[ Index ]

PHP Cross Reference of MyBB 1.8.15

title

Body

[close]

/ -> misc.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define("IGNORE_CLEAN_VARS", "sid");
  13  define('THIS_SCRIPT', 'misc.php');
  14  
  15  $templatelist = "misc_rules_forum,misc_help_helpdoc,misc_whoposted_poster,misc_whoposted,misc_smilies_popup_smilie,misc_smilies_popup,misc_smilies_popup_empty,misc_smilies_popup_row,multipage_start";
  16  $templatelist .= ",misc_buddypopup,misc_buddypopup_user,misc_buddypopup_user_none,misc_buddypopup_user_online,misc_buddypopup_user_offline,misc_buddypopup_user_sendpm,misc_syndication_forumlist";
  17  $templatelist .= ",misc_smilies,misc_smilies_smilie,misc_help_section_bit,misc_help_section,misc_help,forumdisplay_password_wrongpass,forumdisplay_password,misc_helpresults,misc_helpresults_bit";
  18  $templatelist .= ",multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,misc_imcenter_error";
  19  $templatelist .= ",misc_smilies_popup_no_smilies,misc_smilies_no_smilies,misc_syndication,misc_help_search,misc_helpresults_noresults,misc_syndication_forumlist_forum,misc_syndication_feedurl,misc_whoposted_page";
  20  
  21  require_once  "./global.php";
  22  require_once  MYBB_ROOT."inc/functions_post.php";
  23  
  24  // Load global language phrases
  25  $lang->load("misc");
  26  
  27  $plugins->run_hooks("misc_start");
  28  
  29  $mybb->input['action'] = $mybb->get_input('action');
  30  if($mybb->input['action'] == "dstswitch" && $mybb->request_method == "post" && $mybb->user['uid'] > 0)
  31  {
  32      if($mybb->user['dstcorrection'] == 2)
  33      {
  34          if($mybb->user['dst'] == 1)
  35          {
  36              $update_array = array("dst" => 0);
  37          }
  38          else
  39          {
  40              $update_array = array("dst" => 1);
  41          }
  42      }
  43      $db->update_query("users", $update_array, "uid='{$mybb->user['uid']}'");
  44      if(!isset($mybb->input['ajax']))
  45      {
  46          redirect("index.php", $lang->dst_settings_updated);
  47      }
  48      else
  49      {
  50          echo "done";
  51          exit;
  52      }
  53  }
  54  elseif($mybb->input['action'] == "markread")
  55  {
  56      if($mybb->user['uid'] && verify_post_check($mybb->get_input('my_post_key'), true) !== true)
  57      {
  58          // Protect our user's unread forums from CSRF
  59          error($lang->invalid_post_code);
  60      }
  61  
  62      if(isset($mybb->input['fid']))
  63      {
  64          $validforum = get_forum($mybb->input['fid']);
  65          if(!$validforum)
  66          {
  67              if(!isset($mybb->input['ajax']))
  68              {
  69                  error($lang->error_invalidforum);
  70              }
  71              else
  72              {
  73                  echo 0;
  74                  exit;
  75              }
  76          }
  77  
  78          require_once  MYBB_ROOT."/inc/functions_indicators.php";
  79          mark_forum_read($mybb->input['fid']);
  80  
  81          $plugins->run_hooks("misc_markread_forum");
  82  
  83          if(!isset($mybb->input['ajax']))
  84          {
  85              redirect(get_forum_link($mybb->input['fid']), $lang->redirect_markforumread);
  86          }
  87          else
  88          {
  89              echo 1;
  90              exit;
  91          }
  92      }
  93      else
  94      {
  95  
  96          $plugins->run_hooks("misc_markread_end");
  97          require_once  MYBB_ROOT."/inc/functions_indicators.php";
  98          mark_all_forums_read();
  99          redirect("index.php", $lang->redirect_markforumsread);
 100      }
 101  }
 102  elseif($mybb->input['action'] == "clearpass")
 103  {
 104      $plugins->run_hooks("misc_clearpass");
 105  
 106      if(isset($mybb->input['fid']))
 107      {
 108          if(!verify_post_check($mybb->get_input('my_post_key')))
 109          {
 110              error($lang->invalid_post_code);
 111          }
 112  
 113          my_unsetcookie("forumpass[".$mybb->get_input('fid', MyBB::INPUT_INT)."]");
 114          redirect("index.php", $lang->redirect_forumpasscleared);
 115      }
 116  }
 117  elseif($mybb->input['action'] == "rules")
 118  {
 119      if(isset($mybb->input['fid']))
 120      {
 121          $plugins->run_hooks("misc_rules_start");
 122  
 123          $fid = $mybb->input['fid'];
 124  
 125          $forum = get_forum($fid);
 126          if(!$forum || $forum['type'] != "f" || $forum['rules'] == '')
 127          {
 128              error($lang->error_invalidforum);
 129          }
 130  
 131          $forumpermissions = forum_permissions($forum['fid']);
 132          if($forumpermissions['canview'] != 1)
 133          {
 134              error_no_permission();
 135          }
 136  
 137          if(!$forum['rulestitle'])
 138          {
 139              $forum['rulestitle'] = $lang->sprintf($lang->forum_rules, $forum['name']);
 140          }
