Beispiel #1
0
function FF_postEditor($postData, $forumData, $action, $viewMode)
{
    global $_CONF, $_TABLES, $_FF_CONF, $FF_userprefs, $_USER, $LANG_GF01, $LANG_GF02, $LANG_GF10, $REMOTE_ADDR;
    $retval = '';
    $editmoderator = false;
    $numAttachments = 0;
    $edit_val = '';
    $sticky_val = '';
    $locked_val = '';
    if (COM_isAnonUser()) {
        $uid = 1;
    } else {
        $uid = $_USER['uid'];
    }
    // initialize defaults
    if ($_FF_CONF['bbcode_disabled']) {
        $disable_bbcode_val = ' checked="checked"';
    } else {
        $disable_bbcode_val = '';
    }
    if ($_FF_CONF['smilies_disabled']) {
        $disable_smilies_val = ' checked="checked"';
    } else {
        $disable_smilies_val = '';
    }
    if ($_FF_CONF['urlparse_disabled']) {
        $disable_urlparse_val = ' checked="checked"';
    } else {
        $disable_urlparse_val = '';
    }
    // check postmode
    if (isset($postData['postmode'])) {
        // this means we are editing or previewing (or both)
        if (isset($postData['postmode_switch'])) {
            // means they selected a switch
            $chkpostmode = _ff_chkpostmode($postData['postmode'], $postData['postmode_switch']);
            if ($chkpostmode != $postData['postmode']) {
                $postData['postmode'] = $chkpostmode;
                $postData['postmode_switch'] = 0;
            }
        }
    } else {
        if ($_FF_CONF['post_htmlmode'] && $_FF_CONF['allow_html']) {
            $postData['postmode'] = 'html';
        } else {
            $postData['postmode'] = 'text';
        }
    }
    // verify postmode is allowed
    if ($postData['postmode'] == 'html' || $postData['postmode'] == 'HTML') {
        if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
            $postData['postmode'] = 'html';
        } else {
            $postData['postmode'] = 'text';
        }
    }
    $postData['postmode_switch'] = 0;
    // action specific setup
    if ($action == 'edittopic' || $viewMode) {
        // need to see what options were checked...
        $status = 0;
        // get our options...
        if (isset($postData['disable_bbcode']) && $postData['disable_bbcode'] == 1) {
            $disable_bbcode_val = ' checked="checked"';
            $status += DISABLE_BBCODE;
        } else {
            $disable_bbcode_val = '';
        }
        if (isset($postData['disable_smilies']) && $postData['disable_smilies'] == 1) {
            $disable_smilies_val = ' checked="checked"';
            $status += DISABLE_SMILIES;
        } else {
            $disable_smilies_val = '';
        }
        if (isset($postData['disable_urlparse']) && $postData['disable_urlparse'] == 1) {
            $disable_urlparse_val = ' checked="checked"';
            $status += DISABLE_URLPARSE;
        } else {
            $disable_urlparse_val = '';
        }
    }
    // create our template
    $peTemplate = new Template($_CONF['path'] . 'plugins/forum/templates/');
    $peTemplate->set_file('posteditor', 'posteditor.thtml');
    if ($postData['postmode'] == 'html') {
        $peTemplate->set_var('html_mode', true);
    } else {
        $peTemplate->unset_var('html_mode');
    }
    if ($viewMode == PREVIEW_VIEW) {
        $peTemplate->set_var('preview_post', FF_previewPost($postData, $action));
    }
    $uniqueid = isset($postData['uniqueid']) ? COM_applyFilter($postData['uniqueid'], true) : mt_rand();
    $peTemplate->set_var('uniqueid', $uniqueid);
    if (SEC_inGroup($postData['use_attachment_grpid']) && $_FF_CONF['maxattachments'] > 0) {
        $peTemplate->set_var('use_attachments', true);
    }
    if ($action == 'newtopic') {
        $peTemplate->set_var('save_button', 'savetopic');
        $postmessage = $LANG_GF02['PostTopic'];
        $peTemplate->set_var('hidden_action', 'newtopic');
    }
    if ($action == 'edittopic') {
        $peTemplate->set_var('save_button', 'saveedit');
        if (isset($postData['forum']) && forum_modPermission($postData['forum'], $_USER['uid'], 'mod_edit')) {
            $editmoderator = true;
            $peTemplate->set_var('hidden_modedit', '1');
        } else {
            $peTemplate->set_var('hidden_modedit', '0');
            $editmoderator = false;
        }
        $postmessage = $LANG_GF02['EditTopic'];
        $peTemplate->set_var('hidden_action', 'edittopic');
        $peTemplate->set_var('hidden_editpost', 'yes');
        if ($editmoderator) {
            $username = $postData['name'];
        } elseif ($postData['uid'] > 1) {
            $username = COM_getDisplayName($postData['uid']);
        }
        $postData['comment'] = str_ireplace('</textarea>', '&lt;/textarea&gt;', $postData['comment']);
        if (isset($postData['pid'])) {
            $peTemplate->set_var('hidden_editpid', $postData['pid']);
        }
        $peTemplate->set_var('hidden_editid', $postData['id']);
        $edit_prompt = $LANG_GF02['msg190'] . '<br/><input type="checkbox" name="silentedit" ';
        if (isset($postData['silentedit']) && $postData['silentedit'] == 1 or !isset($postData['modedit']) and $_FF_CONF['silent_edit_default']) {
            $edit_prompt .= 'checked="checked" ';
            $edit_val = ' checked="checked" ';
        } else {
            $edit_val = '';
        }
        $edit_prompt .= 'value="1"/>';
        $peTemplate->set_var('attachments', '<div id="fileattachlist">' . _ff_showattachments($postData['id'], 'edit') . '</div>');
        $numAttachments = DB_Count($_TABLES['ff_attachments'], 'topic_id', $postData['id']);
        $allowedAttachments = $_FF_CONF['maxattachments'] - $numAttachments;
        $peTemplate->set_var('fcounter', $allowedAttachments);
    } else {
        $numAttachments = (int) DB_Count($_TABLES['ff_attachments'], 'topic_id', $uniqueid);
        $allowedAttachments = $_FF_CONF['maxattachments'] - $numAttachments;
        $peTemplate->set_var('fcounter', $allowedAttachments);
        $peTemplate->set_var('attachments', '');
        if ($uniqueid > 0) {
            $peTemplate->set_var('attachments', '<div id="fileattachlist">' . _ff_showattachments($uniqueid, 'edit') . '</div>');
        }
        $edit_prompt = '&nbsp;';
    }
    if ($action == 'newreply') {
        $peTemplate->set_var('save_button', 'savereply');
        $postmessage = $LANG_GF02['PostReply'];
        $peTemplate->set_var('hidden_action', 'newreply');
        if (!$viewMode) {
            $postData['subject'] = $LANG_GF01['RE'] . $postData['subject'];
        }
        $quoteid = isset($_GET['quoteid']) ? COM_applyFilter($_GET['quoteid'], true) : 0;
        $postData['mood'] = '';
        if ($quoteid > 0 && !$viewMode) {
            $quotesql = DB_query("SELECT * FROM {$_TABLES['ff_topic']} WHERE id=" . (int) $quoteid);
            $quotearray = DB_fetchArray($quotesql);
            $quotearray['name'] = urldecode($quotearray['name']);
            $quotearray['comment'] = $quotearray['comment'];
            $postData['comment'] = sprintf($_FF_CONF['quoteformat'], $quotearray['name'], $quotearray['comment']);
        }
        $postData['editpid'] = $postData['id'];
    }
    if ($_FF_CONF['use_sfs']) {
        $peTemplate->set_var('usesfs', 1);
    }
    if (COM_isAnonUser()) {
        if (!$_FF_CONF['use_sfs']) {
            $postData['email'] = '';
        }
        $peTemplate->set_var('anonymous_user', true);
        $peTemplate->set_var('post_message', $postmessage);
        $peTemplate->set_var('LANG_NAME', $LANG_GF02['msg33']);
        $peTemplate->set_var('name', htmlentities(strip_tags(COM_checkWords(trim(USER_sanitizeName(isset($postData['name']) ? $postData['name'] : ''))))), ENT_COMPAT, COM_getEncodingt());
        if (isset($postData['email'])) {
            $peTemplate->set_var('email', strip_tags($postData['email']));
        }
    } else {
        $peTemplate->set_var('member_user', true);
        $peTemplate->set_var('post_message', $postmessage);
        $peTemplate->set_var('LANG_NAME', $LANG_GF02['msg33']);
        if (!isset($username) or $username == '') {
            if ($action == 'edittopic') {
                if ($editmoderator) {
                    $username = $postData['name'];
                } else {
                    $username = COM_getDisplayName($_USER['uid']);
                }
            } else {
                $username = COM_getDisplayName($_USER['uid']);
            }
        }
        $peTemplate->set_var('username', $username);
        $peTemplate->set_var('xusername', urlencode($username));
    }
    $moodoptions = '';
    if ($_FF_CONF['show_moods']) {
        if (isset($postData['mood']) && $postData['mood'] != '') {
            $postData['mood'] = COM_applyFilter($postData['mood']);
        }
        if (!isset($postData['mood']) || $postData['mood'] == '') {
            $moodoptions = '<option value="" selected="selected">' . $LANG_GF01['NOMOOD'] . '</option>';
        }
        if ($dir = @opendir($_CONF['path_html'] . '/forum/images/moods')) {
            while (($file = readdir($dir)) !== false) {
                if (strlen($file) > 3 && substr(strtolower(trim($file)), -4, 4) == '.gif') {
                    $file = str_replace(array('.gif', '.jpg'), array('', ''), $file);
                    if (isset($postData['mood']) && $file == $postData['mood']) {
                        $moodoptions .= "<option selected=\"selected\">" . $file . "</option>";
                    } else {
                        $moodoptions .= "<option>" . $file . "</option>";
                    }
                } else {
                    $moodoptions .= '';
                }
            }
            closedir($dir);
        }
        $peTemplate->set_var('LANG_MOOD', $LANG_GF02['msg36']);
        $peTemplate->set_var('moodoptions', $moodoptions);
    }
    $sub_dot = '...';
    $sub_none = '';
    $postData['subject'] = str_replace($sub_dot, $sub_none, $postData['subject']);
    if ($_FF_CONF['allow_smilies']) {
        $peTemplate->set_var('smiley_enabled', true);
    }
    if ($_FF_CONF['allow_img_bbcode']) {
        $peTemplate->set_var('allow_img_bbcode', true);
    }
    // if this is the first time showing the new submission form - then check if notify option should be on
    if (!$viewMode) {
        if (isset($postData['editpid']) && $postData['editpid'] > 0) {
            $notifyTopicid = $postData['editpid'];
        } else {
            $notifyTopicid = $postData['id'];
        }
        if (!isset($postData['forum'])) {
            $postData['forum'] = '';
        }
        if (DB_getItem($_TABLES['ff_userprefs'], 'alwaysnotify', "uid=" . (int) $uid) == 1 or FF_isSubscribed($postData['forum'], $notifyTopicid, $uid)) {
            $postData['notify'] = 'on';
            // check and see if user has un-subscribed to this topic
            $nid = -$notifyTopicid;
            if ($notifyTopicid > 0 and DB_getItem($_TABLES['subscriptions'], 'id', "type='forum' AND category=" . (int) $postData['forum'] . " AND id={$nid} AND uid={$uid}") > 1) {
                $postData['notify'] = '';
            }
        } else {
            $postData['notify'] = '';
        }
    }
    if ($editmoderator) {
        if (isset($postData['notify']) && $postData['notify'] == 'on' or isset($postData['notify']) && $postData['notify'] == 'on') {
            $notify_val = 'checked="checked"';
        } else {
            $notify_val = '';
        }
        $notify_prompt = $LANG_GF02['msg38'] . '<br/><input type="checkbox" name="notify" value="on" ' . $notify_val . '/>';
        // check that this is the parent topic - only able to make it skicky or locked
        if (!isset($postData['pid']) || $postData['pid'] == 0) {
            if (!isset($locked_val) and !isset($sticky_val) and $action == 'edittopic') {
                if (!isset($postData['locked_switch']) and isset($postData['locked']) && $postData['locked'] == 1 or isset($postData['locked_switch']) && $postData['locked_switch'] == 1) {
                    $locked_val = 'checked="checked"';
                } else {
                    $locked_val = '';
                }
                if (!isset($postData['sticky_switch']) and isset($postData['sticky']) && $postData['sticky'] == 1 or isset($postData['sticky_switch']) && $postData['sticky_switch'] == 1) {
                    $sticky_val = 'checked="checked"';
                } else {
                    $sticky_val = '';
                }
            }
            $locked_prompt = $LANG_GF02['msg109'] . '<br/><input type="checkbox" name="locked_switch" ' . $locked_val . ' value="1"/>';
            $sticky_prompt = $LANG_GF02['msg61'] . '<br/><input type="checkbox" name="sticky_switch" ' . $sticky_val . ' value="1"/>';
        } else {
            $locked_prompt = '';
            $sticky_prompt = '';
        }
    } else {
        if ($uid > 1) {
            if (isset($postData['notify']) && $postData['notify'] == 'on') {
                $notify_val = 'checked="checked"';
            } else {
                $notify_val = '';
            }
            $notify_prompt = $LANG_GF02['msg38'] . '<br/><input type="checkbox" name="notify" ' . $notify_val . '/>';
            $locked_prompt = '';
        } else {
            $notify_prompt = '';
            $locked_prompt = '';
        }
    }
    if ($postData['postmode'] == 'html' || $postData['postmode'] == 'HTML') {
        $postmode_msg = $LANG_GF01['TEXTMODE'];
        $postData['postmode'] = 'html';
    } else {
        $peTemplate->unset_var('show_htmleditor');
        $postmode_msg = $LANG_GF01['HTMLMODE'];
    }
    if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
        if ($action == 'edittopic') {
            $mode_prompt = $postmode_msg . '<br/><input type="checkbox" name="postmode_switch" value="1"/><input type="hidden" name="postmode" value="' . $postData['postmode'] . '"/>';
        }
    }
    if ($action == 'edittopic') {
        $peTemplate->set_var('bbcodeeditor', true);
    }
    $postData['subject'] = str_replace('"', '&quot;', $postData['subject']);
    if (!$_FF_CONF['allow_smilies']) {
        $smilies = '';
    } else {
        $smilies = forumPLG_showsmilies(0);
    }
    $disable_bbcode_prompt = $LANG_GF01['disable_bbcode'] . '&nbsp;<input type="checkbox" name="disable_bbcode" value="1" ' . $disable_bbcode_val . '/>';
    if ($_FF_CONF['allow_smilies']) {
        $disable_smilies_prompt = $LANG_GF01['disable_smilies'] . '&nbsp;<input type="checkbox" name="disable_smilies" value="1"' . $disable_smilies_val . ' />';
    } else {
        $disable_smilies_prompt = '';
    }
    $disable_urlparse_prompt = $LANG_GF01['disable_urlparse'] . '&nbsp;<input type="checkbox" name="disable_urlparse" value="1"' . $disable_urlparse_val . ' />';
    $peTemplate->set_var('comment', @htmlspecialchars($postData['comment'], ENT_QUOTES, COM_getEncodingt()));
    $peTemplate->set_var(array('edit_val' => $edit_val, 'sticky_val' => $sticky_val, 'postmode_msg' => $postmode_msg, 'notify_val' => $notify_val, 'disable_bbcode_val' => $disable_bbcode_val, 'disable_smilies_val' => $disable_smilies_val, 'disable_urlparse_val' => $disable_urlparse_val, 'bbcode_prompt' => $disable_bbcode_prompt, 'smilies_prompt' => $disable_smilies_prompt, 'urlparse_prompt' => $disable_urlparse_prompt, 'LANG_SUBJECT' => $LANG_GF01['SUBJECT'], 'LANG_OPTIONS' => $LANG_GF01['OPTIONS'], 'mode_prompt' => isset($mode_prompt) ? $mode_prompt : '', 'notify_prompt' => $notify_prompt, 'locked_prompt' => $locked_prompt, 'sticky_prompt' => isset($sticky_prompt) ? $sticky_prompt : '', 'edit_prompt' => $edit_prompt, 'LANG_SUBMIT' => $LANG_GF01['SUBMIT'], 'LANG_PREVIEW' => $LANG_GF01['PREVIEW'], 'subject' => $postData['subject'], 'smilies' => $smilies, 'LANG_attachments' => $LANG_GF10['attachments'], 'LANG_maxattachments' => sprintf($LANG_GF10['maxattachments'], $_FF_CONF['maxattachments']), 'postmode' => $postData['postmode']));
    // Check and see if the filemgmt plugin is installed and enabled
    if (function_exists('filemgmt_buildAccessSql') && $_FF_CONF['enable_fm_integration'] == 1) {
        $peTemplate->set_var('filemgmt_category_options', gf_makeFilemgmtCatSelect($uid));
        $peTemplate->set_var('LANG_usefilemgmt', $LANG_GF10['usefilemgmt']);
        $peTemplate->set_var('LANG_description', $LANG_GF10['description']);
        $peTemplate->set_var('LANG_category', $LANG_GF10['category']);
    } else {
        $peTemplate->set_var('show_filemgmt_option', 'none');
    }
    if (COM_isAnonUser()) {
        $peTemplate->set_var('hide_notify', 'none');
    }
    if (function_exists('plugin_templatesetvars_captcha')) {
        plugin_templatesetvars_captcha('forum', $peTemplate);
    } else {
        $peTemplate->set_var('captcha', '');
    }
    if ($postData['id'] > 0) {
        $peTemplate->set_var('topic_id', $postData['id']);
    }
    $peTemplate->set_var(array('navbreadcrumbsimg' => _ff_getImage('nav_breadcrumbs'), 'navtopicimg' => _ff_getImage('nav_topic'), 'form_action' => $_CONF['site_url'] . '/forum/createtopic.php', 'referer' => $forumData['referer'], 'forum_id' => $forumData['forum'], 'cat_name' => $postData['cat_name'], 'cat_id' => $forumData['forum_cat'], 'forum_name' => $postData['forum_name'], 'subject' => @htmlspecialchars($postData['subject'], ENT_QUOTES, COM_getEncodingt()), 'LANG_HOME' => $LANG_GF01['HOMEPAGE'], 'forum_home' => $LANG_GF01['INDEXPAGE'], 'hidden_id' => $postData['id'], 'page' => $forumData['page'], 'LANG_bhelp' => $LANG_GF01['b_help'], 'LANG_ihelp' => $LANG_GF01['i_help'], 'LANG_uhelp' => $LANG_GF01['u_help'], 'LANG_qhelp' => $LANG_GF01['q_help'], 'LANG_chelp' => $LANG_GF01['c_help'], 'LANG_lhelp' => $LANG_GF01['l_help'], 'LANG_ohelp' => $LANG_GF01['o_help'], 'LANG_phelp' => $LANG_GF01['p_help'], 'LANG_whelp' => $LANG_GF01['w_help'], 'LANG_ahelp' => $LANG_GF01['a_help'], 'LANG_shelp' => $LANG_GF01['s_help'], 'LANG_fhelp' => $LANG_GF01['f_help'], 'LANG_hhelp' => $LANG_GF01['h_help'], 'LANG_thelp' => $LANG_GF01['t_help'], 'LANG_ehelp' => $LANG_GF01['e_help'], 'LANG_code' => $LANG_GF01['CODE'], 'LANG_fontcolor' => $LANG_GF01['FONTCOLOR'], 'LANG_fontsize' => $LANG_GF01['FONTSIZE'], 'LANG_closetags' => $LANG_GF01['CLOSETAGS'], 'LANG_codetip' => $LANG_GF01['CODETIP'], 'LANG_tiny' => $LANG_GF01['TINY'], 'LANG_small' => $LANG_GF01['SMALL'], 'LANG_normal' => $LANG_GF01['NORMAL'], 'LANG_large' => $LANG_GF01['LARGE'], 'LANG_huge' => $LANG_GF01['HUGE'], 'LANG_default' => $LANG_GF01['DEFAULT'], 'LANG_dkred' => $LANG_GF01['DKRED'], 'LANG_red' => $LANG_GF01['RED'], 'LANG_orange' => $LANG_GF01['ORANGE'], 'LANG_brown' => $LANG_GF01['BROWN'], 'LANG_yellow' => $LANG_GF01['YELLOW'], 'LANG_green' => $LANG_GF01['GREEN'], 'LANG_olive' => $LANG_GF01['OLIVE'], 'LANG_cyan' => $LANG_GF01['CYAN'], 'LANG_blue' => $LANG_GF01['BLUE'], 'LANG_dkblue' => $LANG_GF01['DKBLUE'], 'LANG_indigo' => $LANG_GF01['INDIGO'], 'LANG_violet' => $LANG_GF01['VIOLET'], 'LANG_white' => $LANG_GF01['WHITE'], 'LANG_black' => $LANG_GF01['BLACK']));
    $peTemplate->set_var('token_name', CSRF_TOKEN);
    $peTemplate->set_var('token', SEC_createToken());
    $peTemplate->set_var('postmode', $postData['postmode']);
    $peTemplate->unset_var('show_htmleditor');
    if ($_FF_CONF['use_wysiwyg_editor'] && $postData['postmode'] == 'html') {
        // hook into wysiwyg here
        switch (PLG_getEditorType()) {
            case 'ckeditor':
                $peTemplate->set_var('show_htmleditor', true);
                PLG_requestEditor('forum', 'forum_entry', 'ckeditor_forum.thtml');
                PLG_templateSetVars('forum_entry', $peTemplate);
                break;
            case 'tinymce':
                $peTemplate->set_var('show_htmleditor', true);
                PLG_requestEditor('forum', 'forum_entry', 'tinymce_forum.thtml');
                PLG_templateSetVars('forum_entry', $peTemplate);
                break;
            default:
                // don't support others right now
                break;
        }
    }
    $peTemplate->parse('output', 'posteditor');
    $retval .= $peTemplate->finish($peTemplate->get_var('output'));
    $urlfor = 'advancededitor';
    if ($uid == 1) {
        $urlfor = 'advancededitor' . md5($REMOTE_ADDR);
    }
    SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral($urlfor), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
    if (!isset($_POST['editpost'])) {
        $_POST['editpost'] = '';
    }
    if ($action != 'newtopic' && $_POST['editpost'] != 'yes' && ($action == 'newreply' || $viewMode)) {
        if ($FF_userprefs['showiframe']) {
            $retval .= "<iframe src=\"{$_CONF['site_url']}/forum/viewtopic.php?mode=preview&amp;showtopic=" . $postData['id'] . "&amp;onlytopic=1&amp;lastpost=true\" height=\"300\" width=\"100%\"></iframe>";
        }
    }
    return $retval;
}
Beispiel #2
0
/**
* Shows the user registration form
*
* @param    int     $msg        message number to show
* @param    string  $referrer   page to send user to after registration
* @return   string  HTML for user registration page
*/
function newuserform($msg = '')
{
    global $_CONF, $LANG01, $LANG04;
    $retval = '';
    if ($_CONF['disable_new_user_registration']) {
        COM_setMsg($LANG04[122], 'error');
        echo COM_refresh($_CONF['site_url']);
    }
    if ($_CONF['custom_registration'] and function_exists('CUSTOM_userForm')) {
        return CUSTOM_userForm($msg);
    }
    if (!empty($msg)) {
        $retval .= COM_showMessageText($msg, $LANG04[21], false, 'info');
    }
    $user_templates = new Template($_CONF['path_layout'] . 'users');
    $user_templates->set_file('regform', 'registrationform.thtml');
    $user_templates->set_var('start_block', COM_startBlock($LANG04[22]));
    $user_templates->set_var('lang_instructions', $LANG04[23]);
    $user_templates->set_var('lang_username', $LANG04[2]);
    $user_templates->set_var('lang_fullname', $LANG04[3]);
    $user_templates->set_var('lang_email', $LANG04[5]);
    $user_templates->set_var('lang_email_conf', $LANG04[124]);
    if ($_CONF['registration_type'] == 1) {
        // verification link
        $user_templates->set_var('lang_passwd', $LANG01[57]);
        $user_templates->set_var('lang_passwd_conf', $LANG04[176]);
        $user_templates->set_var('lang_warning', $LANG04[167]);
    } else {
        $user_templates->set_var('lang_warning', $LANG04[24]);
    }
    $user_templates->set_var('lang_register', $LANG04[27]);
    PLG_templateSetVars('registration', $user_templates);
    $user_templates->set_var('end_block', COM_endBlock());
    $username = '';
    if (!empty($_POST['username'])) {
        $username = trim($_POST['username']);
    }
    $user_templates->set_var('username', @htmlentities($username, ENT_COMPAT, COM_getEncodingt()));
    $fullname = '';
    if (!empty($_POST['fullname'])) {
        $fullname = $_POST['fullname'];
    }
    $fullname = USER_sanitizeName($fullname);
    $user_templates->set_var('fullname', @htmlentities($fullname, ENT_COMPAT, COM_getEncodingt()));
    switch ($_CONF['user_reg_fullname']) {
        case 2:
            $user_templates->set_var('require_fullname', 'true');
        case 1:
            $user_templates->set_var('show_fullname', 'true');
    }
    $email = '';
    if (!empty($_POST['email'])) {
        $email = COM_applyFilter($_POST['email']);
    }
    $user_templates->set_var('email', $email);
    $email_conf = '';
    if (!empty($_POST['email_conf'])) {
        $email_conf = COM_applyFilter($_POST['email_conf']);
    }
    $user_templates->set_var('email_conf', $email_conf);
    $user_templates->parse('output', 'regform');
    $retval .= $user_templates->finish($user_templates->get_var('output'));
    return $retval;
}
Beispiel #3
0
 /**
  * Shows search form
  *
  * Shows advanced search page
  *
  * @author Tony Bibbs, tony AT geeklog DOT net
  * @return string HTML output for form
  *
  */
 public function showForm()
 {
     global $_CONF, $_TABLES, $LANG09;
     $retval = '';
     // Verify current user my use the search form
     if (!$this->_isFormAllowed()) {
         return SEC_loginRequiredForm();
     }
     $retval .= COM_startBlock($LANG09[1], 'advancedsearch.html');
     $searchform = COM_newTemplate($_CONF['path_layout'] . 'search');
     $searchform->set_file(array('searchform' => 'searchform.thtml', 'authors' => 'searchauthors.thtml'));
     $searchform->set_var('search_intro', $LANG09[19]);
     $searchform->set_var('lang_keywords', $LANG09[2]);
     $searchform->set_var('lang_keytype', $LANG09[36]);
     $searchform->set_var('lang_date', $LANG09[20]);
     $searchform->set_var('lang_to', $LANG09[21]);
     $searchform->set_var('date_format', $LANG09[22]);
     $searchform->set_var('lang_topic', $LANG09[3]);
     $searchform->set_var('lang_all', $LANG09[4]);
     $searchform->set_var('topic_option_list', TOPIC_getTopicListSelect($this->_topic, 2, true));
     $searchform->set_var('lang_type', $LANG09[5]);
     $searchform->set_var('lang_results', $LANG09[59]);
     $searchform->set_var('lang_per_page', $LANG09[60]);
     $searchform->set_var('lang_exact_phrase', $LANG09[43]);
     $searchform->set_var('lang_all_words', $LANG09[44]);
     $searchform->set_var('lang_any_word', $LANG09[45]);
     $searchform->set_var('lang_titles', $LANG09[69]);
     $escquery = htmlspecialchars($this->_query);
     $escquery = str_replace(array('{', '}'), array('&#123;', '&#125;'), $escquery);
     $searchform->set_var('query', $escquery);
     $searchform->set_var('datestart', $this->_dateStart);
     $searchform->set_var('dateend', $this->_dateEnd);
     if ($this->_titlesOnly) {
         $searchform->set_var('title_checked', ' checked="checked"');
     } else {
         $searchform->set_var('title_checked', '');
     }
     $phrase_selected = '';
     $all_selected = '';
     $any_selected = '';
     if ($this->_keyType == 'phrase') {
         $phrase_selected = 'selected="selected"';
     } else {
         if ($this->_keyType == 'all') {
             $all_selected = 'selected="selected"';
         } else {
             if ($this->_keyType == 'any') {
                 $any_selected = 'selected="selected"';
             }
         }
     }
     $searchform->set_var('key_phrase_selected', $phrase_selected);
     $searchform->set_var('key_all_selected', $all_selected);
     $searchform->set_var('key_any_selected', $any_selected);
     $options = '';
     $plugintypes = array('all' => $LANG09[4], 'stories' => $LANG09[6], 'comments' => $LANG09[7]);
     $plugintypes = array_merge($plugintypes, PLG_getSearchTypes());
     // Generally I don't like to hardcode HTML but this seems easiest
     foreach ($plugintypes as $key => $val) {
         $options .= "<option value=\"{$key}\"";
         if ($this->_type == $key) {
             $options .= ' selected="selected"';
         }
         $options .= ">{$val}</option>" . LB;
     }
     $searchform->set_var('plugin_types', $options);
     if ($_CONF['contributedbyline'] == 1) {
         $searchform->set_var('lang_authors', $LANG09[8]);
         $searchusers = array();
         $result = DB_query("SELECT DISTINCT uid FROM {$_TABLES['comments']}");
         while ($A = DB_fetchArray($result)) {
             $searchusers[$A['uid']] = $A['uid'];
         }
         $result = DB_query("SELECT DISTINCT uid FROM {$_TABLES['stories']} WHERE (date <= NOW()) AND (draft_flag = 0)");
         while ($A = DB_fetchArray($result)) {
             $searchusers[$A['uid']] = $A['uid'];
         }
         $inlist = implode(',', $searchusers);
         if (!empty($inlist)) {
             $sql = "SELECT uid,username,fullname FROM {$_TABLES['users']} WHERE uid IN ({$inlist})";
             if (isset($_CONF['show_fullname']) && $_CONF['show_fullname'] == 1) {
                 /* Caveat: This will group all users with an emtpy fullname
                  *         together, so it's not exactly sorted by their
                  *         full name ...
