/** * Execute Custom Moderation Tool * * @param int $tool_id Tool ID * @param int|array Thread ID(s) * @param int|array Post ID(s) * @return string 'forum' or 'default' indicating where to redirect */ function execute($tool_id, $tids = 0, $pids = 0) { global $db; // Get tool info $query = $db->simple_select("modtools", '*', 'tid="' . (int) $tool_id . '"'); $tool = $db->fetch_array($query); if (!$tool['tid']) { return false; } // Format single tid and pid if (!is_array($tids)) { $tids = array($tids); } if (!is_array($pids)) { $pids = array($pids); } // Unserialize custom moderation $post_options = my_unserialize($tool['postoptions']); $thread_options = my_unserialize($tool['threadoptions']); // If the tool type is a post tool, then execute the post moderation $deleted_thread = 0; if ($tool['type'] == 'p') { $deleted_thread = $this->execute_post_moderation($post_options, $pids, $tids); } // Always execute thead moderation $this->execute_thread_moderation($thread_options, $tids); // If the thread is deleted, indicate to the calling script to redirect to the forum, and not the nonexistant thread if ($thread_options['deletethread'] == 1 || $deleted_thread === 1) { return 'forum'; } return 'default'; }
/** * Fetches the number of unread threads for the current user in a particular forum. * * @param string The forums (CSV list) * @return int The number of unread threads */ function fetch_unread_count($fid) { global $cache, $db, $mybb; $onlyview = $onlyview2 = ''; $permissions = forum_permissions($fid); $cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24; if (!empty($permissions['canonlyviewownthreads'])) { $onlyview = " AND uid = '{$mybb->user['uid']}'"; $onlyview2 = " AND t.uid = '{$mybb->user['uid']}'"; } if ($mybb->user['uid'] == 0) { $comma = ''; $tids = ''; $threadsread = my_unserialize($mybb->cookies['mybb']['threadread']); $forumsread = my_unserialize($mybb->cookies['mybb']['forumread']); if (!empty($threadsread)) { foreach ($threadsread as $key => $value) { $tids .= $comma . intval($key); $comma = ','; } } if (!empty($tids)) { $count = 0; // We've read at least some threads, are they here? $query = $db->simple_select("threads", "lastpost, tid, fid", "visible=1 AND closed NOT LIKE 'moved|%' AND fid IN ({$fid}) AND lastpost > '{$cutoff}'{$onlyview}", array("limit" => 100)); while ($thread = $db->fetch_array($query)) { if ($thread['lastpost'] > intval($threadsread[$thread['tid']]) && $thread['lastpost'] > intval($forumsread[$thread['fid']])) { ++$count; } } return $count; } // Not read any threads? return false; } else { // START - Unread posts MOD $fieldname = 'dateline'; if (function_exists("unreadPosts_is_installed") && unreadPosts_is_installed()) { $cutoff = $mybb->user['lastmark']; } // END - Unread posts MOD switch ($db->type) { case "pgsql": $query = $db->query("\n SELECT COUNT(t.tid) AS unread_count\n FROM " . TABLE_PREFIX . "threads t\n LEFT JOIN " . TABLE_PREFIX . "threadsread tr ON (tr.tid=t.tid AND tr.uid='{$mybb->user['uid']}')\n LEFT JOIN " . TABLE_PREFIX . "forumsread fr ON (fr.fid=t.fid AND fr.uid='{$mybb->user['uid']}')\n WHERE t.visible=1 AND t.closed NOT LIKE 'moved|%' \n AND t.fid IN ({$fid}) \n AND t.lastpost > COALESCE(tr.dateline,{$cutoff}) \n AND t.lastpost > COALESCE(fr.dateline,{$cutoff}) \n AND t.lastpost > {$cutoff}\n {$onlyview2}\n "); break; default: $query = $db->query("\n SELECT COUNT(t.tid) AS unread_count\n FROM " . TABLE_PREFIX . "threads t\n LEFT JOIN " . TABLE_PREFIX . "threadsread tr ON (tr.tid=t.tid AND tr.uid='{$mybb->user['uid']}')\n LEFT JOIN " . TABLE_PREFIX . "forumsread fr ON (fr.fid=t.fid AND fr.uid='{$mybb->user['uid']}')\n WHERE t.visible=1 AND t.closed NOT LIKE 'moved|%' \n AND t.fid IN ({$fid}) \n AND t.lastpost > IFNULL(tr.dateline,{$cutoff}) \n AND t.lastpost > IFNULL(fr.dateline,{$cutoff}) \n AND t.lastpost > {$cutoff}\n {$onlyview2}\n "); } return (int) $db->fetch_field($query, "unread_count"); } }
/** * @param resource|PDOStatement|mysqli_result $query The query to be run. Needs to select the "action" column of the "warninglevels" table * @param array $max_expiration_times Return variable. The maximum expiration time * @param array $check_levels Return variable. Whether those "levels" were checked */ function find_warnlevels_to_check($query, &$max_expiration_times, &$check_levels) { global $db; // we have some warning levels we need to revoke $max_expiration_times = array(1 => -1, 2 => -1, 3 => -1); $check_levels = array(1 => false, 2 => false, 3 => false); while ($warn_level = $db->fetch_array($query)) { // revoke actions taken at this warning level $action = my_unserialize($warn_level['action']); if ($action['type'] < 1 || $action['type'] > 3) { continue; } $check_levels[$action['type']] = true; $max_exp_time =& $max_expiration_times[$action['type']]; if ($action['length'] && $max_exp_time != 0) { $expiration = $action['length']; if ($expiration > $max_exp_time) { $max_exp_time = $expiration; } } else { $max_exp_time = 0; } } }
$message = $lang->sprintf($lang->warning_pm_message, $user['username'], $mybb->settings['bbname']); $warn_errors = ''; } $lang->nav_profile = $lang->sprintf($lang->nav_profile, $user['username']); add_breadcrumb($lang->nav_profile, get_profile_link($user['uid'])); add_breadcrumb($lang->nav_add_warning); $user_link = build_profile_link($user['username'], $user['uid']); if ($mybb->settings['maxwarningpoints'] < 1) { $mybb->settings['maxwarningpoints'] = 10; } $current_level = round($user['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); // Fetch warning levels $levels = array(); $query = $db->simple_select("warninglevels", "*"); while ($level = $db->fetch_array($query)) { $level['action'] = my_unserialize($level['action']); switch ($level['action']['type']) { case 1: if ($level['action']['length'] > 0) { $ban_length = fetch_friendly_expiration($level['action']['length']); $lang_str = "expiration_" . $ban_length['period']; $period = $lang->sprintf($lang->result_period, $ban_length['time'], $lang->{$lang_str}); } else { $period = $lang->result_period_perm; } $group_name = $groupscache[$level['action']['usergroup']]['title']; $level['friendly_action'] = $lang->sprintf($lang->result_banned, $group_name, $period); break; case 2: if ($level['action']['length'] > 0) { $period = fetch_friendly_expiration($level['action']['length']);
// Missing theme was from a forum, run a query to set any forums using the theme to the default if ($load_from_forum == 1) { $db->update_query('forums', array('style' => 0), "style = '{$style['style']}'"); } else { if ($load_from_user == 1) { $db->update_query('users', array('style' => 0), "style = '{$mybb->user['style']}'"); } } // Attempt to load the master or any other theme if the master is not available $query = $db->simple_select('themes', 'name, tid, properties, stylesheets', '', array('order_by' => 'tid', 'limit' => 1)); $theme = $db->fetch_array($query); } $theme = @array_merge($theme, my_unserialize($theme['properties'])); // Fetch all necessary stylesheets $stylesheets = ''; $theme['stylesheets'] = my_unserialize($theme['stylesheets']); $stylesheet_scripts = array("global", basename($_SERVER['PHP_SELF'])); if (!empty($theme['color'])) { $stylesheet_scripts[] = $theme['color']; } $stylesheet_actions = array("global"); if (!empty($mybb->input['action'])) { $stylesheet_actions[] = $mybb->get_input('action'); } foreach ($stylesheet_scripts as $stylesheet_script) { // Load stylesheets for global actions and the current action foreach ($stylesheet_actions as $stylesheet_action) { if (!$stylesheet_action) { continue; } if (!empty($theme['stylesheets'][$stylesheet_script][$stylesheet_action])) {
/** * Returns language-friendly string describing $logitem * @param array The log item (one row from mybb_adminlogs) * @return string The description */ function get_admin_log_action($logitem) { global $lang, $plugins, $mybb; $logitem['module'] = str_replace('/', '-', $logitem['module']); list($module, $action) = explode('-', $logitem['module']); $lang_string = 'admin_log_' . $module . '_' . $action . '_' . $logitem['action']; // Specific page overrides switch ($lang_string) { // == CONFIG == case 'admin_log_config_banning_add': // Banning IP/Username/Email // Banning IP/Username/Email case 'admin_log_config_banning_delete': // Removing banned IP/username/emails switch ($logitem['data'][2]) { case 1: $lang_string = 'admin_log_config_banning_' . $logitem['action'] . '_ip'; break; case 2: $lang_string = 'admin_log_config_banning_' . $logitem['action'] . '_username'; break; case 3: $lang_string = 'admin_log_config_banning_' . $logitem['action'] . '_email'; break; } break; case 'admin_log_config_help_documents_add': // Help documents and sections // Help documents and sections case 'admin_log_config_help_documents_edit': case 'admin_log_config_help_documents_delete': $lang_string .= "_{$logitem['data'][2]}"; // adds _section or _document break; case 'admin_log_config_languages_edit': // Editing language variables $logitem['data'][1] = basename($logitem['data'][1]); if ($logitem['data'][2] == 1) { $lang_string = 'admin_log_config_languages_edit_admin'; } break; case 'admin_log_config_mycode_toggle_status': // Custom MyCode toggle activation if ($logitem['data'][2] == 1) { $lang_string .= '_enabled'; } else { $lang_string .= '_disabled'; } break; case 'admin_log_config_plugins_activate': // Installing plugin if ($logitem['data'][1]) { $lang_string .