Beispiel #1
0
function render_search_page($search_terms = "", $page = 1)
{
    $start = (intval($page) - 1) * 20;
    $html = render_header("Search");
    $html .= "<div class=\"bg_menu_wrapper\">\n" . "<ul class=\"bg_menu\">\n" . "<li><a href=\"/explore/firehose\" title=\"Firehose\">Firehose</a></li>\n" . "<li><a href=\"/explore/popular\" title=\"Popular\">Popular</a></li>\n" . "<li><a href=\"/explore/tags\" title=\"Tags\">Tags</a></li>\n" . "<li><a href=\"/explore/directory\" title=\"Directory\">Directory</a></li>\n" . "<li><a href=\"/explore/suggested\" title=\"Suggested Users\">Suggested</a></li>\n" . "<li class=\"selected\"><a href=\"/explore/search\" title=\"Search\">Search</a></li>\n" . "</ul>\n" . "<div class=\"clear\"></div>\n" . "</div>\n";
    $html .= "<div id=\"header\">\n" . "<h1>Search</h1>\n" . "<p>Search the title and body of posts.</p>\n" . "<table id=\"search_form\" cellspacing=\"0\" cellpadding=\"5\"><tr>\n" . "<td><input type=\"text\" name=\"s\" id=\"search_text\" value=\"" . addslashes(urldecode($search_terms)) . "\" size=\"20\" onKeyPress=\"return checkSubmit(event)\"/></td>\n" . "<td><button id='search_submit_button' onClick=\"document.location.href = '/explore/search/' + \$('#search_text').val();\">Go</button></td>\n" . "</tr></table>";
    $html .= "<script>\n" . "\$(\"#search_text\").focus();\n" . "</script>\n";
    if ($search_terms != "") {
        $mysqli = db_connect();
        $sql = "";
        $count_sql = "";
        if (isset($_SESSION["user_id"])) {
            $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar,Likes.Id AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Likes ON Likes.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Likes.PostId=Posts.Id" . " LEFT OUTER JOIN Friends FriendsA ON Posts.UserId=FriendsA.UserId" . " WHERE" . " ((FriendsA.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND MATCH(Posts.Title, Posts.Body) AGAINST ('" . $mysqli->real_escape_string($search_terms) . "')" . " ORDER BY MATCH(Posts.Title, Posts.Body) AGAINST ('" . $mysqli->real_escape_string($search_terms) . "') DESC LIMIT " . $mysqli->real_escape_string($start) . ",20";
            $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Friends FriendsA ON Posts.UserId=FriendsA.UserId" . " WHERE" . " ((FriendsA.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND MATCH(Posts.Title, Posts.Body) AGAINST ('" . $mysqli->real_escape_string($search_terms) . "')";
        } else {
            $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar, null AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND MATCH(Posts.Title, Posts.Body) AGAINST ('" . $mysqli->real_escape_string($search_terms) . "')" . " ORDER BY MATCH(Posts.Title, Posts.Body) AGAINST ('" . $mysqli->real_escape_string($search_terms) . "') DESC LIMIT " . $mysqli->real_escape_string($start) . ",20";
            $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND MATCH(Posts.Title, Posts.Body) AGAINST ('" . $mysqli->real_escape_string($search_terms) . "')";
        }
        // fetch count for pagination
        $count_result = $mysqli->query($sql_count);
        $count_row = $count_result->fetch_assoc();
        $count = $count_row["NumPosts"];
        $post_result = $mysqli->query($sql);
        $html .= "<p>" . $count . " posts found with '" . $search_terms . "' in the title, or body...</p>\n" . "</div> <!-- #header -->\n";
        $html .= render_posts($mysqli, $post_result);
        // Pagination
        $html .= render_pagination("explore/search/" . $search_terms, $page, $count, 20);
        $html .= render_display_controls();
    } else {
        $html .= "</div> <!-- #header -->\n";
    }
    $html .= render_footer();
    return $html;
}
Beispiel #2
0
function render_tag_page($tag_name, $page)
{
    $start = (intval($page) - 1) * 20;
    $html = render_header($tag_name, "", true);
    $html .= "<div class=\"bg_menu_wrapper\">\n" . "<ul class=\"bg_menu\">\n" . "<li><a href=\"/explore/firehose\" title=\"Firehose\">Firehose</a></li>\n" . "<li><a href=\"/explore/popular\" title=\"Popular\">Popular</a></li>\n" . "<li class=\"selected\"><a href=\"/explore/tags\" title=\"Tags\">Tags</a></li>\n" . "<li><a href=\"/explore/directory\" title=\"Directory\">Directory</a></li>\n" . "<li><a href=\"/explore/suggested\" title=\"Suggested Users\">Suggested</a></li>\n" . "<li><a href=\"/explore/search\" title=\"Search\">Search</a></li>\n" . "</ul>\n" . "<div class=\"clear\"></div>\n" . "</div>\n";
    $mysqli = db_connect();
    $sql = "";
    $sql_count = "";
    if (isset($_SESSION["user_id"])) {
        $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar,Likes.Id AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " INNER JOIN PostTags ON Posts.Id=PostTags.PostId" . " INNER JOIN Tags ON PostTags.TagId=Tags.Id" . " LEFT OUTER JOIN Likes ON Likes.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Likes.PostId=Posts.Id" . " LEFT OUTER JOIN Friends FriendsA ON Posts.UserId=FriendsA.UserId" . " WHERE" . " ((FriendsA.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Tags.Name='" . $mysqli->real_escape_string($tag_name) . "'" . " ORDER BY Created DESC LIMIT " . $mysqli->real_escape_string($start) . ",20";
        $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " INNER JOIN PostTags ON Posts.Id=PostTags.PostId" . " INNER JOIN Tags ON PostTags.TagId=Tags.Id" . " LEFT OUTER JOIN Friends FriendsA ON Posts.UserId=FriendsA.UserId" . " WHERE" . " ((FriendsA.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Tags.Name='" . $mysqli->real_escape_string($tag_name) . "'";
    } else {
        $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " INNER JOIN PostTags ON Posts.Id=PostTags.PostId" . " INNER JOIN Tags ON PostTags.TagId=Tags.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Tags.Name='" . $mysqli->real_escape_string($tag_name) . "'" . " ORDER BY Created DESC LIMIT " . $mysqli->real_escape_string($start) . ",20";
        $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " INNER JOIN PostTags ON Posts.Id=PostTags.PostId" . " INNER JOIN Tags ON PostTags.TagId=Tags.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Tags.Name='" . $mysqli->real_escape_string($tag_name) . "'";
    }
    // fetch count for pagination
    $count_result = $mysqli->query($sql_count);
    $count_row = $count_result->fetch_assoc();
    $count = $count_row["NumPosts"];
    $post_result = $mysqli->query($sql);
    $html .= "<div id=\"header\"><h1>Posts tagged &#8216;<span>" . $tag_name . "</span>&#8217;</h1></div>\n";
    $html .= render_posts($mysqli, $post_result);
    $html .= render_pagination("explore/tag/" . $tag_name, $page, $count, 20);
    $html .= render_display_controls();
    $html .= render_footer();
    return $html;
}
Beispiel #3
0
function render_tags_page()
{
    $html = render_header("Tags");
    $html .= "<div class=\"bg_menu_wrapper\">\n" . "<ul class=\"bg_menu\">\n" . "<li><a href=\"/explore/firehose\" title=\"Firehose\">Firehose</a></li>\n" . "<li><a href=\"/explore/popular\" title=\"Popular\">Popular</a></li>\n" . "<li class=\"selected\"><a href=\"/explore/tags\" title=\"Tags\">Tags</a></li>\n" . "<li><a href=\"/explore/directory\" title=\"Directory\">Directory</a></li>\n" . "<li><a href=\"/explore/suggested\" title=\"Suggested Users\">Suggested</a></li>\n" . "<li><a href=\"/explore/search\" title=\"Search\">Search</a></li>\n" . "</ul>\n" . "<div class=\"clear\"></div>\n" . "</div>\n";
    $mysqli = db_connect();
    if (isset($_SESSION["user_id"])) {
        $sql = "SELECT Tags.Name AS TagName, COUNT(Tags.Id) AS TagCount FROM Tags" . " INNER JOIN PostTags ON Tags.Id=PostTags.TagId" . " INNER JOIN Posts ON PostTags.PostId=Posts.Id" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Friends FriendsOfAuthor ON Posts.UserId=FriendsOfAuthor.UserId AND FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " WHERE ((FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND (Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '7' DAY))" . " GROUP BY Tags.Name" . " ORDER BY Tags.Name";
    } else {
        $sql = "SELECT Tags.Name AS TagName, COUNT(Tags.Id) AS TagCount FROM Tags" . " INNER JOIN PostTags ON Tags.Id=PostTags.TagId" . " INNER JOIN Posts ON PostTags.PostId=Posts.Id" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND (Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '7' DAY))" . " GROUP BY Tags.Name" . " ORDER BY Tags.Name";
    }
    $tags_result_a = $mysqli->query($sql);
    $tags_result_b = $mysqli->query($sql);
    $html .= "<div id=\"header\">\n" . "<h1>Tags</h1>\n" . "<p>Explore the tags of posts from the last 7 days.</p>\n" . "</div>\n";
    // find the highest number of tags
    $max_tags = 0;
    while ($tags_row = @$tags_result_a->fetch_assoc()) {
        if (intval($tags_row["TagCount"]) > $max_tags) {
