function myalerts_acp_manage_alert_types()
{
global $mybb, $lang, $page, $db, $cache;
$alertTypeManager = MybbStuff_MyAlerts_AlertTypeManager::getInstance();
$alertTypes = $alertTypeManager->getAlertTypes();
if (strtolower($mybb->request_method) == 'post') {
if (!verify_post_check($mybb->get_input('my_post_key'))) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=config-myalerts_alert_types");
}
$enabledAlertTypes = $mybb->get_input('alert_types_enabled', MyBB::INPUT_ARRAY);
$canBeUserDisabled = $mybb->get_input('alert_types_can_be_user_disabled', MyBB::INPUT_ARRAY);
$enabledAlertTypes = array_map('intval', array_keys($enabledAlertTypes));
$canBeUserDisabled = array_map('intval', array_keys($canBeUserDisabled));
$updateArray = array();
foreach ($alertTypes as $alertType) {
$type = MybbStuff_MyAlerts_Entity_AlertType::unserialize($alertType);
$type->setEnabled(in_array($type->getId(), $enabledAlertTypes));
$type->setCanBeUserDisabled(in_array($type->getId(), $canBeUserDisabled));
$updateArray[] = $type;
}
$alertTypeManager->updateAlertTypes($updateArray);
flash_message($lang->myalerts_alert_types_updated, 'success');
admin_redirect("index.php?module=config-myalerts_alert_types");
} else {
$page->output_header($lang->myalerts_alert_types);
$form = new Form('index.php?module=config-myalerts_alert_types', 'post');
$table = new Table();
$table->construct_header($lang->myalerts_alert_type_code);
$table->construct_header($lang->myalerts_alert_type_enabled, array('width' => '5%', 'class' => 'align_center'));
$table->construct_header($lang->myalerts_alert_type_can_be_user_disabled, array('width' => '10%', 'class' => 'align_center'));
$noResults = false;
if (!empty($alertTypes)) {
foreach ($alertTypes as $type) {
$alertCode = htmlspecialchars_uni($type['code']);
$table->construct_cell($alertCode);
$table->construct_cell($form->generate_check_box('alert_types_enabled[' . $type['id'] . ']', '', '', array('checked' => $type['enabled'])));
$table->construct_cell($form->generate_check_box('alert_types_can_be_user_disabled[' . $type['id'] . ']', '', '', array('checked' => $type['can_be_user_disabled'])));
$table->construct_row();
}
} else {
$table->construct_cell($lang->myalerts_no_alert_types, array('colspan' => 2));
$table->construct_row();
$noResults = true;
}
$table->output($lang->myalerts_alert_types);
if (!$noResults) {
$buttons[] = $form->generate_submit_button($lang->myalerts_update_alert_types);
$form->output_submit_wrapper($buttons);
}
$form->end();
$page->output_footer();
}
}
function myprofile_uninstall()
{
global $mybb;
if ($mybb->request_method == 'post') {
if (!verify_post_check($mybb->input['my_post_key'])) {
global $lang;
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=config-plugins");
}
if (isset($mybb->input['no'])) {
admin_redirect('index.php?module=config-plugins');
}
myprofile_bundles_propagate_call("uninstall");
$mybb->cache->delete("myprofile");
return true;
}
global $page;
$page->output_confirm_action("index.php?module=config-plugins&action=deactivate&uninstall=1&plugin=myprofile");
}
function newpoints_editpost_xmlhttp()
{
global $db, $mybb, $thread, $lang, $charset;
if (!$mybb->user['uid']) {
return;
}
if ($mybb->settings['newpoints_main_enabled'] != 1) {
return;
}
if ($mybb->settings['newpoints_income_perchar'] == 0) {
return;
}
if ($mybb->input['action'] != "edit_post") {
return;
} elseif ($mybb->input['action'] == "edit_post" && $mybb->input['do'] != 'update_post') {
return;
}
if ($mybb->input['editdraft']) {
return;
}
// Verify POST request
if (!verify_post_check($mybb->input['my_post_key'], true)) {
xmlhttp_error($lang->invalid_post_code);
}
$post = get_post($mybb->input['pid']);
$fid = intval($post['fid']);
// check forum rules
$forumrules = newpoints_getrules('forum', $fid);
if (!$forumrules) {
$forumrules['rate'] = 1;
}
// no rule set so default income rate is 1
// if the forum rate is 0, nothing is going to be added so let's just leave the function
if ($forumrules['rate'] == 0) {
return;
}
// check group rules - primary group check
$grouprules = newpoints_getrules('group', $mybb->user['usergroup']);
if (!$grouprules) {
$grouprules['rate'] = 1;
}
// no rule set so default income rate is 1
// if the group rate is 0, nothing is going to be added so let's just leave the function
if ($grouprules['rate'] == 0) {
return;
}
// get old message
$oldpost_wo_quotes = preg_replace("/\\[quote.*?\\](.*?)\\[\\/quote\\]((\\s)*(\\[\\/quote])*)*/is", '', $post['message']);
$oldcharcount = my_strlen($oldpost_wo_quotes);
$message = strval($_POST['value']);
if (my_strtolower($charset) != "utf-8") {
if (function_exists("iconv")) {
$message = iconv($charset, "UTF-8//IGNORE", $message);
} else {
if (function_exists("mb_convert_encoding")) {
$message = @mb_convert_encoding($message, $charset, "UTF-8");
} else {
if (my_strtolower($charset) == "iso-8859-1") {
$message = utf8_decode($message);
}
}
}
}
$newpost_wo_quotes = preg_replace("/\\[quote.*?\\](.*?)\\[\\/quote\\]((\\s)*(\\[\\/quote])*)*/is", '', $message);
$newcharcount = my_strlen($newpost_wo_quotes);
// calculate points per character bonus
// let's see if the number of characters in the post is greater than the minimum characters
if ($newcharcount >= $mybb->settings['newpoints_income_minchar']) {
// if we have more characters now
if ($newcharcount > $oldcharcount) {
// calculate bonus based on difference of characters
// bonus will be positive as the new message is longer than the old one
$bonus = ($newcharcount - $oldcharcount) * $mybb->settings['newpoints_income_perchar'];
} elseif ($newcharcount < $oldcharcount) {
// calculate bonus based on difference of characters
// bonus will be positive as the new message is longer than the old one
$bonus = ($newcharcount - $oldcharcount) * $mybb->settings['newpoints_income_perchar'];
} elseif ($newcharcount == $oldcharcount) {
$bonus = 0;
}
} else {
// calculate bonus based on difference of characters
// bonus will be negative as the new message is shorter than the minimum chars
$bonus = ($newcharcount - $oldcharcount) * $mybb->settings['newpoints_income_perchar'];
}
// give points to the poster
newpoints_addpoints($mybb->user['uid'], $bonus, $forumrules['rate'], $grouprules['rate'], false, true);
}
$page->add_breadcrumb_item("CloudFlare Manager", "index.php?module=cloudflare");
$page->add_breadcrumb_item("Purge Cache", "index.php?module=cloudflare-purge_cache");
$page->output_header("CloudFlare Manager - Purge Cache");
function main_page()
{
$form = new Form('index.php?module=cloudflare-purge_cache&action=purge', 'post');
$form_container = new FormContainer('Purge Cache');
$form_container->output_row('Purge Entire Cache', 'Remove ALL files from CloudFlare\'s cache. This will include javascript, stylesheets and images. CloudFlare can take up to 3 hours to recache resources again<br /><b>Note: </b>This may have dramatic affects on your origin server load after performing this action.', $form->generate_yes_no_radio('purge_input', 0));
$form_container->output_row('Purge by URL', 'Granularly remove one or more files from CloudFlare\'s cache either by specifying the URL<br /><b>Note: </b><u>One</u> URL per line (max: 30)', $form->generate_text_area('urls'));
$form_container->end();
$buttons[] = $form->generate_submit_button('Submit');
$form->output_submit_wrapper($buttons);
$form->end();
}
if ($mybb->input['action'] == "purge") {
if (!verify_post_check($mybb->input['my_post_key'])) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=cloudflare-purge_cache");
}
if ($mybb->input['purge_input'] == "1") {
$request = $cloudflare->purge_cache();
if ($request->success) {
$page->output_success('The entire cache has been purged');
} else {
$page->output_error($request->errors[0]->message);
}
} elseif (!empty($mybb->input['urls'])) {
$urls = explode("\n", $mybb->input['urls']);
if (sizeof($urls) > 30) {
$urls = array_splice($urls, 0, 30);
}
eval("\$ignore_options = \"" . $templates->get("member_profile_addremove") . "\";");
// Add/Remove Ignore
}
if (isset($memperms['canbereported']) && $memperms['canbereported'] == 1) {
$add_remove_options = array('url' => "javascript:Report.reportUser({$memprofile['uid']});", 'class' => 'report_user_button', 'lang' => $lang->report_user);
eval("\$report_options = \"" . $templates->get("member_profile_addremove") . "\";");
// Report User
}
}
$plugins->run_hooks("member_profile_end");
eval("\$profile = \"" . $templates->get("member_profile") . "\";");
output_page($profile);
}
if ($mybb->input['action'] == "do_emailuser" && $mybb->request_method == "post") {
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));
$plugins->run_hooks("member_do_emailuser_start");
// Guests or those without permission can't email other users
if ($mybb->usergroup['cansendemail'] == 0) {
error_no_permission();
}
// Check group limits
if ($mybb->usergroup['maxemails'] > 0) {
if ($mybb->user['uid'] > 0) {
$user_check = "fromuid='{$mybb->user['uid']}'";
} else {
$user_check = "ipaddress=" . $db->escape_binary($session->packedip);
}
$query = $db->simple_select("maillogs", "COUNT(*) AS sent_count", "{$user_check} AND dateline >= '" . (TIME_NOW - 60 * 60 * 24) . "'");
$sent_count = $db->fetch_field($query, "sent_count");
if ($sent_count >= $mybb->usergroup['maxemails']) {
static function show_archive()
{
global $db, $mybb, $templates, $lang, $theme, $footer, $headerinclude, $header, $charset;
$lang->load('dvz_shoutbox');
header('Content-type: text/html; charset=' . $charset);
add_breadcrumb($lang->dvz_sb_shoutbox, "index.php?action=shoutbox_archive");
// moderation panel
if (self::access_mod()) {
if (isset($mybb->input['banlist']) && verify_post_check($mybb->input['postkey'])) {
self::banlist_update($mybb->input['banlist']);
}
if (isset($mybb->input['days']) && verify_post_check($mybb->input['postkey'])) {
if ($mybb->input['days'] == 'all') {
self::clear();
} else {
$allowed = [2, 7, 30, 90];
if (in_array($mybb->input['days'], $allowed)) {
self::clear($mybb->input['days']);
}
}
}
$blocked_users = htmlspecialchars_uni($mybb->settings['dvz_sb_blocked_users']);
eval('$modoptions = "' . $templates->get("dvz_shoutbox_archive_modoptions") . '";');
} else {
$modoptions = null;
}
// pagination
$items = self::count();
$page = abs((int) $mybb->input['page']);
$perPage = abs((int) $mybb->settings['dvz_sb_num_archive']);
if ($perPage == 0) {
$pages = 0;
} else {
$pages = ceil($items / $perPage);
}
if (!$page || $page < 1 || $page > $pages) {
$page = 1;
}
$start = ($page - 1) * $perPage;
if ($items > $perPage) {
$multipage = multipage($items, $perPage, $page, 'index.php?action=shoutbox_archive');
}
$data = self::get_multiple("ORDER by s.id DESC LIMIT {$start},{$perPage}");
$archive = null;
while ($row = $db->fetch_array($data)) {
$archive .= self::render_shout($row, true);
}
$javascript = '
<script>
dvz_shoutbox.lang = [\'' . $lang->dvz_sb_delete_confirm . '\', \'' . str_replace('{ANTIFLOOD}', (double) $mybb->settings['dvz_sb_antiflood'], $lang->dvz_sb_antiflood) . '\', \'' . $lang->dvz_sb_permissions . '\'];
</script>';
eval('$content = "' . $templates->get("dvz_shoutbox_archive") . '";');
output_page($content);
exit;
}
function cloudflare_moderation_start()
{
global $mybb, $db, $cache, $fid, $pid;
if (!$mybb->settings['cloudflare_postbit_spam'] || $mybb->input['action'] != 'cloudflare_report_spam') {
return;
}
if (!$mybb->input['pid']) {
error($lang->error_invalidpost);
}
$pid = intval($mybb->input['pid']);
if (!$mybb->input['fid']) {
error($lang->error_invalidforum);
}
$fid = intval($mybb->input['fid']);
if (!is_moderator($fid)) {
error_no_permission();
}
$query = $db->query("\n\t\tSELECT p.uid, p.username, u.email, p.message, p.ipaddress, p.tid\n\t\tFROM " . TABLE_PREFIX . "posts p\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid=p.fid)\n\t\tWHERE p.pid = '{$pid}'\n\t");
$post = $db->fetch_array($query);
if (!$post) {
error($lang->error_invalidpost);
}