= '_install'; } break; case 'admin_log_config_plugins_deactivate': // Uninstalling plugin if ($logitem['data'][1]) { $lang_string .= '_uninstall'; } break; // == FORUM == // == FORUM == case 'admin_log_forum_attachments_delete': // Deleting attachments if ($logitem['data'][2]) { $lang_string .= '_post'; } break; case 'admin_log_forum_management_copy': // Forum copy if ($logitem['data'][4]) { $lang_string .= '_with_permissions'; } break; case 'admin_log_forum_management_': // add mod, permissions, forum orders // first parameter already set with action $lang_string .= $logitem['data'][0]; if ($logitem['data'][0] == 'orders' && $logitem['data'][1]) { $lang_string .= '_sub'; // updating forum orders in a subforum } break; case 'admin_log_forum_moderation_queue_': //moderation queue // first parameter already set with action $lang_string .= $logitem['data'][0]; break; // == HOME == // == HOME == case 'admin_log_home_preferences_': // 2FA $lang_string .= $logitem['data'][0]; // either "enabled" or "disabled" break; // == STYLE == // == STYLE == case 'admin_log_style_templates_delete_template': // deleting templates // global template set if ($logitem['data'][2] == -1) { $lang_string .= '_global'; } break; case 'admin_log_style_templates_edit_template': // editing templates // global template set if ($logitem['data'][2] == -1) { $lang_string .= '_global'; } break; // == TOOLS == // == TOOLS == case 'admin_log_tools_adminlog_prune': // Admin Log Pruning if ($logitem['data'][1] && !$logitem['data'][2]) { $lang_string = 'admin_log_tools_adminlog_prune_user'; } elseif ($logitem['data'][2] && !$logitem['data'][1]) { $lang_string = 'admin_log_tools_adminlog_prune_module'; } elseif ($logitem['data'][1] && $logitem['data'][2]) { $lang_string = 'admin_log_tools_adminlog_prune_user_module'; } break; case 'admin_log_tools_modlog_prune': // Moderator Log Pruning if ($logitem['data'][1] && !$logitem['data'][2]) { $lang_string = 'admin_log_tools_modlog_prune_user'; } elseif ($logitem['data'][2] && !$logitem['data'][1]) { $lang_string = 'admin_log_tools_modlog_prune_forum'; } elseif ($logitem['data'][1] && $logitem['data'][2]) { $lang_string = 'admin_log_tools_modlog_prune_user_forum'; } break; case 'admin_log_tools_backupdb_backup': // Create backup if ($logitem['data'][0] == 'download') { $lang_string = 'admin_log_tools_backupdb_backup_download'; } $logitem['data'][1] = '...' . substr($logitem['data'][1], -20); break; case 'admin_log_tools_backupdb_dlbackup': // Download backup $logitem['data'][0] = '...' . substr($logitem['data'][0], -20); break; case 'admin_log_tools_backupdb_delete': // Delete backup $logitem['data'][0] = '...' . substr($logitem['data'][0], -20); break; case 'admin_log_tools_optimizedb_': // Optimize DB $logitem['data'][0] = @implode(', ', my_unserialize($logitem['data'][0])); break; case 'admin_log_tools_recount_rebuild_': // Recount and rebuild $detail_lang_string = $lang_string . $logitem['data'][0]; if (isset($lang->{$detail_lang_string})) { $lang_string = $detail_lang_string; } break; // == USERS == // == USERS == case 'admin_log_user_admin_permissions_edit': // editing default/group/user admin permissions if ($logitem['data'][0] > 0) { // User $lang_string .= '_user'; } elseif ($logitem['data'][0] < 0) { // Group $logitem['data'][0] = abs($logitem['data'][0]); $lang_string .= '_group'; } break; case 'admin_log_user_admin_permissions_delete': // deleting group/user admin permissions if ($logitem['data'][0] > 0) { // User $lang_string .= '_user'; } elseif ($logitem['data'][0] < 0) { // Group $logitem['data'][0] = abs($logitem['data'][0]); $lang_string .= '_group'; } break; case 'admin_log_user_banning_': // banning if ($logitem['data'][2] == 0) { $lang_string = 'admin_log_user_banning_add_permanent'; } else { $logitem['data'][2] = my_date($mybb->settings['dateformat'], $logitem['data'][2]); $lang_string = 'admin_log_user_banning_add_temporary'; } break; case 'admin_log_user_groups_join_requests': if ($logitem['data'][0] == 'approve') { $lang_string = 'admin_log_user_groups_join_requests_approve'; } else { $lang_string = 'admin_log_user_groups_join_requests_deny'; } break; case 'admin_log_user_users_inline_banned': if ($logitem['data'][1] == 0) { $lang_string = 'admin_log_user_users_inline_banned_perm'; } else { $logitem['data'][1] = my_date($mybb->settings['dateformat'], $logitem['data'][1]); $lang_string = 'admin_log_user_users_inline_banned_temp'; } break; } $plugin_array = array('logitem' => &$logitem, 'lang_string' => &$lang_string); $plugins->run_hooks("admin_tools_get_admin_log_action", $plugin_array); if (isset($lang->{$lang_string})) { array_unshift($logitem['data'], $lang->{$lang_string}); // First parameter for sprintf is the format string $string = call_user_func_array(array($lang, 'sprintf'), $logitem['data']); if (!$string) { $string = $lang->{$lang_string}; // Fall back to the one in the language pack } } else { if (isset($logitem['data']['type']) && $logitem['data']['type'] == 'admin_locked_out') { $string = $lang->sprintf($lang->admin_log_admin_locked_out, (int) $logitem['data']['uid'], htmlspecialchars_uni($logitem['data']['username'])); } else { // Build a default string $string = $logitem['module'] . ' - ' . $logitem['action']; if (is_array($logitem['data']) && count($logitem['data']) > 0) { $string .= '(' . implode(', ', $logitem['data']) . ')'; } } } return $string; }
$page->show_login($login_lang_string, "error"); } else { // If we have this error while retreiving it from an AJAX request, then send back a nice error if (isset($mybb->input['ajax']) && $mybb->input['ajax'] == 1) { echo json_encode(array("errors" => array("login"))); exit; } $page->show_login($login_message, "error"); } } // Time to check for Two-Factor Authentication // First: are we trying to verify a code? if ($mybb->input['do'] == "do_2fa" && $mybb->request_method == "post") { // Test whether it's a recovery code $recovery = false; $codes = my_unserialize($admin_options['recovery_codes']); if (!empty($codes) && in_array($mybb->get_input('code'), $codes)) { $recovery = true; $ncodes = array_diff($codes, array($mybb->input['code'])); // Removes our current code from the codes array $db->update_query("adminoptions", array("recovery_codes" => $db->escape_string(my_serialize($ncodes))), "uid='{$mybb->user['uid']}'"); if (count($ncodes) == 0) { flash_message($lang->my2fa_no_codes, "error"); } } // Validate the code require_once MYBB_ROOT . "inc/3rdparty/2fa/GoogleAuthenticator.php"; $auth = new PHPGangsta_GoogleAuthenticator(); $test = $auth->verifyCode($admin_options['authsecret'], $mybb->get_input('code')); // Either the code was okay or it was a recovery code if ($test === true || $recovery === true) {
$logitem['tsubject'] = htmlspecialchars_uni($logitem['tsubject']); $logitem['thread'] = get_thread_link($logitem['tid']); eval("\$information .= \"" . $templates->get("modcp_modlogs_result_thread") . "\";"); } if ($logitem['fname']) { $logitem['forum'] = get_forum_link($logitem['fid']); eval("\$information .= \"" . $templates->get("modcp_modlogs_result_forum") . "\";"); } if ($logitem['psubject']) { $logitem['psubject'] = htmlspecialchars_uni($logitem['psubject']); $logitem['post'] = get_post_link($logitem['pid']); eval("\$information .= \"" . $templates->get("modcp_modlogs_result_post") . "\";"); } // Edited a user or managed announcement? if (!$logitem['tsubject'] || !$logitem['fname'] || !$logitem['psubject']) { $data = my_unserialize($logitem['data']); if ($data['uid']) { $information = $lang->sprintf($lang->edited_user_info, htmlspecialchars_uni($data['username']), get_profile_link($data['uid'])); } if ($data['aid']) { $data['subject'] = htmlspecialchars_uni($data['subject']); $data['announcement'] = get_announcement_link($data['aid']); eval("\$information .= \"" . $templates->get("modcp_modlogs_result_announcement") . "\";"); } } eval("\$modlogresults .= \"" . $templates->get("modcp_modlogs_result") . "\";"); } if (!$modlogresults) { eval("\$modlogresults = \"" . $templates->get("modcp_modlogs_nologs") . "\";"); } eval("\$latestfivemodactions = \"" . $templates->get("modcp_latestfivemodactions") . "\";");
if (!isset($stats) || isset($stats) && !is_array($stats)) { // Load the stats cache. $stats = $cache->read('stats'); } $post_code_string = ''; if ($mybb->user['uid']) { $post_code_string = '&my_post_key=' . $mybb->post_code; } eval('$boardstats = "' . $templates->get('index_boardstats') . '";'); } if ($mybb->user['uid'] == 0) { // Build a forum cache. $query = $db->simple_select('forums', '*', 'active!=0', array('order_by' => 'pid, disporder')); $forumsread = array(); if (isset($mybb->cookies['mybb']['forumread'])) { $forumsread = my_unserialize($mybb->cookies['mybb']['forumread']); } } else { // Build a forum cache. $query = $db->query("\n\t\tSELECT f.*, fr.dateline AS lastread\n\t\tFROM " . TABLE_PREFIX . "forums f\n\t\tLEFT JOIN " . TABLE_PREFIX . "forumsread fr ON (fr.fid = f.fid AND fr.uid = '{$mybb->user['uid']}')\n\t\tWHERE f.active != 0\n\t\tORDER BY pid, disporder\n\t"); } while ($forum = $db->fetch_array($query)) { if ($mybb->user['uid'] == 0) { if (!empty($forumsread[$forum['fid']])) { $forum['lastread'] = $forumsread[$forum['fid']]; } } $fcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum; } $forumpermissions = forum_permissions(); // Get the forum moderators if the setting is enabled.
