| Zeile 3 | Zeile 3 |
|---|
* MyBB 1.2
* Copyright © 2006 MyBB Group, All Rights Reserved
*
|
* MyBB 1.2
* Copyright © 2006 MyBB Group, All Rights Reserved
*
|
* Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html
| * Website: http://www.mybboard.net
* License: http://www.mybboard.net/eula.html
|
*
|
*
|
* $Id: xmlhttp.php 2477 2006-12-02 13:12:03Z CraKteR $
| * $Id: xmlhttp.php 3517 2007-11-27 15:40:54Z Tikitiki $
|
*/
/**
| */
/**
|
| Zeile 74 | Zeile 74 |
|---|
$loadstyle = "def=1";
}
|
$loadstyle = "def=1";
}
|
| | // Load basic theme information that we could be needing.
|
$query = $db->simple_select(TABLE_PREFIX."themes", "name, tid, themebits", $loadstyle);
$theme = $db->fetch_array($query);
$theme = @array_merge($theme, unserialize($theme['themebits']));
| $query = $db->simple_select(TABLE_PREFIX."themes", "name, tid, themebits", $loadstyle);
$theme = $db->fetch_array($query);
$theme = @array_merge($theme, unserialize($theme['themebits']));
|
| Zeile 99 | Zeile 100 |
|---|
$lang->load("global");
$lang->load("xmlhttp");
|
$lang->load("global");
$lang->load("xmlhttp");
|
// Load basic theme information that we could be needing.
| |
$plugins->run_hooks("xmlhttp");
|
$plugins->run_hooks("xmlhttp");
|
| Zeile 112 | Zeile 111 |
|---|
{
exit;
}
|
{
exit;
}
|
|
|
// Send our headers.
|
// Send our headers.
|
header("Content-type: text/html; charset={$charset}");
| header("Content-type: text/plain; charset={$charset}");
|
// Sanitize the input.
$mybb->input['query'] = str_replace(array("%", "_"), array("\\%", "\\_"), $mybb->input['query']);
|
// Sanitize the input.
$mybb->input['query'] = str_replace(array("%", "_"), array("\\%", "\\_"), $mybb->input['query']);
|
| Zeile 125 | Zeile 124 |
|---|
"order_dir" => "asc",
"limit_start" => 0,
"limit" => 15
|
"order_dir" => "asc",
"limit_start" => 0,
"limit" => 15
|
);
| );
|
$query = $db->simple_select(TABLE_PREFIX."users", "uid, username", "username LIKE '".$db->escape_string($mybb->input['query'])."%'", $query_options);
while($user = $db->fetch_array($query))
{
| $query = $db->simple_select(TABLE_PREFIX."users", "uid, username", "username LIKE '".$db->escape_string($mybb->input['query'])."%'", $query_options);
while($user = $db->fetch_array($query))
{
|
| Zeile 141 | Zeile 140 |
|---|
{
// Editing a post subject.
if($mybb->input['pid'])
|
{
// Editing a post subject.
if($mybb->input['pid'])
|
{
| {
|
// Fetch the post from the database.
$post = get_post($mybb->input['pid']);
| // Fetch the post from the database.
$post = get_post($mybb->input['pid']);
|
| Zeile 157 | Zeile 156 |
|---|
// We're editing a thread subject.
else if($mybb->input['tid'])
|
// We're editing a thread subject.
else if($mybb->input['tid'])
|
{
| {
|
// Fetch the thread.
$thread = get_thread($mybb->input['tid']);
| // Fetch the thread.
$thread = get_thread($mybb->input['tid']);
|
| Zeile 169 | Zeile 168 |
|---|
$query = $db->simple_select(TABLE_PREFIX."posts", "pid,uid,dateline", "tid='".$thread['tid']."'", $query_options);
$post = $db->fetch_array($query);
}
|
$query = $db->simple_select(TABLE_PREFIX."posts", "pid,uid,dateline", "tid='".$thread['tid']."'", $query_options);
$post = $db->fetch_array($query);
}
|
// Fetch the specific forum this thread/post is in.
$forum = get_forum($thread['fid']);
// Missing thread, invalid forum? Error.
if(!$thread['tid'] || !$forum['fid'] || $forum['type'] != "f")
{
xmlhttp_error($lang->thread_doesnt_exist);
}
| // Fetch the specific forum this thread/post is in.
$forum = get_forum($thread['fid']);
// Missing thread, invalid forum? Error.
if(!$thread['tid'] || !$forum['fid'] || $forum['type'] != "f")
{
xmlhttp_error($lang->thread_doesnt_exist);
}
|
// Fetch forum permissions.
$forumpermissions = forum_permissions($forum['fid']);
// If this user is not a moderator with "caneditposts" permissions.
if(is_moderator($forum['fid'], "caneditposts") != "yes")
|
// Fetch forum permissions.
