/**
* pre_delete function - extend if the contenttype needs to do anything
*
* @param array list of deleted attachment ids to delete
* @param boolean verify permission to delete
*
* @return boolean
*/
public function pre_delete($list, $checkperms = true)
{
@ignore_user_abort(true);
// init lists
$this->lists = array('postlist' => array(), 'threadlist' => array());
if ($checkperms) {
// Verify that we have permission to view these attachmentids
$attachmultiple = new vB_Attachment_Display_Multiple($this->registry);
$attachments = $attachmultiple->fetch_results("a.attachmentid IN (" . implode(", ", $list) . ")");
if (count($list) != count($attachments)) {
return false;
}
}
$ids = $this->registry->db->query_read("\n\t\t\tSELECT\n\t\t\t\ta.attachmentid, a.userid, IF(a.contentid = 0, 1, 0) AS inprogress,\n\t\t\t\tpost.postid, post.threadid, post.dateline AS p_dateline, post.userid AS post_userid,\n\t\t\t\tthread.forumid, thread.threadid, thread.open,\n\t\t\t\teditlog.hashistory\n\t\t\tFROM " . TABLE_PREFIX . "attachment AS a\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = a.contentid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = post.threadid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON (editlog.postid = post.postid)\n\t\t\tWHERE a.attachmentid IN (" . implode(", ", $list) . ")\n\t\t");
while ($id = $this->registry->db->fetch_array($ids)) {
if (!$id['inprogress'] and $checkperms) {
if (!$id['open'] and !can_moderate($id['forumid'], 'canopenclose') and !$this->registry->options['allowclosedattachdel']) {
return false;
} else {
if (!can_moderate($id['forumid'], 'caneditposts')) {
$forumperms = fetch_permissions($id['forumid']);
if (!($forumperms & $this->registry->bf_ugp_forumpermissions['caneditpost']) or $this->registry->userinfo['userid'] != $id['userid']) {
return false;
} else {
if (!$this->registry->options['allowattachdel'] and $this->registry->options['edittimelimit'] and $id['p_dateline'] < TIMENOW - $this->registry->options['edittimelimit'] * 60) {
return false;
}
}
}
}
}
if ($id['postid']) {
$this->lists['postlist']["{$id['postid']}"]++;
if ($this->log) {
if ($this->registry->userinfo['permissions']['genericoptions'] & $this->registry->bf_ugp_genericoptions['showeditedby'] and $id['p_dateline'] < TIMENOW - $this->registry->options['noeditedbytime'] * 60) {
if (empty($replaced["{$id['postid']}"])) {
/*insert query*/
$this->registry->db->query_write("\n\t\t\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "editlog\n\t\t\t\t\t\t\t\t\t\t(postid, userid, username, dateline, hashistory)\n\t\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t\t\t({$id['postid']},\n\t\t\t\t\t\t\t\t\t" . $this->registry->userinfo['userid'] . ",\n\t\t\t\t\t\t\t\t\t'" . $this->registry->db->escape_string($this->registry->userinfo['username']) . "',\n\t\t\t\t\t\t\t\t\t" . TIMENOW . ",\n\t\t\t\t\t\t\t\t\t" . intval($id['hashistory']) . ")\n\t\t\t\t\t\t\t");
$replaced["{$id['postid']}"] = true;
}
}
if ($this->registry->userinfo['userid'] != $id['post_userid'] and can_moderate($id['forumid'], 'caneditposts')) {
$postinfo = array('postid' => &$id['postid'], 'threadid' => &$id['threadid'], 'forumid' => &$id['forumid'], 'attachmentid' => &$id['attachmentid']);
require_once DIR . '/includes/functions_log_error.php';
log_moderator_action($postinfo, 'attachment_removed');
}
}
}
if ($id['threadid']) {
$this->lists['threadlist']["{$id['threadid']}"]++;
}
}
return true;
}
if ($daysprune != -1) {
$wheresql[] = "a.dateline >= " . (TIMENOW - $daysprune * 86400);
}
// complete form fields on page
$daysprunesel = iif($daysprune == -1, 'all', $daysprune);
$daysprunesel = array($daysprunesel => 'selected="selected"');
if ($type == 'new') {
$wheresql[] = "1=1";
$messagephrase = $vbphrase['new_attachments'];
} else {
$messagephrase = $vbphrase['moderated_attachments'];
$wheresql[] = "a.state = 'moderation'";
}
// Get attachment count
require_once DIR . '/packages/vbattach/attach.php';
