}
if (($result = BuckysPrivateMessenger::addUserToBuddylist($userID, $cUserID)) === true) {
//Getting New Messenger Lists
$newUserHTML = BuckysPrivateMessenger::getUserListHTML($userID);
render_result_xml(array('status' => 'success', 'html' => $newUserHTML));
} else {
render_result_xml(array('status' => 'error', 'message' => $result));
}
exit;
}
//Remove user from the buddy list
if ($_POST['action'] == 'remove-user') {
header('Content-type: application/xml');
$cUserID = $_POST['userID'];
$cUserIDHash = $_POST['userIDHash'];
if (!$cUserID || !$cUserIDHash || !buckys_check_id_encrypted($cUserID, $cUserIDHash)) {
render_result_xml(array('status' => 'error', 'message' => MSG_INVALID_REQUEST));
exit;
}
$userInfo = BuckysUser::getUserBasicInfo($userID);
if ($userInfo['messenger_privacy'] == 'all') {
$result = BuckysPrivateMessenger::blockUser($userID, $cUserID);
if (is_array($result)) {
render_result_xml(array('status' => 'success', 'type' => 'block', 'id' => $result['userID'], 'name' => $result['firstName'] . " " . $result['lastName'], 'icon' => BuckysUser::getProfileIcon($result)));
} else {
render_result_xml(array('status' => 'error', 'message' => $result));
}
} else {
if (($result = BuckysPrivateMessenger::removeUserFromBuddylist($userID, $cUserID)) === true) {
//Getting New Messenger Lists
render_result_xml(array('status' => 'success', 'type' => 'remove'));
/**
* Save Post
*
* @param $userID
* @param array $data
* @return bool|int|null|string
*/
public static function savePost($userID, $data)
{
global $db;
$now = date('Y-m-d H:i:s');
$type = isset($data['type']) ? $data['type'] : 'text';
if (!in_array($type, ['text', 'image', 'video'])) {
$type = 'text';
}
$data['pageID'] = isset($data['pageID']) && is_numeric($data['pageID']) ? $data['pageID'] : BuckysPost::INDEPENDENT_POST_PAGE_ID;
if ($data['pageID'] != BuckysPost::INDEPENDENT_POST_PAGE_ID && !buckys_check_id_encrypted($data['pageID'], $data['pageIDHash'])) {
buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
return false;
}
if (isset($data['profileID']) && !BuckysFriend::isFriend($userID, $data['profileID'])) {
buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
return false;
}
if (!isset($data['profileID'])) {
$data['profileID'] = 0;
}
if (!BuckysUsersDailyActivity::checkUserDailyLimit($userID, 'posts')) {
buckys_add_message(sprintf(MSG_DAILY_POSTS_LIMIT_EXCEED_ERROR, USER_DAILY_LIMIT_POSTS), MSG_TYPE_ERROR);
return false;
}
if ($type == 'text') {
if (trim($data['content']) == '') {
buckys_add_message(MSG_CONTENT_IS_EMPTY, MSG_TYPE_ERROR);
return false;
}
// Strip tags, and change url to clickable
$data['content'] = strip_tags($data['content']);
$newId = $db->insertFromArray(TABLE_POSTS, ['poster' => $userID, 'pageID' => $data['pageID'], 'profileID' => $data['profileID'], 'content' => $data['content'], 'type' => $type, 'youtube_url' => '', 'post_date' => $now, 'visibility' => $data['post_visibility']]);
if (!$newId) {
buckys_add_message($db->getLastError(), MSG_TYPE_ERROR);
return false;
}
} else {
if ($type == 'video') {
//Check Youtube URL is Valid or Not
if (!buckys_validate_youtube_url($data['youtube_url'])) {
buckys_add_message(MSG_INVALID_YOUTUBE_URL, MSG_TYPE_ERROR);
return false;
}
$newId = $db->insertFromArray(TABLE_POSTS, ['poster' => $userID, 'pageID' => $data['pageID'], 'profileID' => $data['profileID'], 'content' => $data['content'], 'type' => $type, 'youtube_url' => $data['youtube_url'], 'post_date' => $now, 'visibility' => $data['post_visibility']]);
if (!$newId) {
buckys_add_message($db->getLastError(), MSG_TYPE_ERROR);
return false;
}
} else {
if ($type == 'image') {
$newId = BuckysPost::savePhoto($userID, $data);
}
}
}
if (!isset($newId)) {
return false;
}
switch ($type) {
case 'image':
// No message
break;
case 'video':
buckys_add_message(MSG_NEW_VIDEO_CREATED, MSG_TYPE_SUCCESS);
break;