 141  
 142          require_once  MYBB_ROOT."inc/class_parser.php";
 143          $parser = new postParser();
 144          $parser_options = array(
 145              "allow_html" => 1,
 146              "allow_mycode" => 1,
 147              "allow_smilies" => 1,
 148              "allow_imgcode" => 1,
 149              "filter_badwords" => 1
 150          );
 151  
 152          $forum['rules'] = $parser->parse_message($forum['rules'], $parser_options);
 153  
 154          // Make navigation
 155          build_forum_breadcrumb($mybb->input['fid']);
 156          add_breadcrumb($forum['rulestitle']);
 157  
 158          $plugins->run_hooks("misc_rules_end");
 159  
 160          eval("\$rules = \"".$templates->get("misc_rules_forum")."\";");
 161          output_page($rules);
 162      }
 163  
 164  }
 165  elseif($mybb->input['action'] == "do_helpsearch" && $mybb->request_method == "post")
 166  {
 167      $plugins->run_hooks("misc_do_helpsearch_start");
 168  
 169      if($mybb->settings['helpsearch'] != 1)
 170      {
 171          error($lang->error_helpsearchdisabled);
 172      }
 173  
 174      // Check if search flood checking is enabled and user is not admin
 175      if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1)
 176      {
 177          // Fetch the time this user last searched
 178          $timecut = TIME_NOW-$mybb->settings['searchfloodtime'];
 179          $query = $db->simple_select("searchlog", "*", "uid='{$mybb->user['uid']}' AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC"));
 180          $last_search = $db->fetch_array($query);
 181          // Users last search was within the flood time, show the error
 182          if($last_search['sid'])
 183          {
 184              $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']);
 185              if($remaining_time == 1)
 186              {
 187                  $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']);
 188              }
 189              else
 190              {
 191                  $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time);
 192              }
 193              error($lang->error_searchflooding);
 194          }
 195      }
 196  
 197      if($mybb->get_input('name', MyBB::INPUT_INT) != 1 && $mybb->get_input('document', MyBB::INPUT_INT) != 1)
 198      {
 199          error($lang->error_nosearchresults);
 200      }
 201  
 202      if($mybb->get_input('document', MyBB::INPUT_INT) == 1)
 203      {
 204          $resulttype = "helpdoc";
 205      }
 206      else
 207      {
 208          $resulttype = "helpname";
 209      }
 210  
 211      $search_data = array(
 212          "keywords" => $mybb->get_input('keywords'),
 213          "name" => $mybb->get_input('name', MyBB::INPUT_INT),
 214          "document" => $mybb->get_input('document', MyBB::INPUT_INT),
 215      );
 216  
 217      if($db->can_search == true)
 218      {
 219          require_once  MYBB_ROOT."inc/functions_search.php";
 220  
 221          $search_results = helpdocument_perform_search_mysql($search_data);
 222      }
 223      else
 224      {
 225          error($lang->error_no_search_support);
 226      }
 227      $sid = md5(uniqid(microtime(), true));
 228      $searcharray = array(
 229          "sid" => $db->escape_string($sid),
 230          "uid" => $mybb->user['uid'],
 231          "dateline" => TIME_NOW,
 232          "ipaddress" => $db->escape_binary($session->packedip),
 233          "threads" => '',
 234          "posts" => '',
 235          "resulttype" => $resulttype,
 236          "querycache" => $search_results['querycache'],
 237          "keywords" => $db->escape_string($mybb->get_input('keywords')),
 238      );
 239      $plugins->run_hooks("misc_do_helpsearch_process");
 240  
 241      $db->insert_query("searchlog", $searcharray);
 242  
 243      $plugins->run_hooks("misc_do_helpsearch_end");
 244      redirect("misc.php?action=helpresults&sid={$sid}", $lang->redirect_searchresults);
 245  }
 246  elseif($mybb->input['action'] == "helpresults")
 247  {
 248      if($mybb->settings['helpsearch'] != 1)
 249      {
 250          error($lang->error_helpsearchdisabled);
 251      }
 252  
 253      $sid = $mybb->get_input('sid');
 254      $query = $db->simple_select("searchlog", "*", "sid='".$db->escape_string($sid)."' AND uid='{$mybb->user['uid']}'");
 255      $search = $db->fetch_array($query);
 256  
 257      if(!$search)
 258      {
 259          error($lang->error_invalidsearch);
 260      }
 261  
 262      $plugins->run_hooks("misc_helpresults_start");
 263  
 264      add_breadcrumb($lang->nav_helpdocs, "misc.php?action=help");
 265      add_breadcrumb($lang->search_results, "misc.php?action=helpresults&sid={$sid}");
 266  
 267      if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
 268      {
 269          $mybb->settings['threadsperpage'] = 20;
 270      }
 271  
 272      // Work out pagination, which page we're at, as well as the limits.
