[ Index ]

PHP Cross Reference of MyBB 1.8.17

title

Body

[close]

/ -> global.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  $working_dir = dirname(__FILE__);
  12  if(!$working_dir)
  13  {
  14      $working_dir = '.';
  15  }
  16  
  17  // Load main MyBB core file which begins all of the magic
  18  require_once $working_dir.'/inc/init.php';
  19  
  20  $shutdown_queries = $shutdown_functions = array();
  21  
  22  // Read the usergroups cache as well as the moderators cache
  23  $groupscache = $cache->read('usergroups');
  24  
  25  // If the groups cache doesn't exist, update it and re-read it
  26  if(!is_array($groupscache))
  27  {
  28      $cache->update_usergroups();
  29      $groupscache = $cache->read('usergroups');
  30  }
  31  
  32  $current_page = my_strtolower(basename(THIS_SCRIPT));
  33  
  34  // Send page headers - don't send no-cache headers for attachment.php
  35  if($current_page != 'attachment.php')
  36  {
  37      send_page_headers();
  38  }
  39  
  40  // Do not use session system for defined pages
  41  if((isset($mybb->input['action']) && isset($nosession[$mybb->input['action']])) || (isset($mybb->input['thumbnail']) && $current_page == 'attachment.php'))
  42  {
  43      define('NO_ONLINE', 1);
  44  }
  45  
  46  // Create session for this user
  47  require_once  MYBB_ROOT.'inc/class_session.php';
  48  $session = new session;
  49  $session->init();
  50  $mybb->session = &$session;
  51  
  52  $mybb->user['ismoderator'] = is_moderator(0, '', $mybb->user['uid']);
  53  
  54  // Set our POST validation code here
  55  $mybb->post_code = generate_post_check();
  56  
  57  // Set and load the language
  58  if(isset($mybb->input['language']) && $lang->language_exists($mybb->get_input('language')) && verify_post_check($mybb->get_input('my_post_key'), true))
  59  {
  60      $mybb->settings['bblanguage'] = $mybb->get_input('language');
  61      // If user is logged in, update their language selection with the new one
  62      if($mybb->user['uid'])
  63      {
  64          if(isset($mybb->cookies['mybblang']))
  65          {
  66              my_unsetcookie('mybblang');
  67          }
  68  
  69          $db->update_query('users', array('language' => $db->escape_string($mybb->settings['bblanguage'])), "uid = '{$mybb->user['uid']}'");
  70      }
  71      // Guest = cookie
  72      else
  73      {
  74          my_setcookie('mybblang', $mybb->settings['bblanguage']);
  75      }
  76      $mybb->user['language'] = $mybb->settings['bblanguage'];
  77  }
  78  // Cookied language!
  79  else if(!$mybb->user['uid'] && !empty($mybb->cookies['mybblang']) && $lang->language_exists($mybb->cookies['mybblang']))
  80  {
  81      $mybb->settings['bblanguage'] = $mybb->cookies['mybblang'];
  82  }
  83  else if(!isset($mybb->settings['bblanguage']))
  84  {
  85      $mybb->settings['bblanguage'] = 'english';
  86  }
  87  
  88  // Load language
  89  $lang->set_language($mybb->settings['bblanguage']);
  90  $lang->load('global');
  91  $lang->load('messages');
  92  
  93  // Run global_start plugin hook now that the basics are set up
  94  $plugins->run_hooks('global_start');
  95  
  96  if(function_exists('mb_internal_encoding') && !empty($lang->settings['charset']))
  97  {
  98      @mb_internal_encoding($lang->settings['charset']);
  99  }
 100  
 101  // Select the board theme to use.
 102  $loadstyle = '';
 103  $load_from_forum = $load_from_user = 0;
 104  $style = array();
 105  
 106  // The user used our new quick theme changer
 107  if(isset($mybb->input['theme']) && verify_post_check($mybb->get_input('my_post_key'), true))
 108  {
 109      // Set up user handler.
 110      require_once  MYBB_ROOT.'inc/datahandlers/user.php';
 111      $userhandler = new UserDataHandler('update');
 112  
 113      $user = array(
 114          'uid'    => $mybb->user['uid'],
 115          'style'    => $mybb->get_input('theme', MyBB::INPUT_INT),
 116          'usergroup'    => $mybb->user['usergroup'],
 117          'additionalgroups'    => $mybb->user['additionalgroups']
 118      );
 119  
 120      $userhandler->set_data($user);
 121  
 122      // validate_user verifies the style if it is set in the data array.
 123      if($userhandler->validate_user())
 124      {
 125          $mybb->user['style'] = $user['style'];
 126  
 127          // If user is logged in, update their theme selection with the new one
 128          if($mybb->user['uid'])
 129          {
 130              if(isset($mybb->cookies['mybbtheme']))
 131              {
 132                  my_unsetcookie('mybbtheme');
 133              }
 134  
 135              $userhandler->update_user();
 136          }
 137          // Guest = cookie
 138          else
 139          {
 140              my_setcookie('mybbtheme', $user['style']);
 141          }
 142      }
 143  }
 144  // Cookied theme!