            $max_tags = intval($tags_row["TagCount"]);
        }
    }
    $range = 2;
    $html .= "<div id='tags_page'>\n" . "<div class=\"tags\">\n";
    while ($tags_row = @$tags_result_b->fetch_assoc()) {
        $tag_count = $tags_row["TagCount"];
        $ratio = $tag_count / $max_tags;
        $size = number_format(1 + $ratio * $range, 1);
        $html .= "<div class='tag' style='font-size:" . $size . "em !important;'><a title='" . addslashes($tags_row["TagName"]) . "' href='/explore/tag/" . $tags_row["TagName"] . "'>" . str_replace(" ", "&nbsp;", $tags_row["TagName"]) . "</a><br /><small>" . $tags_row["TagCount"] . " posts</small></div>\n";
    }
    $html .= "<div class='clear'></div>\n" . "</div> <!-- .tags -->\n" . "</div> <!-- #tags_page -->\n";
    $html .= render_footer();
    return $html;
}
Beispiel #4
0
function render_help_page()
{
    $html = render_header("Help");
    $html .= "<div class=\"page_wrapper\">\n" . "<div class=\"page\">\n" . "<h1>Help</h1>\n" . "<p>In the very likely event that you find something that doesn't work within the site, please send us an email and try to be as descriptive as possible about what you were doing, and what the site did.</p>\n" . "<p><a href=\"mailto:support@wetheusers.net\">support@wetheusers.net</a></p>\n" . "<p>Thankyou for your support!</p>\n" . "</div>\n" . "</div>\n";
    $html .= render_footer();
    return $html;
}
Beispiel #5
0
function render_firehose_page($numposts = 20, $page = 1)
{
    $start = (intval($page) - 1) * $numposts;
    $html = render_header("The Firehose");
    $html .= "<div class=\"bg_menu_wrapper\">\n" . "<ul class=\"bg_menu\">\n" . "<li class=\"selected\"><a href=\"/explore/firehose\" title=\"Firehose\">Firehose</a></li>\n" . "<li><a href=\"/explore/popular\" title=\"Popular\">Popular</a></li>\n" . "<li><a href=\"/explore/tags\" title=\"Tags\">Tags</a></li>\n" . "<li><a href=\"/explore/directory\" title=\"Directory\">Directory</a></li>\n" . "<li><a href=\"/explore/suggested\" title=\"Suggested Users\">Suggested</a></li>\n" . "<li><a href=\"/explore/search\" title=\"Search\">Search</a></li>\n" . "</ul>\n" . "<div class=\"clear\"></div>\n" . "</div>\n";
    $mysqli = db_connect();
    $sql = "";
    $count_sql = "";
    if (isset($_SESSION["user_id"])) {
        $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar,Likes.Id AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Likes ON Likes.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Likes.PostId=Posts.Id" . " LEFT OUTER JOIN Friends FriendsOfAuthor ON Posts.UserId=FriendsOfAuthor.UserId AND FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " WHERE" . " ((FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " ORDER BY Created DESC LIMIT " . $mysqli->real_escape_string($start) . "," . $mysqli->real_escape_string($numposts);
        $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Friends FriendsOfAuthor ON Posts.UserId=FriendsOfAuthor.UserId AND FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " WHERE" . " ((FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED;
    } else {
        $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar, null AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " ORDER BY Created DESC LIMIT " . $mysqli->real_escape_string($start) . "," . $mysqli->real_escape_string($numposts);
        $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED;
    }
    // fetch count for pagination
    $count_result = $mysqli->query($sql_count);
    $count_row = $count_result->fetch_assoc();
    $count = $count_row["NumPosts"];
    $post_result = $mysqli->query($sql);
    $html .= "<div id=\"header\">\n" . "<h1>The Firehose</h1>\n" . "<p>Everything posted by everybody, across the entire site (well... everything they are choosing to let you see...)</p>\n" . "</div>";
    $html .= render_posts($mysqli, $post_result);
    /*
    $html .= "<div class=\"tiles\">\n";
    while ($post_row =@ $post_result->fetch_assoc()){
    	$html .= render_tile($mysqli,$post_row,false);
    }
    $html .= "</div> <!-- .tiles -->\n";
    */
    // Pagination
    $html .= render_pagination("explore/firehose/" . $numposts, $page, $count, $numposts);
    $html .= render_display_controls();
    $html .= render_footer();
    return $html;
}
function render_suggested_users($days = 7, $page = 1)
{
    $start = (intval($page) - 1) * 20;
    $html = render_header("Suggested Users");
    $html .= "<div class=\"bg_menu_wrapper\">\n" . "<ul class=\"bg_menu\">\n" . "<li><a href=\"/explore/firehose\" title=\"Firehose\">Firehose</a></li>\n" . "<li><a href=\"/explore/popular\" title=\"Popular\">Popular</a></li>\n" . "<li><a href=\"/explore/tags\" title=\"Tags\">Tags</a></li>\n" . "<li><a href=\"/explore/directory\" title=\"Directory\">Directory</a></li>\n" . "<li class=\"selected\"><a href=\"/explore/suggested\" title=\"Suggested Users\">Suggested</a></li>\n" . "<li><a href=\"/explore/search\" title=\"Search\">Search</a></li>\n" . "</ul>\n" . "<div class=\"clear\"></div>\n" . "</div>\n";
    $mysqli = db_connect();
    $html .= "<div id=\"header\">\n" . "<h1>Suggested Users</h1>\n" . "<p>Users with the most popular public content over the last " . $days . " days.</p>\n" . "</div>\n";
    $sql = "SELECT Users.*, COUNT(DISTINCT Posts.Id) AS PostCount, COUNT(DISTINCT Comments.Id) AS CommentCount, COUNT(DISTINCT Likes.Id) AS LikesCount, COUNT(DISTINCT Posts.Id) + COUNT(DISTINCT Comments.Id) + COUNT(DISTINCT Likes.Id) AS TotalCount\n" . " FROM Users" . " INNER JOIN Posts ON Posts.UserId=Users.Id AND Posts.Status=1 AND Posts.Privacy=0" . " LEFT OUTER JOIN Comments ON Posts.Id=Comments.PostId AND Comments.UserId<>Users.Id" . " LEFT OUTER JOIN Likes ON Posts.Id=Likes.PostId AND Likes.UserId<>Users.Id" . " WHERE Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '" . $mysqli->real_escape_string($days) . "' DAY)" . " GROUP BY Users.Id" . " ORDER BY TotalCount DESC" . " LIMIT " . $mysqli->real_escape_string($start) . ",20";
    $sql_count = "SELECT COUNT(DISTINCT Users.Id) AS NumUsers" . " FROM Users" . " INNER JOIN Posts ON Posts.UserId=Users.Id AND Posts.Status=1 AND Posts.Privacy=0" . " WHERE (Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '" . $mysqli->real_escape_string($days) . "' DAY))";
    $user_result = $mysqli->query($sql);
    if ($user_result->num_rows > 0) {
        $html .= "<div class=\"directory_users\">\n";
        while ($user_row = @$user_result->fetch_assoc()) {
            $html .= render_user($user_row);
        }
        $html .= "<div class=\"clear\"></div>\n" . "</div>\n";
    }
    // fetch count for pagination
    $count_result = $mysqli->query($sql_count);
    $count_row = $count_result->fetch_assoc();
    $count = $count_row["NumUsers"];
    $html .= render_pagination("explore/suggested/" . $days, $page, $count, 20);
    $html .= render_footer();
    return $html;
}
Beispiel #7
0
function render_mail_queue()
{
    $mysqli = db_connect();
    $html = render_header("Mail Queue");
    $mysqli = db_connect();
    $sql = "SELECT * FROM MailQueue ORDER BY Id";
    $result = $mysqli->query($sql);
    $html .= "<br/><table border='1' cellspacing='1' cellpadding='5' width='80%' style='margin:auto;'>\n";
    $i = 0;
    while ($row = @$result->fetch_assoc()) {
        $i++;
        if ($i == 1) {
            $html .= "<tr>\n";
            foreach ($row as $key => $val) {
                $html .= "<th>" . $key . "</th>\n";
            }
            $html .= "</tr>\n";
        }
        $html .= "<tr>\n";
        foreach ($row as $key => $val) {
            $html .= "<td>" . $val . "</td>\n";
        }
        $html .= "</tr>\n";
    }
    $html .= "</table>\n";
    $html .= "<p align='center'>" . $i . " items waiting in the queue.</p>\n";
    $html .= render_footer();
    return $html;
}
Beispiel #8
0
function render_popular_page($page)
{
    $start = (intval($page) - 1) * 20;
    $html = render_header("Popular Posts");
    $html .= "<div class=\"bg_menu_wrapper\">\n" . "<ul class=\"bg_menu\">\n" . "<li><a href=\"/explore/firehose\" title=\"Firehose\">Firehose</a></li>\n" . "<li class=\"selected\"><a href=\"/explore/popular\" title=\"Popular\">Popular</a></li>\n" . "<li><a href=\"/explore/tags\" title=\"Tags\">Tags</a></li>\n" . "<li><a href=\"/explore/directory\" title=\"Directory\">Directory</a></li>\n" . "<li><a href=\"/explore/suggested\" title=\"Suggested Users\">Suggested</a></li>\n" . "<li><a href=\"/explore/search\" title=\"Search\">Search</a></li>\n" . "</ul>\n" . "<div class=\"clear\"></div>\n" . "</div>\n";
    $mysqli = db_connect();
    if (isset($_SESSION["user_id"])) {