 273      $perpage = $mybb->settings['threadsperpage'];
 274      $page = $mybb->get_input('page', MyBB::INPUT_INT);
 275      if($page > 0)
 276      {
 277          $start = ($page-1) * $perpage;
 278      }
 279      else
 280      {
 281          $start = 0;
 282          $page = 1;
 283      }
 284      $end = $start + $perpage;
 285      $lower = $start+1;
 286      $upper = $end;
 287  
 288      // Work out if we have terms to highlight
 289      $highlight = "";
 290      if($search['keywords'])
 291      {
 292          $highlight = "&amp;highlight=".urlencode($search['keywords']);
 293      }
 294  
 295      // Do Multi Pages
 296      $query = $db->simple_select("helpdocs", "COUNT(*) AS total", "hid IN(".$db->escape_string($search['querycache']).")");
 297      $helpcount = $db->fetch_array($query);
 298  
 299      if($upper > $helpcount)
 300      {
 301          $upper = $helpcount;
 302      }
 303      $multipage = multipage($helpcount['total'], $perpage, $page, "misc.php?action=helpresults&amp;sid='".htmlspecialchars_uni($mybb->get_input('sid'))."'");
 304      $helpdoclist = '';
 305  
 306      require_once  MYBB_ROOT."inc/class_parser.php";
 307      $parser = new postParser();
 308  
 309      $query = $db->query("
 310          SELECT h.*, s.enabled
 311          FROM ".TABLE_PREFIX."helpdocs h
 312          LEFT JOIN ".TABLE_PREFIX."helpsections s ON (s.sid=h.sid)
 313          WHERE h.hid IN(".$db->escape_string($search['querycache']).") AND h.enabled='1' AND s.enabled='1'
 314          LIMIT {$start}, {$perpage}
 315      ");
 316      while($helpdoc = $db->fetch_array($query))
 317      {
 318          $bgcolor = alt_trow();
 319  
 320          if(my_strlen($helpdoc['name']) > 50)
 321          {
 322              $helpdoc['name'] = htmlspecialchars_uni(my_substr($helpdoc['name'], 0, 50)."...");
 323          }
 324          else
 325          {
 326              $helpdoc['name'] = htmlspecialchars_uni($helpdoc['name']);
 327          }
 328  
 329          $parser_options = array(
 330              'allow_html' => 1,
 331              'allow_mycode' => 0,
 332              'allow_smilies' => 0,
 333              'allow_imgcode' => 0,
 334              'filter_badwords' => 1
 335          );
 336          $helpdoc['helpdoc'] = my_strip_tags($parser->parse_message($helpdoc['document'], $parser_options));
 337  
 338          if(my_strlen($helpdoc['helpdoc']) > 350)
 339          {
 340              $prev = my_substr($helpdoc['helpdoc'], 0, 350)."...";
 341          }
 342          else
 343          {
 344              $prev = $helpdoc['helpdoc'];
 345          }
 346  
 347          $plugins->run_hooks("misc_helpresults_bit");
 348  
 349          eval("\$helpdoclist .= \"".$templates->get("misc_helpresults_bit")."\";");
 350      }
 351  
 352      if($db->num_rows($query) == 0)
 353      {
 354          eval("\$helpdoclist = \"".$templates->get("misc_helpresults_noresults")."\";");
 355      }
 356  
 357      $plugins->run_hooks("misc_helpresults_end");
 358  
 359      eval("\$helpresults = \"".$templates->get("misc_helpresults")."\";");
 360      output_page($helpresults);
 361  }
 362  elseif($mybb->input['action'] == "help")
 363  {
 364      $lang->load("helpdocs");
 365      $lang->load("helpsections");
 366      $lang->load("customhelpdocs");
 367      $lang->load("customhelpsections");
 368  
 369      $hid = $mybb->get_input('hid', MyBB::INPUT_INT);
 370      add_breadcrumb($lang->nav_helpdocs, "misc.php?action=help");
 371  
 372      if($hid)
 373      {
 374          $query = $db->query("
 375              SELECT h.*, s.enabled AS section
 376              FROM ".TABLE_PREFIX."helpdocs h
 377              LEFT JOIN ".TABLE_PREFIX."helpsections s ON (s.sid=h.sid)
 378              WHERE h.hid='{$hid}'
 379          ");
 380  
 381          $helpdoc = $db->fetch_array($query);
 382          if($helpdoc['section'] != 0 && $helpdoc['enabled'] != 0)
 383          {
 384              $plugins->run_hooks("misc_help_helpdoc_start");
 385  
 386              // If we have incoming search terms to highlight - get it done (only if not using translation).
