public function ReadUnreadPackPM(array $messageids, $set = 'yes')
{
if ($this->vbulletin->options['dle_onoff'] && $this->vbulletin->options['dle_pm']) {
$pm_result = $this->vbulletin->db->query_read("SELECT pt.*, p.messageread, p.folderid FROM " . TABLE_PREFIX . "pmtext AS pt \n LEFT JOIN " . TABLE_PREFIX . "pm AS p\n ON pt.pmtextid=p.pmtextid\n WHERE p.pmid IN (" . implode(", ", $messageids) . ") AND p.userid=" . $this->vbulletin->userinfo['userid'] . " LIMIT 1");
if ($this->vbulletin->db->num_rows($pm_result)) {
$this->_db_connect();
$user_name = $this->db->escape_string($this->vbulletin->userinfo['username']);
$user = $this->db->query_first("SELECT user_id FROM " . USERPREFIX . "_users WHERE name='{$user_name}' LIMIT 1");
if ($user) {
$pm_unread = 0;
while ($pm_info = $this->vbulletin->db->fetch_array($pm_result)) {
if (DLE_CHARSET && DLE_CHARSET != $this->vbulletin->userinfo['lang_charset']) {
$pm_info['fromusername'] = iconv($this->vbulletin->userinfo['lang_charset'], DLE_CHARSET, $pm_info['fromusername']);
}
$fromusername = $this->db->escape_string($pm_info['fromusername']);
if ($pm_info['messageread']) {
$pm_unread++;
}
if ($pm_info['folderid'] == -1) {
$folder = "outbox";
} else {
$folder = "inbox";
}
$this->db->query_write("UPDATE " . USERPREFIX . "_pm SET pm_read='{$set}' WHERE user_from='{$fromusername}' AND date='{$pm_info['dateline']}' AND folder='{$folder}' AND user={$user['user_id']}");
}
if ($pm_unread) {
$this->db->query_write("UPDATE " . USERPREFIX . "_users SET pm_unread=IF(pm_unread <= {$pm_unread}, 0, pm_unread-{$pm_unread}) WHERE user_id='{$user['user_id']}'");
}
}
$this->_db_disconnect();
}
}
}
/**
* Verifies that the provided username is valid, and attempts to correct it if it is not valid
*
* @param string Username
*
* @return boolean Returns true if the username is valid, or has been corrected to be valid
*/
function verify_username(&$username)
{
// this is duplicated from the user manager
// fix extra whitespace and invisible ascii stuff
$username = trim(preg_replace('#[ \\r\\n\\t]+#si', ' ', strip_blank_ascii($username, ' ')));
$username_raw = $username;
global $stylevar;
$username = preg_replace('/&#([0-9]+);/ie', "convert_unicode_char_to_charset('\\1', \$stylevar['charset'])", $username);
$username = preg_replace('/�*([0-9]{1,2}|1[01][0-9]|12[0-7]);/ie', "convert_int_to_utf8('\\1')", $username);
$username = str_replace(chr(0), '', $username);
$username = trim($username);
$length = vbstrlen($username);
if ($length < $this->registry->options['minuserlength']) {
// name too short
$this->error('usernametooshort', $this->registry->options['minuserlength']);
return false;
} else {
if ($length > $this->registry->options['maxuserlength']) {
// name too long
$this->error('usernametoolong', $this->registry->options['maxuserlength']);
return false;
} else {
if (preg_match('/(?<!&#[0-9]{3}|&#[0-9]{4}|&#[0-9]{5});/', $username)) {
// name contains semicolons
$this->error('username_contains_semi_colons');
return false;
} else {
if ($username != fetch_censored_text($username)) {
// name contains censored words
$this->error('censorfield', $this->registry->options['contactuslink']);
return false;
} else {
if ($this->dbobject->query_first("\n\t\t\tSELECT userid, username FROM " . TABLE_PREFIX . "user\n\t\t\tWHERE userid != " . intval($this->existing['userid']) . "\n\t\t\tAND\n\t\t\t(\n\t\t\t\tusername = '******'\n\t\t\t\tOR\n\t\t\t\tusername = '******'\n\t\t\t)\n\t\t")) {
// name is already in use
$this->error('usernametaken', htmlspecialchars_uni($username), $this->registry->session->vars['sessionurl']);
return false;
} else {
if (!empty($this->registry->options['illegalusernames'])) {
// check for illegal username
$usernames = preg_split('/[ \\r\\n\\t]+/', $this->registry->options['illegalusernames'], -1, PREG_SPLIT_NO_EMPTY);
foreach ($usernames as $val) {
if (strpos(strtolower($username), strtolower($val)) !== false) {
// wierd error to show, but hey...
