1<?php 2/** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11/** 12 * Build a post bit 13 * 14 * @param array $post The post data 15 * @param int $post_type The type of post bit we're building (1 = preview, 2 = pm, 3 = announcement, else = post) 16 * @return string The built post bit 17 */ 18function build_postbit($post, $post_type=0) 19{ 20 global $db, $altbg, $theme, $mybb, $postcounter, $profile_fields; 21 global $titlescache, $page, $templates, $forumpermissions, $attachcache; 22 global $lang, $ismod, $inlinecookie, $inlinecount, $groupscache, $fid; 23 global $plugins, $parser, $cache, $ignored_users, $hascustomtitle; 24 25 $hascustomtitle = 0; 26 27 // Set default values for any fields not provided here 28 foreach(array('pid', 'aid', 'pmid', 'posturl', 'button_multiquote', 'subject_extra', 'attachments', 'button_rep', 'button_warn', 'button_purgespammer', 'button_pm', 'button_reply_pm', 'button_replyall_pm', 'button_forward_pm', 'button_delete_pm', 'replink', 'warninglevel') as $post_field) 29 { 30 if(empty($post[$post_field])) 31 { 32 $post[$post_field] = ''; 33 } 34 } 35 36 // Set up the message parser if it doesn't already exist. 37 if(!$parser) 38 { 39 require_once MYBB_ROOT."inc/class_parser.php"; 40 $parser = new postParser; 41 } 42 43 if(!function_exists("purgespammer_show")) 44 { 45 require_once MYBB_ROOT."inc/functions_user.php"; 46 } 47 48 $unapproved_shade = ''; 49 if(isset($post['visible']) && $post['visible'] == 0 && $post_type == 0) 50 { 51 $altbg = $unapproved_shade = 'unapproved_post'; 52 } 53 elseif(isset($post['visible']) && $post['visible'] == -1 && $post_type == 0) 54 { 55 $altbg = $unapproved_shade = 'unapproved_post deleted_post'; 56 } 57 elseif($altbg == 'trow1') 58 { 59 $altbg = 'trow2'; 60 } 61 else 62 { 63 $altbg = 'trow1'; 64 } 65 $post['fid'] = $fid; 66 switch($post_type) 67 { 68 case 1: // Message preview 69 global $forum; 70 $parser_options['allow_html'] = $forum['allowhtml']; 71 $parser_options['allow_mycode'] = $forum['allowmycode']; 72 $parser_options['allow_smilies'] = $forum['allowsmilies']; 73 $parser_options['allow_imgcode'] = $forum['allowimgcode']; 74 $parser_options['allow_videocode'] = $forum['allowvideocode']; 75 $parser_options['me_username'] = $post['username']; 76 $parser_options['filter_badwords'] = 1; 77 $id = 0; 78 break; 79 case 2: // Private message 80 global $message, $pmid; 81 $idtype = 'pmid'; 82 $parser_options['allow_html'] = $mybb->settings['pmsallowhtml']; 83 $parser_options['allow_mycode'] = $mybb->settings['pmsallowmycode']; 84 $parser_options['allow_smilies'] = $mybb->settings['pmsallowsmilies']; 85 $parser_options['allow_imgcode'] = $mybb->settings['pmsallowimgcode']; 86 $parser_options['allow_videocode'] = $mybb->settings['pmsallowvideocode']; 87 $parser_options['me_username'] = $post['username']; 88 $parser_options['filter_badwords'] = 1; 89 $id = $pmid; 90 break; 91 case 3: // Announcement 92 global $announcementarray, $message; 93 $parser_options['allow_html'] = $mybb->settings['announcementshtml'] && $announcementarray['allowhtml']; 94 $parser_options['allow_mycode'] = $announcementarray['allowmycode']; 95 $parser_options['allow_smilies'] = $announcementarray['allowsmilies']; 96 $parser_options['allow_imgcode'] = 1; 97 $parser_options['allow_videocode'] = 1; 98 $parser_options['me_username'] = $post['username']; 99 $parser_options['filter_badwords'] = 1; 100 $id = $announcementarray['aid']; 101 break; 102 default: // Regular post 103 global $forum, $thread, $tid; 104 $oldforum = $forum; 105 $id = (int)$post['pid']; 106 $idtype = 'pid'; 107 $parser_options['allow_html'] = $forum['allowhtml']; 108 $parser_options['allow_mycode'] = $forum['allowmycode']; 109 $parser_options['allow_smilies'] = $forum['allowsmilies']; 110 $parser_options['allow_imgcode'] = $forum['allowimgcode']; 111 $parser_options['allow_videocode'] = $forum['allowvideocode']; 112 $parser_options['filter_badwords'] = 1; 113 break; 114 } 115 116 if(!$post['username']) 117 { 118 $post['username'] = $lang->guest; // htmlspecialchars_uni'd below 119 } 120 121 if($post['userusername']) 122 { 123 $parser_options['me_username'] = $post['userusername']; 124 } 125 else 126 { 127 $parser_options['me_username'] = $post['username']; 128 } 129 130 $post['username'] = htmlspecialchars_uni($post['username']); 131 $post['userusername'] = htmlspecialchars_uni($post['userusername']); 132 133 if(!$postcounter) 134 { // Used to show the # of the post 135 if($page > 1) 136 { 137 if(!