Exemplo n.º 1
0
function bpi_route_command($cmd)
{
    print "<p class='gohome'><a href='index.php'>BPI Home</a></p>";
    switch ($cmd) {
        ///////////////////////////ADD GROUP////////////////////////////
        case 'add':
            //and new group form
            //do stuff
            print "<div class='container'>";
            if (isset($_POST['addSubmitted'])) {
                $config = process_post($_POST);
                if (isset($config)) {
                    append_file($config);
                }
                print "<p><a href='index.php?cmd=add'>Add More Groups</a></p>";
            } else {
                empty_form();
            }
            print "</div>\n";
            break;
            ///////////////////////////DELETE GROUP////////////////////////////
        ///////////////////////////DELETE GROUP////////////////////////////
        case 'delete':
            //delete stuff
            if (isset($_GET['arg'])) {
                //add javascript confirmation of group deletion
                $arg = htmlentities(trim($_GET['arg']));
                delete_group($arg);
            } else {
                print "<p class='error'>Error: No BPI Group specifies to delete.</p>";
            }
            break;
            ///////////////////////////EDIT GROUP////////////////////////////
        ///////////////////////////EDIT GROUP////////////////////////////
        case 'edit':
            print "<div class='container'>";
            //edit existing groups
            if (isset($_GET['arg'])) {
                //add javascript confirmation of group deletion
                $arg = htmlentities(trim($_GET['arg']));
                $config = get_config_array($arg);
                if (isset($_POST['editSubmitted'])) {
                    $config = process_post($_POST);
                    //process the form data, make sure it comes back valid
                    if (isset($config)) {
                        edit_group($arg, $config);
                    }
                } else {
                    loaded_form($config);
                }
            } else {
                print "<p class='error'>Error: No BPI Group specifies to delete.</p>";
            }
            print "</div>\n";
            break;
        case 'fixconfig':
            include 'config_functions/fix_config.php';
            break;
        default:
            //default to view page if value is bad
            send_home();
            break;
    }
    //end SWITCH
}
Exemplo n.º 2
0
include 'includes/header.php';
?>
                    <!--header ends here -->
            <h1><?php 
echo $pageID;
?>
</h1>
	<?php 
if (isset($_POST['Submit'])) {
    //if data, process it!
    /*
                echo '<pre>';
                var_dump($_POST);
                echo '</pre>';*/
    $to = '*****@*****.**';
    $message = process_post();
    $subject = 'Contact Form from retro site';
    safeEmail($to, $subject, $message);
    echo '
            Thank you for contact us!
            ';
} else {
    //no data, show form
    echo '
            <form method="POST" action="">
            Name: <input type="text" name="Name" required="required" /><br/>
            Email: <input type="email" name="Email" required="required" /><br/>
            Comments: <br/><textarea name="Comments"></textarea><br/>
            <input type="submit" value="Send" name="Submit" />
            </form>
            
Exemplo n.º 3
0
function save_raw_post_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $lang->load("editpost");
    $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'post_title' => Tapatalk_Input::STRING, 'post_content' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'editreason' => Tapatalk_Input::STRING), $xmlrpc_params);
    $parser = new postParser();
    // No permission for guests
    if (!$mybb->user['uid']) {
        return tt_no_permission();
    }
    // Get post info
    $pid = $input['post_id'];
    $query = $db->simple_select("posts", "*", "pid='{$pid}'");
    $post = $db->fetch_array($query);
    if (empty($input['post_title'])) {
        $input['post_title'] = $post['subject'];
    }
    if (!$post['pid']) {
        return xmlrespfalse($lang->error_invalidpost);
    }
    // Get thread info
    $tid = $post['tid'];
    $thread = get_thread($tid);
    if (!$thread['tid']) {
        return xmlrespfalse($lang->error_invalidthread);
    }
    $thread['subject'] = htmlspecialchars_uni($thread['subject']);
    // Get forum info
    $fid = $post['fid'];
    $forum = get_forum($fid);
    if (!$forum || $forum['type'] != "f") {
        return xmlrespfalse($lang->error_closedinvalidforum);
    }
    if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) {
        return tt_no_permission();
    }
    $forumpermissions = forum_permissions($fid);
    if (!is_moderator($fid, "caneditposts")) {
        if ($thread['closed'] == 1) {
            return xmlrespfalse($lang->redirect_threadclosed);
        }
        if ($forumpermissions['caneditposts'] == 0) {
            return tt_no_permission();
        }
        if ($mybb->user['uid'] != $post['uid']) {
            return tt_no_permission();
        }
        // Edit time limit
        $time = TIME_NOW;
        if ($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < $time - $mybb->settings['edittimelimit'] * 60) {
            $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
            return xmlrespfalse($lang->edit_time_limit);
        }
    }
    // Check if this forum is password protected and we have a valid password
    tt_check_forum_password($forum['fid']);
    // Set up posthandler.
