function spamalyser_build_post_path(&$logitem) { global $lang, $forums, $mybb; $bburl = htmlspecialchars_uni($mybb->settings['bburl'] . '/'); $subject = htmlspecialchars_uni($logitem['subject']); if ($logitem['real_pid']) { $subject = '<a href="' . $bburl . get_post_link($logitem['pid'], $logitem['tid']) . '#pid' . $logitem['pid'] . '" target="_blank">' . $subject . '</a>'; } if ($logitem['threadsubject']) { if ($logitem['real_tid']) { $subject = '<a href="' . $bburl . get_thread_link($logitem['tid']) . '" target="_blank">' . htmlspecialchars_uni($logitem['threadsubject']) . '</a> » ' . $subject; } else { $subject = htmlspecialchars_uni($logitem['threadsubject']) . ' » ' . $subject; } } if (empty($forums)) { $forums = $GLOBALS['cache']->read('forums'); } if ($forums[$logitem['fid']]) { $subject = '<a href="' . $bburl . get_forum_link($logitem['fid']) . '" target="_blank">' . $forums[$logitem['fid']]['name'] . '</a> » ' . $subject; } // new/edit icons if ($logitem['event'] == 0) { $subject = '<img src="spamalyser_img/post_new.gif" title="' . $lang->icon_new_thread_post . '" alt="' . $lang->icon_alt_new_thread_post . '" style="margin-right: 0.5em; font-size: smaller; vertical-align: middle;" />' . $subject; } elseif ($logitem['event'] == 2) { $subject = '<img src="spamalyser_img/post_merge.gif" title="' . $lang->icon_merge_post . '" alt="' . $lang->icon_alt_merge_post . '" style="margin-right: 0.5em; font-size: smaller; vertical-align: middle;" />' . $subject; } else { $subject = '<img src="spamalyser_img/post_edit.gif" title="' . $lang->icon_edit_thread_post . '" alt="' . $lang->icon_alt_edit_thread_post . '" style="margin-right: 0.5em; font-size: smaller; vertical-align: middle;" />' . $subject; } return $subject; }
/** * Add reply link below each post * * @param $post_links Array of the links * @param $args Array of args */ function em_reply_link($post_links = array(), $args = array()) { global $em_plugopts; if ($em_plugopts['reply-link'] == 1 && $em_plugopts['reply-text'] && bb_is_topic() && topic_is_open() && (bb_is_user_logged_in() || function_exists('bb_is_login_required') && !bb_is_login_required())) { /* Check if link is needed */ $text = str_replace("%%POSTLINK%%", get_post_link(), str_replace("%%USERNAME%%", get_post_author(), $em_plugopts['reply-text'])); $js = "var ema=document.getElementById('post_content');var emb=ema.value;if(emb!='')emb+='\\n\\n';ema.value=emb+'" . $text . "\\n\\n';ema.focus();void(0);"; $post_links[] = $args['before_each'] . '<a class="reply_link" style="cursor:pointer" onclick="' . $js . '">' . __('Reply', 'easy-mentions') . '</a>' . $args['after_each']; } return $post_links; }
/** * Parses quotes with post id and/or dateline. * * @param string The message to be parsed * @param string The username to be parsed * @param boolean Are we formatting as text? * @return string The parsed message. */ function mycode_parse_post_quotes($message, $username, $text_only = false) { global $lang, $templates, $theme, $mybb; $linkback = $date = ""; $message = trim($message); $message = preg_replace("#(^<br(\\s?)(\\/?)>|<br(\\s?)(\\/?)>\$)#i", "", $message); if (!$message) { return ''; } $message = str_replace('\\"', '"', $message); $username = str_replace('\\"', '"', $username) . "'"; $delete_quote = true; preg_match("#pid=(?:"|\"|')?([0-9]+)[\"']?(?:"|\"|')?#i", $username, $match); if (intval($match[1])) { $pid = intval($match[1]); $url = $mybb->settings['bburl'] . "/" . get_post_link($pid) . "#pid{$pid}"; if (defined("IN_ARCHIVE")) { $linkback = " <a href=\"{$url}\">[ -> ]</a>"; } else { eval("\$linkback = \" " . $templates->get("postbit_gotopost", 1, 0) . "\";"); } $username = preg_replace("#(?:"|\"|')? pid=(?:"|\"|')?[0-9]+[\"']?(?:"|\"|')?#i", '', $username); $delete_quote = false; } unset($match); preg_match("#dateline=(?:"|\"|')?([0-9]+)(?:"|\"|')?#i", $username, $match); if (intval($match[1])) { $dateline = intval($match[1]); if ($match[1] < TIME_NOW) { $postdate = my_date($mybb->settings['dateformat'], intval($match[1])); $posttime = my_date($mybb->settings['timeformat'], intval($match[1])); $date = " ({$postdate} {$posttime})"; } $username = preg_replace("#(?:"|\"|')? dateline=(?:"|\"|')?[0-9]+(?:"|\"|')?#i", '', $username); $delete_quote = false; } if ($delete_quote) { $username = my_substr($username, 0, my_strlen($username) - 1); } if ($text_only) { return "\n" . htmlspecialchars_uni($username) . " {$lang->wrote}{$date}\n--\n{$message}\n--\n"; } else { $span = ""; if (!$delete_quote) { $span = "<span>{$date}</span>"; } $username = preg_replace('/^\\\'/is', '', $username); $userinfo = tt_get_user_id_by_name($username); if (!empty($userinfo)) { $uid = $userinfo['uid']; } return "[quote " . (isset($uid) ? "uid={$uid} " : '') . (!empty($username) ? "name=\"{$username}\" " : '') . (isset($pid) ? "post={$pid} " : '') . (isset($dateline) ? "timestamp={$dateline}" : '') . "]{$message}[/quote]\n"; } }
/** * Alerts user when someone comments on their forum topic * * @Param: the id of the topic * * @author: Joe Hoyle * @version 1.0 **/ function nm_alert_user_wrote_forum_reply($replyID) { $userInfo = wp_get_current_user(); $post = bb_get_post($replyID); $topicAuthor = get_topic_author($post->topic_id); $topicAuthor = get_userdatabylogin($topicAuthor); if ($post->poster_id != $topicAuthor->ID) { $alert = array(); $alert['content'] = '<a href="' . getProfileLink($post->poster_id) . '" title="View ' . nm_user_public_name($post->poster_id) . 's profile">' . nm_user_public_name($post->poster_id) . '</a> has replied to your forum topic: <a href="' . get_post_link($replyID) . '" title="View ' . get_topic_title($topic_id) . '">' . get_topic_title($topic_id) . '</a>.'; $alert['type'] = 'forum'; nm_add_alert($topicAuthor->ID, $alert); } return $topicID; }
/** * @param Request $request */ function rssOratomAction($request) { if (false == $request->isAction()) { return; } $action = $request->getAction(); if (false == ($action == 'rss' || $action == 'atom')) { return; } global $config, $postHelper; $action == 'rss' ? $feed = new RSS2() : ($feed = new Atom()); $feed->setTitle(BLOG_TITLE); $feed->setLink(BLOG_URL); $feed->setEncoding('utf-8'); if ($action == 'rss') { $feed->setDescription($config['meta_description']); $feed->setChannelElement('language', $config['language']); $feed->setChannelElement('pubDate', date(DATE_RSS, time())); } else { $feed->setChannelElement('author', BLOG_TITLE . ' - ' . $config['author_email']); $feed->setChannelElement('updated', date(DATE_RSS, time())); } $posts = $postHelper->getPostList(); if ($posts) { $c = 0; foreach ($posts as $post) { if ($c < $config['feed_max_items']) { /** * @params Item */ $item = $feed->createNewItem(); // Remove HTML from the RSS feed. $item->setTitle($post['title']); $item->setLink(get_post_link($post)); $item->setDate($post['date']); $item->setId($post['link']); if ($action == 'rss') { $item->addElement('author', $post['title']); $item->addElement('guid', get_post_link($post)); } $item->setDescription($post->getIntroOrContent()); $feed->addItem($item); $c++; } } } $feed->printFeed(); exit; }
function for_buddypress_strip_tags($_post, $post) { // Cast to an array $_post = (array) $post; // Set the URI $_post['post_uri'] = get_post_link($_post['post_id']); // Set readable times $_post['post_time_since'] = bb_since($_post['post_time']); // Set the display names $_post['poster_display_name'] = get_user_display_name($_post['poster_id']); // Remove some sensitive data unset($_post['poster_ip'], $_post['pingback_queued']); $_post['post_text'] = str_replace('<', '[', $_post['post_text']); $_post['post_text'] = str_replace('>', ']', $_post['post_text']); return $_post; }
function new_get_posts() { $num = 0; $link = mysql_connection(); mysqli_select_db($link, "test"); $result = mysqli_query($link, "SELECT id FROM content WHERE type = 'post'"); while ($row = mysqli_fetch_object($result)) { $ID = $row->id; $num = $num + 1; if ($num % 2 != 0) { if (has_thumbnail($ID)) { echo '<div class="parallax-window" data-parallax="scroll" data-bleed="50" data-speed="0.1" data-image-src="' . get_thumbnail_link($ID) . '"></div>' . "\n"; } echo '<section id="post-' . $ID . '" class="post bright">' . "\n" . '<article>' . "\n" . '<h2><a href="' . get_post_link($ID) . '">' . get_post_title($ID) . '</a></h2>' . "\n" . '<p>' . get_post_preview($ID) . '<p>' . "\n" . '</article>' . "\n" . '</section>' . "\n"; } else { if (has_thumbnail($ID)) { echo '<div class="parallax-window" data-parallax="scroll" data-bleed="50" data-speed="0.1" data-image-src="' . get_thumbnail_link($row->id) . '"></div>' . "\n"; } echo '<section id="post-' . $ID . '" class="post dark">' . "\n" . '<article>' . "\n" . '<h2><a href="' . get_post_link($ID) . '">' . get_post_title($ID) . '</a></h2>' . "\n" . '<p>' . get_post_preview($ID) . '<p>' . "\n" . '</article>' . "\n" . '</section>' . "\n"; } } }