        $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar,Likes.Id AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Likes ON Likes.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Likes.PostId=Posts.Id" . " LEFT OUTER JOIN Friends FriendsA ON Posts.UserId=FriendsA.UserId" . " WHERE" . " ((FriendsA.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND (Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '1' DAY))" . " ORDER BY (Posts.Likes + Posts.Comments) DESC LIMIT " . $mysqli->real_escape_string($start) . ",20";
        $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Friends FriendsA ON Posts.UserId=FriendsA.UserId" . " WHERE" . " ((FriendsA.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND (Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '1' DAY))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED;
    } else {
        $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar, null AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND (Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '1' DAY))" . " ORDER BY (Posts.Likes + Posts.Comments) DESC LIMIT " . $mysqli->real_escape_string($start) . ",20";
        $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE" . " Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND (Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '1' DAY))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED;
    }
    // fetch count for pagination
    $count_result = $mysqli->query($sql_count);
    $count_row = $count_result->fetch_assoc();
    $count = $count_row["NumPosts"];
    $post_result = $mysqli->query($sql);
    $html .= "<div id=\"header\">\n" . "<h1>Popular Posts</h1>\n" . "<p>The most popular content available to you of the last 24 hours, judged by comments and likes...</p>\n" . "</div>";
    $html .= render_posts($mysqli, $post_result);
    $html .= render_pagination("explore/popular", $page, $count, 20);
    $html .= render_display_controls();
    $html .= render_footer();
    return $html;
}
Beispiel #9
0
function render_welcome_page()
{
    $html = render_header("Welcome to " . SITE_NAME . "!");
    $html .= "<div class=\"page_wrapper\">\n" . "<div id=\"faq\" class=\"page\">\n" . "<h1>Welcome!</h1>\n" . "<h2 class=\"center\">Go check your email!</h2>" . "<br />\n";
    $html .= "<p>Your account has been successfully created, and a temporary password has been emailed to you that you can change later. Please note that some online email systems (we have noticed Yahoo and Outlook.com are the worst offenders) sometimes take a few minutes to receive machine generated emails. Gmail seems to be fine.</p>\n" . "<p>Once you have the email, head to the <a href=\"/login\">Login</a> page. Remember to check your spam folder if you don't think the email has arrived.</p>\n" . "<p>If you do not received the password, you can use the password reset form to have another one sent.</p>\n" . "<p>If you suspect you may have typed your email address incorrectly, please get in touch with <a href=\"mailto:support@wetheusers.net\">support@wetheusers.net</a>, and we'll help you out.</p>\n";
    $html .= "</div></div>\n";
    $html .= render_footer();
    return $html;
}
Beispiel #10
0
function render_faq()
{
    $html = render_header("Frequently Asked Questions");
    $html .= "<div class=\"page_wrapper\">\n" . "<div id=\"faq\" class=\"page\">\n" . "<h1>Frequently Asked Questions</h1>\n" . "<br />\n" . "<p>This page will be updated regularly with answers to common questions. If you don't find an answer to your question, send an email to <a href=\"mailto:support@wetheusers.net\">support@wetheusers.net</a> and we'll do our best to answer quickly.</p>\n";
    $html .= file_get_contents("lib/html/faq.htm");
    $html .= "</div></div>\n";
    $html .= render_footer();
    return $html;
}
Beispiel #11
0
function render_terms()
{
    $html = render_header("Terms and Conditions");
    $html .= "<div class=\"page_wrapper\">\n" . "<div id=\"faq\" class=\"page\">\n" . "<h1>Terms and Conditions</h1>\n" . "<br />\n";
    $html .= file_get_contents("lib/html/terms.htm");
    $html .= "</div></div>\n";
    $html .= render_footer();
    return $html;
}
Beispiel #12
0
function render_privacy()
{
    $html = render_header("Privacy Policy");
    $html .= "<div class=\"page_wrapper\">\n" . "<div id=\"faq\" class=\"page\">\n" . "<h1>Privacy Policy</h1>\n" . "<br />\n";
    $html .= file_get_contents("lib/html/privacy.htm");
    $html .= "</div></div>\n";
    $html .= render_footer();
    return $html;
}
function render_user_directory($tag_name = "", $page = 1)
{
    $start = (intval($page) - 1) * 20;
    $html = render_header("User Directory");
    $mysqli = db_connect();
    // check if a tag is passed in
    if ($tag_name == "") {
        // No tag - draw the tags
        $sql = "SELECT Tags.Name AS TagName, COUNT(Tags.Id) AS TagCount" . " FROM Tags" . " INNER JOIN UserTags ON Tags.Id=UserTags.TagId" . " INNER JOIN Users ON UserTags.UserId=Users.Id" . " GROUP BY Tags.Name" . " ORDER BY Tags.Name";
        // ." HAVING COUNT(Tags.Id)>1" - goes above ORDER BY
        $html .= "<div id=\"header\">\n" . "<h1>User Directory</h1>\n" . "<p>Explore the tags users have filed themselves under - edit your <a href=\"/account\">account</a> details to file yourself under some tags.</p>\n" . "</div>\n";
        $tags_result_a = $mysqli->query($sql);
        $tags_result_b = $mysqli->query($sql);
        // find the most tags to do sizing
        $max_tags = 0;
        while ($tags_row = @$tags_result_a->fetch_assoc()) {
            if (intval($tags_row["TagCount"]) > $max_tags) {
                $max_tags = intval($tags_row["TagCount"]);
            }
        }
        $range = 2;
        $html .= "<div id='tags_page'>\n" . "<div class=\"tags\">\n";
        while ($tags_row = @$tags_result_b->fetch_assoc()) {
            // math to work out size of font
            $tag_count = $tags_row["TagCount"];
            $ratio = $tag_count / $max_tags;
            $size = number_format(1 + $ratio * $range, 1);
            $html .= "<div class='tag' style='font-size:" . $size . "em !important;'><a title='" . addslashes($tags_row["TagName"]) . "' href='/directory/" . htmlspecialchars($tags_row["TagName"]) . "'>" . str_replace(" ", "&nbsp;", $tags_row["TagName"]) . "</a><br /><small>" . $tags_row["TagCount"] . " users</small></div>\n";
        }
        $html .= "<div class='clear'></div>\n" . "</div> <!-- .tags -->\n" . "</div> <!-- #tags_page -->\n";
    } else {
        $html .= "<div id=\"header\">\n" . "<h1>User Directory : &#8216;<span>" . $tag_name . "</span>&#8217;</h1>\n" . "<p>Here are the users that have filed themselves under the tag '" . $tag_name . "'</p>\n" . "</div>\n";
        // get all the users with a particular tag
        $sql = "SELECT Users.*, COUNT(DISTINCT Posts.Id) AS PostCount, COUNT(DISTINCT Comments.Id) AS CommentCount, COUNT(DISTINCT Likes.Id) AS LikesCount,COUNT(DISTINCT Posts.Id) + COUNT(DISTINCT Comments.Id) + COUNT(DISTINCT Likes.Id) AS TotalCount\n" . " FROM Users" . " INNER JOIN UserTags ON Users.Id=UserTags.UserId" . " INNER JOIN Tags ON Tags.Id=UserTags.TagId" . " LEFT OUTER JOIN Posts ON Posts.UserId=Users.Id AND Posts.Status=1 AND Posts.Privacy=0" . " LEFT OUTER JOIN Comments ON Posts.Id=Comments.PostId AND Comments.UserId<>Users.Id" . " LEFT OUTER JOIN Likes ON Posts.Id=Likes.PostId AND Likes.UserId<>Users.Id" . " WHERE Tags.Name='" . $mysqli->real_escape_string($tag_name) . "'" . " GROUP BY Users.Id" . " ORDER BY TotalCount DESC" . " LIMIT " . $mysqli->real_escape_string($start) . ",20";
        $sql_count = "SELECT COUNT(DISTINCT Users.Id) AS NumUsers" . " FROM Users" . " INNER JOIN UserTags ON Users.Id=UserTags.UserId" . " INNER JOIN Tags ON Tags.Id=UserTags.TagId" . " INNER JOIN Posts ON Posts.UserId=Users.Id AND Posts.Status=1 AND Posts.Privacy=0" . " LEFT OUTER JOIN Comments ON Posts.Id=Comments.PostId" . " LEFT OUTER JOIN Likes ON Posts.Id=Likes.PostId" . " WHERE Tags.Name='" . $mysqli->real_escape_string($tag_name) . "'" . " GROUP BY Users.Id";
        $user_result = $mysqli->query($sql);
        if ($user_result->num_rows > 0) {
            $html .= "<div class=\"directory_users\">\n";
            while ($user_row = @$user_result->fetch_assoc()) {
                $html .= render_user($user_row);
            }
            $html .= "</div>\n";
        } else {
            $html .= "<p>There are no users filed under the tag '" . $tag_name . "'</p>\n";
        }
        // fetch count for pagination
        $count_result = $mysqli->query($sql_count);
        $count_row = $count_result->fetch_assoc();
        $count = $count_row["NumUsers"];
        $html .= render_pagination("user_directory/" . $tag_name, $page, $count, 20);
    }
    $html .= render_footer();
    return $html;
}
Beispiel #14
0
function render_chat_page()
{
    if (isset($_SESSION["user_id"])) {
        $html = render_header("Chat");
        $html .= "<div id=\"header\">\n" . "<h1>Chat</h1>\n" . "<p>IRC Chat powered by <a href=\"http://mibbit.com\">Mibbit</a> (server = irc.mibbit.com, channel = #WeTheUsers)</p>\n" . "</div>";
