if ($post_row['uid_hidden'] && $post_row['uid_hidden'] == $uid) { $can_edit = $forum_permissions[$forum_id]['can_edit'] && time() < $post_row['post_time'] + $xoopsModuleConfig['selfeditlimit'] ? true : false; $can_delete = $forum_permissions[$forum_id]['can_delete'] && time() < $post_row['post_time'] + $xoopsModuleConfig['selfdellimit'] ? true : false; } else { if ($uid > 0) { // normal user cannot touch guest's post $can_edit = false; $can_delete = false; } else { // guest can delete posts by password $can_edit = false; $can_delete = $post_row['guest_pass_md5'] && $forum_permissions[$forum_id]['can_delete'] && time() < $post_row['post_time'] + $xoopsModuleConfig['selfdellimit'] ? true : false; } } } } // d3comment object if (!empty($forum_row['forum_external_link_format'])) { $d3com =& d3forum_main_get_comment_object($mydirname, $forum_row['forum_external_link_format']); } else { $d3com = false; } // d3comment overridings if (is_object($d3com)) { $can_vote = $d3com->canVote($topic_row['topic_external_link_id'], $can_vote, $post_row['post_id']); $can_post = $d3com->canPost($topic_row['topic_external_link_id'], $can_post); $can_reply = $d3com->canReply($topic_row['topic_external_link_id'], $can_reply, $post_row['post_id']); $can_edit = $d3com->canEdit($topic_row['topic_external_link_id'], $can_edit, $post_row['post_id']); $can_delete = $d3com->canDelete($topic_row['topic_external_link_id'], $can_delete, $post_row['post_id']); $need_approve = $d3com->needApprove($topic_row['topic_external_link_id'], $need_approve); }
function d3forum_global_search_base($mydirname, $keywords, $andor, $limit, $offset, $userid) { $myts =& MyTextsanitizer::getInstance(); $db =& Database::getInstance(); $andor = strtoupper($andor); $userid = intval($userid); // naao from require_once dirname(__FILE__) . '/include/main_functions.php'; // get all forums $sql = "SELECT forum_id, forum_external_link_format FROM " . $db->prefix($mydirname . "_forums"); $frs = $db->query($sql); $d3com = array(); while ($forum_row = $db->fetchArray($frs)) { // d3comment object $temp_forum_id = intval($forum_row['forum_id']); if (!empty($forum_row['forum_external_link_format'])) { $d3com[$temp_forum_id] =& d3forum_main_get_comment_object($mydirname, $forum_row['forum_external_link_format']); } else { $d3com[$temp_forum_id] = false; } } // naao to $charset = strtoupper(_CHARSET); // XOOPS Search module $showcontext = empty($_GET['showcontext']) ? 0 : 1; $select4con = $showcontext ? "p.post_text" : "'' AS post_text"; require_once dirname(__FILE__) . '/include/common_functions.php'; $whr_forum = "t.forum_id IN (" . implode(",", d3forum_get_forums_can_read($mydirname)) . ")"; $whr_uid = $userid > 0 ? "p.uid={$userid}" : "1"; $whr_query = $andor == 'OR' ? '0' : '1'; if (is_array($keywords)) { // I know this is not a right escaping, but I can't believe $keywords :-) $keywords = array_map('stripslashes', $keywords); foreach ($keywords as $word) { $word4sql = addslashes($word); $word_or = array('p.subject LIKE \'%' . $word4sql . '%\' OR p.post_text LIKE \'%' . $word4sql . '%\''); if (($charset === 'UTF-8' || $charset === 'EUC-JP') && function_exists('mb_convert_kana')) { foreach (array('a', 'A', 'k', 'KV', 'h', 'HV', 'c', 'C') as $_op) { $_word = mb_convert_kana($word, $_op, $charset); if ($_word !== $word) { $word4sql = addslashes($_word); $word_or[] = 'p.subject LIKE \'%' . $word4sql . '%\' OR p.post_text LIKE \'%' . $word4sql . '%\''; } } } $word4sql = join(' OR ', $word_or); $whr_query .= $andor == 'EXACT' ? ' AND' : ' ' . $andor; $whr_query .= ' (' . $word4sql . ')'; } } //$sql = "SELECT p.post_id,p.topic_id,p.post_time,p.uid,p.subject,p.html,p.smiley,p.xcode,p.br,$select4con FROM ".$db->prefix($mydirname."_posts")." p LEFT JOIN ".$db->prefix($mydirname."