[ Index ]

PHP Cross Reference of MyBB 1.8.37

title

Body

[close]

/ -> misc.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define("IGNORE_CLEAN_VARS", "sid");
  13  define('THIS_SCRIPT', 'misc.php');
  14  
  15  $templatelist = "misc_rules_forum,misc_help_helpdoc,misc_whoposted_poster,misc_whoposted,misc_smilies_popup_smilie,misc_smilies_popup,misc_smilies_popup_empty,misc_smilies_popup_row,multipage_start";
  16  $templatelist .= ",misc_buddypopup,misc_buddypopup_user,misc_buddypopup_user_none,misc_buddypopup_user_online,misc_buddypopup_user_offline,misc_buddypopup_user_sendpm,misc_syndication_forumlist";
  17  $templatelist .= ",misc_smilies,misc_smilies_smilie,misc_help_section_bit,misc_help_section,misc_help,forumdisplay_password_wrongpass,forumdisplay_password,misc_helpresults,misc_helpresults_bit";
  18  $templatelist .= ",multipage,multipage_end,multipage_jump_page,multipage_nextpage,multipage_page,multipage_page_current,multipage_page_link_current,multipage_prevpage,misc_whoposted_page";
  19  $templatelist .= ",misc_smilies_popup_no_smilies,misc_smilies_no_smilies,misc_syndication,misc_help_search,misc_helpresults_noresults,misc_syndication_forumlist_forum,misc_syndication_feedurl";
  20  
  21  require_once  "./global.php";
  22  require_once  MYBB_ROOT."inc/functions_post.php";
  23  
  24  // Load global language phrases
  25  $lang->load("misc");
  26  
  27  $plugins->run_hooks("misc_start");
  28  
  29  $mybb->input['action'] = $mybb->get_input('action');
  30  if($mybb->input['action'] == "dstswitch" && $mybb->request_method == "post" && $mybb->user['uid'] > 0)
  31  {
  32      if($mybb->user['dstcorrection'] == 2)
  33      {
  34          if($mybb->user['dst'] == 1)
  35          {
  36              $update_array = array("dst" => 0);
  37          }
  38          else
  39          {
  40              $update_array = array("dst" => 1);
  41          }
  42      }
  43      $db->update_query("users", $update_array, "uid='{$mybb->user['uid']}'");
  44      if(!isset($mybb->input['ajax']))
  45      {
  46          redirect("index.php", $lang->dst_settings_updated);
  47      }
  48      else
  49      {
  50          echo "done";
  51          exit;
  52      }
  53  }
  54  elseif($mybb->input['action'] == "markread")
  55  {
  56      if($mybb->user['uid'] && verify_post_check($mybb->get_input('my_post_key'), true) !== true)
  57      {
  58          // Protect our user's unread forums from CSRF
  59          error($lang->invalid_post_code);
  60      }
  61  
  62      if(isset($mybb->input['fid']))
  63      {
  64          $validforum = get_forum($mybb->input['fid']);
  65          if(!$validforum)
  66          {
  67              if(!isset($mybb->input['ajax']))
  68              {
  69                  error($lang->error_invalidforum);
  70              }
  71              else
  72              {
  73                  echo 0;
  74                  exit;
  75              }
  76          }
  77  
  78          require_once  MYBB_ROOT."/inc/functions_indicators.php";
  79          mark_forum_read($mybb->input['fid']);
  80  
  81          $plugins->run_hooks("misc_markread_forum");
  82  
  83          if(!isset($mybb->input['ajax']))
  84          {
  85              redirect(get_forum_link($mybb->input['fid']), $lang->redirect_markforumread);
  86          }
  87          else
  88          {
  89              echo 1;
  90              exit;
  91          }
  92      }
  93      else
  94      {
  95  
  96          $plugins->run_hooks("misc_markread_end");
  97          require_once  MYBB_ROOT."/inc/functions_indicators.php";
  98          mark_all_forums_read();
  99          redirect("index.php", $lang->redirect_markforumsread);
 100      }
 101  }
 102  elseif($mybb->input['action'] == "clearpass")
 103  {
 104      $plugins->run_hooks("misc_clearpass");
 105  
 106      if(isset($mybb->input['fid']))
 107      {
 108          if(!verify_post_check($mybb->get_input('my_post_key')))
 109          {
 110              error($lang->invalid_post_code);
 111          }
 112  
 113          my_unsetcookie("forumpass[".$mybb->get_input('fid', MyBB::INPUT_INT)."]");
 114          redirect("index.php", $lang->redirect_forumpasscleared);
 115      }
 116  }
 117  elseif($mybb->input['action'] == "rules")
 118  {
 119      if(isset($mybb->input['fid']))
 120      {
 121          $plugins->run_hooks("misc_rules_start");
 122  
 123          $fid = $mybb->input['fid'];
 124  
 125          $forum = get_forum($fid);
 126          if(!$forum || $forum['type'] != "f" || $forum['rules'] == '')
 127          {
 128              error($lang->error_invalidforum);
 129          }
 130  
 131          $forumpermissions = forum_permissions($forum['fid']);
 132          if($forumpermissions['canview'] != 1)
 133          {
 134              error_no_permission();
 135          }
 136  
 137          if(!$forum['rulestitle'])
 138          {
 139              $forum['rulestitle'] = $lang->sprintf($lang->forum_rules, $forum['name']);
 140          }
 141  
 142          require_once  MYBB_ROOT."inc/class_parser.php";
 143          $parser = new postParser();
 144          $parser_options = array(
