/**
* Build a post bit
*
* @param array The post data
* @param int The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post)
* @return string The built post bit
*/
function build_postbit($post, $post_type = 0)
{
global $db, $altbg, $theme, $mybb, $postcounter;
global $titlescache, $page, $templates, $forumpermissions, $attachcache;
global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid;
global $plugins, $parser, $cache, $ignored_users, $hascustomtitle;
$hascustomtitle = 0;
// Set default values for any fields not provided here
foreach (array('subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm') as $post_field) {
if (empty($post[$post_field])) {
$post[$post_field] = '';
}
}
// Set up the message parser if it doesn't already exist.
if (!$parser) {
require_once MYBB_ROOT . "inc/class_parser.php";
$parser = new postParser();
}
$unapproved_shade = '';
if ($post['visible'] == 0 && $post_type == 0) {
$altbg = $unapproved_shade = 'trow_shaded';
} elseif ($altbg == 'trow1') {
$altbg = 'trow2';
} else {
$altbg = 'trow1';
}
$post['fid'] = $fid;
switch ($post_type) {
case 1:
// Message preview
global $forum;
$parser_options['allow_html'] = $forum['allowhtml'];
$parser_options['allow_mycode'] = $forum['allowmycode'];
$parser_options['allow_smilies'] = $forum['allowsmilies'];
$parser_options['allow_imgcode'] = $forum['allowimgcode'];
$parser_options['allow_videocode'] = $forum['allowvideocode'];
$parser_options['me_username'] = $post['username'];
$parser_options['filter_badwords'] = 1;
$id = 0;
break;
case 2:
// Private message
global $message, $pmid;
$parser_options['allow_html'] = $mybb->settings['pmsallowhtml'];
$parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode'];
$parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies'];
$parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode'];
$parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode'];
$parser_options['me_username'] = $post['username'];
$parser_options['filter_badwords'] = 1;
$id = $pmid;
break;
case 3:
// Announcement
global $announcementarray, $message;
$parser_options['allow_html'] = $announcementarray['allowhtml'];
$parser_options['allow_mycode'] = $announcementarray['allowmycode'];
$parser_options['allow_smilies'] = $announcementarray['allowsmilies'];
$parser_options['allow_imgcode'] = 1;
$parser_options['allow_videocode'] = 1;
$parser_options['me_username'] = $post['username'];
$parser_options['filter_badwords'] = 1;
break;
default:
// Regular post
global $forum, $thread, $tid;
$oldforum = $forum;
$id = intval($post['pid']);
$parser_options['allow_html'] = $forum['allowhtml'];
$parser_options['allow_mycode'] = $forum['allowmycode'];
$parser_options['allow_smilies'] = $forum['allowsmilies'];
$parser_options['allow_imgcode'] = $forum['allowimgcode'];
$parser_options['allow_videocode'] = $forum['allowvideocode'];
$parser_options['filter_badwords'] = 1;
if (!$post['username']) {
$post['username'] = $lang->guest;
}
if ($post['userusername']) {
$parser_options['me_username'] = $post['userusername'];
} else {
$parser_options['me_username'] = $post['username'];
}
break;
}
// Sanatize our custom profile fields for use in templates, if people choose to use them
foreach ($post as $post_field => $field_value) {
if (substr($post_field, 0, 3) != 'fid') {
continue;
}
$post[$post_field] = htmlspecialchars_uni($field_value);
}
if (!$postcounter) {
// Used to show the # of the post
if ($page > 1) {
if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) {
$mybb->settings['postsperpage'] = 20;
}
$postcounter = $mybb->settings['postsperpage'] * ($page - 1);
} else {
$postcounter = 0;
}
$post_extra_style = "border-top-width: 0;";
} elseif ($mybb->input['mode'] == "threaded") {
$post_extra_style = "border-top-width: 0;";
} else {
$post_extra_style = "margin-top: 5px;";
}
if (!$altbg) {
// Define the alternate background colour if this is the first post
$altbg = "trow1";
}
$postcounter++;
// Format the post date and time using my_date
$post['postdate'] = my_date($mybb->settings['dateformat'], $post['dateline']);
$post['posttime'] = my_date($mybb->settings['timeformat'], $post['dateline']);
// Dont want any little 'nasties' in the subject
$post['subject'] = $parser->parse_badwords($post['subject']);
// Pm's have been htmlspecialchars_uni()'ed already.
if ($post_type != 2) {
$post['subject'] = htmlspecialchars_uni($post['subject']);
}
if (empty($post['subject'])) {
$post['subject'] = ' ';
}
$post['author'] = $post['uid'];
// Get the usergroup
if ($post['userusername']) {
if (!$post['displaygroup']) {
$post['displaygroup'] = $post['usergroup'];
}
$usergroup = $groupscache[$post['displaygroup']];
} else {
$usergroup = $groupscache[1];
}
if (!is_array($titlescache)) {
$cached_titles = $cache->read("usertitles");
if (!empty($cached_titles)) {
foreach ($cached_titles as $usertitle) {
$titlescache[$usertitle['posts']] = $usertitle;
}
}
if (is_array($titlescache)) {
krsort($titlescache);
}
unset($usertitle, $cached_titles);
}
// Work out the usergroup/title stuff
$post['groupimage'] = '';
if (!empty($usergroup['image'])) {
$language = $mybb->settings['bblanguage'];
if (!empty($mybb->user['language'])) {
$language = $mybb->user['language'];
}
$usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']);
$usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']);
eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";");
if ($mybb->settings['postlayout'] == "classic") {
$post['groupimage'] .= "<br />";
}
}
if ($post['userusername']) {
// This post was made by a registered user
$post['username'] = $post['userusername'];
$post['profilelink_plain'] = get_profile_link($post['uid']);
$post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']);
$post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']);
if (trim($post['usertitle']) != "") {
$hascustomtitle = 1;
}
if ($usergroup['usertitle'] != "" && !$hascustomtitle) {
$post['usertitle'] = $usergroup['usertitle'];
} elseif (is_array($titlescache) && !$usergroup['usertitle']) {
reset($titlescache);
foreach ($titlescache as $key => $titleinfo) {
if ($post['postnum'] >= $key) {
if (!$hascustomtitle) {
$post['usertitle'] = $titleinfo['title'];
}
$post['stars'] = $titleinfo['stars'];
$post['starimage'] = $titleinfo['starimage'];
break;
}
}
}
if ($usergroup['stars']) {
$post['stars'] = $usergroup['stars'];
}
if (empty($post['starimage'])) {
$post['starimage'] = $usergroup['starimage'];
}
if ($post['starimage'] && $post['stars']) {
// Only display stars if we have an image to use...
