protected function getNewRouteInfo()
{
$arguments =& $this->arguments;
$param =& $this->queryParameters;
$keys = array_keys($param);
$idkey = array('t', 'threadid');
if (empty($param['do'])) {
$param['do'] = 'showsmilies';
}
switch ($param['do']) {
case 'bbcode':
$this->anchor = 'bbcode_reference/bbcode_why';
return 'help';
case 'showrules':
$this->anchor = 'community_overview/general_tos';
return 'help';
case 'showsmilies':
$this->anchor = 'bbcode_reference/bbcode_smilies';
return 'help';
case 'whoposted':
if ($set = array_intersect($keys, $idkey) and $pid = intval($param[reset($set)])) {
$oldid = $pid;
$oldcontenttypeid = vB_Types::instance()->getContentTypeID(array('package' => 'vBForum', 'class' => 'Thread'));
$node = vB::getDbAssertor()->getRow('vBForum:node', array('oldid' => $oldid, 'oldcontenttypeid' => $oldcontenttypeid));
if (!empty($node)) {
$arguments['nodeid'] = $node['nodeid'];
return $node['routeid'];
}
}
default:
throw new vB_Exception_404('invalid_page');
}
}
public function createSession($userid = 1)
{
//$this->session = vB_Session_Web::getSession(1);
$this->session = new vB_Session_Cli(vB::getDbAssertor(), vB::getDatastore(), vB::getConfig(), $userid);
vB::setCurrentSession($this->session);
$this->timeNow = time();
}
public function get_admin_detail_chat()
{
global $vbulletin;
// Get the settings options and the user's info
$options = vB::getDatastore()->getValue('options');
$userinfo = vB::getCurrentSession()->fetch_userinfo();
// Api Key and Secret
$api = $options['chat_cat_messenger_api'];
$secret = $options['chat_cat_messenger_secret'];
$login_url = $options['chat_cat_messenger_login_url'];
$register_url = $options['chat_cat_messenger_register_url'];
$primary_domain = $options['chat_cat_messenger_primary_url'];
// echo $primary_domain;
// die();
// User info
$uname = $userinfo['username'];
$uid = $userinfo['userid'];
$desc = $userinfo['field1'];
$src = '';
$home = $options['bburl'] . '/member/' . $uid;
//echo $home;die;
$location = $userinfo['field2'];
$bod = $userinfo['birthday'];
if (!empty($bod)) {
$year = explode("-", $bod);
$bod = $year['2'];
}
$profilepic = $vbulletin->db->query_first("\n\t\t\tSELECT userid, dateline, height, width\n\t\t\tFROM " . TABLE_PREFIX . "customavatar\n\t\t\tWHERE userid = " . $uid);
if ($profilepic['dateline']) {
$img = $options['bburl'] . '/image.php?userid=' . $uid . '&thumb=1&dateline=' . $profilepic[dateline] . '&type=avtar';
} else {
$img = null;
}
$src = urlencode($img);
$home = urlencode($home);
//$src = urldecode($img);
$chatdata = array();
$chatdata['sinonurl'] = '';
if (isset($api) && $api != '') {
$chatdata['sinonurl'] = '/ajaxchat.php?uid=' . $uid . '&api=' . $api . '&secret=' . $secret . '&uname=' . $uname . '&desc=' . $desc . '&src=' . $src . '&home=' . $home . '&birthday=' . $bod . '&location=' . $location;
}
$chatdata['primaryurl'] = $primary_domain;
if ($login_url != '') {
$chatdata['loginurl'] = $login_url;
if (!preg_match("@^[hf]tt?ps?://@", $chatdata['loginurl'])) {
$chatdata['loginurl'] = "http://" . $chatdata['loginurl'];
}
} else {
$chatdata['loginurl'] = '';
}
if ($register_url != '') {
$chatdata['registerurl'] = $register_url;
if (!preg_match("@^[hf]tt?ps?://@", $chatdata['registerurl'])) {
$chatdata['registerurl'] = "http://" . $chatdata['registerurl'];
}
} else {
$chatdata['registerurl'] = $options['frontendurl'] . '/register';
}
return $chatdata;
}
public function __construct(&$routeInfo, &$matches, &$queryString = '')
{
if (isset($matches['params']) and !empty($matches['params'])) {
$paramString = strpos($matches['params'], '/') === 0 ? substr($matches['params'], 1) : $matches['params'];
$params = explode('/', $paramString);
if (count($params) >= 2) {
$this->pagenum = $params[1];
$this->folderid = $params[0];
} else {
if (!empty($params)) {
$this->pagenum = $params[1];
}
}
}
if (!empty($matches['pagenum']) and intval($matches['pagenum'])) {
$this->pagenum = $matches['pagenum'];
}
if (!empty($matches['folderid']) and intval($matches['folderid'])) {
$this->folderid = $matches['folderid'];
}
$routeInfo['arguments']['subtemplate'] = $this->subtemplate;
$userid = vB::getCurrentSession()->get('userid');
$pmquota = vB::getUserContext($userid)->getLimit('pmquota');
$vboptions = vB::getDatastore($userid)->getValue('options');
$canUsePmSystem = ($vboptions['enablepms'] and $pmquota);
if (!$canUsePmSystem and !$this->overrideDisable) {
throw new vB_Exception_NodePermission('privatemessage');
}
}
public function __construct(&$config, &$db_assertor)
{
parent::__construct($config, $db_assertor);
if (defined('SKIP_DEFAULTDATASTORE')) {
$this->cacheableitems = array('options', 'bitfields');
}
//this define is only used in this file so move it here.
