function upgrade31_dbchanges() { global $db, $output; $output->print_header("Updating Database"); echo "<p>Performing necessary upgrade queries...</p>"; flush(); $query = $db->simple_select("templategroups", "COUNT(*) as numexists", "prefix='sendthread'"); if ($db->fetch_field($query, "numexists") == 0) { $db->insert_query("templategroups", array('prefix' => 'sendthread', 'title' => '<lang:group_sendthread>', 'isdefault' => '1')); } $db->update_query('settings', array('optionscode' => 'numeric'), 'name IN (\'statslimit\', \'maxmultipagelinks\', \'deleteinvites\', \'gziplevel\', \'subforumsindex\', \'showbirthdayspostlimit\', \'threadsperpage\') AND optionscode=\'text\''); $db->update_query('settings', array('optionscode' => 'numeric'), 'name IN (\'hottopic\', \'hottopicviews\', \'announcementlimit\', \'postsperpage\', \'threadreadcut\', \'similarityrating\', \'similarlimit\') AND optionscode=\'text\''); $db->update_query('settings', array('optionscode' => 'numeric'), 'name IN (\'minnamelength\', \'maxnamelength\', \'minpasswordlength\', \'maxpasswordlength\', \'betweenregstime\', \'maxregsbetweentime\', \'failedcaptchalogincount\') AND optionscode=\'text\''); $db->update_query('settings', array('optionscode' => 'numeric'), 'name IN (\'failedlogincount\', \'failedlogintime\', \'regtime\', \'maxsigimages\', \'siglength\', \'avatarsize\', \'customtitlemaxlength\') AND optionscode=\'text\''); $db->update_query('settings', array('optionscode' => 'numeric'), 'name IN (\'minmessagelength\', \'maxmessagelength\', \'postfloodsecs\', \'postmergemins\', \'maxpostimages\', \'maxpostvideos\', \'subscribeexcerpt\') AND optionscode=\'text\''); $db->update_query('settings', array('optionscode' => 'numeric'), 'name IN (\'wordwrap\', \'maxquotedepth\', \'polloptionlimit\', \'maxpolloptions\', \'polltimelimit\', \'maxattachments\', \'attachthumbh\') AND optionscode=\'text\''); $db->update_query('settings', array('optionscode' => 'numeric'), 'name IN (\'attachthumbw\', \'membersperpage\', \'repsperpage\', \'maxreplength\', \'minreplength\', \'maxwarningpoints\', \'pmfloodsecs\') AND optionscode=\'text\''); $db->update_query('settings', array('optionscode' => 'numeric'), 'name IN (\'maxpmquotedepth\', \'wolcutoffmins\', \'refreshwol\', \'prunepostcount\', \'dayspruneregistered\', \'dayspruneunactivated\', \'portal_numannouncements\') AND optionscode=\'text\''); $db->update_query('settings', array('optionscode' => 'numeric'), 'name IN (\'portal_showdiscussionsnum\', \'searchfloodtime\', \'minsearchword\', \'searchhardlimit\', \'smilieinsertertot\', \'smilieinsertercols\', \'maxloginattempts\') AND optionscode=\'text\''); $db->update_query('settings', array('optionscode' => 'numeric'), 'name IN (\'loginattemptstimeout\', \'contact_maxsubjectlength\', \'contact_minmessagelength\', \'contact_maxmessagelength\', \'purgespammerpostlimit\', \'purgespammerbangroup\', \'statscachetime\') AND optionscode=\'text\''); // Update help documents $query = $db->simple_select('helpdocs', 'document', 'hid=\'3\''); $helpdoc = $db->fetch_array($query); if (my_strpos($helpdoc['document'], ';key={1}') !== false) { $helpdoc['document'] = str_replace(';key={1}', ';my_post_key={1}', $helpdoc['document']); } $db->update_query('helpdocs', array('document' => $db->escape_string($helpdoc['document'])), 'hid=\'3\''); $output->print_contents("<p>Click next to continue with the upgrade process.</p>"); $output->print_footer("31_done"); }
/** * Verifies if a username is valid or invalid. * * @param boolean True when valid, false when invalid. */ function verify_username() { global $mybb; $username =& $this->data['username']; require_once MYBB_ROOT . 'inc/functions_user.php'; // Fix bad characters $username = trim_blank_chrs($username); $username = str_replace(array(unichr(160), unichr(173), unichr(0xca), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username); // Remove multiple spaces from the username $username = preg_replace("#\\s{2,}#", " ", $username); // Check if the username is not empty. if ($username == '') { $this->set_error('missing_username'); return false; } // Check if the username belongs to the list of banned usernames. if (is_banned_username($username, true)) { $this->set_error('banned_username'); return false; } // Check for certain characters in username (<, >, &, commas and slashes) if (strpos($username, "<") !== false || strpos($username, ">") !== false || strpos($username, "&") !== false || my_strpos($username, "\\") !== false || strpos($username, ";") !== false || strpos($username, ",") !== false || !validate_utf8_string($username, false, false)) { $this->set_error("bad_characters_username"); return false; } // Check if the username is of the correct length. if ($mybb->settings['maxnamelength'] != 0 && my_strlen($username) > $mybb->settings['maxnamelength'] || $mybb->settings['minnamelength'] != 0 && my_strlen($username) < $mybb->settings['minnamelength']) { $this->set_error('invalid_username_length', array($mybb->settings['minnamelength'], $mybb->settings['maxnamelength'])); return false; } return true; }
function get_board_stat_func() { global $mybb, $cache, $db; // Get the online users. $timesearch = TIME_NOW - $mybb->settings['wolcutoff']; $query = $db->query("\n SELECT s.sid, s.uid, s.time\n FROM " . TABLE_PREFIX . "sessions s\n WHERE s.time>'{$timesearch}'\n ORDER BY s.time DESC\n "); $membercount = 0; $guestcount = 0; $doneusers = array(); // Fetch spiders $spiders = $cache->read("spiders"); // Loop through all users. while ($user = $db->fetch_array($query)) { // Create a key to test if this user is a search bot. $botkey = my_strtolower(str_replace("bot=", '', $user['sid'])); // Decide what type of user we are dealing with. if ($user['uid'] > 0) { // The user is registered. if ($doneusers[$user['uid']] < $user['time'] || !$doneusers[$user['uid']]) { ++$membercount; $doneusers[$user['uid']] = $user['time']; } } elseif (my_strpos($user['sid'], "bot=") !== false && $spiders[$botkey]) { } else { ++$guestcount; } } $onlinecount = $membercount + $guestcount; $stats = $cache->read("stats"); $board_stat = array('total_threads' => new xmlrpcval($stats['numthreads'], 'int'), 'total_posts' => new xmlrpcval($stats['numposts'], 'int'), 'total_members' => new xmlrpcval($stats['numusers'], 'int'), 'guest_online' => new xmlrpcval($guestcount, 'int'), 'total_online' => new xmlrpcval($onlinecount, 'int')); $response = new xmlrpcval($board_stat, 'struct'); return new xmlrpcresp($response); }
/** This is where you perform the action when the API is called, the parameter given is an instance of stdClass, this method should return an instance of stdClass. */ public function action() { global $mybb, $db, $cache; require_once MYBB_ROOT . "inc/functions_online.php"; $timesearch = TIME_NOW - $mybb->settings['wolcutoffmins'] * 60; switch ($db->type) { case "sqlite": $sessions = array(); $query = $db->simple_select("sessions", "sid", "time > {$timesearch}"); while ($sid = $db->fetch_field($query, "sid")) { $sessions[$sid] = 1; } $online_count = count($sessions); unset($sessions); break; case "pgsql": default: $query = $db->simple_select("sessions", "COUNT(sid) as online", "time > {$timesearch}"); $online_count = $db->fetch_field($query, "online"); break; } $query = $db->query("\n\t\t\tSELECT DISTINCT s.sid, s.ip, s.uid, s.time, s.location, u.username, s.nopermission, u.invisible, u.usergroup, u.displaygroup\n\t\t\tFROM " . TABLE_PREFIX . "sessions s\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (s.uid=u.uid)\n\t\t\tWHERE s.time>'{$timesearch}'\n\t\t\t"); //ORDER BY $sql // LIMIT {$start}, {$perpage} $users = array(); $guests = array(); $spiders = $cache->read("spiders"); while ($user = $db->fetch_array($query)) { // Fetch the WOL activity $user['activity'] = fetch_wol_activity($user['location'], $user['nopermission']); $botkey = my_strtolower(str_replace("bot=", '', $user['sid'])); // Have a registered user if ($user['uid'] > 0) { if ($users[$user['uid']]['time'] < $user['time'] || !$users[$user['uid']]) { $users[$user['uid']] = $user; } } else { if (my_strpos($user['sid'], "bot=") !== false && $spiders[$botkey]) { $user['bot'] = $spiders[$botkey]['name']; $user['usergroup'] = $spiders[$botkey]['usergroup']; $guests[] = $user; } else { $guests[] = $user; } } } foreach ($users as &$user) { $user["display"] = format_name($user["username"], $user["usergroup"], $user["displaygroup"]); } $stdClass = new stdClass(); // remove keys from this otherwise we will get an object of objects, sigh! $stdClass->users = array_values($users); $stdClass->guests = $guests; $stdClass->count = $online_count; $stdClass->wolcutoffmins = $mybb->settings["wolcutoffmins"]; $stdClass->mostonline = $cache->read("mostonline"); return $stdClass; }
/** * Initialize a session */ function init() { global $db, $mybb, $cache; // Get our visitor's IP. $this->ipaddress = get_ip(); $this->packedip = my_inet_pton($this->ipaddress); // Find out the user agent. $this->useragent = $_SERVER['HTTP_USER_AGENT']; // Attempt to find a session id in the cookies. if (isset($mybb->cookies['sid']) && !defined('IN_UPGRADE')) { $sid = $db->escape_string($mybb->cookies['sid']); // Load the session $query = $db->simple_select("sessions", "*", "sid='{$sid}' AND ip=" . $db->escape_binary($this->packedip)); $session = $db->fetch_array($query); if ($session['sid']) { $this->sid = $session['sid']; } } // If we have a valid session id and user id, load that users session. if (!empty($mybb->cookies['mybbuser'])) { $logon = explode("_", $mybb->cookies['mybbuser'], 2); $this->load_user($logon[0], $logon[1]); } // If no user still, then we have a guest. if (!isset($mybb->user['uid'])) { // Detect if this guest is a search engine spider. (bots don't get a cookied session ID so we first see if that's set) if (!$this->sid) { $spiders = $cache->read("spiders"); if (is_array($spiders)) { foreach ($spiders as $spider) { if (my_strpos(my_strtolower($this->useragent), my_strtolower($spider['useragent'])) !== false) { $this->load_spider($spider['sid']); } } } } // Still nothing? JUST A GUEST! if (!$this->is_spider) { $this->load_guest(); } } // As a token of our appreciation for getting this far (and they aren't a spider), give the user a cookie if ($this->sid && (!isset($mybb->cookies['sid']) || $mybb->cookies['sid'] != $this->sid) && $this->is_spider != true) { my_setcookie("sid", $this->sid, -1, true); } }
/** * Parses a error for processing. * * @param string The error type (i.e. E_ERROR, E_FATAL) * @param string The error message * @param string The error file * @param integer The error line * @return boolean True if parsing was a success, otherwise assume a error */ function error($type, $message, $file = null, $line = 0) { global $mybb; // Error reporting turned off (either globally or by @ before erroring statement) if (error_reporting() == 0) { return true; } if (in_array($type, $this->ignore_types)) { return true; } $file = str_replace(MYBB_ROOT, "", $file); // Do we have a PHP error? if (my_strpos(my_strtolower($this->error_types[$type]), 'warning') === false) { $this->debug->log->error("\$type: {$type} \$message: {$message} \$file: {$file} \$line: {$line}"); } else { $this->debug->log->warning("\$type: {$type} \$message: {$message} \$file: {$file} \$line: {$line}"); } return parent::error($type, $message, $file, $line); }