        $html .= "<iframe style=\"display:block;margin:0px auto 0px auto;\" frameborder=\"0\" width=\"90%\" height=\"80%\" scrolling=\"no\" src=\"http://widget.mibbit.com/?settings=9092067ea4c785ce94d25452be90e031&server=irc.mibbit.net&channel=%23WeTheUsers&nick=" . $_SESSION["user_name"] . "\"></iframe>";
        $html .= render_footer();
        return $html;
    } else {
        header("Location: /403");
    }
}
Beispiel #15
0
function render_import_rss()
{
    if (isset($_SESSION["user_id"])) {
        // fetch the user row from the database to get the defaults from it
        $mysqli = db_connect();
        $user_result = $mysqli->query("SELECT * FROM Users WHERE Id=" . $mysqli->real_escape_string($_SESSION["user_id"]));
        $user_row = $user_result->fetch_assoc();
        $html = render_header("Directory");
        $html .= "<div class=\"bg_menu_wrapper\">\n" . "<ul class=\"bg_menu\">\n" . "<li><a href=\"/account/import\" title=\"Import\">Import</a></li>\n" . "<li class=\"selected\"><a href=\"/account/import/rss\" title=\"RSS\">RSS</a></li>\n" . "<li><a href=\"/account/import/wordpress\" title=\"Wordpress\">Wordpress</a></li>\n" . "</ul>\n" . "<div class=\"clear\"></div>\n" . "</div>\n";
        $html .= "<div id=\"header\">\n" . "<h1>Import RSS</h1>\n" . "<p>Fill out the form below to import an RSS feed. This is a one-hit operation - it will not update in the future, and running it repeatedly will duplicate posts.</p>\n" . "</div>\n";
        $html .= "<div class=\"page_wrapper\">\n" . "<div id=\"account_form\" class=\"page\">\n" . "<form method=\"POST\" action=\"/api/account/import_feed/rss\">\n" . "<table border=\"0\" cellspacing=\"1\" cellpadding=\"5\">\n" . "<tr><th class=\"heading\" colspan=\"2\"><h3>RSS Feed</h3><p>Enter the full URL of the RSS feed, and the privacy of imported posts.</p></th></tr>\n" . "<tr><th>Feed URL</th><td><input type=\"text\" name=\"url\" /></td></tr>\n" . "<tr><th>Privacy</th><td><select name=\"privacy\">\n" . "  <option value=\"0\" " . ($user_row["DefaultPostPrivacy"] == 0 ? "selected" : "") . " >Public</option>\n" . "  <option value=\"1\" " . ($user_row["DefaultPostPrivacy"] == 1 ? "selected" : "") . " >Friends Only</option>\n" . "</select></td></tr>\n" . "<tr><td colspan='2' align='right'><input type='submit' value='Import' /></td></tr>\n" . "</table>\n" . "</div> <!-- #account_form -->\n" . "</div> <!-- .page_wrapper -->\n";
        $html .= render_footer();
        return $html;
    } else {
        header("Location: /403");
    }
}
Beispiel #16
0
function render_home_page($numposts = 20, $page = 1)
{
    $start = (intval($page) - 1) * $numposts;
    $html = render_header("Home");
    $mysqli = db_connect();
    if (isset($_SESSION["user_id"])) {
        // does the logged in user have any friends yet ?
        $friends_sql = "SELECT COUNT(*) AS NumFriends FROM Friends WHERE UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]);
        $friends_result = $mysqli->query($friends_sql);
        $friends_row = $friends_result->fetch_assoc();
        $friends_count = $friends_row["NumFriends"];
        if ($friends_count > 0) {
            // get the friends only posts by people who call you a friend
            // also get friends public posts
            // also get your own posts
            $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar,Likes.Id AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Friends FriendsOfMe ON FriendsOfMe.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND FriendsOfMe.FriendId=Posts.UserId" . " LEFT OUTER JOIN Friends FriendsOfAuthor ON Posts.UserId=FriendsOfAuthor.UserId AND FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " LEFT OUTER JOIN Likes ON Likes.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Likes.PostId=Posts.Id" . " WHERE" . " ((FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . " AND FriendsOfMe.FriendId=Posts.UserId)" . " OR" . " (FriendsOfMe.FriendId=Posts.UserId AND Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " ORDER BY Created DESC LIMIT " . $mysqli->real_escape_string($start) . "," . $mysqli->real_escape_string($numposts);
            $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Friends FriendsOfMe ON FriendsOfMe.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND FriendsOfMe.FriendId=Posts.UserId" . " LEFT OUTER JOIN Friends FriendsOfAuthor ON Posts.UserId=FriendsOfAuthor.UserId AND FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " LEFT OUTER JOIN Likes ON Likes.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Likes.PostId=Posts.Id" . " WHERE" . " ((FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . " AND FriendsOfMe.FriendId=Posts.UserId)" . " OR" . " (FriendsOfMe.FriendId=Posts.UserId AND Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED;
        } else {
            // no friends - fetch popular content from the last 7 days
            $html .= "<div id=\"header\">\n" . "<h1>Welcome to " . SITE_NAME . " - No Friends Yet?</h1>\n" . "<p>Here is some popular content from the last 7 days. You might also like to check out the <a href=\"/explore/firehose\">Firehose</a>.</p>\n" . "</div>\n";
            $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar,null AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE (Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '7' DAY))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Posts.Privacy=" . POST_PRIVACY_PUBLIC . " ORDER BY Created DESC LIMIT " . $mysqli->real_escape_string($start) . "," . $mysqli->real_escape_string($numposts);
            $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE (Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '7' DAY))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Posts.Privacy=" . POST_PRIVACY_PUBLIC;
        }
    } else {
        // not logged in - fetch popular content from the last 7 days
        $html .= "<div id=\"header\">\n" . "<h1>Post, Friend, Follow, Like, Comment</h1>\n" . "<p>Welcome to a new social experience on the internet - <strong><a href=\"/register\">register</a></strong> now, and begin posting!</p>\n" . "</div>\n";
        $sql = "SELECT DISTINCT Posts.*,Users.Username,Users.Avatar,null AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE (Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '7' DAY))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Posts.Privacy=" . POST_PRIVACY_PUBLIC . " ORDER BY Posts.Likes DESC LIMIT " . $mysqli->real_escape_string($start) . "," . $mysqli->real_escape_string($numposts);
        $sql_count = "SELECT COUNT(DISTINCT Posts.Id) AS NumPosts FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " WHERE (Posts.Created > (CURRENT_TIMESTAMP - INTERVAL '7' DAY))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Posts.Privacy=" . POST_PRIVACY_PUBLIC;
        //print "<p>".$sql;
        //print "<p>".$sql_count;
    }
    // fetch count for pagination
    $count_result = $mysqli->query($sql_count);
    $count_row = $count_result->fetch_assoc();
    $count = $count_row["NumPosts"];
    $post_result = $mysqli->query($sql);
    if (isset($_GET["debug"])) {
        print "<p><br /><br /><code>" . $sql . "</code></p>";
    }
    $html .= render_posts($mysqli, $post_result);
    $html .= render_pagination("home/" . $numposts, $page, $count, $numposts);
    $html .= render_display_controls();
    $html .= render_footer();
    // $html .= "<pre>".$sql."</pre>\n";
    return $html;
}
Beispiel #17
0
function invite_page()
{
    $html = render_header("Invite");
    $html .= "<div class=\"page_wrapper\">\n" . "<div id=\"invite\" class=\"page\">\n" . "<h1>Invite</h1>\n" . "<br />\n";
    if (isset($_SESSION["user_id"])) {
        $html .= "<p>Use this page to invite people into the system - just paste text that includes email addresses into the box below, and hit Go - you don't have to clean the text up - the site will find all the valid looking email addresses for you.</p>\n";
        $raw_data = isset($_POST["raw_data"]) ? $_POST["raw_data"] : "";
        if (strpos($_SERVER["REQUEST_URI"], "finished") > 0) {
            $html .= "<br /><br /><h1>Finished!</h1><p>Your email invites have been sent.</p>\n\n";
        } else {
            $html .= "<form method=\"POST\" action=\"/api/invite\">\n" . "<textarea id=\"raw_data\" name=\"raw_data\" rows=\"10\" style=\"width:100%;\">\n" . $raw_data . "</textarea>\n" . "<input type=\"submit\" value=\"Go!\" />\n" . "</form>\n" . "<br /><p><small>WeTheUsers does not record invited email addresses.</small></p>\n";
        }
    } else {
        $html .= "<p>You must be logged in to use this feature.</p>\n";
    }
    $html .= "</div></div>\n";
    $html .= render_footer();
    return $html;
}
Beispiel #18
0
<?php

