function do_logout() { $vbulletin = vB::get_registry(); $userinfo = vB_Api::instance('user')->fetchUserInfo(); $cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('fr_username' => vB_Cleaner::TYPE_STR)); if ($userinfo['userid'] < 1) { return json_error(ERR_NO_PERMISSION); } $tableinfo = $vbulletin->db->query_first("\n\t\tSHOW TABLES LIKE '" . TABLE_PREFIX . "forumrunner_push_users'\n\t\t"); if ($tableinfo) { $vbulletin->db->query_write("\n\t\t\tDELETE FROM " . TABLE_PREFIX . "forumrunner_push_users\n\t\t\tWHERE fr_username = '******'fr_username']) . "' AND vb_userid = {$userinfo['userid']}\n\t\t\t"); } vB_User::processLogout(); // // Properly set cookies on logout // $login = array(); $session = vB::getCurrentSession(); $login['sessionhash'] = $session->get('sessionhash'); $login['password'] = $session->get('password'); $login['cpsession'] = $session->get('cpsession'); $login['userid'] = $session->get('userid'); vB5_Cookie::set('cpsession', $login['cpsession'], 30); vB5_Cookie::set('sessionhash', $login['sessionhash'], 30); vB5_Cookie::set('password', $login['password'], 30); vB5_Cookie::set('userid', $login['userid'], 30); return array('success' => true, 'requires_authentication' => requires_authentication()); }
/** * Constructor * * @param vBulletin database Instance */ function vB_UserChangeLog(&$registry) { // the db object need for the execute and for the escape string if (is_object($registry)) { $this->registry =& $registry; } else { $this->registry =& vB::get_registry(); } $this->assertor =& vB::getDbAssertor(); }
function do_remove_fr_user() { $vbulletin = vB::get_registry(); $userinfo = vB_Api::instance('user')->fetchUserInfo(); $cleaned = vB::getCleaner()->cleanArray($_REQUEST, array('fr_username' => vB_Cleaner::TYPE_STR)); if (!$cleaned['fr_username'] || !$userinfo['userid']) { return json_error(ERR_NO_PERMISSION); } $tableinfo = $vbulletin->db->query_first("\n\t\tSHOW TABLES LIKE '" . TABLE_PREFIX . "forumrunner_push_users'\n\t\t"); if ($tableinfo) { $vbulletin->db->query_write("\n\t\t\tDELETE FROM " . TABLE_PREFIX . "forumrunner_push_users\n\t\t\tWHERE fr_username = '******'fr_username']) . "' AND vb_userid = {$userinfo['userid']}\n\t\t\t"); } return true; }
/** * Update user's display group * * @param $userid User ID * @param $usergroupid Usergroup ID to be used as display group * @return void */ public function updateDisplayGroup($userid, $usergroupid) { $userinfo = vB_Api::instanceInternal('user')->fetchUserinfo($userid); $membergroups = fetch_membergroupids_array($userinfo); $permissions = $userinfo['permissions']; $vbulletin = vB::get_registry(); $bf_ugp_genericpermissions = vB::getDatastore()->get_value('bf_ugp_genericpermissions'); if ($usergroupid == 0) { throw new vB_Exception_Api('invalidid', array('usergroupid')); } if (!in_array($usergroupid, $membergroups)) { throw new vB_Exception_Api('notmemberofdisplaygroup'); } else { $display_usergroup = $vbulletin->usergroupcache["{$usergroupid}"]; //I'm not sure why we require canoverride to set the display group... this is *not* required //by the the admincp user interface which uses a different method of saving. if ($usergroupid == $userinfo['usergroupid'] or $display_usergroup['canoverride']) { $userinfo['displaygroupid'] = $usergroupid; // init user data manager $userdata = new vB_Datamanager_User(vB_DataManager_Constants::ERRTYPE_ARRAY_UNPROCESSED); $userdata->set_existing($userinfo); $userdata->set('displaygroupid', $usergroupid); if (!$userinfo['customtitle']) { $userdata->set_usertitle($userinfo['customtitle'] ? $userinfo['usertitle'] : '', false, $display_usergroup, $permissions['genericpermissions'] & $bf_ugp_genericpermissions['canusecustomtitle'] ? true : false, $permissions['genericpermissions'] & $bf_ugp_genericpermissions['cancontrolpanel'] ? true : false); } $userdata->save(); } else { throw new vB_Exception_Api('usergroup_invaliddisplaygroup'); } } }
function getHVToken() { require_once DIR . '/includes/class_humanverify.php'; $verify =& vB_HumanVerify::fetch_library(vB::get_registry()); $token = $verify->generate_token(); $ret = array('input' => $token['answer'], 'hash' => $token['hash']); return $ret; }
} $ids .= (!empty($ids) ? ',' : '') . $infractioninfo['orusergroupid']; $groupids["{$usergroupid}"]["{$points}"]['ids'] = $ids; $groupids["{$usergroupid}"]["{$points}"]['id'] = $infractiongroupid; } } unset($infractiongroupid, $infractiongroupids, $ids); } foreach ($primaryupdates as $joinusergroupid => $ids) { vB::getDbAssertor()->assertQuery('updateUserInfractions', array('joinusergroupid' => $joinusergroupid, 'pointlevel' => empty($groupids[$joinusergroupid]) ? array() : $groupids[$joinusergroupid], 'ids' => $ids)); $log = array($titles["{$joinusergroupid}"], '*', $primarynames["{$joinusergroupid}"]); // the "1" indicates to use the second line of the phrase specified for this task log_cron_action(serialize($log), $nextitem, 1); } unset($groupids); $vbulletin =& vB::get_registry(); foreach ($userupdates as $userid => $info) { $userdm = new vB_Datamanager_User($vbulletin, vB_DataManager_Constants::ERRTYPE_SILENT); $user = array('userid' => $userid); $userdm->set_existing($user); if ($info['title']) { $userdm->set('usertitle', $info['title']); } if ($info['rank']) { $userdm->setr('rank', $info['rank']); } $userdm->save(); unset($userdm); } foreach ($secondaryupdates as $joinusergroupid => $ids) { if ($ids) {