    require_once MYBB_ROOT . "inc/datahandlers/post.php";
    $posthandler = new PostDataHandler("update");
    $posthandler->action = "post";
    // Set the post data that came from the input to the $post array.
    $post = array("pid" => $pid, "subject" => $input['post_title'], "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "edit_uid" => $mybb->user['uid'], "message" => $input['post_content']);
    if (version_compare($mybb->version, '1.8.0', '>=') && !empty($input['editreason'])) {
        $post["editreason"] = $input['editreason'];
    }
    // get subscription status
    $query = $db->simple_select("threadsubscriptions", 'notification', "uid='" . intval($mybb->user['uid']) . "' AND tid='" . intval($tid) . "'");
    $substatus = $db->fetch_array($query);
    // Set up the post options from the input.
    $post['options'] = array("signature" => 1, "subscriptionmethod" => isset($substatus['notification']) ? $substatus['notification'] == 1 ? 'instant' : 'none' : '', "disablesmilies" => 0);
    $posthandler->set_data($post);
    // Now let the post handler do all the hard work.
    if (!$posthandler->validate_post()) {
        $post_errors = $posthandler->get_friendly_errors();
        return xmlrespfalse(implode(" :: ", $post_errors));
    } else {
        $postinfo = $posthandler->update_post();
        $visible = $postinfo['visible'];
        $first_post = $postinfo['first_post'];
        // Help keep our attachments table clean.
        $db->delete_query("attachments", "filename='' OR filesize<1");
        if ($visible == 0 && $first_post && !is_moderator($fid, "", $mybb->user['uid'])) {
            $state = 1;
        } else {
            if ($visible == 0 && !is_moderator($fid, "", $mybb->user['uid'])) {
                $state = 1;
            } else {
                $state = 0;
            }
        }
    }
    $pid = intval($pid);
    if (!empty($input['group_id_esc'])) {
        $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'");
    }
    // update thread attachment account
    if (count($input['attachment_id_array']) > 0) {
        update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array'])));
    }
    $post = get_post($pid);
    $parser_options = array();
    $parser_options['allow_html'] = false;
    $parser_options['allow_mycode'] = true;
    $parser_options['allow_smilies'] = false;
    $parser_options['allow_imgcode'] = true;
    $parser_options['allow_videocode'] = true;
    $parser_options['nl2br'] = (bool) $input['return_html'];
    $parser_options['filter_badwords'] = 1;
    if (!$post['username']) {
        $post['username'] = $lang->guest;
    }
    if ($post['userusername']) {
        $parser_options['me_username'] = $post['userusername'];
    } else {
        $parser_options['me_username'] = $post['username'];
    }
    $post['message'] = $parser->parse_message($post['message'], $parser_options);
    $post['subject'] = $parser->parse_badwords($post['subject']);
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'state' => new xmlrpcval($state, 'int'), 'post_title' => new xmlrpcval($post['subject'], 'base64'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64')), 'struct');
    return new xmlrpcresp($result);
}
Exemplo n.º 4
0
function get_announcement_func($xmlrpc_params)
{
    global $db, $lang, $mybb, $position, $plugins, $pids, $groupscache;
    $input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::STRING, 'start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params);
    $parser = new Tapatalk_Parser();
    // Load global language phrases
    $lang->load("announcements");