if (!$mybb->input['my_post_key']) {
error_no_permission();
}
verify_post_check($mybb->input['my_post_key']);
$spammer = get_user($post['uid']);
$data = array("a" => $spammer['username'], "am" => $spammer['email'], "ip" => $post['ipaddress'], "con" => substr($post['message'], 0, 100));
$data = urlencode(json_encode($data));
cloudflare_report_spam($data);
redirect(get_post_link($pid), "Spam successfully reported to CloudFlare. You may now ban the spammer.");
}
public function xmlhttp_buddylist_page()
{
global $mybb;
$object = new stdClass();
$object->error = false;
$object->error_message = "";
if (!isset($mybb->input["my_post_key"], $mybb->input["memberuid"]) || !is_string($mybb->input["my_post_key"]) || !verify_post_check($mybb->input["my_post_key"], true) || !is_numeric($mybb->input["memberuid"])) {
return;
}
$page = isset($mybb->input["page"]) && is_numeric($mybb->input["page"]) && $mybb->input["page"] >= 1 ? (int) $mybb->input["page"] : 1;
$memberuid = (int) $mybb->input["memberuid"];
$memprofile = get_user($memberuid);
if (empty($memprofile)) {
return;
}
list($object->html, $object->count, $object->shown) = array_values($this->retrieve_buddylist_from_db($page, $memprofile));
MyProfileUtils::output_json($object);
}
public function misc_comments_do_edit()
{
global $mybb, $lang;
if (!isset($mybb->input["my_post_key"], $mybb->input["page"], $mybb->input["memberuid"]) || !is_string($mybb->input["my_post_key"]) || !is_numeric($mybb->input["page"]) || !is_numeric($mybb->input["memberuid"])) {
return;
}
if (!verify_post_check($mybb->input["my_post_key"], true)) {
return;
}
MyProfileUtils::lang_load_myprofile();
$this->redirect((int) $mybb->input["memberuid"], $lang->mp_comments_comment_edited_successfully, "&page={$mybb->input['page']}");
}
send_page_headers();
}
// Do not use session system for defined pages
if (@isset($mybb->input['action']) && @isset($nosession[$mybb->input['action']]) || @isset($mybb->input['thumbnail']) && $current_page == 'attachment.php') {
define("NO_ONLINE", 1);
}
// Create session for this user
require_once MYBB_ROOT . "inc/class_session.php";
$session = new session();
$session->init();
$mybb->session =& $session;
$mybb->user['ismoderator'] = is_moderator("", "", $mybb->user['uid']);
// Set our POST validation code here
$mybb->post_code = generate_post_check();
// Set and load the language
if (!empty($mybb->input['language']) && $lang->language_exists($mybb->input['language']) && verify_post_check($mybb->input['my_post_key'], true)) {
$mybb->settings['bblanguage'] = $mybb->input['language'];
// If user is logged in, update their language selection with the new one
if ($mybb->user['uid']) {
if ($mybb->cookies['mybblang']) {
my_unsetcookie("mybblang");
}
$db->update_query("users", array("language" => $db->escape_string($mybb->settings['bblanguage'])), "uid='{$mybb->user['uid']}'");
} else {
my_setcookie("mybblang", $mybb->settings['bblanguage']);
}
$mybb->user['language'] = $mybb->settings['bblanguage'];
} else {
if (!$mybb->user['uid'] && !empty($mybb->cookies['mybblang']) && $lang->language_exists($mybb->cookies['mybblang'])) {
$mybb->settings['bblanguage'] = $mybb->cookies['mybblang'];
} else {
function run_importer()
{
global $mybb;
if (!($type = $mybb->get_input('ougc_awards_import'))) {
return;
}
switch ($type) {
#case 'mybbcentral';
default:
$tables = array('awards' => 'myawards', 'users' => 'myawards_users');
$keys = array('name' => 'awname', 'description' => 'awdescr', 'image' => 'awimg', 'original_id' => 'awid', 'uid' => 'awuid', 'reason' => 'awreason', 'TIME_NOW' => 'awutime');
$img_prefix = '{bburl}/uploads/awards/';
$lang_var = 'ougc_awards_import_confirm_mybbcentral';
break;
}
global $lang, $awards, $page;
$awards->lang_load();
if ($mybb->request_method == 'post') {
if (!verify_post_check($mybb->input['my_post_key'])) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=config-plugins");
}
if (isset($mybb->input['no'])) {
return true;
}
global $db;
$query = $db->simple_select('ougc_awards', 'MAX(disporder) AS max_disporder');
$disporder = (int) $db->fetch_field($query, 'max_disporder');
$query = $db->simple_select($tables['awards']);
while ($award = $db->fetch_array($query)) {
$insert_award = array('name' => $award[$keys['name']], 'description' => $award[$keys['description']], 'image' => $img_prefix . $award[$keys['image']], 'disporder' => ++$disporder, 'pm' => '');
$awards->insert_award($insert_award);
$insert_award['aid'] = $awards->aid;
$insert_award[$keys['original_id']] = $award[$keys['original_id']];
$cache_awards[$award[$keys['original_id']]] = $insert_award;
}
$mybb->settings['ougc_awards_sendpm'] = $mybb->settings['enablepms'] = false;
$query = $db->simple_select($tables['users']);
while ($award = $db->fetch_array($query)) {
$insert_award = array('aid' => $cache_awards[$award[$keys['original_id']]]['aid'], 'uid' => $award[$keys['uid']], 'reason' => $award[$keys['reason']], 'TIME_NOW' => $award[$keys['TIME_NOW']]);
$awards->give_award($insert_award, array('uid' => $insert_award['uid']), $insert_award['reason']);
}
flash_message($lang->ougc_awards_import_end, 'success');
admin_redirect('index.php?module=config-plugins');
}
$page->output_confirm_action("index.php?module=config-plugins&ougc_awards_import={$type}", $lang->{$lang_var}, $lang->ougc_awards_import_title);
}
/**
* Delete ban
*/
function shoutboxUnban()
{
global $mybb, $db, $lang;
if (isset($mybb->input['id']) && isset($mybb->input['token'])) {
$lang->load('dvz_reports');
verify_post_check($mybb->input['token']);
$id = $db->escape_string($mybb->input['id']);
$data = $db->write_query("select " . TABLE_PREFIX . "dvz_reports_banned.uid, " . TABLE_PREFIX . "dvz_reports_banned.id, " . TABLE_PREFIX . "users.username\r\n from " . TABLE_PREFIX . "dvz_reports_banned\r\n JOIN " . TABLE_PREFIX . "users ON " . TABLE_PREFIX . "dvz_reports_banned.uid = " . TABLE_PREFIX . "users.uid\r\n WHERE " . TABLE_PREFIX . "dvz_reports_banned.id = '{$id}';");
//Validate ban existance
if ($data->num_rows === 0) {
redirect('modcp.php?action=shoutbox_banned');
die;
}
$data = $data->fetch_assoc();
//Delete ban and log action
$db->delete_query('dvz_reports_banned', 'id=' . $id);
//Log action
$logdata = array('uid' => htmlspecialchars_uni($data['uid']), 'username' => htmlspecialchars_uni($data['username']));
log_moderator_action($logdata, $lang->unban_user);
redirect('modcp.php?action=shoutbox_banned');
die;
}
//Redirect
redirect('modcp.php?action=shoutbox_banned');
die;
}
function automedia_admin()
{
global $db, $lang, $mybb, $page, $cache, $run_module, $action_file;
if (!isset($lang->automedia_modules)) {
$lang->load("automedia");
}
if ($page->active_action != 'automedia') {
return false;
}
if ($run_module == 'tools' && $action_file == 'automedia') {
$page->add_breadcrumb_item($lang->automedia, 'index.php?module=tools-automedia');
// Show site modules
if ($mybb->input['action'] == "" || !$mybb->input['action']) {
$page->add_breadcrumb_item($lang->automedia_modules);
$page->output_header($lang->automedia_modules . ' - ' . $lang->automedia_modules);
$sub_tabs['automedia'] = array('title' => $lang->automedia_modules, 'link' => 'index.php?module=tools-automedia', 'description' => $lang->automedia_modules_description1);
if ($mybb->settings['av_adultsites'] == 1) {
$sub_tabs['special'] = array('title' => $lang->automedia_adult, 'link' => 'index.php?module=tools-automedia&action=adult', 'description' => $lang->automedia_adult_description1);
}
$page->output_nav_tabs($sub_tabs, 'automedia');
$aotable = new Table();
$aotable->construct_header('#');
$aotable->construct_header($lang->automedia_oembed_desc);
if (isset($mybb->settings['av_embera']) && $mybb->settings['av_embera'] == 1) {
$aotable->construct_cell('<img src="styles/default/images/icons/success.png" width="16px" height="16px" alt="OK" />');
$aotable->construct_cell($lang->automedia_modules_embera);
$aotable->construct_row();
}
if (isset($mybb->settings['av_embedly']) && $mybb->settings['av_embedly'] == 1 && !empty($mybb->settings['av_embedly_key']) && $mybb->settings['av_embedly_key'] != "") {
$aotable->construct_cell('<img src="styles/default/images/icons/success.png" width="16px" height="16px" alt="' . $lang->automedia_modules_success . '" />');
$aotable->construct_cell($lang->automedia_modules_embedly);
$aotable->construct_row();
}
$aotable->output($lang->automedia_oembed);
$amtable = new Table();
$amtable->construct_header('#');
$amtable->construct_header($lang->automedia_modules_description2);
$amtable->construct_header('<div style="text-align: center;">' . $lang->automedia_modules_status . '</div>');
$amtable->construct_header('<div style="text-align: center;">' . $lang->automedia_modules_options . ':</div>');
$folder = MYBB_ROOT . "inc/plugins/automedia/mediasites/";
if (is_dir($folder)) {
$mediafiles = scandir($folder);
$mediatitles = str_replace(".php", "", $mediafiles);
$query = $db->simple_select('automedia', 'name', "class='site'");
// Find missing files for active modules
while ($missing = $db->fetch_array($query)) {
if (!in_array($missing['name'], $mediatitles)) {
$missingfile = ucfirst(htmlspecialchars_uni($missing['name']));
$amtable->construct_cell('<strong>!</strong>');
$amtable->construct_cell('<strong>' . $missingfile . '</strong> (<a href="' . $sub_tabs['automedia']['link'] . '&action=deactivate&site=' . urlencode($missing['name']) . '&my_post_key=' . $mybb->post_code . '"><strong>' . $lang->automedia_modules_deactivate . '</strong></a>)');
$amtable->construct_cell($lang->automedia_modules_notfound . ' ' . $folder . '' . htmlspecialchars_uni($missing['name']) . '.php', array('colspan' => '2'));
$amtable->construct_row();
}
}
$i = 1;
foreach ($mediafiles as $sites) {
// Fetch all files in the folder
$siteinfo = pathinfo($folder . "/" . $sites);
if ($sites != "." && $sites != "..") {
$filetype = "php";
// We need only php files
if ($siteinfo['extension'] == $filetype) {
$site = str_replace(".php", "", $sites);
$media = ucfirst(htmlspecialchars_uni($site));
$check = file_get_contents($folder . $siteinfo['basename']);
if (preg_match('"function automedia_"isU', $check)) {
$amtable->construct_cell($i);
$amtable->construct_cell('<a href="' . $sub_tabs['automedia']['link'] . '&action=showsite&site=' . urlencode($site) . '&my_post_key=' . $mybb->post_code . '"><strong>' . $media . '</strong></a>');
$query2 = $db->simple_select('automedia', '*', "name='" . htmlspecialchars_uni($site) . "'");
$active = $db->fetch_array($query2);
if ($active && $active['class'] == "site") {
$amtable->construct_cell('<div style="text-align: center;"><img src="' . $mybb->asset_url . '/images/mod-on.png" width="32" height="32" alt="' . $lang->automedia_modules_success . '" />');
$amtable->construct_cell('<div style="text-align: center;"><a href="' . $sub_tabs['automedia']['link'] . '&action=deactivate&site=' . urlencode($site) . '&my_post_key=' . $mybb->post_code . '"><strong>' . $lang->automedia_modules_deactivate . '</strong></a></div>');
} else {
$amtable->construct_cell('<div style="text-align: center;"><img src="' . $mybb->asset_url . '/images/mod-off.png" width="32" height="32" alt="' . $lang->automedia_modules_fail . '" />');
$amtable->construct_cell('<div style="text-align: center;"><a href="' . $sub_tabs['automedia']['link'] . '&action=activate&site=' . urlencode($site) . '&my_post_key=' . $mybb->post_code . '"><strong>' . $lang->automedia_modules_activate . '</strong></a></div>');
}
$amtable->construct_row();
$i++;
}
}
}
}
if ($amtable->num_rows() == 0) {
$amtable->construct_cell($lang->automedia_modules, array('colspan' => '4'));
$amtable->construct_row();
}
} else {
$amtable->construct_cell($lang->automedia_modules_missing_sitesfolder, array('colspan' => '4'));
$amtable->construct_row();
}
$amtable->output($lang->automedia_modules);
echo '<div style="text-align: center;">
