[ Index ]

PHP Cross Reference of MyBB 1.8.19

title

Body

[close]

/ -> global.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  $working_dir = dirname(__FILE__);
  12  if(!$working_dir)
  13  {
  14      $working_dir = '.';
  15  }
  16  
  17  $shutdown_queries = $shutdown_functions = array();
  18  
  19  // Load main MyBB core file which begins all of the magic
  20  require_once $working_dir.'/inc/init.php';
  21  
  22  // Read the usergroups cache as well as the moderators cache
  23  $groupscache = $cache->read('usergroups');
  24  
  25  // If the groups cache doesn't exist, update it and re-read it
  26  if(!is_array($groupscache))
  27  {
  28      $cache->update_usergroups();
  29      $groupscache = $cache->read('usergroups');
  30  }
  31  
  32  $current_page = my_strtolower(basename(THIS_SCRIPT));
  33  
  34  // Send page headers - don't send no-cache headers for attachment.php
  35  if($current_page != 'attachment.php')
  36  {
  37      send_page_headers();
  38  }
  39  
  40  // Do not use session system for defined pages
  41  if((isset($mybb->input['action']) && isset($nosession[$mybb->input['action']])) || (isset($mybb->input['thumbnail']) && $current_page == 'attachment.php'))
  42  {
  43      define('NO_ONLINE', 1);
  44  }
  45  
  46  // Create session for this user
  47  require_once  MYBB_ROOT.'inc/class_session.php';
  48  $session = new session;
  49  $session->init();
  50  $mybb->session = &$session;
  51  
  52  $mybb->user['ismoderator'] = is_moderator(0, '', $mybb->user['uid']);
  53  
  54  // Set our POST validation code here
  55  $mybb->post_code = generate_post_check();
  56  
  57  // Set and load the language
  58  if(isset($mybb->input['language']) && $lang->language_exists($mybb->get_input('language')) && verify_post_check($mybb->get_input('my_post_key'), true))
  59  {
  60      $mybb->settings['bblanguage'] = $mybb->get_input('language');
  61      // If user is logged in, update their language selection with the new one
  62      if($mybb->user['uid'])
  63      {
  64          if(isset($mybb->cookies['mybblang']))
  65          {
  66              my_unsetcookie('mybblang');
  67          }
  68  
  69          $db->update_query('users', array('language' => $db->escape_string($mybb->settings['bblanguage'])), "uid = '{$mybb->user['uid']}'");
  70      }
  71      // Guest = cookie
  72      else
  73      {
  74          my_setcookie('mybblang', $mybb->settings['bblanguage']);
  75      }
  76      $mybb->user['language'] = $mybb->settings['bblanguage'];
  77  }
  78  // Cookied language!
  79  else if(!$mybb->user['uid'] && !empty($mybb->cookies['mybblang']) && $lang->language_exists($mybb->cookies['mybblang']))
  80  {
  81      $mybb->settings['bblanguage'] = $mybb->cookies['mybblang'];
  82  }
  83  else if(!isset($mybb->settings['bblanguage']))
  84  {
  85      $mybb->settings['bblanguage'] = 'english';
  86  }
  87  
  88  // Load language
  89  $lang->set_language($mybb->settings['bblanguage']);
  90  $lang->load('global');
  91  $lang->load('messages');
  92  
  93  // Wipe lockout cookie if enough time has passed
  94  if($mybb->cookies['lockoutexpiry'] && $mybb->cookies['lockoutexpiry'] < TIME_NOW)
  95  {
  96      my_unsetcookie('lockoutexpiry');
  97  }
  98  
  99  // Run global_start plugin hook now that the basics are set up
 100  $plugins->run_hooks('global_start');
 101  
 102  if(function_exists('mb_internal_encoding') && !empty($lang->settings['charset']))
 103  {
 104      @mb_internal_encoding($lang->settings['charset']);
 105  }
 106  
 107  // Select the board theme to use.
 108  $loadstyle = '';
 109  $load_from_forum = $load_from_user = 0;
 110  $style = array();
 111  
 112  // The user used our new quick theme changer
 113  if(isset($mybb->input['theme']) && verify_post_check($mybb->get_input('my_post_key'), true))
 114  {
 115      // Set up user handler.
 116      require_once  MYBB_ROOT.'inc/datahandlers/user.php';
 117      $userhandler = new UserDataHandler('update');
 118  
 119      $user = array(
 120          'uid'    => $mybb->user['uid'],
 121          'style'    => $mybb->get_input('theme', MyBB::INPUT_INT),
 122          'usergroup'    => $mybb->user['usergroup'],
 123          'additionalgroups'    => $mybb->user['additionalgroups']
 124      );
 125  
 126      $userhandler->set_data($user);
 127  
 128      // validate_user verifies the style if it is set in the data array.
 129      if($userhandler->validate_user())
 130      {
 131          $mybb->user['style'] = $user['style'];
 132  
 133          // If user is logged in, update their theme selection with the new one
 134          if($mybb->user['uid'])
 135          {
 136              if(isset($mybb->cookies['mybbtheme']))
 137              {
 138                  my_unsetcookie('mybbtheme');
 139              }
 140  
 141              $userhandler->update_user();
 142          }
 143          // Guest = cookie
 144          else
 145          {
 146              my_setcookie('mybbtheme', $user['style']);
 147          }
 148      }
 149  }
 150  // Cookied theme!
