[ Index ]

PHP Cross Reference of MyBB 1.8.17

title

Body

[close]

/ -> misc.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define("IGNORE_CLEAN_VARS", "sid");
  13  define('THIS_SCRIPT', 'misc.php');
  14  
  15  $templatelist = "misc_rules_forum,misc_help_helpdoc,misc_whoposted_poster,misc_whoposted,misc_smilies_popup_smilie,misc_smilies_popup,misc_smilies_popup_empty,misc_smilies_popup_row,multipage_start";
  16  $templatelist .= ",misc_buddypopup,misc_buddypopup_user,misc_buddypopup_user_none,misc_buddypopup_user_online,misc_buddypopup_user_offline,misc_buddypopup_user_sendpm,misc_syndication_forumlist";
  17  $templatelist .= ",misc_smilies,misc_smilies_smilie,misc_help_section_bit,misc_help_section,misc_help,forumdisplay_password_wrongpass,forumdisplay_password,misc_helpresults,misc_helpresults_bit";
  18  $templatelist .= ",multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,misc_imcenter_error";
  19  $templatelist .= ",misc_smilies_popup_no_smilies,misc_smilies_no_smilies,misc_syndication,misc_help_search,misc_helpresults_noresults,misc_syndication_forumlist_forum,misc_syndication_feedurl,misc_whoposted_page";
  20  
  21  require_once  "./global.php";
  22  require_once  MYBB_ROOT."inc/functions_post.php";
  23  
  24  // Load global language phrases
  25  $lang->load("misc");
  26  
  27  $plugins->run_hooks("misc_start");
  28  
  29  $mybb->input['action'] = $mybb->get_input('action');
  30  if($mybb->input['action'] == "dstswitch" && $mybb->request_method == "post" && $mybb->user['uid'] > 0)
  31  {
  32      if($mybb->user['dstcorrection'] == 2)
  33      {
  34          if($mybb->user['dst'] == 1)
  35          {
  36              $update_array = array("dst" => 0);
  37          }
  38          else
  39          {
  40              $update_array = array("dst" => 1);
  41          }
  42      }
  43      $db->update_query("users", $update_array, "uid='{$mybb->user['uid']}'");
  44      if(!isset($mybb->input['ajax']))
  45      {
  46          redirect("index.php", $lang->dst_settings_updated);
  47      }
  48      else
  49      {
  50          echo "done";
  51          exit;
  52      }
  53  }
  54  elseif($mybb->input['action'] == "markread")
  55  {
  56      if($mybb->user['uid'] && verify_post_check($mybb->get_input('my_post_key'), true) !== true)
  57      {
  58          // Protect our user's unread forums from CSRF
  59          error($lang->invalid_post_code);
  60      }
  61  
  62      if(isset($mybb->input['fid']))
  63      {
  64          $validforum = get_forum($mybb->input['fid']);
  65          if(!$validforum)
  66          {
  67              if(!isset($mybb->input['ajax']))
  68              {
  69                  error($lang->error_invalidforum);
  70              }
  71              else
  72              {
  73                  echo 0;
  74                  exit;
  75              }
  76          }
  77  
  78          require_once  MYBB_ROOT."/inc/functions_indicators.php";
  79          mark_forum_read($mybb->input['fid']);
  80  
  81          $plugins->run_hooks("misc_markread_forum");
  82  
  83          if(!isset($mybb->input['ajax']))
  84          {
  85              redirect(get_forum_link($mybb->input['fid']), $lang->redirect_markforumread);
  86          }
  87          else
  88          {
  89              echo 1;
  90              exit;
  91          }
  92      }
  93      else
  94      {
  95  
  96          $plugins->run_hooks("misc_markread_end");
  97          require_once  MYBB_ROOT."/inc/functions_indicators.php";
  98          mark_all_forums_read();
  99          redirect("index.php", $lang->redirect_markforumsread);
 100      }
 101  }
 102  elseif($mybb->input['action'] == "clearpass")
 103  {
 104      $plugins->run_hooks("misc_clearpass");
 105  
 106      if(isset($mybb->input['fid']))
 107      {
 108          if(!verify_post_check($mybb->get_input('my_post_key')))
 109          {
 110              error($lang->invalid_post_code);
 111          }
 112  
 113          my_unsetcookie("forumpass[".$mybb->get_input('fid', MyBB::INPUT_INT)."]");
 114          redirect("index.php", $lang->redirect_forumpasscleared);
 115      }
 116  }
 117  elseif($mybb->input['action'] == "rules")
 118  {
 119      if(isset($mybb->input['fid']))
 120      {
 121          $plugins->run_hooks("misc_rules_start");
 122  
 123          $fid = $mybb->input['fid'];
 124  
 125          $forum = get_forum($fid);
 126          if(!$forum || $forum['type'] != "f" || $forum['rules'] == '')
 127          {
 128              error($lang->error_invalidforum);
 129          }
 130  
 131          $forumpermissions = forum_permissions($forum['fid']);
 132          if($forumpermissions['canview'] != 1)
 133          {
 134              error_no_permission();
 135          }
 136  
 137          if(!$forum['rulestitle'])
 138          {
 139              $forum['rulestitle'] = $lang->sprintf($lang->forum_rules, $forum['name']);
 140          }
