function itrader_checkurl($dealurl)
{
global $vbulletin;
// Make it all lowercase and decode potential & characters.
$parsedurl = parse_url(html_entity_decode(strtolower($dealurl)));
// If it can't be parsed then something is seriously wrong so bypass the rest of the checks.
if($parsedurl !== false)
{
// Make sure they put a 'http://' in there.
if($parsedurl['scheme'] != 'http')
{
return false;
}
// We want to do some detailed URL checking.
if($vbulletin->options['itrader_stricturl'])
{
// Make sure the submitted host can be found somewhere in the forum url.
if(!strpos(strtolower($vbulletin->options['bburl']),$parsedurl['host']))
{
return false;
}
// Find the threadid or postid.
$pieces = explode('&',$parsedurl['query']);
foreach ($pieces as $piece)
{
$check = explode('=',$piece);
if ($check[0] == 't' OR $check[0] == 'p')
{
// The queries are different but all the checks are the same.
if ($check[0] == 't')
{
$result = $vbulletin->db->query_first("SELECT postuserid, forumid
FROM " . TABLE_PREFIX . "thread AS thread
WHERE threadid = " . intval($check[1]) . "
");
}
else
{
$result = $vbulletin->db->query_first("SELECT postuserid, forumid
FROM " . TABLE_PREFIX . "post AS post
LEFT JOIN " . TABLE_PREFIX . "thread AS thread ON (thread.threadid = post.threadid)
WHERE postid = " . intval($check[1]) . "
");
}
if ($result['postuserid'] != $vbulletin->GPC['userid'] AND $result['postuserid'] != $vbulletin->userinfo['userid'])
{
// One of the two people in the deal should be the thread creator.
return false;
}
if ($vbulletin->options['itrader_forumsurl'])
{
$forums = explode(',', $vbulletin->options['itrader_forumsurl']);
if(!in_array($result['forumid'],$forums))
{
// Thread doesn't match up with the list of forumids in the admincp.
return false;
}
}
// Passed All The Tests! Woohoo!
return true;
} // found thread or post
} // foreach
// None of the piece matched!
return false;
}
else
{
// It passed the http:// check and skipped strict checking.
return true;
}
} // Failed the baisc parse_url function
return false;
}