$table->construct_cell("{$set_popup}<strong><a href=\"index.php?module=style-templates&sid={$sid}{$group['expand_str']}#group_{$group['gid']}\">{$group['title']}</a></strong>"); $table->construct_cell("<a href=\"index.php?module=style-templates&sid={$sid}{$group['expand_str']}#group_{$group['gid']}\">{$expand}</a>", array("class" => "align_center")); $table->construct_row(array("class" => "alt_row", "id" => "group_" . $group['gid'], "name" => "group_" . $group['gid'])); } } $table->output($template_sets[$sid]); $page->output_footer(); } if (!$mybb->input['action']) { $plugins->run_hooks("admin_style_templates_start"); $page->output_header($lang->template_sets); $page->output_nav_tabs($sub_tabs, 'templates'); $themes = array(); $query = $db->simple_select("themes", "name,tid,properties", "tid != '1'"); while ($theme = $db->fetch_array($query)) { $tbits = my_unserialize($theme['properties']); $themes[$tbits['templateset']][$theme['tid']] = htmlspecialchars_uni($theme['name']); } $template_sets = array(); $template_sets[-1]['title'] = $lang->global_templates; $template_sets[-1]['sid'] = -1; $query = $db->simple_select("templatesets", "*", "", array('order_by' => 'title', 'order_dir' => 'ASC')); while ($template_set = $db->fetch_array($query)) { $template_sets[$template_set['sid']] = $template_set; } $table = new Table(); $table->construct_header($lang->template_set); $table->construct_header($lang->controls, array("class" => "align_center", "width" => 150)); foreach ($template_sets as $set) { if ($set['sid'] == -1) { $table->construct_cell("<strong><a href=\"index.php?module=style-templates&sid=-1\">{$lang->global_templates}</a></strong><br /><small>{$lang->used_by_all_themes}</small>");
function check_wcf1($password, $user) { // WCF 1 has some special parameters, which are saved in the passwordconvert field $settings = my_unserialize($user['passwordconvert']); $user['passwordconvert'] = $settings['password']; if (wcf1_encrypt($user['passwordconvertsalt'] . wcf1_hash($password, $user['passwordconvertsalt'], $settings), $settings['encryption_method']) == $user['passwordconvert']) { return true; } return false; }
function m_get_new_report_func($xmlrpc_params) { global $input, $post, $thread, $forum, $pid, $tid, $fid, $modlogdata, $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $moderation, $parser; $input = Tapatalk_Input::filterXmlInput(array('start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT), $xmlrpc_params); mod_setup(); list($start, $limit) = process_page($input['start_num'], $input['last_num']); $query = $db->simple_select("moderators", "*", "(id='{$mybb->user['uid']}' AND isgroup = '0') OR (id='{$mybb->user['usergroup']}' AND isgroup = '1')"); $numreportedposts = 0; while ($m_forum = $db->fetch_array($query)) { // For Reported posts if ($m_forum['canmanagereportedposts'] == 1) { $flist_reports .= ",'{$m_forum['fid']}'"; $children = get_child_list($m_forum['fid']); if (!empty($children)) { $flist_reports .= ",'" . implode("','", $children) . "'"; } ++$numreportedposts; } } // Load global language phrases if ($mybb->usergroup['canmanagereportedcontent'] == 0) { error_no_permission(); } if ($numreportedposts == 0 && $mybb->usergroup['issupermod'] != 1) { error($lang->you_cannot_view_reported_posts); } $lang->load('report'); add_breadcrumb($lang->mcp_nav_report_center, "modcp.php?action=reports"); $perpage = $limit; if (!$perpage) { $perpage = 20; } $query = $db->simple_select("forums", "fid, name"); while ($forum = $db->fetch_array($query)) { $forums[$forum['fid']] = $forum['name']; } // Multipage if ($mybb->usergroup['cancp'] || $mybb->usergroup['issupermod']) { $query = $db->simple_select("reportedcontent", "COUNT(rid) AS count", "reportstatus ='0'"); $report_count = $db->fetch_field($query, "count"); } else { $query = $db->simple_select('reportedcontent', 'id3', "reportstatus='0' AND (type = 'post' OR type = '')"); $report_count = 0; while ($fid = $db->fetch_field($query, 'id3')) { if (is_moderator($fid, "canmanagereportedposts")) { ++$report_count; } } unset($fid); } $plugins->run_hooks("modcp_reports_start"); if ($flist_reports) { $wflist_reports = "WHERE r.id3 IN (0{$flist_reports})"; $tflist_reports = " AND r.id3 IN (0{$flist_reports})"; $flist_reports = " AND id3 IN (0{$flist_reports})"; } // Reports $reports = ''; $query = $db->query("\n\t\tSELECT r.*, u.username\n\t\tFROM " . TABLE_PREFIX . "reportedcontent r\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (r.uid = u.uid)\n\t\tWHERE r.reportstatus = '0'{$tflist_reports}\n\t\tORDER BY r.reports DESC\n\t\tLIMIT {$start}, {$perpage}\n\t"); if (!$db->num_rows($query)) { // No unread reports //eval("\$reports = \"".$templates->get("modcp_reports_noreports")."\";"); $reportcache = array(); } else { $reportedcontent = $cache->read("reportedcontent"); $reportcache = $usercache = $postcache = array(); while ($report = $db->fetch_array($query)) { if ($report['type'] == 'profile' || $report['type'] == 'reputation') { // Profile UID is in ID if (!isset($usercache[$report['id']])) { $usercache[$report['id']] = $report['id']; } // Reputation comment? The offender is the ID2 if ($report['type'] == 'reputation') { if (!isset($usercache[$report['id2']])) { $usercache[$report['id2']] = $report['id2']; } if (!isset($usercache[$report['id3']])) { // The user who was offended $usercache[$report['id3']] = $report['id3']; } } } else { if (!$report['type'] || $report['type'] == 'post') { // This (should) be a post $postcache[$report['id']] = $report['id']; } } // Lastpost info - is it missing (pre-1.8)? $lastposter = $report['uid']; if (!$report['lastreport']) { // Last reporter is our first reporter $report['lastreport'] = $report['dateline']; } if ($report['reporters']) { $reporters = my_unserialize($report['reporters']); if (is_array($reporters)) { $lastposter = end($reporters); } } if (!isset($usercache[$lastposter])) { $usercache[$lastposter] = $lastposter; } $report['lastreporter'] = $lastposter; $reportcache[$report['id']] = $report; } // Report Center gets messy // Find information about our users (because we don't log it when they file a report) if (!empty($usercache)) { $sql = implode(',', array_keys($usercache)); $query = $db->simple_select("users", "uid, username", "uid IN ({$sql})"); while ($user = $db->fetch_array($query)) { $usercache[$user['uid']] = $user; } } // Messy * 2 // Find out post information for our reported posts if (!empty($postcache)) { $sql = implode(',', array_keys($postcache)); $query = $db->query("\n\t\t\t\tSELECT p.pid, p.uid, p.username, p.tid, p.subject as postsubject,p.username as postusername,t.subject,t.fid,up.avatar,p.dateline as postdateline,\n\t\t\t\tp.message as postmessage,t.replies,t.views,IF(b.lifted > UNIX_TIMESTAMP() OR b.lifted = 0, 1, 0) as isbanned,p.visible\n\t\t\t\tFROM " . TABLE_PREFIX . "posts p\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (p.tid = t.tid)\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users up ON (p.uid = up.uid)\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "banned b ON (b.uid = p.uid)\n\t\t\t\tWHERE p.pid IN ({$sql})\n\t\t\t"); while ($post = $db->fetch_array($query)) { $can_delete = 0; $forumpermissions = forum_permissions($post['fid']); if ($mybb->user['uid'] == $post['uid']) { if ($forumpermissions['candeletethreads'] == 1 && $post['replies'] == 0) { $can_delete = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $post['replies'] > 0) { $can_delete = 1; } } } $can_delete = (is_moderator($post['fid'], "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0; $post_list[] = new xmlrpcval(array('forum_id' => new xmlrpcval($post['fid'], 'string'), 'forum_name' => new xmlrpcval(basic_clean($forums[$post['fid']]), 'base64'), 'topic_id' => new xmlrpcval($post['tid'], 'string'), 'topic_title' => new xmlrpcval($post['subject'], 'base64'), 'post_id' => new xmlrpcval($post['pid'], 'string'), 'post_title' => new xmlrpcval($post['postsubject'], 'base64'), 'post_author_name' => new xmlrpcval($post['postusername'], 'base64'), 'icon_url' => new xmlrpcval(absolute_url($post['avatar']), 'string'), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($post['postdateline']), 'dateTime.iso8601'), 'short_content' => new xmlrpcval(process_short_content($post['postmessage'], $parser), 'base64'), 'reply_number' => new xmlrpcval($post['replies'], 'int'), 'view_number' => new xmlrpcval($post['views'], 'int'), 'can_delete' => new xmlrpcval($can_delete, 'boolean'), 'can_approve' => new xmlrpcval(is_moderator($post['fid'], "canmanagethreads"), 'boolean'), 'can_move' => new xmlrpcval(is_moderator($post['fid'], "canmovetononmodforum"), 'boolean'), 'can_ban' => new xmlrpcval($mybb->usergroup['canmodcp'] == 1, 'boolean'), 'is_ban' => new xmlrpcval($post['isbanned'], 'boolean'), 'is_approved' => new xmlrpcval($post['visible'], 'boolean'), 'is_deleted' => new xmlrpcval(false, 'boolean'), 'reported_by_id' => new xmlrpcval($reportcache[$post['pid']]['uid']), 'reported_by_name' => new xmlrpcval($reportcache[$post['pid']]['username'], 'base64'), 'report_reason' => new xmlrpcval($reportcache[$post['pid']]['reason'], 'base64')), "struct"); } } $result = new xmlrpcval(array('total_report_num' => new xmlrpcval(count($reportcache), 'int'), 'reports' => new xmlrpcval($post_list, 'array')), 'struct'); return new xmlrpcresp($result); } }
