/** * Build link to a month's page * * @param string $dir_topic current topic * @param int $year year to link to * @param int $month month to link to * @param int $count number of stories for that month (may be 0) * @return string month name + count, as link or plain text * */ function DIR_monthLink($dir_topic, $year, $month, $count) { global $_CONF, $LANG_MONTH; $retval = $LANG_MONTH[$month] . ' (' . COM_numberFormat($count) . ')' . LB; if ($count > 0) { $month_url = COM_buildUrl($_CONF['site_url'] . '/directory.php' . '?topic=' . urlencode($dir_topic) . '&year=' . $year . '&month=' . $month); $retval = COM_createLink($retval, $month_url); } $retval .= LB; return $retval; }
function _showSelectTree($aid = 0, $level = 0) { $album = new mgAlbum($aid); $retval = ''; $children = $album->getChildren(); if ($album->id != 0 && $album->access > 0) { $block = ''; if (!empty($children)) { $retval .= "<script type=\"text/javascript\"><!--" . LB . "function enableBlock" . $album->id . "() {" . LB . " if (document.galselect.elements['album[" . $album->id . "]'].checked) {" . LB; foreach ($children as $child) { $retval .= " document.galselect.elements['album[" . $child . "]'].disabled = true;" . LB; $retval .= " document.galselect.elements['album[" . $child . "]'].checked = true;" . LB; } $retval .= " } else {" . LB; foreach ($children as $child) { $retval .= " document.galselect.elements['album[" . $child . "]'].disabled = false;" . LB; $retval .= " document.galselect.elements['album[" . $child . "]'].checked = false;" . LB; } $retval .= " }" . LB; foreach ($children as $child) { $child_of_child = $album->getChildren($child); if (!empty($child_of_child)) { $retval .= ' enableBlock' . $child . '();' . LB; } } $retval .= "}" . LB . "// -->" . LB . "</script>" . LB; $block = 'onclick="enableBlock' . $album->id . '()" onchange="enableBlock' . $album->id . '()"'; } if ($album->parent != 0) { $block = ''; } $px = ($level - 1) * 15; $retval .= '<div style="margin-left:' . $px . 'px;">' . '<input type="checkbox" name="album[' . $album->id . ']" id="album_' . $album->id . '" value="1" ' . $block . XHTML . '> ' . strip_tags($album->title) . ' (' . COM_numberFormat($album->album_disk_usage / 1024) . ' Kb)</div>' . LB; } $level++; foreach ($children as $child) { $retval .= _showSelectTree($child, $level); } return $retval; }
/** * This function used to send out reminders to users to access the site or account may be deleted * * @return string HTML with success or error message * */ function batchreminders() { global $_CONF, $_TABLES, $LANG04, $LANG28; $msg = ''; $user_list = array(); if (isset($_POST['delitem'])) { $user_list = $_POST['delitem']; } if (count($user_list) == 0) { $msg = $LANG28[79] . '<br' . XHTML . '>'; } $c = 0; if (isset($_POST['delitem']) and is_array($_POST['delitem'])) { foreach ($_POST['delitem'] as $delitem) { $userid = COM_applyFilter($delitem); $useremail = DB_getItem($_TABLES['users'], 'email', "uid = '{$userid}'"); $username = DB_getItem($_TABLES['users'], 'username', "uid = '{$userid}'"); $lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '{$userid}'"); $lasttime = COM_getUserDateTimeFormat($lastlogin); if (file_exists($_CONF['path_data'] . 'reminder_email.txt')) { $template = COM_newTemplate($_CONF['path_data']); $template->set_file(array('mail' => 'reminder_email.txt')); $template->set_var('site_name', $_CONF['site_name']); $template->set_var('site_slogan', $_CONF['site_slogan']); $template->set_var('lang_username', $LANG04[2]); $template->set_var('username', $username); $template->set_var('name', COM_getDisplayName($uid)); $template->set_var('lastlogin', $lasttime[0]); $template->parse('output', 'mail'); $mailtext = $template->finish($template->get_var('output')); } else { if ($lastlogin == 0) { $mailtext = $LANG28[83] . "\n\n"; } else { $mailtext = sprintf($LANG28[82], $lasttime[0]) . "\n\n"; } $mailtext .= sprintf($LANG28[84], $username) . "\n"; $mailtext .= sprintf($LANG28[85], $_CONF['site_url'] . '/users.php?mode=getpassword') . "\n\n"; } $subject = sprintf($LANG28[81], $_CONF['site_name']); if ($_CONF['site_mail'] !== $_CONF['noreply_mail']) { $mailfrom = $_CONF['noreply_mail']; $mailtext .= LB . LB . $LANG04[159]; } else { $mailfrom = $_CONF['site_mail']; } if (COM_mail($useremail, $subject, $mailtext, $mailfrom)) { DB_query("UPDATE {$_TABLES['users']} SET num_reminders=num_reminders+1 WHERE uid={$userid}"); $c++; } else { COM_errorLog("Error attempting to send account reminder to use:{$username} ({$userid})"); } } } // Since this function is used for deletion only, its necessary to say that // zero where deleted instead of just leaving this message away. COM_numberFormat($c); // just in case we have more than 999).. $msg .= "{$LANG28[80]}: {$c}<br" . XHTML . ">\n"; return $msg; }
/** * List all backups, i.e. all files ending in .sql or .sql.gz * * @return string HTML for the list of files or an error when not writable */ function DBADMIN_list() { global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG08, $LANG_ADMIN, $LANG_DB_BACKUP; global $token; USES_lib_admin(); $retval = ''; if (is_writable($_CONF['backup_path'])) { $backups = array(); $fd = opendir($_CONF['backup_path']); $index = 0; while (false !== ($file = @readdir($fd))) { if ($file != '.' && $file != '..' && $file != 'CVS' && preg_match('/\\.sql(\\.gz)?$/i', $file)) { $index++; clearstatcache(); $backups[] = $file; } } // AS, 2004-03-29 - Sort backup files by date, newest first. // Order given by 'readdir' might not be correct. usort($backups, 'DBADMIN_compareBackupFiles'); $data_arr = array(); $diskIconUrl = $_CONF['layout_url'] . '/images/admin/disk.' . $_IMAGE_TYPE; $attr['title'] = $LANG_DB_BACKUP['download']; $alt = $LANG_DB_BACKUP['download']; $num_backups = count($backups); $icon_img = COM_createImage($diskIconUrl, $alt, $attr); for ($i = 0; $i < $num_backups; $i++) { $downloadUrl = LGLIB_ADMIN_URL . '/index.php?download=x&file=' . urlencode($backups[$i]); $downloadLink = COM_createLink($icon_img, $downloadUrl, $attr); $downloadLink .= ' '; $attr['style'] = 'vertical-align:top;'; $downloadLink .= COM_createLink($backups[$i], $downloadUrl, $attr); $backupfile = $_CONF['backup_path'] . $backups[$i]; $backupfilesize = COM_numberFormat(filesize($backupfile)) . ' <b>' . $LANG_DB_BACKUP['bytes'] . '</b>'; $data_arr[$i] = array('file' => $downloadLink, 'size' => $backupfilesize, 'filename' => $backups[$i]); } $retval .= DBADMIN_menu("<p>{$LANG_DB_BACKUP['db_explanation']}</p><p>" . sprintf($LANG_DB_BACKUP['total_number'], $index) . '</p>'); $header_arr = array(array('text' => $LANG_DB_BACKUP['backup_file'], 'field' => 'file'), array('text' => $LANG_DB_BACKUP['size'], 'field' => 'size')); $text_arr = array('form_url' => LGLIB_ADMIN_URL . '/index.php'); $form_arr = array('bottom' => '', 'top' => ''); if ($num_backups > 0) { $form_arr['bottom'] = '<input type="hidden" name="delete" value="x" />' . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '" />' . LB; } $options = array('chkselect' => true, 'chkminimum' => 0, 'chkfield' => 'filename'); $retval .= ADMIN_simpleList('', $header_arr, $text_arr, $data_arr, $options, $form_arr); $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); } else { $retval .= COM_startBlock($LANG08[06], '', COM_getBlockTemplate('_msg_block', 'header')); $retval .= $LANG_DB_BACKUP['no_access']; COM_errorLog($_CONF['backup_path'] . ' is not writable.', 1); $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); } return $retval; }
function links_edit_category($cid, $pid) { global $_CONF, $_TABLES, $_USER, $MESSAGE, $LANG_LINKS_ADMIN, $LANG_ADMIN, $LANG_ACCESS, $_LI_CONF; $retval = ''; $cid = addslashes($cid); if (!empty($pid)) { // have parent id, so making a new subcategory // get parent access rights $result = DB_query("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['linkcategories']} WHERE cid='" . addslashes($pid) . "'"); $A = DB_fetchArray($result); $A['owner_id'] = $_USER['uid']; $A['pid'] = $pid; } elseif (!empty($cid)) { // have category id, so editing a category $sql = "SELECT * FROM {$_TABLES['linkcategories']} WHERE cid='{$cid}'" . COM_getPermSQL('AND'); $result = DB_query($sql); $A = DB_fetchArray($result); } else { // nothing, so making a new top-level category // get default access rights $A['group_id'] = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Links Admin'"); SEC_setDefaultPermissions($A, $_LI_CONF['category_permissions']); $A['owner_id'] = $_USER['uid']; $A['pid'] = $_LI_CONF['root']; } $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); if ($access < 3) { return COM_showMessage(6, 'links'); } $token = SEC_createToken(); $retval .= COM_startBlock($LANG_LINKS_ADMIN[56], '', COM_getBlockTemplate('_admin_block', 'header')); $retval .= SEC_getTokenExpiryNotice($token); $T = new Template($_CONF['path'] . 'plugins/links/templates/admin'); $T->set_file(array('page' => 'categoryeditor.thtml')); $T->set_var('xhtml', XHTML); $T->set_var('site_url', $_CONF['site_url']); $T->set_var('site_admin_url', $_CONF['site_admin_url']); $T->set_var('layout_url', $_CONF['layout_url']); $T->set_var('lang_pagetitle', $LANG_LINKS_ADMIN[28]); $T->set_var('lang_link_list', $LANG_LINKS_ADMIN[53]); $T->set_var('lang_new_link', $LANG_LINKS_ADMIN[51]); $T->set_var('lang_validate_links', $LANG_LINKS_ADMIN[26]); $T->set_var('lang_list_categories', $LANG_LINKS_ADMIN[50]); $T->set_var('lang_new_category', $LANG_LINKS_ADMIN[52]); $T->set_var('lang_admin_home', $LANG_ADMIN['admin_home']); $T->set_var('instructions', $LANG_LINKS_ADMIN[29]); $T->set_var('lang_category', $LANG_LINKS_ADMIN[30]); $T->set_var('lang_cid', $LANG_LINKS_ADMIN[32]); $T->set_var('lang_description', $LANG_LINKS_ADMIN[31]); $T->set_var('lang_topic', $LANG_LINKS_ADMIN[33]); $T->set_var('lang_parent', $LANG_LINKS_ADMIN[34]); $T->set_var('lang_save', $LANG_ADMIN['save']); if (!empty($cid)) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $T->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $T->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); } else { $T->set_var('delete_option', ''); } $T->set_var('lang_cancel', $LANG_ADMIN['cancel']); if (!empty($cid)) { $T->set_var('cid_value', $A['cid']); $T->set_var('old_cid_value', $A['cid']); $T->set_var('category_options', links_select_box(3, $A['pid'])); $T->set_var('category_value', $A['category']); $T->set_var('description_value', $A['description']); } else { $A['cid'] = COM_makeSid(); $T->set_var('cid_value', $A['cid']); $T->set_var('old_cid_value', ''); $T->set_var('category_options', links_select_box(3, $A['pid'])); $T->set_var('category_value', ''); $T->set_var('description_value', ''); } if (!isset($A['tid'])) { $A['tid'] = 'all'; } $topics = COM_topicList('tid,topic', $A['tid'], 1, true); $T->set_var('topic_list', $topics); $alltopics = '<option value="all"'; if ($A['tid'] == 'all') { $alltopics .= ' selected="selected"'; } $alltopics .= '>' . $LANG_LINKS_ADMIN[35] . '</option>' . LB; $T->set_var('topic_selection', '<select name="tid">' . $alltopics . $topics . '</select>'); if (empty($cid)) { $num_links = $LANG_ADMIN['na']; } else { $nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['links']} WHERE cid='{$cid}'" . COM_getPermSQL('AND')); $N = DB_fetchArray($nresult); $num_links = COM_numberFormat($N['count']); } $T->set_var('lang_num_links', $LANG_LINKS_ADMIN[61]); $T->set_var('num_links', $num_links); // user access info $T->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $T->set_var('lang_owner', $LANG_ACCESS['owner']); $T->set_var('owner_name', COM_getDisplayName($A['owner_id'])); $T->set_var('cat_ownerid', $A['owner_id']); $T->set_var('lang_group', $LANG_ACCESS['group']); $T->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $T->set_var('lang_permissions', $LANG_ACCESS['permissions']); $T->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']); $T->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $T->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); $T->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $T->set_var('lang_lockmsg', $LANG_ACCESS['permmsg']); $T->set_var('gltoken_name', CSRF_TOKEN); $T->set_var('gltoken', $token); $T->parse('output', 'page'); $retval .= $T->finish($T->get_var('output')); $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); return $retval; }
if (SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 && SEC_hasRights('calendarjp.edit')) { $editurl = $_CONF['site_admin_url'] . '/plugins/calendarjp/index.php?mode=edit&eid=' . $A['eid']; $cal_templates->set_var('event_edit', COM_createLink($LANG01[4], $editurl)); $img = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>'; $cal_templates->set_var('edit_icon', COM_createLink($img, $editurl)); $cal_templates->set_var('hits_admin', COM_numberFormat($A['hits'])); $cal_templates->set_var('lang_hits_admin', $LANG10[30]); } else { $cal_templates->set_var('event_edit', ''); $cal_templates->set_var('edit_icon', ''); } } if ($mode == 'personal') { // personal events don't have a hits counter $cal_templates->set_var('lang_hits', ''); $cal_templates->set_var('hits', ''); } else { $cal_templates->set_var('lang_hits', $LANG10[30]); $cal_templates->set_var('hits', COM_numberFormat($A['hits'])); } $cal_templates->parse('event_details', 'details', true); } } $cal_templates->parse('output', 'events'); $display .= $cal_templates->finish($cal_templates->get_var('output')); } $display .= COM_endBlock(); $display = COM_createHTMLDocument($display, array('pagetitle' => $pagetitle)); } // end switch COM_output($display);
/** * Show topic administration form * * @param string tid ID of topic to edit * @return string HTML for the topic editor * */ function edittopic($tid = '') { global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE; $retval = ''; if (empty($tid)) { // new topic - set defaults $A = array(); $A['tid'] = ''; $A['topic'] = ''; $A['sortnum'] = 0; $A['limitnews'] = ''; // leave empty! $A['is_default'] = 0; $A['archive_flag'] = 0; } else { $result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'"); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); if ($access == 0 or $access == 2) { $retval .= COM_startBlock($LANG27[12], '', COM_getBlockTemplate('_msg_block', 'header')); $retval .= $LANG27[13]; $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}."); return $retval; } } $token = SEC_createToken(); $retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header')); $retval .= SEC_getTokenExpiryNotice($token); if (!is_array($A) || empty($A['owner_id'])) { $A['owner_id'] = $_USER['uid']; // this is the one instance where we default the group // most topics should belong to the Topic Admin group if (isset($_GROUPS['Topic Admin'])) { $A['group_id'] = $_GROUPS['Topic Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('topic.edit'); } SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']); $access = 3; } $topic_templates = new Template($_CONF['path_layout'] . 'admin/topic'); $topic_templates->set_file('editor', 'topiceditor.thtml'); $topic_templates->set_var('xhtml', XHTML); $topic_templates->set_var('site_url', $_CONF['site_url']); $topic_templates->set_var('site_admin_url', $_CONF['site_admin_url']); $topic_templates->set_var('layout_url', $_CONF['layout_url']); if (!empty($tid) && SEC_hasRights('topic.edit')) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $topic_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $topic_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); $topic_templates->set_var('warning_msg', $LANG27[6]); } $topic_templates->set_var('lang_topicid', $LANG27[2]); $topic_templates->set_var('topic_id', $A['tid']); $topic_templates->set_var('lang_donotusespaces', $LANG27[5]); $topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']); $ownername = COM_getDisplayName($A['owner_id']); $topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}")); $topic_templates->set_var('owner_name', $ownername); $topic_templates->set_var('owner', $ownername); $topic_templates->set_var('owner_id', $A['owner_id']); $topic_templates->set_var('lang_group', $LANG_ACCESS['group']); $topic_templates->set_var('lang_save', $LANG_ADMIN['save']); $topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']); $topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']); $topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']); $topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']); $topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); // show sort order only if they specified sortnum as the sort method if ($_CONF['sortmethod'] != 'alpha') { $topic_templates->set_var('lang_sortorder', $LANG27[10]); if ($A['sortnum'] == 0) { $A['sortnum'] = ''; } $topic_templates->set_var('sort_order', '<input type="text" size="3" maxlength="3" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>'); } else { $topic_templates->set_var('lang_sortorder', $LANG27[14]); $topic_templates->set_var('sort_order', $LANG27[15]); } $topic_templates->set_var('lang_storiesperpage', $LANG27[11]); if ($A['limitnews'] == 0) { $topic_templates->set_var('story_limit', ''); } else { $topic_templates->set_var('story_limit', $A['limitnews']); } $topic_templates->set_var('default_limit', $_CONF['limitnews']); $topic_templates->set_var('lang_defaultis', $LANG27[16]); $topic_templates->set_var('lang_topicname', $LANG27[3]); $topic_templates->set_var('topic_name', stripslashes($A['topic'])); if (empty($A['tid'])) { $A['imageurl'] = '/images/topics/'; } $topic_templates->set_var('lang_topicimage', $LANG27[4]); $topic_templates->set_var('lang_uploadimage', $LANG27[27]); $topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']); $topic_templates->set_var('lang_maxsize', $LANG27[28]); $topic_templates->set_var('max_url_length', 255); $topic_templates->set_var('image_url', $A['imageurl']); $topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']); $topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']); if (!empty($A['meta_description'])) { $topic_templates->set_var('meta_description', $A['meta_description']); } if (!empty($A['meta_keywords'])) { $topic_templates->set_var('meta_keywords', $A['meta_keywords']); } $topic_templates->set_var('lang_defaulttopic', $LANG27[22]); $topic_templates->set_var('lang_defaulttext', $LANG27[23]); if ($A['is_default'] == 1) { $topic_templates->set_var('default_checked', 'checked="checked"'); } else { $topic_templates->set_var('default_checked', ''); } $topic_templates->set_var('lang_archivetopic', $LANG27[25]); $topic_templates->set_var('lang_archivetext', $LANG27[26]); $topic_templates->set_var('archive_disabled', ''); if ($A['archive_flag'] == 1) { $topic_templates->set_var('archive_checked', 'checked="checked"'); } else { $topic_templates->set_var('archive_checked', ''); // Only 1 topic can be the archive topic - so check if there already is one if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) { $topic_templates->set_var('archive_disabled', 'disabled'); } } if (empty($tid)) { $num_stories = $LANG_ADMIN['na']; } else { $nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE tid = '" . addslashes($tid) . "'" . COM_getPermSql('AND')); $N = DB_fetchArray($nresult); $num_stories = COM_numberFormat($N['count']); } $topic_templates->set_var('lang_num_stories', $LANG27[30]); $topic_templates->set_var('num_stories', $num_stories); $topic_templates->set_var('gltoken_name', CSRF_TOKEN); $topic_templates->set_var('gltoken', $token); $topic_templates->parse('output', 'editor'); $retval .= $topic_templates->finish($topic_templates->get_var('output')); $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); return $retval; }