$forumpermissions = forum_permissions($forum['fid']);
// If this user is not a moderator with "caneditposts" permissions.
if(is_moderator($forum['fid'], "caneditposts") != "yes")
|
{
| {
|
// Thread is closed - no editing allowed.
if($thread['closed'] == "yes")
{
| // Thread is closed - no editing allowed.
if($thread['closed'] == "yes")
{
|
| Zeile 201 | Zeile 200 |
|---|
xmlhttp_error($lang->edit_time_limit);
}
$ismod = false;
|
xmlhttp_error($lang->edit_time_limit);
}
$ismod = false;
|
}
| }
|
else
{
$ismod = true;
| else
{
$ismod = true;
|
| Zeile 214 | Zeile 213 |
|---|
$subject = iconv("UTF-8", $charset, $subject);
}
else if(function_exists("mb_convert_encoding"))
|
$subject = iconv("UTF-8", $charset, $subject);
}
else if(function_exists("mb_convert_encoding"))
|
{
$subject = mb_convert_encoding($subject, $charset, "UTF-8");
| {
$subject = @mb_convert_encoding($subject, $charset, "UTF-8");
|
}
else if(strtolower($charset) == "iso-8859-1")
{
| }
else if(strtolower($charset) == "iso-8859-1")
{
|
| Zeile 227 | Zeile 226 |
|---|
require_once MYBB_ROOT."inc/datahandlers/post.php";
$posthandler = new PostDataHandler("update");
$posthandler->action = "post";
|
require_once MYBB_ROOT."inc/datahandlers/post.php";
$posthandler = new PostDataHandler("update");
$posthandler->action = "post";
|
|
|
// Set the post data that came from the input to the $post array.
$updatepost = array(
"pid" => $post['pid'],
| // Set the post data that came from the input to the $post array.
$updatepost = array(
"pid" => $post['pid'],
|
| Zeile 239 | Zeile 238 |
|---|
// Now let the post handler do all the hard work.
if(!$posthandler->validate_post())
|
// Now let the post handler do all the hard work.
if(!$posthandler->validate_post())
|
{
| {
|
$post_errors = $posthandler->get_friendly_errors();
$errors = implode("\n\n", $post_errors);
xmlhttp_error($errors);
| $post_errors = $posthandler->get_friendly_errors();
$errors = implode("\n\n", $post_errors);
xmlhttp_error($errors);
|
| Zeile 257 | Zeile 256 |
|---|
);
log_moderator_action($modlogdata, "Edited Post");
}
|
);
log_moderator_action($modlogdata, "Edited Post");
}
|
}
| }
|
// Send our headers.
|
// Send our headers.
|
header("Content-type: text/html; charset={$charset}");
| header("Content-type: text/plain; charset={$charset}");
|
// Spit the subject back to the browser.
echo $mybb->input['value'];
|
// Spit the subject back to the browser.
echo $mybb->input['value'];
|
|
|
// Close the connection.
exit;
}
| // Close the connection.
exit;
}
|
| Zeile 277 | Zeile 276 |
|---|
if(!$post['pid'])
{
xmlhttp_error($lang->post_doesnt_exist);
|
if(!$post['pid'])
{
xmlhttp_error($lang->post_doesnt_exist);
|
}
| }
|
// Fetch the thread associated with this post.
$thread = get_thread($post['tid']);
| // Fetch the thread associated with this post.
$thread = get_thread($post['tid']);
|
| Zeile 317 | Zeile 316 |
|---|
if($mybb->input['do'] == "get_post")
{
// Send our headers.
|
if($mybb->input['do'] == "get_post")
{
// Send our headers.
|
header("Content-type: text/html; charset={$charset}");
| header("Content-type: text/xml; charset={$charset}");
|
$post['message'] = htmlspecialchars_uni($post['message']);
|
$post['message'] = htmlspecialchars_uni($post['message']);
|
| Zeile 338 | Zeile 337 |
|---|
}
else if(function_exists("mb_convert_encoding"))
{
|
}
else if(function_exists("mb_convert_encoding"))
{
|
$message = mb_convert_encoding($message, $charset, "UTF-8");
| $message = @mb_convert_encoding($message, $charset, "UTF-8");
|
}
else if(strtolower($charset) == "iso-8859-1")
{
| }
else if(strtolower($charset) == "iso-8859-1")
{
|
| Zeile 456 | Zeile 455 |
|---|
{
$from_tid = '';
}
|
{
$from_tid = '';
}
|
| |
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;
|
// Query for any posts in the list which are not within the specified thread
$query = $db->query("
|
// Query for any posts in the list which are not within the specified thread
$query = $db->query("
|
| Zeile 481 | Zeile 483 |
|---|
$quoted_post['message'] = preg_replace('#(^|\r|\n)/me ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} \\2", $quoted_post['message']);
$quoted_post['message'] = preg_replace('#(^|\r|\n)/slap ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", $quoted_post['message']);
$quoted_post['message'] = preg_replace("#\[attachment=([0-9]+?)\]#i", '', $quoted_post['message']);
|
$quoted_post['message'] = preg_replace('#(^|\r|\n)/me ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} \\2", $quoted_post['message']);
$quoted_post['message'] = preg_replace('#(^|\r|\n)/slap ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", $quoted_post['message']);
$quoted_post['message'] = preg_replace("#\[attachment=([0-9]+?)\]#i", '', $quoted_post['message']);
|
| $quoted_post['message'] = $parser->parse_badwords($quoted_post['message']);
|
// Tack on to list of messages
$message .= "[quote={$quoted_post['username']}]\n{$quoted_post['message']}\n[/quote]\n\n";
}
| // Tack on to list of messages
$message .= "[quote={$quoted_post['username']}]\n{$quoted_post['message']}\n[/quote]\n\n";
}
|
| Zeile 501 | Zeile 504 |
|---|
global $charset;
// Send our headers.
|
global $charset;
// Send our headers.
|
header("Content-type: text/html; charset={$charset}");
| header("Content-type: text/xml; charset={$charset}");
|
// Send the error message.
echo "<error>".$message."</error>";
|
// Send the error message.
echo "<error>".$message."</error>";
|