Beispiel #1
0
 public function __construct()
 {
     global $_SYSTEM;
     $this->encoding = COM_getEncodingt();
     if (isset($_SYSTEM['html_filter']) && $_SYSTEM['html_filter'] == 'htmlawed') {
         $this->setFilterMethod('htmlawed');
     }
     if (isset($_CONF['htmlfilter_default'])) {
         $this->setAllowedElements($_CONF['htmlfilter_default']);
     }
 }
/**
 * used for the list of users in admin/user.php
 *
 */
function ADMIN_getListField_ratings($fieldname, $fieldvalue, $A, $icon_arr)
{
    global $_CONF, $_TABLES, $LANG_ADMIN, $LANG04, $LANG28, $LANG_GF98, $_FF_CONF;
    $retval = '';
    switch ($fieldname) {
        case 'grade':
            $retval = intval($fieldvalue);
            break;
        case 'rating':
            $retval = '<input type="text" name="new_rating-' . $A['uid'] . '" value="' . intval($A['rating']) . '" size="5" />';
            break;
        case 'voter_id':
            $uname = DB_getItem($_TABLES['users'], 'username', 'uid=' . $A['voter_id']);
            $retval = COM_createLink($uname, $_CONF['site_admin_url'] . '/plugins/forum/userrating_detail.php?vid=' . $A['voter_id']);
            break;
        case 'user_id':
            $uname = DB_getItem($_TABLES['users'], 'username', 'uid=' . $A['user_id']);
            if ($uname == '') {
                $retval = COM_createLink($A['user_id'], $_CONF['site_admin_url'] . '/plugins/forum/userrating_detail.php?uid=' . $A['user_id']);
            } else {
                $retval = COM_createLink($uname, $_CONF['site_admin_url'] . '/plugins/forum/userrating_detail.php?uid=' . $A['user_id']);
            }
            break;
        case 'topic_id':
            if (intval($A['topic_id']) > 0) {
                $res = DB_query("SELECT id,pid,forum,subject,comment,status FROM {$_TABLES['ff_topic']} WHERE id=" . $A['topic_id']);
                list($id, $pid, $forum, $subject, $comment, $status) = DB_fetchArray($res);
                $testText = FF_formatTextBlock($comment, 'text', 'text', $status);
                $testText = strip_tags($testText);
                $lastpostinfogll = htmlspecialchars(preg_replace('#\\r?\\n#', '<br>', strip_tags(substr($testText, 0, $_FF_CONF['contentinfo_numchars']) . '...')), ENT_QUOTES, COM_getEncodingt());
                if ($subject == '') {
                    $subject = '<em>' . $LANG_GF98['no_subject_defined'] . '</em>';
                }
                $retval = '<a class="' . COM_getTooltipStyle() . '" style="text-decoration:none;" href="' . $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . ($pid == 0 ? $id : $pid) . '&amp;topic=' . $id . '#' . $id . '" title="' . $subject . '::' . $lastpostinfogll . '" rel="nofollow">' . $subject . '</a>';
            } elseif ($A['topic_id'] == -1) {
                $retval = $LANG_GF98['admin_set_value'];
            } else {
                $retval = $LANG_GF98['no_topic_defined'];
            }
            break;
        case 'username':
            $retval = COM_createLink($fieldvalue, $_CONF['site_admin_url'] . '/plugins/forum/userrating_detail.php?uid=' . $A['uid']);
            break;
        case $_TABLES['users'] . '.uid':
            $retval = $A['uid'];
            break;
        default:
            $retval = $fieldvalue;
            break;
    }
    return $retval;
}
Beispiel #3
0
function _getReferer()
{
    global $_CONF;
    if (isset($_POST['referer'])) {
        $referer = COM_sanitizeUrl($_POST['referer']);
    } else {
        if (isset($_SERVER['HTTP_REFERER'])) {
            $referer = COM_sanitizeUrl($_SERVER['HTTP_REFERER']);
        } else {
            $referer = '';
        }
    }
    $sLength = strlen($_CONF['site_url']);
    if (substr($referer, 0, $sLength) != $_CONF['site_url']) {
        $referer = $_CONF['site_url'] . '/forum/index.php';
    }
    $referer = @htmlspecialchars($referer, ENT_COMPAT, COM_getEncodingt());
    if (strstr($referer, 'comment.php') !== false) {
        if (isset($_REQUEST['sid']) && isset($_REQUEST['type'])) {
            $referer = PLG_getCommentUrlId($type);
        }
    }
    return $referer;
}
Beispiel #4
0
function _ff_getListField_gettopic($fieldname, $fieldvalue, $A, $icon_arr)
{
    global $_CONF, $_USER, $_TABLES, $LANG_ADMIN, $LANG04, $LANG28, $_IMAGE_TYPE;
    global $_FF_CONF, $_SYSTEM, $LANG_GF02, $LANG_GF03;
    USES_lib_html2text();
    $dt = new Date('now', $_USER['tzid']);
    $retval = '';
    switch ($fieldname) {
        case 'author':
            $retval = $A['name'];
            break;
        case 'date':
            $dt->setTimestamp($fieldvalue);
            $retval = $dt->format($_FF_CONF['default_Datetime_format'], true);
            break;
        case 'lastupdated':
            $dt->setTimestamp($fieldvalue);
            $retval = $dt->format($_FF_CONF['default_Datetime_format'], true);
            break;
        case 'subject':
            $testText = FF_formatTextBlock($A['comment'], 'text', 'text', $A['status']);
            $testText = strip_tags($testText);
            $html2txt = new html2text($testText, false);
            $testText = trim($html2txt->get_text());
            $lastpostinfogll = htmlspecialchars(preg_replace('#\\r?\\n#', '<br>', strip_tags(substr($testText, 0, $_FF_CONF['contentinfo_numchars']) . '...')), ENT_QUOTES, COM_getEncodingt());
            $retval = '<span class="' . COM_getTooltipStyle() . '" style="text-decoration:none;" title="' . $A['subject'] . '::' . $lastpostinfogll . '">' . $fieldvalue . '</span>';
            break;
        case 'select':
            $retval = '[&nbsp;<a href="#" onclick="insert_topic(\'' . $A['id'] . '\'); return false;">' . $LANG_GF03['select'] . '</a>&nbsp;]';
            break;
        default:
            $retval = $fieldvalue;
            break;
    }
    return $retval;
}
Beispiel #5
0
    $log = 'error.log';
}
$display = '';
$menu_arr = array(array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$display = COM_startBlock($LANG_LOGVIEW['log_viewer'], '', COM_getBlockTemplate('_admin_block', 'header')) . ADMIN_createMenu($menu_arr, $LANG_LOGVIEW['info'], $_CONF['layout_url'] . '/images/icons/log_viewer.' . $_IMAGE_TYPE);
$display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/logviewer.php" class="uk-form"><div>' . $LANG_LOGVIEW['logs'] . ':&nbsp;&nbsp;&nbsp;' . '<select name="log">';
foreach (glob($_CONF['path_log'] . '*.log') as $file) {
    $file = basename($file);
    $display .= '<option value="' . $file . '"';
    if ($log === $file) {
        $display .= ' selected="selected"';
    }
    $display .= '>' . $file . '</option>';
}
$display .= '</select>&nbsp;&nbsp;&nbsp;&nbsp;' . '<button type="submit" name="viewlog" value="' . $LANG_LOGVIEW['view'] . '" class="uk-button">' . $LANG_LOGVIEW['view'] . '</button>' . '&nbsp;&nbsp;&nbsp;&nbsp;' . '<button type="submit" name="clearlog" value="' . $LANG_LOGVIEW['clear'] . '" class="uk-button" onclick="return confirm(\'' . $MESSAGE[76] . '\');">' . $LANG_LOGVIEW['clear'] . '</button>' . '</div></form>';
if (isset($_POST['clearlog'])) {
    if (@unlink($_CONF['path_log'] . $log)) {
        $timestamp = strftime("%c");
        @file_put_contents($_CONF['path_log'] . $log, "{$timestamp} - Log File Cleared " . PHP_EOL, FILE_APPEND);
        $_POST['viewlog'] = 1;
    }
}
if (isset($_POST['viewlog'])) {
    $display .= '<p><strong>' . $LANG_LOGVIEW['log_file'] . ': ' . $log . '</strong></p>' . '<div style="margin:10px 0 5px;border-bottom:1px solid #cccccc;"></div>' . '<pre style="overflow:scroll; height:500px;">' . htmlentities(file_get_contents($_CONF['path_log'] . $log), ENT_NOQUOTES, COM_getEncodingt()) . '</pre>';
}
$display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
$output = COM_createHTMLDocument($display, array('pagetitle' => $LANG_LOGVIEW['log_viewer']));
header('Content-Type: text/html; charset=' . COM_getEncodingt());
header('X-XSS-Protection: 1; mode=block');
header('X-Content-Type-Options: nosniff');
COM_output($output);
Beispiel #6
0
 /**
  * Add a JavaScript source to a page
  *
  * This adds a javascript source file to a page - The URL should not have
  * the <link> attribute.
  *
  * @param  string   $href       The URL to the javascript file
  * @param  int      $priority   Load priority
  * @param  string   $mime       The mime type of the stylesheet, 'text/css'
  *                              used if no other type passed.
  *
  * @access public
  * @return nothing
  */
 public function addLinkScript($href, $priority = HEADER_PRIO_NORMAL, $mime = 'text/javascript')
 {
     $link = '<script type="' . $mime . '" src="' . @htmlspecialchars($href, ENT_QUOTES, COM_getEncodingt()) . '"';
     $link .= "></script>" . LB;
     $this->_header['script'][$priority][] = $link;
 }
Beispiel #7
0
 /**
  * Apply filters to the title element
  *
  * @param  string $title
  * @return string
  */
 private function _applyTitleFilter($title)
 {
     $retval = strip_tags(COM_checkWords($title, 'story'));
     $retval = GLText::remove4byteUtf8Chars($retval);
     $retval = htmlspecialchars($retval, ENT_QUOTES, COM_getEncodingt());
     return $retval;
 }
Beispiel #8
0
function prepareStringForDB($message, $postmode = "html", $censor = TRUE, $htmlfilter = TRUE)
{
    global $_FF_CONF;
    if ($censor) {
        $message = COM_checkWords($message);
    }
    if ($postmode == 'html') {
        if ($htmlfilter) {
            // Need to call addslahes again as COM_checkHTML stips it out
            $message = DB_escapeString(COM_checkHTML($message));
        } else {
            $message = DB_escapeString($message);
        }
    } else {
        $message = DB_escapeString(@htmlspecialchars($message, ENT_QUOTES, COM_getEncodingt()));
    }
    return $message;
}
Beispiel #9
0
     for ($i = 1; $i <= $nrows; $i++) {
         $P = DB_fetchArray($result);
         $fres = DB_query("SELECT grp_id,rating_view FROM {$_TABLES['ff_forums']} WHERE forum_id=" . (int) $P['forum']);
         list($forumgrpid, $view_rating) = DB_fetchArray($fres);
         $groupname = DB_getItem($_TABLES['groups'], 'grp_name', "grp_id=" . (int) $forumgrpid);
         if (SEC_inGroup($groupname)) {
             if ($_FF_CONF['enable_user_rating_system'] && !COM_isAnonUser()) {
                 if ($view_rating > $user_rating) {
                     continue;
                 }
             }
             if ($_FF_CONF['use_censor']) {
                 $P['subject'] = COM_checkWords($P['subject']);
             }
             $postdate = COM_getUserDateTimeFormat($P['date']);
             $link = '<a href="' . $_CONF['site_url'] . '/forum/viewtopic.php?forum=' . $P['forum'] . '&amp;showtopic=' . $P['id'] . '&amp;highlight=' . htmlentities($html_query, ENT_QUOTES, COM_getEncodingt()) . '">';
             $report->set_var(array('post_start_ahref' => $link, 'post_subject' => $P['subject'], 'post_end_ahref' => '</a>', 'post_date' => $postdate[0], 'post_replies' => $P['replies'], 'post_views' => $P['views'], 'csscode' => $csscode));
             $report->parse('rrow', 'reportrow', true);
             if ($csscode == 2) {
                 $csscode = 1;
             } else {
                 $csscode++;
             }
         }
     }
 }
 if ($forum == 0) {
     $link = '<p><a href="' . $_CONF['site_url'] . '/forum/index.php">' . $LANG_GF02['msg175'] . '</a></p>';
     $report->set_var('bottomlink', $link);
 } else {
     $link = '<p><a href="' . $_CONF['site_url'] . '/forum/index.php?forum=' . $forum . '">' . $LANG_GF02['msg175'] . '</a></p>';
Beispiel #10
0
function gfm_getoutput($id)
{
    global $_TABLES, $LANG_GF01, $LANG_GF02, $_CONF, $_FF_CONF, $_USER;
    $dt = new Date('now', $_USER['tzid']);
    $id = COM_applyFilter($id, true);
    $result = DB_query("SELECT * FROM {$_TABLES['ff_topic']} WHERE id=" . (int) $id);
    $A = DB_fetchArray($result);
    if ($A['pid'] == 0) {
        $pid = $id;
    } else {
        $pid = $A['pid'];
    }
    $permalink = $_CONF['site_url'] . '/forum/viewtopic.php?topic=' . $id . '#' . $id;
    $A['name'] = COM_checkWords($A['name']);
    $A['name'] = @htmlspecialchars($A['name'], ENT_QUOTES, COM_getEncodingt());
    $A['subject'] = COM_checkWords($A['subject']);
    $A['subject'] = @htmlspecialchars($A["subject"], ENT_QUOTES, COM_getEncodingt());
    $A['comment'] = _ff_FormatForEmail($A['comment'], $A['postmode']);
    $notifymsg = sprintf($LANG_GF02['msg27'], '<a href="' . $_CONF['site_url'] . '/forum/notify.php">' . $_CONF['site_url'] . '/forum/notify.php</a>');
    $dt->setTimestamp($A['date']);
    $date = $dt->format('F d Y @ h:i a');
    if ($A['pid'] == '0') {
        $postid = $A['id'];
    } else {
        $postid = $A['pid'];
    }
    $T = new Template($_CONF['path'] . 'plugins/forum/templates');
    $T->set_file('email', 'notifymessage.thtml');
    $T->set_var(array('post_id' => $postid, 'topic_id' => $A['id'], 'post_subject' => $A['subject'], 'post_date' => $date, 'post_name' => $A['name'], 'post_comment' => $A['comment'], 'notify_msg' => $notifymsg, 'site_name' => $_CONF['site_name'], 'online_version' => sprintf($LANG_GF02['view_online'], $permalink), 'permalink' => $permalink));
    $T->parse('output', 'email');
    $message = $T->finish($T->get_var('output'));
    $T = new Template($_CONF['path'] . 'plugins/forum/templates');
    $T->set_file('email', 'notifymessage_text.thtml');
    $T->set_var(array('post_id' => $postid, 'topic_id' => $A['id'], 'post_subject' => $A['subject'], 'post_date' => $date, 'post_name' => $A['name'], 'post_comment' => $A['comment'], 'notify_msg' => $notifymsg, 'site_name' => $_CONF['site_name'], 'online_version' => sprintf($LANG_GF02['view_online'], $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $postid . '&lastpost=true#' . $A['id'])));
    $T->parse('output', 'email');
    $msgText = $T->finish($T->get_var('output'));
    $html2txt = new html2text($msgText, false);
    $messageText = $html2txt->get_text();
    return array($message, $messageText);
}
Beispiel #11
0
/**
* Callback function to help format links in COM_makeClickableLinks
*
* @param    string  $http   set to 'http://' when not already in the url
* @param    string  $link   the url
* @return   string          link enclosed in <a>...</a> tags
*
*/
function COM_makeClickableLinksCallback($http, $link)
{
    global $_CONF;
    static $encoding = null;
    if ($encoding === null) {
        $encoding = COM_getEncodingt();
    }
    // When $link ends with a period, the period will be moved out of the link
    // text (bug #0001675)
    if (substr($link, -1) === '.') {
        $link = substr($link, 0, -1);
        $end = '.';
    } else {
        $end = '';
    }
    if ($_CONF['linktext_maxlen'] > 0) {
        $text = COM_truncate($link, $_CONF['linktext_maxlen'], '...', 10);
    } else {
        $text = $link;
    }
    $text = htmlspecialchars($text, ENT_QUOTES, $encoding);
    return '<a href="' . $http . $link . '">' . $text . '</a>' . $end;
}
Beispiel #12
0
function _bbcode_htmlspecialchars($text)
{
    return @htmlspecialchars($text, ENT_QUOTES, COM_getEncodingt());
}
Beispiel #13
0
 }
 $metaDesc = trim($shortComment) . $tailString;
 $outputHandle->addMeta('property', 'og:site_name', urlencode($_CONF['site_name']));
 $outputHandle->addMeta('property', 'og:locale', isset($LANG_LOCALE) ? $LANG_LOCALE : 'en_US');
 $outputHandle->addMeta('property', 'og:title', $pagetitle);
 $outputHandle->addMeta('property', 'og:type', 'article');
 $outputHandle->addMeta('property', 'og:url', $permalink);
 if (preg_match('/<img[^>]+src=([\'"])?((?(1).+?|[^\\s>]+))(?(1)\\1)/si', $story->DisplayElements('introtext'), $arrResult)) {
     $outputHandle->addMeta('property', 'og:image', $arrResult[2]);
 } else {
     if (preg_match('/<img[^>]+src=([\'"])?((?(1).+?|[^\\s>]+))(?(1)\\1)/si', $story->DisplayElements('bodytext'), $arrResult)) {
         $outputHandle->addMeta('property', 'og:image', $arrResult[2]);
     }
 }
 $outputHandle->addMeta('property', 'og:description', @htmlspecialchars($metaDesc, ENT_QUOTES, COM_getEncodingt()));
 $outputHandle->addMeta('name', 'description', @htmlspecialchars($metaDesc, ENT_QUOTES, COM_getEncodingt()));
 if (isset($_GET['msg'])) {
     $msg = (int) COM_applyFilter($_GET['msg'], true);
     if ($msg > 0) {
         $plugin = '';
         if (isset($_GET['plugin'])) {
             $plugin = COM_applyFilter($_GET['plugin']);
         }
         $pageBody .= COM_showMessage($msg, $plugin, '', 0, 'info');
     }
 }
 DB_query("UPDATE {$_TABLES['stories']} SET hits = hits + 1 WHERE (sid = '" . DB_escapeString($story->getSid()) . "') AND (date <= NOW()) AND (draft_flag = 0)");
 // Display whats related
 $story_template = new Template($_CONF['path_layout'] . 'article');
 $story_template->set_file('article', 'article.thtml');
 $story_template->set_var('site_admin_url', $_CONF['site_admin_url']);
/**
 *  Display a popup text message
 *
 *  @param string $msg Text to display 
 */
function PAYPAL_popupMsg($msg)
{
    global $_CONF;
    $msg = htmlspecialchars($msg, ENT_QUOTES, COM_getEncodingt());
    $popup = COM_showMessageText($msg);
    return $popup;
}
Beispiel #15
0
/**
*   Get an individual field for the options admin list.
