote Tag $specialbbcode['quote1'] = $bbcode_parser->parse("[quote]Lorem ipsum dolor sit amet[/quote]", 0, false); $specialbbcode['quote2'] = $bbcode_parser->parse("[quote=John Doe]Lorem ipsum dolor sit amet[/quote]", 0, false); $max_post = $db->query_first_slave("SELECT MAX(postid) AS maxpostid FROM " . TABLE_PREFIX . "post"); $max_post['maxpostid'] = intval($max_post['maxpostid']); $specialbbcode['quote3'] = $bbcode_parser->parse("[quote=John Doe;{$max_post['maxpostid']}]Lorem ipsum dolor sit amet[/quote]", 0, false);
} if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { $vbulletin->options['viewattachedimages'] = ($vbulletin->options['viewattachedimages'] and $vbulletin->options['attachthumbs']) ? 1 : 0; } // needed for deleted post management $show['managepost'] = (can_moderate($threadinfo['forumid'], 'candeleteposts') or can_moderate($threadinfo['forumid'], 'canremoveposts')) ? true : false; $show['approvepost'] = can_moderate($threadinfo['forumid'], 'canmoderateposts') ? true : false; $show['managethread'] = can_moderate($threadinfo['forumid'], 'canmanagethreads') ? true : false; $show['inlinemod'] = ($show['managethread'] or $show['managepost'] or $show['approvepost']) ? true : false; $show['multiquote_global'] = ($vbulletin->options['multiquote'] and $vbulletin->userinfo['userid']); if ($show['multiquote_global']) { $vbulletin->input->clean_array_gpc('c', array('vbulletin_multiquote' => TYPE_STR)); $vbulletin->GPC['vbulletin_multiquote'] = explode(',', $vbulletin->GPC['vbulletin_multiquote']); } // work out if quickreply should be shown or not if ($vbulletin->options['quickreply'] and !$threadinfo['isdeleted'] and !is_browser('netscape') and $vbulletin->userinfo['userid'] and ($vbulletin->userinfo['userid'] == $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown'] or $vbulletin->userinfo['userid'] != $threadinfo['postuserid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']) and ($threadinfo['open'] or can_moderate($threadinfo['forumid'], 'canopenclose')) and !fetch_require_hvcheck('post')) { $show['quickreply'] = true; } else { $show['quickreply'] = false; } $show['lightbox'] = ($vbulletin->options['lightboxenabled'] and $vbulletin->options['usepopups']); $show['spacer'] = false; $saveparsed = ''; // inialise $post['postcount'] =& $vbulletin->GPC['postcount']; $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->thread =& $threadinfo; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$s_bing_num = $stat_bing_num; $usernamelang = sprintf($lang['KLEEJA_CP_W'], $user->data['name']); #size board by percent $per = $stat_sizes / ($config['total_size'] * 1048576); $per1 = round($per * 100, 2); $per1 = $per1 >= 100 ? 100 : ($per1 == 0 ? 1 : $per1); #ppl must know about kleeja version! $kleeja_version = '<a href="' . ADMIN_PATH . '?cp=p_check_update" title="' . $lang['R_CHECK_UPDATE'] . '">' . KLEEJA_VERSION . '</a>'; // // admin messages system // @ see how to do it beneath // $ADM_NOTIFICATIONS = array(); # show note: useing IE6 ! and he is admin ? omg ! $u_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars((string) strtolower($_SERVER['HTTP_USER_AGENT'])) : (function_exists('getenv') ? getenv('HTTP_USER_AGENT') : ''); if (is_browser('ie6') && !is_browser('ie8, ie7')) { $ADM_NOTIFICATIONS[] = array('id' => 'IE6', 'msg_type' => 'warning', 'title' => $lang['NOTE'], 'msg' => $lang['ADMIN_USING_IE6']); } # show note: if upgrading from 1rc6 to 1.0, some files must be deleted ! if (file_exists(PATH . 