$mybb->settings['postsperpage'] || (int)$mybb->settings['postsperpage'] < 1) 138 { 139 $mybb->settings['postsperpage'] = 20; 140 } 141 142 $postcounter = $mybb->settings['postsperpage']*($page-1); 143 } 144 else 145 { 146 $postcounter = 0; 147 } 148 $post_extra_style = "border-top-width: 0;"; 149 } 150 elseif($mybb->get_input('mode') == "threaded") 151 { 152 $post_extra_style = "border-top-width: 0;"; 153 } 154 else 155 { 156 $post_extra_style = "margin-top: 5px;"; 157 } 158 159 if(!$altbg) 160 { // Define the alternate background colour if this is the first post 161 $altbg = "trow1"; 162 } 163 $postcounter++; 164 165 // Format the post date and time using my_date 166 $post['postdate'] = my_date('relative', $post['dateline']); 167 168 // Dont want any little 'nasties' in the subject 169 $post['subject'] = $parser->parse_badwords($post['subject']); 170 171 // Pm's have been htmlspecialchars_uni()'ed already. 172 if($post_type != 2) 173 { 174 $post['subject'] = htmlspecialchars_uni($post['subject']); 175 } 176 177 if(empty($post['subject'])) 178 { 179 $post['subject'] = ' '; 180 } 181 182 $post['author'] = $post['uid']; 183 $post['subject_title'] = $post['subject']; 184 185 // Get the usergroup 186 if($post['usergroup']) 187 { 188 $usergroup = usergroup_permissions($post['usergroup']); 189 } 190 else 191 { 192 $usergroup = usergroup_permissions(1); 193 } 194 195 // Fetch display group data. 196 $displaygroupfields = array("title", "description", "namestyle", "usertitle", "stars", "starimage", "image"); 197 198 if(!$post['displaygroup']) 199 { 200 $post['displaygroup'] = $post['usergroup']; 201 } 202 203 $displaygroup = usergroup_displaygroup($post['displaygroup']); 204 if(is_array($displaygroup)) 205 { 206 $usergroup = array_merge($usergroup, $displaygroup); 207 } 208 209 if(!is_array($titlescache)) 210 { 211 $cached_titles = $cache->read("usertitles"); 212 if(!empty($cached_titles)) 213 { 214 foreach($cached_titles as $usertitle) 215 { 216 $titlescache[$usertitle['posts']] = $usertitle; 217 } 218 } 219 220 if(is_array($titlescache)) 221 { 222 krsort($titlescache); 223 } 224 unset($usertitle, $cached_titles); 225 } 226 227 // Work out the usergroup/title stuff 228 $post['groupimage'] = ''; 229 if(!empty($usergroup['image'])) 230 { 231 $language = $mybb->settings['bblanguage']; 232 if(!empty($mybb->user['language'])) 233 { 234 $language = $mybb->user['language']; 235 } 236 237 $usergroup['image'] = str_replace("{lang}", $language, $usergroup['image']); 238 $usergroup['image'] = str_replace("{theme}", $theme['imgdir'], $usergroup['image']); 239 eval("\$post['groupimage'] = \"".$templates->get("postbit_groupimage")."\";"); 240 241 if($mybb->settings['postlayout'] == "classic") 242 { 243 $post['groupimage'] .= "<br />"; 244 } 245 } 246 247 if($post['userusername']) 248 { 249 // This post was made by a registered user 250 $post['username'] = $post['userusername']; 251 $post['profilelink_plain'] = get_profile_link($post['uid']); 252 $post['username_formatted'] = format_name($post['username'], $post['usergroup'], $post['displaygroup']); 253 $post['profilelink'] = build_profile_link($post['username_formatted'], $post['uid']); 254 255 if(trim($post['usertitle']) != "") 256 { 257 $hascustomtitle = 1; 258 } 259 260 if($usergroup['usertitle'] != "" && !$hascustomtitle) 261 { 262 $post['usertitle'] = $usergroup['usertitle']; 263 } 264 elseif(is_array($titlescache) && !$usergroup['usertitle']) 265 { 266 reset($titlescache); 267 foreach($titlescache as $key => $titleinfo) 268 { 269 if($post['postnum'] >= $key) 270 { 271 if(!$hascustomtitle) 272 { 273 $post['usertitle'] = $titleinfo['title']; 274 } 275 $post['stars'] = $titleinfo['stars']; 276 $post['starimage'] = $titleinfo['starimage']; 277 break; 278 } 279 } 280 } 281 282 $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); 283 284 if($usergroup['stars']) 285 { 286 $post['stars'] = $usergroup['stars']; 287 } 288 289 if(empty($post['starimage'])) 290 { 291 $post['starimage'] = $usergroup['starimage']; 292 } 293 294 $post['userstars'] = ''; 295 if($post['starimage'] && isset($post['stars'])) 296 { 297 // Only display stars if we have an image to use... 298 $post['starimage'] = str_replace("{theme}", $theme['imgdir'], $post['starimage']); 299 300 for($i = 0; $i < $post['stars']; ++$i) 301 { 302 eval("\$post['userstars'] .= \"".$templates->get("postbit_userstar", 1, 0)."\";"); 303 } 304 305 $post['userstars'] .= "<br />"; 306 } 307 308 $postnum = $post['postnum']; 309 $post['postnum'] = my_number_format($post['postnum']); 310 $post['threadnum'] = my_number_format($post['threadnum']); 311 312 // Determine the status to show for the user (Online/Offline/Away) 313 $timecut = TIME_NOW - $mybb->settings['wolcutoff']; 314 if($post['lastactive'] > $timecut && ($post['invisible'] != 1 || $mybb->usergroup['canviewwolinvis'] == 1) && $post['lastvisit'] != $post['lastactive']) 315 { 316 eval("\$post['onlinestatus'] = \"".