public function __construct() { global $_SYSTEM; $this->encoding = COM_getEncodingt(); if (isset($_SYSTEM['html_filter']) && $_SYSTEM['html_filter'] == 'htmlawed') { $this->setFilterMethod('htmlawed'); } if (isset($_CONF['htmlfilter_default'])) { $this->setAllowedElements($_CONF['htmlfilter_default']); } }
/** * used for the list of users in admin/user.php * */ function ADMIN_getListField_ratings($fieldname, $fieldvalue, $A, $icon_arr) { global $_CONF, $_TABLES, $LANG_ADMIN, $LANG04, $LANG28, $LANG_GF98, $_FF_CONF; $retval = ''; switch ($fieldname) { case 'grade': $retval = intval($fieldvalue); break; case 'rating': $retval = '<input type="text" name="new_rating-' . $A['uid'] . '" value="' . intval($A['rating']) . '" size="5" />'; break; case 'voter_id': $uname = DB_getItem($_TABLES['users'], 'username', 'uid=' . $A['voter_id']); $retval = COM_createLink($uname, $_CONF['site_admin_url'] . '/plugins/forum/userrating_detail.php?vid=' . $A['voter_id']); break; case 'user_id': $uname = DB_getItem($_TABLES['users'], 'username', 'uid=' . $A['user_id']); if ($uname == '') { $retval = COM_createLink($A['user_id'], $_CONF['site_admin_url'] . '/plugins/forum/userrating_detail.php?uid=' . $A['user_id']); } else { $retval = COM_createLink($uname, $_CONF['site_admin_url'] . '/plugins/forum/userrating_detail.php?uid=' . $A['user_id']); } break; case 'topic_id': if (intval($A['topic_id']) > 0) { $res = DB_query("SELECT id,pid,forum,subject,comment,status FROM {$_TABLES['ff_topic']} WHERE id=" . $A['topic_id']); list($id, $pid, $forum, $subject, $comment, $status) = DB_fetchArray($res); $testText = FF_formatTextBlock($comment, 'text', 'text', $status); $testText = strip_tags($testText); $lastpostinfogll = htmlspecialchars(preg_replace('#\\r?\\n#', '<br>', strip_tags(substr($testText, 0, $_FF_CONF['contentinfo_numchars']) . '...')), ENT_QUOTES, COM_getEncodingt()); if ($subject == '') { $subject = '<em>' . $LANG_GF98['no_subject_defined'] . '</em>'; } $retval = '<a class="' . COM_getTooltipStyle() . '" style="text-decoration:none;" href="' . $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . ($pid == 0 ? $id : $pid) . '&topic=' . $id . '#' . $id . '" title="' . $subject . '::' . $lastpostinfogll . '" rel="nofollow">' . $subject . '</a>'; } elseif ($A['topic_id'] == -1) { $retval = $LANG_GF98['admin_set_value']; } else { $retval = $LANG_GF98['no_topic_defined']; } break; case 'username': $retval = COM_createLink($fieldvalue, $_CONF['site_admin_url'] . '/plugins/forum/userrating_detail.php?uid=' . $A['uid']); break; case $_TABLES['users'] . '.uid': $retval = $A['uid']; break; default: $retval = $fieldvalue; break; } return $retval; }
function _getReferer() { global $_CONF; if (isset($_POST['referer'])) { $referer = COM_sanitizeUrl($_POST['referer']); } else { if (isset($_SERVER['HTTP_REFERER'])) { $referer = COM_sanitizeUrl($_SERVER['HTTP_REFERER']); } else { $referer = ''; } } $sLength = strlen($_CONF['site_url']); if (substr($referer, 0, $sLength) != $_CONF['site_url']) { $referer = $_CONF['site_url'] . '/forum/index.php'; } $referer = @htmlspecialchars($referer, ENT_COMPAT, COM_getEncodingt()); if (strstr($referer, 'comment.php') !== false) { if (isset($_REQUEST['sid']) && isset($_REQUEST['type'])) { $referer = PLG_getCommentUrlId($type); } } return $referer; }
function _ff_getListField_gettopic($fieldname, $fieldvalue, $A, $icon_arr) { global $_CONF, $_USER, $_TABLES, $LANG_ADMIN, $LANG04, $LANG28, $_IMAGE_TYPE; global $_FF_CONF, $_SYSTEM, $LANG_GF02, $LANG_GF03; USES_lib_html2text(); $dt = new Date('now', $_USER['tzid']); $retval = ''; switch ($fieldname) { case 'author': $retval = $A['name']; break; case 'date': $dt->setTimestamp($fieldvalue); $retval = $dt->format($_FF_CONF['default_Datetime_format'], true); break; case 'lastupdated': $dt->setTimestamp($fieldvalue); $retval = $dt->format($_FF_CONF['default_Datetime_format'], true); break; case 'subject': $testText = FF_formatTextBlock($A['comment'], 'text', 'text', $A['status']); $testText = strip_tags($testText); $html2txt = new html2text($testText, false); $testText = trim($html2txt->get_text()); $lastpostinfogll = htmlspecialchars(preg_replace('#\\r?\\n#', '<br>', strip_tags(substr($testText, 0, $_FF_CONF['contentinfo_numchars']) . '...')), ENT_QUOTES, COM_getEncodingt()); $retval = '<span class="' . COM_getTooltipStyle() . '" style="text-decoration:none;" title="' . $A['subject'] . '::' . $lastpostinfogll . '">' . $fieldvalue . '</span>'; break; case 'select': $retval = '[ <a href="#" onclick="insert_topic(\'' . $A['id'] . '\'); return false;">' . $LANG_GF03['select'] . '</a> ]'; break; default: $retval = $fieldvalue; break; } return $retval; }
$log = 'error.log'; } $display = ''; $menu_arr = array(array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home'])); $display = COM_startBlock($LANG_LOGVIEW['log_viewer'], '', COM_getBlockTemplate('_admin_block', 'header')) . ADMIN_createMenu($menu_arr, $LANG_LOGVIEW['info'], $_CONF['layout_url'] . '/images/icons/log_viewer.' . $_IMAGE_TYPE); $display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/logviewer.php" class="uk-form"><div>' . $LANG_LOGVIEW['logs'] . ': ' . '<select name="log">'; foreach (glob($_CONF['path_log'] . '*.log') as $file) { $file = basename($file); $display .= '<option value="' . $file . '"'; if ($log === $file) { $display .= ' selected="selected"'; } $display .= '>' . $file . '</option>'; } $display .= '</select> ' . '<button type="submit" name="viewlog" value="' . $LANG_LOGVIEW['view'] . '" class="uk-button">' . $LANG_LOGVIEW['view'] . '</button>' . ' ' . '<button type="submit" name="clearlog" value="' . $LANG_LOGVIEW['clear'] . '" class="uk-button" onclick="return confirm(\'' . $MESSAGE[76] . '\');">' . $LANG_LOGVIEW['clear'] . '</button>' . '</div></form>'; if (isset($_POST['clearlog'])) { if (@unlink($_CONF['path_log'] . $log)) { $timestamp = strftime("%c"); @file_put_contents($_CONF['path_log'] . $log, "{$timestamp} - Log File Cleared " . PHP_EOL, FILE_APPEND); $_POST['viewlog'] = 1; } } if (isset($_POST['viewlog'])) { $display .= '<p><strong>' . $LANG_LOGVIEW['log_file'] . ': ' . $log . '</strong></p>' . '<div style="margin:10px 0 5px;border-bottom:1px solid #cccccc;"></div>' . '<pre style="overflow:scroll; height:500px;">' . htmlentities(file_get_contents($_CONF['path_log'] . $log), ENT_NOQUOTES, COM_getEncodingt()) . '</pre>'; } $display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); $output = COM_createHTMLDocument($display, array('pagetitle' => $LANG_LOGVIEW['log_viewer'])); header('Content-Type: text/html; charset=' . COM_getEncodingt()); header('X-XSS-Protection: 1; mode=block'); header('X-Content-Type-Options: nosniff'); COM_output($output);
/** * Add a JavaScript source to a page * * This adds a javascript source file to a page - The URL should not have * the <link> attribute. * * @param string $href The URL to the javascript file * @param int $priority Load priority * @param string $mime The mime type of the stylesheet, 'text/css' * used if no other type passed. * * @access public * @return nothing */ public function addLinkScript($href, $priority = HEADER_PRIO_NORMAL, $mime = 'text/javascript') { $link = '<script type="' . $mime . '" src="' . @htmlspecialchars($href, ENT_QUOTES, COM_getEncodingt()) . '"'; $link .= "></script>" . LB; $this->_header['script'][$priority][] = $link; }
/** * Apply filters to the title element * * @param string $title * @return string */ private function _applyTitleFilter($title) { $retval = strip_tags(COM_checkWords($title, 'story')); $retval = GLText::remove4byteUtf8Chars($retval); $retval = htmlspecialchars($retval, ENT_QUOTES, COM_getEncodingt()); return $retval; }
function prepareStringForDB($message, $postmode = "html", $censor = TRUE, $htmlfilter = TRUE) { global $_FF_CONF; if ($censor) { $message = COM_checkWords($message); } if ($postmode == 'html') { if ($htmlfilter) { // Need to call addslahes again as COM_checkHTML stips it out $message = DB_escapeString(COM_checkHTML($message)); } else { $message = DB_escapeString($message); } } else { $message = DB_escapeString(@htmlspecialchars($message, ENT_QUOTES, COM_getEncodingt())); } return $message; }
for ($i = 1; $i <= $nrows; $i++) { $P = DB_fetchArray($result); $fres = DB_query("SELECT grp_id,rating_view FROM {$_TABLES['ff_forums']} WHERE forum_id=" . (int) $P['forum']); list($forumgrpid, $view_rating) = DB_fetchArray($fres); $groupname = DB_getItem($_TABLES['groups'], 'grp_name', "grp_id=" . (int) $forumgrpid); if (SEC_inGroup($groupname)) { if ($_FF_CONF['enable_user_rating_system'] && !COM_isAnonUser()) { if ($view_rating > $user_rating) { continue; } } if ($_FF_CONF['use_censor']) { $P['subject'] = COM_checkWords($P['subject']); } $postdate = COM_getUserDateTimeFormat($P['date']); $link = '<a href="' . $_CONF['site_url'] . '/forum/viewtopic.php?forum=' . $P['forum'] . '&showtopic=' . $P['id'] . '&highlight=' . htmlentities($html_query, ENT_QUOTES, COM_getEncodingt()) . '">'; $report->set_var(array('post_start_ahref' => $link, 'post_subject' => $P['subject'], 'post_end_ahref' => '</a>', 'post_date' => $postdate[0], 'post_replies' => $P['replies'], 'post_views' => $P['views'], 'csscode' => $csscode)); $report->parse('rrow', 'reportrow', true); if ($csscode == 2) { $csscode = 1; } else { $csscode++; } } } } if ($forum == 0) { $link = '<p><a href="' . $_CONF['site_url'] . '/forum/index.php">' . $LANG_GF02['msg175'] . '</a></p>'; $report->set_var('bottomlink', $link); } else { $link = '<p><a href="' . $_CONF['site_url'] . '/forum/index.php?forum=' . $forum . '">' . $LANG_GF02['msg175'] . '</a></p>';
function gfm_getoutput($id) { global $_TABLES, $LANG_GF01, $LANG_GF02, $_CONF, $_FF_CONF, $_USER; $dt = new Date('now', $_USER['tzid']); $id = COM_applyFilter($id, true); $result = DB_query("SELECT * FROM {$_TABLES['ff_topic']} WHERE id=" . (int) $id); $A = DB_fetchArray($result); if ($A['pid'] == 0) { $pid = $id; } else { $pid = $A['pid']; } $permalink = $_CONF['site_url'] . '/forum/viewtopic.php?topic=' . $id . '#' . $id; $A['name'] = COM_checkWords($A['name']); $A['name'] = @htmlspecialchars($A['name'], ENT_QUOTES, COM_getEncodingt()); $A['subject'] = COM_checkWords($A['subject']); $A['subject'] = @htmlspecialchars($A["subject"], ENT_QUOTES, COM_getEncodingt()); $A['comment'] = _ff_FormatForEmail($A['comment'], $A['postmode']); $notifymsg = sprintf($LANG_GF02['msg27'], '<a href="' . $_CONF['site_url'] . '/forum/notify.php">' . $_CONF['site_url'] . '/forum/notify.php</a>'); $dt->setTimestamp($A['date']); $date = $dt->format('F d Y @ h:i a'); if ($A['pid'] == '0') { $postid = $A['id']; } else { $postid = $A['pid']; } $T = new Template($_CONF['path'] . 'plugins/forum/templates'); $T->set_file('email', 'notifymessage.thtml'); $T->set_var(array('post_id' => $postid, 'topic_id' => $A['id'], 'post_subject' => $A['subject'], 'post_date' => $date, 'post_name' => $A['name'], 'post_comment' => $A['comment'], 'notify_msg' => $notifymsg, 'site_name' => $_CONF['site_name'], 'online_version' => sprintf($LANG_GF02['view_online'], $permalink), 'permalink' => $permalink)); $T->parse('output', 'email'); $message = $T->finish($T->get_var('output')); $T = new Template($_CONF['path'] . 'plugins/forum/templates'); $T->set_file('email', 'notifymessage_text.thtml'); $T->set_var(array('post_id' => $postid, 'topic_id' => $A['id'], 'post_subject' => $A['subject'], 'post_date' => $date, 'post_name' => $A['name'], 'post_comment' => $A['comment'], 'notify_msg' => $notifymsg, 'site_name' => $_CONF['site_name'], 'online_version' => sprintf($LANG_GF02['view_online'], $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $postid . '&lastpost=true#' . $A['id']))); $T->parse('output', 'email'); $msgText = $T->finish($T->get_var('output')); $html2txt = new html2text($msgText, false); $messageText = $html2txt->get_text(); return array($message, $messageText); }
/** * Callback function to help format links in COM_makeClickableLinks * * @param string $http set to 'http://' when not already in the url * @param string $link the url * @return string link enclosed in <a>...</a> tags * */ function COM_makeClickableLinksCallback($http, $link) { global $_CONF; static $encoding = null; if ($encoding === null) { $encoding = COM_getEncodingt(); } // When $link ends with a period, the period will be moved out of the link // text (bug #0001675) if (substr($link, -1) === '.') { $link = substr($link, 0, -1); $end = '.'; } else { $end = ''; } if ($_CONF['linktext_maxlen'] > 0) { $text = COM_truncate($link, $_CONF['linktext_maxlen'], '...', 10); } else { $text = $link; } $text = htmlspecialchars($text, ENT_QUOTES, $encoding); return '<a href="' . $http . $link . '">' . $text . '</a>' . $end; }
function _bbcode_htmlspecialchars($text) { return @htmlspecialchars($text, ENT_QUOTES, COM_getEncodingt()); }