    $aid = intval($_GET['aid']);
    // Get announcement fid
    $query = $db->simple_select("announcements", "fid", "aid='{$aid}'");
    $announcement = $db->fetch_array($query);
    $plugins->run_hooks("announcements_start");
    if (!$announcement) {
        error($lang->error_invalidannouncement);
    }
    // Get forum info
    $fid = $announcement['fid'];
    if ($fid > 0) {
        $forum = get_forum($fid);
        if (!$forum) {
            error($lang->error_invalidforum);
        }
        // Make navigation
        build_forum_breadcrumb($forum['fid']);
        // Permissions
        $forumpermissions = forum_permissions($forum['fid']);
        if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) {
            error_no_permission();
        }
        // Check if this forum is password protected and we have a valid password
        check_forum_password($forum['fid']);
    }
    add_breadcrumb($lang->nav_announcements);
    $archive_url = build_archive_link("announcement", $aid);
    // Get announcement info
    $time = TIME_NOW;
    $query = $db->query("\n\t\tSELECT u.*, u.username AS userusername, a.*, f.*\n\t\tFROM " . TABLE_PREFIX . "announcements a\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=a.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\tWHERE a.startdate<='{$time}' AND (a.enddate>='{$time}' OR a.enddate='0') AND a.aid='{$aid}'\n\t");
    $announcementarray = $db->fetch_array($query);
    if (!$announcementarray) {
        error($lang->error_invalidannouncement);
    }
    // Gather usergroup data from the cache
    // Field => Array Key
    $data_key = array('title' => 'grouptitle', 'usertitle' => 'groupusertitle', 'stars' => 'groupstars', 'starimage' => 'groupstarimage', 'image' => 'groupimage', 'namestyle' => 'namestyle', 'usereputationsystem' => 'usereputationsystem');
    foreach ($data_key as $field => $key) {
        $announcementarray[$key] = $groupscache[$announcementarray['usergroup']][$field];
    }
    $announcementarray['dateline'] = $announcementarray['startdate'];
    $announcementarray['userusername'] = $announcementarray['username'];
    $announcement = build_postbit($announcementarray, 3);
    $announcementarray['subject'] = $parser->parse_badwords($announcementarray['subject']);
    $lang->forum_announcement = $lang->sprintf($lang->forum_announcement, htmlspecialchars_uni($announcementarray['subject']));
    if ($announcementarray['startdate'] > $mybb->user['lastvisit']) {
        $setcookie = true;
        if (isset($mybb->cookies['mybb']['announcements']) && is_scalar($mybb->cookies['mybb']['announcements'])) {
            $cookie = my_unserialize(stripslashes($mybb->cookies['mybb']['announcements']));
            if (isset($cookie[$announcementarray['aid']])) {
                $setcookie = false;
            }
        }
        if ($setcookie) {
            my_set_array_cookie('announcements', $announcementarray['aid'], $announcementarray['startdate'], -1);
        }
    }
    $user_info = get_user($announcementarray['aid']);
    $icon_url = absolute_url($user_info['avatar']);
    // prepare xmlrpc return
    $xmlrpc_post = new xmlrpcval(array('topic_id' => new xmlrpcval('ann_' . $announcementarray['aid']), 'post_title' => new xmlrpcval(basic_clean($announcementarray['subject']), 'base64'), 'post_content' => new xmlrpcval(process_post($announcementarray['message'], $input['return_html']), 'base64'), 'post_author_id' => new xmlrpcval($announcementarray['uid']), 'post_author_name' => new xmlrpcval(basic_clean($announcementarray['username']), 'base64'), 'user_type' => new xmlrpcval(check_return_user_type($announcementarray['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($icon_url)), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($announcementarray['dateline']), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval($announcementarray['dateline'], 'string')), 'struct');
