public function actionGetOnline()
{
$session_model = $this->_getSessionModel();
$bypass_privacy = $this->_getUserModel()->canBypassUserPrivacy();
$visitor = XenForo_Visitor::getInstance();
$online = $session_model->getSessionActivityRecords(array('cutOff' => array('>', $session_model->getOnlineStatusTimeout()), 'getInvisible' => $bypass_privacy, 'getUnconfirmed' => $bypass_privacy, 'forceInclude' => true), array('join' => XenForo_Model_Session::FETCH_USER, 'order' => 'view_date'));
$online = $session_model->addSessionActivityDetailsToList($online);
$totals = $session_model->getSessionActivityQuickList($visitor->toArray(), array('cutOff' => array('>', $session_model->getOnlineStatusTimeout())), $visitor['user_id'] ? $visitor->toArray() : null);
$online_users = array();
foreach ($online as $rec) {
if (!$rec['user_id']) {
continue;
}
$activity = '';
if ($rec['activityDescription'] instanceof XenForo_Phrase) {
$activity = $rec['activityDescription']->render();
}
$out = array('userid' => $rec['user_id'], 'username' => prepare_utf8_string(strip_tags($rec['username'])));
if ($activity != '') {
$out['activity'] = prepare_utf8_string($activity);
}
if ($visitor->getUserId() == $rec['user_id']) {
$out['me'] = true;
}
$avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($rec, 'm'));
if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) {
$avatarurl = '';
}
if ($avatarurl != '') {
$out['avatarurl'] = $avatarurl;
}
$online_users[] = $out;
}
return array('users' => $online_users, 'num_guests' => $totals['guests']);
}
public function actionGetSubscriptions()
{
$page = max($this->_input->filterSingle('page', XenForo_Input::UINT), 1);
$perpage = $this->_input->filterSingle('perpage', XenForo_Input::UINT);
if (!$perpage) {
$perpage = XenForo_Application::get('options')->discussionsPerPage;
}
$previewtype = $this->_input->filterSingle('previewtype', XenForo_Input::UINT);
if (!$previewtype) {
$previewtype = 2;
}
$visitor = XenForo_Visitor::getInstance();
$watch_model = $this->_getThreadWatchModel();
$threads = $watch_model->getThreadsWatchedByUser($visitor['user_id'], false, array('join' => XenForo_Model_Thread::FETCH_FORUM | XenForo_Model_Thread::FETCH_USER, 'readUserId' => $visitor['user_id'], 'page' => $page, 'perPage' => $perpage, 'postCountUserId' => $visitor['user_id'], 'permissionCombinationId' => $visitor['permission_combination_id']));
$threads = $watch_model->unserializePermissionsInList($threads, 'node_permission_cache');
$threads = $watch_model->getViewableThreadsFromList($threads);
$threads = $this->_prepareWatchedThreads($threads);
$total = $watch_model->countThreadsWatchedByUser($visitor['user_id']);
$this->canonicalizePageNumber($page, $perpage, $total, 'watched/threads/all');
$thread_data = array();
$thread_model = $this->_getThreadModel();
$post_model = $this->getModelFromCache('XenForo_Model_Post');
$preview_length = XenForo_Application::get('options')->discussionPreviewLength;
$formatter = XenForo_BbCode_Formatter_Base::create('XenForo_BbCode_Formatter_Text');
$parser = new XenForo_BbCode_Parser($formatter);
foreach ($threads as &$thread) {
$out = array('thread_id' => $thread['thread_id'], 'forum_title' => prepare_utf8_string($thread['node_title']), 'new_posts' => $thread['isNew'], 'forum_id' => $thread['node_id'], 'total_posts' => $thread['reply_count'] + 1, 'thread_title' => prepare_utf8_string(strip_tags($thread['title'])), 'post_lastposttime' => prepare_utf8_string(XenForo_Locale::dateTime($thread['last_post_date'], 'absolute')));
if ($previewtype == 1) {
$out += array('post_username' => prepare_utf8_string(strip_tags($thread['username'])), 'post_userid' => $thread['user_id']);
} else {
$out += array('post_username' => prepare_utf8_string(strip_tags($thread['last_post_username'])), 'post_userid' => $thread['last_post_user_id']);
}
$post = $post_model->getPostById($thread[$previewtype == 1 ? 'first_post_id' : 'last_post_id'], array('join' => XenForo_Model_Post::FETCH_USER));
$avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($post, 'm'));
if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) {
$avatarurl = '';
}
if ($avatarurl != '') {
$out['avatarurl'] = $avatarurl;
}
$preview = '';
if ($preview_length) {
$preview = $parser->render($post['message']);
}
if ($preview != '') {
$out['thread_preview'] = prepare_utf8_string(html_entity_decode($preview));
}
if ($thread['discussion_type'] == 'poll') {
$out['poll'] = true;
}
$thread_data[] = $out;
}
$out = array('threads' => $thread_data, 'total_threads' => $total);
return $out;
}
function do_get_profile()
{
global $vbulletin;
$userinfo = vB_Api::instance('user')->fetchUserInfo();
$cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('userid' => vB_Cleaner::TYPE_UINT));
if (!$userinfo['userid'] && !$cleaned['userid']) {
return json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN);
}
if (!$cleaned['userid']) {
$cleaned['userid'] = $userinfo['userid'];
}
$profile = vB_Api::instance('user')->fetchProfileInfo($cleaned['userid']);
if (empty($profile)) {
return json_error(ERR_NO_PERMISSION);
}
$values = array();
foreach ($profile['customFields']['default'] as $name => $value) {
$value = $value['val'];
if ($value === null) {
$value = '';
}
$values[] = array('name' => (string) new vB_Phrase('cprofilefield', $name), 'value' => $value);
}
$groups = array();
$groups[] = array('name' => 'about', 'values' => $values);
$out = array('username' => prepare_utf8_string($profile['username']), 'joindate' => prepare_utf8_string(fr_date($profile['joindate'])), 'posts' => $profile['posts'], 'online' => fr_get_user_online($profile['lastactivity']), 'avatar_upload' => $profile['canuseavatar'] ? true : false, 'groups' => $groups);
$avatarurl = vB_Library::instance('vb4_functions')->avatarUrl($cleaned['userid']);
if ($avatarurl) {
$out['avatarurl'] = $avatarurl;
}
cache_moderators();
cache_permissions($vbulletin->userinfo);
$canbanuser = ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or can_moderate(0, 'canbanusers'));
if ($canbanuser) {
$out['ban'] = true;
}
return $out;
}
function parse_post($text, $allowsmilie = false)
{
global $nuke_quotes, $fr_platform, $images;
$images = array();
if (is_ipb()) {
// Replace <br.*/> with \n
$text = preg_replace('#<br.*?/>#is', "\n", $text);
}
$smilies = false;
$v = process_input(array('smilies' => BOOLEAN));
if (isset($v['smilies'])) {
$smilies = $v['smilies'] === true;
}
// Trim each line
$lines = preg_split("/\n/", $text);
for ($i = 0; $i < count($lines); $i++) {
$lines[$i] = trim($lines[$i]);
}
$text = join("\n", $lines);
$text = prepare_utf8_string($text, false);
$bbcode = new StringParser_BBCode();
$bbcode->setGlobalCaseSensitive(false);
// Handle default BBCode
$bbcode->addCode('quote', 'callback_replace', 'handle_quotes', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
$bbcode->addCode('url', 'usecontent?', 'handle_url', array('usecontent_param' => 'default'), 'link', array('listitem', 'block', 'inline'), array('link'));
$bbcode->addCode('source', 'usecontent?', 'handle_url', array('usecontent_param' => 'default'), 'link', array('listitem', 'block', 'inline'), array('link'));
if (!is_mybb()) {
// myBB wonky attachment codes are already handled
$bbcode->addCode('attach', 'callback_replace', 'handle_attach', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
}
$bbcode->addCode('attach', 'callback_replace', 'handle_attach', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
$bbcode->addCode('img', 'callback_replace', 'handle_image', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
$bbcode->addCode('imgl', 'callback_replace', 'handle_image', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
$bbcode->addCode('imgr', 'callback_replace', 'handle_image', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
//$bbcode->addCode('spoiler', 'callback_replace', 'handle_spoiler', array(), 'inline',
//array('listitem', 'block', 'inline', 'link'), array(''));
$bbcode->addCode('b', 'callback_replace', 'handle_bbcode_bold', array('usecontent_param' => array('default')), 'inline', array('listitem', 'block', 'inline', 'link'), array());
$bbcode->addCode('i', 'callback_replace', 'handle_bbcode_italic', array('usecontent_param' => array('default')), 'inline', array('listitem', 'block', 'inline', 'link'), array());
$bbcode->addCode('color', 'callback_replace', 'handle_bbcode_color', array('usecontent_param' => array('default')), 'inline', array('listitem', 'block', 'inline', 'link'), array());
$bbcode->setCodeFlag('color', 'closetag', BBCODE_CLOSETAG_MUSTEXIST);
// Video Link BBCode
$bbcode->addCode('yt', 'callback_replace', 'fr_handle_youtube', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
$bbcode->addCode('youtube', 'callback_replace', 'fr_handle_youtube', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
$bbcode->addCode('video', 'callback_replace', 'handle_video', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
$bbcode->addCode('ame', 'callback_replace', 'handle_video', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
$bbcode->addCode('media', 'callback_replace', is_xen() ? 'handle_xen_media' : 'handle_video', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
$bbcode->addCode('tex', 'callback_replace', 'fr_handle_tex', array(), 'inline', array('listitem', 'block', 'inline', 'link'), array(''));
if (function_exists('fr_branded_bbcode_handler')) {
@fr_branded_bbcode_handler($bbcode);
}
if (is_mybb()) {
$bbcode->setMixedAttributeTypes(true);
}
$nuked_quotes = $text;
$text = htmlspecialchars_uni($text);
$nuke_quotes = true;
$nuked_quotes = $bbcode->parse($nuked_quotes);
if (is_ipb()) {
$nuked_quotes = ipb_handle_attachments($nuked_quotes);
}
$nuke_quotes = false;
$text = $bbcode->parse($text);
if (is_ipb()) {
$text = ipb_handle_attachments($text);
}
// Snag out images
preg_match_all('#\\[IMG\\](.*?)\\[/IMG\\]#is', $text, $matches);
$text = preg_replace("#\\[IMG\\](.*?)\\[/IMG\\]#is", '', $text);
$nuked_quotes = preg_replace("#\\[IMG\\](.*?)\\[/IMG\\]#is", '', $nuked_quotes);
if ($smilies) {
if (is_vb()) {
global $vbulletin;
$parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$text = $parser->parse_smilies($text, false);
$text = preg_replace_callback('#img src="(.*?)"#is', parse_post_callback, $text);
}
}
$text = preg_replace("#\n\n\n+#", "\n\n", $text);
$text = preg_replace("#\n#", "<br/>", $text);
$text = remove_bbcode($text);
$nuked_quotes = preg_replace("#\n\n\n+#", "\n\n", $nuked_quotes);
$nuked_quotes = remove_bbcode($nuked_quotes);
return array($text, $nuked_quotes, $images);
}
function do_get_forum_data()
{
global $vbulletin, $db, $show, $vbphrase;
$vbulletin->input->clean_array_gpc('r', array('forumids' => TYPE_STR));
if (!$vbulletin->GPC['forumids'] || strlen($vbulletin->GPC['forumids']) == 0) {
return array('forums' => array());
}
cache_ordered_forums(1, 1);
$forumids = split(',', $vbulletin->GPC['forumids']);
$forum_data = array();
foreach ($forumids as $forumid) {
$foruminfo = fetch_foruminfo($forumid);
$type = 'old';
if (is_array($foruminfo) and !empty($foruminfo['link'])) {
// see if it is a redirect
$type = 'link';
} else {
if ($vbulletin->userinfo['lastvisitdate'] == -1) {
$type = 'new';
} else {
if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) {
$userlastvisit = !empty($foruminfo['forumread']) ? $foruminfo['forumread'] : TIMENOW - $vbulletin->options['markinglimit'] * 86400;
} else {
$forumview = intval(fetch_bbarray_cookie('forum_view', $foruminfo['forumid']));
//use which one produces the highest value, most likely cookie
$userlastvisit = $forumview > $vbulletin->userinfo['lastvisit'] ? $forumview : $vbulletin->userinfo['lastvisit'];
}
if ($foruminfo['lastpost'] and $userlastvisit < $foruminfo['lastpost']) {
$type = 'new';
} else {
$type = 'old';
}
}
}
// If this forum has a password, check to see if we have
// the proper cookie. If so, don't prompt for one
$password = false;
if ($foruminfo['password']) {
$pw_ok = verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false);
if (!$pw_ok) {
$password = true;
}
}
$out = array('id' => $foruminfo['forumid'], 'new' => $type == 'new' ? true : false, 'name' => prepare_utf8_string(strip_tags($foruminfo['title'])), 'password' => $password);
$icon = fr_get_forum_icon($foruminfo['forumid'], $foruminfo == 'new');
if ($icon) {
$out['icon'] = $icon;
}
if ($foruminfo['link'] != '') {
$link = fr_fix_url($foruminfo['link']);
if (is_int($link)) {
$out['id'] = $link;
} else {
$out['link'] = $link;
}
$linkicon = fr_get_forum_icon($foruminfo['forumid'], false, true);
if ($linkicon) {
$out['icon'] = $linkicon;
}
}
if ($foruminfo['description'] != '') {
$desc = prepare_utf8_string(strip_tags($foruminfo['description']));
if (strlen($desc) > 0) {
$out['desc'] = $desc;
}
}
$forum_data[] = $out;
}
return array('forums' => $forum_data);
}
$msgargs = array(base64_encode(prepare_utf8_string($vbulletin->options['bbtitle'])));
$pmpart = 0;
if ($haspm) {
if (count($pms) > 1) {
$msgargs[] = base64_encode(count($pms));
$pmpart = 2;
} else {
$first_pm = array_shift($pms);
$msgargs[] = base64_encode(prepare_utf8_string($first_pm['fromusername']));
$pmpart = 1;
}
}
$subpart = 0;
if ($hassub) {
if (count($subs) > 1) {
$msgargs[] = base64_encode(count($subs));
$subpart = 2;
} else {
$first_sub = array_shift($subs);
$msgargs[] = base64_encode(prepare_utf8_string($first_sub['title']));
$subpart = 1;
}
}
$out_msg[] = array('u' => $user['fr_username'], 'b' => $user['b'], 'pm' => $haspm, 'subs' => $hassub, 'm' => "__FR_PUSH_{$pmpart}PM_{$subpart}SUB", 'a' => $msgargs, 't' => $total);
}
// Send our update to Forum Runner central push server. Silently fail if
// necessary.
