本文整理匯總了PHP中print_no_permission函數的典型用法代碼示例。如果您正苦於以下問題:PHP print_no_permission函數的具體用法?PHP print_no_permission怎麽用?PHP print_no_permission使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了print_no_permission函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: output
public function output()
{
global $vbulletin;
$vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT));
// verify the userid exists, don't want useless entries in our table.
if ($vbulletin->GPC['userid'] and $vbulletin->GPC['userid'] != $vbulletin->userinfo['userid']) {
if (!($userinfo = fetch_userinfo($vbulletin->GPC['userid']))) {
standard_error(fetch_error('invalidid', $vbphrase['user'], $vbulletin->options['contactuslink']));
}
// are we a member of this user's blog?
if (!is_member_of_blog($vbulletin->userinfo, $userinfo)) {
print_no_permission();
}
$userid = $userinfo['userid'];
/* Blog posting check */
if (!($userinfo['permissions']['vbblog_entry_permissions'] & $vbulletin->bf_ugp_vbblog_entry_permissions['blog_canpost']) or !($userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])) {
print_no_permission();
}
} else {
$userinfo =& $vbulletin->userinfo;
$userid = '';
/* Blog posting check, no guests! */
if (!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) or !($vbulletin->userinfo['permissions']['vbblog_entry_permissions'] & $vbulletin->bf_ugp_vbblog_entry_permissions['blog_canpost']) or !$vbulletin->userinfo['userid']) {
print_no_permission();
}
}
require_once DIR . '/includes/blog_functions_shared.php';
prepare_blog_category_permissions($userinfo, true);
$globalcats = $this->construct_category($userinfo, 'global');
$localcats = $this->construct_category($userinfo, 'local');
return array('globalcategorybits' => $globalcats, 'localcategorybits' => $localcats);
}
示例2: getResponse
/**
* Main entry point for the controller.
*
* @return string - The final page output
*/
public function getResponse()
{
// Register the templater to be used for XHTML
vB_View::registerTemplater(vB_View::OT_XHTML, new vB_Templater_vB());
$error = vB_Router::getSegment('error');
// Resolve rerouted error
$error = in_array($error, array('403', '404', '409', '500')) ? $error : '404';
$current_page = $_SERVER['SCRIPT_NAME'] . ($_SERVER['SCRIPT_NAME'] == '' ? '' :
'?' . $_SERVER['QUERY_STRING']);
if ('403' == $error)
{
define('WOLPATH', '403|cpglobal|403_error|' . new vB_Phrase('wol', 'viewing_no_permission_message'));
vB::$vbulletin->session->set('location', $current_page);
print_no_permission();
}
else if ('409' == $error)
{
$message = ($message = vB_Router::getRerouteMessage()) ? $message : new vB_Phrase('error', 'error_409_description', vB_Router::getInitialURL(), vB_Router::getBaseURL(), vB::$vbulletin->options['contactuslink']);
define('WOLPATH', '409|wol|' . new vB_Phrase('cpglobal', 'error') . "|$message");
vB::$vbulletin->session->set('location', $current_page);
standard_error($message);
}
else if ('500' == $error)
{
$message = new vB_Phrase('error', 'error_500_description', vB_Router::getInitialURL(), vB_Router::getBaseURL(), vB::$vbulletin->options['contactuslink']);
define('WOLPATH', '500|wol|' . new vB_Phrase('cpglobal', 'error') . "|$message");
vB::$vbulletin->session->set('location', $current_page);
standard_error($message);
}
else
{
$message = new vB_Phrase('error', 'error_404_description', vB_Router::getBaseURL(), vB::$vbulletin->options['contactuslink']);
define('WOLPATH', '404|wol|' . new vB_Phrase('cpglobal', 'error') . "|$message");
vB::$vbulletin->session->set('location', $current_page);
}
// Create the page view
$page_view = new vB_View_Page('page');
$title = new vB_Phrase('error', 'error_404');
$page_view->setPageTitle($title);
// Create the body view
$error_view = new vB_View('error_message');
$subtitle = ($title != ($subtitle = vB_Router::getRerouteMessage())) ? $subtitle : false;
$error_view->title = $title;
$error_view->subtitle = $subtitle;
$error_view->message = new vB_Phrase('error', 'error_404_description', vB_Router::getBaseURL(), vB::$vbulletin->options['contactuslink']);
