· 7 years ago · Jan 11, 2019, 11:46 AM
1<?php
2/* by Tomasz 'Devilshakerz' Mlynski [devilshakerz.com]; Copyright (C) 2014
3 released under Creative Commons BY-NC-SA 3.0 license: http://creativecommons.org/licenses/by-nc-sa/3.0/ */
4
5// Disallow direct access to this file for security reasons
6if(!defined("IN_MYBB"))
7{
8 die("Direct initialization of this file is not allowed.<br /><br />
9 Please make sure IN_MYBB is defined.");
10}
11$plugins->add_hook('global_end', 'dvz_shoutbox_global_end'); // load language file, catch archive page
12$plugins->add_hook('xmlhttp', 'dvz_shoutbox_xmlhttp'); // xmlhttp.php listening
13$plugins->add_hook('index_end', 'dvz_shoutbox'); // load Shoutbox window to {$dvz_shoutbox} variable
14
15// MyBB handling
16function dvz_shoutbox_info () {
17 return array(
18 'name' => 'DVZ Shoutbox CUSTOMISED',
19 'description' => 'Lightweight AJAX chat, customised by Arne Van Daele, now with private messages, report system and more.',
20 'website' => 'http://devilshakerz.com/',
21 'author' => 'Originally by Tomasz \'Devilshakerz\' Mlynski',
22 'authorsite' => 'http://devilshakerz.com/',
23 'version' => '1.0',
24 'guid' => 'a54d9c66ae174f090b6345ce19e7a063',
25 'compatibility' => '16*,18*',
26 'codename' => 'DVZPRIV',
27 );
28}
29function dvz_shoutbox_install () {
30 global $db;
31
32 // table
33 $db->write_query("
34 CREATE TABLE IF NOT EXISTS `".TABLE_PREFIX."dvz_shoutbox` (
35 `id` int(11) NOT NULL auto_increment,
36 `uid` int(11) NOT NULL,
37 `text` text NOT NULL,
38 `date` int(11) NOT NULL,
39 `ip` varchar(15) NOT NULL,
40 PRIMARY KEY (`id`)
41 ) ENGINE=MyISAM ".$db->build_create_table_collation()."
42 ");
43
44 // example shout
45 $db->write_query("INSERT INTO ".TABLE_PREFIX."dvz_shoutbox VALUES (NULL, 1, 'Welcome to our shoutbox!', ".time().", '127.0.0.1')");
46
47 // settings
48 $db->write_query("INSERT INTO `".TABLE_PREFIX."settinggroups` VALUES (NULL, 'dvz_shoutbox', 'DVZ Shoutbox', 'Settings for DVZ Shoutbox.', 1, 0)");
49 $sgID = $db->insert_id();
50
51 $db->write_query("INSERT INTO `".TABLE_PREFIX."settings` VALUES
52 (NULL, 'dvz_sb_num', 'Shouts to display', 'Number of shouts displayed in the Shoutbox window.', 'text', '20', 1, $sgID, 0),
53 (NULL, 'dvz_sb_num_archive', 'Shouts to display on archive', 'Number of shouts to display per page on archive view.', 'text', '15', 2, $sgID, 0),
54 (NULL, 'dvz_sb_reversed', 'Reversed order', 'Reverse the order of displaying shouts in the Shoutbox window so that new ones appear on the bottom. You might also want to move the <b>{\$panel}</b> variable below window in the <i>dvz_shoutbox</i> template.', 'yesno', '0', 3, $sgID, 0),
55 (NULL, 'dvz_sb_height', 'Shoutbox height', 'Height of the Shoutbox window in pixels.', 'text', '160', 4, $sgID, 0),
56 (NULL, 'dvz_sb_dateformat', 'Date format', 'Format of the date displayed. This format uses the PHP <a href=\"http://php.net/manual/en/function.date.php\">date()</a> function.', 'text', 'd M H:i', 5, $sgID, 0),
57
58 (NULL, 'dvz_sb_mycode', 'Parse MyCode', '', 'yesno', '1', 6, $sgID, 0),
59 (NULL, 'dvz_sb_smilies', 'Parse smilies', '', 'yesno', '1', 7, $sgID, 0),
60 (NULL, 'dvz_sb_interval', 'Refresh interval', 'Number of seconds before new posted shouts are displayed in the window (lower values provide better synchronization but cause higher server load). Set 0 to disable the auto-refreshing feature.', 'text', '5', 8, $sgID, 0),
61 (NULL, 'dvz_sb_away', 'Away mode', 'Number of seconds after last user action (e.g. click) after which shoutbox will be minimized to prevent unnecessary usage of server resources. Set 0 to disable this feature.', 'text', '600', 9, $sgID, 0),