 145  else if(!$mybb->user['uid'] && !empty($mybb->cookies['mybbtheme']))
 146  {
 147      $mybb->user['style'] = (int)$mybb->cookies['mybbtheme'];
 148  }
 149  
 150  // This user has a custom theme set in their profile
 151  if(isset($mybb->user['style']) && (int)$mybb->user['style'] != 0)
 152  {
 153      $mybb->user['style'] = (int)$mybb->user['style'];
 154  
 155      $loadstyle = "tid = '{$mybb->user['style']}'";
 156      $load_from_user = 1;
 157  }
 158  
 159  $valid = array(
 160      'showthread.php',
 161      'forumdisplay.php',
 162      'newthread.php',
 163      'newreply.php',
 164      'ratethread.php',
 165      'editpost.php',
 166      'polls.php',
 167      'sendthread.php',
 168      'printthread.php',
 169      'moderation.php'
 170  );
 171  
 172  if(in_array($current_page, $valid))
 173  {
 174      cache_forums();
 175  
 176      // If we're accessing a post, fetch the forum theme for it and if we're overriding it
 177      if(isset($mybb->input['pid']) && THIS_SCRIPT != "polls.php")
 178      {
 179          $query = $db->simple_select("posts", "fid", "pid = '{$mybb->input['pid']}'", array("limit" => 1));
 180          $fid = $db->fetch_field($query, 'fid');
 181  
 182          if($fid)
 183          {
 184              $style = $forum_cache[$fid];
 185              $load_from_forum = 1;
 186          }
 187      }
 188      // We have a thread id and a forum id, we can easily fetch the theme for this forum
 189      else if(isset($mybb->input['tid']))
 190      {
 191          $query = $db->simple_select('threads', 'fid', "tid = '{$mybb->input['tid']}'", array('limit' => 1));
 192          $fid = $db->fetch_field($query, 'fid');
 193  
 194          if($fid)
 195          {
 196              $style = $forum_cache[$fid];
 197              $load_from_forum = 1;
 198          }
 199      }
 200      // If we're accessing poll results, fetch the forum theme for it and if we're overriding it
 201      else if(isset($mybb->input['pid']) && THIS_SCRIPT == "polls.php")
 202      {
 203          $query = $db->simple_select('threads', 'fid', "poll = '{$mybb->input['pid']}'", array('limit' => 1));
 204          $fid = $db->fetch_field($query, 'fid');
 205  
 206          if($fid)
 207          {
 208              $style = $forum_cache[$fid];
 209              $load_from_forum = 1;
 210          }
 211      }
 212      // We have a forum id - simply load the theme from it
 213      else if(isset($mybb->input['fid']) && isset($forum_cache[$mybb->input['fid']]))
 214      {
 215          $style = $forum_cache[$mybb->input['fid']];
 216          $load_from_forum = 1;
 217      }
 218  }
 219  unset($valid);
 220  
 221  // From all of the above, a theme was found
 222  if(isset($style['style']) && $style['style'] > 0)
 223  {
 224      $style['style'] = (int)$style['style'];
 225  
 226      // This theme is forced upon the user, overriding their selection
 227      if($style['overridestyle'] == 1 || !isset($mybb->user['style']))
 228      {
 229          $loadstyle = "tid = '{$style['style']}'";
 230      }
 231  }
 232  
 233  // After all of that no theme? Load the board default
 234  if(empty($loadstyle))
 235  {
 236      $loadstyle = "def='1'";
 237  }
 238  
 239  // Fetch the theme to load from the cache
 240  if($loadstyle != "def='1'")
 241  {
 242      $query = $db->simple_select('themes', 'name, tid, properties, stylesheets, allowedgroups', $loadstyle, array('limit' => 1));
 243      $theme = $db->fetch_array($query);
 244  
 245      if(isset($theme['tid']) && !$load_from_forum && !is_member($theme['allowedgroups']) && $theme['allowedgroups'] != 'all')
 246      {
 247          if($load_from_user == 1)
 248          {
 249              $db->update_query('users', array('style' => 0), "style='{$mybb->user['style']}' AND uid='{$mybb->user['uid']}'");
 250          }
 251  
 252          if(isset($mybb->cookies['mybbtheme']))
 253          {
 254              my_unsetcookie('mybbtheme');
 255          }
 256  
 257          $loadstyle = "def='1'";
 258      }
 259  }
 260  
 261  if($loadstyle == "def='1'")
 262  {
 263      if(!$cache->read('default_theme'))
 264      {
 265          $cache->update_default_theme();
 266      }
 267  
 268      $theme = $cache->read('default_theme');
 269  
 270      $load_from_forum = $load_from_user = 0;
 271  }
 272  
 273  // No theme was found - we attempt to load the master or any other theme
 274  if(!isset($theme['tid']) || isset($theme['tid']) && !$theme['tid'])
 275  {
 276      // Missing theme was from a forum, run a query to set any forums using the theme to the default
 277      if($load_from_forum == 1)
 278      {
 279          $db->update_query('forums', array('style' => 0), "style = '{$style['style']}'");
 280      }
 281      // Missing theme was from a user, run a query to set any users using the theme to the default
 282      else if($load_from_user == 1)
 283      {
 284          $db->update_query('users', array('style' => 0), "style = '{$mybb->user['style']}'");
 285      }
 286  
 287      // Attempt to load the master or any other theme if the master is not available
 288      $query = $db->simple_select('themes', 'name, tid, properties, stylesheets', '', array('order_by' => 'tid', 'limit' => 1));
 289      $theme = $db->fetch_array($query);
 290  }
 291  $theme = @array_merge($theme, my_unserialize($theme['properties']));
 292  
 293  // Fetch all necessary stylesheets
 294  $stylesheets = '';
 295  $theme['stylesheets'] = my_unserialize($theme['stylesheets']);
 296  $stylesheet_scripts = array("global", basename($_SERVER['PHP_SELF']));
 297  if(!empty($theme['color']))
 298  {
 299      $stylesheet_scripts[] = $theme['color'];
 300  }
 301  $stylesheet_actions = array("global");
 302  if(!empty($mybb->input['action']))
 303  {
 304      $stylesheet_actions[] = $mybb->get_input('action');
 305  }
 306  foreach($stylesheet_scripts as $stylesheet_script)