/** * Shows a profile for a user * * This grabs the user profile for a given user and displays it * * @param int $user User ID of profile to get * @param int $msg Message to display (if != 0) * @return string HTML for user profile page * */ function userprofile($user, $msg = 0) { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG_LOGIN; $retval = ''; if (empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) { $retval .= COM_siteHeader('menu'); $retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header')); $login = new Template($_CONF['path_layout'] . 'submit'); $login->set_file(array('login' => 'submitloginrequired.thtml')); $login->set_var('xhtml', XHTML); $login->set_var('login_message', $LANG_LOGIN[2]); $login->set_var('site_url', $_CONF['site_url']); $login->set_var('site_admin_url', $_CONF['site_admin_url']); $login->set_var('layout_url', $_CONF['layout_url']); $login->set_var('lang_login', $LANG_LOGIN[3]); $login->set_var('lang_newuser', $LANG_LOGIN[4]); $login->parse('output', 'login'); $retval .= $login->finish($login->get_var('output')); $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $retval .= COM_siteFooter(); return $retval; } $result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = {$user}"); $nrows = DB_numRows($result); if ($nrows == 0) { // no such user return COM_refresh($_CONF['site_url'] . '/index.php'); } $A = DB_fetchArray($result); $display_name = COM_getDisplayName($user, $A['username'], $A['fullname']); // format date/time to user preference $curtime = COM_getUserDateTimeFormat($A['regdate']); $A['regdate'] = $curtime[0]; $user_templates = new Template($_CONF['path_layout'] . 'users'); $user_templates->set_file(array('profile' => 'profile.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml')); $user_templates->set_var('xhtml', XHTML); $user_templates->set_var('site_url', $_CONF['site_url']); $user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name)); $user_templates->set_var('end_block', COM_endBlock()); $user_templates->set_var('lang_username', $LANG04[2]); if ($_CONF['show_fullname'] == 1) { $user_templates->set_var('username', $A['fullname']); $user_templates->set_var('user_fullname', $A['username']); } else { $user_templates->set_var('username', $A['username']); $user_templates->set_var('user_fullname', $A['fullname']); } if (SEC_hasRights('user.edit')) { global $_IMAGE_TYPE, $LANG_ADMIN; $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>'; $edit_link_url = COM_createLink($edit_icon, "{$_CONF['site_admin_url']}/user.php?mode=edit&uid={$A['uid']}"); $user_templates->set_var('edit_link', $edit_link_url); } $photo = USER_getPhoto($user, $A['photo'], $A['email'], -1); $user_templates->set_var('user_photo', $photo); $user_templates->set_var('lang_membersince', $LANG04[67]); $user_templates->set_var('user_regdate', $A['regdate']); $user_templates->set_var('lang_email', $LANG04[5]); $user_templates->set_var('user_id', $user); $user_templates->set_var('lang_sendemail', $LANG04[81]); $user_templates->set_var('lang_homepage', $LANG04[6]); $user_templates->set_var('user_homepage', COM_killJS($A['homepage'])); $user_templates->set_var('lang_location', $LANG04[106]); $user_templates->set_var('user_location', strip_tags($A['location'])); $user_templates->set_var('lang_bio', $LANG04[7]); $user_templates->set_var('user_bio', nl2br(stripslashes($A['about']))); $user_templates->set_var('lang_pgpkey', $LANG04[8]); $user_templates->set_var('user_pgp', nl2br($A['pgpkey'])); $user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name)); $user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name)); $user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name)); $user_templates->set_var('lang_title', $LANG09[16]); $user_templates->set_var('lang_date', $LANG09[17]); // for alternative layouts: use these as headlines instead of block titles $user_templates->set_var('headline_last10stories', $LANG04[82]); $user_templates->set_var('headline_last10comments', $LANG04[10]); $user_templates->set_var('headline_postingstats', $LANG04[83]); $result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL()); $nrows = DB_numRows($result); $tids = array(); for ($i = 0; $i < $nrows; $i++) { $T = DB_fetchArray($result); $tids[] = $T['tid']; } $topics = "'" . implode("','", $tids) . "'"; // list of last 10 stories by this user if (count($tids) > 0) { $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND'); $sql .= " ORDER BY unixdate DESC LIMIT 10"; $result = DB_query($sql); $nrows = DB_numRows($result); } else { $nrows = 0; } if ($nrows > 0) { for ($i = 0; $i < $nrows; $i++) { $C = DB_fetchArray($result); $user_templates->set_var('cssid', $i % 2 + 1); $user_templates->set_var('row_number', $i + 1 . '.'); $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']); $user_templates->set_var('article_url', $articleUrl); $C['title'] = str_replace('$', '$', $C['title']); $user_templates->set_var('story_title', COM_createLink(stripslashes($C['title']), $articleUrl, array('class' => 'b'))); $storytime = COM_getUserDateTimeFormat($C['unixdate']); $user_templates->set_var('story_date', $storytime[0]); $user_templates->parse('story_row', 'strow', true); } } else { $user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>'); } // list of last 10 comments by this user $sidArray = array(); if (count($tids) > 0) { // first, get a list of all stories the current visitor has access to $sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND'); $result = DB_query($sql); $numsids = DB_numRows($result); for ($i = 1; $i <= $numsids; $i++) { $S = DB_fetchArray($result); $sidArray[] = $S['sid']; } } $sidList = implode("', '", $sidArray); $sidList = "'{$sidList}'"; // then, find all comments by the user in those stories $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = {$user}) GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)"; // SQL NOTE: Using a HAVING clause is usually faster than a where if the // field is part of the select // if (!empty ($sidList)) { // $sql .= " AND (sid in ($sidList))"; // } if (!empty($sidList)) { $sql .= " HAVING sid in ({$sidList})"; } $sql .= " ORDER BY unixdate DESC LIMIT 10"; $result = DB_query($sql); $nrows = DB_numRows($result); if ($nrows > 0) { for ($i = 0; $i < $nrows; $i++) { $C = DB_fetchArray($result); $user_templates->set_var('cssid', $i % 2 + 1); $user_templates->set_var('row_number', $i + 1 . '.'); $comment_url = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $C['cid']; $C['title'] = str_replace('$', '$', $C['title']); $user_templates->set_var('comment_title', COM_createLink(stripslashes($C['title']), $comment_url, array('class' => 'b'))); $commenttime = COM_getUserDateTimeFormat($C['unixdate']); $user_templates->set_var('comment_date', $commenttime[0]); $user_templates->parse('comment_row', 'row', true); } } else { $user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>'); } // posting stats for this user $user_templates->set_var('lang_number_stories', $LANG04[84]); $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND'); $result = DB_query($sql); $N = DB_fetchArray($result); $user_templates->set_var('number_stories', COM_numberFormat($N['count'])); $user_templates->set_var('lang_number_comments', $LANG04[85]); $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = {$user})"; if (!empty($sidList)) { $sql .= " AND (sid in ({$sidList}))"; } $result = DB_query($sql); $N = DB_fetchArray($result); $user_templates->set_var('number_comments', COM_numberFormat($N['count'])); $user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name); // Call custom registration function if enabled and exists if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) { $user_templates->set_var('customfields', CUSTOM_userDisplay($user)); } PLG_profileVariablesDisplay($user, $user_templates); $user_templates->parse('output', 'profile'); $retval .= $user_templates->finish($user_templates->get_var('output')); $retval .= PLG_profileBlocksDisplay($user); return $retval; }
/** * This function displays the comment control bar * * Prints the control that allows the user to interact with Geeklog Comments * * @param string $sid ID of item in question * @param string $title Title of item * @param string $type Type of item (i.e. article, photo, etc) * @param string $order Order that comments are displayed in * @param string $mode Mode (nested, flat, etc.) * @param int $ccode Comment code: -1=no comments, 0=allowed, 1=closed * @return string HTML Formated comment bar * @see CMT_userComments * */ function CMT_commentBar($sid, $title, $type, $order, $mode, $ccode = 0) { global $_CONF, $_TABLES, $_USER, $LANG01; $parts = explode('/', $_SERVER['PHP_SELF']); $page = array_pop($parts); $nrows = DB_count($_TABLES['comments'], array('sid', 'type'), array($sid, $type)); $commentbar = new Template($_CONF['path_layout'] . 'comment'); $commentbar->set_file(array('commentbar' => 'commentbar.thtml')); $commentbar->set_var('xhtml', XHTML); $commentbar->set_var('site_url', $_CONF['site_url']); $commentbar->set_var('site_admin_url', $_CONF['site_admin_url']); $commentbar->set_var('layout_url', $_CONF['layout_url']); $commentbar->set_var('lang_comments', $LANG01[3]); $commentbar->set_var('lang_refresh', $LANG01[39]); $commentbar->set_var('lang_reply', $LANG01[60]); $commentbar->set_var('lang_disclaimer', $LANG01[26]); if ($ccode == 0) { $commentbar->set_var('reply_hidden_or_submit', 'submit'); } else { $commentbar->set_var('reply_hidden_or_submit', 'hidden'); } $commentbar->set_var('num_comments', COM_numberFormat($nrows)); $commentbar->set_var('comment_type', $type); $commentbar->set_var('sid', $sid); $cmt_title = stripslashes($title); $commentbar->set_var('story_title', $cmt_title); // Article's are pre-escaped. if ($type != 'article') { $cmt_title = htmlspecialchars($cmt_title); } $commentbar->set_var('comment_title', $cmt_title); if ($type == 'article') { $articleUrl = COM_buildUrl($_CONF['site_url'] . "/article.php?story={$sid}"); } else { // for a plugin /** * Link to plugin defined link or lacking that a generic link * that the plugin should support (hopefully) */ list($plgurl, $plgid) = PLG_getCommentUrlId($type); $articleUrl = "{$plgurl}?{$plgid}={$sid}"; } $commentbar->set_var('article_url', $articleUrl); if ($page == 'comment.php') { $link = COM_createLink($cmt_title, $articleUrl, array('class' => 'non-ul b')); $commentbar->set_var('story_link', $link); $commentbar->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '" class="non-ul">'); $commentbar->set_var('end_storylink_anchortag', '</a>'); } else { $commentbar->set_var('story_link', $articleUrl); } if (!empty($_USER['uid']) && $_USER['uid'] > 1) { $username = $_USER['username']; $fullname = $_USER['fullname']; } else { $result = DB_query("SELECT username,fullname FROM {$_TABLES['users']} WHERE uid = 1"); $N = DB_fetchArray($result); $username = $N['username']; $fullname = $N['fullname']; } if (empty($fullname)) { $fullname = $username; } $commentbar->set_var('user_name', $username); $commentbar->set_var('user_fullname', $fullname); if (!empty($_USER['username'])) { $author = COM_getDisplayName($_USER['uid'], $username, $fullname); $commentbar->set_var('user_nullname', $author); $commentbar->set_var('author', $author); $commentbar->set_var('login_logout_url', $_CONF['site_url'] . '/users.php?mode=logout'); $commentbar->set_var('lang_login_logout', $LANG01[35]); } else { $commentbar->set_var('user_nullname', ''); $commentbar->set_var('login_logout_url', $_CONF['site_url'] . '/users.php?mode=new'); $commentbar->set_var('lang_login_logout', $LANG01[61]); } if ($page == 'comment.php') { $commentbar->set_var('parent_url', $_CONF['site_url'] . '/comment.php'); $hidden = ''; if ($_REQUEST['mode'] == 'view') { $hidden .= '<input type="hidden" name="cid" value="' . $_REQUEST['cid'] . '"' . XHTML . '>'; $hidden .= '<input type="hidden" name="pid" value="' . $_REQUEST['cid'] . '"' . XHTML . '>'; } else { if ($_REQUEST['mode'] == 'display') { $hidden .= '<input type="hidden" name="pid" value="' . $_REQUEST['pid'] . '"' . XHTML . '>'; } } $commentbar->set_var('hidden_field', $hidden . '<input type="hidden" name="mode" value="' . $_REQUEST['mode'] . '"' . XHTML . '>'); } else { if ($type == 'article') { $commentbar->set_var('parent_url', $_CONF['site_url'] . '/article.php'); $commentbar->set_var('hidden_field', '<input type="hidden" name="story" value="' . $sid . '"' . XHTML . '>'); } else { // plugin // Link to plugin defined link or lacking that a generic link that the plugin should support (hopefully) list($plgurl, $plgid) = PLG_getCommentUrlId($type); $commentbar->set_var('parent_url', $plgurl); $commentbar->set_var('hidden_field', '<input type="hidden" name="' . $plgid . '" value="' . $sid . '"' . XHTML . '>'); } } // Order $selector = '<select name="order">' . LB . COM_optionList($_TABLES['sortcodes'], 'code,name', $order) . LB . '</select>'; $commentbar->set_var('order_selector', $selector); // Mode if ($page == 'comment.php') { $selector = '<select name="format">'; } else { $selector = '<select name="mode">'; } $selector .= LB . COM_optionList($_TABLES['commentmodes'], 'mode,name', $mode) . LB . '</select>'; $commentbar->set_var('mode_selector', $selector); return $commentbar->finish($commentbar->parse('output', 'commentbar')); }
/** * Get the variables from the return URL to display a "thank-you" * message to the buyer. * * @uses getMainUrl() * @uses PaymentGw::Description() * @param array $A Optionally override the $_GET parameters * @return array Array of standard name=>value pairs */ public function thanksVars($A = '') { if (empty($A)) { $A = $_GET; // Amazon's returnUrl uses $_GET } list($currency, $amount) = preg_split('/\\s+/', $A['transactionAmount']); $amount = COM_numberFormat($amount, 2); $R = array('payment_date' => strftime('%d %b %Y @ %H:%M:%S', $A['transactionDate']), 'currency' => $currency, 'payment_amount' => $amount, 'gateway_url' => self::getMainUrl(), 'gateway_name' => self::Description()); return $R; }
/** * This function used to send out reminders to users to access the site or account may be deleted * * @return string HTML with success or error message * */ function USER_sendReminders() { global $_CONF, $_TABLES, $LANG04, $LANG28; $msg = ''; $user_list = array(); if (isset($_POST['delitem'])) { $user_list = $_POST['delitem']; } $nusers = count($user_list); if (count($user_list) == 0) { $msg = $LANG28[79] . '<br/>'; } else { $c = 0; if (isset($_POST['delitem']) and is_array($_POST['delitem'])) { foreach ($_POST['delitem'] as $delitem) { $uid = COM_applyFilter($delitem); $useremail = DB_getItem($_TABLES['users'], 'email', "uid = '{$uid}'"); $username = DB_getItem($_TABLES['users'], 'username', "uid = '{$uid}'"); $lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '{$uid}'"); $lasttime = COM_getUserDateTimeFormat($lastlogin); if (file_exists($_CONF['path_data'] . 'reminder_email.txt')) { $template = new Template($_CONF['path_data']); $template->set_file(array('mail' => 'reminder_email.txt')); $template->set_var('site_url', $_CONF['site_url']); $template->set_var('site_name', $_CONF['site_name']); $template->set_var('site_slogan', $_CONF['site_slogan']); $template->set_var('lang_username', $LANG04[2]); $template->set_var('username', $username); $template->set_var('name', COM_getDisplayName($uid)); $template->set_var('lastlogin', $lasttime[0]); $template->parse('output', 'mail'); $mailtext = $template->get_var('output'); } else { if ($lastlogin == 0) { $mailtext = $LANG28[83] . "\n\n"; } else { $mailtext = sprintf($LANG28[82], $lasttime[0]) . "\n\n"; } $mailtext .= sprintf($LANG28[84], $username) . "\n"; $mailtext .= sprintf($LANG28[85], $_CONF['site_url'] . '/users.php?mode=getpassword') . "\n\n"; } $subject = sprintf($LANG28[81], $_CONF['site_name']); if ($_CONF['site_mail'] !== $_CONF['noreply_mail']) { $mailfrom = $_CONF['noreply_mail']; global $LANG_LOGIN; $mailtext .= LB . LB . $LANG04[159]; } else { $mailfrom = $_CONF['site_mail']; } $to = array(); $to = COM_formatEmailAddress($username, $useremail); $from = array(); $from = COM_formatEmailAddress('', $mailfrom); if (COM_mail($to, $subject, $mailtext, $from)) { DB_query("UPDATE {$_TABLES['users']} SET num_reminders=num_reminders+1 WHERE uid={$uid}"); $c++; } else { COM_errorLog("Error attempting to send account reminder to user: {$username} ({$uid})"); } } } COM_numberFormat($c); // just in case we have more than 999).. $msg .= "{$LANG28[80]}: {$c}<br/>\n"; } return $msg; }
function MG_listDir($dir, $album_id, $purgefiles, $recurse) { global $_CONF, $_TABLES, $_MG_CONF, $LANG_MG01, $LANG_MG02, $destDirCount, $pCount; // What we may do is scan for directories first, build that array // then scan for files and build that array, I always want the directories to be on the top! // array_multisort() $x = strlen($_MG_CONF['ftp_path']); $x--; if ($_MG_CONF['ftp_path'][$x] == '/' || $_MG_CONF['ftp_path'][$x] == '\\') { $directory = $_MG_CONF['ftp_path'] . $dir; } else { $directory = $_MG_CONF['ftp_path'] . '/' . $dir; } if (!@is_dir($directory)) { return COM_showMessageText($LANG_MG02['invalid_directory'] . '<br' . XHTML . '>' . $directory . ' [ <a href=\'javascript:history.go(-1)\'>' . $LANG_MG02['go_back'] . '</a> ]'); } if (!($dh = @opendir($directory))) { return COM_showMessageText($LANG_MG02['directory_error'] . ' [ <a href=\'javascript:history.go(-1)\'>' . $LANG_MG02['go_back'] . '</a> ]'); } $directory = trim($directory); if ($directory[strlen($directory) - 1] != '/') { $directory = $directory . '/'; } /* * Currently we have disabled the selection of Root album. * This could cause a problem with the 'create the album structure' feature * Need to come up with a better way to handle this. */ /* $album_selectbox = ''; if (SEC_hasRights('mediagallery.admin') || ($_MG_CONF['member_albums'] == 1 && $_MG_CONF['member_album_root'] == 0)) { $album_selectbox .= '<option value="0">' . $LANG_MG01['root_album'] . '</option>'; } $root_album = new mgAlbum(0); $root_album->buildAlbumBox($album_selectbox, $album_id, 3, -1, 'upload'); $album_selectbox .= '</select>'; */ // $album_selectbox = MG_buildAlbumBox($root_album, $album_id, 3, -1, 'upload'); $rowcounter = 0; $retval = ''; $T = COM_newTemplate(MG_getTemplatePath($album_id)); $T->set_file('admin', 'filelist.thtml'); $T->set_var(array('lang_put_files' => $LANG_MG01['put_files'], 'lang_into_album' => $LANG_MG01['into_album'])); $destDirCount++; $dest = sprintf("d%04d", $destDirCount); // build a select box of valid albums for upload require_once $_CONF['path'] . 'plugins/mediagallery/include/classAlbum.php'; $album_selectbox = '<select name="' . $dest . '">' . LB; $root_album = new mgAlbum(0); $root_album->buildAlbumBox($album_selectbox, $album_id, 3, -1, 'upload'); $album_selectbox .= '</select>' . LB; $T->set_block('admin', 'dirRow', 'dRow'); $pdir = $dir == '' ? './' : $dir; $T->set_var(array('directory' => $pdir, 'destination' => $album_selectbox, 'dirdest' => $dest)); $T->set_block('admin', 'fileRow', 'fRow'); // calculate parent directory... $dirParts = array(); $dirParts = explode('/', $dir); $numDirs = count($dirParts); $dirPath = ''; if ($numDirs > 1) { for ($x = 0; $x < $numDirs - 1; $x++) { $dirPath .= $dirParts[$x]; if ($x < $numDirs - 2) { $dirPath .= '/'; } } $dirlink = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=list&album_id=' . $album_id . '&dir=' . $dirPath . '">Parent directory</a>'; $T->set_var(array('row_class' => $rowcounter % 2 ? '2' : '1', 'checkbox' => '', 'palbum' => '', 'pfile' => '', 'dirid' => '', 'filename' => $dirlink, 'fullname' => '', 'filesize' => '', 'parent_select' => '', 'color' => '', 'type' => '')); $T->parse('fRow', 'fileRow', true); $rowcounter++; } while (($file = readdir($dh)) != false) { if ($file == '..' || $file == '.') { continue; } $filetmp = $directory . $file; $filename = basename($file); $file_extension = strtolower(substr(strrchr($filename, '.'), 1)); $isadirectory = 0; if (is_dir($filetmp)) { $isadirectory = 1; $type = 'Directory'; $fullDir = urlencode($dir . '/' . $filename); $dirlink = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?album_id=' . $album_id . '&mode=list&dir=' . $fullDir . '">' . $filename . '</a>'; } if ($isadirectory == 0) { switch ($file_extension) { case 'jpg': case 'bmp': case 'tif': case 'png': $type = 'Image'; break; case 'avi': case 'wmv': case 'asf': case 'mov': $type = 'Video'; break; case 'mp3': case 'ogg': $type = 'Audio'; break; default: $type = 'Unknown'; break; } } $max_filesize = DB_getItem($_TABLES['mg_albums'], 'max_filesize', 'album_id=' . intval($album_id)); $toobig = 0; if ($max_filesize != 0 && filesize($filetmp) > $max_filesize) { $toobig = 1; } $pCount++; $pvalue = sprintf("i%04d", $pCount); $T->set_var(array('row_class' => $rowcounter % 2 ? '2' : '1', 'checkbox' => '<input type="checkbox" name="pic[]" value="' . $pvalue . '"' . XHTML . '>', 'palbum' => '<input type="hidden" name="album_lb_id_' . $pvalue . '" value="' . $dest . '"' . XHTML . '>', 'pfile' => '<input type="hidden" name="picfile_' . $pvalue . '" value="' . $filetmp . '"' . XHTML . '>', 'dirid' => '<input type="hidden" name="dest" value="' . $dest . '"' . XHTML . '>', 'filename' => $isadirectory ? $dirlink : $filename, 'fullname' => $filetmp, 'filesize' => COM_numberFormat(filesize($filetmp) / 1024) . ' kB', 'parent_select' => '<select name="parentaid">' . LB . $album_selectbox, 'color' => $toobig ? '<span style="font-color:red;">' : '<span style="font-color:black;">', 'type' => $type)); $T->parse('fRow', 'fileRow', true); $rowcounter++; } $T->parse('dRow', 'dirRow', true); closedir($dh); $retval .= $T->finish($T->parse('output', 'admin')); return $retval; }
