| Zeile 3 | Zeile 3 |
|---|
* MyBB 1.2
* Copyright © 2006 MyBB Group, All Rights Reserved
*
|
* MyBB 1.2
* Copyright © 2006 MyBB Group, All Rights Reserved
*
|
* Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html
| * Website: http://www.mybboard.net
* License: http://www.mybboard.net/eula.html
|
*
|
*
|
* $Id: xmlhttp.php 2222 2006-09-13 14:22:27Z chris $
| * $Id: xmlhttp.php 3600 2008-01-21 00:08:28Z Tikitiki $
|
*/
/**
| */
/**
|
| Zeile 74 | Zeile 74 |
|---|
$loadstyle = "def=1";
}
|
$loadstyle = "def=1";
}
|
| | // Load basic theme information that we could be needing.
|
$query = $db->simple_select(TABLE_PREFIX."themes", "name, tid, themebits", $loadstyle);
$theme = $db->fetch_array($query);
$theme = @array_merge($theme, unserialize($theme['themebits']));
| $query = $db->simple_select(TABLE_PREFIX."themes", "name, tid, themebits", $loadstyle);
$theme = $db->fetch_array($query);
$theme = @array_merge($theme, unserialize($theme['themebits']));
|
| Zeile 88 | Zeile 89 |
|---|
if(is_dir($theme['imgdir'].'/'.$mybb->settings['bblanguage']))
{
$theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
|
if(is_dir($theme['imgdir'].'/'.$mybb->settings['bblanguage']))
{
$theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];
|
}
| }
|
else
{
$theme['imglangdir'] = $theme['imgdir'];
| else
{
$theme['imglangdir'] = $theme['imgdir'];
|
| Zeile 99 | Zeile 100 |
|---|
$lang->load("global");
$lang->load("xmlhttp");
|
$lang->load("global");
$lang->load("xmlhttp");
|
// Load basic theme information that we could be needing.
| |
$plugins->run_hooks("xmlhttp");
|
$plugins->run_hooks("xmlhttp");
|
| Zeile 114 | Zeile 113 |
|---|
}
// Send our headers.
|
}
// Send our headers.
|
header("Content-type: text/html; charset={$charset}");
| header("Content-type: text/plain; charset={$charset}");
|
// Sanitize the input.
$mybb->input['query'] = str_replace(array("%", "_"), array("\\%", "\\_"), $mybb->input['query']);
|
// Sanitize the input.
$mybb->input['query'] = str_replace(array("%", "_"), array("\\%", "\\_"), $mybb->input['query']);
|
| Zeile 139 | Zeile 138 |
|---|
// This action provides editing of thread/post subjects from within their respective list pages.
else if($mybb->input['action'] == "edit_subject" && $mybb->request_method == "post")
{
|
// This action provides editing of thread/post subjects from within their respective list pages.
else if($mybb->input['action'] == "edit_subject" && $mybb->request_method == "post")
{
|
| | // Verify POST request
if(!verify_post_check($mybb->input['my_post_key'], true))
{
xmlhttp_error($lang->invalid_post_code);
}
|
// Editing a post subject.
if($mybb->input['pid'])
{
| // Editing a post subject.
if($mybb->input['pid'])
{
|
| Zeile 168 | Zeile 173 |
|---|
);
$query = $db->simple_select(TABLE_PREFIX."posts", "pid,uid,dateline", "tid='".$thread['tid']."'", $query_options);
$post = $db->fetch_array($query);
|
);
$query = $db->simple_select(TABLE_PREFIX."posts", "pid,uid,dateline", "tid='".$thread['tid']."'", $query_options);
$post = $db->fetch_array($query);
|
}
// Fetch the specific forum this thread/post is in.
$forum = get_forum($thread['fid']);
// Missing thread, invalid forum? Error.
if(!$thread['tid'] || !$forum['fid'] || $forum['type'] != "f")
| }
// Fetch the specific forum this thread/post is in.
$forum = get_forum($thread['fid']);
// Missing thread, invalid forum? Error.
if(!$thread['tid'] || !$forum['fid'] || $forum['type'] != "f")
|
{
xmlhttp_error($lang->thread_doesnt_exist);
}
| {
xmlhttp_error($lang->thread_doesnt_exist);
}
|
| Zeile 215 | Zeile 220 |
|---|
}
else if(function_exists("mb_convert_encoding"))
{
|
}
else if(function_exists("mb_convert_encoding"))
{
|
$subject = mb_convert_encoding($subject, $charset, "UTF-8");
| $subject = @mb_convert_encoding($subject, $charset, "UTF-8");
|
}
else if(strtolower($charset) == "iso-8859-1")
{
| }
else if(strtolower($charset) == "iso-8859-1")
{
|
| Zeile 260 | Zeile 265 |
|---|
}
// Send our headers.
|
}
// Send our headers.
|
header("Content-type: text/html; charset={$charset}");
| header("Content-type: text/plain; charset={$charset}");
|
// Spit the subject back to the browser.
echo $mybb->input['value'];
|
// Spit the subject back to the browser.
echo $mybb->input['value'];
|
| Zeile 269 | Zeile 274 |
|---|
exit;
}
else if($mybb->input['action'] == "edit_post")
|
exit;
}
else if($mybb->input['action'] == "edit_post")
|
{
| {
|
// Fetch the post from the database.
$post = get_post($mybb->input['pid']);
| // Fetch the post from the database.
