Vergleich xmlhttp.php - 1.2.0 - 1.2.10

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 3Zeile 3
 * MyBB 1.2
* Copyright © 2006 MyBB Group, All Rights Reserved
*

 * MyBB 1.2
* Copyright © 2006 MyBB Group, All Rights Reserved
*

 * Website: http://www.mybboard.com
* License: http://www.mybboard.com/eula.html

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/eula.html

 *

 *

 * $Id: xmlhttp.php 2184 2006-09-02 10:22:48Z chris $

 * $Id: xmlhttp.php 3517 2007-11-27 15:40:54Z Tikitiki $

 */

/**

 */

/**

Zeile 74Zeile 74
	$loadstyle = "def=1";
}


	$loadstyle = "def=1";
}


 
// Load basic theme information that we could be needing.

$query = $db->simple_select(TABLE_PREFIX."themes", "name, tid, themebits", $loadstyle);
$theme = $db->fetch_array($query);
$theme = @array_merge($theme, unserialize($theme['themebits']));

$query = $db->simple_select(TABLE_PREFIX."themes", "name, tid, themebits", $loadstyle);
$theme = $db->fetch_array($query);
$theme = @array_merge($theme, unserialize($theme['themebits']));

Zeile 88Zeile 89
	if(is_dir($theme['imgdir'].'/'.$mybb->settings['bblanguage']))
{
$theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];

	if(is_dir($theme['imgdir'].'/'.$mybb->settings['bblanguage']))
{
$theme['imglangdir'] = $theme['imgdir'].'/'.$mybb->settings['bblanguage'];

	}

	}

	else
{
$theme['imglangdir'] = $theme['imgdir'];

	else
{
$theme['imglangdir'] = $theme['imgdir'];

Zeile 99Zeile 100

$lang->load("global");
$lang->load("xmlhttp");


$lang->load("global");
$lang->load("xmlhttp");


// Load basic theme information that we could be needing.

 

$plugins->run_hooks("xmlhttp");



$plugins->run_hooks("xmlhttp");


Zeile 114Zeile 113
	}

// Send our headers.

	}

// Send our headers.

	header("Content-type: text/html; charset={$charset}");

	header("Content-type: text/plain; charset={$charset}");


// Sanitize the input.
$mybb->input['query'] = str_replace(array("%", "_"), array("\\%", "\\_"), $mybb->input['query']);


// Sanitize the input.
$mybb->input['query'] = str_replace(array("%", "_"), array("\\%", "\\_"), $mybb->input['query']);

Zeile 168Zeile 167
		);
$query = $db->simple_select(TABLE_PREFIX."posts", "pid,uid,dateline", "tid='".$thread['tid']."'", $query_options);
$post = $db->fetch_array($query);

		);
$query = $db->simple_select(TABLE_PREFIX."posts", "pid,uid,dateline", "tid='".$thread['tid']."'", $query_options);
$post = $db->fetch_array($query);

	}
// Fetch the specific forum this thread/post is in.
$forum = get_forum($thread['fid']);

// Missing thread, invalid forum? Error.
if(!$thread['tid'] || !$forum['fid'] || $forum['type'] != "f")
{
xmlhttp_error($lang->thread_doesnt_exist);
}


	}
// Fetch the specific forum this thread/post is in.
$forum = get_forum($thread['fid']);

// Missing thread, invalid forum? Error.
if(!$thread['tid'] || !$forum['fid'] || $forum['type'] != "f")
{
xmlhttp_error($lang->thread_doesnt_exist);
}


	// Fetch forum permissions.
$forumpermissions = forum_permissions($forum['fid']);


	// Fetch forum permissions.
$forumpermissions = forum_permissions($forum['fid']);


Zeile 215Zeile 214
		}
else if(function_exists("mb_convert_encoding"))
{

		}
else if(function_exists("mb_convert_encoding"))
{

			$subject = mb_convert_encoding($subject, $charset, "UTF-8");

			$subject = @mb_convert_encoding($subject, $charset, "UTF-8");

		}
else if(strtolower($charset) == "iso-8859-1")
{

		}
else if(strtolower($charset) == "iso-8859-1")
{

Zeile 260Zeile 259
	}

// Send our headers.