 307  {
 308      // Load stylesheets for global actions and the current action
 309      foreach($stylesheet_actions as $stylesheet_action)
 310      {
 311          if(!$stylesheet_action)
 312          {
 313              continue;
 314          }
 315  
 316          if(!empty($theme['stylesheets'][$stylesheet_script][$stylesheet_action]))
 317          {
 318              // Actually add the stylesheets to the list
 319              foreach($theme['stylesheets'][$stylesheet_script][$stylesheet_action] as $page_stylesheet)
 320              {
 321                  if(!empty($already_loaded[$page_stylesheet]))
 322                  {
 323                      continue;
 324                  }
 325  
 326                  if(strpos($page_stylesheet, 'css.php') !== false)
 327                  {
 328                      $stylesheet_url = $mybb->settings['bburl'] . '/' . $page_stylesheet;
 329                  }
 330                  else
 331                  {
 332                      $stylesheet_url = $mybb->get_asset_url($page_stylesheet);
 333                  }
 334  
 335                  if($mybb->settings['minifycss'])
 336                  {
 337                      $stylesheet_url = str_replace('.css', '.min.css', $stylesheet_url);
 338                  }
 339  
 340                  if(strpos($page_stylesheet, 'css.php') !== false)
 341                  {
 342                      // We need some modification to get it working with the displayorder
 343                      $query_string = parse_url($stylesheet_url, PHP_URL_QUERY);
 344                      $id = (int) my_substr($query_string, 11);
 345                      $query = $db->simple_select("themestylesheets", "name", "sid={$id}");
 346                      $real_name = $db->fetch_field($query, "name");
 347                      $theme_stylesheets[$real_name] = "<link type=\"text/css\" rel=\"stylesheet\" href=\"{$stylesheet_url}\" />\n";
 348                  }
 349                  else
 350                  {
 351                      $theme_stylesheets[basename($page_stylesheet)] = "<link type=\"text/css\" rel=\"stylesheet\" href=\"{$stylesheet_url}\" />\n";
 352                  }
 353  
 354                  $already_loaded[$page_stylesheet] = 1;
 355              }
 356          }
 357      }
 358  }
 359  unset($actions);
 360  
 361  if(!empty($theme_stylesheets) && is_array($theme['disporder']))
 362  {
 363      foreach($theme['disporder'] as $style_name => $order)
 364      {
 365          if(!empty($theme_stylesheets[$style_name]))
 366          {
 367              $stylesheets .= $theme_stylesheets[$style_name];
 368          }
 369      }
 370  }
 371  
 372  // Are we linking to a remote theme server?
 373  if(my_validate_url($theme['imgdir']))
 374  {
 375      // If a language directory for the current language exists within the theme - we use it
 376      if(!empty($mybb->user['language']))
 377      {
 378          $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];
 379      }
 380      else
 381      {
 382          // Check if a custom language directory exists for this theme
 383          if(!empty($mybb->settings['bblanguage']))
 384          {
 385              $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
 386          }
 387          // Otherwise, the image language directory is the same as the language directory for the theme
 388          else
 389          {
 390              $theme['imglangdir'] = $theme['imgdir'];
 391          }
 392      }
 393  }
 394  else
 395  {
 396      $img_directory = $theme['imgdir'];
 397  
 398      if($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath']))
 399      {
 400          $img_directory = rtrim($mybb->settings['cdnpath'], '/') . '/' . ltrim($theme['imgdir'], '/');
 401      }
 402  
 403      if(!@is_dir($img_directory))
 404      {
 405          $theme['imgdir'] = 'images';
 406      }
 407  
 408      // If a language directory for the current language exists within the theme - we use it
 409      if(!empty($mybb->user['language']) && is_dir($img_directory.'/'.$mybb->user['language']))
 410      {
 411          $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];
 412      }
 413      else
 414      {
 415          // Check if a custom language directory exists for this theme
 416          if(is_dir($img_directory.'/'.$mybb->settings['bblanguage']))
 417          {
 418              $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
 419          }
 420          // Otherwise, the image language directory is the same as the language directory for the theme
 421          else
 422          {
 423              $theme['imglangdir'] = $theme['imgdir'];
 424          }
 425      }
 426  
 427      $theme['imgdir'] = $mybb->get_asset_url($theme['imgdir']);
 428      $theme['imglangdir'] = $mybb->get_asset_url($theme['imglangdir']);
 429  }
 430  
 431  // Theme logo - is it a relative URL to the forum root? Append bburl
 432  if(!preg_match("#^(\.\.?(/|$)|([a-z0-9]+)://)#i", $theme['logo']) && substr($theme['logo'], 0, 1) != '/')
 433  {
 434      $theme['logo'] = $mybb->get_asset_url($theme['logo']);
 435  }
 436  
 437  // Load Main Templates and Cached Templates
 438  if(isset($templatelist))
 439  {
 440      $templatelist .= ',';
 441  }
 442  else
 443  {
 444      $templatelist = '';
 445  }
 446  
 447  $templatelist .= "headerinclude,header,footer,gobutton,htmldoctype,header_welcomeblock_member,header_welcomeblock_member_user,header_welcomeblock_member_moderator,header_welcomeblock_member_admin,error";
 448  $templatelist .= ",global_pending_joinrequests,global_awaiting_activation,nav,nav_sep,nav_bit,nav_sep_active,nav_bit_active,footer_languageselect,footer_themeselect,global_unreadreports,footer_contactus";