$page_view->setBodyView($error_view);
// Add general page info
$page_view->setPageTitle($title);
return $page_view->render();
}
示例3: do_vote_poll
function do_vote_poll()
{
global $vbulletin, $db, $foruminfo, $threadinfo, $postid, $vbphrase;
if (empty($threadinfo['threadid'])) {
json_error(ERR_INVALID_THREAD);
}
$threadid = $vbulletin->GPC['threadid'];
$counter = 1;
$pollid = $threadinfo['pollid'];
if (!$pollid) {
json_error(ERR_INVALID_THREAD);
}
$forumperms = fetch_permissions($threadinfo['forumid']);
// Get Poll info
$pollinfo = verify_id('poll', $pollid, 0, 1);
if (!$pollinfo['pollid']) {
json_error(standard_error(fetch_error('invalidid', $vbphrase['poll'], $vbulletin->options['contactuslink'])));
}
$vbulletin->input->clean_array_gpc('r', array('options' => TYPE_STR));
$options = split(',', $vbulletin->GPC['options']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canvote'])) {
print_no_permission();
}
//check if poll is closed
if (!$pollinfo['active'] or !$threadinfo['open'] or $pollinfo['dateline'] + $pollinfo['timeout'] * 86400 < TIMENOW and $pollinfo['timeout'] != 0) {
//poll closed
json_error(standard_error(fetch_error('pollclosed')));
}
//check if an option was selected
if (true) {
// Query master to reduce the chance of multiple poll votes
if ($uservoteinfo = $db->query_first("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "pollvote\n\t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\tAND pollid = {$pollid}\n\t\t")) {
//the user has voted before
json_error(standard_error(fetch_error('useralreadyvote')));
}
$totaloptions = substr_count($pollinfo['options'], '|||') + 1;
//Error checking complete, lets get the options
if ($pollinfo['multiple']) {
$insertsql = '';
$skip_voters = false;
foreach ($options as $val) {
$val = intval($val);
if ($val > 0 and $val <= $totaloptions) {
$pollvote =& datamanager_init('PollVote', $vbulletin, ERRTYPE_STANDARD);
$pollvote->set_info('skip_voters', $skip_voters);
$pollvote->set('pollid', $pollid);
$pollvote->set('votedate', TIMENOW);
$pollvote->set('voteoption', $val);
$pollvote->set('userid', $vbulletin->userinfo['userid']);
$pollvote->set('votetype', $val);
if (!$pollvote->save(true, false, false, false, true)) {
json_error(standard_error(fetch_error('useralreadyvote')));
}
$skip_voters = true;
}
}
} else {
if ($options[0] > 0 and $options[0] <= $totaloptions) {
$pollvote =& datamanager_init('PollVote', $vbulletin, ERRTYPE_STANDARD);
$pollvote->set('pollid', $pollid);
$pollvote->set('votedate', TIMENOW);
$pollvote->set('voteoption', $options[0]);
$pollvote->set('userid', $vbulletin->userinfo['userid']);
$pollvote->set('votetype', 0);
if (!$pollvote->save(true, false, false, false, true)) {
json_error(standard_error(fetch_error('useralreadyvote')));
}
}
}
// make last reply date == last vote date
if ($vbulletin->options['updatelastpost']) {
// option selected in CP
$threadman =& datamanager_init('Thread', $vbulletin, ERRTYPE_SILENT, 'threadpost');
$threadman->set_existing($threadinfo);
$threadman->set('lastpost', TIMENOW);
$threadman->save();
}
($hook = vBulletinHook::fetch_hook('poll_vote_complete')) ? eval($hook) : false;
}
return array('success' => true);
}
示例4: UpdateProfileAJAX
public function UpdateProfileAJAX()
{
if ($this->vbulletin->options['dle_onoff'] && $this->vbulletin->options['dle_profile']) {
if (!$this->vbulletin->userinfo['userid']) {
print_no_permission();
}
if (!($this->vbulletin->userinfo['permissions']['genericpermissions'] & $this->vbulletin->bf_ugp_genericpermissions['canmodifyprofile'])) {
print_no_permission();
}
$user_name = $this->vbulletin->userinfo['username'];
if (DLE_CHARSET && DLE_CHARSET != $this->vbulletin->userinfo['lang_charset']) {
$user_name = iconv($this->vbulletin->userinfo['lang_charset'], DLE_CHARSET, $user_name);
}
$this->_db_connect();
$user_name = $this->db->escape_string($user_name);
$dleuser = $this->db->query_first("SELECT user_id, xfields FROM " . USERPREFIX . "_users WHERE name='{$user_name}'");
if (!empty($dleuser['user_id'])) {