// Displays the ending html stuff, and potentially the quickstats js refresh.
echo render_footer($quickstat);
Beispiel #19
0
				<td><?php 
            echo $proposicao->ementa;
            ?>
</td>
				<td><input type="checkbox" name"proposicoes[]" value="<?php 
            echo $proposicao->sigla;
            ?>
"></td>
			</tr>
	<?php 
        }
    }
    ?>
		</tbody>
	</table>
</td>
			</tr>
	<?php 
}
?>
		</tbody>
	</table>

	
</div>

<?php 
render_footer();
?>

0800 771 COPA (2672)
Beispiel #20
0
function render_apply_changes_page() {
	global $user_id;
	$dir = str_replace('index.php', 'files', $_SERVER['SCRIPT_FILENAME']);
	render_header('Greyhole Configuration - Apply your changes');
	?>
	<span style="color:red">Your changes have not yet been applied.</span><br/>
	You'll need to execute the following command in a terminal or using SSH, logged as <em>root</em> on your server:
	<pre>/usr/bin/greyhole-config-update '<?php echo $dir ?>' <?php echo md5($user_id) ?></pre>
	<?php
	render_footer();
}
Beispiel #21
0
function render_profile_page_followers($username, $page)
{
    $html = "";
    $start = (intval($page) - 1) * 20;
    $mysqli = db_connect();
    if (isset($_SESSION["user_id"])) {
        $sql = "SELECT Users.*,Friends.FriendId,FriendsB.FriendId AS FriendBId FROM Users" . " LEFT OUTER JOIN Friends ON Friends.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Friends.FriendId=Users.Id" . " LEFT OUTER JOIN Friends FriendsB ON FriendsB.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND FriendsB.UserId=Users.Id" . " WHERE Username='******'";
    } else {
        $sql = "SELECT * FROM Users WHERE Username='******'";
    }
    $user_result = $mysqli->query($sql);
    if ($user_result->num_rows > 0) {
        $user_row = $user_result->fetch_assoc();
        $user_id = $user_row["Id"];
        $html .= "<div class=\"profile_menu_wrapper\">\n" . "<ul class=\"profile_menu\">\n" . "<li><a href=\"/" . $username . "\" title=\"Posts\">Posts</a></li>\n" . ($user_row["ShowFriends"] == 1 ? "<li><a href=\"/" . $username . "/friends\" title=\"Friends\">Friends</a></li>\n" : "") . ($user_row["ShowFriendOf"] == 1 ? "<li class=\"selected\"><a href=\"/" . $username . "/followers\" title=\"Followers\">Followers</a></li>\n" : "") . "</ul>\n" . "<div class=\"clear\"></div>\n" . "</div>\n";
        $sql = "SELECT Users.*, COUNT(DISTINCT Posts.Id) AS PostCount, COUNT(DISTINCT Comments.Id) AS CommentCount, COUNT(DISTINCT Likes.Id) AS LikesCount,COUNT(DISTINCT Posts.Id) + COUNT(DISTINCT Comments.Id) + COUNT(DISTINCT Likes.Id) AS TotalCount\n" . " FROM Users" . " INNER JOIN Friends ON Users.Id=Friends.UserId" . " LEFT OUTER JOIN Posts ON Posts.UserId=Users.Id AND Posts.Status=1 AND Posts.Privacy=0" . " LEFT OUTER JOIN Comments ON Posts.Id=Comments.PostId AND Comments.UserId<>Users.Id" . " LEFT OUTER JOIN Likes ON Posts.Id=Likes.PostId AND Likes.UserId<>Users.Id" . " WHERE Friends.FriendId=" . $mysqli->real_escape_string($user_id) . " GROUP BY Users.Id" . " ORDER BY TotalCount DESC" . " LIMIT " . $mysqli->real_escape_string($start) . ",20";
        $sql_count = "SELECT COUNT(DISTINCT Users.Id) AS NumUsers" . " FROM Users" . " INNER JOIN Friends ON Users.Id=Friends.UserId" . " WHERE Friends.FriendId=" . $user_id;
        // fetch count for pagination
        $count_result = $mysqli->query($sql_count);
        $count_row = $count_result->fetch_assoc();
        $count = $count_row["NumUsers"];
        $user_result = $mysqli->query($sql);
        if ($user_result->num_rows > 0) {
            $html .= "<div class=\"directory_users\">\n";
            while ($user_row = @$user_result->fetch_assoc()) {
                $html .= render_user($user_row);
            }
            $html .= "</div>\n";
        } else {
            $html .= "<div id=\"header\"><h3>Nobody has added you as a friend yet.</h3><p>Go explore the public posts, and get to know a few people :)</p></div>\n";
        }
        $html .= render_pagination($username . "/followers", $page, $count, 20);
        $html .= "</div> <!-- .page -->\n" . "</div> <!-- .page_wrapper -->\n";
        $html .= render_footer();
        return $html;
    }
}
Beispiel #22
0
<?php

