public function getData() { if ($this->config['newposts_forumids']) { if (in_array(-1, $this->config['newposts_forumids'])) { $forumids = array_keys($this->registry->forumcache); } else { $forumids = $this->config['newposts_forumids']; } } else { $forumids = array_keys($this->registry->forumcache); } foreach ($forumids as $forumid) { $forumperms =& $this->registry->userinfo['forumpermissions']["{$forumid}"]; if ($forumperms & $this->registry->bf_ugp_forumpermissions['canview'] and $forumperms & $this->registry->bf_ugp_forumpermissions['canviewothers'] and $forumperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'] and verify_forum_password($forumid, $this->registry->forumcache["{$forumid}"]['password'], false)) { $forumchoice[] = $forumid; } } if (!empty($forumchoice)) { $forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")"; // remove threads from users on the global ignore list if user is not a moderator $globalignore = ''; if (trim($this->registry->options['globalignore']) != '') { require_once DIR . '/includes/functions_bigthree.php'; if ($Coventry = fetch_coventry('string')) { $globalignore = "AND post.userid NOT IN ({$Coventry}) "; } } $datecut = TIMENOW - $this->config['datecut'] * 86400; $posts = $this->registry->db->query_read_slave("\n\t\t\t\tSELECT post.dateline, post.pagetext AS message, post.allowsmilie, post.postid,\n\t\t\t\t\tthread.threadid, thread.title, thread.prefixid, post.attach,\n\t\t\t\t\tforum.forumid,\n\t\t\t\t\tuser.*\n\t\t\t\t\t" . ($this->registry->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\t\tJOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = post.threadid)\n\t\t\t\tJOIN " . TABLE_PREFIX . "forum AS forum ON(forum.forumid = thread.forumid)\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (post.userid = user.userid)\n\t\t\t\t" . ($this->registry->products['vbcms'] ? " LEFT JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.associatedthreadid = thread.threadid \n" : '') . ($this->registry->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\tWHERE 1=1\n\t\t\t\t{$forumsql}\n\t\t\t\tAND thread.visible = 1\n\t\t\t\tAND post.visible = 1\n\t\t\t\tAND thread.open <> 10\n\t\t\t\tAND post.dateline > {$datecut}\n\t\t\t\t{$globalignore}\n\t\t\t\t" . ($this->userinfo['ignorelist'] ? "AND post.userid NOT IN (" . implode(',', explode(' ', $this->userinfo['ignorelist'])) . ")" : '') . ($this->registry->products['vbcms'] ? " AND info.associatedthreadid IS NULL " : '') . "\n\t\t\tORDER BY post.dateline DESC\n\t\t\tLIMIT 0," . intval($this->config['newposts_limit']) . "\n\t\t\t"); while ($post = $this->registry->db->fetch_array($posts)) { //$post['url'] = fetch_seo_url('thread', $post, array('p' => $post['postid'])) . '#post' . $post['postid']; //$post['newposturl'] = fetch_seo_url('thread', $post, array('goto' => 'newpost')); // trim the title after fetching the urls //$post['title'] = fetch_trimmed_title($post['title'], $this->config['newposts_titlemaxchars']); //still need to censor the title $post['title'] = fetch_censored_text($post['title']); $post['date'] = vbdate($this->registry->options['dateformat'], $post['dateline'], true); $post['time'] = vbdate($this->registry->options['timeformat'], $post['dateline']); $post['message'] = $this->get_summary($post['message'], $this->config['newposts_messagemaxchars']); // get avatar $this->fetch_avatarinfo($post); $postarray[$post['postid']] = $post; } return $postarray; } }
function fr_construct_forum_bit($parentid, $depth = 0, $subsonly = 0) { global $vbulletin, $vbphrase, $show; global $imodcache, $lastpostarray, $counters, $inforum; // Get exclude IDs $exclude_ids = @explode(',', $vbulletin->options['forumrunner_exclude']); if (in_array('-1', $exclude_ids)) { $exclude_ids = array(); } if (in_array($parentid, $exclude_ids)) { return; } // this function takes the constant MAXFORUMDEPTH as its guide for how // deep to recurse down forum lists. if MAXFORUMDEPTH is not defined, // it will assume a depth of 2. // call fetch_last_post_array() first to get last post info for forums if (!is_array($lastpostarray)) { fetch_last_post_array($parentid); } if (empty($vbulletin->iforumcache["{$parentid}"])) { return; } if (!defined('MAXFORUMDEPTH')) { define('MAXFORUMDEPTH', 2); } $forumbits = ''; $depth++; if ($parentid == -1) { $parent_is_category = false; } else { $parentforum = $vbulletin->forumcache[$parentid]; $parent_is_category = !(bool) ($parentforum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']); } foreach ($vbulletin->iforumcache["{$parentid}"] as $forumid) { if (in_array($forumid, $exclude_ids)) { continue; } // grab the appropriate forum from the $vbulletin->forumcache $forum = $vbulletin->forumcache["{$forumid}"]; //$lastpostforum = $vbulletin->forumcache["$lastpostarray[$forumid]"]; $lastpostforum = empty($lastpostarray[$forumid]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"]; if (!$forum['displayorder'] or !($forum['options'] & $vbulletin->bf_misc_forumoptions['active'])) { continue; } $forumperms = $vbulletin->userinfo['forumpermissions']["{$forumid}"]; $lastpostforumperms = empty($lastpostarray[$forumid]) ? 0 : $vbulletin->userinfo['forumpermissions']["{$lastpostarray[$forumid]}"]; if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) and ($vbulletin->forumcache["{$forumid}"]['showprivate'] == 1 or !$vbulletin->forumcache["{$forumid}"]['showprivate'] and !$vbulletin->options['showprivateforums'])) { // no permission to view current forum continue; } if ($subsonly) { $childforumbits = fr_construct_forum_bit($forum['forumid'], 1, $subsonly); } else { if ($depth < MAXFORUMDEPTH) { $childforumbits = fr_construct_forum_bit($forum['forumid'], $depth, $subsonly); } else { $childforumbits = ''; } } // do stuff if we are not doing subscriptions only, or if we ARE doing subscriptions, // and the forum has a subscribedforumid if (!$subsonly or $subsonly and !empty($forum['subscribeforumid'])) { $GLOBALS['forumshown'] = true; // say that we have shown at least one forum if ($forum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']) { // get appropriate suffix for template name $tempext = '_post'; } else { $tempext = '_nopost'; } if (!$vbulletin->options['showforumdescription']) { // blank forum description if set to not show $forum['description'] = ''; } // dates & thread title $lastpostinfo = empty($lastpostarray["{$forumid}"]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"]; // compare last post time for this forum with the last post time specified by // the $lastpostarray, and if it's less, use the last post info from the forum // specified by $lastpostarray if (!empty($lastpostinfo) and $vbulletin->forumcache["{$lastpostarray[$forumid]}"]['lastpost'] > 0) { if (!($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $lastpostinfo['lastposter'] != $vbulletin->userinfo['username']) { $forum['lastpostinfo'] = $vbphrase['private']; } else { $lastpostinfo['lastpostdate'] = vbdate($vbulletin->options['dateformat'], $lastpostinfo['lastpost'], 1); $lastpostinfo['lastposttime'] = vbdate($vbulletin->options['timeformat'], $lastpostinfo['lastpost']); $lastpostinfo['trimthread'] = fetch_trimmed_title(fetch_censored_text($lastpostinfo['lastthread'])); if ($lastpostinfo['lastprefixid'] and $vbulletin->options['showprefixlastpost']) { $lastpostinfo['prefix'] = $vbulletin->options['showprefixlastpost'] == 2 ? $vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_rich"] : htmlspecialchars_uni($vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_plain"]); } else { $lastpostinfo['prefix'] = ''; } if ($vbulletin->forumcache["{$lastpostforum['forumid']}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons'] and $icon = fetch_iconinfo($lastpostinfo['lasticonid'])) { $show['icon'] = true; } else { $show['icon'] = false; } $show['lastpostinfo'] = (!$lastpostforum['password'] or verify_forum_password($lastpostforum['forumid'], $lastpostforum['password'], false)); $pageinfo_lastpost = array('p' => $lastpostinfo['lastpostid']); $pageinfo_newpost = array('goto' => 'newpost'); $threadinfo = array('title' => $lastpostinfo['lastthread'], 'threadid' => $lastpostinfo['lastthreadid']); } } else { if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) { $forum['lastpostinfo'] = $vbphrase['private']; } else { $forum['lastpostinfo'] = $vbphrase['never']; } } // do light bulb $forum['statusicon'] = fetch_forum_lightbulb($forumid, $lastpostinfo, $forum); // add lock to lightbulb if necessary // from 3.6.9 & 3.7.0 we now show locks only if a user can not post AT ALL // previously it was just if they could not create new threads if ($vbulletin->options['showlocks'] and !$forum['link'] and (!($forum['options'] & $vbulletin->bf_misc_forumoptions['allowposting']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostnew']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) { $forum['statusicon'] .= '_lock'; } // get counters from the counters cache ( prepared by fetch_last_post_array() ) $forum['threadcount'] = $counters["{$forum['forumid']}"]['threadcount']; $forum['replycount'] = $counters["{$forum['forumid']}"]['replycount']; // get moderators ( this is why we needed cache_moderators() ) if ($vbulletin->options['showmoderatorcolumn']) { $showmods = array(); $listexploded = explode(',', $forum['parentlist']); foreach ($listexploded as $parentforumid) { if (!isset($imodcache["{$parentforumid}"]) or $parentforumid == -1) { continue; } foreach ($imodcache["{$parentforumid}"] as $moderator) { if (isset($showmods["{$moderator['userid']}"])) { continue; } ($hook = vBulletinHook::fetch_hook('forumbit_moderator')) ? eval($hook) : false; $showmods["{$moderator['userid']}"] = true; if (!isset($forum['moderators'])) { $forum['moderators'] = ''; } } } if (!isset($forum['moderators'])) { $forum['moderators'] = ''; } } if ($forum['link']) { $forum['replycount'] = '-'; $forum['threadcount'] = '-'; $forum['lastpostinfo'] = '-'; } else { $forum['replycount'] = vb_number_format($forum['replycount']); $forum['threadcount'] = vb_number_format($forum['threadcount']); } if (($subsonly or $depth == MAXFORUMDEPTH) and $vbulletin->options['subforumdepth'] > 0) { //$forum['subforums'] = construct_subforum_bit($forumid, ($forum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads'] ) ); $forum['subforums'] = ''; } else { $forum['subforums'] = ''; } $forum['browsers'] = 0; $children = explode(',', $forum['childlist']); foreach ($children as $childid) { $forum['browsers'] += isset($inforum["{$childid}"]) ? $inforum["{$childid}"] : 0; } if ($depth == 1 and $tempext == '_nopost') { global $vbcollapse; $collapseobj_forumid =& $vbcollapse["collapseobj_forumbit_{$forumid}"]; $collapseimg_forumid =& $vbcollapse["collapseimg_forumbit_{$forumid}"]; $show['collapsebutton'] = true; } else { $show['collapsebutton'] = false; } $show['forumsubscription'] = $subsonly ? true : false; $show['forumdescription'] = $forum['description'] != '' ? true : false; $show['subforums'] = $forum['subforums'] != '' ? true : false; $show['browsers'] = ($vbulletin->options['displayloggedin'] and !$forum['link'] and $forum['browsers'] ? true : false); // FRNR Start // If this forum has a password, check to see if we have // the proper cookie. If so, don't prompt for one $password = 0; if ($forum['password']) { $pw_ok = verify_forum_password($forum['forumid'], $forum['password'], false); if (!$pw_ok) { $password = 1; } } $new = array('id' => $forum['forumid'], 'new' => $forum['statusicon'] == 'new' ? true : false, 'name' => prepare_utf8_string(strip_tags($forum['title'])), 'password' => $password); $icon = fr_get_forum_icon($forum['forumid'], $forum['statusicon'] == 'new' ? true : false); if ($icon) { $new['icon'] = $icon; } if ($forum['link'] != '') { $link = fr_fix_url($forum['link']); if (is_int($link)) { $new['id'] = $link; } else { $new['link'] = $link; } $linkicon = fr_get_forum_icon($forum['forumid'], false, true); if ($linkicon) { $new['icon'] = $linkicon; } } if ($forum['description'] != '') { $desc = prepare_utf8_string(strip_tags($forum['description'])); if (strlen($desc) > 0) { $new['desc'] = $desc; } } $out[] = $new; // FRNR End } else { $forumbits .= $childforumbits; } } return $out; }
/** * Fetches and prepares posts for quoting. Returned text is BB code. * * @param array Array of post IDs to pull from * @param integer The ID of the thread that is being quoted into * @param integer Returns the number of posts that were unquoted because of the value of the next argument * @param array Returns the IDs of the posts that were actually quoted * @param string Controls what posts are successfully quoted: all, only (only the thread ID), other (only other thread IDs) * @param boolean Whether to undo the htmlspecialchars calls; useful when returning HTML to be entered via JS */ function fetch_quotable_posts($quote_postids, $threadid, &$unquoted_posts, &$quoted_post_ids, $limit_thread = 'only', $unhtmlspecialchars = false) { global $vbulletin; $unquoted_posts = 0; $quoted_post_ids = array(); $quote_postids = array_diff_assoc(array_unique(array_map('intval', $quote_postids)), array(0)); // limit to X number of posts if ($vbulletin->options['mqlimit'] > 0) { $quote_postids = array_slice($quote_postids, 0, $vbulletin->options['mqlimit']); } if (empty($quote_postids)) { // nothing to quote return ''; } $hook_query_fields = $hook_query_joins = ''; ($hook = vBulletinHook::fetch_hook('quotable_posts_query')) ? eval($hook) : false; $quote_post_data = $vbulletin->db->query_read_slave("\n\t\tSELECT post.postid, post.title, post.pagetext, post.dateline, post.userid, post.visible AS postvisible,\n\t\t\tIF(user.username <> '', user.username, post.username) AS username,\n\t\t\tthread.threadid, thread.title AS threadtitle, thread.postuserid, thread.visible AS threadvisible,\n\t\t\tforum.forumid, forum.password\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (post.userid = user.userid)\n\t\tINNER JOIN " . TABLE_PREFIX . "thread AS thread ON (post.threadid = thread.threadid)\n\t\tINNER JOIN " . TABLE_PREFIX . "forum AS forum ON (thread.forumid = forum.forumid)\n\t\t{$hook_query_joins}\n\t\tWHERE post.postid IN (" . implode(',', $quote_postids) . ")\n\t"); $quote_posts = array(); while ($quote_post = $vbulletin->db->fetch_array($quote_post_data)) { if ((!$quote_post['postvisible'] or $quote_post['postvisible'] == 2) and !can_moderate($quote_post['forumid']) or (!$quote_post['threadvisible'] or $quote_post['threadvisible'] == 2) and !can_moderate($quote_post['forumid'])) { // no permission to view this post continue; } $forumperms = fetch_permissions($quote_post['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($quote_post['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($quote_post['forumid'], $quote_post['password'], false) or in_coventry($quote_post['postuserid']) and !can_moderate($quote_post['forumid']) or in_coventry($quote_post['userid']) and !can_moderate($quote_post['forumid'])) { // no permission to view this post continue; } if ($limit_thread == 'only' and $quote_post['threadid'] != $threadid or $limit_thread == 'other' and $quote_post['threadid'] == $threadid or $limit_thread == 'all') { $unquoted_posts++; continue; } $skip_post = false; ($hook = vBulletinHook::fetch_hook('quotable_posts_logic')) ? eval($hook) : false; if ($skip_post) { continue; } $quote_posts["{$quote_post['postid']}"] = $quote_post; } $message = ''; foreach ($quote_postids as $quote_postid) { if (!isset($quote_posts["{$quote_postid}"])) { continue; } $quote_post =& $quote_posts["{$quote_postid}"]; $originalposter = fetch_quote_username($quote_post['username'] . ";{$quote_post['postid']}"); $postdate = vbdate($vbulletin->options['dateformat'], $quote_post['dateline']); $posttime = vbdate($vbulletin->options['timeformat'], $quote_post['dateline']); $pagetext = htmlspecialchars_uni($quote_post['pagetext']); $pagetext = trim(strip_quotes($pagetext)); ($hook = vBulletinHook::fetch_hook('newreply_quote')) ? eval($hook) : false; eval('$message .= "' . fetch_template('newpost_quote', 0, false) . '\\n";'); $quoted_post_ids[] = $quote_postid; } if ($unhtmlspecialchars) { $message = unhtmlspecialchars($message); } return $message; }
/** * Verifies permissions to attach content to posts * * @param array Contenttype information - bypass reading environment settings * * @return boolean */ public function verify_permissions($info = array()) { global $show; if ($info) { $this->values['postid'] = $info['postid']; $this->values['threadid'] = $info['threadid']; $this->values['forumid'] = $info['forumid']; } else { $this->values['postid'] = intval($this->values['p']) ? intval($this->values['p']) : intval($this->values['postid']); $this->values['threadid'] = intval($this->values['t']) ? intval($this->values['t']) : intval($this->values['threadid']); $this->values['forumid'] = intval($this->values['f']) ? intval($this->values['f']) : intval($this->values['forumid']); } if ($this->values['postid']) { if (!($this->postinfo = fetch_postinfo($this->values['postid']))) { return false; } $this->values['threadid'] = $this->postinfo['threadid']; } if ($this->values['threadid']) { if (!($this->threadinfo = fetch_threadinfo($this->values['threadid']))) { return false; } $this->values['forumid'] = $this->threadinfo['forumid']; } if ($this->values['forumid'] and !($this->foruminfo = fetch_foruminfo($this->values['forumid']))) { return false; } if (!$this->foruminfo and !$this->threadinfo and !($this->postinfo and $this->values['editpost'])) { return false; } $forumperms = fetch_permissions($this->foruminfo['forumid']); // No permissions to post attachments in this forum or no permission to view threads in this forum. if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canpostattachment']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canview']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'])) { return false; } if (!$this->postinfo and !$this->foruminfo['allowposting'] or $this->foruminfo['link'] or !$this->foruminfo['cancontainthreads']) { return false; } if ($this->threadinfo) { if ($this->threadinfo['isdeleted'] or !$this->threadinfo['visible'] and !can_moderate($this->threadinfo['forumid'], 'canmoderateposts')) { return false; } if (!$this->threadinfo['open']) { if (!can_moderate($this->threadinfo['forumid'], 'canopenclose')) { return false; } } if ($this->registry->userinfo['userid'] != $this->threadinfo['postuserid'] and (!($forumperms & $this->registry->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canreplyothers']))) { return false; } // don't call this part on editpost.php (which will have a $postid) if (!$this->postinfo and !($forumperms & $this->registry->bf_ugp_forumpermissions['canreplyown']) and $this->registry->userinfo['userid'] == $this->threadinfo['postuserid']) { return false; } } else { if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canpostnew'])) { return false; } } if ($this->postinfo) { if (!can_moderate($this->threadinfo['forumid'], 'caneditposts')) { if (!($forumperms & $this->registry->bf_ugp_forumpermissions['caneditpost'])) { return false; } else { if ($this->registry->userinfo['userid'] != $this->postinfo['userid']) { // check user owns this post return false; } else { // check for time limits if ($this->postinfo['dateline'] < TIMENOW - $this->registry->options['edittimelimit'] * 60 and $this->registry->options['edittimelimit']) { return false; } } } } $this->contentid = $this->postinfo['postid']; $this->userinfo = fetch_userinfo($this->postinfo['userid']); cache_permissions($this->userinfo, true); } else { $this->userinfo = $this->registry->userinfo; } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($this->foruminfo['forumid'], $this->foruminfo['password'], false); if (!$this->foruminfo['allowposting']) { $show['attachoption'] = false; $show['forumclosed'] = true; } return true; }
// ********************************************************************************* // get forum info $forum = fetch_foruminfo($thread['forumid']); $foruminfo =& $forum; // ********************************************************************************* // check forum permissions $forumperms = fetch_permissions($thread['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { print_no_permission(); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($thread['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { print_no_permission(); } // ********************************************************************************* // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); // ********************************************************************************* // jump page if thread is actually a redirect if ($thread['open'] == 10) { $destthreadinfo = fetch_threadinfo($threadinfo['pollid']); exec_header_redirect(fetch_seo_url('thread|js', $destthreadinfo, $pageinfo)); } // ********************************************************************************* // get ignored users $ignore = array(); if (trim($vbulletin->userinfo['ignorelist'])) { $ignorelist = preg_split('/( )+/', trim($vbulletin->userinfo['ignorelist']), -1, PREG_SPLIT_NO_EMPTY); foreach ($ignorelist as $ignoreuserid) { $ignore["{$ignoreuserid}"] = 1; } }
// set display terms $display = array('words' => array(), 'highlight' => array(), 'common' => array(), 'users' => array(), 'forums' => $display['forums'], 'options' => array('starteronly' => false, 'childforums' => true, 'action' => $_REQUEST['do'])); ($hook = vBulletinHook::fetch_hook('search_getnew_display')) ? eval($hook) : false; // get moderator cache for forum password purposes if ($vbulletin->userinfo['userid']) { cache_moderators(); } // get forum ids for all forums user is allowed to view foreach ($forumids as $key => $forumid) { if (is_array($includearray) and empty($includearray["{$forumid}"])) { unset($forumids["{$key}"]); continue; } $fperms =& $vbulletin->userinfo['forumpermissions']["{$forumid}"]; $forum =& $vbulletin->forumcache["{$forumid}"]; if (!($fperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($fperms & $vbulletin->bf_ugp_forumpermissions['cansearch']) or !verify_forum_password($forumid, $forum['password'], false)) { unset($forumids["{$key}"]); } } if (empty($forumids)) { eval(standard_error(fetch_error('invalidid', $vbphrase['forum'], $vbulletin->options['contactuslink']))); } if ($_REQUEST['do'] == 'getnew' and $vbulletin->userinfo['userid'] and $vbulletin->options['threadmarking'] and !$vbulletin->GPC['oldmethod']) { $marking_join = "\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threadread AS threadread ON (threadread.threadid = thread.threadid AND threadread.userid = " . $vbulletin->userinfo['userid'] . ")\n\t\t\tINNER JOIN " . TABLE_PREFIX . "forum AS forum ON (forum.forumid = thread.forumid)\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "forumread AS forumread ON (forumread.forumid = forum.forumid AND forumread.userid = " . $vbulletin->userinfo['userid'] . ")\n\t\t"; $cutoff = TIMENOW - $vbulletin->options['markinglimit'] * 86400; $lastpost_where = "\n\t\t\tAND thread.lastpost > IF(threadread.readtime IS NULL, {$cutoff}, threadread.readtime)\n\t\t\tAND thread.lastpost > IF(forumread.readtime IS NULL, {$cutoff}, forumread.readtime)\n\t\t\tAND thread.lastpost > {$cutoff}\n\t\t"; $post_lastpost_where = "\n\t\t\tAND post.dateline > IF(threadread.readtime IS NULL, {$cutoff}, threadread.readtime)\n\t\t\tAND post.dateline > IF(forumread.readtime IS NULL, {$cutoff}, forumread.readtime)\n\t\t\tAND post.dateline > {$cutoff}\n\t\t"; } else { $marking_join = ''; $lastpost_where = "AND thread.lastpost >= {$datecut}"; $post_lastpost_where = "AND post.dateline >= {$datecut}";