$post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']);
$post['userstars'] = '';
for ($i = 0; $i < $post['stars']; ++$i) {
$post['userstars'] .= "<img src=\"" . $post['starimage'] . "\" border=\"0\" alt=\"*\" />";
}
$post['userstars'] .= "<br />";
}
$postnum = $post['postnum'];
$post['postnum'] = my_number_format($post['postnum']);
// Determine the status to show for the user (Online/Offline/Away)
$timecut = TIME_NOW - $mybb->settings['wolcutoff'];
if ($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) {
eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_online") . "\";");
} else {
if ($post['away'] == 1 && $mybb->settings['allowaway'] != 0) {
eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_away") . "\";");
} else {
eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";");
}
}
if ($post['avatar'] != "" && ($mybb->user['showavatars'] != 0 || !$mybb->user['uid'])) {
$post['avatar'] = htmlspecialchars_uni($post['avatar']);
$avatar_dimensions = explode("|", $post['avatardimensions']);
if ($avatar_dimensions[0] && $avatar_dimensions[1]) {
list($max_width, $max_height) = explode("x", my_strtolower($mybb->settings['postmaxavatarsize']));
if ($avatar_dimensions[0] > $max_width || $avatar_dimensions[1] > $max_height) {
require_once MYBB_ROOT . "inc/functions_image.php";
$scaled_dimensions = scale_image($avatar_dimensions[0], $avatar_dimensions[1], $max_width, $max_height);
$avatar_width_height = "width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\"";
} else {
$avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\"";
}
}
eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";");
$post['avatar_padding'] = "padding-right: 10px;";
} else {
$post['useravatar'] = '';
$post['avatar_padding'] = '';
}
eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";");
if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) {
eval("\$post['button_pm'] = \"" . $templates->get("postbit_pm") . "\";");
}
if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid']) {
if (!$post['pid']) {
$post['pid'] = 0;
}
eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";");
}
if ($post['website'] != "") {
$post['website'] = htmlspecialchars_uni($post['website']);
eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";");
} else {
$post['button_www'] = "";
}
if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) {
eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";");
} else {
$post['button_email'] = "";
}
$post['userregdate'] = my_date($mybb->settings['regdateformat'], $post['regdate']);
// Work out the reputation this user has (only show if not announcement)
if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) {
$post['userreputation'] = get_reputation($post['reputation'], $post['uid']);
eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";");
}
// Showing the warning level? (only show if not announcement)
if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) {
$warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100);
if ($warning_level > 100) {
$warning_level = 100;
}
$warning_level = get_colored_warning_level($warning_level);
// If we can warn them, it's not the same person, and we're in a PM or a post.
if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) {
eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";");
$warning_link = "warnings.php?uid={$post['uid']}";
} else {
$warning_link = "usercp.php";
}
eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";");
}
eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";");
} else {
// Message was posted by a guest or an unknown user
$post['profilelink'] = format_name($post['username'], 1);
if ($usergroup['usertitle']) {
$post['usertitle'] = $usergroup['usertitle'];
} else {
$post['usertitle'] = $lang->guest;
}
$usergroup['title'] = $lang->na;
$post['userregdate'] = $lang->na;
$post['postnum'] = $lang->na;
$post['button_profile'] = '';
$post['button_email'] = '';
$post['button_www'] = '';
$post['signature'] = '';
$post['button_pm'] = '';
$post['button_find'] = '';
$post['onlinestatus'] = '';
$post['replink'] = '';
eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";");
}
$post['button_edit'] = '';
$post['button_quickdelete'] = '';
$post['button_quote'] = '';
$post['button_quickquote'] = '';
$post['button_report'] = '';
// For private messages, fetch the reply/forward/delete icons
if ($post_type == 2 && $post['pmid']) {
global $replyall;
eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";");
eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";");
eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";");
if ($replyall == true) {
eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";");
}
}
if (!$post_type) {
// Figure out if we need to show an "edited by" message
$post['editedmsg'] = '';
if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) {
$post['editdate'] = my_date($mybb->settings['dateformat'], $post['edittime']);
$post['edittime'] = my_date($mybb->settings['timeformat'], $post['edittime']);
$post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate'], $post['edittime']);
$post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']);
eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";");
}
if ((is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid']) && $mybb->user['uid'] != 0) {
eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";");
}
// Quick Delete button
$can_delete = 0;
if ($mybb->user['uid'] == $post['uid']) {
if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) {
$can_delete = 1;
} else {
if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) {
$can_delete = 1;
}
}
}
if ((is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0) {
eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";");
}
// Inline moderation stuff
if ($ismod) {
if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) {
$inlinecheck = "checked=\"checked\"";
$inlinecount++;
} else {
$inlinecheck = "";
}
eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";");
if ($post['visible'] == 0) {
$invisiblepost = 1;
}
} else {
$post['inlinecheck'] = "";
}
$post['postlink'] = get_post_link($post['pid'], $post['tid']);
eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";");
global $forum, $thread;
if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid']))) {
eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";");
}
if ($forumpermissions['canpostreplys'] != 0 && ($thread['closed'] != 1 || is_moderator($fid)) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) {
eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";");
}
if ($mybb->user['uid'] != "0") {
eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";");
}
if ($mybb->settings['logip'] != "no") {
if ($mybb->settings['logip'] == "show") {
eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";");
} else {
if ($mybb->settings['logip'] == "hide" && is_moderator($fid, "canviewips")) {
eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";");
} else {
$post['iplogged'] = "";
}
}
} else {
$post['iplogged'] = "";
}
} elseif ($post_type == 3) {
if ($mybb->usergroup['issupermod'] == 1 || is_moderator($fid)) {
eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";");
eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";");
}
}
if ($post['smilieoff'] == 1) {
$parser_options['allow_smilies'] = 0;
}
// If we have incoming search terms to highlight - get it done.