$templates->get("postbit_online")."\";"); 317 } 318 else 319 { 320 if($post['away'] == 1 && $mybb->settings['allowaway'] != 0) 321 { 322 eval("\$post['onlinestatus'] = \"".$templates->get("postbit_away")."\";"); 323 } 324 else 325 { 326 eval("\$post['onlinestatus'] = \"".$templates->get("postbit_offline")."\";"); 327 } 328 } 329 330 $post['useravatar'] = ''; 331 if(isset($mybb->user['showavatars']) && $mybb->user['showavatars'] != 0 || $mybb->user['uid'] == 0) 332 { 333 $useravatar = format_avatar($post['avatar'], $post['avatardimensions'], $mybb->settings['postmaxavatarsize']); 334 eval("\$post['useravatar'] = \"".$templates->get("postbit_avatar")."\";"); 335 } 336 337 $post['button_find'] = ''; 338 if($mybb->usergroup['cansearch'] == 1) 339 { 340 eval("\$post['button_find'] = \"".$templates->get("postbit_find")."\";"); 341 } 342 343 if($mybb->settings['enablepms'] == 1 && $post['uid'] != $mybb->user['uid'] && (($post['receivepms'] != 0 && $usergroup['canusepms'] != 0 && $mybb->usergroup['cansendpms'] == 1 && my_strpos(",".$post['ignorelist'].",", ",".$mybb->user['uid'].",") === false) || $mybb->usergroup['canoverridepm'] == 1)) 344 { 345 eval("\$post['button_pm'] = \"".$templates->get("postbit_pm")."\";"); 346 } 347 348 $post['button_rep'] = ''; 349 if($post_type != 3 && $mybb->settings['enablereputation'] == 1 && $mybb->settings['postrep'] == 1 && $mybb->usergroup['cangivereputations'] == 1 && $usergroup['usereputationsystem'] == 1 && ($mybb->settings['posrep'] || $mybb->settings['neurep'] || $mybb->settings['negrep']) && $post['uid'] != $mybb->user['uid'] && (!isset($post['visible']) || $post['visible'] == 1) && (!isset($thread['visible']) || $thread['visible'] == 1)) 350 { 351 if(!$post['pid']) 352 { 353 $post['pid'] = 0; 354 } 355 356 eval("\$post['button_rep'] = \"".$templates->get("postbit_rep_button")."\";"); 357 } 358 359 if($post['website'] != "" && !is_member($mybb->settings['hidewebsite']) && $usergroup['canchangewebsite'] == 1) 360 { 361 $post['website'] = htmlspecialchars_uni($post['website']); 362 eval("\$post['button_www'] = \"".$templates->get("postbit_www")."\";"); 363 } 364 else 365 { 366 $post['button_www'] = ""; 367 } 368 369 if($post['hideemail'] != 1 && $post['uid'] != $mybb->user['uid'] && $mybb->usergroup['cansendemail'] == 1) 370 { 371 eval("\$post['button_email'] = \"".$templates->get("postbit_email")."\";"); 372 } 373 else 374 { 375 $post['button_email'] = ""; 376 } 377 378 $post['userregdate'] = my_date($mybb->settings['regdateformat'], $post['regdate']); 379 380 // Work out the reputation this user has (only show if not announcement) 381 if($post_type != 3 && $usergroup['usereputationsystem'] != 0 && $mybb->settings['enablereputation'] == 1) 382 { 383 $post['userreputation'] = get_reputation($post['reputation'], $post['uid']); 384 eval("\$post['replink'] = \"".$templates->get("postbit_reputation")."\";"); 385 } 386 387 // Showing the warning level? (only show if not announcement) 388 if($post_type != 3 && $mybb->settings['enablewarningsystem'] != 0 && $usergroup['canreceivewarnings'] != 0 && ($mybb->usergroup['canwarnusers'] != 0 || ($mybb->user['uid'] == $post['uid'] && $mybb->settings['canviewownwarning'] != 0))) 389 { 390 if($mybb->settings['maxwarningpoints'] < 1) 391 { 392 $mybb->settings['maxwarningpoints'] = 10; 393 } 394 395 $warning_level = round($post['warningpoints']/$mybb->settings['maxwarningpoints']*100); 396 if($warning_level > 100) 397 { 398 $warning_level = 100; 399 } 400 $warning_level = get_colored_warning_level($warning_level); 401 402 // If we can warn them, it's not the same person, and we're in a PM or a post. 403 if($mybb->usergroup['canwarnusers'] != 0 && $post['uid'] != $mybb->user['uid'] && ($post_type == 0 || $post_type == 2)) 404 { 405 eval("\$post['button_warn'] = \"".$templates->get("postbit_warn")."\";"); 406 $warning_link = "warnings.php?uid={$post['uid']}"; 407 } 408 else 409 { 410 $post['button_warn'] = ''; 411 $warning_link = "usercp.php"; 412 } 413 eval("\$post['warninglevel'] = \"".$templates->get("postbit_warninglevel")."\";"); 414 } 415 416 if($post_type != 3 && $post_type != 1 && purgespammer_show($post['postnum'], $post['usergroup'], $post['uid'])) 417 { 418 eval("\$post['button_purgespammer'] = \"".$templates->get('postbit_purgespammer')."