if (count($out_msg) > 0) {
$snoopy = new snoopy();
$snoopy->submit('http://push.forumrunner.com/push.php', array('k' => $mykey, 'm' => serialize($out_msg), 'v' => $fr_version, 'p' => $fr_platform));
}
function do_get_pm()
{
global $vbulletin, $db;
require_once DIR . '/includes/class_postbit.php';
require_once DIR . '/includes/functions_bigthree.php';
$vbulletin->input->clean_array_gpc('r', array('pmid' => TYPE_UINT, 'showhistory' => TYPE_BOOL));
($hook = vBulletinHook::fetch_hook('private_showpm_start')) ? eval($hook) : false;
$pm = $db->query_first_slave("\n\t\tSELECT\n\t\t\tpm.*, pmtext.*,\n\t\t\t" . iif($vbulletin->options['privallowicons'], "icon.title AS icontitle, icon.iconpath,") . "\n\t\t\tIF(ISNULL(pmreceipt.pmid), 0, 1) AS receipt, pmreceipt.readtime, pmreceipt.denied,\n\t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight\n\t\tFROM " . TABLE_PREFIX . "pm AS pm\n\t\tLEFT JOIN " . TABLE_PREFIX . "pmtext AS pmtext ON(pmtext.pmtextid = pm.pmtextid)\n\t\t" . iif($vbulletin->options['privallowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = pmtext.iconid)") . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "pmreceipt AS pmreceipt ON(pmreceipt.pmid = pm.pmid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = pmtext.fromuserid)\n\t\tWHERE pm.userid=" . $vbulletin->userinfo['userid'] . " AND pm.pmid=" . $vbulletin->GPC['pmid'] . "\n\t");
if (!$pm) {
json_error(strip_tags(fetch_error('invalidid', $vbphrase['private_message'], $vbulletin->options['contactuslink'])));
}
$folderjump = construct_folder_jump(0, $pm['folderid']);
// do read receipt
$show['receiptprompt'] = $show['receiptpopup'] = false;
if ($pm['receipt'] == 1 and $pm['readtime'] == 0 and $pm['denied'] == 0) {
if ($permissions['pmpermissions'] & $vbulletin->bf_ugp_pmpermissions['candenypmreceipts']) {
// set it to denied just now as some people might have ad blocking that stops the popup appearing
$show['receiptprompt'] = $show['receiptpopup'] = true;
$receipt_question_js = addslashes_js(construct_phrase($vbphrase['x_has_requested_a_read_receipt'], unhtmlspecialchars($pm['fromusername'])), '"');
$db->shutdown_query("UPDATE " . TABLE_PREFIX . "pmreceipt SET denied = 1 WHERE pmid = {$pm['pmid']}");
} else {
// they can't deny pm receipts so do not show a popup or prompt
$db->shutdown_query("UPDATE " . TABLE_PREFIX . "pmreceipt SET readtime = " . TIMENOW . " WHERE pmid = {$pm['pmid']}");
}
} else {
if ($pm['receipt'] == 1 and $pm['denied'] == 1) {
$show['receiptprompt'] = true;
}
}
$postbit_factory = new vB_Postbit_Factory();
$postbit_factory->registry =& $vbulletin;
$postbit_factory->cache = array();
$postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$postbit_obj =& $postbit_factory->fetch_postbit('pm');
$pm_postbit = $pm;
$postbit = $postbit_obj->construct_postbit($pm_postbit);
// update message to show read
if ($pm['messageread'] == 0) {
$db->shutdown_query("UPDATE " . TABLE_PREFIX . "pm SET messageread=1 WHERE userid=" . $vbulletin->userinfo['userid'] . " AND pmid={$pm['pmid']}");
if ($pm['folderid'] >= 0) {
$userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
$userdm->set_existing($vbulletin->userinfo);
$userdm->set('pmunread', 'IF(pmunread >= 1, pmunread - 1, 0)', false);
$userdm->save(true, true);
unset($userdm);
}
}
$cclist = array();
$bcclist = array();
$ccrecipients = '';
$bccrecipients = '';
$touser = unserialize($pm['touserarray']);
if (!is_array($touser)) {
$touser = array();
}
foreach ($touser as $key => $item) {
if (is_array($item)) {
foreach ($item as $subkey => $subitem) {
$userinfo = array('userid' => $subkey, 'username' => $subitem);
$templater = vB_Template::create('pm_messagelistbit_user');
$templater->register('userinfo', $userinfo);
${$key . 'list'}[] = $templater->render();
}
} else {
$userinfo = array('username' => $item, 'userid' => $key);
$templater = vB_Template::create('pm_messagelistbit_user');
$templater->register('userinfo', $userinfo);
$bcclist[] = $templater->render();
}
}
if (count($cclist) > 1 or is_array($touser['cc']) and !in_array($vbulletin->userinfo['username'], $touser['cc']) or $vbulletin->userinfo['userid'] == $pm['fromuserid'] and $pm['folderid'] == -1) {
if (!empty($cclist)) {
$ccrecipients = implode("\r\n", $cclist);
}
if (!empty($bcclist) and $vbulletin->userinfo['userid'] == $pm['fromuserid'] and $pm['folderid'] == -1) {
if (empty($cclist) and count($bcclist == 1)) {
$ccrecipients = implode("\r\n", $bcclist);
} else {
$bccrecipients = implode("\r\n", $bcclist);
}
}
$show['recipients'] = true;
}
$pm['senddate'] = vbdate($vbulletin->options['dateformat'], $pm['dateline']);
$pm['sendtime'] = vbdate($vbulletin->options['timeformat'], $pm['dateline']);
list($text, $nuked_quotes, $images) = parse_post($pm['message'], $vbulletin->options['privallowsmilies'] && $usesmiles);
$fr_images = array();
foreach ($images as $image) {
$fr_images[] = array('img' => $image);
}
// Avatar work
$avatarurl = '';
if ($pm_postbit['avatarurl']) {
$avatarurl = process_avatarurl($pm_postbit['avatarurl']);
}
$to_users = unserialize($pm['touserarray']);
$users = array();
if ($to_users !== false) {
if ($to_users['cc']) {
$users = $to_users['cc'];
} else {
$users = $to_users;
}
}
$out = array('id' => $pm['pmid'], 'pm_unread' => $pm['messageread'] == 0, 'username' => prepare_utf8_string(strip_tags($pm['fromusername'])), 'to_usernames' => prepare_utf8_string(implode('; ', $users)), 'userid' => $pm['fromuserid'], 'title' => prepare_utf8_string($pm['title']), 'online' => fetch_online_status(fetch_userinfo($pm['fromuserid']), false), 'message' => $text, 'quotable' => $nuked_quotes, 'fr_images' => $fr_images, 'pm_timestamp' => prepare_utf8_string(date_trunc($pm['senddate'] . ' ' . $pm['sendtime'])));
if ($avatarurl != '') {
$out['avatarurl'] = $avatarurl;
}
return $out;
}
function do_search()
{
global $vbulletin, $db, $search_type, $globals, $current_user;
$args = process_input(array('forumid' => INTEGER));
$vbulletin->input->clean_array_gpc('r', array('pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT));
if (!$current_user->hasPermission('forumpermissions', 'cansearch')) {
$threads[]['error'] = ERR_NO_PERMISSION;
return array('threads' => $threads, 'total_threads' => 1);
}
if (!$vbulletin->options['enablesearches']) {
$threads[]['error'] = strip_tags(fetch_error('searchdisabled'));
return array('threads' => $threads, 'total_threads' => 1);
}
if ($args['forumid']) {
$vbulletin->GPC['forumchoice'][] = $args['forumid'];
}
$vbulletin->GPC['childforums'] = true;
$vbulletin->GPC_exists['childforums'] = true;
$vbulletin->GPC['prefixchoice'] = array();
$vbulletin->GPC_exists['prefixchoice'] = true;
$searchid = -1;
$errors = array();
// Disable NoSpam!
$vbulletin->options['nospam_onoff'] = false;
do_process_search($searchid, $errors);
if (is_array($errors)) {
// Detect and use Sphinx if its installed
if ($errors['sphinx']) {
$forumrunner = true;
($hook = vBulletinHook::fetch_hook('search_start')) ? eval($hook) : false;
}
if (count($errors) > 0) {
// Errors Print them out as non-clickable rows.
foreach (array_map('fetch_error', $errors) as $error) {
$threads[]['error'] = prepare_utf8_string(strip_tags($error));
}
return array('threads' => $threads, 'total_threads' => count($threads));
}
}
return do_showresults($searchid, $vbulletin->GPC['pagenumber'], $vbulletin->GPC['perpage']);
}
function do_get_post()
{
global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $postinfo;
$vbulletin->input->clean_array_gpc('r', array('type' => TYPE_STR));
$type = 'html';
if ($vbulletin->GPC['type']) {
$type = $vbulletin->GPC['type'];
}
if (!$postinfo['postid']) {
standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']));
}
if ((!$postinfo['visible'] or $postinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) {
standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink']));
}
if ((!$threadinfo['visible'] or $threadinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) {
standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink']));
}
$forumperms = fetch_permissions($threadinfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
json_error(ERR_NO_PERMISSION);
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
json_error(ERR_NO_PERMISSION);
}
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
$postbit_factory = new vB_Postbit_Factory();
$postbit_factory->registry =& $vbulletin;
$postbit_factory->forum =& $foruminfo;
$postbit_factory->cache = array();
$postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$post = $db->query_first_slave("\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t user.*, userfield.*, usertextfield.*,\n\t " . iif($foruminfo['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t IF(user.displaygroupid=0, user.usergroupid, user.displaygroupid) AS displaygroupid, infractiongroupid,\n\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline, editlog.reason AS edit_reason, editlog.hashistory,\n\t\tpostparsed.pagetext_html, postparsed.hasimages,\n\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight\n\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t\t" . iif($foruminfo['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t\t{$hook_query_joins}\n\t\tWHERE post.postid = {$postid}\n ");
$types = vB_Types::instance();
$contenttypeid = $types->getContentTypeID('vBForum_Post');
$attachments = $db->query_read_slave("\n\t\tSELECT\n\t\t\tfd.thumbnail_dateline, fd.filesize, IF(fd.thumbnail_filesize > 0, 1, 0) AS hasthumbnail, fd.thumbnail_filesize,\n\t\t\ta.dateline, a.state, a.attachmentid, a.counter, a.contentid AS postid, a.filename,\n\t\t\ttype.contenttypes\n\t\tFROM " . TABLE_PREFIX . "attachment AS a\n\t\tINNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (a.filedataid = fd.filedataid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "attachmenttype AS type ON (fd.extension = type.extension)\n\t\tWHERE\n\t\t\ta.contentid = {$postid}\n\t\t\t\tAND\n\t\t\ta.contenttypeid = {$contenttypeid}\n\t\tORDER BY a.attachmentid\n\t");
$fr_images = array();
while ($attachment = $db->fetch_array($attachments)) {
$lfilename = strtolower($attachment['filename']);
if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
$tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']);
if ($vbulletin->options['attachthumbs']) {
$tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1';
}
$fr_images[] = $tmp;
}
}
$postbits = '';
$postbit_obj =& $postbit_factory->fetch_postbit('post');
$postbit_obj->cachable = $post_cachable;
$postbits .= $postbit_obj->construct_postbit($post);
if ($type == 'html') {
$bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$vbulletin->templatecache['bbcode_quote'] = '
<div style=\\"margin:0px; margin-top:0px;\\">
<table cellpadding=\\"$stylevar[cellpadding]\\" cellspacing=\\"0\\" border=\\"0\\" width=\\"100%\\">
<tr>
<td class=\\"alt2\\" style=\\"border:1px solid #777777;\\">
".(($show[\'username\']) ? ("
<div>
" . construct_phrase("$vbphrase[originally_posted_by_x]", "$username") . "
</div>
<div style=\\"font-style:italic\\">$message</div>
") : ("
$message
"))."
</td>
</tr>
</table>
</div>
';
$css = <<<EOF
<style type="text/css">
body {
margin: 0;
padding: 3;
font: 13px Arial, Helvetica, sans-serif;
}
.alt2 {
background-color: #e6edf5;
font: 13px Arial, Helvetica, sans-serif;
}
html {
-webkit-text-size-adjust: none;
}
</style>
EOF;
$html = $css . $bbcode_parser->parse($post['pagetext']);
$image = '';
} else {
if ($type == 'facebook') {
$html = fetch_censored_text(strip_bbcode(strip_quotes($post['pagetext']), false, true));
if (count($fr_images)) {
$image = $fr_images[0]['img'];
}
}
}
// Figure out if we can post
$canpost = true;
if ($threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
$canpost = false;
}
if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) {
$canpost = false;
}
if (!$threadinfo['open']) {
if (!can_moderate($threadinfo['forumid'], 'canopenclose')) {
$canpost = false;
}
}
if (($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) {
$canpost = false;
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and $vbulletin->userinfo['userid'] == $threadinfo['postuserid']) {
$canpost = false;
}
// Avatar work
$avatarurl = '';
if ($post['avatarurl']) {
$avatarurl = process_avatarurl($post['avatarurl']);
}
// Get post date/time
$postdate = vbdate($vbulletin->options['dateformat'], $post['dateline'], 1);
$posttime = vbdate($vbulletin->options['timeformat'], $post['dateline']);
// Parse the post for quotes and inline images
list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $post['allowsmilie'] && $usesmilies);
$out = array('html' => prepare_utf8_string($html), 'post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'forum_title' => prepare_utf8_string($foruminfo['title_clean']), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'] ? (string) $post['posts'] : '0', 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'canpost' => $canpost, 'quotable' => $nuked_quotes, 'canattach' => $forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid'], 'edittext' => prepare_utf8_string($post['pagetext']));
if ($avatarurl != '') {
$out['avatarurl'] = $avatarurl;
}
if ($post['editlink']) {
$out['canedit'] = true;
}
if ($image != '') {
$out['image'] = $image;
}
return $out;
}
public function actionGetPost()
{
// Whole function is an ugly hack. Revisit later.