$xfields_array = array();
if ($dleuser['xfields']) {
$isset_fields = explode("||", $dleuser['xfields']);
foreach ($isset_fields as $field_name_value) {
$part = explode("|", $field_name_value);
$xfields_array[$part[0]] = $part[1];
}
}
$this->vbulletin->input->clean_array_gpc('p', array('fieldid' => TYPE_UINT, 'userfield' => TYPE_ARRAY));
function dle_convert_urlencoded_unicode_recursive($item)
{
if (is_array($item)) {
foreach ($item as $key => $value) {
$item["{$key}"] = dle_convert_urlencoded_unicode_recursive($value);
}
} else {
$item = convert_urlencoded_unicode(trim($item));
}
return $item;
}
// handle AJAX posting of %u00000 entries
$this->vbulletin->GPC['userfield'] = dle_convert_urlencoded_unicode_recursive($this->vbulletin->GPC['userfield']);
$update_field = '';
$fields = $this->vbulletin->GPC['userfield'];
foreach ($this->vbulletin->options['dle_fields'] as $vb_field => $dle_field) {
if (!empty($dle_field) && isset($fields[$vb_field])) {
$value = $fields[$vb_field];
if (DLE_CHARSET && DLE_CHARSET != $this->vbulletin->userinfo['lang_charset']) {
$value = iconv($this->vbulletin->userinfo['lang_charset'], DLE_CHARSET, $value);
}
if (in_array($dle_field, array('land', 'info', 'fullname'))) {
if ($update_field) {
$update_field .= ", ";
}
$update_field .= $dle_field . "='" . $this->db->escape_string($value) . "'";
} else {
$value = str_replace("|", "|", $value);
$value = $parse->BB_Parse($parse->process($value));
$xfields_array[$dle_field] = $value;
}
}
}
if ($xfields_array) {
$xfields_str = '';
foreach ($xfields_array as $field_dle_name => $value) {
if ($xfields_str) {
$xfields_str .= "||";
}
$xfields_str .= $field_dle_name . "|" . $value;
}
if ($update_field) {
$update_field .= ", xfields='" . $this->db->escape_string($xfields_str) . "'";
} else {
$update_field .= "xfields='" . $this->db->escape_string($xfields_str) . "'";
}
}
if ($update_field) {
$this->db->query_write("UPDATE " . USERPREFIX . "_users SET {$update_field} WHERE user_id=" . $dleuser['user_id']);
}
}
$this->_db_disconnect();
}
}
示例5: verify_blog_customblock
/**
* Fetches information about the selected custompage with permission checks
*
* @param integer The custompage we want info about
* @param string The type of customblock that we are working with (page or block)
* @param bool Should an error be displayed when block is not found
* @param bool Should a permission check be performed as well
*
* @return array Array of information about the custom page or prints an error if it doesn't exist / permission problems
*/
function verify_blog_customblock($customblockid, $type = null, $alert = true, $perm_check = true)
{
global $vbulletin, $vbphrase;
if (!($blockinfo = fetch_customblock_info($customblockid)))
{
if ($alert)
{
standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
}
else
{
return 0;
}
}
else if ($type AND $blockinfo['type'] != $type)
{
standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
}
$blockinfo['userinfo'] = verify_id('user', $blockinfo['userid'], 1, 1, 10);
if ($perm_check)
{
if ($vbulletin->userinfo['userid'] != $blockinfo['userinfo']['userid'] AND empty($blockinfo['userinfo']['bloguserid']))
{
standard_error(fetch_error('blog_noblog', $blockinfo['userinfo']['username']));
}
if (!$blockinfo['userinfo']['canviewmyblog'])
{
print_no_permission();
}
if (in_coventry($blockinfo['userinfo']['userid']) AND !can_moderate_blog())
{
standard_error(fetch_error('invalidid', $vbphrase['custom_block'], $vbulletin->options['contactuslink']));
}
if ($vbulletin->userinfo['userid'] == $blockinfo['userinfo']['userid'] AND !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']))
{
print_no_permission();
}
if ($vbulletin->userinfo['userid'] != $blockinfo['userinfo']['userid'] AND !($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']))
{
// Can't view other's entries so off you go to your own blog.
exec_header_redirect("blog.php?$session[sessionurl]u=" . $vbulletin->userinfo['userid']);
}
}
return $blockinfo;
}
示例6: vbseo_complete_sec
//.........這裏部分代碼省略.........