$bodytext = '<p>' . $bodytext . '</p>'; $fulltext = '<p>' . $fulltext . '</p>'; $fulltext_no_br = '<p>' . $fulltext_no_br . '</p>'; } $story_template->set_var('story_introtext', $introtext); $story_template->set_var('story_bodytext', $bodytext); $story_template->set_var('story_text', $fulltext); $story_template->set_var('story_text_no_br', $fulltext_no_br); $story_template->set_var('site_name', $_CONF['site_name']); $story_template->set_var('site_slogan', $_CONF['site_slogan']); $story_template->set_var('story_id', $story->getSid()); $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()); if ($story->DisplayElements('commentcode') >= 0) { $commentsUrl = $articleUrl . '#comments'; $comments = $story->DisplayElements('comments'); $numComments = COM_numberFormat($comments); $story_template->set_var('story_comments', $numComments); $story_template->set_var('comments_url', $commentsUrl); $story_template->set_var('comments_text', $numComments . ' ' . $LANG01[3]); $story_template->set_var('comments_count', $numComments); $story_template->set_var('lang_comments', $LANG01[3]); $comments_with_count = sprintf($LANG01[121], $numComments); if ($comments > 0) { $comments_with_count = COM_createLink($comments_with_count, $commentsUrl); } $story_template->set_var('comments_with_count', $comments_with_count); } $story_template->set_var('lang_full_article', $LANG08[33]); $story_template->set_var('article_url', $articleUrl); $printable = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&mode=print'); $story_template->set_var('printable_url', $printable);
/** * List all backups, i.e. all files ending in .sql * * @return string HTML for the list of files or an error when not writable * */ function listbackups() { global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG08, $LANG_ADMIN, $LANG_DB_BACKUP, $_DB_dbms; require_once $_CONF['path_system'] . 'lib-admin.php'; $retval = ''; if (is_writable($_CONF['backup_path'])) { $backups = array(); $fd = opendir($_CONF['backup_path']); $index = 0; while (false !== ($file = @readdir($fd))) { if ($file != '.' && $file != '..' && $file != 'CVS' && preg_match('/\\.sql$/i', $file)) { $index++; clearstatcache(); $backups[] = $file; } } // AS, 2004-03-29 - Sort backup files by date, newest first. // Order given by 'readdir' might not be correct. usort($backups, 'compareBackupFiles'); $data_arr = array(); $thisUrl = $_CONF['site_admin_url'] . '/database.php'; $num_backups = count($backups); for ($i = 0; $i < $num_backups; $i++) { $downloadUrl = $thisUrl . '?mode=download&file=' . urlencode($backups[$i]); $downloadLink = COM_createLink($backups[$i], $downloadUrl, array('title' => $LANG_DB_BACKUP['download'])); $backupfile = $_CONF['backup_path'] . $backups[$i]; $backupfilesize = COM_numberFormat(filesizeHelper($backupfile)) . ' <b>' . $LANG_DB_BACKUP['bytes'] . '</b>'; $data_arr[$i] = array('file' => $downloadLink, 'size' => $backupfilesize, 'filename' => $backups[$i]); } $token = SEC_createToken(); $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/database.php?mode=backup&' . CSRF_TOKEN . '=' . $token, 'text' => $LANG_ADMIN['create_new'])); if ($_DB_dbms == 'mysql') { $menu_arr[] = array('url' => $thisUrl . '?mode=optimize', 'text' => $LANG_DB_BACKUP['optimize_menu']); if (innodb_supported()) { $menu_arr[] = array('url' => $thisUrl . '?mode=innodb', 'text' => $LANG_DB_BACKUP['convert_menu']); } } $menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']); $retval .= COM_startBlock($LANG_DB_BACKUP['last_ten_backups'], '', COM_getBlockTemplate('_admin_block', 'header')); $retval .= ADMIN_createMenu($menu_arr, "<p>{$LANG_DB_BACKUP['db_explanation']}</p>" . '<p>' . sprintf($LANG_DB_BACKUP['total_number'], $index) . '</p>', $_CONF['layout_url'] . '/images/icons/database.' . $_IMAGE_TYPE); $header_arr = array(array('text' => $LANG_DB_BACKUP['backup_file'], 'field' => 'file'), array('text' => $LANG_DB_BACKUP['size'], 'field' => 'size')); $text_arr = array('form_url' => $thisUrl); $form_arr = array('bottom' => '', 'top' => ''); if ($num_backups > 0) { $form_arr['bottom'] = '<input type="hidden" name="mode" value="delete"' . XHTML . '>' . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '"' . XHTML . '>' . LB; } $listoptions = array('chkdelete' => true, 'chkminimum' => 0, 'chkfield' => 'filename'); $retval .= ADMIN_simpleList('', $header_arr, $text_arr, $data_arr, $listoptions, $form_arr); $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); } else { $retval .= COM_showMessageText($LANG_DB_BACKUP['no_access'], $LANG08[06]); COM_errorLog($_CONF['backup_path'] . ' is not writable.', 1); } return $retval; }
function _createMailStory($sid) { global $_CONF, $_TABLES, $LANG_DIRECTION, $LANG01, $LANG08; USES_lib_story(); $story = new Story(); $args = array('sid' => $sid, 'mode' => 'view'); $output = STORY_LOADED_OK; $result = PLG_invokeService('story', 'get', $args, $output, $svc_msg); if ($result == PLG_RET_OK) { /* loadFromArray cannot be used, since it overwrites the timestamp */ reset($story->_dbFields); while (list($fieldname, $save) = each($story->_dbFields)) { $varname = '_' . $fieldname; if (array_key_exists($fieldname, $output)) { $story->{$varname} = $output[$fieldname]; } } $story->_username = $output['username']; $story->_fullname = $output['fullname']; } if ($output == STORY_PERMISSION_DENIED) { $display = COM_siteHeader('menu', $LANG_ACCESS['accessdenied']) . COM_showMessageText($LANG_ACCESS['storydenialmsg'], $LANG_ACCESS['accessdenied'], true, 'error') . COM_siteFooter(); echo $display; exit; } elseif ($output == STORY_INVALID_SID) { COM_404(); } else { $T = new Template($_CONF['path_layout'] . 'article'); $T->set_file('article', 'mailable.thtml'); list($cacheFile, $style_cache_url) = COM_getStyleCacheLocation(); $T->set_var('direction', $LANG_DIRECTION); $T->set_var('css_url', $style_cache_url); $T->set_var('page_title', $_CONF['site_name'] . ': ' . $story->displayElements('title')); $T->set_var('story_title', $story->DisplayElements('title')); $T->set_var('story_subtitle', $story->DisplayElements('subtitle')); $story_image = $story->DisplayElements('story_image'); if ($story_image != '') { $T->set_var('story_image', $story_image); } else { $T->unset_var('story_image'); } if ($_CONF['hidestorydate'] != 1) { $T->set_var('story_date', $story->displayElements('date')); } if ($_CONF['contributedbyline'] == 1) { $T->set_var('lang_contributedby', $LANG01[1]); $authorname = COM_getDisplayName($story->displayElements('uid')); $T->set_var('author', $authorname); $T->set_var('story_author', $authorname); $T->set_var('story_author_username', $story->DisplayElements('username')); } $T->set_var('story_introtext', $story->DisplayElements('introtext')); $T->set_var('story_bodytext', $story->DisplayElements('bodytext')); $T->set_var('site_name', $_CONF['site_name']); $T->set_var('site_slogan', $_CONF['site_slogan']); $T->set_var('story_id', $story->getSid()); $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()); if ($story->DisplayElements('commentcode') >= 0) { $commentsUrl = $articleUrl . '#comments'; $comments = $story->DisplayElements('comments'); $numComments = COM_numberFormat($comments); $T->set_var('story_comments', $numComments); $T->set_var('comments_url', $commentsUrl); $T->set_var('comments_text', $numComments . ' ' . $LANG01[3]); $T->set_var('comments_count', $numComments); $T->set_var('lang_comments', $LANG01[3]); $comments_with_count = sprintf($LANG01[121], $numComments); if ($comments > 0) { $comments_with_count = COM_createLink($comments_with_count, $commentsUrl); } $T->set_var('comments_with_count', $comments_with_count); } $T->set_var('lang_full_article', $LANG08[33]); $T->set_var('article_url', $articleUrl); COM_setLangIdAndAttribute($T); $T->parse('output', 'article'); $htmlMsg = $T->finish($T->get_var('output')); return $htmlMsg; } }
/** * Display the detail page for the event occurrence. * * @param integer $rp_id ID of the repeat to display * @param string $query Optional query string, for highlighting * @param string $tpl Optional template filename, e.g. 'event_print' * @return string HTML for the page. */ public function Render($rp_id = 0, $query = '', $tpl = '') { global $_CONF, $_USER, $_EV_CONF, $_TABLES, $LANG_EVLIST, $LANG_WEEK, $_SYSTEM; $retval = ''; $url = ''; $location = ''; $street = ''; $city = ''; $province = ''; $country = ''; $postal = ''; $name = ''; $email = ''; $phone = ''; if ($rp_id != 0) { $this->Read($rp_id); } if ($this->rp_id == 0) { return EVLIST_alertMessage($LANG_EVLIST['access_denied']); } //update hit count evlist_hit($this->ev_id); $template = 'event'; if (!empty($tpl)) { $template .= '_' . $tpl; } else { $template .= $_SYSTEM['framework'] == 'uikit' ? '.uikit' : ''; } $T = new Template(EVLIST_PI_PATH . '/templates/'); $T->set_file(array('event' => $template . '.thtml', 'datetime' => 'date_time.thtml', 'address' => 'address.thtml', 'contact' => 'contact.thtml')); // If plain text then replace newlines with <br> tags if ($this->Event->postmode == '1') { //plaintext $this->Event->Detail->summary = nl2br($this->Event->Detail->summary); $this->Event->Detail->full_description = nl2br($this->Event->Detail->full_description); $this->Event->Detail->location = nl2br($this->Event->Detail->location); } $title = $this->Event->Detail->title; if ($this->postmode != 'plaintext') { $summary = PLG_replaceTags($this->Event->Detail->summary); $fulldescription = PLG_replaceTags($this->Event->Detail->full_description); $location = $this->Event->Detail->location != '' ? PLG_replaceTags($this->Event->Detail->location) : ''; } else { $summary = $this->Event->Detail->summary; $fulldescription = $this->Event->Detail->full_description; $location = $this->Event->Detail->location; } if ($query != '') { $title = COM_highlightQuery($title, $query); if (!empty($summary)) { $summary = COM_highlightQuery($summary, $query); } if (!empty($fulldescription)) { $fulldescription = COM_highlightQuery($fulldescription, $query); } if (!empty($location)) { $location = COM_highlightQuery($location, $query); } } $date_start = EVLIST_formattedDate($this->date_start); if ($this->date_start != $this->date_end) { $date_end = EVLIST_formattedDate($this->date_end); } else { $date_end = ''; } if ($this->Event->allday == '1') { $allday = '<br />' . $LANG_EVLIST['all_day_event']; } else { $allday = ''; if ($this->time_start1 != '') { $time_start1 = EVLIST_formattedTime($this->time_start1); $time_end1 = EVLIST_formattedTime($this->time_end1); } else { $time_start1 = ''; $time_end1 = ''; } //$time_period = $time_start . $time_end; if ($this->Event->split == '1') { $time_start2 = EVLIST_formattedTime($this->time_start2); $time_end2 = EVLIST_formattedTime($this->time_end2); } } $url = $this->Event->Detail->url; $street = $this->Event->Detail->street; $city = $this->Event->Detail->city; $province = $this->Event->Detail->province; $postal = $this->Event->Detail->postal; $country = $this->Event->Detail->country; // Now get the text description of the recurring interval, if any if ($this->Event->recurring && $this->Event->rec_data['type'] < EV_RECUR_DATES) { $rec_data = $this->Event->rec_data; $rec_string = $LANG_EVLIST['recur_freq_txt'] . ' ' . $this->Event->RecurDescrip(); switch ($rec_data['type']) { case EV_RECUR_WEEKLY: // sequential days $weekdays = array(); if (is_array($rec_data['listdays'])) { foreach ($rec_data['listdays'] as $daynum) { $weekdays[] = $LANG_WEEK[$daynum]; } $days_text = implode(', ', $weekdays); } else { $days_text = ''; } $rec_string .= ' ' . sprintf($LANG_EVLIST['on_days'], $days_text); break; case EV_RECUR_DOM: $days = array(); foreach ($rec_data['interval'] as $key => $day) { $days[] = $LANG_EVLIST['rec_intervals'][$day]; } $days_text = implode(', ', $days) . ' ' . $LANG_WEEK[$rec_data['weekday']]; $rec_string .= ' ' . sprintf($LANG_EVLIST['on_the_days'], $days_text); break; } if ($this->Event->rec_data['stop'] != '' && $this->Event->rec_data['stop'] < EV_MAX_DATE) { $rec_string .= ' ' . sprintf($LANG_EVLIST['recur_stop_desc'], EVLIST_formattedDate($this->Event->rec_data['stop'])); } } else { $rec_string = ''; } $T->set_var(array('pi_url' => EVLIST_URL, 'webcal_url' => preg_replace('/^https?/', 'webcal', EVLIST_URL), 'rp_id' => $this->rp_id, 'ev_id' => $this->ev_id, 'title' => $title, 'summary' => $summary, 'full_description' => $fulldescription, 'can_edit' => $this->isAdmin ? 'true' : '', 'start_time1' => $time_start1, 'end_time1' => $time_end1, 'start_time2' => $time_start2, 'end_time2' => $time_end2, 'start_date' => $date_start, 'end_date' => $date_end, 'start_datetime1' => $date_start . $time_start, 'end_datetime1' => $date_end . $time_end, 'allday_event' => $this->Event->allday == 1 ? 'true' : '', 'is_recurring' => $this->Event->recurring, 'can_subscribe' => $this->Event->Calendar->cal_ena_ical, 'recurring_event' => $rec_string, 'owner_id' => $this->Event->owner_id, 'cal_name' => $this->Event->Calendar->cal_name, 'cal_id' => $this->Event->cal_id, 'site_name' => $_CONF['site_name'], 'site_slogan' => $_CONF['site_slogan'], 'more_info_link' => sprintf($LANG_EVLIST['click_here'], $url))); if ($_EV_CONF['enable_rsvp'] == 1 && $this->Event->options['use_rsvp'] > 0) { if ($this->Event->options['rsvp_cutoff'] > 0) { $dt = new Date($this->event->date_start1 . ' ' . $this->Event->time_start1, $_CONF['timezone']); if (time() > $dt->toUnix() - $this->Event->options['rsvp_cutoff'] * 86400) { $past_cutoff = false; } else { $past_cutoff = true; } } if (COM_isAnonUser()) { // Just show a must-log-in message $T->set_var('login_to_register', 'true'); } elseif (!$past_cutoff) { $num_free_tickets = $this->isRegistered(0, true); $total_tickets = $this->isRegistered(0, false); if ($num_free_tickets > 0) { // If the user is already registered for any free tickets, // show the cancel link $T->set_var(array('unregister_link' => 'true', 'num_free_reg' => $num_free_tickets)); } // Show the registration link if (($this->Event->options['max_rsvp'] == 0 || $this->Event->options['rsvp_waitlist'] == 1 || $this->Event->options['max_rsvp'] > $this->TotalRegistrations()) && ($this->Event->options['max_user_rsvp'] == 0 || $total_tickets < $this->Event->options['max_user_rsvp'])) { USES_evlist_class_tickettype(); $Ticks = evTicketType::GetTicketTypes(); if ($this->Event->options['max_user_rsvp'] > 0) { $T->set_block('event', 'tickCntBlk', 'tcBlk'); $T->set_var('register_multi', true); //$rsvp_user_count = ''; $avail_tickets = $this->Event->options['max_user_rsvp'] - $total_tickets; for ($i = 1; $i <= $avail_tickets; $i++) { $T->set_var('tick_cnt', $i); $T->parse('tcBlk', 'tickCntBlk', true); //$rsvp_user_count .= '<option value="'.$i.'">'.$i. // '</option>'.LB; } //$T->set_var('register_multi', $rsvp_user_count); } else { // max_rsvp == 0 indicates openended registration $T->set_var('register_unltd', 'true'); } $T->set_block('event', 'tickTypeBlk', 'tBlk'); foreach ($this->Event->options['tickets'] as $tick_id => $data) { /*$options .= '<option value="' . $tick_id . '">' . $Ticks[$tick_id]->description; if ($data['fee'] > 0) { $options .= ' - ' . COM_numberFormat($data['fee'], 2); } $options .= '</option>' . LB;*/ $status = LGLIB_invokeService('paypal', 'formatAmount', array('amount' => $data['fee']), $pp_fmt_amt, $svc_msg); $fmt_amt = $status == PLG_RET_OK ? $pp_fmt_amt : COM_numberFormat($data['fee'], 2); $T->set_var(array('tick_type' => $tick_id, 'tick_descr' => $Ticks[$tick_id]->description, 'tick_fee' => $data['fee'] > 0 ? $fmt_amt : 'FREE')); $T->parse('tBlk', 'tickTypeBlk', true); } $T->set_var(array('register_link' => 'true', 'ticket_options' => $options, 'ticket_types_multi' => count($this->Event->options['tickets']) > 1 ? 'true' : '')); } } // If ticket printing is enabled for this event, see if the // current user has any tickets to print. if ($this->Event->options['rsvp_print'] > 0) { $paid = $this->Event->options['rsvp_print'] == 1 ? 'paid' : ''; USES_evlist_class_ticket(); $tickets = evTicket::GetTickets($this->ev_id, '', $this->uid, $paid); if (count($tickets) > 0) { $T->set_var('have_tickets', 'true'); } } } // if enable_rsvp if (!empty($date_start) || !empty($date_end)) { $T->parse('datetime_info', 'datetime'); } // Only process the location block if at least one element exists. // Don't want an empty block showing. if (!empty($location) || !empty($street) || !empty($city) || !empty($province) || !empty($postal)) { $T->set_var(array('location' => $location, 'street' => $street, 'city' => $city, 'province' => $province, 'country' => $country, 'postal' => $postal)); $T->parse('address_info', 'address'); // Get info from the Weather plugin, if configured and available // There has to be at least some location data for this to work. if ($_EV_CONF['use_weather']) { // The postal code works best, but not internationally. // Try the regular address first. $loc = ''; if (!empty($city) && !empty($province)) { $loc = $city . ', ' . $province . ' ' . $country; } if (!empty($postal)) { $loc .= ' ' . $postal; } if (!empty($loc)) { // Location info was found, get the weather LGLIB_invokeService('weather', 'embed', array('loc' => $loc), $weather, $svc_msg); if (!empty($weather)) { // Weather info was found $T->set_var('weather', $weather); } } } } // Get a map from the Locator plugin, if configured and available if ($_EV_CONF['use_locator'] == 1 && $this->Event->Detail->lat != 0 && $this->Event->Detail->lng != 0) { $status = LGLIB_invokeService('locator', 'getMap', array('lat' => $this->Event->Detail->lat, 'lng' => $this->Event->Detail->lng), $map, $svc_msg); if ($status == PLG_RET_OK) { $T->set_var(array('map' => $map, 'lat' => number_format($this->Event->Detail->lat, 8, '.', ''), 'lng' => number_format($this->Event->Detail->lng, 8, '.', ''))); } } //put contact info here: contact, email, phone# $name = $this->Event->Detail->contact != '' ? COM_applyFilter($this->Event->Detail->contact) : ''; if ($this->Event->Detail->email != '') { $email = COM_applyFilter($this->Event->Detail->email); $email = EVLIST_obfuscate($email); } else { $email = ''; } $phone = $this->Event->Detail->phone != '' ? COM_applyFilter($this->Event->Detail->phone) : ''; if (!empty($name) || !empty($email) || !empty($phone)) { $T->set_var(array('name' => $name, 'email' => $email, 'phone' => $phone)); $T->parse('contact_info', 'contact'); } // TODO: Is the range needed? if (!empty($range)) { $andrange = '&range=' . $range; } else { $andrange = '&range=2'; } if (!empty($cat)) { $andcat = '&cat=' . $cat; } else { $andcat = ''; } $cats = $this->Event->GetCategories(); $catcount = count($cats); if ($catcount > 0) { $catlinks = array(); for ($i = 0; $i < $catcount; $i++) { $catlinks[] = '<a href="' . COM_buildURL(EVLIST_URL . '/index.php?op=list' . $andrange . '&cat=' . $cats[$i]['id']) . '">' . $cats[$i]['name'] . '</a> '; } $catlink = join('| ', $catlinks); $T->set_var('category_link', $catlink, true); } // reminders must be enabled globally first and then per event in // order to be active if (!isset($_EV_CONF['reminder_days'])) { $_EV_CONF['reminder_days'] = 1; } $hasReminder = 0; if ($_EV_CONF['enable_reminders'] == '1' && $this->Event->enable_reminders == '1' && time() < strtotime("-" . $_EV_CONF['reminder_days'] . " days", strtotime($this->date_start))) { //form will not appear within XX days of scheduled event. $show_reminders = true; // Let's see if we have already asked for a reminder... if ($_USER['uid'] > 1) { $hasReminder = DB_count($_TABLES['evlist_remlookup'], array('eid', 'uid', 'rp_id'), array($this->ev_id, $_USER['uid'], $this->rp_id)); } } else { $show_reminders = false; } if ($this->Event->options['contactlink'] == 1) { $ownerlink = $_CONF['site_url'] . '/profiles.php?uid=' . $this->Event->owner_id; $ownerlink = sprintf($LANG_EVLIST['contact_us'], $ownerlink); } else { $ownerlink = ''; } $T->set_var(array('owner_link' => $ownerlink, 'reminder_set' => $hasReminder ? 'true' : 'false', 'reminder_email' => isset($_USER['email']) ? $_USER['email'] : '', 'notice' => 1, 'rp_id' => $this->rp_id, 'eid' => $this->ev_id, 'show_reminderform' => $show_reminders ? 'true' : '')); USES_evlist_class_tickettype(); $tick_types = evTicketType::GetTicketTypes(); $T->set_block('event', 'registerBlock', 'rBlock'); if (is_array($this->Event->options['tickets'])) { foreach ($this->Event->options['tickets'] as $tic_type => $info) { $T->set_var(array('tic_description' => $tick_types[$tic_type]->description, 'tic_fee' => COM_numberFormat($info['fee'], 2))); $T->parse('rBlock', 'registerBlock', true); } } // Show the "manage reservations" link to the event owner if ($_EV_CONF['enable_rsvp'] == 1 && $this->Event->options['use_rsvp'] > 0) { if ($this->isAdmin) { $T->set_var('admin_rsvp', EVLIST_adminRSVP($this->rp_id)); } } $T->parse('output', 'event'); $retval .= $T->finish($T->get_var('output')); return $retval; }
