function postcopy_main($data) { global $mybb, $db; require_once MYBB_ROOT . "inc/datahandlers/post.php"; $forumID = "1"; //Forum ID to monitor for new posts $destForum = "1"; //Forum ID to copy posts to $prefixIDNew = "1"; // Thread prefix to apply to copied thread $posterUID = "1"; //UserID of the user you want to "post" the new thread, or you can edit the data below to use the original posters ID. if ($data->data['fid'] === $forumID) { $query = $db->query("SELECT example, example2, example3 FROM " . TABLE_PREFIX . "threadfields_data WHERE tid = " . $data->tid); //Select Xthreads data $tfields = $db->fetch_array($query); $thIns = array('fid' => $destForum, 'prefix' => $prefixIDNew, 'subject' => $data->data['subject'], 'icon' => $data->data['icon'], 'uid' => $posterUID, 'username' => $data->data['username'], 'dateline' => TIME_NOW, 'message' => "<b>Username:</b> " . $data->data['username'] . "<br /><b>Example: </b> " . $tfields['example'] . "<br /><b>Example2: </b> " . $tfields['example2'] . " <br /><b>Example3: </b> " . $tfields['example3'] . "<br /><b>Body:</b> " . $data->data['message'], 'ipaddress' => $data->data['ipaddress']); $new_thread['options'] = array("signature" => $data->data['options']['signature'], "subscriptionmethod" => $data->data['options']['subscriptionmethod'], "disablesmilies" => $data->data['options']['disablesmilies']); $posthandler = new PostDataHandler("insert"); $posthandler->action = "thread"; $posthandler->set_data($thIns); $valid_thread = $posthandler->validate_post(); $post_errors = array(); if (!$valid_thread) { $post_errors = $posthandler->get_friendly_errors(); } if (count($post_errors) > 0) { $thread_errors = inline_error($post_errors); $mybb->input['action'] = "newthread"; } else { $posthandler->insert_thread(); } } }
} else { $attachwhere = "posthash='" . $db->escape_string($mybb->get_input('posthash')) . "'"; } $query = $db->simple_select("attachments", "*", $attachwhere); while ($attachment = $db->fetch_array($query)) { $attachcache[0][$attachment['aid']] = $attachment; } $postbit = build_postbit($post, 1); eval("\$preview = \"" . $templates->get("previewpost") . "\";"); } } $subject = htmlspecialchars_uni($parser->parse_badwords($subject)); $posthash = htmlspecialchars_uni($mybb->get_input('posthash')); // Do we have attachment errors? if (count($errors) > 0) { $reply_errors = inline_error($errors); } // Get a listing of the current attachments. if ($mybb->settings['enableattachments'] != 0 && $forumpermissions['canpostattachments'] != 0) { $attachcount = 0; if ($pid) { $attachwhere = "pid='{$pid}'"; } else { $attachwhere = "posthash='" . $db->escape_string($posthash) . "'"; } $attachments = ''; $query = $db->simple_select("attachments", "*", $attachwhere); while ($attachment = $db->fetch_array($query)) { $attachment['size'] = get_friendly_size($attachment['filesize']); $attachment['icon'] = get_attachment_icon(get_extension($attachment['filename'])); $attachment['filename'] = htmlspecialchars_uni($attachment['filename']);
if (empty($avatar_error)) { if ($width > 0 && $height > 0) { $avatar_dimensions = (int) $width . "|" . (int) $height; } $updated_avatar = array("avatar" => $db->escape_string($mybb->input['avatarurl'] . '?dateline=' . TIME_NOW), "avatardimensions" => $avatar_dimensions, "avatartype" => "remote"); $db->update_query("users", $updated_avatar, "uid='" . $mybb->user['uid'] . "'"); remove_avatars($mybb->user['uid']); } } } if (empty($avatar_error)) { $plugins->run_hooks("usercp_do_avatar_end"); redirect("usercp.php?action=avatar", $lang->redirect_avatarupdated); } else { $mybb->input['action'] = "avatar"; $avatar_error = inline_error($avatar_error); } } if ($mybb->input['action'] == "avatar") { $plugins->run_hooks("usercp_avatar_start"); $avatarmsg = $avatarurl = ''; if ($mybb->user['avatartype'] == "upload" || stristr($mybb->user['avatar'], $mybb->settings['avataruploadpath'])) { $avatarmsg = "<br /><strong>" . $lang->already_uploaded_avatar . "</strong>"; } elseif ($mybb->user['avatartype'] == "remote" || my_strpos(my_strtolower($mybb->user['avatar']), "http://") !== false) { $avatarmsg = "<br /><strong>" . $lang->using_remote_avatar . "</strong>"; $avatarurl = htmlspecialchars_uni($mybb->user['avatar']); } $useravatar = format_avatar($mybb->user['avatar'], $mybb->user['avatardimensions'], '100x100'); eval("\$currentavatar = \"" . $templates->get("usercp_avatar_current") . "\";"); if ($mybb->settings['maxavatardims'] != "") { list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims']));