if (!empty($mybb->input['highlight'])) {
$parser_options['highlight'] = $mybb->input['highlight'];
$post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']);
}
$post['message'] = $parser->parse_message($post['message'], $parser_options);
get_post_attachments($id, $post);
if ($post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts'])) {
$sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1);
if ($usergroup['signofollow']) {
$sig_parser['nofollow_on'] = 1;
}
$post['signature'] = $parser->parse_message($post['signature'], $sig_parser);
eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";");
} else {
$post['signature'] = "";
}
$icon_cache = $cache->read("posticons");
if ($post['icon'] > 0 && $icon_cache[$post['icon']]) {
$icon = $icon_cache[$post['icon']];
$icon['path'] = htmlspecialchars_uni($icon['path']);
$icon['name'] = htmlspecialchars_uni($icon['name']);
$post['icon'] = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" style=\"vertical-align: middle;\" /> ";
} else {
$post['icon'] = "";
}
$post_visibility = '';
switch ($post_type) {
case 1:
// Message preview
$post = $plugins->run_hooks("postbit_prev", $post);
break;
case 2:
// Private message
$post = $plugins->run_hooks("postbit_pm", $post);
break;
case 3:
// Announcement
$post = $plugins->run_hooks("postbit_announcement", $post);
break;
default:
// Regular post
$post = $plugins->run_hooks("postbit", $post);
// Is this author on the ignore list of the current user? Hide this post
$ignore_bit = '';
if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) {
$ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']);
eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";");
$post_visibility = "display: none;";
}
break;
}
if ($mybb->settings['postlayout'] == "classic") {
eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";");
} else {
eval("\$postbit = \"" . $templates->get("postbit") . "\";");
}
$GLOBALS['post'] = "";
return $postbit;
}
}
eval("\$reputation = \"" . $templates->get("member_profile_reputation") . "\";");
}
$warning_level = '';
if ($mybb->settings['enablewarningsystem'] != 0 && $memperms['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $memprofile['uid'] && $mybb->settings['canviewownwarning'] != 0)) {
$bg_color = alt_trow();
if ($mybb->settings['maxwarningpoints'] < 1) {
$mybb->settings['maxwarningpoints'] = 10;
}
$warning_level = round($memprofile['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100);
if ($warning_level > 100) {
$warning_level = 100;
}
$warn_user = '';
$warning_link = 'usercp.php';
$warning_level = get_colored_warning_level($warning_level);
if ($mybb->usergroup['canwarnusers'] != 0 && $memprofile['uid'] != $mybb->user['uid']) {
eval("\$warn_user = \"" . $templates->get("member_profile_warn") . "\";");
$warning_link = "warnings.php?uid={$memprofile['uid']}";
}
eval("\$warning_level = \"" . $templates->get("member_profile_warninglevel") . "\";");
}
$bgcolor = $alttrow = 'trow1';
$customfields = $profilefields = '';
$query = $db->simple_select("userfields", "*", "ufid = '{$uid}'");
$userfields = $db->fetch_array($query);
// If this user is an Administrator or a Moderator then we wish to show all profile fields
$pfcache = $cache->read('profilefields');
if (is_array($pfcache)) {
foreach ($pfcache as $customfield) {
if ($mybb->usergroup['cancp'] != 1 && $mybb->usergroup['issupermod'] != 1 && $mybb->usergroup['canmodcp'] != 1 && !is_member($customfield['viewableby'])) {
function build_users_view($view)
{
global $mybb, $db, $cache, $lang, $user_view_fields, $page;
$view_title = '';
if ($view['title']) {
$title_string = "view_title_{$view['vid']}";
if ($lang->{$title_string}) {
$view['title'] = $lang->{$title_string};
}
$view_title .= " (" . htmlspecialchars_uni($view['title']) . ")";
}
// Build the URL to this view
if (!isset($view['url'])) {
$view['url'] = "index.php?module=user-users";
}
if (!is_array($view['conditions'])) {
$view['conditions'] = unserialize($view['conditions']);
}
if (!is_array($view['fields'])) {
$view['fields'] = unserialize($view['fields']);
}
if (!is_array($view['custom_profile_fields'])) {
$view['custom_profile_fields'] = unserialize($view['custom_profile_fields']);
}
if (isset($mybb->input['username'])) {
$view['conditions']['username'] = $mybb->input['username'];
}
if ($view['vid']) {
$view['url'] .= "&vid={$view['vid']}";
} else {
// If this is a custom view we need to save everything ready to pass it on from page to page
global $admin_session;
if (!$mybb->input['search_id']) {
$search_id = md5(random_str());
$admin_session['data']['user_views'][$search_id] = $view;
update_admin_session('user_views', $admin_session['data']['user_views']);
$mybb->input['search_id'] = $search_id;
}
$view['url'] .= "&search_id=" . htmlspecialchars_uni($mybb->input['search_id']);
}
if (isset($mybb->input['username'])) {
$view['url'] .= "&username="******"&", "&", $view['url'])) {
update_admin_session('last_users_url', str_replace("&", "&", $view['url']));
}
if (isset($view['conditions']['referrer'])) {
$view['url'] .= "&action=referrers&uid=" . htmlspecialchars_uni($view['conditions']['referrer']);
}
// Do we not have any views?
if (empty($view)) {
return false;
}
$table = new Table();
// Build header for table based view
if ($view['view_type'] != "card") {
foreach ($view['fields'] as $field) {
if (!$user_view_fields[$field]) {
continue;
}
$view_field = $user_view_fields[$field];
$field_options = array();
if ($view_field['width']) {
$field_options['width'] = $view_field['width'];
}
if ($view_field['align']) {
$field_options['class'] = "align_" . $view_field['align'];
}
$table->construct_header($view_field['title'], $field_options);
}
$table->construct_header("<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this);\" />");
// Create a header for the "select" boxes
}
$search_sql = '1=1';
// Build the search SQL for users
// List of valid LIKE search fields
$user_like_fields = array("username", "email", "website", "icq", "aim", "yahoo", "msn", "signature", "usertitle");
foreach ($user_like_fields as $search_field) {
if (!empty($view['conditions'][$search_field]) && !$view['conditions'][$search_field . '_blank']) {
$search_sql .= " AND u.{$search_field} LIKE '%" . $db->escape_string_like($view['conditions'][$search_field]) . "%'";
} else {
if (!empty($view['conditions'][$search_field . '_blank'])) {
$search_sql .= " AND u.{$search_field} != ''";
}
}
}
// EXACT matching fields
$user_exact_fields = array("referrer");
foreach ($user_exact_fields as $search_field) {
if (!empty($view['conditions'][$search_field])) {
$search_sql .= " AND u.{$search_field}='" . $db->escape_string($view['conditions'][$search_field]) . "'";
}
}
// LESS THAN or GREATER THAN
$direction_fields = array("postnum");
foreach ($direction_fields as $search_field) {
$direction_field = $search_field . "_dir";
if (isset($view['conditions'][$search_field]) && ($view['conditions'][$search_field] || $view['conditions'][$search_field] === '0') && $view['conditions'][$direction_field]) {
switch ($view['conditions'][$direction_field]) {
case "greater_than":
$direction = ">";
break;
case "less_than":
$direction = "<";
break;
default:
$direction = "=";
}
$search_sql .= " AND u.{$search_field}{$direction}'" . $db->escape_string($view['conditions'][$search_field]) . "'";
}
}
// Registration searching
$reg_fields = array("regdate");
foreach ($reg_fields as $search_field) {