'includes/adm/files.php') || file_exists(PATH . 'admin.php')) { $ADM_NOTIFICATIONS[] = array('id' => 'old_files', 'msg_type' => 'info', 'title' => $lang['NOTE'], 'msg' => $lang['ADM_UNWANTED_FILES']); } # show note: if html url is enabled but .htaccess is not available in the root dir ! if (!file_exists(PATH . '.htaccess') && (int) $config['mod_writer'] == 1) { $ADM_NOTIFICATIONS[] = array('id' => 'htmlurlshtaccess', 'msg_type' => 'info', 'title' => $lang['NOTE'], 'msg' => $lang['HTML_URLS_ENABLED_NO_HTCC']); } # show note: new version, update now $v = @unserialize($config['new_version']); if (version_compare(strtolower(KLEEJA_VERSION), strtolower($v['version_number']), '<')) { $ADM_NOTIFICATIONS[] = array('id' => 'up_ver_klj', 'msg_type' => 'warning', 'title' => $lang['R_CHECK_UPDATE'], 'msg' => sprintf($lang['UPDATE_NOW_S'], KLEEJA_VERSION, $v['version_number']) . '<br />' . '<a href="http://www.kleeja.com/">www.kleeja.com</a>'); ($hook = $plugin->run_hook('admin_update_now')) ? eval($hook) : null;
function convert_wysiwyg_html_to_bbcode($text, $allowhtml = false, $p_two_linebreak = false) { global $vbulletin; // debug code $vbulletin->input->clean_gpc('r', 'showhtml', TYPE_BOOL); if ($vbulletin->debug and $vbulletin->GPC['showhtml']) { $otext = $text; } // deal with some wierdness that can be caused with URL tags in the WYSIWYG editor $text = preg_replace(array('#<a href="([^"]*)\\[([^"]+)"(.*)>(.*)\\[\\2</a>#siU', '#(<[^<>]+ (src|href))=(\'|"|)??(.*)(\\3)#esiU'), array('<a href="\\1"\\3>\\4</a>[\\2', "sanitize_url('\\1', '\\4', '\\3')"), $text); ($hook = vBulletinHook::fetch_hook('wysiwyg_parse_start')) ? eval($hook) : false; // attempt to remove bad html and keep only that which we intend to parse if (!$allowhtml) { $text = str_replace('<br/>', '<br />', $text); $text = preg_replace('#<script[^>]*>(.*)</script>#siU', '', $text); $text = strip_tags($text, '<b><strong><i><em><u><a><div><span><p><blockquote><ol><ul><li><font><img><br><h1><h2><h3><h4><h5><h6>'); } // convert 4 spaces to tabs in code/php/html tags; no longer used /*if (preg_match_all('#\[(code|php|html)\](.*)\[/\\1\]#siU', $text, $regs)) { foreach($regs[2] AS $key => $val) { $orig = $val; // convert ' ' to ' ' $val = str_replace(' ', ' ', $val); // convert 4 x to \t $val = preg_replace('#( ){4}#siU', "\t", $val); // replace text in original text $text = str_replace($orig, $val, $text); } }*/ // replace with a regular space $text = str_replace(' ', ' ', $text); // deal with newline characters if (is_browser('mozilla')) { $text = preg_replace('#(?<!<br>|<br />|\\r)(\\r\\n|\\n|\\r)#', ' ', $text); } $text = preg_replace('#(\\r\\n|\\n|\\r)#', '', $text); // regex find / replace #1 $pregfind = array('#<(h[0-9]+)[^>]*>(.*)</\\1>#siU', '#<img[^>]+smilieid="(\\d+)".*>#esiU', '#<img[^>]+src=(\'|")(.*)(\\1).*>#esiU', '#<br.*>#siU', '#<a name=[^>]*>(.*)</a>#siU', '#\\[(html|php)\\]((?>[^\\[]+?|(?R)|.))*\\[/\\1\\]#siUe', '#\\[url=(\'|"|"|)<A href="(.*)/??">\\2/??