[ Index ]

PHP Cross Reference of MyBB 1.8.20

title

Body

[close]

/ -> global.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  $working_dir = dirname(__FILE__);
  12  if(!$working_dir)
  13  {
  14      $working_dir = '.';
  15  }
  16  
  17  $shutdown_queries = $shutdown_functions = array();
  18  
  19  // Load main MyBB core file which begins all of the magic
  20  require_once $working_dir.'/inc/init.php';
  21  
  22  // Read the usergroups cache as well as the moderators cache
  23  $groupscache = $cache->read('usergroups');
  24  
  25  // If the groups cache doesn't exist, update it and re-read it
  26  if(!is_array($groupscache))
  27  {
  28      $cache->update_usergroups();
  29      $groupscache = $cache->read('usergroups');
  30  }
  31  
  32  $current_page = my_strtolower(basename(THIS_SCRIPT));
  33  
  34  // Send page headers - don't send no-cache headers for attachment.php
  35  if($current_page != 'attachment.php')
  36  {
  37      send_page_headers();
  38  }
  39  
  40  // Do not use session system for defined pages
  41  if((isset($mybb->input['action']) && isset($nosession[$mybb->input['action']])) || (isset($mybb->input['thumbnail']) && $current_page == 'attachment.php'))
  42  {
  43      define('NO_ONLINE', 1);
  44  }
  45  
  46  // Create session for this user
  47  require_once  MYBB_ROOT.'inc/class_session.php';
  48  $session = new session;
  49  $session->init();
  50  $mybb->session = &$session;
  51  
  52  $mybb->user['ismoderator'] = is_moderator(0, '', $mybb->user['uid']);
  53  
  54  // Set our POST validation code here
  55  $mybb->post_code = generate_post_check();
  56  
  57  // Set and load the language
  58  if(isset($mybb->input['language']) && $lang->language_exists($mybb->get_input('language')) && verify_post_check($mybb->get_input('my_post_key'), true))
  59  {
  60      $mybb->settings['bblanguage'] = $mybb->get_input('language');
  61      // If user is logged in, update their language selection with the new one
  62      if($mybb->user['uid'])
  63      {
  64          if(isset($mybb->cookies['mybblang']))
  65          {
  66              my_unsetcookie('mybblang');
  67          }
  68  
  69          $db->update_query('users', array('language' => $db->escape_string($mybb->settings['bblanguage'])), "uid = '{$mybb->user['uid']}'");
  70      }
  71      // Guest = cookie
  72      else
  73      {
  74          my_setcookie('mybblang', $mybb->settings['bblanguage']);
  75      }
  76      $mybb->user['language'] = $mybb->settings['bblanguage'];
  77  }
  78  // Cookied language!
  79  else if(!$mybb->user['uid'] && !empty($mybb->cookies['mybblang']) && $lang->language_exists($mybb->cookies['mybblang']))
  80  {
  81      $mybb->settings['bblanguage'] = $mybb->cookies['mybblang'];
  82  }
  83  else if(!isset($mybb->settings['bblanguage']))
  84  {
  85      $mybb->settings['bblanguage'] = 'english';
  86  }
  87  
  88  // Load language
  89  $lang->set_language($mybb->settings['bblanguage']);
  90  $lang->load('global');
  91  $lang->load('messages');
  92  
  93  // Wipe lockout cookie if enough time has passed
  94  if($mybb->cookies['lockoutexpiry'] && $mybb->cookies['lockoutexpiry'] < TIME_NOW)
  95  {
  96      my_unsetcookie('lockoutexpiry');
  97  }
  98  
  99  // Run global_start plugin hook now that the basics are set up
 100  $plugins->run_hooks('global_start');
 101  
 102  if(function_exists('mb_internal_encoding') && !empty($lang->settings['charset']))
 103  {
 104      @mb_internal_encoding($lang->settings['charset']);
 105  }
 106  
 107  // Select the board theme to use.
 108  $loadstyle = '';
 109  $load_from_forum = $load_from_user = 0;
 110  $style = array();
 111  
 112  // The user used our new quick theme changer
 113  if(isset($mybb->input['theme']) && verify_post_check($mybb->get_input('my_post_key'), true))
 114  {
 115      // Set up user handler.
 116      require_once  MYBB_ROOT.'inc/datahandlers/user.php';
 117      $userhandler = new UserDataHandler('update');
 118  
 119      $user = array(
 120          'uid'    => $mybb->user['uid'],
 121          'style'    => $mybb->get_input('theme', MyBB::INPUT_INT),
 122          'usergroup'    => $mybb->user['usergroup'],
 123          'additionalgroups'    => $mybb->user['additionalgroups']
 124      );
 125  
 126      $userhandler->set_data($user);
 127  
 128      // validate_user verifies the style if it is set in the data array.
 129      if($userhandler->validate_user())
 130      {
 131          $mybb->user['style'] = $user['style'];
 132  
 133          // If user is logged in, update their theme selection with the new one
 134          if($mybb->user['uid'])
 135          {
 136              if(isset($mybb->cookies['mybbtheme']))
 137              {
 138                  my_unsetcookie('mybbtheme');
 139              }
 140  
 141              $userhandler->update_user();
 142          }
 143          // Guest = cookie
 144          else
 145          {
 146              my_setcookie('mybbtheme', $user['style']);
 147          }
 148      }
 149  }
 150  // Cookied theme!
