function get_thread_by_unread_func($xmlrpc_params) { global $db, $mybb; $input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::STRING, 'posts_per_request' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params); if (preg_match('/^ann_/', $input['topic_id'])) { $_GET["aid"] = intval(str_replace('ann_', '', $input['topic_id'])); return get_announcement_func($xmlrpc_params); } $thread = get_thread($input['topic_id']); if (!empty($thread['closed'])) { $moved = explode("|", $thread['closed']); if ($moved[0] == "moved") { $thread = get_thread($moved[1]); } } if (is_moderator($thread['fid'])) { $visible = "AND (p.visible='0' OR p.visible='1')"; } else { $visible = "AND p.visible='1'"; } $cutoff = 0; if ($mybb->settings['threadreadcut'] > 0) { $cutoff = TIME_NOW - $mybb->settings['threadreadcut'] * 60 * 60 * 24; } $query = $db->query("select min(p.pid) as pid from " . TABLE_PREFIX . "posts p\n LEFT JOIN " . TABLE_PREFIX . "threadsread tr on p.tid = tr.tid and tr.uid = '{$mybb->user['uid']}'\n where p.tid='{$thread['tid']}' and p.uid != '{$mybb->user['uid']}' and (p.dateline > tr.dateline or tr.dateline is null) and p.dateline > {$cutoff} {$visible}\n "); $pid = $db->fetch_field($query, 'pid'); if (!$pid) { $query = $db->query("select p.pid from " . TABLE_PREFIX . "posts p\n where p.tid='{$thread['tid']}' {$visible}\n order by p.dateline desc\n limit 1"); $pid = $db->fetch_field($query, 'pid'); } return get_thread_by_post_func(new xmlrpcval(array(new xmlrpcval($pid, "string"), new xmlrpcval($input['posts_per_request'], 'int'), new xmlrpcval(!!$input['return_html'], 'boolean')), 'array')); }
/** * Completely rebuild the counters for a particular thread (useful if they become out of sync) * * @param int The thread ID * @param array Optional thread array so we don't have to query it */ function rebuild_thread_counters($tid) { global $db; if (!$thread['tid']) { $thread = get_thread($tid); } $query = $db->simple_select("posts", "COUNT(*) AS replies", "tid='{$tid}' AND pid!='{$thread['firstpost']}' AND visible='1'"); $count['replies'] = $db->fetch_field($query, "replies"); if ($count['replies'] < 0) { $count['replies'] = 0; } // Unapproved posts $query = $db->simple_select("posts", "COUNT(pid) AS totunposts", "tid='{$tid}' AND pid != '{$thread['firstpost']}' AND visible='0'"); $count['unapprovedposts'] = $db->fetch_field($query, "totunposts"); if (!$count['unapprovedposts']) { $count['unapprovedposts'] = 0; } // Attachment count $query = $db->query("\n\t\t\tSELECT COUNT(aid) AS attachment_count\n\t\t\tFROM " . TABLE_PREFIX . "attachments a\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "posts p ON (a.pid=p.pid)\n\t\t\tWHERE p.tid='{$tid}'\n\t"); $count['attachmentcount'] = $db->fetch_field($query, "attachment_count"); if (!$count['attachmentcount']) { $count['attachmentcount'] = 0; } update_thread_counters($tid, $count); }
function remove_attachment_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; chdir("../"); $lang->load("member"); $parser = new postParser(); $input = Tapatalk_Input::filterXmlInput(array('attachment_id' => Tapatalk_Input::INT, 'forum_id' => Tapatalk_Input::INT, 'group_id' => Tapatalk_Input::STRING, 'post_id' => Tapatalk_Input::INT), $xmlrpc_params); $fid = $input['forum_id']; $forum = get_forum($fid); if (!$forum) { return xmlrespfalse($lang->error_invalidforum); } $forumpermissions = forum_permissions($fid); if ($forum['open'] == 0 || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($mybb->user['uid'] < 1 || $forumpermissions['canview'] == 0 || $forumpermissions['canpostthreads'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } tt_check_forum_password($forum['fid']); $posthash = $input['group_id']; $mybb->input['posthash'] = $posthash; // If we're removing an attachment that belongs to an existing post, some security checks... $query = $db->simple_select("attachments", "pid", "aid='{$input['attachment_id']}'"); $attachment = $db->fetch_array($query); $pid = $attachment['pid']; if ($pid > 0) { if ($pid != $input['post_id']) { return xmlrespfalse("The attachment you are trying to remove does not belong to this post"); } $query = $db->simple_select("posts", "*", "pid='{$pid}'"); $post = $db->fetch_array($query); if (!$post['pid']) { return xmlrespfalse($lang->error_invalidpost); } // Get thread info $tid = $post['tid']; $thread = get_thread($tid); if (!$thread['tid']) { return xmlrespfalse($lang->error_invalidthread); } if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } if ($forumpermissions['caneditposts'] == 0) { return tt_no_permission(); } if ($mybb->user['uid'] != $post['uid']) { return tt_no_permission(); } } } else { $pid = 0; } require_once MYBB_ROOT . "inc/functions_upload.php"; remove_attachment($pid, $mybb->input['posthash'], $input['attachment_id']); return xmlresptrue(); }
function unsubscribe_topic_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $lang->load("usercp"); $input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::INT), $xmlrpc_params); $thread = get_thread($input['topic_id']); if (!$thread['tid']) { return xmlrespfalse($lang->error_invalidthread); } remove_subscribed_thread($thread['tid']); return xmlresptrue(); }
function subscribe_topic_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $lang->load("usercp"); $input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::INT), $xmlrpc_params); $thread = get_thread($input['topic_id']); if (!$thread['tid']) { return xmlrespfalse($lang->error_invalidthread); } $forumpermissions = forum_permissions($thread['fid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { return tt_no_permission(); } add_subscribed_thread($thread['tid'], 0); return xmlresptrue(); }
/** * Completely rebuild the counters for a particular thread (useful if they become out of sync) * * @param int The thread ID */ function rebuild_thread_counters($tid) { global $db; $thread = get_thread($tid); $count = array(); $query = $db->simple_select("posts", "COUNT(pid) AS replies", "tid='{$tid}' AND pid!='{$thread['firstpost']}' AND visible='1'"); $count['replies'] = $db->fetch_field($query, "replies"); // Unapproved posts $query = $db->simple_select("posts", "COUNT(pid) AS unapprovedposts", "tid='{$tid}' AND pid != '{$thread['firstpost']}' AND visible='0'"); $count['unapprovedposts'] = $db->fetch_field($query, "unapprovedposts"); // Soft deleted posts $query = $db->simple_select("posts", "COUNT(pid) AS deletedposts", "tid='{$tid}' AND pid != '{$thread['firstpost']}' AND visible='-1'"); $count['deletedposts'] = $db->fetch_field($query, "deletedposts"); // Attachment count $query = $db->query("\n\t\t\tSELECT COUNT(aid) AS attachment_count\n\t\t\tFROM " . TABLE_PREFIX . "attachments a\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "posts p ON (a.pid=p.pid)\n\t\t\tWHERE p.tid='{$tid}' AND a.visible=1\n\t"); $count['attachmentcount'] = $db->fetch_field($query, "attachment_count"); update_thread_counters($tid, $count); update_thread_data($tid); }
function reportthread_dopost() { require_once MYBB_ROOT . "inc/datahandlers/post.php"; global $db, $mybb; if (intval($mybb->settings['rtt_enabled']) == 1 || preg_replace("/[^a-z]/i", "", $mybb->settings['rtt_enabled']) == "yes") { if ($mybb->input['type'] == 'post') { $title = "Reported Post By "; $post = get_post($mybb->input['pid']); $thread = get_thread($post['tid']); $forum = get_forum($thread['fid']); $tlink = get_thread_link($thread['tid']); $flink = get_forum_link($thread['fid']); $reason = $mybb->input['reason']; if ($reason === 'other') { $reason = $mybb->input['comment']; } $post_data = $mybb->user['username'] . " has reported a post.\r\n\r\nOriginal Thread: [url=" . $mybb->settings['bburl'] . "/{$tlink}]" . $thread['subject'] . "[/url]\r\nForum: [url=" . $mybb->settings['bburl'] . "/{$flink}]" . $forum['name'] . "[/url]\r\n\r\nReason Given:\r\n[quote=\"" . $mybb->user['username'] . "\" dateline=\"" . time() . "\"]" . $reason . "[/quote]\r\n\r\nPost Content:\r\n[quote=\"" . $post['username'] . "\" pid=\"" . $post['pid'] . "\" dateline=\"" . $post['dateline'] . "\"]" . $post['message'] . "[/quote]"; } else { if ($mybb->input['type'] == 'reputation') { $title = "Reported Reputation By "; $rep = get_reputation_point($mybb->input['pid']); $giver = get_user($rep['adduid']); $reason = $mybb->input['reason']; if ($reason === 'other') { $reason = $mybb->input['comment']; } $post_data = $mybb->user['username'] . " has reported a reputation point.\r\n\r\nReason Given:\r\n[quote=\"" . $mybb->user['username'] . "\" dateline=\"" . time() . "\"]" . $reason . "[/quote]\r\n\r\nReputation comment:\r\n[quote=\"" . $giver['username'] . "\" dateline=\"" . $rep['dateline'] . "\"]" . $rep['comments'] . "[/quote]"; } } $new_thread = array("fid" => $mybb->settings['rtt_fid'], "prefix" => 0, "subject" => $title . $mybb->user['username'], "icon" => 0, "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "message" => $post_data, "ipaddress" => get_ip(), "posthash" => md5($mybb->user['uid'] . random_str())); $posthandler = new PostDataHandler("insert"); $posthandler->action = "thread"; $posthandler->set_data($new_thread); if ($posthandler->validate_thread()) { $thread_info = $posthandler->insert_thread(); } } }
