/** * MyBB 1.8 * Copyright 2014 MyBB Group, All Rights Reserved * * Website: http://www.mybb.com * License: http://www.mybb.com/about/license * */ function task_versioncheck($task) { global $cache, $lang, $mybb; $current_version = rawurlencode($mybb->version_code); $updated_cache = array('last_check' => TIME_NOW); // Check for the latest version require_once MYBB_ROOT . 'inc/class_xml.php'; $contents = fetch_remote_file("http://www.mybb.com/version_check.php"); if (!$contents) { add_task_log($task, $lang->task_versioncheck_ran_errors); return false; } $pos = strpos($contents, "<"); if ($pos > 1) { $contents = substr($contents, $pos); } $pos = strpos(strrev($contents), ">"); if ($pos > 1) { $contents = substr($contents, 0, -1 * ($pos - 1)); } $parser = new XMLParser($contents); $tree = $parser->get_tree(); $latest_code = (int) $tree['mybb']['version_code']['value']; $latest_version = "<strong>" . htmlspecialchars_uni($tree['mybb']['latest_version']['value']) . "</strong> (" . $latest_code . ")"; if ($latest_code > $mybb->version_code) { $latest_version = "<span style=\"color: #C00;\">" . $latest_version . "</span>"; $version_warn = 1; $updated_cache['latest_version'] = $latest_version; $updated_cache['latest_version_code'] = $latest_code; } else { $latest_version = "<span style=\"color: green;\">" . $latest_version . "</span>"; } // Check for the latest news require_once MYBB_ROOT . "inc/class_feedparser.php"; $feed_parser = new FeedParser(); $feed_parser->parse_feed("http://feeds.feedburner.com/MyBBDevelopmentBlog"); $updated_cache['news'] = array(); require_once MYBB_ROOT . '/inc/class_parser.php'; $post_parser = new postParser(); if ($feed_parser->error == '') { foreach ($feed_parser->items as $item) { if (isset($updated_cache['news'][2])) { break; } $description = $item['description']; $description = $post_parser->parse_message($description, array('allow_html' => true)); $description = preg_replace('#<img(.*)/>#', '', $description); $updated_cache['news'][] = array('title' => htmlspecialchars_uni($item['title']), 'description' => $description, 'link' => htmlspecialchars_uni($item['link']), 'author' => htmlspecialchars_uni($item['author']), 'dateline' => $item['date_timestamp']); } } $cache->update("update_check", $updated_cache); add_task_log($task, $lang->task_versioncheck_ran); }
static function LoadFromBeforeStartDate(DateTime $startDate, $count) { global $db, $parser, $mybb; $messages = array(); $formattedStartDate = $startDate->format("'Y-m-d H:i:s'"); $TABLE_PREFIX = TABLE_PREFIX; $query = $db->query("SELECT * FROM(\n SELECT m.`Id`, m.`SentAt`, m.`uid`, m.`Ip`, m.`Message`,\n u.`username`, u.`usergroup`, u.`displaygroup`\n FROM {$TABLE_PREFIX}badgerchat_messages m\n INNER JOIN {$TABLE_PREFIX}users u ON u.uid = m.uid\n WHERE m.`SentAt` < {$formattedStartDate}\n ORDER BY m.`SentAt` DESC LIMIT {$count}\n ) messages\n ORDER BY SentAt ASC"); $parser = new postParser(); $parser_options = array('allow_mycode' => 1, 'allow_smilies' => 1, 'allow_imgcode' => 0, 'allow_html' => 0, "allow_videocode" => 0); //TODO: Get back more info on the user (name styling) while ($row = $db->fetch_array($query)) { $parsedMessage = $parser->parse_message($row['Message'], $parser_options); $displayName = UsernameFormatter::Format($row['uid'], $row['username'], $row['usergroup'], $row['displaygroup']); array_push($messages, new Message($row["Id"], $row["SentAt"], $displayName, $row["Ip"], $parsedMessage)); } return $messages; }
/** * Build a post bit * * @param array The post data * @param int The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post) * @return string The built post bit */ function build_postbit($post, $post_type = 0) { global $db, $altbg, $theme, $mybb, $postcounter; global $titlescache, $page, $templates, $forumpermissions, $attachcache; global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid; global $plugins, $parser, $cache, $ignored_users, $hascustomtitle; $hascustomtitle = 0; // Set default values for any fields not provided here foreach (array('subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm') as $post_field) { if (empty($post[$post_field])) { $post[$post_field] = ''; } } // Set up the message parser if it doesn't already exist. if (!$parser) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $unapproved_shade = ''; if ($post['visible'] == 0 && $post_type == 0) { $altbg = $unapproved_shade = 'trow_shaded'; } elseif ($altbg == 'trow1') { $altbg = 'trow2'; } else { $altbg = 'trow1'; } $post['fid'] = $fid; switch ($post_type) { case 1: // Message preview global $forum; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = 0; break; case 2: // Private message global $message, $pmid; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; break; case 3: // Announcement global $announcementarray, $message; $parser_options['allow_html'] = $announcementarray['allowhtml']; $parser_options['allow_mycode'] = $announcementarray['allowmycode']; $parser_options['allow_smilies'] = $announcementarray['allowsmilies']; $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; break; default: // Regular post global $forum, $thread, $tid; $oldforum = $forum; $id = intval($post['pid']); $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } break; } // Sanatize our custom profile fields for use in templates, if people choose to use them foreach ($post as $post_field => $field_value) { if (substr($post_field, 0, 3) != 'fid') { continue; } $post[$post_field] = htmlspecialchars_uni($field_value); } if (!$postcounter) { // Used to show the # of the post if ($page > 1) { if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) { $mybb->settings['postsperpage'] = 20; } $postcounter = $mybb->settings['postsperpage'] * ($page - 1); } else { $postcounter = 0; } $post_extra_style = "border-top-width: 0;"; } elseif ($mybb->input['mode'] == "threaded") { $post_extra_style = "border-top-width: 0;"; } else { $post_extra_style = "margin-top: 5px;"; } if (!$altbg) { // Define the alternate background colour if this is the first post $altbg = "trow1"; } $postcounter++; // Format the post date and time using my_date $post['postdate'] = my_date($mybb->settings['dateformat'], $post['dateline']); $post['posttime'] = my_date($mybb->settings['timeformat'], $post['dateline']); // Dont want any little 'nasties' in the subject $post['subject'] = $parser->parse_badwords($post['subject']); // Pm's have been htmlspecialchars_uni()'ed already. if ($post_type != 2) { $post['subject'] = htmlspecialchars_uni($post['subject']); } if (empty($post['subject'])) { $post['subject'] = ' '; } $post['author'] = $post['uid']; // Get the usergroup if ($post['userusername']) { if (!$post['displaygroup']) { $post['displaygroup'] = $post['usergroup']; } $usergroup = $groupscache[$post['displaygroup']]; } else { $usergroup = $groupscache[1]; } if (!is_array($titlescache)) { $cached_titles = $cache->read("usertitles"); if (!empty($cached_titles)) { foreach ($cached_titles as $usertitle) { $titlescache[$usertitle['posts']] = $usertitle; } } if (is_array($titlescache)) { krsort($titlescache); } unset($usertitle, $cached_titles); } // Work out the usergroup/title stuff $post['groupimage'] = ''; if (!empty($usergroup['image'])) { $language = $mybb->settings['bblanguage']; if (!empty($mybb->user['language'])) { $language = $mybb->user['language']; } $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']); $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']); eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";"); if ($mybb->settings['postlayout'] == "classic") { $post['groupimage'] .= "<br />"; } } if ($post['userusername']) { // This post was made by a registered user $post['username'] = $post['userusername']; $post['profilelink_plain'] = get_profile_link($post['uid']); $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']); $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']); if (trim($post['usertitle']) != "") { $hascustomtitle = 1; } if ($usergroup['usertitle'] != "" && !$hascustomtitle) { $post['usertitle'] = $usergroup['usertitle']; } elseif (is_array($titlescache) && !$usergroup['usertitle']) { reset($titlescache); foreach ($titlescache as $key => $titleinfo) { if ($post['postnum'] >= $key) { if (!$hascustomtitle) { $post['usertitle'] = $titleinfo['title']; } $post['stars'] = $titleinfo['stars']; $post['starimage'] = $titleinfo['starimage']; break; } } } if ($usergroup['stars']) { $post['stars'] = $usergroup['stars']; } if (empty($post['starimage'])) { $post['starimage'] = $usergroup['starimage']; } if ($post['starimage'] && $post['stars']) { // Only display stars if we have an image to use... $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']); $post['userstars'] = ''; for ($i = 0; $i < $post['stars']; ++$i) { $post['userstars'] .= "<img src=\"" . $post['starimage'] . "\" border=\"0\" alt=\"*\" />"; } $post['userstars'] .= "<br />"; } $postnum = $post['postnum']; $post['postnum'] = my_number_format($post['postnum']); // Determine the status to show for the user (Online/Offline/Away) $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if ($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_online") . "\";"); } else { if ($post['away'] == 1 && $mybb->settings['allowaway'] != 0) { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_away") . "\";"); } else { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";"); } } if ($post['avatar'] != "" && ($mybb->user['showavatars'] != 0 || !$mybb->user['uid'])) { $post['avatar'] = htmlspecialchars_uni($post['avatar']); $avatar_dimensions = explode("|", $post['avatardimensions']); if ($avatar_dimensions[0] && $avatar_dimensions[1]) { list($max_width, $max_height) = explode("x", my_strtolower($mybb->settings['postmaxavatarsize'])); if ($avatar_dimensions[0] > $max_width || $avatar_dimensions[1] > $max_height) { require_once MYBB_ROOT . "inc/functions_image.php"; $scaled_dimensions = scale_image($avatar_dimensions[0], $avatar_dimensions[1], $max_width, $max_height); $avatar_width_height = "width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\""; } else { $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\""; } } eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";"); $post['avatar_padding'] = "padding-right: 10px;"; } else { $post['useravatar'] = ''; $post['avatar_padding'] = ''; } eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";"); if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) { eval("\$post['button_pm'] = \"" . $templates->get("postbit_pm") . "\";"); } if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid']) { if (!$post['pid']) { $post['pid'] = 0; } eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";"); } if ($post['website'] != "") { $post['website'] = htmlspecialchars_uni($post['website']); eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";"); } else { $post['button_www'] = ""; } if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) { eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";"); } else { $post['button_email'] = ""; } $post['userregdate'] = my_date($mybb->settings['regdateformat'], $post['regdate']); // Work out the reputation this user has (only show if not announcement) if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) { $post['userreputation'] = get_reputation($post['reputation'], $post['uid']); eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";"); } // Showing the warning level? (only show if not announcement) if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) { $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); if ($warning_level > 100) { $warning_level = 100; } $warning_level = get_colored_warning_level($warning_level); // If we can warn them, it's not the same person, and we're in a PM or a post. if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) { eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";"); $warning_link = "warnings.php?uid={$post['uid']}"; } else { $warning_link = "usercp.php"; } eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";"); } eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";"); } else { // Message was posted by a guest or an unknown user $post['profilelink'] = format_name($post['username'], 1); if ($usergroup['usertitle']) { $post['usertitle'] = $usergroup['usertitle']; } else { $post['usertitle'] = $lang->guest; } $usergroup['title'] = $lang->na; $post['userregdate'] = $lang->na; $post['postnum'] = $lang->na; $post['button_profile'] = ''; $post['button_email'] = ''; $post['button_www'] = ''; $post['signature'] = ''; $post['button_pm'] = ''; $post['button_find'] = ''; $post['onlinestatus'] = ''; $post['replink'] = ''; eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";"); } $post['button_edit'] = ''; $post['button_quickdelete'] = ''; $post['button_quote'] = ''; $post['button_quickquote'] = ''; $post['button_report'] = ''; // For private messages, fetch the reply/forward/delete icons if ($post_type == 2 && $post['pmid']) { global $replyall; eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";"); eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";"); eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";"); if ($replyall == true) { eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";"); } } if (!