/** * Insert a thread into the database. * * @return array Array of new thread details, tid and visibility. */ function insert_thread() { global $db, $mybb, $plugins, $cache, $lang; // Yes, validating is required. if (!$this->get_validated()) { die("The thread needs to be validated before inserting it into the DB."); } if (count($this->get_errors()) > 0) { die("The thread is not valid."); } $thread =& $this->data; // Fetch the forum this thread is being made in $forum = get_forum($thread['fid']); // This thread is being saved as a draft. if ($thread['savedraft']) { $visible = -2; } else { $forumpermissions = forum_permissions($thread['fid'], $thread['uid']); // Decide on the visibility of this post. if ($forumpermissions['modthreads'] == 1 && !is_moderator($thread['fid'], "", $thread['uid'])) { $visible = 0; } else { $visible = 1; } // Are posts from this user being moderated? Change visibility if ($mybb->user['uid'] == $thread['uid'] && $mybb->user['moderateposts'] == 1) { $visible = 0; } } // Have a post ID but not a thread ID - fetch thread ID if (!empty($thread['pid']) && !$thread['tid']) { $query = $db->simple_select("posts", "tid", "pid='{$thread['pid']}"); $thread['tid'] = $db->fetch_field($query, "tid"); } if (isset($thread['pid']) && $thread['pid'] > 0) { $query = $db->simple_select("posts", "pid", "pid='{$thread['pid']}' AND uid='{$thread['uid']}' AND visible='-2'"); $draft_check = $db->fetch_field($query, "pid"); } else { $draft_check = false; } // Are we updating a post which is already a draft? Perhaps changing it into a visible post? if ($draft_check) { $this->thread_insert_data = array("subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "lastpost" => (int) $thread['dateline'], "lastposter" => $db->escape_string($thread['username']), "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread", $this); $db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'"); $this->post_insert_data = array("subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "message" => $db->escape_string($thread['message']), "ipaddress" => $db->escape_binary(my_inet_pton(get_ip())), "includesig" => $thread['options']['signature'], "smilieoff" => $thread['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread_post", $this); $db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'"); $this->tid = $thread['tid']; $this->pid = $thread['pid']; } else { $this->thread_insert_data = array("fid" => $thread['fid'], "subject" => $db->escape_string($thread['subject']), "prefix" => (int) $thread['prefix'], "icon" => (int) $thread['icon'], "uid" => $thread['uid'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "lastpost" => (int) $thread['dateline'], "lastposter" => $db->escape_string($thread['username']), "views" => 0, "replies" => 0, "visible" => $visible, "notes" => ''); $plugins->run_hooks("datahandler_post_insert_thread", $this); $this->tid = $db->insert_query("threads", $this->thread_insert_data); $this->post_insert_data = array("tid" => $this->tid, "fid" => $thread['fid'], "subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "uid" => $thread['uid'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "message" => $db->escape_string($thread['message']), "ipaddress" => $db->escape_binary(my_inet_pton(get_ip())), "includesig" => $thread['options']['signature'], "smilieoff" => $thread['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread_post", $this); $this->pid = $db->insert_query("posts", $this->post_insert_data); // Now that we have the post id for this first post, update the threads table. $firstpostup = array("firstpost" => $this->pid); $db->update_query("threads", $firstpostup, "tid='{$this->tid}'"); } // If we're not saving a draft there are some things we need to check now if (!