$attachmultiple = new vB_Attachment_Display_Multiple($vbulletin);
$attachments = $attachmultiple->fetch_results(implode(" AND ", $wheresql), true);
$totalattachments = intval($attachments['count']);
if ($showthumbs) {
$maxperpage = 10;
$defaultperpage = 10;
} else {
$maxperpage = 200;
$defaultperpage = 20;
}
sanitize_pageresults($totalattachments, $pagenumber, $perpage, $maxperpage, $defaultperpage);
$limitlower = ($pagenumber - 1) * $perpage + 1;
$limitupper = $pagenumber * $perpage;
if ($limitupper > $totalattachments) {
$limitupper = $totalattachments;
if ($limitlower > $totalattachments) {
foreach ($attachments as $attachment) {
$position++;
$cell = array();
$cell[] = $position . '.';
$cell[] = "<a href=\"../attachment.php?" . $vbulletin->session->vars['sessionurl'] . "attachmentid={$attachment['attachmentid']}&d={$attachment['dateline']}\">" . htmlspecialchars_uni($attachment['filename'], false) . "</a>";
$cell[] = iif($attachment['userid'], "<a href=\"user.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&u={$attachment['userid']}\">{$attachment['username']}</a>", $attachment['username']);
$cell[] = vb_number_format($attachment['counter']);
$cell[] = '<span class="smallfont">' . construct_link_code($vbphrase['view_content'], $attachmultiple->fetch_content_url($attachment, '../'), true) . construct_link_code($vbphrase['edit'], "attachment.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&attachmentid={$attachment['attachmentid']}") . construct_link_code($vbphrase['delete'], "attachment.php?" . $vbulletin->session->vars['sessionurl'] . "do=delete&attachmentid={$attachment['attachmentid']}") . '</span>';
print_cells_row($cell);
}
print_table_break();
$largest = $db->query_read("\n\t\tSELECT\n\t\t\ta.attachmentid, a.dateline, a.contentid, a.counter, a.userid, a.filename, user.username\n\t\tFROM " . TABLE_PREFIX . "attachment AS a\n\t\tINNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (a.filedataid = fd.filedataid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (a.userid = user.userid)\n\t\tWHERE a.contentid <> 0\n\t\tORDER BY fd.filesize DESC\n\t\tLIMIT 5\n\t");
$position = 0;
print_table_header($vbphrase['five_largest_attachments'], 5);
print_cells_row(array(' ', $vbphrase['filename'], $vbphrase['username'], $vbphrase['filesize'], ' '), 1);
$attachmultiple = new vB_Attachment_Display_Multiple($vbulletin);
$attachments = $attachmultiple->fetch_results("a.contentid <> 0", false, 0, 5, 'filesize');
foreach ($attachments as $attachment) {
$position++;
$cell = array();
$cell[] = $position . '.';
$cell[] = "<a href=\"../attachment.php?" . $vbulletin->session->vars['sessionurl'] . "attachmentid={$attachment['attachmentid']}&d={$attachment['dateline']}\">" . htmlspecialchars_uni($attachment['filename'], false) . "</a>";
$cell[] = iif($attachment['userid'], "<a href=\"user.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&u={$attachment['userid']}\">{$attachment['username']}</a>", $attachment['username']);
$cell[] = vb_number_format($attachment['filesize'], 1, true);
$cell[] = '<span class="smallfont">' . construct_link_code($vbphrase['view_content'], $attachmultiple->fetch_content_url($attachment, '../'), true) . construct_link_code($vbphrase['edit'], "attachment.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&attachmentid={$attachment['attachmentid']}") . construct_link_code($vbphrase['delete'], "attachment.php?" . $vbulletin->session->vars['sessionurl'] . "do=delete&attachmentid={$attachment['attachmentid']}") . '</span>';
print_cells_row($cell);
}
print_table_break();
$content = array();
$largestuser = $db->query_read("\n\t\tSELECT COUNT(*) AS count, SUM(filesize) AS totalsize, user.userid, username\n\t\tFROM " . TABLE_PREFIX . "attachment AS a\n\t\tINNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (a.filedataid = fd.filedataid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (a.userid = user.userid)\n\t\tGROUP BY a.userid\n\t\tHAVING totalsize > 0\n\t\tORDER BY totalsize DESC\n\t\tLIMIT 5\n\t");