$mybb->input['delayedmoderation']['new_forum'] = intval($mybb->input['delayedmoderation']['new_forum']); $mybb->input['delayedmoderation']['subject'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['subject']); $mybb->input['delayedmoderation']['threadurl'] = htmlspecialchars_uni($mybb->input['delayedmoderation']['threadurl']); $forumselect = build_forum_jump("", $mybb->input['delayedmoderation']['new_forum'], 1, '', 0, true, '', "delayedmoderation[new_forum]"); } } else { $type_selected = array('openclosethread' => "checked=\"checked\""); $method_selected = array('move' => "checked=\"checked\""); $mybb->input['delay'] = 1; $mybb->input['delayedmoderation']['redirect_expire'] = ''; $mybb->input['delayedmoderation']['subject'] = $thread['subject']; $mybb->input['delayedmoderation']['threadurl'] = ''; $forumselect = build_forum_jump("", $fid, 1, '', 0, true, '', "delayedmoderation[new_forum]"); } if (count($errors) > 0) { $display_errors = inline_error($errors); } $forum_cache = $cache->read("forums"); $actions = array('openclosethread' => $lang->open_close_thread, 'deletethread' => $lang->delete_thread, 'move' => $lang->move_copy_thread, 'stick' => $lang->stick_unstick_thread, 'merge' => $lang->merge_threads, 'removeredirects' => $lang->remove_redirects, 'removesubscriptions' => $lang->remove_subscriptions, 'approveunapprovethread' => $lang->approve_unapprove_thread); switch ($db->type) { case "pgsql": case "sqlite": $query = $db->simple_select("modtools", 'tid, name', "(','||forums||',' LIKE '%,{$fid},%' OR ','||forums||',' LIKE '%,-1,%' OR forums='') AND type = 't'"); break; default: $query = $db->simple_select("modtools", 'tid, name', "(CONCAT(',',forums,',') LIKE '%,{$fid},%' OR CONCAT(',',forums,',') LIKE '%,-1,%' OR forums='') AND type = 't'"); } while ($tool = $db->fetch_array($query)) { $actions['modtool_' . $tool['tid']] = htmlspecialchars_uni($tool['name']); } $delayedmods = '';
$repeats['weekday'] = $mybb->input['repeats_5_weekday']; $repeats['month'] = $mybb->input['repeats_5_month2']; $repeats['years'] = $mybb->input['repeats_5_years']; } break; default: $repeats['repeats'] = 0; } $event['repeats'] = $repeats; } } $eventhandler->set_data($event); // Now let the eventhandler do all the hard work. if (!$eventhandler->validate_event()) { $event_errors = $eventhandler->get_friendly_errors(); $event_errors = inline_error($event_errors); $mybb->input['action'] = "editevent"; } else { $details = $eventhandler->update_event(); $plugins->run_hooks("calendar_do_editevent_end"); redirect(get_event_link($event['eid']), $lang->redirect_eventupdated); } } if ($mybb->input['action'] == "editevent") { $query = $db->simple_select("events", "*", "eid='" . intval($mybb->input['eid']) . "'"); $event = $db->fetch_array($query); if (!is_numeric($event['eid'])) { error($lang->error_invalidevent); } $query = $db->simple_select("calendars", "*", "cid='{$event['cid']}'"); $calendar = $db->fetch_array($query);
} } // Register him $user = $FacebookConnect->register($newuser); // Insert options and extra data and login if (!$user['error']) { $db->update_query('users', $settingsToAdd, 'uid = ' . (int) $user['uid']); // Sync $newUser = array_merge($user, $settingsToAdd); $FacebookConnect->sync($newUser); // Login $FacebookConnect->login($user); // Redirect $FacebookConnect->redirect($mybb->input['redUrl'], $lang->sprintf($lang->myfbconnect_redirect_title, $user['username']), $lang->myfbconnect_redirect_registered); } else { $errors = inline_error($user['error']); } } $options = ''; $settingsToBuild = ''; // Checking if we want to sync that stuff (admin) $settingsToCheck = array('fbavatar', 'fbbday', 'fbsex', 'fbdetails', 'fbbio', 'fblocation'); foreach ($settingsToCheck as $setting) { $tempKey = 'myfbconnect_' . $setting; if ($mybb->settings[$tempKey]) { $settingsToBuild[] = $setting; } } foreach ($settingsToBuild as $setting) { $tempKey = 'myfbconnect_settings_' . $setting; $checked = " checked=\"checked\"";
function loginconvert_convert() { global $mybb, $db, $lang, $session, $plugins, $inline_errors, $errors; if ($mybb->input['action'] != "do_login" || $mybb->request_method != "post") { return; } // Checks to make sure the user can login; they haven't had too many tries at logging in. // Is a fatal call if user has had too many tries $logins = login_attempt_check(); $login_text = ''; // Did we come from the quick login form? if ($mybb->input['quick_login'] == "1" && $mybb->input['quick_password'] && $mybb->input['quick_username']) { $mybb->input['password'] = $mybb->input['quick_password']; $mybb->input['username'] = $mybb->input['quick_username']; } if (!username_exists($mybb->input['username'])) { my_setcookie('loginattempts', $logins + 1); error($lang->error_invalidpworusername . $login_text); } $query = $db->simple_select("users", "loginattempts", "LOWER(username)='" . $db->escape_string(my_strtolower($mybb->input['username'])) . "'", array('limit' => 1)); $loginattempts = $db->fetch_field($query, "loginattempts"); $errors = array(); $user = loginconvert_validate_password_from_username($mybb->input['username'], $mybb->input['password']); if (!$user['uid']) { my_setcookie('loginattempts', $logins + 1); $db->write_query("UPDATE " . TABLE_PREFIX . "users SET loginattempts=loginattempts+1 WHERE LOWER(username) = '" . $db->escape_string(my_strtolower($mybb->input['username'])) . "'"); $mybb->input['action'] = "login"; $mybb->input['request_method'] = "get"; if ($mybb->settings['failedlogintext'] == 1) { $login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins); } $errors[] = $lang->error_invalidpworusername . $login_text; } else { $correct = true; } if ($loginattempts > 3 || intval($mybb->cookies['loginattempts']) > 3) { // Show captcha image for guests if enabled if ($mybb->settings['captchaimage'] == 1 && function_exists("imagepng") && !