$event['usertitle'] = htmlspecialchars_uni($event['usertitle']); if ($event['ignoretimezone'] == 0) { $offset = $event['timezone']; } else { $offset = $mybb->user['timezone']; } $event['starttime_user'] = $event['starttime'] + $offset * 3600; // Events over more than one day $time_period = ''; if ($event['endtime'] > 0 && $event['endtime'] != $event['starttime']) { $event['endtime_user'] = $event['endtime'] + $offset * 3600; $start_day = gmmktime(0, 0, 0, gmdate("n", $event['starttime_user']), gmdate("j", $event['starttime_user']), gmdate("Y", $event['starttime_user'])); $end_day = gmmktime(0, 0, 0, gmdate("n", $event['endtime_user']), gmdate("j", $event['endtime_user']), gmdate("Y", $event['endtime_user'])); $start_time = gmdate("Hi", $event['starttime_user']); $end_time = gmdate("Hi", $event['endtime_user']); $event['repeats'] = my_unserialize($event['repeats']); // Event only runs over one day if ($start_day == $end_day && $event['repeats']['repeats'] == 0) { $time_period = gmdate($mybb->settings['dateformat'], $event['starttime_user']); // Event runs all day if ($start_time != 00 && $end_time != 2359) { $time_period .= $lang->comma . gmdate($mybb->settings['timeformat'], $event['starttime_user']) . " - " . gmdate($mybb->settings['timeformat'], $event['endtime_user']); } else { $time_period .= $lang->comma . $lang->all_day; } } else { $time_period = gmdate($mybb->settings['dateformat'], $event['starttime_user']) . ", " . gmdate($mybb->settings['timeformat'], $event['starttime_user']); $time_period .= " - "; $time_period .= gmdate($mybb->settings['dateformat'], $event['endtime_user']) . ", " . gmdate($mybb->settings['timeformat'], $event['endtime_user']); } } else {
function get_announcement_list($foruminfo, $fid) { // Gather forum stats global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $time, $mybbgroups, $cache; $has_announcements = $has_modtools = false; $forum_stats = $cache->read("forumsdisplay"); $parser = new postParser(); if (is_array($forum_stats)) { if (!empty($forum_stats[-1]['modtools']) || !empty($forum_stats[$fid]['modtools'])) { // Mod tools are specific to forums, not parents $has_modtools = true; } if (!empty($forum_stats[-1]['announcements']) || !empty($forum_stats[$fid]['announcements'])) { // Global or forum-specific announcements $has_announcements = true; } } $parentlist = $foruminfo['parentlist']; $parentlistexploded = explode(",", $parentlist); foreach ($parentlistexploded as $mfid) { if (!empty($forum_stats[$mfid]['announcements'])) { $has_announcements = true; } } $announcementlist = $topic_list = array(); if ($has_announcements == true) { $limit = ''; $announcements = ''; if ($mybb->settings['announcementlimit']) { $limit = "LIMIT 0, " . $mybb->settings['announcementlimit']; } $sql = build_parent_list($fid, "fid", "OR", $parentlist); $time = TIME_NOW; $query = $db->query("\n\t\t\tSELECT a.*, u.username\n\t\t\tFROM " . TABLE_PREFIX . "announcements a\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=a.uid)\n\t\t\tWHERE a.startdate<='{$time}' AND (a.enddate>='{$time}' OR a.enddate='0') AND ({$sql} OR fid='-1')\n\t\t\tORDER BY a.startdate DESC {$limit}\n\t\t"); // See if this announcement has been read in our announcement array $cookie = array(); if (isset($mybb->cookies['mybb']['announcements'])) { $cookie = my_unserialize(stripslashes($mybb->cookies['mybb']['announcements'])); } $announcementlist = ''; $bgcolor = alt_trow(true); // Reset the trow colors while ($announcement = $db->fetch_array($query)) { if ($announcement['startdate'] > $mybb->user['lastvisit'] && !$cookie[$announcement['aid']]) { $new_class = ' class="subject_new"'; $folder = "newfolder"; } else { $new_class = ' class="subject_old"'; $folder = "folder"; } // Mmm, eat those announcement cookies if they're older than our last visit if (isset($cookie[$announcement['aid']]) && $cookie[$announcement['aid']] < $mybb->user['lastvisit']) { unset($cookie[$announcement['aid']]); } $announcement['announcementlink'] = get_announcement_link($announcement['aid']); $announcement['subject'] = $parser->parse_badwords($announcement['subject']); $announcement['subject'] = htmlspecialchars_uni($announcement['subject']); $postdate = my_date('relative', $announcement['startdate']); $announcement['profilelink'] = build_profile_link($announcement['username'], $announcement['uid']); $announcementlist[] = $announcement; } if (empty($cookie)) { // Clean up cookie crumbs my_setcookie('mybb[announcements]', 0, TIME_NOW - 60 * 60 * 24 * 365); } else { if (!empty($cookie)) { my_setcookie("mybb[announcements]", addslashes(serialize($cookie)), -1); } } foreach ($announcementlist as $announce) { $user_info = get_user($announce['uid']); $icon_url = absolute_url($user_info['avatar']); $xmlrpc_topic = new xmlrpcval(array('forum_id' => new xmlrpcval($fid, 'string'), 'topic_id' => new xmlrpcval('ann_' . $announce['aid'], 'string'), 'topic_title' => new xmlrpcval(basic_clean($announce['subject']), 'base64'), 'topic_author_id' => new xmlrpcval($announce['uid'], 'string'), 'topic_author_name' => new xmlrpcval(basic_clean($announce['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($icon_url), 'string'), 'reply_number' => new xmlrpcval(0, 'int'), 'view_number' => new xmlrpcval(0, 'int'), 'short_content' => new xmlrpcval(process_short_content($announce['message'], $parser), 'base64')), 'struct'); $topic_list[] = $xmlrpc_topic; } } $response = new xmlrpcval(array('total_topic_num' => new xmlrpcval(count($announcementlist), 'int'), 'forum_id' => new xmlrpcval($fid), 'forum_name' => new xmlrpcval(basic_clean($foruminfo['name']), 'base64'), 'can_post' => new xmlrpcval(false, 'boolean'), 'can_upload' => new xmlrpcval(false, 'boolean'), 'topics' => new xmlrpcval($topic_list, 'array')), 'struct'); return new xmlrpcresp($response); }
function get_upgrade_store($title) { global $db; $query = $db->simple_select("upgrade_data", "*", "title='" . $db->escape_string($title) . "'"); $data = $db->fetch_array($query); return my_unserialize($data['contents']); }
/** * Set a serialised cookie array. * * @param string The cookie identifier. * @param int The cookie content id. * @param string The value to set the cookie to. */ function my_set_array_cookie($name, $id, $value, $expires = "") { global $mybb; $cookie = $mybb->cookies['mybb']; $newcookie = my_unserialize($cookie[$name]); $newcookie[$id] = $value; $newcookie = serialize($newcookie); my_setcookie("mybb[{$name}]", addslashes($newcookie), $expires); // Make sure our current viarables are up-to-date as well $mybb->cookies['mybb'][$name] = $newcookie; }
$table->construct_header($lang->spam_username, array('width' => '20%')); $table->construct_header($lang->spam_email, array("class" => "align_center", 'width' => '20%')); $table->construct_header($lang->spam_ip, array("class" => "align_center", 'width' => '20%')); $table->construct_header($lang->spam_date, array("class" => "align_center", 'width' => '20%')); $table->construct_header($lang->spam_confidence, array("class" => "align_center", 'width' => '20%')); $query = $db->simple_select("spamlog", "*", $where, array('order_by' => $sortby, 'order_dir' => $order, 'limit_start' => $start, 'limit' => $perpage)); while ($row = $db->fetch_array($query)) { $username = htmlspecialchars_uni($row['username']); $email = htmlspecialchars_uni($row['email']); $ip_address = my_inet_ntop($db->unescape_binary($row['ipaddress'])); $dateline = ''; if ($row['dateline'] > 0) { $dateline = my_date('relative', $row['dateline']); } $confidence = '0%'; $data = @my_unserialize($row['data']); if (is_array($data) && !empty($data)) { if (isset($data['confidence'])) { $confidence = (double) $data['confidence'] . '%'; } } $table->construct_cell($username); $table->construct_cell($email); $table->construct_cell($ip_address); $table->construct_cell($dateline); $table->construct_cell($confidence); $table->construct_row(); } if ($table->num_rows() == 0) { $table->construct_cell($lang->no_spam_logs, array("colspan" => "5")); $table->construct_row();
/** * MyBB 1.8 * Copyright 2014 MyBB Group, All Rights Reserved * * Website: http://www.mybb.com * License: http://www.mybb.com/about/license * */ function task_delayedmoderation($task) { global $db, $lang, $plugins; require_once MYBB_ROOT . "inc/class_moderation.php"; $moderation = new Moderation(); require_once MYBB_ROOT . "inc/class_custommoderation.php"; $custommod = new CustomModeration(); // Iterate through all our delayed moderation actions $query = $db->simple_select("delayedmoderation", "*", "delaydateline <= '" . TIME_NOW . "'"); while ($delayedmoderation = $db->fetch_array($query)) { if (is_object($plugins)) { $args = array('task' => &$task, 'delayedmoderation' => &$delayedmoderation); $plugins->run_hooks('task_delayedmoderation', $args); } $tids = explode(',', $delayedmoderation['tids']); $input = my_unserialize($delayedmoderation['inputs']); if (my_strpos($delayedmoderation['type'], "modtool") !== false) { list(, $custom_id) = explode('_', $delayedmoderation['type'], 2); $custommod->execute($custom_id, $tids); } else { switch ($delayedmoderation['type']) { case "openclosethread": $closed_tids = $open_tids = array(); $query2 = $db->simple_select("threads", "tid,closed", "tid IN({$delayedmoderation['tids']})"); while ($thread = $db->fetch_array($query2)) { if ($thread['closed'] == 1) { $closed_tids[] = $thread['tid']; } else { $open_tids[] = $thread['tid']; } } if (!empty($closed_tids)) { $moderation->open_threads($closed_tids); } if (!empty($open_tids)) { $moderation->close_threads($open_tids); } break; case "deletethread": foreach ($tids as $tid) { $moderation->delete_thread($tid); } break; case "move": foreach ($tids as $tid) { $moderation->move_thread($tid, $input['new_forum']); } break; case "stick": $unstuck_tids = $stuck_tids = array(); $query2 = $db->simple_select("threads", "tid,sticky", "tid IN({$delayedmoderation['tids']})"); while ($thread = $db->fetch_array($query2)) { if ($thread['sticky'] == 1) { $stuck_tids[] = $thread['tid']; } else { $unstuck_tids[] = $thread['tid']; } } if (!empty($stuck_tids)) { $moderation->unstick_threads($stuck_tids); } if (!empty($unstuck_tids)) { $moderation->stick_threads($unstuck_tids); } break; case "merge": // $delayedmoderation['tids'] should be a single tid if (count($tids) != 1) { continue; } // explode at # sign in a url (indicates a name reference) and reassign to the url $realurl = explode("#", $input['threadurl']); $input['threadurl'] = $realurl[0]; // Are we using an SEO URL? if (substr($input['threadurl'], -4) == "html") { // Get thread to merge's tid the SEO way preg_match("#thread-([0-9]+)?#i", $input['threadurl'], $threadmatch); preg_match("#post-([0-9]+)?#i", $input['threadurl'], $postmatch); if ($threadmatch[1]) { $parameters['tid'] = $threadmatch[1]; } if ($postmatch[1]) { $parameters['pid'] = $postmatch[1]; } } else { // Get thread to merge's tid the normal way $splitloc = explode(".php", $input['threadurl']); $temp = explode("&", my_substr($splitloc[1], 1)); if (!empty($temp)) { for ($i = 0; $i < count($temp); $i++) { $temp2 = explode("=", $temp[$i], 2); $parameters[$temp2[0]] = $temp2[1]; } } else { $temp2 = explode("=", $splitloc[1], 2); $parameters[$temp2[0]] = $temp2[1]; } } if ($parameters['pid'] && !$parameters['tid']) { $post = get_post($parameters['pid']); $mergetid = $post['tid']; } else { if ($parameters['tid']) { $mergetid = $parameters['tid']; } } $mergetid = (int) $mergetid; $mergethread = get_thread($mergetid); if (!$mergethread['tid']) { continue; } if ($mergetid == $delayedmoderation['tids']) { // sanity check continue; } if ($input['subject']) { $subject = $input['subject']; } else { $query = $db->simple_select("threads", "subject", "tid='{$delayedmoderation['tids']}'"); $subject = $db->fetch_field($query, "subject"); } $moderation->merge_threads($mergetid, $delayedmoderation['tids'], $subject); break; case "removeredirects": foreach ($tids as $tid) { $moderation->remove_redirects($tid); } break; case "removesubscriptions": $moderation->remove_thread_subscriptions($tids, true); break; case "approveunapprovethread": $approved_tids = $unapproved_tids = array(); $query2 = $db->simple_select("threads", "tid,visible", "tid IN({$delayedmoderation['tids']})"); while ($thread = $db->fetch_array($query2)) { if ($thread['visible'] == 1) { $approved_tids[] = $thread['tid']; } else { $unapproved_tids[] = $thread['tid']; } } if (!empty($approved_tids)) { $moderation->unapprove_threads($approved_tids); } if (!empty($unapproved_tids)) { $moderation->approve_threads($unapproved_tids); } break; case "softdeleterestorethread": $delete_tids = $restore_tids = array(); $query2 = $db->simple_select("threads", "tid,visible", "tid IN({$delayedmoderation['tids']})"); while ($thread = $db->fetch_array($query2)) { if ($thread['visible'] == -1) { $restore_tids[] = $thread['tid']; } else { $delete_tids[] = $thread['tid']; } } if (!empty($restore_tids)) { $moderation->restore_threads($restore_tids); } if (!empty($delete_tids)) { $moderation->soft_delete_threads($delete_tids); } break; } } $db->delete_query("delayedmoderation", "did='{$delayedmoderation['did']}'"); } add_task_log($task, $lang->task_delayedmoderation_ran); }
$query = $db->query("\n\tSELECT u.*, u.username AS userusername, a.*, f.*\n\tFROM " . TABLE_PREFIX . "announcements a\n\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=a.uid)\n\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\tWHERE a.startdate<='{$time}' AND (a.enddate>='{$time}' OR a.enddate='0') AND a.aid='{$aid}'\n"); $announcementarray = $db->fetch_array($query); if (!$announcementarray) { error($lang->error_invalidannouncement); } // Gather usergroup data from the cache // Field => Array Key $data_key = array('title' => 'grouptitle', 'usertitle' => 'groupusertitle', 'stars' => 'groupstars', 'starimage' => 'groupstarimage', 'image' => 'groupimage', 'namestyle' => 'namestyle', 'usereputationsystem' => 'usereputationsystem'); foreach ($data_key as $field => $key) { $announcementarray[$key] = $groupscache[$announcementarray['usergroup']][$field]; } $announcementarray['dateline'] = $announcementarray['startdate']; $announcementarray['userusername'] = $announcementarray['username']; $announcement = build_postbit($announcementarray, 3); $announcementarray['subject'] = $parser->parse_badwords($announcementarray['subject']); $lang->forum_announcement = $lang->sprintf($lang->forum_announcement, htmlspecialchars_uni($announcementarray['subject'])); if ($announcementarray['startdate'] > $mybb->user['lastvisit']) { $setcookie = true; if (isset($mybb->cookies['mybb']['announcements']) && is_scalar($mybb->cookies['mybb']['announcements'])) { $cookie = my_unserialize(stripslashes($mybb->cookies['mybb']['announcements'])); if (isset($cookie[$announcementarray['aid']])) { $setcookie = false; } } if ($setcookie) { my_set_array_cookie('announcements', $announcementarray['aid'], $announcementarray['startdate'], -1); } } $plugins->run_hooks("announcements_end"); eval("\$forumannouncement = \"" . $templates->get("announcement") . "\";"); output_page($forumannouncement);
/** * Adds/Updates a Page/Tab to the permissions array in the adminoptions table * * @param string The name of the tab that is being affected * @param string The name of the page being affected (optional - if not specified, will affect everything under the specified tab) * @param integer Default permissions for the page (1 for allowed - 0 for disallowed - -1 to remove) */ function change_admin_permission($tab, $page = "", $default = 1) { global $db; $query = $db->simple_select("adminoptions", "uid, permissions", "permissions != ''"); while ($adminoption = $db->fetch_array($query)) { $adminoption['permissions'] = my_unserialize($adminoption['permissions']); if ($default == -1) { if (!empty($page)) { unset($adminoption['permissions'][$tab][$page]); } else { unset($adminoption['permissions'][$tab]); } } else { if (!empty($page)) { if ($adminoption['uid'] == 0) { $adminoption['permissions'][$tab][$page] = 0; } else { $adminoption['permissions'][$tab][$page] = $default; } } else { if ($adminoption['uid'] == 0) { $adminoption['permissions'][$tab]['tab'] = 0; } else { $adminoption['permissions'][$tab]['tab'] = $default; } } } $db->update_query("adminoptions", array('permissions' => $db->escape_string(my_serialize($adminoption['permissions']))), "uid='{$adminoption['uid']}'"); } }
/** * @param array $input * @param DefaultForm $form */ function user_search_conditions($input = array(), &$form) { global $mybb, $db, $lang; if (!$input) { $input = $mybb->input; } if (!is_array($input['conditions'])) { $input['conditions'] = my_unserialize($input['conditions']); } if (!is_array($input['profile_fields'])) { $input['profile_fields'] = my_unserialize($input['profile_fields']); } if (!is_array($input['fields'])) { $input['fields'] = my_unserialize($input['fields']); } $form_container = new FormContainer($lang->find_users_where); $form_container->output_row($lang->username_contains, "", $form->generate_text_box('conditions[username]', $input['conditions']['username'], array('id' => 'username')), 'username'); $form_container->output_row($lang->email_address_contains, "", $form->generate_text_box('conditions[email]', $input['conditions']['email'], array('id' => 'email')), 'email'); $options = array(); $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); while ($usergroup = $db->fetch_array($query)) { $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']); } $form_container->output_row($lang->is_member_of_groups, $lang->additional_user_groups_desc, $form->generate_select_box('conditions[usergroup][]', $options, $input['conditions']['usergroup'], array('id' => 'usergroups', 'multiple' => true, 'size' => 5)), 'usergroups'); $form_container->output_row($lang->website_contains, "", $form->generate_text_box('conditions[website]', $input['conditions']['website'], array('id' => 'website')) . " {$lang->or} " . $form->generate_check_box('conditions[website_blank]', 1, $lang->is_not_blank, array('id' => 'website_blank', 'checked' => $input['conditions']['website_blank'])), 'website'); $form_container->output_row($lang->icq_number_contains, "", $form->generate_text_box('conditions[icq]', $input['conditions']['icq'], array('id' => 'icq')) . " {$lang->or} " . $form->generate_check_box('conditions[icq_blank]', 1, $lang->is_not_blank, array('id' => 'icq_blank', 'checked' => $input['conditions']['icq_blank'])), 'icq'); $form_container->output_row($lang->aim_handle_contains, "", $form->generate_text_box('conditions[aim]', $input['conditions']['aim'], array('id' => 'aim')) . " {$lang->or} " . $form->generate_check_box('conditions[aim_blank]', 1, $lang->is_not_blank, array('id' => 'aim_blank', 'checked' => $input['conditions']['aim_blank'])), 'aim'); $form_container->output_row($lang->yahoo_contains, "", $form->generate_text_box('conditions[yahoo]', $input['conditions']['yahoo'], array('id' => 'yahoo')) . " {$lang->or} " . $form->generate_check_box('conditions[yahoo_blank]', 1, $lang->is_not_blank, array('id' => 'yahoo_blank', 'checked' => $input['conditions']['yahoo_blank'])), 'yahoo'); $form_container->output_row($lang->skype_contains, "", $form->generate_text_box('conditions[skype]', $input['conditions']['skype'], array('id' => 'skype')) . " {$lang->or} " . $form->generate_check_box('conditions[skype_blank]', 1, $lang->is_not_blank, array('id' => 'skype_blank', 'checked' => $input['conditions']['skype_blank'])), 'skype'); $form_container->output_row($lang->google_contains, "", $form->generate_text_box('conditions[google]', $input['conditions']['google'], array('id' => 'google')) . " {$lang->or} " . $form->generate_check_box('conditions[google_blank]', 1, $lang->is_not_blank, array('id' => 'google_blank', 'checked' => $input['conditions']['google_blank'])), 'google'); $form_container->output_row($lang->signature_contains, "", $form->generate_text_box('conditions[signature]', $input['conditions']['signature'], array('id' => 'signature')) . " {$lang->or} " . $form->generate_check_box('conditions[signature_blank]', 1, $lang->is_not_blank, array('id' => 'signature_blank', 'checked' => $input['conditions']['signature_blank'])), 'signature'); $form_container->output_row($lang->user_title_contains, "", $form->generate_text_box('conditions[usertitle]', $input['conditions']['usertitle'], array('id' => 'usertitle')) . " {$lang->or} " . $form->generate_check_box('conditions[usertitle_blank]', 1, $lang->is_not_blank, array('id' => 'usertitle_blank', 'checked' => $input['conditions']['usertitle_blank'])), 'usertitle'); $greater_options = array("greater_than" => $lang->greater_than, "is_exactly" => $lang->is_exactly, "less_than" => $lang->less_than); $form_container->output_row($lang->post_count_is, "", $form->generate_select_box('conditions[postnum_dir]', $greater_options, $input['conditions']['postnum_dir'], array('id' => 'numposts_dir')) . " " . $form->generate_text_box('conditions[postnum]', $input['conditions']['postnum'], array('id' => 'numposts')), 'numposts'); $form_container->output_row($lang->thread_count_is, "", $form->generate_select_box('conditions[threadnum_dir]', $greater_options, $input['conditions']['threadnum_dir'], array('id' => 'numthreads_dir')) . " " . $form->generate_text_box('conditions[threadnum]', $input['conditions']['threadnum'], array('id' => 'numthreads')), 'numthreads'); $form_container->output_row($lang->reg_in_x_days, '', $form->generate_text_box('conditions[regdate]', $input['conditions']['regdate'], array('id' => 'regdate')) . ' ' . $lang->days, 'regdate'); $form_container->output_row($lang->reg_ip_matches, $lang->wildcard, $form->generate_text_box('conditions[regip]', $input['conditions']['regip'], array('id' => 'regip')), 'regip'); $form_container->output_row($lang->last_known_ip, $lang->wildcard, $form->generate_text_box('conditions[lastip]', $input['conditions']['lastip'], array('id' => 'lastip')), 'lastip'); $form_container->output_row($lang->posted_with_ip, $lang->wildcard, $form->generate_text_box('conditions[postip]', $input['conditions']['postip'], array('id' => 'postip')), 'postip'); $form_container->end(); // Custom profile fields go here $form_container = new FormContainer($lang->custom_profile_fields_match); // Fetch custom profile fields $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); $profile_fields = array(); while ($profile_field = $db->fetch_array($query)) { if ($profile_field['required'] == 1) { $profile_fields['required'][] = $profile_field; } else { $profile_fields['optional'][] = $profile_field; } } output_custom_profile_fields($profile_fields['required'], $input['profile_fields'], $form_container, $form, true); output_custom_profile_fields($profile_fields['optional'], $input['profile_fields'], $form_container, $form, true); $form_container->end(); // Autocompletion for usernames echo ' <link rel="stylesheet" href="../jscripts/select2/select2.css"> <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script> <script type="text/javascript"> <!-- $("#username").select2({ placeholder: "' . $lang->search_for_a_user . '", minimumInputLength: 3, maximumSelectionSize: 3, multiple: false, ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper url: "../xmlhttp.php?action=get_users", dataType: \'json\', data: function (term, page) { return { query: term // search term }; }, results: function (data, page) { // parse the results into the format expected by Select2. // since we are using custom formatting functions we do not need to alter remote JSON data return {results: data}; } }, initSelection: function(element, callback) { var query = $(element).val(); if (query !== "") { $.ajax("../xmlhttp.php?action=get_users&getone=1", { data: { query: query }, dataType: "json" }).done(function(data) { callback(data); }); } } }); // --> </script>'; }
function get_announcement_func($xmlrpc_params) { global $db, $lang, $mybb, $position, $plugins, $pids, $groupscache; $input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::STRING, 'start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params); $parser = new Tapatalk_Parser(); // Load global language phrases $lang->load("announcements"); $aid = intval($_GET['aid']); // Get announcement fid $query = $db->simple_select("announcements", "fid", "aid='{$aid}'"); $announcement = $db->fetch_array($query); $plugins->run_hooks("announcements_start"); if (!$announcement) { error($lang->error_invalidannouncement); } // Get forum info $fid = $announcement['fid']; if ($fid > 0) { $forum = get_forum($fid); if (!$forum) { error($lang->error_invalidforum); } // Make navigation build_forum_breadcrumb($forum['fid']); // Permissions $forumpermissions = forum_permissions($forum['fid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { error_no_permission(); } // Check if this forum is password protected and we have a valid password check_forum_password($forum['fid']); } add_breadcrumb($lang->nav_announcements); $archive_url = build_archive_link("announcement", $aid); // Get announcement info $time = TIME_NOW; $query = $db->query("\n\t\tSELECT u.*, u.username AS userusername, a.*, f.*\n\t\tFROM " . TABLE_PREFIX . "announcements a\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=a.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\tWHERE a.startdate<='{$time}' AND (a.enddate>='{$time}' OR a.enddate='0') AND a.aid='{$aid}'\n\t"); $announcementarray = $db->fetch_array($query); if (!$announcementarray) { error($lang->error_invalidannouncement); } // Gather usergroup data from the cache // Field => Array Key $data_key = array('title' => 'grouptitle', 'usertitle' => 'groupusertitle', 'stars' => 'groupstars', 'starimage' => 'groupstarimage', 'image' => 'groupimage', 'namestyle' => 'namestyle', 'usereputationsystem' => 'usereputationsystem'); foreach ($data_key as $field => $key) { $announcementarray[$key] = $groupscache[$announcementarray['usergroup']][$field]; } $announcementarray['dateline'] = $announcementarray['startdate']; $announcementarray['userusername'] = $announcementarray['username']; $announcement = build_postbit($announcementarray, 3); $announcementarray['subject'] = $parser->parse_badwords($announcementarray['subject']); $lang->forum_announcement = $lang->sprintf($lang->forum_announcement, htmlspecialchars_uni($announcementarray['subject'])); if ($announcementarray['startdate'] > $mybb->user['lastvisit']) { $setcookie = true; if (isset($mybb->cookies['mybb']['announcements']) && is_scalar($mybb->cookies['mybb']['announcements'])) { $cookie = my_unserialize(stripslashes($mybb->cookies['mybb']['announcements'])); if (isset($cookie[$announcementarray['aid']])) { $setcookie = false; } } if ($setcookie) { my_set_array_cookie('announcements', $announcementarray['aid'], $announcementarray['startdate'], -1); } } $user_info = get_user($announcementarray['aid']); $icon_url = absolute_url($user_info['avatar']); // prepare xmlrpc return $xmlrpc_post = new xmlrpcval(array('topic_id' => new xmlrpcval('ann_' . $announcementarray['aid']), 'post_title' => new xmlrpcval(basic_clean($announcementarray['subject']), 'base64'), 'post_content' => new xmlrpcval(process_post($announcementarray['message'], $input['return_html']), 'base64'), 'post_author_id' => new xmlrpcval($announcementarray['uid']), 'post_author_name' => new xmlrpcval(basic_clean($announcementarray['username']), 'base64'), 'user_type' => new xmlrpcval(check_return_user_type($announcementarray['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($icon_url)), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($announcementarray['dateline']), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval($announcementarray['dateline'], 'string')), 'struct'); $result = array('total_post_num' => new xmlrpcval(1, 'int'), 'can_reply' => new xmlrpcval(false, 'boolean'), 'can_subscribe' => new xmlrpcval(false, 'boolean'), 'posts' => new xmlrpcval(array($xmlrpc_post), 'array')); return new xmlrpcresp(new xmlrpcval($result, 'struct')); }
function fetch_default_view($type) { global $mybb, $db; $query = $db->simple_select("adminoptions", "defaultviews", "uid='{$mybb->user['uid']}'"); $default_views = my_unserialize($db->fetch_field($query, "defaultviews")); if (!is_array($default_views)) { return false; } return $default_views[$type]; }
$msgprefix = "<strong>"; $msgsuffix = "</strong>"; } elseif ($message['status'] == 1) { $msgfolder = 'old_pm.png'; $msgalt = $lang->old_pm; } elseif ($message['status'] == 3) { $msgfolder = 're_pm.png'; $msgalt = $lang->reply_pm; } elseif ($message['status'] == 4) { $msgfolder = 'fw_pm.png'; $msgalt = $lang->fwd_pm; } $tofromuid = 0; if ($folder == 2 || $folder == 3) { // Sent Items or Drafts Folder Check $recipients = my_unserialize($message['recipients']); $to_users = $bcc_users = ''; if (count($recipients['to']) > 1 || count($recipients['to']) == 1 && isset($recipients['bcc']) && count($recipients['bcc']) > 0) { foreach ($recipients['to'] as $uid) { $profilelink = get_profile_link($uid); $user = $cached_users[$uid]; $username = format_name($user['username'], $user['usergroup'], $user['displaygroup']); if (!$user['username']) { $username = $lang->na; } eval("\$to_users .= \"" . $templates->get("private_multiple_recipients_user") . "\";"); } if (isset($recipients['bcc']) && is_array($recipients['bcc']) && count($recipients['bcc'])) { eval("\$bcc_users = \"" . $templates->get("private_multiple_recipients_bcc") . "\";"); foreach ($recipients['bcc'] as $uid) { $profilelink = get_profile_link($uid);
/** * Fetch a friendly repetition value for a specific event (Repeats every x months etc) * * @param array The array of the event * @return string The friendly repetition string */ function fetch_friendly_repetition($event) { global $lang; $monthnames = array("offset", $lang->month_1, $lang->month_2, $lang->month_3, $lang->month_4, $lang->month_5, $lang->month_6, $lang->month_7, $lang->month_8, $lang->month_9, $lang->month_10, $lang->month_11, $lang->month_12); if (!is_array($event['repeats'])) { $event['repeats'] = my_unserialize($event['repeats']); if (!is_array($event['repeats'])) { return false; } } $repeats = $event['repeats']; switch ($repeats) { case 1: if ($repeats['days'] <= 1) { return $lang->repeats_every_day; } return $lang->sprintf($lang->repeats_every_x_days, $event['repeats']['days']); break; case 2: return $lang->repeats_on_weekdays; break; case 3: if ($event['repeats']['days'] || count($event['repeats']['days']) == 7) { $weekdays = null; foreach ($event['repeats']['days'] as $id => $weekday) { $weekday_name = fetch_weekday_name($weekday); if ($event['repeats']['days'][$id + 1] && $weekday) { $weekdays .= $lang->comma; } else { if (!$event['repeats']['days'][$id + 1] && $weekday) { $weekdays .= " {$lang->and} "; } } $weekdays .= $weekday_name; } } if ($event['repeats']['weeks'] == 1) { if ($weekdays) { return $lang->sprintf($lang->every_week_on_days, $weekdays); } else { return $lang->sprintf($lang->every_week); } } else { if ($weekdays) { return $lang->sprintf($lang->every_x_weeks_on_days, $event['repeats']['weeks'], $weekdays); } else { return $lang->sprintf($lang->every_x_weeks, $event['repeats']['weeks']); } } break; case 4: if ($event['repeats']['day']) { if ($event['repeats']['months'] == 1) { return $lang->sprintf($lang->every_month_on_day, $event['repeats']['day']); } else { return $lang->sprintf($lang->every_x_months_on_day, $event['repeats']['day'], $event['repeats']['months']); } } else { $weekday_name = fetch_weekday_name($event['repeats']['weekday']); $occurance = "weekday_occurance_" . $event['repeats']['occurance']; $occurance = $lang->{$occurance}; if ($event['repeats']['months'] == 1) { return $lang->sprintf($lang->every_month_on_weekday, $occurance, $weekday_name); } else { return $lang->sprintf($lang->every_x_months_on_weekday, $occurance, $weekday_name, $event['repeats']['months']); } } break; case 5: $month = $monthnames[$event['repeats']['month']]; if ($event['repeats']['day']) { if ($event['repeats']['years'] == 1) { return $lang->sprintf($lang->every_year_on_day, $event['repeats']['day'], $month); } else { return $lang->sprintf($lang->every_x_years_on_day, $event['repeats']['day'], $month, $event['repeats']['years']); } } else { $weekday_name = fetch_weekday_name($event['repeats']['weekday']); $occurance = "weekday_occurance_" . $event['repeats']['occurance']; $occurance = $lang->{$occurance}; if ($event['repeats']['years'] == 1) { return $lang->sprintf($lang->every_year_on_weekday, $occurance, $weekday_name, $month); } else { return $lang->sprintf($lang->every_x_year_on_weekday, $occurance, $weekday_name, $month, $event['repeats']['years']); } } break; } }
