[ Index ]

PHP Cross Reference of MyBB 1.8.12

title

Body

[close]

/ -> global.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  $working_dir = dirname(__FILE__);
  12  if(!$working_dir)
  13  {
  14      $working_dir = '.';
  15  }
  16  
  17  // Load main MyBB core file which begins all of the magic
  18  require_once $working_dir.'/inc/init.php';
  19  
  20  $shutdown_queries = $shutdown_functions = array();
  21  
  22  // Read the usergroups cache as well as the moderators cache
  23  $groupscache = $cache->read('usergroups');
  24  
  25  // If the groups cache doesn't exist, update it and re-read it
  26  if(!is_array($groupscache))
  27  {
  28      $cache->update_usergroups();
  29      $groupscache = $cache->read('usergroups');
  30  }
  31  
  32  if(!defined('THIS_SCRIPT'))
  33  {
  34      define('THIS_SCRIPT', '');
  35  }
  36  
  37  $current_page = my_strtolower(basename(THIS_SCRIPT));
  38  
  39  // Send page headers - don't send no-cache headers for attachment.php
  40  if($current_page != 'attachment.php')
  41  {
  42      send_page_headers();
  43  }
  44  
  45  // Do not use session system for defined pages
  46  if((isset($mybb->input['action']) && isset($nosession[$mybb->input['action']])) || (isset($mybb->input['thumbnail']) && $current_page == 'attachment.php'))
  47  {
  48      define('NO_ONLINE', 1);
  49  }
  50  
  51  // Create session for this user
  52  require_once  MYBB_ROOT.'inc/class_session.php';
  53  $session = new session;
  54  $session->init();
  55  $mybb->session = &$session;
  56  
  57  $mybb->user['ismoderator'] = is_moderator(0, '', $mybb->user['uid']);
  58  
  59  // Set our POST validation code here
  60  $mybb->post_code = generate_post_check();
  61  
  62  // Set and load the language
  63  if(isset($mybb->input['language']) && $lang->language_exists($mybb->get_input('language')) && verify_post_check($mybb->get_input('my_post_key'), true))
  64  {
  65      $mybb->settings['bblanguage'] = $mybb->get_input('language');
  66      // If user is logged in, update their language selection with the new one
  67      if($mybb->user['uid'])
  68      {
  69          if(isset($mybb->cookies['mybblang']))
  70          {
  71              my_unsetcookie('mybblang');
  72          }
  73  
  74          $db->update_query('users', array('language' => $db->escape_string($mybb->settings['bblanguage'])), "uid = '{$mybb->user['uid']}'");
  75      }
  76      // Guest = cookie
  77      else
  78      {
  79          my_setcookie('mybblang', $mybb->settings['bblanguage']);
  80      }
  81      $mybb->user['language'] = $mybb->settings['bblanguage'];
  82  }
  83  // Cookied language!
  84  else if(!$mybb->user['uid'] && !empty($mybb->cookies['mybblang']) && $lang->language_exists($mybb->cookies['mybblang']))
  85  {
  86      $mybb->settings['bblanguage'] = $mybb->cookies['mybblang'];
  87  }
  88  else if(!isset($mybb->settings['bblanguage']))
  89  {
  90      $mybb->settings['bblanguage'] = 'english';
  91  }
  92  
  93  // Load language
  94  $lang->set_language($mybb->settings['bblanguage']);
  95  $lang->load('global');
  96  $lang->load('messages');
  97  
  98  // Run global_start plugin hook now that the basics are set up
  99  $plugins->run_hooks('global_start');
 100  
 101  if(function_exists('mb_internal_encoding') && !empty($lang->settings['charset']))
 102  {
 103      @mb_internal_encoding($lang->settings['charset']);
 104  }
 105  
 106  // Select the board theme to use.
 107  $loadstyle = '';
 108  $load_from_forum = $load_from_user = 0;
 109  $style = array();
 110  
 111  // The user used our new quick theme changer
 112  if(isset($mybb->input['theme']) && verify_post_check($mybb->get_input('my_post_key'), true))
 113  {
 114      // Set up user handler.
 115      require_once  MYBB_ROOT.'inc/datahandlers/user.php';
 116      $userhandler = new UserDataHandler('update');
 117  
 118      $user = array(
 119          'uid'    => $mybb->user['uid'],
 120          'style'    => $mybb->get_input('theme', MyBB::INPUT_INT),
 121          'usergroup'    => $mybb->user['usergroup'],
 122          'additionalgroups'    => $mybb->user['additionalgroups']
 123      );
 124  
 125      $userhandler->set_data($user);
 126  
 127      // validate_user verifies the style if it is set in the data array.
 128      if($userhandler->validate_user())
 129      {
 130          $mybb->user['style'] = $user['style'];
 131  
 132          // If user is logged in, update their theme selection with the new one
 133          if($mybb->user['uid'])
 134          {
 135              if(isset($mybb->cookies['mybbtheme']))
 136              {
 137                  my_unsetcookie('mybbtheme');
 138              }
 139  
 140              $userhandler->update_user();
 141          }
 142          // Guest = cookie
 143          else
 144          {
 145              my_setcookie('mybbtheme', $user['style']);
 146          }
 147      }
 148  }
 149  // Cookied theme!