} $metaDesc = trim($shortComment) . $tailString; $outputHandle->addMeta('property', 'og:site_name', urlencode($_CONF['site_name'])); $outputHandle->addMeta('property', 'og:locale', isset($LANG_LOCALE) ? $LANG_LOCALE : 'en_US'); $outputHandle->addMeta('property', 'og:title', $pagetitle); $outputHandle->addMeta('property', 'og:type', 'article'); $outputHandle->addMeta('property', 'og:url', $permalink); if (preg_match('/<img[^>]+src=([\'"])?((?(1).+?|[^\\s>]+))(?(1)\\1)/si', $story->DisplayElements('introtext'), $arrResult)) { $outputHandle->addMeta('property', 'og:image', $arrResult[2]); } else { if (preg_match('/<img[^>]+src=([\'"])?((?(1).+?|[^\\s>]+))(?(1)\\1)/si', $story->DisplayElements('bodytext'), $arrResult)) { $outputHandle->addMeta('property', 'og:image', $arrResult[2]); } } $outputHandle->addMeta('property', 'og:description', @htmlspecialchars($metaDesc, ENT_QUOTES, COM_getEncodingt())); $outputHandle->addMeta('name', 'description', @htmlspecialchars($metaDesc, ENT_QUOTES, COM_getEncodingt())); if (isset($_GET['msg'])) { $msg = (int) COM_applyFilter($_GET['msg'], true); if ($msg > 0) { $plugin = ''; if (isset($_GET['plugin'])) { $plugin = COM_applyFilter($_GET['plugin']); } $pageBody .= COM_showMessage($msg, $plugin, '', 0, 'info'); } } DB_query("UPDATE {$_TABLES['stories']} SET hits = hits + 1 WHERE (sid = '" . DB_escapeString($story->getSid()) . "') AND (date <= NOW()) AND (draft_flag = 0)"); // Display whats related $story_template = new Template($_CONF['path_layout'] . 'article'); $story_template->set_file('article', 'article.thtml'); $story_template->set_var('site_admin_url', $_CONF['site_admin_url']);
/** * Display a popup text message * * @param string $msg Text to display */ function PAYPAL_popupMsg($msg) { global $_CONF; $msg = htmlspecialchars($msg, ENT_QUOTES, COM_getEncodingt()); $popup = COM_showMessageText($msg); return $popup; }
/** * Get an individual field for the options admin list. * * @param string $fieldname Name of field (from the array, not the db) * @param mixed $fieldvalue Value of the field * @param array $A Array of all fields from the database * @param array $icon_arr System icon array (not used) * @param object $EntryList This entry list object * @return string HTML for field display in the table */ function PAYPAL_getAdminField_Workflow($fieldname, $fieldvalue, $A, $icon_arr) { global $_CONF, $_PP_CONF, $LANG_PP; $retval = ''; switch ($fieldname) { case 'enabled': case 'notify_buyer': if ($fieldvalue == '1') { $switch = ' checked="checked"'; $enabled = 1; } else { $switch = ''; $enabled = 0; } $retval .= "<input type=\"checkbox\" {$switch} value=\"1\" name=\"{$fieldname}_check\" \n id=\"tog{$fieldname}{$A['id']}\"\n onclick='PP_toggle(this,\"{$A['id']}\",\"{$fieldname}\"," . "\"{$A['rec_type']}\",\"" . PAYPAL_ADMIN_URL . "\");' />" . LB; break; case 'orderby': $url = PAYPAL_ADMIN_URL . "/index.php?id={$A['id']}&type={$A['rec_type']}&wfmove="; $retval = COM_createLink('<img src="' . PAYPAL_URL . '/images/up.png" height="16" width="16" border="0" />', $url . 'up') . COM_createLink('<img src="' . PAYPAL_URL . '/images/down.png" height="16" width="16" border="0" />', $url . 'down'); break; case 'wf_name': $retval = $LANG_PP[$fieldvalue]; break; case 'name': $retval = $LANG_PP['orderstatus'][$fieldvalue]; break; default: $retval = htmlspecialchars($fieldvalue, ENT_QUOTES, COM_getEncodingt()); break; } return $retval; }
/** * Handles a comment submission * * @copyright Vincent Furia 2005 * @author Vincent Furia <vinny01 AT users DOT sourceforge DOT net> * @return string HTML (possibly a refresh) */ function handleSubmit() { global $_PLUGINS; $display = ''; $type = COM_applyFilter($_POST['type']); $sid = COM_sanitizeID(COM_applyFilter($_POST['sid'])); $title = @htmlspecialchars(strip_tags($_POST['title']), ENT_NOQUOTES, COM_getEncodingt()); $pid = COM_applyFilter($_POST['pid'], true); $postmode = COM_applyFilter($_POST['postmode']); $comment = ''; if ($type != 'article') { if (!in_array($type, $_PLUGINS)) { $type = ''; } } $comment = $_POST['comment_text']; if (!($display = PLG_commentSave($type, $title, $comment, $sid, $pid, $postmode))) { $display = COM_refresh($_CONF['site_url'] . '/index.php'); } return $display; }
function MG_mediaEdit($album_id, $media_id, $actionURL = '', $mqueue = 0, $view = 0, $back = '') { global $MG_albums, $_USER, $_CONF, $_MG_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $LANG_MG07, $_POST, $_DB_dbms; MG_initAlbums(); if ($actionURL == '') { $actionURL = $_MG_CONF['site_url'] . '/index.php'; } $retval = ''; $preview = ''; $preview_end = ''; $srcURL = ''; if ($view) { $srcURL = '&s=1'; } $T = new Template(MG_getTemplatePath($album_id)); $T->set_file(array('admin' => 'mediaedit.thtml', 'asf_options' => 'edit_asf_options.thtml', 'mp3_options' => 'edit_mp3_options.thtml', 'swf_options' => 'edit_swf_options.thtml', 'mov_options' => 'edit_mov_options.thtml', 'flv_options' => 'edit_flv_options.thtml')); $T->set_var('album_id', $album_id); // a little sanity check, make sure the media item really belongs to the passed album. $match = 0; // Find which albums this image is already in... $sql = "SELECT album_id FROM " . ($mqueue ? $_TABLES['mg_media_album_queue'] : $_TABLES['mg_media_albums']) . " WHERE media_id='" . DB_escapeString($media_id) . "'"; $result = DB_query($sql); $nRows = DB_numRows($result); $albums = array(); for ($i = 0; $i < $nRows; $i++) { $row = DB_fetchArray($result); $albums[$i] = $row['album_id']; if ($row['album_id'] == $album_id) { $match = 1; } } // pull the media information from the database... $sql = "SELECT * FROM " . ($mqueue ? $_TABLES['mg_mediaqueue'] : $_TABLES['mg_media']) . " WHERE media_id='" . DB_escapeString($media_id) . "'"; $result = DB_query($sql); $row = DB_fetchArray($result); if ($MG_albums[$album_id]->access != 3 && !SEC_inGroup($MG_albums[$album_id]->mod_group_id) && $row['media_user_id'] != $_USER['uid']) { COM_errorLog("Someone has tried to illegally sort albums in Media Gallery. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1); return MG_genericError($LANG_MG00['access_denied_msg']); } // Build Album List $level = 0; $album_jumpbox = '<select name="albums" width="40">'; $MG_albums[0]->buildJumpBox($album_id); $album_jumpbox .= '</select>'; // should check the above for errors, etc... if ($row['media_type'] == 0) { if (!function_exists('MG_readEXIF')) { require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-exif.php'; } $exif_info = MG_readEXIF($row['media_id'], 1, $mqueue); if ($exif_info == '') { $exif_info = ''; } } else { $exif_info = ''; } $dtObject = new Date($row['media_time'], $_USER['tzid']); $media_time_month = $dtObject->month; $media_time_day = $dtObject->day; $media_time_year = $dtObject->year; $media_time_hour = $dtObject->hour; $media_time_minute = $dtObject->minute; $month_select = '<select name="media_month">'; $month_select .= COM_getMonthFormOptions($media_time_month); $month_select .= '</select>'; $day_select = '<select name="media_day">'; for ($i = 1; $i < 32; $i++) { $day_select .= '<option value="' . $i . '"' . ($media_time_day == $i ? 'selected="selected"' : "") . '>' . $i . '</option>'; } $day_select .= '</select>'; $current_year = (int) date("Y"); $end_year = $current_year + 10; $year_select = '<select name="media_year">'; for ($i = 1998; $i < $end_year; $i++) { $year_select .= '<option value="' . $i . '"' . ($media_time_year == $i ? 'selected="selected"' : "") . '>' . $i . '</option>'; } $year_select .= '</select>'; $hour_select = '<select name="media_hour">'; for ($i = 0; $i < 24; $i++) { $hour_select .= '<option value="' . $i . '"' . ($media_time_hour == $i ? 'selected="selected"' : "") . '>' . $i . '</option>'; } $hour_select .= '</select>'; $minute_select = '<select name="media_minute">'; for ($i = 0; $i < 60; $i++) { $minute_select .= '<option value="' . $i . '"' . ($media_time_minute == $i ? 'selected="selected"' : "") . '>' . ($i < 10 ? '0' : '') . $i . '</option>'; } $minute_select .= '</select>'; $i = 0; switch ($row['media_type']) { case 0: if (!file_exists($_MG_CONF['path_mediaobjects'] . 'disp/' . $row['media_filename'][0] . '/' . $row['media_filename'] . '.' . $row['media_mime_ext'])) { $pThumbnail = $row['media_filename'][0] . '/' . $row['media_filename'] . '.jpg'; } else { $pThumbnail = $row['media_filename'][0] . '/' . $row['media_filename'] . '.' . $row['media_mime_ext']; } $thumbnail = $_MG_CONF['mediaobjects_url'] . '/tn/' . $pThumbnail; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'disp/' . $pThumbnail); if ($_CONF['image_lib'] == 'gdlib' && !function_exists("imagerotate")) { $rotate_right = ''; $rotate_left = ''; } else { $rotate_right = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=rotate&action=right' . $srcURL . '&queue=' . $mqueue . '&media_id=' . $row['media_id'] . '&album_id=' . $album_id . '">' . '<img src="' . $_MG_CONF['site_url'] . '/images/rotate_right_icon.gif" alt="' . $LANG_MG01['rotate_left'] . '" style="border:none;"/></a>'; $rotate_left = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=rotate&action=left' . $srcURL . '&queue=' . $mqueue . '&media_id=' . $row['media_id'] . '&album_id=' . $album_id . '">' . '<img src="' . $_MG_CONF['site_url'] . '/images/rotate_left_icon.gif" alt="' . $LANG_MG01['rotate_right'] . '" style="border:none;"/></a>'; } break; case 1: switch ($row['mime_type']) { case 'video/x-flv': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/flv.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'flv.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',415,540)\">"; $preview_end = "</a>"; break; case 'application/x-shockwave-flash': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/flash.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'flash.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',415,540)\">"; $preview_end = "</a>"; break; case 'video/mpeg': case 'video/x-mpeg': case 'video/x-mpeq2a': if ($_MG_CONF['use_wmp_mpeg'] == 1) { $thumbnail = $_MG_CONF['mediaobjects_url'] . '/wmp.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'wmp.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',415,540)\">"; $preview_end = "</a>"; break; } case 'video/x-motion-jpeg': case 'video/quicktime': case 'video/x-qtc': case 'audio/mpeg': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/quicktime.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'quicktime.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',415,540)\">"; $preview_end = "</a>"; break; case 'video/x-ms-asf': case 'video/x-ms-asf-plugin': case 'video/avi': case 'video/msvideo': case 'video/x-msvideo': case 'video/avs-video': case 'video/x-ms-wmv': case 'video/x-ms-wvx': case 'video/x-ms-wm': case 'application/x-troff-msvideo': case 'application/x-ms-wmz': case 'application/x-ms-wmd': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/wmp.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'wmp.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',415,540)\">"; $preview_end = "</a>"; break; default: $thumbnail = $_MG_CONF['mediaobjects_url'] . '/video.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'video.png'); break; } $rotate_right = ''; $rotate_left = ''; break; case 2: $thumbnail = $_MG_CONF['mediaobjects_url'] . '/audio.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'audio.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',325,330)\">"; $preview_end = "</a>"; $rotate_right = ''; $rotate_left = ''; break; case 4: switch ($row['mime_type']) { case 'application/zip': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/zip.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'zip.png'); break; case 'application/pdf': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/pdf.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'pdf.png'); break; default: $thumbnail = $_MG_CONF['mediaobjects_url'] . '/generic.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'generic.png'); break; } $rotate_right = ''; $rotate_left = ''; break; case 5: $thumbnail = $_MG_CONF['mediaobjects_url'] . '/remote.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'remote.png'); $rotate_left = ''; $rotate_right = ''; break; } $media_time = MG_getUserDateTimeFormat($row['media_time']); if ($row['media_tn_attached'] == 1) { foreach ($_MG_CONF['validExtensions'] as $ext) { if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext)) { $pAttachedThumbnail = $_MG_CONF['path_mediaobjects'] . 'tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext; $iAttachedThumbnail = $_MG_CONF['mediaobjects_url'] . '/tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext; break; } } $atnsize = @getimagesize($pAttachedThumbnail); if ($atnsize != FALSE) { if ($atnsize[0] > $atnsize[1]) { $ratio = $atnsize[0] / 200; $newwidth = 200; $newheight = round($atnsize[1] / $ratio); } else { $ratio = $atnsize[1] / 200; $newheight = 200; $newwidth = round($atnsize[0] / $ratio); } $atnsize = 'height="' . $newheight . '" width="' . $newwidth . '"'; } else { $atnsize = ''; } $T->set_var(array('attached_thumbnail' => '<img src="' . $_MG_CONF['mediaobjects_url'] . '/tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext . '" alt="" ' . $atnsize . '/>')); } // playback options, if needed... if ($row['mime_type'] == 'video/x-ms-asf' || $row['mime_type'] == 'video/x-ms-wvx' || $row['mime_type'] == 'video/x-ms-wm' || $row['mime_type'] == 'video/x-ms-wmx' || $row['mime_type'] == 'video/x-ms-wmv' || $row['mime_type'] == 'audio/x-ms-wma' || $row['mime_type'] == 'video/x-msvideo') { // pull defaults, then override... $playback_options['autostart'] = $_MG_CONF['asf_autostart']; $playback_options['enablecontextmenu'] = $_MG_CONF['asf_enablecontextmenu']; $playback_options['stretchtofit'] = $_MG_CONF['asf_stretchtofit']; $playback_options['uimode'] = $_MG_CONF['asf_uimode']; $playback_options['showstatusbar'] = $_MG_CONF['asf_showstatusbar']; $playback_options['playcount'] = $_MG_CONF['asf_playcount']; $playback_options['height'] = $_MG_CONF['asf_height']; $playback_options['width'] = $_MG_CONF['asf_width']; $playback_options['bgcolor'] = $_MG_CONF['asf_bgcolor']; $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'"); $poNumRows = DB_numRows($poResult); for ($i = 0; $i < $poNumRows; $i++) { $poRow = DB_fetchArray($poResult); $playback_options[$poRow['option_name']] = $poRow['option_value']; } $uimode_select = '<select name="uimode">'; $uimode_select .