{
print_no_permission();
}
$reportthread = ($rpforumid = $vbulletin->options['rpforumid'] AND $rpforuminfo = fetch_foruminfo($rpforumid));
$reportemail = ($vbulletin->options['enableemail'] AND $vbulletin->options['rpemail']);
if (!$reportthread AND !$reportemail)
{
standard_error(fetch_error('emaildisabled'));
}
$navbits = array();
if ($blogid)
{
$bloginfo = verify_blog($blogid);
if ($blogtextinfo AND $blogtextinfo['blogtextid'] != $bloginfo['firstblogtextid'])
{
if (!fetch_comment_perm('canviewcomments', $bloginfo, $blogtextinfo))
{
print_no_permission();
}
$reportobj = new vB_ReportItem_Blog_Comment($vbulletin);
$reportobj->set_extrainfo('blog', $bloginfo);
$forminfo = $reportobj->set_forminfo($blogtextinfo);
}
else
{
$blogtextinfo = array();
print_stop_message('saved_display_order_successfully');
}
if ($_POST['do'] == 'updatefe') {
$vbulletin->input->clean_array_gpc('p', array('featureid' => TYPE_UINT, 'type' => TYPE_NOHTML, 'pusergroupid' => TYPE_UINT, 'susergroupid' => TYPE_UINT, 'start' => TYPE_ARRAY_UINT, 'end' => TYPE_ARRAY_UINT, 'refresh' => TYPE_UINT, 'timespan' => TYPE_STR, 'blogid' => TYPE_UINT, 'username' => TYPE_NOHTML, 'displayorder' => TYPE_UINT, 'bbcode' => TYPE_BOOL));
$values = array('blogid' => 0, 'userid' => 0, 'pusergroupid' => 0, 'susergroupid' => 0, 'refresh' => 3600, 'start' => 0, 'end' => 0, 'featureid' => $vbulletin->GPC['featureid'], 'displayorder' => $vbulletin->GPC['displayorder'], 'timespan' => 'all', 'bbcode' => $vbulletin->GPC['bbcode']);
if ($vbulletin->GPC['featureid']) {
$entry = $db->query_first_slave("\r\n\t\t\tSELECT type\r\n\t\t\tFROM " . TABLE_PREFIX . "blog_featured\r\n\t\t\tWHERE featureid = " . $vbulletin->GPC['featureid'] . "\r\n\t\t");
if (!$entry) {
print_stop_message('invalid_x_specified', 'featureid');
}
$values['type'] = $entry['type'];
} else {
$values['type'] = $vbulletin->GPC['type'];
}
if ($values['type'] == 'specific') {
$bloginfo = verify_blog($vbulletin->GPC['blogid'], false);
if (!$bloginfo) {
print_stop_message('invalid_x_specified', $vbphrase['blogid']);
} else {
$values['blogid'] = $bloginfo['blogid'];
}
$values['type'] = 'specific';
} else {
if ($vbulletin->GPC['username']) {
$userinfo = $db->query_first_slave("\r\n\t\t\t\tSELECT userid\r\n\t\t\t\tFROM " . TABLE_PREFIX . "user\r\n\t\t\t\tWHERE username = '******'username'] . "'\r\n\t\t\t");
if (!$userinfo) {
print_stop_message('invalid_user_specified');
} else {
$values['userid'] = $userinfo['userid'];
}
}
$vbulletin->url = 'blog.php?' . $vbulletin->session->vars['sessionurl'] . "u=$userinfo[userid]";
}
eval(print_standard_redirect('redirect_subsadd_blog', true, true));
}
}
// ############################### start add subscription ###############################
if ($_REQUEST['do'] == 'subscribe')
{
$vbulletin->input->clean_array_gpc('r', array(
'userid' => TYPE_UINT,
));
if ($bloginfo['blogid'])
{
verify_blog($bloginfo['blogid']);
$bloginfo['title_trimmed'] = fetch_trimmed_title($bloginfo['title']);
// Sidebar
$sidebar =& build_user_sidebar($bloginfo);
}
else if ($vbulletin->GPC['userid'])
{
if (!($userinfo = fetch_userinfo($vbulletin->GPC['userid'], 1)))
{
standard_error(fetch_error('invalidid', $vbphrase['user'], $vbulletin->options['contactuslink']));
}
if ((!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) AND $userinfo['userid'] == $vbulletin->userinfo['userid']) OR (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']) AND $userinfo['userid'] != $vbulletin->userinfo['userid']))
{
print_no_permission();
/**
* Verifies permissions to attach content to entries
*
* @return boolean
*/
public function verify_permissions()
{
global $show;
$this->values['blogid'] = intval($this->values['b']) ? intval($this->values['b']) : intval($this->values['blogid']);
if (!($this->registry->userinfo['permissions']['vbblog_entry_permissions'] & $this->registry->bf_ugp_vbblog_entry_permissions['blog_canpostattach']))
{
return false;
}
if ($this->values['blogid'])
{
if (!($this->bloginfo = verify_blog($this->values['blogid'], false, 'modifychild')))
{
return false;
}
$this->contentid = $this->bloginfo['blogid'];
$this->userinfo = fetch_userinfo($this->bloginfo['userid']);
cache_permissions($this->userinfo);
}
else
{
if ($userid = intval($this->values['u']) AND $userinfo = fetch_userinfo($userid))
{
$this->userinfo = $userinfo;
cache_permissions($this->userinfo);
}
else
{
$this->userinfo = $this->registry->userinfo;
}
}
return true;
}
protected function load_content_info()
{
return verify_blog($this->contentid);
}
}
}
// #######################################################################
if ($_REQUEST['do'] == 'edittrackback')
{
$vbulletin->input->clean_array_gpc('r', array(
'blogtrackbackid' => TYPE_UINT
));
if (!($trackbackinfo = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "blog_trackback WHERE blogtrackbackid = " . $vbulletin->GPC['blogtrackbackid'])))
{
standard_error(fetch_error('invalidid', $vbphrase['trackback'], $vbulletin->options['contactuslink']));
}
$bloginfo = verify_blog($trackbackinfo['blogid']);
if ($trackbackinfo['state'] == 'moderation' AND !can_moderate_blog('canmoderatecomments') AND ($vbulletin->userinfo['userid'] != $bloginfo['userid'] OR !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canmanageblogcomments'])))
{
standard_error(fetch_error('invalidid', $vbphrase['trackback'], $vbulletin->options['contactuslink']));
}
if (($bloginfo['state'] == 'deleted' AND !can_moderate_blog('candeleteentries')) OR ($bloginfo['state'] == 'moderation' AND !can_moderate_blog('canmoderateentries')))
{
print_no_permission();
}
if ($show['errors'])
{
$trackbackinfo['title'] = $title;
$trackbackinfo['snippet'] = $snippet;
