[ Index ]

PHP Cross Reference of MyBB 1.8.19

title

Body

[close]

/ -> misc.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define("IGNORE_CLEAN_VARS", "sid");
  13  define('THIS_SCRIPT', 'misc.php');
  14  
  15  $templatelist = "misc_rules_forum,misc_help_helpdoc,misc_whoposted_poster,misc_whoposted,misc_smilies_popup_smilie,misc_smilies_popup,misc_smilies_popup_empty,misc_smilies_popup_row,multipage_start";
  16  $templatelist .= ",misc_buddypopup,misc_buddypopup_user,misc_buddypopup_user_none,misc_buddypopup_user_online,misc_buddypopup_user_offline,misc_buddypopup_user_sendpm,misc_syndication_forumlist";
  17  $templatelist .= ",misc_smilies,misc_smilies_smilie,misc_help_section_bit,misc_help_section,misc_help,forumdisplay_password_wrongpass,forumdisplay_password,misc_helpresults,misc_helpresults_bit";
  18  $templatelist .= ",multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,misc_imcenter_error";
  19  $templatelist .= ",misc_smilies_popup_no_smilies,misc_smilies_no_smilies,misc_syndication,misc_help_search,misc_helpresults_noresults,misc_syndication_forumlist_forum,misc_syndication_feedurl,misc_whoposted_page";
  20  
  21  require_once  "./global.php";
  22  require_once  MYBB_ROOT."inc/functions_post.php";
  23  
  24  // Load global language phrases
  25  $lang->load("misc");
  26  
  27  $plugins->run_hooks("misc_start");
  28  
  29  $mybb->input['action'] = $mybb->get_input('action');
  30  if($mybb->input['action'] == "dstswitch" && $mybb->request_method == "post" && $mybb->user['uid'] > 0)
  31  {
  32      if($mybb->user['dstcorrection'] == 2)
  33      {
  34          if($mybb->user['dst'] == 1)
  35          {
  36              $update_array = array("dst" => 0);
  37          }
  38          else
  39          {
  40              $update_array = array("dst" => 1);
  41          }
  42      }
  43      $db->update_query("users", $update_array, "uid='{$mybb->user['uid']}'");
  44      if(!isset($mybb->input['ajax']))
  45      {
  46          redirect("index.php", $lang->dst_settings_updated);
  47      }
  48      else
  49      {
  50          echo "done";
  51          exit;
  52      }
  53  }
  54  elseif($mybb->input['action'] == "markread")
  55  {
  56      if($mybb->user['uid'] && verify_post_check($mybb->get_input('my_post_key'), true) !== true)
  57      {
  58          // Protect our user's unread forums from CSRF
  59          error($lang->invalid_post_code);
  60      }
  61  
  62      if(isset($mybb->input['fid']))
  63      {
  64          $validforum = get_forum($mybb->input['fid']);
  65          if(!$validforum)
  66          {
  67              if(!isset($mybb->input['ajax']))
  68              {
  69                  error($lang->error_invalidforum);
  70              }
  71              else
  72              {
  73                  echo 0;
  74                  exit;
  75              }
  76          }
  77  
  78          require_once  MYBB_ROOT."/inc/functions_indicators.php";
  79          mark_forum_read($mybb->input['fid']);
  80  
  81          $plugins->run_hooks("misc_markread_forum");
  82  
  83          if(!isset($mybb->input['ajax']))
  84          {
  85              redirect(get_forum_link($mybb->input['fid']), $lang->redirect_markforumread);
  86          }
  87          else
  88          {
  89              echo 1;
  90              exit;
  91          }
  92      }
  93      else
  94      {
  95  
  96          $plugins->run_hooks("misc_markread_end");
  97          require_once  MYBB_ROOT."/inc/functions_indicators.php";
  98          mark_all_forums_read();
  99          redirect("index.php", $lang->redirect_markforumsread);
 100      }
 101  }
 102  elseif($mybb->input['action'] == "clearpass")
 103  {
 104      $plugins->run_hooks("misc_clearpass");
 105  
 106      if(isset($mybb->input['fid']))
 107      {
 108          if(!verify_post_check($mybb->get_input('my_post_key')))
 109          {
 110              error($lang->invalid_post_code);
 111          }
 112  
 113          my_unsetcookie("forumpass[".$mybb->get_input('fid', MyBB::INPUT_INT)."]");
 114          redirect("index.php", $lang->redirect_forumpasscleared);
 115      }
 116  }
 117  elseif($mybb->input['action'] == "rules")
 118  {
 119      if(isset($mybb->input['fid']))
 120      {
 121          $plugins->run_hooks("misc_rules_start");
 122  
 123          $fid = $mybb->input['fid'];
 124  
 125          $forum = get_forum($fid);
 126          if(!$forum || $forum['type'] != "f" || $forum['rules'] == '')
 127          {
 128              error($lang->error_invalidforum);
 129          }
 130  
 131          $forumpermissions = forum_permissions($forum['fid']);
 132          if($forumpermissions['canview'] != 1)
 133          {
 134              error_no_permission();
 135          }
 136  
 137          if(!$forum['rulestitle'])
 138          {
 139              $forum['rulestitle'] = $lang->sprintf($lang->forum_rules, $forum['name']);
 140          }
 141  
 142          require_once  MYBB_ROOT."inc/class_parser.php";
 143          $parser = new postParser();