                  */
                 $sql .= ' ORDER BY fullname,username';
             } else {
                 $sql .= ' ORDER BY username';
             }
             $result = DB_query($sql);
             $options = '';
             while ($A = DB_fetchArray($result)) {
                 $options .= '<option value="' . $A['uid'] . '"';
                 if ($A['uid'] == $this->_author) {
                     $options .= ' selected="selected"';
                 }
                 $options .= '>' . htmlspecialchars(COM_getDisplayName('', $A['username'], $A['fullname'])) . '</option>';
             }
             $searchform->set_var('author_option_list', $options);
             $searchform->parse('author_form_element', 'authors', true);
         } else {
             $searchform->set_var('author_form_element', '<input type="hidden" name="author" value="0"' . XHTML . '>');
         }
     } else {
         $searchform->set_var('author_form_element', '<input type="hidden" name="author" value="0"' . XHTML . '>');
     }
     // Results per page
     $options = '';
     $limits = explode(',', $_CONF['search_limits']);
     foreach ($limits as $limit) {
         $options .= "<option value=\"{$limit}\"";
         if ($_CONF['num_search_results'] == $limit) {
             $options .= ' selected="selected"';
         }
         $options .= ">{$limit}</option>" . LB;
     }
     $searchform->set_var('search_limits', $options);
     $searchform->set_var('lang_search', $LANG09[10]);
     PLG_templateSetVars('search', $searchform);
     $searchform->parse('output', 'searchform');
     $retval .= $searchform->finish($searchform->get_var('output'));
     $retval .= COM_endBlock();
     return $retval;
 }
Beispiel #4
0
if ($total_print_pages == 0) {
    $total_print_pages = 1;
}
$birdseed = MG_getBirdseed(0, 0, 0, $total_print_pages);
$ownername = DB_getItem($_TABLES['users'], 'username', "uid=" . intval($root_album->owner_id));
$album_last_update = MG_getUserDateTimeFormat($root_album->last_update);
$pagination = COM_printPageNavigation($_MG_CONF['site_url'] . '/index.php', $page + 1, $total_pages);
$rsslink = '';
if ($_MG_CONF['rss_full_enabled']) {
    $rsslink = COM_createLink(COM_createImage(MG_getImageFile('feed.png'), '', array('class' => 'mg_rssimg')), MG_getFeedUrl($_MG_CONF['rss_feed_name'] . '.rss'), array('type' => 'application/rss+xml'));
}
$T = COM_newTemplate(MG_getTemplatePath_byName($root_album->skin));
$T->set_file('page', 'album_page.thtml');
$T->set_var(array('site_url' => $_MG_CONF['site_url'], 'birdseed' => $birdseed, 'album_title' => PLG_replaceTags($root_album->title), 'table_columns' => $columns_per_page, 'table_column_width' => intval(100 / $columns_per_page) . '%', 'top_pagination' => $pagination, 'bottom_pagination' => $pagination, 'page_number' => sprintf("%s %d %s %d", $LANG_MG03['page'], $current_print_page, $LANG_MG03['of'], $total_print_pages), 'jumpbox' => MG_buildAlbumJumpbox($root_album, $album_id, 1, -1), 'album_id' => $album_id, 'album_description' => $root_album->display_album_desc ? PLG_replaceTags($root_album->description) : '', 'album_id_display' => $root_album->owner_id || $_MG_CONF['enable_media_id'] == 1 ? $LANG_MG03['album_id_display'] . $album_id : '', 'select_adminbox' => COM_isAnonUser() ? '' : MG_buildAdminbox($root_album), 'album_last_update' => $album_last_update[0], 'album_owner' => $ownername, 'media_count' => $root_album->getMediaCount(), 'lang_menulabel' => $LANG_MG03['menulabel'], 'lang_search' => $LANG_MG01['search'], 'rsslink' => $rsslink, 'list_title' => $LANG_MG03['list_title'], 'list_desc' => $LANG_MG03['list_desc'], 'list_size' => $LANG_MG03['list_size'], 'list_user' => $LANG_MG03['list_user'], 'list_updated' => $LANG_MG03['list_updated']));
// completed setting header / footer vars, parse them
PLG_templateSetVars('mediagallery', $T);
// main processing of the album contents.
if ($total_media > 0) {
    $k = 0;
    $col = 0;
    $T->set_block('page', 'ImageColumn', 'IColumn');
    $T->set_block('page', 'ImageRow', 'IRow');
    for ($i = 0; $i < $media_per_page; $i += $columns_per_page) {
        $next_columns = $i + $columns_per_page;
        for ($j = $i; $j < $next_columns; $j++) {
            if ($j >= $total_media) {
                $T->parse('IRow', 'ImageRow', true);
                $T->set_var('IColumn', '');
                break 2;
            }
            $T->set_var('clear_float', '');
Beispiel #5
0
/**
* Shows the story submission form
*
*/
function submitstory($topic = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG12, $LANG24;
    $retval = '';
    $story = new Story();
    if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        // preview
        $story->loadSubmission();
        $retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
    } else {
        $story->initSubmission($topic);
    }
    $storyform = new Template($_CONF['path_layout'] . 'submit');
    if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($_CONF['path_layout'] . 'submit/submitstory_advanced.thtml')) {
        $storyform->set_file('storyform', 'submitstory_advanced.thtml');
        $storyform->set_var('change_editormode', 'onchange="change_editmode(this);"');
        $storyform->set_var('lang_expandhelp', $LANG24[67]);
        $storyform->set_var('lang_reducehelp', $LANG24[68]);
        if ($story->EditElements('postmode') == 'html') {
            $storyform->set_var('show_texteditor', 'none');
            $storyform->set_var('show_htmleditor', '');
        } else {
            $storyform->set_var('show_texteditor', '');
            $storyform->set_var('show_htmleditor', 'none');
        }
    } else {
        $storyform->set_file('storyform', 'submitstory.thtml');
        if ($story->EditElements('postmode') == 'html') {
            $storyform->set_var('show_texteditor', 'none');
            $storyform->set_var('show_htmleditor', '');
        } else {
            $storyform->set_var('show_texteditor', '');
            $storyform->set_var('show_htmleditor', 'none');
        }
    }
    $storyform->set_var('xhtml', XHTML);
    $storyform->set_var('site_url', $_CONF['site_url']);
    $storyform->set_var('site_admin_url', $_CONF['site_admin_url']);
    $storyform->set_var('layout_url', $_CONF['layout_url']);
    $storyform->set_var('lang_username', $LANG12[27]);
    if (!empty($_USER['username'])) {
        $storyform->set_var('story_username', $_USER['username']);
        $storyform->set_var('author', COM_getDisplayName());
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
        $storyform->set_var('lang_loginout', $LANG12[34]);
    } else {
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
        $storyform->set_var('lang_loginout', $LANG12[2]);
        if (!$_CONF['disable_new_user_registration']) {
            $storyform->set_var('separator', ' | ');
            $storyform->set_var('seperator', ' | ');
            $storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => "nofollow")));
        }
    }
    $storyform->set_var('lang_title', $LANG12[10]);
    $storyform->set_var('story_title', $story->EditElements('title'));
    $storyform->set_var('lang_topic', $LANG12[28]);
    $tlist = COM_topicList('tid,topic', $story->EditElements('tid'));
    if (empty($tlist)) {
        $retval .= COM_showMessage(101);
        return $retval;
    }
    $storyform->set_var('story_topic_options', $tlist);
    $storyform->set_var('lang_story', $LANG12[29]);
    $storyform->set_var('lang_introtext', $LANG12[54]);
    $storyform->set_var('lang_bodytext', $LANG12[55]);
    $storyform->set_var('story_introtext', $story->EditElements('introtext'));
    $storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
    $storyform->set_var('lang_postmode', $LANG12[36]);
    $storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $story->EditElements('postmode')));
    $storyform->set_var('allowed_html', COM_allowedHTML());
    $storyform->set_var('story_uid', $story->EditElements('uid'));
    $storyform->set_var('story_sid', $story->EditElements('sid'));
    $storyform->set_var('story_date', $story->EditElements('unixdate'));
    $storyform->set_var('lang_preview', $LANG12[32]);
    PLG_templateSetVars('story', $storyform);
    if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        $storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
    }
    $retval .= COM_startBlock($LANG12[6], 'submitstory.html');
    $storyform->parse('theform', 'storyform');
    $retval .= $storyform->finish($storyform->get_var('theform'));
    $retval .= COM_endBlock();
    return $retval;
}
Beispiel #6
0
/**
* Displays a login form
*
* This is the version of the login form displayed in the content area of the
* page (not the side bar). It will present all options (remote authentication
* - including new registration link, etc.) according to the current
* configuration settings.
*
* @param    array   $use_options    options to override default settings
* @return   string                  HTML of the login form
*
*/
function SEC_loginForm($use_options = array())
{
    global $_CONF, $_USER, $LANG01, $LANG04;
    $retval = '';
    $default_options = array('forgotpw_link' => true, 'hidden_fields' => '', 'oauth_login' => true, '3rdparty_login' => true, 'newreg_link' => true, 'verification_link' => false, 'plugin_vars' => true, 'prefill_user' => false, 'title' => $LANG04[65], 'message' => '', 'footer_message' => '', 'button_text' => $LANG04[80], 'form_action' => $_CONF['site_url'] . '/users.php');
    $options = array_merge($default_options, $use_options);
    $loginform = new Template($_CONF['path_layout'] . 'users');
    $loginform->set_file('login', 'loginform.thtml');
    $loginform->set_var('form_action', $options['form_action']);
    $loginform->set_var('footer_message', $options['footer_message']);
    $loginform->set_var('start_block_loginagain', COM_startBlock($options['title']));
    $loginform->set_var('lang_message', $options['message']);
    if ($options['newreg_link'] == false || $_CONF['disable_new_user_registration']) {
        $loginform->set_var('lang_newreglink', '');
    } else {
        $loginform->set_var('lang_newreglink', $LANG04[123]);
    }
    $loginform->set_var('lang_username', $LANG04[2]);
    $loginform->set_var('lang_password', $LANG01[57]);
    if ($options['forgotpw_link']) {
        $loginform->set_var('lang_forgetpassword', $LANG04[25]);
        $forget = COM_createLink($LANG04[25], $_CONF['site_url'] . '/users.php?mode=getpassword', array('rel' => 'nofollow'));
        $loginform->set_var('forgetpassword_link', $forget);
    } else {
        $loginform->set_var('lang_forgetpassword', '');
        $loginform->set_var('forgetpassword_link', '');
    }
    $loginform->set_var('lang_login', $options['button_text']);
    $loginform->set_var('end_block', COM_endBlock());
    // 3rd party remote authentication.
    $services = '';
    if ($options['3rdparty_login'] && $_CONF['user_login_method']['3rdparty'] && $_CONF['usersubmission'] == 0) {
        $modules = SEC_collectRemoteAuthenticationModules();
        if (count($modules) > 0) {
            if (!$_CONF['user_login_method']['standard'] && count($modules) == 1) {
                $select = '<input type="hidden" name="service" value="' . $modules[0] . '"/>' . $modules[0] . LB;
            } else {
                // Build select
                $select = '<select name="service">';
                if ($_CONF['user_login_method']['standard']) {
                    $select .= '<option value="">' . $_CONF['site_name'] . '</option>' . LB;
                }
                foreach ($modules as $service) {
                    $select .= '<option value="' . $service . '">' . $service . '</option>' . LB;
                }
                $select .= '</select>';
            }
            $loginform->set_file('services', 'services.thtml');
            $loginform->set_var('lang_service', $LANG04[121]);
            $loginform->set_var('select_service', $select);
            $loginform->parse('output', 'services');
            $services .= $loginform->finish($loginform->get_var('output'));
        }
    }
    if (!empty($options['hidden_fields'])) {
        // allow caller to (ab)use {services} for hidden fields
        $services .= $options['hidden_fields'];
        $loginform->set_var('hidden_fields', $options['hidden_fields']);
    }
    $loginform->set_var('services', $services);
    // OAuth remote authentication.
    if ($options['oauth_login'] && $_CONF['user_login_method']['oauth']) {
        $modules = SEC_collectRemoteOAuthModules();
        if (count($modules) == 0) {
            $loginform->set_var('oauth_login', '');
        } else {
            $html_oauth = '';
            foreach ($modules as $service) {
                $loginform->set_file('oauth_login', '../loginform_oauth.thtml');
                $loginform->set_var('oauth_service', $service);
                $loginform->set_var('oauth_service_display', ucwords($service));
                // for sign in image
                $loginform->set_var('oauth_sign_in_image', $_CONF['site_url'] . '/images/login-with-' . $service . '.png');
                $loginform->parse('output', 'oauth_login');
                $html_oauth .= $loginform->finish($loginform->get_var('output'));
            }
            $loginform->set_var('oauth_login', $html_oauth);
        }
    } else {
        $loginform->set_var('oauth_login', '');
    }
    if ($options['verification_link']) {
        $loginform->set_var('lang_verification', $LANG04[169]);
        $verify = COM_createLink($LANG04[25], $_CONF['site_url'] . '/users.php?mode=getnewtoken', array('rel' => 'nofollow'));
        $loginform->set_var('verification_link', $verify);
    } else {
        $loginform->set_var('lang_verification', '');
        $loginform->set_var('verification_link', '');
    }
    if ($options['prefill_user'] && isset($_USER['username']) && $_USER['username'] != '') {
        $loginform->set_var('loginname', $_USER['username']);
        $loginform->set_var('focus', 'passwd');
    } else {
        $loginform->set_var('loginname', '');
        $loginform->set_var('focus', 'loginname');
    }
    if ($options['plugin_vars']) {
        PLG_templateSetVars('loginform', $loginform);
    }
    $loginform->parse('output', 'login');
    $retval .= $loginform->finish($loginform->get_var('output'));
    return $retval;
}
Beispiel #7
0
/**
 * Takes an article class and renders HTML in the specified template and style.
 * Formats the given article into HTML. Called by index.php, article.php,
 * submit.php and admin/story.php (Preview mode for the last two).
 *
 * @param   Story  $story    The story to display, an instance of the Story class.
 * @param   string $index    n = Full display of article. p = 'Preview' mode. Else introtext only.
 * @param   string $storyTpl The template to use to render the story.
 * @param   string $query    A search query, if one was specified.
 * @return  string           Article as formatted HTML.
 *                            Note: Formerly named COM_Article, and re-written totally since then.
 */
function STORY_renderArticle($story, $index = '', $storyTpl = 'storytext.thtml', $query = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG05, $LANG11, $LANG_TRB, $_IMAGE_TYPE, $mode;
    static $storyCounter = 0;
    if ($story->DisplayElements('featured') == 1) {
        $article_filevar = 'featuredarticle';
    } elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE && $story->DisplayElements('expire') <= time()) {
        $article_filevar = 'archivearticle';
    } else {
        $article_filevar = 'article';
    }
    if (empty($storyTpl)) {
        $storyTpl = 'storytext.thtml';
    }
    // Change article template file with the topic (feature request #275)
    $templateDir = $_CONF['path_layout'];
    $topicDir = $templateDir . 'topics/' . $story->DisplayElements('tid') . '/';
    if (is_dir($topicDir) && file_exists($topicDir . $storyTpl)) {
        $templateDir = $topicDir;
    }
    $article = COM_newTemplate($templateDir);
    $article->set_file(array('article' => $storyTpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml'));
    // begin instance caching...
    $cache_time = $story->DisplayElements('cache_time');
    $current_article_tid = $story->DisplayElements('tid');
    $retval = false;
    // If stays false will rebuild article and not used cache (checks done below)
    if ($cache_time > 0 || $cache_time == -1) {
        $hash = CACHE_security_hash();
        $cacheInstance = 'article__' . $story->getSid() . '_' . $index . $mode . '_' . $article_filevar . '_' . $current_article_tid . '_' . $hash . '_' . $_USER['theme'];
        if ($_CONF['cache_templates']) {
            $retval = $article->check_instance($cacheInstance, $article_filevar);
        } else {
            $retval = CACHE_check_instance($cacheInstance);
        }
        if ($retval && $cache_time == -1) {
            // Cache file found so use it since no time limit set to recreate
        } elseif ($retval && $cache_time > 0) {
            $lu = CACHE_get_instance_update($cacheInstance);
            $now = time();
            if ($now - $lu < $cache_time) {
                // Cache file found so use it since under time limit set to recreate
            } else {
                // generate article and create cache file
                // Cache time is not built into template caching so need to delete it manually and reset $retval
                if ($_CONF['cache_templates']) {
                    // Need to close and recreate template class since issues arise when theme templates are cached
                    unset($article);
                    // Close template class
                    CACHE_remove_instance($cacheInstance);
                    $article = COM_newTemplate($_CONF['path_layout']);
                    $article->set_file(array('article' => $storyTpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml'));
                } else {
                    // theme templates are not cache so can go ahead and delete story cache
                    CACHE_remove_instance($cacheInstance);
                }
                $retval = false;
            }
        } else {
            // Need to reset especially if caching is disabled for a certain story but template caching has been enabled for the theme
            $retval = false;
        }
    }
    $articleUrl = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
    $article->set_var('article_url', $articleUrl);
    $article->set_var('story_title', $story->DisplayElements('title'));
    // Date formatting set by user therefore cannot be cached
    $article->set_var('story_date', $story->DisplayElements('date'), false, true);
    $article->set_var('story_datetime', $story->DisplayElements('datetime'), false, true);
    // Story views increase with every visit so cannot be cached
    if ($_CONF['hideviewscount'] != 1) {
        $article->set_var('lang_views', $LANG01[106], false, true);
        $article->set_var('story_hits', $story->DisplayElements('hits'), false, true);
    }
    // Topic Icon is user configurable so do not cache
    $topicname = $story->DisplayElements('topic');
    $topicurl = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $story->DisplayElements('tid'));
    if ((!isset($_USER['noicons']) || $_USER['noicons'] != 1) && $story->DisplayElements('show_topic_icon') == 1) {
        $imageurl = $story->DisplayElements('imageurl');
        if (!empty($imageurl)) {
            $imageurl = COM_getTopicImageUrl($imageurl);
            $article->set_var('story_topic_image_url', $imageurl, false, true);
            $topicimage = '<img src="' . $imageurl . '" class="float' . $_CONF['article_image_align'] . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
            $article->set_var('story_anchortag_and_image', COM_createLink($topicimage, $topicurl, array()), false, true);
            $article->set_var('story_topic_image', $topicimage, false, true);
            $topicimage_noalign = '<img src="' . $imageurl . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
            $article->set_var('story_anchortag_and_image_no_align', COM_createLink($topicimage_noalign, $topicurl, array()), false, true);
            $article->set_var('story_topic_image_no_align', $topicimage_noalign, false, true);
        }
    }
    // Main article content
    if ($index == 'p') {
        $introtext = $story->getPreviewText('introtext');
        $bodytext = $story->getPreviewText('bodytext');
    } else {
        $introtext = $story->displayElements('introtext');
        $bodytext = $story->displayElements('bodytext');
    }
    $readmore = empty($bodytext) ? 0 : 1;
    $numwords = COM_numberFormat(count(explode(' ', COM_getTextContent($bodytext))));
    if (COM_onFrontpage()) {
        $bodytext = '';
    }
    if (!empty($query)) {
        $introtext = COM_highlightQuery($introtext, $query);
        $bodytext = COM_highlightQuery($bodytext, $query);
    }
    // Create article only if preview, or query not empty, or if no cache version or cache version is not required
    if ($index == 'p' || !empty($query) || !$retval) {
        $article->set_var('article_filevar', '');
        $article->set_var('site_name', $_CONF['site_name']);
        //$article->set_var( 'story_date', $story->DisplayElements('date') );
        $article->set_var('story_date_short', $story->DisplayElements('shortdate'));
        $article->set_var('story_date_only', $story->DisplayElements('dateonly'));
        $article->set_var('story_id', $story->getSid());
        if ($_CONF['contributedbyline'] == 1) {
            $article->set_var('lang_contributed_by', $LANG01[1]);
            $article->set_var('contributedby_uid', $story->DisplayElements('uid'));
            $fullname = $story->DisplayElements('fullname');
            $username = $story->DisplayElements('username');
            $article->set_var('contributedby_user', $username);
            if (empty($fullname)) {
                $article->set_var('contributedby_fullname', $username);
            } else {
                $article->set_var('contributedby_fullname', $fullname);
            }
            $authorname = COM_getDisplayName($story->DisplayElements('uid'), $username, $fullname);
            $article->set_var('contributedby_author', $authorname);
            $article->set_var('author', $authorname);
            $profileUrl = '';
            if ($story->DisplayElements('uid') > 1) {
                $profileUrl = $_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $story->DisplayElements('uid');
                $article->set_var('start_contributedby_anchortag', '<a class="storybyline" href="' . $profileUrl . '" rel="author">');
                $article->set_var('end_contributedby_anchortag', '</a>');
                $article->set_var('contributedby_url', $profileUrl);
            }
            $photo = '';
            if ($_CONF['allow_user_photo'] == 1) {
                $authphoto = $story->DisplayElements('photo');
                if (empty($authphoto)) {
                    $authphoto = '(none)';
                    // user does not have a photo
                }
                $photo = USER_getPhoto($story->DisplayElements('uid'), $authphoto, $story->DisplayElements('email'));
            }
            if (!empty($photo)) {
                $article->set_var('contributedby_photo', $photo);
                $article->set_var('author_photo', $photo);
                $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>';
                $article->set_var('camera_icon', COM_createLink($camera_icon, $profileUrl));
            } else {
                $article->set_var('contributedby_photo', '');
                $article->set_var('author_photo', '');
                $article->set_var('camera_icon', '');
            }
        }
        $article->set_var('story_topic_id', $story->DisplayElements('tid'));
        $article->set_var('story_topic_name', $topicname);
        $article->set_var('story_topic_url', $topicurl);
        $recent_post_anchortag = '';
        $article->set_var('lang_permalink', $LANG01[127]);
        $show_comments = true;
        // n = Full display of article. p = 'Preview' mode.
        if ($index != 'n' && $index != 'p' || !empty($query)) {
            $attributes = ' class="non-ul"';
            $attr_array = array('class' => 'non-ul');
            if (!empty($query)) {
                $attributes .= ' rel="bookmark"';
                $attr_array['rel'] = 'bookmark';
            }
            $article->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '"' . $attributes . '>');
            $article->set_var('end_storylink_anchortag', '</a>');
            $article->set_var('story_title_link', COM_createLink($story->DisplayElements('title'), $articleUrl, $attr_array));
        } else {
            $article->set_var('story_title_link', $story->DisplayElements('title'));
        }
        $related_topics = '';
        if ($index == 'n') {
            if ($_CONF['supported_version_theme'] == '1.8.1') {
                $article->set_var('breadcrumb_trail', TOPIC_breadcrumbs('article', $story->getSid()));
            }
            if ($_CONF['related_topics'] > 0) {
                $related_topics = TOPIC_relatedTopics('article', $story->getSid(), $_CONF['related_topics_max']);
                $article->set_var('related_topics', $related_topics);
            }
        } elseif ($index != 'p') {
            if ($_CONF['related_topics'] > 1) {
                $related_topics = TOPIC_relatedTopics('article', $story->getSid(), $_CONF['related_topics_max']);
                $article->set_var('related_topics', $related_topics);
            }
        }
        $page_selector = '';
        $readmore_link = '';
        $post_comment_link = '';
        $plugin_itemdisplay = '';
        $comments_with_count = '';
        $trackbacks_with_count = '';
        if ($index == 'n' || $index == 'p') {
            if (empty($bodytext)) {
                $article->set_var('story_introtext', $introtext);
                $article->set_var('story_text_no_br', $introtext);
            } else {
                if ($_CONF['allow_page_breaks'] == 1 && $index == 'n') {
                    $story_page = 1;
                    // page selector
                    if (is_numeric($mode)) {
                        $story_page = $mode;
                        if ($story_page <= 0) {
                            $story_page = 1;
                            $mode = 0;
                        } elseif ($story_page > 1) {
                            $introtext = '';
                        }
                    }
                    $article_array = explode('[page_break]', $bodytext);
                    $page_break_count = count($article_array);
                    if ($story_page > $page_break_count) {
                        // Can't have page count greater than actual number of pages
                        $story_page = $page_break_count;
                    }
                    $page_selector = COM_printPageNavigation($articleUrl, $story_page, $page_break_count, 'mode=', $_CONF['url_rewrite'], $LANG01[118]);
                    if (count($article_array) > 1) {
                        $bodytext = $article_array[$story_page - 1];
                    }
                    $article->set_var('page_selector', $page_selector);
                    if ($_CONF['page_break_comments'] == 'last' && $story_page < count($article_array) || $_CONF['page_break_comments'] == 'first' && $story_page != 1) {
                        $show_comments = false;
                    }
                    $article->set_var('story_page', $story_page);
                }
                $article->set_var('story_introtext', $introtext . '<br' . XHTML . '><br' . XHTML . '>' . $bodytext);
                $article->set_var('story_text_no_br', $introtext . ' ' . $bodytext);
            }
            $article->set_var('story_introtext_only', $introtext);
            $article->set_var('story_bodytext_only', $bodytext);
            if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && SEC_hasRights('story.ping')) {
                $url = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&amp;id=' . $story->getSid();
                $article->set_var('send_trackback_link', COM_createLink($LANG_TRB['send_trackback'], $url));
                $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
                $article->set_var('send_trackback_icon', COM_createLink($pingico, $url));
                $article->set_var('send_trackback_url', $url);
                $article->set_var('lang_send_trackback_text', $LANG_TRB['send_trackback']);
            }
            $article->set_var('story_display', $index == 'p' ? 'preview' : 'article');
            $article->set_var('story_counter', 0);
        } else {
            $article->set_var('story_introtext', $introtext);
            $article->set_var('story_text_no_br', $introtext);
            $article->set_var('story_introtext_only', $introtext);
            if ($readmore) {
                $article->set_var('lang_readmore', $LANG01[2]);
                $article->set_var('lang_readmore_words', $LANG01[62]);
                $article->set_var('readmore_words', $numwords);
                $readmore_link = COM_createLink($LANG01[2], $articleUrl, array('class' => 'story-read-more-link')) . ' (' . $numwords . ' ' . $LANG01[62] . ') ';
                $article->set_var('readmore_link', $readmore_link);
                $article->set_var('start_readmore_anchortag', '<a href="' . $articleUrl . '" class="story-read-more-link">');
                $article->set_var('end_readmore_anchortag', '</a>');
                $article->set_var('read_more_class', 'class="story-read-more-link"');
            }
            if ($story->DisplayElements('commentcode') >= 0 && $show_comments) {
                $commentsUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#comments';
                $article->set_var('comments_url', $commentsUrl);
                $article->set_var('comments_text', COM_numberFormat($story->DisplayElements('comments')) . ' ' . $LANG01[3]);
                $article->set_var('comments_count', COM_numberFormat($story->DisplayElements('comments')));
                $article->set_var('lang_comments', $LANG01[3]);
                $comments_with_count = sprintf($LANG01[121], COM_numberFormat($story->DisplayElements('comments')));
                if ($story->DisplayElements('comments') > 0) {
                    $result = DB_query("SELECT UNIX_TIMESTAMP(date) AS day,username,fullname,{$_TABLES['comments']}.uid as cuid FROM {$_TABLES['comments']},{$_TABLES['users']} WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid AND sid = '" . $story->getSid() . "' ORDER BY date DESC LIMIT 1");
                    $C = DB_fetchArray($result);
                    $recent_post_anchortag = '<span class="storybyline">' . $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . COM_getDisplayName($C['cuid'], $C['username'], $C['fullname']) . '</span>';
                    $comments_with_count = COM_createLink($comments_with_count, $commentsUrl);
                    $article->set_var('comments_with_count', $comments_with_count);
                    $article->set_var('start_comments_anchortag', '<a href="' . $commentsUrl . '">');
                    $article->set_var('end_comments_anchortag', '</a>');
                } else {
                    $article->set_var('comments_with_count', $comments_with_count);
                    if ($_CONF['comment_on_same_page'] == true) {
                        $recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '#commenteditform');
                    } else {
                        $recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&amp;pid=0&amp;type=article');
                        if ($_CONF['show_comments_at_replying'] == true) {
                            $recent_post_anchortag .= '#commenteditform';
                        }
                    }
                }
                if ($story->DisplayElements('commentcode') == 0) {
                    if ($_CONF['comment_on_same_page'] == true) {
                        $postCommentUrl = $_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '#commenteditform';
                    } else {
                        $postCommentUrl = $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&amp;pid=0&amp;type=article';
                        if ($_CONF['show_comments_at_replying'] == true) {
                            $postCommentUrl .= '#commenteditform';
                        }
                    }
                    $post_comment_link = COM_createLink($LANG01[60], $postCommentUrl, array('rel' => 'nofollow'));
                    $article->set_var('post_comment_link', $post_comment_link);
                    /*
                        $article->set_var( 'subscribe_link',
                                COM_createLink('Nubbies', '', array('rel' => 'nofollow'))
                                         );
                    */
                    $article->set_var('lang_post_comment', $LANG01[60]);
                    $article->set_var('start_post_comment_anchortag', '<a href="' . $postCommentUrl . '" rel="nofollow">');
                    $article->set_var('end_post_comment_anchortag', '</a>');
                }
            }
            if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && $story->DisplayElements('trackbackcode') >= 0 && $show_comments) {
                $num_trackbacks = COM_numberFormat($story->DisplayElements('trackbacks'));
                $trackbacksUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#trackback';
                $article->set_var('trackbacks_url', $trackbacksUrl);
                $article->set_var('trackbacks_text', $num_trackbacks . ' ' . $LANG_TRB['trackbacks']);
                $article->set_var('trackbacks_count', $num_trackbacks);
                $article->set_var('lang_trackbacks', $LANG_TRB['trackbacks']);
                if (SEC_hasRights('story.ping')) {
                    $pingurl = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&amp;id=' . $story->getSid();
                    $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
                    $article->set_var('send_trackback_icon', COM_createLink($pingico, $pingurl));
                }
                $trackbacks_with_count = sprintf($LANG01[122], $num_trackbacks);
                if ($story->DisplayElements('trackbacks') > 0) {
                    $trackbacks_with_count = COM_createLink($trackbacks_with_count, $trackbacksUrl);
                }
                $article->set_var('trackbacks_with_count', $trackbacks_with_count);
            }
            if ($_CONF['hideemailicon'] == 1 || COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
                $article->set_var('email_icon', '');
            } else {
                $emailUrl = $_CONF['site_url'] . '/profiles.php?sid=' . $story->getSid() . '&amp;what=emailstory';
                $emailicon = '<img src="' . $_CONF['layout_url'] . '/images/mail.' . $_IMAGE_TYPE . '" alt="' . $LANG01[64] . '" title="' . $LANG11[2] . '"' . XHTML . '>';
                $article->set_var('email_icon', COM_createLink($emailicon, $emailUrl));
                $article->set_var('email_story_url', $emailUrl);
                $article->set_var('lang_email_story', $LANG11[2]);
                $article->set_var('lang_email_story_alt', $LANG01[64]);
            }
            $printUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&amp;mode=print');
            if ($_CONF['hideprintericon'] == 1) {
                $article->set_var('print_icon', '');
            } else {
                $printicon = '<img src="' . $_CONF['layout_url'] . '/images/print.' . $_IMAGE_TYPE . '" alt="' . $LANG01[65] . '" title="' . $LANG11[3] . '"' . XHTML . '>';
                $article->set_var('print_icon', COM_createLink($printicon, $printUrl, array('rel' => 'nofollow')));
                $article->set_var('print_story_url', $printUrl);
                $article->set_var('lang_print_story', $LANG11[3]);
                $article->set_var('lang_print_story_alt', $LANG01[65]);
            }
            $article->set_var('story_display', 'index');
            $storyCounter++;
            $article->set_var('story_counter', $storyCounter);
        }
        $article->set_var('recent_post_anchortag', $recent_post_anchortag);
        if ($index != 'p' && SEC_hasRights('story.edit') && $story->checkAccess() == 3 && TOPIC_hasMultiTopicAccess('article', $story->DisplayElements('sid')) == 3) {
            $editUrl = $_CONF['site_admin_url'] . '/story.php?mode=edit&amp;sid=' . $story->getSid();
            $editiconhtml = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>';
            $article->set_var('edit_link', COM_createLink($LANG01[4], $editUrl));
            $article->set_var('edit_url', $editUrl);
            $article->set_var('lang_edit_text', $LANG01[4]);
            $article->set_var('edit_icon', COM_createLink($editiconhtml, $editUrl, array('class' => 'editlink')));
            $article->set_var('edit_image', $editiconhtml);
        }
        $navi_list = true;
        $feedback_list = true;
        if ($index == 'p') {
            $navi_list = false;
            $feedback_list = false;
        } else {
            $navi_list = $page_selector !== '' || $readmore_link !== '' || $post_comment_link !== '';
            $feedback_list = $plugin_itemdisplay !== '' || $comments_with_count !== '' || $trackbacks_with_count !== '';
        }
        $story_footer = $navi_list || $feedback_list || $related_topics !== '';
        $article->set_var('navi_list', $navi_list);
        $article->set_var('feedback_list', $feedback_list);
        $article->set_var('story_footer', $story_footer);
        if ($story->DisplayElements('featured') == 1) {
            $article->set_var('lang_todays_featured_article', $LANG05[4]);
            $article->parse('story_bodyhtml', 'featuredbodytext', true);
            PLG_templateSetVars('featuredstorytext', $article);
        } elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE && $story->DisplayElements('expire') <= time()) {
            $article->parse('story_bodyhtml', 'archivestorybodytext', true);
            PLG_templateSetVars('archivestorytext', $article);
        } else {
            $article->parse('story_bodyhtml', 'bodytext', true);
            PLG_templateSetVars('storytext', $article);
        }
        // Add related articles
        if ($index === 'n') {
            $article->set_var('related_articles_by_keyword', Story::getRelatedArticlesByKeywords($story->getSid(), $story->DisplayElements('meta_keywords')));
        }
        PLG_templateSetVars($article_filevar, $article);
        if ($index != 'p' && ($cache_time > 0 || $cache_time == -1)) {
            $article->create_instance($cacheInstance, $article_filevar);
            // CACHE_create_instance($cacheInstance, $article);
        }
    } else {
        PLG_templateSetVars($article_filevar, $article);
        if (!$_CONF['cache_templates']) {
            // Hack (see Geeklog Bug Tracker issue #0001817): Cannot set the template variable directly with set_var since
            // this template variable was set with set_file which uses the templatecode array (set_var uses varvals array)
            // so have to update the templatecode array directly. This array really shouldn't be accessed this way
            // and this hack should be changed in the future: either set_var or set_file functions need to allow update of the file template variable found in templatecode
            // $article->set_var($article_filevar, $retval);
            $article->templateCode[$article_filevar] = $retval;
        }
    }
    $article->parse('finalstory', $article_filevar);
    return $article->finish($article->get_var('finalstory'));
}
Beispiel #8
0
/**
* Display form to email a story to someone.