62 (NULL, 'dvz_sb_antiflood', 'Anti-flood interval', 'Minimum number of seconds before user can post next shout (this does not apply to Shoutbox moderators).', 'text', '5', 10, $sgID, 0),
63 (NULL, 'dvz_sb_lazyload', 'Lazy load', 'Start loading data only when the Shoutbox window is actually being displayed on the screen (the page is scrolled to the Shoutbox position).', 'select
64off=Disabled
65start=Check if on display to start
66always=Always check if on display to refresh', 'off', 11, $sgID, 0),
67 (NULL, 'dvz_sb_status', 'Shoutbox default status', 'Choose whether Shoutbox window should be expanded or collapsed by default.', 'onoff', '1', 12, $sgID, 0),
68
69 (NULL, 'dvz_sb_minposts', 'Minimum posts required to shout', 'Set 0 to allow everyone.', 'text', '0', 13, $sgID, 0),
70
71 (NULL, 'dvz_sb_groups_view', 'Group permissions: View', 'Comma-separated list of user groups that can view Shoutbox. Leave empty to let everyone view (including guests).', 'text', '', 14, $sgID, 0),
72 (NULL, 'dvz_sb_groups_shout', 'Group permissions: Shout', 'Comma-separated list of user groups that can post shouts in Shoutbox. Leave empty to let everyone post (that does not include guests).', 'text', '', 15, $sgID, 0),
73 (NULL, 'dvz_sb_groups_refresh', 'Group permissions: Auto-refresh', 'Comma-separated list of user groups that shoutbox will be refreshing for. Leave empty to let Shoutbox refresh for everyone.', 'text', '', 16, $sgID, 0),
74 (NULL, 'dvz_sb_groups_mod', 'Group permissions: Moderate', 'Comma-separated list of users groups that can moderate the Shoutbox (edit and delete shouts).', 'text', '', 17, $sgID, 0),
75 (NULL, 'dvz_sb_groups_mod_own', 'Group permissions: Moderate own shouts', 'Comma-separated list of users groups that can edit and delete own shouts.', 'text', '', 18, $sgID, 0),
76
77 (NULL, 'dvz_sb_supermods', 'Super moderators are Shoutbox moderators', 'Automatically allow forum super moderators to moderate Shoutbox as well.', 'yesno', '1', 19, $sgID, 0),
78
79
80 (NULL, 'dvz_sb_blocked_users', 'Banned users', 'Comma-separated list of user IDs that are banned from posting messages.', 'textarea', '', 20, $sgID, 0)
81 ");
82
83 $db->write_query("CREATE TABLE IF NOT EXISTS `".TABLE_PREFIX."dvz_reports` (
84`id` int(11) NOT NULL,
85 `shid` int(11) NOT NULL,
86 `uid` int(11) NOT NULL,
87 `reason` varchar(150) NOT NULL,
88 `date` int(11) NOT NULL,
89 `ip` varchar(20) NOT NULL
90) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;");
91 $db->write_query('ALTER TABLE `'.TABLE_PREFIX.'dvz_reports`
92 ADD PRIMARY KEY (`id`);');
93 $db->write_query('ALTER TABLE `'.TABLE_PREFIX.'dvz_reports`
94MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;');
95
96 rebuild_settings();
97
98 // templates
99 $template_panel = '
100<div class="panel">
101<form>
102<input type="text" class="text" placeholder="{$lang->dvz_sb_default}" autocomplete="off" maxlength="120" />
103<input type="submit" style="display:none" />
104</form>
105</div>';
106
107 $template_shoutbox = '
108<div id="shoutbox" class="front{$classes}">
109
110<div class="thead">
111{$lang->dvz_sb_shoutbox}
112<span style="float:right;"><a href="{$mybb->settings[\'bburl\']}/index.php?action=shoutbox_archive">« {$lang->dvz_sb_archivelink}</a></span>
113</div>
114
115<div class="body">
116
117{$panel}
118
119<div class="window" style="height:{$mybb->settings[\'dvz_sb_height\']}px">
120<div class="data"></div>
121</div>
122
123</div>
124
125<script type="text/javascript" src="{$mybb->settings[\'bburl\']}/jscripts/dvz_shoutbox.js"></script>
126{$javascript}
127
128</div>';
129
130 $template_archive = '<html>
131<head>
132<title>{$lang->dvz_sb_archive}</title>
133{$headerinclude}
134</head>
135<body>
136{$header}
137
138<script type="text/javascript" src="{$mybb->settings[\'bburl\']}/jscripts/dvz_shoutbox.js"></script>