 144          $parser_options = array(
 145              "allow_html" => 1,
 146              "allow_mycode" => 1,
 147              "allow_smilies" => 1,
 148              "allow_imgcode" => 1,
 149              "filter_badwords" => 1
 150          );
 151  
 152          $forum['rules'] = $parser->parse_message($forum['rules'], $parser_options);
 153  
 154          // Make navigation
 155          build_forum_breadcrumb($mybb->input['fid']);
 156          add_breadcrumb($forum['rulestitle']);
 157  
 158          $plugins->run_hooks("misc_rules_end");
 159  
 160          eval("\$rules = \"".$templates->get("misc_rules_forum")."\";");
 161          output_page($rules);
 162      }
 163  
 164  }
 165  elseif($mybb->input['action'] == "do_helpsearch" && $mybb->request_method == "post")
 166  {
 167      $plugins->run_hooks("misc_do_helpsearch_start");
 168  
 169      if($mybb->settings['helpsearch'] != 1)
 170      {
 171          error($lang->error_helpsearchdisabled);
 172      }
 173  
 174      // Check if search flood checking is enabled and user is not admin
 175      if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1)
 176      {
 177          // Fetch the time this user last searched
 178          $timecut = TIME_NOW-$mybb->settings['searchfloodtime'];
 179          $query = $db->simple_select("searchlog", "*", "uid='{$mybb->user['uid']}' AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC"));
 180          $last_search = $db->fetch_array($query);
 181          // Users last search was within the flood time, show the error
 182          if($last_search['sid'])
 183          {
 184              $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']);
 185              if($remaining_time == 1)
 186              {
 187                  $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']);
 188              }
 189              else
 190              {
 191                  $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time);
 192              }
 193              error($lang->error_searchflooding);
 194          }
 195      }
 196  
 197      if($mybb->get_input('name', MyBB::INPUT_INT) != 1 && $mybb->get_input('document', MyBB::INPUT_INT) != 1)
 198      {
 199          error($lang->error_nosearchresults);
 200      }
 201  
 202      if($mybb->get_input('document', MyBB::INPUT_INT) == 1)
 203      {
 204          $resulttype = "helpdoc";
 205      }
 206      else
 207      {
 208          $resulttype = "helpname";
 209      }
 210  
 211      $search_data = array(
 212          "keywords" => $mybb->get_input('keywords'),
 213          "name" => $mybb->get_input('name', MyBB::INPUT_INT),
 214          "document" => $mybb->get_input('document', MyBB::INPUT_INT),
 215      );
 216  
 217      if($db->can_search == true)
 218      {
 219          require_once  MYBB_ROOT."inc/functions_search.php";
 220  
 221          $search_results = helpdocument_perform_search_mysql($search_data);
 222      }
 223      else
 224      {
 225          error($lang->error_no_search_support);
 226      }
 227      $sid = md5(uniqid(microtime(), true));
 228      $searcharray = array(
 229          "sid" => $db->escape_string($sid),
 230          "uid" => $mybb->user['uid'],
 231          "dateline" => TIME_NOW,
 232          "ipaddress" => $db->escape_binary($session->packedip),
 233          "threads" => '',
 234          "posts" => '',
 235          "resulttype" => $resulttype,
 236          "querycache" => $search_results['querycache'],
 237          "keywords" => $db->escape_string($mybb->get_input('keywords')),
 238      );
 239      $plugins->run_hooks("misc_do_helpsearch_process");
 240  
 241      $db->insert_query("searchlog", $searcharray);
 242  
 243      $plugins->run_hooks("misc_do_helpsearch_end");
 244      redirect("misc.php?action=helpresults&sid={$sid}", $lang->redirect_searchresults);
 245  }
 246  elseif($mybb->input['action'] == "helpresults")
 247  {
 248      if($mybb->settings['helpsearch'] != 1)
 249      {
 250          error($lang->error_helpsearchdisabled);
 251      }
 252  
 253      $sid = $mybb->get_input('sid');
 254      $query = $db->simple_select("searchlog", "*", "sid='".$db->escape_string($sid)."' AND uid='{$mybb->user['uid']}'");
 255      $search = $db->fetch_array($query);
 256  
 257      if(!$search)
 258      {
 259          error($lang->error_invalidsearch);
 260      }
 261  
 262      $plugins->run_hooks("misc_helpresults_start");
 263  
 264      add_breadcrumb($lang->nav_helpdocs, "misc.php?action=help");
 265      add_breadcrumb($lang->search_results, "misc.php?action=helpresults&sid={$sid}");
 266  
 267      if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
 268      {
 269          $mybb->settings['threadsperpage'] = 20;
 270      }
 271  
 272      $query = $db->simple_select("helpdocs", "COUNT(*) AS total", "hid IN(".$db->escape_string($search['querycache']).")");
 273      $helpcount = $db->fetch_field($query, "total");
 274  
 275      // Work out pagination, which page we're at, as well as the limits.
