/** * Saves user to the database * * @param int $uid user id * @return string HTML redirect or error message * */ function USER_save($uid) { global $_CONF, $_TABLES, $_USER, $LANG28, $_USER_VERBOSE; $retval = ''; $userChanged = false; if ($_USER_VERBOSE) { COM_errorLog("**** entering USER_save()****", 1); } if ($_USER_VERBOSE) { COM_errorLog("group size at beginning = " . sizeof($groups), 1); } $uid = COM_applyFilter($_POST['uid'], true); if ($uid == 0) { $uid = ''; } $regdate = COM_applyFilter($_POST['regdate'], true); $username = trim($_POST['new_username']); $fullname = COM_truncate(trim(USER_sanitizeName($_POST['fullname'])), 80); $userstatus = COM_applyFilter($_POST['userstatus'], true); $oldstatus = COM_applyFilter($_POST['oldstatus'], true); $passwd = isset($_POST['newp']) ? trim($_POST['newp']) : ''; $passwd_conf = isset($_POST['newp_conf']) ? trim($_POST['newp_conf']) : ''; $cooktime = COM_applyFilter($_POST['cooktime'], true); $email = trim($_POST['email']); $email_conf = trim($_POST['email_conf']); $groups = $_POST['groups']; $homepage = trim($_POST['homepage']); $location = strip_tags(trim($_POST['location'])); $photo = isset($_POST['photo']) ? $_POST['photo'] : ''; $delete_photo = isset($_POST['delete_photo']) && $_POST['delete_photo'] == 'on' ? 1 : 0; $sig = trim($_POST['sig']); $about = trim($_POST['about']); $pgpkey = trim($_POST['pgpkey']); $language = isset($_POST['language']) ? trim(COM_applyFilter($_POST['language'])) : ''; $theme = isset($_POST['theme']) ? trim(COM_applyFilter($_POST['theme'])) : ''; $maxstories = COM_applyFilter($_POST['maxstories'], true); $tzid = COM_applyFilter($_POST['tzid']); $dfid = COM_applyFilter($_POST['dfid'], true); $search_fmt = COM_applyFilter($_POST['search_result_format']); $commentmode = COM_applyFilter($_POST['commentmode']); $commentorder = isset($_POST['commentorder']) && $_POST['commentorder'] == 'DESC' ? 'DESC' : 'ASC'; $commentlimit = COM_applyFilter($_POST['commentlimit'], true); $emailfromuser = isset($_POST['emailfromuser']) && $_POST['emailfromuser'] == 'on' ? 1 : 0; $emailfromadmin = isset($_POST['emailfromadmin']) && $_POST['emailfromadmin'] == 'on' ? 1 : 0; $noicons = isset($_POST['noicons']) && $_POST['noicons'] == 'on' ? 1 : 0; $noboxes = isset($_POST['noboxes']) && $_POST['noboxes'] == 'on' ? 1 : 0; $showonline = isset($_POST['showonline']) && $_POST['showonline'] == 'on' ? 1 : 0; $topic_order = isset($_POST['topic_order']) && $_POST['topic_order'] == 'ASC' ? 'ASC' : 'DESC'; $maxstories = COM_applyFilter($_POST['maxstories'], true); $newuser = COM_applyFilter($_POST['newuser'], true); $remoteuser = isset($_POST['remoteuser']) && $_POST['remoteuser'] == 'on' ? 1 : 0; $remoteusername = isset($_POST['remoteusername']) ? strip_tags(trim($_POST['remoteusername'])) : ''; $remoteservice = isset($_POST['remoteservice']) ? COM_applyFilter($_POST['remoteservice']) : ''; $social_services = SOC_followMeProfile($uid); foreach ($social_services as $service) { $service_input = $service['service'] . '_username'; $_POST[$service_input] = strip_tags($_POST[$service_input]); } if ($uid == 1) { return USER_list(); } if ($uid == '' || $uid < 2 || $newuser == 1) { if (empty($passwd) && $remoteuser == 0) { return USER_edit($uid, 504); } if (empty($email)) { return USER_edit($uid, 505); } } if ($username == '') { return USER_edit($uid, 506); } if (!USER_validateUsername($username)) { return USER_edit($uid, 512); } if ($email == '') { return USER_edit($uid, 507); } if ($passwd != $passwd_conf && $remoteuser == 0) { // passwords don't match return USER_edit($uid, 67); } if ($email != $email_conf) { return USER_edit($uid, 508); } // remote user checks if ($remoteuser == 1) { if ($remoteusername == '') { return USER_edit($uid, 513); } if ($remoteservice == '') { return USER_edit($uid, 514); } } $validEmail = true; if (empty($username)) { $validEmail = false; } elseif (empty($email)) { if (empty($uid)) { $validEmail = false; } else { $ws_user = DB_getItem($_TABLES['users'], 'remoteservice', "uid = " . intval($uid)); if (empty($ws_user)) { $validEmail = false; } } } if ($validEmail) { if (!empty($email) && !COM_isEmail($email)) { return USER_edit($uid, 52); } $uname = DB_escapeString($username); if (empty($uid)) { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******'"); } else { $uservice = DB_getItem($_TABLES['users'], 'remoteservice', "uid = {$uid}"); if ($uservice != '') { $uservice = DB_escapeString($uservice); $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND remoteservice = '{$uservice}'"); } else { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND (remoteservice = '' OR remoteservice IS NULL)"); } } if ($ucount > 0) { // Admin just changed a user's username to one that already exists return USER_edit($uid, 51); } $emailaddr = DB_escapeString($email); $exclude_remote = " AND (remoteservice IS NULL OR remoteservice = '')"; if (empty($uid)) { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}'" . $exclude_remote); } else { $old_email = DB_getItem($_TABLES['users'], 'email', "uid = {$uid}"); if ($old_email == $email) { // email address didn't change so don't care $ucount = 0; } else { $ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}' AND uid <> {$uid}" . $exclude_remote); } } if ($ucount > 0) { // Admin just changed a user's email to one that already exists return USER_edit($uid, 56); } if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) { $ret = CUSTOM_userCheck($username, $email); if (!empty($ret)) { // need a numeric return value - otherwise use default message if (!is_numeric($ret['number'])) { $ret['number'] = 97; } return USER_edit($uid, $ret['number']); } } // Let plugins have a chance to decide what to do before saving the user, return errors. $msg = PLG_itemPreSave('useredit', $username); if (!empty($msg)) { // need a numeric return value - otherwise use default message if (!is_numeric($msg)) { $msg = 97; } return USER_edit($uid, $msg); } if (empty($uid) || !empty($passwd)) { $passwd2 = SEC_encryptPassword($passwd); } else { $passwd2 = DB_getItem($_TABLES['users'], 'passwd', "uid = {$uid}"); } // do we need to create the user? if (empty($uid)) { if (empty($passwd)) { // no password? create one ... $passwd = USER_createPassword(8); $passwd2 = SEC_encryptPassword($passwd); } if ($remoteuser == 1) { $uid = USER_createAccount($username, $email, '', $fullname, '', $remoteusername, $remoteservice, 1); } else { $uid = USER_createAccount($username, $email, $passwd2, $fullname, $homepage, '', '', 1); } if ($uid > 1) { DB_query("UPDATE {$_TABLES['users']} SET status = {$userstatus} WHERE uid = {$uid}"); } if (isset($_POST['emailuser'])) { USER_createAndSendPassword($username, $email, $uid, $passwd); } if ($uid < 2) { return USER_edit('', 509); } $newuser = 1; } // at this point, we have a valid user... // Filter some of the text entry fields to ensure they don't cause problems... $fullname = strip_tags($fullname); $about = strip_tags($about); $pgpkey = strip_tags($pgpkey); $curphoto = USER_handlePhotoUpload($uid, $delete_photo); if ($_CONF['allow_user_photo'] == 1 && !empty($curphoto)) { $curusername = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}"); if ($curusername != $username) { // user has been renamed - rename the photo, too $newphoto = preg_replace('/' . $curusername . '/', $username, $curphoto, 1); $imgpath = $_CONF['path_images'] . 'userphotos/'; if (rename($imgpath . $curphoto, $imgpath . $newphoto) === false) { $display = COM_siteHeader('menu', $LANG28[22]); $display .= COM_errorLog('Could not rename userphoto "' . $curphoto . '" to "' . $newphoto . '".'); $display .= COM_siteFooter(); return $display; } $curphoto = $newphoto; } } // update users table $sql = "UPDATE {$_TABLES['users']} SET " . "username = '******'," . "fullname = '" . DB_escapeString($fullname) . "'," . "passwd = '" . DB_escapeString($passwd2) . "'," . "email = '" . DB_escapeString($email) . "'," . "homepage = '" . DB_escapeString($homepage) . "'," . "sig = '" . DB_escapeString($sig) . "'," . "photo = '" . DB_escapeString($curphoto) . "'," . "cookietimeout = {$cooktime}," . "theme = '" . DB_escapeString($theme) . "'," . "language = '" . DB_escapeString($language) . "'," . "status = {$userstatus} WHERE uid = {$uid};"; DB_query($sql); // update userprefs $sql = "UPDATE {$_TABLES['userprefs']} SET " . "noicons = {$noicons}," . "dfid = {$dfid}," . "tzid = '" . DB_escapeString($tzid) . "'," . "emailstories = 0," . "emailfromadmin = {$emailfromadmin}," . "emailfromuser = {$emailfromuser}," . "showonline = {$showonline}," . "search_result_format = '" . DB_escapeString($search_fmt) . "' WHERE uid={$uid};"; DB_query($sql); // userinfo table $sql = "UPDATE {$_TABLES['userinfo']} SET " . "about = '" . DB_escapeString($about) . "'," . "location = '" . DB_escapeString($location) . "'," . "pgpkey = '" . DB_escapeString($pgpkey) . "' WHERE