vbseo_modify_template($tplpostbit, '#<script[^>]+?>[^<]*?postmenu_\\$post.*?</script>#is', '');
vbseo_modify_template($tplpostbit, '#<div class=\\\\"vbmenu_popup.*?</div>#is', '');
}
if (THIS_SCRIPT == 'blog') {
$blog_tpls = array('blog_sidebar_user', 'blog_entry_with_userinfo', 'blog_entry_without_userinfo', 'blog_list_blogs_blog');
foreach ($blog_tpls as $_btpl) {
vbseo_modify_template($_btpl, '#<script[^>]+?>[^<]*?blogusermenu.*?</script>#is', '');
vbseo_modify_template($_btpl, '#<div class=\\\\"vbmenu_popup.*?</div>#is', '');
}
}
}
if (THIS_SCRIPT == 'index') {
if (VBSEO_CODE_CLEANUP_LASTPOST == 2) {
vbseo_modify_template('FORUMHOME', '#<td[^<]+?vbphrase\\[last_post\\]</td>#is', '');
vbseo_modify_template('forumhome_forumbit_level1_nopost', '#<td[^<]+?vbphrase\\[last_post\\].*?</td>#is', '');
vbseo_modify_template('FORUMDISPLAY', '#<td[^<]+?(<span[^<]+?)?(<a[^<]+?)?vbphrase\\[last_post\\].*?</td>#is', '');
vbseo_modify_template('forumhome_forumbit_level2_post', '#<td[^<]+?forum\\[lastpostinfo\\].*?</td>#is', '');
vbseo_modify_template('forumhome_forumbit_level1_post', '#<td[^<]+?forum\\[lastpostinfo\\].*?</td>#is', '');
vbseo_modify_template('threadbit', '#\\(\\(\\$show\\[\'threadmoved\'.*?/td>\\s*"\\)\\)\\.#is', '');
}
if (VBSEO_CODE_CLEANUP_LASTPOST == 1) {
vbseo_modify_template('threadbit', '#<a href=[^>]*?->[^>]*?->[^>]*?lastpostid.*?</a>#is', '');
vbseo_modify_template('forumhome_lastpostby', '#<a href=[^>]*?->[^>]*?->[^>]*?lastpostid.*?</a>#is', '');
$vbphrase['by_x'] = strip_tags($vbphrase['by_x']);
}
vbseo_modify_template('threadbit', '#<a href=\\\\"misc\\.php\\?do=whoposted.*?>(.*?)</a>#is', '$1');
}
}
break;
case 'moderation_start':
if ($_REQUEST['do'] == 'viewlinkbacks') {
global $navbar, $navclass, $HTML, $navbits, $headinclude, $header, $footer, $db, $show, $navclass, $notices, $pmbox, $notifications_total;
if (!can_moderate(0, 'vbseo_linkbacks')) {
print_no_permission();
}
vbseo_startup();
$vbseolinkbackbits = '';
$perpage = 20;
$pagenumber = $_GET['page'] ? $_GET['page'] : 1;
$vbseodb = vbseo_get_db();
$tp = $vbseodb->vbseodb_query_first("\nSELECT COUNT(*) as cnt\nFROM " . vbseo_tbl_prefix('vbseo_linkback') . "\nWHERE t_incoming=1 AND t_deleted=0 AND t_approve=0");
$totalposts = $tp['cnt'];
$vbseopings = $vbseodb->vbseodb_query($q = "\nSELECT t_id, t_time, t_src_url, t_dest_url, t_type, t_postid, t_postcount, t_threadid, t_page, t_title, t_text, t_approve, forumid\nFROM " . vbseo_tbl_prefix('vbseo_linkback') . "\nLEFT JOIN " . vbseo_tbl_prefix('thread') . " on threadid=t_threadid\nWHERE t_incoming=1 AND t_deleted=0 AND t_approve=0\nORDER BY t_time " . (preg_match('#^(asc|desc)$#i', VBSEO_DEFAULT_LINKBACKS_ORDER) ? VBSEO_DEFAULT_LINKBACKS_ORDER : "DESC") . " LIMIT " . ($pagenumber - 1) * $perpage . "," . $perpage);
$pagenav = construct_page_nav($pagenumber, $perpage, $totalposts, "moderation.php?do=viewlinkbacks");
while ($vbseoping = @$vbseodb->funcs['fetch_assoc']($vbseopings)) {
if (can_moderate($vbseoping['forumid'], 'vbseo_linkbacks')) {
$vbseoping['postno'] = $vbseoping['t_postcount'];
$vbseoping['ismod'] = 1;
$vbseoping['date'] = vbdate($vbulletin->options['dateformat'], $vbseoping['t_time'], true);
$vbseoping['time'] = vbdate($vbulletin->options['timeformat'], $vbseoping['t_time'], true);
$vbseoping['t_src_url'] = htmlentities($vbseoping['t_src_url']);
$vbseoping['t_dest_url'] = htmlentities($vbseoping['t_dest_url']);
$vbseoping['t_text_nohtml'] = htmlspecialchars(strip_tags($vbseoping['t_text']));
$vbseoping['t_title_html'] = htmlspecialchars($vbseoping['t_title']);
eval('$vbseolinkbackbits .= "' . fetch_template('vbseo_linkbackbit') . '";');
}
}
if ($vbseolinkbackbits) {
eval('$HTML = "' . fetch_template('vbseo_linkbacks') . '";');
} else {
$HTML = $vbphrase['vbseo_no_linkbacks_found'];
}
unset($vbseolinkbackbits);
$navbits[''] = $vbphrase['moderation'];
$navbits = construct_navbits($navbits);
construct_usercp_nav('moderatedlinkbacks');
示例7: verify_ui_permissions
/**
* Verify that the current user has basic rights to manipulate tags for this item
*
* Redirects with appropriate error message if the user can't access the UI.
