protected function fetchCanViewAlbumComment($commentid)
{
$comment = $this->content['album_picturecomment'][$commentid];
$attachment = $this->content['album_attachment'][$comment['attachmentid']];
require_once DIR . '/includes/functions_picturecomment.php';
if ($comment['state'] == 'moderation') {
if ((!vB::$vbulletin->userinfo['userid'] or vB::$vbulletin->userinfo['userid'] != $comment['postuserid']) and !fetch_user_picture_message_perm('canmoderatemessages', $attachment)) {
return false;
}
}
if (!vB::$vbulletin->options['pc_enabled']) {
return false;
}
return $this->fetchCanViewAlbumPhoto($comment['attachmentid']);
}
$picturecommentbits .= $response_handler->construct();
$moderated_count++;
}
if ($moderated_count != $vbulletin->userinfo['pcmoderatedcount']) {
// back counter -- likely tachy based, rebuild all counters
build_picture_comment_counters($vbulletin->userinfo['userid']);
}
if (!$picturecommentbits) {
standard_error(fetch_error('no_picture_comments_awaiting_approval', 'album.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['userid']}"), '', false);
}
// this is a small kludge to let me use fetch_user_picture_message_perm
// all pictures will be from this user and userid is the only value used
$pictureinfo = array('userid' => $userinfo['userid']);
$show['delete'] = fetch_user_picture_message_perm('candeletemessages', $pictureinfo);
$show['undelete'] = fetch_user_picture_message_perm('canundeletemessages', $pictureinfo);
$show['approve'] = fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo);
$show['inlinemod'] = ($show['delete'] or $show['undelete'] or $show['approve']);
eval('$picturecomment_css = "' . fetch_template('picturecomment_css') . '";');
($hook = vBulletinHook::fetch_hook('album_moderated_complete')) ? eval($hook) : false;
// navbar and final output
$navbits = construct_navbits(array('member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['userid']}" => construct_phrase($vbphrase['xs_profile'], $userinfo['username']), 'album.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['userid']}" => construct_phrase($vbphrase['xs_albums'], $userinfo['username']), '' => $vbphrase['picture_comments_awaiting_approval']));
eval('$navbar = "' . fetch_template('navbar') . '";');
eval('print_output("' . fetch_template('album_moderatedcomments') . '");');
}
// #######################################################################
if ($_REQUEST['do'] == 'unread') {
if (!$vbulletin->options['pc_enabled']) {
print_no_permission();
}
if ($userinfo['userid'] != $vbulletin->userinfo['userid']) {
print_no_permission();
$messages = $db->query_read_slave("
SELECT
picturecomment.*, a.userid AS picture_userid, a.caption AS picture_caption
FROM " . TABLE_PREFIX . "picturecomment AS picturecomment
INNER JOIN " . TABLE_PREFIX . "attachment AS a ON (a.filedataid = picturecomment.filedataid AND a.userid = picturecomment.userid AND a.contenttypeid = " . intval($contenttypeid) . ")
WHERE picturecomment.commentid IN (" . implode(',', $messageids) . ")
");
while ($message = $db->fetch_array($messages))
{
$pictureinfo = array(
'attachmentid' => $message['attachmentid'],
'userid' => $message['picture_userid']
);
$canmoderatemessages = fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo, $message);
$candeletemessages = fetch_user_picture_message_perm('candeletemessages', $pictureinfo, $message);
$canremovemessages = can_moderate(0, 'canremovepicturecomments');
if ($message['state'] == 'moderation' AND !$canmoderatemessages)
{
standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_messages'));
}
else if ($message['state'] == 'deleted' AND !$candeletemessages)
{
standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_messages'));
}
else
{
if (($physicaldel AND !$canremovemessages) OR (!$physicaldel AND !$candeletemessages))
{
standard_error(fetch_error('you_do_not_have_permission_to_delete_messages'));
/**
* Sets up different display variables for the Picture Comment
*
*/
function process_display()
{
global $show, $session;