$vb5_config =& vB::getConfig();
if (!empty($vb5_config['Misc']['datastorepath'])) {
$this->datastoreLocation = $vb5_config['Misc']['datastorepath'];
return;
}
//It's cool if the user can set this in fileSystem cache and let this pick it up.
if (!empty($vb5_config['Cache']['fileCachePath']) and file_exists($vb5_config['Cache']['fileCachePath']) and is_dir($vb5_config['Cache']['fileCachePath'])) {
$path = $vb5_config['Cache']['fileCachePath'] . '/datastore';
if (!file_exists($path)) {
mkdir($path);
file_put_contents($path . '/index.html', '');
}
if (is_dir($path)) {
if (!file_exists($path . '/datastore_cache.php') and file_exists(DIR . '/includes/datastore/datastore_cache.php')) {
copy(DIR . '/includes/datastore/datastore_cache.php', $path . '/datastore_cache.php');
}
if (!file_exists($path . 'datastore_cache.php')) {
$this->datastoreLocation = $path;
}
return;
}
}
$this->datastoreLocation = DIR . '/includes/datastore';
}
/**
* This function updates specified settings
* @param array $values
* 'varname' => $vbulletin->GPC['varname'],
* 'grouptitle' => $vbulletin->GPC['grouptitle'],
* 'optioncode' => $vbulletin->GPC['optioncode'],
* 'defaultvalue' => $vbulletin->GPC['defaultvalue'],
* 'displayorder' => $vbulletin->GPC['displayorder'],
* 'volatile' => $vbulletin->GPC['volatile'],
* 'datatype' => $vbulletin->GPC['datatype'],
* 'validationcode' => $vbulletin->GPC['validationcode'],
* 'product' => $vbulletin->GPC['product'],
* 'blacklist' => $vbulletin->GPC['blacklist'],
* 'title' => $vbulletin->GPC['title'],
* 'username' => $vbulletin->userinfo['username'],
* 'description' => $vbulletin->GPC['description']
* @return array, $response
*/
public function updateSetting($values)
{
require_once DIR . '/includes/class_xml.php';
require_once DIR . '/includes/functions_file.php';
require_once DIR . '/includes/adminfunctions_options.php';
require_once DIR . '/includes/adminfunctions.php';
$response = array();
$langid = $values['volatile'] ? -1 : 0;
if (defined('DEV_AUTOEXPORT') and DEV_AUTOEXPORT) {
$old_setting = vB::getDbAssertor()->getRow('setting', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, 'varname' => $values['varname']));
}
vB::getDbAssertor()->assertQuery('setting', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE, 'grouptitle' => $values['grouptitle'], 'optioncode' => $values['optioncode'], 'defaultvalue' => $values['defaultvalue'], 'displayorder' => $values['displayorder'], 'volatile' => $values['volatile'], 'datatype' => $values['datatype'], 'validationcode' => $values['validationcode'], 'product' => $values['product'], 'blacklist' => $values['blacklist'], 'ispublic' => $values['ispublic'], 'adminperm' => isset($values['adminperm']) ? $values['adminperm'] : '', vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'varname', 'value' => $values['varname'], 'operator' => vB_dB_Query::OPERATOR_EQ))));
$phrases = vB::getDbAssertor()->assertQuery('vBForum:phrase', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, 'languageid' => array(-1, 0), 'fieldname' => 'vbsettings', 'varname' => array("setting_" . $values['varname'] . "_title", "setting_" . $values['varname'] . "_desc")));
$full_product_info = fetch_product_list(true);
$product_version = $full_product_info[$values['product']]['version'];
if ($phrases and $phrases->valid()) {
foreach ($phrases as $phrase) {
if ($phrase['varname'] == "setting_" . $values['varname'] . "_title") {
vB::getDbAssertor()->assertQuery('vBForum:phrase', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE, 'languageid' => $langid, 'text' => $values['title'], 'product' => $values['product'], 'username' => $values['username'], 'dateline' => TIMENOW, 'version' => $product_version, vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'languageid', 'value' => $phrase['languageid'], 'operator' => vB_dB_Query::OPERATOR_EQ), array('field' => 'varname', 'value' => "setting_" . $values['varname'] . "_title", 'operator' => vB_dB_Query::OPERATOR_EQ))));
} else {
if ($phrase['varname'] == "setting_" . $values['varname'] . "_desc") {
vB::getDbAssertor()->assertQuery('vBForum:phrase', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE, 'languageid' => $langid, 'text' => $values['description'], 'product' => $values['product'], 'username' => $values['username'], 'dateline' => TIMENOW, 'version' => $product_version, vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'languageid', 'value' => $phrase['languageid'], 'operator' => vB_dB_Query::OPERATOR_EQ), array('field' => 'varname', 'value' => "setting_" . $values['varname'] . "_desc", 'operator' => vB_dB_Query::OPERATOR_EQ))));
}
}
}
}
vB::getDatastore()->build_options();
$response['update'] = true;
return $response;
}
protected function buildOutputFromItems($items, $options)
{
parent::buildOutputFromItems($items, $options);
$xml = new vB_Xml_Builder();
$xml->add_group('rss', array('version' => '0.91'));
$xml->add_group('channel');
$xml->add_tag('title', $this->rssinfo['title']);
$xml->add_tag('link', $this->rssinfo['link'] . '/', array(), false, true);
$xml->add_tag('description', $this->rssinfo['description']);
$xml->add_tag('language', $this->defaultLang['languagecode']);
$xml->add_group('image');
$xml->add_tag('url', $this->rssinfo['icon']);
$xml->add_tag('title', $this->rssinfo['title']);
$xml->add_tag('link', $this->rssinfo['link'] . '/', array(), false, true);
$xml->close_group('image');
$dateformat = vB::getDatastore()->getOption('dateformat');
$timeformat = vB::getDatastore()->getOption('timeformat');
// gather channel info
$channelsInfo = $this->getItemsChannelInfo($items);
$items = $this->formatItems($items, $options);
foreach ($items as $id => $item) {
$item = $item['content'];
$xml->add_group('item');
$xml->add_tag('title', $item['external_prefix_plain'] . vB_String::htmlSpecialCharsUni($item['external_title']));
$xml->add_tag('link', vB_Api::instanceInternal('route')->getAbsoluteNodeUrl($item['external_nodeid']), array(), false, true);
$xml->add_tag('description', vB_Phrase::fetchSinglePhrase('rss_91_forum_w_posted_by_x_post_time_y_at_z', array($channelsInfo[$item['channelid']]['htmltitle'], $item['authorname'], $this->callvBDate($dateformat, $item['publishdate']), $this->callvBDate($timeformat, $item['publishdate']))));
$xml->close_group('item');
}
$xml->close_group('channel');
$xml->close_group('rss');
$output .= '<!DOCTYPE rss PUBLIC "-//RSS Advisory Board//DTD RSS 0.91//EN" "http://www.rssboard.org/rss-0.91.dtd">' . "\r\n";
$output .= $xml->output();
return $xml->fetch_xml_tag() . $output;
}
/**
* Handle update events. The required data in $eventData depends on the particular event.