<a href="' . $sub_tabs['automedia']['link'] . '&action=activateallsites&my_post_key=' . $mybb->post_code . '"><span style="border: 3px double #0F5C8E; padding: 3px; background: #fff url(images/submit_bg.png) repeat-x top; color: #0F5C8E; margin-right: 3px;">' . $lang->automedia_modules_activateall . '</span></a>
</div>';
$page->output_footer();
}
// Show special modules
if ($mybb->input['action'] == "adult" && $mybb->settings['av_adultsites'] == 1) {
$page->add_breadcrumb_item($lang->automedia_adult);
$page->output_header($lang->automedia_modules . ' - ' . $lang->automedia_adult);
$sub_tabs['automedia'] = array('title' => $lang->automedia_modules, 'link' => 'index.php?module=tools-automedia', 'description' => $lang->automedia_modules);
if ($mybb->settings['av_adultsites'] == 1) {
$sub_tabs['special'] = array('title' => $lang->automedia_adult, 'link' => 'index.php?module=tools-automedia&action=adult', 'description' => $lang->automedia_adult_description1);
}
$page->output_nav_tabs($sub_tabs, 'special');
$amtable = new Table();
$amtable->construct_header('#');
$amtable->construct_header($lang->automedia_modules_description2);
$amtable->construct_header('<div style="text-align: center;">' . $lang->automedia_modules_status . '</div>');
$amtable->construct_header('<div style="text-align: center;">' . $lang->automedia_modules_options . ':</div>');
$folder = MYBB_ROOT . "inc/plugins/automedia/special/";
if (is_dir($folder)) {
$mediafiles = scandir($folder);
$mediatitles = str_replace(".php", "", $mediafiles);
$query = $db->simple_select('automedia', 'name', "class='special'");
// Find missing files for active modules
while ($missing = $db->fetch_array($query)) {
if (!in_array($missing['name'], $mediatitles)) {
$missingfile = ucfirst(htmlspecialchars_uni($missing['name']));
$amtable->construct_cell('<strong>!</strong>');
$amtable->construct_cell('<strong>' . $missingfile . '</strong> (<a href="' . $sub_tabs['automedia']['link'] . '&action=adultdeactivate&site=' . urlencode($missing['name']) . '&my_post_key=' . $mybb->post_code . '"><strong>' . $lang->automedia_modules_deactivate . '</strong></a>)');
$amtable->construct_cell($lang->automedia_modules_notfound . ' ' . $folder . '' . htmlspecialchars_uni($missing['name']) . '.php', array('colspan' => '2'));
$amtable->construct_row();
}
}
$i = 1;
foreach ($mediafiles as $sites) {
// Fetch all files in the folder
$siteinfo = pathinfo($folder . "/" . $sites);
if ($sites != "." && $sites != "..") {
$filetype = "php";
// We need only php files
if ($siteinfo['extension'] == $filetype) {
$site = str_replace(".php", "", $sites);
$media = ucfirst(htmlspecialchars_uni($site));
$check = file_get_contents($folder . $siteinfo['basename']);
if (preg_match('"function automedia_"isU', $check)) {
$amtable->construct_cell($i);
$amtable->construct_cell('<a href="' . $sub_tabs['automedia']['link'] . '&action=showspecial&site=' . urlencode($site) . '&my_post_key=' . $mybb->post_code . '"><strong>' . $media . '</strong></a>');
$query = $db->simple_select('automedia', '*', "name='" . htmlspecialchars_uni($site) . "'");
$active = $db->fetch_array($query);
if ($active && $active['class'] == "special") {
$amtable->construct_cell('<div style="text-align: center;"><img src="' . $mybb->asset_url . '/images/mod-on.png" width="32" height="32" alt="' . $lang->automedia_modules_success . '" />');
$amtable->construct_cell('<div style="text-align: center;"><a href="' . $sub_tabs['automedia']['link'] . '&action=adultdeactivate&site=' . urlencode($site) . '&my_post_key=' . $mybb->post_code . '"><strong>' . $lang->automedia_modules_deactivate . '</strong></a></div>');
} else {
$amtable->construct_cell('<div style="text-align: center;"><img src="' . $mybb->asset_url . '/images/mod-off.png" width="32" height="32" alt="' . $lang->automedia_modules_fail . '" />');
$amtable->construct_cell('<div style="text-align: center;"><a href="' . $sub_tabs['automedia']['link'] . '&action=adultactivate&site=' . urlencode($site) . '&my_post_key=' . $mybb->post_code . '"><strong>' . $lang->automedia_modules_activate . '</strong></a></div>');
}
$amtable->construct_row();
$i++;
}
}
}
}
if ($amtable->num_rows() == 0) {
$amtable->construct_cell($lang->automedia_adult, array('colspan' => '4'));
$amtable->construct_row();
}
} else {
$amtable->construct_cell($lang->automedia_modules_missing_specialfolder, array('colspan' => '4'));
$amtable->construct_row();
}
$amtable->output($lang->automedia_modules);
echo '<div style="text-align: center;">
<a href="' . $sub_tabs['automedia']['link'] . '&action=activateallspecial&my_post_key=' . $mybb->post_code . '"><span style="border: 3px double #0F5C8E; padding: 3px; background: #fff url(images/submit_bg.png) repeat-x top; color: #0F5C8E; margin-right: 3px;">' . $lang->automedia_modules_activateall . '</span></a>
</div>';
$page->output_footer();
}
// Activate site module
if ($mybb->input['action'] == 'activate') {
if (!verify_post_check($mybb->input['my_post_key'])) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=tools-automedia");
} else {
$site = htmlspecialchars_uni($mybb->input['site']);
$query_act1 = $db->simple_select('automedia', '*', "name='" . $site . "'");
$active1 = $db->fetch_array($query_act1);
if (!$active1) {
$automedia_site = array("name" => $site, "class" => "site");
$db->insert_query("automedia", $automedia_site);
automedia_cache();
$mybb->input['module'] = $lang->av_plugin_title;
$mybb->input['action'] = $lang->automedia_modules_active . " ";
log_admin_action(ucfirst($site));
flash_message($lang->automedia_modules_active, 'success');
admin_redirect("index.php?module=tools-automedia");
} else {
flash_message($lang->automedia_modules_notfound, 'error');
}
}
exit;
}
// Activate special module
if ($mybb->input['action'] == 'adultactivate') {
if (!verify_post_check($mybb->input['my_post_key'])) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=tools-automedia&action=adult");
} else {
$site = htmlspecialchars_uni($mybb->input['site']);
$query_act2 = $db->simple_select('automedia', '*', "name='" . $site . "'");
$active2 = $db->fetch_array($query_act2);
if (!$active2) {
$automedia_special = array("name" => $site, "class" => "special");
$db->insert_query("automedia", $automedia_special);
automedia_cache();
$mybb->input['module'] = $lang->av_plugin_title;
$mybb->input['action'] = $lang->automedia_modules_active . " ";
log_admin_action(ucfirst($site));
flash_message($lang->automedia_modules_active, 'success');
admin_redirect("index.php?module=tools-automedia&action=adult");
} else {
flash_message($lang->automedia_modules_notfound, 'error');
}
}
exit;
}
// Deactivate site module
if ($mybb->input['action'] == 'deactivate') {
if (!verify_post_check($mybb->input['my_post_key'])) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=tools-automedia");
} else {
$site = htmlspecialchars_uni($mybb->input['site']);
$query_del1 = $db->simple_select('automedia', '*', "name='" . $site . "'");
$delete1 = $db->fetch_array($query_del1);
if ($delete1['name'] == $site) {
$db->delete_query('automedia', "name='{$site}'");
automedia_cache();
$mybb->input['module'] = $lang->av_plugin_title;
$mybb->input['action'] = $lang->automedia_modules_deleted . " ";
log_admin_action(ucfirst($site));
flash_message($lang->automedia_modules_deleted, 'success');
admin_redirect("index.php?module=tools-automedia");
} else {
flash_message($lang->automedia_modules_notfound, 'error');
}
}
exit;
}
// Deactivate special module
if ($mybb->input['action'] == 'adultdeactivate') {
if (!verify_post_check($mybb->input['my_post_key'])) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=tools-automedia&action=adult");
} else {
$site = htmlspecialchars_uni($mybb->input['site']);
$query_del2 = $db->simple_select('automedia', '*', "name='" . $site . "'");
$delete2 = $db->fetch_array($query_del2);
if ($delete2['name'] == $site) {
$db->delete_query('automedia', "name='{$site}'");
automedia_cache();
$mybb->input['module'] = $lang->av_plugin_title;
$mybb->input['action'] = $lang->automedia_modules_deleted . " ";
log_admin_action(ucfirst($site));
flash_message($lang->automedia_modules_deleted, 'success');
admin_redirect("index.php?module=tools-automedia&action=adult");
} else {
flash_message($lang->automedia_modules_notfound, 'error');
}
}
exit;
}
// Activate all site modules
if ($mybb->input['action'] == 'activateallsites') {
if (!verify_post_check($mybb->input['my_post_key'])) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=tools-automedia");
} else {
$folder1 = MYBB_ROOT . "inc/plugins/automedia/mediasites/";
if (is_dir($folder1)) {
$mediafiles1 = scandir($folder1);
foreach ($mediafiles1 as $sites1) {
// Fetch all files in the folder
$siteinfo1 = pathinfo($folder1 . "/" . $sites1);
if ($sites1 != "." && $sites1 != "..") {
$filetype1 = "php";
// We need only php files
if ($siteinfo1['extension'] == $filetype1) {
$media1 = str_replace(".php", "", $sites1);
$check1 = file_get_contents($folder1 . $siteinfo1['basename']);
if (preg_match('"function automedia_"isU', $check1)) {
$query_ex = $db->simple_select('automedia', 'name', "name='" . htmlspecialchars_uni($media1) . "'");
$modactive = $db->fetch_array($query_ex);
if (!$modactive) {
// activate site
$automedia_site1 = array("name" => htmlspecialchars_uni($media1), "class" => "site");
$db->insert_query("automedia", $automedia_site1);
}
}
}
}
}
automedia_cache();
}
}
admin_redirect("index.php?module=tools-automedia");
exit;
}
// Activate all special modules
if ($mybb->input['action'] == 'activateallspecial') {
if (!verify_post_check($mybb->input['my_post_key'])) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=tools-automedia");
} else {
$folder2 = MYBB_ROOT . "inc/plugins/automedia/special/";
if (is_dir($folder2)) {
$mediafiles2 = scandir($folder2);
foreach ($mediafiles2 as $sites2) {
// Fetch all files in the folder
$siteinfo2 = pathinfo($folder2 . "/" . $sites2);
if ($sites2 != "." && $sites2 != "..") {
$filetype2 = "php";
// We need only php files
if ($siteinfo2['extension'] == $filetype2) {
$media2 = str_replace(".php", "", $sites2);
$check2 = file_get_contents($folder2 . $siteinfo2['basename']);
if (preg_match('"function automedia_"isU', $check2)) {
$query_ex2 = $db->simple_select('automedia', 'name', "name='" . htmlspecialchars_uni($media2) . "'");
$modactive2 = $db->fetch_array($query_ex2);
if (!$modactive2) {
// add site
$automedia_site2 = array("name" => htmlspecialchars_uni($media2), "class" => "special");
$db->insert_query("automedia", $automedia_site2);
}
}
}
}
}
automedia_cache();
}
}
admin_redirect("index.php?module=tools-automedia&action=adult");
exit;
}
// Show site module code
if ($mybb->input['action'] == 'showsite') {
if (!verify_post_check($mybb->input['my_post_key'])) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=tools-automedia");
} else {
$site = htmlspecialchars_uni($mybb->input['site']);
$page->add_breadcrumb_item($lang->automedia_modules_embedcode);
$page->output_header($lang->automedia_modules_showcode);
$sub_tabs['automedia'] = array('title' => $lang->automedia_modules, 'link' => 'index.php?module=tools-automedia', 'description' => $lang->automedia_modules);
if ($mybb->settings['av_adultsites'] == 1) {
$sub_tabs['special'] = array('title' => $lang->automedia_adult, 'link' => 'index.php?module=tools-automedia&action=adult', 'description' => $lang->automedia_adult_description1);
}
$sub_tabs['embedcode'] = array('title' => $lang->automedia_modules_embedcode, 'link' => 'index.php?module=tools-automedia&action=showsite&site=' . urlencode($site) . '&my_post_key=' . $mybb->post_code . '', 'description' => $lang->automedia_modules_viewcode);
$page->output_nav_tabs($sub_tabs, 'embedcode');
$amtable = new Table();
$amtable->construct_header(ucfirst($site) . ' ' . $lang->automedia_modules_embedcode . ':');
$codefile = MYBB_ROOT . "inc/plugins/automedia/mediasites/" . $site . ".php";
if (is_file($codefile)) {
$embedcode = file_get_contents($codefile);
$showcode = @highlight_string($embedcode, true);
