| [ Index ] |
PHP Cross Reference of MyBB 1.8.38 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define("IGNORE_CLEAN_VARS", "sid"); 13 define('THIS_SCRIPT', 'misc.php'); 14 15 $templatelist = "misc_rules_forum,misc_help_helpdoc,misc_whoposted_poster,misc_whoposted,misc_smilies_popup_smilie,misc_smilies_popup,misc_smilies_popup_empty,misc_smilies_popup_row,multipage_start"; 16 $templatelist .= ",misc_buddypopup,misc_buddypopup_user,misc_buddypopup_user_none,misc_buddypopup_user_online,misc_buddypopup_user_offline,misc_buddypopup_user_sendpm,misc_syndication_forumlist"; 17 $templatelist .= ",misc_smilies,misc_smilies_smilie,misc_help_section_bit,misc_help_section,misc_help,forumdisplay_password_wrongpass,forumdisplay_password,misc_helpresults,misc_helpresults_bit"; 18 $templatelist .= ",multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,misc_whoposted_page"; 19 $templatelist .= ",misc_smilies_popup_no_smilies,misc_smilies_no_smilies,misc_syndication,misc_help_search,misc_helpresults_noresults,misc_syndication_forumlist_forum,misc_syndication_feedurl"; 20 21 require_once "./global.php"; 22 require_once MYBB_ROOT."inc/functions_post.php"; 23 24 // Load global language phrases 25 $lang->load("misc"); 26 27 $plugins->run_hooks("misc_start"); 28 29 $mybb->input['action'] = $mybb->get_input('action'); 30 if($mybb->input['action'] == "dstswitch" && $mybb->request_method == "post" && $mybb->user['uid'] > 0) 31 { 32 if($mybb->user['dstcorrection'] == 2) 33 { 34 if($mybb->user['dst'] == 1) 35 { 36 $update_array = array("dst" => 0); 37 } 38 else 39 { 40 $update_array = array("dst" => 1); 41 } 42 } 43 $db->update_query("users", $update_array, "uid='{$mybb->user['uid']}'"); 44 if(!isset($mybb->input['ajax'])) 45 { 46 redirect("index.php", $lang->dst_settings_updated); 47 } 48 else 49 { 50 echo "done"; 51 exit; 52 } 53 } 54 elseif($mybb->input['action'] == "markread") 55 { 56 if($mybb->user['uid'] && verify_post_check($mybb->get_input('my_post_key'), true) !== true) 57 { 58 // Protect our user's unread forums from CSRF 59 error($lang->invalid_post_code); 60 } 61 62 if(isset($mybb->input['fid'])) 63 { 64 $validforum = get_forum($mybb->input['fid']); 65 if(!$validforum) 66 { 67 if(!isset($mybb->input['ajax'])) 68 { 69 error($lang->error_invalidforum); 70 } 71 else 72 { 73 echo 0; 74 exit; 75 } 76 } 77 78 require_once MYBB_ROOT."/inc/functions_indicators.php"; 79 mark_forum_read($mybb->input['fid']); 80 81 $plugins->run_hooks("misc_markread_forum"); 82 83 if(!isset($mybb->input['ajax'])) 84 { 85 redirect(get_forum_link($mybb->input['fid']), $lang->redirect_markforumread); 86 } 87 else 88 { 89 echo 1; 90 exit; 91 } 92 } 93 else 94 { 95 96 $plugins->run_hooks("misc_markread_end"); 97 require_once MYBB_ROOT."/inc/functions_indicators.php"; 98 mark_all_forums_read(); 99 redirect("index.php", $lang->redirect_markforumsread); 100 } 101 } 102 elseif($mybb->input['action'] == "clearpass") 103 { 104 $plugins->run_hooks("misc_clearpass"); 105 106 if(isset($mybb->input['fid'])) 107 { 108 if(!verify_post_check($mybb->get_input('my_post_key'))) 109 { 110 error($lang->invalid_post_code); 111 } 112 113 my_unsetcookie("forumpass[".$mybb->get_input('fid', MyBB::INPUT_INT)."]"); 114 redirect("index.php", $lang->redirect_forumpasscleared); 115 } 116 } 117 elseif($mybb->input['action'] == "rules") 118 { 119 if(isset($mybb->input['fid'])) 120 { 121 $plugins->run_hooks("misc_rules_start"); 122 123 $fid = $mybb->input['fid']; 124 125 $forum = get_forum($fid); 126 if(!$forum || $forum['type'] != "f" || $forum['rules'] == '') 127 { 128 error($lang->error_invalidforum); 129 } 130 131 $forumpermissions = forum_permissions($forum['fid']); 132 if($forumpermissions['canview'] != 1) 133 { 134 error_no_permission(); 135 } 136 137 if(!