 276      $perpage = $mybb->settings['threadsperpage'];
 277      $page = $mybb->get_input('page', MyBB::INPUT_INT);
 278      if($page > 0)
 279      {
 280          $start = ($page-1) * $perpage;
 281          $pages = ceil($helpcount / $perpage);
 282          if($pages > $page)
 283          {
 284              $start = 0;
 285              $page = 1;
 286          }
 287      }
 288      else
 289      {
 290          $start = 0;
 291          $page = 1;
 292      }
 293      $end = $start + $perpage;
 294      $lower = $start+1;
 295      $upper = $end;
 296  
 297      // Work out if we have terms to highlight
 298      $highlight = "";
 299      if($search['keywords'])
 300      {
 301          $highlight = "&amp;highlight=".urlencode($search['keywords']);
 302      }
 303  
 304      // Do Multi Pages
 305      if($upper > $helpcount)
 306      {
 307          $upper = $helpcount;
 308      }
 309      $multipage = multipage($helpcount, $perpage, $page, "misc.php?action=helpresults&amp;sid='".htmlspecialchars_uni($mybb->get_input('sid'))."'");
 310      $helpdoclist = '';
 311  
 312      require_once  MYBB_ROOT."inc/class_parser.php";
 313      $parser = new postParser();
 314  
 315      $query = $db->query("
 316          SELECT h.*, s.enabled
 317          FROM ".TABLE_PREFIX."helpdocs h
 318          LEFT JOIN ".TABLE_PREFIX."helpsections s ON (s.sid=h.sid)
 319          WHERE h.hid IN(".$db->escape_string($search['querycache']).") AND h.enabled='1' AND s.enabled='1'
 320          LIMIT {$start}, {$perpage}
 321      ");
 322      while($helpdoc = $db->fetch_array($query))
 323      {
 324          $bgcolor = alt_trow();
 325  
 326          if(my_strlen($helpdoc['name']) > 50)
 327          {
 328              $helpdoc['name'] = htmlspecialchars_uni(my_substr($helpdoc['name'], 0, 50)."...");
 329          }
 330          else
 331          {
 332              $helpdoc['name'] = htmlspecialchars_uni($helpdoc['name']);
 333          }
 334  
 335          $parser_options = array(
 336              'allow_html' => 1,
 337              'allow_mycode' => 0,
 338              'allow_smilies' => 0,
 339              'allow_imgcode' => 0,
 340              'filter_badwords' => 1
 341          );
 342          $helpdoc['helpdoc'] = $parser->parse_message($helpdoc['document'], $parser_options);
 343  
 344          if(my_strlen($helpdoc['helpdoc']) > 350)
 345          {
 346              $prev = my_substr($helpdoc['helpdoc'], 0, 350)."...";
 347          }
 348          else
 349          {
 350              $prev = $helpdoc['helpdoc'];
 351          }
 352  
 353          $plugins->run_hooks("misc_helpresults_bit");
 354  
 355          eval("\$helpdoclist .= \"".$templates->get("misc_helpresults_bit")."\";");
 356      }
 357  
 358      if($db->num_rows($query) == 0)
 359      {
 360          eval("\$helpdoclist = \"".$templates->get("misc_helpresults_noresults")."\";");
 361      }
 362  
 363      $plugins->run_hooks("misc_helpresults_end");
 364  
 365      eval("\$helpresults = \"".$templates->get("misc_helpresults")."\";");
 366      output_page($helpresults);
 367  }
 368  elseif($mybb->input['action'] == "help")
 369  {
 370      $lang->load("helpdocs");
 371      $lang->load("helpsections");
 372      $lang->load("customhelpdocs");
 373      $lang->load("customhelpsections");
 374  
 375      $hid = $mybb->get_input('hid', MyBB::INPUT_INT);
 376      add_breadcrumb($lang->nav_helpdocs, "misc.php?action=help");
 377  
 378      if($hid)
 379      {
 380          $query = $db->query("
 381              SELECT h.*, s.enabled AS section
 382              FROM ".TABLE_PREFIX."helpdocs h
 383              LEFT JOIN ".TABLE_PREFIX."helpsections s ON (s.sid=h.sid)
 384              WHERE h.hid='{$hid}'
 385          ");
 386  
 387          $helpdoc = $db->fetch_array($query);
 388          if($helpdoc['section'] != 0 && $helpdoc['enabled'] != 0)
 389          {
 390              $plugins->run_hooks("misc_help_helpdoc_start");
 391  
 392              // If we have incoming search terms to highlight - get it done (only if not using translation).
