Exemplo n.º 1
0
function determineActions($urls, $preferred_prefix = false)
{
    global $txt, $user_info, $modSettings, $smcFunc, $context;
    if (!allowedTo('who_view')) {
        return array();
    }
    loadLanguage('Who');
    global $scripturl;
    if ($modSettings['sp_portal_mode'] == 1) {
        $txt['who_index'] = sprintf($txt['sp_who_index'], $scripturl);
        $txt['whoall_forum'] = sprintf($txt['sp_who_forum'], $scripturl);
    }
    // Actions that require a specific permission level.
    $allowedActions = array('admin' => array('moderate_forum', 'manage_membergroups', 'manage_bans', 'admin_forum', 'manage_permissions', 'send_mail', 'manage_attachments', 'manage_smileys', 'manage_boards', 'edit_news'), 'ban' => array('manage_bans'), 'boardrecount' => array('admin_forum'), 'calendar' => array('calendar_view'), 'editnews' => array('edit_news'), 'mailing' => array('send_mail'), 'maintain' => array('admin_forum'), 'manageattachments' => array('manage_attachments'), 'manageboards' => array('manage_boards'), 'mlist' => array('view_mlist'), 'moderate' => array('access_mod_center', 'moderate_forum', 'manage_membergroups'), 'optimizetables' => array('admin_forum'), 'repairboards' => array('admin_forum'), 'search' => array('search_posts'), 'search2' => array('search_posts'), 'setcensor' => array('moderate_forum'), 'setreserve' => array('moderate_forum'), 'stats' => array('view_stats'), 'viewErrorLog' => array('admin_forum'), 'viewmembers' => array('moderate_forum'));
    if (!is_array($urls)) {
        $url_list = array(array($urls, $user_info['id']));
    } else {
        $url_list = $urls;
    }
    // These are done to later query these in large chunks. (instead of one by one.)
    $topic_ids = array();
    $profile_ids = array();
    $board_ids = array();
    $page_ids = array();
    $data = array();
    foreach ($url_list as $k => $url) {
        // Get the request parameters..
        $actions = @unserialize($url[0]);
        if ($actions === false) {
            continue;
        }
        // If it's the admin or moderation center, and there is an area set, use that instead.
        if (isset($actions['action']) && ($actions['action'] == 'admin' || $actions['action'] == 'moderate') && isset($actions['area'])) {
            $actions['action'] = $actions['area'];
        }
        // Check if there was no action or the action is display.
        if (!isset($actions['action']) || $actions['action'] == 'display') {
            // It's a topic!  Must be!
            if (isset($actions['topic'])) {
                // Assume they can't view it, and queue it up for later.
                $data[$k] = $txt['who_hidden'];
                $topic_ids[(int) $actions['topic']][$k] = $txt['who_topic'];
            } elseif (isset($actions['board'])) {
                // Hide first, show later.
                $data[$k] = $txt['who_hidden'];
                $board_ids[$actions['board']][$k] = $txt['who_board'];
            } elseif (isset($actions['page'])) {
                $data[$k] = $txt['who_hidden'];
                $page_ids[$actions['page']][$k] = $txt['sp_who_page'];
            } else {
                $data[$k] = $txt['who_index'];
            }
        } elseif ($actions['action'] == '') {
            $data[$k] = $txt['who_index'];
        } else {
            // Viewing/editing a profile.
            if ($actions['action'] == 'profile') {
                // Whose?  Their own?
                if (empty($actions['u'])) {
                    $actions['u'] = $url[1];
                }
                $data[$k] = $txt['who_hidden'];
                $profile_ids[(int) $actions['u']][$k] = $actions['action'] == 'profile' ? $txt['who_viewprofile'] : $txt['who_profile'];
            } elseif (($actions['action'] == 'post' || $actions['action'] == 'post2') && empty($actions['topic']) && isset($actions['board'])) {
                $data[$k] = $txt['who_hidden'];
                $board_ids[(int) $actions['board']][$k] = isset($actions['poll']) ? $txt['who_poll'] : $txt['who_post'];
            } elseif (isset($actions['sa']) && isset($txt['whoall_' . $actions['action'] . '_' . $actions['sa']])) {
                $data[$k] = $preferred_prefix && isset($txt[$preferred_prefix . $actions['action'] . '_' . $actions['sa']]) ? $txt[$preferred_prefix . $actions['action'] . '_' . $actions['sa']] : $txt['whoall_' . $actions['action'] . '_' . $actions['sa']];
            } elseif (isset($txt['whoall_' . $actions['action']])) {
                $data[$k] = $preferred_prefix && isset($txt[$preferred_prefix . $actions['action']]) ? $txt[$preferred_prefix . $actions['action']] : $txt['whoall_' . $actions['action']];
            } elseif (isset($txt['whotopic_' . $actions['action']])) {
                // Find out what topic they are accessing.