$position = 0;
$show['attachquota'] = true;
}
else
{
// show someone else's attachments
$userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1);
$userid = $userinfo['userid'];
$username = $userinfo['username'];
$show['otheruserid'] = true;
}
($hook = vBulletinHook::fetch_hook('profile_editattachments_start')) ? eval($hook) : false;
// Get attachment count
require_once(DIR . '/packages/vbattach/attach.php');
$attachmultiple = new vB_Attachment_Display_Multiple($vbulletin);
$attachments = $attachmultiple->fetch_results("a.userid = $userid", true);
$totalattachments = intval($attachments['count']);
$attachsum = $attachments['uniquesum'];
if (!$totalattachments AND $userid != $vbulletin->userinfo['userid'])
{
eval(standard_error(fetch_error('noattachments')));
}
else if (!$totalattachments)
{
$show['attachment_list'] = false;
$show['attachquota'] = false;
}
else
/**
* Constructor
*
* @param vB_Registry
* @param integer Unique id of this contenttype (forum post, blog entry, etc)
*
* @return void
*/
public function __construct(&$registry, $contenttypeid)
{
parent::__construct($registry);
$this->contenttypeid = $contenttypeid;
}
} else {
if ($action == -1) {
// delete
$deleteids[] = $attachmentid;
}
}
}
if (!empty($approveids)) {
require_once DIR . '/packages/vbattach/attach.php';
$attachmultiple = new vB_Attachment_Display_Multiple($vbulletin);
$attachments = $attachmultiple->fetch_results("a.attachmentid IN (" . implode(",", $approveids) . ") AND a.state = 'moderation' AND a.contentid <> 0", false, 0, 0);
$db->query_write("\r\n\t\t\tUPDATE " . TABLE_PREFIX . "attachment\r\n\t\t\tSET\tstate = 'visible'\r\n\t\t\tWHERE attachmentid IN (" . implode(",", array_keys($attachments)) . ")\r\n\t\t");
}
if (!empty($deleteids)) {
require_once DIR . '/packages/vbattach/attach.php';
$attachmultiple = new vB_Attachment_Display_Multiple($vbulletin);
$attachments = $attachmultiple->fetch_results("a.attachmentid IN (" . implode(",", $deleteids) . ") AND a.state = 'moderation' AND a.contentid <> 0", false, 0, 0);
$attachdata =& datamanager_init('Attachment', $vbulletin, ERRTYPE_CP, 'attachment');
$attachdata->condition = "a.attachmentid IN (" . implode(",", array_keys($attachments)) . ")";
$attachdata->delete(true, false);
}
define('CP_REDIRECT', 'moderate.php?do=attachments');
print_stop_message('moderated_attachments_successfully');
}
print_cp_footer();
/*======================================================================*\
|| ####################################################################
|| # Downloaded: 23:48, Wed Mar 24th 2010
|| # CVS: $RCSfile$ - $Revision: 33203 $
|| ####################################################################
\*======================================================================*/
/**
* Quick Method of building the CPNav Template
*
* @param string The selected item in the CPNav
*/
function construct_usercp_nav($selectedcell = 'usercp')
{
global $navclass, $cpnav, $gobutton, $vbphrase;
global $messagecounters, $subscribecounters, $vbulletin;
global $show, $subscriptioncache, $template_hook;
$cells = array(
'usercp',
'signature',
'profile',
'options',
'connections',
'password',
'avatar',
'profilepic',
'album',
'pm_messagelist',
'pm_newpm',
'pm_trackpm',
'pm_editfolders',
'substhreads_listthreads',
'substhreads_editfolders',
'deletedthreads',
'deletedposts',
'moderatedthreads',
'moderatedposts',
'moderatedvms',
'deletedvms',
'moderatedgms',
'deletedgms',
'moderateddiscussions',
'deleteddiscussions',
'moderatedpcs',
'deletedpcs',
'moderatedpics',
'event_reminders',
'paid_subscriptions',
'socialgroups',
'usergroups',
'buddylist',
'ignorelist',
'attachments',
'customize',
'privacy',
'deleteditems',
'moderateditems',
'newitems',
'newvms',
'newgms',
'newdiscussions',
'newpcs',
'newpics'
);
($hook = vBulletinHook::fetch_hook('usercp_nav_start')) ? eval($hook) : false;
// TODO: Issue #29084 - Reenable Profile Styling
/*