*
*   @param  string  $fieldname  Name of field (from the array, not the db)
*   @param  mixed   $fieldvalue Value of the field
*   @param  array   $A          Array of all fields from the database
*   @param  array   $icon_arr   System icon array (not used)
*   @param  object  $EntryList  This entry list object
*   @return string              HTML for field display in the table
*/
function PAYPAL_getAdminField_Workflow($fieldname, $fieldvalue, $A, $icon_arr)
{
    global $_CONF, $_PP_CONF, $LANG_PP;
    $retval = '';
    switch ($fieldname) {
        case 'enabled':
        case 'notify_buyer':
            if ($fieldvalue == '1') {
                $switch = ' checked="checked"';
                $enabled = 1;
            } else {
                $switch = '';
                $enabled = 0;
            }
            $retval .= "<input type=\"checkbox\" {$switch} value=\"1\" name=\"{$fieldname}_check\" \n                id=\"tog{$fieldname}{$A['id']}\"\n                onclick='PP_toggle(this,\"{$A['id']}\",\"{$fieldname}\"," . "\"{$A['rec_type']}\",\"" . PAYPAL_ADMIN_URL . "\");' />" . LB;
            break;
        case 'orderby':
            $url = PAYPAL_ADMIN_URL . "/index.php?id={$A['id']}&amp;type={$A['rec_type']}&amp;wfmove=";
            $retval = COM_createLink('<img src="' . PAYPAL_URL . '/images/up.png" height="16" width="16" border="0" />', $url . 'up') . COM_createLink('<img src="' . PAYPAL_URL . '/images/down.png" height="16" width="16" border="0" />', $url . 'down');
            break;
        case 'wf_name':
            $retval = $LANG_PP[$fieldvalue];
            break;
        case 'name':
            $retval = $LANG_PP['orderstatus'][$fieldvalue];
            break;
        default:
            $retval = htmlspecialchars($fieldvalue, ENT_QUOTES, COM_getEncodingt());
            break;
    }
    return $retval;
}
Beispiel #16
0
/**
 * Handles a comment submission
 *
 * @copyright Vincent Furia 2005
 * @author Vincent Furia <vinny01 AT users DOT sourceforge DOT net>
 * @return string HTML (possibly a refresh)
 */
function handleSubmit()
{
    global $_PLUGINS;
    $display = '';
    $type = COM_applyFilter($_POST['type']);
    $sid = COM_sanitizeID(COM_applyFilter($_POST['sid']));
    $title = @htmlspecialchars(strip_tags($_POST['title']), ENT_NOQUOTES, COM_getEncodingt());
    $pid = COM_applyFilter($_POST['pid'], true);
    $postmode = COM_applyFilter($_POST['postmode']);
    $comment = '';
    if ($type != 'article') {
        if (!in_array($type, $_PLUGINS)) {
            $type = '';
        }
    }
    $comment = $_POST['comment_text'];
    if (!($display = PLG_commentSave($type, $title, $comment, $sid, $pid, $postmode))) {
        $display = COM_refresh($_CONF['site_url'] . '/index.php');
    }
    return $display;
}
Beispiel #17
0
function MG_mediaEdit($album_id, $media_id, $actionURL = '', $mqueue = 0, $view = 0, $back = '')
{
    global $MG_albums, $_USER, $_CONF, $_MG_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $LANG_MG07, $_POST, $_DB_dbms;
    MG_initAlbums();
    if ($actionURL == '') {
        $actionURL = $_MG_CONF['site_url'] . '/index.php';
    }
    $retval = '';
    $preview = '';
    $preview_end = '';
    $srcURL = '';
    if ($view) {
        $srcURL = '&amp;s=1';
    }
    $T = new Template(MG_getTemplatePath($album_id));
    $T->set_file(array('admin' => 'mediaedit.thtml', 'asf_options' => 'edit_asf_options.thtml', 'mp3_options' => 'edit_mp3_options.thtml', 'swf_options' => 'edit_swf_options.thtml', 'mov_options' => 'edit_mov_options.thtml', 'flv_options' => 'edit_flv_options.thtml'));
    $T->set_var('album_id', $album_id);
    // a little sanity check, make sure the media item really belongs to the passed album.
    $match = 0;
    // Find which albums this image is already in...
    $sql = "SELECT album_id FROM " . ($mqueue ? $_TABLES['mg_media_album_queue'] : $_TABLES['mg_media_albums']) . " WHERE media_id='" . DB_escapeString($media_id) . "'";
    $result = DB_query($sql);
    $nRows = DB_numRows($result);
    $albums = array();
    for ($i = 0; $i < $nRows; $i++) {
        $row = DB_fetchArray($result);
        $albums[$i] = $row['album_id'];
        if ($row['album_id'] == $album_id) {
            $match = 1;
        }
    }
    // pull the media information from the database...
    $sql = "SELECT * FROM " . ($mqueue ? $_TABLES['mg_mediaqueue'] : $_TABLES['mg_media']) . " WHERE media_id='" . DB_escapeString($media_id) . "'";
    $result = DB_query($sql);
    $row = DB_fetchArray($result);
    if ($MG_albums[$album_id]->access != 3 && !SEC_inGroup($MG_albums[$album_id]->mod_group_id) && $row['media_user_id'] != $_USER['uid']) {
        COM_errorLog("Someone has tried to illegally sort albums in Media Gallery.  User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
        return MG_genericError($LANG_MG00['access_denied_msg']);
    }
    // Build Album List
    $level = 0;
    $album_jumpbox = '<select name="albums" width="40">';
    $MG_albums[0]->buildJumpBox($album_id);
    $album_jumpbox .= '</select>';
    // should check the above for errors, etc...
    if ($row['media_type'] == 0) {
        if (!function_exists('MG_readEXIF')) {
            require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-exif.php';
        }
        $exif_info = MG_readEXIF($row['media_id'], 1, $mqueue);
        if ($exif_info == '') {
            $exif_info = '';
        }
    } else {
        $exif_info = '';
    }
    $dtObject = new Date($row['media_time'], $_USER['tzid']);
    $media_time_month = $dtObject->month;
    $media_time_day = $dtObject->day;
    $media_time_year = $dtObject->year;
    $media_time_hour = $dtObject->hour;
    $media_time_minute = $dtObject->minute;
    $month_select = '<select name="media_month">';
    $month_select .= COM_getMonthFormOptions($media_time_month);
    $month_select .= '</select>';
    $day_select = '<select name="media_day">';
    for ($i = 1; $i < 32; $i++) {
        $day_select .= '<option value="' . $i . '"' . ($media_time_day == $i ? 'selected="selected"' : "") . '>' . $i . '</option>';
    }
    $day_select .= '</select>';
    $current_year = (int) date("Y");
    $end_year = $current_year + 10;
    $year_select = '<select name="media_year">';
    for ($i = 1998; $i < $end_year; $i++) {
        $year_select .= '<option value="' . $i . '"' . ($media_time_year == $i ? 'selected="selected"' : "") . '>' . $i . '</option>';
    }
    $year_select .= '</select>';
    $hour_select = '<select name="media_hour">';
    for ($i = 0; $i < 24; $i++) {
        $hour_select .= '<option value="' . $i . '"' . ($media_time_hour == $i ? 'selected="selected"' : "") . '>' . $i . '</option>';
    }
    $hour_select .= '</select>';
    $minute_select = '<select name="media_minute">';
    for ($i = 0; $i < 60; $i++) {
        $minute_select .= '<option value="' . $i . '"' . ($media_time_minute == $i ? 'selected="selected"' : "") . '>' . ($i < 10 ? '0' : '') . $i . '</option>';
    }
    $minute_select .= '</select>';
    $i = 0;
    switch ($row['media_type']) {
        case 0:
            if (!file_exists($_MG_CONF['path_mediaobjects'] . 'disp/' . $row['media_filename'][0] . '/' . $row['media_filename'] . '.' . $row['media_mime_ext'])) {
                $pThumbnail = $row['media_filename'][0] . '/' . $row['media_filename'] . '.jpg';
            } else {
                $pThumbnail = $row['media_filename'][0] . '/' . $row['media_filename'] . '.' . $row['media_mime_ext'];
            }
            $thumbnail = $_MG_CONF['mediaobjects_url'] . '/tn/' . $pThumbnail;
            $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'disp/' . $pThumbnail);
            if ($_CONF['image_lib'] == 'gdlib' && !function_exists("imagerotate")) {
                $rotate_right = '';
                $rotate_left = '';
            } else {
                $rotate_right = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=rotate&amp;action=right' . $srcURL . '&amp;queue=' . $mqueue . '&amp;media_id=' . $row['media_id'] . '&amp;album_id=' . $album_id . '">' . '<img src="' . $_MG_CONF['site_url'] . '/images/rotate_right_icon.gif"  alt="' . $LANG_MG01['rotate_left'] . '" style="border:none;"/></a>';
                $rotate_left = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=rotate&amp;action=left' . $srcURL . '&amp;queue=' . $mqueue . '&amp;media_id=' . $row['media_id'] . '&amp;album_id=' . $album_id . '">' . '<img src="' . $_MG_CONF['site_url'] . '/images/rotate_left_icon.gif" alt="' . $LANG_MG01['rotate_right'] . '" style="border:none;"/></a>';
            }
            break;
        case 1:
            switch ($row['mime_type']) {
                case 'video/x-flv':
                    $thumbnail = $_MG_CONF['mediaobjects_url'] . '/flv.png';
                    $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'flv.png');
                    $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&amp;s=q" : '') . "',415,540)\">";
                    $preview_end = "</a>";
                    break;
                case 'application/x-shockwave-flash':
                    $thumbnail = $_MG_CONF['mediaobjects_url'] . '/flash.png';
                    $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'flash.png');
                    $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&amp;s=q" : '') . "',415,540)\">";
                    $preview_end = "</a>";
                    break;
                case 'video/mpeg':
                case 'video/x-mpeg':
                case 'video/x-mpeq2a':
                    if ($_MG_CONF['use_wmp_mpeg'] == 1) {
                        $thumbnail = $_MG_CONF['mediaobjects_url'] . '/wmp.png';
                        $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'wmp.png');
                        $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&amp;s=q" : '') . "',415,540)\">";
                        $preview_end = "</a>";
                        break;
                    }
                case 'video/x-motion-jpeg':
                case 'video/quicktime':
                case 'video/x-qtc':
                case 'audio/mpeg':
                    $thumbnail = $_MG_CONF['mediaobjects_url'] . '/quicktime.png';
                    $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'quicktime.png');
                    $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&amp;s=q" : '') . "',415,540)\">";
                    $preview_end = "</a>";
                    break;
                case 'video/x-ms-asf':
                case 'video/x-ms-asf-plugin':
                case 'video/avi':
                case 'video/msvideo':
                case 'video/x-msvideo':
                case 'video/avs-video':
                case 'video/x-ms-wmv':
                case 'video/x-ms-wvx':
                case 'video/x-ms-wm':
                case 'application/x-troff-msvideo':
                case 'application/x-ms-wmz':
                case 'application/x-ms-wmd':
                    $thumbnail = $_MG_CONF['mediaobjects_url'] . '/wmp.png';
                    $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'wmp.png');
                    $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&amp;s=q" : '') . "',415,540)\">";
                    $preview_end = "</a>";
                    break;
                default:
                    $thumbnail = $_MG_CONF['mediaobjects_url'] . '/video.png';
                    $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'video.png');
                    break;
            }
            $rotate_right = '';
            $rotate_left = '';
            break;
        case 2:
            $thumbnail = $_MG_CONF['mediaobjects_url'] . '/audio.png';
            $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'audio.png');
            $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&amp;s=q" : '') . "',325,330)\">";
            $preview_end = "</a>";
            $rotate_right = '';
            $rotate_left = '';
            break;
        case 4:
            switch ($row['mime_type']) {
                case 'application/zip':
                    $thumbnail = $_MG_CONF['mediaobjects_url'] . '/zip.png';
                    $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'zip.png');
                    break;
                case 'application/pdf':
                    $thumbnail = $_MG_CONF['mediaobjects_url'] . '/pdf.png';
                    $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'pdf.png');
                    break;
                default:
                    $thumbnail = $_MG_CONF['mediaobjects_url'] . '/generic.png';
                    $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'generic.png');
                    break;
            }
            $rotate_right = '';
            $rotate_left = '';
            break;
        case 5:
            $thumbnail = $_MG_CONF['mediaobjects_url'] . '/remote.png';
            $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'remote.png');
            $rotate_left = '';
            $rotate_right = '';
            break;
    }
    $media_time = MG_getUserDateTimeFormat($row['media_time']);
    if ($row['media_tn_attached'] == 1) {
        foreach ($_MG_CONF['validExtensions'] as $ext) {
            if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext)) {
                $pAttachedThumbnail = $_MG_CONF['path_mediaobjects'] . 'tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext;
                $iAttachedThumbnail = $_MG_CONF['mediaobjects_url'] . '/tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext;
                break;
            }
        }
        $atnsize = @getimagesize($pAttachedThumbnail);
        if ($atnsize != FALSE) {
            if ($atnsize[0] > $atnsize[1]) {
                $ratio = $atnsize[0] / 200;
                $newwidth = 200;
                $newheight = round($atnsize[1] / $ratio);
            } else {
                $ratio = $atnsize[1] / 200;
                $newheight = 200;
                $newwidth = round($atnsize[0] / $ratio);
            }
            $atnsize = 'height="' . $newheight . '" width="' . $newwidth . '"';
        } else {
            $atnsize = '';
        }
        $T->set_var(array('attached_thumbnail' => '<img src="' . $_MG_CONF['mediaobjects_url'] . '/tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext . '" alt="" ' . $atnsize . '/>'));
    }
    // playback options, if needed...
    if ($row['mime_type'] == 'video/x-ms-asf' || $row['mime_type'] == 'video/x-ms-wvx' || $row['mime_type'] == 'video/x-ms-wm' || $row['mime_type'] == 'video/x-ms-wmx' || $row['mime_type'] == 'video/x-ms-wmv' || $row['mime_type'] == 'audio/x-ms-wma' || $row['mime_type'] == 'video/x-msvideo') {
        // pull defaults, then override...