$default_page->show_lockedout(); } $fail_check = 1; } } else { // No admin session - show message on the login screen if (!isset($mybb->cookies['adminsid'])) { $login_message = ""; } else { $query = $db->simple_select("adminsessions", "*", "sid='" . $db->escape_string($mybb->cookies['adminsid']) . "'"); $admin_session = $db->fetch_array($query); // No matching admin session found - show message on login screen if (!$admin_session['sid']) { $login_message = $lang->error_invalid_admin_session; } else { $admin_session['data'] = my_unserialize($admin_session['data']); // Fetch the user from the admin session $mybb->user = get_user($admin_session['uid']); // Login key has changed - force logout if (!$mybb->user['uid'] || $mybb->user['loginkey'] != $admin_session['loginkey']) { unset($mybb->user); } else { // Admin CP sessions 2 hours old are expired if ($admin_session['lastactive'] < TIME_NOW - 7200) { $login_message = $lang->error_admin_session_expired; $db->delete_query("adminsessions", "sid='" . $db->escape_string($mybb->cookies['adminsid']) . "'"); unset($mybb->user); } else { if (ADMIN_IP_SEGMENTS > 0) { $exploded_ip = explode(".", $ip_address); $exploded_admin_ip = explode(".", $admin_session['ip']);
/** * How do we want to name the admin user? */ function create_admin_user() { global $output, $mybb, $errors, $db, $lang; $mybb->input['action'] = "adminuser"; // If no errors then check for errors from last step if (!is_array($errors)) { if (empty($mybb->input['bburl'])) { $errors[] = $lang->config_step_error_url; } if (empty($mybb->input['bbname'])) { $errors[] = $lang->config_step_error_name; } if (is_array($errors)) { configure(); } } $output->print_header($lang->create_admin, 'admin'); echo <<<EOF \t\t<script type="text/javascript">\t \t\tfunction comparePass() \t\t{ \t\t\tvar parenttr = \$('#adminpass2').closest('tr'); \t\t\tvar passval = \$('#adminpass2').val(); \t\t\tif(passval && passval != \$('#adminpass').val()) \t\t\t{ \t\t\t\tif(!parenttr.next('.pass_peeker').length) \t\t\t\t{ \t\t\t\t\tparenttr.removeClass('last').after('<tr class="pass_peeker"><td colspan="2">{$lang->admin_step_nomatch}</td></tr>'); \t\t\t\t} \t\t\t} else { \t\t\t\tparenttr.addClass('last').next('.pass_peeker').remove(); \t\t\t} \t\t} \t\t</script> \t\t EOF; if (is_array($errors)) { $error_list = error_list($errors); echo $lang->sprintf($lang->admin_step_error_config, $error_list); $adminuser = $mybb->get_input('adminuser'); $adminemail = $mybb->get_input('adminemail'); } else { require MYBB_ROOT . 'inc/config.php'; $db = db_connection($config); echo $lang->admin_step_setupsettings; $adminuser = $adminemail = ''; $settings = file_get_contents(INSTALL_ROOT . 'resources/settings.xml'); $parser = new XMLParser($settings); $parser->collapse_dups = 0; $tree = $parser->get_tree(); $groupcount = $settingcount = 0; // Insert all the settings foreach ($tree['settings'][0]['settinggroup'] as $settinggroup) { $groupdata = array('name' => $db->escape_string($settinggroup['attributes']['name']), 'title' => $db->escape_string($settinggroup['attributes']['title']), 'description' => $db->escape_string($settinggroup['attributes']['description']), 'disporder' => (int) $settinggroup['attributes']['disporder'], 'isdefault' => $settinggroup['attributes']['isdefault']); $gid = $db->insert_query('settinggroups', $groupdata); ++$groupcount; foreach ($settinggroup['setting'] as $setting) { $settingdata = array('name' => $db->escape_string($setting['attributes']['name']), 'title' => $db->escape_string($setting['title'][0]['value']), 'description' => $db->escape_string($setting['description'][0]['value']), 'optionscode' => $db->escape_string($setting['optionscode'][0]['value']), 'value' => $db->escape_string($setting['settingvalue'][0]['value']), 'disporder' => (int) $setting['disporder'][0]['value'], 'gid' => $gid, 'isdefault' => 1); $db->insert_query('settings', $settingdata); $settingcount++; } } if (my_substr($mybb->get_input('bburl'), -1, 1) == '/') { $mybb->input['bburl'] = my_substr($mybb->get_input('bburl'), 0, -1); } $db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('bbname'))), "name='bbname'"); $db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('bburl'))), "name='bburl'"); $db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('websitename'))), "name='homename'"); $db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('websiteurl'))), "name='homeurl'"); $db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('cookiedomain'))), "name='cookiedomain'"); $db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('cookiepath'))), "name='cookiepath'"); $db->update_query("settings", array('value' => $db->escape_string($mybb->get_input('contactemail'))), "name='adminemail'"); $db->update_query("settings", array('value' => 'contact.php'), "name='contactlink'"); write_settings(); echo $lang->sprintf($lang->admin_step_insertesettings, $settingcount, $groupcount); // Save the acp pin $pin = addslashes($mybb->get_input('pin')); $file = @fopen(MYBB_ROOT . "inc/config.php", "a"); @fwrite($file, "/**\n * Admin CP Secret PIN\n * If you wish to request a PIN\n * when someone tries to login\n * on your Admin CP, enter it below.\n */\n\n\$config['secret_pin'] = '{$pin}';"); @fclose($file); include_once MYBB_ROOT . "inc/functions_task.php"; $tasks = file_get_contents(INSTALL_ROOT . 'resources/tasks.xml'); $parser = new XMLParser($tasks); $parser->collapse_dups = 0; $tree = $parser->get_tree(); $taskcount = 0; // Insert scheduled tasks foreach ($tree['tasks'][0]['task'] as $task) { $new_task = array('title' => $db->escape_string($task['title'][0]['value']), 'description' => $db->escape_string($task['description'][0]['value']), 'file' => $db->escape_string($task['file'][0]['value']), 'minute' => $db->escape_string($task['minute'][0]['value']), 'hour' => $db->escape_string($task['hour'][0]['value']), 'day' => $db->escape_string($task['day'][0]['value']), 'weekday' => $db->escape_string($task['weekday'][0]['value']), 'month' => $db->escape_string($task['month'][0]['value']), 'enabled' => $db->escape_string($task['enabled'][0]['value']), 'logging' => $db->escape_string($task['logging'][0]['value'])); $new_task['nextrun'] = fetch_next_run($new_task); $db->insert_query("tasks", $new_task); $taskcount++; } // For the version check task, set a random date and hour (so all MyBB installs don't query mybb.com all at the same time) $update_array = array('hour' => rand(0, 23), 'weekday' => rand(0, 6)); $db->update_query("tasks", $update_array, "file = 'versioncheck'"); echo $lang->sprintf($lang->admin_step_insertedtasks, $taskcount); $views = file_get_contents(INSTALL_ROOT . 'resources/adminviews.xml'); $parser = new XMLParser($views); $parser->collapse_dups = 0; $tree = $parser->get_tree(); $view_count = 0; // Insert admin views foreach ($tree['adminviews'][0]['view'] as $view) { $fields = array(); foreach ($view['fields'][0]['field'] as $field) { $fields[] = $field['attributes']['name']; } $conditions = array(); if (isset($view['conditions'][0]['condition']) && is_array($view['conditions'][0]['condition'])) { foreach ($view['conditions'][0]['condition'] as $condition) { if (!$condition['value']) { continue; } if ($condition['attributes']['is_serialized'] == 1) { $condition['value'] = my_unserialize($condition['value']); } $conditions[$condition['attributes']['name']] = $condition['value']; } } $custom_profile_fields = array(); if (isset($view['custom_profile_fields'][0]['field']) && is_array($view['custom_profile_fields'][0]['field'])) { foreach ($view['custom_profile_fields'][0]['field'] as $field) { $custom_profile_fields[] = $field['attributes']['name']; } } $new_view = array("uid" => 0, "type" => $db->escape_string($view['attributes']['type']), "visibility" => (int) $view['attributes']['visibility'], "title" => $db->escape_string($view['title'][0]['value']), "fields" => $db->escape_string(my_serialize($fields)), "conditions" => $db->escape_string(my_serialize($conditions)), "custom_profile_fields" => $db->escape_string(my_serialize($custom_profile_fields)), "sortby" => $db->escape_string($view['sortby'][0]['value']), "sortorder" => $db->escape_string($view['sortorder'][0]['value']), "perpage" => (int) $view['perpage'][0]['value'], "view_type" => $db->escape_string($view['view_type'][0]['value'])); $db->insert_query("adminviews", $new_view); $view_count++; } echo $lang->sprintf($lang->admin_step_insertedviews, $view_count); echo $lang->admin_step_createadmin; } echo $lang->sprintf($lang->admin_step_admintable, $adminuser, $adminemail); $output->print_footer('final'); }