function output_details_000($update, $noaction) { // Output information if (!empty($update)) { print "\n<h1>Updates</h1>\n"; foreach ($update as $updated) { $title = esc_html($updated['post']->post_title); if (empty(trim($title))) { $title = 'Missing Post Title'; } print '<h2><a href="' . get_post_link($updated['blog'], $updated['post']) . '">' . $title . "</a></h2>\n"; print "<h3>Source</h3>\n"; print "<pre><code>\n" . esc_html($updated['source']) . "\n</code></pre>\n\n"; print "<h4>Rewrite</h4>\n"; print "<pre><code>\n" . esc_html($updated['replace']) . "\n</code></pre>\n\n"; } } if (!empty($noaction)) { print "\n<h1>Manual Review (no action applied)</h1>\n"; foreach ($noaction as $review) { $title = esc_html($review['post']->post_title); if (empty(trim($title))) { $title = 'Missing Post Title'; } print '<h2><a href="' . get_post_link($review['blog'], $review['post']) . '">' . $title . "</a></h2>\n"; print "<h3>Reason</h3>\n"; if (isset($review['unknown pattern'])) { print "<p>No known URL pattern</p>\n"; print "<h4>Matching content</h4>\n"; print "<pre><code>\n" . esc_html($review['unknown pattern']) . "\n</code></pre>\n\n"; } else { print "<p>Content matched iframe tag but regex returned no match</p>\n"; } } } }
$mybb->user['warningpoints'] = $mybb->settings['maxwarningpoints']; } if ($warning_level > 0) { require_once MYBB_ROOT . 'inc/datahandlers/warnings.php'; $warningshandler = new WarningsHandler('update'); $warningshandler->expire_warnings(); $lang->current_warning_level = $lang->sprintf($lang->current_warning_level, $warning_level, $mybb->user['warningpoints'], $mybb->settings['maxwarningpoints']); $warnings = ''; // Fetch latest warnings $query = $db->query("\n\t\t\t\tSELECT w.*, t.title AS type_title, u.username, p.subject AS post_subject\n\t\t\t\tFROM " . TABLE_PREFIX . "warnings w\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "warningtypes t ON (t.tid=w.tid)\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=w.issuedby)\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "posts p ON (p.pid=w.pid)\n\t\t\t\tWHERE w.uid='{$mybb->user['uid']}'\n\t\t\t\tORDER BY w.expired ASC, w.dateline DESC\n\t\t\t\tLIMIT 5\n\t\t\t"); while ($warning = $db->fetch_array($query)) { $post_link = ""; if ($warning['post_subject']) { $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']); $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']); $warning['postlink'] = get_post_link($warning['pid']); eval("\$post_link .= \"" . $templates->get("usercp_warnings_warning_post") . "\";"); } $issuedby = build_profile_link($warning['username'], $warning['issuedby']); $date_issued = my_date('relative', $warning['dateline']); if ($warning['type_title']) { $warning_type = $warning['type_title']; } else { $warning_type = $warning['title']; } $warning_type = htmlspecialchars_uni($warning_type); if ($warning['points'] > 0) { $warning['points'] = "+{$warning['points']}"; } $points = $lang->sprintf($lang->warning_points, $warning['points']); // Figure out expiration time
function post_link($post_id = 0) { echo apply_filters('post_link', get_post_link($post_id), get_post_id($post_id)); }
exit; } // Jump to the next oldest posts. if ($mybb->input['action'] == "nextoldest") { $options = array("limit" => 1, "limit_start" => 0, "order_by" => "lastpost", "order_dir" => "desc"); $query = $db->simple_select("threads", "*", "fid=" . $thread['fid'] . " AND lastpost < " . $thread['lastpost'] . " {$visibleonly} AND closed NOT LIKE 'moved|%'", $options); $nextthread = $db->fetch_array($query); // Are there actually next oldest posts? if (!$nextthread['tid']) { error($lang->error_nonextoldest); } $options = array("limit_start" => 0, "limit" => 1, "order_by" => "dateline", "order_dir" => "desc"); $query = $db->simple_select("posts", "pid", "tid='" . $nextthread['tid'] . "'", $options); // Redirect to the proper page. $pid = $db->fetch_field($query, "pid"); header("Location: " . htmlspecialchars_decode(get_post_link($pid, $nextthread['tid'])) . "#pid{$pid}"); exit; } if (!empty($mybb->input['pid'])) { $pid = $mybb->input['pid']; } // Forumdisplay cache $forum_stats = $cache->read("forumsdisplay"); $breadcrumb_multipage = array(); if ($mybb->settings['showforumpagesbreadcrumb']) { // How many pages are there? if (!$mybb->settings['threadsperpage']) { $mybb->settings['threadsperpage'] = 20; } $query = $db->simple_select("forums", "threads, unapprovedthreads", "fid = '{$fid}'", array('limit' => 1)); $forum_threads = $db->fetch_array($query);
$trow = alt_trow(); $username = format_name($logitem['username'], $logitem['usergroup'], $logitem['displaygroup']); $logitem['profilelink'] = build_profile_link($username, $logitem['uid']); $logitem['ipaddress'] = my_inet_ntop($db->unescape_binary($logitem['ipaddress'])); if ($logitem['tsubject']) { $logitem['tsubject'] = htmlspecialchars_uni($logitem['tsubject']); $logitem['thread'] = get_thread_link($logitem['tid']); eval("\$information .= \"" . $templates->get("modcp_modlogs_result_thread") . "\";"); } if ($logitem['fname']) { $logitem['forum'] = get_forum_link($logitem['fid']); eval("\$information .= \"" . $templates->get("modcp_modlogs_result_forum") . "\";"); } if ($logitem['psubject']) { $logitem['psubject'] = htmlspecialchars_uni($logitem['psubject']); $logitem['post'] = get_post_link($logitem['pid']); eval("\$information .= \"" . $templates->get("modcp_modlogs_result_post") . "\";"); } // Edited a user or managed announcement? if (!$logitem['tsubject'] || !$logitem['fname'] || !$logitem['psubject']) { $data = my_unserialize($logitem['data']); if ($data['uid']) { $information = $lang->sprintf($lang->edited_user_info, htmlspecialchars_uni($data['username']), get_profile_link($data['uid'])); } if ($data['aid']) { $data['subject'] = htmlspecialchars_uni($data['subject']); $data['announcement'] = get_announcement_link($data['aid']); eval("\$information .= \"" . $templates->get("modcp_modlogs_result_announcement") . "\";"); } } eval("\$modlogresults .= \"" . $templates->get("modcp_modlogs_result") . "\";");
function bb_admin_list_posts() { global $bb_posts, $bb_post; if (!$bb_posts) { ?> <p class="no-results"><?php _e('No posts found.'); ?> </p> <?php } else { ?> <table id="posts-list" class="widefat" cellspacing="0" cellpadding="0"> <thead> <tr> <th scope="col" class="check-column"><input type="checkbox" /></th> <th scope="col"><?php _e('Post'); ?> </th> <th scope="col"><?php _e('Author'); ?> </th> <th scope="col"><?php _e('Topic'); ?> </th> <th scope="col"><?php _e('Date'); ?> </th> </tr> </thead> <tfoot> <tr> <th scope="col" class="check-column"><input type="checkbox" /></th> <th scope="col"><?php _e('Post'); ?> </th> <th scope="col"><?php _e('Author'); ?> </th> <th scope="col"><?php _e('Topic'); ?> </th> <th scope="col"><?php _e('Date'); ?> </th> </tr> </tfoot> <tbody> <?php foreach ($bb_posts as $bb_post) { ?> <tr id="post-<?php post_id(); ?> "<?php alt_class('post', post_del_class()); ?> > <td class="check-column"><input type="checkbox" name="post[]" value="<?php post_id(); ?> " /></td> <td class="post"> <?php post_text(); ?> <div> <span class="row-actions"> <a href="<?php echo esc_url(get_post_link()); ?> "><?php _e('View'); ?> </a> <?php bb_post_admin(array('before_each' => ' | ', 'each' => array('undelete' => array('before' => ' ')), 'last_each' => array('before' => ' | '))); ?> </span> </div> </td> <td class="author"> <?php if (get_post_author_id()) { ?> <a href="<?php user_profile_link(get_post_author_id()); ?> "> <?php post_author_avatar('16'); ?> <?php post_author(); ?> </a> <?php } else { ?> <span> <?php post_author_avatar('16'); ?> <?php post_author(); ?> </span> <?php } ?> </td> <td class="topic"> <a href="<?php topic_link($bb_post->topic_id); ?> "><?php topic_title($bb_post->topic_id); ?> </a> </td> <td class="date"> <?php if (bb_get_post_time('U') < time() - 86400) { bb_post_time('Y/m/d\\<\\b\\r \\/\\>H:i:s'); } else { printf(__('%s ago'), bb_get_post_time('since')); } ?> </td> </tr> <?php } ?> </tbody> </table> <?php } }
/** * Send reported content to moderators * * @param array Array of reported content * @return bool True if PM sent */ function send_report($report) { global $db, $lang, $forum, $mybb, $post, $thread; $nummods = false; if (!empty($forum['parentlist'])) { $query = $db->query("\n\t\t\tSELECT DISTINCT u.username, u.email, u.receivepms, u.uid\n\t\t\tFROM " . TABLE_PREFIX . "moderators m\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=m.id)\n\t\t\tWHERE m.fid IN (" . $forum['parentlist'] . ") AND m.isgroup = '0'\n\t\t"); $nummods = $db->num_rows($query); } if (!$nummods) { unset($query); switch ($db->type) { case "pgsql": case "sqlite": $query = $db->query("\n\t\t\t\t\tSELECT u.username, u.email, u.receivepms, u.uid\n\t\t\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid))\n\t\t\t\t\tWHERE (g.cancp=1 OR g.issupermod=1)\n\t\t\t\t"); break; default: $query = $db->query("\n\t\t\t\t\tSELECT u.username, u.email, u.receivepms, u.uid\n\t\t\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (((CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%')) OR u.usergroup = g.gid))\n\t\t\t\t\tWHERE (g.cancp=1 OR g.issupermod=1)\n\t\t\t\t"); } } while ($mod = $db->fetch_array($query)) { $emailsubject = $lang->sprintf($lang->emailsubject_reportpost, $mybb->settings['bbname']); $emailmessage = $lang->sprintf($lang->email_reportpost, $mybb->user['username'], $mybb->settings['bbname'], $post['subject'], $mybb->settings['bburl'], str_replace('&', '&', get_post_link($post['pid'], $thread['tid']) . "#pid" . $post['pid']), $thread['subject'], $report['reason']); if ($mybb->settings['reportmethod'] == "pms" && $mod['receivepms'] != 0 && $mybb->settings['enablepms'] != 0) { $pm_recipients[] = $mod['uid']; } else { my_mail($mod['email'], $emailsubject, $emailmessage); } } if (count($pm_recipients) > 0) { $emailsubject = $lang->sprintf($lang->emailsubject_reportpost, $mybb->settings['bbname']); $emailmessage = $lang->sprintf($lang->email_reportpost, $mybb->user['username'], $mybb->settings['bbname'], $post['subject'], $mybb->settings['bburl'], str_replace('&', '&', get_post_link($post['pid'], $thread['tid']) . "#pid" . $post['pid']), $thread['subject'], $report['reason']); require_once MYBB_ROOT . "inc/datahandlers/pm.php"; $pmhandler = new PMDataHandler(); $pm = array("subject" => $emailsubject, "message" => $emailmessage, "icon" => 0, "fromid" => $mybb->user['uid'], "toid" => $pm_recipients, "ipaddress" => $session->packedip); $pmhandler->admin_override = true; $pmhandler->set_data($pm); // Now let the pm handler do all the hard work. if (!$pmhandler->validate_pm()) { // Force it to valid to just get it out of here $pmhandler->is_validated = true; $pmhandler->errors = array(); } $pminfo = $pmhandler->insert_pm(); return $pminfo; } return false; }