    $result = array('total_post_num' => new xmlrpcval(1, 'int'), 'can_reply' => new xmlrpcval(false, 'boolean'), 'can_subscribe' => new xmlrpcval(false, 'boolean'), 'posts' => new xmlrpcval(array($xmlrpc_post), 'array'));
    return new xmlrpcresp(new xmlrpcval($result, 'struct'));
}
Exemplo n.º 5
0
function get_message_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $input = Tapatalk_Input::filterXmlInput(array('message_id' => Tapatalk_Input::INT, 'box_id' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params);
    $lang->load("private");
    $parser = new postParser();
    if ($mybb->settings['enablepms'] == 0) {
        return xmlrespfalse($lang->pms_disabled);
    }
    if ($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0) {
        return tt_no_permission();
    }
    if (!$mybb->user['pmfolders']) {
        $mybb->user['pmfolders'] = "1**\$%%\$2**\$%%\$3**\$%%\$4**";
        $sql_array = array("pmfolders" => $mybb->user['pmfolders']);
        $db->update_query("users", $sql_array, "uid = " . $mybb->user['uid']);
    }
    $rand = my_rand(0, 9);
    if ($rand == 5) {
        update_pm_count();
    }
    $foldernames = array();
    $foldersexploded = explode("\$%%\$", $mybb->user['pmfolders']);
    foreach ($foldersexploded as $key => $folders) {
        $folderinfo = explode("**", $folders, 2);
        $folderinfo[1] = get_pm_folder_name($folderinfo[0], $folderinfo[1]);
        $foldernames[$folderinfo[0]] = $folderinfo[1];
    }
    $pmid = $input['message_id'];
    $query = $db->query("\n\t\tSELECT pm.*, u.*, f.*, g.title AS grouptitle, g.usertitle AS groupusertitle, g.stars AS groupstars, g.starimage AS groupstarimage, g.image AS groupimage, g.namestyle\n\t\tFROM " . TABLE_PREFIX . "privatemessages pm\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=pm.fromid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (g.gid=u.usergroup)\n\t\tWHERE pm.pmid='{$pmid}' AND pm.uid='" . $mybb->user['uid'] . "'\n\t");
    $pm = $db->fetch_array($query);
    if ($pm['folder'] == 3) {
        return xmlrespfalse("Draft PMs are not supported by Tapatalk");
    }
    if (!$pm['pmid']) {
        return xmlrespfalse($lang->error_invalidpm);
    }
    $parser = new Tapatalk_Parser();
    $parser_options = array();
    $parser_options['allow_html'] = false;
    $parser_options['allow_mycode'] = true;
    $parser_options['allow_smilies'] = false;
    $parser_options['allow_imgcode'] = true;
    $parser_options['allow_videocode'] = true;
    $parser_options['nl2br'] = (bool) $input['return_html'];
    $parser_options['filter_badwords'] = 1;
    $pm['message'] = post_bbcode_clean($pm['message']);
    $pm['message'] = $parser->parse_message($pm['message'], $parser_options);
    if ($pm['receipt'] == 1) {
        if ($mybb->usergroup['cantrackpms'] == 1 && $mybb->usergroup['candenypmreceipts'] == 1 && $mybb->input['denyreceipt'] == 1) {
            $receiptadd = 0;
        } else {
            $receiptadd = 2;
        }
    }
    if ($pm['status'] == 0) {
        $time = TIME_NOW;
        $updatearray = array('status' => 1, 'readtime' => $time);
        if (isset($receiptadd)) {
            $updatearray['receipt'] = $receiptadd;
        }
        $db->update_query('privatemessages', $updatearray, "pmid='{$pmid}'");
        // Update the unread count - it has now changed.