 387              if(!empty($mybb->input['highlight']) && $helpdoc['usetranslation'] != 1)
 388              {
 389                  require_once  MYBB_ROOT."inc/class_parser.php";
 390                  $parser = new postParser();
 391  
 392                  $highlight = $mybb->input['highlight'];
 393                  $helpdoc['name'] = $parser->highlight_message($helpdoc['name'], $highlight);
 394                  $helpdoc['document'] = $parser->highlight_message($helpdoc['document'], $highlight);
 395              }
 396  
 397              if($helpdoc['usetranslation'] == 1)
 398              {
 399                  $langnamevar = "d".$helpdoc['hid']."_name";
 400                  $langdescvar = "d".$helpdoc['hid']."_desc";
 401                  $langdocvar = "d".$helpdoc['hid']."_document";
 402                  if($lang->$langnamevar)
 403                  {
 404                      $helpdoc['name'] = $lang->$langnamevar;
 405                  }
 406                  if($lang->$langdescvar)
 407                  {
 408                      $helpdoc['description'] = $lang->$langdescvar;
 409                  }
 410                  if($lang->$langdocvar)
 411                  {
 412                      $helpdoc['document'] = $lang->$langdocvar;
 413                  }
 414              }
 415  
 416              if($helpdoc['hid'] == 3)
 417              {
 418                  $helpdoc['document'] = $lang->sprintf($helpdoc['document'], $mybb->post_code);
 419              }
 420  
 421              add_breadcrumb($helpdoc['name']);
 422  
 423              $plugins->run_hooks("misc_help_helpdoc_end");
 424  
 425              eval("\$helppage = \"".$templates->get("misc_help_helpdoc")."\";");
 426              output_page($helppage);
 427          }
 428          else
 429          {
 430              error($lang->error_invalidhelpdoc);
 431          }
 432      }
 433      else
 434      {
 435          $plugins->run_hooks("misc_help_section_start");
 436  
 437          $query = $db->simple_select("helpdocs", "*", "", array('order_by' => 'sid, disporder'));
 438          while($helpdoc = $db->fetch_array($query))
 439          {
 440              $helpdocs[$helpdoc['sid']][$helpdoc['disporder']][$helpdoc['hid']] = $helpdoc;
 441          }
 442          unset($helpdoc);
 443          $sections = '';
 444          $query = $db->simple_select("helpsections", "*", "enabled != 0", array('order_by' => 'disporder'));
 445          while($section = $db->fetch_array($query))
 446          {
 447              if($section['usetranslation'] == 1)
 448              {
 449                  $langnamevar = "s".$section['sid']."_name";
 450                  $langdescvar = "s".$section['sid']."_desc";
 451                  if($lang->$langnamevar)
 452                  {
 453                      $section['name'] = $lang->$langnamevar;
 454                  }
 455                  if($lang->$langdescvar)
 456                  {
 457                      $section['description'] = $lang->$langdescvar;
 458                  }
 459              }
 460              if(is_array($helpdocs[$section['sid']]))
 461              {
 462                  $helpbits = '';
 463                  foreach($helpdocs[$section['sid']] as $key => $bit)
 464                  {
 465                      foreach($bit as $key => $helpdoc)
 466                      {
 467                          if($helpdoc['enabled'] != 0)
 468                          {
 469                              if($helpdoc['usetranslation'] == 1)
 470                              {
 471                                  $langnamevar = "d".$helpdoc['hid'].'_name';
 472                                  $langdescvar = "d".$helpdoc['hid'].'_desc';
 473                                  if($lang->$langnamevar)
 474                                  {
 475                                      $helpdoc['name'] = $lang->$langnamevar;
 476                                  }
 477                                  if($lang->$langdescvar)
 478                                  {
 479                                      $helpdoc['description'] = $lang->$langdescvar;
 480                                  }
 481                              }
 482                              $altbg = alt_trow();
 483                              eval("\$helpbits .= \"".$templates->get("misc_help_section_bit")."\";");
 484                          }
 485                      }
 486                      $expdisplay = '';
 487                      $sname = "sid_".$section['sid']."_c";
 488                      if(isset($collapsed[$sname]) && $collapsed[$sname] == "display: show;")
 489                      {
 490                          $expcolimage = "collapse_collapsed.png";
 491                          $expdisplay = "display: none;";
 492                          $expthead = " thead_collapsed";
 493                      }
 494                      else
 495                      {
 496                          $expcolimage = "collapse.png";
 497                          $expthead = "";
 498                      }
 499                  }
 500                  eval("\$sections .= \"".$templates->get("misc_help_section")."\";");
 501              }
 502          }
 503  
 504          if($mybb->settings['helpsearch'] == 1)
 505          {
 506              eval("\$search = \"".$templates->get("misc_help_search")."\";");
 507          }
 508  
 509          $plugins->run_hooks("misc_help_section_end");
 510  
 511          eval("\$help = \"".$templates->get("misc_help")."\";");
 512          output_page($help);
 513      }
 514  }
 515  elseif($mybb->input['action'] == "buddypopup")
 516  {
 517      $plugins->run_hooks("misc_buddypopup_start");
 518  
 519      if($mybb->user['uid'] == 0)
 520      {
 521          error_no_permission();
 522      }
 523  
 524      if(isset($mybb->input['removebuddy']) && verify_post_check($mybb->input['my_post_key']))
 525      {
 526          $buddies = $mybb->user['buddylist'];
 527          $namesarray = explode(",", $buddies);
 528          $mybb->input['removebuddy'] = $mybb->get_input('removebuddy', MyBB::INPUT_INT);
 529          if(is_array($namesarray))
 530          {
 531              foreach($namesarray as $key => $buddyid)
 532              {
 533                  if($buddyid == $mybb->input['removebuddy'])
 534                  {
