PageRenderTime 56ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 1ms

/forum/SSI.php

https://github.com/leftnode/nooges.com
PHP | 1981 lines | 1545 code | 257 blank | 179 comment | 283 complexity | 35ddba5e7aac0751b89b409372275589 MD5 | raw file

Large files files are truncated, but you can click here to view the full file

  1. <?php
  2. /**********************************************************************************
  3. * SSI.php *
  4. ***********************************************************************************
  5. * SMF: Simple Machines Forum *
  6. * Open-Source Project Inspired by Zef Hemel (zef@zefhemel.com) *
  7. * =============================================================================== *
  8. * Software Version: SMF 2.0 RC2 *
  9. * Software by: Simple Machines (http://www.simplemachines.org) *
  10. * Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
  11. * 2001-2006 by: Lewis Media (http://www.lewismedia.com) *
  12. * Support, News, Updates at: http://www.simplemachines.org *
  13. ***********************************************************************************
  14. * This program is free software; you may redistribute it and/or modify it under *
  15. * the terms of the provided license as published by Simple Machines LLC. *
  16. * *
  17. * This program is distributed in the hope that it is and will be useful, but *
  18. * WITHOUT ANY WARRANTIES; without even any implied warranty of MERCHANTABILITY *
  19. * or FITNESS FOR A PARTICULAR PURPOSE. *
  20. * *
  21. * See the "license.txt" file for details of the Simple Machines license. *
  22. * The latest version can always be found at http://www.simplemachines.org. *
  23. **********************************************************************************/
  24. // Don't do anything if SMF is already loaded.
  25. if (defined('SMF'))
  26. return true;
  27. define('SMF', 'SSI');
  28. // We're going to want a few globals... these are all set later.
  29. global $time_start, $maintenance, $msubject, $mmessage, $mbname, $language;
  30. global $boardurl, $boarddir, $sourcedir, $webmaster_email, $cookiename;
  31. global $db_server, $db_name, $db_user, $db_prefix, $db_persist, $db_error_send, $db_last_error;
  32. global $db_connection, $modSettings, $context, $sc, $user_info, $topic, $board, $txt;
  33. global $smcFunc, $ssi_db_user, $scripturl, $ssi_db_passwd, $db_passwd, $cachedir;
  34. // Remember the current configuration so it can be set back.
  35. $ssi_magic_quotes_runtime = function_exists('get_magic_quotes_gpc') && get_magic_quotes_runtime();
  36. if (function_exists('set_magic_quotes_runtime'))
  37. @set_magic_quotes_runtime(0);
  38. $time_start = microtime();
  39. // Just being safe...
  40. foreach (array('db_character_set', 'cachedir') as $variable)
  41. if (isset($GLOBALS[$variable]))
  42. unset($GLOBALS[$variable]);
  43. // Get the forum's settings for database and file paths.
  44. require_once(dirname(__FILE__) . '/Settings.php');
  45. $ssi_error_reporting = error_reporting(defined('E_STRICT') ? E_ALL | E_STRICT : E_ALL);
  46. /* Set this to one of three values depending on what you want to happen in the case of a fatal error.
  47. false: Default, will just load the error sub template and die - not putting any theme layers around it.
  48. true: Will load the error sub template AND put the SMF layers around it (Not useful if on total custom pages).
  49. string: Name of a callback function to call in the event of an error to allow you to define your own methods. Will die after function returns.
  50. */
  51. $ssi_on_error_method = false;
  52. // Don't do john didley if the forum's been shut down competely.
  53. if ($maintenance == 2 && (!isset($ssi_maintenance_off) || $ssi_maintenance_off !== true))
  54. die($mmessage);
  55. // Fix for using the current directory as a path.
  56. if (substr($sourcedir, 0, 1) == '.' && substr($sourcedir, 1, 1) != '.')
  57. $sourcedir = dirname(__FILE__) . substr($sourcedir, 1);
  58. // Load the important includes.
  59. require_once($sourcedir . '/QueryString.php');
  60. require_once($sourcedir . '/Subs.php');
  61. require_once($sourcedir . '/Errors.php');
  62. require_once($sourcedir . '/Load.php');
  63. require_once($sourcedir . '/Security.php');
  64. // Using an pre-PHP5 version?
  65. if (@version_compare(PHP_VERSION, '5') == -1)
  66. require_once($sourcedir . '/Subs-Compat.php');
  67. // Create a variable to store some SMF specific functions in.
  68. $smcFunc = array();
  69. // Initate the database connection and define some database functions to use.
  70. loadDatabase();
  71. // Load installed 'Mods' settings.
  72. reloadSettings();
  73. // Clean the request variables.
  74. cleanRequest();
  75. // Seed the random generator?
  76. if (empty($modSettings['rand_seed']) || mt_rand(1, 250) == 69)
  77. smf_seed_generator();
  78. // Check on any hacking attempts.
  79. if (isset($_REQUEST['GLOBALS']) || isset($_COOKIE['GLOBALS']))
  80. die('Hacking attempt...');
  81. elseif (isset($_REQUEST['ssi_theme']) && (int) $_REQUEST['ssi_theme'] == (int) $ssi_theme)
  82. die('Hacking attempt...');
  83. elseif (isset($_COOKIE['ssi_theme']) && (int) $_COOKIE['ssi_theme'] == (int) $ssi_theme)
  84. die('Hacking attempt...');
  85. elseif (isset($_REQUEST['ssi_layers'], $ssi_layers) && (@get_magic_quotes_gpc() ? stripslashes($_REQUEST['ssi_layers']) : $_REQUEST['ssi_layers']) == $ssi_layers)
  86. die('Hacking attempt...');
  87. if (isset($_REQUEST['context']))
  88. die('Hacking attempt...');
  89. // Make sure wireless is always off.
  90. define('WIRELESS', false);
  91. // Gzip output? (because it must be boolean and true, this can't be hacked.)
  92. if (isset($ssi_gzip) && $ssi_gzip === true && @ini_get('zlib.output_compression') != '1' && @ini_get('output_handler') != 'ob_gzhandler' && @version_compare(PHP_VERSION, '4.2.0') != -1)
  93. ob_start('ob_gzhandler');
  94. else
  95. $modSettings['enableCompressedOutput'] = '0';
  96. // Primarily, this is to fix the URLs...
  97. ob_start('ob_sessrewrite');
  98. // Start the session... known to scramble SSI includes in cases...
  99. if (!headers_sent())
  100. loadSession();
  101. else
  102. {
  103. if (isset($_COOKIE[session_name()]) || isset($_REQUEST[session_name()]))
  104. {
  105. // Make a stab at it, but ignore the E_WARNINGs generted because we can't send headers.
  106. $temp = error_reporting(error_reporting() & !E_WARNING);
  107. loadSession();
  108. error_reporting($temp);
  109. }
  110. if (!isset($_SESSION['session_value']))
  111. {
  112. $_SESSION['session_var'] = substr(md5(mt_rand() . session_id() . mt_rand()), 0, rand(7, 12));
  113. $_SESSION['session_value'] = md5(session_id() . mt_rand());
  114. }
  115. $sc = $_SESSION['session_value'];
  116. }
  117. // Get rid of $board and $topic... do stuff loadBoard would do.
  118. unset($board, $topic);
  119. $user_info['is_mod'] = false;
  120. $context['user']['is_mod'] = &$user_info['is_mod'];
  121. $context['linktree'] = array();
  122. // Load the user and their cookie, as well as their settings.
  123. loadUserSettings();
  124. // Load the current or SSI theme. (just use $ssi_theme = id_theme;)
  125. loadTheme(isset($ssi_theme) ? (int) $ssi_theme : 0);
  126. // Take care of any banning that needs to be done.