$forum['rulestitle']) 138 { 139 $forum['rulestitle'] = $lang->sprintf($lang->forum_rules, $forum['name']); 140 } 141 142 require_once MYBB_ROOT."inc/class_parser.php"; 143 $parser = new postParser(); 144 $parser_options = array( 145 "allow_html" => 1, 146 "allow_mycode" => 1, 147 "allow_smilies" => 1, 148 "allow_imgcode" => 1, 149 "filter_badwords" => 1 150 ); 151 152 $forum['rules'] = $parser->parse_message($forum['rules'], $parser_options); 153 154 // Make navigation 155 build_forum_breadcrumb($mybb->input['fid']); 156 add_breadcrumb($forum['rulestitle']); 157 158 $plugins->run_hooks("misc_rules_end"); 159 160 eval("\$rules = \"".$templates->get("misc_rules_forum")."\";"); 161 output_page($rules); 162 } 163 164 } 165 elseif($mybb->input['action'] == "do_helpsearch" && $mybb->request_method == "post") 166 { 167 $plugins->run_hooks("misc_do_helpsearch_start"); 168 169 if($mybb->settings['helpsearch'] != 1) 170 { 171 error($lang->error_helpsearchdisabled); 172 } 173 174 // Check if search flood checking is enabled and user is not admin 175 if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1) 176 { 177 // Fetch the time this user last searched 178 $timecut = TIME_NOW-$mybb->settings['searchfloodtime']; 179 $query = $db->simple_select("searchlog", "*", "uid='{$mybb->user['uid']}' AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC")); 180 $last_search = $db->fetch_array($query); 181 // Users last search was within the flood time, show the error 182 if($last_search) 183 { 184 $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']); 185 if($remaining_time == 1) 186 { 187 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']); 188 } 189 else 190 { 191 $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time); 192 } 193 error($lang->error_searchflooding); 194 } 195 } 196 197 if($mybb->get_input('name', MyBB::INPUT_INT) != 1 && $mybb->get_input('document', MyBB::INPUT_INT) != 1) 198 { 199 error($lang->error_nosearchresults); 200 } 201 202 if($mybb->get_input('document', MyBB::INPUT_INT) == 1) 203 { 204 $resulttype = "helpdoc"; 205 } 206 else 207 { 208 $resulttype = "helpname"; 209 } 210 211 $search_data = array( 212 "keywords" => $mybb->get_input('keywords'), 213 "name" => $mybb->get_input('name', MyBB::INPUT_INT), 214 "document" => $mybb->get_input('document', MyBB::INPUT_INT), 215 ); 216 217 if($db->can_search == true) 218 { 219 require_once MYBB_ROOT."inc/functions_search.php"; 220 221 $search_results = helpdocument_perform_search_mysql($search_data); 222 } 223 else 224 { 225 error($lang->error_no_search_support); 226 } 227 $sid = md5(uniqid(microtime(), true)); 228 $searcharray = array( 229 "sid" => $db->escape_string($sid), 230 "uid" => $mybb->user['uid'], 231 "dateline" => TIME_NOW, 232 "ipaddress" => $db->escape_binary($session->packedip), 233 "threads" => '', 234 "posts" => '', 235 "resulttype" => $resulttype, 236 "querycache" => $search_results['querycache'], 237 "keywords" => $db->escape_string($mybb->get_input('keywords')), 238 ); 239 $plugins->run_hooks("misc_do_helpsearch_process"); 240 241 $db->insert_query("searchlog", $searcharray); 242 243 $plugins->run_hooks("misc_do_helpsearch_end"); 244 redirect("misc.php?action=helpresults&sid={$sid}", $lang->redirect_searchresults); 245 } 246 elseif($mybb->input['action'] == "helpresults") 247 { 248 if($mybb->settings['helpsearch'] != 1) 249 { 250 error($lang->error_helpsearchdisabled); 251 } 252 253 $sid = $mybb->get_input('sid'); 254 $query = $db->simple_select("searchlog", "*", "sid='".$db->escape_string($sid)."' AND uid='{$mybb->user['uid']}'"); 255 $search = $db->fetch_array($query); 256 257 if(!