<?php/** * MyBB 1.6 * Copyright 2010 MyBB Group, All Rights Reserved *

1. <?php
2. /**
3. * MyBB 1.6
4. * Copyright 2010 MyBB Group, All Rights Reserved
5. *
6. * Website: http://mybb.com
7. * License: http://mybb.com/about/license
8. *
9. * $Id$
10. */
11.  
12. define("IN_MYBB", 1);
13. define("IN_PORTAL", 1);
14. define('THIS_SCRIPT', 'portal.php');
15.  
16. // set the path to your forums directory here (without trailing slash)
17. $forumdir = "./";
18.  
19. // end editing
20.  
21. $change_dir = "./";
22.  
23. if(!@chdir($forumdir) && !empty($forumdir))
24. {
25. if(@is_dir($forumdir))
26. {
27. $change_dir = $forumdir;
28. }
29. else
30. {
31. die("\$forumdir is invalid!");
32. }
33. }
34.  
35. $templatelist = "portal_welcome,portal_welcome_membertext,portal_stats,portal_search,portal_whosonline_memberbit,portal_whosonline,portal_latestthreads_thread_lastpost,portal_latestthreads_thread,portal_latestthreads,portal_announcement_numcomments_no,portal_announcement,portal_announcement_numcomments,portal_pms,portal";
36.  
37. require_once $change_dir."/global.php";
38. require_once MYBB_ROOT."inc/functions_post.php";
39. require_once MYBB_ROOT."inc/functions_user.php";
40. require_once MYBB_ROOT."inc/class_parser.php";
41. $parser = new postParser;
42.  
43. // Load global language phrases
44. $lang->load("portal");
45.  
46. // Fetch the current URL
47. $portal_url = get_current_location();
48.  
49. add_breadcrumb($lang->nav_portal, "portal.php");
50.  
51. $plugins->run_hooks("portal_start");
52.  
53.  
54. // get forums user cannot view
55. $unviewable = get_unviewable_forums(true);
56. if($unviewable)
57. {
58. $unviewwhere = " AND fid NOT IN ($unviewable)";
59. }
60. // If user is known, welcome them
61. if($mybb->settings['portal_showwelcome'] != 0)
62. {
63. if($mybb->user['uid'] != 0)
64. {
65. // Get number of new posts, threads, announcements
66. $query = $db->simple_select("posts", "COUNT(pid) AS newposts", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' $unviewwhere");
67. $newposts = $db->fetch_field($query, "newposts");
68. if($newposts)
69. {
70. // If there aren't any new posts, there is no point in wasting two more queries
71. $query = $db->simple_select("threads", "COUNT(tid) AS newthreads", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' $unviewwhere");
72. $newthreads = $db->fetch_field($query, "newthreads");
73.  
74. $announcementsfids = explode(',', $mybb->settings['portal_announcementsfid']);
75. if(is_array($announcementsfids))
76. {
77. foreach($announcementsfids as $fid)
78. {
79. $fid_array[] = intval($fid);
80. }
81.  
82. $announcementsfids = implode(',', $fid_array);
83. $query = $db->simple_select("threads", "COUNT(tid) AS newann", "visible=1 AND dateline>'".$mybb->user['lastvisit']."' AND fid IN (".$announcementsfids.") $unviewwhere");
84. $newann = $db->fetch_field($query, "newann");
85. }
86.  
87. if(!$newthreads)
88. {
89. $newthreads = 0;
90. }
91.  
92. if(!$newann)
93. {
94. $newann = 0;
95. }
96. }
97. else
98. {
99. $newposts = 0;
100. $newthreads = 0;
101. $newann = 0;
102. }
103.  
