[Summary view] [Print] [Text view]

   1  <?php
   2  /**
   3   * MyBB 1.6
   4   * Copyright 2010 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://mybb.com
   7   * License: http://mybb.com/about/license
   8   *
   9   * $Id$
  10   */
  11  
  12  define("IN_MYBB", 1);
  13  define('THIS_SCRIPT', 'usercp2.php');
  14  define("ALLOWABLE_PAGE", "removesubscription,removesubscriptions");
  15  
  16  $templatelist = 'usercp_nav_messenger,usercp_nav_changename,usercp_nav_profile,usercp_nav_misc,usercp_nav,usercp_addsubscription_thread,usercp_nav_messenger_tracking,usercp_nav_editsignature';
  17  
  18  require_once  "./global.php";
  19  require_once  MYBB_ROOT."inc/functions_user.php";
  20  
  21  if($mybb->user['uid'] == 0)
  22  {
  23      error_no_permission();
  24  }
  25  
  26  // Verify incoming POST request
  27  verify_post_check($mybb->input['my_post_key']);
  28  
  29  $lang->load("usercp");
  30  
  31  usercp_menu();
  32  
  33  $server_http_referer = htmlentities($_SERVER['HTTP_REFERER']);
  34  
  35  if($mybb->input['action'] == "do_addsubscription")
  36  {
  37      if($mybb->input['type'] != "forum")
  38      {
  39          $thread = get_thread($mybb->input['tid']);
  40          if(!$thread['tid'])
  41          {
  42              error($lang->error_invalidthread);
  43          }
  44          $forumpermissions = forum_permissions($thread['fid']);
  45          if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || ($forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
  46          {
  47              error_no_permission();
  48          }
  49          add_subscribed_thread($thread['tid'], $mybb->input['notification']);
  50          if($mybb->input['referrer'])
  51          {
  52              $url = htmlspecialchars_uni(addslashes($mybb->input['referrer']));
  53          }
  54          else
  55          {
  56              $url = get_thread_link($thread['tid']);
  57          }
  58          redirect($url, $lang->redirect_subscriptionadded);
  59      }
  60  }
  61  
  62  if($mybb->input['action'] == "addsubscription")
  63  {
  64      if($mybb->input['type'] == "forum")
  65      {
  66          $forum = get_forum($mybb->input['fid']);
  67          if(!$forum['fid'])
  68          {
  69              error($lang->error_invalidforum);
  70          }
  71          $forumpermissions = forum_permissions($forum['fid']);
  72          if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0)
  73          {
  74              error_no_permission();
  75          }
  76          add_subscribed_forum($forum['fid']);
  77          if($server_http_referer)
  78          {
  79              $url = $server_http_referer;
  80          }
  81          else
  82          {
  83              $url = "index.php";
  84          }
  85          redirect($url, $lang->redirect_forumsubscriptionadded);
  86      }
  87      else
  88      {
  89          $thread  = get_thread($mybb->input['tid']);
  90          if(!$thread['tid'])
  91          {
  92              error($lang->error_invalidthread);
  93          }
  94          add_breadcrumb($lang->nav_subthreads, "usercp.php?action=subscriptions");
  95          add_breadcrumb($lang->nav_addsubscription);
  96  
  97          $forumpermissions = forum_permissions($thread['fid']);
  98          if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || ($forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
  99          {
 100              error_no_permission();
 101          }
 102          $referrer = '';
 103          if($server_http_referer)
 104          {
 105              $referrer = $server_http_referer;
 106          }
 107  
 108          require_once  MYBB_ROOT."inc/class_parser.php";
 109          $parser = new postParser;
 110          $thread['subject'] = $parser->parse_badwords($thread['subject']);
 111          $thread['subject'] = htmlspecialchars_uni($thread['subject']);
 112          $lang->subscribe_to_thread = $lang->sprintf($lang->subscribe_to_thread, $thread['subject']);
 113  
 114          if($mybb->user['subscriptionmethod'] == 1 || $mybb->user['subscriptionmethod'] == 0)
 115          {
 116              $notification_none_checked = "checked=\"checked\"";
 117          }
 118          else if($mybb->user['subscriptionmethod'] == 2)
 119          {
 120              $notification_instant_checked = "checked=\"checked\"";
 121          }
 122          eval("\$add_subscription = \"".$templates->get("usercp_addsubscription_thread")."\";");
 123          output_page($add_subscription);
 124      }
 125  }
 126  elseif($mybb->input['action'] == "removesubscription")
 127  {
 128      if($mybb->input['type'] == "forum")
 129      {
 130          $forum = get_forum($mybb->input['fid']);
 131          if(!$forum['fid'])
 132          {
 133              error($lang->error_invalidforum);
 134          }
 135          remove_subscribed_forum($forum['fid']);
 136          if($server_http_referer)
 137          {
 138              $url = $server_http_referer;
 139          }
 140          else
 141          {
 142              $url = "usercp.php?action=forumsubscriptions";
 143          }
 144          redirect($url, $lang->redirect_forumsubscriptionremoved);
 145      }
 146      else
 147      {
 148          $thread = get_thread($mybb->input['tid']);
 149          if(!$thread['tid'])
 150          {
 151              error($lang->error_invalidthread);
 152          }
 153          remove_subscribed_thread($thread['tid']);
 154          if($server_http_referer)
 155          {
 156              $url = $server_http_referer;
 157          }
 158          else
 159          {
 160              $url = "usercp.php?action=subscriptions";
 161          }
 162          redirect($url, $lang->redirect_subscriptionremoved);
 163      }
 164  }
 165  elseif($mybb->input['action'] == "removesubscriptions")
 166  {    
 167      if($mybb->input['type'] == "forum")
 168      {
 169          $db->delete_query("forumsubscriptions", "uid='".$mybb->user['uid']."'");
 170          if($server_http_referer)
 171          {
 172              $url = $server_http_referer;
 173          }
 174          else
 175          {
 176              $url = "usercp.php?action=forumsubscriptions";
 177          }
 178          redirect($url, $lang->redirect_forumsubscriptionsremoved);
 179      }
 180      else
 181      {
 182          $db->delete_query("threadsubscriptions", "uid='".$mybb->user['uid']."'");
 183          if($server_http_referer)
 184          {
 185              $url = $server_http_referer;
 186          }
 187          else
 188          {
 189              $url = "usercp.php?action=subscriptions";
 190          }
 191          redirect($url, $lang->redirect_subscriptionsremoved);
 192      }
 193  }
 194  else
 195  {
 196      error($lang->error_invalidaction);
 197  }
 198  ?>