  127. if (isset($_REQUEST['ssi_ban']) || (isset($ssi_ban) && $ssi_ban === true))
  128. is_not_banned();
  129. // Load the current user's permissions....
  130. loadPermissions();
  131. // Load the stuff like the menu bar, etc.
  132. if (isset($ssi_layers))
  133. {
  134. $context['template_layers'] = $ssi_layers;
  135. template_header();
  136. }
  137. else
  138. setupThemeContext();
  139. // Make sure they didn't muss around with the settings... but only if it's not cli.
  140. if (isset($_SERVER['REMOTE_ADDR']) && !isset($_SERVER['is_cli']) && session_id() == '')
  141. trigger_error($txt['ssi_session_broken'], E_USER_NOTICE);
  142. // Without visiting the forum this session variable might not be set on submit.
  143. if (!isset($_SESSION['USER_AGENT']) && (!isset($_GET['ssi_function']) || $_GET['ssi_function'] !== 'pollVote'))
  144. $_SESSION['USER_AGENT'] = $_SERVER['HTTP_USER_AGENT'];
  145. // Call a function passed by GET.
  146. if (isset($_GET['ssi_function']) && function_exists('ssi_' . $_GET['ssi_function']))
  147. {
  148. call_user_func('ssi_' . $_GET['ssi_function']);
  149. exit;
  150. }
  151. if (isset($_GET['ssi_function']))
  152. exit;
  153. // You shouldn't just access SSI.php directly by URL!!
  154. elseif (basename($_SERVER['PHP_SELF']) == 'SSI.php')
  155. die(sprintf($txt['ssi_not_direct'], $user_info['is_admin'] ? '\'' . addslashes(__FILE__) . '\'' : '\'SSI.php\''));
  156. error_reporting($ssi_error_reporting);
  157. if (function_exists('set_magic_quotes_runtime'))
  158. @set_magic_quotes_runtime($ssi_magic_quotes_runtime);
  159. return true;
  160. // This shuts down the SSI and shows the footer.
  161. function ssi_shutdown()
  162. {
  163. if (!isset($_GET['ssi_function']) || $_GET['ssi_function'] != 'shutdown')
  164. template_footer();
  165. }
  166. // Display a welcome message, like: Hey, User, you have 0 messages, 0 are new.
  167. function ssi_welcome($output_method = 'echo')
  168. {
  169. global $context, $txt, $scripturl;
  170. if ($output_method == 'echo')
  171. {
  172. if ($context['user']['is_guest'])
  173. echo sprintf($txt['welcome_guest'], $txt['guest_title']);
  174. else
  175. echo $txt['hello_member'], ' <strong>', $context['user']['name'], '</strong>', allowedTo('pm_read') ? ', ' . $txt['msg_alert_you_have'] . ' <a href="' . $scripturl . '?action=pm">' . $context['user']['messages'] . ' ' . ($context['user']['messages'] == '1' ? $txt['message_lowercase'] : $txt['msg_alert_messages']) . '</a>' . $txt['newmessages4'] . ' ' . $context['user']['unread_messages'] . ' ' . ($context['user']['unread_messages'] == '1' ? $txt['newmessages0'] : $txt['newmessages1']) : '', '.';
  176. }
  177. // Don't echo... then do what?!
  178. else
  179. return $context['user'];
  180. }
  181. // Display a menu bar, like is displayed at the top of the forum.
  182. function ssi_menubar($output_method = 'echo')
  183. {
  184. global $context;
  185. if ($output_method == 'echo')
  186. template_menu();
  187. // What else could this do?
  188. else
  189. return $context['menu_buttons'];
  190. }
  191. // Show a logout link.
  192. function ssi_logout($redirect_to = '', $output_method = 'echo')
  193. {
  194. global $context, $txt, $scripturl;
  195. if ($redirect_to != '')
  196. $_SESSION['logout_url'] = $redirect_to;
  197. // Guests can't log out.
  198. if ($context['user']['is_guest'])
  199. return false;
  200. $link = '<a href="' . $scripturl . '?action=logout;' . $context['session_var'] . '=' . $context['session_id'] . '">' . $txt['logout'] . '</a>';
  201. if ($output_method == 'echo')
  202. echo $link;
  203. else
  204. return $link;
  205. }
  206. // Recent post list: [board] Subject by Poster Date
  207. function ssi_recentPosts($num_recent = 8, $exclude_boards = null, $include_boards = null, $output_method = 'echo')
  208. {
  209. global $context, $settings, $scripturl, $txt, $db_prefix, $user_info;
  210. global $modSettings, $smcFunc;
  211. // Excluding certain boards...
  212. if ($exclude_boards === null && !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0)
  213. $exclude_boards = array($modSettings['recycle_board']);
  214. else
  215. $exclude_boards = empty($exclude_boards) ? array() : (is_array($exclude_boards) ? $exclude_boards : array($exclude_boards));
  216. // What about including certain boards - note we do some protection here as pre-2.0 didn't have this parameter.
  217. if (is_array($include_boards) || (int) $include_boards === $include_boards)
  218. {
  219. $include_boards = is_array($include_boards) ? $include_boards : array($include_boards);
  220. }
  221. elseif ($include_boards != null)
  222. {
  223. $include_boards = array();
  224. }
  225. // Let's restrict the query boys (and girls)
  226. $query_where = '
  227. m.id_msg >= {int:min_message_id}
  228. ' . (empty($exclude_boards) ? '' : '
  229. AND b.id_board NOT IN ({array_int:exclude_boards})') . '
  230. ' . ($include_boards === null ? '' : '
  231. AND b.id_board IN ({array_int:include_boards})') . '
  232. AND {query_wanna_see_board}' . ($modSettings['postmod_active'] ? '
  233. AND m.approved = {int:is_approved}' : '');
  234. $query_where_params = array(
  235. 'is_approved' => 1,
  236. 'include_boards' => $include_boards === null ? '' : $include_boards,
  237. 'exclude_boards' => empty($exclude_boards) ? '' : $exclude_boards,
  238. 'min_message_id' => $modSettings['maxMsgID'] - 25 * min($num_recent, 5),
  239. );
  240. // Past to this simpleton of a function...
  241. return ssi_queryPosts($query_where, $query_where_params, $num_recent, 'm.id_msg DESC', $output_method, true);
  242. }
  243. // Fetch a post with a particular ID. By default will only show if you have permission to the see the board in question - this can be overriden.
  244. function ssi_fetchPosts($post_ids, $override_permissions = false, $output_method = 'echo')
  245. {
  246. global $user_info, $modSettings;
  247. // Allow the user to request more than one - why not?
  248. $post_ids = is_array($post_ids) ? $post_ids : array($post_ids);
  249. // Restrict the posts required...
  250. $query_where = '
  251. m.id_msg IN ({array_int:message_list})' . ($override_permissions ? '' : '
  252. AND {query_wanna_see_board}') . ($modSettings['postmod_active'] ? '
  253. AND m.approved = {int:is_approved}' : '');
  254. $query_where_params = array(
  255. 'message_list' => $post_ids,
  256. 'is_approved' => 1,
  257. );
  258. // Then make the query and dump the data.
  259. return ssi_queryPosts($query_where, $query_where_params, '', 'm.id_msg DESC', $output_method);
  260. }
  261. // This removes code duplication in other queries - don't call it direct unless you really know what you're up to.