 151  else if(!$mybb->user['uid'] && !empty($mybb->cookies['mybbtheme']))
 152  {
 153      $mybb->user['style'] = (int)$mybb->cookies['mybbtheme'];
 154  }
 155  
 156  // This user has a custom theme set in their profile
 157  if(isset($mybb->user['style']) && (int)$mybb->user['style'] != 0)
 158  {
 159      $mybb->user['style'] = (int)$mybb->user['style'];
 160  
 161      $loadstyle = "tid = '{$mybb->user['style']}'";
 162      $load_from_user = 1;
 163  }
 164  
 165  $valid = array(
 166      'showthread.php',
 167      'forumdisplay.php',
 168      'newthread.php',
 169      'newreply.php',
 170      'ratethread.php',
 171      'editpost.php',
 172      'polls.php',
 173      'sendthread.php',
 174      'printthread.php',
 175      'moderation.php'
 176  );
 177  
 178  if(in_array($current_page, $valid))
 179  {
 180      cache_forums();
 181  
 182      // If we're accessing a post, fetch the forum theme for it and if we're overriding it
 183      if(isset($mybb->input['pid']) && THIS_SCRIPT != "polls.php")
 184      {
 185          $query = $db->simple_select("posts", "fid", "pid = '{$mybb->input['pid']}'", array("limit" => 1));
 186          $fid = $db->fetch_field($query, 'fid');
 187  
 188          if($fid)
 189          {
 190              $style = $forum_cache[$fid];
 191              $load_from_forum = 1;
 192          }
 193      }
 194      // We have a thread id and a forum id, we can easily fetch the theme for this forum
 195      else if(isset($mybb->input['tid']))
 196      {
 197          $query = $db->simple_select('threads', 'fid', "tid = '{$mybb->input['tid']}'", array('limit' => 1));
 198          $fid = $db->fetch_field($query, 'fid');
 199  
 200          if($fid)
 201          {
 202              $style = $forum_cache[$fid];
 203              $load_from_forum = 1;
 204          }
 205      }
 206      // If we're accessing poll results, fetch the forum theme for it and if we're overriding it
 207      else if(isset($mybb->input['pid']) && THIS_SCRIPT == "polls.php")
 208      {
 209          $query = $db->simple_select('threads', 'fid', "poll = '{$mybb->input['pid']}'", array('limit' => 1));
 210          $fid = $db->fetch_field($query, 'fid');
 211  
 212          if($fid)
 213          {
 214              $style = $forum_cache[$fid];
 215              $load_from_forum = 1;
 216          }
 217      }
 218      // We have a forum id - simply load the theme from it
 219      else if(isset($mybb->input['fid']) && isset($forum_cache[$mybb->input['fid']]))
 220      {
 221          $style = $forum_cache[$mybb->input['fid']];
 222          $load_from_forum = 1;
 223      }
 224  }
 225  unset($valid);
 226  
 227  // From all of the above, a theme was found
 228  if(isset($style['style']) && $style['style'] > 0)
 229  {
 230      $style['style'] = (int)$style['style'];
 231  
 232      // This theme is forced upon the user, overriding their selection
 233      if($style['overridestyle'] == 1 || !isset($mybb->user['style']))
 234      {
 235          $loadstyle = "tid = '{$style['style']}'";
 236      }
 237  }
 238  
 239  // After all of that no theme? Load the board default
 240  if(empty($loadstyle))
 241  {
 242      $loadstyle = "def='1'";
 243  }
 244  
 245  // Fetch the theme to load from the cache
 246  if($loadstyle != "def='1'")
 247  {
 248      $query = $db->simple_select('themes', 'name, tid, properties, stylesheets, allowedgroups', $loadstyle, array('limit' => 1));
 249      $theme = $db->fetch_array($query);
 250  
 251      if(isset($theme['tid']) && !$load_from_forum && !is_member($theme['allowedgroups']) && $theme['allowedgroups'] != 'all')
 252      {
 253          if($load_from_user == 1)
 254          {
 255              $db->update_query('users', array('style' => 0), "style='{$mybb->user['style']}' AND uid='{$mybb->user['uid']}'");
 256          }
 257  
 258          if(isset($mybb->cookies['mybbtheme']))
 259          {
 260              my_unsetcookie('mybbtheme');
 261          }
 262  
 263          $loadstyle = "def='1'";
 264      }
 265  }
 266  
 267  if($loadstyle == "def='1'")
 268  {
 269      if(!$cache->read('default_theme'))
 270      {
 271          $cache->update_default_theme();
 272      }
 273  
 274      $theme = $cache->read('default_theme');
 275  
 276      $load_from_forum = $load_from_user = 0;
 277  }
 278  
 279  // No theme was found - we attempt to load the master or any other theme
 280  if(!isset($theme['tid']) || isset($theme['tid']) && !$theme['tid'])
 281  {
 282      // Missing theme was from a forum, run a query to set any forums using the theme to the default
 283      if($load_from_forum == 1)
 284      {
 285          $db->update_query('forums', array('style' => 0), "style = '{$style['style']}'");
 286      }
 287      // Missing theme was from a user, run a query to set any users using the theme to the default
 288      else if($load_from_user == 1)
 289      {
 290          $db->update_query('users', array('style' => 0), "style = '{$mybb->user['style']}'");
 291      }
 292  
 293      // Attempt to load the master or any other theme if the master is not available
 294      $query = $db->simple_select('themes', 'name, tid, properties, stylesheets', '', array('order_by' => 'tid', 'limit' => 1));
 295      $theme = $db->fetch_array($query);
 296  }
 297  $theme = @array_merge($theme, my_unserialize($theme['properties']));
 298  
 299  // Fetch all necessary stylesheets
 300  $stylesheets = '';
 301  $theme['stylesheets'] = my_unserialize($theme['stylesheets']);
 302  $stylesheet_scripts = array("global", basename($_SERVER['PHP_SELF']));
 303  if(!empty($theme['color']))
 304  {
 305      $stylesheet_scripts[] = $theme['color'];
 306  }
 307  $stylesheet_actions = array("global");
 308  if(!empty($mybb->input['action']))
 309  {
 310      $stylesheet_actions[] = $mybb->get_input('action');
 311  }
 312  foreach($stylesheet_scripts as $stylesheet_script)
 313  {
 314      // Load stylesheets for global actions and the current action
 315      foreach($stylesheet_actions as $stylesheet_action)
 316      {
 317          if(!$stylesheet_action)
 318          {
 319              continue;
 320          }
 321  
 322          if(!empty($theme['stylesheets'][$stylesheet_script][$stylesheet_action]))
 323          {
 324              // Actually add the stylesheets to the list
 325              foreach($theme['stylesheets'][$stylesheet_script][$stylesheet_action] as $page_stylesheet)
 326              {
 327                  if(!empty($already_loaded[$page_stylesheet]))
 328                  {
 329                      continue;