$visible = $postinfo['visible']; $closed = $postinfo['closed']; // Invalidate solved captcha if ($mybb->settings['captchaimage'] && !$mybb->user['uid']) { $post_captcha->invalidate_captcha(); } $force_redirect = false; // Deciding the fate if ($visible == -2) { // Draft post $lang->redirect_newreply = $lang->draft_saved; $url = "usercp.php?action=drafts"; } elseif ($visible == 1) { // Visible post $lang->redirect_newreply .= $lang->redirect_newreply_post; $url = get_post_link($pid, $tid) . "#pid{$pid}"; } else { // Moderated post $lang->redirect_newreply .= '<br />' . $lang->redirect_newreply_moderation; $url = get_thread_link($tid); // User must see moderation notice, regardless of redirect settings $force_redirect = true; } // Mark any quoted posts so they're no longer selected - attempts to maintain those which weren't selected if (isset($mybb->input['quoted_ids']) && isset($mybb->cookies['multiquote']) && $mybb->settings['multiquote'] != 0) { // We quoted all posts - remove the entire cookie if ($mybb->get_input('quoted_ids') == "all") { my_unsetcookie("multiquote"); } else { $quoted_ids = explode("|", $mybb->get_input('quoted_ids')); $multiquote = explode("|", $mybb->cookies['multiquote']);
$vote_type = $lang->positive; } } $vote_reputation = "({$vote_reputation})"; // Format the date this reputation was last modified $last_updated_date = my_date('relative', $reputation_vote['dateline']); $last_updated = $lang->sprintf($lang->last_updated, $last_updated_date); // Is this rating specific to a post? $postrep_given = ''; if ($reputation_vote['pid']) { $postrep_given = $lang->sprintf($lang->postrep_given_nolink, $user['username']); if (isset($post_reputation[$reputation_vote['pid']])) { $thread_link = get_thread_link($post_reputation[$reputation_vote['pid']]['tid']); $subject = htmlspecialchars_uni($parser->parse_badwords($post_reputation[$reputation_vote['pid']]['subject'])); $thread_link = $lang->sprintf($lang->postrep_given_thread, $thread_link, $subject); $link = get_post_link($reputation_vote['pid']) . "#pid{$reputation_vote['pid']}"; $postrep_given = $lang->sprintf($lang->postrep_given, $link, $user['username'], $thread_link); } } // Does the current user have permission to delete this reputation? Show delete link $delete_link = ''; if ($mybb->usergroup['issupermod'] == 1 || $mybb->usergroup['candeletereputations'] == 1 && $reputation_vote['adduid'] == $mybb->user['uid'] && $mybb->user['uid'] != 0) { eval("\$delete_link = \"" . $templates->get("reputation_vote_delete") . "\";"); } $report_link = ''; if ($mybb->user['uid'] != 0) { eval("\$report_link = \"" . $templates->get("reputation_vote_report") . "\";"); } // Parse smilies in the reputation vote $reputation_parser = array("allow_html" => 0, "allow_mycode" => 0, "allow_smilies" => 1, "allow_imgcode" => 0, "filter_badwords" => 1); $reputation_vote['comments'] = $parser->parse_message($reputation_vote['comments'], $reputation_parser);
function build_attachment_row($attachment, &$table, $use_form = false) { global $mybb, $form; $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); // Here we do a bit of detection, we want to automatically check for removal any missing attachments and any not assigned to a post uploaded > 24hours ago // Check if the attachment exists in the file system $checked = false; $title = $cell_class = ''; if (!file_exists(MYBB_ROOT . $mybb->settings['uploadspath'] . "/{$attachment['attachname']}")) { $cell_class = "bad_attachment"; $title = $lang->error_not_found; $checked = true; } elseif (!$attachment['pid'] && $attachment['dateuploaded'] < TIME_NOW - 60 * 60 * 24 && $attachment['dateuploaded'] != 0) { $cell_class = "bad_attachment"; $title = $lang->error_not_attached; $checked = true; } else { if (!$attachment['tid'] && $attachment['pid']) { $cell_class = "bad_attachment"; $title = $lang->error_does_not_exist; $checked = true; } else { if ($attachment['visible'] == 0) { $cell_class = "invisible_attachment"; } } } if ($cell_class) { $cell_class .= " align_center"; } else { $cell_class = "align_center"; } if ($use_form == true && is_object($form)) { $table->construct_cell($form->generate_check_box('aids[]', $attachment['aid'], '', array('checked' => $checked))); } $table->construct_cell(get_attachment_icon(get_extension($attachment['filename'])), array('width' => 1)); $table->construct_cell("<a href=\"../attachment.php?aid={$attachment['aid']}\" target=\"_blank\">{$attachment['filename']}</a>"); $table->construct_cell(get_friendly_size($attachment['filesize']), array('class' => $cell_class)); if ($attachment['user_username']) { $attachment['username'] = $attachment['username']; } $table->construct_cell(build_profile_link($attachment['username'], $attachment['uid'], "_blank"), array("class" => "align_center")); $table->construct_cell("<a href=\"../" . get_post_link($attachment['pid']) . "\" target=\"_blank\">" . htmlspecialchars_uni($attachment['subject']) . "</a>", array("class" => "align_center")); $table->construct_cell(my_number_format($attachment['downloads']), array("class" => "align_center")); if ($attachment['dateuploaded'] > 0) { $date = my_date($mybb->settings['dateformat'], $attachment['dateuploaded']) . ", " . my_date($mybb->settings['timeformat'], $attachment['dateuploaded']); } else { $date = $lang->unknown; } $table->construct_cell($date, array("class" => "align_center")); $table->construct_row(); }
function bb_attachments_delete($filenum = 0) { global $bbdb, $bb_attachments; $filenum = intval($filenum); if ($filenum == 0 && isset($_GET['bbat_delete'])) { $filenum = intval($_GET['bbat_delete']); } if ($filenum > 0 && bb_current_user_can($bb_attachments['role']['delete'])) { $file = $bbdb->get_results("SELECT * FROM " . $bb_attachments['db'] . " WHERE id = {$filenum} AND status = 0 LIMIT 1"); if (isset($file[0]) && $file[0]->id && bb_current_user_can('edit_post', $file[0]->post_id)) { $file = $file[0]; $file->filename = stripslashes($file->filename); $fullpath = $bb_attachments['path'] . floor($file->id / 1000) . "/" . $file->id . "." . $file->filename; if (file_exists($fullpath)) { @unlink($fullpath); @$bbdb->query("UPDATE " . $bb_attachments['db'] . " SET status = 1 WHERE id = {$file->id} LIMIT 1"); } bb_attachments_recount($file->post_id); if (!isset($_GET['bb_attachments'])) { wp_redirect(get_post_link($file->post_id)); } } } }
/** * Prepares post data for return in an XML-RPC object * * @since 1.0 * @return array The prepared post data * @param array|object The unprepared post data **/ function prepare_post($post) { // Cast to an array $_post = (array) $post; // Set the URI $_post['post_uri'] = get_post_link($_post['post_id']); // Set readable times $_post['post_time_since'] = bb_since($_post['post_time']); // Set the display names $_post['poster_display_name'] = get_user_display_name($_post['poster_id']); // Remove some sensitive data unset($_post['poster_id'], $_post['poster_ip'], $_post['pingback_queued']); // Allow plugins to modify the data return apply_filters('bb_xmlrpc_prepare_post', $_post, (array) $post); }
if (my_strlen($post['subject']) > 50) { $post['subject'] = htmlspecialchars_uni(my_substr($post['subject'], 0, 50) . "..."); } else { $post['subject'] = htmlspecialchars_uni($post['subject']); } // What we do here is parse the post using our post parser, then strip the tags from it $parser_options = array('allow_html' => 0, 'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1); $post['message'] = strip_tags($parser->parse_message($post['message'], $parser_options)); if (my_strlen($post['message']) > 200) { $prev = my_substr($post['message'], 0, 200) . "..."; } else { $prev = $post['message']; } $posted = my_date($mybb->settings['dateformat'], $post['dateline']) . ", " . my_date($mybb->settings['timeformat'], $post['dateline']); $thread_url = get_thread_link($post['tid']); $post_url = get_post_link($post['pid'], $post['tid']); // Inline post moderation $inline_mod_checkbox = ''; if ($is_supermod || is_moderator($post['fid'])) { eval("\$inline_mod_checkbox = \"" . $templates->get("search_results_posts_inlinecheck") . "\";"); } elseif ($is_mod) { eval("\$inline_mod_checkbox = \"" . $templates->get("search_results_posts_nocheck") . "\";"); } $plugins->run_hooks("search_results_post"); eval("\$results .= \"" . $templates->get("search_results_posts_post") . "\";"); } if (!$results) { error($lang->error_nosearchresults); } $multipage = multipage($postcount, $perpage, $page, "search.php?action=results&sid={$sid}&sortby={$sortby}&order={$order}&uid=" . $mybb->input['uid']); if ($upper > $postcount) {