  262. function ssi_queryPosts($query_where = '', $query_where_params = array(), $query_limit = '', $query_order = 'm.id_msg DESC', $output_method = 'echo', $limit_body = false)
  263. {
  264. global $context, $settings, $scripturl, $txt, $db_prefix, $user_info;
  265. global $modSettings, $smcFunc;
  266. // Find all the posts. Newer ones will have higher IDs.
  267. $request = $smcFunc['db_query']('substring', '
  268. SELECT
  269. m.poster_time, m.subject, m.id_topic, m.id_member, m.id_msg, m.id_board, b.name AS board_name,
  270. IFNULL(mem.real_name, m.poster_name) AS poster_name, ' . ($user_info['is_guest'] ? '1 AS is_read, 0 AS new_from' : '
  271. IFNULL(lt.id_msg, IFNULL(lmr.id_msg, 0)) >= m.id_msg_modified AS is_read,
  272. IFNULL(lt.id_msg, IFNULL(lmr.id_msg, -1)) + 1 AS new_from') . ', ' . ($limit_body ? 'SUBSTRING(m.body, 1, 384) AS body' : 'm.body') . ', m.smileys_enabled
  273. FROM {db_prefix}messages AS m
  274. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  275. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)' . (!$user_info['is_guest'] ? '
  276. LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = m.id_topic AND lt.id_member = {int:current_member})
  277. LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = m.id_board AND lmr.id_member = {int:current_member})' : '') . '
  278. ' . (empty($query_where) ? '' : 'WHERE ' . $query_where) . '
  279. ORDER BY ' . $query_order . '
  280. ' . ($query_limit == '' ? '' : 'LIMIT ' . $query_limit),
  281. array_merge($query_where_params, array(
  282. 'current_member' => $user_info['id'],
  283. ))
  284. );
  285. $posts = array();
  286. while ($row = $smcFunc['db_fetch_assoc']($request))
  287. {
  288. $row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
  289. $preview = strip_tags(strtr($row['body'], array('<br />' => '&#10;')));
  290. // Censor it!
  291. censorText($row['subject']);
  292. censorText($row['body']);
  293. // Build the array.
  294. $posts[] = array(
  295. 'id' => $row['id_msg'],
  296. 'board' => array(
  297. 'id' => $row['id_board'],
  298. 'name' => $row['board_name'],
  299. 'href' => $scripturl . '?board=' . $row['id_board'] . '.0',
  300. 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['board_name'] . '</a>'
  301. ),
  302. 'topic' => $row['id_topic'],
  303. 'poster' => array(
  304. 'id' => $row['id_member'],
  305. 'name' => $row['poster_name'],
  306. 'href' => empty($row['id_member']) ? '' : $scripturl . '?action=profile;u=' . $row['id_member'],
  307. 'link' => empty($row['id_member']) ? $row['poster_name'] : '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['poster_name'] . '</a>'
  308. ),
  309. 'subject' => $row['subject'],
  310. 'short_subject' => shorten_subject($row['subject'], 25),
  311. 'preview' => $smcFunc['strlen']($preview) > 128 ? $smcFunc['substr']($preview, 0, 128) . '...' : $preview,
  312. 'body' => $row['body'],
  313. 'time' => timeformat($row['poster_time']),
  314. 'timestamp' => forum_time(true, $row['poster_time']),
  315. 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . ';topicseen#new',
  316. 'link' => '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'] . '" rel="nofollow">' . $row['subject'] . '</a>',
  317. 'new' => !empty($row['is_read']),
  318. 'new_from' => $row['new_from'],
  319. );
  320. }
  321. $smcFunc['db_free_result']($request);
  322. // Just return it.
  323. if ($output_method != 'echo' || empty($posts))
  324. return $posts;
  325. echo '
  326. <table border="0" class="ssi_table">';
  327. foreach ($posts as $post)
  328. echo '
  329. <tr>
  330. <td align="right" valign="top" nowrap="nowrap">
  331. [', $post['board']['link'], ']
  332. </td>
  333. <td valign="top">
  334. <a href="', $post['href'], '">', $post['subject'], '</a>
  335. ', $txt['by'], ' ', $post['poster']['link'], '
  336. ', $post['new'] ? '' : '<a href="' . $scripturl . '?topic=' . $post['topic'] . '.msg' . $post['new_from'] . ';topicseen#new" rel="nofollow"><img src="' . $settings['lang_images_url'] . '/new.gif" alt="' . $txt['new'] . '" border="0" /></a>', '
  337. </td>
  338. <td align="right" nowrap="nowrap">
  339. ', $post['time'], '
  340. </td>
  341. </tr>';
  342. echo '
  343. </table>';
  344. }
  345. // Recent topic list: [board] Subject by Poster Date
  346. function ssi_recentTopics($num_recent = 8, $exclude_boards = null, $include_boards = null, $output_method = 'echo')
  347. {
  348. global $context, $settings, $scripturl, $txt, $db_prefix, $user_info;
  349. global $modSettings, $smcFunc;
  350. if ($exclude_boards === null && !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0)
  351. $exclude_boards = array($modSettings['recycle_board']);
  352. else
  353. $exclude_boards = empty($exclude_boards) ? array() : (is_array($exclude_boards) ? $exclude_boards : array($exclude_boards));
  354. // Only some boards?.
  355. if (is_array($include_boards) || (int) $include_boards === $include_boards)
  356. {
  357. $include_boards = is_array($include_boards) ? $include_boards : array($include_boards);
  358. }
  359. elseif ($include_boards != null)
  360. {
  361. $output_method = $include_boards;
  362. $include_boards = array();
  363. }
  364. $stable_icons = array('xx', 'thumbup', 'thumbdown', 'exclamation', 'question', 'lamp', 'smiley', 'angry', 'cheesy', 'grin', 'sad', 'wink', 'moved', 'recycled', 'wireless');
  365. $icon_sources = array();
  366. foreach ($stable_icons as $icon)
  367. $icon_sources[$icon] = 'images_url';
  368. // Find all the posts in distinct topics. Newer ones will have higher IDs.
  369. $request = $smcFunc['db_query']('substring', '
  370. SELECT
  371. m.poster_time, ms.subject, m.id_topic, m.id_member, m.id_msg, b.id_board, b.name AS board_name, t.num_replies, t.num_views,
  372. IFNULL(mem.real_name, m.poster_name) AS poster_name, ' . ($user_info['is_guest'] ? '1 AS is_read, 0 AS new_from' : '
  373. IFNULL(lt.id_msg, IFNULL(lmr.id_msg, 0)) >= m.id_msg_modified AS is_read,
  374. IFNULL(lt.id_msg, IFNULL(lmr.id_msg, -1)) + 1 AS new_from') . ', SUBSTRING(m.body, 1, 384) AS body, m.smileys_enabled, m.icon
  375. FROM {db_prefix}topics AS t
  376. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_last_msg)
  377. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  378. INNER JOIN {db_prefix}messages AS ms ON (ms.id_msg = t.id_first_msg)
  379. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)' . (!$user_info['is_guest'] ? '
  380. LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = t.id_topic AND lt.id_member = {int:current_member})
  381. LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = b.id_board AND lmr.id_member = {int:current_member})' : '') . '
  382. WHERE t.id_last_msg >= {int:min_message_id}
  383. ' . (empty($exclude_boards) ? '' : '
  384. AND b.id_board NOT IN ({array_int:exclude_boards})') . '
  385. ' . (empty($include_boards) ? '' : '
  386. AND b.id_board IN ({array_int:include_boards})') . '
  387. AND {query_wanna_see_board}' . ($modSettings['postmod_active'] ? '
  388. AND t.approved = {int:is_approved}
  389. AND m.approved = {int:is_approved}' : '') . '
  390. ORDER BY t.id_last_msg DESC
  391. LIMIT ' . $num_recent,
  392. array(
  393. 'current_member' => $user_info['id'],
  394. 'include_boards' => empty($include_boards) ? '' : $include_boards,
  395. 'exclude_boards' => empty($exclude_boards) ? '' : $exclude_boards,
  396. 'min_message_id' => $modSettings['maxMsgID'] - 35 * min($num_recent, 5),
  397. 'is_approved' => 1,
  398. )
  399. );
  400. $posts = array();
  401. while ($row = $smcFunc['db_fetch_assoc']($request))
  402. {
  403. $row['body'] = strip_tags(strtr(parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']), array('<br />' => '&#10;')));
  404. if ($smcFunc['strlen']($row['body']) > 128)
  405. $row['body'] = $smcFunc['substr']($row['body'], 0, 128) . '...';
  406. // Censor the subject.