function exec_digest($type = 2) { // type = 2 : daily // type = 3 : weekly $lastdate = mktime(0, 0); // midnight today if ($type == 2) { // daily // yesterday midnight $lastdate -= 24 * 60 * 60; } else { // weekly // last week midnight $lastdate -= 7 * 24 * 60 * 60; } if (trim(vB::getDatastore()->getOption('globalignore')) != '') { $coventry = preg_split('#\\s+#s', vB::getDatastore()->getOption('globalignore'), -1, PREG_SPLIT_NO_EMPTY); } else { $coventry = array(); } require_once DIR . '/includes/class_bbcode_alt.php'; $vbulletin =& vB::get_registry(); $plaintext_parser = new vB_BbCodeParser_PlainText($vbulletin, fetch_tag_list()); vB_Mail::vbmailStart(); $bf_misc_useroptions = vB::get_datastore()->get_value('bf_misc_useroptions'); $bf_ugp_genericoptions = vB::get_datastore()->get_value('bf_ugp_genericoptions'); $bf_ugp_forumpermissions = vB::get_datastore()->get_value('bf_ugp_forumpermissions'); // we want to fetch all language records at once and using cache if possible $defaultLanguage = false; $languageIds = array(); // get new threads (Topic Subscription) $threads = vB::getDbAssertor()->getRows('getNewThreads', array('dstonoff' => $bf_misc_useroptions['dstonoff'], 'hasaccessmask' => $bf_misc_useroptions['hasaccessmask'], 'isnotbannedgroup' => $bf_ugp_genericoptions['isnotbannedgroup'], 'lastdate' => intval($lastdate))); // grab all forums / subforums for given subscription (Channel Subscription) $forums = vB::getDbAssertor()->assertQuery('getNewForums', array('dstonoff' => $bf_misc_useroptions['dstonoff'], 'hasaccessmask' => $bf_misc_useroptions['hasaccessmask'], 'type' => intval($type), 'lastdate' => intval($lastdate), 'channelcontenttype' => vB_Api::instanceInternal('contenttype')->fetchContentTypeIdFromClass('Channel'), 'isnotbannedgroup' => $bf_ugp_genericoptions['isnotbannedgroup'])); // Let's see which languageids we wanna fetch foreach ($threads as $thread) { if ($thread['languageid'] == 0) { if (!$defaultLanguage) { $defaultLanguage = intval(vB::getDatastore()->getOption('languageid')); $languageIds[] = $defaultLanguage; } } else { $languageIds[] = $thread['languageid']; } } foreach ($forums as $forum) { if ($forum['languageid'] == 0) { if (!$defaultLanguage) { $defaultLanguage = intval(vB::getDatastore()->getOption('languageid')); $languageIds[] = $defaultLanguage; } } else { $languageIds[] = $forum['languageid']; } } // fetch languages $languages = vB_Library::instance('language')->fetchLanguages($languageIds); // process threads foreach ($threads as $thread) { $postbits = ''; // Make sure user have correct email notification settings. if ($thread['emailnotification'] != $type) { continue; } if ($thread['lastauthorid'] != $thread['userid'] and in_array($thread['lastauthorid'], $coventry)) { continue; } $usercontext = vB::getUserContext($thread['userid']); if (!$usercontext->getChannelPermission('forumpermissions', 'canview', $thread['nodeid']) or !$usercontext->getChannelPermission('forumpermissions', 'canviewthreads', $thread['nodeid']) or $thread['lastauthorid'] != $thread['userid'] and !$usercontext->getChannelPermission('forumpermissions', 'canviewothers', $thread['nodeid'])) { continue; } $langInfo =& $languages[$thread['languageid']]; $userinfo = array('lang_locale' => $langInfo['locale'], 'dstonoff' => $thread['dstonoff'], 'timezoneoffset' => $thread['timezoneoffset']); $thread['lastreplydate'] = vbdate($langInfo['dateoverride'] ? $langInfo['dateoverride'] : vB::getDatastore()->getOption('dateformat'), $thread['lastcontent'], false, true, true, false, $userinfo); $thread['lastreplytime'] = vbdate($langInfo['timeoverride'] ? $langInfo['timeoverride'] : vB::getDatastore()->getOption('timeformat'), $thread['lastcontent'], false, true, true, false, $userinfo); $thread['htmltitle'] = unhtmlspecialchars($thread['htmltitle']); $thread['username'] = unhtmlspecialchars($thread['username']); $thread['postusername'] = unhtmlspecialchars($thread['authorname']); $thread['lastposter'] = unhtmlspecialchars($thread['lastcontentauthor']); $thread['newposts'] = 0; //not currently used and probably needs rethinking, but don't want to remove until this code gets rewritten //$thread['auth'] = md5($thread['userid'] . $thread['subscribediscussionid'] . $thread['secret'] . vB_Request_Web::$COOKIE_SALT); if ($thread['prefixid']) { // need prefix in correct language $phraseAux = vB_Api::instanceInternal('phrase')->fetch(array("prefix_{$thread['prefixid']}_title_plain")); $thread['prefix_plain'] = $phraseAux["prefix_{$thread['prefixid']}_title_plain"] . ' '; } else { $thread['prefix_plain'] = ''; } // Note: closure.depth = 1 on the where clause means getNewPosts only grabs replies, not comments. // get posts $posts = vB::getDbAssertor()->getRows('getNewPosts', array('threadid' => intval($thread['nodeid']), 'lastdate' => intval($lastdate))); // compile $haveothers = false; foreach ($posts as $post) { if ($post['userid'] != $thread['userid'] and in_array($post['userid'], $coventry)) { continue; } if ($post['userid'] != $thread['userid']) { $haveothers = true; } $thread['newposts']++; $post['htmltitle'] = unhtmlspecialchars($post['htmltitle']); $post['postdate'] = vbdate($langInfo['dateoverride'] ? $langInfo['dateoverride'] : vB::getDatastore()->getOption('dateformat'), $post['publishdate'], false, true, true, false, $userinfo); $post['posttime'] = vbdate($langInfo['timeoverride'] ? $langInfo['timeoverride'] : vB::getDatastore()->getOption('timeformat'), $post['publishdate'], false, true, true, false, $userinfo); $post['postusername'] = unhtmlspecialchars($post['authorname']); $plaintext_parser->set_parsing_language($thread['languageid']); $contentAPI = vB_Library_Content::getContentApi($post['contenttypeid']); $contents = $contentAPI->getContent($post['nodeid']); $post['pagetext'] = $plaintext_parser->parse($contents[$post['nodeid']]['rawtext'], $thread['parentid']); $postlink = vB5_Route::buildUrl($post['routeid'] . '|bburl', array('nodeid' => $post['nodeid'])); /*$postlink = fetch_seo_url('thread|nosession|bburl', array('threadid' => $thread['nodeid'], 'title' => htmlspecialchars_uni($thread['title']))) . "#post$post[nodeid]";*/ // Legacy Hook 'digest_thread_post' Removed // $phrases = vB_Api::instanceInternal('phrase')->fetch('digestpostbit', $thread['languageid']); $postbits .= sprintf($phrases['digestpostbit'], $post['htmltitle'], $postlink, $post['postusername'], $post['postdate'], $post['posttime'], $post['pagetext']); } // Legacy Hook 'digest_thread_process' Removed // // Don't send an update if the subscriber is the only one who posted in the thread. if ($haveothers) { // make email // magic vars used by the phrase eval $threadlink = vB5_Route::buildUrl($thread['routeid'] . '|fullurl', array('nodeid' => $thread['nodeid'])); //$threadlink = fetch_seo_url('thread|nosession|bburl', array('threadid' => $thread['threadid'], 'title' => htmlspecialchars_uni($thread['title']))); //this link probably doesn't do what the author thinks it does, need to validate. $unsubscribelink = vB5_Route::buildUrl('subscription|fullurl', array('tab' => 'subscriptions', 'userid' => $thread['userid'])); $maildata = vB_Api::instanceInternal('phrase')->fetchEmailPhrases('digestthread', array($thread['username'], $thread['prefix_plain'], $thread['htmltitle'], $thread['postusername'], $thread['newposts'], $thread['lastposter'], $threadlink, $postbits, vB::getDatastore()->getOption('bbtitle'), $unsubscribelink), array($thread['prefix_plain'], $thread['htmltitle']), $thread['languageid']); vB_Mail::vbmail($thread['email'], $maildata['subject'], $maildata['message']); } } unset($plaintext_parser); // process forums foreach ($forums as $forum) { $langInfo =& $languages[$forum['languageid']]; $userinfo = array('lang_locale' => $langInfo['locale'], 'dstonoff' => $forum['dstonoff'], 'timezoneoffset' => $forum['timezoneoffset']); $newthreadbits = ''; $newthreads = 0; $updatedthreadbits = ''; $updatedthreads = 0; $forum['username'] = unhtmlspecialchars($forum['username']); $forum['title_clean'] = unhtmlspecialchars($forum['title_clean']); //not currently used and probably needs rethinking, but don't want to remove until this code gets rewritten //$forum['auth'] = md5($forum['userid'] . $forum['subscribeforumid'] . $forum['secret'] . vB_Request_Web::$COOKIE_SALT); $threads = vB::getDbAssertor()->assertQuery('fetchForumThreads', array('forumid' => intval($forum['forumid']), 'lastdate' => intval($lastdate))); foreach ($threads as $thread) { if ($thread['postuserid'] != $forum['userid'] and in_array($thread['postuserid'], $coventry)) { continue; } // allow those without canviewthreads to subscribe/receive forum updates as they contain not post content $usercontext = vB::getUserContext($thread['userid']); if (!$usercontext->getChannelPermission('forumpermissions', 'canview', $thread['nodeid']) or $thread['lastauthorid'] != $thread['userid'] and !$usercontext->getChannelPermission('forumpermissions', 'canviewothers', $thread['nodeid'])) { continue; } $thread['forumhtmltitle'] = unhtmlspecialchars($thread['forumhtmltitle']); $thread['lastreplydate'] = vbdate($langInfo['dateoverride'] ? $langInfo['dateoverride'] : vB::getDatastore()->getOption('dateformat'), $thread['lastpost'], false, true, true, false, $userinfo); $thread['lastreplytime'] = vbdate($langInfo['timeoverride'] ? $langInfo['timeoverride'] : vB::getDatastore()->getOption('timeformat'), $thread['lastpost'], false, true, true, false, $userinfo); $thread['htmltitle'] = unhtmlspecialchars($thread['htmltitle']); $thread['postusername'] = unhtmlspecialchars($thread['postusername']); $thread['lastposter'] = unhtmlspecialchars($thread['lastposter']); if ($thread['prefixid']) { // need prefix in correct language $phraseAux = vB_Api::instanceInternal('phrase')->fetch(array("prefix_{$thread['prefixid']}_title_plain")); $thread['prefix_plain'] = $phraseAux["prefix_{$thread['prefixid']}_title_plain"] . ' '; } else { $thread['prefix_plain'] = ''; } $threadlink = vB5_Route::buildUrl($thread['routeid'] . '|fullurl', array('nodeid' => $thread['threadid'])); // Legacy Hook 'digest_forum_thread' Removed // $maildata = vB_Api::instanceInternal('phrase')->fetchEmailPhrases('digestthreadbit', array($thread['prefix_plain'], $thread['htmltitle'], $threadlink, $thread['forumhtmltitle'], $thread['postusername'], $thread['lastreplydate'], $thread['lastreplytime']), array(), $forum['languageid']); if ($thread['dateline'] > $lastdate) { // new thread $newthreads++; $newthreadbits .