$mybb->user['uid']) { // If previewing a post - check their current captcha input - if correct, hide the captcha input area if ($mybb->input['imagestring']) { $imagehash = $db->escape_string($mybb->input['imagehash']); $imagestring = $db->escape_string($mybb->input['imagestring']); $query = $db->simple_select("captcha", "*", "imagehash='{$imagehash}' AND imagestring='{$imagestring}'"); $imgcheck = $db->fetch_array($query); if ($imgcheck['dateline'] > 0) { $correct = true; } else { $db->delete_query("captcha", "imagehash='{$imagehash}'"); $errors[] = $lang->error_regimageinvalid; } } else { if ($mybb->input['quick_login'] == 1 && $mybb->input['quick_password'] && $mybb->input['quick_username']) { $errors[] = $lang->error_regimagerequired; } else { $errors[] = $lang->error_regimagerequired; } } } $do_captcha = true; } if (!empty($errors)) { $mybb->input['action'] = "login"; $mybb->input['request_method'] = "get"; $inline_errors = inline_error($errors); } else { if ($correct) { if ($user['coppauser']) { error($lang->error_awaitingcoppa); } my_setcookie('loginattempts', 1); $db->delete_query("sessions", "ip='" . $db->escape_string($session->ipaddress) . "' AND sid != '" . $session->sid . "'"); $newsession = array("uid" => $user['uid']); $db->update_query("sessions", $newsession, "sid='" . $session->sid . "'"); $db->update_query("users", array("loginattempts" => 1), "uid='{$user['uid']}'"); my_setcookie("mybbuser", $user['uid'] . "_" . $user['loginkey'], null, true); my_setcookie("sid", $session->sid, -1, true); $plugins->run_hooks("member_do_login_end"); if ($mybb->input['url'] != "" && my_strpos(basename($mybb->input['url']), 'member.php') === false) { if ((my_strpos(basename($mybb->input['url']), 'newthread.php') !== false || my_strpos(basename($mybb->input['url']), 'newreply.php') !== false) && my_strpos($mybb->input['url'], '&processed=1') !== false) { $mybb->input['url'] = str_replace('&processed=1', '', $mybb->input['url']); } $mybb->input['url'] = str_replace('&', '&', $mybb->input['url']); // Redirect to the URL if it is not member.php redirect(htmlentities($mybb->input['url']), $lang->redirect_loggedin); } else { redirect("index.php", $lang->redirect_loggedin); } } else { $mybb->input['action'] = "login"; $mybb->input['request_method'] = "get"; } } }
if (isset($mybb->input['options']['savecopy']) && $mybb->input['options']['savecopy'] == 1) { $pm['options']['savecopy'] = 1; } else { $pm['options']['savecopy'] = 0; } if (isset($mybb->input['options']['readreceipt'])) { $pm['options']['readreceipt'] = $mybb->input['options']['readreceipt']; } if (!empty($mybb->input['saveasdraft'])) { $pm['saveasdraft'] = 1; } $pmhandler->set_data($pm); // Now let the pm handler do all the hard work. if (!$pmhandler->validate_pm()) { $pm_errors = $pmhandler->get_friendly_errors(); $send_errors = inline_error($pm_errors); $mybb->input['action'] = "send"; } else { $pminfo = $pmhandler->insert_pm(); $plugins->run_hooks("private_do_send_end"); if (isset($pminfo['draftsaved'])) { redirect("private.php", $lang->redirect_pmsaved); } else { redirect("private.php", $lang->redirect_pmsent); } } } if ($mybb->input['action'] == "send") { if ($mybb->usergroup['cansendpms'] == 0) { error_no_permission(); }
$post = array("tid" => $mybb->input['tid'], "replyto" => $mybb->input['replyto'], "fid" => $thread['fid'], "subject" => $mybb->input['subject'], "icon" => $mybb->input['icon'], "uid" => $uid, "username" => $username, "message" => $mybb->input['message'], "ipaddress" => get_ip(), "posthash" => $mybb->input['posthash']); if ($mybb->input['pid']) { $post['pid'] = $mybb->input['pid']; } $posthandler->set_data($post); // Now let the post handler do all the hard work. $valid_post = $posthandler->verify_message(); $valid_subject = $posthandler->verify_subject(); $post_errors = array(); // Fetch friendly error messages if this is an invalid post if (!$valid_post || !$valid_subject) { $post_errors = $posthandler->get_friendly_errors(); } // One or more errors returned, fetch error list and throw to newreply page if (count($post_errors) > 0) { $reply_errors = inline_error($post_errors); } else { $quote_ids = htmlspecialchars_uni($mybb->input['quote_ids']); if (!$mybb->input['username']) { $mybb->input['username'] = $lang->guest; } if ($mybb->input['username'] && !$mybb->user['uid']) { $mybb->user = validate_password_from_username($mybb->input['username'], $mybb->input['password']); } $mybb->input['icon'] = intval($mybb->input['icon']); $query = $db->query("\n\t\t\t\tSELECT u.*, f.*\n\t\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\t\t\tWHERE u.uid='" . $mybb->user['uid'] . "'\n\t\t\t"); $post = $db->fetch_array($query); if (!$mybb->user['uid'] || !$post['username']) { $post['username'] = $mybb->input['username']; } else { $post['userusername'] = $mybb->user['username'];
/** * Updates userdata * * @param array $userdata Data of the User (uid is required as index) * @param boolean Return errors as MyBB array or nicely formated? * @return boolean|array */ function updateUser($userdata = array(), $inline_error = true) { // Userdata Array needs to contain the UserID if (!isset($userdata['uid'])) { $this->_errorAndDie('A UserID (Array-Key: <i>uid</i>) is required to update a user'); } require_once MYBB_ROOT . 'inc/functions_user.php'; require_once MYBB_ROOT . 'inc/datahandlers/user.php'; $userhandler = new UserDataHandler('update'); $userhandler->set_data($userdata); if (!$userhandler->validate_user()) { $errors = $userhandler->get_friendly_errors(); return $inline_error === true ? inline_error($errors) : $errors; } $userhandler->update_user(); return true; }