$amtable->construct_cell($showcode);
}
$amtable->construct_row();
$amtable->output($lang->automedia_modules_showcode);
$page->output_footer();
}
exit;
}
// Show special module code
if ($mybb->input['action'] == 'showspecial') {
if (!verify_post_check($mybb->input['my_post_key'])) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=tools-automedia");
} else {
$site = htmlspecialchars_uni($mybb->input['site']);
$page->add_breadcrumb_item($lang->automedia_modules_embedcode);
$page->output_header($lang->automedia_modules_showcode);
$sub_tabs['automedia'] = array('title' => $lang->automedia_modules, 'link' => 'index.php?module=tools-automedia', 'description' => $lang->automedia_modules);
if ($mybb->settings['av_adultsites'] == 1) {
$sub_tabs['special'] = array('title' => $lang->automedia_adult, 'link' => 'index.php?module=tools-automedia&action=adult', 'description' => $lang->automedia_adult_description1);
}
$sub_tabs['embedcode'] = array('title' => $lang->automedia_modules_embedcode, 'link' => 'index.php?module=tools-automedia&action=showspecial&site=' . urlencode($site) . '&my_post_key=' . $mybb->post_code . '', 'description' => $lang->automedia_modules_viewcode);
$page->output_nav_tabs($sub_tabs, 'embedcode');
$amtable = new Table();
$amtable->construct_header(ucfirst($site) . ' ' . $lang->automedia_modules_embedcode . ':');
$codefile = MYBB_ROOT . "inc/plugins/automedia/special/" . $site . ".php";
if (is_file($codefile)) {
$embedcode = file_get_contents($codefile);
$showcode = @highlight_string($embedcode, true);
$amtable->construct_cell($showcode);
}
$amtable->construct_row();
$amtable->output($lang->automedia_modules_showcode);
$page->output_footer();
}
exit;
}
// Reapply template edits
if ($mybb->input['action'] == "templateedits") {
if (!verify_post_check($mybb->input['my_post_key'])) {
flash_message($lang->invalid_post_verify_key2, 'error');
admin_redirect("index.php?module=config-plugins");
} else {
automedia_reapply_template_edits();
admin_redirect("index.php?module=config-plugins");
}
exit;
}
}
}
function myalerts_xmlhttp()
{
global $mybb, $lang, $templates, $db;
if (!isset($lang->myalerts)) {
$lang->load('myalerts');
}
myalerts_create_instances();
if ($mybb->get_input('action') == 'getNewAlerts') {
header('Content-Type: application/json');
$newAlerts = MybbStuff_MyAlerts_AlertManager::getInstance()->getAlerts(0, $mybb->settings['myalerts_dropdown_limit']);
$alertsListing = '';
$alertsToReturn = array();
if (is_array($newAlerts) && !empty($newAlerts)) {
$toMarkRead = array();
foreach ($newAlerts as $alertObject) {
$altbg = alt_trow();
$alert = parse_alert($alertObject);
$alertsToReturn[] = $alert;
if (isset($mybb->input['from']) && $mybb->input['from'] == 'header') {
if ($alert['message']) {
$alertsListing .= eval($templates->render('myalerts_alert_row_popup', true, false));
}
} else {
if ($alert['message']) {
$alertsListing .= eval($templates->render('myalerts_alert_row', true, false));
}
}
$toMarkRead[] = $alertObject->getId();
}
MybbStuff_MyAlerts_AlertManager::getInstance()->markRead($toMarkRead);
} else {
$from = $mybb->get_input('from', MyBB::INPUT_STRING);
$altbg = alt_trow();
if (!empty($from) && $from == 'header') {
$alertsListing = eval($templates->render('myalerts_alert_row_popup_no_alerts', true, false));
} else {
$alertsListing = eval($templates->render('myalerts_alert_row_no_alerts', true, false));
}
}
echo json_encode(array('alerts' => $alertsToReturn, 'template' => $alertsListing));
}
if ($mybb->get_input('action') == 'myalerts_delete') {
header('Content-Type: application/json');
$id = $mybb->get_input('id', MyBB::INPUT_INT);
$userId = (int) $mybb->user['uid'];
$toReturn = array();
if ($id > 0) {
if (!verify_post_check($mybb->get_input('my_post_key'), true)) {
$toReturn = array('errors' => array($lang->invalid_post_code));
} else {
$db->delete_query('alerts', "id = {$id} AND uid = {$userId}");
$newAlerts = MybbStuff_MyAlerts_AlertManager::getInstance()->getUnreadAlerts();
$alertsListing = '';
$alertsToReturn = array();
if (is_array($newAlerts) && !empty($newAlerts)) {
$toMarkRead = array();
foreach ($newAlerts as $alertObject) {
$altbg = alt_trow();
$alert = parse_alert($alertObject);
$alertsToReturn[] = $alert;
if (isset($mybb->input['from']) && $mybb->input['from'] == 'header') {
if ($alert['message']) {
$alertsListing .= eval($templates->render('myalerts_alert_row_popup', true, false));
}
} else {
if ($alert['message']) {
$alertsListing .= eval($templates->render('myalerts_alert_row', true, false));
}
}
$toMarkRead[] = $alertObject->getId();
}
MybbStuff_MyAlerts_AlertManager::getInstance()->markRead($toMarkRead);
} else {
$from = $mybb->get_input('from', MyBB::INPUT_STRING);
$altbg = alt_trow();
if (!empty($from) && $from == 'header') {
$alertsListing = eval($templates->render('myalerts_alert_row_popup_no_alerts', true, false));
} else {
$alertsListing = eval($templates->render('myalerts_alert_row_no_alerts', true, false));
}
}
$toReturn = array('success' => true, 'template' => $alertsListing);
}
} else {
$toReturn = array('errors' => array($lang->myalerts_error_alert_not_found));
}
echo json_encode($toReturn);
}
if ($mybb->input['action'] == 'getNumUnreadAlerts') {
echo MybbStuff_MyAlerts_AlertManager::getInstance()->getNumUnreadAlerts();
}
}
function announcement_global()
{
global $announcement, $mybb, $db;
$announcement = announcement_create(true);
if ($mybb->input['action'] == "ann_dismiss") {
if (!$mybb->input['id'] || $mybb->user['uid'] == 0) {
exit;
}
$query = $db->simple_select("announcement", "removable, removedfrom", "ID=" . (int) $mybb->input['id']);
$ann = $db->fetch_array($query);
if (!$ann['removable']) {
exit;
}
$removedUser = @unserialize($ann['removedfrom']);
if ($removedUser && in_array($mybb->user['uid'], $removedUser)) {
exit;
}
verify_post_check($mybb->input['my_post_key']);
$removedUser[] = $mybb->user['uid'];
$updated_user = array("removedfrom" => $db->escape_string(serialize($removedUser)));
$db->update_query("announcement", $updated_user, "ID=" . (int) $mybb->input['id']);
if ($mybb->input['ajax']) {
echo 1;
exit;
} else {
header("Location: index.php");
exit;
}
}
}
function replyban_run()
{
global $db, $mybb, $lang, $templates, $theme, $headerinclude, $header, $footer, $replyban, $moderation;
$lang->load("replyban");
if ($mybb->input['action'] != "replyban" && $mybb->input['action'] != "do_replyban" && $mybb->input['action'] != "liftreplyban") {
return;
}
if ($mybb->input['action'] == "replyban") {
$tid = $mybb->get_input('tid', MyBB::INPUT_INT);
$thread = get_thread($tid);
if (!is_moderator($thread['fid'], "canmanagethreads")) {
error_no_permission();
}
if (!$thread['tid']) {
error($lang->error_invalidthread);
}
$thread['subject'] = htmlspecialchars_uni($thread['subject']);
$lang->reply_bans_for = $lang->sprintf($lang->reply_bans_for, $thread['subject']);
check_forum_password($thread['fid']);
build_forum_breadcrumb($thread['fid']);
add_breadcrumb($thread['subject'], get_thread_link($thread['tid']));
add_breadcrumb($lang->reply_bans);
$query = $db->query("\r\n\t\t\tSELECT r.*, u.username\r\n\t\t\tFROM " . TABLE_PREFIX . "replybans r\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (r.uid=u.uid)\r\n\t\t\tWHERE r.tid='{$thread['tid']}'\r\n\t\t\tORDER BY r.dateline DESC\r\n\t\t");
while ($ban = $db->fetch_array($query)) {
$ban['reason'] = htmlspecialchars_uni($ban['reason']);
$ban['username'] = build_profile_link($ban['username'], $ban['uid']);
if ($ban['lifted'] == 0) {
$ban['lifted'] = $lang->permanent;
} else {
$ban['lifted'] = my_date('relative', $ban['lifted'], '', 2);
}
$alt_bg = alt_trow();
eval("\$ban_bit .= \"" . $templates->get("moderation_replyban_bit") . "\";");
}
if (!$ban_bit) {
eval("\$ban_bit = \"" . $templates->get("moderation_replyban_no_bans") . "\";");
}
// Generate the banned times dropdown
$liftlist = '';
$bantimes = fetch_ban_times();
foreach ($bantimes as $time => $title) {
$selected = '';
if (isset($banned['bantime']) && $banned['bantime'] == $time) {
$selected = " selected=\"selected\"";
}
$thattime = '';
if ($time != '---') {
$dateline = TIME_NOW;
if (isset($banned['dateline'])) {
$dateline = $banned['dateline'];
}
$thatime = my_date("D, jS M Y @ g:ia", ban_date2timestamp($time, $dateline));
$thattime = " ({$thatime})";
}
eval("\$liftlist .= \"" . $templates->get("moderation_replyban_liftlist") . "\";");
}
eval("\$replyban = \"" . $templates->get("moderation_replyban") . "\";");
output_page($replyban);
}
if ($mybb->input['action'] == "do_replyban" && $mybb->request_method == "post") {
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));
$tid = $mybb->get_input('tid', MyBB::INPUT_INT);
$thread = get_thread($tid);
if (!is_moderator($thread['fid'], "canmanagethreads")) {
error_no_permission();
}
if (!$thread['tid']) {
error($lang->error_invalidthread);
}
$user = get_user_by_username($mybb->input['username'], array('fields' => array('username')));
if (!$user['uid']) {
error($lang->error_invaliduser);
}
$mybb->input['reason'] = $mybb->get_input('reason');
if (!trim($mybb->input['reason'])) {
error($lang->error_missing_reason);
}
$query = $db->simple_select('replybans', 'rid', "uid='{$user['uid']}' AND tid='{$thread['tid']}'");
$existingban = $db->fetch_field($query, 'rid');
if ($existingban > 0) {
error($lang->error_alreadybanned);
}
if ($mybb->get_input('liftban') == '---') {
$lifted = 0;
} else {
$lifted = ban_date2timestamp($mybb->get_input('liftban'), 0);
}
$reason = my_substr($mybb->input['reason'], 0, 240);
$insert_array = array('uid' => $user['uid'], 'tid' => $thread['tid'], 'dateline' => TIME_NOW, 'reason' => $db->escape_string($reason), 'lifted' => $db->escape_string($lifted));
$db->insert_query('replybans', $insert_array);
log_moderator_action(array("tid" => $thread['tid'], "fid" => $thread['fid'], "uid" => $user['uid'], "username" => $user['username']), $lang->user_reply_banned);
moderation_redirect("moderation.php?action=replyban&tid={$thread['tid']}", $lang->redirect_user_banned_replying);
}
if ($mybb->input['action'] == "liftreplyban") {
// Verify incoming POST request
verify_post_check($mybb->get_input('my_post_key'));
$rid = $mybb->get_input('rid', MyBB::INPUT_INT);
$query = $db->simple_select("replybans", "*", "rid='{$rid}'");
$ban = $db->fetch_array($query);
if (!$ban['rid']) {
error($lang->error_invalidreplyban);
}
$thread = get_thread($ban['tid']);
$user = get_user($ban['uid']);
if (!$thread['tid']) {
error($lang->error_invalidthread);
}
if (!is_moderator($thread['fid'], "canmanagethreads")) {
error_no_permission();
}
$db->delete_query("replybans", "rid='{$ban['rid']}'");
log_moderator_action(array("tid" => $thread['tid'], "fid" => $thread['fid'], "uid" => $user['uid'], "username" => $user['username']), $lang->user_reply_banned_lifted);
moderation_redirect("moderation.php?action=replyban&tid={$thread['tid']}", $lang->redirect_reply_ban_lifted);
}
exit;
}
}
// Load language
$lang->set_language($mybb->settings['bblanguage']);
$lang->load('global');
$lang->load('messages');
// Run global_start plugin hook now that the basics are set up
$plugins->run_hooks('global_start');
if (function_exists('mb_internal_encoding') && !empty($lang->settings['charset'])) {
@mb_internal_encoding($lang->settings['charset']);
}
// Select the board theme to use.
$loadstyle = '';
$load_from_forum = $load_from_user = 0;
$style = array();
// The user used our new quick theme changer
if (isset($mybb->input['theme']) && verify_post_check($mybb->get_input('my_post_key'), true)) {
// Set up user handler.
require_once MYBB_ROOT . 'inc/datahandlers/user.php';
$userhandler = new UserDataHandler('update');
$user = array('uid' => $mybb->user['uid'], 'style' => $mybb->get_input('theme', MyBB::INPUT_INT), 'usergroup' => $mybb->user['usergroup'], 'additionalgroups' => $mybb->user['additionalgroups']);
$userhandler->set_data($user);
// validate_user verifies the style if it is set in the data array.
