Exemplo n.º 1
0
/**
 * MyBB 1.8
 * Copyright 2014 MyBB Group, All Rights Reserved
 *
 * Website: http://www.mybb.com
 * License: http://www.mybb.com/about/license
 *
 */
function task_versioncheck($task)
{
    global $cache, $lang, $mybb;
    $current_version = rawurlencode($mybb->version_code);
    $updated_cache = array('last_check' => TIME_NOW);
    // Check for the latest version
    require_once MYBB_ROOT . 'inc/class_xml.php';
    $contents = fetch_remote_file("http://www.mybb.com/version_check.php");
    if (!$contents) {
        add_task_log($task, $lang->task_versioncheck_ran_errors);
        return false;
    }
    $pos = strpos($contents, "<");
    if ($pos > 1) {
        $contents = substr($contents, $pos);
    }
    $pos = strpos(strrev($contents), ">");
    if ($pos > 1) {
        $contents = substr($contents, 0, -1 * ($pos - 1));
    }
    $parser = new XMLParser($contents);
    $tree = $parser->get_tree();
    $latest_code = (int) $tree['mybb']['version_code']['value'];
    $latest_version = "<strong>" . htmlspecialchars_uni($tree['mybb']['latest_version']['value']) . "</strong> (" . $latest_code . ")";
    if ($latest_code > $mybb->version_code) {
        $latest_version = "<span style=\"color: #C00;\">" . $latest_version . "</span>";
        $version_warn = 1;
        $updated_cache['latest_version'] = $latest_version;
        $updated_cache['latest_version_code'] = $latest_code;
    } else {
        $latest_version = "<span style=\"color: green;\">" . $latest_version . "</span>";
    }
    // Check for the latest news
    require_once MYBB_ROOT . "inc/class_feedparser.php";
    $feed_parser = new FeedParser();
    $feed_parser->parse_feed("http://feeds.feedburner.com/MyBBDevelopmentBlog");
    $updated_cache['news'] = array();
    require_once MYBB_ROOT . '/inc/class_parser.php';
    $post_parser = new postParser();
    if ($feed_parser->error == '') {
        foreach ($feed_parser->items as $item) {
            if (isset($updated_cache['news'][2])) {
                break;
            }
            $description = $item['description'];
            $description = $post_parser->parse_message($description, array('allow_html' => true));
            $description = preg_replace('#<img(.*)/>#', '', $description);
            $updated_cache['news'][] = array('title' => htmlspecialchars_uni($item['title']), 'description' => $description, 'link' => htmlspecialchars_uni($item['link']), 'author' => htmlspecialchars_uni($item['author']), 'dateline' => $item['date_timestamp']);
        }
    }
    $cache->update("update_check", $updated_cache);
    add_task_log($task, $lang->task_versioncheck_ran);
}
Exemplo n.º 2
0
 static function LoadFromBeforeStartDate(DateTime $startDate, $count)
 {
     global $db, $parser, $mybb;
     $messages = array();
     $formattedStartDate = $startDate->format("'Y-m-d H:i:s'");
     $TABLE_PREFIX = TABLE_PREFIX;
     $query = $db->query("SELECT * FROM(\n                                SELECT m.`Id`, m.`SentAt`, m.`uid`, m.`Ip`, m.`Message`,\n                                    u.`username`, u.`usergroup`, u.`displaygroup`\n                                FROM {$TABLE_PREFIX}badgerchat_messages m\n                                INNER JOIN {$TABLE_PREFIX}users u ON u.uid = m.uid\n                                WHERE m.`SentAt` < {$formattedStartDate}\n                                ORDER BY m.`SentAt` DESC LIMIT {$count}\n                             ) messages\n                             ORDER BY SentAt ASC");
     $parser = new postParser();
     $parser_options = array('allow_mycode' => 1, 'allow_smilies' => 1, 'allow_imgcode' => 0, 'allow_html' => 0, "allow_videocode" => 0);
     //TODO: Get back more info on the user (name styling)
     while ($row = $db->fetch_array($query)) {
         $parsedMessage = $parser->parse_message($row['Message'], $parser_options);
         $displayName = UsernameFormatter::Format($row['uid'], $row['username'], $row['usergroup'], $row['displaygroup']);
         array_push($messages, new Message($row["Id"], $row["SentAt"], $displayName, $row["Ip"], $parsedMessage));
     }
     return $messages;
 }
Exemplo n.º 3
0
/**
 * Build a post bit
 *
 * @param array The post data
 * @param int The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post)
 * @return string The built post bit
 */
function build_postbit($post, $post_type = 0)
{
    global $db, $altbg, $theme, $mybb, $postcounter;
    global $titlescache, $page, $templates, $forumpermissions, $attachcache;
    global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid;
    global $plugins, $parser, $cache, $ignored_users, $hascustomtitle;
    $hascustomtitle = 0;
    // Set default values for any fields not provided here
    foreach (array('subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm') as $post_field) {
        if (empty($post[$post_field])) {
            $post[$post_field] = '';
        }
    }
    // Set up the message parser if it doesn't already exist.
    if (!$parser) {
        require_once MYBB_ROOT . "inc/class_parser.php";
        $parser = new postParser();
    }
    $unapproved_shade = '';
    if ($post['visible'] == 0 && $post_type == 0) {
        $altbg = $unapproved_shade = 'trow_shaded';
    } elseif ($altbg == 'trow1') {
        $altbg = 'trow2';
    } else {
        $altbg = 'trow1';
    }
    $post['fid'] = $fid;
    switch ($post_type) {
        case 1:
            // Message preview
            global $forum;
            $parser_options['allow_html'] = $forum['allowhtml'];
            $parser_options['allow_mycode'] = $forum['allowmycode'];
            $parser_options['allow_smilies'] = $forum['allowsmilies'];
            $parser_options['allow_imgcode'] = $forum['allowimgcode'];
            $parser_options['allow_videocode'] = $forum['allowvideocode'];
            $parser_options['me_username'] = $post['username'];
            $parser_options['filter_badwords'] = 1;
            $id = 0;
            break;
        case 2:
            // Private message
            global $message, $pmid;
            $parser_options['allow_html'] = $mybb->settings['pmsallowhtml'];
            $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode'];
            $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies'];
            $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode'];
            $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode'];
            $parser_options['me_username'] = $post['username'];
            $parser_options['filter_badwords'] = 1;
            $id = $pmid;
            break;
        case 3:
            // Announcement
            global $announcementarray, $message;
            $parser_options['allow_html'] = $announcementarray['allowhtml'];
            $parser_options['allow_mycode'] = $announcementarray['allowmycode'];
            $parser_options['allow_smilies'] = $announcementarray['allowsmilies'];
            $parser_options['allow_imgcode'] = 1;
            $parser_options['allow_videocode'] = 1;
            $parser_options['me_username'] = $post['username'];
            $parser_options['filter_badwords'] = 1;
            break;
        default:
            // Regular post
            global $forum, $thread, $tid;
            $oldforum = $forum;
            $id = intval($post['pid']);
            $parser_options['allow_html'] = $forum['allowhtml'];
            $parser_options['allow_mycode'] = $forum['allowmycode'];
            $parser_options['allow_smilies'] = $forum['allowsmilies'];
            $parser_options['allow_imgcode'] = $forum['allowimgcode'];
            $parser_options['allow_videocode'] = $forum['allowvideocode'];
            $parser_options['filter_badwords'] = 1;
            if (!$post['username']) {
                $post['username'] = $lang->guest;
            }
            if ($post['userusername']) {
                $parser_options['me_username'] = $post['userusername'];
            } else {
                $parser_options['me_username'] = $post['username'];
            }
            break;
    }
    // Sanatize our custom profile fields for use in templates, if people choose to use them
    foreach ($post as $post_field => $field_value) {
        if (substr($post_field, 0, 3) != 'fid') {
            continue;
        }
        $post[$post_field] = htmlspecialchars_uni($field_value);
    }
    if (!$postcounter) {
        // Used to show the # of the post
        if ($page > 1) {
            if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) {
                $mybb->settings['postsperpage'] = 20;
            }
            $postcounter = $mybb->settings['postsperpage'] * ($page - 1);
        } else {
            $postcounter = 0;
        }
        $post_extra_style = "border-top-width: 0;";
    } elseif ($mybb->input['mode'] == "threaded") {
        $post_extra_style = "border-top-width: 0;";
    } else {
        $post_extra_style = "margin-top: 5px;";
    }
    if (!$altbg) {
        // Define the alternate background colour if this is the first post
        $altbg = "trow1";
    }
    $postcounter++;
    // Format the post date and time using my_date
    $post['postdate'] = my_date($mybb->settings['dateformat'], $post['dateline']);
    $post['posttime'] = my_date($mybb->settings['timeformat'], $post['dateline']);
    // Dont want any little 'nasties' in the subject
    $post['subject'] = $parser->parse_badwords($post['subject']);
    // Pm's have been htmlspecialchars_uni()'ed already.
    if ($post_type != 2) {
        $post['subject'] = htmlspecialchars_uni($post['subject']);
    }
    if (empty($post['subject'])) {
        $post['subject'] = '&nbsp;';
    }
    $post['author'] = $post['uid'];
    // Get the usergroup
    if ($post['userusername']) {
        if (!$post['displaygroup']) {
            $post['displaygroup'] = $post['usergroup'];
        }
        $usergroup = $groupscache[$post['displaygroup']];
    } else {
        $usergroup = $groupscache[1];
    }
    if (!is_array($titlescache)) {
        $cached_titles = $cache->read("usertitles");
        if (!empty($cached_titles)) {
            foreach ($cached_titles as $usertitle) {
                $titlescache[$usertitle['posts']] = $usertitle;
            }
        }
        if (is_array($titlescache)) {
            krsort($titlescache);
        }
        unset($usertitle, $cached_titles);
    }
    // Work out the usergroup/title stuff
    $post['groupimage'] = '';
    if (!empty($usergroup['image'])) {
        $language = $mybb->settings['bblanguage'];
        if (!empty($mybb->user['language'])) {
            $language = $mybb->user['language'];
        }
        $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']);
        $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']);
        eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";");
        if ($mybb->settings['postlayout'] == "classic") {
            $post['groupimage'] .= "<br />";
        }
    }
    if ($post['userusername']) {
        // This post was made by a registered user
        $post['username'] = $post['userusername'];
        $post['profilelink_plain'] = get_profile_link($post['uid']);
        $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']);
        $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']);
        if (trim($post['usertitle']) != "") {
            $hascustomtitle = 1;
        }
        if ($usergroup['usertitle'] != "" && !$hascustomtitle) {
            $post['usertitle'] = $usergroup['usertitle'];
        } elseif (is_array($titlescache) && !$usergroup['usertitle']) {
            reset($titlescache);
            foreach ($titlescache as $key => $titleinfo) {
                if ($post['postnum'] >= $key) {
                    if (!$hascustomtitle) {
                        $post['usertitle'] = $titleinfo['title'];
                    }
                    $post['stars'] = $titleinfo['stars'];
                    $post['starimage'] = $titleinfo['starimage'];
                    break;
                }
            }
        }
        if ($usergroup['stars']) {
            $post['stars'] = $usergroup['stars'];
        }
        if (empty($post['starimage'])) {
            $post['starimage'] = $usergroup['starimage'];
        }
        if ($post['starimage'] && $post['stars']) {
            // Only display stars if we have an image to use...
            $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']);
            $post['userstars'] = '';
            for ($i = 0; $i < $post['stars']; ++$i) {
                $post['userstars'] .= "<img src=\"" . $post['starimage'] . "\" border=\"0\" alt=\"*\" />";
            }
            $post['userstars'] .= "<br />";
        }
        $postnum = $post['postnum'];
        $post['postnum'] = my_number_format($post['postnum']);
        // Determine the status to show for the user (Online/Offline/Away)
        $timecut = TIME_NOW - $mybb->settings['wolcutoff'];
        if ($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) {
            eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_online") . "\";");
        } else {
            if ($post['away'] == 1 && $mybb->settings['allowaway'] != 0) {
                eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_away") . "\";");
            } else {
                eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";");
            }
        }
        if ($post['avatar'] != "" && ($mybb->user['showavatars'] != 0 || !$mybb->user['uid'])) {
            $post['avatar'] = htmlspecialchars_uni($post['avatar']);
            $avatar_dimensions = explode("|", $post['avatardimensions']);
            if ($avatar_dimensions[0] && $avatar_dimensions[1]) {
                list($max_width, $max_height) = explode("x", my_strtolower($mybb->settings['postmaxavatarsize']));
                if ($avatar_dimensions[0] > $max_width || $avatar_dimensions[1] > $max_height) {
                    require_once MYBB_ROOT . "inc/functions_image.php";
                    $scaled_dimensions = scale_image($avatar_dimensions[0], $avatar_dimensions[1], $max_width, $max_height);
                    $avatar_width_height = "width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\"";
                } else {
                    $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\"";
                }
            }
            eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";");
            $post['avatar_padding'] = "padding-right: 10px;";
        } else {
            $post['useravatar'] = '';
            $post['avatar_padding'] = '';
        }
        eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";");
        if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) {
            eval("\$post['button_pm'] = \"" . $templates->get("postbit_pm") . "\";");
        }
        if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid']) {
            if (!$post['pid']) {
                $post['pid'] = 0;
            }
            eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";");
        }
        if ($post['website'] != "") {
            $post['website'] = htmlspecialchars_uni($post['website']);
            eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";");
        } else {
            $post['button_www'] = "";
        }
        if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) {
            eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";");
        } else {
            $post['button_email'] = "";
        }
        $post['userregdate'] = my_date($mybb->settings['regdateformat'], $post['regdate']);
        // Work out the reputation this user has (only show if not announcement)
        if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) {
            $post['userreputation'] = get_reputation($post['reputation'], $post['uid']);
            eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";");
        }
        // Showing the warning level? (only show if not announcement)
        if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) {
            $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100);
            if ($warning_level > 100) {
                $warning_level = 100;
            }
            $warning_level = get_colored_warning_level($warning_level);
            // If we can warn them, it's not the same person, and we're in a PM or a post.