= '<option value="none" ' . ($playback_options['uimode'] == 'none' ? ' selected="selected"' : '') . '>' . $LANG_MG07['none'] . '</option>'; $uimode_select .= '<option value="mini" ' . ($playback_options['uimode'] == 'mini' ? ' selected="selected"' : '') . '>' . $LANG_MG07['mini'] . '</option>'; $uimode_select .= '<option value="full" ' . ($playback_options['uimode'] == 'full' ? ' selected="selected"' : '') . '>' . $LANG_MG07['full'] . '</option>'; $uimode_select .= '</select>'; $T->set_var(array('autostart_enabled' => $playback_options['autostart'] ? ' checked="checked"' : '', 'autostart_disabled' => $playback_options['autostart'] ? '' : ' checked="checked"', 'enablecontextmenu_enabled' => $playback_options['enablecontextmenu'] ? ' checked="checked"' : '', 'enablecontextmenu_disabled' => $playback_options['enablecontextmenu'] ? '' : ' checked="checked"', 'stretchtofit_enabled' => $playback_options['stretchtofit'] ? ' checked="checked"' : '', 'stretchtofit_disabled' => $playback_options['stretchtofit'] ? '' : ' checked="checked"', 'showstatusbar_enabled' => $playback_options['showstatusbar'] ? ' checked="checked"' : '', 'showstatusbar_disabled' => $playback_options['showstatusbar'] ? '' : ' checked="checked"', 'uimode_select' => $uimode_select, 'uimode' => $playback_options['uimode'], 'playcount' => $playback_options['playcount'], 'height' => $playback_options['height'], 'width' => $playback_options['width'], 'bgcolor' => $playback_options['bgcolor'], 'lang_playcount' => $LANG_MG07['playcount'], 'lang_playcount_help' => $LANG_MG07['playcount_help'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_enable_context_menu' => $LANG_MG07['enable_context_menu'], 'lang_enable_context_menu_help' => $LANG_MG07['enable_context_menu_help'], 'lang_stretch_to_fit' => $LANG_MG07['stretch_to_fit'], 'lang_stretch_to_fit_help' => $LANG_MG07['stretch_to_fit_help'], 'lang_status_bar' => $LANG_MG07['status_bar'], 'lang_status_bar_help' => $LANG_MG07['status_bar_help'], 'lang_ui_mode' => $LANG_MG07['ui_mode'], 'lang_ui_mode_help' => $LANG_MG07['ui_mode_help'], 'lang_height' => $LANG_MG07['height'], 'lang_width' => $LANG_MG07['width'], 'lang_height_help' => $LANG_MG07['height_help'], 'lang_width_help' => $LANG_MG07['width_help'], 'lang_bgcolor' => $LANG_MG07['bgcolor'], 'lang_resolution' => $LANG_MG07['resolution'], 'resolution' => $row['media_resolution_x'] > 0 && $row['media_resolution_y'] > 0 ? $row['media_resolution_x'] . 'x' . $row['media_resolution_y'] : 'unknown', 'lang_bgcolor_help' => $LANG_MG07['bgcolor_help'])); $T->parse('playback_options', 'asf_options'); } if ($row['mime_type'] == 'audio/mpeg') { // pull defaults, then override... $playback_options['autostart'] = $_MG_CONF['mp3_autostart']; $playback_options['enablecontextmenu'] = $_MG_CONF['mp3_enablecontextmenu']; $playback_options['uimode'] = $_MG_CONF['mp3_uimode']; $playback_options['showstatusbar'] = $_MG_CONF['mp3_showstatusbar']; $playback_options['loop'] = $_MG_CONF['mp3_loop']; $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'"); $poNumRows = DB_numRows($poResult); for ($i = 0; $i < $poNumRows; $i++) { $poRow = DB_fetchArray($poResult); $playback_options[$poRow['option_name']] = $poRow['option_value']; } $uimode_select = '<select name="uimode">'; $uimode_select .= '<option value="none" ' . ($playback_options['uimode'] == 'none' ? ' selected="selected"' : '') . '>' . $LANG_MG07['none'] . '</option>'; $uimode_select .= '<option value="mini" ' . ($playback_options['uimode'] == 'mini' ? ' selected="selected"' : '') . '>' . $LANG_MG07['mini'] . '</option>'; $uimode_select .= '<option value="full" ' . ($playback_options['uimode'] == 'full' ? ' selected="selected"' : '') . '>' . $LANG_MG07['full'] . '</option>'; $uimode_select .= '</select>'; $T->set_var(array('audio_tab' => true, 'autostart_enabled' => $playback_options['autostart'] ? ' checked="checked"' : '', 'autostart_disabled' => $playback_options['autostart'] ? '' : ' checked="checked"', 'enablecontextmenu_enabled' => $playback_options['enablecontextmenu'] ? ' checked="checked"' : '', 'enablecontextmenu_disabled' => $playback_options['enablecontextmenu'] ? '' : ' checked="checked"', 'showstatusbar_enabled' => $playback_options['showstatusbar'] ? ' checked="checked"' : '', 'showstatusbar_disabled' => $playback_options['showstatusbar'] ? '' : ' checked="checked"', 'loop_enabled' => $playback_options['loop'] ? ' checked="checked"' : '', 'loop_disabled' => $playback_options['loop'] ? '' : ' checked="checked"', 'uimode_select' => $uimode_select, 'uimode' => $playback_options['uimode'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_enable_context_menu' => $LANG_MG07['enable_context_menu'], 'lang_enable_context_menu_help' => $LANG_MG07['enable_context_menu_help'], 'lang_stretch_to_fit' => $LANG_MG07['stretch_to_fit'], 'lang_stretch_to_fit_help' => $LANG_MG07['stretch_to_fit_help'], 'lang_status_bar' => $LANG_MG07['status_bar'], 'lang_status_bar_help' => $LANG_MG07['status_bar_help'], 'lang_ui_mode' => $LANG_MG07['ui_mode'], 'lang_ui_mode_help' => $LANG_MG07['ui_mode_help'], 'lang_loop' => $LANG_MG07['loop'], 'lang_loop_help' => $LANG_MG07['loop_help'])); $T->parse('playback_options', 'mp3_options'); } if ($row['mime_type'] == 'application/x-shockwave-flash' || $row['mime_type'] == 'video/x-flv') { // pull defaults, then override... $playback_options['play'] = $_MG_CONF['swf_play']; $playback_options['menu'] = $_MG_CONF['swf_menu']; $playback_options['quality'] = $_MG_CONF['swf_quality']; $playback_options['height'] = $_MG_CONF['swf_height']; $playback_options['width'] = $_MG_CONF['swf_width']; $playback_options['loop'] = $_MG_CONF['swf_loop']; $playback_options['scale'] = $_MG_CONF['swf_scale']; $playback_options['wmode'] = $_MG_CONF['swf_wmode']; $playback_options['allowscriptaccess'] = $_MG_CONF['swf_allowscriptaccess']; $playback_options['bgcolor'] = $_MG_CONF['swf_bgcolor']; $playback_options['swf_version'] = $_MG_CONF['swf_version']; $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'"); $poNumRows = DB_numRows($poResult); for ($i = 0; $i < $poNumRows; $i++) { $poRow = DB_fetchArray($poResult); $playback_options[$poRow['option_name']] = $poRow['option_value']; } $quality_select = '<select name="quality">'; $quality_select .= '<option value="low" ' . ($playback_options['quality'] == 'low' ? ' selected="selected"' : '') . '>' . $LANG_MG07['low'] . '</option>'; $quality_select .= '<option value="high" ' . ($playback_options['quality'] == 'high' ? ' selected="selected"' : '') . '>' . $LANG_MG07['high'] . '</option>'; $quality_select .= '</select>'; $scale_select = '<select name="scale">'; $scale_select .= '<option value="showall" ' . ($playback_options['scale'] == 'showall' ? ' selected="selected"' : '') . '>' . $LANG_MG07['showall'] . '</option>'; $scale_select .= '<option value="noborder" ' . ($playback_options['scale'] == 'noborder' ? ' selected="selected"' : '') . '>' . $LANG_MG07['noborder'] . '</option>'; $scale_select .= '<option value="exactfit" ' . ($playback_options['scale'] == 'exactfit' ? ' selected="selected"' : '') . '>' . $LANG_MG07['exactfit'] . '</option>'; $scale_select .= '</select>'; $wmode_select = '<select name="wmode">'; $wmode_select .= '<option value="window" ' . ($playback_options['wmode'] == 'window' ? ' selected="selected"' : '') . '>' . $LANG_MG07['window'] . '</option>'; $wmode_select .= '<option value="opaque" ' . ($playback_options['wmode'] == 'opaque' ? ' selected="selected"' : '') . '>' . $LANG_MG07['opaque'] . '</option>'; $wmode_select .= '<option value="transparent" ' . ($playback_options['wmode'] == 'transparent' ? ' selected="selected"' : '') . '>' . $LANG_MG07['transparent'] . '</option>'; $wmode_select .= '</select>'; $asa_select = '<select name="allowscriptaccess">'; $asa_select .= '<option value="always" ' . ($playback_options['allowscriptaccess'] == 'always' ? ' selected="selected"' : '') . '>' . $LANG_MG07['always'] . '</option>'; $asa_select .= '<option value="sameDomain" ' . ($playback_options['allowscriptaccess'] == 'sameDomain' ? ' selected="selected"' : '') . '>' . $LANG_MG07['sameDomain'] . '</option>'; $asa_select .= '<option value="never" ' . ($playback_options['allowscriptaccess'] == 'never' ? ' selected="selected"' : '') . '>' . $LANG_MG07['never'] . '</option>'; $asa_select .= '</select>'; $T->set_var(array('play_enabled' => $playback_options['play'] ? ' checked="checked"' : '', 'play_disabled' => $playback_options['play'] ? '' : ' checked="checked"', 'menu_enabled' => $playback_options['menu'] ? ' checked="checked"' : '', 'menu_disabled' => $playback_options['menu'] ? '' : ' checked="checked"', 'loop_enabled' => $playback_options['loop'] ? ' checked="checked"' : '', 'loop_disabled' => $playback_options['loop'] ? '' : ' checked="checked"', 'quality_select' => $quality_select, 'scale_select' => $scale_select, 'wmode_select' => $wmode_select, 'asa_select' => $asa_select, 'flashvars' => isset($playback_options['flashvars']) ? $playback_options['flashvars'] : '', 'height' => $playback_options['height'], 'width' => $playback_options['width'], 'bgcolor' => $playback_options['bgcolor'], 'swf_version' => $playback_options['swf_version'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_height' => $LANG_MG07['height'], 'lang_width' => $LANG_MG07['width'], 'lang_height_help' => $LANG_MG07['height_help'], 'lang_width_help' => $LANG_MG07['width_help'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_menu' => $LANG_MG07['menu'], 'lang_menu_help' => $LANG_MG07['menu_help'], 'lang_scale' => $LANG_MG07['scale'], 'lang_swf_scale_help' => $LANG_MG07['swf_scale_help'], 'lang_wmode' => $LANG_MG07['wmode'], 'lang_wmode_help' => $LANG_MG07['wmode_help'], 'lang_loop' => $LANG_MG07['loop'], 'lang_loop_help' => $LANG_MG07['loop_help'], 'lang_quality' => $LANG_MG07['quality'], 'lang_quality_help' => $LANG_MG07['quality_help'], 'lang_flash_vars' => $LANG_MG07['flash_vars'], 'lang_asa' => $LANG_MG07['asa'], 'lang_asa_help' => $LANG_MG07['asa_help'], 'lang_bgcolor' => $LANG_MG07['bgcolor'], 'lang_bgcolor_help' => $LANG_MG07['bgcolor_help'], 'lang_swf_version_help' => $LANG_MG07['swf_version_help'])); if ($row['mime_type'] == 'application/x-shockwave-flash') { $T->parse('playback_options', 'swf_options'); } else { $T->parse('playback_options', 'flv_options'); } } if ($row['media_mime_ext'] == 'mov' || $row['media_mime_ext'] == 'mp4' || $row['mime_type'] == 'video/quicktime' || $row['mime_type'] == 'video/mpeg') { // pull defaults, then override... $playback_options['autoref'] = $_MG_CONF['mov_autoref']; $playback_options['autoplay'] = $_MG_CONF['mov_autoplay']; $playback_options['controller'] = $_MG_CONF['mov_controller']; $playback_options['kioskmode'] = isset($_MG_CONF['mov_kioskmod']) ? $_MG_CONF['mov_kiokmode'] : ''; $playback_options['scale'] = $_MG_CONF['mov_scale']; $playback_options['loop'] = $_MG_CONF['mov_loop']; $playback_options['height'] = $_MG_CONF['mov_height']; $playback_options['width'] = $_MG_CONF['mov_width']; $playback_options['bgcolor'] = $_MG_CONF['mov_bgcolor']; $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'"); $poNumRows = DB_numRows($poResult); for ($i = 0; $i < $poNumRows; $i++) { $poRow = DB_fetchArray($poResult); $playback_options[$poRow['option_name']] = $poRow['option_value']; } $scale_select = '<select name="scale">'; $scale_select .= '<option value="tofit" ' . ($playback_options['scale'] == 'tofit' ? ' selected="selected"' : '') . '>' . $LANG_MG07['to_fit'] . '</option>'; $scale_select .= '<option value="aspect" ' . ($playback_options['scale'] == 'aspect' ? ' selected="selected"' : '') . '>' . $LANG_MG07['aspect'] . '</option>'; $scale_select .= '<option value="1" ' . ($playback_options['scale'] == '1' ? ' selected="selected"' : '') . '>' . $LANG_MG07['normal_size'] . '</option>'; $scale_select .