 141  
 142          require_once  MYBB_ROOT."inc/class_parser.php";
 143          $parser = new postParser();
 144          $parser_options = array(
 145              "allow_html" => 1,
 146              "allow_mycode" => 1,
 147              "allow_smilies" => 1,
 148              "allow_imgcode" => 1,
 149              "filter_badwords" => 1
 150          );
 151  
 152          $forum['rules'] = $parser->parse_message($forum['rules'], $parser_options);
 153  
 154          // Make navigation
 155          build_forum_breadcrumb($mybb->input['fid']);
 156          add_breadcrumb($forum['rulestitle']);
 157  
 158          $plugins->run_hooks("misc_rules_end");
 159  
 160          eval("\$rules = \"".$templates->get("misc_rules_forum")."\";");
 161          output_page($rules);
 162      }
 163  
 164  }
 165  elseif($mybb->input['action'] == "do_helpsearch" && $mybb->request_method == "post")
 166  {
 167      $plugins->run_hooks("misc_do_helpsearch_start");
 168  
 169      if($mybb->settings['helpsearch'] != 1)
 170      {
 171          error($lang->error_helpsearchdisabled);
 172      }
 173  
 174      // Check if search flood checking is enabled and user is not admin
 175      if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1)
 176      {
 177          // Fetch the time this user last searched
 178          $timecut = TIME_NOW-$mybb->settings['searchfloodtime'];
 179          $query = $db->simple_select("searchlog", "*", "uid='{$mybb->user['uid']}' AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC"));
 180          $last_search = $db->fetch_array($query);
 181          // Users last search was within the flood time, show the error
 182          if($last_search['sid'])
 183          {
 184              $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']);
 185              if($remaining_time == 1)
 186              {
 187                  $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']);
 188              }
 189              else
 190              {
 191                  $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time);
 192              }
 193              error($lang->error_searchflooding);
 194          }
 195      }
 196  
 197      if($mybb->get_input('name', MyBB::INPUT_INT) != 1 && $mybb->get_input('document', MyBB::INPUT_INT) != 1)
 198      {
 199          error($lang->error_nosearchresults);
 200      }
 201  
 202      if($mybb->get_input('document', MyBB::INPUT_INT) == 1)
 203      {
 204          $resulttype = "helpdoc";
 205      }
 206      else
 207      {
 208          $resulttype = "helpname";
 209      }
 210  
 211      $search_data = array(
 212          "keywords" => $mybb->get_input('keywords'),
 213          "name" => $mybb->get_input('name', MyBB::INPUT_INT),
 214          "document" => $mybb->get_input('document', MyBB::INPUT_INT),
 215      );
 216  
 217      if($db->can_search == true)
 218      {
 219          require_once  MYBB_ROOT."inc/functions_search.php";
 220  
 221          $search_results = helpdocument_perform_search_mysql($search_data);
 222      }
 223      else
 224      {
 225          error($lang->error_no_search_support);
 226      }
 227      $sid = md5(uniqid(microtime(), true));
 228      $searcharray = array(
 229          "sid" => $db->escape_string($sid),
 230          "uid" => $mybb->user['uid'],
 231          "dateline" => TIME_NOW,
 232          "ipaddress" => $db->escape_binary($session->packedip),
 233          "threads" => '',
 234          "posts" => '',
 235          "resulttype" => $resulttype,
 236          "querycache" => $search_results['querycache'],
 237          "keywords" => $db->escape_string($mybb->get_input('keywords')),
 238      );
 239      $plugins->run_hooks("misc_do_helpsearch_process");
 240  
 241      $db->insert_query("searchlog", $searcharray);
 242  
 243      $plugins->run_hooks("misc_do_helpsearch_end");
 244      redirect("misc.php?action=helpresults&sid={$sid}", $lang->redirect_searchresults);
 245  }
 246  elseif($mybb->input['action'] == "helpresults")
 247  {
 248      if($mybb->settings['helpsearch'] != 1)
 249      {
 250          error($lang->error_helpsearchdisabled);
 251      }
 252  
 253      $sid = $mybb->get_input('sid');
 254      $query = $db->simple_select("searchlog", "*", "sid='".$db->escape_string($sid)."' AND uid='{$mybb->user['uid']}'");
 255      $search = $db->fetch_array($query);
 256  
 257      if(!$search)
 258      {
 259          error($lang->error_invalidsearch);
 260      }
 261  
 262      $plugins->run_hooks("misc_helpresults_start");
 263  
 264      add_breadcrumb($lang->nav_helpdocs, "misc.php?action=help");
 265      add_breadcrumb($lang->search_results, "misc.php?action=helpresults&sid={$sid}");
 266  
 267      if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
 268      {
 269          $mybb->settings['threadsperpage'] = 20;
 270      }
 271  
 272      // Work out pagination, which page we're at, as well as the limits.