\";"); 419 } 420 421 if(!isset($profile_fields)) 422 { 423 $profile_fields = array(); 424 425 // Fetch profile fields to display 426 $pfcache = $cache->read('profilefields'); 427 428 if(is_array($pfcache)) 429 { 430 foreach($pfcache as $profilefield) 431 { 432 if($profilefield['postbit'] != 1) 433 { 434 continue; 435 } 436 437 $profile_fields[$profilefield['fid']] = $profilefield; 438 } 439 } 440 } 441 442 // Display profile fields on posts - only if field is filled in 443 $post['profilefield'] = ''; 444 if(!empty($profile_fields)) 445 { 446 foreach($profile_fields as $field) 447 { 448 $fieldfid = "fid{$field['fid']}"; 449 if(!empty($post[$fieldfid])) 450 { 451 $post['fieldvalue'] = ''; 452 $post['fieldname'] = htmlspecialchars_uni($field['name']); 453 454 $thing = explode("\n", $field['type'], "2"); 455 $type = trim($thing[0]); 456 $useropts = explode("\n", $post[$fieldfid]); 457 458 if(is_array($useropts) && ($type == "multiselect" || $type == "checkbox")) 459 { 460 $post['fieldvalue_option'] = ''; 461 462 foreach($useropts as $val) 463 { 464 if($val != '') 465 { 466 eval("\$post['fieldvalue_option'] .= \"".$templates->get("postbit_profilefield_multiselect_value")."\";"); 467 } 468 } 469 if($post['fieldvalue_option'] != '') 470 { 471 eval("\$post['fieldvalue'] .= \"".$templates->get("postbit_profilefield_multiselect")."\";"); 472 } 473 } 474 else 475 { 476 $field_parser_options = array( 477 "allow_html" => $field['allowhtml'], 478 "allow_mycode" => $field['allowmycode'], 479 "allow_smilies" => $field['allowsmilies'], 480 "allow_imgcode" => $field['allowimgcode'], 481 "allow_videocode" => $field['allowvideocode'], 482 #"nofollow_on" => 1, 483 "filter_badwords" => 1 484 ); 485 486 if($field['type'] == "textarea") 487 { 488 $field_parser_options['me_username'] = $post['username']; 489 } 490 else 491 { 492 $field_parser_options['nl2br'] = 0; 493 } 494 495 if($mybb->user['uid'] != 0 && $mybb->user['showimages'] != 1 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) 496 { 497 $field_parser_options['allow_imgcode'] = 0; 498 } 499 500 $post['fieldvalue'] = $parser->parse_message($post[$fieldfid], $field_parser_options); 501 } 502 503 eval("\$post['profilefield'] .= \"".$templates->get("postbit_profilefield")."\";"); 504 } 505 } 506 } 507 508 eval("\$post['user_details'] = \"".$templates->get("postbit_author_user")."\";"); 509 } 510 else 511 { // Message was posted by a guest or an unknown user 512 $post['profilelink'] = format_name($post['username'], 1); 513 514 if($usergroup['usertitle']) 515 { 516 $post['usertitle'] = $usergroup['usertitle']; 517 } 518 else 519 { 520 $post['usertitle'] = $lang->guest; 521 } 522 523 $post['usertitle'] = htmlspecialchars_uni($post['usertitle']); 524 525 $usergroup['title'] = $lang->na; 526 527 $post['userregdate'] = $lang->na; 528 $post['postnum'] = $lang->na; 529 $post['button_profile'] = ''; 530 $post['button_email'] = ''; 531 $post['button_www'] = ''; 532 $post['signature'] = ''; 533 $post['button_pm'] = ''; 534 $post['button_find'] = ''; 535 $post['onlinestatus'] = ''; 536 $post['replink'] = ''; 537 eval("\$post['user_details'] = \"".$templates->get("postbit_author_guest")."\";"); 538 } 539 540 $post['input_editreason'] = ''; 541 $post['button_edit'] = ''; 542 $post['button_quickdelete'] = ''; 543 $post['button_quickrestore'] = ''; 544 $post['button_quote'] = ''; 545 $post['button_quickquote'] = ''; 546 $post['button_report'] = ''; 547 $post['button_reply_pm'] = ''; 548 $post['button_replyall_pm'] = ''; 549 $post['button_forward_pm'] = ''; 550 $post['button_delete_pm'] = ''; 551 552 // For private messages, fetch the reply/forward/delete icons 553 if($post_type == 2 && $post['pmid']) 554 { 555 global $replyall; 556 557 eval("\$post['button_reply_pm'] = \"".$templates->get("postbit_reply_pm")."\";"); 558 eval("\$post['button_forward_pm'] = \"".$templates->get("postbit_forward_pm")."\";"); 559 eval("\$post['button_delete_pm'] = \"".$templates->get("postbit_delete_pm")."\";"); 560 561 if($replyall == true) 562 { 563 eval("\$post['button_replyall_pm'] = \"".$templates->get("postbit_replyall_pm")."\";"); 564 } 565 } 566 567 $post['editedmsg'] = ''; 568 if(!$post_type) 569 { 570 if(!isset($forumpermissions)) 571 { 572 $forumpermissions = forum_permissions($fid); 573 } 574 575 // Figure out if we need to show an "edited by" message 576 if($post['edituid'] != 0 && $post['edittime'] != 0 && $post['editusername'] != "" && ($mybb->settings['showeditedby'] != 0 && $usergroup['cancp'] == 0 && !is_moderator($post['fid'], "", $post['uid']) || ($mybb->settings['showeditedbyadmin'] != 0 && ($usergroup['cancp'] == 1 || is_moderator($post['fid'], "", $post['uid']))))) 577 { 578 $post['editdate'] = my_date('relative', $post['edittime']); 579 $post['editnote'] = $lang->sprintf($lang->postbit_edited, $post['editdate']); 580 $post['editusername'] = htmlspecialchars_uni($post['editusername']); 581 $post['editedprofilelink'] = build_profile_link($post['editusername'], $post['edituid']); 582 $editreason = ""; 583 if($post['editreason'] != "") 584 { 585 $post['editreason'] = $parser->parse_badwords($post['editreason']); 586 $post['editreason'] = htmlspecialchars_uni($post['editreason']); 587 eval("\$editreason = \"".