$post_type) { // Figure out if we need to show an "edited by" message $post['editedmsg'] = ''; if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) { $post['editdate'] = my_date($mybb->settings['dateformat'], $post['edittime']); $post['edittime'] = my_date($mybb->settings['timeformat'], $post['edittime']); $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate'], $post['edittime']); $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']); eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";"); } if ((is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid']) && $mybb->user['uid'] != 0) { eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";"); } // Quick Delete button $can_delete = 0; if ($mybb->user['uid'] == $post['uid']) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete = 1; } } } if ((is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0) { eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } // Inline moderation stuff if ($ismod) { if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) { $inlinecheck = "checked=\"checked\""; $inlinecount++; } else { $inlinecheck = ""; } eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";"); if ($post['visible'] == 0) { $invisiblepost = 1; } } else { $post['inlinecheck'] = ""; } $post['postlink'] = get_post_link($post['pid'], $post['tid']); eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";"); global $forum, $thread; if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid']))) { eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";"); } if ($forumpermissions['canpostreplys'] != 0 && ($thread['closed'] != 1 || is_moderator($fid)) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) { eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";"); } if ($mybb->user['uid'] != "0") { eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";"); } if ($mybb->settings['logip'] != "no") { if ($mybb->settings['logip'] == "show") { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";"); } else { if ($mybb->settings['logip'] == "hide" && is_moderator($fid, "canviewips")) { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";"); } else { $post['iplogged'] = ""; } } } else { $post['iplogged'] = ""; } } elseif ($post_type == 3) { if ($mybb->usergroup['issupermod'] == 1 || is_moderator($fid)) { eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";"); eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";"); } } if ($post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } // If we have incoming search terms to highlight - get it done. if (!empty($mybb->input['highlight'])) { $parser_options['highlight'] = $mybb->input['highlight']; $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']); } $post['message'] = $parser->parse_message($post['message'], $parser_options); get_post_attachments($id, $post); if ($post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts'])) { $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($usergroup['signofollow']) { $sig_parser['nofollow_on'] = 1; } $post['signature'] = $parser->parse_message($post['signature'], $sig_parser); eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";"); } else { $post['signature'] = ""; } $icon_cache = $cache->read("posticons"); if ($post['icon'] > 0 && $icon_cache[$post['icon']]) { $icon = $icon_cache[$post['icon']]; $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); $post['icon'] = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" style=\"vertical-align: middle;\" /> "; } else { $post['icon'] = ""; } $post_visibility = ''; switch ($post_type) { case 1: // Message preview $post = $plugins->run_hooks("postbit_prev", $post); break; case 2: // Private message $post = $plugins->run_hooks("postbit_pm", $post); break; case 3: // Announcement $post = $plugins->run_hooks("postbit_announcement", $post); break; default: // Regular post $post = $plugins->run_hooks("postbit", $post); // Is this author on the ignore list of the current user? Hide this post $ignore_bit = ''; if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) { $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']); eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";"); $post_visibility = "display: none;"; } break; } if ($mybb->settings['postlayout'] == "classic") { eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";"); } else { eval("\$postbit = \"" . $templates->get("postbit") . "\";"); } $GLOBALS['post'] = ""; return $postbit; }
eval('$contact_fields[\'' . $field . '\'] = "' . $templates->get($tmpl) . '";'); } } if ($any_contact_field || $sendemail || $sendpm || $website) { eval('$contact_details = "' . $templates->get("member_profile_contact_details") . '";'); } $signature = ''; if ($memprofile['signature'] && ($memprofile['suspendsignature'] == 0 || $memprofile['suspendsigtime'] < TIME_NOW) && !is_member($mybb->settings['hidesignatures']) && $memperms['canusesig'] && $memperms['canusesigxposts'] <= $memprofile['postnum']) { $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $memprofile['username'], "filter_badwords" => 1); if ($memperms['signofollow']) { $sig_parser['nofollow_on'] = 1; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $sig_parser['allow_imgcode'] = 0; } $memprofile['signature'] = $parser->parse_message($memprofile['signature'], $sig_parser); eval("\$signature = \"" . $templates->get("member_profile_signature") . "\";"); } $daysreg = (TIME_NOW - $memprofile['regdate']) / (24 * 3600); if ($daysreg < 1) { $daysreg = 1; } $stats = $cache->read("stats"); // Format post count, per day count and percent of total $ppd = $memprofile['postnum'] / $daysreg; $ppd = round($ppd, 2); if ($ppd > $memprofile['postnum']) { $ppd = $memprofile['postnum']; } $numposts = $stats['numposts']; if ($numposts == 0) {
if (isset($mybb->input['preview'])) { $parser_options = array(); $parser_options['allow_html'] = $mybb->get_input('allowhtml', MyBB::INPUT_INT); $parser_options['allow_mycode'] = $mybb->get_input('allowmycode', MyBB::INPUT_INT); $parser_options['allow_smilies'] = $mybb->get_input('allowsmilies', MyBB::INPUT_INT); $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = htmlspecialchars_uni($mybb->user['username']); $parser_options['filter_badwords'] = 1; // Set up the message parser if it doesn't already exist. if (!is_object($parser)) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $preview = array(); $preview['message'] = $parser->parse_message($mybb->input['message'], $parser_options); $preview['subject'] = htmlspecialchars_uni($mybb->input['title']); } else { $months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12'); if (!in_array($mybb->input['starttime_month'], $months)) { $mybb->input['starttime_month'] = 1; } if ($mybb->input['endtime_type'] == "2") { $enddate = '0'; } else { if (!in_array($mybb->input['endtime_month'], $months)) { $mybb->input['endtime_month'] = 1; } } $update_announcement = array("fid" => $mybb->input['fid'], "subject" => $db->escape_string($mybb->input['title']), "message" => $db->escape_string($mybb->input['message']), "startdate" => $startdate, "enddate" => $enddate, "allowhtml" => $mybb->get_input('allowhtml', MyBB::INPUT_INT), "allowmycode" => $mybb->get_input('allowmycode', MyBB::INPUT_INT), "allowsmilies" => $mybb->get_input('allowsmilies', MyBB::INPUT_INT)); $plugins->run_hooks("admin_forum_announcements_edit_commit");
/** * Build a post bit * * @param array $post The post data * @param int $post_type The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post) * @return string The built post bit */ function build_postbit($post, $post_type = 0) { global $db, $altbg, $theme, $mybb, $postcounter, $profile_fields; global $titlescache, $page, $templates, $forumpermissions, $attachcache; global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid; global $plugins, $parser, $cache, $ignored_users, $hascustomtitle; $hascustomtitle = 0; // Set default values for any fields not provided here foreach (array('pid', 'aid', 'pmid', 'posturl', 'button_multiquote', 'subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_purgespammer', 'button_pm', 'button_pubkey', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm', 'replink', 'warninglevel') as $post_field) { if (empty($post[$post_field])) { $post[$post_field] = ''; } } // Set up the message parser if it doesn't already exist. if (!$parser) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } if (!function_exists("purgespammer_show")) { require_once MYBB_ROOT . "inc/functions_user.php"; } $unapproved_shade = ''; if (isset($post['visible']) && $post['visible'] == 0 && $post_type == 0) { $altbg = $unapproved_shade = 'unapproved_post'; } elseif (isset($post['visible']) && $post['visible'] == -1 && $post_type == 0) { $altbg = $unapproved_shade = 'unapproved_post deleted_post'; } elseif ($altbg == 'trow1') { $altbg = 'trow2'; } else { $altbg = 'trow1'; } $post['fid'] = $fid; switch ($post_type) { case 1: // Message preview global $forum; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = 0; break; case 2: // Private message global $message, $pmid; $idtype = 'pmid'; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; break; case 3: // Announcement global $announcementarray, $message; $parser_options['allow_html'] = $announcementarray['allowhtml']; $parser_options['allow_mycode'] = $announcementarray['allowmycode']; $parser_options['allow_smilies'] = $announcementarray['allowsmilies']; $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $announcementarray['aid']; break; default: // Regular post global $forum, $thread, $tid; $oldforum = $forum; $id = (int) $post['pid']; $idtype = 'pid'; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } break; } if (!$postcounter) { // Used to show the # of the post if ($page > 1) { if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) { $mybb->settings['postsperpage'] = 20; } $postcounter = $mybb->settings['postsperpage'] * ($page - 1); } else { $postcounter = 0; } $post_extra_style = "border-top-width: 0;"; } elseif ($mybb->input['mode'] == "threaded") { $post_extra_style = "border-top-width: 0;"; } else { $post_extra_style = "margin-top: 5px;"; } if (!$altbg) { // Define the alternate background colour if this is the first post $altbg = "trow1"; } $postcounter++; // Format the post date and time using my_date //$post['postdate'] = my_date('relative', $post['dateline']); $post['postdate'] = date('Y-m-d', $post['dateline']); // Dont want any little 'nasties' in the subject $post['subject'] = $parser->parse_badwords($post['subject']); // Pm's have been htmlspecialchars_uni()'ed already. if ($post_type != 2) { $post['subject'] = htmlspecialchars_uni($post['subject']); } if (empty($post['subject'])) { $post['subject'] = ' '; } $post['author'] = $post['uid']; $post['subject_title'] = $post['subject']; // Get the usergroup if ($post['userusername']) { if (!$post['displaygroup']) { $post['displaygroup'] = $post['usergroup']; } $usergroup = $groupscache[$post['displaygroup']]; } else { $usergroup = $groupscache[1]; } if (!is_array($titlescache)) { $cached_titles = $cache->read("usertitles"); if (!empty($cached_titles)) { foreach ($cached_titles as $usertitle) { $titlescache[$usertitle['posts']] = $usertitle; } } if (is_array($titlescache)) { krsort($titlescache); } unset($usertitle, $cached_titles); } // Work out the usergroup/title stuff $post['groupimage'] = ''; if (!empty($usergroup['image'])) { $language = $mybb->settings['bblanguage']; if (!empty($mybb->user['language'])) { $language = $mybb->user['language']; } $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']); $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']); eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";"); if ($mybb->settings['postlayout'] == "classic") { $post['groupimage'] .= "<br />"; } } if ($post['userusername']) { // This post was made by a registered user $post['username'] = $post['userusername']; $post['profilelink_plain'] = get_profile_link($post['uid']); $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']); $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']); if (trim($post['usertitle']) != "") { $hascustomtitle = 1; } if ($usergroup['usertitle'] != "" && !$hascustomtitle) { $post['usertitle'] = $usergroup['usertitle']; } elseif (is_array($titlescache) && !$usergroup['usertitle']) { reset($titlescache); foreach ($titlescache as $key => $titleinfo) { if ($post['postnum'] >= $key) { if (!$hascustomtitle) { $post['usertitle'] = $titleinfo['title']; } $post['stars'] = $titleinfo['stars']; $post['starimage'] = $titleinfo['starimage']; break; } } } $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); if ($usergroup['stars']) { $post['stars'] = $usergroup['stars']; } if (empty($post['starimage'])) { $post['starimage'] = $usergroup['starimage']; } if ($post['starimage'] && $post['stars']) { // Only display stars if we have an image to use... $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']); $post['userstars'] = ''; for ($i = 0; $i < $post['stars']; ++$i) { eval("\$post['userstars'] .