 273      $perpage = $mybb->settings['threadsperpage'];
 274      $page = $mybb->get_input('page', MyBB::INPUT_INT);
 275      if($page > 0)
 276      {
 277          $start = ($page-1) * $perpage;
 278      }
 279      else
 280      {
 281          $start = 0;
 282          $page = 1;
 283      }
 284      $end = $start + $perpage;
 285      $lower = $start+1;
 286      $upper = $end;
 287  
 288      // Work out if we have terms to highlight
 289      $highlight = "";
 290      if($search['keywords'])
 291      {
 292          $highlight = "&amp;highlight=".urlencode($search['keywords']);
 293      }
 294  
 295      // Do Multi Pages
 296      $query = $db->simple_select("helpdocs", "COUNT(*) AS total", "hid IN(".$db->escape_string($search['querycache']).")");
 297      $helpcount = $db->fetch_array($query);
 298  
 299      if($upper > $helpcount)
 300      {
 301          $upper = $helpcount;
 302      }
 303      $multipage = multipage($helpcount['total'], $perpage, $page, "misc.php?action=helpresults&amp;sid='".htmlspecialchars_uni($mybb->get_input('sid'))."'");
 304      $helpdoclist = '';
 305  
 306      require_once  MYBB_ROOT."inc/class_parser.php";
 307      $parser = new postParser();
 308  
 309      $query = $db->query("
 310          SELECT h.*, s.enabled
 311          FROM ".TABLE_PREFIX."helpdocs h
 312          LEFT JOIN ".TABLE_PREFIX."helpsections s ON (s.sid=h.sid)
 313          WHERE h.hid IN(".$db->escape_string($search['querycache']).") AND h.enabled='1' AND s.enabled='1'
 314          LIMIT {$start}, {$perpage}
 315      ");
 316      while($helpdoc = $db->fetch_array($query))
 317      {
 318          $bgcolor = alt_trow();
 319  
 320          if(my_strlen($helpdoc['name']) > 50)
 321          {
 322              $helpdoc['name'] = htmlspecialchars_uni(my_substr($helpdoc['name'], 0, 50)."...");
 323          }
 324          else
 325          {
 326              $helpdoc['name'] = htmlspecialchars_uni($helpdoc['name']);
 327          }
 328  
 329          $parser_options = array(
 330              'allow_html' => 1,
 331              'allow_mycode' => 0,
 332              'allow_smilies' => 0,
 333              'allow_imgcode' => 0,
 334              'filter_badwords' => 1
 335          );
 336          $helpdoc['helpdoc'] = $parser->parse_message($helpdoc['document'], $parser_options);
 337  
 338          if(my_strlen($helpdoc['helpdoc']) > 350)
 339          {
 340              $prev = my_substr($helpdoc['helpdoc'], 0, 350)."...";
 341          }
 342          else
 343          {
 344              $prev = $helpdoc['helpdoc'];
 345          }
 346  
 347          $plugins->run_hooks("misc_helpresults_bit");
 348  
 349          eval("\$helpdoclist .= \"".$templates->get("misc_helpresults_bit")."\";");
 350      }
 351  
 352      if($db->num_rows($query) == 0)
 353      {
 354          eval("\$helpdoclist = \"".$templates->get("misc_helpresults_noresults")."\";");
 355      }
 356  
 357      $plugins->run_hooks("misc_helpresults_end");
 358  
 359      eval("\$helpresults = \"".$templates->get("misc_helpresults")."\";");
 360      output_page($helpresults);
 361  }
 362  elseif($mybb->input['action'] == "help")
 363  {
 364      $lang->load("helpdocs");
 365      $lang->load("helpsections");
 366      $lang->load("customhelpdocs");
 367      $lang->load("customhelpsections");
 368  
 369      $hid = $mybb->get_input('hid', MyBB::INPUT_INT);
 370      add_breadcrumb($lang->nav_helpdocs, "misc.php?action=help");
 371  
 372      if($hid)
 373      {
 374          $query = $db->query("
 375              SELECT h.*, s.enabled AS section
 376              FROM ".TABLE_PREFIX."helpdocs h
 377              LEFT JOIN ".TABLE_PREFIX."helpsections s ON (s.sid=h.sid)
 378              WHERE h.hid='{$hid}'
 379          ");
 380  
 381          $helpdoc = $db->fetch_array($query);
 382          if($helpdoc['section'] != 0 && $helpdoc['enabled'] != 0)
 383          {
 384              $plugins->run_hooks("misc_help_helpdoc_start");
 385  
 386              // If we have incoming search terms to highlight - get it done (only if not using translation).