/*
 * newsmiley.php - Create a new feed story
 *
 */
include_once 'constants.php';
include_once LIB_PATH . 'moods.php';
include_once LIB_PATH . 'display.php';
echo render_header('New');
$moods = get_moods();
echo '<h2>' . 'What\'s your mood today?' . '</h2>';
$fb = get_fb();
$set_count = $fb->api_client->data_getUserPreference(2);
if ($set_count > 0) {
    echo "<h3>You've set your mood {$set_count} time" . ($set_count > 1 ? 's' : '') . " in the past.</h3>";
}
$feed_handler = ROOT_LOCATION . '/handlers/feedHandler.php';
echo '<form fbtype="feedStory" action="' . $feed_handler . '">';
$js = 'final(' . FEED_STORY_1 . ',\'' . IMAGE_LOCATION . '\', \'http://apps.new.facebook.com/' . APP_SUFFIX . '\', \'' . ROOT_LOCATION . '\',';
echo render_emoticon_grid(get_moods(), $js);
echo '<input type="hidden" id="picked" name="picked" value="-1">' . '<div id="emoticon"></div>' . '</form></div>';
echo render_footer();
Beispiel #23
0
function render_message_page($message_id, $in_reply_to = 0)
{
    if (isset($_SESSION["user_id"])) {
        $mysqli = db_connect();
        $overall_total_sql = "SELECT COUNT(Id) AS NumMessages FROM Messages WHERE ToUserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND ToStatus=0 AND ReadFlag=0";
        $overall_total_result = $mysqli->query($overall_total_sql);
        $overall_total_row = $overall_total_result->fetch_assoc();
        $overall_total = $overall_total_row["NumMessages"] > 0 ? " (" . $overall_total_row["NumMessages"] . ")" : "";
        $inbox_total_sql = "SELECT COUNT(Id) AS NumMessages FROM Messages WHERE ToUserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND ToStatus=0 AND Type=0 AND ReadFlag=0";
        $inbox_total_result = $mysqli->query($inbox_total_sql);
        $inbox_total_row = $inbox_total_result->fetch_assoc();
        $inbox_total = $inbox_total_row["NumMessages"] > 0 ? " (" . $inbox_total_row["NumMessages"] . ")" : "";
        $notification_total_sql = "SELECT COUNT(Id) AS NumMessages FROM Messages WHERE ToUserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND ToStatus=0 AND Type>0 AND ReadFlag=0";
        $notification_total_result = $mysqli->query($notification_total_sql);
        $notification_total_row = $notification_total_result->fetch_assoc();
        $notification_total = $notification_total_row["NumMessages"] > 0 ? " (" . $notification_total_row["NumMessages"] . ")" : "";
        $html = render_header("Message");
        $html .= "<div class=\"bg_menu_wrapper\">\n" . "<ul class=\"bg_menu\">\n" . "<li><a href=\"/messages/compose\" title=\"Compose\">Compose</a></li>\n" . "<li><a href=\"/messages/all\" title=\"All\">All" . $overall_total . "</a></li>\n" . "<li><a href=\"/messages/inbox\" title=\"Inbox\">Inbox" . $inbox_total . "</a></li>\n" . "<li><a href=\"/messages/outbox\" title=\"Outbox\">Outbox</a></li>\n" . "<li><a href=\"/messages/notifications\" title=\"Notifications\">Notifications" . $notification_total . "</a></li>\n" . "<li><a href=\"/messages/trash\" title=\"Trash\">Trash</a></li>\n" . "<li class=\"selected\">Message</li>\n" . "</ul>\n" . "<div class=\"clear\"></div>\n" . "</div>\n";
        $html .= "<div id=\"header\">\n" . "<h1>Message</h1>\n" . "</div> <!-- #header -->\n" . "<div id=\"messages\">\n";
        // fetch the message
        $sql = "SELECT Messages.RootId" . " FROM Messages" . " WHERE Messages.Id=" . $mysqli->real_escape_string($message_id) . " AND (Messages.ToUserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " OR Messages.FromUserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . ")";
        $message_result = $mysqli->query($sql);
        if ($message_result->num_rows > 0) {
            $message_row = $message_result->fetch_assoc();
            // get the messages matching the root id
            $sql = "SELECT Messages.*,FromUsers.Username As FromUsersUsername, FromUsers.Avatar AS FromUsersAvatar, ToUsers.Username As ToUsersUsername, ToUsers.Avatar AS ToUsersAvatar, ParentUsers.Username AS ParentUsersUsername, ParentMessages.Id AS ParentMessagesId" . " FROM Messages" . " INNER JOIN Users FromUsers ON Messages.FromUserId=FromUsers.Id" . " INNER JOIN Users ToUsers ON Messages.ToUserId=ToUsers.Id" . " LEFT OUTER JOIN Messages ParentMessages ON ParentMessages.Id=Messages.ParentId" . " LEFT OUTER JOIN Users ParentUsers ON ParentMessages.FromUserId=ParentUsers.Id" . " WHERE ((Messages.RootId=" . $mysqli->real_escape_string($message_row["RootId"]) . " AND Messages.Type=0) OR Messages.Id=" . $mysqli->real_escape_string($message_id) . ")" . " ORDER BY Created";
            $message_result = $mysqli->query($sql);
            $last_message_row = null;
            while ($message_row = @$message_result->fetch_assoc()) {
                $html .= "\n<div>\n\n" . render_message($message_row, false, $message_row["Id"] == $message_id ? true : false) . "</div> <!-- #messages -->\n";
                if ($message_row["FromUserId"] != $_SESSION["user_id"]) {
                    $last_message_row = $message_row;
                }
            }
            // Render the post message form
            $html .= "<form method=\"POST\" action=\"/api/message/send\" enctype=\"multipart/form-data\">\n" . "<input type=\"hidden\" name=\"to\" value=\"" . $last_message_row["FromUsersUsername"] . "\" />\n" . "<input type=\"hidden\" name=\"in_reply_to\" value=\"" . ($in_reply_to > 0 ? $in_reply_to : $last_message_row["Id"]) . "\" />\n" . "<div class=\"message_form_wrapper\">\n" . "<div class=\"message_form\">\n" . "<h3>Message</h3>\n" . "<p>Write your message here... (supports <a href=\"http://daringfireball.net/projects/markdown/\">markdown</a>)</p>\n" . "<div><textarea id=\"message_body\" name=\"body\" rows=\"10\"></textarea></div>\n" . "<input type=\"submit\" value=\"Send\" />\n" . "</div> <!-- .message_form -->\n" . "</div> <!-- .message_form_wrapper -->\n" . "</form>\n" . "<a name='form'></a>\n" . "<script>\n" . "\$(\"#message_body\").focus();\n" . "</script>\n";
            $html .= "</div> <!-- #messages -->\n";
        } else {
            // requested message not found
            $html .= "<div class=\"message_form_wrapper\"><div class=\"message_form\"><h4>Message not found</h4></div></div>\n";
        }
        $html .= render_footer();
    } else {
        header("Location: /403");
    }
    return $html;
}
<?php unset($_SESSION['user']); ?>
<?php render_header(false); ?>
            <form id="login" method="post">
                <label for="username">username:</label><input type="text" name="username" id="username" /><br />
                <label for="password">password:</label><input type="password" name="password" id="password" /><br />