 330                  }
 331  
 332                  if(strpos($page_stylesheet, 'css.php') !== false)
 333                  {
 334                      $stylesheet_url = $mybb->settings['bburl'] . '/' . $page_stylesheet;
 335                  }
 336                  else
 337                  {
 338                      $stylesheet_url = $mybb->get_asset_url($page_stylesheet);
 339                  }
 340  
 341                  if($mybb->settings['minifycss'])
 342                  {
 343                      $stylesheet_url = str_replace('.css', '.min.css', $stylesheet_url);
 344                  }
 345  
 346                  if(strpos($page_stylesheet, 'css.php') !== false)
 347                  {
 348                      // We need some modification to get it working with the displayorder
 349                      $query_string = parse_url($stylesheet_url, PHP_URL_QUERY);
 350                      $id = (int) my_substr($query_string, 11);
 351                      $query = $db->simple_select("themestylesheets", "name", "sid={$id}");
 352                      $real_name = $db->fetch_field($query, "name");
 353                      $theme_stylesheets[$real_name] = $id;
 354                  }
 355                  else
 356                  {
 357                      $theme_stylesheets[basename($page_stylesheet)] = "<link type=\"text/css\" rel=\"stylesheet\" href=\"{$stylesheet_url}\" />\n";
 358                  }
 359  
 360                  $already_loaded[$page_stylesheet] = 1;
 361              }
 362          }
 363      }
 364  }
 365  unset($actions);
 366  
 367  $css_php_script_stylesheets = array();
 368  
 369  if(!empty($theme_stylesheets) && is_array($theme['disporder']))
 370  {
 371      foreach($theme['disporder'] as $style_name => $order)
 372      {
 373          if(!empty($theme_stylesheets[$style_name]))
 374          {
 375              if(is_int($theme_stylesheets[$style_name]))
 376              {
 377                  $css_php_script_stylesheets[] = $theme_stylesheets[$style_name];
 378              }
 379              else
 380              {
 381                  $stylesheets .= $theme_stylesheets[$style_name];
 382              }
 383          }
 384      }
 385  }
 386  
 387  if(!empty($css_php_script_stylesheets))
 388  {
 389      $sheet = $mybb->settings['bburl'] . '/css.php?' . http_build_query(array(
 390          'stylesheet' => $css_php_script_stylesheets
 391          ));
 392  
 393      $stylesheets .= "<link type=\"text/css\" rel=\"stylesheet\" href=\"{$sheet}\" />\n";
 394  }
 395  
 396  // Are we linking to a remote theme server?
 397  if(my_validate_url($theme['imgdir']))
 398  {
 399      // If a language directory for the current language exists within the theme - we use it
 400      if(!empty($mybb->user['language']))
 401      {
 402          $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];
 403      }
 404      else
 405      {
 406          // Check if a custom language directory exists for this theme
 407          if(!empty($mybb->settings['bblanguage']))
 408          {
 409              $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
 410          }
 411          // Otherwise, the image language directory is the same as the language directory for the theme
 412          else
 413          {
 414              $theme['imglangdir'] = $theme['imgdir'];
 415          }
 416      }
 417  }
 418  else
 419  {
 420      $img_directory = $theme['imgdir'];
 421  
 422      if($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath']))
 423      {
 424          $img_directory = rtrim($mybb->settings['cdnpath'], '/') . '/' . ltrim($theme['imgdir'], '/');
 425      }
 426  
 427      if(!@is_dir($img_directory))
 428      {
 429          $theme['imgdir'] = 'images';
 430      }
 431  
 432      // If a language directory for the current language exists within the theme - we use it
 433      if(!empty($mybb->user['language']) && is_dir($img_directory.'/'.$mybb->user['language']))
 434      {
 435          $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];
 436      }
 437      else
 438      {
 439          // Check if a custom language directory exists for this theme
 440          if(is_dir($img_directory.'/'.$mybb->settings['bblanguage']))
 441          {
 442              $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
 443          }
 444          // Otherwise, the image language directory is the same as the language directory for the theme
 445          else
 446          {
 447              $theme['imglangdir'] = $theme['imgdir'];
 448          }
 449      }
 450  
 451      $theme['imgdir'] = $mybb->get_asset_url($theme['imgdir']);
 452      $theme['imglangdir'] = $mybb->get_asset_url($theme['imglangdir']);
 453  }
 454  
 455  // Theme logo - is it a relative URL to the forum root? Append bburl
 456  if(!preg_match("#^(\.\.?(/|$)|([a-z0-9]+)://)#i", $theme['logo']) && substr($theme['logo'], 0, 1) != '/')
 457  {
 458      $theme['logo'] = $mybb->get_asset_url($theme['logo']);
 459  }
 460  
 461  // Load Main Templates and Cached Templates
 462  if(isset($templatelist))
 463  {
 464      $templatelist .= ',';
 465  }
 466  else
 467  {
 468      $templatelist = '';
 469  }
 470  
 471  $templatelist .= "headerinclude,header,footer,gobutton,htmldoctype,header_welcomeblock_member,header_welcomeblock_member_user,header_welcomeblock_member_moderator,header_welcomeblock_member_admin,error";
 472  $templatelist .= ",global_pending_joinrequests,global_awaiting_activation,nav,nav_sep,nav_bit,nav_sep_active,nav_bit_active,footer_languageselect,footer_themeselect,global_unreadreports,footer_contactus";
 473  $templatelist .= ",global_boardclosed_warning,global_bannedwarning,error_inline,error_inline_item,error_nopermission_loggedin,error_nopermission,global_pm_alert,header_menu_search,header_menu_portal,redirect,footer_languageselect_option";
 474  $templatelist .= ",video_dailymotion_embed,video_facebook_embed,video_liveleak_embed,video_metacafe_embed,video_myspacetv_embed,video_mixer_embed,video_vimeo_embed,video_yahoo_embed,video_youtube_embed,debug_summary";
 475  $templatelist .= ",smilieinsert_row,smilieinsert_row_empty,smilieinsert,smilieinsert_getmore,smilieinsert_smilie,global_board_offline_modal,footer_showteamlink,footer_themeselector,task_image,usercp_themeselector_option,php_warnings";
 476  $templatelist .= ",mycode_code,mycode_email,mycode_img,mycode_php,mycode_quote_post,mycode_size_int,mycode_url,global_no_permission_modal,global_boardclosed_reason,nav_dropdown,global_remote_avatar_notice";