function _fm_getListField_forum($fieldname, $fieldvalue, $A, $icon_arr) { global $_CONF, $_USER, $_TABLES, $LANG_ADMIN, $LANG04, $LANG28, $_IMAGE_TYPE; global $_FF_CONF, $_SYSTEM, $LANG_GF02; $retval = ''; $dt = new Date('now', $_USER['tzid']); switch ($fieldname) { case 'date': $dt->setTimestamp($fieldvalue); $retval = $dt->format('M d, Y', true); break; case 'size': if (!empty($fieldvalue) && $fieldvalue > 0) { $kb = $fieldvalue / 1024; $mb = $kb / 1024; $retval = COM_numberFormat($kb) . ' kb'; } else { $retval = 'Remote'; } break; case 'edit': $attr['title'] = $LANG_ADMIN['edit']; $retval = COM_createLink($icon_arr['edit'], $_CONF['site_admin_url'] . '/plugins/filemgmt/index.php?lid=' . $A['lid'] . '&op=modDownload', $attr); break; default: $retval = $fieldvalue; break; } return $retval; }
/** * Takes an article class and renders HTML in the specified template and style. * * Formats the given article into HTML. Called by index.php, article.php, * submit.php and admin/story.php (Preview mode for the last two). * * @param object $story The story to display, an instance of the Story class. * @param string $index n = 'Compact display' for list of stories. p = 'Preview' mode. Else full display of article. * @param string $storytpl The template to use to render the story. * @param string $query A search query, if one was specified. * * @return string Article as formated HTML. * * Note: Formerly named COM_Article, and re-written totally since then. */ function STORY_renderArticle(&$story, $index = '', $storytpl = 'storytext.thtml', $query = '') { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG05, $LANG11, $LANG_TRB, $_IMAGE_TYPE, $mode; static $storycounter = 0; if (empty($storytpl)) { $storytpl = 'storytext.thtml'; } $introtext = $story->displayElements('introtext'); $bodytext = $story->displayElements('bodytext'); if (!empty($query)) { $introtext = COM_highlightQuery($introtext, $query); $bodytext = COM_highlightQuery($bodytext, $query); } $article = new Template($_CONF['path_layout']); $article->set_file(array('article' => $storytpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml')); $article->set_var('xhtml', XHTML); $article->set_var('layout_url', $_CONF['layout_url']); $article->set_var('site_url', $_CONF['site_url']); $article->set_var('site_admin_url', $_CONF['site_admin_url']); $article->set_var('site_name', $_CONF['site_name']); $article->set_var('story_date', $story->DisplayElements('date')); $article->set_var('story_date_short', $story->DisplayElements('shortdate')); $article->set_var('story_date_only', $story->DisplayElements('dateonly')); if ($_CONF['hideviewscount'] != 1) { $article->set_var('lang_views', $LANG01[106]); $article->set_var('story_hits', $story->DisplayElements('hits')); } $article->set_var('story_id', $story->getSid()); if ($_CONF['contributedbyline'] == 1) { $article->set_var('lang_contributed_by', $LANG01[1]); $article->set_var('contributedby_uid', $story->DisplayElements('uid')); $fullname = $story->DisplayElements('fullname'); $username = $story->DisplayElements('username'); $article->set_var('contributedby_user', $username); if (empty($fullname)) { $article->set_var('contributedby_fullname', $username); } else { $article->set_var('contributedby_fullname', $fullname); } $authorname = COM_getDisplayName($story->DisplayElements('uid'), $username, $fullname); $article->set_var('contributedby_author', $authorname); $article->set_var('author', $authorname); if ($story->DisplayElements('uid') > 1) { $profileUrl = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $story->DisplayElements('uid'); $article->set_var('start_contributedby_anchortag', '<a class="storybyline" href="' . $profileUrl . '">'); $article->set_var('end_contributedby_anchortag', '</a>'); $article->set_var('contributedby_url', $profileUrl); } $photo = ''; if ($_CONF['allow_user_photo'] == 1) { $authphoto = $story->DisplayElements('photo'); if (empty($authphoto)) { $authphoto = '(none)'; // user does not have a photo } $photo = USER_getPhoto($story->DisplayElements('uid'), $authphoto, $story->DisplayElements('email')); } if (!empty($photo)) { $article->set_var('contributedby_photo', $photo); $article->set_var('author_photo', $photo); $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>'; $article->set_var('camera_icon', COM_createLink($camera_icon, $profileUrl)); } else { $article->set_var('contributedby_photo', ''); $article->set_var('author_photo', ''); $article->set_var('camera_icon', ''); } } $topicname = $story->DisplayElements('topic'); $article->set_var('story_topic_id', $story->DisplayElements('tid')); $article->set_var('story_topic_name', $topicname); $topicurl = $_CONF['site_url'] . '/index.php?topic=' . $story->DisplayElements('tid'); if ((!isset($_USER['noicons']) or $_USER['noicons'] != 1) and $story->DisplayElements('show_topic_icon') == 1) { $imageurl = $story->DisplayElements('imageurl'); if (!empty($imageurl)) { $imageurl = COM_getTopicImageUrl($imageurl); $article->set_var('story_topic_image_url', $imageurl); $topicimage = '<img src="' . $imageurl . '" class="float' . $_CONF['article_image_align'] . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>'; $article->set_var('story_anchortag_and_image', COM_createLink($topicimage, $topicurl, array('rel' => "category"))); $article->set_var('story_topic_image', $topicimage); $topicimage_noalign = '<img src="' . $imageurl . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>'; $article->set_var('story_anchortag_and_image_no_align', COM_createLink($topicimage_noalign, $topicurl, array('rel' => "category"))); $article->set_var('story_topic_image_no_align', $topicimage_noalign); } } $article->set_var('story_topic_url', $topicurl); $recent_post_anchortag = ''; $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()); $article->set_var('story_title', $story->DisplayElements('title')); $article->set_var('lang_permalink', $LANG01[127]); $show_comments = true; // n = 'Compact display' for list of stories. p = 'Preview' mode. if ($index != 'n' && $index != 'p' || !empty($query)) { $attributes = ' class="non-ul"'; $attr_array = array('class' => 'non-ul'); if (!empty($query)) { $attributes .= ' rel="bookmark"'; $attr_array['rel'] = 'bookmark'; } $article->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '"' . $attributes . '>'); $article->set_var('end_storylink_anchortag', '</a>'); $article->set_var('story_title_link', COM_createLink($story->DisplayElements('title'), $articleUrl, $attr_array)); } else { $article->set_var('story_title_link', $story->DisplayElements('title')); } if ($index == 'n' || $index == 'p') { if (empty($bodytext)) { $article->set_var('story_introtext', $introtext); $article->set_var('story_text_no_br', $introtext); } else { if ($_CONF['allow_page_breaks'] == 1 and $index == 'n') { $story_page = 1; // page selector if (is_numeric($mode)) { $story_page = $mode; if ($story_page <= 0) { $story_page = 1; $mode = 0; } elseif ($story_page > 1) { $introtext = ''; } } $article_array = explode('[page_break]', $bodytext); $pagelinks = COM_printPageNavigation($articleUrl, $story_page, count($article_array), 'mode=', $_CONF['url_rewrite'], $LANG01[118]); if (count($article_array) > 1) { $bodytext = $article_array[$story_page - 1]; } $article->set_var('page_selector', $pagelinks); if ($_CONF['page_break_comments'] == 'last' and $story_page < count($article_array) or $_CONF['page_break_comments'] == 'first' and $story_page != 1) { $show_comments = false; } $article->set_var('story_page', $story_page); } $article->set_var('story_introtext', $introtext . '<br' . XHTML . '><br' . XHTML . '>' . $bodytext); $article->set_var('story_text_no_br', $introtext . ' ' . $bodytext); } $article->set_var('story_introtext_only', $introtext); $article->set_var('story_bodytext_only', $bodytext); if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && SEC_hasRights('story.ping')) { $url = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&id=' . $story->getSid(); $article->set_var('send_trackback_link', COM_createLink($LANG_TRB['send_trackback'], $url)); $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>'; $article->set_var('send_trackback_icon', COM_createLink($pingico, $url)); $article->set_var('send_trackback_url', $url); $article->set_var('lang_send_trackback_text', $LANG_TRB['send_trackback']); } $article->set_var('story_display', $index == 'p' ? 'preview' : 'article'); $article->set_var('story_counter', 0); } else { $article->set_var('story_introtext', $introtext); $article->set_var('story_text_no_br', $introtext); $article->set_var('story_introtext_only', $introtext); if (!empty($bodytext)) { $article->set_var('lang_readmore', $LANG01[2]); $article->set_var('lang_readmore_words', $LANG01[62]); $numwords = COM_numberFormat(count(explode(' ', COM_getTextContent($bodytext)))); $article->set_var('readmore_words', $numwords); $article->set_var('readmore_link', COM_createLink($LANG01[2], $articleUrl, array('class' => 'story-read-more-link')) . ' (' . $numwords . ' ' . $LANG01[62] . ') '); $article->set_var('start_readmore_anchortag', '<a href="' . $articleUrl . '" class="story-read-more-link">'); $article->set_var('end_readmore_anchortag', '</a>'); $article->set_var('read_more_class', 'class="story-read-more-link"'); } if ($story->DisplayElements('commentcode') >= 0 and $show_comments) { $commentsUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#comments'; $article->set_var('comments_url', $commentsUrl); $article->set_var('comments_text', COM_numberFormat($story->DisplayElements('comments')) . ' ' . $LANG01[3]); $article->set_var('comments_count', COM_numberFormat($story->DisplayElements('comments'))); $article->set_var('lang_comments', $LANG01[3]); $comments_with_count = sprintf($LANG01[121], COM_numberFormat($story->DisplayElements('comments'))); if ($story->DisplayElements('comments') > 0) { $result = DB_query("SELECT UNIX_TIMESTAMP(date) AS day,username,fullname,{$_TABLES['comments']}.uid as cuid FROM {$_TABLES['comments']},{$_TABLES['users']} WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid AND sid = '" . $story->getsid() . "' ORDER BY date desc LIMIT 1"); $C = DB_fetchArray($result); $recent_post_anchortag = '<span class="storybyline">' . $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . COM_getDisplayName($C['cuid'], $C['username'], $C['fullname']) . '</span>'; $article->set_var('comments_with_count', COM_createLink($comments_with_count, $commentsUrl)); $article->set_var('start_comments_anchortag', '<a href="' . $commentsUrl . '">'); $article->set_var('end_comments_anchortag', '</a>'); } else { $article->set_var('comments_with_count', $comments_with_count); $recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/comment.php?sid=' . $story->getsid() . '&pid=0&type=article'); } if ($story->DisplayElements('commentcode') == 0) { $postCommentUrl = $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&pid=0&type=article'; $article->set_var('post_comment_link', COM_createLink($LANG01[60], $postCommentUrl, array('rel' => 'nofollow'))); /* $article->set_var( 'subscribe_link', COM_createLink('Nubbies', '', array('rel' => 'nofollow')) ); */ $article->set_var('lang_post_comment', $LANG01[60]); $article->set_var('start_post_comment_anchortag', '<a href="' . $postCommentUrl . '" rel="nofollow">'); $article->set_var('end_post_comment_anchortag', '</a>'); } } if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && $story->DisplayElements('trackbackcode') >= 0 && $show_comments) { $num_trackbacks = COM_numberFormat($story->DisplayElements('trackbacks')); $trackbacksUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#trackback'; $article->set_var('trackbacks_url', $trackbacksUrl); $article->set_var('trackbacks_text', $num_trackbacks . ' ' . $LANG_TRB['trackbacks']); $article->set_var('trackbacks_count', $num_trackbacks); $article->set_var('lang_trackbacks', $LANG_TRB['trackbacks']); $article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl)); if (SEC_hasRights('story.ping')) { $pingurl = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&id=' . $story->getSid(); $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>'; $article->set_var('send_trackback_icon', COM_createLink($pingico, $pingurl)); } if ($story->DisplayElements('trackbacks') > 0) { $article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl)); } else { $article->set_var('trackbacks_with_count', sprintf($LANG01[122], $num_trackbacks)); } } if ($_CONF['hideemailicon'] == 1 || empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) { $article->set_var('email_icon', ''); } else { $emailUrl = $_CONF['site_url'] . '/profiles.php?sid=' . $story->getSid() . '&what=emailstory'; $emailicon = '<img src="' . $_CONF['layout_url'] . '/images/mail.' . $_IMAGE_TYPE . '" alt="' . $LANG01[64] . '" title="' . $LANG11[2] . '"' . XHTML . '>'; $article->set_var('email_icon', COM_createLink($emailicon, $emailUrl)); $article->set_var('email_story_url', $emailUrl); $article->set_var('lang_email_story', $LANG11[2]); $article->set_var('lang_email_story_alt', $LANG01[64]); } $printUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&mode=print'); if ($_CONF['hideprintericon'] == 1) { $article->set_var('print_icon', ''); } else { $printicon = '<img src="' . $_CONF['layout_url'] . '/images/print.' . $_IMAGE_TYPE . '" alt="' . $LANG01[65] . '" title="' . $LANG11[3] . '"' . XHTML . '>'; $article->set_var('print_icon', COM_createLink($printicon, $printUrl, array('rel' => 'nofollow'))); $article->set_var('print_story_url', $printUrl); $article->set_var('lang_print_story', $LANG11[3]); $article->set_var('lang_print_story_alt', $LANG01[65]); } $article->set_var('story_display', 'index'); $storycounter++; $article->set_var('story_counter', $storycounter); } $article->set_var('article_url', $articleUrl); $article->set_var('recent_post_anchortag', $recent_post_anchortag); if ($story->checkAccess() == 3 and SEC_hasrights('story.edit') and $index != 'p') { $article->set_var('edit_link', COM_createLink($LANG01[4], $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' . $story->getSid())); $article->set_var('edit_url', $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' . $story->getSid()); $article->set_var('lang_edit_text', $LANG01[4]); $editicon = $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE; $editiconhtml = '<img src="' . $editicon . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>'; $article->set_var('edit_icon', COM_createLink($editiconhtml, $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' . $story->getSid())); $article->set_var('edit_image', $editiconhtml); } if ($story->DisplayElements('featured') == 1) { $article->set_var('lang_todays_featured_article', $LANG05[4]); $article->parse('story_bodyhtml', 'featuredbodytext', true); PLG_templateSetVars('featuredstorytext', $article); $article->parse('finalstory', 'featuredarticle'); } elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE and $story->DisplayElements('expire') <= time()) { $article->parse('story_bodyhtml', 'archivestorybodytext', true); PLG_templateSetVars('archivestorytext', $article); $article->parse('finalstory', 'archivearticle'); } else { $article->parse('story_bodyhtml', 'bodytext', true); PLG_templateSetVars('storytext', $article); $article->parse('finalstory', 'article'); } return $article->finish($article->get_var('finalstory')); }
/** * Takes an article class and renders HTML in the specified template and style. * Formats the given article into HTML. Called by index.php, article.php, * submit.php and admin/story.php (Preview mode for the last two). * * @param Story $story The story to display, an instance of the Story class. * @param string $index n = Full display of article. p = 'Preview' mode. Else introtext only. * @param string $storyTpl The template to use to render the story. * @param string $query A search query, if one was specified. * @return string Article as formatted HTML. * Note: Formerly named COM_Article, and re-written totally since then. */ function STORY_renderArticle($story, $index = '', $storyTpl = 'storytext.thtml', $query = '') { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG05, $LANG11, $LANG_TRB, $_IMAGE_TYPE, $mode; static $storyCounter = 0; if ($story->DisplayElements('featured') == 1) { $article_filevar = 'featuredarticle'; } elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE && $story->DisplayElements('expire') <= time()) { $article_filevar = 'archivearticle'; } else { $article_filevar = 'article'; } if (empty($storyTpl)) { $storyTpl = 'storytext.thtml'; } // Change article template file with the topic (feature request #275) $templateDir = $_CONF['path_layout']; $topicDir = $templateDir . 'topics/' . $story->DisplayElements('tid') . '/'; if (is_dir($topicDir) && file_exists($topicDir . $storyTpl)) { $templateDir = $topicDir; } $article = COM_newTemplate($templateDir); $article->set_file(array('article' => $storyTpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml')); // begin instance caching... $cache_time = $story->DisplayElements('cache_time'); $current_article_tid = $story->DisplayElements('tid'); $retval = false; // If stays false will rebuild article and not used cache (checks done below) if ($cache_time > 0 || $cache_time == -1) { $hash = CACHE_security_hash(); $cacheInstance = 'article__' . $story->getSid() . '_' . $index . $mode . '_' . $article_filevar . '_' . $current_article_tid . '_' . $hash . '_' . $_USER['theme']; if ($_CONF['cache_templates']) { $retval = $article->check_instance($cacheInstance, $article_filevar); } else { $retval = CACHE_check_instance($cacheInstance); } if ($retval && $cache_time == -1) { // Cache file found so use it since no time limit set to recreate } elseif ($retval && $cache_time > 0) { $lu = CACHE_get_instance_update($cacheInstance); $now = time(); if ($now - $lu < $cache_time) { // Cache file found so use it since under time limit set to recreate } else { // generate article and create cache file // Cache time is not built into template caching so need to delete it manually and reset $retval if ($_CONF['cache_templates']) { // Need to close and recreate template class since issues arise when theme templates are cached unset($article); // Close template class CACHE_remove_instance($cacheInstance); $article = COM_newTemplate($_CONF['path_layout']); $article->set_file(array('article' => $storyTpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml')); } else { // theme templates are not cache so can go ahead and delete story cache CACHE_remove_instance($cacheInstance); } $retval = false; } } else { // Need to reset especially if caching is disabled for a certain story but template caching has been enabled for the theme $retval = false; } } $articleUrl = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $story->getSid()); $article->set_var('article_url', $articleUrl); $article->set_var('story_title', $story->DisplayElements('title')); // Date formatting set by user therefore cannot be cached $article->set_var('story_date', $story->DisplayElements('date'), false, true); $article->set_var('story_datetime', $story->DisplayElements('datetime'), false, true); // Story views increase with every visit so cannot be cached if ($_CONF['hideviewscount'] != 1) { $article->set_var('lang_views', $LANG01[106], false, true); $article->set_var('story_hits', $story->DisplayElements('hits'), false, true); } // Topic Icon is user configurable so do not cache $topicname = $story->DisplayElements('topic'); $topicurl = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $story->DisplayElements('tid')); if ((!isset($_USER['noicons']) || $_USER['noicons'] != 1) && $story->DisplayElements('show_topic_icon') == 1) { $imageurl = $story->DisplayElements('imageurl'); if (!empty($imageurl)) { $imageurl = COM_getTopicImageUrl($imageurl); $article->set_var('story_topic_image_url', $imageurl, false, true); $topicimage = '<img src="' . $imageurl . '" class="float' . $_CONF['article_image_align'] . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>'; $article->set_var('story_anchortag_and_image', COM_createLink($topicimage, $topicurl, array()), false, true); $article->set_var('story_topic_image', $topicimage, false, true); $topicimage_noalign = '<img src="' . $imageurl . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>'; $article->set_var('story_anchortag_and_image_no_align', COM_createLink($topicimage_noalign, $topicurl, array()), false, true); $article->set_var('story_topic_image_no_align', $topicimage_noalign, false, true); } } // Main article content if ($index == 'p') { $introtext = $story->getPreviewText('introtext'); $bodytext = $story->getPreviewText('bodytext'); } else { $introtext = $story->displayElements('introtext'); $bodytext = $story->displayElements('bodytext'); } $readmore = empty($bodytext) ? 0 : 1; $numwords = COM_numberFormat(count(explode(' ', COM_getTextContent($bodytext)))); if (COM_onFrontpage()) { $bodytext = ''; } if (!empty($query)) { $introtext = COM_highlightQuery($introtext, $query); $bodytext = COM_highlightQuery($bodytext, $query); } // Create article only if preview, or query not empty, or if no cache version or cache version is not required if ($index == 'p' || !empty($query) || !$retval) { $article->set_var('article_filevar', ''); $article->set_var('site_name', $_CONF['site_name']); //$article->set_var( 'story_date', $story->DisplayElements('date') ); $article->set_var('story_date_short', $story->DisplayElements('shortdate')); $article->set_var('story_date_only', $story->DisplayElements('dateonly')); $article->set_var('story_id', $story->getSid()); if ($_CONF['contributedbyline'] == 1) { $article->set_var('lang_contributed_by', $LANG01[1]); $article->set_var('contributedby_uid', $story->DisplayElements('uid')); $fullname = $story->DisplayElements('fullname'); $username = $story->DisplayElements('username'); $article->set_var('contributedby_user', $username); if (empty($fullname)) { $article->set_var('contributedby_fullname', $username); } else { $article->set_var('contributedby_fullname', $fullname); } $authorname = COM_getDisplayName($story->DisplayElements('uid'), $username, $fullname); $article->set_var('contributedby_author', $authorname); $article->set_var('author', $authorname); $profileUrl = ''; if ($story->DisplayElements('uid') > 1) { $profileUrl = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $story->DisplayElements('uid'); $article->set_var('start_contributedby_anchortag', '<a class="storybyline" href="' . $profileUrl . '" rel="author">'); $article->set_var('end_contributedby_anchortag', '</a>'); $article->set_var('contributedby_url', $profileUrl); } $photo = ''; if ($_CONF['allow_user_photo'] == 1) { $authphoto = $story->DisplayElements('photo'); if (empty($authphoto)) { $authphoto = '(none)'; // user does not have a photo } $photo = USER_getPhoto($story->DisplayElements('uid'), $authphoto, $story->DisplayElements('email')); } if (!empty($photo)) { $article->set_var('contributedby_photo', $photo); $article->set_var('author_photo', $photo); $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>'; $article->set_var('camera_icon', COM_createLink($camera_icon, $profileUrl)); } else { $article->set_var('contributedby_photo', ''); $article->set_var('author_photo', ''); $article->set_var('camera_icon', ''); } } $article->set_var('story_topic_id', $story->DisplayElements('tid')); $article->set_var('story_topic_name', $topicname); $article->set_var('story_topic_url', $topicurl); $recent_post_anchortag = ''; $article->set_var('lang_permalink', $LANG01[127]); $show_comments = true; // n = Full display of article. p = 'Preview' mode. if ($index != 'n' && $index != 'p' || !empty($query)) { $attributes = ' class="non-ul"'; $attr_array = array('class' => 'non-ul'); if (!empty($query)) { $attributes .= ' rel="bookmark"'; $attr_array['rel'] = 'bookmark'; } $article->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '"' . $attributes . '>'); $article->set_var('end_storylink_anchortag', '</a>'); $article->set_var('story_title_link', COM_createLink($story->DisplayElements('title'), $articleUrl, $attr_array)); } else { $article->set_var('story_title_link', $story->DisplayElements('title')); } $related_topics = ''; if ($index == 'n') { if ($_CONF['supported_version_theme'] == '1.8.1') { $article->set_var('breadcrumb_trail', TOPIC_breadcrumbs('article', $story->getSid())); } if ($_CONF['related_topics'] > 0) { $related_topics = TOPIC_relatedTopics('article', $story->getSid(), $_CONF['related_topics_max']); $article->set_var('related_topics', $related_topics); } } elseif ($index != 'p') { if ($_CONF['related_topics'] > 1) { $related_topics = TOPIC_relatedTopics('article', $story->getSid(), $_CONF['related_topics_max']); $article->set_var('related_topics', $related_topics); } } $page_selector = ''; $readmore_link = ''; $post_comment_link = ''; $plugin_itemdisplay = ''; $comments_with_count = ''; $trackbacks_with_count = ''; if ($index == 'n' || $index == 'p') { if (empty($bodytext)) { $article->set_var('story_introtext', $introtext); $article->set_var('story_text_no_br', $introtext); } else { if ($_CONF['allow_page_breaks'] == 1 && $index == 'n') { $story_page = 1; // page selector if (is_numeric($mode)) { $story_page = $mode; if ($story_page <= 0) { $story_page = 1; $mode = 0; } elseif ($story_page > 1) { $introtext = ''; } } $article_array = explode('[page_break]', $bodytext); $page_break_count = count($article_array); if ($story_page > $page_break_count) { // Can't have page count greater than actual number of pages $story_page = $page_break_count; } $page_selector = COM_printPageNavigation($articleUrl, $story_page, $page_break_count, 'mode=', $_CONF['url_rewrite'], $LANG01[118]); if (count($article_array) > 1) { $bodytext = $article_array[$story_page - 1]; } $article->set_var('page_selector', $page_selector); if ($_CONF['page_break_comments'] == 'last' && $story_page < count($article_array) || $_CONF['page_break_comments'] == 'first' && $story_page != 1) { $show_comments = false; } $article->set_var('story_page', $story_page); } $article->set_var('story_introtext', $introtext . '<br' . XHTML . '><br' . XHTML . '>' . $bodytext); $article->set_var('story_text_no_br', $introtext . ' ' . $bodytext); } $article->set_var('story_introtext_only', $introtext); $article->set_var('story_bodytext_only', $bodytext); if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && SEC_hasRights('story.ping')) { $url = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&id=' . $story->getSid(); $article->set_var('send_trackback_link', COM_createLink($LANG_TRB['send_trackback'], $url)); $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>'; $article->set_var('send_trackback_icon', COM_createLink($pingico, $url)); $article->set_var('send_trackback_url', $url); $article->set_var('lang_send_trackback_text', $LANG_TRB['send_trackback']); } $article->set_var('story_display', $index == 'p' ? 'preview' : 'article'); $article->set_var('story_counter', 0); } else { $article->set_var('story_introtext', $introtext); $article->set_var('story_text_no_br', $introtext); $article->set_var('story_introtext_only', $introtext); if ($readmore) { $article->set_var('lang_readmore', $LANG01[2]); $article->set_var('lang_readmore_words', $LANG01[62]); $article->set_var('readmore_words', $numwords); $readmore_link = COM_createLink($LANG01[2], $articleUrl, array('class' => 'story-read-more-link')) . ' (' . $numwords . ' ' . $LANG01[62] . ') '; $article->set_var('readmore_link', $readmore_link); $article->set_var('start_readmore_anchortag', '<a href="' . $articleUrl . '" class="story-read-more-link">'); $article->set_var('end_readmore_anchortag', '</a>'); $article->set_var('read_more_class', 'class="story-read-more-link"'); } if ($story->DisplayElements('commentcode') >= 0 && $show_comments) { $commentsUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#comments'; $article->set_var('comments_url', $commentsUrl); $article->set_var('comments_text', COM_numberFormat($story->DisplayElements('comments')) . ' ' . $LANG01[3]); $article->set_var('comments_count', COM_numberFormat($story->DisplayElements('comments'))); $article->set_var('lang_comments', $LANG01[3]); $comments_with_count = sprintf($LANG01[121], COM_numberFormat($story->DisplayElements('comments'))); if ($story->DisplayElements('comments') > 0) { $result = DB_query("SELECT UNIX_TIMESTAMP(date) AS day,username,fullname,{$_TABLES['comments']}.uid as cuid FROM {$_TABLES['comments']},{$_TABLES['users']} WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid AND sid = '" . $story->getSid() . "' ORDER BY date DESC LIMIT 1"); $C = DB_fetchArray($result); $recent_post_anchortag = '<span class="storybyline">' . $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . COM_getDisplayName($C['cuid'], $C['username'], $C['fullname']) . '</span>'; $comments_with_count = COM_createLink($comments_with_count, $commentsUrl); $article->set_var('comments_with_count', $comments_with_count); $article->set_var('start_comments_anchortag', '<a href="' . $commentsUrl . '">'); $article->set_var('end_comments_anchortag', '</a>'); } else { $article->set_var('comments_with_count', $comments_with_count); if ($_CONF['comment_on_same_page'] == true) { $recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '#commenteditform'); } else { $recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&pid=0&type=article'); if ($_CONF['show_comments_at_replying'] == true) { $recent_post_anchortag .= '#commenteditform'; } } } if ($story->DisplayElements('commentcode') == 0) { if ($_CONF['comment_on_same_page'] == true) { $postCommentUrl = $_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '#commenteditform'; } else { $postCommentUrl = $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&pid=0&type=article'; if ($_CONF['show_comments_at_replying'] == true) { $postCommentUrl .= '#commenteditform'; } } $post_comment_link = COM_createLink($LANG01[60], $postCommentUrl, array('rel' => 'nofollow')); $article->set_var('post_comment_link', $post_comment_link); /* $article->set_var( 'subscribe_link', COM_createLink('Nubbies', '', array('rel' => 'nofollow')) ); */ $article->set_var('lang_post_comment', $LANG01[60]); $article->set_var('start_post_comment_anchortag', '<a href="' . $postCommentUrl . '" rel="nofollow">'); $article->set_var('end_post_comment_anchortag', '</a>'); } } if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && $story->DisplayElements('trackbackcode') >= 0 && $show_comments) { $num_trackbacks = COM_numberFormat($story->DisplayElements('trackbacks')); $trackbacksUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#trackback'; $article->set_var('trackbacks_url', $trackbacksUrl); $article->set_var('trackbacks_text', $num_trackbacks . ' ' . $LANG_TRB['trackbacks']); $article->set_var('trackbacks_count', $num_trackbacks); $article->set_var('lang_trackbacks', $LANG_TRB['trackbacks']); if (SEC_hasRights('story.ping')) { $pingurl = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&id=' . $story->getSid(); $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>'; $article->set_var('send_trackback_icon', COM_createLink($pingico, $pingurl)); } $trackbacks_with_count = sprintf($LANG01[122], $num_trackbacks); if ($story->DisplayElements('trackbacks') > 0) { $trackbacks_with_count = COM_createLink($trackbacks_with_count, $trackbacksUrl); } $article->set_var('trackbacks_with_count', $trackbacks_with_count); } if ($_CONF['hideemailicon'] == 1 || COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) { $article->set_var('email_icon', ''); } else { $emailUrl = $_CONF['site_url'] . '/profiles.php?sid=' . $story->getSid() . '&what=emailstory'; $emailicon = '<img src="' . $_CONF['layout_url'] . '/images/mail.' . $_IMAGE_TYPE . '" alt="' . $LANG01[64] . '" title="' . $LANG11[2] . '"' . XHTML . '>'; $article->set_var('email_icon', COM_createLink($emailicon, $emailUrl)); $article->set_var('email_story_url', $emailUrl); $article->set_var('lang_email_story', $LANG11[2]); $article->set_var('lang_email_story_alt', $LANG01[64]); } $printUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&mode=print'); if ($_CONF['hideprintericon'] == 1) { $article->set_var('print_icon', ''); } else { $printicon = '<img src="' . $_CONF['layout_url'] . '/images/print.' . $_IMAGE_TYPE . '" alt="' . $LANG01[65] . '" title="' . $LANG11[3] . '"' . XHTML . '>'; $article->set_var('print_icon', COM_createLink($printicon, $printUrl, array('rel' => 'nofollow'))); $article->set_var('print_story_url', $printUrl); $article->set_var('lang_print_story', $LANG11[3]); $article->set_var('lang_print_story_alt', $LANG01[65]); } $article->set_var('story_display', 'index'); $storyCounter++; $article->set_var('story_counter', $storyCounter); } $article->set_var('recent_post_anchortag', $recent_post_anchortag); if ($index != 'p' && SEC_hasRights('story.edit') && $story->checkAccess() == 3 && TOPIC_hasMultiTopicAccess('article', $story->DisplayElements('sid')) == 3) { $editUrl = $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' . $story->getSid(); $editiconhtml = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>'; $article->set_var('edit_link', COM_createLink($LANG01[4], $editUrl)); $article->set_var('edit_url', $editUrl); $article->set_var('lang_edit_text', $LANG01[4]); $article->set_var('edit_icon', COM_createLink($editiconhtml, $editUrl, array('class' => 'editlink'))); $article->set_var('edit_image', $editiconhtml); } $navi_list = true; $feedback_list = true; if ($index == 'p') { $navi_list = false; $feedback_list = false; } else { $navi_list = $page_selector !== '' || $readmore_link !== '' || $post_comment_link !== ''; $feedback_list = $plugin_itemdisplay !== '' || $comments_with_count !== '' || $trackbacks_with_count !== ''; } $story_footer = $navi_list || $feedback_list || $related_topics !== ''; $article->set_var('navi_list', $navi_list); $article->set_var('feedback_list', $feedback_list); $article->set_var('story_footer', $story_footer); if ($story->DisplayElements('featured') == 1) { $article->set_var('lang_todays_featured_article', $LANG05[4]); $article->parse('story_bodyhtml', 'featuredbodytext', true); PLG_templateSetVars('featuredstorytext', $article); } elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE && $story->DisplayElements('expire') <= time()) { $article->parse('story_bodyhtml', 'archivestorybodytext', true); PLG_templateSetVars('archivestorytext', $article); } else { $article->parse('story_bodyhtml', 'bodytext', true); PLG_templateSetVars('storytext', $article); } // Add related articles if ($index === 'n') { $article->set_var('related_articles_by_keyword', Story::getRelatedArticlesByKeywords($story->getSid(), $story->DisplayElements('meta_keywords'))); } PLG_templateSetVars($article_filevar, $article); if ($index != 'p' && ($cache_time > 0 || $cache_time == -1)) { $article->create_instance($cacheInstance, $article_filevar); // CACHE_create_instance($cacheInstance, $article); } } else { PLG_templateSetVars($article_filevar, $article); if (!$_CONF['cache_templates']) { // Hack (see Geeklog Bug Tracker issue #0001817): Cannot set the template variable directly with set_var since // this template variable was set with set_file which uses the templatecode array (set_var uses varvals array) // so have to update the templatecode array directly. This array really shouldn't be accessed this way // and this hack should be changed in the future: either set_var or set_file functions need to allow update of the file template variable found in templatecode // $article->set_var($article_filevar, $retval); $article->templateCode[$article_filevar] = $retval; } } $article->parse('finalstory', $article_filevar); return $article->finish($article->get_var('finalstory')); }
/** * Displays the static page editor form * * @param array $A Data to display * @return string HTML for the static page editor * */ function staticpageeditor_form($A) { global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $mode, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG01, $LANG24, $LANG_postmodes, $MESSAGE, $_IMAGE_TYPE, $_SCRIPTS; if (!empty($sp_id) && $mode == 'edit') { $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); } else { if ($mode != 'clone') { $A['sp_inblock'] = $_SP_CONF['in_block']; } $A['owner_id'] = $_USER['uid']; if (isset($_GROUPS['Static Page Admin'])) { $A['group_id'] = $_GROUPS['Static Page Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('staticpages.edit'); } SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']); $access = 3; if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) { $A['advanced_editor_mode'] = 1; } } $retval = ''; $sp_template = COM_newTemplate(CTL_plugin_templatePath('staticpages', 'admin')); if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) { $sp_template->set_file('form', 'editor_advanced.thtml'); // Shouldn't really have to check if anonymous user but who knows... if (COM_isAnonUser()) { $link_message = ""; } else { $link_message = $LANG01[138]; } $sp_template->set_var('noscript', COM_getNoScript(false, '', $link_message)); // Setup Advanced Editor COM_setupAdvancedEditor('/staticpages/adveditor.js', 'staticpages.edit'); $sp_template->set_var('lang_expandhelp', $LANG24[67]); $sp_template->set_var('lang_reducehelp', $LANG24[68]); $sp_template->set_var('lang_toolbar', $LANG24[70]); $sp_template->set_var('toolbar1', $LANG24[71]); $sp_template->set_var('toolbar2', $LANG24[72]); $sp_template->set_var('toolbar3', $LANG24[73]); $sp_template->set_var('toolbar4', $LANG24[74]); $sp_template->set_var('toolbar5', $LANG24[75]); $sp_template->set_var('lang_nojavascript', $LANG24[77]); $sp_template->set_var('lang_postmode', $LANG24[4]); if (isset($A['postmode']) && $A['postmode'] == 'adveditor') { $sp_template->set_var('show_adveditor', ''); $sp_template->set_var('show_htmleditor', 'none'); } else { $sp_template->set_var('show_adveditor', 'none'); $sp_template->set_var('show_htmleditor', ''); } $post_options = '<option value="html" selected="selected">' . $LANG_postmodes['html'] . '</option>'; if (isset($A['postmode']) && $A['postmode'] == 'adveditor') { $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>'; } else { $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>'; } $sp_template->set_var('post_options', $post_options); $sp_template->set_var('change_editormode', 'onchange="change_editmode(this);"'); } else { $sp_template->set_file('form', 'editor.thtml'); } // Add JavaScript if ($_CONF['titletoid']) { $_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js'); $sp_template->set_var('titletoid', true); } $sp_template->set_var('lang_mode', $LANG24[3]); $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode'])); $sp_template->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $sp_template->set_var('lang_owner', $LANG_ACCESS['owner']); $owner_name = COM_getDisplayName($A['owner_id']); $owner_username = DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"); $sp_template->set_var('owner_id', $A['owner_id']); $sp_template->set_var('owner', $owner_name); $sp_template->set_var('owner_name', $owner_name); $sp_template->set_var('owner_username', $owner_username); if ($A['owner_id'] > 1) { $profile_link = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['owner_id']; $sp_template->set_var('start_owner_anchortag', '<a href="' . $profile_link . '">'); $sp_template->set_var('end_owner_anchortag', '</a>'); $sp_template->set_var('owner_link', COM_createLink($owner_name, $profile_link)); $photo = ''; if ($_CONF['allow_user_photo']) { $photo = DB_getItem($_TABLES['users'], 'photo', "uid = {$A['owner_id']}"); if (!empty($photo)) { $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>'; $sp_template->set_var('camera_icon', COM_createLink($camera_icon, $profile_link)); } } if (empty($photo)) { $sp_template->set_var('camera_icon', ''); } } else { $sp_template->set_var('start_owner_anchortag', ''); $sp_template->set_var('end_owner_anchortag', ''); $sp_template->set_var('owner_link', $owner_name); } $sp_template->set_var('lang_group', $LANG_ACCESS['group']); $sp_template->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $sp_template->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); $sp_template->set_var('lang_permissions', $LANG_ACCESS['permissions']); $sp_template->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $sp_template->set_var('permissions_msg', $LANG_ACCESS['permmsg']); $sp_template->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $token = SEC_createToken(); $start_block = COM_startBlock($LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header')); $start_block .