 393              if(!empty($mybb->input['highlight']) && $helpdoc['usetranslation'] != 1)
 394              {
 395                  require_once  MYBB_ROOT."inc/class_parser.php";
 396                  $parser = new postParser();
 397  
 398                  $highlight = $mybb->input['highlight'];
 399                  $helpdoc['name'] = $parser->highlight_message($helpdoc['name'], $highlight);
 400                  $helpdoc['document'] = $parser->highlight_message($helpdoc['document'], $highlight);
 401              }
 402  
 403              if($helpdoc['usetranslation'] == 1)
 404              {
 405                  $langnamevar = "d".$helpdoc['hid']."_name";
 406                  $langdescvar = "d".$helpdoc['hid']."_desc";
 407                  $langdocvar = "d".$helpdoc['hid']."_document";
 408                  if($lang->$langnamevar)
 409                  {
 410                      $helpdoc['name'] = $lang->$langnamevar;
 411                  }
 412                  if($lang->$langdescvar)
 413                  {
 414                      $helpdoc['description'] = $lang->$langdescvar;
 415                  }
 416                  if($lang->$langdocvar)
 417                  {
 418                      $helpdoc['document'] = $lang->$langdocvar;
 419                  }
 420              }
 421  
 422              if($helpdoc['hid'] == 3)
 423              {
 424                  $helpdoc['document'] = $lang->sprintf($helpdoc['document'], $mybb->post_code);
 425              }
 426  
 427              add_breadcrumb($helpdoc['name']);
 428  
 429              $plugins->run_hooks("misc_help_helpdoc_end");
 430  
 431              eval("\$helppage = \"".$templates->get("misc_help_helpdoc")."\";");
 432              output_page($helppage);
 433          }
 434          else
 435          {
 436              error($lang->error_invalidhelpdoc);
 437          }
 438      }
 439      else
 440      {
 441          $plugins->run_hooks("misc_help_section_start");
 442  
 443          $query = $db->simple_select("helpdocs", "*", "", array('order_by' => 'sid, disporder'));
 444          while($helpdoc = $db->fetch_array($query))
 445          {
 446              $helpdocs[$helpdoc['sid']][$helpdoc['disporder']][$helpdoc['hid']] = $helpdoc;
 447          }
 448          unset($helpdoc);
 449          $sections = '';
 450          $query = $db->simple_select("helpsections", "*", "enabled != 0", array('order_by' => 'disporder'));
 451          while($section = $db->fetch_array($query))
 452          {
 453              if($section['usetranslation'] == 1)
 454              {
 455                  $langnamevar = "s".$section['sid']."_name";
 456                  $langdescvar = "s".$section['sid']."_desc";
 457                  if($lang->$langnamevar)
 458                  {
 459                      $section['name'] = $lang->$langnamevar;
 460                  }
 461                  if($lang->$langdescvar)
 462                  {
 463                      $section['description'] = $lang->$langdescvar;
 464                  }
 465              }
 466              if(is_array($helpdocs[$section['sid']]))
 467              {
 468                  $helpbits = '';
 469                  foreach($helpdocs[$section['sid']] as $key => $bit)
 470                  {
 471                      foreach($bit as $key => $helpdoc)
 472                      {
 473                          if($helpdoc['enabled'] != 0)
 474                          {
 475                              if($helpdoc['usetranslation'] == 1)
 476                              {
 477                                  $langnamevar = "d".$helpdoc['hid'].'_name';
 478                                  $langdescvar = "d".$helpdoc['hid'].'_desc';
 479                                  if($lang->$langnamevar)
 480                                  {
 481                                      $helpdoc['name'] = $lang->$langnamevar;
 482                                  }
 483                                  if($lang->$langdescvar)
 484                                  {
 485                                      $helpdoc['description'] = $lang->$langdescvar;
 486                                  }
 487                              }
 488                              $altbg = alt_trow();
 489                              eval("\$helpbits .= \"".$templates->get("misc_help_section_bit")."\";");
 490                          }
 491                      }
 492                      $expdisplay = '';
 493                      $sname = "sid_".$section['sid']."_c";
 494                      if(isset($collapsed[$sname]) && $collapsed[$sname] == "display: show;")
 495                      {
 496                          $expcolimage = "collapse_collapsed.png";
 497                          $expdisplay = "display: none;";
 498                          $expthead = " thead_collapsed";
 499                          $expaltext = "[+]";
 500                      }
 501                      else
 502                      {
 503                          $expcolimage = "collapse.png";
 504                          $expthead = "";
 505                          $expaltext = "[-]";
 506                      }
 507                  }
 508                  eval("\$sections .= \"".$templates->get("misc_help_section")."\";");
 509              }
 510          }
 511  
 512          if($mybb->settings['helpsearch'] == 1)
 513          {
 514              eval("\$search = \"".$templates->get("misc_help_search")."\";");
 515          }
 516  
 517          $plugins->run_hooks("misc_help_section_end");
 518  
 519          eval("\$help = \"".$templates->get("misc_help")."\";");
 520          output_page($help);
 521      }
 522  }
 523  elseif($mybb->input['action'] == "buddypopup")
 524  {
 525      $plugins->run_hooks("misc_buddypopup_start");
 526  
 527      if($mybb->user['uid'] == 0)
 528      {
 529          error_no_permission();
 530      }
 531  
 532      if(isset($mybb->input['removebuddy']) && verify_post_check($mybb->input['my_post_key']))
 533      {
 534          $buddies = $mybb->user['buddylist'];
 535          $namesarray = explode(",", $buddies);
 536          $mybb->input['removebuddy'] = $mybb->get_input('removebuddy', MyBB::INPUT_INT);
 537          if(is_array($namesarray))
 538          {
 539              foreach($namesarray as $key => $buddyid)
 540              {
 541                  if($buddyid == $mybb->input['removebuddy'])