 477  $templatelist .= ",header_welcomeblock_member_pms,header_welcomeblock_member_search,header_welcomeblock_guest,header_welcomeblock_guest_login_modal,header_welcomeblock_guest_login_modal_lockout";
 478  $templatelist .= ",header_menu_calendar,header_menu_memberlist,global_dst_detection,header_quicksearch,smilie,modal,modal_button";
 479  $templates->cache($db->escape_string($templatelist));
 480  
 481  // Set the current date and time now
 482  $datenow = my_date($mybb->settings['dateformat'], TIME_NOW, '', false);
 483  $timenow = my_date($mybb->settings['timeformat'], TIME_NOW);
 484  $lang->welcome_current_time = $lang->sprintf($lang->welcome_current_time, $datenow . $lang->comma . $timenow);
 485  
 486  // Format the last visit date of this user appropriately
 487  if(isset($mybb->user['lastvisit']))
 488  {
 489      $lastvisit = my_date('relative', $mybb->user['lastvisit'], '', 2);
 490  }
 491  // Otherwise, they've never visited before
 492  else
 493  {
 494      $lastvisit = $lang->lastvisit_never;
 495  }
 496  
 497  $plugins->run_hooks('global_intermediate');
 498  
 499  // If the board is closed and we have a usergroup allowed to view the board when closed, then show board closed warning
 500  $bbclosedwarning = '';
 501  if($mybb->settings['boardclosed'] == 1 && $mybb->usergroup['canviewboardclosed'] == 1)
 502  {
 503      eval('$bbclosedwarning = "'.$templates->get('global_boardclosed_warning').'";');
 504  }
 505  
 506  // Prepare the main templates for use
 507  $admincplink = $modcplink = $usercplink = '';
 508  
 509  // Load appropriate welcome block for the current logged in user
 510  if($mybb->user['uid'] != 0)
 511  {
 512      // User can access the admin cp and we're not hiding admin cp links, fetch it
 513      if($mybb->usergroup['cancp'] == 1 && $mybb->config['hide_admin_links'] != 1)
 514      {
 515          $admin_dir = $config['admin_dir'];
 516          eval('$admincplink = "'.$templates->get('header_welcomeblock_member_admin').'";');
 517      }
 518  
 519      if($mybb->usergroup['canmodcp'] == 1)
 520      {
 521          eval('$modcplink = "'.$templates->get('header_welcomeblock_member_moderator').'";');
 522      }
 523  
 524      if($mybb->usergroup['canusercp'] == 1)
 525      {
 526          eval('$usercplink = "'.$templates->get('header_welcomeblock_member_user').'";');
 527      }
 528  
 529      // Format the welcome back message
 530      $lang->welcome_back = $lang->sprintf($lang->welcome_back, build_profile_link(htmlspecialchars_uni($mybb->user['username']), $mybb->user['uid']), $lastvisit);
 531  
 532      $searchlink = '';
 533      if($mybb->usergroup['cansearch'] == 1)
 534      {
 535          eval('$searchlink = "'.$templates->get('header_welcomeblock_member_search').'";');
 536      }
 537  
 538      // Tell the user their PM usage
 539      $pmslink = '';
 540      if($mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] == 1)
 541      {
 542          $lang->welcome_pms_usage = $lang->sprintf($lang->welcome_pms_usage, my_number_format($mybb->user['pms_unread']), my_number_format($mybb->user['pms_total']));
 543  
 544          eval('$pmslink = "'.$templates->get('header_welcomeblock_member_pms').'";');
 545      }
 546  
 547      eval('$welcomeblock = "'.$templates->get('header_welcomeblock_member').'";');
 548  }
 549  // Otherwise, we have a guest
 550  else
 551  {
 552      switch($mybb->settings['username_method'])
 553      {
 554          case 0:
 555              $login_username = $lang->login_username;
 556              break;
 557          case 1:
 558              $login_username = $lang->login_username1;
 559              break;
 560          case 2:
 561              $login_username = $lang->login_username2;
 562              break;
 563          default:
 564              $login_username = $lang->login_username;
 565              break;
 566      }
 567  
 568      if($mybb->cookies['lockoutexpiry'])
 569      {
 570          $secsleft = (int)($mybb->cookies['lockoutexpiry'] - TIME_NOW);
 571          $hoursleft = floor($secsleft / 3600);
 572          $minsleft = floor(($secsleft / 60) % 60);
 573          $secsleft = floor($secsleft % 60);
 574  
 575          $lang->failed_login_wait = $lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft);
 576  
 577          eval('$loginform = "'.$templates->get('header_welcomeblock_guest_login_modal_lockout').'";');
 578      }
 579      else
 580      {
 581          eval('$loginform = "'.$templates->get('header_welcomeblock_guest_login_modal').'";');
 582      }
 583  
 584      eval('$welcomeblock = "'.$templates->get('header_welcomeblock_guest').'";');
 585  }
 586  
 587  // Display menu links and quick search if user has permission
 588  $menu_search = $menu_memberlist = $menu_portal = $menu_calendar = $quicksearch = '';
 589  if($mybb->usergroup['cansearch'] == 1)
 590  {
 591      eval('$menu_search = "'.$templates->get('header_menu_search').'";');
 592      eval('$quicksearch = "'.$templates->get('header_quicksearch').'";');
 593  }
 594  
 595  if($mybb->settings['enablememberlist'] == 1 && $mybb->usergroup['canviewmemberlist'] == 1)
 596  {
 597      eval('$menu_memberlist = "'.$templates->get('header_menu_memberlist').'";');
 598  }
 599  
 600  if($mybb->settings['enablecalendar'] == 1 && $mybb->usergroup['canviewcalendar'] == 1)
 601  {
 602      eval('$menu_calendar = "'.$templates->get('header_menu_calendar').'";');
 603  }
 604  
 605  if($mybb->settings['portal'] == 1)
 606  {
 607      eval('$menu_portal = "'.$templates->get('header_menu_portal').'";');
 608  }
 609  
 610  // See if there are any pending join requests for group leaders
 611  $pending_joinrequests = '';
 612  $groupleaders = $cache->read('groupleaders');
 613  if($mybb->user['uid'] != 0 && is_array($groupleaders) && array_key_exists($mybb->user['uid'], $groupleaders))
 614  {
 615      $groupleader = $groupleaders[$mybb->user['uid']];
 616      $showjoinnotice = false;
 617  
 618      $gids = "'0'";
 619      foreach($groupleader as $user)
 620      {
 621          if($user['canmanagerequests'] != 1)
 622          {
 623              continue;
 624          }
 625  
 626          $user['gid'] = (int)$user['gid'];
 627  
 628          if(!empty($groupscache[$user['gid']]['joinable']) && $groupscache[$user['gid']]['joinable'] == 1)
 629          {
 630              $showjoinnotice = true;
 631              $gids .= ",'{$user['gid']}'";
 632          }
 633      }
 634  
 635      if($showjoinnotice)
 636      {
 637          $query = $db->simple_select('joinrequests', 'COUNT(uid) as total', "gid IN ({$gids}) AND invite='0'");