= $maildata['message']; } else { $updatedthreads++; $updatedthreadbits .= $maildata['message']; } } // Legacy Hook 'digest_forum_process' Removed // if (!empty($newthreads) or !empty($updatedthreadbits)) { // make email // magic vars used by the phrase eval //$forumlink = fetch_seo_url('forum|nosession|bburl', $forum); $forumlink = vB5_Route::buildUrl($forum['routeid'] . '|fullurl', array('nodeid' => $forum['forumid'])); //this link probably doesn't do what the author thinks it does. Need to validate. $unsubscribelink = vB5_Route::buildUrl('subscription|fullurl', array('tab' => 'subscriptions', 'userid' => $forum['userid'])); $maildata = vB_Api::instanceInternal('phrase')->fetchEmailPhrases('digestforum', array($forum['username'], $forum['title_clean'], $newthreads, $updatedthreads, $forumlink, $newthreadbits, $updatedthreadbits, vB::getDatastore()->getOption('bbtitle'), $unsubscribelink), array($forum['title_clean']), $forum['languageid']); vB_Mail::vbmail($forum['email'], $maildata['subject'], $maildata['message'], true); } } // ******* Social Group Digests ********** $bf_misc_socnet = vB::get_datastore()->get_value('bf_misc_socnet'); if (vB::getDatastore()->getOption('socnet') & $bf_misc_socnet['enable_groups']) { require_once DIR . '/includes/functions_socialgroup.php'; /** @todo review this part*/ /** @todo if we reenable this code, we need to prefetch language records as for threads and forums */ /* $groups = vB::getDbAssertor()->assertQuery('fetchSocialGroupDigests', array( 'dstonoff' => $bf_misc_useroptions['dstonoff'], 'hasaccessmask' => $bf_misc_useroptions['hasaccessmask'], 'languageid' => intval(vB::getDatastore()->getOption('languageid')), 'type' => $type == 2 ? 'daily' : 'weekly', 'lastdate' => intval($lastdate), 'isnotbannedgroup' => $bf_ugp_genericoptions['isnotbannedgroup'] )); foreach ($groups as $group) { $userperms = cache_permissions($group, false); if (!($userperms['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) OR !($userperms['socialgrouppermissions'] & $vbulletin->bf_ugp_socialgrouppermissions['canviewgroups']) ) { continue; } if ($group['options'] & $vbulletin->bf_misc_socialgroupoptions['join_to_view'] AND $vbulletin->options['sg_allow_join_to_view']) { if ($group['membertype'] != 'member' AND !($userperms['socialgrouppermissions'] & $vbulletin->bf_ugp_socialgrouppermissions['canalwayspostmessage']) AND !($userperms['socialgrouppermissions'] & $vbulletin->bf_ugp_socialgrouppermissions['canalwascreatediscussion']) ) { continue; } } $userinfo = array( 'lang_locale' => $group['lang_locale'], 'dstonoff' => $group['dstonoff'], 'timezoneoffset' => $group['timezoneoffset'], ); $new_discussion_bits = ''; $new_discussions = 0; $updated_discussion_bits = ''; $updated_discussions = 0; $group['username'] = unhtmlspecialchars($group['username']); $group['name'] = unhtmlspecialchars($group['name']); $discussions = vB::getDbAssertor()->assertQuery('fetchGroupDiscussions', array( 'groupid' => $group['groupid'], 'lastdate' => intval($lastdate) )); foreach ($discussions as $discussion) { $discussion['lastreplydate'] = vbdate($group['lang_dateoverride'] ? $group['lang_dateoverride'] : $vbulletin->options['default_dateformat'], $discussion['lastpost'], false, true, true, false, $userinfo); $discussion['lastreplytime'] = vbdate($group['lang_timeoverride'] ? $group['lang_timeoverride'] : $vbulletin->options['default_timeformat'], $discussion['lastpost'], false, true, true, false, $userinfo); $discussion['title'] = unhtmlspecialchars($discussion['title']); $discussion['postusername'] = unhtmlspecialchars($discussion['postusername']); $discussion['lastposter'] = unhtmlspecialchars($discussion['lastposter']); // Legacy Hook 'digest_group_discussion' Removed // //magic variables that will be picked up by the phrase eval $discussionlink = fetch_seo_url('groupdiscussion', $discussion); $maildata = vB_Api::instanceInternal('phrase') ->fetchEmailPhrases('digestgroupbit', array($discussion['htmltitle'], $discussionlink, $group['name'], $discussion['postusername'], $discussion['lastreplydate'], $discussion['lastreplytime']), array(), $group['languageid']); if ($discussion['dateline'] > $lastdate) { // new discussion $new_discussions++; $new_discussion_bits .= $maildata['message']; } else { $updated_discussions++; $updated_discussion_bits .= $maildata['message']; } } // Legacy Hook 'digest_group_process' Removed // if (!empty($new_discussion_bits) OR !empty($updated_discussion_bits)) { //magic variables that will be picked up by the phrase eval $grouplink = fetch_seo_url('group|nosession|bburl', $group); // make email $maildata = vB_Api::instanceInternal('phrase') ->fetchEmailPhrases('digestgroup', array($group['username'], $group['name'], $new_discussions, $updated_discussions, $grouplink, $new_discussion_bits, $updated_discussion_bits, $vbulletin->options['bbtitle']), array($group['name']), $group['languageid']); vB_Mail::vbmail($group['email'], $maildata['subject'], $maildata['message']); } } */ } vB_Mail::vbmailEnd(); }
/** * Gets the data the presentation layer needs to have to parse the rawtext. * * @param mixed nodeId or array of nodeIds * * @return mixed array includes bbcodeoptions, attachments, and rawtext */ public function getDataForParse($nodeIds) { if (is_int($nodeIds)) { $nodeIds = array($nodeIds); } else { if (!is_array($nodeIds)) { throw new vB_Exception_Api('invalid_data'); } } $results = array(); $bfMiscForumoptions = vB::getDatastore()->getValue('bf_misc_forumoptions'); $pmType = vB_Types::instance()->getContentTypeID('vBForum_PrivateMessage'); $galleryTypeid = vB_Types::instance()->getContentTypeId('vBForum_Gallery'); $photoTypeid = vB_Types::instance()->getContentTypeId('vBForum_Photo'); $userContext = vB::getUserContext(); $channelTypes = vB::getDatastore()->getValue('vBChannelTypes'); if (!empty($nodeIds)) { $nodes = $this->assertor->assertQuery('vBForum:getDataForParse', array('nodeid' => $nodeIds)); foreach ($nodes as $node) { try { if ($this->validate($node, self::ACTION_VIEW, $node['nodeid'], array($node))) { $attachments = $this->nodeApi->getNodeAttachments($node['nodeid']); // We don't need to show attachments for gallery. See VBV-6389. // Or rather, we need to unset attachments that are part of a gallery, but want to show other attachments. See VBV-11058 if ($galleryTypeid == $node['contenttypeid']) { foreach ($attachments as $key => &$attachment) { // attachments have contenttype vBForum_Attach, while photos of a gallery have contenttype vBForum_Photo if ($photoTypeid == $attachment['contenttypeid']) { unset($attachments[$key]); } } } if ($node['contenttypeid'] == $pmType) { $bbCodeOptions = vB_Api::instance('content_privatemessage')->getBbcodeOptions(); } else { if ($userContext->getChannelPermission('forumpermissions', 'canviewthreads', $node['nodeid'], false, $node['parentid'])) { $bbCodeOptions = array(); foreach ($bfMiscForumoptions as $optionName => $optionVal) { $bbCodeOptions[$optionName] = (bool) ($node['options'] & $optionVal); } } else { $bbCodeOptions = array(); } } $results[$node['nodeid']] = array('bbcodeoptions' => $bbCodeOptions, 'rawtext' => $node['rawtext'], 'previewtext' => $node['previewtext'], 'attachments' => $attachments, 'title' => $node['title'], 'channelid' => $node['channelid'], 'htmlstate' => $node['htmlstate'], 'disable_bbcode' => $node['nodeoptions'] & vB_Api_Node::OPTION_NODE_DISABLE_BBCODE); } else { if ($node['public_preview'] > 0) { $results[$node['nodeid']] = array('bbcodeoptions' => array(), 'rawtext' => '', 'title' => $node['title'], 'channelid' => $node['channelid'], 'htmlstate' => 'off', 'preview_only' => 1, 'disable_bbcode' => $node['nodeoptions'] & vB_Api_Node::OPTION_NODE_DISABLE_BBCODE); require_once DIR . '/includes/class_bbcode.php'; $tags = fetch_tag_list(); $registry = vB::get_registry(); $bbcode_parser = new vB_BbCodeParser($registry, $tags); $previewBbcodeOptions = array('allowsmilies' => 1, 'allowbbcode', 'allowimagecode' => 1); if ($node['htmlstate'] != 'off') { $previewBbcodeOptions['allowhtml'] = 1; } if ($node['nodeid'] == $node['starter']) { $channel = vB_Library::instance('node')->getNodeFullContent($node['parentid']); } else { $starter = $this->nodeApi->getNode($node['starter']); $channel = vB_Library::instance('node')->getNodeFullContent($starter['parentid']); } $channel = array_pop($channel); if ($channel['channeltype'] == 'article') { $previewBbcodeOptions['allowPRBREAK'] = 1; } if (vB::getUserContext()->getChannelPermission('forumpermissions2', 'cangetimgattachment', $node['nodeid'])) { $previewBbcodeOptions['allowimages'] = 1; } $results[$node['nodeid']]['previewtext'] = $bbcode_parser->getPreview($node['rawtext'], 0, FALSE, $node['htmlstate'] == 'on_nl2br', null, $previewBbcodeOptions); } else { $results[$node['nodeid']] = array('bbcodeoptions' => array(), 'rawtext' => '', 'previewtext' => '', 'title' => '', 'attachments' => array(), 'channelid' => $node['channelid'], 'htmlstate' => 'off', 'disable_bbcode' => $node['nodeoptions'] & vB_Api_Node::OPTION_NODE_DISABLE_BBCODE); // not much point since there is no rawtext, but ensure that it's set. } } //channeltype if (isset($channelTypes[$node['channelid']])) { $results[$node['nodeid']]['channeltype'] = $channelTypes[$node['channelid']]; if ($channelTypes[$node['channelid']] == 'article') { $results[$node['nodeid']]['previewLength'] = vB::getDatastore()->getOption('def_cms_previewlength'); // VBV-12048 For articles, if preview break is present, use the length of the preview text instead of // the global cms preview length $prbreak = stripos($results[$node['nodeid']]['rawtext'], '[PRBREAK][/PRBREAK]'); if ($prbreak !== FALSE) { $results[$node['nodeid']]['previewLength'] = $prbreak; } } else { $results[$node['nodeid']]['previewLength'] = vB::getDatastore()->getOption('threadpreview'); } } else { $results[$node['nodeid']]['channeltype'] = ''; } } catch (exception $e) { //probably a permission error. We can continue with whatever is valid. } } } return $results; }