$thread['savedraft']) { if ($thread['options']['subscriptionmethod'] != "" && $thread['uid'] > 0) { switch ($thread['options']['subscriptionmethod']) { case "pm": $notification = 2; break; case "email": $notification = 1; break; default: $notification = 0; } require_once MYBB_ROOT . "inc/functions_user.php"; add_subscribed_thread($this->tid, $notification, $thread['uid']); } // Perform any selected moderation tools. if (is_moderator($thread['fid'], "", $thread['uid']) && is_array($thread['modoptions'])) { $lang->load($this->language_file, true); $modoptions = $thread['modoptions']; $modlogdata['fid'] = $thread['fid']; if (isset($thread['tid'])) { $modlogdata['tid'] = $thread['tid']; } $modoptions_update = array(); // Close the thread. if (!empty($modoptions['closethread'])) { $modoptions_update['closed'] = 1; log_moderator_action($modlogdata, $lang->thread_closed); } // Stick the thread. if (!empty($modoptions['stickthread'])) { $modoptions_update['sticky'] = 1; log_moderator_action($modlogdata, $lang->thread_stuck); } // Execute moderation options. if ($modoptions_update) { $db->update_query('threads', $modoptions_update, "tid='{$this->tid}'"); } } if ($visible == 1) { // If we have a registered user then update their post count and last post times. if ($thread['uid'] > 0) { $user = get_user($thread['uid']); $update_query = array(); // Only update the lastpost column of the user if the date of the thread is newer than their last post. if ($thread['dateline'] > $user['lastpost']) { // Yes this has a single quote within a double quote. It's not a bug. $update_query['lastpost'] = "'{$thread['dateline']}'"; } // Update the post count if this forum allows post counts to be tracked if ($forum['usepostcounts'] != 0) { $update_query['postnum'] = "postnum+1"; } if ($forum['usethreadcounts'] != 0) { $update_query['threadnum'] = 'threadnum+1'; } // Only update the table if we need to. if (!empty($update_query)) { $db->update_query("users", $update_query, "uid='{$thread['uid']}'", 1, true); } } if (!isset($forum['lastpost'])) { $forum['lastpost'] = 0; } $done_users = array(); // Queue up any forum subscription notices to users who are subscribed to this forum. $excerpt = my_substr($thread['message'], 0, $mybb->settings['subscribeexcerpt']) . $lang->emailbit_viewthread; // Parse badwords require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $excerpt = $parser->parse_badwords($excerpt); $query = $db->query("\n\t\t\t\t\tSELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate\n\t\t\t\t\tFROM " . TABLE_PREFIX . "forumsubscriptions fs\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=fs.uid)\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (g.gid=u.usergroup)\n\t\t\t\t\tWHERE fs.fid='" . (int) $thread['fid'] . "'\n\t\t\t\t\tAND fs.uid != '" . (int) $thread['uid'] . "'\n\t\t\t\t\tAND u.lastactive > '{$forum['lastpost']}'\n\t\t\t\t\tAND g.isbannedgroup != 1\n\t\t\t\t"); while ($subscribedmember = $db->fetch_array($query)) { if ($done_users[$subscribedmember['uid']]) { continue; } $done_users[$subscribedmember['uid']] = 1; $forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { continue; } if (!is_moderator($thread['fid'], "", $subscribedmember['uid']) && $forumpermissions['canonlyviewownthreads'] == 1) { // In a 'view own only' forum and not a moderator continue; } // Determine the language pack we'll be using to send this email in and load it if it isn't already. if ($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) { $uselang = $subscribedmember['language']; } else { if ($mybb->settings['bblanguage']) { $uselang = $mybb->settings['bblanguage']; } else { $uselang = "english"; } } if ($uselang == $mybb->settings['bblanguage']) { $emailsubject = $lang->emailsubject_forumsubscription; $emailmessage = $lang->email_forumsubscription; } else { if (!isset($langcache[$uselang]['emailsubject_forumsubscription'])) { $userlang = new MyLanguage(); $userlang->set_path(MYBB_ROOT . "inc/languages"); $userlang->set_language($uselang); $userlang->load("messages"); $langcache[$uselang]['emailsubject_forumsubscription'] = $userlang->emailsubject_forumsubscription; $langcache[$uselang]['email_forumsubscription'] = $userlang->email_forumsubscription; unset($userlang); } $emailsubject = $langcache[$uselang]['emailsubject_forumsubscription']; $emailmessage = $langcache[$uselang]['email_forumsubscription']; } $emailsubject = $lang->sprintf($emailsubject, $forum['name']); $post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']); $emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $thread['username'], $forum['name'], $mybb->settings['bbname'], $thread['subject'], $excerpt, $mybb->settings['bburl'], get_thread_link($this->tid), $thread['fid'], $post_code); $new_email = array("mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => ''); $db->insert_query("mailqueue", $new_email); unset($userlang); $queued_email = 1; } // Have one or more emails been queued? Update the queue count if (isset($queued_email) && $queued_email == 1) { $cache->update_mailqueue(); } } } // Assign any uploaded attachments with the specific posthash to the newly created post. if ($thread['posthash']) { $thread['posthash'] = $db->escape_string($thread['posthash']); $attachmentassign = array("pid" => $this->pid, "posthash" => ''); $db->update_query("attachments", $attachmentassign, "posthash='{$thread['posthash']}' AND pid='0'"); } if ($visible == 1) { update_last_post($this->tid); update_forum_counters($thread['fid'], array("threads" => "+1", "posts" => "+1")); update_forum_lastpost($thread['fid']); } else { if ($visible == 0) { update_forum_counters($thread['fid'], array("unapprovedthreads" => "+1", "unapprovedposts" => "+1")); } } $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'"); $attachmentcount = $db->fetch_field($query, "attachmentcount"); if ($attachmentcount > 0) { update_thread_counters($this->tid, array("attachmentcount" => "+{$attachmentcount}")); } // Return the post's pid and whether or not it is visible. $this->return_values = array("pid" => $this->pid, "tid" => $this->tid, "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread_end", $this); return $this->return_values; }
/** * Insert a new private message. * * @return array Array of PM useful data. */ function insert_pm() { global $cache, $db, $mybb, $plugins, $lang; // Yes, validating is required. if (!$this->get_validated()) { die("The PM needs to be validated before inserting it into the DB."); } if (count($this->get_errors()) > 0) { die("The PM is not valid."); } // Assign data to common variable $pm =& $this->data; $pm['pmid'] = intval($pm['pmid']); if (!$pm['icon'] || $pm['icon'] < 0) { $pm['icon'] = 0; } $uid = 0; if (!is_array($pm['recipients'])) { $recipient_list = array(); } else { // Build recipient list foreach ($pm['recipients'] as $recipient) { if ($recipient['bcc']) { $recipient_list['bcc'][] = $recipient['uid']; } else { $recipient_list['to'][] = $recipient['uid']; $uid = $recipient['uid']; } } } $this->pm_insert_data = array('fromid' => intval($pm['sender']['uid']), 'folder' => $pm['folder'], 'subject' => $db->escape_string($pm['subject']), 'icon' => intval($pm['icon']), 'message' => $db->escape_string($pm['message']), 'dateline' => TIME_NOW, 'status' => 0, 'includesig' => $pm['options']['signature'], 'smilieoff' => $pm['options']['disablesmilies'], 'receipt' => intval($pm['options']['readreceipt']), 'readtime' => 0, 'recipients' => $db->escape_string(serialize($recipient_list))); // Check if we're updating a draft or not. $query = $db->simple_select("privatemessages", "pmid, deletetime", "folder='3' AND uid='" . intval($pm['sender']['uid']) . "' AND pmid='{$pm['pmid']}'"); $draftcheck = $db->fetch_array($query); // This PM was previously a draft if ($draftcheck['pmid']) { if ($draftcheck['deletetime']) { // This draft was a reply to a PM $pm['pmid'] = $draftcheck['deletetime']; $pm['do'] = "reply"; } // Delete the old draft as we no longer need it $db->delete_query("privatemessages", "pmid='{$draftcheck['pmid']}'"); } // Saving this message as a