104. // Make the text
105. if($newann == 1)
106. {
107. $lang->new_announcements = $lang->new_announcement;
108. }
109. else
110. {
111. $lang->new_announcements = $lang->sprintf($lang->new_announcements, $newann);
112. }
113. if($newthreads == 1)
114. {
115. $lang->new_threads = $lang->new_thread;
116. }
117. else
118. {
119. $lang->new_threads = $lang->sprintf($lang->new_threads, $newthreads);
120. }
121. if($newposts == 1)
122. {
123. $lang->new_posts = $lang->new_post;
124. }
125. else
126. {
127. $lang->new_posts = $lang->sprintf($lang->new_posts, $newposts);
128. }
129. eval("\$welcometext = \"".$templates->get("portal_welcome_membertext")."\";");
130.  
131. }
132. else
133. {
134. $lang->guest_welcome_registration = $lang->sprintf($lang->guest_welcome_registration, $mybb->settings['bburl'] . '/member.php?action=register');
135. $mybb->user['username'] = $lang->guest;
136. switch($mybb->settings['username_method'])
137. {
138. case 0:
139. $username = $lang->username;
140. break;
141. case 1:
142. $username = $lang->username1;
143. break;
144. case 2:
145. $username = $lang->username2;
146. break;
147. default:
148. $username = $lang->username;
149. break;
150. }
151. eval("\$welcometext = \"".$templates->get("portal_welcome_guesttext")."\";");
152. }
153. $lang->welcome = $lang->sprintf($lang->welcome, $mybb->user['username']);
154. eval("\$welcome = \"".$templates->get("portal_welcome")."\";");
155. if($mybb->user['uid'] == 0)
156. {
157. $mybb->user['username'] = "";
158. }
159. }
160. // Private messages box
161. if($mybb->settings['portal_showpms'] != 0)
162. {
163. if($mybb->user['uid'] != 0 && $mybb->user['receivepms'] != 0 && $mybb->usergroup['canusepms'] != 0 && $mybb->settings['enablepms'] != 0)
164. {
165. switch($db->type)
166. {
167. case "sqlite":
168. case "pgsql":
169. $query = $db->simple_select("privatemessages", "COUNT(*) AS pms_total", "uid='".$mybb->user['uid']."'");
170. $messages['pms_total'] = $db->fetch_field($query, "pms_total");
171.  
172. $query = $db->simple_select("privatemessages", "COUNT(*) AS pms_unread", "uid='".$mybb->user['uid']."' AND CASE WHEN status = '0' AND folder = '0' THEN TRUE ELSE FALSE END");
173. $messages['pms_unread'] = $db->fetch_field($query, "pms_unread");
174. break;
175. default:
176. $query = $db->simple_select("privatemessages", "COUNT(*) AS pms_total, SUM(IF(status='0' AND folder='1','1','0')) AS pms_unread", "uid='".$mybb->user['uid']."'");
177. $messages = $db->fetch_array($query);
178. }
179.  
180. // the SUM() thing returns "" instead of 0
181. if($messages['pms_unread'] == "")
182. {
183. $messages['pms_unread'] = 0;
184. }
185. $lang->pms_received_new = $lang->sprintf($lang->pms_received_new, $mybb->user['username'], $messages['pms_unread']);
186. eval("\$pms = \"".$templates->get("portal_pms")."\";");
187. }
188. }
189. // Get Forum Statistics
190. if($mybb->settings['portal_showstats'] != 0)
191. {
192. $stats = $cache->read("stats");
193. $stats['numthreads'] = my_number_format($stats['numthreads']);
194. $stats['numposts'] = my_number_format($stats['numposts']);
195. $stats['numusers'] = my_number_format($stats['numusers']);
196. if(!$stats['lastusername'])
197. {
198. $newestmember = "<strong>" . $lang->no_one . "</strong>";
199. }
200. else
201. {
202. $newestmember = build_profile_link($stats['lastusername'], $stats['lastuid']);
203. }
204. eval("\$stats = \"".$templates->get("portal_stats")."\";");
205. }
206.  
207. // Search box
208. if($mybb->settings['portal_showsearch'] != 0)
209. {
210. eval("\$search = \"".$templates->get("portal_search")."\";");
211. }
212.  