139{$javascript}
140
141{$multipage}
142
143<br />
144
145<div id="shoutbox">
146
147{$modoptions}
148
149<div class="thead">{$lang->dvz_sb_archive}</div>
150
151<div class="data">
152{$archive}
153</div>
154</div>
155
156<br />
157
158{$multipage}
159
160{$footer}
161</body>
162</html>';
163
164 $template_archive_modoptions = '<table border="0" cellspacing="{$theme[\'borderwidth\']}" cellpadding="{$theme[\'tablespace\']}" class="tborder">
165<tr><td class="thead" colspan="2"><strong>{$lang->dvz_sb_mod}</strong></td></tr>
166<tr><td class="tcat">{$lang->dvz_sb_mod_banlist}</td><td class="tcat">{$lang->dvz_sb_mod_clear}</td></tr>
167<tr>
168<td class="trow1">
169<form action="" method="post">
170<input type="text" class="textbox" style="width:80%" name="banlist" value="{$blocked_users}"></textarea>
171<input type="hidden" name="postkey" value="{$mybb->post_code}" />
172<input type="submit" class="button" value="{$lang->dvz_sb_mod_banlist_button}" />
173</form>
174</td>
175<td class="trow1">
176<form action="" method="post">
177<select name="days">
178<option value="2">2 {$lang->days}</option>
179<option value="7">7 {$lang->days}</option>
180<option value="30">30 {$lang->days}</option>
181<option value="90">90 {$lang->days}</option>
182<option value="all">* {$lang->dvz_sb_mod_clear_all} *</option>
183</select>
184<input type="hidden" name="postkey" value="{$mybb->post_code}" />
185<input type="submit" class="button" value="{$lang->dvz_sb_mod_clear_button}" />
186</form>
187</td>
188</tr>
189</table>
190<br />';
191
192 $db->write_query("INSERT INTO `".TABLE_PREFIX."templates` VALUES (NULL, 'dvz_shoutbox_panel', '".$db->escape_string($template_panel)."', '-1', '1', '', '".time()."')");
193 $db->write_query("INSERT INTO `".TABLE_PREFIX."templates` VALUES (NULL, 'dvz_shoutbox', '".$db->escape_string($template_shoutbox)."', '-1', '1', '', '".time()."')");
194 $db->write_query("INSERT INTO `".TABLE_PREFIX."templates` VALUES (NULL, 'dvz_shoutbox_archive', '".$db->escape_string($template_archive)."', '-1', '1', '', '".time()."')");
195 $db->write_query("INSERT INTO `".TABLE_PREFIX."templates` VALUES (NULL, 'dvz_shoutbox_archive_modoptions', '".$db->escape_string($template_archive_modoptions)."', '-1', '1', '', '".time()."')");
196
197}
198function dvz_shoutbox_uninstall () {
199 global $db;
200
201 $groupID = $db->fetch_field(
202 $db->simple_select('settinggroups', 'gid', "name='dvz_shoutbox'"),
203 'gid'
204 );
205
206 // delete settings
207 $db->delete_query('settinggroups', "name='dvz_shoutbox'");
208 $db->delete_query('settings', 'gid='.$groupID);
209
210 // delete templates
211 $db->query("DELETE FROM ".TABLE_PREFIX."templates WHERE title IN('dvz_shoutbox', 'dvz_shoutbox_panel', 'dvz_shoutbox_archive', 'dvz_shoutbox_archive_modoptions')");
212
213 // delete data
214 $db->query("DROP TABLE ".TABLE_PREFIX.'dvz_shoutbox');
215
216 //delete reports
217 $db->query("DROP TABLE ".TABLE_PREFIX. "dvz_reports");
218}
219function dvz_shoutbox_is_installed () {
220 global $db;
221 $query = $db->simple_select('settinggroups', '*', "name='dvz_shoutbox'");
222 return $db->num_rows($query);
223}
224function dvz_shoutbox_activate () {
225}
226function dvz_shoutbox_deactivate () {
227}
228
229// hooks
230function dvz_shoutbox_global_end () {
231 global $mybb, $lang;
232
233 $lang->load('dvz_shoutbox');
234
235 if ($mybb->input['action'] == 'shoutbox_archive') {
236 return dvz_shoutbox::show_archive();
237 }
238}
239function dvz_shoutbox_xmlhttp () {
240 global $mybb, $db, $lang, $charset;
241
242 switch ($mybb->input['action']) {
243
244 case 'dvz_sb_get_shouts':
245
246 $permissions = (
247 (dvz_shoutbox::access_view() && !isset($mybb->input['from']) ) ||