if ($userhandler->validate_user()) {
$mybb->user['style'] = $user['style'];
// If user is logged in, update their theme selection with the new one
if ($mybb->user['uid']) {
if (isset($mybb->cookies['mybbtheme'])) {
my_unsetcookie('mybbtheme');
}
$userhandler->update_user();
} else {
$expcolimage = "collapse.gif";
}
}
eval("\$sections .= \"" . $templates->get("misc_help_section") . "\";");
}
}
$plugins->run_hooks("misc_help_section_end");
eval("\$help = \"" . $templates->get("misc_help") . "\";");
output_page($help);
}
} elseif ($mybb->input['action'] == "buddypopup") {
$plugins->run_hooks("misc_buddypopup_start");
if ($mybb->user['uid'] == 0) {
error_no_permission();
}
if ($mybb->input['removebuddy'] && verify_post_check($mybb->input['my_post_key'])) {
$buddies = $mybb->user['buddylist'];
$namesarray = explode(",", $buddies);
if (is_array($namesarray)) {
foreach ($namesarray as $key => $buddyid) {
if ($buddyid == $mybb->input['removebuddy']) {
unset($namesarray[$key]);
}
}
$buddylist = implode(',', $namesarray);
$db->update_query("users", array('buddylist' => $buddylist), "uid='" . $mybb->user['uid'] . "'");
$mybb->user['buddylist'] = $buddylist;
}
}
// Load Buddies
if ($mybb->user['buddylist'] != "") {
function mytwconnect_usercp()
{
global $mybb, $lang, $inlinesuccess;
// Load API in certain areas
if (in_array($mybb->input['action'], array('twlink', 'do_twlink')) or $_SESSION['twlogin'] or $mybb->input['action'] == 'mytwconnect' and $mybb->request_method == 'post') {
require_once MYBB_ROOT . "inc/plugins/MyTwitterConnect/class_twitter.php";
$TwitterConnect = new MyTwitter();
}
$settingsToCheck = array('twavatar', 'twbio', 'twlocation');
if (!$lang->mytwconnect) {
$lang->load('mytwconnect');
}
// Authenticate
if ($mybb->input['action'] == 'twlink') {
$TwitterConnect->set_fallback('usercp.php?action=do_twlink');
$TwitterConnect->authenticate();
}
// Link account to his Twitter's one
if ($mybb->input['action'] == 'do_twlink') {
$TwitterConnect->obtain_tokens();
$user = $TwitterConnect->get_user();
if ($user) {
$TwitterConnect->link_user('', $user['id']);
} else {
error($lang->mytwconnect_error_noauth);
}
$TwitterConnect->redirect('usercp.php?action=mytwconnect', '', $lang->mytwconnect_success_linked);
}
// Settings page
if ($mybb->input['action'] == 'mytwconnect') {
global $db, $lang, $theme, $templates, $headerinclude, $header, $footer, $plugins, $usercpnav;
add_breadcrumb($lang->nav_usercp, 'usercp.php');
add_breadcrumb($lang->mytwconnect_page_title, 'usercp.php?action=mytwconnect');
// The user is changing his settings
if ($mybb->request_method == 'post' or $_SESSION['twlogin']) {
if ($mybb->request_method == 'post') {
verify_post_check($mybb->input['my_post_key']);
}
// He's unlinking his account
if ($mybb->input['unlink']) {
$TwitterConnect->unlink_user();
redirect('usercp.php?action=mytwconnect', $lang->mytwconnect_success_accunlinked, $lang->mytwconnect_success_accunlinked_title);
} else {
$settings = array();
foreach ($settingsToCheck as $setting) {
$settings[$setting] = 0;
if ($mybb->input[$setting] == 1) {
$settings[$setting] = 1;
}
// Build a list of parameters to include in the fallback URL
$loginUrlExtra .= "&{$setting}=" . $settings[$setting];
}
// Process the tokens
if ($_SESSION['twlogin']) {
$TwitterConnect->obtain_tokens();
}
$user = $TwitterConnect->get_user();
// This user is not logged in with Twitter
if (!$user) {
// Store a token in the session, we will check for it in the next call
$_SESSION['twlogin'] = 1;
$TwitterConnect->set_fallback("usercp.php?action=mytwconnect" . $loginUrlExtra);
$TwitterConnect->authenticate();
return;
}
if ($db->update_query('users', $settings, 'uid = ' . (int) $mybb->user['uid'])) {
unset($_SESSION['twlogin']);
$newUser = array_merge($mybb->user, $settings);
$TwitterConnect->sync($newUser, $user);
redirect('usercp.php?action=mytwconnect', $lang->mytwconnect_success_settingsupdated, $lang->mytwconnect_success_settingsupdated_title);
}
}
}
$options = '';
if ($mybb->user['mytw_uid']) {
// Checking if admins and users want to sync that stuff
foreach ($settingsToCheck as $setting) {
$tempKey = 'mytwconnect_' . $setting;
if (!$mybb->settings[$tempKey]) {
continue;
}
$userSettings[$setting] = 0;
if ($mybb->user[$setting]) {
$userSettings[$setting] = 1;
}
}
$text = $lang->setting_mytwconnect_whattosync;
$unlink = "<input type=\"submit\" class=\"button\" name=\"unlink\" value=\"{$lang->mytwconnect_settings_unlink}\" />";
if ($userSettings) {
foreach ($userSettings as $setting => $value) {
$tempKey = 'mytwconnect_settings_' . $setting;
$checked = '';
if ($value) {
$checked = " checked=\"checked\"";
}
$label = $lang->{$tempKey};
$altbg = alt_trow();
eval("\$options .= \"" . $templates->get('mytwconnect_usercp_settings_setting') . "\";");
}
} else {
$text = $lang->setting_mytwconnect_connected;
}
} else {
$text = $lang->setting_mytwconnect_linkaccount;
eval("\$options = \"" . $templates->get('mytwconnect_usercp_settings_linkprofile') . "\";");
}
eval("\$content = \"" . $templates->get('mytwconnect_usercp_settings') . "\";");
output_page($content);
}
}
function msb_gettoken()
{
global $mybb, $lang, $parser, $settings;
if (!is_object($parser)) {
require_once MYBB_ROOT . 'inc/class_parser.php';
$parser = new postParser();
}
if ($mybb->input['action'] != "msb_gettoken" || $mybb->request_method != "post") {
return false;
exit;
}
if (!verify_post_check($mybb->input['my_post_key'], true)) {
xmlhttp_error($lang->invalid_post_code);
}
if ($mybb->input['action'] == "msb_gettoken") {
$arraytoken = array('token' => msb_token_gen());
echo json_encode($arraytoken);
}
}
function restfulapi_admin_load()
{
global $mybb, $db, $page, $lang, $cache;
if ($page->active_action == RESTFULAPI_URL) {
$page->add_breadcrumb_item($lang->restfulapi_title);
$page->output_header($lang->restfulapi_title);
$result = $db->simple_select("apisettings");
$action = "config";
if (isset($mybb->input["action"]) && in_array($mybb->input["action"], array("manage-keys", "add-key"))) {
$action = $mybb->input["action"];
}
$navs = array("config" => array("link" => "index.php?module=config-" . RESTFULAPI_URL, "title" => $lang->restfulapi_config, "description" => $lang->restfulapi_config_description), "manage-keys" => array("link" => "index.php?module=config-" . RESTFULAPI_URL . "&action=manage-keys", "title" => $lang->restfulapi_manage_api_keys, "description" => $lang->restfulapi_manage_api_keys_description), "add-key" => array("link" => "index.php?module=config-" . RESTFULAPI_URL . "&action=add-key", "title" => $lang->restfulapi_add_api_key, "description" => $lang->restfulapi_add_api_key_description));
$page->output_nav_tabs($navs, $action);
switch ($action) {
case "manage-keys":
if (isset($mybb->input["do"]) && in_array($mybb->input["do"], array("regenerate", "edit", "delete"))) {
$do = $mybb->input["do"];
if ($do == "edit" && isset($mybb->input["key_id"]) && is_string($mybb->input["key_id"])) {
$key_id = (int) $db->escape_string($mybb->input["key_id"]);
$result = $db->simple_select("apikeys", "*", "id='{$key_id}'");
if ($result->num_rows != 1) {
flash_message($lang->restfulapi_key_not_found, "error");
admin_redirect("index.php?module=config-restfulapi&action=manage-keys");
exit;
}
if ($mybb->request_method == "post" && isset($mybb->input["apicustomer"]) && is_string($mybb->input["apicustomer"]) && isset($mybb->input["apicomment"]) && is_string($mybb->input["apicomment"]) && isset($mybb->input["maxreq"]) && is_numeric($mybb->input["maxreq"]) && isset($mybb->input["maxreqrate"]) && in_array($mybb->input["maxreqrate"], array("m", "w", "d", "h"))) {
$update = array("apicustomer" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicustomer"])), "apicomment" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicomment"])), "maxreq" => (int) $mybb->input["maxreq"], "maxreqrate" => $db->escape_string(htmlspecialchars_uni($mybb->input["maxreqrate"])));
$db->update_query("apikeys", $update, "id='{$key_id}'");
$db->delete_query("apipermissions", "apikey='{$key_id}'");
if (isset($mybb->input["apinames"]) && is_array($mybb->input["apinames"])) {
$insert_allowed = array();
foreach ($mybb->input["apinames"] as $apiname) {
$insert_allowed[] = array("apikey" => $key_id, "apiname" => $db->escape_string($apiname));
}
$db->insert_query_multiple("apipermissions", $insert_allowed);
}
restfulapi_cache_rebuild();
flash_message($lang->restfulapi_key_edited_successfully, "success");
admin_redirect("index.php?module=config-restfulapi&action=manage-keys");
} else {
$keyset = $result->fetch_array();
$form = new Form("index.php?module=config-" . RESTFULAPI_URL . "&action=manage-keys&do=edit&key_id={$key_id}", "post", "edit");
$form_container = new FormContainer($lang->restfulapi_edit_api_key);
$form_container->output_row($lang->restfulapi_customer_name . " <em>*</em>", $lang->restfulapi_customer_name_description, $form->generate_text_box('apicustomer', htmlspecialchars_uni($keyset["apicustomer"]), array('id' => 'apicustomer')), 'apicustomer');
$rate_types = array("h" => $lang->restfulapi_per_hour, "d" => $lang->restfulapi_per_day, "w" => $lang->restfulapi_per_week, "m" => $lang->restfulapi_per_month);
$form_container->output_row($lang->restfulapi_max_requests . " <em>*</em>", $lang->restfulapi_max_requests_description, $form->generate_text_box('maxreq', htmlspecialchars_uni($keyset["maxreq"]), array('id' => 'maxreq')) . " " . $form->generate_select_box('maxreqrate', $rate_types, htmlspecialchars_uni($keyset["maxreqrate"]), array('id' => 'maxreqrate')), 'maxreq');
$form_container->output_row($lang->restfulapi_comment, $lang->restfulapi_comment_description, $form->generate_text_area('apicomment', htmlspecialchars_uni($keyset["apicomment"]), array('id' => 'apicomment')), 'apicomment');
$apis = glob(RESTFULAPI_PATH . "api/*api.class.php");
$presentable_apis = array();
foreach ($apis as $key => $value) {
$value = htmlspecialchars_uni(str_replace(array(RESTFULAPI_PATH . "api/", "api.class.php"), "", $value));
$presentable_apis[$value] = $value;
}
$selected = array();
// reminder, $key_id has already been escaped!
$result = $db->simple_select("apipermissions", "*", "apikey='{$key_id}'");
while ($apipermission = $db->fetch_array($result)) {
$selected[] = $apipermission["apiname"];
}
$form_container->output_row($lang->restfulapi_select_allowed_apis, $lang->restfulapi_select_allowed_apis_description, $form->generate_select_box('apinames[]', $presentable_apis, $selected, array('id' => 'apinames', 'multiple' => true, 'size' => 10)), 'apinames');
$form_container->end();
$buttons[] = $form->generate_submit_button($lang->restfulapi_edit_api_key);
$form->output_submit_wrapper($buttons);
$form->end();
}
} elseif ($do == "delete" && isset($mybb->input["key_id"]) && isset($mybb->input["my_post_key"]) && verify_post_check($mybb->input["my_post_key"])) {
$key_id = $db->escape_string($mybb->input["key_id"]);
if ($db->simple_select("apikeys", "*", "id='{$key_id}'")->num_rows == 1) {
$db->delete_query("apipermissions", "apikey='{$key_id}'");
$db->delete_query("apikeys", "id='{$key_id}'");
restfulapi_cache_rebuild();
flash_message($lang->restfulapi_key_deleted_successfully, "success");
} else {
flash_message($lang->restfulapi_key_not_found, "error");
}
admin_redirect("index.php?module=config-restfulapi&action=manage-keys");
} elseif ($do == "regenerate" && isset($mybb->input["key_id"]) && isset($mybb->input["my_post_key"]) && verify_post_check($mybb->input["my_post_key"])) {
$key_id = $db->escape_string($mybb->input["key_id"]);
if ($db->simple_select("apikeys", "*", "id='{$key_id}'")->num_rows == 1) {
$apikey = restfulapi_generate_key();
/* can't figure out a better way to generate a random yet never-generated-before API key than this one */
while ($db->simple_select("apikeys", "*", "apikey='{$apikey}'")->num_rows != 0) {
$apikey = restfulapi_generate_key();
}
$update = array("apikey" => $db->escape_string(htmlspecialchars_uni($apikey)));
$db->update_query("apikeys", $update, "id='{$key_id}'");
restfulapi_cache_rebuild();
flash_message($lang->restfulapi_key_regenerated_successfully, "success");
} else {
flash_message($lang->restfulapi_key_not_found, "error");
}
admin_redirect("index.php?module=config-restfulapi&action=manage-keys");
}
} else {
$restfulapi_cache = $cache->read("restfulapi");
$apikeysets = $restfulapi_cache["keys"];
$table = new Table();
$table->construct_header($lang->restfulapi_customer, array("width" => "15%"));
$table->construct_header($lang->restfulapi_api_key, array("class" => "align_center", "width" => "29%"));
$table->construct_header($lang->restfulapi_comment, array("class" => "align_center", "width" => "30%"));
$table->construct_header($lang->restfulapi_usage, array("class" => "align_center", "width" => "5%"));
$table->construct_header($lang->restfulapi_controls, array("class" => "align_center", "width" => "21%", "colspan" => 3));
if (count($apikeysets) == 0) {
$table->construct_cell($lang->sprintf($lang->restfulapi_no_api_key, '<a href="index.php?module=config-restfulapi&action=add-key">', '</a>'), array("class" => "first", "colspan" => 5));
$table->construct_row();
} else {
// TODO : pagination maybe ?