 542                  {
 543                      unset($namesarray[$key]);
 544                  }
 545              }
 546              $buddylist = implode(',', $namesarray);
 547              $db->update_query("users", array('buddylist' => $buddylist), "uid='".$mybb->user['uid']."'");
 548              $mybb->user['buddylist'] = $buddylist;
 549          }
 550      }
 551  
 552      // Load Buddies
 553      $buddies = '';
 554      if($mybb->user['buddylist'] != "")
 555      {
 556          $buddys = array('online' => '', 'offline' => '');
 557          $timecut = TIME_NOW - $mybb->settings['wolcutoff'];
 558  
 559          $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array('order_by' => 'lastactive'));
 560  
 561          while($buddy = $db->fetch_array($query))
 562          {
 563              $buddy['username'] = htmlspecialchars_uni($buddy['username']);
 564              $buddy_name = format_name($buddy['username'], $buddy['usergroup'], $buddy['displaygroup']);
 565              $profile_link = build_profile_link($buddy_name, $buddy['uid'], '_blank', 'if(window.opener) { window.opener.location = this.href; return false; }');
 566  
 567              $send_pm = '';
 568              if($mybb->user['receivepms'] != 0 && $buddy['receivepms'] != 0 && $groupscache[$buddy['usergroup']]['canusepms'] != 0)
 569              {
 570                  eval("\$send_pm = \"".$templates->get("misc_buddypopup_user_sendpm")."\";");
 571              }
 572  
 573              if($buddy['lastactive'])
 574              {
 575                  $last_active = $lang->sprintf($lang->last_active, my_date('relative', $buddy['lastactive']));
 576              }
 577              else
 578              {
 579                  $last_active = $lang->sprintf($lang->last_active, $lang->never);
 580              }
 581  
 582              $buddy['avatar'] = format_avatar($buddy['avatar'], $buddy['avatardimensions'], '44x44');
 583  
 584              if($buddy['lastactive'] > $timecut && ($buddy['invisible'] == 0 || $mybb->user['usergroup'] == 4) && $buddy['lastvisit'] != $buddy['lastactive'])
 585              {
 586                  $bonline_alt = alt_trow();
 587                  eval("\$buddys['online'] .= \"".$templates->get("misc_buddypopup_user_online")."\";");
 588              }
 589              else
 590              {
 591                  $boffline_alt = alt_trow();
 592                  eval("\$buddys['offline'] .= \"".$templates->get("misc_buddypopup_user_offline")."\";");
 593              }
 594          }
 595  
 596          $colspan = ' colspan="2"';
 597          if(empty($buddys['online']))
 598          {
 599              $error = $lang->online_none;
 600              eval("\$buddys['online'] = \"".$templates->get("misc_buddypopup_user_none")."\";");
 601          }
 602  
 603          if(empty($buddys['offline']))
 604          {
 605              $error = $lang->offline_none;
 606              eval("\$buddys['offline'] = \"".$templates->get("misc_buddypopup_user_none")."\";");
 607          }
 608  
 609          eval("\$buddies = \"".$templates->get("misc_buddypopup_user")."\";");
 610      }
 611      else
 612      {
 613          // No buddies? :(
 614          $colspan = '';
 615          $error = $lang->no_buddies;
 616          eval("\$buddies = \"".$templates->get("misc_buddypopup_user_none")."\";");
 617      }
 618  
 619      $plugins->run_hooks("misc_buddypopup_end");
 620  
 621      eval("\$buddylist = \"".$templates->get("misc_buddypopup", 1, 0)."\";");
 622      echo $buddylist;
 623      exit;
 624  }
 625  elseif($mybb->input['action'] == "whoposted")
 626  {
 627      $numposts = 0;
 628      $altbg = alt_trow();
 629      $whoposted = '';
 630      $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
 631      $thread = get_thread($tid);
 632      $modal = $mybb->get_input('modal', MyBB::INPUT_INT);
 633  
 634      // Make sure we are looking at a real thread here.
 635      if(!$thread)
 636      {
 637          error($lang->error_invalidthread);
 638      }
 639  
 640      // Make sure we are looking at a real thread here.
 641      if(($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted")) || ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || $thread['visible'] > 1)
 642      {
 643          error($lang->error_invalidthread);
 644      }
 645  
 646      if(is_moderator($thread['fid'], "canviewdeleted") || is_moderator($thread['fid'], "canviewunapprove"))
 647      {
 648          if(is_moderator($thread['fid'], "canviewunapprove") && !is_moderator($thread['fid'], "canviewdeleted"))
 649          {
 650              $show_posts = "p.visible IN (0,1)";
 651          }
 652          elseif(is_moderator($thread['fid'], "canviewdeleted") && !is_moderator($thread['fid'], "canviewunapprove"))
 653          {
 654              $show_posts = "p.visible IN (-1,1)";
 655          }
 656          else
 657          {
 658              $show_posts = "p.visible IN (-1,0,1)";
 659          }
 660      }
 661      else
 662      {
 663          $show_posts = "p.visible = 1";
 664      }
 665  
 666      // Does the thread belong to a valid forum?
 667      $forum = get_forum($thread['fid']);
 668      if(!$forum || $forum['type'] != "f")
 669      {
 670          error($lang->error_invalidforum);
 671      }
 672  
 673      // Does the user have permission to view this thread?
 674      $forumpermissions = forum_permissions($forum['fid']);
 675  
 676      if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
 677      {
 678          error_no_permission();
 679      }
 680  
 681      // Check if this forum is password protected and we have a valid password
 682      check_forum_password($forum['fid']);
 683  
 684      if($mybb->get_input('sort') != 'username')
 685      {
 686          $sortsql = ' ORDER BY posts DESC';
 687      }
 688      else
 689      {
 690          $sortsql = ' ORDER BY p.username ASC';
 691      }
 692      $whoposted = '';
 693      $query = $db->query("
 694          SELECT COUNT(p.pid) AS posts, p.username AS postusername, u.uid, u.username, u.usergroup, u.displaygroup
 695          FROM ".TABLE_PREFIX."posts p
 696          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
 697          WHERE tid='".$tid."' AND $show_posts
 698          GROUP BY u.uid, p.username, u.uid, u.username, u.usergroup, u.displaygroup
 699          ".$sortsql."