 150  else if(!$mybb->user['uid'] && !empty($mybb->cookies['mybbtheme']))
 151  {
 152      $mybb->user['style'] = (int)$mybb->cookies['mybbtheme'];
 153  }
 154  
 155  // This user has a custom theme set in their profile
 156  if(isset($mybb->user['style']) && (int)$mybb->user['style'] != 0)
 157  {
 158      $mybb->user['style'] = (int)$mybb->user['style'];
 159  
 160      $loadstyle = "tid = '{$mybb->user['style']}'";
 161      $load_from_user = 1;
 162  }
 163  
 164  $valid = array(
 165      'showthread.php',
 166      'forumdisplay.php',
 167      'newthread.php',
 168      'newreply.php',
 169      'ratethread.php',
 170      'editpost.php',
 171      'polls.php',
 172      'sendthread.php',
 173      'printthread.php',
 174      'moderation.php'
 175  );
 176  
 177  if(in_array($current_page, $valid))
 178  {
 179      cache_forums();
 180  
 181      // If we're accessing a post, fetch the forum theme for it and if we're overriding it
 182      if(isset($mybb->input['pid']) && THIS_SCRIPT != "polls.php")
 183      {
 184          $query = $db->simple_select("posts", "fid", "pid = '{$mybb->input['pid']}'", array("limit" => 1));
 185          $fid = $db->fetch_field($query, 'fid');
 186  
 187          if($fid)
 188          {
 189              $style = $forum_cache[$fid];
 190              $load_from_forum = 1;
 191          }
 192      }
 193      // We have a thread id and a forum id, we can easily fetch the theme for this forum
 194      else if(isset($mybb->input['tid']))
 195      {
 196          $query = $db->simple_select('threads', 'fid', "tid = '{$mybb->input['tid']}'", array('limit' => 1));
 197          $fid = $db->fetch_field($query, 'fid');
 198  
 199          if($fid)
 200          {
 201              $style = $forum_cache[$fid];
 202              $load_from_forum = 1;
 203          }
 204      }
 205      // If we're accessing poll results, fetch the forum theme for it and if we're overriding it
 206      else if(isset($mybb->input['pid']) && THIS_SCRIPT == "polls.php")
 207      {
 208          $query = $db->simple_select('threads', 'fid', "poll = '{$mybb->input['pid']}'", array('limit' => 1));
 209          $fid = $db->fetch_field($query, 'fid');
 210  
 211          if($fid)
 212          {
 213              $style = $forum_cache[$fid];
 214              $load_from_forum = 1;
 215          }
 216      }
 217      // We have a forum id - simply load the theme from it
 218      else if(isset($mybb->input['fid']) && isset($forum_cache[$mybb->input['fid']]))
 219      {
 220          $style = $forum_cache[$mybb->input['fid']];
 221          $load_from_forum = 1;
 222      }
 223  }
 224  unset($valid);
 225  
 226  // From all of the above, a theme was found
 227  if(isset($style['style']) && $style['style'] > 0)
 228  {
 229      $style['style'] = (int)$style['style'];
 230  
 231      // This theme is forced upon the user, overriding their selection
 232      if($style['overridestyle'] == 1 || !isset($mybb->user['style']))
 233      {
 234          $loadstyle = "tid = '{$style['style']}'";
 235      }
 236  }
 237  
 238  // After all of that no theme? Load the board default
 239  if(empty($loadstyle))
 240  {
 241      $loadstyle = "def='1'";
 242  }
 243  
 244  // Fetch the theme to load from the cache
 245  if($loadstyle != "def='1'")
 246  {
 247      $query = $db->simple_select('themes', 'name, tid, properties, stylesheets, allowedgroups', $loadstyle, array('limit' => 1));
 248      $theme = $db->fetch_array($query);
 249  
 250      if(isset($theme['tid']) && !$load_from_forum && !is_member($theme['allowedgroups']) && $theme['allowedgroups'] != 'all')
 251      {
 252          if($load_from_user == 1)
 253          {
 254              $db->update_query('users', array('style' => 0), "style='{$mybb->user['style']}' AND uid='{$mybb->user['uid']}'");
 255          }
 256  
 257          if(isset($mybb->cookies['mybbtheme']))
 258          {
 259              my_unsetcookie('mybbtheme');
 260          }
 261  
 262          $loadstyle = "def='1'";
 263      }
 264  }
 265  
 266  if($loadstyle == "def='1'")
 267  {
 268      if(!$cache->read('default_theme'))
 269      {
 270          $cache->update_default_theme();
 271      }
 272  
 273      $theme = $cache->read('default_theme');
 274  
 275      $load_from_forum = $load_from_user = 0;
 276  }
 277  
 278  // No theme was found - we attempt to load the master or any other theme
 279  if(!isset($theme['tid']) || isset($theme['tid']) && !$theme['tid'])
 280  {
 281      // Missing theme was from a forum, run a query to set any forums using the theme to the default
 282      if($load_from_forum == 1)
 283      {
 284          $db->update_query('forums', array('style' => 0), "style = '{$style['style']}'");
 285      }
 286      // Missing theme was from a user, run a query to set any users using the theme to the default
 287      else if($load_from_user == 1)
 288      {
 289          $db->update_query('users', array('style' => 0), "style = '{$mybb->user['style']}'");
 290      }
 291  
 292      // Attempt to load the master or any other theme if the master is not available
 293      $query = $db->simple_select('themes', 'name, tid, properties, stylesheets', '', array('order_by' => 'tid', 'limit' => 1));
 294      $theme = $db->fetch_array($query);
 295  }
 296  $theme = @array_merge($theme, my_unserialize($theme['properties']));
 297  
 298  // Fetch all necessary stylesheets
 299  $stylesheets = '';
 300  $theme['stylesheets'] = my_unserialize($theme['stylesheets']);
 301  $stylesheet_scripts = array("global", basename($_SERVER['PHP_SELF']));
 302  if(!empty($theme['color']))
 303  {
 304      $stylesheet_scripts[] = $theme['color'];
 305  }
 306  $stylesheet_actions = array("global");
 307  if(!empty($mybb->input['action']))
 308  {
 309      $stylesheet_actions[] = $mybb->get_input('action');
 310  }
 311  foreach($stylesheet_scripts as $stylesheet_script)
 312  {
 313      // Load stylesheets for global actions and the current action
 314      foreach($stylesheet_actions as $stylesheet_action)
 315      {
 316          if(!$stylesheet_action)
 317          {
 318              continue;
 319          }
 320  
 321          if(!empty($theme['stylesheets'][$stylesheet_script][$stylesheet_action]))
 322          {
 323              // Actually add the stylesheets to the list
 324              foreach($theme['stylesheets'][$stylesheet_script][$stylesheet_action] as $page_stylesheet)
 325              {
 326                  if(!empty($already_loaded[$page_stylesheet]))
 327                  {
 328                      continue;
 329                  }
 330  
 331                  if(strpos($page_stylesheet, 'css.php') !== false)
 332                  {
 333                      $stylesheet_url = $mybb->settings['bburl'] . '/' . $page_stylesheet;
 334                  }
 335                  else
 336                  {
 337                      $stylesheet_url = $mybb->get_asset_url($page_stylesheet);
 338                  }
 339  
 340                  if($mybb->settings['minifycss'])
 341                  {
 342                      $stylesheet_url = str_replace('.css', '.min.css', $stylesheet_url);
 343                  }
 344  
 345                  if(strpos($page_stylesheet, 'css.php') !== false)
 346                  {
 347                      // We need some modification to get it working with the displayorder
 348                      $query_string = parse_url($stylesheet_url, PHP_URL_QUERY);
 349                      $id = (int) my_substr($query_string, 11);
 350                      $query = $db->simple_select("themestylesheets", "name", "sid={$id}");
 351                      $real_name = $db->fetch_field($query, "name");
 352                      $theme_stylesheets[$real_name] = "<link type=\"text/css\" rel=\"stylesheet\" href=\"{$stylesheet_url}\" />\n";
 353                  }
 354                  else
 355                  {
 356                      $theme_stylesheets[basename($page_stylesheet)] = "<link type=\"text/css\" rel=\"stylesheet\" href=\"{$stylesheet_url}\" />\n";
 357                  }
 358  
 359                  $already_loaded[$page_stylesheet] = 1;
 360              }
 361          }
 362      }
 363  }
 364  unset($actions);
 365  
 366  if(!empty($theme_stylesheets) && is_array($theme['disporder']))
 367  {
 368      foreach($theme['disporder'] as $style_name => $order)
 369      {
 370          if(!empty($theme_stylesheets[$style_name]))
 371          {
 372              $stylesheets .= $theme_stylesheets[$style_name];
 373          }
 374      }
 375  }
 376  
 377  // Are we linking to a remote theme server?
 378  if(my_validate_url($theme['imgdir']))
 379  {
 380      // If a language directory for the current language exists within the theme - we use it
 381      if(!empty($mybb->user['language']))
 382      {
 383          $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];
 384      }
 385      else
 386      {
 387          // Check if a custom language directory exists for this theme
 388          if(!empty($mybb->settings['bblanguage']))
 389          {
 390              $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
 391          }
 392          // Otherwise, the image language directory is the same as the language directory for the theme
 393          else
 394          {
 395              $theme['imglangdir'] = $theme['imgdir'];
 396          }
 397      }
 398  }
 399  else
 400  {
 401      $img_directory = $theme['imgdir'];
 402  
 403      if($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath']))
 404      {
 405          $img_directory = rtrim($mybb->settings['cdnpath'], '/') . '/' . ltrim($theme['imgdir'], '/');
 406      }
 407  
 408      if(!@is_dir($img_directory))
 409      {
 410          $theme['imgdir'] = 'images';
 411      }
 412  
 413      // If a language directory for the current language exists within the theme - we use it
 414      if(!empty($mybb->user['language']) && is_dir($img_directory.'/'.$mybb->user['language']))
 415      {
 416          $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];
 417      }
 418      else
 419      {
 420          // Check if a custom language directory exists for this theme
 421          if(is_dir($img_directory.'/'.$mybb->settings['bblanguage']))
 422          {
 423              $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
 424          }
 425          // Otherwise, the image language directory is the same as the language directory for the theme
 426          else
 427          {
 428              $theme['imglangdir'] = $theme['imgdir'];
 429          }
 430      }
 431  
 432      $theme['imgdir'] = $mybb->get_asset_url($theme['imgdir']);
 433      $theme['imglangdir'] = $mybb->get_asset_url($theme['imglangdir']);
 434  }
 435  
 436  // Theme logo - is it a relative URL to the forum root? Append bburl
 437  if(!preg_match("#^(\.\.?(/|$)|([a-z0-9]+)://)#i", $theme['logo']) && substr($theme['logo'], 0, 1) != '/')
 438  {
 439      $theme['logo'] = $mybb->get_asset_url($theme['logo']);
 440  }
 441  
 442  // Load Main Templates and Cached Templates
 443  if(isset($templatelist))
 444  {
 445      $templatelist .= ',';
 446  }
 447  else
 448  {
 449      $templatelist = '';
 450  }
 451  
 452  $templatelist .= "headerinclude,header,footer,gobutton,htmldoctype,header_welcomeblock_member,header_welcomeblock_member_user,header_welcomeblock_member_moderator,header_welcomeblock_member_admin,error";
 453  $templatelist .= ",global_pending_joinrequests,global_awaiting_activation,nav,nav_sep,nav_bit,nav_sep_active,nav_bit_active,footer_languageselect,footer_themeselect,global_unreadreports,footer_contactus";
 454  $templatelist .= ",global_boardclosed_warning,global_bannedwarning,error_inline,error_nopermission_loggedin,error_nopermission,global_pm_alert,header_menu_search,header_menu_portal,redirect,footer_languageselect_option";
 455  $templatelist .= ",video_dailymotion_embed,video_facebook_embed,video_liveleak_embed,video_metacafe_embed,video_myspacetv_embed,video_veoh_embed,video_vimeo_embed,video_yahoo_embed,video_youtube_embed,debug_summary";
 456  $templatelist .= ",smilieinsert_row,smilieinsert_row_empty,smilieinsert,smilieinsert_getmore,smilieinsert_smilie,global_board_offline_modal,footer_themeselector,task_image,usercp_themeselector_option";
 457  $templatelist .= ",mycode_code,mycode_email,mycode_img,mycode_php,mycode_quote_post,mycode_size_int,mycode_url,global_no_permission_modal,global_boardclosed_reason,nav_dropdown,global_remote_avatar_notice";
 458  $templatelist .= ",header_welcomeblock_member_pms,header_welcomeblock_member_search,header_welcomeblock_guest,header_menu_calendar,header_menu_memberlist,global_dst_detection,header_quicksearch,smilie";
 459  $templates->cache($db->escape_string($templatelist));
 460  
 461  // Set the current date and time now
 462  $datenow = my_date($mybb->settings['dateformat'], TIME_NOW, '', false);
 463  $timenow = my_date($mybb->settings['timeformat'], TIME_NOW);
 464  $lang->welcome_current_time = $lang->sprintf($lang->welcome_current_time, $datenow . $lang->comma . $timenow);
 465  
 466  // Format the last visit date of this user appropriately
 467  if(isset($mybb->user['lastvisit']))
 468  {
 469      $lastvisit = my_date('relative', $mybb->user['lastvisit'], '', 2);
 470  }
 471  // Otherwise, they've never visited before
 472  else
 473  {
 474      $lastvisit = $lang->lastvisit_never;
 475  }
 476  
 477  $plugins->run_hooks('global_intermediate');
 478  
 479  // If the board is closed and we have a usergroup allowed to view the board when closed, then show board closed warning
 480  $bbclosedwarning = '';
 481  if($mybb->settings['boardclosed'] == 1 && $mybb->usergroup['canviewboardclosed'] == 1)
 482  {
 483      eval('$bbclosedwarning = "'.$templates->get('global_boardclosed_warning').'";');
 484  }
 485  
 486  // Prepare the main templates for use
 487  $admincplink = $modcplink = $usercplink = '';
 488  
 489  // Load appropriate welcome block for the current logged in user
 490  if($mybb->user['uid'] != 0)
 491  {
 492      // User can access the admin cp and we're not hiding admin cp links, fetch it
 493      if($mybb->usergroup['cancp'] == 1 && $mybb->config['hide_admin_links'] != 1)
 494      {
 495          $admin_dir = $config['admin_dir'];
 496          eval('$admincplink = "'.$templates->get('header_welcomeblock_member_admin').'";');
 497      }
 498  
 499      if($mybb->usergroup['canmodcp'] == 1)
 500      {
 501          eval('$modcplink = "'.$templates->get('header_welcomeblock_member_moderator').'";');
 502      }
 503  
 504      if($mybb->usergroup['canusercp'] == 1)
 505      {
 506          eval('$usercplink = "'.$templates->get('header_welcomeblock_member_user').'";');
 507      }
 508  
 509      // Format the welcome back message
 510      $lang->welcome_back = $lang->sprintf($lang->welcome_back, build_profile_link(htmlspecialchars_uni($mybb->user['username']), $mybb->user['uid']), $lastvisit);
 511  
 512      $searchlink = '';
 513      if($mybb->usergroup['cansearch'] == 1)
 514      {
 515          eval('$searchlink = "'.$templates->get('header_welcomeblock_member_search').'";');
 516      }
 517  
 518      // Tell the user their PM usage
 519      $pmslink = '';
 520      if($mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] == 1)
 521      {
 522          $lang->welcome_pms_usage = $lang->sprintf($lang->welcome_pms_usage, my_number_format($mybb->user['pms_unread']), my_number_format($mybb->user['pms_total']));
 523  
 524          eval('$pmslink = "'.$templates->get('header_welcomeblock_member_pms').'";');
 525      }
 526  
 527      eval('$welcomeblock = "'.$templates->get('header_welcomeblock_member').'";');
 528  }
 529  // Otherwise, we have a guest
 530  else
 531  {
 532      switch($mybb->settings['username_method'])
 533      {
 534          case 0:
 535              $login_username = $lang->login_username;
 536              break;
 537          case 1:
 538              $login_username = $lang->login_username1;
 539              break;
 540          case 2:
 541              $login_username = $lang->login_username2;
 542              break;
 543          default:
 544              $login_username = $lang->login_username;
 545              break;
 546      }
 547      eval('$welcomeblock = "'.$templates->get('header_welcomeblock_guest').'";');
 548  }
 549  
 550  // Display menu links and quick search if user has permission
 551  $menu_search = $menu_memberlist = $menu_portal = $menu_calendar = $quicksearch = '';
 552  if($mybb->usergroup['cansearch'] == 1)
 553  {
 554      eval('$menu_search = "'.$templates->get('header_menu_search').'";');
 555      eval('$quicksearch = "'.$templates->get('header_quicksearch').'";');
 556  }
 557  
 558  if($mybb->settings['enablememberlist'] == 1 && $mybb->usergroup['canviewmemberlist'] == 1)
 559  {
 560      eval('$menu_memberlist = "'.$templates->get('header_menu_memberlist').'";');
 561  }
 562  
 563  if($mybb->settings['enablecalendar'] == 1 && $mybb->usergroup['canviewcalendar'] == 1)
 564  {
 565      eval('$menu_calendar = "'.$templates->get('header_menu_calendar').'";');
 566  }
 567  
 568  if($mybb->settings['portal'] == 1)
 569  {
 570      eval('$menu_portal = "'.$templates->get('header_menu_portal').'";');
 571  }
 572  
 573  // See if there are any pending join requests for group leaders
 574  $pending_joinrequests = '';
 575  $groupleaders = $cache->read('groupleaders');
 576  if($mybb->user['uid'] != 0 && is_array($groupleaders) && array_key_exists($mybb->user['uid'], $groupleaders))
 577  {
 578      $groupleader = $groupleaders[$mybb->user['uid']];
 579  
 580      $gids = "'0'";
 581      foreach($groupleader as $user)
 582      {
 583          if($user['canmanagerequests'] != 1)
 584          {
 585              continue;
 586          }
 587  
 588          $user['gid'] = (int)$user['gid'];
 589          $gids .= ",'{$user['gid']}'";
 590      }
 591  
 592      $query = $db->simple_select('joinrequests', 'COUNT(uid) as total', "gid IN ({$gids}) AND invite='0'");
 593      $total_joinrequests = $db->fetch_field($query, 'total');
 594  
 595      if($total_joinrequests > 0)
 596      {
 597          if($total_joinrequests == 1)
 598          {
 599              $lang->pending_joinrequests = $lang->pending_joinrequest;
 600          }
 601          else
 602          {
 603              $total_joinrequests = my_number_format($total_joinrequests);
 604              $lang->pending_joinrequests = $lang->sprintf($lang->pending_joinrequests, $total_joinrequests);
 605          }
 606  
 607          eval('$pending_joinrequests = "'.$templates->get('global_pending_joinrequests').'";');
 608      }
 609  }
 610  
 611  $unreadreports = '';
 612  // This user is a moderator, super moderator or administrator
 613  if($mybb->settings['reportmethod'] == "db" && ($mybb->usergroup['cancp'] == 1 || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1)))
 614  {
 615      // Only worth checking if we are here because we have ACP permissions and the other condition fails
 616      if($mybb->usergroup['cancp'] == 1 && !($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1))
 617      {
 618          // First we check if the user's a super admin: if yes, we don't care about permissions
 619          $can_access_moderationqueue = true;
 620          $is_super_admin = is_super_admin($mybb->user['uid']);
 621          if(!$is_super_admin)
 622          {
 623              // Include admin functions
 624              if(!file_exists(MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php"))
 625              {
 626                  $can_access_moderationqueue = false;
 627              }
 628  
 629              require_once MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php";
 630  
 631              // Verify if we have permissions to access forum-moderation_queue
 632              require_once MYBB_ROOT.$mybb->config['admin_dir']."/modules/forum/module_meta.php";
 633              if(function_exists("forum_admin_permissions"))
 634              {
 635                  // Get admin permissions
 636                  $adminperms = get_admin_permissions($mybb->user['uid']);
 637  
 638                  $permissions = forum_admin_permissions();
 639                  if(array_key_exists('moderation_queue', $permissions['permissions']) && $adminperms['forum']['moderation_queue'] != 1)
 640                  {
 641                      $can_access_moderationqueue = false;
 642                  }
 643              }
 644          }
 645      }
 646      else
 647      {
 648          $can_access_moderationqueue = false;
 649      }
 650  
 651      if($can_access_moderationqueue || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1))
 652      {
 653          // Read the reported content cache
 654          $reported = $cache->read('reportedcontent');
 655  
 656          // 0 or more reported items currently exist
 657          if($reported['unread'] > 0)
 658          {
 659              // We want to avoid one extra query for users that can moderate any forum
 660              if($mybb->usergroup['cancp'] || $mybb->usergroup['issupermod'])
 661              {
 662                  $unread = (int)$reported['unread'];
 663              }
 664              else
 665              {
 666                  $unread = 0;
 667                  $query = $db->simple_select('reportedcontent', 'id3', "reportstatus='0' AND (type = 'post' OR type = '')");
 668  
 669                  while($fid = $db->fetch_field($query, 'id3'))
 670                  {
 671                      if(is_moderator($fid, "canmanagereportedposts"))
 672                      {
 673                          ++$unread;
 674                      }
 675                  }
 676              }
 677  
 678              if($unread > 0)
 679              {
 680                  if($unread == 1)
 681                  {
 682                      $lang->unread_reports = $lang->unread_report;
 683                  }
 684                  else
 685                  {
 686                      $lang->unread_reports = $lang->sprintf($lang->unread_reports, my_number_format($unread));
 687                  }
 688  
 689                  eval('$unreadreports = "'.$templates->get('global_unreadreports').'";');
 690              }
 691          }
 692      }
 693  }
 694  
 695  // Got a character set?
 696  $charset = 'UTF-8';
 697  if(isset($lang->settings['charset']) && $lang->settings['charset'])
 698  {
 699      $charset = $lang->settings['charset'];
 700  }
 701  
 702  // Is this user apart of a banned group?