* Its ugly to put it here but the rules very by content type and we want to
* hide that from the tag UI.
*
* @return should not return if the user does not have permissions.
*/
public function verify_ui_permissions()
{
global $vbulletin;
if (!$vbulletin->options['threadtagging'])
{
print_no_permission();
}
if ( !($this->can_add_tag() OR $this->can_manage_tag()) )
{
print_no_permission();
}
}
示例8: print_no_permission
if (!can_delete_all_thanks()) {
$using_ajax ? exit : print_no_permission();
}
delete_all_thanks($postinfo);
($hook = vBulletinHook::fetch_hook('post_thanks_main_remove_all_thanks_end')) ? eval($hook) : false;
if ($using_ajax) {
exit;
} else {
$vbulletin->url = "showthread.php?{$session['sessionurl']}p={$postid}";
eval(print_standard_redirect('redirect_post_thanks'));
}
}
if ($_REQUEST['do'] == 'post_thanks_remove_user') {
($hook = vBulletinHook::fetch_hook('post_thanks_main_remove_user_thanks_start')) ? eval($hook) : false;
if (!delete_thanks($postinfo, $vbulletin->userinfo['userid'])) {
$using_ajax ? exit : print_no_permission();
}
($hook = vBulletinHook::fetch_hook('post_thanks_main_remove_user_thanks_end')) ? eval($hook) : false;
$postinfo['post_thanks_amount'] = $postinfo['post_thanks_amount'] - 1;
if ($postinfo['post_thanks_amount'] > 0 && $using_ajax) {
$thanks = fetch_thanks($postid, '', true);
$postinfo['post_thanks_bit'] = fetch_thanks_bit($forumid, $thanks);
$postinfo['post_thanks_amount_formatted'] = vb_number_format($postinfo['post_thanks_amount']);
$postinfo['post_thanks_user'] = false;
$postinfo['ajax'] = true;
$echo = fetch_post_thanks_template($postinfo);
echo "{$echo}";
exit;
} else {
if ($using_ajax) {
exit;
示例9: verify_issuetypeid
/**
* Verifies that an issue type is valid. Errors if not.
*
* @param string Issue type ID
* @param integer Project ID.
*/
function verify_issuetypeid($issuetypeid, $projectid)
{
global $vbulletin, $vbphrase;
$project = fetch_project_info($projectid);
if (!$project) {
standard_error(fetch_error('invalidid', $vbphrase['issue_type'], $vbulletin->options['contactuslink']));
}
$types = $vbulletin->pt_projects["{$project['projectid']}"]['types'];
if (!isset($types["{$issuetypeid}"])) {
standard_error(fetch_error('invalidid', $vbphrase['issue_type'], $vbulletin->options['contactuslink']));
}
$issueperms = fetch_project_permissions($vbulletin->userinfo, $projectid, $issuetypeid);
if (!($issueperms['generalpermissions'] & $vbulletin->pt_bitfields['general']['canview'])) {
print_no_permission();
}
return true;
}
示例10: handle_attach
function handle_attach($action, $attributes, $content, $params, $node_object)
{
global $vbulletin, $fr_platform, $db, $contenttype, $images, $nuke_quotes;
if ($action == 'validate') {
return true;
}
if (!is_numeric($content)) {
return $content;
}
$attachmentid = intval($content);
if ($fr_platform == 'vb40') {
$_REQUEST['attachmentid'] = $attachmentid;
if (!($attach =& vB_Attachment_Display_Single_Library::fetch_library($vbulletin, $contenttype, true, $attachmentid))) {
return '';
}
$result = $attach->verify_attachment();
if ($result !== true) {
return '';
}
$url = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachmentid;
if (!$nuke_quotes) {
$images[] = $url;
}
return "<img src=\"{$url}\"/>";
} else {
if ($fr_platform == 'vb38' || $fr_platform == 'vb37' || $fr_platform == 'vb36') {
