[ Index ]

PHP Cross Reference of MyBB 1.8.21

title

Body

[close]

/ -> global.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  $working_dir = dirname(__FILE__);
  12  if(!$working_dir)
  13  {
  14      $working_dir = '.';
  15  }
  16  
  17  $shutdown_queries = $shutdown_functions = array();
  18  
  19  // Load main MyBB core file which begins all of the magic
  20  require_once $working_dir.'/inc/init.php';
  21  
  22  // Read the usergroups cache as well as the moderators cache
  23  $groupscache = $cache->read('usergroups');
  24  
  25  // If the groups cache doesn't exist, update it and re-read it
  26  if(!is_array($groupscache))
  27  {
  28      $cache->update_usergroups();
  29      $groupscache = $cache->read('usergroups');
  30  }
  31  
  32  $current_page = my_strtolower(basename(THIS_SCRIPT));
  33  
  34  // Send page headers - don't send no-cache headers for attachment.php
  35  if($current_page != 'attachment.php')
  36  {
  37      send_page_headers();
  38  }
  39  
  40  // Do not use session system for defined pages
  41  if((isset($mybb->input['action']) && isset($nosession[$mybb->input['action']])) || (isset($mybb->input['thumbnail']) && $current_page == 'attachment.php'))
  42  {
  43      define('NO_ONLINE', 1);
  44  }
  45  
  46  // Create session for this user
  47  require_once  MYBB_ROOT.'inc/class_session.php';
  48  $session = new session;
  49  $session->init();
  50  $mybb->session = &$session;
  51  
  52  $mybb->user['ismoderator'] = is_moderator(0, '', $mybb->user['uid']);
  53  
  54  // Set our POST validation code here
  55  $mybb->post_code = generate_post_check();
  56  
  57  // Set and load the language
  58  if(isset($mybb->input['language']) && $lang->language_exists($mybb->get_input('language')) && verify_post_check($mybb->get_input('my_post_key'), true))
  59  {
  60      $mybb->settings['bblanguage'] = $mybb->get_input('language');
  61      // If user is logged in, update their language selection with the new one
  62      if($mybb->user['uid'])
  63      {
  64          if(isset($mybb->cookies['mybblang']))
  65          {
  66              my_unsetcookie('mybblang');
  67          }
  68  
  69          $db->update_query('users', array('language' => $db->escape_string($mybb->settings['bblanguage'])), "uid = '{$mybb->user['uid']}'");
  70      }
  71      // Guest = cookie
  72      else
  73      {
  74          my_setcookie('mybblang', $mybb->settings['bblanguage']);
  75      }
  76      $mybb->user['language'] = $mybb->settings['bblanguage'];
  77  }
  78  // Cookied language!
  79  else if(!$mybb->user['uid'] && !empty($mybb->cookies['mybblang']) && $lang->language_exists($mybb->cookies['mybblang']))
  80  {
  81      $mybb->settings['bblanguage'] = $mybb->cookies['mybblang'];
  82  }
  83  else if(!isset($mybb->settings['bblanguage']))
  84  {
  85      $mybb->settings['bblanguage'] = 'english';
  86  }
  87  
  88  // Load language
  89  $lang->set_language($mybb->settings['bblanguage']);
  90  $lang->load('global');
  91  $lang->load('messages');
  92  
  93  // Wipe lockout cookie if enough time has passed
  94  if($mybb->cookies['lockoutexpiry'] && $mybb->cookies['lockoutexpiry'] < TIME_NOW)
  95  {
  96      my_unsetcookie('lockoutexpiry');
  97  }
  98  
  99  // Run global_start plugin hook now that the basics are set up
 100  $plugins->run_hooks('global_start');
 101  
 102  if(function_exists('mb_internal_encoding') && !empty($lang->settings['charset']))
 103  {
 104      @mb_internal_encoding($lang->settings['charset']);
 105  }
 106  
 107  // Select the board theme to use.
 108  $loadstyle = '';
 109  $load_from_forum = $load_from_user = 0;
 110  $style = array();
 111  
 112  // The user used our new quick theme changer
 113  if(isset($mybb->input['theme']) && verify_post_check($mybb->get_input('my_post_key'), true))
 114  {
 115      // Set up user handler.
 116      require_once  MYBB_ROOT.'inc/datahandlers/user.php';
 117      $userhandler = new UserDataHandler('update');
 118  
 119      $user = array(
 120          'uid'    => $mybb->user['uid'],
 121          'style'    => $mybb->get_input('theme', MyBB::INPUT_INT),
 122          'usergroup'    => $mybb->user['usergroup'],
 123          'additionalgroups'    => $mybb->user['additionalgroups']
 124      );
 125  
 126      $userhandler->set_data($user);
 127  
 128      // validate_user verifies the style if it is set in the data array.
 129      if($userhandler->validate_user())
 130      {
 131          $mybb->user['style'] = $user['style'];
 132  
 133          // If user is logged in, update their theme selection with the new one
 134          if($mybb->user['uid'])
 135          {
 136              if(isset($mybb->cookies['mybbtheme']))
 137              {
 138                  my_unsetcookie('mybbtheme');
 139              }
 140  
 141              $userhandler->update_user();
 142          }
 143          // Guest = cookie
 144          else
 145          {
 146              my_setcookie('mybbtheme', $user['style']);
 147          }
 148      }
 149  }
 150  // Cookied theme!