= '</select>'; $T->set_var(array('autoref_enabled' => $playback_options['autoref'] ? ' checked="checked"' : '', 'autoref_disabled' => $playback_options['autoref'] ? '' : ' checked="checked"', 'autoplay_enabled' => $playback_options['autoplay'] ? ' checked="checked"' : '', 'autoplay_disabled' => $playback_options['autoplay'] ? '' : ' checked="checked"', 'controller_enabled' => $playback_options['controller'] ? ' checked="checked"' : '', 'controller_disabled' => $playback_options['controller'] ? '' : ' checked="checked"', 'kioskmode_enabled' => $playback_options['kioskmode'] ? ' checked="checked"' : '', 'kioskmode_disabled' => $playback_options['kioskmode'] ? '' : ' checked="checked"', 'scale_select' => $scale_select, 'loop_enabled' => $playback_options['loop'] ? ' checked="checked"' : '', 'loop_disabled' => $playback_options['loop'] ? '' : ' checked="checked"', 'height' => $playback_options['height'], 'width' => $playback_options['width'], 'bgcolor' => $playback_options['bgcolor'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_height' => $LANG_MG07['height'], 'lang_width' => $LANG_MG07['width'], 'lang_height_help' => $LANG_MG07['height_help'], 'lang_width_help' => $LANG_MG07['width_help'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_auto_ref' => $LANG_MG07['auto_ref'], 'lang_auto_ref_help' => $LANG_MG07['auto_ref_help'], 'lang_controller' => $LANG_MG07['controller'], 'lang_controller_help' => $LANG_MG07['controller_help'], 'lang_kiosk_mode' => $LANG_MG07['kiosk_mode'], 'lang_kiosk_mode_help' => $LANG_MG07['kiosk_mode_help'], 'lang_scale' => $LANG_MG07['scale'], 'lang_scale_help' => $LANG_MG07['scale_help'], 'lang_loop' => $LANG_MG07['loop'], 'lang_loop_help' => $LANG_MG07['loop_help'], 'lang_bgcolor' => $LANG_MG07['bgcolor'], 'lang_bgcolor_help' => $LANG_MG07['bgcolor_help'])); $T->parse('playback_options', 'mov_options'); } $T->set_var(array('original_filename' => $row['media_original_filename'], 'attach_tn' => $row['media_tn_attached'], 'at_tn_checked' => $row['media_tn_attached'] == 1 ? ' checked="checked"' : '', 'album_id' => $album_id, 'media_thumbnail' => $thumbnail, 'nocache' => time(), 'media_id' => $row['media_id'], 'media_title' => $row['media_title'], 'media_desc' => $row['media_desc'], 'media_time' => $media_time[0], 'media_views' => $row['media_views'], 'media_comments' => $row['media_comments'], 'media_exif_info' => $exif_info, 'media_rating_max' => 5, 'height' => $size[1] + 50, 'width' => $size[0] + 40, 'queue' => $mqueue, 'month_select' => $month_select, 'day_select' => $day_select, 'year_select' => $year_select, 'hour_select' => $hour_select, 'minute_select' => $minute_select, 'user_ip' => $row['media_user_ip'], 'album_select' => $album_jumpbox, 'media_rating' => $row['media_rating'] / 2, 'media_votes' => $row['media_votes'], 's_mode' => 'edit', 's_title' => $LANG_MG01['edit_media'], 's_rotate_right' => $rotate_right, 's_rotate_left' => $rotate_left, 's_form_action' => $actionURL, 'allowed_html' => COM_allowedHTML(SEC_getUserPermissions(), false, 'mediagallery', 'media_title'), 'site_url' => $_MG_CONF['site_url'], 'preview' => $preview, 'preview_end' => $preview_end)); if ($row['remote_media'] == 1) { $T->set_var(array('remoteurl' => $row['remote_url'], 'lang_remote_url' => $LANG_MG01['remote_url'])); } else { $T->set_var(array('remoteurl' => $row['remote_url'], 'lang_remote_url' => $LANG_MG01['alternate_url'])); } if ($row['media_type'] == 1) { $T->set_var(array('lang_resolution' => $LANG_MG07['resolution'], 'resolution' => $row['media_resolution_x'] > 0 && $row['media_resolution_y'] > 0 ? $row['media_resolution_x'] . 'x' . $row['media_resolution_y'] : 'unknown')); } else { $T->set_var(array('lang_resolution' => '', 'resolution' => '')); } // Pull user information now if ($row['media_user_id'] != '') { if ($_CONF['show_fullname']) { $displayname = 'fullname'; } else { $displayname = 'username'; } $username = DB_getItem($_TABLES['users'], $displayname, "uid={$row['media_user_id']}"); } else { $username = ''; } $userselect = '<select name="owner_name"> '; $sql = "SELECT * FROM {$_TABLES['users']} WHERE status=3 AND uid > 1 ORDER BY username ASC"; $result = DB_query($sql); while ($userRow = DB_fetchArray($result)) { $userselect .= '<option value="' . $userRow['uid'] . '"' . ($userRow['uid'] == $row['media_user_id'] ? ' selected="selected"' : '') . '>' . $userRow['username'] . '</option>' . LB; } $userselect .= '</select>'; if (SEC_hasRights('mediagallery.admin')) { $T->set_var('username', $userselect); } else { $T->set_var('username', $username); } $cat_select = '<select name="cat_id" id="cat_id">'; $cat_select .= '<option value="">' . $LANG_MG01['no_category'] . '</option>'; $result = DB_query("SELECT * FROM {$_TABLES['mg_category']} ORDER BY cat_id ASC"); while ($catRow = DB_fetchArray($result)) { $cat_select .= '<option value="' . $catRow['cat_id'] . '" ' . ($catRow['cat_id'] == $row['media_category'] ? ' selected="selected"' : '') . '>' . $catRow['cat_name'] . '</option>'; } $cat_select .= '</select>'; // keywords $keywords = $row['media_keywords']; if ($back != '') { $T->set_var(array('rpath' => htmlentities($back, ENT_QUOTES, COM_getEncodingt()))); } else { $T->set_var(array('rpath' => '')); } $artist = $row['artist']; $musicalbum = $row['album']; $genre = $row['genre']; // language items... $T->set_var(array('lang_original_filename' => $LANG_MG01['original_filename'], 'lang_media_item' => $LANG_MG00['media_col_header'], 'lang_media_attributes' => $LANG_MG01['media_attributes'], 'lang_mediaattributes' => $LANG_MG01['mediaattributes'], 'lang_attached_thumbnail' => $LANG_MG01['attached_thumbnail'], 'lang_category' => $LANG_MG01['category'], 'lang_keywords' => $LANG_MG01['keywords'], 'lang_rating' => $LANG_MG03['rating'], 'lang_comments' => $LANG_MG03['comments'], 'lang_votes' => $LANG_MG03['votes'], 'media_edit_title' => $LANG_MG01['media_edit'], 'media_edit_help' => $LANG_MG01['media_edit_help'], 'rotate_left' => $LANG_MG01['rotate_left'], 'rotate_right' => $LANG_MG01['rotate_right'], 'lang_title' => $LANG_MG01['title'], 'albums' => $LANG_MG01['albums'], 'description' => $LANG_MG01['description'], 'capture_time' => $LANG_MG01['capture_time'], 'views' => $LANG_MG03['views'], 'uploaded_by' => $LANG_MG01['uploaded_by'], 'submit' => $LANG_MG01['submit'], 'cancel' => $LANG_MG01['cancel'], 'reset' => $LANG_MG01['reset'], 'lang_save' => $LANG_MG01['save'], 'lang_reset' => $LANG_MG01['reset'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_reset_rating' => $LANG_MG01['reset_rating'], 'lang_reset_views' => $LANG_MG01['reset_views'], 'cat_select' => $cat_select, 'media_keywords' => $keywords, 'lang_replacefile' => $LANG_MG01['replace_file'], 'artist' => $artist, 'musicalbum' => $musicalbum, 'genre' => $genre, 'lang_artist' => $LANG_MG01['artist'], 'lang_genre' => $LANG_MG01['genre'], 'lang_music_album' => $LANG_MG01['music_album'])); $T->parse('output', 'admin'); $retval .= $T->finish($T->get_var('output')); return $retval; }
echo COM_siteHeader(); echo FF_alertMessage($LANG_GF02['msg02'], $LANG_GF02['msg171']); echo COM_siteFooter(); exit; } if (!_ff_canUserViewRating($forum)) { echo COM_siteHeader(); echo FF_alertMessage($LANG_GF02['msg02'], $LANG_GF02['msg171']); echo COM_siteFooter(); exit; } $result = DB_query("SELECT * FROM {$_TABLES['ff_topic']} WHERE (id=" . (int) $id . ")"); $A = DB_fetchArray($result); if ($_FF_CONF['allow_smilies']) { $search = array(":D", ":)", ":(", "8O", ":?", "B)", ":lol:", ":x", ":P", ":oops:", ":o", ":cry:", ":evil:", ":twisted:", ":roll:", ";)", ":!:", ":question:", ":idea:", ":arrow:", ":|", ":mrgreen:", ":mrt:", ":love:", ":cat:"); $replace = array("<img style=\"vertical-align:middle;\" src='images/smilies/biggrin.gif' alt='Big Grin'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/smile.gif' alt='Smile'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/frown.gif' alt='Frown'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/eek.gif' alt='Eek!'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/confused.gif' alt='Confused'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/cool.gif' alt='Cool'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/lol.gif' alt='Laughing Out Loud'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/mad.gif' alt='Angry'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/razz.gif' alt='Razz'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/redface.gif' alt='Oops!'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/surprised.gif' alt='Surprised!'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/cry.gif' alt='Cry'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/evil.gif' alt='Evil'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/twisted.gif' alt='Twisted Evil'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/rolleyes.gif' alt='Rolling Eyes'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/wink.gif' alt='Wink'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/exclaim.gif' alt='Exclaimation'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/question.gif' alt='Question'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/idea.gif' alt='Idea'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/arrow.gif' alt='Arrow'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/neutral.gif' alt='Neutral'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/mrgreen.gif' alt='Mr. Green'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/mrt.gif' alt='Mr. T'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/heart.gif' alt='Love'/>", "<img style=\"vertical-align:middle;\" src='images/smilies/cat.gif' alt='Kitten'/>"); } $A["name"] = COM_checkWords($A["name"]); $A["name"] = @htmlspecialchars($A["name"], ENT_QUOTES, COM_getEncodingt()); $A["subject"] = COM_checkWords($A["subject"]); $A["subject"] = stripslashes(@htmlspecialchars($A["subject"], ENT_QUOTES, COM_getEncodingt())); $A['comment'] = ff_FormatForPrint($A['comment'], $A['postmode'], '', $A['status']); list($cacheFile, $style_cache_url) = COM_getStyleCacheLocation(); $date = strftime('%B %d %Y @ %I:%M %p', $A['date']); echo "\n <html>\n <head>\n <title>{$_CONF['site_name']} - " . $LANG_GF02['msg147'] . " {$A['id']}]</title>\n <link rel=\"stylesheet\" type=\"text/css\" href=\"{$style_cache_url}\">\n </head>\n <body onload=\"window.print();\">\n <div style=\"box-sizing: border-box;max-width:980px;padding:0px 25px;\">\n <font face=\"verdana\" size=\"2\">\n <h3>{$LANG_GF01['SUBJECT']}: {$A['subject']}</h3>\n <b>{$LANG_GF01['POSTEDON']}:</b> {$date}\n <br>\n <b>{$LANG_GF01['BY']}</b> {$A['name']}\n <br>\n <br>\n <b>{$LANG_GF01['CONTENT']}:</b>\n <p>{$A['comment']}</p>\n <hr width=\"25%\" align=\"left\">\n\n <br>\n <b>{$LANG_GF01['REPLIES']}:</b>\n <hr width=\"50%\" align=\"left\">\n <br>\n"; $result2 = DB_query("SELECT * FROM {$_TABLES['ff_topic']} WHERE (pid=" . (int) $id . ")"); while ($B = DB_fetchArray($result2)) { $date = strftime('%B %d %Y @ %I:%M %p', $B['date']); echo "\n\n <h4>{$B['subject']}</h4>\n <b>{$LANG_GF01['POSTEDON']}:</b> {$date}\n <br>\n <b>{$LANG_GF01['BY']}</b> {$B['name']}\n <br>\n <br>\n <b>{$LANG_GF01['CONTENT']}:</b>\n <p>" . ff_FormatForPrint($B['comment'], $B['postmode']) . "</p>\n <hr width=\"25%\" align=\"left\">\n\n"; } echo "\n\n <p>{$_CONF['site_name']} - {$LANG_GF01['FORUM']}<br/>\n <a href=\"{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$A['id']}\">{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$A['id']}</a>\n </p>\n\n </font>\n </div>\n </body>\n </html>\n";
} if ($total_print_pages == 0) { $total_print_pages = 1; } //$T = new Template($_CONF['path_html'] . $mb_base_path . '/templates'); $T = new Template($_CONF['path'] . 'plugins/ckeditor/templates/mediagallery'); $T->set_file(array('page' => 'mb.thtml', 'body' => 'mb_body.thtml')); $birdseed = $MG_albums[$album_id]->getPath(0, ''); $refresh = isset($_REQUEST['refresh']) ? COM_applyFilter($_REQUEST['refresh'], true) : 0; if ($refresh != 1) { // initial call $T->set_var(array('border_yes' => $_mgMB_CONF['at_border'] == 1 ? ' selected="selected"' : '', 'border_no' => $_mgMB_CONF['at_border'] == 1 ? '' : ' selected="selected"', 'algin_none' => $_mgMB_CONF['at_align'] == 'none' ? ' selected="selected"' : '', 'align_auto' => $_mgMB_CONF['at_align'] == 'auto' ? ' selected="selected"' : '', 'align_right' => $_mgMB_CONF['at_align'] == 'right' ? ' selected="selected"' : '', 'align_left' => $_mgMB_CONF['at_align'] == 'left' ? ' selected="selected"' : '', 'width' => $_mgMB_CONF['at_width'], 'height' => $_mgMB_CONF['at_height'], 'delay' => $_mgMB_CONF['at_delay'], 'src_tn' => $_mgMB_CONF['at_src'] == 'tn' ? ' selected="selected"' : '', 'src_disp' => $_mgMB_CONF['at_src'] == 'disp' ? ' selected="selected"' : '', 'src_orig' => $_mgMB_CONF['at_src'] == 'orig' ? ' selected="selected"' : '', 'autoplay_yes' => $_mgMB_CONF['at_autoplay'] == 1 ? ' selected="selected"' : '', 'autoplay_no' => $_mgMB_CONF['at_autoplay'] == 1 ? '' : ' selected="selected"', 'link_yes' => $_mgMB_CONF['at_enable_link'] == 1 ? ' selected="selected"' : '', 'link_no' => $_mgMB_CONF['at_enable_link'] == 1 ? '' : ' selected="selected"', 'alturl_no' => isset($_mgMB_CONF['at_alt_url']) && $_mgMB_CONF['at_alt_url'] == 1 ? '' : ' selected="selected"', 'alturl_yes' => isset($_mgMB_CONF['at_alt_url']) && $_mgMB_CONF['at_alt_url'] == 1 ? ' selected="selected"' : '')); } else { $T->set_var(array('border_yes' => $_POST['border'] == 1 ? ' selected="selected"' : '', 'border_no' => $_POST['border'] == 1 ? '' : ' selected="selected"', 'align_none' => $_POST['alignment'] == 'none' ? ' selected="selected"' : '', 'align_auto' => $_POST['alignment'] == 'auto' ? ' selected="selected"' : '', 'align_right' => $_POST['alignment'] == 'right' ? ' selected="selected"' : '', 'align_left' => $_POST['alignment'] == 'left' ? ' selected="selected"' : '', 'width' => $_POST['width'], 'height' => $_POST['height'], 'delay' => isset($_POST['delay']) ? $_POST['delay'] : $_mgMB_CONF['at_delay'], 'src_tn' => $_POST['source'] == 'tn' ? ' selected="selected"' : '', 'src_disp' => $_POST['source'] == 'disp' ? ' selected="selected"' : '', 'src_orig' => $_POST['source'] == 'orig' ? ' selected="selected"' : '', 'autoplay_yes' => $_POST['autoplay'] == 1 ? ' selected="selected"' : '', 'autoplay_no' => $_POST['autoplay'] == 1 ? '' : ' selected="selected"', 'link_yes' => $_POST['link'] == 1 ? ' selected="selected"' : '', 'link_no' => $_POST['link'] == 1 ? '' : ' selected="selected"', 'alturl_yes' => $_POST['alturl'] == 1 ? ' selected="selected"' : '', 'alturl_no' => $_POST['alturl'] == 1 ? '' : ' selected="selected"', 'albumon' => $_POST['autotag'] == 'album' ? ' checked=checked' : '', 'slideshowon' => $_POST['autotag'] == 'slideshow' ? ' checked=checked' : '', 'fslideshowon' => $_POST['autotag'] == 'fslideshow' ? ' checked=checked' : '', 'mediaon' => $_POST['autotag'] == 'media' ? ' checked=checked' : '', 'mlinkon' => $_POST['autotag'] == 'mlink' ? ' checked=checked' : '', 'imgon' => $_POST['autotag'] == 'img' ? ' checked=checked' : '', 'videoon' => $_POST['autotag'] == 'video' ? ' checked=checked' : '', 'audioon' => $_POST['autotag'] == 'audio' ? 