 145              "allow_html" => 1,
 146              "allow_mycode" => 1,
 147              "allow_smilies" => 1,
 148              "allow_imgcode" => 1,
 149              "filter_badwords" => 1
 150          );
 151  
 152          $forum['rules'] = $parser->parse_message($forum['rules'], $parser_options);
 153  
 154          // Make navigation
 155          build_forum_breadcrumb($mybb->input['fid']);
 156          add_breadcrumb($forum['rulestitle']);
 157  
 158          $plugins->run_hooks("misc_rules_end");
 159  
 160          eval("\$rules = \"".$templates->get("misc_rules_forum")."\";");
 161          output_page($rules);
 162      }
 163  
 164  }
 165  elseif($mybb->input['action'] == "do_helpsearch" && $mybb->request_method == "post")
 166  {
 167      $plugins->run_hooks("misc_do_helpsearch_start");
 168  
 169      if($mybb->settings['helpsearch'] != 1)
 170      {
 171          error($lang->error_helpsearchdisabled);
 172      }
 173  
 174      // Check if search flood checking is enabled and user is not admin
 175      if($mybb->settings['searchfloodtime'] > 0 && $mybb->usergroup['cancp'] != 1)
 176      {
 177          // Fetch the time this user last searched
 178          $timecut = TIME_NOW-$mybb->settings['searchfloodtime'];
 179          $query = $db->simple_select("searchlog", "*", "uid='{$mybb->user['uid']}' AND dateline > '$timecut'", array('order_by' => "dateline", 'order_dir' => "DESC"));
 180          $last_search = $db->fetch_array($query);
 181          // Users last search was within the flood time, show the error
 182          if($last_search)
 183          {
 184              $remaining_time = $mybb->settings['searchfloodtime']-(TIME_NOW-$last_search['dateline']);
 185              if($remaining_time == 1)
 186              {
 187                  $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding_1, $mybb->settings['searchfloodtime']);
 188              }
 189              else
 190              {
 191                  $lang->error_searchflooding = $lang->sprintf($lang->error_searchflooding, $mybb->settings['searchfloodtime'], $remaining_time);
 192              }
 193              error($lang->error_searchflooding);
 194          }
 195      }
 196  
 197      if($mybb->get_input('name', MyBB::INPUT_INT) != 1 && $mybb->get_input('document', MyBB::INPUT_INT) != 1)
 198      {
 199          error($lang->error_nosearchresults);
 200      }
 201  
 202      if($mybb->get_input('document', MyBB::INPUT_INT) == 1)
 203      {
 204          $resulttype = "helpdoc";
 205      }
 206      else
 207      {
 208          $resulttype = "helpname";
 209      }
 210  
 211      $search_data = array(
 212          "keywords" => $mybb->get_input('keywords'),
 213          "name" => $mybb->get_input('name', MyBB::INPUT_INT),
 214          "document" => $mybb->get_input('document', MyBB::INPUT_INT),
 215      );
 216  
 217      if($db->can_search == true)
 218      {
 219          require_once  MYBB_ROOT."inc/functions_search.php";
 220  
 221          $search_results = helpdocument_perform_search_mysql($search_data);
 222      }
 223      else
 224      {
 225          error($lang->error_no_search_support);
 226      }
 227      $sid = md5(uniqid(microtime(), true));
 228      $searcharray = array(
 229          "sid" => $db->escape_string($sid),
 230          "uid" => $mybb->user['uid'],
 231          "dateline" => TIME_NOW,
 232          "ipaddress" => $db->escape_binary($session->packedip),
 233          "threads" => '',
 234          "posts" => '',
 235          "resulttype" => $resulttype,
 236          "querycache" => $search_results['querycache'],
 237          "keywords" => $db->escape_string($mybb->get_input('keywords')),
 238      );
 239      $plugins->run_hooks("misc_do_helpsearch_process");
 240  
 241      $db->insert_query("searchlog", $searcharray);
 242  
 243      $plugins->run_hooks("misc_do_helpsearch_end");
 244      redirect("misc.php?action=helpresults&sid={$sid}", $lang->redirect_searchresults);
 245  }
 246  elseif($mybb->input['action'] == "helpresults")
 247  {
 248      if($mybb->settings['helpsearch'] != 1)
 249      {
 250          error($lang->error_helpsearchdisabled);
 251      }
 252  
 253      $sid = $mybb->get_input('sid');
 254      $query = $db->simple_select("searchlog", "*", "sid='".$db->escape_string($sid)."' AND uid='{$mybb->user['uid']}'");
 255      $search = $db->fetch_array($query);
 256  
 257      if(!$search)
 258      {
 259          error($lang->error_invalidsearch);
 260      }
 261  
 262      $plugins->run_hooks("misc_helpresults_start");
 263  
 264      add_breadcrumb($lang->nav_helpdocs, "misc.php?action=help");
 265      add_breadcrumb($lang->search_results, "misc.php?action=helpresults&sid={$sid}");
 266  
 267      if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
 268      {
 269          $mybb->settings['threadsperpage'] = 20;
 270      }
 271  
 272      $query = $db->simple_select("helpdocs", "COUNT(*) AS total", "hid IN(".$db->escape_string($search['querycache']).")");
 273      $helpcount = $db->fetch_field($query, "total");
 274  
 275      // Work out pagination, which page we're at, as well as the limits.