global $dependencies, $zresponse;
$postid = $this->_input->filterSingle('postid', XenForo_Input::UINT);
$type = $this->_input->filterSingle('type', XenForo_Input::STRING);
$signature = $this->_input->filterSingle('signature', XenForo_Input::UINT);
if (!$type || $type == '') {
$type = 'html';
}
$user_model = $this->getModelFromCache('XenForo_Model_User');
$session_model = $this->getModelFromCache('XenForo_Model_Session');
$thread_model = $this->getModelFromCache('XenForo_Model_Thread');
$forum_model = $this->getModelFromCache('XenForo_Model_Forum');
$attachment_model = $this->getModelFromCache('XenForo_Model_Attachment');
$helper = $this->getHelper('ForumThreadPost');
try {
list($post, $thread, $forum) = $helper->assertPostValidAndViewable($postid);
} catch (Exception $e) {
json_error($e->getControllerResponse()->errorText->render());
}
$post_model = $this->_getPostModel();
$post = $post_model->getPostById($postid, array('join' => XenForo_Model_Post::FETCH_THREAD | XenForo_Model_Post::FETCH_FORUM | XenForo_Model_Post::FETCH_USER | XenForo_Model_Post::FETCH_USER_PROFILE));
$user = $user_model->getUserById($post['user_id']);
$online_info = $session_model->getSessionActivityRecords(array('user_id' => $post['user_id'], 'cutOff' => array('>', $session_model->getOnlineStatusTimeout())));
$is_online = false;
if (count($online_info) == 1) {
$is_online = true;
}
$avatarurl = '';
if ($user !== false) {
$avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm'));
if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) {
$avatarurl = '';
}
}
$attachments = $attachment_model->getAttachmentsByContentId('post', $postid);
$message = fr_strip_smilies($this, $post['message']);
list($text, $nuked_quotes, $images) = parse_post($message, true, array());
$image = '';
if ($type == 'html') {
$css = <<<EOF
<style type="text/css">
body {
margin: 0;
padding: 3;
font: 13px Arial, Helvetica, sans-serif;
}
.alt2 {
background-color: #e6edf5;
font: 13px Arial, Helvetica, sans-serif;
}
html {
-webkit-text-size-adjust: none;
}
</style>
EOF;
$formatter = XenForo_BbCode_Formatter_Base::create('ForumRunner_BbCode_Formatter_BbCode_Post', array('smilies' => XenForo_Application::get('smilies')));
$parser = new XenForo_BbCode_Parser($formatter);
$html = $css . $parser->render($message);
if ($signature && $post['signature']) {
$html .= '<div style="border-top: 1px dashed grey; font-size: 9pt; margin-top: 5px; padding: 5px 0 0;">' . $parser->render(fr_strip_smilies($this, $post['signature'])) . '</div>';
}
} else {
if ($type == 'facebook') {
$html = XenForo_Helper_String::censorString(XenForo_Helper_String::bbCodeStrip($message, true));
if (count($attachments)) {
$attachments = array_values($attachments);
$link = XenForo_Link::buildPublicLink('attachments', $attachments[0]);
$image = fr_get_xenforo_bburl() . '/' . $link;
}
}
}
$post_page = floor($post['position'] / XenForo_Application::get('options')->messagesPerPage) + 1;
$out = array('post_id' => $post['post_id'], 'thread_id' => $post['thread_id'], 'forum_id' => $post['node_id'], 'forum_title' => prepare_utf8_string(strip_tags($post['node_title'])), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string(XenForo_Locale::date($post['register_date'], 'absolute')), 'usertitle' => XenForo_Template_Helper_Core::helperUserTitle($user), 'numposts' => $user ? $user['message_count'] : 0, 'userid' => $post['user_id'], 'title' => prepare_utf8_string($post['title']), 'online' => $is_online, 'post_timestamp' => prepare_utf8_string(XenForo_Locale::dateTime($post['post_date'], 'absolute')), 'html' => prepare_utf8_string($html), 'quotable' => $nuked_quotes, 'canpost' => $thread_model->canReplyToThread($thread, $forum), 'canattach' => $forum_model->canUploadAndManageAttachment($forum), 'post_link' => fr_get_xenforo_bburl() . '/' . XenForo_Link::buildPublicLink('threads', $thread, array('page' => $post_page)) . '#post-' . $post['post_id']);
if ($image != '') {
$out['image'] = $image;
}
if ($avatarurl != '') {
$out['avatarurl'] = $avatarurl;
}
return $out;
}
function do_showresults($searchid, $pagenumber = 1, $perpage = 25)
{
global $vbulletin, $db, $show, $vbphrase, $current_user, $show;
$vbulletin->options['threadpreview'] = FR_PREVIEW_LEN;
$vbulletin->input->clean_array_gpc('r', array('previewtype' => TYPE_INT));
$previewtype = $vbulletin->GPC['previewtype'];
if (!$previewtype) {
$previewtype = 1;
}
$bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
// Get exclude IDs
$exclude_ids = @explode(',', $vbulletin->options['forumrunner_exclude']);
if (in_array('-1', $exclude_ids)) {
$exclude_ids = array();
}
if ($results = vB_Search_Results::create_from_searchid($current_user, $searchid)) {
$pages = $results->get_page($pagenumber, $perpage, 10000);
} else {
$pages = array();
}
if (count($pages) == 0) {
$threads[]['error'] = strip_tags(fetch_error('searchnoresults', ''));
return array('threads' => $threads, 'total_threads' => count($threads));
}
$thread_data = array();
$skipped = 0;
foreach ($pages as $item) {
switch (get_class($item)) {
case 'vBForum_Search_Result_Thread':
$thread = $item->get_thread();
$foruminfo = fetch_foruminfo($thread->get_field('forumid'));
$parentlist = explode(',', substr($foruminfo['parentlist'], 0, -3));
$skip = false;
foreach ($parentlist as $parent_id) {
if (in_array($parent_id, $exclude_ids)) {
$skip = true;
}
}
if ($thread->get_field('visible') == 2) {
$skip = true;
}
if ($skip) {
$skipped++;
continue;
}
$lastread = $thread->get_forum()->get_last_read_by_current_user($current_user);
$legacy_thread = process_thread_array($thread->get_record(), $lastread);
$date = vbdate($vbulletin->options['dateformat'], $thread->get_field('lastpost'));
$time = vbdate($vbulletin->options['timeformat'], $thread->get_field('lastpost'));
$previewinfo = $db->query_first_slave("\n\t\tSELECT *\n\t\tFROM " . TABLE_PREFIX . "post\n\t\tWHERE postid = " . $thread->get_field($previewtype == 1 ? 'firstpostid' : 'lastpostid') . "\n\t ");
$preview = '';
if (method_exists($bbcode_parser, 'get_preview')) {
$preview = $bbcode_parser->get_preview(fetch_censored_text($previewinfo['pagetext']), 200);
} else {
// vB4 prior to vB4.0.4 did not have get_preview()
list($text, $nuked_quotes, $images) = parse_post($previewinfo['pagetext'], true, array());
$preview = preview_chop(fetch_censored_text($nuked_quotes), 200);
}
$avatarurl = '';
if ($previewinfo['userid'] > 0) {
$userinfoavatar = fetch_userinfo($previewinfo['userid'], FETCH_USERINFO_AVATAR);
fetch_avatar_from_userinfo($userinfoavatar, true, false);
if ($userinfoavatar['avatarurl'] != '') {
$avatarurl = process_avatarurl($userinfoavatar['avatarurl']);
}
unset($userinfoavatar);
}
$tmp = array('thread_id' => $thread->get_field('threadid'), 'new_posts' => $show['gotonewpost'], 'forum_id' => $thread->get_field('forumid'), 'total_posts' => $thread->get_field('replycount'), 'forum_title' => prepare_utf8_string(strip_tags($foruminfo['title'])), 'thread_title' => prepare_utf8_string(strip_tags($thread->get_field('title'))), 'thread_preview' => prepare_utf8_string(preview_chop(strip_tags(strip_bbcode(html_entity_decode($preview))), FR_PREVIEW_LEN)), 'post_userid' => $previewinfo['userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($date) . ' ' . $time), 'post_username' => prepare_utf8_string(strip_tags($previewinfo['username'])));
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
if ($thread->get_field('prefixid')) {
$prefixid = $thread->get_field('prefixid');
$tmp['prefix'] = prepare_utf8_string(strip_tags($vbphrase["prefix_{$prefixid}_title_plain"]));
}
if ($thread->get_field('attach')) {
$tmp['attach'] = true;
}
if ($thread->get_field('pollid')) {
$tmp['poll'] = true;
}
$thread_data[] = $tmp;
break;
case 'vBForum_Search_Result_Post':
$post = $item->get_post();
$thread = $post->get_thread();
$foruminfo = fetch_foruminfo($thread->get_field('forumid'));
$parentlist = explode(',', substr($foruminfo['parentlist'], 0, -3));
$skip = false;
foreach ($parentlist as $parent_id) {
if (in_array($parent_id, $exclude_ids)) {
$skip = true;
}
}
if ($post->get_field('visible') == 2) {
$skip = true;
}
if ($skip) {
$skipped++;
continue;
}
$date = vbdate($vbulletin->options['dateformat'], $post->get_field('dateline'));
$time = vbdate($vbulletin->options['timeformat'], $post->get_field('dateline'));
$avatarurl = '';
if ($post->get_field('userid') > 0) {
$userinfoavatar = fetch_userinfo($post->get_field('userid'), FETCH_USERINFO_AVATAR);
fetch_avatar_from_userinfo($userinfoavatar, true, false);
if ($userinfoavatar['avatarurl'] != '') {
$avatarurl = process_avatarurl($userinfoavatar['avatarurl']);
}
unset($userinfoavatar);
}
$tmp = array('thread_id' => $post->get_field('threadid'), 'post_id' => $post->get_field('postid'), 'jump_to_post' => 1, 'forum_id' => $thread->get_field('forumid'), 'forum_title' => prepare_utf8_string(strip_tags($foruminfo['title'])), 'thread_title' => prepare_utf8_string(strip_tags($thread->get_field('title'))), 'thread_preview' => prepare_utf8_string(preview_chop(htmlspecialchars_uni(fetch_censored_text(strip_bbcode(strip_quotes(html_entity_decode($post->get_field('pagetext'))), false, true))), FR_PREVIEW_LEN)), 'post_userid' => $post->get_field('userid'), 'post_lastposttime' => prepare_utf8_string(date_trunc($date) . ' ' . $time), 'post_username' => prepare_utf8_string(strip_tags($post->get_field('username'))));
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
if ($thread->get_field('prefixid')) {
$prefixid = $thread->get_field('prefixid');
$tmp['prefix'] = prepare_utf8_string(strip_tags($vbphrase["prefix_{$prefixid}_title_plain"]));
}
if ($post->get_field('attach')) {
$tmp['attach'] = true;
}
$thread_data[] = $tmp;
break;
}
}
$out = array();
if (is_array($thread_data) && count($thread_data) > 0) {
$out['threads'] = $thread_data;
$out['total_threads'] = max($results->get_confirmed_count() - $skipped, 0);
} else {
$out['threads'] = array();
$out['total_threads'] = 0;
}
$out['searchid'] = $searchid;
return $out;
}
function get_article_comments($article, $associated_thread_id, $userinfo, &$pageno, &$perpage, &$total)
{
require_once DIR . '/includes/functions_misc.php';
require_once DIR . '/includes/functions.php';
require_once DIR . '/includes/functions_databuild.php';
require_once DIR . '/includes/functions_bigthree.php';
$posts_out = array();
fetch_phrase_group('posting');
$threadinfo = verify_id('thread', $associated_thread_id, 0, 1);
$foruminfo = verify_id('forum', $threadinfo['forumid'], 0, 1);
//First let's see if we have forum/thread view permissions. If not,
// we're done
if (!($permissions = can_view_thread($article->getNodeId(), $userinfo))) {
return array();
}
$forumperms = fetch_permissions($threadinfo['forumid']);
//Normally this thread will be wide open, so let's get the list first
// without checking. We'll verify each post anyway.
//get our results
$results = get_comments($permissions, $associated_thread_id);
$record_count = count($results);
if (!$results or !count($results)) {
return array();
}
//we accept the parameter "last" for pageno.
if ($pageno == FR_LAST_POST) {
$pageno = intval(($record_count + $perpage - 1) / $perpage);
$first = ($pageno - 1) * $perpage;
} else {
$pageno = max(1, intval($pageno));
$first = $perpage * ($pageno - 1);
}
//Let's trim off the results we need.
//This also tells us if we should show the "next" button.
$post_array = array_slice($results, $first, $perpage, true);
if (!$post_array) {
return array();
}
$firstpostid = false;
$displayed_dateline = 0;
if (vB::$vbulletin->options['threadmarking'] and vB::$vbulletin->userinfo['userid']) {
$threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - vB::$vbulletin->options['markinglimit'] * 86400);
} else {
$threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid']));
if (!$threadview) {
$threadview = vB::$vbulletin->userinfo['lastvisit'];
}
}
require_once DIR . '/includes/functions_user.php';
$show['inlinemod'] = false;
$postids = array();
$postids = ' post.postid in (' . implode(', ', $post_array) . ')';
$posts = vB::$vbulletin->db->query_read($sql = "\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t user.*, userfield.*, usertextfield.*,\n\t " . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t " . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n\t editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n\t editlog.reason AS edit_reason, editlog.hashistory,\n\t postparsed.pagetext_html, postparsed.hasimages,\n\t sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,\n\t customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight\n\t " . iif(!($permissions['genericpermissions'] & vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), vB::$vbulletin->profilefield['hidden']) . "\n\t {$hook_query_fields}\n\t FROM " . TABLE_PREFIX . "post AS post\n\t LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t " . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t {$deljoin}\n\t LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)\n\t {$hook_query_joins}\n\t WHERE {$postids}\n\t ORDER BY post.dateline\n\t ");
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
vB::$vbulletin->options['attachthumbs'] = 0;
}
if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) {
vB::$vbulletin->options['viewattachedimages'] = 0;
}
$postcount = count($postid_array);
$counter = 0;
$postbits = '';
vB::$vbulletin->noheader = true;
while ($post = vB::$vbulletin->db->fetch_array($posts)) {
if (!$privileges['can_moderate_forums']) {
if ($privileges['is_coventry'] or $post['visible'] == 2) {
continue;
}
}
// post/thread is deleted by moderator and we don't have permission to see it
if (!($post['visible'] or $privileges['can_moderate_posts'])) {
continue;
}
if (!intval($post['userid'])) {
$post['avatarid'] = false;
} else {
if (!$post['hascustomavatar']) {
if ($post['profilepic']) {
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
$post['avatarpath'] = "./image.php?u=" . $post['userid'] . "&dateline=" . $post['profilepicdateline'] . "&type=profile";
$post['avwidth'] = $post['ppwidth'];
$post['avheight'] = $post['ppheight'];
} else {
$post['hascustomavatar'] = 1;
$post['avatarid'] = true;
// explicity setting avatarurl to allow guests comments to show unknown avatar
$post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif';
$post['avwidth'] = 60;
$post['avheight'] = 60;
}
}
}
if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) {
continue;
}
if ($post['visible'] == 1 and !$tachyuser) {
++$counter;
if ($postorder) {
$post['postcount'] = --$postcount;
} else {
$post['postcount'] = ++$postcount;
}
}
if ($tachyuser) {
$fetchtype = 'post_global_ignore';
} else {
if ($ignore["{$post['userid']}"]) {
$fetchtype = 'post_ignore';
} else {
if ($post['visible'] == 2) {
$fetchtype = 'post_deleted';
} else {
$fetchtype = 'post';
}
}
}
if (vB::$vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) {
$fetchtype = 'post';
}
if (!$firstpostid) {
$firstpostid = $post['postid'];
}
$post['islastshown'] = $post['postid'] == $lastpostid;
$post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1);
$post['islastshown'] = $post['postid'] == $lastpostid;
$post['attachments'] = $postattach["{$post['postid']}"];
$canedit = false;
if (!$threadinfo['isdeleted'] and !$post['isdeleted'] and (can_moderate($threadinfo['forumid'], 'caneditposts') or $threadinfo['open'] and $post['userid'] == vB::$vbulletin->userinfo['userid'] and $forumperms & vB::$vbulletin->bf_ugp_forumpermissions['caneditpost'] and ($post['dateline'] >= TIMENOW - vB::$vbulletin->options['edittimelimit'] * 60 or vB::$vbulletin->options['edittimelimit'] == 0))) {
$canedit = true;
}
// Get post date/time
$postdate = vbdate(vB::$vbulletin->options['dateformat'], $post['dateline'], 1);
$posttime = vbdate(vB::$vbulletin->options['timeformat'], $post['dateline']);
$attachments = array();
$fr_images = array();
// Attachments (images).