/** * Build a post bit * * @param array $post The post data * @param int $post_type The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post) * @return string The built post bit */ function build_postbit($post, $post_type = 0) { global $db, $altbg, $theme, $mybb, $postcounter, $profile_fields; global $titlescache, $page, $templates, $forumpermissions, $attachcache; global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid; global $plugins, $parser, $cache, $ignored_users, $hascustomtitle; $hascustomtitle = 0; // Set default values for any fields not provided here foreach (array('pid', 'aid', 'pmid', 'posturl', 'button_multiquote', 'subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_purgespammer', 'button_pm', 'button_pubkey', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm', 'replink', 'warninglevel') as $post_field) { if (empty($post[$post_field])) { $post[$post_field] = ''; } } // Set up the message parser if it doesn't already exist. if (!$parser) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } if (!function_exists("purgespammer_show")) { require_once MYBB_ROOT . "inc/functions_user.php"; } $unapproved_shade = ''; if (isset($post['visible']) && $post['visible'] == 0 && $post_type == 0) { $altbg = $unapproved_shade = 'unapproved_post'; } elseif (isset($post['visible']) && $post['visible'] == -1 && $post_type == 0) { $altbg = $unapproved_shade = 'unapproved_post deleted_post'; } elseif ($altbg == 'trow1') { $altbg = 'trow2'; } else { $altbg = 'trow1'; } $post['fid'] = $fid; switch ($post_type) { case 1: // Message preview global $forum; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = 0; break; case 2: // Private message global $message, $pmid; $idtype = 'pmid'; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; break; case 3: // Announcement global $announcementarray, $message; $parser_options['allow_html'] = $announcementarray['allowhtml']; $parser_options['allow_mycode'] = $announcementarray['allowmycode']; $parser_options['allow_smilies'] = $announcementarray['allowsmilies']; $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $announcementarray['aid']; break; default: // Regular post global $forum, $thread, $tid; $oldforum = $forum; $id = (int) $post['pid']; $idtype = 'pid'; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } break; } if (!$postcounter) { // Used to show the # of the post if ($page > 1) { if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) { $mybb->settings['postsperpage'] = 20; } $postcounter = $mybb->settings['postsperpage'] * ($page - 1); } else { $postcounter = 0; } $post_extra_style = "border-top-width: 0;"; } elseif ($mybb->input['mode'] == "threaded") { $post_extra_style = "border-top-width: 0;"; } else { $post_extra_style = "margin-top: 5px;"; } if (!$altbg) { // Define the alternate background colour if this is the first post $altbg = "trow1"; } $postcounter++; // Format the post date and time using my_date //$post['postdate'] = my_date('relative', $post['dateline']); $post['postdate'] = date('Y-m-d', $post['dateline']); // Dont want any little 'nasties' in the subject $post['subject'] = $parser->parse_badwords($post['subject']); // Pm's have been htmlspecialchars_uni()'ed already. if ($post_type != 2) { $post['subject'] = htmlspecialchars_uni($post['subject']); } if (empty($post['subject'])) { $post['subject'] = ' '; } $post['author'] = $post['uid']; $post['subject_title'] = $post['subject']; // Get the usergroup if ($post['userusername']) { if (!$post['displaygroup']) { $post['displaygroup'] = $post['usergroup']; } $usergroup = $groupscache[$post['displaygroup']]; } else { $usergroup = $groupscache[1]; } if (!is_array($titlescache)) { $cached_titles = $cache->read("usertitles"); if (!empty($cached_titles)) { foreach ($cached_titles as $usertitle) { $titlescache[$usertitle['posts']] = $usertitle; } } if (is_array($titlescache)) { krsort($titlescache); } unset($usertitle, $cached_titles); } // Work out the usergroup/title stuff $post['groupimage'] = ''; if (!empty($usergroup['image'])) { $language = $mybb->settings['bblanguage']; if (!empty($mybb->user['language'])) { $language = $mybb->user['language']; } $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']); $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']); eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";"); if ($mybb->settings['postlayout'] == "classic") { $post['groupimage'] .= "<br />"; } } if ($post['userusername']) { // This post was made by a registered user $post['username'] = $post['userusername']; $post['profilelink_plain'] = get_profile_link($post['uid']); $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']); $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']); if (trim($post['usertitle']) != "") { $hascustomtitle = 1; } if ($usergroup['usertitle'] != "" && !$hascustomtitle) { $post['usertitle'] = $usergroup['usertitle']; } elseif (is_array($titlescache) && !$usergroup['usertitle']) { reset($titlescache); foreach ($titlescache as $key => $titleinfo) { if ($post['postnum'] >= $key) { if (!$hascustomtitle) { $post['usertitle'] = $titleinfo['title']; } $post['stars'] = $titleinfo['stars']; $post['starimage'] = $titleinfo['starimage']; break; } } } $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); if ($usergroup['stars']) { $post['stars'] = $usergroup['stars']; } if (empty($post['starimage'])) { $post['starimage'] = $usergroup['starimage']; } if ($post['starimage'] && $post['stars']) { // Only display stars if we have an image to use... $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']); $post['userstars'] = ''; for ($i = 0; $i < $post['stars']; ++$i) { eval("\$post['userstars'] .= \"" . $templates->get("postbit_userstar", 1, 0) . "\";"); } $post['userstars'] .= "<br />"; } $postnum = $post['postnum']; $post['postnum'] = my_number_format($post['postnum']); $post['threadnum'] = my_number_format($post['threadnum']); // Determine the status to show for the user (Online/Offline/Away) /* $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_online")."\";"); } else { if($post['away'] == 1 && $mybb->settings['allowaway'] != 0) { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_away")."\";"); } else { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_offline")."\";"); } } */ // Show as always offline eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";"); $post['useravatar'] = ''; if (isset($mybb->user['showavatars']) && $mybb->user['showavatars'] != 0 || $mybb->user['uid'] == 0) { $useravatar = format_avatar($post['avatar'], $post['avatardimensions'], $mybb->settings['postmaxavatarsize']); eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";"); } $post['button_find'] = ''; if ($mybb->usergroup['cansearch'] == 1) { eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";"); } if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) { //eval("\$post['button_pm'] = \"".$templates->get("postbit_pm")."\";"); } $post['button_rep'] = ''; if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid'] && $post['visible'] == 1) { if (!$post['pid']) { $post['pid'] = 0; } eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";"); } if ($post['website'] != "" && !is_member($mybb->settings['hidewebsite']) && $usergroup['canchangewebsite'] == 1) { $post['website'] = htmlspecialchars_uni($post['website']); eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";"); } else { $post['button_www'] = ""; } if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) { eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";"); } else { $post['button_email'] = ""; } $post['userregdate'] = $lang->na; //my_date($mybb->settings['regdateformat'], $post['regdate']); // Work out the reputation this user has (only show if not announcement) if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) { $post['userreputation'] = get_reputation($post['reputation'], $post['uid']); eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";"); } // Showing the warning level? (only show if not announcement) if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) { if ($mybb->settings['maxwarningpoints'] < 1) { $mybb->settings['maxwarningpoints'] = 10; } $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); if ($warning_level > 100) { $warning_level = 100; } $warning_level = get_colored_warning_level($warning_level); // If we can warn them, it's not the same person, and we're in a PM or a post. if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) { eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";"); $warning_link = "warnings.php?uid={$post['uid']}"; } else { $post['button_warn'] = ''; $warning_link = "usercp.php"; } eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";"); } if ($post_type != 3 && $post_type != 1 && purgespammer_show($post['postnum'], $post['usergroup'], $post['uid'])) { eval("\$post['button_purgespammer'] = \"" . $templates->get('postbit_purgespammer') . "\";"); } // Display profile fields on posts - only if field is filled in if (is_array($profile_fields)) { foreach ($profile_fields as $field) { $fieldfid = "fid{$field['fid']}"; if (!empty($post[$fieldfid])) { $post['fieldvalue'] = ''; $post['fieldname'] = htmlspecialchars_uni($field['name']); $thing = explode("\n", $field['type'], "2"); $type = trim($thing[0]); $useropts = explode("\n", $post[$fieldfid]); if (is_array($useropts) && ($type == "multiselect" || $type == "checkbox")) { foreach ($useropts as $val) { if ($val != '') { eval("\$post['fieldvalue_option'] .