$search) 258 { 259 error($lang->error_invalidsearch); 260 } 261 262 $plugins->run_hooks("misc_helpresults_start"); 263 264 add_breadcrumb($lang->nav_helpdocs, "misc.php?action=help"); 265 add_breadcrumb($lang->search_results, "misc.php?action=helpresults&sid={$sid}"); 266 267 if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1) 268 { 269 $mybb->settings['threadsperpage'] = 20; 270 } 271 272 $query = $db->simple_select("helpdocs", "COUNT(*) AS total", "hid IN(".$db->escape_string($search['querycache']).")"); 273 $helpcount = $db->fetch_field($query, "total"); 274 275 // Work out pagination, which page we're at, as well as the limits. 276 $perpage = $mybb->settings['threadsperpage']; 277 $page = $mybb->get_input('page', MyBB::INPUT_INT); 278 if($page > 0) 279 { 280 $start = ($page-1) * $perpage; 281 $pages = ceil($helpcount / $perpage); 282 if($pages > $page) 283 { 284 $start = 0; 285 $page = 1; 286 } 287 } 288 else 289 { 290 $start = 0; 291 $page = 1; 292 } 293 $end = $start + $perpage; 294 $lower = $start+1; 295 $upper = $end; 296 297 // Work out if we have terms to highlight 298 $highlight = ""; 299 if($search['keywords']) 300 { 301 $highlight = "&highlight=".urlencode($search['keywords']); 302 } 303 304 // Do Multi Pages 305 if($upper > $helpcount) 306 { 307 $upper = $helpcount; 308 } 309 $multipage = multipage($helpcount, $perpage, $page, "misc.php?action=helpresults&sid='".htmlspecialchars_uni($mybb->get_input('sid'))."'"); 310 $helpdoclist = ''; 311 312 require_once MYBB_ROOT."inc/class_parser.php"; 313 $parser = new postParser(); 314 315 $query = $db->query(" 316 SELECT h.*, s.enabled 317 FROM ".TABLE_PREFIX."helpdocs h 318 LEFT JOIN ".TABLE_PREFIX."helpsections s ON (s.sid=h.sid) 319 WHERE h.hid IN(".$db->escape_string($search['querycache']).") AND h.enabled='1' AND s.enabled='1' 320 LIMIT {$start}, {$perpage} 321 "); 322 while($helpdoc = $db->fetch_array($query)) 323 { 324 $bgcolor = alt_trow(); 325 326 if(my_strlen($helpdoc['name']) > 50) 327 { 328 $helpdoc['name'] = htmlspecialchars_uni(my_substr($helpdoc['name'], 0, 50)."..."); 329 } 330 else 331 { 332 $helpdoc['name'] = htmlspecialchars_uni($helpdoc['name']); 333 } 334 335 $parser_options = array( 336 'allow_html' => 1, 337 'allow_mycode' => 0, 338 'allow_smilies' => 0, 339 'allow_imgcode' => 0, 340 'filter_badwords' => 1 341 ); 342 $helpdoc['helpdoc'] = $parser->parse_message($helpdoc['document'], $parser_options); 343 344 if(my_strlen($helpdoc['helpdoc']) > 350) 345 { 346 $prev = my_substr($helpdoc['helpdoc'], 0, 350)."..."; 347 } 348 else 349 { 350 $prev = $helpdoc['helpdoc']; 351 } 352 353 $plugins->run_hooks("misc_helpresults_bit"); 354 355 eval("\$helpdoclist .= \"".$templates->get("misc_helpresults_bit")."\";"); 356 } 357 358 if($db->num_rows($query) == 0) 359 { 360 eval("\$helpdoclist = \"".$templates->get("misc_helpresults_noresults")."\";"); 361 } 362 363 $plugins->run_hooks("misc_helpresults_end"); 364 365 eval("\$helpresults = \"".$templates->get("misc_helpresults")."\";"); 366 output_page($helpresults); 367 } 368 elseif($mybb->input['action'] == "help") 369 { 370 $lang->load("helpdocs"); 371 $lang->load("helpsections"); 372 $lang->load("customhelpdocs"); 373 $lang->load("customhelpsections"); 374 375 $hid = $mybb->get_input('hid', MyBB::INPUT_INT); 376 add_breadcrumb($lang->nav_helpdocs, "misc.php?action=help"); 377 378 if($hid) 379 { 380 $query = $db->query(" 381 SELECT h.*, s.enabled AS section 382 FROM ".TABLE_PREFIX."helpdocs h 383 LEFT JOIN ".TABLE_PREFIX."helpsections s ON (s.sid=h.sid) 384 WHERE h.hid='{$hid}' 385 "); 386 387 $helpdoc = $db->fetch_array($query); 388 if($helpdoc['section'] != 0 && $helpdoc['enabled'] != 0) 389 { 390 $plugins->run_hooks("misc_help_helpdoc_start"); 391 392 // If we have incoming search terms to highlight - get it done (only if not using translation). 