*
* @param    string  $sid    ID of article to email
* @return   string          HTML for email story form
*
*/
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
    global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG_LOGIN;
    $retval = '';
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
        $display = COM_siteHeader('menu', $LANG_LOGIN[1]);
        $display .= SEC_loginRequiredForm();
        $display .= COM_siteFooter();
        echo $display;
        exit;
    }
    $result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'" . COM_getTopicSql('AND') . COM_getPermSql('AND'));
    $A = DB_fetchArray($result);
    if ($A['count'] == 0) {
        return COM_refresh($_CONF['site_url'] . '/index.php');
    }
    if ($msg > 0) {
        $retval .= COM_showMessage($msg, '', '', 0, 'info');
    }
    if (empty($from) && empty($fromemail)) {
        if (!COM_isAnonUser()) {
            $from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
            $fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
        }
    }
    $postmode = $_CONF['mailuser_postmode'];
    $mail_template = new Template($_CONF['path_layout'] . 'profiles');
    $mail_template->set_file('form', 'contactauthorform.thtml');
    if ($postmode == 'html') {
        $mail_template->set_var('show_htmleditor', true);
    } else {
        $mail_template->unset_var('show_htmleditor');
    }
    $mail_template->set_var('lang_postmode', $LANG03[2]);
    $mail_template->set_var('postmode', $postmode);
    $mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
    $mail_template->set_var('lang_fromname', $LANG08[20]);
    $mail_template->set_var('name', $from);
    $mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
    $mail_template->set_var('email', $fromemail);
    $mail_template->set_var('lang_toname', $LANG08[18]);
    $mail_template->set_var('toname', $to);
    $mail_template->set_var('lang_toemailaddress', $LANG08[19]);
    $mail_template->set_var('toemail', $toemail);
    $mail_template->set_var('lang_shortmessage', $LANG08[27]);
    $mail_template->set_var('shortmsg', @htmlspecialchars($shortmsg, ENT_COMPAT, COM_getEncodingt()));
    $mail_template->set_var('lang_warning', $LANG08[22]);
    $mail_template->set_var('lang_sendmessage', $LANG08[16]);
    $mail_template->set_var('story_id', $sid);
    PLG_templateSetVars('emailstory', $mail_template);
    $mail_template->set_var('end_block', COM_endBlock());
    $mail_template->parse('output', 'form');
    $retval .= $mail_template->finish($mail_template->get_var('output'));
    return $retval;
}
Beispiel #9
0
function MG_albumThumbnail($album_id)
{
    global $_MG_CONF, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01, $LANG_MG03;
    $sql = "SELECT album_title,album_parent,album_views,enable_album_views," . "media_count,album_desc,album_cover_filename,last_update,tn_attached " . "FROM {$_TABLES['mg_albums']} " . "WHERE album_id=" . intval($album_id);
    $result = DB_query($sql);
    $album_data = DB_fetchArray($result);
    $cover_filename = $album_data['album_cover_filename'];
    if ($album_data['media_count'] > 0) {
        if ($cover_filename != '' && $cover_filename != '0') {
            // Testing!
            if (strpos($cover_filename, 'tn_') === 0) {
                $tmpfilename = 'tn/' . $cover_filename[3] . '/' . $cover_filename;
            } else {
                $type = $_MG_CONF['gallery_tn_size'];
                // Root album
                if ($album_data['album_parent'] > 0) {
                    $type = DB_getItem($_TABLES['mg_albums'], 'tn_size', 'album_id=' . $album_data['album_parent']);
                }
                $tmpfilename = 'tn/' . $cover_filename[0] . '/' . $cover_filename;
                $tmpfilename = MG_getThumbPath($tmpfilename, $type);
                $tmpfilename = rtrim($tmpfilename, '.');
            }
            list($album_last_image, $mediasize) = MG_getImageUrl($tmpfilename);
            $album_last_update = MG_getUserDateTimeFormat($album_data['last_update']);
            if ($mediasize == false) {
                $album_last_image = $_MG_CONF['mediaobjects_url'] . '/empty.png';
                $mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'empty.png');
            }
        } else {
            $filename = MG_getAlbumCover($album_id);
            if ($filename == '' || $filename == NULL || $filename == " ") {
                $album_last_image = $_MG_CONF['mediaobjects_url'] . '/empty.png';
                $mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'empty.png');
            } else {
                list($album_last_image, $mediasize) = MG_getImageUrl('tn/' . $filename[0] . '/' . $filename);
                if ($mediasize == false) {
                    $album_last_image = $_MG_CONF['mediaobjects_url'] . '/missing.png';
                    $mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
                }
            }
        }
        $album_media_count = $album_data['media_count'];
        if ($album_data['last_update'] > 0) {
            $album_last_update = MG_getUserDateTimeFormat($album_data['last_update']);
            $lang_updated = $_MG_CONF['dfid'] == '99' ? '' : $LANG_MG03['updated_prompt'];
        } else {
            $album_last_update[0] = '';
            $lang_updated = '';
        }
        $lang_updated = $_MG_CONF['dfid'] == '99' ? '' : $LANG_MG03['updated_prompt'];
        if (isset($_USER['uid']) && $_USER['uid'] > 1) {
            $lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '" . $_USER['uid'] . "'");
            if ($album_data['last_update'] > $lastlogin) {
                $album_last_update[0] = '<span class="mgUpdated">' . $album_last_update[0] . '</span>';
            }
        }
    } else {
        // nothing in the album yet...
        $filename = MG_getAlbumCover($album_id);
        if ($filename == '') {
            $album_last_image = $_MG_CONF['mediaobjects_url'] . '/empty.png';
            $mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'empty.png');
        } else {
            list($album_last_image, $mediasize) = MG_getImageUrl('tn/' . $filename[0] . '/' . $filename);
            if ($mediasize == false) {
                $album_last_image = $_MG_CONF['mediaobjects_url'] . '/missing.png';
                $mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
            }
        }
        $album_last_update[0] = '';
        $lang_updated = '';
    }
    if ($album_data['tn_attached'] == 1) {
        list($album_last_image, $mediasize) = MG_getImageUrl('covers/cover_' . $album_id);
        if ($mediasize == false) {
            $album_last_image = $_MG_CONF['mediaobjects_url'] . '/missing.png';
            $mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
        }
    }
    $children = MG_getAlbumChildren($album_id);
    $subalbums = count($children);
    $total_images_subalbums = MG_getMediaCount($album_id);
    $parent_album = new mgAlbum($album_data['album_parent']);
    $_MG_USERPREFS = MG_getUserPrefs();
    if (isset($_MG_USERPREFS['tn_size']) && $_MG_USERPREFS['tn_size'] != -1) {
        $tn_size = $_MG_USERPREFS['tn_size'];
    } else {
        $tn_size = $parent_album->tn_size;
    }
    list($tn_height, $tn_width) = MG_getTNSize($tn_size, $parent_album->tnHeight, $parent_album->tnWidth);
    list($newwidth, $newheight) = MG_getImageWH_3($mediasize[0], $mediasize[1], $tn_width, $tn_height);
    $media_item_thumbnail = MG_getFramedImage($parent_album->album_skin, $album_data['album_title'], $_MG_CONF['site_url'] . '/album.php?aid=' . $album_id . '&amp;page=1', $album_last_image, $newwidth, $newheight);
    $C = COM_newTemplate(MG_getTemplatePath($album_data['album_parent']));
    $C->set_file('cell', 'album_page_album_cell.thtml');
    $C->set_var(array('media_item_thumbnail' => $media_item_thumbnail, 'u_viewalbum' => $_MG_CONF['site_url'] . '/album.php?aid=' . $album_id . '&amp;page=1', 'album_last_image' => $album_last_image, 'album_title' => $album_data['album_title'], 'album_media_count' => $album_data['media_count'], 'subalbum_media_count' => $total_images_subalbums, 'album_desc' => PLG_replaceTags($album_data['album_desc']), 'album_last_update' => $album_last_update[0], 'img_height' => $newheight, 'img_width' => $newwidth, 's_media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"', 'row_height' => $tn_height, 'updated' => $lang_updated, 'lang_album' => $LANG_MG00['album'], 'lang_views' => $LANG_MG03['views'], 'views' => $album_data['album_views'], 'lang_views' => $album_data['enable_album_views'] ? $LANG_MG03['views'] : '', 'views' => $album_data['enable_album_views'] ? $album_data['album_views'] : '', 'subalbumcount' => $subalbums > 0 ? '(' . $subalbums . ')' : '', 'lang_subalbums' => $subalbums > 0 ? $LANG_MG01['subalbums'] : ''));
    PLG_templateSetVars('mediagallery', $C);
    $C->parse('output', 'cell');
    $celldisplay = $C->finish($C->get_var('output'));
    return $celldisplay;
}
Beispiel #10
0
/**
* Displays the comment form
*
* @param    string  $title      Title of comment
* @param    string  $comment    Text of comment
* @param    string  $sid        ID of object comment belongs to
* @param    int     $pid        ID of parent comment
* @param    string  $type       Type of object comment is posted to
* @param    string  $mode       Mode, e.g. 'preview'
* @param    string  $postmode   Indicates if comment is plain text or HTML
* @param    string  $format     'threaded', 'nested', or 'flat'
* @param    string  $order      'ASC' or 'DESC' or blank
* @param    int     $page       Page number of comments to display
* @return   string  HTML for comment form
*
*/
function CMT_commentForm($title, $comment, $sid, $pid = '0', $type, $mode, $postmode, $format = '', $order = '', $page = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG03, $LANG12, $LANG_ADMIN, $LANG_ACCESS, $MESSAGE, $_SCRIPTS;
    $retval = '';
    // never trust $uid ...
    if (empty($_USER['uid'])) {
        $uid = 1;
    } else {
        $uid = $_USER['uid'];
    }
    if (empty($format)) {
        if (isset($_REQUEST['format'])) {
            $format = COM_applyFilter($_REQUEST['format']);
        }
        if (!in_array($format, array('threaded', 'nested', 'flat', 'nocomment'))) {
            if (COM_isAnonUser()) {
                $format = $_CONF['comment_mode'];
            } else {
                $format = DB_getItem($_TABLES['usercomment'], 'commentmode', "uid = {$uid}");
            }
        }
    }
    if (empty($order)) {
        if (isset($_REQUEST['order'])) {
            $order = COM_applyFilter($_REQUEST['order']);
        }
    }
    if (empty($page)) {
        if (isset($_REQUEST['cpage'])) {
            $page = COM_applyFilter($_REQUEST['cpage'], true);
            if (empty($page)) {
                $page = 1;
            }
        }
    }
    $commentuid = $uid;
    $table = '';
    if ($mode == 'edit' || $mode == $LANG03[28]) {
        $table = $_TABLES['comments'];
    } elseif ($mode == 'editsubmission' || $mode == $LANG03[34]) {
        $table = $_TABLES['commentsubmissions'];
    }
    if (!empty($table)) {
        $cid = 0;
        if (isset($_REQUEST[CMT_CID])) {
            $cid = COM_applyFilter($_REQUEST[CMT_CID], true);
        }
        if ($cid <= 0) {
            return COM_refresh($_CONF['site_url'] . '/index.php');
        }
        $commentuid = DB_getItem($table, 'uid', "cid = '{$cid}'");
    }
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
        $retval .= SEC_loginRequiredForm();
        return $retval;
    } else {
        COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
        $last = 0;
        if ($mode != 'edit' && $mode != 'editsubmission' && $mode != $LANG03[28] && $mode != $LANG03[34]) {
            // not edit mode or preview changes
            $last = COM_checkSpeedlimit('comment');
        }
        if ($last > 0) {
            if (COMMENT_ON_SAME_PAGE) {
                $retval .= COM_showMessageText($LANG03[45], $MESSAGE[40]);
            } else {
                $retval .= COM_showMessageText($LANG03[7] . $last . $LANG03[8], $LANG12[26]);
            }
        } else {
            // Add JavaScript
            $_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
            if ($postmode != 'html' && $postmode != 'plaintext') {
                if (empty($postmode) && $_CONF['advanced_editor'] && $_USER['advanced_editor']) {
                    $postmode = 'html';
                } elseif (empty($postmode)) {
                    $postmode = $_CONF['postmode'];
                }
            }
            $sig = '';
            if ($uid > 1) {
                $sig = DB_getItem($_TABLES['users'], 'sig', "uid = '{$uid}'");
            }
            // Note:
            // $comment / $newcomment is what goes into the preview / is
            // actually stored in the database -> strip HTML
            // $commenttext is what the user entered and goes back into the
            // <textarea> -> don't strip HTML
            $commenttext = htmlspecialchars(COM_stripslashes($comment));
            // Replace $, {, and } with special HTML equivalents
            $commenttext = str_replace('$', '&#36;', $commenttext);
            $commenttext = str_replace('{', '&#123;', $commenttext);
            $commenttext = str_replace('}', '&#125;', $commenttext);
            // Remove any autotags the user doesn't have permission to use
            $commenttext = PLG_replaceTags($commenttext, '', true);
            // Autotags can now be used in templates when an article is rendered
            // for this reason, replace [, ] in order to prevent garbled characters
            $commenttext = str_replace('[', '&#91;', $commenttext);
            $commenttext = str_replace(']', '&#93;', $commenttext);
            $title = COM_checkWords(strip_tags(COM_stripslashes($title)));
            // $title = str_replace('$','&#36;',$title); done in CMT_getComment
            $_POST['title'] = $title;
            $newcomment = $comment;
            if ($mode == $LANG03[28]) {
                // for preview
                $newcomment = CMT_prepareText($comment, $postmode, $type, true, $cid);
            } elseif ($mode == $LANG03[34]) {
                $newcomment = CMT_prepareText($comment, $postmode, $type, true);
            } else {
                $newcomment = CMT_prepareText($comment, $postmode, $type);
            }
            $_POST['comment'] = $newcomment;
            // Preview mode:
            if (($mode == $LANG03[14] || $mode == $LANG03[28] || $mode == $LANG03[34]) && !empty($title) && !empty($comment)) {
                $start = COM_newTemplate($_CONF['path_layout'] . 'comment');
                $start->set_file(array('comment' => 'startcomment.thtml'));
                $start->set_var('hide_if_preview', 'style="display:none"');
                $start->set_var('area_id', 'commentpreview');
                // Clean up all the vars
                $A = array();
                foreach ($_POST as $key => $value) {
                    if ($key == CMT_PID || $key == CMT_CID) {
                        $A[$key] = COM_applyFilter($_POST[$key], true);
                    } else {
                        if ($key == 'title' || $key == 'comment') {
                            // these have already been filtered above
                            $A[$key] = $_POST[$key];
                        } else {
                            if ($key == CMT_USERNAME) {
                                $A[$key] = htmlspecialchars(COM_checkWords(strip_tags(COM_stripslashes($_POST[$key]))));
                            } else {
                                $A[$key] = COM_applyFilter($_POST[$key]);
                            }
                        }
                    }
                }
                // correct time and username for edit preview
                if ($mode == $LANG03[28] || $mode == $LANG03[34]) {
                    $A['nice_date'] = DB_getItem($table, 'UNIX_TIMESTAMP(date)', "cid = '{$cid}'");
                    if ($_USER['uid'] != $commentuid) {
                        $uresult = DB_query("SELECT username, fullname, email, photo FROM {$_TABLES['users']} WHERE uid = {$commentuid}");
                        $A = array_merge($A, DB_fetchArray($uresult));
                    }
                }
                if ($uid != 1 || empty($A[CMT_USERNAME])) {
                    $A[CMT_USERNAME] = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}");
                }
                if (COMMENT_ON_SAME_PAGE) {
                    if (isset($A[CMT_CID])) {
                        $A['cid'] = $A[CMT_CID];
                    }
                    $A['sid'] = $A[CMT_SID];
                    $A['pid'] = $A[CMT_PID];
                    $A['uid'] = $A[CMT_UID];
                    $A['type'] = $A[CMT_TYPE];
                    $A['username'] = $A[CMT_USERNAME];
                }
                $thecomments = CMT_getComment($A, 'flat', $type, 'ASC', false, true);
                $start->set_var('comments', $thecomments);
                $retval .= COM_startBlock($LANG03[14]) . $start->finish($start->parse('output', 'comment')) . COM_endBlock();
            } else {
                if ($mode == $LANG03[14]) {
                    $retval .= COM_showMessageText($LANG03[12], $LANG03[17]);
                    $mode = 'error';
                }
            }
            $permission = $type == 'article' ? 'story.edit' : "{$type}.edit";
            $comment_template = COM_newTemplate($_CONF['path_layout'] . 'comment');
            if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
                $comment_template->set_file('form', 'commentform_advanced.thtml');
                if (COM_isAnonUser()) {
                    $link_message = "";
                } else {
                    $link_message = $LANG01[138];
                }
                $comment_template->set_var('noscript', COM_getNoScript(false, '', $link_message));
                // Setup Advanced Editor
                COM_setupAdvancedEditor('/javascript/submitcomment_adveditor.js', $permission);
            } else {
                $comment_template->set_file('form', 'commentform.thtml');
            }
            $is_comment_page = CMT_isCommentPage();
            if ($is_comment_page) {
                $comment_template->set_var('nprefix', '');
            } else {
                $comment_template->set_var('nprefix', 'cmt_');
            }
            $comment_template->set_var('format', $format);
            $comment_template->set_var('order', $order);
            $comment_template->set_var('cpage', $page);
            $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
            if ($_CONF['show_fullname'] == 1) {
                $comment_template->set_var('lang_username', $LANG_ACCESS['name']);
            } elseif (COM_isAnonUser()) {
                $comment_template->set_var('lang_username', $LANG03[44]);
            } else {
                $comment_template->set_var('lang_username', $LANG03[5]);
            }
            $comment_template->set_var('sid', $sid);
            $comment_template->set_var('pid', $pid);
            $comment_template->set_var('type', $type);
            if ($mode == 'edit' || $mode == 'editsubmission' || $mode == $LANG03[28] || $mode == $LANG03[34]) {
                $comment_template->set_var('hidewhenediting', ' style="display:none;"');
            } else {
                $comment_template->set_var('hidewhenediting', '');
            }
            if (COMMENT_ON_SAME_PAGE) {
                list($plgurl, $plgid) = CMT_getCommentUrlId($type);
                // Filemgmt plugin is doing special processing.
                // Therefore, I support specially, against my better judgment.
                // May should delete this code part.
                if ($type == 'filemgmt') {
                    $sid = str_replace('fileid_', '', $sid);
                }
                $formurl = "{$plgurl}?{$plgid}={$sid}#commentpreview";
            } else {
                $formurl = $_CONF['site_url'] . '/comment.php#commentpreview';
                // commentpreview needed for when showing replies on the same page
            }
            if ($mode == 'edit' || $mode == $LANG03[28]) {
                //edit modes
                $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[32]));
                $comment_template->set_var('cid', '<input type="hidden" name="' . CMT_CID . '" value="' . $cid . '"' . XHTML . '>');
            } else {
                if ($mode == 'editsubmission' || $mode == $LANG03[34]) {
                    $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[33]));
                    $comment_template->set_var('cid', '<input type="hidden" name="' . CMT_CID . '" value="' . $cid . '"' . XHTML . '>');
                } else {
                    $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
                    $comment_template->set_var('cid', '');
                }
            }
            $comment_template->set_var('form_url', $formurl);
            if (COM_isAnonUser()) {
                // Anonymous user
                $comment_template->set_var('uid', 1);
                if (isset($A[CMT_USERNAME])) {
                    $name = $A[CMT_USERNAME];
                    // for preview
                } elseif (isset($_COOKIE[$_CONF['cookie_anon_name']])) {
                    // stored as cookie, name used before
                    $name = htmlspecialchars(COM_checkWords(strip_tags(COM_stripslashes($_COOKIE[$_CONF['cookie_anon_name']]))));
                } else {
                    $name = COM_getDisplayName(1);
                    // anonymous user
                }
                $usernameblock = '<input type="text" name="' . CMT_USERNAME . '" size="16" value="' . $name . '" maxlength="32"' . XHTML . '>';
                $comment_template->set_var('username', $usernameblock);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
            } else {
                if ($commentuid != $_USER['uid']) {
                    $uresult = DB_query("SELECT username, fullname FROM {$_TABLES['users']} WHERE uid = {$commentuid}");
                    list($username, $fullname) = DB_fetchArray($uresult);
                } else {
                    $username = $_USER['username'];
                    $fullname = $_USER['fullname'];
                }
                $comment_template->set_var('gltoken_name', CSRF_TOKEN);
                $comment_template->set_var('gltoken', SEC_createToken());
                $comment_template->set_var('uid', $commentuid);
                $name = COM_getDisplayName($commentuid, $username, $fullname);
                $comment_template->set_var('username', $name);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]);
            }
            $comment_template->set_var('lang_cancel', $LANG_ADMIN['cancel']);
            if ($mode == 'editsubmission' or $mode == 'edit' or $mode == $LANG03[34] or $mode == $LANG03[28]) {
                $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
                $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
                $comment_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
                $comment_template->set_var('allow_delete', true);
                $comment_template->set_var('lang_delete', $LANG_ADMIN['delete']);
                $comment_template->set_var('confirm_message', $MESSAGE[76]);
            }
            if ($mode == 'editsubmission' or $mode == $LANG03[34]) {
                // Preview Submission changes (for edit)
                $comment_template->set_var('formtype', 'editsubmission');
            } elseif ($mode == 'edit' or $mode == $LANG03[28]) {
                // Preview changes (for edit)
                $comment_template->set_var('formtype', 'edit');
            } else {
                $comment_template->set_var('formtype', 'new');
            }
            if ($postmode == 'html') {
                $comment_template->set_var('show_texteditor', 'none');
                $comment_template->set_var('show_htmleditor', '');
            } else {
                $comment_template->set_var('show_texteditor', '');
                $comment_template->set_var('show_htmleditor', 'none');
            }
            $comment_template->set_var('lang_title', $LANG03[16]);
            $comment_template->set_var('title', htmlspecialchars($title));
            $comment_template->set_var('lang_comment', $LANG03[9]);
            $comment_template->set_var('comment', $commenttext);
            $comment_template->set_var('lang_postmode', $LANG03[2]);
            $comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
            $allowed_html = '';
            foreach (array('plaintext', 'html') as $pm) {
                $allowed_html .= COM_allowedHTML($permission, false, 1, $pm);
            }
            $allowed_html .= COM_allowedAutotags();
            $comment_template->set_var('allowed_html', $allowed_html);
            $comment_template->set_var('lang_importantstuff', $LANG03[18]);
            $comment_template->set_var('lang_instr_line1', $LANG03[19]);
            $comment_template->set_var('lang_instr_line2', $LANG03[20]);
            $comment_template->set_var('lang_instr_line3', $LANG03[21]);
            $comment_template->set_var('lang_instr_line4', $LANG03[22]);
            $comment_template->set_var('lang_instr_line5', $LANG03[23]);
            if ($mode == 'edit' || $mode == $LANG03[28]) {
                //editing comment or preview changes
                $comment_template->set_var('lang_preview', $LANG03[28]);
            } elseif ($mode == 'editsubmission' || $mode == $LANG03[34]) {
                $comment_template->set_var('lang_preview', $LANG03[34]);
            } else {
                //new comment
                $comment_template->set_var('lang_preview', $LANG03[14]);
            }
            if ($mode == $LANG03[28] || $mode == 'edit' && $_CONF['skip_preview'] == 1) {
                PLG_templateSetVars('comment', $comment_template);
                // Only for a edit form with a save button displayed (CAPTCHA related issue)
                // for editing
                $comment_template->set_var('save_option', '<input type="submit" name="' . CMT_MODE . '" value="' . $LANG03[29] . '"' . XHTML . '>');
                $comment_template->set_var('allow_save', true);
                $comment_template->set_var('lang_save', $LANG03[29]);
            } elseif ($mode == $LANG03[34] || $mode == 'editsubmission' && $_CONF['skip_preview'] == 1) {
                PLG_templateSetVars('comment', $comment_template);
                // editing submission comment
                $comment_template->set_var('save_option', '<input type="submit" name="' . CMT_MODE . '" value="' . $LANG03[35] . '"' . XHTML . '>');
                $comment_template->set_var('allow_save', true);
                $comment_template->set_var('lang_save', $LANG03[35]);
            } elseif ($_CONF['skip_preview'] == 1 || $mode == $LANG03[14]) {
                PLG_templateSetVars('comment', $comment_template);
                $comment_template->set_var('save_option', '<input type="submit" name="' . CMT_MODE . '" value="' . $LANG03[11] . '"' . XHTML . '>');
                $comment_template->set_var('allow_save', true);
                $comment_template->set_var('lang_save', $LANG03[11]);
            }
            if ($_CONF['allow_reply_notifications'] == 1 && $uid != 1 && ($mode == '' || $mode == $LANG03[14] || $mode == 'error')) {
                $checked = '';
                if (isset($_POST['notify'])) {
                    $checked = ' checked="checked"';
                }
                $comment_template->set_var('notification', '<p><input type="checkbox"' . ' name="notify"' . $checked . '>' . $LANG03[36] . '</p>');
            }
            $comment_template->set_var('end_block', COM_endBlock());
            $comment_template->parse('output', 'form');
            $retval .= $comment_template->finish($comment_template->get_var('output'));
        }
    }
    return $retval;
}
Beispiel #11
0
/**
 *  Provide a form to edit a new or existing ad.
 *  @param  array   $A      Array of ad data for edit form
 *  @param  string  $mode   Edit mode
 *  @param  boolean $admin  True for administrator edit, false for normal
 *  @return string          HTML for ad edit form
 */
function adEdit($A, $mode = 'edit', $admin = false)
{
    global $_TABLES, $LANG_ADVT, $_CONF, $_CONF_ADVT, $LANG_ADMIN, $_USER, $LANG_ACCESS, $_GROUPS, $LANG12, $LANG24, $MESSAGE, $LANG_postmodes;
    USES_classifieds_class_adtype();
    // Determine if this user is an admin.  Deprecates the $admin parameter.