  407. censorText($row['subject']);
  408. censorText($row['body']);
  409. if (empty($modSettings['messageIconChecks_disable']) && !isset($icon_sources[$row['icon']]))
  410. $icon_sources[$row['icon']] = file_exists($settings['theme_dir'] . '/images/post/' . $row['icon'] . '.gif') ? 'images_url' : 'default_images_url';
  411. // Build the array.
  412. $posts[] = array(
  413. 'board' => array(
  414. 'id' => $row['id_board'],
  415. 'name' => $row['board_name'],
  416. 'href' => $scripturl . '?board=' . $row['id_board'] . '.0',
  417. 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['board_name'] . '</a>'
  418. ),
  419. 'topic' => $row['id_topic'],
  420. 'poster' => array(
  421. 'id' => $row['id_member'],
  422. 'name' => $row['poster_name'],
  423. 'href' => empty($row['id_member']) ? '' : $scripturl . '?action=profile;u=' . $row['id_member'],
  424. 'link' => empty($row['id_member']) ? $row['poster_name'] : '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['poster_name'] . '</a>'
  425. ),
  426. 'subject' => $row['subject'],
  427. 'replies' => $row['num_replies'],
  428. 'views' => $row['num_views'],
  429. 'short_subject' => shorten_subject($row['subject'], 25),
  430. 'preview' => $row['body'],
  431. 'time' => timeformat($row['poster_time']),
  432. 'timestamp' => forum_time(true, $row['poster_time']),
  433. 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . ';topicseen#new',
  434. 'link' => '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#new" rel="nofollow">' . $row['subject'] . '</a>',
  435. // Retained for compatibility - is technically incorrect!
  436. 'new' => !empty($row['is_read']),
  437. 'is_new' => empty($row['is_read']),
  438. 'new_from' => $row['new_from'],
  439. 'icon' => '<img src="' . $settings[$icon_sources[$row['icon']]] . '/post/' . $row['icon'] . '.gif" align="middle" alt="' . $row['icon'] . '" border="0" />',
  440. );
  441. }
  442. $smcFunc['db_free_result']($request);
  443. // Just return it.
  444. if ($output_method != 'echo' || empty($posts))
  445. return $posts;
  446. echo '
  447. <table border="0" class="ssi_table">';
  448. foreach ($posts as $post)
  449. echo '
  450. <tr>
  451. <td align="right" valign="top" nowrap="nowrap">
  452. [', $post['board']['link'], ']
  453. </td>
  454. <td valign="top">
  455. <a href="', $post['href'], '">', $post['subject'], '</a>
  456. ', $txt['by'], ' ', $post['poster']['link'], '
  457. ', !$post['is_new'] ? '' : '<a href="' . $scripturl . '?topic=' . $post['topic'] . '.msg' . $post['new_from'] . ';topicseen#new" rel="nofollow"><img src="' . $settings['lang_images_url'] . '/new.gif" alt="' . $txt['new'] . '" border="0" /></a>', '
  458. </td>
  459. <td align="right" nowrap="nowrap">
  460. ', $post['time'], '
  461. </td>
  462. </tr>';
  463. echo '
  464. </table>';
  465. }
  466. // Show the top poster's name and profile link.
  467. function ssi_topPoster($topNumber = 1, $output_method = 'echo')
  468. {
  469. global $db_prefix, $scripturl, $smcFunc;
  470. // Find the latest poster.
  471. $request = $smcFunc['db_query']('', '
  472. SELECT id_member, real_name, posts
  473. FROM {db_prefix}members
  474. ORDER BY posts DESC
  475. LIMIT ' . $topNumber,
  476. array(
  477. )
  478. );
  479. $return = array();
  480. while ($row = $smcFunc['db_fetch_assoc']($request))
  481. $return[] = array(
  482. 'id' => $row['id_member'],
  483. 'name' => $row['real_name'],
  484. 'href' => $scripturl . '?action=profile;u=' . $row['id_member'],
  485. 'link' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>',
  486. 'posts' => $row['posts']
  487. );
  488. $smcFunc['db_free_result']($request);
  489. // Just return all the top posters.
  490. if ($output_method != 'echo')
  491. return $return;
  492. // Make a quick array to list the links in.
  493. $temp_array = array();
  494. foreach ($return as $member)
  495. $temp_array[] = $member['link'];
  496. echo implode(', ', $temp_array);
  497. }
  498. // Show boards by activity.
  499. function ssi_topBoards($num_top = 10, $output_method = 'echo')
  500. {
  501. global $context, $settings, $db_prefix, $txt, $scripturl, $user_info, $modSettings, $smcFunc;
  502. // Find boards with lots of posts.
  503. $request = $smcFunc['db_query']('', '
  504. SELECT
  505. b.name, b.num_topics, b.num_posts, b.id_board,' . (!$user_info['is_guest'] ? ' 1 AS is_read' : '
  506. (IFNULL(lb.id_msg, 0) >= b.id_last_msg) AS is_read') . '
  507. FROM {db_prefix}boards AS b
  508. LEFT JOIN {db_prefix}log_boards AS lb ON (lb.id_board = b.id_board AND lb.id_member = {int:current_member})
  509. WHERE {query_wanna_see_board}' . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  510. AND b.id_board != {int:recycle_board}' : '') . '
  511. ORDER BY b.num_posts DESC
  512. LIMIT ' . $num_top,
  513. array(
  514. 'current_member' => $user_info['id'],
  515. 'recycle_board' => (int) $modSettings['recycle_board'],
  516. )
  517. );
  518. $boards = array();
  519. while ($row = $smcFunc['db_fetch_assoc']($request))
  520. $boards[] = array(
  521. 'id' => $row['id_board'],
  522. 'num_posts' => $row['num_posts'],
  523. 'num_topics' => $row['num_topics'],
  524. 'name' => $row['name'],
  525. 'new' => empty($row['is_read']),
  526. 'href' => $scripturl . '?board=' . $row['id_board'] . '.0',
  527. 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['name'] . '</a>'
  528. );
  529. $smcFunc['db_free_result']($request);
  530. // If we shouldn't output or have nothing to output, just jump out.
  531. if ($output_method != 'echo' || empty($boards))
  532. return $boards;
  533. echo '
  534. <table class="ssi_table">
  535. <tr>
  536. <th align="left">', $txt['board'], '</th>
  537. <th align="left">', $txt['board_topics'], '</th>
  538. <th align="left">', $txt['posts'], '</th>
  539. </tr>';
  540. foreach ($boards as $board)
  541. echo '
  542. <tr>
  543. <td>', $board['link'], $board['new'] ? ' <a href="' . $board['href'] . '"><img src="' . $settings['lang_images_url'] . '/new.gif" alt="' . $txt['new'] . '" border="0" /></a>' : '', '</td>
  544. <td align="right">', comma_format($board['num_topics']), '</td>
  545. <td align="right">', comma_format($board['num_posts']), '</td>
  546. </tr>';
  547. echo '
  548. </table>';
  549. }
  550. // Shows the top topics.
