<?php
/* $Id: admin_group.php 10 2009-01-11 06:03:42Z john $ */
$page = "admin_group";
include "admin_header.php";
if (isset($_POST['task'])) {
$task = $_POST['task'];
} elseif (isset($_GET['task'])) {
$task = $_GET['task'];
} else {
$task = "main";
}
// SET RESULT VARIABLE
$result = 0;
// SAVE CHANGES
if ($task == "dosave") {
$setting[setting_permission_group] = $_POST['setting_permission_group'];
$setting[setting_group_discussion_code] = $_POST['setting_group_discussion_code'];
$setting[setting_group_discussion_html] = str_replace(" ", "", $_POST['setting_group_discussion_html']);
// SAVE CHANGES
$database->database_query("UPDATE se_settings SET \n\t\t\tsetting_permission_group='{$setting['setting_permission_group']}',\n\t\t\tsetting_group_discussion_code = '{$setting['setting_group_discussion_code']}',\n\t\t\tsetting_group_discussion_html = '{$setting['setting_group_discussion_html']}'");
$result = 1;
}
// GET TABS AND FIELDS
$field = new se_field("group");
$field->cat_list();
$cat_array = $field->cats;
// ASSIGN VARIABLES AND SHOW GENERAL SETTINGS PAGE
$smarty->assign('result', $result);
$smarty->assign('cats', $cat_array);
include "admin_footer.php";
if (!$user->level_info['level_profile_style'] && !$user->level_info['level_profile_style_sample']) {
$style_profile = "";
$style_profile_sample = 0;
} elseif (!$user->level_info['level_profile_style'] && $user->level_info['level_profile_style_sample']) {
$style_profile = addslashes(str_replace("-moz-binding", "", strip_tags($sample[$style_profile_sample])));
}
// UPDATE DATABASE
$database->database_query("UPDATE se_profilestyles SET profilestyle_css='{$style_profile}', profilestyle_stylesample_id='{$style_profile_sample}' WHERE profilestyle_user_id='{$user->user_info['user_id']}' LIMIT 1");
$user->user_lastupdate();
$result = 1;
}
// GET THIS USER'S PROFILE CSS
$style_query = $database->database_query("SELECT profilestyle_css, profilestyle_stylesample_id FROM se_profilestyles WHERE profilestyle_user_id='{$user->user_info['user_id']}' LIMIT 1");
if ($database->database_num_rows($style_query) == 1) {
$style_info = $database->database_fetch_assoc($style_query);
} else {
$database->database_query("INSERT INTO se_profilestyles (profilestyle_user_id, profilestyle_css, profilestyle_stylesample_id) VALUES ('{$user->user_info['user_id']}', '', '0')");
$style_info['profilestyle_css'] = "";
$style_info['profilestyle_stylesample_id'] = 0;
}
// GET TABS TO DISPLAY ON TOP MENU
$field = new se_field("profile", $user->profile_info);
$field->cat_list(0, 0, 0, "profilecat_id='{$user->user_info['user_profilecat_id']}'");
$cat_array = $field->subcats;
// ASSIGN SMARTY VARIABLES AND INCLUDE FOOTER
$smarty->assign('result', $result);
$smarty->assign('cats', $cat_array);
$smarty->assign('style_info', $style_info);
$smarty->assign('sample_css', $sample_css);
$smarty->assign('style_profile', htmlspecialchars($style_info['profilestyle_css'], ENT_QUOTES, 'UTF-8'));
include "footer.php";
$hideSearch = $_POST['hideSearch'];
} elseif (isset($_GET['hideSearch'])) {
$hideSearch = $_GET['hideSearch'];
}
if (isset($_POST['hideDisplay'])) {
$hideDisplay = $_POST['hideDisplay'];
} elseif (isset($_GET['hideDisplay'])) {
$hideDisplay = $_GET['hideDisplay'];
}
if (isset($_POST['hideSpecial'])) {
$hideSpecial = $_POST['hideSpecial'];
} elseif (isset($_GET['hideSpecial'])) {
$hideSpecial = $_GET['hideSpecial'];
}