 535                      unset($namesarray[$key]);
 536                  }
 537              }
 538              $buddylist = implode(',', $namesarray);
 539              $db->update_query("users", array('buddylist' => $buddylist), "uid='".$mybb->user['uid']."'");
 540              $mybb->user['buddylist'] = $buddylist;
 541          }
 542      }
 543  
 544      // Load Buddies
 545      $buddies = '';
 546      if($mybb->user['buddylist'] != "")
 547      {
 548          $buddys = array('online' => '', 'offline' => '');
 549          $timecut = TIME_NOW - $mybb->settings['wolcutoff'];
 550  
 551          $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array('order_by' => 'lastactive'));
 552  
 553          while($buddy = $db->fetch_array($query))
 554          {
 555              $buddy['username'] = htmlspecialchars_uni($buddy['username']);
 556              $buddy_name = format_name($buddy['username'], $buddy['usergroup'], $buddy['displaygroup']);
 557              $profile_link = build_profile_link($buddy_name, $buddy['uid'], '_blank', 'if(window.opener) { window.opener.location = this.href; return false; }');
 558  
 559              $send_pm = '';
 560              if($mybb->user['receivepms'] != 0 && $buddy['receivepms'] != 0 && $groupscache[$buddy['usergroup']]['canusepms'] != 0)
 561              {
 562                  eval("\$send_pm = \"".$templates->get("misc_buddypopup_user_sendpm")."\";");
 563              }
 564  
 565              if($buddy['lastactive'])
 566              {
 567                  $last_active = $lang->sprintf($lang->last_active, my_date('relative', $buddy['lastactive']));
 568              }
 569              else
 570              {
 571                  $last_active = $lang->sprintf($lang->last_active, $lang->never);
 572              }
 573  
 574              $buddy['avatar'] = format_avatar($buddy['avatar'], $buddy['avatardimensions'], '44x44');
 575  
 576              if($buddy['lastactive'] > $timecut && ($buddy['invisible'] == 0 || $mybb->user['usergroup'] == 4) && $buddy['lastvisit'] != $buddy['lastactive'])
 577              {
 578                  $bonline_alt = alt_trow();
 579                  eval("\$buddys['online'] .= \"".$templates->get("misc_buddypopup_user_online")."\";");
 580              }
 581              else
 582              {
 583                  $boffline_alt = alt_trow();
 584                  eval("\$buddys['offline'] .= \"".$templates->get("misc_buddypopup_user_offline")."\";");
 585              }
 586          }
 587  
 588          $colspan = ' colspan="2"';
 589          if(empty($buddys['online']))
 590          {
 591              $error = $lang->online_none;
 592              eval("\$buddys['online'] = \"".$templates->get("misc_buddypopup_user_none")."\";");
 593          }
 594  
 595          if(empty($buddys['offline']))
 596          {
 597              $error = $lang->offline_none;
 598              eval("\$buddys['offline'] = \"".$templates->get("misc_buddypopup_user_none")."\";");
 599          }
 600  
 601          eval("\$buddies = \"".$templates->get("misc_buddypopup_user")."\";");
 602      }
 603      else
 604      {
 605          // No buddies? :(
 606          $colspan = '';
 607          $error = $lang->no_buddies;
 608          eval("\$buddies = \"".$templates->get("misc_buddypopup_user_none")."\";");
 609      }
 610  
 611      $plugins->run_hooks("misc_buddypopup_end");
 612  
 613      eval("\$buddylist = \"".$templates->get("misc_buddypopup", 1, 0)."\";");
 614      echo $buddylist;
 615      exit;
 616  }
 617  elseif($mybb->input['action'] == "whoposted")
 618  {
 619      $numposts = 0;
 620      $altbg = alt_trow();
 621      $whoposted = '';
 622      $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
 623      $thread = get_thread($tid);
 624      $modal = $mybb->get_input('modal', MyBB::INPUT_INT);
 625  
 626      // Make sure we are looking at a real thread here.
 627      if(!$thread)
 628      {
 629          error($lang->error_invalidthread);
 630      }
 631  
 632      // Make sure we are looking at a real thread here.
 633      if(($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted")) || ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || $thread['visible'] > 1)
 634      {
 635          error($lang->error_invalidthread);
 636      }
 637  
 638      if(is_moderator($thread['fid'], "canviewdeleted") || is_moderator($thread['fid'], "canviewunapprove"))
 639      {
 640          if(is_moderator($thread['fid'], "canviewunapprove") && !is_moderator($thread['fid'], "canviewdeleted"))
 641          {
 642              $show_posts = "p.visible IN (0,1)";
 643          }
 644          elseif(is_moderator($thread['fid'], "canviewdeleted") && !is_moderator($thread['fid'], "canviewunapprove"))
 645          {
 646              $show_posts = "p.visible IN (-1,1)";
 647          }
 648          else
 649          {
 650              $show_posts = "p.visible IN (-1,0,1)";
 651          }
 652      }
 653      else
 654      {
 655          $show_posts = "p.visible = 1";
 656      }
 657  
 658      // Does the thread belong to a valid forum?
 659      $forum = get_forum($thread['fid']);
 660      if(!$forum || $forum['type'] != "f")
 661      {
 662          error($lang->error_invalidforum);
 663      }
 664  
 665      // Does the user have permission to view this thread?
 666      $forumpermissions = forum_permissions($forum['fid']);
 667  
 668      if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
 669      {
 670          error_no_permission();
 671      }
 672  
 673      // Check if this forum is password protected and we have a valid password
 674      check_forum_password($forum['fid']);
 675  
 676      if($mybb->get_input('sort') != 'username')
 677      {
 678          $sortsql = ' ORDER BY posts DESC';
 679      }
 680      else
 681      {
 682          $sortsql = ' ORDER BY p.username ASC';
 683      }
 684      $whoposted = '';
 685      $query = $db->query("
 686          SELECT COUNT(p.pid) AS posts, p.username AS postusername, u.uid, u.username, u.usergroup, u.displaygroup
 687          FROM ".TABLE_PREFIX."posts p
 688          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
 689          WHERE tid='".$tid."' AND $show_posts
 690          GROUP BY u.uid, p.username, u.uid, u.username, u.usergroup, u.displaygroup
 691          ".$sortsql."