  551. function ssi_topTopics($type = 'replies', $num_topics = 10, $output_method = 'echo')
  552. {
  553. global $db_prefix, $txt, $scripturl, $user_info, $modSettings, $smcFunc, $context;
  554. if ($modSettings['totalMessages'] > 100000)
  555. {
  556. // !!! Why don't we use {query(_wanna)_see_board}?
  557. $request = $smcFunc['db_query']('', '
  558. SELECT id_topic
  559. FROM {db_prefix}topics
  560. WHERE num_' . ($type != 'replies' ? 'views' : 'replies') . ' != 0' . ($modSettings['postmod_active'] ? '
  561. AND approved = {int:is_approved}' : '') . '
  562. ORDER BY num_' . ($type != 'replies' ? 'views' : 'replies') . ' DESC
  563. LIMIT {int:limit}',
  564. array(
  565. 'is_approved' => 1,
  566. 'limit' => $num_topics > 100 ? ($num_topics + ($num_topics / 2)) : 100,
  567. )
  568. );
  569. $topic_ids = array();
  570. while ($row = $smcFunc['db_fetch_assoc']($request))
  571. $topic_ids[] = $row['id_topic'];
  572. $smcFunc['db_free_result']($request);
  573. }
  574. else
  575. $topic_ids = array();
  576. $request = $smcFunc['db_query']('', '
  577. SELECT m.subject, m.id_topic, t.num_views, t.num_replies
  578. FROM {db_prefix}topics AS t
  579. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
  580. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  581. WHERE {query_wanna_see_board}' . ($modSettings['postmod_active'] ? '
  582. AND t.approved = {int:is_approved}' : '') . (!empty($topic_ids) ? '
  583. AND t.id_topic IN ({array_int:topic_list})' : '') . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  584. AND b.id_board != {int:recycle_enable}' : '') . '
  585. ORDER BY t.num_' . ($type != 'replies' ? 'views' : 'replies') . ' DESC
  586. LIMIT {int:limit}',
  587. array(
  588. 'topic_list' => $topic_ids,
  589. 'is_approved' => 1,
  590. 'recycle_enable' => $modSettings['recycle_board'],
  591. 'limit' => $num_topics,
  592. )
  593. );
  594. $topics = array();
  595. while ($row = $smcFunc['db_fetch_assoc']($request))
  596. {
  597. censorText($row['subject']);
  598. $topics[] = array(
  599. 'id' => $row['id_topic'],
  600. 'subject' => $row['subject'],
  601. 'num_replies' => $row['num_replies'],
  602. 'num_views' => $row['num_views'],
  603. 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.0',
  604. 'link' => '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.0">' . $row['subject'] . '</a>',
  605. );
  606. }
  607. $smcFunc['db_free_result']($request);
  608. if ($output_method != 'echo' || empty($topics))
  609. return $topics;
  610. echo '
  611. <table class="ssi_table">
  612. <tr>
  613. <th align="left"></th>
  614. <th align="left">', $txt['views'], '</th>
  615. <th align="left">', $txt['replies'], '</th>
  616. </tr>';
  617. foreach ($topics as $topic)
  618. echo '
  619. <tr>
  620. <td align="left">
  621. ', $topic['link'], '
  622. </td>
  623. <td align="right">', comma_format($topic['num_views']), '</td>
  624. <td align="right">', comma_format($topic['num_replies']), '</td>
  625. </tr>';
  626. echo '
  627. </table>';
  628. }
  629. // Shows the top topics, by replies.
  630. function ssi_topTopicsReplies($num_topics = 10, $output_method = 'echo')
  631. {
  632. return ssi_topTopics('replies', $num_topics, $output_method);
  633. }
  634. // Shows the top topics, by views.
  635. function ssi_topTopicsViews($num_topics = 10, $output_method = 'echo')
  636. {
  637. return ssi_topTopics('views', $num_topics, $output_method);
  638. }
  639. // Show a link to the latest member: Please welcome, Someone, out latest member.
  640. function ssi_latestMember($output_method = 'echo')
  641. {
  642. global $db_prefix, $txt, $scripturl, $context;
  643. if ($output_method == 'echo')
  644. echo '
  645. ', $txt['welcome_member'], ' ', $context['common_stats']['latest_member']['link'], '', $txt['newest_member'], '<br />';
  646. else
  647. return $context['common_stats']['latest_member'];
  648. }
  649. // Fetch a random member - if type set to 'day' will only change once a day!
  650. function ssi_randomMember($random_type = '', $output_method = 'echo')
  651. {
  652. global $modSettings;
  653. // If we're looking for something to stay the same each day then seed the generator.
  654. if ($random_type == 'day')
  655. {
  656. // Set the seed to change only once per day.
  657. mt_srand(floor(time() / 86400));
  658. }
  659. // Get the lowest ID we're interested in.
  660. $member_id = mt_rand(1, $modSettings['latestMember']);
  661. $where_query = '
  662. id_member >= {int:selected_member}
  663. AND is_activated = {int:is_activated}';
  664. $query_where_params = array(
  665. 'selected_member' => $member_id,
  666. 'is_activated' => 1,
  667. );
  668. $result = ssi_queryMembers($where_query, $query_where_params, 1, 'id_member ASC', $output_method);
  669. // If we got nothing do the reverse - in case of unactivated members.
  670. if (empty($result))
  671. {
  672. $where_query = '
  673. id_member <= {int:selected_member}
  674. AND is_activated = {int:is_activated}';
  675. $query_where_params = array(
  676. 'selected_member' => $member_id,
  677. 'is_activated' => 1,
  678. );
  679. $result = ssi_queryMembers($where_query, $query_where_params, 1, 'id_member DESC', $output_method);
  680. }
  681. // Just to be sure put the random generator back to something... random.
  682. if ($random_type != '')
  683. mt_srand(time());
  684. return $result;
  685. }
  686. // Fetch a specific member.
  687. function ssi_fetchMember($member_ids, $output_method = 'echo')
  688. {
  689. // Can have more than one member if you really want...
  690. $member_ids = is_array($member_ids) ? $member_ids : array($member_ids);
  691. // Restrict it right!
  692. $query_where = '
  693. id_member IN ({array_int:member_list})';
  694. $query_where_params = array(
  695. 'member_list' => $member_ids,
  696. );
  697. // Then make the query and dump the data.
  698. return ssi_queryMembers($query_where, $query_where_params, '', 'id_member', $output_method);
  699. }
  700. // Get all members of a group.
  701. function ssi_fetchGroupMembers($group_id, $output_method = 'echo')
  702. {
  703. $query_where = '
  704. id_group = {int:id_group}
  705. OR id_post_group = {int:id_group}
  706. OR FIND_IN_SET({int:id_group}, additional_groups)';
  707. $query_where_params = array(
  708. 'id_group' => $group_id,
  709. );
  710. return ssi_queryMembers($query_where, $query_where_params, '', 'real_name', $output_method);
  711. }
  712. // Fetch some member data!
  713. function ssi_queryMembers($query_where, $query_where_params = array(), $query_limit = '', $query_order = 'id_member DESC', $output_method = 'echo')
  714. {
  715. global $context, $settings, $scripturl, $txt, $db_prefix, $user_info;
  716. global $modSettings, $smcFunc, $memberContext;
  717. // Fetch the members in question.
