$from_tid = ''; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); require_once MYBB_ROOT . "inc/functions_posting.php"; $plugins->run_hooks("xmlhttp_get_multiquoted_intermediate"); // Query for any posts in the list which are not within the specified thread $query = $db->query("\n\t\tSELECT p.subject, p.message, p.pid, p.tid, p.username, p.dateline, t.fid, p.visible, u.username AS userusername\n\t\tFROM " . TABLE_PREFIX . "posts p\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n\t\tWHERE {$from_tid}p.pid IN ({$quoted_posts}) {$unviewable_forums} {$inactiveforums}\n\t\tORDER BY p.dateline\n\t"); while ($quoted_post = $db->fetch_array($query)) { if (!is_moderator($quoted_post['fid'], "canviewunapprove") && $quoted_post['visible'] == 0) { continue; } $message .= parse_quoted_message($quoted_post, false); } if ($mybb->settings['maxquotedepth'] != '0') { $message = remove_message_quotes($message); } // Send our headers. header("Content-type: application/json; charset={$charset}"); $plugins->run_hooks("xmlhttp_get_multiquoted_end"); echo json_encode(array("message" => $message)); exit; } else { if ($mybb->input['action'] == "refresh_captcha") { $imagehash = $db->escape_string($mybb->get_input('imagehash')); $query = $db->simple_select("captcha", "dateline", "imagehash='{$imagehash}'"); if ($db->num_rows($query) == 0) { xmlhttp_error($lang->captcha_not_exists); } $db->delete_query("captcha", "imagehash='{$imagehash}'"); $randomstr = random_str(5);
/** * Performs cleanup of a quoted message, such as replacing /me commands, before presenting quoted post to the user. * * @param array quoted post info, taken from the DB (requires the 'message', 'username', 'pid' and 'dateline' entries to be set; will use 'userusername' if present) * @param boolean whether to call remove_message_quotes() on the quoted message * @return string the cleaned up message, wrapped in a quote tag */ function parse_quoted_message(&$quoted_post, $remove_message_quotes = true) { global $parser, $lang, $plugins; if (!isset($parser)) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } // Swap username over if we have a registered user if ($quoted_post['userusername']) { $quoted_post['username'] = $quoted_post['userusername']; } // Clean up the message $quoted_post['message'] = preg_replace(array('#(^|\\r|\\n)/me ([^\\r\\n<]*)#i', '#(^|\\r|\\n)/slap ([^\\r\\n<]*)#i', '#\\[attachment=([0-9]+?)\\]#i'), array("\\1* {$quoted_post['username']} \\2", "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", ""), $quoted_post['message']); $quoted_post['message'] = $parser->parse_badwords($quoted_post['message']); if ($remove_message_quotes) { global $mybb; $max_quote_depth = intval($mybb->settings['maxquotedepth']); if ($max_quote_depth) { $quoted_post['message'] = remove_message_quotes($quoted_post['message'], $max_quote_depth - 1); // we're wrapping the message in a [quote] tag, so take away one quote depth level } } $quoted_post = $plugins->run_hooks("parse_quoted_message", $quoted_post); return "[quote='{$quoted_post['username']}' pid='{$quoted_post['pid']}' dateline='{$quoted_post['dateline']}']\n{$quoted_post['message']}\n[/quote]\n\n"; }
// Decide whether or not to show quick reply. $quickreply = ''; if ($mybb->settings['pmquickreply'] != 0 && $mybb->user['showquickreply'] != 0 && $mybb->usergroup['cansendpms'] != 0 && $pm['fromid'] != 0 && $pm['folder'] != 3) { $trow = alt_trow(); $optionschecked = array('savecopy' => 'checked="checked"'); if (!empty($mybb->user['signature'])) { $optionschecked['signature'] = 'checked="checked"'; } if ($mybb->usergroup['cantrackpms'] == 1) { $optionschecked['readreceipt'] = 'checked="checked"'; } require_once MYBB_ROOT . 