 387              if(!empty($mybb->input['highlight']) && $helpdoc['usetranslation'] != 1)
 388              {
 389                  require_once  MYBB_ROOT."inc/class_parser.php";
 390                  $parser = new postParser();
 391  
 392                  $highlight = $mybb->input['highlight'];
 393                  $helpdoc['name'] = $parser->highlight_message($helpdoc['name'], $highlight);
 394                  $helpdoc['document'] = $parser->highlight_message($helpdoc['document'], $highlight);
 395              }
 396  
 397              if($helpdoc['usetranslation'] == 1)
 398              {
 399                  $langnamevar = "d".$helpdoc['hid']."_name";
 400                  $langdescvar = "d".$helpdoc['hid']."_desc";
 401                  $langdocvar = "d".$helpdoc['hid']."_document";
 402                  if($lang->$langnamevar)
 403                  {
 404                      $helpdoc['name'] = $lang->$langnamevar;
 405                  }
 406                  if($lang->$langdescvar)
 407                  {
 408                      $helpdoc['description'] = $lang->$langdescvar;
 409                  }
 410                  if($lang->$langdocvar)
 411                  {
 412                      $helpdoc['document'] = $lang->$langdocvar;
 413                  }
 414              }
 415  
 416              if($helpdoc['hid'] == 3)
 417              {
 418                  $helpdoc['document'] = $lang->sprintf($helpdoc['document'], $mybb->post_code);
 419              }
 420  
 421              add_breadcrumb($helpdoc['name']);
 422  
 423              $plugins->run_hooks("misc_help_helpdoc_end");
 424  
 425              eval("\$helppage = \"".$templates->get("misc_help_helpdoc")."\";");
 426              output_page($helppage);
 427          }
 428          else
 429          {
 430              error($lang->error_invalidhelpdoc);
 431          }
 432      }
 433      else
 434      {
 435          $plugins->run_hooks("misc_help_section_start");
 436  
 437          $query = $db->simple_select("helpdocs", "*", "", array('order_by' => 'sid, disporder'));
 438          while($helpdoc = $db->fetch_array($query))
 439          {
 440              $helpdocs[$helpdoc['sid']][$helpdoc['disporder']][$helpdoc['hid']] = $helpdoc;
 441          }
 442          unset($helpdoc);
 443          $sections = '';
 444          $query = $db->simple_select("helpsections", "*", "enabled != 0", array('order_by' => 'disporder'));
 445          while($section = $db->fetch_array($query))
 446          {
 447              if($section['usetranslation'] == 1)
 448              {
 449                  $langnamevar = "s".$section['sid']."_name";
 450                  $langdescvar = "s".$section['sid']."_desc";
 451                  if($lang->$langnamevar)
 452                  {
 453                      $section['name'] = $lang->$langnamevar;
 454                  }
 455                  if($lang->$langdescvar)
 456                  {
 457                      $section['description'] = $lang->$langdescvar;
 458                  }
 459              }
 460              if(is_array($helpdocs[$section['sid']]))
 461              {
 462                  $helpbits = '';
 463                  foreach($helpdocs[$section['sid']] as $key => $bit)
 464                  {
 465                      foreach($bit as $key => $helpdoc)
 466                      {
 467                          if($helpdoc['enabled'] != 0)
 468                          {
 469                              if($helpdoc['usetranslation'] == 1)
 470                              {
 471                                  $langnamevar = "d".$helpdoc['hid'].'_name';
 472                                  $langdescvar = "d".$helpdoc['hid'].'_desc';
 473                                  if($lang->$langnamevar)
 474                                  {
 475                                      $helpdoc['name'] = $lang->$langnamevar;
 476                                  }
 477                                  if($lang->$langdescvar)
 478                                  {
 479                                      $helpdoc['description'] = $lang->$langdescvar;
 480                                  }
 481                              }
 482                              $altbg = alt_trow();
 483                              eval("\$helpbits .= \"".$templates->get("misc_help_section_bit")."\";");
 484                          }
 485                      }
 486                      $expdisplay = '';
 487                      $sname = "sid_".$section['sid']."_c";
 488                      if(isset($collapsed[$sname]) && $collapsed[$sname] == "display: show;")
 489                      {
 490                          $expcolimage = "collapse_collapsed.png";
 491                          $expdisplay = "display: none;";
 492                          $expthead = " thead_collapsed";
 493                          $expaltext = "[+]";
 494                      }
 495                      else
 496                      {
 497                          $expcolimage = "collapse.png";
 498                          $expthead = "";
 499                          $expaltext = "[-]";
 500                      }
 501                  }
 502                  eval("\$sections .= \"".$templates->get("misc_help_section")."\";");
 503              }
 504          }
 505  
 506          if($mybb->settings['helpsearch'] == 1)
 507          {
 508              eval("\$search = \"".$templates->get("misc_help_search")."\";");
 509          }
 510  
 511          $plugins->run_hooks("misc_help_section_end");
 512  
 513          eval("\$help = \"".$templates->get("misc_help")."\";");
 514          output_page($help);
 515      }
 516  }
 517  elseif($mybb->input['action'] == "buddypopup")
 518  {
 519      $plugins->run_hooks("misc_buddypopup_start");
 520  
 521      if($mybb->user['uid'] == 0)
 522      {
 523          error_no_permission();
 524      }
 525  
 526      if(isset($mybb->input['removebuddy']) && verify_post_check($mybb->input['my_post_key']))
 527      {
 528          $buddies = $mybb->user['buddylist'];
 529          $namesarray = explode(",", $buddies);
 530          $mybb->input['removebuddy'] = $mybb->get_input('removebuddy', MyBB::INPUT_INT);
 531          if(is_array($namesarray))
 532          {
 533              foreach($namesarray as $key => $buddyid)
 534              {
 535                  if($buddyid == $mybb->input['removebuddy'])