$show['moderation'] = ($this->message['state'] == 'moderation');
$show['edit'] = fetch_user_picture_message_perm('caneditmessages', $this->pictureinfo, $this->message);
$show['inlinemod'] = (
fetch_user_picture_message_perm('canmoderatemessages', $this->pictureinfo, $this->message)
OR
fetch_user_picture_message_perm('canundeletemessages', $this->pictureinfo, $this->message)
OR
(
(
$this->pictureinfo['userid'] == $this->registry->userinfo['userid']
AND
$this->registry->userinfo['permissions']['albumpermissions'] & $this->registry->bf_ugp_albumpermissions['canmanagepiccomment']
AND
$this->message['state'] != 'deleted'
)
OR
can_moderate(0, 'candeletepicturecomments')
OR
can_moderate(0, 'canremovepicturecomments')
)
);
$this->message['pictureurl'] = "album.php?$session[sessionurl]albumid={$this->pictureinfo['albumid']}&attachmentid={$this->pictureinfo['attachmentid']}";
}
/**
* Fetches the Picture Comment HTML for a single picture
*
* @param array Information regarding the picture
* @param array (return) Statistics regarding the messages shown
* @param integer The current page pumber
* @param integer The number of comments per page
* @param integer A specific comment ID to focus on (causes pagenumber to be ignored)
* @param boolean Whether to show ignored messages in their full
*
* @return string The HTML for the picture comments
*
*/
function fetch_picturecommentbits($pictureinfo, &$messagestats, &$pagenumber, &$perpage, $commentid = 0, $showignored = false)
{
global $vbulletin, $vbphrase, $show;
require_once(DIR . '/includes/class_bbcode.php');
require_once(DIR . '/includes/class_picturecomment.php');
if ($vbulletin->options['globalignore'] != '' AND !can_moderate(0, 'candeletepicturecomments') AND !can_moderate(0, 'canremovepicturecomments'))
{
require_once(DIR . '/includes/functions_bigthree.php');
$coventry = fetch_coventry('string');
}
$messagestats = array();
$state = array('visible');
$state_or = array();
if (fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo))
{
$state[] = 'moderation';
}
else if ($vbulletin->userinfo['userid'])
{
$state_or[] = "(picturecomment.postuserid = " . $vbulletin->userinfo['userid'] . " AND state = 'moderation')";
}
if (can_moderate(0, 'canmoderatepicturecomments') OR ($vbulletin->userinfo['userid'] == $pictureinfo['userid'] AND $vbulletin->userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canmanagepiccomment']))
{
$state[] = 'deleted';
$deljoinsql = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (picturecomment.commentid = deletionlog.primaryid AND deletionlog.type = 'picturecomment')";
}
else
{
$deljoinsql = '';
}
$state_or[] = "picturecomment.state IN ('" . implode("','", $state) . "')";
$perpage = (!$perpage OR $perpage > $vbulletin->options['pc_maxperpage']) ? $vbulletin->options['pc_perpage'] : $perpage;
if ($commentid AND $commentinfo = fetch_picturecommentinfo($pictureinfo['filedataid'], $pictureinfo['userid'], $commentid))
{
$getpagenum = $vbulletin->db->query_first("
SELECT COUNT(*) AS comments
FROM " . TABLE_PREFIX . "picturecomment AS picturecomment
WHERE
filedataid = $pictureinfo[filedataid]
AND
userid = $pictureinfo[userid]
AND
(" . implode(" OR ", $state_or) . ")
AND
dateline <= $commentinfo[dateline]
" . ($coventry ? "AND picturecomment.postuserid NOT IN (" . $coventry . ")" : '' ) . "
");
$pagenumber = ceil($getpagenum['comments'] / $perpage);
}
do
{
if (!$pagenumber)
{
$pagenumber = 1;
}
$start = ($pagenumber - 1) * $perpage;
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('picture_comment_query')) ? eval($hook) : false;
$messagebits = '';
$messages = $vbulletin->db->query_read("
SELECT SQL_CALC_FOUND_ROWS
picturecomment.*, user.*, picturecomment.ipaddress AS messageipaddress
" . ($deljoinsql ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . "
" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, filedata_thumb, NOT ISNULL(customavatar.userid) AS hascustom" : "") . "
$hook_query_fields
FROM " . TABLE_PREFIX . "picturecomment AS picturecomment
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (picturecomment.postuserid = user.userid)
" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid)
LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "
$deljoinsql
$hook_query_joins
WHERE
picturecomment.filedataid = $pictureinfo[filedataid]
AND
picturecomment.userid = $pictureinfo[userid]
AND (" . implode(" OR ", $state_or) . ")
" . ($coventry ? "AND picturecomment.postuserid NOT IN (" . $coventry . ")" : '' ) . "
$hook_query_where
ORDER BY picturecomment.dateline
LIMIT $start, $perpage
");
list($messagestats['total']) = $vbulletin->db->query_first("SELECT FOUND_ROWS()", DBARRAY_NUM);
if ($start >= $messagestats['total'])
{
$pagenumber = ceil($messagestats['total'] / $perpage);
}
}
while ($start >= $messagestats['total'] AND $messagestats['total']);
$messagestats['start'] = $start + 1;
$messagestats['end'] = min($start + $perpage, $messagestats['total']);
$bbcode = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$factory = new vB_Picture_CommentFactory($vbulletin, $bbcode, $pictureinfo);
$messagebits = '';
$firstrecord = array();
$read_ids = array();
if ($vbulletin->userinfo['userid'] AND !$showignored)
{
$ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
}
else
{
$ignorelist = array();
}
while ($message = $vbulletin->db->fetch_array($messages))
{
if (!$firstrecord)
{
$firstrecord = $message;
}
if ($ignorelist AND in_array($message['postuserid'], $ignorelist))
{
$message['ignored'] = true;
}
if (!$showignored AND in_coventry($message['postuserid']))
{
$message['ignored'] = true;
}
$response_handler =& $factory->create($message);
$response_handler->cachable = false;
$messagebits .= $response_handler->construct();
if (!$message['messageread'] AND $message['state'] == 'visible' AND $pictureinfo['userid'] == $vbulletin->userinfo['userid'])
{
$read_ids[] = $message['commentid'];
}
$messagestats['lastcomment'] = $message['dateline'];
}
if ($pictureinfo['userid'] == $vbulletin->userinfo['userid'])
{
$readpcs = 0;
if (!empty($read_ids))
{
$readpcs = sizeof($read_ids);
$vbulletin->db->query_write("UPDATE " . TABLE_PREFIX . "picturecomment SET messageread = 1 WHERE commentid IN (" . implode(',', $read_ids) . ")");
}
if ($vbulletin->userinfo['pcunreadcount'] - $readpcs > 0 AND $vbulletin->options['globalignore'] != '')
{
build_picture_comment_counters($vbulletin->userinfo['userid']);
}
else if ($readpcs)
{
$vbulletin->db->query_write("
UPDATE " . TABLE_PREFIX . "user
SET
pcunreadcount = IF(pcunreadcount >= $readpcs, pcunreadcount - $readpcs, 0)
WHERE
userid = " . $vbulletin->userinfo['userid']
);
}
}
$messagestats['perpage'] = $perpage;
$show['delete'] = fetch_user_picture_message_perm('candeletemessages', $pictureinfo);
$show['undelete'] = fetch_user_picture_message_perm('canundeletemessages', $pictureinfo);
$show['approve'] = fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo);
$show['inlinemod'] = ($show['delete'] OR $show['undelete'] OR $show['approve']);
return $messagebits;
}
/**
* Sets up different display variables for the Picture Comment
*
*/
function process_display()
{
global $show;
$show['moderation'] = $this->message['state'] == 'moderation';
$show['edit'] = fetch_user_picture_message_perm('caneditmessages', $this->pictureinfo, $this->message);
$show['inlinemod'] = (fetch_user_picture_message_perm('canmoderatemessages', $this->pictureinfo, $this->message) or fetch_user_picture_message_perm('canundeletemessages', $this->pictureinfo, $this->message) or ($this->pictureinfo['userid'] == $this->registry->userinfo['userid'] and $this->registry->userinfo['permissions']['albumpermissions'] & $this->registry->bf_ugp_albumpermissions['canmanagepiccomment'] and $this->message['state'] != 'deleted' or can_moderate(0, 'candeletepicturecomments') or can_moderate(0, 'canremovepicturecomments')));
}
}
if ($_POST['do'] == 'sendemail') {
$vbulletin->input->clean_array_gpc('p', array('reason' => TYPE_STR));
if ($vbulletin->GPC['reason'] == '') {
standard_error(fetch_error('noreason'));
}
if ($perform_floodcheck) {
$reportobj->perform_floodcheck_commit();
}