        update_pm_count($mybb->user['uid'], 6);
        // Update PM notice value if this is our last unread PM
        if ($mybb->user['unreadpms'] - 1 <= 0 && $mybb->user['pmnotice'] == 2) {
            $updated_user = array("pmnotice" => 1);
            $db->update_query("users", $updated_user, "uid='{$mybb->user['uid']}'");
        }
    }
    $pm['subject'] = $parser->parse_badwords($pm['subject']);
    if ($pm['fromid'] == 0) {
        $pm['username'] = $lang->mybb_engine;
    }
    if (!$pm['username']) {
        $pm['username'] = $lang->na;
    }
    // Fetch the recipients for this message
    $pm['recipients'] = @unserialize($pm['recipients']);
    if (is_array($pm['recipients']['to'])) {
        $uid_sql = implode(',', $pm['recipients']['to']);
        foreach ($pm['recipients']['to'] as $uid) {
            $user = get_user($uid);
            $msg_to_list[] = new xmlrpcval(array('user_id' => new xmlrpcval($user['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($user['username']), 'base64'), 'user_type' => check_return_user_type($user['username'])), 'struct');
            if (($pm['folder'] == 2 or $pm['folder'] == 3) && !$avatar) {
                $avatar = $user['avatar'];
            }
        }
    } else {
        $user = get_user($pm['toid']);
        $msg_to_list[] = new xmlrpcval(array('user_id' => new xmlrpcval($user['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($user['username']), 'base64'), 'user_type' => check_return_user_type($user['username'])), 'struct');
        if ($pm['folder'] == 2 or $pm['folder'] == 3) {
            $avatar = $user['avatar'];
        }
    }
    $show_bcc = 0;
    // If we have any BCC recipients and this user is an Administrator, add them on to the query
    if (count($pm['recipients']['bcc']) > 0 && $mybb->usergroup['cancp'] == 1) {
        foreach ($pm['recipients']['bcc'] as $uid) {
            $user = get_user($uid);
            $msg_to_list[] = new xmlrpcval(array('user_id' => new xmlrpcval($user['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($user['username']), 'base64'), 'user_type' => check_return_user_type($user['username'])), 'struct');
        }
    }
    if (!$avatar) {
        $avatar = $pm['avatar'];
    }
    //$display_user = ($box_id == 'inbox') ? $message['from'] : $msg_to[0];
    $is_online = false;
    $timecut = TIME_NOW - $mybb->settings['wolcutoff'];
    if ($pm['lastactive'] > $timecut && ($pm['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $pm['lastvisit'] != $pm['lastactive']) {
        $is_online = true;
    }
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'msg_from' => new xmlrpcval($pm['username'], 'base64'), 'msg_from_id' => new xmlrpcval($pm['fromid'], 'string'), 'msg_to' => new xmlrpcval($msg_to_list, 'array'), 'icon_url' => new xmlrpcval(absolute_url($avatar), 'string'), 'sent_date' => new xmlrpcval(mobiquo_iso8601_encode($pm['dateline']), 'dateTime.iso8601'), 'msg_subject' => new xmlrpcval($pm['subject'], 'base64'), 'text_body' => new xmlrpcval(process_post($pm['message'], $input['return_html']), 'base64'), 'is_online' => new xmlrpcval($is_online, 'boolean'), 'allow_smilies' => new xmlrpcval(true, 'boolean')), 'struct');
    return new xmlrpcresp($result);
}
Exemplo n.º 6
0
function reply_post_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $tid, $pid, $visible, $thread, $post;
    $input = Tapatalk_Input::filterXmlInput(array('forum_id' => Tapatalk_Input::INT, 'topic_id' => Tapatalk_Input::INT, 'subject' => Tapatalk_Input::STRING, 'text_body' => Tapatalk_Input::STRING, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params);
    $lang->load("newreply");
    $parser = new Tapatalk_Parser();
    $tid = $input['topic_id'];
    $options = array("limit" => 1);
    $query = $db->simple_select("threads", "*", "tid='" . $tid . "'");
    if ($db->num_rows($query) == 0) {
        return xmlrespfalse($lang->error_invalidthread);
    }
    $thread = $db->fetch_array($query);
    $fid = $thread['fid'];
    // Get forum info
    $forum = get_forum($fid);
    if (!$forum) {
        return xmlrespfalse($lang->error_invalidforum);
    }
    $forumpermissions = forum_permissions($fid);
    if ($thread['visible'] == 0 && !is_moderator($fid) || $thread['visible'] < 0) {
        return xmlrespfalse($lang->error_invalidthread);
    }
    if ($forum['open'] == 0 || $forum['type'] != "f") {
        return xmlrespfalse($lang->error_closedinvalidforum);
    }
    if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostreplys'] == 0 || $mybb->user['suspendposting'] == 1) {
        return tt_no_permission();
    }
    if ($forumpermissions['canonlyviewthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) {
        return tt_no_permission();
    }
    tt_check_forum_password($forum['fid']);
    // Check to see if the thread is closed, and if the user is a mod.