if (!empty($view['conditions'][$search_field]) && intval($view['conditions'][$search_field])) {
$threshold = TIME_NOW - intval($view['conditions'][$search_field]) * 24 * 60 * 60;
$search_sql .= " AND u.{$search_field} >= '{$threshold}'";
}
}
// IP searching
$ip_fields = array("regip", "lastip");
foreach ($ip_fields as $search_field) {
if (!empty($view['conditions'][$search_field])) {
// IPv6 IP
if (strpos($view['conditions'][$search_field], ":") !== false) {
$view['conditions'][$search_field] = str_replace("*", "%", $view['conditions'][$search_field]);
$ip_sql = "{$search_field} LIKE '" . $db->escape_string($view['conditions'][$search_field]) . "'";
} else {
$ip_range = fetch_longipv4_range($view['conditions'][$search_field]);
if (!is_array($ip_range)) {
$ip_sql = "long{$search_field}='{$ip_range}'";
} else {
$ip_sql = "long{$search_field} > '{$ip_range[0]}' AND long{$search_field} < '{$ip_range[1]}'";
}
}
$search_sql .= " AND {$ip_sql}";
}
}
// Post IP searching
if (!empty($view['conditions']['postip'])) {
// IPv6 IP
if (strpos($view['conditions']['postip'], ":") !== false) {
$view['conditions']['postip'] = str_replace("*", "%", $view['conditions']['postip']);
$ip_sql = "ipaddress LIKE '" . $db->escape_string($view['conditions']['postip']) . "'";
} else {
$ip_range = fetch_longipv4_range($view['conditions']['postip']);
if (!is_array($ip_range)) {
$ip_sql = "longipaddress='{$ip_range}'";
} else {
$ip_sql = "longipaddress > '{$ip_range[0]}' AND longipaddress < '{$ip_range[1]}'";
}
}
$ip_uids = array(0);
$query = $db->simple_select("posts", "uid", $ip_sql);
while ($uid = $db->fetch_field($query, "uid")) {
$ip_uids[] = $uid;
}
$search_sql .= " AND u.uid IN(" . implode(',', $ip_uids) . ")";
unset($ip_uids);
}
// Custom Profile Field searching
if ($view['custom_profile_fields']) {
$userfield_sql = '1=1';
foreach ($view['custom_profile_fields'] as $column => $input) {
if (is_array($input)) {
foreach ($input as $value => $text) {
if ($value == $column) {
$value = $text;
}
if ($value == $lang->na) {
continue;
}
if (strpos($column, '_blank') !== false) {
$column = str_replace('_blank', '', $column);
$userfield_sql .= ' AND ' . $db->escape_string($column) . " != ''";
} else {
$userfield_sql .= ' AND ' . $db->escape_string($column) . "='" . $db->escape_string($value) . "'";
}
}
} else {
if (!empty($input)) {
if ($input == $lang->na) {
continue;
}
if (strpos($column, '_blank') !== false) {
$column = str_replace('_blank', '', $column);
$userfield_sql .= ' AND ' . $db->escape_string($column) . " != ''";
} else {
$userfield_sql .= ' AND ' . $db->escape_string($column) . " LIKE '%" . $db->escape_string($input) . "%'";
}
}
}
}
if ($userfield_sql != '1=1') {
$userfield_uids = array(0);
$query = $db->simple_select("userfields", "ufid", $userfield_sql);
while ($userfield = $db->fetch_array($query)) {
$userfield_uids[] = $userfield['ufid'];
}
$search_sql .= " AND u.uid IN(" . implode(',', $userfield_uids) . ")";
unset($userfield_uids);
}
}
// Usergroup based searching
if (isset($view['conditions']['usergroup'])) {
if (!is_array($view['conditions']['usergroup'])) {
$view['conditions']['usergroup'] = array($view['conditions']['usergroup']);
}
foreach ($view['conditions']['usergroup'] as $usergroup) {
$usergroup = intval($usergroup);
if (!$usergroup) {
continue;
}
switch ($db->type) {
case "pgsql":
case "sqlite":
$additional_sql .= " OR ','||additionalgroups||',' LIKE '%,{$usergroup},%'";
break;
default:
$additional_sql .= "OR CONCAT(',',additionalgroups,',') LIKE '%,{$usergroup},%'";
}
}
$search_sql .= " AND (u.usergroup IN (" . implode(",", array_map('intval', $view['conditions']['usergroup'])) . ") {$additional_sql})";
}
// COPPA users only?
if (isset($view['conditions']['coppa'])) {
$search_sql .= " AND u.coppauser=1 AND u.usergroup=5";
}
// Extra SQL?
if (isset($view['extra_sql'])) {
$search_sql .= $view['extra_sql'];
}
// Lets fetch out how many results we have
$query = $db->query("\n\t\tSELECT COUNT(u.uid) AS num_results\n\t\tFROM " . TABLE_PREFIX . "users u\n\t\tWHERE {$search_sql}\n\t");
$num_results = $db->fetch_field($query, "num_results");
// No matching results then return false
if (!$num_results) {
return false;
} else {
if (!$view['perpage']) {
$view['perpage'] = 20;
}
$view['perpage'] = intval($view['perpage']);
// Establish which page we're viewing and the starting index for querying
// Establish which page we're viewing and the starting index for querying
if (!isset($mybb->input['page'])) {
$mybb->input['page'] = 1;
} else {
$mybb->input['page'] = intval($mybb->input['page']);
}
if ($mybb->input['page']) {
$start = ($mybb->input['page'] - 1) * $view['perpage'];
} else {
$start = 0;
$mybb->input['page'] = 1;
}
$from_bit = "";
if (isset($mybb->input['from']) && $mybb->input['from'] == "home") {
$from_bit = "&from=home";
}
switch ($view['sortby']) {
case "regdate":
case "lastactive":
case "postnum":
case "reputation":
$view['sortby'] = $db->escape_string($view['sortby']);
break;
case "numposts":
$view['sortby'] = "postnum";
break;
case "warninglevel":
$view['sortby'] = "warningpoints";
break;
default:
$view['sortby'] = "username";
}
if ($view['sortorder'] != "desc") {
$view['sortorder'] = "asc";
}
$usergroups = $cache->read("usergroups");
// Fetch matching users
$query = $db->query("\n\t\t\tSELECT u.*\n\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\tWHERE {$search_sql}\n\t\t\tORDER BY {$view['sortby']} {$view['sortorder']}\n\t\t\tLIMIT {$start}, {$view['perpage']}\n\t\t");
$users = '';
while ($user = $db->fetch_array($query)) {
$comma = $groups_list = '';
$user['view']['username'] = "******"index.php?module=user-users&action=edit&uid={$user['uid']}\">" . format_name($user['username'], $user['usergroup'], $user['displaygroup']) . "</a>";
$user['view']['usergroup'] = htmlspecialchars_uni($usergroups[$user['usergroup']]['title']);
if ($user['additionalgroups']) {
$additional_groups = explode(",", $user['additionalgroups']);
foreach ($additional_groups as $group) {
$groups_list .= $comma . htmlspecialchars_uni($usergroups[$group]['title']);
$comma = $lang->comma;
}
}
if (!$groups_list) {
$groups_list = $lang->none;
}
$user['view']['additionalgroups'] = "<small>{$groups_list}</small>";
$user['view']['email'] = "<a href=\"mailto:" . htmlspecialchars_uni($user['email']) . "\">" . htmlspecialchars_uni($user['email']) . "</a>";
$user['view']['regdate'] = my_date($mybb->settings['dateformat'], $user['regdate']) . ", " . my_date($mybb->settings['timeformat'], $user['regdate']);
$user['view']['lastactive'] = my_date($mybb->settings['dateformat'], $user['lastactive']) . ", " . my_date($mybb->settings['timeformat'], $user['lastactive']);
// Build popup menu
$popup = new PopupMenu("user_{$user['uid']}", $lang->options);
$popup->add_item($lang->edit_profile_and_settings, "index.php?module=user-users&action=edit&uid={$user['uid']}");
$popup->add_item($lang->ban_user, "index.php?module=user-banning&uid={$user['uid']}#username");
if ($user['usergroup'] == 5) {
if ($user['coppauser']) {
$popup->add_item($lang->approve_coppa_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}");
} else {
$popup->add_item($lang->approve_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}&my_post_key={$mybb->post_code}{$from_bit}");
}
}
$popup->add_item($lang->delete_user, "index.php?module=user-users&action=delete&uid={$user['uid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->user_deletion_confirmation}')");