 692      ");
 693      while($poster = $db->fetch_array($query))
 694      {
 695          if($poster['username'] == '')
 696          {
 697              $poster['username'] = $poster['postusername'];
 698          }
 699          $poster['username'] = htmlspecialchars_uni($poster['username']);
 700          $poster['postusername'] = htmlspecialchars_uni($poster['postusername']);
 701          $poster_name = format_name($poster['username'], $poster['usergroup'], $poster['displaygroup']);
 702          if($modal)
 703          {
 704              $onclick = '';
 705              if($poster['uid'])
 706              {
 707                  $onclick = "opener.location.href='".get_profile_link($poster['uid'])."'; return false;";
 708              }
 709              $profile_link = build_profile_link($poster_name, $poster['uid'], '_blank', $onclick);
 710          }
 711          else
 712          {
 713              $profile_link = build_profile_link($poster_name, $poster['uid']);
 714          }
 715          $numposts += $poster['posts'];
 716          eval("\$whoposted .= \"".$templates->get("misc_whoposted_poster")."\";");
 717          $altbg = alt_trow();
 718      }
 719      $numposts = my_number_format($numposts);
 720      $poster['posts'] = my_number_format($poster['posts']);
 721      if($modal)
 722      {
 723          eval("\$whop = \"".$templates->get("misc_whoposted", 1, 0)."\";");
 724          echo $whop;
 725          exit;
 726      }
 727      else
 728      {
 729          require_once  MYBB_ROOT."inc/class_parser.php";
 730          $parser = new postParser;
 731  
 732          // Get thread prefix
 733          $breadcrumbprefix = '';
 734          $threadprefix = array('prefix' => '');
 735          if($thread['prefix'])
 736          {
 737              $threadprefix = build_prefixes($thread['prefix']);
 738              if(!empty($threadprefix['displaystyle']))
 739              {
 740                  $breadcrumbprefix = $threadprefix['displaystyle'].'&nbsp;';
 741              }
 742          }
 743  
 744          $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
 745  
 746          // Build the navigation.
 747          build_forum_breadcrumb($forum['fid']);
 748          add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid']));
 749          add_breadcrumb($lang->who_posted);
 750  
 751          eval("\$whoposted = \"".$templates->get("misc_whoposted_page")."\";");
 752          output_page($whoposted);
 753      }
 754  }
 755  elseif($mybb->input['action'] == "smilies")
 756  {
 757      $smilies = '';
 758      if(!empty($mybb->input['popup']) && !empty($mybb->input['editor']))
 759      { // make small popup list of smilies
 760          $editor = preg_replace('#([^a-zA-Z0-9_-]+)#', '', $mybb->get_input('editor'));
 761          $e = 1;
 762          $smile_icons = '';
 763          $class = alt_trow(1);
 764          $smilies_cache = $cache->read("smilies");
 765  
 766          if(is_array($smilies_cache))
 767          {
 768              $extra_class = ' smilie_pointer';
 769              foreach($smilies_cache as $smilie)
 770              {
 771                  $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']);
 772                  $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image']));
 773                  $smilie['name'] = htmlspecialchars_uni($smilie['name']);
 774  
 775                  // Only show the first text to replace in the box
 776                  $temp = explode("\n", $smilie['find']); // use temporary variable for php 5.3 compatibility
 777                  $smilie['find'] = $temp[0];
 778  
 779                  $smilie['find'] = htmlspecialchars_uni($smilie['find']);
 780                  $smilie_insert = str_replace(array('\\', "'"), array('\\\\', "\'"), $smilie['find']);
 781  
 782                  $onclick = " onclick=\"MyBBEditor.insertText(' $smilie_insert ');\"";
 783                  eval('$smilie_image = "'.$templates->get('smilie', 1, 0).'";');
 784                  eval("\$smile_icons .= \"".$templates->get("misc_smilies_popup_smilie")."\";");
 785                  if($e == 2)
 786                  {
 787                      eval("\$smilies .= \"".$templates->get("misc_smilies_popup_row")."\";");
 788                      $smile_icons = '';
 789                      $e = 1;
 790                      $class = alt_trow();
 791                  }
 792                  else
 793                  {
 794                      $e = 2;
 795                  }
 796              }
 797          }
 798  
 799          if($e == 2)
 800          {
 801              eval("\$smilies .= \"".$templates->get("misc_smilies_popup_empty")."\";");
 802          }
 803  
 804          if(!$smilies)
 805          {
 806              eval("\$smilies = \"".$templates->get("misc_smilies_popup_no_smilies")."\";");
 807          }
 808  
 809          eval("\$smiliespage = \"".$templates->get("misc_smilies_popup", 1, 0)."\";");
 810          output_page($smiliespage);
 811      }
 812      else
 813      {
 814          add_breadcrumb($lang->nav_smilies);
 815          $class = "trow1";
 816          $smilies_cache = $cache->read("smilies");
 817  
 818          if(is_array($smilies_cache))
 819          {
 820              $extra_class = $onclick = '';
 821              foreach($smilies_cache as $smilie)
 822              {
 823                  $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']);
 824                  $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image']));
 825                  $smilie['name'] = htmlspecialchars_uni($smilie['name']);
 826  
 827                  $smilie['find'] = nl2br(htmlspecialchars_uni($smilie['find']));