/** * Build a post bit * * @param array The post data * @param int The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post) * @return string The built post bit */ function build_postbit($post, $post_type = 0) { global $db, $altbg, $theme, $mybb, $postcounter; global $titlescache, $page, $templates, $forumpermissions, $attachcache; global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid; global $plugins, $parser, $cache, $ignored_users, $hascustomtitle; $hascustomtitle = 0; // Set default values for any fields not provided here foreach (array('subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm') as $post_field) { if (empty($post[$post_field])) { $post[$post_field] = ''; } } // Set up the message parser if it doesn't already exist. if (!$parser) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $unapproved_shade = ''; if ($post['visible'] == 0 && $post_type == 0) { $altbg = $unapproved_shade = 'trow_shaded'; } elseif ($altbg == 'trow1') { $altbg = 'trow2'; } else { $altbg = 'trow1'; } $post['fid'] = $fid; switch ($post_type) { case 1: // Message preview global $forum; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = 0; break; case 2: // Private message global $message, $pmid; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; break; case 3: // Announcement global $announcementarray, $message; $parser_options['allow_html'] = $announcementarray['allowhtml']; $parser_options['allow_mycode'] = $announcementarray['allowmycode']; $parser_options['allow_smilies'] = $announcementarray['allowsmilies']; $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; break; default: // Regular post global $forum, $thread, $tid; $oldforum = $forum; $id = intval($post['pid']); $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } break; } // Sanatize our custom profile fields for use in templates, if people choose to use them foreach ($post as $post_field => $field_value) { if (substr($post_field, 0, 3) != 'fid') { continue; } $post[$post_field] = htmlspecialchars_uni($field_value); } if (!$postcounter) { // Used to show the # of the post if ($page > 1) { if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) { $mybb->settings['postsperpage'] = 20; } $postcounter = $mybb->settings['postsperpage'] * ($page - 1); } else { $postcounter = 0; } $post_extra_style = "border-top-width: 0;"; } elseif ($mybb->input['mode'] == "threaded") { $post_extra_style = "border-top-width: 0;"; } else { $post_extra_style = "margin-top: 5px;"; } if (!$altbg) { // Define the alternate background colour if this is the first post $altbg = "trow1"; } $postcounter++; // Format the post date and time using my_date $post['postdate'] = my_date($mybb->settings['dateformat'], $post['dateline']); $post['posttime'] = my_date($mybb->settings['timeformat'], $post['dateline']); // Dont want any little 'nasties' in the subject $post['subject'] = $parser->parse_badwords($post['subject']); // Pm's have been htmlspecialchars_uni()'ed already. if ($post_type != 2) { $post['subject'] = htmlspecialchars_uni($post['subject']); } if (empty($post['subject'])) { $post['subject'] = ' '; } $post['author'] = $post['uid']; // Get the usergroup if ($post['userusername']) { if (!$post['displaygroup']) { $post['displaygroup'] = $post['usergroup']; } $usergroup = $groupscache[$post['displaygroup']]; } else { $usergroup = $groupscache[1]; } if (!is_array($titlescache)) { $cached_titles = $cache->read("usertitles"); if (!empty($cached_titles)) { foreach ($cached_titles as $usertitle) { $titlescache[$usertitle['posts']] = $usertitle; } } if (is_array($titlescache)) { krsort($titlescache); } unset($usertitle, $cached_titles); } // Work out the usergroup/title stuff $post['groupimage'] = ''; if (!empty($usergroup['image'])) { $language = $mybb->settings['bblanguage']; if (!empty($mybb->user['language'])) { $language = $mybb->user['language']; } $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']); $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']); eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";"); if ($mybb->settings['postlayout'] == "classic") { $post['groupimage'] .= "<br />"; } } if ($post['userusername']) { // This post was made by a registered user $post['username'] = $post['userusername']; $post['profilelink_plain'] = get_profile_link($post['uid']); $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']); $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']); if (trim($post['usertitle']) != "") { $hascustomtitle = 1; } if ($usergroup['usertitle'] != "" && !$hascustomtitle) { $post['usertitle'] = $usergroup['usertitle']; } elseif (is_array($titlescache) && !$usergroup['usertitle']) { reset($titlescache); foreach ($titlescache as $key => $titleinfo) { if ($post['postnum'] >= $key) { if (!$hascustomtitle) { $post['usertitle'] = $titleinfo['title']; } $post['stars'] = $titleinfo['stars']; $post['starimage'] = $titleinfo['starimage']; break; } } } if ($usergroup['stars']) { $post['stars'] = $usergroup['stars']; } if (empty($post['starimage'])) { $post['starimage'] = $usergroup['starimage']; } if ($post['starimage'] && $post['stars']) { // Only display stars if we have an image to use... $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']); $post['userstars'] = ''; for ($i = 0; $i < $post['stars']; ++$i) { $post['userstars'] .= "<img src=\"" . $post['starimage'] . "\" border=\"0\" alt=\"*\" />"; } $post['userstars'] .= "<br />"; } $postnum = $post['postnum']; $post['postnum'] = my_number_format($post['postnum']); // Determine the status to show for the user (Online/Offline/Away) $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if ($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_online") . "\";"); } else { if ($post['away'] == 1 && $mybb->settings['allowaway'] != 0) { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_away") . "\";"); } else { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";"); } } if ($post['avatar'] != "" && ($mybb->user['showavatars'] != 0 || !$mybb->user['uid'])) { $post['avatar'] = htmlspecialchars_uni($post['avatar']); $avatar_dimensions = explode("|", $post['avatardimensions']); if ($avatar_dimensions[0] && $avatar_dimensions[1]) { list($max_width, $max_height) = explode("x", my_strtolower($mybb->settings['postmaxavatarsize'])); if ($avatar_dimensions[0] > $max_width || $avatar_dimensions[1] > $max_height) { require_once MYBB_ROOT . "inc/functions_image.php"; $scaled_dimensions = scale_image($avatar_dimensions[0], $avatar_dimensions[1], $max_width, $max_height); $avatar_width_height = "width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\""; } else { $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\""; } } eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";"); $post['avatar_padding'] = "padding-right: 10px;"; } else { $post['useravatar'] = ''; $post['avatar_padding'] = ''; } eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";"); if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) { eval("\$post['button_pm'] = \"" . $templates->get("postbit_pm") . "\";"); } if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid']) { if (!$post['pid']) { $post['pid'] = 0; } eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";"); } if ($post['website'] != "") { $post['website'] = htmlspecialchars_uni($post['website']); eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";"); } else { $post['button_www'] = ""; } if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) { eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";"); } else { $post['button_email'] = ""; } $post['userregdate'] = my_date($mybb->settings['regdateformat'], $post['regdate']); // Work out the reputation this user has (only show if not announcement) if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) { $post['userreputation'] = get_reputation($post['reputation'], $post['uid']); eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";"); } // Showing the warning level? (only show if not announcement) if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) { $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); if ($warning_level > 100) { $warning_level = 100; } $warning_level = get_colored_warning_level($warning_level); // If we can warn them, it's not the same person, and we're in a PM or a post. if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) { eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";"); $warning_link = "warnings.php?uid={$post['uid']}"; } else { $warning_link = "usercp.php"; } eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";"); } eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";"); } else { // Message was posted by a guest or an unknown user $post['profilelink'] = format_name($post['username'], 1); if ($usergroup['usertitle']) { $post['usertitle'] = $usergroup['usertitle']; } else { $post['usertitle'] = $lang->guest; } $usergroup['title'] = $lang->na; $post['userregdate'] = $lang->na; $post['postnum'] = $lang->na; $post['button_profile'] = ''; $post['button_email'] = ''; $post['button_www'] = ''; $post['signature'] = ''; $post['button_pm'] = ''; $post['button_find'] = ''; $post['onlinestatus'] = ''; $post['replink'] = ''; eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";"); } $post['button_edit'] = ''; $post['button_quickdelete'] = ''; $post['button_quote'] = ''; $post['button_quickquote'] = ''; $post['button_report'] = ''; // For private messages, fetch the reply/forward/delete icons if ($post_type == 2 && $post['pmid']) { global $replyall; eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";"); eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";"); eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";"); if ($replyall == true) { eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";"); } } if (!$post_type) { // Figure out if we need to show an "edited by" message $post['editedmsg'] = ''; if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) { $post['editdate'] = my_date($mybb->settings['dateformat'], $post['edittime']); $post['edittime'] = my_date($mybb->settings['timeformat'], $post['edittime']); $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate'], $post['edittime']); $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']); eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";"); } if ((is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid']) && $mybb->user['uid'] != 0) { eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";"); } // Quick Delete button $can_delete = 0; if ($mybb->user['uid'] == $post['uid']) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete = 1; } } } if ((is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0) { eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } // Inline moderation stuff if ($ismod) { if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) { $inlinecheck = "checked=\"checked\""; $inlinecount++; } else { $inlinecheck = ""; } eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";"); if ($post['visible'] == 0) { $invisiblepost = 1; } } else { $post['inlinecheck'] = ""; } $post['postlink'] = get_post_link($post['pid'], $post['tid']); eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";"); global $forum, $thread; if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid']))) { eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";"); } if ($forumpermissions['canpostreplys'] != 0 && ($thread['closed'] != 1 || is_moderator($fid)) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) { eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";"); } if ($mybb->user['uid'] != "0") { eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";"); } if ($mybb->settings['logip'] != "no") { if ($mybb->settings['logip'] == "show") { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";"); } else { if ($mybb->settings['logip'] == "hide" && is_moderator($fid, "canviewips")) { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";"); } else { $post['iplogged'] = ""; } } } else { $post['iplogged'] = ""; } } elseif ($post_type == 3) { if ($mybb->usergroup['issupermod'] == 1 || is_moderator($fid)) { eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";"); eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";"); } } if ($post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } // If we have incoming search terms to highlight - get it done. if (!empty($mybb->input['highlight'])) { $parser_options['highlight'] = $mybb->input['highlight']; $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']); } $post['message'] = $parser->parse_message($post['message'], $parser_options); get_post_attachments($id, $post); if ($post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts'])) { $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($usergroup['signofollow']) { $sig_parser['nofollow_on'] = 1; } $post['signature'] = $parser->parse_message($post['signature'], $sig_parser); eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";"); } else { $post['signature'] = ""; } $icon_cache = $cache->read("posticons"); if ($post['icon'] > 0 && $icon_cache[$post['icon']]) { $icon = $icon_cache[$post['icon']]; $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); $post['icon'] = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" style=\"vertical-align: middle;\" /> "; } else { $post['icon'] = ""; } $post_visibility = ''; switch ($post_type) { case 1: // Message preview $post = $plugins->run_hooks("postbit_prev", $post); break; case 2: // Private message $post = $plugins->run_hooks("postbit_pm", $post); break; case 3: // Announcement $post = $plugins->run_hooks("postbit_announcement", $post); break; default: // Regular post $post = $plugins->run_hooks("postbit", $post); // Is this author on the ignore list of the current user? Hide this post $ignore_bit = ''; if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) { $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']); eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";"); $post_visibility = "display: none;"; } break; } if ($mybb->settings['postlayout'] == "classic") { eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";"); } else { eval("\$postbit = \"" . $templates->get("postbit") . "\";"); } $GLOBALS['post'] = ""; return $postbit; }
* MyBB 1.6 * Copyright 2010 MyBB Group, All Rights Reserved * * Website: http://mybb.com * License: http://mybb.com/about/license * * $Id$ */ // Disallow direct access to this file for security reasons if (!defined("IN_MYBB")) { die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); } // Neat trick for caching our custom template(s) // Basically, when we include this from class_plugins.php we can do stuff in init.php, which is before we cache our templates // So we won't need an extra call to cache it. if (my_strpos($_SERVER['PHP_SELF'], 'showthread.php')) { global $templatelist; if (isset($templatelist)) { $templatelist .= ','; } $templatelist .= 'akismet_postbit_spam'; } $plugins->add_hook("datahandler_post_insert_thread", "akismet_verify"); $plugins->add_hook("datahandler_post_insert_thread_post", "akismet_verify"); $plugins->add_hook("datahandler_post_insert_post", "akismet_verify"); $plugins->add_hook("datahandler_post_validate_post", "akismet_fake_draft"); $plugins->add_hook("datahandler_post_validate_thread", "akismet_fake_draft"); $plugins->add_hook("newreply_do_newreply_end", "akismet_redirect_thread"); $plugins->add_hook("newthread_do_newthread_end", "akismet_redirect_forum"); $plugins->add_hook("moderation_start", "akismet_moderation_start"); $plugins->add_hook("postbit", "akismet_postbit");
$remaining_time_minutes = ceil($remaining_time / 60); $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes); } error($lang->error_emailflooding); } } $query = $db->simple_select("users", "uid, username, email, hideemail, ignorelist", "uid='" . $mybb->get_input('uid', MyBB::INPUT_INT) . "'"); $to_user = $db->fetch_array($query); $lang->email_user = $lang->sprintf($lang->email_user, $to_user['username']); if (!$to_user['uid']) { error($lang->error_invaliduser); } if ($to_user['hideemail'] != 0) { error($lang->error_hideemail); } if ($to_user['ignorelist'] && (my_strpos("," . $to_user['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") !== false && $mybb->usergroup['cansendemailoverride'] != 1)) { error_no_permission(); } if (isset($errors) && count($errors) > 0) { $errors = inline_error($errors); $fromname = htmlspecialchars_uni($mybb->get_input('fromname')); $fromemail = htmlspecialchars_uni($mybb->get_input('fromemail')); $subject = htmlspecialchars_uni($mybb->get_input('subject')); $message = htmlspecialchars_uni($mybb->get_input('message')); } else { $errors = ''; $fromname = ''; $fromemail = ''; $subject = ''; $message = ''; }
$pagenum = intval($mybb->input['page']); if ($pagenum) { $start = ($pagenum - 1) * 20; } else { $start = 0; $pagenum = 1; } $table = new Table(); $table->construct_header($lang->image, array("class" => "align_center", "width" => 1)); $table->construct_header($lang->name, array("width" => "35%")); $table->construct_header($lang->text_replace, array("width" => "35%")); $table->construct_header($lang->controls, array("class" => "align_center", "colspan" => 2)); $query = $db->simple_select("smilies", "*", "", array('limit_start' => $start, 'limit' => 20, 'order_by' => 'disporder')); while ($smilie = $db->fetch_array($query)) { $smilie['image'] = str_replace("{theme:imgdir}", $theme['imgdir'], $smilie['image']); if (my_strpos($smilie['image'], "p://") || substr($smilie['image'], 0, 1) == "/") { $image = $smilie['image']; } else { $image = "../" . $smilie['image']; } $table->construct_cell("<img src=\"{$image}\" alt=\"\" />", array("class" => "align_center")); $table->construct_cell(htmlspecialchars_uni($smilie['name'])); $table->construct_cell(htmlspecialchars_uni($smilie['find'])); $table->construct_cell("<a href=\"index.php?module=config-smilies&action=edit&sid={$smilie['sid']}\">{$lang->edit}</a>", array("class" => "align_center")); $table->construct_cell("<a href=\"index.php?module=config-smilies&action=delete&sid={$smilie['sid']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_smilie_deletion}')\">{$lang->delete}</a>", array("class" => "align_center")); $table->construct_row(); } if ($table->num_rows() == 0) { $table->construct_cell($lang->no_smilies, array('colspan' => 5)); $table->construct_row(); }
$sub_tabs['add_multiple'] = array('title' => $lang->add_multiple_post_icons, 'link' => "index.php?module=config/post_icons&action=add_multiple"); $page->output_nav_tabs($sub_tabs, 'manage_icons'); $pagenum = intval($mybb->input['page']); if ($pagenum) { $start = ($pagenum - 1) * 20; } else { $start = 0; $pagenum = 1; } $table = new Table(); $table->construct_header($lang->image, array('class' => "align_center", 'width' => 1)); $table->construct_header($lang->name, array('width' => "70%")); $table->construct_header($lang->controls, array('class' => "align_center", 'colspan' => 2)); $query = $db->simple_select("icons", "*", "", array('limit_start' => $start, 'limit' => 20, 'order_by' => 'name')); while ($icon = $db->fetch_array($query)) { if (my_strpos($icon['path'], "p://") || substr($icon['path'], 0, 1) == "/") { $image = $icon['path']; } else { $image = "../" . $icon['path']; } $table->construct_cell("<img src=\"{$image}\" alt=\"\" />", array("class" => "align_center")); $table->construct_cell("{$icon['name']}"); $table->construct_cell("<a href=\"index.php?module=config/post_icons&action=edit&iid={$icon['iid']}\">{$lang->edit}</a>", array("class" => "align_center")); $table->construct_cell("<a href=\"index.php?module=config/post_icons&action=delete&iid={$icon['iid']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->confirm_post_icon_deletion}')\">{$lang->delete}</a>", array("class" => "align_center")); $table->construct_row(); } if ($table->num_rows() == 0) { $table->construct_cell($lang->no_post_icons, array('colspan' => 4)); $table->construct_row(); } $table->output($lang->manage_post_icons);
function ougc_showinportal_newthread_end() { global $modoptions; if (!isset($modoptions) || my_strpos($modoptions, '<!--OUGC_SHOWINPORTAL-->') === false) { return; } global $showinportal, $mybb, $fid; if (!$showinportal->can_moderate($fid)) { return; } global $templates, $lang, $thread; $showinportal->lang_load(); // Figure out if checked if (THIS_SCRIPT == 'newreply.php' && !isset($mybb->input['modoptions']) && !isset($mybb->input['modoptions']['showinportal']) && isset($thread['showinportal'])) { $mybb->input['modoptions']['showinportal'] = (int) $thread['showinportal']; } $sip = (int) $mybb->input['modoptions']['showinportal']; $checked = ''; if (!empty($sip)) { $checked = ' checked="checked"'; } // Show the option $name = 'modoptions[showinportal]'; $message = $lang->ougc_showinportal_input_newthread; eval('$ougc_showinportal = "' . $templates->get('ougcshowinportal_input') . '";'); $modoptions = str_replace('<!--OUGC_SHOWINPORTAL-->', $ougc_showinportal, $modoptions); }
/** * Verifies a post subject. * * @param string True if the subject is valid, false if invalid. * @return boolean True when valid, false when not valid. */ function verify_subject() { global $db; $post =& $this->data; $subject =& $post['subject']; $subject = trim_blank_chrs($subject); // Are we editing an existing thread or post? if ($this->method == "update" && $post['pid']) { if (empty($post['tid'])) { $query = $db->simple_select("posts", "tid", "pid='" . (int) $post['pid'] . "'"); $post['tid'] = $db->fetch_field($query, "tid"); } // Here we determine if we're editing the first post of a thread or not. $options = array("limit" => 1, "limit_start" => 0, "order_by" => "dateline", "order_dir" => "asc"); $query = $db->simple_select("posts", "pid", "tid='" . $post['tid'] . "'", $options); $first_check = $db->fetch_array($query); if ($first_check['pid'] == $post['pid']) { $first_post = true; } else { $first_post = false; } // If this is the first post there needs to be a subject, else make it the default one. if (my_strlen($subject) == 0 && $first_post) { $this->set_error("firstpost_no_subject"); return false; } elseif (my_strlen($subject) == 0) { $thread = get_thread($post['tid']); $subject = "RE: " . $thread['subject']; } } else { if ($this->action == "post") { if (my_strlen($subject) == 0) { $thread = get_thread($post['tid']); $subject = "RE: " . $thread['subject']; } } else { if (my_strlen($subject) == 0) { $this->set_error("missing_subject"); return false; } } } // If post is reply and begins with "RE: ", remove 4 from subject length. $subject_length = my_strlen($subject); if ($this->action == "post") { $position_re = my_strpos($subject, "RE: "); if ($position_re !== false && $position_re == 0) { $subject_length = $subject_length - 4; } } if ($subject_length > 85) { // Subject is too long $this->set_error('subject_too_long', my_strlen($subject)); return false; } // Subject is valid - return true. return true; }
/** * Clean search keywords for fulltext searching, making them safe for querying * * @param string The keywords to be cleaned * @return string The cleaned keywords */ function clean_keywords_ft($keywords) { if (!$keywords) { return false; } $keywords = my_strtolower($keywords); $keywords = str_replace("%", "\\%", $keywords); $keywords = preg_replace("#\\*{2,}#s", "*", $keywords); $keywords = preg_replace("#([\\[\\]\\|\\.\\,:])#s", " ", $keywords); $keywords = preg_replace("#\\s+#s", " ", $keywords); $words = array(); if (my_strpos($keywords, "\"") !== false) { $inquote = false; $keywords = explode("\"", $keywords); foreach ($keywords as $phrase) { if ($phrase != '') { if ($inquote) { $words[] = "\"" . trim($phrase) . "\""; } else { $split_words = preg_split("#\\s{1,}#", $phrase, -1); if (!is_array($split_words)) { continue; } foreach ($split_words as $word) { if (!$word) { continue; } $words[] = trim($word); } } } $inquote = !$inquote; } } else { $split_words = preg_split("#\\s{1,}#", $keywords, -1); if (!is_array($split_words)) { continue; } foreach ($split_words as $word) { if (!$word) { continue; } $words[] = trim($word); } } $keywords = ''; foreach ($words as $word) { if ($word == "or") { $boolean = ''; } elseif ($word == "and") { $boolean = "+"; } elseif ($word == "not") { $boolean = "-"; } else { $keywords .= " " . $boolean . $word; $boolean = ''; } } $keywords = "+" . trim($keywords); return $keywords; }
function configure() { global $output, $mybb, $errors, $lang; $output->print_header($lang->board_config, 'config'); // If board configuration errors if (is_array($errors)) { $error_list = error_list($errors); echo $lang->sprintf($lang->config_step_error_config, $error_list); $bbname = htmlspecialchars_uni($mybb->input['bbname']); $bburl = htmlspecialchars_uni($mybb->input['bburl']); $websitename = htmlspecialchars_uni($mybb->input['websitename']); $websiteurl = htmlspecialchars_uni($mybb->input['websiteurl']); $cookiedomain = htmlspecialchars_uni($mybb->input['cookiedomain']); $cookiepath = htmlspecialchars_uni($mybb->input['cookiepath']); $contactemail = htmlspecialchars_uni($mybb->input['contactemail']); } else { $bbname = 'Forums'; $cookiedomain = ''; $cookiepath = '/'; $websiteurl = $hostname . '/'; $websitename = 'Your Website'; $contactemail = ''; $protocol = "http://"; if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != "off" || substr($bburl, 0, 5) == "https") { $protocol = "https://"; } // Attempt auto-detection if ($_SERVER['HTTP_HOST']) { $hostname = $protocol . $_SERVER['HTTP_HOST']; $cookiedomain = '.' . $_SERVER['HTTP_HOST']; } elseif ($_SERVER['SERVER_NAME']) { $hostname = $protocol . $_SERVER['SERVER_NAME']; $cookiedomain = '.' . $_SERVER['SERVER_NAME']; } if (substr($cookiedomain, 0, 5) == ".www.") { $cookiedomain = my_substr($cookiedomain, 4); } if ($_SERVER['HTTP_HOST'] == 'localhost' || $_SERVER['SERVER_NAME'] == 'localhost' || ip2long($_SERVER['SERVER_NAME']) != false) { $cookiedomain = ''; } if ($_SERVER['SERVER_PORT'] && $_SERVER['SERVER_PORT'] != 80 && !preg_match("#:[0-9]#i", $hostname)) { $hostname .= ':' . $_SERVER['SERVER_PORT']; } $currentlocation = get_current_location(); if ($currentlocation) { // TODO: Change this to find the last position of /install/ $pos = my_strpos($currentlocation, '/install/'); if ($pos === 0) { $cookiepath = "/"; } else { $cookiepath = my_substr($currentlocation, 0, $pos) . '/'; } } $currentscript = $hostname . get_current_location(); if ($currentscript) { $bburl = my_substr($currentscript, 0, my_strpos($currentscript, '/install/')); } if ($_SERVER['SERVER_ADMIN']) { $contactemail = $_SERVER['SERVER_ADMIN']; } } echo $lang->sprintf($lang->config_step_table, $bbname, $bburl, $websitename, $websiteurl, $cookiedomain, $cookiepath, $contactemail); $output->print_footer('adminuser'); }
// If this usergroup can see anonymously logged-in users, mark them. if ($user['invisible'] == 1) { $invisiblemark = '*'; } else { $invisiblemark = ''; } // Properly format the username and assign the template. $user['username'] = format_name($user['username'], $user['usergroup'], $user['displaygroup']); $user['profilelink'] = build_profile_link($user['username'], $user['uid']); eval('$onlinemembers .= "' . $templates->get('index_whosonline_memberbit', 1, 0) . '";'); $comma = $lang->comma; } // This user has been handled. $doneusers[$user['uid']] = $user['time']; } } elseif (my_strpos($user['sid'], 'bot=') !== false && $spiders[$botkey]) { // The user is a search bot. $onlinemembers .= $comma . format_name($spiders[$botkey]['name'], $spiders[$botkey]['usergroup']); $comma = $lang->comma; ++$botcount; } else { // The user is a guest. ++$guestcount; } if ($user['location1']) { ++$forum_viewers[$user['location1']]; } } // Build the who's online bit on the index page. $onlinecount = $membercount + $guestcount + $botcount; if ($onlinecount != 1) {
} $page = $mybb->get_input('page', MyBB::INPUT_INT); if ($page && $page > 0) { $start = ($page - 1) * $perpage; } else { $start = 0; $page = 1; } $multipage = multipage($numusers, $perpage, $page, "managegroup.php?gid=" . $gid); $users = ""; while ($user = $db->fetch_array($query)) { $altbg = alt_trow(); $regdate = my_date('relative', $user['regdate']); $post = $user; $sendpm = $email = ''; if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) { eval("\$sendpm = \"" . $templates->get("postbit_pm") . "\";"); } if ($user['hideemail'] != 1) { eval("\$email = \"" . $templates->get("postbit_email") . "\";"); } else { $email = ''; } $user['username'] = format_name($user['username'], $user['usergroup'], $user['displaygroup']); $user['profilelink'] = build_profile_link($user['username'], $user['uid']); if (in_array($user['uid'], $leaders_array)) { $leader = $lang->leader; } else { $leader = ''; } // Checkbox for user management - only if current user is allowed
$joinlink = "--"; } else { eval("\$joinlink = \"" . $templates->get("usercp_usergroups_joinable_usergroup_join") . "\";"); } $usergroupleaders = ''; if (!empty($groupleaders[$usergroup['gid']])) { $comma = ''; $usergroupleaders = ''; foreach ($groupleaders[$usergroup['gid']] as $leader) { $leader['username'] = format_name($leader['username'], $leader['usergroup'], $leader['displaygroup']); $usergroupleaders .= $comma . build_profile_link($leader['username'], $leader['uid']); $comma = $lang->comma; } $usergroupleaders = $lang->usergroup_leaders . " " . $usergroupleaders; } if (my_strpos($usergroupleaders, $mybb->user['username']) === false) { // User is already a leader of the group, so don't show as a "Join Group" eval("\$joinablegrouplist .= \"" . $templates->get("usercp_usergroups_joinable_usergroup") . "\";"); } } if ($joinablegrouplist) { eval("\$joinablegroups = \"" . $templates->get("usercp_usergroups_joinable") . "\";"); } $plugins->run_hooks("usercp_usergroups_end"); eval("\$groupmemberships = \"" . $templates->get("usercp_usergroups") . "\";"); output_page($groupmemberships); } if ($mybb->input['action'] == "attachments") { $plugins->run_hooks("usercp_attachments_start"); require_once MYBB_ROOT . "inc/functions_upload.php"; if ($mybb->settings['enableattachments'] == 0) {
if ($mybb->input['highlight']) { $string = "&"; if ($mybb->settings['seourls'] == "yes" || $mybb->settings['seourls'] == "auto" && $_SERVER['SEO_SUPPORT'] == 1) { $string = "?"; } $highlight = $string . "highlight=" . $mybb->input['highlight']; } header("Location: " . htmlspecialchars_decode(get_post_link($newpost['pid'], $tid)) . $highlight . "#pid{$newpost['pid']}"); } else { // show them to the last post $mybb->input['action'] = "lastpost"; } } // Jump to the last post. if ($mybb->input['action'] == "lastpost") { if (my_strpos($thread['closed'], "moved|")) { $query = $db->query("\r\n\t\t\tSELECT p.pid\r\n\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON(p.tid=t.tid)\r\n\t\t\tWHERE t.fid='" . $thread['fid'] . "' AND t.closed NOT LIKE 'moved|%' {$visibleonly2}\r\n\t\t\tORDER BY p.dateline DESC\r\n\t\t\tLIMIT 1\r\n\t\t"); $pid = $db->fetch_field($query, "pid"); } else { $options = array('order_by' => 'dateline', 'order_dir' => 'desc', 'limit_start' => 0, 'limit' => 1); $query = $db->simple_select('posts', 'pid', "tid={$tid} {$visibleonly}", $options); $pid = $db->fetch_field($query, "pid"); } header("Location: " . htmlspecialchars_decode(get_post_link($pid, $tid)) . "#pid{$pid}"); exit; } // Jump to the next newest posts. if ($mybb->input['action'] == "nextnewest") { $options = array("limit_start" => 0, "limit" => 1, "order_by" => "lastpost"); $query = $db->simple_select('threads', '*', "fid={$thread['fid']} AND lastpost > {$thread['lastpost']} {$visibleonly} AND closed NOT LIKE 'moved|%'", $options); $nextthread = $db->fetch_array($query);
public function member_profile_start() { global $mybb; if (!$mybb->settings['mppermissionsenabled'] || !$mybb->usergroup['canviewprofiles']) { return; } $memprofile = false; $uid = $mybb->get_input('uid', 1); if ($uid) { $memprofile = get_user($uid); } elseif ($mybb->user['uid']) { $memprofile = $mybb->user; } if ($mybb->settings['mppermissionsgroups'] != -1 && !is_member($mybb->settings['mppermissionsgroups'], array('usergroup' => $memprofile['usergroup'], 'additionalgroups' => $memprofile['additionalgroups']))) { return; } if (!$memprofile || !$memprofile['myprofilepermissions'] || $mybb->user['uid'] == $memprofile['uid'] || $mybb->usergroup['caneditprofiles']) { return; } require_once MYBB_ROOT . 'inc/functions_modcp.php'; if (modcp_can_manage_user($memprofile['uid'])) { return; } if ($memprofile['myprofilepermissions'] == 1 || !$memprofile['buddylist'] && !$memprofile['ignorelist']) { error_no_permission(); } if (my_strpos(',' . $memprofile['ignorelist'] . ',', ',' . $mybb->user['uid'] . ',') !== false) { error_no_permission(); } if (!my_strpos(',' . $memprofile['buddylist'] . ',', ',' . $mybb->user['uid'] . ',') !== false) { error_no_permission(); } }
// Query for active sessions $query = $db->query("\n\t\tSELECT DISTINCT s.sid, s.ip, s.uid, s.time, s.location, u.username, s.nopermission, u.invisible, u.usergroup, u.displaygroup\n\t\tFROM " . TABLE_PREFIX . "sessions s\n\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (s.uid=u.uid)\n\t\tWHERE s.time>'{$timesearch}'\n\t\tORDER BY {$sql}\n\t\tLIMIT {$start}, {$perpage}\n\t"); // Fetch spiders $spiders = $cache->read("spiders"); while ($user = $db->fetch_array($query)) { $plugins->run_hooks("online_user"); // Fetch the WOL activity $user['activity'] = fetch_wol_activity($user['location'], $user['nopermission']); $botkey = my_strtolower(str_replace("bot=", '', $user['sid'])); // Have a registered user if ($user['uid'] > 0) { if ($users[$user['uid']]['time'] < $user['time'] || !$users[$user['uid']]) { $users[$user['uid']] = $user; } } else { if (my_strpos($user['sid'], "bot=") !== false && $spiders[$botkey]) { $user['bot'] = $spiders[$botkey]['name']; $user['usergroup'] = $spiders[$botkey]['usergroup']; $guests[] = $user; } else { $guests[] = $user; } } } // Now we build the actual online rows - we do this separately because we need to query all of the specific activity and location information $online_rows = ''; if (is_array($users)) { reset($users); foreach ($users as $user) { $online_rows .= build_wol_row($user); }
/** * Build a post bit * * @param array $post The post data * @param int $post_type The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post) * @return string The built post bit */ function build_postbit($post, $post_type = 0) { global $db, $altbg, $theme, $mybb, $postcounter, $profile_fields; global $titlescache, $page, $templates, $forumpermissions, $attachcache; global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid; global $plugins, $parser, $cache, $ignored_users, $hascustomtitle; $hascustomtitle = 0; // Set default values for any fields not provided here foreach (array('pid', 'aid', 'pmid', 'posturl', 'button_multiquote', 'subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_purgespammer', 'button_pm', 'button_pubkey', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm', 'replink', 'warninglevel') as $post_field) { if (empty($post[$post_field])) { $post[$post_field] = ''; } } // Set up the message parser if it doesn't already exist. if (!$parser) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } if (!function_exists("purgespammer_show")) { require_once MYBB_ROOT . "inc/functions_user.php"; } $unapproved_shade = ''; if (isset($post['visible']) && $post['visible'] == 0 && $post_type == 0) { $altbg = $unapproved_shade = 'unapproved_post'; } elseif (isset($post['visible']) && $post['visible'] == -1 && $post_type == 0) { $altbg = $unapproved_shade = 'unapproved_post deleted_post'; } elseif ($altbg == 'trow1') { $altbg = 'trow2'; } else { $altbg = 'trow1'; } $post['fid'] = $fid; switch ($post_type) { case 1: // Message preview global $forum; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = 0; break; case 2: // Private message global $message, $pmid; $idtype = 'pmid'; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; break; case 3: // Announcement global $announcementarray, $message; $parser_options['allow_html'] = $announcementarray['allowhtml']; $parser_options['allow_mycode'] = $announcementarray['allowmycode']; $parser_options['allow_smilies'] = $announcementarray['allowsmilies']; $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $announcementarray['aid']; break; default: // Regular post global $forum, $thread, $tid; $oldforum = $forum; $id = (int) $post['pid']; $idtype = 'pid'; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } break; } if (!$postcounter) { // Used to show the # of the post if ($page > 1) { if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) { $mybb->settings['postsperpage'] = 20; } $postcounter = $mybb->settings['postsperpage'] * ($page - 1); } else { $postcounter = 0; } $post_extra_style = "border-top-width: 0;"; } elseif ($mybb->input['mode'] == "threaded") { $post_extra_style = "border-top-width: 0;"; } else { $post_extra_style = "margin-top: 5px;"; } if (!$altbg) { // Define the alternate background colour if this is the first post $altbg = "trow1"; } $postcounter++; // Format the post date and time using my_date //$post['postdate'] = my_date('relative', $post['dateline']); $post['postdate'] = date('Y-m-d', $post['dateline']); // Dont want any little 'nasties' in the subject $post['subject'] = $parser->parse_badwords($post['subject']); // Pm's have been htmlspecialchars_uni()'ed already. if ($post_type != 2) { $post['subject'] = htmlspecialchars_uni($post['subject']); } if (empty($post['subject'])) { $post['subject'] = ' '; } $post['author'] = $post['uid']; $post['subject_title'] = $post['subject']; // Get the usergroup if ($post['userusername']) { if (!$post['displaygroup']) { $post['displaygroup'] = $post['usergroup']; } $usergroup = $groupscache[$post['displaygroup']]; } else { $usergroup = $groupscache[1]; } if (!is_array($titlescache)) { $cached_titles = $cache->read("usertitles"); if (!empty($cached_titles)) { foreach ($cached_titles as $usertitle) { $titlescache[$usertitle['posts']] = $usertitle; } } if (is_array($titlescache)) { krsort($titlescache); } unset($usertitle, $cached_titles); } // Work out the usergroup/title stuff $post['groupimage'] = ''; if (!empty($usergroup['image'])) { $language = $mybb->settings['bblanguage']; if (!empty($mybb->user['language'])) { $language = $mybb->user['language']; } $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']); $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']); eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";"); if ($mybb->settings['postlayout'] == "classic") { $post['groupimage'] .= "<br />"; } } if ($post['userusername']) { // This post was made by a registered user $post['username'] = $post['userusername']; $post['profilelink_plain'] = get_profile_link($post['uid']); $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']); $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']); if (trim($post['usertitle']) != "") { $hascustomtitle = 1; } if ($usergroup['usertitle'] != "" && !$hascustomtitle) { $post['usertitle'] = $usergroup['usertitle']; } elseif (is_array($titlescache) && !$usergroup['usertitle']) { reset($titlescache); foreach ($titlescache as $key => $titleinfo) { if ($post['postnum'] >= $key) { if (!$hascustomtitle) { $post['usertitle'] = $titleinfo['title']; } $post['stars'] = $titleinfo['stars']; $post['starimage'] = $titleinfo['starimage']; break; } } } $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); if ($usergroup['stars']) { $post['stars'] = $usergroup['stars']; } if (empty($post['starimage'])) { $post['starimage'] = $usergroup['starimage']; } if ($post['starimage'] && $post['stars']) { // Only display stars if we have an image to use... $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']); $post['userstars'] = ''; for ($i = 0; $i < $post['stars']; ++$i) { eval("\$post['userstars'] .= \"" . $templates->get("postbit_userstar", 1, 0) . "\";"); } $post['userstars'] .= "<br />"; } $postnum = $post['postnum']; $post['postnum'] = my_number_format($post['postnum']); $post['threadnum'] = my_number_format($post['threadnum']); // Determine the status to show for the user (Online/Offline/Away) /* $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_online")."\";"); } else { if($post['away'] == 1 && $mybb->settings['allowaway'] != 0) { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_away")."\";"); } else { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_offline")."\";"); } } */ // Show as always offline eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";"); $post['useravatar'] = ''; if (isset($mybb->user['showavatars']) && $mybb->user['showavatars'] != 0 || $mybb->user['uid'] == 0) { $useravatar = format_avatar($post['avatar'], $post['avatardimensions'], $mybb->settings['postmaxavatarsize']); eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";"); } $post['button_find'] = ''; if ($mybb->usergroup['cansearch'] == 1) { eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";"); } if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) { //eval("\$post['button_pm'] = \"".$templates->get("postbit_pm")."\";"); } $post['button_rep'] = ''; if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid'] && $post['visible'] == 1) { if (!$post['pid']) { $post['pid'] = 0; } eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";"); } if ($post['website'] != "" && !is_member($mybb->settings['hidewebsite']) && $usergroup['canchangewebsite'] == 1) { $post['website'] = htmlspecialchars_uni($post['website']); eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";"); } else { $post['button_www'] = ""; } if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) { eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";"); } else { $post['button_email'] = ""; } $post['userregdate'] = $lang->na; //my_date($mybb->settings['regdateformat'], $post['regdate']); // Work out the reputation this user has (only show if not announcement) if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) { $post['userreputation'] = get_reputation($post['reputation'], $post['uid']); eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";"); } // Showing the warning level? (only show if not announcement) if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) { if ($mybb->settings['maxwarningpoints'] < 1) { $mybb->settings['maxwarningpoints'] = 10; } $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); if ($warning_level > 100) { $warning_level = 100; } $warning_level = get_colored_warning_level($warning_level); // If we can warn them, it's not the same person, and we're in a PM or a post. if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) { eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";"); $warning_link = "warnings.php?uid={$post['uid']}"; } else { $post['button_warn'] = ''; $warning_link = "usercp.php"; } eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";"); } if ($post_type != 3 && $post_type != 1 && purgespammer_show($post['postnum'], $post['usergroup'], $post['uid'])) { eval("\$post['button_purgespammer'] = \"" . $templates->get('postbit_purgespammer') . "\";"); } // Display profile fields on posts - only if field is filled in if (is_array($profile_fields)) { foreach ($profile_fields as $field) { $fieldfid = "fid{$field['fid']}"; if (!empty($post[$fieldfid])) { $post['fieldvalue'] = ''; $post['fieldname'] = htmlspecialchars_uni($field['name']); $thing = explode("\n", $field['type'], "2"); $type = trim($thing[0]); $useropts = explode("\n", $post[$fieldfid]); if (is_array($useropts) && ($type == "multiselect" || $type == "checkbox")) { foreach ($useropts as $val) { if ($val != '') { eval("\$post['fieldvalue_option'] .= \"" . $templates->get("postbit_profilefield_multiselect_value") . "\";"); } } if ($post['fieldvalue_option'] != '') { eval("\$post['fieldvalue'] .= \"" . $templates->get("postbit_profilefield_multiselect") . "\";"); } } else { $field_parser_options = array("allow_html" => $field['allowhtml'], "allow_mycode" => $field['allowmycode'], "allow_smilies" => $field['allowsmilies'], "allow_imgcode" => $field['allowimgcode'], "allow_videocode" => $field['allowvideocode'], "filter_badwords" => 1); if ($customfield['type'] == "textarea") { $field_parser_options['me_username'] = $post['username']; } else { $field_parser_options['nl2br'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $field_parser_options['allow_imgcode'] = 0; } $post['fieldvalue'] = $parser->parse_message($post[$fieldfid], $field_parser_options); } eval("\$post['profilefield'] .= \"" . $templates->get("postbit_profilefield") . "\";"); } } } eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";"); } else { // Message was posted by a guest or an unknown user $post['profilelink'] = format_name($post['username'], 1); if ($usergroup['usertitle']) { $post['usertitle'] = $usergroup['usertitle']; } else { $post['usertitle'] = $lang->guest; } $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); $usergroup['title'] = $lang->na; $post['userregdate'] = $lang->na; $post['postnum'] = $lang->na; $post['button_profile'] = ''; $post['button_email'] = ''; $post['button_www'] = ''; $post['signature'] = ''; $post['button_pm'] = $lang->na; $post['button_find'] = ''; $post['onlinestatus'] = ''; $post['replink'] = ''; eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";"); } $post['button_edit'] = ''; $post['button_quickdelete'] = ''; $post['button_quickrestore'] = ''; $post['button_quote'] = ''; $post['button_quickquote'] = ''; $post['button_report'] = ''; $post['button_reply_pm'] = ''; $post['button_replyall_pm'] = ''; $post['button_forward_pm'] = ''; $post['button_delete_pm'] = ''; // For private messages, fetch the reply/forward/delete icons if ($post_type == 2 && $post['pmid']) { global $replyall; eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";"); eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";"); eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";"); if ($replyall == true) { eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";"); } } $post['editedmsg'] = ''; if (!$post_type) { // Figure out if we need to show an "edited by" message if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) { //$post['editdate'] = my_date('relative', $post['edittime']); $post['editdate'] = $lang->na; $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate']); $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']); $editreason = ""; if ($post['editreason'] != "") { $post['editreason'] = $parser->parse_badwords($post['editreason']); $post['editreason'] = htmlspecialchars_uni($post['editreason']); eval("\$editreason = \"" . $templates->get("postbit_editedby_editreason") . "\";"); } eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";"); } $time = TIME_NOW; if (is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid'] && $thread['closed'] != 1 && $mybb->usergroup['edittimelimit'] == 0 && $mybb->user['uid'] != 0) { eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";"); } // Quick Delete button $can_delete_thread = $can_delete_post = 0; if ($mybb->user['uid'] == $post['uid'] && $thread['closed'] == 0) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete_thread = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete_post = 1; } } } $postbit_qdelete = $postbit_qrestore = ''; if ($mybb->user['uid'] != 0) { if ((is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts") || $can_delete_post == 1) && $postcounter != 1) { $postbit_qdelete = $lang->postbit_qdelete_post; $display = ''; if ($post['visible'] == -1) { $display = "none"; } eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } else { if ((is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads") || $can_delete_thread == 1) && $postcounter == 1) { $postbit_qdelete = $lang->postbit_qdelete_thread; $display = ''; if ($post['visible'] == -1) { $display = "none"; } eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } } // Restore Post if (is_moderator($fid, "canrestoreposts") && $postcounter != 1) { $display = "none"; if ($post['visible'] == -1) { $display = ''; } $postbit_qrestore = $lang->postbit_qrestore_post; eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";"); } else { if (is_moderator($fid, "canrestorethreads") && $postcounter == 1) { $display = "none"; if ($post['visible'] == -1) { $display = ""; } $postbit_qrestore = $lang->postbit_qrestore_thread; eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";"); } } } // Inline moderation stuff if ($ismod) { if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) { $inlinecheck = "checked=\"checked\""; $inlinecount++; } else { $inlinecheck = ""; } eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";"); if ($post['visible'] == 0) { $invisiblepost = 1; } } else { $post['inlinecheck'] = ""; } $post['postlink'] = get_post_link($post['pid'], $post['tid']); $post_number = my_number_format($postcounter); eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";"); global $forum, $thread; if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid'], "canpostclosedthreads")) && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1)) { eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";"); } if ($forumpermissions['canpostreplys'] != 0 && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1) && ($thread['closed'] != 1 || is_moderator($fid, "canpostclosedthreads")) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) { eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";"); } if ($mybb->user['uid'] != "0") { eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";"); } } elseif ($post_type == 3) { if ($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanageannounce'] == 1 && is_moderator($fid, "canmanageannouncements")) { eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";"); eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";"); } } $post['iplogged'] = ''; $show_ips = $mybb->settings['logip']; //$ipaddress = my_inet_ntop($db->unescape_binary($post['ipaddress'])); $ipaddress = '127.0.0.1'; // Show post IP addresses... PMs now can have IP addresses too as of 1.8! if ($post_type == 2) { $show_ips = $mybb->settings['showpmip']; } if (!$post_type || $post_type == 2) { if ($show_ips != "no" && !empty($post['ipaddress'])) { if ($show_ips == "show") { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";"); } else { if ($show_ips == "hide" && (is_moderator($fid, "canviewips") || $mybb->usergroup['issupermod'])) { $action = 'getip'; if ($post_type == 2) { $action = 'getpmip'; } eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";"); } } } } if (isset($post['smilieoff']) && $post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_imgcode'] = 0; } if ($mybb->user['showvideos'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_videocode'] = 0; } // If we have incoming search terms to highlight - get it done. if (!empty($mybb->input['highlight'])) { $parser_options['highlight'] = $mybb->input['highlight']; $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']); } $post['message'] = $parser->parse_message($post['message'], $parser_options); // Validate key $keyinfo = user_key_info($post['uid']); $post['signstatus']; if ($keyinfo['status'] == "OK") { $post['signstatus'] = "<span style=\"color: #07a407;\" title=\"Fingerprint: {$keyinfo['fingerprint']}\">✓ podpisano przez {$post['profilelink']}</span>"; } // Jid link $ujid = user_jid($post['uid']); $post['jidlink'] = $ujid; // User key $post['userpubkey'] = $keyinfo['key']; if ($keyinfo['key'] != "") { eval("\$post['button_pubkey'] = \"" . $templates->get("postbit_pubkey") . "\";"); } else { $post['button_pubkey']; } $post['attachments'] = ''; if ($mybb->settings['enableattachments'] != 0) { get_post_attachments($id, $post); } if (isset($post['includesig']) && $post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts']) && !is_member($mybb->settings['hidesignatures'])) { $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($usergroup['signofollow']) { $sig_parser['nofollow_on'] = 1; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $sig_parser['allow_imgcode'] = 0; } $post['signature'] = $parser->parse_message($post['signature'], $sig_parser); eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";"); } else { $post['signature'] = ""; } $icon_cache = $cache->read("posticons"); if (isset($post['icon']) && $post['icon'] > 0 && $icon_cache[$post['icon']]) { $icon = $icon_cache[$post['icon']]; $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); eval("\$post['icon'] = \"" . $templates->get("postbit_icon") . "\";"); } else { $post['icon'] = ""; } $post_visibility = $ignore_bit = ''; switch ($post_type) { case 1: // Message preview $post = $plugins->run_hooks("postbit_prev", $post); break; case 2: // Private message $post = $plugins->run_hooks("postbit_pm", $post); break; case 3: // Announcement $post = $plugins->run_hooks("postbit_announcement", $post); break; default: // Regular post $post = $plugins->run_hooks("postbit", $post); // Is this author on the ignore list of the current user? Hide this post if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) { $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']); eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";"); $post_visibility = "display: none;"; } break; } if ($mybb->settings['postlayout'] == "classic") { eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";"); } else { eval("\$postbit = \"" . $templates->get("postbit") . "\";"); } $GLOBALS['post'] = ""; return $postbit; }
break; case 4: if ($val == $lang->folder_trash || trim($val) == '') { $val = ''; } break; } } if ($val != '' && trim($val) == '' && !($key >= 1 && $key <= 4)) { // If the name only contains whitespace and it's not a default folder, print an error error($lang->error_emptypmfoldername); } if ($val != '' || $key >= 1 && $key <= 4) { // If there is a name or if this is a default folder, save it $foldername = $db->escape_string(htmlspecialchars_uni($val)); if (my_strpos($foldername, "\$%%\$") === false) { if ($folders != '') { $folders .= "\$%%\$"; } $folders .= "{$fid}**{$foldername}"; } else { error($lang->error_invalidpmfoldername); } } else { // Delete PMs from the folder $db->delete_query("privatemessages", "folder='{$fid}' AND uid='" . $mybb->user['uid'] . "'"); } } } $sql_array = array("pmfolders" => $folders); $db->update_query("users", $sql_array, "uid='" . $mybb->user['uid'] . "'");
/** * Truncate too long URLs. * * @param string The string to be truncated. * @param string The word separator. * @param int The soft limit. * @param int The hard limit. * @return string truncated string */ function google_seo_url_truncate($str) { global $settings; $separator = $settings['google_seo_url_separator']; $soft = $settings['google_seo_url_length_soft']; $hard = $settings['google_seo_url_length_hard']; // Cut off word past soft limit. if ($soft && my_strlen($str) > $soft) { // Search the separator after the soft limit. $part = my_substr($str, $soft); $pos = my_strpos($part, $separator); if ($pos === 0 || $pos > 0) { $str = my_substr($str, 0, $soft + $pos); } } // Truncate hard limit. if ($hard && my_strlen($str) > $hard) { $str = my_substr($str, 0, $hard); } return $str; }
$form_container->end(); echo "</div>\n"; // // AVATAR MANAGER // echo "<div id=\"tab_avatar\">\n"; $table = new Table(); $table->construct_header($lang->current_avatar, array('colspan' => 2)); $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"" . htmlspecialchars_uni($user['avatar']) . "\" width=\"{$scaled_dimensions['width']}\" style=\"margin-top: {$avatar_top}px\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('width' => 1)); $avatar_url = ''; if ($user['avatartype'] == "upload" || stristr($user['avatar'], $mybb->settings['avataruploadpath'])) { $current_avatar_msg = "<br /><strong>{$lang->user_current_using_uploaded_avatar}</strong>"; } else { if ($user['avatartype'] == "gallery" || stristr($user['avatar'], $mybb->settings['avatardir'])) { $current_avatar_msg = "<br /><strong>{$lang->user_current_using_gallery_avatar}</strong>"; } elseif ($user['avatartype'] == "remote" || my_strpos(my_strtolower($user['avatar']), "http://") !== false) { $current_avatar_msg = "<br /><strong>{$lang->user_current_using_remote_avatar}</strong>"; $avatar_url = $user['avatar']; } } if ($errors) { $avatar_url = htmlspecialchars_uni($mybb->input['avatar_url']); } if ($mybb->settings['maxavatardims'] != "") { list($max_width, $max_height) = explode("x", my_strtolower($mybb->settings['maxavatardims'])); $max_size = "<br />{$lang->max_dimensions_are} {$max_width}x{$max_height}"; } if ($mybb->settings['avatarsize']) { $maximum_size = get_friendly_size($mybb->settings['avatarsize'] * 1024); $max_size .= "<br />{$lang->avatar_max_size} {$maximum_size}"; }
function check_for_torrent(&$item, $key, $opts) { global $matched, $test_run, $config_values; if (!(strtolower($item['Feed']) == 'all' || $item['Feed'] === '' || $item['Feed'] == $opts['URL'])) { return; } $rs = $opts['Obj']; $title = strtolower($rs['title']); switch (_isset($config_values['Settings'], 'MatchStyle')) { case 'simple': $hit = $item['Filter'] != '' && strpos(strtr($title, " .", "__"), strtr(strtolower($item['Filter']), " .", "__")) === 0 && ($item['Not'] == '' or my_strpos($title, strtolower($item['Not'])) === FALSE) && ($item['Quality'] == 'All' or $item['Quality'] == '' or my_strpos($title, strtolower($item['Quality'])) !== FALSE); break; case 'glob': $hit = $item['Filter'] != '' && fnmatch(strtolower($item['Filter']), $title) && ($item['Not'] == '' or !fnmatch(strtolower($item['Not']), $title)) && ($item['Quality'] == 'All' or $item['Quality'] == '' or strpos($title, strtolower($item['Quality'])) !== FALSE); break; case 'regexp': default: $hit = $item['Filter'] != '' && preg_match('/\\b' . strtolower(str_replace(' ', '[\\s._]', $item['Filter'])) . '\\b/', $title) && ($item['Not'] == '' or !preg_match('/' . strtolower($item['Not']) . '/', $title)) && ($item['Quality'] == 'All' or $item['Quality'] == '' or preg_match('/' . strtolower($item['Quality']) . '/', $title)); break; } if (strtolower($item['Filter']) == "any") { $hit = 1; $any = 1; } if ($hit) { $guess = guess_match($title, TRUE); } if ($hit && episode_filter($guess, $item['Episodes']) == true) { $matched = 'match'; if (preg_match('/^\\d+p$/', $item['Episode'])) { $item['Episode'] = preg_replace('/^(\\d+)p/', '\\1', $item['Episode']); $PROPER = 1; } if (check_cache($rs['title'])) { if (!$any && _isset($config_values['Settings'], 'Only Newer') == 1) { if (!empty($guess['episode']) && preg_match('/^(\\d+)x(\\d+)p?$|^(\\d{8})p?$/i', $guess['episode'], $regs)) { if (isset($regs[3]) && preg_match('/^(\\d{8})$/', $regs[3]) && $item['Episode'] >= $regs[3]) { _debug($item['Name'] . ": " . $item['Episode'] . ' >= ' . $regs[3] . "\r\n", 1); $matched = "old"; return FALSE; } else { if (isset($regs[1]) && preg_match('/^(\\d{1,3})$/', $regs[1]) && $item['Season'] > $regs[1]) { _debug($item['Name'] . ": " . $item['Season'] . ' > ' . $regs[1] . "\r\n", 1); $matched = "old"; return FALSE; } else { if (isset($regs[2]) && preg_match('/^(\\d{1,3})$/', $regs[1]) && $item['Season'] == $regs[1] && $item['Episode'] >= $regs[2]) { if (!preg_match('/proper|repack|rerip/i', $rs['title'])) { _debug($item['Name'] . ": " . $item['Episode'] . ' >= ' . $regs[2] . "\r\n", 1); $matched = "old"; return FALSE; } else { if ($PROPER == 1) { _debug("Allready downloaded this Proper, Repack or Rerip of " . $item['Name'] . " {$regs['1']}x{$regs['2']}{$regs['3']}\r\n"); $matched = "old"; return FALSE; } } } } } } else { if ($guess['episode'] == 'fullSeason') { $matched = "season"; return FALSE; } else { if ($guess['episode'] != 'noShow' && !preg_match('/^(\\d{1,2} \\d{1,2} \\d{2,4})$/', $guess['episode']) || $config_values['Settings']['Require Episode Info'] == 1) { _debug("{$item} is not in a workable format."); $matched = "nomatch"; return FALSE; } } } } _debug('Match found for ' . $rs['title'] . "\n"); if ($test_run) { $matched = 'test'; return; } if ($link = get_torrent_link($rs)) { $response = client_add_torrent($link, NULL, $rs['title'], $opts['URL'], $item); if (preg_match('/^Error:/', $response)) { _debug("Failed adding torrent {$link}\n", -1); return FALSE; } else { add_cache($rs['title']); } } else { _debug("Unable to find URL for " . $rs['title'] . "\n", -1); $matched = "nourl"; } } } }
/** * Parses a error for processing. * * @param string The error type (i.e. E_ERROR, E_FATAL) * @param string The error message * @param string The error file * @param integer The error line * @return boolean True if parsing was a success, otherwise assume a error */ function error($type, $message, $file = null, $line = 0) { global $mybb; // Error reporting turned off (either globally or by @ before erroring statement) if (error_reporting() == 0) { return true; } if (in_array($type, $this->ignore_types)) { return true; } $file = str_replace(MYBB_ROOT, "", $file); $this->has_errors = true; // For some reason in the installer this setting is set to "<" $accepted_error_types = array('both', 'error', 'warning', 'none'); if (!in_array($mybb->settings['errortypemedium'], $accepted_error_types)) { $mybb->settings['errortypemedium'] = "both"; } if (defined("IN_TASK")) { global $task; require_once MYBB_ROOT . "inc/functions_task.php"; if ($file) { $filestr = " - Line: {$line} - File: {$file}"; } add_task_log($task, "{$this->error_types[$type]} - [{$type}] " . var_export($message, true) . "{$filestr}"); } // Saving error to log file. if ($mybb->settings['errorlogmedium'] == "log" || $mybb->settings['errorlogmedium'] == "both") { $this->log_error($type, $message, $file, $line); } // Are we emailing the Admin a copy? if ($mybb->settings['errorlogmedium'] == "mail" || $mybb->settings['errorlogmedium'] == "both") { $this->email_error($type, $message, $file, $line); } // SQL Error if ($type == MYBB_SQL) { $this->output_error($type, $message, $file, $line); } else { // Do we have a PHP error? if (my_strpos(my_strtolower($this->error_types[$type]), 'warning') === false) { $this->output_error($type, $message, $file, $line); } else { if ($mybb->settings['errortypemedium'] == "none" || $mybb->settings['errortypemedium'] == "error") { echo "<div class=\"php_warning\">MyBB Internal: One or more warnings occured. Please contact your administrator for assistance.</div>"; } else { global $templates; $warning = "<strong>{$this->error_types[$type]}</strong> [{$type}] {$message} - Line: {$line} - File: {$file} PHP " . PHP_VERSION . " (" . PHP_OS . ")<br />\n"; if (is_object($templates) && method_exists($templates, "get") && !defined("IN_ADMINCP")) { $this->warnings .= $warning; $this->warnings .= $this->generate_backtrace(); } else { echo "<div class=\"php_warning\">{$warning}" . $this->generate_backtrace() . "</div>"; } } } } return true; }
$usergroup = $db->fetch_array($query); if (!$usergroup['gid']) { flash_message($lang->error_invalid_user_group, 'error'); admin_redirect("index.php?module=user-group"); } else { if (preg_match("#<((m[^a])|(b[^diloru>])|(s[^aemptu>]))(\\s*[^>]*)>#si", $mybb->input['namestyle'])) { $errors[] = $lang->error_disallowed_namestyle_username; $mybb->input['namestyle'] = $usergroup['namestyle']; } } $plugins->run_hooks("admin_user_groups_edit"); if ($mybb->request_method == "post") { if (!trim($mybb->input['title'])) { $errors[] = $lang->error_missing_title; } if (my_strpos($mybb->input['namestyle'], "{username}") === false) { $errors[] = $lang->error_missing_namestyle_username; } if ($mybb->input['moderate'] == 1 && $mybb->input['invite'] == 1) { $errors[] = $lang->error_cannot_have_both_types; } if (!$errors) { if ($mybb->input['joinable'] == 1) { if ($mybb->input['moderate'] == 1) { $mybb->input['type'] = "4"; } elseif ($mybb->input['invite'] == 1) { $mybb->input['type'] = "5"; } else { $mybb->input['type'] = "3"; } } else {
$username = str_replace(array(unichr(160), unichr(173), unichr(0xca), dec_to_utf8(8238), dec_to_utf8(8237), dec_to_utf8(8203)), array(" ", "-", "", "", "", ""), $username); // Remove multiple spaces from the username $username = preg_replace("#\\s{2,}#", " ", $username); header("Content-type: application/json; charset={$charset}"); if (empty($username)) { echo json_encode($lang->banned_characters_username); exit; } // Check if the username belongs to the list of banned usernames. $banned_username = is_banned_username($username, true); if ($banned_username) { echo json_encode($lang->banned_username); exit; } // Check for certain characters in username (<, >, &, and slashes) if (strpos($username, "<") !== false || strpos($username, ">") !== false || strpos($username, "&") !== false || my_strpos($username, "\\") !== false || strpos($username, ";") !== false || strpos($username, ",") !== false || !validate_utf8_string($username, false, false)) { echo json_encode($lang->banned_characters_username); exit; } // Check if the username is actually already in use $user = get_user_by_username($username); $plugins->run_hooks("xmlhttp_username_availability"); if ($user['uid']) { $lang->username_taken = $lang->sprintf($lang->username_taken, htmlspecialchars_uni($username)); echo json_encode($lang->username_taken); exit; } else { //$lang->username_available = $lang->sprintf($lang->username_available, htmlspecialchars_uni($username)); echo json_encode("true"); exit; }
/** * Fetch a users activity and any corresponding details from their location. * * @param string The location (URL) of the user. * @return array Array of location and activity information */ function fetch_wol_activity($location, $nopermission = false) { global $uid_list, $aid_list, $pid_list, $tid_list, $fid_list, $ann_list, $eid_list, $plugins, $user, $parameters; $user_activity = array(); $split_loc = explode(".php", $location); if (isset($user['location']) && $split_loc[0] == $user['location']) { $filename = ''; } else { $filename = my_substr($split_loc[0], -my_strpos(strrev($split_loc[0]), "/")); } $parameters = array(); if ($split_loc[1]) { $temp = explode("&", my_substr($split_loc[1], 1)); foreach ($temp as $param) { $temp2 = explode("=", $param, 2); if (isset($temp2[1])) { $parameters[$temp2[0]] = $temp2[1]; } } } if ($nopermission) { $filename = "nopermission"; } switch ($filename) { case "announcements": if (!isset($parameters['aid'])) { $parameters['aid'] = 0; } $parameters['aid'] = (int) $parameters['aid']; if ($parameters['aid'] > 0) { $ann_list[$parameters['aid']] = $parameters['aid']; } $user_activity['activity'] = "announcements"; $user_activity['ann'] = $parameters['aid']; break; case "attachment": if (!isset($parameters['aid'])) { $parameters['aid'] = 0; } $parameters['aid'] = (int) $parameters['aid']; if ($parameters['aid'] > 0) { $aid_list[] = $parameters['aid']; } $user_activity['activity'] = "attachment"; $user_activity['aid'] = $parameters['aid']; break; case "calendar": if (!isset($parameters['action'])) { $parameters['action'] = ''; } if ($parameters['action'] == "event") { if (!isset($parameters['eid'])) { $parameters['eid'] = 0; } $parameters['eid'] = (int) $parameters['eid']; if ($parameters['eid'] > 0) { $eid_list[$parameters['eid']] = $parameters['eid']; } $user_activity['activity'] = "calendar_event"; $user_activity['eid'] = $parameters['eid']; } elseif ($parameters['action'] == "addevent" || $parameters['action'] == "do_addevent") { $user_activity['activity'] = "calendar_addevent"; } elseif ($parameters['action'] == "editevent" || $parameters['action'] == "do_editevent") { $user_activity['activity'] = "calendar_editevent"; } else { $user_activity['activity'] = "calendar"; } break; case "contact": $user_activity['activity'] = "contact"; break; case "editpost": $user_activity['activity'] = "editpost"; break; case "forumdisplay": if (!isset($parameters['fid'])) { $parameters['fid'] = 0; } $parameters['fid'] = (int) $parameters['fid']; if ($parameters['fid'] > 0) { $fid_list[$parameters['fid']] = $parameters['fid']; } $user_activity['activity'] = "forumdisplay"; $user_activity['fid'] = $parameters['fid']; break; case "index": case '': $user_activity['activity'] = "index"; break; case "managegroup": $user_activity['activity'] = "managegroup"; break; case "member": if (!isset($parameters['action'])) { $parameters['action'] = ''; } if ($parameters['action'] == "activate") { $user_activity['activity'] = "member_activate"; } elseif ($parameters['action'] == "register" || $parameters['action'] == "do_register") { $user_activity['activity'] = "member_register"; } elseif ($parameters['action'] == "login" || $parameters['action'] == "do_login") { $user_activity['activity'] = "member_login"; } elseif ($parameters['action'] == "logout") { $user_activity['activity'] = "member_logout"; } elseif ($parameters['action'] == "profile") { $user_activity['activity'] = "member_profile"; if (!isset($parameters['uid'])) { $parameters['uid'] = 0; } $parameters['uid'] = (int) $parameters['uid']; if ($parameters['uid'] > 0) { $uid_list[$parameters['uid']] = $parameters['uid']; } $user_activity['uid'] = $parameters['uid']; } elseif ($parameters['action'] == "emailuser" || $parameters['action'] == "do_emailuser") { $user_activity['activity'] = "member_emailuser"; } elseif ($parameters['action'] == "rate" || $parameters['action'] == "do_rate") { $user_activity['activity'] = "member_rate"; } elseif ($parameters['action'] == "resendactivation" || $parameters['action'] == "do_resendactivation") { $user_activity['activity'] = "member_resendactivation"; } elseif ($parameters['action'] == "lostpw" || $parameters['action'] == "do_lostpw" || $parameters['action'] == "resetpassword") { $user_activity['activity'] = "member_lostpw"; } else { $user_activity['activity'] = "member"; } break; case "memberlist": $user_activity['activity'] = "memberlist"; break; case "misc": if (!isset($parameters['action'])) { $parameters['action'] = ''; } $accepted_parameters = array("markread", "help", "buddypopup", "smilies", "syndication", "imcenter", "dstswitch"); if ($parameters['action'] == "whoposted") { if (!isset($parameters['tid'])) { $parameters['tid'] = 0; } $parameters['tid'] = (int) $parameters['tid']; if ($parameters['tid'] > 0) { $tid_list[$parameters['tid']] = $parameters['tid']; } $user_activity['activity'] = "misc_whoposted"; $user_activity['tid'] = $parameters['tid']; } elseif (in_array($parameters['action'], $accepted_parameters)) { $user_activity['activity'] = "misc_" . $parameters['action']; } else { $user_activity['activity'] = "misc"; } break; case "modcp": if (!isset($parameters['action'])) { $parameters['action'] = 0; } $accepted_parameters = array("modlogs", "announcements", "finduser", "warninglogs", "ipsearch"); foreach ($accepted_parameters as $action) { if ($parameters['action'] == $action) { $user_activity['activity'] = "modcp_" . $action; break; } } $accepted_parameters = array(); $accepted_parameters['report'] = array("do_reports", "reports", "allreports"); $accepted_parameters['new_announcement'] = array("do_new_announcement", "new_announcement"); $accepted_parameters['delete_announcement'] = array("do_delete_announcement", "delete_announcement"); $accepted_parameters['edit_announcement'] = array("do_edit_announcement", "edit_announcement"); $accepted_parameters['mod_queue'] = array("do_modqueue", "modqueue"); $accepted_parameters['editprofile'] = array("do_editprofile", "editprofile"); $accepted_parameters['banning'] = array("do_banuser", "banning", "liftban", "banuser"); foreach ($accepted_parameters as $name => $actions) { if (in_array($parameters['action'], $actions)) { $user_activity['activity'] = "modcp_" . $name; break; } } if (empty($user_activity['activity'])) { $user_activity['activity'] = "modcp"; } break; case "moderation": $user_activity['activity'] = "moderation"; break; case "newreply": if (!isset($parameters['tid'])) { $parameters['tid'] = 0; } $parameters['tid'] = (int) $parameters['tid']; if ($parameters['tid'] > 0) { $tid_list[$parameters['tid']] = $parameters['tid']; } $user_activity['activity'] = "newreply"; $user_activity['tid'] = $parameters['tid']; break; case "newthread": if (!isset($parameters['fid'])) { $parameters['fid'] = 0; } $parameters['fid'] = (int) $parameters['fid']; if ($parameters['fid'] > 0) { $fid_list[$parameters['fid']] = $parameters['fid']; } $user_activity['activity'] = "newthread"; $user_activity['fid'] = $parameters['fid']; break; case "online": if (!isset($parameters['action'])) { $parameters['action'] = ''; } if ($parameters['action'] == "today") { $user_activity['activity'] = "woltoday"; } else { $user_activity['activity'] = "wol"; } break; case "polls": if (!isset($parameters['action'])) { $parameters['action'] = ''; } // Make the "do" parts the same as the other one. if ($parameters['action'] == "do_newpoll") { $user_activity['activity'] = "newpoll"; } elseif ($parameters['action'] == "do_editpoll") { $user_activity['activity'] = "editpoll"; } else { $accepted_parameters = array("do_editpoll", "editpoll", "newpoll", "do_newpoll", "showresults", "vote"); foreach ($accepted_parameters as $action) { if ($parameters['action'] == $action) { $user_activity['activity'] = $action; break; } } if (!$user_activity['activity']) { $user_activity['activity'] = "showresults"; } } break; case "printthread": if (!isset($parameters['tid'])) { $parameters['tid'] = 0; } $parameters['tid'] = (int) $parameters['tid']; if ($parameters['tid'] > 0) { $tid_list[$parameters['tid']] = $parameters['tid']; } $user_activity['activity'] = "printthread"; $user_activity['tid'] = $parameters['tid']; break; case "private": if (!isset($parameters['action'])) { $parameters['action'] = ''; } if ($parameters['action'] == "send" || $parameters['action'] == "do_send") { $user_activity['activity'] = "private_send"; } elseif ($parameters['action'] == "read") { $user_activity['activity'] = "private_read"; } elseif ($parameters['action'] == "folders" || $parameters['action'] == "do_folders") { $user_activity['activity'] = "private_folders"; } else { $user_activity['activity'] = "private"; } break; case "ratethread": $user_activity['activity'] = "ratethread"; break; case "report": $user_activity['activity'] = "report"; break; case "reputation": if (!isset($parameters['uid'])) { $parameters['uid'] = 0; } $parameters['uid'] = (int) $parameters['uid']; if ($parameters['uid'] > 0) { $uid_list[$parameters['uid']] = $parameters['uid']; } $user_activity['uid'] = $parameters['uid']; if ($parameters['action'] == "add") { $user_activity['activity'] = "reputation"; } else { $user_activity['activity'] = "reputation_report"; } break; case "search": $user_activity['activity'] = "search"; break; case "sendthread": if (!isset($parameters['tid'])) { $parameters['tid'] = 0; } $parameters['tid'] = (int) $parameters['tid']; if ($parameters['tid'] > 0) { $tid_list[$parameters['tid']] = $parameters['tid']; } $user_activity['activity'] = "sendthread"; $user_activity['tid'] = $parameters['tid']; break; case "showteam": $user_activity['activity'] = "showteam"; break; case "showthread": if (!isset($parameters['action'])) { $parameters['action'] = 0; } if (!isset($parameters['pid'])) { $parameters['pid'] = 0; } $parameters['pid'] = (int) $parameters['pid']; if ($parameters['pid'] > 0 && $parameters['action'] == "showpost") { $pid_list[$parameters['pid']] = $parameters['pid']; $user_activity['activity'] = "showpost"; $user_activity['pid'] = $parameters['pid']; } else { if (!isset($parameters['page'])) { $parameters['page'] = 0; } $parameters['page'] = (int) $parameters['page']; $user_activity['page'] = $parameters['page']; if (!isset($parameters['tid'])) { $parameters['tid'] = 0; } $parameters['tid'] = (int) $parameters['tid']; if ($parameters['tid'] > 0) { $tid_list[$parameters['tid']] = $parameters['tid']; } $user_activity['activity'] = "showthread"; $user_activity['tid'] = $parameters['tid']; } break; case "stats": $user_activity['activity'] = "stats"; break; case "usercp": if (!isset($parameters['action'])) { $parameters['action'] = ''; } if ($parameters['action'] == "profile" || $parameters['action'] == "do_profile") { $user_activity['activity'] = "usercp_profile"; } elseif ($parameters['action'] == "options" || $parameters['action'] == "do_options") { $user_activity['activity'] = "usercp_options"; } elseif ($parameters['action'] == "password" || $parameters['action'] == "do_password") { $user_activity['activity'] = "usercp_password"; } elseif ($parameters['action'] == "editsig" || $parameters['action'] == "do_editsig") { $user_activity['activity'] = "usercp_editsig"; } elseif ($parameters['action'] == "avatar" || $parameters['action'] == "do_avatar") { $user_activity['activity'] = "usercp_avatar"; } elseif ($parameters['action'] == "editlists" || $parameters['action'] == "do_editlists") { $user_activity['activity'] = "usercp_editlists"; } elseif ($parameters['action'] == "favorites") { $user_activity['activity'] = "usercp_favorites"; } elseif ($parameters['action'] == "subscriptions") { $user_activity['activity'] = "usercp_subscriptions"; } elseif ($parameters['action'] == "notepad" || $parameters['action'] == "do_notepad") { $user_activity['activity'] = "usercp_notepad"; } else { $user_activity['activity'] = "usercp"; } break; case "usercp2": if (!isset($parameters['action'])) { $parameters['action'] = ''; } if ($parameters['action'] == "addfavorite" || $parameters['action'] == "removefavorite" || $parameters['action'] == "removefavorites") { $user_activity['activity'] = "usercp2_favorites"; } else { if ($parameters['action'] == "addsubscription" || $parameters['action'] == "do_addsubscription" || $parameters['action'] == "removesubscription" || $parameters['action'] == "removesubscriptions") { $user_activity['activity'] = "usercp2_subscriptions"; } } break; case "portal": $user_activity['activity'] = "portal"; break; case "warnings": if (!isset($parameters['action'])) { $parameters['action'] = ''; } if ($parameters['action'] == "warn" || $parameters['action'] == "do_warn") { $user_activity['activity'] = "warnings_warn"; } elseif ($parameters['action'] == "do_revoke") { $user_activity['activity'] = "warnings_revoke"; } elseif ($parameters['action'] == "view") { $user_activity['activity'] = "warnings_view"; } else { $user_activity['activity'] = "warnings"; } break; case "nopermission": $user_activity['activity'] = "nopermission"; $user_activity['nopermission'] = 1; break; default: $user_activity['activity'] = "unknown"; break; } // Expects $location to be passed through already sanitized $user_activity['location'] = $location; $user_activity = $plugins->run_hooks("fetch_wol_activity_end", $user_activity); return $user_activity; }