 700      ");
 701      while($poster = $db->fetch_array($query))
 702      {
 703          if($poster['username'] == '')
 704          {
 705              $poster['username'] = $poster['postusername'];
 706          }
 707          $poster['username'] = htmlspecialchars_uni($poster['username']);
 708          $poster['postusername'] = htmlspecialchars_uni($poster['postusername']);
 709          $poster_name = format_name($poster['username'], $poster['usergroup'], $poster['displaygroup']);
 710          if($modal)
 711          {
 712              $onclick = '';
 713              if($poster['uid'])
 714              {
 715                  $onclick = "opener.location.href='".get_profile_link($poster['uid'])."'; return false;";
 716              }
 717              $profile_link = build_profile_link($poster_name, $poster['uid'], '_blank', $onclick);
 718          }
 719          else
 720          {
 721              $profile_link = build_profile_link($poster_name, $poster['uid']);
 722          }
 723          $numposts += $poster['posts'];
 724          eval("\$whoposted .= \"".$templates->get("misc_whoposted_poster")."\";");
 725          $altbg = alt_trow();
 726      }
 727      $numposts = my_number_format($numposts);
 728      $poster['posts'] = my_number_format($poster['posts']);
 729      if($modal)
 730      {
 731          eval("\$whop = \"".$templates->get("misc_whoposted", 1, 0)."\";");
 732          echo $whop;
 733          exit;
 734      }
 735      else
 736      {
 737          require_once  MYBB_ROOT."inc/class_parser.php";
 738          $parser = new postParser;
 739  
 740          // Get thread prefix
 741          $breadcrumbprefix = '';
 742          $threadprefix = array('prefix' => '');
 743          if($thread['prefix'])
 744          {
 745              $threadprefix = build_prefixes($thread['prefix']);
 746              if(!empty($threadprefix['displaystyle']))
 747              {
 748                  $breadcrumbprefix = $threadprefix['displaystyle'].'&nbsp;';
 749              }
 750          }
 751  
 752          $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
 753  
 754          // Build the navigation.
 755          build_forum_breadcrumb($forum['fid']);
 756          add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid']));
 757          add_breadcrumb($lang->who_posted);
 758  
 759          eval("\$whoposted = \"".$templates->get("misc_whoposted_page")."\";");
 760          output_page($whoposted);
 761      }
 762  }
 763  elseif($mybb->input['action'] == "smilies")
 764  {
 765      $smilies = '';
 766      if(!empty($mybb->input['popup']) && !empty($mybb->input['editor']))
 767      { // make small popup list of smilies
 768          $editor = preg_replace('#([^a-zA-Z0-9_-]+)#', '', $mybb->get_input('editor'));
 769          $e = 1;
 770          $smile_icons = '';
 771          $class = alt_trow(1);
 772          $smilies_cache = $cache->read("smilies");
 773  
 774          if(is_array($smilies_cache))
 775          {
 776              $extra_class = ' smilie_pointer';
 777              foreach($smilies_cache as $smilie)
 778              {
 779                  $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']);
 780                  $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image']));
 781                  $smilie['name'] = htmlspecialchars_uni($smilie['name']);
 782  
 783                  // Only show the first text to replace in the box
 784                  $temp = explode("\n", $smilie['find']); // use temporary variable for php 5.3 compatibility
 785                  $smilie['find'] = $temp[0];
 786  
 787                  $smilie['find'] = htmlspecialchars_uni($smilie['find']);
 788                  $smilie_insert = str_replace(array('\\', "'"), array('\\\\', "\'"), $smilie['find']);
 789  
 790                  $onclick = " onclick=\"MyBBEditor.insertText(' $smilie_insert ');\"";
 791                  eval('$smilie_image = "'.$templates->get('smilie', 1, 0).'";');
 792                  eval("\$smile_icons .= \"".$templates->get("misc_smilies_popup_smilie")."\";");
 793                  if($e == 2)
 794                  {
 795                      eval("\$smilies .= \"".$templates->get("misc_smilies_popup_row")."\";");
 796                      $smile_icons = '';
 797                      $e = 1;
 798                      $class = alt_trow();
 799                  }
 800                  else
 801                  {
 802                      $e = 2;
 803                  }
 804              }
 805          }
 806  
 807          if($e == 2)
 808          {
 809              eval("\$smilies .= \"".$templates->get("misc_smilies_popup_empty")."\";");
 810          }
 811  
 812          if(!$smilies)
 813          {
 814              eval("\$smilies = \"".$templates->get("misc_smilies_popup_no_smilies")."\";");
 815          }
 816  
 817          eval("\$smiliespage = \"".$templates->get("misc_smilies_popup", 1, 0)."\";");
 818          output_page($smiliespage);
 819      }
 820      else
 821      {
 822          add_breadcrumb($lang->nav_smilies);
 823          $class = "trow1";
 824          $smilies_cache = $cache->read("smilies");
 825  
 826          if(is_array($smilies_cache))
 827          {
 828              $extra_class = $onclick = '';
 829              foreach($smilies_cache as $smilie)
 830              {
 831                  $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']);