$query = $db->query("\n\t\t\t\tSELECT u.uid, u.username, g.cancp, g.gid\n\t\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (((CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%')) OR u.usergroup = g.gid))\n\t\t\t\tWHERE u.uid='{$uid}'\n\t\t\t\tAND g.cancp=1\n\t\t\t\tLIMIT 1\n\t\t\t"); } $admin = $db->fetch_array($query); $permission_data = get_admin_permissions($uid, $admin['gid']); $title = $admin['username']; $page->add_breadcrumb_item($lang->user_permissions, "index.php?module=user-admin_permissions"); } elseif ($uid < 0) { $gid = abs($uid); $query = $db->simple_select("usergroups", "title", "gid='{$gid}'"); $group = $db->fetch_array($query); $permission_data = get_admin_permissions("", $gid); $title = $group['title']; $page->add_breadcrumb_item($lang->group_permissions, "index.php?module=user-admin_permissions&action=group"); } else { $query = $db->simple_select("adminoptions", "permissions", "uid='0'"); $permission_data = my_unserialize($db->fetch_field($query, "permissions")); $page->add_breadcrumb_item($lang->default_permissions); $title = $lang->default; } if ($uid != 0) { $page->add_breadcrumb_item($lang->edit_permissions . ": {$title}"); } $page->output_header($lang->edit_permissions); if ($uid != 0) { $sub_tabs['edit_permissions'] = array('title' => $lang->edit_permissions, 'link' => "index.php?module=user-admin_permissions&action=edit&uid={$uid}", 'description' => $lang->edit_permissions_desc); $page->output_nav_tabs($sub_tabs, 'edit_permissions'); } $form = new Form("index.php?module=user-admin_permissions&action=edit", "post", "edit"); echo $form->generate_hidden_field("uid", $uid); // Fetch all of the modules we have $modules_dir = MYBB_ADMIN_DIR . "modules";
$cache->update_default_theme(); } $theme = $cache->read('default_theme'); } else { $query = $db->simple_select("themes", "name, tid, properties", $loadstyle); $theme = $db->fetch_array($query); } // No theme was found - we attempt to load the master or any other theme if (!isset($theme['tid']) || isset($theme['tid']) && !$theme['tid']) { // Missing theme was from a user, run a query to set any users using the theme to the default $db->update_query('users', array('style' => 0), "style = '{$mybb->user['style']}'"); // Attempt to load the master or any other theme if the master is not available $query = $db->simple_select('themes', 'name, tid, properties, stylesheets', '', array('order_by' => 'tid', 'limit' => 1)); $theme = $db->fetch_array($query); } $theme = @array_merge($theme, my_unserialize($theme['properties'])); // Set the appropriate image language directory for this theme. // Are we linking to a remote theme server? if (my_substr($theme['imgdir'], 0, 7) == 'http://' || my_substr($theme['imgdir'], 0, 8) == 'https://') { // If a language directory for the current language exists within the theme - we use it if (!empty($mybb->user['language'])) { $theme['imglangdir'] = $theme['imgdir'] . '/' . $mybb->user['language']; } else { // Check if a custom language directory exists for this theme if (!empty($mybb->settings['bblanguage'])) { $theme['imglangdir'] = $theme['imgdir'] . '/' . $mybb->settings['bblanguage']; } else { $theme['imglangdir'] = $theme['imgdir']; } } } else {
function upgrade30_updatetheme() { global $db, $mybb, $output, $config; if (file_exists(MYBB_ROOT . $mybb->config['admin_dir'] . "/inc/functions_themes.php")) { require_once MYBB_ROOT . $mybb->config['admin_dir'] . "/inc/functions_themes.php"; } else { if (file_exists(MYBB_ROOT . "admin/inc/functions_themes.php")) { require_once MYBB_ROOT . "admin/inc/functions_themes.php"; } else { $output->print_error("Please make sure your admin directory is uploaded correctly."); } } $output->print_header("Updating Themes"); // New default user star $contents = "<p>Updating the Default user star image... "; $db->update_query("usergroups", array('starimage' => 'images/star.png'), "starimage='images/star.gif'"); $contents .= "done.</p>"; $contents .= "<p>Adding new stylesheets... "; $query = $db->simple_select("themes", "*", "tid='1'"); $theme = $db->fetch_array($query); $properties = my_unserialize($theme['properties']); $stylesheets = my_unserialize($theme['stylesheets']); $old = array("global.css", "usercp.css", "modcp.css", "star_ratings.css"); require_once MYBB_ROOT . "inc/class_xml.php"; $colors = @file_get_contents(INSTALL_ROOT . 'resources/mybb_theme.xml'); $parser = new XMLParser($colors); $tree = $parser->get_tree(); if (is_array($tree) && is_array($tree['theme'])) { if (is_array($tree['theme']['stylesheets'])) { foreach ($tree['theme']['stylesheets']['stylesheet'] as $stylesheet) { $new_stylesheet = array("name" => $db->escape_string($stylesheet['attributes']['name']), "tid" => 1, "attachedto" => $db->escape_string($stylesheet['attributes']['attachedto']), "stylesheet" => $db->escape_string($stylesheet['value']), "lastmodified" => TIME_NOW, "cachefile" => $db->escape_string($stylesheet['attributes']['name'])); if (in_array($new_stylesheet['name'], $old)) { // We can update the disporder here $properties['disporder'][$stylesheet['attributes']['name']] = $stylesheet['attributes']['disporder']; } else { // Insert new stylesheet $sid = $db->insert_query("themestylesheets", $new_stylesheet); $css_url = "css.php?stylesheet={$sid}"; $cached = cache_stylesheet($tid, $stylesheet['attributes']['name'], $stylesheet['value']); if ($cached) { $css_url = $cached; } // Add to display and stylesheet list $properties['disporder'][$stylesheet['attributes']['name']] = $stylesheet['attributes']['disporder']; $attachedto = $stylesheet['attributes']['attachedto']; if (!$attachedto) { $attachedto = "global"; } // private.php?compose,folders|usercp.php,global|global $attachedto = explode("|", $attachedto); foreach ($attachedto as $attached_file) { $attached_actions = explode(",", $attached_file); $attached_file = array_shift($attached_actions); if (count($attached_actions) == 0) { $attached_actions = array("global"); } foreach ($attached_actions as $action) { $stylesheets[$attached_file][$action][] = $css_url; } } } } } } $update_array = array("properties" => $db->escape_string(my_serialize($properties)), "stylesheets" => $db->escape_string(my_serialize($stylesheets))); $db->update_query("themes", $update_array, "tid = '1'"); $contents .= "done.</p>"; $contents .= "<p>Adding a disporder to all stylesheets... "; $query = $db->simple_select("themes", "tid,properties,stylesheets"); while ($theme = $db->fetch_array($query)) { $properties = my_unserialize($theme['properties']); $stylesheets = my_unserialize($theme['stylesheets']); // Disporder already set? if (isset($properties['disporder']) && !empty($properties['disporder'])) { continue; } $disporder = 1; // First go through all own stylesheets $query2 = $db->simple_select("themestylesheets", "name", "tid='{$theme['tid']}'"); while ($name = $db->fetch_field($query2, "name")) { $properties['disporder'][$name] = $disporder; $disporder++; } // Next go through the inherited stylesheets if (!empty($stylesheets)) { foreach ($stylesheets as $a) { foreach ($a as $file => $stylesheet) { // Don't ask me... Throws an error otherwise if (empty($stylesheet)) { continue; } foreach ($stylesheet as $s) { $name = pathinfo($s, PATHINFO_BASENAME); if (empty($properties['disporder']) || !in_array($name, array_keys($properties['disporder']))) { $properties['disporder'][$name] = $disporder; $disporder++; } } } } } $db->update_query("themes", array("properties" => $db->escape_string(my_serialize($properties))), "tid='{$theme['tid']}'"); } $contents .= "done.</p>"; $contents .= "<p>Adding the Default colors... "; $query = $db->simple_select("themes", "*", "tid = '2'"); // Someone deleted the default theme... :o if ($db->num_rows($query) != 0) { $theme = $db->fetch_array($query); $properties = my_unserialize($theme['properties']); $stylesheets = my_unserialize($theme['stylesheets']); $properties['editortheme'] = "mybb.css"; // New editor, so reset the theme for it $properties['tablespace'] = 5; $properties['borderwidth'] = 0; // Reset the logo if it's still the default one if ($properties['logo'] == "images/logo.gif") { $properties['logo'] = "images/logo.png"; } require_once MYBB_ROOT . "inc/class_xml.php"; $colors = @file_get_contents(INSTALL_ROOT . 'resources/mybb_theme_colors.xml'); $parser = new XMLParser($colors); $tree = $parser->get_tree(); if (is_array($tree) && is_array($tree['colors'])) { if (is_array($tree['colors']['scheme'])) { foreach ($tree['colors']['scheme'] as $tag => $value) { $exp = explode("=", $value['value']); $properties['colors'][$exp[0]] = $exp[1]; } } if (is_array($tree['colors']['stylesheets'])) { $count = count($properties['disporder']) + 1; foreach ($tree['colors']['stylesheets']['stylesheet'] as $stylesheet) { $new_stylesheet = array("name" => $db->escape_string($stylesheet['attributes']['name']), "tid" => 2, "attachedto" => $db->escape_string($stylesheet['attributes']['attachedto']), "stylesheet" => $db->escape_string($stylesheet['value']), "lastmodified" => TIME_NOW, "cachefile" => $db->escape_string($stylesheet['attributes']['name'])); $sid = $db->insert_query("themestylesheets", $new_stylesheet); $css_url = "css.php?stylesheet={$sid}"; $cached = cache_stylesheet($tid, $stylesheet['attributes']['name'], $stylesheet['value']); if ($cached) { $css_url = $cached; } // Add to display and stylesheet list $properties['disporder'][$stylesheet['attributes']['name']] = $count; $stylesheets[$stylesheet['attributes']['attachedto']]['global'][] = $css_url; ++$count; } } $update_array = array("properties" => $db->escape_string(my_serialize($properties)), "stylesheets" => $db->escape_string(my_serialize($stylesheets))); $db->update_query("themes", $update_array, "tid = '2'"); } } $contents .= "done.</p>"; $contents .= '<p>Re-caching and minifying existing stylesheets...</p>'; $num_re_cached = recache_existing_styles(); $contents .= "Done. {$num_re_cached} stylesheets re-cached."; echo $contents; $output->print_contents("<p>Click next to continue with the upgrade process.</p>"); if (!isset($config['secret_pin']) && is_writable(MYBB_ROOT . "inc/config.php")) { $output->print_footer("30_acppin"); } else { $output->print_footer("30_done"); } }