if (!($attachmentinfo = $db->query_first_slave("\n\t SELECT filename, attachment.postid, attachment.userid, attachmentid, attachment.extension,\n\t " . (!empty($vbulletin->GPC['thumb']) ? 'thumbnail_dateline AS dateline, thumbnail_filesize AS filesize,' : 'attachment.dateline, filesize,') . "\n\t attachment.visible, attachmenttype.newwindow, mimetype, thread.forumid, thread.threadid, thread.postuserid,\n\t post.visible AS post_visible, thread.visible AS thread_visible\n\t {$hook_query_fields}\n\t FROM " . TABLE_PREFIX . "attachment AS attachment\n\t LEFT JOIN " . TABLE_PREFIX . "attachmenttype AS attachmenttype ON (attachmenttype.extension = attachment.extension)\n\t LEFT JOIN " . TABLE_PREFIX . "post AS post ON (post.postid = attachment.postid)\n\t LEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (post.threadid = thread.threadid)\n\t {$hook_query_joins}\n\t WHERE " . ($vbulletin->GPC['postid'] ? "attachment.postid = " . $vbulletin->GPC['postid'] : "attachmentid = " . $attachmentid) . "\n\t {$hook_query_where}\n\t "))) {
return '';
}
if ($attachmentinfo['postid'] == 0) {
// Attachment that is in progress but hasn't been finalized
if ($vbulletin->userinfo['userid'] != $attachmentinfo['userid'] and !can_moderate($attachmentinfo['forumid'], 'caneditposts')) {
// Person viewing did not upload it
return '';
}
// else allow user to view the attachment (from the attachment manager for example)
} else {
$forumperms = fetch_permissions($attachmentinfo['forumid']);
$threadinfo = array('threadid' => $attachmentinfo['threadid']);
// used for session.inthread
$foruminfo = array('forumid' => $attachmentinfo['forumid']);
// used for session.inforum
# Block attachments belonging to soft deleted posts and threads
if (!can_moderate($attachmentinfo['forumid']) and ($attachmentinfo['post_visible'] == 2 or $attachmentinfo['thread_visible'] == 2)) {
return '';
}
# Block attachments belonging to moderated posts and threads
if (!can_moderate($attachmentinfo['forumid'], 'canmoderateposts') and ($attachmentinfo['post_visible'] == 0 or $attachmentinfo['thread_visible'] == 0)) {
return '';
}
$viewpermission = $forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'];
$viewthumbpermission = ($forumperms & $vbulletin->bf_ugp_forumpermissions['cangetattachment'] or $forumperms & $vbulletin->bf_ugp_forumpermissions['canseethumbnails']);
if (!($forumperms & $vbulletin->bf_ugp_forumpermissions['canview']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewthreads']) or !($forumperms & $vbulletin->bf_ugp_forumpermissions['canviewothers']) and ($attachmentinfo['postuserid'] != $vbulletin->userinfo['userid'] or $vbulletin->userinfo['userid'] == 0)) {
return '';
} else {
if ($vbulletin->GPC['thumb'] and !$viewthumbpermission or !$vbulletin->GPC['thumb'] and !$viewpermission) {
return '';
}
}
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($attachmentinfo['forumid'], $vbulletin->forumcache["{$attachmentinfo['forumid']}"]['password']);
if (!$attachmentinfo['visible'] and !can_moderate($attachmentinfo['forumid'], 'canmoderateattachments') and $attachmentinfo['userid'] != $vbulletin->userinfo['userid']) {
print_no_permission();
}
}
$url = $vbulletin->options['bburl'] . '/attachment.php?attachmentid=' . $attachmentid;
if (!$nuke_quotes) {
$images[] = $url;
return "<img src=\"{$url}\"/>";
} else {
return '';
}
} else {
return '';
}
}
}
示例11: verify_blog
/**
* Fetches information about the selected blog with permission checks, almost identical to fetch_bloginfo
*
* @param integer The blog post we want info about
* @param mixed Should a permission check be performed as well
*
* @return array Array of information about the blog or prints an error if it doesn't exist / permission problems
*/
function verify_blog($blogid, $alert = true, $perm_check = true)
{
global $vbulletin, $vbphrase;
$bloginfo = fetch_bloginfo($blogid);
if (!$bloginfo)
{
if ($alert)
{
standard_error(fetch_error('invalidid', $vbphrase['blog'], $vbulletin->options['contactuslink']));
}
else
{
return 0;
}
}
if ($perm_check)
{
if (
(
//belongs to the user and the user can't view own (why?)
!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] &
$vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown']) AND
$bloginfo['userid'] == $vbulletin->userinfo['userid']
) OR
(
//does not belong to the user and the user can't view others.