        $playback_options['autostart'] = $_MG_CONF['asf_autostart'];
        $playback_options['enablecontextmenu'] = $_MG_CONF['asf_enablecontextmenu'];
        $playback_options['stretchtofit'] = $_MG_CONF['asf_stretchtofit'];
        $playback_options['uimode'] = $_MG_CONF['asf_uimode'];
        $playback_options['showstatusbar'] = $_MG_CONF['asf_showstatusbar'];
        $playback_options['playcount'] = $_MG_CONF['asf_playcount'];
        $playback_options['height'] = $_MG_CONF['asf_height'];
        $playback_options['width'] = $_MG_CONF['asf_width'];
        $playback_options['bgcolor'] = $_MG_CONF['asf_bgcolor'];
        $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'");
        $poNumRows = DB_numRows($poResult);
        for ($i = 0; $i < $poNumRows; $i++) {
            $poRow = DB_fetchArray($poResult);
            $playback_options[$poRow['option_name']] = $poRow['option_value'];
        }
        $uimode_select = '<select name="uimode">';
        $uimode_select .= '<option value="none" ' . ($playback_options['uimode'] == 'none' ? ' selected="selected"' : '') . '>' . $LANG_MG07['none'] . '</option>';
        $uimode_select .= '<option value="mini" ' . ($playback_options['uimode'] == 'mini' ? ' selected="selected"' : '') . '>' . $LANG_MG07['mini'] . '</option>';
        $uimode_select .= '<option value="full" ' . ($playback_options['uimode'] == 'full' ? ' selected="selected"' : '') . '>' . $LANG_MG07['full'] . '</option>';
        $uimode_select .= '</select>';
        $T->set_var(array('autostart_enabled' => $playback_options['autostart'] ? ' checked="checked"' : '', 'autostart_disabled' => $playback_options['autostart'] ? '' : ' checked="checked"', 'enablecontextmenu_enabled' => $playback_options['enablecontextmenu'] ? ' checked="checked"' : '', 'enablecontextmenu_disabled' => $playback_options['enablecontextmenu'] ? '' : ' checked="checked"', 'stretchtofit_enabled' => $playback_options['stretchtofit'] ? ' checked="checked"' : '', 'stretchtofit_disabled' => $playback_options['stretchtofit'] ? '' : ' checked="checked"', 'showstatusbar_enabled' => $playback_options['showstatusbar'] ? ' checked="checked"' : '', 'showstatusbar_disabled' => $playback_options['showstatusbar'] ? '' : ' checked="checked"', 'uimode_select' => $uimode_select, 'uimode' => $playback_options['uimode'], 'playcount' => $playback_options['playcount'], 'height' => $playback_options['height'], 'width' => $playback_options['width'], 'bgcolor' => $playback_options['bgcolor'], 'lang_playcount' => $LANG_MG07['playcount'], 'lang_playcount_help' => $LANG_MG07['playcount_help'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_enable_context_menu' => $LANG_MG07['enable_context_menu'], 'lang_enable_context_menu_help' => $LANG_MG07['enable_context_menu_help'], 'lang_stretch_to_fit' => $LANG_MG07['stretch_to_fit'], 'lang_stretch_to_fit_help' => $LANG_MG07['stretch_to_fit_help'], 'lang_status_bar' => $LANG_MG07['status_bar'], 'lang_status_bar_help' => $LANG_MG07['status_bar_help'], 'lang_ui_mode' => $LANG_MG07['ui_mode'], 'lang_ui_mode_help' => $LANG_MG07['ui_mode_help'], 'lang_height' => $LANG_MG07['height'], 'lang_width' => $LANG_MG07['width'], 'lang_height_help' => $LANG_MG07['height_help'], 'lang_width_help' => $LANG_MG07['width_help'], 'lang_bgcolor' => $LANG_MG07['bgcolor'], 'lang_resolution' => $LANG_MG07['resolution'], 'resolution' => $row['media_resolution_x'] > 0 && $row['media_resolution_y'] > 0 ? $row['media_resolution_x'] . 'x' . $row['media_resolution_y'] : 'unknown', 'lang_bgcolor_help' => $LANG_MG07['bgcolor_help']));
        $T->parse('playback_options', 'asf_options');
    }
    if ($row['mime_type'] == 'audio/mpeg') {
        // pull defaults, then override...
        $playback_options['autostart'] = $_MG_CONF['mp3_autostart'];
        $playback_options['enablecontextmenu'] = $_MG_CONF['mp3_enablecontextmenu'];
        $playback_options['uimode'] = $_MG_CONF['mp3_uimode'];
        $playback_options['showstatusbar'] = $_MG_CONF['mp3_showstatusbar'];
        $playback_options['loop'] = $_MG_CONF['mp3_loop'];
        $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'");
        $poNumRows = DB_numRows($poResult);
        for ($i = 0; $i < $poNumRows; $i++) {
            $poRow = DB_fetchArray($poResult);
            $playback_options[$poRow['option_name']] = $poRow['option_value'];
        }
        $uimode_select = '<select name="uimode">';
        $uimode_select .= '<option value="none" ' . ($playback_options['uimode'] == 'none' ? ' selected="selected"' : '') . '>' . $LANG_MG07['none'] . '</option>';
        $uimode_select .= '<option value="mini" ' . ($playback_options['uimode'] == 'mini' ? ' selected="selected"' : '') . '>' . $LANG_MG07['mini'] . '</option>';
        $uimode_select .= '<option value="full" ' . ($playback_options['uimode'] == 'full' ? ' selected="selected"' : '') . '>' . $LANG_MG07['full'] . '</option>';
        $uimode_select .= '</select>';
        $T->set_var(array('audio_tab' => true, 'autostart_enabled' => $playback_options['autostart'] ? ' checked="checked"' : '', 'autostart_disabled' => $playback_options['autostart'] ? '' : ' checked="checked"', 'enablecontextmenu_enabled' => $playback_options['enablecontextmenu'] ? ' checked="checked"' : '', 'enablecontextmenu_disabled' => $playback_options['enablecontextmenu'] ? '' : ' checked="checked"', 'showstatusbar_enabled' => $playback_options['showstatusbar'] ? ' checked="checked"' : '', 'showstatusbar_disabled' => $playback_options['showstatusbar'] ? '' : ' checked="checked"', 'loop_enabled' => $playback_options['loop'] ? ' checked="checked"' : '', 'loop_disabled' => $playback_options['loop'] ? '' : ' checked="checked"', 'uimode_select' => $uimode_select, 'uimode' => $playback_options['uimode'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_enable_context_menu' => $LANG_MG07['enable_context_menu'], 'lang_enable_context_menu_help' => $LANG_MG07['enable_context_menu_help'], 'lang_stretch_to_fit' => $LANG_MG07['stretch_to_fit'], 'lang_stretch_to_fit_help' => $LANG_MG07['stretch_to_fit_help'], 'lang_status_bar' => $LANG_MG07['status_bar'], 'lang_status_bar_help' => $LANG_MG07['status_bar_help'], 'lang_ui_mode' => $LANG_MG07['ui_mode'], 'lang_ui_mode_help' => $LANG_MG07['ui_mode_help'], 'lang_loop' => $LANG_MG07['loop'], 'lang_loop_help' => $LANG_MG07['loop_help']));
        $T->parse('playback_options', 'mp3_options');
    }
    if ($row['mime_type'] == 'application/x-shockwave-flash' || $row['mime_type'] == 'video/x-flv') {
        // pull defaults, then override...
        $playback_options['play'] = $_MG_CONF['swf_play'];
        $playback_options['menu'] = $_MG_CONF['swf_menu'];
        $playback_options['quality'] = $_MG_CONF['swf_quality'];
        $playback_options['height'] = $_MG_CONF['swf_height'];
        $playback_options['width'] = $_MG_CONF['swf_width'];
        $playback_options['loop'] = $_MG_CONF['swf_loop'];
        $playback_options['scale'] = $_MG_CONF['swf_scale'];
        $playback_options['wmode'] = $_MG_CONF['swf_wmode'];
        $playback_options['allowscriptaccess'] = $_MG_CONF['swf_allowscriptaccess'];
        $playback_options['bgcolor'] = $_MG_CONF['swf_bgcolor'];
        $playback_options['swf_version'] = $_MG_CONF['swf_version'];
        $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'");
        $poNumRows = DB_numRows($poResult);
        for ($i = 0; $i < $poNumRows; $i++) {
            $poRow = DB_fetchArray($poResult);
            $playback_options[$poRow['option_name']] = $poRow['option_value'];
        }
        $quality_select = '<select name="quality">';
        $quality_select .= '<option value="low" ' . ($playback_options['quality'] == 'low' ? ' selected="selected"' : '') . '>' . $LANG_MG07['low'] . '</option>';
        $quality_select .= '<option value="high" ' . ($playback_options['quality'] == 'high' ? ' selected="selected"' : '') . '>' . $LANG_MG07['high'] . '</option>';
        $quality_select .= '</select>';
        $scale_select = '<select name="scale">';
        $scale_select .= '<option value="showall" ' . ($playback_options['scale'] == 'showall' ? ' selected="selected"' : '') . '>' . $LANG_MG07['showall'] . '</option>';
        $scale_select .= '<option value="noborder" ' . ($playback_options['scale'] == 'noborder' ? ' selected="selected"' : '') . '>' . $LANG_MG07['noborder'] . '</option>';
        $scale_select .= '<option value="exactfit" ' . ($playback_options['scale'] == 'exactfit' ? ' selected="selected"' : '') . '>' . $LANG_MG07['exactfit'] . '</option>';
        $scale_select .= '</select>';
        $wmode_select = '<select name="wmode">';
        $wmode_select .= '<option value="window" ' . ($playback_options['wmode'] == 'window' ? ' selected="selected"' : '') . '>' . $LANG_MG07['window'] . '</option>';
        $wmode_select .= '<option value="opaque" ' . ($playback_options['wmode'] == 'opaque' ? ' selected="selected"' : '') . '>' . $LANG_MG07['opaque'] . '</option>';
        $wmode_select .= '<option value="transparent" ' . ($playback_options['wmode'] == 'transparent' ? ' selected="selected"' : '') . '>' . $LANG_MG07['transparent'] . '</option>';
        $wmode_select .= '</select>';
        $asa_select = '<select name="allowscriptaccess">';
        $asa_select .= '<option value="always" ' . ($playback_options['allowscriptaccess'] == 'always' ? ' selected="selected"' : '') . '>' . $LANG_MG07['always'] . '</option>';
        $asa_select .= '<option value="sameDomain" ' . ($playback_options['allowscriptaccess'] == 'sameDomain' ? ' selected="selected"' : '') . '>' . $LANG_MG07['sameDomain'] . '</option>';
        $asa_select .= '<option value="never" ' . ($playback_options['allowscriptaccess'] == 'never' ? ' selected="selected"' : '') . '>' . $LANG_MG07['never'] . '</option>';
        $asa_select .= '</select>';
        $T->set_var(array('play_enabled' => $playback_options['play'] ? ' checked="checked"' : '', 'play_disabled' => $playback_options['play'] ? '' : ' checked="checked"', 'menu_enabled' => $playback_options['menu'] ? ' checked="checked"' : '', 'menu_disabled' => $playback_options['menu'] ? '' : ' checked="checked"', 'loop_enabled' => $playback_options['loop'] ? ' checked="checked"' : '', 'loop_disabled' => $playback_options['loop'] ? '' : ' checked="checked"', 'quality_select' => $quality_select, 'scale_select' => $scale_select, 'wmode_select' => $wmode_select, 'asa_select' => $asa_select, 'flashvars' => isset($playback_options['flashvars']) ? $playback_options['flashvars'] : '', 'height' => $playback_options['height'], 'width' => $playback_options['width'], 'bgcolor' => $playback_options['bgcolor'], 'swf_version' => $playback_options['swf_version'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_height' => $LANG_MG07['height'], 'lang_width' => $LANG_MG07['width'], 'lang_height_help' => $LANG_MG07['height_help'], 'lang_width_help' => $LANG_MG07['width_help'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_menu' => $LANG_MG07['menu'], 'lang_menu_help' => $LANG_MG07['menu_help'], 'lang_scale' => $LANG_MG07['scale'], 'lang_swf_scale_help' => $LANG_MG07['swf_scale_help'], 'lang_wmode' => $LANG_MG07['wmode'], 'lang_wmode_help' => $LANG_MG07['wmode_help'], 'lang_loop' => $LANG_MG07['loop'], 'lang_loop_help' => $LANG_MG07['loop_help'], 'lang_quality' => $LANG_MG07['quality'], 'lang_quality_help' => $LANG_MG07['quality_help'], 'lang_flash_vars' => $LANG_MG07['flash_vars'], 'lang_asa' => $LANG_MG07['asa'], 'lang_asa_help' => $LANG_MG07['asa_help'], 'lang_bgcolor' => $LANG_MG07['bgcolor'], 'lang_bgcolor_help' => $LANG_MG07['bgcolor_help'], 'lang_swf_version_help' => $LANG_MG07['swf_version_help']));
        if ($row['mime_type'] == 'application/x-shockwave-flash') {
            $T->parse('playback_options', 'swf_options');
        } else {
            $T->parse('playback_options', 'flv_options');
        }
    }
    if ($row['media_mime_ext'] == 'mov' || $row['media_mime_ext'] == 'mp4' || $row['mime_type'] == 'video/quicktime' || $row['mime_type'] == 'video/mpeg') {
        // pull defaults, then override...