= SEC_getTokenExpiryNotice($token); $sp_template->set_var('start_block_editor', $start_block); $sp_template->set_var('lang_save', $LANG_ADMIN['save']); $sp_template->set_var('lang_cancel', $LANG_ADMIN['cancel']); $sp_template->set_var('lang_preview', $LANG_ADMIN['preview']); if (SEC_hasRights('staticpages.delete') && $mode != 'clone' && !empty($A['sp_old_id'])) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); } else { $sp_template->set_var('delete_option', ''); } $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']); $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}")); $authorname = COM_getDisplayName($A['owner_id']); $sp_template->set_var('name', $authorname); $sp_template->set_var('author', $authorname); $sp_template->set_var('lang_url', $LANG_STATIC['url']); $sp_template->set_var('lang_id', $LANG_STATIC['id']); $sp_template->set_var('sp_uid', $A['owner_id']); $sp_template->set_var('sp_id', $A['sp_id']); $sp_template->set_var('sp_old_id', $A['sp_old_id']); $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . $A['sp_id'])); $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']); $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']); $sp_template->set_var('lang_centerblock_include', $LANG21[51]); $sp_template->set_var('lang_centerblock_desc', $LANG21[52]); $sp_template->set_var('centerblock_help', $A['sp_help']); $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']); if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) { $sp_template->set_var('centerblock_checked', 'checked="checked"'); } else { $sp_template->set_var('centerblock_checked', ''); } $sp_template->set_var('lang_position', $LANG_STATIC['position']); $position = '<select name="sp_where">'; $position .= '<option value="1"'; if ($A['sp_where'] == 1) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_top'] . '</option>'; $position .= '<option value="2"'; if ($A['sp_where'] == 2) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_feat'] . '</option>'; $position .= '<option value="3"'; if ($A['sp_where'] == 3) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>'; $position .= '<option value="0"'; if ($A['sp_where'] == 0) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_entire'] . '</option>'; $position .= '</select>'; $sp_template->set_var('pos_selection', $position); if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) { if (!isset($A['sp_php'])) { $A['sp_php'] = 0; } $selection = '<select name="sp_php">' . LB; $selection .= '<option value="0"'; if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB; $selection .= '<option value="1"'; if ($A['sp_php'] == 1) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB; $selection .= '<option value="2"'; if ($A['sp_php'] == 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB; $selection .= '</select>'; $sp_template->set_var('php_selector', $selection); $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']); } else { $sp_template->set_var('php_selector', ''); $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']); } $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']); // old variables (for the 1.3-type checkbox) $sp_template->set_var('php_checked', ''); $sp_template->set_var('php_type', 'hidden'); if (isset($A['sp_nf']) && $A['sp_nf'] == 1) { $sp_template->set_var('exit_checked', 'checked="checked"'); } else { $sp_template->set_var('exit_checked', ''); } $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']); $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']); if ($A['sp_inblock'] == 1) { $sp_template->set_var('inblock_checked', 'checked="checked"'); } else { $sp_template->set_var('inblock_checked', ''); } $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']); $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']); if ($A['draft_flag'] == 1) { $sp_template->set_var('draft_flag_checked', 'checked="checked"'); } else { $sp_template->set_var('draft_flag_checked', ''); } $sp_template->set_var('lang_draft', $LANG_STATIC['draft']); $sp_template->set_var('lang_cache_time', $LANG_STATIC['cache_time']); $sp_template->set_var('lang_cache_time_desc', $LANG_STATIC['cache_time_desc']); $sp_template->set_var('cache_time', $A['cache_time']); $curtime = COM_getUserDateTimeFormat($A['unixdate']); $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']); $sp_template->set_var('sp_formateddate', $curtime[0]); $sp_template->set_var('sp_date', $curtime[1]); $sp_template->set_var('lang_title', $LANG_STATIC['title']); $sp_template->set_var('lang_page_title', $LANG_STATIC['page_title']); $title = ''; $page_title = ''; if (isset($A['sp_title'])) { $title = htmlspecialchars(stripslashes($A['sp_title'])); } if (isset($A['sp_page_title'])) { $page_title = htmlspecialchars(stripslashes($A['sp_page_title'])); } $sp_template->set_var('sp_title', $title); $sp_template->set_var('sp_page_title', $page_title); $sp_template->set_var('lang_topic', $LANG_STATIC['topic']); if ($mode != 'clone') { // want to use default topic selection if new staticpage so pass in blank id $topic_sp_id = $A['sp_id']; if (empty($sp_id) && $mode == 'edit') { // means new $topic_sp_id = ''; } $sp_template->set_var('topic_selection', TOPIC_getTopicSelectionControl('staticpages', $topic_sp_id, true, false, true)); } else { $sp_template->set_var('topic_selection', TOPIC_getTopicSelectionControl('staticpages', $A['clone_sp_id'], true, false, true)); } $sp_template->set_var('lang_metadescription', $LANG_ADMIN['meta_description']); $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']); if (!empty($A['meta_description'])) { $sp_template->set_var('meta_description', $A['meta_description']); } if (!empty($A['meta_keywords'])) { $sp_template->set_var('meta_keywords', $A['meta_keywords']); } if ($_CONF['meta_tags'] > 0 && $_SP_CONF['meta_tags'] > 0) { $sp_template->set_var('hide_meta', ''); } else { $sp_template->set_var('hide_meta', ' style="display:none;"'); } if ($A['template_flag'] == 1) { $sp_template->set_var('template_flag_checked', 'checked="checked"'); } else { $sp_template->set_var('template_flag_checked', ''); } $sp_template->set_var('lang_template', $LANG_STATIC['template']); $sp_template->set_var('lang_template_flag_msg', $LANG_STATIC['template_msg']); $template_list = templatelist($A['template_id']); $template_none = '<option value=""'; if ($A['template_id'] == "") { $template_none .= ' selected="selected"'; } $template_none .= '>' . $LANG_STATIC['none'] . '</option>'; $sp_template->set_var('use_template_selection', '<select name="template_id">' . $template_none . $template_list . '</select>'); $sp_template->set_var('lang_use_template', $LANG_STATIC['use_template']); $sp_template->set_var('lang_use_template_msg', $LANG_STATIC['use_template_msg']); $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']); if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) { $sp_template->set_var('onmenu_checked', 'checked="checked"'); } else { $sp_template->set_var('onmenu_checked', ''); } $sp_template->set_var('lang_label', $LANG_STATIC['label']); if (isset($A['sp_label'])) { $sp_template->set_var('sp_label', $A['sp_label']); } else { $sp_template->set_var('sp_label', ''); } $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']); $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']); $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']); $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']); $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']); if (!isset($A['sp_format'])) { $A['sp_format'] = ''; } if ($A['sp_format'] == 'noblocks') { $sp_template->set_var('noblock_selected', 'selected="selected"'); } else { $sp_template->set_var('noblock_selected', ''); } if ($A['sp_format'] == 'leftblocks') { $sp_template->set_var('leftblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('leftblocks_selected', ''); } if ($A['sp_format'] == 'blankpage') { $sp_template->set_var('blankpage_selected', 'selected="selected"'); } else { $sp_template->set_var('blankpage_selected', ''); } if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) { $sp_template->set_var('allblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('allblocks_selected', ''); } $sp_template->set_var('lang_content', $LANG_STATIC['content']); $content = ''; if (isset($A['sp_content'])) { $content = htmlspecialchars(stripslashes($A['sp_content'])); $content = str_replace(array('{', '}'), array('{', '}'), $content); } $sp_template->set_var('sp_content', $content); $allowed = COM_allowedHTML('staticpages.edit', false, $_SP_CONF['filter_html']) . COM_allowedAutotags(); $sp_template->set_var('lang_allowedhtml', $allowed); $sp_template->set_var('lang_allowed_html', $allowed); $sp_template->set_var('lang_hits', $LANG_STATIC['hits']); if (empty($A['sp_hits'])) { $sp_template->set_var('sp_hits', '0'); $sp_template->set_var('sp_hits_formatted', '0'); } else { $sp_template->set_var('sp_hits', $A['sp_hits']); $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits'])); } $sp_template->set_var('lang_comments', $LANG_STATIC['comments']); if ($A['commentcode'] == -1) { $sp_template->set_var('sp_comments', $LANG_ADMIN['na']); } else { $num_comments = DB_count($_TABLES['comments'], array('sid', 'type'), array(DB_escapeString($A['sp_id']), 'staticpages')); $sp_template->set_var('sp_comments', COM_numberFormat($num_comments)); } $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'))); $sp_template->set_var('gltoken_name', CSRF_TOKEN); $sp_template->set_var('gltoken', $token); $sp_template->parse('output', 'form'); $retval .= $sp_template->finish($sp_template->get_var('output')); return $retval; }
/** * List all backups, i.e. all files ending in .sql * * @return string HTML for the list of files or an error when not writable * */ function DBADMIN_list() { global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG08, $LANG_ADMIN, $LANG_DB_BACKUP; $retval = ''; if (is_writable($_CONF['backup_path'])) { $backups = array(); $fd = opendir($_CONF['backup_path']); $index = 0; while (false !== ($file = @readdir($fd))) { if ($file != '.' && $file != '..' && $file != 'CVS' && preg_match('/\\.sql(\\.gz)?$/i', $file)) { $index++; clearstatcache(); $backups[] = $file; } } usort($backups, 'DBADMIN_compareBackupFiles'); $data_arr = array(); $thisUrl = $_CONF['site_admin_url'] . '/database.php'; $diskIconUrl = $_CONF['layout_url'] . '/images/admin/disk.' . $_IMAGE_TYPE; $attr['title'] = $LANG_DB_BACKUP['download']; $alt = $LANG_DB_BACKUP['download']; $num_backups = count($backups); for ($i = 0; $i < $num_backups; $i++) { $downloadUrl = $thisUrl . '?download=x&file=' . urlencode($backups[$i]); $downloadLink = COM_createLink(COM_createImage($diskIconUrl, $alt, $attr), $downloadUrl, $attr); $downloadLink .= ' '; $attr['style'] = 'vertical-align:top;'; $downloadLink .= COM_createLink($backups[$i], $downloadUrl, $attr); $backupfile = $_CONF['backup_path'] . $backups[$i]; $backupfilesize = COM_numberFormat(filesize($backupfile)) . ' <b>' . $LANG_DB_BACKUP['bytes'] . '</b>'; $data_arr[$i] = array('file' => $downloadLink, 'size' => $backupfilesize, 'filename' => $backups[$i]); } $token = SEC_createToken(); $menu_arr = array(); $allInnoDB = DBADMIN_innodbStatus(); $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?backupdb=x', 'text' => $LANG_DB_BACKUP['create_backup']); $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?optimize=x', 'text' => $LANG_DB_BACKUP['optimize_menu']); if (!$allInnoDB && DBADMIN_supported_engine('InnoDB')) { $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?innodb=x', 'text' => $LANG_DB_BACKUP['convert_menu']); } if ($allInnoDB && DBADMIN_supported_engine('MyISAM')) { $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?myisam=x', 'text' => $LANG_DB_BACKUP['convert_myisam_menu']); } $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?config=x', 'text' => $LANG_DB_BACKUP['configure']); $menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']); $retval .= COM_startBlock($LANG_DB_BACKUP['database_admin'], '', COM_getBlockTemplate('_admin_block', 'header')); $retval .= ADMIN_createMenu($menu_arr, "<p>{$LANG_DB_BACKUP['db_explanation']}</p>" . '<p>' . sprintf($LANG_DB_BACKUP['total_number'], $index) . '</p>', $_CONF['layout_url'] . '/images/icons/database.' . $_IMAGE_TYPE); $header_arr = array(array('text' => $LANG_DB_BACKUP['backup_file'], 'field' => 'file'), array('text' => $LANG_DB_BACKUP['size'], 'field' => 'size')); $text_arr = array('form_url' => $thisUrl); $form_arr = array('bottom' => '', 'top' => ''); if ($num_backups > 0) { $form_arr['bottom'] = '<input type="hidden" name="delete" value="x">' . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '">' . LB; } $options = array('chkdelete' => true, 'chkminimum' => 0, 'chkfield' => 'filename'); $retval .= ADMIN_simpleList('', $header_arr, $text_arr, $data_arr, $options, $form_arr); $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); } else { $retval .= COM_startBlock($LANG08[06], '', COM_getBlockTemplate('_msg_block', 'header')); $retval .= $LANG_DB_BACKUP['no_access']; COM_errorLog($_CONF['backup_path'] . ' is not writable.', 1); $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); } return $retval; }
/** * Shows who is online in slick little block * @return string HTML string of online users seperated by line breaks. */ function phpblock_whosonline() { global $_CONF, $_TABLES, $LANG01, $_IMAGE_TYPE; $retval = ''; $expire_time = time() - $_CONF['whosonline_threshold']; $byname = 'username'; if ($_CONF['show_fullname'] == 1) { $byname .= ',fullname'; } if ($_CONF['user_login_method']['openid'] || $_CONF['user_login_method']['3rdparty']) { $byname .= ',remoteusername,remoteservice'; } $result = DB_query("SELECT DISTINCT {$_TABLES['sessions']}.uid,{$byname},photo,showonline FROM {$_TABLES['sessions']},{$_TABLES['users']},{$_TABLES['userprefs']} WHERE {$_TABLES['users']}.uid = {$_TABLES['sessions']}.uid AND {$_TABLES['users']}.uid = {$_TABLES['userprefs']}.uid AND start_time >= {$expire_time} AND {$_TABLES['sessions']}.uid <> 1 ORDER BY {$byname}"); $nrows = DB_numRows($result); $num_anon = 0; $num_reg = 0; for ($i = 0; $i < $nrows; $i++) { $A = DB_fetchArray($result); if ($A['showonline'] == 1) { $fullname = ''; if ($_CONF['show_fullname'] == 1) { $fullname = $A['fullname']; } if ($_CONF['user_login_method']['openid'] || $_CONF['user_login_method']['3rdparty']) { $username = COM_getDisplayName($A['uid'], $A['username'], $fullname, $A['remoteusername'], $A['remoteservice']); } else { $username = COM_getDisplayName($A['uid'], $A['username'], $fullname); } $url = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid']; $retval .= COM_createLink($username, $url); if (!empty($A['photo']) and $_CONF['allow_user_photo'] == 1) { if ($_CONF['whosonline_photo'] == true) { $usrimg = '<img src="' . $_CONF['site_url'] . '/images/userphotos/' . $A['photo'] . '" alt="" height="30" width="30"' . XHTML . '>'; } else { $usrimg = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>'; } $retval .= ' ' . COM_createLink($usrimg, $url); } $retval .= '<br' . XHTML . '>'; $num_reg++; } else { // this user does not want to show up in Who's Online $num_anon++; // count as anonymous } } $num_anon += DB_count($_TABLES['sessions'], 'uid', 1); if ($_CONF['whosonline_anonymous'] == 1 && COM_isAnonUser()) { // note that we're overwriting the contents of $retval here if ($num_reg > 0) { $retval = $LANG01[112] . ': ' . COM_numberFormat($num_reg) . '<br' . XHTML . '>'; } else { $retval = ''; } } if ($num_anon > 0) { $retval .= $LANG01[41] . ': ' . COM_numberFormat($num_anon) . '<br' . XHTML . '>'; } return $retval; }
/** * View the cart. * This function shows the shopping cart, either with the quantity fields * and option to update, or with the checkout buttons depending on the * value of $checkout. * * @uses getCheckoutButtons() * @param boolean $checkout True to indicate this is the final checkout * @return string HTML for the "view cart" form */ public function View($checkout = false) { global $_CONF, $_PP_CONF, $_USER, $LANG_PP, $_TABLES, $_SYSTEM; USES_paypal_class_product(); USES_paypal_class_currency(); $currency = new ppCurrency(); $T = new Template(PAYPAL_PI_PATH . '/templates'); $tpltype = $_SYSTEM['framework'] == 'uikit' ? '.uikit' : ''; $T->set_file('cart', $checkout ? "order{$tpltype}.thtml" : "viewcart{$tpltype}.thtml"); if (!isset($this->m_cart) || empty($this->m_cart)) { return $LANG_PP['cart_empty']; } if ($checkout) { foreach ($_PP_CONF['workflows'] as $key => $value) { $T->set_var('have_' . $value, 'true'); foreach ($this->_addr_fields as $fldname) { $T->set_var($value . '_' . $fldname, $this->m_info[$value][$fldname]); } } $T->set_var('not_final', 'true'); } $T->set_block('order', 'ItemRow', 'iRow'); // Get the workflows so we show the relevant info. if (!isset($_PP_CONF['workflows']) || !is_array($_PP_CONF['workflows'])) { USES_paypal_class_workflow(); ppWorkflow::Load(); } $T->set_block('cart', 'ItemRow', 'iRow'); $counter = 0; $subtotal = 0; $shipping = 0; foreach ($this->m_cart as $id => $item) { $counter++; $attr_desc = ''; list($item_id, $attr_keys) = PAYPAL_explode_opts($item['item_id']); if (is_numeric($item_id)) { // a catalog item, get the "right" price $P = new Product($item_id); $item_price = $P->getPrice($attr_keys, $item['quantity']); if (!empty($attr_keys)) { foreach ($attr_keys as $attr_key) { if (!isset($P->options[$attr_key])) { continue; } // invalid? //$attr_price = (float)$P->options[$attr_key]['attr_price']; $attr_name = $P->options[$attr_key]['attr_name']; $attr_value = $P->options[$attr_key]['attr_value']; $attr_desc .= "<br /> -- {$attr_name}: {$attr_value}"; /*if ($attr_price != 0) { $item_price += $attr_price; }*/ } } $text_names = explode('|', $P->custom); if (!empty($text_names) && is_array($item['extras']['custom'])) { foreach ($item['extras']['custom'] as $tid => $val) { $attr_desc .= '<br /> -- ' . htmlspecialchars($text_names[$tid]) . ': ' . htmlspecialchars($val); } } $item['descrip'] .= $attr_desc; // Get shipping amount and weight if ($P->shipping_type == 2 && $P->shipping_amt > 0) { // fixed shipping amount per item. Update actual cart $this->m_cart[$id]['shipping'] = $P->shipping_amt * $item['quantity']; $shipping += $this->m_cart[$id]['shipping']; // for display } elseif ($P->shipping_type == 1 && $P->weight > 0) { // using gateway profile, save the item's weight in the cart $this->m_cart[$id]['weight'] = $P->weight * $item['quantity']; } $this->m_cart[$id]['taxable'] = $P->taxable ? 'Y' : 'N'; $this->m_cart[$id]['type'] = $P->prod_type; } else { // A plugin item, it's not something we can look up $item_price = (double) $item['price']; if (isset($item['extras']['shipping'])) { $shipping += (double) $item['extras']['shipping']; $this->m_cart[$id]['shipping'] = $item['extras']['shipping']; } } $item_total = $item_price * $item['quantity']; $T->set_var(array('cart_item_id' => $id, 'pi_url' => PAYPAL_URL, 'cart_id' => $item['item_id'], 'pp_id' => $counter, 'item_id' => $item_id, 'item_descrip' => $item['descrip'], 'item_price' => COM_numberFormat($item_price, 2), 'item_quantity' => $item['quantity'], 'item_total' => COM_numberFormat($item_total, 2), 'item_link' => is_numeric($item_id) ? 'true' : '')); $T->parse('iRow', 'ItemRow', true); $subtotal += $item_total; } $custom_info = array('uid' => $_USER['uid'], 'transtype' => 'cart_upload', 'cart_id' => $this->cartID()); $total = $subtotal + $shipping; // A little hack to show only the total if there are no other // charges //if ($total == $subtotal) $subtotal = 0; // Format the TOC link, if any if (!empty($_PP_CONF['tc_link'])) { $tc_link = str_replace('{site_url}', $_CONF['site_url'], $_PP_CONF['tc_link']); } else { $tc_link = ''; } $T->set_var(array('paypal_url' => $_PP_CONF['paypal_url'], 'receiver_email' => $_PP_CONF['receiver_email'][0], 'custom' => serialize($custom_info), 'shipping' => $shipping > 0 ? $currency->Format($shipping) : '', 'subtotal' => $subtotal > 0 ? $currency->Format($subtotal) : '', 'total' => $currency->Format($total), 'order_instr' => htmlspecialchars($this->getInstructions()), 'tc_link' => $tc_link)); // If this is the final checkout, then show the payment buttons if ($checkout) { $T->set_var(array('gateway_vars' => $this->getCheckoutButtons(), 'checkout' => 'true')); } $T->parse('output', 'cart'); $form = $T->finish($T->get_var('output')); return $form; }
/** * used for the list of topics in admin/topic.php * * @param string $fieldName * @param string $fieldValue * @param array $A * @param array $icon_arr * @param string $token * @return string */ function ADMIN_getListField_topics($fieldName, $fieldValue, $A, $icon_arr, $token) { global $_CONF, $LANG_ACCESS, $_TABLES, $LANG27, $LANG32; $retval = false; $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); switch ($fieldName) { case 'edit': if ($access == 3) { $editUrl = $_CONF['site_admin_url'] . '/topic.php?mode=edit&tid=' . $A['tid']; $retval = COM_createLink($icon_arr['edit'], $editUrl); } break; case 'sortnum': if ($_CONF['sortmethod'] === 'sortnum') { $style = 'style="vertical-align: middle;"'; $upImage = $_CONF['layout_url'] . '/images/admin/up.png'; $downImage = $_CONF['layout_url'] . '/images/admin/down.png'; $url = $_CONF['site_admin_url'] . '/topic.php?mode=change_sortnum' . '&tid=' . $A['tid'] . '&' . CSRF_TOKEN . '=' . $token . '&where='; $retval .= COM_createLink("<img {$style} alt=\"+\" src=\"{$upImage}\"" . XHTML . ">", $url . 'up', array('title' => $LANG32[44])); $retval .= ' ' . $fieldValue . ' '; $retval .= COM_createLink("<img {$style} alt=\"-\" src=\"{$downImage}\"" . XHTML . ">", $url . 'dn', array('title' => $LANG32[45])); } else { $retval = $fieldValue; } break; case 'image': $retval = ''; if (!empty($A['imageurl'])) { $imageUrl = COM_getTopicImageUrl($A['imageurl']); $image_tag = '<img src="' . $imageUrl . '" width="24" height="24" id="topic-' . $A['tid'] . '" class="admin-topic-image" alt=""' . XHTML . '>'; $url = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $A['tid']); $retval = COM_createLink($image_tag, $url); } break; case 'topic': $default = $A['is_default'] == 1 ? $LANG27[24] : ''; $level = -1; $tid = $A['tid']; while ($tid !== TOPIC_ROOT) { $tid = DB_getItem($_TABLES['topics'], 'parent_id', "tid = '{$tid}'"); $level++; } $level *= 15; $content = '<span style="margin-left:' . $level . 'px">' . $fieldValue . '</span>'; $url = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $A['tid']); $retval = COM_createLink($content, $url) . $default; break; case 'access': $retval = $LANG_ACCESS['readonly']; if ($access == 3) { $retval = $LANG_ACCESS['edit']; } break; case 'inherit': case 'hidden': $yes = empty($LANG27[50]) ? 'Yes' : $LANG27[50]; $no = empty($LANG27[50]) ? 'No' : $LANG27[51]; $retval = $fieldValue == 1 ? $yes : $no; break; case 'story': // Retrieve list of inherited topics $tid_list = TOPIC_getChildList($A['tid']); // Calculate number of stories in topic, includes any inherited ones $sql = "SELECT sid FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta " . "WHERE (draft_flag = 0) AND (date <= NOW()) " . COM_getPermSQL('AND') . "AND ta.type = 'article' AND ta.id = sid " . "AND (ta.tid IN({$tid_list}) " . "AND (ta.inherit = 1 OR (ta.inherit = 0 AND ta.tid = '{$A['tid']}'))) " . "GROUP BY sid"; $result = DB_query($sql); $numRows = DB_numRows($result); $retval = COM_numberFormat($numRows); break; default: $retval = $fieldValue; break; } return $retval; }
/** * Shows a profile for a user * * This grabs the user profile for a given user and displays it * * @return string HTML for user profile page * */ function userprofile() { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN; // @param int $user User ID of profile to get // @param int $msg Message to display (if != 0) // @param string $plugin optional plugin name for message $retval = ''; if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) { $retval .= SEC_loginRequiredForm(); return $retval; } if (isset($_GET['uid'])) { $user = COM_applyFilter($_GET['uid'], true); if (!is_numeric($user) || $user < 2) { echo COM_refresh($_CONF['site_url'] . '/index.php'); } } else { if (isset($_GET['username'])) { $username = $_GET['username']; if (!USER_validateUsername($username, 1)) { echo COM_refresh($_CONF['site_url'] . '/index.php'); } if (empty($username) || $username == '') { echo COM_refresh($_CONF['site_url'] . '/index.php'); } $username = DB_escapeString($username); $user = DB_getItem($_TABLES['users'], 'uid', "username = '******'"); if ($user < 2) { echo COM_refresh($_CONF['site_url'] . '/index.php'); } } else { echo COM_refresh($_CONF['site_url'] . '/index.php'); } } $msg = 0; if (isset($_GET['msg'])) { $msg = COM_applyFilter($_GET['msg'], true); } $plugin = ''; if ($msg > 0 && isset($_GET['plugin'])) { $plugin = COM_applyFilter($_GET['plugin']); } $result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,lastlogin,homepage,about,location,pgpkey,photo,email,status,emailfromadmin,emailfromuser,showonline FROM {$_TABLES['userinfo']},{$_TABLES['userprefs']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['userinfo']}.uid = {$_TABLES['userprefs']}.uid AND {$_TABLES['users']}.uid = " . (int) $user); $nrows = DB_numRows($result); if ($nrows == 0) { // no such user echo COM_refresh($_CONF['site_url'] . '/index.php'); } $A = DB_fetchArray($result); if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights('user.edit')) { COM_displayMessageAndAbort(30, '', 403, 'Forbidden'); } $display_name = @htmlspecialchars(COM_getDisplayName($user, $A['username'], $A['fullname']), ENT_COMPAT, COM_getEncodingt()); if ($msg > 0) { $retval .= COM_showMessage($msg, $plugin, '', 0, 'info'); } // format date/time to user preference $curtime = COM_getUserDateTimeFormat($A['regdate']); $A['regdate'] = $curtime[0]; $user_templates = new Template($_CONF['path_layout'] . 'users'); $user_templates->set_file(array('profile' => 'profile.thtml', 'email' => 'email.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml')); $user_templates->set_var('layout_url', $_CONF['layout_url']); $user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name)); $user_templates->set_var('end_block', COM_endBlock()); $user_templates->set_var('lang_username', $LANG04[2]); $user_templates->set_var('tooltip', COM_getTooltipStyle()); if ($_CONF['show_fullname'] == 1) { if (empty($A['fullname'])) { $username = $A['username']; $fullname = ''; } else { $username = $A['fullname']; $fullname = $A['username']; } } else { $username = $A['username']; $fullname = ''; } $username = @htmlspecialchars($username, ENT_COMPAT, COM_getEncodingt()); $fullname = @htmlspecialchars($fullname, ENT_COMPAT, COM_getEncodingt()); if ($A['status'] == USER_ACCOUNT_DISABLED) { $username = sprintf('%s - %s', $username, $LANG28[42]); if (!empty($fullname)) { $fullname = sprintf('% - %s', $fullname, $LANG28[42]); } } $user_templates->set_var('username', $username); $user_templates->set_var('user_fullname', $fullname); if (SEC_hasRights('user.edit') || isset($_USER['uid']) && $_USER['uid'] == $A['uid']) { global $_IMAGE_TYPE, $LANG_ADMIN; $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '" />'; if ($_USER['uid'] == $A['uid']) { $edit_url = "{$_CONF['site_url']}/usersettings.php"; } else { $edit_url = "{$_CONF['site_admin_url']}/user.php?edit=x&uid={$A['uid']}"; } $edit_link_url = COM_createLink($edit_icon, $edit_url); $user_templates->set_var('edit_icon', $edit_icon); $user_templates->set_var('edit_link', $edit_link_url); $user_templates->set_var('user_edit', $edit_url); } else { $user_templates->set_var('user_edit', ''); } if (isset($A['photo']) && empty($A['photo'])) { $A['photo'] = '(none)'; // user does not have a photo } $lastlogin = $A['lastlogin']; $lasttime = COM_getUserDateTimeFormat($lastlogin); $photo = USER_getPhoto($user, $A['photo'], $A['email'], -1, 0); $user_templates->set_var('user_photo', $photo); $user_templates->set_var('lang_membersince', $LANG04[67]); $user_templates->set_var('user_regdate', $A['regdate']); if ($_CONF['lastlogin'] && $A['showonline']) { $user_templates->set_var('lang_lastlogin', $LANG28[35]); if (!empty($lastlogin)) { $user_templates->set_var('user_lastlogin', $lasttime[0]); } else { $user_templates->set_var('user_lastlogin', $LANG28[36]); } } if ($A['showonline']) { if (DB_count($_TABLES['sessions'], 'uid', (int) $user)) { $user_templates->set_var('online', 'online'); } } $user_templates->set_var('lang_email', $LANG04[5]); $user_templates->set_var('user_id', $user); if ($A['email'] == '' || $A['emailfromuser'] == 0) { $user_templates->set_var('email_option', ''); } else { $user_templates->set_var('lang_sendemail', $LANG04[81]); $user_templates->parse('email_option', 'email', true); } $user_templates->set_var('lang_homepage', $LANG04[6]); $user_templates->set_var('user_homepage', COM_killJS($A['homepage'])); $user_templates->set_var('lang_location', $LANG04[106]); $user_templates->set_var('user_location', strip_tags($A['location'])); $user_templates->set_var('lang_online', $LANG04[160]); $user_templates->set_var('lang_bio', $LANG04[7]); $user_templates->set_var('user_bio', nl2br($A['about'])); $user_templates->set_var('follow_me', SOC_getFollowMeIcons($user, 'follow_user_profile.thtml')); $user_templates->set_var('lang_pgpkey', $LANG04[8]); $user_templates->set_var('user_pgp', nl2br($A['pgpkey'])); $user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name)); if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') { $user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name)); } $user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name)); $user_templates->set_var('lang_title', $LANG09[16]); $user_templates->set_var('lang_date', $LANG09[17]); // for alternative layouts: use these as headlines instead of block titles $user_templates->set_var('headline_last10stories', $LANG04[82] . ' ' . $display_name); if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') { $user_templates->set_var('headline_last10comments', $LANG04[10] . ' ' . $display_name); } $user_templates->set_var('headline_postingstats', $LANG04[83] . ' ' . $display_name); $result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL()); $nrows = DB_numRows($result); $tids = array(); for ($i = 0; $i < $nrows; $i++) { $T = DB_fetchArray($result); $tids[] = $T['tid']; } $topics = "'" . implode("','", $tids) . "'"; // list of last 10 stories by this user if (sizeof($tids) > 0) { $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = '" . (int) $user . "') AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND'); $sql .= " ORDER BY unixdate DESC LIMIT 10"; $result = DB_query($sql); $nrows = DB_numRows($result); } else { $nrows = 0; } if ($nrows > 0) { for ($i = 0; $i < $nrows; $i++) { $C = DB_fetchArray($result); $user_templates->set_var('cssid', $i % 2 + 1); $user_templates->set_var('row_number', $i + 1 . '.'); $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']); $user_templates->set_var('article_url', $articleUrl); $C['title'] = str_replace('$', '$', $C['title']); $user_templates->set_var('story_title', COM_createLink($C['title'], $articleUrl, array('class' => ''))); $storytime = COM_getUserDateTimeFormat($C['unixdate']); $user_templates->set_var('story_date', $storytime[0]); $user_templates->parse('story_row', 'strow', true); } } else { $user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>'); } if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') { // list of last 10 comments by this user $sidArray = array(); if (sizeof($tids) > 0) { // first, get a list of all stories the current visitor has access to $sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND'); $result = DB_query($sql); $numsids = DB_numRows($result); for ($i = 1; $i <= $numsids; $i++) { $S = DB_fetchArray($result); $sidArray[] = $S['sid']; } } $sidList = implode("', '", $sidArray); $sidList = "'{$sidList}'"; // then, find all comments by the user in those stories $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = '" . (int) $user . "') GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)"; // SQL NOTE: Using a HAVING clause is usually faster than a where if the // field is part of the select // if (!empty ($sidList)) { // $sql .= " AND (sid in ($sidList))"; // } if (!empty($sidList)) { $sql .= " HAVING sid in ({$sidList})"; } $sql .= " ORDER BY unixdate DESC LIMIT 10"; $result = DB_query($sql); $nrows = DB_numRows($result); if ($nrows > 0) { for ($i = 0; $i < $nrows; $i++) { $C = DB_fetchArray($result); $user_templates->set_var('cssid', $i % 2 + 1); $user_templates->set_var('row_number', $i + 1 . '.'); $C['title'] = str_replace('$', '$', $C['title']); $comment_url = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $C['cid']; $user_templates->set_var('comment_title', COM_createLink($C['title'], $comment_url, array('class' => ''))); $commenttime = COM_getUserDateTimeFormat($C['unixdate']); $user_templates->set_var('comment_date', $commenttime[0]); $user_templates->parse('comment_row', 'row', true); } } else { $user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>'); } } // posting stats for this user $user_templates->set_var('lang_number_stories', $LANG04[84]); $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = " . (int) $user . ") AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND'); $result = DB_query($sql); $N = DB_fetchArray($result); $user_templates->set_var('number_stories', COM_numberFormat($N['count'])); if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') { $user_templates->set_var('lang_number_comments', $LANG04[85]); $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = " . (int) $user . ")"; if (!empty($sidList)) { $sql .= " AND (sid in ({$sidList}))"; } $result = DB_query($sql); $N = DB_fetchArray($result); $user_templates->set_var('number_comments', COM_numberFormat($N['count'])); $user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name); } // hook to the profile icon display $profileIcons = PLG_profileIconDisplay($user); if (is_array($profileIcons) && count($profileIcons) > 0) { $user_templates->set_block('profile', 'profileicon', 'pi'); for ($x = 0; $x < count($profileIcons); $x++) { if (isset($profileIcons[$x]['url']) && $profileIcons[$x]['url'] != '' && isset($profileIcons[$x]['icon']) && $profileIcons[$x]['icon'] != '') { $user_templates->set_var('profile_icon_url', $profileIcons[$x]['url']); $user_templates->set_var('profile_icon_icon', $profileIcons[$x]['icon']); $user_templates->set_var('profile_icon_text', $profileIcons[$x]['text']); $user_templates->parse('pi', 'profileicon', true); } } } // Call custom registration function if enabled and exists if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) { $user_templates->set_var('customfields', CUSTOM_userDisplay($user)); } PLG_profileVariablesDisplay($user, $user_templates); $user_templates->parse('output', 'profile'); $retval .= $user_templates->finish($user_templates->get_var('output')); $retval .= PLG_profileBlocksDisplay($user); return $retval; }
/** * View the current order summary * * @param boolean $final Indicates that this order is final. * @param string $tpl "print" for a printable template * @return string HTML for order view */ public function View($final = false, $tpl = '') { global $_PP_CONF, $_USER, $LANG_PP, $LANG_ADMIN, $_TABLES, $_CONF, $_SYSTEM; USES_paypal_class_product(); // canView should be handled by the caller if (!$this->canView()) { return ''; } $T = new Template(PAYPAL_PI_PATH . '/templates'); if ($tpl == 'print') { $tpltype = '.print'; } else { $tpltype = $_SYSTEM['framework'] == 'uikit' ? '.uikit' : ''; } $T->set_file('order', "order{$tpltype}.thtml"); $isAdmin = SEC_hasRights('paypal.admin') ? true : false; foreach ($this->_addr_fields as $fldname) { $T->set_var($fldname, $this->{$fldname}); } $T->set_block('order', 'ItemRow', 'iRow'); // Get the workflows so we sho the relevant info. if (!isset($_PP_CONF['workflows']) || !is_array($_PP_CONF['workflows'])) { USES_paypal_class_workflow(); ppWorkflow::Load(); } foreach ($_PP_CONF['workflows'] as $key => $value) { $T->set_var('have_' . $value, 'true'); } $this->no_shipping = 1; // no shipping unless physical item ordered $subtotal = 0; foreach ($this->items as $key => $item) { $P = new Product($item['product_id']); $item_options = ''; $opt = json_decode($item['options_text'], true); if ($opt) { foreach ($opt as $opt_str) { $item_options .= " -- {$opt_str}<br />\n"; } } $item_total = $item['price'] * $item['quantity']; $subtotal += $item_total; $T->set_var(array('item_id' => htmlspecialchars($item['product_id']), 'item_descrip' => htmlspecialchars($item['description']), 'item_price' => COM_numberFormat($item['price'], 2), 'item_quantity' => (int) $item['quantity'], 'item_total' => COM_numberFormat($item_total, 2), 'item_options' => $item_options, 'is_admin' => $isAdmin ? 'true' : '', 'is_file' => $P->file != '' ? 'true' : '')); $T->parse('iRow', 'ItemRow', true); if ($item['data']['prod_type'] == PP_PROD_PHYSICAL) { $this->no_shipping = 0; } } $dt = new Date($this->order_date, $_CONF['timezone']); $total = $subtotal + $this->shipping + $this->handling + $this->tax; $T->set_var(array('pi_url' => PAYPAL_URL, 'is_admin' => $isAdmin ? 'true' : '', 'pi_admin_url' => PAYPAL_ADMIN_URL, 'total' => sprintf('%6.2f', $total), 'not_final' => $final ? '' : 'true', 'order_date' => $dt->format($_PP_CONF['datetime_fmt'], true), 'order_date_tip' => $dt->format($_PP_CONF['datetime_fmt'], false), 'order_number' => $this->order_id, 'shipping' => COM_numberFormat($this->shipping, 2), 'handling' => COM_numberFormat($this->handling, 2), 'tax' => COM_numberFormat($this->tax, 2), 'subtotal' => COM_numberFormat($subtotal, 2), 'have_billto' => 'true', 'have_shipto' => 'true', 'order_instr' => htmlspecialchars($this->instructions), 'shop_name' => $_PP_CONF['shop_name'], 'shop_addr' => $_PP_CONF['shop_addr'])); if ($isAdmin) { USES_paypal_class_orderstatus(); $T->set_var(array('purch_name' => COM_getDisplayName($this->uid), 'purch_uid' => $this->uid, 'stat_update' => ppOrderStatus::Selection($this->order_id, 1, $this->status), 'status' => $this->status)); $sql = "SELECT * FROM {$_TABLES['paypal.order_log']} WHERE order_id = '" . DB_escapeString($this->order_id) . "'"; $res = DB_query($sql); $T->set_block('order', 'LogMessages', 'Log'); while ($L = DB_fetchArray($res, false)) { $dt->setTimestamp(strtotime($L['ts'])); $T->set_var(array('log_username' => $L['username'], 'log_msg' => $L['message'], 'log_ts' => $dt->format($_PP_CONF['datetime_fmt'], true), 'log_ts_tip' => $dt->format($_PP_CONF['datetime_fmt'], false))); $T->parse('Log', 'LogMessages', true); } } $status = $this->status; if ($this->pmt_method != '') { //if ($status & PP_STATUS_PAID) { if (USES_paypal_gateway($this->pmt_method)) { $gw = new $this->pmt_method(); $pmt_method = $gw->Description(); } else { $pmt_method = $this->pmt_method; } $T->set_var(array('pmt_method' => $pmt_method, 'pmt_txn_id' => $this->pmt_txn_id)); } $T->parse('output', 'order'); $form = $T->finish($T->get_var('output')); return $form; }
/** * Prepare a banner item for rendering * * @param array $A banner details * @param ref $template reference of the banner template * */ function prepare_banner_item($A, &$template) { global $_CONF, $_USER, $LANG_ADMIN, $LANG_BANNER, $_IMAGE_TYPE, $LANG_DIRECTION; $url = COM_buildUrl($_CONF['site_url'] . '/banner/portal.php?what=banner&item=' . $A['bid']); $template->set_var('banner_url', $url); $template->set_var('banner_actual_url', $A['url']); $template->set_var('banner_actual_url_encoded', urlencode($A['url'])); $template->set_var('banner_name', stripslashes($A['title'])); $template->set_var('banner_name_encoded', urlencode($A['title'])); $template->set_var('banner_hits', COM_numberFormat($A['hits'])); $content = stripslashes($A['title']); $template->set_var('banner_html', $content); if (!COM_isAnonUser() && !SEC_hasRights('banner.edit')) { $reporturl = $_CONF['site_url'] . '/banner/index.php?mode=report&bid=' . $A['bid']; $template->set_var('banner_broken', COM_createLink($LANG_BANNER[117], $reporturl, array('class' => 'pluginSmallText', 'rel' => 'nofollow'))); } else { $template->set_var('banner_broken', ''); } $bannerimg = nl2br(stripslashes($A['description'])); $flg_link = empty($A['url']) ? false : true; $banner = banner_buildBanner($A['bid'], $content, $bannerimg, $flg_link); $template->set_var('banner_description', $banner); if (SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 && SEC_hasRights('banner.edit')) { $editurl = $_CONF['site_admin_url'] . '/plugins/banner/index.php?mode=edit&bid=' . $A['bid']; $template->set_var('banner_edit', COM_createLink($LANG_ADMIN['edit'], $editurl)); $edit_icon = "<img src=\"{$_CONF['layout_url']}/images/edit.{$_IMAGE_TYPE}\" " . "alt=\"{$LANG_ADMIN['edit']}\" title=\"{$LANG_ADMIN['edit']}\"" . XHTML . ">"; $attr = array('class' => 'editlink'); $template->set_var('edit_icon', COM_createLink($edit_icon, $editurl, $attr)); } else { $template->set_var('banner_edit', ''); $template->set_var('edit_icon', ''); } }
function showSelectTree($depth) { global $_CONF, $MG_albums, $level, $counter; $z = 1; $retval = ''; $block = ''; $px = ($level - 1) * 15; if ($this->id != 0 && $this->access > 0) { if ($level == 1 && $depth != 1) { // our first one... $retval .= '<p>'; } if (!empty($this->children)) { $retval .= "<script><!--\n function enableBlock" . $this->id . "() {\n if ( document.galselect.elements['album[" . $this->id . "]'].checked ) {" . LB; if (!empty($this->children)) { $children = $this->getChildren(); foreach ($children as $child) { $retval .= "document.galselect.elements['album[" . $MG_albums[$child]->id . "]'].disabled = true;" . LB; $retval .= "document.galselect.elements['album[" . $MG_albums[$child]->id . "]'].checked = true;" . LB; } } $retval .= LB . "} else {" . LB; if (!empty($this->children)) { $children = $this->getChildren(); foreach ($children as $child) { $retval .= "document.galselect.elements['album[" . $MG_albums[$child]->id . "]'].disabled = false;" . LB; $retval .= "document.galselect.elements['album[" . $MG_albums[$child]->id . "]'].checked = false;" . LB; } } $retval .= "}" . LB; if (!empty($this->children)) { $children = $this->getChildren(); foreach ($children as $child) { if (!empty($MG_albums[$child]->children)) { $retval .= 'enableBlock' . $MG_albums[$child]->id . '();' . LB; } } } $retval .= LB . " }" . LB . "// -->" . LB . "</script>"; $block = $this->id; $block = 'onclick="enableBlock' . $this->id . '()" onchange="enableBlock' . $this->id . '()"'; if ($this->parent != 0) { $block .= ''; } // $block .= ' disabled="enabled" '; } else { if ($this->parent != 0) { $block = ''; } // $block = 'disabled="enabled"'; } if ($depth == 0) { $retval .= "<div style=\"margin-left:" . $px . "px;\">" . '<input type="checkbox" name="album[' . $this->id . ']" id="album[' . $this->id . ']" value="1" ' . $block . '> ' . strip_tags($this->title) . ' (' . COM_numberFormat($this->album_disk_usage / 1024) . ' Kb)</div>' . LB; } else { if ($level <= $depth) { $retval .= "<div style=\"margin-left:" . $px . "px;\">" . '<a href="' . $_CONF['site_url'] . '/mediagallery/album.php?aid=' . $this->id . '&page=1">' . strip_tags($this->title) . '</a> (' . COM_numberFormat($this->album_disk_usage / 1024) . ' Kb)</div>'; } } } else { if ($this->id == 0) { $retval .= '<br>'; } } $counter++; if (!empty($this->children)) { $children = $this->getChildren(); foreach ($children as $child) { $level++; $retval .= $MG_albums[$child]->showSelectTree($depth); $level--; } } return $retval; }
/** * Show topic administration form * * @param string tid ID of topic to edit * @return string HTML for the topic editor */ function edittopic($tid = '') { global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG04, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS; $retval = ''; if (empty($tid)) { // new topic - set defaults $A = array('tid' => '', 'topic' => '', 'sortnum' => 0, 'parent_id' => TOPIC_ROOT, 'inherit' => 1, 'hidden' => 0, 'limitnews' => '', 'is_default' => 0, 'archive_flag' => 0); } else { $result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'"); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); if ($access == 0 || $access == 2) { $retval .= COM_showMessageText($LANG27[13], $LANG27[12]); COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}."); return $retval; } } $token = SEC_createToken(); $retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header')); $retval .= SEC_getTokenExpiryNotice($token); if (!is_array($A) || empty($A['owner_id'])) { $A['owner_id'] = $_USER['uid']; // this is the one instance where we default the group // most topics should belong to the Topic Admin group if (isset($_GROUPS['Topic Admin'])) { $A['group_id'] = $_GROUPS['Topic Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('topic.edit'); } SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']); $access = 3; } $topic_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/topic'); $topic_templates->set_file('editor', 'topiceditor.thtml'); if (!empty($tid) && SEC_hasRights('topic.edit')) { $delButton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsConfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $topic_templates->set_var('delete_option', sprintf($delButton, $jsConfirm)); $topic_templates->set_var('delete_option_no_confirmation', sprintf($delButton, '')); $topic_templates->set_var('allow_delete', true); $topic_templates->set_var('lang_delete', $LANG_ADMIN['delete']); $topic_templates->set_var('confirm_message', $MESSAGE[76]); $topic_templates->set_var('warning_msg', $LANG27[6]); } if ($_CONF['titletoid'] && empty($tid)) { $_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js'); $topic_templates->set_var('titletoid', true); } $topic_templates->set_var('lang_topicid', $LANG27[2]); $topic_templates->set_var('topic_id', $A['tid']); $topic_templates->set_var('lang_parent_id', $LANG27[32]); $topic_templates->set_var('parent_id_options', TOPIC_getTopicListSelect($A['parent_id'], 1, false, $A['tid'], true)); $topic_templates->set_var('lang_inherit', $LANG27[33]); $topic_templates->set_var('lang_inherit_info', $LANG27[34]); if ($A['inherit'] == 1) { $topic_templates->set_var('inherit_checked', 'checked="checked"'); } else { $topic_templates->set_var('inherit_checked', ''); } $topic_templates->set_var('lang_hidden', $LANG27[35]); $topic_templates->set_var('lang_hidden_info', $LANG27[36]); if ($A['hidden'] == 1) { $topic_templates->set_var('hidden_checked', 'checked="checked"'); } else { $topic_templates->set_var('hidden_checked', ''); } $topic_templates->set_var('lang_donotusespaces', $LANG27[5]); $topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']); $ownername = COM_getDisplayName($A['owner_id']); $topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}")); $topic_templates->set_var('owner_name', $ownername); $topic_templates->set_var('owner', $ownername); $topic_templates->set_var('owner_id', $A['owner_id']); $topic_templates->set_var('lang_group', $LANG_ACCESS['group']); $topic_templates->set_var('lang_save', $LANG_ADMIN['save']); $topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']); $topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']); $topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']); $topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']); $topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); // show sort order only if they specified sortnum as the sort method if ($_CONF['sortmethod'] !== 'alpha') { $topic_templates->set_var('lang_sortorder', $LANG27[10]); if ($A['sortnum'] == 0) { $A['sortnum'] = ''; } $topic_templates->set_var('sort_order', '<input type="text" size="5" maxlength="5" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>'); } else { $topic_templates->set_var('lang_sortorder', $LANG27[14]); $topic_templates->set_var('sort_order', $LANG27[15] . '<input type="hidden" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>'); } $topic_templates->set_var('lang_storiesperpage', $LANG27[11]); if ($A['limitnews'] == 0) { $topic_templates->set_var('story_limit', ''); } else { $topic_templates->set_var('story_limit', $A['limitnews']); } $topic_templates->set_var('default_limit', $_CONF['limitnews']); $topic_templates->set_var('lang_defaultis', $LANG27[16]); $topic_templates->set_var('lang_topicname', $LANG27[3]); $topic_templates->set_var('topic_name', htmlspecialchars(stripslashes($A['topic']), ENT_QUOTES, COM_getEncodingt())); if (empty($A['tid'])) { $A['imageurl'] = '/images/topics/'; } $topic_templates->set_var('lang_topicimage', $LANG27[4]); $topic_templates->set_var('lang_uploadimage', $LANG27[27]); $topic_templates->set_var('lang_maxsize', $LANG27[28]); $topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']); $topic_templates->set_var('max_url_length', 255); $topic_templates->set_var('image_url', $A['imageurl']); if (empty($_CONF['image_lib'])) { $scaling = $LANG04[162]; } else { $scaling = $LANG04[161]; } $topic_templates->set_var('icon_max_dimensions', sprintf($LANG04[160], $_CONF['max_topicicon_width'], $_CONF['max_topicicon_height'], $_CONF['max_topicicon_size'], $scaling)); $topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']); $topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']); if (!empty($A['meta_description'])) { $topic_templates->set_var('meta_description', $A['meta_description']); } if (!empty($A['meta_keywords'])) { $topic_templates->set_var('meta_keywords', $A['meta_keywords']); } if ($_CONF['meta_tags'] > 0) { $topic_templates->set_var('hide_meta', ''); } else { $topic_templates->set_var('hide_meta', ' style="display:none;"'); } $topic_templates->set_var('lang_defaulttopic', $LANG27[22]); $topic_templates->set_var('lang_defaulttext', $LANG27[23]); if ($A['is_default'] == 1) { $topic_templates->set_var('default_checked', 'checked="checked"'); } else { $topic_templates->set_var('default_checked', ''); } $topic_templates->set_var('lang_archivetopic', $LANG27[25]); $topic_templates->set_var('lang_archivetext', $LANG27[26]); $topic_templates->set_var('archive_disabled', ''); if ($A['archive_flag'] == 1) { $topic_templates->set_var('archive_checked', 'checked="checked"'); } else { $topic_templates->set_var('archive_checked', ''); // Only 1 topic can be the archive topic - so check if there already is one if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) { $topic_templates->set_var('archive_disabled', 'disabled'); } } if (empty($tid)) { $num_stories = $LANG_ADMIN['na']; } else { $nResult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND ta.tid = '" . DB_escapeString($tid) . "'" . COM_getPermSql('AND')); $N = DB_fetchArray($nResult); $num_stories = COM_numberFormat($N['count']); } $topic_templates->set_var('lang_num_stories', $LANG27[30]); $topic_templates->set_var('num_stories', $num_stories); $topic_templates->set_var('gltoken_name', CSRF_TOKEN); $topic_templates->set_var('gltoken', $token); $topic_templates->parse('output', 'editor'); $retval .= $topic_templates->finish($topic_templates->get_var('output')); $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); return $retval; }
/** * Displays the static page form * * @param array $A Data to display * @param string $error Error message to display * */ function PAGE_form($A, $error = false) { global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $action, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24, $LANG_postmodes, $MESSAGE; USES_lib_admin(); $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/staticpages/index.php', 'text' => $LANG_STATIC['page_list']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home'])); $template_path = staticpages_templatePath('admin'); if (!empty($sp_id) && ($action == 'edit' || $action == 'clone')) { $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); } else { $A['owner_id'] = $_USER['uid']; if (isset($_GROUPS['staticpages Admin'])) { $A['group_id'] = $_GROUPS['staticpages Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('staticpages.edit'); } SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']); $access = 3; } $retval = ''; if (empty($A['owner_id'])) { $error = COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')); $error .= $LANG_STATIC['deny_msg']; $error .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); } if ($error) { $retval .= $error . '<br/><br/>'; } else { $sp_template = new Template($template_path); $sp_template->set_file('form', 'editor.thtml'); $sp_template->set_var('lang_mode', $LANG24[3]); $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode'])); $ownername = COM_getDisplayName($A['owner_id']); $sp_template->set_var(array('sp_search_checked' => $A['sp_search'] == 1 ? ' checked="checked"' : '', 'sp_status_checked' => $A['sp_status'] == 1 ? ' checked="checked"' : '', 'lang_accessrights' => $LANG_ACCESS['accessrights'], 'lang_owner' => $LANG_ACCESS['owner'], 'owner_username' => DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"), 'owner_name' => $ownername, 'owner' => $ownername, 'owner_id' => $A['owner_id'], 'lang_group' => $LANG_ACCESS['group'], 'group_dropdown' => SEC_getGroupDropdown($A['group_id'], $access), 'permissions_editor' => SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']), 'lang_permissions' => $LANG_ACCESS['permissions'], 'lang_perm_key' => $LANG_ACCESS['permissionskey'], 'permissions_msg' => $LANG_ACCESS['permmsg'], 'start_block_editor' => COM_startBlock($LANG_STATIC['staticpages'] . ' :: ' . $LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header')), 'lang_save' => $LANG_ADMIN['save'], 'lang_cancel' => $LANG_ADMIN['cancel'], 'lang_preview' => $LANG_ADMIN['preview'], 'lang_editor' => $LANG_STATIC['staticpageeditor'], 'lang_attributes' => $LANG_STATIC['attributes'])); if (SEC_hasRights('staticpages.delete') && $action != 'clone' && !empty($A['sp_old_id'])) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s/>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $sp_template->set_var('delete_button', true); $sp_template->set_var('lang_delete_confirm', $MESSAGE[76]); $sp_template->set_var('lang_delete', $LANG_ADMIN['delete']); $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); } else { $sp_template->set_var('delete_option', ''); } $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']); $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['sp_uid']}")); $authorname = COM_getDisplayName($A['sp_uid']); $sp_template->set_var('name', $authorname); $sp_template->set_var('author', $authorname); $sp_template->set_var('lang_url', $LANG_STATIC['url']); $sp_template->set_var('lang_id', $LANG_STATIC['id']); $sp_template->set_var('sp_uid', $A['sp_uid']); $sp_template->set_var('sp_id', $A['sp_id']); $sp_template->set_var('sp_old_id', $A['sp_old_id']); $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $A['sp_id'])); $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']); $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']); $sp_template->set_var('lang_centerblock_include', $LANG21[51]); $sp_template->set_var('lang_centerblock_desc', $LANG21[52]); $sp_template->set_var('centerblock_help', $A['sp_help']); $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']); if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) { $sp_template->set_var('centerblock_checked', 'checked="checked"'); } else { $sp_template->set_var('centerblock_checked', ''); } $sp_template->set_var('lang_topic', $LANG_STATIC['topic']); $sp_template->set_var('lang_position', $LANG_STATIC['position']); $current_topic = ''; if (isset($A['sp_tid'])) { $current_topic = $A['sp_tid']; } if (empty($current_topic)) { $current_topic = 'none'; } $topics = COM_topicList('tid,topic', $current_topic, 1, true); $alltopics = '<option value="all"'; if ($current_topic == 'all') { $alltopics .= ' selected="selected"'; } $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB; $allnhp = '<option value="allnhp"'; if ($current_topic == 'allnhp') { $allnhp .= ' selected="selected"'; } $allnhp .= '>' . $LANG_STATIC['allnhp_topics'] . '</option>' . LB; $notopic = '<option value="none"'; if ($current_topic == 'none') { $notopic .= ' selected="selected"'; } $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB; $sp_template->set_var('topic_selection', '<select name="sp_tid">' . $alltopics . $allnhp . $notopic . $topics . '</select>'); $position = '<select name="sp_where">'; $position .= '<option value="1"'; if ($A['sp_where'] == 1) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_top'] . '</option>'; $position .= '<option value="2"'; if ($A['sp_where'] == 2) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_feat'] . '</option>'; $position .= '<option value="3"'; if ($A['sp_where'] == 3) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>'; $position .= '<option value="0"'; if ($A['sp_where'] == 0) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_entire'] . '</option>'; $position .= '<option value="4"'; if ($A['sp_where'] == 4) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_nonews'] . '</option>'; $position .= '</select>'; $sp_template->set_var('pos_selection', $position); if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) { if (!isset($A['sp_php'])) { $A['sp_php'] = 0; } $selection = '<select name="sp_php">' . LB; $selection .= '<option value="0"'; if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB; $selection .= '<option value="1"'; if ($A['sp_php'] == 1) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB; $selection .= '<option value="2"'; if ($A['sp_php'] == 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB; $selection .= '</select>'; $sp_template->set_var('php_selector', $selection); $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']); } else { $sp_template->set_var('php_selector', ''); $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']); } $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']); // old variables (for the 1.3-type checkbox) $sp_template->set_var('php_checked', ''); $sp_template->set_var('php_type', 'hidden'); if (isset($A['sp_nf']) && $A['sp_nf'] == 1) { $sp_template->set_var('exit_checked', 'checked="checked"'); } else { $sp_template->set_var('exit_checked', ''); } $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']); $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']); if (isset($A['sp_inblock']) && $A['sp_inblock'] == 1) { $sp_template->set_var('inblock_checked', 'checked="checked"'); } else { $sp_template->set_var('inblock_checked', ''); } $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']); $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']); $curtime = COM_getUserDateTimeFormat($A['unixdate']); $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']); $sp_template->set_var('sp_formateddate', $curtime[0]); $sp_template->set_var('sp_date', $curtime[1]); $sp_template->set_var('lang_title', $LANG_STATIC['title']); $title = ''; if (isset($A['sp_title'])) { $title = htmlspecialchars($A['sp_title']); } $sp_template->set_var('sp_title', $title); $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']); if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) { $sp_template->set_var('onmenu_checked', 'checked="checked"'); } else { $sp_template->set_var('onmenu_checked', ''); } $sp_template->set_var('lang_label', $LANG_STATIC['label']); if (isset($A['sp_label'])) { $sp_template->set_var('sp_label', $A['sp_label']); } else { $sp_template->set_var('sp_label', ''); } $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']); $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']); $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']); $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']); $sp_template->set_var('lang_rightblocks', $LANG_STATIC['rightblocks']); $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']); if (!isset($A['sp_format'])) { $A['sp_format'] = ''; } if ($A['sp_format'] == 'noblocks') { $sp_template->set_var('noblock_selected', 'selected="selected"'); } else { $sp_template->set_var('noblock_selected', ''); } if ($A['sp_format'] == 'leftblocks') { $sp_template->set_var('leftblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('leftblocks_selected', ''); } if ($A['sp_format'] == 'rightblocks') { $sp_template->set_var('rightblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('rightblocks_selected', ''); } if ($A['sp_format'] == 'blankpage') { $sp_template->set_var('blankpage_selected', 'selected="selected"'); } else { $sp_template->set_var('blankpage_selected', ''); } if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) { $sp_template->set_var('allblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('allblocks_selected', ''); } $sp_template->set_var('lang_content', $LANG_STATIC['content']); $content = ''; if (isset($A['sp_content'])) { $content = htmlspecialchars($A['sp_content']); } $sp_template->set_var('sp_content', $content); if ($_SP_CONF['filter_html'] == 1) { $sp_template->set_var('lang_allowedhtml', COM_allowedHTML(SEC_getUserPermissions(), false, 'staticpages', 'page')); } else { $sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']); } $sp_template->set_var('lang_hits', $LANG_STATIC['hits']); if (empty($A['sp_hits'])) { $sp_template->set_var('sp_hits', '0'); $sp_template->set_var('sp_hits_formatted', '0'); } else { $sp_template->set_var('sp_hits', $A['sp_hits']); $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits'])); } $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'))); $sp_template->set_var('owner_dropdown', COM_buildOwnerList('owner_id', $A['owner_id'])); $sp_template->set_var('writtenby_dropdown', COM_buildOwnerList('sp_uid', $A['sp_uid'])); $sp_template->set_var('gltoken_name', CSRF_TOKEN); $sp_template->set_var('gltoken', SEC_createToken()); $sp_template->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG_STATIC['instructions_edit'], plugin_geticon_staticpages())); PLG_templateSetVars('sp_editor', $sp_template); $retval .= $sp_template->parse('output', 'form'); } return $retval; }