$this->error('usernametaken', htmlspecialchars_uni($username), $this->registry->session->vars['sessionurl']);
return false;
}
}
}
}
}
}
}
}
// if we got here, everything is okay
$username = htmlspecialchars_uni($username);
return true;
}
/**
* Disable a product, not delete
*
*/
public function disable($productid = null)
{
$productid = $productid ? $productid : $this->productinfo['productid'];
$this->db->query_write("\n\t\t\tUPDATE " . TABLE_PREFIX . "product\n\t\t\tSET active = 0\n\t\t\tWHERE productid = '" . $this->db->escape_string($productid) . "'\n\t\t");
build_product_datastore();
// build bitfields to remove/add this products bitfields
require_once DIR . '/includes/class_bitfield_builder.php';
vB_Bitfield_Builder::save($this->db);
// Products can enable a cron entries, so we need to rebuild that as well
require_once DIR . '/includes/functions_cron.php';
build_cron_next_run();
// Purge cache -- doesn't apply to pre-vB4 versions
if (class_exists('vB_Cache')) {
vB_Cache::instance()->purge('vb_types.types');
}
// Reload blocks and block types -- doesn't apply to pre-vB4 versions
if (class_exists('vB_BlockManager')) {
$blockmanager = vB_BlockManager::create($this->registry);
$blockmanager->reloadBlockTypes();
$blockmanager->getBlocks(true, true);
}
}
/**
* Updates this user's CSS cache.
*
* @return string Compiled CSS
*/
function update_css_cache()
{
$buildcss = $this->build_css();
$this->dbobject->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "usercsscache\n\t\t\t\t(userid, cachedcss, buildpermissions)\n\t\t\tVALUES\n\t\t\t\t(" . $this->userid . ", '" . $this->dbobject->escape_string($buildcss) . "', " . intval($this->permissions['usercsspermissions']) . ")\n\t\t");
return $buildcss;
}
/**
* Prepares an array of items into a list.
* The result is a comma delimited, db escaped, quoted list for use in SQL.
*
* @param array string $items - An array of item titles
* @param bool $prepare_items - Wether to check the items first
*
* @return string - A sql safe comma delimited list
*/
function prepare_itemlist($items, $prepare_items = false)
{
if (is_string($items) or $prepare_items) {
$items = $this->prepare_itemarray($items);
}
if (!sizeof($items)) {
return false;
}
foreach ($items as &$item) {
$item = "'" . $this->dbobject->escape_string($item) . "'";
}
return implode(',', $items);
}
/**
* Log the current location of the upgrade
*
* @param string Upgrade Step
* @param int Startat value for multi step steps
* @param bool Process only the current version upgrade
*/
public function log_upgrade_step($step, $startat = 0, $only = false)
{
$complete = $step == $this->stepcount;
$perpage = 0;
$insertstep = true;
if ($complete) {
$step = 0;
if ($this->SHORT_VERSION == 'final' or $only) {
$this->db->query_write("\n\t\t\t\t\tDELETE FROM " . TABLE_PREFIX . "upgradelog\n\t\t\t\t\tWHERE script IN ('final', 'vbblog', 'vbcms', 'skimlinks', 'forumrunner', 'postrelease')\n\t\t\t\t");
$insertstep = false;
} else {
if (is_newer_version($this->LONG_VERSION, $this->registry->options['templateversion'])) {
$this->db->query_write("UPDATE " . TABLE_PREFIX . "setting SET value = '" . $this->LONG_VERSION . "' WHERE varname = 'templateversion'");
}
if (!defined('SKIPDB')) {
build_options();
}
$this->registry->options['templateversion'] = $this->LONG_VERSION;
}
}
if ($insertstep and !defined('SKIPDB')) {
// use time() not TIMENOW to actually time the script's execution
/*insert query*/
$this->db->query_write("\n\t\t\t\tINSERT INTO " . TABLE_PREFIX . "upgradelog(script, steptitle, step, startat, perpage, dateline, only)\n\t\t\t\tVALUES (\n\t\t\t\t\t'" . $this->db->escape_string($this->SHORT_VERSION) . "',\n\t\t\t\t\t'',\n\t\t\t\t\t{$step},\n\t\t\t\t\t{$startat},\n\t\t\t\t\t{$perpage},\n\t\t\t\t\t" . time() . ",\n\t\t\t\t\t" . intval($only) . "\n\t\t\t)");
}
}
function searchAttach($params, vB_Database $db, $check_only = false)
{
if ($check_only) {
return true;
}
$query = array("a.nodeid <> 0");
if ($params['search']['filename']) {
$query[] = "a.filename LIKE '%" . $db->escape_string_like($params['search']['filename']) . "%' ";
}
if ($params['search']['attachedbyuser']) {
$query[] = "node.userid=" . $params['search']['attachedbyuser'] . " ";
}
if ($params['search']['datelinebefore'] and $params['search']['datelineafter']) {
$query[] = "(fd.dateline BETWEEN UNIX_TIMESTAMP('" . $db->escape_string($params['search']['datelineafter']) . "') AND UNIX_TIMESTAMP('" . $db->escape_string($params['search']['datelinebefore']) . "')) ";
} else {
if ($params['search']['datelinebefore']) {
$query[] = "fd.dateline < UNIX_TIMESTAMP('" . $db->escape_string($params['search']['datelinebefore']) . "') ";
} else {
if ($params['search']['datelineafter']) {
$query[] = "fd.dateline > UNIX_TIMESTAMP('" . $db->escape_string($params['search']['datelineafter']) . "') ";
}
}
}
if ($params['search']['downloadsmore'] and $params['search']['downloadsless']) {
$query[] = "(a.counter BETWEEN " . $params['search']['downloadsmore'] . " AND " . $params['search']['downloadsless'] . ") ";
} else {
if ($params['search']['downloadsless']) {
$query[] = "a.counter < " . $params['search']['downloadsless'] . " ";
} else {
if ($params['search']['downloadsmore']) {
$query[] = "a.counter > " . $params['search']['downloadsmore'] . " ";
}
}
}
if ($params['search']['sizemore'] and $params['search']['sizeless']) {
$query[] = "(fd.filesize BETWEEN " . $params['search']['sizemore'] . " AND " . $params['search']['sizeless'] . ") ";
} else {
if ($params['search']['sizeless']) {
$query[] = "fd.filesize < " . $params['search']['sizeless'] . " ";
} else {
if ($params['search']['sizemore']) {
$query[] = "fd.filesize > " . $params['search']['sizemore'] . " ";
}
}
}
// if ($params['search']['visible'] != -1)
// {
// $query[] = "a.state = '" . ($params['search']['visible'] ? 'visible' : 'moderation') . "' ";
// }
$tables = "FROM " . TABLE_PREFIX . "node AS node\n\t\t\t\tINNER JOIN " . TABLE_PREFIX . "attach AS a ON (node.nodeid = a.nodeid)\n\t\t\t\tINNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (a.filedataid = fd.filedataid)\n\t\t";
$where = "WHERE " . implode(" AND ", $query);
$limit = "";
$order = "";
if (!empty($params['countonly'])) {
$fields = "COUNT(*) AS count, SUM(fd.filesize) AS sum";
} else {
$fields = "node.*, fd.filesize, a.filedataid, a.filename, fd.dateline";
$limit = "LIMIT " . ($params['pagenum'] - 1) * $params['search']['results'] . ", " . $params['search']['results'];
$order = 'ORDER BY ' . $params['search']['orderby'] . ' ' . $params['search']['ordering'];
}
$sql = "\n\t\t\t\tSELECT {$fields}\n\t\t\t\t{$tables}\n\t\t\t\t{$where}\n\t\t\t\t{$order}\n\t\t\t\t{$limit}\n\t\t";
$resultclass = 'vB_dB_' . $this->db_type . '_result';
$config = vB::getConfig();
if (isset($config['Misc']['debug_sql']) and $config['Misc']['debug_sql']) {
echo "sql: {$sql}<br />\n";
}
$result = new $resultclass($db, $sql);
return $result;
}