 536                  {
 537                      unset($namesarray[$key]);
 538                  }
 539              }
 540              $buddylist = implode(',', $namesarray);
 541              $db->update_query("users", array('buddylist' => $buddylist), "uid='".$mybb->user['uid']."'");
 542              $mybb->user['buddylist'] = $buddylist;
 543          }
 544      }
 545  
 546      // Load Buddies
 547      $buddies = '';
 548      if($mybb->user['buddylist'] != "")
 549      {
 550          $buddys = array('online' => '', 'offline' => '');
 551          $timecut = TIME_NOW - $mybb->settings['wolcutoff'];
 552  
 553          $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array('order_by' => 'lastactive'));
 554  
 555          while($buddy = $db->fetch_array($query))
 556          {
 557              $buddy['username'] = htmlspecialchars_uni($buddy['username']);
 558              $buddy_name = format_name($buddy['username'], $buddy['usergroup'], $buddy['displaygroup']);
 559              $profile_link = build_profile_link($buddy_name, $buddy['uid'], '_blank', 'if(window.opener) { window.opener.location = this.href; return false; }');
 560  
 561              $send_pm = '';
 562              if($mybb->user['receivepms'] != 0 && $buddy['receivepms'] != 0 && $groupscache[$buddy['usergroup']]['canusepms'] != 0)
 563              {
 564                  eval("\$send_pm = \"".$templates->get("misc_buddypopup_user_sendpm")."\";");
 565              }
 566  
 567              if($buddy['lastactive'])
 568              {
 569                  $last_active = $lang->sprintf($lang->last_active, my_date('relative', $buddy['lastactive']));
 570              }
 571              else
 572              {
 573                  $last_active = $lang->sprintf($lang->last_active, $lang->never);
 574              }
 575  
 576              $buddy['avatar'] = format_avatar($buddy['avatar'], $buddy['avatardimensions'], '44x44');
 577  
 578              if($buddy['lastactive'] > $timecut && ($buddy['invisible'] == 0 || $mybb->user['usergroup'] == 4) && $buddy['lastvisit'] != $buddy['lastactive'])
 579              {
 580                  $bonline_alt = alt_trow();
 581                  eval("\$buddys['online'] .= \"".$templates->get("misc_buddypopup_user_online")."\";");
 582              }
 583              else
 584              {
 585                  $boffline_alt = alt_trow();
 586                  eval("\$buddys['offline'] .= \"".$templates->get("misc_buddypopup_user_offline")."\";");
 587              }
 588          }
 589  
 590          $colspan = ' colspan="2"';
 591          if(empty($buddys['online']))
 592          {
 593              $error = $lang->online_none;
 594              eval("\$buddys['online'] = \"".$templates->get("misc_buddypopup_user_none")."\";");
 595          }
 596  
 597          if(empty($buddys['offline']))
 598          {
 599              $error = $lang->offline_none;
 600              eval("\$buddys['offline'] = \"".$templates->get("misc_buddypopup_user_none")."\";");
 601          }
 602  
 603          eval("\$buddies = \"".$templates->get("misc_buddypopup_user")."\";");
 604      }
 605      else
 606      {
 607          // No buddies? :(
 608          $colspan = '';
 609          $error = $lang->no_buddies;
 610          eval("\$buddies = \"".$templates->get("misc_buddypopup_user_none")."\";");
 611      }
 612  
 613      $plugins->run_hooks("misc_buddypopup_end");
 614  
 615      eval("\$buddylist = \"".$templates->get("misc_buddypopup", 1, 0)."\";");
 616      echo $buddylist;
 617      exit;
 618  }
 619  elseif($mybb->input['action'] == "whoposted")
 620  {
 621      $numposts = 0;
 622      $altbg = alt_trow();
 623      $whoposted = '';
 624      $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
 625      $thread = get_thread($tid);
 626      $modal = $mybb->get_input('modal', MyBB::INPUT_INT);
 627  
 628      // Make sure we are looking at a real thread here.
 629      if(!$thread)
 630      {
 631          error($lang->error_invalidthread);
 632      }
 633  
 634      // Make sure we are looking at a real thread here.
 635      if(($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted")) || ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || $thread['visible'] > 1)
 636      {
 637          error($lang->error_invalidthread);
 638      }
 639  
 640      if(is_moderator($thread['fid'], "canviewdeleted") || is_moderator($thread['fid'], "canviewunapprove"))
 641      {
 642          if(is_moderator($thread['fid'], "canviewunapprove") && !is_moderator($thread['fid'], "canviewdeleted"))
 643          {
 644              $show_posts = "p.visible IN (0,1)";
 645          }
 646          elseif(is_moderator($thread['fid'], "canviewdeleted") && !is_moderator($thread['fid'], "canviewunapprove"))
 647          {
 648              $show_posts = "p.visible IN (-1,1)";
 649          }
 650          else
 651          {
 652              $show_posts = "p.visible IN (-1,0,1)";
 653          }
 654      }
 655      else
 656      {
 657          $show_posts = "p.visible = 1";
 658      }
 659  
 660      // Does the thread belong to a valid forum?
 661      $forum = get_forum($thread['fid']);
 662      if(!$forum || $forum['type'] != "f")
 663      {
 664          error($lang->error_invalidforum);
 665      }
 666  
 667      // Does the user have permission to view this thread?
 668      $forumpermissions = forum_permissions($forum['fid']);
 669  
 670      if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
 671      {
 672          error_no_permission();
 673      }
 674  
 675      // Check if this forum is password protected and we have a valid password
 676      check_forum_password($forum['fid']);
 677  
 678      if($mybb->get_input('sort') != 'username')
 679      {
 680          $sortsql = ' ORDER BY posts DESC';
 681      }
 682      else
 683      {
 684          $sortsql = ' ORDER BY p.username ASC';
 685      }
 686      $whoposted = '';
 687      $query = $db->query("
 688          SELECT COUNT(p.pid) AS posts, p.username AS postusername, u.uid, u.username, u.usergroup, u.displaygroup
 689          FROM ".TABLE_PREFIX."posts p
 690          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
 691          WHERE tid='".$tid."' AND $show_posts
 692          GROUP BY u.uid, p.username, u.uid, u.username, u.usergroup, u.displaygroup
 693          ".$sortsql."