 638          $total_joinrequests = $db->fetch_field($query, 'total');
 639  
 640          if($total_joinrequests > 0)
 641          {
 642              if($total_joinrequests == 1)
 643              {
 644                  $lang->pending_joinrequests = $lang->pending_joinrequest;
 645              }
 646              else
 647              {
 648                  $total_joinrequests = my_number_format($total_joinrequests);
 649                  $lang->pending_joinrequests = $lang->sprintf($lang->pending_joinrequests, $total_joinrequests);
 650              }
 651  
 652              eval('$pending_joinrequests = "'.$templates->get('global_pending_joinrequests').'";');
 653          }
 654      }
 655  }
 656  
 657  $modnotice = '';
 658  $moderation_queue = array();
 659  
 660  // This user is a moderator, super moderator or administrator
 661  if($mybb->settings['reportmethod'] == "db" && ($mybb->usergroup['cancp'] == 1 || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1)))
 662  {
 663      // Only worth checking if we are here because we have ACP permissions and the other condition fails
 664      if($mybb->usergroup['cancp'] == 1 && !($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1))
 665      {
 666          // First we check if the user's a super admin: if yes, we don't care about permissions
 667          $can_access_moderationqueue = true;
 668          $is_super_admin = is_super_admin($mybb->user['uid']);
 669          if(!$is_super_admin)
 670          {
 671              // Include admin functions
 672              if(!file_exists(MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php"))
 673              {
 674                  $can_access_moderationqueue = false;
 675              }
 676  
 677              require_once MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php";
 678  
 679              // Verify if we have permissions to access forum-moderation_queue
 680              require_once MYBB_ROOT.$mybb->config['admin_dir']."/modules/forum/module_meta.php";
 681              if(function_exists("forum_admin_permissions"))
 682              {
 683                  // Get admin permissions
 684                  $adminperms = get_admin_permissions($mybb->user['uid']);
 685  
 686                  $permissions = forum_admin_permissions();
 687                  if(array_key_exists('moderation_queue', $permissions['permissions']) && $adminperms['forum']['moderation_queue'] != 1)
 688                  {
 689                      $can_access_moderationqueue = false;
 690                  }
 691              }
 692          }
 693      }
 694      else
 695      {
 696          $can_access_moderationqueue = false;
 697      }
 698  
 699      if($can_access_moderationqueue || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1))
 700      {
 701          // Read the reported content cache
 702          $reported = $cache->read('reportedcontent');
 703  
 704          // 0 or more reported items currently exist
 705          if($reported['unread'] > 0)
 706          {
 707              // We want to avoid one extra query for users that can moderate any forum
 708              if($mybb->usergroup['cancp'] || $mybb->usergroup['issupermod'])
 709              {
 710                  $unread = (int)$reported['unread'];
 711              }
 712              else
 713              {
 714                  $unread = 0;
 715                  $query = $db->simple_select('reportedcontent', 'id3', "reportstatus='0' AND (type = 'post' OR type = '')");
 716  
 717                  while($fid = $db->fetch_field($query, 'id3'))
 718                  {
 719                      if(is_moderator($fid, "canmanagereportedposts"))
 720                      {
 721                          ++$unread;
 722                      }
 723                  }
 724              }
 725  
 726              if($unread > 0)
 727              {
 728                  if($unread == 1)
 729                  {
 730                      $lang->unread_reports = $lang->unread_report;
 731                  }
 732                  else
 733                  {
 734                      $lang->unread_reports = $lang->sprintf($lang->unread_reports, my_number_format($unread));
 735                  }
 736                  
 737                  eval('$moderation_queue[] = "'.$templates->get('global_unreadreports', 1, 0).'";');
 738              }
 739          }
 740      }
 741  }
 742  
 743  // Get awaiting moderation queue stats
 744  if($can_access_moderationqueue || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagemodqueue'] == 1))
 745  {
 746      $unapproved_posts = $unapproved_threads = 0;
 747      $query = $db->simple_select("posts", "replyto", "visible = 0");
 748      while($unapproved = $db->fetch_array($query))
 749      {
 750          if($unapproved["replyto"] == 0){
 751              $unapproved_threads++;
 752          } else {
 753              $unapproved_posts++;
 754          }
 755      }
 756  
 757      $query = $db->simple_select("attachments", "COUNT(aid) AS unapprovedattachments", "visible=0");
 758      $unapproved_attachments = $db->fetch_field($query, "unapprovedattachments");
 759  
 760      $modqueue_types = array('threads', 'posts', 'attachments');
 761  
 762      foreach($modqueue_types as $modqueue_type)
 763      {
 764          if(!empty(${'unapproved_'.$modqueue_type}))
 765          {
 766              if(${'unapproved_'.$modqueue_type} == 1)
 767              {
 768                  $modqueue_message = $lang->{'unapproved_'.substr($modqueue_type, 0, -1)};
 769              }
 770              else
 771              {
 772                  $modqueue_message = $lang->sprintf($lang->{'unapproved_'.$modqueue_type}, my_number_format(${'unapproved_'.$modqueue_type}));
 773              }
 774  
 775              eval('$moderation_queue[] = "'.$templates->get('global_modqueue', 1, 0).'";');
 776          }
 777      }
 778  }
 779  
 780  if(!empty($moderation_queue))
 781  {
 782      $moderation_queue_last = array_pop($moderation_queue);
 783      if(empty($moderation_queue))
 784      {
 785          $moderation_queue = $moderation_queue_last;
 786      }
 787      else
 788      {
 789          $moderation_queue = implode($lang->comma, $moderation_queue).' '.$lang->and.' '.$moderation_queue_last;
 790      }
 791      $moderation_queue = $lang->sprintf($lang->mod_notice, $moderation_queue);
 792  
 793      eval('$modnotice = "'.$templates->get('global_modqueue_notice').'";');
 794  }
 795  
 796  // Got a character set?