'checked=checked' : '', 'playallon' => $_POST['autotag'] == 'playall' ? 'checked=checked' : '', 'caption' => $_POST['caption'])); } $self_url = @htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, COM_getEncodingt()); $T->set_var(array('s_form_action' => $self_url, 'site_url' => $_MG_CONF['site_url'], 'birdseed' => $birdseed, 'album_title' => PLG_replaceTags($MG_albums[$album_id]->title), 'table_columns' => $columns_per_page, 'table_column_width' => intval(100 / $columns_per_page) . '%', 'top_pagination' => COM_printPageNavigation($self_url . '?aid=' . $album_id . '&i=' . $instance . '&refresh=1', $page + 1, ceil($total_items_in_album / $media_per_page)), 'bottom_pagination' => COM_printPageNavigation($self_url . '?aid=' . $album_id . '&i=' . $instance . '&refresh=1', $page + 1, ceil($total_items_in_album / $media_per_page)), 'page_number' => sprintf("%s %d %s %d", $LANG_MG03['page'], $current_print_page, $LANG_MG03['of'], $total_print_pages), 'jumpbox' => $album_jumpbox_full, 'jumpbox_raw' => $album_jumpbox_raw, 'album_id' => $album_id, 'instance' => $instance, 'lang_menulabel' => $LANG_mgMB['menulabel'], 'lang_select_album' => $LANG_mgMB['select_album'], 'lang_go' => $LANG_mgMB['go'], 'lang_error_header' => $LANG_mgMB['error_header'], 'lang_current_album' => $LANG_mgMB['current_album'], 'lang_autotag_attr' => $LANG_mgMB['autotag_attr'], 'lang_album' => $LANG_mgMB['album'], 'lang_playall' => $LANG_mgMB['playall'], 'lang_slideshow' => $LANG_mgMB['slideshow'], 'lang_fslideshow' => $LANG_mgMB['fslideshow'], 'lang_media' => $LANG_mgMB['media'], 'lang_mlink' => $LANG_mgMB['mlink'], 'lang_img' => $LANG_mgMB['img'], 'lang_video' => $LANG_mgMB['video'], 'lang_audio' => $LANG_mgMB['audio'], 'lang_width' => $LANG_mgMB['width'], 'lang_height' => $LANG_mgMB['height'], 'lang_delay' => $LANG_mgMB['delay'], 'lang_border' => $LANG_mgMB['border'], 'lang_alignment' => $LANG_mgMB['alignment'], 'lang_source' => $LANG_mgMB['source'], 'lang_link' => $LANG_mgMB['link'], 'lang_autoplay' => $LANG_mgMB['autoplay'], 'lang_caption' => $LANG_mgMB['caption'], 'lang_thumbnails' => $LANG_mgMB['thumbnails'], 'lang_navigation' => $LANG_mgMB['navigation'], 'lang_insert' => $LANG_mgMB['insert'], 'lang_cancel' => $LANG_mgMB['cancel'], 'lang_yes' => $LANG_mgMB['yes'], 'lang_no' => $LANG_mgMB['no'], 'lang_auto' => $LANG_mgMB['auto'], 'lang_none' => $LANG_mgMB['none'], 'lang_right' => $LANG_mgMB['right'], 'lang_left' => $LANG_mgMB['left'], 'lang_thumbnail' => $LANG_mgMB['thumbnail'], 'lang_display' => $LANG_mgMB['display'], 'lang_original' => $LANG_mgMB['original'], 'lang_alturl' => $LANG_mgMB['alturl'], 'lang_ribbon' => $LANG_mgMB['ribbon'], 'lang_link_src' => $LANG_mgMB['link_src'], 'lang_showtitle' => $LANG_mgMB['showtitle'], 'lang_top' => $LANG_mgMB['top'], 'lang_bottom' => $LANG_mgMB['bottom'], 'destination' => $_mgMB_CONF['enable_dest'] == 1 ? '<p>' . $LANG_mgMB['destination'] . ' <select name="dest"><option value="story">' . $LANG_mgMB['story'] . '</option><option value="block">' . $LANG_mgMB['block'] . '</option></select>' : '', 'lang_select_album' => $LANG_mgMB['select_album'])); if ($total_media == 0) { $T->set_var('lang_no_image', $LANG_MG03['no_media_objects']); $T->parse('album_noimages', 'noitems'); } if ($total_media > 0) { $k = 0; $T->set_block('body', 'ImageDetail', 'IDetail'); $T->set_block('body', 'ImageColumn', 'IColumn'); $T->set_block('body', 'ImageRow', 'IRow'); for ($i = 0; $i < $media_per_page; $i += $columns_per_page) { $T->set_var('IDetail', ''); $T->set_var('IColumn', ''); for ($j = $i; $j < $i + $columns_per_page; $j++) { if ($j >= $total_media) {
/** * List logged requests * * @param int $page page number * @return string HTML for list of entries * */ function _bb_listEntries($page = 1, $msg = '') { global $_CONF, $_USER, $_TABLES, $LANG_BAD_BEHAVIOR, $LANG_BB2_RESPONSE, $LANG_ADMIN; $retval = ''; if ($page < 1) { $page = 1; } $filter = 'all'; if (isset($_REQUEST['filter'])) { $filter = COM_applyFilter($_REQUEST['filter']); } $where = ''; if ($filter != 'all') { $where = ' WHERE ' . WP_BB_LOG . '.key="' . DB_escapeString($filter) . '"'; } $start = ($page - 1) * 50; if ($filter != 'all') { $entries = DB_count(WP_BB_LOG, WP_BB_LOG . '.key', DB_escapeString($filter)); } else { $entries = DB_count(WP_BB_LOG); } if ($start > $entries) { $start = 1; $page = 1; } $donate = $LANG_BAD_BEHAVIOR['description']; if (DB_getItem($_TABLES['vars'], 'value', "name = 'bad_behavior2.donate'") == 1) { $donate .= '<p>' . $LANG_BAD_BEHAVIOR['donate_msg'] . '</p>' . LB; } // writing the menu on top $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/bad_behavior2/ban.php', 'text' => 'List Banned IPs'), array('url' => $_CONF['site_admin_url'] . '/plugins/bad_behavior2/ban.php?mode=add', 'text' => 'Ban IPs'), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home'])); $retval .= COM_startBlock($LANG_BAD_BEHAVIOR['plugin_display_name'] . ' - ' . $LANG_BAD_BEHAVIOR['block_title_list'], '', COM_getBlockTemplate('_admin_block', 'header')); $retval .= ADMIN_createMenu($menu_arr, $donate, $_CONF['site_url'] . '/bad_behavior2/images/bad_behavior2.png'); $retval .= '<br />'; if (!empty($msg)) { $retval .= COM_showMessage($msg, 'bad_behavior2'); } $templates = new Template($_CONF['path'] . 'plugins/' . BAD_BEHAVIOR_PLUGIN . '/templates'); $templates->set_file('list', 'log.thtml'); $templates->set_var(array('lang_ip' => $LANG_BAD_BEHAVIOR['row_ip'], 'lang_user_agent' => $LANG_BAD_BEHAVIOR['row_user_agent'], 'lang_referer' => $LANG_BAD_BEHAVIOR['row_referer'], 'lang_reason' => $LANG_BAD_BEHAVIOR['row_reason'], 'lang_response' => $LANG_BAD_BEHAVIOR['row_response'], 'lang_method' => $LANG_BAD_BEHAVIOR['row_method'], 'lang_protocol' => $LANG_BAD_BEHAVIOR['row_protocol'], 'lang_date' => $LANG_BAD_BEHAVIOR['row_date'], 'lang_search' => $LANG_BAD_BEHAVIOR['search'], 'lang_ip_date' => $LANG_BAD_BEHAVIOR['ip_date'], 'lang_headers' => $LANG_BAD_BEHAVIOR['headers'], 'lang_filter_select' => $LANG_BAD_BEHAVIOR['filter'], 'lang_go' => $LANG_BAD_BEHAVIOR['go'])); $filter_select = '<option value="all"'; if ($filter == '') { $filter_select .= ' selected="selected" '; } $filter_select .= '>' . $LANG_BAD_BEHAVIOR['no_filter'] . '</option>'; foreach ($LANG_BB2_RESPONSE as $code => $text) { $filter_select .= '<option value="' . $code . '"'; if ($filter == $code) { $filter_select .= ' selected="selected" '; } $filter_select .= '>' . $text . '</option>'; } $templates->set_var('filter_select', $filter_select); $result = DB_query("SELECT id,ip,date,request_method,request_uri,server_protocol,http_headers,user_agent,request_entity,`key` FROM " . WP_BB_LOG . " " . $where . " ORDER BY date DESC LIMIT {$start},50"); $num = DB_numRows($result); $templates->set_block('list', 'logrow', 'lrow'); for ($i = 0; $i < $num; $i++) { $A = DB_fetchArray($result); $lcount = 50 * ($page - 1) + $i + 1; foreach ($A as $key => $val) { $A[$key] = htmlspecialchars($val, ENT_QUOTES, COM_getEncodingt()); } $dt = new Date($A['date'], $_USER['tzid']); $headers = str_replace("\n", "<br/>\n", $A['http_headers']); $headers = str_replace("User-Agent:", "<strong>User-Agent:</strong>", $headers); $headers = str_replace("Host:", "<strong>Host:</strong>", $headers); $headers = str_replace("POST ", "<strong>POST</strong> ", $headers); $headers = str_replace("GET ", "<strong>GET</strong> ", $headers); $headers = str_replace("Accept-Language:", "<strong>Accept-Language:</strong> ", $headers); $headers = str_replace("Accept-Encoding:", "<strong>Accept-Encoding:</strong> ", $headers); $headers = str_replace("Accept-Charset:", "<strong>Accept-Charset:</strong> ", $headers); $headers = str_replace("X-Forwarded-For:", "<strong>X-Forwarded-For:</strong> ", $headers); $headers = str_replace("Cookie:", "<strong>Cookie:</strong> ", $headers); $headers = str_replace("Via:", "<strong>Via:</strong> ", $headers); $headers = str_replace("Connection:", "<strong>Connection:</strong>", $headers); $headers = str_replace("Accept:", "<strong>Accept:</strong>", $headers); $headers = str_replace("Cache-Control:", "<strong>Cache-Control:</strong>", $headers); $headers = str_replace("Referer:", "<strong>Referer:</strong>", $headers); $headers = str_replace("Pragma:", "<strong>Pragma:</strong>", $headers); $headers = str_replace("Proxy-", "<strong>Proxy-</strong>", $headers); $headers = str_replace("Cf-Connecting-Ip", "<strong>Cf-Connecting-Ip</strong>", $headers); $headers = str_replace("Cf-Ipcountry", "<strong>Cf-Ipcountry</strong>", $headers); $headers = str_replace("X-Forwarded-Proto", "<strong>X-Forwarded-Proto</strong>", $headers); $headers = str_replace("Cf-Visitor", "<strong>Cf-Visitor</strong>", $headers); $headers = str_replace("X-Http-Proto", "<strong>X-Http-Proto</strong>", $headers); $headers = str_replace("X-Real-Ip", "<strong>X-Real-Ip</strong>", $headers); $headers = str_replace("Content-Length", "<strong>Content-Length</strong>", $headers); $headers = str_replace("Content-Type", "<strong>Content-Type</strong>", $headers); $headers = str_replace("Te:", "<strong>Te:</strong>", $headers); $headers = str_replace("Expect:", "<strong>Expect:</strong>", $headers); $headers = str_replace("Dnt:", "<strong>Dnt:</strong>", $headers); $entity = str_replace("\n", "<br/>\n", $A["request_entity"]); $templates->set_var(array('row_num' => $lcount, 'cssid' => $i % 2 + 1, 'id' => $A['id'], 'ip' => $A['ip'], 'request_method' => $A['request_method'], 'http_host' => $A['request_uri'], 'server_protocol' => $A['server_protocol'], 'http_referer' => $headers, 'reason' => $LANG_BB2_RESPONSE[$A['key']], 'http_user_agent' => $A['user_agent'], 'http_response' => $entity, 'date_and_time' => $dt->toRFC822(true))); $url = $_CONF['site_admin_url'] . '/plugins/' . BAD_BEHAVIOR_PLUGIN . '/index.php?mode=view&id=' . $A['id']; if ($page > 1) { $url .= '&page=' . $page; } $templates->set_var('start_headers_anchortag', '<a href="' . $url . '" title="' . $LANG_BAD_BEHAVIOR['title_show_headers'] . '">'); $templates->set_var('end_headers_anchortag', '</a>'); if (!empty($_CONF['ip_lookup'])) { $iplookup = str_replace('*', $A['ip'], $_CONF['ip_lookup']); $templates->set_var('start_ip_lookup_anchortag', '<a href="' . $iplookup . '" title="' . $LANG_BAD_BEHAVIOR['title_lookup_ip'] . '" target="_new">'); $templates->set_var('end_ip_lookup_anchortag', '</a>'); } else { $templates->set_var('start_ip_lookup_anchortag', ''); $templates->set_var('end_ip_lookup_anchortag', ''); } $templates->parse('lrow', 'logrow', true); } if ($entries > 50) { $baseurl = $_CONF['site_admin_url'] . '/plugins/' . BAD_BEHAVIOR_PLUGIN . '/index.php?mode=list&filter=' . $filter; $numpages = ceil($entries / 50); $templates->set_var('google_paging', COM_printPageNavigation($baseurl, $page, $numpages)); } else { $templates->set_var('google_paging', ''); } $templates->parse('output', 'list'); $retval .= $templates->finish($templates->get_var('output')); $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); return $retval; }
