SSI.php 74 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041
  1. <?php
  2. /**
  3. * Simple Machines Forum (SMF)
  4. *
  5. * @package SMF
  6. * @author Simple Machines http://www.simplemachines.org
  7. * @copyright 2013 Simple Machines and individual contributors
  8. * @license http://www.simplemachines.org/about/smf/license.php BSD
  9. *
  10. * @version 2.1 Alpha 1
  11. */
  12. // Don't do anything if SMF is already loaded.
  13. if (defined('SMF'))
  14. return true;
  15. define('SMF', 'SSI');
  16. // We're going to want a few globals... these are all set later.
  17. global $time_start, $maintenance, $msubject, $mmessage, $mbname, $language;
  18. global $boardurl, $boarddir, $sourcedir, $webmaster_email, $cookiename;
  19. global $db_server, $db_name, $db_user, $db_prefix, $db_persist, $db_error_send, $db_last_error;
  20. global $db_connection, $modSettings, $context, $sc, $user_info, $topic, $board, $txt;
  21. global $smcFunc, $ssi_db_user, $scripturl, $ssi_db_passwd, $db_passwd, $cachedir;
  22. // Remember the current configuration so it can be set back.
  23. $ssi_magic_quotes_runtime = function_exists('get_magic_quotes_gpc') && get_magic_quotes_runtime();
  24. if (function_exists('set_magic_quotes_runtime'))
  25. @set_magic_quotes_runtime(0);
  26. $time_start = microtime();
  27. // Just being safe...
  28. foreach (array('db_character_set', 'cachedir') as $variable)
  29. if (isset($GLOBALS[$variable]))
  30. unset($GLOBALS[$variable]);
  31. // Get the forum's settings for database and file paths.
  32. require_once(dirname(__FILE__) . '/Settings.php');
  33. // Make absolutely sure the cache directory is defined.
  34. if ((empty($cachedir) || !file_exists($cachedir)) && file_exists($boarddir . '/cache'))
  35. $cachedir = $boarddir . '/cache';
  36. $ssi_error_reporting = error_reporting(defined('E_STRICT') ? E_ALL | E_STRICT : E_ALL);
  37. /* Set this to one of three values depending on what you want to happen in the case of a fatal error.
  38. false: Default, will just load the error sub template and die - not putting any theme layers around it.
  39. true: Will load the error sub template AND put the SMF layers around it (Not useful if on total custom pages).
  40. string: Name of a callback function to call in the event of an error to allow you to define your own methods. Will die after function returns.
  41. */
  42. $ssi_on_error_method = false;
  43. // Don't do john didley if the forum's been shut down competely.
  44. if ($maintenance == 2 && (!isset($ssi_maintenance_off) || $ssi_maintenance_off !== true))
  45. die($mmessage);
  46. // Fix for using the current directory as a path.
  47. if (substr($sourcedir, 0, 1) == '.' && substr($sourcedir, 1, 1) != '.')
  48. $sourcedir = dirname(__FILE__) . substr($sourcedir, 1);
  49. // Load the important includes.
  50. require_once($sourcedir . '/QueryString.php');
  51. require_once($sourcedir . '/Session.php');
  52. require_once($sourcedir . '/Subs.php');
  53. require_once($sourcedir . '/Errors.php');
  54. require_once($sourcedir . '/Logging.php');
  55. require_once($sourcedir . '/Load.php');
  56. require_once($sourcedir . '/Security.php');
  57. require_once($sourcedir . '/Class-BrowserDetect.php');
  58. // Using an pre-PHP 5.1 version?
  59. if (version_compare(PHP_VERSION, '5.1', '<'))
  60. require_once($sourcedir . '/Subs-Compat.php');
  61. // Create a variable to store some SMF specific functions in.
  62. $smcFunc = array();
  63. // Initate the database connection and define some database functions to use.
  64. loadDatabase();
  65. // Load installed 'Mods' settings.
  66. reloadSettings();
  67. // Clean the request variables.
  68. cleanRequest();
  69. // Seed the random generator?
  70. if (empty($modSettings['rand_seed']) || mt_rand(1, 250) == 69)
  71. smf_seed_generator();
  72. // Check on any hacking attempts.
  73. if (isset($_REQUEST['GLOBALS']) || isset($_COOKIE['GLOBALS']))
  74. die('No direct access...');
  75. elseif (isset($_REQUEST['ssi_theme']) && (int) $_REQUEST['ssi_theme'] == (int) $ssi_theme)
  76. die('No direct access...');
  77. elseif (isset($_COOKIE['ssi_theme']) && (int) $_COOKIE['ssi_theme'] == (int) $ssi_theme)
  78. die('No direct access...');
  79. elseif (isset($_REQUEST['ssi_layers'], $ssi_layers) && (@get_magic_quotes_gpc() ? stripslashes($_REQUEST['ssi_layers']) : $_REQUEST['ssi_layers']) == $ssi_layers)
  80. die('No direct access...');
  81. if (isset($_REQUEST['context']))
  82. die('No direct access...');
  83. // Make sure wireless is always off.
  84. define('WIRELESS', false);
  85. // Gzip output? (because it must be boolean and true, this can't be hacked.)
  86. if (isset($ssi_gzip) && $ssi_gzip === true && ini_get('zlib.output_compression') != '1' && ini_get('output_handler') != 'ob_gzhandler' && version_compare(PHP_VERSION, '4.2.0', '>='))
  87. ob_start('ob_gzhandler');
  88. else
  89. $modSettings['enableCompressedOutput'] = '0';
  90. // Primarily, this is to fix the URLs...
  91. ob_start('ob_sessrewrite');
  92. // Start the session... known to scramble SSI includes in cases...
  93. if (!headers_sent())
  94. loadSession();
  95. else
  96. {
  97. if (isset($_COOKIE[session_name()]) || isset($_REQUEST[session_name()]))
  98. {
  99. // Make a stab at it, but ignore the E_WARNINGs generated because we can't send headers.
  100. $temp = error_reporting(error_reporting() & !E_WARNING);
  101. loadSession();
  102. error_reporting($temp);
  103. }
  104. if (!isset($_SESSION['session_value']))
  105. {
  106. $_SESSION['session_var'] = substr(md5(mt_rand() . session_id() . mt_rand()), 0, rand(7, 12));
  107. $_SESSION['session_value'] = md5(session_id() . mt_rand());
  108. }
  109. $sc = $_SESSION['session_value'];
  110. }
  111. // Get rid of $board and $topic... do stuff loadBoard would do.
  112. unset($board, $topic);
  113. $user_info['is_mod'] = false;
  114. $context['user']['is_mod'] = &$user_info['is_mod'];
  115. $context['linktree'] = array();
  116. // Load the user and their cookie, as well as their settings.
  117. loadUserSettings();
  118. // Load the current user's permissions....
  119. loadPermissions();
  120. // Load the current or SSI theme. (just use $ssi_theme = id_theme;)
  121. loadTheme(isset($ssi_theme) ? (int) $ssi_theme : 0);
  122. // @todo: probably not the best place, but somewhere it should be set...
  123. if (!headers_sent())
  124. header('Content-Type: text/html; charset=' . (empty($modSettings['global_character_set']) ? (empty($txt['lang_character_set']) ? 'ISO-8859-1' : $txt['lang_character_set']) : $modSettings['global_character_set']));
  125. // Take care of any banning that needs to be done.
  126. if (isset($_REQUEST['ssi_ban']) || (isset($ssi_ban) && $ssi_ban === true))
  127. is_not_banned();
  128. // Do we allow guests in here?
  129. if (empty($ssi_guest_access) && empty($modSettings['allow_guestAccess']) && $user_info['is_guest'] && basename($_SERVER['PHP_SELF']) != 'SSI.php')
  130. {
  131. require_once($sourcedir . '/Subs-Auth.php');
  132. KickGuest();
  133. obExit(null, true);
  134. }
  135. // Load the stuff like the menu bar, etc.
  136. if (isset($ssi_layers))
  137. {
  138. $context['template_layers'] = $ssi_layers;
  139. template_header();
  140. }
  141. else
  142. setupThemeContext();
  143. // Make sure they didn't muss around with the settings... but only if it's not cli.
  144. if (isset($_SERVER['REMOTE_ADDR']) && !isset($_SERVER['is_cli']) && session_id() == '')
  145. trigger_error($txt['ssi_session_broken'], E_USER_NOTICE);
  146. // Without visiting the forum this session variable might not be set on submit.
  147. if (!isset($_SESSION['USER_AGENT']) && (!isset($_GET['ssi_function']) || $_GET['ssi_function'] !== 'pollVote'))
  148. $_SESSION['USER_AGENT'] = $_SERVER['HTTP_USER_AGENT'];
  149. // Have the ability to easily add functions to SSI.
  150. call_integration_hook('integrate_SSI');
  151. // Call a function passed by GET.
  152. if (isset($_GET['ssi_function']) && function_exists('ssi_' . $_GET['ssi_function']) && (!empty($modSettings['allow_guestAccess']) || !$user_info['is_guest']))
  153. {
  154. call_user_func('ssi_' . $_GET['ssi_function']);
  155. exit;
  156. }
  157. if (isset($_GET['ssi_function']))
  158. exit;
  159. // You shouldn't just access SSI.php directly by URL!!
  160. elseif (basename($_SERVER['PHP_SELF']) == 'SSI.php')
  161. die(sprintf($txt['ssi_not_direct'], $user_info['is_admin'] ? '\'' . addslashes(__FILE__) . '\'' : '\'SSI.php\''));
  162. error_reporting($ssi_error_reporting);
  163. if (function_exists('set_magic_quotes_runtime'))
  164. @set_magic_quotes_runtime($ssi_magic_quotes_runtime);
  165. return true;
  166. // This shuts down the SSI and shows the footer.
  167. function ssi_shutdown()
  168. {
  169. if (!isset($_GET['ssi_function']) || $_GET['ssi_function'] != 'shutdown')
  170. template_footer();
  171. }
  172. // Display a welcome message, like: Hey, User, you have 0 messages, 0 are new.
  173. function ssi_welcome($output_method = 'echo')
  174. {
  175. global $context, $txt, $scripturl;
  176. if ($output_method == 'echo')
  177. {
  178. if ($context['user']['is_guest'])
  179. echo sprintf($txt[$context['can_register'] ? 'welcome_guest_register' : 'welcome_guest'], $txt['guest_title'], $scripturl . '?action=login');
  180. else
  181. echo $txt['hello_member'], ' <strong>', $context['user']['name'], '</strong>', allowedTo('pm_read') ? ', ' . (empty($context['user']['messages']) ? $txt['msg_alert_no_messages'] : (($context['user']['messages'] == 1 ? sprintf($txt['msg_alert_one_message'], $scripturl . '?action=pm') : sprintf($txt['msg_alert_many_message'], $scripturl . '?action=pm', $context['user']['messages'])) . ', ' . ($context['user']['unread_messages'] == 1 ? $txt['msg_alert_one_new'] : sprintf($txt['msg_alert_many_new'], $context['user']['unread_messages'])))) : '';
  182. }
  183. // Don't echo... then do what?!
  184. else
  185. return $context['user'];
  186. }
  187. // Display a menu bar, like is displayed at the top of the forum.
  188. function ssi_menubar($output_method = 'echo')
  189. {
  190. global $context;
  191. if ($output_method == 'echo')
  192. template_menu();
  193. // What else could this do?
  194. else
  195. return $context['menu_buttons'];
  196. }
  197. // Show a logout link.
  198. function ssi_logout($redirect_to = '', $output_method = 'echo')
  199. {
  200. global $context, $txt, $scripturl;
  201. if ($redirect_to != '')
  202. $_SESSION['logout_url'] = $redirect_to;
  203. // Guests can't log out.