if (count($post['attachments']) > 0) {
foreach ($post['attachments'] as $attachment) {
$lfilename = strtolower($attachment['filename']);
if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
$fr_images[] = array('img' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'], 'tmb' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1');
}
}
}
// Parse the post for quotes and inline images
list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], false);
if (count($fr_images) > 0) {
$text .= "<br/>";
foreach ($fr_images as $attachment) {
$text .= "<img src=\"{$attachment['img']}\"/>";
}
}
foreach ($images as $image) {
$fr_images[] = array('img' => $image);
}
$avatarurl = '';
// Avatar work
if (vB::$vbulletin->options['avatarenabled']) {
require_once DIR . '/includes/functions_user.php';
$userinfo = fetch_userinfo($post['userid'], FETCH_USERINFO_AVATAR);
fetch_avatar_from_userinfo($userinfo);
if ($userinfo['avatarurl']) {
$avatarurl = process_avatarurl($userinfo['avatarurl']);
}
}
$tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'], 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images, 'image_thumbs' => array());
// Soft Deleted
if ($post['visible'] == 2) {
$tmp['deleted'] = true;
$tmp['del_username'] = prepare_utf8_string($post['del_username']);
if ($post['del_reason']) {
$tmp['del_reason'] = prepare_utf8_string($post['del_reason']);
}
} else {
$tmp['text'] = $text;
$tmp['quotable'] = $nuked_quotes;
if ($canedit) {
$tmp['canedit'] = true;
$tmp['edittext'] = prepare_utf8_string($post['pagetext']);
}
}
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
$posts_out[] = $tmp;
}
if ($LASTPOST['dateline'] > $displayed_dateline) {
$displayed_dateline = $LASTPOST['dateline'];
if ($displayed_dateline <= $threadview) {
$updatethreadcookie = true;
}
}
// Set thread last view
if ($displayed_dateline and $displayed_dateline > $threadview) {
mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline);
}
vB::$vbulletin->db->free_result($posts);
unset($post);
$total = $record_count;
return $posts_out;
}
function fr_construct_forum_bit($parentid, $depth = 0, $subsonly = 0)
{
global $vbulletin, $vbphrase, $show;
global $imodcache, $lastpostarray, $counters, $inforum;
// Get exclude IDs
$exclude_ids = @explode(',', $vbulletin->options['forumrunner_exclude']);
if (in_array('-1', $exclude_ids)) {
$exclude_ids = array();
}
if (in_array($parentid, $exclude_ids)) {
return;
}
// this function takes the constant MAXFORUMDEPTH as its guide for how
// deep to recurse down forum lists. if MAXFORUMDEPTH is not defined,
// it will assume a depth of 2.
// call fetch_last_post_array() first to get last post info for forums
if (!is_array($lastpostarray)) {
fetch_last_post_array($parentid);
}
if (empty($vbulletin->iforumcache["{$parentid}"])) {
return;
}
if (!defined('MAXFORUMDEPTH')) {
define('MAXFORUMDEPTH', 2);
}
$forumbits = '';
$depth++;
if ($parentid == -1) {
$parent_is_category = false;
} else {
$parentforum = $vbulletin->forumcache[$parentid];
$parent_is_category = !(bool) ($parentforum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']);
}
foreach ($vbulletin->iforumcache["{$parentid}"] as $forumid) {
if (in_array($forumid, $exclude_ids)) {
continue;
}
// grab the appropriate forum from the $vbulletin->forumcache
$forum = $vbulletin->forumcache["{$forumid}"];
//$lastpostforum = $vbulletin->forumcache["$lastpostarray[$forumid]"];
$lastpostforum = empty($lastpostarray[$forumid]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"];
if (!$forum['displayorder'] or !($forum['options'] & $vbulletin->bf_misc_forumoptions['active'])) {
continue;
}
$forumperms = $vbulletin->userinfo['forumpermissions']["{$forumid}"];
$lastpostforumperms = empty($lastpostarray[$forumid]) ? 0 : $vbulletin->userinfo['forumpermissions']["{$lastpostarray[$forumid]}"];
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) and ($vbulletin->forumcache["{$forumid}"]['showprivate'] == 1 or !$vbulletin->forumcache["{$forumid}"]['showprivate'] and !$vbulletin->options['showprivateforums'])) {
// no permission to view current forum
continue;
}
if ($subsonly) {
$childforumbits = fr_construct_forum_bit($forum['forumid'], 1, $subsonly);
} else {
if ($depth < MAXFORUMDEPTH) {
$childforumbits = fr_construct_forum_bit($forum['forumid'], $depth, $subsonly);
} else {
$childforumbits = '';
}
}
// do stuff if we are not doing subscriptions only, or if we ARE doing subscriptions,
// and the forum has a subscribedforumid
if (!$subsonly or $subsonly and !empty($forum['subscribeforumid'])) {
$GLOBALS['forumshown'] = true;
// say that we have shown at least one forum
if ($forum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']) {
// get appropriate suffix for template name
$tempext = '_post';
} else {
$tempext = '_nopost';
}
if (!$vbulletin->options['showforumdescription']) {
// blank forum description if set to not show
$forum['description'] = '';
}
// dates & thread title
$lastpostinfo = empty($lastpostarray["{$forumid}"]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"];
// compare last post time for this forum with the last post time specified by
// the $lastpostarray, and if it's less, use the last post info from the forum
// specified by $lastpostarray
if (!empty($lastpostinfo) and $vbulletin->forumcache["{$lastpostarray[$forumid]}"]['lastpost'] > 0) {
if (!($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $lastpostinfo['lastposter'] != $vbulletin->userinfo['username']) {
$forum['lastpostinfo'] = $vbphrase['private'];
} else {
$lastpostinfo['lastpostdate'] = vbdate($vbulletin->options['dateformat'], $lastpostinfo['lastpost'], 1);
$lastpostinfo['lastposttime'] = vbdate($vbulletin->options['timeformat'], $lastpostinfo['lastpost']);
$lastpostinfo['trimthread'] = fetch_trimmed_title(fetch_censored_text($lastpostinfo['lastthread']));
if ($lastpostinfo['lastprefixid'] and $vbulletin->options['showprefixlastpost']) {
$lastpostinfo['prefix'] = $vbulletin->options['showprefixlastpost'] == 2 ? $vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_rich"] : htmlspecialchars_uni($vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_plain"]);
} else {
$lastpostinfo['prefix'] = '';
}
if ($vbulletin->forumcache["{$lastpostforum['forumid']}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons'] and $icon = fetch_iconinfo($lastpostinfo['lasticonid'])) {
$show['icon'] = true;
} else {
$show['icon'] = false;
}
$show['lastpostinfo'] = (!$lastpostforum['password'] or verify_forum_password($lastpostforum['forumid'], $lastpostforum['password'], false));
$pageinfo_lastpost = array('p' => $lastpostinfo['lastpostid']);
$pageinfo_newpost = array('goto' => 'newpost');
$threadinfo = array('title' => $lastpostinfo['lastthread'], 'threadid' => $lastpostinfo['lastthreadid']);
}
} else {
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) {
$forum['lastpostinfo'] = $vbphrase['private'];
} else {
$forum['lastpostinfo'] = $vbphrase['never'];
}
}
// do light bulb
$forum['statusicon'] = fetch_forum_lightbulb($forumid, $lastpostinfo, $forum);
// add lock to lightbulb if necessary
// from 3.6.9 & 3.7.0 we now show locks only if a user can not post AT ALL
// previously it was just if they could not create new threads
if ($vbulletin->options['showlocks'] and !$forum['link'] and (!($forum['options'] & $vbulletin->bf_misc_forumoptions['allowposting']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostnew']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) {
$forum['statusicon'] .= '_lock';
}
// get counters from the counters cache ( prepared by fetch_last_post_array() )
$forum['threadcount'] = $counters["{$forum['forumid']}"]['threadcount'];
$forum['replycount'] = $counters["{$forum['forumid']}"]['replycount'];
// get moderators ( this is why we needed cache_moderators() )
if ($vbulletin->options['showmoderatorcolumn']) {
$showmods = array();
$listexploded = explode(',', $forum['parentlist']);
foreach ($listexploded as $parentforumid) {
if (!isset($imodcache["{$parentforumid}"]) or $parentforumid == -1) {
continue;
}
foreach ($imodcache["{$parentforumid}"] as $moderator) {
if (isset($showmods["{$moderator['userid']}"])) {
continue;
}
($hook = vBulletinHook::fetch_hook('forumbit_moderator')) ? eval($hook) : false;
$showmods["{$moderator['userid']}"] = true;
if (!isset($forum['moderators'])) {
$forum['moderators'] = '';
}
}
}
if (!isset($forum['moderators'])) {
$forum['moderators'] = '';
}
}
if ($forum['link']) {
$forum['replycount'] = '-';
$forum['threadcount'] = '-';
$forum['lastpostinfo'] = '-';
} else {
$forum['replycount'] = vb_number_format($forum['replycount']);
$forum['threadcount'] = vb_number_format($forum['threadcount']);
}
if (($subsonly or $depth == MAXFORUMDEPTH) and $vbulletin->options['subforumdepth'] > 0) {
//$forum['subforums'] = construct_subforum_bit($forumid, ($forum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads'] ) );
$forum['subforums'] = '';
} else {
$forum['subforums'] = '';
}
$forum['browsers'] = 0;
$children = explode(',', $forum['childlist']);
foreach ($children as $childid) {
$forum['browsers'] += isset($inforum["{$childid}"]) ? $inforum["{$childid}"] : 0;
}
if ($depth == 1 and $tempext == '_nopost') {
global $vbcollapse;
$collapseobj_forumid =& $vbcollapse["collapseobj_forumbit_{$forumid}"];
$collapseimg_forumid =& $vbcollapse["collapseimg_forumbit_{$forumid}"];
$show['collapsebutton'] = true;
} else {
$show['collapsebutton'] = false;
}
$show['forumsubscription'] = $subsonly ? true : false;
$show['forumdescription'] = $forum['description'] != '' ? true : false;
$show['subforums'] = $forum['subforums'] != '' ? true : false;
$show['browsers'] = ($vbulletin->options['displayloggedin'] and !$forum['link'] and $forum['browsers'] ? true : false);
// FRNR Start
// If this forum has a password, check to see if we have
// the proper cookie. If so, don't prompt for one
$password = 0;
if ($forum['password']) {
$pw_ok = verify_forum_password($forum['forumid'], $forum['password'], false);
if (!$pw_ok) {
$password = 1;
}
}
$new = array('id' => $forum['forumid'], 'new' => $forum['statusicon'] == 'new' ? true : false, 'name' => prepare_utf8_string(strip_tags($forum['title'])), 'password' => $password);
$icon = fr_get_forum_icon($forum['forumid'], $forum['statusicon'] == 'new' ? true : false);
if ($icon) {
$new['icon'] = $icon;
}
if ($forum['link'] != '') {
$link = fr_fix_url($forum['link']);
if (is_int($link)) {
$new['id'] = $link;
} else {
$new['link'] = $link;
}
$linkicon = fr_get_forum_icon($forum['forumid'], false, true);
if ($linkicon) {
$new['icon'] = $linkicon;
}
}
if ($forum['description'] != '') {
$desc = prepare_utf8_string(strip_tags($forum['description']));
if (strlen($desc) > 0) {
$new['desc'] = $desc;
}
}
$out[] = $new;
// FRNR End
} else {
$forumbits .= $childforumbits;
}
}
return $out;
}
public function actionGetConversation()
{
$conversationid = $this->_input->filterSingle('conversationid', XenForo_Input::UINT);
$signature = $this->_input->filterSingle('signature', XenForo_Input::UINT);
$page = max($this->_input->filterSingle('page', XenForo_Input::UINT), 1);
$perpage = $this->_input->filterSingle('perpage', XenForo_Input::UINT);
if (!$perpage) {
$perpage = XenForo_Application::get('options')->messagesPerPage;
}
$conversation_model = $this->_getConversationModel();
$session_model = $this->getModelFromCache('XenForo_Model_Session');
try {
$conversation_info = $this->_getConversationOrError($conversationid);
} catch (Exception $e) {
json_error($e->getControllerResponse()->errorText->render());
}
$gotomessageid = 0;
if ($page == FR_LAST_POST) {
if (!$conversation_info['last_read_date']) {
$page = 1;
} else {
if ($conversation_info['last_read_date'] >= $conversation_info['last_message_date']) {
$first_unread = false;
} else {
$first_unread = $conversation_model->getNextMessageInConversation($conversationid, $conversation_info['last_read_date']);
}
if (!$first_unread || $first_unread['message_id'] == $conversation_info['last_message_id']) {
$page = floor($conversation_info['reply_count'] / $perpage) + 1;
$gotomessageid = $conversation_info['last_message_id'];
} else {
$before = $conversation_model->countMessagesBeforeDateInConversation($conversationid, $first_unread['message_date']);
$page = floor($before / $perpage) + 1;
$gotomessageid = $first_unread['message_id'];
}
}
}
$recipients = $conversation_model->getConversationRecipients($conversationid);
$messages = $conversation_model->getConversationMessages($conversationid, array('page' => $page, 'perPage' => $perpage));
$max = $conversation_model->getMaximumMessageDate($messages);
if ($max > $conversation_info['last_read_date']) {
$conversation_model->markConversationAsRead($conversationid, XenForo_Visitor::getUserId(), $max, $conversation_info['last_message_date']);
}
$messages = $conversation_model->prepareMessages($messages, $conversation_info);
$user_model = $this->getModelFromCache('XenForo_Model_User');
foreach ($messages as &$message) {
$user = $user_model->getUserById($message['user_id']);
$online_info = $session_model->getSessionActivityRecords(array('user_id' => $message['user_id'], 'cutOff' => array('>', $session_model->getOnlineStatusTimeout())));
$is_online = false;
if (count($online_info) == 1) {
$is_online = true;
}
list($text, $nuked_quotes, $images) = parse_post(fr_strip_smilies($this, XenForo_Helper_String::censorString($message['message'])), true);
$fr_images = array();
foreach ($images as $image) {
$fr_images[] = array('img' => $image);
}
$avatarurl = '';
if ($user !== false) {
$avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm'));
if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) {