= \"" . $templates->get("postbit_userstar", 1, 0) . "\";"); } $post['userstars'] .= "<br />"; } $postnum = $post['postnum']; $post['postnum'] = my_number_format($post['postnum']); $post['threadnum'] = my_number_format($post['threadnum']); // Determine the status to show for the user (Online/Offline/Away) /* $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_online")."\";"); } else { if($post['away'] == 1 && $mybb->settings['allowaway'] != 0) { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_away")."\";"); } else { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_offline")."\";"); } } */ // Show as always offline eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";"); $post['useravatar'] = ''; if (isset($mybb->user['showavatars']) && $mybb->user['showavatars'] != 0 || $mybb->user['uid'] == 0) { $useravatar = format_avatar($post['avatar'], $post['avatardimensions'], $mybb->settings['postmaxavatarsize']); eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";"); } $post['button_find'] = ''; if ($mybb->usergroup['cansearch'] == 1) { eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";"); } if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) { //eval("\$post['button_pm'] = \"".$templates->get("postbit_pm")."\";"); } $post['button_rep'] = ''; if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid'] && $post['visible'] == 1) { if (!$post['pid']) { $post['pid'] = 0; } eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";"); } if ($post['website'] != "" && !is_member($mybb->settings['hidewebsite']) && $usergroup['canchangewebsite'] == 1) { $post['website'] = htmlspecialchars_uni($post['website']); eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";"); } else { $post['button_www'] = ""; } if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) { eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";"); } else { $post['button_email'] = ""; } $post['userregdate'] = $lang->na; //my_date($mybb->settings['regdateformat'], $post['regdate']); // Work out the reputation this user has (only show if not announcement) if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) { $post['userreputation'] = get_reputation($post['reputation'], $post['uid']); eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";"); } // Showing the warning level? (only show if not announcement) if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) { if ($mybb->settings['maxwarningpoints'] < 1) { $mybb->settings['maxwarningpoints'] = 10; } $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); if ($warning_level > 100) { $warning_level = 100; } $warning_level = get_colored_warning_level($warning_level); // If we can warn them, it's not the same person, and we're in a PM or a post. if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) { eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";"); $warning_link = "warnings.php?uid={$post['uid']}"; } else { $post['button_warn'] = ''; $warning_link = "usercp.php"; } eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";"); } if ($post_type != 3 && $post_type != 1 && purgespammer_show($post['postnum'], $post['usergroup'], $post['uid'])) { eval("\$post['button_purgespammer'] = \"" . $templates->get('postbit_purgespammer') . "\";"); } // Display profile fields on posts - only if field is filled in if (is_array($profile_fields)) { foreach ($profile_fields as $field) { $fieldfid = "fid{$field['fid']}"; if (!empty($post[$fieldfid])) { $post['fieldvalue'] = ''; $post['fieldname'] = htmlspecialchars_uni($field['name']); $thing = explode("\n", $field['type'], "2"); $type = trim($thing[0]); $useropts = explode("\n", $post[$fieldfid]); if (is_array($useropts) && ($type == "multiselect" || $type == "checkbox")) { foreach ($useropts as $val) { if ($val != '') { eval("\$post['fieldvalue_option'] .= \"" . $templates->get("postbit_profilefield_multiselect_value") . "\";"); } } if ($post['fieldvalue_option'] != '') { eval("\$post['fieldvalue'] .= \"" . $templates->get("postbit_profilefield_multiselect") . "\";"); } } else { $field_parser_options = array("allow_html" => $field['allowhtml'], "allow_mycode" => $field['allowmycode'], "allow_smilies" => $field['allowsmilies'], "allow_imgcode" => $field['allowimgcode'], "allow_videocode" => $field['allowvideocode'], "filter_badwords" => 1); if ($customfield['type'] == "textarea") { $field_parser_options['me_username'] = $post['username']; } else { $field_parser_options['nl2br'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $field_parser_options['allow_imgcode'] = 0; } $post['fieldvalue'] = $parser->parse_message($post[$fieldfid], $field_parser_options); } eval("\$post['profilefield'] .= \"" . $templates->get("postbit_profilefield") . "\";"); } } } eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";"); } else { // Message was posted by a guest or an unknown user $post['profilelink'] = format_name($post['username'], 1); if ($usergroup['usertitle']) { $post['usertitle'] = $usergroup['usertitle']; } else { $post['usertitle'] = $lang->guest; } $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); $usergroup['title'] = $lang->na; $post['userregdate'] = $lang->na; $post['postnum'] = $lang->na; $post['button_profile'] = ''; $post['button_email'] = ''; $post['button_www'] = ''; $post['signature'] = ''; $post['button_pm'] = $lang->na; $post['button_find'] = ''; $post['onlinestatus'] = ''; $post['replink'] = ''; eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";"); } $post['button_edit'] = ''; $post['button_quickdelete'] = ''; $post['button_quickrestore'] = ''; $post['button_quote'] = ''; $post['button_quickquote'] = ''; $post['button_report'] = ''; $post['button_reply_pm'] = ''; $post['button_replyall_pm'] = ''; $post['button_forward_pm'] = ''; $post['button_delete_pm'] = ''; // For private messages, fetch the reply/forward/delete icons if ($post_type == 2 && $post['pmid']) { global $replyall; eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";"); eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";"); eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";"); if ($replyall == true) { eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";"); } } $post['editedmsg'] = ''; if (!$post_type) { // Figure out if we need to show an "edited by" message if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) { //$post['editdate'] = my_date('relative', $post['edittime']); $post['editdate'] = $lang->na; $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate']); $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']); $editreason = ""; if ($post['editreason'] != "") { $post['editreason'] = $parser->parse_badwords($post['editreason']); $post['editreason'] = htmlspecialchars_uni($post['editreason']); eval("\$editreason = \"" . $templates->get("postbit_editedby_editreason") . "\";"); } eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";"); } $time = TIME_NOW; if (is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid'] && $thread['closed'] != 1 && $mybb->usergroup['edittimelimit'] == 0 && $mybb->user['uid'] != 0) { eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";"); } // Quick Delete button $can_delete_thread = $can_delete_post = 0; if ($mybb->user['uid'] == $post['uid'] && $thread['closed'] == 0) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete_thread = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete_post = 1; } } } $postbit_qdelete = $postbit_qrestore = ''; if ($mybb->user['uid'] != 0) { if ((is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts") || $can_delete_post == 1) && $postcounter != 1) { $postbit_qdelete = $lang->postbit_qdelete_post; $display = ''; if ($post['visible'] == -1) { $display = "none"; } eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } else { if ((is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads") || $can_delete_thread == 1) && $postcounter == 1) { $postbit_qdelete = $lang->postbit_qdelete_thread; $display = ''; if ($post['visible'] == -1) { $display = "none"; } eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } } // Restore Post if (is_moderator($fid, "canrestoreposts") && $postcounter != 1) { $display = "none"; if ($post['visible'] == -1) { $display = ''; } $postbit_qrestore = $lang->postbit_qrestore_post; eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";"); } else { if (is_moderator($fid, "canrestorethreads") && $postcounter == 1) { $display = "none"; if ($post['visible'] == -1) { $display = ""; } $postbit_qrestore = $lang->postbit_qrestore_thread; eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";"); } } } // Inline moderation stuff if ($ismod) { if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) { $inlinecheck = "checked=\"checked\""; $inlinecount++; } else { $inlinecheck = ""; } eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";"); if ($post['visible'] == 0) { $invisiblepost = 1; } } else { $post['inlinecheck'] = ""; } $post['postlink'] = get_post_link($post['pid'], $post['tid']); $post_number = my_number_format($postcounter); eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";"); global $forum, $thread; if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid'], "canpostclosedthreads")) && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1)) { eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";"); } if ($forumpermissions['canpostreplys'] != 0 && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1) && ($thread['closed'] != 1 || is_moderator($fid, "canpostclosedthreads")) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) { eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";"); } if ($mybb->user['uid'] != "0") { eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";"); } } elseif ($post_type == 3) { if ($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanageannounce'] == 1 && is_moderator($fid, "canmanageannouncements")) { eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";"); eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";"); } } $post['iplogged'] = ''; $show_ips = $mybb->settings['logip']; //$ipaddress = my_inet_ntop($db->unescape_binary($post['ipaddress'])); $ipaddress = '127.0.0.1'; // Show post IP addresses... PMs now can have IP addresses too as of 1.8! if ($post_type == 2) { $show_ips = $mybb->settings['showpmip']; } if (!$post_type || $post_type == 2) { if ($show_ips != "no" && !empty($post['ipaddress'])) { if ($show_ips == "show") { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";"); } else { if ($show_ips == "hide" && (is_moderator($fid, "canviewips") || $mybb->usergroup['issupermod'])) { $action = 'getip'; if ($post_type == 2) { $action = 'getpmip'; } eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";"); } } } } if (isset($post['smilieoff']) && $post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_imgcode'] = 0; } if ($mybb->user['showvideos'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_videocode'] = 0; } // If we have incoming search terms to highlight - get it done. if (!empty($mybb->input['highlight'])) { $parser_options['highlight'] = $mybb->input['highlight']; $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']); } $post['message'] = $parser->parse_message($post['message'], $parser_options); // Validate key $keyinfo = user_key_info($post['uid']); $post['signstatus']; if ($keyinfo['status'] == "OK") { $post['signstatus'] = "<span style=\"color: #07a407;\" title=\"Fingerprint: {$keyinfo['fingerprint']}\">✓ podpisano przez {$post['profilelink']}</span>"; } // Jid link $ujid = user_jid($post['uid']); $post['jidlink'] = $ujid; // User key $post['userpubkey'] = $keyinfo['key']; if ($keyinfo['key'] != "") { eval("\$post['button_pubkey'] = \"" . $templates->get("postbit_pubkey") . "\";"); } else { $post['button_pubkey']; } $post['attachments'] = ''; if ($mybb->settings['enableattachments'] != 0) { get_post_attachments($id, $post); } if (isset($post['includesig']) && $post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts']) && !is_member($mybb->settings['hidesignatures'])) { $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($usergroup['signofollow']) { $sig_parser['nofollow_on'] = 1; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $sig_parser['allow_imgcode'] = 0; } $post['signature'] = $parser->parse_message($post['signature'], $sig_parser); eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";"); } else { $post['signature'] = ""; } $icon_cache = $cache->read("posticons"); if (isset($post['icon']) && $post['icon'] > 0 && $icon_cache[$post['icon']]) { $icon = $icon_cache[$post['icon']]; $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); eval("\$post['icon'] = \"" . $templates->get("postbit_icon") . "\";"); } else { $post['icon'] = ""; } $post_visibility = $ignore_bit = ''; switch ($post_type) { case 1: // Message preview $post = $plugins->run_hooks("postbit_prev", $post); break; case 2: // Private message $post = $plugins->run_hooks("postbit_pm", $post); break; case 3: // Announcement $post = $plugins->run_hooks("postbit_announcement", $post); break; default: // Regular post $post = $plugins->run_hooks("postbit", $post); // Is this author on the ignore list of the current user? Hide this post if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) { $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']); eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";"); $post_visibility = "display: none;"; } break; } if ($mybb->settings['postlayout'] == "classic") { eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";"); } else { eval("\$postbit = \"" . $templates->get("postbit") . "\";"); } $GLOBALS['post'] = ""; return $postbit; }
function newpoints_shop_page() { global $mybb, $db, $lang, $cache, $theme, $header, $templates, $plugins, $headerinclude, $footer, $options, $inline_errors; if (!$mybb->user['uid']) { return; } newpoints_lang_load("newpoints_shop"); if ($mybb->input['action'] == "do_shop") { verify_post_check($mybb->input['postcode']); $plugins->run_hooks("newpoints_do_shop_start"); switch ($mybb->input['shop_action']) { case 'buy': $plugins->run_hooks("newpoints_shop_buy_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } if (floatval($item['price']) > floatval($mybb->user['newpoints'])) { $errors[] = $lang->newpoints_shop_not_enough; } if ($item['infinite'] != 1 && $item['stock'] <= 0) { $errors[] = $lang->newpoints_shop_out_of_stock; } if ($item['limit'] != 0) { // Get how many items of this type we have in our inventory $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { $myitems = array(); } // If more than or equal to $item['limit'] -> FAILED if (count(array_keys($myitems, $item['iid'])) >= $item['limit']) { $errors[] = $lang->newpoints_shop_limit_reached; } } if (!empty($errors)) { $inline_errors = inline_error($errors, $lang->newpoints_shop_inline_errors); $mybb->input = array(); $mybb->input['action'] = 'shop'; } else { $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { $myitems = array(); } $myitems[] = $item['iid']; $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); // update stock if ($item['infinite'] != 1) { $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] - 1), 'iid=\'' . $item['iid'] . '\''); } // get money from user newpoints_addpoints($mybb->user['uid'], -floatval($item['price'])); if (!empty($item['pm'])) { // send PM if item has private message newpoints_send_pm(array('subject' => $lang->newpoints_shop_bought_item_pm_subject, 'message' => $item['pm'], 'touid' => $mybb->user['uid'], 'receivepms' => 1), -1); } $plugins->run_hooks("newpoints_shop_buy_end", $item); // log purchase newpoints_log('shop_purchase', $lang->sprintf($lang->newpoints_shop_purchased_log, $item['iid'], $item['price'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop", $lang->newpoints_shop_item_bought, $lang->newpoints_shop_item_bought_title); } break; case 'send': $plugins->run_hooks("newpoints_shop_send_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $lang->newpoints_shop_action = $lang->newpoints_shop_send_item; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 2; $shop_action = 'do_send'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"50%\"><strong>" . $lang->newpoints_shop_send_item_username . ":</strong><br /><small>" . $lang->newpoints_shop_send_item_message . "</small></td><td class=\"trow1\" width=\"50%\"><input type=\"text\" class=\"textbox\" name=\"username\" value=\"\"></td>"; $plugins->run_hooks("newpoints_shop_send_end"); eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";"); output_page($page); break; case 'do_send': $plugins->run_hooks("newpoints_shop_do_send_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $username = trim($mybb->input['username']); if (!($user = newpoints_getuser_byname($username))) { error($lang->newpoints_shop_invalid_user); } else { if ($user['uid'] == $mybb->user['uid']) { error($lang->newpoints_shop_cant_send_item_self); } // send item to the selected user $useritems = @unserialize($user['newpoints_items']); if (!$useritems) { $useritems = array(); } $useritems[] = $item['iid']; $db->update_query('users', array('newpoints_items' => serialize($useritems)), 'uid=\'' . $user['uid'] . '\''); // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); $plugins->run_hooks("newpoints_shop_do_send_end"); // send pm to user newpoints_send_pm(array('subject' => $lang->newpoints_shop_item_received_title, 'message' => $lang->sprintf($lang->newpoints_shop_item_received, htmlspecialchars_uni($mybb->user['username']), htmlspecialchars_uni($item['name'])), 'touid' => $user['uid'], 'receivepms' => 1), -1); // log newpoints_log('shop_send', $lang->sprintf($lang->newpoints_shop_sent_log, $item['iid'], $user['uid'], $user['username'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sent, $lang->newpoints_shop_item_sent_title); } break; case 'sell': $plugins->run_hooks("newpoints_shop_sell_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $lang->newpoints_shop_action = $lang->newpoints_shop_sell_item; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 1; $shop_action = 'do_sell'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"100%\">" . $lang->sprintf($lang->newpoints_shop_sell_item_confirm, htmlspecialchars_uni($item['name']), newpoints_format_points(floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])) . "</td>"; $plugins->run_hooks("newpoints_shop_sell_end"); eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";"); output_page($page); break; case 'do_sell': $plugins->run_hooks("newpoints_shop_do_sell_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); // update stock if ($item['infinite'] != 1) { $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] + 1), 'iid=\'' . $item['iid'] . '\''); } newpoints_addpoints($mybb->user['uid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent']); $plugins->run_hooks("newpoints_shop_do_sell_end"); // log newpoints_log('shop_sell', $lang->sprintf($lang->newpoints_shop_sell_log, $item['iid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sell, $lang->newpoints_shop_item_sell_title); break; default: error_no_permission(); } $plugins->run_hooks("newpoints_do_shop_end"); } // shop page if ($mybb->input['action'] == "shop") { $plugins->run_hooks("newpoints_shop_start"); if ($mybb->input['shop_action'] == 'view') { // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $item['name'] = htmlspecialchars_uni($item['name']); $item['description'] = htmlspecialchars_uni($item['description']); // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } $item['price'] = newpoints_format_points($item['price']); if ($item['price'] > $mybb->user['newpoints']) { $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>'; } // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } if ($item['infinite'] == 1) { $item['stock'] = $lang->newpoints_shop_infinite; } else { $item['stock'] = intval($item['stock']); } if ($item['sendable'] == 1) { $item['sendable'] = $lang->newpoints_shop_yes; } else { $item['sendable'] = $lang->newpoints_shop_no; } if ($item['sellable'] == 1) { $item['sellable'] = $lang->newpoints_shop_yes; } else { $item['sellable'] = $lang->newpoints_shop_no; } eval("\$page = \"" . $templates->get('newpoints_shop_view_item') . "\";"); } elseif ($mybb->input['shop_action'] == 'myitems') { $uid = intval($mybb->input['uid']); $uidpart = ''; if ($uid > 0) { $user = get_user($uid); // we're viewing someone else's inventory if (!empty($user)) { // we can't view others inventories if we don't have enough previleges if ($mybb->settings['newpoints_shop_viewothers'] != 1 && $mybb->usergroup['cancp'] != 1 && $mybb->user['uid'] != $uid) { error_no_permission(); } $myitems = @unserialize($user['newpoints_items']); $lang->newpoints_shop_myitems = $lang->sprintf($lang->newpoints_shop_items_username, htmlspecialchars_uni($user['username'])); $uidpart = "&uid=" . $uid; // we need this for pagination } else { $myitems = @unserialize($mybb->user['newpoints_items']); } } else { $myitems = @unserialize($mybb->user['newpoints_items']); } $items = ''; $newrow = true; $invert_bgcolor = alt_trow(); if ($mybb->settings['newpoints_shop_sendable'] != 1) { $sendable = false; } else { $sendable = true; } if ($mybb->settings['newpoints_shop_sellable'] != 1) { $sellable = false; } else { $sellable = true; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $parser_options = array('allow_mycode' => 1, 'allow_smilies' => 1, 'allow_imgcode' => 0, 'allow_html' => 0, 'filter_badwords' => 1); if (!empty($myitems)) { // pagination $per_page = 10; $mybb->input['page'] = intval($mybb->input['page']); if ($mybb->input['page'] && $mybb->input['page'] > 1) { $mybb->input['page'] = intval($mybb->input['page']); $start = $mybb->input['page'] * $per_page - $per_page; } else { $mybb->input['page'] = 1; $start = 0; } // total items $total_rows = $db->fetch_field($db->simple_select("newpoints_shop_items", "COUNT(iid) as items", 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')'), "items"); // multi-page if ($total_rows > $per_page) { $multipage = multipage($total_rows, $per_page, $mybb->input['page'], $mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems" . $uidpart); } $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')', array('limit' => "{$start}, {$per_page}")); while ($item = $db->fetch_array($query)) { if ($newrow === true) { $trstart = '<tr>'; $trend = ''; $newrow = false; } elseif ($newrow === false) { $trstart = ''; $trend = '</tr>'; $newrow = true; } if ($sellable === true && $item['sellable']) { if ($sendable === true && $item['sendable']) { $tdstart = '<td width="50%">'; } else { $tdstart = '<td width="100%">'; } $sell = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="sell"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_sell . '"></form></td>'; } else { $sell = ''; } if ($sendable === true && $item['sendable']) { if ($sell == '') { $tdstart = '<td width="100%">'; } else { $tdstart = '<td width="50%">'; } $send = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="send"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_send . '"></form></td>'; } else { $send = ''; } if (!$send && !$sell) { $send = $lang->newpoints_shop_no_options; } $item['description'] = $parser->parse_message($item['description'], $parser_options); // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } $item['price'] = newpoints_format_points($item['price']); $item['quantity'] = count(array_keys($myitems, $item['iid'])); // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } $bgcolor = alt_trow(); $invert_bgcolor = alt_trow(); eval("\$items .= \"" . $trstart . $templates->get('newpoints_shop_myitems_item') . $trend . "\";"); } if (!$items) { eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";"); } else { if ($newrow === false) { eval("\$items .= \"" . $templates->get('newpoints_shop_myitems_item_empty') . "</tr>" . "\";"); $newrow = true; } } } else { eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";"); } eval("\$page = \"" . $templates->get('newpoints_shop_myitems') . "\";"); } else { // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 $itemsrate = floatval($grouprules['items_rate']); global $cats, $items; // get categories $query = $db->simple_select('newpoints_shop_categories', '*', '', array('order_by' => 'disporder', 'order_dir' => 'ASC')); while ($cat = $db->fetch_array($query)) { $categories[$cat['cid']] = $cat; } // get items and store them in their categories $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND cid>0', array('order_by' => 'disporder', 'order_dir' => 'ASC')); while ($item = $db->fetch_array($query)) { $items_array[$item['cid']][$item['iid']] = $item; } $cats = ''; $bgcolor = ''; $bgcolor = alt_trow(); // build items and categories if (!empty($categories)) { foreach ($categories as $cid => $category) { $items = ''; if ($category['items'] > 0 && !empty($items_array[$category['cid']])) { foreach ($items_array as $cid => $member) { if ($cid != $category['cid']) { continue; } $bgcolor = alt_trow(); foreach ($member as $iid => $item) { // skip hidden items if ($item['visible'] == 0) { continue; } if ($item['infinite'] == 1) { $item['stock'] = $lang->newpoints_shop_infinite; } if ($item['price'] > $mybb->user['newpoints']) { $enough_money = false; } else { $enough_money = true; } $item['name'] = htmlspecialchars_uni($item['name']); $item['description'] = htmlspecialchars_uni($item['description']); $item['price'] = newpoints_format_points($item['price'] * $itemsrate); // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } if (!$enough_money) { $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>'; } eval("\$items .= \"" . $templates->get('newpoints_shop_item') . "\";"); } } } else { eval("\$items = \"" . $templates->get('newpoints_shop_no_items') . "\";"); } // if it's not visible, don't show it if ($category['visible'] == 0) { continue; } // check if we have permissions to view the category if (!newpoints_shop_check_permissions($category['usergroups'])) { continue; } // Expanded by default feature global $extdisplay, $expcolimage, $expdisplay, $expaltext, $icon; $expdisplay = ''; if (intval($category['expanded']) == 0) { $expcolimage = "collapse_collapsed.gif"; $expdisplay = "display: none;"; $expaltext = "[+]"; } else { $expcolimage = "collapse.gif"; $expaltext = "[-]"; } // build icon if ($category['icon'] != '') { $category['icon'] = htmlspecialchars_uni($category['icon']); $category['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $category['icon'] . '" style="vertical-align:middle">'; } // sanitize html $category['description'] = htmlspecialchars_uni($category['description']); $category['name'] = htmlspecialchars_uni($category['name']); eval("\$cats .= \"" . $templates->get('newpoints_shop_category') . "\";"); } } else { eval("\$cats = \"" . $templates->get('newpoints_shop_no_cats') . "\";"); } eval("\$page = \"" . $templates->get('newpoints_shop') . "\";"); } $plugins->run_hooks("newpoints_shop_end"); // output page output_page($page); } }
$avatar = ''; } $anndate = my_date($mybb->settings['dateformat'], $announcement['dateline']); $anntime = my_date($mybb->settings['timeformat'], $announcement['dateline']); if ($announcement['replies']) { eval("\$numcomments = \"" . $templates->get("portal_announcement_numcomments") . "\";"); } else { eval("\$numcomments = \"" . $templates->get("portal_announcement_numcomments_no") . "\";"); $lastcomment = ''; } $plugins->run_hooks("portal_announcement"); $parser_options = array("allow_html" => $forum[$announcement['fid']]['allowhtml'], "allow_mycode" => $forum[$announcement['fid']]['allowmycode'], "allow_smilies" => $forum[$announcement['fid']]['allowsmilies'], "allow_imgcode" => $forum[$announcement['fid']]['allowimgcode'], "allow_videocode" => $forum[$announcement['fid']]['allowvideocode'], "filter_badwords" => 1); if ($announcement['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } $message = $parser->parse_message($announcement['message'], $parser_options); if (is_array($attachcache[$announcement['pid']])) { // This post has 1 or more attachments $validationcount = 0; $id = $announcement['pid']; foreach ($attachcache[$id] as $aid => $attachment) { if ($attachment['visible']) { // There is an attachment thats visible! $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); $attachment['filesize'] = get_friendly_size($attachment['filesize']); $ext = get_extension($attachment['filename']); if ($ext == "jpeg" || $ext == "gif" || $ext == "bmp" || $ext == "png" || $ext == "jpg") { $isimage = true; } else { $isimage = false; }
if ($page > $pages || $page <= 0) { $page = 1; } if ($page) { $start = ($page - 1) * $perpage; } else { $start = 0; $page = 1; } $upper = $start + $perpage; $query = "SELECT * FROM mybb_ajaxchat{$where} LIMIT {$start},{$perpage}"; $result = db_query($query); while ($row = mysqli_fetch_array($result)) { $date = date('n/j/y G:i', $row["date"]); $name = $row['username'] ? $row['username'] : '******' . $row['uid']; $msg = $parser->parse_message($row["message"], array('filter_badwords' => 1, 'allow_mycode' => 1, 'allow_smilies' => 0, 'me_username' => 1, 'nl2br' => 0)); echo '<table id="m' . $row['id'] . '"><tr><td class="left">' . $name . '<br/><a href="logs?page=' . (floor(($row['id'] - 12) / $perpage) + 1) . '#m' . $row['id'] . '" target="_blank">→ ' . $date . '</a></td><td>' . $msg . '</td></tr></table>'; } ?> </div> <form action="logs" style="width: 250px; float: left;"> <input type="text" name="search" value="<?php echo $search; ?> " /> <input type="submit" value="Search" /> </form> <?php $multipage = multipage($count, $perpage, $page, $url); if ($count > $perpage) { echo $multipage;
function save_raw_post_func($xmlrpc_params) { global $db, $lang, $theme, $plugins, $mybb, $session, $settings, $cache, $time, $mybbgroups; $lang->load("editpost"); $input = Tapatalk_Input::filterXmlInput(array('post_id' => Tapatalk_Input::INT, 'post_title' => Tapatalk_Input::STRING, 'post_content' => Tapatalk_Input::STRING, 'return_html' => Tapatalk_Input::INT, 'attachment_id_array' => Tapatalk_Input::RAW, 'group_id' => Tapatalk_Input::STRING, 'editreason' => Tapatalk_Input::STRING), $xmlrpc_params); $parser = new postParser(); // No permission for guests if (!$mybb->user['uid']) { return tt_no_permission(); } // Get post info $pid = $input['post_id']; $query = $db->simple_select("posts", "*", "pid='{$pid}'"); $post = $db->fetch_array($query); if (empty($input['post_title'])) { $input['post_title'] = $post['subject']; } if (!$post['pid']) { return xmlrespfalse($lang->error_invalidpost); } // Get thread info $tid = $post['tid']; $thread = get_thread($tid); if (!$thread['tid']) { return xmlrespfalse($lang->error_invalidthread); } $thread['subject'] = htmlspecialchars_uni($thread['subject']); // Get forum info $fid = $post['fid']; $forum = get_forum($fid); if (!$forum || $forum['type'] != "f") { return xmlrespfalse($lang->error_closedinvalidforum); } if ($forum['open'] == 0 || $mybb->user['suspendposting'] == 1) { return tt_no_permission(); } $forumpermissions = forum_permissions($fid); if (!is_moderator($fid, "caneditposts")) { if ($thread['closed'] == 1) { return xmlrespfalse($lang->redirect_threadclosed); } if ($forumpermissions['caneditposts'] == 0) { return tt_no_permission(); } if ($mybb->user['uid'] != $post['uid']) { return tt_no_permission(); } // Edit time limit $time = TIME_NOW; if ($mybb->settings['edittimelimit'] != 0 && $post['dateline'] < $time - $mybb->settings['edittimelimit'] * 60) { $lang->edit_time_limit = $lang->sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']); return xmlrespfalse($lang->edit_time_limit); } } // Check if this forum is password protected and we have a valid password tt_check_forum_password($forum['fid']); // Set up posthandler. require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("update"); $posthandler->action = "post"; // Set the post data that came from the input to the $post array. $post = array("pid" => $pid, "subject" => $input['post_title'], "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "edit_uid" => $mybb->user['uid'], "message" => $input['post_content']); if (version_compare($mybb->version, '1.8.0', '>=') && !empty($input['editreason'])) { $post["editreason"] = $input['editreason']; } // get subscription status $query = $db->simple_select("threadsubscriptions", 'notification', "uid='" . intval($mybb->user['uid']) . "' AND tid='" . intval($tid) . "'"); $substatus = $db->fetch_array($query); // Set up the post options from the input. $post['options'] = array("signature" => 1, "subscriptionmethod" => isset($substatus['notification']) ? $substatus['notification'] == 1 ? 'instant' : 'none' : '', "disablesmilies" => 0); $posthandler->set_data($post); // Now let the post handler do all the hard work. if (!$posthandler->validate_post()) { $post_errors = $posthandler->get_friendly_errors(); return xmlrespfalse(implode(" :: ", $post_errors)); } else { $postinfo = $posthandler->update_post(); $visible = $postinfo['visible']; $first_post = $postinfo['first_post']; // Help keep our attachments table clean. $db->delete_query("attachments", "filename='' OR filesize<1"); if ($visible == 0 && $first_post && !is_moderator($fid, "", $mybb->user['uid'])) { $state = 1; } else { if ($visible == 0 && !is_moderator($fid, "", $mybb->user['uid'])) { $state = 1; } else { $state = 0; } } } $pid = intval($pid); if (!empty($input['group_id_esc'])) { $db->update_query("attachments", array("pid" => $pid), "posthash='{$input['group_id_esc']}'"); } // update thread attachment account if (count($input['attachment_id_array']) > 0) { update_thread_counters($tid, array("attachmentcount" => "+" . count($input['attachment_id_array']))); } $post = get_post($pid); $parser_options = array(); $parser_options['allow_html'] = false; $parser_options['allow_mycode'] = true; $parser_options['allow_smilies'] = false; $parser_options['allow_imgcode'] = true; $parser_options['allow_videocode'] = true; $parser_options['nl2br'] = (bool) $input['return_html']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } $post['message'] = $parser->parse_message($post['message'], $parser_options); $post['subject'] = $parser->parse_badwords($post['subject']); $result = new xmlrpcval(array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'), 'state' => new xmlrpcval($state, 'int'), 'post_title' => new xmlrpcval($post['subject'], 'base64'), 'post_content' => new xmlrpcval(process_post($post['message'], $input['return_html']), 'base64')), 'struct'); return new xmlrpcresp($result); }
$page->output_footer(); exit; } if (!empty($tree['results']['result'])) { if (array_key_exists("tag", $tree['results']['result'])) { $only_theme = $tree['results']['result']; unset($tree['results']['result']); $tree['results']['result'][0] = $only_theme; } require_once MYBB_ROOT . '/inc/class_parser.php'; $post_parser = new postParser(); foreach ($tree['results']['result'] as $result) { $result['thumbnail']['value'] = htmlspecialchars_uni($result['thumbnail']['value']); $result['name']['value'] = htmlspecialchars_uni($result['name']['value']); $result['description']['value'] = htmlspecialchars_uni($result['description']['value']); $result['author']['value'] = $post_parser->parse_message($result['author']['value'], array('allow_html' => true)); $result['download_url']['value'] = htmlspecialchars_uni(html_entity_decode($result['download_url']['value'])); $table->construct_cell("<img src=\"http://community.mybb.com/{$result['thumbnail']['value']}\" alt=\"{$lang->theme_thumbnail}\" title=\"{$lang->theme_thumbnail}\"/>", array("class" => "align_center", "width" => 100)); $table->construct_cell("<strong>{$result['name']['value']}</strong><br /><small>{$result['description']['value']}</small><br /><i><small>{$lang->created_by} {$result['author']['value']}</small></i>"); $table->construct_cell("<strong><a href=\"http://community.mybb.com/{$result['download_url']['value']}\" target=\"_blank\">{$lang->download}</a></strong>", array("class" => "align_center")); $table->construct_row(); } } if ($table->num_rows() == 0) { $table->construct_cell($lang->error_no_results_found, array("colspan" => 3)); $table->construct_row(); } $search = new Form("index.php?module=style-themes&action=browse", 'post', 'search_form'); echo "<div style=\"padding-bottom: 3px; margin-top: -9px; text-align: right;\">"; if ($mybb->input['keywords']) { $default_class = '';
if ($stop_forum_spam_checker->is_user_a_spammer('', $mybb->input['email'], get_ip())) { $errors[] = $lang->sprintf($lang->error_stop_forum_spam_spammer, $stop_forum_spam_checker->getErrorText(array('stopforumspam_check_emails', 'stopforumspam_check_ips'))); } } catch (Exception $e) { if ($mybb->settings['stopforumspam_block_on_error']) { $errors[] = $lang->error_stop_forum_spam_fetching; } } } if (empty($errors)) { if ($mybb->settings['contact_badwords'] == 1) { // Load the post parser require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $parser_options = array('filter_badwords' => 1); $mybb->input['subject'] = $parser->parse_message($mybb->input['subject'], $parser_options); $mybb->input['message'] = $parser->parse_message($mybb->input['message'], $parser_options); } $user = $lang->na; if ($mybb->user['uid']) { $user = $mybb->user['username'] . ' - ' . $mybb->settings['bburl'] . '/' . get_profile_link($mybb->user['uid']); } $subject = $lang->sprintf($lang->email_contact_subject, $mybb->input['subject']); $message = $lang->sprintf($lang->email_contact, $mybb->input['email'], $user, $session->ipaddress, $mybb->input['message']); // Email the administrator my_mail($contactemail, $subject, $message, $mybb->input['email']); $plugins->run_hooks('contact_do_end'); if ($mybb->settings['mail_logging'] > 0) { // Log the message $log_entry = array("subject" => $db->escape_string($subject), "message" => $db->escape_string($message), "dateline" => TIME_NOW, "fromuid" => $mybb->user['uid'], "fromemail" => $db->escape_string($mybb->input['email']), "touid" => 0, "toemail" => $db->escape_string($contactemail), "tid" => 0, "ipaddress" => $db->escape_binary($session->packedip), "type" => 3); $db->insert_query("maillogs", $log_entry);
$upper = $helpcount; } $multipage = multipage($helpcount['total'], $perpage, $page, "misc.php?action=helpresults&sid='" . htmlspecialchars_uni($mybb->get_input('sid')) . "'"); $helpdoclist = ''; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $query = $db->query("\n\t\tSELECT h.*, s.enabled\n\t\tFROM " . TABLE_PREFIX . "helpdocs h\n\t\tLEFT JOIN " . TABLE_PREFIX . "helpsections s ON (s.sid=h.sid)\n\t\tWHERE h.hid IN(" . $db->escape_string($search['querycache']) . ") AND h.enabled='1' AND s.enabled='1'\n\t\tLIMIT {$start}, {$perpage}\n\t"); while ($helpdoc = $db->fetch_array($query)) { $bgcolor = alt_trow(); if (my_strlen($helpdoc['name']) > 50) { $helpdoc['name'] = htmlspecialchars_uni(my_substr($helpdoc['name'], 0, 50) . "..."); } else { $helpdoc['name'] = htmlspecialchars_uni($helpdoc['name']); } $parser_options = array('allow_html' => 1, 'allow_mycode' => 0, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1); $helpdoc['helpdoc'] = strip_tags($parser->parse_message($helpdoc['document'], $parser_options)); if (my_strlen($helpdoc['helpdoc']) > 350) { $prev = my_substr($helpdoc['helpdoc'], 0, 350) . "..."; } else { $prev = $helpdoc['helpdoc']; } $plugins->run_hooks("misc_helpresults_bit"); eval("\$helpdoclist .= \"" . $templates->get("misc_helpresults_bit") . "\";"); } if ($db->num_rows($query) == 0) { eval("\$helpdoclist = \"" . $templates->get("misc_helpresults_noresults") . "\";"); } $plugins->run_hooks("misc_helpresults_end"); eval("\$helpresults = \"" . $templates->get("misc_helpresults") . "\";"); output_page($helpresults); } elseif ($mybb->input['action'] == "help") {
$visible = "AND p.visible='1'"; } $query = $db->query("\r\n SELECT u.*, u.username AS userusername, p.*\r\n FROM " . TABLE_PREFIX . "posts p\r\n LEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n WHERE p.tid='{$tid}' {$visible}\r\n ORDER BY p.dateline\r\n\tLIMIT {$start}, {$perpage}\r\n"); while ($postrow = $db->fetch_array($query)) { if ($postrow['userusername']) { $postrow['username'] = $postrow['userusername']; } $postrow['subject'] = htmlspecialchars_uni($parser->parse_badwords($postrow['subject'])); $postrow['date'] = my_date($mybb->settings['dateformat'], $postrow['dateline']); $postrow['time'] = my_date($mybb->settings['timeformat'], $postrow['dateline']); $postrow['profilelink'] = build_profile_link($postrow['username'], $postrow['uid']); $parser_options = array("allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_smilies" => $forum['allowsmilies'], "allow_imgcode" => $forum['allowimgcode'], "allow_videocode" => $forum['allowvideocode'], "me_username" => $postrow['username'], "shorten_urls" => 0, "filter_badwords" => 1); if ($postrow['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } $postrow['message'] = $parser->parse_message($postrow['message'], $parser_options); $plugins->run_hooks("printthread_post"); eval("\$postrows .= \"" . $templates->get("printthread_post") . "\";"); } $plugins->run_hooks("printthread_end"); eval("\$printable = \"" . $templates->get("printthread") . "\";"); output_page($printable); function makeprintablenav($pid = "0", $depth = "--") { global $db, $pforumcache, $fid, $forum, $lang; if (!is_array($pforumcache)) { $parlist = build_parent_list($fid, "fid", "OR", $forum['parentlist']); $query = $db->simple_select("forums", "name, fid, pid", "{$parlist}", array('order_by' => 'pid, disporder')); while ($forumnav = $db->fetch_array($query)) { $pforumcache[$forumnav['pid']][$forumnav['fid']] = $forumnav; }
static function parse($message, $me_username) { global $mybb; require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new postParser(); $options = ['allow_mycode' => $mybb->settings['dvz_sb_mycode'], 'allow_smilies' => $mybb->settings['dvz_sb_smilies'], 'allow_imgcode' => 0, 'filter_badwords' => 1, 'me_username' => $me_username]; return $parser->parse_message($message, $options); }
if ($forumcache[$post['fid']]) { $post['forumlink'] = "<a href=\"" . get_forum_link($post['fid']) . "\">" . $forumcache[$post['fid']]['name'] . "</a>"; } else { $post['forumlink'] = ""; } if (!$post['subject']) { $post['subject'] = $post['message']; } if (my_strlen($post['subject']) > 50) { $post['subject'] = htmlspecialchars_uni(my_substr($post['subject'], 0, 50) . "..."); } else { $post['subject'] = htmlspecialchars_uni($post['subject']); } // What we do here is parse the post using our post parser, then strip the tags from it $parser_options = array('allow_html' => 0, 'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1); $post['message'] = strip_tags($parser->parse_message($post['message'], $parser_options)); if (my_strlen($post['message']) > 200) { $prev = my_substr($post['message'], 0, 200) . "..."; } else { $prev = $post['message']; } $posted = my_date($mybb->settings['dateformat'], $post['dateline']) . ", " . my_date($mybb->settings['timeformat'], $post['dateline']); $thread_url = get_thread_link($post['tid']); $post_url = get_post_link($post['pid'], $post['tid']); // Inline post moderation $inline_mod_checkbox = ''; if ($is_supermod || is_moderator($post['fid'])) { eval("\$inline_mod_checkbox = \"" . $templates->get("search_results_posts_inlinecheck") . "\";"); } elseif ($is_mod) { eval("\$inline_mod_checkbox = \"" . $templates->get("search_results_posts_nocheck") . "\";"); }
// Fetch subscription select box eval("\$subscriptionmethod = \"" . $templates->get("post_subscription_method") . "\";"); $lang->post_reply_to = $lang->sprintf($lang->post_reply_to, $thread['subject']); $lang->reply_to = $lang->sprintf($lang->reply_to, $thread['subject']); // Do we have any forum rules to show for this forum? $forumrules = ''; if ($forum['rulestype'] >= 2 && $forum['rules']) { if (!$forum['rulestitle']) { $forum['rulestitle'] = $lang->sprintf($lang->forum_rules, $forum['name']); } if (!$parser) { require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new postParser(); } $rules_parser = array("allow_html" => 1, "allow_mycode" => 1, "allow_smilies" => 1, "allow_imgcode" => 1); $forum['rules'] = $parser->parse_message($forum['rules'], $rules_parser); $foruminfo = $forum; if ($forum['rulestype'] == 3) { eval("\$forumrules = \"" . $templates->get("forumdisplay_rules") . "\";"); } else { if ($forum['rulestype'] == 2) { eval("\$forumrules = \"" . $templates->get("forumdisplay_rules_link") . "\";"); } } } $moderation_notice = ''; if (!is_moderator($forum['fid'], "canapproveunapproveattachs")) { if ($forumpermissions['modattachments'] == 1 && $forumpermissions['canpostattachments'] != 0) { $moderation_text = $lang->moderation_forum_attachments; eval('$moderation_notice = "' . $templates->get('global_moderation_notice') . '";'); }
$calendar = $db->fetch_array($query); // Invalid calendar? if (!$calendar['cid']) { error($lang->invalid_calendar); } // Do we have permission to view this calendar? $calendar_permissions = get_calendar_permissions($calendar['cid']); if ($calendar_permissions['canviewcalendar'] != 1 || $calendar_permissions['canmoderateevents'] != 1 && $event['visible'] == 0) { error_no_permission(); } $event['name'] = htmlspecialchars_uni($event['name']); add_breadcrumb(htmlspecialchars_uni($calendar['name']), get_calendar_link($calendar['cid'])); add_breadcrumb($event['name'], get_event_link($event['eid'])); $plugins->run_hooks("calendar_event_start"); $event_parser_options = array("allow_html" => $calendar['allowhtml'], "allow_mycode" => $calendar['allowmycode'], "allow_smilies" => $calendar['allowsmilies'], "allow_imgcode" => $calendar['allowimgcode'], "allow_videocode" => $calendar['allowvideocode']); $event['description'] = $parser->parse_message($event['description'], $event_parser_options); // Get the usergroup if ($event['username']) { if (!$event['displaygroup']) { $event['displaygroup'] = $event['usergroup']; } $user_usergroup = $groupscache[$event['displaygroup']]; } else { $user_usergroup = $groupscache[1]; } if (!is_array($titles_cache)) { // Get user titles (i guess we should improve this, maybe in version3. $query = $db->simple_select("usertitles", "*", "", array('order_by' => 'posts', 'order_dir' => 'DESC')); while ($usertitle = $db->fetch_array($query)) { $titles_cache[$usertitle['posts']] = $usertitle; }
function firstpreview_pm() { global $mybb, $db, $charset, $headerinclude, $header; $header = '<div class="arrow-down"></div>' . $header; // Add jQuery and noConflict for MyBB 1.6.* $jquery = ''; $noconflict = ''; if ($mybb->version < "1.7.0") { $jquery = '<script type="text/javascript"> //<![CDATA[ if (!window.jQuery) { document.write(unescape("%3Cscript src=\\"http://code.jquery.com/jquery-latest.min.js\\" type=\\"text/javascript\\"%3E%3C/script%3E")); } //]]> </script>'; $noconflict = 'jQuery.noConflict();'; } // Background color $bg_color = '#aaaaaa'; if (isset($mybb->settings['firstpreview_bg']) && preg_match('/^#([0-9a-f]{1,6})$/i', $mybb->settings['firstpreview_bg'])) { $bg_color = htmlspecialchars_uni($mybb->settings['firstpreview_bg']); } // Close button $close_preview = '#close_preview{display:none;cursor:pointer;background:#000;color:#fff;float:right;font-size:1em;font-weight:bold;text-align:center;width:20px;height:20px;border-radius:5px}'; if (isset($mybb->settings['firstpreview_close']) && $mybb->settings['firstpreview_close'] == 1) { $close_preview = '#close_preview{cursor:pointer;background:#000;color:#fff;float:right;font-size:1em;font-weight:bold;text-align:center;width:20px;height:20px;border-radius:5px}'; } // Insert the code $headerinclude .= ' <!-- start: first_preview_plugin --> <style type="text/css"> .modal_firstpost{text-align:left;border-radius:7px;-moz-border-radius:7px;-webkit-border-radius:7px;border:1px solid ' . $bgcolor . ';display:none;position:absolute;z-index:29000;width:390px;height:180px;overflow:hidden} .fpreview{z-index:29001;width:390px;height:180px;overflow:auto;background:' . $bg_color . '} .arrow-down{display:none;position:absolute;z-index:28999;width:0;height:0;border-left:20px solid transparent;border-right:20px solid transparent;border-top:20px solid ' . $bg_color . '} .prev_content{padding:10px;height:auto;word-wrap:break-word;-webkit-hyphens:auto;-moz-hyphens:auto;-ms-hyphens:auto;-o-hyphens:auto;hyphens:auto;background:none} ' . $close_preview . ' </style> ' . $jquery . ' <script type="text/javascript"> //<![CDATA[ ' . $noconflict . ' <!-- if(use_xmlhttprequest == 1) { jQuery(document).ready(function(e){e(".pmprev").on("touchenter mouseenter",function(){id=e(this).attr("id");pmid=id.replace(/[^\\d.]/g,"");var t=e(this).offset().left;var n=e(this).offset().top-200;showPost=setTimeout(function(){e.ajax({url:"private.php?pmid="+pmid+"&firstpm=1",type:"post",complete:function(t){e(".modal_firstpost").html(t.responseText)}});e(".modal_firstpost").fadeIn("slow");e(".modal_firstpost").css("top",n);e(".modal_firstpost").css("left",t);e(".arrow-down").fadeIn("slow");e(".arrow-down").css("top",n+180);e(".arrow-down").css("left",t+20);},1500)});e(".pmprev").on("mouseleave touchleave touchend",function(){clearTimeout(showPost);});e(".modal_firstpost").on("mouseleave touchmove",function(){e(".modal_firstpost").fadeOut("slow");e(".arrow-down").fadeOut("fast")});e(".modal_firstpost").on("click", "#close_preview", function(){e(".modal_firstpost").fadeOut("slow");e(".arrow-down").fadeOut("fast")})}); } //]]> </script> <!-- end: first_preview_plugin --> '; // Get the pm preview if (isset($mybb->input['firstpm']) && $mybb->input['firstpm'] == 1 && $mybb->request_method == "post") { $pmid = (int) $mybb->input['pmid']; $query = $db->simple_select('privatemessages', '*', "pmid = '" . $pmid . "'"); $pm = $db->fetch_array($query); // Load the users own messages only if ($pm['uid'] != $mybb->user['uid']) { return; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject'])); $user = get_user($pm['fromid']); $idtype = 'pmid'; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $user['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; $pm['message'] = $parser->parse_message($pm['message'], $parser_options); $pmdate = my_date($mybb->settings['dateformat'], $pm['dateline']); $pmtime = my_date($mybb->settings['timeformat'], $pm['dateline']); $pmsent = ' (' . $pmdate . ', ' . $pmtime . ')'; if (isset($mybb->settings['firstpreview_html']) && $mybb->settings['firstpreview_html'] != 1) { $pm['message'] = strip_tags($pm['message'], "<br><p><ul><ol><li>"); } if (!empty($mybb->settings['firstpreview_length']) && $mybb->settings['firstpreview_length'] != "0" && my_strlen($pm['message']) > (int) $mybb->settings['firstpreview_length']) { $pm['message'] = preg_replace("!<a([^>]+)>!isU", "", $pm['message']); $pm['message'] = str_replace("</a>", "", $pm['message']); $pm['message'] = my_substr($pm['message'], 0, (int) $mybb->settings['firstpreview_length']) . '...<p><a href="private.php?action=read&pmid=' . (int) $pm['pmid'] . '">more</a></p>'; } $preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span>\n\t\t<div class=\"thead\" style=\"text-align:center; font-weight:bold; min-height:20px;\">" . $pm['subject'] . "</div>\n\t\t<div class=\"tcat\" style=\"padding-left:10px;\">" . build_profile_link(format_name(htmlspecialchars_uni($user['username']), (int) $user['usergroup'], (int) $user['displaygroup']), (int) $pm['fromid']) . "<span class=\"smalltext\">" . $pmsent . "</span></div>\n\t\t<div class=\"prev_content\">" . $pm['message'] . "</div>\n\t\t</div>"; header("Content-type: text/plain; charset={$charset}"); echo $preview; exit; } }
case "deleteposts": add_breadcrumb($lang->nav_deleteposts); if (!is_moderator($fid, "candeleteposts")) { error_no_permission(); } $posts = ""; $query = $db->query("\n\t\t\tSELECT p.*, u.*\n\t\t\tFROM " . TABLE_PREFIX . "posts p\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (p.uid=u.uid)\n\t\t\tWHERE tid='{$tid}'\n\t\t\tORDER BY dateline ASC\n\t\t"); $altbg = "trow1"; while ($post = $db->fetch_array($query)) { $postdate = my_date($mybb->settings['dateformat'], $post['dateline']); $posttime = my_date($mybb->settings['timeformat'], $post['dateline']); $parser_options = array("allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_smilies" => $forum['allowsmilies'], "allow_imgcode" => $forum['allowimgcode'], "allow_videocode" => $forum['allowvideocode'], "filter_badwords" => 1); if ($post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } $message = $parser->parse_message($post['message'], $parser_options); eval("\$posts .= \"" . $templates->get("moderation_deleteposts_post") . "\";"); $altbg = alt_trow(); } $plugins->run_hooks("moderation_deleteposts"); eval("\$deleteposts = \"" . $templates->get("moderation_deleteposts") . "\";"); output_page($deleteposts); break; // Lets delete those selected posts! // Lets delete those selected posts! case "do_deleteposts": // Verify incoming POST request verify_post_check($mybb->input['my_post_key']); if (!is_moderator($fid, "candeleteposts")) { error_no_permission(); }
static function parse($message, $me_username) { global $mybb; require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new postParser(); $options = array('allow_mycode' => 0, 'allow_smilies' => $mybb->settings['dvz_sb_smilies'], 'allow_imgcode' => 0, 'filter_badwords' => 1); $message = $parser->parse_message($message, $options); $message = $parser->mycode_auto_url($message); $message = $post = preg_replace('/\\[url](.+?)\\[\\/url\\]/', '<a href="\\1" target="_blank">\\1</a>', $message); return $message; }
/** * Verifies the image count. * * @return boolean True when valid, false when not valid. */ function verify_image_count() { global $mybb, $db; $post =& $this->data; // Get the permissions of the user who is making this post or thread $permissions = user_permissions($post['uid']); // Fetch the forum this post is being made in if (!$post['fid']) { $query = $db->simple_select('posts', 'fid', "pid = '{$post['pid']}'"); $post['fid'] = $db->fetch_field($query, 'fid'); } $forum = get_forum($post['fid']); // Check if this post contains more images than the forum allows if ((!isset($post['savedraft']) || $post['savedraft'] != 1) && $mybb->settings['maxpostimages'] != 0 && $permissions['cancp'] != 1) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Parse the message. $parser_options = array("allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_imgcode" => $forum['allowimgcode'], "allow_videocode" => $forum['allowvideocode'], "filter_badwords" => 1); if ($post['options']['disablesmilies'] != 1) { $parser_options['allow_smilies'] = $forum['allowsmilies']; } else { $parser_options['allow_smilies'] = 0; } $image_check = $parser->parse_message($post['message'], $parser_options); // And count the number of image tags in the message. $image_count = substr_count($image_check, "<img"); if ($image_count > $mybb->settings['maxpostimages']) { // Throw back a message if over the count with the number of images as well as the maximum number of images per post. $this->set_error("too_many_images", array(1 => $image_count, 2 => $mybb->settings['maxpostimages'])); return false; } } }
$alreadyvoted = 1; } } $optionsarray = explode("||~|~||", $poll['options']); $votesarray = explode("||~|~||", $poll['votes']); $poll['question'] = htmlspecialchars_uni($poll['question']); $polloptions = ''; $totalvotes = 0; for ($i = 1; $i <= $poll['numoptions']; ++$i) { $poll['totvotes'] = $poll['totvotes'] + $votesarray[$i - 1]; } // Loop through the poll options. for ($i = 1; $i <= $poll['numoptions']; ++$i) { // Set up the parser options. $parser_options = array("allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_smilies" => $forum['allowsmilies'], "allow_imgcode" => $forum['allowimgcode'], "allow_videocode" => $forum['allowvideocode'], "filter_badwords" => 1); $option = $parser->parse_message($optionsarray[$i - 1], $parser_options); $votes = $votesarray[$i - 1]; $totalvotes += $votes; $number = $i; // Mark the option the user voted for. if ($votedfor[$number]) { $optionbg = "trow2"; $votestar = "*"; } else { $optionbg = "trow1"; $votestar = ""; } // If the user already voted or if the results need to be shown, do so; else show voting screen. if ($alreadyvoted || $showresults) { if (intval($votes) == "0") { $percent = "0";
function process_short_content($post_text, $parser = null, $length = 200) { global $parser, $mybb; require_once MYBB_ROOT . $mybb->settings['tapatalk_directory'] . '/emoji/emoji.class.php'; $post_text = tapatalkEmoji::covertNameToEmpty($post_text); if ($parser === null) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $array_reg = array(array('reg' => '/\\[color=(.*?)\\](.*?)\\[\\/color\\]/sei', 'replace' => "mobi_color_convert('\$1','\$2' ,false)"), array('reg' => '/\\[php\\](.*?)\\[\\/php\\]/si', 'replace' => '[php]'), array('reg' => '/\\[align=(.*?)\\](.*?)\\[\\/align\\]/si', replace => " \$2 "), array('reg' => '/\\[email\\](.*?)\\[\\/email\\]/si', replace => "[url]"), array('reg' => '/\\[quote(.*?)\\](.*?)\\[\\/quote\\]/si', 'replace' => '[quote]'), array('reg' => '/\\[code\\](.*?)\\[\\/code\\]/si', 'replace' => ''), array('reg' => '/\\[url=(.*?)\\](.*?)\\[\\/url\\]/sei', 'replace' => "mobi_url_convert('\$1','\$2')"), array('reg' => '/\\[img(.*?)\\](.*?)\\[\\/img\\]/si', 'replace' => '[img]'), array('reg' => '/\\[video=(.*?)\\](.*?)\\[\\/video\\]/si', 'replace' => '[V]'), array('reg' => '/\\[attachment=(.*?)\\]/si', 'replace' => '[attach]')); foreach ($array_reg as $arr) { $post_text = preg_replace($arr['reg'], $arr['replace'], $post_text); } //$post_text = tt_covert_list($post_text, '/\[list=1\](.*?)\[\/list\]/si', '2'); //$post_text = tt_covert_list($post_text, '/\[list\](.*?)\[\/list\]/si', '1'); $parser_options = array('allow_html' => 0, 'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1); $post_text = strip_tags($parser->parse_message($post_text, $parser_options)); $post_text = preg_replace('/\\s+/', ' ', $post_text); $post_text = html_entity_decode($post_text); if (my_strlen($post_text) > $length) { $post_text = my_substr(trim($post_text), 0, $length); } return $post_text; }
} $message['subject'] = $parser->parse_badwords($message['subject']); if (my_strlen($message['subject']) > 50) { $message['subject'] = htmlspecialchars_uni(my_substr($message['subject'], 0, 50) . "..."); } else { $message['subject'] = htmlspecialchars_uni($message['subject']); } if ($message['folder'] != "3") { $senddate = my_date('relative', $message['dateline']); } else { $senddate = $lang->not_sent; } $foldername = $foldernames[$message['folder']]; // What we do here is parse the post using our post parser, then strip the tags from it $parser_options = array('allow_html' => 0, 'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1); $message['message'] = strip_tags($parser->parse_message($message['message'], $parser_options)); if (my_strlen($message['message']) > 200) { $message['message'] = my_substr($message['message'], 0, 200) . "..."; } eval("\$messagelist .= \"" . $templates->get("private_search_messagebit") . "\";"); } if ($db->num_rows($query) == 0) { eval("\$messagelist = \"" . $templates->get("private_search_results_nomessages") . "\";"); } $plugins->run_hooks("private_results_end"); eval("\$results = \"" . $templates->get("private_search_results") . "\";"); output_page($results); } if ($mybb->input['action'] == "advanced_search") { $plugins->run_hooks("private_advanced_search"); eval("\$advanced_search = \"" . $templates->get("private_advanced_search") . "\";");
error_no_permission(); } if (!$mybb->user['pmfolders']) { $mybb->user['pmfolders'] = "1**" . $lang->folder_inbox . "\$%%\$2**" . $lang->folder_sent_items . "\$%%\$3**" . $lang->folder_drafts . "\$%%\$4**" . $lang->folder_trash; $db->update_query("users", array('pmfolders' => $mybb->user['pmfolders']), "uid='" . $mybb->user['uid'] . "'"); } $errors = ''; $mybb->input['action'] = $mybb->get_input('action'); usercp_menu(); $plugins->run_hooks("usercp_start"); if ($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") { $parser_options = array('allow_html' => $mybb->settings['sightml'], 'filter_badwords' => 1, 'allow_mycode' => $mybb->settings['sigmycode'], 'allow_smilies' => $mybb->settings['sigsmilies'], 'allow_imgcode' => $mybb->settings['sigimgcode'], "filter_badwords" => 1); if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0) { $parser_options['allow_imgcode'] = 0; } $parsed_sig = $parser->parse_message($mybb->get_input('signature'), $parser_options); if ($mybb->settings['sigimgcode'] == 0 && $mybb->settings['sigsmilies'] != 1 && substr_count($parsed_sig, "<img") > 0 || ($mybb->settings['sigimgcode'] == 1 || $mybb->settings['sigsmilies'] == 1) && substr_count($parsed_sig, "<img") > $mybb->settings['maxsigimages']) { if ($mybb->settings['sigimgcode'] == 1) { $imgsallowed = $mybb->settings['maxsigimages']; } else { $imgsallowed = 0; } $lang->too_many_sig_images2 = $lang->sprintf($lang->too_many_sig_images2, $imgsallowed); $error = inline_error($lang->too_many_sig_images . " " . $lang->too_many_sig_images2); $mybb->input['preview'] = 1; } else { if ($mybb->settings['siglength'] > 0) { if ($mybb->settings['sigcountmycode'] == 0) { $parsed_sig = $parser->text_parse_message($mybb->get_input('signature')); } else { $parsed_sig = $mybb->get_input('signature');
function akismet_admin() { global $mybb, $db, $page, $lang; if ($page->active_action != "akismet") { return; } $page->add_breadcrumb_item($lang->akismet); if ($mybb->input['delete_all'] && $mybb->request_method == "post") { // User clicked no if ($mybb->input['no']) { admin_redirect("index.php?module=forum-akismet"); } if ($mybb->request_method == "post") { // Delete the template $db->delete_query("posts", "visible = '-4'"); // Log admin action log_admin_action(); flash_message($lang->success_deleted_spam, 'success'); admin_redirect("index.php?module=forum-akismet"); } else { $page->output_confirm_action("index.php?module=forum-akismet&delete_all=1", $lang->confirm_spam_deletion); } } if ($mybb->input['unmark'] && $mybb->request_method == "post") { $unmark = $mybb->input['akismet']; if (empty($unmark)) { flash_message($lang->error_unmark, 'error'); admin_redirect("index.php?module=forum-akismet"); } $posts_in = ''; $comma = ''; foreach ($unmark as $key => $val) { $posts_in .= $comma . intval($key); $comma = ','; } $query = $db->simple_select("posts", "pid, tid", "pid IN ({$posts_in}) AND replyto = '0'"); while ($post = $db->fetch_array($query)) { $threadp[] = $post['tid']; } if (!is_array($threadp)) { $threadp = array(); } $thread_list = implode(',', $threadp); $query = $db->query("\r\n\t\t\tSELECT p.tid, f.usepostcounts, p.uid, p.fid, p.dateline, p.replyto, t.lastpost, t.lastposter, t.lastposteruid, t.subject\r\n\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid=p.fid)\r\n\t\t\tWHERE p.pid IN ({$posts_in}) AND p.visible = '-4'\r\n\t\t"); while ($post = $db->fetch_array($query)) { // Fetch the last post for this forum $query2 = $db->query("\r\n\t\t\t\tSELECT tid, lastpost, lastposter, lastposteruid, subject\r\n\t\t\t\tFROM " . TABLE_PREFIX . "threads\r\n\t\t\t\tWHERE fid='{$post['fid']}' AND visible='1' AND closed NOT LIKE 'moved|%'\r\n\t\t\t\tORDER BY lastpost DESC\r\n\t\t\t\tLIMIT 0, 1\r\n\t\t\t"); $lastpost = $db->fetch_array($query2); if ($post['lastpost'] > $lastpost['lastpost']) { $lastpost['lastpost'] = $post['lastpost']; $lastpost['lastposter'] = $post['lastposter']; $lastpost['lastposteruid'] = $post['lastposteruid']; $lastpost['subject'] = $post['subject']; $lastpost['tid'] = $post['tid']; } $update_count = array("lastpost" => intval($lastpost['lastpost']), "lastposter" => $db->escape_string($lastpost['lastposter']), "lastposteruid" => intval($lastpost['lastposteruid']), "lastposttid" => intval($lastpost['tid']), "lastpostsubject" => $db->escape_string($lastpost['subject'])); $db->update_query("forums", $update_count, "fid='{$post['fid']}'"); $query2 = $db->query("\r\n\t\t\t\tSELECT u.uid, u.username, p.username AS postusername, p.dateline\r\n\t\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n\t\t\t\tWHERE p.tid='{$post['tid']}' AND p.visible='1' OR p.pid = '{$post['pid']}'\r\n\t\t\t\tORDER BY p.dateline DESC\r\n\t\t\t\tLIMIT 1"); $lastpost = $db->fetch_array($query2); $query2 = $db->query("\r\n\t\t\t\tSELECT u.uid, u.username, p.username AS postusername, p.dateline\r\n\t\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n\t\t\t\tWHERE p.tid='{$post['tid']}'\r\n\t\t\t\tORDER BY p.dateline ASC\r\n\t\t\t\tLIMIT 0,1\r\n\t\t\t"); $firstpost = $db->fetch_array($query2); if (!$firstpost['username']) { $firstpost['username'] = $firstpost['postusername']; } if (!$lastpost['username']) { $lastpost['username'] = $lastpost['postusername']; } if (!$lastpost['dateline']) { $lastpost['username'] = $firstpost['username']; $lastpost['uid'] = $firstpost['uid']; $lastpost['dateline'] = $firstpost['dateline']; } $lastpost['username'] = $db->escape_string($lastpost['username']); $firstpost['username'] = $db->escape_string($firstpost['username']); $query2 = $db->simple_select("users", "akismetstopped", "uid='{$post['uid']}'"); $akismetstopped = $db->fetch_field($query2, "akismetstopped") - 1; if ($akismetstopped < 0) { $akismetstopped = 0; } $db->update_query("users", array('akismetstopped' => $akismetstopped), "uid='{$post['uid']}'"); $update_array = array('username' => $firstpost['username'], 'uid' => intval($firstpost['uid']), 'lastpost' => intval($lastpost['dateline']), 'lastposter' => $lastpost['username'], 'lastposteruid' => intval($lastpost['uid'])); $db->update_query("threads", $update_array, "tid='{$post['tid']}'"); if ($post['usepostcounts'] != 0) { $db->write_query("UPDATE " . TABLE_PREFIX . "users SET postnum=postnum+1 WHERE uid = '{$post['uid']}'"); } $newthreads = $newreplies = 0; if ($post['replyto'] == 0) { ++$newthreads; } else { ++$newreplies; } update_thread_counters($post['tid'], array('replies' => '+' . $newreplies)); update_forum_counters($post['fid'], array('threads' => '+' . $newthreads, 'posts' => '+1')); } $approve = array("visible" => 1); if ($thread_list) { $db->update_query("threads", $approve, "tid IN ({$thread_list})"); } $db->update_query("posts", $approve, "pid IN ({$posts_in})"); // Log admin action log_admin_action(); flash_message($lang->success_unmarked, 'success'); admin_redirect("index.php?module=forum-akismet"); } if ($mybb->input['delete'] && $mybb->request_method == "post") { $deletepost = $mybb->input['akismet']; if (empty($deletepost)) { flash_message($lang->error_deletepost, 'error'); admin_redirect("index.php?module=forum-akismet"); } $posts_in = ''; $comma = ''; foreach ($deletepost as $key => $val) { $posts_in .= $comma . intval($key); $comma = ','; } $query = $db->simple_select("posts", "pid, tid", "pid IN ({$posts_in}) AND replyto = '0'"); while ($post = $db->fetch_array($query)) { $threadp[$post['pid']] = $post['tid']; } if (!is_array($threadp)) { $threadp = array(); } require_once MYBB_ROOT . "inc/functions_upload.php"; foreach ($deletepost as $pid => $val) { if (array_key_exists($pid, $threadp)) { $db->delete_query("posts", "pid IN ({$posts_in})"); $db->delete_query("attachments", "pid IN ({$posts_in})"); // Get thread info $query = $db->simple_select("threads", "poll", "tid='" . $threadp[$pid] . "'"); $poll = $db->fetch_field($query, 'poll'); // Delete threads, redirects, favorites, polls, and poll votes $db->delete_query("threads", "tid='" . $threadp[$pid] . "'"); $db->delete_query("threads", "closed='moved|" . $threadp[$pid] . "'"); $db->delete_query("threadsubscriptions", "tid='" . $threadp[$pid] . "'"); $db->delete_query("polls", "tid='" . $threadp[$pid] . "'"); $db->delete_query("pollvotes", "pid='{$poll}'"); } // Remove attachments remove_attachments($pid); // Delete the post $db->delete_query("posts", "pid='{$pid}'"); } // Log admin action log_admin_action(); flash_message($lang->success_spam_deleted, 'success'); admin_redirect("index.php?module=forum-akismet"); } if (!$mybb->input['action']) { require MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $page->output_header($lang->akismet); $form = new Form("index.php?module=forum-akismet", "post"); $table = new Table(); $table->construct_header($form->generate_check_box("checkall", 1, '', array('class' => 'checkall')), array('width' => '5%')); $table->construct_header("Title / Username / Post", array('class' => 'align_center')); $mybb->input['page'] = intval($mybb->input['page']); if ($mybb->input['page'] > 0) { $start = $mybb->input['page'] * 20; } else { $start = 0; } $query = $db->simple_select("posts", "COUNT(pid) as spam", "visible = '-4'"); $total_rows = $db->fetch_field($query, 'spam'); if ($start > $total_rows) { $start = $total_rows - 20; } if ($start < 0) { $start = 0; } $query = $db->simple_select("posts", "*", "visible = '-4'", array('limit_start' => $start, 'limit' => '20', 'order_by' => 'dateline', 'order_dir' => 'desc')); while ($post = $db->fetch_array($query)) { if ($post['uid'] != 0) { $username = "******"../" . str_replace("{uid}", $post['uid'], PROFILE_URL) . "\" target=\"_blank\">" . format_name($post['username'], $post['usergroup'], $post['displaygroup']) . "</a>"; } else { $username = $post['username']; } $table->construct_cell($form->generate_check_box("akismet[{$post['pid']}]", 1, '')); $table->construct_cell("<span style=\"float: right;\">{$lang->username} {$username}</span> <span style=\"float: left;\">{$lang->title}: " . htmlspecialchars_uni($post['subject']) . " <strong>(" . my_date($mybb->settings['dateformat'], $post['dateline']) . ", " . my_date($mybb->settings['timeformat'], $post['dateline']) . ")</strong></span>"); $table->construct_row(); $parser_options = array("allow_html" => 0, "allow_mycode" => 0, "allow_smilies" => 0, "allow_imgcode" => 0, "me_username" => $post['username'], "filter_badwords" => 1); $post['message'] = $parser->parse_message($post['message'], $parser_options); $table->construct_cell($post['message'], array("colspan" => 2)); $table->construct_row(); } $num_rows = $table->num_rows(); if ($num_rows == 0) { $table->construct_cell($lang->no_spam_found, array("class" => "align_center", "colspan" => 2)); $table->construct_row(); } $table->output($lang->detected_spam_messages); echo "<br />" . draw_admin_pagination($mybb->input['page'], 20, $total_rows, "index.php?module=forum-akismet&page={page}"); $buttons[] = $form->generate_submit_button($lang->unmark_selected, array('name' => 'unmark')); $buttons[] = $form->generate_submit_button($lang->deleted_selected, array('name' => 'delete')); if ($num_rows > 0) { $buttons[] = $form->generate_submit_button($lang->delete_all, array('name' => 'delete_all', 'onclick' => "return confirm('{$lang->confirm_spam_deletion}');")); } $form->output_submit_wrapper($buttons); $form->end(); $page->output_footer(); } exit; }
$thread_link = $lang->sprintf($lang->postrep_given_thread, $thread_link, $subject); $link = get_post_link($reputation_vote['pid']) . "#pid{$reputation_vote['pid']}"; $postrep_given = $lang->sprintf($lang->postrep_given, $link, $user['username'], $thread_link); } } // Does the current user have permission to delete this reputation? Show delete link $delete_link = ''; if ($mybb->usergroup['issupermod'] == 1 || $mybb->usergroup['candeletereputations'] == 1 && $reputation_vote['adduid'] == $mybb->user['uid'] && $mybb->user['uid'] != 0) { eval("\$delete_link = \"" . $templates->get("reputation_vote_delete") . "\";"); } $report_link = ''; if ($mybb->user['uid'] != 0) { eval("\$report_link = \"" . $templates->get("reputation_vote_report") . "\";"); } // Parse smilies in the reputation vote $reputation_parser = array("allow_html" => 0, "allow_mycode" => 0, "allow_smilies" => 1, "allow_imgcode" => 0, "filter_badwords" => 1); $reputation_vote['comments'] = $parser->parse_message($reputation_vote['comments'], $reputation_parser); if ($reputation_vote['comments'] == '') { $reputation_vote['comments'] = $lang->no_comment; } $plugins->run_hooks("reputation_vote"); eval("\$reputation_votes .= \"" . $templates->get("reputation_vote") . "\";"); } // If we don't have any reputations display a nice message. if (!$reputation_votes) { eval("\$reputation_votes = \"" . $templates->get("reputation_no_votes") . "\";"); } $plugins->run_hooks("reputation_end"); eval("\$reputation = \"" . $templates->get("reputation") . "\";"); output_page($reputation); }
} } } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $parser_options = array("allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_smilies" => $forum['allowsmilies'], "allow_imgcode" => $forum['allowimgcode'], "allow_videocode" => $forum['allowvideocode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_imgcode'] = 0; } if ($mybb->user['showvideos'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_videocode'] = 0; } $post['message'] = $parser->parse_message($message, $parser_options); // Now lets fetch all of the attachments for these posts. if ($mybb->settings['enableattachments'] != 0) { $query = $db->simple_select("attachments", "*", "pid='{$post['pid']}'"); while ($attachment = $db->fetch_array($query)) { $attachcache[$attachment['pid']][$attachment['aid']] = $attachment; } require_once MYBB_ROOT . "inc/functions_post.php"; get_post_attachments($post['pid'], $post); } // Figure out if we need to show an "edited by" message // Only show if at least one of "showeditedby" or "showeditedbyadmin" is enabled if ($mybb->settings['showeditedby'] != 0 && $mybb->settings['showeditedbyadmin'] != 0) { $post['editdate'] = my_date('relative', TIME_NOW); $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate']); $post['editedprofilelink'] = build_profile_link($mybb->user['username'], $mybb->user['uid']);
function asb_rand_quote_get_quote($settings, $width) { global $db, $mybb, $templates, $lang, $theme; if (!$lang->asb_addon) { $lang->load('asb_addon'); } // get forums user cannot view $unviewable = get_unviewable_forums(true); if ($unviewable) { $unviewwhere = " AND p.fid NOT IN ({$unviewable})"; } // get inactive forums $inactive = get_inactive_forums(); if ($inactive) { $inactivewhere = " AND p.fid NOT IN ({$inactive})"; } if ($settings['important_threads_only']) { $important_threads = ' AND NOT t.sticky=0'; } // build the exclude conditions $show['fids'] = asb_build_id_list($settings['forum_show_list'], 'p.fid'); $show['tids'] = asb_build_id_list($settings['thread_show_list'], 'p.tid'); $hide['fids'] = asb_build_id_list($settings['forum_hide_list'], 'p.fid'); $hide['tids'] = asb_build_id_list($settings['thread_hide_list'], 'p.tid'); $where['show'] = asb_build_SQL_where($show, ' OR '); $where['hide'] = asb_build_SQL_where($hide, ' OR ', ' NOT '); $query_where = $important_threads . $unviewwhere . $inactivewhere . asb_build_SQL_where($where, ' AND ', ' AND '); $post_query = $db->query("\n\t\tSELECT\n\t\t\tp.pid, p.message, p.fid, p.tid, p.subject, p.uid,\n\t\t\tu.username, u.usergroup, u.displaygroup, u.avatar,\n\t\t\tt.sticky\n\t\tFROM {$db->table_prefix}posts p\n\t\tLEFT JOIN {$db->table_prefix}users u ON (u.uid=p.uid)\n\t\tLEFT JOIN {$db->table_prefix}threads t ON (t.tid=p.tid)\n\t\tWHERE\n\t\t\tp.visible='1'{$query_where}\n\t\tORDER BY\n\t\t\tRAND()\n\t\tLIMIT 1;"); // if there was 1 . . . if ($db->num_rows($post_query) == 0) { return false; } $rand_post = $db->fetch_array($post_query); // build a post parser require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new postParser(); // we just need the text and smilies (we'll parse them after we check length) $pattern = "|[[\\/\\!]*?[^\\[\\]]*?]|si"; $new_message = asb_strip_url(preg_replace($pattern, '$1', $rand_post['message'])); // get some dimensions that make sense in relation to column width $asb_width = (int) $width; $asb_inner_size = $asb_width * 0.83; $avatar_size = (int) ($asb_inner_size / 5); $font_size = $asb_width / 4.5; $font_size = max(10, min(16, $font_size)); $username_font_size = (int) ($font_size * 0.9); $title_font_size = (int) ($font_size * 0.65); $message_font_size = (int) $font_size; if (strlen($new_message) < $settings['min_length']) { if ($settings['default_text']) { $new_message = $settings['default_text']; } else { // nothing to show return false; } } if ($settings['max_length'] && strlen($new_message) > $settings['max_length']) { $new_message = substr($new_message, 0, $settings['max_length']) . ' . . .'; } // set up the user name link so that it displays correctly for the display group of the user $plain_text_username = htmlspecialchars_uni($rand_post['username']); $username = format_name($plain_text_username, $rand_post['usergroup'], $rand_post['displaygroup']); $author_link = get_profile_link($rand_post['uid']); $post_link = get_post_link($rand_post['pid'], $rand_post['tid']) . '#pid' . $rand_post['pid']; $thread_link = get_thread_link($rand_post['tid']); // allow smilies, but kill $parser_options = array("allow_smilies" => 1); $new_message = str_replace(array('<br />', '/me'), array('', " * {$plain_text_username}"), $parser->parse_message($new_message . ' ', $parser_options)); // if the user has an avatar then display it, otherwise force the default avatar. $avatar_filename = "{$theme['imgdir']}/default_avatar.gif"; if ($rand_post['avatar'] != '') { $avatar_filename = $rand_post['avatar']; } $avatar_alt = $lang->sprintf($lang->asb_random_quote_users_profile, $plain_text_username); eval("\$read_more = \"" . $templates->get('asb_rand_quote_read_more') . "\";"); if (my_strlen($rand_post['subject']) > 40) { $rand_post['subject'] = my_substr($rand_post['subject'], 0, 40) . ' . . .'; } if (substr(strtolower($rand_post['subject']), 0, 3) == 're:') { $rand_post['subject'] = substr($rand_post['subject'], 3); } $rand_post['subject'] = htmlspecialchars_uni($parser->parse_badwords($rand_post['subject'])); $thread_title_link = <<<EOF <strong><a href="{$thread_link}" title="{$lang->asb_random_quotes_read_more_threadlink_title}"><span style="font-size: {$title_font_size}px;">{$rand_post['subject']}</span></a></strong> EOF; // eval() the template eval("\$this_quote = \"" . $templates->get("asb_rand_quote_sidebox") . "\";"); return $this_quote; }