function construct_forum_bit($parentid, $depth = 0, $subsonly = 0) { global $vbulletin, $vbphrase, $show; global $imodcache, $lastpostarray, $counters, $inforum; // this function takes the constant MAXFORUMDEPTH as its guide for how // deep to recurse down forum lists. if MAXFORUMDEPTH is not defined, // it will assume a depth of 2. // call fetch_last_post_array() first to get last post info for forums if (!is_array($lastpostarray)) { fetch_last_post_array($parentid); } if (empty($vbulletin->iforumcache["{$parentid}"])) { return; } if (!defined('MAXFORUMDEPTH')) { define('MAXFORUMDEPTH', 2); } $forumbits = ''; $depth++; if ($parentid == -1) { $parent_is_category = false; } else { $parentforum = $vbulletin->forumcache[$parentid]; $parent_is_category = !(bool) ($parentforum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']); } foreach ($vbulletin->iforumcache["{$parentid}"] as $forumid) { // grab the appropriate forum from the $vbulletin->forumcache $forum = $vbulletin->forumcache["{$forumid}"]; //$lastpostforum = $vbulletin->forumcache["$lastpostarray[$forumid]"]; $lastpostforum = empty($lastpostarray[$forumid]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"]; if (!$forum['displayorder'] or !($forum['options'] & $vbulletin->bf_misc_forumoptions['active'])) { continue; } $forumperms = $vbulletin->userinfo['forumpermissions']["{$forumid}"]; $lastpostforumperms = empty($lastpostarray[$forumid]) ? 0 : $vbulletin->userinfo['forumpermissions']["{$lastpostarray[$forumid]}"]; if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) and ($vbulletin->forumcache["{$forumid}"]['showprivate'] == 1 or !$vbulletin->forumcache["{$forumid}"]['showprivate'] and !$vbulletin->options['showprivateforums'])) { // no permission to view current forum continue; } if ($subsonly) { $childforumbits = construct_forum_bit($forum['forumid'], 1, $subsonly); } else { if ($depth < MAXFORUMDEPTH) { $childforumbits = construct_forum_bit($forum['forumid'], $depth, $subsonly); } else { $childforumbits = ''; } } // do stuff if we are not doing subscriptions only, or if we ARE doing subscriptions, // and the forum has a subscribedforumid if (!$subsonly or $subsonly and !empty($forum['subscribeforumid'])) { $GLOBALS['forumshown'] = true; // say that we have shown at least one forum if ($forum['options'] & $vbulletin->bf_misc_forumoptions['cancontainthreads']) { // get appropriate suffix for template name $tempext = '_post'; } else { $tempext = '_nopost'; } if (!$vbulletin->options['showforumdescription']) { // blank forum description if set to not show $forum['description'] = ''; } // dates & thread title $lastpostinfo = empty($lastpostarray["{$forumid}"]) ? array() : $vbulletin->forumcache["{$lastpostarray[$forumid]}"]; // compare last post time for this forum with the last post time specified by // the $lastpostarray, and if it's less, use the last post info from the forum // specified by $lastpostarray if (!empty($lastpostinfo) and $vbulletin->forumcache["{$lastpostarray[$forumid]}"]['lastpost'] > 0) { if (!($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($lastpostforumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $lastpostinfo['lastposter'] != $vbulletin->userinfo['username']) { $forum['lastpostinfo'] = $vbphrase['private']; } else { $lastpostinfo['lastpostdate'] = vbdate($vbulletin->options['dateformat'], $lastpostinfo['lastpost'], 1); $lastpostinfo['lastposttime'] = vbdate($vbulletin->options['timeformat'], $lastpostinfo['lastpost']); $lastpostinfo['trimthread'] = fetch_trimmed_title(fetch_censored_text($lastpostinfo['lastthread'])); if ($lastpostinfo['lastprefixid'] and $vbulletin->options['showprefixlastpost']) { $lastpostinfo['prefix'] = $vbulletin->options['showprefixlastpost'] == 2 ? $vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_rich"] : htmlspecialchars_uni($vbphrase["prefix_{$lastpostinfo['lastprefixid']}_title_plain"]); } else { $lastpostinfo['prefix'] = ''; } if ($vbulletin->forumcache["{$lastpostforum['forumid']}"]['options'] & $vbulletin->bf_misc_forumoptions['allowicons'] and $icon = fetch_iconinfo($lastpostinfo['lasticonid'])) { $show['icon'] = true; } else { $show['icon'] = false; } $show['lastpostinfo'] = (!$lastpostforum['password'] or verify_forum_password($lastpostforum['forumid'], $lastpostforum['password'], false)); $pageinfo_lastpost = array('p' => $lastpostinfo['lastpostid']); $pageinfo_newpost = array('goto' => 'newpost'); $threadinfo = array('title' => $lastpostinfo['lastthread'], 'threadid' => $lastpostinfo['lastthreadid']); // prepare the member action drop-down menu $memberaction_dropdown = construct_memberaction_dropdown(fetch_lastposter_userinfo($lastpostinfo)); $templater = vB_Template::create('forumhome_lastpostby'); $templater->register('icon', $icon); $templater->register('memberaction_dropdown', $memberaction_dropdown); $templater->register('lastpostinfo', $lastpostinfo); $templater->register('pageinfo_lastpost', $pageinfo_lastpost); $templater->register('pageinfo_newpost', $pageinfo_newpost); $templater->register('threadinfo', $threadinfo); $forum['lastpostinfo'] = $templater->render(); } } else { if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) { $forum['lastpostinfo'] = $vbphrase['private']; } else { $forum['lastpostinfo'] = $vbphrase['never']; } } // do light bulb $forum['statusicon'] = fetch_forum_lightbulb($forumid, $lastpostinfo, $forum); // add lock to lightbulb if necessary // from 3.6.9 & 3.7.0 we now show locks only if a user can not post AT ALL // previously it was just if they could not create new threads if ($vbulletin->options['showlocks'] and !$forum['link'] and (!($forum['options'] & $vbulletin->bf_misc_forumoptions['allowposting']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canpostnew']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) { $forum['statusicon'] .= '_lock'; } // get posting permissions $forum['allowposting'] = true; if (!($forum['options'] & $vbulletin->bf_misc_forumoptions['allowposting'])) { $forum['allowposting'] = false; } // get counters from the counters cache ( prepared by fetch_last_post_array() ) $forum['threadcount'] = $counters["{$forum['forumid']}"]['threadcount']; $forum['replycount'] = $counters["{$forum['forumid']}"]['replycount']; // get moderators ( this is why we needed cache_moderators() ) if ($vbulletin->options['showmoderatorcolumn']) { $clc = 0; $showmods = array(); $forum['moderators'] = array(); $listexploded = explode(',', $forum['parentlist']); foreach ($listexploded as $parentforumid) { if (!isset($imodcache["{$parentforumid}"]) or $parentforumid == -1) { continue; } foreach ($imodcache["{$parentforumid}"] as $moderator) { if (isset($showmods["{$moderator['userid']}"])) { continue; } ($hook = vBulletinHook::fetch_hook('forumbit_moderator')) ? eval($hook) : false; $clc++; $showmods["{$moderator['userid']}"] = true; $moderator['comma'] = $vbphrase['comma_space']; $forum['moderators'][$clc] = $moderator; } } // Last element if ($clc) { $forum['moderators'][$clc]['comma'] = ''; } } if ($forum['link']) { $forum['replycount'] = '-'; $forum['threadcount'] = '-'; $forum['lastpostinfo'] = '-'; } else { $forum['replycount'] = vb_number_format($forum['replycount']); $forum['threadcount'] = vb_number_format($forum['threadcount']); } $subforums = array(); if (($subsonly or $depth == MAXFORUMDEPTH) and $vbulletin->options['subforumdepth'] > 0) { $subforums = construct_subforum_bit($forumid); $clc = sizeof($subforums); // Last element if ($clc) { $subforums[$clc - 1]['comma'] = ''; } } $forum['browsers'] = 0; $children = explode(',', $forum['childlist']); foreach ($children as $childid) { $forum['browsers'] += isset($inforum["{$childid}"]) ? $inforum["{$childid}"] : 0; } if ($depth == 1 and $tempext == '_nopost') { global $vbcollapse; $collapseobj_forumid =& $vbcollapse["collapseobj_forumbit_{$forumid}"]; $collapseimg_forumid =& $vbcollapse["collapseimg_forumbit_{$forumid}"]; $show['collapsebutton'] = true; } else { $show['collapsebutton'] = false; } $show['forumsubscription'] = !empty($forum['subscribeforumid']); $show['forumdescription'] = $forum['description'] != '' ? true : false; $show['subforums'] = !empty($subforums) ? true : false; $show['browsers'] = ($vbulletin->options['displayloggedin'] and !$forum['link'] and $forum['browsers'] ? true : false); if ($show['subforums']) { $templater = vB_Template::create("forumhome_subforums"); $templater->register('subforums', $subforums); $forum['subforums'] = $templater->render(); } $perms = fetch_permissions($forumid, 0, array('userid' => 0, 'usergroupid' => 1), false); // VBIV-14011, Always skip Calendar Permissions $show['externalrss'] = ($vbulletin->options['externalrss'] and $perms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] and $perms & $vbulletin->bf_ugp_forumpermissions['canviewothers']); // build the template for the current forum ($hook = vBulletinHook::fetch_hook('forumbit_display')) ? eval($hook) : false; $templater = vB_Template::create("forumhome_forumbit_level{$depth}{$tempext}"); $templater->register('childforumbits', $childforumbits); $templater->register('collapseimg_forumid', $collapseimg_forumid); $templater->register('collapseobj_forumid', $collapseobj_forumid); $templater->register('forum', $forum); $templater->register('forumid', $forumid); $templater->register('parent_is_category', $parent_is_category); $forumbits .= $templater->render(); } else { $forumbits .= $childforumbits; } } return $forumbits; }
$show['avatarlink'] = $vbulletin->options['avatarenabled']; $show['profilepiclink'] = ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canprofilepic'] and $vbulletin->options['profilepicenabled']); $show['wollink'] = $vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonline']; $show['spacer'] = true; // used in postbit template if (THIS_SCRIPT == 'register') { // see 3.6 bug 876 -- causes double redirect and error when activating $show['dst_correction'] = false; } else { $show['dst_correction'] = (($vbulletin->session->vars['loggedin'] == 1 or $vbulletin->session->created or THIS_SCRIPT == 'usercp') and $vbulletin->userinfo['dstauto'] == 1 and $vbulletin->userinfo['userid']); } $show['contactus'] = ($vbulletin->options['contactuslink'] and (!$vbulletin->userinfo['userid'] and $vbulletin->options['contactustype'] or $vbulletin->userinfo['userid'])); $show['forumdesc'] = ($vbulletin->options['nav_forumdesc'] and trim($foruminfo['description']) != '' and in_array(THIS_SCRIPT, array('newthread', 'newreply', 'forumdisplay', 'showthread', 'announcement', 'editpost', 'poll', 'report', 'sendmessage', 'threadrate'))); $show['foruminfo'] = (THIS_SCRIPT == 'forumdisplay' and $vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) ? true : false; if (THIS_SCRIPT == 'showthread' and $threadinfo['threadid']) { if (!($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) or (!$threadinfo['visible'] and !can_moderate($foruminfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($foruminfo['forumid'])) or in_coventry($threadinfo['postuserid']) and !can_moderate($foruminfo['forumid']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) { $show['threadinfo'] = false; } else { $show['threadinfo'] = true; } } else { $show['threadinfo'] = false; } // you may define this if you don't want the password in the login box to be zapped onsubmit; good for integration $show['nopasswordempty'] = defined('DISABLE_PASSWORD_CLEARING') ? 1 : 0; // this nees to be an int for the templates $ad_location = array(); // parse some global templates eval('$gobutton = "' . fetch_template('gobutton') . '";'); eval('$spacer_open = "' . fetch_template('spacer_open') . '";'); eval('$spacer_close = "' . fetch_template('spacer_close') . '";');
/** * Get forums the user is unable to view. * * Need to verify that this makes sense in general code stolen from search * logic and search specific param removed. * * This value is calculated once and the list is returned on subsequent calls * * @return array(int) list of hidden forum ids */ public function getHiddenForums() { if (is_null($this->hidden_forums)) { $this->hidden_forums = array(); foreach ($this->registry->userinfo['forumpermissions'] AS $forumid => $fperms) { $forum = fetch_foruminfo($forumid); if ( !$this->hasForumPermission($forumid, 'canview') OR !verify_forum_password($forumid, $forum['password'], false) ) { $this->hidden_forums[] = $forumid; } } } return $this->hidden_forums; }
/** * Populates a view with the expected info from a content item. * * @param vB_View $view * @param int $viewtype */ protected function populateViewContent(vB_View $view, $viewtype = self::VIEW_PAGE, $increment_count = true) { global $show; $this->content->requireInfo(vBCms_Item_Content::INFO_BASIC); $this->content->requireInfo(vBCms_Item_Content::INFO_CONTENT); $this->content->requireInfo(vBCms_Item_Content::INFO_CONFIG); $this->content->requireInfo(vBCms_Item_Content::INFO_NODE); $this->content->requireInfo(vBCms_Item_Content::INFO_PARENTS); if ($_REQUEST['goto'] == 'newcomment') { require_once DIR . '/includes/functions_bigthree.php' ; $record = vB::$vbulletin->db->query_first("SELECT associatedthreadid FROM " . TABLE_PREFIX . "cms_nodeinfo WHERE nodeid = " . $this->getNodeId()); $threadid = $record['associatedthreadid']; $threadinfo = verify_id('thread', $threadid, 1, 1); if (vB::$vbulletin->options['threadmarking'] AND vB::$vbulletin->userinfo['userid']) { vB::$vbulletin->userinfo['lastvisit'] = max($threadinfo['threadread'], $threadinfo['forumread'], TIMENOW - (vB::$vbulletin->options['markinglimit'] * 86400)); } else if (($tview = intval(fetch_bbarray_cookie('thread_lastview', $threadid))) > vB::$vbulletin->userinfo['lastvisit']) { vB::$vbulletin->userinfo['lastvisit'] = $tview; } $coventry = fetch_coventry('string'); $posts = vB::$vbulletin->db->query_first(" SELECT MIN(postid) AS postid FROM " . TABLE_PREFIX . "post WHERE threadid = $threadinfo[threadid] AND visible = 1 AND dateline > " . intval(vB::$vbulletin->userinfo['lastvisit']) . " ". ($coventry ? "AND userid NOT IN ($coventry)" : "") . " LIMIT 1 "); $target_url = vB_Router::getURL(); $join_char = strpos($target_url,'?') ? '&' : '?'; if ($posts['postid']) { exec_header_redirect($target_url . $join_char . "commentid=" . $posts['postid'] . "#post$posts[postid]"); } else { exec_header_redirect($target_url . $join_char . "commentid=" . $threadinfo['lastpostid'] . "#post$threadinfo[lastpostid]"); } } if ($_REQUEST['commentid']) { vB::$vbulletin->input->clean_array_gpc('r', array( 'commentid' => vB_Input::TYPE_INT, )); $postinfo = verify_id('post', vB::$vbulletin->GPC['commentid'], 1, 1); $record = vB::$vbulletin->db->query_first("SELECT associatedthreadid FROM " . TABLE_PREFIX . "cms_nodeinfo WHERE nodeid = " . $this->getNodeId()); $threadid = $record['associatedthreadid']; // if comment id and node id do not match, we ignore commentid if ($postinfo['threadid'] == $threadid) { $getpagenum = vB::$vbulletin->db->query_first(" SELECT COUNT(*) AS posts FROM " . TABLE_PREFIX . "post AS post WHERE threadid = $threadid AND visible = 1 AND dateline <= $postinfo[dateline] "); $_REQUEST['commentpage'] = ceil($getpagenum['posts'] / 20); } } if ($_REQUEST['do']== 'apply' OR $_REQUEST['do'] == 'update' OR $_REQUEST['do'] == 'movenode') { $this->SaveData($view); } ($hook = vBulletinHook::fetch_hook('vbcms_article_populate_start')) ? eval($hook) : false; //Now we need to get the settings for turning off content. There is the "settingsforboth" flag, which says whether we even apply // the settings to the current page, and there are the six "show" variables. if ($_REQUEST['do'] == 'delete' AND $this->content->canEdit()) { $dm = $this->content->getDM(); $dm->delete(); $this->cleanContentCache(); // Create route to redirect the user to $route = new vBCms_Route_Content(); $route->node = $this->content->getParentId(); $_REQUEST['do'] = ''; throw (new vB_Exception_Reroute($route)); } //When we come from the link to upgrade a blog post, blog, or forum post, the // router puts us here. $settings_for = $this->content->getSettingsForboth(); $showfor_this = (((self::VIEW_PAGE == $viewtype) AND ($settings_for == 0)) OR ((self::VIEW_PREVIEW == $viewtype) AND ($settings_for == 2))) ? 0 : 1; $view->showtitle = (($showfor_this AND !$this->content->getShowTitle()))? 0 : 1; $view->showpreviewonly = (($showfor_this AND !$this->content->getShowPreviewonly()))? 0 : 1; $view->showuser = (($showfor_this AND !$this->content->getShowUser()))? 0 : 1; $view->showupdated = (($showfor_this AND !$this->content->getShowUpdated()))? 0 : 1; $view->showviewcount = (($showfor_this AND !$this->content->getShowViewcount()))? 0 : 1; $view->showpublishdate = (($showfor_this AND !$this->content->getShowPublishdate()))? 0 : 1; $view->lastupdated = $this->content->getLastUpdated(); $showpreviewonly = (($showfor_this AND !$this->content->getShowPreviewonly()))? 0 : 1; parent::populateViewContent($view, $viewtype); $segments = array('node' => vBCms_Item_Content::buildUrlSegment($this->content->getNodeId(), $this->content->getUrl()), 'action' =>'view'); $view->page_url = vBCms_Route_Content::getURL($segments); if ($this->editing) { $view->pagetext = $this->content->getPageText(); } else { $rendered = $this->content->getRendered($this->data_saved); $view->pagetext = $rendered['pages'][$this->parameters['page']]; if ($this->content->canDownload()) { $view->attachments = $rendered['attachments']; $view->showattachments = empty($rendered['viewinfo']) ? 0 : 1 ; if (!empty($rendered['viewinfo'])) { foreach ($rendered['viewinfo'] as $key => $viewbit) { $view->$key = $viewbit; } } } $view->parenttitle = $this->content->getParentTitle(); $view->showattachments = empty($view->attachments) ? 0 : 1 ; if (!empty($viewinfo)) { foreach ($viewinfo as $key => $viewbit) { $view->$key = $viewbit; } } $view->pagelist = $rendered['pagelist']; $view->nodesegment = $this->content->getUrlSegment(); $view->current_page = $this->parameters['page']; if ($this->content->canDownload()) { $show['lightbox'] = (vB::$vbulletin->options['lightboxenabled'] AND vB::$vbulletin->options['usepopups']); } } // Only break pages for the page view if ((self::VIEW_PAGE == $viewtype) OR (self::VIEW_PREVIEW == $viewtype)) { if (self::VIEW_PAGE == $viewtype) { if ($increment_count) { //update the view count vB::$vbulletin->db->query_write("UPDATE " . TABLE_PREFIX . "cms_nodeinfo set viewcount = viewcount + 1 where nodeid = " . $this->content->getNodeId()); } //tagging code require_once DIR . '/includes/class_taggablecontent.php'; $taggable = vB_Taggable_Content_Item::create(vB::$vbulletin, $this->content->getContentTypeId(), $this->content->getContentId(), $this->content); $view->tags = $taggable->fetch_rendered_tag_list(); $view->tag_count = $taggable->fetch_existing_tag_count(); $view->showtags = vB::$vbulletin->options['threadtagging']; // promoted threadid if ($promoted_threadid = $this->content->getThreadId()) { if ($promoted_threadid = verify_id('thread', $promoted_threadid, false)) { // get threadinfo $threadinfo = fetch_threadinfo($promoted_threadid); $forumperms = fetch_permissions($threadinfo['forumid']); $view->threadinfo = $threadinfo; // check permissions if ($threadinfo['visible'] != 1) { $promoted_threadid = false; } else if (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canview']) OR !($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canviewthreads']) OR (!($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canviewothers']) AND ($threadinfo['postuserid'] != vB::$vbulletin->userinfo['userid'] OR vB::$vbulletin->userinfo['userid'] == 0) )) { $promoted_threadid = false; } else { // check forum password $foruminfo = fetch_foruminfo($threadinfo['forumid']); if ($foruminfo['password'] AND !verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) { $promoted_threadid = false; } } $view->promoted_threadid = $promoted_threadid; } } // get pagelist for navigation $view->postitle = $this->content->getPostTitle(); $view->poststarter = $this->content->getPostStarter(); $view->postauthor = $this->content->getPostAuthor(); $view->postid = ($this->content->getPostId()); $view->threadid = $this->content->getThreadId(); $view->blogpostid = ($this->content->getBlogPostId()); $view->post_started = ($this->content->getPostStarted()); $view->post_posted = ($this->content->getPostPosted()); $view->promoted_blogid = $this->content->getBlogId(); //make links to original post and/or blog if appropriate if ($view->promoted_blogid) { $view->blog_url = fetch_seo_url('blog', array('userid' => $this->content->getPostStarter(), 'blog_title' => $this->content->getPostTitle())); } else if ($view->threadid) { $threadinfo = vB::$vbulletin->db->query_first("SELECT threadid, title FROM " . TABLE_PREFIX . "thread where threadid = " . $view->threadid); if ($threadinfo) { $post_url = fetch_seo_url('thread', $threadinfo); $post_url .= (strpos($post_url, '?' ) ? '&p=' : '?p=') . $view->postid . '#post' . $view->postid; $view->post_url = $post_url; } } $view->comment_count = $this->content->getReplyCount(); $join_char = strpos($view->page_url,'?') ? '&' : '?'; $view->newcomment_url = $view->page_url . "#new_comment"; $view->authorid = ($this->content->getUserId()); $view->authorname = ($this->content->getUsername()); $view->viewcount = ($this->content->getViewCount()); $view->replycount = ($this->content->getReplyCount()); $view->can_edit = ($this->content->canEdit() OR $this->content->canPublish()) ? 1 : 0; $view->parentid = $this->content->getParentId(); // facebook options if (is_facebookenabled()) { // display the like button for this article? $view->fblikebutton = construct_fblikebutton(); } //check to see if there is an associated thread. if ($associatedthreadid = $this->content->getAssociatedThreadId() and $this->content->getComments_Enabled()) { $comment_block = new vBCms_Comments(); $view->comment_block = $comment_block->getPageView($this->content->getNodeId(), $view->page_url); } } else if (self::VIEW_PREVIEW == $viewtype) { if ($showpreviewonly) { $view->previewtext = $this->content->getPreviewText(); $view->preview_chopped = 1; } else { $view->previewtext = $view->pagetext; if (count($view->pagelist) > 1) { $view->preview_chopped = 1; } } $segments = array('node' => $this->content->getNodeId() . '-' . $this->content->getUrl(), 'action' =>'edit'); $view->edit_url = vBCms_Route_Content::getURL($segments) ; $view->read_more_phrase = new vB_Phrase('vbcms', 'read_more'); $view->parenttitle = $this->content->getParentTitle(); $view->pagetext = $pagetext; $view->setpublish = $view->published = $this->content->getPublished(); $view->publishdate = $this->content->getPublishDateLocal(); $view->promoted_blogid = $this->content->getBlogId(); $view->comment_count = $this->content->getReplyCount(); $join_char = strpos($view->page_url,'?') ? '&' : '?'; $view->newcomment_url = $view->page_url . "#new_comment"; $view->authorid = ($this->content->getUserId()); $view->authorname = ($this->content->getUsername()); $view->viewcount = ($this->content->getViewCount()); $view->replycount = ($this->content->getReplyCount()); $view->postid = ($this->content->getPostId()); $view->blogpostid = $this->content->getBlogPostId(); $view->can_edit = ($this->content->canEdit() OR $this->content->canPublish()) ? 1 : 0; $view->parentid = $this->content->getParentId(); $view->post_started = $this->content->getPostStarted(); $view->post_posted = $this->content->getPostPosted(); //We need to check rights. If this user doesn't have download rights we hide the image. if ($this->content->canDownload()) { if ($view->previewimage= $this->content->getPreviewImage()) { $view->imagewidth= $this->content->getImageWidth(); $view->imageheight= $this->content->getImageHeight(); } if ($view->previewvideo= $this->content->getPreviewVideo()) { $view->haspreviewvideo = true; } } else { $view->previewimage = false; $view->previewvideo = false; } if (($associatedthreadid = $this->content->getAssociatedThreadId()) AND $this->content->getComments_Enabled() AND intval($this->content->getReplyCount()) > 0) { $view->echo_comments = 1; $view->comment_count = $this->content->getReplyCount(); } else { $view->echo_comments = 0; $view->comment_count = 0; } } } //If this was promoted from a blog or post, we need to verify the permissions. if (intval($view->blogpostid)) { $view->can_view_post = (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers'])) ? 0 : 1 ; } else if (intval($view->postid)) { $user = new vB_Legacy_CurrentUser(); if ($post = vB_Legacy_Post::create_from_id($view->postid)) { $view->can_view_post = $post->can_view($user) ? 1 : 0; } } $view->poststarter = array('userid' => $this->content->getPostStarter(), 'username' => $this->content->getPostAuthor()); $view->setpublish = $this->content->getSetPublish(); $view->publishdate = $this->content->getPublishDate(); $view->published = $this->content->getPublished() ? 1 : 0; $view->publishdatelocal = vbdate(vB::$vbulletin->options['dateformat'], $this->content->getPublishDate()); $view->publishtimelocal = vbdate( vB::$vbulletin->options['timeformat'], $this->content->getPublishDate() ); //Get links to the author, section, and categories search pages //categories- this comes as an array $view->categories = $this->content->getCategories(); $route_info = 'author/' . $this->content->getUserid() . ($this->content->getUsername() != '' ? '-' . str_replace(' ', '-', vB_Search_Searchtools::stripHtmlTags($this->content->getUsername())) : ''); $view->author_url = vB_Route::create('vBCms_Route_List', "$route_info/1")->getCurrentURL(); // prepare the member action drop-down menu $view->memberaction_dropdown = construct_memberaction_dropdown(fetch_userinfo($this->content->getUserId())); //Section $route_info = 'section/' .$this->content->getParentId() . ($this->content->getParentURLSegment() != '' ? '-' . str_replace(' ', '-', vB_Search_Searchtools::stripHtmlTags($this->content->getParentURLSegment())) : ''); $view->section_list_url = vB_Route::create('vBCms_Route_List', "$route_info")->getCurrentURL(); //and the content $route_info = $this->content->getParentId() . ($this->content->getParentURLSegment() != '' ? '-' . str_replace(' ', '-', vB_Search_Searchtools::stripHtmlTags($this->content->getParentURLSegment())) : ''); $view->section_url = vB_Route::create('vBCms_Route_Content', $route_info)->getCurrentURL(); $view->html_title = $this->content->getHtmlTitle(); $view->title = $this->content->getTitle(); $view->contenttypeid = vB_Types::instance()->getContentTypeID("vBCms_Article"); $view->dateformat = vB::$vbulletin->options['dateformat']; $view->showrating = $this->content->getShowRating(); ($hook = vBulletinHook::fetch_hook('vbcms_article_populate_end')) ? eval($hook) : false; $this->content->cacheNow(); return $view; }
