Vergleich xmlhttp.php - 1.2.8 - 1.2.10

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/eula.html
*

 * Website: http://www.mybboard.net
* License: http://www.mybboard.net/eula.html
*

 * $Id: xmlhttp.php 3030 2007-04-26 00:19:47Z Tikitiki $

 * $Id: xmlhttp.php 3517 2007-11-27 15:40:54Z Tikitiki $

 */

/**

 */

/**

Zeile 74Zeile 74
	$loadstyle = "def=1";
}


	$loadstyle = "def=1";
}


 
// Load basic theme information that we could be needing.

$query = $db->simple_select(TABLE_PREFIX."themes", "name, tid, themebits", $loadstyle);
$theme = $db->fetch_array($query);
$theme = @array_merge($theme, unserialize($theme['themebits']));

$query = $db->simple_select(TABLE_PREFIX."themes", "name, tid, themebits", $loadstyle);
$theme = $db->fetch_array($query);
$theme = @array_merge($theme, unserialize($theme['themebits']));

Zeile 99Zeile 100

$lang->load("global");
$lang->load("xmlhttp");


$lang->load("global");
$lang->load("xmlhttp");


// Load basic theme information that we could be needing.

 

$plugins->run_hooks("xmlhttp");



$plugins->run_hooks("xmlhttp");


Zeile 112Zeile 111
	{
exit;
}

	{
exit;
}

	

	

	// Send our headers.

	// Send our headers.

	header("Content-type: text/html; charset={$charset}");

	header("Content-type: text/plain; charset={$charset}");


// Sanitize the input.
$mybb->input['query'] = str_replace(array("%", "_"), array("\\%", "\\_"), $mybb->input['query']);


// Sanitize the input.
$mybb->input['query'] = str_replace(array("%", "_"), array("\\%", "\\_"), $mybb->input['query']);

Zeile 125Zeile 124
		"order_dir" => "asc",
"limit_start" => 0,
"limit" => 15

		"order_dir" => "asc",
"limit_start" => 0,
"limit" => 15

	);

	);

	$query = $db->simple_select(TABLE_PREFIX."users", "uid, username", "username LIKE '".$db->escape_string($mybb->input['query'])."%'", $query_options);
while($user = $db->fetch_array($query))
{

	$query = $db->simple_select(TABLE_PREFIX."users", "uid, username", "username LIKE '".$db->escape_string($mybb->input['query'])."%'", $query_options);
while($user = $db->fetch_array($query))
{

Zeile 141Zeile 140
{
// Editing a post subject.
if($mybb->input['pid'])

{
// Editing a post subject.
if($mybb->input['pid'])

	{

	{

		// Fetch the post from the database.
$post = get_post($mybb->input['pid']);


		// Fetch the post from the database.
$post = get_post($mybb->input['pid']);


Zeile 157Zeile 156
	
// We're editing a thread subject.
else if($mybb->input['tid'])

	
// We're editing a thread subject.
else if($mybb->input['tid'])

	{

	{

		// Fetch the thread.
$thread = get_thread($mybb->input['tid']);


		// Fetch the thread.
$thread = get_thread($mybb->input['tid']);


Zeile 169Zeile 168
		$query = $db->simple_select(TABLE_PREFIX."posts", "pid,uid,dateline", "tid='".$thread['tid']."'", $query_options);
$post = $db->fetch_array($query);
}

		$query = $db->simple_select(TABLE_PREFIX."posts", "pid,uid,dateline", "tid='".$thread['tid']."'", $query_options);
$post = $db->fetch_array($query);
}

	// Fetch the specific forum this thread/post is in.
$forum = get_forum($thread['fid']);

// Missing thread, invalid forum? Error.
if(!$thread['tid'] || !$forum['fid'] || $forum['type'] != "f")
{
xmlhttp_error($lang->thread_doesnt_exist);
}


	// Fetch the specific forum this thread/post is in.
$forum = get_forum($thread['fid']);

// Missing thread, invalid forum? Error.
if(!$thread['tid'] || !$forum['fid'] || $forum['type'] != "f")
{
xmlhttp_error($lang->thread_doesnt_exist);
}


	// Fetch forum permissions.
$forumpermissions = forum_permissions($forum['fid']);

// If this user is not a moderator with "caneditposts" permissions.
if(is_moderator($forum['fid'], "caneditposts") != "yes")

	// Fetch forum permissions.
$forumpermissions = forum_permissions($forum['fid']);

// If this user is not a moderator with "caneditposts" permissions.
if(is_moderator($forum['fid'], "caneditposts") != "yes")

	{

	{

		// Thread is closed - no editing allowed.
if($thread['closed'] == "yes")
{

		// Thread is closed - no editing allowed.
if($thread['closed'] == "yes")
{

Zeile 201Zeile 200
			xmlhttp_error($lang->edit_time_limit);
}
$ismod = false;

			xmlhttp_error($lang->edit_time_limit);
}
$ismod = false;

	}

	}

	else
{
$ismod = true;

	else
{
$ismod = true;

Zeile 214Zeile 213
			$subject = iconv("UTF-8", $charset, $subject);
}
else if(function_exists("mb_convert_encoding"))