* Children may also handle their specific events.
*
* @param String $event One of the event strings in static::$updateEvents
* @param Array $eventData When $event is 'read_topic'|'read_channel', expects:
* int 'nodeid'
* int 'userid' (Optional)
*/
public static function handleUpdateEvents($event, $eventData)
{
if (!static::validateUpdateEvent($event)) {
return false;
}
$types = vB_Library::instance('Notification')->getNotificationTypes();
$typeid = $types[static::TYPENAME]['typeid'];
$assertor = vB::getDbAssertor();
switch ($event) {
case 'deleted_user':
$userid = (int) $eventData['userid'];
$check = $assertor->getRow('user', array('userid' => $userid));
if (empty($check)) {
// remove any notification owned by deleted user.
$assertor->assertQuery('vBForum:notification', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_DELETE, 'recipient' => $userid, 'typeid' => $typeid));
// remove any userrelation notifications sent from now-deleted user.
$assertor->assertQuery('vBForum:notification', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_DELETE, 'sender' => $userid, 'typeid' => $typeid));
}
break;
default:
break;
}
// skip parent handler. Nothing valid there that isn't already handled here.
return;
}
public static function time($timestamp)
{
if (empty($timestamp)) {
$timestamp = 0;
}
return vbdate(vB::getDatastore()->getOption('timeformat'), $timestamp);
}
/**
* Callback function for convert_url_to_bbcode
*
* Should only be called from convert_url_to_bbcode
*
* @param string Message text
* @param string Text to prepend
*
* @return string
*/
function convert_url_to_bbcode_callback($messagetext, $prepend)
{
$datastore = vB::getDatastore();
$bbcodecache = $datastore->getValue('bbcodecache');
$bbcodeoptions = $datastore->getValue('bf_misc_bbcodeoptions');
// the auto parser - adds [url] tags around neccessary things
$messagetext = str_replace('\\"', '"', $messagetext);
$prepend = str_replace('\\"', '"', $prepend);
static $urlSearchArray, $urlReplaceArray, $emailSearchArray, $emailReplaceArray;
if (empty($urlSearchArray)) {
$taglist = '\\[b|\\[i|\\[u|\\[left|\\[center|\\[right|\\[indent|\\[quote|\\[highlight|\\[\\*' . '|\\[/b|\\[/i|\\[/u|\\[/left|\\[/center|\\[/right|\\[/indent|\\[/quote|\\[/highlight';
foreach ($bbcodecache as $customtag) {
if (!(intval($customtag['options']) & $bbcodeoptions['disable_urlconversion'])) {
$customtag_quoted = preg_quote($customtag['bbcodetag'], '#');
$taglist .= '|\\[' . $customtag_quoted . '|\\[/' . $customtag_quoted;
}
}
// Legacy Hook 'url_to_bbcode_callback' Removed //
$urlSearchArray = array('#(^|(?<=[^_a-z0-9-=\\]"\'/@]|(?<=' . $taglist . ')\\]))((https?|ftp|gopher|news|telnet)://|www\\.)((\\[(?!/)|[^\\s[^$`"{}<>])+)(?!\\[/url|\\[/img)(?=[,.!\')]*(\\)\\s|\\)$|[\\s[]|$))#siU');
$urlReplaceArray = array("[url]\\2\\4[/url]");
$emailSearchArray = array('/([ \\n\\r\\t])([_a-z0-9-+]+(\\.[_a-z0-9-+]+)*@[^\\s]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,6}))/si', '/^([_a-z0-9-+]+(\\.[_a-z0-9-+]+)*@[^\\s]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,6}))/si');
$emailReplaceArray = array("\\1[email]\\2[/email]", "[email]\\0[/email]");
}
$text = preg_replace($urlSearchArray, $urlReplaceArray, $messagetext);
if (strpos($text, "@")) {
$text = preg_replace($emailSearchArray, $emailReplaceArray, $text);
}
return $prepend . $text;
}
/**
* Create a blog channel.
*
* @param array $input
* @param int $channelid
* @param int $channelConvTemplateid
* @param int $channelPgTemplateId
* @param int $ownerSystemGroupId
*
* @return int The nodeid of the new blog channel
*/
public function createChannel($input, $channelid, $channelConvTemplateid, $channelPgTemplateId, $ownerSystemGroupId)
{
$input['parentid'] = $channelid;
$input['inlist'] = 1;
// we don't want it to be shown in channel list, but we want to move them
$input['protected'] = 0;
if (empty($input['userid'])) {
$input['userid'] = vB::getCurrentSession()->get('userid');
}
if (!isset($input['publishdate'])) {
$input['publishdate'] = vB::getRequest()->getTimeNow();
}
$input['templates']['vB5_Route_Channel'] = $channelPgTemplateId;
$input['templates']['vB5_Route_Conversation'] = $channelConvTemplateid;
// add channel node
$channelLib = vB_Library::instance('content_channel');
$input['page_parentid'] = 0;
$result = $channelLib->add($input, array('skipFloodCheck' => true, 'skipDupCheck' => true));
//Make the current user the channel owner.