 797  $charset = 'UTF-8';
 798  if(isset($lang->settings['charset']) && $lang->settings['charset'])
 799  {
 800      $charset = $lang->settings['charset'];
 801  }
 802  
 803  // Is this user apart of a banned group?
 804  $bannedwarning = '';
 805  if($mybb->usergroup['isbannedgroup'] == 1)
 806  {
 807      // Fetch details on their ban
 808      $query = $db->simple_select('banned', '*', "uid = '{$mybb->user['uid']}'", array('limit' => 1));
 809      $ban = $db->fetch_array($query);
 810  
 811      if($ban['uid'])
 812      {
 813          // Format their ban lift date and reason appropriately
 814          $banlift = $lang->banned_lifted_never;
 815          $reason = htmlspecialchars_uni($ban['reason']);
 816  
 817          if($ban['lifted'] > 0)
 818          {
 819              $banlift = my_date('normal', $ban['lifted']);
 820          }
 821      }
 822  
 823      if(empty($reason))
 824      {
 825          $reason = $lang->unknown;
 826      }
 827  
 828      if(empty($banlift))
 829      {
 830          $banlift = $lang->unknown;
 831      }
 832  
 833      // Display a nice warning to the user
 834      eval('$bannedwarning = "'.$templates->get('global_bannedwarning').'";');
 835  }
 836  
 837  $lang->ajax_loading = str_replace("'", "\\'", $lang->ajax_loading);
 838  
 839  // Check if this user has a new private message.
 840  $pm_notice = '';
 841  if(isset($mybb->user['pmnotice']) && $mybb->user['pmnotice'] == 2 && $mybb->user['pms_unread'] > 0 && $mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] != 0 && $mybb->usergroup['canview'] != 0 && ($current_page != "private.php" || $mybb->get_input('action') != "read"))
 842  {
 843      if(!isset($parser))
 844      {
 845          require_once  MYBB_ROOT.'inc/class_parser.php';
 846          $parser = new postParser;
 847      }
 848  
 849      $query = $db->query("
 850          SELECT pm.subject, pm.pmid, fu.username AS fromusername, fu.uid AS fromuid
 851          FROM ".TABLE_PREFIX."privatemessages pm
 852          LEFT JOIN ".TABLE_PREFIX."users fu on (fu.uid=pm.fromid)
 853          WHERE pm.folder = '1' AND pm.uid = '{$mybb->user['uid']}' AND pm.status = '0'
 854          ORDER BY pm.dateline DESC
 855          LIMIT 1
 856      ");
 857  
 858      $pm = $db->fetch_array($query);
 859      $pm['subject'] = $parser->parse_badwords($pm['subject']);
 860  
 861      if($pm['fromuid'] == 0)
 862      {
 863          $pm['fromusername'] = $lang->mybb_engine;
 864          $user_text = $pm['fromusername'];
 865      }
 866      else
 867      {
 868          $pm['fromusername'] = htmlspecialchars_uni($pm['fromusername']);
 869          $user_text = build_profile_link($pm['fromusername'], $pm['fromuid']);
 870      }
 871  
 872      if($mybb->user['pms_unread'] == 1)
 873      {
 874          $privatemessage_text = $lang->sprintf($lang->newpm_notice_one, $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject']));
 875      }
 876      else
 877      {
 878          $privatemessage_text = $lang->sprintf($lang->newpm_notice_multiple, $mybb->user['pms_unread'], $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject']));
 879      }
 880      eval('$pm_notice = "'.$templates->get('global_pm_alert').'";');
 881  }
 882  
 883  $remote_avatar_notice = '';
 884  if(($mybb->user['avatartype'] === 'remote' || $mybb->user['avatartype'] === 'gravatar') && !$mybb->settings['allowremoteavatars'])
 885  {
 886      eval('$remote_avatar_notice = "'.$templates->get('global_remote_avatar_notice').'";');
 887  }
 888  
 889  if($mybb->settings['awactialert'] == 1 && $mybb->usergroup['cancp'] == 1)
 890  {
 891      $awaitingusers = $cache->read('awaitingactivation');
 892  
 893      if(isset($awaitingusers['time']) && $awaitingusers['time'] + 86400 < TIME_NOW)
 894      {
 895          $cache->update_awaitingactivation();
 896          $awaitingusers = $cache->read('awaitingactivation');
 897      }
 898  
 899      if(!empty($awaitingusers['users']))
 900      {
 901          $awaitingusers = (int)$awaitingusers['users'];
 902      }
 903      else
 904      {
 905          $awaitingusers = 0;
 906      }
 907  
 908      if($awaitingusers < 1)
 909      {
 910          $awaitingusers = 0;
 911      }
 912      else
 913      {
 914          $awaitingusers = my_number_format($awaitingusers);
 915      }
 916  
 917      if($awaitingusers > 0)
 918      {
 919          if($awaitingusers == 1)
 920          {
 921              $awaiting_message = $lang->awaiting_message_single;
 922          }
 923          else
 924          {
 925              $awaiting_message = $lang->sprintf($lang->awaiting_message_plural, $awaitingusers);
 926          }
 927  
 928          if($admincplink)
 929          {
 930              $awaiting_message .= $lang->sprintf($lang->awaiting_message_link, $mybb->settings['bburl'], $admin_dir);
 931          }
 932  
 933          eval('$awaitingusers = "'.$templates->get('global_awaiting_activation').'";');
 934      }
 935      else
 936      {
 937          $awaitingusers = '';
 938      }
 939  }
 940  
 941  $jsTemplates = array();
 942  foreach (array('modal', 'modal_button') as $template) {
 943      eval('$jsTemplates["'.$template.'"] = "'.$templates->get($template, 1, 0).'";');
 944      $jsTemplates[$template] = str_replace("\n", "\\\n", addslashes($jsTemplates[$template]));
 945  }
 946  
 947  // Set up some of the default templates
 948  eval('$headerinclude = "'.$templates->get('headerinclude').'";');
 949  eval('$gobutton = "'.$templates->get('gobutton').'";');
 950  eval('$htmldoctype = "'.$templates->get('htmldoctype', 1, 0).'";');
 951  eval('$header = "'.$templates->get('header').'";');
 952  
 953  $copy_year = my_date('Y', TIME_NOW);
 954  
 955  // Are we showing version numbers in the footer?