        $playback_options['autoref'] = $_MG_CONF['mov_autoref'];
        $playback_options['autoplay'] = $_MG_CONF['mov_autoplay'];
        $playback_options['controller'] = $_MG_CONF['mov_controller'];
        $playback_options['kioskmode'] = isset($_MG_CONF['mov_kioskmod']) ? $_MG_CONF['mov_kiokmode'] : '';
        $playback_options['scale'] = $_MG_CONF['mov_scale'];
        $playback_options['loop'] = $_MG_CONF['mov_loop'];
        $playback_options['height'] = $_MG_CONF['mov_height'];
        $playback_options['width'] = $_MG_CONF['mov_width'];
        $playback_options['bgcolor'] = $_MG_CONF['mov_bgcolor'];
        $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'");
        $poNumRows = DB_numRows($poResult);
        for ($i = 0; $i < $poNumRows; $i++) {
            $poRow = DB_fetchArray($poResult);
            $playback_options[$poRow['option_name']] = $poRow['option_value'];
        }
        $scale_select = '<select name="scale">';
        $scale_select .= '<option value="tofit" ' . ($playback_options['scale'] == 'tofit' ? ' selected="selected"' : '') . '>' . $LANG_MG07['to_fit'] . '</option>';
        $scale_select .= '<option value="aspect" ' . ($playback_options['scale'] == 'aspect' ? ' selected="selected"' : '') . '>' . $LANG_MG07['aspect'] . '</option>';
        $scale_select .= '<option value="1" ' . ($playback_options['scale'] == '1' ? ' selected="selected"' : '') . '>' . $LANG_MG07['normal_size'] . '</option>';
        $scale_select .= '</select>';
        $T->set_var(array('autoref_enabled' => $playback_options['autoref'] ? ' checked="checked"' : '', 'autoref_disabled' => $playback_options['autoref'] ? '' : ' checked="checked"', 'autoplay_enabled' => $playback_options['autoplay'] ? ' checked="checked"' : '', 'autoplay_disabled' => $playback_options['autoplay'] ? '' : ' checked="checked"', 'controller_enabled' => $playback_options['controller'] ? ' checked="checked"' : '', 'controller_disabled' => $playback_options['controller'] ? '' : ' checked="checked"', 'kioskmode_enabled' => $playback_options['kioskmode'] ? ' checked="checked"' : '', 'kioskmode_disabled' => $playback_options['kioskmode'] ? '' : ' checked="checked"', 'scale_select' => $scale_select, 'loop_enabled' => $playback_options['loop'] ? ' checked="checked"' : '', 'loop_disabled' => $playback_options['loop'] ? '' : ' checked="checked"', 'height' => $playback_options['height'], 'width' => $playback_options['width'], 'bgcolor' => $playback_options['bgcolor'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_height' => $LANG_MG07['height'], 'lang_width' => $LANG_MG07['width'], 'lang_height_help' => $LANG_MG07['height_help'], 'lang_width_help' => $LANG_MG07['width_help'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_auto_ref' => $LANG_MG07['auto_ref'], 'lang_auto_ref_help' => $LANG_MG07['auto_ref_help'], 'lang_controller' => $LANG_MG07['controller'], 'lang_controller_help' => $LANG_MG07['controller_help'], 'lang_kiosk_mode' => $LANG_MG07['kiosk_mode'], 'lang_kiosk_mode_help' => $LANG_MG07['kiosk_mode_help'], 'lang_scale' => $LANG_MG07['scale'], 'lang_scale_help' => $LANG_MG07['scale_help'], 'lang_loop' => $LANG_MG07['loop'], 'lang_loop_help' => $LANG_MG07['loop_help'], 'lang_bgcolor' => $LANG_MG07['bgcolor'], 'lang_bgcolor_help' => $LANG_MG07['bgcolor_help']));
        $T->parse('playback_options', 'mov_options');
    }
    $T->set_var(array('original_filename' => $row['media_original_filename'], 'attach_tn' => $row['media_tn_attached'], 'at_tn_checked' => $row['media_tn_attached'] == 1 ? ' checked="checked"' : '', 'album_id' => $album_id, 'media_thumbnail' => $thumbnail, 'nocache' => time(), 'media_id' => $row['media_id'], 'media_title' => $row['media_title'], 'media_desc' => $row['media_desc'], 'media_time' => $media_time[0], 'media_views' => $row['media_views'], 'media_comments' => $row['media_comments'], 'media_exif_info' => $exif_info, 'media_rating_max' => 5, 'height' => $size[1] + 50, 'width' => $size[0] + 40, 'queue' => $mqueue, 'month_select' => $month_select, 'day_select' => $day_select, 'year_select' => $year_select, 'hour_select' => $hour_select, 'minute_select' => $minute_select, 'user_ip' => $row['media_user_ip'], 'album_select' => $album_jumpbox, 'media_rating' => $row['media_rating'] / 2, 'media_votes' => $row['media_votes'], 's_mode' => 'edit', 's_title' => $LANG_MG01['edit_media'], 's_rotate_right' => $rotate_right, 's_rotate_left' => $rotate_left, 's_form_action' => $actionURL, 'allowed_html' => COM_allowedHTML(SEC_getUserPermissions(), false, 'mediagallery', 'media_title'), 'site_url' => $_MG_CONF['site_url'], 'preview' => $preview, 'preview_end' => $preview_end));
    if ($row['remote_media'] == 1) {
        $T->set_var(array('remoteurl' => $row['remote_url'], 'lang_remote_url' => $LANG_MG01['remote_url']));
    } else {
        $T->set_var(array('remoteurl' => $row['remote_url'], 'lang_remote_url' => $LANG_MG01['alternate_url']));
    }
    if ($row['media_type'] == 1) {
        $T->set_var(array('lang_resolution' => $LANG_MG07['resolution'], 'resolution' => $row['media_resolution_x'] > 0 && $row['media_resolution_y'] > 0 ? $row['media_resolution_x'] . 'x' . $row['media_resolution_y'] : 'unknown'));
    } else {
        $T->set_var(array('lang_resolution' => '', 'resolution' => ''));
    }
    // Pull user information now
    if ($row['media_user_id'] != '') {
        if ($_CONF['show_fullname']) {
            $displayname = 'fullname';
        } else {
            $displayname = 'username';
        }
        $username = DB_getItem($_TABLES['users'], $displayname, "uid={$row['media_user_id']}");
    } else {
        $username = '';
    }
    $userselect = '<select name="owner_name"> ';
    $sql = "SELECT * FROM {$_TABLES['users']} WHERE status=3 AND uid > 1 ORDER BY username ASC";
    $result = DB_query($sql);
    while ($userRow = DB_fetchArray($result)) {
        $userselect .= '<option value="' . $userRow['uid'] . '"' . ($userRow['uid'] == $row['media_user_id'] ? ' selected="selected"' : '') . '>' . $userRow['username'] . '</option>' . LB;
    }
    $userselect .= '</select>';
    if (SEC_hasRights('mediagallery.admin')) {
        $T->set_var('username', $userselect);
    } else {
        $T->set_var('username', $username);
    }
    $cat_select = '<select name="cat_id" id="cat_id">';
    $cat_select .= '<option value="">' . $LANG_MG01['no_category'] . '</option>';
    $result = DB_query("SELECT * FROM {$_TABLES['mg_category']} ORDER BY cat_id ASC");
    while ($catRow = DB_fetchArray($result)) {
        $cat_select .= '<option value="' . $catRow['cat_id'] . '" ' . ($catRow['cat_id'] == $row['media_category'] ? ' selected="selected"' : '') . '>' . $catRow['cat_name'] . '</option>';
    }
    $cat_select .= '</select>';
    // keywords
    $keywords = $row['media_keywords'];
    if ($back != '') {
        $T->set_var(array('rpath' => htmlentities($back, ENT_QUOTES, COM_getEncodingt())));
    } else {
        $T->set_var(array('rpath' => ''));
    }
    $artist = $row['artist'];
    $musicalbum = $row['album'];
    $genre = $row['genre'];
    // language items...
    $T->set_var(array('lang_original_filename' => $LANG_MG01['original_filename'], 'lang_media_item' => $LANG_MG00['media_col_header'], 'lang_media_attributes' => $LANG_MG01['media_attributes'], 'lang_mediaattributes' => $LANG_MG01['mediaattributes'], 'lang_attached_thumbnail' => $LANG_MG01['attached_thumbnail'], 'lang_category' => $LANG_MG01['category'], 'lang_keywords' => $LANG_MG01['keywords'], 'lang_rating' => $LANG_MG03['rating'], 'lang_comments' => $LANG_MG03['comments'], 'lang_votes' => $LANG_MG03['votes'], 'media_edit_title' => $LANG_MG01['media_edit'], 'media_edit_help' => $LANG_MG01['media_edit_help'], 'rotate_left' => $LANG_MG01['rotate_left'], 'rotate_right' => $LANG_MG01['rotate_right'], 'lang_title' => $LANG_MG01['title'], 'albums' => $LANG_MG01['albums'], 'description' => $LANG_MG01['description'], 'capture_time' => $LANG_MG01['capture_time'], 'views' => $LANG_MG03['views'], 'uploaded_by' => $LANG_MG01['uploaded_by'], 'submit' => $LANG_MG01['submit'], 'cancel' => $LANG_MG01['cancel'], 'reset' => $LANG_MG01['reset'], 'lang_save' => $LANG_MG01['save'], 'lang_reset' => $LANG_MG01['reset'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_reset_rating' => $LANG_MG01['reset_rating'], 'lang_reset_views' => $LANG_MG01['reset_views'], 'cat_select' => $cat_select, 'media_keywords' => $keywords, 'lang_replacefile' => $LANG_MG01['replace_file'], 'artist' => $artist, 'musicalbum' => $musicalbum, 'genre' => $genre, 'lang_artist' => $LANG_MG01['artist'], 'lang_genre' => $LANG_MG01['genre'], 'lang_music_album' => $LANG_MG01['music_album']));
    $T->parse('output', 'admin');
    $retval .= $T->finish($T->get_var('output'));
    return $retval;
}
Beispiel #18
0
    echo COM_siteHeader();
    echo FF_alertMessage($LANG_GF02['msg02'], $LANG_GF02['msg171']);
    echo COM_siteFooter();
    exit;
}
if (!_ff_canUserViewRating($forum)) {
    echo COM_siteHeader();
    echo FF_alertMessage($LANG_GF02['msg02'], $LANG_GF02['msg171']);
    echo COM_siteFooter();
    exit;
}
$result = DB_query("SELECT * FROM {$_TABLES['ff_topic']} WHERE (id=" . (int) $id . ")");
$A = DB_fetchArray($result);
if ($_FF_CONF['allow_smilies']) {
    $search = array(":D", ":)", ":(", "8O", ":?", "B)", ":lol:", ":x", ":P", ":oops:", ":o", ":cry:", ":evil:", ":twisted:", ":roll:", ";)", ":!:", ":question:", ":idea:", ":arrow:", ":|", ":mrgreen:", ":mrt:", ":love:", ":cat:");
    $replace = array("<img style=\"vertical-align:middle;\" src='images/smilies/biggrin.gif' alt='Big Grin'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/smile.gif' alt='Smile'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/frown.gif' alt='Frown'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/eek.gif' alt='Eek!'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/confused.gif' alt='Confused'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/cool.gif' alt='Cool'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/lol.gif' alt='Laughing Out Loud'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/mad.gif' alt='Angry'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/razz.gif' alt='Razz'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/redface.gif' alt='Oops!'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/surprised.gif' alt='Surprised!'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/cry.gif' alt='Cry'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/evil.gif' alt='Evil'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/twisted.gif' alt='Twisted Evil'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/rolleyes.gif' alt='Rolling Eyes'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/wink.gif' alt='Wink'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/exclaim.gif' alt='Exclaimation'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/question.gif' alt='Question'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/idea.gif' alt='Idea'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/arrow.gif' alt='Arrow'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/neutral.gif' alt='Neutral'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/mrgreen.gif' alt='Mr. Green'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/mrt.gif' alt='Mr. T'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/heart.gif' alt='Love'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/cat.gif' alt='Kitten'/>");
}
$A["name"] = COM_checkWords($A["name"]);
$A["name"] = @htmlspecialchars($A["name"], ENT_QUOTES, COM_getEncodingt());
$A["subject"] = COM_checkWords($A["subject"]);
$A["subject"] = stripslashes(@htmlspecialchars($A["subject"], ENT_QUOTES, COM_getEncodingt()));
$A['comment'] = ff_FormatForPrint($A['comment'], $A['postmode'], '', $A['status']);
list($cacheFile, $style_cache_url) = COM_getStyleCacheLocation();
$date = strftime('%B %d %Y @ %I:%M %p', $A['date']);
echo "\n    <html>\n    <head>\n        <title>{$_CONF['site_name']} - " . $LANG_GF02['msg147'] . " {$A['id']}]</title>\n        <link rel=\"stylesheet\" type=\"text/css\" href=\"{$style_cache_url}\">\n    </head>\n    <body onload=\"window.print();\">\n      <div style=\"box-sizing: border-box;max-width:980px;padding:0px 25px;\">\n        <font face=\"verdana\" size=\"2\">\n                <h3>{$LANG_GF01['SUBJECT']}: {$A['subject']}</h3>\n                <b>{$LANG_GF01['POSTEDON']}:</b> {$date}\n            <br>\n                <b>{$LANG_GF01['BY']}</b> {$A['name']}\n            <br>\n            <br>\n            <b>{$LANG_GF01['CONTENT']}:</b>\n            <p>{$A['comment']}</p>\n            <hr width=\"25%\" align=\"left\">\n\n        <br>\n        <b>{$LANG_GF01['REPLIES']}:</b>\n        <hr width=\"50%\" align=\"left\">\n        <br>\n";
$result2 = DB_query("SELECT * FROM {$_TABLES['ff_topic']} WHERE (pid=" . (int) $id . ")");
while ($B = DB_fetchArray($result2)) {
    $date = strftime('%B %d %Y @ %I:%M %p', $B['date']);
    echo "\n\n                <h4>{$B['subject']}</h4>\n                <b>{$LANG_GF01['POSTEDON']}:</b> {$date}\n            <br>\n                <b>{$LANG_GF01['BY']}</b> {$B['name']}\n            <br>\n            <br>\n            <b>{$LANG_GF01['CONTENT']}:</b>\n            <p>" . ff_FormatForPrint($B['comment'], $B['postmode']) . "</p>\n            <hr width=\"25%\" align=\"left\">\n\n";
}
echo "\n\n            <p>{$_CONF['site_name']} - {$LANG_GF01['FORUM']}<br/>\n                    <a href=\"{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$A['id']}\">{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$A['id']}</a>\n            </p>\n\n        </font>\n      </div>\n    </body>\n    </html>\n";
Beispiel #19
0
}
if ($total_print_pages == 0) {
    $total_print_pages = 1;
}
//$T = new Template($_CONF['path_html'] . $mb_base_path . '/templates');
$T = new Template($_CONF['path'] . 'plugins/ckeditor/templates/mediagallery');
$T->set_file(array('page' => 'mb.thtml', 'body' => 'mb_body.thtml'));
$birdseed = $MG_albums[$album_id]->getPath(0, '');
$refresh = isset($_REQUEST['refresh']) ? COM_applyFilter($_REQUEST['refresh'], true) : 0;
if ($refresh != 1) {
    // initial call