  718. $request = $smcFunc['db_query']('', '
  719. SELECT id_member
  720. FROM {db_prefix}members
  721. WHERE ' . $query_where . '
  722. ORDER BY ' . $query_order . '
  723. ' . ($query_limit == '' ? '' : 'LIMIT ' . $query_limit),
  724. array_merge($query_where_params, array(
  725. ))
  726. );
  727. $members = array();
  728. while ($row = $smcFunc['db_fetch_assoc']($request))
  729. $members[] = $row['id_member'];
  730. $smcFunc['db_free_result']($request);
  731. if (empty($members))
  732. return array();
  733. // Load the members.
  734. loadMemberData($members);
  735. // Draw the table!
  736. if ($output_method == 'echo')
  737. echo '
  738. <table border="0" class="ssi_table">';
  739. $query_members = array();
  740. foreach ($members as $member)
  741. {
  742. // Load their context data.
  743. if (!loadMemberContext($member))
  744. continue;
  745. // Store this member's information.
  746. $query_members[$member] = $memberContext[$member];
  747. // Only do something if we're echo'ing.
  748. if ($output_method == 'echo')
  749. echo '
  750. <tr>
  751. <td align="right" valign="top" nowrap="nowrap">
  752. ', $query_members[$member]['link'], '
  753. <br />', $query_members[$member]['blurb'], '
  754. <br />', $query_members[$member]['avatar']['image'], '
  755. </td>
  756. </tr>';
  757. }
  758. // End the table if appropriate.
  759. if ($output_method == 'echo')
  760. echo '
  761. </table>';
  762. // Send back the data.
  763. return $query_members;
  764. }
  765. // Show some basic stats: Total This: XXXX, etc.
  766. function ssi_boardStats($output_method = 'echo')
  767. {
  768. global $db_prefix, $txt, $scripturl, $modSettings, $smcFunc;
  769. $totals = array(
  770. 'members' => $modSettings['totalMembers'],
  771. 'posts' => $modSettings['totalMessages'],
  772. 'topics' => $modSettings['totalTopics']
  773. );
  774. $result = $smcFunc['db_query']('', '
  775. SELECT COUNT(*)
  776. FROM {db_prefix}boards',
  777. array(
  778. )
  779. );
  780. list ($totals['boards']) = $smcFunc['db_fetch_row']($result);
  781. $smcFunc['db_free_result']($result);
  782. $result = $smcFunc['db_query']('', '
  783. SELECT COUNT(*)
  784. FROM {db_prefix}categories',
  785. array(
  786. )
  787. );
  788. list ($totals['categories']) = $smcFunc['db_fetch_row']($result);
  789. $smcFunc['db_free_result']($result);
  790. if ($output_method != 'echo')
  791. return $totals;
  792. echo '
  793. ', $txt['total_members'], ': <a href="', $scripturl . '?action=mlist">', comma_format($totals['members']), '</a><br />
  794. ', $txt['total_posts'], ': ', comma_format($totals['posts']), '<br />
  795. ', $txt['total_topics'], ': ', comma_format($totals['topics']), ' <br />
  796. ', $txt['total_cats'], ': ', comma_format($totals['categories']), '<br />
  797. ', $txt['total_boards'], ': ', comma_format($totals['boards']);
  798. }
  799. // Shows a list of online users: YY Guests, ZZ Users and then a list...
  800. function ssi_whosOnline($output_method = 'echo')
  801. {
  802. global $user_info, $txt, $sourcedir, $settings, $modSettings;
  803. require_once($sourcedir . '/Subs-MembersOnline.php');
  804. $membersOnlineOptions = array(
  805. 'show_hidden' => allowedTo('moderate_forum'),
  806. 'sort' => 'log_time',
  807. 'reverse_sort' => true,
  808. );
  809. $return = getMembersOnlineStats($membersOnlineOptions);
  810. // Add some redundancy for backwards compatibility reasons.
  811. if ($output_method != 'echo')
  812. return $return + array(
  813. 'users' => $return['users_online'],
  814. 'guests' => $return['num_guests'],
  815. 'hidden' => $return['num_users_hidden'],
  816. 'buddies' => $return['num_buddies'],
  817. 'num_users' => $return['num_users_online'],
  818. 'total_users' => $return['num_users_online'] + $return['num_guests'] + $return['num_spiders'],
  819. );
  820. echo '
  821. ', comma_format($return['num_guests']), ' ', $return['num_guests'] == 1 ? $txt['guest'] : $txt['guests'], ', ', comma_format($return['num_users_online']), ' ', $return['num_users_online'] == 1 ? $txt['user'] : $txt['users'];
  822. $bracketList = array();
  823. if (!empty($user_info['buddies']))
  824. $bracketList[] = comma_format($return['num_buddies']) . ' ' . ($return['num_buddies'] == 1 ? $txt['buddy'] : $txt['buddies']);
  825. if (!empty($return['num_spiders']))
  826. $bracketList[] = comma_format($return['num_spiders']) . ' ' . ($return['num_spiders'] == 1 ? $txt['spider'] : $txt['spiders']);
  827. if (!empty($return['num_users_hidden']))
  828. $bracketList[] = comma_format($return['num_users_hidden']) . ' ' . $txt['hidden'];
  829. if (!empty($bracketList))
  830. echo ' (' . implode(', ', $bracketList) . ')';
  831. echo '<br />
  832. ', implode(', ', $return['list_users_online']);
  833. // Showing membergroups?
  834. if (!empty($settings['show_group_key']) && !empty($return['membergroups']))
  835. echo '<br />
  836. [' . implode(']&nbsp;&nbsp;[', $return['membergroups']) . ']';
  837. }
  838. // Just like whosOnline except it also logs the online presence.
  839. function ssi_logOnline($output_method = 'echo')
  840. {
  841. writeLog();
  842. if ($output_method != 'echo')
  843. return ssi_whosOnline($output_method);
  844. else
  845. ssi_whosOnline($output_method);
  846. }
  847. // Shows a login box.
  848. function ssi_login($redirect_to = '', $output_method = 'echo')
  849. {
  850. global $scripturl, $txt, $user_info, $context, $modSettings;
  851. if ($redirect_to != '')
  852. $_SESSION['login_url'] = $redirect_to;
  853. if ($output_method != 'echo' || !$user_info['is_guest'])
  854. return $user_info['is_guest'];
  855. echo '
  856. <form action="', $scripturl, '?action=login2" method="post" accept-charset="', $context['character_set'], '">
  857. <table border="0" cellspacing="1" cellpadding="0" class="ssi_table">
  858. <tr>
  859. <td align="right"><label for="user">', $txt['username'], ':</label>&nbsp;</td>
  860. <td><input type="text" id="user" name="user" size="9" value="', $user_info['username'], '" class="input_text" /></td>
  861. </tr><tr>
  862. <td align="right"><label for="passwrd">', $txt['password'], ':</label>&nbsp;</td>
  863. <td><input type="password" name="passwrd" id="passwrd" size="9" class="input_password" /></td>
  864. </tr>';
  865. // Open ID?
  866. if (!empty($modSettings['enableOpenID']))
  867. echo '<tr>
  868. <td colspan="2" align="center"><strong>&mdash;', $txt['or'], '&mdash;</strong></td>
  869. </tr><tr>
  870. <td align="right"><label for="openid_url">', $txt['openid'], ':</label>&nbsp;</td>
  871. <td><input type="text" name="openid_identifier" id="openid_url" class="input_text openid_login" size="17" /></td>
  872. </tr>';
  873. echo '<tr>
  874. <td><input type="hidden" name="cookielength" value="-1" /></td>
  875. <td><input type="submit" value="', $txt['login'], '" class="button_submit" /></td>
  876. </tr>
  877. </table>
  878. </form>';
  879. }
  880. // Show the most-voted-in poll.