  204. if ($context['user']['is_guest'])
  205. return false;
  206. $link = '<a href="' . $scripturl . '?action=logout;' . $context['session_var'] . '=' . $context['session_id'] . '">' . $txt['logout'] . '</a>';
  207. if ($output_method == 'echo')
  208. echo $link;
  209. else
  210. return $link;
  211. }
  212. // Recent post list: [board] Subject by Poster Date
  213. function ssi_recentPosts($num_recent = 8, $exclude_boards = null, $include_boards = null, $output_method = 'echo', $limit_body = true)
  214. {
  215. global $context, $settings, $scripturl, $txt, $db_prefix, $user_info;
  216. global $modSettings, $smcFunc;
  217. // Excluding certain boards...
  218. if ($exclude_boards === null && !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0)
  219. $exclude_boards = array($modSettings['recycle_board']);
  220. else
  221. $exclude_boards = empty($exclude_boards) ? array() : (is_array($exclude_boards) ? $exclude_boards : array($exclude_boards));
  222. // What about including certain boards - note we do some protection here as pre-2.0 didn't have this parameter.
  223. if (is_array($include_boards) || (int) $include_boards === $include_boards)
  224. {
  225. $include_boards = is_array($include_boards) ? $include_boards : array($include_boards);
  226. }
  227. elseif ($include_boards != null)
  228. {
  229. $include_boards = array();
  230. }
  231. // Let's restrict the query boys (and girls)
  232. $query_where = '
  233. m.id_msg >= {int:min_message_id}
  234. ' . (empty($exclude_boards) ? '' : '
  235. AND b.id_board NOT IN ({array_int:exclude_boards})') . '
  236. ' . ($include_boards === null ? '' : '
  237. AND b.id_board IN ({array_int:include_boards})') . '
  238. AND {query_wanna_see_board}' . ($modSettings['postmod_active'] ? '
  239. AND m.approved = {int:is_approved}' : '');
  240. $query_where_params = array(
  241. 'is_approved' => 1,
  242. 'include_boards' => $include_boards === null ? '' : $include_boards,
  243. 'exclude_boards' => empty($exclude_boards) ? '' : $exclude_boards,
  244. 'min_message_id' => $modSettings['maxMsgID'] - 25 * min($num_recent, 5),
  245. );
  246. // Past to this simpleton of a function...
  247. return ssi_queryPosts($query_where, $query_where_params, $num_recent, 'm.id_msg DESC', $output_method, $limit_body);
  248. }
  249. // Fetch a post with a particular ID. By default will only show if you have permission to the see the board in question - this can be overriden.
  250. function ssi_fetchPosts($post_ids = array(), $override_permissions = false, $output_method = 'echo')
  251. {
  252. global $user_info, $modSettings;
  253. if (empty($post_ids))
  254. return;
  255. // Allow the user to request more than one - why not?
  256. $post_ids = is_array($post_ids) ? $post_ids : array($post_ids);
  257. // Restrict the posts required...
  258. $query_where = '
  259. m.id_msg IN ({array_int:message_list})' . ($override_permissions ? '' : '
  260. AND {query_wanna_see_board}') . ($modSettings['postmod_active'] ? '
  261. AND m.approved = {int:is_approved}' : '');
  262. $query_where_params = array(
  263. 'message_list' => $post_ids,
  264. 'is_approved' => 1,
  265. );
  266. // Then make the query and dump the data.
  267. return ssi_queryPosts($query_where, $query_where_params, '', 'm.id_msg DESC', $output_method, false, $override_permissions);
  268. }
  269. // This removes code duplication in other queries - don't call it direct unless you really know what you're up to.
  270. function ssi_queryPosts($query_where = '', $query_where_params = array(), $query_limit = 10, $query_order = 'm.id_msg DESC', $output_method = 'echo', $limit_body = false, $override_permissions = false)
  271. {
  272. global $context, $settings, $scripturl, $txt, $db_prefix, $user_info;
  273. global $modSettings, $smcFunc;
  274. // Find all the posts. Newer ones will have higher IDs.
  275. $request = $smcFunc['db_query']('substring', '
  276. SELECT
  277. m.poster_time, m.subject, m.id_topic, m.id_member, m.id_msg, m.id_board, b.name AS board_name,
  278. IFNULL(mem.real_name, m.poster_name) AS poster_name, ' . ($user_info['is_guest'] ? '1 AS is_read, 0 AS new_from' : '
  279. IFNULL(lt.id_msg, IFNULL(lmr.id_msg, 0)) >= m.id_msg_modified AS is_read,
  280. IFNULL(lt.id_msg, IFNULL(lmr.id_msg, -1)) + 1 AS new_from') . ', ' . ($limit_body ? 'SUBSTRING(m.body, 1, 384) AS body' : 'm.body') . ', m.smileys_enabled
  281. FROM {db_prefix}messages AS m
  282. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  283. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)' . (!$user_info['is_guest'] ? '
  284. LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = m.id_topic AND lt.id_member = {int:current_member})
  285. LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = m.id_board AND lmr.id_member = {int:current_member})' : '') . '
  286. WHERE 1=1 ' . ($override_permissions ? '' : '
  287. AND {query_wanna_see_board}') . ($modSettings['postmod_active'] ? '
  288. AND m.approved = {int:is_approved}' : '') . '
  289. ' . (empty($query_where) ? '' : 'AND ' . $query_where) . '
  290. ORDER BY ' . $query_order . '
  291. ' . ($query_limit == '' ? '' : 'LIMIT ' . $query_limit),
  292. array_merge($query_where_params, array(
  293. 'current_member' => $user_info['id'],
  294. 'is_approved' => 1,
  295. ))
  296. );
  297. $posts = array();
  298. while ($row = $smcFunc['db_fetch_assoc']($request))
  299. {
  300. $row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
  301. // Censor it!
  302. censorText($row['subject']);
  303. censorText($row['body']);
  304. $preview = strip_tags(strtr($row['body'], array('<br />' => '&#10;')));
  305. // Build the array.
  306. $posts[] = array(
  307. 'id' => $row['id_msg'],
  308. 'board' => array(
  309. 'id' => $row['id_board'],
  310. 'name' => $row['board_name'],
  311. 'href' => $scripturl . '?board=' . $row['id_board'] . '.0',
  312. 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['board_name'] . '</a>'
  313. ),
  314. 'topic' => $row['id_topic'],
  315. 'poster' => array(
  316. 'id' => $row['id_member'],
  317. 'name' => $row['poster_name'],
  318. 'href' => empty($row['id_member']) ? '' : $scripturl . '?action=profile;u=' . $row['id_member'],
  319. 'link' => empty($row['id_member']) ? $row['poster_name'] : '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['poster_name'] . '</a>'
  320. ),
  321. 'subject' => $row['subject'],
  322. 'short_subject' => shorten_subject($row['subject'], 25),
  323. 'preview' => $smcFunc['strlen']($preview) > 128 ? $smcFunc['substr']($preview, 0, 128) . '...' : $preview,
  324. 'body' => $row['body'],
  325. 'time' => timeformat($row['poster_time']),
  326. 'timestamp' => forum_time(true, $row['poster_time']),
  327. 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . ';topicseen#new',
  328. 'link' => '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'] . '" rel="nofollow">' . $row['subject'] . '</a>',
  329. 'new' => !empty($row['is_read']),
  330. 'is_new' => empty($row['is_read']),
  331. 'new_from' => $row['new_from'],
  332. );
  333. }
  334. $smcFunc['db_free_result']($request);
  335. // Just return it.
  336. if ($output_method != 'echo' || empty($posts))
  337. return $posts;
  338. echo '
  339. <table border="0" class="ssi_table">';
  340. foreach ($posts as $post)
  341. echo '
  342. <tr>
  343. <td align="right" valign="top" nowrap="nowrap">
  344. [', $post['board']['link'], ']
  345. </td>
  346. <td valign="top">
  347. <a href="', $post['href'], '">', $post['subject'], '</a>
  348. ', $txt['by'], ' ', $post['poster']['link'], '
  349. ', $post['is_new'] ? '<a href="' . $scripturl . '?topic=' . $post['topic'] . '.msg' . $post['new_from'] . ';topicseen#new" rel="nofollow"><span class="new_posts">' . $txt['new'] . '</span></a>' : '', '
  350. </td>
  351. <td align="right" nowrap="nowrap">
  352. ', $post['time'], '
  353. </td>
  354. </tr>';
  355. echo '
  356. </table>';
  357. }
  358. // Recent topic list: [board] Subject by Poster Date
  359. function ssi_recentTopics($num_recent = 8, $exclude_boards = null, $include_boards = null, $output_method = 'echo')
  360. {
  361. global $context, $settings, $scripturl, $txt, $db_prefix, $user_info;
  362. global $modSettings, $smcFunc;
  363. if ($exclude_boards === null && !empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0)
  364. $exclude_boards = array($modSettings['recycle_board']);
  365. else
  366. $exclude_boards = empty($exclude_boards) ? array() : (is_array($exclude_boards) ? $exclude_boards : array($exclude_boards));
  367. // Only some boards?.
  368. if (is_array($include_boards) || (int) $include_boards === $include_boards)
  369. {
  370. $include_boards = is_array($include_boards) ? $include_boards : array($include_boards);
  371. }
  372. elseif ($include_boards != null)
  373. {
  374. $output_method = $include_boards;
  375. $include_boards = array();
  376. }
  377. $stable_icons = array('xx', 'thumbup', 'thumbdown', 'exclamation', 'question', 'lamp', 'smiley', 'angry', 'cheesy', 'grin', 'sad', 'wink', 'poll', 'moved', 'recycled', 'wireless');
  378. $icon_sources = array();
  379. foreach ($stable_icons as $icon)
  380. $icon_sources[$icon] = 'images_url';
  381. // Find all the posts in distinct topics. Newer ones will have higher IDs.
  382. $request = $smcFunc['db_query']('substring', '
  383. SELECT
  384. t.id_topic, b.id_board, b.name AS board_name
  385. FROM {db_prefix}topics AS t
  386. INNER JOIN {db_prefix}messages AS ml ON (ml.id_msg = t.id_last_msg)
  387. LEFT JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  388. WHERE t.id_last_msg >= {int:min_message_id}' . (empty($exclude_boards) ? '' : '
  389. AND b.id_board NOT IN ({array_int:exclude_boards})') . '' . (empty($include_boards) ? '' : '
  390. AND b.id_board IN ({array_int:include_boards})') . '
  391. AND {query_wanna_see_board}' . ($modSettings['postmod_active'] ? '
  392. AND t.approved = {int:is_approved}
  393. AND ml.approved = {int:is_approved}' : '') . '
  394. ORDER BY t.id_last_msg DESC
  395. LIMIT ' . $num_recent,
  396. array(
  397. 'include_boards' => empty($include_boards) ? '' : $include_boards,
  398. 'exclude_boards' => empty($exclude_boards) ? '' : $exclude_boards,
  399. 'min_message_id' => $modSettings['maxMsgID'] - 35 * min($num_recent, 5),
  400. 'is_approved' => 1,
  401. )
  402. );
  403. $topics = array();
  404. while ($row = $smcFunc['db_fetch_assoc']($request))
  405. $topics[$row['id_topic']] = $row;
  406. $smcFunc['db_free_result']($request);
  407. // Did we find anything? If not, bail.
  408. if (empty($topics))
  409. return array();
  410. // Find all the posts in distinct topics. Newer ones will have higher IDs.