393 if(!empty($mybb->input['highlight']) && $helpdoc['usetranslation'] != 1) 394 { 395 require_once MYBB_ROOT."inc/class_parser.php"; 396 $parser = new postParser(); 397 398 $highlight = $mybb->input['highlight']; 399 $helpdoc['name'] = $parser->highlight_message($helpdoc['name'], $highlight); 400 $helpdoc['document'] = $parser->highlight_message($helpdoc['document'], $highlight); 401 } 402 403 if($helpdoc['usetranslation'] == 1) 404 { 405 $langnamevar = "d".$helpdoc['hid']."_name"; 406 $langdescvar = "d".$helpdoc['hid']."_desc"; 407 $langdocvar = "d".$helpdoc['hid']."_document"; 408 if(isset($lang->$langnamevar)) 409 { 410 $helpdoc['name'] = $lang->$langnamevar; 411 } 412 if(isset($lang->$langdescvar)) 413 { 414 $helpdoc['description'] = $lang->$langdescvar; 415 } 416 if(isset($lang->$langdocvar)) 417 { 418 $helpdoc['document'] = $lang->$langdocvar; 419 } 420 } 421 422 if($helpdoc['hid'] == 3) 423 { 424 $helpdoc['document'] = $lang->sprintf($helpdoc['document'], $mybb->post_code); 425 } 426 427 add_breadcrumb($helpdoc['name']); 428 429 $plugins->run_hooks("misc_help_helpdoc_end"); 430 431 eval("\$helppage = \"".$templates->get("misc_help_helpdoc")."\";"); 432 output_page($helppage); 433 } 434 else 435 { 436 error($lang->error_invalidhelpdoc); 437 } 438 } 439 else 440 { 441 $plugins->run_hooks("misc_help_section_start"); 442 443 $query = $db->simple_select("helpdocs", "*", "", array('order_by' => 'sid, disporder')); 444 while($helpdoc = $db->fetch_array($query)) 445 { 446 $helpdocs[$helpdoc['sid']][$helpdoc['disporder']][$helpdoc['hid']] = $helpdoc; 447 } 448 unset($helpdoc); 449 $sections = ''; 450 $query = $db->simple_select("helpsections", "*", "enabled != 0", array('order_by' => 'disporder')); 451 while($section = $db->fetch_array($query)) 452 { 453 if($section['usetranslation'] == 1) 454 { 455 $langnamevar = "s".$section['sid']."_name"; 456 $langdescvar = "s".$section['sid']."_desc"; 457 if($lang->$langnamevar) 458 { 459 $section['name'] = $lang->$langnamevar; 460 } 461 if($lang->$langdescvar) 462 { 463 $section['description'] = $lang->$langdescvar; 464 } 465 } 466 if(is_array($helpdocs[$section['sid']])) 467 { 468 $helpbits = ''; 469 foreach($helpdocs[$section['sid']] as $key => $bit) 470 { 471 foreach($bit as $key => $helpdoc) 472 { 473 if($helpdoc['enabled'] != 0) 474 { 475 if($helpdoc['usetranslation'] == 1) 476 { 477 $langnamevar = "d".$helpdoc['hid'].'_name'; 478 $langdescvar = "d".$helpdoc['hid'].'_desc'; 479 if(isset($lang->$langnamevar)) 480 { 481 $helpdoc['name'] = $lang->$langnamevar; 482 } 483 if(isset($lang->$langdescvar)) 484 { 485 $helpdoc['description'] = $lang->$langdescvar; 486 } 487 } 488 $altbg = alt_trow(); 489 eval("\$helpbits .= \"".$templates->get("misc_help_section_bit")."\";"); 490 } 491 } 492 $expdisplay = ''; 493 $sname = "sid_".$section['sid']."_e"; 494 if(isset($collapsed[$sname]) && $collapsed[$sname] == "display: none;") 495 { 496 $expcolimage = "collapse_collapsed.png"; 497 $expdisplay = "display: none;"; 498 $expthead = " thead_collapsed"; 499 $expaltext = $lang->expcol_expand; 500 } 501 else 502 { 503 $expcolimage = "collapse.png"; 504 $expthead = ""; 505 $expaltext = $lang->expcol_collapse; 506 } 507 } 508 eval("\$sections .= \"".$templates->get("misc_help_section")."\";"); 509 } 510 } 511 512 if($mybb->settings['helpsearch'] == 1) 513 { 514 eval("\$search = \"".$templates->get("misc_help_search")."\";"); 515 } 516 517 $plugins->run_hooks("misc_help_section_end"); 518 519 eval("\$help = \"".$templates->get("misc_help")."