248 dvz_shoutbox::access_refresh()
249 );
250
251 $handler = function() use ($mybb, $db) {
252 $data = dvz_shoutbox::get_multiple("WHERE s.id > " . (int)$mybb->input['from'] . " ORDER BY s.id DESC LIMIT " . (int)$mybb->settings['dvz_sb_num']);
253
254 $html = null; // JS-handled empty response
255 $lastId = 0;
256
257 while ($row = $db->fetch_array($data)) {
258 if ($lastId == 0) {
259 $lastId = $row['id'];
260 }
261 $shout = dvz_shoutbox::render_shout($row);
262 $html = $mybb->settings['dvz_sb_reversed']
263 ? $shout . $html
264 : $html . $shout
265 ;
266 }
267
268 if ($html != null) {
269 echo json_encode(array(
270 'html' => $html,
271 'last' => $lastId,
272 ));
273 }
274 };
275
276 break;
277 case 'dvz_sb_shout':
278
279 $permissions = (
280 dvz_shoutbox::access_shout() &&
281 verify_post_check($mybb->input['key'], true)
282 );
283
284 $handler = function() use ($mybb) {
285 if (!dvz_shoutbox::antiflood_pass() && !dvz_shoutbox::access_mod()) die('A'); // JS-handled error (Anti-flood)
286
287 dvz_shoutbox::shout(array(
288 'uid' => $mybb->user['uid'],
289 'text' => $mybb->input['text'],
290 'ip' => get_ip(),
291 ));
292 };
293
294 break;
295 case 'dvz_sb_get':
296
297 $data = dvz_shoutbox::get($mybb->input['id']);
298
299 $permissions = (
300 (
301 dvz_shoutbox::access_mod() ||
302 (dvz_shoutbox::access_mod_own() && $data['uid'] == $mybb->user['uid'] && dvz_shoutbox::access_shout())
303 ) &&
304 verify_post_check($mybb->input['key'], true)
305 );
306
307 $handler = function() use ($data) {
308 echo json_encode(array(
309 'text' => $data['text'],
310 ));
311 };
312
313 break;
314 case 'dvz_sb_update':
315
316 $permissions = (
317 dvz_shoutbox::can_mod($mybb->input['id']) &&
318 verify_post_check($mybb->input['key'], true)
319 );
320
321 $handler = function() use ($mybb) {
322 dvz_shoutbox::update($mybb->input['id'], $mybb->input['text']);
323 echo dvz_shoutbox::parse($mybb->input['text'], dvz_shoutbox::get_username($mybb->input['id']));
324
325 };
326
327 break;
328 case 'dvz_sb_delete':
329
330 $permissions = (
331 dvz_shoutbox::can_mod($mybb->input['id']) &&
332 verify_post_check($mybb->input['key'], true)
333 );
334
335 $handler = function() use ($mybb) {
336 dvz_shoutbox::delete($mybb->input['id']);
337 };
338
339 break;
340 case 'dvz_sb_report':
341 echo dvz_shoutbox::reportShout($mybb->input);
342 break;
343
344 }
345
346 if (isset($permissions)) {
347
348 if ($permissions == false) {
349 echo 'P'; // JS-handled error (Permissions)
350 } else {
351
352 $lang->load("dvz_shoutbox");
353 header('Content-type: text/plain; charset='.$charset);
354 header('Cache-Control: no-store'); // Chrome request caching issue
355 $handler();
356
357 }
358 }
359
360}
361function dvz_shoutbox () {
362 return dvz_shoutbox::load_window();
363}
364
365class dvz_shoutbox {
366
367 // internal cache
368 static $userGroups = false;
369
370 // immediate output
371 static function load_window () {
372 global $templates, $dvz_shoutbox, $lang, $mybb, $theme;
373
374 // MyBB template
375 $dvz_shoutbox = null;
376
377 // dvz_shoutbox template
378 $javascript = null;
379 $panel = null;
380 $classes = null;
381
382 if (dvz_shoutbox::access_view()) {
383
384 if (dvz_shoutbox::is_user()) {
385
386 // message: blocked
387 if ($reason = dvz_shoutbox::is_blocked()) {
388 $panel = '<div class="panel blocked"><p>' . $lang->dvz_sb_user_blocked . ' ' . $reason . '</p></div>';
389 }
390 // message: minimum posts
391 else if (!dvz_shoutbox::access_minposts() && !dvz_shoutbox::access_mod()) {
392 $panel = '<div class="panel minposts"><p>' . str_replace('{MINPOSTS}', $mybb->settings['dvz_sb_minposts'], $lang->dvz_sb_minposts) . '</p></div>';
393 }
394 // shout form
395 else if (dvz_shoutbox::access_shout()) {