    $admin = SEC_hasRights($_CONF_ADVT['pi_name'] . '.admin') ? 1 : 0;
    // only valid users allowed
    if (COM_isAnonUser() || $_CONF_ADVT['usercanedit'] == 0 && !$admin) {
        return CLASSIFIEDS_errorMsg($LANG_ADVT['no_permission'], 'alert', $LANG_ADVT['access_denied']);
    }
    // We know that we need to have categories, so make sure some exist
    // before even trying to display the form.  The category dropdown is
    // created later since it needs the existing cat_id, if any.
    if (DB_count($_TABLES['ad_category']) < 1) {
        return CLASSIFIEDS_errorMsg($LANG_ADVT['no_categories'], 'info');
    }
    $time = time();
    // used to compare now with expiration date
    if ($admin) {
        $T = new Template(CLASSIFIEDS_PI_PATH . '/templates/admin');
        $T->set_file('adedit', "adminedit.thtml");
        $action_url = CLASSIFIEDS_ADMIN_URL . '/index.php';
    } else {
        $T = new Template(CLASSIFIEDS_PI_PATH . '/templates');
        $T->set_file('adedit', "submitform.thtml");
        $action_url = CLASSIFIEDS_URL . '/index.php';
    }
    // Set up the wysiwyg editor, if available
    switch (PLG_getEditorType()) {
        case 'ckeditor':
            $T->set_var('show_htmleditor', true);
            PLG_requestEditor('classifieds', 'classifieds_entry', 'ckeditor_classifieds.thtml');
            PLG_templateSetVars('classifieds_entry', $T);
            break;
        case 'tinymce':
            $T->set_var('show_htmleditor', true);
            PLG_requestEditor('classifieds', 'classifieds_entry', 'tinymce_classifieds.thtml');
            PLG_templateSetVars('classifieds_entry', $T);
            break;
        default:
            // don't support others right now
            $T->set_var('show_htmleditor', false);
            break;
    }
    switch ($mode) {
        case 'editsubmission':
        case 'moderate':
            $savemode = 'savesubmission';
            $delete_img = 'delsubimg';
            $delete_ad = 'deletesubmission';
            $type = 'moderate';
            $saveoption = $LANG_ADMIN['moderate'];
            $cancel_url = $_CONF['site_admin_url'] . '/moderation.php';
            break;
        case 'edit':
            $savemode = 'savesubmission';
            $delete_img = 'delsubimg';
            $delete_ad = 'deletesubmission';
            $saveoption = $LANG_ADMIN['save'];
            $type = 'submission';
            $cancel_url = $action_url;
            break;
        case 'update_ad':
        default:
            $savemode = 'update_ad';
            $delete_img = 'delete_img';
            $delete_ad = 'delete_ad';
            $saveoption = $LANG_ADMIN['save'];
            $type = '';
            $cancel_url = $action_url;
            break;
    }
    // Admins (only) use this form for submissions as well as edits,
    // so we need to expect an empty array.
    if (empty($A['ad_id'])) {
        if (!$admin) {
            return CLASSIFIEDS_errorMsg($LANG_ADVT['no_permission'], 'alert', $LANG_ADVT['access_denied']);
        }
        $A['ad_id'] = COM_makeSid();
        $A['subject'] = '';
        $A['descript'] = '';
        $A['price'] = '';
        $A['url'] = '';
        $A['exp_date'] = '';
        $A['add_date'] = time();
        $A['ad_type'] = 0;
        $A['perm_owner'] = $_CONF_ADVT['default_permissions'][0];
        $A['perm_group'] = $_CONF_ADVT['default_permissions'][1];
        $A['perm_members'] = $_CONF_ADVT['default_permissions'][2];
        $A['perm_anon'] = $_CONF_ADVT['default_permissions'][3];
        $A['uid'] = $_USER['uid'];
        if (isset($_REQUEST['cat'])) {
            $A['cat_id'] = intval($_REQUEST['cat']);
        } else {
            $A['cat_id'] = 0;
        }
        $catsql = "SELECT cat_id,perm_anon,keywords\n                    FROM {$_TABLES['ad_category']} ";
        if ($A['cat_id'] > 0) {
            $catsql .= "WHERE cat_id = {$A['cat_id']} ";
        } else {
            $catsql .= "ORDER BY cat_name ASC ";
        }
        $catsql .= "LIMIT 1";
        $r = DB_query($catsql, 1);
        if ($r && DB_numRows($r) > 0) {
            $row = DB_fetchArray($r, false);
            $A['cat_id'] = $row['cat_id'];
            $A['keywords'] = trim($row['keywords']);
        } else {
            $A['cat_id'] = 0;
            $A['keywords'] = '';
        }
        $A['owner_id'] = $_USER['uid'];
        // Set ad owner to current user for new ads
        $A['group_id'] = isset($_GROUPS['classifieds Admin']) ? $_GROUPS['classifieds Admin'] : SEC_getFeatureGroup('classifieds.edit');
        $A['exp_sent'] = 0;
        // set expiration & duration info for a new ad
        $T->set_var('expiration_date', $LANG_ADVT['runfor']);
        // "run for: X days"
        $comments_enabled = $_CONF_ADVT['commentsupport'] == 1 ? 0 : 1;
        $T->set_var("sel_{$comments_enabled}", 'selected');
        if ($_CONF_ADVT['purchase_enabled']) {
            USES_classifieds_class_userinfo();
            $User = new adUserInfo();
            $T->set_var('days', min($_CONF_ADVT['default_duration'], $User->getMaxDays()));
        } else {
            $T->set_var('days', $_CONF_ADVT['default_duration']);
        }
        $photocount = 0;
        // No photos yet with a new ad
    } else {
        // This is an existing ad with values already in $A
        $T->set_var('expiration_date', $LANG_ADVT['expiration']);
        $T->set_var('days', '0');
        // Disable the perm_anon checkbox if it's disabled by the category.
        if (!$admin && DB_getItem($_TABLES['ad_category'], 'perm_anon', "cat_id='{$A['cat_id']}'") == '0') {
            $T->set_var('vis_disabled', 'disabled');
        }
        // get the photo information
        $sql = "SELECT photo_id, filename \n                FROM {$_TABLES['ad_photo']} \n                WHERE ad_id='{$A['ad_id']}'";
        $photo = DB_query($sql, 1);
        // save the count of photos for later use
        if ($photo) {
            $photocount = DB_numRows($photo);
        } else {
            $photocount = 0;
        }
        $comments_enabled = (int) $A['comments_enabled'];
        $T->set_var("sel_{$comments_enabled}", 'selected');
    }
    // Get the max image size in MB and set the message
    $img_max = $_CONF['max_image_size'] / 1048576;
    // Show in MB
    // Sanitize entries from the database
    $A['subject'] = htmlspecialchars($A['subject']);
    $A['descript'] = htmlspecialchars($A['descript']);
    $A['keywords'] = htmlspecialchars($A['keywords']);
    $A['price'] = htmlspecialchars($A['price']);
    $A['url'] = htmlspecialchars($A['url']);
    $A['ad_type'] = (int) $A['ad_type'];
    // set expiration & duration based on existing info
    if ($A['exp_date'] == '') {
        $T->set_var('row_exp_date', '');
    } else {
        if ($A['exp_date'] < $time) {
            $T->set_var('already_expired', $LANG_ADVT['already_expired']);
        } else {
            $T->set_var('row_exp_date', date("d M Y", $A['exp_date']));
        }
    }
    $T->set_var(array('post_options' => $post_options, 'change_editormode' => 'onchange="change_editmode(this);"', 'glfusionStyleBasePath' => $_CONF['site_url'] . '/fckeditor', 'gltoken_name' => CSRF_TOKEN, 'gltoken' => SEC_createToken(), 'has_delbtn' => 'true', 'txt_photo' => "{$LANG_ADVT['photo']}<br />" . sprintf($LANG_ADVT['image_max'], $img_max), 'type' => $type, 'action_url' => $action_url, 'max_file_size' => $_CONF['max_image_size'], 'row_cat_id' => $A['cat_id'], 'row_ad_id' => $A['ad_id'], 'row_subject' => $A['subject'], 'row_descript' => $A['descript'], 'row_price' => $A['price'], 'row_url' => $A['url'], 'keywords' => $A['keywords'], 'exp_date' => $A['exp_date'], 'add_date' => $A['add_date'], 'ad_type_selection' => AdType::makeSelection($A['ad_type']), 'sel_list_catid' => CLASSIFIEDS_buildCatSelection($A['cat_id']), 'saveoption' => $saveoption, 'cancel_url' => $cancel_url));
    // set expiration & duration based on existing info
    if ($A['exp_date'] == '') {
        $T->set_var('row_exp_date', '');
    } else {
        if ($A['exp_date'] < $time) {
            $T->set_var('already_expired', $LANG_ADVT['already_expired']);
        } else {
            $T->set_var('row_exp_date', date("d M Y", $A['exp_date']));
        }
    }
    // Set up permission editor on the admin template if needed.
    // Otherwise, set hidden values with existing permissions
    if ($admin) {
        // Set up owner selection
        $T->set_var(array('ownerselect' => CLASSIFIEDS_userDropdown($A['owner_id']), 'permissions_editor' => SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']), 'group_dropdown' => SEC_getGroupDropdown($A['group_id'], 3)));
    } else {
        $ownername = COM_getDisplayName($A['owner_id']);
        $T->set_var(array('owner_id' => $A['owner_id'], 'ownername' => $ownername, 'perm_owner' => $A['perm_owner'], 'perm_group' => $A['perm_group'], 'perm_members' => $A['perm_members'], 'perm_anon' => $A['perm_anon'], 'group_id' => $A['group_id']));
        if ($A['perm_anon'] == 2) {
            $T->set_var('perm_anon_chk', 'checked');
        }
    }
    // Set up the photo fields.  Use $photocount defined above.
    // If there are photos, read the $photo result.  Otherwise,
    // or if this is a new ad, just clear the photo area
    $T->set_block('adedit', 'PhotoRow', 'PRow');
    $i = 0;
    if ($photocount > 0) {
        while ($prow = DB_fetchArray($photo, false)) {
            $i++;
            $T->set_var(array('img_url' => LGLIB_ImageUrl(CLASSIFIEDS_IMGPATH . '/' . $prow['filename'], $_CONF_ADVT['img_max_width'], $_CONF_ADVT['img_max_height']), 'thumb_url' => LGLIB_ImageUrl(CLASSIFIEDS_IMGPATH . '/' . $prow['filename'], $_CONF_ADVT['thumb_max_size'], $_CONF_ADVT['thumb_max_size']), 'seq_no' => $i, 'ad_id' => $A['ad_id'], 'del_img_url' => $action_url . "?mode={$delete_img}&mid={$prow['photo_id']}" . "&id={$A['ad_id']}"));
            $T->parse('PRow', 'PhotoRow', true);
        }
    } else {
        $T->parse('PRow', '');
    }
    // add upload fields for unused images
    $T->set_block('adedit', 'UploadFld', 'UFLD');
    for ($j = $i; $j < $_CONF_ADVT['imagecount']; $j++) {
        $T->parse('UFLD', 'UploadFld', true);
    }
    $T->parse('output', 'adedit');
    return $T->finish($T->get_var('output'));
}
Beispiel #12
0
/**
 * Shows the user registration form
 *
 * @param    int    $msg      message number to show
 * @param    string $referrer page to send user to after registration
 * @return   string  HTML for user registration page
 */
function newuserform($msg = '')
{
    global $_CONF, $LANG04;
    $retval = '';
    if (!empty($msg)) {
        $retval .= COM_showMessageText($msg, $LANG04[21]);
    }
    $user_templates = COM_newTemplate($_CONF['path_layout'] . 'users');
    $user_templates->set_file('regform', 'registrationform.thtml');
    $user_templates->set_var('start_block', COM_startBlock($LANG04[22]));
    $user_templates->set_var('lang_instructions', $LANG04[23]);
    $user_templates->set_var('lang_username', $LANG04[2]);
    $user_templates->set_var('lang_email', $LANG04[5]);
    $user_templates->set_var('lang_email_conf', $LANG04[124]);
    $user_templates->set_var('lang_warning', $LANG04[24]);
    $user_templates->set_var('lang_register', $LANG04[27]);
    PLG_templateSetVars('registration', $user_templates);
    $user_templates->set_var('end_block', COM_endBlock());
    $username = '';
    if (!empty($_POST['username'])) {
        $username = COM_applyFilter($_POST['username']);
    }
    $user_templates->set_var('username', $username);
    $email = '';
    if (!empty($_POST['email'])) {
        $email = COM_applyFilter($_POST['email']);
    }
    $user_templates->set_var('email', $email);
    $email_conf = '';
    if (!empty($_POST['email_conf'])) {
        $email_conf = COM_applyFilter($_POST['email_conf']);
    }
    $user_templates->set_var('email_conf', $email_conf);
    $user_templates->parse('output', 'regform');
    $retval .= $user_templates->finish($user_templates->get_var('output'));
    return $retval;
}
Beispiel #13
0
/**
* Shows the story submission form
*
*/
function submitstory($topic = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG12, $LANG24, $REMOTE_ADDR;
    $retval = '';
    $story = new Story();
    if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        // preview
        $story->loadSubmission();
        $retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
        $retval .= '<div style="border-bottom:1px solid #cccccc"></div>';
    } else {
        $story->initSubmission($topic);
        $story->loadSubmission();
    }
    if ($_CONF['story_submit_by_perm_only']) {
        $topicList = COM_topicList('tid,topic', $story->EditElements('tid'), 1, false, 3);
    } else {
        $topicList = COM_topicList('tid,topic', $story->EditElements('tid'));
    }
    // no topics
    if ($topicList == '') {
        $retval = COM_showMessageText($LANG24[66], '', 1, 'error');
        return $retval;
    }
    $retval .= COM_startBlock($LANG12[6]);
    $storyform = new Template($_CONF['path_layout'] . 'submit');
    $storyform->set_file('storyform', 'submitstory.thtml');
    if ($story->EditElements('postmode') == 'html') {
        $storyform->set_var('show_htmleditor', true);
    } else {
        $storyform->unset_var('show_htmleditor');
    }
    $storyform->set_var('site_admin_url', $_CONF['site_admin_url']);
    $storyform->set_var('lang_username', $LANG12[27]);
    if (!COM_isAnonUser()) {
        $storyform->set_var('story_username', $_USER['username']);
        $storyform->set_var('author', COM_getDisplayName());
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
        $storyform->set_var('lang_loginout', $LANG12[34]);
    } else {
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
        $storyform->set_var('lang_loginout', $LANG12[2]);
        if (!$_CONF['disable_new_user_registration']) {
            $storyform->set_var('separator', ' | ');
            $storyform->set_var('seperator', ' | ');
            $storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => "nofollow")));
        }
    }
    $storyform->set_var('lang_title', $LANG12[10]);
    $storyform->set_var('story_title', $story->EditElements('title'));
    $storyform->set_var('lang_topic', $LANG12[28]);
    $storyform->set_var('story_topic_options', $topicList);
    /*
        if ( $_CONF['story_submit_by_perm_only'] ) {
            $storyform->set_var('story_topic_options', COM_topicList('tid,topic',$story->EditElements('tid'),1,false,3));
        } else {
            $storyform->set_var('story_topic_options', COM_topicList('tid,topic',$story->EditElements('tid')));
        }
    */
    $storyform->set_var('lang_story', $LANG12[29]);
    $storyform->set_var('lang_introtext', $LANG12[54]);
    $storyform->set_var('lang_bodytext', $LANG12[55]);
    $storyform->set_var('story_introtext', $story->EditElements('introtext'));
    $storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
    $storyform->set_var('lang_postmode', $LANG12[36]);
    $storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $story->EditElements('postmode')));
    $storyform->set_var('postmode', $story->EditElements('postmode'));
    $storyform->set_var('allowed_html', COM_allowedHTML(SEC_getUserPermissions(), false, 'glfusion', 'story') . '<br/>' . COM_allowedAutotags(SEC_getUserPermissions(), false, 'glfusion', 'story'));
    $storyform->set_var('story_uid', $story->EditElements('uid'));
    $storyform->set_var('story_sid', $story->EditElements('sid'));
    $storyform->set_var('story_date', $story->EditElements('unixdate'));
    PLG_templateSetVars('story', $storyform);
    if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        $storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
    }
    $storyform->set_var('lang_preview', $LANG12[32]);
    $storyform->parse('theform', 'storyform');
    $retval .= $storyform->finish($storyform->get_var('theform'));
    $retval .= COM_endBlock();
    $urlfor = 'advancededitor';
    if (COM_isAnonUser()) {
        $urlfor = 'advancededitor' . md5($REMOTE_ADDR);
    }
    $rc = @setcookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral($urlfor), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
    return $retval;
}
Beispiel #14
0
/**
* Display form to email a story to someone.
*
* @param    string  $sid        ID of article to email
* @param    bool    $cc         Whether to send a copy of the message to the author
* @param    string  $to         name of person / friend to email
* @param    string  $toemail    friend's email address
* @param    string  $from       name of person sending the email
* @param    string  $fromemail  sender's email address
* @param    string  $shortmsg   short intro text to send with the story
* @param    string  $msg        Error message code
* @return   string              HTML for email story form
*
*/
function mailstoryform($sid, $cc = false, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
    global $_CONF, $_TABLES, $_USER, $LANG08;
    require_once $_CONF['path_system'] . 'lib-story.php';
    $retval = '';
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
        $retval .= SEC_loginRequiredForm();
        return $retval;
    }
    $story = new Story();
    $result = $story->loadFromDatabase($sid, 'view');
    if ($result != STORY_LOADED_OK) {
        COM_redirect($_CONF['site_url'] . '/index.php');
    }
    if ($msg > 0) {
        $retval .= COM_showMessage($msg);
    }
    if (empty($from) && empty($fromemail)) {
        if (!COM_isAnonUser()) {
            $from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
            $fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
        }
    }
    $cc = $cc ? ' checked="checked"' : '';
    $mail_template = COM_newTemplate($_CONF['path_layout'] . 'profiles');
    $mail_template->set_file('form', 'contactauthorform.thtml');
    $mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
    $mail_template->set_var('lang_title', $LANG08[31]);
    $mail_template->set_var('story_title', $story->displayElements('title'));
    $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
    $mail_template->set_var('story_url', $url);
    $link = COM_createLink($story->displayElements('title'), $url);
    $mail_template->set_var('story_link', $link);
    $mail_template->set_var('lang_fromname', $LANG08[20]);
    $mail_template->set_var('name', $from);
    $mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
    $mail_template->set_var('email', $fromemail);
    $mail_template->set_var('lang_toname', $LANG08[18]);
    $mail_template->set_var('toname', $to);
    $mail_template->set_var('lang_toemailaddress', $LANG08[19]);
    $mail_template->set_var('toemail', $toemail);
    if (!$_CONF['mail_cc_enabled']) {
        $mail_template->set_var('cc_enabled', ' style="display: none"');
    } else {
        $mail_template->set_var('cc', $cc);
        $mail_template->set_var('lang_cc', $LANG08[36]);
        $mail_template->set_var('lang_cc_description', $LANG08[37]);
    }
    $mail_template->set_var('lang_shortmessage', $LANG08[27]);
    $mail_template->set_var('shortmsg', htmlspecialchars($shortmsg));
    $mail_template->set_var('lang_warning', $LANG08[22]);
    $mail_template->set_var('lang_sendmessage', $LANG08[16]);
    $mail_template->set_var('story_id', $sid);
    $mail_template->set_var('end_block', COM_endBlock());
    PLG_templateSetVars('emailstory', $mail_template);
    $mail_template->parse('output', 'form');
    $retval .= $mail_template->finish($mail_template->get_var('output'));
    return $retval;
}
Beispiel #15
0
 function albumThumbnail()
 {
     global $_CONF, $_MG_CONF, $_MG_USERPREFS, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01, $LANG_MG03, $MG_albums;
     if ($this->media_count > 0) {
         if ($this->cover_filename != '' && $this->cover_filename != '0') {
             $media_size = false;
             foreach ($_MG_CONF['validExtensions'] as $ext) {
                 if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $this->cover_filename[0] . '/' . $this->cover_filename . $ext)) {
                     $album_last_image = $_MG_CONF['mediaobjects_url'] . '/tn/' . $this->cover_filename[0] . '/' . $this->cover_filename . $ext;
                     $mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'tn/' . $this->cover_filename[0] . '/' . $this->cover_filename . $ext);
                     break;
                 }
             }
             $album_last_update = MG_getUserDateTimeFormat($this->last_update);
             if ($mediasize == false) {
                 $album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
                 $mediasize = array($this->tnWidth, $this->tnHeight);
             }
         } else {
             $filename = $this->findCover();
             if ($filename == '' || $filename == NULL || $filename == " ") {
                 $album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
                 $mediasize = array($this->tnWidth, $this->tnHeight);
             } else {
                 $mediasize = false;
                 foreach ($_MG_CONF['validExtensions'] as $ext) {
                     if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $filename[0] . '/' . $filename . $ext)) {
                         $album_last_image = $_MG_CONF['mediaobjects_url'] . '/tn/' . $filename[0] . '/' . $filename . $ext;
                         $mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'tn/' . $filename[0] . '/' . $filename . $ext);
                         break;
                     }
                 }
                 if ($mediasize == false) {
                     $album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
                     $mediasize = array($this->tnWidth, $this->tnHeight);
                     //@getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
                 }
             }
         }
         $album_media_count = $this->media_count;
         if ($this->last_update > 0) {
             $album_last_update = MG_getUserDateTimeFormat($this->last_update);
             $lang_updated = $_MG_CONF['dfid'] == '99' ? '' : $LANG_MG03['updated_prompt'];
         } else {
             $album_last_update[0] = '';
             $lang_updated = '';
         }
         $lang_updated = $_MG_CONF['dfid'] == '99' ? '' : $LANG_MG03['updated_prompt'];
         if (!COM_isAnonUser()) {
             $lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '" . (int) $_USER['uid'] . "'");
             if ($this->last_update > $lastlogin) {
                 $album_last_update[0] = '<font color="red">' . $album_last_update[0] . '</font>';
             }
         }
     } else {
         // nothing in the album yet...
         $filename = $this->findCover();
         if ($filename == '') {
             $album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
             $mediasize = array($this->tnWidth, $this->tnHeight);
         } else {
             $mediasize = false;
             foreach ($_MG_CONF['validExtensions'] as $ext) {
                 if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $filename[0] . '/' . $filename . $ext)) {
                     $album_last_image = $_MG_CONF['mediaobjects_url'] . '/tn/' . $filename[0] . '/' . $filename . $ext;
                     $mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'tn/' . $filename[0] . '/' . $filename . $ext);
                     break;
                 }
             }
             if ($mediasize == false) {
                 $album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
                 $mediasize = array($this->tnWidth, $this->tnHeight);
                 // @getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
             }
         }
         $album_last_update[0] = '';
         $lang_updated = '';
     }
     if ($this->tn_attached == 1) {
         $mediasize = false;
         foreach ($_MG_CONF['validExtensions'] as $ext) {
             if (file_exists($_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $this->id . $ext)) {
                 $album_last_image = $_MG_CONF['mediaobjects_url'] . '/covers/cover_' . $this->id . $ext;
                 $mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $this->id . $ext);
                 break;
             }
         }
         if ($mediasize == false) {
             $album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
             $mediasize = array($this->tnWidth, $this->tnHeight);
             //@getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
         }
     }
     $subalbums = count($this->children);
     $total_images_subalbums = $this->getMediaCount();
     if (isset($_MG_USERPREFS['tn_size']) && $_MG_USERPREFS['tn_size'] != -1) {
         $tn_size = $_MG_USERPREFS['tn_size'];
     } else {
         $tn_size = $MG_albums[$this->parent]->tn_size;
     }
     switch ($tn_size) {
         case '0':
             //small
             $tn_height = 100;
             $tn_width = 100;
             break;
         case '1':
             //medium
             $tn_height = 150;
             $tn_width = 150;
             break;
         case '2':
             $tn_height = 200;
             $tn_width = 200;
             break;
         case '3':
         case '4':
             $tn_height = $MG_albums[$this->parent]->tnHeight;
             $tn_width = $MG_albums[$this->parent]->tnWidth;
             if ($tn_height == 0) {
                 $tn_height = 200;
             }
             if ($tn_width == 0) {
                 $tn_width = 200;
             }
             break;
         default:
             $tn_height = 200;
             $tn_width = 200;
             break;
     }
     if ($mediasize[0] > $mediasize[1]) {
         $ratio = $mediasize[0] / $tn_height;
         $newwidth = $tn_height;
         $newheight = round($mediasize[1] / $ratio);
     } else {
         $ratio = $mediasize[1] / $tn_height;
         $newheight = $tn_height;
         $newwidth = round($mediasize[0] / $ratio);
     }
     $F = new Template($_MG_CONF['template_path']);
     $F->set_var('media_frame', $MG_albums[$this->parent]->albumFrameTemplate);
     $F->set_var(array('border_width' => $newwidth + 20, 'border_height' => $newheight + 20, 'media_link_start' => '<a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $this->id . '&amp;page=1' . '">', 'media_link_end' => '</a>', 'url_media_item' => $_MG_CONF['site_url'] . '/album.php?aid=' . $this->id . '&amp;page=1', 'media_thumbnail' => $album_last_image, 'media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"', 'media_height' => $newheight, 'media_width' => $newwidth, 'media_tag' => $this->title, 'frWidth' => $newwidth - $MG_albums[$this->parent]->afrWidth, 'frHeight' => $newheight - $MG_albums[$this->parent]->afrHeight));
     $F->parse('media', 'media_frame');
     $media_item_thumbnail = $F->finish($F->get_var('media'));
     $C = new Template(MG_getTemplatePath($this->parent));
     if ($this->parent != 0 && $MG_albums[$this->parent]->display_columns == 1) {
         $C->set_file('cell', 'album_page_body_album_cell_1.thtml');
     } else {
         $C->set_file('cell', 'album_page_body_album_cell.thtml');
     }
     $C->set_var(array('media_item_thumbnail' => $media_item_thumbnail, 'media_item_thumbnail_raw' => $album_last_image, 'u_viewalbum' => $_MG_CONF['site_url'] . '/album.php?aid=' . $this->id . '&amp;page=1', 'album_last_image' => $album_last_image, 'album_title' => $this->title, 'album_media_count' => $this->media_count, 'subalbum_media_count' => $total_images_subalbums, 'album_desc' => PLG_replaceTags($this->description, 'mediagallery', 'album_description'), 'album_last_update' => $album_last_update[0], 'img_height' => $newheight, 'img_width' => $newwidth, 's_media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"', 'border_width' => $newwidth + 20, 'border_height' => $newheight + 20, 'row_height' => $tn_height + 40, 'updated' => $lang_updated, 'lang_album' => $LANG_MG00['album'], 'lang_views' => $LANG_MG03['views'], 'views' => $this->views));
     if ($this->enable_album_views) {
         $C->set_var(array('lang_views' => $LANG_MG03['views'], 'views' => $this->views));
     } else {
         $C->set_var(array('lang_views' => '', 'views' => ''));
     }
     if ($subalbums > 0) {
         $C->set_var(array('subalbumcount' => '(' . $subalbums . ')', 'lang_subalbums' => $LANG_MG01['subalbums']));
     } else {
         $C->set_var(array('subalbumcount' => '', 'lang_subalbums' => ''));
     }
     PLG_templateSetVars('mediagallery', $C);
     $C->parse('output', 'cell');
     $celldisplay = $C->finish($C->get_var('output'));
     return $celldisplay;
 }
Beispiel #16
0
 public function displayThumb($opt = array())
 {
     global $_USER, $_CONF, $_MG_CONF, $_TABLES, $LANG_MG03, $LANG_MG01;
     $sortOrder = isset($opt['sortorder']) ? $opt['sortorder'] : 0;
     $searchmode = isset($opt['searchmode']) ? $opt['searchmode'] : 0;
     $album = isset($opt['album_id']) ? $opt['album_id'] : NULL;
     $mode = isset($opt['imageonly']) ? $opt['imageonly'] : 0;
     // $mode = 1 return image only
     if ($album === NULL) {
         $album = new mgAlbum($this->album_id);
     }
     $type = $this->type;
     $_MG_USERPREFS = MG_getUserPrefs();
     // $type == 1 video
     // $type == 2 audio
     if (($type == 1 || $type == 2 || $type == 5) && ($album->playback_type == 0 || $album->playback_type == 1) && $_MG_CONF['popup_from_album'] == 1) {
         if ($album->playback_type == 0) {
             if ($type == 2) {
                 // determine what type of player we will use (WMP, QT or Flash)
                 $player = $_MG_CONF['mp3_player'];
                 if (isset($_MG_USERPREFS['mp3_player']) && $_MG_USERPREFS['mp3_player'] != -1) {
                     $player = $_MG_USERPREFS['mp3_player'];
                 }
                 switch ($player) {
                     case 0:
                         // WMP
                         $new_y = 260;
                         $new_x = 340;
                         break;
                     case 1:
                         // QT
                         $new_y = 25;
                         $new_x = 350;
                         break;
                     case 2:
                         $new_y = 360;
                         $new_x = 580;
                         break;
                 }
                 if ($this->mime_type == 'audio/mpeg') {
                     $new_y = 360;
                     $new_x = 580;
                 }
                 if ($this->tn_attached == 1 && $player != 2) {
                     $tnsize = $this->media_size;
                     $new_y += $tnsize[0];
                     if ($tnsize[1] > $new_x) {
                         $new_x = $tnsize[1];
                     }
                 }
                 if ($album->playback_type == 0) {
                     $url_display_item = self::getHref_showvideo($this->id, $new_y, $new_x);
                 } else {
                     $url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
                 }
                 $resolution_x = $new_x;
                 $resolution_y = $new_y;
             } else {
                 // must be a video...
                 $playback_options['height'] = $_MG_CONF['swf_height'];
                 $playback_options['width'] = $_MG_CONF['swf_width'];
                 $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} " . "WHERE media_id='" . addslashes($this->id) . "'");
                 while ($poRow = DB_fetchArray($poResult)) {
                     $playback_options[$poRow['option_name']] = $poRow['option_value'];
                 }
                 if ($this->resolution_x > 0) {
                     $resolution_x = $this->resolution_x;
                     $resolution_y = $this->resolution_y;
                 } else {
                     if ($this->resolution_x == 0 && $this->remote_media != 1) {
                         $filepath = self::getFilePath('orig', $this->filename, $this->mime_ext);
                         $size = @filesize($filepath);
                         // skip files over 8M in size..