 703  $bannedwarning = '';
 704  if($mybb->usergroup['isbannedgroup'] == 1)
 705  {
 706      // Fetch details on their ban
 707      $query = $db->simple_select('banned', '*', "uid = '{$mybb->user['uid']}'", array('limit' => 1));
 708      $ban = $db->fetch_array($query);
 709  
 710      if($ban['uid'])
 711      {
 712          // Format their ban lift date and reason appropriately
 713          $banlift = $lang->banned_lifted_never;
 714          $reason = htmlspecialchars_uni($ban['reason']);
 715  
 716          if($ban['lifted'] > 0)
 717          {
 718              $banlift = my_date($mybb->settings['dateformat'], $ban['lifted']) . $lang->comma . my_date($mybb->settings['timeformat'], $ban['lifted']);
 719          }
 720      }
 721  
 722      if(empty($reason))
 723      {
 724          $reason = $lang->unknown;
 725      }
 726  
 727      if(empty($banlift))
 728      {
 729          $banlift = $lang->unknown;
 730      }
 731  
 732      // Display a nice warning to the user
 733      eval('$bannedwarning = "'.$templates->get('global_bannedwarning').'";');
 734  }
 735  
 736  $lang->ajax_loading = str_replace("'", "\\'", $lang->ajax_loading);
 737  
 738  // Check if this user has a new private message.
 739  $pm_notice = '';
 740  if(isset($mybb->user['pmnotice']) && $mybb->user['pmnotice'] == 2 && $mybb->user['pms_unread'] > 0 && $mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] != 0 && $mybb->usergroup['canview'] != 0 && ($current_page != "private.php" || $mybb->get_input('action') != "read"))
 741  {
 742      if(!isset($parser))
 743      {
 744          require_once  MYBB_ROOT.'inc/class_parser.php';
 745          $parser = new postParser;
 746      }
 747  
 748      $query = $db->query("
 749          SELECT pm.subject, pm.pmid, fu.username AS fromusername, fu.uid AS fromuid
 750          FROM ".TABLE_PREFIX."privatemessages pm
 751          LEFT JOIN ".TABLE_PREFIX."users fu on (fu.uid=pm.fromid)
 752          WHERE pm.folder = '1' AND pm.uid = '{$mybb->user['uid']}' AND pm.status = '0'
 753          ORDER BY pm.dateline DESC
 754          LIMIT 1
 755      ");
 756  
 757      $pm = $db->fetch_array($query);
 758      $pm['subject'] = $parser->parse_badwords($pm['subject']);
 759  
 760      if($pm['fromuid'] == 0)
 761      {
 762          $pm['fromusername'] = $lang->mybb_engine;
 763          $user_text = $pm['fromusername'];
 764      }
 765      else
 766      {
 767          $pm['fromusername'] = htmlspecialchars_uni($pm['fromusername']);
 768          $user_text = build_profile_link($pm['fromusername'], $pm['fromuid']);
 769      }
 770  
 771      if($mybb->user['pms_unread'] == 1)
 772      {
 773          $privatemessage_text = $lang->sprintf($lang->newpm_notice_one, $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject']));
 774      }
 775      else
 776      {
 777          $privatemessage_text = $lang->sprintf($lang->newpm_notice_multiple, $mybb->user['pms_unread'], $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject']));
 778      }
 779      eval('$pm_notice = "'.$templates->get('global_pm_alert').'";');
 780  }
 781  
 782  $remote_avatar_notice = '';
 783  if(($mybb->user['avatartype'] === 'remote' || $mybb->user['avatartype'] === 'gravatar') && !$mybb->settings['allowremoteavatars'])
 784  {
 785      eval('$remote_avatar_notice = "'.$templates->get('global_remote_avatar_notice').'";');
 786  }
 787  
 788  if($mybb->settings['awactialert'] == 1 && $mybb->usergroup['cancp'] == 1)
 789  {
 790      $awaitingusers = $cache->read('awaitingactivation');
 791  
 792      if(isset($awaitingusers['time']) && $awaitingusers['time'] + 86400 < TIME_NOW)
 793      {
 794          $cache->update_awaitingactivation();
 795          $awaitingusers = $cache->read('awaitingactivation');
 796      }
 797  
 798      if(!empty($awaitingusers['users']))
 799      {
 800          $awaitingusers = (int)$awaitingusers['users'];
 801      }
 802      else
 803      {
 804          $awaitingusers = 0;
 805      }
 806  
 807      if($awaitingusers < 1)
 808      {
 809          $awaitingusers = 0;
 810      }
 811      else
 812      {
 813          $awaitingusers = my_number_format($awaitingusers);
 814      }
 815  
 816      if($awaitingusers > 0)
 817      {
 818          if($awaitingusers == 1)
 819          {
 820              $awaiting_message = $lang->awaiting_message_single;
 821          }
 822          else
 823          {
 824              $awaiting_message = $lang->sprintf($lang->awaiting_message_plural, $awaitingusers);
 825          }
 826  
 827          if($admincplink)
 828          {
 829              $awaiting_message .= $lang->sprintf($lang->awaiting_message_link, $mybb->settings['bburl'], $admin_dir);
 830          }
 831  
 832          eval('$awaitingusers = "'.$templates->get('global_awaiting_activation').'";');
 833      }
 834      else
 835      {
 836          $awaitingusers = '';
 837      }
 838  }
 839  
 840  // Set up some of the default templates
 841  eval('$headerinclude = "'.$templates->get('headerinclude').'";');
 842  eval('$gobutton = "'.$templates->get('gobutton').'";');
 843  eval('$htmldoctype = "'.$templates->get('htmldoctype', 1, 0).'";');
 844  eval('$header = "'.$templates->get('header').'";');
 845  
 846  $copy_year = my_date('Y', TIME_NOW);
 847  
 848  // Are we showing version numbers in the footer?