			$subject = iconv("UTF-8", $charset, $subject);
}
else if(function_exists("mb_convert_encoding"))

		{
$subject = mb_convert_encoding($subject, $charset, "UTF-8");

		{
$subject = @mb_convert_encoding($subject, $charset, "UTF-8");

		}
else if(strtolower($charset) == "iso-8859-1")
{

		}
else if(strtolower($charset) == "iso-8859-1")
{

Zeile 227Zeile 226
	require_once MYBB_ROOT."inc/datahandlers/post.php";
$posthandler = new PostDataHandler("update");
$posthandler->action = "post";

	require_once MYBB_ROOT."inc/datahandlers/post.php";
$posthandler = new PostDataHandler("update");
$posthandler->action = "post";





	// Set the post data that came from the input to the $post array.
$updatepost = array(
"pid" => $post['pid'],

	// Set the post data that came from the input to the $post array.
$updatepost = array(
"pid" => $post['pid'],

Zeile 239Zeile 238

// Now let the post handler do all the hard work.
if(!$posthandler->validate_post())


// Now let the post handler do all the hard work.
if(!$posthandler->validate_post())

	{

	{

		$post_errors = $posthandler->get_friendly_errors();
$errors = implode("\n\n", $post_errors);
xmlhttp_error($errors);

		$post_errors = $posthandler->get_friendly_errors();
$errors = implode("\n\n", $post_errors);
xmlhttp_error($errors);

Zeile 257Zeile 256
			);
log_moderator_action($modlogdata, "Edited Post");
}

			);
log_moderator_action($modlogdata, "Edited Post");
}

	}

	}


// Send our headers.


// Send our headers.

	header("Content-type: text/html; charset={$charset}");


	header("Content-type: text/plain; charset={$charset}"); 


	// Spit the subject back to the browser.
echo $mybb->input['value'];

	// Spit the subject back to the browser.
echo $mybb->input['value'];

	

	

	// Close the connection.
exit;
}

	// Close the connection.
exit;
}

Zeile 277Zeile 276
	if(!$post['pid'])
{
xmlhttp_error($lang->post_doesnt_exist);

	if(!$post['pid'])
{
xmlhttp_error($lang->post_doesnt_exist);

	}


	}


	// Fetch the thread associated with this post.
$thread = get_thread($post['tid']);


	// Fetch the thread associated with this post.
$thread = get_thread($post['tid']);


Zeile 317Zeile 316
	if($mybb->input['do'] == "get_post")
{
// Send our headers.

	if($mybb->input['do'] == "get_post")
{
// Send our headers.

		header("Content-type: text/html; charset={$charset}");

		header("Content-type: text/xml; charset={$charset}");

		
$post['message'] = htmlspecialchars_uni($post['message']);


		
$post['message'] = htmlspecialchars_uni($post['message']);


Zeile 338Zeile 337
			}
else if(function_exists("mb_convert_encoding"))
{

			}
else if(function_exists("mb_convert_encoding"))
{

				$message = mb_convert_encoding($message, $charset, "UTF-8");

				$message = @mb_convert_encoding($message, $charset, "UTF-8");

			}
else if(strtolower($charset) == "iso-8859-1")
{

			}
else if(strtolower($charset) == "iso-8859-1")
{

Zeile 456Zeile 455
	{
$from_tid = '';
}

	{
$from_tid = '';
}

 

require_once MYBB_ROOT."inc/class_parser.php";
$parser = new postParser;


// Query for any posts in the list which are not within the specified thread
$query = $db->query("


// Query for any posts in the list which are not within the specified thread
$query = $db->query("

Zeile 481Zeile 483
		$quoted_post['message'] = preg_replace('#(^|\r|\n)/me ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} \\2", $quoted_post['message']);
$quoted_post['message'] = preg_replace('#(^|\r|\n)/slap ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", $quoted_post['message']);
$quoted_post['message'] = preg_replace("#\[attachment=([0-9]+?)\]#i", '', $quoted_post['message']);

		$quoted_post['message'] = preg_replace('#(^|\r|\n)/me ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} \\2", $quoted_post['message']);
$quoted_post['message'] = preg_replace('#(^|\r|\n)/slap ([^\r\n<]*)#i', "\\1* {$quoted_post['username']} {$lang->slaps} \\2 {$lang->with_trout}", $quoted_post['message']);
$quoted_post['message'] = preg_replace("#\[attachment=([0-9]+?)\]#i", '', $quoted_post['message']);

		


		$quoted_post['message'] = $parser->parse_badwords($quoted_post['message']);	


		// Tack on to list of messages
$message .= "[quote={$quoted_post['username']}]\n{$quoted_post['message']}\n[/quote]\n\n";
}

		// Tack on to list of messages
$message .= "[quote={$quoted_post['username']}]\n{$quoted_post['message']}\n[/quote]\n\n";
}

Zeile 501Zeile 504
	global $charset;

// Send our headers.

	global $charset;

// Send our headers.

	header("Content-type: text/html; charset={$charset}");

	header("Content-type: text/xml; charset={$charset}");

	
// Send the error message.
echo "<error>".$message."</error>";

	
// Send the error message.
echo "<error>".$message."</error>";