                         if ($size < 8388608) {
                             list($resolution_x, $resolution_y) = self::getResolutionID3($filepath);
                         }
                     } else {
                         $resolution_x = $this->resolution_x;
                         $resolution_y = $this->resolution_y;
                     }
                 }
                 $resolution_x = $playback_options['width'];
                 $resolution_y = $playback_options['height'];
                 if ($resolution_x < 1 || $resolution_y < 1) {
                     $resolution_x = 480;
                     $resolution_y = 320;
                 } else {
                     $resolution_x = $resolution_x + 40;
                     $resolution_y = $resolution_y + 40;
                 }
                 if ($this->mime_type == 'video/x-flv' && $_MG_CONF['use_flowplayer'] != 1) {
                     $resolution_x = $resolution_x + 60;
                     if ($resolution_x < 590) {
                         $resolution_x = 590;
                     }
                     $resolution_y = $resolution_y + 80;
                     if ($resolution_y < 500) {
                         $resolution_y = 500;
                     }
                 }
                 if ($type == 5) {
                     $resolution_x = 460;
                     $resolution_y = 380;
                 }
                 $url_display_item = self::getHref_showvideo($this->id, $resolution_y, $resolution_x);
             }
         } else {
             $url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
         }
     } else {
         if ($album->useAlternate == 1 && $type != 5 && !empty($this->remote_url)) {
             $url_display_item = $this->remote_url;
         } else {
             $url_display_item = $_MG_CONF['site_url'] . '/media.php?f=0' . '&amp;sort=' . $sortOrder . '&amp;s=' . $this->id;
         }
     }
     $url_media_item = $url_display_item;
     // -- decide what thumbnail size to use, small, medium, large...
     if (isset($_MG_USERPREFS['tn_size']) && $_MG_USERPREFS['tn_size'] != -1) {
         $tn_size = $_MG_USERPREFS['tn_size'];
     } else {
         if ($searchmode == 1) {
             $tn_size = $_MG_CONF['search_tn_size'];
         } else {
             $tn_size = $album->tn_size;
         }
     }
     list($tn_width, $tn_height) = self::getTNSize($tn_size, $album->tnWidth, $album->tnHeight);
     list($newwidth, $newheight) = self::getImageWH($this->media_size[0], $this->media_size[1], $tn_width, $tn_height);
     if (!isset($resolution_x)) {
         $resolution_x = $newwidth;
     }
     if (!isset($resolution_y)) {
         $resolution_y = $newheight;
     }
     $username = '******';
     if ($this->owner_id != '' && $this->owner_id > 1) {
         $username = DB_getItem($_TABLES['users'], 'username', "uid=" . intval($this->owner_id));
     }
     $filepath = self::getFilePath('orig', $this->filename, $this->mime_ext);
     $fs_bytes = @filesize($filepath);
     $fileSize = MG_getSize($fs_bytes);
     $direct_url = self::getFileUrl('disp', $this->filename, $this->mime_ext);
     $direct_path = self::getFilePath('disp', $this->filename, $this->mime_ext);
     if (!file_exists($direct_path)) {
         $direct_url = self::getFileUrl('disp', $this->filename, 'jpg');
     }
     $edit_item = '';
     if ($album->access == 3) {
         $edit_item = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=mediaedit&amp;s=1&amp;album_id=' . $this->album_id . '&amp;mid=' . $this->id . '">' . $LANG_MG01['edit'] . '</a>';
     }
     // build the small rating bar
     $rating_box = '';
     if ($album->enable_rating > 0) {
         require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-rating.php';
         $starSize = $_MG_CONF['use_large_stars'] == 1 ? '' : 'sm';
         $rating_box = MG_getRatingBar($album->enable_rating, $this->owner_id, $this->id, $this->votes, $this->rating, $starSize);
     }
     $hrefdirect = '';
     if ($this->type == 0) {
         // standard image
         if ($this->remote == 1) {
             $hrefdirect = $this->remote_url;
         } else {
             $hrefdirect = $direct_url;
         }
     }
     $caption = PLG_replaceTags(str_replace('$', '&#36;', $this->title));
     if ($searchmode == 1) {
         $templatePath = MG_getTemplatePath_byName($_MG_CONF['search_album_skin']);
     } else {
         $templatePath = MG_getTemplatePath($this->album_id);
     }
     $L = COM_newTemplate($templatePath);
     $L->set_file('media_link', 'medialink.thtml');
     $L->set_var(array('hrefdirect' => $hrefdirect, 'href' => $url_media_item, 'caption' => $caption, 'id' => 'id' . rand()));
     $media_start_link = $L->finish($L->parse('media_link_start', 'media_link'));
     if ($searchmode == 1) {
         $skin = $_MG_CONF['search_frame_skin'];
         $info = array('media_type' => $this->type, 'mime_type' => $this->mime_type, 'media_filename' => $this->filename, 'media_mime_ext' => $this->mime_ext, 'remote_media' => $this->remote_url, 'media_tn_attached' => $this->tn_attached);
         list($media_thumbnail, $media_thumbnail_file, $media_size) = self::getThumbInfo($info, $tn_size);
     } else {
         $skin = $album->image_skin;
         $media_thumbnail = $this->media_thumbnail;
     }
     $media_item_thumbnail = MG_getFramedImage($skin, $this->title, $url_media_item, $media_thumbnail, $newwidth, $newheight, $media_start_link);
     if ($mode == 1) {
         return $media_item_thumbnail;
     }
     $edit_link = '';
     if (($type == 1 || $type == 2 || $type == 5) && ($album->playback_type == 0 || $album->playback_type == 1) && $_MG_CONF['popup_from_album'] == 1) {
         // check to see if comments and rating are enabled, if not, put a link to edit...
         if ($album->access == 3) {
             $edit_link = '<br' . XHTML . '><a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=mediaedit&amp;s=1&amp;album_id=' . $this->album_id . '&amp;mid=' . $this->id . '">' . $LANG_MG01['edit'] . '</a>';
         }
     }
     if ($_MG_CONF['use_upload_time'] == 1) {
         $media_time = MG_getUserDateTimeFormat($this->upload_time);
     } else {
         $media_time = MG_getUserDateTimeFormat($this->time);
     }
     $media_title = !empty($this->title) ? PLG_replaceTags($this->title) : '';
     $T = COM_newTemplate($templatePath);
     $T->set_file(array('media_cell_image' => 'album_page_media_cell.thtml', 'mp3_podcast' => 'mp3_podcast.thtml'));
     if ($this->mime_type == 'audio/mpeg' && $album->mp3ribbon) {
         $T->set_var(array('mp3_file' => self::getFileUrl('orig', $this->filename, $this->mime_ext), 'site_url' => $_MG_CONF['site_url'], 'id' => $this->mime_ext . rand()));
         $T->parse('mp3_podcast', 'mp3_podcast');
     } else {
         $T->set_var('mp3_podcast', '');
     }
     $T->set_var(array('edit_link' => $edit_link, 'play_now' => '', 'download_now' => $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id, 'play_in_popup' => self::getHref_showvideo($this->id, $resolution_y, $resolution_x), 'row_height' => $tn_height, 'media_title' => $media_title, 'media_description' => PLG_replaceTags(nl2br($this->description)), 'media_tag' => strip_tags($this->title), 'media_time' => $media_time[0], 'media_owner' => $username, 'media_item_thumbnail' => $media_item_thumbnail, 'site_url' => $_MG_CONF['site_url'], 'lang_published' => $LANG_MG03['published'], 'lang_on' => $LANG_MG03['on'], 'lang_hyphen' => $this->album == '' ? '' : '-', 'media_link_start' => $media_start_link, 'media_link_end' => '</a>', 'artist' => $this->artist, 'musicalbum' => $this->album != '' ? $this->album : '', 'genre' => $this->genre != '' ? $this->genre : '', 'alt_edit_link' => $edit_item, 'filesize' => $fileSize, 'media_id' => $this->id, 'rating_box' => $rating_box));
     if ($album->enable_keywords) {
         if (!empty($this->keywords)) {
             $kwText = '';
             $keyWords = array();
             $keyWords = explode(' ', $this->keywords);
             $numKeyWords = count($keyWords);
             for ($i = 0; $i < $numKeyWords; $i++) {
                 $keyWords[$i] = str_replace('"', ' ', $keyWords[$i]);
                 $searchKeyword = $keyWords[$i];
                 $keyWords[$i] = str_replace('_', ' ', $keyWords[$i]);
                 $kwText .= '<a href="' . $_MG_CONF['site_url'] . '/search.php?mode=search&amp;swhere=1&amp;keywords=' . $searchKeyword . '&amp;keyType=any">' . $keyWords[$i] . '</a>';
             }
             $T->set_var(array('enable_keywords' => 1, 'media_keywords' => $kwText, 'lang_keywords' => $LANG_MG01['keywords']));
         } else {
             $T->set_var('lang_keywords', '');
         }
     } else {
         $T->set_var(array('enable_keywords' => '', 'lang_keywords' => ''));
     }
     if ($album->enable_comments) {
         $link = '<a href="' . $_MG_CONF['site_url'] . '/media.php?f=0' . '&amp;sort=' . $sortOrder . '&amp;s=' . $this->id . '">' . $LANG_MG03['comments'] . '</a>';
         $cmtLink = $LANG_MG03['comments'];
         $cmtLink_alt = $link;
         if ($type == 4 || $type == 1 && $album->playback_type != 2 || $type == 2 && $album->playback_type != 2 || $type == 5 && $album->playback_type != 2) {
             $cmtLink = $link;
             $cmtLink_alt = '';
         }
         $T->set_var(array('media_comments_count' => $this->comments, 'lang_comments' => $cmtLink, 'lang_comments_hot' => $cmtLink_alt));
         $T->set_var('media_comments', $album->enable_comments);
     }
     if ($album->enable_views) {
         $T->set_var(array('media_views_count' => $this->views, 'lang_views' => $LANG_MG03['views']));
         $T->set_var('media_views', $album->enable_views);
     }
     PLG_templateSetVars('mediagallery', $T);
     return $T->finish($T->parse('media_cell', 'media_cell_image'));
 }
Beispiel #17
0
/**
* Displays the static page form
*
* @param    array   $A      Data to display
* @param    string  $error  Error message to display
*
*/
function PAGE_form($A, $error = false)
{
    global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $action, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24, $LANG_postmodes, $MESSAGE;
    USES_lib_admin();
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/staticpages/index.php', 'text' => $LANG_STATIC['page_list']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $template_path = staticpages_templatePath('admin');
    if (!empty($sp_id) && ($action == 'edit' || $action == 'clone')) {
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['staticpages Admin'])) {
            $A['group_id'] = $_GROUPS['staticpages Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('staticpages.edit');
        }
        SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']);
        $access = 3;
    }
    $retval = '';
    if (empty($A['owner_id'])) {
        $error = COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header'));
        $error .= $LANG_STATIC['deny_msg'];
        $error .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
    }
    if ($error) {
        $retval .= $error . '<br/><br/>';
    } else {
        $sp_template = new Template($template_path);
        $sp_template->set_file('form', 'editor.thtml');
        $sp_template->set_var('lang_mode', $LANG24[3]);
        $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode']));
        $ownername = COM_getDisplayName($A['owner_id']);
        $sp_template->set_var(array('sp_search_checked' => $A['sp_search'] == 1 ? ' checked="checked"' : '', 'sp_status_checked' => $A['sp_status'] == 1 ? ' checked="checked"' : '', 'lang_accessrights' => $LANG_ACCESS['accessrights'], 'lang_owner' => $LANG_ACCESS['owner'], 'owner_username' => DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"), 'owner_name' => $ownername, 'owner' => $ownername, 'owner_id' => $A['owner_id'], 'lang_group' => $LANG_ACCESS['group'], 'group_dropdown' => SEC_getGroupDropdown($A['group_id'], $access), 'permissions_editor' => SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']), 'lang_permissions' => $LANG_ACCESS['permissions'], 'lang_perm_key' => $LANG_ACCESS['permissionskey'], 'permissions_msg' => $LANG_ACCESS['permmsg'], 'start_block_editor' => COM_startBlock($LANG_STATIC['staticpages'] . ' :: ' . $LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header')), 'lang_save' => $LANG_ADMIN['save'], 'lang_cancel' => $LANG_ADMIN['cancel'], 'lang_preview' => $LANG_ADMIN['preview'], 'lang_editor' => $LANG_STATIC['staticpageeditor'], 'lang_attributes' => $LANG_STATIC['attributes']));
        if (SEC_hasRights('staticpages.delete') && $action != 'clone' && !empty($A['sp_old_id'])) {
            $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s/>';
            $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
            $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
            $sp_template->set_var('delete_button', true);
            $sp_template->set_var('lang_delete_confirm', $MESSAGE[76]);
            $sp_template->set_var('lang_delete', $LANG_ADMIN['delete']);
            $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        } else {
            $sp_template->set_var('delete_option', '');
        }
        $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']);
        $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['sp_uid']}"));
        $authorname = COM_getDisplayName($A['sp_uid']);
        $sp_template->set_var('name', $authorname);
        $sp_template->set_var('author', $authorname);
        $sp_template->set_var('lang_url', $LANG_STATIC['url']);
        $sp_template->set_var('lang_id', $LANG_STATIC['id']);
        $sp_template->set_var('sp_uid', $A['sp_uid']);
        $sp_template->set_var('sp_id', $A['sp_id']);
        $sp_template->set_var('sp_old_id', $A['sp_old_id']);
        $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $A['sp_id']));
        $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']);
        $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']);
        $sp_template->set_var('lang_centerblock_include', $LANG21[51]);
        $sp_template->set_var('lang_centerblock_desc', $LANG21[52]);
        $sp_template->set_var('centerblock_help', $A['sp_help']);
        $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']);
        if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) {
            $sp_template->set_var('centerblock_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('centerblock_checked', '');
        }
        $sp_template->set_var('lang_topic', $LANG_STATIC['topic']);
        $sp_template->set_var('lang_position', $LANG_STATIC['position']);
        $current_topic = '';
        if (isset($A['sp_tid'])) {
            $current_topic = $A['sp_tid'];
        }
        if (empty($current_topic)) {
            $current_topic = 'none';
        }
        $topics = COM_topicList('tid,topic', $current_topic, 1, true);
        $alltopics = '<option value="all"';
        if ($current_topic == 'all') {
            $alltopics .= ' selected="selected"';
        }
        $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB;
        $allnhp = '<option value="allnhp"';
        if ($current_topic == 'allnhp') {
            $allnhp .= ' selected="selected"';
        }
        $allnhp .= '>' . $LANG_STATIC['allnhp_topics'] . '</option>' . LB;
        $notopic = '<option value="none"';
        if ($current_topic == 'none') {
            $notopic .= ' selected="selected"';
        }
        $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB;
        $sp_template->set_var('topic_selection', '<select name="sp_tid">' . $alltopics . $allnhp . $notopic . $topics . '</select>');
        $position = '<select name="sp_where">';
        $position .= '<option value="1"';
        if ($A['sp_where'] == 1) {
            $position .= ' selected="selected"';
        }
        $position .= '>' . $LANG_STATIC['position_top'] . '</option>';
        $position .= '<option value="2"';
        if ($A['sp_where'] == 2) {
            $position .= ' selected="selected"';
        }
        $position .= '>' . $LANG_STATIC['position_feat'] . '</option>';
        $position .= '<option value="3"';
        if ($A['sp_where'] == 3) {
            $position .= ' selected="selected"';
        }
        $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>';
        $position .= '<option value="0"';
        if ($A['sp_where'] == 0) {
            $position .= ' selected="selected"';
        }
        $position .= '>' . $LANG_STATIC['position_entire'] . '</option>';
        $position .= '<option value="4"';
        if ($A['sp_where'] == 4) {
            $position .= ' selected="selected"';
        }
        $position .= '>' . $LANG_STATIC['position_nonews'] . '</option>';
        $position .= '</select>';
        $sp_template->set_var('pos_selection', $position);
        if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) {
            if (!isset($A['sp_php'])) {
                $A['sp_php'] = 0;
            }
            $selection = '<select name="sp_php">' . LB;
            $selection .= '<option value="0"';
            if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) {
                $selection .= ' selected="selected"';
            }
            $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB;
            $selection .= '<option value="1"';
            if ($A['sp_php'] == 1) {
                $selection .= ' selected="selected"';
            }
            $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB;
            $selection .= '<option value="2"';
            if ($A['sp_php'] == 2) {
                $selection .= ' selected="selected"';
            }
            $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB;
            $selection .= '</select>';
            $sp_template->set_var('php_selector', $selection);
            $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']);
        } else {
            $sp_template->set_var('php_selector', '');
            $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']);
        }
        $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']);
        // old variables (for the 1.3-type checkbox)
        $sp_template->set_var('php_checked', '');
        $sp_template->set_var('php_type', 'hidden');
        if (isset($A['sp_nf']) && $A['sp_nf'] == 1) {
            $sp_template->set_var('exit_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('exit_checked', '');
        }
        $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']);
        $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']);
        if (isset($A['sp_inblock']) && $A['sp_inblock'] == 1) {
            $sp_template->set_var('inblock_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('inblock_checked', '');
        }
        $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']);
        $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']);
        $curtime = COM_getUserDateTimeFormat($A['unixdate']);
        $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']);
        $sp_template->set_var('sp_formateddate', $curtime[0]);
        $sp_template->set_var('sp_date', $curtime[1]);
        $sp_template->set_var('lang_title', $LANG_STATIC['title']);
        $title = '';
        if (isset($A['sp_title'])) {
            $title = htmlspecialchars($A['sp_title']);
        }
        $sp_template->set_var('sp_title', $title);
        $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);
        if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) {
            $sp_template->set_var('onmenu_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('onmenu_checked', '');
        }
        $sp_template->set_var('lang_label', $LANG_STATIC['label']);
        if (isset($A['sp_label'])) {
            $sp_template->set_var('sp_label', $A['sp_label']);
        } else {
            $sp_template->set_var('sp_label', '');
        }
        $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);
        $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);
        $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);
        $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);
        $sp_template->set_var('lang_rightblocks', $LANG_STATIC['rightblocks']);
        $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);
        if (!isset($A['sp_format'])) {
            $A['sp_format'] = '';
        }
        if ($A['sp_format'] == 'noblocks') {
            $sp_template->set_var('noblock_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('noblock_selected', '');
        }
        if ($A['sp_format'] == 'leftblocks') {
            $sp_template->set_var('leftblocks_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('leftblocks_selected', '');
        }
        if ($A['sp_format'] == 'rightblocks') {
            $sp_template->set_var('rightblocks_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('rightblocks_selected', '');
        }
        if ($A['sp_format'] == 'blankpage') {
            $sp_template->set_var('blankpage_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('blankpage_selected', '');
        }
        if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) {
            $sp_template->set_var('allblocks_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('allblocks_selected', '');
        }
        $sp_template->set_var('lang_content', $LANG_STATIC['content']);
        $content = '';
        if (isset($A['sp_content'])) {
            $content = htmlspecialchars($A['sp_content']);
        }
        $sp_template->set_var('sp_content', $content);
        if ($_SP_CONF['filter_html'] == 1) {
            $sp_template->set_var('lang_allowedhtml', COM_allowedHTML(SEC_getUserPermissions(), false, 'staticpages', 'page'));
        } else {
            $sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']);
        }
        $sp_template->set_var('lang_hits', $LANG_STATIC['hits']);
        if (empty($A['sp_hits'])) {
            $sp_template->set_var('sp_hits', '0');
            $sp_template->set_var('sp_hits_formatted', '0');
        } else {
            $sp_template->set_var('sp_hits', $A['sp_hits']);
            $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits']));
        }
        $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
        $sp_template->set_var('owner_dropdown', COM_buildOwnerList('owner_id', $A['owner_id']));
        $sp_template->set_var('writtenby_dropdown', COM_buildOwnerList('sp_uid', $A['sp_uid']));
        $sp_template->set_var('gltoken_name', CSRF_TOKEN);
        $sp_template->set_var('gltoken', SEC_createToken());
        $sp_template->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG_STATIC['instructions_edit'], plugin_geticon_staticpages()));
        PLG_templateSetVars('sp_editor', $sp_template);
        $retval .= $sp_template->parse('output', 'form');
    }
    return $retval;
}
Beispiel #18
0
/**
* Returns the site footer
*
* This loads the proper templates, does variable substitution and returns the
* HTML for the site footer.
*
* @param   boolean     $rightblock     Whether or not to show blocks on right hand side default is no
* @param   array       $custom         An array defining custom function to be used to format Rightblocks
* @see function COM_siteHeader
* @return   string  Formated HTML containing site footer and optionally right blocks
*
*/
function COM_siteFooter($rightblock = -1, $custom = '')
{
    global $_CONF, $_TABLES, $LANG01, $_PAGE_TIMER, $topic, $LANG_BUTTONS;
    // If the theme implemented this for us then call their version instead.
    $function = $_CONF['theme'] . '_siteFooter';
    if (function_exists($function)) {
        return $function($rightblock, $custom);
    }
    COM_hit();
    // Set template directory
    $footer = new Template($_CONF['path_layout']);
    // Set template file
    $footer->set_file(array('footer' => 'footer.thtml', 'rightblocks' => 'rightblocks.thtml', 'leftblocks' => 'leftblocks.thtml'));
    // Do variable assignments
    $footer->set_var('xhtml', XHTML);
    $footer->set_var('site_url', $_CONF['site_url']);
    $footer->set_var('site_admin_url', $_CONF['site_admin_url']);
    $footer->set_var('layout_url', $_CONF['layout_url']);
    $footer->set_var('site_mail', "mailto:{$_CONF['site_mail']}");
    $footer->set_var('site_name', $_CONF['site_name']);
    $footer->set_var('site_slogan', $_CONF['site_slogan']);
    $rdf = substr_replace($_CONF['rdf_file'], $_CONF['site_url'], 0, strlen($_CONF['path_html']) - 1);
    $footer->set_var('rdf_file', $rdf);
    $footer->set_var('rss_url', $rdf);
    $year = date('Y');
    $copyrightyear = $year;
    if (!empty($_CONF['copyrightyear'])) {
        $copyrightyear = $_CONF['copyrightyear'];
    }
    $footer->set_var('copyright_notice', '&nbsp;' . $LANG01[93] . ' &copy; ' . $copyrightyear . ' ' . $_CONF['site_name'] . '<br' . XHTML . '>&nbsp;' . $LANG01[94]);
    $footer->set_var('copyright_msg', $LANG01[93] . ' &copy; ' . $copyrightyear . ' ' . $_CONF['site_name']);
    $footer->set_var('current_year', $year);
    $footer->set_var('lang_copyright', $LANG01[93]);
    $footer->set_var('trademark_msg', $LANG01[94]);
    $footer->set_var('powered_by', $LANG01[95]);
    $footer->set_var('geeklog_url', 'http://www.geeklog.net/');
    $footer->set_var('geeklog_version', VERSION);
    // Now add variables for buttons like e.g. those used by the Yahoo theme
    $footer->set_var('button_home', $LANG_BUTTONS[1]);
    $footer->set_var('button_contact', $LANG_BUTTONS[2]);
    $footer->set_var('button_contribute', $LANG_BUTTONS[3]);
    $footer->set_var('button_sitestats', $LANG_BUTTONS[7]);
    $footer->set_var('button_personalize', $LANG_BUTTONS[8]);
    $footer->set_var('button_search', $LANG_BUTTONS[9]);
    $footer->set_var('button_advsearch', $LANG_BUTTONS[10]);
    $footer->set_var('button_directory', $LANG_BUTTONS[11]);
    /* Right blocks. Argh. Don't talk to me about right blocks...
     * Right blocks will be displayed if Right_blocks_in_footer is set [1],
     * AND (this function has been asked to show them (first param) OR the
     * show_right_blocks conf variable has been set to override what the code
     * wants to do.
     *
     * If $custom sets an array (containing functionname and first argument)
     * then this is used instead of the default (COM_showBlocks) to render
     * the right blocks (and left).
     *
     * [1] - if it isn't, they'll be in the header already.
     *
     */
    $displayRightBlocks = true;
    if ($_CONF['right_blocks_in_footer'] == 1) {
        if ($rightblock < 0 || !$rightblock) {
            if (isset($_CONF['show_right_blocks'])) {
                $displayRightBlocks = $_CONF['show_right_blocks'];
            } else {
                $displayRightBlocks = false;
            }
        } else {
            $displayRightBlocks = true;
        }
    } else {
        $displayRightBlocks = false;
    }
    if ($displayRightBlocks) {
        /* Check if an array has been passed that includes the name of a plugin
         * function or custom function.
         * This can be used to take control over what blocks are then displayed
         */
        if (is_array($custom)) {
            $function = $custom['0'];
            if (function_exists($function)) {
                $rblocks = $function($custom['1'], 'right');
            } else {
                $rblocks = COM_showBlocks('right', $topic);
            }
        } else {
            $rblocks = COM_showBlocks('right', $topic);
        }
        if (empty($rblocks)) {
            $footer->set_var('geeklog_blocks', '');
            $footer->set_var('right_blocks', '');
        } else {
            $footer->set_var('geeklog_blocks', $rblocks);
            $footer->parse('right_blocks', 'rightblocks', true);
            $footer->set_var('geeklog_blocks', '');
        }
    } else {
        $footer->set_var('geeklog_blocks', '');
        $footer->set_var('right_blocks', '');
    }
    if ($_CONF['left_blocks_in_footer'] == 1) {
        $lblocks = '';
        /* Check if an array has been passed that includes the name of a plugin
         * function or custom function
         * This can be used to take control over what blocks are then displayed
         */
        if (is_array($custom)) {
            $function = $custom[0];
            if (function_exists($function)) {
                $lblocks = $function($custom[1], 'left');
            }
        } else {
            $lblocks = COM_showBlocks('left', $topic);
        }
        if (empty($lblocks)) {
            $footer->set_var('left_blocks', '');
            $footer->set_var('geeklog_blocks', '');
        } else {
            $footer->set_var('geeklog_blocks', $lblocks);
            $footer->parse('left_blocks', 'leftblocks', true);
            $footer->set_var('geeklog_blocks', '');
        }
    }
    // Global centerspan variable set in index.php
    if (isset($GLOBALS['centerspan'])) {
        $footer->set_var('centerblockfooter-span', '</td></tr></table>');
    }
    $exectime = $_PAGE_TIMER->stopTimer();
    $exectext = $LANG01[91] . ' ' . $exectime . ' ' . $LANG01[92];
    $footer->set_var('execution_time', $exectime);
    $footer->set_var('execution_textandtime', $exectext);
    // Call to plugins to set template variables in the footer
    PLG_templateSetVars('footer', $footer);
    // Actually parse the template and make variable substitutions
    $footer->parse('index_footer', 'footer');
    // Return resulting HTML
    return $footer->finish($footer->get_var('index_footer'));
}
Beispiel #19
0
function nexdoc_formatHeader($cid = 0, $reportmode = '')
{
    global $_CONF;
    $tpl = new Template($_CONF['path_layout'] . 'nexfile');
    if ($reportmode == 'incoming') {
        $tpl->set_file('header', 'incoming_header.thtml');
    } else {
        $tpl->set_file('header', 'filelisting_header.thtml');
    }
    if ($cid > 0) {
        $tpl->set_var('showfolder', 'none');
    } else {
        $tpl->set_var('showfolderexpandlink', 'none');
    }
    if ($reportmode == 'approvals') {
        $tpl->set_var('LANG_actionheading', 'Submitter');
    } else {
        $tpl->set_var('LANG_actionheading', 'Actions');
    }
    if ($reportmode == 'incoming' and SEC_hasRights('nexfile.edit')) {
        $tpl->set_var('show_ownername', '');
    } else {
        $tpl->set_var('show_ownername', 'none');
    }
    $tpl->set_var('LANG_dateheading', 'Modified');
    PLG_templateSetVars('nexfile_listingheader', $tpl);
    $tpl->parse('output', 'header');
    return $tpl->finish($tpl->get_var('output'));
}
Beispiel #20
0
 /**
  *   Creates the product edit form.
  *
  *   Creates the form for editing a product.  If a product ID is supplied,
  *   then that product is read and becomes the current product.  If not,
  *   then the current product is edited.  If an empty product was created,
  *   then a new product is created here.
  *
  *   @uses   PAYPAL_getDocUrl()
  *   @uses   PAYPAL_errorMessage()
  *   @uses   PAYPAL_recurseCats()
  *   @param  integer $id     Optional ID, current record used if zero
  *   @return string          HTML for edit form
  */
 public function showForm($id = 0)
 {
     global $_TABLES, $_CONF, $_PP_CONF, $LANG_PP, $LANG24, $LANG_postmodes, $_SYSTEM;
     $id = (int) $id;
     if ($id > 0) {
         // If an id is passed in, then read that record
         if (!$this->Read($id)) {
             return PAYPAL_errorMessage($LANG_PP['invalid_product_id'], 'info');
         }
     }
     $id = $this->id;
     $T = new Template(PAYPAL_PI_PATH . '/templates');
     if ($_SYSTEM['framework'] == 'uikit') {
         $T->set_file('product', 'product_form.uikit.thtml');
     } else {
         $T->set_file('product', 'product_form.thtml');
     }
     // Set up the wysiwyg editor, if available
     switch (PLG_getEditorType()) {
         case 'ckeditor':
             $T->set_var('show_htmleditor', true);
             PLG_requestEditor('paypal', 'paypal_entry', 'ckeditor_paypal.thtml');
             PLG_templateSetVars('paypal_entry', $T);
             break;
         case 'tinymce':
             $T->set_var('show_htmleditor', true);
             PLG_requestEditor('paypal', 'paypal_entry', 'tinymce_paypal.thtml');
             PLG_templateSetVars('paypal_entry', $T);
             break;
         default:
             // don't support others right now
             $T->set_var('show_htmleditor', false);
             break;
     }
     // Add the current product ID to the form if it's an existing product.
     if ($id > 0) {
         $T->set_var('id', '<input type="hidden" name="id" value="' . $this->id . '" />');
         $retval = COM_startBlock($LANG_PP['edit'] . ': ' . $this->name);
     } else {
         $T->set_var('id', '');
         $retval = COM_startBlock($LANG_PP['new_product']);
     }
     $T->set_var(array('post_options' => $post_options, 'name' => htmlspecialchars($this->name, ENT_QUOTES, COM_getEncodingt()), 'category' => $this->cat_id, 'short_description' => htmlspecialchars($this->short_description, ENT_QUOTES, COM_getEncodingt()), 'description' => htmlspecialchars($this->description, ENT_QUOTES, COM_getEncodingt()), 'price' => sprintf('%.2f', $this->price), 'file' => htmlspecialchars($this->file, ENT_QUOTES, COM_getEncodingt()), 'expiration' => $this->expiration, 'pi_admin_url' => PAYPAL_ADMIN_URL, 'file_selection' => $this->FileSelector(), 'keywords' => htmlspecialchars($this->keywords, ENT_QUOTES, COM_getEncodingt()), 'cat_select' => PAYPAL_recurseCats('PAYPAL_callbackCatOptionList', $this->cat_id), 'currency' => $_PP_CONF['currency'], 'pi_url' => PAYPAL_URL, 'doc_url' => PAYPAL_getDocURL('product_form', $_CONF['language']), 'prod_type' => $this->prod_type, 'weight' => $this->weight, 'feat_chk' => $this->featured == 1 ? 'checked="checked"' : '', 'ena_chk' => $this->enabled == 1 ? 'checked="checked"' : '', 'tax_chk' => $this->taxable == 1 ? 'checked="checked"' : '', 'show_random_chk' => $this->show_random == 1 ? 'checked="checked"' : '', 'show_popular_chk' => $this->show_popular == 1 ? 'checked="checked"' : '', 'ship_sel_' . $this->shipping_type => 'selected="selected"', 'shipping_type' => $this->shipping_type, 'track_onhand' => $this->track_onhand, 'shipping_amt' => sprintf('%.2f', $this->shipping_amt), 'sel_comment_' . $this->comments_enabled => 'selected="selected"', 'rating_chk' => $this->rating_enabled == 1 ? 'checked="checked"' : '', 'trk_onhand_chk' => $this->track_onhand == 1 ? 'checked="checked"' : '', 'onhand' => $this->onhand, "oversell_sel{$this->oversell}" => 'selected="selected"', 'custom' => $this->custom, 'sale_price' => sprintf('%.2f', $this->sale_price), 'sale_beg' => $this->_InputDtFormat($this->sale_beg), 'sale_end' => $this->_InputDtFormat($this->sale_end), 'avail_beg' => $this->avail_beg, 'avail_end' => $this->avail_end));
     // Create the button type selections. New products get the default
     // button selected, existing products get the saved button selected
     // or "none" if there is no button.