 151  else if(!$mybb->user['uid'] && !empty($mybb->cookies['mybbtheme']))
 152  {
 153      $mybb->user['style'] = (int)$mybb->cookies['mybbtheme'];
 154  }
 155  
 156  // This user has a custom theme set in their profile
 157  if(isset($mybb->user['style']) && (int)$mybb->user['style'] != 0)
 158  {
 159      $mybb->user['style'] = (int)$mybb->user['style'];
 160  
 161      $loadstyle = "tid = '{$mybb->user['style']}'";
 162      $load_from_user = 1;
 163  }
 164  
 165  $valid = array(
 166      'showthread.php',
 167      'forumdisplay.php',
 168      'newthread.php',
 169      'newreply.php',
 170      'ratethread.php',
 171      'editpost.php',
 172      'polls.php',
 173      'sendthread.php',
 174      'printthread.php',
 175      'moderation.php'
 176  );
 177  
 178  if(in_array($current_page, $valid))
 179  {
 180      cache_forums();
 181  
 182      // If we're accessing a post, fetch the forum theme for it and if we're overriding it
 183      if(isset($mybb->input['pid']) && THIS_SCRIPT != "polls.php")
 184      {
 185          $query = $db->simple_select("posts", "fid", "pid = '{$mybb->input['pid']}'", array("limit" => 1));
 186          $fid = $db->fetch_field($query, 'fid');
 187  
 188          if($fid)
 189          {
 190              $style = $forum_cache[$fid];
 191              $load_from_forum = 1;
 192          }
 193      }
 194      // We have a thread id and a forum id, we can easily fetch the theme for this forum
 195      else if(isset($mybb->input['tid']))
 196      {
 197          $query = $db->simple_select('threads', 'fid', "tid = '{$mybb->input['tid']}'", array('limit' => 1));
 198          $fid = $db->fetch_field($query, 'fid');
 199  
 200          if($fid)
 201          {
 202              $style = $forum_cache[$fid];
 203              $load_from_forum = 1;
 204          }
 205      }
 206      // If we're accessing poll results, fetch the forum theme for it and if we're overriding it
 207      else if(isset($mybb->input['pid']) && THIS_SCRIPT == "polls.php")
 208      {
 209          $query = $db->simple_select('threads', 'fid', "poll = '{$mybb->input['pid']}'", array('limit' => 1));
 210          $fid = $db->fetch_field($query, 'fid');
 211  
 212          if($fid)
 213          {
 214              $style = $forum_cache[$fid];
 215              $load_from_forum = 1;
 216          }
 217      }
 218      // We have a forum id - simply load the theme from it
 219      else if(isset($mybb->input['fid']) && isset($forum_cache[$mybb->input['fid']]))
 220      {
 221          $style = $forum_cache[$mybb->input['fid']];
 222          $load_from_forum = 1;
 223      }
 224  }
 225  unset($valid);
 226  
 227  // From all of the above, a theme was found
 228  if(isset($style['style']) && $style['style'] > 0)
 229  {
 230      $style['style'] = (int)$style['style'];
 231  
 232      // This theme is forced upon the user, overriding their selection
 233      if($style['overridestyle'] == 1 || !isset($mybb->user['style']))
 234      {
 235          $loadstyle = "tid = '{$style['style']}'";
 236      }
 237  }
 238  
 239  // After all of that no theme? Load the board default
 240  if(empty($loadstyle))
 241  {
 242      $loadstyle = "def='1'";
 243  }
 244  
 245  // Fetch the theme to load from the cache
 246  if($loadstyle != "def='1'")
 247  {
 248      $query = $db->simple_select('themes', 'name, tid, properties, stylesheets, allowedgroups', $loadstyle, array('limit' => 1));
 249      $theme = $db->fetch_array($query);
 250  
 251      if(isset($theme['tid']) && !$load_from_forum && !is_member($theme['allowedgroups']) && $theme['allowedgroups'] != 'all')
 252      {
 253          if($load_from_user == 1)
 254          {
 255              $db->update_query('users', array('style' => 0), "style='{$mybb->user['style']}' AND uid='{$mybb->user['uid']}'");
 256          }
 257  
 258          if(isset($mybb->cookies['mybbtheme']))
 259          {
 260              my_unsetcookie('mybbtheme');
 261          }
 262  
 263          $loadstyle = "def='1'";
 264      }
 265  }
 266  
 267  if($loadstyle == "def='1'")
 268  {
 269      if(!$cache->read('default_theme'))
 270      {
 271          $cache->update_default_theme();
 272      }
 273  
 274      $theme = $cache->read('default_theme');
 275  
 276      $load_from_forum = $load_from_user = 0;
 277  }
 278  
 279  // No theme was found - we attempt to load the master or any other theme
 280  if(!isset($theme['tid']) || isset($theme['tid']) && !$theme['tid'])
 281  {
 282      // Missing theme was from a forum, run a query to set any forums using the theme to the default
 283      if($load_from_forum == 1)
 284      {
 285          $db->update_query('forums', array('style' => 0), "style = '{$style['style']}'");
 286      }
 287      // Missing theme was from a user, run a query to set any users using the theme to the default
 288      else if($load_from_user == 1)
 289      {
 290          $db->update_query('users', array('style' => 0), "style = '{$mybb->user['style']}'");
 291      }
 292  
 293      // Attempt to load the master or any other theme if the master is not available
 294      $query = $db->simple_select('themes', 'name, tid, properties, stylesheets', '', array('order_by' => 'tid', 'limit' => 1));
 295      $theme = $db->fetch_array($query);
 296  }
 297  $theme = @array_merge($theme, my_unserialize($theme['properties']));
 298  
 299  // Fetch all necessary stylesheets
 300  $stylesheets = '';
 301  $theme['stylesheets'] = my_unserialize($theme['stylesheets']);
 302  $stylesheet_scripts = array("global", basename($_SERVER['PHP_SELF']));
 303  if(!empty($theme['color']))
 304  {
 305      $stylesheet_scripts[] = $theme['color'];
 306  }
 307  $stylesheet_actions = array("global");
 308  if(!empty($mybb->input['action']))
 309  {
 310      $stylesheet_actions[] = $mybb->get_input('action');
 311  }
 312  foreach($stylesheet_scripts as $stylesheet_script)