foreach ($apikeysets as $key => $keyset) {
$table->construct_cell("<b>" . htmlspecialchars_uni($keyset['apicustomer']) . "</b>");
$table->construct_cell(htmlspecialchars_uni($keyset['apikey']));
$table->construct_cell(htmlspecialchars_uni($keyset['apicomment']));
$table->construct_cell(htmlspecialchars_uni($keyset['access']), array("class" => "align_center"));
$table->construct_cell("<a href=\"index.php?module=config-restfulapi&action=manage-keys&do=regenerate&key_id={$keyset['id']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->restfulapi_regenerate_api_key_confirmation}')\">{$lang->restfulapi_regenerate_api_key}</a>", array("class" => "align_center", "width" => "9%"));
$table->construct_cell("<a href=\"index.php?module=config-restfulapi&action=manage-keys&do=edit&key_id={$keyset['id']}\">{$lang->restfulapi_edit}</a>", array("class" => "align_center", "width" => "6%"));
$table->construct_cell("<a href=\"index.php?module=config-restfulapi&action=manage-keys&do=delete&key_id={$keyset['id']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->restfulapi_delete_confirm}')\">{$lang->restfulapi_delete}</a>", array("class" => "align_center", "width" => "6%"));
$table->construct_row();
}
}
$table->output($lang->restfulapi_manage_api_keys);
}
break;
case "add-key":
if ($mybb->request_method == "post" && isset($mybb->input["apicustomer"]) && is_string($mybb->input["apicustomer"]) && isset($mybb->input["apicomment"]) && is_string($mybb->input["apicomment"]) && isset($mybb->input["maxreq"]) && is_numeric($mybb->input["maxreq"]) && isset($mybb->input["maxreqrate"]) && in_array($mybb->input["maxreqrate"], array("m", "w", "d", "h"))) {
$apikey = restfulapi_generate_key();
/* can't figure out a better way to generate a random yet never-generated-before API key than this one */
while ($db->simple_select("apikeys", "*", "apikey='{$db->escape_string($apikey)}'")->num_rows != 0) {
$apikey = restfulapi_generate_key();
}
$insert = array("apicustomer" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicustomer"])), "apicomment" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicomment"])), "access" => 0, "maxreq" => (int) $mybb->input["maxreq"], "maxreqrate" => $db->escape_string(htmlspecialchars_uni($mybb->input["maxreqrate"])), "apikey" => $db->escape_string(htmlspecialchars_uni($apikey)));
$apikeyid = $db->insert_query("apikeys", $insert);
if (isset($mybb->input["apinames"]) && is_array($mybb->input["apinames"])) {
$insert_allowed = array();
foreach ($mybb->input["apinames"] as $apiname) {
$insert_allowed[] = array("apikey" => $db->escape_string($apikeyid), "apiname" => $db->escape_string($apiname));
}
$db->insert_query_multiple("apipermissions", $insert_allowed);
}
restfulapi_cache_rebuild();
flash_message($lang->sprintf($lang->restfulapi_generated_successfully, $apikey, $mybb->input["apicustomer"]), 'success');
admin_redirect("index.php?module=config-restfulapi&action=manage-keys");
} else {
$form = new Form("index.php?module=config-" . RESTFULAPI_URL . "&action=add-key", "post", "add");
$form_container = new FormContainer($lang->restfulapi_add_api_key);
$form_container->output_row($lang->restfulapi_customer_name . " <em>*</em>", $lang->restfulapi_customer_name_description, $form->generate_text_box('apicustomer', '', array('id' => 'apicustomer')), 'apicustomer');
$rate_types = array("h" => $lang->restfulapi_per_hour, "d" => $lang->restfulapi_per_day, "w" => $lang->restfulapi_per_week, "m" => $lang->restfulapi_per_month);
$form_container->output_row($lang->restfulapi_max_requests . " <em>*</em>", $lang->restfulapi_max_requests_description, $form->generate_text_box('maxreq', '0', array('id' => 'maxreq')) . " " . $form->generate_select_box('maxreqrate', $rate_types, "m", array('id' => 'maxreqrate')), 'maxreq');
$form_container->output_row($lang->restfulapi_comment, $lang->restfulapi_comment_description, $form->generate_text_area('apicomment', '', array('id' => 'apicomment')), 'apicomment');
$apis = glob(RESTFULAPI_PATH . "api/*api.class.php");
$presentable_apis = array();
foreach ($apis as $key => $value) {
$value = htmlspecialchars_uni(str_replace(array(RESTFULAPI_PATH . "api/", "api.class.php"), "", $value));
$presentable_apis[$value] = $value;
}
$form_container->output_row($lang->restfulapi_select_allowed_apis . " <em>*</em>", $lang->restfulapi_select_allowed_apis_description, $form->generate_select_box('apinames[]', $presentable_apis, array_keys($presentable_apis), array('id' => 'apinames', 'multiple' => true, 'size' => 10)), 'apinames');
$form_container->end();
$buttons[] = $form->generate_submit_button($lang->restfulapi_generate_api_key);
$form->output_submit_wrapper($buttons);
$form->end();
}
break;
default:
$apilist = $cache->read("restfulapilist");
// routine to install newly detected APIs, and activate them if needed
restfulapi_apilist_activate();
if ($mybb->request_method == "post") {
// we delete all the previously-deactivated options
$db->delete_query("apisettings", "apiaction='deactivate'");
$inserts = array();
foreach ($mybb->input as $key => $input) {
if (substr($key, 0, 7) == "option_" && $input == "1") {
// replace first occurrence of 'option_' with '' in case the option name is 'option_', so that 'option_option_' won't be all replaced into an empty string
// yeah I know, probably would never happen but we never know
$option = preg_replace('/option\\_/', '', $key, 1);
restfulapi_api_activate($option);
} elseif (substr($key, 0, 7) == "option_" && $input == "0") {
$option = preg_replace('/option\\_/', '', $key, 1);
restfulapi_api_deactivate($option);
}
}
flash_message($lang->restfulapi_saved_config, "success");
admin_redirect("index.php?module=config-restfulapi");
} else {
$result = $db->simple_select("apisettings", "*", "apiaction='deactivate'");
$deactivatedapis = array();
while ($apiarray = $db->fetch_array($result)) {
$deactivatedapis[] = $apiarray["apivalue"];
}
if (count($apilist) == 0) {
echo '<div class="notice">' . $lang->sprintf($lang->restfulapi_no_api, '<a href="index.php?module=config-restfulapi&action=add-key">', '</a>') . '</div>';
} else {
$form = new Form("index.php?module=config-" . RESTFULAPI_URL, "post", "config");
$form_container = new FormContainer($lang->restfulapi_config);
$table = new Table();
foreach ($apilist as $api => $info_array) {
require_once RESTFULAPI_PATH . "api/" . $api . "api.class.php";
$api = htmlspecialchars_uni($api);
$apiclass = $api . "api";
$api_instance = new $apiclass();
$info_array = $api_instance->info();
$name = isset($info_array["name"]) && is_string($info_array["name"]) ? htmlspecialchars_uni($info_array["name"]) . " : " . $api : $api;
$description = isset($info_array["description"]) && is_string($info_array["description"]) ? htmlspecialchars_uni($info_array["description"]) : $lang->restfulapi_config_on_off_description;
$setting_code = $form->generate_on_off_radio("option_" . $api, in_array($api, $deactivatedapis) ? 0 : 1, true, array('id' => $api . '_yes'), array('id' => $api . '_no'));
$form_container->output_row($name, $description, $setting_code, '', array(), array('id' => 'row_' . $api));
}
$form_container->end();
$buttons[] = $form->generate_submit_button($lang->restfulapi_save_config);
$form->output_submit_wrapper($buttons);
$form->end();
}
}
break;
}
$page->output_footer();
}
}
function prostats_run_ajax()
{
global $mybb, $plugins, $lang, $parser, $session, $prostats_tbl;
$lang->load('prostats');
if (!$mybb->settings['ps_enable'] || $mybb->settings['ps_hidefrombots'] && !empty($session->is_spider)) {
error($lang->prostats_disabled);
}
if (!is_object($parser)) {
require_once MYBB_ROOT . 'inc/class_parser.php';
$parser = new postParser();
}
if ($mybb->input['action'] != "prostats_reload" || $mybb->request_method != "post") {
return false;
exit;
}
if (!verify_post_check($mybb->input['my_post_key'], true)) {
xmlhttp_error($lang->invalid_post_code);
}
prostats_run_index(true);
$plugins->run_hooks('prostats_xml_pre_output_page');
header('Content-Type: text/json');
echo json_encode(array("html" => $prostats_tbl));
}
function newpoints_shop_page()
{
global $mybb, $db, $lang, $cache, $theme, $header, $templates, $plugins, $headerinclude, $footer, $options, $inline_errors;
if (!$mybb->user['uid']) {
return;
}
newpoints_lang_load("newpoints_shop");
if ($mybb->input['action'] == "do_shop") {
verify_post_check($mybb->input['postcode']);
$plugins->run_hooks("newpoints_do_shop_start");
switch ($mybb->input['shop_action']) {
case 'buy':
$plugins->run_hooks("newpoints_shop_buy_start");
// check if the item exists
if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
error($lang->newpoints_shop_invalid_item);
}
// check if the item is assigned to category
if (!($cat = newpoints_shop_get_category($item['cid']))) {
error($lang->newpoints_shop_invalid_cat);
}
// check if we have permissions to view the parent category
if (!newpoints_shop_check_permissions($cat['usergroups'])) {
error_no_permission();
}
if ($item['visible'] == 0 || $cat['visible'] == 0) {
error_no_permission();
}
// check group rules - primary group check
$grouprules = newpoints_getrules('group', $mybb->user['usergroup']);
if (!$grouprules) {
$grouprules['items_rate'] = 1.0;
}
// no rule set so default income rate is 1
// if the group items rate is 0, the price of the item is 0
if (floatval($grouprules['items_rate']) == 0) {
$item['price'] = 0;
} else {
$item['price'] = $item['price'] * floatval($grouprules['items_rate']);
}
if (floatval($item['price']) > floatval($mybb->user['newpoints'])) {
$errors[] = $lang->newpoints_shop_not_enough;
}
if ($item['infinite'] != 1 && $item['stock'] <= 0) {
$errors[] = $lang->newpoints_shop_out_of_stock;
}
if ($item['limit'] != 0) {
// Get how many items of this type we have in our inventory
$myitems = @unserialize($mybb->user['newpoints_items']);
if (!$myitems) {
$myitems = array();
}
// If more than or equal to $item['limit'] -> FAILED
if (count(array_keys($myitems, $item['iid'])) >= $item['limit']) {
$errors[] = $lang->newpoints_shop_limit_reached;
}
}
if (!empty($errors)) {
$inline_errors = inline_error($errors, $lang->newpoints_shop_inline_errors);
$mybb->input = array();
$mybb->input['action'] = 'shop';
} else {
$myitems = @unserialize($mybb->user['newpoints_items']);
if (!$myitems) {
$myitems = array();
}
$myitems[] = $item['iid'];
$db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\'');
// update stock
if ($item['infinite'] != 1) {
$db->update_query('newpoints_shop_items', array('stock' => $item['stock'] - 1), 'iid=\'' . $item['iid'] . '\'');
}
// get money from user
newpoints_addpoints($mybb->user['uid'], -floatval($item['price']));
if (!empty($item['pm'])) {
// send PM if item has private message
newpoints_send_pm(array('subject' => $lang->newpoints_shop_bought_item_pm_subject, 'message' => $item['pm'], 'touid' => $mybb->user['uid'], 'receivepms' => 1), -1);
}
$plugins->run_hooks("newpoints_shop_buy_end", $item);
// log purchase
newpoints_log('shop_purchase', $lang->sprintf($lang->newpoints_shop_purchased_log, $item['iid'], $item['price']));
redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop", $lang->newpoints_shop_item_bought, $lang->newpoints_shop_item_bought_title);
}
break;
case 'send':
$plugins->run_hooks("newpoints_shop_send_start");
// check if the item exists
if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
error($lang->newpoints_shop_invalid_item);
}
// check if the item is assigned to category
if (!($cat = newpoints_shop_get_category($item['cid']))) {
error($lang->newpoints_shop_invalid_cat);
}
// check if we have permissions to view the parent category
if (!newpoints_shop_check_permissions($cat['usergroups'])) {
error_no_permission();
}
if ($item['visible'] == 0 || $cat['visible'] == 0) {
error_no_permission();
}
$myitems = @unserialize($mybb->user['newpoints_items']);
if (!$myitems) {
error($lang->newpoints_shop_inventory_empty);
}
// make sure we own the item
$key = array_search($item['iid'], $myitems);
if ($key === false) {
error($lang->newpoints_shop_selected_item_not_owned);
}
$lang->newpoints_shop_action = $lang->newpoints_shop_send_item;
$item['name'] = htmlspecialchars_uni($item['name']);
global $shop_action, $data, $colspan;
$colspan = 2;
$shop_action = 'do_send';
$fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">';
$data = "<td class=\"trow1\" width=\"50%\"><strong>" . $lang->newpoints_shop_send_item_username . ":</strong><br /><small>" . $lang->newpoints_shop_send_item_message . "</small></td><td class=\"trow1\" width=\"50%\"><input type=\"text\" class=\"textbox\" name=\"username\" value=\"\"></td>";
$plugins->run_hooks("newpoints_shop_send_end");
eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";");
output_page($page);
break;
case 'do_send':
$plugins->run_hooks("newpoints_shop_do_send_start");
// check if the item exists
if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
error($lang->newpoints_shop_invalid_item);
}
// check if the item is assigned to category
if (!($cat = newpoints_shop_get_category($item['cid']))) {
error($lang->newpoints_shop_invalid_cat);
}
// check if we have permissions to view the parent category
if (!newpoints_shop_check_permissions($cat['usergroups'])) {
error_no_permission();
}
if ($item['visible'] == 0 || $cat['visible'] == 0) {
error_no_permission();
}
$myitems = @unserialize($mybb->user['newpoints_items']);
if (!$myitems) {
error($lang->newpoints_shop_inventory_empty);
}
// make sure we own the item
$key = array_search($item['iid'], $myitems);
if ($key === false) {
error($lang->newpoints_shop_selected_item_not_owned);
}
$username = trim($mybb->input['username']);
if (!($user = newpoints_getuser_byname($username))) {
error($lang->newpoints_shop_invalid_user);
} else {
if ($user['uid'] == $mybb->user['uid']) {
error($lang->newpoints_shop_cant_send_item_self);
}
// send item to the selected user
$useritems = @unserialize($user['newpoints_items']);
if (!$useritems) {
$useritems = array();
}
$useritems[] = $item['iid'];
$db->update_query('users', array('newpoints_items' => serialize($useritems)), 'uid=\'' . $user['uid'] . '\'');
// remove item from our inventory
unset($myitems[$key]);
sort($myitems);
$db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\'');
$plugins->run_hooks("newpoints_shop_do_send_end");
// send pm to user
newpoints_send_pm(array('subject' => $lang->newpoints_shop_item_received_title, 'message' => $lang->sprintf($lang->newpoints_shop_item_received, htmlspecialchars_uni($mybb->user['username']), htmlspecialchars_uni($item['name'])), 'touid' => $user['uid'], 'receivepms' => 1), -1);
// log
newpoints_log('shop_send', $lang->sprintf($lang->newpoints_shop_sent_log, $item['iid'], $user['uid'], $user['username']));
redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sent, $lang->newpoints_shop_item_sent_title);
}
break;
case 'sell':
$plugins->run_hooks("newpoints_shop_sell_start");
// check if the item exists
if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
error($lang->newpoints_shop_invalid_item);
}
// check if the item is assigned to category
if (!($cat = newpoints_shop_get_category($item['cid']))) {
error($lang->newpoints_shop_invalid_cat);
}
// check if we have permissions to view the parent category
if (!newpoints_shop_check_permissions($cat['usergroups'])) {
error_no_permission();
}
if ($item['visible'] == 0 || $cat['visible'] == 0) {
error_no_permission();
}
$myitems = @unserialize($mybb->user['newpoints_items']);
if (!$myitems) {
error($lang->newpoints_shop_inventory_empty);
}
// make sure we own the item
$key = array_search($item['iid'], $myitems);
if ($key === false) {
error($lang->newpoints_shop_selected_item_not_owned);
}
$lang->newpoints_shop_action = $lang->newpoints_shop_sell_item;
$item['name'] = htmlspecialchars_uni($item['name']);
global $shop_action, $data, $colspan;
$colspan = 1;
$shop_action = 'do_sell';
$fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">';
$data = "<td class=\"trow1\" width=\"100%\">" . $lang->sprintf($lang->newpoints_shop_sell_item_confirm, htmlspecialchars_uni($item['name']), newpoints_format_points(floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])) . "</td>";
$plugins->run_hooks("newpoints_shop_sell_end");
eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";");
output_page($page);
break;
case 'do_sell':
$plugins->run_hooks("newpoints_shop_do_sell_start");
// check if the item exists
if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
error($lang->newpoints_shop_invalid_item);
}
// check if the item is assigned to category
if (!($cat = newpoints_shop_get_category($item['cid']))) {
error($lang->newpoints_shop_invalid_cat);
}
// check if we have permissions to view the parent category
if (!newpoints_shop_check_permissions($cat['usergroups'])) {
error_no_permission();
}
if ($item['visible'] == 0 || $cat['visible'] == 0) {
error_no_permission();
}
$myitems = @unserialize($mybb->user['newpoints_items']);
if (!$myitems) {
error($lang->newpoints_shop_inventory_empty);
}
// make sure we own the item
$key = array_search($item['iid'], $myitems);
if ($key === false) {
error($lang->newpoints_shop_selected_item_not_owned);
}
// remove item from our inventory
unset($myitems[$key]);
sort($myitems);
$db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\'');
// update stock
if ($item['infinite'] != 1) {
$db->update_query('newpoints_shop_items', array('stock' => $item['stock'] + 1), 'iid=\'' . $item['iid'] . '\'');
}
newpoints_addpoints($mybb->user['uid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent']);
$plugins->run_hooks("newpoints_shop_do_sell_end");
// log
newpoints_log('shop_sell', $lang->sprintf($lang->newpoints_shop_sell_log, $item['iid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent']));
redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sell, $lang->newpoints_shop_item_sell_title);
break;
default:
error_no_permission();
}
$plugins->run_hooks("newpoints_do_shop_end");
}
// shop page
if ($mybb->input['action'] == "shop") {
$plugins->run_hooks("newpoints_shop_start");
if ($mybb->input['shop_action'] == 'view') {
// check if the item exists
if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
error($lang->newpoints_shop_invalid_item);
}
// check if the item is assigned to category
if (!($cat = newpoints_shop_get_category($item['cid']))) {
error($lang->newpoints_shop_invalid_cat);
}
// check if we have permissions to view the parent category
if (!newpoints_shop_check_permissions($cat['usergroups'])) {
error_no_permission();
}
if ($item['visible'] == 0 || $cat['visible'] == 0) {
error_no_permission();
}
$item['name'] = htmlspecialchars_uni($item['name']);
$item['description'] = htmlspecialchars_uni($item['description']);
// check group rules - primary group check
$grouprules = newpoints_getrules('group', $mybb->user['usergroup']);
if (!$grouprules) {
$grouprules['items_rate'] = 1.0;
}
// no rule set so default income rate is 1
// if the group items rate is 0, the price of the item is 0
if (floatval($grouprules['items_rate']) == 0) {
$item['price'] = 0;
} else {
$item['price'] = $item['price'] * floatval($grouprules['items_rate']);
}
$item['price'] = newpoints_format_points($item['price']);
if ($item['price'] > $mybb->user['newpoints']) {
$item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>';
}
// build icon
if ($item['icon'] != '') {
$item['icon'] = htmlspecialchars_uni($item['icon']);
$item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">';
} else {
$item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">';
}
if ($item['infinite'] == 1) {
$item['stock'] = $lang->newpoints_shop_infinite;
} else {
$item['stock'] = intval($item['stock']);
}
if ($item['sendable'] == 1) {
$item['sendable'] = $lang->newpoints_shop_yes;
} else {
$item['sendable'] = $lang->newpoints_shop_no;
}
if ($item['sellable'] == 1) {
$item['sellable'] = $lang->newpoints_shop_yes;
} else {
$item['sellable'] = $lang->newpoints_shop_no;
}
eval("\$page = \"" . $templates->get('newpoints_shop_view_item') . "\";");
} elseif ($mybb->input['shop_action'] == 'myitems') {
$uid = intval($mybb->input['uid']);
$uidpart = '';
if ($uid > 0) {
$user = get_user($uid);
// we're viewing someone else's inventory
if (!empty($user)) {
// we can't view others inventories if we don't have enough previleges
if ($mybb->settings['newpoints_shop_viewothers'] != 1 && $mybb->usergroup['cancp'] != 1 && $mybb->user['uid'] != $uid) {
error_no_permission();
}
$myitems = @unserialize($user['newpoints_items']);
$lang->newpoints_shop_myitems = $lang->sprintf($lang->newpoints_shop_items_username, htmlspecialchars_uni($user['username']));
$uidpart = "&uid=" . $uid;
// we need this for pagination
} else {
$myitems = @unserialize($mybb->user['newpoints_items']);
}
} else {
$myitems = @unserialize($mybb->user['newpoints_items']);
}
$items = '';
$newrow = true;
$invert_bgcolor = alt_trow();
if ($mybb->settings['newpoints_shop_sendable'] != 1) {
$sendable = false;
} else {
$sendable = true;
}
if ($mybb->settings['newpoints_shop_sellable'] != 1) {
$sellable = false;
} else {
$sellable = true;
}
require_once MYBB_ROOT . "inc/class_parser.php";
$parser = new postParser();
$parser_options = array('allow_mycode' => 1, 'allow_smilies' => 1, 'allow_imgcode' => 0, 'allow_html' => 0, 'filter_badwords' => 1);
if (!empty($myitems)) {
// pagination
$per_page = 10;
$mybb->input['page'] = intval($mybb->input['page']);
if ($mybb->input['page'] && $mybb->input['page'] > 1) {
$mybb->input['page'] = intval($mybb->input['page']);
$start = $mybb->input['page'] * $per_page - $per_page;
} else {
$mybb->input['page'] = 1;
$start = 0;
}
// total items
$total_rows = $db->fetch_field($db->simple_select("newpoints_shop_items", "COUNT(iid) as items", 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')'), "items");
// multi-page
if ($total_rows > $per_page) {
$multipage = multipage($total_rows, $per_page, $mybb->input['page'], $mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems" . $uidpart);
}
$query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')', array('limit' => "{$start}, {$per_page}"));
while ($item = $db->fetch_array($query)) {
if ($newrow === true) {
$trstart = '<tr>';
$trend = '';
$newrow = false;
} elseif ($newrow === false) {
$trstart = '';
$trend = '</tr>';
$newrow = true;
}
if ($sellable === true && $item['sellable']) {
if ($sendable === true && $item['sendable']) {
$tdstart = '<td width="50%">';
} else {
$tdstart = '<td width="100%">';
}
$sell = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="sell"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_sell . '"></form></td>';
} else {
$sell = '';
}
if ($sendable === true && $item['sendable']) {
if ($sell == '') {
$tdstart = '<td width="100%">';
} else {
$tdstart = '<td width="50%">';
}
$send = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="send"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_send . '"></form></td>';
} else {
$send = '';
}
if (!$send && !$sell) {
$send = $lang->newpoints_shop_no_options;
}
$item['description'] = $parser->parse_message($item['description'], $parser_options);
// check group rules - primary group check
$grouprules = newpoints_getrules('group', $mybb->user['usergroup']);
if (!$grouprules) {
$grouprules['items_rate'] = 1.0;
}
// no rule set so default income rate is 1
// if the group items rate is 0, the price of the item is 0
if (floatval($grouprules['items_rate']) == 0) {
$item['price'] = 0;
} else {
$item['price'] = $item['price'] * floatval($grouprules['items_rate']);
}
$item['price'] = newpoints_format_points($item['price']);
$item['quantity'] = count(array_keys($myitems, $item['iid']));
// build icon
if ($item['icon'] != '') {
$item['icon'] = htmlspecialchars_uni($item['icon']);
$item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">';
} else {
$item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">';
}
$bgcolor = alt_trow();
$invert_bgcolor = alt_trow();
eval("\$items .= \"" . $trstart . $templates->get('newpoints_shop_myitems_item') . $trend . "\";");
}
if (!$items) {
eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";");
} else {
if ($newrow === false) {
eval("\$items .= \"" . $templates->get('newpoints_shop_myitems_item_empty') . "</tr>" . "\";");
$newrow = true;
}
}
} else {
eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";");
}
eval("\$page = \"" . $templates->get('newpoints_shop_myitems') . "\";");
} else {
// check group rules - primary group check
$grouprules = newpoints_getrules('group', $mybb->user['usergroup']);
if (!$grouprules) {
$grouprules['items_rate'] = 1.0;
}
// no rule set so default income rate is 1
// if the group items rate is 0, the price of the item is 0
$itemsrate = floatval($grouprules['items_rate']);
global $cats, $items;
// get categories
$query = $db->simple_select('newpoints_shop_categories', '*', '', array('order_by' => 'disporder', 'order_dir' => 'ASC'));
while ($cat = $db->fetch_array($query)) {
$categories[$cat['cid']] = $cat;
}
// get items and store them in their categories
$query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND cid>0', array('order_by' => 'disporder', 'order_dir' => 'ASC'));
while ($item = $db->fetch_array($query)) {
$items_array[$item['cid']][$item['iid']] = $item;
}
$cats = '';
$bgcolor = '';
$bgcolor = alt_trow();
// build items and categories
if (!empty($categories)) {
foreach ($categories as $cid => $category) {
$items = '';
if ($category['items'] > 0 && !empty($items_array[$category['cid']])) {
foreach ($items_array as $cid => $member) {
if ($cid != $category['cid']) {
continue;
}
$bgcolor = alt_trow();
foreach ($member as $iid => $item) {
// skip hidden items
if ($item['visible'] == 0) {
continue;
}
if ($item['infinite'] == 1) {
$item['stock'] = $lang->newpoints_shop_infinite;
}
if ($item['price'] > $mybb->user['newpoints']) {
$enough_money = false;
} else {
$enough_money = true;
}
$item['name'] = htmlspecialchars_uni($item['name']);
$item['description'] = htmlspecialchars_uni($item['description']);
$item['price'] = newpoints_format_points($item['price'] * $itemsrate);
// build icon
if ($item['icon'] != '') {
$item['icon'] = htmlspecialchars_uni($item['icon']);
$item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">';
} else {
$item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">';
}
if (!$enough_money) {
$item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>';
}
eval("\$items .= \"" . $templates->get('newpoints_shop_item') . "\";");
}
}
} else {