$attachcache[0][$attachment['aid']] = $attachment; } $postbit = build_postbit($post, 1); eval("\$preview = \"" . $templates->get("previewpost") . "\";"); } $message = htmlspecialchars_uni($mybb->input['message']); $subject = htmlspecialchars_uni($mybb->input['subject']); } else { if ($mybb->input['attachmentaid'] || $mybb->input['newattachment'] || $mybb->input['updateattachment'] || $thread_errors) { $message = htmlspecialchars_uni($mybb->input['message']); $subject = htmlspecialchars_uni($mybb->input['subject']); } } // Do we have attachment errors? if (count($errors) > 0) { $thread_errors = inline_error($errors); } // Generate thread prefix selector if (!intval($mybb->input['threadprefix'])) { $mybb->input['threadprefix'] = 0; } $prefixselect = build_prefix_select($forum['fid'], $mybb->input['threadprefix']); $posthash = htmlspecialchars_uni($mybb->input['posthash']); // Can we disable smilies or are they disabled already? if ($forum['allowsmilies'] != 0) { eval("\$disablesmilies = \"" . $templates->get("newthread_disablesmilies") . "\";"); } else { $disablesmilies = "<input type=\"hidden\" name=\"postoptions[disablesmilies]\" value=\"no\" />"; } // Show the moderator options if (is_moderator($fid)) {
function fatal_error2($errorMsg) { global $page, $lang, $context, $errors; $context['page_title'] = $errorMsg; $errors = inline_error($errorMsg); gallery_header(); echo $errors; gallery_footer(); exit; }
function ougc_awards_modcp() { global $mybb, $modcp_nav, $templates, $lang, $awards; $permission = (bool) ($mybb->settings['ougc_awards_modcp'] && ($mybb->settings['ougc_awards_modgroups'] == -1 || $mybb->settings['ougc_awards_modgroups'] && $awards->check_groups($mybb->settings['ougc_awards_modgroups'], false))); if ($permission) { $awards->lang_load(); eval('$awards_nav = "' . $templates->get('ougcawards_modcp_nav') . '";'); $modcp_nav = str_replace('<!--OUGC_AWARDS-->', $awards_nav, $modcp_nav); } if ($mybb->input['action'] != 'awards') { return; } $permission or error_no_permission(); $awards->lang_load(); global $headerinclude, $header, $theme, $footer, $db; add_breadcrumb($lang->ougc_awards_modcp_nav, $awards->build_url()); $error = array(); $errors = ''; // We can give awards from the ModCP if ($mybb->input['manage'] == 'give') { if (!($award = $awards->get_award($mybb->input['aid']))) { error($lang->ougc_awards_error_wrongaward); } add_breadcrumb(strip_tags($award['name'])); add_breadcrumb($lang->ougc_awards_modcp_give); if (!$award['visible']) { error($lang->ougc_awards_error_wrongaward); } if ($mybb->request_method == 'post') { if (!($user = $awards->get_user_by_username($mybb->input['username']))) { $errors = inline_error($lang->ougc_awards_error_invaliduser); } elseif ($awards->get_gived_award($award['aid'], $user['uid'])) { $errors = inline_error($lang->ougc_awards_error_give); } elseif (!$awards->can_edit_user($user['uid'])) { $errors = inline_error($lang->ougc_awards_error_giveperm); } else { $awards->give_award($award, $user, $mybb->input['reason']); $awards->log_action(); $awards->redirect($lang->ougc_awards_redirect_gived); } } $lang->ougc_awards_modcp_title_give = $lang->sprintf($lang->ougc_awards_modcp_title_give, $awards->get_award_info('name', $award['aid'], $award['name'])); eval('$reason = "' . $templates->get('ougcawards_modcp_manage_reason') . '";'); eval('$content = "' . $templates->get('ougcawards_modcp_manage') . '";'); eval('$page = "' . $templates->get('ougcawards_modcp') . '";'); output_page($page); exit; } elseif ($mybb->input['manage'] == 'revoke') { if (!($award = $awards->get_award($mybb->input['aid']))) { error($lang->ougc_awards_error_wrongaward); } add_breadcrumb(strip_tags($award['name'])); add_breadcrumb($lang->ougc_awards_modcp_revoke); if (!$award['visible']) { error($lang->ougc_awards_error_wrongaward); } if ($mybb->request_method == 'post') { if (!($user = $awards->get_user_by_username($mybb->input['username']))) { $errors = inline_error($lang->ougc_awards_error_invaliduser); } elseif (!$awards->get_gived_award($award['aid'], $user['uid'])) { $errors = inline_error($lang->ougc_awards_error_notgive); } elseif (!$awards->can_edit_user($user['uid'])) { $errors = inline_error($lang->ougc_awards_error_giveperm); } else { $awards->revoke_award($award['aid'], $user['uid']); $awards->log_action(); $awards->redirect($lang->ougc_awards_redirect_revoked); } } $lang->ougc_awards_modcp_title_give = $lang->sprintf($lang->ougc_awards_modcp_title_give, $awards->get_award_info('name', $award['aid'], $award['name'])); $lang->ougc_awards_modcp_give = $lang->ougc_awards_modcp_revoke; eval('$content = "' . $templates->get('ougcawards_modcp_manage') . '";'); eval('$page = "' . $templates->get('ougcawards_modcp') . '";'); output_page($page); exit; } else { $limit = (int) $mybb->settings['ougc_awards_perpage']; $limit = $limit > 100 ? 