 313  {
 314      // Load stylesheets for global actions and the current action
 315      foreach($stylesheet_actions as $stylesheet_action)
 316      {
 317          if(!$stylesheet_action)
 318          {
 319              continue;
 320          }
 321  
 322          if(!empty($theme['stylesheets'][$stylesheet_script][$stylesheet_action]))
 323          {
 324              // Actually add the stylesheets to the list
 325              foreach($theme['stylesheets'][$stylesheet_script][$stylesheet_action] as $page_stylesheet)
 326              {
 327                  if(!empty($already_loaded[$page_stylesheet]))
 328                  {
 329                      continue;
 330                  }
 331  
 332                  if(strpos($page_stylesheet, 'css.php') !== false)
 333                  {
 334                      $stylesheet_url = $mybb->settings['bburl'] . '/' . $page_stylesheet;
 335                  }
 336                  else
 337                  {
 338                      $stylesheet_url = $mybb->get_asset_url($page_stylesheet);
 339                  }
 340  
 341                  if($mybb->settings['minifycss'])
 342                  {
 343                      $stylesheet_url = str_replace('.css', '.min.css', $stylesheet_url);
 344                  }
 345  
 346                  if(strpos($page_stylesheet, 'css.php') !== false)
 347                  {
 348                      // We need some modification to get it working with the displayorder
 349                      $query_string = parse_url($stylesheet_url, PHP_URL_QUERY);
 350                      $id = (int) my_substr($query_string, 11);
 351                      $query = $db->simple_select("themestylesheets", "name", "sid={$id}");
 352                      $real_name = $db->fetch_field($query, "name");
 353                      $theme_stylesheets[$real_name] = "<link type=\"text/css\" rel=\"stylesheet\" href=\"{$stylesheet_url}\" />\n";
 354                  }
 355                  else
 356                  {
 357                      $theme_stylesheets[basename($page_stylesheet)] = "<link type=\"text/css\" rel=\"stylesheet\" href=\"{$stylesheet_url}\" />\n";
 358                  }
 359  
 360                  $already_loaded[$page_stylesheet] = 1;
 361              }
 362          }
 363      }
 364  }
 365  unset($actions);
 366  
 367  if(!empty($theme_stylesheets) && is_array($theme['disporder']))
 368  {
 369      foreach($theme['disporder'] as $style_name => $order)
 370      {
 371          if(!empty($theme_stylesheets[$style_name]))
 372          {
 373              $stylesheets .= $theme_stylesheets[$style_name];
 374          }
 375      }
 376  }
 377  
 378  // Are we linking to a remote theme server?
 379  if(my_validate_url($theme['imgdir']))
 380  {
 381      // If a language directory for the current language exists within the theme - we use it
 382      if(!empty($mybb->user['language']))
 383      {
 384          $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];
 385      }
 386      else
 387      {
 388          // Check if a custom language directory exists for this theme
 389          if(!empty($mybb->settings['bblanguage']))
 390          {
 391              $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
 392          }
 393          // Otherwise, the image language directory is the same as the language directory for the theme
 394          else
 395          {
 396              $theme['imglangdir'] = $theme['imgdir'];
 397          }
 398      }
 399  }
 400  else
 401  {
 402      $img_directory = $theme['imgdir'];
 403  
 404      if($mybb->settings['usecdn'] && !empty($mybb->settings['cdnpath']))
 405      {
 406          $img_directory = rtrim($mybb->settings['cdnpath'], '/') . '/' . ltrim($theme['imgdir'], '/');
 407      }
 408  
 409      if(!@is_dir($img_directory))
 410      {
 411          $theme['imgdir'] = 'images';
 412      }
 413  
 414      // If a language directory for the current language exists within the theme - we use it
 415      if(!empty($mybb->user['language']) && is_dir($img_directory.'/'.$mybb->user['language']))
 416      {
 417          $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->user['language'];
 418      }
 419      else
 420      {
 421          // Check if a custom language directory exists for this theme
 422          if(is_dir($img_directory.'/'.$mybb->settings['bblanguage']))
 423          {
 424              $theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
 425          }
 426          // Otherwise, the image language directory is the same as the language directory for the theme
 427          else
 428          {
 429              $theme['imglangdir'] = $theme['imgdir'];
 430          }
 431      }
 432  
 433      $theme['imgdir'] = $mybb->get_asset_url($theme['imgdir']);
 434      $theme['imglangdir'] = $mybb->get_asset_url($theme['imglangdir']);
 435  }
 436  
 437  // Theme logo - is it a relative URL to the forum root? Append bburl
 438  if(!preg_match("#^(\.\.?(/|$)|([a-z0-9]+)://)#i", $theme['logo']) && substr($theme['logo'], 0, 1) != '/')
 439  {
 440      $theme['logo'] = $mybb->get_asset_url($theme['logo']);
 441  }
 442  
 443  // Load Main Templates and Cached Templates
 444  if(isset($templatelist))
 445  {
 446      $templatelist .= ',';
 447  }
 448  else
 449  {
 450      $templatelist = '';
 451  }
 452  
 453  $templatelist .= "headerinclude,header,footer,gobutton,htmldoctype,header_welcomeblock_member,header_welcomeblock_member_user,header_welcomeblock_member_moderator,header_welcomeblock_member_admin,error";
 454  $templatelist .= ",global_pending_joinrequests,global_awaiting_activation,nav,nav_sep,nav_bit,nav_sep_active,nav_bit_active,footer_languageselect,footer_themeselect,global_unreadreports,footer_contactus";
 455  $templatelist .= ",global_boardclosed_warning,global_bannedwarning,error_inline,error_inline_item,error_nopermission_loggedin,error_nopermission,global_pm_alert,header_menu_search,header_menu_portal,redirect,footer_languageselect_option";