$avatarurl = '';
}
}
$out = array('post_id' => $message['message_id'], 'thread_id' => $message['conversation_id'], 'username' => prepare_utf8_string(strip_tags($message['username'])), 'joindate' => prepare_utf8_string(XenForo_Locale::date($message['register_date'], 'absolute')), 'usertitle' => XenForo_Template_Helper_Core::helperUserTitle($user), 'numposts' => $user ? $user['message_count'] : 0, 'userid' => $message['user_id'], 'online' => $is_online, 'post_timestamp' => prepare_utf8_string(XenForo_Locale::dateTime($message['message_date'], 'absolute')), 'fr_images' => $fr_images, 'text' => $text, 'quotable' => $nuked_quotes);
if ($avatarurl != '') {
$out['avatarurl'] = $avatarurl;
}
if ($signature) {
$sig = trim(strip_tags(remove_bbcode($message['signature'], true, true), '<a>'));
$sig = str_replace(array("\t", "\r"), array('', ''), $sig);
$sig = str_replace("\n\n", "\n", $sig);
$out['sig'] = prepare_utf8_string($sig);
}
$message_data[] = $out;
}
$out = array('posts' => $message_data, 'total_posts' => $conversation_info['reply_count'] + 1, 'page' => $page, 'canattach' => false, 'canpost' => true, 'title' => prepare_utf8_string(XenForo_Helper_String::censorString($conversation_info['title'])), 'thread_link' => process_avatarurl(XenForo_Link::buildPublicLink('conversations', $conversation_info)));
if ($gotomessageid) {
$out['gotopostid'] = $gotomessageid;
}
$r = array_values($conversation_model->getConversationRecipients($conversationid));
$recipients = '';
for ($i = 0; $i < count($r); $i++) {
if ($i != 0) {
$recipients .= ', ';
}
$recipients .= prepare_utf8_string(strip_tags($r[$i]['username']));
}
$out['recipients'] = $recipients;
return $out;
}
function do_get_ban_data()
{
global $vbulletin, $db, $vbphrase;
$ban_usergroups = $out = array();
// make a list of usergroups into which to move this user
foreach ($vbulletin->usergroupcache as $usergroupid => $usergroup) {
if (!($usergroup['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'])) {
$ban_usergroups[$usergroupid] = prepare_utf8_string($usergroup['title']);
}
}
$out['ban_usergroups'] = $ban_usergroups;
return $out;
}
public function actionGetForumData()
{
$forumids = $this->_input->filterSingle('forumids', XenForo_Input::STRING);
if (empty($forumids)) {
return array('forums' => array());
}
$visitor = XenForo_Visitor::getInstance();
$forum_model = $this->_getForumModel();
$node_model = $this->_getNodeModel();
$helper = $this->getHelper('ForumThreadPost');
$exclude = XenForo_Application::get('options')->forumrunnerExcludeForums;
if (!$exclude) {
$exclude = array();
}
$forums = split(',', $forumids);
$forum_data = array();
foreach ($forums as $forumid) {
if (in_array($forumid, $exclude)) {
continue;
}
$node_info = $node_model->getNodeById($forumid);
$forum_info = null;
if ($node_info['node_type_id'] == 'Forum') {
try {
$forum_info = $helper->assertForumValidAndViewable($forumid, array('readUserId' => $visitor['user_id']));
} catch (Exception $e) {
json_error($e->getControllerResponse()->errorText->render());
}
} else {
if ($node_info['node_type_id'] == 'Category') {
// We need to get the parent node_id info
$node_info = $node_model->getNodeById($node_info['parent_node_id']);
$tmp_data = $node_model->getNodeDataForListDisplay($node_info, 0);
// Now, find our child and our data (mainly hasNew)
$forum_info = $tmp_data['nodesGrouped'][$tmp_data['parentNodeId']][$forumid];
}
}
$hasNew = isset($forum_info['hasNew']) ? $forum_info['hasNew'] : isset($forum_info['forum_read_date']) && $forum_info['forum_read_date'] < $forum_info['last_post_date'];
$out = array('id' => $forum_info['node_id'], 'new' => $hasNew, 'name' => prepare_utf8_string(strip_tags($forum_info['title'])));
$icon = fr_get_forum_icon($forum_info['node_id'], $hasNew);
if ($icon) {
$out['icon'] = $icon;
}
if ($forum_info['description'] != '') {
$desc = prepare_utf8_string(strip_tags($forum_info['description']));
if (strlen($desc)) {
$out['desc'] = $desc;
}
}
$forum_data[] = $out;
}
return array('forums' => $forum_data);
}
public function actionGetPoll()
{
$threadid = $this->_input->filterSingle('threadid', XenForo_Input::UINT);
$visitor = XenForo_Visitor::getInstance();
$helper = $this->getHelper('ForumThreadPost');
$thread_model = $this->_getThreadModel();
try {
list($thread_info, $forum_info) = $helper->assertThreadValidAndViewable($threadid);
} catch (Exception $e) {
json_error($e->getControllerResponse()->errorText->render());
}
$poll_model = $this->_getPollModel();
$poll = $poll_model->getPollByContent('thread', $threadid);
if (!$poll) {
fr_no_permission();
}
$poll = $poll_model->preparePoll($poll, $thread_model->canVoteOnPoll($thread_info, $forum_info));
$total_votes = XenForo_Application::get('db')->fetchOne('
SELECT COUNT(user_id)
FROM xf_poll_vote
WHERE poll_id = ?
', $poll['poll_id']);
$options = array();
foreach ($poll['responses'] as $key => $option) {
$percent = 0;
if ($option['response_vote_count'] > 0) {
$percent = $option['response_vote_count'] / $total_votes * 100;
}
$options[] = array('optionid' => $key, 'voted' => $option['hasVoted'], 'percent' => number_format($percent), 'title' => prepare_utf8_string(strip_tags(XenForo_Helper_String::censorString($option['response']))), 'votes' => $option['response_vote_count']);
}
$out = array('title' => prepare_utf8_string(strip_tags(XenForo_Helper_String::censorString($poll['question']))), 'pollstatus' => '', 'options' => $options, 'total' => $total_votes, 'canvote' => $poll['canVote']);
if ($poll['multiple']) {
$out['multiple'] = true;
}
return $out;
}
public function fetchSpamData()
{
if (!XenForo_Visitor::getInstance()->hasPermission('general', 'cleanSpam')) {
$phrase = new XenForo_Phrase('do_not_have_permission');
json_error($phrase->render());
}
$visitor = XenForo_Visitor::getInstance();
$user_model = $this->getModelFromCache('XenForo_Model_User');
$thread_model = $this->getModelFromCache('XenForo_Model_Thread');
$post_model = $this->getModelFromCache('XenForo_Model_Post');
$threadid = $this->_input->filterSingle('threadid', XenForo_Input::UINT);
$postids = $this->_input->filterSingle('postids', XenForo_Input::STRING);
$helper = $this->getHelper('ForumThreadPost');
$userids = $users = $ips = array();
$can_view_ips = $user_model->canViewIps();
// If we have a thread id, figure out who started it
if ($threadid) {
try {
list($thread_info, $forum_info) = $helper->assertThreadValidAndViewable($threadid, array('readUserId' => $visitor['user_id'], 'watchUserId' => $visitor['user_id']), array('readUserId' => $visitor['user_id']));
$user = $user_model->getUserById($thread_info['user_id']);
if (!$user_model->couldBeSpammer($user)) {
return array('no_spam' => true);
}
$userids[] = (string) $thread_info['user_id'];
$users[] = prepare_utf8_string(strip_tags($thread_info['username']));
if ($can_view_ips) {
list($post_info, $thread_info, $forum_info) = $helper->assertPostValidAndViewable($thread_info['first_post_id']);
$ip_info = $this->getModelFromCache('XenForo_Model_Ip')->getContentIpInfo($post_info);
$ips[] = $ip_info['contentIp'];
}
} catch (Exception $e) {
json_error($e->getControllerResponse()->errorText->render());
}
} else {
if ($postids) {
$postids_array = preg_split('/,/', $postids);
$posts = $post_model->getPostsByIds($postids_array, array('join' => XenForo_Model_Post::FETCH_THREAD));
foreach ($posts as $post) {
$user = $user_model->getUserById($post['user_id']);
if (!$user_model->couldBeSpammer($user)) {
continue;
}
$userids[] = (string) $post['user_id'];
$users[] = prepare_utf8_string(strip_tags($post['username']));
if ($can_view_ips) {
$ip_info = $this->getModelFromCache('XenForo_Model_Ip')->getContentIpInfo($post);
$ips[] = $ip_info['contentIp'];
}
}
if (!count($userids)) {
return array('no_spam' => true);
}
}
}
return array('userids' => $userids, 'users' => $users, 'ips' => $ips, 'punitive' => true);
}
function do_get_profile()
{
global $vbulletin, $db, $show, $vbphrase, $permissions, $imodcache;
$vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT));
if (!$vbulletin->userinfo['userid'] && !$vbulletin->GPC['userid']) {
json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN);
}
if (!($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or !($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers'])) {
json_error(ERR_NO_PERMISSION);
}
if (!$vbulletin->GPC['userid']) {
$vbulletin->GPC['userid'] = $vbulletin->userinfo['userid'];
}
$fetch_userinfo_options = FETCH_USERINFO_AVATAR | FETCH_USERINFO_LOCATION | FETCH_USERINFO_PROFILEPIC | FETCH_USERINFO_SIGPIC | FETCH_USERINFO_USERCSS | FETCH_USERINFO_ISFRIEND;
$userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, $fetch_userinfo_options);
if ($userinfo['usergroupid'] == 4 and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) {
json_error(ERR_NO_PERMISSION);
}
$posts = $userinfo['posts'];
$joindate = vbdate($vbulletin->options['dateformat'], $userinfo['joindate']);
$out = array('username' => html_entity_decode($userinfo['username']), 'online' => fetch_online_status($userinfo, false), 'avatar_upload' => $vbulletin->options['avatarenabled'] && $permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canuseavatar'], 'posts' => $posts, 'joindate' => $joindate);
$avatarurl_info = fetch_avatar_url($userinfo['userid']);
if ($avatarurl_info) {
$out['avatarurl'] = process_avatarurl($avatarurl_info[0]);
}
cache_moderators();
$canbanuser = ($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or can_moderate(0, 'canbanusers'));
if ($canbanuser) {
$out['ban'] = true;
}
$groups = array();
// About
$out_group = array('name' => 'about', 'values' => array(array('name' => prepare_utf8_string($vbphrase['posts']), 'value' => strval(vb_number_format($userinfo['posts']))), array('name' => prepare_utf8_string($vbphrase['join_date']), 'value' => vbdate($vbulletin->options['dateformat'], $userinfo['joindate']))));
if (function_exists('itrader_user')) {
itrader_user($userinfo);
$out_group['values'][] = array('name' => 'iTrader', 'value' => vb_number_format($userinfo['tradescore']) . ', ' . $userinfo['tradepcnt'] . '%');
$out += array('itrader_score' => vb_number_format($userinfo['tradescore']), 'itrader_percent' => $userinfo['tradepcnt'] . '%');
}
$groups[] = $out_group;
$profileobj = new vB_UserProfile($vbulletin, $userinfo);
$blockfactory = new vB_ProfileBlockFactory($vbulletin, $profileobj);
$profileblock =& $blockfactory->fetch('ProfileFields');
$profileblock->build_field_data(false);
$profile = $profileblock->categories[0];
// Additional information
if (count($profile)) {
$out_group = array('name' => 'additional');
foreach ($profile as $profilefield) {
$field_value = $userinfo["field{$profilefield['profilefieldid']}"];
fetch_profilefield_display($profilefield, $field_value);
if (!strlen(trim($field_value))) {
continue;
}
$out_group['values'][] = array('name' => prepare_utf8_string($profilefield['title']), 'value' => prepare_utf8_string($profilefield['value']));
}
if (count($out_group['values'])) {
$groups[] = $out_group;
}
}
$out['groups'] = $groups;
return $out;
}
function do_register()
{
global $vbulletin, $vbphrase, $db;
if ($vbulletin->userinfo['userid']) {
json_error(ERR_NO_PERMISSION);
}
if (!$vbulletin->options['forumrunner_enable_registration']) {
json_error(ERR_NO_PERMISSION);
}
$vbulletin->input->clean_array_gpc('r', array('username' => TYPE_STR, 'email' => TYPE_STR, 'password' => TYPE_STR, 'password_md5' => TYPE_STR, 'birthday' => TYPE_STR, 'timezoneoffset' => TYPE_NUM));
// They are registering. Lets find out what fields are required.
if (!$vbulletin->options['allowregistration']) {
standard_error(fetch_error('noregister'));
}
$out = array();
if ($vbulletin->GPC['username']) {
// Registering.
$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY);
$vbulletin->GPC['coppauser'] = false;
$userdata->set_info('coppauser', false);
$userdata->set_info('coppapassword', $vbulletin->GPC['password']);
$userdata->set_bitfield('options', 'coppauser', false);
$userdata->set('parentemail', '');
if (empty($vbulletin->GPC['username']) || empty($vbulletin->GPC['email']) || empty($vbulletin->GPC['password']) && empty($vbulletin->GPC['password_md5'])) {
standard_error(fetch_error('fieldmissing'));
}
$vbulletin->GPC['password_md5'] = strtolower($vbulletin->GPC['password_md5']);
$vbulletin->GPC['passwordconfirm_md5'] = strtolower($vbulletin->GPC['password_md5']);
$userdata->set('email', $vbulletin->GPC['email']);
$userdata->set('username', $vbulletin->GPC['username']);
$userdata->set('password', $vbulletin->GPC['password_md5'] ? $vbulletin->GPC['password_md5'] : $vbulletin->GPC['password']);
$userdata->set_bitfield('options', 'adminemail', 1);
if ($vbulletin->options['verifyemail']) {
$newusergroupid = 3;
} else {
if ($vbulletin->options['moderatenewmembers'] || $vbulletin->GPC['coppauser']) {
$newusergroupid = 4;
} else {
$newusergroupid = 2;
}
}
$userdata->set('usergroupid', $newusergroupid);
$userdata->set('languageid', $vbulletin->userinfo['languageid']);
$userdata->set_usertitle('', false, $vbulletin->usergroupcache["{$newusergroupid}"], false, false);
$parts = preg_split('#/#', $vbulletin->GPC['birthday']);
$day = $month = $year = '';
if ($parts[1]) {
$day = $parts[1];
}
if ($parts[0]) {
$month = $parts[0];
}
if ($parts[2]) {
$year = $parts[2];
}
$userdata->set('showbirthday', 0);
$userdata->set('birthday', array('day' => $day, 'month' => $month, 'year' => $year));
$dst = 2;
$userdata->set_dst($dst);
$userdata->set('timezoneoffset', $vbulletin->GPC['timezoneoffset']);
// register IP address
$userdata->set('ipaddress', IPADDRESS);
$userdata->pre_save();
if (count($userdata->errors)) {
// Just return one error for now.