</A>#siU'); $pregreplace = array(is_bbcode_tag_allowed('b') ? "[B]\\2[/B]\n\n" : "\\2\n\n", "fetch_smilie_text(\\1)", "handle_wysiwyg_img('\\2')", "\n", '\\1', "strip_tags_callback('\\0')", '[URL=$1$2'); $text = preg_replace($pregfind, $pregreplace, $text); // recursive code parsers $text = parse_wysiwyg_recurse('b', $text, 'parse_wysiwyg_code_replacement', 'b'); $text = parse_wysiwyg_recurse('strong', $text, 'parse_wysiwyg_code_replacement', 'b'); $text = parse_wysiwyg_recurse('i', $text, 'parse_wysiwyg_code_replacement', 'i'); $text = parse_wysiwyg_recurse('em', $text, 'parse_wysiwyg_code_replacement', 'i'); $text = parse_wysiwyg_recurse('u', $text, 'parse_wysiwyg_code_replacement', 'u'); $text = parse_wysiwyg_recurse('a', $text, 'parse_wysiwyg_anchor'); $text = parse_wysiwyg_recurse('font', $text, 'parse_wysiwyg_font'); $text = parse_wysiwyg_recurse('blockquote', $text, 'parse_wysiwyg_code_replacement', 'indent'); $text = parse_wysiwyg_recurse('ol', $text, 'parse_wysiwyg_list'); $text = parse_wysiwyg_recurse('ul', $text, 'parse_wysiwyg_list'); $text = parse_wysiwyg_recurse('div', $text, 'parse_wysiwyg_div'); $text = parse_wysiwyg_recurse('span', $text, 'parse_wysiwyg_span'); // ugly ugly hack, but allow p's to be treated as 2 line breaks in some situations $GLOBALS['p_two_linebreak'] = $p_two_linebreak; $text = parse_wysiwyg_recurse('p', $text, 'parse_wysiwyg_paragraph'); // regex find / replace #2 $pregfind = array('#<li>(.*)((?=<li>)|</li>)#iU', '#<p></p>#i', '#<p.*>#iU'); $pregreplace = array("\\1\n", '', "\n"); $text = preg_replace($pregfind, $pregreplace, $text); // simple tag removals; mainly using PCRE for case insensitivity and /? $text = preg_replace('#</?(A|LI|FONT|IMG)>#siU', '', $text); // basic string replacements #2; don't replace " because browsers don't auto-encode quotes $strfind = array('<', '>', '&'); $strreplace = array('<', '>', '&'); if (is_array($vbulletin->smiliecache)) { global $vbulletin; foreach ($vbulletin->smiliecache as $smilie) { // [IMG]images/smilies/frown.gif[/IMG] $strfind[] = '[IMG]' . $smilie['smiliepath'] . '[/IMG]'; $strreplace[] = $smilie['smilietext']; // [IMG]http://domain.com/forum/images/smilies/frown.gif[/IMG] $strfind[] = '[IMG]' . create_full_url($smilie['smiliepath']) . '[/IMG]'; $strreplace[] = $smilie['smilietext']; } } $text = str_replace($strfind, $strreplace, $text); if (is_browser('mozilla')) { // mozilla treats line breaks before/after lists a little differently from IE (see #5774) $text = preg_replace('#\\[(list)#i', "\n[\\1", $text); $text = preg_replace('#\\[(/list)\\]#i', "[\\1]\n", $text); } $text = preg_replace('#(?<!\\r|\\n|^)\\[(/list|list|\\*)\\]#i', "\n[\\1]", $text); // replace advanced URL tags that should actually be basic ones $text = preg_replace('#\\[URL=("|\'|)(.*)\\1\\]\\2\\[/URL\\]#siU', '[URL]$2[/URL]', $text); // strip redundant alignment tag ([left] or [right]) // commentted out because bad HTML can do bad things to this (nested alignments) /*global $stylevar; $redundanttag = iif($stylevar['textdirection'] == 'ltr', 'left', 'right'); $text = preg_replace('#\[' . $redundanttag . '\](.*)(\r\n|\n|\r)??\[/' . $redundanttag . '\]#siU', '\\1', $text);*/ ($hook = vBulletinHook::fetch_hook('wysiwyg_parse_complete')) ? eval($hook) : false; // debug code $vbulletin->input->clean_gpc('r', 'showhtml', TYPE_BOOL); if ($vbulletin->debug and $vbulletin->GPC['showhtml']) { $GLOBALS['header'] .= "<table class=\"tborder\" cellpadding=\"4\" cellspacing=\"1\" width=\"100%\">\n\t\t<tr><td class=\"thead\">WYSIWYG HTML</td></tr>\n\t\t<tr><td class=\"alt1\">" . nl2br(htmlspecialchars($otext)) . "</td></tr>\n\t\t<tr><td class=\"thead\">Parsed BBcode</td></tr>\n\t\t<tr><td class=\"alt1\">" . nl2br(htmlspecialchars($text)) . "</td></tr>\n</table>"; } // return parsed text return trim($text); }