$popup->add_item($lang->show_referred_users, "index.php?module=user-users&action=referrers&uid={$user['uid']}");
$popup->add_item($lang->show_ip_addresses, "index.php?module=user-users&action=ipaddresses&uid={$user['uid']}");
$popup->add_item($lang->show_attachments, "index.php?module=forum-attachments&results=1&username="******"-";
}
if ($mybb->settings['enablewarningsystem'] != 0 && $usergroups[$user['usergroup']]['canreceivewarnings'] != 0) {
$warning_level = round($user['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100);
if ($warning_level > 100) {
$warning_level = 100;
}
$user['view']['warninglevel'] = get_colored_warning_level($warning_level);
}
if ($user['avatar'] && !stristr($user['avatar'], 'http://')) {
$user['avatar'] = "../{$user['avatar']}";
}
if ($view['view_type'] == "card") {
$scaled_avatar = fetch_scaled_avatar($user, 80, 80);
} else {
$scaled_avatar = fetch_scaled_avatar($user, 34, 34);
}
if (!$user['avatar']) {
$user['avatar'] = "styles/{$page->style}/images/default_avatar.gif";
}
$user['view']['avatar'] = "<img src=\"" . htmlspecialchars_uni($user['avatar']) . "\" alt=\"\" width=\"{$scaled_avatar['width']}\" height=\"{$scaled_avatar['height']}\" />";
if ($view['view_type'] == "card") {
$users .= build_user_view_card($user, $view, $i);
} else {
build_user_view_table($user, $view, $table);
}
}
// If card view, we need to output the results
if ($view['view_type'] == "card") {
$table->construct_cell($users);
$table->construct_row();
}
}
if (!isset($view['table_id'])) {
$view['table_id'] = "users_list";
}
$switch_view = "<div class=\"float_right\">";
$switch_url = $view['url'];
if ($mybb->input['page'] > 0) {
$switch_url .= "&page=" . intval($mybb->input['page']);
}
if ($view['view_type'] != "card") {
$switch_view .= "<strong>{$lang->table_view}</strong> | <a href=\"{$switch_url}&type=card\" style=\"font-weight: normal;\">{$lang->card_view}</a>";
} else {
$switch_view .= "<a href=\"{$switch_url}&type=table\" style=\"font-weight: normal;\">{$lang->table_view}</a> | <strong>{$lang->card_view}</strong>";
}
$switch_view .= "</div>";
// Do we need to construct the pagination?
if ($num_results > $view['perpage']) {
$pagination = draw_admin_pagination($mybb->input['page'], $view['perpage'], $num_results, $view['url'] . "&type={$view['view_type']}");
$search_class = "float_right";
$search_style = "";
} else {
$search_class = '';
$search_style = "text-align: right;";
}
$search_action = $view['url'];
// stop &username= in the query string
if ($view_upos = strpos($search_action, '&username='******'post', 'search_form', 0, '', true);
$built_view = $search->construct_return;
$built_view .= "<div class=\"{$search_class}\" style=\"padding-bottom: 3px; margin-top: -9px; {$search_style}\">";
$built_view .= $search->generate_hidden_field('action', 'search') . "\n";
if (isset($view['conditions']['username'])) {
$default_class = '';
$value = $view['conditions']['username'];
} else {
$default_class = "search_default";
$value = $lang->search_for_user;
}
$built_view .= $search->generate_text_box('username', $value, array('id' => 'search_keywords', 'class' => "{$default_class} field150 field_small")) . "\n";
$built_view .= "<input type=\"submit\" class=\"search_button\" value=\"{$lang->search}\" />\n";
if ($view['popup']) {
$built_view .= " <div style=\"display: inline\">{$view['popup']}</div>\n";
}
$built_view .= "<script type='text/javascript'>\n\t\tvar form = document.getElementById('search_form');\n\t\tform.onsubmit = function() {\n\t\t\tvar search = document.getElementById('search_keywords');\n\t\t\tif(search.value == '' || search.value == '" . addcslashes($lang->search_for_user, "'") . "')\n\t\t\t{\n\t\t\t\tsearch.focus();\n\t\t\t\treturn false;\n\t\t\t}\n\t\t}\n\n\t\tvar search = document.getElementById('search_keywords');\n\t\tsearch.onfocus = function()\n\t\t{\n\t\t\tif(this.value == '" . addcslashes($lang->search_for_user, "'") . "')\n\t\t\t{\n\t\t\t\t\$(this).removeClassName('search_default');\n\t\t\t\tthis.value = '';\n\t\t\t}\n\t\t}\n\t\tsearch.onblur = function()\n\t\t{\n\t\t\tif(this.value == '')\n\t\t\t{\n\t\t\t\t\$(this).addClassName('search_default');\n\t\t\t\tthis.value = '" . addcslashes($lang->search_for_user, "'") . "';\n\t\t\t}\n\t\t}\n\t\t// fix the styling used if we have a different default value\n\t\tif(search.value != '" . addcslashes($lang->search_for_user, "'") . "')\n\t\t{\n\t\t\t\$(search).removeClassName('search_default');\n\t\t}\n\t\t</script>\n";
$built_view .= "</div>\n";
// Autocompletion for usernames
$built_view .= '
<script type="text/javascript" src="../jscripts/autocomplete.js?ver=140"></script>
<script type="text/javascript">
<!--
new autoComplete("search_keywords", "../xmlhttp.php?action=get_users", {valueSpan: "username"});
// -->
</script>';
$built_view .= $search->end();
if (isset($pagination)) {
$built_view .= $pagination;
}
if ($view['view_type'] != "card") {
$checkbox = '';
} else {
$checkbox = "<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this)\" /> ";
}
$built_view .= $table->construct_html("{$switch_view}<div>{$checkbox}{$lang->users}{$view_title}</div>", 1, "", $view['table_id']);
if (isset($pagination)) {
$built_view .= $pagination;
}
$built_view .= '
<script type="text/javascript" src="' . $mybb->settings['bburl'] . '/jscripts/inline_moderation.js?ver=1400"></script>
<form action="index.php?module=user-users" method="post">
<input type="hidden" name="my_post_key" value="' . $mybb->post_code . '" />
<input type="hidden" name="action" value="inline_edit" />
<div class="float_right"><span class="smalltext"><strong>' . $lang->inline_edit . '</strong></span>
<select name="inline_action" class="inline_select">
<option value="multiactivate">' . $lang->inline_activate . '</option>
<option value="multiban">' . $lang->inline_ban . '</option>
<option value="multiusergroup">' . $lang->inline_usergroup . '</option>
<option value="multidelete">' . $lang->inline_delete . '</option>
<option value="multiprune">' . $lang->inline_prune . '</option>
</select>
<input type="submit" class="button" name="go" value="' . $lang->go . ' (0)" id="inline_go" />
<input type="button" onclick="javascript:inlineModeration.clearChecked();" value="' . $lang->clear . '" class="button" />
</div>
</form>
<br style="clear: both;" />
<script type="text/javascript">
<!--
var go_text = "' . $lang->go . '";
var all_text = "1";
var inlineType = "user";
var inlineId = "acp";
// -->
</script>';
return $built_view;
}
/**
* Build a post bit
*
* @param array $post The post data
* @param int $post_type The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post)
* @return string The built post bit
*/
function build_postbit($post, $post_type = 0)
{
global $db, $altbg, $theme, $mybb, $postcounter, $profile_fields;
global $titlescache, $page, $templates, $forumpermissions, $attachcache;
global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid;
global $plugins, $parser, $cache, $ignored_users, $hascustomtitle;
$hascustomtitle = 0;
// Set default values for any fields not provided here
foreach (array('pid', 'aid', 'pmid', 'posturl', 'button_multiquote', 'subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_purgespammer', 'button_pm', 'button_pubkey', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm', 'replink', 'warninglevel') as $post_field) {
if (empty($post[$post_field])) {
$post[$post_field] = '';
}
}
// Set up the message parser if it doesn't already exist.