 694      ");
 695      while($poster = $db->fetch_array($query))
 696      {
 697          if($poster['username'] == '')
 698          {
 699              $poster['username'] = $poster['postusername'];
 700          }
 701          $poster['username'] = htmlspecialchars_uni($poster['username']);
 702          $poster['postusername'] = htmlspecialchars_uni($poster['postusername']);
 703          $poster_name = format_name($poster['username'], $poster['usergroup'], $poster['displaygroup']);
 704          if($modal)
 705          {
 706              $onclick = '';
 707              if($poster['uid'])
 708              {
 709                  $onclick = "opener.location.href='".get_profile_link($poster['uid'])."'; return false;";
 710              }
 711              $profile_link = build_profile_link($poster_name, $poster['uid'], '_blank', $onclick);
 712          }
 713          else
 714          {
 715              $profile_link = build_profile_link($poster_name, $poster['uid']);
 716          }
 717          $numposts += $poster['posts'];
 718          eval("\$whoposted .= \"".$templates->get("misc_whoposted_poster")."\";");
 719          $altbg = alt_trow();
 720      }
 721      $numposts = my_number_format($numposts);
 722      $poster['posts'] = my_number_format($poster['posts']);
 723      if($modal)
 724      {
 725          eval("\$whop = \"".$templates->get("misc_whoposted", 1, 0)."\";");
 726          echo $whop;
 727          exit;
 728      }
 729      else
 730      {
 731          require_once  MYBB_ROOT."inc/class_parser.php";
 732          $parser = new postParser;
 733  
 734          // Get thread prefix
 735          $breadcrumbprefix = '';
 736          $threadprefix = array('prefix' => '');
 737          if($thread['prefix'])
 738          {
 739              $threadprefix = build_prefixes($thread['prefix']);
 740              if(!empty($threadprefix['displaystyle']))
 741              {
 742                  $breadcrumbprefix = $threadprefix['displaystyle'].'&nbsp;';
 743              }
 744          }
 745  
 746          $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
 747  
 748          // Build the navigation.
 749          build_forum_breadcrumb($forum['fid']);
 750          add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid']));
 751          add_breadcrumb($lang->who_posted);
 752  
 753          eval("\$whoposted = \"".$templates->get("misc_whoposted_page")."\";");
 754          output_page($whoposted);
 755      }
 756  }
 757  elseif($mybb->input['action'] == "smilies")
 758  {
 759      $smilies = '';
 760      if(!empty($mybb->input['popup']) && !empty($mybb->input['editor']))
 761      { // make small popup list of smilies
 762          $editor = preg_replace('#([^a-zA-Z0-9_-]+)#', '', $mybb->get_input('editor'));
 763          $e = 1;
 764          $smile_icons = '';
 765          $class = alt_trow(1);
 766          $smilies_cache = $cache->read("smilies");
 767  
 768          if(is_array($smilies_cache))
 769          {
 770              $extra_class = ' smilie_pointer';
 771              foreach($smilies_cache as $smilie)
 772              {
 773                  if($smilie['showclickable'] != 1)
 774                  {
 775                      continue;
 776                  }
 777                  $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']);
 778                  $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image']));
 779                  $smilie['name'] = htmlspecialchars_uni($smilie['name']);
 780  
 781                  // Only show the first text to replace in the box
 782                  $temp = explode("\n", $smilie['find']); // use temporary variable for php 5.3 compatibility
 783                  $smilie['find'] = $temp[0];
 784  
 785                  $smilie['find'] = htmlspecialchars_uni($smilie['find']);
 786                  $smilie_insert = str_replace(array('\\', "'"), array('\\\\', "\'"), $smilie['find']);
 787  
 788                  $onclick = " onclick=\"MyBBEditor.insertText(' $smilie_insert ');\"";
 789                  eval('$smilie_image = "'.$templates->get('smilie', 1, 0).'";');
 790                  eval("\$smile_icons .= \"".$templates->get("misc_smilies_popup_smilie")."\";");
 791                  if($e == 2)
 792                  {
 793                      eval("\$smilies .= \"".$templates->get("misc_smilies_popup_row")."\";");
 794                      $smile_icons = '';
 795                      $e = 1;
 796                      $class = alt_trow();
 797                  }
 798                  else
 799                  {
 800                      $e = 2;
 801                  }
 802              }
 803          }
 804  
 805          if($e == 2)
 806          {
 807              eval("\$smilies .= \"".$templates->get("misc_smilies_popup_empty")."\";");
 808          }
 809  
 810          if(!$smilies)
 811          {
 812              eval("\$smilies = \"".$templates->get("misc_smilies_popup_no_smilies")."\";");
 813          }
 814  
 815          eval("\$smiliespage = \"".$templates->get("misc_smilies_popup", 1, 0)."\";");
 816          output_page($smiliespage);
 817      }
 818      else
 819      {
 820          add_breadcrumb($lang->nav_smilies);
 821          $class = "trow1";
 822          $smilies_cache = $cache->read("smilies");
 823  
 824          if(is_array($smilies_cache))
 825          {
 826              $extra_class = $onclick = '';
 827              foreach($smilies_cache as $smilie)
 828              {
 829                  if($smilie['showclickable'] != 1)
 830                  {