396 eval('$panel = "' . $templates->get('dvz_shoutbox_panel') . '";');
397 }
398
399 }
400
401 $js = null;
402
403 // configuration
404 $js .= 'dvz_shoutbox.interval = ' . (dvz_shoutbox::access_refresh() ? (float)$mybb->settings['dvz_sb_interval'] : 0) . ';' . PHP_EOL;
405 $js .= 'dvz_shoutbox.antiflood = ' . (dvz_shoutbox::access_mod() ? 0 : (float)$mybb->settings['dvz_sb_antiflood']) . ';' . PHP_EOL;
406 $js .= 'dvz_shoutbox.maxShouts = ' . (int)$mybb->settings['dvz_sb_num'] . ';' . PHP_EOL;
407 $js .= 'dvz_shoutbox.awayTime = ' . (float)$mybb->settings['dvz_sb_away'] . '*1000;' . PHP_EOL;
408 $js .= 'dvz_shoutbox.lang = [\'' . $lang->dvz_sb_delete_confirm . '\', \'' . str_replace('{ANTIFLOOD}', $mybb->settings['dvz_sb_antiflood'], $lang->dvz_sb_antiflood) . '\', \''.$lang->dvz_sb_permissions.'\'];' . PHP_EOL;
409
410 // reversed order
411 if ($mybb->settings['dvz_sb_reversed']) {
412 $js .= 'dvz_shoutbox.reversed = true;' . PHP_EOL;
413 }
414
415 // lazyload
416 if ($mybb->settings['dvz_sb_lazyload']) {
417 $js .= 'dvz_shoutbox.lazyMode = \'' . $mybb->settings['dvz_sb_lazyload'] . '\';' . PHP_EOL;
418 $js .= 'jQuery(window).bind(\'scroll resize\', dvz_shoutbox.checkVisibility);' . PHP_EOL;
419 }
420
421 // away mode
422 if ($mybb->settings['dvz_sb_away']) {
423 $js .= 'jQuery(window).on(\'mousemove click dblclick keydown scroll\', dvz_shoutbox.updateActivity);' . PHP_EOL;
424 }
425
426 // shoutbox status
427 $status = isset($_COOKIE['dvz_sb_status'])
428 ? (bool)$_COOKIE['dvz_sb_status']
429 : (bool)$mybb->settings['dvz_sb_status']
430 ;
431 $js .= 'dvz_shoutbox.status = ' . (int)$status . ';' . PHP_EOL;
432
433 if ($status == false) {
434 $classes .= ' collapsed';
435 }
436
437 $javascript = '
438<script>
439' . $js . '
440dvz_shoutbox.updateActivity();
441dvz_shoutbox.loop();
442</script>';
443
444 eval('$dvz_shoutbox = "' . $templates->get('dvz_shoutbox') . '";');
445
446 }
447
448 }
449 static function show_archive () {
450 global $db, $mybb, $templates, $lang, $theme, $footer, $headerinclude, $header, $charset;
451
452 if (!dvz_shoutbox::access_view()) return false;
453
454 header('Content-type: text/html; charset='.$charset);
455
456 add_breadcrumb($lang->dvz_sb_shoutbox, "index.php?action=shoutbox_archive");
457
458 // moderation panel
459 if (dvz_shoutbox::access_mod()) {
460
461 if (isset($mybb->input['banlist']) && verify_post_check($mybb->input['postkey'])) {
462 dvz_shoutbox::banlist_update($mybb->input['banlist']);
463 }
464
465 if (isset($mybb->input['days']) && verify_post_check($mybb->input['postkey'])) {
466 if ($mybb->input['days'] == 'all') {
467 dvz_shoutbox::clear();
468 } else {
469 $allowed = array(2, 7, 30, 90);
470 if (in_array($mybb->input['days'], $allowed)) {
471 dvz_shoutbox::clear($mybb->input['days']);
472 }
473 }
474 }
475
476 $blocked_users = htmlspecialchars($mybb->settings['dvz_sb_blocked_users']);
477 eval('$modoptions = "'.$templates->get("dvz_shoutbox_archive_modoptions").'";');
478
479 } else {
480 $modoptions = null;
481 }
482
483 // pagination
484 $shoutsTotal = dvz_shoutbox::count();
485 $pageNum = (int)$mybb->input['page'];
486 $perPage = (int)$mybb->settings['dvz_sb_num_archive'];
487 $pages = ceil($shoutsTotal / $perPage);
488
489 if (!$pageNum || $pageNum < 1 || $pageNum > $pages) $pageNum = 1;
490
491 $start = ($pageNum - 1) * $perPage;
492
493 if ($shoutsTotal > $perPage) {
494 $multipage = multipage($shoutsTotal, $perPage, $pageNum, 'index.php?action=shoutbox_archive');
495 }
496
497 $data = dvz_shoutbox::get_multiple("ORDER by s.id DESC LIMIT $start,$perPage");
498
499 $archive = null;
500
501 while ($row = $db->fetch_array($data)) {
502 $archive .= dvz_shoutbox::render_shout($row, true);