 828                  eval('$smilie_image = "'.$templates->get('smilie').'";');
 829                  eval("\$smilies .= \"".$templates->get("misc_smilies_smilie")."\";");
 830                  $class = alt_trow();
 831              }
 832          }
 833  
 834          if(!$smilies)
 835          {
 836              eval("\$smilies = \"".$templates->get("misc_smilies_no_smilies")."\";");
 837          }
 838  
 839          eval("\$smiliespage = \"".$templates->get("misc_smilies")."\";");
 840          output_page($smiliespage);
 841      }
 842  }
 843  elseif($mybb->input['action'] == "imcenter")
 844  {
 845      $mybb->input['imtype'] = $mybb->get_input('imtype');
 846      if($mybb->input['imtype'] != "aim" && $mybb->input['imtype'] != "skype" && $mybb->input['imtype'] != "yahoo")
 847      {
 848          $message = $lang->error_invalidimtype;
 849          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 850          echo $error;
 851          exit;
 852      }
 853  
 854      $uid = $mybb->get_input('uid', MyBB::INPUT_INT);
 855      $user = get_user($uid);
 856  
 857      if(!$user)
 858      {
 859          $message = $lang->error_invaliduser;
 860          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 861          echo $error;
 862          exit;
 863      }
 864  
 865      if(empty($user[$mybb->input['imtype']]))
 866      {
 867          $message = $lang->error_invalidimtype;
 868          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 869          echo $error;
 870          exit;
 871      }
 872  
 873      $settingkey = 'allow'.$mybb->input['imtype'].'field';
 874      if(!is_member($mybb->settings[$settingkey], $user))
 875      {
 876          $message = $lang->error_nopermission_user_ajax;
 877          eval("\$error = \"".$templates->get("misc_imcenter_error", 1, 0)."\";");
 878          echo $error;
 879          exit;
 880      }
 881  
 882      // Build IM navigation bar
 883      $navigationbar = $navsep = $imtype = $imtype_lang = '';
 884      if(!empty($user['aim']) && is_member($mybb->settings['allowaimfield'], array('usergroup' => $user['usergroup'], 'additionalgroups' => $user['additionalgroups'])))
 885      {
 886          $imtype = "aim";
 887          $imtype_lang = $lang->aol_im;
 888          eval("\$navigationbar .= \"".$templates->get("misc_imcenter_nav")."\";");
 889          $navsep = ' - ';
 890      }
 891      if(!empty($user['skype']) && is_member($mybb->settings['allowskypefield'], array('usergroup' => $user['usergroup'], 'additionalgroups' => $user['additionalgroups'])))
 892      {
 893          $imtype = "skype";
 894          $imtype_lang = $lang->skype;
 895          eval("\$navigationbar .= \"".$templates->get("misc_imcenter_nav")."\";");
 896          $navsep = ' - ';
 897      }
 898      if(!empty($user['yahoo']) && is_member($mybb->settings['allowyahoofield'], array('usergroup' => $user['usergroup'], 'additionalgroups' => $user['additionalgroups'])))
 899      {
 900          $imtype = "yahoo";
 901          $imtype_lang = $lang->yahoo_im;
 902          eval("\$navigationbar .= \"".$templates->get("misc_imcenter_nav")."\";");
 903      }
 904  
 905      $user['skype'] = htmlspecialchars_uni($user['skype']);
 906      $user['yahoo'] = htmlspecialchars_uni($user['yahoo']);
 907      $user['aim'] = htmlspecialchars_uni($user['aim']);
 908  
 909      $user['username'] = htmlspecialchars_uni($user['username']);
 910  
 911      $lang->chat_on_skype = $lang->sprintf($lang->chat_on_skype, $user['username']);
 912      $lang->call_on_skype = $lang->sprintf($lang->call_on_skype, $user['username']);
 913  
 914      $imtemplate = "misc_imcenter_".$mybb->input['imtype'];
 915      eval("\$imcenter = \"".$templates->get($imtemplate, 1, 0)."\";");
 916      echo $imcenter;
 917      exit;
 918  }
 919  elseif($mybb->input['action'] == "syndication")
 920  {
 921      $plugins->run_hooks("misc_syndication_start");
 922  
 923      $fid = $mybb->get_input('fid', MyBB::INPUT_INT);
 924      $version = $mybb->get_input('version');
 925      $new_limit = $mybb->get_input('limit', MyBB::INPUT_INT);
 926      $forums = $mybb->get_input('forums', MyBB::INPUT_ARRAY);
 927      $limit = 15;
 928      if(!empty($new_limit) && $new_limit != $limit)
 929      {
 930          $limit = $new_limit;
 931      }
 932      $feedurl = '';
 933      $add = false;
 934  
 935      add_breadcrumb($lang->nav_syndication);
 936      $unviewable = get_unviewable_forums();
 937      $inactiveforums = get_inactive_forums();
 938      $unexp1 = explode(',', $unviewable);
 939      $unexp2 = explode(',', $inactiveforums);
 940      $unexp = array_merge($unexp1, $unexp2);
 941  
 942      if(is_array($forums))
 943      {
 944          foreach($unexp as $fid)
 945          {
 946              $unview[$fid] = true;
 947          }
 948  
 949          $syndicate = '';
 950          $comma = '';
 951          $all = false;
 952          foreach($forums as $fid)
 953          {
 954              if($fid == "all")
 955              {
 956                  $all = true;
 957                  break;
 958              }
 959              elseif(ctype_digit($fid))
 960              {
 961                  if(!isset($unview[$fid]))
 962                  {
 963                      $syndicate .= $comma.$fid;
 964                      $comma = ",";
 965                      $flist[$fid] = true;
 966                  }
 967              }
 968          }
 969          $url = $mybb->settings['bburl']."/syndication.php";
 970          if(!$all)
 971          {
 972              $url .= "?fid=$syndicate";
 973              $add = true;
 974          }
 975  
 976          // If the version is not RSS2.0, set the type to Atom1.0.