// INITIALIZE FIELD OBJECT
$field = new se_field($type);
// Flush cached stuff
if (!empty($_GET['cat_id']) && is_object($cache_object)) {
$cache_object->remove('site_profile_categories_' . $_GET['cat_id']);
}
// SAVE CATEGORY
if ($task == "savecat") {
$cat_id = $_GET['cat_id'];
$cat_title = $_GET['cat_title'];
$cat_dependency = $_GET['cat_dependency'];
// IF CAT TITLE IS BLANK, DELETE
if ($cat_title == "") {
if ($cat_id != "new") {
$field->cat_delete($cat_id);
}
// SEND AJAX CONFIRMATION
if ($task == "step1" || $task == "step1do" || $task == "step2" || $task == "step2do") {
if ($database->database_num_rows($database->database_query("SELECT NULL FROM se_profilecats WHERE profilecat_id='{$signup_cat}' AND profilecat_dependency='0'")) != 1) {
$cat_info = $database->database_fetch_assoc($database->database_query("SELECT profilecat_id FROM se_profilecats WHERE profilecat_dependency='0' AND profilecat_signup = 1 ORDER BY profilecat_order LIMIT 1"));
$signup_cat = $cat_info['profilecat_id'];
}
if ($task == "step2do") {
$validate = 1;
} else {
$validate = 0;
}
if ($task != "step1") {
$cat_where = "profilecat_signup='1' AND profilecat_id='{$signup_cat}'";
} else {
$cat_where = "profilecat_signup='1'";
}
$field = new se_field("profile");
$field->cat_list($validate, 0, 0, $cat_where, "", "profilefield_signup='1'");
$cat_array = $field->cats;
if ($task != "step1" && count($cat_array) == 0) {
$task = "step1";
}
if ($validate == 1) {
$is_error = $field->is_error;
}
if ($task != "step1" && count($field->fields_all) == 0) {
$task = "step2do";
}
}
if ($task == "step2do") {
// PROFILE FIELD INPUTS PROCESSED AND CHECKED FOR ERRORS ABOVE
// IF THERE IS NO ERROR, ADD USER AND USER PROFILE AND CONTINUE TO STEP 3
if (count($usersettings) > 0) {
$database->database_query("UPDATE se_usersettings SET " . implode(", ", $usersettings) . " WHERE usersetting_user_id='{$user->user_info['user_id']}' LIMIT 1");
// Flush cached usersettings
$usersettings_static =& SEUser::getUserSettings($user->user_info['user_id']);
$usersettings_static = NULL;
$cache_object = SECache::getInstance();
if (is_object($cache_object)) {
$cache_object->remove('site_user_settings_' . $user->user_info['user_id']);
}
}
// IF USERNAME HAS CHANGED, DELETE OLD RECENT ACTIVITY
if ($user->user_info['user_username'] != $user_username) {
$database->database_query("DELETE FROM se_actions WHERE action_user_id='{$user->user_info['user_id']}'");
}
// RESET USER INFO
$user = new se_user(array($user->user_info['user_id']));
// UPDATE COOKIES
$user->user_setcookies();
}
}
// GET PROFILE CATEGORIES
$field = new se_field("profile");
$field->cat_list(0, 0, 0, "profilecat_signup='1' || profilecat_id='{$user->user_info['user_profilecat_id']}'", "profilecat_id='0'", "");
// ASSIGN VARIABLES AND INCLUDE FOOTER
$smarty->assign('result', $result);
$smarty->assign('is_error', $is_error);
$smarty->assign('cats', $field->cats);
$smarty->assign('notifytypes', $notifytypes);
$smarty->assign('old_subnet_name', $subnet[2]);
$smarty->assign('new_subnet_name', $subnet[1]);
include "footer.php";
$groupsubcat = $groupcat;
$groupcat = $database->database_fetch_assoc($database->database_query("SELECT groupcat_id, groupcat_title FROM se_groupcats WHERE groupcat_id='{$groupcat['groupcat_dependency']}' LIMIT 1"));
}
}
}
// CREATE GROUP OBJECT
$group = new se_group();
// GET TOTAL GROUPS
$total_groups = $group->group_total($where);
// MAKE ENTRY PAGES
$groups_per_page = 10;
$page_vars = make_page($total_groups, $groups_per_page, $p);
// GET GROUP ARRAY
$group_array = $group->group_list($page_vars[0], $groups_per_page, $s, $where, TRUE);
// GET CATS
$field = new se_field("group");
$field->cat_list(0, 0, 0, "", "", "groupfield_id=0");
$cat_array = $field->cats;
// SET GLOBAL PAGE TITLE
$global_page_title[0] = 2000324;
$global_page_description[0] = 2000325;
// ASSIGN SMARTY VARIABLES AND DISPLAY GROUPS PAGE
$smarty->assign('groupcat_id', $groupcat_id);
$smarty->assign('groupcat', $groupcat);
$smarty->assign('groupsubcat', $groupsubcat);
$smarty->assign('cats', $cat_array);
$smarty->assign('groups', $group_array);
$smarty->assign('total_groups', $total_groups);
$smarty->assign('p', $page_vars[1]);
$smarty->assign('maxpage', $page_vars[2]);
$smarty->assign('p_start', $page_vars[0] + 1);
$database->database_query("DELETE FROM se_notifys USING se_notifys LEFT JOIN se_notifytypes ON se_notifys.notify_notifytype_id=se_notifytypes.notifytype_id WHERE se_notifys.notify_user_id='{$group->group_info['group_user_id']}' AND se_notifytypes.notifytype_name='grouppost' AND notify_object_id='{$group->group_info['group_id']}'");
}
// GET GROUP COMMENTS
$comment = new se_comment('group', 'group_id', $group->group_info['group_id']);
$total_comments = $comment->comment_total();
// GET GROUP MEDIA
$groupalbum_info = $database->database_fetch_assoc($database->database_query("SELECT groupalbum_id FROM se_groupalbums WHERE groupalbum_group_id='{$group->group_info['group_id']}' LIMIT 1"));
$total_files = $group->group_media_total($groupalbum_info[groupalbum_id]);
// GET GROUP FIELDS
$groupcat_info = $database->database_fetch_assoc($database->database_query("SELECT t1.groupcat_id AS subcat_id, t1.groupcat_title AS subcat_title, t1.groupcat_dependency AS subcat_dependency, t2.groupcat_id AS cat_id, t2.groupcat_title AS cat_title FROM se_groupcats AS t1 LEFT JOIN se_groupcats AS t2 ON t1.groupcat_dependency=t2.groupcat_id WHERE t1.groupcat_id='{$group->group_info['group_groupcat_id']}'"));
if ($groupcat_info['subcat_dependency'] == 0) {
$cat_where = "groupcat_id='{$group->group_info['group_groupcat_id']}'";
} else {
$cat_where = "groupcat_id='{$groupcat_info['subcat_dependency']}'";
}
$field = new se_field("group", $group->groupvalue_info);
$field->cat_list(0, 1, 0, $cat_where, "groupcat_id='0'", "");
// SET WHERE CLAUSE FOR MEMBER LIST
$where[] = "(se_groupmembers.groupmember_status='1')";
if ($search != "") {
$where[] = "(se_users.user_username LIKE '%{$search}%' OR CONCAT(se_users.user_fname, ' ', se_users.user_lname) LIKE '%{$search}%' OR se_users.user_email LIKE '%{$search}%')";
}
// GET TOTAL MEMBERS
$total_members = $group->group_member_total(implode(" AND ", $where), 1);
// MAKE MEMBER PAGES AND GET MEMBER ARRAY
$members_per_page = 10;
if ($v == "members") {
$p_members = $p;
} else {
$p_members = 1;
}
$profile_viewers_array[] = $user->user_info['user_id'];
krsort($profile_viewers_array);
$profile_viewers = implode(",", array_filter($profile_viewers_array));
}
}
$database->database_query("INSERT INTO se_profileviews (profileview_user_id, profileview_views, profileview_viewers) VALUES ('{$owner->user_info['user_id']}', '1', '{$profile_viewers}') ON DUPLICATE KEY UPDATE profileview_views=profileview_views+1, profileview_viewers='{$profile_viewers}'");
}