$reportobj->do_report($vbulletin->GPC['reason'], $commentinfo);
$url =& $vbulletin->url;
print_standard_redirect('redirect_reportthanks');
}
}
if ($_POST['do'] == 'quickedit') {
if ($commentinfo and !fetch_user_picture_message_perm('caneditmessages', $pictureinfo, $commentinfo)) {
print_no_permission();
} else {
if (!$commentinfo and !$canpostmessage) {
print_no_permission();
}
}
$vbulletin->input->clean_array_gpc('p', array('editorid' => TYPE_NOHTML));
require_once DIR . '/includes/class_xml.php';
require_once DIR . '/includes/functions_editor.php';
$editorid = construct_edit_toolbar(htmlspecialchars_uni($commentinfo['pagetext']), false, 'picturecomment', true, true, false, 'qe', $vbulletin->GPC['editorid'], array(), 'content', 'vBForum_PictureComment', $commentinfo['commentid']);
$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
$xml->add_group('quickedit');
$xml->add_tag('editor', process_replacement_vars($messagearea), array('reason' => '', 'parsetype' => 'picturecomment', 'parsesmilies' => true, 'mode' => $show['is_wysiwyg_editor']));
$xml->add_tag('ckeconfig', vB_Ckeditor::getInstance($editorid)->getConfig());
$xml->close_group();
/**
* Sets up different display variables for the Picture Comment
*
*/
function process_display()
{
global $show, $session;
$show['moderation'] = $this->message['state'] == 'moderation';
$show['edit'] = fetch_user_picture_message_perm('caneditmessages', $this->pictureinfo, $this->message);
$show['inlinemod'] = (fetch_user_picture_message_perm('canmoderatemessages', $this->pictureinfo, $this->message) or fetch_user_picture_message_perm('canundeletemessages', $this->pictureinfo, $this->message) or ($this->pictureinfo['userid'] == $this->registry->userinfo['userid'] and $this->registry->userinfo['permissions']['albumpermissions'] & $this->registry->bf_ugp_albumpermissions['canmanagepiccomment'] and $this->message['state'] != 'deleted' or can_moderate(0, 'candeletepicturecomments') or can_moderate(0, 'canremovepicturecomments')));
if ($this->pictureinfo['groupid']) {
$this->message['pictureurl'] = fetch_seo_url('group', $this->pictureinfo, array('do' => 'picture', 'attachmentid' => $this->pictureinfo['attachmentid']));
} else {
$this->message['pictureurl'] = "album.php?{$session['sessionurl']}albumid={$this->pictureinfo['albumid']}&attachmentid={$this->pictureinfo['attachmentid']}";
}
}
$reportemail = ($vbulletin->options['enableemail'] and $vbulletin->options['rpemail']);
if (!$reportthread and !$reportemail) {
standard_error(fetch_error('emaildisabled'));
}
$reportobj =& new vB_ReportItem_PictureComment($vbulletin);
$reportobj->set_extrainfo('picture', $pictureinfo);
$reportobj->set_extrainfo('album', $albuminfo);
$reportobj->set_extrainfo('group', $group);
$perform_floodcheck = $reportobj->need_floodcheck();
if ($perform_floodcheck) {
$reportobj->perform_floodcheck_precommit();
}
if (!$commentinfo['commentid']) {
standard_error(fetch_error('invalidid', $vbphrase['comment'], $vbulletin->options['contactuslink']));
}
if ($commentinfo['state'] == 'moderation' and !fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo) and $commentinfo['postuserid'] != $vbulletin->userinfo['userid'] or $commentinfo['state'] == 'deleted' and !fetch_user_picture_message_perm('candeletemessages', $pictureinfo, $commentinfo)) {
standard_error(fetch_error('invalidid', $vbphrase['comment'], $vbulletin->options['contactuslink']));
}
($hook = vBulletinHook::fetch_hook('report_start')) ? eval($hook) : false;
if ($_REQUEST['do'] == 'report') {
// draw nav bar
$navbits[''] = $vbphrase['report_picture_comment'];
$navbits = construct_navbits($navbits);
require_once DIR . '/includes/functions_editor.php';
$textareacols = fetch_textarea_width();
eval('$usernamecode = "' . fetch_template('newpost_usernamecode') . '";');
eval('$navbar = "' . fetch_template('navbar') . '";');
$url =& $vbulletin->url;
($hook = vBulletinHook::fetch_hook('report_form_start')) ? eval($hook) : false;
$forminfo = $reportobj->set_forminfo($commentinfo);
eval('print_output("' . fetch_template('reportitem') . '");');