function handle_attach($action, $attributes, $content, $params, $node_object) { global $vbulletin, $fr_platform, $db, $contenttype, $images, $nuke_quotes; if ($action == 'validate') { return true; } if (!is_numeric($content)) { return $content; } $attachmentid = intval($content); if ($fr_platform == 'vb40') { $_REQUEST['attachmentid'] = $attachmentid; if (!($attach =& vB_Attachment_Display_Single_Library::fetch_library($vbulletin, $contenttype, true, $attachmentid))) { return ''; } $result = $attach->verify_attachment(); if ($result !== true) { return ''; } $url = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachmentid; if (!$nuke_quotes) { $images[] = $url; } return "<img src=\"{$url}\"/>"; } else { if ($fr_platform == 'vb38' || $fr_platform == 'vb37' || $fr_platform == 'vb36') { if (!($attachmentinfo = $db->query_first_slave("\n\t SELECT filename, attachment.postid, attachment.userid, attachmentid, attachment.extension,\n\t " . (!empty($vbulletin->GPC['thumb']) ? 'thumbnail_dateline AS dateline, thumbnail_filesize AS filesize,' : 'attachment.dateline, filesize,') . "\n\t attachment.visible, attachmenttype.newwindow, mimetype, thread.forumid, thread.threadid, thread.postuserid,\n\t post.visible AS post_visible, thread.visible AS thread_visible\n\t {$hook_query_fields}\n\t FROM " . TABLE_PREFIX . "attachment AS attachment\n\t LEFT JOIN " . TABLE_PREFIX . "attachmenttype AS attachmenttype ON (attachmenttype.extension = attachment.extension)\n\t LEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = attachment.postid)\n\t LEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (post.threadid = thread.threadid)\n\t {$hook_query_joins}\n\t WHERE " . ($vbulletin->GPC['postid'] ? "attachment.postid = " . $vbulletin->GPC['postid'] : "attachmentid = " . $attachmentid) . "\n\t {$hook_query_where}\n\t "))) { return ''; } if ($attachmentinfo['postid'] == 0) { // Attachment that is in progress but hasn't been finalized if ($vbulletin->userinfo['userid'] != $attachmentinfo['userid'] and !can_moderate($attachmentinfo['forumid'], 'caneditposts')) { // Person viewing did not upload it return ''; } // else allow user to view the attachment (from the attachment manager for example) } else { $forumperms = fetch_permissions($attachmentinfo['forumid']); $threadinfo = array('threadid' => $attachmentinfo['threadid']); // used for session.inthread $foruminfo = array('forumid' => $attachmentinfo['forumid']); // used for session.inforum # Block attachments belonging to soft deleted posts and threads if (!can_moderate($attachmentinfo['forumid']) and ($attachmentinfo['post_visible'] == 2 or $attachmentinfo['thread_visible'] == 2)) { return ''; } # Block attachments belonging to moderated posts and threads if (!can_moderate($attachmentinfo['forumid'], 'canmoderateposts') and ($attachmentinfo['post_visible'] == 0 or $attachmentinfo['thread_visible'] == 0)) { return ''; } $viewpermission = $forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment']; $viewthumbpermission = ($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'] or $forumperms & $vbulletin->bf_ugp_forumpermissions['canseethumbnails']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($attachmentinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { return ''; } else { if ($vbulletin->GPC['thumb'] and !$viewthumbpermission or !$vbulletin->GPC['thumb'] and !$viewpermission) { return ''; } } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($attachmentinfo['forumid'], $vbulletin->forumcache["{$attachmentinfo['forumid']}"]['password']); if (!$attachmentinfo['visible'] and !can_moderate($attachmentinfo['forumid'], 'canmoderateattachments') and $attachmentinfo['userid'] != $vbulletin->userinfo['userid']) { print_no_permission(); } } $url = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachmentid; if (!$nuke_quotes) { $images[] = $url; return "<img src=\"{$url}\"/>"; } else { return ''; } } else { return ''; } } }
/** * Fetches the array of posts * * @return array - the post information */ private function getPosts() { require_once DIR . "/includes/functions_user.php"; require_once DIR . "/includes/class_bbcode.php"; $datecut = TIMENOW - ($this->config['days'] * 86400); if (empty(vB::$vbulletin->userinfo['forumpermissions'])) { require_once DIR . "/includes/functions.php"; cache_permissions($userinfo); } $postarray = array(); //we have some existing settings with config['forumchoice'] set to 0=> ''; That's no good if (empty($this->config['forumchoice'])) { $this->config['forumchoice'] = array(); } else if (is_array($this->config['forumchoice']) AND ($this->config['forumchoice'][0] == '') ) { unset($this->config['forumchoice'][0]); } if (is_array($this->config['forumchoice']) AND in_array('subscribed', $this->config['forumchoice'])) { $subscribejoin = " LEFT JOIN " . TABLE_PREFIX . "subscribeforum AS subscribeforum ON (subscribeforum.forumid = forum.forumid AND subscribeforum.userid = " . vB::$vbulletin->userinfo['userid'] . " ) "; } else { $subscribejoin = ''; } $forumids = array_keys(vB::$vbulletin->forumcache); foreach ($forumids AS $forumid) { $forumperms =& vB::$vbulletin->userinfo['forumpermissions']["$forumid"]; if ($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canview'] AND ($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canviewothers']) AND (($forumperms & vB::$vbulletin->bf_ugp_forumpermissions['canviewthreads'])) AND verify_forum_password($forumid, vB::$vbulletin->forumcache["$forumid"]['password'], false) ) { //Don't include the comments forum. if (vB::$vbulletin->options['vbcmsforumid'] AND (intval(vB::$vbulletin->options['vbcmsforumid']) == intval($forumid))) { continue; } //Or, if the user selected forums, anything not on the list. else if (! empty($this->config['forumchoice']) AND !in_array($forumid, $this->config['forumchoice'])) { continue; } $forumchoice[] = $forumid; } } if (!empty($forumchoice) ) { $forumsql = " AND (" . (empty($subscribejoin) ? '' : "subscribeforum.forumid IS NOT NULL OR ") . " thread.forumid IN(" . implode(',', $forumchoice) . ")"; $associatedthread = (vB::$vbulletin->options['vbcmsforumid'] ? " AND (thread.forumid <> " . vB::$vbulletin->options['vbcmsforumid'] . ") )" : ''); } else if (! empty($subscribejoin)) { $forumsql = " AND subscribeforum.forumid IS NOT NULL "; } else { return $postarray; } $posts = vB::$vbulletin->db->query_read_slave($sql = " SELECT post.dateline, post.pagetext, post.allowsmilie, post.postid, thread.threadid, thread.title, thread.prefixid, post.attach, thread.replycount, forum.forumid, post.title AS posttitle, post.dateline AS postdateline, user.userid, user.username " . (vB::$vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, (customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline, customavatar.width AS avwidth,customavatar.height AS avheight" : "") . " FROM " . TABLE_PREFIX . "post AS post JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = post.threadid) JOIN " . TABLE_PREFIX . "forum AS forum ON(forum.forumid = thread.forumid) LEFT JOIN " . TABLE_PREFIX . "user AS user ON (post.userid = user.userid) " . (vB::$vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . " $subscribejoin WHERE 1=1 $forumsql $associatedthread AND thread.visible = 1 AND post.visible = 1 AND thread.open <> 10 AND post.dateline > $datecut $globalignore " . ($this->userinfo['ignorelist'] ? "AND post.userid NOT IN (" . implode(',', explode(' ', $this->userinfo['ignorelist'])) . ")": '') . " ORDER BY post.dateline DESC LIMIT 0," . intval($this->config['count']) . " "); $parser = new vB_BbCodeParser(vB::$vbulletin, fetch_tag_list()); $optionval = vB::$vbulletin->bf_misc_forumoptions['allowhtml']; while ($post = vB::$vbulletin->db->fetch_array($posts)) { $post['title'] = fetch_trimmed_title($post['title'], $this->config['newposts_titlemaxchars']); $allow_html = ((vB::$vbulletin->forumcache[$post['forumid']]['options'] & $optionval) AND $this->config['allow_html'] ? 1 : 0); $post['previewtext'] = fetch_censored_text($parser->get_preview($post['pagetext'], $this->default_previewlen, $allow_html)); $post['pagetext'] = fetch_censored_text($parser->do_parse($post['pagetext'], $allow_html)); $post['url'] = fetch_seo_url('thread', $post, array('p' => $post['postid'])) . '#post' . $post['postid']; $post['newposturl'] = fetch_seo_url('thread', $post, array('goto' => 'newpost')); $post['date'] = vbdate(vB::$vbulletin->options['dateformat'], $post['dateline'], true); $post['time'] = vbdate(vB::$vbulletin->options['timeformat'], $post['dateline']); if (intval($post['userid']) AND vB::$vbulletin->options['avatarenabled']) { $avatar = fetch_avatar_from_record($post); } else { $avatar = false; } $post['avatarurl'] = isset($avatar[0]) ? $avatar[0] : false; unset($avatar); $postarray[$post['postid']] = $post; } return $postarray; }
function do_get_forum_data() { global $vbulletin, $db, $show, $vbphrase; $vbulletin->input->clean_array_gpc('r', array('forumids' => TYPE_STR)); if (!$vbulletin->GPC['forumids'] || strlen($vbulletin->GPC['forumids']) == 0) { return array('forums' => array()); } cache_ordered_forums(1, 1); $forumids = split(',', $vbulletin->GPC['forumids']); $forum_data = array(); foreach ($forumids as $forumid) { $foruminfo = fetch_foruminfo($forumid); $type = 'old'; if (is_array($foruminfo) and !empty($foruminfo['link'])) { // see if it is a redirect $type = 'link'; } else { if ($vbulletin->userinfo['lastvisitdate'] == -1) { $type = 'new'; } else { if ($vbulletin->options['threadmarking'] and $vbulletin->userinfo['userid']) { $userlastvisit = !empty($foruminfo['forumread']) ? $foruminfo['forumread'] : TIMENOW - $vbulletin->options['markinglimit'] * 86400; } else { $forumview = intval(fetch_bbarray_cookie('forum_view', $foruminfo['forumid'])); //use which one produces the highest value, most likely cookie $userlastvisit = $forumview > $vbulletin->userinfo['lastvisit'] ? $forumview : $vbulletin->userinfo['lastvisit']; } if ($foruminfo['lastpost'] and $userlastvisit < $foruminfo['lastpost']) { $type = 'new'; } else { $type = 'old'; } } } // If this forum has a password, check to see if we have // the proper cookie. If so, don't prompt for one $password = false; if ($foruminfo['password']) { $pw_ok = verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false); if (!$pw_ok) { $password = true; } } $out = array('id' => $foruminfo['forumid'], 'new' => $type == 'new' ? true : false, 'name' => prepare_utf8_string(strip_tags($foruminfo['title'])), 'password' => $password); $icon = fr_get_forum_icon($foruminfo['forumid'], $foruminfo == 'new'); if ($icon) { $out['icon'] = $icon; } if ($foruminfo['link'] != '') { $link = fr_fix_url($foruminfo['link']); if (is_int($link)) { $out['id'] = $link; } else { $out['link'] = $link; } $linkicon = fr_get_forum_icon($foruminfo['forumid'], false, true); if ($linkicon) { $out['icon'] = $linkicon; } } if ($foruminfo['description'] != '') { $desc = prepare_utf8_string(strip_tags($foruminfo['description'])); if (strlen($desc) > 0) { $out['desc'] = $desc; } } $forum_data[] = $out; } return array('forums' => $forum_data); }
function do_get_announcement() { global $vbulletin, $db, $foruminfo; if (empty($foruminfo['forumid'])) { json_error(ERR_INVALID_FORUM); } $usesmilies = false; // begin vbulletin $forumlist = ''; if ($announcementinfo['forumid'] > -1 or $vbulletin->GPC['forumid']) { $foruminfo = verify_id('forum', $vbulletin->GPC['forumid'], 1, 1); $curforumid = $foruminfo['forumid']; $forumperms = fetch_permissions($foruminfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { json_error(ERR_NO_PERMISSION); } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); $forumlist = fetch_forum_clause_sql($foruminfo['forumid'], 'announcement.forumid'); } else { if (!$announcementinfo['announcementid']) { json_error(ERR_INVALID_ANNOUNCEMENT); } } $hook_query_fields = $hook_query_joins = $hook_query_where = ''; $announcements = $db->query_read_slave("\n\t\tSELECT announcement.announcementid, announcement.announcementid AS postid, startdate, enddate, announcement.title, pagetext, announcementoptions, views, announcement.pagetext,\n\t\t\tuser.*, userfield.*, usertextfield.*,\n\t\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight,\n\t\t\tIF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid\n\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t" . ($vbulletin->userinfo['userid'] ? ", NOT ISNULL(announcementread.announcementid) AS readannouncement" : "") . "\n\t\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "announcement AS announcement\n\t\t" . ($vbulletin->userinfo['userid'] ? "LEFT JOIN " . TABLE_PREFIX . "announcementread AS announcementread ON(announcementread.announcementid = announcement.announcementid AND announcementread.userid = " . $vbulletin->userinfo['userid'] . ")" : "") . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid=announcement.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = announcement.userid)\n\t\t" . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid=user.avatarid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid=announcement.userid)" : "") . "\n\t\t{$hook_query_joins}\n\t\tWHERE\n\t\t\t" . ($vbulletin->GPC['announcementid'] ? "announcement.announcementid = " . $vbulletin->GPC['announcementid'] : "startdate <= " . TIMENOW . " AND enddate >= " . TIMENOW . " " . (!empty($forumlist) ? "AND {$forumlist}" : "")) . "\n\t\t\t{$hook_query_where}\n\t\tORDER BY startdate DESC, announcementid DESC\n\t"); if ($db->num_rows($announcements) == 0) { // no announcements json_error(ERR_INVALID_ANNOUNCEMENT); } if (!$vbulletin->options['oneannounce'] and $vbulletin->GPC['announcementid'] and !empty($forumlist)) { $anncount = $db->query_first_slave("\n\t\t\tSELECT COUNT(*) AS total\n\t\t\tFROM " . TABLE_PREFIX . "announcement AS announcement\n\t\t\tWHERE startdate <= " . TIMENOW . "\n\t\t\t\tAND enddate >= " . TIMENOW . "\n\t\t\t\tAND {$forumlist}\n\t\t"); $anncount['total'] = intval($anncount['total']); $show['viewall'] = $anncount['total'] > 1 ? true : false; } else { $show['viewall'] = false; } require_once DIR . '/includes/class_postbit.php'; $show['announcement'] = true; $counter = 0; $anncids = array(); $announcebits = ''; $announceread = array(); $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); while ($post = $db->fetch_array($announcements)) { $postbit_obj =& $postbit_factory->fetch_postbit('announcement'); $post['counter'] = ++$counter; $postbit_obj->construct_postbit($post); $anncids[] = $post['announcementid']; $announceread[] = "({$post['announcementid']}, " . $vbulletin->userinfo['userid'] . ")"; // FRNR start $fr_images = array(); $docattach = array(); // Attachments (images). if (is_array($post['attachments']) && count($post['attachments']) > 0) { foreach ($post['attachments'] as $attachment) { $lfilename = strtolower($attachment['filename']); if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) { $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']); if ($vbulletin->options['attachthumbs']) { $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1'; } $fr_images[] = $tmp; } if (strpos($lfilename, '.pdf') !== false) { $docattach[] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']; } } } // Parse the post for quotes and inline images list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $usesmilies, $attachments); if (count($fr_images) > 0) { $text .= "<br/>"; foreach ($fr_images as $attachment) { $text .= "<img src=\"{$attachment['img']}\"/>"; } } foreach ($images as $image) { $fr_images[] = array('img' => $image); } // Avatar work $avatarurl = ''; if ($post['avatarurl']) { $avatarurl = process_avatarurl($post['avatarurl']); } $tmp = array('username' => prepare_utf8_string(strip_tags($post['username'])), 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'text' => $text, 'post_timestamp' => prepare_utf8_string(date_trunc($post['startdate'])), 'fr_images' => $fr_images); if ($avatarurl != '') { $tmp['avatarurl'] = $avatarurl; } $posts_out[] = $tmp; } if (!empty($anncids)) { $db->shutdown_query("\n\t\t\tUPDATE " . TABLE_PREFIX . "announcement\n\t\t\tSET views = views + 1\n\t\t\tWHERE announcementid IN (" . implode(', ', $anncids) . ")\n\t\t"); if ($vbulletin->userinfo['userid']) { $db->shutdown_query("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "announcementread\n\t\t\t\t\t(announcementid, userid)\n\t\t\t\tVALUES\n\t\t\t\t\t" . implode(', ', $announceread) . "\n\t\t\t"); } } if (!is_array($posts_out)) { $posts_out = array(); } return array('posts' => $posts_out, 'total_posts' => count($posts_out)); }
public function verify_ui_permissions() { global $vbulletin; if (!$vbulletin->options['threadtagging']) { print_no_permission(); } global $vbphrase; $threadinfo = $this->fetch_content_info(); // ********************************************************************************* // check for visible / deleted thread if (!$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'])) { eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $this->registry->options['contactuslink']))); } // ********************************************************************************* // jump page if thread is actually a redirect if ($threadinfo['open'] == 10) { $destthreadinfo = fetch_threadinfo($threadinfo['pollid']); exec_header_redirect('thread|js', $destthreadinfo); } // ********************************************************************************* // Tachy goes to coventry if (in_coventry($threadinfo['postuserid']) and !can_moderate($threadinfo['forumid'])) { eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $this->registry->options['contactuslink']))); } // ********************************************************************************* // get forum info $foruminfo = fetch_foruminfo($threadinfo['forumid']); // ********************************************************************************* // check forum permissions $forumperms = fetch_permissions($threadinfo['forumid']); if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canview']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'])) { print_no_permission(); } if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $this->registry->userinfo['userid'] or $this->registry->userinfo['userid'] == 0)) { print_no_permission(); } // ********************************************************************************* // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); // return $show; }
$forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")"; } else { $forumsql = ""; } } else { foreach (array_keys($vbulletin->forumcache) AS $forumid) { $forumperms =& $vbulletin->userinfo['forumpermissions']["$forumid"]; if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'] AND ($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) AND (($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) OR in_array($vbulletin->GPC['type'], array('JS', 'XML'))) // JS/XML only shows titles AND verify_forum_password($forumid, $vbulletin->forumcache["$forumid"]['password'], false) ) { $forumchoice[] = $forumid; } } if (!empty($forumchoice)) { $forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")"; } else { $forumsql = ""; } }
function construct_online_bit($userinfo, $doall = 0) { global $vbulletin, $limitlower, $limitupper, $vbphrase, $ipclass, $show; global $wol_album, $wol_attachment, $wol_calendar, $wol_event, $wol_inf, $wol_pm, $wol_post, $wol_search, $wol_socialgroup, $wol_thread, $wol_user; static $count; $count++; $show['nopermission'] = false; $show['lockedout'] = false; $show['errormessage'] = false; if ($doall == 1 AND ($count > $limitupper OR $count < $limitlower)) { return ''; } if ($userinfo['attachmentid']) { $postid = $wol_attachment["$userinfo[attachmentid]"]; } else { $postid = $userinfo['postid']; } if ($postid) { $threadid = $wol_post["$postid"]; } else { $threadid = $userinfo['threadid']; } $forumid = $userinfo['forumid']; $calendarid = $userinfo['calendarid']; $eventid = $userinfo['eventid']; $searchid = $userinfo['searchid']; $groupid = $userinfo['socialgroupid']; $albumid = $userinfo['albumid']; if ($albumid) { require_once(DIR . '/includes/functions_album.php'); $albumname = fetch_censored_text($wol_album["$albumid"]['title']); $canviewalbum = true; if ($wol_album["$albumid"]['state'] == 'profile' AND !can_view_profile_albums($wol_album["$albumid"]['userid'])) { $canviewalbum = false; } else if ($wol_album["$albumid"]['state'] == 'private' AND !can_view_private_albums($wol_album["$albumid"]['userid'])) { $canviewalbum = false; } } if ($groupid) { $groupname = fetch_censored_text($wol_socialgroup["$groupid"]['name']); $canviewgroup = true; } if ($searchid) { $searchquery = $wol_search["$searchid"]['query']; $searchuser = $wol_search["$searchid"]['searchuser']; $searchuserid = $wol_search["$searchid"]['userid']; } if (!$forumid AND isset($wol_thread["$threadid"]['forumid'])) { $forumid = $wol_thread["$threadid"]['forumid']; } else if (!$forumid AND isset($wol_thread["$wol_post[$postid]"]['forumid'])) { $forumid = $wol_thread["$wol_post[$postid]"]['forumid']; } $threadtitle = fetch_censored_text($wol_thread["$threadid"]['title']); $threadprefix = ($wol_thread["$threadid"]['prefixid'] ? $vbphrase['prefix_' . $wol_thread["$threadid"]['prefixid'] . '_title_rich'] . ' ' : ''); $canview = $vbulletin->userinfo['forumpermissions']["$forumid"] & $vbulletin->bf_ugp_forumpermissions['canview']; $canviewothers = $vbulletin->userinfo['forumpermissions']["$forumid"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']; $canviewthreads = $vbulletin->userinfo['forumpermissions']["$forumid"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads']; $postuserid = $wol_thread["$threadid"]['postuserid']; $forumtitle = $vbulletin->forumcache["$forumid"]['title']; $threadpreview = $wol_thread["$threadid"]['preview']; if (!$calendarid AND isset($wol_event["$eventid"]['calendarid'])) { $calendarid = $wol_event["$eventid"]['calendarid']; } $eventtitle = htmlspecialchars_uni($wol_event["$eventid"]['title']); $eventpostuserid = $wol_event["$eventid"]['postuserid']; $calendartitle = $wol_calendar["$calendarid"]; $canviewcalendar = $vbulletin->userinfo['calendarpermissions']["$calendarid"] & $vbulletin->bf_ugp_calendarpermissions['canviewcalendar']; $canviewothersevent = $vbulletin->userinfo['calendarpermissions']["$calendarid"] & $vbulletin->bf_ugp_calendarpermissions['canviewothersevent']; if (($wol_thread["$threadid"]['isdeleted'] OR !$wol_thread["$threadid"]['visible']) AND !can_moderate($forumid)) { $threadviewable = 0; } else { $threadviewable = 1; } if ($threadviewable AND $threadtitle AND $canview AND ($canviewothers OR $postuserid == $vbulletin->userinfo['userid']) AND verify_forum_password($forumid, $vbulletin->forumcache["$forumid"]['password'], false)) { $seetitle = 1; } if ($forumtitle AND ($canview OR $vbulletin->forumcache["$forumid"]['showprivate'] > 1 OR (!$vbulletin->forumcache["$forumid"]['showprivate'] AND $vbulletin->options['showprivateforums']))) { $seeforum = 1; } if ($eventtitle AND $canviewcalendar AND ($canviewothersevent OR $eventpostuserid == $vbulletin->userinfo['userid'])) { $seeevent = 1; } if ($calendartitle AND $canviewcalendar) { $seecalendar = 1; } if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) { if ($userinfo['pmid']) { $seeuserid = $wol_pm["$userinfo[pmid]"]; } else if ($userinfo['searchid']) { $seeuserid = $wol_search["$searchid"]['targetuserid']; } else if ($userinfo['infractionid']) { $seeuserid = $wol_inf["$userinfo[infractionid]"]['userid']; } else { $seeuserid = $userinfo['targetuserid']; } $username = $wol_user["$seeuserid"]['musername']; } if (strpos($userinfo['location'], 'route:') === 0) { $handled = false; $location = substr($userinfo['location'], strlen('route:')); $location = explode('|', $location); if (sizeof($location) == 4) { try { if (!defined('VB_FRAMEWORK')) { require_once(DIR . '/includes/class_bootstrap_framework.php'); vB_Bootstrap_Framework::init(); } list($route_path, $phrasegroup, $phrasekey, $title) = $location; $route_path = urldecode($route_path); $title = urldecode($title); $route = vB_Router::createRoute($route_path); $userinfo['action'] = new vB_Phrase($phrasegroup, $phrasekey); $userinfo['where'] = '<a href="' . $route->getCurrentUrl() . '">' . htmlspecialchars_uni($title) . '</a>'; if (vB::$vbulletin->session->vars['sessionhash']) { $userinfo['where'] .= '&s=' . vB::$vbulletin->session->vars['sessionhash']; } $handled = true; } catch (vB_Exception $e){} } } if (!