draft if ($pm['saveasdraft']) { $this->pm_insert_data['uid'] = $pm['sender']['uid']; // If this is a reply, then piggyback into the deletetime to let us know in the future if ($pm['do'] == "reply" || $pm['do'] == "replyall") { $this->pm_insert_data['deletetime'] = $pm['pmid']; } $plugins->run_hooks("datahandler_pm_insert_updatedraft", $this); $db->insert_query("privatemessages", $this->pm_insert_data); // If this is a draft, end it here - below deals with complete messages return array("draftsaved" => 1); } // Save a copy of the PM for each of our recipients foreach ($pm['recipients'] as $recipient) { // Send email notification of new PM if it is enabled for the recipient $query = $db->simple_select("privatemessages", "dateline", "uid='" . $recipient['uid'] . "' AND folder='1'", array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit' => 1)); $lastpm = $db->fetch_array($query); if ($recipient['pmnotify'] == 1 && $recipient['lastactive'] > $lastpm['dateline']) { if ($recipient['language'] != "" && $lang->language_exists($recipient['language'])) { $uselang = $recipient['language']; } elseif ($mybb->settings['bblanguage']) { $uselang = $mybb->settings['bblanguage']; } else { $uselang = "english"; } if ($uselang == $mybb->settings['bblanguage'] && !empty($lang->emailsubject_newpm)) { $emailsubject = $lang->emailsubject_newpm; $emailmessage = $lang->email_newpm; } else { $userlang = new MyLanguage(); $userlang->set_path(MYBB_ROOT . "inc/languages"); $userlang->set_language($uselang); $userlang->load("messages"); $emailsubject = $userlang->emailsubject_newpm; $emailmessage = $userlang->email_newpm; } if (!$pm['sender']['username']) { $pm['sender']['username'] = $lang->mybb_engine; } $emailmessage = $lang->sprintf($emailmessage, $recipient['username'], $pm['sender']['username'], $mybb->settings['bbname'], $mybb->settings['bburl']); $emailsubject = $lang->sprintf($emailsubject, $mybb->settings['bbname']); $new_email = array("mailto" => $db->escape_string($recipient['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => ''); $db->insert_query("mailqueue", $new_email); $cache->update_mailqueue(); } $this->pm_insert_data['uid'] = $recipient['uid']; $this->pm_insert_data['toid'] = $recipient['uid']; $plugins->run_hooks("datahandler_pm_insert", $this); $this->pmid = $db->insert_query("privatemessages", $this->pm_insert_data); // If PM noices/alerts are on, show! if ($recipient['pmnotice'] == 1) { $updated_user = array("pmnotice" => 2); $db->update_query("users", $updated_user, "uid='{$recipient['uid']}'"); } // Update private message count (total, new and unread) for recipient require_once MYBB_ROOT . "/inc/functions_user.php"; update_pm_count($recipient['uid'], 7, $recipient['lastactive']); } // Are we replying or forwarding an existing PM? if ($pm['pmid']) { if ($pm['do'] == "reply" || $pm['do'] == "replyall") { $sql_array = array('status' => 3, 'statustime' => TIME_NOW); $db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}"); } elseif ($pm['do'] == "forward") { $sql_array = array('status' => 4, 'statustime' => TIME_NOW); $db->update_query("privatemessages", $sql_array, "pmid={$pm['pmid']} AND uid={$pm['sender']['uid']}"); } } // If we're saving a copy if ($pm['options']['savecopy'] != 0) { if (isset($recipient_list['to']) && count($recipient_list['to']) == 1) { $this->pm_insert_data['toid'] = $uid; } else { $this->pm_insert_data['toid'] = 0; } $this->pm_insert_data['uid'] = intval($pm['sender']['uid']); $this->pm_insert_data['folder'] = 2; $this->pm_insert_data['status'] = 1; $this->pm_insert_data['receipt'] = 0; $plugins->run_hooks("datahandler_pm_insert_savedcopy", $this); $db->insert_query("privatemessages", $this->pm_insert_data); // Because the sender saved a copy, update their total pm count require_once MYBB_ROOT . "/inc/functions_user.php"; update_pm_count($pm['sender']['uid'], 1); } // Return back with appropriate data return array("messagesent" => 1); }