    if (!is_moderator($fid, "caneditposts")) {
        if ($thread['closed'] == 1) {
            return xmlrespfalse($lang->redirect_threadclosed);
        }
    }
    // Is the currently logged in user a moderator of this forum?
    if (is_moderator($fid)) {
        $ismod = true;
    } else {
        $ismod = false;
    }
    if (!empty($input['group_id'])) {
        $posthash = $input['group_id'];
    } else {
        $posthash = md5($thread['tid'] . $mybb->user['uid'] . random_str());
    }
    if ($mybb->settings['maxposts'] > 0 && $mybb->usergroup['cancp'] != 1) {
        $daycut = TIME_NOW - 60 * 60 * 24;
        $query = $db->simple_select("posts", "COUNT(*) AS posts_today", "uid='{$mybb->user['uid']}' AND visible='1' AND dateline>{$daycut}");
        $post_count = $db->fetch_field($query, "posts_today");
        if ($post_count >= $mybb->settings['maxposts']) {
            $lang->error_maxposts = $lang->sprintf($lang->error_maxposts, $mybb->settings['maxposts']);
            return xmlrespfalse($lang->error_maxposts);
        }
    }
    $username = $mybb->user['username'];
    $uid = $mybb->user['uid'];
    $user_check = "p.uid='{$uid}'";
    if (version_compare($mybb->version, '1.8.0', '<')) {
        $query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='" . $db->escape_string($mybb->input['subject']) . "' AND p.message='" . $db->escape_string($mybb->input['message']) . "' AND p.posthash='" . $db->escape_string($mybb->input['posthash']) . "' AND p.visible != '-2'");
    } else {
        $query = $db->simple_select("posts p", "p.pid, p.visible", "{$user_check} AND p.tid='{$thread['tid']}' AND p.subject='" . $db->escape_string($mybb->get_input('subject')) . "' AND p.message='" . $db->escape_string($mybb->get_input('message')) . "' AND p.visible != '-2' AND p.dateline>" . (TIME_NOW - 600));
    }
    $duplicate_check = $db->fetch_field($query, "pid");
    if ($duplicate_check) {
        return xmlrespfalse($lang->error_post_already_submitted);
    }
    require_once MYBB_ROOT . "inc/datahandlers/post.php";
    $posthandler = new PostDataHandler("insert");
    $post = array("tid" => $input['topic_id'], "replyto" => 0, "fid" => $thread['fid'], "subject" => $input['subject'], "icon" => 0, "uid" => $uid, "username" => $username, "message" => $input['text_body'], "ipaddress" => get_ip(), "posthash" => $posthash);
    if ($mybb->input['pid']) {
        $post['pid'] = $mybb->input['pid'];
    }
    $post['savedraft'] = 0;
    // Set up the post options from the input.
    $post['options'] = array("signature" => 1, "subscriptionmethod" => $mybb->user['subscriptionmethod'] == 0 ? '' : $mybb->user['subscriptionmethod'], "disablesmilies" => 0);
    $post['modoptions']['stickthread'] = $thread['sticky'];
    $post['modoptions']['closethread'] = $thread['closed'];
    $posthandler->set_data($post);
    // Now let the post handler do all the hard work.