503 }
504
505 $javascript = '
506<script>
507dvz_shoutbox.lang = [\'' . $lang->dvz_sb_delete_confirm . '\', \'' . str_replace('{ANTIFLOOD}', $mybb->settings['dvz_sb_antiflood'], $lang->dvz_sb_antiflood) . '\', \''.$lang->dvz_sb_permissions.'\'];
508</script>';
509
510 eval('$content = "'.$templates->get("dvz_shoutbox_archive").'";');
511
512 output_page($content);
513
514 exit;
515
516 }
517
518 static function isPvt($data) {
519 $string = trim($data);
520 $part = substr($string, 0,4);
521 if($part === '/pvt') {
522 //Get UID
523 $data = explode(" ", $data);
524 return $data[1];
525 }
526
527 return false;
528 }
529
530 static function getUsername($uid, $data) {
531 global $mybb, $lang;
532 $lang->load('custom');
533 //UID is ontvanger
534 if($uid == $mybb->user['uid']) {
535 return '<span class="private-message">' . $lang->sprintf($lang->private_message, $lang->from, $data['username']) . '</span>';
536 }
537
538 if($data['username'] == $mybb->user['username']) {
539 $userdata = get_user($uid);
540 return '<span class="private-message">' . $lang->sprintf($lang->private_message, $lang->to, $userdata['username']) . '</span>';
541 }
542
543 return $lang->default_private;
544 }
545
546 static function render_shout ($data, $static = false) {
547 global $mybb, $lang;
548
549 $id = $data['id'];
550 $text = $data['text'];
551 $date = my_date($mybb->settings['dvz_sb_dateformat'], $data['date']);
552
553 if($uid = self::isPvt($text)) {
554 if($uid != $mybb->user['uid'] && $data['username'] != $mybb->user['username']) {
555 return;
556 }
557
558 $replace = array("/pvt", $uid);
559 $lang->load('custom');
560
561 $usernameString = self::getUsername($uid, $data);
562
563 $text = str_replace($replace, "", $text);
564 }
565
566 $text = dvz_shoutbox::parse($text, $data['username']);
567 if($usernameString) {
568 $replace = array('<p>', '</p>');
569 $text = $usernameString . str_replace($replace, "",$text);
570 }
571
572 $avatar = '<a href="User-' . $data['username'] . '"><img src="' . (empty($data['avatar']) ? 'images/default_avatar.png' : $data['avatar']) . '" alt="avatar" /></a>';
573 $user = '<span class="username" data-id="'. (int)$data['uid'] .'"><a>' . format_name($data['username'], $data['usergroup'], $data['displaygroup']) . '</a></span>';
574
575
576 $notes = null;
577 $attributes = null;
578
579 $own = $data['uid'] == $mybb->user['uid'];
580
581 if ($static) {
582 if (dvz_shoutbox::access_mod()) {
583 $notes .= '<span class="ip">'.$data['ip'].'</span>';
584 }
585
586 if (
587 dvz_shoutbox::access_mod() ||
588 (dvz_shoutbox::access_mod_own() && $own)
589 ) {
590 $notes .= '<a href="" class="mod edit">E</a><a href="" class="mod del">X</a>';
591 }
592 }
593
594 if (
595 dvz_shoutbox::access_mod() ||
596 (dvz_shoutbox::access_mod_own() && $own)
597 ) {
598 $attributes .= ' data-mod';
599 }
600
601 if ($own) {
602 $attributes .= ' data-own';
603 }
604
605 $notes .= '<a href="" class="mod report">Report</a>';
606
607 return '
608<div class="entry" data-id="'.$id.'" data-username="'.$data['username'].'"'.$attributes.'>
609 <div class="avatar">'.$avatar.'</div>
610 <div class="user">'.$user.':</div>
611 <div class="text">'.$text.'</div>
612 <div class="info"><span class="date">'.$date.'</span>'.$notes.'</div>
613</div>';
614
615 }
616
617 // data manipulation
618 static function get ($id) {
619 global $db;
620 return $db->fetch_array( $db->simple_select('dvz_shoutbox', '*', 'id=' . (int)$id) );
621 }
622 static function get_multiple ($clauses) {
623 global $db;
624 return $db->query("
625 SELECT
626 s.*, u.username, u.usergroup, u.displaygroup, u.avatar
627 FROM
628 ".TABLE_PREFIX."dvz_shoutbox s
629 LEFT JOIN ".TABLE_PREFIX."users u ON u.uid = s.uid
630 ".$clauses."