/** * Used by getSignatureInfo and parseSignatures to parse a signature * * @param int User ID * @param string|false (Optional) Signature text or false if unknown * @param bool (Optional) Flag to control skipping the dupe check or not. * * @return array Array containing the parsed signature: * <pre> * array( * signature => parsed signature * allowed => array of bbcode tags the user is allowed to use in their signature * disabled => array of bbcode tags the user is NOT allowed to use in their signature * ) * </pre> */ protected function doParseSignature($userid, $signature = false, $skipdupcheck = false) { if (empty($signature)) { $sigInfo = vB_Api::instanceInternal('user')->fetchSignature($userid); if (empty($sigInfo) or empty($sigInfo['raw'])) { $sigInfo['raw'] = ''; } $signature = $sigInfo['raw']; } require_once DIR . '/includes/class_sigparser.php'; $sig_parser = new vB_SignatureParser(vB::get_registry(), $this->fetchTagList(), $userid); $sig_parser->setSkipdupcheck($skipdupcheck); // Parse the signature $parsed = $sig_parser->parse($signature); $perms = $sig_parser->getPerms(); //only cache the parsed signature if it came from the DB if (isset($sigInfo)) { $cacheKey = "vbSig_{$userid}"; $cachePermKey = "vbSigPerm_{$userid}"; $cache = vB_Cache::instance(vB_Cache::CACHE_STD); $cache->write($cacheKey, $parsed, 1440, "userChg_{$userid}"); $cache->write($cachePermKey, $perms, 1440, "userChg_{$userid}"); } return array('signature' => $parsed, 'allowed' => $perms['can'], 'disabled' => $perms['cant']); }
// insert the forumid of this item into an array for the update_forum_counters() function later $update_forumids["{$feed['forumid']}"] = true; $bbcodeApi = vB_Api::instanceInternal('bbcode'); switch ($feed['itemtype']) { // insert item as announcement case 'announcement': // init announcement datamanager if ($convertHtmlToBbcode) { $pagetext = nl2br($feed['bodytemplate']); $pagetext = $feed['xml']->parse_template($pagetext, $item); $pagetext = vB_Api::instanceInternal('bbcode')->parseWysiwygHtmlToBbcode($pagetext, array('autoparselinks' => 1)); } else { $pagetext = $feed['xml']->parse_template($feed['bodytemplate'], $item); $pagetext = vB_Api::instanceInternal('bbcode')->convertUrlToBbcode($pagetext); } $itemdata =& datamanager_init('Announcement', vB::get_registry(), $error_type); $itemdata->set_info('user', $feed); $itemdata->set('userid', $feed['userid']); $itemdata->set('nodeid', $feed['nodeid']); $itemdata->set('title', strip_bbcode(convert_wysiwyg_html_to_bbcode($feed['xml']->parse_template($feed['titletemplate'], $item)))); $itemdata->set('pagetext', $pagetext); $itemdata->set('startdate', vB::getRequest()->getTimeNow()); $itemdata->set('enddate', vB::getRequest()->getTimeNow() + 86400 * ($feed['endannouncement'] > 0 ? $feed['endannouncement'] : 7) - 1); $itemdata->set_bitfield('announcementoptions', 'allowsmilies', $feed['rssoptions'] & $bf_misc_feedoptions['allowsmilies'] ? 1 : 0); $itemdata->set_bitfield('announcementoptions', 'signature', 0); $itemdata->set_bitfield('announcementoptions', 'allowhtml', $feed['rssoptions'] & $bf_misc_feedoptions['allowhtml'] ? 1 : 0); $itemdata->set_bitfield('announcementoptions', 'allowbbcode', true); $itemdata->set_bitfield('announcementoptions', 'parseurl', true); if ($itemid = $itemdata->save()) { $itemtitle = $itemdata->fetch_field('title'); $itemlink = vB_Api::instanceInternal('route')->getUrl('admincp', array('file' => 'announcement'), array('do' => 'edit', 'a' => $itemid));
protected function update_registry($title, $data) { // todo: remove this when all references to vbulletin settings are replaced $registry =& vB::get_registry(); if (!$registry) { return; } if ($title == self::BITFIELDS_TITLE) { foreach (array_keys($data) as $group) { // todo: remove this when all references to vbulletin settings are replaced $registry->{self::BITFIELDS_PREFIX . $group} =& $data["{$group}"]; $group_prefix = self::BITFIELDS_PREFIX . $group . '_'; $group_info =& $data["{$group}"]; foreach (array_keys($group_info) as $subgroup) { // todo: remove this when all references to vbulletin settings are replaced $registry->{$group_prefix . $subgroup} =& $group_info["{$subgroup}"]; } } } else { if (!empty($title) and !empty($data)) { // todo: remove this when all references to vbulletin settings are replaced $registry->{$title} = (isset($registry->{$title}) and is_array($registry->{$title}) and is_array($data)) ? $data + $registry->{$title} : $data; } } }
function fr_parse_pm_bbcode($bbcode, $smilies = true) { require_once DIR . '/includes/class_core.php'; require_once DIR . '/includes/class_bbcode.php'; $bbcode_parser = new vB_BbCodeParser(vB::get_registry(), fetch_tag_list()); return $bbcode_parser->parse($bbcode, 'privatemessage', $smilies); }
function fr_get_hvtoken() { // XXX: This is a hack, we basically turn off hv with this require_once DIR . '/includes/class_humanverify.php'; $verify =& vB_HumanVerify::fetch_library(vB::get_registry()); $token = $verify->generate_token(); $ret = array('input' => $token['answer'], 'hash' => $token['hash']); return $ret; }
/** * Return user change history * * @param integer $userid * @return array |bool User change history array. False means no change history. */ public function changeHistory($userid) { $this->checkHasAdminPermission('canadminusers'); require_once DIR . '/includes/class_userchangelog.php'; require_once DIR . '/includes/functions_misc.php'; // initalize the $user storage $users = false; // create the vb_UserChangeLog instance and set the execute flag (we want to do the query, not just to build) $userchangelog = new vb_UserChangeLog(vB::get_registry()); $userchangelog->set_execute(true); // get the user change list $userchange_list = $userchangelog->sql_select_by_userid($userid); if (!$userchange_list) { return false; } else { $usergroupcache = vB::getDatastore()->getValue('usergroupcache'); // fetch the rows foreach ($userchange_list as $userchange) { // get/find some names, depend on the field and the content switch ($userchange['fieldname']) { // get usergroup names from the cache case 'usergroupid': case 'membergroupids': foreach (array('oldvalue', 'newvalue') as $fname) { $str = ''; if ($ids = explode(',', $userchange[$fname])) { foreach ($ids as $id) { if ($usergroupcache["{$id}"]['title']) { $str .= $usergroupcache["{$id}"]['title'] . '<br/>'; } } } $userchange["{$fname}"] = $str ? $str : '-'; } break; } $userchanges[] = $userchange; } return $userchanges; } }
/** * Applies the automatic ban to the user * * @param array User Info for the user to ban * @param array Data for the automatic ban to apply (returned from getAutomaticBanToApply) * @param array Data for the infraction that's being given */ protected function applyAutomaticBan(array $userInfo, array $banToApply, array $data) { $currentBan = $this->assertor->getRow('userban', array('userid' => $userInfo['userid'])); $user = vB::getCurrentSession()->fetch_userinfo(); // Drop the ban hammer if ($currentBan) { if (($banToApply['liftdate'] == 0 or $currentBan['liftdate'] < $banToApply['liftdate']) and $currentBan['liftdate'] != 0) { // there is already a record - just update this record $this->assertor->update('userban', array('bandate' => vB::getRequest()->getTimeNow(), 'liftdate' => $banToApply['liftdate'], 'adminid' => $user['userid'], 'reason' => $data['banreason']), array('userid' => $userInfo['userid'])); } } else { // insert a record into the userban table /*insert query*/ $this->assertor->insert('userban', array('userid' => $userInfo['userid'], 'usergroupid' => $userInfo['usergroupid'], 'displaygroupid' => $userInfo['displaygroupid'], 'customtitle' => $userInfo['customtitle'], 'usertitle' => $userInfo['usertitle'], 'bandate' => vB::getRequest()->getTimeNow(), 'liftdate' => $banToApply['liftdate'], 'adminid' => $user['userid'], 'reason' => $data['banreason'])); } //$existingUserInfo = $this->assertor->getRow('user', array('userid' => $userInfo['userid'])); $existingUserInfo = vB_User::fetchUserinfo($userInfo['userid']); // update the user record $userdata = new vB_Datamanager_User(vB::get_registry(), vB_DataManager_Constants::ERRTYPE_SILENT); $userdata->set_existing($existingUserInfo); $userdata->set('usergroupid', $banToApply['banusergroupid']); $userdata->set('displaygroupid', 0); // update the user's title if they've specified a special user title for the banned group $bannedUserGroups = vB_Api::instanceInternal('usergroup')->fetchBannedUsergroups(); if ($bannedUserGroups[$banToApply['banusergroupid']]['usertitle'] != '') { $userdata->set('usertitle', $bannedUserGroups[$banToApply['banusergroupid']]['usertitle']); $userdata->set('customtitle', 0); } $userdata->save(); unset($userdata); }
/** * Verify a HV token and its answer * * @param string $input HV answer user input ('input') and other data (for example, 'hash') * @param string $action The name of the action to check. register, lostpw etc. * @param bool $return Whether to return a bool value instead of throwing an Exception. * * @throws vB_Exception_Api * @return bool Whether the input answer/hash is correct */ public function verifyToken($input, $action, $return = false) { if (!$this->fetchRequireHvcheck($action)) { return true; } //If we are running in phpunit test mode we just return //TODO- We need a better solution. This works for now but is homely if (defined('VB_UNITTEST')) { //we have to find out if we are running hvtest.php $stacktrace = debug_backtrace(); $inHVTest = false; foreach ($stacktrace as $caller) { if (isset($caller['file']) and basename($caller['file']) == 'hvTest.php') { $inHVTest = true; break; } } if (!$inHVTest) { //We are not testing hVTest. So just take the human verify test as passed. return true; } } require_once DIR . '/includes/class_humanverify.php'; $verify =& vB_HumanVerify::fetch_library(vB::get_registry()); $data = $verify->verify_token($input); if ($data) { return true; } else { if ($return) { return false; } else { throw new vB_Exception_Api($verify->fetch_error()); } } }
