Пример #1
 protected function processAjax($result)
     require_once DIR . '/includes/class_xml.php';
     $xml = new vB_AJAX_XML_Builder(vB::$vbulletin, 'text/xml');
     if (!$result) {
         $xml->add_tag('nada', '~~No Results Found~~');
     $xml->add_tag('count', $result['count']);
     $xml->add_tag('totalcount', $result['totalcount']);
     $xml->add_tag('minid', $result['minid']);
     $xml->add_tag('maxid', $result['maxid']);
     $xml->add_tag('mindateline', $result['mindateline']);
     $xml->add_tag('maxdateline', $result['maxdateline']);
     $xml->add_tag('minscore', $result['minscore']);
     $xml->add_tag('moreresults', $result['moreresults']);
     if ($result['bits']) {
         foreach ($result['bits'] as $bit) {
             $xml->add_tag('bit', $bit);
Пример #2
         $usercss->parse($selectorname, $property, $value);
 ($hook = vBulletinHook::fetch_hook('profile_docustomize_process')) ? eval($hook) : false;
 if ($vbulletin->GPC['ajax']) {
     // AJAX means get the preview
     $effective_css = $usercss->build_css($usercss->fetch_effective());
     $effective_css = str_replace('/*sessionurl*/', $vbulletin->session->vars['sessionurl_js'], $effective_css);
     require_once DIR . '/includes/class_xml.php';
     $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
     $xml->add_tag('css', process_replacement_vars($effective_css));
 if (empty($usercss->error) and empty($usercss->invalid)) {
     $vbulletin->url = "profile.php?" . $vbulletin->session->vars['sessionurl'] . "do=customize";
 } else {
     if (!empty($usercss->error)) {
         standard_error(implode("<br />", $usercss->error));
     } else {
         // have invalid, no errors
         $_REQUEST['do'] = 'customize';
         define('HAVE_ERRORS', true);
Пример #3
		if ($attachment = $db->query_first("
			SELECT settings
			FROM " . TABLE_PREFIX . "attachment
			WHERE attachmentid = " . $vbulletin->GPC['attachmentid'] . "
			$settings = unserialize($attachment['settings']);
			foreach ($settings AS $key => $value)
				$xml->add_tag($key, $value);


if ($_POST['do'] == 'saveimageconfig')
	// TODO: Verify user has access to modify this attachment

	$vbulletin->input->clean_array_gpc('p', array(
		'alignment'       => TYPE_NOHTML,
		'size'            => TYPE_NOHTML,
		'title'           => TYPE_NOHTML,
		'caption'         => TYPE_NOHTML,
		'linkurl'         => TYPE_NOHTML,
		'styles'          => TYPE_NOHTML,
		'description'     => TYPE_NOHTML,
Пример #4
	 * vB_Search_Type::getUiXml()
	 * This gets the xml which will be passed to the ajax function. It just wraps
	 * get_ui in html
	 * @param array $prefs : the stored prefs for this contenttype
	 * @return the appropriate user interface wrapped in XML
	public function getUiXml($prefs)
		global $vbulletin;
		$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');

		$xml->add_tag('html', $this->listUi($prefs));

Пример #5
	public static function showCommentsXml($nodeid, $userinfo, $pageno = 1,
		$perpage = 20, $target_url = '')
		require_once DIR . '/includes/functions_misc.php';
		global $show;

		$xml = new vB_AJAX_XML_Builder( vB::$vbulletin, 'text/xml');

		//todo handle prefs for xml types
		$xml->add_tag('html', $check_val = self::showComments($nodeid, $userinfo,  $pageno,
		$perpage, $target_url));