/** * Display form to email a story to someone. * * @param string $sid ID of article to email * @return string HTML for email story form * */ function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0) { global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG_LOGIN; $retval = ''; if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) { $display = COM_siteHeader('menu', $LANG_LOGIN[1]); $display .= SEC_loginRequiredForm(); $display .= COM_siteFooter(); echo $display; exit; } $result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'" . COM_getTopicSql('AND') . COM_getPermSql('AND')); $A = DB_fetchArray($result); if ($A['count'] == 0) { return COM_refresh($_CONF['site_url'] . '/index.php'); } if ($msg > 0) { $retval .= COM_showMessage($msg, '', '', 0, 'info'); } if (empty($from) && empty($fromemail)) { if (!COM_isAnonUser()) { $from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']); $fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}"); } } $postmode = $_CONF['mailuser_postmode']; $mail_template = new Template($_CONF['path_layout'] . 'profiles'); $mail_template->set_file('form', 'contactauthorform.thtml'); if ($postmode == 'html') { $mail_template->set_var('show_htmleditor', true); } else { $mail_template->unset_var('show_htmleditor'); } $mail_template->set_var('lang_postmode', $LANG03[2]); $mail_template->set_var('postmode', $postmode); $mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17])); $mail_template->set_var('lang_fromname', $LANG08[20]); $mail_template->set_var('name', $from); $mail_template->set_var('lang_fromemailaddress', $LANG08[21]); $mail_template->set_var('email', $fromemail); $mail_template->set_var('lang_toname', $LANG08[18]); $mail_template->set_var('toname', $to); $mail_template->set_var('lang_toemailaddress', $LANG08[19]); $mail_template->set_var('toemail', $toemail); $mail_template->set_var('lang_shortmessage', $LANG08[27]); $mail_template->set_var('shortmsg', @htmlspecialchars($shortmsg, ENT_COMPAT, COM_getEncodingt())); $mail_template->set_var('lang_warning', $LANG08[22]); $mail_template->set_var('lang_sendmessage', $LANG08[16]); $mail_template->set_var('story_id', $sid); PLG_templateSetVars('emailstory', $mail_template); $mail_template->set_var('end_block', COM_endBlock()); $mail_template->parse('output', 'form'); $retval .= $mail_template->finish($mail_template->get_var('output')); return $retval; }
/** * Shows the group editor form * * @param string $grp_id ID of group to edit * @return string HTML for group editor * */ function GROUP_edit($grp_id = '') { global $_TABLES, $_CONF, $_USER, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $LANG28, $VERBOSE, $_IMAGE_TYPE; USES_lib_admin(); $retval = ''; $form_url = ''; $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/group.php', 'text' => $LANG28[38]), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home'])); $thisUsersGroups = SEC_getUserGroups(); if (!empty($grp_id) && $grp_id > 0 && !in_array($grp_id, $thisUsersGroups) && !SEC_groupIsRemoteUserAndHaveAccess($grp_id, $thisUsersGroups)) { if (!SEC_inGroup('Root') && DB_getItem($_TABLES['groups'], 'grp_name', "grp_id = {$grp_id}") == 'Root') { $eMsg = $LANG_ACCESS['canteditroot']; COM_accessLog("User {$_USER['username']} tried to edit the Root group with insufficient privileges."); } else { $eMsg = $LANG_ACCESS['canteditgroup']; } $retval .= COM_showMessageText($eMsg, $LANG_ACCESS['groupeditor'], true); return $retval; } $retval .= COM_startBlock($LANG_ACCESS['groupeditor'], '', COM_getBlockTemplate('_admin_block', 'header')); $retval .= ADMIN_createMenu($menu_arr, $LANG_ACCESS['groupeditmsg'], $_CONF['layout_url'] . '/images/icons/group.' . $_IMAGE_TYPE); $group_templates = new Template($_CONF['path_layout'] . 'admin/group'); $group_templates->set_file('editor', 'groupeditor.thtml'); if (!empty($grp_id) && $grp_id != 0) { $result = DB_query("SELECT grp_id,grp_name,grp_descr,grp_gl_core,grp_default FROM {$_TABLES['groups']} WHERE grp_id = " . (int) $grp_id); $A = DB_fetchArray($result); if ($A['grp_gl_core'] > 0) { $group_templates->set_var('chk_adminuse', 'checked="checked"'); } if ($A['grp_default'] != 0) { $group_templates->set_var('chk_defaultuse', 'checked="checked"'); } } else { // new group, so it's obviously not a core group $A['grp_gl_core'] = 0; $A['grp_default'] = 0; $A['grp_name'] = ''; } if ($A['grp_name'] == 'Logged-in Users' || $A['grp_name'] == 'All Users' || $A['grp_name'] == 'Root') { $disable_edits = 1; } else { $disable_edit = 0; } $group_templates->set_var('site_url', $_CONF['site_url']); $group_templates->set_var('site_admin_url', $_CONF['site_admin_url']); $group_templates->set_var('layout_url', $_CONF['layout_url']); $group_templates->set_var('lang_save', $LANG_ADMIN['save']); $group_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']); $group_templates->set_var('lang_admingroup', $LANG28[49]); $group_templates->set_var('lang_admingrp_msg', $LANG28[50]); $group_templates->set_var('lang_defaultgroup', $LANG28[88]); $group_templates->set_var('lang_defaultgrp_msg', $LANG28[89]); $group_templates->set_var('lang_applydefault_msg', $LANG28[90]); $group_templates->set_var('lang_groupname', $LANG_ACCESS['groupname']); $group_templates->set_var('lang_description', $LANG_ACCESS['description']); $group_templates->set_var('lang_securitygroups', $LANG_ACCESS['securitygroups']); $group_templates->set_var('lang_rights', $LANG_ACCESS['rights']); $showall = isset($_GET['chk_showall']) ? COM_applyFilter($_GET['chk_showall'], true) : 0; $group_templates->set_var('show_all', $showall); if (!empty($grp_id) && $grp_id != 0) { // Groups tied to glFusion's functionality shouldn't be deleted if ($A['grp_gl_core'] != 1) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s />'; $jsconfirm = ' onclick="return confirm(\'' . $LANG_ACCESS['confirm1'] . '\');"'; $group_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $group_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); $group_templates->set_var('group_core', 0); } else { $group_templates->set_var('group_core', 1); } $group_templates->set_var('group_id', $A['grp_id']); } else { $group_templates->set_var('group_core', 0); } $group_templates->set_var('lang_groupname', $LANG_ACCESS['groupname']); // if the group name is set, do not allow it to change ... we need to do this better in the future ... if (isset($A['grp_name']) && $A['grp_name'] != '') { $group_templates->set_var('group_name', $A['grp_name']); // determine whether the group offers the option to make it a 'default group' for new users ... switch ($A['grp_name']) { case 'All Users': case 'Logged-in Users': case 'Remote Users': case 'Root': $group_templates->set_var('hide_defaultoption', ' style="display:none;"'); break; default: $group_templates->set_var('hide_defaultoption', ''); break; } $group_templates->set_var('groupname_inputtype', 'hidden'); $group_templates->set_var('groupname_static', $A['grp_name']); } else { $group_templates->set_var('groupname_inputtype', 'text'); $group_templates->set_var('group_name', ''); } if (isset($A['grp_descr'])) { $group_templates->set_var('group_description', htmlspecialchars($A['grp_descr'], ENT_QUOTES, COM_getEncodingt())); } else { $group_templates->set_var('group_description', ''); } $selected = ''; if (!empty($grp_id)) { $tmp = DB_query("SELECT ug_main_grp_id FROM {$_TABLES['group_assignments']} WHERE ug_grp_id = {$grp_id}"); $num_groups = DB_numRows($tmp); for ($x = 0; $x < $num_groups; $x++) { $G = DB_fetchArray($tmp); if ($x > 0) { $selected .= ' ' . $G['ug_main_grp_id']; } else { $selected .= $G['ug_main_grp_id']; } } } $groupoptions = ''; $group_templates->set_var('lang_securitygroupmsg', $LANG_ACCESS['groupmsg']); $group_templates->set_var('hide_adminoption', ''); if ($VERBOSE) { COM_errorLog("SELECTED: {$selected}"); } if (empty($groupoptions)) { // make sure to list only those groups of which the Group Admin // is a member $whereGroups = '(grp_id IN (' . implode(',', $thisUsersGroups) . '))'; $header_arr = array(array('text' => $LANG28[86], 'field' => 'checkbox', 'sort' => false, 'align' => 'center'), array('text' => $LANG_ACCESS['groupname'], 'field' => 'grp_name', 'sort' => true), array('text' => $LANG_ACCESS['description'], 'field' => 'grp_descr', 'sort' => true)); $defsort_arr = array('field' => 'grp_name', 'direction' => 'asc'); $form_url = $_CONF['site_admin_url'] . '/group.php?edit=x&grp_id=' . $grp_id; $text_arr = array('has_menu' => false, 'has_extras' => false, 'title' => '', 'instructions' => '', 'icon' => ''); $xsql = ''; if (!empty($grp_id)) { $xsql = " AND (grp_id <> {$grp_id})"; } $sql = "SELECT grp_id, grp_name, grp_descr FROM {$_TABLES['groups']} WHERE (grp_name <> 'Root')" . $xsql . ' AND ' . $whereGroups; $query_arr = array('table' => 'groups', 'sql' => $sql, 'query_fields' => array('grp_name'), 'default_filter' => '', 'query' => '', 'query_limit' => 0); $groupoptions = ADMIN_list('groups', 'GROUP_getListField2', $header_arr, $text_arr, $query_arr, $defsort_arr, '', explode(' ', $selected)); } $group_templates->set_var('group_options', $groupoptions); $group_templates->set_var('lang_rights', $LANG_ACCESS['rights']); if ($A['grp_gl_core'] == 1) { $group_templates->set_var('lang_rightsmsg', $LANG_ACCESS['rightsdescr']); } else { $group_templates->set_var('lang_rightsmsg', $LANG_ACCESS['rightsdescr']); } $group_templates->set_var('rights_options', GROUP_displayRights($grp_id, $A['grp_gl_core'])); $group_templates->set_var('gltoken_name', CSRF_TOKEN); $group_templates->set_var('gltoken', SEC_createToken()); $group_templates->parse('output', 'editor'); $retval .= $group_templates->finish($group_templates->get_var('output')); $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); return $retval; }
/** * Shows the user registration form * * @param int $msg message number to show * @param string $referrer page to send user to after registration * @return string HTML for user registration page */ function newuserform($msg = '') { global $_CONF, $LANG01, $LANG04; $retval = ''; if ($_CONF['disable_new_user_registration']) { COM_setMsg($LANG04[122], 'error'); echo COM_refresh($_CONF['site_url']); } if ($_CONF['custom_registration'] and function_exists('CUSTOM_userForm')) { return CUSTOM_userForm($msg); } if (!empty($msg)) { $retval .= COM_showMessageText($msg, $LANG04[21], false, 'info'); } $user_templates = new Template($_CONF['path_layout'] . 'users'); $user_templates->set_file('regform', 'registrationform.thtml'); $user_templates->set_var('start_block', COM_startBlock($LANG04[22])); $user_templates->set_var('lang_instructions', $LANG04[23]); $user_templates->set_var('lang_username', $LANG04[2]); $user_templates->set_var('lang_fullname', $LANG04[3]); $user_templates->set_var('lang_email', $LANG04[5]); $user_templates->set_var('lang_email_conf', $LANG04[124]); if ($_CONF['registration_type'] == 1) { // verification link $user_templates->set_var('lang_passwd', $LANG01[57]); $user_templates->set_var('lang_passwd_conf', $LANG04[176]); $user_templates->set_var('lang_warning', $LANG04[167]); } else { $user_templates->set_var('lang_warning', $LANG04[24]); } $user_templates->set_var('lang_register', $LANG04[27]); PLG_templateSetVars('registration', $user_templates); $user_templates->set_var('end_block', COM_endBlock()); $username = ''; if (!empty($_POST['username'])) { $username = trim($_POST['username']); } $user_templates->set_var('username', @htmlentities($username, ENT_COMPAT, COM_getEncodingt())); $fullname = ''; if (!empty($_POST['fullname'])) { $fullname = $_POST['fullname']; } $fullname = USER_sanitizeName($fullname); $user_templates->set_var('fullname', @htmlentities($fullname, ENT_COMPAT, COM_getEncodingt())); switch ($_CONF['user_reg_fullname']) { case 2: $user_templates->set_var('require_fullname', 'true'); case 1: $user_templates->set_var('show_fullname', 'true'); } $email = ''; if (!empty($_POST['email'])) { $email = COM_applyFilter($_POST['email']); } $user_templates->set_var('email', $email); $email_conf = ''; if (!empty($_POST['email_conf'])) { $email_conf = COM_applyFilter($_POST['email_conf']); } $user_templates->set_var('email_conf', $email_conf); $user_templates->parse('output', 'regform'); $retval .= $user_templates->finish($user_templates->get_var('output')); return $retval; }
function _ff_getListField_forum($fieldname, $fieldvalue, $A, $icon_arr) { global $_CONF, $_USER, $_TABLES, $LANG_ADMIN, $LANG04, $LANG28, $_IMAGE_TYPE; global $_FF_CONF, $_SYSTEM, $LANG_GF02; if (!isset($A['status'])) { $A['status'] = 0; } USES_lib_html2text(); $retval = ''; $dt = new Date('now', $_USER['tzid']); switch ($fieldname) { case 'date': case 'lastupdated': $dt->setTimestamp($fieldvalue); $retval = $dt->format($_FF_CONF['default_Datetime_format'], true); break; case 'subject': $testText = FF_formatTextBlock($A['comment'], 'text', 'text', $A['status']); $testText = strip_tags($testText); $html2txt = new html2text($testText, false); $testText = trim($html2txt->get_text()); $lastpostinfogll = @htmlspecialchars(preg_replace('#\\r?\\n#', '<br>', strip_tags(substr($testText, 0, $_FF_CONF['contentinfo_numchars']) . '...')), ENT_QUOTES, COM_getEncodingt()); $retval = '<a class="' . COM_getTooltipStyle() . '" style="text-decoration:none;" href="' . $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . ($A['pid'] == 0 ? $A['id'] : $A['pid']) . '&topic=' . $A['id'] . '#' . $A['id'] . '" title="' . $A['subject'] . '::' . $lastpostinfogll . '" rel="nofollow">' . $fieldvalue . '</a>'; break; case 'bookmark': $bm_icon_on = '<img src="' . _ff_getImage('star_on_sm') . '" title="' . $LANG_GF02['msg204'] . '" alt=""/>'; $retval = '<span id="forumbookmark' . $A['topic_id'] . '"><a href="#" onclick="ajax_toggleForumBookmark(' . $A['topic_id'] . ');return false;">' . $bm_icon_on . '</a></span>'; break; case 'replies': case 'views': if ($fieldvalue != '') { $retval = $fieldvalue; } else { $retval = '0'; } break; default: $retval = $fieldvalue; break; } return $retval; }