if (!($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_profile_styling']))
{
$show['customizelink'] = false;
}
else if (
($vbulletin->userinfo['permissions']['usercsspermissions'] & $vbulletin->bf_ugp_usercsspermissions['caneditfontfamily'])
OR ($vbulletin->userinfo['permissions']['usercsspermissions'] & $vbulletin->bf_ugp_usercsspermissions['caneditfontsize'])
OR ($vbulletin->userinfo['permissions']['usercsspermissions'] & $vbulletin->bf_ugp_usercsspermissions['caneditcolors'])
OR ($vbulletin->userinfo['permissions']['usercsspermissions'] & $vbulletin->bf_ugp_usercsspermissions['caneditbgimage'])
OR ($vbulletin->userinfo['permissions']['usercsspermissions'] & $vbulletin->bf_ugp_usercsspermissions['caneditborders'])
)
{
$show['customizelink'] = true;
}
else
{
$show['customizelink'] = false;
}
*/
$show['customizelink'] = false;
$show['privacylink'] = (($vbulletin->userinfo['permissions']['usercsspermissions'] & $vbulletin->bf_ugp_usercsspermissions['caneditprivacy'])
AND $vbulletin->options['profileprivacy']);
if ($show['avatarlink'] AND !($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canuseavatar']))
{
$membergroups = fetch_membergroupids_array($vbulletin->userinfo);
// We don't have any predefined avatars or user's groups are all denied permission
if (!empty($vbulletin->noavatarperms) AND ($vbulletin->noavatarperms['all'] == true OR !count(array_diff($membergroups, $vbulletin->noavatarperms))))
{
$show['avatarlink'] = false;
}
else if (!empty($vbulletin->userinfo['infractiongroupids']))
{
$show['avatarlink'] = ($categorycache =& fetch_avatar_categories($vbulletin->userinfo));
}
}
// currently, we only have faceboook as external login,
// but as we add more, we need to add them to this assignment
$show['externalconnections'] = $vbulletin->options['enablefacebookconnect'];
if ($selectedcell == 'attachments')
{
$show['attachments'] = true;
}
else
{
require_once(DIR . '/packages/vbattach/attach.php');
$attachmultiple = new vB_Attachment_Display_Multiple($vbulletin);
if ($results = $attachmultiple->fetch_results('a.userid = ' . $vbulletin->userinfo['userid'], true))
{
$show['attachments'] = true;
}
}
if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_groups']
AND $vbulletin->userinfo['permissions']['socialgrouppermissions'] & $vbulletin->bf_ugp_socialgrouppermissions['canviewgroups'])
{
$show['socialgroupslink'] = true;
}
if (!$vbulletin->options['subscriptionmethods'])
{
$show['paidsubscriptions'] = false;
}
else
{
// cache all the subscriptions - should move this to a datastore object at some point
require_once(DIR . '/includes/class_paid_subscription.php');
$subobj = new vB_PaidSubscription($vbulletin);
$subobj->cache_user_subscriptions();
$show['paidsubscriptions'] = false;
foreach ($subobj->subscriptioncache AS $subscription)
{
$subscriptionid =& $subscription['subscriptionid'];
if ($subscription['active'] AND (empty($subscription['deniedgroups']) OR count(array_diff(fetch_membergroupids_array($vbulletin->userinfo), $subscription['deniedgroups']))))
{
$show['paidsubscriptions'] = true;
break;
}
}
}
// check to see if there are usergroups available
$show['publicgroups'] = false;
foreach ($vbulletin->usergroupcache AS $usergroup)
{
if ($usergroup['ispublicgroup'] OR ($usergroup['canoverride'] AND is_member_of($vbulletin->userinfo, $usergroup['usergroupid'])))
{
$show['publicgroups'] = true;
break;
}
}
// Setup Moderation Links
if (can_moderate())
{
$show['deleteditems'] = true;
$show['deletedmessages'] = true;
}
$show['moderatedposts'] = can_moderate(0, 'canmoderateposts');
$show['deletedposts'] = ($show['moderatedposts'] OR can_moderate(0, 'candeleteposts') OR can_moderate(0, 'canremoveposts'));
// visitor messages
if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_visitor_messaging'])
{
$show['moderatedvms'] = can_moderate(0, 'canmoderatevisitormessages');
$show['deletedvms'] = ($show['moderatedvms'] OR can_moderate(0, 'candeletevisitormessages') OR can_moderate(0, 'canremovevisitormessages'));