\";"); 520 output_page($help); 521 } 522 } 523 elseif($mybb->input['action'] == "buddypopup") 524 { 525 $plugins->run_hooks("misc_buddypopup_start"); 526 527 if($mybb->user['uid'] == 0) 528 { 529 error_no_permission(); 530 } 531 532 if(isset($mybb->input['removebuddy']) && verify_post_check($mybb->get_input('my_post_key'))) 533 { 534 $buddies = $mybb->user['buddylist']; 535 $namesarray = explode(",", $buddies); 536 $mybb->input['removebuddy'] = $mybb->get_input('removebuddy', MyBB::INPUT_INT); 537 if(is_array($namesarray)) 538 { 539 foreach($namesarray as $key => $buddyid) 540 { 541 if($buddyid == $mybb->input['removebuddy']) 542 { 543 unset($namesarray[$key]); 544 } 545 } 546 $buddylist = implode(',', $namesarray); 547 $db->update_query("users", array('buddylist' => $buddylist), "uid='".$mybb->user['uid']."'"); 548 $mybb->user['buddylist'] = $buddylist; 549 } 550 } 551 552 // Load Buddies 553 $buddies = ''; 554 if($mybb->user['buddylist'] != "") 555 { 556 $buddys = array('online' => '', 'offline' => ''); 557 $timecut = TIME_NOW - $mybb->settings['wolcutoff']; 558 559 $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array('order_by' => 'lastactive')); 560 561 while($buddy = $db->fetch_array($query)) 562 { 563 $buddy['username'] = htmlspecialchars_uni($buddy['username']); 564 $buddy_name = format_name($buddy['username'], $buddy['usergroup'], $buddy['displaygroup']); 565 $profile_link = build_profile_link($buddy_name, $buddy['uid'], '_blank', 'if(window.opener) { window.opener.location = this.href; return false; }'); 566 567 $send_pm = ''; 568 if($mybb->user['receivepms'] != 0 && $buddy['receivepms'] != 0 && $groupscache[$buddy['usergroup']]['canusepms'] != 0) 569 { 570 eval("\$send_pm = \"".$templates->get("misc_buddypopup_user_sendpm")."\";"); 571 } 572 573 if($buddy['lastactive']) 574 { 575 $last_active = $lang->sprintf($lang->last_active, my_date('relative', $buddy['lastactive'])); 576 } 577 else 578 { 579 $last_active = $lang->sprintf($lang->last_active, $lang->never); 580 } 581 582 $buddy['avatar'] = format_avatar($buddy['avatar'], $buddy['avatardimensions'], '44x44'); 583 584 if($buddy['lastactive'] > $timecut && ($buddy['invisible'] == 0 || $mybb->user['usergroup'] == 4) && $buddy['lastvisit'] != $buddy['lastactive']) 585 { 586 $bonline_alt = alt_trow(); 587 eval("\$buddys['online'] .= \"".$templates->get("misc_buddypopup_user_online")."\";"); 588 } 589 else 590 { 591 $boffline_alt = alt_trow(); 592 eval("\$buddys['offline'] .= \"".$templates->get("misc_buddypopup_user_offline")."\";"); 593 } 594 } 595 596 $colspan = ' colspan="2"'; 597 if(empty($buddys['online'])) 598 { 599 $error = $lang->online_none; 600 eval("\$buddys['online'] = \"".$templates->get("misc_buddypopup_user_none")."\";"); 601 } 602 603 if(empty($buddys['offline'])) 604 { 605 $error = $lang->offline_none; 606 eval("\$buddys['offline'] = \"".$templates->get("misc_buddypopup_user_none")."\";"); 607 } 608 609 eval("\$buddies = \"".$templates->get("misc_buddypopup_user")."\";"); 610 } 611 else 612 { 613 // No buddies? :( 614 $colspan = ''; 615 $error = $lang->no_buddies; 616 eval("\$buddies = \"".$templates->get("misc_buddypopup_user_none")."\";"); 617 } 618 619 $plugins->run_hooks("misc_buddypopup_end"); 620 621 eval("\$buddylist = \"".$templates->get("misc_buddypopup", 1, 0)."\";"); 622 echo $buddylist; 623 exit; 624 } 625 elseif($mybb->input['action'] == "whoposted") 626 { 627 $numposts = 0; 628 $altbg = alt_trow(); 629 $whoposted = ''; 630 $tid = $mybb->get_input('tid', MyBB::INPUT_INT); 631 $thread = get_thread($tid); 632 $modal = $mybb->get_input('modal', MyBB::INPUT_INT); 633 634 // Make sure we are looking at a real thread here. 635 if(!