/** * MyBB 1.8 * Copyright 2014 MyBB Group, All Rights Reserved * * Website: http://www.mybb.com * License: http://www.mybb.com/about/license * */ function task_versioncheck($task) { global $cache, $lang, $mybb; $current_version = rawurlencode($mybb->version_code); $updated_cache = array('last_check' => TIME_NOW); // Check for the latest version require_once MYBB_ROOT . 'inc/class_xml.php'; $contents = fetch_remote_file("http://www.mybb.com/version_check.php"); if (!$contents) { add_task_log($task, $lang->task_versioncheck_ran_errors); return false; } $pos = strpos($contents, "<"); if ($pos > 1) { $contents = substr($contents, $pos); } $pos = strpos(strrev($contents), ">"); if ($pos > 1) { $contents = substr($contents, 0, -1 * ($pos - 1)); } $parser = new XMLParser($contents); $tree = $parser->get_tree(); $latest_code = (int) $tree['mybb']['version_code']['value']; $latest_version = "<strong>" . htmlspecialchars_uni($tree['mybb']['latest_version']['value']) . "</strong> (" . $latest_code . ")"; if ($latest_code > $mybb->version_code) { $latest_version = "<span style=\"color: #C00;\">" . $latest_version . "</span>"; $version_warn = 1; $updated_cache['latest_version'] = $latest_version; $updated_cache['latest_version_code'] = $latest_code; } else { $latest_version = "<span style=\"color: green;\">" . $latest_version . "</span>"; } // Check for the latest news require_once MYBB_ROOT . "inc/class_feedparser.php"; $feed_parser = new FeedParser(); $feed_parser->parse_feed("http://feeds.feedburner.com/MyBBDevelopmentBlog"); $updated_cache['news'] = array(); require_once MYBB_ROOT . '/inc/class_parser.php'; $post_parser = new postParser(); if ($feed_parser->error == '') { foreach ($feed_parser->items as $item) { if (isset($updated_cache['news'][2])) { break; } $description = $item['description']; $description = $post_parser->parse_message($description, array('allow_html' => true)); $description = preg_replace('#<img(.*)/>#', '', $description); $updated_cache['news'][] = array('title' => htmlspecialchars_uni($item['title']), 'description' => $description, 'link' => htmlspecialchars_uni($item['link']), 'author' => htmlspecialchars_uni($item['author']), 'dateline' => $item['date_timestamp']); } } $cache->update("update_check", $updated_cache); add_task_log($task, $lang->task_versioncheck_ran); }
static function LoadFromBeforeStartDate(DateTime $startDate, $count) { global $db, $parser, $mybb; $messages = array(); $formattedStartDate = $startDate->format("'Y-m-d H:i:s'"); $TABLE_PREFIX = TABLE_PREFIX; $query = $db->query("SELECT * FROM(\n SELECT m.`Id`, m.`SentAt`, m.`uid`, m.`Ip`, m.`Message`,\n u.`username`, u.`usergroup`, u.`displaygroup`\n FROM {$TABLE_PREFIX}badgerchat_messages m\n INNER JOIN {$TABLE_PREFIX}users u ON u.uid = m.uid\n WHERE m.`SentAt` < {$formattedStartDate}\n ORDER BY m.`SentAt` DESC LIMIT {$count}\n ) messages\n ORDER BY SentAt ASC"); $parser = new postParser(); $parser_options = array('allow_mycode' => 1, 'allow_smilies' => 1, 'allow_imgcode' => 0, 'allow_html' => 0, "allow_videocode" => 0); //TODO: Get back more info on the user (name styling) while ($row = $db->fetch_array($query)) { $parsedMessage = $parser->parse_message($row['Message'], $parser_options); $displayName = UsernameFormatter::Format($row['uid'], $row['username'], $row['usergroup'], $row['displaygroup']); array_push($messages, new Message($row["Id"], $row["SentAt"], $displayName, $row["Ip"], $parsedMessage)); } return $messages; }
$templatelist .= ",codebuttons,smilieinsert,modcp_announcements_new,modcp_modqueue_empty,forumjump_bit,forumjump_special,modcp_warninglogs_warning_revoked,modcp_warninglogs_warning,modcp_ipsearch_result,modcp_nav_modqueue,modcp_banuser_liftlist"; $templatelist .= ",modcp_modlogs,modcp_finduser_user,modcp_finduser,usercp_profile_customfield,usercp_profile_profilefields,modcp_ipsearch_noresults,modcp_ipsearch_results,modcp_ipsearch_misc_info,modcp_nav_announcements,modcp_modqueue_post_link"; $templatelist .= ",modcp_editprofile,modcp_ipsearch,modcp_banuser_addusername,modcp_banuser,modcp_warninglogs_nologs,modcp_banuser_editusername,modcp_lastattachment,modcp_lastpost,modcp_lastthread,modcp_nobanned,modcp_modqueue_thread_link"; $templatelist .= ",modcp_warninglogs,modcp_modlogs_result,modcp_editprofile_signature,forumjump_advanced,smilieinsert_getmore,smilieinsert_smilie,smilieinsert_smilie_empty,modcp_announcements_forum_nomod,modcp_announcements_announcement"; $templatelist .= ",multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,modcp_editprofile_away,modcp_awaitingattachments,modcp_modqueue_attachment_link,modcp_latestfivemodactions,modcp_nav_banning"; $templatelist .= ",postbit_groupimage,postbit_userstar,postbit_online,postbit_offline,postbit_away,postbit_avatar,postbit_find,postbit_pm,postbit_email,postbit_www,postbit_author_user,announcement_edit,announcement_quickdelete,postbit,preview,postmodcp_nav_announcements,modcp_nav_reportcenter,modcp_nav_modlogs"; $templatelist .= ",modcp_awaitingmoderation_none,modcp_banning_edit,modcp_banuser_bangroups_group,modcp_banuser_lift,modcp_modlogs_result_announcement,modcp_modlogs_result_forum,modcp_modlogs_result_post,modcp_modlogs_result_thread,modcp_modlogs_user"; $templatelist .= ",modcp_nav_warninglogs,modcp_nav_ipsearch,modcp_nav_users,modcp_announcements_day,modcp_announcements_month_start,modcp_announcements_month_end,modcp_announcements_announcement_expired,modcp_announcements_announcement_active"; $templatelist .= ",modcp_modqueue_link_forum,modcp_modqueue_link_thread,usercp_profile_day,usercp_profile_away,modcp_ipsearch_result_regip,modcp_ipsearch_result_lastip,modcp_ipsearch_result_post,modcp_ipsearch_results_information,usercp_profile_profilefields_text"; $templatelist .= ",usercp_profile_profilefields_select_option,usercp_profile_profilefields_multiselect,usercp_profile_profilefields_select,usercp_profile_profilefields_textarea,usercp_profile_profilefields_radio,usercp_profile_profilefields_checkbox"; require_once "./global.php"; require_once MYBB_ROOT . "inc/functions_user.php"; require_once MYBB_ROOT . "inc/functions_upload.php"; require_once MYBB_ROOT . "inc/functions_modcp.php"; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Set up the array of ban times. $bantimes = fetch_ban_times(); // Load global language phrases $lang->load("modcp"); $lang->load("announcements"); if ($mybb->user['uid'] == 0 || $mybb->usergroup['canmodcp'] != 1) { error_no_permission(); } if (!$mybb->settings['threadsperpage'] || (int) $mybb->settings['threadsperpage'] < 1) { $mybb->settings['threadsperpage'] = 20; } $tflist = $flist = $tflist_queue_threads = $flist_queue_threads = $tflist_queue_posts = $flist_queue_posts = $tflist_queue_attach = $flist_queue_attach = $wflist_reports = $tflist_reports = $flist_reports = $tflist_modlog = $flist_modlog = $errors = ''; // SQL for fetching items only related to forums this user moderates $moderated_forums = array(); if ($mybb->usergroup['issupermod'] != 1) {
td.spacer { height: 10px; } .char { float: left; margin-right: 1px; } </style> <table width="100%" cellpadding="0" cellspacing="0" style="padding-top:10px;"> <tbody><tr> <td> <div id="chat_table"> <?php require_once 'forum/inc/class_parser.php'; $parser = new postParser(); $url = '/logs'; $where = ''; if (!empty($_GET['search'])) { $search = trim(db_escape_string($_GET['search'])); $result = db_query('SELECT uid FROM mybb_users WHERE username="******"'); if (mysqli_num_rows($result) == 0) { $uid = -1; } else { $uid = mysqli_fetch_array($result); $uid = $uid['uid']; } $where = " WHERE uid={$uid} OR username LIKE \"%{$search}%\"OR message LIKE \"%{$search}%\""; $url .= '?search=' . htmlspecialchars($search); } else { $search = '';
admin_redirect("index.php?module=tools-warninglog"); } $user = get_user(intval($warning['uid'])); $page->add_breadcrumb_item($lang->warning_details, "index.php?module=tools-warninglog&action=view&wid={$warning['wid']}"); $page->output_header($lang->warning_details); $user_link = build_profile_link($user['username'], $user['uid'], "_blank"); if (is_array($warn_errors)) { $page->output_inline_error($warn_errors); $mybb->input['reason'] = htmlspecialchars_uni($mybb->input['reason']); } $table = new Table(); $post_link = ""; if ($warning['post_subject']) { if (!is_object($parser)) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $warning['post_subject'] = $parser->parse_badwords($warning['post_subject']); $warning['post_subject'] = htmlspecialchars_uni($warning['post_subject']); $post_link = get_post_link($warning['pid']); $table->construct_cell("<strong>{$lang->warned_user}</strong><br /><br />{$user_link}"); $table->construct_cell("<strong>{$lang->post}</strong><br /><br /><a href=\"{$mybb->settings['bburl']}/{$post_link}\" target=\"_blank\">{$warning['post_subject']}</a>"); $table->construct_row(); } else { $table->construct_cell("<strong>{$lang->warned_user}</strong><br /><br />{$user_link}", array('colspan' => 2)); $table->construct_row(); } $issuedby = build_profile_link($warning['username'], $warning['issuedby'], "_blank"); $notes = nl2br(htmlspecialchars_uni($warning['notes'])); $date_issued = my_date($mybb->settings['dateformat'], $warning['dateline']) . ", " . my_date($mybb->settings['timeformat'], $warning['dateline']); if ($warning['type_title']) {
* * Website: http://mybb.com * License: http://mybb.com/about/license * * $Id$ */ define("IN_MYBB", 1); define('THIS_SCRIPT', 'calendar.php'); $templatelist = "calendar_weekdayheader,calendar_weekrow_day,calendar_weekrow,calendar,calendar_addevent,calendar_move"; $templatelist .= ",calendar_weekview_day,calendar_weekview_day_event,calendar_mini_weekdayheader,calendar_mini_weekrow_day,calendar_mini_weekrow,calendar_mini,calendar_weekview_month,calendar_weekview,calendar_eventbit,calendar_addeventlink"; $templatelist .= ",calendar_event_editbutton,calendar_event_modoptions,calendar_event,calendar_dayview_event,calendar_dayview,codebuttons,smilieinsert,smilieinsert_getmore,calendar_editevent,calendar_dayview_birthdays_bday,calendar_dayview_birthdays,calendar_dayview_noevents"; require_once "./global.php"; require_once MYBB_ROOT . "inc/functions_calendar.php"; require_once MYBB_ROOT . "inc/functions_post.php"; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Load global language phrases $lang->load("calendar"); if ($mybb->settings['enablecalendar'] == 0) { error($lang->calendar_disabled); } if ($mybb->usergroup['canviewcalendar'] == 0) { error_no_permission(); } $monthnames = array("offset", $lang->alt_month_1, $lang->alt_month_2, $lang->alt_month_3, $lang->alt_month_4, $lang->alt_month_5, $lang->alt_month_6, $lang->alt_month_7, $lang->alt_month_8, $lang->alt_month_9, $lang->alt_month_10, $lang->alt_month_11, $lang->alt_month_12); // Make navigation add_breadcrumb($lang->nav_calendar, "calendar.php"); $calendar_jump = build_calendar_jump($mybb->input['calendar']); // Add an event if ($mybb->input['action'] == "do_addevent" && $mybb->request_method == "post") { $query = $db->simple_select("calendars", "*", "cid='" . intval($mybb->input['calendar']) . "'");
/** * Build a post bit * * @param array The post data * @param int The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post) * @return string The built post bit */ function build_postbit($post, $post_type = 0) { global $db, $altbg, $theme, $mybb, $postcounter; global $titlescache, $page, $templates, $forumpermissions, $attachcache; global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid; global $plugins, $parser, $cache, $ignored_users, $hascustomtitle; $hascustomtitle = 0; // Set default values for any fields not provided here foreach (array('subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm') as $post_field) { if (empty($post[$post_field])) { $post[$post_field] = ''; } } // Set up the message parser if it doesn't already exist. if (!$parser) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $unapproved_shade = ''; if ($post['visible'] == 0 && $post_type == 0) { $altbg = $unapproved_shade = 'trow_shaded'; } elseif ($altbg == 'trow1') { $altbg = 'trow2'; } else { $altbg = 'trow1'; } $post['fid'] = $fid; switch ($post_type) { case 1: // Message preview global $forum; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = 0; break; case 2: // Private message global $message, $pmid; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; break; case 3: // Announcement global $announcementarray, $message; $parser_options['allow_html'] = $announcementarray['allowhtml']; $parser_options['allow_mycode'] = $announcementarray['allowmycode']; $parser_options['allow_smilies'] = $announcementarray['allowsmilies']; $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; break; default: // Regular post global $forum, $thread, $tid; $oldforum = $forum; $id = intval($post['pid']); $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } break; } // Sanatize our custom profile fields for use in templates, if people choose to use them foreach ($post as $post_field => $field_value) { if (substr($post_field, 0, 3) != 'fid') { continue; } $post[$post_field] = htmlspecialchars_uni($field_value); } if (!$postcounter) { // Used to show the # of the post if ($page > 1) { if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) { $mybb->settings['postsperpage'] = 20; } $postcounter = $mybb->settings['postsperpage'] * ($page - 1); } else { $postcounter = 0; } $post_extra_style = "border-top-width: 0;"; } elseif ($mybb->input['mode'] == "threaded") { $post_extra_style = "border-top-width: 0;"; } else { $post_extra_style = "margin-top: 5px;"; } if (!$altbg) { // Define the alternate background colour if this is the first post $altbg = "trow1"; } $postcounter++; // Format the post date and time using my_date $post['postdate'] = my_date($mybb->settings['dateformat'], $post['dateline']); $post['posttime'] = my_date($mybb->settings['timeformat'], $post['dateline']); // Dont want any little 'nasties' in the subject $post['subject'] = $parser->parse_badwords($post['subject']); // Pm's have been htmlspecialchars_uni()'ed already. if ($post_type != 2) { $post['subject'] = htmlspecialchars_uni($post['subject']); } if (empty($post['subject'])) { $post['subject'] = ' '; } $post['author'] = $post['uid']; // Get the usergroup if ($post['userusername']) { if (!$post['displaygroup']) { $post['displaygroup'] = $post['usergroup']; } $usergroup = $groupscache[$post['displaygroup']]; } else { $usergroup = $groupscache[1]; } if (!is_array($titlescache)) { $cached_titles = $cache->read("usertitles"); if (!empty($cached_titles)) { foreach ($cached_titles as $usertitle) { $titlescache[$usertitle['posts']] = $usertitle; } } if (is_array($titlescache)) { krsort($titlescache); } unset($usertitle, $cached_titles); } // Work out the usergroup/title stuff $post['groupimage'] = ''; if (!empty($usergroup['image'])) { $language = $mybb->settings['bblanguage']; if (!empty($mybb->user['language'])) { $language = $mybb->user['language']; } $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']); $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']); eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";"); if ($mybb->settings['postlayout'] == "classic") { $post['groupimage'] .= "<br />"; } } if ($post['userusername']) { // This post was made by a registered user $post['username'] = $post['userusername']; $post['profilelink_plain'] = get_profile_link($post['uid']); $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']); $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']); if (trim($post['usertitle']) != "") { $hascustomtitle = 1; } if ($usergroup['usertitle'] != "" && !$hascustomtitle) { $post['usertitle'] = $usergroup['usertitle']; } elseif (is_array($titlescache) && !$usergroup['usertitle']) { reset($titlescache); foreach ($titlescache as $key => $titleinfo) { if ($post['postnum'] >= $key) { if (!$hascustomtitle) { $post['usertitle'] = $titleinfo['title']; } $post['stars'] = $titleinfo['stars']; $post['starimage'] = $titleinfo['starimage']; break; } } } if ($usergroup['stars']) { $post['stars'] = $usergroup['stars']; } if (empty($post['starimage'])) { $post['starimage'] = $usergroup['starimage']; } if ($post['starimage'] && $post['stars']) { // Only display stars if we have an image to use... $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']); $post['userstars'] = ''; for ($i = 0; $i < $post['stars']; ++$i) { $post['userstars'] .= "<img src=\"" . $post['starimage'] . "\" border=\"0\" alt=\"*\" />"; } $post['userstars'] .= "<br />"; } $postnum = $post['postnum']; $post['postnum'] = my_number_format($post['postnum']); // Determine the status to show for the user (Online/Offline/Away) $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if ($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_online") . "\";"); } else { if ($post['away'] == 1 && $mybb->settings['allowaway'] != 0) { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_away") . "\";"); } else { eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";"); } } if ($post['avatar'] != "" && ($mybb->user['showavatars'] != 0 || !$mybb->user['uid'])) { $post['avatar'] = htmlspecialchars_uni($post['avatar']); $avatar_dimensions = explode("|", $post['avatardimensions']); if ($avatar_dimensions[0] && $avatar_dimensions[1]) { list($max_width, $max_height) = explode("x", my_strtolower($mybb->settings['postmaxavatarsize'])); if ($avatar_dimensions[0] > $max_width || $avatar_dimensions[1] > $max_height) { require_once MYBB_ROOT . "inc/functions_image.php"; $scaled_dimensions = scale_image($avatar_dimensions[0], $avatar_dimensions[1], $max_width, $max_height); $avatar_width_height = "width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\""; } else { $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\""; } } eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";"); $post['avatar_padding'] = "padding-right: 10px;"; } else { $post['useravatar'] = ''; $post['avatar_padding'] = ''; } eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";"); if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) { eval("\$post['button_pm'] = \"" . $templates->get("postbit_pm") . "\";"); } if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid']) { if (!$post['pid']) { $post['pid'] = 0; } eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";"); } if ($post['website'] != "") { $post['website'] = htmlspecialchars_uni($post['website']); eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";"); } else { $post['button_www'] = ""; } if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) { eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";"); } else { $post['button_email'] = ""; } $post['userregdate'] = my_date($mybb->settings['regdateformat'], $post['regdate']); // Work out the reputation this user has (only show if not announcement) if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) { $post['userreputation'] = get_reputation($post['reputation'], $post['uid']); eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";"); } // Showing the warning level? (only show if not announcement) if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) { $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); if ($warning_level > 100) { $warning_level = 100; } $warning_level = get_colored_warning_level($warning_level); // If we can warn them, it's not the same person, and we're in a PM or a post. if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) { eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";"); $warning_link = "warnings.php?uid={$post['uid']}"; } else { $warning_link = "usercp.php"; } eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";"); } eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";"); } else { // Message was posted by a guest or an unknown user $post['profilelink'] = format_name($post['username'], 1); if ($usergroup['usertitle']) { $post['usertitle'] = $usergroup['usertitle']; } else { $post['usertitle'] = $lang->guest; } $usergroup['title'] = $lang->na; $post['userregdate'] = $lang->na; $post['postnum'] = $lang->na; $post['button_profile'] = ''; $post['button_email'] = ''; $post['button_www'] = ''; $post['signature'] = ''; $post['button_pm'] = ''; $post['button_find'] = ''; $post['onlinestatus'] = ''; $post['replink'] = ''; eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";"); } $post['button_edit'] = ''; $post['button_quickdelete'] = ''; $post['button_quote'] = ''; $post['button_quickquote'] = ''; $post['button_report'] = ''; // For private messages, fetch the reply/forward/delete icons if ($post_type == 2 && $post['pmid']) { global $replyall; eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";"); eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";"); eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";"); if ($replyall == true) { eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";"); } } if (!$post_type) { // Figure out if we need to show an "edited by" message $post['editedmsg'] = ''; if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) { $post['editdate'] = my_date($mybb->settings['dateformat'], $post['edittime']); $post['edittime'] = my_date($mybb->settings['timeformat'], $post['edittime']); $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate'], $post['edittime']); $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']); eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";"); } if ((is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid']) && $mybb->user['uid'] != 0) { eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";"); } // Quick Delete button $can_delete = 0; if ($mybb->user['uid'] == $post['uid']) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete = 1; } } } if ((is_moderator($fid, "candeleteposts") || $can_delete == 1) && $mybb->user['uid'] != 0) { eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } // Inline moderation stuff if ($ismod) { if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) { $inlinecheck = "checked=\"checked\""; $inlinecount++; } else { $inlinecheck = ""; } eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";"); if ($post['visible'] == 0) { $invisiblepost = 1; } } else { $post['inlinecheck'] = ""; } $post['postlink'] = get_post_link($post['pid'], $post['tid']); eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";"); global $forum, $thread; if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid']))) { eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";"); } if ($forumpermissions['canpostreplys'] != 0 && ($thread['closed'] != 1 || is_moderator($fid)) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) { eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";"); } if ($mybb->user['uid'] != "0") { eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";"); } if ($mybb->settings['logip'] != "no") { if ($mybb->settings['logip'] == "show") { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";"); } else { if ($mybb->settings['logip'] == "hide" && is_moderator($fid, "canviewips")) { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";"); } else { $post['iplogged'] = ""; } } } else { $post['iplogged'] = ""; } } elseif ($post_type == 3) { if ($mybb->usergroup['issupermod'] == 1 || is_moderator($fid)) { eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";"); eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";"); } } if ($post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } // If we have incoming search terms to highlight - get it done. if (!empty($mybb->input['highlight'])) { $parser_options['highlight'] = $mybb->input['highlight']; $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']); } $post['message'] = $parser->parse_message($post['message'], $parser_options); get_post_attachments($id, $post); if ($post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts'])) { $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($usergroup['signofollow']) { $sig_parser['nofollow_on'] = 1; } $post['signature'] = $parser->parse_message($post['signature'], $sig_parser); eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";"); } else { $post['signature'] = ""; } $icon_cache = $cache->read("posticons"); if ($post['icon'] > 0 && $icon_cache[$post['icon']]) { $icon = $icon_cache[$post['icon']]; $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); $post['icon'] = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" style=\"vertical-align: middle;\" /> "; } else { $post['icon'] = ""; } $post_visibility = ''; switch ($post_type) { case 1: // Message preview $post = $plugins->run_hooks("postbit_prev", $post); break; case 2: // Private message $post = $plugins->run_hooks("postbit_pm", $post); break; case 3: // Announcement $post = $plugins->run_hooks("postbit_announcement", $post); break; default: // Regular post $post = $plugins->run_hooks("postbit", $post); // Is this author on the ignore list of the current user? Hide this post $ignore_bit = ''; if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) { $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']); eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";"); $post_visibility = "display: none;"; } break; } if ($mybb->settings['postlayout'] == "classic") { eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";"); } else { eval("\$postbit = \"" . $templates->get("postbit") . "\";"); } $GLOBALS['post'] = ""; return $postbit; }
/** * MyBB 1.6 * Copyright 2010 MyBB Group, All Rights Reserved * * Website: http://mybb.com * License: http://mybb.com/about/license * * $Id$ */ define("IN_MYBB", 1); define('THIS_SCRIPT', 'sendthread.php'); $templatelist = "sendthread,forumdisplay_password_wrongpass,forumdisplay_password"; require_once "./global.php"; require_once MYBB_ROOT . "inc/functions_post.php"; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Load global language phrases $lang->load("sendthread"); // Get thread info $tid = intval($mybb->input['tid']); $thread = get_thread($tid); // Get thread prefix $breadcrumbprefix = ''; if ($thread['prefix']) { $threadprefix = build_prefixes($thread['prefix']); if (isset($threadprefix['displaystyle'])) { $breadcrumbprefix = $threadprefix['displaystyle'] . ' '; } } $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); // Invalid thread
/** * Format an alert into it's output string to be used in both the main * alerts listing page and the popup. * * @param MybbStuff_MyAlerts_Entity_Alert $alert The alert to format. * * @return string The formatted alert string. */ public function formatAlert(MybbStuff_MyAlerts_Entity_Alert $alert, array $outputAlert) { $alertContent = $alert->getExtraDetails(); $threadLink = $this->buildShowLink($alert); return $this->lang->sprintf($this->lang->myalerts_post_threadauthor, $outputAlert['from_user'], htmlspecialchars_uni($this->parser->parse_badwords($alertContent['t_subject']))); }
/** * MyBB 1.8 * Copyright 2014 MyBB Group, All Rights Reserved * * Website: http://www.mybb.com * License: http://www.mybb.com/about/license * */ define("IN_MYBB", 1); define('THIS_SCRIPT', 'reputation.php'); $templatelist = "reputation_addlink,reputation_no_votes,reputation,reputation_vote,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,reputation_vote_delete"; $templatelist .= ",reputation_add_delete,reputation_add_neutral,reputation_add_positive,reputation_add_negative,reputation_add_error,reputation_add_error_nomodal,reputation_add,reputation_added,reputation_deleted,reputation_vote_report,postbit_reputation_formatted_link"; require_once "./global.php"; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Load global language phrases $lang->load("reputation"); $plugins->run_hooks("reputation_start"); // Check if the reputation system is globally disabled or not. if ($mybb->settings['enablereputation'] != 1) { error($lang->reputation_disabled); } // Does this user have permission to view the board? if ($mybb->usergroup['canview'] != 1) { error_no_permission(); } // If we have a specified incoming username, validate it and fetch permissions for it $uid = $mybb->get_input('uid', MyBB::INPUT_INT); $user = get_user($uid); if (!$user) {
// Make sure we are looking at a real thread here. if ($thread['visible'] != 1 && $ismod == false || $thread['visible'] > 1 && $ismod == true) { error($lang->error_invalidthread); } add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions"); add_breadcrumb($lang->nav_addsubscription); $forumpermissions = forum_permissions($thread['fid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']) { error_no_permission(); } $referrer = ''; if ($server_http_referer) { $referrer = $server_http_referer; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $thread['subject'] = $parser->parse_badwords($thread['subject']); $thread['subject'] = htmlspecialchars_uni($thread['subject']); $lang->subscribe_to_thread = $lang->sprintf($lang->subscribe_to_thread, $thread['subject']); $notification_none_checked = $notification_email_checked = $notification_pm_checked = ''; if ($mybb->user['subscriptionmethod'] == 1 || $mybb->user['subscriptionmethod'] == 0) { $notification_none_checked = "checked=\"checked\""; } else { if ($mybb->user['subscriptionmethod'] == 2) { $notification_email_checked = "checked=\"checked\""; } else { if ($mybb->user['subscriptionmethod'] == 3) { $notification_pm_checked = "checked=\"checked\""; } } }
function process_short_content($post_text, $parser = null, $length = 200) { global $parser, $mybb; require_once MYBB_ROOT . $mybb->settings['tapatalk_directory'] . '/emoji/emoji.class.php'; $post_text = tapatalkEmoji::covertNameToEmpty($post_text); if ($parser === null) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $array_reg = array(array('reg' => '/\\[color=(.*?)\\](.*?)\\[\\/color\\]/sei', 'replace' => "mobi_color_convert('\$1','\$2' ,false)"), array('reg' => '/\\[php\\](.*?)\\[\\/php\\]/si', 'replace' => '[php]'), array('reg' => '/\\[align=(.*?)\\](.*?)\\[\\/align\\]/si', replace => " \$2 "), array('reg' => '/\\[email\\](.*?)\\[\\/email\\]/si', replace => "[url]"), array('reg' => '/\\[quote(.*?)\\](.*?)\\[\\/quote\\]/si', 'replace' => '[quote]'), array('reg' => '/\\[code\\](.*?)\\[\\/code\\]/si', 'replace' => ''), array('reg' => '/\\[url=(.*?)\\](.*?)\\[\\/url\\]/sei', 'replace' => "mobi_url_convert('\$1','\$2')"), array('reg' => '/\\[img(.*?)\\](.*?)\\[\\/img\\]/si', 'replace' => '[img]'), array('reg' => '/\\[video=(.*?)\\](.*?)\\[\\/video\\]/si', 'replace' => '[V]'), array('reg' => '/\\[attachment=(.*?)\\]/si', 'replace' => '[attach]')); foreach ($array_reg as $arr) { $post_text = preg_replace($arr['reg'], $arr['replace'], $post_text); } //$post_text = tt_covert_list($post_text, '/\[list=1\](.*?)\[\/list\]/si', '2'); //$post_text = tt_covert_list($post_text, '/\[list\](.*?)\[\/list\]/si', '1'); $parser_options = array('allow_html' => 0, 'allow_mycode' => 1, 'allow_smilies' => 0, 'allow_imgcode' => 0, 'filter_badwords' => 1); $post_text = strip_tags($parser->parse_message($post_text, $parser_options)); $post_text = preg_replace('/\\s+/', ' ', $post_text); $post_text = html_entity_decode($post_text); if (my_strlen($post_text) > $length) { $post_text = my_substr(trim($post_text), 0, $length); } return $post_text; }
$templatelist .= ",usercp_nav_editsignature,usercp_referrals,usercp_notepad,usercp_latest_threads_threads,forumdisplay_thread_gotounread,usercp_latest_threads,usercp_subscriptions_remove,usercp_nav_messenger_folder,usercp_profile_profilefields_text"; $templatelist .= ",usercp_editsig_suspended,usercp_editsig,usercp_avatar_current,usercp_options_timezone_option,usercp_drafts"; $templatelist .= ",usercp_avatar,usercp_editlists_userusercp_editlists,usercp_drafts_draft,usercp_usergroups_joingroup,usercp_attachments_none,usercp_avatar_upload,usercp_options_timezone,usercp_usergroups_joinable_usergroup_join"; $templatelist .= ",usercp_warnings_warning,usercp_warnings,usercp_latest_subscribed_threads,usercp_latest_subscribed,usercp_nav_messenger_tracking,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,usercp_options_language,usercp_options_date_format"; $templatelist .= ",codebuttons,smilieinsert_getmore,smilieinsert_smilie,smilieinsert_smilie_empty,smilieinsert,usercp_nav_messenger_compose,usercp_options_language_option,usercp_editlists"; $templatelist .= ",usercp_profile_profilefields_select_option,usercp_profile_profilefields_multiselect,usercp_profile_profilefields_select,usercp_profile_profilefields_textarea,usercp_profile_profilefields_radio,usercp_profile_profilefields_checkbox"; $templatelist .= ",usercp_options_tppselect_option,usercp_options_pppselect_option,forumbit_depth2_forum_lastpost_never,forumbit_depth2_forum_lastpost_hidden,usercp_avatar_auto_resize_auto,usercp_avatar_auto_resize_user,usercp_options"; $templatelist .= ",usercp_editlists_no_buddies,usercp_editlists_no_ignored,usercp_editlists_no_requests,usercp_editlists_received_requests,usercp_editlists_sent_requests,usercp_drafts_draft_thread,usercp_drafts_draft_forum"; $templatelist .= ",usercp_usergroups_leader_usergroup_memberlist,usercp_usergroups_leader_usergroup_moderaterequests,usercp_usergroups_memberof_usergroup_leaveprimary,usercp_usergroups_memberof_usergroup_display,usercp_email"; $templatelist .= ",usercp_usergroups_memberof_usergroup_leaveleader,usercp_usergroups_memberof_usergroup_leaveother,usercp_usergroups_memberof_usergroup_leave,usercp_usergroups_joinable_usergroup_description,usercp_options_time_format"; $templatelist .= ",usercp_editlists_sent_request,usercp_editlists_received_request,usercp_drafts_none,usercp_usergroups_memberof_usergroup_setdisplay,usercp_usergroups_memberof_usergroup_description,usercp_editlists_user,usercp_profile_day,usercp_profile_contact_fields,usercp_profile_contact_fields_field,usercp_profile_website"; require_once "./global.php"; require_once MYBB_ROOT . "inc/functions_post.php"; require_once MYBB_ROOT . "inc/functions_user.php"; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Load global language phrases $lang->load("usercp"); if ($mybb->user['uid'] == 0 || $mybb->usergroup['canusercp'] == 0) { error_no_permission(); } if (!$mybb->user['pmfolders']) { $mybb->user['pmfolders'] = "1**" . $lang->folder_inbox . "\$%%\$2**" . $lang->folder_sent_items . "\$%%\$3**" . $lang->folder_drafts . "\$%%\$4**" . $lang->folder_trash; $db->update_query("users", array('pmfolders' => $mybb->user['pmfolders']), "uid='" . $mybb->user['uid'] . "'"); } $errors = ''; $mybb->input['action'] = $mybb->get_input('action'); usercp_menu(); $plugins->run_hooks("usercp_start"); if ($mybb->input['action'] == "do_editsig" && $mybb->request_method == "post") { $parser_options = array('allow_html' => $mybb->settings['sightml'], 'filter_badwords' => 1, 'allow_mycode' => $mybb->settings['sigmycode'], 'allow_smilies' => $mybb->settings['sigsmilies'], 'allow_imgcode' => $mybb->settings['sigimgcode'], "filter_badwords" => 1);
/** * Insert a thread into the database. * * @return array Array of new thread details, tid and visibility. */ function insert_thread() { global $db, $mybb, $plugins, $cache, $lang; // Yes, validating is required. if (!$this->get_validated()) { die("The thread needs to be validated before inserting it into the DB."); } if (count($this->get_errors()) > 0) { die("The thread is not valid."); } $thread =& $this->data; // Fetch the forum this thread is being made in $forum = get_forum($thread['fid']); // This thread is being saved as a draft. if ($thread['savedraft']) { $visible = -2; } else { $forumpermissions = forum_permissions($thread['fid'], $thread['uid']); // Decide on the visibility of this post. if ($forumpermissions['modthreads'] == 1 && !is_moderator($thread['fid'], "", $thread['uid'])) { $visible = 0; } else { $visible = 1; } // Are posts from this user being moderated? Change visibility if ($mybb->user['uid'] == $thread['uid'] && $mybb->user['moderateposts'] == 1) { $visible = 0; } } // Have a post ID but not a thread ID - fetch thread ID if (!empty($thread['pid']) && !$thread['tid']) { $query = $db->simple_select("posts", "tid", "pid='{$thread['pid']}"); $thread['tid'] = $db->fetch_field($query, "tid"); } if (isset($thread['pid']) && $thread['pid'] > 0) { $query = $db->simple_select("posts", "pid", "pid='{$thread['pid']}' AND uid='{$thread['uid']}' AND visible='-2'"); $draft_check = $db->fetch_field($query, "pid"); } else { $draft_check = false; } // Are we updating a post which is already a draft? Perhaps changing it into a visible post? if ($draft_check) { $this->thread_insert_data = array("subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "lastpost" => (int) $thread['dateline'], "lastposter" => $db->escape_string($thread['username']), "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread", $this); $db->update_query("threads", $this->thread_insert_data, "tid='{$thread['tid']}'"); $this->post_insert_data = array("subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "message" => $db->escape_string($thread['message']), "ipaddress" => $db->escape_binary(my_inet_pton(get_ip())), "includesig" => $thread['options']['signature'], "smilieoff" => $thread['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread_post", $this); $db->update_query("posts", $this->post_insert_data, "pid='{$thread['pid']}'"); $this->tid = $thread['tid']; $this->pid = $thread['pid']; } else { $this->thread_insert_data = array("fid" => $thread['fid'], "subject" => $db->escape_string($thread['subject']), "prefix" => (int) $thread['prefix'], "icon" => (int) $thread['icon'], "uid" => $thread['uid'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "lastpost" => (int) $thread['dateline'], "lastposter" => $db->escape_string($thread['username']), "views" => 0, "replies" => 0, "visible" => $visible, "notes" => ''); $plugins->run_hooks("datahandler_post_insert_thread", $this); $this->tid = $db->insert_query("threads", $this->thread_insert_data); $this->post_insert_data = array("tid" => $this->tid, "fid" => $thread['fid'], "subject" => $db->escape_string($thread['subject']), "icon" => (int) $thread['icon'], "uid" => $thread['uid'], "username" => $db->escape_string($thread['username']), "dateline" => (int) $thread['dateline'], "message" => $db->escape_string($thread['message']), "ipaddress" => $db->escape_binary(my_inet_pton(get_ip())), "includesig" => $thread['options']['signature'], "smilieoff" => $thread['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread_post", $this); $this->pid = $db->insert_query("posts", $this->post_insert_data); // Now that we have the post id for this first post, update the threads table. $firstpostup = array("firstpost" => $this->pid); $db->update_query("threads", $firstpostup, "tid='{$this->tid}'"); } // If we're not saving a draft there are some things we need to check now if (!$thread['savedraft']) { if ($thread['options']['subscriptionmethod'] != "" && $thread['uid'] > 0) { switch ($thread['options']['subscriptionmethod']) { case "pm": $notification = 2; break; case "email": $notification = 1; break; default: $notification = 0; } require_once MYBB_ROOT . "inc/functions_user.php"; add_subscribed_thread($this->tid, $notification, $thread['uid']); } // Perform any selected moderation tools. if (is_moderator($thread['fid'], "", $thread['uid']) && is_array($thread['modoptions'])) { $lang->load($this->language_file, true); $modoptions = $thread['modoptions']; $modlogdata['fid'] = $thread['fid']; if (isset($thread['tid'])) { $modlogdata['tid'] = $thread['tid']; } $modoptions_update = array(); // Close the thread. if (!empty($modoptions['closethread'])) { $modoptions_update['closed'] = 1; log_moderator_action($modlogdata, $lang->thread_closed); } // Stick the thread. if (!empty($modoptions['stickthread'])) { $modoptions_update['sticky'] = 1; log_moderator_action($modlogdata, $lang->thread_stuck); } // Execute moderation options. if ($modoptions_update) { $db->update_query('threads', $modoptions_update, "tid='{$this->tid}'"); } } if ($visible == 1) { // If we have a registered user then update their post count and last post times. if ($thread['uid'] > 0) { $user = get_user($thread['uid']); $update_query = array(); // Only update the lastpost column of the user if the date of the thread is newer than their last post. if ($thread['dateline'] > $user['lastpost']) { // Yes this has a single quote within a double quote. It's not a bug. $update_query['lastpost'] = "'{$thread['dateline']}'"; } // Update the post count if this forum allows post counts to be tracked if ($forum['usepostcounts'] != 0) { $update_query['postnum'] = "postnum+1"; } if ($forum['usethreadcounts'] != 0) { $update_query['threadnum'] = 'threadnum+1'; } // Only update the table if we need to. if (!empty($update_query)) { $db->update_query("users", $update_query, "uid='{$thread['uid']}'", 1, true); } } if (!isset($forum['lastpost'])) { $forum['lastpost'] = 0; } $done_users = array(); // Queue up any forum subscription notices to users who are subscribed to this forum. $excerpt = my_substr($thread['message'], 0, $mybb->settings['subscribeexcerpt']) . $lang->emailbit_viewthread; // Parse badwords require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $excerpt = $parser->parse_badwords($excerpt); $query = $db->query("\n\t\t\t\t\tSELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate\n\t\t\t\t\tFROM " . TABLE_PREFIX . "forumsubscriptions fs\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=fs.uid)\n\t\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "usergroups g ON (g.gid=u.usergroup)\n\t\t\t\t\tWHERE fs.fid='" . (int) $thread['fid'] . "'\n\t\t\t\t\tAND fs.uid != '" . (int) $thread['uid'] . "'\n\t\t\t\t\tAND u.lastactive > '{$forum['lastpost']}'\n\t\t\t\t\tAND g.isbannedgroup != 1\n\t\t\t\t"); while ($subscribedmember = $db->fetch_array($query)) { if ($done_users[$subscribedmember['uid']]) { continue; } $done_users[$subscribedmember['uid']] = 1; $forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { continue; } if (!is_moderator($thread['fid'], "", $subscribedmember['uid']) && $forumpermissions['canonlyviewownthreads'] == 1) { // In a 'view own only' forum and not a moderator continue; } // Determine the language pack we'll be using to send this email in and load it if it isn't already. if ($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) { $uselang = $subscribedmember['language']; } else { if ($mybb->settings['bblanguage']) { $uselang = $mybb->settings['bblanguage']; } else { $uselang = "english"; } } if ($uselang == $mybb->settings['bblanguage']) { $emailsubject = $lang->emailsubject_forumsubscription; $emailmessage = $lang->email_forumsubscription; } else { if (!isset($langcache[$uselang]['emailsubject_forumsubscription'])) { $userlang = new MyLanguage(); $userlang->set_path(MYBB_ROOT . "inc/languages"); $userlang->set_language($uselang); $userlang->load("messages"); $langcache[$uselang]['emailsubject_forumsubscription'] = $userlang->emailsubject_forumsubscription; $langcache[$uselang]['email_forumsubscription'] = $userlang->email_forumsubscription; unset($userlang); } $emailsubject = $langcache[$uselang]['emailsubject_forumsubscription']; $emailmessage = $langcache[$uselang]['email_forumsubscription']; } $emailsubject = $lang->sprintf($emailsubject, $forum['name']); $post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']); $emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $thread['username'], $forum['name'], $mybb->settings['bbname'], $thread['subject'], $excerpt, $mybb->settings['bburl'], get_thread_link($this->tid), $thread['fid'], $post_code); $new_email = array("mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => ''); $db->insert_query("mailqueue", $new_email); unset($userlang); $queued_email = 1; } // Have one or more emails been queued? Update the queue count if (isset($queued_email) && $queued_email == 1) { $cache->update_mailqueue(); } } } // Assign any uploaded attachments with the specific posthash to the newly created post. if ($thread['posthash']) { $thread['posthash'] = $db->escape_string($thread['posthash']); $attachmentassign = array("pid" => $this->pid, "posthash" => ''); $db->update_query("attachments", $attachmentassign, "posthash='{$thread['posthash']}' AND pid='0'"); } if ($visible == 1) { update_last_post($this->tid); update_forum_counters($thread['fid'], array("threads" => "+1", "posts" => "+1")); update_forum_lastpost($thread['fid']); } else { if ($visible == 0) { update_forum_counters($thread['fid'], array("unapprovedthreads" => "+1", "unapprovedposts" => "+1")); } } $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'"); $attachmentcount = $db->fetch_field($query, "attachmentcount"); if ($attachmentcount > 0) { update_thread_counters($this->tid, array("attachmentcount" => "+{$attachmentcount}")); } // Return the post's pid and whether or not it is visible. $this->return_values = array("pid" => $this->pid, "tid" => $this->tid, "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_thread_end", $this); return $this->return_values; }
* License: http://mybb.com/about/license * * $Id$ */ define("IN_MYBB", 1); define('THIS_SCRIPT', 'moderation.php'); $templatelist = 'changeuserbox,loginbox,moderation_delayedmoderation_custommodtool,moderation_delayedmodaction_notes,moderation_delayedmoderation_merge,moderation_delayedmoderation_move'; $templatelist .= ',moderation_delayedmoderation,moderation_deletethread,moderation_deletepoll,moderation_deleteposts_post,moderation_deleteposts,moderation_mergeposts_post,moderation_mergeposts'; $templatelist .= ',moderation_move,moderation_threadnotes_modaction,moderation_threadnotes_delayedmodaction,moderation_threadnotes,moderation_getip_modoptions,moderation_getip,moderation_merge'; $templatelist .= ',moderation_split_post,moderation_split,moderation_inline_deletethreads,moderation_inline_movethreads,moderation_inline_deleteposts,moderation_inline_mergeposts'; $templatelist .= ',moderation_inline_splitposts,forumjump_bit,forumjump_special,forumjump_advanced,forumdisplay_password_wrongpass,forumdisplay_password'; require_once "./global.php"; require_once MYBB_ROOT . "inc/functions_post.php"; require_once MYBB_ROOT . "inc/functions_upload.php"; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); require_once MYBB_ROOT . "inc/class_moderation.php"; $moderation = new Moderation(); // Load global language phrases $lang->load("moderation"); $plugins->run_hooks("moderation_start"); // Get some navigation if we need it switch ($mybb->input['action']) { case "reports": add_breadcrumb($lang->reported_posts); break; case "allreports": add_breadcrumb($lang->all_reported_posts); break; } $tid = intval($mybb->input['tid']);
/** * Performs cleanup of a quoted message, such as replacing /me commands, before presenting quoted post to the user. * * @param array quoted post info, taken from the DB (requires the 'message', 'username', 'pid' and 'dateline' entries to be set; will use 'userusername' if present) * @param boolean whether to call remove_message_quotes() on the quoted message * @return string the cleaned up message, wrapped in a quote tag */ function parse_quoted_message(&$quoted_post, $remove_message_quotes = true) { global $parser, $lang, $plugins; if (!isset($parser)) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } // Swap username over if we have a registered user if ($quoted_post['userusername']) { $quoted_post['username'] = $quoted_post['userusername']; } // Clean up the message $quoted_post['message'] = preg_replace(array('#(^|\\r|\\n)/me ([^\\r\\n<]*)#i', '#(^|\\r|\\n)/slap ([^\\r\\n<]*)#i', '#\\[attachment=([0-9]+?)\\]#i'), array("\\1* {$quoted_post['username']} \\2", "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", ""), $quoted_post['message']); $quoted_post['message'] = $parser->parse_badwords($quoted_post['message']); if ($remove_message_quotes) { global $mybb; $max_quote_depth = intval($mybb->settings['maxquotedepth']); if ($max_quote_depth) { $quoted_post['message'] = remove_message_quotes($quoted_post['message'], $max_quote_depth - 1); // we're wrapping the message in a [quote] tag, so take away one quote depth level } } $quoted_post = $plugins->run_hooks("parse_quoted_message", $quoted_post); return "[quote='{$quoted_post['username']}' pid='{$quoted_post['pid']}' dateline='{$quoted_post['dateline']}']\n{$quoted_post['message']}\n[/quote]\n\n"; }
static function parse($message, $me_username) { global $mybb; require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new postParser(); $options = array('allow_mycode' => 0, 'allow_smilies' => $mybb->settings['dvz_sb_smilies'], 'allow_imgcode' => 0, 'filter_badwords' => 1); $message = $parser->parse_message($message, $options); $message = $parser->mycode_auto_url($message); $message = $post = preg_replace('/\\[url](.+?)\\[\\/url\\]/', '<a href="\\1" target="_blank">\\1</a>', $message); return $message; }
static function parse($message, $me_username) { global $mybb; require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new postParser(); $options = ['allow_mycode' => $mybb->settings['dvz_sb_mycode'], 'allow_smilies' => $mybb->settings['dvz_sb_smilies'], 'allow_imgcode' => 0, 'filter_badwords' => 1, 'me_username' => $me_username]; return $parser->parse_message($message, $options); }
} } if (!$errors) { if (isset($mybb->input['preview'])) { $parser_options = array(); $parser_options['allow_html'] = $mybb->get_input('allowhtml', MyBB::INPUT_INT); $parser_options['allow_mycode'] = $mybb->get_input('allowmycode', MyBB::INPUT_INT); $parser_options['allow_smilies'] = $mybb->get_input('allowsmilies', MyBB::INPUT_INT); $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = htmlspecialchars_uni($mybb->user['username']); $parser_options['filter_badwords'] = 1; // Set up the message parser if it doesn't already exist. if (!is_object($parser)) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } $preview = array(); $preview['message'] = $parser->parse_message($mybb->input['message'], $parser_options); $preview['subject'] = htmlspecialchars_uni($mybb->input['title']); } else { $months = array('01', '02', '03', '04', '05', '06', '07', '08', '09', '10', '11', '12'); if (!in_array($mybb->input['starttime_month'], $months)) { $mybb->input['starttime_month'] = 1; } if ($mybb->input['endtime_type'] == "2") { $enddate = '0'; } else { if (!in_array($mybb->input['endtime_month'], $months)) { $mybb->input['endtime_month'] = 1; }
define("IGNORE_CLEAN_VARS", "sid"); define('THIS_SCRIPT', 'private.php'); $templatelist = "private_send,private_send_buddyselect,private_read,private_tracking,private_tracking_readmessage,private_tracking_unreadmessage,private_orderarrow,usercp_nav_attachments,usercp_nav_messenger_compose,private_tracking_readmessage_stop"; $templatelist .= ",private_folders,private_folders_folder,private_folders_folder_unremovable,private,usercp_nav,private_empty_folder,private_empty,private_archive_txt,private_archive_csv,private_archive_html,private_tracking_unreadmessage_stop"; $templatelist .= ",usercp_nav_messenger,usercp_nav_changename,usercp_nav_profile,usercp_nav_misc,multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,multipage_start,usercp_nav_editsignature,posticons_icon"; $templatelist .= ",private_messagebit,codebuttons,smilieinsert,smilieinsert_getmore,smilieinsert_smilie,smilieinsert_smilie_empty,posticons,private_send_autocomplete,private_messagebit_denyreceipt,private_read_to,postbit_online,postbit_warninglevel_formatted,postbit_iplogged_hiden"; $templatelist .= ",postbit_delete_pm,postbit,private_tracking_nomessage,private_nomessages,postbit_author_guest,private_multiple_recipients_user,private_multiple_recipients_bcc,private_multiple_recipients,usercp_nav_messenger_folder"; $templatelist .= ",private_search_messagebit,private_search_results_nomessages,private_search_results,private_advanced_search,previewpost,private_send_tracking,private_send_signature,private_read_bcc,private_composelink,postbit_purgespammer"; $templatelist .= ",private_archive,private_quickreply,private_pmspace,private_limitwarning,postbit_groupimage,postbit_offline,postbit_www,postbit_replyall_pm,postbit_signature,postbit_classic,postbit_gotopost,postbit_userstar,postbit_reputation_formatted_link,postbit_icon"; $templatelist .= ",private_archive_folders_folder,private_archive_folders,postbit_warninglevel,postbit_author_user,postbit_reply_pm,postbit_forward_pm,private_messagebit_icon,private_jump_folders_folder,private_advanced_search_folders"; $templatelist .= ",private_jump_folders,postbit_avatar,postbit_warn,postbit_rep_button,postbit_email,postbit_reputation,private_move,private_read_action,postbit_away,postbit_pm,usercp_nav_messenger_tracking,postbit_find,private_emptyexportlink"; require_once "./global.php"; require_once MYBB_ROOT . "inc/functions_post.php"; require_once MYBB_ROOT . "inc/functions_user.php"; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Load global language phrases $lang->load("private"); if ($mybb->settings['enablepms'] == 0) { error($lang->pms_disabled); } if ($mybb->user['uid'] == '/' || $mybb->user['uid'] == 0 || $mybb->usergroup['canusepms'] == 0) { error_no_permission(); } if (!$mybb->user['pmfolders']) { $mybb->user['pmfolders'] = "1**\$%%\$2**\$%%\$3**\$%%\$4**"; $sql_array = array("pmfolders" => $mybb->user['pmfolders']); $db->update_query("users", $sql_array, "uid = " . $mybb->user['uid']); } // On a random occassion, recount the user's pms just to make sure everything is in sync. $rand = my_rand(0, 9);
* * $Id$ */ define("IN_MYBB", 1); define('THIS_SCRIPT', 'showthread.php'); $templatelist = "showthread,postbit,postbit_author_user,postbit_author_guest,showthread_newthread,showthread_newreply,showthread_newreply_closed,postbit_avatar,postbit_find,postbit_pm,postbit_www,postbit_email,postbit_edit,postbit_quote,postbit_report,postbit_signature,postbit_online,postbit_offline,postbit_away,postbit_gotopost,showthread_ratethread,showthread_moderationoptions"; $templatelist .= ",multipage_prevpage,multipage_nextpage,multipage_page_current,multipage_page,multipage_start,multipage_end,multipage"; $templatelist .= ",postbit_editedby,showthread_similarthreads,showthread_similarthreads_bit,postbit_iplogged_show,postbit_iplogged_hiden,showthread_quickreply"; $templatelist .= ",forumjump_advanced,forumjump_special,forumjump_bit,showthread_multipage,postbit_reputation,postbit_quickdelete,postbit_attachments,postbit_attachments_attachment,postbit_attachments_thumbnails,postbit_attachments_images_image,postbit_attachments_images,postbit_posturl,postbit_rep_button"; $templatelist .= ",postbit_inlinecheck,showthread_inlinemoderation,postbit_attachments_thumbnails_thumbnail,postbit_ignored,postbit_groupimage,postbit_multiquote,showthread_search,postbit_warn,postbit_warninglevel,showthread_moderationoptions_custom_tool,showthread_moderationoptions_custom,showthread_inlinemoderation_custom_tool,showthread_inlinemoderation_custom,postbit_classic,showthread_classic_header,showthread_poll_resultbit,showthread_poll_results"; $templatelist .= ",showthread_usersbrowsing,showthread_usersbrowsing_user,multipage_page_link_current,multipage_breadcrumb,showthread_poll_option_multiple,showthread_poll_option,showthread_poll,showthread_threadedbox,showthread_quickreply_options_signature,showthread_threaded_bitactive,showthread_threaded_bit,postbit_attachments_attachment_unapproved,forumdisplay_password_wrongpass,forumdisplay_password"; require_once "./global.php"; require_once MYBB_ROOT . "inc/functions_post.php"; require_once MYBB_ROOT . "inc/functions_indicators.php"; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Load global language phrases $lang->load("showthread"); // If there is no tid but a pid, trick the system into thinking there was a tid anyway. if (!empty($mybb->input['pid']) && !$mybb->input['tid']) { // see if we already have the post information if (isset($style) && $style['pid'] == $mybb->input['pid'] && $style['tid']) { $mybb->input['tid'] = $style['tid']; unset($style['tid']); // stop the thread caching code from being tricked } else { $options = array("limit" => 1); $query = $db->simple_select("posts", "tid", "pid=" . $mybb->input['pid'], $options); $post = $db->fetch_array($query); $mybb->input['tid'] = $post['tid']; }
function akismet_admin() { global $mybb, $db, $page, $lang; if ($page->active_action != "akismet") { return; } $page->add_breadcrumb_item($lang->akismet); if ($mybb->input['delete_all'] && $mybb->request_method == "post") { // User clicked no if ($mybb->input['no']) { admin_redirect("index.php?module=forum-akismet"); } if ($mybb->request_method == "post") { // Delete the template $db->delete_query("posts", "visible = '-4'"); // Log admin action log_admin_action(); flash_message($lang->success_deleted_spam, 'success'); admin_redirect("index.php?module=forum-akismet"); } else { $page->output_confirm_action("index.php?module=forum-akismet&delete_all=1", $lang->confirm_spam_deletion); } } if ($mybb->input['unmark'] && $mybb->request_method == "post") { $unmark = $mybb->input['akismet']; if (empty($unmark)) { flash_message($lang->error_unmark, 'error'); admin_redirect("index.php?module=forum-akismet"); } $posts_in = ''; $comma = ''; foreach ($unmark as $key => $val) { $posts_in .= $comma . intval($key); $comma = ','; } $query = $db->simple_select("posts", "pid, tid", "pid IN ({$posts_in}) AND replyto = '0'"); while ($post = $db->fetch_array($query)) { $threadp[] = $post['tid']; } if (!is_array($threadp)) { $threadp = array(); } $thread_list = implode(',', $threadp); $query = $db->query("\r\n\t\t\tSELECT p.tid, f.usepostcounts, p.uid, p.fid, p.dateline, p.replyto, t.lastpost, t.lastposter, t.lastposteruid, t.subject\r\n\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "threads t ON (t.tid=p.tid)\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "forums f ON (f.fid=p.fid)\r\n\t\t\tWHERE p.pid IN ({$posts_in}) AND p.visible = '-4'\r\n\t\t"); while ($post = $db->fetch_array($query)) { // Fetch the last post for this forum $query2 = $db->query("\r\n\t\t\t\tSELECT tid, lastpost, lastposter, lastposteruid, subject\r\n\t\t\t\tFROM " . TABLE_PREFIX . "threads\r\n\t\t\t\tWHERE fid='{$post['fid']}' AND visible='1' AND closed NOT LIKE 'moved|%'\r\n\t\t\t\tORDER BY lastpost DESC\r\n\t\t\t\tLIMIT 0, 1\r\n\t\t\t"); $lastpost = $db->fetch_array($query2); if ($post['lastpost'] > $lastpost['lastpost']) { $lastpost['lastpost'] = $post['lastpost']; $lastpost['lastposter'] = $post['lastposter']; $lastpost['lastposteruid'] = $post['lastposteruid']; $lastpost['subject'] = $post['subject']; $lastpost['tid'] = $post['tid']; } $update_count = array("lastpost" => intval($lastpost['lastpost']), "lastposter" => $db->escape_string($lastpost['lastposter']), "lastposteruid" => intval($lastpost['lastposteruid']), "lastposttid" => intval($lastpost['tid']), "lastpostsubject" => $db->escape_string($lastpost['subject'])); $db->update_query("forums", $update_count, "fid='{$post['fid']}'"); $query2 = $db->query("\r\n\t\t\t\tSELECT u.uid, u.username, p.username AS postusername, p.dateline\r\n\t\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n\t\t\t\tWHERE p.tid='{$post['tid']}' AND p.visible='1' OR p.pid = '{$post['pid']}'\r\n\t\t\t\tORDER BY p.dateline DESC\r\n\t\t\t\tLIMIT 1"); $lastpost = $db->fetch_array($query2); $query2 = $db->query("\r\n\t\t\t\tSELECT u.uid, u.username, p.username AS postusername, p.dateline\r\n\t\t\t\tFROM " . TABLE_PREFIX . "posts p\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=p.uid)\r\n\t\t\t\tWHERE p.tid='{$post['tid']}'\r\n\t\t\t\tORDER BY p.dateline ASC\r\n\t\t\t\tLIMIT 0,1\r\n\t\t\t"); $firstpost = $db->fetch_array($query2); if (!$firstpost['username']) { $firstpost['username'] = $firstpost['postusername']; } if (!$lastpost['username']) { $lastpost['username'] = $lastpost['postusername']; } if (!$lastpost['dateline']) { $lastpost['username'] = $firstpost['username']; $lastpost['uid'] = $firstpost['uid']; $lastpost['dateline'] = $firstpost['dateline']; } $lastpost['username'] = $db->escape_string($lastpost['username']); $firstpost['username'] = $db->escape_string($firstpost['username']); $query2 = $db->simple_select("users", "akismetstopped", "uid='{$post['uid']}'"); $akismetstopped = $db->fetch_field($query2, "akismetstopped") - 1; if ($akismetstopped < 0) { $akismetstopped = 0; } $db->update_query("users", array('akismetstopped' => $akismetstopped), "uid='{$post['uid']}'"); $update_array = array('username' => $firstpost['username'], 'uid' => intval($firstpost['uid']), 'lastpost' => intval($lastpost['dateline']), 'lastposter' => $lastpost['username'], 'lastposteruid' => intval($lastpost['uid'])); $db->update_query("threads", $update_array, "tid='{$post['tid']}'"); if ($post['usepostcounts'] != 0) { $db->write_query("UPDATE " . TABLE_PREFIX . "users SET postnum=postnum+1 WHERE uid = '{$post['uid']}'"); } $newthreads = $newreplies = 0; if ($post['replyto'] == 0) { ++$newthreads; } else { ++$newreplies; } update_thread_counters($post['tid'], array('replies' => '+' . $newreplies)); update_forum_counters($post['fid'], array('threads' => '+' . $newthreads, 'posts' => '+1')); } $approve = array("visible" => 1); if ($thread_list) { $db->update_query("threads", $approve, "tid IN ({$thread_list})"); } $db->update_query("posts", $approve, "pid IN ({$posts_in})"); // Log admin action log_admin_action(); flash_message($lang->success_unmarked, 'success'); admin_redirect("index.php?module=forum-akismet"); } if ($mybb->input['delete'] && $mybb->request_method == "post") { $deletepost = $mybb->input['akismet']; if (empty($deletepost)) { flash_message($lang->error_deletepost, 'error'); admin_redirect("index.php?module=forum-akismet"); } $posts_in = ''; $comma = ''; foreach ($deletepost as $key => $val) { $posts_in .= $comma . intval($key); $comma = ','; } $query = $db->simple_select("posts", "pid, tid", "pid IN ({$posts_in}) AND replyto = '0'"); while ($post = $db->fetch_array($query)) { $threadp[$post['pid']] = $post['tid']; } if (!is_array($threadp)) { $threadp = array(); } require_once MYBB_ROOT . "inc/functions_upload.php"; foreach ($deletepost as $pid => $val) { if (array_key_exists($pid, $threadp)) { $db->delete_query("posts", "pid IN ({$posts_in})"); $db->delete_query("attachments", "pid IN ({$posts_in})"); // Get thread info $query = $db->simple_select("threads", "poll", "tid='" . $threadp[$pid] . "'"); $poll = $db->fetch_field($query, 'poll'); // Delete threads, redirects, favorites, polls, and poll votes $db->delete_query("threads", "tid='" . $threadp[$pid] . "'"); $db->delete_query("threads", "closed='moved|" . $threadp[$pid] . "'"); $db->delete_query("threadsubscriptions", "tid='" . $threadp[$pid] . "'"); $db->delete_query("polls", "tid='" . $threadp[$pid] . "'"); $db->delete_query("pollvotes", "pid='{$poll}'"); } // Remove attachments remove_attachments($pid); // Delete the post $db->delete_query("posts", "pid='{$pid}'"); } // Log admin action log_admin_action(); flash_message($lang->success_spam_deleted, 'success'); admin_redirect("index.php?module=forum-akismet"); } if (!$mybb->input['action']) { require MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $page->output_header($lang->akismet); $form = new Form("index.php?module=forum-akismet", "post"); $table = new Table(); $table->construct_header($form->generate_check_box("checkall", 1, '', array('class' => 'checkall')), array('width' => '5%')); $table->construct_header("Title / Username / Post", array('class' => 'align_center')); $mybb->input['page'] = intval($mybb->input['page']); if ($mybb->input['page'] > 0) { $start = $mybb->input['page'] * 20; } else { $start = 0; } $query = $db->simple_select("posts", "COUNT(pid) as spam", "visible = '-4'"); $total_rows = $db->fetch_field($query, 'spam'); if ($start > $total_rows) { $start = $total_rows - 20; } if ($start < 0) { $start = 0; } $query = $db->simple_select("posts", "*", "visible = '-4'", array('limit_start' => $start, 'limit' => '20', 'order_by' => 'dateline', 'order_dir' => 'desc')); while ($post = $db->fetch_array($query)) { if ($post['uid'] != 0) { $username = "******"../" . str_replace("{uid}", $post['uid'], PROFILE_URL) . "\" target=\"_blank\">" . format_name($post['username'], $post['usergroup'], $post['displaygroup']) . "</a>"; } else { $username = $post['username']; } $table->construct_cell($form->generate_check_box("akismet[{$post['pid']}]", 1, '')); $table->construct_cell("<span style=\"float: right;\">{$lang->username} {$username}</span> <span style=\"float: left;\">{$lang->title}: " . htmlspecialchars_uni($post['subject']) . " <strong>(" . my_date($mybb->settings['dateformat'], $post['dateline']) . ", " . my_date($mybb->settings['timeformat'], $post['dateline']) . ")</strong></span>"); $table->construct_row(); $parser_options = array("allow_html" => 0, "allow_mycode" => 0, "allow_smilies" => 0, "allow_imgcode" => 0, "me_username" => $post['username'], "filter_badwords" => 1); $post['message'] = $parser->parse_message($post['message'], $parser_options); $table->construct_cell($post['message'], array("colspan" => 2)); $table->construct_row(); } $num_rows = $table->num_rows(); if ($num_rows == 0) { $table->construct_cell($lang->no_spam_found, array("class" => "align_center", "colspan" => 2)); $table->construct_row(); } $table->output($lang->detected_spam_messages); echo "<br />" . draw_admin_pagination($mybb->input['page'], 20, $total_rows, "index.php?module=forum-akismet&page={page}"); $buttons[] = $form->generate_submit_button($lang->unmark_selected, array('name' => 'unmark')); $buttons[] = $form->generate_submit_button($lang->deleted_selected, array('name' => 'delete')); if ($num_rows > 0) { $buttons[] = $form->generate_submit_button($lang->delete_all, array('name' => 'delete_all', 'onclick' => "return confirm('{$lang->confirm_spam_deletion}');")); } $form->output_submit_wrapper($buttons); $form->end(); $page->output_footer(); } exit; }
} else { $bgcolor = "trow2"; } // Fetch subscription select box eval("\$subscriptionmethod = \"" . $templates->get("post_subscription_method") . "\";"); $lang->post_reply_to = $lang->sprintf($lang->post_reply_to, $thread['subject']); $lang->reply_to = $lang->sprintf($lang->reply_to, $thread['subject']); // Do we have any forum rules to show for this forum? $forumrules = ''; if ($forum['rulestype'] >= 2 && $forum['rules']) { if (!$forum['rulestitle']) { $forum['rulestitle'] = $lang->sprintf($lang->forum_rules, $forum['name']); } if (!$parser) { require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new postParser(); } $rules_parser = array("allow_html" => 1, "allow_mycode" => 1, "allow_smilies" => 1, "allow_imgcode" => 1); $forum['rules'] = $parser->parse_message($forum['rules'], $rules_parser); $foruminfo = $forum; if ($forum['rulestype'] == 3) { eval("\$forumrules = \"" . $templates->get("forumdisplay_rules") . "\";"); } else { if ($forum['rulestype'] == 2) { eval("\$forumrules = \"" . $templates->get("forumdisplay_rules_link") . "\";"); } } } $moderation_notice = ''; if (!is_moderator($forum['fid'], "canapproveunapproveattachs")) { if ($forumpermissions['modattachments'] == 1 && $forumpermissions['canpostattachments'] != 0) {
* Website: http://www.mybboard.net * License: http://www.mybboard.net/about/license * * $Id: search.php 4505 2009-11-13 15:59:56Z Tomm $ */ define("IN_MYBB", 1); define("IGNORE_CLEAN_VARS", "sid"); define('THIS_SCRIPT', 'search.php'); $templatelist = "search,forumdisplay_thread_gotounread,search_results_threads_thread,search_results_threads,search_results_posts,search_results_posts_post"; $templatelist .= ",multipage_nextpage,multipage_page_current,multipage_page,multipage_start,multipage_end,multipage,forumdisplay_thread_multipage_more,forumdisplay_thread_multipage_page,forumdisplay_thread_multipage"; $templatelist .= ",search_results_posts_inlinecheck,search_results_posts_nocheck,search_results_threads_inlinecheck,search_results_threads_nocheck,search_results_inlinemodcol,search_results_posts_inlinemoderation_custom_tool,search_results_posts_inlinemoderation_custom,search_results_posts_inlinemoderation,search_results_threads_inlinemoderation_custom_tool,search_results_threads_inlinemoderation_custom,search_results_threads_inlinemoderation,search_orderarrow"; require_once "./global.php"; require_once MYBB_ROOT . "inc/functions_post.php"; require_once MYBB_ROOT . "inc/functions_search.php"; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Load global language phrases $lang->load("search"); add_breadcrumb($lang->nav_search, "search.php"); switch ($mybb->input['action']) { case "results": add_breadcrumb($lang->nav_results); break; default: break; } if ($mybb->usergroup['cansearch'] == 0) { error_no_permission(); } $now = TIME_NOW; $mybb->input['keywords'] = trim($mybb->input['keywords']);
define('THIS_SCRIPT', 'member.php'); define("ALLOWABLE_PAGE", "register,do_register,login,do_login,logout,lostpw,do_lostpw,activate,resendactivation,do_resendactivation,resetpassword,viewnotes"); $nosession['avatar'] = 1; $templatelist = "member_register,member_register_hiddencaptcha,member_coppa_form,member_register_coppa,member_register_agreement_coppa,member_register_agreement,usercp_options_tppselect,usercp_options_pppselect,member_register_referrer,member_register_customfield,member_register_requiredfields"; $templatelist .= ",member_resetpassword,member_loggedin_notice,member_profile_away,member_emailuser,member_register_regimage,member_register_regimage_recaptcha,member_register_regimage_nocaptcha,member_register_regimage_ayah,post_captcha_hidden,post_captcha,post_captcha_recaptcha,post_captcha_ayah,member_profile_addremove,member_emailuser_guest"; $templatelist .= ",member_profile_email,member_profile_offline,member_profile_reputation,member_profile_warn,member_profile_warninglevel,member_profile_customfields_field,member_profile_customfields,member_profile_adminoptions,member_profile,member_login,member_profile_online,member_viewnotes"; $templatelist .= ",member_profile_signature,member_profile_avatar,member_profile_groupimage,member_profile_referrals,member_profile_website,member_profile_reputation_vote,member_activate,member_resendactivation,member_lostpw,member_register_additionalfields,member_register_password,usercp_options_pppselect_option"; $templatelist .= ",member_profile_modoptions_manageuser,member_profile_modoptions_editprofile,member_profile_modoptions_banuser,member_profile_modoptions_viewnotes,member_profile_modoptions,member_profile_modoptions_editnotes,member_profile_modoptions_purgespammer,postbit_reputation_formatted,postbit_warninglevel_formatted"; $templatelist .= ",usercp_profile_profilefields_select_option,usercp_profile_profilefields_multiselect,usercp_profile_profilefields_select,usercp_profile_profilefields_textarea,usercp_profile_profilefields_radio,usercp_profile_profilefields_checkbox,usercp_profile_profilefields_text,usercp_options_tppselect_option"; $templatelist .= ",member_register_question,member_register_question_refresh,usercp_options_timezone,usercp_options_timezone_option,usercp_options_language_option,member_register_language,member_profile_userstar,member_profile_customfields_field_multi_item,member_profile_customfields_field_multi,member_register_day"; $templatelist .= ",member_profile_contact_fields_aim,member_profile_contact_fields_google,member_profile_contact_fields_icq,member_profile_contact_fields_skype,member_profile_contact_fields_yahoo,member_profile_pm,member_profile_contact_details,member_profile_banned"; require_once "./global.php"; require_once MYBB_ROOT . "inc/functions_post.php"; require_once MYBB_ROOT . "inc/functions_user.php"; require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); // Load global language phrases $lang->load("member"); $mybb->input['action'] = $mybb->get_input('action'); // Make navigation switch ($mybb->input['action']) { case "register": case "do_register": add_breadcrumb($lang->nav_register); break; case "activate": add_breadcrumb($lang->nav_activate); break; case "resendactivation": add_breadcrumb($lang->nav_resendactivation); break;
/** * Build a post bit * * @param array $post The post data * @param int $post_type The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post) * @return string The built post bit */ function build_postbit($post, $post_type = 0) { global $db, $altbg, $theme, $mybb, $postcounter, $profile_fields; global $titlescache, $page, $templates, $forumpermissions, $attachcache; global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid; global $plugins, $parser, $cache, $ignored_users, $hascustomtitle; $hascustomtitle = 0; // Set default values for any fields not provided here foreach (array('pid', 'aid', 'pmid', 'posturl', 'button_multiquote', 'subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_purgespammer', 'button_pm', 'button_pubkey', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm', 'replink', 'warninglevel') as $post_field) { if (empty($post[$post_field])) { $post[$post_field] = ''; } } // Set up the message parser if it doesn't already exist. if (!$parser) { require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); } if (!function_exists("purgespammer_show")) { require_once MYBB_ROOT . "inc/functions_user.php"; } $unapproved_shade = ''; if (isset($post['visible']) && $post['visible'] == 0 && $post_type == 0) { $altbg = $unapproved_shade = 'unapproved_post'; } elseif (isset($post['visible']) && $post['visible'] == -1 && $post_type == 0) { $altbg = $unapproved_shade = 'unapproved_post deleted_post'; } elseif ($altbg == 'trow1') { $altbg = 'trow2'; } else { $altbg = 'trow1'; } $post['fid'] = $fid; switch ($post_type) { case 1: // Message preview global $forum; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = 0; break; case 2: // Private message global $message, $pmid; $idtype = 'pmid'; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; break; case 3: // Announcement global $announcementarray, $message; $parser_options['allow_html'] = $announcementarray['allowhtml']; $parser_options['allow_mycode'] = $announcementarray['allowmycode']; $parser_options['allow_smilies'] = $announcementarray['allowsmilies']; $parser_options['allow_imgcode'] = 1; $parser_options['allow_videocode'] = 1; $parser_options['me_username'] = $post['username']; $parser_options['filter_badwords'] = 1; $id = $announcementarray['aid']; break; default: // Regular post global $forum, $thread, $tid; $oldforum = $forum; $id = (int) $post['pid']; $idtype = 'pid'; $parser_options['allow_html'] = $forum['allowhtml']; $parser_options['allow_mycode'] = $forum['allowmycode']; $parser_options['allow_smilies'] = $forum['allowsmilies']; $parser_options['allow_imgcode'] = $forum['allowimgcode']; $parser_options['allow_videocode'] = $forum['allowvideocode']; $parser_options['filter_badwords'] = 1; if (!$post['username']) { $post['username'] = $lang->guest; } if ($post['userusername']) { $parser_options['me_username'] = $post['userusername']; } else { $parser_options['me_username'] = $post['username']; } break; } if (!$postcounter) { // Used to show the # of the post if ($page > 1) { if (!$mybb->settings['postsperpage'] || (int) $mybb->settings['postsperpage'] < 1) { $mybb->settings['postsperpage'] = 20; } $postcounter = $mybb->settings['postsperpage'] * ($page - 1); } else { $postcounter = 0; } $post_extra_style = "border-top-width: 0;"; } elseif ($mybb->input['mode'] == "threaded") { $post_extra_style = "border-top-width: 0;"; } else { $post_extra_style = "margin-top: 5px;"; } if (!$altbg) { // Define the alternate background colour if this is the first post $altbg = "trow1"; } $postcounter++; // Format the post date and time using my_date //$post['postdate'] = my_date('relative', $post['dateline']); $post['postdate'] = date('Y-m-d', $post['dateline']); // Dont want any little 'nasties' in the subject $post['subject'] = $parser->parse_badwords($post['subject']); // Pm's have been htmlspecialchars_uni()'ed already. if ($post_type != 2) { $post['subject'] = htmlspecialchars_uni($post['subject']); } if (empty($post['subject'])) { $post['subject'] = ' '; } $post['author'] = $post['uid']; $post['subject_title'] = $post['subject']; // Get the usergroup if ($post['userusername']) { if (!$post['displaygroup']) { $post['displaygroup'] = $post['usergroup']; } $usergroup = $groupscache[$post['displaygroup']]; } else { $usergroup = $groupscache[1]; } if (!is_array($titlescache)) { $cached_titles = $cache->read("usertitles"); if (!empty($cached_titles)) { foreach ($cached_titles as $usertitle) { $titlescache[$usertitle['posts']] = $usertitle; } } if (is_array($titlescache)) { krsort($titlescache); } unset($usertitle, $cached_titles); } // Work out the usergroup/title stuff $post['groupimage'] = ''; if (!empty($usergroup['image'])) { $language = $mybb->settings['bblanguage']; if (!empty($mybb->user['language'])) { $language = $mybb->user['language']; } $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']); $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']); eval("\$post['groupimage'] = \"" . $templates->get("postbit_groupimage") . "\";"); if ($mybb->settings['postlayout'] == "classic") { $post['groupimage'] .= "<br />"; } } if ($post['userusername']) { // This post was made by a registered user $post['username'] = $post['userusername']; $post['profilelink_plain'] = get_profile_link($post['uid']); $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']); $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']); if (trim($post['usertitle']) != "") { $hascustomtitle = 1; } if ($usergroup['usertitle'] != "" && !$hascustomtitle) { $post['usertitle'] = $usergroup['usertitle']; } elseif (is_array($titlescache) && !$usergroup['usertitle']) { reset($titlescache); foreach ($titlescache as $key => $titleinfo) { if ($post['postnum'] >= $key) { if (!$hascustomtitle) { $post['usertitle'] = $titleinfo['title']; } $post['stars'] = $titleinfo['stars']; $post['starimage'] = $titleinfo['starimage']; break; } } } $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); if ($usergroup['stars']) { $post['stars'] = $usergroup['stars']; } if (empty($post['starimage'])) { $post['starimage'] = $usergroup['starimage']; } if ($post['starimage'] && $post['stars']) { // Only display stars if we have an image to use... $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']); $post['userstars'] = ''; for ($i = 0; $i < $post['stars']; ++$i) { eval("\$post['userstars'] .= \"" . $templates->get("postbit_userstar", 1, 0) . "\";"); } $post['userstars'] .= "<br />"; } $postnum = $post['postnum']; $post['postnum'] = my_number_format($post['postnum']); $post['threadnum'] = my_number_format($post['threadnum']); // Determine the status to show for the user (Online/Offline/Away) /* $timecut = TIME_NOW - $mybb->settings['wolcutoff']; if($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_online")."\";"); } else { if($post['away'] == 1 && $mybb->settings['allowaway'] != 0) { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_away")."\";"); } else { eval("\$post['onlinestatus'] = \"".$templates->get("postbit_offline")."\";"); } } */ // Show as always offline eval("\$post['onlinestatus'] = \"" . $templates->get("postbit_offline") . "\";"); $post['useravatar'] = ''; if (isset($mybb->user['showavatars']) && $mybb->user['showavatars'] != 0 || $mybb->user['uid'] == 0) { $useravatar = format_avatar($post['avatar'], $post['avatardimensions'], $mybb->settings['postmaxavatarsize']); eval("\$post['useravatar'] = \"" . $templates->get("postbit_avatar") . "\";"); } $post['button_find'] = ''; if ($mybb->usergroup['cansearch'] == 1) { eval("\$post['button_find'] = \"" . $templates->get("postbit_find") . "\";"); } if ($mybb->settings['enablepms'] == 1 && $post['receivepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos("," . $post['ignorelist'] . ",", "," . $mybb->user['uid'] . ",") === false) { //eval("\$post['button_pm'] = \"".$templates->get("postbit_pm")."\";"); } $post['button_rep'] = ''; if ($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid'] && $post['visible'] == 1) { if (!$post['pid']) { $post['pid'] = 0; } eval("\$post['button_rep'] = \"" . $templates->get("postbit_rep_button") . "\";"); } if ($post['website'] != "" && !is_member($mybb->settings['hidewebsite']) && $usergroup['canchangewebsite'] == 1) { $post['website'] = htmlspecialchars_uni($post['website']); eval("\$post['button_www'] = \"" . $templates->get("postbit_www") . "\";"); } else { $post['button_www'] = ""; } if ($post['hideemail'] != 1 && $mybb->usergroup['cansendemail'] == 1) { eval("\$post['button_email'] = \"" . $templates->get("postbit_email") . "\";"); } else { $post['button_email'] = ""; } $post['userregdate'] = $lang->na; //my_date($mybb->settings['regdateformat'], $post['regdate']); // Work out the reputation this user has (only show if not announcement) if ($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) { $post['userreputation'] = get_reputation($post['reputation'], $post['uid']); eval("\$post['replink'] = \"" . $templates->get("postbit_reputation") . "\";"); } // Showing the warning level? (only show if not announcement) if ($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || $mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0)) { if ($mybb->settings['maxwarningpoints'] < 1) { $mybb->settings['maxwarningpoints'] = 10; } $warning_level = round($post['warningpoints'] / $mybb->settings['maxwarningpoints'] * 100); if ($warning_level > 100) { $warning_level = 100; } $warning_level = get_colored_warning_level($warning_level); // If we can warn them, it's not the same person, and we're in a PM or a post. if ($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) { eval("\$post['button_warn'] = \"" . $templates->get("postbit_warn") . "\";"); $warning_link = "warnings.php?uid={$post['uid']}"; } else { $post['button_warn'] = ''; $warning_link = "usercp.php"; } eval("\$post['warninglevel'] = \"" . $templates->get("postbit_warninglevel") . "\";"); } if ($post_type != 3 && $post_type != 1 && purgespammer_show($post['postnum'], $post['usergroup'], $post['uid'])) { eval("\$post['button_purgespammer'] = \"" . $templates->get('postbit_purgespammer') . "\";"); } // Display profile fields on posts - only if field is filled in if (is_array($profile_fields)) { foreach ($profile_fields as $field) { $fieldfid = "fid{$field['fid']}"; if (!empty($post[$fieldfid])) { $post['fieldvalue'] = ''; $post['fieldname'] = htmlspecialchars_uni($field['name']); $thing = explode("\n", $field['type'], "2"); $type = trim($thing[0]); $useropts = explode("\n", $post[$fieldfid]); if (is_array($useropts) && ($type == "multiselect" || $type == "checkbox")) { foreach ($useropts as $val) { if ($val != '') { eval("\$post['fieldvalue_option'] .= \"" . $templates->get("postbit_profilefield_multiselect_value") . "\";"); } } if ($post['fieldvalue_option'] != '') { eval("\$post['fieldvalue'] .= \"" . $templates->get("postbit_profilefield_multiselect") . "\";"); } } else { $field_parser_options = array("allow_html" => $field['allowhtml'], "allow_mycode" => $field['allowmycode'], "allow_smilies" => $field['allowsmilies'], "allow_imgcode" => $field['allowimgcode'], "allow_videocode" => $field['allowvideocode'], "filter_badwords" => 1); if ($customfield['type'] == "textarea") { $field_parser_options['me_username'] = $post['username']; } else { $field_parser_options['nl2br'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $field_parser_options['allow_imgcode'] = 0; } $post['fieldvalue'] = $parser->parse_message($post[$fieldfid], $field_parser_options); } eval("\$post['profilefield'] .= \"" . $templates->get("postbit_profilefield") . "\";"); } } } eval("\$post['user_details'] = \"" . $templates->get("postbit_author_user") . "\";"); } else { // Message was posted by a guest or an unknown user $post['profilelink'] = format_name($post['username'], 1); if ($usergroup['usertitle']) { $post['usertitle'] = $usergroup['usertitle']; } else { $post['usertitle'] = $lang->guest; } $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); $usergroup['title'] = $lang->na; $post['userregdate'] = $lang->na; $post['postnum'] = $lang->na; $post['button_profile'] = ''; $post['button_email'] = ''; $post['button_www'] = ''; $post['signature'] = ''; $post['button_pm'] = $lang->na; $post['button_find'] = ''; $post['onlinestatus'] = ''; $post['replink'] = ''; eval("\$post['user_details'] = \"" . $templates->get("postbit_author_guest") . "\";"); } $post['button_edit'] = ''; $post['button_quickdelete'] = ''; $post['button_quickrestore'] = ''; $post['button_quote'] = ''; $post['button_quickquote'] = ''; $post['button_report'] = ''; $post['button_reply_pm'] = ''; $post['button_replyall_pm'] = ''; $post['button_forward_pm'] = ''; $post['button_delete_pm'] = ''; // For private messages, fetch the reply/forward/delete icons if ($post_type == 2 && $post['pmid']) { global $replyall; eval("\$post['button_reply_pm'] = \"" . $templates->get("postbit_reply_pm") . "\";"); eval("\$post['button_forward_pm'] = \"" . $templates->get("postbit_forward_pm") . "\";"); eval("\$post['button_delete_pm'] = \"" . $templates->get("postbit_delete_pm") . "\";"); if ($replyall == true) { eval("\$post['button_replyall_pm'] = \"" . $templates->get("postbit_replyall_pm") . "\";"); } } $post['editedmsg'] = ''; if (!$post_type) { // Figure out if we need to show an "edited by" message if ($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 || $mybb->settings['showeditedbyadmin'] != 0 && $usergroup['cancp'] == 1)) { //$post['editdate'] = my_date('relative', $post['edittime']); $post['editdate'] = $lang->na; $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate']); $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']); $editreason = ""; if ($post['editreason'] != "") { $post['editreason'] = $parser->parse_badwords($post['editreason']); $post['editreason'] = htmlspecialchars_uni($post['editreason']); eval("\$editreason = \"" . $templates->get("postbit_editedby_editreason") . "\";"); } eval("\$post['editedmsg'] = \"" . $templates->get("postbit_editedby") . "\";"); } $time = TIME_NOW; if (is_moderator($fid, "caneditposts") || $forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid'] && $thread['closed'] != 1 && $mybb->usergroup['edittimelimit'] == 0 && $mybb->user['uid'] != 0) { eval("\$post['button_edit'] = \"" . $templates->get("postbit_edit") . "\";"); } // Quick Delete button $can_delete_thread = $can_delete_post = 0; if ($mybb->user['uid'] == $post['uid'] && $thread['closed'] == 0) { if ($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) { $can_delete_thread = 1; } else { if ($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) { $can_delete_post = 1; } } } $postbit_qdelete = $postbit_qrestore = ''; if ($mybb->user['uid'] != 0) { if ((is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts") || $can_delete_post == 1) && $postcounter != 1) { $postbit_qdelete = $lang->postbit_qdelete_post; $display = ''; if ($post['visible'] == -1) { $display = "none"; } eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } else { if ((is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads") || $can_delete_thread == 1) && $postcounter == 1) { $postbit_qdelete = $lang->postbit_qdelete_thread; $display = ''; if ($post['visible'] == -1) { $display = "none"; } eval("\$post['button_quickdelete'] = \"" . $templates->get("postbit_quickdelete") . "\";"); } } // Restore Post if (is_moderator($fid, "canrestoreposts") && $postcounter != 1) { $display = "none"; if ($post['visible'] == -1) { $display = ''; } $postbit_qrestore = $lang->postbit_qrestore_post; eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";"); } else { if (is_moderator($fid, "canrestorethreads") && $postcounter == 1) { $display = "none"; if ($post['visible'] == -1) { $display = ""; } $postbit_qrestore = $lang->postbit_qrestore_thread; eval("\$post['button_quickrestore'] = \"" . $templates->get("postbit_quickrestore") . "\";"); } } } // Inline moderation stuff if ($ismod) { if (isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|" . $post['pid'] . "|")) { $inlinecheck = "checked=\"checked\""; $inlinecount++; } else { $inlinecheck = ""; } eval("\$post['inlinecheck'] = \"" . $templates->get("postbit_inlinecheck") . "\";"); if ($post['visible'] == 0) { $invisiblepost = 1; } } else { $post['inlinecheck'] = ""; } $post['postlink'] = get_post_link($post['pid'], $post['tid']); $post_number = my_number_format($postcounter); eval("\$post['posturl'] = \"" . $templates->get("postbit_posturl") . "\";"); global $forum, $thread; if ($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid'], "canpostclosedthreads")) && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1)) { eval("\$post['button_quote'] = \"" . $templates->get("postbit_quote") . "\";"); } if ($forumpermissions['canpostreplys'] != 0 && ($thread['uid'] == $mybb->user['uid'] || $forumpermissions['canonlyreplyownthreads'] != 1) && ($thread['closed'] != 1 || is_moderator($fid, "canpostclosedthreads")) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) { eval("\$post['button_multiquote'] = \"" . $templates->get("postbit_multiquote") . "\";"); } if ($mybb->user['uid'] != "0") { eval("\$post['button_report'] = \"" . $templates->get("postbit_report") . "\";"); } } elseif ($post_type == 3) { if ($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanageannounce'] == 1 && is_moderator($fid, "canmanageannouncements")) { eval("\$post['button_edit'] = \"" . $templates->get("announcement_edit") . "\";"); eval("\$post['button_quickdelete'] = \"" . $templates->get("announcement_quickdelete") . "\";"); } } $post['iplogged'] = ''; $show_ips = $mybb->settings['logip']; //$ipaddress = my_inet_ntop($db->unescape_binary($post['ipaddress'])); $ipaddress = '127.0.0.1'; // Show post IP addresses... PMs now can have IP addresses too as of 1.8! if ($post_type == 2) { $show_ips = $mybb->settings['showpmip']; } if (!$post_type || $post_type == 2) { if ($show_ips != "no" && !empty($post['ipaddress'])) { if ($show_ips == "show") { eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_show") . "\";"); } else { if ($show_ips == "hide" && (is_moderator($fid, "canviewips") || $mybb->usergroup['issupermod'])) { $action = 'getip'; if ($post_type == 2) { $action = 'getpmip'; } eval("\$post['iplogged'] = \"" . $templates->get("postbit_iplogged_hiden") . "\";"); } } } } if (isset($post['smilieoff']) && $post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_imgcode'] = 0; } if ($mybb->user['showvideos'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_videocode'] = 0; } // If we have incoming search terms to highlight - get it done. if (!empty($mybb->input['highlight'])) { $parser_options['highlight'] = $mybb->input['highlight']; $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']); } $post['message'] = $parser->parse_message($post['message'], $parser_options); // Validate key $keyinfo = user_key_info($post['uid']); $post['signstatus']; if ($keyinfo['status'] == "OK") { $post['signstatus'] = "<span style=\"color: #07a407;\" title=\"Fingerprint: {$keyinfo['fingerprint']}\">✓ podpisano przez {$post['profilelink']}</span>"; } // Jid link $ujid = user_jid($post['uid']); $post['jidlink'] = $ujid; // User key $post['userpubkey'] = $keyinfo['key']; if ($keyinfo['key'] != "") { eval("\$post['button_pubkey'] = \"" . $templates->get("postbit_pubkey") . "\";"); } else { $post['button_pubkey']; } $post['attachments'] = ''; if ($mybb->settings['enableattachments'] != 0) { get_post_attachments($id, $post); } if (isset($post['includesig']) && $post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts']) && !is_member($mybb->settings['hidesignatures'])) { $sig_parser = array("allow_html" => $mybb->settings['sightml'], "allow_mycode" => $mybb->settings['sigmycode'], "allow_smilies" => $mybb->settings['sigsmilies'], "allow_imgcode" => $mybb->settings['sigimgcode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($usergroup['signofollow']) { $sig_parser['nofollow_on'] = 1; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $sig_parser['allow_imgcode'] = 0; } $post['signature'] = $parser->parse_message($post['signature'], $sig_parser); eval("\$post['signature'] = \"" . $templates->get("postbit_signature") . "\";"); } else { $post['signature'] = ""; } $icon_cache = $cache->read("posticons"); if (isset($post['icon']) && $post['icon'] > 0 && $icon_cache[$post['icon']]) { $icon = $icon_cache[$post['icon']]; $icon['path'] = htmlspecialchars_uni($icon['path']); $icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']); $icon['name'] = htmlspecialchars_uni($icon['name']); eval("\$post['icon'] = \"" . $templates->get("postbit_icon") . "\";"); } else { $post['icon'] = ""; } $post_visibility = $ignore_bit = ''; switch ($post_type) { case 1: // Message preview $post = $plugins->run_hooks("postbit_prev", $post); break; case 2: // Private message $post = $plugins->run_hooks("postbit_pm", $post); break; case 3: // Announcement $post = $plugins->run_hooks("postbit_announcement", $post); break; default: // Regular post $post = $plugins->run_hooks("postbit", $post); // Is this author on the ignore list of the current user? Hide this post if (is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1) { $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']); eval("\$ignore_bit = \"" . $templates->get("postbit_ignored") . "\";"); $post_visibility = "display: none;"; } break; } if ($mybb->settings['postlayout'] == "classic") { eval("\$postbit = \"" . $templates->get("postbit_classic") . "\";"); } else { eval("\$postbit = \"" . $templates->get("postbit") . "\";"); } $GLOBALS['post'] = ""; return $postbit; }
function output_error($type, $message, $file, $line) { global $mybb, $parser; if (!$mybb->settings['bbname']) { $mybb->settings['bbname'] = "MyBB"; } if ($type == MYBB_SQL) { $title = "MyBB SQL Error"; $error_message = "<p>MyBB has experienced an internal SQL error and cannot continue.</p>"; if ($mybb->settings['errortypemedium'] == "both" || $mybb->settings['errortypemedium'] == "error" || defined("IN_INSTALL") || defined("IN_UPGRADE")) { $error_message .= "<dl>\n"; $error_message .= "<dt>SQL Error:</dt>\n<dd>{$message['error_no']} - {$message['error']}</dd>\n"; if ($message['query'] != "") { $error_message .= "<dt>Query:</dt>\n<dd>{$message['query']}</dd>\n"; } $error_message .= "</dl>\n"; } } else { $title = "MyBB Internal Error"; $error_message = "<p>MyBB has experienced an internal error and cannot continue.</p>"; if ($mybb->settings['errortypemedium'] == "both" || $mybb->settings['errortypemedium'] == "error" || defined("IN_INSTALL") || defined("IN_UPGRADE")) { $error_message .= "<dl>\n"; $error_message .= "<dt>Error Type:</dt>\n<dd>{$this->error_types[$type]} ({$type})</dd>\n"; $error_message .= "<dt>Error Message:</dt>\n<dd>{$message}</dd>\n"; if (!empty($file)) { $error_message .= "<dt>Location:</dt><dd>File: {$file}<br />Line: {$line}</dd>\n"; if (!@preg_match('#config\\.php|settings\\.php#', $file) && @file_exists($file)) { $code_pre = @file($file); $code = ""; if (isset($code_pre[$line - 4])) { $code .= $line - 3 . ". " . $code_pre[$line - 4]; } if (isset($code_pre[$line - 3])) { $code .= $line - 2 . ". " . $code_pre[$line - 3]; } if (isset($code_pre[$line - 2])) { $code .= $line - 1 . ". " . $code_pre[$line - 2]; } $code .= $line . ". " . $code_pre[$line - 1]; // The actual line. if (isset($code_pre[$line])) { $code .= $line + 1 . ". " . $code_pre[$line]; } if (isset($code_pre[$line + 1])) { $code .= $line + 2 . ". " . $code_pre[$line + 1]; } if (isset($code_pre[$line + 2])) { $code .= $line + 3 . ". " . $code_pre[$line + 2]; } unset($code_pre); $parser_exists = false; if (!is_object($parser) || !method_exists($parser, 'mycode_parse_php')) { if (@file_exists(MYBB_ROOT . "inc/class_parser.php")) { @(require_once MYBB_ROOT . "inc/class_parser.php"); $parser = new postParser(); $parser_exists = true; } } else { $parser_exists = true; } if ($parser_exists) { $code = $parser->mycode_parse_php($code, true); } else { $code = @nl2br($code); } $error_message .= "<dt>Code:</dt><dd>{$code}</dd>\n"; } } $backtrace = $this->generate_backtrace(); if ($backtrace && !in_array($type, $this->mybb_error_types)) { $error_message .= "<dt>Backtrace:</dt><dd>{$backtrace}</dd>\n"; } $error_message .= "</dl>\n"; } } if (isset($lang->settings['charset'])) { $charset = $lang->settings['charset']; } else { $charset = 'UTF-8'; } if (!headers_sent() && !defined("IN_INSTALL") && !defined("IN_UPGRADE")) { @header('HTTP/1.1 503 Service Temporarily Unavailable'); @header('Status: 503 Service Temporarily Unavailable'); @header('Retry-After: 1800'); @header("Content-type: text/html; charset={$charset}"); $_SERVER['PHP_SELF'] = htmlspecialchars_uni($_SERVER['PHP_SELF']); echo <<<EOF \t<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" > <head profile="http://gmpg.org/xfn/11"> \t<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> \t<title>{$mybb->settings['bbname']} - Internal Error</title> \t<style type="text/css"> \t\tbody { background: #efefef; color: #000; font-family: Verdana; font-size: 12px; text-align: center; line-height: 1.4; } \t\ta:link { color: #026CB1; text-decoration: none;\t} \t\ta:visited {\tcolor: #026CB1;\ttext-decoration: none; } \t\ta:hover, a:active {\tcolor: #000; text-decoration: underline; } \t\t#container { width: 600px; padding: 20px; background: #fff;\tborder: 1px solid #e4e4e4; margin: 100px auto; text-align: left; } \t\th1 { margin: 0; background: url({$_SERVER['PHP_SELF']}?action=mybb_logo) no-repeat;\theight: 82px; width: 248px; } \t\t#content { border: 1px solid #B60101; background: #fff; } \t\th2 { font-size: 12px; padding: 4px; background: #B60101; color: #fff; margin: 0; } \t\t.invisible { display: none; } \t\t#error { padding: 6px; } \t\t#footer { font-size: 11px; border-top: 1px solid #ccc; padding-top: 10px; } \t\tdt { font-weight: bold; } \t</style> </head> <body> \t<div id="container"> \t\t<div id="logo"> \t\t\t<h1><a href="http://mybb.com/" title="MyBulletinBoard"><span class="invisible">MyBB</span></a></h1> \t\t</div> \t\t<div id="content"> \t\t\t<h2>{$title}</h2> \t\t\t<div id="error"> \t\t\t\t{$error_message} \t\t\t\t<p id="footer">Please contact the <a href="http://mybb.com">MyBB Group</a> for support.</p> \t\t\t</div> \t\t</div> \t</div> </body> </html> EOF; } else { echo <<<EOF \t<style type="text/css"> \t\t#mybb_error_content { border: 1px solid #B60101; background: #fff; } \t\t#mybb_error_content h2 { font-size: 12px; padding: 4px; background: #B60101; color: #fff; margin: 0; } \t\t#mybb_error_error { padding: 6px; } \t\t#mybb_error_footer { font-size: 11px; border-top: 1px solid #ccc; padding-top: 10px; } \t\t#mybb_error_content dt { font-weight: bold; } \t</style> \t<div id="mybb_error_content"> \t\t<h2>{$title}</h2> \t\t<div id="mybb_error_error"> \t\t{$error_message} \t\t\t<p id="mybb_error_footer">Please contact the <a href="http://mybb.com">MyBB Group</a> for support.</p> \t\t</div> \t</div> EOF; } exit(1); }
function firstpreview_pm() { global $mybb, $db, $charset, $headerinclude, $header; $header = '<div class="arrow-down"></div>' . $header; // Add jQuery and noConflict for MyBB 1.6.* $jquery = ''; $noconflict = ''; if ($mybb->version < "1.7.0") { $jquery = '<script type="text/javascript"> //<![CDATA[ if (!window.jQuery) { document.write(unescape("%3Cscript src=\\"http://code.jquery.com/jquery-latest.min.js\\" type=\\"text/javascript\\"%3E%3C/script%3E")); } //]]> </script>'; $noconflict = 'jQuery.noConflict();'; } // Background color $bg_color = '#aaaaaa'; if (isset($mybb->settings['firstpreview_bg']) && preg_match('/^#([0-9a-f]{1,6})$/i', $mybb->settings['firstpreview_bg'])) { $bg_color = htmlspecialchars_uni($mybb->settings['firstpreview_bg']); } // Close button $close_preview = '#close_preview{display:none;cursor:pointer;background:#000;color:#fff;float:right;font-size:1em;font-weight:bold;text-align:center;width:20px;height:20px;border-radius:5px}'; if (isset($mybb->settings['firstpreview_close']) && $mybb->settings['firstpreview_close'] == 1) { $close_preview = '#close_preview{cursor:pointer;background:#000;color:#fff;float:right;font-size:1em;font-weight:bold;text-align:center;width:20px;height:20px;border-radius:5px}'; } // Insert the code $headerinclude .= ' <!-- start: first_preview_plugin --> <style type="text/css"> .modal_firstpost{text-align:left;border-radius:7px;-moz-border-radius:7px;-webkit-border-radius:7px;border:1px solid ' . $bgcolor . ';display:none;position:absolute;z-index:29000;width:390px;height:180px;overflow:hidden} .fpreview{z-index:29001;width:390px;height:180px;overflow:auto;background:' . $bg_color . '} .arrow-down{display:none;position:absolute;z-index:28999;width:0;height:0;border-left:20px solid transparent;border-right:20px solid transparent;border-top:20px solid ' . $bg_color . '} .prev_content{padding:10px;height:auto;word-wrap:break-word;-webkit-hyphens:auto;-moz-hyphens:auto;-ms-hyphens:auto;-o-hyphens:auto;hyphens:auto;background:none} ' . $close_preview . ' </style> ' . $jquery . ' <script type="text/javascript"> //<![CDATA[ ' . $noconflict . ' <!-- if(use_xmlhttprequest == 1) { jQuery(document).ready(function(e){e(".pmprev").on("touchenter mouseenter",function(){id=e(this).attr("id");pmid=id.replace(/[^\\d.]/g,"");var t=e(this).offset().left;var n=e(this).offset().top-200;showPost=setTimeout(function(){e.ajax({url:"private.php?pmid="+pmid+"&firstpm=1",type:"post",complete:function(t){e(".modal_firstpost").html(t.responseText)}});e(".modal_firstpost").fadeIn("slow");e(".modal_firstpost").css("top",n);e(".modal_firstpost").css("left",t);e(".arrow-down").fadeIn("slow");e(".arrow-down").css("top",n+180);e(".arrow-down").css("left",t+20);},1500)});e(".pmprev").on("mouseleave touchleave touchend",function(){clearTimeout(showPost);});e(".modal_firstpost").on("mouseleave touchmove",function(){e(".modal_firstpost").fadeOut("slow");e(".arrow-down").fadeOut("fast")});e(".modal_firstpost").on("click", "#close_preview", function(){e(".modal_firstpost").fadeOut("slow");e(".arrow-down").fadeOut("fast")})}); } //]]> </script> <!-- end: first_preview_plugin --> '; // Get the pm preview if (isset($mybb->input['firstpm']) && $mybb->input['firstpm'] == 1 && $mybb->request_method == "post") { $pmid = (int) $mybb->input['pmid']; $query = $db->simple_select('privatemessages', '*', "pmid = '" . $pmid . "'"); $pm = $db->fetch_array($query); // Load the users own messages only if ($pm['uid'] != $mybb->user['uid']) { return; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $pm['subject'] = htmlspecialchars_uni($parser->parse_badwords($pm['subject'])); $user = get_user($pm['fromid']); $idtype = 'pmid'; $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; $parser_options['me_username'] = $user['username']; $parser_options['filter_badwords'] = 1; $id = $pmid; $pm['message'] = $parser->parse_message($pm['message'], $parser_options); $pmdate = my_date($mybb->settings['dateformat'], $pm['dateline']); $pmtime = my_date($mybb->settings['timeformat'], $pm['dateline']); $pmsent = ' (' . $pmdate . ', ' . $pmtime . ')'; if (isset($mybb->settings['firstpreview_html']) && $mybb->settings['firstpreview_html'] != 1) { $pm['message'] = strip_tags($pm['message'], "<br><p><ul><ol><li>"); } if (!empty($mybb->settings['firstpreview_length']) && $mybb->settings['firstpreview_length'] != "0" && my_strlen($pm['message']) > (int) $mybb->settings['firstpreview_length']) { $pm['message'] = preg_replace("!<a([^>]+)>!isU", "", $pm['message']); $pm['message'] = str_replace("</a>", "", $pm['message']); $pm['message'] = my_substr($pm['message'], 0, (int) $mybb->settings['firstpreview_length']) . '...<p><a href="private.php?action=read&pmid=' . (int) $pm['pmid'] . '">more</a></p>'; } $preview = "<div class=\"fpreview\"><span id=\"close_preview\">❌</span>\n\t\t<div class=\"thead\" style=\"text-align:center; font-weight:bold; min-height:20px;\">" . $pm['subject'] . "</div>\n\t\t<div class=\"tcat\" style=\"padding-left:10px;\">" . build_profile_link(format_name(htmlspecialchars_uni($user['username']), (int) $user['usergroup'], (int) $user['displaygroup']), (int) $pm['fromid']) . "<span class=\"smalltext\">" . $pmsent . "</span></div>\n\t\t<div class=\"prev_content\">" . $pm['message'] . "</div>\n\t\t</div>"; header("Content-type: text/plain; charset={$charset}"); echo $preview; exit; } }
} else { $postinfo = $posthandler->update_post(); $visible = $postinfo['visible']; if ($visible == 0 && !is_moderator($post['fid'], "canviewunapprove")) { // Is it the first post? if ($thread['firstpost'] == $post['pid']) { echo json_encode(array("moderation_thread" => $lang->thread_moderation, 'url' => $mybb->settings['bburl'] . '/' . get_forum_link($thread['fid']), "message" => $post['message'])); exit; } else { echo json_encode(array("moderation_post" => $lang->post_moderation, 'url' => $mybb->settings['bburl'] . '/' . get_thread_link($thread['tid']), "message" => $post['message'])); exit; } } } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $parser_options = array("allow_html" => $forum['allowhtml'], "allow_mycode" => $forum['allowmycode'], "allow_smilies" => $forum['allowsmilies'], "allow_imgcode" => $forum['allowimgcode'], "allow_videocode" => $forum['allowvideocode'], "me_username" => $post['username'], "filter_badwords" => 1); if ($post['smilieoff'] == 1) { $parser_options['allow_smilies'] = 0; } if ($mybb->user['showimages'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_imgcode'] = 0; } if ($mybb->user['showvideos'] != 1 && $mybb->user['uid'] != 0 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0) { $parser_options['allow_videocode'] = 0; } $post['message'] = $parser->parse_message($message, $parser_options); // Now lets fetch all of the attachments for these posts. if ($mybb->settings['enableattachments'] != 0) { $query = $db->simple_select("attachments", "*", "pid='{$post['pid']}'"); while ($attachment = $db->fetch_array($query)) {
function newpoints_shop_page() { global $mybb, $db, $lang, $cache, $theme, $header, $templates, $plugins, $headerinclude, $footer, $options, $inline_errors; if (!$mybb->user['uid']) { return; } newpoints_lang_load("newpoints_shop"); if ($mybb->input['action'] == "do_shop") { verify_post_check($mybb->input['postcode']); $plugins->run_hooks("newpoints_do_shop_start"); switch ($mybb->input['shop_action']) { case 'buy': $plugins->run_hooks("newpoints_shop_buy_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } if (floatval($item['price']) > floatval($mybb->user['newpoints'])) { $errors[] = $lang->newpoints_shop_not_enough; } if ($item['infinite'] != 1 && $item['stock'] <= 0) { $errors[] = $lang->newpoints_shop_out_of_stock; } if ($item['limit'] != 0) { // Get how many items of this type we have in our inventory $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { $myitems = array(); } // If more than or equal to $item['limit'] -> FAILED if (count(array_keys($myitems, $item['iid'])) >= $item['limit']) { $errors[] = $lang->newpoints_shop_limit_reached; } } if (!empty($errors)) { $inline_errors = inline_error($errors, $lang->newpoints_shop_inline_errors); $mybb->input = array(); $mybb->input['action'] = 'shop'; } else { $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { $myitems = array(); } $myitems[] = $item['iid']; $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); // update stock if ($item['infinite'] != 1) { $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] - 1), 'iid=\'' . $item['iid'] . '\''); } // get money from user newpoints_addpoints($mybb->user['uid'], -floatval($item['price'])); if (!empty($item['pm'])) { // send PM if item has private message newpoints_send_pm(array('subject' => $lang->newpoints_shop_bought_item_pm_subject, 'message' => $item['pm'], 'touid' => $mybb->user['uid'], 'receivepms' => 1), -1); } $plugins->run_hooks("newpoints_shop_buy_end", $item); // log purchase newpoints_log('shop_purchase', $lang->sprintf($lang->newpoints_shop_purchased_log, $item['iid'], $item['price'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop", $lang->newpoints_shop_item_bought, $lang->newpoints_shop_item_bought_title); } break; case 'send': $plugins->run_hooks("newpoints_shop_send_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $lang->newpoints_shop_action = $lang->newpoints_shop_send_item; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 2; $shop_action = 'do_send'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"50%\"><strong>" . $lang->newpoints_shop_send_item_username . ":</strong><br /><small>" . $lang->newpoints_shop_send_item_message . "</small></td><td class=\"trow1\" width=\"50%\"><input type=\"text\" class=\"textbox\" name=\"username\" value=\"\"></td>"; $plugins->run_hooks("newpoints_shop_send_end"); eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";"); output_page($page); break; case 'do_send': $plugins->run_hooks("newpoints_shop_do_send_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $username = trim($mybb->input['username']); if (!($user = newpoints_getuser_byname($username))) { error($lang->newpoints_shop_invalid_user); } else { if ($user['uid'] == $mybb->user['uid']) { error($lang->newpoints_shop_cant_send_item_self); } // send item to the selected user $useritems = @unserialize($user['newpoints_items']); if (!$useritems) { $useritems = array(); } $useritems[] = $item['iid']; $db->update_query('users', array('newpoints_items' => serialize($useritems)), 'uid=\'' . $user['uid'] . '\''); // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); $plugins->run_hooks("newpoints_shop_do_send_end"); // send pm to user newpoints_send_pm(array('subject' => $lang->newpoints_shop_item_received_title, 'message' => $lang->sprintf($lang->newpoints_shop_item_received, htmlspecialchars_uni($mybb->user['username']), htmlspecialchars_uni($item['name'])), 'touid' => $user['uid'], 'receivepms' => 1), -1); // log newpoints_log('shop_send', $lang->sprintf($lang->newpoints_shop_sent_log, $item['iid'], $user['uid'], $user['username'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sent, $lang->newpoints_shop_item_sent_title); } break; case 'sell': $plugins->run_hooks("newpoints_shop_sell_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } $lang->newpoints_shop_action = $lang->newpoints_shop_sell_item; $item['name'] = htmlspecialchars_uni($item['name']); global $shop_action, $data, $colspan; $colspan = 1; $shop_action = 'do_sell'; $fields = '<input type="hidden" name="iid" value="' . $item['iid'] . '">'; $data = "<td class=\"trow1\" width=\"100%\">" . $lang->sprintf($lang->newpoints_shop_sell_item_confirm, htmlspecialchars_uni($item['name']), newpoints_format_points(floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])) . "</td>"; $plugins->run_hooks("newpoints_shop_sell_end"); eval("\$page = \"" . $templates->get('newpoints_shop_do_action') . "\";"); output_page($page); break; case 'do_sell': $plugins->run_hooks("newpoints_shop_do_sell_start"); // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $myitems = @unserialize($mybb->user['newpoints_items']); if (!$myitems) { error($lang->newpoints_shop_inventory_empty); } // make sure we own the item $key = array_search($item['iid'], $myitems); if ($key === false) { error($lang->newpoints_shop_selected_item_not_owned); } // remove item from our inventory unset($myitems[$key]); sort($myitems); $db->update_query('users', array('newpoints_items' => serialize($myitems)), 'uid=\'' . $mybb->user['uid'] . '\''); // update stock if ($item['infinite'] != 1) { $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] + 1), 'iid=\'' . $item['iid'] . '\''); } newpoints_addpoints($mybb->user['uid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent']); $plugins->run_hooks("newpoints_shop_do_sell_end"); // log newpoints_log('shop_sell', $lang->sprintf($lang->newpoints_shop_sell_log, $item['iid'], floatval($item['price']) * $mybb->settings['newpoints_shop_percent'])); redirect($mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems", $lang->newpoints_shop_item_sell, $lang->newpoints_shop_item_sell_title); break; default: error_no_permission(); } $plugins->run_hooks("newpoints_do_shop_end"); } // shop page if ($mybb->input['action'] == "shop") { $plugins->run_hooks("newpoints_shop_start"); if ($mybb->input['shop_action'] == 'view') { // check if the item exists if (!($item = newpoints_shop_get_item($mybb->input['iid']))) { error($lang->newpoints_shop_invalid_item); } // check if the item is assigned to category if (!($cat = newpoints_shop_get_category($item['cid']))) { error($lang->newpoints_shop_invalid_cat); } // check if we have permissions to view the parent category if (!newpoints_shop_check_permissions($cat['usergroups'])) { error_no_permission(); } if ($item['visible'] == 0 || $cat['visible'] == 0) { error_no_permission(); } $item['name'] = htmlspecialchars_uni($item['name']); $item['description'] = htmlspecialchars_uni($item['description']); // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } $item['price'] = newpoints_format_points($item['price']); if ($item['price'] > $mybb->user['newpoints']) { $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>'; } // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } if ($item['infinite'] == 1) { $item['stock'] = $lang->newpoints_shop_infinite; } else { $item['stock'] = intval($item['stock']); } if ($item['sendable'] == 1) { $item['sendable'] = $lang->newpoints_shop_yes; } else { $item['sendable'] = $lang->newpoints_shop_no; } if ($item['sellable'] == 1) { $item['sellable'] = $lang->newpoints_shop_yes; } else { $item['sellable'] = $lang->newpoints_shop_no; } eval("\$page = \"" . $templates->get('newpoints_shop_view_item') . "\";"); } elseif ($mybb->input['shop_action'] == 'myitems') { $uid = intval($mybb->input['uid']); $uidpart = ''; if ($uid > 0) { $user = get_user($uid); // we're viewing someone else's inventory if (!empty($user)) { // we can't view others inventories if we don't have enough previleges if ($mybb->settings['newpoints_shop_viewothers'] != 1 && $mybb->usergroup['cancp'] != 1 && $mybb->user['uid'] != $uid) { error_no_permission(); } $myitems = @unserialize($user['newpoints_items']); $lang->newpoints_shop_myitems = $lang->sprintf($lang->newpoints_shop_items_username, htmlspecialchars_uni($user['username'])); $uidpart = "&uid=" . $uid; // we need this for pagination } else { $myitems = @unserialize($mybb->user['newpoints_items']); } } else { $myitems = @unserialize($mybb->user['newpoints_items']); } $items = ''; $newrow = true; $invert_bgcolor = alt_trow(); if ($mybb->settings['newpoints_shop_sendable'] != 1) { $sendable = false; } else { $sendable = true; } if ($mybb->settings['newpoints_shop_sellable'] != 1) { $sellable = false; } else { $sellable = true; } require_once MYBB_ROOT . "inc/class_parser.php"; $parser = new postParser(); $parser_options = array('allow_mycode' => 1, 'allow_smilies' => 1, 'allow_imgcode' => 0, 'allow_html' => 0, 'filter_badwords' => 1); if (!empty($myitems)) { // pagination $per_page = 10; $mybb->input['page'] = intval($mybb->input['page']); if ($mybb->input['page'] && $mybb->input['page'] > 1) { $mybb->input['page'] = intval($mybb->input['page']); $start = $mybb->input['page'] * $per_page - $per_page; } else { $mybb->input['page'] = 1; $start = 0; } // total items $total_rows = $db->fetch_field($db->simple_select("newpoints_shop_items", "COUNT(iid) as items", 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')'), "items"); // multi-page if ($total_rows > $per_page) { $multipage = multipage($total_rows, $per_page, $mybb->input['page'], $mybb->settings['bburl'] . "/newpoints.php?action=shop&shop_action=myitems" . $uidpart); } $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND iid IN (' . implode(',', array_unique($myitems)) . ')', array('limit' => "{$start}, {$per_page}")); while ($item = $db->fetch_array($query)) { if ($newrow === true) { $trstart = '<tr>'; $trend = ''; $newrow = false; } elseif ($newrow === false) { $trstart = ''; $trend = '</tr>'; $newrow = true; } if ($sellable === true && $item['sellable']) { if ($sendable === true && $item['sendable']) { $tdstart = '<td width="50%">'; } else { $tdstart = '<td width="100%">'; } $sell = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="sell"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_sell . '"></form></td>'; } else { $sell = ''; } if ($sendable === true && $item['sendable']) { if ($sell == '') { $tdstart = '<td width="100%">'; } else { $tdstart = '<td width="50%">'; } $send = $tdstart . '<form action="newpoints.php" method="POST"><input type="hidden" name="action" value="do_shop"><input type="hidden" name="shop_action" value="send"><input type="hidden" name="iid" value="' . $item['iid'] . '"><input type="hidden" name="postcode" value="' . $mybb->post_code . '"><input type="submit" name="submit" value="' . $lang->newpoints_shop_send . '"></form></td>'; } else { $send = ''; } if (!$send && !$sell) { $send = $lang->newpoints_shop_no_options; } $item['description'] = $parser->parse_message($item['description'], $parser_options); // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 if (floatval($grouprules['items_rate']) == 0) { $item['price'] = 0; } else { $item['price'] = $item['price'] * floatval($grouprules['items_rate']); } $item['price'] = newpoints_format_points($item['price']); $item['quantity'] = count(array_keys($myitems, $item['iid'])); // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } $bgcolor = alt_trow(); $invert_bgcolor = alt_trow(); eval("\$items .= \"" . $trstart . $templates->get('newpoints_shop_myitems_item') . $trend . "\";"); } if (!$items) { eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";"); } else { if ($newrow === false) { eval("\$items .= \"" . $templates->get('newpoints_shop_myitems_item_empty') . "</tr>" . "\";"); $newrow = true; } } } else { eval("\$items = \"" . $templates->get('newpoints_shop_myitems_no_items') . "\";"); } eval("\$page = \"" . $templates->get('newpoints_shop_myitems') . "\";"); } else { // check group rules - primary group check $grouprules = newpoints_getrules('group', $mybb->user['usergroup']); if (!$grouprules) { $grouprules['items_rate'] = 1.0; } // no rule set so default income rate is 1 // if the group items rate is 0, the price of the item is 0 $itemsrate = floatval($grouprules['items_rate']); global $cats, $items; // get categories $query = $db->simple_select('newpoints_shop_categories', '*', '', array('order_by' => 'disporder', 'order_dir' => 'ASC')); while ($cat = $db->fetch_array($query)) { $categories[$cat['cid']] = $cat; } // get items and store them in their categories $query = $db->simple_select('newpoints_shop_items', '*', 'visible=1 AND cid>0', array('order_by' => 'disporder', 'order_dir' => 'ASC')); while ($item = $db->fetch_array($query)) { $items_array[$item['cid']][$item['iid']] = $item; } $cats = ''; $bgcolor = ''; $bgcolor = alt_trow(); // build items and categories if (!empty($categories)) { foreach ($categories as $cid => $category) { $items = ''; if ($category['items'] > 0 && !empty($items_array[$category['cid']])) { foreach ($items_array as $cid => $member) { if ($cid != $category['cid']) { continue; } $bgcolor = alt_trow(); foreach ($member as $iid => $item) { // skip hidden items if ($item['visible'] == 0) { continue; } if ($item['infinite'] == 1) { $item['stock'] = $lang->newpoints_shop_infinite; } if ($item['price'] > $mybb->user['newpoints']) { $enough_money = false; } else { $enough_money = true; } $item['name'] = htmlspecialchars_uni($item['name']); $item['description'] = htmlspecialchars_uni($item['description']); $item['price'] = newpoints_format_points($item['price'] * $itemsrate); // build icon if ($item['icon'] != '') { $item['icon'] = htmlspecialchars_uni($item['icon']); $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">'; } else { $item['icon'] = '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">'; } if (!$enough_money) { $item['price'] = '<span style="color: #FF0000;">' . $item['price'] . '</span>'; } eval("\$items .= \"" . $templates->get('newpoints_shop_item') . "\";"); } } } else { eval("\$items = \"" . $templates->get('newpoints_shop_no_items') . "\";"); } // if it's not visible, don't show it if ($category['visible'] == 0) { continue; } // check if we have permissions to view the category if (!newpoints_shop_check_permissions($category['usergroups'])) { continue; } // Expanded by default feature global $extdisplay, $expcolimage, $expdisplay, $expaltext, $icon; $expdisplay = ''; if (intval($category['expanded']) == 0) { $expcolimage = "collapse_collapsed.gif"; $expdisplay = "display: none;"; $expaltext = "[+]"; } else { $expcolimage = "collapse.gif"; $expaltext = "[-]"; } // build icon if ($category['icon'] != '') { $category['icon'] = htmlspecialchars_uni($category['icon']); $category['icon'] = '<img src="' . $mybb->settings['bburl'] . '/' . $category['icon'] . '" style="vertical-align:middle">'; } // sanitize html $category['description'] = htmlspecialchars_uni($category['description']); $category['name'] = htmlspecialchars_uni($category['name']); eval("\$cats .= \"" . $templates->get('newpoints_shop_category') . "\";"); } } else { eval("\$cats = \"" . $templates->get('newpoints_shop_no_cats') . "\";"); } eval("\$page = \"" . $templates->get('newpoints_shop') . "\";"); } $plugins->run_hooks("newpoints_shop_end"); // output page output_page($page); } }