/** * this searches for pages matching the user query and returns an array of * for the header and table rows back to search.php where it will be formated and * printed * * @query string Keywords user is looking for * @datestart date/time Start date to get results for * @dateend date/time End date to get results for * @topic string The topic they were searching in * @type string Type of items they are searching * @author string Get all results by this author * */ function MG_search($id, $page) { global $MG_albums, $_USER, $_TABLES, $_CONF, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03; $retval = ''; $columns_per_page = $_MG_CONF['search_columns']; $rows_per_page = $_MG_CONF['search_rows']; $media_per_page = $columns_per_page * $rows_per_page; $playback_type = $_MG_CONF['search_playback_type']; $current_print_page = $page; // pull the query from the search database... $result = DB_query("SELECT * FROM {$_TABLES['mg_sort']} WHERE sort_id='" . DB_escapeString($id) . "'"); $nrows = DB_numRows($result); if ($nrows < 1) { return MG_displaySearchBox('<div class="pluginAlert">' . $LANG_MG03['no_search_found'] . '</div>'); } $S = DB_fetchArray($result); if (COM_isAnonUser()) { $sort_user = 1; } else { $sort_user = $_USER['uid']; } if ($sort_user != $S['sort_user'] && $S['sort_user'] != 1) { return MG_displaySearchBox('<div class="pluginAlert">' . $LANG_MG03['no_search_found'] . '</div>'); } $sqltmp = $S['sort_query']; $numresults = $S['sort_results']; $numresults = $media_per_page; $sql = "SELECT DISTINCT * FROM " . $_TABLES['mg_media'] . " as m " . " INNER JOIN " . $_TABLES['mg_media_albums'] . " as ma " . " ON m.media_id=ma.media_id " . $sqltmp . " ORDER BY m.media_time DESC;"; $result = DB_query($sql); $mycount = DB_numRows($result); if ($mycount < 1) { return MG_displaySearchBox('<div class="pluginAlert">' . $LANG_MG03['no_search_found'] . '</div>'); } $arrayCounter = 0; $mediaRows = 0; if ($mycount > 0) { for ($i = 0; $i < $mycount; $i++) { $row = DB_fetchArray($result); if ($MG_albums[$row['album_id']]->access == 0 || $MG_albums[$row['album_id']]->hidden == 1 && $MG_albums[0]->owner_id != 1) { continue; } $media = new Media(); $media->constructor($row, $row['album_id']); $MG_media[$arrayCounter] = $media; $M[$arrayCounter] = $row; $arrayCounter++; $mediaRows++; } } if ($mediaRows == 0) { return MG_displaySearchBox('<div class="pluginAlert">' . $LANG_MG03['no_search_found'] . '</div>'); } $page = $page - 1; $begin = $page * $numresults; $end = $page * $numresults + ($numresults - 1); $total_print_pages = ceil($mediaRows / $numresults); // new stuff $T = new Template(MG_getTemplatePath(0)); $T->set_file(array('page' => 'search_results2.thtml')); $T->set_var(array('site_url' => $_MG_CONF['site_url'], 'table_columns' => $columns_per_page, 'table_column_width' => intval(100 / $columns_per_page) . '%', 'top_pagination' => COM_printPageNavigation($_MG_CONF['site_url'] . '/search.php?id=' . $id, $page + 1, ceil($mediaRows / $numresults), '&page='), 'bottom_pagination' => COM_printPageNavigation($_MG_CONF['site_url'] . '/search.php?id=' . $id, $page + 1, ceil($mediaRows / $numresults), '&page='), 'page_number' => sprintf("%s %d %s %d", $LANG_MG03['page'], $current_print_page, $LANG_MG03['of'], $total_print_pages), 'lang_search_results' => $LANG_MG03['search_results'], 'lang_return_to_index' => $LANG_MG03['return_to_index'], 'return_url' => $S['referer'] == '' ? $_MG_CONF['site_url'] : htmlentities($S['referer'], ENT_QUOTES, COM_getEncodingt()), 'search_keywords' => $S['keywords'], 'lang_search' => $LANG_MG01['search'])); $howmany = $mediaRows - $page * $numresults; if ($howmany > $mediaRows) { $howmany = $mediaRows; } $total_media = $mediaRows; if ($howmany == 0) { $T->set_var(array('lang_no_image' => $LANG_MG03['no_media_objects'])); $T->parse('album_noimages', 'noitems'); } $noParse = 0; if ($howmany > 0) { $k = 0; $T->set_block('page', 'ImageColumn', 'IColumn'); $T->set_block('page', 'ImageRow', 'IRow'); for ($i = $begin; $i < $media_per_page + $begin; $i += $columns_per_page) { for ($j = $i; $j < $i + $columns_per_page; $j++) { if ($j >= $total_media) { $k = $i + $columns_per_page - $j; $m = $k % $columns_per_page; for ($z = $m; $z > 0; $z--) { $T->set_var(array('CELL_DISPLAY_IMAGE' => '')); $T->parse('IColumn', 'ImageColumn', true); } $noParse = 1; break; } $previous_image = $i - 1; if ($previous_image < 0) { $previous_image = -1; } $next_image = $i + 1; if ($next_image >= $total_media - 1) { $next_image = -1; } $z = $j; // +$start; $celldisplay = MG_searchDisplayThumb($M[$j], 0, $id, $page + 1); if ($MG_media[$j]->type == 1) { $PhotoURL = $_MG_CONF['mediaobjects_url'] . '/disp/' . $MG_media[$j]->filename[0] . '/' . $MG_media[$j]->filename . '.jpg'; $T->set_var(array('URL' => $PhotoURL)); } $T->set_var(array('CELL_DISPLAY_IMAGE' => $celldisplay)); $T->parse('IColumn', 'ImageColumn', true); } $T->parse('IRow', 'ImageRow', true); $T->set_var('IColumn', ''); if ($noParse == 1) { break; } } } $T->parse('output', 'page'); $retval .= $T->finish($T->get_var('output')); return $retval; }
} else { $neg_subscription = false; } $result = DB_query("SELECT subject,name,replies,views,uid,id FROM {$_TABLES['ff_topic']} WHERE id=" . (int) $topic_id); $A = DB_fetchArray($result); if ($A['subject'] == '') { $subject = $LANG_GF01['MISSINGSUBJECT']; } elseif (strlen($A['subject']) > 50) { $subject = @htmlspecialchars(substr($A['subject'], 0, 50), ENT_QUOTES, COM_getEncodingt()) . ' ...'; } else { $subject = @htmlspecialchars($A['subject'], ENT_COMPAT, COM_getEncodingt()); } $topic_link = '<a href="' . $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topic_id . '" title="'; $topic_link .= $subject . '">' . $subject . '</a>'; } $report->set_var(array('id' => $notify_recid, 'csscode' => $i % 2 + 1, 'forum' => $forum_name, 'linksubject' => @htmlspecialchars($subject, ENT_QUOTES, COM_getEncodingt()), 'is_forum' => $is_forum, 'topic_link' => $topic_link, 'topicauthor' => $A['name'], 'date_added' => $date_added, 'uid' => $A['uid'], 'views' => $A['views'], 'replies' => $A['replies'], 'notify_id' => $notify_recid, 'LANG_REMOVE' => $LANG_GF01['REMOVE'])); $report->parse('nrow', 'notification', true); $i++; } if ($nrows == 0) { $report->set_var('bottomlink', $LANG_GF02['msg44']); } else { $report->set_var('pagenavigation', COM_printPageNavigation($base_url, $page, $numpages)); if ($forum > 0) { $report->set_var('bottomlink', "<a href=\"{$_CONF['site_url']}/forum/index.php?forum={$forum}\">{$LANG_GF02['msg144']}</a>"); } else { $report->set_var('bottomlink', "<a href=\"{$_CONF['site_url']}/forum/index.php\">{$LANG_GF02['msg175']}</a>"); } } $report->parse('output', 'report'); $display .= $report->finish($report->get_var('output'));
/** * Show topic administration form * * @param string tid ID of topic to edit * @return string HTML for the topic editor */ function edittopic($tid = '') { global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG04, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS; $retval = ''; if (empty($tid)) { // new topic - set defaults $A = array('tid' => '', 'topic' => '', 'sortnum' => 0, 'parent_id' => TOPIC_ROOT, 'inherit' => 1, 'hidden' => 0, 'limitnews' => '', 'is_default' => 0, 'archive_flag' => 0); } else { $result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'"); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); if ($access == 0 || $access == 2) { $retval .= COM_showMessageText($LANG27[13], $LANG27[12]); COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}."); return $retval; } } $token = SEC_createToken(); $retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header')); $retval .= SEC_getTokenExpiryNotice($token); if (!is_array($A) || empty($A['owner_id'])) { $A['owner_id'] = $_USER['uid']; // this is the one instance where we default the group // most topics should belong to the Topic Admin group if (isset($_GROUPS['Topic Admin'])) { $A['group_id'] = $_GROUPS['Topic Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('topic.edit'); } SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']); $access = 3; } $topic_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/topic'); $topic_templates->set_file('editor', 'topiceditor.thtml'); if (!empty($tid) && SEC_hasRights('topic.edit')) { $delButton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsConfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $topic_templates->set_var('delete_option', sprintf($delButton, $jsConfirm)); $topic_templates->set_var('delete_option_no_confirmation', sprintf($delButton, '')); $topic_templates->set_var('allow_delete', true); $topic_templates->set_var('lang_delete', $LANG_ADMIN['delete']); $topic_templates->set_var('confirm_message', $MESSAGE[76]); $topic_templates->set_var('warning_msg', $LANG27[6]); } if ($_CONF['titletoid'] && empty($tid)) { $_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js'); $topic_templates->set_var('titletoid', true); } $topic_templates->set_var('lang_topicid', $LANG27[2]); $topic_templates->set_var('topic_id', $A['tid']); $topic_templates->set_var('lang_parent_id', $LANG27[32]); $topic_templates->set_var('parent_id_options', TOPIC_getTopicListSelect($A['parent_id'], 1, false, $A['tid'], true)); $topic_templates->set_var('lang_inherit', $LANG27[33]); $topic_templates->set_var('lang_inherit_info', $LANG27[34]); if ($A['inherit'] == 1) { $topic_templates->set_var('inherit_checked', 'checked="checked"'); } else { $topic_templates->set_var('inherit_checked', ''); } $topic_templates->set_var('lang_hidden', $LANG27[35]); $topic_templates->set_var('lang_hidden_info', $LANG27[36]); if ($A['hidden'] == 1) { $topic_templates->set_var('hidden_checked', 'checked="checked"'); } else { $topic_templates->set_var('hidden_checked', ''); } $topic_templates->set_var('lang_donotusespaces', $LANG27[5]); $topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']); $ownername = COM_getDisplayName($A['owner_id']); $topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}")); $topic_templates->set_var('owner_name', $ownername); $topic_templates->set_var('owner', $ownername); $topic_templates->set_var('owner_id', $A['owner_id']); $topic_templates->set_var('lang_group', $LANG_ACCESS['group']); $topic_templates->set_var('lang_save', $LANG_ADMIN['save']); $topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']); $topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']); $topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']); $topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']); $topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); // show sort order only if they specified sortnum as the sort method if ($_CONF['sortmethod'] !== 'alpha') { $topic_templates->set_var('lang_sortorder', $LANG27[10]); if ($A['sortnum'] == 0) { $A['sortnum'] = ''; } $topic_templates->set_var('sort_order', '<input type="text" size="5" maxlength="5" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>'); } else { $topic_templates->set_var('lang_sortorder', $LANG27[14]); $topic_templates->set_var('sort_order', $LANG27[15] . '<input type="hidden" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>'); } $topic_templates->set_var('lang_storiesperpage', $LANG27[11]); if ($A['limitnews'] == 0) { $topic_templates->set_var('story_limit', ''); } else { $topic_templates->set_var('story_limit', $A['limitnews']); } $topic_templates->set_var('default_limit', $_CONF['limitnews']); $topic_templates->set_var('lang_defaultis', $LANG27[16]); $topic_templates->set_var('lang_topicname', $LANG27[3]); $topic_templates->set_var('topic_name', htmlspecialchars(stripslashes($A['topic']), ENT_QUOTES, COM_getEncodingt())); if (empty($A['tid'])) { $A['imageurl'] = '/images/topics/'; } $topic_templates->set_var('lang_topicimage', $LANG27[4]); $topic_templates->set_var('lang_uploadimage', $LANG27[27]); $topic_templates->set_var('lang_maxsize', $LANG27[28]); $topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']); $topic_templates->set_var('max_url_length', 255); $topic_templates->set_var('image_url', $A['imageurl']); if (empty($_CONF['image_lib'])) { $scaling = $LANG04[162]; } else { $scaling = $LANG04[161]; } $topic_templates->set_var('icon_max_dimensions', sprintf($LANG04[160], $_CONF['max_topicicon_width'], $_CONF['max_topicicon_height'], $_CONF['max_topicicon_size'], $scaling)); $topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']); $topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']); if (!empty($A['meta_description'])) { $topic_templates->set_var('meta_description', $A['meta_description']); } if (!empty($A['meta_keywords'])) { $topic_templates->set_var('meta_keywords', $A['meta_keywords']); } if ($_CONF['meta_tags'] > 0) { $topic_templates->set_var('hide_meta', ''); } else { $topic_templates->set_var('hide_meta', ' style="display:none;"'); } $topic_templates->set_var('lang_defaulttopic', $LANG27[22]); $topic_templates->set_var('lang_defaulttext', $LANG27[23]); if ($A['is_default'] == 1) { $topic_templates->set_var('default_checked', 'checked="checked"'); } else { $topic_templates->set_var('default_checked', ''); } $topic_templates->set_var('lang_archivetopic', $LANG27[25]); $topic_templates->set_var('lang_archivetext', $LANG27[26]); $topic_templates->set_var('archive_disabled', ''); if ($A['archive_flag'] == 1) { $topic_templates->set_var('archive_checked', 'checked="checked"'); } else { $topic_templates->set_var('archive_checked', ''); // Only 1 topic can be the archive topic - so check if there already is one if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) { $topic_templates->set_var('archive_disabled', 'disabled'); } } if (empty($tid)) { $num_stories = $LANG_ADMIN['na']; } else { $nResult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND ta.tid = '" . DB_escapeString($tid) . "'" . COM_getPermSql('AND')); $N = DB_fetchArray($nResult); $num_stories = COM_numberFormat($N['count']); } $topic_templates->set_var('lang_num_stories', $LANG27[30]); $topic_templates->set_var('num_stories', $num_stories); $topic_templates->set_var('gltoken_name', CSRF_TOKEN); $topic_templates->set_var('gltoken', $token); $topic_templates->parse('output', 'editor'); $retval .= $topic_templates->finish($topic_templates->get_var('output')); $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); return $retval; }