// DELETE COMMENT NOTIFICATIONS IF VIEWING COMMENT PAGE
if ($v == "comments" && $user->user_info['user_id'] == $owner->user_info['user_id']) {
$database->database_query("DELETE FROM se_notifys WHERE notify_user_id='{$owner->user_info['user_id']}' AND notify_notifytype_id='3' AND notify_object_id='{$owner->user_info['user_id']}'");
}
// GET PROFILE COMMENTS
$comment = new se_comment('profile', 'user_id', $owner->user_info['user_id']);
$total_comments = $comment->comment_total();
// GET PROFILE FIELDS
$field = new se_field("profile", $owner->profile_info);
$field->cat_list(0, 1, 0, "profilecat_id='{$owner->user_info['user_profilecat_id']}'", "", "");
// SET WHERE CLAUSE FOR FRIEND LIST
if ($search != "") {
$is_where = 1;
$where = "(se_users.user_username LIKE '%{$search}%' OR CONCAT(se_users.user_fname, ' ', se_users.user_lname) LIKE '%{$search}%' OR se_users.user_email LIKE '%{$search}%')";
} else {
$is_where = 0;
$where = "";
}
if ($m == 1 && $user->user_exists == 1) {
if ($where != "") {
$where .= " AND ";
}
$where .= "(SELECT TRUE FROM se_friends AS t1 WHERE t1.friend_user_id1='{$user->user_info['user_id']}' AND t1.friend_user_id2=se_friends.friend_user_id2)";
}
exit;
} else {
header("Location: user_editprofile_settings.php");
exit;
}
}
// INITIALIZE VARIABLES
$result = 0;
$is_error = 0;
// VALIDATE CAT ID
if ($task == "dosave") {
$validate = 1;
} else {
$validate = 0;
}
$field = new se_field("profile", $user->profile_info);
$field->cat_list($validate, 0, 0, "profilecat_id='{$user->user_info['user_profilecat_id']}'", "profilecat_id='{$cat_id}'");
$field_array = $field->fields;
if ($validate == 1) {
$is_error = $field->is_error;
}
if (count($field_array) == 0) {
header("Location: user_editprofile.php");
exit;
}
// SAVE PROFILE FIELDS
if ($task == "dosave" && $is_error == 0) {
// SAVE PROFILE VALUES
$profile_query = "UPDATE se_profilevalues SET {$field->field_query} WHERE profilevalue_user_id='{$user->user_info['user_id']}'";
$database->database_query($profile_query);
// Flush cached data
if (!empty($event->event_info['event_eventsubcat_id'])) {
$event->event_info['event_eventcat_id'] = $event->event_info['event_eventsubcat_id'];
}
// SAVE
$event->event_edit($event->event_info['event_title'], $event->event_info['event_desc'], $event->event_info['event_eventcat_id'], $event_date_start_processed, $event_date_end_processed, $event->event_info['event_host'], $event->event_info['event_location'], $field->field_query);
if (!$event->is_error) {
// SET RESULT MESSAGE
$result = TRUE;
// RESET RESULTS
$event->eventvalue_info = $database->database_fetch_assoc($database->database_query("SELECT * FROM se_eventvalues WHERE eventvalue_event_id='{$event->event_info['event_id']}' LIMIT 1"));
} else {
SE_Language::_preload($is_error = $event->is_error);
}
}
// GET FIELDS
$field = new se_field("event", $event->eventvalue_info);
$field->cat_list(0, 0, 0, "", "", "");
$cat_array = $field->cats;
if ($is_error) {
$eventcat_id = $event->event_info['event_eventcat_id'] ? $event->event_info['event_eventcat_id'] : '0';
$selected_cat_array = array_filter($cat_array, create_function('$a', 'if($a[cat_id] == "' . $eventcat_id . '") { return $a; }'));
while (list($key, $val) = each($selected_cat_array)) {
$cat_array[$key]['fields'] = $selected_fields;
}
}
// GET SUBCAT IF NECESSARY