$post = get_post($mybb->input['pid']);
|
| Zeile 317 | Zeile 322 |
|---|
if($mybb->input['do'] == "get_post")
{
// Send our headers.
|
if($mybb->input['do'] == "get_post")
{
// Send our headers.
|
header("Content-type: text/html; charset={$charset}");
| header("Content-type: text/xml; charset={$charset}");
|
$post['message'] = htmlspecialchars_uni($post['message']);
|
$post['message'] = htmlspecialchars_uni($post['message']);
|
| Zeile 329 | Zeile 334 |
|---|
}
else if($mybb->input['do'] == "update_post")
{
|
}
else if($mybb->input['do'] == "update_post")
{
|
| | // Verify POST request
if(!verify_post_check($mybb->input['my_post_key'], true))
{
xmlhttp_error($lang->invalid_post_code);
}
|
$message = strval($_POST['value']);
if(strtolower($charset) != "utf-8")
{
| $message = strval($_POST['value']);
if(strtolower($charset) != "utf-8")
{
|
| Zeile 338 | Zeile 349 |
|---|
}
else if(function_exists("mb_convert_encoding"))
{
|
}
else if(function_exists("mb_convert_encoding"))
{
|
$message = mb_convert_encoding($message, $charset, "UTF-8");
| $message = @mb_convert_encoding($message, $charset, "UTF-8");
|
}
else if(strtolower($charset) == "iso-8859-1")
{
| }
else if(strtolower($charset) == "iso-8859-1")
{
|
| Zeile 348 | Zeile 359 |
|---|
//die(str_replace("&", "&", $message));
if($debug_this == 1)
{
|
//die(str_replace("&", "&", $message));
if($debug_this == 1)
{
|
$fp = fopen(MYBB_ROOT."/uploads/test.log", "a");
| $fp = fopen(MYBB_ROOT."uploads/test.log", "a");
|
fwrite($fp, $message."\n\n\n");
fclose($fp);
}
| fwrite($fp, $message."\n\n\n");
fclose($fp);
}
|
| Zeile 374 | Zeile 385 |
|---|
}
// No errors were found, we can call the update method.
else
|
}
// No errors were found, we can call the update method.
else
|
{
| {
|
$posthandler->update_post();
}
| $posthandler->update_post();
}
|
| Zeile 402 | Zeile 413 |
|---|
$attachcache[$attachment['pid']][$attachment['aid']] = $attachment;
}
|
$attachcache[$attachment['pid']][$attachment['aid']] = $attachment;
}
|
require_once MYBB_ROOT."/inc/functions_post.php";
| require_once MYBB_ROOT."inc/functions_post.php";
|
get_post_attachments($post['pid'], $post);
|
get_post_attachments($post['pid'], $post);
|
| Zeile 455 | Zeile 466 |
|---|
else
{
$from_tid = '';
|
else
{
$from_tid = '';
|
}
| }
require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;
|
// Query for any posts in the list which are not within the specified thread
$query = $db->query("
|
// Query for any posts in the list which are not within the specified thread
$query = $db->query("
|
SELECT p.subject, p.message, p.pid, p.tid, p.username, u.username AS userusername
| SELECT p.subject, p.message, p.pid, p.tid, p.username, t.fid, p.visible, u.username AS userusername
|
FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
|
FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)
|
WHERE {$from_tid}p.pid IN ($quoted_posts) {$unviewable_forums} AND p.visible='1'
| WHERE {$from_tid}p.pid IN ($quoted_posts) {$unviewable_forums}
|
");
while($quoted_post = $db->fetch_array($query))
|
");
while($quoted_post = $db->fetch_array($query))
|
{
| {
if(is_moderator($quoted_post['fid']) != 'yes' && $quoted_post['visible'] == 0)
{
continue;
}
|
// Swap username over if we have a registered user
if($quoted_post['userusername'])
{
| // Swap username over if we have a registered user
if($quoted_post['userusername'])
{
|
| Zeile 475 | Zeile 495 |
|---|
$quoted_post['message'] = preg_replace('#(^|\r|\n)/me ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} \\2", $quoted_post['message']);
$quoted_post['message'] = preg_replace('#(^|\r|\n)/slap ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", $quoted_post['message']);
$quoted_post['message'] = preg_replace("#\[attachment=([0-9]+?)\]#i", '', $quoted_post['message']);
|
$quoted_post['message'] = preg_replace('#(^|\r|\n)/me ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} \\2", $quoted_post['message']);
$quoted_post['message'] = preg_replace('#(^|\r|\n)/slap ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", $quoted_post['message']);
$quoted_post['message'] = preg_replace("#\[attachment=([0-9]+?)\]#i", '', $quoted_post['message']);
|
| $quoted_post['message'] = $parser->parse_badwords($quoted_post['message']);
|
// Tack on to list of messages
$message .= "[quote={$quoted_post['username']}]\n{$quoted_post['message']}\n[/quote]\n\n";
}
| // Tack on to list of messages
$message .= "[quote={$quoted_post['username']}]\n{$quoted_post['message']}\n[/quote]\n\n";
}
|
| Zeile 495 | Zeile 516 |
|---|
global $charset;
// Send our headers.
|
global $charset;
// Send our headers.
|
header("Content-type: text/html; charset={$charset}");
| header("Content-type: text/xml; charset={$charset}");
|
// Send the error message.
echo "<error>".$message."</error>";
|
// Send the error message.
echo "<error>".$message."</error>";
|