 456  $templatelist .= ",video_dailymotion_embed,video_facebook_embed,video_liveleak_embed,video_metacafe_embed,video_myspacetv_embed,video_mixer_embed,video_vimeo_embed,video_yahoo_embed,video_youtube_embed,debug_summary";
 457  $templatelist .= ",smilieinsert_row,smilieinsert_row_empty,smilieinsert,smilieinsert_getmore,smilieinsert_smilie,global_board_offline_modal,footer_themeselector,task_image,usercp_themeselector_option,php_warnings";
 458  $templatelist .= ",mycode_code,mycode_email,mycode_img,mycode_php,mycode_quote_post,mycode_size_int,mycode_url,global_no_permission_modal,global_boardclosed_reason,nav_dropdown,global_remote_avatar_notice";
 459  $templatelist .= ",header_welcomeblock_member_pms,header_welcomeblock_member_search,header_welcomeblock_guest,header_welcomeblock_guest_login_modal,header_welcomeblock_guest_login_modal_lockout";
 460  $templatelist .= ",header_menu_calendar,header_menu_memberlist,global_dst_detection,header_quicksearch,smilie";
 461  $templates->cache($db->escape_string($templatelist));
 462  
 463  // Set the current date and time now
 464  $datenow = my_date($mybb->settings['dateformat'], TIME_NOW, '', false);
 465  $timenow = my_date($mybb->settings['timeformat'], TIME_NOW);
 466  $lang->welcome_current_time = $lang->sprintf($lang->welcome_current_time, $datenow . $lang->comma . $timenow);
 467  
 468  // Format the last visit date of this user appropriately
 469  if(isset($mybb->user['lastvisit']))
 470  {
 471      $lastvisit = my_date('relative', $mybb->user['lastvisit'], '', 2);
 472  }
 473  // Otherwise, they've never visited before
 474  else
 475  {
 476      $lastvisit = $lang->lastvisit_never;
 477  }
 478  
 479  $plugins->run_hooks('global_intermediate');
 480  
 481  // If the board is closed and we have a usergroup allowed to view the board when closed, then show board closed warning
 482  $bbclosedwarning = '';
 483  if($mybb->settings['boardclosed'] == 1 && $mybb->usergroup['canviewboardclosed'] == 1)
 484  {
 485      eval('$bbclosedwarning = "'.$templates->get('global_boardclosed_warning').'";');
 486  }
 487  
 488  // Prepare the main templates for use
 489  $admincplink = $modcplink = $usercplink = '';
 490  
 491  // Load appropriate welcome block for the current logged in user
 492  if($mybb->user['uid'] != 0)
 493  {
 494      // User can access the admin cp and we're not hiding admin cp links, fetch it
 495      if($mybb->usergroup['cancp'] == 1 && $mybb->config['hide_admin_links'] != 1)
 496      {
 497          $admin_dir = $config['admin_dir'];
 498          eval('$admincplink = "'.$templates->get('header_welcomeblock_member_admin').'";');
 499      }
 500  
 501      if($mybb->usergroup['canmodcp'] == 1)
 502      {
 503          eval('$modcplink = "'.$templates->get('header_welcomeblock_member_moderator').'";');
 504      }
 505  
 506      if($mybb->usergroup['canusercp'] == 1)
 507      {
 508          eval('$usercplink = "'.$templates->get('header_welcomeblock_member_user').'";');
 509      }
 510  
 511      // Format the welcome back message
 512      $lang->welcome_back = $lang->sprintf($lang->welcome_back, build_profile_link(htmlspecialchars_uni($mybb->user['username']), $mybb->user['uid']), $lastvisit);
 513  
 514      $searchlink = '';
 515      if($mybb->usergroup['cansearch'] == 1)
 516      {
 517          eval('$searchlink = "'.$templates->get('header_welcomeblock_member_search').'";');
 518      }
 519  
 520      // Tell the user their PM usage
 521      $pmslink = '';
 522      if($mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] == 1)
 523      {
 524          $lang->welcome_pms_usage = $lang->sprintf($lang->welcome_pms_usage, my_number_format($mybb->user['pms_unread']), my_number_format($mybb->user['pms_total']));
 525  
 526          eval('$pmslink = "'.$templates->get('header_welcomeblock_member_pms').'";');
 527      }
 528  
 529      eval('$welcomeblock = "'.$templates->get('header_welcomeblock_member').'";');
 530  }
 531  // Otherwise, we have a guest
 532  else
 533  {
 534      switch($mybb->settings['username_method'])
 535      {
 536          case 0:
 537              $login_username = $lang->login_username;
 538              break;
 539          case 1:
 540              $login_username = $lang->login_username1;
 541              break;
 542          case 2:
 543              $login_username = $lang->login_username2;
 544              break;
 545          default:
 546              $login_username = $lang->login_username;
 547              break;
 548      }
 549  
 550      if($mybb->cookies['lockoutexpiry'])
 551      {
 552          $secsleft = (int)($mybb->cookies['lockoutexpiry'] - TIME_NOW);
 553          $hoursleft = floor($secsleft / 3600);
 554          $minsleft = floor(($secsleft / 60) % 60);
 555          $secsleft = floor($secsleft % 60);
 556  
 557          $lang->failed_login_wait = $lang->sprintf($lang->failed_login_wait, $hoursleft, $minsleft, $secsleft);
 558  
 559          eval('$loginform = "'.$templates->get('header_welcomeblock_guest_login_modal_lockout').'";');
 560      }
 561      else
 562      {
 563          eval('$loginform = "'.$templates->get('header_welcomeblock_guest_login_modal').'";');
 564      }
 565  
 566      eval('$welcomeblock = "'.$templates->get('header_welcomeblock_guest').'";');
 567  }
 568  
 569  // Display menu links and quick search if user has permission
 570  $menu_search = $menu_memberlist = $menu_portal = $menu_calendar = $quicksearch = '';
 571  if($mybb->usergroup['cansearch'] == 1)
 572  {
 573      eval('$menu_search = "'.$templates->get('header_menu_search').'";');
 574      eval('$quicksearch = "'.$templates->get('header_quicksearch').'";');
 575  }
 576  
 577  if($mybb->settings['enablememberlist'] == 1 && $mybb->usergroup['canviewmemberlist'] == 1)
 578  {
 579      eval('$menu_memberlist = "'.$templates->get('header_menu_memberlist').'";');
 580  }
 581  
 582  if($mybb->settings['enablecalendar'] == 1 && $mybb->usergroup['canviewcalendar'] == 1)
 583  {
 584      eval('$menu_calendar = "'.$templates->get('header_menu_calendar').'";');
 585  }
 586  
 587  if($mybb->settings['portal'] == 1)
 588  {
 589      eval('$menu_portal = "'.$templates->get('header_menu_portal').'";');
 590  }
 591  
 592  // See if there are any pending join requests for group leaders
 593  $pending_joinrequests = '';
 594  $groupleaders = $cache->read('groupleaders');
 595  if($mybb->user['uid'] != 0 && is_array($groupleaders) && array_key_exists($mybb->user['uid'], $groupleaders))
 596  {
 597      $groupleader = $groupleaders[$mybb->user['uid']];
 598      $showjoinnotice = false;
 599  
 600      $gids = "'0'";
 601      foreach($groupleader as $user)
 602      {
 603          if($user['canmanagerequests'] != 1)
 604          {
 605              continue;
 606          }
 607  
 608          $user['gid'] = (int)$user['gid'];
 609  
 610          if(!empty($groupscache[$user['gid']]['joinable']) && $groupscache[$user['gid']]['joinable'] == 1)
 611          {
 612              $showjoinnotice = true;
 613              $gids .= ",'{$user['gid']}'";
 614          }
 615      }
 616  
 617      if($showjoinnotice)
 618      {
 619          $query = $db->simple_select('joinrequests', 'COUNT(uid) as total', "gid IN ({$gids}) AND invite='0'");
 620          $total_joinrequests = $db->fetch_field($query, 'total');
 621  
 622          if($total_joinrequests > 0)
 623          {
 624              if($total_joinrequests == 1)
 625              {
 626                  $lang->pending_joinrequests = $lang->pending_joinrequest;
 627              }
 628              else
 629              {
 630                  $total_joinrequests = my_number_format($total_joinrequests);
 631                  $lang->pending_joinrequests = $lang->sprintf($lang->pending_joinrequests, $total_joinrequests);
 632              }
 633  
 634              eval('$pending_joinrequests = "'.$templates->get('global_pending_joinrequests').'";');
 635          }
 636      }
 637  }
 638  
 639  $unreadreports = '';
 640  // This user is a moderator, super moderator or administrator
 641  if($mybb->settings['reportmethod'] == "db" && ($mybb->usergroup['cancp'] == 1 || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1)))
 642  {
 643      // Only worth checking if we are here because we have ACP permissions and the other condition fails
 644      if($mybb->usergroup['cancp'] == 1 && !($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1))
 645      {
 646          // First we check if the user's a super admin: if yes, we don't care about permissions
 647          $can_access_moderationqueue = true;
 648          $is_super_admin = is_super_admin($mybb->user['uid']);
 649          if(!$is_super_admin)
 650          {
 651              // Include admin functions
 652              if(!file_exists(MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php"))
 653              {
 654                  $can_access_moderationqueue = false;
 655              }
 656  
 657              require_once MYBB_ROOT.$mybb->config['admin_dir']."/inc/functions.php";
 658  
 659              // Verify if we have permissions to access forum-moderation_queue
 660              require_once MYBB_ROOT.$mybb->config['admin_dir']."/modules/forum/module_meta.php";
 661              if(function_exists("forum_admin_permissions"))
 662              {
 663                  // Get admin permissions
 664                  $adminperms = get_admin_permissions($mybb->user['uid']);
 665  
 666                  $permissions = forum_admin_permissions();
 667                  if(array_key_exists('moderation_queue', $permissions['permissions']) && $adminperms['forum']['moderation_queue'] != 1)
 668                  {
 669                      $can_access_moderationqueue = false;
 670                  }
 671              }
 672          }
 673      }
 674      else
 675      {
 676          $can_access_moderationqueue = false;
 677      }
 678  
 679      if($can_access_moderationqueue || ($mybb->user['ismoderator'] && $mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanagereportedcontent'] == 1))
 680      {
 681          // Read the reported content cache
 682          $reported = $cache->read('reportedcontent');
 683  
 684          // 0 or more reported items currently exist
 685          if($reported['unread'] > 0)
 686          {
 687              // We want to avoid one extra query for users that can moderate any forum
 688              if($mybb->usergroup['cancp'] || $mybb->usergroup['issupermod'])
 689              {
 690                  $unread = (int)$reported['unread'];
 691              }
 692              else
 693              {
 694                  $unread = 0;
 695                  $query = $db->simple_select('reportedcontent', 'id3', "reportstatus='0' AND (type = 'post' OR type = '')");
 696  
 697                  while($fid = $db->fetch_field($query, 'id3'))
 698                  {
 699                      if(is_moderator($fid, "canmanagereportedposts"))
 700                      {
 701                          ++$unread;
 702                      }
 703                  }
 704              }
 705  
 706              if($unread > 0)
 707              {
 708                  if($unread == 1)
 709                  {
 710                      $lang->unread_reports = $lang->unread_report;
 711                  }
 712                  else
 713                  {
 714                      $lang->unread_reports = $lang->sprintf($lang->unread_reports, my_number_format($unread));
 715                  }
 716  
 717                  eval('$unreadreports = "'.$templates->get('global_unreadreports').'";');
 718              }
 719          }
 720      }
 721  }
 722  
 723  // Got a character set?
 724  $charset = 'UTF-8';
 725  if(isset($lang->settings['charset']) && $lang->settings['charset'])
 726  {
 727      $charset = $lang->settings['charset'];
 728  }
 729  
 730  // Is this user apart of a banned group?
 731  $bannedwarning = '';
 732  if($mybb->usergroup['isbannedgroup'] == 1)
 733  {
 734      // Fetch details on their ban
 735      $query = $db->simple_select('banned', '*', "uid = '{$mybb->user['uid']}'", array('limit' => 1));
 736      $ban = $db->fetch_array($query);
 737  
 738      if($ban['uid'])
 739      {
 740          // Format their ban lift date and reason appropriately
 741          $banlift = $lang->banned_lifted_never;
 742          $reason = htmlspecialchars_uni($ban['reason']);
 743  
 744          if($ban['lifted'] > 0)
 745          {
 746              $banlift = my_date('normal', $ban['lifted']);
 747          }
 748      }
 749  
 750      if(empty($reason))
 751      {
 752          $reason = $lang->unknown;
 753      }
 754  
 755      if(empty($banlift))
 756      {
 757          $banlift = $lang->unknown;
 758      }
 759  
 760      // Display a nice warning to the user
 761      eval('$bannedwarning = "'.$templates->get('global_bannedwarning').'";');
 762  }
 763  
 764  $lang->ajax_loading = str_replace("'", "\\'", $lang->ajax_loading);
 765  
 766  // Check if this user has a new private message.
 767  $pm_notice = '';
 768  if(isset($mybb->user['pmnotice']) && $mybb->user['pmnotice'] == 2 && $mybb->user['pms_unread'] > 0 && $mybb->settings['enablepms'] != 0 && $mybb->usergroup['canusepms'] != 0 && $mybb->usergroup['canview'] != 0 && ($current_page != "private.php" || $mybb->get_input('action') != "read"))
 769  {
 770      if(!isset($parser))
 771      {
 772          require_once  MYBB_ROOT.'inc/class_parser.php';
 773          $parser = new postParser;
 774      }
 775  
 776      $query = $db->query("
 777          SELECT pm.subject, pm.pmid, fu.username AS fromusername, fu.uid AS fromuid
 778          FROM ".TABLE_PREFIX."privatemessages pm
 779          LEFT JOIN ".TABLE_PREFIX."users fu on (fu.uid=pm.fromid)
 780          WHERE pm.folder = '1' AND pm.uid = '{$mybb->user['uid']}' AND pm.status = '0'
 781          ORDER BY pm.dateline DESC
 782          LIMIT 1
 783      ");
 784  
 785      $pm = $db->fetch_array($query);
 786      $pm['subject'] = $parser->parse_badwords($pm['subject']);
 787  
 788      if($pm['fromuid'] == 0)
 789      {
 790          $pm['fromusername'] = $lang->mybb_engine;
 791          $user_text = $pm['fromusername'];
 792      }
 793      else
 794      {
 795          $pm['fromusername'] = htmlspecialchars_uni($pm['fromusername']);
 796          $user_text = build_profile_link($pm['fromusername'], $pm['fromuid']);
 797      }
 798  
 799      if($mybb->user['pms_unread'] == 1)
 800      {
 801          $privatemessage_text = $lang->sprintf($lang->newpm_notice_one, $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject']));
 802      }
 803      else
 804      {
 805          $privatemessage_text = $lang->sprintf($lang->newpm_notice_multiple, $mybb->user['pms_unread'], $user_text, $mybb->settings['bburl'], $pm['pmid'], htmlspecialchars_uni($pm['subject']));
 806      }
 807      eval('$pm_notice = "'.$templates->get('global_pm_alert').'";');
 808  }
 809  
 810  $remote_avatar_notice = '';
 811  if(($mybb->user['avatartype'] === 'remote' || $mybb->user['avatartype'] === 'gravatar') && !$mybb->settings['allowremoteavatars'])
 812  {
 813      eval('$remote_avatar_notice = "'.$templates->get('global_remote_avatar_notice').'";');
 814  }
 815  
 816  if($mybb->settings['awactialert'] == 1 && $mybb->usergroup['cancp'] == 1)
 817  {
 818      $awaitingusers = $cache->read('awaitingactivation');
 819  
 820      if(isset($awaitingusers['time']) && $awaitingusers['time'] + 86400 < TIME_NOW)
 821      {
 822          $cache->update_awaitingactivation();
 823          $awaitingusers = $cache->read('awaitingactivation');
 824      }
 825  
 826      if(!empty($awaitingusers['users']))
 827      {
 828          $awaitingusers = (int)$awaitingusers['users'];
 829      }
 830      else
 831      {
 832          $awaitingusers = 0;
 833      }
 834  
 835      if($awaitingusers < 1)
 836      {
 837          $awaitingusers = 0;
 838      }
 839      else
 840      {
 841          $awaitingusers = my_number_format($awaitingusers);
 842      }
 843  
 844      if($awaitingusers > 0)
 845      {
 846          if($awaitingusers == 1)
 847          {
 848              $awaiting_message = $lang->awaiting_message_single;
 849          }
 850          else
 851          {
 852              $awaiting_message = $lang->sprintf($lang->awaiting_message_plural, $awaitingusers);
 853          }
 854  
 855          if($admincplink)
 856          {
 857              $awaiting_message .= $lang->sprintf($lang->awaiting_message_link, $mybb->settings['bburl'], $admin_dir);
 858          }
 859  
 860          eval('$awaitingusers = "'.$templates->get('global_awaiting_activation').'";');
 861      }
 862      else
 863      {
 864          $awaitingusers = '';
 865      }
 866  }
 867  
 868  // Set up some of the default templates
 869  eval('$headerinclude = "'.$templates->get('headerinclude').'";');
 870  eval('$gobutton = "'.$templates->get('gobutton').'";');
 871  eval('$htmldoctype = "'.$templates->get('htmldoctype', 1, 0).'";');
 872  eval('$header = "'.$templates->get('header').'";');
 873  
 874  $copy_year = my_date('Y', TIME_NOW);
 875  
 876  // Are we showing version numbers in the footer?
 877  $mybbversion = '';
 878  if($mybb->settings['showvernum'] == 1)
 879  {
 880      $mybbversion = ' '.$mybb->version;
 881  }
 882  
 883  // Check to see if we have any tasks to run
 884  $task_image = '';
 885  $task_cache = $cache->read('tasks');
 886  if(!$task_cache['nextrun'])
 887  {
 888      $task_cache['nextrun'] = TIME_NOW;
 889  }
 890  
 891  if($task_cache['nextrun'] <= TIME_NOW)
 892  {
 893      eval("\$task_image = \"".$templates->get("task_image")."\";");
 894  }
 895  
 896  // Post code
 897  $post_code_string = '';
 898  if($mybb->user['uid'])
 899  {
 900      $post_code_string = '&amp;my_post_key='.$mybb->post_code;
 901  }
 902  
 903  // Are we showing the quick language selection box?
 904  $lang_select = $lang_options = '';
 905  if($mybb->settings['showlanguageselect'] != 0)
 906  {
 907      $languages = $lang->get_languages();
 908  
 909      if(count($languages) > 1)
 910      {
 911          foreach($languages as $key => $language)
 912          {
 913              $language = htmlspecialchars_uni($language);
 914  
 915              // Current language matches
 916              if($lang->language == $key)
 917              {
 918                  $selected = " selected=\"selected\"";
 919              }
 920              else
 921              {
 922                  $selected = '';
 923              }
 924  
 925              eval('$lang_options .= "'.$templates->get('footer_languageselect_option').'";');
 926          }
 927  
 928          $lang_redirect_url = get_current_location(true, 'language');
 929          eval('$lang_select = "'.$templates->get('footer_languageselect').'";');
 930      }
 931  }
 932  
 933  // Are we showing the quick theme selection box?
 934  $theme_select = $theme_options = '';
 935  if($mybb->settings['showthemeselect'] != 0)
 936  {
 937      $theme_options = build_theme_select("theme", $mybb->user['style'], 0, '', false, true);
 938  
 939      if(!empty($theme_options))
 940      {
 941          $theme_redirect_url = get_current_location(true, 'theme');
 942          eval('$theme_select = "'.$templates->get('footer_themeselect').'";');
 943      }
 944  }
 945  
 946  // If we use the contact form, show 'Contact Us' link when appropriate
 947  $contact_us = '';
 948  if(($mybb->settings['contactlink'] == "contact.php" && $mybb->settings['contact'] == 1 && ($mybb->settings['contact_guests'] != 1 && $mybb->user['uid'] == 0 || $mybb->user['uid'] > 0)) || $mybb->settings['contactlink'] != "contact.php")
 949  {
 950      if(!my_validate_url($mybb->settings['contactlink'], true) && my_substr($mybb->settings['contactlink'], 0, 7) != 'mailto:')
 951      {
 952          $mybb->settings['contactlink'] = $mybb->settings['bburl'].'/'.$mybb->settings['contactlink'];
 953      }
 954  
 955      eval('$contact_us = "'.$templates->get('footer_contactus').'";');
 956  }
 957  
 958  // DST Auto detection enabled?
 959  $auto_dst_detection = '';
 960  if($mybb->user['uid'] > 0 && $mybb->user['dstcorrection'] == 2)
 961  {
 962      $timezone = (float)$mybb->user['timezone'] + $mybb->user['dst'];
 963      eval('$auto_dst_detection = "'.$templates->get('global_dst_detection').'";');
 964  }
 965  
 966  eval('$footer = "'.$templates->get('footer').'";');
 967  
 968  // Add our main parts to the navigation
 969  $navbits = array();
 970  $navbits[0]['name'] = $mybb->settings['bbname_orig'];
 971  $navbits[0]['url'] = $mybb->settings['bburl'].'/index.php';
 972  
 973  // Set the link to the archive.