|| # This file may not be redistributed in whole or significant part. # || || # ----------------- VBULLETIN IS NOT FREE SOFTWARE ----------------- # || || # http://www.vbulletin.com | http://www.vbulletin.com/license.html # || || ###################################################################### || \*========================================================================*/ // ######################## SET PHP ENVIRONMENT ########################### error_reporting(E_ALL & ~E_NOTICE); // if (!is_object($vbulletin->db)) // { // exit; // } // ######################################################################## // ######################### START MAIN SCRIPT ############################ // ######################################################################## require_once DIR . '/includes/class_sitemap.php'; $runner = new vB_SiteMapRunner_Cron(vB::get_registry()); $runner->set_cron_item($nextitem); $status = $runner->check_environment(); if ($status['error']) { // if an error has happened, display/log it if necessary and die if (VB_AREA == 'AdminCP') { print_stop_message($status['error']); } else { if ($status['loggable']) { $rows = vB::getDbAssertor()->getRow('adminmessage', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_COUNT, 'varname' => $status['error'], 'status' => 'undone')); if ($rows['count'] == 0) { vB::getDbAssertor()->insert('adminmessage', array('varname' => $status['error'], 'dismissable' => 1, 'script' => 'sitemap.php', 'action' => 'buildsitemap', 'execurl' => 'sitemap.php?do=buildsitemap', 'method' => 'get', 'dateline' => vB::getRequest()->getTimeNow(), 'status' => 'undone')); } } } exit;
protected function __construct() { // This is a dummy object $vbulletin just to avoid rewriting all code global $vbulletin; if (empty($vbulletin)) { $vbulletin = vB::get_registry(); } if (empty($vbulletin->db) and class_exists('vB') and !empty(vB::$db)) { $vbulletin->db = vB::$db; } }
/** * Constructor * * @param vB_Registry Reference to registry object */ function vB_PaidSubscription() { $this->registry = vB::get_registry(); if (!is_object($this->registry)) { trigger_error("vB_PaidSubscription::Registry object is not an object", E_USER_ERROR); } }
/** * Constructor - Checks for necessity of registry object * * Note that this method will accept only the $errtype parameter (via some magic checking of the parameters) * and this is the preferred way of calling the datamanager functions. The registry object is deprecated * and will be created internally for those managers that still need it. * * @param vB_Registry $registry -- Instance of the vBulletin data registry object - expected to have the * database object as one of its $this->db member. * @param integer $errtype --One of the ERRTYPE_x constants */ public function __construct($registry = NULL, $errtype = NULL) { if (is_object($registry)) { $this->registry =& $registry; } else { if ($this->needRegistry) { $this->registry = vB::get_registry(); } } if (is_int($registry) and $errtype === NULL) { //This allows us to function as either vb3/4 style with $vbulletin, // or vb5-style with no global variables $errtype = $registry; } else { if ($errtype === NULL) { $errtype = vB_DataManager_Constants::ERRTYPE_STANDARD; } } $this->assertor = vB::getDbAssertor(); $this->session = vB::getCurrentSession(); $this->userinfo = $this->session->fetch_userinfo(); $this->datastore = vB::getDatastore(); $this->options = $this->datastore->get_value('options'); $this->setErrorHandler($errtype); if (is_array($this->bitfields)) { foreach ($this->bitfields as $key => $val) { //set this to bitfields array directly and unset if bad. if we try to set this to a interim //variable we end up getting the references crossed so that every element of the array is //the same as the last value loaded (this is a bit of a problem). We could not use references //but I'd like to avoid copying static arrays more than I need to. $this->bitfields["{$key}"] = $this->datastore->get_value($val); if (!$this->bitfields["{$key}"]) { unset($this->bitfields["{$key}"]); trigger_error("Please check the <em>\$bitfields</em> array in the <strong>" . get_class($this) . "</strong> class definition - <em>\$vbulletin->{$val}</em> is not a valid bitfield.<br />", E_USER_ERROR); } } } /* Legacy Hook $this->hook_start Removed */ }
/** * Massive merge templates * * @param string $product Product string ID. * @param integer $startat Start offset of the merge. * * @return integer New startat value. -1 if no more to do. */ public function massMerge($product = 'vbulletin', $startat = 0) { $this->checkHasAdminPermission('canadmintemplates'); require_once DIR . '/includes/adminfunctions.php'; // TODO: Product API $full_product_info = fetch_product_list(true); $vbulletin =& vB::get_registry(); require_once DIR . '/includes/class_template_merge.php'; require_once DIR . '/includes/adminfunctions_template.php'; $merge = new vB_Template_Merge($vbulletin); $merge->time_limit = 5; $merge_data = new vB_Template_Merge_Data($vbulletin); $merge_data->start_offset = $startat; if ($product == 'vbulletin' or !$product) { $merge_data->add_condition("tnewmaster.product IN ('', 'vbulletin')"); } else { $merge_data->add_condition("tnewmaster.product = '" . mysql_escape_string($product) . "'"); $merge->merge_version = $full_product_info[$product]['version']; } $completed = $merge->merge_templates($merge_data, $output); if ($completed) { // completed build_all_styles(); vB_Library::instance('Style')->setCssDate(); return -1; } else { return $merge_data->start_offset + $merge->fetch_processed_count(); } }