eval("\$items = \"" . $templates->get('newpoints_shop_no_items') . "\";");
}
// if it's not visible, don't show it
if ($category['visible'] == 0) {
continue;
}
// check if we have permissions to view the category
if (!newpoints_shop_check_permissions($category['usergroups'])) {
continue;
}
// Expanded by default feature
global $extdisplay, $expcolimage, $expdisplay, $expaltext, $icon;
$expdisplay = '';
if (intval($category['expanded']) == 0) {
$expcolimage = "collapse_collapsed.gif";
$expdisplay = "display: none;";
$expaltext = "[+]";
} else {
$expcolimage = "collapse.gif";
$expaltext = "[-]";
}
// build icon
if ($category['icon'] != '') {
$category['icon'] = htmlspecialchars_uni($category['icon']);
$category['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $category['icon'] . '" style="vertical-align:middle">';
}
// sanitize html
$category['description'] = htmlspecialchars_uni($category['description']);
$category['name'] = htmlspecialchars_uni($category['name']);
eval("\$cats .= \"" . $templates->get('newpoints_shop_category') . "\";");
}
} else {
eval("\$cats = \"" . $templates->get('newpoints_shop_no_cats') . "\";");
}
eval("\$page = \"" . $templates->get('newpoints_shop') . "\";");
}
$plugins->run_hooks("newpoints_shop_end");
// output page
output_page($page);
}
}
function xthreads_upload_attachments_global()
{
//if($mybb->request_method == 'post' && ($current_page == 'newthread.php' || ($current_page == 'editpost.php' && $mybb->input['action'] != 'deletepost'))
// the above line is always checked and true
global $mybb, $current_page, $thread;
if ($current_page == 'editpost.php') {
// check if first post
$pid = (int) $mybb->input['pid'];
if (!$thread) {
$post = get_post($pid);
if (!empty($post)) {
$thread = get_thread($post['tid']);
}
if (empty($thread)) {
return;
}
$pid = $post['pid'];
}
if ($thread['firstpost'] != $pid) {
return;
}
} elseif ($mybb->input['tid']) {
/* ($mybb->input['action'] == 'editdraft' || $mybb->input['action'] == 'savedraft') && */
$thread = get_thread((int) $mybb->input['tid']);
if ($thread['visible'] != -2 || $thread['uid'] != $mybb->user['uid']) {
// ensure that this is, indeed, a draft
unset($GLOBALS['thread']);
}
}
// permissions check - ideally, should get MyBB to do this, but I see no easy way to implement it unfortunately
if ($mybb->user['suspendposting'] == 1) {
return;
}
if ($thread['fid']) {
$fid = $thread['fid'];
} else {
$fid = (int) $mybb->input['fid'];
}
$forum = get_forum($fid);
if (!$forum['fid'] || $forum['open'] == 0 || $forum['type'] != 'f') {
return;
}
$forumpermissions = forum_permissions($fid);
if ($forumpermissions['canview'] == 0) {
return;
}
if ($current_page == 'newthread.php' && $forumpermissions['canpostthreads'] == 0) {
return;
} elseif ($current_page == 'editpost.php') {
if (!is_moderator($fid, 'caneditposts')) {
if ($thread['closed'] == 1 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $thread['uid']) {
return;
}
if ($mybb->settings['edittimelimit'] != 0 && $thread['dateline'] < TIME_NOW - $mybb->settings['edittimelimit'] * 60) {
return;
}
}
}
if (!verify_post_check($mybb->input['my_post_key'], true)) {
return;
}
check_forum_password($forum['fid']);
xthreads_upload_attachments();
}
static function reportShout($postdata)
{
global $mybb, $db;
if (verify_post_check($postdata['key'])) {
if (self::access_shout()) {
$id = $db->escape_string($postdata['id']);
$getPost = $db->write_query("SELECT id FROM " . TABLE_PREFIX . "dvz_shoutbox WHERE id = '{$id}'");
if ($getPost->num_rows === 1) {
//Store report
$data = array('shid' => $db->escape_string($postdata['id']), 'uid' => $db->escape_string($mybb->user['uid']), 'reason' => $db->escape_string($postdata['reason']), 'date' => time(), 'ip' => $db->escape_string(get_ip()));
$insert = $db->insert_query('dvz_reports', $data);
if ($insert) {
return true;
}
return false;
}
return false;
}
return false;
}
}
// make sure wen're trying to send a donation to ourselves
$uid = intval($mybb->input['uid']);
$user = get_user($uid);
if ($user['username'] != "") {
$user['username'] = htmlspecialchars_uni($user['username']);
} else {
$user['username'] = '';
}
if ($uid == $mybb->user['uid'] || $user['username'] == $mybb->user['username']) {
error($lang->newpoints_cant_donate_self);
}
eval("\$page = \"" . $templates->get('newpoints_donate') . "\";");
$plugins->run_hooks("newpoints_donate_end");
output_page($page);
} elseif ($mybb->input['action'] == 'do_donate') {
verify_post_check($mybb->input['postcode']);
if ($mybb->settings['newpoints_main_donationsenabled'] != 1) {
error($lang->newpoints_donations_disabled);
}
$plugins->run_hooks("newpoints_do_donate_start");
// make sure we're not trying to send a donation to ourselves
$username = trim($mybb->input['username']);
if ($username == $mybb->user['username']) {
error($lang->newpoints_cant_donate_self);
}
$amount = round(floatval($mybb->input['amount']), (int) $mybb->settings['newpoints_main_decimal']);
// do we have enough points?
if ($amount <= 0 || $amount > $mybb->user['newpoints']) {
error($lang->newpoints_invalid_amount);
}
// make sure we're sending points to a valid user
function akismet_moderation_start()
{
global $mybb, $db, $akismet, $lang, $cache, $fid, $pid;
if (!$mybb->settings['akismetswitch'] || $mybb->input['action'] != 'mark_as_spam') {
return;
}
$lang->load("akismet", false, true);
if (!$mybb->input['pid']) {
error("No Post ID specified.");
}
$pid = intval($mybb->input['pid']);
if (!$mybb->input['fid']) {
error("No Forum ID specified.");
}
$fid = intval($mybb->input['fid']);
if (!is_moderator($fid)) {
error("No Permissions to do this action.");
}
$query = $db->query("\r\n\t\tSELECT p.uid, p.username, u.email, u.website, u.akismetstopped, p.message, p.ipaddress, p.tid, p.replyto, p.fid, f.usepostcounts\r\n\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid=p.fid)\r\n\t\tWHERE p.pid = '{$pid}'\r\n\t");
$post = $db->fetch_array($query);
if (!$post) {
error("Invalid Post ID.");
}
if (!$mybb->input['my_post_key'] || $mybb->request_method != "post") {
akismet_show_confirm_page();
}
verify_post_check($mybb->input['my_post_key']);
$akismet_array = array('type' => 'post', 'username' => $post['username'], 'email' => $post['email'], 'website' => $post['website'], 'message' => $post['message'], 'user_ip' => $post['ipaddress']);
if ($post['replyto'] == 0) {
$db->update_query("threads", array('visible' => '-4'), "tid = '{$post['tid']}'");
$db->update_query("posts", array('visible' => '-4'), "tid = '{$post['tid']}'");
$snippit = "thread";
} else {
$db->update_query("posts", array('visible' => '-4'), "pid = '{$pid}'");
$snippit = "post";
}
if (!$akismet) {
$akismet = new Akismet($mybb->settings['bburl'], $mybb->settings['akismetapikey'], $akismet_array);
}
$akismet->submit_spam();
$numakismetthread = $numakismetpost = 0;
if ($snippit == "thread") {
$query = $db->query("\r\n\t\t\tSELECT p.uid, u.usergroup\r\n\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n\t\t\tWHERE p.tid = '{$post['tid']}'\r\n\t\t");
while ($post2 = $db->fetch_array($query)) {
++$numakismetpost;
if ($post['usepostcounts'] != 0) {
$db->write_query("UPDATE " . TABLE_PREFIX . "users SET postnum=postnum-1 WHERE uid = '{$post2['uid']}'");
}
if ($mybb->settings['akismetuidsignore']) {
$akismet_uids_ignore = explode(',', $mybb->settings['akismetuidsignore']);
if (in_array($post2['usergroup'], $akismet_uids_ignore) || is_super_admin($post2['uid'])) {
continue;
}
}
if (is_super_admin($post2['uid'])) {
continue;
}
$db->write_query("UPDATE " . TABLE_PREFIX . "users SET akismetstopped=akismetstopped+1 WHERE uid = '{$post2['uid']}'");
$query1 = $db->simple_select("users", "akismetstopped", "uid = '{$post2['uid']}'");
$akismetstopped = $db->fetch_field($query1, 'akismetstopped');
// Check if the person should be banned
if ($mybb->settings['akismetnumtillban'] > 0 && $akismetstopped >= $mybb->settings['akismetnumtillban']) {
$banned_user = array("uid" => $post2['uid'], "admin" => 0, "gid" => 7, "oldgroup" => $post2['usergroup'], "dateline" => TIME_NOW, "bantime" => 'perm', "lifted" => 'perm', "reason" => "Automatically banned by the Akismet system for spamming.", "oldadditionalgroups" => '');
$db->insert_query("banned", $banned_user);
$db->update_query("users", array('usergroup' => 7), "uid = '{$post2['uid']}'");
$cache->update_moderators();
}
}
++$numakismetthread;
} else {
$db->write_query("UPDATE " . TABLE_PREFIX . "users SET akismetstopped=akismetstopped+1 WHERE uid = '{$post['uid']}'");
$query = $db->simple_select("users", "akismetstopped, usergroup", "uid = '{$post['uid']}'");
$akismetstopped = $db->fetch_field($query, 'akismetstopped');
$usergroup = $db->fetch_field($query, 'usergroup');
if ($mybb->settings['akismetuidsignore']) {
$akismet_uids_ignore = explode(',', $mybb->settings['akismetuidsignore']);
if (in_array($usergroup, $akismet_uids_ignore)) {
continue;
}
}
if (is_super_admin($post['uid'])) {
continue;
}
// Check if the person should be banned
if ($mybb->settings['akismetnumtillban'] > 0 && $akismetstopped >= $mybb->settings['akismetnumtillban']) {
$banned_user = array("uid" => $post['uid'], "admin" => 0, "gid" => 7, "oldgroup" => $usergroup, "dateline" => TIME_NOW, "bantime" => 'perm', "lifted" => 'perm', "reason" => "Automatically banned by the Akismet system for spamming.", "oldadditionalgroups" => '');
$db->insert_query("banned", $banned_user);
$db->update_query("users", array('usergroup' => 7), "uid = '{$post['uid']}'");
$cache->update_moderators();
}
++$numakismetpost;
if ($post['usepostcounts'] != 0) {
$db->write_query("UPDATE " . TABLE_PREFIX . "users SET postnum=postnum-1 WHERE uid = '{$post['uid']}'");
}
}
update_thread_counters($post['tid'], array('replies' => '-' . $numakismetpost));
update_forum_counters($post['fid'], array('threads' => '-' . $numakismetthread, 'posts' => '-' . $numakismetpost));
if ($snippit == "thread") {
redirect(get_forum_link($post['fid']), $lang->thread_spam_success);
} else {
redirect(get_thread_link($post['tid']), $lang->post_spam_success);
}
}
if ($mybb->input['pinned'] != 0) {
$pinned = 1;
}
if (!isset($mybb->input['usergroup']) || empty($mybb->input['usergroup']) || in_array('*', $mybb->input['usergroup'])) {
$mybb->input['usergroup'] = '*';
} else {
$mybb->input['usergroup'] = implode(',', array_map('intval', $mybb->input['usergroup']));
}
$inserts = array('announcement' => $db->escape_string(htmlentities($mybb->input['announcement'])), 'class' => $class, 'link' => $url, 'pinned' => $pinned, 'date' => time(), 'disporder' => (int) $mybb->input['disporder'], 'groups' => $db->escape_string($mybb->input['usergroup']));
$db->insert_query('bam', $inserts);
flash_message($lang->bam_add_success, 'success');
admin_redirect('index.php?module=config-bam');
}
if ($mybb->input['action'] == 'delete' && $mybb->request_method == "get") {
// process delete announcement
$key = verify_post_check($mybb->input['my_post_key'], true);
if ($key == false) {
flash_message($lang->bam_invalid_post_code, 'error');
admin_redirect("index.php?module=config-bam");
}
$PID = (int) $mybb->input['id'];
if ($PID == null) {
// no announcement was defined.
flash_message($lang->bam_delete_error, 'error');
admin_redirect('index.php?module=config-bam');
}
$query = $db->simple_select('bam', '*', "PID='{$PID}'");
$querydata = $db->fetch_array($query);
if (!$querydata['PID']) {
// The announcement was defined, but did not exist.
flash_message($lang->bam_delete_error, 'error');
}
// Check if the username is actually already in use
$user = get_user_by_username($username);
$plugins->run_hooks("xmlhttp_username_availability");
if ($user['uid']) {
$lang->username_taken = $lang->sprintf($lang->username_taken, htmlspecialchars_uni($username));
echo json_encode($lang->username_taken);
exit;
} else {
//$lang->username_available = $lang->sprintf($lang->username_available, htmlspecialchars_uni($username));
echo json_encode("true");
exit;
}
} else {
if ($mybb->input['action'] == "username_exists") {
if (!verify_post_check($mybb->get_input('my_post_key'), true)) {
xmlhttp_error($lang->invalid_post_code);
}
require_once MYBB_ROOT . "inc/functions_user.php";
$username = $mybb->get_input('value');
header("Content-type: application/json; charset={$charset}");
if (!trim($username)) {
echo json_encode(array("success" => 1));
exit;
}
// Check if the username actually exists
$user = get_user_by_username($username);
$plugins->run_hooks("xmlhttp_username_exists");
if ($user['uid']) {
$lang->valid_username = $lang->sprintf($lang->valid_username, htmlspecialchars_uni($username));
echo json_encode(array("success" => $lang->valid_username));
/**
* Delete all alerts.
*
* @param MyBB $mybb MyBB core object.
* @param DB_MySQL|DB_MySQLi $db database object.
* @param MyLanguage $lang MyBB language system.
*/
function myalerts_delete_all_alerts($mybb, $db, $lang)
{
verify_post_check($mybb->get_input('my_post_key'));
$userId = (int) $mybb->user['uid'];
$db->delete_query('alerts', "uid = {$userId}");
if (($retLink = $mybb->get_input('ret_link', MyBB::INPUT_STRING)) !== '') {
redirect($retLink, $lang->myalerts_delete_all, $lang->myalerts_delete_mass_deleted);
} else {
redirect('alerts.php?action=alerts', $lang->myalerts_delete_all, $lang->myalerts_delete_mass_deleted);
}
}