= \"" . $templates->get("postbit_profilefield_multiselect_value") . "\";"); } } if ($post['fieldvalue_option'] != '') { eval("\$post['fieldvalue'] .= \"" . $templates->get("postbit_profilefield_multiselect") . "\";"); } } else { $field_parser_options = array("allow_html" => $field['allowhtml'], "allow_mycode" => $field['allowmycode'], "allow_smilies" => $field['allowsmilies'], "allow_imgcode" => $field['allowimgcode'], "allow_videocode" => $field['allowvideocode'], "filter_badwords" => 1); if ($customfield['type'] == "textarea") { $field_parser_options['me_username'] = $post['username']; } else { $field_parser_options['nl2br'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $field_parser_options['allow_imgcode'] = 0; } $post['fieldvalue'] = $parser->parse_message($post[$fieldfid], $field_parser_options); } eval("\$post['profilefield'] .= \"" . $templates->get("postbit_profilefield") . "\";"); } } } eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";"); } else { // Message was posted by a guest or an unknown user $post['profilelink'] = format_name($post['username'], 1); if ($usergroup['usertitle']) { $post['usertitle'] = $usergroup['usertitle']; } else { $post['usertitle'] = $lang->guest; } $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); $usergroup['title'] = $lang->na; $post['userregdate'] = $lang->na; $post['postnum'] = $lang->na; $post['button_profile'] = ''; $post['button_email'] = ''; $post['button_www'] = ''; $post['signature'] = ''; $post['button_pm'] = $lang->na; $post['button_find'] = ''; $post['onlinestatus'] = ''; $post['replink'] = ''; eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";"); } $post['button_edit'] = ''; $post['button_quickdelete'] = ''; $post['button_quickrestore'] = ''; $post['button_quote'] = ''; $post['button_quickquote'] = ''; $post['button_report'] = ''; $post['button_reply_pm'] = ''; $post['button_replyall_pm'] = ''; $post['button_forward_pm'] = ''; $post['button_delete_pm'] = ''; // For private messages, fetch the reply/forward/delete icons if ($post_type == 2 && $post['pmid']) { global $replyall; eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";"); eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";"); eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";"); if ($replyall == true) { eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";"); } } $post['editedmsg'] = ''; if (!$post_type) { // Figure out if we need to show an "edited by" message if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) { //$post['editdate'] = my_date('relative', $post['edittime']); $post['editdate'] = $lang->na; $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate']); $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']); $editreason = ""; if ($post['editreason'] != "") { $post['editreason'] = $parser->parse_badwords($post['editreason']); $post['editreason'] = htmlspecialchars_uni($post['editreason']); eval("\$editreason = \"" . $templates->get("postbit_editedby_editreason") . "\";"); } eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";"); } $time = TIME_NOW; if (is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid'] && $thread['closed'] != 1 && $mybb->usergroup['edittimelimit'] == 0 && $mybb->user['uid'] != 0) { eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";"); } // Quick Delete button $can_delete_thread = $can_delete_post = 0; if ($mybb->user['uid'] == $post['uid'] && $thread['closed'] == 0) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete_thread = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete_post = 1; } } } $postbit_qdelete = $postbit_qrestore = ''; if ($mybb->user['uid'] != 0) { if ((is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts") || $can_delete_post == 1) && $postcounter != 1) { $postbit_qdelete = $lang->postbit_qdelete_post; $display = ''; if ($post['visible'] == -1) { $display = "none"; } eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } else { if ((is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads") || $can_delete_thread == 1) && $postcounter == 1) { $postbit_qdelete = $lang->postbit_qdelete_thread; $display = ''; if ($post['visible'] == -1) { $display = "none"; } eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } } // Restore Post if (is_moderator($fid, "canrestoreposts") && $postcounter != 1) { $display = "none"; if ($post['visible'] == -1) { $display = ''; } $postbit_qrestore = $lang->postbit_qrestore_post; eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";"); } else { if (is_moderator($fid, "canrestorethreads") && $postcounter == 1) { $display = "none"; if ($post['visible'] == -1) { $display = ""; } $postbit_qrestore = $lang->postbit_qrestore_thread; eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";"); } } } // Inline moderation stuff if ($ismod) { if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) { $inlinecheck = "checked=\"checked\""; $inlinecount++; } else { $inlinecheck = ""; } eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";"); if ($post['visible'] == 0) { $invisiblepost = 1; } } else { $post['inlinecheck'] = ""; } $post['postlink'] = get_post_link($post['pid'], $post['tid']); $post_number = my_number_format($postcounter); eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";"); global $forum, $thread; if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid'], "canpostclosedthreads")) && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1)) { eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";"); } if ($forumpermissions['canpostreplys'] != 0 && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1) && ($thread['closed'] != 1 || is_moderator($fid, "canpostclosedthreads")) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) { eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";"); } if ($mybb->user['uid'] != "0") { eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";"); } } elseif ($post_type == 3) { if ($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanageannounce'] == 1 && is_moderator($fid, "canmanageannouncements")) { eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";"); eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";"); } } $post['iplogged'] = ''; $show_ips = $mybb->settings['logip']; //$ipaddress = my_inet_ntop($db->unescape_binary($post['ipaddress'])); $ipaddress = '127.0.0.1'; // Show post IP addresses... PMs now can have IP addresses too as of 1.8! if ($post_type == 2) { $show_ips = $mybb->settings['showpmip']; } if (!$post_type || $post_type == 2) { if ($show_ips != "no" && !empty($post['ipaddress'])) { if ($show_ips == "show") { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";"); } else { if ($show_ips == "hide" && (is_moderator($fid, "canviewips") || $mybb->usergroup['issupermod'])) { $action = 'getip'; if ($post_type == 2) { $action = 'getpmip'; } eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";"); } } } } if (isset($post['smilieoff']) && $post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_imgcode'] = 0; } if ($mybb->user['showvideos'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_videocode'] = 0; } // If we have incoming search terms to highlight - get it done. if (!empty($mybb->input['highlight'])) { $parser_options['highlight'] = $mybb->input['highlight']; $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']); } $post['message'] = $parser->parse_message($post['message'], $parser_options); // Validate key $keyinfo = user_key_info($post['uid']); $post['signstatus']; if ($keyinfo['status'] == "OK") { $post['signstatus'] = "<span style=\"color: #07a407;\" title=\"Fingerprint: {$keyinfo['fingerprint']}\">✓ podpisano przez {$post['profilelink']}</span>"; } // Jid link $ujid = user_jid($post['uid']); $post['jidlink'] = $ujid; // User key $post['userpubkey'] = $keyinfo['key']; if ($keyinfo['key'] != "") { eval("\$post['button_pubkey'] = \"" . $templates->get("postbit_pubkey") . "\";"); } else { $post['button_pubkey']; } $post['attachments'] = ''; if ($mybb->settings['enableattachments'] != 0) { get_post_attachments($id, $post); } if (isset($post['includesig']) && $post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts']) && !is_member($mybb->settings['hidesignatures'])) { $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($usergroup['signofollow']) { $sig_parser['nofollow_on'] = 1; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $sig_parser['allow_imgcode'] = 0; } $post['signature'] = $parser->parse_message($post['signature'], $sig_parser); eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";"); } else { $post['signature'] = ""; } $icon_cache = $cache->read("posticons"); if (isset($post['icon']) && $post['icon'] > 0 && $icon_cache[$post['icon']]) { $icon = $icon_cache[$post['icon']]; $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); eval("\$post['icon'] = \"" . $templates->get("postbit_icon") . "\";"); } else { $post['icon'] = ""; } $post_visibility = $ignore_bit = ''; switch ($post_type) { case 1: // Message preview $post = $plugins->run_hooks("postbit_prev", $post); break; case 2: // Private message $post = $plugins->run_hooks("postbit_pm", $post); break; case 3: // Announcement $post = $plugins->run_hooks("postbit_announcement", $post); break; default: // Regular post $post = $plugins->run_hooks("postbit", $post); // Is this author on the ignore list of the current user? Hide this post if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) { $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']); eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";"); $post_visibility = "display: none;"; } break; } if ($mybb->settings['postlayout'] == "classic") { eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";"); } else { eval("\$postbit = \"" . $templates->get("postbit") . "\";"); } $GLOBALS['post'] = ""; return $postbit; }