$handled) { switch($userinfo['activity']) { case 'visitormessage_posting': $userinfo['action'] = $vbphrase['posting_visitor_message']; break; case 'visitormessage_delete': $userinfo['action'] = $vbphrase['deleting_visitor_message']; break; case 'viewingipaddress': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</b></i>'; if (can_moderate()) { $userinfo['action'] = $vbphrase['viewing_ip_address']; } break; case 'visitormessage_reporting': $userinfo['action'] = $vbphrase['reporting_visitor_message']; break; case 'posthistory': $userinfo['action'] = $vbphrase['viewing_post_history']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title']), array('p' => $postid)) . "#post$postid\" title=\"$threadpreview\">$threadtitle</a>"; } break; case 'tags': $userinfo['action'] = $vbphrase['managing_tags']; break; case 'tag_list': $userinfo['action'] = $vbphrase['viewing_tag_list']; break; case 'socialgroups_join': $userinfo['action'] = $vbphrase['joining_social_group']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&groupid=$groupid\">$groupname</a>"; } break; case 'socialgroups_leave': $userinfo['action'] = $vbphrase['leaving_social_group']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&groupid=$groupid\">$groupname</a>"; } break; case 'socialgroups_edit': $userinfo['action'] = $vbphrase['editing_social_group']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&groupid=$groupid\">$groupname</a>"; } break; case 'socialgroups_view': $userinfo['action'] = $vbphrase['viewing_social_group']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&groupid=$groupid\">$groupname</a>"; } break; case 'socialgroups_memberlist': $userinfo['action'] = $vbphrase['viewing_social_group_memberlist']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewmembers&groupid=$groupid\">$groupname</a>"; } break; case 'socialgroups_delete': $userinfo['action'] = $vbphrase['deleting_social_group']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewmembers&groupid=$groupid\">$groupname</a>"; } break; case 'socialgroups_create': $userinfo['action'] = $vbphrase['creating_social_group']; break; case 'socialgroups_list': $userinfo['action'] = $vbphrase['viewing_social_group_list']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&groupid=$groupid\">$groupname</a>"; } break; case 'socialgroups_subscriptions': $userinfo['action'] = $vbphrase['viewing_social_group_subscriptions']; break; case 'group_inlinemod': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>'; break; case 'showthread': $userinfo['action'] = $vbphrase['viewing_thread']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>"; } break; case 'showpost': $userinfo['action'] = $vbphrase['viewing_thread']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title']), array('p' => $postid)) . "#post$postid\" title=\"$threadpreview\">$threadtitle</a>"; } break; case 'forumdisplay': $userinfo['action'] = $vbphrase['viewing_forum']; if ($seeforum) { if ($vbulletin->forumcache["$forumid"]['link']) { $userinfo['action'] = $vbphrase['followed_forum_link']; } $userinfo['where'] = '<a href="' . fetch_seo_url('forum', array('forumid' => $forumid, 'title' => $forumtitle)) . "\">$forumtitle</a>"; } break; case 'newthread': $userinfo['action'] = $vbphrase['creating_thread']; if ($seeforum) { $userinfo['where'] = '<a href="' . fetch_seo_url('forum', array('forumid' => $forumid, 'title' => $forumtitle)) . "\">$forumtitle</a>"; } break; case 'newreply': $userinfo['action'] = $vbphrase['replying_to_thread']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>"; } break; case 'attachments': case 'manageattachment': $userinfo['action'] = $vbphrase['managing_attachments']; break; case 'attachment': $userinfo['action'] = $vbphrase['viewing_attachment']; break; case 'index': $userinfo['action'] = $vbphrase['viewing_index']; $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . '</a>'; break; case 'online': $userinfo['action'] = $vbphrase['viewing_whos_online']; break; case 'searchnew': $userinfo['action'] = $vbphrase['viewing_new_posts']; $userinfo['where'] = '<a href="search.php?' . $vbulletin->session->vars['sessionurl'] . "do=getnew\">$vbphrase[new_posts]</a>"; break; case 'search': $userinfo['action'] = $vbphrase['searching_forums']; if ($searchid AND $vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) { if ($searchquery) { $userinfo['where'] = construct_phrase($vbphrase['query_x'], htmlspecialchars_uni($searchquery)); } if ($searchuser AND $wol_search["$searchid"]['targetuserid']) { if ($searchquery) { $userinfo['where'] .= '<br />'; } $userinfo['where'] .= construct_phrase($vbphrase['user_x'], '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>"); } } break; case 'mail': $userinfo['action'] = $vbphrase['emailing']; if ($seeuserid) { $userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>"; } break; case 'getinfo': $userinfo['action'] = $vbphrase['viewing_user_profile']; if ($seeuserid) { $userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>"; } break; case 'converse': $userinfo['action'] = $vbphrase['viewing_conversation']; if ($seeuserid AND $wol_user["{$userinfo['guestuserid']}"]) { $userinfo['where'] = construct_phrase($vbphrase['x_and_y_converse'], '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>", '<a href="' . fetch_seo_url('member', array('userid' => $userinfo['guestuserid'], 'username' => $wol_user["{$userinfo['guestuserid']}"])) . "\">$username</a>"); } break; case 'editprofile': $userinfo['action'] = $vbphrase['modifying_profile']; break; case 'editoptions': $userinfo['action'] = $vbphrase['modifying_options']; break; case 'lostpw': case 'editpassword': $userinfo['action'] = $vbphrase['modifying_password']; break; case 'editavatar': $userinfo['action'] = $vbphrase['modifying_avatar']; break; case 'editprofilepic': $userinfo['action'] = $vbphrase['modifying_profilepic']; break; case 'editsignature': $userinfo['action'] = $vbphrase['modifying_signature']; break; case 'markread': $userinfo['where'] = $vbphrase['marking_forums_read']; break; case 'whoposted': if ($seetitle) { $userinfo['action'] = $vbphrase['viewing_who_posted']; $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>"; } else { $userinfo['action'] = $vbphrase['viewing_thread']; } break; case 'showattachments': if ($seetitle) { $userinfo['action'] = $vbphrase['viewing_attachment_list']; $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>"; } else { $userinfo['action'] = $vbphrase['viewing_thread']; } break; case 'showgroups': $userinfo['action'] = $vbphrase['viewing_forum_leaders']; break; case 'login': $userinfo['action'] = $vbphrase['logging_in']; break; case 'logout': if ($userinfo['badlocation']) { $userinfo['action'] = $vbphrase['logging_out']; } break; case 'archive': $userinfo['action'] = $vbphrase['viewing_archives']; if ($seetitle) { $userinfo['where'] = $threadprefix . "<a href=\"archive/index.php/t-$threadid.html\" title=\"$threadpreview\">$threadtitle</a>"; } else if ($seeforum) { $userinfo['where'] = "<a href=\"archive/index.php/f-$forumid.html\">$forumtitle</a>"; } break; case 'pm': $userinfo['action'] = $vbphrase['private_messaging']; if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) { if ($seeuserid) { $userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>"; } if ($userinfo['values']['do'] == 'newpm' OR $userinfo['values']['do'] == 'insertpm' OR $userinfo['values']['do'] == 'newmessage') { $userinfo['action'] = $vbphrase['creating_private_message']; } else if ($userinfo['values']['do'] == 'editfolders' OR $userinfo['action']['do'] == 'updatefolders') { $userinfo['action'] = $vbphrase['modifying_private_message_folders']; } else if ($userinfo['values']['do'] == 'trackpm' OR $userinfo['values']['do'] == 'deletepmreceipt') { $userinfo['action'] = $vbphrase['tracking_private_messages']; } else if ($userinfo['values']['do'] == 'showpm') { $userinfo['action'] = $vbphrase['viewing_private_message']; } else if ($userinfo['values']['do'] == 'downloadpm') { $userinfo['action'] = $vbphrase['downloading_private_messages']; } } break; case 'addbuddy': case 'addignore': case 'buddyignore': $userinfo['action'] = $vbphrase['modifying_contact_ignore_list']; break; case 'subfolders': $userinfo['action'] = $vbphrase['modifying_subscription_folders']; break; case 'subscription': $userinfo['action'] = $vbphrase['viewing_subscribed_threads']; break; case 'addsubforum': $userinfo['action'] = $vbphrase['subscribing_to_forum']; if ($seeforum) { $userinfo['where'] = '<a href="' . fetch_seo_url('forum', array('forumid' => $forumid, 'title' => $forumtitle)) . "\">$forumtitle</a>"; } break; case 'addsubthread': $userinfo['action'] = $vbphrase['subscribing_to_thread']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>"; } break; case 'remsubthread': $userinfo['action'] = $vbphrase['deleting_subscribed_threads']; break; case 'remsubforum': $userinfo['action'] = $vbphrase['deleting_subscribed_forums']; break; case 'usercp': $userinfo['action'] = $vbphrase['viewing_user_control_panel']; break; case 'memberlistsearch': $userinfo['action'] = $vbphrase['searching_member_list']; break; case 'memberlist': $userinfo['action'] = $vbphrase['viewing_member_list']; break; case 'member_inlinemod': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>'; if (can_moderate()) { if ($seeuserid) { $userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>"; } } break; case 'inlinemod': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>'; if (can_moderate()) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>"; switch ($userinfo['values']['do']) { case 'open': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_opening_threads'] . '</i>'; break; case 'close': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_closing_threads'] . '</i>'; break; case 'stick': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_sticking_threads'] . '</i>'; break; case 'unstick': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unsticking_threads'] . '</i>'; break; case 'deletethread': case 'dodeletethreads': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_deleting_threads'] . '</i>'; break; case 'undeletethread': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_undeleting_threads'] . '</i>'; break; case 'approvethread': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_approving_threads'] . '</i>'; break; case 'unapprovethread': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unapproving_threads'] . '</i>'; break; case 'movethread': case 'domovethreads': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_moving_threads'] . '</i>'; break; case 'mergethread': case 'domergethreads': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_merging_threads'] . '</i>'; break; case 'deleteposts': case 'dodeleteposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_deleting_posts'] . '</i>'; break; case 'undeleteposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_undeleting_posts'] . '</i>'; break; case 'approveposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_approving_posts'] . '</i>'; break; case 'unapproveposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unapproving_posts'] . '</i>'; break; case 'mergeposts': case 'domergeposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_merging_posts'] . '</i>'; break; case 'moveposts': case 'domoveposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_moving_posts'] . '</i>'; break; case 'clearthread': case 'clearpost': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_clear'] . '</i>'; break; case 'spampost': case 'dodeletespam': case 'spamconfirm': $userinfo['action'] = '<i>' . $vbphrase['managing_spam'] . '</i>'; break; } } break; case 'postings': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</b></i>'; if (can_moderate($forumid) AND $threadtitle AND $canview AND ($canviewothers OR $postuserid == $vbulletin->userinfo['userid'])) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) ."\" title=\"$threadpreview\">$threadtitle</a>"; switch ($userinfo['values']['do']) { case 'editthread': case 'updatethread': $userinfo['action'] = '<i>' . $vbphrase['modifying_thread'] . '</i>'; break; case 'openclosethread': $userinfo['action'] = '<i>' . $vbphrase['open_close_thread'] . '</i>'; break; case 'movethread': $userinfo['action'] = '<i>' .$vbphrase['choosing_forum_to_move_thread_to'] . '</i>'; break; case 'domovethread': switch($userinfo['values']['method']) { case 'copy': $userinfo['action'] = '<i>' . $vbphrase['copying_thread_to_forum'] . '</i>'; break; case 'move': $userinfo['action'] = '<i>' . $vbphrase['moving_thread_to_forum'] . '</i>'; break; case 'movered': $userinfo['action'] = '<i>' . $vbphrase['moving_thread_with_redirect_to_forum'] . '</i>'; break; } $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a><br />" . '<a href="' . fetch_seo_url('forum', array('forumid' => $forumid, 'title' => $forumtitle)) . "\">$forumtitle</a>"; break; case 'deletethread': case 'dodeletethread': $userinfo['action'] = '<i>' . $vbphrase['deleting_thread'] . '</i>'; break; case 'deleteposts': case 'dodeleteposts': $userinfo['where'] = '<i>' . $vbphrase['deleting_posts'] . '</i>'; break; case 'merge': case 'domergethread': $userinfo['where'] = '<i>' . $vbphrase['merging_threads'] . '</i>'; break; case 'stick': $userinfo['where'] = '<i>' . $vbphrase['stick_unstick_thread'] . '</i>'; break; case 'getip': $userinfo['where'] = '<i>' . $vbphrase['viewing_ip_address'] . '</i>'; break; case 'removeredirect': $userinfo['where'] = '<i>' . $vbphrase['deleting_redirect'] . '</i>'; break; } } break; case 'register': $userinfo['action'] = $vbphrase['registering']; break; case 'requestemail': $userinfo['action'] = $vbphrase['request_activation_code']; break; case 'activate': $userinfo['action'] = $vbphrase['activating_registration']; break; case 'announcement': $userinfo['action'] = $vbphrase['viewing_announcement']; if ($seeforum) { $userinfo['where'] = '<a href="announcement.php?' . $vbulletin->session->vars['sessionurl'] . "f=$forumid\">$forumtitle</a>"; } break; case 'usergroup': $userinfo['action'] = $vbphrase['modifying_usergroups']; break; case 'polls': switch ($userinfo['values']['do']) { case 'showresults': $userinfo['action'] = $vbphrase['viewing_poll']; break; case '': case 'newpoll': case 'postpoll': $userinfo['action'] = $vbphrase['creating_poll']; if ($seeforum) { $userinfo['where'] = '<a href="' . fetch_seo_url('forum', array('forumid' => $forumid, 'title' => $forumtitle)) . "\">$forumtitle</a>"; } break; case 'polledit': case 'updatepoll': $userinfo['action'] = $vbphrase['modifying_poll']; break; case 'pollvote': $userinfo['action'] = $vbphrase['voting']; break; } break; case 'showsmilies': $userinfo['action'] = $vbphrase['viewing_smilies']; break; case 'showavatars': $userinfo['action'] = $vbphrase['viewing_avatars']; break; case 'bbcode': $userinfo['action'] = $vbphrase['viewing_bb_code']; break; case 'faq': $userinfo['action'] = $vbphrase['viewing_faq']; break; case 'edit': $userinfo['action'] = $vbphrase['modifying_post']; if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] AND $seetitle) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title']), array('p' => $postid)) ."#post$postid\" title=\"$threadpreview\">$threadtitle</a>"; } break; case 'sendto': $userinfo['action'] = $vbphrase['sending_thread_to_friend']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="printthread.php?' . $vbulletin->session->vars['sessionurl'] . "t=$threadid\" title=\"$threadpreview\">$threadtitle</a>"; } break; case 'contactus': $userinfo['action'] = $vbphrase['sending_forum_feedback']; break; case 'aim': $userinfo['action'] = $vbphrase['sending_aim_message']; if ($seeuserid) { $userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>"; } break; case 'msn': $userinfo['action'] = $vbphrase['sending_msn_message']; if ($seeuserid) { $userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>"; } break; case 'yahoo': $userinfo['action'] = $vbphrase['sending_yahoo_message']; if ($seeuserid) { $userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>"; } break; case 'icq': $userinfo['action'] = $vbphrase['sending_icq_message']; if ($seeuserid) { $userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>"; } break; case 'skype': $userinfo['action'] = $vbphrase['sending_skype_message']; if ($seeuserid) { $userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>"; } break; case 'report': if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] AND $seetitle) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title']), array('p' => $postid)) ."#post$postid\" title=\"$threadpreview\">$threadtitle</a>"; } $userinfo['action'] = $vbphrase['reporting_post']; break; case 'printthread': $userinfo['action'] = $vbphrase['viewing_printable_version']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="printthread.php?' . $vbulletin->session->vars['sessionurl'] . "t=$threadid\" title=\"$threadpreview\">$threadtitle</a>"; } break; case 'calendarweek': $userinfo['action'] = $vbphrase['viewing_calendar']; if ($seecalendar) { if ($userinfo['week']) { $week = "&week=$userinfo[week]"; } $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displayweek&c=$calendarid$week\">$calendartitle</a>"; } break; case 'calendarmonth'; $userinfo['action'] = $vbphrase['viewing_calendar']; if ($seecalendar) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displaymonth&c=$calendarid&month=$userinfo[month]&year=$userinfo[year]\">$calendartitle</a>"; } break; case 'calendaryear'; $userinfo['action'] = $vbphrase['viewing_calendar']; if ($seecalendar) { if ($userinfo['year']) { $year = "&year=$userinfo[year]"; } $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displayyear&c=$calendarid$year\">$calendartitle</a>"; } break; case 'calendarday': $userinfo['action'] = $vbphrase['viewing_calendar']; if ($seecalendar) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getday&c=$calendarid&day=$userinfo[day]\">$calendartitle</a>"; } break; case 'calendarevent': $userinfo['action'] = $vbphrase['viewing_event']; if ($seeevent) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&e=$eventid\">$eventtitle</a>"; } break; case 'calendaradd': case 'calendaraddrecur': $userinfo['action'] = $vbphrase['creating_event']; if ($seecalendar) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "c=$calendarid\">$calendartitle</a>"; } break; case 'calendaredit': $userinfo['action'] = $vbphrase['modifying_event']; if ($seeevent) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&e=$eventid\">$eventtitle</a>"; } break; case 'calreminder': $userinfo['action'] = $vbphrase['managing_reminder']; if ($seeevent) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&e=$eventid\">$eventtitle</a>"; } break; case 'newusernote': $userinfo['action'] = $vbphrase['creating_user_note']; if ($seeuserid) { $userinfo['where'] = '<a href="usernote.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewuser&u=$seeuserid\">$username</a>"; } break; case 'usernote': $userinfo['action'] = $vbphrase['viewing_user_note']; if ($seeuserid) { $userinfo['where'] = '<a href="usernote.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewuser&u=$seeuserid\">$username</a>"; } break; case 'reputation': $userinfo['action'] = $vbphrase['giving_reputation']; if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] AND $seetitle) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>"; } break; case 'joinrequests': $userinfo['action'] = $vbphrase['processing_joinrequests']; if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] AND $vbulletin->usergroupcache["$userinfo[usergroupid]"]['title']) { $userinfo['where'] = construct_phrase($vbphrase['viewing_x'], $vbulletin->usergroupcache["$userinfo[usergroupid]"]['title']); } break; case 'threadrate': $userinfo['action'] = $vbphrase['rating_thread']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title'])) . "\" title=\"$threadpreview\">$threadtitle</a>"; } break; case 'infractionreport': if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] OR $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) { $userinfo['action'] = $vbphrase['giving_infraction']; if ($seeuserid) { $userinfo['where'] = '<a href="' . fetch_seo_url('member', array('userid' => $seeuserid, 'username' => $wol_user["$seeuserid"]['username'])) . "\">$username</a>"; } else if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="' . fetch_seo_url('thread', array('threadid' => $threadid, 'title' => $wol_thread["$threadid"]['title']), array('p' => $postid)) . "#post$postid\" title=\"$threadpreview\">$threadtitle</a>"; } } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'infractionreverse': if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] OR $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) { $userinfo['action'] = $vbphrase['reversing_infraction']; if ($seeuserid) { $userinfo['where'] = '<a href="infraction.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&infractionid=$userinfo[infractionid]\">$username</a>"; } } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'infractionview': if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] OR $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) { $userinfo['action'] = $vbphrase['viewing_infraction']; if ($seeuserid) { $userinfo['where'] = '<a href="infraction.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&infractionid=$userinfo[infractionid]\">$username</a>"; } } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_deletedthreads': if (can_moderate()) { $userinfo['action'] = $vbphrase['viewing_deleted_threads']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_deletedposts': if (can_moderate()) { $userinfo['action'] = $vbphrase['viewing_deleted_posts']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_deletedvms': if (can_moderate(0,'canmoderatevisitormessages')) { $userinfo['action'] = $vbphrase['viewing_deleted_visitor_messages']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_deletedgms': if (can_moderate(0, 'canmoderategroupmessages')) { $userinfo['action'] = $vbphrase['viewing_deleted_social_group_messages']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_deletedpcs': if (can_moderate(0, 'canmoderatepicturecomments')) { $userinfo['action'] = $vbphrase['viewing_deleted_picture_comments']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedthreads': if (can_moderate(0, 'canmoderateposts')) { $userinfo['action'] = $vbphrase['viewing_moderated_threads']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedposts': if (can_moderate(0, 'canmoderateposts')) { $userinfo['action'] = $vbphrase['viewing_moderated_posts']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedvms': if (can_moderate(0, 'canmoderatevisitormessages')) { $userinfo['action'] = $vbphrase['viewing_moderated_visitor_messages']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedgms': if (can_moderate(0, 'canmoderategroupmessages')) { $userinfo['action'] = $vbphrase['viewing_moderated_social_group_messages']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedpcs': if (can_moderate(0, 'canmoderatepicturecomments')) { $userinfo['action'] = $vbphrase['viewing_moderated_picture_comments']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedattachments': if (can_moderate()) { $userinfo['action'] = $vbphrase['viewing_moderated_attachments']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'payments': $userinfo['action'] = $vbphrase['viewing_paid_subscriptions']; break; case 'spider': $userinfo['action'] = $vbphrase['search_engine_spider']; break; case 'admincp': $userinfo['action'] = $vbphrase['admin_control_panel']; break; case 'admincplogin': $userinfo['action'] = $vbphrase['admin_control_panel_login']; break; case 'modcp': $userinfo['action'] = $vbphrase['moderator_control_panel']; break; case 'modcplogin': $userinfo['action'] = $vbphrase['moderator_control_panel_login']; break; case 'album_delete': $userinfo['action'] = $vbphrase['deleting_album']; break; case 'album_edit_album': { $userinfo['action'] = $vbphrase['editing_album']; if ($canviewalbum) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid\">$albumname</a>"; } break; } case 'album_new_album': $userinfo['action'] = $vbphrase['creating_album']; break; case 'album_edit_picture': { $userinfo['action'] = $vbphrase['editing_pictures']; if ($canviewalbum) { if (!empty($userinfo['attachmentid'])) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid&attachmentid=" . $userinfo['attachmentid'] ."\">$albumname</a>"; } else { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid\">$albumname</a>"; } } } break; case 'album_upload': { $userinfo['action'] = $vbphrase['uploading_pictures']; if ($canviewalbum) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid\">$albumname</a>"; } } break; case 'album_picture': { $userinfo['action'] = $vbphrase['viewing_picture']; if ($canviewalbum) { if (!empty($userinfo['attachmentid'])) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid&attachmentidid=" . $userinfo['attachmentid'] ."\">$albumname</a>"; } else { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid\">$albumname</a>"; } } } break; case 'album_album': { $userinfo['action'] = $vbphrase['viewing_album']; if ($canviewalbum) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid=$albumid\">$albumname</a>"; } } break; case 'album_user': { $userinfo['action'] = $vbphrase['viewing_users_album']; if ($seeuserid) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "userid=$seeuserid\">$username</a>"; } } break; case 'album_unread_comments': $userinfo['action'] = $vbphrase['viewing_unread_picture_comments']; break; case 'album_moderated_comments': $userinfo['action'] = $vbphrase['viewing_picture_comments_awaiting_approval']; break; case 'picturecomment_posting': $userinfo['action'] = $vbphrase['posting_picture_comment']; break; case 'picturecomment_delete': $userinfo['action'] = $vbphrase['deleting_picture_comment']; break; case 'picturecomment_reporting': $userinfo['action'] = $vbphrase['reporting_picture_comment']; break; case 'picture_inlinemod': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>'; break; case 'viewing_cms_content': require_once(DIR . '/includes/functions_login.php'); $userinfo['action'] = $vbphrase['viewing_cms_content'] ; $userinfo['location'] = fetch_replaced_session_url(stripslashes($userinfo['location'])); $userinfo['where'] = "<a href=\"$userinfo[location]\">$userinfo[location]</a>"; break; case 'viewing_cms_list': require_once(DIR . '/includes/functions_login.php'); $userinfo['action'] =$vbphrase['viewing_cms_list'] ; $userinfo['location'] = fetch_replaced_session_url(stripslashes($userinfo['location'])); $userinfo['where'] = "<a href=\"$userinfo[location]\">$userinfo[location]</a>"; break; default: $handled = false; ($hook = vBulletinHook::fetch_hook('online_location_unknown')) ? eval($hook) : false; if ($handled == false) { if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad']) { require_once(DIR . '/includes/functions_login.php'); $userinfo['location'] = fetch_replaced_session_url(stripslashes($userinfo['location'])); $userinfo['where'] = "<a href=\"$userinfo[location]\">$userinfo[location]</a>"; $userinfo['action'] = '<b>' . $vbphrase['unknown_location'] . '</b>'; } else { // We were unable to parse the location $userinfo['action'] = $vbphrase['viewing_index']; $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>"; } } } } if ($userinfo['badlocation'] == 1) { // User received 'no permissions screen' if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad'] OR $userinfo['userid'] == $vbulletin->userinfo['userid']) { $show['nopermission'] = true; } else { $userinfo['action'] = $vbphrase['viewing_index']; $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>"; } } else if ($userinfo['badlocation'] == 2) { // Forum is locked $show['lockedout'] = true; } else if ($userinfo['badlocation'] == 3) { // User received error screen if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad'] OR $userinfo['userid'] == $vbulletin->userinfo['userid']) { $show['errormessage'] = true; } else { $userinfo['action'] = $vbphrase['viewing_index']; $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>"; } } if (!($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinelocation'])) { unset($userinfo['location']); } $userinfo['host_encoded'] = urlencode($userinfo['host']); if ($vbulletin->options['yestoday'] == 2) { $userinfo['time'] = vbdate($vbulletin->options['dateformat'], $userinfo['lastactivity'], 1); } else { $userinfo['time'] = vbdate($vbulletin->options['timeformat'], $userinfo['lastactivity']); } $wol_post['userid'] = $userinfo['userid']; $wol_post['username'] = $userinfo['realname']; ($hook = vBulletinHook::fetch_hook('online_bit_complete')) ? eval($hook) : false; if ($doall) { $show['loggedinuser'] = iif($userinfo['userid'], true, false); $show['buddy'] = iif($userinfo['buddy'], true, false); if ($userinfo['spider']) { $show['spider'] = true; if (!$userinfo['spidertype'] OR !($spidertype = construct_phrase($vbphrase["x_spider_{$userinfo['spidertype']}"], $userinfo['spider']))) { $spidertype = construct_phrase($vbphrase['x_spider_searchspider'], $userinfo['spider']); } } else { $show['spider'] = false; } $show['reallocation'] = iif($userinfo['location'], true, false); $show['subscribed'] = iif($wol_thread["$threadid"]['issubscribed'] AND $seetitle, true, false); $show['where'] = iif($userinfo['where'], true, false); $templater = vB_Template::create('whosonlinebit'); $templater->register('count', $count); $templater->register('ipclass', $ipclass); $templater->register('spidertype', $spidertype); $templater->register('userinfo', $userinfo); $onlinebits = $templater->render(); return $onlinebits; } else { return $userinfo; } }
public function getData() { if ($this->config['threads_forumids']) { if (in_array(-1, $this->config['threads_forumids'])) { $forumids = array_keys($this->registry->forumcache); } else { $forumids = $this->config['threads_forumids']; } } else { $forumids = array_keys($this->registry->forumcache); } $datecut = TIMENOW - ($this->config['datecut'] * 86400); switch (intval($this->config['threads_type'])) { case 0: $ordersql = " thread.dateline DESC"; $datecutoffsql = " AND thread.dateline > $datecut"; break; case 1: $ordersql = " thread.lastpost DESC"; $datecutoffsql = " AND thread.lastpost > $datecut"; break; case 2: $ordersql = " thread.replycount DESC"; $datecutoffsql = " AND thread.dateline > $datecut"; break; case 3: $ordersql = " thread.views DESC"; $datecutoffsql = " AND thread.dateline > $datecut"; break; } foreach ($forumids AS $forumid) { $forumperms =& $this->registry->userinfo['forumpermissions']["$forumid"]; if ($forumperms & $this->registry->bf_ugp_forumpermissions['canview'] AND ($forumperms & $this->registry->bf_ugp_forumpermissions['canviewothers']) AND (($forumperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'])) AND verify_forum_password($forumid, $this->registry->forumcache["$forumid"]['password'], false) ) { $forumchoice[] = $forumid; } } if (!empty($forumchoice)) { $forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")"; // remove threads from users on the global ignore list if user is not a moderator $globalignore = ''; if (trim($this->registry->options['globalignore']) != '') { require_once(DIR . '/includes/functions_bigthree.php'); if ($Coventry = fetch_coventry('string')) { $globalignore = "AND thread.postuserid NOT IN ($Coventry) "; } } // query last threads from visible / chosen forums $threads = $this->registry->db->query_read_slave(" SELECT thread.threadid, thread.title, thread.prefixid, post.attach, thread.postusername, thread.dateline, thread.lastpostid, thread.lastpost, thread.lastposterid, thread.lastposter, thread.replycount, forum.forumid, forum.title_clean as forumtitle, post.pagetext AS message, post.allowsmilie, post.postid, user.* " . ($this->registry->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . " FROM " . TABLE_PREFIX . "thread AS thread INNER JOIN " . TABLE_PREFIX . "forum AS forum ON(forum.forumid = thread.forumid) LEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = thread.firstpostid) LEFT JOIN " . TABLE_PREFIX . "user AS user ON (thread.postuserid = user.userid) " . ($this->registry->products['vbcms'] ? " LEFT JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.associatedthreadid = thread.threadid \n" : '') . ($this->registry->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . " WHERE 1=1 $forumsql AND thread.visible = 1 AND post.visible = 1 AND open <> 10 $datecutoffsql $globalignore " . ($this->userinfo['ignorelist'] ? "AND thread.postuserid NOT IN (" . implode(',', explode(' ', $this->userinfo['ignorelist'])) . ")": '') . ($this->registry->products['vbcms'] ? " AND info.associatedthreadid IS NULL " : '') . " ORDER BY$ordersql LIMIT 0," . intval($this->config['threads_limit']) . " "); while ($thread = $this->registry->db->fetch_array($threads)) { // $thread['url'] = fetch_seo_url('thread', $thread); // $thread['newposturl'] = fetch_seo_url('thread', $thread, array('goto' => 'newpost')); // $thread['lastposturl'] = fetch_seo_url('thread', $thread, array('p' => $thread['lastpostid'])) . '#post' . $thread['lastpostid']; // trim the title after fetching the urls //$thread['title'] = fetch_trimmed_title($thread['title'], $this->config['threads_titlemaxchars']); $thread['date'] = vbdate($this->registry->options['dateformat'], $thread['dateline'], true); $thread['time'] = vbdate($this->registry->options['timeformat'], $thread['dateline']); $thread['lastpostdate'] = vbdate($this->registry->options['dateformat'], $thread['lastpost'], true); $thread['lastposttime'] = vbdate($this->registry->options['timeformat'], $thread['lastpost']); // get avatar $this->fetch_avatarinfo($thread); $threadarray[$thread['threadid']] = $thread; } } return $threadarray; }
function do_get_post() { global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $postinfo; $vbulletin->input->clean_array_gpc('r', array('type' => TYPE_STR)); $type = 'html'; if ($vbulletin->GPC['type']) { $type = $vbulletin->GPC['type']; } if (!$postinfo['postid']) { standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])); } if ((!$postinfo['visible'] or $postinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) { standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])); } if ((!$threadinfo['visible'] or $threadinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) { standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])); } $forumperms = fetch_permissions($threadinfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { json_error(ERR_NO_PERMISSION); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { json_error(ERR_NO_PERMISSION); } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); $postbit_factory = new vB_Postbit_Factory(); $postbit_factory->registry =& $vbulletin; $postbit_factory->forum =& $foruminfo; $postbit_factory->cache = array(); $postbit_factory->bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $post = $db->query_first_slave("\n\tSELECT\n\tpost.*, post.username AS postusername, post.ipaddress AS ip, IF(post.visible = 2, 1, 0) AS isdeleted,\n\t user.*, userfield.*, usertextfield.*,\n\t " . iif($foruminfo['allowicons'], 'icon.title as icontitle, icon.iconpath,') . "\n\t IF(user.displaygroupid=0, user.usergroupid, user.displaygroupid) AS displaygroupid, infractiongroupid,\n\t\t" . iif($vbulletin->options['avatarenabled'], 'avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight,') . "\n\t\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? 'spamlog.postid AS spamlog_postid,' : '') . "\n\t\teditlog.userid AS edit_userid, editlog.username AS edit_username, editlog.dateline AS edit_dateline, editlog.reason AS edit_reason, editlog.hashistory,\n\t\tpostparsed.pagetext_html, postparsed.hasimages,\n\t\tsigparsed.signatureparsed, sigparsed.hasimages AS sighasimages,\n\t\tsigpic.userid AS sigpic, sigpic.dateline AS sigpicdateline, sigpic.width AS sigpicwidth, sigpic.height AS sigpicheight\n\t\t" . iif(!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canseehiddencustomfields']), $vbulletin->profilefield['hidden']) . "\n\t\t{$hook_query_fields}\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = post.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "userfield AS userfield ON(userfield.userid = user.userid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON(usertextfield.userid = user.userid)\n\t\t" . iif($foruminfo['allowicons'], "LEFT JOIN " . TABLE_PREFIX . "icon AS icon ON(icon.iconid = post.iconid)") . "\n\t\t" . iif($vbulletin->options['avatarenabled'], "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)") . "\n\t\t" . ((can_moderate($threadinfo['forumid'], 'canmoderateposts') or can_moderate($threadinfo['forumid'], 'candeleteposts')) ? "LEFT JOIN " . TABLE_PREFIX . "spamlog AS spamlog ON(spamlog.postid = post.postid)" : '') . "\n\t\tLEFT JOIN " . TABLE_PREFIX . "editlog AS editlog ON(editlog.postid = post.postid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "postparsed AS postparsed ON(postparsed.postid = post.postid AND postparsed.styleid = " . intval(STYLEID) . " AND postparsed.languageid = " . intval(LANGUAGEID) . ")\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigparsed AS sigparsed ON(sigparsed.userid = user.userid AND sigparsed.styleid = " . intval(STYLEID) . " AND sigparsed.languageid = " . intval(LANGUAGEID) . ")\n\t\tLEFT JOIN " . TABLE_PREFIX . "sigpic AS sigpic ON(sigpic.userid = post.userid)\n\t\t{$hook_query_joins}\n\t\tWHERE post.postid = {$postid}\n "); $types = vB_Types::instance(); $contenttypeid = $types->getContentTypeID('vBForum_Post'); $attachments = $db->query_read_slave("\n\t\tSELECT\n\t\t\tfd.thumbnail_dateline, fd.filesize, IF(fd.thumbnail_filesize > 0, 1, 0) AS hasthumbnail, fd.thumbnail_filesize,\n\t\t\ta.dateline, a.state, a.attachmentid, a.counter, a.contentid AS postid, a.filename,\n\t\t\ttype.contenttypes\n\t\tFROM " . TABLE_PREFIX . "attachment AS a\n\t\tINNER JOIN " . TABLE_PREFIX . "filedata AS fd ON (a.filedataid = fd.filedataid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "attachmenttype AS type ON (fd.extension = type.extension)\n\t\tWHERE\n\t\t\ta.contentid = {$postid}\n\t\t\t\tAND\n\t\t\ta.contenttypeid = {$contenttypeid}\n\t\tORDER BY a.attachmentid\n\t"); $fr_images = array(); while ($attachment = $db->fetch_array($attachments)) { $lfilename = strtolower($attachment['filename']); if (strpos($lfilename, '.jpe') !== false || strpos($lfilename, '.png') !== false || strpos($lfilename, '.gif') !== false || strpos($lfilename, '.jpg') !== false || strpos($lfilename, '.jpeg') !== false) { $tmp = array('img' => $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid']); if ($vbulletin->options['attachthumbs']) { $tmp['tmb'] = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachment['attachmentid'] . '&stc=1&thumb=1'; } $fr_images[] = $tmp; } } $postbits = ''; $postbit_obj =& $postbit_factory->fetch_postbit('post'); $postbit_obj->cachable = $post_cachable; $postbits .= $postbit_obj->construct_postbit($post); if ($type == 'html') { $bbcode_parser = new vB_BbCodeParser($vbulletin, fetch_tag_list()); $vbulletin->templatecache['bbcode_quote'] = ' <div style=\\"margin:0px; margin-top:0px;\\"> <table cellpadding=\\"$stylevar[cellpadding]\\" cellspacing=\\"0\\" border=\\"0\\" width=\\"100%\\"> <tr> <td class=\\"alt2\\" style=\\"border:1px solid #777777;\\"> ".(($show[\'username\']) ? (" <div> " . construct_phrase("$vbphrase[originally_posted_by_x]", "$username") . " </div> <div style=\\"font-style:italic\\">$message</div> ") : (" $message "))." </td> </tr> </table> </div> '; $css = <<<EOF <style type="text/css"> body { margin: 0; padding: 3; font: 13px Arial, Helvetica, sans-serif; } .alt2 { background-color: #e6edf5; font: 13px Arial, Helvetica, sans-serif; } html { -webkit-text-size-adjust: none; } </style> EOF; $html = $css . $bbcode_parser->parse($post['pagetext']); $image = ''; } else { if ($type == 'facebook') { $html = fetch_censored_text(strip_bbcode(strip_quotes($post['pagetext']), false, true)); if (count($fr_images)) { $image = $fr_images[0]['img']; } } } // Figure out if we can post $canpost = true; if ($threadinfo['isdeleted'] or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) { $canpost = false; } if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) { $canpost = false; } if (!$threadinfo['open']) { if (!can_moderate($threadinfo['forumid'], 'canopenclose')) { $canpost = false; } } if (($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyothers']))) { $canpost = false; } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canreplyown']) and $vbulletin->userinfo['userid'] == $threadinfo['postuserid']) { $canpost = false; } // Avatar work $avatarurl = ''; if ($post['avatarurl']) { $avatarurl = process_avatarurl($post['avatarurl']); } // Get post date/time $postdate = vbdate($vbulletin->options['dateformat'], $post['dateline'], 1); $posttime = vbdate($vbulletin->options['timeformat'], $post['dateline']); // Parse the post for quotes and inline images list($text, $nuked_quotes, $images) = parse_post($post['pagetext'], $post['allowsmilie'] && $usesmilies); $out = array('html' => prepare_utf8_string($html), 'post_id' => $post['postid'], 'thread_id' => $post['threadid'], 'forum_id' => $foruminfo['forumid'], 'forum_title' => prepare_utf8_string($foruminfo['title_clean']), 'username' => prepare_utf8_string(strip_tags($post['username'])), 'joindate' => prepare_utf8_string($post['joindate']), 'usertitle' => prepare_utf8_string(strip_tags($post['usertitle'])), 'numposts' => $post['posts'] ? (string) $post['posts'] : '0', 'userid' => $post['userid'], 'title' => prepare_utf8_string($post['title']), 'post_timestamp' => prepare_utf8_string(date_trunc($postdate) . ' ' . $posttime), 'canpost' => $canpost, 'quotable' => $nuked_quotes, 'canattach' => $forumperms & $vbulletin->bf_ugp_forumpermissions['canpostattachment'] and $vbulletin->userinfo['userid'], 'edittext' => prepare_utf8_string($post['pagetext'])); if ($avatarurl != '') { $out['avatarurl'] = $avatarurl; } if ($post['editlink']) { $out['canedit'] = true; } if ($image != '') { $out['image'] = $image; } return $out; }
function do_report() { global $vbulletin, $postinfo, $threadinfo, $foruminfo; if (!$vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } $reportthread = ($rpforumid = $vbulletin->options['rpforumid'] and $rpforuminfo = fetch_foruminfo($rpforumid)); $reportemail = ($vbulletin->options['enableemail'] and $vbulletin->options['rpemail']); if (!$reportthread and !$reportemail) { standard_error(fetch_error('emaildisabled')); } $reportobj = new vB_ReportItem_Post($vbulletin); $reportobj->set_extrainfo('forum', $foruminfo); $reportobj->set_extrainfo('thread', $threadinfo); $perform_floodcheck = $reportobj->need_floodcheck(); if ($perform_floodcheck) { $reportobj->perform_floodcheck_precommit(); } $forumperms = fetch_permissions($threadinfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or $threadinfo['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) { json_error(ERR_NO_PERMISSION); } if (!$postinfo['postid']) { standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])); } if ((!$postinfo['visible'] or $postinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) { standard_error(fetch_error('invalidid', $vbphrase['post'], $vbulletin->options['contactuslink'])); } if ((!$threadinfo['visible'] or $threadinfo['isdeleted']) and !can_moderate($threadinfo['forumid'])) { standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])); } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); ($hook = vBulletinHook::fetch_hook('report_start')) ? eval($hook) : false; $vbulletin->input->clean_array_gpc('p', array('reason' => TYPE_STR)); if ($vbulletin->GPC['reason'] == '') { standard_error(fetch_error('noreason')); } if ($perform_floodcheck) { $reportobj->perform_floodcheck_commit(); } $reportobj->do_report(prepare_remote_utf8_string($vbulletin->GPC['reason']), $postinfo); return array('success' => true); }
// used for session.inthread $foruminfo = array('forumid' => $attachmentinfo['forumid']); // used for session.inforum # Block attachments belonging to soft deleted posts and threads if (!can_moderate($attachmentinfo['forumid']) and ($attachmentinfo['post_visible'] == 2 or $attachmentinfo['thread_visible'] == 2)) { eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']))); } # Block attachments belonging to moderated posts and threads if (!can_moderate($attachmentinfo['forumid'], 'canmoderateposts') and ($attachmentinfo['post_visible'] == 0 or $attachmentinfo['thread_visible'] == 0)) { eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']))); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($attachmentinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { print_no_permission(); } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($attachmentinfo['forumid'], $vbulletin->forumcache["{$attachmentinfo['forumid']}"]['password']); if (!$attachmentinfo['visible'] and !can_moderate($attachmentinfo['forumid'], 'canmoderateattachments') and $attachmentinfo['userid'] != $vbulletin->userinfo['userid']) { eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']))); } } // handle lightbox requests if ($_REQUEST['do'] == 'lightbox') { require_once DIR . '/includes/class_xml.php'; $xml = new vB_AJAX_XML_Builder($vbulletin, 'text/xml'); if (in_array(strtolower($attachmentinfo['extension']), array('jpg', 'jpeg', 'jpe', 'gif', 'png'))) { $uniqueid = $vbulletin->GPC['uniqueid']; $imagelink = 'attachment.php?' . $vbulletin->session->vars['sessionurl'] . 'attachmentid=' . $attachmentinfo['attachmentid'] . '&d=' . $attachmentinfo['dateline']; $attachmentinfo['date_string'] = vbdate($vbulletin->options['dateformat'], $attachmentinfo['dateline']); $attachmentinfo['time_string'] = vbdate($vbulletin->options['timeformat'], $attachmentinfo['dateline']); $show['newwindow'] = $attachmentinfo['newwindow'] ? true : false; ($hook = vBulletinHook::fetch_hook('attachment_lightbox')) ? eval($hook) : false;
private function getThreads($type) { global $vbulletin, $VB_API_REQUESTS; if ($vbulletin->options['mobilehomethreadforumids']) { $forumids = $this->verifycommaoption($vbulletin->options['mobilehomethreadforumids']); } if (!$forumids) { $forumids = array_keys($vbulletin->forumcache); } if ($type != 'last') { $datecut = TIMENOW - $vbulletin->options['mobilehomethreaddatecut'] * 86400; } else { $datecut = $vbulletin->userinfo['lastvisit']; } switch ($type) { case 'top': $ordersql = " thread.views DESC"; $datecutoffsql = " AND thread.dateline > {$datecut}"; break; case 'new': $ordersql = " thread.dateline DESC"; $datecutoffsql = " AND thread.dateline > {$datecut}"; break; case 'last': $ordersql = " thread.lastpost DESC"; $datecutoffsql = " AND thread.lastpost > {$datecut}"; break; default: return null; } foreach ($forumids as $forumid) { $forumperms =& $vbulletin->userinfo['forumpermissions']["{$forumid}"]; if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] and verify_forum_password($forumid, $vbulletin->forumcache["{$forumid}"]['password'], false)) { $forumchoice[] = $forumid; } } if (!empty($forumchoice)) { $forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")"; // remove threads from users on the global ignore list if user is not a moderator $globalignore = ''; if (trim($vbulletin->options['globalignore']) != '') { require_once DIR . '/includes/functions_bigthree.php'; if ($Coventry = fetch_coventry('string')) { $globalignore = "AND thread.postuserid NOT IN ({$Coventry}) "; } } // query last threads from visible / chosen forums $threads = $vbulletin->db->query_read_slave("\n\t\t\t\tSELECT thread.threadid, thread.title, thread.prefixid, post.attach,\n\t\t\t\t\tthread.postusername, thread.dateline, thread.lastpostid, thread.lastpost AS threadlastpost, thread.lastposterid, thread.lastposter, thread.replycount, thread.views,\n\t\t\t\t\tforum.forumid, forum.title_clean as forumtitle,\n\t\t\t\t\tpost.pagetext AS message, post.allowsmilie, post.postid,\n\t\t\t\t\tuser.*\n\t\t\t\t\t" . ($vbulletin->options['avatarenabled'] ? ",avatar.avatarpath, NOT ISNULL(customavatar.userid) AS hascustomavatar, customavatar.dateline AS avatardateline,customavatar.width AS avwidth,customavatar.height AS avheight" : "") . "\n\t\t\t\tFROM " . TABLE_PREFIX . "thread AS thread\n\t\t\t\tINNER JOIN " . TABLE_PREFIX . "forum AS forum ON(forum.forumid = thread.forumid)\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = thread.firstpostid)\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (thread.postuserid = user.userid)\n\t\t\t\t" . ($vbulletin->products['vbcms'] ? " LEFT JOIN " . TABLE_PREFIX . "cms_nodeinfo AS info ON info.associatedthreadid = thread.threadid \n" : '') . ($vbulletin->options['avatarenabled'] ? "LEFT JOIN " . TABLE_PREFIX . "avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN " . TABLE_PREFIX . "customavatar AS customavatar ON(customavatar.userid = user.userid)" : "") . "\n\t\t\tWHERE 1=1\n\t\t\t\t{$forumsql}\n\t\t\t\tAND thread.visible = 1\n\t\t\t\tAND post.visible = 1\n\t\t\t\tAND open <> 10\n\t\t\t\t{$datecutoffsql}\n\t\t\t\t{$globalignore}\n\t\t\t\t" . ($vbulletin->userinfo['ignorelist'] ? "AND thread.postuserid NOT IN (" . implode(',', explode(' ', $vbulletin->userinfo['ignorelist'])) . ")" : '') . ($vbulletin->products['vbcms'] ? " AND info.associatedthreadid IS NULL " : '') . "\n\t\t\tORDER BY{$ordersql}\n\t\t\tLIMIT 0, " . $vbulletin->options['mobilehomemaxitems'] . "\n\t\t\t"); $i = 0; while ($thread = $vbulletin->db->fetch_array($threads)) { // still need to censor the title $thread['title'] = fetch_censored_text($thread['title']); // get avatar $this->fetch_avatarinfo($thread); $array[$i] = array('id' => $thread['threadid'], 'title' => $thread['title'], 'replycount' => $thread['replycount'], 'viewcount' => $thread['views'], 'userid' => $thread['userid'], 'username' => $thread['postusername'], 'avatarurl' => $thread['avatarurl'], 'type' => 'thread', 'time' => $thread['lastpost']); if ($VB_API_REQUESTS['api_version'] > 1) { $array[$i]['lastposttime'] = $thread['threadlastpost']; } else { $array[$i]['lastpostdate'] = date($vbulletin->options['dateformat'], $thread['threadlastpost']); $array[$i]['lastposttime'] = date($vbulletin->options['timeformat'], $thread['threadlastpost']); } $i++; } } return $array; }
} $show['postinfo'] = ($infractioninfo['postid'] and $threadinfo); if ($infractioninfo['threadid'] and $disthreadinfo = fetch_threadinfo($infractioninfo['threadid'])) { $show['disthread'] = true; if ((!$disthreadinfo['visible'] or $disthreadinfo['isdeleted']) and !can_moderate($disthreadinfo['forumid'])) { $show['disthread'] = false; } $forumperms = fetch_permissions($disthreadinfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { $show['disthread'] = false; } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($disthreadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) { $show['disthread'] = false; } // check if there is a forum password and if so, ensure the user has it set if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) { $show['disthread'] = false; } } else { $show['disthread'] = false; } // draw nav bar $navbits = array(); $parentlist = array_reverse(explode(',', $foruminfo['parentlist'])); foreach ($parentlist as $forumID) { $forumTitle = $vbulletin->forumcache["{$forumID}"]['title']; $navbits['forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumID}"] = $forumTitle; } if ($postinfo['postid']) { $navbits['showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postinfo['postid']}#post{$postinfo['postid']}"] = $threadinfo['prefix_plain_html'] . ' ' . $threadinfo['title']; }
/** * Loads assorted show variables. Ideally, these would be used in templates, * but sometimes they're used within code. */ public function load_show_variables() { parent::load_show_variables(); global $vbulletin, $show, $threadinfo, $foruminfo; $show['foruminfo'] = (THIS_SCRIPT == 'forumdisplay' and $vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']); if (THIS_SCRIPT == 'showthread' and $threadinfo['threadid']) { if (!($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canview']) or (!$threadinfo['visible'] and !can_moderate($foruminfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($foruminfo['forumid'])) or in_coventry($threadinfo['postuserid']) and !can_moderate($foruminfo['forumid']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($vbulletin->userinfo['forumpermissions']["{$foruminfo['forumid']}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0) or !verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) { $show['threadinfo'] = false; } else { $show['threadinfo'] = true; } } else { $show['threadinfo'] = false; } }