  881. function ssi_topPoll($output_method = 'echo')
  882. {
  883. // Just use recentPoll, no need to duplicate code...
  884. return ssi_recentPoll(true, $output_method);
  885. }
  886. // Show the most recently posted poll.
  887. function ssi_recentPoll($topPollInstead = false, $output_method = 'echo')
  888. {
  889. global $db_prefix, $txt, $settings, $boardurl, $user_info, $context, $smcFunc, $modSettings;
  890. $boardsAllowed = array_intersect(boardsAllowedTo('poll_view'), boardsAllowedTo('poll_vote'));
  891. if (empty($boardsAllowed))
  892. return array();
  893. $request = $smcFunc['db_query']('', '
  894. SELECT p.id_poll, p.question, t.id_topic, p.max_votes, p.guest_vote, p.hide_results, p.expire_time
  895. FROM {db_prefix}polls AS p
  896. INNER JOIN {db_prefix}topics AS t ON (t.id_poll = p.id_poll' . ($modSettings['postmod_active'] ? ' AND t.approved = {int:is_approved}' : '') . ')
  897. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)' . ($topPollInstead ? '
  898. INNER JOIN {db_prefix}poll_choices AS pc ON (pc.id_poll = p.id_poll)' : '') . '
  899. LEFT JOIN {db_prefix}log_polls AS lp ON (lp.id_poll = p.id_poll AND lp.id_member > {int:no_member} AND lp.id_member = {int:current_member})
  900. WHERE p.voting_locked = {int:voting_opened}
  901. AND (p.expire_time = {int:no_expiration} OR {int:current_time} < p.expire_time)
  902. AND ' . ($user_info['is_guest'] ? 'p.guest_vote = {int:guest_vote_allowed}' : 'lp.id_choice IS NULL') . '
  903. AND {query_wanna_see_board}' . (!in_array(0, $boardsAllowed) ? '
  904. AND b.id_board IN ({array_int:boards_allowed_list})' : '') . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  905. AND b.id_board != {int:recycle_enable}' : '') . '
  906. ORDER BY ' . ($topPollInstead ? 'pc.votes' : 'p.id_poll') . ' DESC
  907. LIMIT 1',
  908. array(
  909. 'current_member' => $user_info['id'],
  910. 'boards_allowed_list' => $boardsAllowed,
  911. 'is_approved' => 1,
  912. 'guest_vote_allowed' => 1,
  913. 'no_member' => 0,
  914. 'voting_opened' => 0,
  915. 'no_expiration' => 0,
  916. 'current_time' => time(),
  917. 'recycle_enable' => $modSettings['recycle_board'],
  918. )
  919. );
  920. $row = $smcFunc['db_fetch_assoc']($request);
  921. $smcFunc['db_free_result']($request);
  922. // This user has voted on all the polls.
  923. if ($row === false)
  924. return array();
  925. // If this is a guest who's voted we'll through ourselves to show poll to show the results.
  926. if ($user_info['is_guest'] && (!$row['guest_vote'] || (isset($_COOKIE['guest_poll_vote']) && in_array($row['id_poll'], explode(',', $_COOKIE['guest_poll_vote'])))))
  927. return ssi_showPoll($row['id_topic'], $output_method);
  928. $request = $smcFunc['db_query']('', '
  929. SELECT COUNT(DISTINCT id_member)
  930. FROM {db_prefix}log_polls
  931. WHERE id_poll = {int:current_poll}',
  932. array(
  933. 'current_poll' => $row['id_poll'],
  934. )
  935. );
  936. list ($total) = $smcFunc['db_fetch_row']($request);
  937. $smcFunc['db_free_result']($request);
  938. $request = $smcFunc['db_query']('', '
  939. SELECT id_choice, label, votes
  940. FROM {db_prefix}poll_choices
  941. WHERE id_poll = {int:current_poll}',
  942. array(
  943. 'current_poll' => $row['id_poll'],
  944. )
  945. );
  946. $options = array();
  947. while ($rowChoice = $smcFunc['db_fetch_assoc']($request))
  948. {
  949. censorText($rowChoice['label']);
  950. $options[$rowChoice['id_choice']] = array($rowChoice['label'], $rowChoice['votes']);
  951. }
  952. $smcFunc['db_free_result']($request);
  953. // Can they view it?
  954. $is_expired = !empty($row['expire_time']) && $row['expire_time'] < time();
  955. $allow_view_results = allowedTo('moderate_board') || $row['hide_results'] == 0 || $is_expired;
  956. $return = array(
  957. 'id' => $row['id_poll'],
  958. 'image' => 'poll',
  959. 'question' => $row['question'],
  960. 'total_votes' => $total,
  961. 'is_locked' => false,
  962. 'topic' => $row['id_topic'],
  963. 'allow_view_results' => $allow_view_results,
  964. 'options' => array()
  965. );
  966. // Calculate the percentages and bar lengths...
  967. $divisor = $return['total_votes'] == 0 ? 1 : $return['total_votes'];
  968. foreach ($options as $i => $option)
  969. {
  970. $bar = floor(($option[1] * 100) / $divisor);
  971. $barWide = $bar == 0 ? 1 : floor(($bar * 5) / 3);
  972. $return['options'][$i] = array(
  973. 'id' => 'options-' . ($topPollInstead ? 'top-' : 'recent-') . $i,
  974. 'percent' => $bar,
  975. 'votes' => $option[1],
  976. 'bar' => '<span style="white-space: nowrap;"><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'right' : 'left') . '.gif" alt="" /><img src="' . $settings['images_url'] . '/poll_middle.gif" width="' . $barWide . '" height="12" alt="-" /><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'left' : 'right') . '.gif" alt="" /></span>',
  977. 'option' => parse_bbc($option[0]),
  978. 'vote_button' => '<input type="' . ($row['max_votes'] > 1 ? 'checkbox' : 'radio') . '" name="options[]" id="options-' . ($topPollInstead ? 'top-' : 'recent-') . $i . '" value="' . $i . '" class="input_' . ($row['max_votes'] > 1 ? 'check' : 'radio') . '" />'
  979. );
  980. }
  981. $return['allowed_warning'] = $row['max_votes'] > 1 ? sprintf($txt['poll_options6'], min(count($options), $row['max_votes'])) : '';
  982. if ($output_method != 'echo')
  983. return $return;
  984. if ($allow_view_results)
  985. {
  986. echo '
  987. <form action="', $boardurl, '/SSI.php?ssi_function=pollVote" method="post" accept-charset="', $context['character_set'], '">
  988. <input type="hidden" name="poll" value="', $return['id'], '" />
  989. <table border="0" cellspacing="1" cellpadding="0" class="ssi_table">
  990. <tr>
  991. <td><strong>', $return['question'], '</strong></td>
  992. </tr>
  993. <tr>
  994. <td>', $return['allowed_warning'], '</td>
  995. </tr>';
  996. foreach ($return['options'] as $option)
  997. echo '
  998. <tr>
  999. <td><label for="', $option['id'], '">', $option['vote_button'], ' ', $option['option'], '</label></td>
  1000. </tr>';
  1001. echo '
  1002. <tr>
  1003. <td><input type="submit" value="', $txt['poll_vote'], '" class="button_submit" /></td>
  1004. </tr>
  1005. </table>
  1006. <input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '" />
  1007. </form>';
  1008. }
  1009. else
  1010. echo '
  1011. ', $txt['poll_cannot_see'];
  1012. }
  1013. function ssi_showPoll($topic = null, $output_method = 'echo')
  1014. {
  1015. global $db_prefix, $txt, $settings, $boardurl, $user_info, $context, $smcFunc, $modSettings;
  1016. $boardsAllowed = boardsAllowedTo('poll_view');
  1017. if (empty($boardsAllowed))
  1018. return array();
  1019. if ($topic === null && isset($_REQUEST['ssi_topic']))
  1020. $topic = (int) $_REQUEST['ssi_topic'];
  1021. else
  1022. $topic = (int) $topic;
  1023. $request = $smcFunc['db_query']('', '
  1024. SELECT
  1025. p.id_poll, p.question, p.voting_locked, p.hide_results, p.expire_time, p.max_votes, p.guest_vote, b.id_board
  1026. FROM {db_prefix}topics AS t
  1027. INNER JOIN {db_prefix}polls AS p ON (p.id_poll = t.id_poll)
  1028. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  1029. WHERE t.id_topic = {int:current_topic}
  1030. AND {query_see_board}' . (!in_array(0, $boardsAllowed) ? '
  1031. AND b.id_board IN ({array_int:boards_allowed_see})' : '') . ($modSettings['postmod_active'] ? '
  1032. AND t.approved = {int:is_approved}' : '') . '
  1033. LIMIT 1',
  1034. array(
  1035. 'current_topic' => $topic,
  1036. 'boards_allowed_see' => $boardsAllowed,
  1037. 'is_approved' => 1,
  1038. )
  1039. );
  1040. // Either this topic has no poll, or the user cannot view it.