 974  $archive_url = build_archive_link();
 975  
 976  // Check banned ip addresses
 977  if(is_banned_ip($session->ipaddress, true))
 978  {
 979      if($mybb->user['uid'])
 980      {
 981          $db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip)." OR uid='{$mybb->user['uid']}'");
 982      }
 983      else
 984      {
 985          $db->delete_query('sessions', "ip = ".$db->escape_binary($session->packedip));
 986      }
 987      error($lang->error_banned);
 988  }
 989  
 990  $closed_bypass = array(
 991      'member.php' => array(
 992          'login',
 993          'do_login',
 994          'logout',
 995      ),
 996      'captcha.php',
 997      'contact.php',
 998  );
 999  
1000  // If the board is closed, the user is not an administrator and they're not trying to login, show the board closed message
1001  if($mybb->settings['boardclosed'] == 1 && $mybb->usergroup['canviewboardclosed'] != 1 && !in_array($current_page, $closed_bypass) && (!is_array($closed_bypass[$current_page]) || !in_array($mybb->get_input('action'), $closed_bypass[$current_page])))
1002  {
1003      // Show error
1004      if(!$mybb->settings['boardclosed_reason'])
1005      {
1006          $mybb->settings['boardclosed_reason'] = $lang->boardclosed_reason;
1007      }
1008  
1009      eval('$reason = "'.$templates->get('global_boardclosed_reason').'";');
1010      $lang->error_boardclosed .= $reason;
1011  
1012      if(!$mybb->get_input('modal'))
1013      {
1014          error($lang->error_boardclosed);
1015      }
1016      else
1017      {
1018          $output = '';
1019          eval('$output = "'.$templates->get('global_board_offline_modal', 1, 0).'";');
1020          echo($output);
1021      }
1022      exit;
1023  }
1024  
1025  $force_bypass = array(
1026      'member.php' => array(
1027          'login',
1028          'do_login',
1029          'logout',
1030          'register',
1031          'do_register',
1032          'lostpw',
1033          'do_lostpw',
1034          'activate',
1035          'resendactivation',
1036          'do_resendactivation',
1037          'resetpassword',
1038      ),
1039      'captcha.php',
1040      'contact.php',
1041  );
1042  
1043  // If the board forces user to login/register, and the user is a guest, show the force login message
1044  if($mybb->settings['forcelogin'] == 1 && $mybb->user['uid'] == 0 && !in_array($current_page, $force_bypass) && (!is_array($force_bypass[$current_page]) || !in_array($mybb->get_input('action'), $force_bypass[$current_page])))
1045  {
1046      // Show error
1047      error_no_permission();
1048      exit;
1049  }
1050  
1051  // Load Limiting
1052  if($mybb->usergroup['cancp'] != 1 && $mybb->settings['load'] > 0 && ($load = get_server_load()) && $load != $lang->unknown && $load > $mybb->settings['load'])
1053  {
1054      // User is not an administrator and the load limit is higher than the limit, show an error
1055      error($lang->error_loadlimit);
1056  }
1057  
1058  // If there is a valid referrer in the URL, cookie it
1059  if(!$mybb->user['uid'] && $mybb->settings['usereferrals'] == 1 && (isset($mybb->input['referrer']) || isset($mybb->input['referrername'])))
1060  {
1061      if(isset($mybb->input['referrername']))
1062      {
1063          $condition = "username = '".$db->escape_string($mybb->get_input('referrername'))."'";
1064      }
1065      else
1066      {
1067          $condition = "uid = '".$mybb->get_input('referrer', MyBB::INPUT_INT)."'";
1068      }
1069  
1070      $query = $db->simple_select('users', 'uid', $condition, array('limit' => 1));
1071      $referrer = $db->fetch_array($query);
1072  
1073      if($referrer['uid'])
1074      {
1075          my_setcookie('mybb[referrer]', $referrer['uid']);
1076      }
1077  }
1078  
1079  $output = '';
1080  $notallowed = false;
1081  if($mybb->usergroup['canview'] != 1)
1082  {
1083      // Check pages allowable even when not allowed to view board
1084      if(defined('ALLOWABLE_PAGE'))
1085      {
1086          if(is_string(ALLOWABLE_PAGE))
1087          {
1088              $allowable_actions = explode(',', ALLOWABLE_PAGE);
1089              if(!in_array($mybb->get_input('action'), $allowable_actions))
1090              {
1091                  $notallowed = true;
1092              }
1093  
1094              unset($allowable_actions);
1095          }
1096          else if(ALLOWABLE_PAGE !== 1)
1097          {
1098              $notallowed = true;
1099          }
1100      }
1101      else
1102      {
1103          $notallowed = true;
1104      }
1105  
1106      if($notallowed == true)
1107      {
1108          if(!$mybb->get_input('modal'))
1109          {
1110              error_no_permission();
1111          }
1112          else
1113          {
1114              eval('$output = "'.$templates->get('global_no_permission_modal', 1, 0).'";');
1115              echo($output);
1116              exit;
1117          }
1118      }
1119  }
1120  
1121  // Find out if this user of ours is using a banned email address.
1122  // If they are, redirect them to change it
1123  if($mybb->user['uid'] && is_banned_email($mybb->user['email']) && $mybb->settings['emailkeep'] != 1)
1124  {
1125      if(THIS_SCRIPT != 'usercp.php' || THIS_SCRIPT == 'usercp.php' && $mybb->get_input('action') != 'email' && $mybb->get_input('action') != 'do_email')
1126      {
1127          redirect('usercp.php?action=email');
1128      }
1129      else if($mybb->request_method != 'post')
1130      {
1131          $banned_email_error = inline_error(array($lang->banned_email_warning));
1132      }
1133  }
1134  
1135  // work out which items the user has collapsed
1136  $colcookie = '';
1137  if(!empty($mybb->cookies['collapsed']))
1138  {
1139      $colcookie = $mybb->cookies['collapsed'];
1140  }
1141  
1142  $collapse = $collapsed = $collapsedimg = array();
1143  
1144  if($colcookie)
1145  {
1146      // Preserve and don't unset $collapse, will be needed globally throughout many pages
1147      $collapse = explode("|", $colcookie);
1148      foreach($collapse as $val)
1149      {
1150          $ex = $val."_e";
1151          $co = $val."_c";
1152          $collapsed[$co] = "display: show;";
1153          $collapsed[$ex] = "display: none;";
1154          $collapsedimg[$val] = "_collapsed";
1155          $collapsedthead[$val] = " thead_collapsed";
1156      }
1157  }
1158  
1159  // Run hooks for end of global.php
1160  $plugins->run_hooks('global_end');
1161  
1162  $globaltime = $maintimer->getTime();


2005 - 2018 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1