            if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) {
                eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";");
                $warning_link = "warnings.php?uid={$post['uid']}";
            } else {
                $warning_link = "usercp.php";
            }
            eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";");
        }
        eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";");
    } else {
        // Message was posted by a guest or an unknown user
        $post['profilelink'] = format_name($post['username'], 1);
        if ($usergroup['usertitle']) {
            $post['usertitle'] = $usergroup['usertitle'];
        } else {
            $post['usertitle'] = $lang->guest;
        }
        $usergroup['title'] = $lang->na;
        $post['userregdate'] = $lang->na;
        $post['postnum'] = $lang->na;
        $post['button_profile'] = '';
        $post['button_email'] = '';
        $post['button_www'] = '';
        $post['signature'] = '';
        $post['button_pm'] = '';
        $post['button_find'] = '';
        $post['onlinestatus'] = '';
        $post['replink'] = '';
        eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";");
    }
    $post['button_edit'] = '';
    $post['button_quickdelete'] = '';
    $post['button_quote'] = '';
    $post['button_quickquote'] = '';
    $post['button_report'] = '';
    // For private messages, fetch the reply/forward/delete icons
    if ($post_type == 2 && $post['pmid']) {
        global $replyall;
        eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";");
        eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";");
        eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";");
        if ($replyall == true) {
            eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";");
        }
    }
    if (!$post_type) {
        // Figure out if we need to show an "edited by" message
        $post['editedmsg'] = '';
        if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) {
            $post['editdate'] = my_date($mybb->settings['dateformat'], $post['edittime']);
            $post['edittime'] = my_date($mybb->settings['timeformat'], $post['edittime']);
            $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate'], $post['edittime']);
            $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']);
            eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";");
        }
        if ((is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid']) && $mybb->user['uid'] != 0) {
            eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";");
        }
        // Quick Delete button
        $can_delete = 0;
        if ($mybb->user['uid'] == $post['uid']) {
            if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) {
                $can_delete = 1;
            } else {
                if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) {
                    $can_delete = 1;
                }
            }
        }
        if ((is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0) {
            eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";");
        }
        // Inline moderation stuff
        if ($ismod) {
            if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) {
                $inlinecheck = "checked=\"checked\"";
                $inlinecount++;
            } else {
                $inlinecheck = "";
            }
            eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";");
            if ($post['visible'] == 0) {
                $invisiblepost = 1;
            }
        } else {
            $post['inlinecheck'] = "";
        }
        $post['postlink'] = get_post_link($post['pid'], $post['tid']);
        eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";");
        global $forum, $thread;
        if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid']))) {
            eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";");
        }
        if ($forumpermissions['canpostreplys'] != 0 && ($thread['closed'] != 1 || is_moderator($fid)) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) {
            eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";");
        }
        if ($mybb->user['uid'] != "0") {
            eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";");
        }
        if ($mybb->settings['logip'] != "no") {
            if ($mybb->settings['logip'] == "show") {
                eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";");
            } else {
                if ($mybb->settings['logip'] == "hide" && is_moderator($fid, "canviewips")) {
                    eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";");
                } else {
                    $post['iplogged'] = "";
                }
            }
        } else {
            $post['iplogged'] = "";
        }
    } elseif ($post_type == 3) {
        if ($mybb->usergroup['issupermod'] == 1 || is_moderator($fid)) {
            eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";");
            eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";");
        }
    }
    if ($post['smilieoff'] == 1) {
        $parser_options['allow_smilies'] = 0;
    }
    // If we have incoming search terms to highlight - get it done.
    if (!empty($mybb->input['highlight'])) {
        $parser_options['highlight'] = $mybb->input['highlight'];
        $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']);
    }
    $post['message'] = $parser->parse_message($post['message'], $parser_options);
    get_post_attachments($id, $post);
    if ($post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts'])) {
        $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1);
        if ($usergroup['signofollow']) {
            $sig_parser['nofollow_on'] = 1;
        }
        $post['signature'] = $parser->parse_message($post['signature'], $sig_parser);
        eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";");
    } else {
        $post['signature'] = "";
    }
    $icon_cache = $cache->read("posticons");
    if ($post['icon'] > 0 && $icon_cache[$post['icon']]) {
        $icon = $icon_cache[$post['icon']];
        $icon['path'] = htmlspecialchars_uni($icon['path']);
        $icon['name'] = htmlspecialchars_uni($icon['name']);
        $post['icon'] = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" style=\"vertical-align: middle;\" />&nbsp;";
    } else {
        $post['icon'] = "";
    }
    $post_visibility = '';
    switch ($post_type) {
        case 1:
            // Message preview
            $post = $plugins->run_hooks("postbit_prev", $post);
            break;
        case 2:
            // Private message
            $post = $plugins->run_hooks("postbit_pm", $post);
            break;
        case 3:
            // Announcement
            $post = $plugins->run_hooks("postbit_announcement", $post);
            break;
        default:
            // Regular post
            $post = $plugins->run_hooks("postbit", $post);
            // Is this author on the ignore list of the current user? Hide this post
            $ignore_bit = '';
            if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) {
                $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']);
                eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";");
                $post_visibility = "display: none;";
            }
            break;
    }
    if ($mybb->settings['postlayout'] == "classic") {
        eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";");
    } else {
        eval("\$postbit = \"" . $templates->get("postbit") . "\";");
    }
    $GLOBALS['post'] = "";
    return $postbit;
}
Exemplo n.º 4
0
         eval('$contact_fields[\'' . $field . '\'] = "' . $templates->get($tmpl) . '";');
     }
 }
 if ($any_contact_field || $sendemail || $sendpm || $website) {
     eval('$contact_details = "' . $templates->get("member_profile_contact_details") . '";');
 }
 $signature = '';
 if ($memprofile['signature'] && ($memprofile['suspendsignature'] == 0 || $memprofile['suspendsigtime'] < TIME_NOW) && !is_member($mybb->settings['hidesignatures']) && $memperms['canusesig'] && $memperms['canusesigxposts'] <= $memprofile['postnum']) {
     $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $memprofile['username'], "filter_badwords" => 1);
     if ($memperms['signofollow']) {
         $sig_parser['nofollow_on'] = 1;
     }
     if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) {
         $sig_parser['allow_imgcode'] = 0;
     }
     $memprofile['signature'] = $parser->parse_message($memprofile['signature'], $sig_parser);
     eval("\$signature = \"" . $templates->get("member_profile_signature") . "\";");
 }
 $daysreg = (TIME_NOW - $memprofile['regdate']) / (24 * 3600);
 if ($daysreg < 1) {
     $daysreg = 1;
 }
 $stats = $cache->read("stats");
 // Format post count, per day count and percent of total
 $ppd = $memprofile['postnum'] / $daysreg;
 $ppd = round($ppd, 2);
 if ($ppd > $memprofile['postnum']) {
     $ppd = $memprofile['postnum'];
 }
 $numposts = $stats['numposts'];
 if ($numposts == 0) {
Exemplo n.º 5
0
 if (isset($mybb->input['preview'])) {
     $parser_options = array();
     $parser_options['allow_html'] = $mybb->get_input('allowhtml', MyBB::INPUT_INT);
     $parser_options['allow_mycode'] = $mybb->get_input('allowmycode', MyBB::INPUT_INT);
     $parser_options['allow_smilies'] = $mybb->get_input('allowsmilies', MyBB::INPUT_INT);
     $parser_options['allow_imgcode'] = 1;
     $parser_options['allow_videocode'] = 1;
     $parser_options['me_username'] = htmlspecialchars_uni($mybb->user['username']);
     $parser_options['filter_badwords'] = 1;
     // Set up the message parser if it doesn't already exist.
     if (!is_object($parser)) {
         require_once MYBB_ROOT . "inc/class_parser.php";
         $parser = new postParser();
     }
     $preview = array();
     $preview['message'] = $parser->parse_message($mybb->input['message'], $parser_options);
     $preview['subject'] = htmlspecialchars_uni($mybb->input['title']);
 } else {
     $months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12');
     if (!in_array($mybb->input['starttime_month'], $months)) {
         $mybb->input['starttime_month'] = 1;
     }
     if ($mybb->input['endtime_type'] == "2") {
         $enddate = '0';
     } else {
         if (!in_array($mybb->input['endtime_month'], $months)) {
             $mybb->input['endtime_month'] = 1;
         }
     }
     $update_announcement = array("fid" => $mybb->input['fid'], "subject" => $db->escape_string($mybb->input['title']), "message" => $db->escape_string($mybb->input['message']), "startdate" => $startdate, "enddate" => $enddate, "allowhtml" => $mybb->get_input('allowhtml', MyBB::INPUT_INT), "allowmycode" => $mybb->get_input('allowmycode', MyBB::INPUT_INT), "allowsmilies" => $mybb->get_input('allowsmilies', MyBB::INPUT_INT));
     $plugins->run_hooks("admin_forum_announcements_edit_commit");
Exemplo n.º 6
0
/**
 * Build a post bit
 *
 * @param array $post The post data
 * @param int $post_type The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post)
 * @return string The built post bit
 */
function build_postbit($post, $post_type = 0)
{
    global $db, $altbg, $theme, $mybb, $postcounter, $profile_fields;
    global $titlescache, $page, $templates, $forumpermissions, $attachcache;
    global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid;
    global $plugins, $parser, $cache, $ignored_users, $hascustomtitle;
    $hascustomtitle = 0;
    // Set default values for any fields not provided here
    foreach (array('pid', 'aid', 'pmid', 'posturl', 'button_multiquote', 'subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_purgespammer', 'button_pm', 'button_pubkey', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm', 'replink', 'warninglevel') as $post_field) {
        if (empty($post[$post_field])) {
            $post[$post_field] = '';
        }
    }
    // Set up the message parser if it doesn't already exist.
    if (!$parser) {
        require_once MYBB_ROOT . "inc/class_parser.php";
        $parser = new postParser();
    }
    if (!function_exists("purgespammer_show")) {
        require_once MYBB_ROOT . "inc/functions_user.php";
    }
    $unapproved_shade = '';
    if (isset($post['visible']) && $post['visible'] == 0 && $post_type == 0) {
        $altbg = $unapproved_shade = 'unapproved_post';
    } elseif (isset($post['visible']) && $post['visible'] == -1 && $post_type == 0) {
        $altbg = $unapproved_shade = 'unapproved_post deleted_post';
    } elseif ($altbg == 'trow1') {
        $altbg = 'trow2';
    } else {
        $altbg = 'trow1';
    }
    $post['fid'] = $fid;
    switch ($post_type) {
        case 1:
            // Message preview
            global $forum;
            $parser_options['allow_html'] = $forum['allowhtml'];
            $parser_options['allow_mycode'] = $forum['allowmycode'];
            $parser_options['allow_smilies'] = $forum['allowsmilies'];
            $parser_options['allow_imgcode'] = $forum['allowimgcode'];
            $parser_options['allow_videocode'] = $forum['allowvideocode'];
            $parser_options['me_username'] = $post['username'];
            $parser_options['filter_badwords'] = 1;
            $id = 0;
            break;
        case 2:
            // Private message
            global $message, $pmid;
            $idtype = 'pmid';
            $parser_options['allow_html'] = $mybb->settings['pmsallowhtml'];
            $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode'];
            $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies'];
            $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode'];
            $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode'];
            $parser_options['me_username'] = $post['username'];
            $parser_options['filter_badwords'] = 1;
            $id = $pmid;
            break;
        case 3:
            // Announcement
            global $announcementarray, $message;
            $parser_options['allow_html'] = $announcementarray['allowhtml'];
            $parser_options['allow_mycode'] = $announcementarray['allowmycode'];
            $parser_options['allow_smilies'] = $announcementarray['allowsmilies'];
            $parser_options['allow_imgcode'] = 1;
            $parser_options['allow_videocode'] = 1;
            $parser_options['me_username'] = $post['username'];
            $parser_options['filter_badwords'] = 1;
            $id = $announcementarray['aid'];
            break;
        default:
            // Regular post
            global $forum, $thread, $tid;
            $oldforum = $forum;
            $id = (int) $post['pid'];
            $idtype = 'pid';
            $parser_options['allow_html'] = $forum['allowhtml'];
            $parser_options['allow_mycode'] = $forum['allowmycode'];
            $parser_options['allow_smilies'] = $forum['allowsmilies'];
            $parser_options['allow_imgcode'] = $forum['allowimgcode'];
            $parser_options['allow_videocode'] = $forum['allowvideocode'];
            $parser_options['filter_badwords'] = 1;
            if (!$post['username']) {
                $post['username'] = $lang->guest;
            }
            if ($post['userusername']) {
                $parser_options['me_username'] = $post['userusername'];
            } else {
                $parser_options['me_username'] = $post['username'];
            }
            break;
    }
    if (!$postcounter) {
        // Used to show the # of the post
        if ($page > 1) {
            if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) {
                $mybb->settings['postsperpage'] = 20;
            }
            $postcounter = $mybb->settings['postsperpage'] * ($page - 1);
        } else {
            $postcounter = 0;
        }
        $post_extra_style = "border-top-width: 0;";
    } elseif ($mybb->input['mode'] == "threaded") {
        $post_extra_style = "border-top-width: 0;";
    } else {
        $post_extra_style = "margin-top: 5px;";
    }
    if (!$altbg) {
        // Define the alternate background colour if this is the first post
        $altbg = "trow1";
    }
    $postcounter++;
    // Format the post date and time using my_date
    //$post['postdate'] = my_date('relative', $post['dateline']);
    $post['postdate'] = date('Y-m-d', $post['dateline']);
    // Dont want any little 'nasties' in the subject
    $post['subject'] = $parser->parse_badwords($post['subject']);
    // Pm's have been htmlspecialchars_uni()'ed already.
    if ($post_type != 2) {
        $post['subject'] = htmlspecialchars_uni($post['subject']);
    }
    if (empty($post['subject'])) {
        $post['subject'] = '&nbsp;';
    }
    $post['author'] = $post['uid'];
    $post['subject_title'] = $post['subject'];
    // Get the usergroup
    if ($post['userusername']) {
        if (!$post['displaygroup']) {
            $post['displaygroup'] = $post['usergroup'];
        }
        $usergroup = $groupscache[$post['displaygroup']];
    } else {
        $usergroup = $groupscache[1];
    }
    if (!is_array($titlescache)) {
        $cached_titles = $cache->read("usertitles");
        if (!empty($cached_titles)) {
            foreach ($cached_titles as $usertitle) {
                $titlescache[$usertitle['posts']] = $usertitle;
            }
        }
        if (is_array($titlescache)) {
            krsort($titlescache);
        }
        unset($usertitle, $cached_titles);
    }
    // Work out the usergroup/title stuff
    $post['groupimage'] = '';
    if (!empty($usergroup['image'])) {
        $language = $mybb->settings['bblanguage'];
        if (!empty($mybb->user['language'])) {
            $language = $mybb->user['language'];
        }
        $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']);
        $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']);
        eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";");
        if ($mybb->settings['postlayout'] == "classic") {
            $post['groupimage'] .= "<br />";
        }
    }
    if ($post['userusername']) {
        // This post was made by a registered user
        $post['username'] = $post['userusername'];
        $post['profilelink_plain'] = get_profile_link($post['uid']);
        $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']);
        $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']);
        if (trim($post['usertitle']) != "") {
            $hascustomtitle = 1;
        }
        if ($usergroup['usertitle'] != "" && !$hascustomtitle) {
            $post['usertitle'] = $usergroup['usertitle'];
        } elseif (is_array($titlescache) && !$usergroup['usertitle']) {
            reset($titlescache);
            foreach ($titlescache as $key => $titleinfo) {
                if ($post['postnum'] >= $key) {
                    if (!$hascustomtitle) {
                        $post['usertitle'] = $titleinfo['title'];
                    }
                    $post['stars'] = $titleinfo['stars'];
                    $post['starimage'] = $titleinfo['starimage'];
                    break;
                }
            }
        }
        $post['usertitle'] = htmlspecialchars_uni($post['usertitle']);
        if ($usergroup['stars']) {
            $post['stars'] = $usergroup['stars'];
        }
        if (empty($post['starimage'])) {
            $post['starimage'] = $usergroup['starimage'];
        }
        if ($post['starimage'] && $post['stars']) {
            // Only display stars if we have an image to use...