$templates->get("postbit_editedby_editreason")."\";"); 588 } 589 eval("\$post['editedmsg'] = \"".$templates->get("postbit_editedby")."\";"); 590 } 591 592 $time = TIME_NOW; 593 if((is_moderator($fid, "caneditposts") || ($forumpermissions['caneditposts'] == 1 && $mybb->user['uid'] == $post['uid'] && $thread['closed'] != 1 && ($mybb->usergroup['edittimelimit'] == 0 || $mybb->usergroup['edittimelimit'] != 0 && $post['dateline'] > ($time-($mybb->usergroup['edittimelimit']*60))))) && $mybb->user['uid'] != 0) 594 { 595 eval("\$post['input_editreason'] = \"".$templates->get("postbit_editreason")."\";"); 596 eval("\$post['button_edit'] = \"".$templates->get("postbit_edit")."\";"); 597 } 598 599 // Quick Delete button 600 $can_delete_thread = $can_delete_post = 0; 601 if($mybb->user['uid'] == $post['uid'] && $thread['closed'] == 0) 602 { 603 if($forumpermissions['candeletethreads'] == 1 && $postcounter == 1) 604 { 605 $can_delete_thread = 1; 606 } 607 else if($forumpermissions['candeleteposts'] == 1 && $postcounter != 1) 608 { 609 $can_delete_post = 1; 610 } 611 } 612 613 $postbit_qdelete = $postbit_qrestore = ''; 614 if($mybb->user['uid'] != 0) 615 { 616 if((is_moderator($fid, "candeleteposts") || is_moderator($fid, "cansoftdeleteposts") || $can_delete_post == 1) && $postcounter != 1) 617 { 618 $postbit_qdelete = $lang->postbit_qdelete_post; 619 $display = ''; 620 if($post['visible'] == -1) 621 { 622 $display = "none"; 623 } 624 eval("\$post['button_quickdelete'] = \"".$templates->get("postbit_quickdelete")."\";"); 625 } 626 else if((is_moderator($fid, "candeletethreads") || is_moderator($fid, "cansoftdeletethreads") || $can_delete_thread == 1) && $postcounter == 1) 627 { 628 $postbit_qdelete = $lang->postbit_qdelete_thread; 629 $display = ''; 630 if($post['visible'] == -1) 631 { 632 $display = "none"; 633 } 634 eval("\$post['button_quickdelete'] = \"".$templates->get("postbit_quickdelete")."\";"); 635 } 636 637 // Restore Post 638 if(is_moderator($fid, "canrestoreposts") && $postcounter != 1) 639 { 640 $display = "none"; 641 if($post['visible'] == -1) 642 { 643 $display = ''; 644 } 645 $postbit_qrestore = $lang->postbit_qrestore_post; 646 eval("\$post['button_quickrestore'] = \"".$templates->get("postbit_quickrestore")."\";"); 647 } 648 649 // Restore Thread 650 else if(is_moderator($fid, "canrestorethreads") && $postcounter == 1) 651 { 652 $display = "none"; 653 if($post['visible'] == -1) 654 { 655 $display = ""; 656 } 657 $postbit_qrestore = $lang->postbit_qrestore_thread; 658 eval("\$post['button_quickrestore'] = \"".$templates->get("postbit_quickrestore")."\";"); 659 } 660 } 661 662 if(!isset($ismod)) 663 { 664 $ismod = is_moderator($fid); 665 } 666 667 // Inline moderation stuff 668 if($ismod) 669 { 670 if(isset($mybb->cookies[$inlinecookie]) && my_strpos($mybb->cookies[$inlinecookie], "|".$post['pid']."|") !== false) 671 { 672 $inlinecheck = "checked=\"checked\""; 673 $inlinecount++; 674 } 675 else 676 { 677 $inlinecheck = ""; 678 } 679 680 eval("\$post['inlinecheck'] = \"".$templates->get("postbit_inlinecheck")."\";"); 681 682 if($post['visible'] == 0) 683 { 684 $invisiblepost = 1; 685 } 686 } 687 else 688 { 689 $post['inlinecheck'] = ""; 690 } 691 $post['postlink'] = get_post_link($post['pid'], $post['tid']); 692 $post_number = my_number_format($postcounter); 693 eval("\$post['posturl'] = \"".$templates->get("postbit_posturl")."\";"); 694 global $forum, $thread; 695 696 if($forum['open'] != 0 && ($thread['closed'] != 1 || is_moderator($forum['fid'], "canpostclosedthreads")) && ($thread['uid'] == $mybb->user['uid'] || empty($forumpermissions['canonlyreplyownthreads']))) 697 { 698 eval("\$post['button_quote'] = \"".$templates->get("postbit_quote")."\";"); 699 } 700 701 if($forumpermissions['canpostreplys'] != 0 && ($thread['uid'] == $mybb->user['uid'] || empty($forumpermissions['canonlyreplyownthreads'])) && ($thread['closed'] != 1 || is_moderator($fid, "canpostclosedthreads")) && $mybb->settings['multiquote'] != 0 && $forum['open'] != 0 && !$post_type) 702 { 703 eval("\$post['button_multiquote'] = \"".$templates->get("postbit_multiquote")."\";"); 704 } 705 706 if(isset($post['reporters'])) 707 { 708 $skip_report = my_unserialize($post['reporters']); 709 if(is_array($skip_report)) 710 { 711 $skip_report[] = 0; 712 } 713 else 714 { 715 $skip_report = array(0); 716 } 717 } 718 else 719 { 720 $skip_report = array(0); 721 } 722 723 $reportable = user_permissions($post['uid']); 724 if(!in_array($mybb->user['uid'], $skip_report) && !empty($reportable['canbereported'])) 725 { 726 eval("\$post['button_report'] = \"".