  411. $request = $smcFunc['db_query']('substring', '
  412. SELECT
  413. mf.poster_time, mf.subject, ml.id_topic, mf.id_member, ml.id_msg, t.num_replies, t.num_views, mg.online_color,
  414. IFNULL(mem.real_name, mf.poster_name) AS poster_name, ' . ($user_info['is_guest'] ? '1 AS is_read, 0 AS new_from' : '
  415. IFNULL(lt.id_msg, IFNULL(lmr.id_msg, 0)) >= ml.id_msg_modified AS is_read,
  416. IFNULL(lt.id_msg, IFNULL(lmr.id_msg, -1)) + 1 AS new_from') . ', SUBSTRING(mf.body, 1, 384) AS body, mf.smileys_enabled, mf.icon
  417. FROM {db_prefix}topics AS t
  418. INNER JOIN {db_prefix}messages AS ml ON (ml.id_msg = t.id_last_msg)
  419. INNER JOIN {db_prefix}messages AS mf ON (mf.id_msg = t.id_last_msg)
  420. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = mf.id_member)' . (!$user_info['is_guest'] ? '
  421. LEFT JOIN {db_prefix}log_topics AS lt ON (lt.id_topic = t.id_topic AND lt.id_member = {int:current_member})
  422. LEFT JOIN {db_prefix}log_mark_read AS lmr ON (lmr.id_board = t.id_board AND lmr.id_member = {int:current_member})' : '') . '
  423. LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = mem.id_group)
  424. WHERE t.id_topic IN ({array_int:topic_list})',
  425. array(
  426. 'current_member' => $user_info['id'],
  427. 'topic_list' => array_keys($topics),
  428. )
  429. );
  430. $posts = array();
  431. while ($row = $smcFunc['db_fetch_assoc']($request))
  432. {
  433. $row['body'] = strip_tags(strtr(parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']), array('<br />' => '&#10;')));
  434. if ($smcFunc['strlen']($row['body']) > 128)
  435. $row['body'] = $smcFunc['substr']($row['body'], 0, 128) . '...';
  436. // Censor the subject.
  437. censorText($row['subject']);
  438. censorText($row['body']);
  439. if (!empty($modSettings['messageIconChecks_enable']) && !isset($icon_sources[$row['icon']]))
  440. $icon_sources[$row['icon']] = file_exists($settings['theme_dir'] . '/images/post/' . $row['icon'] . '.png') ? 'images_url' : 'default_images_url';
  441. // Build the array.
  442. $posts[] = array(
  443. 'board' => array(
  444. 'id' => $topics[$row['id_topic']]['id_board'],
  445. 'name' => $topics[$row['id_topic']]['board_name'],
  446. 'href' => $scripturl . '?board=' . $topics[$row['id_topic']]['id_board'] . '.0',
  447. 'link' => '<a href="' . $scripturl . '?board=' . $topics[$row['id_topic']]['id_board'] . '.0">' . $topics[$row['id_topic']]['board_name'] . '</a>',
  448. ),
  449. 'topic' => $row['id_topic'],
  450. 'poster' => array(
  451. 'id' => $row['id_member'],
  452. 'name' => $row['poster_name'],
  453. 'href' => empty($row['id_member']) ? '' : $scripturl . '?action=profile;u=' . $row['id_member'],
  454. 'link' => empty($row['id_member']) ? $row['poster_name'] : '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['poster_name'] . '</a>'
  455. ),
  456. 'subject' => $row['subject'],
  457. 'replies' => $row['num_replies'],
  458. 'views' => $row['num_views'],
  459. 'short_subject' => shorten_subject($row['subject'], 25),
  460. 'preview' => $row['body'],
  461. 'time' => timeformat($row['poster_time']),
  462. 'timestamp' => forum_time(true, $row['poster_time']),
  463. 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . ';topicseen#new',
  464. 'link' => '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#new" rel="nofollow">' . $row['subject'] . '</a>',
  465. // Retained for compatibility - is technically incorrect!
  466. 'new' => !empty($row['is_read']),
  467. 'is_new' => empty($row['is_read']),
  468. 'new_from' => $row['new_from'],
  469. 'icon' => '<img src="' . $settings[$icon_sources[$row['icon']]] . '/post/' . $row['icon'] . '.png" align="middle" alt="' . $row['icon'] . '" />',
  470. );
  471. }
  472. $smcFunc['db_free_result']($request);
  473. // Just return it.
  474. if ($output_method != 'echo' || empty($posts))
  475. return $posts;
  476. echo '
  477. <table border="0" class="ssi_table">';
  478. foreach ($posts as $post)
  479. echo '
  480. <tr>
  481. <td align="right" valign="top" nowrap="nowrap">
  482. [', $post['board']['link'], ']
  483. </td>
  484. <td valign="top">
  485. <a href="', $post['href'], '">', $post['subject'], '</a>
  486. ', $txt['by'], ' ', $post['poster']['link'], '
  487. ', !$post['is_new'] ? '' : '<a href="' . $scripturl . '?topic=' . $post['topic'] . '.msg' . $post['new_from'] . ';topicseen#new" rel="nofollow"><span class="new_posts">' . $txt['new'] . '</span></a>', '
  488. </td>
  489. <td align="right" nowrap="nowrap">
  490. ', $post['time'], '
  491. </td>
  492. </tr>';
  493. echo '
  494. </table>';
  495. }
  496. // Show the top poster's name and profile link.
  497. function ssi_topPoster($topNumber = 1, $output_method = 'echo')
  498. {
  499. global $db_prefix, $scripturl, $smcFunc;
  500. // Find the latest poster.
  501. $request = $smcFunc['db_query']('', '
  502. SELECT id_member, real_name, posts
  503. FROM {db_prefix}members
  504. ORDER BY posts DESC
  505. LIMIT ' . $topNumber,
  506. array(
  507. )
  508. );
  509. $return = array();
  510. while ($row = $smcFunc['db_fetch_assoc']($request))
  511. $return[] = array(
  512. 'id' => $row['id_member'],
  513. 'name' => $row['real_name'],
  514. 'href' => $scripturl . '?action=profile;u=' . $row['id_member'],
  515. 'link' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>',
  516. 'posts' => $row['posts']
  517. );
  518. $smcFunc['db_free_result']($request);
  519. // Just return all the top posters.
  520. if ($output_method != 'echo')
  521. return $return;
  522. // Make a quick array to list the links in.
  523. $temp_array = array();
  524. foreach ($return as $member)
  525. $temp_array[] = $member['link'];
  526. echo implode(', ', $temp_array);
  527. }
  528. // Show boards by activity.
  529. function ssi_topBoards($num_top = 10, $output_method = 'echo')
  530. {
  531. global $context, $settings, $db_prefix, $txt, $scripturl, $user_info, $modSettings, $smcFunc;
  532. // Find boards with lots of posts.
  533. $request = $smcFunc['db_query']('', '
  534. SELECT
  535. b.name, b.num_topics, b.num_posts, b.id_board,' . (!$user_info['is_guest'] ? ' 1 AS is_read' : '
  536. (IFNULL(lb.id_msg, 0) >= b.id_last_msg) AS is_read') . '
  537. FROM {db_prefix}boards AS b
  538. LEFT JOIN {db_prefix}log_boards AS lb ON (lb.id_board = b.id_board AND lb.id_member = {int:current_member})
  539. WHERE {query_wanna_see_board}' . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  540. AND b.id_board != {int:recycle_board}' : '') . '
  541. ORDER BY b.num_posts DESC
  542. LIMIT ' . $num_top,
  543. array(
  544. 'current_member' => $user_info['id'],
  545. 'recycle_board' => (int) $modSettings['recycle_board'],
  546. )
  547. );
  548. $boards = array();
  549. while ($row = $smcFunc['db_fetch_assoc']($request))
  550. $boards[] = array(
  551. 'id' => $row['id_board'],
  552. 'num_posts' => $row['num_posts'],
  553. 'num_topics' => $row['num_topics'],
  554. 'name' => $row['name'],
  555. 'new' => empty($row['is_read']),
  556. 'href' => $scripturl . '?board=' . $row['id_board'] . '.0',
  557. 'link' => '<a href="' . $scripturl . '?board=' . $row['id_board'] . '.0">' . $row['name'] . '</a>'
  558. );
  559. $smcFunc['db_free_result']($request);
  560. // If we shouldn't output or have nothing to output, just jump out.
  561. if ($output_method != 'echo' || empty($boards))
  562. return $boards;
  563. echo '
  564. <table class="ssi_table">
  565. <tr>
  566. <th align="left">', $txt['board'], '</th>
  567. <th align="left">', $txt['board_topics'], '</th>
  568. <th align="left">', $txt['posts'], '</th>
  569. </tr>';
  570. foreach ($boards as $board)
  571. echo '
  572. <tr>
  573. <td>', $board['link'], $board['new'] ? ' <a href="' . $board['href'] . '"><span class="new_posts">' . $txt['new'] . '</span></a>' : '', '</td>
  574. <td align="right">', comma_format($board['num_topics']), '</td>
  575. <td align="right">', comma_format($board['num_posts']), '</td>
  576. </tr>';
  577. echo '
  578. </table>';
  579. }
  580. // Shows the top topics.
  581. function ssi_topTopics($type = 'replies', $num_topics = 10, $output_method = 'echo')
  582. {
  583. global $db_prefix, $txt, $scripturl, $user_info, $modSettings, $smcFunc, $context;
  584. if ($modSettings['totalMessages'] > 100000)
  585. {
  586. // @todo Why don't we use {query(_wanna)_see_board}?
  587. $request = $smcFunc['db_query']('', '
  588. SELECT id_topic
  589. FROM {db_prefix}topics
  590. WHERE num_' . ($type != 'replies' ? 'views' : 'replies') . ' != 0' . ($modSettings['postmod_active'] ? '
  591. AND approved = {int:is_approved}' : '') . '
  592. ORDER BY num_' . ($type != 'replies' ? 'views' : 'replies') . ' DESC
  593. LIMIT {int:limit}',
  594. array(
  595. 'is_approved' => 1,
  596. 'limit' => $num_topics > 100 ? ($num_topics + ($num_topics / 2)) : 100,
  597. )
  598. );
  599. $topic_ids = array();
  600. while ($row = $smcFunc['db_fetch_assoc']($request))
  601. $topic_ids[] = $row['id_topic'];
  602. $smcFunc['db_free_result']($request);
  603. }
  604. else
  605. $topic_ids = array();
  606. $request = $smcFunc['db_query']('', '
  607. SELECT m.subject, m.id_topic, t.num_views, t.num_replies
  608. FROM {db_prefix}topics AS t
  609. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
  610. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  611. WHERE {query_wanna_see_board}' . ($modSettings['postmod_active'] ? '
  612. AND t.approved = {int:is_approved}' : '') . (!empty($topic_ids) ? '
  613. AND t.id_topic IN ({array_int:topic_list})' : '') . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  614. AND b.id_board != {int:recycle_enable}' : '') . '
  615. ORDER BY t.num_' . ($type != 'replies' ? 'views' : 'replies') . ' DESC
  616. LIMIT {int:limit}',
  617. array(
  618. 'topic_list' => $topic_ids,
  619. 'is_approved' => 1,
  620. 'recycle_enable' => $modSettings['recycle_board'],
  621. 'limit' => $num_topics,
  622. )
  623. );
  624. $topics = array();
  625. while ($row = $smcFunc['db_fetch_assoc']($request))
  626. {
  627. censorText($row['subject']);
  628. $topics[] = array(
  629. 'id' => $row['id_topic'],
  630. 'subject' => $row['subject'],
  631. 'num_replies' => $row['num_replies'],
  632. 'num_views' => $row['num_views'],
  633. 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.0',
  634. 'link' => '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.0">' . $row['subject'] . '</a>',
  635. );
  636. }
  637. $smcFunc['db_free_result']($request);
  638. if ($output_method != 'echo' || empty($topics))
  639. return $topics;
  640. echo '
  641. <table class="ssi_table">
  642. <tr>
  643. <th align="left"></th>
  644. <th align="left">', $txt['views'], '</th>
  645. <th align="left">', $txt['replies'], '</th>
  646. </tr>';
  647. foreach ($topics as $topic)
  648. echo '
  649. <tr>
  650. <td align="left">
  651. ', $topic['link'], '
  652. </td>
  653. <td align="right">', comma_format($topic['num_views']), '</td>
  654. <td align="right">', comma_format($topic['num_replies']), '</td>
  655. </tr>';
  656. echo '
  657. </table>';
  658. }
  659. // Shows the top topics, by replies.