213. // Get the online users
214. if($mybb->settings['portal_showwol'] != 0 && $mybb->usergroup['canviewonline'] != 0)
215. {
216. $timesearch = TIME_NOW - $mybb->settings['wolcutoff'];
217. $comma = '';
218. $guestcount = 0;
219. $membercount = 0;
220. $onlinemembers = '';
221. $query = $db->query("
222. SELECT s.sid, s.ip, s.uid, s.time, s.location, u.username, u.invisible, u.usergroup, u.displaygroup
223. FROM ".TABLE_PREFIX."sessions s
224. LEFT JOIN ".TABLE_PREFIX."users u ON (s.uid=u.uid)
225. WHERE s.time>'$timesearch'
226. ORDER BY u.username ASC, s.time DESC
227. ");
228. while($user = $db->fetch_array($query))
229. {
230.  
231. // Create a key to test if this user is a search bot.
232. $botkey = my_strtolower(str_replace("bot=", '', $user['sid']));
233.  
234. if($user['uid'] == "0")
235. {
236. ++$guestcount;
237. }
238. elseif(my_strpos($user['sid'], "bot=") !== false && $session->bots[$botkey])
239. {
240. // The user is a search bot.
241. $onlinemembers .= $comma.format_name($session->bots[$botkey], $session->botgroup);
242. $comma = $lang->comma;
243. ++$botcount;
244. }
245. else
246. {
247. if($doneusers[$user['uid']] < $user['time'] || !$doneusers[$user['uid']])
248. {
249. ++$membercount;
250.  
251. $doneusers[$user['uid']] = $user['time'];
252.  
253. // If the user is logged in anonymously, update the count for that.
254. if($user['invisible'] == 1)
255. {
256. ++$anoncount;
257. }
258.  
259. if($user['invisible'] == 1)
260. {
261. $invisiblemark = "*";
262. }
263. else
264. {
265. $invisiblemark = '';
266. }
267.  
268. if(($user['invisible'] == 1 && ($mybb->usergroup['canviewwolinvis'] == 1 || $user['uid'] == $mybb->user['uid'])) || $user['invisible'] != 1)
269. {
270. $user['username'] = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
271. $user['profilelink'] = get_profile_link($user['uid']);
272. eval("\$onlinemembers .= \"".$templates->get("portal_whosonline_memberbit", 1, 0)."\";");
273. $comma = $lang->comma;
274. }
275. }
276. }
277. }
278.  
279. $onlinecount = $membercount + $guestcount + $botcount;
280.  
281. // If we can see invisible users add them to the count
282. if($mybb->usergroup['canviewwolinvis'] == 1)
283. {
284. $onlinecount += $anoncount;
285. }
286.  
287. // If we can't see invisible users but the user is an invisible user incriment the count by one
288. if($mybb->usergroup['canviewwolinvis'] != 1 && $mybb->user['invisible'] == 1)
289. {
290. ++$onlinecount;
291. }
292.  
293. // Most users online
294. $mostonline = $cache->read("mostonline");
295. if($onlinecount > $mostonline['numusers'])
296. {
297. $time = TIME_NOW;
298. $mostonline['numusers'] = $onlinecount;
299. $mostonline['time'] = $time;
300. $cache->update("mostonline", $mostonline);
301. }
302. $recordcount = $mostonline['numusers'];
303. $recorddate = my_date($mybb->settings['dateformat'], $mostonline['time']);
304. $recordtime = my_date($mybb->settings['timeformat'], $mostonline['time']);
305.  
306. if($onlinecount == 1)
307. {
308. $lang->online_users = $lang->online_user;
309. }
310. else
311. {
312. $lang->online_users = $lang->sprintf($lang->online_users, $onlinecount);
313. }
314. $lang->online_counts = $lang->sprintf($lang->online_counts, $membercount, $guestcount);
315. eval("\$whosonline = \"".$templates->get("portal_whosonline")."\";");
316. }
317.  