$templates->get("postbit_report")."\";"); 727 } 728 } 729 elseif($post_type == 3) // announcement 730 { 731 if($mybb->usergroup['canmodcp'] == 1 && $mybb->usergroup['canmanageannounce'] == 1 && is_moderator($fid, "canmanageannouncements")) 732 { 733 eval("\$post['button_edit'] = \"".$templates->get("announcement_edit")."\";"); 734 eval("\$post['button_quickdelete'] = \"".$templates->get("announcement_quickdelete")."\";"); 735 } 736 } 737 738 $post['iplogged'] = ''; 739 $show_ips = $mybb->settings['logip']; 740 741 // Show post IP addresses... PMs now can have IP addresses too as of 1.8! 742 if($post_type == 2) 743 { 744 $show_ips = $mybb->settings['showpmip']; 745 } 746 if(!$post_type || $post_type == 2) 747 { 748 if($show_ips != "no" && !empty($post['ipaddress'])) 749 { 750 $ipaddress = my_inet_ntop($db->unescape_binary($post['ipaddress'])); 751 752 if($show_ips == "show") 753 { 754 eval("\$post['iplogged'] = \"".$templates->get("postbit_iplogged_show")."\";"); 755 } 756 else if($show_ips == "hide" && (is_moderator($fid, "canviewips") || $mybb->usergroup['issupermod'])) 757 { 758 $action = 'getip'; 759 $javascript = 'getIP'; 760 761 if($post_type == 2) 762 { 763 $action = 'getpmip'; 764 $javascript = 'getPMIP'; 765 } 766 767 eval("\$post['iplogged'] = \"".$templates->get("postbit_iplogged_hiden")."\";"); 768 } 769 } 770 } 771 772 $post['poststatus'] = ''; 773 if(!$post_type && $post['visible'] != 1) 774 { 775 if(is_moderator($fid, "canviewdeleted") && $postcounter != 1 && $post['visible'] == -1) 776 { 777 $status_type = $lang->postbit_post_deleted; 778 } 779 else if(is_moderator($fid, "canviewunapprove") && $postcounter != 1 && $post['visible'] == 0) 780 { 781 $status_type = $lang->postbit_post_unapproved; 782 } 783 else if(is_moderator($fid, "canviewdeleted") && $postcounter == 1 && $post['visible'] == -1) 784 { 785 $status_type = $lang->postbit_thread_deleted; 786 } 787 else if(is_moderator($fid, "canviewunapprove") && $postcounter == 1 && $post['visible'] == 0) 788 { 789 $status_type = $lang->postbit_thread_unapproved; 790 } 791 792 eval("\$post['poststatus'] = \"".$templates->get("postbit_status")."\";"); 793 } 794 795 if(isset($post['smilieoff']) && $post['smilieoff'] == 1) 796 { 797 $parser_options['allow_smilies'] = 0; 798 } 799 800 if($mybb->user['uid'] != 0 && $mybb->user['showimages'] != 1 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) 801 { 802 $parser_options['allow_imgcode'] = 0; 803 } 804 805 if($mybb->user['uid'] != 0 && $mybb->user['showvideos'] != 1 || $mybb->settings['guestvideos'] != 1 && $mybb->user['uid'] == 0) 806 { 807 $parser_options['allow_videocode'] = 0; 808 } 809 810 // If we have incoming search terms to highlight - get it done. 811 if(!empty($mybb->input['highlight'])) 812 { 813 $parser_options['highlight'] = $mybb->input['highlight']; 814 $post['subject'] = $parser->highlight_message($post['subject'], $parser_options['highlight']); 815 } 816 817 $post['message'] = $parser->parse_message($post['message'], $parser_options); 818 819 $post['attachments'] = ''; 820 if($mybb->settings['enableattachments'] != 0) 821 { 822 get_post_attachments($id, $post); 823 } 824 825 if(isset($post['includesig']) && $post['includesig'] != 0 && $post['username'] && $post['signature'] != "" && ($mybb->user['uid'] == 0 || $mybb->user['showsigs'] != 0) 826 && ($post['suspendsignature'] == 0 || $post['suspendsignature'] == 1 && $post['suspendsigtime'] != 0 && $post['suspendsigtime'] < TIME_NOW) && $usergroup['canusesig'] == 1 827 && ($usergroup['canusesigxposts'] == 0 || $usergroup['canusesigxposts'] > 0 && $postnum > $usergroup['canusesigxposts']) && !is_member($mybb->settings['hidesignatures'])) 828 { 829 $sig_parser = array( 830 "allow_html" => $mybb->settings['sightml'], 831 "allow_mycode" => $mybb->settings['sigmycode'], 832 "allow_smilies" => $mybb->settings['sigsmilies'], 833 "allow_imgcode" => $mybb->settings['sigimgcode'], 834 "me_username" => $parser_options['me_username'], 835 "filter_badwords" => 1 836 ); 837 838 if($usergroup['signofollow']) 839 { 840 $sig_parser['nofollow_on'] = 1; 841 } 842 843 if($mybb->user['uid'] != 0 && $mybb->user['showimages'] != 1 || $mybb->settings['guestimages'] != 1 && $mybb->user['uid'] == 0) 844 { 845 $sig_parser['allow_imgcode'] = 0; 846 } 847 848 $post['signature'] = $parser->parse_message($post['signature'], $sig_parser); 849 eval("\$post['signature'] = \"".$templates->get("postbit_signature")."