json_error(strip_tags($userdata->errors[0]));
}
$vbulletin->userinfo['userid'] = $userid = $userdata->save();
if ($userid) {
$userinfo = fetch_userinfo($userid);
$userdata_rank =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
$userdata_rank->set_existing($userinfo);
$userdata_rank->set('posts', 0);
$userdata_rank->save();
require_once DIR . '/includes/functions_login.php';
$vbulletin->session->created = false;
process_new_login('', false, '');
// send new user email
if ($vbulletin->options['newuseremail'] != '') {
$username = $vbulletin->GPC['username'];
$email = $vbulletin->GPC['email'];
if ($birthday = $userdata->fetch_field('birthday')) {
$bday = explode('-', $birthday);
$year = vbdate('Y', TIMENOW, false, false);
$month = vbdate('n', TIMENOW, false, false);
$day = vbdate('j', TIMENOW, false, false);
if ($year > $bday[2] and $bday[2] > 1901 and $bday[2] != '0000') {
require_once DIR . '/includes/functions_misc.php';
$vbulletin->options['calformat1'] = mktimefix($vbulletin->options['calformat1'], $bday[2]);
if ($bday[2] >= 1970) {
$yearpass = $bday[2];
} else {
$yearpass = $bday[2] + 28 * ceil((1970 - $bday[2]) / 28);
}
$birthday = vbdate($vbulletin->options['calformat1'], mktime(0, 0, 0, $bday[0], $bday[1], $yearpass), false, true, false);
} else {
$birthday = vbdate($vbulletin->options['calformat2'], mktime(0, 0, 0, $bday[0], $bday[1], 1992), false, true, false);
}
if ($birthday == '') {
if ($bday[2] == '0000') {
$birthday = "{$bday['0']}-{$bday['1']}";
} else {
$birthday = "{$bday['0']}-{$bday['1']}-{$bday['2']}";
}
}
}
if ($userdata->fetch_field('referrerid') and $vbulletin->GPC['referrername']) {
$referrer = unhtmlspecialchars($vbulletin->GPC['referrername']);
} else {
$referrer = $vbphrase['n_a'];
}
$ipaddress = IPADDRESS;
eval(fetch_email_phrases('newuser', 0));
$newemails = explode(' ', $vbulletin->options['newuseremail']);
foreach ($newemails as $toemail) {
if (trim($toemail)) {
vbmail($toemail, $subject, $message);
}
}
}
$username = htmlspecialchars_uni($vbulletin->GPC['username']);
$email = htmlspecialchars_uni($vbulletin->GPC['email']);
// sort out emails and usergroups
if ($vbulletin->options['verifyemail']) {
$activateid = build_user_activation_id($userid, ($vbulletin->options['moderatenewmembers'] or $vbulletin->GPC['coppauser']) ? 4 : 2, 0);
eval(fetch_email_phrases('activateaccount'));
vbmail($email, $subject, $message, true);
} else {
if ($newusergroupid == 2) {
if ($vbulletin->options['welcomemail']) {
eval(fetch_email_phrases('welcomemail'));
vbmail($email, $subject, $message);
}
}
}
($hook = vBulletinHook::fetch_hook('register_addmember_complete')) ? eval($hook) : false;
// Let them log in again.
process_logout();
$out += array('emailverify' => $vbulletin->options['verifyemail'] ? true : false);
}
} else {
$rules = preg_replace('/<a href=\\"(.*?)\\">(.*?)<\\/a>/', "\\2", $vbphrase['fr_register_forum_rules']);
$out += array('rules' => prepare_utf8_string($rules), 'birthday' => $vbulletin->options['reqbirthday'] ? true : false);
}
return $out;
}
function do_get_announcement()
{
global $vbulletin, $db, $foruminfo;
if (empty($foruminfo['forumid'])) {
json_error(ERR_INVALID_FORUM);
}
$usesmilies = false;
// begin vbulletin
$forumlist = '';
if ($announcementinfo['forumid'] > -1 or $vbulletin->GPC['forumid']) {
$foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 1, 1);
$curforumid = $foruminfo['forumid'];
$forumperms = fetch_permissions($foruminfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) {
json_error(ERR_NO_PERMISSION);
}
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
$forumlist = fetch_forum_clause_sql($foruminfo['forumid'], 'announcement.forumid');
} else {
if (!$announcementinfo['announcementid']) {
json_error(ERR_INVALID_ANNOUNCEMENT);
}
}
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
$announcements = $db->query_read_slave("\n\t\tSELECT announcement.announcementid, announcement.announcementid AS postid, startdate, enddate, announcement.title, pagetext, announcementoptions, views, announcement.pagetext,\n\t\t\tuser.*, userfield.*, usertextfield.*,\n\t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t" . ($vbulletin->userinfo['userid'] ? ", NOT ISNULL(announcementread.announcementid) AS readannouncement" : "") . "\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "announcement AS announcement\n\t\t" . ($vbulletin->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "announcementread AS announcementread ON(announcementread.announcementid = announcement.announcementid AND announcementread.userid = " . $vbulletin->userinfo['userid'] . ")" : "") . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = announcement.userid)\n\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid=user.avatarid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid=announcement.userid)" : "") . "\n\t\t{$hook_query_joins}\n\t\tWHERE\n\t\t\t" . ($vbulletin->GPC['announcementid'] ? "announcement.announcementid = " . $vbulletin->GPC['announcementid'] : "startdate <= " . TIMENOW . " AND enddate >= " . TIMENOW . " " . (!empty($forumlist) ? "AND {$forumlist}" : "")) . "\n\t\t\t{$hook_query_where}\n\t\tORDER BY startdate DESC, announcementid DESC\n\t");
if ($db->num_rows($announcements) == 0) {
// no announcements
json_error(ERR_INVALID_ANNOUNCEMENT);
}
if (!$vbulletin->options['oneannounce'] and $vbulletin->GPC['announcementid'] and !empty($forumlist)) {
$anncount = $db->query_first_slave("\n\t\t\tSELECT COUNT(*) AS total\n\t\t\tFROM " . TABLE_PREFIX . "announcement AS announcement\n\t\t\tWHERE startdate <= " . TIMENOW . "\n\t\t\t\tAND enddate >= " . TIMENOW . "\n\t\t\t\tAND {$forumlist}\n\t\t");
$anncount['total'] = intval($anncount['total']);
$show['viewall'] = $anncount['total'] > 1 ? true : false;
} else {
$show['viewall'] = false;
}
require_once DIR . '/includes/class_postbit.php';
$show['announcement'] = true;
$counter = 0;
$anncids = array();
$announcebits = '';
$announceread = array();
$postbit_factory = new vB_Postbit_Factory();
$postbit_factory->registry =& $vbulletin;
$postbit_factory->forum =& $foruminfo;
$postbit_factory->cache = array();
$postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
while ($post = $db->fetch_array($announcements)) {
$postbit_obj =& $postbit_factory->fetch_postbit('announcement');
$post['counter'] = ++$counter;
$postbit_obj->construct_postbit($post);
$anncids[] = $post['announcementid'];
$announceread[] = "({$post['announcementid']}, " . $vbulletin->userinfo['userid'] . ")";
// FRNR start
$fr_images = array();
$docattach = array();
// Attachments (images).
if (is_array($post['attachments']) && count($post['attachments']) > 0) {
foreach ($post['attachments'] as $attachment) {
$lfilename = strtolower($attachment['filename']);
if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) {
$tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']);
if ($vbulletin->options['attachthumbs']) {
$tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1';
}
$fr_images[] = $tmp;
}
if (strpos($lfilename, '.pdf') !== false) {
$docattach[] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'];
}
}
}
// Parse the post for quotes and inline images
list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $usesmilies, $attachments);
if (count($fr_images) > 0) {
$text .= "<br/>";
foreach ($fr_images as $attachment) {
$text .= "<img src=\"{$attachment['img']}\"/>";
}
}
foreach ($images as $image) {
$fr_images[] = array('img' => $image);
}
// Avatar work
$avatarurl = '';
if ($post['avatarurl']) {
$avatarurl = process_avatarurl($post['avatarurl']);
}
$tmp = array('username' => prepare_utf8_string(strip_tags($post['username'])), 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'text' => $text, 'post_timestamp' => prepare_utf8_string(date_trunc($post['startdate'])), 'fr_images' => $fr_images);
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
$posts_out[] = $tmp;
}
if (!empty($anncids)) {
$db->shutdown_query("\n\t\t\tUPDATE " . TABLE_PREFIX . "announcement\n\t\t\tSET views = views + 1\n\t\t\tWHERE announcementid IN (" . implode(', ', $anncids) . ")\n\t\t");
if ($vbulletin->userinfo['userid']) {
$db->shutdown_query("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "announcementread\n\t\t\t\t\t(announcementid, userid)\n\t\t\t\tVALUES\n\t\t\t\t\t" . implode(', ', $announceread) . "\n\t\t\t");
}
}
if (!is_array($posts_out)) {
$posts_out = array();
}
return array('posts' => $posts_out, 'total_posts' => count($posts_out));
}
public function actionLogin()
{
global $fr_version, $fr_platform;
$vals = $this->_input->filter(array('username' => XenForo_Input::STRING, 'password' => XenForo_Input::STRING, 'md5_password' => XenForo_Input::STRING, 'fr_username' => XenForo_Input::STRING, 'fr_b' => XenForo_Input::UINT, 'token' => XenForo_Input::STRING));
$login_model = $this->_getLoginModel();
$user_model = $this->_getUserModel();
$options = XenForo_Application::get('options');
$navbg = '';
$style = $options->forumrunnerColor;
if ($style) {
// Convert to right style. iPhone needs r,g,b. Android needs #rrggbb.
$color = convert_color($style);
if (is_iphone() && strlen($color) == 7) {
$r = hexdec(substr($color, 1, 2));
$g = hexdec(substr($color, 3, 2));
$b = hexdec(substr($color, 5, 2));
$color = "{$r},{$g},{$b}";
}
$navbg = $color;
}
$authenticated = false;
$requires_authentication = false;
$out = array();
if (!$vals['username'] || !$vals['password'] && !$vals['md5_password']) {
if (!XenForo_Visitor::getInstance()->hasPermission('general', 'view')) {
$requires_authentication = true;
}
$options = XenForo_Application::get('options');
if (!$options->boardActive && !XenForo_Visitor::getInstance()->get('is_admin')) {
$requires_authentication = true;
}
} else {
$user_id = $user_model->validateAuthentication($vals['username'], $vals['password'], $error);
if (!$user_id) {
$login_model->logLoginAttempt($vals['username']);
json_error($error->render(), RV_BAD_PASSWORD);
}
$login_model->clearLoginAttempts($vals['username']);
$user_model->setUserRememberCookie($user_id);
XenForo_Model_Ip::log($user_id, 'user', $user_id, 'login');
XenForo_Application::get('session')->changeUserId($user_id);
XenForo_Visitor::setup($user_id);
$out['username'] = prepare_utf8_string(XenForo_Visitor::getInstance()->get('username'));
$authenticated = true;
}
$out += array('authenticated' => $authenticated, 'v' => $fr_version, 'p' => $fr_platform, 'requires_authentication' => $requires_authentication);
if ($navbg != '') {
$out['navbg'] = $navbg;
}
if (is_iphone() && $options->forumrunnerAdsAdMobPublisherIDiPhone) {
$out['admob'] = $options->forumrunnerAdsAdMobPublisherIDiPhone;
} else {
if (is_android() && $options->forumrunnerAdsAdMobPublisherIDAndroid) {
$out['admob'] = $options->forumrunnerAdsAdMobPublisherIDAndroid;
}
}
if ($options->forumrunnerGoogleAnalyticsID && $options->forumrunnerGoogleAnalyticsID != '') {
$out['gan'] = $options->forumrunnerGoogleAnalyticsID;
}
if ($options->forumrunnerFacebookApplicationID && $options->forumrunnerFacebookApplicationID != '') {
$out['fb'] = $options->forumrunnerFacebookApplicationID;
}
if ($options->forumrunnerRegistration) {
$out['reg'] = true;
}
fr_update_push_user($vals['fr_username'], $vals['fr_b'], $vals['token']);
return $out;
}
function fr_standard_error($error = '')
{
json_error(prepare_utf8_string(strip_tags($error)));
}
public function actionFindNew()
{
$do = $this->_input->filterSingle('do', XenForo_Input::STRING);
$days = $this->_input->filterSingle('days', XenForo_Input::UINT);
$page = max($this->_input->filterSingle('page', XenForo_Input::UINT), 1);
$perpage = $this->_input->filterSingle('perpage', XenForo_Input::UINT);
if (!$perpage) {
$perpage = XenForo_Application::get('options')->discussionsPerPage;
}
$previewtype = $this->_input->filterSingle('previewtype', XenForo_Input::UINT);
if (!$previewtype) {
$previewtype = 2;
}
$thread_model = $this->_getThreadModel();
$search_model = $this->_getSearchModel();
$post_model = $this->getModelFromCache('XenForo_Model_Post');
$user_model = $this->getModelFromCache('XenForo_Model_User');
$node_model = $this->getModelFromCache('XenForo_Model_Node');
$userid = XenForo_Visitor::getUserId();
$options = array('limit' => XenForo_Application::get('options')->maximumSearchResults);
if ($do == 'getdaily') {
if ($days < 0 || $days > 30) {
$days = 3;
}
$search_options = $options + array('order' => 'last_post_date', 'orderDirection' => 'desc');
$threadids = array_keys($thread_model->getThreads(array('last_post_date' => array('>', XenForo_Application::$time - 86400 * $days), 'deleted' => false, 'moderated' => false), $search_options));
$search_type = 'recent-threads';
} else {
$threadids = $thread_model->getUnreadThreadIds($userid, $options);
$search_type = 'new-threads';
}
$exclude = XenForo_Application::get('options')->forumrunnerExcludeForums;
if (!$exclude) {
$exclude = array();
}
$forums = $node_model->getViewableNodeList(null, true);
foreach ($exclude as $remove) {
fr_remove_node_and_children($forums, $remove);
}
$forums = array_keys($forums);
$results = array();
foreach ($threadids as $threadid) {
$thread = $thread_model->getThreadById($threadid);
if (!in_array($thread['node_id'], $forums)) {
continue;
}
$results[] = array(XenForo_Model_Search::CONTENT_TYPE => 'thread', XenForo_Model_Search::CONTENT_ID => $threadid);
}
$results = $search_model->getViewableSearchResults($results);
if (!$results) {
return $this->noResults();
}
$search = $search_model->insertSearch($results, $search_type, '', array(), 'date', false);
$search_id = $search['search_id'];
$resultids = $search_model->sliceSearchResultsToPage($search, $page, $perpage);
$results = $search_model->getSearchResultsForDisplay($resultids);
if (!$results) {
return $this->noResults();
}
$thread_data = array();
$preview_length = XenForo_Application::get('options')->discussionPreviewLength;
foreach ($results['results'] as $result) {
$thread = $result['content'];