error($lang->error_nomergeposts); } foreach ($mergepost as $pid => $yes) { $postlist[] = intval($pid); } if (!is_moderator_by_pids($postlist, "canmanagethreads")) { error_no_permission(); } foreach ($postlist as $pid) { $pid = intval($pid); $plist[] = $pid; } $masterpid = $moderation->merge_posts($plist, $tid, $mybb->input['sep']); mark_reports($plist, "posts"); log_moderator_action($modlogdata, $lang->merged_selective_posts); moderation_redirect(get_post_link($masterpid) . "#pid{$masterpid}", $lang->redirect_inline_postsmerged); break; // Split posts - Inline moderation // Split posts - Inline moderation case "multisplitposts": add_breadcrumb($lang->nav_multi_splitposts); if ($mybb->input['inlinetype'] == 'search') { $posts = getids($mybb->input['searchid'], 'search'); } else { $posts = getids($tid, 'thread'); } if (count($posts) < 1) { error($lang->error_inline_nopostsselected); } if (!is_moderator_by_pids($posts, "canmanagethreads")) { error_no_permission();
$first = true; while ($warning = $db->fetch_array($query)) { if ($warning['expired'] != $last_expired || $first) { if ($warning['expired'] == 0) { eval("\$warnings .= \"" . $templates->get("warnings_active_header") . "\";"); } else { eval("\$warnings .= \"" . $templates->get("warnings_expired_header") . "\";"); } } $last_expired = $warning['expired']; $first = false; $post_link = ""; if ($warning['post_subject']) { $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']); $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']); $post_link = "<br /><small>{$lang->warning_for_post} <a href=\"" . get_post_link($warning['pid']) . "#pid{$warning['pid']}\">{$warning['post_subject']}</a></small>"; } $issuedby = build_profile_link($warning['username'], $warning['issuedby']); $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']) . ", " . my_date($mybb->settings['timeformat'], $warning['dateline']); if ($warning['type_title']) { $warning_type = $warning['type_title']; } else { $warning_type = $warning['title']; } $warning_type = htmlspecialchars_uni($warning_type); if ($warning['points'] > 0) { $warning['points'] = "+{$warning['points']}"; } $points = $lang->sprintf($lang->warning_points, $warning['points']); if ($warning['expired'] != 1) { if ($warning['expires'] == 0) {
function cloudflare_moderation_start() { global $mybb, $db, $cache, $fid, $pid; if (!$mybb->settings['cloudflare_postbit_spam'] || $mybb->input['action'] != 'cloudflare_report_spam') { return; } if (!$mybb->input['pid']) { error($lang->error_invalidpost); } $pid = intval($mybb->input['pid']); if (!$mybb->input['fid']) { error($lang->error_invalidforum); } $fid = intval($mybb->input['fid']); if (!is_moderator($fid)) { error_no_permission(); } $query = $db->query("\n\t\tSELECT p.uid, p.username, u.email, p.message, p.ipaddress, p.tid\n\t\tFROM " . TABLE_PREFIX . "posts p\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid=p.fid)\n\t\tWHERE p.pid = '{$pid}'\n\t"); $post = $db->fetch_array($query); if (!$post) { error($lang->error_invalidpost); } if (!$mybb->input['my_post_key']) { error_no_permission(); } verify_post_check($mybb->input['my_post_key']); $spammer = get_user($post['uid']); $data = array("a" => $spammer['username'], "am" => $spammer['email'], "ip" => $post['ipaddress'], "con" => substr($post['message'], 0, 100)); $data = urlencode(json_encode($data)); cloudflare_report_spam($data); redirect(get_post_link($pid), "Spam successfully reported to CloudFlare. You may now ban the spammer."); }
$page->output_header($lang->warning_details); $user_link = build_profile_link($user['username'], $user['uid'], "_blank"); if (is_array($warn_errors)) { $page->output_inline_error($warn_errors); $mybb->input['reason'] = htmlspecialchars_uni($mybb->input['reason']); } $table = new Table(); $post_link = ""; if ($warning['post_subject']) { if (!is_object($parser)) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']); $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']); $post_link = get_post_link($warning['pid']); $table->construct_cell("<strong>{$lang->warned_user}</strong><br /><br />{$user_link}"); $table->construct_cell("<strong>{$lang->post}</strong><br /><br /><a href=\"{$mybb->settings['bburl']}/{$post_link}\" target=\"_blank\">{$warning['post_subject']}</a>"); $table->construct_row(); } else { $table->construct_cell("<strong>{$lang->warned_user}</strong><br /><br />{$user_link}", array('colspan' => 2)); $table->construct_row(); } $issuedby = build_profile_link($warning['username'], $warning['issuedby'], "_blank"); $notes = nl2br(htmlspecialchars_uni($warning['notes'])); $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']) . ", " . my_date($mybb->settings['timeformat'], $warning['dateline']); if ($warning['type_title']) { $warning_type = $warning['type_title']; } else { $warning_type = $warning['title']; }
} if (!empty($_POST['url'])) { $post_url = esc_url(trim($_POST['url'])); } } // Loop through possible anonymous post data foreach (array('post_author', 'post_email', 'post_url') as $field) { if (!empty(${$field})) { $post_data[$field] = ${$field}; } } // Setup topic data if (bb_is_first($bb_post->post_id) && bb_current_user_can('edit_topic', $bb_post->topic_id)) { $post_data['topic_title'] = stripslashes($_POST['topic']); $post_data['topic_id'] = $bb_post->topic_id; bb_insert_topic($post_data); } // Setup post data $post_data['post_text'] = stripslashes($_POST['post_content']); $post_data['post_id'] = $post_id; bb_insert_post($post_data); if ($post_id) { if ($_REQUEST['view'] === 'all') { add_filter('get_post_link', 'bb_make_link_view_all'); } $post_link = get_post_link($post_id); nxt_redirect($post_link); } else { nxt_redirect(bb_get_uri(null, null, BB_URI_CONTEXT_HEADER)); } exit;
$table->construct_header($lang->ipaddress, array("class" => "align_center", 'width' => '10%')); $query = $db->query("\n\t\tSELECT l.*, u.username, u.usergroup, u.displaygroup, t.subject AS tsubject, f.name AS fname, p.subject AS psubject\n\t\tFROM " . TABLE_PREFIX . "moderatorlog l\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=l.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=l.tid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid=l.fid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "posts p ON (p.pid=l.pid)\n\t\t{$where}\n\t\tORDER BY {$sortby} {$order}\n\t\tLIMIT {$start}, {$perpage}\n\t"); while ($logitem = $db->fetch_array($query)) { $information = ''; $logitem['dateline'] = date("jS M Y, G:i", $logitem['dateline']); $trow = alt_trow(); $username = format_name($logitem['username'], $logitem['usergroup'], $logitem['displaygroup']); $logitem['profilelink'] = build_profile_link($username, $logitem['uid']); if ($logitem['tsubject']) { $information = "<strong>{$lang->thread}</strong> <a href=\"../" . get_thread_link($logitem['tid']) . "\" target=\"_blank\">" . htmlspecialchars_uni($logitem['tsubject']) . "</a><br />"; } if ($logitem['fname']) { $information .= "<strong>{$lang->forum}</strong> <a href=\"../" . get_forum_link($logitem['fid']) . "\" target=\"_blank\">" . htmlspecialchars_uni($logitem['fname']) . "</a><br />"; } if ($logitem['psubject']) { $information .= "<strong>{$lang->post}</strong> <a href=\"../" . get_post_link($logitem['pid']) . "#pid{$logitem['pid']}\">" . htmlspecialchars_uni($logitem['psubject']) . "</a>"; } $table->construct_cell($logitem['profilelink']); $table->construct_cell($logitem['dateline'], array("class" => "align_center")); $table->construct_cell($logitem['action'], array("class" => "align_center")); $table->construct_cell($information); $table->construct_cell($logitem['ipaddress'], array("class" => "align_center")); $table->construct_row(); } if ($table->num_rows() == 0) { $table->construct_cell($lang->no_modlogs, array("colspan" => "5")); $table->construct_row(); } $table->output($lang->mod_logs); // Do we need to construct the pagination? if ($rescount > $perpage) {