if (!$parser) {
require_once MYBB_ROOT . "inc/class_parser.php";
$parser = new postParser();
}
if (!function_exists("purgespammer_show")) {
require_once MYBB_ROOT . "inc/functions_user.php";
}
$unapproved_shade = '';
if (isset($post['visible']) && $post['visible'] == 0 && $post_type == 0) {
$altbg = $unapproved_shade = 'unapproved_post';
} elseif (isset($post['visible']) && $post['visible'] == -1 && $post_type == 0) {
$altbg = $unapproved_shade = 'unapproved_post deleted_post';
} elseif ($altbg == 'trow1') {
$altbg = 'trow2';
} else {
$altbg = 'trow1';
}
$post['fid'] = $fid;
switch ($post_type) {
case 1:
// Message preview
global $forum;
$parser_options['allow_html'] = $forum['allowhtml'];
$parser_options['allow_mycode'] = $forum['allowmycode'];
$parser_options['allow_smilies'] = $forum['allowsmilies'];
$parser_options['allow_imgcode'] = $forum['allowimgcode'];
$parser_options['allow_videocode'] = $forum['allowvideocode'];
$parser_options['me_username'] = $post['username'];
$parser_options['filter_badwords'] = 1;
$id = 0;
break;
case 2:
// Private message
global $message, $pmid;
$idtype = 'pmid';
$parser_options['allow_html'] = $mybb->settings['pmsallowhtml'];
$parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode'];
$parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies'];
$parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode'];
$parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode'];
$parser_options['me_username'] = $post['username'];
$parser_options['filter_badwords'] = 1;
$id = $pmid;
break;
case 3:
// Announcement
global $announcementarray, $message;
$parser_options['allow_html'] = $announcementarray['allowhtml'];
$parser_options['allow_mycode'] = $announcementarray['allowmycode'];
$parser_options['allow_smilies'] = $announcementarray['allowsmilies'];
$parser_options['allow_imgcode'] = 1;
$parser_options['allow_videocode'] = 1;
$parser_options['me_username'] = $post['username'];
$parser_options['filter_badwords'] = 1;
$id = $announcementarray['aid'];
break;
default:
// Regular post
global $forum, $thread, $tid;
$oldforum = $forum;
$id = (int) $post['pid'];
$idtype = 'pid';
$parser_options['allow_html'] = $forum['allowhtml'];
$parser_options['allow_mycode'] = $forum['allowmycode'];
$parser_options['allow_smilies'] = $forum['allowsmilies'];
$parser_options['allow_imgcode'] = $forum['allowimgcode'];
$parser_options['allow_videocode'] = $forum['allowvideocode'];
$parser_options['filter_badwords'] = 1;
if (!$post['username']) {
$post['username'] = $lang->guest;
}
if ($post['userusername']) {
$parser_options['me_username'] = $post['userusername'];
} else {
$parser_options['me_username'] = $post['username'];
}
break;
}
if (!$postcounter) {
// Used to show the # of the post
if ($page > 1) {
if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) {
$mybb->settings['postsperpage'] = 20;
}
$postcounter = $mybb->settings['postsperpage'] * ($page - 1);
} else {
$postcounter = 0;
}
$post_extra_style = "border-top-width: 0;";
} elseif ($mybb->input['mode'] == "threaded") {
$post_extra_style = "border-top-width: 0;";
} else {
$post_extra_style = "margin-top: 5px;";
}
if (!$altbg) {
// Define the alternate background colour if this is the first post
$altbg = "trow1";
}
$postcounter++;
// Format the post date and time using my_date
//$post['postdate'] = my_date('relative', $post['dateline']);
$post['postdate'] = date('Y-m-d', $post['dateline']);
// Dont want any little 'nasties' in the subject
$post['subject'] = $parser->parse_badwords($post['subject']);
// Pm's have been htmlspecialchars_uni()'ed already.
if ($post_type != 2) {
$post['subject'] = htmlspecialchars_uni($post['subject']);
}
if (empty($post['subject'])) {
$post['subject'] = ' ';
}
$post['author'] = $post['uid'];
$post['subject_title'] = $post['subject'];
// Get the usergroup
if ($post['userusername']) {
if (!$post['displaygroup']) {
$post['displaygroup'] = $post['usergroup'];
}
$usergroup = $groupscache[$post['displaygroup']];
} else {
$usergroup = $groupscache[1];
}
if (!is_array($titlescache)) {
$cached_titles = $cache->read("usertitles");
if (!empty($cached_titles)) {
foreach ($cached_titles as $usertitle) {
$titlescache[$usertitle['posts']] = $usertitle;
}
}
if (is_array($titlescache)) {
krsort($titlescache);
}
unset($usertitle, $cached_titles);
}
// Work out the usergroup/title stuff
$post['groupimage'] = '';
if (!empty($usergroup['image'])) {
$language = $mybb->settings['bblanguage'];
if (!empty($mybb->user['language'])) {
$language = $mybb->user['language'];
}
$usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']);
$usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']);
eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";");
if ($mybb->settings['postlayout'] == "classic") {
$post['groupimage'] .= "<br />";
}
}
if ($post['userusername']) {
// This post was made by a registered user
$post['username'] = $post['userusername'];
$post['profilelink_plain'] = get_profile_link($post['uid']);
$post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']);
$post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']);
if (trim($post['usertitle']) != "") {
$hascustomtitle = 1;
}
if ($usergroup['usertitle'] != "" && !$hascustomtitle) {
$post['usertitle'] = $usergroup['usertitle'];
} elseif (is_array($titlescache) && !$usergroup['usertitle']) {
reset($titlescache);
foreach ($titlescache as $key => $titleinfo) {
if ($post['postnum'] >= $key) {
if (!$hascustomtitle) {
$post['usertitle'] = $titleinfo['title'];
}
$post['stars'] = $titleinfo['stars'];
$post['starimage'] = $titleinfo['starimage'];
break;
}
}
}
$post['usertitle'] = htmlspecialchars_uni($post['usertitle']);
if ($usergroup['stars']) {
$post['stars'] = $usergroup['stars'];
}
if (empty($post['starimage'])) {
$post['starimage'] = $usergroup['starimage'];
}
if ($post['starimage'] && $post['stars']) {
// Only display stars if we have an image to use...