                $topic = (int) (isset($actions['topic']) ? $actions['topic'] : (isset($actions['from']) ? $actions['from'] : 0));
                $data[$k] = $txt['who_hidden'];
                $topic_ids[$topic][$k] = $txt['whotopic_' . $actions['action']];
            } elseif (isset($txt['whopost_' . $actions['action']])) {
                // Find out what message they are accessing.
                $msgid = (int) (isset($actions['msg']) ? $actions['msg'] : (isset($actions['quote']) ? $actions['quote'] : 0));
                $result = $smcFunc['db_query']('', '
					SELECT m.id_topic, m.subject
					FROM {db_prefix}messages AS m
						INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
						INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic' . ($modSettings['postmod_active'] ? ' AND t.approved = {int:is_approved}' : '') . ')
					WHERE m.id_msg = {int:id_msg}
						AND {query_see_board}' . ($modSettings['postmod_active'] ? '
						AND m.approved = {int:is_approved}' : '') . '
					LIMIT 1', array('is_approved' => 1, 'id_msg' => $msgid));
                list($id_topic, $subject) = $smcFunc['db_fetch_row']($result);
                $data[$k] = sprintf($txt['whopost_' . $actions['action']], $id_topic, $subject);
                $smcFunc['db_free_result']($result);
                if (empty($id_topic)) {
                    $data[$k] = $txt['who_hidden'];
                }
            } elseif (allowedTo('moderate_forum') && isset($txt['whoadmin_' . $actions['action']])) {
                $data[$k] = $txt['whoadmin_' . $actions['action']];
            } elseif (isset($allowedActions[$actions['action']])) {
                if (allowedTo($allowedActions[$actions['action']])) {
                    $data[$k] = $txt['whoallow_' . $actions['action']];
                } else {
                    $data[$k] = $txt['who_hidden'];
                }
            } else {
                $data[$k] = $txt['who_unknown'];
            }
        }
        // Maybe the action is integrated into another system?
        if (count($integrate_actions = call_integration_hook('integrate_whos_online', array($actions))) > 0) {
            foreach ($integrate_actions as $integrate_action) {
                if (!empty($integrate_action)) {
                    $data[$k] = $integrate_action;
                    break;
                }
            }
        }
    }
    // Load topic names.
    if (!empty($topic_ids)) {
        $result = $smcFunc['db_query']('', '
			SELECT t.id_topic, m.subject
			FROM {db_prefix}topics AS t
				INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
				INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
			WHERE {query_see_board}
				AND t.id_topic IN ({array_int:topic_list})' . ($modSettings['postmod_active'] ? '
				AND t.approved = {int:is_approved}' : '') . '
			LIMIT {int:limit}', array('topic_list' => array_keys($topic_ids), 'is_approved' => 1, 'limit' => count($topic_ids)));
        while ($row = $smcFunc['db_fetch_assoc']($result)) {
            // Show the topic's subject for each of the actions.
            foreach ($topic_ids[$row['id_topic']] as $k => $session_text) {
                $data[$k] = sprintf($session_text, $row['id_topic'], censorText($row['subject']));
            }
        }
        $smcFunc['db_free_result']($result);
    }
    // Load board names.
    if (!empty($board_ids)) {
        $result = $smcFunc['db_query']('', '
			SELECT b.id_board, b.name
			FROM {db_prefix}boards AS b
			WHERE {query_see_board}
				AND b.id_board IN ({array_int:board_list})
			LIMIT ' . count($board_ids), array('board_list' => array_keys($board_ids)));
        while ($row = $smcFunc['db_fetch_assoc']($result)) {
            // Put the board name into the string for each member...