function fetch_search_forumids_array($parentid = -1, $depthmark = '') { global $searchforumids, $vbulletin; static $indexed_forum_cache; if ($parentid == -1) { $searchforumids = array(); $indexed_forum_cache = array(); foreach ($vbulletin->forumcache as $forumid => $forum) { $indexed_forum_cache["{$forum['parentid']}"]["{$forumid}"] =& $vbulletin->forumcache["{$forumid}"]; } } if (is_array($indexed_forum_cache["{$parentid}"])) { foreach ($indexed_forum_cache["{$parentid}"] as $forumid => $forum) { $forumperms =& $vbulletin->userinfo['forumpermissions']["{$forumid}"]; if ($forum['displayorder'] != 0 and $forumperms & $vbulletin->bf_ugp_forumpermissions['canview'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['cansearch'] and $forum['options'] & $vbulletin->bf_misc_forumoptions['active'] and verify_forum_password($forum['forumid'], $forum['password'], false)) { $vbulletin->forumcache["{$forumid}"]['depthmark'] = $depthmark; $searchforumids[] = $forumid; fetch_search_forumids_array($forumid, $depthmark . FORUM_PREPEND); } } } }
} else { if ($number_of_forums > 1) { $title = implode(',', $forumchoice); } else { $title = ''; } } if (!empty($forumchoice)) { $forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")"; } else { $forumsql = ""; } } else { foreach (array_keys($vbulletin->forumcache) as $forumid) { $forumperms =& $vbulletin->userinfo['forumpermissions']["{$forumid}"]; if ($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'] and $forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'] and ($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'] or in_array($vbulletin->GPC['type'], array('JS', 'XML'))) and verify_forum_password($forumid, $vbulletin->forumcache["{$forumid}"]['password'], false)) { $forumchoice[] = $forumid; } } if (!empty($forumchoice)) { $forumsql = "AND thread.forumid IN(" . implode(',', $forumchoice) . ")"; } else { $forumsql = ""; } } if (empty($forumchoice)) { // no access to view selected forums exit; } switch ($vbulletin->GPC['type']) { case 'JS':
function do_subscribe_thread() { global $vbulletin, $db, $foruminfo, $threadinfo; if (!$vbulletin->userinfo['userid']) { json_error(ERR_INVALID_LOGGEDIN, RV_NOT_LOGGED_IN); } $vbulletin->input->clean_array_gpc('r', array('emailupdate' => TYPE_UINT, 'folderid' => TYPE_INT)); $vbulletin->GPC['folderid'] = 0; if (!$foruminfo['forumid']) { json_error(ERR_INVALID_THREAD); } $forumperms = fetch_permissions($foruminfo['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) { json_error(ERR_INVALID_THREAD); } if (!$foruminfo['allowposting'] or $foruminfo['link'] or !$foruminfo['cancontainthreads']) { json_error(ERR_CANNOT_SUB_FORUM_CLOSED); } // check if there is a forum password and if so, ensure the user has it set if (!verify_forum_password($foruminfo['forumid'], $foruminfo['password'], false)) { json_error(ERR_CANNOT_SUB_PASSWORD); } if ($threadinfo['threadid']) { if (!$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts')) { json_error(ERR_INVALID_THREAD); } if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or ($vbulletin->userinfo['userid'] != $threadinfo['postuserid'] or !$vbulletin->userinfo['userid']) and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers'])) { json_error(ERR_INVALID_THREAD); } /*insert query*/ $db->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribethread (userid, threadid, emailupdate, folderid, canview)\n\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", {$threadinfo['threadid']}, " . $vbulletin->GPC['emailupdate'] . ", " . $vbulletin->GPC['folderid'] . ", 1)\n\t\t"); } else { if ($foruminfo['forumid']) { /*insert query*/ $db->query_write("\n\t\t\tREPLACE INTO " . TABLE_PREFIX . "subscribeforum (userid, emailupdate, forumid)\n\t\t\tVALUES (" . $vbulletin->userinfo['userid'] . ", " . $vbulletin->GPC['emailupdate'] . ", " . $vbulletin->GPC['forumid'] . ")\n\t\t"); } } return array('success' => true); }
protected function fetchCanViewForum($forumid) { return vB::$vbulletin->userinfo['forumpermissions']["{$forumid}"] & vB::$vbulletin->bf_ugp_forumpermissions['canview'] and verify_forum_password($forumid, vB::$vbulletin->forumcache["{$forumid}"]['password'], false); }
function construct_online_bit($userinfo, $doall = 0) { global $vbulletin, $limitlower, $limitupper, $stylevar, $vbphrase, $ipclass, $show; global $wol_album, $wol_attachment, $wol_calendar, $wol_event, $wol_inf, $wol_pm, $wol_post, $wol_search, $wol_socialgroup, $wol_thread, $wol_user; static $count; $count++; $show['nopermission'] = false; $show['lockedout'] = false; $show['errormessage'] = false; if ($doall == 1 and ($count > $limitupper or $count < $limitlower)) { return ''; } if ($userinfo['attachmentid']) { $postid = $wol_attachment["{$userinfo['attachmentid']}"]; } else { $postid = $userinfo['postid']; } if ($postid) { $threadid = $wol_post["{$postid}"]; } else { $threadid = $userinfo['threadid']; } $forumid = $userinfo['forumid']; $calendarid = $userinfo['calendarid']; $eventid = $userinfo['eventid']; $searchid = $userinfo['searchid']; $groupid = $userinfo['socialgroupid']; $albumid = $userinfo['albumid']; if ($albumid) { require_once DIR . '/includes/functions_album.php'; $albumname = fetch_censored_text($wol_album["{$albumid}"]['title']); $canviewalbum = true; if ($wol_album["{$albumid}"]['state'] == 'profile' and !can_view_profile_albums($wol_album["{$albumid}"]['userid'])) { $canviewalbum = false; } else { if ($wol_album["{$albumid}"]['state'] == 'private' and !can_view_private_albums($wol_album["{$albumid}"]['userid'])) { $canviewalbum = false; } } } if ($groupid) { $groupname = fetch_censored_text($wol_socialgroup["{$groupid}"]['name']); $canviewgroup = true; } if ($searchid) { $searchquery = $wol_search["{$searchid}"]['query']; $searchuser = $wol_search["{$searchid}"]['searchuser']; $searchuserid = $wol_search["{$searchid}"]['userid']; } if (!$forumid and isset($wol_thread["{$threadid}"]['forumid'])) { $forumid = $wol_thread["{$threadid}"]['forumid']; } else { if (!$forumid and isset($wol_thread["{$wol_post[$postid]}"]['forumid'])) { $forumid = $wol_thread["{$wol_post[$postid]}"]['forumid']; } } $threadtitle = fetch_censored_text($wol_thread["{$threadid}"]['title']); $threadprefix = $wol_thread["{$threadid}"]['prefixid'] ? $vbphrase['prefix_' . $wol_thread["{$threadid}"]['prefixid'] . '_title_rich'] . ' ' : ''; $canview = $vbulletin->userinfo['forumpermissions']["{$forumid}"] & $vbulletin->bf_ugp_forumpermissions['canview']; $canviewothers = $vbulletin->userinfo['forumpermissions']["{$forumid}"] & $vbulletin->bf_ugp_forumpermissions['canviewothers']; $canviewthreads = $vbulletin->userinfo['forumpermissions']["{$forumid}"] & $vbulletin->bf_ugp_forumpermissions['canviewthreads']; $postuserid = $wol_thread["{$threadid}"]['postuserid']; $forumtitle = $vbulletin->forumcache["{$forumid}"]['title']; $threadpreview = $wol_thread["{$threadid}"]['preview']; if (!$calendarid and isset($wol_event["{$eventid}"]['calendarid'])) { $calendarid = $wol_event["{$eventid}"]['calendarid']; } $eventtitle = htmlspecialchars_uni($wol_event["{$eventid}"]['title']); $eventpostuserid = $wol_event["{$eventid}"]['postuserid']; $calendartitle = $wol_calendar["{$calendarid}"]; $canviewcalendar = $vbulletin->userinfo['calendarpermissions']["{$calendarid}"] & $vbulletin->bf_ugp_calendarpermissions['canviewcalendar']; $canviewothersevent = $vbulletin->userinfo['calendarpermissions']["{$calendarid}"] & $vbulletin->bf_ugp_calendarpermissions['canviewothersevent']; if (($wol_thread["{$threadid}"]['isdeleted'] or !$wol_thread["{$threadid}"]['visible']) and !can_moderate($forumid)) { $threadviewable = 0; } else { $threadviewable = 1; } if ($threadviewable and $threadtitle and $canview and ($canviewothers or $postuserid == $vbulletin->userinfo['userid']) and verify_forum_password($forumid, $vbulletin->forumcache["{$forumid}"]['password'], false)) { $seetitle = 1; } if ($forumtitle and ($canview or $vbulletin->forumcache["{$forumid}"]['showprivate'] > 1 or !$vbulletin->forumcache["{$forumid}"]['showprivate'] and $vbulletin->options['showprivateforums'])) { $seeforum = 1; } if ($eventtitle and $canviewcalendar and ($canviewothersevent or $eventpostuserid == $vbulletin->userinfo['userid'])) { $seeevent = 1; } if ($calendartitle and $canviewcalendar) { $seecalendar = 1; } if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) { if ($userinfo['pmid']) { $seeuserid = $wol_pm["{$userinfo['pmid']}"]; } else { if ($userinfo['searchid']) { $seeuserid = $wol_search["{$searchid}"]['targetuserid']; } else { if ($userinfo['infractionid']) { $seeuserid = $wol_inf["{$userinfo['infractionid']}"]['userid']; } else { $seeuserid = $userinfo['targetuserid']; } } } } switch ($userinfo['activity']) { case 'visitormessage_posting': $userinfo['action'] = $vbphrase['posting_visitor_message']; break; case 'visitormessage_delete': $userinfo['action'] = $vbphrase['deleting_visitor_message']; break; case 'viewingipaddress': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</b></i>'; if (can_moderate()) { $userinfo['action'] = $vbphrase['viewing_ip_address']; } break; case 'visitormessage_reporting': $userinfo['action'] = $vbphrase['reporting_visitor_message']; break; case 'posthistory': $userinfo['action'] = $vbphrase['viewing_post_history']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } break; case 'tags': $userinfo['action'] = $vbphrase['managing_tags']; break; case 'tag_list': $userinfo['action'] = $vbphrase['viewing_tag_list']; break; case 'socialgroups_join': $userinfo['action'] = $vbphrase['joining_social_group']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&groupid={$groupid}\">{$groupname}</a>"; } break; case 'socialgroups_leave': $userinfo['action'] = $vbphrase['leaving_social_group']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&groupid={$groupid}\">{$groupname}</a>"; } break; case 'socialgroups_edit': $userinfo['action'] = $vbphrase['editing_social_group']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&groupid={$groupid}\">{$groupname}</a>"; } break; case 'socialgroups_view': $userinfo['action'] = $vbphrase['viewing_social_group']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&groupid={$groupid}\">{$groupname}</a>"; } break; case 'socialgroups_memberlist': $userinfo['action'] = $vbphrase['viewing_social_group_memberlist']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewmembers&groupid={$groupid}\">{$groupname}</a>"; } break; case 'socialgroups_delete': $userinfo['action'] = $vbphrase['deleting_social_group']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewmembers&groupid={$groupid}\">{$groupname}</a>"; } break; case 'socialgroups_create': $userinfo['action'] = $vbphrase['creating_social_group']; break; case 'socialgroups_list': $userinfo['action'] = $vbphrase['viewing_social_group_list']; if ($canviewgroup) { $userinfo['where'] = '<a href="group.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&groupid={$groupid}\">{$groupname}</a>"; } break; case 'group_inlinemod': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>'; break; case 'showthread': $userinfo['action'] = $vbphrase['viewing_thread']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } break; case 'showpost': $userinfo['action'] = $vbphrase['viewing_thread']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } break; case 'forumdisplay': $userinfo['action'] = $vbphrase['viewing_forum']; if ($seeforum) { if ($vbulletin->forumcache["{$forumid}"]['link']) { $userinfo['action'] = $vbphrase['followed_forum_link']; } $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>"; } break; case 'newthread': $userinfo['action'] = $vbphrase['creating_thread']; if ($seeforum) { $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>"; } break; case 'newreply': $userinfo['action'] = $vbphrase['replying_to_thread']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } break; case 'attachments': $userinfo['action'] = $vbphrase['viewing_attachments']; if ($seeuserid) { $userinfo['where'] = '<a href="misc.php?' . $vbulletin->session->vars['sessionurl'] . "do=attachments&u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } break; case 'manageattachment': $userinfo['action'] = $vbphrase['managing_attachments']; break; case 'attachment': $userinfo['action'] = $vbphrase['viewing_attachment']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } break; case 'index': $userinfo['action'] = $vbphrase['viewing_index']; $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . '</a>'; break; case 'online': $userinfo['action'] = $vbphrase['viewing_whos_online']; break; case 'searchnew': $userinfo['action'] = $vbphrase['viewing_new_posts']; $userinfo['where'] = '<a href="search.php?' . $vbulletin->session->vars['sessionurl'] . "do=getnew\">{$vbphrase['new_posts']}</a>"; break; case 'search': $userinfo['action'] = $vbphrase['searching_forums']; if ($searchid and $vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) { if ($searchquery) { $userinfo['where'] = construct_phrase($vbphrase['query_x'], htmlspecialchars_uni($searchquery)); } if ($searchuser and $wol_search["{$searchid}"]['targetuserid']) { if ($searchquery) { $userinfo['where'] .= '<br />'; } $userinfo['where'] .= construct_phrase($vbphrase['user_x'], '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"); } } break; case 'mail': $userinfo['action'] = $vbphrase['emailing']; if ($seeuserid) { $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } break; case 'getinfo': $userinfo['action'] = $vbphrase['viewing_user_profile']; if ($seeuserid) { $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } break; case 'converse': $userinfo['action'] = $vbphrase['viewing_conversation']; if ($seeuserid and $wol_user["{$userinfo['guestuserid']}"]) { $userinfo['where'] = construct_phrase($vbphrase['x_and_y_converse'], '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>", '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$userinfo['guestuserid']}\">" . $wol_user["{$userinfo['guestuserid']}"] . "</a>"); } break; case 'editprofile': $userinfo['action'] = $vbphrase['modifying_profile']; break; case 'editoptions': $userinfo['action'] = $vbphrase['modifying_options']; break; case 'lostpw': case 'editpassword': $userinfo['action'] = $vbphrase['modifying_password']; break; case 'editavatar': $userinfo['action'] = $vbphrase['modifying_avatar']; break; case 'editprofilepic': $userinfo['action'] = $vbphrase['modifying_profilepic']; break; case 'editsignature': $userinfo['action'] = $vbphrase['modifying_signature']; break; case 'markread': $userinfo['where'] = $vbphrase['marking_forums_read']; break; case 'whoposted': if ($seetitle) { $userinfo['action'] = $vbphrase['viewing_who_posted']; $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } else { $userinfo['action'] = $vbphrase['viewing_thread']; } break; case 'showattachments': if ($seetitle) { $userinfo['action'] = $vbphrase['viewing_attachment_list']; $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } else { $userinfo['action'] = $vbphrase['viewing_thread']; } break; case 'showgroups': $userinfo['action'] = $vbphrase['viewing_forum_leaders']; break; case 'login': $userinfo['action'] = $vbphrase['logging_in']; break; case 'logout': if ($userinfo['badlocation']) { $userinfo['action'] = $vbphrase['logging_out']; } break; case 'archive': $userinfo['action'] = $vbphrase['viewing_archives']; if ($seetitle) { $userinfo['where'] = $threadprefix . "<a href=\"archive/index.php/t-{$threadid}.html\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } else { if ($seeforum) { $userinfo['where'] = "<a href=\"archive/index.php/f-{$forumid}.html\">{$forumtitle}</a>"; } } break; case 'pm': $userinfo['action'] = $vbphrase['private_messaging']; if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull']) { if ($seeuserid) { $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } if ($userinfo['values']['do'] == 'newpm' or $userinfo['values']['do'] == 'insertpm' or $userinfo['values']['do'] == 'newmessage') { $userinfo['action'] = $vbphrase['creating_private_message']; } else { if ($userinfo['values']['do'] == 'editfolders' or $userinfo['action']['do'] == 'updatefolders') { $userinfo['action'] = $vbphrase['modifying_private_message_folders']; } else { if ($userinfo['values']['do'] == 'trackpm' or $userinfo['values']['do'] == 'deletepmreceipt') { $userinfo['action'] = $vbphrase['tracking_private_messages']; } else { if ($userinfo['values']['do'] == 'showpm') { $userinfo['action'] = $vbphrase['viewing_private_message']; } else { if ($userinfo['values']['do'] == 'downloadpm') { $userinfo['action'] = $vbphrase['downloading_private_messages']; } } } } } } break; case 'addbuddy': case 'addignore': case 'buddyignore': $userinfo['action'] = $vbphrase['modifying_contact_ignore_list']; break; case 'subfolders': $userinfo['action'] = $vbphrase['modifying_subscription_folders']; break; case 'subscription': $userinfo['action'] = $vbphrase['viewing_subscribed_threads']; break; case 'addsubforum': $userinfo['action'] = $vbphrase['subscribing_to_forum']; if ($seeforum) { $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>"; } break; case 'addsubthread': $userinfo['action'] = $vbphrase['subscribing_to_thread']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } break; case 'remsubthread': $userinfo['action'] = $vbphrase['deleting_subscribed_threads']; break; case 'remsubforum': $userinfo['action'] = $vbphrase['deleting_subscribed_forums']; break; case 'usercp': $userinfo['action'] = $vbphrase['viewing_user_control_panel']; break; case 'memberlistsearch': $userinfo['action'] = $vbphrase['searching_member_list']; break; case 'memberlist': $userinfo['action'] = $vbphrase['viewing_member_list']; break; case 'member_inlinemod': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>'; if (can_moderate()) { if ($seeuserid) { $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } } break; case 'inlinemod': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>'; if (can_moderate()) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; switch ($userinfo['values']['do']) { case 'open': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_opening_threads'] . '</i>'; break; case 'close': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_closing_threads'] . '</i>'; break; case 'stick': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_sticking_threads'] . '</i>'; break; case 'unstick': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unsticking_threads'] . '</i>'; break; case 'deletethread': case 'dodeletethreads': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_deleting_threads'] . '</i>'; break; case 'undeletethread': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_undeleting_threads'] . '</i>'; break; case 'approvethread': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_approving_threads'] . '</i>'; break; case 'unapprovethread': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unapproving_threads'] . '</i>'; break; case 'movethread': case 'domovethreads': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_moving_threads'] . '</i>'; break; case 'mergethread': case 'domergethreads': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_merging_threads'] . '</i>'; break; case 'deleteposts': case 'dodeleteposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_deleting_posts'] . '</i>'; break; case 'undeleteposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_undeleting_posts'] . '</i>'; break; case 'approveposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_approving_posts'] . '</i>'; break; case 'unapproveposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_unapproving_posts'] . '</i>'; break; case 'mergeposts': case 'domergeposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_merging_posts'] . '</i>'; break; case 'moveposts': case 'domoveposts': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_moving_posts'] . '</i>'; break; case 'clearthread': case 'clearpost': $userinfo['action'] = '<i>' . $vbphrase['inline_mod_clear'] . '</i>'; break; case 'spampost': case 'dodeletespam': case 'spamconfirm': $userinfo['action'] = '<i>' . $vbphrase['managing_spam'] . '</i>'; break; } } break; case 'postings': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</b></i>'; if (can_moderate($forumid) and $threadtitle and $canview and ($canviewothers or $postuserid == $vbulletin->userinfo['userid'])) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; switch ($userinfo['values']['do']) { case 'editthread': case 'updatethread': $userinfo['action'] = '<i>' . $vbphrase['modifying_thread'] . '</i>'; break; case 'openclosethread': $userinfo['action'] = '<i>' . $vbphrase['open_close_thread'] . '</i>'; break; case 'movethread': $userinfo['action'] = '<i>' . $vbphrase['choosing_forum_to_move_thread_to'] . '</i>'; break; case 'domovethread': switch ($userinfo['values']['method']) { case 'copy': $userinfo['action'] = '<i>' . $vbphrase['copying_thread_to_forum'] . '</i>'; break; case 'move': $userinfo['action'] = '<i>' . $vbphrase['moving_thread_to_forum'] . '</i>'; break; case 'movered': $userinfo['action'] = '<i>' . $vbphrase['moving_thread_with_redirect_to_forum'] . '</i>'; break; } $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a><br />" . '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>"; break; case 'deletethread': case 'dodeletethread': $userinfo['action'] = '<i>' . $vbphrase['deleting_thread'] . '</i>'; break; case 'deleteposts': case 'dodeleteposts': $userinfo['where'] = '<i>' . $vbphrase['deleting_posts'] . '</i>'; break; case 'merge': case 'domergethread': $userinfo['where'] = '<i>' . $vbphrase['merging_threads'] . '</i>'; break; case 'stick': $userinfo['where'] = '<i>' . $vbphrase['stick_unstick_thread'] . '</i>'; break; case 'getip': $userinfo['where'] = '<i>' . $vbphrase['viewing_ip_address'] . '</i>'; break; case 'removeredirect': $userinfo['where'] = '<i>' . $vbphrase['deleting_redirect'] . '</i>'; break; } } break; case 'register': $userinfo['action'] = $vbphrase['registering']; break; case 'requestemail': $userinfo['action'] = $vbphrase['request_activation_code']; break; case 'activate': $userinfo['action'] = $vbphrase['activating_registration']; break; case 'announcement': $userinfo['action'] = $vbphrase['viewing_announcement']; if ($seeforum) { $userinfo['where'] = '<a href="announcement.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>"; } break; case 'usergroup': $userinfo['action'] = $vbphrase['modifying_usergroups']; break; case 'polls': switch ($userinfo['values']['do']) { case 'showresults': $userinfo['action'] = $vbphrase['viewing_poll']; break; case '': case 'newpoll': case 'postpoll': $userinfo['action'] = $vbphrase['creating_poll']; if ($seeforum) { $userinfo['where'] = '<a href="forumdisplay.php?' . $vbulletin->session->vars['sessionurl'] . "f={$forumid}\">{$forumtitle}</a>"; } break; case 'polledit': case 'updatepoll': $userinfo['action'] = $vbphrase['modifying_poll']; break; case 'pollvote': $userinfo['action'] = $vbphrase['voting']; break; } break; case 'showsmilies': $userinfo['action'] = $vbphrase['viewing_smilies']; break; case 'showavatars': $userinfo['action'] = $vbphrase['viewing_avatars']; break; case 'bbcode': $userinfo['action'] = $vbphrase['viewing_bb_code']; break; case 'faq': $userinfo['action'] = $vbphrase['viewing_faq']; break; case 'edit': $userinfo['action'] = $vbphrase['modifying_post']; if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $seetitle) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } break; case 'sendto': $userinfo['action'] = $vbphrase['sending_thread_to_friend']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="printthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } break; case 'contactus': $userinfo['action'] = $vbphrase['sending_forum_feedback']; break; case 'aim': $userinfo['action'] = $vbphrase['sending_aim_message']; if ($seeuserid) { $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } break; case 'msn': $userinfo['action'] = $vbphrase['sending_msn_message']; if ($seeuserid) { $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } break; case 'yahoo': $userinfo['action'] = $vbphrase['sending_yahoo_message']; if ($seeuserid) { $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } break; case 'icq': $userinfo['action'] = $vbphrase['sending_icq_message']; if ($seeuserid) { $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } break; case 'skype': $userinfo['action'] = $vbphrase['sending_skype_message']; if ($seeuserid) { $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } break; case 'report': if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $seetitle) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } $userinfo['action'] = $vbphrase['reporting_post']; break; case 'printthread': $userinfo['action'] = $vbphrase['viewing_printable_version']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="printthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } break; case 'calendarweek': $userinfo['action'] = $vbphrase['viewing_calendar']; if ($seecalendar) { if ($userinfo['week']) { $week = "&week={$userinfo['week']}"; } $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displayweek&c={$calendarid}{$week}\">{$calendartitle}</a>"; } break; case 'calendarmonth': $userinfo['action'] = $vbphrase['viewing_calendar']; if ($seecalendar) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displaymonth&c={$calendarid}&month={$userinfo['month']}&year={$userinfo['year']}\">{$calendartitle}</a>"; } break; case 'calendaryear': $userinfo['action'] = $vbphrase['viewing_calendar']; if ($seecalendar) { if ($userinfo['year']) { $year = "&year={$userinfo['year']}"; } $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=displayyear&c={$calendarid}{$year}\">{$calendartitle}</a>"; } break; case 'calendarday': $userinfo['action'] = $vbphrase['viewing_calendar']; if ($seecalendar) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getday&c={$calendarid}&day={$userinfo['day']}\">{$calendartitle}</a>"; } break; case 'calendarevent': $userinfo['action'] = $vbphrase['viewing_event']; if ($seeevent) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&e={$eventid}\">{$eventtitle}</a>"; } break; case 'calendaradd': case 'calendaraddrecur': $userinfo['action'] = $vbphrase['creating_event']; if ($seecalendar) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "c={$calendarid}\">{$calendartitle}</a>"; } break; case 'calendaredit': $userinfo['action'] = $vbphrase['modifying_event']; if ($seeevent) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&e={$eventid}\">{$eventtitle}</a>"; } break; case 'calreminder': $userinfo['action'] = $vbphrase['managing_reminder']; if ($seeevent) { $userinfo['where'] = '<a href="calendar.php?' . $vbulletin->session->vars['sessionurl'] . "do=getinfo&e={$eventid}\">{$eventtitle}</a>"; } break; case 'newusernote': $userinfo['action'] = $vbphrase['creating_user_note']; if ($seeuserid) { $userinfo['where'] = '<a href="usernote.