            $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']);
            $post['userstars'] = '';
            for ($i = 0; $i < $post['stars']; ++$i) {
                eval("\$post['userstars'] .= \"" . $templates->get("postbit_userstar", 1, 0) . "\";");
            }
            $post['userstars'] .= "<br />";
        }
        $postnum = $post['postnum'];
        $post['postnum'] = my_number_format($post['postnum']);
        $post['threadnum'] = my_number_format($post['threadnum']);
        // Determine the status to show for the user (Online/Offline/Away)
        /*
        $timecut = TIME_NOW - $mybb->settings['wolcutoff'];
        if($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive'])
        {
        	eval("\$post['onlinestatus'] = \"".$templates->get("postbit_online")."\";");
        }
        else
        {
        	if($post['away'] == 1 && $mybb->settings['allowaway'] != 0)
        	{
        		eval("\$post['onlinestatus'] = \"".$templates->get("postbit_away")."\";");
        	}
        	else
        	{
        		eval("\$post['onlinestatus'] = \"".$templates->get("postbit_offline")."\";");
        	}
        }
        */
        // Show as always offline
        eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";");
        $post['useravatar'] = '';
        if (isset($mybb->user['showavatars']) && $mybb->user['showavatars'] != 0 || $mybb->user['uid'] == 0) {
            $useravatar = format_avatar($post['avatar'], $post['avatardimensions'], $mybb->settings['postmaxavatarsize']);
            eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";");
        }
        $post['button_find'] = '';
        if ($mybb->usergroup['cansearch'] == 1) {
            eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";");
        }
        if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) {
            //eval("\$post['button_pm'] = \"".$templates->get("postbit_pm")."\";");
        }
        $post['button_rep'] = '';
        if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid'] && $post['visible'] == 1) {
            if (!$post['pid']) {
                $post['pid'] = 0;
            }
            eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";");
        }
        if ($post['website'] != "" && !is_member($mybb->settings['hidewebsite']) && $usergroup['canchangewebsite'] == 1) {
            $post['website'] = htmlspecialchars_uni($post['website']);
            eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";");
        } else {
            $post['button_www'] = "";
        }
        if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) {
            eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";");
        } else {
            $post['button_email'] = "";
        }
        $post['userregdate'] = $lang->na;
        //my_date($mybb->settings['regdateformat'], $post['regdate']);
        // Work out the reputation this user has (only show if not announcement)
        if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) {
            $post['userreputation'] = get_reputation($post['reputation'], $post['uid']);
            eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";");
        }
        // Showing the warning level? (only show if not announcement)
        if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) {
            if ($mybb->settings['maxwarningpoints'] < 1) {
                $mybb->settings['maxwarningpoints'] = 10;
            }
            $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100);
            if ($warning_level > 100) {
                $warning_level = 100;
            }
            $warning_level = get_colored_warning_level($warning_level);
            // If we can warn them, it's not the same person, and we're in a PM or a post.
            if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) {
                eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";");
                $warning_link = "warnings.php?uid={$post['uid']}";
            } else {
                $post['button_warn'] = '';
                $warning_link = "usercp.php";
            }
            eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";");
        }
        if ($post_type != 3 && $post_type != 1 && purgespammer_show($post['postnum'], $post['usergroup'], $post['uid'])) {
            eval("\$post['button_purgespammer'] = \"" . $templates->get('postbit_purgespammer') . "\";");
        }
        // Display profile fields on posts - only if field is filled in
        if (is_array($profile_fields)) {
            foreach ($profile_fields as $field) {
                $fieldfid = "fid{$field['fid']}";
                if (!empty($post[$fieldfid])) {
                    $post['fieldvalue'] = '';
                    $post['fieldname'] = htmlspecialchars_uni($field['name']);
                    $thing = explode("\n", $field['type'], "2");
                    $type = trim($thing[0]);
                    $useropts = explode("\n", $post[$fieldfid]);
                    if (is_array($useropts) && ($type == "multiselect" || $type == "checkbox")) {
                        foreach ($useropts as $val) {
                            if ($val != '') {
                                eval("\$post['fieldvalue_option'] .= \"" . $templates->get("postbit_profilefield_multiselect_value") . "\";");
                            }
                        }
                        if ($post['fieldvalue_option'] != '') {
                            eval("\$post['fieldvalue'] .= \"" . $templates->get("postbit_profilefield_multiselect") . "\";");
                        }
                    } else {
                        $field_parser_options = array("allow_html" => $field['allowhtml'], "allow_mycode" => $field['allowmycode'], "allow_smilies" => $field['allowsmilies'], "allow_imgcode" => $field['allowimgcode'], "allow_videocode" => $field['allowvideocode'], "filter_badwords" => 1);
                        if ($customfield['type'] == "textarea") {
                            $field_parser_options['me_username'] = $post['username'];
                        } else {
                            $field_parser_options['nl2br'] = 0;
                        }
                        if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) {
                            $field_parser_options['allow_imgcode'] = 0;
                        }
                        $post['fieldvalue'] = $parser->parse_message($post[$fieldfid], $field_parser_options);
                    }
                    eval("\$post['profilefield'] .= \"" . $templates->get("postbit_profilefield") . "\";");
                }
            }
        }
        eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";");
    } else {
        // Message was posted by a guest or an unknown user
        $post['profilelink'] = format_name($post['username'], 1);
        if ($usergroup['usertitle']) {
            $post['usertitle'] = $usergroup['usertitle'];
        } else {
            $post['usertitle'] = $lang->guest;
        }
        $post['usertitle'] = htmlspecialchars_uni($post['usertitle']);
        $usergroup['title'] = $lang->na;
        $post['userregdate'] = $lang->na;
        $post['postnum'] = $lang->na;
        $post['button_profile'] = '';
        $post['button_email'] = '';
        $post['button_www'] = '';
        $post['signature'] = '';
        $post['button_pm'] = $lang->na;
        $post['button_find'] = '';
        $post['onlinestatus'] = '';
        $post['replink'] = '';
        eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";");
    }
    $post['button_edit'] = '';
    $post['button_quickdelete'] = '';
    $post['button_quickrestore'] = '';
    $post['button_quote'] = '';
    $post['button_quickquote'] = '';
    $post['button_report'] = '';
    $post['button_reply_pm'] = '';
    $post['button_replyall_pm'] = '';
    $post['button_forward_pm'] = '';
    $post['button_delete_pm'] = '';
    // For private messages, fetch the reply/forward/delete icons
    if ($post_type == 2 && $post['pmid']) {
        global $replyall;
        eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";");
        eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";");
        eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";");
        if ($replyall == true) {
            eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";");
        }
    }
    $post['editedmsg'] = '';
    if (!$post_type) {
        // Figure out if we need to show an "edited by" message
        if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) {
            //$post['editdate'] = my_date('relative', $post['edittime']);
            $post['editdate'] = $lang->na;
            $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate']);
            $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']);
            $editreason = "";
            if ($post['editreason'] != "") {
                $post['editreason'] = $parser->parse_badwords($post['editreason']);
                $post['editreason'] = htmlspecialchars_uni($post['editreason']);
                eval("\$editreason = \"" . $templates->get("postbit_editedby_editreason") . "\";");
            }
            eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";");
        }
        $time = TIME_NOW;
        if (is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid'] && $thread['closed'] != 1 && $mybb->usergroup['edittimelimit'] == 0 && $mybb->user['uid'] != 0) {
            eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";");
        }
        // Quick Delete button
        $can_delete_thread = $can_delete_post = 0;
        if ($mybb->user['uid'] == $post['uid'] && $thread['closed'] == 0) {
            if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) {
                $can_delete_thread = 1;
            } else {
                if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) {
                    $can_delete_post = 1;
                }
            }
        }
        $postbit_qdelete = $postbit_qrestore = '';
        if ($mybb->user['uid'] != 0) {
            if ((is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts") || $can_delete_post == 1) && $postcounter != 1) {
                $postbit_qdelete = $lang->postbit_qdelete_post;
                $display = '';
                if ($post['visible'] == -1) {
                    $display = "none";
                }
                eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";");
            } else {
                if ((is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads") || $can_delete_thread == 1) && $postcounter == 1) {
                    $postbit_qdelete = $lang->postbit_qdelete_thread;
                    $display = '';
                    if ($post['visible'] == -1) {
                        $display = "none";
                    }
                    eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";");
                }
            }
            // Restore Post
            if (is_moderator($fid, "canrestoreposts") && $postcounter != 1) {
                $display = "none";
                if ($post['visible'] == -1) {
                    $display = '';
                }
                $postbit_qrestore = $lang->postbit_qrestore_post;
                eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";");
            } else {
                if (is_moderator($fid, "canrestorethreads") && $postcounter == 1) {
                    $display = "none";
                    if ($post['visible'] == -1) {
                        $display = "";
                    }
                    $postbit_qrestore = $lang->postbit_qrestore_thread;
                    eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";");
                }
            }
        }
        // Inline moderation stuff
        if ($ismod) {
            if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) {
                $inlinecheck = "checked=\"checked\"";
                $inlinecount++;
            } else {
                $inlinecheck = "";
            }
            eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";");
            if ($post['visible'] == 0) {
                $invisiblepost = 1;
            }
        } else {
            $post['inlinecheck'] = "";
        }
        $post['postlink'] = get_post_link($post['pid'], $post['tid']);
        $post_number = my_number_format($postcounter);
        eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";");
        global $forum, $thread;
        if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid'], "canpostclosedthreads")) && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1)) {
            eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";");
        }
        if ($forumpermissions['canpostreplys'] != 0 && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1) && ($thread['closed'] != 1 || is_moderator($fid, "canpostclosedthreads")) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) {
            eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";");
        }
        if ($mybb->user['uid'] != "0") {
            eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";");
        }
    } elseif ($post_type == 3) {
        if ($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanageannounce'] == 1 && is_moderator($fid, "canmanageannouncements")) {
            eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";");
            eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";");
        }
    }
    $post['iplogged'] = '';
    $show_ips = $mybb->settings['logip'];
    //$ipaddress = my_inet_ntop($db->unescape_binary($post['ipaddress']));
    $ipaddress = '127.0.0.1';
    // Show post IP addresses... PMs now can have IP addresses too as of 1.8!
    if ($post_type == 2) {
        $show_ips = $mybb->settings['showpmip'];
    }
    if (!$post_type || $post_type == 2) {
        if ($show_ips != "no" && !empty($post['ipaddress'])) {
            if ($show_ips == "show") {
                eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";");
            } else {
                if ($show_ips == "hide" && (is_moderator($fid, "canviewips") || $mybb->usergroup['issupermod'])) {
                    $action = 'getip';
                    if ($post_type == 2) {
                        $action = 'getpmip';
                    }
                    eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";");
                }
            }
        }
    }
    if (isset($post['smilieoff']) && $post['smilieoff'] == 1) {
        $parser_options['allow_smilies'] = 0;
    }
    if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) {
        $parser_options['allow_imgcode'] = 0;
    }
    if ($mybb->user['showvideos'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0) {
        $parser_options['allow_videocode'] = 0;
    }
    // If we have incoming search terms to highlight - get it done.
    if (!empty($mybb->input['highlight'])) {
        $parser_options['highlight'] = $mybb->input['highlight'];
        $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']);
    }
    $post['message'] = $parser->parse_message($post['message'], $parser_options);
    // Validate key
    $keyinfo = user_key_info($post['uid']);
    $post['signstatus'];
    if ($keyinfo['status'] == "OK") {
        $post['signstatus'] = "<span style=\"color: #07a407;\" title=\"Fingerprint: {$keyinfo['fingerprint']}\">✓ podpisano przez {$post['profilelink']}</span>";
    }
    // Jid link
    $ujid = user_jid($post['uid']);
    $post['jidlink'] = $ujid;
    // User key
    $post['userpubkey'] = $keyinfo['key'];
    if ($keyinfo['key'] != "") {
        eval("\$post['button_pubkey'] = \"" . $templates->get("postbit_pubkey") . "\";");
    } else {
        $post['button_pubkey'];
    }
    $post['attachments'] = '';
    if ($mybb->settings['enableattachments'] != 0) {
        get_post_attachments($id, $post);
    }
    if (isset($post['includesig']) && $post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts']) && !is_member($mybb->settings['hidesignatures'])) {
        $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1);
        if ($usergroup['signofollow']) {
            $sig_parser['nofollow_on'] = 1;
        }
        if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) {
            $sig_parser['allow_imgcode'] = 0;
        }
        $post['signature'] = $parser->parse_message($post['signature'], $sig_parser);
        eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";");
    } else {
        $post['signature'] = "";
    }
    $icon_cache = $cache->read("posticons");
    if (isset($post['icon']) && $post['icon'] > 0 && $icon_cache[$post['icon']]) {
        $icon = $icon_cache[$post['icon']];
        $icon['path'] = htmlspecialchars_uni($icon['path']);
        $icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']);
        $icon['name'] = htmlspecialchars_uni($icon['name']);
        eval("\$post['icon'] = \"" . $templates->get("postbit_icon") . "\";");
    } else {
        $post['icon'] = "";
    }
    $post_visibility = $ignore_bit = '';
    switch ($post_type) {
        case 1:
            // Message preview
            $post = $plugins->run_hooks("postbit_prev", $post);
            break;
        case 2:
            // Private message
            $post = $plugins->run_hooks("postbit_pm", $post);
            break;
        case 3:
            // Announcement
            $post = $plugins->run_hooks("postbit_announcement", $post);
            break;
        default:
            // Regular post
            $post = $plugins->run_hooks("postbit", $post);
            // Is this author on the ignore list of the current user? Hide this post
            if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) {
                $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']);
                eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";");
                $post_visibility = "display: none;";
            }
            break;
    }
    if ($mybb->settings['postlayout'] == "classic") {
        eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";");
    } else {
        eval("\$postbit = \"" . $templates->get("postbit") . "\";");
    }
    $GLOBALS['post'] = "";
    return $postbit;
}
Exemplo n.º 7
0
function newpoints_shop_page()
{
    global $mybb, $db, $lang, $cache, $theme, $header, $templates, $plugins, $headerinclude, $footer, $options, $inline_errors;
    if (!$mybb->user['uid']) {
        return;
    }
    newpoints_lang_load("newpoints_shop");
    if ($mybb->input['action'] == "do_shop") {
        verify_post_check($mybb->input['postcode']);
        $plugins->run_hooks("newpoints_do_shop_start");
        switch ($mybb->input['shop_action']) {
            case 'buy':
                $plugins->run_hooks("newpoints_shop_buy_start");
                // check if the item exists
                if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
                    error($lang->newpoints_shop_invalid_item);
                }
                // check if the item is assigned to category
                if (!($cat = newpoints_shop_get_category($item['cid']))) {
                    error($lang->newpoints_shop_invalid_cat);
                }
                // check if we have permissions to view the parent category
                if (!newpoints_shop_check_permissions($cat['usergroups'])) {
                    error_no_permission();
                }
                if ($item['visible'] == 0 || $cat['visible'] == 0) {
                    error_no_permission();
                }
                // check group rules - primary group check
                $grouprules = newpoints_getrules('group', $mybb->user['usergroup']);
                if (!$grouprules) {
                    $grouprules['items_rate'] = 1.0;
                }
                // no rule set so default income rate is 1
                // if the group items rate is 0, the price of the item is 0
                if (floatval($grouprules['items_rate']) == 0) {
                    $item['price'] = 0;
                } else {
                    $item['price'] = $item['price'] * floatval($grouprules['items_rate']);
                }
                if (floatval($item['price']) > floatval($mybb->user['newpoints'])) {
                    $errors[] = $lang->newpoints_shop_not_enough;
                }
                if ($item['infinite'] != 1 && $item['stock'] <= 0) {
                    $errors[] = $lang->newpoints_shop_out_of_stock;
                }
                if ($item['limit'] != 0) {
                    // Get how many items of this type we have in our inventory
                    $myitems = @unserialize($mybb->user['newpoints_items']);
                    if (!$myitems) {
                        $myitems = array();
                    }
                    // If more than or equal to $item['limit'] -> FAILED
                    if (count(array_keys($myitems, $item['iid'])) >= $item['limit']) {
                        $errors[] = $lang->newpoints_shop_limit_reached;
                    }
                }
                if (!empty($errors)) {
                    $inline_errors = inline_error($errors, $lang->newpoints_shop_inline_errors);
                    $mybb->input = array();
                    $mybb->input['action'] = 'shop';
                } else {
                    $myitems = @unserialize($mybb->user['newpoints_items']);
                    if (!$myitems) {
                        $myitems = array();
                    }
                    $myitems[] = $item['iid'];
                    $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\'');
                    // update stock
                    if ($item['infinite'] != 1) {
                        $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] - 1), 'iid=\'' . $item['iid'] . '\'');
                    }
                    // get money from user
                    newpoints_addpoints($mybb->user['uid'], -floatval($item['price']));
                    if (!empty($item['pm'])) {
                        // send PM if item has private message
                        newpoints_send_pm(array('subject' => $lang->newpoints_shop_bought_item_pm_subject, 'message' => $item['pm'], 'touid' => $mybb->user['uid'], 'receivepms' => 1), -1);
                    }
                    $plugins->run_hooks("newpoints_shop_buy_end", $item);
                    // log purchase
                    newpoints_log('shop_purchase', $lang->sprintf($lang->newpoints_shop_purchased_log, $item['iid'], $item['price']));
                    redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop", $lang->newpoints_shop_item_bought, $lang->newpoints_shop_item_bought_title);
                }
                break;
            case 'send':
                $plugins->run_hooks("newpoints_shop_send_start");
                // check if the item exists
                if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
                    error($lang->newpoints_shop_invalid_item);
                }
                // check if the item is assigned to category
                if (!($cat = newpoints_shop_get_category($item['cid']))) {
                    error($lang->newpoints_shop_invalid_cat);
                }
                // check if we have permissions to view the parent category
                if (!newpoints_shop_check_permissions($cat['usergroups'])) {
                    error_no_permission();
                }
                if ($item['visible'] == 0 || $cat['visible'] == 0) {
                    error_no_permission();
                }
                $myitems = @unserialize($mybb->user['newpoints_items']);
                if (!$myitems) {
                    error($lang->newpoints_shop_inventory_empty);
                }
                // make sure we own the item
                $key = array_search($item['iid'], $myitems);
                if ($key === false) {
                    error($lang->newpoints_shop_selected_item_not_owned);
                }
                $lang->newpoints_shop_action = $lang->newpoints_shop_send_item;
                $item['name'] = htmlspecialchars_uni($item['name']);
                global $shop_action, $data, $colspan;
                $colspan = 2;
                $shop_action = 'do_send';
                $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">';