$thread) 636 { 637 error($lang->error_invalidthread); 638 } 639 640 // Make sure we are looking at a real thread here. 641 if(($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted")) || ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || $thread['visible'] > 1) 642 { 643 error($lang->error_invalidthread); 644 } 645 646 if(is_moderator($thread['fid'], "canviewdeleted") || is_moderator($thread['fid'], "canviewunapprove")) 647 { 648 if(is_moderator($thread['fid'], "canviewunapprove") && !is_moderator($thread['fid'], "canviewdeleted")) 649 { 650 $show_posts = "p.visible IN (0,1)"; 651 } 652 elseif(is_moderator($thread['fid'], "canviewdeleted") && !is_moderator($thread['fid'], "canviewunapprove")) 653 { 654 $show_posts = "p.visible IN (-1,1)"; 655 } 656 else 657 { 658 $show_posts = "p.visible IN (-1,0,1)"; 659 } 660 } 661 else 662 { 663 $show_posts = "p.visible = 1"; 664 } 665 666 // Does the thread belong to a valid forum? 667 $forum = get_forum($thread['fid']); 668 if(!$forum || $forum['type'] != "f") 669 { 670 error($lang->error_invalidforum); 671 } 672 673 // Does the user have permission to view this thread? 674 $forumpermissions = forum_permissions($forum['fid']); 675 676 if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) 677 { 678 error_no_permission(); 679 } 680 681 // Check if this forum is password protected and we have a valid password 682 check_forum_password($forum['fid']); 683 684 if($mybb->get_input('sort') != 'username') 685 { 686 $sortsql = ' ORDER BY posts DESC'; 687 } 688 else 689 { 690 $sortsql = ' ORDER BY p.username ASC'; 691 } 692 $whoposted = ''; 693 $query = $db->query(" 694 SELECT COUNT(p.pid) AS posts, p.username AS postusername, u.uid, u.username, u.usergroup, u.displaygroup 695 FROM ".TABLE_PREFIX."posts p 696 LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid) 697 WHERE tid='".$tid."' AND $show_posts 698 GROUP BY u.uid, p.username, u.uid, u.username, u.usergroup, u.displaygroup 699 ".$sortsql." 700 "); 701 while($poster = $db->fetch_array($query)) 702 { 703 if($poster['username'] == '') 704 { 705 $poster['username'] = $poster['postusername']; 706 } 707 $poster['username'] = htmlspecialchars_uni($poster['username']); 708 $poster['postusername'] = htmlspecialchars_uni($poster['postusername']); 709 $poster_name = format_name($poster['username'], $poster['usergroup'], $poster['displaygroup']); 710 if($modal) 711 { 712 $onclick = ''; 713 if($poster['uid']) 714 { 715 $onclick = "opener.location.href='".get_profile_link($poster['uid'])."'; return false;"; 716 } 717 $profile_link = build_profile_link($poster_name, $poster['uid'], '_blank', $onclick); 718 } 719 else 720 { 721 $profile_link = build_profile_link($poster_name, $poster['uid']); 722 } 723 $numposts += $poster['posts']; 724 $poster['posts'] = my_number_format($poster['posts']); 725 eval("\$whoposted .= \"".$templates->get("misc_whoposted_poster")."\";"); 726 $altbg = alt_trow(); 727 } 728 $numposts = my_number_format($numposts); 729 if($modal) 730 { 731 eval("\$whop = \"".$templates->get("misc_whoposted", 1, 0)."\";"); 732 echo $whop; 733 exit; 734 } 735 else 736 { 737 require_once MYBB_ROOT."inc/class_parser.php"; 738 $parser = new postParser; 739 740 // Get thread prefix 741 $breadcrumbprefix = ''; 742 $threadprefix = array('prefix' => ''); 743 if($thread['prefix']) 744 { 745 $threadprefix = build_prefixes($thread['prefix']); 746 if(!empty($threadprefix['displaystyle'])) 747 { 748 $breadcrumbprefix = $threadprefix['displaystyle'].' '; 749 } 750 } 751 752 $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); 753 754 // Build the navigation. 755 build_forum_breadcrumb($forum['fid']); 756 add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid'])); 757 add_breadcrumb($lang->who_posted); 758 759 eval("\$whoposted = \"".$templates->get("misc_whoposted_page")."