 956  $mybbversion = '';
 957  if($mybb->settings['showvernum'] == 1)
 958  {
 959      $mybbversion = ' '.$mybb->version;
 960  }
 961  
 962  // Check to see if we have any tasks to run
 963  $task_image = '';
 964  $task_cache = $cache->read('tasks');
 965  if(!$task_cache['nextrun'])
 966  {
 967      $task_cache['nextrun'] = TIME_NOW;
 968  }
 969  
 970  if($task_cache['nextrun'] <= TIME_NOW)
 971  {
 972      eval("\$task_image = \"".$templates->get("task_image")."\";");
 973  }
 974  
 975  // Post code
 976  $post_code_string = '';
 977  if($mybb->user['uid'])
 978  {
 979      $post_code_string = '&amp;my_post_key='.$mybb->post_code;
 980  }
 981  
 982  // Are we showing the quick language selection box?
 983  $lang_select = $lang_options = '';
 984  if($mybb->settings['showlanguageselect'] != 0)
 985  {
 986      $languages = $lang->get_languages();
 987  
 988      if(count($languages) > 1)
 989      {
 990          foreach($languages as $key => $language)
 991          {
 992              $language = htmlspecialchars_uni($language);
 993  
 994              // Current language matches
 995              if($lang->language == $key)
 996              {
 997                  $selected = " selected=\"selected\"";
 998              }
 999              else
1000              {
1001                  $selected = '';
1002              }
1003  
1004              eval('$lang_options .= "'.$templates->get('footer_languageselect_option').'";');
1005          }
1006  
1007          $lang_redirect_url = get_current_location(true, 'language');
1008          eval('$lang_select = "'.$templates->get('footer_languageselect').'";');
1009      }
1010  }
1011  
1012  // Are we showing the quick theme selection box?
1013  $theme_select = $theme_options = '';
1014  if($mybb->settings['showthemeselect'] != 0)
1015  {
1016      $theme_options = build_theme_select("theme", $mybb->user['style'], 0, '', false, true);
1017  
1018      if(!empty($theme_options))
1019      {
1020          $theme_redirect_url = get_current_location(true, 'theme');
1021          eval('$theme_select = "'.$templates->get('footer_themeselect').'";');
1022      }
1023  }
1024  
1025  $showteamlink = '';
1026  if($mybb->settings['enableshowteam'] != 0)
1027  {
1028      eval('$showteamlink = "'.$templates->get('footer_showteamlink').'";');
1029  }
1030  
1031  // If we use the contact form, show 'Contact Us' link when appropriate
1032  $contact_us = '';
1033  if(($mybb->settings['contactlink'] == "contact.php" && $mybb->settings['contact'] == 1 && ($mybb->settings['contact_guests'] != 1 && $mybb->user['uid'] == 0 || $mybb->user['uid'] > 0)) || $mybb->settings['contactlink'] != "contact.php")
1034  {
1035      if(!my_validate_url($mybb->settings['contactlink'], true) && my_substr($mybb->settings['contactlink'], 0, 7) != 'mailto:')
1036      {
1037          $mybb->settings['contactlink'] = $mybb->settings['bburl'].'/'.$mybb->settings['contactlink'];
1038      }
1039  
1040      eval('$contact_us = "'.$templates->get('footer_contactus').'";');
1041  }
1042  
1043  // DST Auto detection enabled?
1044  $auto_dst_detection = '';
1045  if($mybb->user['uid'] > 0 && $mybb->user['dstcorrection'] == 2)
1046  {
1047      $timezone = (float)$mybb->user['timezone'] + $mybb->user['dst'];
1048      eval('$auto_dst_detection = "'.$templates->get('global_dst_detection').'";');
1049  }
1050  
1051  eval('$footer = "'.$templates->get('footer').'";');
1052  
1053  // Add our main parts to the navigation
1054  $navbits = array();
1055  $navbits[0]['name'] = $mybb->settings['bbname_orig'];
1056  $navbits[0]['url'] = $mybb->settings['bburl'].'/index.php';
1057  
1058  // Set the link to the archive.
1059  $archive_url = build_archive_link();
1060  
1061  // Check banned ip addresses
1062  if(is_banned_ip($session->ipaddress, true))
1063  {
1064      if($mybb->user['uid'])
1065      {
1066          $db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip)." OR uid='{$mybb->user['uid']}'");
1067      }
1068      else
1069      {
1070          $db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip));
1071      }
1072      error($lang->error_banned);
1073  }
1074  
1075  $closed_bypass = array(
1076      'member.php' => array(
1077          'login',
1078          'do_login',
1079          'logout',
1080      ),
1081      'captcha.php',
1082      'contact.php',
1083  );
1084  
1085  // If the board is closed, the user is not an administrator and they're not trying to login, show the board closed message
1086  if($mybb->settings['boardclosed'] == 1 && $mybb->usergroup['canviewboardclosed'] != 1 && !in_array($current_page, $closed_bypass) && (!is_array($closed_bypass[$current_page]) || !in_array($mybb->get_input('action'), $closed_bypass[$current_page])))
1087  {
1088      // Show error
1089      if(!$mybb->settings['boardclosed_reason'])
1090      {
1091          $mybb->settings['boardclosed_reason'] = $lang->boardclosed_reason;
1092      }
1093  
1094      eval('$reason = "'.$templates->get('global_boardclosed_reason').'";');
1095      $lang->error_boardclosed .= $reason;
1096  
1097      if(!$mybb->get_input('modal'))
1098      {
1099          error($lang->error_boardclosed);
1100      }
1101      else
1102      {
1103          $output = '';
1104          eval('$output = "'.$templates->get('global_board_offline_modal', 1, 0).'";');
1105          echo($output);
1106      }
1107      exit;
1108  }
1109  
1110  $force_bypass = array(
1111      'member.php' => array(
1112          'login',
1113          'do_login',
1114          'logout',
1115          'register',
1116          'do_register',
1117          'lostpw',
1118          'do_lostpw',
1119          'activate',
1120          'resendactivation',
1121          'do_resendactivation',
1122          'resetpassword',
1123      ),
1124      'captcha.php',
1125      'contact.php',
1126  );
1127  
1128  // If the board forces user to login/register, and the user is a guest, show the force login message
1129  if($mybb->settings['forcelogin'] == 1 && $mybb->user['uid'] == 0 && !in_array($current_page, $force_bypass) && (!is_array($force_bypass[$current_page]) || !in_array($mybb->get_input('action'), $force_bypass[$current_page])))
1130  {
1131      // Show error
1132      error_no_permission();
1133      exit;
1134  }
1135  
1136  // Load Limiting
1137  if($mybb->usergroup['cancp'] != 1 && $mybb->settings['load'] > 0 && ($load = get_server_load()) && $load != $lang->unknown && $load > $mybb->settings['load'])
1138  {
1139      // User is not an administrator and the load limit is higher than the limit, show an error
1140      error($lang->error_loadlimit);
1141  }
1142  
1143  // If there is a valid referrer in the URL, cookie it
1144  if(!$mybb->user['uid'] && $mybb->settings['usereferrals'] == 1 && (isset($mybb->input['referrer']) || isset($mybb->input['referrername'])))
1145  {
1146      if(isset($mybb->input['referrername']))
1147      {
1148          $condition = "username = '".$db->escape_string($mybb->get_input('referrername'))."'";
1149      }
1150      else
1151      {
1152          $condition = "uid = '".$mybb->get_input('referrer', MyBB::INPUT_INT)."'";
1153      }
1154  
1155      $query = $db->simple_select('users', 'uid', $condition, array('limit' => 1));
1156      $referrer = $db->fetch_array($query);
1157  
1158      if($referrer['uid'])
1159      {
1160          my_setcookie('mybb[referrer]', $referrer['uid']);
1161      }
1162  }
1163  
1164  $output = '';
1165  $notallowed = false;
1166  if($mybb->usergroup['canview'] != 1)
1167  {
1168      // Check pages allowable even when not allowed to view board
1169      if(defined('ALLOWABLE_PAGE'))
1170      {
1171          if(is_string(ALLOWABLE_PAGE))
1172          {
1173              $allowable_actions = explode(',', ALLOWABLE_PAGE);
1174              if(!in_array($mybb->get_input('action'), $allowable_actions))
1175              {
1176                  $notallowed = true;
1177              }
1178  
1179              unset($allowable_actions);
1180          }
1181          else if(ALLOWABLE_PAGE !== 1)
1182          {
1183              $notallowed = true;
1184          }
1185      }
1186      else
1187      {
1188          $notallowed = true;
1189      }
1190  
1191      if($notallowed == true)
1192      {
1193          if(!$mybb->get_input('modal'))
1194          {
1195              error_no_permission();
1196          }
1197          else
1198          {
1199              eval('$output = "'.$templates->get('global_no_permission_modal', 1, 0).'";');
1200              echo($output);
1201              exit;
1202          }
1203      }
1204  }
1205  
1206  // Find out if this user of ours is using a banned email address.
1207  // If they are, redirect them to change it
1208  if($mybb->user['uid'] && is_banned_email($mybb->user['email']) && $mybb->settings['emailkeep'] != 1)
1209  {
1210      if(THIS_SCRIPT != 'usercp.php' || THIS_SCRIPT == 'usercp.php' && $mybb->get_input('action') != 'email' && $mybb->get_input('action') != 'do_email')
1211      {
1212          redirect('usercp.php?action=email');
1213      }
1214      else if($mybb->request_method != 'post')
1215      {
1216          $banned_email_error = inline_error(array($lang->banned_email_warning));
1217      }
1218  }
1219  
1220  // work out which items the user has collapsed
1221  $colcookie = '';
1222  if(!empty($mybb->cookies['collapsed']))
1223  {
1224      $colcookie = $mybb->cookies['collapsed'];
1225  }
1226  
1227  $collapse = $collapsed = $collapsedimg = array();
1228  
1229  if($colcookie)
1230  {
1231      // Preserve and don't unset $collapse, will be needed globally throughout many pages
1232      $collapse = explode("|", $colcookie);
1233      foreach($collapse as $val)
1234      {
1235          $ex = $val."_e";
1236          $co = $val."_c";
1237          $collapsed[$co] = "display: show;";
1238          $collapsed[$ex] = "display: none;";
1239          $collapsedimg[$val] = "_collapsed";
1240          $collapsedthead[$val] = " thead_collapsed";
1241      }
1242  }
1243  
1244  // Run hooks for end of global.php
1245  $plugins->run_hooks('global_end');
1246  
1247  $globaltime = $maintimer->getTime();


2005 - 2019 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1