$show['newvms'] = ($show['moderatedvms'] OR $show['deletedvms'] OR can_moderate(0, 'caneditvisitormessages'));
}
// group messages
if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_groups'] AND $vbulletin->options['socnet_groups_msg_enabled'])
{
$show['moderatedgms'] = can_moderate(0, 'canmoderategroupmessages');
$show['deletedgms'] = ($show['moderatedgms'] OR can_moderate(0, 'candeletegroupmessages') OR can_moderate(0, 'canremovegroupmessages'));
$show['newgms'] = ($show['moderatedgms'] OR $show['deletedgms'] OR can_moderate(0, 'caneditgroupmessages'));
}
// group discussions
if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_groups'] AND $vbulletin->options['socnet_groups_msg_enabled'])
{
$show['moderateddiscussions'] = can_moderate(0, 'canmoderatediscussions');
$show['deleteddiscussions'] = ($show['moderateddiscussions'] OR (can_moderate(0, 'candeletediscussions') OR can_moderate(0, 'canremovediscussions')));
$show['newdiscussions'] = ($show['moderateddiscussions'] OR $show['deleteddiscussions'] OR can_moderate(0, 'caneditdiscussions'));
}
// picture comments
if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_albums'] AND $vbulletin->options['pc_enabled'])
{
$show['moderatedpcs'] = can_moderate(0, 'canmoderatepicturecomments');
$show['deletedpcs'] = ($show['moderatedpcs'] OR can_moderate(0, 'candeletepicturecomments') OR can_moderate(0, 'canremovepicturecomments'));
$show['newpcs'] = ($show['moderatedpcs'] OR $show['deletedpcs'] OR can_moderate(0, 'caneditpicturecomments'));
}
// pictures
if ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_albums'])
{
$show['moderatedpics'] = can_moderate(0, 'canmoderatepictures');
$show['newpics'] = ($show['moderatedpics'] OR can_moderate(0, 'caneditalbumpicture'));
}
$show['moderateditems'] = ($show['moderatedposts'] OR $show['moderatedvms'] OR $show['moderatedgms'] OR $show['moderateddiscussions'] OR $show['moderatedpcs'] OR $show['moderatedpics']);
$show['deleteditems'] = ($show['deletedposts'] OR $show['deletedvms'] OR $show['deletedgms'] OR $show['deleteddiscussions'] OR $show['deletedpcs']);
$show['newitems'] = ($show['newposts'] OR $show['newvms'] OR $show['newgms'] OR $show['newdiscussions'] OR $show['newpcs'] OR $show['newpics']);
$show['moderation'] = ($show['moderateditems'] OR $show['deleteditems'] OR $show['newitems']);
// album setup
$show['albumlink'] = ($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_albums']
AND $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers']
AND $vbulletin->userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canviewalbum']
AND $vbulletin->userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canalbum']
);
// set the class for each cell/group
$navclass = array();
foreach ($cells AS $cellname)
{
$navclass["$cellname"] = 'inactive';
}
$navclass["$selectedcell"] = 'active';
// variable to hold templates for pm / subs folders
$cpnav = array();
// get PM folders
$cpnav['pmfolders'] = '';
$pmfolders = array('0' => $vbphrase['inbox'], '-1' => $vbphrase['sent_items']);
if (!empty($vbulletin->userinfo['pmfolders']))
{
$pmfolders = $pmfolders + unserialize($vbulletin->userinfo['pmfolders']);
}
foreach ($pmfolders AS $folderid => $foldername)
{
$linkurl = 'private.php?' . $vbulletin->session->vars['sessionurl'] . "folderid=$folderid";
$templater = vB_Template::create('usercp_nav_folderbit');
$templater->register('foldername', $foldername);
$templater->register('linkurl', $linkurl);
$cpnav['pmfolders'] .= $templater->render();
}
// get subscriptions folders
$cpnav['subsfolders'] = '';
$subsfolders = unserialize($vbulletin->userinfo['subfolders']);
if (!empty($subsfolders))
{
foreach ($subsfolders AS $folderid => $foldername)
{
$linkurl = 'subscription.php?' . $vbulletin->session->vars['sessionurl'] . "folderid=$folderid";
$templater = vB_Template::create('usercp_nav_folderbit');
$templater->register('foldername', $foldername);