 151  else if(!$mybb->user['uid'] && !empty($mybb->cookies['mybbtheme']))
 152  {
 153      $mybb->user['style'] = (int)$mybb->cookies['mybbtheme'];
 154  }
 155  
 156  // This user has a custom theme set in their profile
 157  if(isset($mybb->user['style']) && (int)$mybb->user['style'] != 0)
 158  {
 159      $mybb->user['style'] = (int)$mybb->user['style'];
 160  
 161      $loadstyle = "tid = '{$mybb->user['style']}'";
 162      $load_from_user = 1;
 163  }
 164  
 165  $valid = array(
 166      'showthread.php',
 167      'forumdisplay.php',
 168      'newthread.php',
 169      'newreply.php',
 170      'ratethread.php',
 171      'editpost.php',
 172      'polls.php',
 173      'sendthread.php',
 174      'printthread.php',
 175      'moderation.php'
 176  );
 177  
 178  if(in_array($current_page, $valid))
 179  {
 180      cache_forums();
 181  
 182      // If we're accessing a post, fetch the forum theme for it and if we're overriding it
 183      if(isset($mybb->input['pid']) && THIS_SCRIPT != "polls.php")
 184      {
 185          $query = $db->simple_select("posts", "fid", "pid = '{$mybb->input['pid']}'", array("limit" => 1));
 186          $fid = $db->fetch_field($query, 'fid');
 187  
 188          if($fid)
 189          {
 190              $style = $forum_cache[$fid];
 191              $load_from_forum = 1;
 192          }
 193      }
 194      // We have a thread id and a forum id, we can easily fetch the theme for this forum
 195      else if(isset($mybb->input['tid']))
 196      {
 197          $query = $db->simple_select('threads', 'fid', "tid = '{$mybb->input['tid']}'", array('limit' => 1));
 198          $fid = $db->fetch_field($query, 'fid');
 199  
 200          if($fid)
 201          {
 202              $style = $forum_cache[$fid];
 203              $load_from_forum = 1;
 204          }
 205      }
 206      // If we're accessing poll results, fetch the forum theme for it and if we're overriding it
 207      else if(isset($mybb->input['pid']) && THIS_SCRIPT == "polls.php")
 208      {
 209          $query = $db->simple_select('threads', 'fid', "poll = '{$mybb->input['pid']}'", array('limit' => 1));
 210          $fid = $db->fetch_field($query, 'fid');
 211  
 212          if($fid)
 213          {
 214              $style = $forum_cache[$fid];
 215              $load_from_forum = 1;
 216          }
 217      }
 218      // We have a forum id - simply load the theme from it
 219      else if(isset($mybb->input['fid']) && isset($forum_cache[$mybb->input['fid']]))
 220      {
 221          $style = $forum_cache[$mybb->input['fid']];
 222          $load_from_forum = 1;
 223      }
 224  }
 225  unset($valid);
 226  
 227  // From all of the above, a theme was found
 228  if(isset($style['style']) && $style['style'] > 0)
 229  {
 230      $style['style'] = (int)$style['style'];
 231  
 232      // This theme is forced upon the user, overriding their selection
 233      if($style['overridestyle'] == 1 || !isset($mybb->user['style']))
 234      {
 235          $loadstyle = "tid = '{$style['style']}'";
 236      }
 237  }
 238  
 239  // After all of that no theme? Load the board default
 240  if(empty($loadstyle))
 241  {
 242      $loadstyle = "def='1'";
 243  }
 244  
 245  // Fetch the theme to load from the cache
 246  if($loadstyle != "def='1'")
 247  {
 248      $query = $db->simple_select('themes', 'name, tid, properties, stylesheets, allowedgroups', $loadstyle, array('limit' => 1));
 249      $theme = $db->fetch_array($query);
 250  
 251      if(isset($theme['tid']) && !$load_from_forum && !is_member($theme['allowedgroups']) && $theme['allowedgroups'] != 'all')
 252      {
 253          if($load_from_user == 1)
 254          {
 255              $db->update_query('users', array('style' => 0), "style='{$mybb->user['style']}' AND uid='{$mybb->user['uid']}'");
 256          }
 257  
 258          if(isset($mybb->cookies['mybbtheme']))
 259          {
 260              my_unsetcookie('mybbtheme');
 261          }
 262  
 263          $loadstyle = "def='1'";
 264      }
 265  }
 266  
 267  if($loadstyle == "def='1'")
 268  {
 269      if(!$cache->read('default_theme'))
 270      {
 271          $cache->update_default_theme();
 272      }
 273  
 274      $theme = $cache->read('default_theme');
 275  
 276      $load_from_forum = $load_from_user = 0;
 277  }
 278  
 279  // No theme was found - we attempt to load the master or any other theme
 280  if(!isset($theme['tid']) || isset($theme['tid']) && !$theme['tid'])
 281  {
 282      // Missing theme was from a forum, run a query to set any forums using the theme to the default
 283      if($load_from_forum == 1)
 284      {
 285          $db->update_query('forums', array('style' => 0), "style = '{$style['style']}'");
 286      }
 287      // Missing theme was from a user, run a query to set any users using the theme to the default
 288      else if($load_from_user == 1)
 289      {
 290          $db->update_query('users', array('style' => 0), "style = '{$mybb->user['style']}'");
 291      }
 292  
 293      // Attempt to load the master or any other theme if the master is not available
 294      $query = $db->simple_select('themes', 'name, tid, properties, stylesheets', '', array('order_by' => 'tid', 'limit' => 1));
 295      $theme = $db->fetch_array($query);
 296  }
 297  $theme = @array_merge($theme, my_unserialize($theme['properties']));
 298  
 299  // Fetch all necessary stylesheets
 300  $stylesheets = '';
 301  $theme['stylesheets'] = my_unserialize($theme['stylesheets']);
 302  $stylesheet_scripts = array("global", basename($_SERVER['PHP_SELF']));
 303  if(!empty($theme['color']))
 304  {
 305      $stylesheet_scripts[] = $theme['color'];
 306  }
 307  $stylesheet_actions = array("global");
 308  if(!empty($mybb->input['action']))
 309  {
 310      $stylesheet_actions[] = $mybb->get_input('action');
 311  }
 312  foreach($stylesheet_scripts as $stylesheet_script)
 313  {
 314      // Load stylesheets for global actions and the current action
 315      foreach($stylesheet_actions as $stylesheet_action)
 316      {
 317          if(!$stylesheet_action)
 318          {
 319              continue;
 320          }
 321  
 322          if(!empty($theme['stylesheets'][$stylesheet_script][$stylesheet_action]))
 323          {
 324              // Actually add the stylesheets to the list
 325              foreach($theme['stylesheets'][$stylesheet_script][$stylesheet_action] as $page_stylesheet)
 326              {
 327                  if(!empty($already_loaded[$page_stylesheet]))
 328                  {
 329                      continue;
 330                  }
 331  
 332                  if(strpos($page_stylesheet, 'css.php') !== false)
 333                  {
 334                      $stylesheet_url = $mybb->settings['bburl'] . '/' . $page_stylesheet;
 335                  }
 336                  else
 337                  {
 338                      $stylesheet_url = $mybb->get_asset_url($page_stylesheet);
 339                  }
 340  
 341                  if($mybb->settings['minifycss'])
 342                  {
 343                      $stylesheet_url = str_replace('.css', '.min.css', $stylesheet_url);
 344                  }
 345  
 346                  if(strpos($page_stylesheet, 'css.php') !== false)
 347                  {
 348                      // We need some modification to get it working with the displayorder
 349                      $query_string = parse_url($stylesheet_url, PHP_URL_QUERY);
 350                      $id = (int) my_substr($query_string, 11);
 351                      $query = $db->simple_select("themestylesheets", "name", "sid={$id}");
 352                      $real_name = $db->fetch_field($query, "name");
 353                      $theme_stylesheets[$real_name] = $id;
 354                  }
 355                  else
 356                  {
 357                      $theme_stylesheets[basename($page_stylesheet)] = "<link type=\"text/css\" rel=\"stylesheet\" href=\"{$stylesheet_url}\" />\n";
 358                  }
 359  
 360                  $already_loaded[$page_stylesheet] = 1;
 361              }
 362          }
 363      }
 364  }
 365  unset($actions);
 366  
 367  $css_php_script_stylesheets = array();
 368  
 369  if(!empty($theme_stylesheets) && is_array($theme['disporder']))
 370  {
 371      foreach($theme['disporder'] as $style_name => $order)
 372      {
 373          if(!empty($theme_stylesheets[$style_name]))
 374          {
 375              if(is_int($theme_stylesheets[$style_name]))
 376              {
 377                  $css_php_script_stylesheets[] = $theme_stylesheets[$style_name];
 378              }
 379              else
 380              {
 381                  $stylesheets .= $theme_stylesheets[$style_name];
 382              }
 383          }
 384      }
 385  }
 386  
 387  if(!empty($css_php_script_stylesheets))
 388  {
 389      $sheet = $mybb->settings['bburl'] . '/css.php?' . http_build_query(array(
 390          'stylesheet' => $css_php_script_stylesheets
 391          ));
 392  
 393      $stylesheets .= "<link type=\"text/css\" rel=\"stylesheet\" href=\"{$sheet}\" />\n";
 394  }
 395  
 396  // Are we linking to a remote theme server?
 397  if(my_validate_url($theme['imgdir']))
 398  {
 399      // If a language directory for the current language exists within the theme - we use it
 400      if(!empty($mybb->user['language']))
 401      {
 402          $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];
 403      }
 404      else
 405      {
 406          // Check if a custom language directory exists for this theme
 407          if(!empty($mybb->settings['bblanguage']))
 408          {
 409              $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
 410          }
 411          // Otherwise, the image language directory is the same as the language directory for the theme
 412          else
 413          {
 414              $theme['imglangdir'] = $theme['imgdir'];
 415          }
 416      }
 417  }
 418  else
 419  {
 420      $img_directory = $theme['imgdir'];
 421  
 422      if($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath']))
 423      {
 424          $img_directory = rtrim($mybb->settings['cdnpath'], '/') . '/' . ltrim($theme['imgdir'], '/');
 425      }
 426  
 427      if(!@is_dir($img_directory))
 428      {
 429          $theme['imgdir'] = 'images';
 430      }
 431  
 432      // If a language directory for the current language exists within the theme - we use it
 433      if(!empty($mybb->user['language']) && is_dir($img_directory.'/'.$mybb->user['language']))
 434      {
 435          $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];
 436      }
 437      else
 438      {
 439          // Check if a custom language directory exists for this theme
 440          if(is_dir($img_directory.'/'.$mybb->settings['bblanguage']))
 441          {
 442              $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
 443          }
 444          // Otherwise, the image language directory is the same as the language directory for the theme
 445          else
 446          {
 447              $theme['imglangdir'] = $theme['imgdir'];
 448          }
 449      }
 450  
 451      $theme['imgdir'] = $mybb->get_asset_url($theme['imgdir']);
 452      $theme['imglangdir'] = $mybb->get_asset_url($theme['imglangdir']);
 453  }
 454  
 455  // Theme logo - is it a relative URL to the forum root? Append bburl
 456  if(!preg_match("#^(\.\.?(/|$)|([a-z0-9]+)://)#i", $theme['logo']) && substr($theme['logo'], 0, 1) != '/')
 457  {
 458      $theme['logo'] = $mybb->get_asset_url($theme['logo']);
 459  }
 460  
 461  // Load Main Templates and Cached Templates
 462  if(isset($templatelist))
 463  {
 464      $templatelist .= ',';
 465  }
 466  else
 467  {
 468      $templatelist = '';
 469  }
 470  
 471  $templatelist .= "headerinclude,header,footer,gobutton,htmldoctype,header_welcomeblock_member,header_welcomeblock_member_user,header_welcomeblock_member_moderator,header_welcomeblock_member_admin,error";
 472  $templatelist .= ",global_pending_joinrequests,global_awaiting_activation,nav,nav_sep,nav_bit,nav_sep_active,nav_bit_active,footer_languageselect,footer_themeselect,global_unreadreports,footer_contactus";
 473  $templatelist .= ",global_boardclosed_warning,global_bannedwarning,error_inline,error_inline_item,error_nopermission_loggedin,error_nopermission,global_pm_alert,header_menu_search,header_menu_portal,redirect,footer_languageselect_option";
 474  $templatelist .= ",video_dailymotion_embed,video_facebook_embed,video_liveleak_embed,video_metacafe_embed,video_myspacetv_embed,video_mixer_embed,video_vimeo_embed,video_yahoo_embed,video_youtube_embed,debug_summary";
 475  $templatelist .= ",smilieinsert_row,smilieinsert_row_empty,smilieinsert,smilieinsert_getmore,smilieinsert_smilie,global_board_offline_modal,footer_showteamlink,footer_themeselector,task_image,usercp_themeselector_option,php_warnings";
 476  $templatelist .= ",mycode_code,mycode_email,mycode_img,mycode_php,mycode_quote_post,mycode_size_int,mycode_url,global_no_permission_modal,global_boardclosed_reason,nav_dropdown,global_remote_avatar_notice,global_modqueue,global_modqueue_notice";
 477  $templatelist .= ",header_welcomeblock_member_buddy,header_welcomeblock_member_pms,header_welcomeblock_member_search,header_welcomeblock_guest,header_welcomeblock_guest_login_modal,header_welcomeblock_guest_login_modal_lockout";
 478  $templatelist .= ",header_menu_calendar,header_menu_memberlist,global_dst_detection,header_quicksearch,smilie,modal,modal_button";
 479  $templates->cache($db->escape_string($templatelist));
 480  
 481  // Set the current date and time now
 482  $datenow = my_date($mybb->settings['dateformat'], TIME_NOW, '', false);
 483  $timenow = my_date($mybb->settings['timeformat'], TIME_NOW);
 484  $lang->welcome_current_time = $lang->sprintf($lang->welcome_current_time, $datenow . $lang->comma . $timenow);
 485  
 486  // Format the last visit date of this user appropriately
 487  if(isset($mybb->user['lastvisit']))
 488  {
 489      $lastvisit = my_date('relative', $mybb->user['lastvisit'], '', 2);
 490  }
 491  // Otherwise, they've never visited before
 492  else
 493  {
 494      $lastvisit = $lang->lastvisit_never;
 495  }
 496  
 497  $plugins->run_hooks('global_intermediate');
 498  
 499  // If the board is closed and we have a usergroup allowed to view the board when closed, then show board closed warning
 500  $bbclosedwarning = '';
 501  if($mybb->settings['boardclosed'] == 1 && $mybb->usergroup['canviewboardclosed'] == 1)
 502  {
 503      eval('$bbclosedwarning = "'.$templates->get('global_boardclosed_warning').'";');
 504  }
 505  
 506  // Prepare the main templates for use
 507  $admincplink = $modcplink = $usercplink = '';
 508  
 509  // Load appropriate welcome block for the current logged in user
 510  if($mybb->user['uid'] != 0)
 511  {
 512      // User can access the admin cp and we're not hiding admin cp links, fetch it
 513      if($mybb->usergroup['cancp'] == 1 && $mybb->config['hide_admin_links'] != 1)
 514      {
 515          $admin_dir = $config['admin_dir'];
 516          eval('$admincplink = "'.$templates->get('header_welcomeblock_member_admin').'";');
 517      }
 518  
 519      if($mybb->usergroup['canmodcp'] == 1)
 520      {
 521          eval('$modcplink = "'.$templates->get('header_welcomeblock_member_moderator').'";');
 522      }
 523  
 524      if($mybb->usergroup['canusercp'] == 1)
 525      {
 526          eval('$usercplink = "'.$templates->get('header_welcomeblock_member_user').'";');
 527      }
 528  
 529      // Format the welcome back message
 530      $lang->welcome_back = $lang->sprintf($lang->welcome_back, build_profile_link(htmlspecialchars_uni($mybb->user['username']), $mybb->user['uid']), $lastvisit);
 531  
 532      $buddylink = $searchlink = $pmslink = '';
 533  
 534      if(!empty($mybb->user['buddylist']))
 535      {
 536          eval('$buddylink = "' . $templates->get('header_welcomeblock_member_buddy') . '";');
 537      }
 538      
 539      if($mybb->usergroup['cansearch'] == 1)
 540      {
 541          eval('$searchlink = "'.$templates->get('header_welcomeblock_member_search').'";');
 542      }
 543  
 544      // Tell the user their PM usage
 545      if($mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] == 1)
 546      {
 547          $lang->welcome_pms_usage = $lang->sprintf($lang->welcome_pms_usage, my_number_format($mybb->user['pms_unread']), my_number_format($mybb->user['pms_total']));
 548  
 549          eval('$pmslink = "'.$templates->get('header_welcomeblock_member_pms').'";');
 550      }
 551  
 552      eval('$welcomeblock = "'.$templates->get('header_welcomeblock_member').'";');
 553  }
 554  // Otherwise, we have a guest
 555  else
 556  {
 557      switch($mybb->settings['username_method'])
 558      {
 559          case 0:
 560              $login_username = $lang->login_username;
 561              break;
 562          case 1:
 563              $login_username = $lang->login_username1;
 564              break;
 565          case 2:
 566              $login_username = $lang->login_username2;
 567              break;
 568          default:
 569              $login_username = $lang->login_username;
 570              break;
 571      }
 572  
 573      if($mybb->cookies['lockoutexpiry'])
 574      {
 575          $secsleft = (int)($mybb->cookies['lockoutexpiry'] - TIME_NOW);
 576          $hoursleft = floor($secsleft / 3600);
 577          $minsleft = floor(($secsleft / 60) % 60);
 578          $secsleft = floor($secsleft % 60);
 579  
 580          $lang->failed_login_wait = $lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft);
 581  
 582          eval('$loginform = "'.$templates->get('header_welcomeblock_guest_login_modal_lockout').'";');
 583      }
 584      else
 585      {
 586          eval('$loginform = "'.$templates->get('header_welcomeblock_guest_login_modal').'";');
 587      }
 588  
 589      eval('$welcomeblock = "'.$templates->get('header_welcomeblock_guest').'";');
 590  }
 591  
 592  // Display menu links and quick search if user has permission
 593  $menu_search = $menu_memberlist = $menu_portal = $menu_calendar = $quicksearch = '';
 594  if($mybb->usergroup['cansearch'] == 1)
 595  {
 596      eval('$menu_search = "'.$templates->get('header_menu_search').'";');
 597      eval('$quicksearch = "'.$templates->get('header_quicksearch').'";');
 598  }
 599  
 600  if($mybb->settings['enablememberlist'] == 1 && $mybb->usergroup['canviewmemberlist'] == 1)
 601  {
 602      eval('$menu_memberlist = "'.$templates->get('header_menu_memberlist').'";');
 603  }
 604  
 605  if($mybb->settings['enablecalendar'] == 1 && $mybb->usergroup['canviewcalendar'] == 1)
 606  {
 607      eval('$menu_calendar = "'.$templates->get('header_menu_calendar').'";');
 608  }
 609  
 610  if($mybb->settings['portal'] == 1)
 611  {
 612      eval('$menu_portal = "'.$templates->get('header_menu_portal').'";');
 613  }
 614  
 615  // See if there are any pending join requests for group leaders
 616  $pending_joinrequests = '';
 617  $groupleaders = $cache->read('groupleaders');
 618  if($mybb->user['uid'] != 0 && is_array($groupleaders) && array_key_exists($mybb->user['uid'], $groupleaders))
 619  {
 620      $groupleader = $groupleaders[$mybb->user['uid']];
 621      $showjoinnotice = false;
 622  
 623      $gids = "'0'";
 624      foreach($groupleader as $user)
 625      {
 626          if($user['canmanagerequests'] != 1)
 627          {
 628              continue;
 629          }
 630  
 631          $user['gid'] = (int)$user['gid'];
 632  
 633          if(!empty($groupscache[$user['gid']]['joinable']) && $groupscache[$user['gid']]['joinable'] == 1)
 634          {
 635              $showjoinnotice = true;
 636              $gids .= ",'{$user['gid']}'";
 637          }
 638      }
 639  
 640      if($showjoinnotice)
 641      {
 642          $query = $db->simple_select('joinrequests', 'COUNT(uid) as total', "gid IN ({$gids}) AND invite='0'");
 643          $total_joinrequests = $db->fetch_field($query, 'total');
 644  
 645          if($total_joinrequests > 0)
 646          {
 647              if($total_joinrequests == 1)
 648              {
 649                  $lang->pending_joinrequests = $lang->pending_joinrequest;
 650              }
 651              else
 652              {
 653                  $total_joinrequests = my_number_format($total_joinrequests);
 654                  $lang->pending_joinrequests = $lang->sprintf($lang->pending_joinrequests, $total_joinrequests);
 655              }
 656  
 657              eval('$pending_joinrequests = "'.$templates->get('global_pending_joinrequests').'";');
 658          }
 659      }
 660  }
 661  
 662  $modnotice = '';
 663  $moderation_queue = array();
 664  
 665  // This user is a moderator, super moderator or administrator
 666  if($mybb->settings['reportmethod'] == "db" && ($mybb->usergroup['cancp'] == 1 || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1)))
 667  {
 668      // Only worth checking if we are here because we have ACP permissions and the other condition fails
 669      if($mybb->usergroup['cancp'] == 1 && !($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1))
 670      {
 671          // First we check if the user's a super admin: if yes, we don't care about permissions
 672          $can_access_moderationqueue = true;
 673          $is_super_admin = is_super_admin($mybb->user['uid']);
 674          if(!$is_super_admin)
 675          {
 676              // Include admin functions
 677              if(!file_exists(MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php"))
 678              {
 679                  $can_access_moderationqueue = false;
 680              }
 681  
 682              require_once MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php";
 683  
 684              // Verify if we have permissions to access forum-moderation_queue
 685              require_once MYBB_ROOT.$mybb->config['admin_dir']."/modules/forum/module_meta.php";
 686              if(function_exists("forum_admin_permissions"))
 687              {
 688                  // Get admin permissions
 689                  $adminperms = get_admin_permissions($mybb->user['uid']);
 690  
 691                  $permissions = forum_admin_permissions();
 692                  if(array_key_exists('moderation_queue', $permissions['permissions']) && $adminperms['forum']['moderation_queue'] != 1)
 693                  {
 694                      $can_access_moderationqueue = false;
 695                  }
 696              }
 697          }
 698      }
 699      else
 700      {
 701          $can_access_moderationqueue = false;
 702      }
 703  
 704      if($can_access_moderationqueue || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1))
 705      {
 706          // Read the reported content cache
 707          $reported = $cache->read('reportedcontent');
 708  
 709          // 0 or more reported items currently exist
 710          if($reported['unread'] > 0)
 711          {
 712              // We want to avoid one extra query for users that can moderate any forum
 713              if($mybb->usergroup['cancp'] || $mybb->usergroup['issupermod'])
 714              {
 715                  $unread = (int)$reported['unread'];
 716              }
 717              else
 718              {
 719                  $unread = 0;
 720                  $query = $db->simple_select('reportedcontent', 'id3', "reportstatus='0' AND (type = 'post' OR type = '')");
 721  
 722                  while($fid = $db->fetch_field($query, 'id3'))
 723                  {
 724                      if(is_moderator($fid, "canmanagereportedposts"))
 725                      {
 726                          ++$unread;
 727                      }
 728                  }
 729              }
 730  
 731              if($unread > 0)
 732              {
 733                  if($unread == 1)
 734                  {
 735                      $lang->unread_reports = $lang->unread_report;
 736                  }
 737                  else
 738                  {
 739                      $lang->unread_reports = $lang->sprintf($lang->unread_reports, my_number_format($unread));
 740                  }
 741                  
 742                  eval('$moderation_queue[] = "'.$templates->get('global_unreadreports', 1, 0).'";');
 743              }
 744          }
 745      }
 746  }
 747  
 748  // Get awaiting moderation queue stats
 749  if($can_access_moderationqueue || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagemodqueue'] == 1))
 750  {
 751      $unapproved_posts = $unapproved_threads = 0;
 752      $query = $db->simple_select("posts", "replyto", "visible = 0");
 753      while($unapproved = $db->fetch_array($query))
 754      {
 755          if($unapproved["replyto"] == 0){
 756              $unapproved_threads++;
 757          } else {
 758              $unapproved_posts++;
 759          }
 760      }
 761  
 762      $query = $db->simple_select("attachments", "COUNT(aid) AS unapprovedattachments", "visible=0");
 763      $unapproved_attachments = $db->fetch_field($query, "unapprovedattachments");
 764  
 765      $modqueue_types = array('threads', 'posts', 'attachments');
 766  
 767      foreach($modqueue_types as $modqueue_type)
 768      {
 769          if(!empty(${'unapproved_'.$modqueue_type}))
 770          {
 771              if(${'unapproved_'.$modqueue_type} == 1)
 772              {
 773                  $modqueue_message = $lang->{'unapproved_'.substr($modqueue_type, 0, -1)};
 774              }
 775              else
 776              {
 777                  $modqueue_message = $lang->sprintf($lang->{'unapproved_'.$modqueue_type}, my_number_format(${'unapproved_'.$modqueue_type}));
 778              }
 779  
 780              eval('$moderation_queue[] = "'.$templates->get('global_modqueue', 1, 0).'";');
 781          }
 782      }
 783  }
 784  
 785  if(!empty($moderation_queue))
 786  {
 787      $moderation_queue_last = array_pop($moderation_queue);
 788      if(empty($moderation_queue))
 789      {
 790          $moderation_queue = $moderation_queue_last;
 791      }
 792      else
 793      {
 794          $moderation_queue = implode($lang->comma, $moderation_queue).' '.$lang->and.' '.$moderation_queue_last;
 795      }
 796      $moderation_queue = $lang->sprintf($lang->mod_notice, $moderation_queue);
 797  
 798      eval('$modnotice = "'.$templates->get('global_modqueue_notice').'";');
 799  }
 800  
 801  // Got a character set?
 802  $charset = 'UTF-8';
 803  if(isset($lang->settings['charset']) && $lang->settings['charset'])
 804  {
 805      $charset = $lang->settings['charset'];
 806  }
 807  
 808  // Is this user apart of a banned group?
 809  $bannedwarning = '';
 810  if($mybb->usergroup['isbannedgroup'] == 1)
 811  {
 812      // Fetch details on their ban
 813      $query = $db->simple_select('banned', '*', "uid = '{$mybb->user['uid']}'", array('limit' => 1));
 814      $ban = $db->fetch_array($query);
 815  
 816      if($ban['uid'])
 817      {
 818          // Format their ban lift date and reason appropriately
 819          $banlift = $lang->banned_lifted_never;
 820          $reason = htmlspecialchars_uni($ban['reason']);
 821  
 822          if($ban['lifted'] > 0)
 823          {
 824              $banlift = my_date('normal', $ban['lifted']);
 825          }
 826      }
 827  
 828      if(empty($reason))
 829      {
 830          $reason = $lang->unknown;
 831      }
 832  
 833      if(empty($banlift))
 834      {
 835          $banlift = $lang->unknown;
 836      }
 837  
 838      // Display a nice warning to the user
 839      eval('$bannedwarning = "'.$templates->get('global_bannedwarning').'";');
 840  }
 841  
 842  $lang->ajax_loading = str_replace("'", "\\'", $lang->ajax_loading);
 843  
 844  // Check if this user has a new private message.
 845  $pm_notice = '';
 846  if(isset($mybb->user['pmnotice']) && $mybb->user['pmnotice'] == 2 && $mybb->user['pms_unread'] > 0 && $mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] != 0 && $mybb->usergroup['canview'] != 0 && ($current_page != "private.php" || $mybb->get_input('action') != "read"))
 847  {
 848      if(!isset($parser))
 849      {
 850          require_once  MYBB_ROOT.'inc/class_parser.php';
 851          $parser = new postParser;
 852      }
 853  
 854      $query = $db->query("
 855          SELECT pm.subject, pm.pmid, fu.username AS fromusername, fu.uid AS fromuid
 856          FROM ".TABLE_PREFIX."privatemessages pm
 857          LEFT JOIN ".TABLE_PREFIX."users fu on (fu.uid=pm.fromid)
 858          WHERE pm.folder = '1' AND pm.uid = '{$mybb->user['uid']}' AND pm.status = '0'
 859          ORDER BY pm.dateline DESC
 860          LIMIT 1
 861      ");
 862  
 863      $pm = $db->fetch_array($query);
 864      $pm['subject'] = $parser->parse_badwords($pm['subject']);
 865  
 866      if($pm['fromuid'] == 0)
 867      {
 868          $pm['fromusername'] = $lang->mybb_engine;
 869          $user_text = $pm['fromusername'];
 870      }
 871      else
 872      {
 873          $pm['fromusername'] = htmlspecialchars_uni($pm['fromusername']);
 874          $user_text = build_profile_link($pm['fromusername'], $pm['fromuid']);
 875      }
 876  
 877      if($mybb->user['pms_unread'] == 1)
 878      {
 879          $privatemessage_text = $lang->sprintf($lang->newpm_notice_one, $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject']));
 880      }
 881      else
 882      {
 883          $privatemessage_text = $lang->sprintf($lang->newpm_notice_multiple, $mybb->user['pms_unread'], $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject']));
 884      }
 885      eval('$pm_notice = "'.$templates->get('global_pm_alert').'";');
 886  }
 887  
 888  $remote_avatar_notice = '';
 889  if(($mybb->user['avatartype'] === 'remote' || $mybb->user['avatartype'] === 'gravatar') && !$mybb->settings['allowremoteavatars'])
 890  {
 891      eval('$remote_avatar_notice = "'.$templates->get('global_remote_avatar_notice').'";');
 892  }
 893  
 894  if($mybb->settings['awactialert'] == 1 && $mybb->usergroup['cancp'] == 1)
 895  {
 896      $awaitingusers = $cache->read('awaitingactivation');
 897  
 898      if(isset($awaitingusers['time']) && $awaitingusers['time'] + 86400 < TIME_NOW)
 899      {
 900          $cache->update_awaitingactivation();
 901          $awaitingusers = $cache->read('awaitingactivation');
 902      }
 903  
 904      if(!empty($awaitingusers['users']))
 905      {
 906          $awaitingusers = (int)$awaitingusers['users'];
 907      }
 908      else
 909      {
 910          $awaitingusers = 0;
 911      }
 912  
 913      if($awaitingusers < 1)
 914      {
 915          $awaitingusers = 0;
 916      }
 917      else
 918      {
 919          $awaitingusers = my_number_format($awaitingusers);
 920      }
 921  
 922      if($awaitingusers > 0)
 923      {
 924          if($awaitingusers == 1)
 925          {
 926              $awaiting_message = $lang->awaiting_message_single;
 927          }
 928          else
 929          {
 930              $awaiting_message = $lang->sprintf($lang->awaiting_message_plural, $awaitingusers);
 931          }
 932  
 933          if($admincplink)
 934          {
 935              $awaiting_message .= $lang->sprintf($lang->awaiting_message_link, $mybb->settings['bburl'], $admin_dir);
 936          }
 937  
 938          eval('$awaitingusers = "'.$templates->get('global_awaiting_activation').'";');
 939      }
 940      else
 941      {
 942          $awaitingusers = '';
 943      }
 944  }
 945  
 946  $jsTemplates = array();
 947  foreach (array('modal', 'modal_button') as $template) {
 948      eval('$jsTemplates["'.$template.'"] = "'.$templates->get($template, 1, 0).'";');
 949      $jsTemplates[$template] = str_replace(array("\n","\r"), array("\\\n", ""), addslashes($jsTemplates[$template]));
 950  }
 951  
 952  // Set up some of the default templates
 953  eval('$headerinclude = "'.$templates->get('headerinclude').'";');
 954  eval('$gobutton = "'.$templates->get('gobutton').'";');
 955  eval('$htmldoctype = "'.$templates->get('htmldoctype', 1, 0).'";');
 956  eval('$header = "'.$templates->get('header').'";');
 957  
 958  $copy_year = my_date('Y', TIME_NOW);
 959  
 960  // Are we showing version numbers in the footer?
 961  $mybbversion = '';
 962  if($mybb->settings['showvernum'] == 1)
 963  {
 964      $mybbversion = ' '.$mybb->version;
 965  }
 966  
 967  // Check to see if we have any tasks to run
 968  $task_image = '';
 969  $task_cache = $cache->read('tasks');
 970  if(!$task_cache['nextrun'])
 971  {
 972      $task_cache['nextrun'] = TIME_NOW;
 973  }
 974  
 975  if($task_cache['nextrun'] <= TIME_NOW)
 976  {
 977      eval("\$task_image = \"".$templates->get("task_image")."\";");
 978  }
 979  
 980  // Post code
 981  $post_code_string = '';
 982  if($mybb->user['uid'])
 983  {
 984      $post_code_string = '&amp;my_post_key='.$mybb->post_code;
 985  }
 986  
 987  // Are we showing the quick language selection box?
 988  $lang_select = $lang_options = '';
 989  if($mybb->settings['showlanguageselect'] != 0)
 990  {
 991      $languages = $lang->get_languages();
 992  
 993      if(count($languages) > 1)
 994      {
 995          foreach($languages as $key => $language)
 996          {
 997              $language = htmlspecialchars_uni($language);
 998  
 999              // Current language matches
1000              if($lang->language == $key)
1001              {
1002                  $selected = " selected=\"selected\"";
1003              }
1004              else
1005              {
1006                  $selected = '';
1007              }
1008  
1009              eval('$lang_options .= "'.$templates->get('footer_languageselect_option').'";');
1010          }
1011  
1012          $lang_redirect_url = get_current_location(true, 'language');
1013          eval('$lang_select = "'.$templates->get('footer_languageselect').'";');
1014      }
1015  }
1016  
1017  // Are we showing the quick theme selection box?
1018  $theme_select = $theme_options = '';
1019  if($mybb->settings['showthemeselect'] != 0)
1020  {
1021      $theme_options = build_theme_select("theme", $mybb->user['style'], 0, '', false, true);
1022  
1023      if(!empty($theme_options))
1024      {
1025          $theme_redirect_url = get_current_location(true, 'theme');
1026          eval('$theme_select = "'.$templates->get('footer_themeselect').'";');
1027      }
1028  }
1029  
1030  $showteamlink = '';
1031  if($mybb->settings['enableshowteam'] != 0)
1032  {
1033      eval('$showteamlink = "'.$templates->get('footer_showteamlink').'";');
1034  }
1035  
1036  // If we use the contact form, show 'Contact Us' link when appropriate
1037  $contact_us = '';
1038  if(($mybb->settings['contactlink'] == "contact.php" && $mybb->settings['contact'] == 1 && ($mybb->settings['contact_guests'] != 1 && $mybb->user['uid'] == 0 || $mybb->user['uid'] > 0)) || $mybb->settings['contactlink'] != "contact.php")
1039  {
1040      if(!my_validate_url($mybb->settings['contactlink'], true) && my_substr($mybb->settings['contactlink'], 0, 7) != 'mailto:')
1041      {
1042          $mybb->settings['contactlink'] = $mybb->settings['bburl'].'/'.$mybb->settings['contactlink'];
1043      }
1044  
1045      eval('$contact_us = "'.$templates->get('footer_contactus').'";');
1046  }
1047  
1048  // DST Auto detection enabled?
1049  $auto_dst_detection = '';
1050  if($mybb->user['uid'] > 0 && $mybb->user['dstcorrection'] == 2)
1051  {
1052      $timezone = (float)$mybb->user['timezone'] + $mybb->user['dst'];
1053      eval('$auto_dst_detection = "'.$templates->get('global_dst_detection').'";');
1054  }
1055  
1056  eval('$footer = "'.$templates->get('footer').'";');
1057  
1058  // Add our main parts to the navigation
1059  $navbits = array();
1060  $navbits[0]['name'] = $mybb->settings['bbname_orig'];
1061  $navbits[0]['url'] = $mybb->settings['bburl'].'/index.php';
1062  
1063  // Set the link to the archive.
1064  $archive_url = build_archive_link();
1065  
1066  // Check banned ip addresses
1067  if(is_banned_ip($session->ipaddress, true))
1068  {
1069      if($mybb->user['uid'])
1070      {
1071          $db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip)." OR uid='{$mybb->user['uid']}'");
1072      }
1073      else
1074      {
1075          $db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip));
1076      }
1077      error($lang->error_banned);
1078  }
1079  
1080  $closed_bypass = array(
1081      'member.php' => array(
1082          'login',
1083          'do_login',
1084          'logout',
1085      ),
1086      'captcha.php',
1087      'contact.php',
1088  );
1089  
1090  // If the board is closed, the user is not an administrator and they're not trying to login, show the board closed message
1091  if($mybb->settings['boardclosed'] == 1 && $mybb->usergroup['canviewboardclosed'] != 1 && !in_array($current_page, $closed_bypass) && (!is_array($closed_bypass[$current_page]) || !in_array($mybb->get_input('action'), $closed_bypass[$current_page])))
1092  {
1093      // Show error
1094      if(!$mybb->settings['boardclosed_reason'])
1095      {
1096          $mybb->settings['boardclosed_reason'] = $lang->boardclosed_reason;
1097      }
1098  
1099      eval('$reason = "'.$templates->get('global_boardclosed_reason').'";');
1100      $lang->error_boardclosed .= $reason;
1101  
1102      if(!$mybb->get_input('modal'))
1103      {
1104          error($lang->error_boardclosed);
1105      }
1106      else
1107      {
1108          $output = '';
1109          eval('$output = "'.$templates->get('global_board_offline_modal', 1, 0).'";');
1110          echo($output);
1111      }
1112      exit;
1113  }
1114  
1115  $force_bypass = array(
1116      'member.php' => array(
1117          'login',
1118          'do_login',
1119          'logout',
1120          'register',
1121          'do_register',
1122          'lostpw',
1123          'do_lostpw',
1124          'activate',
1125          'resendactivation',
1126          'do_resendactivation',
1127          'resetpassword',
1128      ),
1129      'captcha.php',
1130      'contact.php',
1131  );
1132  
1133  // If the board forces user to login/register, and the user is a guest, show the force login message
1134  if($mybb->settings['forcelogin'] == 1 && $mybb->user['uid'] == 0 && !in_array($current_page, $force_bypass) && (!is_array($force_bypass[$current_page]) || !in_array($mybb->get_input('action'), $force_bypass[$current_page])))
1135  {
1136      // Show error
1137      error_no_permission();
1138      exit;
1139  }
1140  
1141  // Load Limiting
1142  if($mybb->usergroup['cancp'] != 1 && $mybb->settings['load'] > 0 && ($load = get_server_load()) && $load != $lang->unknown && $load > $mybb->settings['load'])
1143  {
1144      // User is not an administrator and the load limit is higher than the limit, show an error
1145      error($lang->error_loadlimit);
1146  }
1147  
1148  // If there is a valid referrer in the URL, cookie it
1149  if(!$mybb->user['uid'] && $mybb->settings['usereferrals'] == 1 && (isset($mybb->input['referrer']) || isset($mybb->input['referrername'])))
1150  {
1151      if(isset($mybb->input['referrername']))
1152      {
1153          $condition = "username = '".$db->escape_string($mybb->get_input('referrername'))."'";
1154      }
1155      else
1156      {
1157          $condition = "uid = '".$mybb->get_input('referrer', MyBB::INPUT_INT)."'";
1158      }
1159  
1160      $query = $db->simple_select('users', 'uid', $condition, array('limit' => 1));
1161      $referrer = $db->fetch_array($query);
1162  
1163      if($referrer['uid'])
1164      {
1165          my_setcookie('mybb[referrer]', $referrer['uid']);
1166      }
1167  }
1168  
1169  $output = '';
1170  $notallowed = false;
1171  if($mybb->usergroup['canview'] != 1)
1172  {
1173      // Check pages allowable even when not allowed to view board
1174      if(defined('ALLOWABLE_PAGE'))
1175      {
1176          if(is_string(ALLOWABLE_PAGE))
1177          {
1178              $allowable_actions = explode(',', ALLOWABLE_PAGE);
1179              if(!in_array($mybb->get_input('action'), $allowable_actions))
1180              {
1181                  $notallowed = true;
1182              }
1183  
1184              unset($allowable_actions);
1185          }
1186          else if(ALLOWABLE_PAGE !== 1)
1187          {
1188              $notallowed = true;
1189          }
1190      }
1191      else
1192      {
1193          $notallowed = true;
1194      }
1195  
1196      if($notallowed == true)
1197      {
1198          if(!$mybb->get_input('modal'))
1199          {
1200              error_no_permission();
1201          }
1202          else
1203          {
1204              eval('$output = "'.$templates->get('global_no_permission_modal', 1, 0).'";');
1205              echo($output);
1206              exit;
1207          }
1208      }
1209  }
1210  
1211  // Find out if this user of ours is using a banned email address.
1212  // If they are, redirect them to change it
1213  if($mybb->user['uid'] && is_banned_email($mybb->user['email']) && $mybb->settings['emailkeep'] != 1)
1214  {
1215      if(THIS_SCRIPT != 'usercp.php' || THIS_SCRIPT == 'usercp.php' && $mybb->get_input('action') != 'email' && $mybb->get_input('action') != 'do_email')
1216      {
1217          redirect('usercp.php?action=email');
1218      }
1219      else if($mybb->request_method != 'post')
1220      {
1221          $banned_email_error = inline_error(array($lang->banned_email_warning));
1222      }
1223  }
1224  
1225  // work out which items the user has collapsed
1226  $colcookie = '';
1227  if(!empty($mybb->cookies['collapsed']))
1228  {
1229      $colcookie = $mybb->cookies['collapsed'];
1230  }
1231  
1232  $collapse = $collapsed = $collapsedimg = array();
1233  
1234  if($colcookie)
1235  {
1236      // Preserve and don't unset $collapse, will be needed globally throughout many pages
1237      $collapse = explode("|", $colcookie);
1238      foreach($collapse as $val)
1239      {
1240          $ex = $val."_e";
1241          $co = $val."_c";
1242          $collapsed[$co] = "display: show;";
1243          $collapsed[$ex] = "display: none;";
1244          $collapsedimg[$val] = "_collapsed";
1245          $collapsedthead[$val] = " thead_collapsed";
1246      }
1247  }
1248  
1249  // Run hooks for end of global.php
1250  $plugins->run_hooks('global_end');
1251  
1252  $globaltime = $maintimer->getTime();


2005 - 2019 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1