                $data = "<td class=\"trow1\" width=\"50%\"><strong>" . $lang->newpoints_shop_send_item_username . ":</strong><br /><small>" . $lang->newpoints_shop_send_item_message . "</small></td><td class=\"trow1\" width=\"50%\"><input type=\"text\" class=\"textbox\" name=\"username\" value=\"\"></td>";
                $plugins->run_hooks("newpoints_shop_send_end");
                eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";");
                output_page($page);
                break;
            case 'do_send':
                $plugins->run_hooks("newpoints_shop_do_send_start");
                // check if the item exists
                if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
                    error($lang->newpoints_shop_invalid_item);
                }
                // check if the item is assigned to category
                if (!($cat = newpoints_shop_get_category($item['cid']))) {
                    error($lang->newpoints_shop_invalid_cat);
                }
                // check if we have permissions to view the parent category
                if (!newpoints_shop_check_permissions($cat['usergroups'])) {
                    error_no_permission();
                }
                if ($item['visible'] == 0 || $cat['visible'] == 0) {
                    error_no_permission();
                }
                $myitems = @unserialize($mybb->user['newpoints_items']);
                if (!$myitems) {
                    error($lang->newpoints_shop_inventory_empty);
                }
                // make sure we own the item
                $key = array_search($item['iid'], $myitems);
                if ($key === false) {
                    error($lang->newpoints_shop_selected_item_not_owned);
                }
                $username = trim($mybb->input['username']);
                if (!($user = newpoints_getuser_byname($username))) {
                    error($lang->newpoints_shop_invalid_user);
                } else {
                    if ($user['uid'] == $mybb->user['uid']) {
                        error($lang->newpoints_shop_cant_send_item_self);
                    }
                    // send item to the selected user
                    $useritems = @unserialize($user['newpoints_items']);
                    if (!$useritems) {
                        $useritems = array();
                    }
                    $useritems[] = $item['iid'];
                    $db->update_query('users', array('newpoints_items' => serialize($useritems)), 'uid=\'' . $user['uid'] . '\'');
                    // remove item from our inventory
                    unset($myitems[$key]);
                    sort($myitems);
                    $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\'');
                    $plugins->run_hooks("newpoints_shop_do_send_end");
                    // send pm to user
                    newpoints_send_pm(array('subject' => $lang->newpoints_shop_item_received_title, 'message' => $lang->sprintf($lang->newpoints_shop_item_received, htmlspecialchars_uni($mybb->user['username']), htmlspecialchars_uni($item['name'])), 'touid' => $user['uid'], 'receivepms' => 1), -1);
                    // log
                    newpoints_log('shop_send', $lang->sprintf($lang->newpoints_shop_sent_log, $item['iid'], $user['uid'], $user['username']));
                    redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&amp;shop_action=myitems", $lang->newpoints_shop_item_sent, $lang->newpoints_shop_item_sent_title);
                }
                break;
            case 'sell':
                $plugins->run_hooks("newpoints_shop_sell_start");
                // check if the item exists
                if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
                    error($lang->newpoints_shop_invalid_item);
                }
                // check if the item is assigned to category
                if (!($cat = newpoints_shop_get_category($item['cid']))) {
                    error($lang->newpoints_shop_invalid_cat);
                }
                // check if we have permissions to view the parent category
                if (!newpoints_shop_check_permissions($cat['usergroups'])) {
                    error_no_permission();
                }
                if ($item['visible'] == 0 || $cat['visible'] == 0) {
                    error_no_permission();
                }
                $myitems = @unserialize($mybb->user['newpoints_items']);
                if (!$myitems) {
                    error($lang->newpoints_shop_inventory_empty);
                }
                // make sure we own the item
                $key = array_search($item['iid'], $myitems);
                if ($key === false) {
                    error($lang->newpoints_shop_selected_item_not_owned);
                }
                $lang->newpoints_shop_action = $lang->newpoints_shop_sell_item;
                $item['name'] = htmlspecialchars_uni($item['name']);
                global $shop_action, $data, $colspan;
                $colspan = 1;
                $shop_action = 'do_sell';
                $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">';
                $data = "<td class=\"trow1\" width=\"100%\">" . $lang->sprintf($lang->newpoints_shop_sell_item_confirm, htmlspecialchars_uni($item['name']), newpoints_format_points(floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])) . "</td>";
                $plugins->run_hooks("newpoints_shop_sell_end");
                eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";");
                output_page($page);
                break;
            case 'do_sell':
                $plugins->run_hooks("newpoints_shop_do_sell_start");
                // check if the item exists
                if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
                    error($lang->newpoints_shop_invalid_item);
                }
                // check if the item is assigned to category
                if (!($cat = newpoints_shop_get_category($item['cid']))) {
                    error($lang->newpoints_shop_invalid_cat);
                }
                // check if we have permissions to view the parent category
                if (!newpoints_shop_check_permissions($cat['usergroups'])) {
                    error_no_permission();
                }
                if ($item['visible'] == 0 || $cat['visible'] == 0) {
                    error_no_permission();
                }
                $myitems = @unserialize($mybb->user['newpoints_items']);
                if (!$myitems) {
                    error($lang->newpoints_shop_inventory_empty);
                }
                // make sure we own the item
                $key = array_search($item['iid'], $myitems);
                if ($key === false) {
                    error($lang->newpoints_shop_selected_item_not_owned);
                }
                // remove item from our inventory
                unset($myitems[$key]);
                sort($myitems);
                $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\'');
                // update stock
                if ($item['infinite'] != 1) {
                    $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] + 1), 'iid=\'' . $item['iid'] . '\'');
                }
                newpoints_addpoints($mybb->user['uid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent']);
                $plugins->run_hooks("newpoints_shop_do_sell_end");
                // log
                newpoints_log('shop_sell', $lang->sprintf($lang->newpoints_shop_sell_log, $item['iid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent']));
                redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&amp;shop_action=myitems", $lang->newpoints_shop_item_sell, $lang->newpoints_shop_item_sell_title);
                break;
            default:
                error_no_permission();
        }
        $plugins->run_hooks("newpoints_do_shop_end");
    }
    // shop page
    if ($mybb->input['action'] == "shop") {
        $plugins->run_hooks("newpoints_shop_start");
        if ($mybb->input['shop_action'] == 'view') {
            // check if the item exists
            if (!($item = newpoints_shop_get_item($mybb->input['iid']))) {
                error($lang->newpoints_shop_invalid_item);
            }
            // check if the item is assigned to category
            if (!($cat = newpoints_shop_get_category($item['cid']))) {
                error($lang->newpoints_shop_invalid_cat);
            }
            // check if we have permissions to view the parent category
            if (!newpoints_shop_check_permissions($cat['usergroups'])) {
                error_no_permission();
            }
            if ($item['visible'] == 0 || $cat['visible'] == 0) {
                error_no_permission();
            }
            $item['name'] = htmlspecialchars_uni($item['name']);
            $item['description'] = htmlspecialchars_uni($item['description']);
            // check group rules - primary group check
            $grouprules = newpoints_getrules('group', $mybb->user['usergroup']);
            if (!$grouprules) {
                $grouprules['items_rate'] = 1.0;
            }
            // no rule set so default income rate is 1
            // if the group items rate is 0, the price of the item is 0
            if (floatval($grouprules['items_rate']) == 0) {
                $item['price'] = 0;
            } else {
                $item['price'] = $item['price'] * floatval($grouprules['items_rate']);
            }
            $item['price'] = newpoints_format_points($item['price']);
            if ($item['price'] > $mybb->user['newpoints']) {
                $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>';
            }
            // build icon
            if ($item['icon'] != '') {
                $item['icon'] = htmlspecialchars_uni($item['icon']);
                $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">';
            } else {
                $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">';
            }
            if ($item['infinite'] == 1) {
                $item['stock'] = $lang->newpoints_shop_infinite;
            } else {
                $item['stock'] = intval($item['stock']);
            }
            if ($item['sendable'] == 1) {
                $item['sendable'] = $lang->newpoints_shop_yes;
            } else {
                $item['sendable'] = $lang->newpoints_shop_no;
            }
            if ($item['sellable'] == 1) {
                $item['sellable'] = $lang->newpoints_shop_yes;
            } else {
                $item['sellable'] = $lang->newpoints_shop_no;
            }
            eval("\$page = \"" . $templates->get('newpoints_shop_view_item') . "\";");
        } elseif ($mybb->input['shop_action'] == 'myitems') {
            $uid = intval($mybb->input['uid']);
            $uidpart = '';
            if ($uid > 0) {
                $user = get_user($uid);
                // we're viewing someone else's inventory
                if (!empty($user)) {
                    // we can't view others inventories if we don't have enough previleges
                    if ($mybb->settings['newpoints_shop_viewothers'] != 1 && $mybb->usergroup['cancp'] != 1 && $mybb->user['uid'] != $uid) {
                        error_no_permission();
                    }
                    $myitems = @unserialize($user['newpoints_items']);
                    $lang->newpoints_shop_myitems = $lang->sprintf($lang->newpoints_shop_items_username, htmlspecialchars_uni($user['username']));
                    $uidpart = "&amp;uid=" . $uid;
                    // we need this for pagination
                } else {
                    $myitems = @unserialize($mybb->user['newpoints_items']);
                }
            } else {
                $myitems = @unserialize($mybb->user['newpoints_items']);
            }
            $items = '';
            $newrow = true;
            $invert_bgcolor = alt_trow();
            if ($mybb->settings['newpoints_shop_sendable'] != 1) {
                $sendable = false;
            } else {
                $sendable = true;
            }
            if ($mybb->settings['newpoints_shop_sellable'] != 1) {
                $sellable = false;
            } else {
                $sellable = true;
            }
            require_once MYBB_ROOT . "inc/class_parser.php";
            $parser = new postParser();
            $parser_options = array('allow_mycode' => 1, 'allow_smilies' => 1, 'allow_imgcode' => 0, 'allow_html' => 0, 'filter_badwords' => 1);
            if (!empty($myitems)) {
                // pagination
                $per_page = 10;
                $mybb->input['page'] = intval($mybb->input['page']);
                if ($mybb->input['page'] && $mybb->input['page'] > 1) {
                    $mybb->input['page'] = intval($mybb->input['page']);
                    $start = $mybb->input['page'] * $per_page - $per_page;
                } else {
                    $mybb->input['page'] = 1;
                    $start = 0;
                }
                // total items
                $total_rows = $db->fetch_field($db->simple_select("newpoints_shop_items", "COUNT(iid) as items", 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')'), "items");
                // multi-page
                if ($total_rows > $per_page) {
                    $multipage = multipage($total_rows, $per_page, $mybb->input['page'], $mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems" . $uidpart);
                }
                $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')', array('limit' => "{$start}, {$per_page}"));
                while ($item = $db->fetch_array($query)) {
                    if ($newrow === true) {
                        $trstart = '<tr>';
                        $trend = '';
                        $newrow = false;
                    } elseif ($newrow === false) {
                        $trstart = '';
                        $trend = '</tr>';
                        $newrow = true;
                    }
                    if ($sellable === true && $item['sellable']) {
                        if ($sendable === true && $item['sendable']) {
                            $tdstart = '<td width="50%">';
                        } else {
                            $tdstart = '<td width="100%">';
                        }
                        $sell = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="sell"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_sell . '"></form></td>';
                    } else {
                        $sell = '';
                    }
                    if ($sendable === true && $item['sendable']) {
                        if ($sell == '') {
                            $tdstart = '<td width="100%">';
                        } else {
                            $tdstart = '<td width="50%">';
                        }
                        $send = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="send"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_send . '"></form></td>';
                    } else {
                        $send = '';
                    }
                    if (!$send && !$sell) {
                        $send = $lang->newpoints_shop_no_options;
                    }
                    $item['description'] = $parser->parse_message($item['description'], $parser_options);
                    // check group rules - primary group check
                    $grouprules = newpoints_getrules('group', $mybb->user['usergroup']);
                    if (!$grouprules) {
                        $grouprules['items_rate'] = 1.0;
                    }
                    // no rule set so default income rate is 1
                    // if the group items rate is 0, the price of the item is 0
                    if (floatval($grouprules['items_rate']) == 0) {
                        $item['price'] = 0;
                    } else {
                        $item['price'] = $item['price'] * floatval($grouprules['items_rate']);
                    }
                    $item['price'] = newpoints_format_points($item['price']);
                    $item['quantity'] = count(array_keys($myitems, $item['iid']));
                    // build icon
                    if ($item['icon'] != '') {
                        $item['icon'] = htmlspecialchars_uni($item['icon']);
                        $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">';
                    } else {
                        $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">';
                    }
                    $bgcolor = alt_trow();
                    $invert_bgcolor = alt_trow();
                    eval("\$items .= \"" . $trstart . $templates->get('newpoints_shop_myitems_item') . $trend . "\";");
                }
                if (!$items) {
                    eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";");
                } else {
                    if ($newrow === false) {
                        eval("\$items .= \"" . $templates->get('newpoints_shop_myitems_item_empty') . "</tr>" . "\";");
                        $newrow = true;
                    }
                }
            } else {
                eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";");
            }
            eval("\$page = \"" . $templates->get('newpoints_shop_myitems') . "\";");
        } else {
            // check group rules - primary group check
            $grouprules = newpoints_getrules('group', $mybb->user['usergroup']);
            if (!$grouprules) {
                $grouprules['items_rate'] = 1.0;
            }
            // no rule set so default income rate is 1
            // if the group items rate is 0, the price of the item is 0
            $itemsrate = floatval($grouprules['items_rate']);
            global $cats, $items;
            // get categories
            $query = $db->simple_select('newpoints_shop_categories', '*', '', array('order_by' => 'disporder', 'order_dir' => 'ASC'));
            while ($cat = $db->fetch_array($query)) {
                $categories[$cat['cid']] = $cat;
            }
            // get items and store them in their categories
            $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND cid>0', array('order_by' => 'disporder', 'order_dir' => 'ASC'));
            while ($item = $db->fetch_array($query)) {
                $items_array[$item['cid']][$item['iid']] = $item;
            }
            $cats = '';
            $bgcolor = '';
            $bgcolor = alt_trow();
            // build items and categories
            if (!empty($categories)) {
                foreach ($categories as $cid => $category) {
                    $items = '';
                    if ($category['items'] > 0 && !empty($items_array[$category['cid']])) {
                        foreach ($items_array as $cid => $member) {
                            if ($cid != $category['cid']) {
                                continue;
                            }
                            $bgcolor = alt_trow();
                            foreach ($member as $iid => $item) {
                                // skip hidden items
                                if ($item['visible'] == 0) {
                                    continue;
                                }
                                if ($item['infinite'] == 1) {
                                    $item['stock'] = $lang->newpoints_shop_infinite;
                                }
                                if ($item['price'] > $mybb->user['newpoints']) {
                                    $enough_money = false;
                                } else {
                                    $enough_money = true;
                                }
                                $item['name'] = htmlspecialchars_uni($item['name']);
                                $item['description'] = htmlspecialchars_uni($item['description']);
                                $item['price'] = newpoints_format_points($item['price'] * $itemsrate);
                                // build icon
                                if ($item['icon'] != '') {
                                    $item['icon'] = htmlspecialchars_uni($item['icon']);
                                    $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">';
                                } else {
                                    $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">';
                                }
                                if (!$enough_money) {
                                    $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>';
                                }
                                eval("\$items .= \"" . $templates->get('newpoints_shop_item') . "\";");
                            }
                        }
                    } else {
                        eval("\$items = \"" . $templates->get('newpoints_shop_no_items') . "\";");
                    }
                    // if it's not visible, don't show it
                    if ($category['visible'] == 0) {
                        continue;
                    }
                    // check if we have permissions to view the category
                    if (!newpoints_shop_check_permissions($category['usergroups'])) {
                        continue;
                    }
                    // Expanded by default feature
                    global $extdisplay, $expcolimage, $expdisplay, $expaltext, $icon;
                    $expdisplay = '';
                    if (intval($category['expanded']) == 0) {
                        $expcolimage = "collapse_collapsed.gif";
                        $expdisplay = "display: none;";
                        $expaltext = "[+]";
                    } else {
                        $expcolimage = "collapse.gif";
                        $expaltext = "[-]";
                    }
                    // build icon
                    if ($category['icon'] != '') {
                        $category['icon'] = htmlspecialchars_uni($category['icon']);
                        $category['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $category['icon'] . '" style="vertical-align:middle">';
                    }
                    // sanitize html
                    $category['description'] = htmlspecialchars_uni($category['description']);
                    $category['name'] = htmlspecialchars_uni($category['name']);
                    eval("\$cats .= \"" . $templates->get('newpoints_shop_category') . "\";");
                }
            } else {
                eval("\$cats = \"" . $templates->get('newpoints_shop_no_cats') . "\";");
            }
            eval("\$page = \"" . $templates->get('newpoints_shop') . "\";");
        }
        $plugins->run_hooks("newpoints_shop_end");
        // output page
        output_page($page);
    }
}
Exemplo n.º 8
0
     $avatar = '';
 }
 $anndate = my_date($mybb->settings['dateformat'], $announcement['dateline']);
 $anntime = my_date($mybb->settings['timeformat'], $announcement['dateline']);
 if ($announcement['replies']) {
     eval("\$numcomments = \"" . $templates->get("portal_announcement_numcomments") . "\";");
 } else {
     eval("\$numcomments = \"" . $templates->get("portal_announcement_numcomments_no") . "\";");
     $lastcomment = '';
 }
 $plugins->run_hooks("portal_announcement");
 $parser_options = array("allow_html" => $forum[$announcement['fid']]['allowhtml'], "allow_mycode" => $forum[$announcement['fid']]['allowmycode'], "allow_smilies" => $forum[$announcement['fid']]['allowsmilies'], "allow_imgcode" => $forum[$announcement['fid']]['allowimgcode'], "allow_videocode" => $forum[$announcement['fid']]['allowvideocode'], "filter_badwords" => 1);
 if ($announcement['smilieoff'] == 1) {
     $parser_options['allow_smilies'] = 0;
 }
 $message = $parser->parse_message($announcement['message'], $parser_options);
 if (is_array($attachcache[$announcement['pid']])) {
     // This post has 1 or more attachments
     $validationcount = 0;
     $id = $announcement['pid'];
     foreach ($attachcache[$id] as $aid => $attachment) {
         if ($attachment['visible']) {
             // There is an attachment thats visible!