631 ");
632 }
633 static function get_username ($id) {
634 global $db;
635 return $db->fetch_field( $db->query("SELECT username FROM ".TABLE_PREFIX."users u, ".TABLE_PREFIX."dvz_shoutbox s WHERE u.uid=s.uid AND s.id=" . (int)$id), 'username');
636 }
637 static function user_last_shout_time ($uid) {
638 global $db;
639 return $db->fetch_field(
640 $db->simple_select('dvz_shoutbox', 'date', 'uid=' . (int)$uid, array(
641 'order_by' => 'date',
642 'order_dir' => 'desc',
643 'limit' => 1
644 )), 'date');
645 }
646 static function count () {
647 global $db;
648 return $db->fetch_field(
649 $db->simple_select('dvz_shoutbox', 'COUNT(*) as n'),
650 'n'
651 );
652 }
653 static function shout ($data) {
654 global $db;
655
656 foreach ($data as &$item) {
657 $item = $db->escape_string($item);
658 if(strlen($item) > 120) {
659 die;
660 }
661 }
662
663 $data['date'] = time();
664
665 return $db->insert_query('dvz_shoutbox', $data);
666 }
667 static function update ($id, $text) {
668 global $db;
669 return $db->update_query('dvz_shoutbox', array('text' => $db->escape_string($text)), 'id=' . (int)$id);
670 }
671 static function banlist_update ($new) {
672 global $db;
673 $db->update_query('settings', array('value' => $db->escape_string($new)), "name='dvz_sb_blocked_users'");
674 rebuild_settings();
675 }
676 static function delete ($id) {
677 global $db;
678 return $db->delete_query('dvz_shoutbox', 'id=' . (int)$id);
679 }
680 static function clear ($days = false) {
681 global $db;
682 if ($days) {
683 $where = 'date < '.( time()-((int)$days*86400) );
684 } else {
685 $where = false;
686 }
687 return $db->delete_query('dvz_shoutbox', $where);
688 }
689
690 // permissions
691 static function is_user () {
692 global $mybb;
693 return !($mybb->user['usergroup'] == 1 && $mybb->user['uid'] < 1);
694 }
695 static function is_blocked () {
696 global $db, $mybb, $lang;
697
698 $uid = $mybb->user['uid'];
699 $query = $db->simple_select("dvz_reports_banned", 'id, reason, unbantime', "uid='" . $uid . "'");
700 if($query->num_rows === 1) {
701 $data = $query->fetch_row();
702 if($data[2] < strtotime('+1 hour', time())) {
703 $uid = $db->escape_string($data[0]);
704 $db->delete_query("dvz_reports_banned", "id ='" . $uid . "'");
705 return false;
706 }
707
708 $lang->load('custom');
709
710 return '<br />' . $lang->sprintf($lang->shoutbox_reason, htmlspecialchars_uni($data[1])) . '<br />' . $lang->sprintf($lang->unbanat, date('d-M-Y H:i:s', $data[2]));
711 }
712 return false;
713 }
714 static function access_view () {
715 global $mybb;
716
717 $array = dvz_shoutbox::settings_get_csv('groups_view');
718
719 return (
720 empty($array) ||
721 dvz_shoutbox::member_of($array)
722 );
723 }
724 static function access_refresh () {
725 global $mybb;
726
727 $array = dvz_shoutbox::settings_get_csv('groups_refresh');
728
729 return (
730 empty($array) ||
731 dvz_shoutbox::member_of($array)
732 );
733 }
734 static function access_shout () {
735 global $mybb;
736
737 $array = dvz_shoutbox::settings_get_csv('groups_shout');
738
739 return (
740 dvz_shoutbox::is_user() &&
741 !dvz_shoutbox::is_blocked() &&
742 (
743 dvz_shoutbox::access_mod() ||
744 (
745 dvz_shoutbox::access_view() &&
746 dvz_shoutbox::access_minposts() &&
747 (
748 empty($array) ||
749 dvz_shoutbox::member_of($array)