$table->construct_header($lang->filename); $table->construct_header($lang->uploadedby, array("class" => "align_center", "width" => "20%")); $table->construct_header($lang->posted, array("class" => "align_center", "width" => "20%")); $table->construct_header($lang->controls, array("class" => "align_center", "colspan" => 3)); $query = $db->query("\n\t\t\tSELECT a.*, p.subject AS postsubject, p.dateline, p.uid, u.username, t.tid, t.subject AS threadsubject\n\t\t\tFROM " . TABLE_PREFIX . "attachments a\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "posts p ON (p.pid=a.pid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n\t\t\tWHERE a.visible='0'\n\t\t\tORDER BY a.dateuploaded DESC\n\t\t\tLIMIT {$start}, {$per_page}\n\t\t"); while ($attachment = $db->fetch_array($query)) { if (!$attachment['dateuploaded']) { $attachment['dateuploaded'] = $attachment['dateline']; } $attachdate = my_date($mybb->settings['dateformat'], $attachment['dateuploaded']); $attachtime = my_date($mybb->settings['timeformat'], $attachment['dateuploaded']); $attachment['postsubject'] = htmlspecialchars_uni($attachment['postsubject']); $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); $attachment['threadsubject'] = htmlspecialchars_uni($attachment['threadsubject']); $attachment['filesize'] = get_friendly_size($attachment['filesize']); $link = get_post_link($attachment['pid'], $attachment['tid']) . "#pid{$attachment['pid']}"; $thread_link = get_thread_link($attachment['tid']); $profile_link = build_profile_link($attachment['username'], $attachment['uid']); $table->construct_cell("<a href=\"../attachment.php?aid={$attachment['aid']}\" target=\"_blank\">{$attachment['filename']}</a> ({$attachment['filesize']})<br /><small class=\"modqueue_meta\">{$lang->post} <a href=\"{$link}\">{$attachment['postsubject']}</a></small>"); $table->construct_cell($profile_link, array("class" => "align_center")); $table->construct_cell("{$attachdate}, {$attachtime}", array("class" => "align_center")); $table->construct_cell($form->generate_radio_button("attachments[{$attachment['aid']}]", "ignore", $lang->ignore, array('class' => 'radio_ignore', 'checked' => true)), array("class" => "align_center")); $table->construct_cell($form->generate_radio_button("attachments[{$attachment['aid']}]", "delete", $lang->delete, array('class' => 'radio_delete', 'checked' => false)), array("class" => "align_center")); $table->construct_cell($form->generate_radio_button("attachments[{$attachment['aid']}]", "approve", $lang->approve, array('class' => 'radio_approve', 'checked' => false)), array("class" => "align_center")); $table->construct_row(); } $table->output($lang->attachments_awaiting_moderation); echo $all_options; echo $pagination; $buttons[] = $form->generate_submit_button($lang->perform_action); $form->output_submit_wrapper($buttons);
/** * Build a post bit * * @param array The post data * @param int The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post) * @return string The built post bit */ function build_postbit($post, $post_type = 0) { global $db, $altbg, $theme, $mybb, $postcounter; global $titlescache, $page, $templates, $forumpermissions, $attachcache; global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid; global $plugins, $parser, $cache, $ignored_users, $hascustomtitle; $hascustomtitle = 0; // Set default values for any fields not provided here foreach (array('subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm') as $post_field) { if (empty($post[$post_field])) { $post[$post_field] = ''; } } // Set up the message parser if it doesn't already exist. if (!$parser) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $unapproved_shade = ''; if ($post['visible'] == 0 && $post_type == 0) { $altbg = $unapproved_shade = 'trow_shaded'; } elseif ($altbg == 'trow1') { $altbg = 'trow2'; } else { $altbg = 'trow1'; } $post['fid'] = $fid; switch ($post_type) { case 1: // Message preview global $forum; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = 0; break; case 2: // Private message global $message, $pmid; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; break; case 3: // Announcement global $announcementarray, $message; $parser_options['allow_html'] = $announcementarray['allowhtml']; $parser_options['allow_mycode'] = $announcementarray['allowmycode']; $parser_options['allow_smilies'] = $announcementarray['allowsmilies']; $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; break; default: // Regular post global $forum, $thread, $tid; $oldforum = $forum; $id = intval($post['pid']); $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } break; } // Sanatize our custom profile fields for use in templates, if people choose to use them foreach ($post as $post_field => $field_value) { if (substr($post_field, 0, 3) != 'fid') { continue; } $post[$post_field] = htmlspecialchars_uni($field_value); } if (!$postcounter) { // Used to show the # of the post if ($page > 1) { if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) { $mybb->settings['postsperpage'] = 20; } $postcounter = $mybb->settings['postsperpage'] * ($page - 1); } else { $postcounter = 0; } $post_extra_style = "border-top-width: 0;"; } elseif ($mybb->input['mode'] == "threaded") { $post_extra_style = "border-top-width: 0;"; } else { $post_extra_style = "margin-top: 5px;"; } if (!$altbg) { // Define the alternate background colour if this is the first post $altbg = "trow1"; } $postcounter++; // Format the post date and time using my_date $post['postdate'] = my_date($mybb->settings['dateformat'], $post['dateline']); $post['posttime'] = my_date($mybb->settings['timeformat'], $post['dateline']); // Dont want any little 'nasties' in the subject $post['subject'] = $parser->parse_badwords($post['subject']); // Pm's have been htmlspecialchars_uni()'ed already. if ($post_type != 2) { $post['subject'] = htmlspecialchars_uni($post['subject']); } if (empty($post['subject'])) { $post['subject'] = ' '; } $post['author'] = $post['uid']; // Get the usergroup if ($post['userusername']) { if (!$post['displaygroup']) { $post['displaygroup'] = $post['usergroup']; } $usergroup = $groupscache[$post['displaygroup']]; } else { $usergroup = $groupscache[1]; } if (!is_array($titlescache)) { $cached_titles = $cache->read("usertitles"); if (!empty($cached_titles)) { foreach ($cached_titles as $usertitle) { $titlescache[$usertitle['posts']] = $usertitle; } } if (is_array($titlescache)) { krsort($titlescache); } unset($usertitle, $cached_titles); } // Work out the usergroup/title stuff $post['groupimage'] = ''; if (!empty($usergroup['image'])) { $language = $mybb->settings['bblanguage']; if (!empty($mybb->user['language'])) { $language = $mybb->user['language']; } $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']); $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']); eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";"); if ($mybb->settings['postlayout'] == "classic") { $post['groupimage'] .= "<br />"; } } if ($post['userusername']) { // This post was made by a registered user $post['username'] = $post['userusername']; $post['profilelink_plain'] = get_profile_link($post['uid']); $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']); $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']); if (trim($post['usertitle']) != "") { $hascustomtitle = 1; } if ($usergroup['usertitle'] != "" && !$hascustomtitle) { $post['usertitle'] = $usergroup['usertitle']; } elseif (is_array($titlescache) && !$usergroup['usertitle']) { reset($titlescache); foreach ($titlescache as $key => $titleinfo) { if ($post['postnum'] >= $key) { if (!$hascustomtitle) { $post['usertitle'] = $titleinfo['title']; } $post['stars'] = $titleinfo['stars']; $post['starimage'] = $titleinfo['starimage']; break; } } } if ($usergroup['stars']) { $post['stars'] = $usergroup['stars']; } if (empty($post['starimage'])) { $post['starimage'] = $usergroup['starimage']; } if ($post['starimage'] && $post['stars']) { // Only display stars if we have an image to use... $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']); $post['userstars'] = ''; for ($i = 0; $i < $post['stars']; ++$i) { $post['userstars'] .= "<img src=\"" . $post['starimage'] . "\" border=\"0\" alt=\"*\" />"; } $post['userstars'] .= "<br />"; } $postnum = $post['postnum']; $post['postnum'] = my_number_format($post['postnum']); // Determine the status to show for the user (Online/Offline/Away) $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if ($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_online") . "\";"); } else { if ($post['away'] == 1 && $mybb->settings['allowaway'] != 0) { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_away") . "\";"); } else { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";"); } } if ($post['avatar'] != "" && ($mybb->user['showavatars'] != 0 || !