     $T->set_block('product', 'BtnRow', 'BRow');
     $have_chk = false;
     foreach ($_PP_CONF['buttons'] as $key => $checked) {
         if ($key == $this->btn_type || $this->isNew && $checked) {
             $btn_chk = 'checked="checked"';
             $have_chk = true;
         } else {
             $btn_chk = '';
         }
         $T->set_var(array('btn_type' => $key, 'btn_chk' => $key == $this->btn_type || $this->isNew && $checked ? 'checked="checked"' : '', 'btn_name' => $LANG_PP['buttons'][$key]));
         $T->parse('BRow', 'BtnRow', true);
     }
     // Set the "none" selection if nothing was already selected
     $T->set_var('none_chk', $have_chk ? '' : 'checked="checked"');
     $T->set_block('product', 'ProdTypeRadio', 'ProdType');
     foreach ($LANG_PP['prod_types'] as $value => $text) {
         $T->set_var(array('type_val' => $value, 'type_txt' => $text, 'type_sel' => $this->prod_type == $value ? 'checked="checked"' : ''));
         $T->parse('ProdType', 'ProdTypeRadio', true);
     }
     /*$T->set_block('options', 'OptionRow', 'OptRow');
       for ($i = 0; $i < 7; $i++) {
           $T->set_var(array(
               'var'         => $i,
               'option_num'  => $i + 1,
               'on0_name' => $this->properties['options']['on0']['name'],
               'on0_string' => $this->properties['options']['on0'][$i]['string'],
               'on0_value' => $this->properties['options']['on0'][$i]['value'],
               'on1_name' => $this->properties['options']['on1']['name'],
               'on1_string' => $this->properties['options']['on1'][$i]['string'],
               'on1_value' => $this->properties['options']['on1'][$i]['value'],
           ) );
           $T->parse('OptRow', 'OptionRow', true);
       }*/
     if (!$this->isUsed()) {
         $T->set_var('candelete', 'true');
     }
     // Set up the photo fields.  Use $photocount defined above.
     // If there are photos, read the $photo result.  Otherwise,
     // or if this is a new ad, just clear the photo area
     $T->set_block('product', 'PhotoRow', 'PRow');
     $i = 0;
     // Get the existing photos.  Will only have photos with an
     // existing product entry.
     $photocount = 0;
     if ($this->id != NULL) {
         $sql = "SELECT img_id, filename \n                FROM {$_TABLES['paypal.images']} \n                WHERE product_id='" . $this->id . "'";
         $photo = DB_query($sql);
         // save the count of photos for later use
         if ($photo) {
             $photocount = DB_numRows($photo);
         }
         // While we're checking the ID, set it as a hidden value
         // for updating this record
         $T->set_var('product_id', $this->id);
     } else {
         $T->set_var('product_id', '');
     }
     // If there are any images, retrieve and display the thumbnails.
     if ($photocount > 0) {
         while ($prow = DB_fetchArray($photo)) {
             $i++;
             $T->set_var('img_url', PAYPAL_URL . "/images/products/{$prow['filename']}");
             $T->set_var('thumb_url', PAYPAL_ImageUrl($prow['filename']));
             $T->set_var('seq_no', $i);
             $T->set_var('del_img_url', PAYPAL_ADMIN_URL . '/index.php' . '?delete_img=x' . '&img_id=' . $prow['img_id'] . '&id=' . $this->id);
             $T->parse('PRow', 'PhotoRow', true);
         }
     } else {
         $T->parse('PRow', '');
     }
     // add upload fields for unused images
     $T->set_block('product', 'UploadFld', 'UFLD');
     for ($j = $i; $j < $_PP_CONF['max_images']; $j++) {
         $T->parse('UFLD', 'UploadFld', true);
     }
     $i = 0;
     foreach ($this->qty_discounts as $qty => $amt) {
         $T->set_var(array('disc_qty' . $i => $qty, 'disc_amt' . $i => $amt));
         $i++;
     }
     /*$sql = "SELECT cat_id, cat_name
               FROM {$_TABLES['paypal.categories']}
               WHERE enabled=1 AND parent_id=0";
       $res = DB_query($sql);*/
     /*$str = '';
       while ($A = DB_fetchArray($res, false)) {
           $str .= "<div><b>{$A['cat_name']}</b><br/>
                   <ul>" . 
                   PAYPAL_recurseCats('prodform_catoption', 0, $A['cat_id'],
                     '', '', '',
                     0, 0, array('<ol>', '</ol>')) .
                   "</ul></div>";
       }
       $T->set_var('catselect', $str);*/
     $retval .= $T->parse('output', 'product');
     /*@setcookie($_CONF['cookie_name'].'fckeditor', 
               SEC_createTokenGeneral('advancededitor'),
               time() + 1200, $_CONF['cookie_path'],
               $_CONF['cookiedomain'], $_CONF['cookiesecure']);
       */
     $retval .= COM_endBlock();
     return $retval;
 }
Beispiel #21
0
            $pagelinks[$curid] = $title;
        }
        $links = array_reverse($pagelinks, true);
        $breadcrumbs = '';
        $i = 1;
        foreach ($links as $pageid => $pagename) {
            if ($i > 1) {
                $pageview->set_var('separator', $CONF_SE['breadcrumb_separator']);
            } else {
                $pageview->set_var('separator', '');
            }
            $pageview->set_var('public_url', $CONF_SE['public_url']);
            $pageview->set_var('pageid', $pageid);
            $pageview->set_var('pagename', $pagename);
            $pageview->parse('breadcrumb_links', 'breadcrumb_link', true);
            $i++;
        }
    }
    $pageview->parse('breadcrumbs', 'breadcrumbs');
    PLG_templateSetVars('nexcontent', $pageview);
    $pageview->set_var('siteheader', $siteheader);
    $pageview->set_var('heading', $heading);
    $pageview->set_var('pagetitle', $pagetitle);
    $pageview->set_var('content', nexcontent_formatPage($catid, $page, $content));
    $pageview->set_var('sitefooter', $sitefooter);
    $pageview->parse('output', 'pageview');
    echo $pageview->finish($pageview->get_var('output'));
} else {
    echo COM_refresh($_CONF['site_url'] . '/index.php?msg=1&plugin=nexcontent');
    exit;
}
Beispiel #22
0
/**
* Displays the comment form
*
* @param    string  $title      Title of comment
* @param    string  $comment    Text of comment
* @param    string  $sid        ID of object comment belongs to
* @param    int     $pid        ID of parent comment
* @param    string  $type       Type of object comment is posted to
* @param    string  $mode       Mode, e.g. 'preview'
* @param    string  $postmode   Indicates if comment is plain text or HTML
* @return   string  HTML for comment form
*
*/
function CMT_commentForm($title, $comment, $sid, $pid = '0', $type, $mode, $postmode)
{
    global $_CONF, $_TABLES, $_USER, $LANG03, $LANG12, $LANG_LOGIN, $LANG_ACCESS;
    $retval = '';
    // never trust $uid ...
    if (empty($_USER['uid'])) {
        $uid = 1;
    } else {
        $uid = $_USER['uid'];
    }
    $commentuid = $uid;
    $table = $_TABLES['comments'];
    if (($mode == 'edit' || $mode == $LANG03[28]) && isset($_REQUEST['cid'])) {
        $cid = COM_applyFilter($_REQUEST['cid']);
        $commentuid = DB_getItem($_TABLES['comments'], 'uid', "cid = '{$cid}'");
    } elseif ($mode == 'editsubmission' || $mode == $LANG03[34]) {
        $cid = COM_applyFilter($_REQUEST['cid']);
        $commentuid = DB_getItem($_TABLES['commentsubmissions'], 'uid', "cid = '{$cid}'");
        $table = $_TABLES['commentsubmissions'];
    }
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
        $retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
        $loginreq = new Template($_CONF['path_layout'] . 'submit');
        $loginreq->set_file('loginreq', 'submitloginrequired.thtml');
        $loginreq->set_var('xhtml', XHTML);
        $loginreq->set_var('login_message', $LANG_LOGIN[2]);
        $loginreq->set_var('site_url', $_CONF['site_url']);
        $loginreq->set_var('site_admin_url', $_CONF['site_admin_url']);
        $loginreq->set_var('lang_login', $LANG_LOGIN[3]);
        $loginreq->set_var('lang_newuser', $LANG_LOGIN[4]);
        $loginreq->parse('errormsg', 'loginreq');
        $retval .= $loginreq->finish($loginreq->get_var('errormsg'));
        $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        return $retval;
    } else {
        COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
        $last = 0;
        if ($mode != 'edit' && $mode != 'editsubmission' && $mode != $LANG03[28] && $mode != $LANG03[34]) {
            // not edit mode or preview changes
            $last = COM_checkSpeedlimit('comment');
        }
        if ($last > 0) {
            $retval .= COM_startBlock($LANG12[26], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG03[7] . $last . $LANG03[8] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        } else {
            if ($_CONF['advanced_editor'] == 1 && file_exists($_CONF['path_layout'] . 'comment/commentform_advanced.thtml')) {
                $postmode = 'html';
            } elseif (empty($postmode)) {
                $postmode = $_CONF['postmode'];
            }
            // Note:
            // $comment / $newcomment is what goes into the preview / is
            // actually stored in the database -> strip HTML
            // $commenttext is what the user entered and goes back into the
            // <textarea> -> don't strip HTML
            $commenttext = htmlspecialchars(COM_stripslashes($comment));
            // Replace $, {, and } with special HTML equivalents
            $commenttext = str_replace('$', '&#36;', $commenttext);
            $commenttext = str_replace('{', '&#123;', $commenttext);
            $commenttext = str_replace('}', '&#125;', $commenttext);
            $title = COM_checkWords(strip_tags(COM_stripslashes($title)));
            // $title = str_replace('$','&#36;',$title); done in CMT_getComment
            $_POST['title'] = $title;
            $newcomment = $comment;
            if ($mode == $LANG03[28]) {
                // for preview
                $newcomment = CMT_prepareText($comment, $postmode, $type, true, $cid);
            } elseif ($mode == $LANG03[34]) {
                $newcomment = CMT_prepareText($comment, $postmode, $type, true);
            } else {
                $newcomment = CMT_prepareText($comment, $postmode, $type);
            }
            $_POST['comment'] = $newcomment;
            // Preview mode:
            if (($mode == $LANG03[14] || $mode == $LANG03[28] || $mode == $LANG03[34]) && !empty($title) && !empty($comment)) {
                $start = new Template($_CONF['path_layout'] . 'comment');
                $start->set_file(array('comment' => 'startcomment.thtml'));
                $start->set_var('xhtml', XHTML);
                $start->set_var('site_url', $_CONF['site_url']);
                $start->set_var('site_admin_url', $_CONF['site_admin_url']);
                $start->set_var('layout_url', $_CONF['layout_url']);
                $start->set_var('hide_if_preview', 'style="display:none"');
                // Clean up all the vars
                $A = array();
                foreach ($_POST as $key => $value) {
                    if ($key == 'pid' || $key == 'cid') {
                        $A[$key] = COM_applyFilter($_POST[$key], true);
                    } else {
                        if ($key == 'title' || $key == 'comment') {
                            // these have already been filtered above
                            $A[$key] = $_POST[$key];
                        } else {
                            if ($key == 'username') {
                                $A[$key] = htmlspecialchars(COM_checkWords(strip_tags(COM_stripslashes($_POST[$key]))));
                            } else {
                                $A[$key] = COM_applyFilter($_POST[$key]);
                            }
                        }
                    }
                }
                // correct time and username for edit preview
                if ($mode == $LANG03[28] || $mode == $LANG03[34]) {
                    $A['nice_date'] = DB_getItem($table, 'UNIX_TIMESTAMP(date)', "cid = '{$cid}'");
                    if ($_USER['uid'] != $commentuid) {
                        $uresult = DB_query("SELECT username, fullname, email, photo FROM {$_TABLES['users']} WHERE uid = {$commentuid}");
                        $A = array_merge($A, DB_fetchArray($uresult));
                    }
                }
                if (empty($A['username'])) {
                    $A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}");
                }
                $thecomments = CMT_getComment($A, 'flat', $type, 'ASC', false, true);
                $start->set_var('comments', $thecomments);
                $retval .= COM_startBlock($LANG03[14]) . $start->finish($start->parse('output', 'comment')) . COM_endBlock();
            } else {
                if ($mode == $LANG03[14]) {
                    $retval .= COM_startBlock($LANG03[17], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG03[12] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
                    $mode = 'error';
                }
            }
            $comment_template = new Template($_CONF['path_layout'] . 'comment');
            if ($_CONF['advanced_editor'] == 1 && file_exists($_CONF['path_layout'] . 'comment/commentform_advanced.thtml')) {
                $comment_template->set_file('form', 'commentform_advanced.thtml');
            } else {
                $comment_template->set_file('form', 'commentform.thtml');
            }
            $comment_template->set_var('xhtml', XHTML);
            $comment_template->set_var('site_url', $_CONF['site_url']);
            $comment_template->set_var('site_admin_url', $_CONF['site_admin_url']);
            $comment_template->set_var('layout_url', $_CONF['layout_url']);
            $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
            if ($_CONF['show_fullname'] == 1) {
                $comment_template->set_var('lang_username', $LANG_ACCESS['name']);
            } else {
                $comment_template->set_var('lang_username', $LANG03[5]);
            }
            $comment_template->set_var('sid', $sid);
            $comment_template->set_var('pid', $pid);
            $comment_template->set_var('type', $type);
            $formurl = $_CONF['site_url'] . '/comment.php';
            if ($mode == 'edit' || $mode == $LANG03[28]) {
                //edit modes
                $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[32]));
                $comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . $cid . '"' . XHTML . '>');
            } else {
                if ($mode == 'editsubmission' || $mode == $LANG03[34]) {
                    $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[33]));
                    $comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . $cid . '"' . XHTML . '>');
                } else {
                    $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
                    $comment_template->set_var('cid', '');
                }
            }
            $comment_template->set_var('form_url', $formurl);
            if (COM_isAnonUser()) {
                // Anonymous user
                $comment_template->set_var('uid', 1);
                if (isset($A['username'])) {
                    $name = $A['username'];
                    // for preview
                } elseif (isset($_COOKIE[$_CONF['cookie_anon_name']])) {
                    // stored as cookie, name used before
                    $name = htmlspecialchars(COM_checkWords(strip_tags(COM_stripslashes($_COOKIE[$_CONF['cookie_anon_name']]))));
                } else {
                    $name = COM_getDisplayName(1);
                    // anonymous user
                }
                $usernameblock = '<input type="text" name="username" size="16" value="' . $name . '" maxlength="32"' . XHTML . '>';
                $comment_template->set_var('username', $usernameblock);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
            } else {
                if ($commentuid != $_USER['uid']) {
                    $uresult = DB_query("SELECT username, fullname FROM {$_TABLES['users']} WHERE uid = {$commentuid}");
                    list($username, $fullname) = DB_fetchArray($uresult);
                } else {
                    $username = $_USER['username'];
                    $fullname = $_USER['fullname'];
                }
                $comment_template->set_var('gltoken_name', CSRF_TOKEN);
                $comment_template->set_var('gltoken', SEC_createToken());
                $comment_template->set_var('uid', $commentuid);
                $name = COM_getDisplayName($commentuid, $username, $fullname);
                $comment_template->set_var('username', $name);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]);
            }
            if ($postmode == 'html') {
                $comment_template->set_var('show_texteditor', 'none');
                $comment_template->set_var('show_htmleditor', '');
            } else {
                $comment_template->set_var('show_texteditor', '');
                $comment_template->set_var('show_htmleditor', 'none');
            }
            $comment_template->set_var('lang_title', $LANG03[16]);
            $comment_template->set_var('title', htmlspecialchars($title));
            $comment_template->set_var('lang_comment', $LANG03[9]);
            $comment_template->set_var('comment', $commenttext);
            $comment_template->set_var('lang_postmode', $LANG03[2]);
            $comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
            $comment_template->set_var('allowed_html', COM_allowedHTML($type == 'article' ? 'story.edit' : "{$type}.edit"));
            $comment_template->set_var('lang_importantstuff', $LANG03[18]);
            $comment_template->set_var('lang_instr_line1', $LANG03[19]);
            $comment_template->set_var('lang_instr_line2', $LANG03[20]);
            $comment_template->set_var('lang_instr_line3', $LANG03[21]);
            $comment_template->set_var('lang_instr_line4', $LANG03[22]);
            $comment_template->set_var('lang_instr_line5', $LANG03[23]);
            if ($mode == 'edit' || $mode == $LANG03[28]) {
                //editing comment or preview changes
                $comment_template->set_var('lang_preview', $LANG03[28]);
            } elseif ($mode == 'editsubmission' || $mode == $LANG03[34]) {
                $comment_template->set_var('lang_preview', $LANG03[34]);
            } else {
                //new comment
                $comment_template->set_var('lang_preview', $LANG03[14]);
            }
            PLG_templateSetVars('comment', $comment_template);
            if ($mode == $LANG03[28] || $mode == 'edit' && $_CONF['skip_preview'] == 1) {
                // for editing
                $comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[29] . '"' . XHTML . '>');
            } elseif ($mode == $LANG03[34] || $mode == 'editsubmission' && $_CONF['skip_preview'] == 1) {
                // editing submission comment
                $comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[35] . '"' . XHTML . '>');
            } elseif ($_CONF['skip_preview'] == 1 || $mode == $LANG03[14]) {
                $comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[11] . '"' . XHTML . '>');
            }
            if ($_CONF['allow_reply_notifications'] == 1 && $uid != 1 && ($mode == '' || $mode == $LANG03[14] || $mode == 'error')) {
                $checked = '';
                if (isset($_POST['notify'])) {
                    $checked = ' checked="checked"';
                }
                $comment_template->set_var('notification', '<p><input type="checkbox"' . ' name="notify"' . $checked . '>' . $LANG03[36] . '</p>');
            }
            $comment_template->set_var('end_block', COM_endBlock());
            $comment_template->parse('output', 'form');
            $retval .= $comment_template->finish($comment_template->get_var('output'));
        }
    }
    return $retval;
}
Beispiel #23
0
/**
* Shows the story submission form
*
*/
function submitstory()
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG12, $LANG24, $_SCRIPTS;
    // Add JavaScript
    $_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
    $retval = '';
    $story = new Story();
    if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        // preview
        $story->loadSubmission();
        $retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
    } else {
        $story->initSubmission();
    }
    $storyform = COM_newTemplate($_CONF['path_layout'] . 'submit');
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        $storyform->set_file('storyform', 'submitstory_advanced.thtml');
        $storyform->set_var('change_editormode', 'onchange="change_editmode(this);"');
        $storyform->set_var('lang_expandhelp', $LANG24[67]);
        $storyform->set_var('lang_reducehelp', $LANG24[68]);
        $link_message = COM_isAnonUser() ? '' : $LANG01[138];
        $storyform->set_var('noscript', COM_getNoScript(false, '', $link_message));
        // Setup Advanced Editor
        COM_setupAdvancedEditor('/javascript/submitstory_adveditor.js');
        if ($story->EditElements('postmode') === 'html') {
            $storyform->set_var('show_texteditor', 'none');
            $storyform->set_var('show_htmleditor', '');
        } else {
            $storyform->set_var('show_texteditor', '');
            $storyform->set_var('show_htmleditor', 'none');
        }
    } else {
        $storyform->set_file('storyform', 'submitstory.thtml');
        if ($story->EditElements('postmode') === 'html') {
            $storyform->set_var('show_texteditor', 'none');
            $storyform->set_var('show_htmleditor', '');
        } else {
            $storyform->set_var('show_texteditor', '');
            $storyform->set_var('show_htmleditor', 'none');
        }
    }
    $storyform->set_var('lang_username', $LANG12[27]);
    if (!COM_isAnonUser()) {
        $storyform->set_var('story_username', $_USER['username']);
        $storyform->set_var('author', COM_getDisplayName());
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
        $storyform->set_var('lang_loginout', $LANG12[34]);
    } else {
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
        $storyform->set_var('lang_loginout', $LANG12[2]);
        if (!$_CONF['disable_new_user_registration']) {
            $storyform->set_var('separator', ' | ');
            $storyform->set_var('seperator', ' | ');
            $storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => 'nofollow')));
        }
    }
    $storyform->set_var('lang_title', $LANG12[10]);
    $storyform->set_var('story_title', $story->EditElements('title'));
    $storyform->set_var('lang_topic', $LANG12[28]);
    $tlist = TOPIC_getTopicSelectionControl('article', '', false, false, false);
    $storyform->set_var('topic_selection', $tlist);
    if (empty($tlist)) {
        $retval .= COM_showMessage(101);
        return $retval;
    }
    $storyform->set_var('story_topic_options', $tlist);
    $storyform->set_var('lang_story', $LANG12[29]);
    $storyform->set_var('lang_introtext', $LANG12[54]);
    $storyform->set_var('lang_bodytext', $LANG12[55]);
    $storyform->set_var('story_introtext', $story->EditElements('introtext'));
    $storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
    $storyform->set_var('lang_postmode', $LANG12[36]);
    $postmode = $story->EditElements('postmode');
    $storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
    $allowed_html = '';
    foreach (array('plaintext', 'html') as $pm) {
        $allowed_html .= COM_allowedHTML('story.edit', false, 1, $pm);
    }
    $allowed_html .= COM_allowedAutotags();
    $storyform->set_var('allowed_html', $allowed_html);
    $storyform->set_var('story_uid', $story->EditElements('uid'));
    $storyform->set_var('story_sid', $story->EditElements('sid'));
    $storyform->set_var('story_date', $story->EditElements('unixdate'));
    $storyform->set_var('lang_preview', $LANG12[32]);
    PLG_templateSetVars('story', $storyform);
    if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        $storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
    }
    $retval .= COM_startBlock($LANG12[6], 'submitstory.html');
    $storyform->parse('theform', 'storyform');
    $retval .= $storyform->finish($storyform->get_var('theform'));
    $retval .= COM_endBlock();
    return $retval;
}
Beispiel #24
0
/**
* Displays the contact form
*
* @param    int     $uid        User ID of article author
* @param    bool    $cc         Whether to send a copy of the message to the author
* @param    string  $subject    Subject of email
* @param    string  $message    Text of message to send
* @return   string              HTML for the contact form
*
*/
function CONTACT_contactform($uid, $cc = false, $subject = '', $message = '')
{
    global $_CONTACT_CONF, $_CONF, $_TABLES, $_USER, $LANG08, $LANG_CONTACT_1;
    $retval = '';
    if (COM_isAnonUser() && $_CONTACT_CONF['contactloginrequired'] == 1) {
        $retval .= SEC_loginRequiredForm();
    } else {
        $result = DB_query("SELECT emailfromadmin,emailfromuser FROM {$_TABLES['userprefs']} WHERE uid = '{$uid}'");
        $P = DB_fetchArray($result);
        if (SEC_inGroup('Root') || SEC_hasRights('user.mail')) {
            $isAdmin = true;
        } else {
            $isAdmin = false;
        }
        $displayname = COM_getDisplayName($uid);
        if ($P['emailfromadmin'] == 1 && $isAdmin || $P['emailfromuser'] == 1 && !$isAdmin) {
            if ($cc) {
                $cc = ' checked="checked"';
            }
            $retval = '';
            $mail_template = COM_newTemplate($_CONF['path'] . 'plugins/contact/templates');
            $mail_template->set_file('form', 'contactuserform.thtml');
            $mail_template->set_var('contact_form', $LANG_CONTACT_1['contact_form']);
            $mail_template->set_var('form_message', $_CONTACT_CONF['message']);
            $mail_template->set_var('lang_username', $LANG_CONTACT_1['name']);
            $mail_template->set_var('add_your_name', $LANG_CONTACT_1['add_your_name']);
            if (COM_isAnonUser()) {
                $sender = '';
                if (isset($_POST['author'])) {
                    $sender = strip_tags($_POST['author']);
                    $sender = substr($sender, 0, strcspn($sender, "\r\n"));
                    $sender = htmlspecialchars(trim($sender), ENT_QUOTES);
                }
                $mail_template->set_var('username', $sender);
            } else {
                $mail_template->set_var('username', COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']));
            }
            $mail_template->set_var('lang_useremail', $LANG_CONTACT_1['email']);
            $mail_template->set_var('add_valid_address', $LANG_CONTACT_1['add_valid_address']);
            if (COM_isAnonUser()) {
                $email = '';
                if (isset($_POST['authoremail'])) {
                    $email = strip_tags($_POST['authoremail']);
                    $email = substr($email, 0, strcspn($email, "\r\n"));
                    $email = htmlspecialchars(trim($email), ENT_QUOTES);
                }
                $mail_template->set_var('useremail', $email);
            } else {
                $mail_template->set_var('useremail', $_USER['email']);
            }
            $mail_template->set_var('cc', $cc);
            $mail_template->set_var('lang_cc', $LANG08[36]);
            $mail_template->set_var('lang_cc_description', $LANG08[37]);
            $mail_template->set_var('lang_message', $LANG_CONTACT_1['message']);
            $mail_template->set_var('message', htmlspecialchars($message));
            $mail_template->set_var('lang_submit', $LANG08[16]);
            $mail_template->set_var('uid', $uid);
            PLG_templateSetVars('contact', $mail_template);
            $mail_template->parse('output', 'form');
            $retval .= $mail_template->finish($mail_template->get_var('output'));
        } else {
            $retval = COM_startBlock($LANG08[10] . ' ' . $displayname, '', COM_getBlockTemplate('_msg_block', 'header'));
            $retval .= $LANG08[35];
            $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        }
    }
    return $retval;
}
Beispiel #25
0
/**
 * Displays a login form
 * This is the version of the login form displayed in the content area of the
 * page (not the side bar). It will present all options (remote authentication
 * - including OpenID, new registration link, etc.) according to the current
 * configuration settings.
 *
 * @param    array $use_config options to override some of the defaults
 * @return   string                  HTML of the login form
 */
function SEC_loginForm($use_config = array())
{
    global $_CONF, $LANG01, $LANG04, $_SCRIPTS;
    $retval = '';
    $have_remote_login = false;
    $default_config = array('hide_forgotpw_link' => false, 'hidden_fields' => '', 'no_oauth_login' => false, 'no_3rdparty_login' => false, 'no_openid_login' => false, 'no_newreg_link' => false, 'no_plugin_vars' => false, 'title' => $LANG04[65], 'message' => $LANG04[66], 'button_text' => $LANG04[80]);
    $config = array_merge($default_config, $use_config);
    $loginform = COM_newTemplate($_CONF['path_layout'] . 'users');
    $loginform->set_file('login', 'loginform.thtml');
    $loginform->set_var('start_block_loginagain', COM_startBlock($config['title']));
    $loginform->set_var('lang_message', $config['message']);
    if ($config['no_newreg_link'] || $_CONF['disable_new_user_registration']) {
        $loginform->set_var('lang_newreglink', '');
    } else {
        $loginform->set_var('lang_newreglink', $LANG04[123]);
    }
    $loginform->set_var('lang_username', $LANG04[2]);
    $loginform->set_var('lang_password', $LANG01[57]);
    if ($config['hide_forgotpw_link']) {
        $loginform->set_var('lang_forgetpassword', '');
        $loginform->set_var('forgetpassword_link', '');
    } else {
        $loginform->set_var('lang_forgetpassword', $LANG04[25]);
        $forget = COM_createLink($LANG04[25], $_CONF['site_url'] . '/users.php?mode=getpassword', array('rel' => 'nofollow'));
        $loginform->set_var('forgetpassword_link', $forget);
    }
    $loginform->set_var('lang_login', $config['button_text']);
    $loginform->set_var('lang_remote_login', $LANG04[167]);
    $loginform->set_var('lang_remote_login_desc', $LANG04[168]);
    $loginform->set_var('end_block', COM_endBlock());
    // 3rd party remote authentification.