$templater->register('linkurl', $linkurl);
$cpnav['subsfolders'] .= $templater->render();
}
}
if ($cpnav['subsfolders'] == '')
{
$linkurl = 'subscription.php?' . $vbulletin->session->vars['sessionurl'] . 'folderid=0';
$foldername = $vbphrase['subscriptions'];
$templater = vB_Template::create('usercp_nav_folderbit');
$templater->register('foldername', $foldername);
$templater->register('linkurl', $linkurl);
$cpnav['subsfolders'] .= $templater->render();
}
($hook = vBulletinHook::fetch_hook('usercp_nav_complete')) ? eval($hook) : false;
}
/**
* pre_delete function - extend if the contenttype needs to do anything
*
* @param array list of deleted attachment ids to delete
* @param boolean verify permission to delete
*
* @return boolean
*/
public function pre_delete($list, $checkperms = true)
{
@ignore_user_abort(true);
// init lists
$this->lists = array(
'grouplist' => array(),
);
if ($checkperms)
{
// Verify that we have permission to view these attachmentids
$attachmultiple = new vB_Attachment_Display_Multiple($this->registry);
$attachments = $attachmultiple->fetch_results("a.attachmentid IN (" . implode(", ", $list) . ")");
if (count($list) != count($attachments))
{
return false;
}
}
$ids = $this->registry->db->query_read("
SELECT
a.attachmentid, a.userid, IF(a.contentid = 0, 1, 0) AS inprogress, a.caption,
sg.name, sg.groupid, IF(sg.creatoruserid = {$this->registry->userinfo['userid']}, 1, 0) AS is_owner,
user.username
FROM " . TABLE_PREFIX . "attachment AS a
LEFT JOIN " . TABLE_PREFIX . "socialgroup AS sg ON (a.contentid = sg.groupid)
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (a.userid = user.userid)
WHERE
a.attachmentid IN (" . implode(", ", $list) . ")
");
while ($id = $this->registry->db->fetch_array($ids))
{
if ($checkperms AND !$id['inprogress'] AND $id['userid'] != $this->registry->userinfo['userid'] AND !fetch_socialgroup_modperm('canremovepicture', $id))
{
return false;
}
if ($id['groupid'])
{
$this->lists['grouplist']["{$id['groupid']}"]["{$id['attachmentid']}"] = 1;
if ($this->log)
{
if (!$id['is_owner'] AND $id['userid'] != $this->registry->userinfo['userid'])
{
// TODO : What does $picture want and fix modlog display in the admincp as it does not filter attachmentid properly on contenttype
$picture = array();
require_once(DIR . '/includes/functions_log_error.php');
log_moderator_action($picture, 'social_group_picture_x_in_y_removed', array(fetch_trimmed_title($id['caption'], 50), $id['name']));
}
}
}
}
return true;
}
/**
* pre_delete function - extend if the contenttype needs to do anything
*
* @param array list of deleted attachment ids to delete
* @param boolean verify permission to delete
*
* @return boolean
*/
public function pre_delete($list, $checkperms = true)
{
@ignore_user_abort(true);
// init lists
$this->lists = array(
'bloglist' => array(),
);
if ($checkperms)
{
// Verify that we have permission to view these attachmentids
$attachmultiple = new vB_Attachment_Display_Multiple($this->registry);
$attachments = $attachmultiple->fetch_results("a.attachmentid IN (" . implode(", ", $list) . ")");
if (count($list) != count($attachments))
{
return false;
}
}
$replaced = array();
$ids = $this->registry->db->query_read("
SELECT
a.attachmentid, a.userid, IF(a.contentid = 0, 1, 0) AS inprogress,
blog.blogid, blog.firstblogtextid, blog.dateline AS blog_dateline, blog.state, blog.postedby_userid,
bu.memberids, bu.memberblogids,
gm.permissions AS grouppermissions,
user.membergroupids, user.usergroupid, user.infractiongroupids,
blog_deletionlog.moddelete AS del_moddelete, blog_deletionlog.userid AS del_userid, blog_deletionlog.username AS del_username, blog_deletionlog.reason AS del_reason
FROM " . TABLE_PREFIX . "attachment AS a
LEFT JOIN " . TABLE_PREFIX . "blog AS blog ON (blog.blogid = a.contentid)
LEFT JOIN " . TABLE_PREFIX . "blog_user AS bu ON (bu.bloguserid = blog.userid)
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = blog.userid)