$thiscat = $database->database_fetch_assoc($database->database_query("SELECT eventcat_id, eventcat_dependency FROM se_eventcats WHERE eventcat_id='{$event->event_info['event_eventcat_id']}' LIMIT 1"));
if (!$thiscat['eventcat_dependency']) {
$event->event_info['event_eventsubcat_id'] = 0;
} else {
$event->event_info['event_eventsubcat_id'] = $event->event_info['event_eventcat_id'];
if (in_array($browse_user->user_info['user_username'], $online_users_array[2])) {
$browse_user->is_online = 1;
} else {
$browse_user->is_online = 0;
}
$user_array[] = $browse_user;
}
// SET GLOBAL PAGE TITLE/DESCRIPTION
$global_page_title[0] = 1083;
$global_page_title[1] = "{$linked_field_title}: {$linked_field_value}";
$global_page_description[0] = 1084;
$global_page_description[1] = $total_users;
$global_page_description[2] = "{$linked_field_title}: {$linked_field_value}";
} else {
// START FIELD OBJECT
$field = new se_field("profile");
// GET CATS TO DISPLAY ACROSS TOP
$field->cat_list(0, 0, 0, "(SELECT TRUE FROM se_profilecats AS t2 LEFT JOIN se_profilefields ON t2.profilecat_id=se_profilefields.profilefield_profilecat_id WHERE t2.profilecat_dependency=se_profilecats.profilecat_id AND profilefield_search<>0 LIMIT 1)", "profilecat_id=0");
$cat_menu_array = $field->cats;
if (isset($_POST['cat_selected'])) {
$cat_selected = $_POST['cat_selected'];
} elseif (isset($_GET['cat_selected'])) {
$cat_selected = $_GET['cat_selected'];
} else {
$cat_selected = $cat_menu_array[0]['cat_id'];
}
// GET LIST OF FIELDS
$field->cat_list(0, 0, 1, "profilecat_id='{$cat_selected}'", "", "profilefield_search<>'0'");
$cat_array = $field->cats;
$url_string = $field->url_string;
// PERFORM SEARCH
}
// DELETE COMMENT NOTIFICATIONS /*IF VIEWING COMMENT PAGE*/
if ($user->user_info['user_id'] == $event->event_info['event_user_id']) {
$sql = "DELETE FROM se_notifys USING se_notifys LEFT JOIN se_notifytypes ON se_notifys.notify_notifytype_id=se_notifytypes.notifytype_id WHERE se_notifys.notify_user_id='{$event->event_info['event_user_id']}' AND se_notifytypes.notifytype_name='eventcomment' AND notify_object_id='{$event->event_info[event_id]}'";
$database->database_query($sql);
}
// GET EVENT MEDIA
$eventalbum_info = $database->database_fetch_assoc($database->database_query("SELECT eventalbum_id FROM se_eventalbums WHERE eventalbum_event_id='{$event->event_info['event_id']}' LIMIT 1"));
// GET EVENT FIELDS
$eventcat_info = $database->database_fetch_assoc($database->database_query("SELECT t1.eventcat_id AS subcat_id, t1.eventcat_title AS subcat_title, t1.eventcat_dependency AS subcat_dependency, t2.eventcat_id AS cat_id, t2.eventcat_title AS cat_title FROM se_eventcats AS t1 LEFT JOIN se_eventcats AS t2 ON t1.eventcat_dependency=t2.eventcat_id WHERE t1.eventcat_id='{$event->event_info['event_eventcat_id']}'"));
if ($eventcat_info['subcat_dependency'] == 0) {
$cat_where = "eventcat_id='{$event->event_info['event_eventcat_id']}'";
} else {
$cat_where = "eventcat_id='{$eventcat_info['subcat_dependency']}'";
}
$field = new se_field("event", $event->eventvalue_info);
$field->cat_list(0, 1, 0, $cat_where, "eventcat_id='0'", "");
// MAKE MEMBER PAGES AND GET TOTAL MEMBERS AND GET MEMBER ARRAY
$members_where_clause = array();
if ($v_members > 0 || $v_members === "0") {
$members_where_clause[] = "se_eventmembers.eventmember_status=1 && se_eventmembers.eventmember_approved=1 && se_eventmembers.eventmember_rsvp='{$v_members}'";
}
if ($v_members == -1) {