    $valid_post = $posthandler->validate_post();
    $post_errors = array();
    // Fetch friendly error messages if this is an invalid post
    if (!$valid_post) {
        $post_errors = $posthandler->get_friendly_errors();
    }
    // Mark thread as read
    require_once MYBB_ROOT . "inc/functions_indicators.php";
    mark_thread_read($tid, $fid);
    // One or more errors returned, fetch error list and throw to newreply page
    if (count($post_errors) > 0) {
        return xmlrespfalse(implode(" :: ", $post_errors));
    } else {
        $postinfo = $posthandler->insert_post();
        $pid = $postinfo['pid'];
        $visible = $postinfo['visible'];
        tapatalk_push_reply();
        tapatalk_push_quote();
        tapatalk_push_tag();
        // Deciding the fate
        if ($visible == -2) {
            $state = 1;
        } elseif ($visible == 1) {
            $state = 0;
        } else {
            $state = 1;
        }
    }
    $pid = intval($pid);
    if (!empty($input['group_id_esc'])) {
        $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'");
    }
    // update thread attachment account
    if (count($input['attachment_id_array']) > 0) {
        update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array'])));
    }
    $post = get_post($pid);
    $parser_options = array();
    $parser_options['allow_html'] = false;
    $parser_options['allow_mycode'] = true;
    $parser_options['allow_smilies'] = false;
    $parser_options['allow_imgcode'] = true;
    $parser_options['allow_videocode'] = true;
    $parser_options['nl2br'] = (bool) $input['return_html'];
    $parser_options['filter_badwords'] = 1;
    if (!$post['username']) {
        $post['username'] = $lang->guest;
    }
    if ($post['userusername']) {
        $parser_options['me_username'] = $post['userusername'];
    } else {
        $parser_options['me_username'] = $post['username'];
    }
    $post['message'] = post_bbcode_clean($post['message']);
    $post['message'] = $parser->parse_message($post['message'], $parser_options);
    global $attachcache;
    $attachcache = array();
    if ($thread['attachmentcount'] > 0) {
        // Now lets fetch all of the attachments for these posts.
        $query = $db->simple_select("attachments", "*", "pid='{$pid}'");
        while ($attachment = $db->fetch_array($query)) {
            $attachcache[$attachment['pid']][$attachment['aid']] = $attachment;
        }
    }
    $attachment_list = process_post_attachments($post['pid'], $post);
    $can_delete = 0;
    if ($mybb->user['uid'] == $post['uid']) {
        if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) {
            $can_delete = 1;
        } else {
            if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) {
                $can_delete = 1;
            }
        }
    }
    $can_delete = (is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0;
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'post_id' => new xmlrpcval($postinfo['pid'], 'string'), 'state' => new xmlrpcval($state, 'int'), 'post_author_id' => new xmlrpcval($mybb->user['uid'], 'string'), 'post_author_name' => new xmlrpcval(basic_clean($mybb->user['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($mybb->user['avatar']), 'string'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64'), 'can_edit' => new xmlrpcval(is_moderator($fid, "caneditposts") || $thread['closed'] == 0 && $forumpermissions['caneditposts'] == 1, 'boolean'), 'can_delete' => new xmlrpcval($can_delete, 'boolean'), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode(TIME_NOW), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval(TIME_NOW, 'string'), 'attachments' => new xmlrpcval($attachment_list, 'array')), 'struct');
    return new xmlrpcresp($result);
}
Exemplo n.º 7
0
/*
 * Image Generation
 */
//include('./functions/system/printImage.php');
/*
 * Authenticiation
 * First of all things we want to know wether the webuser is logged in,
 * and that the logged in username is actually valid. If not, we will
 * send CONCORD after him.
 */
$MySelf = auth();
/*
 * Is this a call for an image only (non-cached)?
 */
include_once './functions/system/printImage.php';
/*
 * Load User preferences. 
 */
$PREFS = new preferences($MySelf->getID());
/*
 * At this point we have all the required configuration files,
 * the user is authenticated and he/she wants something. (She?
 * are there any females playing the game?)
 */
if (isset($_POST['check'])) {
    // User has submited a form.
    process_post();
} else {
    // User is viewing the page, or is requesting a specific page.
    process_get();
}