$userApi = vB_Api::instanceInternal('user');
$usergroup = vB::getDbAssertor()->getRow('usergroup', array('systemgroupid' => $ownerSystemGroupId));
if (empty($usergroup) or !empty($usergroup['errors'])) {
//This should never happen. It would mean an invalid parameter was passed
throw new vB_Exception_Api('invalid_request');
}
vB_User::setGroupInTopic($input['userid'], $result['nodeid'], $usergroup['usergroupid']);
vB_Cache::allCacheEvent(array('nodeChg_' . $this->blogChannel, "nodeChg_{$channelid}"));
vB::getUserContext()->rebuildGroupAccess();
vB_Channel::rebuildChannelTypes();
// clear follow cache
vB_Api::instanceInternal('follow')->clearFollowCache(array($input['userid']));
return $result['nodeid'];
}
/**
*
* @param mixed $languageIds - Language id or array of language ids
* @return array - Array of languages including:
* - languageid
* - dateoverride
* - timeoverride
* - locale
* - charset
*/
public function fetchLanguages($languageIds)
{
$result = array();
if (empty($languageIds)) {
return $result;
} else {
if (is_array($languageIds)) {
array_walk($languageIds, 'intval');
} else {
$languageIds = array(intval($languageIds));
}
}
$missing = array();
foreach ($languageIds as $languageId) {
if (isset($this->languages[$languageId])) {
$result[$languageId] = $this->languages[$languageId];
} else {
$missing[$languageId] = $languageId;
}
}
if (!empty($missing)) {
$query = array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, vB_dB_Query::COLUMNS_KEY => array('languageid', 'dateoverride', 'timeoverride', 'locale', 'charset'), vB_dB_Query::CONDITIONS_KEY => array('languageid' => $missing));
$dbLanguages = vB::getDbAssertor()->assertQuery('language', $query);
foreach ($dbLanguages as $lang) {
$this->languages[$lang['languageid']] = $lang;
$result[$lang['languageid']] = $lang;
}
}
return $result;
}
public function fetchHistoryComparison($nodeid, $oldpost, $newpost)
{
if (!$this->canViewPostHistory($nodeid)) {
throw new Exception('no_permission');
}
$_posthistory = vB::getDbAssertor()->getRows('vBForum:postedithistory', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, vB_dB_Query::CONDITIONS_KEY => array('nodeid' => $nodeid, 'postedithistoryid' => array($oldpost, $newpost)), vB_dB_Query::COLUMNS_KEY => array('postedithistoryid', 'reason', 'dateline', 'username', 'original', 'pagetext')), array('field' => 'postedithistoryid', 'direction' => vB_dB_Query::SORT_ASC));
if (!$_posthistory) {
throw new Exception('no_permission');
}
$posthistory = array();
$key = 1;
foreach ($_posthistory as $info) {
$posthistory['post' . $key] = $info;
$key++;
}
require_once DIR . '/includes/class_diff.php';
if ($posthistory['post2']) {
$textdiff_obj = new vB_Text_Diff($posthistory['post1']['pagetext'], $posthistory['post2']['pagetext']);
} else {
$textdiff_obj = new vB_Text_Diff($posthistory['post1']['pagetext'], $posthistory['post1']['pagetext']);
}
$results = array();
$diff = $textdiff_obj->fetch_diff();
foreach ($diff as $diffrow) {
$compare_show = array();
if ($diffrow->old_class == 'unchanged' and $diffrow->new_class == 'unchanged') {
// no change
$results[] = array('unchanged_olddata' => vB_String::fetchWordWrappedString(nl2br(vB_String::htmlSpecialCharsUni(implode("\n", $diffrow->fetch_data_old())))));
} else {
// something has changed
$results[] = array('changed_olddata' => vB_String::fetchWordWrappedString(nl2br(vB_String::htmlSpecialCharsUni(implode("\n", $diffrow->fetch_data_old())))), 'changed_newdata' => vB_String::fetchWordWrappedString(nl2br(vB_String::htmlSpecialCharsUni(implode("\n", $diffrow->fetch_data_new())))));
}
}
return $results;
}
protected function __construct()
{
parent::__construct();
$this->storage = vB::getDatastore()->getOption('attachfile');
$this->filePath = vB::getDatastore()->getOption('attachpath');
$this->assertor = vB::getDbAssertor();
}
/**
* Create an article category channel. This function works basically like the blog library's version
*
* @param array $input data array, should have standard channel data like title, parentid,
* @param int $channelid parentid that the new channel should fall under.
* @param int $channelConvTemplateid "Conversation" level pagetemplate to use. Typically vB_Page::getArticleConversPageTemplate()
* @param int $channelPgTemplateId "Channel" level pagetemplate to use. Typically vB_Page::getArticleChannelPageTemplate()
* @param int $ownerSystemGroupId
*
* @return int The nodeid of the new blog channel
*/
public function createChannel($input, $channelid, $channelConvTemplateid, $channelPgTemplateId, $ownerSystemGroupId)
{
if (!isset($input['parentid']) or intval($input['parentid']) < 1) {
$input['parentid'] = $channelid;
}
$input['inlist'] = 1;
// we don't want it to be shown in channel list, but we want to move them
$input['protected'] = 0;
if (empty($input['userid'])) {
$input['userid'] = vB::getCurrentSession()->get('userid');
}
if (!isset($input['publishdate'])) {
$input['publishdate'] = vB::getRequest()->getTimeNow();
}
$input['templates']['vB5_Route_Channel'] = $channelPgTemplateId;
$input['templates']['vB5_Route_Article'] = $channelConvTemplateid;
$input['childroute'] = 'vB5_Route_Article';
// add channel node
$channelLib = vB_Library::instance('content_channel');
$input['page_parentid'] = 0;
$result = $channelLib->add($input, array('skipNotifications' => true, 'skipFloodCheck' => true, 'skipDupCheck' => true));
//Make the current user the channel owner.