$post = $post_model->getPostById($thread[$previewtype == 1 ? 'first_post_id' : 'last_post_id'], array('join' => XenForo_Model_Post::FETCH_USER));
$preview = '';
if ($preview_length) {
$preview = preview_chop(XenForo_Helper_String::bbCodeStrip(XenForo_Helper_String::censorString($post['message']), true), $preview_length);
}
$out = array('thread_id' => $thread['thread_id'], 'new_posts' => $thread['isNew'], 'forum_id' => $thread['node_id'], 'total_posts' => $thread['reply_count'] + 1, 'forum_title' => prepare_utf8_string(strip_tags($thread['node_title'])), 'thread_title' => prepare_utf8_string(XenForo_Helper_String::censorString($thread['title'])), 'post_lastposttime' => prepare_utf8_string(XenForo_Locale::dateTime($thread['last_post_date'], 'absolute')));
if ($previewtype == 1) {
$out['post_username'] = prepare_utf8_string(strip_tags($thread['username']));
$out['post_userid'] = $thread['user_id'];
} else {
$out['post_username'] = prepare_utf8_string(strip_tags($thread['last_post_username']));
$out['post_userid'] = $thread['last_post_user_id'];
}
$user = $user_model->getUserById($out['post_userid']);
if ($user !== false) {
$avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm'));
if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) {
$avatarurl = '';
}
if ($avatarurl != '') {
$out['avatarurl'] = $avatarurl;
}
}
if ($preview != '') {
$out['thread_preview'] = prepare_utf8_string(html_entity_decode($preview));
}
if ($thread['discussion_type'] == 'poll') {
$out['poll'] = true;
}
if ($thread['prefix_id']) {
$phrase = new XenForo_Phrase('thread_prefix_' . $thread['prefix_id']);
$out['prefix'] = prepare_utf8_string(strip_tags($phrase->render(false)));
}
$thread_data[] = $out;
}
$out = array('threads' => $thread_data, 'total_threads' => $search['result_count'], 'searchid' => $search_id);
return $out;
}
private function processSearch(&$search)
{
$vals = $this->_input->filter(array('page' => XenForo_Input::UINT, 'perpage' => XenForo_Input::UINT, 'previewtype' => XenForo_Input::UINT, 'starteronly' => XenForo_Input::UINT));
$vals['page'] = max($vals['page'], 1);
$vals['perpage'] = min(XenForo_Application::get('options')->discussionsPerPage, $vals['perpage']);
if (!$vals['perpage']) {
$vals['perpage'] = XenForo_Application::get('options')->discussionsPerPage;
}
if (!$vals['previewtype']) {
$vals['previewtype'] = 2;
}
if ($vals['starteronly']) {
$vals['previewtype'] = 1;
}
$search_model = $this->_getSearchModel();
$search_id = $search['search_id'];
$resultids = $search_model->sliceSearchResultsToPage($search, $vals['page'], $vals['perpage']);
$results = $search_model->getSearchResultsForDisplay($resultids);
if (!$results) {
return $this->sendError(new XenForo_Phrase('no_results_found'));
}
$post_model = $this->getModelFromCache('XenForo_Model_Post');
$user_model = $this->getModelFromCache('XenForo_Model_User');
$thread_data = array();
$preview_length = XenForo_Application::get('options')->discussionPreviewLength;
foreach ($results['results'] as $result) {
$thread = $result['content'];
$is_post = $result['content_type'] == 'post';
if ($is_post) {
$post = $post_model->getPostById($thread['post_id'], array('join' => XenForo_Model_Post::FETCH_USER));
} else {
$post = $post_model->getPostById($thread[$vals['previewtype'] == 1 ? 'first_post_id' : 'last_post_id'], array('join' => XenForo_Model_Post::FETCH_USER));
}
$preview = '';
if ($preview_length) {
$preview = preview_chop(XenForo_Helper_String::bbCodeStrip(XenForo_Helper_String::censorString($thread['message']), true), $preview_length);
}
$out = array('thread_id' => $thread['thread_id'], 'new_posts' => $thread['isNew'], 'forum_id' => $thread['node_id'], 'total_posts' => $thread['reply_count'] + 1, 'forum_title' => prepare_utf8_string(strip_tags($thread['node_title'])), 'thread_title' => prepare_utf8_string(XenForo_Helper_String::censorString($thread['title'])));
if ($is_post) {
$out += array('post_id' => $thread['post_id'], 'jump_to_post' => 1, 'post_username' => prepare_utf8_string(strip_tags($thread['username'])), 'post_userid' => $thread['user_id'], 'post_lastposttime' => prepare_utf8_string(XenForo_Locale::dateTime($thread['post_date'], 'absolute')));
} else {
if ($vals['previewtype'] == 1) {
$out += array('post_username' => prepare_utf8_string(strip_tags($thread['username'])), 'post_userid' => $thread['user_id']);
} else {
$out += array('post_username' => prepare_utf8_string(strip_tags($thread['last_post_username'])), 'post_userid' => $thread['last_post_user_id']);
}
$out['post_lastposttime'] = prepare_utf8_string(XenForo_Locale::dateTime($thread['last_post_date'], 'absolute'));
}
$user = $user_model->getUserById($out['post_userid']);
if ($user !== false) {
$avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm'));
if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) {
$avatarurl = '';
}
if ($avatarurl != '') {
$out['avatarurl'] = $avatarurl;
}
}
if ($preview != '') {
$out['thread_preview'] = prepare_utf8_string(html_entity_decode($preview));
}
if ($thread['discussion_type'] == 'poll') {
$out['poll'] = true;
}
if ($thread['prefix_id']) {
$phrase = new XenForo_Phrase('thread_prefix_' . $thread['prefix_id']);
$out['prefix'] = prepare_utf8_string(strip_tags($phrase->render(false)));
}
$thread_data[] = $out;
}
$out = array('threads' => $thread_data, 'total_threads' => $search['result_count'], 'searchid' => $search_id);
return $out;
}
public function actionGetProfile()
{
$visitor = XenForo_Visitor::getInstance();
$permissions = $visitor->getPermissions();
$session_model = $this->getModelFromCache('XenForo_Model_Session');
$userid = $this->_input->filterSingle('userid', XenForo_Input::UINT);
if (!$userid) {
$userid = XenForo_Visitor::getUserId();
}
try {
$user = $this->getHelper('UserProfile')->assertUserProfileValidAndViewable($userid, array('join' => XenForo_Model_User::FETCH_LAST_ACTIVITY));
} catch (Exception $e) {
json_error($e->getControllerResponse()->errorText->render());
}
$online_info = $session_model->getSessionActivityRecords(array('user_id' => $user['user_id'], 'cutOff' => array('>', $session_model->getOnlineStatusTimeout())));
$is_online = false;
if (count($online_info) == 1) {
$is_online = true;
}
$posts = $user['message_count'];
$joindate = prepare_utf8_string(XenForo_Locale::date($user['register_date'], 'absolute'));
$out = array('username' => prepare_utf8_string(strip_tags($user['username'])), 'posts' => $posts, 'joindate' => $joindate, 'online' => $is_online, 'avatar_upload' => $visitor->canUploadAvatar());
$maxFileSize = XenForo_Permission::hasPermission($permissions, 'avatar', 'maxFileSize');
if ($maxFileSize > 0) {
$out['avatar_resize'] = true;
}
$avatarurl = process_avatarurl(XenForo_Template_Helper_Core::getAvatarUrl($user, 'm'));
if (strpos($avatarurl, '/xenforo/avatars/avatar_') !== false) {
$avatarurl = '';
}
if ($avatarurl != '') {
$out['avatarurl'] = $avatarurl;
}
if ($visitor->hasAdminPermission('ban')) {
$out['ban'] = true;
}
// New Profile Fields
$groups = array();
// About
$out_group = array('name' => 'about', 'values' => array(array('name' => prepare_utf8_string(fr_get_phrase('messages')), 'value' => strval($posts)), array('name' => prepare_utf8_string(fr_get_phrase('joined')), 'value' => $joindate), array('name' => prepare_utf8_string(fr_get_phrase('likes_received')), 'value' => strval($user['like_count']))));
$groups[] = $out_group;
// Additional information
$out_group = array('name' => 'additional');
// Status
if (!empty($user['status'])) {
$out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('status')), 'value' => prepare_utf8_string($user['status']));
}
// Location
if (!empty($user['location'])) {
$out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('location')), 'value' => prepare_utf8_string($user['location']));
}
// Occupation
if (!empty($user['occupation'])) {
$out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('occupation')), 'value' => prepare_utf8_string($user['occupation']));
}
// About
if (!empty($user['about'])) {
$out_group['values'][] = array('name' => prepare_utf8_string(fr_get_phrase('about')), 'value' => prepare_utf8_string(remove_bbcode($user['about'], true, true)));
}
if (count($out_group['values'])) {
$groups[] = $out_group;
}
$out['groups'] = $groups;
return $out;
}
function do_get_photos()
{
global $vbulletin, $db, $show, $vbphrase, $foruminfo, $userinfo, $albuminfo, $session, $contenttypeid;
if (empty($albuminfo)) {
standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink']));
}
if ($vbulletin->GPC['addgroup'] and $albuminfo['userid'] != $vbulletin->userinfo['userid']) {
print_no_permission();
}
($hook = vBulletinHook::fetch_hook('album_album')) ? eval($hook) : false;
$perpage = 999999;
$vbulletin->GPC['pagenumber'] = 1;
$input_pagenumber = $vbulletin->GPC['pagenumber'];
if (can_moderate(0, 'canmoderatepictures') or $albuminfo['userid'] == $vbulletin->userinfo['userid']) {
$totalpictures = $albuminfo['visible'] + $albuminfo['moderation'];
} else {
$totalpictures = $albuminfo['visible'];
}
$total_pages = max(ceil($totalpictures / $perpage), 1);
// 0 pictures still needs an empty page
$pagenumber = $vbulletin->GPC['pagenumber'] > $total_pages ? $total_pages : $vbulletin->GPC['pagenumber'];
$start = ($pagenumber - 1) * $perpage;
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('album_album_query')) ? eval($hook) : false;
$pictures = $db->query_read("\n SELECT\n a.attachmentid, a.userid, a.caption, a.dateline, a.state,\n fd.filesize, IF(fd.thumbnail_filesize > 0, 1, 0) AS hasthumbnail, fd.thumbnail_dateline, fd.thumbnail_width, fd.thumbnail_height\n {$hook_query_fields}\n FROM " . TABLE_PREFIX . "attachment AS a\n INNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (fd.filedataid = a.filedataid)\n {$hook_query_joins}\n WHERE\n a.contentid = {$albuminfo['albumid']}\n AND\n a.contenttypeid = " . intval($contenttypeid) . "\n " . ((!can_moderate(0, 'canmoderatepictures') and $albuminfo['userid'] != $vbulletin->userinfo['userid']) ? "AND a.state = 'visible'" : "") . "\n {$hook_query_where}\n ORDER BY a.dateline DESC\n LIMIT {$start}, {$perpage}\n ");
// work out the effective picturebit height/width including any borders and paddings; the +4 works around an IE float issue
$picturebit_height = $vbulletin->options['album_thumbsize'] + (($usercss ? 0 : $stylevar['cellspacing']) + $stylevar['cellpadding']) * 2 + 4;
$picturebit_width = $vbulletin->options['album_thumbsize'] + (($usercss ? 0 : $stylevar['cellspacing']) + $stylevar['cellpadding']) * 2;
$out_photos = array();
$picnum = 0;
while ($picture = $db->fetch_array($pictures)) {
$picture = prepare_pictureinfo_thumb($picture, $albuminfo);
if ($picnum % $vbulletin->options['album_pictures_perpage'] == 0) {
$show['page_anchor'] = true;
$page_anchor = $picnum / $vbulletin->options['album_pictures_perpage'] + 1;
} else {
$show['page_anchor'] = false;
}
$picnum++;
if ($picture['state'] != 'visible') {
continue;
}
($hook = vBulletinHook::fetch_hook('album_album_picturebit')) ? eval($hook) : false;
$photo_url = "attachment.php?{$session[sessionurl]}attachmentid={$picture['attachmentid']}";
$out_photos[] = array('photoid' => $picture['attachmentid'], 'userid' => $picture['userid'], 'caption' => prepare_utf8_string(strip_tags(fetch_censored_text($picture['caption']))), 'photo_date' => prepare_utf8_string($picture['date'] . ' ' . $picture['time']), 'photo_url' => fr_fix_url($photo_url), 'thumb_url' => fr_fix_url($photo_url . '&thumb=1'));
}
$show['add_picture_option'] = ($userinfo['userid'] == $vbulletin->userinfo['userid'] and fetch_count_overage($userinfo['userid'], $albuminfo[albumid], $vbulletin->userinfo['permissions']['albummaxpics']) <= 0 and (!$vbulletin->options['album_maxpicsperalbum'] or $totalpictures - $vbulletin->options['album_maxpicsperalbum'] < 0));
if ($albuminfo['state'] == 'private') {
$show['personalalbum'] = true;
$albumtype = $vbphrase['private_album_paren'];
} else {
if ($albuminfo['state'] == 'profile') {
$show['personalalbum'] = true;
$albumtype = $vbphrase['profile_album_paren'];
}
}
$out = array('photos' => $out_photos, 'total_photos' => $totalpictures, 'can_add_photo' => $show['add_picture_option'] ? true : false);
return $out;
}
function do_get_subscriptions()
{
global $vbulletin, $db, $show, $vbphrase, $permissions, $subscribecounters;
$vbulletin->options['threadpreview'] = FR_PREVIEW_LEN;
if (!$vbulletin->userinfo['userid']) {
json_error(ERR_NO_PERMISSION);
}
if (!$vbulletin->userinfo['userid'] and $_REQUEST['do'] != 'removesubscription' or $vbulletin->userinfo['userid'] and !($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or $vbulletin->userinfo['usergroupid'] == 4 or !($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'])) {
json_error(ERR_NO_PERMISSION);
}
$thread_data = array();
$unread_subs = 0;
// vbulletin expects folderid, but we will just get them all
$vbulletin->input->clean_array_gpc('r', array('folderid' => TYPE_NOHTML, 'perpage' => TYPE_UINT, 'pagenumber' => TYPE_UINT, 'sortfield' => TYPE_NOHTML, 'sortorder' => TYPE_NOHTML, 'previewtype' => TYPE_INT));
$previewtype = $vbulletin->GPC['previewtype'];
if (!$previewtype) {
$previewtype = 1;
}
$vbulletin->GPC['folderid'] = 'all';
// Values that are reused in templates
$sortfield =& $vbulletin->GPC['sortfield'];
$perpage =& $vbulletin->GPC['perpage'];
$pagenumber =& $vbulletin->GPC['pagenumber'];
$folderid =& $vbulletin->GPC['folderid'];
if ($folderid == 'all') {
$getallfolders = true;
$show['allfolders'] = true;
} else {
$folderid = intval($folderid);
}
$folderselect["{$folderid}"] = 'selected="selected"';
// Build folder jump
require_once DIR . '/includes/functions_misc.php';
$folders = construct_folder_jump(1, $folderid, false, '', true);
$templater = vB_Template::create('subscribe_folder_jump');
$templater->register('folders', $folders);
$folderjump = $templater->render();
// look at sorting options:
if ($vbulletin->GPC['sortorder'] != 'asc') {
$vbulletin->GPC['sortorder'] = 'desc';
$sqlsortorder = 'DESC';