 977          if($version != "rss2.0")
 978          {
 979              if(!$add)
 980              {
 981                  $url .= "?";
 982              }
 983              else
 984              {
 985                  $url .= "&";
 986              }
 987              $url .= "type=atom1.0";
 988              $add = true;
 989          }
 990          if((int)$limit > 0)
 991          {
 992              if($limit > 50)
 993              {
 994                  $limit = 50;
 995              }
 996              if(!$add)
 997              {
 998                  $url .= "?";
 999              }
1000              else
1001              {
1002                  $url .= "&";
1003              }
1004              if(is_numeric($limit))
1005              {
1006                  $url .= "limit=$limit";
1007              }
1008          }
1009          eval("\$feedurl = \"".$templates->get("misc_syndication_feedurl")."\";");
1010      }
1011      unset($GLOBALS['forumcache']);
1012  
1013      // If there is no version in the input, check the default (RSS2.0).
1014      if($version == "atom1.0")
1015      {
1016          $atom1check = "checked=\"checked\"";
1017          $rss2check = '';
1018      }
1019      else
1020      {
1021          $atom1check = '';
1022          $rss2check = "checked=\"checked\"";
1023      }
1024      $forumselect = makesyndicateforums();
1025  
1026      $plugins->run_hooks("misc_syndication_end");
1027  
1028      eval("\$syndication = \"".$templates->get("misc_syndication")."\";");
1029      output_page($syndication);
1030  }
1031  elseif($mybb->input['action'] == "clearcookies")
1032  {
1033      verify_post_check($mybb->get_input('my_post_key'));
1034  
1035      $plugins->run_hooks("misc_clearcookies");
1036  
1037      $remove_cookies = array('mybbuser', 'mybb[announcements]', 'mybb[lastvisit]', 'mybb[lastactive]', 'collapsed', 'mybb[forumread]', 'mybb[threadsread]', 'mybbadmin',
1038                              'mybblang', 'mybbtheme', 'multiquote', 'mybb[readallforums]', 'coppauser', 'coppadob', 'mybb[referrer]');
1039  
1040      foreach($remove_cookies as $name)
1041      {
1042          my_unsetcookie($name);
1043      }
1044      redirect("index.php", $lang->redirect_cookiescleared);
1045  }
1046  
1047  /**
1048   * Build a list of forums for RSS multiselect.
1049   *
1050   * @param int $pid Parent forum ID.
1051   * @param string $selitem deprecated
1052   * @param boolean $addselect Whether to add selected attribute or not.
1053   * @param string $depth HTML for the depth of the forum.
1054   * @return string HTML of the list of forums for CSS.
1055   */
1056  function makesyndicateforums($pid=0, $selitem="", $addselect=true, $depth="")
1057  {
1058      global $db, $forumcache, $permissioncache, $mybb, $forumlist, $forumlistbits, $flist, $lang, $unexp, $templates;
1059  
1060      $pid = (int)$pid;
1061      $forumlist = '';
1062  
1063      if(!is_array($forumcache))
1064      {
1065          // Get Forums
1066          $query = $db->simple_select("forums", "*", "linkto = '' AND active!=0", array('order_by' => 'pid, disporder'));
1067          while($forum = $db->fetch_array($query))
1068          {
1069              $forumcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum;
1070          }
1071      }
1072  
1073      if(!is_array($permissioncache))
1074      {
1075          $permissioncache = forum_permissions();
1076      }
1077  
1078      if(is_array($forumcache[$pid]))
1079      {
1080          foreach($forumcache[$pid] as $key => $main)
1081          {
1082              foreach($main as $key => $forum)
1083              {
1084                  $perms = $permissioncache[$forum['fid']];
1085                  if($perms['canview'] == 1 || $mybb->settings['hideprivateforums'] == 0)
1086                  {
1087                      $optionselected = '';
1088                      if(isset($flist[$forum['fid']]))
1089                      {
1090                          $optionselected = 'selected="selected"';
1091                          $selecteddone = "1";
1092                      }
1093  
1094                      if($forum['password'] == '' && !in_array($forum['fid'], $unexp) || $forum['password'] && isset($mybb->cookies['forumpass'][$forum['fid']]) && $mybb->cookies['forumpass'][$forum['fid']] === md5($mybb->user['uid'].$forum['password']))
1095                      {
1096                          eval("\$forumlistbits .= \"".$templates->get("misc_syndication_forumlist_forum")."\";");
1097                      }
1098  
1099                      if(!empty($forumcache[$forum['fid']]))
1100                      {
1101                          $newdepth = $depth."&nbsp;&nbsp;&nbsp;&nbsp;";
1102                          $forumlistbits .= makesyndicateforums($forum['fid'], '', 0, $newdepth);
1103                      }
1104                  }
1105              }
1106          }
1107      }
1108  
1109      if($addselect)
1110      {
1111          $addsel = '';
1112          if(empty($selecteddone))
1113          {
1114              $addsel = ' selected="selected"';
1115          }
1116  
1117          eval("\$forumlist = \"".$templates->get("misc_syndication_forumlist")."\";");
1118      }
1119  
1120      return $forumlist;
1121  }


2005 - 2016 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1