 849  $mybbversion = '';
 850  if($mybb->settings['showvernum'] == 1)
 851  {
 852      $mybbversion = ' '.$mybb->version;
 853  }
 854  
 855  // Check to see if we have any tasks to run
 856  $task_image = '';
 857  $task_cache = $cache->read('tasks');
 858  if(!$task_cache['nextrun'])
 859  {
 860      $task_cache['nextrun'] = TIME_NOW;
 861  }
 862  
 863  if($task_cache['nextrun'] <= TIME_NOW)
 864  {
 865      eval("\$task_image = \"".$templates->get("task_image")."\";");
 866  }
 867  
 868  // Post code
 869  $post_code_string = '';
 870  if($mybb->user['uid'])
 871  {
 872      $post_code_string = '&amp;my_post_key='.$mybb->post_code;
 873  }
 874  
 875  // Are we showing the quick language selection box?
 876  $lang_select = $lang_options = '';
 877  if($mybb->settings['showlanguageselect'] != 0)
 878  {
 879      $languages = $lang->get_languages();
 880  
 881      if(count($languages) > 1)
 882      {
 883          foreach($languages as $key => $language)
 884          {
 885              $language = htmlspecialchars_uni($language);
 886  
 887              // Current language matches
 888              if($lang->language == $key)
 889              {
 890                  $selected = " selected=\"selected\"";
 891              }
 892              else
 893              {
 894                  $selected = '';
 895              }
 896  
 897              eval('$lang_options .= "'.$templates->get('footer_languageselect_option').'";');
 898          }
 899  
 900          $lang_redirect_url = get_current_location(true, 'language');
 901          eval('$lang_select = "'.$templates->get('footer_languageselect').'";');
 902      }
 903  }
 904  
 905  // Are we showing the quick theme selection box?
 906  $theme_select = $theme_options = '';
 907  if($mybb->settings['showthemeselect'] != 0)
 908  {
 909      $theme_options = build_theme_select("theme", $mybb->user['style'], 0, '', false, true);
 910  
 911      if(!empty($theme_options))
 912      {
 913          $theme_redirect_url = get_current_location(true, 'theme');
 914          eval('$theme_select = "'.$templates->get('footer_themeselect').'";');
 915      }
 916  }
 917  
 918  // If we use the contact form, show 'Contact Us' link when appropriate
 919  $contact_us = '';
 920  if(($mybb->settings['contactlink'] == "contact.php" && $mybb->settings['contact'] == 1 && ($mybb->settings['contact_guests'] != 1 && $mybb->user['uid'] == 0 || $mybb->user['uid'] > 0)) || $mybb->settings['contactlink'] != "contact.php")
 921  {
 922      if(!my_validate_url($mybb->settings['contactlink'], true) && my_substr($mybb->settings['contactlink'], 0, 7) != 'mailto:')
 923      {
 924          $mybb->settings['contactlink'] = $mybb->settings['bburl'].'/'.$mybb->settings['contactlink'];
 925      }
 926  
 927      eval('$contact_us = "'.$templates->get('footer_contactus').'";');
 928  }
 929  
 930  // DST Auto detection enabled?
 931  $auto_dst_detection = '';
 932  if($mybb->user['uid'] > 0 && $mybb->user['dstcorrection'] == 2)
 933  {
 934      $timezone = (float)$mybb->user['timezone'] + $mybb->user['dst'];
 935      eval('$auto_dst_detection = "'.$templates->get('global_dst_detection').'";');
 936  }
 937  
 938  eval('$footer = "'.$templates->get('footer').'";');
 939  
 940  // Add our main parts to the navigation
 941  $navbits = array();
 942  $navbits[0]['name'] = $mybb->settings['bbname_orig'];
 943  $navbits[0]['url'] = $mybb->settings['bburl'].'/index.php';
 944  
 945  // Set the link to the archive.