$userApi = vB_Api::instanceInternal('user');
$usergroup = vB::getDbAssertor()->getRow('usergroup', array('systemgroupid' => $ownerSystemGroupId));
vB_Cache::allCacheEvent(array('nodeChg_' . $this->articleHomeChannel, "nodeChg_{$channelid}"));
vB::getUserContext()->rebuildGroupAccess();
vB_Channel::rebuildChannelTypes();
// clear follow cache
vB_Api::instanceInternal('follow')->clearFollowCache(array($input['userid']));
return $result['nodeid'];
}
public function __call($method, $arguments)
{
try {
$logger = vB::getLogger('api.' . $this->controller . '.' . $method);
//check so that we don't var_export large variables when we don't have to
if ($logger->isInfoEnabled()) {
if (!($ip = vB::getRequest()->getAltIp())) {
$ip = vB::getRequest()->getIpAddress();
}
$message = str_repeat('=', 80) . "\ncalled {$method} on {$this->controller} from ip {$ip} \n\$arguments = " . var_export($arguments, true) . "\n" . str_repeat('=', 80) . "\n";
$logger->info($message);
$logger->info("time: " . microtime(true));
}
if ($logger->isTraceEnabled()) {
$message = str_repeat('=', 80) . "\n " . $this->getTrace() . str_repeat('=', 80) . "\n";
$logger->trace($message);
}
$c = $this->api;
// This is a hack to prevent method parameter reference error. See VBV-5546
$hackedarguments = array();
foreach ($arguments as $k => &$arg) {
$hackedarguments[$k] =& $arg;
}
$return = call_user_func_array(array(&$c, $method), $hackedarguments);
//check so that we don't var_export large variables when we don't have to
if ($logger->isDebugEnabled()) {
$message = str_repeat('=', 80) . "\ncalled {$method} on {$this->controller}\n\$return = " . var_export($return, true) . "\n" . str_repeat('=', 80) . "\n";
$logger->debug($message);
}
return $return;
} catch (vB_Exception_Api $e) {
$errors = $e->get_errors();
$config = vB::getConfig();
if (!empty($config['Misc']['debug'])) {
$trace = '## ' . $e->getFile() . '(' . $e->getLine() . ") Exception Thrown \n" . $e->getTraceAsString();
$errors[] = array("exception_trace", $trace);
}
return array('errors' => $errors);
} catch (vB_Exception_Database $e) {
$config = vB::getConfig();
if (!empty($config['Misc']['debug']) or vB::getUserContext()->hasAdminPermission('cancontrolpanel')) {
$errors = array('Error ' . $e->getMessage());
$trace = '## ' . $e->getFile() . '(' . $e->getLine() . ") Exception Thrown \n" . $e->getTraceAsString();
$errors[] = array("exception_trace", $trace);
return array('errors' => $errors);
} else {
// This text is purposely hard-coded since we don't have
// access to the database to get a phrase
return array('errors' => array(array('There has been a database error, and the current page cannot be displayed. Site staff have been notified.')));
}
} catch (Exception $e) {
$errors = array(array('unexpected_error', $e->getMessage()));
$config = vB::getConfig();
if (!empty($config['Misc']['debug'])) {
$trace = '## ' . $e->getFile() . '(' . $e->getLine() . ") Exception Thrown \n" . $e->getTraceAsString();
$errors[] = array("exception_trace", $trace);
}
return array('errors' => $errors);
}
}
/**
* Perform verification of the payment, this is called from the payment gateway
*
* @return bool Whether the payment is valid
*/
function verify_payment()
{
$this->registry->input->clean_array_gpc('r', array('callbackPW' => vB_Cleaner::TYPE_STR, 'desc' => vB_Cleaner::TYPE_STR, 'transStatus' => vB_Cleaner::TYPE_STR, 'authMode' => vB_Cleaner::TYPE_STR, 'cost' => vB_Cleaner::TYPE_NUM, 'currency' => vB_Cleaner::TYPE_STR, 'transId' => vB_Cleaner::TYPE_STR));
if (!$this->test()) {
$this->error = 'Payment processor not configured';
return false;
}
$this->transaction_id = $this->registry->GPC['transId'];
if ($this->registry->GPC['callbackPW'] == $this->settings['worldpay_password']) {
$this->paymentinfo = vB::getDbAssertor()->getRow('vBForum:getPaymentinfo', array('hash' => $this->registry->GPC['item_number']));
// lets check the values
if (!empty($this->paymentinfo)) {
$sub = vB::getDbAssertor()->getRow('vBForum:subscription', array('subscriptionid' => $this->paymentinfo['subscriptionid']));
$cost = unserialize($sub['cost']);
$this->paymentinfo['currency'] = strtolower($this->registry->GPC['currency']);
$this->paymentinfo['amount'] = floatval($this->registry->GPC['cost']);
if ($this->registry->GPC['transStatus'] == 'Y' and ($this->registry->GPC['authMode'] == 'A' or $this->registry->GPC['authMode'] == 'O')) {
if (doubleval($this->registry->GPC['cost']) == doubleval($cost["{$this->paymentinfo[subscriptionsubid]}"]['cost'][strtolower($this->registry->GPC['currency'])])) {
$this->type = 1;
}
}
return true;
}
}
return false;
}
/**
* Perform verification of the payment, this is called from the payment gateway
*
* @return bool Whether the payment is valid
*/
function verify_payment()
{
// Leave these values at vB_Cleaner::TYPE_STR since they need to be sent back to nochex just as they were received
$this->registry->input->clean_array_gpc('p', array('order_id' => vB_Cleaner::TYPE_STR, 'amount' => vB_Cleaner::TYPE_STR, 'transaction_id' => vB_Cleaner::TYPE_STR, 'status' => vB_Cleaner::TYPE_STR));
$this->transaction_id = $this->registry->GPC['transaction_id'];
foreach ($_POST as $key => $val) {
if (!empty($val)) {
$query[] = $key . '=' . urlencode($val);
}
}
$query = implode('&', $query);
$used_curl = false;
if (function_exists('curl_init') and $ch = curl_init()) {
curl_setopt($ch, CURLOPT_URL, 'http://www.nochex.com/nochex.dll/apc/apc');
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $query);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, 'vBulletin via cURL/PHP');
$result = curl_exec($ch);
curl_close($ch);
if ($result !== false) {
$used_curl = true;
}
}
if (!$used_curl) {
$header = "POST /nochex.dll/apc/apc HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($query) . "\r\n\r\n";
if ($fp = fsockopen('www.nochex.com', 80, $errno, $errstr, 15)) {
socket_set_timeout($fp, 15);
fwrite($fp, $header . $query);
while (!feof($fp)) {
$result = fgets($fp, 1024);
if (strcmp($result, 'AUTHORISED') == 0) {
break;
}
}
fclose($fp);
}
}
if (!empty($this->settings['ncxemail']) and $result == 'AUTHORISED' and $vbulletin->GPC['status'] != 'test') {
$this->paymentinfo = vB::getDbAssertor()->getRow('vBForum:getPaymentinfo', array('hash' => $this->registry->GPC['item_number']));
// lets check the values
if (!empty($this->paymentinfo)) {
$sub = vB::getDbAssertor()->getRow('vBForum:subscription', array('subscriptionid' => $this->paymentinfo['subscriptionid']));
$cost = unserialize($sub['cost']);
$this->paymentinfo['currency'] = 'gbp';
$this->paymentinfo['amount'] = floatval($this->registry->GPC['amount']);
// Check if its a payment or if its a reversal
if ($this->registry->GPC['amount'] == $cost["{$this->paymentinfo[subscriptionsubid]}"]['cost']['gbp']) {
$this->type = 1;
}
}
return true;
} else {
$this->error = 'Invalid Request';
}
return false;
}
/**
* Perform verification of the payment, this is called from the payment gateway
*
* @return bool Whether the payment is valid
*/
function verify_payment()
{
$this->registry->input->clean_array_gpc('p', array('pay_to_email' => vB_Cleaner::TYPE_STR, 'merchant_id' => vB_Cleaner::TYPE_STR, 'transaction_id' => vB_Cleaner::TYPE_STR, 'mb_transaction_id' => vB_Cleaner::TYPE_UINT, 'status' => vB_Cleaner::TYPE_STR, 'md5sig' => vB_Cleaner::TYPE_STR, 'amount' => vB_Cleaner::TYPE_STR, 'currency' => vB_Cleaner::TYPE_STR, 'mb_amount' => vB_Cleaner::TYPE_STR, 'mb_currency' => vB_Cleaner::TYPE_STR));
if (!$this->test()) {
$this->error = 'Payment processor not configured';
return false;
}
$this->transaction_id = $this->registry->GPC['mb_transaction_id'];
$check_hash = strtoupper(md5($this->registry->GPC['merchant_id'] . $this->registry->GPC['transaction_id'] . strtoupper(md5(strtolower($this->settings['mbsecret']))) . $this->registry->GPC['mb_amount'] . $this->registry->GPC['mb_currency'] . $this->registry->GPC['status']));
if ($check_hash == $this->registry->GPC['md5sig'] and strtolower($this->registry->GPC['pay_to_email']) == strtolower($this->settings['mbemail'])) {
if (intval($this->registry->GPC['status']) == 2) {
$this->paymentinfo = vB::getDbAssertor()->getRow('vBForum:getPaymentinfo', array('hash' => $this->registry->GPC['item_number']));
// lets check the values
if (!empty($this->paymentinfo)) {
$sub = vB::getDbAssertor()->getRow('vBForum:subscription', array('subscriptionid' => $this->paymentinfo['subscriptionid']));
$cost = unserialize($sub['cost']);
$this->paymentinfo['currency'] = strtolower($this->registry->GPC['currency']);
$this->paymentinfo['amount'] = floatval($this->registry->GPC['amount']);
if (doubleval($this->registry->GPC['amount']) == doubleval($cost["{$this->paymentinfo[subscriptionsubid]}"]['cost'][strtolower($this->registry->GPC['currency'])])) {
$this->type = 1;
return true;
}
}
}
}
return false;
}
public function __construct($routeInfo = array(), $matches = array(), $queryString = '', $anchor = '')
{
/* Depending on the friendliness setting, we can have four different url formats. Like:
content.php?280-Accu-Sim-In-General/view/2
content.php?r=280-Accu-Sim-In-General/view/2
content.php/280-Accu-Sim-In-General/view/2
content/280-Accu-Sim-In-General/view/2
*/
parent::__construct($routeInfo, $matches, $queryString, $anchor);
if (!empty($queryString) and (empty($this->arguments['oldid']) or !is_numeric($this->arguments['oldid']) or empty($this->arguments['oldpage']) or !is_numeric($this->arguments['oldpage']))) {
$queryMatches = array();
if (preg_match('#[^0-9]*(?P<oldid>[0-9]+)?(-)?(?P<urlident>[^%2F]*)?(%2Fview%2F)?(?P<oldpage>[0-9]+)?#i', $queryString, $queryMatches)) {
if (!empty($queryMatches['oldid'])) {
$this->arguments['oldid'] = $queryMatches['oldid'];
}
if (!empty($queryMatches['oldpage'])) {
$this->arguments['contentpage'] = $queryMatches['oldpage'];
}
}
}
if (!empty($this->arguments['oldid']) and is_numeric($this->arguments['oldid'])) {
$node = vB::getDbAssertor()->getRow('vBForum:node', array('oldid' => $this->arguments['oldid'], 'oldcontenttypeid' => array(vB_Api_ContentType::OLDTYPE_CMS_STATICPAGE, vB_Api_ContentType::OLDTYPE_CMS_ARTICLE)));
if (!empty($node) and empty($node['errors'])) {
$this->arguments['nodeid'] = $node['nodeid'];
$this->arguments['contenttypeid'] = $node['contenttypeid'];
$this->arguments['routeid'] = $node['routeid'];
}
}
// I'm leaving this bit of comment here to remind ourselves that we need to actually ensure that articles have a meta description.
