protected function fetchCanViewAlbumComment($commentid) { $comment = $this->content['album_picturecomment'][$commentid]; $attachment = $this->content['album_attachment'][$comment['attachmentid']]; require_once DIR . '/includes/functions_picturecomment.php'; if ($comment['state'] == 'moderation') { if ((!vB::$vbulletin->userinfo['userid'] or vB::$vbulletin->userinfo['userid'] != $comment['postuserid']) and !fetch_user_picture_message_perm('canmoderatemessages', $attachment)) { return false; } } if (!vB::$vbulletin->options['pc_enabled']) { return false; } return $this->fetchCanViewAlbumPhoto($comment['attachmentid']); }
$picturecommentbits .= $response_handler->construct(); $moderated_count++; } if ($moderated_count != $vbulletin->userinfo['pcmoderatedcount']) { // back counter -- likely tachy based, rebuild all counters build_picture_comment_counters($vbulletin->userinfo['userid']); } if (!$picturecommentbits) { standard_error(fetch_error('no_picture_comments_awaiting_approval', 'album.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['userid']}"), '', false); } // this is a small kludge to let me use fetch_user_picture_message_perm // all pictures will be from this user and userid is the only value used $pictureinfo = array('userid' => $userinfo['userid']); $show['delete'] = fetch_user_picture_message_perm('candeletemessages', $pictureinfo); $show['undelete'] = fetch_user_picture_message_perm('canundeletemessages', $pictureinfo); $show['approve'] = fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo); $show['inlinemod'] = ($show['delete'] or $show['undelete'] or $show['approve']); eval('$picturecomment_css = "' . fetch_template('picturecomment_css') . '";'); ($hook = vBulletinHook::fetch_hook('album_moderated_complete')) ? eval($hook) : false; // navbar and final output $navbits = construct_navbits(array('member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['userid']}" => construct_phrase($vbphrase['xs_profile'], $userinfo['username']), 'album.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['userid']}" => construct_phrase($vbphrase['xs_albums'], $userinfo['username']), '' => $vbphrase['picture_comments_awaiting_approval'])); eval('$navbar = "' . fetch_template('navbar') . '";'); eval('print_output("' . fetch_template('album_moderatedcomments') . '");'); } // ####################################################################### if ($_REQUEST['do'] == 'unread') { if (!$vbulletin->options['pc_enabled']) { print_no_permission(); } if ($userinfo['userid'] != $vbulletin->userinfo['userid']) { print_no_permission();
$messages = $db->query_read_slave(" SELECT picturecomment.*, a.userid AS picture_userid, a.caption AS picture_caption FROM " . TABLE_PREFIX . "picturecomment AS picturecomment INNER JOIN " . TABLE_PREFIX . "attachment AS a ON (a.filedataid = picturecomment.filedataid AND a.userid = picturecomment.userid AND a.contenttypeid = " . intval($contenttypeid) . ") WHERE picturecomment.commentid IN (" . implode(',', $messageids) . ") "); while ($message = $db->fetch_array($messages)) { $pictureinfo = array( 'attachmentid' => $message['attachmentid'], 'userid' => $message['picture_userid'] ); $canmoderatemessages = fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo, $message); $candeletemessages = fetch_user_picture_message_perm('candeletemessages', $pictureinfo, $message); $canremovemessages = can_moderate(0, 'canremovepicturecomments'); if ($message['state'] == 'moderation' AND !$canmoderatemessages) { standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_messages')); } else if ($message['state'] == 'deleted' AND !$candeletemessages) { standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_messages')); } else { if (($physicaldel AND !$canremovemessages) OR (!$physicaldel AND !$candeletemessages)) { standard_error(fetch_error('you_do_not_have_permission_to_delete_messages'));
/** * Sets up different display variables for the Picture Comment * */ function process_display() { global $show, $session; $show['moderation'] = ($this->message['state'] == 'moderation'); $show['edit'] = fetch_user_picture_message_perm('caneditmessages', $this->pictureinfo, $this->message); $show['inlinemod'] = ( fetch_user_picture_message_perm('canmoderatemessages', $this->pictureinfo, $this->message) OR fetch_user_picture_message_perm('canundeletemessages', $this->pictureinfo, $this->message) OR ( ( $this->pictureinfo['userid'] == $this->registry->userinfo['userid'] AND $this->registry->userinfo['permissions']['albumpermissions'] & $this->registry->bf_ugp_albumpermissions['canmanagepiccomment'] AND $this->message['state'] != 'deleted' ) OR can_moderate(0, 'candeletepicturecomments') OR can_moderate(0, 'canremovepicturecomments') ) ); $this->message['pictureurl'] = "album.php?$session[sessionurl]albumid={$this->pictureinfo['albumid']}&attachmentid={$this->pictureinfo['attachmentid']}"; }
/** * Fetches the Picture Comment HTML for a single picture * * @param array Information regarding the picture * @param array (return) Statistics regarding the messages shown * @param integer The current page pumber * @param integer The number of comments per page * @param integer A specific comment ID to focus on (causes pagenumber to be ignored) * @param boolean Whether to show ignored messages in their full * * @return string The HTML for the picture comments * */ function fetch_picturecommentbits($pictureinfo, &$messagestats, &$pagenumber, &$perpage, $commentid = 0, $showignored = false) { global $vbulletin, $vbphrase, $show; require_once(DIR . '/includes/class_bbcode.php'); require_once(DIR . '/includes/class_picturecomment.php'); if ($vbulletin->options['globalignore'] != '' AND !can_moderate(0, 'candeletepicturecomments') AND !can_moderate(0, 'canremovepicturecomments')) { require_once(DIR . '/includes/functions_bigthree.php'); $coventry = fetch_coventry('string'); } $messagestats = array(); $state = array('visible'); $state_or = array(); if (fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo)) { $state[] = 'moderation'; } else if ($vbulletin->userinfo['userid']) { $state_or[] = "(picturecomment.postuserid = " . $vbulletin->userinfo['userid'] . " AND state = 'moderation')"; } if (can_moderate(0, 'canmoderatepicturecomments') OR ($vbulletin->userinfo['userid'] == $pictureinfo['userid'] AND $vbulletin->userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canmanagepiccomment'])) { $state[] = 'deleted'; $deljoinsql = "LEFT JOIN " . TABLE_PREFIX . "deletionlog AS deletionlog ON (picturecomment.commentid = deletionlog.primaryid AND deletionlog.type = 'picturecomment')"; } else { $deljoinsql = ''; } $state_or[] = "picturecomment.state IN ('" . implode("','", $state) . "')"; $perpage = (!$perpage OR $perpage > $vbulletin->options['pc_maxperpage']) ? $vbulletin->options['pc_perpage'] : $perpage; if ($commentid AND $commentinfo = fetch_picturecommentinfo($pictureinfo['filedataid'], $pictureinfo['userid'], $commentid)) { $getpagenum = $vbulletin->db->query_first(" SELECT COUNT(*) AS comments FROM " . TABLE_PREFIX . "picturecomment AS picturecomment WHERE filedataid = $pictureinfo[filedataid] AND userid = $pictureinfo[userid] AND (" . implode(" OR ", $state_or) . ") AND dateline <= $commentinfo[dateline] " . ($coventry ? "AND picturecomment.postuserid NOT IN (" . $coventry . ")" : '' ) . " "); $pagenumber = ceil($getpagenum['comments'] / $perpage); } do { if (!$pagenumber) { $pagenumber = 1; } $start = ($pagenumber - 1) * $perpage; $hook_query_fields = $hook_query_joins = $hook_query_where = ''; ($hook = vBulletinHook::fetch_hook('picture_comment_query')) ? eval($hook) : false; $messagebits = ''; $messages = $vbulletin->db->query_read(" SELECT SQL_CALC_FOUND_ROWS picturecomment.*, user.*, picturecomment.ipaddress AS messageipaddress " . ($deljoinsql ? ",deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason" : "") . " " . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, filedata_thumb, NOT ISNULL(customavatar.userid) AS hascustom" : "") . " $hook_query_fields FROM " . TABLE_PREFIX . "picturecomment AS picturecomment LEFT JOIN " . TABLE_PREFIX . "user AS user ON (picturecomment.postuserid = user.userid) " . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . " $deljoinsql $hook_query_joins WHERE picturecomment.filedataid = $pictureinfo[filedataid] AND picturecomment.userid = $pictureinfo[userid] AND (" . implode(" OR ", $state_or) . ") " . ($coventry ? "AND picturecomment.postuserid NOT IN (" . $coventry . ")" : '' ) . " $hook_query_where ORDER BY picturecomment.dateline LIMIT $start, $perpage "); list($messagestats['total']) = $vbulletin->db->query_first("SELECT FOUND_ROWS()", DBARRAY_NUM); if ($start >= $messagestats['total']) { $pagenumber = ceil($messagestats['total'] / $perpage); } } while ($start >= $messagestats['total'] AND $messagestats['total']); $messagestats['start'] = $start + 1; $messagestats['end'] = min($start + $perpage, $messagestats['total']); $bbcode = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $factory = new vB_Picture_CommentFactory($vbulletin, $bbcode, $pictureinfo); $messagebits = ''; $firstrecord = array(); $read_ids = array(); if ($vbulletin->userinfo['userid'] AND !$showignored) { $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY); } else { $ignorelist = array(); } while ($message = $vbulletin->db->fetch_array($messages)) { if (!$firstrecord) { $firstrecord = $message; } if ($ignorelist AND in_array($message['postuserid'], $ignorelist)) { $message['ignored'] = true; } if (!$showignored AND in_coventry($message['postuserid'])) { $message['ignored'] = true; } $response_handler =& $factory->create($message); $response_handler->cachable = false; $messagebits .= $response_handler->construct(); if (!$message['messageread'] AND $message['state'] == 'visible' AND $pictureinfo['userid'] == $vbulletin->userinfo['userid']) { $read_ids[] = $message['commentid']; } $messagestats['lastcomment'] = $message['dateline']; } if ($pictureinfo['userid'] == $vbulletin->userinfo['userid']) { $readpcs = 0; if (!empty($read_ids)) { $readpcs = sizeof($read_ids); $vbulletin->db->query_write("UPDATE " . TABLE_PREFIX . "picturecomment SET messageread = 1 WHERE commentid IN (" . implode(',', $read_ids) . ")"); } if ($vbulletin->userinfo['pcunreadcount'] - $readpcs > 0 AND $vbulletin->options['globalignore'] != '') { build_picture_comment_counters($vbulletin->userinfo['userid']); } else if ($readpcs) { $vbulletin->db->query_write(" UPDATE " . TABLE_PREFIX . "user SET pcunreadcount = IF(pcunreadcount >= $readpcs, pcunreadcount - $readpcs, 0) WHERE userid = " . $vbulletin->userinfo['userid'] ); } } $messagestats['perpage'] = $perpage; $show['delete'] = fetch_user_picture_message_perm('candeletemessages', $pictureinfo); $show['undelete'] = fetch_user_picture_message_perm('canundeletemessages', $pictureinfo); $show['approve'] = fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo); $show['inlinemod'] = ($show['delete'] OR $show['undelete'] OR $show['approve']); return $messagebits; }
/** * Sets up different display variables for the Picture Comment * */ function process_display() { global $show; $show['moderation'] = $this->message['state'] == 'moderation'; $show['edit'] = fetch_user_picture_message_perm('caneditmessages', $this->pictureinfo, $this->message); $show['inlinemod'] = (fetch_user_picture_message_perm('canmoderatemessages', $this->pictureinfo, $this->message) or fetch_user_picture_message_perm('canundeletemessages', $this->pictureinfo, $this->message) or ($this->pictureinfo['userid'] == $this->registry->userinfo['userid'] and $this->registry->userinfo['permissions']['albumpermissions'] & $this->registry->bf_ugp_albumpermissions['canmanagepiccomment'] and $this->message['state'] != 'deleted' or can_moderate(0, 'candeletepicturecomments') or can_moderate(0, 'canremovepicturecomments'))); }
} if ($_POST['do'] == 'sendemail') { $vbulletin->input->clean_array_gpc('p', array('reason' => TYPE_STR)); if ($vbulletin->GPC['reason'] == '') { standard_error(fetch_error('noreason')); } if ($perform_floodcheck) { $reportobj->perform_floodcheck_commit(); } $reportobj->do_report($vbulletin->GPC['reason'], $commentinfo); $url =& $vbulletin->url; print_standard_redirect('redirect_reportthanks'); } } if ($_POST['do'] == 'quickedit') { if ($commentinfo and !fetch_user_picture_message_perm('caneditmessages', $pictureinfo, $commentinfo)) { print_no_permission(); } else { if (!$commentinfo and !$canpostmessage) { print_no_permission(); } } $vbulletin->input->clean_array_gpc('p', array('editorid' => TYPE_NOHTML)); require_once DIR . '/includes/class_xml.php'; require_once DIR . '/includes/functions_editor.php'; $editorid = construct_edit_toolbar(htmlspecialchars_uni($commentinfo['pagetext']), false, 'picturecomment', true, true, false, 'qe', $vbulletin->GPC['editorid'], array(), 'content', 'vBForum_PictureComment', $commentinfo['commentid']); $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml'); $xml->add_group('quickedit'); $xml->add_tag('editor', process_replacement_vars($messagearea), array('reason' => '', 'parsetype' => 'picturecomment', 'parsesmilies' => true, 'mode' => $show['is_wysiwyg_editor'])); $xml->add_tag('ckeconfig', vB_Ckeditor::getInstance($editorid)->getConfig()); $xml->close_group();
/** * Sets up different display variables for the Picture Comment * */ function process_display() { global $show, $session; $show['moderation'] = $this->message['state'] == 'moderation'; $show['edit'] = fetch_user_picture_message_perm('caneditmessages', $this->pictureinfo, $this->message); $show['inlinemod'] = (fetch_user_picture_message_perm('canmoderatemessages', $this->pictureinfo, $this->message) or fetch_user_picture_message_perm('canundeletemessages', $this->pictureinfo, $this->message) or ($this->pictureinfo['userid'] == $this->registry->userinfo['userid'] and $this->registry->userinfo['permissions']['albumpermissions'] & $this->registry->bf_ugp_albumpermissions['canmanagepiccomment'] and $this->message['state'] != 'deleted' or can_moderate(0, 'candeletepicturecomments') or can_moderate(0, 'canremovepicturecomments'))); if ($this->pictureinfo['groupid']) { $this->message['pictureurl'] = fetch_seo_url('group', $this->pictureinfo, array('do' => 'picture', 'attachmentid' => $this->pictureinfo['attachmentid'])); } else { $this->message['pictureurl'] = "album.php?{$session['sessionurl']}albumid={$this->pictureinfo['albumid']}&attachmentid={$this->pictureinfo['attachmentid']}"; } }
$reportemail = ($vbulletin->options['enableemail'] and $vbulletin->options['rpemail']); if (!$reportthread and !$reportemail) { standard_error(fetch_error('emaildisabled')); } $reportobj =& new vB_ReportItem_PictureComment($vbulletin); $reportobj->set_extrainfo('picture', $pictureinfo); $reportobj->set_extrainfo('album', $albuminfo); $reportobj->set_extrainfo('group', $group); $perform_floodcheck = $reportobj->need_floodcheck(); if ($perform_floodcheck) { $reportobj->perform_floodcheck_precommit(); } if (!$commentinfo['commentid']) { standard_error(fetch_error('invalidid', $vbphrase['comment'], $vbulletin->options['contactuslink'])); } if ($commentinfo['state'] == 'moderation' and !fetch_user_picture_message_perm('canmoderatemessages', $pictureinfo) and $commentinfo['postuserid'] != $vbulletin->userinfo['userid'] or $commentinfo['state'] == 'deleted' and !fetch_user_picture_message_perm('candeletemessages', $pictureinfo, $commentinfo)) { standard_error(fetch_error('invalidid', $vbphrase['comment'], $vbulletin->options['contactuslink'])); } ($hook = vBulletinHook::fetch_hook('report_start')) ? eval($hook) : false; if ($_REQUEST['do'] == 'report') { // draw nav bar $navbits[''] = $vbphrase['report_picture_comment']; $navbits = construct_navbits($navbits); require_once DIR . '/includes/functions_editor.php'; $textareacols = fetch_textarea_width(); eval('$usernamecode = "' . fetch_template('newpost_usernamecode') . '";'); eval('$navbar = "' . fetch_template('navbar') . '";'); $url =& $vbulletin->url; ($hook = vBulletinHook::fetch_hook('report_form_start')) ? eval($hook) : false; $forminfo = $reportobj->set_forminfo($commentinfo); eval('print_output("' . fetch_template('reportitem') . '");');