100 : ($limit < 1 ? 1 : $limit); $mybb->input['page'] = (int) $mybb->input['page']; if ($mybb->input['page'] && $mybb->input['page'] > 0) { $start = ($mybb->input['page'] - 1) * $limit; } else { $start = 0; $mybb->input['page'] = 1; } $awardlist = $multipage = ''; $query = $db->simple_select('ougc_awards', '*', 'visible=\'1\'', array('limit_start' => $start, 'limit' => $limit)); if (!$db->num_rows($query)) { eval('$awardlist = "' . $templates->get('ougcawards_modcp_list_empty') . '";'); } else { while ($award = $db->fetch_array($query)) { $trow = alt_trow(); $award['aid'] = (int) $award['aid']; $award['image'] = $awards->get_award_icon($award['aid']); if ($name = $awards->get_award_info('name', $award['aid'])) { $award['name'] = $name; } if ($description = $awards->get_award_info('description', $award['aid'])) { $award['description'] = $description; } eval('$awardlist .= "' . $templates->get('ougcawards_modcp_list_award') . '";'); } $query = $db->simple_select('ougc_awards', 'COUNT(aid) AS awards', $where); $awardscount = (int) $db->fetch_field($query, 'awards'); $multipage = multipage($awardscount, $limit, $mybb->input['page'], $awards->build_url()); isset($multipage) or $multipage = ''; } eval('$content = "' . $templates->get('ougcawards_modcp_list') . '".$multipage;'); eval('$page = "' . $templates->get('ougcawards_modcp') . '";'); output_page($page); exit; } }
$query = $db->simple_select("edithistory", "*", "eid='" . $mybb->get_input('eid', MyBB::INPUT_INT) . "'"); $history = $db->fetch_array($query); if (!$history['eid']) { error($lang->error_no_log); } // Set up posthandler. require_once MYBB_ROOT . "inc/datahandlers/post.php"; $posthandler = new PostDataHandler("update"); $posthandler->action = "post"; // Set the post data that came from the input to the $post array. $post = array("pid" => (int) $history['pid'], "subject" => $history['subject'], "edit_uid" => 0, "message" => $history['originaltext']); $posthandler->set_data($post); // Now let the post handler do all the hard work. if (!$posthandler->validate_post()) { $edit_errors = $posthandler->get_friendly_errors(); $post_errors = inline_error($edit_errors); $mybb->input['action'] = ""; } else { $postinfo = $posthandler->update_post(); $url = get_post_link($history['pid'], $history['tid']) . "#pid{$history['pid']}"; redirect($url, $lang->redirect_postreverted); } } // Show the edit history for this post. if (!$mybb->input['action']) { $lang->edit_history = $lang->sprintf($lang->edit_history, htmlspecialchars_uni($post['subject'])); // Get edit history $edit_history = ''; if (!$mybb->settings['editsperpages']) { $mybb->settings['editsperpages'] = 10; }
function newpoints_shop_page() { global $mybb, $db, $lang, $cache, $theme, $header, $templates, $plugins, $headerinclude, $footer, $options, $inline_errors; if (!$mybb->user['uid']) { return; } newpoints_lang_load("newpoints_shop"); if ($mybb->input['action'] == "do_shop") { verify_post_check($mybb->input['postcode']); $plugins->run_hooks("newpoints_do_shop_start"); switch ($mybb->input['shop_action']) { case 'buy': $plugins->run_hooks("newpoints_shop_buy_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } if (floatval($item['price']) > floatval($mybb->user['newpoints'])) { $errors[] = $lang->newpoints_shop_not_enough; } if ($item['infinite'] != 1 && $item['stock'] <= 0) { $errors[] = $lang->newpoints_shop_out_of_stock; } if ($item['limit'] != 0) { // Get how many items of this type we have in our inventory $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { $myitems = array(); } // If more than or equal to $item['limit'] -> FAILED if (count(array_keys($myitems, $item['iid'])) >= $item['limit']) { $errors[] = $lang->newpoints_shop_limit_reached; } } if (!empty($errors)) { $inline_errors = inline_error($errors, $lang->newpoints_shop_inline_errors); $mybb->input = array(); $mybb->input['action'] = 'shop'; } else { $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { $myitems = array(); } $myitems[] = $item['iid']; $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); // update stock if ($item['infinite'] != 1) { $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] - 1), 'iid=\'' . $item['iid'] . '\''); } // get money from user newpoints_addpoints($mybb->user['uid'], -floatval($item['price'])); if (!empty($item['pm'])) { // send PM if item has private message newpoints_send_pm(array('subject' => $lang->newpoints_shop_bought_item_pm_subject, 'message' => $item['pm'], 'touid' => $mybb->user['uid'], 'receivepms' => 1), -1); } $plugins->run_hooks("newpoints_shop_buy_end", $item); // log purchase newpoints_log('shop_purchase', $lang->sprintf($lang->newpoints_shop_purchased_log, $item['iid'], $item['price'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop", $lang->newpoints_shop_item_bought, $lang->newpoints_shop_item_bought_title); } break; case 'send': $plugins->run_hooks("newpoints_shop_send_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $lang->newpoints_shop_action = $lang->newpoints_shop_send_item; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 2; $shop_action = 'do_send'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"50%\"><strong>" . $lang->newpoints_shop_send_item_username . ":</strong><br /><small>" . $lang->newpoints_shop_send_item_message . "</small></td><td class=\"trow1\" width=\"50%\"><input type=\"text\" class=\"textbox\" name=\"username\" value=\"\"></td>"; $plugins->run_hooks("newpoints_shop_send_end"); eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";"); output_page($page); break; case 'do_send': $plugins->run_hooks("newpoints_shop_do_send_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $username = trim($mybb->input['username']); if (!($user = newpoints_getuser_byname($username))) { error($lang->newpoints_shop_invalid_user); } else { if ($user['uid'] == $mybb->user['uid']) { error($lang->newpoints_shop_cant_send_item_self); } // send item to the selected user $useritems = @unserialize($user['newpoints_items']); if (!$useritems) { $useritems = array(); } $useritems[] = $item['iid']; $db->update_query('users', array('newpoints_items' => serialize($useritems)), 'uid=\'' . $user['uid'] . '\''); // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); $plugins->run_hooks("newpoints_shop_do_send_end"); // send pm to user newpoints_send_pm(array('subject' => $lang->newpoints_shop_item_received_title, 'message' => $lang->sprintf($lang->newpoints_shop_item_received, htmlspecialchars_uni($mybb->user['username']), htmlspecialchars_uni($item['name'])), 'touid' => $user['uid'], 'receivepms' => 1), -1); // log newpoints_log('shop_send', $lang->sprintf($lang->newpoints_shop_sent_log, $item['iid'], $user['uid'], $user['username'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sent, $lang->newpoints_shop_item_sent_title); } break; case 'sell': $plugins->run_hooks("newpoints_shop_sell_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $lang->newpoints_shop_action = $lang->newpoints_shop_sell_item; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 1; $shop_action = 'do_sell'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"100%\">" . $lang->sprintf($lang->newpoints_shop_sell_item_confirm, htmlspecialchars_uni($item['name']), newpoints_format_points(floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])) . "</td>"; $plugins->run_hooks("newpoints_shop_sell_end"); eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";"); output_page($page); break; case 'do_sell': $plugins->run_hooks("newpoints_shop_do_sell_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); // update stock if ($item['infinite'] != 1) { $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] + 1), 'iid=\'' . $item['iid'] . '\''); } newpoints_addpoints($mybb->user['uid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent']); $plugins->run_hooks("newpoints_shop_do_sell_end"); // log newpoints_log('shop_sell', $lang->sprintf($lang->newpoints_shop_sell_log, $item['iid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sell, $lang->newpoints_shop_item_sell_title); break; default: error_no_permission(); } $plugins->run_hooks("newpoints_do_shop_end"); } // shop page if ($mybb->input['action'] == "shop") { $plugins->run_hooks("newpoints_shop_start"); if ($mybb->input['shop_action'] == 'view') { // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $item['name'] = htmlspecialchars_uni($item['name']); $item['description'] = htmlspecialchars_uni($item['description']); // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } $item['price'] = newpoints_format_points($item['price']); if ($item['price'] > $mybb->user['newpoints']) { $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>'; } // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } if ($item['infinite'] == 1) { $item['stock'] = $lang->newpoints_shop_infinite; } else { $item['stock'] = intval($item['stock']); } if ($item['sendable'] == 1) { $item['sendable'] = $lang->newpoints_shop_yes; } else { $item['sendable'] = $lang->newpoints_shop_no; } if ($item['sellable'] == 1) { $item['sellable'] = $lang->newpoints_shop_yes; } else { $item['sellable'] = $lang->newpoints_shop_no; } eval("\$page = \"" . $templates->get('newpoints_shop_view_item') . "\";"); } elseif ($mybb->input['shop_action'] == 'myitems') { $uid = intval($mybb->input['uid']); $uidpart = ''; if ($uid > 0) { $user = get_user($uid); // we're viewing someone else's inventory if (!empty($user)) { // we can't view others inventories if we don't have enough previleges if ($mybb->settings['newpoints_shop_viewothers'] != 1 && $mybb->usergroup['cancp'] != 1 && $mybb->user['uid'] != $uid) { error_no_permission(); } $myitems = @unserialize($user['newpoints_items']); $lang->newpoints_shop_myitems = $lang->sprintf($lang->newpoints_shop_items_username, htmlspecialchars_uni($user['username'])); $uidpart = "&uid=" . $uid; // we need this for pagination } else { $myitems = @unserialize($mybb->user['newpoints_items']); } } else { $myitems = @unserialize($mybb->user['newpoints_items']); } $items = ''; $newrow = true; $invert_bgcolor = alt_trow(); if ($mybb->settings['newpoints_shop_sendable'] != 1) { $sendable = false; } else { $sendable = true; } if ($mybb->settings['newpoints_shop_sellable'] != 1) { $sellable = false; } else { $sellable = true; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $parser_options = array('allow_mycode' => 1, 