 832                  $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image']));
 833                  $smilie['name'] = htmlspecialchars_uni($smilie['name']);
 834  
 835                  $smilie['find'] = nl2br(htmlspecialchars_uni($smilie['find']));
 836                  eval('$smilie_image = "'.$templates->get('smilie').'";');
 837                  eval("\$smilies .= \"".$templates->get("misc_smilies_smilie")."\";");
 838                  $class = alt_trow();
 839              }
 840          }
 841  
 842          if(!$smilies)
 843          {
 844              eval("\$smilies = \"".$templates->get("misc_smilies_no_smilies")."\";");
 845          }
 846  
 847          eval("\$smiliespage = \"".$templates->get("misc_smilies")."\";");
 848          output_page($smiliespage);
 849      }
 850  }
 851  elseif($mybb->input['action'] == "imcenter")
 852  {
 853      $mybb->input['imtype'] = $mybb->get_input('imtype');
 854      if($mybb->input['imtype'] != "skype" && $mybb->input['imtype'] != "yahoo")
 855      {
 856          $message = $lang->error_invalidimtype;
 857          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 858          echo $error;
 859          exit;
 860      }
 861  
 862      $uid = $mybb->get_input('uid', MyBB::INPUT_INT);
 863      $user = get_user($uid);
 864  
 865      if(!$user)
 866      {
 867          $message = $lang->error_invaliduser;
 868          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 869          echo $error;
 870          exit;
 871      }
 872  
 873      if(empty($user[$mybb->input['imtype']]))
 874      {
 875          $message = $lang->error_invalidimtype;
 876          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 877          echo $error;
 878          exit;
 879      }
 880  
 881      $settingkey = 'allow'.$mybb->input['imtype'].'field';
 882      if(!is_member($mybb->settings[$settingkey], $user))
 883      {
 884          $message = $lang->error_nopermission_user_ajax;
 885          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 886          echo $error;
 887          exit;
 888      }
 889  
 890      // Build IM navigation bar
 891      $navigationbar = $navsep = $imtype = $imtype_lang = '';
 892      if(!empty($user['skype']) && is_member($mybb->settings['allowskypefield'], array('usergroup' => $user['usergroup'], 'additionalgroups' => $user['additionalgroups'])))
 893      {
 894          $imtype = "skype";
 895          $imtype_lang = $lang->skype;
 896          eval("\$navigationbar .= \"".$templates->get("misc_imcenter_nav")."\";");
 897          $navsep = ' - ';
 898      }
 899      if(!empty($user['yahoo']) && is_member($mybb->settings['allowyahoofield'], array('usergroup' => $user['usergroup'], 'additionalgroups' => $user['additionalgroups'])))
 900      {
 901          $imtype = "yahoo";
 902          $imtype_lang = $lang->yahoo_im;
 903          eval("\$navigationbar .= \"".$templates->get("misc_imcenter_nav")."\";");
 904      }
 905  
 906      $user['skype'] = htmlspecialchars_uni($user['skype']);
 907      $user['yahoo'] = htmlspecialchars_uni($user['yahoo']);
 908  
 909      $user['username'] = htmlspecialchars_uni($user['username']);
 910  
 911      $lang->chat_on_skype = $lang->sprintf($lang->chat_on_skype, $user['username']);
 912      $lang->call_on_skype = $lang->sprintf($lang->call_on_skype, $user['username']);
 913  
 914      $imtemplate = "misc_imcenter_".$mybb->input['imtype'];
 915      eval("\$imcenter = \"".$templates->get($imtemplate, 1, 0)."\";");
 916      echo $imcenter;
 917      exit;
 918  }
 919  elseif($mybb->input['action'] == "syndication")
 920  {
 921      $plugins->run_hooks("misc_syndication_start");
 922  
 923      $fid = $mybb->get_input('fid', MyBB::INPUT_INT);
 924      $version = $mybb->get_input('version');
 925      $new_limit = $mybb->get_input('limit', MyBB::INPUT_INT);
 926      $forums = $mybb->get_input('forums', MyBB::INPUT_ARRAY);
 927      $limit = 15;
 928      if(!empty($new_limit) && $new_limit != $limit)
 929      {
 930          $limit = $new_limit;
 931      }
 932      $feedurl = '';
 933      $add = false;
 934  
 935      add_breadcrumb($lang->nav_syndication);
 936      $unviewable = get_unviewable_forums();
 937      $inactiveforums = get_inactive_forums();
 938      $unexp1 = explode(',', $unviewable);
 939      $unexp2 = explode(',', $inactiveforums);
 940      $unexp = array_merge($unexp1, $unexp2);
 941  
 942      if(is_array($forums))
 943      {
 944          foreach($unexp as $fid)
 945          {
 946              $unview[$fid] = true;
 947          }
 948  
 949          $syndicate = '';
 950          $comma = '';
 951          $all = false;
 952          foreach($forums as $fid)
 953          {
 954              if($fid == "all")
 955              {
 956                  $all = true;
 957                  break;
 958              }
 959              elseif(ctype_digit($fid))
 960              {
 961                  if(!isset($unview[$fid]))
 962                  {
 963                      $syndicate .= $comma.$fid;
 964                      $comma = ",";
 965                      $flist[$fid] = true;
 966                  }
 967              }
 968          }
 969          $url = $mybb->settings['bburl']."/syndication.php";
 970          if(!$all)
 971          {
 972              $url .= "?fid=$syndicate";
 973              $add = true;
 974          }
 975  
 976          // If the version is not RSS2.0, set the type to Atom1.0.