750 )
751 )
752 )
753 );
754 }
755 static function access_mod () {
756 global $mybb;
757
758 $array = dvz_shoutbox::settings_get_csv('groups_mod');
759 return (
760 dvz_shoutbox::member_of($array) ||
761 ($mybb->settings['dvz_sb_supermods'] && $mybb->usergroup['issupermod'])
762 );
763 }
764 static function access_mod_own () {
765 global $mybb;
766
767 if ($mybb->settings['dvz_sb_groups_mod_own']) {
768 $array = dvz_shoutbox::settings_get_csv('groups_mod_own');
769 return dvz_shoutbox::member_of($array);
770 } else {
771 return false;
772 }
773 }
774 static function access_minposts () {
775 global $mybb;
776 return $mybb->user['postnum'] >= $mybb->settings['dvz_sb_minposts'];
777 }
778 static function can_mod ($shoutId) {
779 global $mybb;
780
781 if (dvz_shoutbox::access_mod()) {
782 return true;
783 } else if (dvz_shoutbox::access_mod_own() && dvz_shoutbox::access_shout()) {
784
785 $data = dvz_shoutbox::get($shoutId);
786
787 if ($data['uid'] == $mybb->user['uid']) {
788 return true;
789 }
790
791 }
792
793 return false;
794
795 }
796
797 // core
798 static function parse ($message, $me_username) {
799 global $mybb;
800
801 require_once MYBB_ROOT.'inc/class_parser.php';
802
803 $parser = new postParser;
804 $options = array(
805 'allow_mycode' => 0,
806 'allow_smilies' => $mybb->settings['dvz_sb_smilies'],
807 'allow_imgcode' => 0,
808 'filter_badwords' => 1,
809 );
810
811 $message = $parser->parse_message($message, $options);
812 $message = $parser->mycode_auto_url($message);
813 $message = $post = preg_replace('/\[url](.+?)\[\/url\]/', '<a href="\1" target="_blank">\1</a>', $message);
814 return $message;
815
816 }
817 static function antiflood_pass () {
818 global $mybb;
819
820 return (
821 !$mybb->settings['dvz_sb_antiflood'] ||
822 ( time() - dvz_shoutbox::user_last_shout_time($mybb->user['uid']) ) > $mybb->settings['dvz_sb_antiflood']
823 );
824
825 }
826 static function member_of ($groupsArray) {
827 global $mybb;
828
829 if (dvz_shoutbox::$userGroups == false) {
830 dvz_shoutbox::$userGroups = explode(',', $mybb->user['additionalgroups']);
831 dvz_shoutbox::$userGroups[] = $mybb->user['usergroup'];
832 }
833
834 return array_intersect(dvz_shoutbox::$userGroups, $groupsArray);
835 }
836 static function settings_get_csv ($name) {
837 global $mybb;
838
839 $items = explode(',', $mybb->settings['dvz_sb_'.$name]);
840
841 if (count($items) == 1 && $items[0] == '') {
842 return array();
843 } else
844
845 return $items;
846 }
847
848 static function reportShout($postdata)
849 {
850 global $mybb, $db;
851 if (verify_post_check($postdata['key'])) {
852 if (self::access_shout()) {
853 $id = $db->escape_string($postdata['id']);
854 $getPost = $db->write_query("SELECT id FROM " .TABLE_PREFIX. "dvz_shoutbox WHERE id = '$id'");
855 if ($getPost->num_rows === 1) {
856 //Store report
857 $data = array(
858 'shid' => $db->escape_string($postdata['id']),
859 'uid' => $db->escape_string($mybb->user['uid']),
860 'reason' => $db->escape_string($postdata['reason']),
861 'date' => time(),
862 'ip' => $db->escape_string(get_ip()),
863 );
864
865 $insert = $db->insert_query('dvz_reports', $data);
866 if ($insert) {
867 return true;
868 }
869 return false;
870 }
871 return false;
872 }
873
874 return false;
875 }
876 }
877
878}
879
880?>