} elseif ($mybb->get_input('action') == "removesubscription") { if ($mybb->get_input('type') == "forum") { $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT)); if (!$forum) { error($lang->error_invalidforum); } $plugins->run_hooks("usercp2_removesubscription_forum"); remove_subscribed_forum($forum['fid']); if ($server_http_referer) { $url = $server_http_referer; } else { $url = "usercp.php?action=forumsubscriptions"; } redirect($url, $lang->redirect_forumsubscriptionremoved); } else { $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT)); if (!$thread) { error($lang->error_invalidthread); } // Is the currently logged in user a moderator of this forum? if (is_moderator($thread['fid'])) { $ismod = true; } else { $ismod = false; } // Make sure we are looking at a real thread here. if ($thread['visible'] != 1 && $ismod == false || $thread['visible'] > 1 && $ismod == true) { error($lang->error_invalidthread); } $plugins->run_hooks("usercp2_removesubscription_thread"); remove_subscribed_thread($thread['tid']);
/** * Returns details of the posts in a given topic * * @since 1.0 * @return array|object The posts when successfully executed or an IXR_Error object on failure * @param array $args Arguments passed by the XML-RPC call * @param string $args[0] The username for authentication * @param string $args[1] The password for authentication * @param integer|string $args[2] The topic id or slug * @param integer $args[3] The number of posts to return (optional) * @param integer $args[4] The number of the page to return (optional) * * XML-RPC request to get all posts in the topic with id number 53 * <methodCall> * <methodName>bb.getPosts</methodName> * <params> * <param><value><string>joeblow</string></value></param> * <param><value><string>123password</string></value></param> * <param><value><int>53</int></value></param> * </params> * </methodCall> * * XML-RPC request to get the latest 5 posts in the topic with id number 341 * <methodCall> * <methodName>bb.getPosts</methodName> * <params> * <param><value><string>joeblow</string></value></param> * <param><value><string>123password</string></value></param> * <param><value><int>341</int></value></param> * <param><value><int>5</int></value></param> * </params> * </methodCall> * * XML-RPC request to get posts 11 to 20 in the topic with slug "long-topic" * <methodCall> * <methodName>bb.getPosts</methodName> * <params> * <param><value><string>joeblow</string></value></param> * <param><value><string>123password</string></value></param> * <param><value><string>long-topic</string></value></param> * <param><value><int>10</int></value></param> * <param><value><int>2</int></value></param> * </params> * </methodCall> */ function bb_getPosts($args) { do_action('bb_xmlrpc_call', 'bb.getPosts'); // Escape args $this->escape($args); // Get the login credentials $username = $args[0]; $password = (string) $args[1]; // Check the user is valid if ($this->auth_readonly) { $user = $this->authenticate($username, $password); } do_action('bb_xmlrpc_call_authenticated', 'bb.getPosts'); // If an error was raised by authentication or by an action then return it if ($this->error) { return $this->error; } // Can be numeric id or slug $topic_id = isset($args[2]) ? $args[2] : false; // Check for bad data if (!$topic_id || !is_string($topic_id) && !is_integer($topic_id)) { $this->error = new IXR_Error(400, __('The topic id is invalid.')); return $this->error; } // Check the requested topic exists if (!($topic = get_topic($topic_id))) { $this->error = new IXR_Error(400, __('No topic found.')); return $this->error; } // The topic id may have been a slug, so make sure it's an integer here $topic_id = (int) $topic->topic_id; // Setup an array to store arguments to pass to get_thread() function $get_thread_args = array(); // Can only be an integer if (isset($args[3]) && ($per_page = (int) $args[3])) { $get_thread_args['per_page'] = $per_page; } // Can only be an integer if (isset($args[4]) && ($page = (int) $args[4])) { $get_thread_args['page'] = $page; } // Get the posts if (!($posts = get_thread($topic_id, $get_thread_args))) { $this->error = new IXR_Error(500, __('No posts found.')); return $this->error; } // Only include "safe" data in the array $_posts = array(); foreach ($posts as $post) { $_posts[] = $this->prepare_post($post); } do_action('bb_xmlrpc_call_return', 'bb.getPosts'); // Return the posts return $_posts; }
function ougc_showinportal_myalerts_output(&$args) { global $mybb; if ($args['alert_type'] != 'ougc_showinportal' || !$mybb->user['myalerts_settings']['ougc_showinportal']) { return; } global $showinportal, $lang; $showinportal->lang_load(); $lang_var = 'ougc_showinportal_myalerts_showinportal'; if (!$args['content'][0]) { $lang_var = 'ougc_showinportal_myalerts_unshowinportal'; } $thread = get_thread($args['tid']); if (!$thread) { return; } $args['threadLink'] = $mybb->settings['bburl'] . '/' . get_thread_link($thread['tid']); $args['message'] = $lang->sprintf($lang->{$lang_var}, $args['user'], $args['threadLink'], htmlspecialchars_uni($thread['subject']), $args['dateline']); $args['rowType'] = 'showinportal'; }
function get_thread($topic_id, $page = 1, $reverse = 0) { bb_log_deprecated('class::function', __CLASS__ . '::' . __FUNCTION__, 'get_thread'); return get_thread($topic_id, $page, $reverse); }
function get_thread_func($xmlrpc_params) { global $db, $lang, $mybb, $position, $plugins, $pids; global $pforumcache, $currentitem, $forum_cache, $navbits, $base_url, $archiveurl; $input = Tapatalk_Input::filterXmlInput(array('topic_id' => Tapatalk_Input::STRING, 'start_num' => Tapatalk_Input::INT, 'last_num' => Tapatalk_Input::INT, 'return_html' => Tapatalk_Input::INT), $xmlrpc_params); if (preg_match('/^ann_/', $input['topic_id'])) { $_GET["aid"] = intval(str_replace('ann_', '', $input['topic_id'])); return get_announcement_func($xmlrpc_params); } $lang->load("showthread"); global $parser; $parser = new Tapatalk_Parser(); // Get the thread details from the database. $thread = get_thread($input['topic_id']); if (!empty($thread['closed'])) { $moved = explode("|", $thread['closed']); if ($moved[0] == "moved") { $thread = get_thread($moved[1]); } } // Get thread prefix if there is one. $thread['threadprefix'] = ''; $thread['displayprefix'] = ''; if ($thread['prefix'] != 0) { $threadprefix = build_prefixes($thread['prefix']); if ($threadprefix['prefix']) { $thread['threadprefix'] = $threadprefix['prefix'] . ' '; $thread['displayprefix'] = $threadprefix['displaystyle'] . ' '; } } $thread['subject'] = $parser->parse_badwords($thread['subject']); $tid = $thread['tid']; $fid = $thread['fid']; if (!$thread['username']) { $thread['username'] = $lang->guest; } $visibleonly = "AND visible='1'"; // Is the currently logged in user a moderator of this forum? if (is_moderator($fid)) { $visibleonly = " AND (visible='1' OR visible='0')"; $ismod = true; } else { $ismod = false; } $forumpermissions = forum_permissions($thread['fid']); // Does the user have permission to view this thread? if ($forumpermissions['canview'] != 1 || $forumpermissions['canviewthreads'] != 1) { error_no_permission(); } if ($forumpermissions['canonlyviewownthreads'] == 1 && $thread['uid'] != $mybb->user['uid']) { error_no_permission(); } // Make sure we are looking at a real thread here. if (!$thread['tid'] || $thread['visible'] == 0 && $ismod == false || $thread['visible'] > 1 && $ismod == true) { return xmlrespfalse($lang->error_invalidthread); } // Does the thread belong to a valid forum? $forum = get_forum($fid); if (!$forum || $forum['type'] != "f") { return xmlrespfalse($lang->error_invalidforum); } tt_check_forum_password($forum['fid']); if ($thread['firstpost'] == 0) { update_first_post($tid); } // Mark this thread as read mark_thread_read($tid, $fid); // Increment the thread view. if ($mybb->settings['delayedthreadviews'] == 1) { $db->shutdown_query("INSERT INTO " . TABLE_PREFIX . "threadviews (tid) VALUES('{$tid}')"); } else { $db->shutdown_query("UPDATE " . TABLE_PREFIX . "threads SET views=views+1 WHERE tid='{$tid}'"); } ++$thread['views']; // Work out if we are showing unapproved posts as well (if the user is a moderator etc.) if ($ismod) { $visible = "AND (p.visible='0' OR p.visible='1')"; } else { $visible = "AND p.visible='1'"; } // Fetch the ignore list for the current user if they have one $ignored_users = array(); if ($mybb->user['uid'] > 0 && $mybb->user['ignorelist'] != "") { $ignore_list = explode(',', $mybb->user['ignorelist']); foreach ($ignore_list as $uid) { $ignored_users[$uid] = 1; } } list($start, $limit) = process_page($input['start_num'], $input['last_num']); // Recount replies if user is a moderator to take into account unapproved posts. if ($ismod) { $query = $db->simple_select("posts p", "COUNT(*) AS replies", "p.tid='{$tid}' {$visible}"); $thread['replies'] = $db->fetch_field($query, 'replies') - 1; } $postcount = intval($thread['replies']) + 1; $pids = ""; $comma = ''; $query = $db->simple_select("posts p", "p.pid", "p.tid='{$tid}' {$visible}", array('order_by' => 'p.dateline', 'limit_start' => $start, 'limit' => $limit)); while ($getid = $db->fetch_array($query)) { // Set the ID of the first post on page to $pid if it doesn't hold any value // to allow this value to be used for Thread Mode/Linear Mode links // and ensure the user lands on the correct page after changing view mode if (!$pid) { $pid = $getid['pid']; } // Gather a comma separated list of post IDs $pids .= "{$comma}'{$getid['pid']}'"; $comma = ","; } if ($pids) { $pids = "pid IN({$pids})"; global $attachcache; $attachcache = array(); if ($thread['attachmentcount'] > 0) { // Now lets fetch all of the attachments for these posts. $query = $db->simple_select("attachments", "*", $pids); while ($attachment = $db->fetch_array($query)) { $attachcache[$attachment['pid']][$attachment['aid']] = $attachment; } } } else { // If there are no pid's the thread is probably awaiting approval. return xmlrespfalse($lang->error_invalidthread); } $post_list = array(); // Get the actual posts from the database here. $posts = ''; $query = $db->query("\n SELECT u.*, u.username AS userusername, p.*, f.*, eu.username AS editusername, IF(b.lifted > UNIX_TIMESTAMP() OR b.lifted = 0, 1, 0) as isbanned\n FROM " . TABLE_PREFIX . "posts p\n LEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\n LEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n LEFT JOIN " . TABLE_PREFIX . "users eu ON (eu.uid=p.edituid)\n LEFT JOIN " . TABLE_PREFIX . "banned b ON (b.uid = p.uid)\n WHERE {$pids}\n ORDER BY p.dateline\n "); //can_rename topic $can_rename = (is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $thread['uid']) && $mybb->user['uid'] != 0; while ($post = $db->fetch_array($query)) { if ($thread['firstpost'] == $post['pid'] && $thread['visible'] == 0) { $post['visible'] = 0; } //$posts .= build_postbit($post); $parser_options = array(); $parser_options['allow_html'] = false; $parser_options['allow_mycode'] = true; $parser_options['allow_smilies'] = false; $parser_options['allow_imgcode'] = true; $parser_options['allow_videocode'] = true; $parser_options['nl2br'] = (bool) $input['return_html']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } $post['subject'] = $parser->parse_badwords($post['subject']); $post['author'] = $post['uid']; if ($post['userusername']) { // This post was made by a registered user $post['username'] = $post['userusername']; } // Eidt Option $can_edit = (is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid']) && $mybb->user['uid'] != 0; // Quick Delete Option $can_delete = 0; if ($mybb->user['uid'] == $post['uid']) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete = 1; } } } $can_delete = (is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0; // User Online status $is_online = false; $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if ($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) { $is_online = true; } $post['message'] = post_bbcode_clean($post['message']); $plugins->remove_hook('parse_message', 'mybbirckeditor_parser'); // Post content and attachments $post['message'] = $parser->parse_message($post['message'], $parser_options); $attachment_list = process_post_attachments($post['pid'], $post); // add for thank/like support $post = $plugins->run_hooks("postbit", $post); if (is_array($ignored_users) && $post['uid'] != 0 && $ignored_users[$post['uid']] == 1) { $show_spoiler = "[spoiler]" . $post['message'] . "[/spoiler]"; $post['message'] = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']) . $show_spoiler; } $post_xmlrpc = array('post_id' => new xmlrpcval($post['pid'], 'string'), 'post_title' => new xmlrpcval(basic_clean($post['subject']), 'base64'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64'), 'post_author_id' => new xmlrpcval($post['uid'], 'string'), 'post_author_name' => new xmlrpcval(basic_clean($post['username']), 'base64'), 'icon_url' => new xmlrpcval(absolute_url($post['avatar']), 'string'), 'post_time' => new xmlrpcval(mobiquo_iso8601_encode($post['dateline']), 'dateTime.iso8601'), 'timestamp' => new xmlrpcval($post['dateline'], 'string'), 'attachments' => new xmlrpcval($attachment_list, 'array')); if (!$post['visible']) { $post_xmlrpc['is_approved'] = new xmlrpcval(false, 'boolean'); } // default as true if ($post['smilieoff']) { $post_xmlrpc['allow_smilies'] = new xmlrpcval(false, 'boolean'); } // default as true if ($post['isbanned']) { $post_xmlrpc['is_ban'] = new xmlrpcval(true, 'boolean'); } if ($is_online) { $post_xmlrpc['is_online'] = new xmlrpcval(true, 'boolean'); } if ($can_edit) { $post_xmlrpc['can_edit'] = new xmlrpcval(true, 'boolean'); } if ($can_delete) { $post_xmlrpc['can_delete'] = new xmlrpcval(true, 'boolean'); } if (is_moderator($fid, 'canmanagethreads')) { $post_xmlrpc['can_approve'] = new xmlrpcval(true, 'boolean'); } if (is_moderator($fid, 'canmanagethreads')) { $post_xmlrpc['can_move'] = new xmlrpcval(true, 'boolean'); } if ($mybb->usergroup['canmodcp'] == 1) { $post_xmlrpc['can_ban'] = new xmlrpcval(true, 'boolean'); } if ($post['edituid']) { //add edit info $edit_info = array('editor_id' => new xmlrpcval($post['edituid'], 'string'), 'editor_name' => new xmlrpcval($post['editusername'], 'base64'), 'edit_time' => new xmlrpcval($post['edittime'], 'string')); if (!empty($post['editreason'])) { $edit_info['edit_reason'] = new xmlrpcval($post['editreason'], 'base64'); } $post_xmlrpc = array_merge($post_xmlrpc, $edit_info); } // add for thank/like support if (isset($post['button_tyl']) && $mybb->user['uid']) { global $mobiquo_config, $g33k_pcache; $thlprefix = $mobiquo_config['thlprefix']; $tyled = false; $tyl_list = array(); if ($mybb->settings[$thlprefix . 'enabled'] == "1") { if ($post['thankyoulike'] && isset($g33k_pcache[$post['pid']])) { foreach ($g33k_pcache[$post['pid']] as $tyl) { if ($tyl['uid'] == $mybb->user['uid']) { $tyled = true; } $tyl_list[] = new xmlrpcval(array('userid' => new xmlrpcval($tyl['uid'], 'string'), 'username' => new xmlrpcval(basic_clean($tyl['username']), 'base64')), 'struct'); } } if ($mybb->settings[$thlprefix . 'thankslike'] == "like") { if ($post['button_tyl']) { $post_xmlrpc['can_like'] = new xmlrpcval(true, 'boolean'); } if ($tyled) { $post_xmlrpc['is_liked'] = new xmlrpcval(true, 'boolean'); } if ($tyl_list) { $post_xmlrpc['likes_info'] = new xmlrpcval($tyl_list, 'array'); } } else { if ($mybb->settings[$thlprefix . 'thankslike'] == "thanks") { if ($post['button_tyl']) { $post_xmlrpc['can_thank'] = new xmlrpcval(true, 'boolean'); } if ($mybb->settings[$thlprefix . 'removing'] == 1) { $post_xmlrpc['can_remove_thank'] = new xmlrpcval(true, 'boolean'); } if ($tyled) { $post_xmlrpc['is_thanked'] = new xmlrpcval(true, 'boolean'); } if ($tyl_list) { $post_xmlrpc['thanks_info'] = new xmlrpcval($tyl_list, 'array'); } } } } } $post_list[] = new xmlrpcval($post_xmlrpc, 'struct'); } $query = $db->simple_select("threadsubscriptions", "tid", "tid='" . intval($tid) . "' AND uid='" . intval($mybb->user['uid']) . "'", array('limit' => 1)); $subscribed = (bool) $db->fetch_field($query, 'tid'); $query = $db->simple_select("banned", "uid", "uid='{$thread['uid']}'"); $isbanned = !!$db->fetch_field($query, "uid"); $can_reply = $forumpermissions['canpostreplys'] != 0 && $mybb->user['suspendposting'] != 1 && ($thread['closed'] != 1 || is_moderator($fid)) && $forum['open'] != 0; build_tt_breadcrumb($fid); $navgation_arr = $navbits; if (is_array($navgation_arr) && count($navgation_arr) > 1) { unset($navgation_arr[0]); foreach ($navgation_arr as $navigation) { $forum_id = $navigation['fid']; $sub_only = false; if ($navigation['type'] != 'f') { $sub_only = true; } $breadcrumb[] = new xmlrpcval(array('forum_id' => new xmlrpcval($forum_id, 'string'), 'forum_name' => new xmlrpcval($navigation['name'], 'base64'), 'sub_only' => new xmlrpcval($sub_only, 'boolean')), 'struct'); } } $is_poll = !empty($thread['poll']) ? true : false; $result = array('total_post_num' => new xmlrpcval($postcount, 'int'), 'forum_id' => new xmlrpcval($thread['fid'], 'string'), 'forum_name' => new xmlrpcval(basic_clean($forum['name']), 'base64'), 'topic_id' => new xmlrpcval($thread['tid'], 'string'), 'topic_title' => new xmlrpcval(basic_clean($thread['subject']), 'base64'), 'can_upload' => new xmlrpcval($forumpermissions['canpostattachments'] != 0, 'boolean'), 'can_report' => new xmlrpcval(true, 'boolean'), 'can_reply' => new xmlrpcval($can_reply, 'boolean'), 'is_poll' => new xmlrpcval($is_poll, 'boolean'), 'view_number' => new xmlrpcval(intval($thread['views']), 'int')); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { $new_topic['can_subscribe'] = new xmlrpcval(false, 'boolean'); } else { $new_topic['can_subscribe'] = new xmlrpcval(true, 'boolean'); } if ($thread['prefix']) { $result['prefix'] = new xmlrpcval(basic_clean($thread['displayprefix']), 'base64'); } if (!$thread['visible']) { $result['is_approved'] = new xmlrpcval(false, 'boolean'); } // default as true if ($thread['closed']) { $result['is_closed'] = new xmlrpcval(true, 'boolean'); } if ($thread['sticky']) { $result['is_sticky'] = new xmlrpcval(true, 'boolean'); } if ($subscribed) { $result['is_subscribed'] = new xmlrpcval(true, 'boolean'); } else { $result['is_subscribed'] = new xmlrpcval(false, 'boolean'); } if ($isbanned) { $result['is_ban'] = new xmlrpcval(true, 'boolean'); } if ($position) { $result['position'] = new xmlrpcval(intval($position), 'int'); } if (is_moderator($fid, "canopenclosethreads")) { $result['can_close'] = new xmlrpcval(true, 'boolean'); } if (is_moderator($fid, "candeleteposts")) { $result['can_delete'] = new xmlrpcval(true, 'boolean'); } if (is_moderator($fid, "canmanagethreads")) { $result['can_stick'] = new xmlrpcval(true, 'boolean'); } if (is_moderator($fid, "canmanagethreads")) { $result['can_move'] = new xmlrpcval(true, 'boolean'); $result['can_merge'] = new xmlrpcval(true, 'boolean'); $result['can_merge_post'] = new xmlrpcval(true, 'boolean'); } if (is_moderator($fid, "canopenclosethreads")) { $result['can_approve'] = new xmlrpcval(true, 'boolean'); } if ($can_rename) { $result['can_rename'] = new xmlrpcval(true, 'boolean'); } if ($mybb->usergroup['canmodcp'] == 1) { $result['can_ban'] = new xmlrpcval(true, 'boolean'); } if (!empty($breadcrumb)) { $result['breadcrumb'] = new xmlrpcval($breadcrumb, 'array'); } $result['posts'] = new xmlrpcval($post_list, 'array'); return new xmlrpcresp(new xmlrpcval($result, 'struct')); }
/** * Find out the special locations. * * @return array Special locations array. */ function get_special_locations() { global $mybb; $array = array('1' => '', '2' => ''); if (preg_match("#forumdisplay.php#", $_SERVER['PHP_SELF']) && $mybb->get_input('fid', MyBB::INPUT_INT) > 0) { $array[1] = $mybb->get_input('fid', MyBB::INPUT_INT); $array[2] = ''; } elseif (preg_match("#showthread.php#", $_SERVER['PHP_SELF'])) { global $db; if ($mybb->get_input('tid', MyBB::INPUT_INT) > 0) { $array[2] = $mybb->get_input('tid', MyBB::INPUT_INT); } elseif (isset($mybb->input['pid']) && !empty($mybb->input['pid'])) { $options = array("limit" => 1); $query = $db->simple_select("posts", "tid", "pid=" . $mybb->get_input('pid', MyBB::INPUT_INT), $options); $post = $db->fetch_array($query); $array[2] = $post['tid']; } $thread = get_thread($array[2]); $array[1] = $thread['fid']; } return $array; }
function get_thread_post_ids($topic_id) { $return = array('post' => array(), 'poster' => array()); foreach (get_thread($topic_id, array('per_page' => -1)) as $post) { $return['post'][] = $post->post_id; $return['poster'][] = $post->poster_id; } return $return; }
<?php // Update the tags for a thread include 'init.php'; $thread_id = (int) $_POST['thread_id']; $thread = get_thread($thread_id); if (!$thread) { die('Thread not found.'); } $tags = $_POST['tags']; update_tags($thread_id, $tags); header('Location: thread.php?updated=tags&t=' . $thread_id);
} else { /* form submitted via edit (step 2) */ preprocess($nmsg, $_POST); $offtopic = isset($_POST['OffTopic']); $expose_email = isset($_POST['ExposeEmail']); $send_email = isset($_POST['EmailFollowup']); /* automatically track thread if user requested email notification */ $track_thread = isset($_POST['TrackThread']) || $send_email; } if (!isset($forum['option']['PostEdit'])) { $tpl->set_var(array("edit_locked" => "", "error" => "", "preview" => "", "form" => "", "accept" => "")); print generate_page('Edit Message Denied', $tpl->parse("CONTENT", "disabled")); exit; } $tpl->set_var("disabled", ""); $thread = get_thread($msg['tid']); if (isset($thread['flag']['Locked']) && !$user->capable($forum['fid'], 'Lock')) { $tpl->set_var(array("error" => "", "preview" => "", "form" => "", "accept" => "")); print generate_page('Edit Message Denied', $tpl->parse("CONTENT", "edit_locked")); exit; } $tpl->set_var("edit_locked", ""); /* Sanitize the strings */ $nmsg['name'] = stripcrap($user->name); if ($expose_email) { $nmsg['email'] = stripcrap($user->email); } else { $nmsg['email'] = ""; } /* update offtopic status */ if ($msg['state'] == 'Active' && $offtopic) {
* License: http://mybb.com/about/license * * $Id$ */ define("IN_MYBB", 1); define('THIS_SCRIPT', 'sendthread.php'); $templatelist = "sendthread,forumdisplay_password_wrongpass,forumdisplay_password"; require_once "./global.php"; require_once MYBB_ROOT . "inc/functions_post.php"; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Load global language phrases $lang->load("sendthread"); // Get thread info $tid = intval($mybb->input['tid']); $thread = get_thread($tid); // Get thread prefix $breadcrumbprefix = ''; if ($thread['prefix']) { $threadprefix = build_prefixes($thread['prefix']); if (isset($threadprefix['displaystyle'])) { $breadcrumbprefix = $threadprefix['displaystyle'] . ' '; } } $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); // Invalid thread if (!$thread['tid']) { error($lang->error_invalidthread); } // Guests cannot use this feature if (!$mybb->user['uid']) {
function save_raw_post_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $lang->load("editpost"); $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'post_title' => Tapatalk_Input::STRING, 'post_content' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'editreason' => Tapatalk_Input::STRING), $xmlrpc_params); $parser = new postParser(); // No permission for guests if (!$mybb->user['uid']) { return tt_no_permission(); } // Get post info $pid = $input['post_id']; $query = $db->simple_select("posts", "*", "pid='{$pid}'"); $post = $db->fetch_array($query); if (empty($input['post_title'])) { $input['post_title'] = $post['subject']; } if (!$post['pid']) { return xmlrespfalse($lang->error_invalidpost); } // Get thread info $tid = $post['tid']; $thread = get_thread($tid); if (!$thread['tid']) { return xmlrespfalse($lang->error_invalidthread); } $thread['subject'] = htmlspecialchars_uni($thread['subject']); // Get forum info $fid = $post['fid']; $forum = get_forum($fid); if (!$forum || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } $forumpermissions = forum_permissions($fid); if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } if ($forumpermissions['caneditposts'] == 0) { return tt_no_permission(); } if ($mybb->user['uid'] != $post['uid']) { return tt_no_permission(); } // Edit time limit $time = TIME_NOW; if ($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < $time - $mybb->settings['edittimelimit'] * 60) { $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); return xmlrespfalse($lang->edit_time_limit); } } // Check if this forum is password protected and we have a valid password tt_check_forum_password($forum['fid']); // Set up posthandler. require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("update"); $posthandler->action = "post"; // Set the post data that came from the input to the $post array. $post = array("pid" => $pid, "subject" => $input['post_title'], "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "edit_uid" => $mybb->user['uid'], "message" => $input['post_content']); if (version_compare($mybb->version, '1.8.0', '>=') && !empty($input['editreason'])) { $post["editreason"] = $input['editreason']; } // get subscription status $query = $db->simple_select("threadsubscriptions", 'notification', "uid='" . intval($mybb->user['uid']) . "' AND tid='" . intval($tid) . "'"); $substatus = $db->fetch_array($query); // Set up the post options from the input. $post['options'] = array("signature" => 1, "subscriptionmethod" => isset($substatus['notification']) ? $substatus['notification'] == 1 ? 'instant' : 'none' : '', "disablesmilies" => 0); $posthandler->set_data($post); // Now let the post handler do all the hard work. if (!$posthandler->validate_post()) { $post_errors = $posthandler->get_friendly_errors(); return xmlrespfalse(implode(" :: ", $post_errors)); } else { $postinfo = $posthandler->update_post(); $visible = $postinfo['visible']; $first_post = $postinfo['first_post']; // Help keep our attachments table clean. $db->delete_query("attachments", "filename='' OR filesize<1"); if ($visible == 0 && $first_post && !is_moderator($fid, "", $mybb->user['uid'])) { $state = 1; } else { if ($visible == 0 && !is_moderator($fid, "", $mybb->user['uid'])) { $state = 1; } else { $state = 0; } } } $pid = intval($pid); if (!empty($input['group_id_esc'])) { $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'"); } // update thread attachment account if (count($input['attachment_id_array']) > 0) { update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array']))); } $post = get_post($pid); $parser_options = array(); $parser_options['allow_html'] = false; $parser_options['allow_mycode'] = true; $parser_options['allow_smilies'] = false; $parser_options['allow_imgcode'] = true; $parser_options['allow_videocode'] = true; $parser_options['nl2br'] = (bool) $input['return_html']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } $post['message'] = $parser->parse_message($post['message'], $parser_options); $post['subject'] = $parser->parse_badwords($post['subject']); $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'state' => new xmlrpcval($state, 'int'), 'post_title' => new xmlrpcval($post['subject'], 'base64'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64')), 'struct'); return new xmlrpcresp($result); }
} if ($mybb->input['action'] == "do_undovote") { verify_post_check($mybb->get_input('my_post_key')); if ($mybb->usergroup['canundovotes'] != 1) { error_no_permission(); } $query = $db->simple_select("polls", "*", "pid='" . $mybb->get_input('pid', MyBB::INPUT_INT) . "'"); $poll = $db->fetch_array($query); if (!$poll['pid']) { error($lang->error_invalidpoll); } $plugins->run_hooks("polls_do_undovote_start"); $poll['numvotes'] = (int) $poll['numvotes']; // We do not have $forum_cache available here since no forums permissions are checked in undo vote // Get thread ID and then get forum info $thread = get_thread($poll['tid']); if (!$thread || $thread['visible'] == 0) { error($lang->error_invalidthread); } $fid = $thread['fid']; // Get forum info $forum = get_forum($fid); if (!$forum) { error($lang->error_invalidforum); } else { // Is our forum closed? if ($forum['open'] == 0) { // Doesn't look like it is error($lang->error_closedinvalidforum); } }
function xthreads_upload_attachments_global() { //if($mybb->request_method == 'post' && ($current_page == 'newthread.php' || ($current_page == 'editpost.php' && $mybb->input['action'] != 'deletepost')) // the above line is always checked and true global $mybb, $current_page, $thread; if ($current_page == 'editpost.php') { // check if first post $pid = (int) $mybb->input['pid']; if (!$thread) { $post = get_post($pid); if (!empty($post)) { $thread = get_thread($post['tid']); } if (empty($thread)) { return; } $pid = $post['pid']; } if ($thread['firstpost'] != $pid) { return; } } elseif ($mybb->input['tid']) { /* ($mybb->input['action'] == 'editdraft' || $mybb->input['action'] == 'savedraft') && */ $thread = get_thread((int) $mybb->input['tid']); if ($thread['visible'] != -2 || $thread['uid'] != $mybb->user['uid']) { // ensure that this is, indeed, a draft unset($GLOBALS['thread']); } } // permissions check - ideally, should get MyBB to do this, but I see no easy way to implement it unfortunately if ($mybb->user['suspendposting'] == 1) { return; } if ($thread['fid']) { $fid = $thread['fid']; } else { $fid = (int) $mybb->input['fid']; } $forum = get_forum($fid); if (!$forum['fid'] || $forum['open'] == 0 || $forum['type'] != 'f') { return; } $forumpermissions = forum_permissions($fid); if ($forumpermissions['canview'] == 0) { return; } if ($current_page == 'newthread.php' && $forumpermissions['canpostthreads'] == 0) { return; } elseif ($current_page == 'editpost.php') { if (!is_moderator($fid, 'caneditposts')) { if ($thread['closed'] == 1 || $forumpermissions['caneditposts'] == 0 || $mybb->user['uid'] != $thread['uid']) { return; } if ($mybb->settings['edittimelimit'] != 0 && $thread['dateline'] < TIME_NOW - $mybb->settings['edittimelimit'] * 60) { return; } } } if (!verify_post_check($mybb->input['my_post_key'], true)) { return; } check_forum_password($forum['fid']); xthreads_upload_attachments(); }
function firstpreview_ajax() { global $mybb, $db, $lang, $charset; // Get the first post if (isset($mybb->input['firstpost']) && $mybb->input['firstpost'] == 1 && $mybb->request_method == "post") { $thread = get_thread((int) $mybb->input['tid']); $permissions = forum_permissions($thread['fid']); require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $post = get_post($thread['firstpost']); $forum = get_forum($thread['fid']); $user = get_user($post['uid']); $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); $threaddate = my_date($mybb->settings['dateformat'], $thread['dateline']); $threadtime = my_date($mybb->settings['timeformat'], $thread['dateline']); $threadposted = ' (' . $threaddate . ', ' . $threadtime . ')'; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; $id = 0; $post['message'] = $parser->parse_message($post['message'], $parser_options); if (isset($mybb->settings['firstpreview_html']) && $mybb->settings['firstpreview_html'] != 1) { $post['message'] = strip_tags($post['message'], "<br><p><ul><ol><li>"); } if (!empty($mybb->settings['firstpreview_length']) && $mybb->settings['firstpreview_length'] != "0" && my_strlen($post['message']) > (int) $mybb->settings['firstpreview_length']) { $post['message'] = my_substr($post['message'], 0, (int) $mybb->settings['firstpreview_length']) . '...'; } if (isset($permissions['canviewthreads']) && $permissions['canviewthreads'] == 1) { $preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span>\n\t\t\t<div class=\"thead\" style=\"text-align:center; font-weight:bold; min-height:20px;\">" . $thread['subject'] . "</div>\n\t\t\t<div class=\"tcat\" style=\"padding-left:10px; height: 10%;\">" . build_profile_link(format_name(htmlspecialchars_uni($post['username']), (int) $user['usergroup'], (int) $user['displaygroup']), (int) $post['uid']) . "<span class=\"smalltext\">" . $threadposted . "</span></div>\n\t\t\t<div class=\"prev_content\">" . $post['message'] . "</div>\n\t\t\t</div>"; } else { $lang->load("messages"); $preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span><div class=\"prev_content\" style=\"text-align:center;\">" . $lang->error_nopermission_user_ajax . "</div></div>"; } header("Content-type: text/plain; charset={$charset}"); echo $preview; exit; } // Get the last post if (isset($mybb->settings['firstpreview_last']) && $mybb->settings['firstpreview_last'] != 0 && isset($mybb->input['lastpost']) && $mybb->input['lastpost'] == 1 && $mybb->request_method == "post") { $thread = get_thread((int) $mybb->input['tid']); $tid = (int) $thread['tid']; $permissions = forum_permissions($thread['fid']); require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $lastposter = (int) $thread['lastposteruid']; $lastposttime = (int) $thread['lastpost']; $query = $db->simple_select('posts', '*', "uid = '" . $lastposter . "' AND dateline = '" . $lastposttime . "' AND tid = '" . $tid . "'"); $post = $db->fetch_array($query); $forum = get_forum($thread['fid']); $user = get_user($post['uid']); $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); $lastdate = my_date($mybb->settings['dateformat'], $lastposttime); $lasttime = my_date($mybb->settings['timeformat'], $lastposttime); $lastposted = ' (' . $lastdate . ', ' . $lasttime . ')'; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; $id = 0; $post['message'] = $parser->parse_message($post['message'], $parser_options); if (isset($mybb->settings['firstpreview_html']) && $mybb->settings['firstpreview_html'] != 1) { $post['message'] = strip_tags($post['message'], "<br><p><ul><ol><li>"); } if (!empty($mybb->settings['firstpreview_length']) && $mybb->settings['firstpreview_length'] != "0" && my_strlen($post['message']) > (int) $mybb->settings['firstpreview_length']) { $post['message'] = my_substr($post['message'], 0, (int) $mybb->settings['firstpreview_length']) . '...'; } if (isset($permissions['canviewthreads']) && $permissions['canviewthreads'] == 1) { $lang->load("forumdisplay"); $preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span>\n\t\t\t<div class=\"thead\" style=\"text-align:center; font-weight:bold; min-height:20px;\">" . $thread['subject'] . "</div>\n\t\t\t<div class=\"tcat\" style=\"padding-left:10px; padding-right:10px;\">" . build_profile_link(format_name(htmlspecialchars_uni($post['username']), (int) $user['usergroup'], (int) $user['displaygroup']), (int) $post['uid']) . "<span class=\"smalltext\">" . $lastposted . "<span class=\"float_right\"><strong>" . $lang->lastpost . "</strong></span></span></div>\n\t\t\t<div class=\"prev_content\">" . $post['message'] . "</div>\n\t\t\t</div>"; } else { $lang->load("messages"); $preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span><div class=\"prev_content\" style=\"text-align:center;\">" . $lang->error_nopermission_user_ajax . "</div></div>"; } header("Content-type: text/plain; charset={$charset}"); echo $preview; exit; } }
function m_delete_post_func($xmlrpc_params) { global $input, $post, $thread, $forum, $pid, $tid, $fid, $modlogdata, $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups, $moderation, $parser; $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'mode' => Tapatalk_Input::INT, 'reason_text' => Tapatalk_Input::STRING), $xmlrpc_params); // Load global language phrases $lang->load("editpost"); $plugins->run_hooks("editpost_start"); // No permission for guests if (!$mybb->user['uid']) { error_no_permission(); } // Get post info $pid = intval($input['post_id']); $query = $db->simple_select("posts", "*", "pid='{$pid}'"); $post = $db->fetch_array($query); if (!$post['pid']) { error($lang->error_invalidpost); } // Get thread info $tid = $post['tid']; $thread = get_thread($tid); if (!$thread['tid']) { error($lang->error_invalidthread); } // Get forum info $fid = $post['fid']; $forum = get_forum($fid); if (!$forum || $forum['type'] != "f") { error($lang->error_closedinvalidforum); } if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) { error_no_permission(); } $forumpermissions = forum_permissions($fid); if (!is_moderator($fid, "candeleteposts")) { if ($thread['closed'] == 1) { error($lang->redirect_threadclosed); } if ($forumpermissions['candeleteposts'] == 0) { error_no_permission(); } if ($mybb->user['uid'] != $post['uid']) { error_no_permission(); } } // Check if this forum is password protected and we have a valid password check_forum_password($forum['fid']); $plugins->run_hooks("editpost_deletepost"); $modlogdata['fid'] = $fid; $modlogdata['tid'] = $tid; $query = $db->simple_select("posts", "pid", "tid='{$tid}'", array("limit" => 1, "order_by" => "dateline", "order_dir" => "asc")); $firstcheck = $db->fetch_array($query); if ($firstcheck['pid'] == $pid) { if ($forumpermissions['candeletethreads'] == 1 || is_moderator($fid, "candeletethreads")) { delete_thread($tid); mark_reports($tid, "thread"); log_moderator_action($modlogdata, $lang->thread_deleted); } else { error_no_permission(); } } else { if ($forumpermissions['candeleteposts'] == 1 || is_moderator($fid, "candeleteposts")) { // Select the first post before this delete_post($pid, $tid); mark_reports($pid, "post"); log_moderator_action($modlogdata, $lang->post_deleted); } else { error_no_permission(); } } $response = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'is_login_mod' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval("", 'base64')), 'struct'); return new xmlrpcresp($response); }
/** * Execute Inline Post Moderation * * @param array Moderation information * @param mixed Post IDs * @param array Thread IDs (in order of dateline ascending) * @return boolean true */ function execute_post_moderation($post_options, $pids, $tid) { global $db, $mybb, $lang; if (is_array($tid)) { $tid = intval($tid[0]); // There's only 1 thread when doing inline post moderation // The thread chosen is the first thread in the array of tids. // It is recommended that this be the tid of the oldest post } // Get the information about thread $thread = get_thread($tid); // If deleting posts, only do that if ($post_options['deleteposts'] == 1) { foreach ($pids as $pid) { $this->delete_post($pid); } $delete_tids = array(); $imploded_pids = implode(",", array_map("intval", $pids)); $query = $db->simple_select("threads", "tid", "firstpost IN ({$imploded_pids})"); while ($threadid = $db->fetch_field($query, "tid")) { $delete_tids[] = $threadid; } if (!empty($delete_tids)) { foreach ($delete_tids as $delete_tid) { $this->delete_thread($delete_tid); mark_reports($delete_tid, "thread"); } // return 1 here so the code in execute() above knows to redirect to the forum return 1; } } else { if ($post_options['mergeposts'] == 1) { $this->merge_posts($pids); } if ($post_options['approveposts'] == 'approve') { $this->approve_posts($pids); } elseif ($post_options['approveposts'] == 'unapprove') { $this->unapprove_posts($pids); } elseif ($post_options['approveposts'] == 'toggle') { $this->toggle_post_visibility($pids); } if ($post_options['splitposts'] > 0 || $post_options['splitposts'] == -2) { $query = $db->simple_select("posts", "COUNT(*) AS totalposts", "tid='{$tid}'"); $count = $db->fetch_array($query); if ($count['totalposts'] == 1) { error($lang->error_cantsplitonepost); } if ($count['totalposts'] == count($pids)) { error($lang->error_cantsplitall); } if ($post_options['splitposts'] == -2) { $post_options['splitposts'] = $thread['fid']; } if (empty($post_options['splitpostsnewsubject'])) { // Enter in a subject if a predefined one does not exist. $post_options['splitpostsnewsubject'] = "{$lang->split_thread_subject} {$thread['subject']}"; } $new_subject = str_ireplace('{subject}', $thread['subject'], $post_options['splitpostsnewsubject']); $new_tid = $this->split_posts($pids, $tid, $post_options['splitposts'], $new_subject); if ($post_options['splitpostsclose'] == 'close') { $this->close_threads($new_tid); } if ($post_options['splitpostsstick'] == 'stick') { $this->stick_threads($new_tid); } if ($post_options['splitpostsunapprove'] == 'unapprove') { $this->unapprove_threads($new_tid, $thread['fid']); } if (!empty($post_options['splitpostsaddreply'])) { require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("insert"); if (empty($post_options['splitpostsreplysubject'])) { $post_options['splitpostsreplysubject'] = 'RE: ' . $new_subject; } else { $post_options['splitpostsreplysubject'] = str_ireplace('{username}', $mybb->user['username'], $post_options['splitpostsreplysubject']); $post_options['splitpostsreplysubject'] = str_ireplace('{subject}', $new_subject, $post_options['splitpostsreplysubject']); } // Set the post data that came from the input to the $post array. $post = array("tid" => $new_tid, "fid" => $post_options['splitposts'], "subject" => $post_options['splitpostsreplysubject'], "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "message" => $post_options['splitpostsaddreply'], "ipaddress" => $db->escape_string(get_ip())); // Set up the post options from the input. $post['options'] = array("signature" => 1, "emailnotify" => 0, "disablesmilies" => 0); $posthandler->set_data($post); if ($posthandler->validate_post($post)) { $posthandler->insert_post($post); } } } } return true; }
/** * Insert a post into the database. * * @return array Array of new post details, pid and visibility. */ function insert_post() { global $db, $mybb, $plugins, $cache, $lang; $post =& $this->data; // Yes, validating is required. if (!$this->get_validated()) { die("The post needs to be validated before inserting it into the DB."); } if (count($this->get_errors()) > 0) { die("The post is not valid."); } // Fetch the thread $thread = get_thread($post['tid']); $closed = $thread['closed']; // This post is being saved as a draft. if ($post['savedraft']) { $visible = -2; } else { // Automatic subscription to the thread if ($post['options']['subscriptionmethod'] != "" && $post['uid'] > 0) { switch ($post['options']['subscriptionmethod']) { case "pm": $notification = 2; break; case "email": $notification = 1; break; default: $notification = 0; } require_once MYBB_ROOT . "inc/functions_user.php"; add_subscribed_thread($post['tid'], $notification, $post['uid']); } // Perform any selected moderation tools. $ismod = is_moderator($post['fid'], "", $post['uid']); if ($ismod) { $lang->load($this->language_file, true); $modoptions = $post['modoptions']; $modlogdata['fid'] = $thread['fid']; $modlogdata['tid'] = $thread['tid']; if (!isset($modoptions['closethread'])) { $modoptions['closethread'] = $closed; } $modoptions_update = array(); // Close the thread. if ($modoptions['closethread'] == 1 && $thread['closed'] != 1) { $modoptions_update['closed'] = $closed = 0; log_moderator_action($modlogdata, $lang->thread_closed); } // Open the thread. if ($modoptions['closethread'] != 1 && $thread['closed'] == 1) { $modoptions_update['closed'] = $closed = 1; log_moderator_action($modlogdata, $lang->thread_opened); } if (!isset($modoptions['stickthread'])) { $modoptions['stickthread'] = $thread['sticky']; } // Stick the thread. if ($modoptions['stickthread'] == 1 && $thread['sticky'] != 1) { $modoptions_update['sticky'] = 1; log_moderator_action($modlogdata, $lang->thread_stuck); } // Unstick the thread. if ($modoptions['stickthread'] != 1 && $thread['sticky']) { $modoptions_update['sticky'] = 0; log_moderator_action($modlogdata, $lang->thread_unstuck); } // Execute moderation options. if ($modoptions_update) { $db->update_query('threads', $modoptions_update, "tid='{$thread['tid']}'"); } } // Fetch the forum this post is being made in $forum = get_forum($post['fid']); // Decide on the visibility of this post. $forumpermissions = forum_permissions($post['fid'], $post['uid']); if ($forumpermissions['modposts'] == 1 && !$ismod) { $visible = 0; } else { $visible = 1; } // Are posts from this user being moderated? Change visibility if ($mybb->user['uid'] == $post['uid'] && $mybb->user['moderateposts'] == 1) { $visible = 0; } } if (!isset($post['pid'])) { $post['pid'] = 0; } $post['pid'] = (int) $post['pid']; $post['uid'] = (int) $post['uid']; if ($post['pid'] > 0) { $query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'"); $draft_check = $db->fetch_field($query, "tid"); } else { $draft_check = false; } if ($this->method != "update" && $visible == 1) { $double_post = $this->verify_post_merge(); // Only combine if they are both invisible (mod queue'd forum) or both visible if ($double_post !== true && $double_post['visible'] == $visible) { $this->pid = $double_post['pid']; $post['message'] = $double_post['message'] .= "\n" . $mybb->settings['postmergesep'] . "\n" . $post['message']; $update_query = array("message" => $db->escape_string($double_post['message'])); $update_query['edituid'] = (int) $post['uid']; $update_query['edittime'] = TIME_NOW; $query = $db->update_query("posts", $update_query, "pid='" . $double_post['pid'] . "'"); if ($draft_check) { $db->delete_query("posts", "pid='" . $post['pid'] . "'"); } if ($post['posthash']) { // Assign any uploaded attachments with the specific posthash to the merged post. $post['posthash'] = $db->escape_string($post['posthash']); $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='0' AND visible='1' AND posthash='{$post['posthash']}'"); $attachmentcount = $db->fetch_field($query, "attachmentcount"); if ($attachmentcount > 0) { // Update forum count update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}")); } $attachmentassign = array("pid" => $double_post['pid'], "posthash" => ''); $db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}' AND pid='0'"); } // Return the post's pid and whether or not it is visible. $this->return_values = array("pid" => $double_post['pid'], "visible" => $visible, "merge" => true); $plugins->run_hooks("datahandler_post_insert_merge", $this); return $this->return_values; } } if ($visible == 1 && $thread['visible'] == 1) { $now = TIME_NOW; // Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug. $update_array = array('lastpost' => "'{$now}'"); if ($forum['usepostcounts'] != 0) { $update_array['postnum'] = 'postnum+1'; } $db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true); } // Are we updating a post which is already a draft? Perhaps changing it into a visible post? if ($draft_check) { // Update a post that is a draft $this->post_update_data = array("subject" => $db->escape_string($post['subject']), "icon" => (int) $post['icon'], "uid" => $post['uid'], "username" => $db->escape_string($post['username']), "dateline" => (int) $post['dateline'], "message" => $db->escape_string($post['message']), "ipaddress" => $db->escape_binary($post['ipaddress']), "includesig" => $post['options']['signature'], "smilieoff" => $post['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_post", $this); $db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'"); $this->pid = $post['pid']; } else { // Insert the post. $this->post_insert_data = array("tid" => (int) $post['tid'], "replyto" => (int) $post['replyto'], "fid" => (int) $post['fid'], "subject" => $db->escape_string($post['subject']), "icon" => (int) $post['icon'], "uid" => $post['uid'], "username" => $db->escape_string($post['username']), "dateline" => $post['dateline'], "message" => $db->escape_string($post['message']), "ipaddress" => $db->escape_binary($post['ipaddress']), "includesig" => $post['options']['signature'], "smilieoff" => $post['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_post", $this); $this->pid = $db->insert_query("posts", $this->post_insert_data); } // Assign any uploaded attachments with the specific posthash to the newly created post. if ($post['posthash']) { $post['posthash'] = $db->escape_string($post['posthash']); $attachmentassign = array("pid" => $this->pid, "posthash" => ''); $db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}' AND pid='0'"); } $thread_update = array(); if ($visible == 1 && $thread['visible'] == 1) { $thread = get_thread($post['tid']); require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new Postparser(); $done_users = array(); $subject = $parser->parse_badwords($thread['subject']); $parser_options = array('me_username' => $post['username'], 'filter_badwords' => 1); $excerpt = $parser->text_parse_message($post['message'], $parser_options); $excerpt = my_substr($excerpt, 0, $mybb->settings['subscribeexcerpt']) . $lang->emailbit_viewthread; // Fetch any users subscribed to this thread receiving instant notification and queue up their subscription notices $query = $db->query("\n\t\t\t\tSELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate, s.subscriptionkey, s.notification\n\t\t\t\tFROM " . TABLE_PREFIX . "threadsubscriptions s\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=s.uid)\n\t\t\t\tWHERE (s.notification='1' OR s.notification='2') AND s.tid='{$post['tid']}'\n\t\t\t\tAND s.uid != '{$post['uid']}'\n\t\t\t\tAND u.lastactive>'{$thread['lastpost']}'\n\t\t\t"); $args = array('this' => &$this, 'done_users' => &$done_users, 'users' => array()); while ($subscribedmember = $db->fetch_array($query)) { if ($done_users[$subscribedmember['uid']]) { continue; } $args['users'][$subscribedmember['uid']] = (int) $subscribedmember['uid']; $done_users[$subscribedmember['uid']] = 1; $forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { continue; } if ($thread['uid'] != $subscribedmember['uid'] && $forumpermissions['canonlyviewownthread'] == 1 && !is_moderator($thread['fid'], "", $subscribedmember['uid'])) { // User isn't a moderator or the author of the thread... continue; } if ($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) { $uselang = $subscribedmember['language']; } elseif ($mybb->settings['orig_bblanguage']) { $uselang = $mybb->settings['orig_bblanguage']; } else { $uselang = "english"; } if ($uselang == $mybb->settings['bblanguage']) { if ($subscribedmember['notification'] == 1) { $emailsubject = $lang->emailsubject_subscription; $emailmessage = $lang->email_subscription; } } else { if ($subscribedmember['notification'] == 1) { if (!isset($langcache[$uselang]['emailsubject_subscription'])) { $userlang = new MyLanguage(); $userlang->set_path(MYBB_ROOT . "inc/languages"); $userlang->set_language($uselang); $userlang->load("messages"); $langcache[$uselang]['emailsubject_subscription'] = $userlang->emailsubject_subscription; $langcache[$uselang]['email_subscription'] = $userlang->email_subscription; unset($userlang); } $emailsubject = $langcache[$uselang]['emailsubject_subscription']; $emailmessage = $langcache[$uselang]['email_subscription']; } } if ($subscribedmember['notification'] == 1) { $emailsubject = $lang->sprintf($emailsubject, $subject); $post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']); $emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $post['username'], $mybb->settings['bbname'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey'], $post_code); $new_email = array("mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => ''); $db->insert_query("mailqueue", $new_email); unset($userlang); $queued_email = 1; } elseif ($subscribedmember['notification'] == 2) { $post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']); $pm = array('subject' => array('pmsubject_subscription', $subject), 'message' => array('pm_subscription', $subscribedmember['username'], $post['username'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey'], $post_code), 'touid' => $subscribedmember['uid'], 'language' => $subscribedmember['language'], 'language_file' => 'messages'); send_pm($pm, -1, true); } } $plugins->run_hooks('datahandler_post_insert_subscribed', $args); // Have one or more emails been queued? Update the queue count if (isset($queued_email) && $queued_email == 1) { $cache->update_mailqueue(); } $thread_update = array('replies' => '+1'); // Update forum count update_last_post($post['tid']); update_forum_counters($post['fid'], array("posts" => "+1")); update_forum_lastpost($thread['fid']); } else { if ($visible == 0) { // Update the unapproved posts count for the current thread and current forum $thread_update = array('unapprovedposts' => '+1'); update_thread_counters($post['tid'], array("unapprovedposts" => "+1")); update_forum_counters($post['fid'], array("unapprovedposts" => "+1")); } else { if ($thread['visible'] == 0) { // Update the unapproved posts count for the current forum $thread_update = array('replies' => '+1'); update_forum_counters($post['fid'], array("unapprovedposts" => "+1")); } else { if ($thread['visible'] == -1) { // Update the unapproved posts count for the current forum $thread_update = array('replies' => '+1'); update_forum_counters($post['fid'], array("deletedposts" => "+1")); } } } } $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'"); $attachmentcount = $db->fetch_field($query, "attachmentcount"); if ($attachmentcount > 0) { $thread_update['attachmentcount'] = "+{$attachmentcount}"; } update_thread_counters($post['tid'], $thread_update); // Return the post's pid and whether or not it is visible. $this->return_values = array("pid" => $this->pid, "visible" => $visible, "closed" => $closed); $plugins->run_hooks("datahandler_post_insert_post_end", $this); return $this->return_values; }
/** * Find out the special locations. * * @return array Special locations array. */ function get_special_locations() { global $mybb; $array = array('1' => '', '2' => ''); if (preg_match("#forumdisplay.php#", $_SERVER['PHP_SELF']) && intval($mybb->input['fid']) > 0) { $array[1] = intval($mybb->input['fid']); $array[2] = ''; } elseif (preg_match("#showthread.php#", $_SERVER['PHP_SELF']) && intval($mybb->input['tid']) > 0) { global $db; $array[2] = intval($mybb->input['tid']); $thread = get_thread(intval($array[2])); $array[1] = $thread['fid']; } return $array; }
/** * MyBB 1.8 * Copyright 2014 MyBB Group, All Rights Reserved * * Website: http://www.mybb.com * License: http://www.mybb.com/about/license * */ function task_delayedmoderation($task) { global $db, $lang, $plugins; require_once MYBB_ROOT . "inc/class_moderation.php"; $moderation = new Moderation(); require_once MYBB_ROOT . "inc/class_custommoderation.php"; $custommod = new CustomModeration(); // Iterate through all our delayed moderation actions $query = $db->simple_select("delayedmoderation", "*", "delaydateline <= '" . TIME_NOW . "'"); while ($delayedmoderation = $db->fetch_array($query)) { if (is_object($plugins)) { $args = array('task' => &$task, 'delayedmoderation' => &$delayedmoderation); $plugins->run_hooks('task_delayedmoderation', $args); } $tids = explode(',', $delayedmoderation['tids']); $input = my_unserialize($delayedmoderation['inputs']); if (my_strpos($delayedmoderation['type'], "modtool") !