$order = array('desc' => 'selected="selected"');
} else {
$sqlsortorder = '';
$order = array('asc' => 'selected="selected"');
}
switch ($sortfield) {
case 'title':
case 'lastpost':
case 'replycount':
case 'views':
case 'postusername':
$sqlsortfield = 'thread.' . $sortfield;
break;
default:
$handled = false;
if (!$handled) {
$sqlsortfield = 'thread.lastpost';
$sortfield = 'lastpost';
}
}
$sort = array($sortfield => 'selected="selected"');
if ($getallfolders) {
$totalallthreads = array_sum($subscribecounters);
} else {
$totalallthreads = $subscribecounters["{$folderid}"];
}
// set defaults
sanitize_pageresults($totalallthreads, $pagenumber, $perpage, 200, $vbulletin->options['maxthreads']);
// display threads
$limitlower = ($pagenumber - 1) * $perpage + 1;
$limitupper = $pagenumber * $perpage;
if ($limitupper > $totalallthreads) {
$limitupper = $totalallthreads;
if ($limitlower > $totalallthreads) {
$limitlower = $totalallthreads - $perpage;
}
}
if ($limitlower <= 0) {
$limitlower = 1;
}
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
$getthreads = $db->query_read_slave("\n\t\tSELECT thread.threadid, emailupdate, subscribethreadid, thread.forumid, thread.postuserid\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "subscribethread AS subscribethread\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON(thread.threadid = subscribethread.threadid)\n\t\t{$hook_query_joins}\n\t\tWHERE subscribethread.userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\tAND thread.visible = 1\n\t\t\tAND canview = 1\n\t\t" . iif(!$getallfolders, "\tAND folderid = {$folderid}") . "\n\t\t\t{$hook_query_where}\n\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\tLIMIT " . ($limitlower - 1) . ", {$perpage}\n\t");
if ($totalthreads = $db->num_rows($getthreads)) {
$forumids = array();
$threadids = array();
$emailupdate = array();
$killthreads = array();
while ($getthread = $db->fetch_array($getthreads)) {
$forumperms = fetch_permissions($getthread['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or $getthread['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) {
$killthreads["{$getthread['subscribethreadid']}"] = $getthread['subscribethreadid'];
$totalallthreads--;
continue;
}
$forumids["{$getthread['forumid']}"] = true;
$threadids[] = $getthread['threadid'];
$emailupdate["{$getthread['threadid']}"] = $getthread['emailupdate'];
$subscribethread["{$getthread['threadid']}"] = $getthread['subscribethreadid'];
}
$threadids = implode(',', $threadids);
}
unset($getthread);
$db->free_result($getthreads);
if (!empty($killthreads)) {
// Update thread subscriptions
$vbulletin->db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "subscribethread\n\t\t\tSET canview = 0\n\t\t\tWHERE subscribethreadid IN (" . implode(', ', $killthreads) . ")\n\t\t");
}
if (!empty($threadids)) {
cache_ordered_forums(1);
$colspan = 5;
$show['threadicons'] = false;
// get last read info for each thread
$lastread = array();
foreach (array_keys($forumids) as $forumid) {
if ($vbulletin->options['threadmarking']) {
$lastread["{$forumid}"] = max($vbulletin->forumcache["{$forumid}"]['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400);
} else {
$lastread["{$forumid}"] = max(intval(fetch_bbarray_cookie('forum_view', $forumid)), $vbulletin->userinfo['lastvisit']);
}
if ($vbulletin->forumcache["{$forumid}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons']) {
$show['threadicons'] = true;
$colspan = 6;
}
}
if ($previewtype == 1) {
$previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,";
$previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.firstpostid)";
} else {
$previewfield = "post.pagetext AS preview, post.username AS lastpost_username, post.userid AS lastpost_userid,";
$previewjoin = "LEFT JOIN " . TABLE_PREFIX . "post AS post ON(post.postid = thread.lastpostid)";
}
$hasthreads = true;
$threadbits = '';
$pagenav = '';
$counter = 0;
$toread = 0;
$vbulletin->options['showvotes'] = intval($vbulletin->options['showvotes']);
if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) {
$lastpost_info = "IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost, " . "IF(tachythreadpost.userid IS NULL, thread.lastposter, tachythreadpost.lastposter) AS lastposter, " . "IF(tachythreadpost.userid IS NULL, thread.lastposterid, tachythreadpost.lastposterid) AS lastposterid, " . "IF(tachythreadpost.userid IS NULL, thread.lastpostid, tachythreadpost.lastpostid) AS lastpostid";
$tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ')';
} else {
$lastpost_info = 'thread.lastpost, thread.lastposter, thread.lastposterid, thread.lastpostid';
$tachyjoin = '';
}
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
$threads = $db->query_read_slave("\n\t\t\tSELECT\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . ", thread.votenum, 0) AS votenum,\n\t\t\t\tIF(thread.votenum >= " . $vbulletin->options['showvotes'] . " AND thread.votenum > 0, thread.votetotal / thread.votenum, 0) AS voteavg,\n\t\t\t\tthread.votetotal,\n\t\t\t\t{$previewfield} thread.threadid, thread.title AS threadtitle, thread.forumid, thread.pollid,\n\t\t\t\tthread.open, thread.replycount, thread.postusername, thread.prefixid,\n\t\t\t\t{$lastpost_info}, thread.postuserid, thread.dateline, thread.views, thread.iconid AS threadiconid,\n\t\t\t\tthread.notes, thread.visible, thread.attach, thread.taglist\n\t\t\t\t" . ($vbulletin->options['threadmarking'] ? ", threadread.readtime AS threadread" : '') . "\n\t\t\t\t{$hook_query_fields}\n\t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t\t{$previewjoin}\n\t\t\t" . ($vbulletin->options['threadmarking'] ? " LEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")" : '') . "\n\t\t\t{$tachyjoin}\n\t\t\t{$hook_query_joins}\n\t\t\tWHERE thread.threadid IN ({$threadids})\n\t\t\tORDER BY {$sqlsortfield} {$sqlsortorder}\n\t\t");
unset($sqlsortfield, $sqlsortorder);
require_once DIR . '/includes/functions_forumdisplay.php';
// Get Dot Threads
$dotthreads = fetch_dot_threads_array($threadids);
if ($vbulletin->options['showdots'] and $vbulletin->userinfo['userid']) {
$show['dotthreads'] = true;
} else {
$show['dotthreads'] = false;
}
if ($vbulletin->options['threadpreview'] and $vbulletin->userinfo['ignorelist']) {
// Get Buddy List
$buddy = array();
if (trim($vbulletin->userinfo['buddylist'])) {
$buddylist = preg_split('/( )+/', trim($vbulletin->userinfo['buddylist']), -1, PREG_SPLIT_NO_EMPTY);
foreach ($buddylist as $buddyuserid) {
$buddy["{$buddyuserid}"] = 1;
}
}
DEVDEBUG('buddies: ' . implode(', ', array_keys($buddy)));
// Get Ignore Users
$ignore = array();
if (trim($vbulletin->userinfo['ignorelist'])) {
$ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY);
foreach ($ignorelist as $ignoreuserid) {
if (!$buddy["{$ignoreuserid}"]) {
$ignore["{$ignoreuserid}"] = 1;
}
}
}
DEVDEBUG('ignored users: ' . implode(', ', array_keys($ignore)));
}
$foruminfo['allowratings'] = true;
$show['notificationtype'] = true;
$show['threadratings'] = true;
$show['threadrating'] = true;
while ($thread = $db->fetch_array($threads)) {
$threadid = $thread['threadid'];
// build thread data
$thread = process_thread_array($thread, $lastread["{$thread['forumid']}"]);
switch ($emailupdate["{$thread['threadid']}"]) {
case 0:
$thread['notification'] = $vbphrase['none'];
break;
case 1:
$thread['notification'] = $vbphrase['instant'];
break;
case 2:
$thread['notification'] = $vbphrase['daily'];
break;
case 3:
$thread['notification'] = $vbphrase['weekly'];
break;
default:
$thread['notification'] = $vbphrase['n_a'];
}
$avatarurl = '';
if ($thread['lastpost_userid'] > 0) {
$userinfoavatar = fetch_userinfo($thread['lastpost_userid'], FETCH_USERINFO_AVATAR);
fetch_avatar_from_userinfo($userinfoavatar, true, false);
if ($userinfoavatar['avatarurl'] != '') {
$avatarurl = process_avatarurl($userinfoavatar['avatarurl']);
}
unset($userinfoavatar);
}
$tmp = array('thread_id' => $thread['threadid'], 'new_posts' => $show['gotonewpost'] ? true : false, 'forum_id' => $thread['forumid'], 'total_posts' => $thread['totalposts'] ? $thread['totalposts'] : 0, 'forum_title' => prepare_utf8_string($thread['forumtitle']), 'thread_title' => prepare_utf8_string($thread['threadtitle']), 'thread_preview' => prepare_utf8_string(preview_chop(html_entity_decode($thread['preview']), FR_PREVIEW_LEN)), 'post_userid' => $thread['lastpost_userid'], 'post_lastposttime' => prepare_utf8_string(date_trunc($thread['lastpostdate']) . ' ' . $thread['lastposttime']), 'post_username' => prepare_utf8_string(strip_tags($thread['lastpost_username'])));
if ($avatarurl != '') {
$tmp['avatarurl'] = $avatarurl;
}
if ($thread['attach']) {
$tmp['attach'] = true;
}
if ($thread['pollid']) {
$tmp['poll'] = true;
}
$thread_data[] = $tmp;
}
$db->free_result($threads);
unset($threadids);
} else {
$totalallthreads = 0;
}
$out = array('threads' => $thread_data, 'total_threads' => $totalallthreads);
return $out;
}
function do_online()
{
global $vbulletin, $db;
$showmembers = true;
$showguests = true;
$showspiders = true;
$datecut = TIMENOW - $vbulletin->options['cookietimeout'];
$wol_event = array();
$wol_pm = array();
$wol_calendar = array();
$wol_user = array();
$wol_forum = array();
$wol_link = array();
$wol_thread = array();
$wol_post = array();
$sqlsort = 'user.username';
$sortfield = 'username';
$hook_query_fields = $hook_query_joins = $hook_query_where = '';
($hook = vBulletinHook::fetch_hook('online_query')) ? eval($hook) : false;
$allusers = $db->query_read_slave("\n\tSELECT\n\t user.username, session.useragent, session.location, session.lastactivity, user.userid, user.options, session.host, session.badlocation, session.incalendar, user.aim, user.icq, user.msn, user.yahoo, user.skype,\n\t IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n\t{$hook_query_fields}\n\tFROM " . TABLE_PREFIX . "session AS session\n\t" . iif($vbulletin->options['WOLguests'], " LEFT JOIN " . TABLE_PREFIX . "user AS user USING (userid) ", ", " . TABLE_PREFIX . "user AS user") . "\n\t{$hook_query_joins}\n\tWHERE session.lastactivity > {$datecut}\n\t" . iif(!$vbulletin->options['WOLguests'], " AND session.userid = user.userid", "") . "\n\t{$hook_query_where}\n\tORDER BY {$sqlsort} {$sortorder}\n ");
require_once DIR . '/includes/class_postbit.php';
while ($users = $db->fetch_array($allusers)) {
if ($users['userid']) {
// Reg'd Member
if (!$showmembers) {
continue;
}
$users = array_merge($users, convert_bits_to_array($users['options'], $vbulletin->bf_misc_useroptions));
$key = $users['userid'];
if ($key == $vbulletin->userinfo['userid']) {
// in case this is the first view for the user, fake it that show up to themself
$foundviewer = true;
}
if (empty($userinfo["{$key}"]['lastactivity']) or $userinfo["{$key}"]['lastactivity'] < $users['lastactivity']) {
unset($userinfo["{$key}"]);
// need this to sort by lastactivity
$userinfo["{$key}"] = $users;
fetch_musername($users);
$userinfo["{$key}"]['musername'] = $users['musername'];
$userinfo["{$key}"]['useragent'] = htmlspecialchars_uni($users['useragent']);
$userinfoavatar = fetch_userinfo($key, FETCH_USERINFO_AVATAR);
fetch_avatar_from_userinfo($userinfoavatar, true, false);
if ($userinfoavatar['avatarurl'] != '') {
$userinfo["{$key}"]['avatarurl'] = process_avatarurl($userinfoavatar['avatarurl']);
}
unset($userinfoavatar);
if ($users['invisible']) {
if ($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehidden'] or $key == $vbulletin->userinfo['userid']) {
$userinfo["{$key}"]['hidden'] = '*';
$userinfo["{$key}"]['invisible'] = 0;
}
}
if ($vbulletin->options['WOLresolve'] and $permissions['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlineip']) {
$userinfo["{$key}"]['host'] = @gethostbyaddr($users['host']);
}
$userinfo["{$key}"]['buddy'] = $buddy["{$key}"];
}
} else {
// Guest or Spider..
$spider = '';
if ($vbulletin->options['enablespiders'] and !empty($vbulletin->wol_spiders)) {
if (preg_match('#(' . $vbulletin->wol_spiders['spiderstring'] . ')#si', $users['useragent'], $agent)) {
$agent = strtolower($agent[1]);
// Check ip address
if (!empty($vbulletin->wol_spiders['agents']["{$agent}"]['lookup'])) {
$ourip = ip2long($users['host']);
foreach ($vbulletin->wol_spiders['agents']["{$agent}"]['lookup'] as $key => $ip) {
if ($ip['startip'] and $ip['endip']) {
if ($ourip >= $ip['startip'] and $ourip <= $ip['endip']) {
$spider = $vbulletin->wol_spiders['agents']["{$agent}"];
break;
}
} else {
if ($ip['startip'] == $ourip) {
$spider = $vbulletin->wol_spiders['agents']["{$agent}"];
break;
}
}
}
} else {
$spider = $vbulletin->wol_spiders['agents']["{$agent}"];
}
}
}
if ($spider) {
if (!$showspiders) {
continue;
}
$guests["{$count}"] = $users;
$guests["{$count}"]['spider'] = $spider['name'];
$guests["{$count}"]['spidertype'] = $spider['type'];
} else {
if (!$showguests) {
continue;
}
$guests["{$count}"] = $users;
}
$guests["{$count}"]['username'] = $vbphrase['guest'];
$guests["{$count}"]['invisible'] = 0;
$guests["{$count}"]['displaygroupid'] = 1;
fetch_musername($guests["{$count}"]);
if ($vbulletin->options['WOLresolve'] and $permissions['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlineip']) {
$guests["{$count}"]['host'] = @gethostbyaddr($users['host']);
}
$guests["{$count}"]['count'] = $count + 1;
$guests["{$count}"]['useragent'] = htmlspecialchars_uni($users['useragent']);
$count++;
($hook = vBulletinHook::fetch_hook('online_user')) ? eval($hook) : false;
}
}
$online_users = array();
if (is_array($userinfo)) {
foreach ($userinfo as $userid => $user) {
if ($user['invisible']) {
continue;
}
$tmp = array('userid' => $userid, 'username' => prepare_utf8_string(strip_tags($user['username'])));
if ($user['userid'] == $vbulletin->userinfo['userid']) {
$tmp['me'] = true;
}
if ($user['avatarurl'] != '') {
$tmp['avatarurl'] = $user['avatarurl'];
}
$online_users[] = $tmp;
}
}
$numguests = 0;
if (is_array($guests)) {
$numguests = count($guests);
}
return array('users' => $online_users, 'num_guests' => $numguests);
}