 831                      continue;
 832                  }
 833                  $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']);
 834                  $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image']));
 835                  $smilie['name'] = htmlspecialchars_uni($smilie['name']);
 836  
 837                  $smilie['find'] = nl2br(htmlspecialchars_uni($smilie['find']));
 838                  eval('$smilie_image = "'.$templates->get('smilie').'";');
 839                  eval("\$smilies .= \"".$templates->get("misc_smilies_smilie")."\";");
 840                  $class = alt_trow();
 841              }
 842          }
 843  
 844          if(!$smilies)
 845          {
 846              eval("\$smilies = \"".$templates->get("misc_smilies_no_smilies")."\";");
 847          }
 848  
 849          eval("\$smiliespage = \"".$templates->get("misc_smilies")."\";");
 850          output_page($smiliespage);
 851      }
 852  }
 853  elseif($mybb->input['action'] == "imcenter")
 854  {
 855      $mybb->input['imtype'] = $mybb->get_input('imtype');
 856      if($mybb->input['imtype'] != "skype" && $mybb->input['imtype'] != "yahoo")
 857      {
 858          $message = $lang->error_invalidimtype;
 859          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 860          echo $error;
 861          exit;
 862      }
 863  
 864      $uid = $mybb->get_input('uid', MyBB::INPUT_INT);
 865      $user = get_user($uid);
 866  
 867      if(!$user)
 868      {
 869          $message = $lang->error_invaliduser;
 870          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 871          echo $error;
 872          exit;
 873      }
 874  
 875      if(empty($user[$mybb->input['imtype']]))
 876      {
 877          $message = $lang->error_invalidimtype;
 878          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 879          echo $error;
 880          exit;
 881      }
 882  
 883      $settingkey = 'allow'.$mybb->input['imtype'].'field';
 884      if(!is_member($mybb->settings[$settingkey], $user))
 885      {
 886          $message = $lang->error_nopermission_user_ajax;
 887          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 888          echo $error;
 889          exit;
 890      }
 891  
 892      // Build IM navigation bar
 893      $navigationbar = $navsep = $imtype = $imtype_lang = '';
 894      if(!empty($user['skype']) && is_member($mybb->settings['allowskypefield'], array('usergroup' => $user['usergroup'], 'additionalgroups' => $user['additionalgroups'])))
 895      {
 896          $imtype = "skype";
 897          $imtype_lang = $lang->skype;
 898          eval("\$navigationbar .= \"".$templates->get("misc_imcenter_nav")."\";");
 899          $navsep = ' - ';
 900      }
 901      if(!empty($user['yahoo']) && is_member($mybb->settings['allowyahoofield'], array('usergroup' => $user['usergroup'], 'additionalgroups' => $user['additionalgroups'])))
 902      {
 903          $imtype = "yahoo";
 904          $imtype_lang = $lang->yahoo_im;
 905          eval("\$navigationbar .= \"".$templates->get("misc_imcenter_nav")."\";");
 906      }
 907  
 908      $user['skype'] = htmlspecialchars_uni($user['skype']);
 909      $user['yahoo'] = htmlspecialchars_uni($user['yahoo']);
 910  
 911      $user['username'] = htmlspecialchars_uni($user['username']);
 912  
 913      $lang->chat_on_skype = $lang->sprintf($lang->chat_on_skype, $user['username']);
 914      $lang->call_on_skype = $lang->sprintf($lang->call_on_skype, $user['username']);
 915  
 916      $imtemplate = "misc_imcenter_".$mybb->input['imtype'];
 917      eval("\$imcenter = \"".$templates->get($imtemplate, 1, 0)."\";");
 918      echo $imcenter;
 919      exit;
 920  }
 921  elseif($mybb->input['action'] == "syndication")
 922  {
 923      $plugins->run_hooks("misc_syndication_start");
 924  
 925      $fid = $mybb->get_input('fid', MyBB::INPUT_INT);
 926      $version = $mybb->get_input('version');
 927      $new_limit = $mybb->get_input('limit', MyBB::INPUT_INT);
 928      $forums = $mybb->get_input('forums', MyBB::INPUT_ARRAY);
 929      $limit = 15;
 930      if(!empty($new_limit) && $new_limit != $limit)
 931      {
 932          $limit = $new_limit;
 933      }
 934      $feedurl = '';
 935      $add = false;
 936  
 937      add_breadcrumb($lang->nav_syndication);
 938      $unviewable = get_unviewable_forums();
 939      $inactiveforums = get_inactive_forums();
 940      $unexp1 = explode(',', $unviewable);
 941      $unexp2 = explode(',', $inactiveforums);
 942      $unexp = array_merge($unexp1, $unexp2);
 943  
 944      if(is_array($forums))
 945      {
 946          foreach($unexp as $fid)
 947          {
 948              $unview[$fid] = true;
 949          }
 950  
 951          $syndicate = '';
 952          $comma = '';
 953          $all = false;
 954          foreach($forums as $fid)
 955          {
 956              if($fid == "all")
 957              {
 958                  $all = true;
 959                  break;
 960              }
 961              elseif(ctype_digit($fid))
 962              {
 963                  if(!isset($unview[$fid]))
 964                  {
 965                      $syndicate .= $comma.$fid;
 966                      $comma = ",";
 967                      $flist[$fid] = true;
 968                  }
 969              }
 970          }
 971          $url = $mybb->settings['bburl']."/syndication.php";
 972          if(!$all)
 973          {
 974              $url .= "?fid=$syndicate";
 975              $add = true;
 976          }
 977  
 978          // If the version is not RSS2.0, set the type to Atom1.0.