case 'text':
buckys_add_message(MSG_NEW_POST_CREATED, MSG_TYPE_SUCCESS);
break;
default:
break;
}
BuckysUsersDailyActivity::addPost($userID);
return $newId;
}
<?php
require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
if (isset($_POST['action'])) {
if ($_POST['action'] == 'thumb-up' || $_POST['action'] == 'thumb-down') {
if (!buckys_check_user_acl(USER_ACL_REGISTERED)) {
$data = ['status' => 'error', 'message' => MSG_PLEASE_LOGIN_TO_CAST_VOTE];
} else {
if (!$_POST['objectID'] || !$_POST['objectIDHash'] || !$_POST['objectType'] || !buckys_check_id_encrypted($_POST['objectID'], $_POST['objectIDHash'])) {
$data = ['status' => 'error', 'message' => MSG_INVALID_REQUEST];
} else {
if ($_POST['objectType'] == 'topic') {
$result = BuckysForumTopic::voteTopic($TNB_GLOBALS['user']['userID'], $_POST['objectID'], $_POST['action'] == 'thumb-up' ? 1 : -1);
} else {
$result = BuckysForumReply::voteReply($TNB_GLOBALS['user']['userID'], $_POST['objectID'], $_POST['action'] == 'thumb-up' ? 1 : -1);
}
if (is_int($result)) {
$data = ['status' => 'success', 'message' => MSG_THANKS_YOUR_VOTE, 'votes' => ($result > 0 ? "+" : "") . $result];
} else {
$data = ['status' => 'error', 'message' => $result];
}
}
}
render_result_xml($data);
exit;
}
} else {
if (isset($_GET['action']) && $_GET['action'] == 'delete') {
//Delete this topic
$userID = buckys_is_logged_in();
$topicID = isset($_GET['id']) ? get_secure_integer($_GET['id']) : null;
if ($_REQUEST['action'] == 'accept') {
if (BuckysFriend::accept($userID, $_REQUEST['friendID'])) {
buckys_redirect('/myfriends.php?type=requested', MSG_FRIEND_REQUEST_APPROVED);
} else {
buckys_redirect('/myfriends.php?type=requested', $db->getLastError(), MSG_TYPE_ERROR);
}
} else {
if ($_REQUEST['action'] == 'delete') {
if (BuckysFriend::delete($userID, $_REQUEST['friendID'])) {
buckys_redirect($return, MSG_FRIEND_REQUEST_REMOVED);
} else {
buckys_redirect($return, $db->getLastError(), MSG_TYPE_ERROR);
}
} else {
if ($_REQUEST['action'] == 'request') {
if (!isset($_REQUEST['friendID']) || !isset($_REQUEST['friendIDHash']) || !buckys_check_id_encrypted($_REQUEST['friendID'], $_REQUEST['friendIDHash'])) {
buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
if (!BuckysUser::checkUserID($_REQUEST['friendID'])) {
buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
if (BuckysFriend::isFriend($userID, $_REQUEST['friendID'])) {
buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
if (BuckysFriend::isSentFriendRequest($userID, $_REQUEST['friendID'])) {
buckys_redirect($return, MSG_FRIEND_REQUEST_ALREADY_SENT, MSG_TYPE_ERROR);
}
if (BuckysFriend::isSentFriendRequest($_REQUEST['friendID'], $userID)) {
buckys_redirect($return, MSG_FRIEND_REQUEST_ALREADY_SENT, MSG_TYPE_ERROR);
}
if (BuckysFriend::sendFriendRequest($userID, $_REQUEST['friendID'])) {
}
//Check the url parameters is correct
if (!isset($_GET['id']) || !isset($_GET['idHash']) || !buckys_check_id_encrypted($_GET['id'], $_GET['idHash'])) {
buckys_redirect('/moderator.php?type=' . $moderatorType, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
BuckysModerator::chooseModerator($_GET['id']);
buckys_redirect('/moderator.php?type=' . $moderatorType);
}
//Process Actions
if (isset($_POST['action'])) {
if ($_POST['action'] == 'apply_candidate') {
$newID = BuckysModerator::applyCandidate($userID, $moderatorType, $_POST['moderator_text']);
buckys_redirect('/moderator.php?type=' . $moderatorType, MSG_APPLY_JOB_SUCCESSFULLY);
}
if ($_POST['action'] == 'thumb-up' || $_POST['action'] == 'thumb-down') {
if (!$_POST['candidateID'] || !$_POST['candidateIDHash'] || !buckys_check_id_encrypted($_POST['candidateID'], $_POST['candidateIDHash'])) {
$data = array('status' => 'error', 'message' => MSG_INVALID_REQUEST);
} else {
$result = BuckysModerator::voteCandidate($userID, $_POST['candidateID'], $_POST['action'] == 'thumb-up' ? true : false);