            foreach ($board_ids[$row['id_board']] as $k => $session_text) {
                $data[$k] = sprintf($session_text, $row['id_board'], $row['name']);
            }
        }
        $smcFunc['db_free_result']($result);
    }
    if (!empty($page_ids)) {
        $numeric_ids = array();
        $string_ids = array();
        $page_where = array();
        foreach ($page_ids as $page_id => $dummy) {
            if (is_numeric($page_id)) {
                $numeric_ids[] = (int) $page_id;
            } else {
                $string_ids[] = $page_id;
            }
        }
        if (!empty($numeric_ids)) {
            $page_where[] = 'id_page IN ({array_int:numeric_ids})';
        }
        if (!empty($string_ids)) {
            $page_where[] = 'namespace IN ({array_string:string_ids})';
        }
        $result = $smcFunc['db_query']('', '
			SELECT id_page, namespace, title, permission_set, groups_allowed, groups_denied
			FROM {db_prefix}sp_pages
			WHERE ' . implode(' OR ', $page_where) . '
			LIMIT {int:limit}', array('numeric_ids' => $numeric_ids, 'string_ids' => $string_ids, 'limit' => count($page_ids)));
        $page_data = array();
        while ($row = $smcFunc['db_fetch_assoc']($result)) {
            if (!sp_allowed_to('page', $row['id_page'], $row['permission_set'], $row['groups_allowed'], $row['groups_denied'])) {
                continue;
            }
            $page_data[] = array('id' => $row['id_page'], 'namespace' => $row['namespace'], 'title' => $row['title']);
        }
        $smcFunc['db_free_result']($result);
        if (!empty($page_data)) {
            foreach ($page_data as $page) {
                if (isset($page_ids[$page['id']])) {
                    foreach ($page_ids[$page['id']] as $k => $session_text) {
                        $data[$k] = sprintf($session_text, $page['id'], censorText($page['title']), $scripturl);
                    }
                }
                if (isset($page_ids[$page['namespace']])) {
                    foreach ($page_ids[$page['namespace']] as $k => $session_text) {
                        $data[$k] = sprintf($session_text, $page['namespace'], censorText($page['title']), $scripturl);
                    }
                }
            }
        }
    }
    // Load member names for the profile.
    if (!empty($profile_ids) && (allowedTo('profile_view_any') || allowedTo('profile_view_own'))) {
        $result = $smcFunc['db_query']('', '
			SELECT id_member, real_name
			FROM {db_prefix}members
			WHERE id_member IN ({array_int:member_list})
			LIMIT ' . count($profile_ids), array('member_list' => array_keys($profile_ids)));
        while ($row = $smcFunc['db_fetch_assoc']($result)) {
            // If they aren't allowed to view this person's profile, skip it.
            if (!allowedTo('profile_view_any') && $user_info['id'] != $row['id_member']) {
                continue;
            }
            // Set their action on each - session/text to sprintf.
            foreach ($profile_ids[$row['id_member']] as $k => $session_text) {
                $data[$k] = sprintf($session_text, $row['id_member'], $row['real_name']);
            }
        }
        $smcFunc['db_free_result']($result);
    }
    if (!is_array($urls)) {
        return isset($data[0]) ? $data[0] : false;
    } else {
        return $data;
    }
}
function sportal_get_shoutbox($shoutbox_id = null, $active = false, $allowed = false)
{
    global $smcFunc;
    $query = array();
    $parameters = array();
    if ($shoutbox_id !== null) {
        $query[] = 'id_shoutbox = {int:shoutbox_id}';
        $parameters['shoutbox_id'] = $shoutbox_id;
    }
    if (!empty($active)) {
        $query[] = 'status = {int:status}';
        $parameters['status'] = 1;
    }
    $request = $smcFunc['db_query']('', '
		SELECT
			id_shoutbox, name, permission_set, groups_allowed, groups_denied,
			moderator_groups, warning, allowed_bbc, height, num_show, num_max,
			refresh, reverse, caching, status, num_shouts, last_update
		FROM {db_prefix}sp_shoutboxes' . (!empty($query) ? '
		WHERE ' . implode(' AND ', $query) : '') . '
		ORDER BY name', $parameters);
    $return = array();
    while ($row = $smcFunc['db_fetch_assoc']($request)) {
        if (!empty($allowed) && !sp_allowed_to('shoutbox', $row['id_shoutbox'], $row['permission_set'], $row['groups_allowed'], $row['groups_denied'])) {
            continue;
        }
        $return[$row['id_shoutbox']] = array('id' => $row['id_shoutbox'], 'name' => $row['name'], 'permission_set' => $row['permission_set'], 'groups_allowed' => $row['groups_allowed'] !== '' ? explode(',', $row['groups_allowed']) : array(), 'groups_denied' => $row['groups_denied'] !== '' ? explode(',', $row['groups_denied']) : array(), 'moderator_groups' => $row['moderator_groups'] !== '' ? explode(',', $row['moderator_groups']) : array(), 'warning' => $row['warning'], 'allowed_bbc' => explode(',', $row['allowed_bbc']), 'height' => $row['height'], 'num_show' => $row['num_show'], 'num_max' => $row['num_max'], 'refresh' => $row['refresh'], 'reverse' => $row['reverse'], 'caching' => $row['caching'], 'status' => $row['status'], 'num_shouts' => $row['num_shouts'], 'last_update' => $row['last_update']);
    }
    $smcFunc['db_free_result']($request);
    return !empty($shoutbox_id) ? current($return) : $return;
}