  1041. if ($smcFunc['db_num_rows']($request) == 0)
  1042. return array();
  1043. $row = $smcFunc['db_fetch_assoc']($request);
  1044. $smcFunc['db_free_result']($request);
  1045. // Check if they can vote.
  1046. if (!empty($row['expire_time']) && $row['expire_time'] < time())
  1047. $allow_vote = false;
  1048. elseif ($user_info['is_guest'] && $row['guest_vote'] && (!isset($_COOKIE['guest_poll_vote']) || !in_array($row['id_poll'], explode(',', $_COOKIE['guest_poll_vote']))))
  1049. $allow_vote = true;
  1050. elseif ($user_info['is_guest'])
  1051. $allow_vote = false;
  1052. elseif (!empty($row['voting_locked']) || !allowedTo('poll_vote', $row['id_board']))
  1053. $allow_vote = false;
  1054. else
  1055. {
  1056. $request = $smcFunc['db_query']('', '
  1057. SELECT id_member
  1058. FROM {db_prefix}log_polls
  1059. WHERE id_poll = {int:current_poll}
  1060. AND id_member = {int:current_member}
  1061. LIMIT 1',
  1062. array(
  1063. 'current_member' => $user_info['id'],
  1064. 'current_poll' => $row['id_poll'],
  1065. )
  1066. );
  1067. $allow_vote = $smcFunc['db_num_rows']($request) == 0;
  1068. $smcFunc['db_free_result']($request);
  1069. }
  1070. // Can they view?
  1071. $is_expired = !empty($row['expire_time']) && $row['expire_time'] < time();
  1072. $allow_view_results = allowedTo('moderate_board') || $row['hide_results'] == 0 || ($row['hide_results'] == 1 && !$allow_vote) || $is_expired;
  1073. $request = $smcFunc['db_query']('', '
  1074. SELECT COUNT(DISTINCT id_member)
  1075. FROM {db_prefix}log_polls
  1076. WHERE id_poll = {int:current_poll}',
  1077. array(
  1078. 'current_poll' => $row['id_poll'],
  1079. )
  1080. );
  1081. list ($total) = $smcFunc['db_fetch_row']($request);
  1082. $smcFunc['db_free_result']($request);
  1083. $request = $smcFunc['db_query']('', '
  1084. SELECT id_choice, label, votes
  1085. FROM {db_prefix}poll_choices
  1086. WHERE id_poll = {int:current_poll}',
  1087. array(
  1088. 'current_poll' => $row['id_poll'],
  1089. )
  1090. );
  1091. $options = array();
  1092. $total_votes = 0;
  1093. while ($rowChoice = $smcFunc['db_fetch_assoc']($request))
  1094. {
  1095. censorText($rowChoice['label']);
  1096. $options[$rowChoice['id_choice']] = array($rowChoice['label'], $rowChoice['votes']);
  1097. $total_votes += $rowChoice['votes'];
  1098. }
  1099. $smcFunc['db_free_result']($request);
  1100. $return = array(
  1101. 'id' => $row['id_poll'],
  1102. 'image' => empty($pollinfo['voting_locked']) ? 'poll' : 'locked_poll',
  1103. 'question' => $row['question'],
  1104. 'total_votes' => $total,
  1105. 'is_locked' => !empty($pollinfo['voting_locked']),
  1106. 'allow_vote' => $allow_vote,
  1107. 'allow_view_results' => $allow_view_results,
  1108. 'topic' => $topic
  1109. );
  1110. // Calculate the percentages and bar lengths...
  1111. $divisor = $total_votes == 0 ? 1 : $total_votes;
  1112. foreach ($options as $i => $option)
  1113. {
  1114. $bar = floor(($option[1] * 100) / $divisor);
  1115. $barWide = $bar == 0 ? 1 : floor(($bar * 5) / 3);
  1116. $return['options'][$i] = array(
  1117. 'id' => 'options-' . $i,
  1118. 'percent' => $bar,
  1119. 'votes' => $option[1],
  1120. 'bar' => '<span style="white-space: nowrap;"><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'right' : 'left') . '.gif" alt="" /><img src="' . $settings['images_url'] . '/poll_middle.gif" width="' . $barWide . '" height="12" alt="-" /><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'left' : 'right') . '.gif" alt="" /></span>',
  1121. 'option' => parse_bbc($option[0]),
  1122. 'vote_button' => '<input type="' . ($row['max_votes'] > 1 ? 'checkbox' : 'radio') . '" name="options[]" id="options-' . $i . '" value="' . $i . '" class="input_' . ($row['max_votes'] > 1 ? 'check' : 'radio') . '" />'
  1123. );
  1124. }
  1125. $return['allowed_warning'] = $row['max_votes'] > 1 ? sprintf($txt['poll_options6'], min(count($options), $row['max_votes'])) : '';
  1126. if ($output_method != 'echo')
  1127. return $return;
  1128. if ($return['allow_vote'])
  1129. {
  1130. echo '
  1131. <form action="', $boardurl, '/SSI.php?ssi_function=pollVote" method="post" accept-charset="', $context['character_set'], '">
  1132. <input type="hidden" name="poll" value="', $return['id'], '" />
  1133. <table border="0" cellspacing="1" cellpadding="0" class="ssi_table">
  1134. <tr>
  1135. <td><strong>', $return['question'], '</strong></td>
  1136. </tr>
  1137. <tr>
  1138. <td>', $return['allowed_warning'], '</td>
  1139. </tr>';
  1140. foreach ($return['options'] as $option)
  1141. echo '
  1142. <tr>
  1143. <td><label for="', $option['id'], '">', $option['vote_button'], ' ', $option['option'], '</label></td>
  1144. </tr>';
  1145. echo '
  1146. <tr>
  1147. <td><input type="submit" value="', $txt['poll_vote'], '" class="button_submit" /></td>
  1148. </tr>
  1149. </table>
  1150. <input type="hidden" name="', $context['session_var'], '" value="', $cont…

Large files files are truncated, but you can click here to view the full file