 276      $perpage = $mybb->settings['threadsperpage'];
 277      $page = $mybb->get_input('page', MyBB::INPUT_INT);
 278      if($page > 0)
 279      {
 280          $start = ($page-1) * $perpage;
 281          $pages = ceil($helpcount / $perpage);
 282          if($pages > $page)
 283          {
 284              $start = 0;
 285              $page = 1;
 286          }
 287      }
 288      else
 289      {
 290          $start = 0;
 291          $page = 1;
 292      }
 293      $end = $start + $perpage;
 294      $lower = $start+1;
 295      $upper = $end;
 296  
 297      // Work out if we have terms to highlight
 298      $highlight = "";
 299      if($search['keywords'])
 300      {
 301          $highlight = "&amp;highlight=".urlencode($search['keywords']);
 302      }
 303  
 304      // Do Multi Pages
 305      if($upper > $helpcount)
 306      {
 307          $upper = $helpcount;
 308      }
 309      $multipage = multipage($helpcount, $perpage, $page, "misc.php?action=helpresults&amp;sid='".htmlspecialchars_uni($mybb->get_input('sid'))."'");
 310      $helpdoclist = '';
 311  
 312      require_once  MYBB_ROOT."inc/class_parser.php";
 313      $parser = new postParser();
 314  
 315      $query = $db->query("
 316          SELECT h.*, s.enabled
 317          FROM ".TABLE_PREFIX."helpdocs h
 318          LEFT JOIN ".TABLE_PREFIX."helpsections s ON (s.sid=h.sid)
 319          WHERE h.hid IN(".$db->escape_string($search['querycache']).") AND h.enabled='1' AND s.enabled='1'
 320          LIMIT {$start}, {$perpage}
 321      ");
 322      while($helpdoc = $db->fetch_array($query))
 323      {
 324          $bgcolor = alt_trow();
 325  
 326          if(my_strlen($helpdoc['name']) > 50)
 327          {
 328              $helpdoc['name'] = htmlspecialchars_uni(my_substr($helpdoc['name'], 0, 50)."...");
 329          }
 330          else
 331          {
 332              $helpdoc['name'] = htmlspecialchars_uni($helpdoc['name']);
 333          }
 334  
 335          $parser_options = array(
 336              'allow_html' => 1,
 337              'allow_mycode' => 0,
 338              'allow_smilies' => 0,
 339              'allow_imgcode' => 0,
 340              'filter_badwords' => 1
 341          );
 342          $helpdoc['helpdoc'] = $parser->parse_message($helpdoc['document'], $parser_options);
 343  
 344          if(my_strlen($helpdoc['helpdoc']) > 350)
 345          {
 346              $prev = my_substr($helpdoc['helpdoc'], 0, 350)."...";
 347          }
 348          else
 349          {
 350              $prev = $helpdoc['helpdoc'];
 351          }
 352  
 353          $plugins->run_hooks("misc_helpresults_bit");
 354  
 355          eval("\$helpdoclist .= \"".$templates->get("misc_helpresults_bit")."\";");
 356      }
 357  
 358      if($db->num_rows($query) == 0)
 359      {
 360          eval("\$helpdoclist = \"".$templates->get("misc_helpresults_noresults")."\";");
 361      }
 362  
 363      $plugins->run_hooks("misc_helpresults_end");
 364  
 365      eval("\$helpresults = \"".$templates->get("misc_helpresults")."\";");
 366      output_page($helpresults);
 367  }
 368  elseif($mybb->input['action'] == "help")
 369  {
 370      $lang->load("helpdocs");
 371      $lang->load("helpsections");
 372      $lang->load("customhelpdocs");
 373      $lang->load("customhelpsections");
 374  
 375      $hid = $mybb->get_input('hid', MyBB::INPUT_INT);
 376      add_breadcrumb($lang->nav_helpdocs, "misc.php?action=help");
 377  
 378      if($hid)
 379      {
 380          $query = $db->query("
 381              SELECT h.*, s.enabled AS section
 382              FROM ".TABLE_PREFIX."helpdocs h
 383              LEFT JOIN ".TABLE_PREFIX."helpsections s ON (s.sid=h.sid)
 384              WHERE h.hid='{$hid}'
 385          ");
 386  
 387          $helpdoc = $db->fetch_array($query);
 388          if($helpdoc['section'] != 0 && $helpdoc['enabled'] != 0)
 389          {
 390              $plugins->run_hooks("misc_help_helpdoc_start");
 391  
 392              // If we have incoming search terms to highlight - get it done (only if not using translation).
 393              if(!empty($mybb->input['highlight']) && $helpdoc['usetranslation'] != 1)
 394              {
 395                  require_once  MYBB_ROOT."inc/class_parser.php";
 396                  $parser = new postParser();
 397  
 398                  $highlight = $mybb->input['highlight'];
 399                  $helpdoc['name'] = $parser->highlight_message($helpdoc['name'], $highlight);
 400                  $helpdoc['document'] = $parser->highlight_message($helpdoc['document'], $highlight);
 401              }
 402  
 403              if($helpdoc['usetranslation'] == 1)
 404              {
 405                  $langnamevar = "d".$helpdoc['hid']."_name";
 406                  $langdescvar = "d".$helpdoc['hid']."_desc";
 407                  $langdocvar = "d".$helpdoc['hid']."_document";
 408                  if(isset($lang->$langnamevar))
 409                  {
 410                      $helpdoc['name'] = $lang->$langnamevar;
 411                  }
 412                  if(isset($lang->$langdescvar))
 413                  {
 414                      $helpdoc['description'] = $lang->$langdescvar;
 415                  }
 416                  if(isset($lang->$langdocvar))
 417                  {
 418                      $helpdoc['document'] = $lang->$langdocvar;
 419                  }
 420              }
 421  
 422              if($helpdoc['hid'] == 3)
 423              {
 424                  $helpdoc['document'] = $lang->sprintf($helpdoc['document'], $mybb->post_code);
 425              }
 426  
 427              add_breadcrumb($helpdoc['name']);
 428  
 429              $plugins->run_hooks("misc_help_helpdoc_end");
 430  
 431              eval("\$helppage = \"".$templates->get("misc_help_helpdoc")."\";");
 432              output_page($helppage);
 433          }
 434          else
 435          {
 436              error($lang->error_invalidhelpdoc);
 437          }
 438      }
 439      else
 440      {
 441          $plugins->run_hooks("misc_help_section_start");
 442  
 443          $query = $db->simple_select("helpdocs", "*", "", array('order_by' => 'sid, disporder'));
 444          while($helpdoc = $db->fetch_array($query))
 445          {
 446              $helpdocs[$helpdoc['sid']][$helpdoc['disporder']][$helpdoc['hid']] = $helpdoc;
 447          }
 448          unset($helpdoc);
 449          $sections = '';
 450          $query = $db->simple_select("helpsections", "*", "enabled != 0", array('order_by' => 'disporder'));
 451          while($section = $db->fetch_array($query))
 452          {
 453              if($section['usetranslation'] == 1)
 454              {
 455                  $langnamevar = "s".$section['sid']."_name";
 456                  $langdescvar = "s".$section['sid']."_desc";
 457                  if($lang->$langnamevar)
 458                  {
 459                      $section['name'] = $lang->$langnamevar;
 460                  }
 461                  if($lang->$langdescvar)
 462                  {
 463                      $section['description'] = $lang->$langdescvar;
 464                  }
 465              }
 466              if(is_array($helpdocs[$section['sid']]))
 467              {
 468                  $helpbits = '';
 469                  foreach($helpdocs[$section['sid']] as $key => $bit)
 470                  {
 471                      foreach($bit as $key => $helpdoc)
 472                      {
 473                          if($helpdoc['enabled'] != 0)
 474                          {
 475                              if($helpdoc['usetranslation'] == 1)
 476                              {
 477                                  $langnamevar = "d".$helpdoc['hid'].'_name';
 478                                  $langdescvar = "d".$helpdoc['hid'].'_desc';
 479                                  if(isset($lang->$langnamevar))
 480                                  {
 481                                      $helpdoc['name'] = $lang->$langnamevar;
 482                                  }
 483                                  if(isset($lang->$langdescvar))
 484                                  {
 485                                      $helpdoc['description'] = $lang->$langdescvar;
 486                                  }
 487                              }
 488                              $altbg = alt_trow();
 489                              eval("\$helpbits .= \"".$templates->get("misc_help_section_bit")."\";");
 490                          }
 491                      }
 492                      $expdisplay = '';
 493                      $sname = "sid_".$section['sid']."_e";
 494                      if(isset($collapsed[$sname]) && $collapsed[$sname] == "display: none;")
 495                      {
 496                          $expcolimage = "collapse_collapsed.png";
 497                          $expdisplay = "display: none;";
 498                          $expthead = " thead_collapsed";
 499                          $expaltext = $lang->expcol_expand;
 500                      }
 501                      else
 502                      {
 503                          $expcolimage = "collapse.png";
 504                          $expthead = "";
 505                          $expaltext = $lang->expcol_collapse;
 506                      }
 507                  }
 508                  eval("\$sections .= \"".$templates->get("misc_help_section")."\";");
 509              }
 510          }
 511  
 512          if($mybb->settings['helpsearch'] == 1)
 513          {
 514              eval("\$search = \"".$templates->get("misc_help_search")."\";");
 515          }
 516  
 517          $plugins->run_hooks("misc_help_section_end");
 518  
 519          eval("\$help = \"".$templates->get("misc_help")."\";");
 520          output_page($help);
 521      }
 522  }
 523  elseif($mybb->input['action'] == "buddypopup")
 524  {
 525      $plugins->run_hooks("misc_buddypopup_start");
 526  
 527      if($mybb->user['uid'] == 0)
 528      {
 529          error_no_permission();
 530      }
 531  
 532      if(isset($mybb->input['removebuddy']) && verify_post_check($mybb->get_input('my_post_key')))
 533      {
 534          $buddies = $mybb->user['buddylist'];
 535          $namesarray = explode(",", $buddies);
 536          $mybb->input['removebuddy'] = $mybb->get_input('removebuddy', MyBB::INPUT_INT);
 537          if(is_array($namesarray))
 538          {
 539              foreach($namesarray as $key => $buddyid)
 540              {
 541                  if($buddyid == $mybb->input['removebuddy'])
 542                  {
 543                      unset($namesarray[$key]);
 544                  }
 545              }
 546              $buddylist = implode(',', $namesarray);
 547              $db->update_query("users", array('buddylist' => $buddylist), "uid='".$mybb->user['uid']."'");
 548              $mybb->user['buddylist'] = $buddylist;
 549          }
 550      }
 551  
 552      // Load Buddies
 553      $buddies = '';
 554      if($mybb->user['buddylist'] != "")
 555      {
 556          $buddys = array('online' => '', 'offline' => '');
 557          $timecut = TIME_NOW - $mybb->settings['wolcutoff'];
 558  
 559          $query = $db->simple_select("users", "*", "uid IN ({$mybb->user['buddylist']})", array('order_by' => 'lastactive'));
 560  
 561          while($buddy = $db->fetch_array($query))
 562          {
 563              $buddy['username'] = htmlspecialchars_uni($buddy['username']);
 564              $buddy_name = format_name($buddy['username'], $buddy['usergroup'], $buddy['displaygroup']);
 565              $profile_link = build_profile_link($buddy_name, $buddy['uid'], '_blank', 'if(window.opener) { window.opener.location = this.href; return false; }');
 566  
 567              $send_pm = '';
 568              if($mybb->user['receivepms'] != 0 && $buddy['receivepms'] != 0 && $groupscache[$buddy['usergroup']]['canusepms'] != 0)
 569              {
 570                  eval("\$send_pm = \"".$templates->get("misc_buddypopup_user_sendpm")."\";");
 571              }
 572  
 573              if($buddy['lastactive'])
 574              {
 575                  $last_active = $lang->sprintf($lang->last_active, my_date('relative', $buddy['lastactive']));
 576              }
 577              else
 578              {
 579                  $last_active = $lang->sprintf($lang->last_active, $lang->never);
 580              }
 581  
 582              $buddy['avatar'] = format_avatar($buddy['avatar'], $buddy['avatardimensions'], '44x44');
 583  
 584              if($buddy['lastactive'] > $timecut && ($buddy['invisible'] == 0 || $mybb->user['usergroup'] == 4) && $buddy['lastvisit'] != $buddy['lastactive'])
 585              {
 586                  $bonline_alt = alt_trow();
 587                  eval("\$buddys['online'] .= \"".$templates->get("misc_buddypopup_user_online")."\";");
 588              }
 589              else
 590              {
 591                  $boffline_alt = alt_trow();
 592                  eval("\$buddys['offline'] .= \"".$templates->get("misc_buddypopup_user_offline")."\";");
 593              }
 594          }
 595  
 596          $colspan = ' colspan="2"';
 597          if(empty($buddys['online']))
 598          {
 599              $error = $lang->online_none;
 600              eval("\$buddys['online'] = \"".$templates->get("misc_buddypopup_user_none")."\";");
 601          }
 602  
 603          if(empty($buddys['offline']))
 604          {
 605              $error = $lang->offline_none;
 606              eval("\$buddys['offline'] = \"".$templates->get("misc_buddypopup_user_none")."\";");
 607          }
 608  
 609          eval("\$buddies = \"".$templates->get("misc_buddypopup_user")."\";");
 610      }
 611      else
 612      {
 613          // No buddies? :(
 614          $colspan = '';
 615          $error = $lang->no_buddies;
 616          eval("\$buddies = \"".$templates->get("misc_buddypopup_user_none")."\";");
 617      }
 618  
 619      $plugins->run_hooks("misc_buddypopup_end");
 620  
 621      eval("\$buddylist = \"".$templates->get("misc_buddypopup", 1, 0)."\";");
 622      echo $buddylist;
 623      exit;
 624  }
 625  elseif($mybb->input['action'] == "whoposted")
 626  {
 627      $numposts = 0;
 628      $altbg = alt_trow();
 629      $whoposted = '';
 630      $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
 631      $thread = get_thread($tid);
 632      $modal = $mybb->get_input('modal', MyBB::INPUT_INT);
 633  
 634      // Make sure we are looking at a real thread here.
 635      if(!$thread)
 636      {
 637          error($lang->error_invalidthread);
 638      }
 639  
 640      // Make sure we are looking at a real thread here.
 641      if(($thread['visible'] == -1 && !is_moderator($thread['fid'], "canviewdeleted")) || ($thread['visible'] == 0 && !is_moderator($thread['fid'], "canviewunapprove")) || $thread['visible'] > 1)
 642      {
 643          error($lang->error_invalidthread);
 644      }
 645  
 646      if(is_moderator($thread['fid'], "canviewdeleted") || is_moderator($thread['fid'], "canviewunapprove"))
 647      {
 648          if(is_moderator($thread['fid'], "canviewunapprove") && !is_moderator($thread['fid'], "canviewdeleted"))
 649          {
 650              $show_posts = "p.visible IN (0,1)";
 651          }
 652          elseif(is_moderator($thread['fid'], "canviewdeleted") && !is_moderator($thread['fid'], "canviewunapprove"))
 653          {
 654              $show_posts = "p.visible IN (-1,1)";
 655          }
 656          else
 657          {
 658              $show_posts = "p.visible IN (-1,0,1)";
 659          }
 660      }
 661      else
 662      {
 663          $show_posts = "p.visible = 1";
 664      }
 665  
 666      // Does the thread belong to a valid forum?
 667      $forum = get_forum($thread['fid']);
 668      if(!$forum || $forum['type'] != "f")
 669      {
 670          error($lang->error_invalidforum);
 671      }
 672  
 673      // Does the user have permission to view this thread?
 674      $forumpermissions = forum_permissions($forum['fid']);
 675  
 676      if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
 677      {
 678          error_no_permission();
 679      }
 680  
 681      // Check if this forum is password protected and we have a valid password
 682      check_forum_password($forum['fid']);
 683  
 684      if($mybb->get_input('sort') != 'username')
 685      {
 686          $sortsql = ' ORDER BY posts DESC';
 687      }
 688      else
 689      {
 690          $sortsql = ' ORDER BY p.username ASC';
 691      }
 692      $whoposted = '';
 693      $query = $db->query("
 694          SELECT COUNT(p.pid) AS posts, p.username AS postusername, u.uid, u.username, u.usergroup, u.displaygroup
 695          FROM ".TABLE_PREFIX."posts p
 696          LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
 697          WHERE tid='".$tid."' AND $show_posts
 698          GROUP BY u.uid, p.username, u.uid, u.username, u.usergroup, u.displaygroup
 699          ".$sortsql."
 700      ");
 701      while($poster = $db->fetch_array($query))
 702      {
 703          if($poster['username'] == '')
 704          {
 705              $poster['username'] = $poster['postusername'];
 706          }
 707          $poster['username'] = htmlspecialchars_uni($poster['username']);
 708          $poster['postusername'] = htmlspecialchars_uni($poster['postusername']);
 709          $poster_name = format_name($poster['username'], $poster['usergroup'], $poster['displaygroup']);
 710          if($modal)
 711          {
 712              $onclick = '';
 713              if($poster['uid'])
 714              {
 715                  $onclick = "opener.location.href='".get_profile_link($poster['uid'])."'; return false;";
 716              }
 717              $profile_link = build_profile_link($poster_name, $poster['uid'], '_blank', $onclick);
 718          }
 719          else
 720          {
 721              $profile_link = build_profile_link($poster_name, $poster['uid']);
 722          }
 723          $numposts += $poster['posts'];
 724          $poster['posts'] = my_number_format($poster['posts']);
 725          eval("\$whoposted .= \"".$templates->get("misc_whoposted_poster")."\";");
 726          $altbg = alt_trow();
 727      }
 728      $numposts = my_number_format($numposts);
 729      if($modal)
 730      {
 731          eval("\$whop = \"".$templates->get("misc_whoposted", 1, 0)."\";");
 732          echo $whop;
 733          exit;
 734      }
 735      else
 736      {
 737          require_once  MYBB_ROOT."inc/class_parser.php";
 738          $parser = new postParser;
 739  
 740          // Get thread prefix
 741          $breadcrumbprefix = '';
 742          $threadprefix = array('prefix' => '');
 743          if($thread['prefix'])
 744          {
 745              $threadprefix = build_prefixes($thread['prefix']);
 746              if(!empty($threadprefix['displaystyle']))
 747              {
 748                  $breadcrumbprefix = $threadprefix['displaystyle'].'&nbsp;';
 749              }
 750          }
 751  
 752          $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
 753  
 754          // Build the navigation.
 755          build_forum_breadcrumb($forum['fid']);
 756          add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid']));
 757          add_breadcrumb($lang->who_posted);
 758  
 759          eval("\$whoposted = \"".$templates->get("misc_whoposted_page")."\";");
 760          output_page($whoposted);
 761      }
 762  }
 763  elseif($mybb->input['action'] == "smilies")
 764  {
 765      $smilies = '';
 766      if(!empty($mybb->input['popup']) && !empty($mybb->input['editor']))
 767      { // make small popup list of smilies
 768          $editor = preg_replace('#([^a-zA-Z0-9_-]+)#', '', $mybb->get_input('editor'));
 769          $e = 1;
 770          $smile_icons = '';
 771          $class = alt_trow(1);
 772          $smilies_cache = $cache->read("smilies");
 773  
 774          if(is_array($smilies_cache))
 775          {
 776              $extra_class = ' smilie_pointer';
 777              foreach($smilies_cache as $smilie)
 778              {
 779                  $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']);
 780                  $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image']));
 781                  $smilie['name'] = htmlspecialchars_uni($smilie['name']);
 782  
 783                  // Only show the first text to replace in the box
 784                  $temp = explode("\n", $smilie['find']); // use temporary variable for php 5.3 compatibility
 785                  $smilie['find'] = $temp[0];
 786  
 787                  $smilie['find'] = htmlspecialchars_uni($smilie['find']);
 788                  $smilie_insert = str_replace(array('\\', "'"), array('\\\\', "\'"), $smilie['find']);
 789  
 790                  $onclick = " onclick=\"MyBBEditor.insertText(' $smilie_insert ');\"";
 791                  eval('$smilie_image = "'.$templates->get('smilie', 1, 0).'";');
 792                  eval("\$smile_icons .= \"".$templates->get("misc_smilies_popup_smilie")."\";");
 793                  if($e == 2)
 794                  {
 795                      eval("\$smilies .= \"".$templates->get("misc_smilies_popup_row")."\";");
 796                      $smile_icons = '';
 797                      $e = 1;
 798                      $class = alt_trow();
 799                  }
 800                  else
 801                  {
 802                      $e = 2;
 803                  }
 804              }
 805          }
 806  
 807          if($e == 2)
 808          {
 809              eval("\$smilies .= \"".$templates->get("misc_smilies_popup_empty")."\";");
 810          }
 811  
 812          if(!$smilies)
 813          {
 814              eval("\$smilies = \"".$templates->get("misc_smilies_popup_no_smilies")."\";");
 815          }
 816  
 817          eval("\$smiliespage = \"".$templates->get("misc_smilies_popup", 1, 0)."\";");
 818          output_page($smiliespage);
 819      }
 820      else
 821      {
 822          add_breadcrumb($lang->nav_smilies);
 823          $class = "trow1";
 824          $smilies_cache = $cache->read("smilies");
 825  
 826          if(is_array($smilies_cache))
 827          {
 828              $extra_class = $onclick = '';
 829              foreach($smilies_cache as $smilie)
 830              {
 831                  $smilie['image'] = str_replace("{theme}", $theme['imgdir'], $smilie['image']);
 832                  $smilie['image'] = htmlspecialchars_uni($mybb->get_asset_url($smilie['image']));
 833                  $smilie['name'] = htmlspecialchars_uni($smilie['name']);
 834  
 835                  $smilie['find'] = nl2br(htmlspecialchars_uni($smilie['find']));
 836                  eval('$smilie_image = "'.$templates->get('smilie').'";');
 837                  eval("\$smilies .= \"".$templates->get("misc_smilies_smilie")."\";");
 838                  $class = alt_trow();
 839              }
 840          }
 841  
 842          if(!$smilies)
 843          {
 844              eval("\$smilies = \"".$templates->get("misc_smilies_no_smilies")."\";");
 845          }
 846  
 847          eval("\$smiliespage = \"".$templates->get("misc_smilies")."\";");
 848          output_page($smiliespage);
 849      }
 850  }
 851  
 852  elseif($mybb->input['action'] == "syndication")
 853  {
 854      $plugins->run_hooks("misc_syndication_start");
 855  
 856      $fid = $mybb->get_input('fid', MyBB::INPUT_INT);
 857      $version = $mybb->get_input('version');
 858      $forums = $mybb->get_input('forums', MyBB::INPUT_ARRAY);
 859      $limit = $mybb->get_input('limit', MyBB::INPUT_INT);
 860      $url = $mybb->settings['bburl']."/syndication.php";
 861      $syndicate = $urlquery = array();
 862  
 863      add_breadcrumb($lang->nav_syndication);
 864      $unviewable = get_unviewable_forums();
 865      $inactiveforums = get_inactive_forums();
 866      $unexp = explode(',', $unviewable . ',' . $inactiveforums);
 867  
 868      if(is_array($forums) && !in_array('all', $forums))
 869      {
 870          foreach($forums as $fid)
 871          {
 872              if(ctype_digit($fid) && !in_array($fid, $unexp))
 873              {
 874                  $syndicate[] = $fid;
 875                  $flist[$fid] = true;
 876              }
 877          }
 878  
 879          if(!empty($syndicate))
 880          {
 881              $urlquery[] = "fid=". implode(",", $syndicate);
 882          }
 883      }
 884  
 885      // If there is no version in the input, check the default (RSS2.0).
 886      $json1check = $atom1check = $rss2check = "";
 887      if($version == "json")
 888      {
 889          $json1check = "checked=\"checked\"";
 890          $urlquery[] = "type=".$version;
 891      }
 892      elseif($version == "atom1.0")
 893      {
 894          $atom1check = "checked=\"checked\"";
 895          $urlquery[] = "type=".$version;
 896      }
 897      else
 898      {
 899          $rss2check = "checked=\"checked\"";
 900      }
 901      // Evaluate, reset and set limit (Drive through settings?)
 902      $limit = empty($limit) ? 15 : (($limit > 50) ? 50 : $limit);
 903      $urlquery[] = "limit=" . $limit;
 904  
 905      // Generate feed url
 906      if(!empty($urlquery)){
 907          $url .= "?" . implode('&', $urlquery);
 908      }
 909      eval("\$feedurl = \"".$templates->get("misc_syndication_feedurl")."\";");
 910  
 911      unset($GLOBALS['forumcache']);
 912  
 913      $forumselect = makesyndicateforums();
 914  
 915      $plugins->run_hooks("misc_syndication_end");
 916  
 917      eval("\$syndication = \"".$templates->get("misc_syndication")."\";");
 918      output_page($syndication);
 919  }
 920  elseif($mybb->input['action'] == "clearcookies")
 921  {
 922      verify_post_check($mybb->get_input('my_post_key'));
 923  
 924      $plugins->run_hooks("misc_clearcookies");
 925  
 926      $remove_cookies = array('mybbuser', 'mybb[announcements]', 'mybb[lastvisit]', 'mybb[lastactive]', 'collapsed', 'mybb[forumread]', 'mybb[threadsread]', 'mybbadmin',
 927                              'mybblang', 'mybbtheme', 'multiquote', 'mybb[readallforums]', 'coppauser', 'coppadob', 'mybb[referrer]');
 928  
 929      foreach($remove_cookies as $name)
 930      {
 931          my_unsetcookie($name);
 932      }
 933      redirect("index.php", $lang->redirect_cookiescleared);
 934  }
 935  
 936  /**
 937   * Build a list of forums for RSS multiselect.
 938   *
 939   * @param int $pid Parent forum ID.
 940   * @param string $selitem deprecated
 941   * @param boolean $addselect Whether to add selected attribute or not.
 942   * @param string $depth HTML for the depth of the forum.
 943   * @return string HTML of the list of forums for CSS.
 944   */
 945  function makesyndicateforums($pid=0, $selitem="", $addselect=true, $depth="")
 946  {
 947      global $db, $forumcache, $permissioncache, $mybb, $forumlist, $forumlistbits, $flist, $lang, $unexp, $templates;
 948  
 949      $pid = (int)$pid;
 950      $forumlist = '';
 951  
 952      if(!is_array($forumcache))
 953      {
 954          // Get Forums
 955          $query = $db->simple_select("forums", "*", "linkto = '' AND active!=0", array('order_by' => 'pid, disporder'));
 956          while($forum = $db->fetch_array($query))
 957          {
 958              $forumcache[$forum['pid']][$forum['disporder']][$forum['fid']] = $forum;
 959          }
 960      }
 961  
 962      if(!is_array($permissioncache))
 963      {
 964          $permissioncache = forum_permissions();
 965      }
 966  
 967      if(is_array($forumcache[$pid]))
 968      {
 969          foreach($forumcache[$pid] as $key => $main)
 970          {
 971              foreach($main as $key => $forum)
 972              {
 973                  $perms = $permissioncache[$forum['fid']];
 974                  if($perms['canview'] == 1 || $mybb->settings['hideprivateforums'] == 0)
 975                  {
 976                      $optionselected = '';
 977                      if(isset($flist[$forum['fid']]))
 978                      {
 979                          $optionselected = 'selected="selected"';
 980                      }
 981  
 982                      if($forum['password'] == '' && !in_array($forum['fid'], $unexp) || $forum['password'] && isset($mybb->cookies['forumpass'][$forum['fid']]) && my_hash_equals($mybb->cookies['forumpass'][$forum['fid']], md5($mybb->user['uid'].$forum['password'])))
 983                      {
 984                          eval("\$forumlistbits .= \"".$templates->get("misc_syndication_forumlist_forum")."\";");
 985                      }
 986  
 987                      if(!empty($forumcache[$forum['fid']]))
 988                      {
 989                          $newdepth = $depth."&nbsp;&nbsp;&nbsp;&nbsp;";
 990                          $forumlistbits .= makesyndicateforums($forum['fid'], '', 0, $newdepth);
 991                      }
 992                  }
 993                  else
 994                  {
 995                      if(isset($flist[$forum['fid']]))
 996                      {
 997                          unset($flist[$forum['fid']]);
 998                      }
 999                  }
1000              }
1001          }
1002      }
1003  
1004      if($addselect)
1005      {
1006          $addsel = empty($flist) ? ' selected="selected"' : '';
1007          eval("\$forumlist = \"".$templates->get("misc_syndication_forumlist")."\";");
1008      }
1009  
1010      return $forumlist;
1011  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref