/** * Process Login from api * * @return userID, Email and Token */ public function loginAction() { //The login request should be POST method $request = $_POST; $token = isset($request['TOKEN']) ? trim($request['TOKEN']) : null; $email = isset($request['email']) ? trim($request['email']) : null; $password = isset($request['password']) ? trim($request['password']) : null; if (!$token) { return ['STATUS_CODE' => STATUS_CODE_BAD_REQUEST, 'DATA' => buckys_api_get_error_result('Api token should not be blank')]; } if ($token != THENEWBOSTON_PUBLIC_API_KEY) { return ['STATUS_CODE' => STATUS_CODE_UNAUTHORIZED, 'DATA' => buckys_api_get_error_result('Api token is not valid.')]; } $info = buckys_get_user_by_email($email); if (buckys_not_null($info) && buckys_validate_password($password, $info['password'])) { if ($info['status'] == 0) { //Account is not verified return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => buckys_api_get_error_result(MSG_ACCOUNT_NOT_VERIFIED)]; } else { //Remove Old Token BuckysUsersToken::removeUserToken($info['userID'], 'api'); //Create New Token $token = BuckysUsersToken::createNewToken($info['userID'], 'api'); return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => ['STATUS' => 'SUCCESS', 'TOKEN' => $token, 'EMAIL' => $info['email'], 'USERID' => $info['userID']]]; } } else { return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => buckys_api_get_error_result('Email or password is not correct.')]; } }
/** * Create New Message * * @param mixed $data */ public function composeMessage($data) { global $db; $receivers = $data['to']; if (!buckys_not_null($receivers)) { buckys_add_message(MSG_SENDER_EMPTY_ERROR, MSG_TYPE_ERROR); return false; } if (trim($data['subject']) == '') { buckys_add_message(MSG_MESSAGE_SUBJECT_EMPTY_ERROR, MSG_TYPE_ERROR); return false; } if (trim($data['body']) == '') { buckys_add_message(MSG_MESSAGE_BODY_EMPTY_ERROR, MSG_TYPE_ERROR); return false; } $createdDate = date("Y-m-d H:i:s"); if (!is_array($receivers)) { $receivers = array($receivers); } //Remove Duplicated Messages $receivers = array_unique($receivers); $nonFriend = array(); $sents = array(); $errors = array(); $isError = false; foreach ($receivers as $receiver) { //Create A message row for Sender $sender = $data['userID']; $receiverInfo = BuckysUser::getUserBasicInfo($receiver); //confirm that current user and receiver is friend /*if(!BuckysFriend::isFriend($receiver, $sender)) { $nonFriend[] = $receiverInfo['firstName'] . " " . $receiverInfo['lastName']; $isError = true; continue; }*/ $insertData = array('userID' => $sender, 'sender' => $sender, 'receiver' => $receiver, 'subject' => $data['subject'], 'body' => $data['body'], 'status' => 'read', 'created_date' => $createdDate); $newId1 = $db->insertFromArray(TABLE_MESSAGES, $insertData); //Create A message row for receiver $sender = $data['userID']; $insertData = array('userID' => $receiver, 'sender' => $sender, 'receiver' => $receiver, 'subject' => $data['subject'], 'body' => $data['body'], 'status' => 'unread', 'created_date' => $createdDate); $newId2 = $db->insertFromArray(TABLE_MESSAGES, $insertData); $sents[] = $receiverInfo['firstName'] . ' ' . $receiverInfo['lastName']; } if (count($sents) > 0) { buckys_add_message(MSG_NEW_MESSAGE_SENT, MSG_TYPE_SUCCESS); } if (count($nonFriend) > 0) { if (count($nonFriend) > 1) { $msg = sprintf(MSG_COMPOSE_MESSAGE_ERROR_TO_NON_FRIENDS, implode(", ", $nonFriend)); } else { $msg = sprintf(MSG_COMPOSE_MESSAGE_ERROR_TO_NON_FRIEND, $nonFriend[0]); } buckys_add_message($msg, MSG_TYPE_ERROR); } return !$isError; }
public function getListAction() { $request = $_GET; $token = isset($request['TOKEN']) ? trim($request['TOKEN']) : null; $lastDate = isset($request['lastDate']) ? $request['lastDate'] : null; if (!$token) { return ['STATUS_CODE' => STATUS_CODE_BAD_REQUEST, 'DATA' => buckys_api_get_error_result('Api token should not be blank')]; } if (!($userID = BuckysUsersToken::checkTokenValidity($token, "api"))) { return ['STATUS_CODE' => STATUS_CODE_UNAUTHORIZED, 'DATA' => buckys_api_get_error_result('Api token is not valid.')]; } $stream = BuckysPost::getUserPostsStream($userID, $lastDate); //Format Result Data $result = []; foreach ($stream as $post) { if ($post['pageID'] != BuckysPost::INDEPENDENT_POST_PAGE_ID) { $pageIns = new BuckysPage(); $pageData = $pageIns->getPageByID($post['pageID']); } $pagePostFlag = false; if (isset($pageData)) { $pagePostFlag = true; } $item = []; $item['articleId'] = $post['postID']; $item['posterId'] = $post['poster']; $item['articleImage'] = ""; $item['articleVideo'] = ""; $item['articleVideoId'] = ""; if ($pagePostFlag) { $item['posterName'] = $pageData['title']; $item['posterThumbnail'] = buckys_not_null($pageData['logo']) ? THENEWBOSTON_SITE_URL . DIR_WS_PHOTO . "users/" . $pageData['userID'] . "/resized/" . $pageData['logo'] : THENEWBOSTON_SITE_URL . DIR_WS_IMAGE . "newPagePlaceholder.jpg"; } else { $item['posterName'] = $post['posterFullName']; $item['posterThumbnail'] = THENEWBOSTON_SITE_URL . BuckysUser::getProfileIcon($post['poster']); } $item['postedDate'] = buckys_api_format_date($userID, $post['post_date']); $item['purePostedDate'] = $post['post_date']; $item['articleContent'] = $post['content']; if ($post['type'] == 'video') { $item['articleVideo'] = $post['youtube_url']; $item['articleVideoId'] = buckys_get_youtube_video_id($post['youtube_url']); } else { if ($post['type'] == 'image') { $item['articleImage'] = THENEWBOSTON_SITE_URL . DIR_WS_PHOTO . 'users/' . $post['poster'] . '/resized/' . $post['image']; } } $item['articleLikes'] = $post['likes']; $item['articleComments'] = $post['comments']; $item['isLiked'] = !$post['likeID'] ? "no" : "yes"; $result[] = $item; } return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => ["STATUS" => "SUCCESS", "RESULT" => $result]]; }
/** * Save Comment * * @param Int $userID * @param Int $postID * @param String $comment */ public function saveComments($userID, $postID, $comment) { global $db; $now = date("Y-m-d H:i:s"); $newId = $db->insertFromArray(TABLE_COMMENTS, array('postID' => $postID, 'commenter' => $userID, 'content' => $comment, 'posted_date' => $now)); if (buckys_not_null($newId)) { //Update comments on the posts table $query = $db->prepare('UPDATE ' . TABLE_POSTS . ' SET `comments`=`comments` + 1 WHERE postID=%d', $postID); $db->query($query); //Add Activity BuckysActivity::addActivity($userID, $postID, 'post', 'comment', $newId); //Increase Hits BuckysHit::addHit($postID, $userID); } return $newId; }
/** * Save Comment * * @param Int $userID * @param Int $postID * @param String $comment * @return int|null|string */ public static function saveComments($userID, $postID, $comment, $image = null) { global $db; $now = date("Y-m-d H:i:s"); if ($image != null) { if (file_exists(DIR_FS_PHOTO_TMP . $image)) { list($width, $height, $type, $attr) = getimagesize(DIR_FS_PHOTO_TMP . $image); if ($width > MAX_COMMENT_IMAGE_WIDTH) { $height = $height * (MAX_COMMENT_IMAGE_WIDTH / $width); $width = MAX_COMMENT_IMAGE_WIDTH; } if ($height > MAX_COMMENT_IMAGE_HEIGHT) { $width = $width * (MAX_COMMENT_IMAGE_HEIGHT / $height); $height = MAX_COMMENT_IMAGE_HEIGHT; } BuckysPost::moveFileFromTmpToUserFolder($userID, $image, $width, $height, 0, 0); } else { $image = null; } } $newId = $db->insertFromArray(TABLE_COMMENTS, ['postID' => $postID, 'commenter' => $userID, 'content' => $comment, 'image' => $image, 'posted_date' => $now]); if (buckys_not_null($newId)) { $postData = BuckysPost::getPostById($postID); BuckysUsersDailyActivity::addComment($userID); //Update comments on the posts table $query = $db->prepare('UPDATE ' . TABLE_POSTS . ' SET `comments`=`comments` + 1 WHERE postID=%d', $postID); $db->query($query); //Add Activity $activityID = BuckysActivity::addActivity($userID, $postID, 'post', 'comment', $newId); //Add Notification if ($postData['poster'] != $userID) { BuckysActivity::addNotification($postData['poster'], $activityID, BuckysActivity::NOTIFICATION_TYPE_COMMENT_TO_POST); } //Get Already Commented users which commentToComment is 1 $query = $db->prepare("SELECT DISTINCT(pc.commenter), IFNULL(un.notifyCommentToMyComment, 1) AS notifyCommentToMyComment FROM " . TABLE_POSTS_COMMENTS . " AS pc LEFT JOIN " . TABLE_USERS_NOTIFY_SETTINGS . " AS un ON pc.commenter = un.userID WHERE pc.postID=%d AND pc.commenter != %d AND IFNULL(un.notifyCommentToMyComment, 1) > 0", $postID, $userID); $rows = $db->getResultsArray($query); foreach ($rows as $row) { BuckysActivity::addNotification($row['commenter'], $activityID, BuckysActivity::NOTIFICATION_TYPE_COMMENT_TO_COMMENT); } //Increase Hits BuckysHit::addHit($postID, $userID); //Update User Stats BuckysUser::updateStats($postData['poster'], 'comments', 1); } return $newId; }
function buckys_session_start() { $session_id = ''; session_set_cookie_params(0, "/", "buckysroom.com", false, true); //Set Session Handler session_set_save_handler('_buckys_session_open', '_buckys_session_close', '_buckys_session_read', '_buckys_session_write', '_buckys_session_destory', '_buckys_session_gc'); //Change the default session name buckys_session_name(SESSION_NAME); if (isset($_COOKIE[SESSION_NAME])) { if (preg_match('/^[a-zA-Z0-9]+$/', $_COOKIE[SESSION_NAME]) == false) { $session_data = session_get_cookie_params(); setcookie(SESSION_NAME, '', time() - 42000, $session_data['path'], $session_data['domain']); } else { $session_id = $_COOKIE[SESSION_NAME]; } } // if a session ID has been passed to the site, use it if (buckys_not_null($session_id)) { buckys_session_id($session_id); } //Session Start $session_start_state = session_start(); if (buckys_not_null($session_id)) { if (!isset($_SESSION['session_start_time'])) { // If not present, do not use the current session ID buckys_session_recreate(); } } // If this is a new session, place our server variable in place if (!isset($_SESSION['session_start_time'])) { $_SESSION['session_start_time'] = time(); } else { // if the session has been expired, recreate the session $curr_time = time(); if ($curr_time - $_SESSION['session_start_time'] > SESSION_LIFETIME) { buckys_session_recreate(); $_SESSION['session_start_time'] = time(); } } return $session_start_state; }
/** * Session Start * * @return bool */ function buckys_session_start() { $session_id = ''; if (SITE_USING_SSL) { session_set_cookie_params(0, "/", TNB_DOMAIN, true, true); } else { session_set_cookie_params(0, "/", TNB_DOMAIN); } // Set Session Handler session_set_save_handler('_buckys_session_open', '_buckys_session_close', '_buckys_session_read', '_buckys_session_write', '_buckys_session_destroy', '_buckys_session_gc'); // Change the default session name buckys_session_name(SESSION_NAME); // Check if session cookie is set and contains only letters and numbers if (isset($_COOKIE[SESSION_NAME])) { if (preg_match('/^[a-zA-Z0-9]+$/', $_COOKIE[SESSION_NAME]) == false) { $session_data = session_get_cookie_params(); if (SITE_USING_SSL) { setcookie(SESSION_NAME, null, time() - 42000, $session_data['path'], $session_data['domain'], true, true); } else { setcookie(SESSION_NAME, null, time() - 42000, $session_data['path'], $session_data['domain']); } } else { $session_id = $_COOKIE[SESSION_NAME]; } } // If a session ID has been passed to the site, use it if (buckys_not_null($session_id)) { buckys_session_id($session_id); } // Session Start $session_start_state = session_start(); // If not present, do not use the current session ID if (buckys_not_null($session_id)) { if (!isset($_SESSION['session_start_time'])) { buckys_session_recreate(); } } // Server variable for new sessions. Recreate expired sessions. if (!isset($_SESSION['session_start_time'])) { $_SESSION['session_start_time'] = time(); } else { $curr_time = time(); if ($curr_time - $_SESSION['session_start_time'] > SESSION_LIFETIME) { buckys_session_recreate(); $_SESSION['session_start_time'] = time(); } } return $session_start_state; }
?> </b> </a><br/> <span>Administrator</span> </td> </tr> <?php foreach ($moderators as $mrow) { ?> <tr> <td style="width: 35px;"> <a href="/profile.php?user=<?php echo !$category['creatorID'] ? TNB_USER_ID : $category['creatorID']; ?> "> <?php if (buckys_not_null($mrow['thumbnail'])) { ?> <img src="<?php echo DIR_WS_PHOTO . 'users/' . $mrow['userID'] . '/resized/' . $mrow['thumbnail']; ?> " class="poster-icon"/> <?php } else { ?> <img src="<?php echo DIR_WS_IMAGE . 'defaultProfileImage.png'; ?> " class="poster-icon"/> <?php
<?php require dirname(__FILE__) . '/includes/bootstrap.php'; //Getting Current User ID $userID = buckys_is_logged_in(); //Getting User ID from Parameter $profileID = get_secure_integer($_GET['user']); $postID = buckys_escape_query_integer(isset($_GET['post']) ? $_GET['post'] : null); //If the parameter is null, goto homepage if (!$profileID) { buckys_redirect('/index.php'); } //Getting UserData from Id $userData = BuckysUser::getUserData($profileID); //Goto Homepage if the userID is not correct if (!buckys_not_null($userData) || !BuckysUser::checkUserID($profileID, true)) { buckys_redirect('/index.php'); } $postType = isset($_GET['type']) ? $_GET['type'] : 'all'; if (!in_array($postType, ['all', 'user', 'friends'])) { $postType = 'all'; } //if logged user can see all resources of the current user $canViewPrivate = $userID == $profileID || BuckysFriend::isFriend($userID, $profileID) || BuckysFriend::isSentFriendRequest($profileID, $userID); $posts = BuckysPost::getPostsByUserID($profileID, $userID, BuckysPost::INDEPENDENT_POST_PAGE_ID, $canViewPrivate, $postID, null, $postType); /*if( !buckys_not_null($posts) ) { //Goto Index Page buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR); }*/ //Mark the notifications to read
/** * Get Number of photos * * @param integer $profileID * @param integer $pageID * @param integer $albumID * @return one */ public static function getNumberOfPhotosByUserID($profileID, $pageID = BuckysPost::INDEPENDENT_POST_PAGE_ID, $albumID = null) { global $db; $userID = buckys_is_logged_in(); if (buckys_not_null($userID) && ($userID == $profileID || BuckysFriend::isFriend($profileID, $userID))) { $query = $db->prepare("SELECT count(DISTINCT(p.postID)) FROM " . TABLE_POSTS . " AS p LEFT JOIN " . TABLE_ALBUMS_PHOTOS . " AS pa ON pa.post_id = p.postID WHERE p.type='image' AND p.poster=%d AND pageID=%d", $profileID, $pageID); } else { $query = $db->prepare("SELECT count(DISTINCT(p.postID)) FROM " . TABLE_POSTS . " AS p LEFT JOIN " . TABLE_ALBUMS_PHOTOS . " AS pa ON pa.post_id = p.postID WHERE p.type='image' AND p.poster=%d AND p.visibility=1 AND pageID=%d", $profileID, $pageID); } if (buckys_not_null($albumID)) { $query .= $db->prepare(" AND pa.album_id=%d", $albumID); } $count = $db->getVar($query); return $count; }
/** * Getting pure message string from session * This will be used on API section */ function buckys_get_pure_messages() { $message_string = ""; if (isset($_SESSION['message']) && buckys_not_null($_SESSION['message'])) { for ($i = 0; $i < sizeof($_SESSION['message']); $i++) { if ($message_string) { $message_string .= "\n\r"; } $message_string .= $_SESSION['message'][$i]['message']; } unset($_SESSION['message']); } return $message_string; }
<td> <?php if ($row['objectType'] == 'topic') { echo '<a href="/forum/topic.php?id=' . $row['topicID'] . '" target="_blank">Forum Topic - ' . $row['topicID'] . '</a>'; } else { echo '<a href="/forum/topic.php?id=' . $row['topicID'] . '" target="_blank">Forum Reply - ' . $row['topicID'] . '</a>'; } ?> </td> <td> <a href="/profile.php?user=<?php echo $row['reporterID']; ?> " class="left"> <?php if (buckys_not_null($row['reporterThumb'])) { ?> <img src="<?php echo DIR_WS_PHOTO . 'users/' . $row['reporterID'] . '/resized/' . $row['reporterThumb']; ?> " class="user-icon"/> <?php } else { ?> <img src="<?php echo DIR_WS_IMAGE . 'defaultProfileImage.png'; ?> " class="user-icon"/>
buckys_enqueue_javascript('page.js'); //Get Page Data $pageData = $pageIns->getPageByID($paramPageID, false); $view['pageData'] = $pageData; if (!isset($pageData) || $pageData['userID'] != $userID && $pageData['status'] == BuckysPage::STATUS_INACTIVE) { //This page doesn't exist or inactive buckys_redirect('/index.php', MSG_NO_SUCH_PAGE, MSG_TYPE_ERROR); } //Get Posts Belonged to this page $postIns = new BuckysPost(); if (!$paramPostID) { $view['posts'] = $postIns->getPostsByUserID($pageData['userID'], $userID, $pageData['pageID']); $view['show_only_post'] = false; } else { $onePostData = $postIns->getPostById($paramPostID, $paramPageID); if (!buckys_not_null($onePostData)) { buckys_redirect('/index.php'); } $view['posts'][] = $onePostData; $view['show_only_post'] = true; } //Get followers $pageFollowerIns = new BuckysPageFollower(); $view['followers'] = $pageFollowerIns->getFollowers($pageData['pageID'], 1, 18, true); //Is this my page? $view['isMyPage'] = $pageData['userID'] == $userID; $TNB_GLOBALS['title'] = $pageData['title'] . ' - ' . TNB_SITE_NAME; $TNB_GLOBALS['content'] = 'page'; require DIR_FS_TEMPLATE . $TNB_GLOBALS['template'] . "/" . $TNB_GLOBALS['layout'] . ".php"; } else { //No such action here;
/** * Read Messages * * @param Int $userID * @param Int or Array $buddyID * @param String $type: 'new', 'old', 'all' * @return Int or HTML */ public function getMessages($userID, $buddyID, $type = 'new') { global $db; $userID = $db->escapeInput($userID); $buddyID = $db->escapeInput($buddyID); $query = "SELECT m.*, CONCAT(u.firstName, ' ', u.lastName) as fullName, u.userID, u.thumbnail FROM " . TABLE_MESSENGER_MESSAGES . " as m " . " LEFT JOIN " . TABLE_USERS . " as u ON u.userID=m.buddyID " . " WHERE m.userID=" . $userID; if (!$buddyID) { return array(); } if (is_array($buddyID)) { $query .= " AND m.buddyID IN (" . implode(",", $buddyID) . ") "; } else { $query .= " AND m.buddyID=" . $buddyID; } switch ($type) { case 'new': $query .= " AND m.isNew=1 "; break; case 'old': $query .= " AND m.isNew=0 "; break; } $query .= " ORDER BY m.buddyID, m.messageID ASC "; $rows = $db->getResultsArray($query); if ($type != 'old' && buckys_not_null($rows)) { //Make the new messages as read $query = "UPDATE " . TABLE_MESSENGER_MESSAGES . " SET isNew=0 WHERE isNew=1 AND userID=" . $userID; if (is_array($buddyID)) { $query .= " AND buddyID IN (" . implode(",", $buddyID) . ") "; } else { $query .= " AND buddyID=" . $buddyID; } $db->query($query); } return $rows; }
public function getFriendsAction() { $data = $_POST; $token = isset($data['TOKEN']) ? trim($data['TOKEN']) : null; $page = isset($data['page']) ? $data['page'] : 1; $profileID = isset($data['profileId']) ? $data['profileId'] : null; if (!$token) { return ['STATUS_CODE' => STATUS_CODE_BAD_REQUEST, 'DATA' => buckys_api_get_error_result('Api token should not be blank')]; } if (!($userID = BuckysUsersToken::checkTokenValidity($token, "api"))) { return ['STATUS_CODE' => STATUS_CODE_UNAUTHORIZED, 'DATA' => buckys_api_get_error_result('Api token is not valid.')]; } $userData = BuckysUser::getUserData($profileID); if (!buckys_not_null($profileID) || !buckys_not_null($userData) || !BuckysUser::checkUserID($profileID, true)) { return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => buckys_api_get_error_result(MSG_INVALID_REQUEST)]; } $canViewPrivate = $userID == $profileID || BuckysFriend::isFriend($userID, $profileID) || BuckysFriend::isSentFriendRequest($profileID, $userID); //Getting Photos //Get Friends $friends = BuckysFriend::getAllFriends($profileID, $page, BuckysFriend::$COUNT_PER_PAGE); $resultFriends = []; foreach ($friends as $data) { $row['id'] = $data['userID']; $row['name'] = $data['firstName'] . " " . $data['lastName']; $row['description'] = $data['current_city_visibility'] ? $data['current_city'] : ""; $row['friendType'] = BuckysFriend::getRelationType($userID, $data['userID']); $row['thumbnail'] = THENEWBOSTON_SITE_URL . BuckysUser::getProfileIcon($data); $resultFriends[] = $row; } return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => ["STATUS" => "SUCCESS", "FRIENDS" => $resultFriends]]; }
/** * Validate a plain password with an encrypted password * * @param mixed $plain * @param mixed $encrypted */ function buckys_validate_password($plain, $encrypted) { if (buckys_not_null($plain) && buckys_not_null($encrypted)) { $stack = explode(':', $encrypted); if (sizeof($stack) != 2) { return false; } if (md5($stack[1] . $plain) == $stack[0]) { return true; } } return false; }
?> &return=<?php echo base64_encode("/profile.php?user="******" data-type="buckys-ajax-link">Send Friend Request</a> <br/> <?php } } } } ?> </p> <?php if (buckys_not_null($userID)) { ?> <p><a href="/messages_compose.php?to=<?php echo $row['userID']; ?> ">Send Message</a></p> <?php } ?> </div> <div class="clear"></div> </div> <?php } if (count($friends) < 1) { ?>
echo '<p>' . $userData['firstName'] . " " . $userData['lastName'] . '</p>'; if (buckys_not_null($userData['address1'])) { echo '<p>' . $userData['address1'] . '</p>'; } if (buckys_not_null($userData['address2'])) { echo '<p>' . $userData['address2'] . '</p>'; } if (buckys_not_null($userData['city']) && buckys_not_null($userData['state'])) { echo '<p>' . $userData['city'] . ', ' . $userData['state'] . '</p>'; } else { if (buckys_not_null($userData['city'])) { echo '<p>' . $userData['city'] . '</p>'; } else { if (buckys_not_null($userData['state'])) { echo '<p>' . $userData['state'] . '</p>'; } } } if (buckys_not_null($userData['zip'])) { echo '<p>' . $userData['zip'] . '</p>'; } if (buckys_not_null($userData['country'])) { echo '<p>' . $userData['country'] . '</p>'; } } ?> </div> <br/> </aside>
if (!trim($_POST['email'])) { $loginError = 1; buckys_redirect('/register.php', MSG_EMPTY_EMAIL, MSG_TYPE_ERROR); } else { if (!preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\\._-]+)+\$/", $_POST['email'])) { buckys_redirect('/register.php', MSG_INVALID_EMAIL, MSG_TYPE_ERROR); } } //Password if (empty($_POST['password'])) { buckys_redirect('/register.php', MSG_EMPTY_PASSWORD, MSG_TYPE_ERROR); } $email = trim($_POST['email']); $password = trim($_POST['password']); $info = buckys_get_user_by_email($email); if (buckys_not_null($info)) { if (!buckys_validate_password($password, $info['password'])) { buckys_redirect('/register.php', MSG_INVALID_LOGIN_INFO, MSG_TYPE_ERROR); } else { if ($info['status'] == 0) { //Account Not Verified or Banned buckys_redirect('/index.php', !$info['token'] ? MSG_ACCOUNT_BANNED : MSG_ACCOUNT_NOT_VERIFIED, MSG_TYPE_ERROR); } else { //Login Success //Clear Login Attemps BuckysTracker::clearLoginAttemps(); $_SESSION['userID'] = $info['userID']; //Init Some Session Values $_SESSION['converation_list'] = array(); //If the keep me signed in is checked, save data to cookie if ($_POST['keep_sign_in'] == 1) {
} //Ban User BuckysBanUser::banUser($_GET['userID']); buckys_redirect('/index.php', MSG_BAN_USER); exit; } //Getting User ID from Parameter $profileID = buckys_escape_query_integer(isset($_GET['user']) ? $_GET['user'] : null); //If the parameter is null, goto homepage if (!$profileID) { buckys_redirect('/index.php'); } //Getting UserData from Id $userData = BuckysUser::getUserData($profileID); //Goto Homepage if the userID is not correct if (!buckys_not_null($userData) || !BuckysUser::checkUserID($profileID, true) && !buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) { buckys_redirect('/index.php'); } $postType = isset($_GET['type']) ? $_GET['type'] : 'all'; if (!in_array($postType, ['all', 'user', 'friends'])) { $postType = 'all'; } //if logged user can see all resources of the current user $canViewPrivate = $userID == $profileID || BuckysFriend::isFriend($userID, $profileID) || BuckysFriend::isSentFriendRequest($profileID, $userID); $friends = BuckysFriend::getAllFriends($profileID, 1, 18, true); $totalFriendsCount = BuckysFriend::getNumberOfFriends($profileID); $posts = BuckysPost::getPostsByUserID($profileID, $userID, BuckysPost::INDEPENDENT_POST_PAGE_ID, $canViewPrivate, isset($_GET['post']) ? $_GET['post'] : null, null, $postType); buckys_enqueue_stylesheet('account.css'); buckys_enqueue_stylesheet('profile.css'); buckys_enqueue_stylesheet('posting.css'); buckys_enqueue_stylesheet('publisher.css');
/** * Load Private Messenger * */ function loadMessenger() { global $db, $userID; //Getting Friends from the Buddy List $messengerSettings = BuckysUser::getUserBasicInfo($userID); $uIDs = array(); //Return HTML ob_start(); ?> <div id="private_messenger_main_wrap"> <div class="box_nav_row"> <a href="#" class="close_box_link"> </a> <!-- <a href="#" class="minimize_box_link"> </a>--> </div> <h2>Private Messenger</h2> <div class="chat_user_list" id="private_messenger_buddies_list"> <?php echo BuckysPrivateMessenger::getUserListHTML($userID, $uIDs); ?> </div> <div class="below_chat_user_list <?php if ($messengerSettings['messenger_privacy'] == 'all') { ?> add-user-to-buddylist-hidden<?php } ?> " id="add-user-to-buddylist"> <form name="adduserform" id="adduserform"> <h2>Add Friends</h2> <span id="add-user-to-buddylist-inputholder"> <input type="text" class="input below_chat_user_list_input" id="add-user-to-buddylist-input" /> <input type="submit" value="Add" class="redButton" /> </span> <!-- <div id="selected-users-list"></div>--> <div class="clear"></div> <?php echo render_loading_wrapper(); ?> </form> </div> <div class="below_chat_user_list" id="messenger_btn_box"> <span><input type="button" id="settings_messenger_btn" class="redButton" value="Settings"></span> </div> </div> <?php BuckysPrivateMessenger::updateConversationList($userID, $uIDs); $convList = isset($_SESSION['converation_list']) ? $_SESSION['converation_list'] : array(); ?> <div id="private_messenger_conversation_wrap" <?php if (!buckys_not_null($convList)) { ?> style="display: none;"<?php } ?> > <div class="box_nav_row"> <a href="#" class="close_box_link"> </a> <a href="#" class="minimize_box_link"> </a> <div href="#" class="options_link" id="private-messenger-options-link"> Options <ul> <li><a href="#" id="pm-box-clear-history-link">Clear history</a></li> <li><a href="#" id="pm-box-block-user-link">Block User</a></li> </ul> </div> </div> <div id="private_messenger_conversation_lft"> <div id="private_messenger_opened_chats"> <?php foreach ($convList as $i => $uID) { $tUInfo = BuckysUser::getUserBasicInfo($uID); ?> <a href="#" data-id="<?php echo $uID; ?> " <?php if ($i == 0) { ?> class="actived"<?php } ?> data-encrypted="<?php echo buckys_encrypt_id($uID); ?> "><?php echo $tUInfo['firstName'] . " " . $tUInfo['lastName']; ?> <span title="close" class="close-conversation">X</span></a><?php } ?> </div> </div> <div id="private_messenger_conversation_rgt"> <?php foreach ($convList as $i => $uID) { $tUInfo = BuckysUser::getUserBasicInfo($uID); ?> <div class="private_messenger_conversation_contr" <?php if ($i > 0) { ?> style="display: none;"<?php } ?> id="private_messenger_conversation_contr<?php echo $uID; ?> "> <?php echo BuckysPrivateMessenger::getMessagesHTML($userID, $uID, 'all'); ?> </div> <?php } ?> <div id="private_messenger_send_message_contr"> <form name="newmessageform" id="newmessageform" action="" method="post"> <input class="under_private_message_conversation_area_input" id="new_private_message" class="input" type="text" /> </form> </div> </div> <div class="clear"></div> </div> <?php $html = ob_get_contents(); ob_end_clean(); return $html; }