$mybb->user['uid'])) { $post['avatar'] = htmlspecialchars_uni($post['avatar']); $avatar_dimensions = explode("|", $post['avatardimensions']); if ($avatar_dimensions[0] && $avatar_dimensions[1]) { list($max_width, $max_height) = explode("x", my_strtolower($mybb->settings['postmaxavatarsize'])); if ($avatar_dimensions[0] > $max_width || $avatar_dimensions[1] > $max_height) { require_once MYBB_ROOT . "inc/functions_image.php"; $scaled_dimensions = scale_image($avatar_dimensions[0], $avatar_dimensions[1], $max_width, $max_height); $avatar_width_height = "width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\""; } else { $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\""; } } eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";"); $post['avatar_padding'] = "padding-right: 10px;"; } else { $post['useravatar'] = ''; $post['avatar_padding'] = ''; } eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";"); if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) { eval("\$post['button_pm'] = \"" . $templates->get("postbit_pm") . "\";"); } if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid']) { if (!$post['pid']) { $post['pid'] = 0; } eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";"); } if ($post['website'] != "") { $post['website'] = htmlspecialchars_uni($post['website']); eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";"); } else { $post['button_www'] = ""; } if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) { eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";"); } else { $post['button_email'] = ""; } $post['userregdate'] = my_date($mybb->settings['regdateformat'], $post['regdate']); // Work out the reputation this user has (only show if not announcement) if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) { $post['userreputation'] = get_reputation($post['reputation'], $post['uid']); eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";"); } // Showing the warning level? (only show if not announcement) if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) { $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); if ($warning_level > 100) { $warning_level = 100; } $warning_level = get_colored_warning_level($warning_level); // If we can warn them, it's not the same person, and we're in a PM or a post. if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) { eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";"); $warning_link = "warnings.php?uid={$post['uid']}"; } else { $warning_link = "usercp.php"; } eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";"); } eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";"); } else { // Message was posted by a guest or an unknown user $post['profilelink'] = format_name($post['username'], 1); if ($usergroup['usertitle']) { $post['usertitle'] = $usergroup['usertitle']; } else { $post['usertitle'] = $lang->guest; } $usergroup['title'] = $lang->na; $post['userregdate'] = $lang->na; $post['postnum'] = $lang->na; $post['button_profile'] = ''; $post['button_email'] = ''; $post['button_www'] = ''; $post['signature'] = ''; $post['button_pm'] = ''; $post['button_find'] = ''; $post['onlinestatus'] = ''; $post['replink'] = ''; eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";"); } $post['button_edit'] = ''; $post['button_quickdelete'] = ''; $post['button_quote'] = ''; $post['button_quickquote'] = ''; $post['button_report'] = ''; // For private messages, fetch the reply/forward/delete icons if ($post_type == 2 && $post['pmid']) { global $replyall; eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";"); eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";"); eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";"); if ($replyall == true) { eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";"); } } if (!$post_type) { // Figure out if we need to show an "edited by" message $post['editedmsg'] = ''; if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) { $post['editdate'] = my_date($mybb->settings['dateformat'], $post['edittime']); $post['edittime'] = my_date($mybb->settings['timeformat'], $post['edittime']); $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate'], $post['edittime']); $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']); eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";"); } if ((is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid']) && $mybb->user['uid'] != 0) { eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";"); } // Quick Delete button $can_delete = 0; if ($mybb->user['uid'] == $post['uid']) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete = 1; } } } if ((is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0) { eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } // Inline moderation stuff if ($ismod) { if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) { $inlinecheck = "checked=\"checked\""; $inlinecount++; } else { $inlinecheck = ""; } eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";"); if ($post['visible'] == 0) { $invisiblepost = 1; } } else { $post['inlinecheck'] = ""; } $post['postlink'] = get_post_link($post['pid'], $post['tid']); eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";"); global $forum, $thread; if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid']))) { eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";"); } if ($forumpermissions['canpostreplys'] != 0 && ($thread['closed'] != 1 || is_moderator($fid)) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) { eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";"); } if ($mybb->user['uid'] != "0") { eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";"); } if ($mybb->settings['logip'] != "no") { if ($mybb->settings['logip'] == "show") { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";"); } else { if ($mybb->settings['logip'] == "hide" && is_moderator($fid, "canviewips")) { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";"); } else { $post['iplogged'] = ""; } } } else { $post['iplogged'] = ""; } } elseif ($post_type == 3) { if ($mybb->usergroup['issupermod'] == 1 || is_moderator($fid)) { eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";"); eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";"); } } if ($post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } // If we have incoming search terms to highlight - get it done. if (!empty($mybb->input['highlight'])) { $parser_options['highlight'] = $mybb->input['highlight']; $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']); } $post['message'] = $parser->parse_message($post['message'], $parser_options); get_post_attachments($id, $post); if ($post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts'])) { $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($usergroup['signofollow']) { $sig_parser['nofollow_on'] = 1; } $post['signature'] = $parser->parse_message($post['signature'], $sig_parser); eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";"); } else { $post['signature'] = ""; } $icon_cache = $cache->read("posticons"); if ($post['icon'] > 0 && $icon_cache[$post['icon']]) { $icon = $icon_cache[$post['icon']]; $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); $post['icon'] = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" style=\"vertical-align: middle;\" /> "; } else { $post['icon'] = ""; } $post_visibility = ''; switch ($post_type) { case 1: // Message preview $post = $plugins->run_hooks("postbit_prev", $post); break; case 2: // Private message $post = $plugins->run_hooks("postbit_pm", $post); break; case 3: // Announcement $post = $plugins->run_hooks("postbit_announcement", $post); break; default: // Regular post $post = $plugins->run_hooks("postbit", $post); // Is this author on the ignore list of the current user? Hide this post $ignore_bit = ''; if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) { $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']); eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";"); $post_visibility = "display: none;"; } break; } if ($mybb->settings['postlayout'] == "classic") { eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";"); } else { eval("\$postbit = \"" . $templates->get("postbit") . "\";"); } $GLOBALS['post'] = ""; return $postbit; }
<ul class="posts"> <?php add_filter('get_topic_where', 'bb_no_where'); foreach ($objects as $object) { ?> <?php if ('post' == $object['type']) { global $bb_post; $bb_post = $object['data']; ?> <li> <?php if ($bb_post->poster_id) { printf(__('<a href="%1$s">Post</a> on <a href="%2$s">%3$s</a> by <a href="%4$s">%5$s</a>'), esc_attr(add_query_arg('view', 'all', get_post_link())), get_topic_link($bb_post->topic_id), get_topic_title($bb_post->topic_id), get_user_profile_link($bb_post->poster_id), get_post_author()); } else { printf(__('<a href="%1$s">Post</a> on <a href="%2$s">%3$s</a> by %4$s'), esc_attr(add_query_arg('view', 'all', get_post_link())), get_topic_link($bb_post->topic_id), get_topic_title($bb_post->topic_id), get_post_author()); } ?> </li> <?php } elseif ('topic' == $object['type']) { global $topic; $topic = $object['data']; ?> <li> <?php if ($topic->topic_poster) { printf(__('Topic titled <a href="%1$s">%2$s</a> started by <a href="%3$s">%4$s</a>'), esc_attr(add_query_arg('view', 'all', get_topic_link())), get_topic_title($topic->topic_id), get_user_profile_link($topic->topic_poster), get_topic_author($topic->topic_id)); } else { printf(__('Topic titled <a href="%1$s">%2$s</a> started by %3$s'), esc_attr(add_query_arg('view', 'all', get_topic_link())), get_topic_title($topic->topic_id), get_topic_author($topic->topic_id)); }