             $attachment['filename'] = htmlspecialchars_uni($attachment['filename']);
             $attachment['filesize'] = get_friendly_size($attachment['filesize']);
             $ext = get_extension($attachment['filename']);
             if ($ext == "jpeg" || $ext == "gif" || $ext == "bmp" || $ext == "png" || $ext == "jpg") {
                 $isimage = true;
             } else {
                 $isimage = false;
             }
Exemplo n.º 9
0
if ($page > $pages || $page <= 0) {
    $page = 1;
}
if ($page) {
    $start = ($page - 1) * $perpage;
} else {
    $start = 0;
    $page = 1;
}
$upper = $start + $perpage;
$query = "SELECT * FROM mybb_ajaxchat{$where} LIMIT {$start},{$perpage}";
$result = db_query($query);
while ($row = mysqli_fetch_array($result)) {
    $date = date('n/j/y G:i', $row["date"]);
    $name = $row['username'] ? $row['username'] : '******' . $row['uid'];
    $msg = $parser->parse_message($row["message"], array('filter_badwords' => 1, 'allow_mycode' => 1, 'allow_smilies' => 0, 'me_username' => 1, 'nl2br' => 0));
    echo '<table id="m' . $row['id'] . '"><tr><td class="left">' . $name . '<br/><a href="logs?page=' . (floor(($row['id'] - 12) / $perpage) + 1) . '#m' . $row['id'] . '" target="_blank">&rarr; ' . $date . '</a></td><td>' . $msg . '</td></tr></table>';
}
?>
</div>
<form action="logs" style="width: 250px; float: left;">
<input type="text" name="search" value="<?php 
echo $search;
?>
" />
<input type="submit" value="Search" />
</form>
<?php 
$multipage = multipage($count, $perpage, $page, $url);
if ($count > $perpage) {
    echo $multipage;
Exemplo n.º 10
0
function save_raw_post_func($xmlrpc_params)
{
    global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups;
    $lang->load("editpost");
    $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'post_title' => Tapatalk_Input::STRING, 'post_content' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'editreason' => Tapatalk_Input::STRING), $xmlrpc_params);
    $parser = new postParser();
    // No permission for guests
    if (!$mybb->user['uid']) {
        return tt_no_permission();
    }
    // Get post info
    $pid = $input['post_id'];
    $query = $db->simple_select("posts", "*", "pid='{$pid}'");
    $post = $db->fetch_array($query);
    if (empty($input['post_title'])) {
        $input['post_title'] = $post['subject'];
    }
    if (!$post['pid']) {
        return xmlrespfalse($lang->error_invalidpost);
    }
    // Get thread info
    $tid = $post['tid'];
    $thread = get_thread($tid);
    if (!$thread['tid']) {
        return xmlrespfalse($lang->error_invalidthread);
    }
    $thread['subject'] = htmlspecialchars_uni($thread['subject']);
    // Get forum info
    $fid = $post['fid'];
    $forum = get_forum($fid);
    if (!$forum || $forum['type'] != "f") {
        return xmlrespfalse($lang->error_closedinvalidforum);
    }
    if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) {
        return tt_no_permission();
    }
    $forumpermissions = forum_permissions($fid);
    if (!is_moderator($fid, "caneditposts")) {
        if ($thread['closed'] == 1) {
            return xmlrespfalse($lang->redirect_threadclosed);
        }
        if ($forumpermissions['caneditposts'] == 0) {
            return tt_no_permission();
        }
        if ($mybb->user['uid'] != $post['uid']) {
            return tt_no_permission();
        }
        // Edit time limit
        $time = TIME_NOW;
        if ($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < $time - $mybb->settings['edittimelimit'] * 60) {
            $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
            return xmlrespfalse($lang->edit_time_limit);
        }
    }
    // Check if this forum is password protected and we have a valid password
    tt_check_forum_password($forum['fid']);
    // Set up posthandler.
    require_once MYBB_ROOT . "inc/datahandlers/post.php";
    $posthandler = new PostDataHandler("update");
    $posthandler->action = "post";
    // Set the post data that came from the input to the $post array.
    $post = array("pid" => $pid, "subject" => $input['post_title'], "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "edit_uid" => $mybb->user['uid'], "message" => $input['post_content']);
    if (version_compare($mybb->version, '1.8.0', '>=') && !empty($input['editreason'])) {
        $post["editreason"] = $input['editreason'];
    }
    // get subscription status
    $query = $db->simple_select("threadsubscriptions", 'notification', "uid='" . intval($mybb->user['uid']) . "' AND tid='" . intval($tid) . "'");
    $substatus = $db->fetch_array($query);
    // Set up the post options from the input.
    $post['options'] = array("signature" => 1, "subscriptionmethod" => isset($substatus['notification']) ? $substatus['notification'] == 1 ? 'instant' : 'none' : '', "disablesmilies" => 0);
    $posthandler->set_data($post);
    // Now let the post handler do all the hard work.
    if (!$posthandler->validate_post()) {
        $post_errors = $posthandler->get_friendly_errors();
        return xmlrespfalse(implode(" :: ", $post_errors));
    } else {
        $postinfo = $posthandler->update_post();
        $visible = $postinfo['visible'];
        $first_post = $postinfo['first_post'];
        // Help keep our attachments table clean.
        $db->delete_query("attachments", "filename='' OR filesize<1");
        if ($visible == 0 && $first_post && !is_moderator($fid, "", $mybb->user['uid'])) {
            $state = 1;
        } else {
            if ($visible == 0 && !is_moderator($fid, "", $mybb->user['uid'])) {
                $state = 1;
            } else {
                $state = 0;
            }
        }
    }
    $pid = intval($pid);
    if (!empty($input['group_id_esc'])) {
        $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'");
    }
    // update thread attachment account
    if (count($input['attachment_id_array']) > 0) {
        update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array'])));
    }
    $post = get_post($pid);
    $parser_options = array();
    $parser_options['allow_html'] = false;
    $parser_options['allow_mycode'] = true;
    $parser_options['allow_smilies'] = false;
    $parser_options['allow_imgcode'] = true;
    $parser_options['allow_videocode'] = true;
    $parser_options['nl2br'] = (bool) $input['return_html'];
    $parser_options['filter_badwords'] = 1;
    if (!$post['username']) {
        $post['username'] = $lang->guest;
    }
    if ($post['userusername']) {
        $parser_options['me_username'] = $post['userusername'];
    } else {
        $parser_options['me_username'] = $post['username'];
    }
    $post['message'] = $parser->parse_message($post['message'], $parser_options);
    $post['subject'] = $parser->parse_badwords($post['subject']);
    $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'state' => new xmlrpcval($state, 'int'), 'post_title' => new xmlrpcval($post['subject'], 'base64'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64')), 'struct');
    return new xmlrpcresp($result);
}
Exemplo n.º 11
0
     $page->output_footer();
     exit;
 }
 if (!empty($tree['results']['result'])) {
     if (array_key_exists("tag", $tree['results']['result'])) {
         $only_theme = $tree['results']['result'];
         unset($tree['results']['result']);
         $tree['results']['result'][0] = $only_theme;
     }
     require_once MYBB_ROOT . '/inc/class_parser.php';
     $post_parser = new postParser();
     foreach ($tree['results']['result'] as $result) {
         $result['thumbnail']['value'] = htmlspecialchars_uni($result['thumbnail']['value']);
         $result['name']['value'] = htmlspecialchars_uni($result['name']['value']);
         $result['description']['value'] = htmlspecialchars_uni($result['description']['value']);
         $result['author']['value'] = $post_parser->parse_message($result['author']['value'], array('allow_html' => true));
         $result['download_url']['value'] = htmlspecialchars_uni(html_entity_decode($result['download_url']['value']));
         $table->construct_cell("<img src=\"http://community.mybb.com/{$result['thumbnail']['value']}\" alt=\"{$lang->theme_thumbnail}\" title=\"{$lang->theme_thumbnail}\"/>", array("class" => "align_center", "width" => 100));
         $table->construct_cell("<strong>{$result['name']['value']}</strong><br /><small>{$result['description']['value']}</small><br /><i><small>{$lang->created_by} {$result['author']['value']}</small></i>");
         $table->construct_cell("<strong><a href=\"http://community.mybb.com/{$result['download_url']['value']}\" target=\"_blank\">{$lang->download}</a></strong>", array("class" => "align_center"));
         $table->construct_row();
     }
 }
 if ($table->num_rows() == 0) {
     $table->construct_cell($lang->error_no_results_found, array("colspan" => 3));
     $table->construct_row();
 }
 $search = new Form("index.php?module=style-themes&amp;action=browse", 'post', 'search_form');
 echo "<div style=\"padding-bottom: 3px; margin-top: -9px; text-align: right;\">";
 if ($mybb->input['keywords']) {
     $default_class = '';
Exemplo n.º 12
0
         if ($stop_forum_spam_checker->is_user_a_spammer('', $mybb->input['email'], get_ip())) {
             $errors[] = $lang->sprintf($lang->error_stop_forum_spam_spammer, $stop_forum_spam_checker->getErrorText(array('stopforumspam_check_emails', 'stopforumspam_check_ips')));
         }
     } catch (Exception $e) {
         if ($mybb->settings['stopforumspam_block_on_error']) {
             $errors[] = $lang->error_stop_forum_spam_fetching;
         }
     }
 }
 if (empty($errors)) {
     if ($mybb->settings['contact_badwords'] == 1) {
         // Load the post parser
         require_once MYBB_ROOT . "inc/class_parser.php";
         $parser = new postParser();
         $parser_options = array('filter_badwords' => 1);
         $mybb->input['subject'] = $parser->parse_message($mybb->input['subject'], $parser_options);
         $mybb->input['message'] = $parser->parse_message($mybb->input['message'], $parser_options);
     }
     $user = $lang->na;
     if ($mybb->user['uid']) {
         $user = $mybb->user['username'] . ' - ' . $mybb->settings['bburl'] . '/' . get_profile_link($mybb->user['uid']);
     }
     $subject = $lang->sprintf($lang->email_contact_subject, $mybb->input['subject']);
     $message = $lang->sprintf($lang->email_contact, $mybb->input['email'], $user, $session->ipaddress, $mybb->input['message']);
     // Email the administrator
     my_mail($contactemail, $subject, $message, $mybb->input['email']);
     $plugins->run_hooks('contact_do_end');
     if ($mybb->settings['mail_logging'] > 0) {
         // Log the message
         $log_entry = array("subject" => $db->escape_string($subject), "message" => $db->escape_string($message), "dateline" => TIME_NOW, "fromuid" => $mybb->user['uid'], "fromemail" => $db->escape_string($mybb->input['email']), "touid" => 0, "toemail" => $db->escape_string($contactemail), "tid" => 0, "ipaddress" => $db->escape_binary($session->packedip), "type" => 3);
         $db->insert_query("maillogs", $log_entry);
Exemplo n.º 13
0
        $upper = $helpcount;
    }
    $multipage = multipage($helpcount['total'], $perpage, $page, "misc.php?action=helpresults&amp;sid='" . htmlspecialchars_uni($mybb->get_input('sid')) . "'");
    $helpdoclist = '';
    require_once MYBB_ROOT . "inc/class_parser.php";
    $parser = new postParser();
    $query = $db->query("\n\t\tSELECT h.*, s.enabled\n\t\tFROM " . TABLE_PREFIX . "helpdocs h\n\t\tLEFT JOIN " . TABLE_PREFIX . "helpsections s ON (s.sid=h.sid)\n\t\tWHERE h.hid IN(" . $db->escape_string($search['querycache']) . ") AND h.enabled='1' AND s.enabled='1'\n\t\tLIMIT {$start}, {$perpage}\n\t");
    while ($helpdoc = $db->fetch_array($query)) {
        $bgcolor = alt_trow();
        if (my_strlen($helpdoc['name']) > 50) {
            $helpdoc['name'] = htmlspecialchars_uni(my_substr($helpdoc['name'], 0, 50) . "...");
        } else {
            $helpdoc['name'] = htmlspecialchars_uni($helpdoc['name']);
        }
        $parser_options = array('allow_html' => 1, 'allow_mycode' => 0, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1);
        $helpdoc['helpdoc'] = strip_tags($parser->parse_message($helpdoc['document'], $parser_options));
        if (my_strlen($helpdoc['helpdoc']) > 350) {
            $prev = my_substr($helpdoc['helpdoc'], 0, 350) . "...";
        } else {
            $prev = $helpdoc['helpdoc'];
        }
        $plugins->run_hooks("misc_helpresults_bit");
        eval("\$helpdoclist .= \"" . $templates->get("misc_helpresults_bit") . "\";");
    }
    if ($db->num_rows($query) == 0) {
        eval("\$helpdoclist = \"" . $templates->get("misc_helpresults_noresults") . "\";");
    }
    $plugins->run_hooks("misc_helpresults_end");
    eval("\$helpresults = \"" . $templates->get("misc_helpresults") . "\";");
    output_page($helpresults);
} elseif ($mybb->input['action'] == "help") {
    $visible = "AND p.visible='1'";
}
$query = $db->query("\r\n    SELECT u.*, u.username AS userusername, p.*\r\n    FROM " . TABLE_PREFIX . "posts p\r\n    LEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n    WHERE p.tid='{$tid}' {$visible}\r\n    ORDER BY p.dateline\r\n\tLIMIT {$start}, {$perpage}\r\n");
while ($postrow = $db->fetch_array($query)) {
    if ($postrow['userusername']) {
        $postrow['username'] = $postrow['userusername'];
    }
    $postrow['subject'] = htmlspecialchars_uni($parser->parse_badwords($postrow['subject']));
    $postrow['date'] = my_date($mybb->settings['dateformat'], $postrow['dateline']);
    $postrow['time'] = my_date($mybb->settings['timeformat'], $postrow['dateline']);
    $postrow['profilelink'] = build_profile_link($postrow['username'], $postrow['uid']);