_topics")." t ON t.topic_id=p.topic_id WHERE ($whr_forum) AND ($whr_uid) AND ($whr_query) AND ! topic_invisible ORDER BY p.post_time DESC" ; //naao $sql = "SELECT p.post_id,p.topic_id,p.post_time,p.uid,p.subject,p.html,p.smiley,p.xcode,p.br,{$select4con},t.topic_external_link_id,f.forum_id FROM " . $db->prefix($mydirname . "_posts") . " p LEFT JOIN " . $db->prefix($mydirname . "_topics") . " t ON t.topic_id=p.topic_id LEFT JOIN " . $db->prefix($mydirname . "_forums") . " f ON t.forum_id = f.forum_id WHERE ({$whr_forum}) AND ({$whr_uid}) AND ({$whr_query}) AND ! topic_invisible ORDER BY p.post_time DESC"; $result = $db->query($sql, $limit, $offset); $ret = array(); $context = ''; // nao-pon $make_context_func = function_exists('xoops_make_context') ? 'xoops_make_context' : (function_exists('search_make_context') ? 'search_make_context' : ''); while (list($post_id, $topic_id, $post_time, $uid, $subject, $html, $smiley, $xcode, $br, $text, $external_link_id, $forum_id) = $db->fetchRow($result)) { // naao from $can_display = true; //default if (is_object($d3com[intval($forum_id)])) { $d3com_obj = $d3com[intval($forum_id)]; if (($external_link_id = $d3com_obj->validate_id($external_link_id)) === false) { $can_display = false; } } if ($can_display == true) { // naao to // get context for module "search" // nao-pon //if( function_exists('search_make_context') && $showcontext ) { if ($make_context_func && $showcontext) { if (function_exists('easiestml')) { $text = easiestml($text); } $full_context = strip_tags($myts->displayTarea($text, $html, $smiley, $xcode, 1, $br)); // nao-pon //$context = search_make_context( $full_context , $keywords ) ; $context = $make_context_func($full_context, $keywords); } $ret[] = array('link' => "index.php?post_id={$post_id}", 'title' => htmlspecialchars($subject, ENT_QUOTES), 'time' => $post_time, 'uid' => $uid, 'context' => $context); } // naao } // for xoops search module $GLOBALS['md_search_flg_zenhan_support'] = true; return $ret; }
function d3forum_update_topic_from_post($mydirname, $topic_id, $forum_id, $forum_permissions, $isadmin) { global $myts; $db =& Database::getInstance(); $sql4set = ''; $topic_id = intval($topic_id); $new_forum_id = intval(@$_POST['forum_id']); // prefetch for forum list($new_forum_external_link_format) = $db->fetchRow($db->query("SELECT forum_external_link_format FROM " . $db->prefix($mydirname . "_forums") . " WHERE forum_id={$new_forum_id}")); // check the user is destined forum's admin or mod if (!$isadmin && !$forum_permissions[$new_forum_id]['is_moderator']) { die(_MD_D3FORUM_ERR_CUTPASTENOTADMINOFDESTINATION); } $topic_title4sql = addslashes($myts->stripSlashesGPC(@$_POST['topic_title'])); $topic_sticky = intval(@$_POST['topic_sticky']); $topic_locked = intval(@$_POST['topic_locked']); $topic_invisible = intval(@$_POST['topic_invisible']); $topic_solved = intval(@$_POST['topic_solved']); $external_link_id = $myts->stripSlashesGPC(@$_POST['topic_external_link_id']); // do update if (!$db->query("UPDATE " . $db->prefix($mydirname . "_topics") . " SET {$sql4set} topic_title='{$topic_title4sql}', forum_id='{$new_forum_id}', topic_sticky='{$topic_sticky}', topic_locked='{$topic_locked}', topic_invisible='{$topic_invisible}', topic_solved='{$topic_solved}', topic_external_link_id='" . addslashes($external_link_id) . "' WHERE topic_id={$topic_id}")) { die("DB ERROR IN UPDATE topic" . __LINE__); } // clear topic_external_link_id if the new forum has no external_link_fmt if ($new_forum_external_link_format == '') { if (!$db->query("UPDATE " . $db->prefix($mydirname . "_topics") . " SET topic_external_link_id='' WHERE topic_id={$topic_id}")) { die("DB ERROR in UPDATE topic" . __LINE__); } } // call back to the target of comment if (!empty($external_link_format) && !empty($external_link_id)) { $d3com =& d3forum_main_get_comment_object($mydirname, $external_link_format); if (is_object(@$d3com)) { $d3com->onUpdate('update', $external_link_id, $forum_id, $topic_id); } } d3forum_sync_forum($mydirname, $forum_id); d3forum_sync_forum($mydirname, $new_forum_id); }
function d3forum_get_comment_description($mydirname, $external_link_format, $external_link_id) { $d3com =& d3forum_main_get_comment_object($mydirname, $external_link_format); if (!is_object($d3com)) { return ''; } $description = $d3com->fetchDescription($external_link_id); if ($description) { return $description; } else { return $d3com->fetchSummary($external_link_id); } }