'allow_smilies' => 1, 'allow_imgcode' => 0, 'allow_html' => 0, 'filter_badwords' => 1); if (!empty($myitems)) { // pagination $per_page = 10; $mybb->input['page'] = intval($mybb->input['page']); if ($mybb->input['page'] && $mybb->input['page'] > 1) { $mybb->input['page'] = intval($mybb->input['page']); $start = $mybb->input['page'] * $per_page - $per_page; } else { $mybb->input['page'] = 1; $start = 0; } // total items $total_rows = $db->fetch_field($db->simple_select("newpoints_shop_items", "COUNT(iid) as items", 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')'), "items"); // multi-page if ($total_rows > $per_page) { $multipage = multipage($total_rows, $per_page, $mybb->input['page'], $mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems" . $uidpart); } $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')', array('limit' => "{$start}, {$per_page}")); while ($item = $db->fetch_array($query)) { if ($newrow === true) { $trstart = '<tr>'; $trend = ''; $newrow = false; } elseif ($newrow === false) { $trstart = ''; $trend = '</tr>'; $newrow = true; } if ($sellable === true && $item['sellable']) { if ($sendable === true && $item['sendable']) { $tdstart = '<td width="50%">'; } else { $tdstart = '<td width="100%">'; } $sell = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="sell"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_sell . '"></form></td>'; } else { $sell = ''; } if ($sendable === true && $item['sendable']) { if ($sell == '') { $tdstart = '<td width="100%">'; } else { $tdstart = '<td width="50%">'; } $send = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="send"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_send . '"></form></td>'; } else { $send = ''; } if (!$send && !$sell) { $send = $lang->newpoints_shop_no_options; } $item['description'] = $parser->parse_message($item['description'], $parser_options); // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } $item['price'] = newpoints_format_points($item['price']); $item['quantity'] = count(array_keys($myitems, $item['iid'])); // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } $bgcolor = alt_trow(); $invert_bgcolor = alt_trow(); eval("\$items .= \"" . $trstart . $templates->get('newpoints_shop_myitems_item') . $trend . "\";"); } if (!$items) { eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";"); } else { if ($newrow === false) { eval("\$items .= \"" . $templates->get('newpoints_shop_myitems_item_empty') . "</tr>" . "\";"); $newrow = true; } } } else { eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";"); } eval("\$page = \"" . $templates->get('newpoints_shop_myitems') . "\";"); } else { // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 $itemsrate = floatval($grouprules['items_rate']); global $cats, $items; // get categories $query = $db->simple_select('newpoints_shop_categories', '*', '', array('order_by' => 'disporder', 'order_dir' => 'ASC')); while ($cat = $db->fetch_array($query)) { $categories[$cat['cid']] = $cat; } // get items and store them in their categories $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND cid>0', array('order_by' => 'disporder', 'order_dir' => 'ASC')); while ($item = $db->fetch_array($query)) { $items_array[$item['cid']][$item['iid']] = $item; } $cats = ''; $bgcolor = ''; $bgcolor = alt_trow(); // build items and categories if (!empty($categories)) { foreach ($categories as $cid => $category) { $items = ''; if ($category['items'] > 0 && !empty($items_array[$category['cid']])) { foreach ($items_array as $cid => $member) { if ($cid != $category['cid']) { continue; } $bgcolor = alt_trow(); foreach ($member as $iid => $item) { // skip hidden items if ($item['visible'] == 0) { continue; } if ($item['infinite'] == 1) { $item['stock'] = $lang->newpoints_shop_infinite; } if ($item['price'] > $mybb->user['newpoints']) { $enough_money = false; } else { $enough_money = true; } $item['name'] = htmlspecialchars_uni($item['name']); $item['description'] = htmlspecialchars_uni($item['description']); $item['price'] = newpoints_format_points($item['price'] * $itemsrate); // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } if (!$enough_money) { $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>'; } eval("\$items .= \"" . $templates->get('newpoints_shop_item') . "\";"); } } } else { eval("\$items = \"" . $templates->get('newpoints_shop_no_items') . "\";"); } // if it's not visible, don't show it if ($category['visible'] == 0) { continue; } // check if we have permissions to view the category if (!newpoints_shop_check_permissions($category['usergroups'])) { continue; } // Expanded by default feature global $extdisplay, $expcolimage, $expdisplay, $expaltext, $icon; $expdisplay = ''; if (intval($category['expanded']) == 0) { $expcolimage = "collapse_collapsed.gif"; $expdisplay = "display: none;"; $expaltext = "[+]"; } else { $expcolimage = "collapse.gif"; $expaltext = "[-]"; } // build icon if ($category['icon'] != '') { $category['icon'] = htmlspecialchars_uni($category['icon']); $category['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $category['icon'] . '" style="vertical-align:middle">'; } // sanitize html $category['description'] = htmlspecialchars_uni($category['description']); $category['name'] = htmlspecialchars_uni($category['name']); eval("\$cats .= \"" . $templates->get('newpoints_shop_category') . "\";"); } } else { eval("\$cats = \"" . $templates->get('newpoints_shop_no_cats') . "\";"); } eval("\$page = \"" . $templates->get('newpoints_shop') . "\";"); } $plugins->run_hooks("newpoints_shop_end"); // output page output_page($page); } }
if (!$warning['wid']) { error($lang->error_invalid_warning); } else { if ($warning['daterevoked']) { error($lang->warning_already_revoked); } } $user = get_user($warning['uid']); $group_permissions = user_permissions($user['uid']); if ($group_permissions['canreceivewarnings'] != 1) { error($lang->error_cant_warn_group); } $plugins->run_hooks("warnings_do_revoke_start"); if (!trim($mybb->input['reason'])) { $warn_errors[] = $lang->no_revoke_reason; $warn_errors = inline_error($warn_errors); $mybb->input['action'] = "view"; } else { // Warning is still active, lower users point count if ($warning['expired'] != 1) { $new_warning_points = $user['warningpoints'] - $warning['points']; if ($new_warning_points < 0) { $new_warning_points = 0; } $updated_user = array("warningpoints" => $new_warning_points); // check if we need to revoke any consequences with this warning $current_level = round($user['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); $new_warning_level = round($new_warning_points / $mybb->settings['maxwarningpoints'] * 100); $query = $db->simple_select("warninglevels", "action", "percentage>{$new_warning_level} AND percentage<={$current_level}"); if ($db->num_rows($query)) { // we have some warning levels we need to revoke
if (ALLOWABLE_PAGE !== 1) { error_no_permission(); } } } else { error_no_permission(); } } // Find out if this user of ours is using a banned email address. // If they are, redirect them to change it if ($mybb->user['uid'] && is_banned_email($mybb->user['email']) && $mybb->settings['emailkeep'] != 1) { if (THIS_SCRIPT != 'usercp.php' || THIS_SCRIPT == 'usercp.php' && $mybb->get_input('action') != 'email' && $mybb->get_input('action') != 'do_email') { redirect('usercp.php?action=email'); } else { if ($mybb->request_method != 'post') { $banned_email_error = inline_error(array($lang->banned_email_warning)); } } } // work out which items the user has collapsed $colcookie = ''; if (!empty($mybb->cookies['collapsed'])) { $colcookie = $mybb->cookies['collapsed']; } // set up collapsable items (to automatically show them us expanded) $collapsed = array('boardstats' => '', 'boardstats_e' => '', 'quickreply' => '', 'quickreply_e' => ''); $collapsedimg = $collapsed; if ($colcookie) { $col = explode("|", $colcookie); if (!is_array($col)) { $col[0] = $colcookie;
} } $query = $db->simple_select("users", "uid, username, email, hideemail, ignorelist", "uid='" . $mybb->get_input('uid', MyBB::INPUT_INT) . "'"); $to_user = $db->fetch_array($query); $lang->email_user = $lang->sprintf($lang->email_user, $to_user['username']); if (!$to_user['uid']) { error($lang->error_invaliduser); } if ($to_user['hideemail'] != 0) { error($lang->error_hideemail); } if ($to_user['ignorelist'] && (my_strpos("," . $to_user['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") !== false && $mybb->usergroup['cansendemailoverride'] != 1)) { error_no_permission(); } if (isset($errors) && count($errors) > 0) { $errors = inline_error($errors); $fromname = htmlspecialchars_uni($mybb->get_input('fromname')); $fromemail = htmlspecialchars_uni($mybb->get_input('fromemail')); $subject = htmlspecialchars_uni($mybb->get_input('subject')); $message = htmlspecialchars_uni($mybb->get_input('message')); } else { $errors = ''; $fromname = ''; $fromemail = ''; $subject = ''; $message = ''; } // Generate CAPTCHA? if ($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0) { require_once MYBB_ROOT . 'inc/class_captcha.php'; $post_captcha = new captcha(true, "post_captcha");
$valid_thread = $posthandler->verify_message(); $valid_subject = $posthandler->verify_subject(); // guest post --> verify author if ($new_thread['uid'] == 0) { $valid_username = $posthandler->verify_author(); } else { $valid_username = true; } $post_errors = array(); // Fetch friendly error messages if this is an invalid post if (!$valid_thread || !$valid_subject || !$valid_username) { $post_errors = $posthandler->get_friendly_errors(); } // One or more errors returned, fetch error list and throw to newreply page if (count($post_errors) > 0) { $thread_errors = inline_error($post_errors); } else { if (!$mybb->input['username']) { $mybb->input['username'] = $lang->guest; } $query = $db->query("\n\t\t\t\tSELECT u.*, f.*\n\t\t\t\tFROM " . TABLE_PREFIX . "users u\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "userfields f ON (f.ufid=u.uid)\n\t\t\t\tWHERE u.uid='" . $mybb->user['uid'] . "'\n\t\t\t"); $post = $db->fetch_array($query); if (!$mybb->user['uid'] || !$post['username']) { $post['username'] = htmlspecialchars_uni($mybb->input['username']); } else { $post['userusername'] = $mybb->user['username']; $post['username'] = $mybb->user['username']; } $previewmessage = $mybb->input['message']; $post['message'] = $previewmessage; $post['subject'] = $mybb->input['subject'];