318. // Latest forum discussions
319. if($mybb->settings['portal_showdiscussions'] != 0 && $mybb->settings['portal_showdiscussionsnum'])
320. {
321. $altbg = alt_trow();
322. $threadlist = '';
323. $query = $db->query("
324. SELECT t.*, u.username
325. FROM ".TABLE_PREFIX."threads t
326. LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=t.uid)
327. WHERE 1=1 $unviewwhere AND t.visible='1' AND t.closed NOT LIKE 'moved|%'
328. ORDER BY t.lastpost DESC
329. LIMIT 0, ".$mybb->settings['portal_showdiscussionsnum']
330. );
331. while($thread = $db->fetch_array($query))
332. {
333. $forumpermissions[$thread['fid']] = forum_permissions($thread['fid']);
334.  
335. // Make sure we can view this thread
336. if($forumpermissions[$thread['fid']]['canview'] == 0 || $forumpermissions[$thread['fid']]['canviewthreads'] == 0 || $forumpermissions[$thread['fid']]['canonlyviewownthreads'] == 1 && $thread['uid'] != $mybb->user['uid'])
337. {
338. continue;
339. }
340.  
341. $lastpostdate = my_date($mybb->settings['dateformat'], $thread['lastpost']);
342. $lastposttime = my_date($mybb->settings['timeformat'], $thread['lastpost']);
343. // Don't link to guest's profiles (they have no profile).
344. if($thread['lastposteruid'] == 0)
345. {
346. $lastposterlink = $thread['lastposter'];
347. }
348. else
349. {
350. $lastposterlink = build_profile_link($thread['lastposter'], $thread['lastposteruid']);
351. }
352. if(my_strlen($thread['subject']) > 25)
353. {
354. $thread['subject'] = my_substr($thread['subject'], 0, 25) . "...";
355. }
356. $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
357. $thread['threadlink'] = get_thread_link($thread['tid']);
358. $thread['lastpostlink'] = get_thread_link($thread['tid'], 0, "lastpost");
359. eval("\$threadlist .= \"".$templates->get("portal_latestthreads_thread")."\";");
360. $altbg = alt_trow();
361. }
362. if($threadlist)
363. {
364. // Show the table only if there are threads
365. eval("\$latestthreads = \"".$templates->get("portal_latestthreads")."\";");
366. }
367. }
368.  
369. // Get latest news announcements
370. // First validate announcement fids:
371. $announcementsfids = explode(',', $mybb->settings['portal_announcementsfid']);
372. if(is_array($announcementsfids))
373. {
374. foreach($announcementsfids as $fid)
375. {
376. $fid_array[] = intval($fid);
377. }
378. $announcementsfids = implode(',', $fid_array);
379. }
380. // And get them!
381. foreach($forum_cache as $fid => $f)
382. {
383. if(is_array($fid_array) && in_array($fid, $fid_array))
384. {
385. $forum[$fid] = $f;
386. }
387. }
388.  
389. $numannouncements = intval($mybb->settings['portal_numannouncements']);
390. if(!$numannouncements)
391. {
392. $numannouncements = 10; // Default back to 10
393. }
394.  
395. $pids = '';
396. $tids = '';
397. $comma = '';
398. $query = $db->query("
399. SELECT p.pid, p.message, p.tid, p.smilieoff
400. FROM ".TABLE_PREFIX."posts p
401. LEFT JOIN ".TABLE_PREFIX."threads t ON (t.tid=p.tid)
402. WHERE t.fid IN (".$announcementsfids.") AND t.visible='1' AND t.closed NOT LIKE 'moved|%' AND t.firstpost=p.pid
403. ORDER BY t.dateline DESC
404. LIMIT 0, {$numannouncements}"
405. );
406. while($getid = $db->fetch_array($query))
407. {
408. $pids .= ",'{$getid['pid']}'";
409. $tids .= ",'{$getid['tid']}'";
410. $posts[$getid['tid']] = $getid;
411. }
412. $pids = "pid IN(0{$pids})";
413. // Now lets fetch all of the attachments for these posts
414. $query = $db->simple_select("attachments", "*", $pids);
415. while($attachment = $db->fetch_array($query))
416. {
417. $attachcache[$attachment['pid']][$attachment['aid']] = $attachment;
418. }
419.  
420. if(is_array($forum))
421. {
422. foreach($forum as $fid => $forumrow)
423. {
424. $forumpermissions[$fid] = forum_permissions($fid);
425. }
426. }
427.  
428. $icon_cache = $cache->read("posticons");
429.  
430. $announcements = '';
431. $query = $db->query("
432. SELECT t.*, t.username AS threadusername, u.username, u.avatar, u.avatardimensions
433. FROM ".TABLE_PREFIX."threads t
434. LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid)
435. WHERE t.fid IN (".$announcementsfids.") AND t.tid IN (0{$tids}) AND t.visible='1' AND t.closed NOT LIKE 'moved|%'
436. ORDER BY t.dateline DESC
437. LIMIT 0, {$numannouncements}"
438. );
439. while($announcement = $db->fetch_array($query))
440. {
441. // Make sure we can view this announcement
442. if($forumpermissions[$announcement['fid']]['canview'] == 0 || $forumpermissions[$announcement['fid']]['canviewthreads'] == 0 || $forumpermissions[$announcement['fid']]['canonlyviewownthreads'] == 1 && $announcement['uid'] != $mybb->user['uid'])
443. {
444. continue;
445. }
446.  
447. $announcement['message'] = $posts[$announcement['tid']]['message'];
448. $announcement['pid'] = $posts[$announcement['tid']]['pid'];
449. $announcement['smilieoff'] = $posts[$announcement['tid']]['smilieoff'];
450. $announcement['threadlink'] = get_thread_link($announcement['tid']);
451.  
452. if($announcement['uid'] == 0)
453. {
454. $profilelink = htmlspecialchars_uni($announcement['threadusername']);
455. }
456. else
457. {
458. $profilelink = build_profile_link($announcement['username'], $announcement['uid']);
459. }
460.  
461. if(!$announcement['username'])
462. {
463. $announcement['username'] = $announcement['threadusername'];
464. }
465. $announcement['subject'] = htmlspecialchars_uni($parser->parse_badwords($announcement['subject']));
466. if($announcement['icon'] > 0 && $icon_cache[$announcement['icon']])
467. {
468. $icon = $icon_cache[$announcement['icon']];
469. $icon = "<img src=\"{$icon['path']}\" alt=\"{$icon['name']}\" />";
470. }
471. else
472. {
473. $icon = "&nbsp;";
474. }
475. if($announcement['avatar'] != '')
476. {
477. $avatar_dimensions = explode("|", $announcement['avatardimensions']);
478. if($avatar_dimensions[0] && $avatar_dimensions[1])
479. {
480. $avatar_width_height = "width=\"{$avatar_dimensions[0]}\" height=\"{$avatar_dimensions[1]}\"";
481. }
482. if (!stristr($announcement['avatar'], 'http://'))
483. {
484. $announcement['avatar'] = $mybb->settings['bburl'] . '/' . $announcement['avatar'];
485. }
486. $avatar = "<td class=\"trow1\" width=\"1\" align=\"center\" valign=\"top\"><img src=\"{$announcement['avatar']}\" alt=\"\" {$avatar_width_height} /></td>";
487. }
488. else
489. {
490. $avatar = '';
491. }
492. $anndate = my_date($mybb->settings['dateformat'], $announcement['dateline']);
493. $anntime = my_date($mybb->settings['timeformat'], $announcement['dateline']);
494.  
495. if($announcement['replies'])
496. {
497. eval("\$numcomments = \"".$templates->get("portal_announcement_numcomments")."\";");
498. }
499. else
500. {
501. eval("\$numcomments = \"".$templates->get("portal_announcement_numcomments_no")."\";");
502. $lastcomment = '';
503. }
504.  
505. $plugins->run_hooks("portal_announcement");
506.  
507. $parser_options = array(
508. "allow_html" => $forum[$announcement['fid']]['allowhtml'],
509. "allow_mycode" => $forum[$announcement['fid']]['allowmycode'],
510. "allow_smilies" => $forum[$announcement['fid']]['allowsmilies'],
511. "allow_imgcode" => $forum[$announcement['fid']]['allowimgcode'],
512. "allow_videocode" => $forum[$announcement['fid']]['allowvideocode'],
513. "filter_badwords" => 1
514. );
515. if($announcement['smilieoff'] == 1)
516. {
517. $parser_options['allow_smilies'] = 0;
518. }
519.  
520. $message = $parser->parse_message($announcement['message'], $parser_options);
521.  
522. if(is_array($attachcache[$announcement['pid']]))
523. { // This post has 1 or more attachments
524. $validationcount = 0;
525. $id = $announcement['pid'];
526. foreach($attachcache[$id] as $aid => $attachment)
527. {
528. if($attachment['visible'])
529. { // There is an attachment thats visible!
530. $attachment['filename'] = htmlspecialchars_uni($attachment['filename']);
531. $attachment['filesize'] = get_friendly_size($attachment['filesize']);
532. $ext = get_extension($attachment['filename']);
533. if($ext == "jpeg" || $ext == "gif" || $ext == "bmp" || $ext == "png" || $ext == "jpg")
534. {
535. $isimage = true;
536. }
537. else
538. {
539. $isimage = false;
540. }
541. $attachment['icon'] = get_attachment_icon($ext);
542. // Support for [attachment=id] code
543. if(stripos($message, "[attachment=".$attachment['aid']."]") !== false)
544. {
545. if($attachment['thumbnail'] != "SMALL" && $attachment['thumbnail'] != '')
546. { // We have a thumbnail to show (and its not the "SMALL" enough image
547. eval("\$attbit = \"".$templates->get("postbit_attachments_thumbnails_thumbnail")."\";");
548. }
549. elseif($attachment['thumbnail'] == "SMALL" && $forumpermissions[$announcement['fid']]['candlattachments'] == 1)
550. {
551. // Image is small enough to show - no thumbnail
552. eval("\$attbit = \"".$templates->get("postbit_attachments_images_image")."\";");
553. }
554. else
555. {
556. // Show standard link to attachment
557. eval("\$attbit = \"".$templates->get("postbit_attachments_attachment")."\";");
558. }
559. $message = preg_replace("#\[attachment=".$attachment['aid']."]#si", $attbit, $message);
560. }
561. else
562. {
563. if($attachment['thumbnail'] != "SMALL" && $attachment['thumbnail'] != '')
564. { // We have a thumbnail to show
565. eval("\$post['thumblist'] .= \"".$templates->get("postbit_attachments_thumbnails_thumbnail")."\";");
566. if($tcount == 5)
567. {
568. $thumblist .= "<br />";
569. $tcount = 0;
570. }
571. ++$tcount;
572. }
573. elseif($attachment['thumbnail'] == "SMALL" && $forumpermissions[$announcement['fid']]['candlattachments'] == 1)
574. {
575. // Image is small enough to show - no thumbnail
576. eval("\$post['imagelist'] .= \"".$templates->get("postbit_attachments_images_image")."\";");
577. }
578. else
579. {
580. eval("\$post['attachmentlist'] .= \"".$templates->get("postbit_attachments_attachment")."\";");
581. }
582. }
583. }
584. else
585. {
586. $validationcount++;
587. }
588. }
589. if($post['thumblist'])
590. {
591. eval("\$post['attachedthumbs'] = \"".$templates->get("postbit_attachments_thumbnails")."\";");
592. }
593. if($post['imagelist'])
594. {
595. eval("\$post['attachedimages'] = \"".$templates->get("postbit_attachments_images")."\";");
596. }
597. if($post['attachmentlist'] || $post['thumblist'] || $post['imagelist'])
598. {
599. eval("\$post['attachments'] = \"".$templates->get("postbit_attachments")."\";");
600. }
601. }
602.  
603. eval("\$announcements .= \"".$templates->get("portal_announcement")."\";");
604. unset($post);
605. }
606.  
607. $plugins->run_hooks("portal_end");
608.  
609. eval("\$portal = \"".$templates->get("portal")."\";");
610. output_page($portal);
611. ?>