$post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']);
$post['userstars'] = '';
for ($i = 0; $i < $post['stars']; ++$i) {
eval("\$post['userstars'] .= \"" . $templates->get("postbit_userstar", 1, 0) . "\";");
}
$post['userstars'] .= "<br />";
}
$postnum = $post['postnum'];
$post['postnum'] = my_number_format($post['postnum']);
$post['threadnum'] = my_number_format($post['threadnum']);
// Determine the status to show for the user (Online/Offline/Away)
/*
$timecut = TIME_NOW - $mybb->settings['wolcutoff'];
if($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive'])
{
eval("\$post['onlinestatus'] = \"".$templates->get("postbit_online")."\";");
}
else
{
if($post['away'] == 1 && $mybb->settings['allowaway'] != 0)
{
eval("\$post['onlinestatus'] = \"".$templates->get("postbit_away")."\";");
}
else
{
eval("\$post['onlinestatus'] = \"".$templates->get("postbit_offline")."\";");
}
}
*/
// Show as always offline
eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";");
$post['useravatar'] = '';
if (isset($mybb->user['showavatars']) && $mybb->user['showavatars'] != 0 || $mybb->user['uid'] == 0) {
$useravatar = format_avatar($post['avatar'], $post['avatardimensions'], $mybb->settings['postmaxavatarsize']);
eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";");
}
$post['button_find'] = '';
if ($mybb->usergroup['cansearch'] == 1) {
eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";");
}
if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) {
//eval("\$post['button_pm'] = \"".$templates->get("postbit_pm")."\";");
}
$post['button_rep'] = '';
if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid'] && $post['visible'] == 1) {
if (!$post['pid']) {
$post['pid'] = 0;
}
eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";");
}
if ($post['website'] != "" && !is_member($mybb->settings['hidewebsite']) && $usergroup['canchangewebsite'] == 1) {
$post['website'] = htmlspecialchars_uni($post['website']);
eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";");
} else {
$post['button_www'] = "";
}
if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) {
eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";");
} else {
$post['button_email'] = "";
}
$post['userregdate'] = $lang->na;
//my_date($mybb->settings['regdateformat'], $post['regdate']);
// Work out the reputation this user has (only show if not announcement)
if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) {
$post['userreputation'] = get_reputation($post['reputation'], $post['uid']);
eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";");
}
// Showing the warning level? (only show if not announcement)
if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) {
if ($mybb->settings['maxwarningpoints'] < 1) {
$mybb->settings['maxwarningpoints'] = 10;
}
$warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100);
if ($warning_level > 100) {
$warning_level = 100;
}
$warning_level = get_colored_warning_level($warning_level);
// If we can warn them, it's not the same person, and we're in a PM or a post.
if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) {
eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";");
$warning_link = "warnings.php?uid={$post['uid']}";
} else {
$post['button_warn'] = '';
$warning_link = "usercp.php";
}
eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";");
}
if ($post_type != 3 && $post_type != 1 && purgespammer_show($post['postnum'], $post['usergroup'], $post['uid'])) {
eval("\$post['button_purgespammer'] = \"" . $templates->get('postbit_purgespammer') . "\";");
}
// Display profile fields on posts - only if field is filled in
if (is_array($profile_fields)) {
foreach ($profile_fields as $field) {
$fieldfid = "fid{$field['fid']}";
if (!empty($post[$fieldfid])) {
$post['fieldvalue'] = '';
$post['fieldname'] = htmlspecialchars_uni($field['name']);
$thing = explode("\n", $field['type'], "2");
$type = trim($thing[0]);
$useropts = explode("\n", $post[$fieldfid]);
if (is_array($useropts) && ($type == "multiselect" || $type == "checkbox")) {
foreach ($useropts as $val) {
if ($val != '') {
eval("\$post['fieldvalue_option'] .= \"" . $templates->get("postbit_profilefield_multiselect_value") . "\";");
}
}
if ($post['fieldvalue_option'] != '') {
eval("\$post['fieldvalue'] .= \"" . $templates->get("postbit_profilefield_multiselect") . "\";");
}
} else {
$field_parser_options = array("allow_html" => $field['allowhtml'], "allow_mycode" => $field['allowmycode'], "allow_smilies" => $field['allowsmilies'], "allow_imgcode" => $field['allowimgcode'], "allow_videocode" => $field['allowvideocode'], "filter_badwords" => 1);
if ($customfield['type'] == "textarea") {
$field_parser_options['me_username'] = $post['username'];
} else {
$field_parser_options['nl2br'] = 0;
}
if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) {
$field_parser_options['allow_imgcode'] = 0;
}
$post['fieldvalue'] = $parser->parse_message($post[$fieldfid], $field_parser_options);
}
eval("\$post['profilefield'] .= \"" . $templates->get("postbit_profilefield") . "\";");
}
}
}
eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";");
} else {
// Message was posted by a guest or an unknown user
$post['profilelink'] = format_name($post['username'], 1);
if ($usergroup['usertitle']) {
$post['usertitle'] = $usergroup['usertitle'];
} else {
$post['usertitle'] = $lang->guest;
}
$post['usertitle'] = htmlspecialchars_uni($post['usertitle']);
$usergroup['title'] = $lang->na;
$post['userregdate'] = $lang->na;
$post['postnum'] = $lang->na;
$post['button_profile'] = '';
$post['button_email'] = '';
$post['button_www'] = '';
$post['signature'] = '';
$post['button_pm'] = $lang->na;
$post['button_find'] = '';
$post['onlinestatus'] = '';
$post['replink'] = '';
eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";");
}
$post['button_edit'] = '';
$post['button_quickdelete'] = '';
$post['button_quickrestore'] = '';
$post['button_quote'] = '';
$post['button_quickquote'] = '';
$post['button_report'] = '';
$post['button_reply_pm'] = '';
$post['button_replyall_pm'] = '';
$post['button_forward_pm'] = '';
$post['button_delete_pm'] = '';
// For private messages, fetch the reply/forward/delete icons
if ($post_type == 2 && $post['pmid']) {
global $replyall;
eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";");
eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";");
eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";");
if ($replyall == true) {
eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";");
}
}
$post['editedmsg'] = '';
if (!$post_type) {
// Figure out if we need to show an "edited by" message
if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) {
//$post['editdate'] = my_date('relative', $post['edittime']);
$post['editdate'] = $lang->na;
$post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate']);
$post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']);
$editreason = "";
if ($post['editreason'] != "") {
$post['editreason'] = $parser->parse_badwords($post['editreason']);
$post['editreason'] = htmlspecialchars_uni($post['editreason']);
eval("\$editreason = \"" . $templates->get("postbit_editedby_editreason") . "\";");
