function determineActions($urls, $preferred_prefix = false) { global $txt, $user_info, $modSettings, $smcFunc, $context; if (!allowedTo('who_view')) { return array(); } loadLanguage('Who'); global $scripturl; if ($modSettings['sp_portal_mode'] == 1) { $txt['who_index'] = sprintf($txt['sp_who_index'], $scripturl); $txt['whoall_forum'] = sprintf($txt['sp_who_forum'], $scripturl); } // Actions that require a specific permission level. $allowedActions = array('admin' => array('moderate_forum', 'manage_membergroups', 'manage_bans', 'admin_forum', 'manage_permissions', 'send_mail', 'manage_attachments', 'manage_smileys', 'manage_boards', 'edit_news'), 'ban' => array('manage_bans'), 'boardrecount' => array('admin_forum'), 'calendar' => array('calendar_view'), 'editnews' => array('edit_news'), 'mailing' => array('send_mail'), 'maintain' => array('admin_forum'), 'manageattachments' => array('manage_attachments'), 'manageboards' => array('manage_boards'), 'mlist' => array('view_mlist'), 'moderate' => array('access_mod_center', 'moderate_forum', 'manage_membergroups'), 'optimizetables' => array('admin_forum'), 'repairboards' => array('admin_forum'), 'search' => array('search_posts'), 'search2' => array('search_posts'), 'setcensor' => array('moderate_forum'), 'setreserve' => array('moderate_forum'), 'stats' => array('view_stats'), 'viewErrorLog' => array('admin_forum'), 'viewmembers' => array('moderate_forum')); if (!is_array($urls)) { $url_list = array(array($urls, $user_info['id'])); } else { $url_list = $urls; } // These are done to later query these in large chunks. (instead of one by one.) $topic_ids = array(); $profile_ids = array(); $board_ids = array(); $page_ids = array(); $data = array(); foreach ($url_list as $k => $url) { // Get the request parameters.. $actions = @unserialize($url[0]); if ($actions === false) { continue; } // If it's the admin or moderation center, and there is an area set, use that instead. if (isset($actions['action']) && ($actions['action'] == 'admin' || $actions['action'] == 'moderate') && isset($actions['area'])) { $actions['action'] = $actions['area']; } // Check if there was no action or the action is display. if (!isset($actions['action']) || $actions['action'] == 'display') { // It's a topic! Must be! if (isset($actions['topic'])) { // Assume they can't view it, and queue it up for later. $data[$k] = $txt['who_hidden']; $topic_ids[(int) $actions['topic']][$k] = $txt['who_topic']; } elseif (isset($actions['board'])) { // Hide first, show later. $data[$k] = $txt['who_hidden']; $board_ids[$actions['board']][$k] = $txt['who_board']; } elseif (isset($actions['page'])) { $data[$k] = $txt['who_hidden']; $page_ids[$actions['page']][$k] = $txt['sp_who_page']; } else { $data[$k] = $txt['who_index']; } } elseif ($actions['action'] == '') { $data[$k] = $txt['who_index']; } else { // Viewing/editing a profile. if ($actions['action'] == 'profile') { // Whose? Their own? if (empty($actions['u'])) { $actions['u'] = $url[1]; } $data[$k] = $txt['who_hidden']; $profile_ids[(int) $actions['u']][$k] = $actions['action'] == 'profile' ? $txt['who_viewprofile'] : $txt['who_profile']; } elseif (($actions['action'] == 'post' || $actions['action'] == 'post2') && empty($actions['topic']) && isset($actions['board'])) { $data[$k] = $txt['who_hidden']; $board_ids[(int) $actions['board']][$k] = isset($actions['poll']) ? $txt['who_poll'] : $txt['who_post']; } elseif (isset($actions['sa']) && isset($txt['whoall_' . $actions['action'] . '_' . $actions['sa']])) { $data[$k] = $preferred_prefix && isset($txt[$preferred_prefix . $actions['action'] . '_' . $actions['sa']]) ? $txt[$preferred_prefix . $actions['action'] . '_' . $actions['sa']] : $txt['whoall_' . $actions['action'] . '_' . $actions['sa']]; } elseif (isset($txt['whoall_' . $actions['action']])) { $data[$k] = $preferred_prefix && isset($txt[$preferred_prefix . $actions['action']]) ? $txt[$preferred_prefix . $actions['action']] : $txt['whoall_' . $actions['action']]; } elseif (isset($txt['whotopic_' . $actions['action']])) { // Find out what topic they are accessing. $topic = (int) (isset($actions['topic']) ? $actions['topic'] : (isset($actions['from']) ? $actions['from'] : 0)); $data[$k] = $txt['who_hidden']; $topic_ids[$topic][$k] = $txt['whotopic_' . $actions['action']]; } elseif (isset($txt['whopost_' . $actions['action']])) { // Find out what message they are accessing. $msgid = (int) (isset($actions['msg']) ? $actions['msg'] : (isset($actions['quote']) ? $actions['quote'] : 0)); $result = $smcFunc['db_query']('', ' SELECT m.id_topic, m.subject FROM {db_prefix}messages AS m INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board) INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic' . ($modSettings['postmod_active'] ? ' AND t.approved = {int:is_approved}' : '') . ') WHERE m.id_msg = {int:id_msg} AND {query_see_board}' . ($modSettings['postmod_active'] ? ' AND m.approved = {int:is_approved}' : '') . ' LIMIT 1', array('is_approved' => 1, 'id_msg' => $msgid)); list($id_topic, $subject) = $smcFunc['db_fetch_row']($result); $data[$k] = sprintf($txt['whopost_' . $actions['action']], $id_topic, $subject); $smcFunc['db_free_result']($result); if (empty($id_topic)) { $data[$k] = $txt['who_hidden']; } } elseif (allowedTo('moderate_forum') && isset($txt['whoadmin_' . $actions['action']])) { $data[$k] = $txt['whoadmin_' . $actions['action']]; } elseif (isset($allowedActions[$actions['action']])) { if (allowedTo($allowedActions[$actions['action']])) { $data[$k] = $txt['whoallow_' . $actions['action']]; } else { $data[$k] = $txt['who_hidden']; } } else { $data[$k] = $txt['who_unknown']; } } // Maybe the action is integrated into another system? if (count($integrate_actions = call_integration_hook('integrate_whos_online', array($actions))) > 0) { foreach ($integrate_actions as $integrate_action) { if (!empty($integrate_action)) { $data[$k] = $integrate_action; break; } } } } // Load topic names. if (!empty($topic_ids)) { $result = $smcFunc['db_query']('', ' SELECT t.id_topic, m.subject FROM {db_prefix}topics AS t INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board) INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg) WHERE {query_see_board} AND t.id_topic IN ({array_int:topic_list})' . ($modSettings['postmod_active'] ? ' AND t.approved = {int:is_approved}' : '') . ' LIMIT {int:limit}', array('topic_list' => array_keys($topic_ids), 'is_approved' => 1, 'limit' => count($topic_ids))); while ($row = $smcFunc['db_fetch_assoc']($result)) { // Show the topic's subject for each of the actions. foreach ($topic_ids[$row['id_topic']] as $k => $session_text) { $data[$k] = sprintf($session_text, $row['id_topic'], censorText($row['subject'])); } } $smcFunc['db_free_result']($result); } // Load board names. if (!empty($board_ids)) { $result = $smcFunc['db_query']('', ' SELECT b.id_board, b.name FROM {db_prefix}boards AS b WHERE {query_see_board} AND b.id_board IN ({array_int:board_list}) LIMIT ' . count($board_ids), array('board_list' => array_keys($board_ids))); while ($row = $smcFunc['db_fetch_assoc']($result)) { // Put the board name into the string for each member... foreach ($board_ids[$row['id_board']] as $k => $session_text) { $data[$k] = sprintf($session_text, $row['id_board'], $row['name']); } } $smcFunc['db_free_result']($result); } if (!empty($page_ids)) { $numeric_ids = array(); $string_ids = array(); $page_where = array(); foreach ($page_ids as $page_id => $dummy) { if (is_numeric($page_id)) { $numeric_ids[] = (int) $page_id; } else { $string_ids[] = $page_id; } } if (!empty($numeric_ids)) { $page_where[] = 'id_page IN ({array_int:numeric_ids})'; } if (!empty($string_ids)) { $page_where[] = 'namespace IN ({array_string:string_ids})'; } $result = $smcFunc['db_query']('', ' SELECT id_page, namespace, title, permission_set, groups_allowed, groups_denied FROM {db_prefix}sp_pages WHERE ' . implode(' OR ', $page_where) . ' LIMIT {int:limit}', array('numeric_ids' => $numeric_ids, 'string_ids' => $string_ids, 'limit' => count($page_ids))); $page_data = array(); while ($row = $smcFunc['db_fetch_assoc']($result)) { if (!sp_allowed_to('page', $row['id_page'], $row['permission_set'], $row['groups_allowed'], $row['groups_denied'])) { continue; } $page_data[] = array('id' => $row['id_page'], 'namespace' => $row['namespace'], 'title' => $row['title']); } $smcFunc['db_free_result']($result); if (!empty($page_data)) { foreach ($page_data as $page) { if (isset($page_ids[$page['id']])) { foreach ($page_ids[$page['id']] as $k => $session_text) { $data[$k] = sprintf($session_text, $page['id'], censorText($page['title']), $scripturl); } } if (isset($page_ids[$page['namespace']])) { foreach ($page_ids[$page['namespace']] as $k => $session_text) { $data[$k] = sprintf($session_text, $page['namespace'], censorText($page['title']), $scripturl); } } } } } // Load member names for the profile. if (!empty($profile_ids) && (allowedTo('profile_view_any') || allowedTo('profile_view_own'))) { $result = $smcFunc['db_query']('', ' SELECT id_member, real_name FROM {db_prefix}members WHERE id_member IN ({array_int:member_list}) LIMIT ' . count($profile_ids), array('member_list' => array_keys($profile_ids))); while ($row = $smcFunc['db_fetch_assoc']($result)) { // If they aren't allowed to view this person's profile, skip it. if (!allowedTo('profile_view_any') && $user_info['id'] != $row['id_member']) { continue; } // Set their action on each - session/text to sprintf. foreach ($profile_ids[$row['id_member']] as $k => $session_text) { $data[$k] = sprintf($session_text, $row['id_member'], $row['real_name']); } } $smcFunc['db_free_result']($result); } if (!is_array($urls)) { return isset($data[0]) ? $data[0] : false; } else { return $data; } }
function sportal_get_shoutbox($shoutbox_id = null, $active = false, $allowed = false) { global $smcFunc; $query = array(); $parameters = array(); if ($shoutbox_id !== null) { $query[] = 'id_shoutbox = {int:shoutbox_id}'; $parameters['shoutbox_id'] = $shoutbox_id; } if (!empty($active)) { $query[] = 'status = {int:status}'; $parameters['status'] = 1; } $request = $smcFunc['db_query']('', ' SELECT id_shoutbox, name, permission_set, groups_allowed, groups_denied, moderator_groups, warning, allowed_bbc, height, num_show, num_max, refresh, reverse, caching, status, num_shouts, last_update FROM {db_prefix}sp_shoutboxes' . (!empty($query) ? ' WHERE ' . implode(' AND ', $query) : '') . ' ORDER BY name', $parameters); $return = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { if (!empty($allowed) && !sp_allowed_to('shoutbox', $row['id_shoutbox'], $row['permission_set'], $row['groups_allowed'], $row['groups_denied'])) { continue; } $return[$row['id_shoutbox']] = array('id' => $row['id_shoutbox'], 'name' => $row['name'], 'permission_set' => $row['permission_set'], 'groups_allowed' => $row['groups_allowed'] !== '' ? explode(',', $row['groups_allowed']) : array(), 'groups_denied' => $row['groups_denied'] !== '' ? explode(',', $row['groups_denied']) : array(), 'moderator_groups' => $row['moderator_groups'] !== '' ? explode(',', $row['moderator_groups']) : array(), 'warning' => $row['warning'], 'allowed_bbc' => explode(',', $row['allowed_bbc']), 'height' => $row['height'], 'num_show' => $row['num_show'], 'num_max' => $row['num_max'], 'refresh' => $row['refresh'], 'reverse' => $row['reverse'], 'caching' => $row['caching'], 'status' => $row['status'], 'num_shouts' => $row['num_shouts'], 'last_update' => $row['last_update']); } $smcFunc['db_free_result']($request); return !empty($shoutbox_id) ? current($return) : $return; }