$members_where_clause[] = "se_eventmembers.eventmember_status=0 && se_eventmembers.eventmember_approved=1";
}
if ($v_members == -2) {
$members_where_clause[] = "se_eventmembers.eventmember_status=1 && se_eventmembers.eventmember_approved=0";
}
//if( !empty($search_members) )
// $members_where_clause[] = "(se_users.user_username LIKE '%{$search_members}%' OR se_users.user_email LIKE '%{$search_members}%' OR CONCAT(se_users.user_fname, ' ', se_users.user_lname) LIKE '%{$search_members}%')";
if (!empty($members_where_clause)) {
$eventsubcat = $eventcat;
$eventcat = $database->database_fetch_assoc($database->database_query("SELECT eventcat_id, eventcat_title FROM se_eventcats WHERE eventcat_id='{$eventcat['eventcat_dependency']}' LIMIT 1"));
}
}
}
// CREATE EVENT OBJECT
$event = new se_event();
// GET TOTAL EVENTS
$total_events = $event->event_total($where);
// MAKE ENTRY PAGES
$events_per_page = 10;
$page_vars = make_page($total_events, $events_per_page, $p);
// GET EVENT ARRAY
$event_array = $event->event_list($page_vars[0], $events_per_page, $s, $where, TRUE);
// GET CATS
$field = new se_field("event");
$field->cat_list(0, 0, 0, "", "", "eventfield_id=0");
$cat_array = $field->cats;
// SET GLOBAL PAGE TITLE
$global_page_title[0] = 3000274;
$global_page_description[0] = 3000275;
// ASSIGN SMARTY VARIABLES AND DISPLAY EVENTS PAGE
$smarty->assign('eventcat_id', $eventcat_id);
$smarty->assign('eventcat', $eventcat);
$smarty->assign('eventsubcat', $eventsubcat);
$smarty->assign('cats', $cat_array);
$smarty->assign('events', $event_array);
$smarty->assign('total_events', $total_events);
$smarty->assign('p', $page_vars[1]);
$smarty->assign('maxpage', $page_vars[2]);
$smarty->assign('p_start', $page_vars[0] + 1);
<?php
$page = "qinformer";
include "header.php";
$row_qinformer = '';
$sql = "\r\n\tSELECT user_id,user_profilecat_id\r\n\tFROM se_users WHERE user_username = '******'name']), ENT_QUOTES) . "' LIMIT 1";
$user_qinfo = $database->database_fetch_assoc($database->database_query($sql));
$info = new se_user(array($user_qinfo['user_id'], htmlspecialchars(trim($_GET['name']), ENT_QUOTES)));
$field = new se_field("profile", $info->profile_info);
$field->cat_list(0, 1, 0, "profilecat_id='" . $user_qinfo['user_profilecat_id'] . "'", "", "");
$qinformer_settings = get_qinformer_settings();
$row_qinformer .= "\r\n <tr>\r\n <td\twidth=40%>Username</td>\r\n <td width=60%>" . htmlspecialchars(trim($_GET['name']), ENT_QUOTES) . "</td>\r\n </tr>\r\n";
for ($i = 0; $i < count($field->fields_all); $i++) {
if (isset($qinformer_settings['fields']) && $qinformer_settings['fields']) {
$qinformer_fields = explode("|", $qinformer_settings['fields']);
$count_fields_enable = count($qinformer_fields);
if ($field->fields_all[$i]['field_value_formatted'] != '') {
for ($j = 0; $j < $count_fields_enable; $j++) {
$field_value = '';
if ($field->fields_all[$i]['field_id'] == $qinformer_fields[$j]) {
if ($field->fields_all[$i]['field_type'] == 1 || $field->fields_all[$i]['field_type'] == 2) {
$field_value = $field->fields_all[$i]['field_value_formatted'];
}
if ($field->fields_all[$i]['field_type'] == 3) {
for ($n = 0; $n < count($field->fields_all[$i]['field_options']); $n++) {
if ($field->fields_all[$i]['field_options'][$n]['value'] == $field->fields_all[$i]['field_value']) {
$field_value = $field->fields_all[$i]['field_value_formatted'];
}
}
}
if ($field->fields_all[$i]['field_type'] == 4) {