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewuser&u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } break; case 'usernote': $userinfo['action'] = $vbphrase['viewing_user_note']; if ($seeuserid) { $userinfo['where'] = '<a href="usernote.php?' . $vbulletin->session->vars['sessionurl'] . "do=viewuser&u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } break; case 'reputation': $userinfo['action'] = $vbphrase['giving_reputation']; if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $seetitle) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } break; case 'joinrequests': $userinfo['action'] = $vbphrase['processing_joinrequests']; if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinefull'] and $vbulletin->usergroupcache["{$userinfo['usergroupid']}"]['title']) { $userinfo['where'] = construct_phrase($vbphrase['viewing_x'], $vbulletin->usergroupcache["{$userinfo['usergroupid']}"]['title']); } break; case 'threadrate': $userinfo['action'] = $vbphrase['rating_thread']; if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "t={$threadid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } break; case 'infractionreport': if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] or $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) { $userinfo['action'] = $vbphrase['giving_infraction']; if ($seeuserid) { $userinfo['where'] = '<a href="member.php?' . $vbulletin->session->vars['sessionurl'] . "u={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } else { if ($seetitle) { $userinfo['where'] = $threadprefix . '<a href="showthread.php?' . $vbulletin->session->vars['sessionurl'] . "p={$postid}#post{$postid}\" title=\"{$threadpreview}\">{$threadtitle}</a>"; } } } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'infractionreverse': if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] or $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) { $userinfo['action'] = $vbphrase['reversing_infraction']; if ($seeuserid) { $userinfo['where'] = '<a href="infraction.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&infractionid={$userinfo['infractionid']}\">{$wol_user[$seeuserid]}</a>"; } } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'infractionview': if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cangiveinfraction'] or $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_wolpermissions['canreverseinfraction']) { $userinfo['action'] = $vbphrase['viewing_infraction']; if ($seeuserid) { $userinfo['where'] = '<a href="infraction.php?' . $vbulletin->session->vars['sessionurl'] . "do=view&infractionid={$userinfo['infractionid']}\">{$wol_user[$seeuserid]}</a>"; } } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_deletedthreads': if (can_moderate()) { $userinfo['action'] = $vbphrase['viewing_deleted_threads']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_deletedposts': if (can_moderate()) { $userinfo['action'] = $vbphrase['viewing_deleted_posts']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_deletedvms': if (can_moderate(0, 'canmoderatevisitormessages')) { $userinfo['action'] = $vbphrase['viewing_deleted_visitor_messages']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_deletedgms': if (can_moderate(0, 'canmoderategroupmessages')) { $userinfo['action'] = $vbphrase['viewing_deleted_social_group_messages']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_deletedpcs': if (can_moderate(0, 'canmoderatepicturecomments')) { $userinfo['action'] = $vbphrase['viewing_deleted_picture_comments']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedthreads': if (can_moderate(0, 'canmoderateposts')) { $userinfo['action'] = $vbphrase['viewing_moderated_threads']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedposts': if (can_moderate(0, 'canmoderateposts')) { $userinfo['action'] = $vbphrase['viewing_moderated_posts']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedvms': if (can_moderate(0, 'canmoderatevisitormessages')) { $userinfo['action'] = $vbphrase['viewing_moderated_visitor_messages']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedgms': if (can_moderate(0, 'canmoderategroupmessages')) { $userinfo['action'] = $vbphrase['viewing_moderated_social_group_messages']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedpcs': if (can_moderate(0, 'canmoderatepicturecomments')) { $userinfo['action'] = $vbphrase['viewing_moderated_picture_comments']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'modcp_moderatedpictures': if (can_moderate(0, 'canmoderatepictures')) { $userinfo['action'] = $vbphrase['viewing_moderated_pictures']; } else { $userinfo['action'] = $vbphrase['viewing_index']; } break; case 'payments': $userinfo['action'] = $vbphrase['viewing_paid_subscriptions']; break; case 'spider': $userinfo['action'] = $vbphrase['search_engine_spider']; break; case 'admincp': $userinfo['action'] = $vbphrase['admin_control_panel']; break; case 'admincplogin': $userinfo['action'] = $vbphrase['admin_control_panel_login']; break; case 'modcp': $userinfo['action'] = $vbphrase['moderator_control_panel']; break; case 'modcplogin': $userinfo['action'] = $vbphrase['moderator_control_panel_login']; break; case 'album_delete': $userinfo['action'] = $vbphrase['deleting_album']; break; case 'album_edit_album': $userinfo['action'] = $vbphrase['editing_album']; if ($canviewalbum) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>"; } break; case 'album_new_album': $userinfo['action'] = $vbphrase['creating_album']; break; case 'album_edit_picture': $userinfo['action'] = $vbphrase['editing_pictures']; if ($canviewalbum) { if (!empty($userinfo['pictureid'])) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}&pictureid=" . $userinfo['pictureid'] . "\">{$albumname}</a>"; } else { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>"; } } break; case 'album_upload': $userinfo['action'] = $vbphrase['uploading_pictures']; if ($canviewalbum) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>"; } break; case 'album_picture': $userinfo['action'] = $vbphrase['viewing_picture']; if ($canviewalbum) { if (!empty($userinfo['pictureid'])) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}&pictureid=" . $userinfo['pictureid'] . "\">{$albumname}</a>"; } else { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>"; } } break; case 'album_album': $userinfo['action'] = $vbphrase['viewing_album']; if ($canviewalbum) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albumid}\">{$albumname}</a>"; } break; case 'album_user': $userinfo['action'] = $vbphrase['viewing_users_album']; if ($seeuserid) { $userinfo['where'] = '<a href="album.php?' . $vbulletin->session->vars['sessionurl'] . "userid={$seeuserid}\">{$wol_user[$seeuserid]}</a>"; } break; case 'album_unread_comments': $userinfo['action'] = $vbphrase['viewing_unread_picture_comments']; break; case 'album_moderated_comments': $userinfo['action'] = $vbphrase['viewing_picture_comments_awaiting_approval']; break; case 'picturecomment_posting': $userinfo['action'] = $vbphrase['posting_picture_comment']; break; case 'picturecomment_delete': $userinfo['action'] = $vbphrase['deleting_picture_comment']; break; case 'picturecomment_reporting': $userinfo['action'] = $vbphrase['reporting_picture_comment']; break; case 'picture_inlinemod': $userinfo['action'] = '<b><i>' . $vbphrase['moderating'] . '</i></b>'; break; default: $handled = false; ($hook = vBulletinHook::fetch_hook('online_location_unknown')) ? eval($hook) : false; if ($handled == false) { if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad']) { require_once DIR . '/includes/functions_login.php'; $userinfo['location'] = fetch_replaced_session_url(stripslashes($userinfo['location'])); $userinfo['where'] = "<a href=\"{$userinfo['location']}\">{$userinfo['location']}</a>"; $userinfo['action'] = '<b>' . $vbphrase['unknown_location'] . '</b>'; } else { // We were unable to parse the location $userinfo['action'] = $vbphrase['viewing_index']; $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>"; } } } if ($userinfo['badlocation'] == 1) { // User received 'no permissions screen' if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad'] or $userinfo['userid'] == $vbulletin->userinfo['userid']) { $show['nopermission'] = true; } else { $userinfo['action'] = $vbphrase['viewing_index']; $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>"; } } else { if ($userinfo['badlocation'] == 2) { // Forum is locked $show['lockedout'] = true; } else { if ($userinfo['badlocation'] == 3) { // User received error screen if ($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinebad'] or $userinfo['userid'] == $vbulletin->userinfo['userid']) { $show['errormessage'] = true; } else { $userinfo['action'] = $vbphrase['viewing_index']; $userinfo['where'] = '<a href="' . $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q'] . '">' . $vbulletin->options['bbtitle'] . "</a>"; } } } } if (!($vbulletin->userinfo['permissions']['wolpermissions'] & $vbulletin->bf_ugp_wolpermissions['canwhosonlinelocation'])) { unset($userinfo['location']); } $userinfo['host_encoded'] = urlencode($userinfo['host']); if ($vbulletin->options['yestoday'] == 2) { $userinfo['time'] = vbdate($vbulletin->options['dateformat'], $userinfo['lastactivity'], 1); } else { $userinfo['time'] = vbdate($vbulletin->options['timeformat'], $userinfo['lastactivity']); } $wol_post['userid'] = $userinfo['userid']; $wol_post['username'] = $userinfo['realname']; ($hook = vBulletinHook::fetch_hook('online_bit_complete')) ? eval($hook) : false; if ($doall) { $show['loggedinuser'] = iif($userinfo['userid'], true, false); $show['buddy'] = iif($userinfo['buddy'], true, false); if ($userinfo['spider']) { $show['spider'] = true; if (!$userinfo['spidertype'] or !($spidertype = construct_phrase($vbphrase["x_spider_{$userinfo['spidertype']}"], $userinfo['spider']))) { $spidertype = construct_phrase($vbphrase['x_spider_searchspider'], $userinfo['spider']); } } else { $show['spider'] = false; } $show['reallocation'] = iif($userinfo['location'], true, false); $show['subscribed'] = iif($wol_thread["{$threadid}"]['issubscribed'] and $seetitle, true, false); $show['where'] = iif($userinfo['where'], true, false); eval('$onlinebits = "' . fetch_template('whosonlinebit') . '";'); return $onlinebits; } else { return $userinfo; } }
function do_moderation() { global $vbulletin, $db, $foruminfo, $forumperms, $threadinfo, $postinfo, $vbphrase, $threadid; $postlimit = 400; $threadlimit = 200; $threadarray = array(); $postarray = array(); $postinfos = array(); $forumlist = array(); $threadlist = array(); switch ($_REQUEST['do']) { case 'openclosethread': case 'dodeletethread': case 'domovethread': case 'updatethread': case 'domergethread': case 'stick': case 'removeredirect': case 'deletethread': case 'deleteposts': case 'movethread': case 'copythread': case 'editthread': case 'mergethread': case 'moderatethread': if (!$threadinfo['threadid']) { standard_error(fetch_error('invalidid', $vbphrase['thread'], $vbulletin->options['contactuslink'])); } } if ($_REQUEST['do'] == 'getforums') { $forums = array(); get_forums(-1, $forums); return array('forums' => $forums); } if ($threadinfo['forumid']) { $forumperms = fetch_permissions($threadinfo['forumid']); if ($threadinfo['postuserid'] != $vbulletin->userinfo['userid'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads'])) { json_error(ERR_NO_PERMISSION); } } // Open/Close Thread if ($_POST['do'] == 'openclosethread') { if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) { if (can_moderate($threadinfo['forumid'])) { json_error(ERR_NO_PERMISSION); } else { standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])); } } // permission check if (!can_moderate($threadinfo['forumid'], 'canopenclose')) { if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'])) { json_error(ERR_NO_PERMISSION); } else { if (!is_first_poster($threadid)) { json_error(ERR_NO_PERMISSION); } } } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); // handles mod log $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost'); $threadman->set_existing($threadinfo); $threadman->set('open', $threadman->fetch_field('open') == 1 ? 0 : 1); ($hook = vBulletinHook::fetch_hook('threadmanage_openclose')) ? eval($hook) : false; $threadman->save(); } // Stick/Unstick Thread if ($_POST['do'] == 'stick') { if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) { if (can_moderate($threadinfo['forumid'])) { json_error(ERR_NO_PERMISSION); } else { standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])); } } if (!can_moderate($threadinfo['forumid'], 'canmanagethreads')) { json_error(ERR_NO_PERMISSION); } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); // handles mod log $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_ARRAY, 'threadpost'); $threadman->set_existing($threadinfo); $threadman->set('sticky', $threadman->fetch_field('sticky') == 1 ? 0 : 1); ($hook = vBulletinHook::fetch_hook('threadmanage_stickunstick')) ? eval($hook) : false; $threadman->save(); } // Delete Thread if ($_POST['do'] == 'dodeletethread') { $vbulletin->input->clean_array_gpc('p', array('deletetype' => TYPE_UINT, 'deletereason' => TYPE_STR, 'keepattachments' => TYPE_BOOL)); $vbulletin->GPC['deletereason'] = prepare_remote_utf8_string($vbulletin->GPC['deletereason']); if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'canremoveposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) { if (can_moderate($threadinfo['forumid'])) { json_error(ERR_NO_PERMISSION); } else { standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])); } } $physicaldel = false; if (!can_moderate($threadinfo['forumid'], 'candeleteposts') and !can_moderate($threadinfo['forumid'], 'canremoveposts')) { if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletepost']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['candeletethread'])) { json_error(ERR_NO_PERMISSION); } else { if ($threadinfo['dateline'] < TIMENOW - $vbulletin->options['edittimelimit'] * 60 and $vbulletin->options['edittimelimit'] != 0) { json_error(ERR_NO_PERMISSION); } else { if (!$threadinfo['open']) { json_error(ERR_NO_PERMISSION); } if (!is_first_poster($threadinfo['threadid'])) { json_error(ERR_NO_PERMISSION); } } } } else { if (!can_moderate($threadinfo['forumid'], 'canremoveposts')) { $physicaldel = false; } else { if (!can_moderate($threadinfo['forumid'], 'candeleteposts')) { $physicaldel = true; } else { $physicaldel = iif($vbulletin->GPC['deletetype'] == 1, false, true); } } } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); $delinfo = array('userid' => $vbulletin->userinfo['userid'], 'username' => $vbulletin->userinfo['username'], 'reason' => $vbulletin->GPC['deletereason'], 'keepattachments' => $vbulletin->GPC['keepattachments']); $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost'); $threadman->set_existing($threadinfo); $threadman->delete($foruminfo['countposts'], $physicaldel, $delinfo); unset($threadman); build_forum_counters($threadinfo['forumid']); } // Delete Posts if ($_POST['do'] == 'dodeleteposts') { $vbulletin->input->clean_array_gpc('p', array('postids' => TYPE_STR)); $postids = explode(',', $vbulletin->GPC['postids']); foreach ($postids as $index => $postid) { if (intval($postid) == 0) { unset($postids["{$index}"]); } else { $postids["{$index}"] = intval($postid); } } if (empty($postids)) { standard_error(fetch_error('no_applicable_posts_selected')); } if (count($postids) > 400) { standard_error(fetch_error('you_are_limited_to_working_with_x_posts', $postlimit)); } $vbulletin->input->clean_array_gpc('p', array('deletetype' => TYPE_UINT, 'keepattachments' => TYPE_BOOL, 'deletereason' => TYPE_STR)); $vbulletin->GPC['deletereason'] = prepare_remote_utf8_string($vbulletin->GPC['deletereason']); $physicaldel = iif($vbulletin->GPC['deletetype'] == 1, false, true); // Validate posts $posts = $db->query_read_slave("\n\t\tSELECT post.postid, post.threadid, post.parentid, post.visible, post.title, post.userid AS posteruserid,\n\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.firstpostid, thread.visible AS thread_visible\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\tWHERE postid IN (" . implode(',', $postids) . ")\n\t\tORDER BY postid\n\t"); $deletethreads = array(); $firstpost = array(); while ($post = $db->fetch_array($posts)) { $forumperms = fetch_permissions($post['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $post['postuserid'] != $vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } if ((!$post['visible'] or !$post['thread_visible']) and !can_moderate($post['forumid'], 'canmoderateposts')) { standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts')); } else { if (($post['visible'] == 2 or $post['thread_visible'] == 2) and !can_moderate($post['forumid'], 'candeleteposts')) { standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title'])); } else { if (!can_moderate($post['forumid'], 'canremoveposts') and !can_moderate($post['forumid'], 'candeleteposts')) { standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title'])); } } } if (!can_moderate($post['forumid'], 'canremoveposts') and $physicaldel) { standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title'])); } else { if (!physicaldel and (!can_moderate($post['forumid'], 'candeleteposts') and ($post['posteruserid'] != $vbulletin->userinfo['userid'] or !($vbulletin->userinfo['permissions']['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['candeletepost'])))) { standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title'])); } } $postarray["{$post['postid']}"] = $post; $threadlist["{$post['threadid']}"] = true; $forumlist["{$post['forumid']}"] = true; if ($post['firstpostid'] == $post['postid']) { // deleting a thread so do not decremement the counters of any other posts in this thread $firstpost["{$post['threadid']}"] = true; } else { if (!empty($firstpost["{$post['threadid']}"])) { $postarray["{$post['postid']}"]['skippostcount'] = true; } } } if (empty($postarray)) { standard_error(fetch_error('no_applicable_posts_selected')); } $firstpost = false; $gotothread = true; foreach ($postarray as $postid => $post) { $foruminfo = fetch_foruminfo($post['forumid']); $postman =& datamanager_init('Post', $vbulletin, ERRTYPE_SILENT, 'threadpost'); $postman->set_existing($post); $postman->delete($foruminfo['countposts'] and !$post['skippostcount'], $post['threadid'], $physicaldel, array('userid' => $vbulletin->userinfo['userid'], 'username' => $vbulletin->userinfo['username'], 'reason' => $vbulletin->GPC['deletereason'], 'keepattachments' => $vbulletin->GPC['keepattachments'])); unset($postman); } foreach (array_keys($threadlist) as $threadid) { build_thread_counters($threadid); } foreach (array_keys($forumlist) as $forumid) { build_forum_counters($forumid); } ($hook = vBulletinHook::fetch_hook('inlinemod_dodeleteposts')) ? eval($hook) : false; } // Move Thread if ($_POST['do'] == 'domovethread') { $vbulletin->input->clean_array_gpc('p', array('destforumid' => TYPE_UINT, 'redirect' => TYPE_STR, 'title' => TYPE_NOHTML, 'redirectprefixid' => TYPE_NOHTML, 'redirecttitle' => TYPE_NOHTML, 'period' => TYPE_UINT, 'frame' => TYPE_STR)); $vbulletin->GPC['title'] = prepare_remote_utf8_string($vbulletin->GPC['title']); $vbulletin->GPC['redirecttitle'] = prepare_remote_utf8_string($vbulletin->GPC['redirecttitle']); $vbulletin->GPC['redirectprefixid'] = prepare_remote_utf8_string($vbulletin->GPC['redirectprefixid']); if ($threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts')) { if (can_moderate($threadinfo['forumid'])) { json_error(ERR_NO_PERMISSION); } else { standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])); } } // check whether dest can contain posts $destforumid = verify_id('forum', $vbulletin->GPC['destforumid']); $destforuminfo = fetch_foruminfo($destforumid); if (!$destforuminfo['cancontainthreads'] or $destforuminfo['link']) { standard_error(fetch_error('moveillegalforum')); } if ($threadinfo['isdeleted'] and !can_moderate($destforuminfo['forumid'], 'candeleteposts') or !$threadinfo['visible'] and !can_moderate($destforuminfo['forumid'], 'canmoderateposts')) { ## Insert proper phrase about not being able to move a hidden thread to a forum you can't moderateposts in or a deleted thread to a forum you can't deletethreads in standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink'])); } // check source forum permissions if (!can_moderate($threadinfo['forumid'], 'canmanagethreads')) { if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canmove'])) { json_error(ERR_NO_PERMISSION); } else { if (!$threadinfo['open'] and !($forumperms & $vbulletin->bf_ugp_forumpermissions['canopenclose'])) { json_error(ERR_NO_PERMISSION); } if (!is_first_poster($threadid)) { json_error(ERR_NO_PERMISSION); } } } // check destination forum permissions $destforumperms = fetch_permissions($destforuminfo['forumid']); if (!($destforumperms & $vbulletin->bf_ugp_forumpermissions['canview'])) { json_error(ERR_NO_PERMISSION); } // check if there is a forum password and if so, ensure the user has it set verify_forum_password($foruminfo['forumid'], $foruminfo['password']); verify_forum_password($destforuminfo['forumid'], $destforuminfo['password']); // check to see if this thread is being returned to a forum it's already been in // if a redirect exists already in the destination forum, remove it if ($checkprevious = $db->query_first_slave("SELECT threadid FROM " . TABLE_PREFIX . "thread WHERE forumid = {$destforuminfo['forumid']} AND open = 10 AND pollid = {$threadid}")) { $old_redirect =& datamanager_init('Thread', $vbulletin, ERRTYPE_ARRAY, 'threadpost'); $old_redirect->set_existing($checkprevious); $old_redirect->delete(false, true, NULL, false); unset($old_redirect); } // check to see if this thread is being moved to the same forum it's already in but allow copying to the same forum if ($destforuminfo['forumid'] == $threadinfo['forumid'] and $vbulletin->GPC['redirect']) { standard_error(fetch_error('movesameforum')); } ($hook = vBulletinHook::fetch_hook('threadmanage_move_start')) ? eval($hook) : false; if ($vbulletin->GPC['title'] != '' and $vbulletin->GPC['title'] != $threadinfo['title']) { $oldtitle = $threadinfo['title']; $threadinfo['title'] = unhtmlspecialchars($vbulletin->GPC['title']); $updatetitle = true; } else { $oldtitle = $threadinfo['title']; $updatetitle = false; } if ($vbulletin->GPC['redirect'] == 'none') { $method = 'move'; } else { $method = 'movered'; } switch ($method) { // *************************************************************** // move the thread wholesale into the destination forum case 'move': // update forumid/notes and unstick to prevent abuse $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost'); $threadman->set_info('skip_moderator_log', true); $threadman->set_existing($threadinfo); if ($updatetitle) { $threadman->set('title', $threadinfo['title']); if ($vbulletin->options['similarthreadsearch']) { require_once DIR . '/includes/functions_search.php'; $threadman->set('similar', fetch_similar_threads(fetch_censored_text($vbulletin->GPC['title']), $threadinfo['threadid'])); } } else { // Bypass check since title wasn't modified $threadman->set('title', $threadinfo['title'], true, false); } $threadman->set('forumid', $destforuminfo['forumid']); // If mod can not manage threads in destination forum then unstick thread if (!can_moderate($destforuminfo['forumid'], 'canmanagethreads')) { $threadman->set('sticky', 0); } ($hook = vBulletinHook::fetch_hook('threadmanage_move_simple')) ? eval($hook) : false; $threadman->save(); log_moderator_action($threadinfo, 'thread_moved_to_x', $destforuminfo['title']); break; // *************************************************************** // *************************************************************** // move the thread into the destination forum and leave a redirect // *************************************************************** // *************************************************************** // move the thread into the destination forum and leave a redirect case 'movered': $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_STANDARD, 'threadpost'); $threadman->set_info('skip_moderator_log', true); $threadman->set_existing($threadinfo); if ($updatetitle) { $threadman->set('title', $threadinfo['title']); if ($vbulletin->options['similarthreadsearch']) { require_once DIR . '/includes/functions_search.php'; $threadman->set('similar', fetch_similar_threads(fetch_censored_text($vbulletin->GPC['title']), $threadinfo['threadid'])); } } else { // Bypass check since title wasn't modified $threadman->set('title', $threadinfo['title'], true, false); } $threadman->set('forumid', $destforuminfo['forumid']); // If mod can not manage threads in destination forum then unstick thread if (!can_moderate($destforuminfo['forumid'], 'canmanagethreads')) { $threadman->set('sticky', 0); } ($hook = vBulletinHook::fetch_hook('threadmanage_move_redirect_orig')) ? eval($hook) : false; $threadman->save(); unset($threadman); if ($threadinfo['visible'] == 1) { // Insert redirect for visible thread log_moderator_action($threadinfo, 'thread_moved_with_redirect_to_a', $destforuminfo['title']); $redirdata = array('lastpost' => intval($threadinfo['lastpost']), 'forumid' => intval($threadinfo['forumid']), 'pollid' => intval($threadinfo['threadid']), 'open' => 10, 'replycount' => intval($threadinfo['replycount']), 'postusername' => $threadinfo['postusername'], 'postuserid' => intval($threadinfo['postuserid']), 'lastposter' => $threadinfo['lastposter'], 'dateline' => intval($threadinfo['dateline']), 'views' => intval($threadinfo['views']), 'iconid' => intval($threadinfo['iconid']), 'visible' => 1); $redir =& datamanager_init('Thread', $vbulletin, ERRTYPE_ARRAY, 'threadpost'); foreach (array_keys($redirdata) as $field) { // bypassing the verify_* calls; this data should be valid as is $redir->setr($field, $redirdata["{$field}"], true, false); } if ($updatetitle) { if (empty($vbulletin->GPC['redirecttitle'])) { $redir->set('title', $threadinfo['title']); } else { $redir->set('title', unhtmlspecialchars($vbulletin->GPC['redirecttitle'])); } } else { // Bypass check since title wasn't modified if (empty($vbulletin->GPC['redirecttitle'])) { $redir->set('title', $threadinfo['title'], true, false); } else { $redir->set('title', unhtmlspecialchars($vbulletin->GPC['redirecttitle'])); } } require_once DIR . '/includes/functions_prefix.php'; if (can_use_prefix($vbulletin->GPC['redirectprefixid'])) { $redir->set('prefixid', $vbulletin->GPC['redirectprefixid']); } ($hook = vBulletinHook::fetch_hook('threadmanage_move_redirect_notice')) ? eval($hook) : false; if ($redirthreadid = $redir->save() and $vbulletin->GPC['redirect'] == 'expires') { switch ($vbulletin->GPC['frame']) { case 'h': $expires = mktime(date('H') + $vbulletin->GPC['period'], date('i'), date('s'), date('m'), date('d'), date('y')); break; case 'd': $expires = mktime(date('H'), date('i'), date('s'), date('m'), date('d') + $vbulletin->GPC['period'], date('y')); break; case 'w': $expires = $vbulletin->GPC['period'] * 60 * 60 * 24 * 7 + TIMENOW; break; case 'y': $expires = mktime(date('H'), date('i'), date('s'), date('m'), date('d'), date('y') + $vbulletin->GPC['period']); break; case 'm': default: $expires = mktime(date('H'), date('i'), date('s'), date('m') + $vbulletin->GPC['period'], date('d'), date('y')); } $db->query_write("\n\t\t\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "threadredirect\n\t\t\t\t\t\t\t(threadid, expires)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t({$redirthreadid}, {$expires})\n\t\t\t\t\t"); } unset($redir); } else { // leave no redirect for hidden or deleted threads log_moderator_action($threadinfo, 'thread_moved_to_x', $destforuminfo['title']); } break; // *************************************************************** } // end switch($method) // kill the cache for the old thread delete_post_cache_threads(array($threadinfo['threadid'])); // Update Post Count if we move from a counting forum to a non counting or vice-versa.. // Source Dest Visible Thread Hidden Thread // Yes Yes ~ ~ // Yes No -visible ~ // No Yes +visible ~ // No No ~ ~ if ($threadinfo['visible'] and ($method == 'move' or $method == 'movered') and ($foruminfo['countposts'] and !$destforuminfo['countposts'] or !$foruminfo['countposts'] and $destforuminfo['countposts'])) { $posts = $db->query_read_slave("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "post\n\t\t\tWHERE threadid = {$threadinfo['threadid']}\n\t\t\t\tAND\tuserid > 0\n\t\t\t\tAND visible = 1\n\t\t"); $userbyuserid = array(); while ($post = $db->fetch_array($posts)) { if (!isset($userbyuserid["{$post['userid']}"])) { $userbyuserid["{$post['userid']}"] = 1; } else { $userbyuserid["{$post['userid']}"]++; } } if (!empty($userbyuserid)) { $userbypostcount = array(); foreach ($userbyuserid as $postuserid => $postcount) { $alluserids .= ",{$postuserid}"; $userbypostcount["{$postcount}"] .= ",{$postuserid}"; } foreach ($userbypostcount as $postcount => $userids) { $casesql .= " WHEN userid IN (0{$userids}) THEN {$postcount}"; } $operator = $destforuminfo['countposts'] ? '+' : '-'; $db->query_write("\n\t\t\t\tUPDATE " . TABLE_PREFIX . "user\n\t\t\t\tSET posts = CAST(posts AS SIGNED) {$operator}\n\t\t\t\t\tCASE\n\t\t\t\t\t\t{$casesql}\n\t\t\t\t\t\tELSE 0\n\t\t\t\t\tEND\n\t\t\t\tWHERE userid IN (0{$alluserids})\n\t\t\t"); } } build_forum_counters($threadinfo['forumid']); if ($threadinfo['forumid'] != $destforuminfo['forumid']) { build_forum_counters($destforuminfo['forumid']); } // Update canview status of thread subscriptions update_subscriptions(array('threadids' => array($threadid))); } // Undelete Posts if ($_POST['do'] == 'undeleteposts') { $vbulletin->input->clean_array_gpc('p', array('postids' => TYPE_STR)); $postids = explode(',', $vbulletin->GPC['postids']); foreach ($postids as $index => $postid) { if (intval($postid) == 0) { unset($postids["{$index}"]); } else { $postids["{$index}"] = intval($postid); } } if (empty($postids)) { standard_error(fetch_error('no_applicable_posts_selected')); } if (count($postids) > 400) { standard_error(fetch_error('you_are_limited_to_working_with_x_posts', $postlimit)); } $postids = implode(',', $postids); // Validate posts $posts = $db->query_read_slave("\n\t\tSELECT post.postid, post.threadid, post.parentid, post.visible, post.title, post.userid,\n\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.firstpostid, thread.visible AS thread_visible,\n\t\t\tforum.options AS forum_options\n\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\tLEFT JOIN " . TABLE_PREFIX . "forum AS forum USING (forumid)\n\t\tWHERE postid IN ({$postids})\n\t\t\tAND (post.visible = 2 OR (post.visible = 1 AND thread.visible = 2 AND post.postid = thread.firstpostid))\n\t\tORDER BY postid\n\t"); $deletethreads = array(); while ($post = $db->fetch_array($posts)) { $forumperms = fetch_permissions($post['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $post['postuserid'] != $vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } if ((!$post['visible'] or !$post['thread_visible']) and !can_moderate($post['forumid'], 'canmoderateposts')) { standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts')); } else { if (($post['visible'] == 2 or $post['thread_visible'] == 2) and !can_moderate($post['forumid'], 'candeleteposts')) { standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title'])); } } $postarray["{$post['postid']}"] = $post; $threadlist["{$post['threadid']}"] = true; $forumlist["{$post['forumid']}"] = true; if ($post['firstpostid'] == $post['postid']) { // undeleting a thread so need to update the $tinfo for any other posts in this thread $firstpost["{$post['threadid']}"] = true; } else { if (!empty($firstpost["{$post['threadid']}"])) { $postarray["{$post['postid']}"]['thread_visible'] = 1; } } } if (is_array($postarray)) { foreach ($postarray as $postid => $post) { $tinfo = array('threadid' => $post['threadid'], 'forumid' => $post['forumid'], 'visible' => $post['thread_visible'], 'firstpostid' => $post['firstpostid']); undelete_post($post['postid'], $post['forum_options'] & $vbulletin->bf_misc_forumoptions['countposts'], $post, $tinfo, false); } } if (is_array($threadlist)) { foreach (array_keys($threadlist) as $threadid) { build_thread_counters($threadid); } } if (is_array($forumlist)) { foreach (array_keys($forumlist) as $forumid) { build_forum_counters($forumid); } } } // Delete As Spam if ($_REQUEST['do'] == 'dodeletespam') { $vbulletin->input->clean_array_gpc('p', array('type' => TYPE_STR)); if ($vbulletin->GPC['type'] == 'post') { $vbulletin->input->clean_array_gpc('p', array('postids' => TYPE_STR)); $postids = explode(',', $vbulletin->GPC['postids']); foreach ($postids as $index => $postid) { if (intval($postid) == 0) { unset($postids["{$index}"]); } else { $postids["{$index}"] = intval($postid); } } if (empty($postids)) { standard_error(fetch_error('no_applicable_posts_selected')); } if (count($postids) > $postlimit) { standard_error(fetch_error('you_are_limited_to_working_with_x_posts', $postlimit)); } } else { $vbulletin->input->clean_array_gpc('p', array('threadid' => TYPE_STR)); $threadids = explode(',', $vbulletin->GPC['threadid']); foreach ($threadids as $index => $threadid) { if (intval($threadid) == 0) { unset($threadids["{$index}"]); } else { $threadids["{$index}"] = intval($threadid); } } if (empty($threadids)) { standard_error(fetch_error('you_did_not_select_any_valid_threads')); } if (count($threadids) > $threadlimit) { standard_error(fetch_error('you_are_limited_to_working_with_x_threads', $threadlimit)); } } $vbulletin->input->clean_array_gpc('p', array('banusers' => TYPE_BOOL, 'userids' => TYPE_STR)); $banusers = false; if ($vbulletin->GPC['banusers']) { $banusers = true; } $vbulletin->GPC['userid'] = split(',', $vbulletin->GPC['userids']); $vbulletin->GPC_exists['userid'] = true; $userids = array(); if ($vbulletin->GPC['type'] == 'thread') { // threads $threadarray = array(); $threads = $db->query_read_slave("\n\t\t\tSELECT threadid, open, visible, forumid, title, prefixid, postuserid\n\t\t\tFROM " . TABLE_PREFIX . "thread\n\t\t\tWHERE threadid IN (" . implode(',', $threadids) . ")\n\t\t"); while ($thread = $db->fetch_array($threads)) { $forumperms = fetch_permissions($thread['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $thread['postuserid'] != $vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } $thread['prefix_plain_html'] = $thread['prefixid'] ? htmlspecialchars_uni($vbphrase["prefix_{$thread['prefixid']}_title_plain"]) . ' ' : ''; if ($thread['open'] == 10) { if (!can_moderate($thread['forumid'], 'canmanagethreads')) { // No permission to remove redirects. standard_error(fetch_error('you_do_not_have_permission_to_manage_thread_redirects', $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title'])); } } else { if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts')) { standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts')); } else { if ($thread['visible'] == 2 and !can_moderate($thread['forumid'], 'candeleteposts')) { standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $vbphrase['n_a'], $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title'])); } else { if (!can_moderate($thread['forumid'], 'canremoveposts')) { if (!can_moderate($thread['forumid'], 'candeleteposts')) { standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title'])); } } else { if (!can_moderate($thread['forumid'], 'candeleteposts')) { if (!can_moderate($thread['forumid'], 'canremoveposts')) { standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['prefix_plain_html'] . $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title'])); } } } } } } $threadarray["{$thread['threadid']}"] = $thread; $userids["{$thread['postuserid']}"] = true; } if (empty($threadarray)) { standard_error(fetch_error('you_did_not_select_any_valid_threads')); } } else { // posts // Validate posts $postarray = array(); $posts = $db->query_read_slave("\n\t\t\tSELECT post.postid, post.threadid, post.visible, post.title, post.userid,\n\t\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.visible AS thread_visible, thread.firstpostid\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\t\tWHERE postid IN (" . implode(',', $postids) . ")\n\t\t"); while ($post = $db->fetch_array($posts)) { $forumperms = fetch_permissions($post['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $post['postuserid'] != $vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } if ((!$post['visible'] or !$post['thread_visible']) and !can_moderate($post['forumid'], 'canmoderateposts')) { standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts')); } else { if (($post['visible'] == 2 or $post['thread_visible'] == 2) and !can_moderate($post['forumid'], 'candeleteposts')) { standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title'])); } else { if (!can_moderate($post['forumid'], 'canremoveposts')) { if (!can_moderate($post['forumid'], 'candeleteposts')) { standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title'])); } } else { if (!can_moderate($post['forumid'], 'candeleteposts')) { if (!can_moderate($post['forumid'], 'canremoveposts')) { standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $post['title'], $post['thread_title'], $vbulletin->forumcache["{$post['forumid']}"]['title'])); } } } } } $postarray["{$post['postid']}"] = $post; $userids["{$post['userid']}"] = true; } if (empty($postarray)) { standard_error(fetch_error('no_applicable_posts_selected')); } } $user_cache = array(); foreach ($vbulletin->GPC['userid'] as $userid) { // check that userid appears somewhere in either posts / threads, if they don't then you're doing something naughty if (!isset($userids["{$userid}"])) { json_error(ERR_NO_PERMISSION); } $user_cache["{$userid}"] = fetch_userinfo($userid); cache_permissions($user_cache["{$userid}"]); $user_cache["{$userid}"]['joindate_string'] = vbdate($vbulletin->options['dateformat'], $user_cache["{$userid}"]['joindate']); } if ($banusers) { require_once DIR . '/includes/adminfunctions.php'; require_once DIR . '/includes/functions_banning.php'; if (!($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or can_moderate(0, 'canbanusers'))) { json_error(ERR_NO_PERMISSION); } // check that user has permission to ban the person they want to ban if (!($vbulletin->userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) { foreach ($user_cache as $userid => $userinfo) { if (can_moderate(0, '', $userinfo['userid'], $userinfo['usergroupid'] . (trim($userinfo['membergroupids']) ? ",{$userinfo['membergroupids']}" : '')) or $userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or $userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['ismoderator'] or is_unalterable_user($userinfo['userid'])) { standard_error(fetch_error('no_permission_ban_non_registered_users')); } } } else { foreach ($user_cache as $userid => $userinfo) { if ($userinfo['permissions']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] or is_unalterable_user($userinfo['userid'])) { standard_error(fetch_error('no_permission_ban_non_registered_users')); } } } } $vbulletin->input->clean_array_gpc('p', array('deleteother' => TYPE_BOOL, 'type' => TYPE_STR, 'deletetype' => TYPE_UINT, 'deletereason' => TYPE_STR, 'keepattachments' => TYPE_BOOL)); $vbulletin->GPC['deletereason'] = prepare_remote_utf8_string($vbulletin->GPC['deletereason']); // Check if we have users to punish if (!empty($user_cache)) { if ($banusers) { $vbulletin->input->clean_array_gpc('p', array('usergroupid' => TYPE_UINT, 'period' => TYPE_STR, 'reason' => TYPE_STR)); $vbulletin->GPC['reason'] = prepare_remote_utf8_string($vbulletin->GPC['reason']); if (!isset($vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]) or $vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]['genericoptions'] & $vbulletin->bf_ugp_genericoptions['isnotbannedgroup']) { standard_error(fetch_error('invalid_usergroup_specified')); } // check that the number of days is valid if ($vbulletin->GPC['period'] != 'PERMANENT' and !preg_match('#^(D|M|Y)_[1-9][0-9]?$#', $vbulletin->GPC['period'])) { standard_error(fetch_error('invalid_ban_period_specified')); } if ($vbulletin->GPC['period'] == 'PERMANENT') { // make this ban permanent $liftdate = 0; } else { // get the unixtime for when this ban will be lifted $liftdate = convert_date_to_timestamp($vbulletin->GPC['period']); } $user_dms = array(); $current_bans = $db->query_read("\n\t\t\t\t\tSELECT user.userid, userban.liftdate, userban.bandate\n\t\t\t\t\tFROM " . TABLE_PREFIX . "user AS user\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "userban AS userban ON(userban.userid = user.userid)\n\t\t\t\t\tWHERE user.userid IN (" . implode(',', array_keys($user_cache)) . ")\n\t\t\t\t"); while ($current_ban = $db->fetch_array($current_bans)) { $userinfo = $user_cache["{$current_ban['userid']}"]; $userid = $userinfo['userid']; if ($current_ban['bandate']) { // they already have a ban, check if the current one is being made permanent, continue if its not if ($liftdate and $liftdate < $current_ban['liftdate']) { continue; } // there is already a record - just update this record $db->query_write("\n\t\t\t\t\t\t\tUPDATE " . TABLE_PREFIX . "userban SET\n\t\t\t\t\t\t\tbandate = " . TIMENOW . ",\n\t\t\t\t\t\t\tliftdate = {$liftdate},\n\t\t\t\t\t\t\tadminid = " . $vbulletin->userinfo['userid'] . ",\n\t\t\t\t\t\t\treason = '" . $db->escape_string($vbulletin->GPC['reason']) . "'\n\t\t\t\t\t\t\tWHERE userid = {$userinfo['userid']}\n\t\t\t\t\t\t"); } else { // insert a record into the userban table /*insert query*/ $db->query_write("\n\t\t\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "userban\n\t\t\t\t\t\t\t(userid, usergroupid, displaygroupid, customtitle, usertitle, adminid, bandate, liftdate, reason)\n\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t({$userinfo['userid']}, {$userinfo['usergroupid']}, {$userinfo['displaygroupid']}, {$userinfo['customtitle']}, '" . $db->escape_string($userinfo['usertitle']) . "', " . $vbulletin->userinfo['userid'] . ", " . TIMENOW . ", {$liftdate}, '" . $db->escape_string($vbulletin->GPC['reason']) . "')\n\t\t\t\t\t\t"); } // update the user record $user_dms[$userid] =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $user_dms[$userid]->set_existing($userinfo); $user_dms[$userid]->set('usergroupid', $vbulletin->GPC['usergroupid']); $user_dms[$userid]->set('displaygroupid', 0); // update the user's title if they've specified a special user title for the banned group if ($vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]['usertitle'] != '') { $user_dms[$userid]->set('usertitle', $vbulletin->usergroupcache["{$vbulletin->GPC['usergroupid']}"]['usertitle']); $user_dms[$userid]->set('customtitle', 0); } $user_dms[$userid]->pre_save(); } foreach ($user_dms as $userdm) { $userdm->save(); } } } // delete threads that are defined explicitly as spam by being ticked $physicaldel = $vbulletin->GPC['deletetype'] == 2 ? true : false; $skipped_user_prune = array(); if ($vbulletin->GPC['deleteother'] and !empty($user_cache) and can_moderate(-1, 'canmassprune')) { $remove_all_posts = array(); $user_checks = $db->query_read_slave("SELECT COUNT(*) AS total, userid AS userid FROM " . TABLE_PREFIX . "post WHERE userid IN (" . implode(', ', array_keys($user_cache)) . ") GROUP BY userid"); while ($user_check = $db->fetch_array($user_checks)) { if (intval($user_check['total']) <= 50) { $remove_all_posts[] = $user_check['userid']; } else { $skipped_user_prune[] = $user_check['userid']; } } if (!empty($remove_all_posts)) { $threads = $db->query_read_slave("SELECT threadid FROM " . TABLE_PREFIX . "thread WHERE postuserid IN (" . implode(', ', $remove_all_posts) . ")"); while ($thread = $db->fetch_array($threads)) { $threadids[] = $thread['threadid']; } // Yes this can pick up firstposts of threads but we check later on when fetching info, so it won't matter if its already deleted $posts = $db->query_read_slave("SELECT postid FROM " . TABLE_PREFIX . "post WHERE userid IN (" . implode(', ', $remove_all_posts) . ")"); while ($post = $db->fetch_array($posts)) { $postids[] = $post['postid']; } } } if (!empty($threadids)) { // Validate threads $threads = $db->query_read_slave("\n\t\t\tSELECT threadid, open, visible, forumid, title, postuserid\n\t\t\tFROM " . TABLE_PREFIX . "thread\n\t\t\tWHERE threadid IN (" . implode(',', $threadids) . ")\n\t\t"); while ($thread = $db->fetch_array($threads)) { $forumperms = fetch_permissions($thread['forumid']); if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and $thread['postuserid'] != $vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } if ($thread['open'] == 10 and !can_moderate($thread['forumid'], 'canmanagethreads')) { // No permission to remove redirects. standard_error(fetch_error('you_do_not_have_permission_to_manage_thread_redirects', $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title'])); } else { if (!$thread['visible'] and !can_moderate($thread['forumid'], 'canmoderateposts')) { standard_error(fetch_error('you_do_not_have_permission_to_manage_moderated_threads_and_posts')); } else { if ($thread['visible'] == 2 and !can_moderate($thread['forumid'], 'candeleteposts')) { standard_error(fetch_error('you_do_not_have_permission_to_manage_deleted_threads_and_posts', $vbphrase['n_a'], $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title'])); } else { if ($thread['open'] != 10) { if (!can_moderate($thread['forumid'], 'canremoveposts') and $physicaldel) { standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title'])); } else { if (!can_moderate($thread['forumid'], 'candeleteposts') and !$physicaldel) { standard_error(fetch_error('you_do_not_have_permission_to_delete_threads_and_posts', $vbphrase['n_a'], $thread['title'], $vbulletin->forumcache["{$thread['forumid']}"]['title'])); } } } } } } $threadarray["{$thread['threadid']}"] = $thread; $forumlist["{$thread['forumid']}"] = true; } } $delinfo = array('userid' => $vbulletin->userinfo['userid'], 'username' => $vbulletin->userinfo['username'], 'reason' => $vbulletin->GPC['deletereason'], 'keepattachments' => $vbulletin->GPC['keepattachments']); foreach ($threadarray as $threadid => $thread) { $countposts = $vbulletin->forumcache["{$thread['forumid']}"]['options'] & $vbulletin->bf_misc_forumoptions['countposts']; if (!$physicaldel and $thread['visible'] == 2) { # Thread is already soft deleted continue; } $threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost'); $threadman->set_existing($thread); // Redirect if ($thread['open'] == 10) { $threadman->delete(false, true, $delinfo); } else { $threadman->delete($countposts, $physicaldel, $delinfo); } unset($threadman); } if (!empty($postids)) { // Validate Posts $posts = $db->query_read_slave("\n\t\t\tSELECT post.postid, post.threadid, post.parentid, post.visible, post.title,\n\t\t\t\tthread.forumid, thread.title AS thread_title, thread.postuserid, thread.firstpostid, thread.visible AS thread_visible\n\t\t\tFROM " . TABLE_PREFIX . "post AS post\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "thread AS thread USING (threadid)\n\t\t\tWHERE postid IN (" . implode(',', $postids) . ")\n\t\t\tORDER BY postid\n\t\t"); while ($post = $db->fetch_array($posts)) { $postarray["{$post['postid']}"] = $post; $threadlist["{$post['threadid']}"] = true; $forumlist["{$post['forumid']}"] = true; if ($post['firstpostid'] == $post['postid']) { // deleting a thread so do not decremement the counters of any other posts in this thread $firstpost["{$post['threadid']}"] = true; } else { if (!empty($firstpost["{$post['threadid']}"])) { $postarray["{$post['postid']}"]['skippostcount'] = true; } } } } $gotothread = true; foreach ($postarray as $postid => $post) { $foruminfo = fetch_foruminfo($post['forumid']); $postman =& datamanager_init('Post', $vbulletin, ERRTYPE_SILENT, 'threadpost'); $postman->set_existing($post); $postman->delete($foruminfo['countposts'] and !$post['skippostcount'], $post['threadid'], $physicaldel, $delinfo); unset($postman); if ($vbulletin->GPC['threadid'] == $post['threadid'] and $post['postid'] == $post['firstpostid']) { // we've deleted the thread that we activated this action from so we can only return to the forum $gotothread = false; } else { if ($post['postid'] == $postinfo['postid'] and $physicaldel) { // we came in via a post, which we have deleted so we have to go back to the thread $vbulletin->url = 'showthread.php?' . $vbulletin->session->vars['sessionurl'] . 't=' . $vbulletin->GPC['threadid']; } } } foreach (array_keys($threadlist) as $threadid) { build_thread_counters($threadid); } foreach (array_keys($forumlist) as $forumid) { build_forum_counters($forumid); } // empty cookie if ($vbulletin->GPC['type'] == 'thread') { setcookie('vbulletin_inlinethread', '', TIMENOW - 3600, '/'); } else { setcookie('vbulletin_inlinepost', '', TIMENOW - 3600, '/'); } } return array('success' => true); }