// Meta Description
/*
$this->arguments['metadescription'] = ;
*/
}
protected static function getInstance($type, $value)
{
$dbType = vB::getDbAssertor()->getDbType();
$className = "vB_dB_{$dbType}_Type_" . $type;
if (class_exists($className)) {
return new $className($value);
}
}
public static function resolvePath($path)
{
$currentDir = getcwd();
chdir(DIR . '/' . vB::getDatastore()->getValue('modcpdir'));
$path = realpath($path);
chdir($currentDir);
return $path;
}
public function call($forumid, $perpage = 20, $pagenumber = 1)
{
$contenttype = vB_Api::instance('contenttype')->fetchContentTypeIdFromClass('Channel');
$forum = vB_Api::instance('node')->getNodeFullContent($forumid);
if (empty($forum) or isset($forum['errors'])) {
return array("response" => array("errormessage" => array("invalidid")));
}
$forum = $forum[$forumid];
$modPerms = vB::getUserContext()->getModeratorPerms($forum);
$foruminfo = array('forumid' => $forum['nodeid'], 'title' => vB_String::unHtmlSpecialChars($forum['title']), 'description' => $forum['description'], 'title_clean' => $forum['htmltitle'], 'description_clean' => strip_tags($forum['description']), 'prefixrequired' => 0);
$nodes = vB_Api::instance('node')->fetchChannelNodeTree($forumid, 3);
$channels = array();
if (!empty($nodes) and empty($nodes['errors']) and isset($nodes['channels']) and !empty($nodes['channels'])) {
foreach ($nodes['channels'] as $node) {
$channels[] = vB_Library::instance('vb4_functions')->parseForum($node);
}
}
$forumbits = $channels;
$topics = array();
$topics_sticky = array();
$page_nav = vB_Library::instance('vb4_functions')->pageNav(1, $perpage, 1);
$search = array("channel" => $forumid);
$search['view'] = vB_Api_Search::FILTER_VIEW_TOPIC;
$search['depth'] = 1;
$search['include_sticky'] = true;
$search['sort']['lastcontent'] = 'desc';
$search['nolimit'] = 1;
$topic_search = vB_Api::instanceInternal('search')->getInitialResults($search, $perpage, $pagenumber, true);
if (!isset($topic_search['errors']) and !empty($topic_search['results'])) {
$topic_search['results'] = vB_Api::instance('node')->mergeNodeviewsForTopics($topic_search['results']);
foreach ($topic_search['results'] as $key => $node) {
if ($node['content']['contenttypeclass'] == 'Channel' or $node['content']['starter'] != $node['content']['nodeid']) {
unset($topic_search['results'][$key]);
} else {
$topic = vB_Library::instance('vb4_functions')->parseThread($node);
if ($topic['thread']['sticky']) {
$topics_sticky[] = $topic;
} else {
$topics[] = $topic;
}
}
}
$page_nav = vB_Library::instance('vb4_functions')->pageNav($topic_search['pagenumber'], $perpage, $topic_search['totalRecords']);
}
$inlinemod = $forum['canmoderate'] ? 1 : 0;
$subscribed = vB_Api::instance('follow')->isFollowingContent($forum['nodeid']);
$subscribed = $subscribed ? 1 : 0;
$forumsearch = vB::getUserContext()->hasPermission('forumpermissions', 'cansearch');
$response = array();
$response['response']['forumbits'] = $forumbits;
$response['response']['foruminfo'] = $foruminfo;
$response['response']['threadbits'] = $topics;
$response['response']['threadbits_sticky'] = $topics_sticky;
$response['response']['pagenav'] = $page_nav;
$response['response']['pagenumber'] = intval($pagenumber);
$response['show'] = array('subscribed_to_forum' => $subscribed, 'inlinemod' => $inlinemod, 'spamctrls' => $modPerms['candeleteposts'] > 0 ? 1 : 0, 'openthread' => $modPerms['canopenclose'] > 0 ? 1 : 0, 'approvethread' => $modPerms['canmoderateposts'] > 0 ? 1 : 0, 'movethread' => $modPerms['canmassmove'] > 0 ? 1 : 0, 'forumsearch' => $forumsearch, 'stickies' => count($topics_sticky) > 0 ? 1 : 0);
return $response;
}
/**
* Log errors to a file
*
* @param string The error message to be placed within the log
* @param string The type of error that occured. php, database, security, etc.