    $parser_options = array("allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_smilies" => $forum['allowsmilies'], "allow_imgcode" => $forum['allowimgcode'], "allow_videocode" => $forum['allowvideocode'], "me_username" => $postrow['username'], "shorten_urls" => 0, "filter_badwords" => 1);
    if ($postrow['smilieoff'] == 1) {
        $parser_options['allow_smilies'] = 0;
    }
    $postrow['message'] = $parser->parse_message($postrow['message'], $parser_options);
    $plugins->run_hooks("printthread_post");
    eval("\$postrows .= \"" . $templates->get("printthread_post") . "\";");
}
$plugins->run_hooks("printthread_end");
eval("\$printable = \"" . $templates->get("printthread") . "\";");
output_page($printable);
function makeprintablenav($pid = "0", $depth = "--")
{
    global $db, $pforumcache, $fid, $forum, $lang;
    if (!is_array($pforumcache)) {
        $parlist = build_parent_list($fid, "fid", "OR", $forum['parentlist']);
        $query = $db->simple_select("forums", "name, fid, pid", "{$parlist}", array('order_by' => 'pid, disporder'));
        while ($forumnav = $db->fetch_array($query)) {
            $pforumcache[$forumnav['pid']][$forumnav['fid']] = $forumnav;
        }
Exemplo n.º 15
0
 static function parse($message, $me_username)
 {
     global $mybb;
     require_once MYBB_ROOT . 'inc/class_parser.php';
     $parser = new postParser();
     $options = ['allow_mycode' => $mybb->settings['dvz_sb_mycode'], 'allow_smilies' => $mybb->settings['dvz_sb_smilies'], 'allow_imgcode' => 0, 'filter_badwords' => 1, 'me_username' => $me_username];
     return $parser->parse_message($message, $options);
 }
Exemplo n.º 16
0
 if ($forumcache[$post['fid']]) {
     $post['forumlink'] = "<a href=\"" . get_forum_link($post['fid']) . "\">" . $forumcache[$post['fid']]['name'] . "</a>";
 } else {
     $post['forumlink'] = "";
 }
 if (!$post['subject']) {
     $post['subject'] = $post['message'];
 }
 if (my_strlen($post['subject']) > 50) {
     $post['subject'] = htmlspecialchars_uni(my_substr($post['subject'], 0, 50) . "...");
 } else {
     $post['subject'] = htmlspecialchars_uni($post['subject']);
 }
 // What we do here is parse the post using our post parser, then strip the tags from it
 $parser_options = array('allow_html' => 0, 'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1);
 $post['message'] = strip_tags($parser->parse_message($post['message'], $parser_options));
 if (my_strlen($post['message']) > 200) {
     $prev = my_substr($post['message'], 0, 200) . "...";
 } else {
     $prev = $post['message'];
 }
 $posted = my_date($mybb->settings['dateformat'], $post['dateline']) . ", " . my_date($mybb->settings['timeformat'], $post['dateline']);
 $thread_url = get_thread_link($post['tid']);
 $post_url = get_post_link($post['pid'], $post['tid']);
 // Inline post moderation
 $inline_mod_checkbox = '';
 if ($is_supermod || is_moderator($post['fid'])) {
     eval("\$inline_mod_checkbox = \"" . $templates->get("search_results_posts_inlinecheck") . "\";");
 } elseif ($is_mod) {
     eval("\$inline_mod_checkbox = \"" . $templates->get("search_results_posts_nocheck") . "\";");
 }
Exemplo n.º 17
0
 // Fetch subscription select box
 eval("\$subscriptionmethod = \"" . $templates->get("post_subscription_method") . "\";");
 $lang->post_reply_to = $lang->sprintf($lang->post_reply_to, $thread['subject']);
 $lang->reply_to = $lang->sprintf($lang->reply_to, $thread['subject']);
 // Do we have any forum rules to show for this forum?
 $forumrules = '';
 if ($forum['rulestype'] >= 2 && $forum['rules']) {
     if (!$forum['rulestitle']) {
         $forum['rulestitle'] = $lang->sprintf($lang->forum_rules, $forum['name']);
     }
     if (!$parser) {
         require_once MYBB_ROOT . 'inc/class_parser.php';
         $parser = new postParser();
     }
     $rules_parser = array("allow_html" => 1, "allow_mycode" => 1, "allow_smilies" => 1, "allow_imgcode" => 1);
     $forum['rules'] = $parser->parse_message($forum['rules'], $rules_parser);
     $foruminfo = $forum;
     if ($forum['rulestype'] == 3) {
         eval("\$forumrules = \"" . $templates->get("forumdisplay_rules") . "\";");
     } else {
         if ($forum['rulestype'] == 2) {
             eval("\$forumrules = \"" . $templates->get("forumdisplay_rules_link") . "\";");
         }
     }
 }
 $moderation_notice = '';
 if (!is_moderator($forum['fid'], "canapproveunapproveattachs")) {
     if ($forumpermissions['modattachments'] == 1 && $forumpermissions['canpostattachments'] != 0) {
         $moderation_text = $lang->moderation_forum_attachments;
         eval('$moderation_notice = "' . $templates->get('global_moderation_notice') . '";');
     }
Exemplo n.º 18
0
 $calendar = $db->fetch_array($query);
 // Invalid calendar?
 if (!$calendar['cid']) {
     error($lang->invalid_calendar);
 }
 // Do we have permission to view this calendar?
 $calendar_permissions = get_calendar_permissions($calendar['cid']);
 if ($calendar_permissions['canviewcalendar'] != 1 || $calendar_permissions['canmoderateevents'] != 1 && $event['visible'] == 0) {
     error_no_permission();
 }
 $event['name'] = htmlspecialchars_uni($event['name']);
 add_breadcrumb(htmlspecialchars_uni($calendar['name']), get_calendar_link($calendar['cid']));
 add_breadcrumb($event['name'], get_event_link($event['eid']));
 $plugins->run_hooks("calendar_event_start");
 $event_parser_options = array("allow_html" => $calendar['allowhtml'], "allow_mycode" => $calendar['allowmycode'], "allow_smilies" => $calendar['allowsmilies'], "allow_imgcode" => $calendar['allowimgcode'], "allow_videocode" => $calendar['allowvideocode']);
 $event['description'] = $parser->parse_message($event['description'], $event_parser_options);
 // Get the usergroup
 if ($event['username']) {
     if (!$event['displaygroup']) {
         $event['displaygroup'] = $event['usergroup'];
     }
     $user_usergroup = $groupscache[$event['displaygroup']];
 } else {
     $user_usergroup = $groupscache[1];
 }
 if (!is_array($titles_cache)) {
     // Get user titles (i guess we should improve this, maybe in version3.
     $query = $db->simple_select("usertitles", "*", "", array('order_by' => 'posts', 'order_dir' => 'DESC'));
     while ($usertitle = $db->fetch_array($query)) {
         $titles_cache[$usertitle['posts']] = $usertitle;
     }
Exemplo n.º 19
0
function firstpreview_pm()
{
    global $mybb, $db, $charset, $headerinclude, $header;
    $header = '<div class="arrow-down"></div>' . $header;
    // Add jQuery and noConflict for MyBB 1.6.*
    $jquery = '';
    $noconflict = '';
    if ($mybb->version < "1.7.0") {
        $jquery = '<script type="text/javascript">
//<![CDATA[
if (!window.jQuery)
{
document.write(unescape("%3Cscript src=\\"http://code.jquery.com/jquery-latest.min.js\\" type=\\"text/javascript\\"%3E%3C/script%3E"));
}
//]]>
</script>';
        $noconflict = 'jQuery.noConflict();';
    }
    // Background color
    $bg_color = '#aaaaaa';
    if (isset($mybb->settings['firstpreview_bg']) && preg_match('/^#([0-9a-f]{1,6})$/i', $mybb->settings['firstpreview_bg'])) {
        $bg_color = htmlspecialchars_uni($mybb->settings['firstpreview_bg']);
    }
    // Close button
    $close_preview = '#close_preview{display:none;cursor:pointer;background:#000;color:#fff;float:right;font-size:1em;font-weight:bold;text-align:center;width:20px;height:20px;border-radius:5px}';
    if (isset($mybb->settings['firstpreview_close']) && $mybb->settings['firstpreview_close'] == 1) {
        $close_preview = '#close_preview{cursor:pointer;background:#000;color:#fff;float:right;font-size:1em;font-weight:bold;text-align:center;width:20px;height:20px;border-radius:5px}';
    }
    // Insert the code
    $headerinclude .= '
	<!-- start: first_preview_plugin -->
	<style type="text/css">
	.modal_firstpost{text-align:left;border-radius:7px;-moz-border-radius:7px;-webkit-border-radius:7px;border:1px solid ' . $bgcolor . ';display:none;position:absolute;z-index:29000;width:390px;height:180px;overflow:hidden}
	.fpreview{z-index:29001;width:390px;height:180px;overflow:auto;background:' . $bg_color . '}
	.arrow-down{display:none;position:absolute;z-index:28999;width:0;height:0;border-left:20px solid transparent;border-right:20px solid transparent;border-top:20px solid ' . $bg_color . '}
	.prev_content{padding:10px;height:auto;word-wrap:break-word;-webkit-hyphens:auto;-moz-hyphens:auto;-ms-hyphens:auto;-o-hyphens:auto;hyphens:auto;background:none}
	' . $close_preview . '
	</style>
	' . $jquery . '
	<script type="text/javascript">
	//<![CDATA[
	' . $noconflict . '
	<!--
	if(use_xmlhttprequest == 1) {
		jQuery(document).ready(function(e){e(".pmprev").on("touchenter mouseenter",function(){id=e(this).attr("id");pmid=id.replace(/[^\\d.]/g,"");var t=e(this).offset().left;var n=e(this).offset().top-200;showPost=setTimeout(function(){e.ajax({url:"private.php?pmid="+pmid+"&firstpm=1",type:"post",complete:function(t){e(".modal_firstpost").html(t.responseText)}});e(".modal_firstpost").fadeIn("slow");e(".modal_firstpost").css("top",n);e(".modal_firstpost").css("left",t);e(".arrow-down").fadeIn("slow");e(".arrow-down").css("top",n+180);e(".arrow-down").css("left",t+20);},1500)});e(".pmprev").on("mouseleave touchleave touchend",function(){clearTimeout(showPost);});e(".modal_firstpost").on("mouseleave touchmove",function(){e(".modal_firstpost").fadeOut("slow");e(".arrow-down").fadeOut("fast")});e(".modal_firstpost").on("click", "#close_preview", function(){e(".modal_firstpost").fadeOut("slow");e(".arrow-down").fadeOut("fast")})});
	}
	//]]>
	</script>
	<!-- end: first_preview_plugin -->
	';
    // Get the pm preview
    if (isset($mybb->input['firstpm']) && $mybb->input['firstpm'] == 1 && $mybb->request_method == "post") {
        $pmid = (int) $mybb->input['pmid'];
        $query = $db->simple_select('privatemessages', '*', "pmid = '" . $pmid . "'");
        $pm = $db->fetch_array($query);
        // Load the users own messages only
        if ($pm['uid'] != $mybb->user['uid']) {
            return;
        }
        require_once MYBB_ROOT . "inc/class_parser.php";
        $parser = new postParser();
        $pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject']));
        $user = get_user($pm['fromid']);
        $idtype = 'pmid';
        $parser_options['allow_html'] = $mybb->settings['pmsallowhtml'];
        $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode'];
        $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies'];
        $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode'];
        $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode'];
        $parser_options['me_username'] = $user['username'];
        $parser_options['filter_badwords'] = 1;
        $id = $pmid;
        $pm['message'] = $parser->parse_message($pm['message'], $parser_options);
        $pmdate = my_date($mybb->settings['dateformat'], $pm['dateline']);
        $pmtime = my_date($mybb->settings['timeformat'], $pm['dateline']);
        $pmsent = ' (' . $pmdate . ', ' . $pmtime . ')';
        if (isset($mybb->settings['firstpreview_html']) && $mybb->settings['firstpreview_html'] != 1) {
            $pm['message'] = strip_tags($pm['message'], "<br><p><ul><ol><li>");
        }
        if (!empty($mybb->settings['firstpreview_length']) && $mybb->settings['firstpreview_length'] != "0" && my_strlen($pm['message']) > (int) $mybb->settings['firstpreview_length']) {
            $pm['message'] = preg_replace("!<a([^>]+)>!isU", "", $pm['message']);
            $pm['message'] = str_replace("</a>", "", $pm['message']);
            $pm['message'] = my_substr($pm['message'], 0, (int) $mybb->settings['firstpreview_length']) . '...<p><a href="private.php?action=read&amp;pmid=' . (int) $pm['pmid'] . '">more</a></p>';
        }
        $preview = "<div class=\"fpreview\"><span id=\"close_preview\">&#10060;</span>\n\t\t<div class=\"thead\" style=\"text-align:center; font-weight:bold; min-height:20px;\">" . $pm['subject'] . "</div>\n\t\t<div class=\"tcat\" style=\"padding-left:10px;\">" . build_profile_link(format_name(htmlspecialchars_uni($user['username']), (int) $user['usergroup'], (int) $user['displaygroup']), (int) $pm['fromid']) . "<span class=\"smalltext\">" . $pmsent . "</span></div>\n\t\t<div class=\"prev_content\">" . $pm['message'] . "</div>\n\t\t</div>";
        header("Content-type: text/plain; charset={$charset}");
        echo $preview;
        exit;
    }
}
 case "deleteposts":
     add_breadcrumb($lang->nav_deleteposts);
     if (!is_moderator($fid, "candeleteposts")) {
         error_no_permission();
     }
     $posts = "";
     $query = $db->query("\n\t\t\tSELECT p.*, u.*\n\t\t\tFROM " . TABLE_PREFIX . "posts p\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (p.uid=u.uid)\n\t\t\tWHERE tid='{$tid}'\n\t\t\tORDER BY dateline ASC\n\t\t");
     $altbg = "trow1";
     while ($post = $db->fetch_array($query)) {
         $postdate = my_date($mybb->settings['dateformat'], $post['dateline']);
         $posttime = my_date($mybb->settings['timeformat'], $post['dateline']);
         $parser_options = array("allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_smilies" => $forum['allowsmilies'], "allow_imgcode" => $forum['allowimgcode'], "allow_videocode" => $forum['allowvideocode'], "filter_badwords" => 1);
         if ($post['smilieoff'] == 1) {
             $parser_options['allow_smilies'] = 0;
         }
         $message = $parser->parse_message($post['message'], $parser_options);
         eval("\$posts .= \"" . $templates->get("moderation_deleteposts_post") . "\";");
         $altbg = alt_trow();
     }
     $plugins->run_hooks("moderation_deleteposts");
     eval("\$deleteposts = \"" . $templates->get("moderation_deleteposts") . "\";");
     output_page($deleteposts);
     break;
     // Lets delete those selected posts!
 // Lets delete those selected posts!
 case "do_deleteposts":
     // Verify incoming POST request
     verify_post_check($mybb->input['my_post_key']);
     if (!is_moderator($fid, "candeleteposts")) {
         error_no_permission();
     }
 static function parse($message, $me_username)
 {
     global $mybb;
     require_once MYBB_ROOT . 'inc/class_parser.php';
     $parser = new postParser();
     $options = array('allow_mycode' => 0, 'allow_smilies' => $mybb->settings['dvz_sb_smilies'], 'allow_imgcode' => 0, 'filter_badwords' => 1);
     $message = $parser->parse_message($message, $options);
     $message = $parser->mycode_auto_url($message);
     $message = $post = preg_replace('/\\[url](.+?)\\[\\/url\\]/', '<a href="\\1" target="_blank">\\1</a>', $message);
     return $message;
 }
Exemplo n.º 22
0
 /**
  * Verifies the image count.
  *
  * @return boolean True when valid, false when not valid.
  */
 function verify_image_count()
 {
     global $mybb, $db;
     $post =& $this->data;
     // Get the permissions of the user who is making this post or thread
     $permissions = user_permissions($post['uid']);
     // Fetch the forum this post is being made in
     if (!$post['fid']) {
         $query = $db->simple_select('posts', 'fid', "pid = '{$post['pid']}'");
         $post['fid'] = $db->fetch_field($query, 'fid');
     }
     $forum = get_forum($post['fid']);
     // Check if this post contains more images than the forum allows
     if ((!isset($post['savedraft']) || $post['savedraft'] != 1) && $mybb->settings['maxpostimages'] != 0 && $permissions['cancp'] != 1) {
         require_once MYBB_ROOT . "inc/class_parser.php";
         $parser = new postParser();
         // Parse the message.
         $parser_options = array("allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_imgcode" => $forum['allowimgcode'], "allow_videocode" => $forum['allowvideocode'], "filter_badwords" => 1);
         if ($post['options']['disablesmilies'] != 1) {
             $parser_options['allow_smilies'] = $forum['allowsmilies'];
         } else {
             $parser_options['allow_smilies'] = 0;
         }
         $image_check = $parser->parse_message($post['message'], $parser_options);
         // And count the number of image tags in the message.
         $image_count = substr_count($image_check, "<img");
         if ($image_count > $mybb->settings['maxpostimages']) {
             // Throw back a message if over the count with the number of images as well as the maximum number of images per post.
             $this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages']));
             return false;
         }
     }
 }
         $alreadyvoted = 1;
     }
 }
 $optionsarray = explode("||~|~||", $poll['options']);
 $votesarray = explode("||~|~||", $poll['votes']);
 $poll['question'] = htmlspecialchars_uni($poll['question']);
 $polloptions = '';
 $totalvotes = 0;
 for ($i = 1; $i <= $poll['numoptions']; ++$i) {
     $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i - 1];
 }
 // Loop through the poll options.
 for ($i = 1; $i <= $poll['numoptions']; ++$i) {
     // Set up the parser options.
     $parser_options = array("allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_smilies" => $forum['allowsmilies'], "allow_imgcode" => $forum['allowimgcode'], "allow_videocode" => $forum['allowvideocode'], "filter_badwords" => 1);
     $option = $parser->parse_message($optionsarray[$i - 1], $parser_options);
     $votes = $votesarray[$i - 1];
     $totalvotes += $votes;
     $number = $i;
     // Mark the option the user voted for.
     if ($votedfor[$number]) {
         $optionbg = "trow2";
         $votestar = "*";
     } else {
         $optionbg = "trow1";
         $votestar = "";
     }
     // If the user already voted or if the results need to be shown, do so; else show voting screen.
     if ($alreadyvoted || $showresults) {
         if (intval($votes) == "0") {
             $percent = "0";
Exemplo n.º 24
0
function process_short_content($post_text, $parser = null, $length = 200)
{
    global $parser, $mybb;
    require_once MYBB_ROOT . $mybb->settings['tapatalk_directory'] . '/emoji/emoji.class.php';
    $post_text = tapatalkEmoji::covertNameToEmpty($post_text);
    if ($parser === null) {
        require_once MYBB_ROOT . "inc/class_parser.php";
        $parser = new postParser();
    }
    $array_reg = array(array('reg' => '/\\[color=(.*?)\\](.*?)\\[\\/color\\]/sei', 'replace' => "mobi_color_convert('\$1','\$2' ,false)"), array('reg' => '/\\[php\\](.*?)\\[\\/php\\]/si', 'replace' => '[php]'), array('reg' => '/\\[align=(.*?)\\](.*?)\\[\\/align\\]/si', replace => " \$2 "), array('reg' => '/\\[email\\](.*?)\\[\\/email\\]/si', replace => "[url]"), array('reg' => '/\\[quote(.*?)\\](.*?)\\[\\/quote\\]/si', 'replace' => '[quote]'), array('reg' => '/\\[code\\](.*?)\\[\\/code\\]/si', 'replace' => ''), array('reg' => '/\\[url=(.*?)\\](.*?)\\[\\/url\\]/sei', 'replace' => "mobi_url_convert('\$1','\$2')"), array('reg' => '/\\[img(.*?)\\](.*?)\\[\\/img\\]/si', 'replace' => '[img]'), array('reg' => '/\\[video=(.*?)\\](.*?)\\[\\/video\\]/si', 'replace' => '[V]'), array('reg' => '/\\[attachment=(.*?)\\]/si', 'replace' => '[attach]'));
    foreach ($array_reg as $arr) {
        $post_text = preg_replace($arr['reg'], $arr['replace'], $post_text);
    }
    //$post_text = tt_covert_list($post_text, '/\[list=1\](.*?)\[\/list\]/si', '2');
    //$post_text = tt_covert_list($post_text, '/\[list\](.*?)\[\/list\]/si', '1');
    $parser_options = array('allow_html' => 0, 'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1);
    $post_text = strip_tags($parser->parse_message($post_text, $parser_options));
    $post_text = preg_replace('/\\s+/', ' ', $post_text);
    $post_text = html_entity_decode($post_text);
    if (my_strlen($post_text) > $length) {
        $post_text = my_substr(trim($post_text), 0, $length);
    }
    return $post_text;
}
Exemplo n.º 25
0
        }
        $message['subject'] = $parser->parse_badwords($message['subject']);
        if (my_strlen($message['subject']) > 50) {
            $message['subject'] = htmlspecialchars_uni(my_substr($message['subject'], 0, 50) . "...");
        } else {
            $message['subject'] = htmlspecialchars_uni($message['subject']);
        }
        if ($message['folder'] != "3") {
            $senddate = my_date('relative', $message['dateline']);
        } else {
            $senddate = $lang->not_sent;
        }
        $foldername = $foldernames[$message['folder']];
        // What we do here is parse the post using our post parser, then strip the tags from it
        $parser_options = array('allow_html' => 0, 'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1);
        $message['message'] = strip_tags($parser->parse_message($message['message'], $parser_options));
        if (my_strlen($message['message']) > 200) {
            $message['message'] = my_substr($message['message'], 0, 200) . "...";
        }
        eval("\$messagelist .= \"" . $templates->get("private_search_messagebit") . "\";");
    }
    if ($db->num_rows($query) == 0) {
        eval("\$messagelist = \"" . $templates->get("private_search_results_nomessages") . "\";");
    }
    $plugins->run_hooks("private_results_end");
    eval("\$results = \"" . $templates->get("private_search_results") . "\";");
    output_page($results);
}
if ($mybb->input['action'] == "advanced_search") {
    $plugins->run_hooks("private_advanced_search");
    eval("\$advanced_search = \"" . $templates->get("private_advanced_search") . "\";");
Exemplo n.º 26
0
    error_no_permission();
}
if (!$mybb->user['pmfolders']) {
    $mybb->user['pmfolders'] = "1**" . $lang->folder_inbox . "\$%%\$2**" . $lang->folder_sent_items . "\$%%\$3**" . $lang->folder_drafts . "\$%%\$4**" . $lang->folder_trash;
    $db->update_query("users", array('pmfolders' => $mybb->user['pmfolders']), "uid='" . $mybb->user['uid'] . "'");
}
$errors = '';
$mybb->input['action'] = $mybb->get_input('action');
usercp_menu();
$plugins->run_hooks("usercp_start");
if ($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") {
    $parser_options = array('allow_html' => $mybb->settings['sightml'], 'filter_badwords' => 1, 'allow_mycode' => $mybb->settings['sigmycode'], 'allow_smilies' => $mybb->settings['sigsmilies'], 'allow_imgcode' => $mybb->settings['sigimgcode'], "filter_badwords" => 1);
    if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0) {
        $parser_options['allow_imgcode'] = 0;
    }
    $parsed_sig = $parser->parse_message($mybb->get_input('signature'), $parser_options);
    if ($mybb->settings['sigimgcode'] == 0 && $mybb->settings['sigsmilies'] != 1 && substr_count($parsed_sig, "<img") > 0 || ($mybb->settings['sigimgcode'] == 1 || $mybb->settings['sigsmilies'] == 1) && substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages']) {
        if ($mybb->settings['sigimgcode'] == 1) {
            $imgsallowed = $mybb->settings['maxsigimages'];
        } else {
            $imgsallowed = 0;
        }
        $lang->too_many_sig_images2 = $lang->sprintf($lang->too_many_sig_images2, $imgsallowed);
        $error = inline_error($lang->too_many_sig_images . " " . $lang->too_many_sig_images2);
        $mybb->input['preview'] = 1;
    } else {
        if ($mybb->settings['siglength'] > 0) {
            if ($mybb->settings['sigcountmycode'] == 0) {
                $parsed_sig = $parser->text_parse_message($mybb->get_input('signature'));
            } else {
                $parsed_sig = $mybb->get_input('signature');
function akismet_admin()
{
    global $mybb, $db, $page, $lang;
    if ($page->active_action != "akismet") {
        return;
    }
    $page->add_breadcrumb_item($lang->akismet);
    if ($mybb->input['delete_all'] && $mybb->request_method == "post") {
        // User clicked no
        if ($mybb->input['no']) {
            admin_redirect("index.php?module=forum-akismet");
        }
        if ($mybb->request_method == "post") {
            // Delete the template
            $db->delete_query("posts", "visible = '-4'");
            // Log admin action
            log_admin_action();
            flash_message($lang->success_deleted_spam, 'success');
            admin_redirect("index.php?module=forum-akismet");
        } else {
            $page->output_confirm_action("index.php?module=forum-akismet&amp;delete_all=1", $lang->confirm_spam_deletion);
        }
    }
    if ($mybb->input['unmark'] && $mybb->request_method == "post") {
        $unmark = $mybb->input['akismet'];
        if (empty($unmark)) {
            flash_message($lang->error_unmark, 'error');
            admin_redirect("index.php?module=forum-akismet");
        }
        $posts_in = '';
        $comma = '';
        foreach ($unmark as $key => $val) {
            $posts_in .= $comma . intval($key);
            $comma = ',';
        }
        $query = $db->simple_select("posts", "pid, tid", "pid IN ({$posts_in}) AND replyto = '0'");
        while ($post = $db->fetch_array($query)) {
            $threadp[] = $post['tid'];
        }
        if (!is_array($threadp)) {
            $threadp = array();
        }
        $thread_list = implode(',', $threadp);
        $query = $db->query("\r\n\t\t\tSELECT p.tid, f.usepostcounts, p.uid, p.fid, p.dateline, p.replyto, t.lastpost, t.lastposter, t.lastposteruid, t.subject\r\n\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid=p.fid)\r\n\t\t\tWHERE p.pid IN ({$posts_in}) AND p.visible = '-4'\r\n\t\t");
        while ($post = $db->fetch_array($query)) {
            // Fetch the last post for this forum
            $query2 = $db->query("\r\n\t\t\t\tSELECT tid, lastpost, lastposter, lastposteruid, subject\r\n\t\t\t\tFROM " . TABLE_PREFIX . "threads\r\n\t\t\t\tWHERE fid='{$post['fid']}' AND visible='1' AND closed NOT LIKE 'moved|%'\r\n\t\t\t\tORDER BY lastpost DESC\r\n\t\t\t\tLIMIT 0, 1\r\n\t\t\t");
            $lastpost = $db->fetch_array($query2);
            if ($post['lastpost'] > $lastpost['lastpost']) {
                $lastpost['lastpost'] = $post['lastpost'];
                $lastpost['lastposter'] = $post['lastposter'];
                $lastpost['lastposteruid'] = $post['lastposteruid'];
                $lastpost['subject'] = $post['subject'];
                $lastpost['tid'] = $post['tid'];
            }
            $update_count = array("lastpost" => intval($lastpost['lastpost']), "lastposter" => $db->escape_string($lastpost['lastposter']), "lastposteruid" => intval($lastpost['lastposteruid']), "lastposttid" => intval($lastpost['tid']), "lastpostsubject" => $db->escape_string($lastpost['subject']));
            $db->update_query("forums", $update_count, "fid='{$post['fid']}'");
            $query2 = $db->query("\r\n\t\t\t\tSELECT u.uid, u.username, p.username AS postusername, p.dateline\r\n\t\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n\t\t\t\tWHERE p.tid='{$post['tid']}' AND p.visible='1' OR p.pid = '{$post['pid']}'\r\n\t\t\t\tORDER BY p.dateline DESC\r\n\t\t\t\tLIMIT 1");
            $lastpost = $db->fetch_array($query2);
            $query2 = $db->query("\r\n\t\t\t\tSELECT u.uid, u.username, p.username AS postusername, p.dateline\r\n\t\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n\t\t\t\tWHERE p.tid='{$post['tid']}'\r\n\t\t\t\tORDER BY p.dateline ASC\r\n\t\t\t\tLIMIT 0,1\r\n\t\t\t");
            $firstpost = $db->fetch_array($query2);
            if (!$firstpost['username']) {
                $firstpost['username'] = $firstpost['postusername'];
            }
            if (!$lastpost['username']) {
                $lastpost['username'] = $lastpost['postusername'];
            }
            if (!$lastpost['dateline']) {
                $lastpost['username'] = $firstpost['username'];
                $lastpost['uid'] = $firstpost['uid'];
                $lastpost['dateline'] = $firstpost['dateline'];
            }
            $lastpost['username'] = $db->escape_string($lastpost['username']);
            $firstpost['username'] = $db->escape_string($firstpost['username']);
            $query2 = $db->simple_select("users", "akismetstopped", "uid='{$post['uid']}'");
            $akismetstopped = $db->fetch_field($query2, "akismetstopped") - 1;
            if ($akismetstopped < 0) {
                $akismetstopped = 0;
            }
            $db->update_query("users", array('akismetstopped' => $akismetstopped), "uid='{$post['uid']}'");
            $update_array = array('username' => $firstpost['username'], 'uid' => intval($firstpost['uid']), 'lastpost' => intval($lastpost['dateline']), 'lastposter' => $lastpost['username'], 'lastposteruid' => intval($lastpost['uid']));
            $db->update_query("threads", $update_array, "tid='{$post['tid']}'");
