//Getting Current User ID
if (!($userID = buckys_is_logged_in())) {
buckys_redirect('/index.php', MSG_NOT_LOGGED_IN_USER, MSG_TYPE_ERROR);
}
$type = isset($_REQUEST['type']) ? $_REQUEST['type'] : '';
if (!in_array($type, ['all', 'pending', 'requested'])) {
$type = 'all';
}
if (isset($_REQUEST['action'])) {
$return = isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/myfriends.php?type=' . $type;
$isAjax = isset($_REQUEST['buckys_ajax']) ? true : false;
if ($isAjax) {
header('Content-type: application/xml');
}
$friendID = buckys_escape_query_integer($_REQUEST['friendID']);
if (!buckys_check_form_token('request')) {
if ($isAjax) {
$resultXML = ['status' => 'error', 'message' => MSG_INVALID_REQUEST];
render_result_xml($resultXML);
} else {
buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
exit;
}
if ($_REQUEST['action'] == 'unfriend') {
if (BuckysFriend::unfriend($userID, $friendID)) {
if ($isAjax) {
$resultXML = ['status' => 'success', 'message' => MSG_FRIEND_REMOVED, 'html' => 'Send Friend Request', 'action' => 'unfriend', 'link' => '/myfriends.php?action=request&friendID=' . $friendID . buckys_get_token_param()];
render_result_xml($resultXML);
} else {
buckys_redirect($return, MSG_FRIEND_REMOVED);
<?php
require dirname(__FILE__) . '/includes/bootstrap.php';
//Getting Current User ID
if (!buckys_check_user_acl(USER_ACL_MODERATOR)) {
buckys_redirect('/index.php', MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
$classAds = new BuckysAds();
if (isset($_REQUEST['action'])) {
if (!buckys_check_form_token()) {
buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
if ($_REQUEST['action'] == 'reject-ads') {
$classAds->rejectAds($_REQUEST['adID']);
buckys_redirect('/manage_ads.php', MSG_AD_ADS_REJECTED);
} else {
if ($_REQUEST['action'] == 'approve-ads') {
$classAds->approveAds($_REQUEST['adID']);
buckys_redirect('/manage_ads.php', MSG_AD_ADS_APPROVED);
}
}
}
$page = isset($_GET['page']) ? $_GET['page'] : 1;
$totalCount = $classAds->getPendingAdsCount();
//Init Pagination Class
$pagination = new Pagination($totalCount, BuckysAds::$COUNT_PER_PAGE, $page);
$page = $pagination->getCurrentPage();
$objects = $classAds->getPendingAds($page, BuckysAds::$COUNT_PER_PAGE);
buckys_enqueue_javascript('manage_ads.js');
buckys_enqueue_stylesheet('account.css');
buckys_enqueue_stylesheet('moderator.css');
/**
* Create New Message
*
* @param mixed $data
* @return bool
*/
public static function composeMessage($data)
{
global $db;
if (!buckys_check_form_token()) {
buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
return false;
}
$receivers = $data['to'];
if (!buckys_not_null($receivers)) {
buckys_add_message(MSG_SENDER_EMPTY_ERROR, MSG_TYPE_ERROR);
return false;
}
if (trim($data['subject']) == '') {
buckys_add_message(MSG_MESSAGE_SUBJECT_EMPTY_ERROR, MSG_TYPE_ERROR);
return false;
}
if (trim($data['body']) == '') {
buckys_add_message(MSG_MESSAGE_BODY_EMPTY_ERROR, MSG_TYPE_ERROR);
return false;
}
$createdDate = date("Y-m-d H:i:s");
if (!is_array($receivers)) {
$receivers = [$receivers];
}
//Remove Duplicated Messages
$receivers = array_unique($receivers);
$nonFriend = [];
$sents = [];
$errors = [];
$isError = false;
foreach ($receivers as $receiver) {
//Create A message row for Sender
$sender = $data['userID'];
$receiverInfo = BuckysUser::getUserBasicInfo($receiver);
//confirm that current user and receiver is friend
/*if(!BuckysFriend::isFriend($receiver, $sender))
{
$nonFriend[] = $receiverInfo['firstName'] . " " . $receiverInfo['lastName'];
$isError = true;
continue;
}*/
$insertData = ['userID' => $sender, 'sender' => $sender, 'receiver' => $receiver, 'subject' => $data['subject'], 'body' => $data['body'], 'status' => 'read', 'created_date' => $createdDate];
$newId1 = $db->insertFromArray(TABLE_MESSAGES, $insertData);
//Create A message row for receiver
$sender = $data['userID'];
$insertData = ['userID' => $receiver, 'sender' => $sender, 'receiver' => $receiver, 'subject' => $data['subject'], 'body' => $data['body'], 'status' => 'unread', 'created_date' => $createdDate];
$newId2 = $db->insertFromArray(TABLE_MESSAGES, $insertData);
$sents[] = $receiverInfo['firstName'] . ' ' . $receiverInfo['lastName'];
}
if (count($sents) > 0) {
buckys_add_message(MSG_NEW_MESSAGE_SENT, MSG_TYPE_SUCCESS);
}
if (count($nonFriend) > 0) {
if (count($nonFriend) > 1) {
$msg = sprintf(MSG_COMPOSE_MESSAGE_ERROR_TO_NON_FRIENDS, implode(", ", $nonFriend));
} else {
$msg = sprintf(MSG_COMPOSE_MESSAGE_ERROR_TO_NON_FRIEND, $nonFriend[0]);
}
buckys_add_message($msg, MSG_TYPE_ERROR);
}
return !$isError;
}
/**
* Like Post
*
* @param int $userID
* @param int $postID
* @param $action
* @param bool $checkToken
* @return bool|int|null|string
*/
public static function likePost($userID, $postID, $action, $checkToken = true)
{
global $db;
$post = BuckysPost::getPostById($postID);
if ($checkToken && !buckys_check_form_token('request')) {
buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
return false;
}
if (!$post || $post['poster'] == $userID) {
buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
return false;
}
if ($post['visibility'] == 0 && !BuckysFriend::isFriend($userID, $post['poster'])) {
buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
return false;
}
if (!BuckysUsersDailyActivity::checkUserDailyLimit($userID, 'likes')) {
buckys_add_message(sprintf(MSG_DAILY_LIKES_LIMIT_EXCEED_ERROR, USER_DAILY_LIMIT_LIKES), MSG_TYPE_ERROR);
return false;
}
//Check already like it or not
$query = $db->prepare("SELECT likeID FROM " . TABLE_POSTS_LIKES . " WHERE userID=%s AND postID=%s", $userID, $postID);
$likeId = $db->getVar($query);
if ($action == 'likePost') {
if ($likeId) {
buckys_add_message(MSG_ALREADY_LIKED_POST, MSG_TYPE_ERROR);
return false;
}
BuckysUsersDailyActivity::addLikes($userID);
//Like This post
$rs = $db->insertFromArray(TABLE_POSTS_LIKES, ['userID' => $userID, 'postID' => $postID]);
//Update likes on the posts table
$query = $db->prepare('UPDATE ' . TABLE_POSTS . ' SET `likes`=`likes` + 1 WHERE postID=%d', $postID);
$db->query($query);
//Add Activity
$activityId = BuckysActivity::addActivity($userID, $postID, 'post', 'like', $rs);
//Add Notification
BuckysActivity::addNotification($post['poster'], $activityId, BuckysActivity::NOTIFICATION_TYPE_LIKE_POST);
//Increase Hits
BuckysHit::addHit($postID, $userID);
//Update User Stats
BuckysUser::updateStats($post['poster'], 'likes', 1);
return $rs;
} else {
if ($action == 'unlikePost') {
if (!$likeId) {
buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
return false;
}
BuckysUsersDailyActivity::addLikes($userID);
$query = $db->prepare("DELETE FROM " . TABLE_POSTS_LIKES . " WHERE userID=%s AND postID=%s", $userID, $postID);
$db->query($query);
//Update likes on the posts table
$query = $db->prepare('UPDATE ' . TABLE_POSTS . ' SET `likes`=`likes` - 1 WHERE postID=%d', $postID);
$db->query($query);
//Increase Hits
BuckysHit::removeHit($postID, $userID);
//Update User Stats
BuckysUser::updateStats($post['poster'], 'likes', -1);
return true;
}
}
}
<?php
require dirname(__FILE__) . '/includes/bootstrap.php';
if (!buckys_check_form_token('get')) {
header("HTTP/1.0 404 Not Found");
exit;
}
$adKey = $_GET['key'];
$url = base64_decode($_GET['url']);
//Increase clicks
$query = $db->prepare("UPDATE " . TABLE_ADS . " SET `clicks`=`clicks` + 1 WHERE `adKey`=%s", $adKey);
$db->query($query);
header("Location: " . $url);
<?php
require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
$categoryID = isset($_GET['id']) ? $_GET['id'] : 0;
if (isset($_REQUEST['action'])) {
if ($_REQUEST['action'] == 'follow' || $_REQUEST['action'] == 'unfollow') {
if (!($userID = buckys_is_logged_in()) && buckys_check_form_token('request')) {
buckys_redirect(isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
$category = BuckysForumCategory::getCategory($categoryID);
if (!$category || $_REQUEST['action'] == 'follow' && BuckysForumFollower::isFollow($category['categoryID'], $userID) || $_REQUEST['action'] == 'unfollow' && !BuckysForumFollower::isFollow($category['categoryID'], $userID) || $category['creatorID'] == $userID) {
buckys_redirect(isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
if ($_REQUEST['action'] == 'follow') {
BuckysForumFollower::followForum($userID, $categoryID);
buckys_add_message(MSG_FOLLOW_FORUM_SUCCESS);
} else {
BuckysForumFollower::unfollowForum($userID, $categoryID);
buckys_add_message(MSG_UNFOLLOW_FORUM_SUCCESS);
}
buckys_redirect(isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum');
}
}
$category = BuckysForumCategory::getCategory($categoryID);
if (!$category) {
buckys_redirect('/forum');
}
//Getting Topics by category id
$page = isset($_GET['page']) ? $_GET['page'] : 1;
$orderby = isset($_GET['orderby']) ? $_GET['orderby'] : 'recent';
switch ($orderby) {
header('Content-type: application/xml');
$commentsHTML = '';
foreach ($comments as $comment) {
$commentsHTML .= render_single_comment($comment, $userID, true);
$lastDate = $comment['posted_date'];
}
$result = ['comment' => $commentsHTML];
render_result_xml(['comment' => $commentsHTML, 'lastdate' => $lastDate, 'hasmore' => $commentsHTML != '' && BuckysComment::hasMoreComments($postID, $lastDate) ? 'yes' : 'no']);
}
} else {
if ($_GET['action']) {
//Delete Post
if ($_GET['action'] == 'delete-comment') {
if (!$userID) {
echo MSG_INVALID_REQUEST;
exit;
}
$postID = $_GET['postID'];
$commentID = $_GET['commentID'];
$cUserID = $_GET['userID'];
if (!buckys_check_form_token('request') || !BuckysComment::deleteComment($userID, $commentID)) {
echo 'Invalid Request';
} else {
header('content-type: application/xml');
$newCount = BuckysComment::getPostCommentsCount($postID);
render_result_xml(['commentcount' => $newCount > 1 ? $newCount . " comments" : $newCount . " comment"]);
}
exit;
}
}
}