!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] &
$vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewothers']) AND
$bloginfo['userid'] != $vbulletin->userinfo['userid']
)
)
{
print_no_permission();
}
if ($bloginfo['state'] == 'deleted' AND !can_moderate_blog())
{
if (!is_member_of_blog($vbulletin->userinfo, $bloginfo) OR $perm_check === 'modifychild')
{
// the blog entry is deleted
standard_error(fetch_error('invalidid', $vbphrase['blog'], $vbulletin->options['contactuslink']));
}
}
else if (($bloginfo['pending'] OR $bloginfo['state'] == 'draft') AND !is_member_of_blog($vbulletin->userinfo, $bloginfo))
{
// can't view a pending/draft if you aren't the author
standard_error(fetch_error('invalidid', $vbphrase['blog'], $vbulletin->options['contactuslink']));
}
else if ($bloginfo['state'] == 'moderation' AND !can_moderate_blog('canmoderateentries'))
{
// the blog entry is awaiting moderation
if (!is_member_of_blog($vbulletin->userinfo, $bloginfo) OR $perm_check === 'modifychild')
{
standard_error(fetch_error('invalidid', $vbphrase['blog'], $vbulletin->options['contactuslink']));
}
}
else if (in_coventry($bloginfo['userid']) AND !can_moderate_blog())
{
standard_error(fetch_error('invalidid', $vbphrase['blog'], $vbulletin->options['contactuslink']));
}
else if (!$bloginfo['canviewmyblog']) // Check Socnet permissions
{
print_no_permission();
}
}
return $bloginfo;
}
示例12: do_upload_photo
function do_upload_photo()
{
global $vbulletin, $db, $show, $vbphrase, $foruminfo, $userinfo, $albuminfo, $session, $contenttypeid;
$vbulletin->input->clean_array_gpc('p', array('caption' => TYPE_STR));
if (empty($albuminfo)) {
standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink']));
}
// adding new, can only add in your own
if ($userinfo['userid'] != $vbulletin->userinfo['userid']) {
print_no_permission();
}
$vbulletin->input->clean_gpc('f', 'photo', TYPE_FILE);
// format vbulletin expects: $files[name][x]... we only have one per post
$vbulletin->GPC['attachment'] = array('name' => array($vbulletin->GPC['photo']['name']), 'tmp_name' => array($vbulletin->GPC['photo']['tmp_name']), 'error' => array($vbulletin->GPC['photo']['error']), 'size' => array($vbulletin->GPC['photo']['size']));
$values['albumid'] = $vbulletin->GPC['albumid'];
if (!($attachlib =& vB_Attachment_Store_Library::fetch_library($vbulletin, $contenttypeid, 0, $values))) {
json_error("could not create attachment store");
}
if (!$attachlib->verify_permissions()) {
json_error(ERR_NO_PERMISSION);
}
$uploadids = $attachlib->upload($vbulletin->GPC['attachment'], array(), $vbulletin->GPC['filedata']);
$uploads = explode(',', $uploadids);
if (!empty($attachlib->errors)) {
$errorlist = '';
foreach ($attachlib->errors as $error) {
$filename = htmlspecialchars_uni($error['filename']);
$errormessage = $error['error'] ? $error['error'] : $vbphrase["{$error['errorphrase']}"];
json_error($errormessage, RV_UPLOAD_ERROR);
}
}
// Fetch possible destination albums
$destination_result = $db->query_read("\n SELECT\n albumid, userid, title, coverattachmentid, state\n FROM " . TABLE_PREFIX . "album\n WHERE\n userid = {$userinfo['userid']}\n ");
$destinations = array();
if ($db->num_rows($destination_result)) {
while ($album = $db->fetch_array($destination_result)) {
$destinations[$album['albumid']] = $album;
}
}
$db->free_result($destination_result);
$picture_sql = $db->query_read("\n SELECT\n a.contentid, a.userid, a.caption, a.state, a.dateline, a.attachmentid, a.contenttypeid,\n filedata.extension, filedata.filesize, filedata.thumbnail_filesize, filedata.filedataid\n FROM " . TABLE_PREFIX . "attachment AS a\n INNER JOIN " . TABLE_PREFIX . "filedata AS filedata ON (a.filedataid = filedata.filedataid)\n WHERE\n a.contentid = 0\n AND\n a.attachmentid IN (" . implode(',', $uploads) . ")\n ");
while ($picture = $db->fetch_array($picture_sql)) {
$attachdata =& datamanager_init('Attachment', $vbulletin, ERRTYPE_ARRAY, 'attachment');
$attachdata->set_existing($picture);
$attachdata->set_info('albuminfo', $albuminfo);
$attachdata->set_info('destination', $destinations[$albuminfo['albumid']]);
$attachdata->set('contentid', $albuminfo['albumid']);
$attachdata->set('posthash', '');
$attachdata->set('caption', $vbulletin->GPC['caption']);
$attachdata->save();
}
// update all albums that pictures were moved to
foreach ($destinations as $albumid => $album) {
if (sizeof($album['moved_pictures'])) {
$albumdata =& datamanager_init('Album', $vbulletin, ERRTYPE_SILENT);
$albumdata->set_existing($album);
if (!$album['coverattachmentid']) {
$albumdata->set('coverattachmentid', array_shift($album['moved_pictures']));
}
$albumdata->rebuild_counts();
$albumdata->save();
unset($albumdata);