 449  $templatelist .= ",global_boardclosed_warning,global_bannedwarning,error_inline,error_nopermission_loggedin,error_nopermission,global_pm_alert,header_menu_search,header_menu_portal,redirect,footer_languageselect_option";
 450  $templatelist .= ",video_dailymotion_embed,video_facebook_embed,video_liveleak_embed,video_metacafe_embed,video_myspacetv_embed,video_veoh_embed,video_vimeo_embed,video_yahoo_embed,video_youtube_embed,debug_summary";
 451  $templatelist .= ",smilieinsert_row,smilieinsert_row_empty,smilieinsert,smilieinsert_getmore,smilieinsert_smilie,global_board_offline_modal,footer_themeselector,task_image,usercp_themeselector_option,php_warnings";
 452  $templatelist .= ",mycode_code,mycode_email,mycode_img,mycode_php,mycode_quote_post,mycode_size_int,mycode_url,global_no_permission_modal,global_boardclosed_reason,nav_dropdown,global_remote_avatar_notice";
 453  $templatelist .= ",header_welcomeblock_member_pms,header_welcomeblock_member_search,header_welcomeblock_guest,header_welcomeblock_guest_login_modal,header_welcomeblock_guest_login_modal_lockout";
 454  $templatelist .= ",header_menu_calendar,header_menu_memberlist,global_dst_detection,header_quicksearch,smilie";
 455  $templates->cache($db->escape_string($templatelist));
 456  
 457  // Set the current date and time now
 458  $datenow = my_date($mybb->settings['dateformat'], TIME_NOW, '', false);
 459  $timenow = my_date($mybb->settings['timeformat'], TIME_NOW);
 460  $lang->welcome_current_time = $lang->sprintf($lang->welcome_current_time, $datenow . $lang->comma . $timenow);
 461  
 462  // Format the last visit date of this user appropriately
 463  if(isset($mybb->user['lastvisit']))
 464  {
 465      $lastvisit = my_date('relative', $mybb->user['lastvisit'], '', 2);
 466  }
 467  // Otherwise, they've never visited before
 468  else
 469  {
 470      $lastvisit = $lang->lastvisit_never;
 471  }
 472  
 473  $plugins->run_hooks('global_intermediate');
 474  
 475  // If the board is closed and we have a usergroup allowed to view the board when closed, then show board closed warning
 476  $bbclosedwarning = '';
 477  if($mybb->settings['boardclosed'] == 1 && $mybb->usergroup['canviewboardclosed'] == 1)
 478  {
 479      eval('$bbclosedwarning = "'.$templates->get('global_boardclosed_warning').'";');
 480  }
 481  
 482  // Prepare the main templates for use
 483  $admincplink = $modcplink = $usercplink = '';
 484  
 485  // Load appropriate welcome block for the current logged in user
 486  if($mybb->user['uid'] != 0)
 487  {
 488      // User can access the admin cp and we're not hiding admin cp links, fetch it
 489      if($mybb->usergroup['cancp'] == 1 && $mybb->config['hide_admin_links'] != 1)
 490      {
 491          $admin_dir = $config['admin_dir'];
 492          eval('$admincplink = "'.$templates->get('header_welcomeblock_member_admin').'";');
 493      }
 494  
 495      if($mybb->usergroup['canmodcp'] == 1)
 496      {
 497          eval('$modcplink = "'.$templates->get('header_welcomeblock_member_moderator').'";');
 498      }
 499  
 500      if($mybb->usergroup['canusercp'] == 1)
 501      {
 502          eval('$usercplink = "'.$templates->get('header_welcomeblock_member_user').'";');
 503      }
 504  
 505      // Format the welcome back message
 506      $lang->welcome_back = $lang->sprintf($lang->welcome_back, build_profile_link(htmlspecialchars_uni($mybb->user['username']), $mybb->user['uid']), $lastvisit);
 507  
 508      $searchlink = '';
 509      if($mybb->usergroup['cansearch'] == 1)
 510      {
 511          eval('$searchlink = "'.$templates->get('header_welcomeblock_member_search').'";');
 512      }
 513  
 514      // Tell the user their PM usage
 515      $pmslink = '';
 516      if($mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] == 1)
 517      {
 518          $lang->welcome_pms_usage = $lang->sprintf($lang->welcome_pms_usage, my_number_format($mybb->user['pms_unread']), my_number_format($mybb->user['pms_total']));
 519  
 520          eval('$pmslink = "'.$templates->get('header_welcomeblock_member_pms').'";');
 521      }
 522  
 523      eval('$welcomeblock = "'.$templates->get('header_welcomeblock_member').'";');
 524  }
 525  // Otherwise, we have a guest
 526  else
 527  {
 528      switch($mybb->settings['username_method'])
 529      {
 530          case 0:
 531              $login_username = $lang->login_username;
 532              break;
 533          case 1:
 534              $login_username = $lang->login_username1;
 535              break;
 536          case 2:
 537              $login_username = $lang->login_username2;
 538              break;
 539          default:
 540              $login_username = $lang->login_username;
 541              break;
 542      }
 543  
 544      if($mybb->cookies['lockoutexpiry'])
 545      {
 546          $secsleft = (int)($mybb->cookies['lockoutexpiry'] - TIME_NOW);
 547          $hoursleft = floor($secsleft / 3600);
 548          $minsleft = floor(($secsleft / 60) % 60);
 549          $secsleft = floor($secsleft % 60);
 550  
 551          $lang->failed_login_wait = $lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft);
 552  
 553          eval('$loginform = "'.$templates->get('header_welcomeblock_guest_login_modal_lockout').'";');
 554      }
 555      else
 556      {
 557          eval('$loginform = "'.$templates->get('header_welcomeblock_guest_login_modal').'";');
 558      }
 559  
 560      eval('$welcomeblock = "'.$templates->get('header_welcomeblock_guest').'";');
 561  }
 562  
 563  // Display menu links and quick search if user has permission
 564  $menu_search = $menu_memberlist = $menu_portal = $menu_calendar = $quicksearch = '';
 565  if($mybb->usergroup['cansearch'] == 1)
 566  {
 567      eval('$menu_search = "'.$templates->get('header_menu_search').'";');
 568      eval('$quicksearch = "'.$templates->get('header_quicksearch').'";');
 569  }
 570  
 571  if($mybb->settings['enablememberlist'] == 1 && $mybb->usergroup['canviewmemberlist'] == 1)