if (is_int($result)) {
$data = array('status' => 'success', 'message' => MSG_THANKS_YOUR_VOTE, 'votes' => ($result > 0 ? "+" : "") . $result);
} else {
$data = array('status' => 'error', 'message' => $result);
}
}
render_result_xml($data);
exit;
}
}
//Get Remaind Date
$timeOffset = strtotime('next Monday') - time();
require dirname(__FILE__) . '/includes/bootstrap.php';
$reportTypes = array();
foreach ($BUCKYS_GLOBALS['reportObjectTypes'] as $arr) {
$reportTypes = array_merge($arr, $reportTypes);
}
if (!($userID = buckys_is_logged_in())) {
echo MSG_INVALID_REQUEST;
exit;
}
$type = isset($_REQUEST['type']) ? strtolower($_REQUEST['type']) : null;
if (!in_array($type, $reportTypes)) {
echo MSG_INVALID_REQUEST;
exit;
}
if (isset($_POST['action'])) {
if ($_POST['action'] == 'report') {
if (!isset($_POST['id']) || !isset($_POST['idHash']) || !buckys_check_id_encrypted($_POST['id'], $_POST['idHash'])) {
$data = array('status' => 'error', 'message' => MSG_INVALID_REQUEST);
} else {
$result = BuckysReport::reportObject($userID, $_POST['id'], $type);
if ($result === true) {
$data = array('status' => 'success', 'message' => MSG_THANKS_YOUR_REPORT);
} else {
$data = array('status' => 'error', 'message' => $result);
}
}
render_result_xml($data);
exit;
}
}
require dirname(__FILE__) . '/includes/bootstrap.php';
//Getting Current User ID
if (!buckys_check_user_acl(USER_ACL_REGISTERED)) {
buckys_redirect('/index.php', MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
if (isset($_POST['action']) && $_POST['action'] == 'get-users') {
$users = BuckysUser::searchUsers($_REQUEST['term'], $userID);
$result = [];
foreach ($users as $row) {
$result[] = ["id" => $row['userID'], 'label' => $row['fullName'], 'value' => $row['fullName'], 'hash' => buckys_encrypt_id($row['userID'])];
}
echo json_encode($result);
buckys_exit();
}
if (isset($_POST['action']) && $_POST['action'] == 'send-money') {
if (!isset($_POST['receiverID']) || !isset($_POST['receiverIDHash']) || !isset($_POST['amount']) || !buckys_check_id_encrypted($_POST['receiverID'], $_POST['receiverIDHash'])) {
buckys_redirect('/credits.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
$result = BuckysTransaction::sendCredits($_POST['receiverID'], $_POST['amount']);
if ($result === true) {
buckys_redirect('/credits.php', MSG_SENT_CREDITS_SUCCESSFULLY);
} else {
buckys_redirect('/credits.php', $result, MSG_TYPE_ERROR);
}
exit;
}
$page = isset($_GET['page']) ? $_GET['page'] : 1;
$totalCount = BuckysTransaction::getNumOfCreditActivities($userID);
//Init Pagination Class
$pagination = new Pagination($totalCount, BuckysTransaction::$COUNT_PER_PAGE, $page);
$page = $pagination->getCurrentPage();
<?php
require dirname(__FILE__) . '/includes/bootstrap.php';
//If the user is not logged in, redirect to the index page
if (!($userID = buckys_is_logged_in())) {
buckys_redirect('/index.php');
}
if (isset($_POST['action']) && $_POST['action'] == 'change_password') {
$isValid = true;
if (!$_POST['userID'] || !$_POST['userIDHash'] || !buckys_check_id_encrypted($_POST['userID'], $_POST['userIDHash']) || $userID != $_POST['userID']) {
buckys_redirect("/index.php");
}
if (!$_POST['currentPassword'] || !$_POST['newPassword'] || !$_POST['newPassword2']) {
buckys_redirect("/change_password.php", MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
$isValid = false;
} else {
if ($_POST['newPassword'] != $_POST['newPassword2']) {
buckys_redirect("/change_password.php", MSG_NOT_MATCH_PASSWORD, MSG_TYPE_ERROR);
$isValid = false;
} else {
if (!buckys_check_password_strength($_POST['newPassword'])) {
buckys_redirect("/change_password.php", MSG_NEW_PASSWORD_STRENGTH_ERROR, MSG_TYPE_ERROR);
$isValid = false;
}
}
}
//Check Current Password
$data = BuckysUser::getUserData($userID);
if (!$data) {
buckys_redirect("/index.php");
}