LEFT JOIN " . TABLE_PREFIX . "blog_groupmembership AS gm ON (blog.userid = gm.bloguserid AND gm.userid = " . $this->registry->userinfo['userid'] . ")
LEFT JOIN " . TABLE_PREFIX . "blog_deletionlog AS blog_deletionlog ON (blog.blogid = blog_deletionlog.primaryid AND blog_deletionlog.type = 'blogid')
WHERE
a.attachmentid IN (" . implode(", ", $list) . ")
");
while ($id = $this->registry->db->fetch_array($ids))
{
cache_permissions($id, false);
if ($checkperms AND !$id['inprogress'] AND !fetch_entry_perm('edit', $id))
{
return false;
}
if ($id['blogid'])
{
$this->lists['bloglist']["{$id['blogid']}"]++;
if ($this->log)
{
if (($this->registry->userinfo['permissions']['genericoptions'] & $this->registry->bf_ugp_genericoptions['showeditedby']) AND $id['p_dateline'] < (TIMENOW - ($this->registry->options['noeditedbytime'] * 60)))
{
if (empty($replaced["$id[firstblogtextid]"]))
{
/*insert query*/
$this->registry->db->query_write("
REPLACE INTO " . TABLE_PREFIX . "blog_editlog
(blogtextid, userid, username, dateline)
VALUES
(
$id[firstblogtextid],
" . $this->registry->userinfo['userid'] . ",
'" . $this->registry->db->escape_string($this->registry->userinfo['username']) . "',
" . TIMENOW . "
)
");
$replaced["$id[firstblogtextid]"] = true;
}
}
if (!is_member_of_blog($this->registry->userinfo, $id) AND can_moderate_blog('caneditentries'))
{
$bloginfo = array(
'blogid' => $id['blogid'],
'attachmentid' => $id['attachmentid'],
);
require_once(DIR . '/includes/blog_functions_log_error.php');
log_moderator_action($bloginfo, 'attachment_removed');
}
}
}
}
return true;
}
$xml->add_tag('please_drag_and_drop', $vbphrase['please_drag_and_drop']);
$xml->close_group('phrases');
$xml->add_group('extensions');
foreach ($extensions as $extension => $maxsize) {
$xml->add_tag($extension, $maxsize);
}
$xml->close_group('extensions');
}
$xml->close_group();
$xml->print_xml();
}
if ($_POST['do'] == 'help') {
$vbulletin->input->clean_array_gpc('p', array('filedataid' => TYPE_UINT, 'type' => TYPE_STR));
switch ($vbulletin->GPC['type']) {
case 'assetusage':
$attachmultiple = new vB_Attachment_Display_Multiple($vbulletin);
$attachments = $attachmultiple->fetch_results("a.userid = {$userinfo['userid']} AND a.contentid <> 0 AND a.filedataid = " . $vbulletin->GPC['filedataid']);
$title = $vbphrase['asset_usage'];
$content = '';
if (empty($attachments)) {
eval(standard_error(fetch_error('asset_not_used')));
}
$count = 0;
foreach ($attachments as $attachment) {
$count++;
$result = $attachmultiple->process_attachment($attachment);
$templater = vB_Template::create('assetmanager_usage_' . $result['template']);
unset($result['template']);
foreach ($result as $key => $value) {
$templater->register($key, $value);
}
SELECT
a.attachmentid, a.dateline, a.contentid, a.counter, a.userid, a.filename, user.username
FROM " . TABLE_PREFIX . "attachment AS a
INNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (a.filedataid = fd.filedataid)
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (a.userid = user.userid)
WHERE a.contentid <> 0
ORDER BY fd.filesize DESC
LIMIT 5
");
$position = 0;
print_table_header($vbphrase['five_largest_attachments'], 5);
print_cells_row(array(' ', $vbphrase['filename'], $vbphrase['username'], $vbphrase['filesize'], ' '), 1);
$attachmultiple = new vB_Attachment_Display_Multiple($vbulletin);
$attachments = $attachmultiple->fetch_results("a.contentid <> 0", false, 0, 5, 'filesize');
foreach ($attachments AS $attachment)
{
$position++;
$cell = array();
$cell[] = $position . '.';
$cell[] = "<a href=\"../attachment.php?" . $vbulletin->session->vars['sessionurl'] . "attachmentid=$attachment[attachmentid]&d=$attachment[dateline]\">$attachment[filename]</a>";
$cell[] = iif($attachment['userid'], "<a href=\"user.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&u=$attachment[userid]\">$attachment[username]</a>", $attachment['username']);
$cell[] = vb_number_format($attachment['filesize'], 1, true);
$cell[] = '<span class="smallfont">' .