\";"); 850 } 851 else 852 { 853 $post['signature'] = ""; 854 } 855 856 $icon_cache = $cache->read("posticons"); 857 858 if(isset($post['icon']) && $post['icon'] > 0 && $icon_cache[$post['icon']]) 859 { 860 $icon = $icon_cache[$post['icon']]; 861 862 $icon['path'] = htmlspecialchars_uni($icon['path']); 863 $icon['path'] = str_replace("{theme}", $theme['imgdir'], $icon['path']); 864 $icon['name'] = htmlspecialchars_uni($icon['name']); 865 eval("\$post['icon'] = \"".$templates->get("postbit_icon")."\";"); 866 } 867 else 868 { 869 $post['icon'] = ""; 870 } 871 872 $post_visibility = $ignore_bit = $deleted_bit = ''; 873 switch($post_type) 874 { 875 case 1: // Message preview 876 $post = $plugins->run_hooks("postbit_prev", $post); 877 break; 878 case 2: // Private message 879 $post = $plugins->run_hooks("postbit_pm", $post); 880 break; 881 case 3: // Announcement 882 $post = $plugins->run_hooks("postbit_announcement", $post); 883 break; 884 default: // Regular post 885 $post = $plugins->run_hooks("postbit", $post); 886 887 if(!isset($ignored_users)) 888 { 889 $ignored_users = array(); 890 if($mybb->user['uid'] > 0 && $mybb->user['ignorelist'] != "") 891 { 892 $ignore_list = explode(',', $mybb->user['ignorelist']); 893 foreach($ignore_list as $uid) 894 { 895 $ignored_users[$uid] = 1; 896 } 897 } 898 } 899 900 // Has this post been deleted but can be viewed? Hide this post 901 if($post['visible'] == -1 && is_moderator($fid, "canviewdeleted")) 902 { 903 $deleted_message = $lang->sprintf($lang->postbit_deleted_post_user, $post['username']); 904 eval("\$deleted_bit = \"".$templates->get("postbit_deleted")."\";"); 905 $post_visibility = "display: none;"; 906 } 907 908 // Is the user (not moderator) logged in and have unapproved posts? 909 if($mybb->user['uid'] && $post['visible'] == 0 && $post['uid'] == $mybb->user['uid'] && !is_moderator($fid, "canviewunapprove")) 910 { 911 $ignored_message = $lang->sprintf($lang->postbit_post_under_moderation, $post['username']); 912 eval("\$ignore_bit = \"".$templates->get("postbit_ignored")."\";"); 913 $post_visibility = "display: none;"; 914 } 915 916 // Is this author on the ignore list of the current user? Hide this post 917 if(is_array($ignored_users) && $post['uid'] != 0 && isset($ignored_users[$post['uid']]) && $ignored_users[$post['uid']] == 1 && empty($deleted_bit)) 918 { 919 $ignored_message = $lang->sprintf($lang->postbit_currently_ignoring_user, $post['username']); 920 eval("\$ignore_bit = \"".$templates->get("postbit_ignored")."\";"); 921 $post_visibility = "display: none;"; 922 } 923 break; 924 } 925 926 if($post_type == 0 && $forumpermissions['canviewdeletionnotice'] == 1 && $post['visible'] == -1 && !is_moderator($fid, "canviewdeleted")) 927 { 928 eval("\$postbit = \"".$templates->get("postbit_deleted_member")."\";"); 929 } 930 else 931 { 932 if($mybb->settings['postlayout'] == "classic") 933 { 934 eval("\$postbit = \"".$templates->get("postbit_classic")."\";"); 935 } 936 else 937 { 938 eval("\$postbit = \"".$templates->get("postbit")."\";"); 939 } 940 } 941 942 $GLOBALS['post'] = ""; 943 944 return $postbit; 945} 946 947/** 948 * Fetch the attachments for a specific post and parse inline [attachment=id] code. 949 * Note: assumes you have $attachcache, an array of attachments set up. 950 * 951 * @param int $id The ID of the item. 952 * @param array $post The post or item passed by reference. 953 */ 954function get_post_attachments($id, &$post) 955{ 956 global $attachcache, $mybb, $theme, $templates, $forumpermissions, $lang; 957 958 $validationcount = 0; 959 $tcount = 0; 960 $post['attachmentlist'] = $post['thumblist'] = $post['imagelist'] = ''; 961 if(!isset($forumpermissions)) 962 { 963 $forumpermissions = forum_permissions($post['fid']); 964 } 965 966 if(isset($attachcache[$id]) && is_array($attachcache[$id])) 967 { // This post has 1 or more attachments 968 foreach($attachcache[$id] as $aid => $attachment) 969 { 970 if($attachment['visible']) 971 { // There is an attachment thats visible! 972 $attachment['filename'] = htmlspecialchars_uni($attachment['filename']); 973 $attachment['filesize'] = get_friendly_size($attachment['filesize']); 974 $ext = get_extension($attachment['filename']); 975 if($ext == "jpeg" || $ext == "gif" || $ext == "bmp" || $ext == "png" || $ext == "jpg") 976 { 977 $isimage = true; 978 } 979 else 980 { 981 $isimage = false; 982 } 983 $attachment['icon'] = get_attachment_icon($ext); 984 $attachment['downloads'] = my_number_format($attachment['downloads']); 985 986 if(!$attachment['dateuploaded']) 987 { 988 $attachment['dateuploaded'] = $attachment['dateline']; 989 } 990 $attachdate = my_date('normal', $attachment['dateuploaded']); 991 // Support for [attachment=id] code 992 if(stripos($post['message'], "[attachment=".$attachment['aid']."]") !