  660. function ssi_topTopicsReplies($num_topics = 10, $output_method = 'echo')
  661. {
  662. return ssi_topTopics('replies', $num_topics, $output_method);
  663. }
  664. // Shows the top topics, by views.
  665. function ssi_topTopicsViews($num_topics = 10, $output_method = 'echo')
  666. {
  667. return ssi_topTopics('views', $num_topics, $output_method);
  668. }
  669. // Show a link to the latest member: Please welcome, Someone, out latest member.
  670. function ssi_latestMember($output_method = 'echo')
  671. {
  672. global $db_prefix, $txt, $scripturl, $context;
  673. if ($output_method == 'echo')
  674. echo '
  675. ', sprintf($txt['welcome_newest_member'], $context['common_stats']['latest_member']['link']), '<br />';
  676. else
  677. return $context['common_stats']['latest_member'];
  678. }
  679. // Fetch a random member - if type set to 'day' will only change once a day!
  680. function ssi_randomMember($random_type = '', $output_method = 'echo')
  681. {
  682. global $modSettings;
  683. // If we're looking for something to stay the same each day then seed the generator.
  684. if ($random_type == 'day')
  685. {
  686. // Set the seed to change only once per day.
  687. mt_srand(floor(time() / 86400));
  688. }
  689. // Get the lowest ID we're interested in.
  690. $member_id = mt_rand(1, $modSettings['latestMember']);
  691. $where_query = '
  692. id_member >= {int:selected_member}
  693. AND is_activated = {int:is_activated}';
  694. $query_where_params = array(
  695. 'selected_member' => $member_id,
  696. 'is_activated' => 1,
  697. );
  698. $result = ssi_queryMembers($where_query, $query_where_params, 1, 'id_member ASC', $output_method);
  699. // If we got nothing do the reverse - in case of unactivated members.
  700. if (empty($result))
  701. {
  702. $where_query = '
  703. id_member <= {int:selected_member}
  704. AND is_activated = {int:is_activated}';
  705. $query_where_params = array(
  706. 'selected_member' => $member_id,
  707. 'is_activated' => 1,
  708. );
  709. $result = ssi_queryMembers($where_query, $query_where_params, 1, 'id_member DESC', $output_method);
  710. }
  711. // Just to be sure put the random generator back to something... random.
  712. if ($random_type != '')
  713. mt_srand(time());
  714. return $result;
  715. }
  716. // Fetch a specific member.
  717. function ssi_fetchMember($member_ids = array(), $output_method = 'echo')
  718. {
  719. if (empty($member_ids))
  720. return;
  721. // Can have more than one member if you really want...
  722. $member_ids = is_array($member_ids) ? $member_ids : array($member_ids);
  723. // Restrict it right!
  724. $query_where = '
  725. id_member IN ({array_int:member_list})';
  726. $query_where_params = array(
  727. 'member_list' => $member_ids,
  728. );
  729. // Then make the query and dump the data.
  730. return ssi_queryMembers($query_where, $query_where_params, '', 'id_member', $output_method);
  731. }
  732. // Get all members of a group.
  733. function ssi_fetchGroupMembers($group_id = null, $output_method = 'echo')
  734. {
  735. if ($group_id === null)
  736. return;
  737. $query_where = '
  738. id_group = {int:id_group}
  739. OR id_post_group = {int:id_group}
  740. OR FIND_IN_SET({int:id_group}, additional_groups) != 0';
  741. $query_where_params = array(
  742. 'id_group' => $group_id,
  743. );
  744. return ssi_queryMembers($query_where, $query_where_params, '', 'real_name', $output_method);
  745. }
  746. // Fetch some member data!
  747. function ssi_queryMembers($query_where = null, $query_where_params = array(), $query_limit = '', $query_order = 'id_member DESC', $output_method = 'echo')
  748. {
  749. global $context, $settings, $scripturl, $txt, $db_prefix, $user_info;
  750. global $modSettings, $smcFunc, $memberContext;
  751. if ($query_where === null)
  752. return;
  753. // Fetch the members in question.
  754. $request = $smcFunc['db_query']('', '
  755. SELECT id_member
  756. FROM {db_prefix}members
  757. WHERE ' . $query_where . '
  758. ORDER BY ' . $query_order . '
  759. ' . ($query_limit == '' ? '' : 'LIMIT ' . $query_limit),
  760. array_merge($query_where_params, array(
  761. ))
  762. );
  763. $members = array();
  764. while ($row = $smcFunc['db_fetch_assoc']($request))
  765. $members[] = $row['id_member'];
  766. $smcFunc['db_free_result']($request);
  767. if (empty($members))
  768. return array();
  769. // Load the members.
  770. loadMemberData($members);
  771. // Draw the table!
  772. if ($output_method == 'echo')
  773. echo '
  774. <table border="0" class="ssi_table">';
  775. $query_members = array();
  776. foreach ($members as $member)
  777. {
  778. // Load their context data.
  779. if (!loadMemberContext($member))
  780. continue;
  781. // Store this member's information.
  782. $query_members[$member] = $memberContext[$member];
  783. // Only do something if we're echo'ing.
  784. if ($output_method == 'echo')
  785. echo '
  786. <tr>
  787. <td align="right" valign="top" nowrap="nowrap">
  788. ', $query_members[$member]['link'], '
  789. <br />', $query_members[$member]['blurb'], '
  790. <br />', $query_members[$member]['avatar']['image'], '
  791. </td>
  792. </tr>';
  793. }
  794. // End the table if appropriate.
  795. if ($output_method == 'echo')
  796. echo '
  797. </table>';
  798. // Send back the data.
  799. return $query_members;
  800. }
  801. // Show some basic stats: Total This: XXXX, etc.
  802. function ssi_boardStats($output_method = 'echo')
  803. {
  804. global $db_prefix, $txt, $scripturl, $modSettings, $smcFunc;
  805. if (!allowedTo('view_stats'))
  806. return;
  807. $totals = array(
  808. 'members' => $modSettings['totalMembers'],
  809. 'posts' => $modSettings['totalMessages'],
  810. 'topics' => $modSettings['totalTopics']
  811. );
  812. $result = $smcFunc['db_query']('', '
  813. SELECT COUNT(*)
  814. FROM {db_prefix}boards',
  815. array(
  816. )
  817. );
  818. list ($totals['boards']) = $smcFunc['db_fetch_row']($result);
  819. $smcFunc['db_free_result']($result);
  820. $result = $smcFunc['db_query']('', '
  821. SELECT COUNT(*)
  822. FROM {db_prefix}categories',
  823. array(
  824. )
  825. );
  826. list ($totals['categories']) = $smcFunc['db_fetch_row']($result);
  827. $smcFunc['db_free_result']($result);
  828. if ($output_method != 'echo')
  829. return $totals;
  830. echo '
  831. ', $txt['total_members'], ': <a href="', $scripturl . '?action=mlist">', comma_format($totals['members']), '</a><br />
  832. ', $txt['total_posts'], ': ', comma_format($totals['posts']), '<br />
  833. ', $txt['total_topics'], ': ', comma_format($totals['topics']), ' <br />
  834. ', $txt['total_cats'], ': ', comma_format($totals['categories']), '<br />
  835. ', $txt['total_boards'], ': ', comma_format($totals['boards']);
  836. }
  837. // Shows a list of online users: YY Guests, ZZ Users and then a list...
  838. function ssi_whosOnline($output_method = 'echo')
  839. {
  840. global $user_info, $txt, $sourcedir, $settings, $modSettings;
  841. require_once($sourcedir . '/Subs-MembersOnline.php');
  842. $membersOnlineOptions = array(
  843. 'show_hidden' => allowedTo('moderate_forum'),
  844. );
  845. $return = getMembersOnlineStats($membersOnlineOptions);
  846. // Add some redundancy for backwards compatibility reasons.
  847. if ($output_method != 'echo')
  848. return $return + array(
  849. 'users' => $return['users_online'],
  850. 'guests' => $return['num_guests'],
  851. 'hidden' => $return['num_users_hidden'],
  852. 'buddies' => $return['num_buddies'],
  853. 'num_users' => $return['num_users_online'],
  854. 'total_users' => $return['num_users_online'] + $return['num_guests'] + $return['num_spiders'],
  855. );
  856. echo '
  857. ', comma_format($return['num_guests']), ' ', $return['num_guests'] == 1 ? $txt['guest'] : $txt['guests'], ', ', comma_format($return['num_users_online']), ' ', $return['num_users_online'] == 1 ? $txt['user'] : $txt['users'];
  858. $bracketList = array();
  859. if (!empty($user_info['buddies']))
  860. $bracketList[] = comma_format($return['num_buddies']) . ' ' . ($return['num_buddies'] == 1 ? $txt['buddy'] : $txt['buddies']);
  861. if (!empty($return['num_spiders']))
  862. $bracketList[] = comma_format($return['num_spiders']) . ' ' . ($return['num_spiders'] == 1 ? $txt['spider'] : $txt['spiders']);
  863. if (!empty($return['num_users_hidden']))
  864. $bracketList[] = comma_format($return['num_users_hidden']) . ' ' . $txt['hidden'];
  865. if (!empty($bracketList))
  866. echo ' (' . implode(', ', $bracketList) . ')';
  867. echo '<br />
  868. ', implode(', ', $return['list_users_online']);
  869. // Showing membergroups?
  870. if (!empty($settings['show_group_key']) && !empty($return['membergroups']))
  871. echo '<br />
  872. [' . implode(']&nbsp;&nbsp;[', $return['membergroups']) . ']';
  873. }
  874. // Just like whosOnline except it also logs the online presence.
  875. function ssi_logOnline($output_method = 'echo')
  876. {
  877. writeLog();
  878. if ($output_method != 'echo')
  879. return ssi_whosOnline($output_method);
  880. else
  881. ssi_whosOnline($output_method);
  882. }
  883. // Shows a login box.
  884. function ssi_login($redirect_to = '', $output_method = 'echo')
  885. {
  886. global $scripturl, $txt, $user_info, $context, $modSettings;
  887. if ($redirect_to != '')
  888. $_SESSION['login_url'] = $redirect_to;
  889. if ($output_method != 'echo' || !$user_info['is_guest'])
  890. return $user_info['is_guest'];
  891. echo '
  892. <form action="', $scripturl, '?action=login2" method="post" accept-charset="', $context['character_set'], '">
  893. <table border="0" cellspacing="1" cellpadding="0" class="ssi_table">
  894. <tr>
  895. <td align="right"><label for="user">', $txt['username'], ':</label>&nbsp;</td>
  896. <td><input type="text" id="user" name="user" size="9" value="', $user_info['username'], '" class="input_text" /></td>
  897. </tr><tr>
  898. <td align="right"><label for="passwrd">', $txt['password'], ':</label>&nbsp;</td>
  899. <td><input type="password" name="passwrd" id="passwrd" size="9" class="input_password" /></td>
  900. </tr>';
  901. // Open ID?
  902. if (!empty($modSettings['enableOpenID']))
  903. echo '<tr>
  904. <td colspan="2" align="center"><strong>&mdash;', $txt['or'], '&mdash;</strong></td>
  905. </tr><tr>
  906. <td align="right"><label for="openid_url">', $txt['openid'], ':</label>&nbsp;</td>
  907. <td><input type="text" name="openid_identifier" id="openid_url" class="input_text openid_login" size="17" /></td>
  908. </tr>';
  909. echo '<tr>
  910. <td><input type="hidden" name="cookielength" value="-1" /></td>
  911. <td><input type="submit" value="', $txt['login'], '" class="button_submit" /></td>
  912. </tr>
  913. </table>
  914. </form>';
  915. }
  916. // Show the most-voted-in poll.
  917. function ssi_topPoll($output_method = 'echo')
  918. {
  919. // Just use recentPoll, no need to duplicate code...
  920. return ssi_recentPoll(true, $output_method);
  921. }
  922. // Show the most recently posted poll.
  923. function ssi_recentPoll($topPollInstead = false, $output_method = 'echo')
  924. {
  925. global $db_prefix, $txt, $settings, $boardurl, $user_info, $context, $smcFunc, $modSettings;
  926. $boardsAllowed = array_intersect(boardsAllowedTo('poll_view'), boardsAllowedTo('poll_vote'));
  927. if (empty($boardsAllowed))
  928. return array();
  929. $request = $smcFunc['db_query']('', '
  930. SELECT p.id_poll, p.question, t.id_topic, p.max_votes, p.guest_vote, p.hide_results, p.expire_time
  931. FROM {db_prefix}polls AS p
  932. INNER JOIN {db_prefix}topics AS t ON (t.id_poll = p.id_poll' . ($modSettings['postmod_active'] ? ' AND t.approved = {int:is_approved}' : '') . ')
  933. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)' . ($topPollInstead ? '
  934. INNER JOIN {db_prefix}poll_choices AS pc ON (pc.id_poll = p.id_poll)' : '') . '
  935. LEFT JOIN {db_prefix}log_polls AS lp ON (lp.id_poll = p.id_poll AND lp.id_member > {int:no_member} AND lp.id_member = {int:current_member})
  936. WHERE p.voting_locked = {int:voting_opened}
  937. AND (p.expire_time = {int:no_expiration} OR {int:current_time} < p.expire_time)
  938. AND ' . ($user_info['is_guest'] ? 'p.guest_vote = {int:guest_vote_allowed}' : 'lp.id_choice IS NULL') . '
  939. AND {query_wanna_see_board}' . (!in_array(0, $boardsAllowed) ? '
  940. AND b.id_board IN ({array_int:boards_allowed_list})' : '') . (!empty($modSettings['recycle_enable']) && $modSettings['recycle_board'] > 0 ? '
  941. AND b.id_board != {int:recycle_enable}' : '') . '
  942. ORDER BY ' . ($topPollInstead ? 'pc.votes' : 'p.id_poll') . ' DESC
  943. LIMIT 1',
  944. array(
  945. 'current_member' => $user_info['id'],
  946. 'boards_allowed_list' => $boardsAllowed,
  947. 'is_approved' => 1,
  948. 'guest_vote_allowed' => 1,
  949. 'no_member' => 0,
  950. 'voting_opened' => 0,
  951. 'no_expiration' => 0,
  952. 'current_time' => time(),
  953. 'recycle_enable' => $modSettings['recycle_board'],
  954. )
  955. );
  956. $row = $smcFunc['db_fetch_assoc']($request);
  957. $smcFunc['db_free_result']($request);
  958. // This user has voted on all the polls.
  959. if ($row === false)
  960. return array();
  961. // If this is a guest who's voted we'll through ourselves to show poll to show the results.
  962. if ($user_info['is_guest'] && (!$row['guest_vote'] || (isset($_COOKIE['guest_poll_vote']) && in_array($row['id_poll'], explode(',', $_COOKIE['guest_poll_vote'])))))
  963. return ssi_showPoll($row['id_topic'], $output_method);
  964. $request = $smcFunc['db_query']('', '
  965. SELECT COUNT(DISTINCT id_member)
  966. FROM {db_prefix}log_polls
  967. WHERE id_poll = {int:current_poll}',
  968. array(
  969. 'current_poll' => $row['id_poll'],
  970. )
  971. );
  972. list ($total) = $smcFunc['db_fetch_row']($request);
  973. $smcFunc['db_free_result']($request);
  974. $request = $smcFunc['db_query']('', '
  975. SELECT id_choice, label, votes
  976. FROM {db_prefix}poll_choices
  977. WHERE id_poll = {int:current_poll}',
  978. array(
  979. 'current_poll' => $row['id_poll'],
  980. )
  981. );
  982. $options = array();
  983. while ($rowChoice = $smcFunc['db_fetch_assoc']($request))
  984. {
  985. censorText($rowChoice['label']);
  986. $options[$rowChoice['id_choice']] = array($rowChoice['label'], $rowChoice['votes']);
  987. }
  988. $smcFunc['db_free_result']($request);
  989. // Can they view it?
  990. $is_expired = !empty($row['expire_time']) && $row['expire_time'] < time();
  991. $allow_view_results = allowedTo('moderate_board') || $row['hide_results'] == 0 || $is_expired;
  992. $return = array(
  993. 'id' => $row['id_poll'],
  994. 'image' => 'poll',
  995. 'question' => $row['question'],
  996. 'total_votes' => $total,
  997. 'is_locked' => false,
  998. 'topic' => $row['id_topic'],
  999. 'allow_view_results' => $allow_view_results,
  1000. 'options' => array()
  1001. );
  1002. // Calculate the percentages and bar lengths...
  1003. $divisor = $return['total_votes'] == 0 ? 1 : $return['total_votes'];
  1004. foreach ($options as $i => $option)
  1005. {
  1006. $bar = floor(($option[1] * 100) / $divisor);
  1007. $barWide = $bar == 0 ? 1 : floor(($bar * 5) / 3);
  1008. $return['options'][$i] = array(
  1009. 'id' => 'options-' . ($topPollInstead ? 'top-' : 'recent-') . $i,
  1010. 'percent' => $bar,
  1011. 'votes' => $option[1],
  1012. 'bar' => '<span style="white-space: nowrap;"><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'right' : 'left') . '.png" alt="" /><img src="' . $settings['images_url'] . '/poll_middle.png" width="' . $barWide . '" height="12" alt="-" /><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'left' : 'right') . '.png" alt="" /></span>',
  1013. 'option' => parse_bbc($option[0]),
  1014. 'vote_button' => '<input type="' . ($row['max_votes'] > 1 ? 'checkbox' : 'radio') . '" name="options[]" id="options-' . ($topPollInstead ? 'top-' : 'recent-') . $i . '" value="' . $i . '" class="input_' . ($row['max_votes'] > 1 ? 'check' : 'radio') . '" />'
  1015. );
  1016. }
  1017. $return['allowed_warning'] = $row['max_votes'] > 1 ? sprintf($txt['poll_options6'], min(count($options), $row['max_votes'])) : '';
  1018. if ($output_method != 'echo')
  1019. return $return;
  1020. if ($allow_view_results)
  1021. {
  1022. echo '
  1023. <form class="ssi_poll" action="', $boardurl, '/SSI.php?ssi_function=pollVote" method="post" accept-charset="', $context['character_set'], '">
  1024. <strong>', $return['question'], '</strong><br />
  1025. ', !empty($return['allowed_warning']) ? $return['allowed_warning'] . '<br />' : '';
  1026. foreach ($return['options'] as $option)
  1027. echo '
  1028. <label for="', $option['id'], '">', $option['vote_button'], ' ', $option['option'], '</label><br />';
  1029. echo '
  1030. <input type="submit" value="', $txt['poll_vote'], '" class="button_submit" />
  1031. <input type="hidden" name="poll" value="', $return['id'], '" />
  1032. <input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '" />
  1033. </form>';
  1034. }
  1035. else
  1036. echo $txt['poll_cannot_see'];
  1037. }
  1038. function ssi_showPoll($topic = null, $output_method = 'echo')
  1039. {
  1040. global $db_prefix, $txt, $settings, $boardurl, $user_info, $context, $smcFunc, $modSettings;
  1041. $boardsAllowed = boardsAllowedTo('poll_view');
  1042. if (empty($boardsAllowed))
  1043. return array();
  1044. if ($topic === null && isset($_REQUEST['ssi_topic']))
  1045. $topic = (int) $_REQUEST['ssi_topic'];
  1046. else
  1047. $topic = (int) $topic;
  1048. $request = $smcFunc['db_query']('', '
  1049. SELECT
  1050. p.id_poll, p.question, p.voting_locked, p.hide_results, p.expire_time, p.max_votes, p.guest_vote, b.id_board
  1051. FROM {db_prefix}topics AS t
  1052. INNER JOIN {db_prefix}polls AS p ON (p.id_poll = t.id_poll)
  1053. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  1054. WHERE t.id_topic = {int:current_topic}
  1055. AND {query_see_board}' . (!in_array(0, $boardsAllowed) ? '
  1056. AND b.id_board IN ({array_int:boards_allowed_see})' : '') . ($modSettings['postmod_active'] ? '
  1057. AND t.approved = {int:is_approved}' : '') . '
  1058. LIMIT 1',
  1059. array(
  1060. 'current_topic' => $topic,
  1061. 'boards_allowed_see' => $boardsAllowed,
  1062. 'is_approved' => 1,
  1063. )
  1064. );
  1065. // Either this topic has no poll, or the user cannot view it.
  1066. if ($smcFunc['db_num_rows']($request) == 0)
  1067. return array();
  1068. $row = $smcFunc['db_fetch_assoc']($request);
  1069. $smcFunc['db_free_result']($request);
  1070. // Check if they can vote.
  1071. if (!empty($row['expire_time']) && $row['expire_time'] < time())
  1072. $allow_vote = false;
  1073. elseif ($user_info['is_guest'] && $row['guest_vote'] && (!isset($_COOKIE['guest_poll_vote']) || !in_array($row['id_poll'], explode(',', $_COOKIE['guest_poll_vote']))))
  1074. $allow_vote = true;
  1075. elseif ($user_info['is_guest'])
  1076. $allow_vote = false;
  1077. elseif (!empty($row['voting_locked']) || !allowedTo('poll_vote', $row['id_board']))
  1078. $allow_vote = false;
  1079. else
  1080. {
  1081. $request = $smcFunc['db_query']('', '
  1082. SELECT id_member
  1083. FROM {db_prefix}log_polls
  1084. WHERE id_poll = {int:current_poll}
  1085. AND id_member = {int:current_member}
  1086. LIMIT 1',
  1087. array(
  1088. 'current_member' => $user_info['id'],
  1089. 'current_poll' => $row['id_poll'],
  1090. )
  1091. );
  1092. $allow_vote = $smcFunc['db_num_rows']($request) == 0;
  1093. $smcFunc['db_free_result']($request);
  1094. }
  1095. // Can they view?
  1096. $is_expired = !empty($row['expire_time']) && $row['expire_time'] < time();
  1097. $allow_view_results = allowedTo('moderate_board') || $row['hide_results'] == 0 || ($row['hide_results'] == 1 && !$allow_vote) || $is_expired;
  1098. $request = $smcFunc['db_query']('', '
  1099. SELECT COUNT(DISTINCT id_member)
  1100. FROM {db_prefix}log_polls
  1101. WHERE id_poll = {int:current_poll}',
  1102. array(
  1103. 'current_poll' => $row['id_poll'],
  1104. )
  1105. );
  1106. list ($total) = $smcFunc['db_fetch_row']($request);
  1107. $smcFunc['db_free_result']($request);
  1108. $request = $smcFunc['db_query']('', '
  1109. SELECT id_choice, label, votes
  1110. FROM {db_prefix}poll_choices
  1111. WHERE id_poll = {int:current_poll}',
  1112. array(
  1113. 'current_poll' => $row['id_poll'],
  1114. )
  1115. );
  1116. $options = array();
  1117. $total_votes = 0;
  1118. while ($rowChoice = $smcFunc['db_fetch_assoc']($request))
  1119. {
  1120. censorText($rowChoice['label']);
  1121. $options[$rowChoice['id_choice']] = array($rowChoice['label'], $rowChoice['votes']);
  1122. $total_votes += $rowChoice['votes'];
  1123. }
  1124. $smcFunc['db_free_result']($request);
  1125. $return = array(
  1126. 'id' => $row['id_poll'],
  1127. 'image' => empty($row['voting_locked']) ? 'poll' : 'locked_poll',
  1128. 'question' => $row['question'],
  1129. 'total_votes' => $total,
  1130. 'is_locked' => !empty($row['voting_locked']),
  1131. 'allow_vote' => $allow_vote,
  1132. 'allow_view_results' => $allow_view_results,
  1133. 'topic' => $topic
  1134. );
  1135. // Calculate the percentages and bar lengths...
  1136. $divisor = $total_votes == 0 ? 1 : $total_votes;
  1137. foreach ($options as $i => $option)
  1138. {
  1139. $bar = floor(($option[1] * 100) / $divisor);
  1140. $barWide = $bar == 0 ? 1 : floor(($bar * 5) / 3);
  1141. $return['options'][$i] = array(
  1142. 'id' => 'options-' . $i,
  1143. 'percent' => $bar,
  1144. 'votes' => $option[1],
  1145. 'bar' => '<span style="white-space: nowrap;"><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'right' : 'left') . '.png" alt="" /><img src="' . $settings['images_url'] . '/poll_middle.png" width="' . $barWide . '" height="12" alt="-" /><img src="' . $settings['images_url'] . '/poll_' . ($context['right_to_left'] ? 'left' : 'right') . '.png" alt="" /></span>',
  1146. 'option' => parse_bbc($option[0]),
  1147. 'vote_button' => '<input type="' . ($row['max_votes'] > 1 ? 'checkbox' : 'radio') . '" name="options[]" id="options-' . $i . '" value="' . $i . '" class="input_' . ($row['max_votes'] > 1 ? 'check' : 'radio') . '" />'
  1148. );
  1149. }
  1150. $return['allowed_warning'] = $row['max_votes'] > 1 ? sprintf($txt['poll_options6'], min(count($options), $row['max_votes'])) : '';
  1151. if ($output_method != 'echo')
  1152. return $return;
  1153. if ($return['allow_vote'])
  1154. {
  1155. echo '
  1156. <form class="ssi_poll" action="', $boardurl, '/SSI.php?ssi_function=pollVote" method="post" accept-charset="', $context['character_set'], '">
  1157. <strong>', $return['question'], '</strong><br />
  1158. ', !empty($return['allowed_warning']) ? $return['allowed_warning'] . '<br />' : '';
  1159. foreach ($return['options'] as $option)
  1160. echo '
  1161. <label for="', $option['id'], '">', $option['vote_button'], ' ', $option['option'], '</label><br />';
  1162. echo '
  1163. <input type="submit" value="', $txt['poll_vote'], '" class="button_submit" />
  1164. <input type="hidden" name="poll" value="', $return['id'], '" />
  1165. <input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '" />
  1166. </form>';
  1167. }
  1168. elseif ($return['allow_view_results'])
  1169. {
  1170. echo '
  1171. <div class="ssi_poll">
  1172. <strong>', $return['question'], '</strong>
  1173. <dl>';
  1174. foreach ($return['options'] as $option)
  1175. echo '
  1176. <dt>', $option['option'], '</dt>
  1177. <dd>
  1178. <div class="ssi_poll_bar" style="border: 1px solid #666; height: 1em">
  1179. <div class="ssi_poll_bar_fill" style="background: #ccf; height: 1em; width: ', $option['percent'], '%;">
  1180. </div>
  1181. </div>
  1182. ', $option['votes'], ' (', $option['percent'], '%)
  1183. </dd>';
  1184. echo '
  1185. </dl>
  1186. <strong>', $txt['poll_total_voters'], ': ', $return['total_votes'], '</strong>
  1187. </div>';
  1188. }
  1189. // Cannot see it I'm afraid!
  1190. else
  1191. echo $txt['poll_cannot_see'];
  1192. }
  1193. // Takes care of voting - don't worry, this is done automatically.
  1194. function ssi_pollVote()
  1195. {
  1196. global $context, $db_prefix, $user_info, $sc, $smcFunc, $sourcedir, $modSettings;
  1197. if (!isset($_POST[$context['session_var']]) || $_POST[$context['session_var']] != $sc || empty($_POST['options']) || !isset($_POST['poll']))
  1198. {
  1199. echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  1200. <html>
  1201. <head>
  1202. <script type="text/javascript"><!-- // --><![CDATA[
  1203. history.go(-1);
  1204. // ]]></script>
  1205. </head>
  1206. <body>&laquo;</body>
  1207. </html>';
  1208. return;
  1209. }
  1210. // This can cause weird errors! (ie. copyright missing.)
  1211. checkSession();
  1212. $_POST['poll'] = (int) $_POST['poll'];
  1213. // Check if they have already voted, or voting is locked.
  1214. $request = $smcFunc['db_query']('', '
  1215. SELECT
  1216. p.id_poll, p.voting_locked, p.expire_time, p.max_votes, p.guest_vote,
  1217. t.id_topic,
  1218. IFNULL(lp.id_choice, -1) AS selected
  1219. FROM {db_prefix}polls AS p
  1220. INNER JOIN {db_prefix}topics AS t ON (t.id_poll = {int:current_poll})
  1221. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  1222. LEFT JOIN {db_prefix}log_polls AS lp ON (lp.id_poll = p.id_poll AND lp.id_member = {int:current_member})
  1223. WHERE p.id_poll = {int:current_poll}
  1224. AND {query_see_board}' . ($modSettings['postmod_active'] ? '
  1225. AND t.approved = {int:is_approved}' : '') . '
  1226. LIMIT 1',
  1227. array(
  1228. 'current_member' => $user_info['id'],
  1229. 'current_poll' => $_POST['poll'],
  1230. 'is_approved' => 1,
  1231. )
  1232. );
  1233. if ($smcFunc['db_num_rows']($request) == 0)
  1234. die;
  1235. $row = $smcFunc['db_fetch_assoc']($request);
  1236. $smcFunc['db_free_result']($request);
  1237. if (!empty($row['voting_locked']) || ($row['selected'] != -1 && !$user_info['is_guest']) || (!empty($row['expire_time']) && time() > $row['expire_time']))
  1238. redirectexit('topic=' . $row['id_topic'] . '.0');
  1239. // Too many options checked?
  1240. if (count($_REQUEST['options']) > $row['max_votes'])
  1241. redirectexit('topic=' . $row['id_topic'] . '.0');
  1242. // It's a guest who has already voted?
  1243. if ($user_info['is_guest'])
  1244. {
  1245. // Guest voting disabled?
  1246. if (!$row['guest_vote'])
  1247. redirectexit('topic=' . $row['id_topic'] . '.0');
  1248. // Already voted?
  1249. elseif (isset($_COOKIE['guest_poll_vote']) && in_array($row['id_poll'], explode(',', $_COOKIE['guest_poll_vote'])))
  1250. redirectexit('topic=' . $row['id_topic'] . '.0');
  1251. }
  1252. $options = array();
  1253. $inserts = array();
  1254. foreach ($_REQUEST['options'] as $id)
  1255. {
  1256. $id = (int) $id;
  1257. $options[] = $id;
  1258. $inserts[] = array($_POST['poll'], $user_info['id'], $id);
  1259. }
  1260. // Add their vote in to the tally.
  1261. $smcFunc['db_insert']('insert',
  1262. $db_prefix . 'log_polls',
  1263. array('id_poll' => 'int', 'id_member' => 'int', 'id_choice' => 'int'),
  1264. $inserts,
  1265. array('id_poll', 'id_member', 'id_choice')
  1266. );
  1267. $smcFunc['db_query']('', '
  1268. UPDATE {db_prefix}poll_choices
  1269. SET votes = votes + 1
  1270. WHERE id_poll = {int:current_poll}
  1271. AND id_choice IN ({array_int:option_list})',
  1272. array(
  1273. 'option_list' => $options,
  1274. 'current_poll' => $_POST['poll'],
  1275. )
  1276. );
  1277. // Track the vote if a guest.
  1278. if ($user_info['is_guest'])
  1279. {
  1280. $_COOKIE['guest_poll_vote'] = !empty($_COOKIE['guest_poll_vote']) ? ($_COOKIE['guest_poll_vote'] . ',' . $row['id_poll']) : $row['id_poll'];
  1281. require_once($sourcedir . '/Subs-Auth.php');
  1282. $cookie_url = url_parts(!empty($modSettings['localCookies']), !empty($modSettings['globalCookies']));
  1283. smf_setcookie('guest_poll_vote', $_COOKIE['guest_poll_vote'], time() + 2500000, $cookie_url[1], $cookie_url[0], false, false);
  1284. }
  1285. redirectexit('topic=' . $row['id_topic'] . '.0');
  1286. }
  1287. // Show a search box.
  1288. function ssi_quickSearch($output_method = 'echo')
  1289. {
  1290. global $scripturl, $txt, $context;
  1291. if (!allowedTo('search_posts'))
  1292. return;
  1293. if ($output_method != 'echo')
  1294. return $scripturl . '?action=search';
  1295. echo '
  1296. <form action="', $scripturl, '?action=search2" method="post" accept-charset="', $context['character_set'], '">
  1297. <input type="hidden" name="advanced" value="0" /><input type="text" name="ssi_search" size="30" class="input_text" /> <input type="submit" value="', $txt['search'], '" class="button_submit" />
  1298. </form>';
  1299. }
  1300. // Show what would be the forum news.
  1301. function ssi_news($output_method = 'echo')
  1302. {
  1303. global $context;
  1304. if ($output_method != 'echo')
  1305. return $context['random_news_line'];
  1306. echo $context['random_news_line'];
  1307. }
  1308. // Show today's birthdays.
  1309. function ssi_todaysBirthdays($output_method = 'echo')
  1310. {
  1311. global $scripturl, $modSettings, $user_info;
  1312. if (empty($modSettings['cal_enabled']) || !allowedTo('calendar_view') || !allowedTo('profile_view'))
  1313. return;
  1314. $eventOptions = array(
  1315. 'include_birthdays' => true,
  1316. 'num_days_shown' => empty($modSettings['cal_days_for_index']) || $modSettings['cal_days_for_index'] < 1 ? 1 : $modSettings['cal_days_for_index'],
  1317. );
  1318. $return = cache_quick_get('calendar_index_offset_' . ($user_info['time_offset'] + $modSettings['time_offset']), 'Subs-Calendar.php', 'cache_getRecentEvents', array($eventOptions));
  1319. if ($output_method != 'echo')
  1320. return $return['calendar_birthdays'];
  1321. foreach ($return['calendar_birthdays'] as $member)
  1322. echo '
  1323. <a href="', $scripturl, '?action=profile;u=', $member['id'], '"><span class="fix_rtl_names">' . $member['name'] . '</span>' . (isset($member['age']) ? ' (' . $member['age'] . ')' : '') . '</a>' . (!$member['is_last'] ? ', ' : '');
  1324. }
  1325. // Show today's holidays.
  1326. function ssi_todaysHolidays($output_method = 'echo')
  1327. {
  1328. global $modSettings, $user_info;
  1329. if (empty($modSettings['cal_enabled']) || !allowedTo('calendar_view'))
  1330. return;
  1331. $eventOptions = array(
  1332. 'include_holidays' => true,
  1333. 'num_days_shown' => empty($modSettings['cal_days_for_index']) || $modSettings['cal_days_for_index'] < 1 ? 1 : $modSettings['cal_days_for_index'],
  1334. );
  1335. $return = cache_quick_get('calendar_index_offset_' . ($user_info['time_offset'] + $modSettings['time_offset']), 'Subs-Calendar.php', 'cache_getRecentEvents', array($eventOptions));
  1336. if ($output_method != 'echo')
  1337. return $return['calendar_holidays'];
  1338. echo '
  1339. ', implode(', ', $return['calendar_holidays']);
  1340. }
  1341. // Show today's events.
  1342. function ssi_todaysEvents($output_method = 'echo')
  1343. {
  1344. global $modSettings, $user_info;
  1345. if (empty($modSettings['cal_enabled']) || !allowedTo('calendar_view'))
  1346. return;
  1347. $eventOptions = array(
  1348. 'include_events' => true,
  1349. 'num_days_shown' => empty($modSettings['cal_days_for_index']) || $modSettings['cal_days_for_index'] < 1 ? 1 : $modSettings['cal_days_for_index'],
  1350. );
  1351. $return = cache_quick_get('calendar_index_offset_' . ($user_info['time_offset'] + $modSettings['time_offset']), 'Subs-Calendar.php', 'cache_getRecentEvents', array($eventOptions));
  1352. if ($output_method != 'echo')
  1353. return $return['calendar_events'];
  1354. foreach ($return['calendar_events'] as $event)
  1355. {
  1356. if ($event['can_edit'])
  1357. echo '
  1358. <a href="' . $event['modify_href'] . '" style="color: #ff0000;">*</a> ';
  1359. echo '
  1360. ' . $event['link'] . (!$event['is_last'] ? ', ' : '');
  1361. }
  1362. }
  1363. // Show all calendar entires for today. (birthdays, holodays, and events.)
  1364. function ssi_todaysCalendar($output_method = 'echo')
  1365. {
  1366. global $modSettings, $txt, $scripturl, $user_info;
  1367. if (empty($modSettings['cal_enabled']) || !allowedTo('calendar_view'))
  1368. return;
  1369. $eventOptions = array(
  1370. 'include_birthdays' => allowedTo('profile_view'),
  1371. 'include_holidays' => true,
  1372. 'include_events' => true,
  1373. 'num_days_shown' => empty($modSettings['cal_days_for_index']) || $modSettings['cal_days_for_index'] < 1 ? 1 : $modSettings['cal_days_for_index'],
  1374. );
  1375. $return = cache_quick_get('calendar_index_offset_' . ($user_info['time_offset'] + $modSettings['time_offset']), 'Subs-Calendar.php', 'cache_getRecentEvents', array($eventOptions));
  1376. if ($output_method != 'echo')
  1377. return $return;
  1378. if (!empty($return['calendar_holidays']))
  1379. echo '
  1380. <span class="holiday">' . $txt['calendar_prompt'] . ' ' . implode(', ', $return['calendar_holidays']) . '<br /></span>';
  1381. if (!empty($return['calendar_birthdays']))
  1382. {
  1383. echo '
  1384. <span class="birthday">' . $txt['birthdays_upcoming'] . '</span> ';
  1385. foreach ($return['calendar_birthdays'] as $member)
  1386. echo '
  1387. <a href="', $scripturl, '?action=profile;u=', $member['id'], '"><span class="fix_rtl_names">', $member['name'], '</span>', isset($member['age']) ? ' (' . $member['age'] . ')' : '', '</a>', !$member['is_last'] ? ', ' : '';
  1388. echo '
  1389. <br />';
  1390. }
  1391. if (!empty($return['calendar_events']))
  1392. {
  1393. echo '
  1394. <span class="event">' . $txt['events_upcoming'] . '</span> ';
  1395. foreach ($return['calendar_events'] as $event)
  1396. {
  1397. if ($event['can_edit'])
  1398. echo '
  1399. <a href="' . $event['modify_href'] . '" style="color: #ff0000;">*</a> ';
  1400. echo '
  1401. ' . $event['link'] . (!$event['is_last'] ? ', ' : '');
  1402. }
  1403. }
  1404. }
  1405. // Show the latest news, with a template... by board.
  1406. function ssi_boardNews($board = null, $limit = null, $start = null, $length = null, $output_method = 'echo')
  1407. {
  1408. global $scripturl, $db_prefix, $txt, $settings, $modSettings, $context;
  1409. global $smcFunc;
  1410. loadLanguage('Stats');
  1411. // Must be integers....
  1412. if ($limit === null)
  1413. $limit = isset($_GET['limit']) ? (int) $_GET['limit'] : 5;
  1414. else
  1415. $limit = (int) $limit;
  1416. if ($start === null)
  1417. $start = isset($_GET['start']) ? (int) $_GET['start'] : 0;
  1418. else
  1419. $start = (int) $start;
  1420. if ($board !== null)
  1421. $board = (int) $board;
  1422. elseif (isset($_GET['board']))
  1423. $board = (int) $_GET['board'];
  1424. if ($length === null)
  1425. $length = isset($_GET['length']) ? (int) $_GET['length'] : 0;
  1426. else
  1427. $length = (int) $length;
  1428. $limit = max(0, $limit);
  1429. $start = max(0, $start);
  1430. // Make sure guests can see this board.
  1431. $request = $smcFunc['db_query']('', '
  1432. SELECT id_board
  1433. FROM {db_prefix}boards
  1434. WHERE ' . ($board === null ? '' : 'id_board = {int:current_board}
  1435. AND ') . 'FIND_IN_SET(-1, member_groups) != 0
  1436. LIMIT 1',
  1437. array(
  1438. 'current_board' => $board,
  1439. )
  1440. );
  1441. if ($smcFunc['db_num_rows']($request) == 0)
  1442. {
  1443. if ($output_method == 'echo')
  1444. die($txt['ssi_no_guests']);
  1445. else
  1446. return array();
  1447. }
  1448. list ($board) = $smcFunc['db_fetch_row']($request);
  1449. $smcFunc['db_free_result']($request);
  1450. // Load the message icons - the usual suspects.
  1451. $stable_icons = array('xx', 'thumbup', 'thumbdown', 'exclamation', 'question', 'lamp', 'smiley', 'angry', 'cheesy', 'grin', 'sad', 'wink', 'poll', 'moved', 'recycled', 'wireless');
  1452. $icon_sources = array();
  1453. foreach ($stable_icons as $icon)
  1454. $icon_sources[$icon] = 'images_url';
  1455. // Find the post ids.
  1456. $request = $smcFunc['db_query']('', '
  1457. SELECT t.id_first_msg
  1458. FROM {db_prefix}topics as t
  1459. LEFT JOIN {db_prefix}boards as b ON (b.id_board = t.id_board)
  1460. WHERE t.id_board = {int:current_board}' . ($modSettings['postmod_active'] ? '
  1461. AND t.approved = {int:is_approved}' : '') . '
  1462. AND {query_see_board}
  1463. ORDER BY t.id_first_msg DESC
  1464. LIMIT ' . $start . ', ' . $limit,
  1465. array(
  1466. 'current_board' => $board,
  1467. 'is_approved' => 1,
  1468. )
  1469. );
  1470. $posts = array();
  1471. while ($row = $smcFunc['db_fetch_assoc']($request))
  1472. $posts[] = $row['id_first_msg'];
  1473. $smcFunc['db_free_result']($request);
  1474. if (empty($posts))
  1475. return array();
  1476. // Find the posts.
  1477. $request = $smcFunc['db_query']('', '
  1478. SELECT
  1479. m.icon, m.subject, m.body, IFNULL(mem.real_name, m.poster_name) AS poster_name, m.poster_time,
  1480. t.num_replies, t.id_topic, m.id_member, m.smileys_enabled, m.id_msg, t.locked, t.id_last_msg
  1481. FROM {db_prefix}topics AS t
  1482. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = t.id_first_msg)
  1483. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  1484. WHERE t.id_first_msg IN ({array_int:post_list})
  1485. ORDER BY t.id_first_msg DESC
  1486. LIMIT ' . count($posts),
  1487. array(
  1488. 'post_list' => $posts,
  1489. )
  1490. );
  1491. $return = array();
  1492. while ($row = $smcFunc['db_fetch_assoc']($request))
  1493. {
  1494. // If we want to limit the length of the post.
  1495. if (!empty($length) && $smcFunc['strlen']($row['body']) > $length)
  1496. {
  1497. $row['body'] = $smcFunc['substr']($row['body'], 0, $length);
  1498. $cutoff = false;
  1499. $last_space = strrpos($row['body'], ' ');
  1500. $last_open = strrpos($row['body'], '<');
  1501. $last_close = strrpos($row['body'], '>');
  1502. if (empty($last_space) || ($last_space == $last_open + 3 && (empty($last_close) || (!empty($last_close) && $last_close < $last_open))) || $last_space < $last_open || $last_open == $length - 6)
  1503. $cutoff = $last_open;
  1504. elseif (empty($last_close) || $last_close < $last_open)
  1505. $cutoff = $last_space;
  1506. if ($cutoff !== false)
  1507. $row['body'] = $smcFunc['substr']($row['body'], 0, $cutoff);
  1508. $row['body'] .= '...';
  1509. }
  1510. $row['body'] = parse_bbc($row['body'], $row['smileys_enabled'], $row['id_msg']);
  1511. // Check that this message icon is there...
  1512. if (!empty($modSettings['messageIconChecks_enable']) && !isset($icon_sources[$row['icon']]))
  1513. $icon_sources[$row['icon']] = file_exists($settings['theme_dir'] . '/images/post/' . $row['icon'] . '.png') ? 'images_url' : 'default_images_url';
  1514. censorText($row['subject']);
  1515. censorText($row['body']);
  1516. $return[] = array(
  1517. 'id' => $row['id_topic'],
  1518. 'message_id' => $row['id_msg'],
  1519. 'icon' => '<img src="' . $settings[$icon_sources[$row['icon']]] . '/post/' . $row['icon'] . '.png" alt="' . $row['icon'] . '" />',
  1520. 'subject' => $row['subject'],
  1521. 'time' => timeformat($row['poster_time']),
  1522. 'timestamp' => forum_time(true, $row['poster_time']),
  1523. 'body' => $row['body'],
  1524. 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.0',
  1525. 'link' => '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.0">' . $row['num_replies'] . ' ' . ($row['num_replies'] == 1 ? $txt['ssi_comment'] : $txt['ssi_comments']) . '</a>',
  1526. 'replies' => $row['num_replies'],
  1527. 'comment_href' => !empty($row['locked']) ? '' : $scripturl . '?action=post;topic=' . $row['id_topic'] . '.' . $row['num_replies'] . ';last_msg=' . $row['id_last_msg'],
  1528. 'comment_link' => !empty($row['locked']) ? '' : '<a href="' . $scripturl . '?action=post;topic=' . $row['id_topic'] . '.' . $row['num_replies'] . ';last_msg=' . $row['id_last_msg'] . '">' . $txt['ssi_write_comment'] . '</a>',
  1529. 'new_comment' => !empty($row['locked']) ? '' : '<a href="' . $scripturl . '?action=post;topic=' . $row['id_topic'] . '.' . $row['num_replies'] . '">' . $txt['ssi_write_comment'] . '</a>',
  1530. 'poster' => array(
  1531. 'id' => $row['id_member'],
  1532. 'name' => $row['poster_name'],
  1533. 'href' => !empty($row['id_member']) ? $scripturl . '?action=profile;u=' . $row['id_member'] : '',
  1534. 'link' => !empty($row['id_member']) ? '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['poster_name'] . '</a>' : $row['poster_name']
  1535. ),
  1536. 'locked' => !empty($row['locked']),
  1537. 'is_last' => false
  1538. );
  1539. }
  1540. $smcFunc['db_free_result']($request);
  1541. if (empty($return))
  1542. return $return;
  1543. $return[count($return) - 1]['is_last'] = true;
  1544. if ($output_method != 'echo')
  1545. return $return;
  1546. foreach ($return as $news)
  1547. {
  1548. echo '
  1549. <div class="news_item">
  1550. <h3 class="news_header">
  1551. ', $news['icon'], '
  1552. <a href="', $news['href'], '">', $news['subject'], '</a>
  1553. </h3>
  1554. <div class="news_timestamp">', $news['time'], ' ', $txt['by'], ' ', $news['poster']['link'], '</div>
  1555. <div class="news_body" style="padding: 2ex 0;">', $news['body'], '</div>
  1556. ', $news['link'], $news['locked'] ? '' : ' | ' . $news['comment_link'], '
  1557. </div>';
  1558. if (!$news['is_last'])
  1559. echo '
  1560. <hr />';
  1561. }
  1562. }
  1563. // Show the most recent events.
