function member_login($user_login) { $wp_user_data = get_user_by('login', $user_login); $vb_user_id = get_user_meta($wp_user_data->ID, 'vbulletin_user_id', true); if (empty($vb_user_id)) { return; } include VBULLETIN_PATH . '/includes/functions_login.php'; $GLOBALS['vbulletin']->userinfo = verify_id('user', $vb_user_id, true, true, 0); process_new_login(null, 0, null); $GLOBALS['vbulletin']->session->save(); }
/** * Load object from an id * * @param int $id * @return vB_Legacy_Calendar */ public static function create_from_id($id) { global $_CALENDAROPTIONS, $_CALENDARHOLIDAYS; $calendarinfo = verify_id('calendar', intval($id), false, true); $getoptions = convert_bits_to_array($calendarinfo['options'], $_CALENDAROPTIONS); $calendarinfo = array_merge($calendarinfo, $getoptions); $geteaster = convert_bits_to_array($calendarinfo['holidays'], $_CALENDARHOLIDAYS); $calendarinfo = array_merge($calendarinfo, $geteaster); if ($calendarinfo) { return self::create_from_record($calendarinfo); } else { return null; } }
public function process() { vB::$vbulletin->input->clean_array_gpc('p', array('userid' => TYPE_UINT, 'tab' => TYPE_NOHTML, 'mindateline' => TYPE_UNIXTIME, 'maxdateline' => TYPE_UNIXTIME, 'minscore' => TYPE_NUM, 'minid' => TYPE_STR, 'maxid' => TYPE_STR, 'pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT)); vB::$vbulletin->GPC['ajax'] = 1; vB_dB_Assertor::init(vB::$vbulletin->db, vB::$vbulletin->userinfo); vB_ProfileCustomize::getUserTheme(vB::$vbulletin->GPC['userid']); $userhastheme = vB_ProfileCustomize::getUserThemeType(vB::$vbulletin->GPC['userid']) == 1 ? 1 : 0; $showusercss = vB::$vbulletin->userinfo['options'] & vB::$vbulletin->bf_misc_useroptions['showusercss'] ? 1 : 0; if ($userhastheme and $showusercss) { define('AS_PROFILE', true); } $userinfo = verify_id('user', vB::$vbulletin->GPC['userid'], 1, 1); $this->fetchMemberStreamSql(vB::$vbulletin->GPC['tab'], $userinfo['userid']); $this->processExclusions(); $this->setPage(1, vB::$vbulletin->GPC['perpage']); $result = $this->fetchStream(); $this->processAjax($result); }
public function output() { global $vbulletin, $threadid, $postid, $db, $VB_API_WHITELIST; require_once DIR . '/includes/functions_bigthree.php'; $threadinfo = verify_id('thread', $threadid, 1, 1); if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $vbulletin->userinfo['lastvisit'] = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - $vbulletin->options['markinglimit'] * 86400); } $coventry = fetch_coventry('string'); $posts = $db->query_first("\n\t\t\tSELECT MIN(postid) AS postid\n\t\t\tFROM " . TABLE_PREFIX . "post\n\t\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\t\tAND visible = 1\n\t\t\t\tAND dateline > " . intval($vbulletin->userinfo['lastvisit']) . "\n\t\t\t\t" . ($coventry ? "AND userid NOT IN ({$coventry})" : "") . "\n\t\t\tLIMIT 1\n\t\t"); if ($posts['postid']) { $postid = $posts['postid']; } else { $postid = $threadinfo['lastpostid']; } loadAPI('showthread'); include DIR . '/showthread.php'; }
/** * Creates new thread or gives error and then redirects user * * @param string Title of thread * @param string Message of post * @param integer ForumID for thread * @param boolean Allow guest posts */ function create_new_thread($title = 'Defauglt Title', $message = 'Defagult Message', $id = 3, $guest = false) { // set some globals global $forumperms, $vbulletin, $vbphrase; // init some variables $fail = 0; $errors = array(); $newpost = array(); // init post information if ($guest and $vbulletin->userinfo['userid'] == 0) { $newpost['username'] = $vbphrase['guest']; } $newpost['title'] = $title; $newpost['message'] = $message; $newpost['signature'] = '0'; if ($vbulletin->userinfo['signature'] != '') { $newpost['signature'] = '1'; } $newpost['parseurl'] = '1'; $newpost['emailupdate'] = '9999'; // attempt thread create $foruminfo = verify_id('forum', $id, 0, 1); if (!$foruminfo['forumid']) { $fail = 1; } $forumperms = fetch_permissions($foruminfo['forumid']); if (!function_exists('build_new_post')) { require_once DIR . '/includes/functions_newpost.php'; } build_new_post('thread', $foruminfo, array(), array(), $newpost, $errors); if (sizeof($errors) > 0) { $fail = 1; } // do redirection if (!$fail) { $vbulletin->url = $vbulletin->options['bburl'] . '/showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p=" . $newpost['postid'] . "#post" . $newpost['postid']; eval(print_standard_redirect('redirect_postthanks')); } else { $vbulletin->url = $vbulletin->options['bburl']; eval(print_standard_redirect($vbphrase['error'] . ': ' . $vbphrase['redirecting'], 0, 1)); } }
/** * Verifies that the infractionlevelid is valid and set points and expires if user hasn't explicitly set them * * @param integer infractionleveid key * * @return boolean */ function verify_infractionlevelid(&$infractionlevelid) { if ($infractionlevelid != $this->existing['infractionlevelid']) { if (!($infractionlevel = $this->info['infractionlevel']) and !($infractionlevel = verify_id('infractionlevel', $infractionlevelid, 0, 1))) { $this->error('invalidid'); return false; } else { if (!$this->setfields['points']) { $points = intval($infractionlevel['points']); if ($infractionlevel['warning'] and $this->info['warning']) { $points = 0; } $this->set('points', $points); } if (!$this->setfields['expires']) { switch ($infractionlevel['period']) { case 'H': $expires = TIMENOW + $infractionlevel['expires'] * 3600; break; # HOURS # HOURS case 'D': $expires = TIMENOW + $infractionlevel['expires'] * 86400; break; # DAYS # DAYS case 'M': $expires = TIMENOW + $infractionlevel['expires'] * 2592000; break; # MONTHS # MONTHS case 'N': $expires = 0; break; # NEVER } $this->set('expires', $expires); } } } return true; }
/** * Fetches information about the selected custompage with permission checks * * @param integer The custompage we want info about * @param string The type of customblock that we are working with (page or block) * @param bool Should an error be displayed when block is not found * @param bool Should a permission check be performed as well * * @return array Array of information about the custom page or prints an error if it doesn't exist / permission problems */ function verify_blog_customblock($customblockid, $type = null, $alert = true, $perm_check = true) { global $vbulletin, $vbphrase; if (!($blockinfo = fetch_customblock_info($customblockid))) { if ($alert) { standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink'])); } else { return 0; } } else if ($type AND $blockinfo['type'] != $type) { standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink'])); } $blockinfo['userinfo'] = verify_id('user', $blockinfo['userid'], 1, 1, 10); if ($perm_check) { if ($vbulletin->userinfo['userid'] != $blockinfo['userinfo']['userid'] AND empty($blockinfo['userinfo']['bloguserid'])) { standard_error(fetch_error('blog_noblog', $blockinfo['userinfo']['username'])); } if (!$blockinfo['userinfo']['canviewmyblog']) { print_no_permission(); } if (in_coventry($blockinfo['userinfo']['userid']) AND !can_moderate_blog()) { standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink'])); } if ($vbulletin->userinfo['userid'] == $blockinfo['userinfo']['userid'] AND !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])) { print_no_permission(); } if ($vbulletin->userinfo['userid'] != $blockinfo['userinfo']['userid'] AND !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) { // Can't view other's entries so off you go to your own blog. exec_header_redirect("blog.php?$session[sessionurl]u=" . $vbulletin->userinfo['userid']); } } return $blockinfo; }
function user_name_cell($user_name, $user_id = 0) { global $vbulletin, $usermenus, $vbphrase, $user_name_tags; static $users; if (empty($users) or is_array($users) and !array_key_exists($user_name, $users)) { $users[$user_name] = verify_id('user', $user_id, false); } // show linked username only for existing users if (!$users[$user_name] or 0 > $user_id) { return " <b>" . $user_name . "</b>"; } $elid = rand() . '_' . rand() . '_' . $user_id; $out = "<span id=\"usermenu_uid_" . $elid . "\" class=\"vbmenu_control\">" . "<script type=\"text/javascript\">vbmenu_register(\"usermenu_uid_" . $elid . "\" ); </script>" . "</span> " . "<a target=\"_blank\" href=\"" . $vbulletin->options['bburl'] . "/member.php?" . $vbulletin->session->vars['sessionurl'] . "u=" . $user_id . "\"><b>" . $user_name_tags[$user_id]['opentag'] . $user_name . $user_name_tags[$user_id]['closetag'] . "</b></a>"; $usermenus[$elid] = "<div class=\"vbmenu_popup\" id=\"usermenu_uid_" . $elid . "_menu\" style=\"display:none\">" . "<table cellpadding=\"4\" cellspacing=\"1\" border=\"0\">" . "<tr>" . " <td class=\"vbmenu_option\"><a href=\"?" . $vbulletin->session->vars['sessionurl'] . "userid=" . urlencode($user_id) . "\">" . $vbphrase['private_messages'] . " " . $user_name . "</a></td>" . "</tr>" . "<tr>" . " <td class=\"vbmenu_option\"><a target=\"_blank\" href=\"user.php?" . $vbulletin->session->vars['sessionurl'] . "do=edit&u=" . $user_id . "\">" . $vbphrase['edit_user_profile'] . "</a></td>" . "</tr>" . "</table>" . "</div>"; return $out; }
if (!($vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) or !($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canviewmembers'])) { print_no_permission(); } if (!($vbulletin->options['socnet'] & $vbulletin->bf_misc_socnet['enable_visitor_messaging'])) { print_no_permission(); } $vbulletin->input->clean_array_gpc('r', array('u' => TYPE_UINT, 'u2' => TYPE_UINT, 'perpage' => TYPE_UINT, 'pagenumber' => TYPE_UINT, 'showignored' => TYPE_BOOL, 'vmid' => TYPE_UINT)); ($hook = vBulletinHook::fetch_hook('converse_start')) ? eval($hook) : false; if ($vbulletin->GPC['vmid']) { $vminfo = verify_visitormessage($vbulletin->GPC['vmid']); if (($vminfo['postuserid'] != $vbulletin->GPC['u'] or $vminfo['userid'] != $vbulletin->GPC['u2']) and ($vminfo['userid'] != $vbulletin->GPC['u'] or $vminfo['postuserid'] != $vbulletin->GPC['u2'])) { standard_error(fetch_error('invalidid', $vbphrase['visitor_message'], $vbulletin->options['contactuslink'])); } } $userinfo = verify_id('user', $vbulletin->GPC['u'], true, true, FETCH_USERINFO_USERCSS | FETCH_USERINFO_ISFRIEND); $userinfo2 = verify_id('user', $vbulletin->GPC['u2'], true, true, FETCH_USERINFO_USERCSS | FETCH_USERINFO_ISFRIEND); // $userinfo will never be vbulletin->userinfo // $userinfo2 may be vbulletin->userinfo if ($userinfo2['userid'] == $vbulletin->userinfo['userid']) { $viewself = true; } cache_permissions($userinfo, false); if (!$userinfo['vm_enable'] and !can_moderate(0, 'canmoderatevisitormessages') or $userinfo['vm_contactonly'] and !$userinfo['bbuser_iscontact_of_user'] and !can_moderate(0, 'canmoderatevisitormessages')) { print_no_permission(); } if (!$userinfo2['vm_enable'] and (!can_moderate(0, 'canmoderatevisitormessages') or $viewself) or $userinfo2['vm_contactonly'] and !$userinfo2['bbuser_iscontact_of_user'] and !can_moderate(0, 'canmoderatevisitormessages') and !$viewself) { print_no_permission(); } require_once DIR . '/includes/functions_user.php'; if (!can_view_profile_section($userinfo['userid'], 'visitor_messaging') or !can_view_profile_section($userinfo2['userid'], 'visitor_messaging')) { print_no_permission();
function get_article_comments($article, $associated_thread_id, $userinfo, &$pageno, &$perpage, &$total) { require_once DIR . '/includes/functions_misc.php'; require_once DIR . '/includes/functions.php'; require_once DIR . '/includes/functions_databuild.php'; require_once DIR . '/includes/functions_bigthree.php'; $posts_out = array(); fetch_phrase_group('posting'); $threadinfo = verify_id('thread', $associated_thread_id, 0, 1); $foruminfo = verify_id('forum', $threadinfo['forumid'], 0, 1); //First let's see if we have forum/thread view permissions. If not, // we're done if (!($permissions = can_view_thread($article->getNodeId(), $userinfo))) { return array(); } $forumperms = fetch_permissions($threadinfo['forumid']); //Normally this thread will be wide open, so let's get the list first // without checking. We'll verify each post anyway. //get our results $results = get_comments($permissions, $associated_thread_id); $record_count = count($results); if (!$results or !count($results)) { return array(); } //we accept the parameter "last" for pageno. if ($pageno == FR_LAST_POST) { $pageno = intval(($record_count + $perpage - 1) / $perpage); $first = ($pageno - 1) * $perpage; } else { $pageno = max(1, intval($pageno)); $first = $perpage * ($pageno - 1); } //Let's trim off the results we need. //This also tells us if we should show the "next" button. $post_array = array_slice($results, $first, $perpage, true); if (!$post_array) { return array(); } $firstpostid = false; $displayed_dateline = 0; if (vB::$vbulletin->options['threadmarking'] and vB::$vbulletin->userinfo['userid']) { $threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - vB::$vbulletin->options['markinglimit'] * 86400); } else { $threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid'])); if (!$threadview) { $threadview = vB::$vbulletin->userinfo['lastvisit']; } } require_once DIR . '/includes/functions_user.php'; $show['inlinemod'] = false; $postids = array(); $postids = ' post.postid in (' . implode(', ', $post_array) . ')'; $posts = vB::$vbulletin->db->query_read($sql = "\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t user.*, userfield.*, usertextfield.*,\n\t " . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t " . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . "\n\t editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline,\n\t editlog.reason AS edit_reason, editlog.hashistory,\n\t postparsed.pagetext_html, postparsed.hasimages,\n\t sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid,\n\t customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight\n\t " . iif(!($permissions['genericpermissions'] & vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), vB::$vbulletin->profilefield['hidden']) . "\n\t {$hook_query_fields}\n\t FROM " . TABLE_PREFIX . "post AS post\n\t LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t " . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t " . iif(vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t " . ((can_moderate($thread['forumid'], 'canmoderateposts') or can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t {$deljoin}\n\t LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid)\n\t {$hook_query_joins}\n\t WHERE {$postids}\n\t ORDER BY post.dateline\n\t "); if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) and !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { vB::$vbulletin->options['attachthumbs'] = 0; } if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { vB::$vbulletin->options['viewattachedimages'] = 0; } $postcount = count($postid_array); $counter = 0; $postbits = ''; vB::$vbulletin->noheader = true; while ($post = vB::$vbulletin->db->fetch_array($posts)) { if (!$privileges['can_moderate_forums']) { if ($privileges['is_coventry'] or $post['visible'] == 2) { continue; } } // post/thread is deleted by moderator and we don't have permission to see it if (!($post['visible'] or $privileges['can_moderate_posts'])) { continue; } if (!intval($post['userid'])) { $post['avatarid'] = false; } else { if (!$post['hascustomavatar']) { if ($post['profilepic']) { $post['hascustomavatar'] = 1; $post['avatarid'] = true; $post['avatarpath'] = "./image.php?u=" . $post['userid'] . "&dateline=" . $post['profilepicdateline'] . "&type=profile"; $post['avwidth'] = $post['ppwidth']; $post['avheight'] = $post['ppheight']; } else { $post['hascustomavatar'] = 1; $post['avatarid'] = true; // explicity setting avatarurl to allow guests comments to show unknown avatar $post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif'; $post['avwidth'] = 60; $post['avheight'] = 60; } } } if ($tachyuser = in_coventry($post['userid']) and !can_moderate($thread['forumid'])) { continue; } if ($post['visible'] == 1 and !$tachyuser) { ++$counter; if ($postorder) { $post['postcount'] = --$postcount; } else { $post['postcount'] = ++$postcount; } } if ($tachyuser) { $fetchtype = 'post_global_ignore'; } else { if ($ignore["{$post['userid']}"]) { $fetchtype = 'post_ignore'; } else { if ($post['visible'] == 2) { $fetchtype = 'post_deleted'; } else { $fetchtype = 'post'; } } } if (vB::$vbulletin->GPC['viewfull'] and $post['postid'] == $postinfo['postid'] and $fetchtype != 'post' and (can_moderate($threadinfo['forumid']) or !$post['isdeleted'])) { $fetchtype = 'post'; } if (!$firstpostid) { $firstpostid = $post['postid']; } $post['islastshown'] = $post['postid'] == $lastpostid; $post['isfirstshown'] = ($counter == 1 and $fetchtype == 'post' and $post['visible'] == 1); $post['islastshown'] = $post['postid'] == $lastpostid; $post['attachments'] = $postattach["{$post['postid']}"]; $canedit = false; if (!$threadinfo['isdeleted'] and !$post['isdeleted'] and (can_moderate($threadinfo['forumid'], 'caneditposts') or $threadinfo['open'] and $post['userid'] == vB::$vbulletin->userinfo['userid'] and $forumperms & vB::$vbulletin->bf_ugp_forumpermissions['caneditpost'] and ($post['dateline'] >= TIMENOW - vB::$vbulletin->options['edittimelimit'] * 60 or vB::$vbulletin->options['edittimelimit'] == 0))) { $canedit = true; } // Get post date/time $postdate = vbdate(vB::$vbulletin->options['dateformat'], $post['dateline'], 1); $posttime = vbdate(vB::$vbulletin->options['timeformat'], $post['dateline']); $attachments = array(); $fr_images = array(); // Attachments (images). if (count($post['attachments']) > 0) { foreach ($post['attachments'] as $attachment) { $lfilename = strtolower($attachment['filename']); if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) { $fr_images[] = array('img' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'], 'tmb' => vB::$vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1'); } } } // Parse the post for quotes and inline images list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], false); if (count($fr_images) > 0) { $text .= "<br/>"; foreach ($fr_images as $attachment) { $text .= "<img src=\"{$attachment['img']}\"/>"; } } foreach ($images as $image) { $fr_images[] = array('img' => $image); } $avatarurl = ''; // Avatar work if (vB::$vbulletin->options['avatarenabled']) { require_once DIR . '/includes/functions_user.php'; $userinfo = fetch_userinfo($post['userid'], FETCH_USERINFO_AVATAR); fetch_avatar_from_userinfo($userinfo); if ($userinfo['avatarurl']) { $avatarurl = process_avatarurl($userinfo['avatarurl']); } } $tmp = array('post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'], 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'fr_images' => $fr_images, 'image_thumbs' => array()); // Soft Deleted if ($post['visible'] == 2) { $tmp['deleted'] = true; $tmp['del_username'] = prepare_utf8_string($post['del_username']); if ($post['del_reason']) { $tmp['del_reason'] = prepare_utf8_string($post['del_reason']); } } else { $tmp['text'] = $text; $tmp['quotable'] = $nuked_quotes; if ($canedit) { $tmp['canedit'] = true; $tmp['edittext'] = prepare_utf8_string($post['pagetext']); } } if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } $posts_out[] = $tmp; } if ($LASTPOST['dateline'] > $displayed_dateline) { $displayed_dateline = $LASTPOST['dateline']; if ($displayed_dateline <= $threadview) { $updatethreadcookie = true; } } // Set thread last view if ($displayed_dateline and $displayed_dateline > $threadview) { mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline); } vB::$vbulletin->db->free_result($posts); unset($post); $total = $record_count; return $posts_out; }
eval(standard_error(fetch_error('invalidid', $vbphrase['forum'], $vbulletin->options['contactuslink']))); } else { exec_header_redirect($vbulletin->config['Misc']['admincpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('moderator.php?' . $vbulletin->session->vars['sessionurl_js'] . "do=add&f={$foruminfo['forumid']}")); } } else { print_no_permission(); } } // ############################################################################# if ($_REQUEST['do'] == 'postannouncement') { $vbulletin->input->clean_gpc('r', 'formumid', TYPE_INT); exec_header_redirect('announcement.php?' . $vbulletin->session->vars['sessionurl_js'] . 'do=edit&f=' . $vbulletin->GPC['forumid']); } if ($_REQUEST['do'] == 'useroptions') { $vbulletin->input->clean_gpc('r', 'userid', TYPE_UINT); $userid = verify_id('user', $vbulletin->GPC['userid']); if (can_administer('canadminusers')) { exec_header_redirect($vbulletin->config['Misc']['admincpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('user.php?' . $vbulletin->session->vars['sessionurl_js'] . "do=edit&u={$userid}")); } else { if (can_moderate(0, 'canviewprofile')) { exec_header_redirect($vbulletin->config['Misc']['modcpdir'] . '/index.php?' . $vbulletin->session->vars['sessionurl_js'] . 'loc=' . urlencode('user.php?' . $vbulletin->session->vars['sessionurl_js'] . "do=viewuser&u={$userid}")); } else { print_no_permission(); } } } // ############################################################################# if ($_REQUEST['do'] == 'move') { if (!$foruminfo['forumid']) { eval(standard_error(fetch_error('invalidid', $vbphrase['forum'], $vbulletin->options['contactuslink']))); }
$show['approvepost'] = can_moderate($threadinfo['forumid'], 'canmoderateposts') ? true : false; $show['managethread'] = can_moderate($threadinfo['forumid'], 'canmanagethreads') ? true : false; $show['approveattachment'] = can_moderate($threadinfo['forumid'], 'canmoderateattachments') ? true : false; $show['inlinemod'] = (!$show['threadedmode'] and ($show['managethread'] or $show['managepost'] or $show['approvepost'])) ? true : false; $show['spamctrls'] = ($show['inlinemod'] and $show['managepost']); $url = $show['inlinemod'] ? SCRIPTPATH : ''; // build inline moderation popup if ($show['popups'] and $show['inlinemod']) { eval('$threadadmin_imod_menu_post = "' . fetch_template('threadadmin_imod_menu_post') . '";'); } else { $threadadmin_imod_menu_post = ''; } // ********************************************************************************* // find the page that we should be on to display this post if (!empty($postid) and $threadedmode == 0) { $postinfo = verify_id('post', $postid, 1, 1); $threadid = $postinfo['threadid']; $getpagenum = $db->query_first("\n\t\tSELECT COUNT(*) AS posts\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tWHERE threadid = {$threadid} AND visible = 1\n\t\tAND dateline " . iif(!$postorder, '<=', '>=') . " {$postinfo['dateline']}\n\t"); $vbulletin->GPC['pagenumber'] = ceil($getpagenum['posts'] / $perpage); } // ********************************************************************************* // update views counter if ($vbulletin->options['threadviewslive']) { // doing it as they happen; for optimization purposes, this cannot use a DM! $db->shutdown_query("\n\t\tUPDATE " . TABLE_PREFIX . "thread\n\t\tSET views = views + 1\n\t\tWHERE threadid = " . intval($threadinfo['threadid'])); } else { // or doing it once an hour $db->shutdown_query("\n\t\tINSERT INTO " . TABLE_PREFIX . "threadviews (threadid)\n\t\tVALUES (" . intval($threadinfo['threadid']) . ')'); } // ********************************************************************************* // display ratings if enabled
private static function renderResult($userinfo, $post_array, $permissions, $forumperms, $target_url, $nodeid) { if (!count($post_array)) { return ''; } require_once DIR . '/includes/functions_bigthree.php' ; require_once DIR . '/includes/class_postbit.php' ; fetch_phrase_group('showthread'); fetch_phrase_group('postbit'); global $vbphrase; global $template_hook; global $show; global $thread; $thread = $thread->get_record(); $threadinfo = verify_id('thread', $thread['threadid'], 1, 1); $foruminfo = verify_id('forum', $threadinfo['forumid'], 1, 1); $firstpostid = false; $displayed_dateline = 0; if (vB::$vbulletin->options['threadmarking'] AND vB::$vbulletin->userinfo['userid']) { $threadview = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - (vB::$vbulletin->options['markinglimit'] * 86400)); } else { $threadview = intval(fetch_bbarray_cookie('thread_lastview', $thread['threadid'])); if (!$threadview) { $threadview = vB::$vbulletin->userinfo['lastvisit']; } } require_once DIR . '/includes/functions_user.php'; $show['inlinemod'] = false; $postids = array(); if (! isset(vB::$vbulletin->userinfo['permissions']['cms'])) { vBCMS_Permissions::getUserPerms(); } $postids = ' post.postid in (' . implode(', ', $post_array) .')'; $posts = vB::$vbulletin->db->query_read($sql = " SELECT post.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted, user.*, userfield.*, usertextfield.*, " . iif($forum['allowicons'], 'icon.title as icontitle, icon.iconpath,') . " " . iif( vB::$vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . " " . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . " " . iif($deljoin, 'deletionlog.userid AS del_userid, deletionlog.username AS del_username, deletionlog.reason AS del_reason,') . " editlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline, editlog.reason AS edit_reason, editlog.hashistory, postparsed.pagetext_html, postparsed.hasimages, sigparsed.signatureparsed, sigparsed.hasimages AS sighasimages, sigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight, IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid, customprofilepic.userid AS profilepic, customprofilepic.dateline AS profilepicdateline, customprofilepic.width AS ppwidth, customprofilepic.height AS ppheight " . iif(!($permissions['genericpermissions'] & vB::$vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), vB::$vbulletin->profilefield['hidden']) . " $hook_query_fields FROM " . TABLE_PREFIX . "post AS post LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid) LEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid) LEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid) " . iif($forum['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . " " . iif( vB::$vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . " " . ((can_moderate($thread['forumid'], 'canmoderateposts') OR can_moderate($thread['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . " $deljoin LEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid) LEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ") LEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ") LEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid) LEFT JOIN " . TABLE_PREFIX . "customprofilepic AS customprofilepic ON (user.userid = customprofilepic.userid) $hook_query_joins WHERE $postids ORDER BY post.dateline "); if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canseethumbnails']) AND !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { vB::$vbulletin->options['attachthumbs'] = 0; } if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['cangetattachment'])) { vB::$vbulletin->options['viewattachedimages'] = 0; } $postcount = count($postid_array); $counter = 0; $postbits = ''; vB::$vbulletin->noheader = true; $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry = vB::$vbulletin; $postbit_factory->forum = $foruminfo; $postbit_factory->thread = $thread; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser( vB::$vbulletin, fetch_tag_list()); //We need to tell the parser to handle quotes differently. $postbit_factory->bbcode_parser->set_quote_template('vbcms_bbcode_quote'); $postbit_factory->bbcode_parser->set_quote_vars(array('page_url' => $target_url . (strpos($target_url, '?') == false ? '?' : '&'))); $show['return_node'] = $nodeid; $show['avatar'] = 1; while ($post = vB::$vbulletin->db->fetch_array($posts)) { if (! self::canViewPost($post, $permissions) ) { continue; } if (! intval($post['userid'])) { $post['avatarid'] = false; } else if (!$post['hascustomavatar']) { if ($post['profilepic']) { $post['hascustomavatar'] = 1; $post['avatarid'] = true; $post['avatarpath'] = "./image.php?u=" . $post['userid'] . "&dateline=" . $post['profilepicdateline'] . "&type=profile"; $post['avwidth'] = $post['ppwidth']; $post['avheight'] = $post['ppheight']; } else { $post['hascustomavatar'] = 1; $post['avatarid'] = true; // explicity setting avatarurl to allow guests comments to show unknown avatar $post['avatarurl'] = $post['avatarpath'] = vB_Template_Runtime::fetchStyleVar('imgdir_misc') . '/unknown.gif'; $post['avwidth'] = 60; $post['avheight'] = 60; } } if ($tachyuser = in_coventry($post['userid']) AND !can_moderate($thread['forumid'])) { continue; } if ($post['visible'] == 1 AND !$tachyuser) { ++$counter; if ($postorder) { $post['postcount'] = --$postcount; } else { $post['postcount'] = ++$postcount; } } if ($tachyuser) { $fetchtype = 'post_global_ignore'; } else if ($ignore["$post[userid]"]) { $fetchtype = 'post_ignore'; } else if ($post['visible'] == 2) { $fetchtype = 'post_deleted'; } else { $fetchtype = 'post'; } if ( ( vB::$vbulletin->GPC['viewfull'] AND $post['postid'] == $postinfo['postid'] AND $fetchtype != 'post') AND (can_moderate($threadinfo['forumid']) OR !$post['isdeleted']) ) { $fetchtype = 'post'; } ($hook = vBulletinHook::fetch_hook('showthread_postbit_create')) ? eval($hook) : false; $postbit_obj = $postbit_factory->fetch_postbit($fetchtype); $postbit_obj->set_template_prefix('vbcms_'); if ($fetchtype == 'post') { $postbit_obj->highlight = $replacewords; } if (!$firstpostid) { $firstpostid = $post['postid']; } $post['islastshown'] = ($post['postid'] == $lastpostid); $post['isfirstshown'] = ($counter == 1 AND $fetchtype == 'post' AND $post['visible'] == 1); $post['islastshown'] = ($post['postid'] == $lastpostid); $post['attachments'] = $postattach["$post[postid]"]; $parsed_postcache = array('text' => '', 'images' => 1, 'skip' => false); $this_postbit = $postbit_obj->construct_postbit($post); $this_template = vB_Template::create('vbcms_comments_detail'); $this_template->register('postid', $post['postid'] ); $this_template->register('postbit', $this_postbit); $this_template->register('indent', $post_array[$this_key]['level'] * $pixel_indent); $postbits .= $this_template->render(); $LASTPOST = $post; // Only show after the first post, counter isn't incremented for deleted/moderated posts if ($post_cachable AND $post['pagetext_html'] == '') { if (!empty($saveparsed)) { $saveparsed .= ','; } $saveparsed .= "($post[postid], " . intval($thread['lastpost']) . ', ' . intval($postbit_obj->post_cache['has_images']) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->post_cache['text']) . "', " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ")"; } if (!empty($postbit_obj->sig_cache) AND $post['userid']) { if (!empty($save_parsed_sigs)) { $save_parsed_sigs .= ','; } $save_parsed_sigs .= "($post[userid], " . intval(STYLEID) . ", " . intval(LANGUAGEID) . ", '" . vB::$vbulletin->db->escape_string($postbit_obj->sig_cache['text']) . "', " . intval($postbit_obj->sig_cache['has_images']) . ")"; } } if ($LASTPOST['dateline'] > $displayed_dateline) { $displayed_dateline = $LASTPOST['dateline']; if ($displayed_dateline <= $threadview) { $updatethreadcookie = true; } } if ($firstpostid) { $this_template->register('FIRSTPOSTID', $firstpostid ); } if ($lastpostid) { $this_template->register('LASTPOSTID', $lastpostid); } // Set thread last view if ($displayed_dateline AND $displayed_dateline > $threadview) { mark_thread_read($threadinfo, $foruminfo, vB::$vbulletin->userinfo['userid'], $displayed_dateline); } vB::$vbulletin->db->free_result($posts); unset($post); return $postbits; }
if ($vbulletin->userinfo['searchprefs'] != '') { $prefs = array_merge($prefs, unserialize($vbulletin->userinfo['searchprefs'])); } // if $forumid is specified, use it if ($foruminfo['forumid']) { $vbulletin->GPC['forumchoice'][] = $foruminfo['forumid']; } // if search conditions are specified in the URI, use them foreach (array_keys($globals) as $varname) { if ($vbulletin->GPC_exists["{$varname}"] and $varname != 'forumchoice' and $varname != 'prefixchoice' and $varname != 'humanverify') { $prefs["{$varname}"] = $vbulletin->GPC["{$varname}"]; } } if ($vbulletin->GPC['searchthreadid']) { $show['searchthread'] = true; $threadinfo = verify_id('thread', $vbulletin->GPC['searchthreadid'], true, true); $searchid = $threadinfo['threadid']; // check for visible / deleted thread if (in_coventry($threadinfo['postuserid']) and !can_moderate($threadinfo['forumid']) or $threadinfo['open'] == 10 or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'])) { eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink']))); } $foruminfo = fetch_foruminfo($threadinfo['forumid']); // ********************************************************************************* // check forum permissions $forumperms = fetch_permissions($threadinfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { print_no_permission(); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { print_no_permission(); }
} } if ($vbulletin->GPC['pollid']) { $pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1); $pollid =& $pollinfo['pollid']; } } else { if ($vbulletin->GPC['forumid']) { $foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 0, 1); $forumid =& $foruminfo['forumid']; if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) { $codestyleid =& $foruminfo['styleid']; } } else { if ($vbulletin->GPC['pollid'] and THIS_SCRIPT == 'poll') { $pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1); $pollid =& $pollinfo['pollid']; $threadinfo = $db->query_first("\n\t\tSELECT thread.*\n\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\tWHERE thread.pollid = " . $vbulletin->GPC['pollid'] . "\n\t\t\tAND open <> 10\n\t"); $threadid =& $threadinfo['threadid']; $foruminfo = fetch_foruminfo($threadinfo['forumid']); $forumid =& $foruminfo['forumid']; if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) { $codestyleid = $foruminfo['styleid']; } } } } // ############################################################################# // ######################## START TEMPLATES & STYLES ########################### // ############################################################################# $userselect = false;
if ($_REQUEST['do'] == 'editattachments') { // Variables reused in templates $perpage = $vbulletin->input->clean_gpc('r', 'perpage', TYPE_UINT); $pagenumber = $vbulletin->input->clean_gpc('r', 'pagenumber', TYPE_UINT); $showthumbs = $vbulletin->input->clean_gpc('r', 'showthumbs', TYPE_BOOL); $vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT)); $templatename = 'modifyattachments'; $show['attachment_list'] = true; if (!$vbulletin->GPC['userid'] or $vbulletin->GPC['userid'] == $vbulletin->userinfo['userid']) { // show own attachments in user cp $userid = $vbulletin->userinfo['userid']; $username = $vbulletin->userinfo['username']; $show['attachquota'] = true; } else { // show someone else's attachments $userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1); $userid = $userinfo['userid']; $username = $userinfo['username']; $show['otheruserid'] = true; } ($hook = vBulletinHook::fetch_hook('profile_editattachments_start')) ? eval($hook) : false; // Get forums that allow canview access foreach ($vbulletin->userinfo['forumpermissions'] as $forumid => $perm) { if ($perm & $vbulletin->bf_ugp_forumpermissions['canview'] and $perm & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] and $perm & $vbulletin->bf_ugp_forumpermissions['cangetattachment']) { if ($userid != $vbulletin->userinfo['userid'] and !($perm & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) { // Viewing non-self and don't have permission to view other's threads in this forum continue; } $forumids .= ",{$forumid}"; } }
print_label_row($title, construct_link_code($infraction['count'], "admininfraction.php?" . $vbulletin->session->vars['sessionurl'] . "do=dolist&infractionlevelid={$infraction['infractionlevelid']}&startstamp=1&endstamp=" . TIMENOW, false, '', true)); } if ($db->num_rows($infractions)) { print_table_footer(); } } if ($_REQUEST['do'] == 'list' or $_REQUEST['do'] == 'dolist') { $vbulletin->input->clean_array_gpc('r', array('leftby' => TYPE_NOHTML, 'leftfor' => TYPE_NOHTML, 'userid' => TYPE_UINT, 'whoadded' => TYPE_UINT, 'pagenumber' => TYPE_UINT, 'perpage' => TYPE_UINT, 'orderby' => TYPE_NOHTML, 'start' => TYPE_ARRAY_UINT, 'end' => TYPE_ARRAY_UINT, 'startstamp' => TYPE_UINT, 'endstamp' => TYPE_UINT, 'status' => TYPE_NOHTML, 'infractionlevelid' => TYPE_INT)); $vbulletin->GPC['start'] = iif($vbulletin->GPC['startstamp'], $vbulletin->GPC['startstamp'], $vbulletin->GPC['start']); $vbulletin->GPC['end'] = iif($vbulletin->GPC['endstamp'], $vbulletin->GPC['endstamp'], $vbulletin->GPC['end']); if ($whoaddedinfo = verify_id('user', $vbulletin->GPC['whoadded'], 0, 1)) { $vbulletin->GPC['leftby'] = $whoaddedinfo['username']; } else { $vbulletin->GPC['whoadded'] = 0; } if ($userinfo = verify_id('user', $vbulletin->GPC['userid'], 0, 1)) { $vbulletin->GPC['leftfor'] = $userinfo['username']; } else { $vbulletin->GPC['userid'] = 0; } // Default View Values if (!$vbulletin->GPC['start']) { $vbulletin->GPC['start'] = TIMENOW - 3600 * 24 * 30; } if (!$vbulletin->GPC['end']) { $vbulletin->GPC['end'] = TIMENOW; } if (!$vbulletin->GPC['status']) { $vbulletin->GPC['status'] = 'all'; } $statusoptions = array('all' => $vbphrase['all'], 'active' => $vbphrase['active'], 'expired' => $vbphrase['expired'], 'reversed' => $vbphrase['reversed']);
$user = fetch_userinfo($vbulletin->GPC['userid']); if ($user) { $userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdm->set_existing($user); $userdm->set('reputation', "reputation - {$diff}", false); $userdm->save(); unset($userdm); } } define('CP_REDIRECT', "adminreputation.php?do=list&u=" . $vbulletin->GPC['userid']); print_stop_message('saved_reputation_successfully'); } // ************************************************************************************************* if ($_POST['do'] == 'killreputation') { $vbulletin->input->clean_array_gpc('p', array('reputationid' => TYPE_INT)); $repinfo = verify_id('reputation', $vbulletin->GPC['reputationid'], 0, 1); $user = fetch_userinfo($repinfo['userid']); if ($user) { $userdm =& datamanager_init('User', $vbulletin, ERRTYPE_CP); $userdm->set_existing($user); $userdm->set('reputation', $user['reputation'] - $repinfo['reputation']); $userdm->save(); unset($userdm); } $db->query_write("\n\t\tDELETE FROM " . TABLE_PREFIX . "reputation\n\t\tWHERE reputationid = " . $vbulletin->GPC['reputationid']); define('CP_REDIRECT', "adminreputation.php?do=list&u={$repinfo['userid']}"); print_stop_message('deleted_reputation_successfully'); } // ************************************************************************************************* if ($_REQUEST['do'] == 'deletereputation') { $vbulletin->input->clean_array_gpc('r', array('reputationid' => TYPE_INT));
} } if ($vbulletin->GPC['holidayid']) { if ($eventinfo = $db->query_first_slave("\n\t\tSELECT *\n\t\tFROM " . TABLE_PREFIX . "holiday AS holiday\n\t\tWHERE holidayid = " . $vbulletin->GPC['holidayid'])) { $eventinfo['visible'] = 1; $eventinfo['holiday'] = 1; $eventinfo['title'] = $vbphrase['holiday' . $eventinfo['holidayid'] . '_title']; $eventinfo['event'] = $vbphrase['holiday' . $eventinfo['holidayid'] . '_desc']; } else { eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']))); } } if ($eventinfo['eventid'] and $eventinfo['userid'] != $vbulletin->userinfo['userid'] and !($vbulletin->userinfo['calendarpermissions']["{$eventinfo['calendarid']}"] & $vbulletin->bf_ugp_calendarpermissions['canviewothersevent'])) { print_no_permission(); } $calendarinfo = verify_id('calendar', $vbulletin->GPC['calendarid'], 1, 1); $getoptions = convert_bits_to_array($calendarinfo['options'], $_CALENDAROPTIONS); $calendarinfo = array_merge($calendarinfo, $getoptions); $geteaster = convert_bits_to_array($calendarinfo['holidays'], $_CALENDARHOLIDAYS); $calendarinfo = array_merge($calendarinfo, $geteaster); $calendarid =& $calendarinfo['calendarid']; $calview = htmlspecialchars_uni(fetch_bbarray_cookie('calendar', 'calview' . $calendarinfo['calendarid'])); $calmonth = intval(fetch_bbarray_cookie('calendar', 'calmonth')); $calyear = intval(fetch_bbarray_cookie('calendar', 'calyear')); $show['neweventlink'] = $vbulletin->userinfo['calendarpermissions'][$calendarid] & $vbulletin->bf_ugp_calendarpermissions['canpostevent'] ? true : false; if (empty($_REQUEST['do'])) { $defaultview = !empty($calendarinfo['weekly']) ? 'displayweek' : (!empty($calendarinfo['yearly']) ? 'displayyear' : 'displaymonth'); $_REQUEST['do'] = !empty($calview) ? $calview : $defaultview; } if ($vbulletin->GPC['sb']) { // Allow showbirthdays to be turned on if they are off -- mainly for the birthday link from the front page
function goto_nextthread($threadid, $throwerror = true) { global $vbulletin; $thread = verify_id('thread', $threadid, $throwerror, 1); $forumperms = fetch_permissions($thread['forumid']); // remove threads from users on the global ignore list if user is not a moderator if ($coventry = fetch_coventry('string') and !can_moderate($thread['forumid'])) { $globalignore = "AND postuserid NOT IN ({$coventry})"; } else { $globalignore = ''; } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) { $limitothers = "AND postuserid = " . $vbulletin->userinfo['userid'] . " AND " . $vbulletin->userinfo['userid'] . " <> 0"; } else { $limitothers = ''; } if ($vbulletin->userinfo['userid'] and in_coventry($vbulletin->userinfo['userid'], true)) { $lastpost_info = ",IF(tachythreadpost.userid IS NULL, thread.lastpost, tachythreadpost.lastpost) AS lastpost"; $tachyjoin = "LEFT JOIN " . TABLE_PREFIX . "tachythreadpost AS tachythreadpost ON " . "(tachythreadpost.threadid = thread.threadid AND tachythreadpost.userid = " . $vbulletin->userinfo['userid'] . ')'; $lastpost_having = "HAVING lastpost > {$thread['lastpost']}"; } else { $lastpost_info = ""; $tachyjoin = ""; $lastpost_having = "AND lastpost > {$thread['lastpost']}"; } if ($getnextnewest = $vbulletin->db->query_first_slave("\n\t\tSELECT thread.threadid, thread.title\n\t\t\t{$lastpost_info}\n\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t{$tachyjoin}\n\t\tWHERE forumid = {$thread['forumid']}\n\t\t\tAND visible = 1\n\t\t\tAND open <> 10\n\t\t\t{$globalignore}\n\t\t\t{$limitothers}\n\t\t{$lastpost_having}\n\t\tORDER BY lastpost\n\t\tLIMIT 1\n\t")) { $threadid = $getnextnewest['threadid']; unset($thread); } else { if ($throwerror) { eval(standard_error(fetch_error('nonextnewest'))); } } return $getnextnewest; }
/** * Extracts the threadid from the URL, correctly handles the different friendly URLs * * @param string The URL to try to pull the threadid from. * * @return integer Returns the threadid or 0 if no threadid is found. * */ function extract_threadid_from_url($url) { global $vbulletin; $threadid = 0; // Disallow relative URLs, since the t=threadid in the URL refers to another thread // Not needed since these URLs now redirect to the canonical URL? if (stripos($url, 'goto=next') !== false) { return $threadid; } $search = array('#[\\?&](?:threadid|t)=([0-9]+)#', '#showthread.php[\\?/]([0-9]+)#', '#/threads/([0-9]+)#'); foreach ($search as $regex) { if (preg_match($regex, $url, $matches)) { $threadid = intval($matches[1]); break; } } if (!$threadid) { if (preg_match('#[\\?&](postid|p)=([0-9]+)#', $url, $matches)) { $postid = verify_id('post', $matches[2], false); if ($postid) { $postinfo = fetch_postinfo($postid); $threadid = intval($postinfo['threadid']); } } } return $threadid; }
$expires = 0; break; case 'H': default: $expires = mktime(date('H') + $vbulletin->GPC['expires'], date('i'), date('s'), date('m'), date('d'), date('y')); break; } $infdata->set('expires', $expires); $infdata->set('points', $vbulletin->GPC['points']); $infdata->set('customreason', $vbulletin->GPC['customreason']); } if ($vbulletin->GPC['points'] and empty($vbulletin->GPC['banreason']) and ($infractionban or $minimumpointsban and $vbulletin->GPC['points'] + $userinfo['ipoints'] >= $minimumpointsban)) { $errors[] = 'invalid_banreason'; } } else { $infractionlevel = verify_id('infractionlevel', $vbulletin->GPC['infractionlevelid'], 1, 1); if ($infractionlevel['extend']) { if (isset($infcache["{$infractionlevel['infractionlevelid']}"]['expires'])) { if ($infcache["{$infractionlevel['infractionlevelid']}"]['expires'] == 0) { $infdata->set('expires', 0); } else { if (($expiretime = $infcache["{$infractionlevel['infractionlevelid']}"]['expires'] - TIMENOW) > 0) { switch ($infractionlevel['period']) { case 'D': $expires = $expiretime + mktime(date('H'), date('i'), date('s'), date('m'), date('d') + $infractionlevel['expires'], date('y')); break; case 'M': $expires = $expiretime + mktime(date('H'), date('i'), date('s'), date('m') + $infractionlevel['expires'], date('d'), date('y')); break; case 'N': $expires = 0;
exec_header_redirect('member.php?' . $vbulletin->session->vars['sessionurl_js'] . "u={$moderatorinfo['userid']}"); } else { if ($vbulletin->GPC['username'] != '' and !$vbulletin->GPC['userid']) { $user = $db->query_first_slave("SELECT userid FROM " . TABLE_PREFIX . "user WHERE username = '******'username']) . "'"); $vbulletin->GPC['userid'] = $user['userid']; } } } } } if (!$vbulletin->GPC['userid']) { eval(standard_error(fetch_error('unregistereduser'))); } $fetch_userinfo_options = FETCH_USERINFO_AVATAR | FETCH_USERINFO_LOCATION | FETCH_USERINFO_PROFILEPIC | FETCH_USERINFO_SIGPIC | FETCH_USERINFO_USERCSS | FETCH_USERINFO_ISFRIEND; ($hook = vBulletinHook::fetch_hook('member_start_fetch_user')) ? eval($hook) : false; $userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1, $fetch_userinfo_options); if ($userinfo['usergroupid'] == 4 and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) { print_no_permission(); } $show['vcard'] = ($vbulletin->userinfo['userid'] and $userinfo['showvcard']); if ($_REQUEST['do'] == 'vcard' and $show['vcard']) { // source: http://www.ietf.org/rfc/rfc2426.txt $text = "BEGIN:VCARD\r\n"; $text .= "VERSION:2.1\r\n"; $text .= "N:;{$userinfo['username']}\r\n"; $text .= "FN:{$userinfo['username']}\r\n"; $text .= "EMAIL;PREF;INTERNET:{$userinfo['email']}\r\n"; if (!empty($userinfo['birthday'][7]) and $userinfo['showbirthday'] == 2) { $birthday = explode('-', $userinfo['birthday']); $text .= "BDAY:{$birthday['2']}-{$birthday['0']}-{$birthday['1']}\r\n"; }
protected function load_content_info() { return verify_id('picture', $this->contentid, 1, 1); }
$albuminfo = fetch_albuminfo($vbulletin->GPC['albumid']); if (!$albuminfo) { standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } $vbulletin->GPC['userid'] = $albuminfo['userid']; } if ($vbulletin->GPC['pictureid']) { $pictureinfo = fetch_pictureinfo($vbulletin->GPC['pictureid'], $albuminfo['albumid']); if (!$pictureinfo) { standard_error(fetch_error('invalidid', $vbphrase['picture'], $vbulletin->options['contactuslink'])); } } if (!$vbulletin->GPC['userid']) { print_no_permission(); } $userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1, FETCH_USERINFO_USERCSS); // don't show stuff for users awaiting moderation if ($userinfo['usergroupid'] == 4 and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) { print_no_permission(); } cache_permissions($userinfo, false); if (!can_moderate(0, 'caneditalbumpicture') and !($userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canalbum'])) { print_no_permission(); } // determine if we can see this user's private albums and run the correct permission checks if (!empty($albuminfo)) { if ($albuminfo['state'] == 'private' and !can_view_private_albums($userinfo['userid'])) { // private album that we can not see standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink'])); } else { if ($albuminfo['state'] == 'profile' and !can_view_profile_albums($userinfo['userid'])) {
} if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { print_no_permission(); } if (!can_moderate($threadinfo['forumid'], 'caneditposts')) { if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['caneditpost'])) { print_no_permission(); } else { if ($vbulletin->userinfo['userid'] != $postinfo['userid']) { print_no_permission(); } } } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); $thread = verify_id('thread', $postinfo['threadid'], 1, 1); $forum = fetch_foruminfo($thread['forumid']); // ####################################################################### ($hook = vBulletinHook::fetch_hook('posthistory_start')) ? eval($hook) : false; // new ver is the max of the 2 compared version, old the min. Also, make sure they're different $newver = max($vbulletin->GPC['oldver'], $vbulletin->GPC['newver']); $oldver = min($vbulletin->GPC['oldver'], $vbulletin->GPC['newver']); $oldver = $oldver == $newver ? 0 : $oldver; $compare = array(); // when we are comparing the two versions if ($_REQUEST['do'] == 'compare' and $newver and $oldver) { $histories_result = $db->query_read_slave("\n\t\tSELECT *\n\t\tFROM " . TABLE_PREFIX . "postedithistory\n\t\tWHERE postedithistoryid IN (" . $newver . ", " . $oldver . ")\n\t\t\tAND postid = " . $postinfo['postid'] . "\n\t\tORDER BY dateline DESC\n\t"); } // if there wasn't two versions then show the full list if (empty($histories_result) or $db->num_rows($histories_result) < 2) { $histories_result = $db->query_read_slave("\n\t\tSELECT *\n\t\tFROM " . TABLE_PREFIX . "postedithistory\n\t\tWHERE postid = " . $postinfo['postid'] . "\n\t\tORDER BY dateline DESC\n\t");
$templater->register('start_date_array', $start_date_array); $templater->register('start_month_selected', $start_month_selected); $templater->register('usernamecode', $usernamecode); $templater->register('foruminfo', $foruminfo); $templater->register('start_day_selected', $start_day_selected); $templater->register('end_day_selected', $end_day_selected); print_output($templater->render()); } // ############################################################################# if ($_REQUEST['do'] == 'view') { $forumlist = ''; if ($announcementinfo['forumid'] > -1 OR $vbulletin->GPC['forumid']) { $foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 1, 1); $curforumid = $foruminfo['forumid']; $forumperms = fetch_permissions($foruminfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) OR !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { print_no_permission(); } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); $forumlist = fetch_forum_clause_sql($foruminfo['forumid'], 'announcement.forumid'); } else if (!$announcementinfo['announcementid']) { eval(standard_error(fetch_error('invalidid', $vbphrase['announcement'], $vbulletin->options['contactuslink'])));
function do_vote_poll() { global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $vbphrase; if (empty($threadinfo['threadid'])) { json_error(ERR_INVALID_THREAD); } $threadid = $vbulletin->GPC['threadid']; $counter = 1; $pollid = $threadinfo['pollid']; if (!$pollid) { json_error(ERR_INVALID_THREAD); } $forumperms = fetch_permissions($threadinfo['forumid']); // Get Poll info $pollinfo = verify_id('poll', $pollid, 0, 1); if (!$pollinfo['pollid']) { json_error(standard_error(fetch_error('invalidid', $vbphrase['poll'], $vbulletin->options['contactuslink']))); } $vbulletin->input->clean_array_gpc('r', array('options' => TYPE_STR)); $options = split(',', $vbulletin->GPC['options']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canvote'])) { print_no_permission(); } //check if poll is closed if (!$pollinfo['active'] or !$threadinfo['open'] or $pollinfo['dateline'] + $pollinfo['timeout'] * 86400 < TIMENOW and $pollinfo['timeout'] != 0) { //poll closed json_error(standard_error(fetch_error('pollclosed'))); } //check if an option was selected if (true) { // Query master to reduce the chance of multiple poll votes if ($uservoteinfo = $db->query_first("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "pollvote\n\t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\tAND pollid = {$pollid}\n\t\t")) { //the user has voted before json_error(standard_error(fetch_error('useralreadyvote'))); } $totaloptions = substr_count($pollinfo['options'], '|||') + 1; //Error checking complete, lets get the options if ($pollinfo['multiple']) { $insertsql = ''; $skip_voters = false; foreach ($options as $val) { $val = intval($val); if ($val > 0 and $val <= $totaloptions) { $pollvote =& datamanager_init('PollVote', $vbulletin, ERRTYPE_STANDARD); $pollvote->set_info('skip_voters', $skip_voters); $pollvote->set('pollid', $pollid); $pollvote->set('votedate', TIMENOW); $pollvote->set('voteoption', $val); $pollvote->set('userid', $vbulletin->userinfo['userid']); $pollvote->set('votetype', $val); if (!$pollvote->save(true, false, false, false, true)) { json_error(standard_error(fetch_error('useralreadyvote'))); } $skip_voters = true; } } } else { if ($options[0] > 0 and $options[0] <= $totaloptions) { $pollvote =& datamanager_init('PollVote', $vbulletin, ERRTYPE_STANDARD); $pollvote->set('pollid', $pollid); $pollvote->set('votedate', TIMENOW); $pollvote->set('voteoption', $options[0]); $pollvote->set('userid', $vbulletin->userinfo['userid']); $pollvote->set('votetype', 0); if (!$pollvote->save(true, false, false, false, true)) { json_error(standard_error(fetch_error('useralreadyvote'))); } } } // make last reply date == last vote date if ($vbulletin->options['updatelastpost']) { // option selected in CP $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost'); $threadman->set_existing($threadinfo); $threadman->set('lastpost', TIMENOW); $threadman->save(); } ($hook = vBulletinHook::fetch_hook('poll_vote_complete')) ? eval($hook) : false; } return array('success' => true); }
standard_error(fetch_error('blog_markread_error', $vbulletin->session->vars['sessionurl'], $userinfo['userid'], $vbulletin->userinfo['logouthash'], $userinfo['username'])); } mark_user_blog_read($userinfo['userid'], $vbulletin->userinfo['userid'], TIMENOW); require_once DIR . '/includes/functions_login.php'; $vbulletin->url = fetch_replaced_session_url($vbulletin->url); if (strpos($vbulletin->url, 'do=markread') !== false) { $vbulletin->url = fetch_seo_url('blog', $userinfo, null, 'userid', 'blog_title'); } eval(print_standard_redirect('blog_markread', true, true)); } // ############################################################################ // ############################### GROUP MEMBERS ########################## // ############################################################################ if ($_REQUEST['do'] == 'members') { $vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT, 'perpage' => TYPE_UINT, 'pagenumber' => TYPE_UINT)); $userinfo = verify_id('user', $vbulletin->GPC['userid'], true, true); cache_permissions($userinfo, false); if ($vbulletin->userinfo['userid'] != $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']) or $vbulletin->userinfo['userid'] == $userinfo['userid'] and !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) or !($userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canhavegroupblog']) or !$userinfo['memberids']) { print_no_permission(); } require_once DIR . '/includes/functions_user.php'; do { $perpage = ($vbulletin->GPC['perpage'] > 30 or !$vbulletin->GPC['perpage']) ? 20 : $vbulletin->GPC['perpage']; if (!$vbulletin->GPC['pagenumber']) { $vbulletin->GPC['pagenumber'] = 1; } $start = ($vbulletin->GPC['pagenumber'] - 1) * $perpage; $members = $db->query_read_slave("\r\n\t\t\tSELECT\r\n\t\t\t\tSQL_CALC_FOUND_ROWS\r\n\t\t\t\tgm.userid, user.*\r\n\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? ', avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline, customavatar.width_thumb AS avwidth_thumb, customavatar.height_thumb AS avheight_thumb, customavatar.width as avwidth, customavatar.height as avheight, customavatar.filedata_thumb' : '') . "\r\n\t\t\tFROM " . TABLE_PREFIX . "blog_groupmembership AS gm\r\n\t\t\tINNER JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = gm.userid)\r\n\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON (avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON (customavatar.userid = user.userid) " : '') . "\r\n\t\t\tWHERE\r\n\t\t\t\tgm.bloguserid = " . $vbulletin->GPC['userid'] . "\r\n\t\t\t\t\tAND\r\n\t\t\t\tgm.state = 'active'\r\n\t\t\tORDER BY user.username\r\n\t\t\tLIMIT {$start}, {$perpage}\r\n\t\t"); $membercount = $db->found_rows(); if ($start > $membercount) { $vbulletin->GPC['pagenumber'] = ceil($membercount / $perpage);
/** * Reads some context based on general input information */ public function read_input_context() { global $vbulletin; parent::read_input_context(); global $postinfo, $threadinfo, $foruminfo, $pollinfo; global $postid, $threadid, $forumid, $pollid; $vbulletin->input->clean_array_gpc('r', array('postid' => vB_Cleaner::TYPE_UINT, 'threadid' => vB_Cleaner::TYPE_UINT, 'forumid' => vB_Cleaner::TYPE_INT, 'pollid' => vB_Cleaner::TYPE_UINT)); $codestyleid = 0; // Init post/thread/forum values $postinfo = array(); $threadinfo = array(); $foruminfo = array(); // automatically query $postinfo, $threadinfo & $foruminfo if $threadid exists if ($vbulletin->GPC['postid'] and $postinfo = verify_id('post', $vbulletin->GPC['postid'], 0, 1)) { $postid = $postinfo['postid']; $vbulletin->GPC['threadid'] = $postinfo['threadid']; } // automatically query $threadinfo & $foruminfo if $threadid exists if ($vbulletin->GPC['threadid'] and $threadinfo = verify_id('thread', $vbulletin->GPC['threadid'], 0, 1)) { $threadid = $threadinfo['threadid']; $vbulletin->GPC['forumid'] = $forumid = $threadinfo['forumid']; if ($forumid) { $foruminfo = fetch_foruminfo($threadinfo['forumid']); if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) { $codestyleid = $foruminfo['styleid']; } } if ($vbulletin->GPC['pollid']) { $pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1); $pollid = $pollinfo['pollid']; } } else { if ($vbulletin->GPC['forumid']) { $foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 0, 1); $forumid = $foruminfo['forumid']; if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) { $codestyleid = $foruminfo['styleid']; } } else { if ($vbulletin->GPC['pollid'] and THIS_SCRIPT == 'poll') { $pollinfo = verify_id('poll', $vbulletin->GPC['pollid'], 0, 1); $pollid = $pollinfo['pollid']; $threadinfo = fetch_threadinfo($pollinfo['threadid']); $threadid = $threadinfo['threadid']; $foruminfo = fetch_foruminfo($threadinfo['forumid']); $forumid = $foruminfo['forumid']; if (($foruminfo['styleoverride'] == 1 or $vbulletin->userinfo['styleid'] == 0) and !defined('BYPASS_STYLE_OVERRIDE')) { $codestyleid = $foruminfo['styleid']; } } } } // ############################################################################# // Redirect if this forum has a link // check if this forum is a link to an outside site if (!empty($foruminfo['link']) and trim($foruminfo['link']) != '' and (THIS_SCRIPT != 'subscription' or $_REQUEST['do'] != 'removesubscription')) { // get permission to view forum $_permsgetter_ = 'forumdisplay'; $forumperms = fetch_permissions($foruminfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) { print_no_permission(); } // add session hash to local links if necessary if (preg_match('#^([a-z0-9_]+\\.php)(\\?.*$)?#i', $foruminfo['link'], $match)) { if ($match[2]) { // we have a ?xyz part, put session url at beginning if necessary $query_string = preg_replace('/([^a-z0-9])(s|sessionhash)=[a-z0-9]{32}(&|&)?/', '\\1', $match[2]); $foruminfo['link'] = $match[1] . '?' . vB::getCurrentSession()->get('sessionurl_js') . substr($query_string, 1); } else { $foruminfo['link'] .= vB::getCurrentSession()->get('sessionurl_q'); } } exec_header_redirect($foruminfo['link'], 301); } $this->force_styleid = $codestyleid; }