            if ($post['usepostcounts'] != 0) {
                $db->write_query("UPDATE " . TABLE_PREFIX . "users SET postnum=postnum+1 WHERE uid = '{$post['uid']}'");
            }
            $newthreads = $newreplies = 0;
            if ($post['replyto'] == 0) {
                ++$newthreads;
            } else {
                ++$newreplies;
            }
            update_thread_counters($post['tid'], array('replies' => '+' . $newreplies));
            update_forum_counters($post['fid'], array('threads' => '+' . $newthreads, 'posts' => '+1'));
        }
        $approve = array("visible" => 1);
        if ($thread_list) {
            $db->update_query("threads", $approve, "tid IN ({$thread_list})");
        }
        $db->update_query("posts", $approve, "pid IN ({$posts_in})");
        // Log admin action
        log_admin_action();
        flash_message($lang->success_unmarked, 'success');
        admin_redirect("index.php?module=forum-akismet");
    }
    if ($mybb->input['delete'] && $mybb->request_method == "post") {
        $deletepost = $mybb->input['akismet'];
        if (empty($deletepost)) {
            flash_message($lang->error_deletepost, 'error');
            admin_redirect("index.php?module=forum-akismet");
        }
        $posts_in = '';
        $comma = '';
        foreach ($deletepost as $key => $val) {
            $posts_in .= $comma . intval($key);
            $comma = ',';
        }
        $query = $db->simple_select("posts", "pid, tid", "pid IN ({$posts_in}) AND replyto = '0'");
        while ($post = $db->fetch_array($query)) {
            $threadp[$post['pid']] = $post['tid'];
        }
        if (!is_array($threadp)) {
            $threadp = array();
        }
        require_once MYBB_ROOT . "inc/functions_upload.php";
        foreach ($deletepost as $pid => $val) {
            if (array_key_exists($pid, $threadp)) {
                $db->delete_query("posts", "pid IN ({$posts_in})");
                $db->delete_query("attachments", "pid IN ({$posts_in})");
                // Get thread info
                $query = $db->simple_select("threads", "poll", "tid='" . $threadp[$pid] . "'");
                $poll = $db->fetch_field($query, 'poll');
                // Delete threads, redirects, favorites, polls, and poll votes
                $db->delete_query("threads", "tid='" . $threadp[$pid] . "'");
                $db->delete_query("threads", "closed='moved|" . $threadp[$pid] . "'");
                $db->delete_query("threadsubscriptions", "tid='" . $threadp[$pid] . "'");
                $db->delete_query("polls", "tid='" . $threadp[$pid] . "'");
                $db->delete_query("pollvotes", "pid='{$poll}'");
            }
            // Remove attachments
            remove_attachments($pid);
            // Delete the post
            $db->delete_query("posts", "pid='{$pid}'");
        }
        // Log admin action
        log_admin_action();
        flash_message($lang->success_spam_deleted, 'success');
        admin_redirect("index.php?module=forum-akismet");
    }
    if (!$mybb->input['action']) {
        require MYBB_ROOT . "inc/class_parser.php";
        $parser = new postParser();
        $page->output_header($lang->akismet);
        $form = new Form("index.php?module=forum-akismet", "post");
        $table = new Table();
        $table->construct_header($form->generate_check_box("checkall", 1, '', array('class' => 'checkall')), array('width' => '5%'));
        $table->construct_header("Title / Username / Post", array('class' => 'align_center'));
        $mybb->input['page'] = intval($mybb->input['page']);
        if ($mybb->input['page'] > 0) {
            $start = $mybb->input['page'] * 20;
        } else {
            $start = 0;
        }
        $query = $db->simple_select("posts", "COUNT(pid) as spam", "visible = '-4'");
        $total_rows = $db->fetch_field($query, 'spam');
        if ($start > $total_rows) {
            $start = $total_rows - 20;
        }
        if ($start < 0) {
            $start = 0;
        }
        $query = $db->simple_select("posts", "*", "visible = '-4'", array('limit_start' => $start, 'limit' => '20', 'order_by' => 'dateline', 'order_dir' => 'desc'));
        while ($post = $db->fetch_array($query)) {
            if ($post['uid'] != 0) {
                $username = "******"../" . str_replace("{uid}", $post['uid'], PROFILE_URL) . "\" target=\"_blank\">" . format_name($post['username'], $post['usergroup'], $post['displaygroup']) . "</a>";
            } else {
                $username = $post['username'];
            }
            $table->construct_cell($form->generate_check_box("akismet[{$post['pid']}]", 1, ''));
            $table->construct_cell("<span style=\"float: right;\">{$lang->username} {$username}</span> <span style=\"float: left;\">{$lang->title}: " . htmlspecialchars_uni($post['subject']) . " <strong>(" . my_date($mybb->settings['dateformat'], $post['dateline']) . ", " . my_date($mybb->settings['timeformat'], $post['dateline']) . ")</strong></span>");
            $table->construct_row();
            $parser_options = array("allow_html" => 0, "allow_mycode" => 0, "allow_smilies" => 0, "allow_imgcode" => 0, "me_username" => $post['username'], "filter_badwords" => 1);
            $post['message'] = $parser->parse_message($post['message'], $parser_options);
            $table->construct_cell($post['message'], array("colspan" => 2));
            $table->construct_row();
        }
        $num_rows = $table->num_rows();
        if ($num_rows == 0) {
            $table->construct_cell($lang->no_spam_found, array("class" => "align_center", "colspan" => 2));
            $table->construct_row();
        }
        $table->output($lang->detected_spam_messages);
        echo "<br />" . draw_admin_pagination($mybb->input['page'], 20, $total_rows, "index.php?module=forum-akismet&amp;page={page}");
        $buttons[] = $form->generate_submit_button($lang->unmark_selected, array('name' => 'unmark'));
        $buttons[] = $form->generate_submit_button($lang->deleted_selected, array('name' => 'delete'));
        if ($num_rows > 0) {
            $buttons[] = $form->generate_submit_button($lang->delete_all, array('name' => 'delete_all', 'onclick' => "return confirm('{$lang->confirm_spam_deletion}');"));
        }
        $form->output_submit_wrapper($buttons);
        $form->end();
        $page->output_footer();
    }
    exit;
}
Exemplo n.º 28
0
                $thread_link = $lang->sprintf($lang->postrep_given_thread, $thread_link, $subject);
                $link = get_post_link($reputation_vote['pid']) . "#pid{$reputation_vote['pid']}";
                $postrep_given = $lang->sprintf($lang->postrep_given, $link, $user['username'], $thread_link);
            }
        }
        // Does the current user have permission to delete this reputation? Show delete link
        $delete_link = '';
        if ($mybb->usergroup['issupermod'] == 1 || $mybb->usergroup['candeletereputations'] == 1 && $reputation_vote['adduid'] == $mybb->user['uid'] && $mybb->user['uid'] != 0) {
            eval("\$delete_link = \"" . $templates->get("reputation_vote_delete") . "\";");
        }
        $report_link = '';
        if ($mybb->user['uid'] != 0) {
            eval("\$report_link = \"" . $templates->get("reputation_vote_report") . "\";");
        }
        // Parse smilies in the reputation vote
        $reputation_parser = array("allow_html" => 0, "allow_mycode" => 0, "allow_smilies" => 1, "allow_imgcode" => 0, "filter_badwords" => 1);
        $reputation_vote['comments'] = $parser->parse_message($reputation_vote['comments'], $reputation_parser);
        if ($reputation_vote['comments'] == '') {
            $reputation_vote['comments'] = $lang->no_comment;
        }
        $plugins->run_hooks("reputation_vote");
        eval("\$reputation_votes .= \"" . $templates->get("reputation_vote") . "\";");
    }
    // If we don't have any reputations display a nice message.
    if (!$reputation_votes) {
        eval("\$reputation_votes = \"" . $templates->get("reputation_no_votes") . "\";");
    }
    $plugins->run_hooks("reputation_end");
    eval("\$reputation = \"" . $templates->get("reputation") . "\";");
    output_page($reputation);
}
Exemplo n.º 29
0
         }
     }
 }
 require_once MYBB_ROOT . "inc/class_parser.php";
 $parser = new postParser();
 $parser_options = array("allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_smilies" => $forum['allowsmilies'], "allow_imgcode" => $forum['allowimgcode'], "allow_videocode" => $forum['allowvideocode'], "me_username" => $post['username'], "filter_badwords" => 1);
 if ($post['smilieoff'] == 1) {
     $parser_options['allow_smilies'] = 0;
 }
 if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) {
     $parser_options['allow_imgcode'] = 0;
 }
 if ($mybb->user['showvideos'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0) {
     $parser_options['allow_videocode'] = 0;
 }
 $post['message'] = $parser->parse_message($message, $parser_options);
 // Now lets fetch all of the attachments for these posts.
 if ($mybb->settings['enableattachments'] != 0) {
     $query = $db->simple_select("attachments", "*", "pid='{$post['pid']}'");
     while ($attachment = $db->fetch_array($query)) {
         $attachcache[$attachment['pid']][$attachment['aid']] = $attachment;
     }
     require_once MYBB_ROOT . "inc/functions_post.php";
     get_post_attachments($post['pid'], $post);
 }
 // Figure out if we need to show an "edited by" message
 // Only show if at least one of "showeditedby" or "showeditedbyadmin" is enabled
 if ($mybb->settings['showeditedby'] != 0 && $mybb->settings['showeditedbyadmin'] != 0) {
     $post['editdate'] = my_date('relative', TIME_NOW);
     $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate']);
     $post['editedprofilelink'] = build_profile_link($mybb->user['username'], $mybb->user['uid']);
Exemplo n.º 30
0
function asb_rand_quote_get_quote($settings, $width)
{
    global $db, $mybb, $templates, $lang, $theme;
    if (!$lang->asb_addon) {
        $lang->load('asb_addon');
    }
    // get forums user cannot view
    $unviewable = get_unviewable_forums(true);
    if ($unviewable) {
        $unviewwhere = " AND p.fid NOT IN ({$unviewable})";
    }
    // get inactive forums
    $inactive = get_inactive_forums();
    if ($inactive) {
        $inactivewhere = " AND p.fid NOT IN ({$inactive})";
    }
    if ($settings['important_threads_only']) {
        $important_threads = ' AND NOT t.sticky=0';
    }
    // build the exclude conditions
    $show['fids'] = asb_build_id_list($settings['forum_show_list'], 'p.fid');
    $show['tids'] = asb_build_id_list($settings['thread_show_list'], 'p.tid');
    $hide['fids'] = asb_build_id_list($settings['forum_hide_list'], 'p.fid');
    $hide['tids'] = asb_build_id_list($settings['thread_hide_list'], 'p.tid');
    $where['show'] = asb_build_SQL_where($show, ' OR ');
    $where['hide'] = asb_build_SQL_where($hide, ' OR ', ' NOT ');
    $query_where = $important_threads . $unviewwhere . $inactivewhere . asb_build_SQL_where($where, ' AND ', ' AND ');
    $post_query = $db->query("\n\t\tSELECT\n\t\t\tp.pid, p.message, p.fid, p.tid, p.subject, p.uid,\n\t\t\tu.username, u.usergroup, u.displaygroup, u.avatar,\n\t\t\tt.sticky\n\t\tFROM {$db->table_prefix}posts p\n\t\tLEFT JOIN {$db->table_prefix}users u ON (u.uid=p.uid)\n\t\tLEFT JOIN {$db->table_prefix}threads t ON (t.tid=p.tid)\n\t\tWHERE\n\t\t\tp.visible='1'{$query_where}\n\t\tORDER BY\n\t\t\tRAND()\n\t\tLIMIT 1;");
    // if there was 1 . . .
    if ($db->num_rows($post_query) == 0) {
        return false;
    }
    $rand_post = $db->fetch_array($post_query);
    // build a post parser
    require_once MYBB_ROOT . 'inc/class_parser.php';
    $parser = new postParser();
    // we just need the text and smilies (we'll parse them after we check length)
    $pattern = "|[[\\/\\!]*?[^\\[\\]]*?]|si";
    $new_message = asb_strip_url(preg_replace($pattern, '$1', $rand_post['message']));
    // get some dimensions that make sense in relation to column width
    $asb_width = (int) $width;
    $asb_inner_size = $asb_width * 0.83;
    $avatar_size = (int) ($asb_inner_size / 5);
    $font_size = $asb_width / 4.5;
    $font_size = max(10, min(16, $font_size));
    $username_font_size = (int) ($font_size * 0.9);
    $title_font_size = (int) ($font_size * 0.65);
    $message_font_size = (int) $font_size;
    if (strlen($new_message) < $settings['min_length']) {
        if ($settings['default_text']) {
            $new_message = $settings['default_text'];
        } else {
            // nothing to show
            return false;
        }
    }
    if ($settings['max_length'] && strlen($new_message) > $settings['max_length']) {
        $new_message = substr($new_message, 0, $settings['max_length']) . ' . . .';
    }
    // set up the user name link so that it displays correctly for the display group of the user
    $plain_text_username = htmlspecialchars_uni($rand_post['username']);
    $username = format_name($plain_text_username, $rand_post['usergroup'], $rand_post['displaygroup']);
    $author_link = get_profile_link($rand_post['uid']);
    $post_link = get_post_link($rand_post['pid'], $rand_post['tid']) . '#pid' . $rand_post['pid'];
    $thread_link = get_thread_link($rand_post['tid']);
    // allow smilies, but kill
    $parser_options = array("allow_smilies" => 1);
    $new_message = str_replace(array('<br />', '/me'), array('', " * {$plain_text_username}"), $parser->parse_message($new_message . ' ', $parser_options));
    // if the user has an avatar then display it, otherwise force the default avatar.
    $avatar_filename = "{$theme['imgdir']}/default_avatar.gif";
    if ($rand_post['avatar'] != '') {
        $avatar_filename = $rand_post['avatar'];
    }
    $avatar_alt = $lang->sprintf($lang->asb_random_quote_users_profile, $plain_text_username);
    eval("\$read_more = \"" . $templates->get('asb_rand_quote_read_more') . "\";");
    if (my_strlen($rand_post['subject']) > 40) {
        $rand_post['subject'] = my_substr($rand_post['subject'], 0, 40) . ' . . .';
    }
    if (substr(strtolower($rand_post['subject']), 0, 3) == 're:') {
        $rand_post['subject'] = substr($rand_post['subject'], 3);
    }
    $rand_post['subject'] = htmlspecialchars_uni($parser->parse_badwords($rand_post['subject']));
    $thread_title_link = <<<EOF
<strong><a href="{$thread_link}" title="{$lang->asb_random_quotes_read_more_threadlink_title}"><span style="font-size: {$title_font_size}px;">{$rand_post['subject']}</span></a></strong>
EOF;
    // eval() the template
    eval("\$this_quote = \"" . $templates->get("asb_rand_quote_sidebox") . "\";");
    return $this_quote;
}