/** * Creates the product edit form. * * Creates the form for editing a product. If a product ID is supplied, * then that product is read and becomes the current product. If not, * then the current product is edited. If an empty product was created, * then a new product is created here. * * @uses PAYPAL_getDocUrl() * @uses PAYPAL_errorMessage() * @uses PAYPAL_recurseCats() * @param integer $id Optional ID, current record used if zero * @return string HTML for edit form */ public function showForm($id = 0) { global $_TABLES, $_CONF, $_PP_CONF, $LANG_PP, $LANG24, $LANG_postmodes, $_SYSTEM; $id = (int) $id; if ($id > 0) { // If an id is passed in, then read that record if (!$this->Read($id)) { return PAYPAL_errorMessage($LANG_PP['invalid_product_id'], 'info'); } } $id = $this->id; $T = new Template(PAYPAL_PI_PATH . '/templates'); if ($_SYSTEM['framework'] == 'uikit') { $T->set_file('product', 'product_form.uikit.thtml'); } else { $T->set_file('product', 'product_form.thtml'); } // Set up the wysiwyg editor, if available switch (PLG_getEditorType()) { case 'ckeditor': $T->set_var('show_htmleditor', true); PLG_requestEditor('paypal', 'paypal_entry', 'ckeditor_paypal.thtml'); PLG_templateSetVars('paypal_entry', $T); break; case 'tinymce': $T->set_var('show_htmleditor', true); PLG_requestEditor('paypal', 'paypal_entry', 'tinymce_paypal.thtml'); PLG_templateSetVars('paypal_entry', $T); break; default: // don't support others right now $T->set_var('show_htmleditor', false); break; } // Add the current product ID to the form if it's an existing product. if ($id > 0) { $T->set_var('id', '<input type="hidden" name="id" value="' . $this->id . '" />'); $retval = COM_startBlock($LANG_PP['edit'] . ': ' . $this->name); } else { $T->set_var('id', ''); $retval = COM_startBlock($LANG_PP['new_product']); } $T->set_var(array('post_options' => $post_options, 'name' => htmlspecialchars($this->name, ENT_QUOTES, COM_getEncodingt()), 'category' => $this->cat_id, 'short_description' => htmlspecialchars($this->short_description, ENT_QUOTES, COM_getEncodingt()), 'description' => htmlspecialchars($this->description, ENT_QUOTES, COM_getEncodingt()), 'price' => sprintf('%.2f', $this->price), 'file' => htmlspecialchars($this->file, ENT_QUOTES, COM_getEncodingt()), 'expiration' => $this->expiration, 'pi_admin_url' => PAYPAL_ADMIN_URL, 'file_selection' => $this->FileSelector(), 'keywords' => htmlspecialchars($this->keywords, ENT_QUOTES, COM_getEncodingt()), 'cat_select' => PAYPAL_recurseCats('PAYPAL_callbackCatOptionList', $this->cat_id), 'currency' => $_PP_CONF['currency'], 'pi_url' => PAYPAL_URL, 'doc_url' => PAYPAL_getDocURL('product_form', $_CONF['language']), 'prod_type' => $this->prod_type, 'weight' => $this->weight, 'feat_chk' => $this->featured == 1 ? 'checked="checked"' : '', 'ena_chk' => $this->enabled == 1 ? 'checked="checked"' : '', 'tax_chk' => $this->taxable == 1 ? 'checked="checked"' : '', 'show_random_chk' => $this->show_random == 1 ? 'checked="checked"' : '', 'show_popular_chk' => $this->show_popular == 1 ? 'checked="checked"' : '', 'ship_sel_' . $this->shipping_type => 'selected="selected"', 'shipping_type' => $this->shipping_type, 'track_onhand' => $this->track_onhand, 'shipping_amt' => sprintf('%.2f', $this->shipping_amt), 'sel_comment_' . $this->comments_enabled => 'selected="selected"', 'rating_chk' => $this->rating_enabled == 1 ? 'checked="checked"' : '', 'trk_onhand_chk' => $this->track_onhand == 1 ? 'checked="checked"' : '', 'onhand' => $this->onhand, "oversell_sel{$this->oversell}" => 'selected="selected"', 'custom' => $this->custom, 'sale_price' => sprintf('%.2f', $this->sale_price), 'sale_beg' => $this->_InputDtFormat($this->sale_beg), 'sale_end' => $this->_InputDtFormat($this->sale_end), 'avail_beg' => $this->avail_beg, 'avail_end' => $this->avail_end)); // Create the button type selections. New products get the default // button selected, existing products get the saved button selected // or "none" if there is no button. $T->set_block('product', 'BtnRow', 'BRow'); $have_chk = false; foreach ($_PP_CONF['buttons'] as $key => $checked) { if ($key == $this->btn_type || $this->isNew && $checked) { $btn_chk = 'checked="checked"'; $have_chk = true; } else { $btn_chk = ''; } $T->set_var(array('btn_type' => $key, 'btn_chk' => $key == $this->btn_type || $this->isNew && $checked ? 'checked="checked"' : '', 'btn_name' => $LANG_PP['buttons'][$key])); $T->parse('BRow', 'BtnRow', true); } // Set the "none" selection if nothing was already selected $T->set_var('none_chk', $have_chk ? '' : 'checked="checked"'); $T->set_block('product', 'ProdTypeRadio', 'ProdType'); foreach ($LANG_PP['prod_types'] as $value => $text) { $T->set_var(array('type_val' => $value, 'type_txt' => $text, 'type_sel' => $this->prod_type == $value ? 'checked="checked"' : '')); $T->parse('ProdType', 'ProdTypeRadio', true); } /*$T->set_block('options', 'OptionRow', 'OptRow'); for ($i = 0; $i < 7; $i++) { $T->set_var(array( 'var' => $i, 'option_num' => $i + 1, 'on0_name' => $this->properties['options']['on0']['name'], 'on0_string' => $this->properties['options']['on0'][$i]['string'], 'on0_value' => $this->properties['options']['on0'][$i]['value'], 'on1_name' => $this->properties['options']['on1']['name'], 'on1_string' => $this->properties['options']['on1'][$i]['string'], 'on1_value' => $this->properties['options']['on1'][$i]['value'], ) ); $T->parse('OptRow', 'OptionRow', true); }*/ if (!$this->isUsed()) { $T->set_var('candelete', 'true'); } // Set up the photo fields. Use $photocount defined above. // If there are photos, read the $photo result. Otherwise, // or if this is a new ad, just clear the photo area $T->set_block('product', 'PhotoRow', 'PRow'); $i = 0; // Get the existing photos. Will only have photos with an // existing product entry. $photocount = 0; if ($this->id != NULL) { $sql = "SELECT img_id, filename \n FROM {$_TABLES['paypal.images']} \n WHERE product_id='" . $this->id . "'"; $photo = DB_query($sql); // save the count of photos for later use if ($photo) { $photocount = DB_numRows($photo); } // While we're checking the ID, set it as a hidden value // for updating this record $T->set_var('product_id', $this->id); } else { $T->set_var('product_id', ''); } // If there are any images, retrieve and display the thumbnails. if ($photocount > 0) { while ($prow = DB_fetchArray($photo)) { $i++; $T->set_var('img_url', PAYPAL_URL . "/images/products/{$prow['filename']}"); $T->set_var('thumb_url', PAYPAL_ImageUrl($prow['filename'])); $T->set_var('seq_no', $i); $T->set_var('del_img_url', PAYPAL_ADMIN_URL . '/index.php' . '?delete_img=x' . '&img_id=' . $prow['img_id'] . '&id=' . $this->id); $T->parse('PRow', 'PhotoRow', true); } } else { $T->parse('PRow', ''); } // add upload fields for unused images $T->set_block('product', 'UploadFld', 'UFLD'); for ($j = $i; $j < $_PP_CONF['max_images']; $j++) { $T->parse('UFLD', 'UploadFld', true); } $i = 0; foreach ($this->qty_discounts as $qty => $amt) { $T->set_var(array('disc_qty' . $i => $qty, 'disc_amt' . $i => $amt)); $i++; } /*$sql = "SELECT cat_id, cat_name FROM {$_TABLES['paypal.categories']} WHERE enabled=1 AND parent_id=0"; $res = DB_query($sql);*/ /*$str = ''; while ($A = DB_fetchArray($res, false)) { $str .= "<div><b>{$A['cat_name']}</b><br/> <ul>" . PAYPAL_recurseCats('prodform_catoption', 0, $A['cat_id'], '', '', '', 0, 0, array('<ol>', '</ol>')) . "</ul></div>"; } $T->set_var('catselect', $str);*/ $retval .= $T->parse('output', 'product'); /*@setcookie($_CONF['cookie_name'].'fckeditor', SEC_createTokenGeneral('advancededitor'), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']); */ $retval .= COM_endBlock(); return $retval; }
/** * Returns text ready for display. * * @param string $text Text to prepare for display * @param string $postmode Indicates if text is html, adveditor, wikitext or plaintext * @param int $version version of GLText engine * @return string Escaped String * @access public * */ public static function getDisplayText($text, $postmode, $version) { if ($version == GLTEXT_FIRST_VERSION) { // first version if ($postmode == 'plaintext') { $text = COM_nl2br($text); } if ($postmode == 'wikitext') { $text = self::_editUnescape($text, $postmode); $text = self::renderWikiText($text); } } else { // latest version if ($postmode == 'html' || $postmode == 'adveditor') { // Get rid of any newline characters $text = str_replace("\n", '', $text); $text = self::_handleSpecialTag_callback($text, array('[code]', '[/code]', '<pre><code>', '</code></pre>'), '_escapeSPChars'); $text = self::_handleSpecialTag_callback($text, array('[raw]', '[/raw]', '<!--raw--><span class="raw">', '</span><!--/raw-->'), '_escapeSPChars'); } if ($postmode == 'plaintext') { $text = htmlspecialchars($text, ENT_QUOTES, COM_getEncodingt()); $text = COM_makeClickableLinks($text); $text = COM_nl2br($text); } if ($postmode == 'wikitext') { $text = self::_editUnescape($text, $postmode); $text = self::renderWikiText($text); // $text = self::_htmLawed($text, 'story.edit'); } $text = COM_checkWords($text); } $text = PLG_replaceTags(self::_displayEscape($text)); return $text; }
function USER_userinfoPanel($U, $newuser = 0) { global $_CONF, $_SYSTEM, $_TABLES, $_USER, $LANG_MYACCOUNT, $LANG04; $uid = $U['uid']; // set template $userform = new Template($_CONF['path_layout'] . 'admin/user/'); $userform->set_file('user', 'userinfopanel.thtml'); $userform->set_var(array('lang_personal_info_legend' => $LANG04[130], 'lang_userinfo_help_title' => $LANG04[148], 'lang_userinfo_help' => $LANG04[149], 'lang_homepage' => $LANG04[6], 'lang_location' => $LANG04[106], 'lang_signature' => $LANG04[32], 'lang_about' => $LANG04[7], 'lang_pgpkey' => $LANG04[8], 'lang_social_follow' => $LANG04[198], 'lang_social_info' => $LANG04[199], 'lang_social_service' => $LANG04[200], 'lang_social_username' => $LANG04[201])); $follow_me = SOC_followMeProfile($uid); if (is_array($follow_me) && count($follow_me) > 0) { $userform->set_block('user', 'social_links', 'sl'); $userform->set_var('social_followme_enabled', true); foreach ($follow_me as $service) { $userform->set_var('service_display_name', $service['service_display_name']); $userform->set_var('service', $service['service']); $userform->set_var('service_username', $service['service_username']); $userform->parse('sl', 'social_links', true); } } else { $userform->unset_var('social_followme_enabled'); } if ($_CONF['allow_user_photo'] == 1) { $userform->set_var('lang_userphoto', $LANG04[77]); } $userform->set_var('homepage_value', @htmlspecialchars(COM_killJS($U['homepage']), ENT_NOQUOTES, COM_getEncodingt())); $userform->set_var('location_value', @htmlspecialchars(strip_tags($U['location']), ENT_NOQUOTES, COM_getEncodingt())); $userform->set_var('signature_value', @htmlspecialchars($U['sig'], ENT_NOQUOTES, COM_getEncodingt())); $userform->set_var('about_value', @htmlspecialchars($U['about'], ENT_NOQUOTES, COM_getEncodingt())); $userform->set_var('pgpkey_value', @htmlspecialchars($U['pgpkey'], ENT_NOQUOTES, COM_getEncodingt())); if ($_CONF['allow_user_photo'] == 1) { if (!empty($uid) && $uid > 1) { $photo = USER_getPhoto($uid, $U['photo'], $U['email'], -1); if (empty($photo)) { $userform->set_var('display_photo', ''); } else { if (empty($U['photo'])) { // external avatar $photo = '<br/>' . $photo; } else { // uploaded photo - add delete option $photo = '<br/>' . $photo . '<br/>' . $LANG04[79] . ' <input type="checkbox" name="delete_photo"/>' . LB; } $userform->set_var('display_photo', $photo); } } else { $userform->set_var('display_photo', ''); } } if (!empty($uid) && $uid > 1) { $userform->set_var('plugin_userinfo_personalinfo', PLG_profileEdit($uid, 'userinfo', 'personalinfo')); $userform->set_var('plugin_userinfo', PLG_profileEdit($uid, 'userinfo')); if ($_CONF['custom_registration'] && function_exists('CUSTOM_userEdit')) { $userform->set_var('customfields', CUSTOM_userEdit($uid)); } } $retval = $userform->finish($userform->parse('output', 'user')); return $retval; }