== false) { list(, $custom_id) = explode('_', $delayedmoderation['type'], 2); $custommod->execute($custom_id, $tids); } else { switch ($delayedmoderation['type']) { case "openclosethread": $closed_tids = $open_tids = array(); $query2 = $db->simple_select("threads", "tid,closed", "tid IN({$delayedmoderation['tids']})"); while ($thread = $db->fetch_array($query2)) { if ($thread['closed'] == 1) { $closed_tids[] = $thread['tid']; } else { $open_tids[] = $thread['tid']; } } if (!empty($closed_tids)) { $moderation->open_threads($closed_tids); } if (!empty($open_tids)) { $moderation->close_threads($open_tids); } break; case "deletethread": foreach ($tids as $tid) { $moderation->delete_thread($tid); } break; case "move": foreach ($tids as $tid) { $moderation->move_thread($tid, $input['new_forum']); } break; case "stick": $unstuck_tids = $stuck_tids = array(); $query2 = $db->simple_select("threads", "tid,sticky", "tid IN({$delayedmoderation['tids']})"); while ($thread = $db->fetch_array($query2)) { if ($thread['sticky'] == 1) { $stuck_tids[] = $thread['tid']; } else { $unstuck_tids[] = $thread['tid']; } } if (!empty($stuck_tids)) { $moderation->unstick_threads($stuck_tids); } if (!empty($unstuck_tids)) { $moderation->stick_threads($unstuck_tids); } break; case "merge": // $delayedmoderation['tids'] should be a single tid if (count($tids) != 1) { continue; } // explode at # sign in a url (indicates a name reference) and reassign to the url $realurl = explode("#", $input['threadurl']); $input['threadurl'] = $realurl[0]; // Are we using an SEO URL? if (substr($input['threadurl'], -4) == "html") { // Get thread to merge's tid the SEO way preg_match("#thread-([0-9]+)?#i", $input['threadurl'], $threadmatch); preg_match("#post-([0-9]+)?#i", $input['threadurl'], $postmatch); if ($threadmatch[1]) { $parameters['tid'] = $threadmatch[1]; } if ($postmatch[1]) { $parameters['pid'] = $postmatch[1]; } } else { // Get thread to merge's tid the normal way $splitloc = explode(".php", $input['threadurl']); $temp = explode("&", my_substr($splitloc[1], 1)); if (!empty($temp)) { for ($i = 0; $i < count($temp); $i++) { $temp2 = explode("=", $temp[$i], 2); $parameters[$temp2[0]] = $temp2[1]; } } else { $temp2 = explode("=", $splitloc[1], 2); $parameters[$temp2[0]] = $temp2[1]; } } if ($parameters['pid'] && !$parameters['tid']) { $post = get_post($parameters['pid']); $mergetid = $post['tid']; } else { if ($parameters['tid']) { $mergetid = $parameters['tid']; } } $mergetid = (int) $mergetid; $mergethread = get_thread($mergetid); if (!$mergethread['tid']) { continue; } if ($mergetid == $delayedmoderation['tids']) { // sanity check continue; } if ($input['subject']) { $subject = $input['subject']; } else { $query = $db->simple_select("threads", "subject", "tid='{$delayedmoderation['tids']}'"); $subject = $db->fetch_field($query, "subject"); } $moderation->merge_threads($mergetid, $delayedmoderation['tids'], $subject); break; case "removeredirects": foreach ($tids as $tid) { $moderation->remove_redirects($tid); } break; case "removesubscriptions": $moderation->remove_thread_subscriptions($tids, true); break; case "approveunapprovethread": $approved_tids = $unapproved_tids = array(); $query2 = $db->simple_select("threads", "tid,visible", "tid IN({$delayedmoderation['tids']})"); while ($thread = $db->fetch_array($query2)) { if ($thread['visible'] == 1) { $approved_tids[] = $thread['tid']; } else { $unapproved_tids[] = $thread['tid']; } } if (!empty($approved_tids)) { $moderation->unapprove_threads($approved_tids); } if (!empty($unapproved_tids)) { $moderation->approve_threads($unapproved_tids); } break; case "softdeleterestorethread": $delete_tids = $restore_tids = array(); $query2 = $db->simple_select("threads", "tid,visible", "tid IN({$delayedmoderation['tids']})"); while ($thread = $db->fetch_array($query2)) { if ($thread['visible'] == -1) { $restore_tids[] = $thread['tid']; } else { $delete_tids[] = $thread['tid']; } } if (!empty($restore_tids)) { $moderation->restore_threads($restore_tids); } if (!empty($delete_tids)) { $moderation->soft_delete_threads($delete_tids); } break; } } $db->delete_query("delayedmoderation", "did='{$delayedmoderation['did']}'"); } add_task_log($task, $lang->task_delayedmoderation_ran); }
// If there is no tid but a pid, trick the system into thinking there was a tid anyway. if (!empty($mybb->input['pid']) && !$mybb->input['tid']) { // see if we already have the post information if (isset($style) && $style['pid'] == $mybb->input['pid'] && $style['tid']) { $mybb->input['tid'] = $style['tid']; unset($style['tid']); // stop the thread caching code from being tricked } else { $options = array("limit" => 1); $query = $db->simple_select("posts", "tid", "pid=" . $mybb->input['pid'], $options); $post = $db->fetch_array($query); $mybb->input['tid'] = $post['tid']; } } // Get the thread details from the database. $thread = get_thread($mybb->input['tid']); // Get thread prefix if there is one. $thread['threadprefix'] = ''; $thread['displayprefix'] = ''; if ($thread['prefix'] != 0) { $threadprefix = build_prefixes($thread['prefix']); if ($threadprefix['prefix']) { $thread['threadprefix'] = $threadprefix['prefix'] . ' '; $thread['displayprefix'] = $threadprefix['displaystyle'] . ' '; } } if (substr($thread['closed'], 0, 6) == "moved|") { $thread['tid'] = 0; } $reply_subject = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($reply_subject);
if (!$topics || !is_array($topics)) { die; } $posts = array(); foreach ($topics as $topic) { $posts[] = bb_get_first_post($topic->topic_id); } $title = esc_html(sprintf(__('%1$s » View: %2$s'), bb_get_option('name'), $bb_views[$feed_id]['title'])); $link = get_view_link($feed_id); $link_self = bb_get_view_rss_link($feed_id); break; case 'topic': if (!($topic = get_topic($feed_id))) { die; } if (!($posts = get_thread($feed_id, 0, 1))) { die; } $title = esc_html(sprintf(__('%1$s » Topic: %2$s'), bb_get_option('name'), get_topic_title())); $link = get_topic_link($feed_id); $link_self = get_topic_rss_link($feed_id); break; case 'profile': if (bb_get_option('mod_rewrite') === 'slugs') { $user = bb_get_user_by_nicename($feed_id); } else { $user = bb_get_user($feed_id); } if (!$user) { die; }
// Spit the subject back to the browser. $subject = substr($mybb->input['value'], 0, 120); // 120 is the varchar length for the subject column echo json_encode(array("subject" => '<a href="' . get_thread_link($thread['tid']) . '">' . htmlspecialchars_uni($subject) . '</a>')); // Close the connection. exit; } else { if ($mybb->input['action'] == "edit_post") { // Fetch the post from the database. $post = get_post($mybb->get_input('pid', MyBB::INPUT_INT)); // No result, die. if (!$post) { xmlhttp_error($lang->post_doesnt_exist); } // Fetch the thread associated with this post. $thread = get_thread($post['tid']); // Fetch the specific forum this thread/post is in. $forum = get_forum($thread['fid']); // Missing thread, invalid forum? Error. if (!$thread || !$forum || $forum['type'] != "f") { xmlhttp_error($lang->thread_doesnt_exist); } // Fetch forum permissions. $forumpermissions = forum_permissions($forum['fid']); $plugins->run_hooks("xmlhttp_edit_post_start"); // If this user is not a moderator with "caneditposts" permissions. if (!is_moderator($forum['fid'], "caneditposts")) { // Thread is closed - no editing allowed. if ($thread['closed'] == 1) { xmlhttp_error($lang->thread_closed_edit_message); } else {
switch ($db->type) { case "pgsql": case "sqlite": $query = $db->query("\n\t\t\t\t\t\tSELECT d.*, u.username, f.name AS fname\n\t\t\t\t\t\tFROM " . TABLE_PREFIX . "delayedmoderation d\n\t\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=d.uid)\n\t\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid=d.fid)\n\t\t\t\t\t\tWHERE ','||d.tids||',' LIKE '%,{$tid},%'\n\t\t\t\t\t\tORDER BY d.dateline DESC\n\t\t\t\t\t\tLIMIT 0, 20\n\t\t\t\t\t"); break; default: $query = $db->query("\n\t\t\t\t\t\tSELECT d.*, u.username, f.name AS fname\n\t\t\t\t\t\tFROM " . TABLE_PREFIX . "delayedmoderation d\n\t\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=d.uid)\n\t\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid=d.fid)\n\t\t\t\t\t\tWHERE CONCAT(',',d.tids,',') LIKE '%,{$tid},%'\n\t\t\t\t\t\tORDER BY d.dateline DESC\n\t\t\t\t\t\tLIMIT 0, 20\n\t\t\t\t\t"); } } while ($delayedmod = $db->fetch_array($query)) { $delayedmod['dateline'] = my_date("jS M Y, G:i", $delayedmod['delaydateline']); $delayedmod['profilelink'] = build_profile_link($delayedmod['username'], $delayedmod['uid']); $delayedmod['action'] = $actions[$delayedmod['type']]; $info = ''; if (strpos($delayedmod['tids'], ',') === false) { $delayed_thread = get_thread($delayedmod['tids']); $info .= "<strong>{$lang->thread}</strong> <a href=\"" . get_thread_link($delayedmod['tids']) . "\">" . htmlspecialchars_uni($delayed_thread['subject']) . "</a><br />"; } else { $info .= "<strong>{$lang->thread}</strong> {$lang->multiple_threads}<br />"; } if ($delayedmod['fname']) { $info .= "<strong>{$lang->forum}</strong> <a href=\"" . get_forum_link($delayedmod['fid']) . "\">" . htmlspecialchars_uni($delayedmod['fname']) . "</a><br />"; } $delayedmod['inputs'] = unserialize($delayedmod['inputs']); if ($delayedmod['type'] == 'move') { $info .= "<strong>{$lang->new_forum}</strong> <a href=\"" . get_forum_link($delayedmod['inputs']['new_forum']) . "\">" . htmlspecialchars_uni($forum_cache[$delayedmod['inputs']['new_forum']]['name']) . "</a><br />"; if ($delayedmod['inputs']['method'] == "redirect") { if (intval($delayedmod['inputs']['redirect_expire']) == 0) { $redirect_expire_bit = $lang->redirect_forever; } else { $redirect_expire_bit = intval($delayedmod['inputs']['redirect_expire']) . " {$lang->days}";