  1564. function ssi_recentEvents($max_events = 7, $output_method = 'echo')
  1565. {
  1566. global $db_prefix, $user_info, $scripturl, $modSettings, $txt, $context, $smcFunc;
  1567. if (empty($modSettings['cal_enabled']) || !allowedTo('calendar_view'))
  1568. return;
  1569. // Find all events which are happening in the near future that the member can see.
  1570. $request = $smcFunc['db_query']('', '
  1571. SELECT
  1572. cal.id_event, cal.start_date, cal.end_date, cal.title, cal.id_member, cal.id_topic,
  1573. cal.id_board, t.id_first_msg, t.approved
  1574. FROM {db_prefix}calendar AS cal
  1575. LEFT JOIN {db_prefix}boards AS b ON (b.id_board = cal.id_board)
  1576. LEFT JOIN {db_prefix}topics AS t ON (t.id_topic = cal.id_topic)
  1577. WHERE cal.start_date <= {date:current_date}
  1578. AND cal.end_date >= {date:current_date}
  1579. AND (cal.id_board = {int:no_board} OR {query_wanna_see_board})
  1580. ORDER BY cal.start_date DESC
  1581. LIMIT ' . $max_events,
  1582. array(
  1583. 'current_date' => strftime('%Y-%m-%d', forum_time(false)),
  1584. 'no_board' => 0,
  1585. )
  1586. );
  1587. $return = array();
  1588. $duplicates = array();
  1589. while ($row = $smcFunc['db_fetch_assoc']($request))
  1590. {
  1591. // Check if we've already come by an event linked to this same topic with the same title... and don't display it if we have.
  1592. if (!empty($duplicates[$row['title'] . $row['id_topic']]))
  1593. continue;
  1594. // Censor the title.
  1595. censorText($row['title']);
  1596. if ($row['start_date'] < strftime('%Y-%m-%d', forum_time(false)))
  1597. $date = strftime('%Y-%m-%d', forum_time(false));
  1598. else
  1599. $date = $row['start_date'];
  1600. // If the topic it is attached to is not approved then don't link it.
  1601. if (!empty($row['id_first_msg']) && !$row['approved'])
  1602. $row['id_board'] = $row['id_topic'] = $row['id_first_msg'] = 0;
  1603. $return[$date][] = array(
  1604. 'id' => $row['id_event'],
  1605. 'title' => $row['title'],
  1606. 'can_edit' => allowedTo('calendar_edit_any') || ($row['id_member'] == $user_info['id'] && allowedTo('calendar_edit_own')),
  1607. 'modify_href' => $scripturl . '?action=' . ($row['id_board'] == 0 ? 'calendar;sa=post;' : 'post;msg=' . $row['id_first_msg'] . ';topic=' . $row['id_topic'] . '.0;calendar;') . 'eventid=' . $row['id_event'] . ';' . $context['session_var'] . '=' . $context['session_id'],
  1608. 'href' => $row['id_board'] == 0 ? '' : $scripturl . '?topic=' . $row['id_topic'] . '.0',
  1609. 'link' => $row['id_board'] == 0 ? $row['title'] : '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.0">' . $row['title'] . '</a>',
  1610. 'start_date' => $row['start_date'],
  1611. 'end_date' => $row['end_date'],
  1612. 'is_last' => false
  1613. );
  1614. // Let's not show this one again, huh?
  1615. $duplicates[$row['title'] . $row['id_topic']] = true;
  1616. }
  1617. $smcFunc['db_free_result']($request);
  1618. foreach ($return as $mday => $array)
  1619. $return[$mday][count($array) - 1]['is_last'] = true;
  1620. if ($output_method != 'echo' || empty($return))
  1621. return $return;
  1622. // Well the output method is echo.
  1623. echo '
  1624. <span class="event">' . $txt['events'] . '</span> ';
  1625. foreach ($return as $mday => $array)
  1626. foreach ($array as $event)
  1627. {
  1628. if ($event['can_edit'])
  1629. echo '
  1630. <a href="' . $event['modify_href'] . '" style="color: #ff0000;">*</a> ';
  1631. echo '
  1632. ' . $event['link'] . (!$event['is_last'] ? ', ' : '');
  1633. }
  1634. }
  1635. // Check the passed id_member/password. If $is_username is true, treats $id as a username.
  1636. function ssi_checkPassword($id = null, $password = null, $is_username = false)
  1637. {
  1638. global $db_prefix, $sourcedir, $smcFunc;
  1639. // If $id is null, this was most likely called from a query string and should do nothing.
  1640. if ($id === null)
  1641. return;
  1642. $request = $smcFunc['db_query']('', '
  1643. SELECT passwd, member_name, is_activated
  1644. FROM {db_prefix}members
  1645. WHERE ' . ($is_username ? 'member_name' : 'id_member') . ' = {string:id}
  1646. LIMIT 1',
  1647. array(
  1648. 'id' => $id,
  1649. )
  1650. );
  1651. list ($pass, $user, $active) = $smcFunc['db_fetch_row']($request);
  1652. $smcFunc['db_free_result']($request);
  1653. return sha1(strtolower($user) . $password) == $pass && $active == 1;
  1654. }
  1655. // We want to show the recent attachments outside of the forum.
  1656. function ssi_recentAttachments($num_attachments = 10, $attachment_ext = array(), $output_method = 'echo')
  1657. {
  1658. global $smcFunc, $context, $modSettings, $scripturl, $txt, $settings;
  1659. // We want to make sure that we only get attachments for boards that we can see *if* any.
  1660. $attachments_boards = boardsAllowedTo('view_attachments');
  1661. // No boards? Adios amigo.
  1662. if (empty($attachments_boards))
  1663. return array();
  1664. // Is it an array?
  1665. if (!is_array($attachment_ext))
  1666. $attachment_ext = array($attachment_ext);
  1667. // Lets build the query.
  1668. $request = $smcFunc['db_query']('', '
  1669. SELECT
  1670. att.id_attach, att.id_msg, att.filename, IFNULL(att.size, 0) AS filesize, att.downloads, mem.id_member,
  1671. IFNULL(mem.real_name, m.poster_name) AS poster_name, m.id_topic, m.subject, t.id_board, m.poster_time,
  1672. att.width, att.height' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : ', IFNULL(thumb.id_attach, 0) AS id_thumb, thumb.width AS thumb_width, thumb.height AS thumb_height') . '
  1673. FROM {db_prefix}attachments AS att
  1674. INNER JOIN {db_prefix}messages AS m ON (m.id_msg = att.id_msg)
  1675. INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
  1676. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)' . (empty($modSettings['attachmentShowImages']) || empty($modSettings['attachmentThumbnails']) ? '' : '
  1677. LEFT JOIN {db_prefix}attachments AS thumb ON (thumb.id_attach = att.id_thumb)') . '
  1678. WHERE att.attachment_type = 0' . ($attachments_boards === array(0) ? '' : '
  1679. AND m.id_board IN ({array_int:boards_can_see})') . (!empty($attachment_ext) ? '
  1680. AND att.fileext IN ({array_string:attachment_ext})' : '') .
  1681. (!$modSettings['postmod_active'] || allowedTo('approve_posts') ? '' : '
  1682. AND t.approved = {int:is_approved}
  1683. AND m.approved = {int:is_approved}
  1684. AND att.approved = {int:is_approved}') . '
  1685. ORDER BY att.id_attach DESC
  1686. LIMIT {int:num_attachments}',
  1687. array(
  1688. 'boards_can_see' => $attachments_boards,
  1689. 'attachment_ext' => $attachment_ext,
  1690. 'num_attachments' => $num_attachments,
  1691. 'is_approved' => 1,
  1692. )
  1693. );
  1694. // We have something.
  1695. $attachments = array();
  1696. while ($row = $smcFunc['db_fetch_assoc']($request))
  1697. {
  1698. $filename = preg_replace('~&amp;#(\\d{1,7}|x[0-9a-fA-F]{1,6});~', '&#\\1;', htmlspecialchars($row['filename']));
  1699. // Is it an image?
  1700. $attachments[$row['id_attach']] = array(
  1701. 'member' => array(
  1702. 'id' => $row['id_member'],
  1703. 'name' => $row['poster_name'],
  1704. 'link' => empty($row['id_member']) ? $row['poster_name'] : '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['poster_name'] . '</a>',
  1705. ),
  1706. 'file' => array(
  1707. 'filename' => $filename,
  1708. 'filesize' => round($row['filesize'] /1024, 2) . $txt['kilobyte'],
  1709. 'downloads' => $row['downloads'],
  1710. 'href' => $scripturl . '?action=dlattach;topic=' . $row['id_topic'] . '.0;attach=' . $row['id_attach'],
  1711. 'link' => '<img src="' . $settings['images_url'] . '/icons/clip.png" alt="" /> <a href="' . $scripturl . '?action=dlattach;topic=' . $row['id_topic'] . '.0;attach=' . $row['id_attach'] . '">' . $filename . '</a>',
  1712. 'is_image' => !empty($row['width']) && !empty($row['height']) && !empty($modSettings['attachmentShowImages']),
  1713. ),
  1714. 'topic' => array(
  1715. 'id' => $row['id_topic'],
  1716. 'subject' => $row['subject'],
  1717. 'href' => $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'],
  1718. 'link' => '<a href="' . $scripturl . '?topic=' . $row['id_topic'] . '.msg' . $row['id_msg'] . '#msg' . $row['id_msg'] . '">' . $row['subject'] . '</a>',
  1719. 'time' => timeformat($row['poster_time']),
  1720. ),
  1721. );
  1722. // Images.
  1723. if ($attachments[$row['id_attach']]['file']['is_image'])
  1724. {
  1725. $id_thumb = empty($row['id_thumb']) ? $row['id_attach'] : $row['id_thumb'];
  1726. $attachments[$row['id_attach']]['file']['image'] = array(
  1727. 'id' => $id_thumb,
  1728. 'width' => $row['width'],
  1729. 'height' => $row['height'],
  1730. 'img' => '<img src="' . $scripturl . '?action=dlattach;topic=' . $row['id_topic'] . '.0;attach=' . $row['id_attach'] . ';image" alt="' . $filename . '" />',
  1731. 'thumb' => '<img src="' . $scripturl . '?action=dlattach;topic=' . $row['id_topic'] . '.0;attach=' . $id_thumb . ';image" alt="' . $filename . '" />',
  1732. 'href' => $scripturl . '?action=dlattach;topic=' . $row['id_topic'] . '.0;attach=' . $id_thumb . ';image',
  1733. 'link' => '<a href="' . $scripturl . '?action=dlattach;topic=' . $row['id_topic'] . '.0;attach=' . $row['id_attach'] . ';image"><img src="' . $scripturl . '?action=dlattach;topic=' . $row['id_topic'] . '.0;attach=' . $id_thumb . ';image" alt="' . $filename . '" /></a>',
  1734. );
  1735. }
  1736. }
  1737. $smcFunc['db_free_result']($request);
  1738. // So you just want an array? Here you can have it.
  1739. if ($output_method == 'array' || empty($attachments))
  1740. return $attachments;
  1741. // Give them the default.
  1742. echo '
  1743. <table class="ssi_downloads" cellpadding="2">
  1744. <tr>
  1745. <th align="left">', $txt['file'], '</th>
  1746. <th align="left">', $txt['posted_by'], '</th>
  1747. <th align="left">', $txt['downloads'], '</th>
  1748. <th align="left">', $txt['filesize'], '</th>
  1749. </tr>';
  1750. foreach ($attachments as $attach)
  1751. echo '
  1752. <tr>
  1753. <td>', $attach['file']['link'], '</td>
  1754. <td>', $attach['member']['link'], '</td>
  1755. <td align="center">', $attach['file']['downloads'], '</td>
  1756. <td>', $attach['file']['filesize'], '</td>
  1757. </tr>';
  1758. echo '
  1759. </table>';
  1760. }
  1761. ?>