    $T->set_var(array('border_yes' => $_mgMB_CONF['at_border'] == 1 ? ' selected="selected"' : '', 'border_no' => $_mgMB_CONF['at_border'] == 1 ? '' : ' selected="selected"', 'algin_none' => $_mgMB_CONF['at_align'] == 'none' ? ' selected="selected"' : '', 'align_auto' => $_mgMB_CONF['at_align'] == 'auto' ? ' selected="selected"' : '', 'align_right' => $_mgMB_CONF['at_align'] == 'right' ? ' selected="selected"' : '', 'align_left' => $_mgMB_CONF['at_align'] == 'left' ? ' selected="selected"' : '', 'width' => $_mgMB_CONF['at_width'], 'height' => $_mgMB_CONF['at_height'], 'delay' => $_mgMB_CONF['at_delay'], 'src_tn' => $_mgMB_CONF['at_src'] == 'tn' ? ' selected="selected"' : '', 'src_disp' => $_mgMB_CONF['at_src'] == 'disp' ? ' selected="selected"' : '', 'src_orig' => $_mgMB_CONF['at_src'] == 'orig' ? ' selected="selected"' : '', 'autoplay_yes' => $_mgMB_CONF['at_autoplay'] == 1 ? ' selected="selected"' : '', 'autoplay_no' => $_mgMB_CONF['at_autoplay'] == 1 ? '' : ' selected="selected"', 'link_yes' => $_mgMB_CONF['at_enable_link'] == 1 ? ' selected="selected"' : '', 'link_no' => $_mgMB_CONF['at_enable_link'] == 1 ? '' : ' selected="selected"', 'alturl_no' => isset($_mgMB_CONF['at_alt_url']) && $_mgMB_CONF['at_alt_url'] == 1 ? '' : ' selected="selected"', 'alturl_yes' => isset($_mgMB_CONF['at_alt_url']) && $_mgMB_CONF['at_alt_url'] == 1 ? ' selected="selected"' : ''));
} else {
    $T->set_var(array('border_yes' => $_POST['border'] == 1 ? ' selected="selected"' : '', 'border_no' => $_POST['border'] == 1 ? '' : ' selected="selected"', 'align_none' => $_POST['alignment'] == 'none' ? ' selected="selected"' : '', 'align_auto' => $_POST['alignment'] == 'auto' ? ' selected="selected"' : '', 'align_right' => $_POST['alignment'] == 'right' ? ' selected="selected"' : '', 'align_left' => $_POST['alignment'] == 'left' ? ' selected="selected"' : '', 'width' => $_POST['width'], 'height' => $_POST['height'], 'delay' => isset($_POST['delay']) ? $_POST['delay'] : $_mgMB_CONF['at_delay'], 'src_tn' => $_POST['source'] == 'tn' ? ' selected="selected"' : '', 'src_disp' => $_POST['source'] == 'disp' ? ' selected="selected"' : '', 'src_orig' => $_POST['source'] == 'orig' ? ' selected="selected"' : '', 'autoplay_yes' => $_POST['autoplay'] == 1 ? ' selected="selected"' : '', 'autoplay_no' => $_POST['autoplay'] == 1 ? '' : ' selected="selected"', 'link_yes' => $_POST['link'] == 1 ? ' selected="selected"' : '', 'link_no' => $_POST['link'] == 1 ? '' : ' selected="selected"', 'alturl_yes' => $_POST['alturl'] == 1 ? ' selected="selected"' : '', 'alturl_no' => $_POST['alturl'] == 1 ? '' : ' selected="selected"', 'albumon' => $_POST['autotag'] == 'album' ? ' checked=checked' : '', 'slideshowon' => $_POST['autotag'] == 'slideshow' ? ' checked=checked' : '', 'fslideshowon' => $_POST['autotag'] == 'fslideshow' ? ' checked=checked' : '', 'mediaon' => $_POST['autotag'] == 'media' ? ' checked=checked' : '', 'mlinkon' => $_POST['autotag'] == 'mlink' ? ' checked=checked' : '', 'imgon' => $_POST['autotag'] == 'img' ? ' checked=checked' : '', 'videoon' => $_POST['autotag'] == 'video' ? ' checked=checked' : '', 'audioon' => $_POST['autotag'] == 'audio' ? 'checked=checked' : '', 'playallon' => $_POST['autotag'] == 'playall' ? 'checked=checked' : '', 'caption' => $_POST['caption']));
}
$self_url = @htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, COM_getEncodingt());
$T->set_var(array('s_form_action' => $self_url, 'site_url' => $_MG_CONF['site_url'], 'birdseed' => $birdseed, 'album_title' => PLG_replaceTags($MG_albums[$album_id]->title), 'table_columns' => $columns_per_page, 'table_column_width' => intval(100 / $columns_per_page) . '%', 'top_pagination' => COM_printPageNavigation($self_url . '?aid=' . $album_id . '&amp;i=' . $instance . '&amp;refresh=1', $page + 1, ceil($total_items_in_album / $media_per_page)), 'bottom_pagination' => COM_printPageNavigation($self_url . '?aid=' . $album_id . '&amp;i=' . $instance . '&amp;refresh=1', $page + 1, ceil($total_items_in_album / $media_per_page)), 'page_number' => sprintf("%s %d %s %d", $LANG_MG03['page'], $current_print_page, $LANG_MG03['of'], $total_print_pages), 'jumpbox' => $album_jumpbox_full, 'jumpbox_raw' => $album_jumpbox_raw, 'album_id' => $album_id, 'instance' => $instance, 'lang_menulabel' => $LANG_mgMB['menulabel'], 'lang_select_album' => $LANG_mgMB['select_album'], 'lang_go' => $LANG_mgMB['go'], 'lang_error_header' => $LANG_mgMB['error_header'], 'lang_current_album' => $LANG_mgMB['current_album'], 'lang_autotag_attr' => $LANG_mgMB['autotag_attr'], 'lang_album' => $LANG_mgMB['album'], 'lang_playall' => $LANG_mgMB['playall'], 'lang_slideshow' => $LANG_mgMB['slideshow'], 'lang_fslideshow' => $LANG_mgMB['fslideshow'], 'lang_media' => $LANG_mgMB['media'], 'lang_mlink' => $LANG_mgMB['mlink'], 'lang_img' => $LANG_mgMB['img'], 'lang_video' => $LANG_mgMB['video'], 'lang_audio' => $LANG_mgMB['audio'], 'lang_width' => $LANG_mgMB['width'], 'lang_height' => $LANG_mgMB['height'], 'lang_delay' => $LANG_mgMB['delay'], 'lang_border' => $LANG_mgMB['border'], 'lang_alignment' => $LANG_mgMB['alignment'], 'lang_source' => $LANG_mgMB['source'], 'lang_link' => $LANG_mgMB['link'], 'lang_autoplay' => $LANG_mgMB['autoplay'], 'lang_caption' => $LANG_mgMB['caption'], 'lang_thumbnails' => $LANG_mgMB['thumbnails'], 'lang_navigation' => $LANG_mgMB['navigation'], 'lang_insert' => $LANG_mgMB['insert'], 'lang_cancel' => $LANG_mgMB['cancel'], 'lang_yes' => $LANG_mgMB['yes'], 'lang_no' => $LANG_mgMB['no'], 'lang_auto' => $LANG_mgMB['auto'], 'lang_none' => $LANG_mgMB['none'], 'lang_right' => $LANG_mgMB['right'], 'lang_left' => $LANG_mgMB['left'], 'lang_thumbnail' => $LANG_mgMB['thumbnail'], 'lang_display' => $LANG_mgMB['display'], 'lang_original' => $LANG_mgMB['original'], 'lang_alturl' => $LANG_mgMB['alturl'], 'lang_ribbon' => $LANG_mgMB['ribbon'], 'lang_link_src' => $LANG_mgMB['link_src'], 'lang_showtitle' => $LANG_mgMB['showtitle'], 'lang_top' => $LANG_mgMB['top'], 'lang_bottom' => $LANG_mgMB['bottom'], 'destination' => $_mgMB_CONF['enable_dest'] == 1 ? '<p>' . $LANG_mgMB['destination'] . '&nbsp;&nbsp;<select name="dest"><option value="story">' . $LANG_mgMB['story'] . '</option><option value="block">' . $LANG_mgMB['block'] . '</option></select>' : '', 'lang_select_album' => $LANG_mgMB['select_album']));
if ($total_media == 0) {
    $T->set_var('lang_no_image', $LANG_MG03['no_media_objects']);
    $T->parse('album_noimages', 'noitems');
}
if ($total_media > 0) {
    $k = 0;
    $T->set_block('body', 'ImageDetail', 'IDetail');
    $T->set_block('body', 'ImageColumn', 'IColumn');
    $T->set_block('body', 'ImageRow', 'IRow');
    for ($i = 0; $i < $media_per_page; $i += $columns_per_page) {
        $T->set_var('IDetail', '');
        $T->set_var('IColumn', '');
        for ($j = $i; $j < $i + $columns_per_page; $j++) {
            if ($j >= $total_media) {
Beispiel #20
0
/**
* List logged requests
*
* @param    int     $page   page number
* @return   string          HTML for list of entries
*
*/
function _bb_listEntries($page = 1, $msg = '')
{
    global $_CONF, $_USER, $_TABLES, $LANG_BAD_BEHAVIOR, $LANG_BB2_RESPONSE, $LANG_ADMIN;
    $retval = '';
    if ($page < 1) {
        $page = 1;
    }
    $filter = 'all';
    if (isset($_REQUEST['filter'])) {
        $filter = COM_applyFilter($_REQUEST['filter']);
    }
    $where = '';
    if ($filter != 'all') {
        $where = ' WHERE ' . WP_BB_LOG . '.key="' . DB_escapeString($filter) . '"';
    }
    $start = ($page - 1) * 50;
    if ($filter != 'all') {
        $entries = DB_count(WP_BB_LOG, WP_BB_LOG . '.key', DB_escapeString($filter));
    } else {
        $entries = DB_count(WP_BB_LOG);
    }
    if ($start > $entries) {
        $start = 1;
        $page = 1;
    }
    $donate = $LANG_BAD_BEHAVIOR['description'];
    if (DB_getItem($_TABLES['vars'], 'value', "name = 'bad_behavior2.donate'") == 1) {
        $donate .= '<p>' . $LANG_BAD_BEHAVIOR['donate_msg'] . '</p>' . LB;
    }
    // writing the menu on top
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/bad_behavior2/ban.php', 'text' => 'List Banned IPs'), array('url' => $_CONF['site_admin_url'] . '/plugins/bad_behavior2/ban.php?mode=add', 'text' => 'Ban IPs'), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $retval .= COM_startBlock($LANG_BAD_BEHAVIOR['plugin_display_name'] . ' - ' . $LANG_BAD_BEHAVIOR['block_title_list'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= ADMIN_createMenu($menu_arr, $donate, $_CONF['site_url'] . '/bad_behavior2/images/bad_behavior2.png');
    $retval .= '<br />';
    if (!empty($msg)) {
        $retval .= COM_showMessage($msg, 'bad_behavior2');
    }
    $templates = new Template($_CONF['path'] . 'plugins/' . BAD_BEHAVIOR_PLUGIN . '/templates');
    $templates->set_file('list', 'log.thtml');
    $templates->set_var(array('lang_ip' => $LANG_BAD_BEHAVIOR['row_ip'], 'lang_user_agent' => $LANG_BAD_BEHAVIOR['row_user_agent'], 'lang_referer' => $LANG_BAD_BEHAVIOR['row_referer'], 'lang_reason' => $LANG_BAD_BEHAVIOR['row_reason'], 'lang_response' => $LANG_BAD_BEHAVIOR['row_response'], 'lang_method' => $LANG_BAD_BEHAVIOR['row_method'], 'lang_protocol' => $LANG_BAD_BEHAVIOR['row_protocol'], 'lang_date' => $LANG_BAD_BEHAVIOR['row_date'], 'lang_search' => $LANG_BAD_BEHAVIOR['search'], 'lang_ip_date' => $LANG_BAD_BEHAVIOR['ip_date'], 'lang_headers' => $LANG_BAD_BEHAVIOR['headers'], 'lang_filter_select' => $LANG_BAD_BEHAVIOR['filter'], 'lang_go' => $LANG_BAD_BEHAVIOR['go']));
    $filter_select = '<option value="all"';
    if ($filter == '') {
        $filter_select .= ' selected="selected" ';
    }
    $filter_select .= '>' . $LANG_BAD_BEHAVIOR['no_filter'] . '</option>';
    foreach ($LANG_BB2_RESPONSE as $code => $text) {
        $filter_select .= '<option value="' . $code . '"';
        if ($filter == $code) {
            $filter_select .= ' selected="selected" ';
        }
        $filter_select .= '>' . $text . '</option>';
    }
    $templates->set_var('filter_select', $filter_select);
    $result = DB_query("SELECT id,ip,date,request_method,request_uri,server_protocol,http_headers,user_agent,request_entity,`key` FROM " . WP_BB_LOG . " " . $where . " ORDER BY date DESC LIMIT {$start},50");
    $num = DB_numRows($result);
    $templates->set_block('list', 'logrow', 'lrow');
    for ($i = 0; $i < $num; $i++) {
        $A = DB_fetchArray($result);
        $lcount = 50 * ($page - 1) + $i + 1;
        foreach ($A as $key => $val) {
            $A[$key] = htmlspecialchars($val, ENT_QUOTES, COM_getEncodingt());
        }
        $dt = new Date($A['date'], $_USER['tzid']);
        $headers = str_replace("\n", "<br/>\n", $A['http_headers']);
        $headers = str_replace("User-Agent:", "<strong>User-Agent:</strong>", $headers);
        $headers = str_replace("Host:", "<strong>Host:</strong>", $headers);
        $headers = str_replace("POST ", "<strong>POST</strong> ", $headers);
        $headers = str_replace("GET ", "<strong>GET</strong> ", $headers);
        $headers = str_replace("Accept-Language:", "<strong>Accept-Language:</strong> ", $headers);
        $headers = str_replace("Accept-Encoding:", "<strong>Accept-Encoding:</strong> ", $headers);
        $headers = str_replace("Accept-Charset:", "<strong>Accept-Charset:</strong> ", $headers);
        $headers = str_replace("X-Forwarded-For:", "<strong>X-Forwarded-For:</strong> ", $headers);
        $headers = str_replace("Cookie:", "<strong>Cookie:</strong> ", $headers);
        $headers = str_replace("Via:", "<strong>Via:</strong> ", $headers);
        $headers = str_replace("Connection:", "<strong>Connection:</strong>", $headers);
        $headers = str_replace("Accept:", "<strong>Accept:</strong>", $headers);
        $headers = str_replace("Cache-Control:", "<strong>Cache-Control:</strong>", $headers);
        $headers = str_replace("Referer:", "<strong>Referer:</strong>", $headers);
        $headers = str_replace("Pragma:", "<strong>Pragma:</strong>", $headers);
        $headers = str_replace("Proxy-", "<strong>Proxy-</strong>", $headers);
        $headers = str_replace("Cf-Connecting-Ip", "<strong>Cf-Connecting-Ip</strong>", $headers);
        $headers = str_replace("Cf-Ipcountry", "<strong>Cf-Ipcountry</strong>", $headers);
        $headers = str_replace("X-Forwarded-Proto", "<strong>X-Forwarded-Proto</strong>", $headers);
        $headers = str_replace("Cf-Visitor", "<strong>Cf-Visitor</strong>", $headers);
        $headers = str_replace("X-Http-Proto", "<strong>X-Http-Proto</strong>", $headers);
        $headers = str_replace("X-Real-Ip", "<strong>X-Real-Ip</strong>", $headers);
        $headers = str_replace("Content-Length", "<strong>Content-Length</strong>", $headers);
        $headers = str_replace("Content-Type", "<strong>Content-Type</strong>", $headers);
        $headers = str_replace("Te:", "<strong>Te:</strong>", $headers);
        $headers = str_replace("Expect:", "<strong>Expect:</strong>", $headers);
        $headers = str_replace("Dnt:", "<strong>Dnt:</strong>", $headers);
        $entity = str_replace("\n", "<br/>\n", $A["request_entity"]);
        $templates->set_var(array('row_num' => $lcount, 'cssid' => $i % 2 + 1, 'id' => $A['id'], 'ip' => $A['ip'], 'request_method' => $A['request_method'], 'http_host' => $A['request_uri'], 'server_protocol' => $A['server_protocol'], 'http_referer' => $headers, 'reason' => $LANG_BB2_RESPONSE[$A['key']], 'http_user_agent' => $A['user_agent'], 'http_response' => $entity, 'date_and_time' => $dt->toRFC822(true)));
        $url = $_CONF['site_admin_url'] . '/plugins/' . BAD_BEHAVIOR_PLUGIN . '/index.php?mode=view&amp;id=' . $A['id'];
        if ($page > 1) {
            $url .= '&amp;page=' . $page;
        }
        $templates->set_var('start_headers_anchortag', '<a href="' . $url . '" title="' . $LANG_BAD_BEHAVIOR['title_show_headers'] . '">');
        $templates->set_var('end_headers_anchortag', '</a>');
        if (!empty($_CONF['ip_lookup'])) {
            $iplookup = str_replace('*', $A['ip'], $_CONF['ip_lookup']);
            $templates->set_var('start_ip_lookup_anchortag', '<a href="' . $iplookup . '" title="' . $LANG_BAD_BEHAVIOR['title_lookup_ip'] . '" target="_new">');
            $templates->set_var('end_ip_lookup_anchortag', '</a>');
        } else {
            $templates->set_var('start_ip_lookup_anchortag', '');
            $templates->set_var('end_ip_lookup_anchortag', '');
        }
        $templates->parse('lrow', 'logrow', true);
    }
    if ($entries > 50) {
        $baseurl = $_CONF['site_admin_url'] . '/plugins/' . BAD_BEHAVIOR_PLUGIN . '/index.php?mode=list&filter=' . $filter;
        $numpages = ceil($entries / 50);
        $templates->set_var('google_paging', COM_printPageNavigation($baseurl, $page, $numpages));
    } else {
        $templates->set_var('google_paging', '');
    }
    $templates->parse('output', 'list');
    $retval .= $templates->finish($templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Beispiel #21
0
/**
* Display form to email a story to someone.
