[ Index ]

PHP Cross Reference of MyBB 1.8.15

title

Body

[close]

/ -> usercp2.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'usercp2.php');
  13  define("ALLOWABLE_PAGE", "removesubscription,removesubscriptions");
  14  
  15  $templatelist = "usercp_nav_messenger,usercp_nav_profile,usercp_nav,usercp_addsubscription_thread,forumdisplay_password,forumdisplay_password_wrongpass,usercp_nav_messenger_tracking,usercp_nav_messenger_folder";
  16  $templatelist .= ",usercp_nav_home,usercp_nav_editsignature,usercp_nav_attachments,usercp_nav_changename,usercp_nav_messenger_compose,usercp_nav_misc";
  17  
  18  require_once  "./global.php";
  19  require_once  MYBB_ROOT."inc/functions_user.php";
  20  
  21  if($mybb->user['uid'] == 0)
  22  {
  23      error_no_permission();
  24  }
  25  
  26  // Verify incoming POST request
  27  verify_post_check($mybb->get_input('my_post_key'));
  28  
  29  $lang->load("usercp");
  30  
  31  usercp_menu();
  32  
  33  $server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);
  34  
  35  $plugins->run_hooks("usercp2_start");
  36  
  37  if($mybb->get_input('action') == "do_addsubscription" && $mybb->get_input('type') != "forum")
  38  {
  39      $thread = get_thread($mybb->get_input('tid'));
  40      if(!$thread)
  41      {
  42          error($lang->error_invalidthread);
  43      }
  44  
  45      // Is the currently logged in user a moderator of this forum?
  46      $ismod = is_moderator($thread['fid']);
  47  
  48      // Make sure we are looking at a real thread here.
  49      if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
  50      {
  51          error($lang->error_invalidthread);
  52      }
  53  
  54      $forumpermissions = forum_permissions($thread['fid']);
  55      if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
  56      {
  57          error_no_permission();
  58      }
  59  
  60      // check if the forum requires a password to view. If so, we need to show a form to the user
  61      check_forum_password($thread['fid']);
  62  
  63      $plugins->run_hooks("usercp2_do_addsubscription");
  64  
  65      add_subscribed_thread($thread['tid'], $mybb->get_input('notification', MyBB::INPUT_INT));
  66  
  67      if($mybb->get_input('referrer'))
  68      {
  69          $url = htmlspecialchars_uni($mybb->get_input('referrer'));
  70      }
  71      else
  72      {
  73          $url = get_thread_link($thread['tid']);
  74      }
  75      redirect($url, $lang->redirect_subscriptionadded);
  76  }
  77  elseif($mybb->get_input('action') == "addsubscription")
  78  {
  79      if($mybb->get_input('type') == "forum")
  80      {
  81          $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
  82          if(!$forum)
  83          {
  84              error($lang->error_invalidforum);
  85          }
  86          $forumpermissions = forum_permissions($forum['fid']);
  87          if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
  88          {
  89              error_no_permission();
  90          }
  91  
  92          // check if the forum requires a password to view. If so, we need to show a form to the user
  93          check_forum_password($forum['fid']);
  94  
  95          $plugins->run_hooks("usercp2_addsubscription_forum");
  96  
  97          add_subscribed_forum($forum['fid']);
  98          if($server_http_referer && $mybb->request_method != 'post')
  99          {
 100              $url = $server_http_referer;
 101          }
 102          else
 103          {
 104              $url = "index.php";
 105          }
 106          redirect($url, $lang->redirect_forumsubscriptionadded);
 107      }
 108      else
 109      {
 110          $thread  = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
 111          if(!$thread)
 112          {
 113              error($lang->error_invalidthread);
 114          }
 115  
 116          // Is the currently logged in user a moderator of this forum?
 117          $ismod = is_moderator($thread['fid']);
 118  
 119          // Make sure we are looking at a real thread here.
 120          if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
 121          {
 122              error($lang->error_invalidthread);
 123          }
 124  
 125          add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions");
 126          add_breadcrumb($lang->nav_addsubscription);
 127  
 128          $forumpermissions = forum_permissions($thread['fid']);
 129          if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
 130          {
 131              error_no_permission();
 132          }
 133  
 134          // check if the forum requires a password to view. If so, we need to show a form to the user
 135          check_forum_password($thread['fid']);
 136  
 137          $referrer = '';
 138          if($server_http_referer)
 139          {
 140              $referrer = $server_http_referer;
 141          }
 142  
 143          require_once  MYBB_ROOT."inc/class_parser.php";
 144          $parser = new postParser;
 145          $thread['subject'] = $parser->parse_badwords($thread['subject']);
 146          $thread['subject'] = htmlspecialchars_uni($thread['subject']);
 147          $lang->subscribe_to_thread = $lang->sprintf($lang->subscribe_to_thread, $thread['subject']);
 148  
 149          $notification_none_checked = $notification_email_checked = $notification_pm_checked = '';
 150          if($mybb->user['subscriptionmethod'] == 1 || $mybb->user['subscriptionmethod'] == 0)
 151          {
 152              $notification_none_checked = "checked=\"checked\"";
 153          }
 154          else if($mybb->user['subscriptionmethod'] == 2)
 155          {
 156              $notification_email_checked = "checked=\"checked\"";
 157          }
 158          else if($mybb->user['subscriptionmethod'] == 3)
 159          {
 160              $notification_pm_checked = "checked=\"checked\"";
 161          }
 162  
 163          $plugins->run_hooks("usercp2_addsubscription_thread");
 164  
 165          eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";");
 166          output_page($add_subscription);
 167          exit;
 168      }
 169  }
 170  elseif($mybb->get_input('action') == "removesubscription")
 171  {
 172      if($mybb->get_input('type') == "forum")
 173      {
 174          $forum = get_forum($mybb->get_input('fid', MyBB::INPUT_INT));
 175          if(!$forum)
 176          {
 177              error($lang->error_invalidforum);
 178          }
 179  
 180          // check if the forum requires a password to view. If so, we need to show a form to the user
 181          check_forum_password($forum['fid']);
 182  
 183          $plugins->run_hooks("usercp2_removesubscription_forum");
 184  
 185          remove_subscribed_forum($forum['fid']);
 186          if($server_http_referer && $mybb->request_method != 'post')
 187          {
 188              $url = $server_http_referer;
 189          }
 190          else
 191          {
 192              $url = "usercp.php?action=forumsubscriptions";
 193          }
 194          redirect($url, $lang->redirect_forumsubscriptionremoved);
 195      }
 196      else
 197      {
 198          $thread = get_thread($mybb->get_input('tid', MyBB::INPUT_INT));
 199          if(!$thread)
 200          {
 201              error($lang->error_invalidthread);
 202          }
 203  
 204          // Is the currently logged in user a moderator of this forum?
 205          $ismod = is_moderator($thread['fid']);
 206  
 207          // Make sure we are looking at a real thread here.
 208          if(($thread['visible'] != 1 && $ismod == false) || ($thread['visible'] > 1 && $ismod == true))
 209          {
 210              error($lang->error_invalidthread);
 211          }
 212  
 213          // check if the forum requires a password to view. If so, we need to show a form to the user
 214          check_forum_password($thread['fid']);
 215  
 216          $plugins->run_hooks("usercp2_removesubscription_thread");
 217  
 218          remove_subscribed_thread($thread['tid']);
 219          if($server_http_referer && $mybb->request_method != 'post')
 220          {
 221              $url = $server_http_referer;
 222          }
 223          else
 224          {
 225              $url = "usercp.php?action=subscriptions";
 226          }
 227          redirect($url, $lang->redirect_subscriptionremoved);
 228      }
 229  }
 230  elseif($mybb->get_input('action') == "removesubscriptions")
 231  {
 232      if($mybb->get_input('type') == "forum")
 233      {
 234          $plugins->run_hooks("usercp2_removesubscriptions_forum");
 235  
 236          $db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");
 237          if($server_http_referer)
 238          {
 239              $url = $server_http_referer;
 240          }
 241          else
 242          {
 243              $url = "usercp.php?action=forumsubscriptions";
 244          }
 245          redirect($url, $lang->redirect_forumsubscriptionsremoved);
 246      }
 247      else
 248      {
 249          $plugins->run_hooks("usercp2_removesubscriptions_thread");
 250  
 251          $db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'");
 252          if($server_http_referer)
 253          {
 254              $url = $server_http_referer;
 255          }
 256          else
 257          {
 258              $url = "usercp.php?action=subscriptions";
 259          }
 260          redirect($url, $lang->redirect_subscriptionsremoved);
 261      }
 262  }
 263  else
 264  {
 265      error($lang->error_invalidaction);
 266  }
 267  


2005 - 2016 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1