Пример #6
  * Renders the view to a string and returns it.
  * @return string
 public function render($send_content_headers = false)
     require_once DIR . '/includes/class_xml.php';
     $xml = new vB_AJAX_XML_Builder(vB::$vbulletin, 'text/xml');
     $xml->add_tag('success', 1);
     if ($this->content) {
         $xml->add_tag('html', $this->content->render());
     $xml->add_tag('title', $this->title);
     $xml->add_tag('status', $this->status);
     $xml->add_tag('message', $this->feedback);
     if (sizeof($this->errors)) {
         foreach ($this->errors as $error) {
             $xml->add_tag('error', $error['message'], array('errcode' => $error['code']));
     if (sizeof($this->urls)) {
         foreach ($this->urls as $type => $url) {
             $xml->add_tag('url', $url, array('type' => $type));
     if ($send_content_headers and !vB::contentHeadersSent()) {
     return $xml->fetch_xml();
Пример #7
  * Retrieve current MYSQL process list
 protected function fetch_query_status()
     $xml = new vB_AJAX_XML_Builder($this->registry, 'text/xml', vB_Template_Runtime::fetchStyleVar('charset'));
     $xml->add_tag('query_status', $this->phrase['core']['query_status_title']);
     $processes = $this->db->query_read("\n\t\t\tSHOW FULL PROCESSLIST\n\t\t");
     $found = false;
     while ($process = $this->db->fetch_array($processes)) {
         if ($process['db'] == $this->registry->config['Database']['dbname'] and $process['User'] == $this->registry->config['MasterServer']['username'] and $process['Info'] != 'SHOW FULL PROCESSLIST' and $process['Command'] == 'Query' and preg_match('/^(\\s+)?### vBulletin Database Alter ###/s', $process['Info'])) {
             $process['Info'] = preg_replace("/^(\\s+)?### vBulletin Database Alter ###/s", "", $process['Info']);
             $found = true;
             $totalseconds = intval($process['Time']);
             $hours = floor($seconds / 3600);
             $totalseconds -= $hours * 3600;
             $minutes = floor($totalseconds / 60);
             $totalseconds -= $minutes * 60;
             $seconds = $totalseconds;
             $xml->add_tag('process', construct_phrase($this->phrase['core']['process_x_y_z'], str_pad($hours, 2, "0", STR_PAD_LEFT), str_pad($minutes, 2, "0", STR_PAD_LEFT), str_pad($seconds, 2, "0", STR_PAD_LEFT), htmlspecialchars_uni($process['State']), htmlspecialchars_uni($process['Info'])));
     if (!$found) {
         $xml->add_tag('noprocess', $this->phrase['core']['no_processes_found']);
Пример #8
  * Halts execution of the entire system and displays an error message
  * @param	string	Text of the error message. Leave blank to use $this->sql as error text.
  * @return	integer
 function halt($errortext = '')
     global $vbulletin;
     if ($this->connection_recent) {
         $this->error = $this->error($this->connection_recent);
         $this->errno = $this->errno($this->connection_recent);
     if ($this->reporterror) {
         if ($errortext == '') {
             $this->sql = "Invalid SQL:\r\n" . chop($this->sql) . ';';
             $errortext =& $this->sql;
         // Try and stop e-mail flooding.
         if (!$vbulletin->options['disableerroremail']) {
             if (!$vbulletin->options['safeupload']) {
                 $tempdir = ini_get('upload_tmp_dir');
             } else {
                 $tempdir = $vbulletin->options['tmppath'] . '/';
             $unique = md5(COOKIE_SALT);
             $tempfile = $tempdir . "zdberr{$unique}.dat";
             /* If its less than a minute since the last e-mail
             			and the error code is the same as last time, disable e-mail */
             if ($data = @file_get_contents($tempfile)) {
                 $errc = intval(substr($data, 10));
                 $time = intval(substr($data, 0, 10));
                 if ($time and TIMENOW - $time < 60 and intval($this->errno) == $errc) {
                     $vbulletin->options['disableerroremail'] = true;
                 } else {
                     $data = TIMENOW . intval($this->errno);
                     @file_put_contents($tempfile, $data);
             } else {
                 $data = TIMENOW . intval($this->errno);
                 @file_put_contents($tempfile, $data);
         $vboptions =& $vbulletin->options;
         $technicalemail =& $vbulletin->config['Database']['technicalemail'];
         $bbuserinfo =& $vbulletin->userinfo;
         $requestdate = date('l, F jS Y @ h:i:s A', TIMENOW);
         $date = date('l, F jS Y @ h:i:s A');
         $scriptpath = str_replace('&amp;', '&', $vbulletin->scriptpath);
         $referer = REFERRER;
         $ipaddress = IPADDRESS;
         $classname = get_class($this);
         if ($this->connection_recent) {
             list($mysqlversion) = $this->query_first("SELECT VERSION() AS version", DBARRAY_NUM);
         $display_db_error = (VB_AREA == 'Upgrade' or VB_AREA == 'Install' or $vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']);
         // Hide the MySQL Version if its going in the source
         if (!$display_db_error) {
             $mysqlversion = '';
         eval('$message = "' . str_replace('"', '\\"', file_get_contents(DIR . '/includes/database_error_message.html')) . '";');
         // add a backtrace to the message
         if ($vbulletin->debug) {
             $trace = debug_backtrace();
             $trace_output = "\n";
             foreach ($trace as $index => $trace_item) {
                 $param = in_array($trace_item['function'], array('require', 'require_once', 'include', 'include_once')) ? $trace_item['args'][0] : '';
                 // remove path
                 $param = str_replace(DIR, '[path]', $param);
                 $trace_item['file'] = str_replace(DIR, '[path]', $trace_item['file']);
                 $trace_output .= "#{$index} {$trace_item['class']}{$trace_item['type']}{$trace_item['function']}({$param}) called in {$trace_item['file']} on line {$trace_item['line']}\n";
             $message .= "\n\nStack Trace:\n{$trace_output}\n";
         require_once DIR . '/includes/functions_log_error.php';
         if (function_exists('log_vbulletin_error')) {
             log_vbulletin_error($message, 'database');
         if ($technicalemail != '' and !$vbulletin->options['disableerroremail'] and verify_email_vbulletin_error($this->errno, 'database')) {
             // If vBulletinHook is defined then we know that options are loaded, so we can then use vbmail
             if (class_exists('vBulletinHook', false)) {
                 @vbmail($technicalemail, $this->appshortname . ' Database Error!', $message, true, $technicalemail);
             } else {
                 @mail($technicalemail, $this->appshortname . ' Database Error!', preg_replace("#(\r\n|\r|\n)#s", @ini_get('sendmail_path') === '' ? "\r\n" : "\n", $message), "From: {$technicalemail}");
         if (defined('STDIN')) {
             echo $message;
         // send ajax reponse after sending error email
         if ($vbulletin->GPC['ajax']) {
             require_once DIR . '/includes/class_xml.php';
             $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
             $error = '<p>Database Error</p>';
             if ($vbulletin->debug or VB_AREA == 'Upgrade') {
                 $error .= "\r\n\r\n{$errortext}";
                 $error .= "\r\n\r\n{$this->error}";
             eval('$ajaxmessage = "' . str_replace('"', '\\"', file_get_contents(DIR . '/includes/database_error_message_ajax.html')) . '";');
             $xml->add_tag('error', $error);
             $xml->add_tag('error_html', $ajaxmessage);
         if (!headers_sent()) {
             if (SAPI_NAME == 'cgi' or SAPI_NAME == 'cgi-fcgi') {
                 header('Status: 503 Service Unavailable');
             } else {
                 header($_SERVER['SERVER_PROTOCOL'] . ' 503 Service Unavailable');
         if ($display_db_error) {
             // display error message on screen
             $message = '<form><textarea rows="15" cols="70" wrap="off" id="message">' . htmlspecialchars_uni($message) . '</textarea></form>';
         } else {
             if ($vbulletin->debug) {
                 // display hidden error message
                 $message = "\r\n<!--\r\n" . htmlspecialchars_uni($message) . "\r\n-->\r\n";
             } else {
                 $message = '';
         if ($vbulletin->options['bburl']) {
             $imagepath = $vbulletin->options['bburl'];
         } else {
             // this might not work with too many slashes in the archive
             $imagepath = VB_AREA == 'Forum' ? '.' : '..';
         eval('$message = "' . str_replace('"', '\\"', file_get_contents(DIR . '/includes/database_error_page.html')) . '";');
         // This is needed so IE doesn't show the pretty error messages
         $message .= str_repeat(' ', 512);
     } else {
         if (!empty($errortext)) {
             $this->error = $errortext;
Пример #9
	 * Rate a node (ajax only)
	 * @return string
	public function actionRate()
		global $bootstrap;