    $services = '';
    if (!$config['no_3rdparty_login'] && $_CONF['user_login_method']['3rdparty'] && $_CONF['usersubmission'] == 0) {
        $modules = SEC_collectRemoteAuthenticationModules();
        if (count($modules) > 0) {
            if (!$_CONF['user_login_method']['standard'] && count($modules) == 1) {
                $select = '<input type="hidden" name="service" value="' . $modules[0] . '"' . XHTML . '>' . $modules[0];
            } else {
                // Build select
                $select = '<select name="service">';
                if ($_CONF['user_login_method']['standard']) {
                    $select .= '<option value="">' . $_CONF['site_name'] . '</option>';
                }
                foreach ($modules as $service) {
                    $select .= '<option value="' . $service . '">' . $service . '</option>';
                }
                $select .= '</select>';
            }
            $loginform->set_file('services', 'services.thtml');
            $loginform->set_var('lang_service', $LANG04[121]);
            $loginform->set_var('select_service', $select);
            $loginform->parse('output', 'services');
            $services .= $loginform->finish($loginform->get_var('output'));
        }
    }
    if (!empty($config['hidden_fields'])) {
        // allow caller to (ab)use {services} for hidden fields
        $services .= $config['hidden_fields'];
    }
    $loginform->set_var('services', $services);
    // OpenID remote authentification.
    if (!$config['no_openid_login'] && $_CONF['user_login_method']['openid'] && $_CONF['usersubmission'] == 0 && !$_CONF['disable_new_user_registration']) {
        $have_remote_login = true;
        $_SCRIPTS->setJavascriptFile('login', '/javascript/login.js');
        $loginform->set_file('openid_login', '../loginform_openid.thtml');
        $loginform->set_var('lang_openid_login', $LANG01[128]);
        $loginform->set_var('input_field_size', 40);
        // for backward compatibility - not used any more
        $app_url = isset($_SERVER['SCRIPT_URI']) ? $_SERVER['SCRIPT_URI'] : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
        $loginform->set_var('app_url', $app_url);
        $loginform->parse('output', 'openid_login');
        $loginform->set_var('openid_login', $loginform->finish($loginform->get_var('output')));
    } else {
        $loginform->set_var('openid_login', '');
    }
    // OAuth remote authentification.
    if (!$config['no_oauth_login'] && $_CONF['user_login_method']['oauth'] && $_CONF['usersubmission'] == 0 && !$_CONF['disable_new_user_registration']) {
        $have_remote_login = true;
        $_SCRIPTS->setJavascriptFile('login', '/javascript/login.js');
        $modules = SEC_collectRemoteOAuthModules();
        if (count($modules) == 0) {
            $loginform->set_var('oauth_login', '');
        } else {
            $html_oauth = '';
            // Grab oauth icons from theme
            if ($_CONF['theme_oauth_icons']) {
                $icon_path = $_CONF['layout_url'] . '/images/';
            } else {
                $icon_path = $_CONF['site_url'] . '/images/';
            }
            foreach ($modules as $service) {
                $loginform->set_file('oauth_login', '../loginform_oauth.thtml');
                $loginform->set_var('oauth_service', $service);
                $loginform->set_var('lang_oauth_service', $LANG01[$service]);
                // for sign in image
                $loginform->set_var('oauth_sign_in_image', $icon_path . $service . '-login-icon.png');
                $loginform->parse('output', 'oauth_login');
                $html_oauth .= $loginform->finish($loginform->get_var('output'));
            }
            $loginform->set_var('oauth_login', $html_oauth);
        }
    } else {
        $loginform->set_var('oauth_login', '');
    }
    if ($have_remote_login) {
        $loginform->set_var('remote_login_class', 'remote-login-enabled');
    }
    if (!$config['no_plugin_vars']) {
        PLG_templateSetVars('loginform', $loginform);
    }
    $loginform->parse('output', 'login');
    $retval .= $loginform->finish($loginform->get_var('output'));
    return $retval;
}
Beispiel #26
0
/**
 * Takes an article class and renders HTML in the specified template and style.
 *
 * Formats the given article into HTML. Called by index.php, article.php,
 * submit.php and admin/story.php (Preview mode for the last two).
 *
 * @param   object  $story      The story to display, an instance of the Story class.
 * @param   string  $index      n = 'Compact display' for list of stories. p = 'Preview' mode. Else full display of article.
 * @param   string  $storytpl   The template to use to render the story.
 * @param   string  $query      A search query, if one was specified.
 *
 * @return  string  Article as formated HTML.
 *
 * Note: Formerly named COM_Article, and re-written totally since then.
 */
function STORY_renderArticle(&$story, $index = '', $storytpl = 'storytext.thtml', $query = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG05, $LANG11, $LANG_TRB, $_IMAGE_TYPE, $mode;
    static $storycounter = 0;
    if (empty($storytpl)) {
        $storytpl = 'storytext.thtml';
    }
    $introtext = $story->displayElements('introtext');
    $bodytext = $story->displayElements('bodytext');
    if (!empty($query)) {
        $introtext = COM_highlightQuery($introtext, $query);
        $bodytext = COM_highlightQuery($bodytext, $query);
    }
    $article = new Template($_CONF['path_layout']);
    $article->set_file(array('article' => $storytpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml'));
    $article->set_var('xhtml', XHTML);
    $article->set_var('layout_url', $_CONF['layout_url']);
    $article->set_var('site_url', $_CONF['site_url']);
    $article->set_var('site_admin_url', $_CONF['site_admin_url']);
    $article->set_var('site_name', $_CONF['site_name']);
    $article->set_var('story_date', $story->DisplayElements('date'));
    $article->set_var('story_date_short', $story->DisplayElements('shortdate'));
    $article->set_var('story_date_only', $story->DisplayElements('dateonly'));
    if ($_CONF['hideviewscount'] != 1) {
        $article->set_var('lang_views', $LANG01[106]);
        $article->set_var('story_hits', $story->DisplayElements('hits'));
    }
    $article->set_var('story_id', $story->getSid());
    if ($_CONF['contributedbyline'] == 1) {
        $article->set_var('lang_contributed_by', $LANG01[1]);
        $article->set_var('contributedby_uid', $story->DisplayElements('uid'));
        $fullname = $story->DisplayElements('fullname');
        $username = $story->DisplayElements('username');
        $article->set_var('contributedby_user', $username);
        if (empty($fullname)) {
            $article->set_var('contributedby_fullname', $username);
        } else {
            $article->set_var('contributedby_fullname', $fullname);
        }
        $authorname = COM_getDisplayName($story->DisplayElements('uid'), $username, $fullname);
        $article->set_var('contributedby_author', $authorname);
        $article->set_var('author', $authorname);
        if ($story->DisplayElements('uid') > 1) {
            $profileUrl = $_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $story->DisplayElements('uid');
            $article->set_var('start_contributedby_anchortag', '<a class="storybyline" href="' . $profileUrl . '">');
            $article->set_var('end_contributedby_anchortag', '</a>');
            $article->set_var('contributedby_url', $profileUrl);
        }
        $photo = '';
        if ($_CONF['allow_user_photo'] == 1) {
            $authphoto = $story->DisplayElements('photo');
            if (empty($authphoto)) {
                $authphoto = '(none)';
                // user does not have a photo
            }
            $photo = USER_getPhoto($story->DisplayElements('uid'), $authphoto, $story->DisplayElements('email'));
        }
        if (!empty($photo)) {
            $article->set_var('contributedby_photo', $photo);
            $article->set_var('author_photo', $photo);
            $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>';
            $article->set_var('camera_icon', COM_createLink($camera_icon, $profileUrl));
        } else {
            $article->set_var('contributedby_photo', '');
            $article->set_var('author_photo', '');
            $article->set_var('camera_icon', '');
        }
    }
    $topicname = $story->DisplayElements('topic');
    $article->set_var('story_topic_id', $story->DisplayElements('tid'));
    $article->set_var('story_topic_name', $topicname);
    $topicurl = $_CONF['site_url'] . '/index.php?topic=' . $story->DisplayElements('tid');
    if ((!isset($_USER['noicons']) or $_USER['noicons'] != 1) and $story->DisplayElements('show_topic_icon') == 1) {
        $imageurl = $story->DisplayElements('imageurl');
        if (!empty($imageurl)) {
            $imageurl = COM_getTopicImageUrl($imageurl);
            $article->set_var('story_topic_image_url', $imageurl);
            $topicimage = '<img src="' . $imageurl . '" class="float' . $_CONF['article_image_align'] . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
            $article->set_var('story_anchortag_and_image', COM_createLink($topicimage, $topicurl, array('rel' => "category")));
            $article->set_var('story_topic_image', $topicimage);
            $topicimage_noalign = '<img src="' . $imageurl . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
            $article->set_var('story_anchortag_and_image_no_align', COM_createLink($topicimage_noalign, $topicurl, array('rel' => "category")));
            $article->set_var('story_topic_image_no_align', $topicimage_noalign);
        }
    }
    $article->set_var('story_topic_url', $topicurl);
    $recent_post_anchortag = '';
    $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
    $article->set_var('story_title', $story->DisplayElements('title'));
    $article->set_var('lang_permalink', $LANG01[127]);
    $show_comments = true;
    // n = 'Compact display' for list of stories. p = 'Preview' mode.
    if ($index != 'n' && $index != 'p' || !empty($query)) {
        $attributes = ' class="non-ul"';
        $attr_array = array('class' => 'non-ul');
        if (!empty($query)) {
            $attributes .= ' rel="bookmark"';
            $attr_array['rel'] = 'bookmark';
        }
        $article->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '"' . $attributes . '>');
        $article->set_var('end_storylink_anchortag', '</a>');
        $article->set_var('story_title_link', COM_createLink($story->DisplayElements('title'), $articleUrl, $attr_array));
    } else {
        $article->set_var('story_title_link', $story->DisplayElements('title'));
    }
    if ($index == 'n' || $index == 'p') {
        if (empty($bodytext)) {
            $article->set_var('story_introtext', $introtext);
            $article->set_var('story_text_no_br', $introtext);
        } else {
            if ($_CONF['allow_page_breaks'] == 1 and $index == 'n') {
                $story_page = 1;
                // page selector
                if (is_numeric($mode)) {
                    $story_page = $mode;
                    if ($story_page <= 0) {
                        $story_page = 1;
                        $mode = 0;
                    } elseif ($story_page > 1) {
                        $introtext = '';
                    }
                }
                $article_array = explode('[page_break]', $bodytext);
                $pagelinks = COM_printPageNavigation($articleUrl, $story_page, count($article_array), 'mode=', $_CONF['url_rewrite'], $LANG01[118]);
                if (count($article_array) > 1) {
                    $bodytext = $article_array[$story_page - 1];
                }
                $article->set_var('page_selector', $pagelinks);
                if ($_CONF['page_break_comments'] == 'last' and $story_page < count($article_array) or $_CONF['page_break_comments'] == 'first' and $story_page != 1) {
                    $show_comments = false;
                }
                $article->set_var('story_page', $story_page);
            }
            $article->set_var('story_introtext', $introtext . '<br' . XHTML . '><br' . XHTML . '>' . $bodytext);
            $article->set_var('story_text_no_br', $introtext . ' ' . $bodytext);
        }
        $article->set_var('story_introtext_only', $introtext);
        $article->set_var('story_bodytext_only', $bodytext);
        if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && SEC_hasRights('story.ping')) {
            $url = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&amp;id=' . $story->getSid();
            $article->set_var('send_trackback_link', COM_createLink($LANG_TRB['send_trackback'], $url));
            $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
            $article->set_var('send_trackback_icon', COM_createLink($pingico, $url));
            $article->set_var('send_trackback_url', $url);
            $article->set_var('lang_send_trackback_text', $LANG_TRB['send_trackback']);
        }
        $article->set_var('story_display', $index == 'p' ? 'preview' : 'article');
        $article->set_var('story_counter', 0);
    } else {
        $article->set_var('story_introtext', $introtext);
        $article->set_var('story_text_no_br', $introtext);
        $article->set_var('story_introtext_only', $introtext);
        if (!empty($bodytext)) {
            $article->set_var('lang_readmore', $LANG01[2]);
            $article->set_var('lang_readmore_words', $LANG01[62]);
            $numwords = COM_numberFormat(count(explode(' ', COM_getTextContent($bodytext))));
            $article->set_var('readmore_words', $numwords);
            $article->set_var('readmore_link', COM_createLink($LANG01[2], $articleUrl, array('class' => 'story-read-more-link')) . ' (' . $numwords . ' ' . $LANG01[62] . ') ');
            $article->set_var('start_readmore_anchortag', '<a href="' . $articleUrl . '" class="story-read-more-link">');
            $article->set_var('end_readmore_anchortag', '</a>');
            $article->set_var('read_more_class', 'class="story-read-more-link"');
        }
        if ($story->DisplayElements('commentcode') >= 0 and $show_comments) {
            $commentsUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#comments';
            $article->set_var('comments_url', $commentsUrl);
            $article->set_var('comments_text', COM_numberFormat($story->DisplayElements('comments')) . ' ' . $LANG01[3]);
            $article->set_var('comments_count', COM_numberFormat($story->DisplayElements('comments')));
            $article->set_var('lang_comments', $LANG01[3]);
            $comments_with_count = sprintf($LANG01[121], COM_numberFormat($story->DisplayElements('comments')));
            if ($story->DisplayElements('comments') > 0) {
                $result = DB_query("SELECT UNIX_TIMESTAMP(date) AS day,username,fullname,{$_TABLES['comments']}.uid as cuid FROM {$_TABLES['comments']},{$_TABLES['users']} WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid AND sid = '" . $story->getsid() . "' ORDER BY date desc LIMIT 1");
                $C = DB_fetchArray($result);
                $recent_post_anchortag = '<span class="storybyline">' . $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . COM_getDisplayName($C['cuid'], $C['username'], $C['fullname']) . '</span>';
                $article->set_var('comments_with_count', COM_createLink($comments_with_count, $commentsUrl));
                $article->set_var('start_comments_anchortag', '<a href="' . $commentsUrl . '">');
                $article->set_var('end_comments_anchortag', '</a>');
            } else {
                $article->set_var('comments_with_count', $comments_with_count);
                $recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/comment.php?sid=' . $story->getsid() . '&amp;pid=0&amp;type=article');
            }
            if ($story->DisplayElements('commentcode') == 0) {
                $postCommentUrl = $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&amp;pid=0&amp;type=article';
                $article->set_var('post_comment_link', COM_createLink($LANG01[60], $postCommentUrl, array('rel' => 'nofollow')));
                /*
                    $article->set_var( 'subscribe_link',
                            COM_createLink('Nubbies', '', array('rel' => 'nofollow'))
                                     );
                */
                $article->set_var('lang_post_comment', $LANG01[60]);
                $article->set_var('start_post_comment_anchortag', '<a href="' . $postCommentUrl . '" rel="nofollow">');
                $article->set_var('end_post_comment_anchortag', '</a>');
            }
        }
        if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && $story->DisplayElements('trackbackcode') >= 0 && $show_comments) {
            $num_trackbacks = COM_numberFormat($story->DisplayElements('trackbacks'));
            $trackbacksUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#trackback';
            $article->set_var('trackbacks_url', $trackbacksUrl);
            $article->set_var('trackbacks_text', $num_trackbacks . ' ' . $LANG_TRB['trackbacks']);
            $article->set_var('trackbacks_count', $num_trackbacks);
            $article->set_var('lang_trackbacks', $LANG_TRB['trackbacks']);
            $article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl));
            if (SEC_hasRights('story.ping')) {
                $pingurl = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&amp;id=' . $story->getSid();
                $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
                $article->set_var('send_trackback_icon', COM_createLink($pingico, $pingurl));
            }
            if ($story->DisplayElements('trackbacks') > 0) {
                $article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl));
            } else {
                $article->set_var('trackbacks_with_count', sprintf($LANG01[122], $num_trackbacks));
            }
        }
        if ($_CONF['hideemailicon'] == 1 || empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
            $article->set_var('email_icon', '');
        } else {
            $emailUrl = $_CONF['site_url'] . '/profiles.php?sid=' . $story->getSid() . '&amp;what=emailstory';
            $emailicon = '<img src="' . $_CONF['layout_url'] . '/images/mail.' . $_IMAGE_TYPE . '" alt="' . $LANG01[64] . '" title="' . $LANG11[2] . '"' . XHTML . '>';
            $article->set_var('email_icon', COM_createLink($emailicon, $emailUrl));
            $article->set_var('email_story_url', $emailUrl);
            $article->set_var('lang_email_story', $LANG11[2]);
            $article->set_var('lang_email_story_alt', $LANG01[64]);
        }
        $printUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&amp;mode=print');
        if ($_CONF['hideprintericon'] == 1) {
            $article->set_var('print_icon', '');
        } else {
            $printicon = '<img src="' . $_CONF['layout_url'] . '/images/print.' . $_IMAGE_TYPE . '" alt="' . $LANG01[65] . '" title="' . $LANG11[3] . '"' . XHTML . '>';
            $article->set_var('print_icon', COM_createLink($printicon, $printUrl, array('rel' => 'nofollow')));
            $article->set_var('print_story_url', $printUrl);
            $article->set_var('lang_print_story', $LANG11[3]);
            $article->set_var('lang_print_story_alt', $LANG01[65]);
        }
        $article->set_var('story_display', 'index');
        $storycounter++;
        $article->set_var('story_counter', $storycounter);
    }
    $article->set_var('article_url', $articleUrl);
    $article->set_var('recent_post_anchortag', $recent_post_anchortag);
    if ($story->checkAccess() == 3 and SEC_hasrights('story.edit') and $index != 'p') {
        $article->set_var('edit_link', COM_createLink($LANG01[4], $_CONF['site_admin_url'] . '/story.php?mode=edit&amp;sid=' . $story->getSid()));
        $article->set_var('edit_url', $_CONF['site_admin_url'] . '/story.php?mode=edit&amp;sid=' . $story->getSid());
        $article->set_var('lang_edit_text', $LANG01[4]);
        $editicon = $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE;
        $editiconhtml = '<img src="' . $editicon . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>';
        $article->set_var('edit_icon', COM_createLink($editiconhtml, $_CONF['site_admin_url'] . '/story.php?mode=edit&amp;sid=' . $story->getSid()));
        $article->set_var('edit_image', $editiconhtml);
    }
    if ($story->DisplayElements('featured') == 1) {
        $article->set_var('lang_todays_featured_article', $LANG05[4]);
        $article->parse('story_bodyhtml', 'featuredbodytext', true);
        PLG_templateSetVars('featuredstorytext', $article);
        $article->parse('finalstory', 'featuredarticle');
    } elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE and $story->DisplayElements('expire') <= time()) {
        $article->parse('story_bodyhtml', 'archivestorybodytext', true);
        PLG_templateSetVars('archivestorytext', $article);
        $article->parse('finalstory', 'archivearticle');
    } else {
        $article->parse('story_bodyhtml', 'bodytext', true);
        PLG_templateSetVars('storytext', $article);
        $article->parse('finalstory', 'article');
    }
    return $article->finish($article->get_var('finalstory'));
}
Beispiel #27
0
 function displayThumb($s, $sortOrder, $force = 0)
 {
     global $_USER, $_CONF, $_MG_CONF, $MG_albums, $_TABLES, $_MG_USERPREFS, $LANG_MG03, $LANG_MG01, $glversion, $ratedIds;
     $retval = '';
     $T = new Template(MG_getTemplatePath($this->album_id));
     if ($MG_albums[$this->album_id]->display_columns == 1) {
         $media_cell_image_template = 'album_page_body_media_cell_1.thtml';
     } else {
         $media_cell_image_template = 'album_page_body_media_cell.thtml';
     }
     if ($force) {
         $media_cell_image_template = 'album_page_body_media_cell.thtml';
     }
     $T->set_file(array('media_cell_image' => $media_cell_image_template, 'media_rate_results' => 'album_page_body_media_cell_rating.thtml', 'media_comments' => 'album_page_body_media_cell_comment.thtml', 'media_views' => 'album_page_body_media_cell_view.thtml', 'media_cell_keywords' => 'album_page_body_media_cell_keywords.thtml', 'mp3_podcast' => 'mp3_podcast.thtml'));
     $F = new Template($_MG_CONF['template_path']);
     $F->set_var('media_frame', $MG_albums[$this->album_id]->imageFrameTemplate);
     // --- set the default thumbnail
     switch ($this->type) {
         case 0:
             // standard image
             $default_thumbnail = 'tn/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext;
             if (!file_exists($_MG_CONF['path_mediaobjects'] . $default_thumbnail)) {
                 $default_thumbnail = 'tn/' . $this->filename[0] . '/' . $this->filename . '.jpg';
             }
             break;
         case 1:
             // video file
             switch ($this->mime_type) {
                 case 'video/x-flv':
                     $default_thumbnail = 'placeholder_flv.svg';
                     break;
                 case 'application/x-shockwave-flash':
                     $default_thumbnail = 'placeholder_flash.svg';
                     break;
                 case 'video/mpeg':
                 case 'video/x-mpeg':
                 case 'video/x-mpeq2a':
                     if ($_MG_CONF['use_wmp_mpeg'] == 1) {
                         $default_thumbnail = 'placeholder_video.svg';
                         break;
                     }
                 case 'video/x-motion-jpeg':
                 case 'video/quicktime':
                 case 'video/x-qtc':
                 case 'audio/mpeg':
                 case 'video/x-m4v':
                     $default_thumbnail = 'placeholder_quicktime.svg';
                     break;
                 case 'asf':
                 case 'video/x-ms-asf':
                 case 'video/x-ms-asf-plugin':
                 case 'video/avi':
                 case 'video/msvideo':
                 case 'video/x-msvideo':
                 case 'video/avs-video':
                 case 'video/x-ms-wmv':
                 case 'video/x-ms-wvx':
                 case 'video/x-ms-wm':
                 case 'application/x-troff-msvideo':
                 case 'application/x-ms-wmz':
                 case 'application/x-ms-wmd':
                     $default_thumbnail = 'placeholder_video.svg';
                     break;
                 default:
                     $default_thumbnail = 'placeholder_video.svg';
                     break;
             }
             break;
         case 2:
             // music file
             $default_thumbnail = 'placeholder_audio.svg';
             break;
         case 4:
             // other files
             switch ($this->mime_type) {
                 case 'application/zip':
                 case 'zip':
                 case 'arj':
                 case 'rar':
                 case 'gz':
                     $default_thumbnail = 'zip.png';
                     break;
                 case 'pdf':
                 case 'application/pdf':
                     $default_thumbnail = 'placeholder_pdf.svg';
                     break;
                 default:
                     if (isset($_MG_CONF['dt'][$this->mime_ext])) {
                         $default_thumbnail = $_MG_CONF['dt'][$this->mime_ext];
                     } else {
                         switch ($this->mime_ext) {
                             case 'pdf':
                                 $default_thumbnail = 'placeholder_pdf.svg';
                                 break;
                             case 'arj':
                                 $default_thumbnail = 'zip.png';
                                 break;
                             case 'gz':
                                 $default_thumbnail = 'zip.png';
                                 break;
                             default:
                                 $default_thumbnail = 'generic.png';
                                 break;
                         }
                     }
                     break;
             }
             break;
         case 5:
         case 'embed':
             if (preg_match("/youtube/i", $this->remote_url)) {
                 $default_thumbnail = 'youtube.png';
             } else {
                 if (preg_match("/google/i", $this->remote_url)) {
                     $default_thumbnail = 'googlevideo.png';
                 } else {
                     $default_thumbnail = 'remote.png';
                 }
             }
             break;
     }
     if ($this->tn_attached == 1) {
         $media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/' . $default_thumbnail;
         $media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . $default_thumbnail;
         foreach ($_MG_CONF['validExtensions'] as $ext) {
             if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $this->filename[0] . '/tn_' . $this->filename . $ext)) {
                 $media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/tn/' . $this->filename[0] . '/tn_' . $this->filename . $ext;
                 $media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . 'tn/' . $this->filename[0] . '/tn_' . $this->filename . $ext;
                 break;
             }
         }
     } else {
         $media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/' . $default_thumbnail;
         $media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . $default_thumbnail;
     }
     // type == 1 video
     // type == 2 audio
     if (($this->type == 1 || $this->type == 2 || $this->type == 5) && ($MG_albums[$this->album_id]->playback_type == 0 || $MG_albums[$this->album_id]->playback_type == 1) && $_MG_CONF['popup_from_album'] == 1) {
         if ($MG_albums[$this->album_id]->playback_type == 0) {
             if ($this->type == 2) {
                 // determine what type of player we will use (WMP, QT or Flash)
                 $player = $_MG_CONF['mp3_player'];
                 if (isset($_MG_USERPREFS['mp3_player']) && $_MG_USERPREFS['mp3_player'] != -1) {
                     $player = $_MG_USERPREFS['mp3_player'];
                 }
                 switch ($player) {
                     case 0:
                         // WMP
                         $new_y = 260;
                         $new_x = 340;
                         break;
                     case 1:
                         // QT
                         $new_y = 25;
                         $new_x = 350;
                         break;
                     case 2:
                         $new_y = 360;
                         $new_x = 580;
                         break;
                 }
                 if ($this->mime_type == 'audio/mpeg') {
                     $new_y = 360;
                     $new_x = 580;
                 }
                 if ($this->tn_attached == 1 && $player != 2) {
                     $tnsize = @getimagesize($media_thumbnail_file);
                     $new_y += $tnsize[0];
                     if ($tnsize[1] > $new_x) {
                         $new_x = $tnsize[1];
                     }
                 }
                 if ($MG_albums[$this->album_id]->playback_type == 0) {
                     $url_display_item = "javascript:showVideo('" . $_MG_CONF['site_url'] . '/video.php?n=' . $this->id . "'," . $new_y . ',' . $new_x . ')';
                 } else {
                     $url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
                 }
                 $resolution_x = $new_x;
                 $resolution_y = $new_y;
             } else {
                 // must be a video...
                 // set the default playback options...
                 $playback_options['play'] = $_MG_CONF['swf_play'];
                 $playback_options['menu'] = $_MG_CONF['swf_menu'];
                 $playback_options['quality'] = $_MG_CONF['swf_quality'];
                 $playback_options['height'] = $_MG_CONF['swf_height'];
                 $playback_options['width'] = $_MG_CONF['swf_width'];
                 $playback_options['loop'] = $_MG_CONF['swf_loop'];
                 $playback_options['scale'] = $_MG_CONF['swf_scale'];
                 $playback_options['wmode'] = $_MG_CONF['swf_wmode'];
                 $playback_options['allowscriptaccess'] = $_MG_CONF['swf_allowscriptaccess'];
                 $playback_options['bgcolor'] = $_MG_CONF['swf_bgcolor'];
                 $playback_options['swf_version'] = $_MG_CONF['swf_version'];
                 $playback_options['flashvars'] = $_MG_CONF['swf_flashvars'];
                 $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($this->id) . "'");
                 while ($poRow = DB_fetchArray($poResult)) {
                     $playback_options[$poRow['option_name']] = $poRow['option_value'];
                 }
                 if ($this->resolution_x > 0) {
                     $resolution_x = $this->resolution_x;
                     $resolution_y = $this->resolution_y;
                 } else {
                     if ($this->media_resolution_x == 0 && $this->remote_media != 1) {
                         $size = @filesize($_MG_CONF['path_mediaobjects'] . 'orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext);
                         // skip files over 8M in size..