 946  $archive_url = build_archive_link();
 947  
 948  // Check banned ip addresses
 949  if(is_banned_ip($session->ipaddress, true))
 950  {
 951      if($mybb->user['uid'])
 952      {
 953          $db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip)." OR uid='{$mybb->user['uid']}'");
 954      }
 955      else
 956      {
 957          $db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip));
 958      }
 959      error($lang->error_banned);
 960  }
 961  
 962  $closed_bypass = array(
 963      'member.php' => array(
 964          'login',
 965          'do_login',
 966          'logout',
 967      ),
 968      'captcha.php',
 969  );
 970  
 971  // If the board is closed, the user is not an administrator and they're not trying to login, show the board closed message
 972  if($mybb->settings['boardclosed'] == 1 && $mybb->usergroup['canviewboardclosed'] != 1 && !in_array($current_page, $closed_bypass) && (!is_array($closed_bypass[$current_page]) || !in_array($mybb->get_input('action'), $closed_bypass[$current_page])))
 973  {
 974      // Show error
 975      if(!$mybb->settings['boardclosed_reason'])
 976      {
 977          $mybb->settings['boardclosed_reason'] = $lang->boardclosed_reason;
 978      }
 979  
 980      eval('$reason = "'.$templates->get('global_boardclosed_reason').'";');
 981      $lang->error_boardclosed .= $reason;
 982  
 983      if(!$mybb->get_input('modal'))
 984      {
 985          error($lang->error_boardclosed);
 986      }
 987      else
 988      {
 989          $output = '';
 990          eval('$output = "'.$templates->get('global_board_offline_modal', 1, 0).'";');
 991          echo($output);
 992      }
 993      exit;
 994  }
 995  
 996  $force_bypass = array(
 997      'member.php' => array(
 998          'login',
 999          'do_login',
1000          'logout',
1001          'register',
1002          'do_register',
1003          'lostpw',
1004          'do_lostpw',
1005          'activate',
1006          'resendactivation',
1007          'do_resendactivation',
1008          'resetpassword',
1009      ),
1010      'captcha.php',
1011  );
1012  
1013  // If the board forces user to login/register, and the user is a guest, show the force login message
1014  if($mybb->settings['forcelogin'] == 1 && $mybb->user['uid'] == 0 && !in_array($current_page, $force_bypass) && (!is_array($force_bypass[$current_page]) || !in_array($mybb->get_input('action'), $force_bypass[$current_page])))
1015  {
1016      // Show error
1017      error_no_permission();
1018      exit;
1019  }
1020  
1021  // Load Limiting
1022  if($mybb->usergroup['cancp'] != 1 && $mybb->settings['load'] > 0 && ($load = get_server_load()) && $load != $lang->unknown && $load > $mybb->settings['load'])
1023  {
1024      // User is not an administrator and the load limit is higher than the limit, show an error
1025      error($lang->error_loadlimit);
1026  }
1027  
1028  // If there is a valid referrer in the URL, cookie it
1029  if(!$mybb->user['uid'] && $mybb->settings['usereferrals'] == 1 && (isset($mybb->input['referrer']) || isset($mybb->input['referrername'])))
1030  {
1031      if(isset($mybb->input['referrername']))
1032      {
1033          $condition = "username = '".$db->escape_string($mybb->get_input('referrername'))."'";
1034      }
1035      else
1036      {
1037          $condition = "uid = '".$mybb->get_input('referrer', MyBB::INPUT_INT)."'";
1038      }
1039  
1040      $query = $db->simple_select('users', 'uid', $condition, array('limit' => 1));
1041      $referrer = $db->fetch_array($query);
1042  
1043      if($referrer['uid'])
1044      {
1045          my_setcookie('mybb[referrer]', $referrer['uid']);
1046      }
1047  }
1048  
1049  $output = '';
1050  $notallowed = false;
1051  if($mybb->usergroup['canview'] != 1)
1052  {
1053      // Check pages allowable even when not allowed to view board
1054      if(defined('ALLOWABLE_PAGE'))
1055      {
1056          if(is_string(ALLOWABLE_PAGE))
1057          {
1058              $allowable_actions = explode(',', ALLOWABLE_PAGE);
1059              if(!in_array($mybb->get_input('action'), $allowable_actions))
1060              {
1061                  $notallowed = true;
1062              }
1063  
1064              unset($allowable_actions);
1065          }
1066          else if(ALLOWABLE_PAGE !== 1)
1067          {
1068              $notallowed = true;
1069          }
1070      }
1071      else
1072      {
1073          $notallowed = true;
1074      }
1075  
1076      if($notallowed == true)
1077      {
1078          if(!$mybb->get_input('modal'))
1079          {
1080              error_no_permission();
1081          }
1082          else
1083          {
1084              eval('$output = "'.$templates->get('global_no_permission_modal', 1, 0).'";');
1085              echo($output);
1086              exit;
1087          }
1088      }
1089  }
1090  
1091  // Find out if this user of ours is using a banned email address.
1092  // If they are, redirect them to change it
1093  if($mybb->user['uid'] && is_banned_email($mybb->user['email']) && $mybb->settings['emailkeep'] != 1)
1094  {
1095      if(THIS_SCRIPT != 'usercp.php' || THIS_SCRIPT == 'usercp.php' && $mybb->get_input('action') != 'email' && $mybb->get_input('action') != 'do_email')
1096      {
1097          redirect('usercp.php?action=email');
1098      }
1099      else if($mybb->request_method != 'post')
1100      {
1101          $banned_email_error = inline_error(array($lang->banned_email_warning));
1102      }
1103  }
1104  
1105  // work out which items the user has collapsed
1106  $colcookie = '';
1107  if(!empty($mybb->cookies['collapsed']))
1108  {
1109      $colcookie = $mybb->cookies['collapsed'];
1110  }
1111  
1112  // set up collapsable items (to automatically show them us expanded)
1113  $collapsed = array('boardstats' => '', 'boardstats_e' => '', 'quickreply' => '', 'quickreply_e' => '');
1114  $collapsedimg = $collapsed;
1115  
1116  if($colcookie)
1117  {
1118      $col = explode("|", $colcookie);
1119      if(!is_array($col))
1120      {
1121          $col[0] = $colcookie; // only one item
1122      }
1123      unset($collapsed);
1124      foreach($col as $key => $val)
1125      {
1126          $ex = $val."_e";
1127          $co = $val."_c";
1128          $collapsed[$co] = "display: show;";
1129          $collapsed[$ex] = "display: none;";
1130          $collapsedimg[$val] = "_collapsed";
1131          $collapsedthead[$val] = " thead_collapsed";
1132      }
1133  }
1134  
1135  // Run hooks for end of global.php
1136  $plugins->run_hooks('global_end');
1137  
1138  $globaltime = $maintimer->getTime();


2005 - 2016 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1