*
* @param    string  $sid    ID of article to email
* @return   string          HTML for email story form
*
*/
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
    global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG_LOGIN;
    $retval = '';
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
        $display = COM_siteHeader('menu', $LANG_LOGIN[1]);
        $display .= SEC_loginRequiredForm();
        $display .= COM_siteFooter();
        echo $display;
        exit;
    }
    $result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'" . COM_getTopicSql('AND') . COM_getPermSql('AND'));
    $A = DB_fetchArray($result);
    if ($A['count'] == 0) {
        return COM_refresh($_CONF['site_url'] . '/index.php');
    }
    if ($msg > 0) {
        $retval .= COM_showMessage($msg, '', '', 0, 'info');
    }
    if (empty($from) && empty($fromemail)) {
        if (!COM_isAnonUser()) {
            $from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
            $fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
        }
    }
    $postmode = $_CONF['mailuser_postmode'];
    $mail_template = new Template($_CONF['path_layout'] . 'profiles');
    $mail_template->set_file('form', 'contactauthorform.thtml');
    if ($postmode == 'html') {
        $mail_template->set_var('show_htmleditor', true);
    } else {
        $mail_template->unset_var('show_htmleditor');
    }
    $mail_template->set_var('lang_postmode', $LANG03[2]);
    $mail_template->set_var('postmode', $postmode);
    $mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
    $mail_template->set_var('lang_fromname', $LANG08[20]);
    $mail_template->set_var('name', $from);
    $mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
    $mail_template->set_var('email', $fromemail);
    $mail_template->set_var('lang_toname', $LANG08[18]);
    $mail_template->set_var('toname', $to);
    $mail_template->set_var('lang_toemailaddress', $LANG08[19]);
    $mail_template->set_var('toemail', $toemail);
    $mail_template->set_var('lang_shortmessage', $LANG08[27]);
    $mail_template->set_var('shortmsg', @htmlspecialchars($shortmsg, ENT_COMPAT, COM_getEncodingt()));
    $mail_template->set_var('lang_warning', $LANG08[22]);
    $mail_template->set_var('lang_sendmessage', $LANG08[16]);
    $mail_template->set_var('story_id', $sid);
    PLG_templateSetVars('emailstory', $mail_template);
    $mail_template->set_var('end_block', COM_endBlock());
    $mail_template->parse('output', 'form');
    $retval .= $mail_template->finish($mail_template->get_var('output'));
    return $retval;
}
Beispiel #22
0
/**
* Shows the group editor form
*
* @param    string      $grp_id     ID of group to edit
* @return   string      HTML for group editor
*
*/
function GROUP_edit($grp_id = '')
{
    global $_TABLES, $_CONF, $_USER, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $LANG28, $VERBOSE, $_IMAGE_TYPE;
    USES_lib_admin();
    $retval = '';
    $form_url = '';
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/group.php', 'text' => $LANG28[38]), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $thisUsersGroups = SEC_getUserGroups();
    if (!empty($grp_id) && $grp_id > 0 && !in_array($grp_id, $thisUsersGroups) && !SEC_groupIsRemoteUserAndHaveAccess($grp_id, $thisUsersGroups)) {
        if (!SEC_inGroup('Root') && DB_getItem($_TABLES['groups'], 'grp_name', "grp_id = {$grp_id}") == 'Root') {
            $eMsg = $LANG_ACCESS['canteditroot'];
            COM_accessLog("User {$_USER['username']} tried to edit the Root group with insufficient privileges.");
        } else {
            $eMsg = $LANG_ACCESS['canteditgroup'];
        }
        $retval .= COM_showMessageText($eMsg, $LANG_ACCESS['groupeditor'], true);
        return $retval;
    }
    $retval .= COM_startBlock($LANG_ACCESS['groupeditor'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= ADMIN_createMenu($menu_arr, $LANG_ACCESS['groupeditmsg'], $_CONF['layout_url'] . '/images/icons/group.' . $_IMAGE_TYPE);
    $group_templates = new Template($_CONF['path_layout'] . 'admin/group');
    $group_templates->set_file('editor', 'groupeditor.thtml');
    if (!empty($grp_id) && $grp_id != 0) {
        $result = DB_query("SELECT grp_id,grp_name,grp_descr,grp_gl_core,grp_default FROM {$_TABLES['groups']} WHERE grp_id = " . (int) $grp_id);
        $A = DB_fetchArray($result);
        if ($A['grp_gl_core'] > 0) {
            $group_templates->set_var('chk_adminuse', 'checked="checked"');
        }
        if ($A['grp_default'] != 0) {
            $group_templates->set_var('chk_defaultuse', 'checked="checked"');
        }
    } else {
        // new group, so it's obviously not a core group
        $A['grp_gl_core'] = 0;
        $A['grp_default'] = 0;
        $A['grp_name'] = '';
    }
    if ($A['grp_name'] == 'Logged-in Users' || $A['grp_name'] == 'All Users' || $A['grp_name'] == 'Root') {
        $disable_edits = 1;
    } else {
        $disable_edit = 0;
    }
    $group_templates->set_var('site_url', $_CONF['site_url']);
    $group_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $group_templates->set_var('layout_url', $_CONF['layout_url']);
    $group_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $group_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $group_templates->set_var('lang_admingroup', $LANG28[49]);
    $group_templates->set_var('lang_admingrp_msg', $LANG28[50]);
    $group_templates->set_var('lang_defaultgroup', $LANG28[88]);
    $group_templates->set_var('lang_defaultgrp_msg', $LANG28[89]);
    $group_templates->set_var('lang_applydefault_msg', $LANG28[90]);
    $group_templates->set_var('lang_groupname', $LANG_ACCESS['groupname']);
    $group_templates->set_var('lang_description', $LANG_ACCESS['description']);
    $group_templates->set_var('lang_securitygroups', $LANG_ACCESS['securitygroups']);
    $group_templates->set_var('lang_rights', $LANG_ACCESS['rights']);
    $showall = isset($_GET['chk_showall']) ? COM_applyFilter($_GET['chk_showall'], true) : 0;
    $group_templates->set_var('show_all', $showall);
    if (!empty($grp_id) && $grp_id != 0) {
        // Groups tied to glFusion's functionality shouldn't be deleted
        if ($A['grp_gl_core'] != 1) {
            $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s />';
            $jsconfirm = ' onclick="return confirm(\'' . $LANG_ACCESS['confirm1'] . '\');"';
            $group_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
            $group_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
            $group_templates->set_var('group_core', 0);
        } else {
            $group_templates->set_var('group_core', 1);
        }
        $group_templates->set_var('group_id', $A['grp_id']);
    } else {
        $group_templates->set_var('group_core', 0);
    }
    $group_templates->set_var('lang_groupname', $LANG_ACCESS['groupname']);
    // if the group name is set, do not allow it to change ...  we need to do this better in the future ...
    if (isset($A['grp_name']) && $A['grp_name'] != '') {
        $group_templates->set_var('group_name', $A['grp_name']);
        // determine whether the group offers the option to make it a 'default group' for new users ...
        switch ($A['grp_name']) {
            case 'All Users':
            case 'Logged-in Users':
            case 'Remote Users':
            case 'Root':
                $group_templates->set_var('hide_defaultoption', ' style="display:none;"');
                break;
            default:
                $group_templates->set_var('hide_defaultoption', '');
                break;
        }
        $group_templates->set_var('groupname_inputtype', 'hidden');
        $group_templates->set_var('groupname_static', $A['grp_name']);
    } else {
        $group_templates->set_var('groupname_inputtype', 'text');
        $group_templates->set_var('group_name', '');
    }
    if (isset($A['grp_descr'])) {
        $group_templates->set_var('group_description', htmlspecialchars($A['grp_descr'], ENT_QUOTES, COM_getEncodingt()));
    } else {
        $group_templates->set_var('group_description', '');
    }
    $selected = '';
    if (!empty($grp_id)) {
        $tmp = DB_query("SELECT ug_main_grp_id FROM {$_TABLES['group_assignments']} WHERE ug_grp_id = {$grp_id}");
        $num_groups = DB_numRows($tmp);
        for ($x = 0; $x < $num_groups; $x++) {
            $G = DB_fetchArray($tmp);
            if ($x > 0) {
                $selected .= ' ' . $G['ug_main_grp_id'];
            } else {
                $selected .= $G['ug_main_grp_id'];
            }
        }
    }
    $groupoptions = '';
    $group_templates->set_var('lang_securitygroupmsg', $LANG_ACCESS['groupmsg']);
    $group_templates->set_var('hide_adminoption', '');
    if ($VERBOSE) {
        COM_errorLog("SELECTED: {$selected}");
    }
    if (empty($groupoptions)) {
        // make sure to list only those groups of which the Group Admin
        // is a member
        $whereGroups = '(grp_id IN (' . implode(',', $thisUsersGroups) . '))';
        $header_arr = array(array('text' => $LANG28[86], 'field' => 'checkbox', 'sort' => false, 'align' => 'center'), array('text' => $LANG_ACCESS['groupname'], 'field' => 'grp_name', 'sort' => true), array('text' => $LANG_ACCESS['description'], 'field' => 'grp_descr', 'sort' => true));
        $defsort_arr = array('field' => 'grp_name', 'direction' => 'asc');
        $form_url = $_CONF['site_admin_url'] . '/group.php?edit=x&amp;grp_id=' . $grp_id;
        $text_arr = array('has_menu' => false, 'has_extras' => false, 'title' => '', 'instructions' => '', 'icon' => '');
        $xsql = '';
        if (!empty($grp_id)) {
            $xsql = " AND (grp_id <> {$grp_id})";
        }
        $sql = "SELECT grp_id, grp_name, grp_descr FROM {$_TABLES['groups']} WHERE (grp_name <> 'Root')" . $xsql . ' AND ' . $whereGroups;
        $query_arr = array('table' => 'groups', 'sql' => $sql, 'query_fields' => array('grp_name'), 'default_filter' => '', 'query' => '', 'query_limit' => 0);
        $groupoptions = ADMIN_list('groups', 'GROUP_getListField2', $header_arr, $text_arr, $query_arr, $defsort_arr, '', explode(' ', $selected));
    }
    $group_templates->set_var('group_options', $groupoptions);
    $group_templates->set_var('lang_rights', $LANG_ACCESS['rights']);
    if ($A['grp_gl_core'] == 1) {
        $group_templates->set_var('lang_rightsmsg', $LANG_ACCESS['rightsdescr']);
    } else {
        $group_templates->set_var('lang_rightsmsg', $LANG_ACCESS['rightsdescr']);
    }
    $group_templates->set_var('rights_options', GROUP_displayRights($grp_id, $A['grp_gl_core']));
    $group_templates->set_var('gltoken_name', CSRF_TOKEN);
    $group_templates->set_var('gltoken', SEC_createToken());
    $group_templates->parse('output', 'editor');
    $retval .= $group_templates->finish($group_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Beispiel #23
0
/**
* Shows the user registration form
*
* @param    int     $msg        message number to show
* @param    string  $referrer   page to send user to after registration
* @return   string  HTML for user registration page
*/
function newuserform($msg = '')
{
    global $_CONF, $LANG01, $LANG04;
    $retval = '';
    if ($_CONF['disable_new_user_registration']) {
        COM_setMsg($LANG04[122], 'error');
        echo COM_refresh($_CONF['site_url']);
    }
    if ($_CONF['custom_registration'] and function_exists('CUSTOM_userForm')) {
        return CUSTOM_userForm($msg);
    }
    if (!empty($msg)) {
        $retval .= COM_showMessageText($msg, $LANG04[21], false, 'info');
    }
    $user_templates = new Template($_CONF['path_layout'] . 'users');
    $user_templates->set_file('regform', 'registrationform.thtml');
    $user_templates->set_var('start_block', COM_startBlock($LANG04[22]));
    $user_templates->set_var('lang_instructions', $LANG04[23]);
    $user_templates->set_var('lang_username', $LANG04[2]);
    $user_templates->set_var('lang_fullname', $LANG04[3]);
    $user_templates->set_var('lang_email', $LANG04[5]);
    $user_templates->set_var('lang_email_conf', $LANG04[124]);
    if ($_CONF['registration_type'] == 1) {
        // verification link
        $user_templates->set_var('lang_passwd', $LANG01[57]);
        $user_templates->set_var('lang_passwd_conf', $LANG04[176]);
        $user_templates->set_var('lang_warning', $LANG04[167]);
    } else {
        $user_templates->set_var('lang_warning', $LANG04[24]);
    }
    $user_templates->set_var('lang_register', $LANG04[27]);
    PLG_templateSetVars('registration', $user_templates);
    $user_templates->set_var('end_block', COM_endBlock());
    $username = '';
    if (!empty($_POST['username'])) {
        $username = trim($_POST['username']);
    }
    $user_templates->set_var('username', @htmlentities($username, ENT_COMPAT, COM_getEncodingt()));
    $fullname = '';
    if (!empty($_POST['fullname'])) {
        $fullname = $_POST['fullname'];
    }
    $fullname = USER_sanitizeName($fullname);
    $user_templates->set_var('fullname', @htmlentities($fullname, ENT_COMPAT, COM_getEncodingt()));
    switch ($_CONF['user_reg_fullname']) {
        case 2:
            $user_templates->set_var('require_fullname', 'true');
        case 1:
            $user_templates->set_var('show_fullname', 'true');
    }
    $email = '';
    if (!empty($_POST['email'])) {
        $email = COM_applyFilter($_POST['email']);
    }
    $user_templates->set_var('email', $email);
    $email_conf = '';
    if (!empty($_POST['email_conf'])) {
        $email_conf = COM_applyFilter($_POST['email_conf']);
    }
    $user_templates->set_var('email_conf', $email_conf);
    $user_templates->parse('output', 'regform');
    $retval .= $user_templates->finish($user_templates->get_var('output'));
    return $retval;
}
Beispiel #24
0
function _ff_getListField_forum($fieldname, $fieldvalue, $A, $icon_arr)
{
    global $_CONF, $_USER, $_TABLES, $LANG_ADMIN, $LANG04, $LANG28, $_IMAGE_TYPE;
    global $_FF_CONF, $_SYSTEM, $LANG_GF02;
    if (!isset($A['status'])) {
        $A['status'] = 0;
    }
    USES_lib_html2text();
    $retval = '';
    $dt = new Date('now', $_USER['tzid']);
    switch ($fieldname) {
        case 'date':
        case 'lastupdated':
            $dt->setTimestamp($fieldvalue);
            $retval = $dt->format($_FF_CONF['default_Datetime_format'], true);
            break;
        case 'subject':
            $testText = FF_formatTextBlock($A['comment'], 'text', 'text', $A['status']);
            $testText = strip_tags($testText);
            $html2txt = new html2text($testText, false);
            $testText = trim($html2txt->get_text());
            $lastpostinfogll = @htmlspecialchars(preg_replace('#\\r?\\n#', '<br>', strip_tags(substr($testText, 0, $_FF_CONF['contentinfo_numchars']) . '...')), ENT_QUOTES, COM_getEncodingt());
            $retval = '<a class="' . COM_getTooltipStyle() . '" style="text-decoration:none;" href="' . $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . ($A['pid'] == 0 ? $A['id'] : $A['pid']) . '&amp;topic=' . $A['id'] . '#' . $A['id'] . '" title="' . $A['subject'] . '::' . $lastpostinfogll . '" rel="nofollow">' . $fieldvalue . '</a>';
            break;
        case 'bookmark':
            $bm_icon_on = '<img src="' . _ff_getImage('star_on_sm') . '" title="' . $LANG_GF02['msg204'] . '" alt=""/>';
            $retval = '<span id="forumbookmark' . $A['topic_id'] . '"><a href="#" onclick="ajax_toggleForumBookmark(' . $A['topic_id'] . ');return false;">' . $bm_icon_on . '</a></span>';
            break;
        case 'replies':
        case 'views':
            if ($fieldvalue != '') {
                $retval = $fieldvalue;
            } else {
                $retval = '0';
            }
            break;
        default:
            $retval = $fieldvalue;
            break;
    }
    return $retval;
}
Beispiel #25
0
/**
* this searches for pages matching the user query and returns an array of
* for the header and table rows back to search.php where it will be formated and
* printed
*
* @query            string          Keywords user is looking for
* @datestart        date/time       Start date to get results for
* @dateend          date/time       End date to get results for
* @topic            string          The topic they were searching in
* @type             string          Type of items they are searching
* @author           string          Get all results by this author
*
*/
function MG_search($id, $page)
{
    global $MG_albums, $_USER, $_TABLES, $_CONF, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03;
    $retval = '';
    $columns_per_page = $_MG_CONF['search_columns'];
    $rows_per_page = $_MG_CONF['search_rows'];
    $media_per_page = $columns_per_page * $rows_per_page;
    $playback_type = $_MG_CONF['search_playback_type'];
    $current_print_page = $page;
    // pull the query from the search database...
    $result = DB_query("SELECT * FROM {$_TABLES['mg_sort']} WHERE sort_id='" . DB_escapeString($id) . "'");
    $nrows = DB_numRows($result);
    if ($nrows < 1) {
        return MG_displaySearchBox('<div class="pluginAlert">' . $LANG_MG03['no_search_found'] . '</div>');
    }
    $S = DB_fetchArray($result);
    if (COM_isAnonUser()) {
        $sort_user = 1;
    } else {
        $sort_user = $_USER['uid'];
    }
    if ($sort_user != $S['sort_user'] && $S['sort_user'] != 1) {
        return MG_displaySearchBox('<div class="pluginAlert">' . $LANG_MG03['no_search_found'] . '</div>');
    }
    $sqltmp = $S['sort_query'];
    $numresults = $S['sort_results'];
    $numresults = $media_per_page;
    $sql = "SELECT DISTINCT * FROM " . $_TABLES['mg_media'] . " as m " . " INNER JOIN " . $_TABLES['mg_media_albums'] . " as ma " . " ON m.media_id=ma.media_id " . $sqltmp . " ORDER BY m.media_time DESC;";
    $result = DB_query($sql);
    $mycount = DB_numRows($result);
    if ($mycount < 1) {
        return MG_displaySearchBox('<div class="pluginAlert">' . $LANG_MG03['no_search_found'] . '</div>');
    }
    $arrayCounter = 0;
    $mediaRows = 0;
    if ($mycount > 0) {
        for ($i = 0; $i < $mycount; $i++) {
            $row = DB_fetchArray($result);
            if ($MG_albums[$row['album_id']]->access == 0 || $MG_albums[$row['album_id']]->hidden == 1 && $MG_albums[0]->owner_id != 1) {
                continue;
            }
            $media = new Media();
            $media->constructor($row, $row['album_id']);
            $MG_media[$arrayCounter] = $media;
            $M[$arrayCounter] = $row;
            $arrayCounter++;
            $mediaRows++;
        }
    }
    if ($mediaRows == 0) {
        return MG_displaySearchBox('<div class="pluginAlert">' . $LANG_MG03['no_search_found'] . '</div>');
    }
    $page = $page - 1;
    $begin = $page * $numresults;
    $end = $page * $numresults + ($numresults - 1);
    $total_print_pages = ceil($mediaRows / $numresults);
    // new stuff
    $T = new Template(MG_getTemplatePath(0));
    $T->set_file(array('page' => 'search_results2.thtml'));
    $T->set_var(array('site_url' => $_MG_CONF['site_url'], 'table_columns' => $columns_per_page, 'table_column_width' => intval(100 / $columns_per_page) . '%', 'top_pagination' => COM_printPageNavigation($_MG_CONF['site_url'] . '/search.php?id=' . $id, $page + 1, ceil($mediaRows / $numresults), '&amp;page='), 'bottom_pagination' => COM_printPageNavigation($_MG_CONF['site_url'] . '/search.php?id=' . $id, $page + 1, ceil($mediaRows / $numresults), '&amp;page='), 'page_number' => sprintf("%s %d %s %d", $LANG_MG03['page'], $current_print_page, $LANG_MG03['of'], $total_print_pages), 'lang_search_results' => $LANG_MG03['search_results'], 'lang_return_to_index' => $LANG_MG03['return_to_index'], 'return_url' => $S['referer'] == '' ? $_MG_CONF['site_url'] : htmlentities($S['referer'], ENT_QUOTES, COM_getEncodingt()), 'search_keywords' => $S['keywords'], 'lang_search' => $LANG_MG01['search']));
    $howmany = $mediaRows - $page * $numresults;
    if ($howmany > $mediaRows) {
        $howmany = $mediaRows;
    }
    $total_media = $mediaRows;
    if ($howmany == 0) {
        $T->set_var(array('lang_no_image' => $LANG_MG03['no_media_objects']));
        $T->parse('album_noimages', 'noitems');
    }
    $noParse = 0;
    if ($howmany > 0) {
        $k = 0;
        $T->set_block('page', 'ImageColumn', 'IColumn');
        $T->set_block('page', 'ImageRow', 'IRow');
        for ($i = $begin; $i < $media_per_page + $begin; $i += $columns_per_page) {
            for ($j = $i; $j < $i + $columns_per_page; $j++) {
                if ($j >= $total_media) {
                    $k = $i + $columns_per_page - $j;
                    $m = $k % $columns_per_page;
                    for ($z = $m; $z > 0; $z--) {
                        $T->set_var(array('CELL_DISPLAY_IMAGE' => ''));
                        $T->parse('IColumn', 'ImageColumn', true);
                    }
                    $noParse = 1;
                    break;
                }
                $previous_image = $i - 1;
                if ($previous_image < 0) {
                    $previous_image = -1;
                }
                $next_image = $i + 1;
                if ($next_image >= $total_media - 1) {
                    $next_image = -1;
                }
                $z = $j;
                // +$start;
                $celldisplay = MG_searchDisplayThumb($M[$j], 0, $id, $page + 1);
                if ($MG_media[$j]->type == 1) {
                    $PhotoURL = $_MG_CONF['mediaobjects_url'] . '/disp/' . $MG_media[$j]->filename[0] . '/' . $MG_media[$j]->filename . '.jpg';
                    $T->set_var(array('URL' => $PhotoURL));
                }
                $T->set_var(array('CELL_DISPLAY_IMAGE' => $celldisplay));
                $T->parse('IColumn', 'ImageColumn', true);
            }
            $T->parse('IRow', 'ImageRow', true);
            $T->set_var('IColumn', '');
            if ($noParse == 1) {
                break;
            }
        }
    }
    $T->parse('output', 'page');
    $retval .= $T->finish($T->get_var('output'));
    return $retval;
}
Beispiel #26
0
        } else {
            $neg_subscription = false;
        }
        $result = DB_query("SELECT subject,name,replies,views,uid,id FROM {$_TABLES['ff_topic']} WHERE id=" . (int) $topic_id);
        $A = DB_fetchArray($result);
        if ($A['subject'] == '') {
            $subject = $LANG_GF01['MISSINGSUBJECT'];
        } elseif (strlen($A['subject']) > 50) {
            $subject = @htmlspecialchars(substr($A['subject'], 0, 50), ENT_QUOTES, COM_getEncodingt()) . ' ...';
        } else {
            $subject = @htmlspecialchars($A['subject'], ENT_COMPAT, COM_getEncodingt());
        }
        $topic_link = '<a href="' . $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topic_id . '" title="';
        $topic_link .= $subject . '">' . $subject . '</a>';
    }
    $report->set_var(array('id' => $notify_recid, 'csscode' => $i % 2 + 1, 'forum' => $forum_name, 'linksubject' => @htmlspecialchars($subject, ENT_QUOTES, COM_getEncodingt()), 'is_forum' => $is_forum, 'topic_link' => $topic_link, 'topicauthor' => $A['name'], 'date_added' => $date_added, 'uid' => $A['uid'], 'views' => $A['views'], 'replies' => $A['replies'], 'notify_id' => $notify_recid, 'LANG_REMOVE' => $LANG_GF01['REMOVE']));
    $report->parse('nrow', 'notification', true);
    $i++;
}
if ($nrows == 0) {
    $report->set_var('bottomlink', $LANG_GF02['msg44']);
} else {
    $report->set_var('pagenavigation', COM_printPageNavigation($base_url, $page, $numpages));
    if ($forum > 0) {
        $report->set_var('bottomlink', "<a href=\"{$_CONF['site_url']}/forum/index.php?forum={$forum}\">{$LANG_GF02['msg144']}</a>");
    } else {
        $report->set_var('bottomlink', "<a href=\"{$_CONF['site_url']}/forum/index.php\">{$LANG_GF02['msg175']}</a>");
    }
}
$report->parse('output', 'report');
$display .= $report->finish($report->get_var('output'));
Beispiel #27
0
/**
 * Show topic administration form
 *
 * @param    string  tid     ID of topic to edit
 * @return   string          HTML for the topic editor
 */
function edittopic($tid = '')
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG04, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS;
    $retval = '';
    if (empty($tid)) {
        // new topic - set defaults
        $A = array('tid' => '', 'topic' => '', 'sortnum' => 0, 'parent_id' => TOPIC_ROOT, 'inherit' => 1, 'hidden' => 0, 'limitnews' => '', 'is_default' => 0, 'archive_flag' => 0);
    } else {
        $result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 0 || $access == 2) {
            $retval .= COM_showMessageText($LANG27[13], $LANG27[12]);
            COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
            return $retval;
        }
    }
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    if (!is_array($A) || empty($A['owner_id'])) {
        $A['owner_id'] = $_USER['uid'];
        // this is the one instance where we default the group
        // most topics should belong to the Topic Admin group
        if (isset($_GROUPS['Topic Admin'])) {
            $A['group_id'] = $_GROUPS['Topic Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('topic.edit');
        }
        SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']);
        $access = 3;
    }
    $topic_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/topic');
    $topic_templates->set_file('editor', 'topiceditor.thtml');
    if (!empty($tid) && SEC_hasRights('topic.edit')) {
        $delButton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsConfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $topic_templates->set_var('delete_option', sprintf($delButton, $jsConfirm));
        $topic_templates->set_var('delete_option_no_confirmation', sprintf($delButton, ''));
        $topic_templates->set_var('allow_delete', true);
        $topic_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
        $topic_templates->set_var('confirm_message', $MESSAGE[76]);
        $topic_templates->set_var('warning_msg', $LANG27[6]);
    }
    if ($_CONF['titletoid'] && empty($tid)) {
        $_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
        $topic_templates->set_var('titletoid', true);
    }
    $topic_templates->set_var('lang_topicid', $LANG27[2]);
    $topic_templates->set_var('topic_id', $A['tid']);
    $topic_templates->set_var('lang_parent_id', $LANG27[32]);
    $topic_templates->set_var('parent_id_options', TOPIC_getTopicListSelect($A['parent_id'], 1, false, $A['tid'], true));
    $topic_templates->set_var('lang_inherit', $LANG27[33]);
    $topic_templates->set_var('lang_inherit_info', $LANG27[34]);
    if ($A['inherit'] == 1) {
        $topic_templates->set_var('inherit_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('inherit_checked', '');
    }
    $topic_templates->set_var('lang_hidden', $LANG27[35]);
    $topic_templates->set_var('lang_hidden_info', $LANG27[36]);
    if ($A['hidden'] == 1) {
        $topic_templates->set_var('hidden_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('hidden_checked', '');
    }
    $topic_templates->set_var('lang_donotusespaces', $LANG27[5]);
    $topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $topic_templates->set_var('owner_name', $ownername);
    $topic_templates->set_var('owner', $ownername);
    $topic_templates->set_var('owner_id', $A['owner_id']);
    $topic_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $topic_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']);
    $topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    // show sort order only if they specified sortnum as the sort method
    if ($_CONF['sortmethod'] !== 'alpha') {
        $topic_templates->set_var('lang_sortorder', $LANG27[10]);
        if ($A['sortnum'] == 0) {
            $A['sortnum'] = '';
        }
        $topic_templates->set_var('sort_order', '<input type="text" size="5" maxlength="5" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
    } else {
        $topic_templates->set_var('lang_sortorder', $LANG27[14]);
        $topic_templates->set_var('sort_order', $LANG27[15] . '<input type="hidden" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
    }
    $topic_templates->set_var('lang_storiesperpage', $LANG27[11]);
    if ($A['limitnews'] == 0) {
        $topic_templates->set_var('story_limit', '');
    } else {
        $topic_templates->set_var('story_limit', $A['limitnews']);
    }
    $topic_templates->set_var('default_limit', $_CONF['limitnews']);
    $topic_templates->set_var('lang_defaultis', $LANG27[16]);
    $topic_templates->set_var('lang_topicname', $LANG27[3]);
    $topic_templates->set_var('topic_name', htmlspecialchars(stripslashes($A['topic']), ENT_QUOTES, COM_getEncodingt()));
    if (empty($A['tid'])) {
        $A['imageurl'] = '/images/topics/';
    }
    $topic_templates->set_var('lang_topicimage', $LANG27[4]);
    $topic_templates->set_var('lang_uploadimage', $LANG27[27]);
    $topic_templates->set_var('lang_maxsize', $LANG27[28]);
    $topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']);
    $topic_templates->set_var('max_url_length', 255);
    $topic_templates->set_var('image_url', $A['imageurl']);
    if (empty($_CONF['image_lib'])) {
        $scaling = $LANG04[162];
    } else {
        $scaling = $LANG04[161];
    }
    $topic_templates->set_var('icon_max_dimensions', sprintf($LANG04[160], $_CONF['max_topicicon_width'], $_CONF['max_topicicon_height'], $_CONF['max_topicicon_size'], $scaling));
    $topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $topic_templates->set_var('meta_description', $A['meta_description']);
    }
    if (!empty($A['meta_keywords'])) {
        $topic_templates->set_var('meta_keywords', $A['meta_keywords']);
    }
    if ($_CONF['meta_tags'] > 0) {
        $topic_templates->set_var('hide_meta', '');
    } else {
        $topic_templates->set_var('hide_meta', ' style="display:none;"');
    }
    $topic_templates->set_var('lang_defaulttopic', $LANG27[22]);
    $topic_templates->set_var('lang_defaulttext', $LANG27[23]);
    if ($A['is_default'] == 1) {
        $topic_templates->set_var('default_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('default_checked', '');
    }
    $topic_templates->set_var('lang_archivetopic', $LANG27[25]);
    $topic_templates->set_var('lang_archivetext', $LANG27[26]);
    $topic_templates->set_var('archive_disabled', '');
    if ($A['archive_flag'] == 1) {
        $topic_templates->set_var('archive_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('archive_checked', '');
        // Only 1 topic can be the archive topic - so check if there already is one
        if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) {
            $topic_templates->set_var('archive_disabled', 'disabled');
        }
    }
    if (empty($tid)) {
        $num_stories = $LANG_ADMIN['na'];
    } else {
        $nResult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND ta.tid = '" . DB_escapeString($tid) . "'" . COM_getPermSql('AND'));
        $N = DB_fetchArray($nResult);
        $num_stories = COM_numberFormat($N['count']);
    }
    $topic_templates->set_var('lang_num_stories', $LANG27[30]);
    $topic_templates->set_var('num_stories', $num_stories);
    $topic_templates->set_var('gltoken_name', CSRF_TOKEN);
    $topic_templates->set_var('gltoken', $token);
    $topic_templates->parse('output', 'editor');
    $retval .= $topic_templates->finish($topic_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Beispiel #28
0
 /**
  *   Creates the product edit form.
  *
  *   Creates the form for editing a product.  If a product ID is supplied,
  *   then that product is read and becomes the current product.  If not,
  *   then the current product is edited.  If an empty product was created,
  *   then a new product is created here.
  *
  *   @uses   PAYPAL_getDocUrl()
  *   @uses   PAYPAL_errorMessage()
  *   @uses   PAYPAL_recurseCats()
  *   @param  integer $id     Optional ID, current record used if zero
  *   @return string          HTML for edit form
  */
 public function showForm($id = 0)
 {
     global $_TABLES, $_CONF, $_PP_CONF, $LANG_PP, $LANG24, $LANG_postmodes, $_SYSTEM;
     $id = (int) $id;
     if ($id > 0) {
         // If an id is passed in, then read that record
         if (!$this->Read($id)) {
             return PAYPAL_errorMessage($LANG_PP['invalid_product_id'], 'info');
         }
     }
     $id = $this->id;
     $T = new Template(PAYPAL_PI_PATH . '/templates');
     if ($_SYSTEM['framework'] == 'uikit') {
         $T->set_file('product', 'product_form.uikit.thtml');
     } else {
         $T->set_file('product', 'product_form.thtml');
     }
     // Set up the wysiwyg editor, if available
     switch (PLG_getEditorType()) {
         case 'ckeditor':
             $T->set_var('show_htmleditor', true);
             PLG_requestEditor('paypal', 'paypal_entry', 'ckeditor_paypal.thtml');
             PLG_templateSetVars('paypal_entry', $T);
             break;
         case 'tinymce':
             $T->set_var('show_htmleditor', true);
             PLG_requestEditor('paypal', 'paypal_entry', 'tinymce_paypal.thtml');
             PLG_templateSetVars('paypal_entry', $T);
             break;
         default:
             // don't support others right now
             $T->set_var('show_htmleditor', false);
             break;
     }
     // Add the current product ID to the form if it's an existing product.
     if ($id > 0) {
         $T->set_var('id', '<input type="hidden" name="id" value="' . $this->id . '" />');
         $retval = COM_startBlock($LANG_PP['edit'] . ': ' . $this->name);
     } else {
         $T->set_var('id', '');
         $retval = COM_startBlock($LANG_PP['new_product']);
     }
     $T->set_var(array('post_options' => $post_options, 'name' => htmlspecialchars($this->name, ENT_QUOTES, COM_getEncodingt()), 'category' => $this->cat_id, 'short_description' => htmlspecialchars($this->short_description, ENT_QUOTES, COM_getEncodingt()), 'description' => htmlspecialchars($this->description, ENT_QUOTES, COM_getEncodingt()), 'price' => sprintf('%.2f', $this->price), 'file' => htmlspecialchars($this->file, ENT_QUOTES, COM_getEncodingt()), 'expiration' => $this->expiration, 'pi_admin_url' => PAYPAL_ADMIN_URL, 'file_selection' => $this->FileSelector(), 'keywords' => htmlspecialchars($this->keywords, ENT_QUOTES, COM_getEncodingt()), 'cat_select' => PAYPAL_recurseCats('PAYPAL_callbackCatOptionList', $this->cat_id), 'currency' => $_PP_CONF['currency'], 'pi_url' => PAYPAL_URL, 'doc_url' => PAYPAL_getDocURL('product_form', $_CONF['language']), 'prod_type' => $this->prod_type, 'weight' => $this->weight, 'feat_chk' => $this->featured == 1 ? 'checked="checked"' : '', 'ena_chk' => $this->enabled == 1 ? 'checked="checked"' : '', 'tax_chk' => $this->taxable == 1 ? 'checked="checked"' : '', 'show_random_chk' => $this->show_random == 1 ? 'checked="checked"' : '', 'show_popular_chk' => $this->show_popular == 1 ? 'checked="checked"' : '', 'ship_sel_' . $this->shipping_type => 'selected="selected"', 'shipping_type' => $this->shipping_type, 'track_onhand' => $this->track_onhand, 'shipping_amt' => sprintf('%.2f', $this->shipping_amt), 'sel_comment_' . $this->comments_enabled => 'selected="selected"', 'rating_chk' => $this->rating_enabled == 1 ? 'checked="checked"' : '', 'trk_onhand_chk' => $this->track_onhand == 1 ? 'checked="checked"' : '', 'onhand' => $this->onhand, "oversell_sel{$this->oversell}" => 'selected="selected"', 'custom' => $this->custom, 'sale_price' => sprintf('%.2f', $this->sale_price), 'sale_beg' => $this->_InputDtFormat($this->sale_beg), 'sale_end' => $this->_InputDtFormat($this->sale_end), 'avail_beg' => $this->avail_beg, 'avail_end' => $this->avail_end));
     // Create the button type selections. New products get the default
     // button selected, existing products get the saved button selected
     // or "none" if there is no button.
     $T->set_block('product', 'BtnRow', 'BRow');
     $have_chk = false;
     foreach ($_PP_CONF['buttons'] as $key => $checked) {
         if ($key == $this->btn_type || $this->isNew && $checked) {
             $btn_chk = 'checked="checked"';
             $have_chk = true;
         } else {
             $btn_chk = '';
         }
         $T->set_var(array('btn_type' => $key, 'btn_chk' => $key == $this->btn_type || $this->isNew && $checked ? 'checked="checked"' : '', 'btn_name' => $LANG_PP['buttons'][$key]));
         $T->parse('BRow', 'BtnRow', true);
     }
     // Set the "none" selection if nothing was already selected
     $T->set_var('none_chk', $have_chk ? '' : 'checked="checked"');
     $T->set_block('product', 'ProdTypeRadio', 'ProdType');
     foreach ($LANG_PP['prod_types'] as $value => $text) {
         $T->set_var(array('type_val' => $value, 'type_txt' => $text, 'type_sel' => $this->prod_type == $value ? 'checked="checked"' : ''));
         $T->parse('ProdType', 'ProdTypeRadio', true);
     }
     /*$T->set_block('options', 'OptionRow', 'OptRow');
       for ($i = 0; $i < 7; $i++) {
           $T->set_var(array(
               'var'         => $i,
               'option_num'  => $i + 1,
               'on0_name' => $this->properties['options']['on0']['name'],
               'on0_string' => $this->properties['options']['on0'][$i]['string'],
               'on0_value' => $this->properties['options']['on0'][$i]['value'],
               'on1_name' => $this->properties['options']['on1']['name'],
               'on1_string' => $this->properties['options']['on1'][$i]['string'],
               'on1_value' => $this->properties['options']['on1'][$i]['value'],
           ) );
           $T->parse('OptRow', 'OptionRow', true);
       }*/
     if (!$this->isUsed()) {
         $T->set_var('candelete', 'true');
     }
     // Set up the photo fields.  Use $photocount defined above.
     // If there are photos, read the $photo result.  Otherwise,
     // or if this is a new ad, just clear the photo area
     $T->set_block('product', 'PhotoRow', 'PRow');
     $i = 0;
     // Get the existing photos.  Will only have photos with an
     // existing product entry.
     $photocount = 0;
     if ($this->id != NULL) {
         $sql = "SELECT img_id, filename \n                FROM {$_TABLES['paypal.images']} \n                WHERE product_id='" . $this->id . "'";
         $photo = DB_query($sql);
         // save the count of photos for later use
         if ($photo) {
             $photocount = DB_numRows($photo);
         }
         // While we're checking the ID, set it as a hidden value
         // for updating this record
         $T->set_var('product_id', $this->id);
     } else {
         $T->set_var('product_id', '');
     }
     // If there are any images, retrieve and display the thumbnails.
     if ($photocount > 0) {
         while ($prow = DB_fetchArray($photo)) {
             $i++;
             $T->set_var('img_url', PAYPAL_URL . "/images/products/{$prow['filename']}");
             $T->set_var('thumb_url', PAYPAL_ImageUrl($prow['filename']));
             $T->set_var('seq_no', $i);
             $T->set_var('del_img_url', PAYPAL_ADMIN_URL . '/index.php' . '?delete_img=x' . '&img_id=' . $prow['img_id'] . '&id=' . $this->id);
             $T->parse('PRow', 'PhotoRow', true);
         }
     } else {
         $T->parse('PRow', '');
     }
     // add upload fields for unused images
     $T->set_block('product', 'UploadFld', 'UFLD');
     for ($j = $i; $j < $_PP_CONF['max_images']; $j++) {
         $T->parse('UFLD', 'UploadFld', true);
     }
     $i = 0;
     foreach ($this->qty_discounts as $qty => $amt) {
         $T->set_var(array('disc_qty' . $i => $qty, 'disc_amt' . $i => $amt));
         $i++;
     }
     /*$sql = "SELECT cat_id, cat_name
               FROM {$_TABLES['paypal.categories']}
               WHERE enabled=1 AND parent_id=0";
       $res = DB_query($sql);*/
     /*$str = '';
       while ($A = DB_fetchArray($res, false)) {
           $str .= "<div><b>{$A['cat_name']}</b><br/>
                   <ul>" . 
                   PAYPAL_recurseCats('prodform_catoption', 0, $A['cat_id'],
                     '', '', '',
                     0, 0, array('<ol>', '</ol>')) .
                   "</ul></div>";
       }
       $T->set_var('catselect', $str);*/
     $retval .= $T->parse('output', 'product');
     /*@setcookie($_CONF['cookie_name'].'fckeditor', 
               SEC_createTokenGeneral('advancededitor'),
               time() + 1200, $_CONF['cookie_path'],
               $_CONF['cookiedomain'], $_CONF['cookiesecure']);
       */
     $retval .= COM_endBlock();
     return $retval;
 }
Beispiel #29
0
 /**
  * Returns text ready for display.
  *
  * @param   string  $text         Text to prepare for display
  * @param   string  $postmode     Indicates if text is html, adveditor, wikitext or plaintext
  * @param   int     $version      version of GLText engine
  * @return  string  Escaped String
  * @access  public
  *
  */
 public static function getDisplayText($text, $postmode, $version)
 {
     if ($version == GLTEXT_FIRST_VERSION) {
         // first version
         if ($postmode == 'plaintext') {
             $text = COM_nl2br($text);
         }
         if ($postmode == 'wikitext') {
             $text = self::_editUnescape($text, $postmode);
             $text = self::renderWikiText($text);
         }
     } else {
         // latest version
         if ($postmode == 'html' || $postmode == 'adveditor') {
             // Get rid of any newline characters
             $text = str_replace("\n", '', $text);
             $text = self::_handleSpecialTag_callback($text, array('[code]', '[/code]', '<pre><code>', '</code></pre>'), '_escapeSPChars');
             $text = self::_handleSpecialTag_callback($text, array('[raw]', '[/raw]', '<!--raw--><span class="raw">', '</span><!--/raw-->'), '_escapeSPChars');
         }
         if ($postmode == 'plaintext') {
             $text = htmlspecialchars($text, ENT_QUOTES, COM_getEncodingt());
             $text = COM_makeClickableLinks($text);
             $text = COM_nl2br($text);
         }
         if ($postmode == 'wikitext') {
             $text = self::_editUnescape($text, $postmode);
             $text = self::renderWikiText($text);
             //              $text = self::_htmLawed($text, 'story.edit');
         }
         $text = COM_checkWords($text);
     }
     $text = PLG_replaceTags(self::_displayEscape($text));
     return $text;
 }
Beispiel #30
0
function USER_userinfoPanel($U, $newuser = 0)
{
    global $_CONF, $_SYSTEM, $_TABLES, $_USER, $LANG_MYACCOUNT, $LANG04;
    $uid = $U['uid'];
    // set template
    $userform = new Template($_CONF['path_layout'] . 'admin/user/');
    $userform->set_file('user', 'userinfopanel.thtml');
    $userform->set_var(array('lang_personal_info_legend' => $LANG04[130], 'lang_userinfo_help_title' => $LANG04[148], 'lang_userinfo_help' => $LANG04[149], 'lang_homepage' => $LANG04[6], 'lang_location' => $LANG04[106], 'lang_signature' => $LANG04[32], 'lang_about' => $LANG04[7], 'lang_pgpkey' => $LANG04[8], 'lang_social_follow' => $LANG04[198], 'lang_social_info' => $LANG04[199], 'lang_social_service' => $LANG04[200], 'lang_social_username' => $LANG04[201]));
    $follow_me = SOC_followMeProfile($uid);
    if (is_array($follow_me) && count($follow_me) > 0) {
        $userform->set_block('user', 'social_links', 'sl');
        $userform->set_var('social_followme_enabled', true);
        foreach ($follow_me as $service) {
            $userform->set_var('service_display_name', $service['service_display_name']);
            $userform->set_var('service', $service['service']);
            $userform->set_var('service_username', $service['service_username']);
            $userform->parse('sl', 'social_links', true);
        }
    } else {
        $userform->unset_var('social_followme_enabled');
    }
    if ($_CONF['allow_user_photo'] == 1) {
        $userform->set_var('lang_userphoto', $LANG04[77]);
    }
    $userform->set_var('homepage_value', @htmlspecialchars(COM_killJS($U['homepage']), ENT_NOQUOTES, COM_getEncodingt()));
    $userform->set_var('location_value', @htmlspecialchars(strip_tags($U['location']), ENT_NOQUOTES, COM_getEncodingt()));
    $userform->set_var('signature_value', @htmlspecialchars($U['sig'], ENT_NOQUOTES, COM_getEncodingt()));
    $userform->set_var('about_value', @htmlspecialchars($U['about'], ENT_NOQUOTES, COM_getEncodingt()));
    $userform->set_var('pgpkey_value', @htmlspecialchars($U['pgpkey'], ENT_NOQUOTES, COM_getEncodingt()));
    if ($_CONF['allow_user_photo'] == 1) {
        if (!empty($uid) && $uid > 1) {
            $photo = USER_getPhoto($uid, $U['photo'], $U['email'], -1);
            if (empty($photo)) {
                $userform->set_var('display_photo', '');
            } else {
                if (empty($U['photo'])) {
                    // external avatar
                    $photo = '<br/>' . $photo;
                } else {
                    // uploaded photo - add delete option
                    $photo = '<br/>' . $photo . '<br/>' . $LANG04[79] . '&nbsp;<input type="checkbox" name="delete_photo"/>' . LB;
                }
                $userform->set_var('display_photo', $photo);
            }
        } else {
            $userform->set_var('display_photo', '');
        }
    }
    if (!empty($uid) && $uid > 1) {
        $userform->set_var('plugin_userinfo_personalinfo', PLG_profileEdit($uid, 'userinfo', 'personalinfo'));
        $userform->set_var('plugin_userinfo', PLG_profileEdit($uid, 'userinfo'));
        if ($_CONF['custom_registration'] && function_exists('CUSTOM_userEdit')) {
            $userform->set_var('customfields', CUSTOM_userEdit($uid));
        }
    }
    $retval = $userform->finish($userform->parse('output', 'user'));
    return $retval;
}