 979          if($version != "rss2.0")
 980          {
 981              if(!$add)
 982              {
 983                  $url .= "?";
 984              }
 985              else
 986              {
 987                  $url .= "&";
 988              }
 989              $url .= "type=atom1.0";
 990              $add = true;
 991          }
 992          if((int)$limit > 0)
 993          {
 994              if($limit > 50)
 995              {
 996                  $limit = 50;
 997              }
 998              if(!$add)
 999              {
1000                  $url .= "?";
1001              }
1002              else
1003              {
1004                  $url .= "&";
1005              }
1006              if(is_numeric($limit))
1007              {
1008                  $url .= "limit=$limit";
1009              }
1010          }
1011          eval("\$feedurl = \"".$templates->get("misc_syndication_feedurl")."\";");
1012      }
1013      unset($GLOBALS['forumcache']);
1014  
1015      // If there is no version in the input, check the default (RSS2.0).
1016      if($version == "atom1.0")
1017      {
1018          $atom1check = "checked=\"checked\"";
1019          $rss2check = '';
1020      }
1021      else
1022      {
1023          $atom1check = '';
1024          $rss2check = "checked=\"checked\"";
1025      }
1026      $forumselect = makesyndicateforums();
1027  
1028      $plugins->run_hooks("misc_syndication_end");
1029  
1030      eval("\$syndication = \"".$templates->get("misc_syndication")."\";");
1031      output_page($syndication);
1032  }
1033  elseif($mybb->input['action'] == "clearcookies")
1034  {
1035      verify_post_check($mybb->get_input('my_post_key'));
1036  
1037      $plugins->run_hooks("misc_clearcookies");
1038  
1039      $remove_cookies = array('mybbuser', 'mybb[announcements]', 'mybb[lastvisit]', 'mybb[lastactive]', 'collapsed', 'mybb[forumread]', 'mybb[threadsread]', 'mybbadmin',
1040                              'mybblang', 'mybbtheme', 'multiquote', 'mybb[readallforums]', 'coppauser', 'coppadob', 'mybb[referrer]');
1041  
1042      foreach($remove_cookies as $name)
1043      {
1044          my_unsetcookie($name);
1045      }
1046      redirect("index.php", $lang->redirect_cookiescleared);
1047  }
1048  
1049  /**
1050   * Build a list of forums for RSS multiselect.
1051   *
1052   * @param int $pid Parent forum ID.
1053   * @param string $selitem deprecated
1054   * @param boolean $addselect Whether to add selected attribute or not.
1055   * @param string $depth HTML for the depth of the forum.
1056   * @return string HTML of the list of forums for CSS.
1057   */
1058  function makesyndicateforums($pid=0, $selitem="", $addselect=true, $depth="")
1059  {
1060      global $db, $forumcache, $permissioncache, $mybb, $forumlist, $forumlistbits, $flist, $lang, $unexp, $templates;
1061  
1062      $pid = (int)$pid;
1063      $forumlist = '';
1064  
1065      if(!is_array($forumcache))
1066      {
1067          // Get Forums
1068          $query = $db->simple_select("forums", "*", "linkto = '' AND active!=0", array('order_by' => 'pid, disporder'));
1069          while($forum = $db->fetch_array($query))
1070          {
1071              $forumcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum;
1072          }
1073      }
1074  
1075      if(!is_array($permissioncache))
1076      {
1077          $permissioncache = forum_permissions();
1078      }
1079  
1080      if(is_array($forumcache[$pid]))
1081      {
1082          foreach($forumcache[$pid] as $key => $main)
1083          {
1084              foreach($main as $key => $forum)
1085              {
1086                  $perms = $permissioncache[$forum['fid']];
1087                  if($perms['canview'] == 1 || $mybb->settings['hideprivateforums'] == 0)
1088                  {
1089                      $optionselected = '';
1090                      if(isset($flist[$forum['fid']]))
1091                      {
1092                          $optionselected = 'selected="selected"';
1093                          $selecteddone = "1";
1094                      }
1095  
1096                      if($forum['password'] == '' && !in_array($forum['fid'], $unexp) || $forum['password'] && isset($mybb->cookies['forumpass'][$forum['fid']]) && $mybb->cookies['forumpass'][$forum['fid']] === md5($mybb->user['uid'].$forum['password']))
1097                      {
1098                          eval("\$forumlistbits .= \"".$templates->get("misc_syndication_forumlist_forum")."\";");
1099                      }
1100  
1101                      if(!empty($forumcache[$forum['fid']]))
1102                      {
1103                          $newdepth = $depth."&nbsp;&nbsp;&nbsp;&nbsp;";
1104                          $forumlistbits .= makesyndicateforums($forum['fid'], '', 0, $newdepth);
1105                      }
1106                  }
1107              }
1108          }
1109      }
1110  
1111      if($addselect)
1112      {
1113          $addsel = '';
1114          if(empty($selecteddone))
1115          {
1116              $addsel = ' selected="selected"';
1117          }
1118  
1119          eval("\$forumlist = \"".$templates->get("misc_syndication_forumlist")."\";");
1120      }
1121  
1122      return $forumlist;
1123  }


2005 - 2018 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1