                <div class="buttons">
                    <?php
                    if(!empty($_SESSION['login_flash'])){
                        ?>
                        <div class="error"><?= $_SESSION['login_flash'] ?></div>
                        <?php
                        unset($_SESSION['login_flash']);
                    }
                    ?>
                    <input type="submit" value="login" />
                </div>
            </form>
            <script type="text/javascript">
            $(function(){
                $('#login').submit(function(){
                    var pass = $('#password'),
                        user = $('#username');
                    if(! user.val()){ user.focus(); return false; }
                    if(! pass.val()){ pass.focus(); return false; }
                }).find('input').eq(0).focus();
            })
            </script>
<?php render_footer(); ?>
Beispiel #25
0
<?php

$private = false;
$alive = false;
$page_title = "Staff";
$quickstat = false;
//include SERVER_ROOT."interface/header.php";
$header = render_html_for_header('Ninjawars Staff', 'ninjawars-staff');
$footer = render_footer();
$parts = get_certain_vars(get_defined_vars());
echo render_template('staff.tpl', $parts);
Beispiel #26
0
$is_not_logged_in = !$is_logged_in;
$username = get_username();
$user_id = get_user_id();
// Player counts.
$stats = membership_and_combat_stats($sql);
$player_count = $stats['player_count'];
$players_online = $stats['players_online'];
$header = render_html_for_header('Live By the Sword', 'main-body', $is_index = true);
// render_html_for_header Writes out the html,head,meta,title,css,js.
$version = 'NW Version 1.7.1 2009.11.22';
// Display main iframe page unless logged in.
$main_src = 'main.php';
if ($is_logged_in) {
    $level = getLevel($username);
    $main_src = 'list_all_players.php';
    if ($level == 1) {
        $main_src = 'tutorial.php';
    } elseif ($level < 6) {
        $main_src = 'attack_player.php';
    }
}
$parts = get_certain_vars(get_defined_vars(), array('vicious_killer'));
if (!$is_logged_in) {
    echo render_template('splash2.tpl', $parts);
    // Non-logged in template.
} else {
    echo render_template('index.tpl', $parts);
    // Logged in template.
}
echo render_footer(null, true);
// Skip quickstats.
Beispiel #27
0
<?php

$alive = false;
$private = false;
$quickstat = false;
$page_title = "Main";
require_once LIB_ROOT . "specific/lib_player_list.php";
$header = render_html_for_header('Welcome to Ninjawars', 'main-intro');
$footer = render_footer($quickstat);
$progression = render_template('progression.tpl', array('WEB_ROOT' => WEB_ROOT, 'IMAGE_ROOT' => IMAGE_ROOT));
$parts = get_certain_vars(get_defined_vars());
echo render_template('main.tpl', $parts);
function form()
{
    session_start();
    //print_r($_SESSION);
    include_once "addlogic.inc.php";
    require_once 'lifestylelinking/logic/openid.php';
    //header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
    //header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
    //header("Cache-Control: no-store, no-cache, must-revalidate");
    //header("Cache-Control: post-check=0, pre-check=0", false);
    //header("Pragma: no-cache");
    pageheader();
    $self = $_SERVER['SCRIPT_NAME'];
    ?>


<body>

<?php 
    // include the page header for signed in
    include_once "lifestylelinking/me/localheader.php";
    ?>
  

<div class="mid-wrapper">
	<div class="sub-nav">

	</div>
	<div class="mid">
	<div class="content">
<?php 
    // include the page header for signed in
    //include_once ("lifestylelinking/loginfiles/menav.php");
    ?>
<br />
Attach an openID here:
<div class="leftmid">
<?php 
    if (!isset($_POST['attached'])) {
        // form not submitted
        ?>

<BR><br>
<form method="post" action=" <?php 
        echo $self;
        ?>
 " >
 Please enter the openID URL:
<input type="text" name="attopenid" size="60" value="">
<input type="Submit" name="attached" value="Attach"><br><br>
</form>

<BR>
</br />
<br />
<?php 
    }
    if (!isset($_POST['removeid']) && !isset($_POST['attached'])) {
        // display current feeds and give ability to edit/update or delete
        //GetOpenIDsByUser($_SESSION[user_id]);
        $db->query = "SELECT * FROM " . LIFEDATA . ".user_openids WHERE " . LIFEDATA . ".user_openids.user_id = '{$_SESSION['user_id']}' ";
        //echo $db->query;
        $result = mysql_query($db->query) or die(mysql_error());
        // present results in table
        if (mysql_num_rows($result) > 0) {
            echo "Current openID URL(s) attached.";
            echo "<table width=\"660\" border=\"1\" >";
            echo "<tr>";
            //echo "<th>" .'Number'. "</th>";
            echo "<th width=\"100\">" . 'openID URL' . "</th>";
            //echo "<th>" .'Update'. "</th>";
            echo "<th>" . 'remove' . "</th>";
            echo "</tr>";
            while ($row = mysql_fetch_object($result)) {
                ?>

<form method="post" action=" <?php 
                echo $self;
                ?>
 " 
<tr>
<input type="hidden"  name="opendidid" value="<?php 
                echo $row->openid_url;
                ?>
">
<td>
<input type="text" size="80"  name="openidurl" value="<?php 
                echo $row->openid_url;
                ?>
"></td>
<td>
<input type="Submit" name="removeid" value="Remove"  >
</td>
</tr>
</form>
<?php 
            }
            echo "</table>";
        }
    }
    // if feed not set for delete yet.
    if (isset($_POST['attached']) && !isset($_POST['removeid'])) {
        // its the first time a rss feed has been uploaded
        //check if text typed in and start save process
        $attachopenid = empty($_POST['attopenid']) ? die("<br />Please type in openID Url") : mysql_escape_string($_POST['attopenid']);
        $_SESSION[attached] = $attachopenid;
        AttachOpenID($attachopenid, $_SESSION[user_id]);
    }
    // if feed needs to be deleted
    // first need to identify which feed the user has selected.  Explode/trim deletefeed to get feedid
    if (isset($_POST['removeid'])) {
        $feedtodelete = empty($_POST['opendidid']) ? die("There is no openID URL to delete") : mysql_escape_string($_POST['opendidid']);
        $db->query = "DELETE FROM " . LIFEDATA . ".user_openids WHERE " . LIFEDATA . ".user_openids.openid_url = '{$feedtodelete}' AND " . LIFEDATA . ".user_openids.user_id = '{$_SESSION['user_id']}' ";
        // execute query grouped words
        $savelocal = mysql_query($db->query) or die("Error in query: {$db->query}. " . mysql_error());
        if ($savelocal) {
            $self = $_SERVER['SCRIPT_NAME'];
            $db->query = "SELECT * FROM " . LIFEDATA . ".user_openids WHERE " . LIFEDATA . ".user_openids.user_id = '{$_SESSION['user_id']}' ";
            //echo $db->query;
            $result = mysql_query($db->query) or die(mysql_error());
            // present results in table
            if (mysql_num_rows($result) > 0) {
                echo "Current openID URL(s) saved and attached.";
                echo "<table width=\"660\" border=\"1\" >";
                echo "<tr>";
                //echo "<th>" .'Number'. "</th>";
                echo "<th width=\"100\">" . 'openID URL' . "</th>";
                //echo "<th>" .'Update'. "</th>";
                echo "<th>" . 'remove' . "</th>";
                echo "</tr>";
                while ($row = mysql_fetch_object($result)) {
                    ?>
<form method="post" action=" <?php 
                    echo $self;
                    ?>
 " 
<tr>
<input type="hidden"  name="opendidid" value="<?php 
                    echo $row->openid_url;
                    ?>
">
<td>
<input type="text" size="80"  name="openidurl" value="<?php 
                    echo $row->openid_url;
                    ?>
"></td>
<td>
<input type="Submit" name="removeid" value="Remove"  >
</form>
</td>
</tr>
</form>