}
eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";");
}
$time = TIME_NOW;
if (is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid'] && $thread['closed'] != 1 && $mybb->usergroup['edittimelimit'] == 0 && $mybb->user['uid'] != 0) {
eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";");
}
// Quick Delete button
$can_delete_thread = $can_delete_post = 0;
if ($mybb->user['uid'] == $post['uid'] && $thread['closed'] == 0) {
if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) {
$can_delete_thread = 1;
} else {
if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) {
$can_delete_post = 1;
}
}
}
$postbit_qdelete = $postbit_qrestore = '';
if ($mybb->user['uid'] != 0) {
if ((is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts") || $can_delete_post == 1) && $postcounter != 1) {
$postbit_qdelete = $lang->postbit_qdelete_post;
$display = '';
if ($post['visible'] == -1) {
$display = "none";
}
eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";");
} else {
if ((is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads") || $can_delete_thread == 1) && $postcounter == 1) {
$postbit_qdelete = $lang->postbit_qdelete_thread;
$display = '';
if ($post['visible'] == -1) {
$display = "none";
}
eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";");
}
}
// Restore Post
if (is_moderator($fid, "canrestoreposts") && $postcounter != 1) {
$display = "none";
if ($post['visible'] == -1) {
$display = '';
}
$postbit_qrestore = $lang->postbit_qrestore_post;
eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";");
} else {
if (is_moderator($fid, "canrestorethreads") && $postcounter == 1) {
$display = "none";
if ($post['visible'] == -1) {
$display = "";
}
$postbit_qrestore = $lang->postbit_qrestore_thread;
eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";");
}
}
}
// Inline moderation stuff
if ($ismod) {
if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) {
$inlinecheck = "checked=\"checked\"";
$inlinecount++;
} else {
$inlinecheck = "";
}
eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";");
if ($post['visible'] == 0) {
$invisiblepost = 1;
}
} else {
$post['inlinecheck'] = "";
}
$post['postlink'] = get_post_link($post['pid'], $post['tid']);
$post_number = my_number_format($postcounter);
eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";");
global $forum, $thread;
if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid'], "canpostclosedthreads")) && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1)) {
eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";");
}
if ($forumpermissions['canpostreplys'] != 0 && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1) && ($thread['closed'] != 1 || is_moderator($fid, "canpostclosedthreads")) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) {
eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";");
}
if ($mybb->user['uid'] != "0") {
eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";");
}
} elseif ($post_type == 3) {
if ($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanageannounce'] == 1 && is_moderator($fid, "canmanageannouncements")) {
eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";");
eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";");
}
}
$post['iplogged'] = '';
$show_ips = $mybb->settings['logip'];
//$ipaddress = my_inet_ntop($db->unescape_binary($post['ipaddress']));
$ipaddress = '127.0.0.1';
// Show post IP addresses... PMs now can have IP addresses too as of 1.8!
if ($post_type == 2) {
$show_ips = $mybb->settings['showpmip'];
}
if (!$post_type || $post_type == 2) {
if ($show_ips != "no" && !empty($post['ipaddress'])) {
if ($show_ips == "show") {
eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";");
} else {
if ($show_ips == "hide" && (is_moderator($fid, "canviewips") || $mybb->usergroup['issupermod'])) {
$action = 'getip';
if ($post_type == 2) {
$action = 'getpmip';
}
eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";");
}
}
}
}
if (isset($post['smilieoff']) && $post['smilieoff'] == 1) {
$parser_options['allow_smilies'] = 0;
}
if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) {
$parser_options['allow_imgcode'] = 0;
}
if ($mybb->user['showvideos'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0) {
$parser_options['allow_videocode'] = 0;
}
// If we have incoming search terms to highlight - get it done.
if (!empty($mybb->input['highlight'])) {
$parser_options['highlight'] = $mybb->input['highlight'];
$post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']);
}
$post['message'] = $parser->parse_message($post['message'], $parser_options);
// Validate key
$keyinfo = user_key_info($post['uid']);
$post['signstatus'];
if ($keyinfo['status'] == "OK") {
$post['signstatus'] = "<span style=\"color: #07a407;\" title=\"Fingerprint: {$keyinfo['fingerprint']}\">✓ podpisano przez {$post['profilelink']}</span>";
}
// Jid link
$ujid = user_jid($post['uid']);
$post['jidlink'] = $ujid;
// User key
$post['userpubkey'] = $keyinfo['key'];
if ($keyinfo['key'] != "") {
eval("\$post['button_pubkey'] = \"" . $templates->get("postbit_pubkey") . "\";");
} else {
$post['button_pubkey'];
}
$post['attachments'] = '';
if ($mybb->settings['enableattachments'] != 0) {
get_post_attachments($id, $post);
}
if (isset($post['includesig']) && $post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts']) && !is_member($mybb->settings['hidesignatures'])) {
$sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1);
if ($usergroup['signofollow']) {
$sig_parser['nofollow_on'] = 1;
}
if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) {
$sig_parser['allow_imgcode'] = 0;
}
$post['signature'] = $parser->parse_message($post['signature'], $sig_parser);
eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";");
} else {
$post['signature'] = "";
}
$icon_cache = $cache->read("posticons");
if (isset($post['icon']) && $post['icon'] > 0 && $icon_cache[$post['icon']]) {
$icon = $icon_cache[$post['icon']];
$icon['path'] = htmlspecialchars_uni($icon['path']);
$icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']);
$icon['name'] = htmlspecialchars_uni($icon['name']);
eval("\$post['icon'] = \"" . $templates->get("postbit_icon") . "\";");
} else {
$post['icon'] = "";
}
$post_visibility = $ignore_bit = '';
switch ($post_type) {
case 1:
// Message preview
$post = $plugins->run_hooks("postbit_prev", $post);
break;
case 2:
// Private message
$post = $plugins->run_hooks("postbit_pm", $post);
break;
case 3:
// Announcement
$post = $plugins->run_hooks("postbit_announcement", $post);
break;
default:
// Regular post
$post = $plugins->run_hooks("postbit", $post);
// Is this author on the ignore list of the current user? Hide this post
if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) {
$ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']);
eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";");
$post_visibility = "display: none;";
}
break;
}
if ($mybb->settings['postlayout'] == "classic") {
eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";");
} else {
eval("\$postbit = \"" . $templates->get("postbit") . "\";");
}
$GLOBALS['post'] = "";
return $postbit;
}