}
}
$albumdata =& datamanager_init('Album', $vbulletin, ERRTYPE_SILENT);
$albumdata->set_existing($albuminfo);
$albumdata->rebuild_counts();
if ($new_coverid or $updatecounter) {
if ($new_coverid or $cover_moved) {
$albumdata->set('coverattachmentid', $new_coverid);
}
}
$albumdata->save();
unset($albumdata);
// add to updated list
if (can_moderate(0, 'canmoderatepictures') or !$vbulletin->options['albums_pictures_moderation'] and $vbulletin->userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['picturefollowforummoderation']) {
exec_album_updated($vbulletin->userinfo, $albuminfo);
}
return array('success' => true);
}
示例13: verify_ui_permissions
public function verify_ui_permissions()
{
global $vbulletin;
if (!$vbulletin->options['threadtagging']) {
print_no_permission();
}
global $vbphrase;
$threadinfo = $this->fetch_content_info();
// *********************************************************************************
// check for visible / deleted thread
if (!$threadinfo['visible'] and !can_moderate($threadinfo['forumid'], 'canmoderateposts') or $threadinfo['isdeleted'] and !can_moderate($threadinfo['forumid'])) {
eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $this->registry->options['contactuslink'])));
}
// *********************************************************************************
// jump page if thread is actually a redirect
if ($threadinfo['open'] == 10) {
$destthreadinfo = fetch_threadinfo($threadinfo['pollid']);
exec_header_redirect('thread|js', $destthreadinfo);
}
// *********************************************************************************
// Tachy goes to coventry
if (in_coventry($threadinfo['postuserid']) and !can_moderate($threadinfo['forumid'])) {
eval(standard_error(fetch_error('invalidid', $vbphrase['thread'], $this->registry->options['contactuslink'])));
}
// *********************************************************************************
// get forum info
$foruminfo = fetch_foruminfo($threadinfo['forumid']);
// *********************************************************************************
// check forum permissions
$forumperms = fetch_permissions($threadinfo['forumid']);
if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canview']) or !($forumperms & $this->registry->bf_ugp_forumpermissions['canviewthreads'])) {
print_no_permission();
}
if (!($forumperms & $this->registry->bf_ugp_forumpermissions['canviewothers']) and ($threadinfo['postuserid'] != $this->registry->userinfo['userid'] or $this->registry->userinfo['userid'] == 0)) {
print_no_permission();
}
// *********************************************************************************
// check if there is a forum password and if so, ensure the user has it set
verify_forum_password($foruminfo['forumid'], $foruminfo['password']);
// return $show;
}
示例14: show_error
/**
* Use vbulletin native system, for throwing error
*
* @return bool
*/
public function show_error()
{
if (!empty($this->error_msg)) {
if ('nopermission_loggedin' == $this->error_msg) {
print_no_permission();
}
standard_error(fetch_error($this->error_msg));
}
return false;
}
示例15: do_upload_avatar
function do_upload_avatar()
{
global $vbulletin, $db, $show, $vbphrase, $permissions;
if (!($permissions['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canmodifyprofile'])) {
print_no_permission();
}
if (!$vbulletin->options['avatarenabled']) {
standard_error(fetch_error('avatardisabled'));
}
if ($vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['canuseavatar']) {
$vbulletin->input->clean_gpc('f', 'upload', TYPE_FILE);
// begin custom avatar code
require_once DIR . '/includes/class_upload.php';
require_once DIR . '/includes/class_image.php';
$upload = new vB_Upload_Userpic($vbulletin);
$upload->data =& datamanager_init('Userpic_Avatar', $vbulletin, ERRTYPE_STANDARD, 'userpic');
$upload->image =& vB_Image::fetch_library($vbulletin);
$upload->maxwidth = $vbulletin->userinfo['permissions']['avatarmaxwidth'];
$upload->maxheight = $vbulletin->userinfo['permissions']['avatarmaxheight'];
$upload->maxuploadsize = $vbulletin->userinfo['permissions']['avatarmaxsize'];
$upload->allowanimation = $vbulletin->userinfo['permissions']['genericpermissions'] & $vbulletin->bf_ugp_genericpermissions['cananimateavatar'] ? true : false;
if (!$upload->process_upload($vbulletin->GPC['avatarurl'])) {
standard_error($upload->fetch_error());
}
}
// init user data manager
$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_STANDARD);
$userdata->set_existing($vbulletin->userinfo);
$userdata->set('avatarid', 0);
($hook = vBulletinHook::fetch_hook('profile_updateavatar_complete')) ? eval($hook) : false;
$userdata->save();
return array('success' => true);
}