 572  {
 573      eval('$menu_memberlist = "'.$templates->get('header_menu_memberlist').'";');
 574  }
 575  
 576  if($mybb->settings['enablecalendar'] == 1 && $mybb->usergroup['canviewcalendar'] == 1)
 577  {
 578      eval('$menu_calendar = "'.$templates->get('header_menu_calendar').'";');
 579  }
 580  
 581  if($mybb->settings['portal'] == 1)
 582  {
 583      eval('$menu_portal = "'.$templates->get('header_menu_portal').'";');
 584  }
 585  
 586  // See if there are any pending join requests for group leaders
 587  $pending_joinrequests = '';
 588  $groupleaders = $cache->read('groupleaders');
 589  if($mybb->user['uid'] != 0 && is_array($groupleaders) && array_key_exists($mybb->user['uid'], $groupleaders))
 590  {
 591      $groupleader = $groupleaders[$mybb->user['uid']];
 592      $showjoinnotice = false;
 593  
 594      $gids = "'0'";
 595      foreach($groupleader as $user)
 596      {
 597          if($user['canmanagerequests'] != 1)
 598          {
 599              continue;
 600          }
 601  
 602          $user['gid'] = (int)$user['gid'];
 603  
 604          if(!empty($groupscache[$user['gid']]['joinable']) && $groupscache[$user['gid']]['joinable'] == 1)
 605          {
 606              $showjoinnotice = true;
 607              $gids .= ",'{$user['gid']}'";
 608          }
 609      }
 610  
 611      if($showjoinnotice)
 612      {
 613          $query = $db->simple_select('joinrequests', 'COUNT(uid) as total', "gid IN ({$gids}) AND invite='0'");
 614          $total_joinrequests = $db->fetch_field($query, 'total');
 615  
 616          if($total_joinrequests > 0)
 617          {
 618              if($total_joinrequests == 1)
 619              {
 620                  $lang->pending_joinrequests = $lang->pending_joinrequest;
 621              }
 622              else
 623              {
 624                  $total_joinrequests = my_number_format($total_joinrequests);
 625                  $lang->pending_joinrequests = $lang->sprintf($lang->pending_joinrequests, $total_joinrequests);
 626              }
 627  
 628              eval('$pending_joinrequests = "'.$templates->get('global_pending_joinrequests').'";');
 629          }
 630      }
 631  }
 632  
 633  $unreadreports = '';
 634  // This user is a moderator, super moderator or administrator
 635  if($mybb->settings['reportmethod'] == "db" && ($mybb->usergroup['cancp'] == 1 || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1)))
 636  {
 637      // Only worth checking if we are here because we have ACP permissions and the other condition fails
 638      if($mybb->usergroup['cancp'] == 1 && !($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1))
 639      {
 640          // First we check if the user's a super admin: if yes, we don't care about permissions
 641          $can_access_moderationqueue = true;
 642          $is_super_admin = is_super_admin($mybb->user['uid']);
 643          if(!$is_super_admin)
 644          {
 645              // Include admin functions
 646              if(!file_exists(MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php"))
 647              {
 648                  $can_access_moderationqueue = false;
 649              }
 650  
 651              require_once MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php";
 652  
 653              // Verify if we have permissions to access forum-moderation_queue
 654              require_once MYBB_ROOT.$mybb->config['admin_dir']."/modules/forum/module_meta.php";
 655              if(function_exists("forum_admin_permissions"))
 656              {
 657                  // Get admin permissions
 658                  $adminperms = get_admin_permissions($mybb->user['uid']);
 659  
 660                  $permissions = forum_admin_permissions();
 661                  if(array_key_exists('moderation_queue', $permissions['permissions']) && $adminperms['forum']['moderation_queue'] != 1)
 662                  {
 663                      $can_access_moderationqueue = false;
 664                  }
 665              }
 666          }
 667      }
 668      else
 669      {
 670          $can_access_moderationqueue = false;
 671      }
 672  
 673      if($can_access_moderationqueue || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1))
 674      {
 675          // Read the reported content cache
 676          $reported = $cache->read('reportedcontent');
 677  
 678          // 0 or more reported items currently exist
 679          if($reported['unread'] > 0)
 680          {
 681              // We want to avoid one extra query for users that can moderate any forum
 682              if($mybb->usergroup['cancp'] || $mybb->usergroup['issupermod'])
 683              {
 684                  $unread = (int)$reported['unread'];
 685              }
 686              else
 687              {
 688                  $unread = 0;
 689                  $query = $db->simple_select('reportedcontent', 'id3', "reportstatus='0' AND (type = 'post' OR type = '')");
 690  
 691                  while($fid = $db->fetch_field($query, 'id3'))
 692                  {
 693                      if(is_moderator($fid, "canmanagereportedposts"))
 694                      {
 695                          ++$unread;
 696                      }
 697                  }
 698              }
 699  
 700              if($unread > 0)
 701              {
 702                  if($unread == 1)
 703                  {
 704                      $lang->unread_reports = $lang->unread_report;
 705                  }
 706                  else
 707                  {
 708                      $lang->unread_reports = $lang->sprintf($lang->unread_reports, my_number_format($unread));
 709                  }
 710  
 711                  eval('$unreadreports = "'.$templates->get('global_unreadreports').'";');
 712              }
 713          }
 714      }
 715  }
 716  
 717  // Got a character set?
 718  $charset = 'UTF-8';
 719  if(isset($lang->settings['charset']) && $lang->settings['charset'])
 720  {
 721      $charset = $lang->settings['charset'];
 722  }
 723  
 724  // Is this user apart of a banned group?
 725  $bannedwarning = '';
 726  if($mybb->usergroup['isbannedgroup'] == 1)
 727  {
 728      // Fetch details on their ban
 729      $query = $db->simple_select('banned', '*', "uid = '{$mybb->user['uid']}'", array('limit' => 1));
 730      $ban = $db->fetch_array($query);
 731  
 732      if($ban['uid'])
 733      {
 734          // Format their ban lift date and reason appropriately
 735          $banlift = $lang->banned_lifted_never;
 736          $reason = htmlspecialchars_uni($ban['reason']);
 737  
 738          if($ban['lifted'] > 0)
 739          {
 740              $banlift = my_date('normal', $ban['lifted']);
 741          }
 742      }
 743  
 744      if(empty($reason))
 745      {
 746          $reason = $lang->unknown;
 747      }
 748  
 749      if(empty($banlift))
 750      {
 751          $banlift = $lang->unknown;
 752      }
 753  
 754      // Display a nice warning to the user
 755      eval('$bannedwarning = "'.$templates->get('global_bannedwarning').'";');
 756  }
 757  
 758  $lang->ajax_loading = str_replace("'", "\\'", $lang->ajax_loading);
 759  
 760  // Check if this user has a new private message.
 761  $pm_notice = '';
 762  if(isset($mybb->user['pmnotice']) && $mybb->user['pmnotice'] == 2 && $mybb->user['pms_unread'] > 0 && $mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] != 0 && $mybb->usergroup['canview'] != 0 && ($current_page != "private.php" || $mybb->get_input('action') != "read"))
 763  {
 764      if(!isset($parser))
 765      {
 766          require_once  MYBB_ROOT.'inc/class_parser.php';
 767          $parser = new postParser;
 768      }
 769  
 770      $query = $db->query("
 771          SELECT pm.subject, pm.pmid, fu.username AS fromusername, fu.uid AS fromuid
 772          FROM ".TABLE_PREFIX."privatemessages pm
 773          LEFT JOIN ".TABLE_PREFIX."users fu on (fu.uid=pm.fromid)
 774          WHERE pm.folder = '1' AND pm.uid = '{$mybb->user['uid']}' AND pm.status = '0'
 775          ORDER BY pm.dateline DESC
 776          LIMIT 1
 777      ");
 778  
 779      $pm = $db->fetch_array($query);
 780      $pm['subject'] = $parser->parse_badwords($pm['subject']);
 781  
 782      if($pm['fromuid'] == 0)
 783      {
 784          $pm['fromusername'] = $lang->mybb_engine;
 785          $user_text = $pm['fromusername'];
 786      }
 787      else
 788      {
 789          $pm['fromusername'] = htmlspecialchars_uni($pm['fromusername']);
 790          $user_text = build_profile_link($pm['fromusername'], $pm['fromuid']);
 791      }
 792  
 793      if($mybb->user['pms_unread'] == 1)
 794      {
 795          $privatemessage_text = $lang->sprintf($lang->newpm_notice_one, $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject']));
 796      }
 797      else
 798      {
 799          $privatemessage_text = $lang->sprintf($lang->newpm_notice_multiple, $mybb->user['pms_unread'], $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject']));
 800      }
 801      eval('$pm_notice = "'.$templates->get('global_pm_alert').'";');
 802  }
 803  
 804  $remote_avatar_notice = '';
 805  if(($mybb->user['avatartype'] === 'remote' || $mybb->user['avatartype'] === 'gravatar') && !$mybb->settings['allowremoteavatars'])
 806  {
 807      eval('$remote_avatar_notice = "'.$templates->get('global_remote_avatar_notice').'";');
 808  }
 809  
 810  if($mybb->settings['awactialert'] == 1 && $mybb->usergroup['cancp'] == 1)
 811  {
 812      $awaitingusers = $cache->read('awaitingactivation');
 813  
 814      if(isset($awaitingusers['time']) && $awaitingusers['time'] + 86400 < TIME_NOW)
 815      {
 816          $cache->update_awaitingactivation();
 817          $awaitingusers = $cache->read('awaitingactivation');
 818      }
 819  
 820      if(!empty($awaitingusers['users']))
 821      {
 822          $awaitingusers = (int)$awaitingusers['users'];
 823      }
 824      else
 825      {
 826          $awaitingusers = 0;
 827      }
 828  
 829      if($awaitingusers < 1)
 830      {
 831          $awaitingusers = 0;
 832      }
 833      else
 834      {
 835          $awaitingusers = my_number_format($awaitingusers);
 836      }
 837  
 838      if($awaitingusers > 0)
 839      {
 840          if($awaitingusers == 1)
 841          {
 842              $awaiting_message = $lang->awaiting_message_single;
 843          }
 844          else
 845          {
 846              $awaiting_message = $lang->sprintf($lang->awaiting_message_plural, $awaitingusers);
 847          }
 848  
 849          if($admincplink)
 850          {
 851              $awaiting_message .= $lang->sprintf($lang->awaiting_message_link, $mybb->settings['bburl'], $admin_dir);
 852          }
 853  
 854          eval('$awaitingusers = "'.$templates->get('global_awaiting_activation').'";');
 855      }
 856      else
 857      {
 858          $awaitingusers = '';
 859      }
 860  }
 861  
 862  // Set up some of the default templates
 863  eval('$headerinclude = "'.$templates->get('headerinclude').'";');
 864  eval('$gobutton = "'.$templates->get('gobutton').'";');
 865  eval('$htmldoctype = "'.$templates->get('htmldoctype', 1, 0).'";');
 866  eval('$header = "'.$templates->get('header').'";');
 867  
 868  $copy_year = my_date('Y', TIME_NOW);
 869  
 870  // Are we showing version numbers in the footer?
 871  $mybbversion = '';
 872  if($mybb->settings['showvernum'] == 1)
 873  {
 874      $mybbversion = ' '.$mybb->version;
 875  }
 876  
 877  // Check to see if we have any tasks to run
 878  $task_image = '';
 879  $task_cache = $cache->read('tasks');
 880  if(!$task_cache['nextrun'])
 881  {
 882      $task_cache['nextrun'] = TIME_NOW;
 883  }
 884  
 885  if($task_cache['nextrun'] <= TIME_NOW)
 886  {
 887      eval("\$task_image = \"".$templates->get("task_image")."\";");
 888  }
 889  
 890  // Post code
 891  $post_code_string = '';
 892  if($mybb->user['uid'])
 893  {
 894      $post_code_string = '&amp;my_post_key='.$mybb->post_code;
 895  }
 896  
 897  // Are we showing the quick language selection box?
 898  $lang_select = $lang_options = '';
 899  if($mybb->settings['showlanguageselect'] != 0)
 900  {
 901      $languages = $lang->get_languages();
 902  
 903      if(count($languages) > 1)
 904      {
 905          foreach($languages as $key => $language)
 906          {
 907              $language = htmlspecialchars_uni($language);
 908  
 909              // Current language matches
 910              if($lang->language == $key)
 911              {
 912                  $selected = " selected=\"selected\"";
 913              }
 914              else
 915              {
 916                  $selected = '';
 917              }
 918  
 919              eval('$lang_options .= "'.$templates->get('footer_languageselect_option').'";');
 920          }
 921  
 922          $lang_redirect_url = get_current_location(true, 'language');
 923          eval('$lang_select = "'.$templates->get('footer_languageselect').'";');
 924      }
 925  }
 926  
 927  // Are we showing the quick theme selection box?
 928  $theme_select = $theme_options = '';
 929  if($mybb->settings['showthemeselect'] != 0)
 930  {
 931      $theme_options = build_theme_select("theme", $mybb->user['style'], 0, '', false, true);
 932  
 933      if(!empty($theme_options))
 934      {
 935          $theme_redirect_url = get_current_location(true, 'theme');
 936          eval('$theme_select = "'.$templates->get('footer_themeselect').'";');
 937      }
 938  }
 939  
 940  // If we use the contact form, show 'Contact Us' link when appropriate
 941  $contact_us = '';
 942  if(($mybb->settings['contactlink'] == "contact.php" && $mybb->settings['contact'] == 1 && ($mybb->settings['contact_guests'] != 1 && $mybb->user['uid'] == 0 || $mybb->user['uid'] > 0)) || $mybb->settings['contactlink'] != "contact.php")
 943  {
 944      if(!my_validate_url($mybb->settings['contactlink'], true) && my_substr($mybb->settings['contactlink'], 0, 7) != 'mailto:')
 945      {
 946          $mybb->settings['contactlink'] = $mybb->settings['bburl'].'/'.$mybb->settings['contactlink'];
 947      }
 948  
 949      eval('$contact_us = "'.$templates->get('footer_contactus').'";');
 950  }
 951  
 952  // DST Auto detection enabled?
 953  $auto_dst_detection = '';
 954  if($mybb->user['uid'] > 0 && $mybb->user['dstcorrection'] == 2)
 955  {
 956      $timezone = (float)$mybb->user['timezone'] + $mybb->user['dst'];
 957      eval('$auto_dst_detection = "'.$templates->get('global_dst_detection').'";');
 958  }
 959  
 960  eval('$footer = "'.$templates->get('footer').'";');
 961  
 962  // Add our main parts to the navigation
 963  $navbits = array();
 964  $navbits[0]['name'] = $mybb->settings['bbname_orig'];
 965  $navbits[0]['url'] = $mybb->settings['bburl'].'/index.php';
 966  
 967  // Set the link to the archive.