== false) 993 { 994 // Show as thumbnail IF image is big && thumbnail exists && setting=='thumb' 995 // Show as full size image IF setting=='fullsize' || (image is small && permissions allow) 996 // Show as download for all other cases 997 if($attachment['thumbnail'] != "SMALL" && $attachment['thumbnail'] != "" && $mybb->settings['attachthumbnails'] == "yes") 998 { 999 eval("\$attbit = \"".$templates->get("postbit_attachments_thumbnails_thumbnail")."\";"); 1000 } 1001 elseif((($attachment['thumbnail'] == "SMALL" && $forumpermissions['candlattachments'] == 1) || $mybb->settings['attachthumbnails'] == "no") && $isimage) 1002 { 1003 eval("\$attbit = \"".$templates->get("postbit_attachments_images_image")."\";"); 1004 } 1005 else 1006 { 1007 eval("\$attbit = \"".$templates->get("postbit_attachments_attachment")."\";"); 1008 } 1009 $post['message'] = preg_replace("#\[attachment=".$attachment['aid']."]#si", $attbit, $post['message']); 1010 } 1011 else 1012 { 1013 // Show as thumbnail IF image is big && thumbnail exists && setting=='thumb' 1014 // Show as full size image IF setting=='fullsize' || (image is small && permissions allow) 1015 // Show as download for all other cases 1016 if($attachment['thumbnail'] != "SMALL" && $attachment['thumbnail'] != "" && $mybb->settings['attachthumbnails'] == "yes") 1017 { 1018 eval("\$post['thumblist'] .= \"".$templates->get("postbit_attachments_thumbnails_thumbnail")."\";"); 1019 if($tcount == 5) 1020 { 1021 $thumblist .= "<br />"; 1022 $tcount = 0; 1023 } 1024 ++$tcount; 1025 } 1026 elseif((($attachment['thumbnail'] == "SMALL" && $forumpermissions['candlattachments'] == 1) || $mybb->settings['attachthumbnails'] == "no") && $isimage) 1027 { 1028 if ($forumpermissions['candlattachments']) 1029 { 1030 eval("\$post['imagelist'] .= \"".$templates->get("postbit_attachments_images_image")."\";"); 1031 } 1032 else 1033 { 1034 eval("\$post['thumblist'] .= \"".$templates->get("postbit_attachments_thumbnails_thumbnail")."\";"); 1035 if($tcount == 5) 1036 { 1037 $thumblist .= "<br />"; 1038 $tcount = 0; 1039 } 1040 ++$tcount; 1041 } 1042 } 1043 else 1044 { 1045 eval("\$post['attachmentlist'] .= \"".$templates->get("postbit_attachments_attachment")."\";"); 1046 } 1047 } 1048 } 1049 else 1050 { 1051 $validationcount++; 1052 } 1053 } 1054 if($validationcount > 0 && is_moderator($post['fid'], "canviewunapprove")) 1055 { 1056 if($validationcount == 1) 1057 { 1058 $postbit_unapproved_attachments = $lang->postbit_unapproved_attachment; 1059 } 1060 else 1061 { 1062 $postbit_unapproved_attachments = $lang->sprintf($lang->postbit_unapproved_attachments, $validationcount); 1063 } 1064 eval("\$post['attachmentlist'] .= \"".$templates->get("postbit_attachments_attachment_unapproved")."\";"); 1065 } 1066 if($post['thumblist']) 1067 { 1068 eval("\$post['attachedthumbs'] = \"".$templates->get("postbit_attachments_thumbnails")."\";"); 1069 } 1070 else 1071 { 1072 $post['attachedthumbs'] = ''; 1073 } 1074 if($post['imagelist']) 1075 { 1076 eval("\$post['attachedimages'] = \"".$templates->get("postbit_attachments_images")."\";"); 1077 } 1078 else 1079 { 1080 $post['attachedimages'] = ''; 1081 } 1082 if($post['attachmentlist'] || $post['thumblist'] || $post['imagelist']) 1083 { 1084 eval("\$post['attachments'] = \"".$templates->get("postbit_attachments")."\";"); 1085 } 1086 } 1087} 1088 1089/** 1090 * Returns bytes count from human readable string 1091 * Used to parse ini_get human-readable values to int 1092 * 1093 * @param string $val Human-readable value 1094 */ 1095function return_bytes($val) { 1096 $val = trim($val); 1097 if ($val == "") 1098 { 1099 return 0; 1100 } 1101 1102 $last = strtolower($val[strlen($val)-1]); 1103 1104 $val = intval($val); 1105 1106 switch($last) 1107 { 1108 case 'g': 1109 $val *= 1024; 1110 case 'm': 1111 $val *= 1024; 1112 case 'k': 1113 $val *= 1024; 1114 } 1115 1116 return $val; 1117} 1118 1119/** 1120 * Detects whether an attachment removal/approval/unapproval 1121 * submit button was pressed (without triggering an AJAX request) 1122 * and sets inputs accordingly (as for an AJAX request). 1123 */ 1124function detect_attachmentact() 1125{ 1126 global $mybb; 1127 1128 foreach($mybb->input as $key => $val) 1129 { 1130 if(strpos($key, 'rem_') === 0) 1131 { 1132 $mybb->input['attachmentaid'] = (int)substr($key, 4); 1133 $mybb->input['attachmentact'] = 'remove'; 1134 break; 1135 } 1136 elseif(strpos($key, 'approveattach_') === 0) 1137 { 1138 $mybb->input['attachmentaid'] = (int)substr($key, 14); 1139 $mybb->input['attachmentact'] = 'approve'; 1140 break; 1141 } 1142 elseif(strpos($key, 'unapproveattach_') === 0) 1143 { 1144 $mybb->input['attachmentaid'] = (int)substr($key, 16); 1145 $mybb->input['attachmentact'] = 'unapprove'; 1146 break; 1147 } 1148 } 1149} 1150