		$nodeid = intval($this->node->getNodeId());

		// Load the style

		vB::$vbulletin->input->clean_array_gpc('r', array(
			'vote' => vB_Input::TYPE_UINT
		$vote = vB::$vbulletin->GPC['vote'];

		if ($vote < 0 OR $vote > 5)

		$rated = intval(fetch_bbarray_cookie('cms_rate', $nodeid));

		$update = false;
		if (vB::$vbulletin->userinfo['userid'])
			if ($rating = vB::$db->query_first("
				SELECT *
				FROM " . TABLE_PREFIX . "cms_rate
				WHERE userid = " . vB::$vbulletin->userinfo['userid'] . "
					AND nodeid = $nodeid
				if (vB::$vbulletin->options['votechange'])
					if ($vote != $rating['vote'])
						$rateitem = new vBCms_Item_Rate($rating['rateid']);
						$ratedm = new vBCms_DM_Rate($rateitem);
						$ratedm->set('nodeid', $nodeid);
						$ratedm->set('userid', vB::$vbulletin->userinfo['userid']);
						$ratedm->set('vote', intval($vote));
					$update = true;
				$ratedm = new vBCms_DM_Rate();
				$ratedm->set('nodeid', $nodeid);
				$ratedm->set('userid', vB::$vbulletin->userinfo['userid']);
				$ratedm->set('vote', intval($vote));

				$update = true;
			// Check for cookie on user's computer for this blogid
			if ($rated AND !vB::$vbulletin->options['votechange'])

				// Check for entry in Database for this Ip Addr/blogid
				if ($rating = vB::$db->query_first("
					SELECT *
					FROM " . TABLE_PREFIX . "cms_rate
					WHERE ipaddress = '" . vB::$db->escape_string(IPADDRESS) . "'
						AND nodeid = $nodeid
					if (vB::$vbulletin->options['votechange'])
						if ($vote != $rating['vote'])
							$rateitem = new vBCms_Item_Rate($rating['rateid']);
							$ratedm = new vBCms_DM_Rate($rateitem);
							$ratedm->set('nodeid', $nodeid);
							$ratedm->set('vote', intval($vote));
						$update = true;
					$ratedm = new vBCms_DM_Rate();
					$ratedm->set('nodeid', $nodeid);
					$ratedm->set('userid', 0);
					$ratedm->set('vote', intval($vote));

					$update = true;


		require_once(DIR . '/includes/class_xml.php');
		$xml = new vB_AJAX_XML_Builder(vB::$vbulletin, 'text/xml');
		if ($update)
			$node = vB::$db->query_first_slave("
				SELECT ratingtotal, ratingnum
				FROM " . TABLE_PREFIX . "cms_nodeinfo
				WHERE nodeid = $nodeid

			if ($node['ratingnum'] > 0 AND $node['ratingnum'] >= vB::$vbulletin->options['showvotes'])
			{	// Show Voteavg
				$node['ratingavg'] = vb_number_format($node['ratingtotal'] / $node['ratingnum'], 2);
				$node['rating'] = intval(round($node['ratingtotal'] / $node['ratingnum']));
				$xml->add_tag('voteavg', "<img class=\"inlineimg\" src=\"" . vB_Template_Runtime::fetchStyleVar('imgdir_rating') . "/rating-15_$node[rating].png\" alt=\"" . construct_phrase($vbphrase['rating_x_votes_y_average'], $node['ratingnum'], $node['ratingavg']) . "\" border=\"0\" />");
				$xml->add_tag('voteavg', '');

			if (!function_exists('fetch_phrase'))
				require_once(DIR . '/includes/functions_misc.php');
			$xml->add_tag('message', fetch_phrase('redirect_blog_rate_add', 'frontredirect', 'redirect_'));
		else	// Already voted error...
			if (!empty($rating['nodeid']))
				set_bbarray_cookie('cms_rate', $rating['nodeid'], $rating['vote'], 1);
			$xml->add_tag('error', fetch_error('blog_rate_voted'));

Пример #10
// complete
if ($show['ajaxupload']) {
    require_once DIR . '/includes/class_xml.php';
    $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
    if (!empty($attachlib->errors)) {
        foreach ($attachlib->errors as $error) {
            $filename = fetch_censored_text(htmlspecialchars_uni($error['filename'], false));
            $errormessage = $error['error'] ? $error['error'] : $vbphrase["{$error['errorphrase']}"];
            $xml->add_tag('uploaderror', "{$filename}: {$errormessage}");
            if ($vbulletin->GPC['flash']) {
                echo "error: {$errormessage}";
        if ($vbulletin->GPC['flash']) {
    if ($vbulletin->GPC['flash']) {
        echo "ok - " . intval($currentattachment['attachmentid']) . " - " . $currentattachment['hasthumbnail'];
    foreach ($attachmentsarray as $key => $attachment) {
        $xml->add_tag('attachment', $attachment);
        $xml->add_tag('displaybit', $updatearray["{$key}"]['html']);
        $xml->add_tag('filename', $updatearray["{$key}"]['filename']);
        $xml->add_tag('filesize', $updatearray["{$key}"]['filesize']);
        $xml->add_tag('attachmentid', $updatearray["{$key}"]['attachmentid']);
Пример #11
 if ($_POST['do'] == 'loadnode') {
     $vbulletin->input->clean_array_gpc('p', array('parentid' => TYPE_UINT));
     $categories = $db->query_read_slave("\r\n\t\t\tSELECT categoryid, title\r\n\t\t\tFROM " . TABLE_PREFIX . "attachmentcategory\r\n\t\t\tWHERE\r\n\t\t\t\tuserid = {$userinfo['userid']}\r\n\t\t\t\t\tAND\r\n\t\t\t\tparentid = {$vbulletin->GPC['parentid']}\r\n\t\t\tORDER BY displayorder\r\n\t\t");
     while ($category = $db->fetch_array($categories)) {
         $xml->add_tag('category', $category['title'], array('categoryid' => $category['categoryid']));
     // Update posthash if this is the root node.
     if ($vbulletin->GPC['parentid'] == 0) {
         $userdm =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
         $userdm->set('assetposthash', $vbulletin->GPC['posthash']);
         $userinfo['assetposthash'] = $vbulletin->GPC['posthash'];
 if ($_POST['do'] == 'loadassets') {
     $vbulletin->input->clean_array_gpc('p', array('categoryid' => TYPE_UINT, 'view' => TYPE_STR, 'orderby' => TYPE_STR, 'sortorder' => TYPE_STR, 'pagenumber' => TYPE_UINT, 'init' => TYPE_BOOL, 'contenttypeid' => TYPE_UINT));
     if ($vbulletin->GPC['categoryid'] and !$db->query_first("\r\n\t\t\tSELECT categoryid\r\n\t\t\tFROM " . TABLE_PREFIX . "attachmentcategory\r\n\t\t\tWHERE\r\n\t\t\t\tuserid = {$userinfo['userid']}\r\n\t\t\t\t\tAND\r\n\t\t\t\tcategoryid = {$vbulletin->GPC['categoryid']}\r\n\t\t\t")) {
         eval(standard_error(fetch_error('invalidid', 'categoryid', $vbulletin->options['contactuslink'])));
     switch ($vbulletin->GPC['orderby']) {
         case 'filename':
             $orderby = 'acu.filename';
             $handled = false;
             ($hook = vBulletinHook::fetch_hook('assetmanager_orderby')) ? eval($hook) : false;
             if (!$handled) {
Пример #12
// get special data templates from the datastore
$specialtemplates = array();
// pre-cache templates used by all actions  - build
$globaltemplates = array();
// pre-cache templates used by specific actions
$actiontemplates = array();
// ######################### REQUIRE BACK-END ############################
require_once './global.php';
require_once DIR . '/includes/class_xml.php';
// #######################################################################
// ######################## START MAIN SCRIPT ############################
// #######################################################################
// VBIV-8269
header('Cache-control: max-age=31536000, private');
header('Expires: ' . gmdate("D, d M Y H:i:s", TIMENOW + 31536000) . ' GMT');
// When were the CKEditor phrases last modified? Good Question.
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', 0) . ' GMT');
$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
foreach ($vbphrase as $key => $phrase) {
    $xml->add_tag('phrase', $phrase, array('name' => $key));
|| ####################################################################
|| # Downloaded: 03:13, Sat Sep 7th 2013
|| # CVS: $RCSfile$ - $Revision: 30573 $
|| ####################################################################
Пример #13
function outputError($errors)
    global $vbulletin;
    if (!is_array($errors)) {
        $errors = array($errors);
        //create array with 1 item
    if ($vbulletin->GPC['ajax']) {
        require_once DIR . '/includes/class_xml.php';
        $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
        $html = '';
        $xml->add_tag('error', implode(',', $errors));
    } else {
        eval(standard_error(implode('<br/>', $errors)));
    //just in case...
Пример #14
	public static function checkUrlAvailable()
		global $vbulletin;
		global $vbphrase;
		require_once DIR . '/includes/functions_databuild.php';
		require_once DIR . '/includes/functions_misc.php';
		$vbulletin->input->clean_array_gpc('r', array(
			'url' => TYPE_STR,
			'nodeid' => TYPE_INT));

		$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');
		$url_conflict = '';

		if (strlen($vbulletin->GPC['url'])
			and $row = $vbulletin->db->query_first($sql="SELECT nodeid FROM " . TABLE_PREFIX .
			"cms_node WHERE new != 1 AND lower(url)='" . $vbulletin->db->escape_string(strtolower($vbulletin->GPC['url'])) ."'"
			. ($vbulletin->GPC_exists['nodeid'] ? " and nodeid <> " . $vbulletin->GPC['nodeid'] : "" ) )
			and intval($row['nodeid']))
			$url_conflict = $vbphrase['url_in_use'];

		$xml->add_tag('html', $url_conflict);
		return '';
Пример #15
 * vb_Search_Searchtools::getDefaultUiXml()
 * This gets the xml which will be passed to the ajax function. It just wraps
 * get_ui in html
 * @param integer $contenttypeid
 * @return the appropriate user interface wrapped in XML
	public static function getDefaultUiXml($contenttypeid, $prefs)
		global $vbulletin;
		$xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml');

		$xml->add_tag('html', self::makeDefaultSearch($contenttypeid, $prefs));