<?php 
                }
                echo "</table>";
            }
        }
        //closes if what do dispaly if delete pressed
    }
    // closes if deleted pressed
    ?>



</p>
</div>  <!-- closes leftmid-->

<div class="rightmid">

</div>  <!-- closes rightmid-->


</div>  <!-- closes content-->
	</div>
	
	<br />

</div>
<?php 
    // include the page footer for signed in
    include_once "lifestylelinking/me/localfooter.php";
    ?>
  

<?php 
    echo render_footer();
    ?>
  

</body>
</html>

<?php 
}
Beispiel #29
0
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------*/
if (!defined("IN_FUSION")) {
    header("Location: index.php");
    exit;
}
// seitenaufbau zeit
$mtime = explode(" ", microtime());
$mtime = $mtime[1] + $mtime[0];
$zeitintervall = round($mtime - $starttime, 4);
// sql zeiten / queries
$sqlzeit = round($_SESSION['starttimesql'], 4);
/**echo "<a target='_blank' href='http://www.dsl-speed-messung.de'>
<img src='http://www.kostenloser-suchmaschineneintrag.de/rank/image.cgi?www.bs-fusion.de' border='0'></a>";
**/
render_footer(false);
// sql zeiten / queries
$w3c_check = "<a href=\"http://validator.w3.org/check?uri=referer\"><img\n        src=\"" . IMAGES . "valid-html401.png\"\n        alt=\"Valid HTML 4.01 Transitional\" height=\"31\" width=\"88\" border=\"0\" title=\"Valid HTML 4.01 Transitional\"></a>\n <a href=\"http://jigsaw.w3.org/css-validator/\">\n  <img border=\"0\" width=\"88\" height=\"31\"\n       src=\"" . IMAGES . "vcss.png\" \n       alt=\"Valid CSS!\" title=\"Valid CSS\">\n </a><br>\n";
echo "<center>{$w3c_check}<table><tr><td class='footer'>runtime: " . $zeitintervall . "s / sql queries: " . $querycounts . " / sql time: " . $sqlzeit . "s / php: v" . phpversion() . " / ";
//print_r(ob_list_handlers());
$string = ob_list_handlers();
if (eregi("ob_gzhandler", $string[0]) || eregi("ob_gzhandler", $string[1])) {
    echo "ob_gzhandler ON\n";
} else {
    echo "ob_gzhandler off (standard)\n";
}
echo "</td>\n</tr>\n</table>\n</center>\n" . (!iADMIN ? "<script src='http://layer-ads.de/la-48546-subid:bsfusion.js' type='text/javascript'></script>" : "") . "\n</body>\n</html>\n";
$result = dbquery("DELETE FROM " . $db_prefix . "captcha WHERE captcha_datestamp < '" . (time() - 360) . "'");
//$result = dbquery("DELETE FROM ".$db_prefix."new_users WHERE user_datestamp < '".(time()-604800)."'");
$result = dbquery("DELETE FROM " . $db_prefix . "vcode WHERE vcode_datestamp < '" . (time() - 360) . "'");
if (iSUPERADMIN) {
Beispiel #30
0
function render_post_edit_page($post_id)
{
    $html = "";
    if (isset($_SESSION["user_id"])) {
        // fetch the post to edit
        $mysqli = db_connect();
        $post_result = $mysqli->query("SELECT * FROM Posts WHERE Id=" . $mysqli->real_escape_string($post_id));
        if ($post_result->num_rows > 0) {
            $post_row = $post_result->fetch_assoc();
            // check if the logged in user wrote the post
            if ($_SESSION["user_id"] == $post_row["UserId"]) {
                // fetch the tags
                $tags = "";
                $tags_array = array();
                $tags_result = $mysqli->query("SELECT * FROM PostTags INNER JOIN Tags ON PostTags.TagId=Tags.Id WHERE PostTags.PostId=" . $mysqli->real_escape_string($post_id) . " ORDER BY Tags.Name");
                if ($tags_result->num_rows > 0) {
                    while ($row = @$tags_result->fetch_assoc()) {
                        $tags_array[] = $row["Name"];
                    }
                    $tags = implode(", ", $tags_array);
                }
                $html .= render_header("Edit Post");
                $html .= "<div class=\"page_wrapper\">\n" . "<div id=\"post_form\" class=\"page\">\n" . "<h1>Edit Post</h1>\n" . "<form method=\"POST\" action=\"/api/post/edit\" enctype=\"multipart/form-data\">\n" . "  <input type=\"hidden\" name=\"id\" value=\"" . $post_row["Id"] . "\" />\n" . "  <div class=\"form_field\">\n" . "  <div class=\"form_field_label\">Title <small>(required)</small></div>\n" . "\t\t<div class=\"form_field_control\"><input type=\"text\" name=\"title\"  value=\"" . htmlspecialchars($post_row["Title"]) . "\" /></div>\n" . "\t</div>\n" . "\t<div class=\"form_field\">\n";
                // <small>(optional) - <a href=\"lib/api.php?action=post_remove_image&id=".$post_row["Id"]."\">Remove Existing Photo</a>)</small>
                if ($post_row["Photo"] != "") {
                    $html .= "<div class=\"form_field_label\">Photo <small>(optional - 4Mb upload limit per image, jpg, png or gif)</small></div>\n" . "<div class=\"form_field_control\"><img src=\"/" . $post_row["Photo"] . "\" width=\"500\" /></div>\n" . "<div class=\"form_field_control\"><input type=\"file\" name=\"photo\" id=\"photo\" /> <small>(choose to replace current image)</small></div>\n";
                } else {
                    $html .= "<div class=\"form_field_control\"><input type=\"file\" name=\"photo\" id=\"photo\" /></div>\n";
                }
                $html .= "\t</div>\n" . "\t<div class=\"form_field\">\n" . "\t\t<div class=\"form_field_label\">Body <small>(supports <a href='http://daringfireball.net/projects/markdown/basics' target='_blank'>markdown</a>)</small></div>\n" . "\t\t<div class=\"form_field_control\"><textarea name=\"body\" rows=\"15\" >" . $post_row["Body"] . "</textarea></div>\n" . "\t</div>\n" . "\t<div class=\"form_field\">\n" . "\t\t<div class=\"form_field_label\">Tags <small>(comma separated)</small></div>\n" . "\t\t<div class=\"form_field_control\"><input type=\"text\" name=\"tags\" value=\"" . htmlspecialchars($tags) . "\" /></div>\n" . "\t</div>\n" . "\t<div class=\"form_field\">\n" . "\t\t<div class=\"form_field_label\">Privacy</div>\n" . "\t\t<div class=\"form_field_control\"><select name=\"privacy\">\n" . "\t\t\t<option value=\"0\" " . ($post_row["Privacy"] == 0 ? "selected" : "") . " >Public</option>\n" . "\t\t\t<option value=\"1\" " . ($post_row["Privacy"] == 1 ? "selected" : "") . " >Friends Only</option>\n" . "\t\t</select></div>\n" . "\t</div>\n" . "\t<div class=\"form_field\">\n" . "\t\t<div class=\"form_field_label\">Status</div>\n" . "\t\t<div class=\"form_field_control\"><select name=\"status\">\n" . "\t\t\t<option value=\"0\" " . ($post_row["Status"] == 0 ? "selected" : "") . " >Draft</option>\n" . "\t\t\t<option value=\"1\" " . ($post_row["Status"] == 1 ? "selected" : "") . " >Published</option>\n" . "\t\t</select></div>\n" . "\t</div>\n" . "\t<input type=\"submit\" value=\"Make Changes\" />\n" . "</form>\n" . "</div>\n" . "</div>\n";
            } else {
                header("Location: /401?reason=not_author&loggedin=" . $_SESSION["user_id"] . "&author=" . $row["UserId"]);
            }
            $html .= render_footer();
        } else {
            header("Location: /404?reason=post_not_found");
        }
    } else {
        header("Location: /401?reason=not_logged_in");
    }
    return $html;
}