construct_link_code($vbphrase['view_content'], $attachmultiple->fetch_content_url($attachment, '../'), true) .
construct_link_code($vbphrase['edit'], "attachment.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&attachmentid=$attachment[attachmentid]") .
construct_link_code($vbphrase['delete'], "attachment.php?" . $vbulletin->session->vars['sessionurl'] . "do=delete&attachmentid=$attachment[attachmentid]") .
'</span>';
print_cells_row($cell);
private function getPictures($type)
{
global $vbulletin, $permissions;
$contenttypeid = vB_Types::instance()->getContentTypeID('vBForum_Album');
require_once DIR . '/packages/vbattach/attach.php';
$datecut = TIMENOW - $vbulletin->options['mobilehomethreaddatecut'] * 86400;
$datecutoffsql = "a.dateline > {$datecut}";
if (!empty($this->timestamp)) {
$datecutoffsql = "a.dateline > " . $this->timestamp;
}
switch ($type) {
case 'top':
$multiple_attachments = new vB_Attachment_Display_Multiple($vbulletin);
$result = $multiple_attachments->fetch_results($datecutoffsql, false, 0, $this->max_items_per_category, 'counter');
break;
case 'new':
$multiple_attachments = new vB_Attachment_Display_Multiple($vbulletin);
$result = $multiple_attachments->fetch_results($datecutoffsql, false, 0, $this->max_items_per_category, 'dateline');
break;
default:
return null;
}
$i = 0;
foreach ($result as $picture) {
$ext = substr(strrchr($picture['filename'], '.'), 1);
if ($ext != 'png' && $ext != 'jpeg' && $ext != 'jpg' && $ext != 'gif') {
continue;
}
// still need to censor the title
$picture['title'] = fetch_censored_text($picture['caption']);
// get avatar
$this->fetch_avatarinfo($picture);
$content_url = '';
if (isset($picture['albumid'])) {
$content_url = 'album.php?' . $vbulletin->session->vars['sessionurl'] . 'albumid=' . $picture['albumid'] . '&attachmentid=' . $picture['attachmentid'];
} else {
if (isset($picture['blogid'])) {
$content_url = 'entry.php?' . $vbulletin->session->vars['sessionurl'] . 'blogid=' . $picture['blogid'];
} else {
if (isset($picture['postid'])) {
$content_url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . 't=' . $picture['threadid'] . '&p=' . $picture['postid'] . '#post' . $picture['postid'];
} else {
if (isset($picture['contentid'])) {
$content_url = 'content.php?' . $vbulletin->session->vars['sessionurl'] . 'nodeid=' . $picture['contentid'];
}
}
}
}
$array[$i] = array('id' => $picture['attachmentid'], 'title' => $picture['title'], 'viewcount' => $picture['counter'], 'userid' => $picture['userid'], 'username' => $picture['username'], 'avatarurl' => $picture['avatarurl'], 'type' => 'picture', 'dateline' => $picture['dateline'], 'url_full' => "attachment.php?" . $vbulletin->session->vars['sessionurl'] . "attachmentid={$picture['attachmentid']}&d={$picture['dateline']}", 'url_thumb' => "attachment.php?" . $vbulletin->session->vars['sessionurl'] . "attachmentid={$picture['attachmentid']}&thumb=1&d={$picture['dateline']}", 'contenturl' => $content_url);
$array[$i]['lastposttime'] = $picture['dateline'];
$i++;
}
return $array;
}