/** * Search Users * * @param Int $userID * @param Int $term * @return Array */ public function searchUsers($term, $exclude = array()) { global $db; if (buckys_not_null($exclude) && !is_array($exclude)) { $exclude = array($exclude); } if (buckys_not_null($exclude)) { $query = "SELECT distinct(u.userID), CONCAT(u.firstName, ' ', u.lastName) as fullName FROM " . TABLE_USERS . " as u WHERE u.status = 1 AND u.userID NOT IN(" . implode(", ", $db->escapeInput($exclude)) . ") AND (CONCAT(u.firstName, ' ', u.lastName) LIKE '%" . $db->escapeInput($term) . "%') ORDER BY fullName"; } else { $query = "SELECT distinct(u.userID), CONCAT(u.firstName, ' ', u.lastName) as fullName FROM " . TABLE_USERS . " as u WHERE u.status = 1 AND (CONCAT(u.firstName, ' ', u.lastName) LIKE '%" . $db->escapeInput($term) . "%') ORDER BY fullName"; } $rows = $db->getResultsArray($query); return $rows; }
<?php require dirname(__FILE__) . '/includes/bootstrap.php'; //Getting Current User ID $userID = buckys_is_logged_in(); $pageIns = new BuckysPage(); $pageFollowerIns = new BuckysPageFollower(); $paramPageID = isset($_GET['pid']) ? intval($_GET['pid']) : null; $pageData = $pageIns->getPageByID($paramPageID); //If the parameter is null, goto homepage if (!buckys_not_null($pageData)) { buckys_redirect('/index.php'); } $page = isset($_GET['page']) && is_numeric($_GET['page']) ? $_GET['page'] : 1; $totalCount = $pageFollowerIns->getNumberOfFollowers($pageData['pageID']); $pagination = new Pagination($totalCount, BuckysPageFollower::COUNT_PER_PAGE, $page); $page = $pagination->getCurrentPage(); //Get Friends $view['followers'] = $pageFollowerIns->getFollowers($pageData['pageID'], $page, BuckysPageFollower::COUNT_PER_PAGE); $view['pageData'] = $pageData; buckys_enqueue_stylesheet('profile.css'); buckys_enqueue_stylesheet('friends.css'); buckys_enqueue_stylesheet('account.css'); buckys_enqueue_stylesheet('stream.css'); buckys_enqueue_stylesheet('posting.css'); buckys_enqueue_stylesheet('uploadify.css'); buckys_enqueue_stylesheet('jquery.Jcrop.css'); buckys_enqueue_stylesheet('page.css'); buckys_enqueue_javascript('uploadify/jquery.uploadify.js'); buckys_enqueue_javascript('jquery.Jcrop.js'); buckys_enqueue_javascript('jquery.color.js');
<?php require dirname(__FILE__) . '/includes/bootstrap.php'; //If the user is not logged in, redirect to the index page if (!($userID = buckys_is_logged_in())) { buckys_redirect('/index.php'); } //Getting UserData from Id $userData = BuckysUser::getUserContactInfo($userID); //Goto Homepage if the userID is not correct if (!buckys_not_null($userData)) { buckys_redirect('/index.php'); } if (isset($_POST['action'])) { //Check the user id is same with the current logged user id if ($_POST['userID'] != $userID) { echo 'Invalid Request!'; exit; } //Save Primary Email if ($_POST['action'] == 'save_email') { //Check the email address is valid or not $pattern = '/^([a-zA-Z0-9_+\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9])+$/'; /*if( !preg_match($pattern, $_POST['email']) ) { echo 'Please input a valid e-mail address'; exit; } //Check if the email is used or not if( BuckysUser::checkEmailDuplication($_POST['email'], $userID) ) {
"> <?php if ($row['votes'] > 0) { echo '+'; } echo $row['votes']; ?> </a> </td> <td class="icon-column"> <a style="float: left;" href="/profile.php?user=<?php echo $row['creatorID']; ?> "> <?php if (buckys_not_null($row['creatorThumbnail'])) { ?> <img src="<?php echo DIR_WS_PHOTO . 'users/' . $row['creatorID'] . '/resized/' . $row['creatorThumbnail']; ?> " class="poster-icon"/> <?php } else { ?> <img src="<?php echo DIR_WS_IMAGE . 'defaultProfileImage.png'; ?> " class="poster-icon"/>
/** * Render Message from SESSION * */ function render_result_messages() { if (isset($_SESSION['message']) && buckys_not_null($_SESSION['message'])) { for ($i = 0; $i < sizeof($_SESSION['message']); $i++) { switch ($_SESSION['message'][$i]['type']) { case MSG_TYPE_SUCCESS: echo '<p class="message success">' . $_SESSION['message'][$i]['message'] . '</p>'; break; case MSG_TYPE_ERROR: echo '<p class="message error">' . $_SESSION['message'][$i]['message'] . '</p>'; break; case MSG_TYPE_NOTIFY: echo '<p class="message notification">' . $_SESSION['message'][$i]['message'] . '</p>'; break; } } unset($_SESSION['message']); } }