 977          if($version != "rss2.0")
 978          {
 979              if(!$add)
 980              {
 981                  $url .= "?";
 982              }
 983              else
 984              {
 985                  $url .= "&";
 986              }
 987              $url .= "type=atom1.0";
 988              $add = true;
 989          }
 990          if((int)$limit > 0)
 991          {
 992              if($limit > 50)
 993              {
 994                  $limit = 50;
 995              }
 996              if(!$add)
 997              {
 998                  $url .= "?";
 999              }
1000              else
1001              {
1002                  $url .= "&";
1003              }
1004              if(is_numeric($limit))
1005              {
1006                  $url .= "limit=$limit";
1007              }
1008          }
1009          eval("\$feedurl = \"".$templates->get("misc_syndication_feedurl")."\";");
1010      }
1011      unset($GLOBALS['forumcache']);
1012  
1013      // If there is no version in the input, check the default (RSS2.0).
1014      if($version == "atom1.0")
1015      {
1016          $atom1check = "checked=\"checked\"";
1017          $rss2check = '';
1018      }
1019      else
1020      {
1021          $atom1check = '';
1022          $rss2check = "checked=\"checked\"";
1023      }
1024      $forumselect = makesyndicateforums();
1025  
1026      $plugins->run_hooks("misc_syndication_end");
1027  
1028      eval("\$syndication = \"".$templates->get("misc_syndication")."\";");
1029      output_page($syndication);
1030  }
1031  elseif($mybb->input['action'] == "clearcookies")
1032  {
1033      verify_post_check($mybb->get_input('my_post_key'));
1034  
1035      $plugins->run_hooks("misc_clearcookies");
1036  
1037      $remove_cookies = array('mybbuser', 'mybb[announcements]', 'mybb[lastvisit]', 'mybb[lastactive]', 'collapsed', 'mybb[forumread]', 'mybb[threadsread]', 'mybbadmin',
1038                              'mybblang', 'mybbtheme', 'multiquote', 'mybb[readallforums]', 'coppauser', 'coppadob', 'mybb[referrer]');
1039  
1040      foreach($remove_cookies as $name)
1041      {
1042          my_unsetcookie($name);
1043      }
1044      redirect("index.php", $lang->redirect_cookiescleared);
1045  }
1046  
1047  /**
1048   * Build a list of forums for RSS multiselect.
1049   *
1050   * @param int $pid Parent forum ID.
1051   * @param string $selitem deprecated
1052   * @param boolean $addselect Whether to add selected attribute or not.
1053   * @param string $depth HTML for the depth of the forum.
1054   * @return string HTML of the list of forums for CSS.
1055   */
1056  function makesyndicateforums($pid=0, $selitem="", $addselect=true, $depth="")
1057  {
1058      global $db, $forumcache, $permissioncache, $mybb, $forumlist, $forumlistbits, $flist, $lang, $unexp, $templates;
1059  
1060      $pid = (int)$pid;
1061      $forumlist = '';
1062  
1063      if(!is_array($forumcache))
1064      {
1065          // Get Forums
1066          $query = $db->simple_select("forums", "*", "linkto = '' AND active!=0", array('order_by' => 'pid, disporder'));
1067          while($forum = $db->fetch_array($query))
1068          {
1069              $forumcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum;
1070          }
1071      }
1072  
1073      if(!is_array($permissioncache))
1074      {
1075          $permissioncache = forum_permissions();
1076      }
1077  
1078      if(is_array($forumcache[$pid]))
1079      {
1080          foreach($forumcache[$pid] as $key => $main)
1081          {
1082              foreach($main as $key => $forum)
1083              {
1084                  $perms = $permissioncache[$forum['fid']];
1085                  if($perms['canview'] == 1 || $mybb->settings['hideprivateforums'] == 0)
1086                  {
1087                      $optionselected = '';
1088                      if(isset($flist[$forum['fid']]))
1089                      {
1090                          $optionselected = 'selected="selected"';
1091                          $selecteddone = "1";
1092                      }
1093  
1094                      if($forum['password'] == '' && !in_array($forum['fid'], $unexp) || $forum['password'] && isset($mybb->cookies['forumpass'][$forum['fid']]) && my_hash_equals($mybb->cookies['forumpass'][$forum['fid']], md5($mybb->user['uid'].$forum['password'])))
1095                      {
1096                          eval("\$forumlistbits .= \"".$templates->get("misc_syndication_forumlist_forum")."\";");
1097                      }
1098  
1099                      if(!empty($forumcache[$forum['fid']]))
1100                      {
1101                          $newdepth = $depth."&nbsp;&nbsp;&nbsp;&nbsp;";
1102                          $forumlistbits .= makesyndicateforums($forum['fid'], '', 0, $newdepth);
1103                      }
1104                  }
1105              }
1106          }
1107      }
1108  
1109      if($addselect)
1110      {
1111          $addsel = '';
1112          if(empty($selecteddone))
1113          {
1114              $addsel = ' selected="selected"';
1115          }
1116  
1117          eval("\$forumlist = \"".$templates->get("misc_syndication_forumlist")."\";");
1118      }
1119  
1120      return $forumlist;
1121  }


2005 - 2018 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1