	}

// Send our headers.

	header("Content-type: text/html; charset={$charset}");

	header("Content-type: text/plain; charset={$charset}"); 

	
// Spit the subject back to the browser.
echo $mybb->input['value'];

	
// Spit the subject back to the browser.
echo $mybb->input['value'];

Zeile 281Zeile 280
	
// Fetch the thread associated with this post.
$thread = get_thread($post['tid']);

	
// Fetch the thread associated with this post.
$thread = get_thread($post['tid']);





	// Fetch the specific forum this thread/post is in.
$forum = get_forum($thread['fid']);


	// Fetch the specific forum this thread/post is in.
$forum = get_forum($thread['fid']);


Zeile 301Zeile 300
		if($thread['closed'] == "yes")
{
xmlhttp_error($lang->thread_closed_edit_message);

		if($thread['closed'] == "yes")
{
xmlhttp_error($lang->thread_closed_edit_message);

		}

		}

		// Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing.
else if($forum['open'] == "no" || $forumpermissions['caneditposts'] == "no" || $mybb->user['uid'] != $post['uid'] || $mybb->user['uid'] == 0)
{

		// Forum is not open, user doesn't have permission to edit, or author doesn't match this user - don't allow editing.
else if($forum['open'] == "no" || $forumpermissions['caneditposts'] == "no" || $mybb->user['uid'] != $post['uid'] || $mybb->user['uid'] == 0)
{

Zeile 313Zeile 312
			$lang->edit_time_limit = sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
xmlhttp_error($lang->edit_time_limit);
}

			$lang->edit_time_limit = sprintf($lang->edit_time_limit, $mybb->settings['edittimelimit']);
xmlhttp_error($lang->edit_time_limit);
}

	}

	}

	if($mybb->input['do'] == "get_post")
{
// Send our headers.

	if($mybb->input['do'] == "get_post")
{
// Send our headers.

		header("Content-type: text/html; charset={$charset}");

		header("Content-type: text/xml; charset={$charset}");

		
$post['message'] = htmlspecialchars_uni($post['message']);


		
$post['message'] = htmlspecialchars_uni($post['message']);


Zeile 333Zeile 332
		if(strtolower($charset) != "utf-8")
{
if(function_exists("iconv"))

		if(strtolower($charset) != "utf-8")
{
if(function_exists("iconv"))

			{

			{

				$message = iconv("UTF-8", $charset, $message);
}
else if(function_exists("mb_convert_encoding"))
{

				$message = iconv("UTF-8", $charset, $message);
}
else if(function_exists("mb_convert_encoding"))
{

				$message = mb_convert_encoding($message, $charset, "UTF-8");

				$message = @mb_convert_encoding($message, $charset, "UTF-8");

			}
else if(strtolower($charset) == "iso-8859-1")
{

			}
else if(strtolower($charset) == "iso-8859-1")
{

Zeile 348Zeile 347
		//die(str_replace("&", "&", $message));
if($debug_this == 1)
{

		//die(str_replace("&", "&", $message));
if($debug_this == 1)
{

			$fp = fopen(MYBB_ROOT."/uploads/test.log", "a");

			$fp = fopen(MYBB_ROOT."uploads/test.log", "a");

			fwrite($fp, $message."\n\n\n");
fclose($fp);
}

			fwrite($fp, $message."\n\n\n");
fclose($fp);
}

Zeile 402Zeile 401
			$attachcache[$attachment['pid']][$attachment['aid']] = $attachment;
}