                         if ($size < 8388608) {
                             $ThisFileInfo = IMG_getMediaMetaData($_MG_CONF['path_mediaobjects'] . 'orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext);
                             if ($ThisFileInfo['video']['resolution_x'] < 1 || $ThisFileInfo['video']['resolution_y'] < 1) {
                                 if (isset($ThisFileInfo['meta']['onMetaData']['width']) && isset($ThisFileInfo['meta']['onMetaData']['height'])) {
                                     $resolution_x = $ThisFileInfo['meta']['onMetaData']['width'];
                                     $resolution_y = $ThisFileInfo['meta']['onMetaData']['height'];
                                 } else {
                                     $resolution_x = -1;
                                     $resolution_y = -1;
                                 }
                             } else {
                                 $resolution_x = $ThisFileInfo['video']['resolution_x'];
                                 $resolution_y = $ThisFileInfo['video']['resolution_y'];
                             }
                             if ($resolution_x != 0) {
                                 $sql = "UPDATE " . $_TABLES['mg_media'] . " SET media_resolution_x=" . intval($resolution_x) . ",media_resolution_y=" . intval($resolution_y) . " WHERE media_id='" . DB_escapeString($this->id) . "'";
                                 DB_query($sql, 1);
                             }
                         }
                     } else {
                         $resolution_x = $this->resolution_x;
                         $resolution_y = $this->resolution_y;
                     }
                 }
                 $resolution_x = $playback_options['width'];
                 $resolution_y = $playback_options['height'];
                 if ($resolution_x < 1 || $resolution_y < 1) {
                     $resolution_x = 480;
                     $resolution_y = 320;
                 } else {
                     $resolution_x = $resolution_x + 40;
                     $resolution_y = $resolution_y + 40;
                 }
                 if ($this->mime_type == 'video/x-flv' && $_MG_CONF['use_flowplayer'] != 1) {
                     $resolution_x = $resolution_x + 60;
                     if ($resolution_x < 590) {
                         $resolution_x = 590;
                     }
                     $resolution_y = $resolution_y + 80;
                     if ($resolution_y < 500) {
                         $resolution_y = 500;
                     }
                 }
                 if ($this->type == 5) {
                     $resolution_x = 460;
                     $resolution_y = 380;
                 }
                 $url_display_item = "javascript:showVideo('" . $_MG_CONF['site_url'] . '/video.php?n=' . $this->id . "'," . $resolution_y . ',' . $resolution_x . ')';
             }
         } else {
             $url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
         }
         // check to see if comments and rating are enabled, if not, put a link to edit...
         if ($MG_albums[$this->album_id]->access == 3) {
             $T->set_var(array('edit_link' => '<br/><a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=mediaedit&amp;s=1&amp;album_id=' . $this->album_id . '&amp;mid=' . $this->id . '">' . $LANG_MG01['edit'] . '</a>'));
         } else {
             $T->set_var(array('edit_link' => ''));
         }
     } else {
         if ($MG_albums[$this->album_id]->useAlternate == 1 && $this->type != 5 && !empty($this->remote_url)) {
             $url_display_item = $this->remote_url;
         } else {
             $url_display_item = $_MG_CONF['site_url'] . '/media.php?f=0' . '&amp;sort=' . $sortOrder . '&amp;s=' . $this->id;
         }
     }
     if ($this->type == 4) {
         // other
         $url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
     }
     if (strstr($media_thumbnail_file, '.svg')) {
         $media_size = array($MG_albums[$this->album_id]->tnWidth, $MG_albums[$this->album_id]->tnHeight);
     } else {
         $media_size = @getimagesize($media_thumbnail_file);
     }
     if ($media_size == false) {
         if ($this->type == 2) {
             $default_thumbnail = 'placeholder_audio.svg';
         } else {
             $default_thumbnail = 'placeholder.svg';
         }
         $media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/' . $default_thumbnail;
         $media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . $default_thumbnail;
         $media_size = array($tn_width, $tn_height);
         //@getimagesize($media_thumbnail_file);
     }
     $media_time = MG_getUserDateTimeFormat($this->time);
     $upload_time = MG_getUserDateTimeFormat($this->upload_time);
     $url_media_item = $url_display_item;
     // -- decide what thumbnail size to use, small, medium, large...
     if (isset($_MG_USERPREFS['tn_size']) && $_MG_USERPREFS['tn_size'] != -1) {
         $tn_size = $_MG_USERPREFS['tn_size'];
     } else {
         $tn_size = $MG_albums[$this->album_id]->tn_size;
     }
     switch ($tn_size) {
         case '0':
             //small
             $tn_height = 100;
             $tn_width = 100;
             break;
         case '1':
             //medium
             $tn_height = 150;
             $tn_width = 150;
             break;
         case '2':
             $tn_height = 200;
             $tn_width = 200;
             break;
         case '3':
         case '4':
             $tn_height = $MG_albums[$this->album_id]->tnHeight;
             $tn_width = $MG_albums[$this->album_id]->tnWidth;
             if ($tn_height == 0) {
                 $tn_height = 200;
             }
             if ($tn_width == 0) {
                 $tn_width = 200;
             }
             break;
         default:
             $tn_height = 150;
             $tn_width = 150;
             break;
     }
     if ($media_size[0] > $media_size[1]) {
         // landscape
         $ratio = $media_size[0] / $tn_width;
         $newwidth = $tn_width;
         $newheight = round($media_size[1] / $ratio);
     } else {
         $ratio = $media_size[1] / $tn_height;
         if ($ratio == 0) {
             $newheight = $tn_height;
             $newwidth = $tn_width;
         } else {
             $newheight = $tn_height;
             $newwidth = round($media_size[0] / $ratio);
         }
     }
     if ($media_size[0] > $media_size[1]) {
         $ratio = $media_size[0] / 50;
         $smallwidth = 50;
         $smallheight = round($media_size[1] / $ratio);
     } else {
         $ratio = $media_size[1] / 50;
         if ($ratio == 0) {
             $smallheight = 50;
             $smallwidth = 50;
         } else {
             $smallheight = 50;
             $smallwidth = round($media_size[0] / $ratio);
         }
     }
     if ($this->owner_id != "" && $this->owner_id > 1) {
         $username = DB_getItem($_TABLES['users'], 'username', "uid=" . intval($this->owner_id));
     } else {
         $username = '******';
     }
     if (!isset($resolution_x)) {
         $resolution_x = $newwidth;
     }
     if (!isset($resolution_y)) {
         $resolution_y = $newheight;
     }
     if ($this->mime_type == 'audio/mpeg' && $MG_albums[$this->album_id]->mp3ribbon) {
         $T->set_var(array('mp3_file' => $_MG_CONF['mediaobjects_url'] . '/orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext, 'site_url' => $_MG_CONF['site_url'], 'id' => $this->mime_ext . rand()));
         $T->parse('mp3_podcast', 'mp3_podcast');
     } else {
         $T->set_var(array('mp3_podcast' => ''));
     }
     /*
      * build the small rating bar
      *
      */
     if ($MG_albums[$this->album_id]->enable_rating > 0) {
         $uid = COM_isAnonUser() ? 1 : $_USER['uid'];
         $static = false;
         // check to see if we are the owner, if so, no rating for us...
         if (isset($_USER['uid']) && $_USER['uid'] == $this->owner_id) {
             $static = true;
             $voted = 0;
         } else {
             if (in_array($this->id, $ratedIds)) {
                 $static = true;
                 $voted = 1;
             } else {
                 $static = 0;
                 $voted = 0;
             }
         }
         if ($MG_albums[$this->album_id]->enable_rating == 1 && COM_isAnonUser()) {
             $static = true;
         }
         if ($_MG_CONF['use_large_stars'] == 1) {
             $starSize = '';
         } else {
             $starSize = 'sm';
         }
         $rating_box = RATING_ratingBar('mediagallery', $this->id, $this->votes, $this->rating, $voted, 5, $static, $starSize);
     } else {
         $rating_box = '';
     }
     $T->set_var('rating_box', '<center>' . $rating_box . '</center>');
     $fs_bytes = @filesize($_MG_CONF['path_mediaobjects'] . 'orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext);
     $fileSize = MG_get_size($fs_bytes);
     $direct_url = 'disp/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext;
     if (!file_exists($_MG_CONF['path_mediaobjects'] . $direct_url)) {
         $direct_url = 'disp/' . $this->filename[0] . '/' . $this->filename . '.jpg';
     }
     if ($MG_albums[$this->album_id]->access == 3) {
         $edit_item = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=mediaedit&amp;s=1&amp;album_id=' . $this->album_id . '&amp;mid=' . $this->id . '">' . $LANG_MG01['edit'] . '</a>';
     } else {
         $edit_item = '';
     }
     $L = new Template(MG_getTemplatePath($this->album_id));
     $L->set_file('media_link', 'medialink.thtml');
     $L->set_var('href', $url_media_item);
     if ($this->type == 0) {
         if ($this->remote == 1) {
             $L->set_var('hrefdirect', $this->remote_url);
         } else {
             $L->set_var('hrefdirect', $_MG_CONF['mediaobjects_url'] . '/' . $direct_url);
         }
     }
     $caption = PLG_replaceTags(str_replace('$', '&#36;', $this->title), 'mediagallery', 'media_description');
     if ($this->owner_id == $_USER['uid'] || SEC_hasRights('mediagallery.admin')) {
         $caption .= '<br />(' . $this->id . ')';
     }
     $L->set_var('caption', $caption);
     $L->set_var('id', 'id' . rand());
     $L->parse('media_link_start', 'media_link');
     $media_start_link = $L->finish($L->get_var('media_link_start'));
     $T->set_var(array('play_now' => '', 'download_now' => $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id, 'play_in_popup' => "javascript:showVideo('" . $_MG_CONF['site_url'] . '/video.php?n=' . $this->id . "'," . $resolution_y . ',' . $resolution_x . ')', 'row_height' => $tn_height + 40, 'media_title' => PLG_replaceTags($this->title, 'mediagallery', 'media_title'), 'media_description' => PLG_replaceTags(nl2br($this->description), 'mediagallery', 'media_description'), 'media_tag' => strip_tags($this->title), 'media_time' => $media_time[0], 'upload_time' => $upload_time[0], 'media_owner' => $username, 'site_url' => $_MG_CONF['site_url'], 'lang_published' => $LANG_MG03['published'], 'lang_on' => $LANG_MG03['on'], 'lang_hyphen' => $this->album == '' ? '' : '-', 'media_link_start' => $media_start_link, 'media_link_end' => '</a>', 'artist' => $this->artist, 'musicalbum' => $this->album != '' ? $this->album : '', 'genre' => $this->genre != '' ? $this->genre : '', 'alt_edit_link' => $edit_item, 'filesize' => $fileSize, 'media_id' => $this->id, 'raw_media_thumbnail' => $media_thumbnail, 'display_url' => $url_media_item));
     // frame template variables
     $F->set_var(array('media_id' => $this->id, 'media_link_start' => $media_start_link, 'media_link_end' => '</a>', 'url_media_item' => $url_media_item, 'url_display_item' => $url_display_item, 'media_thumbnail' => $media_thumbnail, 'media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"', 'media_height' => $newheight, 'media_width' => $newwidth, 'border_width' => $newwidth + 15, 'border_height' => $newheight + 15, 'row_height' => $tn_height + 40, 'frWidth' => $newwidth - $MG_albums[$this->album_id]->frWidth, 'frHeight' => $newheight - $MG_albums[$this->album_id]->frHeight, 'media_tag' => strip_tags($this->description), 'filesize' => $fileSize));
     $F->parse('media', 'media_frame');
     $media_item_thumbnail = $F->finish($F->get_var('media'));
     $T->set_var(array('media_item_thumbnail' => $media_item_thumbnail, 'url_media_item' => $url_media_item, 'url_display_item' => $url_display_item, 'media_thumbnail' => $media_thumbnail, 'media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"'));
     if ($MG_albums[$this->album_id]->enable_keywords) {
         if (!empty($this->keywords)) {
             $kwText = '';
             $keyWords = array();
             $keyWords = explode(' ', $this->keywords);
             $numKeyWords = count($keyWords);
             for ($i = 0; $i < $numKeyWords; $i++) {
                 $keyWords[$i] = str_replace('"', ' ', $keyWords[$i]);
                 $searchKeyword = $keyWords[$i];
                 $keyWords[$i] = str_replace('_', ' ', $keyWords[$i]);
                 $kwText .= '<a href="' . $_MG_CONF['site_url'] . '/search.php?mode=search&amp;swhere=1&amp;keywords=' . $searchKeyword . '&amp;keyType=any">' . $keyWords[$i] . '</a> ';
             }
             $T->set_var(array('media_keywords' => $kwText, 'lang_keywords' => $LANG_MG01['keywords']));
             $T->parse('media_cell_keywords', 'media_cell_keywords');
         } else {
             $T->set_var('lang_keywords', '');
         }
     } else {
         $T->set_var(array('media_cell_keywords' => '', 'lang_keywords' => ''));
     }
     if ($MG_albums[$this->album_id]->enable_rating) {
         $rating = $LANG_MG03['rating'] . ': <strong> ' . $this->rating / 2 . '</strong>/5 (' . $this->votes . ' ' . $LANG_MG03['votes'] . ')';
         $T->set_var('media_rating', $rating);
         $T->parse('media_rate_results', 'media_rate_results');
     }
     if ($MG_albums[$this->album_id]->enable_comments) {
         if ($this->type == 4 || $this->type == 1 && $MG_albums[$this->album_id]->playback_type != 2 || $this->type == 2 && $MG_albums[$this->album_id]->playback_type != 2 || $this->type == 5 && $MG_albums[$this->album_id]->playback_type != 2) {
             $cmtLink = '<a href="' . $_MG_CONF['site_url'] . '/media.php?f=0' . '&amp;sort=' . $sortOrder . '&amp;s=' . $this->id . '">' . $LANG_MG03['comments'] . '</a>';
             $cmtLink_alt = '';
         } else {
             $cmtLink = $LANG_MG03['comments'];
             $cmtLink_alt = '<a href="' . $_MG_CONF['site_url'] . '/media.php?f=0' . '&amp;sort=' . $sortOrder . '&amp;s=' . $this->id . '">' . $LANG_MG03['comments'] . '</a>';
         }
         $T->set_var(array('media_comments_count' => $this->comments, 'lang_comments' => $cmtLink, 'lang_comments_hot' => $cmtLink_alt));
         $T->parse('media_comments', 'media_comments');
     }
     if ($MG_albums[$this->album_id]->enable_views) {
         $T->set_var(array('media_views_count' => $this->views, 'lang_views' => $LANG_MG03['views']));
         $T->parse('media_views', 'media_views');
     }
     $T->set_var(array('max-width' => $tn_width));
     PLG_templateSetVars('mediagallery', $T);
     $T->parse('media_cell', 'media_cell_image');
     $retval = $T->finish($T->get_var('media_cell'));
     return $retval;
 }
Beispiel #28
0
/**
* Shows the user their menu options
*
* This shows the average Joe User their menu options. This is the user block on the left side
*
* @param        string      $help       Help file to show
* @param        string      $title      Title of Menu
* @param        string      $position   Side being shown on 'left', 'right'. Though blank works not likely.
* @see function COM_adminMenu
*
*/
function COM_userMenu($help = '', $title = '', $position = '')
{
    global $_TABLES, $_CONF, $LANG01, $LANG04, $_BLOCK_TEMPLATE;
    $retval = '';
    if (!COM_isAnonUser()) {
        $usermenu = COM_newTemplate($_CONF['path_layout']);
        if (isset($_BLOCK_TEMPLATE['useroption'])) {
            $templates = explode(',', $_BLOCK_TEMPLATE['useroption']);
            $usermenu->set_file(array('option' => $templates[0], 'current' => $templates[1]));
        } else {
            $usermenu->set_file(array('option' => 'useroption.thtml', 'current' => 'useroption_off.thtml'));
        }
        $usermenu->set_var('block_name', str_replace('_', '-', 'user_block'));
        if (empty($title)) {
            $title = DB_getItem($_TABLES['blocks'], 'title', "name='user_block'");
        }
        // what's our current URL?
        $thisUrl = COM_getCurrentURL();
        $retval .= COM_startBlock($title, $help, COM_getBlockTemplate('user_block', 'header', $position));
        // This function will show the user options for all installed plugins
        // (if any)
        $plugin_options = PLG_getUserOptions();
        $nrows = count($plugin_options);
        for ($i = 0; $i < $nrows; $i++) {
            $plg = current($plugin_options);
            $usermenu->set_var('option_label', $plg->adminlabel);
            if (!empty($plg->numsubmissions)) {
                $usermenu->set_var('option_count', '(' . $plg->numsubmissions . ')');
            } else {
                $usermenu->set_var('option_count', '');
            }
            $usermenu->set_var('option_url', $plg->adminurl);
            if ($thisUrl == $plg->adminurl) {
                $retval .= $usermenu->parse('item', 'current');
            } else {
                $retval .= $usermenu->parse('item', 'option');
            }
            next($plugin_options);
        }
        $url = $_CONF['site_url'] . '/usersettings.php';
        $usermenu->set_var('option_label', $LANG01[48]);
        $usermenu->set_var('option_count', '');
        $usermenu->set_var('option_url', $url);
        if ($thisUrl == $url) {
            $retval .= $usermenu->parse('item', 'current');
        } else {
            $retval .= $usermenu->parse('item', 'option');
        }
        $url = $_CONF['site_url'] . '/users.php?mode=logout';
        $usermenu->set_var('option_label', $LANG01[19]);
        $usermenu->set_var('option_count', '');
        $usermenu->set_var('option_url', $url);
        $retval .= $usermenu->finish($usermenu->parse('item', 'option'));
        $retval .= COM_endBlock(COM_getBlockTemplate('user_block', 'footer', $position));
    } else {
        $retval .= COM_startBlock($LANG01[47], $help, COM_getBlockTemplate('user_block', 'header', $position));
        $login = COM_newTemplate($_CONF['path_layout']);
        $login->set_file('form', 'loginform.thtml');
        $login->set_var('lang_username', $LANG01[21]);
        $login->set_var('lang_password', $LANG01[57]);
        $login->set_var('lang_forgetpassword', $LANG01[119]);
        $login->set_var('lang_login', $LANG01[58]);
        if ($_CONF['disable_new_user_registration']) {
            $login->set_var('lang_signup', '');
        } else {
            $login->set_var('lang_signup', $LANG01[59]);
        }
        // 3rd party remote authentification.
        if ($_CONF['user_login_method']['3rdparty'] && !$_CONF['usersubmission']) {
            $modules = SEC_collectRemoteAuthenticationModules();
            if (count($modules) == 0) {
                $user_templates->set_var('services', '');
            } else {
                if (!$_CONF['user_login_method']['standard'] && count($modules) == 1) {
                    $select = '<input type="hidden" name="service" value="' . $modules[0] . '"' . XHTML . '>' . $modules[0];
                } else {
                    // Build select
                    $select = '<select name="service" id="service">';
                    if ($_CONF['user_login_method']['standard']) {
                        $select .= '<option value="">' . $_CONF['site_name'] . '</option>';
                    }
                    foreach ($modules as $service) {
                        $select .= '<option value="' . $service . '">' . $service . '</option>';
                    }
                    $select .= '</select>';
                }
                $login->set_file('services', 'blockservices.thtml');
                $login->set_var('lang_service', $LANG04[121]);
                $login->set_var('select_service', $select);
                $login->parse('output', 'services');
                $login->set_var('services', $login->finish($login->get_var('output')));
            }
        } else {
            $login->set_var('services', '');
        }
        // OpenID remote authentification.
        if ($_CONF['user_login_method']['openid'] && $_CONF['usersubmission'] == 0 && !$_CONF['disable_new_user_registration']) {
            $login->set_file('openid_login', 'loginform_openid.thtml');
            $login->set_var('lang_openid_login', $LANG01[128]);
            $login->set_var('input_field_size', 18);
            $login->set_var('app_url', $_CONF['site_url'] . '/users.php');
            $login->parse('output', 'openid_login');
            $login->set_var('openid_login', $login->finish($login->get_var('output')));
        } else {
            $login->set_var('openid_login', '');
        }
        // OAuth remote authentification.
        if ($_CONF['user_login_method']['oauth'] && $_CONF['usersubmission'] == 0 && !$_CONF['disable_new_user_registration']) {
            $modules = SEC_collectRemoteOAuthModules();
            if (count($modules) == 0) {
                $login->set_var('oauth_login', '');
            } else {
                $html_oauth = '';
                foreach ($modules as $service) {
                    $login->set_file('oauth_login', 'loginform_oauth.thtml');
                    $login->set_var('oauth_service', $service);
                    // for sign in image
                    $login->set_var('oauth_sign_in_image', $_CONF['site_url'] . '/images/login-with-' . $service . '.png');
                    $login->set_var('oauth_sign_in_image_style', '');
                    $login->parse('output', 'oauth_login');
                    $html_oauth .= $login->finish($login->get_var('output'));
                }
                $login->set_var('oauth_login', $html_oauth);
            }
        } else {
            $login->set_var('oauth_login', '');
        }
        PLG_templateSetVars('loginblock', $login);
        $retval .= $login->finish($login->parse('output', 'form'));
        $retval .= COM_endBlock(COM_getBlockTemplate('user_block', 'footer', $position));
    }
    return $retval;
}
Beispiel #29
0
/**
* Display form to email a story to someone.
*
* @param    string  $sid    ID of article to email
* @return   string          HTML for email story form
*
*/
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
    global $_CONF, $_TABLES, $_USER, $LANG08, $LANG_LOGIN;
    require_once $_CONF['path_system'] . 'lib-story.php';
    $retval = '';
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
        $retval = COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
        $login = new Template($_CONF['path_layout'] . 'submit');
        $login->set_file(array('login' => 'submitloginrequired.thtml'));
        $login->set_var('xhtml', XHTML);
        $login->set_var('site_url', $_CONF['site_url']);
        $login->set_var('site_admin_url', $_CONF['site_admin_url']);
        $login->set_var('layout_url', $_CONF['layout_url']);
        $login->set_var('login_message', $LANG_LOGIN[2]);
        $login->set_var('lang_login', $LANG_LOGIN[3]);
        $login->set_var('lang_newuser', $LANG_LOGIN[4]);
        $login->parse('output', 'login');
        $retval .= $login->finish($login->get_var('output'));
        $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        return $retval;
    }
    $story = new Story();
    $result = $story->loadFromDatabase($sid, 'view');
    if ($result != STORY_LOADED_OK) {
        return COM_refresh($_CONF['site_url'] . '/index.php');
    }
    if ($msg > 0) {
        $retval .= COM_showMessage($msg);
    }
    if (empty($from) && empty($fromemail)) {
        if (!COM_isAnonUser()) {
            $from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
            $fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
        }
    }
    $mail_template = new Template($_CONF['path_layout'] . 'profiles');
    $mail_template->set_file('form', 'contactauthorform.thtml');
    $mail_template->set_var('xhtml', XHTML);
    $mail_template->set_var('site_url', $_CONF['site_url']);
    $mail_template->set_var('site_admin_url', $_CONF['site_admin_url']);
    $mail_template->set_var('layout_url', $_CONF['layout_url']);
    $mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
    $mail_template->set_var('lang_title', $LANG08[31]);
    $mail_template->set_var('story_title', $story->displayElements('title'));
    $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
    $mail_template->set_var('story_url', $url);
    $link = COM_createLink($story->displayElements('title'), $url);
    $mail_template->set_var('story_link', $link);
    $mail_template->set_var('lang_fromname', $LANG08[20]);
    $mail_template->set_var('name', $from);
    $mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
    $mail_template->set_var('email', $fromemail);
    $mail_template->set_var('lang_toname', $LANG08[18]);
    $mail_template->set_var('toname', $to);
    $mail_template->set_var('lang_toemailaddress', $LANG08[19]);
    $mail_template->set_var('toemail', $toemail);
    $mail_template->set_var('lang_cc', $LANG08[36]);
    $mail_template->set_var('lang_cc_description', $LANG08[37]);
    $mail_template->set_var('lang_shortmessage', $LANG08[27]);
    $mail_template->set_var('shortmsg', htmlspecialchars($shortmsg));
    $mail_template->set_var('lang_warning', $LANG08[22]);
    $mail_template->set_var('lang_sendmessage', $LANG08[16]);
    $mail_template->set_var('story_id', $sid);
    $mail_template->set_var('end_block', COM_endBlock());
    PLG_templateSetVars('emailstory', $mail_template);
    $mail_template->parse('output', 'form');
    $retval .= $mail_template->finish($mail_template->get_var('output'));
    return $retval;
}
Beispiel #30
0
/**
* Displays the comment form
*
* @param    string  $title      Title of comment
* @param    string  $comment    Text of comment
* @param    string  $sid        ID of object comment belongs to
* @param    int     $pid        ID of parent comment
* @param    string  $type       Type of object comment is posted to
* @param    string  $mode       Mode, e.g. 'preview'
* @param    string  $postmode   Indicates if comment is plain text or HTML
* @return   string  HTML for comment form
*
*/
function CMT_commentForm($title, $comment, $sid, $pid = '0', $type, $mode, $postmode)
{
    global $_CONF, $_TABLES, $_USER, $LANG03, $LANG12, $LANG_LOGIN, $LANG_ACCESS;
    $retval = '';
    $cid = 0;
    $edit_comment = '';
    $filter = sanitizer::getInstance();
    $AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']);
    $filter->setAllowedelements($AllowedElements);
    $filter->setNamespace('glfusion', 'comment');
    // never trust $uid ...
    if (COM_isAnonUser()) {
        $uid = 1;
    } else {
        $uid = $_USER['uid'];
    }
    $commentuid = $uid;
    if (($mode == 'edit' || $mode == 'preview_edit') && isset($_REQUEST['cid'])) {
        $cid = COM_applyFilter($_REQUEST['cid']);
        $commentuid = DB_getItem($_TABLES['comments'], 'uid', "cid = " . (int) $cid);
    }
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
        $retval .= SEC_loginRequiredForm();
        return $retval;
    } else {
        COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
        $last = 0;
        if ($mode != 'edit' && $mode != 'preview' && $mode != 'preview_new' && $mode != 'preview_edit') {
            //not edit mode or preview changes
            $last = COM_checkSpeedlimit('comment');
        }
        if ($last > 0) {
            $retval .= COM_showMessageText($LANG03[7] . $last . $LANG03[8], $LANG12[26], false);
        } else {
            if (empty($postmode)) {
                $postmode = $_CONF['comment_postmode'];
            }
            $AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']);
            $filter->setPostmode($postmode);
            $filter->setCensorData(true);
            $filter->setAllowedElements($AllowedElements);
            $comment = $filter->filterHTML($comment);
            $display_comment = $filter->displayText($comment);
            $edit_comment = $filter->editableText($comment);
            $filter->setPostmode('text');
            $title = $filter->displayText($title);
            $title = $filter->editableText($title);
            $filter->setPostmode($postmode);
            $_POST['title'] = $title;
            $_POST['comment'] = $display_comment;
            // Preview mode:
            if (($mode == $LANG03[14] || $mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') && !empty($title) && !empty($comment)) {
                $start = new Template($_CONF['path_layout'] . 'comment');
                $start->set_file(array('comment' => 'startcomment.thtml'));
                $start->set_var('hide_if_preview', 'style="display:none"');
                // Clean up all the vars
                $A = array();
                foreach ($_POST as $key => $value) {
                    if ($key == 'pid' || $key == 'cid') {
                        $A[$key] = (int) COM_applyFilter($_POST[$key], true);
                    } else {
                        if ($key == 'title' || $key == 'comment') {
                            // these have already been filtered above
                            $A[$key] = $_POST[$key];
                        } else {
                            if ($key == 'username') {
                                $A[$key] = @htmlspecialchars(COM_checkWords(strip_tags($_POST[$key])), ENT_QUOTES, COM_getEncodingt());
                            } else {
                                $A[$key] = COM_applyFilter($_POST[$key]);
                            }
                        }
                    }
                }
                //correct time and username for edit preview
                if ($mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') {
                    $A['nice_date'] = DB_getItem($_TABLES['comments'], 'UNIX_TIMESTAMP(date)', "cid = " . (int) $cid);
                    if ($_USER['uid'] != $commentuid) {
                        $A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $commentuid);
                    }
                }
                if (empty($A['username'])) {
                    $A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $uid);
                }
                $author_id = PLG_getItemInfo($type, $sid, 'author');
                $thecomments = CMT_getComment($A, 'flat', $type, 'ASC', false, true, 0, $author_id);
                $start->set_var('comments', $thecomments);
                $retval .= '<a name="comment_entry"></a>';
                $retval .= COM_startBlock($LANG03[14]) . $start->finish($start->parse('output', 'comment')) . COM_endBlock();
            } else {
                if ($mode == 'preview_new' || $mode == 'preview_edit') {
                    $retval .= COM_showMessageText($LANG03[12], $LANG03[17], true);
                    $mode = 'error';
                }
            }
            $comment_template = new Template($_CONF['path_layout'] . 'comment');
            $comment_template->set_file('form', 'commentform.thtml');
            if ($mode == 'preview_new') {
                $comment_template->set_var('mode', 'new');
                $comment_template->set_var('show_anchor', '');
            } else {
                if ($mode == 'preview_edit') {
                    $comment_template->set_var('mode', 'edit');
                    $comment_template->set_var('show_anchor', '');
                } else {
                    $comment_template->set_var('mode', $mode);
                    $comment_template->set_var('show_anchor', 1);
                }
            }
            $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
            if ($_CONF['show_fullname'] == 1) {
                $comment_template->set_var('lang_username', $LANG_ACCESS['name']);
            } else {
                $comment_template->set_var('lang_username', $LANG03[5]);
            }
            $comment_template->set_var('sid', $sid);
            $comment_template->set_var('pid', $pid);
            $comment_template->set_var('type', $type);
            if ($mode == 'edit' || $mode == 'preview_edit') {
                //edit modes
                $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[41]));
                $comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . @htmlspecialchars(COM_applyFilter($_REQUEST['cid']), ENT_COMPAT, COM_getEncodingt()) . '"/>');
            } else {
                $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
                $comment_template->set_var('cid', '');
            }
            $comment_template->set_var('CSRF_TOKEN', SEC_createToken());
            $comment_template->set_var('token_name', CSRF_TOKEN);
            if (!COM_isAnonUser()) {
                $comment_template->set_var('uid', $_USER['uid']);
                $name = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
                $comment_template->set_var('username', $name);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]);
                $comment_template->set_var('username_disabled', 'disabled="disabled"');
                $comment_template->set_var('suballowed', true);
                $isSub = 0;
                if ($mode == 'preview_edit' || $mode == 'preview_new') {
                    $isSub = isset($_POST['subscribe']) ? 1 : 0;
                } else {
                    if (PLG_isSubscribed('comment', $type, $sid)) {
                        $isSub = 1;
                    }
                }
                if ($isSub == 0) {
                    $subchecked = '';
                } else {
                    $subchecked = 'checked="checked"';
                }
                $comment_template->set_var('subchecked', $subchecked);
            } else {
                //Anonymous user
                $comment_template->set_var('uid', 1);
                if (isset($_POST['username'])) {
                    $name = $filter->sanitizeUsername(COM_applyFilter($_POST['username']));
                    //for preview
                } else {
                    $name = $LANG03[24];
                    //anonymous user
                }
                $usernameblock = '<input type="text" name="username" size="16" value="' . $name . '" maxlength="32"/>';
                $comment_template->set_var('username', $name);
                // $usernameblock);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
                $comment_template->set_var('username_disabled', '');
            }
            if ($postmode == 'html') {
                $comment_template->set_var('htmlmode', true);
            }
            $comment_template->set_var('lang_title', $LANG03[16]);
            $comment_template->set_var('title', @htmlspecialchars($title, ENT_COMPAT, COM_getEncodingt()));
            $comment_template->set_var('lang_comment', $LANG03[9]);
            $comment_template->set_var('comment', $edit_comment);
            $comment_template->set_var('lang_postmode', $LANG03[2]);
            $comment_template->set_var('postmode', $postmode);
            $comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
            $comment_template->set_var('allowed_html', $filter->getAllowedHTML() . '<br/>' . COM_AllowedAutotags('', false, 'glfusion', 'comment'));
            $comment_template->set_var('lang_importantstuff', $LANG03[18]);
            $comment_template->set_var('lang_instr_line1', $LANG03[19]);
            $comment_template->set_var('lang_instr_line2', $LANG03[20]);
            $comment_template->set_var('lang_instr_line3', $LANG03[21]);
            $comment_template->set_var('lang_instr_line4', $LANG03[22]);
            $comment_template->set_var('lang_instr_line5', $LANG03[23]);
            if ($mode == 'edit' || $mode == 'preview_edit') {
                //editing comment or preview changes
                $comment_template->set_var('lang_preview', $LANG03[28]);
            } else {
                //new comment
                $comment_template->set_var('lang_preview', $LANG03[14]);
            }
            if (function_exists('msg_replaceEmoticons')) {
                $comment_template->set_var('smilies', msg_showsmilies());
            }
            $comment_template->unset_var('save_type');
            PLG_templateSetVars('comment', $comment_template);
            if ($mode == 'preview_edit' || $mode == 'edit' && $_CONF['skip_preview'] == 1) {
                //for editing
                $comment_template->set_var('save_type', 'saveedit');
                $comment_template->set_var('lang_save', $LANG03[29]);
                $comment_template->set_var('save_option', '<input type="submit" name="saveedit" value="' . $LANG03[29] . '"/>');
            } elseif ($_CONF['skip_preview'] == 1 || $mode == 'preview_new') {
                //new comment
                $comment_template->set_var('save_type', 'savecomment');
                $comment_template->set_var('lang_save', $LANG03[11]);
                $comment_template->set_var('save_option', '<input type="submit" name="savecomment" value="' . $LANG03[11] . '"/>');
            }
            $comment_template->set_var('end_block', COM_endBlock());
            $comment_template->parse('output', 'form');
            $retval .= $comment_template->finish($comment_template->get_var('output'));
        }
    }
    return $retval;
}