function xthreads_phptpl_eval_text($s)
{
require_once MYBB_ROOT . 'inc/xthreads/xt_phptpl_lib.php';
xthreads_sanitize_eval($s);
return eval_str($s);
}
function xthreads_check_condstr($s)
{
require_once MYBB_ROOT . 'inc/xthreads/xt_phptpl_lib.php';
xthreads_sanitize_eval($s);
return xthreads_check_evalstr($s);
}
function xthreads_moderation_custom_do(&$tids, $editstr)
{
if (!$editstr) {
return;
}
$edits = array();
// caching stuff
static $threadfields = null;
if (!isset($threadfields)) {
$threadfields = xthreads_gettfcache();
}
// grab all threadfields
require_once MYBB_ROOT . 'inc/xthreads/xt_phptpl_lib.php';
foreach (explode("\n", str_replace("{\n}", "\r", str_replace("\r", '', $editstr))) as $editline) {
$editline = trim(str_replace("\r", "\n", $editline));
list($n, $v) = explode('=', $editline, 2);
if (!isset($v)) {
continue;
}
// don't allow editing of file fields
if (!isset($threadfields[$n]) || $threadfields[$n]['inputtype'] == XTHREADS_INPUT_FILE) {
continue;
}
// we don't do much validation here as we trust admins, right?
// this is just a prelim check (speed optimisation) - we'll need to check this again after evaluating conditionals
$upperv = strtoupper($v);
if (($upperv === '' || $upperv == 'NULL' || $upperv == 'NUL') && $threadfields[$n]['datatype'] != XTHREADS_DATATYPE_TEXT) {
$edits[$n] = null;
} else {
$edits[$n] = $v;
xthreads_sanitize_eval($edits[$n], array('VALUE' => null, 'TID' => null));
}
}
if (empty($edits)) {
return;
}
$modfields = array_keys($edits);
global $db;
$query = $db->query('
SELECT t.tid, tfd.`' . implode('`, tfd.`', $modfields) . '`
FROM ' . TABLE_PREFIX . 'threads t
LEFT JOIN ' . TABLE_PREFIX . 'threadfields_data tfd ON t.tid=tfd.tid
WHERE t.tid IN (' . implode(',', $tids) . ')
');
//$query = $db->simple_select('threadfields_data', 'tid,`'.implode('`,`', $modfields).'`', 'tid IN ('.implode(',', $tids).')');
while ($thread = $db->fetch_array($query)) {
$updates = array();
foreach ($edits as $n => $v) {
if ($v !== null) {
// TODO: allowing conditionals direct access to multivals?
$v = trim(eval_str($v, array('VALUE' => $thread[$n], 'TID' => $thread['tid'])));
if ($threadfields[$n]['datatype'] != XTHREADS_DATATYPE_TEXT) {
$upperv = strtoupper($v);
if ($upperv == '' || $upperv == 'NULL' || $upperv == 'NUL') {
$v = null;
}
// TODO: intval/floatval here?
}
}
if ($v !== $thread[$n]) {
// we'll do some basic validation for multival fields
if (!xthreads_empty($threadfields[$n]['multival'])) {
$d = "\n";
if ($threadfields[$n]['inputtype'] == XTHREADS_INPUT_TEXT) {
$d = ',';
}
$v = array_unique(array_map('trim', explode($d, str_replace("\r", '', $v))));
foreach ($v as $key => &$val) {
if (xthreads_empty($val)) {
unset($v[$key]);
}
}
$v = implode($d, $v);
}
$updates[$n] = $v;
}
}
if (!empty($updates)) {
xthreads_db_update_replace('threadfields_data', $updates, 'tid', $thread['tid']);
}
}
$db->free_result($query);
}