'inc/functions_posting.php'; $quoted_message = array('message' => htmlspecialchars_uni($parser->parse_badwords($pm['message'])), 'username' => $pm['username'], 'quote_is_pm' => true); $quoted_message = parse_quoted_message($quoted_message); if ($mybb->settings['maxpmquotedepth'] != '0') { $quoted_message = remove_message_quotes($quoted_message, $mybb->settings['maxpmquotedepth']); } $subject = preg_replace("#(FW|RE):( *)#is", '', $pm['subject']); if ($mybb->user['uid'] == $pm['fromid']) { $to = htmlspecialchars_uni($mybb->user['username']); } else { $query = $db->simple_select('users', 'username', "uid='{$pm['fromid']}'"); $to = htmlspecialchars_uni($db->fetch_field($query, 'username')); } $private_send_tracking = ''; if ($mybb->usergroup['cantrackpms']) { $lang->options_read_receipt = $lang->quickreply_read_receipt; eval("\$private_send_tracking = \"" . $templates->get("private_send_tracking") . "\";"); } eval("\$quickreply = \"" . $templates->get("private_quickreply") . "\";"); }
function get_quote_post_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; require_once MYBB_ROOT . $mybb->settings['tapatalk_directory'] . '/emoji/emoji.class.php'; $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::STRING), $xmlrpc_params); $lang->load("newreply"); $parser = new postParser(); $pids = explode('-', $input['post_id']); $message = ''; foreach ($pids as $pid) { $query = $db->simple_select("posts", "tid", "pid = '{$pid}'"); if ($db->num_rows($query) == 0) { return xmlrespfalse("Invalid post"); } $post = $db->fetch_array($query); $tid = $post['tid']; $options = array("limit" => 1); $query = $db->simple_select("threads", "*", "tid='" . $tid . "'"); if ($db->num_rows($query) == 0) { return xmlrespfalse($lang->error_invalidthread); } $thread = $db->fetch_array($query); $fid = $thread['fid']; // Get forum info $forum = get_forum($fid); if (!$forum) { return xmlrespfalse($lang->error_invalidforum); } $forumpermissions = forum_permissions($fid); if ($thread['visible'] == 0 && !is_moderator($fid) || $thread['visible'] < 0) { return xmlrespfalse($lang->error_invalidthread); } if ($forum['open'] == 0 || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostreplys'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } if ($forumpermissions['canonlyviewthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) { return tt_no_permission(); } tt_check_forum_password($forum['fid']); // Check to see if the thread is closed, and if the user is a mod. if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } } // Is the currently logged in user a moderator of this forum? if (is_moderator($fid)) { $ismod = true; } else { $ismod = false; } $unviewable_forums = get_unviewable_forums(); if ($unviewable_forums) { $unviewable_forums = "AND t.fid NOT IN ({$unviewable_forums})"; } if (is_moderator($fid)) { $visible_where = "AND p.visible != 2"; } else { $visible_where = "AND p.visible > 0"; } require_once MYBB_ROOT . "inc/functions_posting.php"; $query = $db->query("\n\t\t\tSELECT p.subject, p.message, p.pid, p.tid, p.username, p.dateline, u.username AS userusername\n\t\t\tFROM " . TABLE_PREFIX . "posts p\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n\t\t\tWHERE p.pid = {$pid} {$unviewable_forums} {$visible_where}\n\t\t"); $load_all = intval($mybb->input['load_all_quotes']); if ($db->num_rows($query) == 0) { return xmlrespfalse("Invalid post"); } $quoted_post = $db->fetch_array($query); // Only show messages for the current thread if ($quoted_post['tid'] == $tid || $load_all == 1) { // If this post was the post for which a quote button was clicked, set the subject if ($pid == $quoted_post['pid']) { $subject = preg_replace('#RE:\\s?#i', '', $quoted_post['subject']); $subject = "RE: " . $subject; } $message .= parse_quoted_message($quoted_post); $quoted_ids[] = $quoted_post['pid']; } else { ++$external_quotes; } if ($mybb->settings['maxquotedepth'] != '0') { $message = remove_message_quotes($message); } } $result = new xmlrpcval(array('post_id' => new xmlrpcval($pid), 'post_title' => new xmlrpcval($subject, 'base64'), 'post_content' => new xmlrpcval(tapatalkEmoji::covertNameToEmoji($message), 'base64')), 'struct'); return new xmlrpcresp($result); }