\";"); 760 output_page($whoposted); 761 } 762 } 763 elseif($mybb->input['action'] == "smilies") 764 { 765 $smilies = ''; 766 if(!empty($mybb->input['popup']) && !empty($mybb->input['editor'])) 767 { // make small popup list of smilies 768 $editor = preg_replace('#([^a-zA-Z0-9_-]+)#', '', $mybb->get_input('editor')); 769 $e = 1; 770 $smile_icons = ''; 771 $class = alt_trow(1); 772 $smilies_cache = $cache->read("smilies"); 773 774 if(is_array($smilies_cache)) 775 { 776 $extra_class = ' smilie_pointer'; 777 foreach($smilies_cache as $smilie) 778 { 779 $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']); 780 $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image'])); 781 $smilie['name'] = htmlspecialchars_uni($smilie['name']); 782 783 // Only show the first text to replace in the box 784 $temp = explode("\n", $smilie['find']); // use temporary variable for php 5.3 compatibility 785 $smilie['find'] = $temp[0]; 786 787 $smilie['find'] = htmlspecialchars_uni($smilie['find']); 788 $smilie_insert = str_replace(array('\\', "'"), array('\\\\', "\'"), $smilie['find']); 789 790 $onclick = " onclick=\"MyBBEditor.insertText(' $smilie_insert ');\""; 791 eval('$smilie_image = "'.$templates->get('smilie', 1, 0).'";'); 792 eval("\$smile_icons .= \"".$templates->get("misc_smilies_popup_smilie")."\";"); 793 if($e == 2) 794 { 795 eval("\$smilies .= \"".$templates->get("misc_smilies_popup_row")."\";"); 796 $smile_icons = ''; 797 $e = 1; 798 $class = alt_trow(); 799 } 800 else 801 { 802 $e = 2; 803 } 804 } 805 } 806 807 if($e == 2) 808 { 809 eval("\$smilies .= \"".$templates->get("misc_smilies_popup_empty")."\";"); 810 } 811 812 if(!$smilies) 813 { 814 eval("\$smilies = \"".$templates->get("misc_smilies_popup_no_smilies")."\";"); 815 } 816 817 eval("\$smiliespage = \"".$templates->get("misc_smilies_popup", 1, 0)."\";"); 818 output_page($smiliespage); 819 } 820 else 821 { 822 add_breadcrumb($lang->nav_smilies); 823 $class = "trow1"; 824 $smilies_cache = $cache->read("smilies"); 825 826 if(is_array($smilies_cache)) 827 { 828 $extra_class = $onclick = ''; 829 foreach($smilies_cache as $smilie) 830 { 831 $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']); 832 $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image'])); 833 $smilie['name'] = htmlspecialchars_uni($smilie['name']); 834 835 $smilie['find'] = nl2br(htmlspecialchars_uni($smilie['find'])); 836 eval('$smilie_image = "'.$templates->get('smilie').'";'); 837 eval("\$smilies .= \"".$templates->get("misc_smilies_smilie")."\";"); 838 $class = alt_trow(); 839 } 840 } 841 842 if(!$smilies) 843 { 844 eval("\$smilies = \"".$templates->get("misc_smilies_no_smilies")."\";"); 845 } 846 847 eval("\$smiliespage = \"".$templates->get("misc_smilies")."\";"); 848 output_page($smiliespage); 849 } 850 } 851 852 elseif($mybb->input['action'] == "syndication") 853 { 854 $plugins->run_hooks("misc_syndication_start"); 855 856 $fid = $mybb->get_input('fid', MyBB::INPUT_INT); 857 $version = $mybb->get_input('version'); 858 $forums = $mybb->get_input('forums', MyBB::INPUT_ARRAY); 859 $limit = $mybb->get_input('limit', MyBB::INPUT_INT); 860 $url = $mybb->settings['bburl']."/syndication.php"; 861 $syndicate = $urlquery = array(); 862 863 add_breadcrumb($lang->nav_syndication); 864 $unviewable = get_unviewable_forums(); 865 $inactiveforums = get_inactive_forums(); 866 $unexp = explode(',', $unviewable . ',' . $inactiveforums); 867 868 if(is_array($forums) && !in_array('all', $forums)) 869 { 870 foreach($forums as $fid) 871 { 872 if(ctype_digit($fid) && !in_array($fid, $unexp)) 873 { 874 $syndicate[] = $fid; 875 $flist[$fid] = true; 876 } 877 } 878 879 if(!empty($syndicate)) 880 { 881 $urlquery[] = "fid=". implode(",", $syndicate); 882 } 883 } 884 885 // If there is no version in the input, check the default (RSS2.0). 886 $json1check = $atom1check = $rss2check = ""; 887 if($version == "json") 888 { 889 $json1check = "checked=\"checked\""; 890 $urlquery[] = "type=".