 968  $archive_url = build_archive_link();
 969  
 970  // Check banned ip addresses
 971  if(is_banned_ip($session->ipaddress, true))
 972  {
 973      if($mybb->user['uid'])
 974      {
 975          $db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip)." OR uid='{$mybb->user['uid']}'");
 976      }
 977      else
 978      {
 979          $db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip));
 980      }
 981      error($lang->error_banned);
 982  }
 983  
 984  $closed_bypass = array(
 985      'member.php' => array(
 986          'login',
 987          'do_login',
 988          'logout',
 989      ),
 990      'captcha.php',
 991      'contact.php',
 992  );
 993  
 994  // If the board is closed, the user is not an administrator and they're not trying to login, show the board closed message
 995  if($mybb->settings['boardclosed'] == 1 && $mybb->usergroup['canviewboardclosed'] != 1 && !in_array($current_page, $closed_bypass) && (!is_array($closed_bypass[$current_page]) || !in_array($mybb->get_input('action'), $closed_bypass[$current_page])))
 996  {
 997      // Show error
 998      if(!$mybb->settings['boardclosed_reason'])
 999      {
1000          $mybb->settings['boardclosed_reason'] = $lang->boardclosed_reason;
1001      }
1002  
1003      eval('$reason = "'.$templates->get('global_boardclosed_reason').'";');
1004      $lang->error_boardclosed .= $reason;
1005  
1006      if(!$mybb->get_input('modal'))
1007      {
1008          error($lang->error_boardclosed);
1009      }
1010      else
1011      {
1012          $output = '';
1013          eval('$output = "'.$templates->get('global_board_offline_modal', 1, 0).'";');
1014          echo($output);
1015      }
1016      exit;
1017  }
1018  
1019  $force_bypass = array(
1020      'member.php' => array(
1021          'login',
1022          'do_login',
1023          'logout',
1024          'register',
1025          'do_register',
1026          'lostpw',
1027          'do_lostpw',
1028          'activate',
1029          'resendactivation',
1030          'do_resendactivation',
1031          'resetpassword',
1032      ),
1033      'captcha.php',
1034      'contact.php',
1035  );
1036  
1037  // If the board forces user to login/register, and the user is a guest, show the force login message
1038  if($mybb->settings['forcelogin'] == 1 && $mybb->user['uid'] == 0 && !in_array($current_page, $force_bypass) && (!is_array($force_bypass[$current_page]) || !in_array($mybb->get_input('action'), $force_bypass[$current_page])))
1039  {
1040      // Show error
1041      error_no_permission();
1042      exit;
1043  }
1044  
1045  // Load Limiting
1046  if($mybb->usergroup['cancp'] != 1 && $mybb->settings['load'] > 0 && ($load = get_server_load()) && $load != $lang->unknown && $load > $mybb->settings['load'])
1047  {
1048      // User is not an administrator and the load limit is higher than the limit, show an error
1049      error($lang->error_loadlimit);
1050  }
1051  
1052  // If there is a valid referrer in the URL, cookie it
1053  if(!$mybb->user['uid'] && $mybb->settings['usereferrals'] == 1 && (isset($mybb->input['referrer']) || isset($mybb->input['referrername'])))
1054  {
1055      if(isset($mybb->input['referrername']))
1056      {
1057          $condition = "username = '".$db->escape_string($mybb->get_input('referrername'))."'";
1058      }
1059      else
1060      {
1061          $condition = "uid = '".$mybb->get_input('referrer', MyBB::INPUT_INT)."'";
1062      }
1063  
1064      $query = $db->simple_select('users', 'uid', $condition, array('limit' => 1));
1065      $referrer = $db->fetch_array($query);
1066  
1067      if($referrer['uid'])
1068      {
1069          my_setcookie('mybb[referrer]', $referrer['uid']);
1070      }
1071  }
1072  
1073  $output = '';
1074  $notallowed = false;
1075  if($mybb->usergroup['canview'] != 1)
1076  {
1077      // Check pages allowable even when not allowed to view board
1078      if(defined('ALLOWABLE_PAGE'))
1079      {
1080          if(is_string(ALLOWABLE_PAGE))
1081          {
1082              $allowable_actions = explode(',', ALLOWABLE_PAGE);
1083              if(!in_array($mybb->get_input('action'), $allowable_actions))
1084              {
1085                  $notallowed = true;
1086              }
1087  
1088              unset($allowable_actions);
1089          }
1090          else if(ALLOWABLE_PAGE !== 1)
1091          {
1092              $notallowed = true;
1093          }
1094      }
1095      else
1096      {
1097          $notallowed = true;
1098      }
1099  
1100      if($notallowed == true)
1101      {
1102          if(!$mybb->get_input('modal'))
1103          {
1104              error_no_permission();
1105          }
1106          else
1107          {
1108              eval('$output = "'.$templates->get('global_no_permission_modal', 1, 0).'";');
1109              echo($output);
1110              exit;
1111          }
1112      }
1113  }
1114  
1115  // Find out if this user of ours is using a banned email address.
1116  // If they are, redirect them to change it
1117  if($mybb->user['uid'] && is_banned_email($mybb->user['email']) && $mybb->settings['emailkeep'] != 1)
1118  {
1119      if(THIS_SCRIPT != 'usercp.php' || THIS_SCRIPT == 'usercp.php' && $mybb->get_input('action') != 'email' && $mybb->get_input('action') != 'do_email')
1120      {
1121          redirect('usercp.php?action=email');
1122      }
1123      else if($mybb->request_method != 'post')
1124      {
1125          $banned_email_error = inline_error(array($lang->banned_email_warning));
1126      }
1127  }
1128  
1129  // work out which items the user has collapsed
1130  $colcookie = '';
1131  if(!empty($mybb->cookies['collapsed']))
1132  {
1133      $colcookie = $mybb->cookies['collapsed'];
1134  }
1135  
1136  $collapse = $collapsed = $collapsedimg = array();
1137  
1138  if($colcookie)
1139  {
1140      // Preserve and don't unset $collapse, will be needed globally throughout many pages
1141      $collapse = explode("|", $colcookie);
1142      foreach($collapse as $val)
1143      {
1144          $ex = $val."_e";
1145          $co = $val."_c";
1146          $collapsed[$co] = "display: show;";
1147          $collapsed[$ex] = "display: none;";
1148          $collapsedimg[$val] = "_collapsed";
1149          $collapsedthead[$val] = " thead_collapsed";
1150      }
1151  }
1152  
1153  // Run hooks for end of global.php
1154  $plugins->run_hooks('global_end');
1155  
1156  $globaltime = $maintimer->getTime();


2005 - 2018 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1