			$attachcache[$attachment['pid']][$attachment['aid']] = $attachment;
}


		require_once MYBB_ROOT."/inc/functions_post.php";

		require_once MYBB_ROOT."inc/functions_post.php";

		
get_post_attachments($post['pid'], $post);


		
get_post_attachments($post['pid'], $post);


Zeile 438Zeile 437

// Join the post IDs back together
$quoted_posts = implode(",", $quoted_posts);


// Join the post IDs back together
$quoted_posts = implode(",", $quoted_posts);

	

	

	// Fetch unviewable forums
$unviewable_forums = get_unviewable_forums();
if($unviewable_forums)

	// Fetch unviewable forums
$unviewable_forums = get_unviewable_forums();
if($unviewable_forums)

Zeile 451Zeile 450
	if(!$mybb->input['load_all'])
{
$from_tid = "p.tid != '".intval($mybb->input['tid'])."' AND ";

	if(!$mybb->input['load_all'])
{
$from_tid = "p.tid != '".intval($mybb->input['tid'])."' AND ";

	}

	}

	else
{
$from_tid = '';

	else
{
$from_tid = '';

	}	





	}

require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;


	// Query for any posts in the list which are not within the specified thread
$query = $db->query("

	// Query for any posts in the list which are not within the specified thread
$query = $db->query("

		SELECT p.subject, p.message, p.pid, p.tid, p.username, u.username AS userusername

		SELECT p.subject, p.message, p.pid, p.tid, p.username, t.fid, p.visible, u.username AS userusername

		FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)

		FROM ".TABLE_PREFIX."posts p
LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=p.uid)

		WHERE {$from_tid}p.pid IN ($quoted_posts) {$unviewable_forums} AND p.visible='1'

		WHERE {$from_tid}p.pid IN ($quoted_posts) {$unviewable_forums}

	");
while($quoted_post = $db->fetch_array($query))

	");
while($quoted_post = $db->fetch_array($query))

	{






	{	
if(is_moderator($quoted_post['fid']) != 'yes' && $quoted_post['visible'] == 0)
{
continue;
}


		// Swap username over if we have a registered user
if($quoted_post['userusername'])
{

		// Swap username over if we have a registered user
if($quoted_post['userusername'])
{

Zeile 475Zeile 483
		$quoted_post['message'] = preg_replace('#(^|\r|\n)/me ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} \\2", $quoted_post['message']);
$quoted_post['message'] = preg_replace('#(^|\r|\n)/slap ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", $quoted_post['message']);
$quoted_post['message'] = preg_replace("#\[attachment=([0-9]+?)\]#i", '', $quoted_post['message']);

		$quoted_post['message'] = preg_replace('#(^|\r|\n)/me ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} \\2", $quoted_post['message']);
$quoted_post['message'] = preg_replace('#(^|\r|\n)/slap ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", $quoted_post['message']);
$quoted_post['message'] = preg_replace("#\[attachment=([0-9]+?)\]#i", '', $quoted_post['message']);

		


		$quoted_post['message'] = $parser->parse_badwords($quoted_post['message']);	


		// Tack on to list of messages
$message .= "[quote={$quoted_post['username']}]\n{$quoted_post['message']}\n[/quote]\n\n";
}

		// Tack on to list of messages
$message .= "[quote={$quoted_post['username']}]\n{$quoted_post['message']}\n[/quote]\n\n";
}

	

	

	// Send our headers.
header("Content-type: text/plain; charset={$charset}");
echo $message;

	// Send our headers.
header("Content-type: text/plain; charset={$charset}");
echo $message;

Zeile 492Zeile 501
 */
function xmlhttp_error($message)
{

 */
function xmlhttp_error($message)
{

 
	global $charset;


	// Send our headers.

	// Send our headers.

	header("Content-type: text/html; charset={$charset}");

	header("Content-type: text/xml; charset={$charset}");

	
// Send the error message.
echo "<error>".$message."</error>";

	
// Send the error message.
echo "<error>".$message."</error>";