function parse_wysiwyg_html($html, $ishtml = 0, $forumid = 0, $allowsmilie = 1)
{
global $vbulletin;
if ($ishtml) {
// parse HTML into vbcode
// I DON'T THINK THIS IS EVER USED NOW - KIER
$html = convert_wysiwyg_html_to_bbcode($html);
} else {
$html = unhtmlspecialchars($html, 0);
}
// parse the message back into WYSIWYG-friendly HTML
require_once DIR . '/includes/class_bbcode_alt.php';
$wysiwyg_parser =& new vB_BbCodeParser_Wysiwyg($vbulletin, fetch_tag_list());
$wysiwyg_parser->set_parse_userinfo($vbulletin->userinfo);
return $wysiwyg_parser->parse($html, $forumid, $allowsmilie);
}
default:
if (intval($vbulletin->GPC['parsetype']))
{
$parsetype = intval($vbulletin->GPC['parsetype']);
$foruminfo = fetch_foruminfo($parsetype);
$dohtml = $foruminfo['allowhtml']; break;
}
else
{
$dohtml = false;
}
($hook = vBulletinHook::fetch_hook('editor_switch_wysiwyg_to_standard')) ? eval($hook) : false;
}
$xml->add_tag('message', process_replacement_vars(convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $dohtml)));
}
$xml->print_xml();
}
// #############################################################################
// mark forums read
if ($_POST['do'] == 'markread')
{
$vbulletin->input->clean_gpc('p', 'forumid', TYPE_UINT);
require_once(DIR . '/includes/functions_misc.php');
$mark_read_result = mark_forums_read($foruminfo['forumid']);
foreach ($xml->fetch_items() as $item) {
if ($vbulletin->GPC['maxresults'] and $count++ >= $vbulletin->GPC['maxresults']) {
break;
}
if (!empty($item['content:encoded'])) {
$content_encoded = true;
}
$title = $bbcode_parser->parse(strip_bbcode(convert_wysiwyg_html_to_bbcode($xml->parse_template($vbulletin->GPC['titletemplate'], $item))), 0, false);
if ($vbulletin->GPC['options']['html2bbcode']) {
$body_template = nl2br($vbulletin->GPC['bodytemplate']);
} else {
$body_template = $vbulletin->GPC['bodytemplate'];
}
$body = $xml->parse_template($body_template, $item);
if ($vbulletin->GPC['options']['html2bbcode']) {
$body = convert_wysiwyg_html_to_bbcode($body, false, true);
}
$body = $bbcode_parser->parse($body, 0, false);
$output .= '<div class="alt2" style="border:inset 1px; padding:5px; width:400px; height: 175px; margin:10px; overflow: auto;"><h3><em>' . $title . '</em></h3>' . $body . '</div>';
}
$feed = array();
foreach ($input_vars as $varname => $foo) {
$feed["{$varname}"] = $vbulletin->GPC["{$varname}"];
}
define('FEED_SAVE_ERROR', true);
$_REQUEST['do'] = 'edit';
print_form_header('', '');
print_table_header($vbphrase['preview_feed']);
if ($content_encoded) {
print_description_row($vbphrase['feed_supports_content_encoded']);
}
// insert item as thread
// insert item as thread
case 'thread':
default:
// init thread/firstpost datamanager
$itemdata =& datamanager_init('Thread_FirstPost', $vbulletin, $error_type, 'threadpost');
$itemdata->set_info('forum', fetch_foruminfo($feed['forumid']));
$itemdata->set_info('user', $feed);
$itemdata->set_info('is_automated', 'rss');
$itemdata->set_info('chop_title', true);
$itemdata->set('iconid', $feed['iconid']);
$itemdata->set('sticky', $feed['rssoptions'] & $vbulletin->bf_misc_feedoptions['stickthread'] ? 1 : 0);
$itemdata->set('forumid', $feed['forumid']);
$itemdata->set('prefixid', $feed['prefixid']);
$itemdata->set('userid', $feed['userid']);
$itemdata->set('title', strip_bbcode(convert_wysiwyg_html_to_bbcode($feed['xml']->parse_template($feed['titletemplate'], $item))));
$itemdata->set('pagetext', $pagetext);
$itemdata->set('visible', $feed['rssoptions'] & $vbulletin->bf_misc_feedoptions['moderatethread'] ? 0 : 1);
$itemdata->set('allowsmilie', $feed['rssoptions'] & $vbulletin->bf_misc_feedoptions['allowsmilies'] ? 1 : 0);
$itemdata->set('showsignature', $feed['rssoptions'] & $vbulletin->bf_misc_feedoptions['showsignature'] ? 1 : 0);
$itemdata->set('ipaddress', '');
$threadactiontime = $feed['threadactiondelay'] > 0 ? TIMENOW + $feed['threadactiondelay'] * 3600 : 0;
if ($itemid = $itemdata->save()) {
$itemtype = 'thread';
$itemtitle = $itemdata->fetch_field('title');
$itemlink = "../showthread.php?t={$itemid}";
if (defined('IN_CONTROL_PANEL')) {
echo "<li><a href=\"{$itemlink}\" target=\"feed\">{$itemtitle}</a></li>";
}
$rsslog_insert_sql[] = "({$item['rssfeedid']}, {$itemid}, '{$itemtype}', '" . $vbulletin->db->escape_string($uniquehash) . "', '" . $vbulletin->db->escape_string($item['contenthash']) . "', " . TIMENOW . ", {$threadactiontime})";
$cronlog_items["{$item['rssfeedid']}"][] = "\t<li>{$vbphrase[$itemtype]} <a href=\"{$itemlink}\" target=\"logview\"><em>{$itemtitle}</em></a></li>";
/**
* Prepares the templates for a message editor
*
* @param string The text to be initially loaded into the editor
* @param boolean Is the initial text HTML (rather than plain text or bbcode)?
* @param mixed Forum ID of the forum into which we are posting. Special rules apply for values of 'privatemessage', 'usernote', 'calendar', 'announcement' and 'nonforum'. Can be an object of vB_Editor_Override as well.
* @param boolean Allow smilies?
* @param boolean Parse smilies in the text of the message?
* @param boolean Allow attachments?
* @param string Editor type - either 'fe' for full editor or 'qr' for quick reply
* @param string Force the editor to use the specified value as its editorid, rather than making one up
* @param array Information for the image popup
* @param array Content type handled by this editor, used to set specific CSS
*
* @return string Editor ID
*/
function construct_edit_toolbar($text = '', $ishtml = false, $forumid = 0, $allowsmilie = true, $parsesmilie = true, $can_attach = false, $editor_type = 'fe', $force_editorid = '', $attachinfo = array(), $content = 'content')
{
// standard stuff
global $vbulletin, $vbphrase, $show;
// templates generated by this function
global $messagearea, $smiliebox, $disablesmiliesoption, $checked, $vBeditTemplate;
// misc stuff built by this function
global $istyles;
// counter for editorid
static $editorcount = 0;
if (is_object($forumid) and $forumid instanceof vB_Editor_Override) {
$editor_override = $forumid;
} else {
$editor_override = null;
}
// determine what we can use
// this was moved up here as I need the switch to determine if bbcode is enabled
// to determine if a toolbar is usable
if ($forumid == 'signature') {
$sig_perms =& $vbulletin->userinfo['permissions']['signaturepermissions'];
$sig_perms_bits =& $vbulletin->bf_ugp_signaturepermissions;
$can_toolbar = $sig_perms & $sig_perms_bits['canbbcode'] ? true : false;
$show['img_bbcode'] = $sig_perms & $sig_perms_bits['allowimg'] ? true : false;
$show['font_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodefont'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_FONT) ? true : false;
$show['size_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodesize'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_SIZE) ? true : false;
$show['color_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodecolor'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_COLOR) ? true : false;
$show['basic_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodebasic'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_BASIC) ? true : false;
$show['align_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodealign'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_ALIGN) ? true : false;
$show['list_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodelist'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_LIST) ? true : false;
$show['code_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodecode'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_CODE) ? true : false;
$show['html_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodehtml'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_HTML) ? true : false;
$show['php_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodephp'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_PHP) ? true : false;
$show['url_bbcode'] = ($sig_perms & $sig_perms_bits['canbbcodelink'] and $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_URL) ? true : false;
$show['quote_bbcode'] = $sig_perms & $sig_perms_bits['canbbcodequote'] ? true : false;
} else {
require_once DIR . '/includes/class_bbcode.php';
$show['font_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_FONT ? true : false;
$show['size_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_SIZE ? true : false;
$show['color_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_COLOR ? true : false;
$show['basic_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_BASIC ? true : false;
$show['align_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_ALIGN ? true : false;
$show['list_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_LIST ? true : false;
$show['code_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_CODE ? true : false;
$show['html_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_HTML ? true : false;
$show['php_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_PHP ? true : false;
$show['url_bbcode'] = $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_URL ? true : false;
$show['quote_bbcode'] = true;
// can't disable this anywhere but in sigs
}
$ajax_extra = '';
$allow_custom_bbcode = true;
if (empty($forumid)) {
$forumid = 'nonforum';
}
switch ($forumid) {
case 'privatemessage':
$can_toolbar = $vbulletin->options['privallowbbcode'];
$show['img_bbcode'] = $vbulletin->options['privallowbbimagecode'];
break;
case 'calendar':
global $calendarinfo;
$can_toolbar = $calendarinfo['allowbbcode'];
$show['img_bbcode'] = $calendarinfo['allowimgcode'];
$ajax_extra = "calendarid={$calendarinfo['calendarid']}";
break;
case 'announcement':
$can_toolbar = true;
$show['img_bbcode'] = true;
break;
case 'signature':
// see above -- these are handled earlier
break;
case 'visitormessage':
case 'groupmessage':
case 'picturecomment':
switch ($forumid) {
case 'groupmessage':
$allowedoption = $vbulletin->options['sg_allowed_bbcode'];
break;
case 'picturecomment':
$allowedoption = $vbulletin->options['pc_allowed_bbcode'];
break;
default:
$allowedoption = $vbulletin->options['vm_allowed_bbcode'];
break;
}
$show['font_bbcode'] = ($show['font_bbcode'] and $allowedoption & ALLOW_BBCODE_FONT) ? true : false;
$show['size_bbcode'] = ($show['size_bbcode'] and $allowedoption & ALLOW_BBCODE_SIZE) ? true : false;
$show['color_bbcode'] = ($show['color_bbcode'] and $allowedoption & ALLOW_BBCODE_COLOR) ? true : false;
$show['basic_bbcode'] = ($show['basic_bbcode'] and $allowedoption & ALLOW_BBCODE_BASIC) ? true : false;
$show['align_bbcode'] = ($show['align_bbcode'] and $allowedoption & ALLOW_BBCODE_ALIGN) ? true : false;
$show['list_bbcode'] = ($show['list_bbcode'] and $allowedoption & ALLOW_BBCODE_LIST) ? true : false;
$show['code_bbcode'] = ($show['code_bbcode'] and $allowedoption & ALLOW_BBCODE_CODE) ? true : false;
$show['html_bbcode'] = ($show['html_bbcode'] and $allowedoption & ALLOW_BBCODE_HTML) ? true : false;
$show['php_bbcode'] = ($show['php_bbcode'] and $allowedoption & ALLOW_BBCODE_PHP) ? true : false;
$show['url_bbcode'] = ($show['url_bbcode'] and $allowedoption & ALLOW_BBCODE_URL) ? true : false;
$show['quote_bbcode'] = ($show['quote_bbcode'] and $allowedoption & ALLOW_BBCODE_QUOTE) ? true : false;
$show['img_bbcode'] = $allowedoption & ALLOW_BBCODE_IMG ? true : false;
$can_toolbar = ($show['font_bbcode'] or $show['size_bbcode'] or $show['color_bbcode'] or $show['basic_bbcode'] or $show['align_bbcode'] or $show['list_bbcode'] or $show['code_bbcode'] or $show['html_bbcode'] or $show['php_bbcode'] or $show['url_bbcode'] or $show['quote_bbcode'] or $show['img_bbcode']);
$allow_custom_bbcode = $allowedoption & ALLOW_BBCODE_CUSTOM ? true : false;
break;
case 'nonforum':
$can_toolbar = $vbulletin->options['allowbbcode'];
$show['img_bbcode'] = $vbulletin->options['allowbbimagecode'];
break;
default:
if ($editor_override) {
$editor_settings = $editor_override->get_editor_settings();
$can_toolbar = $editor_settings['can_toolbar'];
$allow_custom_bbcode = $editor_settings['allow_custom_bbcode'];
// note: set $show variables directly as necessary in your get_editor_settings function
} else {
if (intval($forumid)) {
$forum = fetch_foruminfo($forumid);
$can_toolbar = $forum['allowbbcode'];
$show['img_bbcode'] = $forum['allowimages'];
} else {
$can_toolbar = false;
$show['img_bbcode'] = false;
}
}
// Legacy Hook 'editor_toolbar_switch' Removed //
break;
}
// set the editor mode
if (isset($_REQUEST['wysiwyg'])) {
// 2 = wysiwyg; 1 = standard
if ($_REQUEST['wysiwyg']) {
$vbulletin->userinfo['showvbcode'] = 2;
} else {
if ($vbulletin->userinfo['showvbcode'] == 0) {
$vbulletin->userinfo['showvbcode'] = 0;
} else {
$vbulletin->userinfo['showvbcode'] = 1;
}
}
}
$toolbartype = $can_toolbar ? is_wysiwyg_compatible(-1, $editor_type) : 0;
$show['wysiwyg_compatible'] = is_wysiwyg_compatible(2, $editor_type) == 2;
$show['editor_toolbar'] = $toolbartype > 0;
$templater = vB_Template::create('editor_toolbar_colors');
$colors = $templater->render();
switch ($editor_type) {
case 'qr':
if ($force_editorid == '') {
$editorid = 'vB_Editor_QR';
} else {
$editorid = $force_editorid;
}
$editor_height = 100;
$editor_template_name = 'showthread_quickreply';
break;
case 'qr_small':
if ($force_editorid == '') {
$editorid = 'vB_Editor_QR';
} else {
$editorid = $force_editorid;
}
$editor_height = 60;
$editor_template_name = 'showthread_quickreply';
break;
case 'qr_pm':
if ($force_editorid == '') {
$editorid = 'vB_Editor_QR';
} else {
$editorid = $force_editorid;
}
$editor_height = 120;
$editor_template_name = 'pm_quickreply';
break;
case 'qe':
case 'qenr':
if ($force_editorid == '') {
$editorid = 'vB_Editor_QE';
} else {
$editorid = $force_editorid;
}
$editor_height = 200;
$editor_template_name = 'postbit_quickedit';
break;
/*
case 'qenr':
if ($force_editorid == '')
{
$editorid = 'vB_Editor_QE';
}
else
{
$editorid = $force_editorid;
}
$editor_height = 200;
$editor_template_name = 'memberinfo_quickedit';
break;
*/
/*
case 'qenr':
if ($force_editorid == '')
{
$editorid = 'vB_Editor_QE';
}
else
{
$editorid = $force_editorid;
}
$editor_height = 200;
$editor_template_name = 'memberinfo_quickedit';
break;
*/
default:
if ($editor_override) {
$editorcount++;
$editor_info = $editor_override->get_editor_type(array('force_editorid' => $force_editorid, 'editor_count' => $editorcount, 'editor_type' => $editor_type, 'toolbar_type' => $toolbartype));
$editorid = $editor_info['editor_id'];
$editor_height = $editor_info['editor_height'];
$editor_template_name = $editor_info['editor_template_name'];
} else {
if ($force_editorid == '') {
$editorid = 'vB_Editor_' . str_pad(++$editorcount, 3, 0, STR_PAD_LEFT);
} else {
$editorid = $force_editorid;
}
// set the height of the editor based on the editor_height cookie if it exists
$editor_height = $vbulletin->input->clean_gpc('c', 'editor_height', vB_Cleaner::TYPE_UINT);
$editor_height = $editor_height > 100 ? $editor_height : 250;
$editor_template_name = $toolbartype ? 'editor_toolbar_on' : 'editor_toolbar_off';
}
break;
}
// init the variables used by the templates built by this function
$vBeditJs = array('normalmode' => 'false');
$vBeditTemplate = array('clientscript' => '', 'fontfeedback' => '', 'sizefeedback' => '', 'smiliepopup' => '');
$extrabuttons = '';
// Legacy Hook 'editor_toolbar_start' Removed //
// show a post editing toolbar of some sort
if ($show['editor_toolbar']) {
if ($can_attach) {
$show['attach'] = true;
}
// get extra buttons... experimental at the moment
$extrabuttons = construct_editor_extra_buttons($editorid, $allow_custom_bbcode);
if ($toolbartype == 2 or defined('VB_API') and VB_API === true) {
// got to parse the message to be displayed from bbcode into HTML
if ($text !== '') {
if ($editor_override) {
$newpost['message'] = $editor_override->parse_for_wysiwyg($text, array('allowsmilies' => $allowsmilie and $parsesmilie, 'ishtml' => $ishtml));
} else {
require_once DIR . '/includes/functions_wysiwyg.php';
$newpost['message'] = parse_wysiwyg_html($text, $ishtml, $forumid, iif($allowsmilie and $parsesmilie, 1, 0));
}
} else {
$newpost['message'] = '';
}
$newpost['message'] = htmlspecialchars($newpost['message']);
if (defined('VB_API') and VB_API === true) {
if ($ishtml) {
$newpost['message_bbcode'] = convert_wysiwyg_html_to_bbcode($text);
} else {
$newpost['message_bbcode'] = $text;
}
}
} else {
$newpost['message'] = $text;
// set mode based on cookie set by javascript
/*$vbulletin->input->clean_gpc('c', COOKIE_PREFIX . 'vbcodemode', vB_Cleaner::TYPE_INT);
$modechecked[$vbulletin->GPC[COOKIE_PREFIX . 'vbcodemode']] = 'checked="checked"';*/
}
} else {
// do not show a post editing toolbar
$newpost['message'] = $text;
}
// disable smilies option and clickable smilie
$show['smiliebox'] = false;
$smiliebox = '';
$smiliepopup = '';
$disablesmiliesoption = '';
if ($editor_type == 'qr' or $editor_type == 'qr_small') {
// no smilies
} else {
if ($allowsmilie and $show['editor_toolbar']) {
// deal with disable smilies option
if (!isset($checked['disablesmilies'])) {
$vbulletin->input->clean_gpc('r', 'disablesmilies', vB_Cleaner::TYPE_BOOL);
$checked['disablesmilies'] = iif($vbulletin->GPC['disablesmilies'], 'checked="checked"');
}
$templater = vB_Template::create('newpost_disablesmiliesoption');
$templater->register('checked', $checked);
$disablesmiliesoption = $templater->render();
if ($toolbartype and $vbulletin->options['wysiwyg_smtotal'] > 0) {
// query smilies
$smilies = $vbulletin->db->query_read_slave("\n\t\t\t\tSELECT smilieid, smilietext, smiliepath, smilie.title,\n\t\t\t\t\timagecategory.title AS category\n\t\t\t\tFROM " . TABLE_PREFIX . "smilie AS smilie\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "imagecategory AS imagecategory USING(imagecategoryid)\n\t\t\t\tORDER BY imagecategory.displayorder, imagecategory.title, smilie.displayorder\n\t\t\t");
// get total number of smilies
$totalsmilies = $vbulletin->db->num_rows($smilies);
if ($totalsmilies > 0) {
if ($vbulletin->options['wysiwyg_smtotal'] > 0) {
$show['wysiwygsmilies'] = true;
// smilie dropdown menu
$i = 0;
while ($smilie = $vbulletin->db->fetch_array($smilies)) {
if ($prevcategory != $smilie['category']) {
$prevcategory = $smilie['category'];
$templater = vB_Template::create('editor_smilie_category');
$templater->register('smilie', $smilie);
$smiliepopup .= $templater->render();
}
if ($i++ < $vbulletin->options['wysiwyg_smtotal']) {
$templater = vB_Template::create('editor_smilie_row');
$templater->register('smilie', $smilie);
$smiliepopup .= $templater->render();
} else {
$show['moresmilies'] = true;
break;
}
}
} else {
$show['wysiwygsmilies'] = false;
}
$vbulletin->db->free_result($smilies);
}
}
}
}
// Legacy Hook 'editor_toolbar_end' Removed //
$templater = vB_Template::create('editor_clientscript');
$templater->register('vBeditJs', $vBeditJs);
$templater->register('attachinfo', $attachinfo);
$values = '';
if (!empty($attachinfo['values'])) {
foreach ($attachinfo['values'] as $key => $value) {
$values .= "\n\t\t\t\t\t{$key}: '" . addslashes_js($value) . "',\n\t\t\t\t";
}
}
$templater->register('values', $values);
$vBeditTemplate['clientscript'] = $templater->render();
$ajax_extra = addslashes_js($ajax_extra);
$editortype = $toolbartype == 2 ? 1 : 0;
$show['is_wysiwyg_editor'] = intval($editortype);
$templater = vB_Template::create($editor_template_name);
$templater->register('extrabuttons', $extrabuttons);
$templater->register('ajax_extra', $ajax_extra);
$templater->register('editorid', $editorid);
$templater->register('editortype', $editortype);
$templater->register('editor_height', $editor_height);
$templater->register('forumid', $editor_override ? $editor_override->get_parse_type() : $forumid);
$templater->register('istyles', $istyles);
$templater->register('newpost', $newpost);
$templater->register('parsesmilie', $parsesmilie);
$templater->register('smiliebox', $smiliebox);
$templater->register('vBeditTemplate', $vBeditTemplate);
$templater->register('fontnames', $fontnames);
$templater->register('fontsizes', $fontsizes);
$templater->register('colors', $colors);
$templater->register('smiliepopup', $smiliepopup);
$templater->register('attachinfo', $attachinfo);
$templater->register('content', $content);
$messagearea = $templater->render();
return $editorid;
}
// ############################### start update post ###############################
if ($_POST['do'] == 'updatepost') {
// Variables reused in templates
$posthash = $vbulletin->input->clean_gpc('p', 'posthash', TYPE_NOHTML);
$poststarttime = $vbulletin->input->clean_gpc('p', 'poststarttime', TYPE_UINT);
$vbulletin->input->clean_array_gpc('p', array('stickunstick' => TYPE_BOOL, 'openclose' => TYPE_BOOL, 'wysiwyg' => TYPE_BOOL, 'message' => TYPE_STR, 'title' => TYPE_STR, 'prefixid' => TYPE_NOHTML, 'iconid' => TYPE_UINT, 'parseurl' => TYPE_BOOL, 'signature' => TYPE_BOOL, 'disablesmilies' => TYPE_BOOL, 'reason' => TYPE_NOHTML, 'preview' => TYPE_STR, 'folderid' => TYPE_UINT, 'emailupdate' => TYPE_UINT, 'ajax' => TYPE_BOOL, 'advanced' => TYPE_BOOL, 'postcount' => TYPE_UINT, 'podcasturl' => TYPE_STR, 'podcastsize' => TYPE_UINT, 'podcastexplicit' => TYPE_BOOL, 'podcastkeywords' => TYPE_STR, 'podcastsubtitle' => TYPE_STR, 'podcastauthor' => TYPE_STR, 'quickeditnoajax' => TYPE_BOOL));
// Make sure the posthash is valid
($hook = vBulletinHook::fetch_hook('editpost_update_start')) ? eval($hook) : false;
if (md5($poststarttime . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']) != $posthash) {
$posthash = 'invalid posthash';
// don't phrase me
}
// ### PREP INPUT ###
if ($vbulletin->GPC['wysiwyg']) {
require_once DIR . '/includes/functions_wysiwyg.php';
$edit['message'] = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $foruminfo['allowhtml']);
} else {
$edit['message'] =& $vbulletin->GPC['message'];
}
$cansubscribe = true;
// Are we editing someone else's post? If so load that users subscription info for this thread.
if ($vbulletin->userinfo['userid'] != $postinfo['userid']) {
if ($postinfo['userid']) {
$userinfo = fetch_userinfo($postinfo['userid']);
cache_permissions($userinfo);
}
$cansubscribe = ($userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview'] and $userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] and ($threadinfo['postuserid'] == $userinfo['userid'] or $userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']));
if ($cansubscribe and $otherthreadinfo = $db->query_first_slave("\n\t\t\tSELECT emailupdate, folderid\n\t\t\tFROM " . TABLE_PREFIX . "subscribethread\n\t\t\tWHERE threadid = {$threadinfo['threadid']} AND\n\t\t\t\tuserid = {$postinfo['userid']} AND\n\t\t\t\tcanview = 1")) {
$threadinfo['issubscribed'] = true;
$threadinfo['emailupdate'] = $otherthreadinfo['emailupdate'];
$threadinfo['folderid'] = $otherthreadinfo['folderid'];
break;
case 'signature':
$dohtml = $vbulletin->userinfo['permissions']['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['allowhtml'];
break;
default:
if (intval($vbulletin->GPC['parsetype'])) {
$parsetype = intval($vbulletin->GPC['parsetype']);
$foruminfo = fetch_foruminfo($parsetype);
$dohtml = $foruminfo['allowhtml'];
break;
} else {
$dohtml = false;
}
($hook = vBulletinHook::fetch_hook('editor_switch_wysiwyg_to_standard')) ? eval($hook) : false;
}
$xml->add_tag('message', convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $dohtml));
}
$xml->print_xml();
}
// #############################################################################
// mark forums read
if ($_POST['do'] == 'markread') {
$vbulletin->input->clean_gpc('p', 'forumid', TYPE_UINT);
require_once DIR . '/includes/functions_misc.php';
$mark_read_result = mark_forums_read($foruminfo['forumid']);
$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
$xml->add_group('readmarker');
$xml->add_tag('phrase', $mark_read_result['phrase']);
$xml->add_tag('url', $mark_read_result['url']);
$xml->add_group('forums');
if (is_array($mark_read_result['forumids'])) {
'humanverify' => TYPE_ARRAY,
'loggedinuser' => TYPE_UINT,
'fromquickcomment' => TYPE_BOOL,
'preview' => TYPE_STR,
'advanced' => TYPE_BOOL,
'fromconverse' => TYPE_BOOL,
'u2' => TYPE_UINT,
));
($hook = vBulletinHook::fetch_hook('visitor_message_post_start')) ? eval($hook) : false;
// unwysiwygify the incoming data
if ($vbulletin->GPC['wysiwyg'])
{
require_once(DIR . '/includes/functions_wysiwyg.php');
$vbulletin->GPC['message'] = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $vbulletin->options['allowhtml']);
}
// parse URLs in message text
if ($vbulletin->options['allowbbcode'] AND $vbulletin->GPC['parseurl'])
{
require_once(DIR . '/includes/functions_newpost.php');
$vbulletin->GPC['message'] = convert_url_to_bbcode($vbulletin->GPC['message']);
}
$message = array(
'message' =>& $vbulletin->GPC['message'],
'userid' =>& $userinfo['userid'],
'postuserid' =>& $vbulletin->userinfo['userid'],
'disablesmilies' =>& $vbulletin->GPC['disablesmilies'],
'parseurl' =>& $vbulletin->GPC['parseurl'],
$itemtype = 'announcement';
$threadactiontime = 0;
if (defined('IN_CONTROL_PANEL')) {
echo "<li><a href=\"{$itemlink}\" target=\"feed\">{$itemtitle}</a></li>";
}
$rsslog_insert_sql[] = array('rssfeedid' => $item['rssfeedid'], 'itemid' => $itemid, 'itemtype' => $itemtype, 'uniquehash' => vB::getDbAssertor()->escape_string($uniquehash), 'contenthash' => vB::getDbAssertor()->escape_string($item['contenthash']), 'dateline' => vB::getRequest()->getTimeNow(), 'topicactiontime' => $threadactiontime);
$cronlog_items["{$item['rssfeedid']}"][] = "\t<li>{$vbphrase[$itemtype]} <a href=\"{$itemlink}\" target=\"logview\"><em>{$itemtitle}</em></a></li>";
$announcementCache[$feed['nodeid']] = 'vB_Announcements_' . $feed['nodeid'];
}
break;
// insert item as thread
// insert item as thread
case 'thread':
default:
$pagetext = $feed['xml']->parse_template($feed['bodytemplate'], $item);
$itemtitle = strip_bbcode(convert_wysiwyg_html_to_bbcode($feed['xml']->parse_template($feed['titletemplate'], $item)));
if (empty($itemtitle)) {
$itemtitle = vB_Phrase::fetchSinglePhrase('rssposter_post_from_x', array($feed['title']));
}
$itemAddResult = vB_Library::instance('content_text')->add(array('userid' => $feed['userid'], 'sticky' => $feed['rssoptions'] & $bf_misc_feedoptions['stickthread'] ? 1 : 0, 'parentid' => $feed['nodeid'], 'title' => $itemtitle, 'rawtext' => $pagetext, 'approved' => $feed['rssoptions'] & $bf_misc_feedoptions['moderatethread'] ? 0 : 1, 'showapproved' => $feed['rssoptions'] & $bf_misc_feedoptions['moderatethread'] ? 0 : 1, 'iconid' => !empty($feed['iconid']) ? $feed['iconid'] : 0), array('autoparselinks' => 1, 'nl2br' => $nl2br, 'skipDupCheck' => 1), $convertHtmlToBbcode);
$itemid = !empty($itemAddResult['nodeid']) ? $itemAddResult['nodeid'] : false;
$threadactiontime = $feed['topicactiondelay'] > 0 ? vB::getRequest()->getTimeNow() + $feed['topicactiondelay'] * 3600 : 0;
if ($itemid) {
$itemtype = 'topic';
$itemlink = vB_Api::instanceInternal('route')->getAbsoluteNodeUrl($itemid);
if (defined('IN_CONTROL_PANEL')) {
echo "<li><a href=\"{$itemlink}\" target=\"feed\">{$itemtitle}</a></li>";
}
$rsslog_insert_sql[] = array('rssfeedid' => $item['rssfeedid'], 'itemid' => $itemid, 'itemtype' => $itemtype, 'uniquehash' => vB::getDbAssertor()->escape_string($uniquehash), 'contenthash' => vB::getDbAssertor()->escape_string($item['contenthash']), 'dateline' => vB::getRequest()->getTimeNow(), 'topicactiontime' => $threadactiontime);
$cronlog_items["{$item['rssfeedid']}"][] = "\t<li>{$vbphrase[$itemtype]} <a href=\"{$itemlink}\" target=\"logview\"><em>{$itemtitle}</em></a></li>";
}
if ($_GET['do'] != 'edit') {
$errors['upload'] = 'color=#FF0000"';
//$errors['link'] = 'color=#FF0000"';
$errors['message'] .= '<center>' . $vbphrase['ecdownloads_must_submit_file'] . '</center><br />';
}
}
}
if ($upload == true) {
if (!strstr("|" . str_replace(" ", "|", $dl->ext) . "|", $ext)) {
$errors['message'] .= '<center>' . $vbphrase['ecdownloads_invalid_extension'] . ': ' . $dl->ext . '</center><br />';
}
}
if (!isset($errors)) {
$_POST['desc'] = $_POST['message'];
if ($_POST['wysiwyg'] == 1) {
$_POST['desc'] = convert_wysiwyg_html_to_bbcode($_POST['message'], 0);
} else {
$_POST['desc'] =& $_POST['message'];
}
$_POST['desc'] = convert_url_to_bbcode($_POST['desc']);
if ($upload) {
$newfilename = TIMENOW % 100000 . '-' . $_FILES['upload']['name'];
if (move_uploaded_file($_FILES['upload']['tmp_name'], $dl->url . $newfilename)) {
chmod($dl->url . $newfilename, 0666);
$size = @filesize($dl->url . $newfilename);
} else {
$errors['message'] .= '<center><span style="color: red;">The upload failed! Upload error.</span></center><br />';
}
} else {
if ($link) {
$newfilename = $_POST['link'];
eval(print_standard_redirect(''));
}
$title = $vbulletin->input->clean_gpc('p', 'title', TYPE_STR);
$title = addslashes($title);
if (!$title) {
$vbulletin->url = "cannedreplies.php?do=edit&id=" . $id;
eval(print_standard_redirect(''));
}
$vbulletin->input->clean_array_gpc('p', array('message' => TYPE_STR, 'wysiwyg' => TYPE_BOOL));
if ($vbulletin->GPC['wysiwyg']) {
$reply = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], 1);
} else {
$reply = $vbulletin->GPC['message'];
}
if ($vbulletin->GPC['wysiwyg']) {
$reply = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], 1);
} else {
$reply = $vbulletin->GPC['message'];
}
$db->query_write("UPDATE " . TABLE_PREFIX . "cannedreplies SET title = '" . $title . "', reply = '" . addslashes($reply) . "' WHERE id='" . $id . "' AND userid='" . $userid . "' ");
$vbulletin->url = "cannedreplies.php";
eval(print_standard_redirect(''));
}
// #############################################################################
if ($_REQUEST['do'] == 'edit') {
$id = $vbulletin->input->clean_gpc('g', 'id', TYPE_UINT);
if (!$id) {
$vbulletin->url = "cannedreplies.php";
eval(print_standard_redirect(''));
}
$userid = $vbulletin->userinfo['userid'];
}
}
require_once DIR . '/includes/class_bbcode.php';
$bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list());
$output = '';
$count = 0;
$bbcodeApi = vB_Api::instanceInternal('bbcode');
$bbcodeLibrary = vB_Library::instance('bbcode');
foreach ($xml->fetch_items() as $item) {
if ($vbulletin->GPC['maxresults'] and $count++ >= $vbulletin->GPC['maxresults']) {
break;
}
if (!empty($item['content:encoded'])) {
$content_encoded = true;
}
$title = $bbcode_parser->parse(strip_bbcode(convert_wysiwyg_html_to_bbcode($xml->parse_template($vbulletin->GPC['titletemplate'], $item))), 0, false);
$body = $xml->parse_template($vbulletin->GPC['bodytemplate'], $item);
$dobbcode = false;
if ($vbulletin->GPC['options']['html2bbcode']) {
$dobbcode = true;
$body = nl2br($body);
$body = $bbcodeApi->convertWysiwygTextToBbcode($body, array('autoparselinks' => 1));
}
$body = $bbcodeLibrary->doParse($body, true, false, $dobbcode);
$output .= '<div class="alt2" style="border:inset 1px; padding:5px; width:400px; height: 175px; margin:10px; overflow: auto;"><h3><em>' . $title . '</em></h3>' . $body . '</div>';
}
$feed = array();
foreach ($input_vars as $varname => $foo) {
$feed["{$varname}"] = $vbulletin->GPC["{$varname}"];
}
define('FEED_SAVE_ERROR', true);
$photoplog_html_output = str_replace("src=\"images/smilies/", "src=\"" . $vbulletin->options['bburl'] . "/images/smilies/", $photoplog_html_output);
if ($photoplog_fileversion == 6) {
$xml->add_tag('message', $photoplog_html_output);
} else {
echo $photoplog_html_output;
}
} else {
switch ($vbulletin->GPC['parsetype']) {
case 'nonforum':
$dohtml = $do_html;
break;
default:
$dohtml = 0;
}
$vbulletin->GPC['message'] = str_replace("src=\"" . $vbulletin->options['bburl'] . "/images/smilies/", "src=\"images/smilies/", $vbulletin->GPC['message']);
if ($photoplog_fileversion == 6) {
$xml->add_tag('message', convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $dohtml));
} else {
echo convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $dohtml);
}
}
if ($photoplog_fileversion == 6) {
$xml->print_xml();
}
}
// ##################### REQUIRE VB AJAX IF NEEDED ########################
if (!$photoplog_ajax_flag && 1 == 2) {
chdir(PHOTOPLOG_FWD);
require_once DIR . '/ajax.php';
chdir(PHOTOPLOG_BWD);
}
} else {
if (!($vbulletin->userinfo['calendarpermissions']["{$calendarinfo['calendarid']}"] & $vbulletin->bf_ugp_calendarpermissions['caneditevent'])) {
print_no_permission();
}
}
}
}
} else {
if (!($vbulletin->userinfo['calendarpermissions']["{$calendarinfo['calendarid']}"] & $vbulletin->bf_ugp_calendarpermissions['canpostevent'])) {
print_no_permission();
}
}
// unwysiwygify the incoming data
if ($vbulletin->GPC['wysiwyg']) {
require_once DIR . '/includes/functions_wysiwyg.php';
$message = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $calendarinfo['allowhtml']);
} else {
$message = $vbulletin->GPC['message'];
}
// init event datamanager class
$eventdata =& datamanager_init('Event', $vbulletin, ERRTYPE_STANDARD);
($hook = vBulletinHook::fetch_hook('calendar_update_process')) ? eval($hook) : false;
$eventdata->set_info('parseurl', $vbulletin->GPC['parseurl'] and $calendarinfo['allowbbcode']);
$eventdata->setr_info('fromtime', $vbulletin->GPC['fromtime']);
$eventdata->setr_info('totime', $vbulletin->GPC['totime']);
$eventdata->setr_info('fromdate', $vbulletin->GPC['fromdate']);
$eventdata->setr_info('todate', $vbulletin->GPC['todate']);
$eventdata->setr_info('type', $vbulletin->GPC['type']);
$eventdata->setr_info('recur', $vbulletin->GPC['recur']);
$eventdata->set('title', $vbulletin->GPC['title']);
$eventdata->set('event', $message);
");
if ($blocks['count'] >= $userinfo['permissions']['vbblog_custompages'])
{
print_no_permission();
}
}
}
// Sidebar
$sidebar =& build_user_sidebar($userinfo, 0, 0, $rules);
// unwysiwygify the incoming data
if ($vbulletin->GPC['wysiwyg'])
{
require_once(DIR . '/includes/functions_wysiwyg.php');
$vbulletin->GPC['message'] = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $userinfo['permissions']['vbblog_entry_permissions'] & $vbulletin->bf_ugp_vbblog_entry_permissions['blog_allowhtml']);
}
// parse URLs in message text
if ($userinfo['permissions']['vbblog_entry_permissions'] & $vbulletin->bf_ugp_vbblog_entry_permissions['blog_allowbbcode'] AND $vbulletin->GPC['parseurl'])
{
require_once(DIR . '/includes/functions_newpost.php');
$vbulletin->GPC['message'] = convert_url_to_bbcode($vbulletin->GPC['message']);
}
$customblock = $sidebarinfo;
$customblock['title'] = $vbulletin->GPC['title'];
$customblock['disablesmilies'] = $vbulletin->GPC['disablesmilies'];
$customblock['parseurl'] = ($userinfo['permissions']['vbblog_entry_permissions'] & $vbulletin->bf_ugp_vbblog_entry_permissions['blog_allowbbcode'] AND $vbulletin->GPC['parseurl']);
$customblock['message'] = $vbulletin->GPC['message'];
$customblock['type'] = $vbulletin->GPC['type'];
$photoplog_categorybit = $photoplog_ds_catopts[$photoplog_file_catid]['options'];
$photoplog_catoptions = convert_bits_to_array($photoplog_categorybit, $photoplog_categoryoptions);
$do_html = $photoplog_catoptions['allowhtml'] ? true : false;
} else {
photoplog_output_page('photoplog_error_page', $vbphrase['photoplog_error'], $vbphrase['photoplog_no'] . ' ' . $vbphrase['photoplog_category']);
}
if ($photoplog_catoptions['actasdivider']) {
$photoplog_file_catid = -999;
}
if ($photoplog_file_catid < 0) {
photoplog_output_page('photoplog_error_page', $vbphrase['photoplog_error'], $vbphrase['photoplog_no'] . ' ' . $vbphrase['photoplog_category']);
}
if ($photoplog_wysiwyg) {
require_once DIR . '/includes/functions_wysiwyg.php';
$photoplog_file_description = str_replace($vbulletin->options['bburl'] . "/images/smilies/", "images/smilies/", $photoplog_file_description);
$photoplog_file_description = convert_wysiwyg_html_to_bbcode($photoplog_file_description, $do_html);
}
if (is_array($photoplog_userfile['name'])) {
$photoplog_userfile['name'] = $photoplog_userfile['name'][0];
$photoplog_userfile['type'] = $photoplog_userfile['type'][0];
$photoplog_userfile['tmp_name'] = $photoplog_userfile['tmp_name'][0];
$photoplog_userfile['error'] = $photoplog_userfile['error'][0];
$photoplog_userfile['size'] = $photoplog_userfile['size'][0];
}
$photoplog_urlflag = 0;
$photoplog_file_error = 1;
if (vbstrlen($photoplog_userlink) > 0) {
@ini_set('user_agent', 'PHP');
$photoplog_urlflag = 0;
$photoplog_file_error = 1;
$photoplog_urllink = str_replace(array(' ', '..'), array('+', ''), $photoplog_userlink);
$do_comments = $photoplog_catoptions['allowcomments'] ? true : false;
}
if (!$do_comments) {
photoplog_index_bounce();
}
/*
if ($photoplog['comment'] == '' || vbstrlen($photoplog['comment']) < intval($vbulletin->options['postminchars']))
{
$photoplog_msg_too_short = construct_phrase($vbphrase['message_too_short'],$vbulletin->options['postminchars']);
photoplog_output_page('photoplog_error_page',$vbphrase['photoplog_error'],$photoplog_msg_too_short);
}
*/
if ($photoplog_wysiwyg) {
require_once DIR . '/includes/functions_wysiwyg.php';
$photoplog['comment'] = str_replace($vbulletin->options['bburl'] . "/images/smilies/", "images/smilies/", $photoplog['comment']);
$photoplog['comment'] = convert_wysiwyg_html_to_bbcode($photoplog['comment'], $do_html);
}
if (!$photoplog['commentid']) {
if (defined('PHOTOPLOG_USER8')) {
($hook = vBulletinHook::fetch_hook('photoplog_comment_docomment_add')) ? eval($hook) : false;
$photoplog_have_comment = $photoplog['comment'] != '' ? 1 : 0;
$photoplog_sql = 1;
if (!$photoplog_have_comment || $permissions['photoplogpermissions'] & $vbulletin->bf_ugp_photoplogpermissions['photoplogcanpostunmoderatedcomments']) {
$photoplog_sql = 0;
}
$photoplog_current_last_comment_id0 = intval($photoplog_file_info['last_comment_id0']);
$photoplog_current_last_comment_dateline0 = intval($photoplog_file_info['last_comment_dateline0']);
$photoplog_current_last_comment_id1 = intval($photoplog_file_info['last_comment_id1']);
$photoplog_current_last_comment_dateline1 = intval($photoplog_file_info['last_comment_dateline1']);
$db->query_write("INSERT INTO " . PHOTOPLOG_PREFIX . "photoplog_ratecomment\r\n\t\t\t\t\t(fileid, catid, userid, username, rating, title, comment, dateline, moderate, lastedit)\r\n\t\t\t\t\tVALUES (\r\n\t\t\t\t\t\t" . intval($photoplog['fileid']) . ",\r\n\t\t\t\t\t\t" . intval($photoplog['catid']) . ",\r\n\t\t\t\t\t\t" . intval($vbulletin->userinfo['userid']) . ",\r\n\t\t\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\r\n\t\t\t\t\t\t" . intval($photoplog['rating']) . ",\r\n\t\t\t\t\t\t'" . $db->escape_string($photoplog['title']) . "',\r\n\t\t\t\t\t\t'" . $db->escape_string($photoplog['comment']) . "',\r\n\t\t\t\t\t\t" . intval(TIMENOW) . ",\r\n\t\t\t\t\t\t" . intval($photoplog_sql) . ",\r\n\t\t\t\t\t\t''\r\n\t\t\t\t\t)\r\n\t\t\t\t");
$photoplog_pound_place = $db->insert_id();
if ($_POST['do'] == 'updatesignature') {
$vbulletin->input->clean_array_gpc('p', array('wysiwyg' => TYPE_BOOL, 'message' => TYPE_STR, 'preview' => TYPE_STR, 'deletesigpic' => TYPE_BOOL, 'sigpicurl' => TYPE_STR));
if (!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canusesignature'])) {
eval(standard_error(fetch_error('nosignaturepermission')));
}
if ($permissions['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['cansigpic']) {
$vbulletin->input->clean_gpc('f', 'upload', TYPE_FILE);
}
require_once DIR . '/includes/class_bbcode.php';
require_once DIR . '/includes/class_sigparser.php';
require_once DIR . '/includes/functions_misc.php';
$errors = array();
// DO WYSIWYG processing to get to BB code.
if ($vbulletin->GPC['wysiwyg']) {
require_once DIR . '/includes/functions_wysiwyg.php';
$signature = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $permissions['signaturepermissions'] & $vbulletin->bf_ugp_signaturepermissions['allowhtml']);
} else {
$signature = $vbulletin->GPC['message'];
}
($hook = vBulletinHook::fetch_hook('profile_updatesignature_start')) ? eval($hook) : false;
// handle image uploads
if ($vbulletin->GPC['deletesigpic']) {
if (preg_match('#\\[sigpic\\](.*)\\[/sigpic\\]#siU', $signature)) {
$errors[] = fetch_error('sigpic_in_use');
} else {
$userpic =& datamanager_init('Userpic_Sigpic', $vbulletin, ERRTYPE_STANDARD, 'userpic');
$userpic->condition = "userid = " . $vbulletin->userinfo['userid'];
$userpic->delete();
}
$redirectsig = true;
} else {
function do_post_edit()
{
global $vbulletin, $db, $foruminfo, $forumperms, $threadinfo;
global $postinfo, $vbphrase, $stylevar, $permissions;
$checked = array();
$edit = array();
$postattach = array();
$contenttype = 'vBForum_Post';
if (!$postinfo['postid'] or $postinfo['isdeleted'] or !$postinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
json_error(ERR_INVALID_TOP, RV_POST_ERROR);
}
if (!$threadinfo['threadid'] or $threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) {
json_error(ERR_INVALID_TOP, RV_POST_ERROR);
}
if ($vbulletin->options['wordwrap']) {
$threadinfo['title'] = fetch_word_wrapped_string($threadinfo['title']);
}
// get permissions info
$_permsgetter_ = 'edit post';
$forumperms = fetch_permissions($threadinfo['forumid']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
json_error(ERR_NO_PERMISSION, RV_POST_ERROR);
}
$foruminfo = fetch_foruminfo($threadinfo['forumid'], false);
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
// need to get last post-type information
cache_ordered_forums(1);
// determine if we are allowed to be updating the thread's info
$can_update_thread = ($threadinfo['firstpostid'] == $postinfo['postid'] and (can_moderate($threadinfo['forumid'], 'caneditthreads') or $postinfo['dateline'] + $vbulletin->options['editthreadtitlelimit'] * 60 > TIMENOW));
// otherwise, post is being edited
if (!can_moderate($threadinfo['forumid'], 'caneditposts')) {
// check for moderator
if (!$threadinfo['open']) {
$vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadinfo['threadid']}";
json_error(fetch_error('threadclosed'), RV_POST_ERROR);
}
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['caneditpost'])) {
json_error(ERR_NO_PERMISSION, RV_POST_ERROR);
} else {
if ($vbulletin->userinfo['userid'] != $postinfo['userid']) {
// check user owns this post
json_error(ERR_NO_PERMISSION, RV_POST_ERROR);
} else {
// check for time limits
if ($postinfo['dateline'] < TIMENOW - $vbulletin->options['edittimelimit'] * 60 and $vbulletin->options['edittimelimit'] != 0) {
json_error(fetch_error('edittimelimit', $vbulletin->options['edittimelimit'], $vbulletin->options['contactuslink']), RV_POST_ERROR);
}
}
}
}
// Variables reused in templates
$poststarttime =& $vbulletin->input->clean_gpc('r', poststarttime, TYPE_UINT);
$posthash = md5($vbulletin->GPC['poststarttime'] . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']);
$vbulletin->input->clean_array_gpc('p', array('stickunstick' => TYPE_BOOL, 'openclose' => TYPE_BOOL, 'wysiwyg' => TYPE_BOOL, 'message' => TYPE_STR, 'title' => TYPE_STR, 'prefixid' => TYPE_NOHTML, 'iconid' => TYPE_UINT, 'parseurl' => TYPE_BOOL, 'signature' => TYPE_BOOL, 'disablesmilies' => TYPE_BOOL, 'reason' => TYPE_NOHTML, 'preview' => TYPE_STR, 'folderid' => TYPE_UINT, 'emailupdate' => TYPE_UINT, 'ajax' => TYPE_BOOL, 'advanced' => TYPE_BOOL, 'postcount' => TYPE_UINT, 'podcasturl' => TYPE_STR, 'podcastsize' => TYPE_UINT, 'podcastexplicit' => TYPE_BOOL, 'podcastkeywords' => TYPE_STR, 'podcastsubtitle' => TYPE_STR, 'podcastauthor' => TYPE_STR, 'quickeditnoajax' => TYPE_BOOL));
if ($vbulletin->GPC['message']) {
$vbulletin->GPC['message'] = prepare_remote_utf8_string($vbulletin->GPC['message']);
}
$vbulletin->GPC['signature'] = $vbulletin->GPC_exists['signature'] = true;
// Make sure the posthash is valid
($hook = vBulletinHook::fetch_hook('editpost_update_start')) ? eval($hook) : false;
if (md5($poststarttime . $vbulletin->userinfo['userid'] . $vbulletin->userinfo['salt']) != $posthash) {
$posthash = 'invalid posthash';
// don't phrase me
}
// ### PREP INPUT ###
if ($vbulletin->GPC['wysiwyg']) {
require_once DIR . '/includes/functions_wysiwyg.php';
$edit['message'] = convert_wysiwyg_html_to_bbcode($vbulletin->GPC['message'], $foruminfo['allowhtml']);
} else {
$edit['message'] =& $vbulletin->GPC['message'];
}
$cansubscribe = true;
// Are we editing someone else's post? If so load that users subscription info for this thread.
if ($vbulletin->userinfo['userid'] != $postinfo['userid']) {
if ($postinfo['userid']) {
$userinfo = fetch_userinfo($postinfo['userid']);
cache_permissions($userinfo);
}
$cansubscribe = ($userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview'] and $userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] and ($threadinfo['postuserid'] == $userinfo['userid'] or $userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']));
if ($cansubscribe and $otherthreadinfo = $db->query_first_slave("\n\t\t\tSELECT emailupdate, folderid\n\t\t\tFROM " . TABLE_PREFIX . "subscribethread\n\t\t\tWHERE threadid = {$threadinfo['threadid']} AND\n\t\t\t\tuserid = {$postinfo['userid']} AND\n\t\t\t\tcanview = 1")) {
$threadinfo['issubscribed'] = true;
$threadinfo['emailupdate'] = $otherthreadinfo['emailupdate'];
$threadinfo['folderid'] = $otherthreadinfo['folderid'];
} else {
$threadinfo['issubscribed'] = false;
// use whatever emailupdate setting came through
}
}
if ($vbulletin->GPC['ajax'] or $vbulletin->GPC['quickeditnoajax']) {
// quick edit
$tmpmessage = $vbulletin->GPC['ajax'] ? convert_urlencoded_unicode($edit['message']) : $edit['message'];
$edit = $postinfo;
$edit['message'] =& $tmpmessage;
$edit['title'] = unhtmlspecialchars($edit['title']);
$edit['signature'] =& $edit['showsignature'];
$edit['enablesmilies'] =& $edit['allowsmilie'];
$edit['disablesmilies'] = $edit['enablesmilies'] ? 0 : 1;
$edit['parseurl'] = true;
$edit['prefixid'] = $threadinfo['prefixid'];
$edit['reason'] = fetch_censored_text($vbulletin->GPC['ajax'] ? convert_urlencoded_unicode($vbulletin->GPC['reason']) : $vbulletin->GPC['reason']);
} else {
$edit['iconid'] =& $vbulletin->GPC['iconid'];
$edit['title'] =& $vbulletin->GPC['title'];
$edit['prefixid'] = ($vbulletin->GPC_exists['prefixid'] and can_use_prefix($vbulletin->GPC['prefixid'])) ? $vbulletin->GPC['prefixid'] : $threadinfo['prefixid'];
$edit['podcasturl'] =& $vbulletin->GPC['podcasturl'];
$edit['podcastsize'] =& $vbulletin->GPC['podcastsize'];
$edit['podcastexplicit'] =& $vbulletin->GPC['podcastexplicit'];
$edit['podcastkeywords'] =& $vbulletin->GPC['podcastkeywords'];
$edit['podcastsubtitle'] =& $vbulletin->GPC['podcastsubtitle'];
$edit['podcastauthor'] =& $vbulletin->GPC['podcastauthor'];
// Leave this off for quickedit->advanced so that a post with unparsed links doesn't get parsed just by going to Advanced Edit
$edit['parseurl'] = true;
$edit['signature'] =& $vbulletin->GPC['signature'];
$edit['disablesmilies'] =& $vbulletin->GPC['disablesmilies'];
$edit['enablesmilies'] = $edit['allowsmilie'] = $edit['disablesmilies'] ? 0 : 1;
$edit['stickunstick'] =& $vbulletin->GPC['stickunstick'];
$edit['openclose'] =& $vbulletin->GPC['openclose'];
$edit['reason'] = fetch_censored_text($vbulletin->GPC['reason']);
$edit['preview'] =& $vbulletin->GPC['preview'];
$edit['folderid'] =& $vbulletin->GPC['folderid'];
if (!$vbulletin->GPC['advanced']) {
if ($vbulletin->GPC_exists['emailupdate']) {
$edit['emailupdate'] =& $vbulletin->GPC['emailupdate'];
} else {
$edit['emailupdate'] = array_pop($array = array_keys(fetch_emailchecked($threadinfo)));
}
}
}
$dataman =& datamanager_init('Post', $vbulletin, ERRTYPE_ARRAY, 'threadpost');
$dataman->set_existing($postinfo);
($hook = vBulletinHook::fetch_hook('editpost_update_process')) ? eval($hook) : false;
// set info
$dataman->set_info('parseurl', $vbulletin->options['allowedbbcodes'] & ALLOW_BBCODE_URL and $foruminfo['allowbbcode'] and $edit['parseurl']);
$dataman->set_info('posthash', $posthash);
$dataman->set_info('forum', $foruminfo);
$dataman->set_info('thread', $threadinfo);
$dataman->set_info('show_title_error', true);
$dataman->set_info('podcasturl', $edit['podcasturl']);
$dataman->set_info('podcastsize', $edit['podcastsize']);
$dataman->set_info('podcastexplicit', $edit['podcastexplicit']);
$dataman->set_info('podcastkeywords', $edit['podcastkeywords']);
$dataman->set_info('podcastsubtitle', $edit['podcastsubtitle']);
$dataman->set_info('podcastauthor', $edit['podcastauthor']);
if ($postinfo['userid'] == $vbulletin->userinfo['userid']) {
$dataman->set_info('user', $vbulletin->userinfo);
}
// set options
$dataman->setr('showsignature', $edit['signature']);
$dataman->setr('allowsmilie', $edit['enablesmilies']);
// set data
/*$dataman->setr('userid', $vbulletin->userinfo['userid']);
if ($vbulletin->userinfo['userid'] == 0)
{
$dataman->setr('username', $post['username']);
}*/
$dataman->setr('title', $edit['title']);
$dataman->setr('pagetext', $edit['message']);
if ($postinfo['userid'] != $vbulletin->userinfo['userid']) {
$dataman->setr('iconid', $edit['iconid'], true, false);
} else {
$dataman->setr('iconid', $edit['iconid']);
}
$postusername = $vbulletin->userinfo['username'];
$dataman->pre_save();
if ($dataman->errors) {
$errors = $dataman->errors;
}
if ($dataman->info['podcastsize']) {
$edit['podcastsize'] = $dataman->info['podcastsize'];
}
if (sizeof($errors) > 0) {
fr_standard_error($errors[0]);
} else {
if ($edit['preview']) {
require_once DIR . '/packages/vbattach/attach.php';
$attach = new vB_Attach_Display_Content($vbulletin, 'vBForum_Post');
$postattach = $attach->fetch_postattach($posthash, $postinfo['postid']);
// ### PREVIEW POST ###
$postpreview = process_post_preview($edit, $postinfo['userid'], $postattach);
$previewpost = true;
$_REQUEST['do'] = 'editpost';
} else {
if ($vbulletin->GPC['advanced']) {
// Don't display preview on QuickEdit->Advanced as parseurl is turned off and so the preview won't be correct unless the post originally had checked to not parse links
// If you turn on parseurl then the opposite happens and you have to go unparse your links if that is what you want. Compromise
$_REQUEST['do'] = 'editpost';
} else {
// ### POST HAS NO ERRORS ###
$dataman->save();
$update_edit_log = true;
// don't show edited by AND reason unchanged - don't update edit log
if (!($permissions['genericoptions'] & $vbulletin->bf_ugp_genericoptions['showeditedby']) and $edit['reason'] == $postinfo['edit_reason']) {
$update_edit_log = false;
}
if ($update_edit_log) {
// ug perm: show edited by
if ($postinfo['dateline'] < TIMENOW - $vbulletin->options['noeditedbytime'] * 60 or !empty($edit['reason'])) {
// save the postedithistory
if ($vbulletin->options['postedithistory']) {
// insert original post on first edit
if (!$db->query_first("SELECT postedithistoryid FROM " . TABLE_PREFIX . "postedithistory WHERE original = 1 AND postid = " . $postinfo['postid'])) {
$db->query_write("\n\t\t\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "postedithistory\n\t\t\t\t\t\t\t\t(postid, userid, username, title, iconid, dateline, reason, original, pagetext)\n\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t({$postinfo['postid']},\n\t\t\t\t\t\t\t\t" . $postinfo['userid'] . ",\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['username']) . "',\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['title']) . "',\n\t\t\t\t\t\t\t\t{$postinfo['iconid']},\n\t\t\t\t\t\t\t\t" . $postinfo['dateline'] . ",\n\t\t\t\t\t\t\t\t'',\n\t\t\t\t\t\t\t\t1,\n\t\t\t\t\t\t\t\t'" . $db->escape_string($postinfo['pagetext']) . "')\n\t\t\t\t\t\t");
}
// insert the new version
$db->query_write("\n\t\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "postedithistory\n\t\t\t\t\t\t\t(postid, userid, username, title, iconid, dateline, reason, pagetext)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t({$postinfo['postid']},\n\t\t\t\t\t\t\t" . $vbulletin->userinfo['userid'] . ",\n\t\t\t\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t\t\t\t'" . $db->escape_string($edit['title']) . "',\n\t\t\t\t\t\t\t{$edit['iconid']},\n\t\t\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t\t\t'" . $db->escape_string($edit['reason']) . "',\n\t\t\t\t\t\t\t'" . $db->escape_string($edit['message']) . "')\n\t\t\t\t\t");
}
/*insert query*/
$db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "editlog\n\t\t\t\t\t\t(postid, userid, username, dateline, reason, hashistory)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t({$postinfo['postid']},\n\t\t\t\t\t\t" . $vbulletin->userinfo['userid'] . ",\n\t\t\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\n\t\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t\t'" . $db->escape_string($edit['reason']) . "',\n\t\t\t\t\t\t" . ($vbulletin->options['postedithistory'] ? 1 : 0) . ")\n\t\t\t\t");
}
}
$date = vbdate($vbulletin->options['dateformat'], TIMENOW);
$time = vbdate($vbulletin->options['timeformat'], TIMENOW);
// initialize thread / forum update clauses
$forumupdate = false;
$threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
$threadman->set_existing($threadinfo);
$threadman->set_info('pagetext', $edit['message']);
if ($can_update_thread and $edit['title'] != '') {
// need to update thread title and iconid
if (!can_moderate($threadinfo['forumid'])) {
$threadman->set_info('skip_moderator_log', true);
}
$threadman->set_info('skip_first_post_update', true);
if ($edit['title'] != $postinfo['title']) {
$threadman->set('title', unhtmlspecialchars($edit['title']));
}
if ($edit['iconid'] != $postinfo['iconid']) {
$threadman->set('iconid', $edit['iconid']);
}
if ($vbulletin->GPC_exists['prefixid'] and can_use_prefix($vbulletin->GPC['prefixid'])) {
$threadman->set('prefixid', $vbulletin->GPC['prefixid']);
if ($threadman->thread['prefixid'] === '' and $foruminfo['options'] & $vbulletin->bf_misc_forumoptions['prefixrequired']) {
// the prefix wasn't valid or was set to an empty one, but that's not allowed
$threadman->do_unset('prefixid');
}
}
// do we need to update the forum counters?
$forumupdate = $foruminfo['lastthreadid'] == $threadinfo['threadid'] ? true : false;
}
// can this user open/close this thread if they want to?
if ($vbulletin->GPC['openclose'] and ($threadinfo['postuserid'] != 0 and $threadinfo['postuserid'] == $vbulletin->userinfo['userid'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'] or can_moderate($threadinfo['forumid'], 'canopenclose'))) {
$threadman->set('open', $threadman->fetch_field('open') == 1 ? 0 : 1);
}
if ($vbulletin->GPC['stickunstick'] and can_moderate($threadinfo['forumid'], 'canmanagethreads')) {
$threadman->set('sticky', $threadman->fetch_field('sticky') == 1 ? 0 : 1);
}
($hook = vBulletinHook::fetch_hook('editpost_update_thread')) ? eval($hook) : false;
$threadman->save();
// if this is a mod edit, then log it
if ($vbulletin->userinfo['userid'] != $postinfo['userid'] and can_moderate($threadinfo['forumid'], 'caneditposts')) {
$modlog = array('threadid' => $threadinfo['threadid'], 'forumid' => $threadinfo['forumid'], 'postid' => $postinfo['postid']);
log_moderator_action($modlog, 'post_x_edited', $postinfo['title']);
}
require_once DIR . '/includes/functions_databuild.php';
// do forum update if necessary
if ($forumupdate) {
build_forum_counters($threadinfo['forumid']);
}
// don't do thread subscriptions if we are doing quick edit
if (!$vbulletin->GPC['ajax'] and !$vbulletin->GPC['quickeditnoajax']) {
// ### DO THREAD SUBSCRIPTION ###
// We use $postinfo[userid] so that we update the user who posted this, not the user who is editing this
if (!$threadinfo['issubscribed'] and $edit['emailupdate'] != 9999) {
// user is not subscribed to this thread so insert it
/*insert query*/
$db->query_write("\n\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\tVALUES ({$postinfo['userid']}, {$threadinfo['threadid']}, {$edit['emailupdate']}, {$edit['folderid']}, 1)\n\t\t\t\t");
} else {
// User is subscribed, see if they changed the settings for this thread
if ($edit['emailupdate'] == 9999) {
// Remove this subscription, user chose 'No Subscription'
/*insert query*/
$db->query_write("\n\t\t\t\t\t\tDELETE FROM " . TABLE_PREFIX . "subscribethread\n\t\t\t\t\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\t\t\t\t\tAND userid = {$postinfo['userid']}\n\t\t\t\t\t");
} else {
if ($threadinfo['emailupdate'] != $edit['emailupdate'] or $threadinfo['folderid'] != $edit['folderid']) {
// User changed the settings so update the current record
/*insert query*/
$db->query_write("\n\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\t\t\t\tVALUES ({$postinfo['userid']}, {$threadinfo['threadid']}, {$edit['emailupdate']}, {$edit['folderid']}, 1)\n\t\t\t\t\t");
}
}
}
}
($hook = vBulletinHook::fetch_hook('editpost_update_complete')) ? eval($hook) : false;
}
}
}
return array('success' => true);
}