*
* @return boolean
*/
function log_vbulletin_error($errstring, $type = 'database')
{
global $vbulletin;
$options = vB::getDatastore()->getValue('options');
// do different things depending on the error log type
switch ($type) {
// log PHP E_USER_ERROR, E_USER_WARNING, E_WARNING to file
case 'php':
if (!empty($options['errorlogphp'])) {
$errfile = $options['errorlogphp'];
$errstring .= "\r\nDate: " . date('l dS \\o\\f F Y h:i:s A') . "\r\n";
$errstring .= "Username: {$vbulletin->userinfo['username']}\r\n";
$errstring .= 'IP Address: ' . IPADDRESS . "\r\n";
}
break;
// log database error to file
// log database error to file
case 'database':
if (!empty($options['errorlogdatabase'])) {
$errstring = preg_replace("#(\r\n|\r|\n)#s", "\r\n", $errstring);
$errfile = $options['errorlogdatabase'];
}
break;
// log admin panel login failure to file
// log admin panel login failure to file
case 'security':
if (!empty($options['errorlogsecurity'])) {
$errfile = $options['errorlogsecurity'];
$username = $errstring;
$errstring = 'Failed admin logon in ' . $vbulletin->db->appname . ' ' . $vbulletin->options['templateversion'] . "\r\n\r\n";
$errstring .= 'Date: ' . date('l dS \\o\\f F Y h:i:s A') . "\r\n";
$errstring .= "Script: http://{$_SERVER['HTTP_HOST']}" . unhtmlspecialchars($vbulletin->scriptpath) . "\r\n";
$errstring .= 'Referer: ' . REFERRER . "\r\n";
$errstring .= "Username: {$username}\r\n";
$errstring .= 'IP Address: ' . IPADDRESS . "\r\n";
$errstring .= "Strikes: {$GLOBALS['strikes']}/5\r\n";
}
break;
}
// if no filename is specified, exit this function
if (!isset($errfile) or !($errfile = trim($errfile)) or defined('DEMO_MODE') and DEMO_MODE == true) {
return false;
}
// rotate the log file if filesize is greater than $vbulletin->options[errorlogmaxsize]
if ($vbulletin->options['errorlogmaxsize'] != 0 and $filesize = @filesize("{$errfile}.log") and $filesize >= $vbulletin->options['errorlogmaxsize']) {
@copy("{$errfile}.log", $errfile . TIMENOW . '.log');
@unlink("{$errfile}.log");
}
// write the log into the appropriate file
if ($fp = @fopen("{$errfile}.log", 'a+')) {
@fwrite($fp, "{$errstring}\r\n=====================================================\r\n\r\n");
@fclose($fp);
return true;
} else {
return false;
}
}
/**
* Constructor
*
* @param string Directory where the XML files are located
*/
public function __construct($xmldir)
{
$this->xmldir = (string) $xmldir;
$this->assertor = vB::getDbAssertor();
$items = array('page', 'route', 'pagetemplate');
foreach ($items as $item) {
$this->xml[$item] = $this->loadXmlFile($item);
}
}
public static function getChannelTypes()
{
$types = array();
$vBChannelTypes = vB::getDbAssertor()->assertQuery('vBForum:channel', array('guid' => array_keys(self::$channelTypes)));
foreach ($vBChannelTypes as $channel) {
$types[$channel['nodeid']] = array('type' => self::$channelTypes[$channel['guid']], 'GUID' => $channel['guid'], 'label' => self::$channelLabels[self::$channelTypes[$channel['guid']]]);
}
return $types;
}
protected function typeEnabledForUser($user)
{
static $bf_masks;
if (empty($bf_masks)) {
$bf_masks = vB::getDatastore()->getValue('bf_misc_usernotificationoptions');
}
// The original mapping was taken from vB_Library_Privatemessage->userReceivesNotification()
return (bool) ($user['notification_options'] & $bf_masks['general_followrequest']);
}
public function __construct()
{
// in collapsed form, we want to be able to load API classes
$core_path = vB5_Config::instance()->core_path;
vB5_Autoloader::register($core_path);
vB::init();
$request = new vB_Request_Test(array('userid' => 1, 'ipAddress' => '127.0.0.1', 'altIp' => '127.0.0.1', 'userAgent' => 'CLI'));
vB::setRequest($request);
$request->createSession();
}
/**
* Create a session for this page load
*
* Should only be called from the Request code.
* Will use a reexisting session that matches the session hash
*
* @param string $sessionhash -- the token given to the client for session handling. If the client has this token they
* can use the session.
* @param array $restoreSessionInfo -- Information to handle "remember me" logic.
* * remembermetoken -- Token value for "remember me". Stored in the "password" cookie for legacy reasons. There are
* so special values to indicate that we should reauthentic via a method other than the internal vB remember me
* system.
* * userid -- user we are remembering
* * fbsr_{appid} (optional) -- Only valid if facebook is enabled, and only used if "remembermetoken" is "facebook".
*/
public static function createSessionNew($sessionhash, $restoreSessionInfo = array())
{
$assertor = vB::getDbAssertor();
$datastore = vB::getDatastore();
$config = vB::getConfig();
//this looks weird but its valid. Will create the an instance of whatever session class this was called
//on. So vB_Session_Web::createSessionNew() will do the expected thing.
$session = new vB_Session_WebApi($assertor, $datastore, $config, $sessionhash, $restoreSessionInfo);
return $session;
}
/**
* get the actual node after captured old id
* set route arguments for building new URL
* return new routeid
*/
protected function getNewRouteInfo()
{
$oldid = $this->captureOldId();
$node = vB::getDbAssertor()->getRow('vBForum:node', array('oldid' => $oldid, 'oldcontenttypeid' => $this->oldcontenttypeid));
if (empty($node)) {
throw new vB_Exception_404('invalid_page');
}
$this->arguments['nodeid'] = $node['nodeid'];
return $node['routeid'];
}