$version; 891 } 892 elseif($version == "atom1.0") 893 { 894 $atom1check = "checked=\"checked\""; 895 $urlquery[] = "type=".$version; 896 } 897 else 898 { 899 $rss2check = "checked=\"checked\""; 900 } 901 // Evaluate, reset and set limit (Drive through settings?) 902 $limit = empty($limit) ? 15 : (($limit > 50) ? 50 : $limit); 903 $urlquery[] = "limit=" . $limit; 904 905 // Generate feed url 906 if(!empty($urlquery)){ 907 $url .= "?" . implode('&', $urlquery); 908 } 909 eval("\$feedurl = \"".$templates->get("misc_syndication_feedurl")."\";"); 910 911 unset($GLOBALS['forumcache']); 912 913 $forumselect = makesyndicateforums(); 914 915 $plugins->run_hooks("misc_syndication_end"); 916 917 eval("\$syndication = \"".$templates->get("misc_syndication")."\";"); 918 output_page($syndication); 919 } 920 elseif($mybb->input['action'] == "clearcookies") 921 { 922 verify_post_check($mybb->get_input('my_post_key')); 923 924 $plugins->run_hooks("misc_clearcookies"); 925 926 $remove_cookies = array('mybbuser', 'mybb[announcements]', 'mybb[lastvisit]', 'mybb[lastactive]', 'collapsed', 'mybb[forumread]', 'mybb[threadsread]', 'mybbadmin', 927 'mybblang', 'mybbtheme', 'multiquote', 'mybb[readallforums]', 'coppauser', 'coppadob', 'mybb[referrer]'); 928 929 foreach($remove_cookies as $name) 930 { 931 my_unsetcookie($name); 932 } 933 redirect("index.php", $lang->redirect_cookiescleared); 934 } 935 936 /** 937 * Build a list of forums for RSS multiselect. 938 * 939 * @param int $pid Parent forum ID. 940 * @param string $selitem deprecated 941 * @param boolean $addselect Whether to add selected attribute or not. 942 * @param string $depth HTML for the depth of the forum. 943 * @return string HTML of the list of forums for CSS. 944 */ 945 function makesyndicateforums($pid=0, $selitem="", $addselect=true, $depth="") 946 { 947 global $db, $forumcache, $permissioncache, $mybb, $forumlist, $forumlistbits, $flist, $lang, $unexp, $templates; 948 949 $pid = (int)$pid; 950 $forumlist = ''; 951 952 if(!is_array($forumcache)) 953 { 954 // Get Forums 955 $query = $db->simple_select("forums", "*", "linkto = '' AND active!=0", array('order_by' => 'pid, disporder')); 956 while($forum = $db->fetch_array($query)) 957 { 958 $forumcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum; 959 } 960 } 961 962 if(!is_array($permissioncache)) 963 { 964 $permissioncache = forum_permissions(); 965 } 966 967 if(is_array($forumcache[$pid])) 968 { 969 foreach($forumcache[$pid] as $key => $main) 970 { 971 foreach($main as $key => $forum) 972 { 973 $perms = $permissioncache[$forum['fid']]; 974 if($perms['canview'] == 1 || $mybb->settings['hideprivateforums'] == 0) 975 { 976 $optionselected = ''; 977 if(isset($flist[$forum['fid']])) 978 { 979 $optionselected = 'selected="selected"'; 980 } 981 982 if($forum['password'] == '' && !in_array($forum['fid'], $unexp) || $forum['password'] && isset($mybb->cookies['forumpass'][$forum['fid']]) && my_hash_equals($mybb->cookies['forumpass'][$forum['fid']], md5($mybb->user['uid'].$forum['password']))) 983 { 984 eval("\$forumlistbits .= \"".$templates->get("misc_syndication_forumlist_forum")."\";"); 985 } 986 987 if(!empty($forumcache[$forum['fid']])) 988 { 989 $newdepth = $depth." "; 990 $forumlistbits .= makesyndicateforums($forum['fid'], '', 0, $newdepth); 991 } 992 } 993 else 994 { 995 if(isset($flist[$forum['fid']])) 996 { 997 unset($flist[$forum['fid']]); 998 } 999 } 1000 } 1001 } 1002 } 1003 1004 if($addselect) 1005 { 1006 $addsel = empty($flist) ? ' selected="selected"' : ''; 1007 eval("\$forumlist = \"".$templates->get("misc_syndication_forumlist")."\";"); 1008 } 1009 1010 return $forumlist; 1011 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |