{ print_no_permission(); } $reportthread = ($rpforumid = $vbulletin->options['rpforumid'] AND $rpforuminfo = fetch_foruminfo($rpforumid)); $reportemail = ($vbulletin->options['enableemail'] AND $vbulletin->options['rpemail']); if (!$reportthread AND !$reportemail) { standard_error(fetch_error('emaildisabled')); } $navbits = array(); if ($blogid) { $bloginfo = verify_blog($blogid); if ($blogtextinfo AND $blogtextinfo['blogtextid'] != $bloginfo['firstblogtextid']) { if (!fetch_comment_perm('canviewcomments', $bloginfo, $blogtextinfo)) { print_no_permission(); } $reportobj = new vB_ReportItem_Blog_Comment($vbulletin); $reportobj->set_extrainfo('blog', $bloginfo); $forminfo = $reportobj->set_forminfo($blogtextinfo); } else { $blogtextinfo = array();
print_stop_message('saved_display_order_successfully'); } if ($_POST['do'] == 'updatefe') { $vbulletin->input->clean_array_gpc('p', array('featureid' => TYPE_UINT, 'type' => TYPE_NOHTML, 'pusergroupid' => TYPE_UINT, 'susergroupid' => TYPE_UINT, 'start' => TYPE_ARRAY_UINT, 'end' => TYPE_ARRAY_UINT, 'refresh' => TYPE_UINT, 'timespan' => TYPE_STR, 'blogid' => TYPE_UINT, 'username' => TYPE_NOHTML, 'displayorder' => TYPE_UINT, 'bbcode' => TYPE_BOOL)); $values = array('blogid' => 0, 'userid' => 0, 'pusergroupid' => 0, 'susergroupid' => 0, 'refresh' => 3600, 'start' => 0, 'end' => 0, 'featureid' => $vbulletin->GPC['featureid'], 'displayorder' => $vbulletin->GPC['displayorder'], 'timespan' => 'all', 'bbcode' => $vbulletin->GPC['bbcode']); if ($vbulletin->GPC['featureid']) { $entry = $db->query_first_slave("\r\n\t\t\tSELECT type\r\n\t\t\tFROM " . TABLE_PREFIX . "blog_featured\r\n\t\t\tWHERE featureid = " . $vbulletin->GPC['featureid'] . "\r\n\t\t"); if (!$entry) { print_stop_message('invalid_x_specified', 'featureid'); } $values['type'] = $entry['type']; } else { $values['type'] = $vbulletin->GPC['type']; } if ($values['type'] == 'specific') { $bloginfo = verify_blog($vbulletin->GPC['blogid'], false); if (!$bloginfo) { print_stop_message('invalid_x_specified', $vbphrase['blogid']); } else { $values['blogid'] = $bloginfo['blogid']; } $values['type'] = 'specific'; } else { if ($vbulletin->GPC['username']) { $userinfo = $db->query_first_slave("\r\n\t\t\t\tSELECT userid\r\n\t\t\t\tFROM " . TABLE_PREFIX . "user\r\n\t\t\t\tWHERE username = '******'username'] . "'\r\n\t\t\t"); if (!$userinfo) { print_stop_message('invalid_user_specified'); } else { $values['userid'] = $userinfo['userid']; } }
$vbulletin->url = 'blog.php?' . $vbulletin->session->vars['sessionurl'] . "u=$userinfo[userid]"; } eval(print_standard_redirect('redirect_subsadd_blog', true, true)); } } // ############################### start add subscription ############################### if ($_REQUEST['do'] == 'subscribe') { $vbulletin->input->clean_array_gpc('r', array( 'userid' => TYPE_UINT, )); if ($bloginfo['blogid']) { verify_blog($bloginfo['blogid']); $bloginfo['title_trimmed'] = fetch_trimmed_title($bloginfo['title']); // Sidebar $sidebar =& build_user_sidebar($bloginfo); } else if ($vbulletin->GPC['userid']) { if (!($userinfo = fetch_userinfo($vbulletin->GPC['userid'], 1))) { standard_error(fetch_error('invalidid', $vbphrase['user'], $vbulletin->options['contactuslink'])); } if ((!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) AND $userinfo['userid'] == $vbulletin->userinfo['userid']) OR (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']) AND $userinfo['userid'] != $vbulletin->userinfo['userid'])) { print_no_permission();
/** * Verifies permissions to attach content to entries * * @return boolean */ public function verify_permissions() { global $show; $this->values['blogid'] = intval($this->values['b']) ? intval($this->values['b']) : intval($this->values['blogid']); if (!($this->registry->userinfo['permissions']['vbblog_entry_permissions'] & $this->registry->bf_ugp_vbblog_entry_permissions['blog_canpostattach'])) { return false; } if ($this->values['blogid']) { if (!($this->bloginfo = verify_blog($this->values['blogid'], false, 'modifychild'))) { return false; } $this->contentid = $this->bloginfo['blogid']; $this->userinfo = fetch_userinfo($this->bloginfo['userid']); cache_permissions($this->userinfo); } else { if ($userid = intval($this->values['u']) AND $userinfo = fetch_userinfo($userid)) { $this->userinfo = $userinfo; cache_permissions($this->userinfo); } else { $this->userinfo = $this->registry->userinfo; } } return true; }
protected function load_content_info() { return verify_blog($this->contentid); }
} } // ####################################################################### if ($_REQUEST['do'] == 'edittrackback') { $vbulletin->input->clean_array_gpc('r', array( 'blogtrackbackid' => TYPE_UINT )); if (!($trackbackinfo = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "blog_trackback WHERE blogtrackbackid = " . $vbulletin->GPC['blogtrackbackid']))) { standard_error(fetch_error('invalidid', $vbphrase['trackback'], $vbulletin->options['contactuslink'])); } $bloginfo = verify_blog($trackbackinfo['blogid']); if ($trackbackinfo['state'] == 'moderation' AND !can_moderate_blog('canmoderatecomments') AND ($vbulletin->userinfo['userid'] != $bloginfo['userid'] OR !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments']))) { standard_error(fetch_error('invalidid', $vbphrase['trackback'], $vbulletin->options['contactuslink'])); } if (($bloginfo['state'] == 'deleted' AND !can_moderate_blog('candeleteentries')) OR ($bloginfo['state'] == 'moderation' AND !can_moderate_blog('canmoderateentries'))) { print_no_permission(); } if ($show['errors']) { $trackbackinfo['title'] = $title; $trackbackinfo['snippet'] = $snippet;