uid={$uid};"; DB_query($sql); // userindex table $TIDS = @array_values($_POST['topics']); $AIDS = @array_values($_POST['selauthors']); $BOXES = @array_values($_POST['blocks']); $ETIDS = @array_values($_POST['dgtopics']); $allowed_etids = USER_buildTopicList(); $AETIDS = explode(' ', $allowed_etids); $tids = ''; if (sizeof($TIDS) > 0) { $tids = DB_escapeString(implode(' ', array_intersect($AETIDS, $TIDS))); } $aids = ''; if (sizeof($AIDS) > 0) { foreach ($AIDS as $key => $val) { $AIDS[$key] = intval($val); } $aids = DB_escapeString(implode(' ', $AIDS)); } $selectedblocks = ''; $selectedBoxes = array(); if (count($BOXES) > 0) { foreach ($BOXES as $key => $val) { $BOXES[$key] = intval($val); } $boxes = DB_escapeString(implode(',', $BOXES)); $blockresult = DB_query("SELECT bid,name FROM {$_TABLES['blocks']} WHERE bid NOT IN ({$boxes})"); $numRows = DB_numRows($blockresult); for ($x = 1; $x <= $numRows; $x++) { $row = DB_fetchArray($blockresult); if ($row['name'] != 'user_block' and $row['name'] != 'admin_block' and $row['name'] != 'section_block') { $selectedblocks .= $row['bid']; if ($x != $numRows) { $selectedblocks .= ' '; } } } } $etids = '-'; if (sizeof($ETIDS) > 0) { $etids = DB_escapeString(implode(' ', array_intersect($AETIDS, $ETIDS))); } else { $etids = '-'; } DB_save($_TABLES['userindex'], "uid,tids,aids,boxes,noboxes,maxstories,etids", "{$uid},'{$tids}','{$aids}','{$selectedblocks}',{$noboxes},{$maxstories},'{$etids}'"); // usercomment DB_save($_TABLES['usercomment'], 'uid,commentmode,commentorder,commentlimit', "{$uid},'{$commentmode}','{$commentorder}'," . intval($commentlimit)); if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) { CUSTOM_userSave($uid); } if ($_CONF['usersubmission'] == 1 && $oldstatus == USER_ACCOUNT_AWAITING_APPROVAL && ($userstatus == USER_ACCOUNT_ACTIVE || $userstatus == USER_ACCOUNT_AWAITING_ACTIVATION || $userstatus == USER_ACCOUNT_AWAITING_VERIFICATION)) { USER_createAndSendPassword($username, $email, $uid); } if ($userstatus == USER_ACCOUNT_DISABLED) { SESS_endUserSession($uid); } $userChanged = true; // if groups is -1 then this user isn't allowed to change any groups so ignore if (is_array($groups) && SEC_hasRights('group.edit')) { if (!SEC_inGroup('Root')) { $rootgrp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'"); if (in_array($rootgrp, $groups)) { COM_accessLog("User {$_USER['username']} ({$_USER['uid']}) just tried to give Root permissions to user {$username}."); echo COM_refresh($_CONF['site_admin_url'] . '/index.php'); exit; } } // make sure the Remote Users group is in $groups if (SEC_inGroup('Remote Users', $uid)) { $remUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'"); if (!in_array($remUsers, $groups)) { $groups[] = $remUsers; } } if ($_USER_VERBOSE) { COM_errorLog("deleting all group_assignments for user {$uid}/{$username}", 1); } // remove user from all groups that the User Admin is a member of $UserAdminGroups = SEC_getUserGroups(); $whereGroup = 'ug_main_grp_id IN (' . implode(',', $UserAdminGroups) . ')'; DB_query("DELETE FROM {$_TABLES['group_assignments']} WHERE (ug_uid = {$uid}) AND " . $whereGroup); // make sure to add user to All Users and Logged-in Users groups $allUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'All Users'"); if (!in_array($allUsers, $groups)) { $groups[] = $allUsers; } $logUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Logged-in Users'"); if (!in_array($logUsers, $groups)) { $groups[] = $logUsers; } foreach ($groups as $userGroup) { if (in_array($userGroup, $UserAdminGroups)) { if ($_USER_VERBOSE) { COM_errorLog("adding group_assignment " . $userGroup . " for {$username}", 1); } $sql = "INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$userGroup}, {$uid})"; DB_query($sql); } } } // subscriptions $subscription_deletes = @array_values($_POST['subdelete']); if (is_array($subscription_deletes)) { foreach ($subscription_deletes as $subid) { DB_delete($_TABLES['subscriptions'], 'sub_id', (int) $subid); } } foreach ($social_services as $service) { $service_input = $service['service'] . '_username'; $_POST[$service_input] = DB_escapeString($_POST[$service_input]); if ($_POST[$service_input] != '') { $sql = "REPLACE INTO {$_TABLES['social_follow_user']} (ssid,uid,ss_username) "; $sql .= " VALUES (" . (int) $service['service_id'] . "," . $uid . ",'" . $_POST[$service_input] . "');"; DB_query($sql, 1); } else { $sql = "DELETE FROM {$_TABLES['social_follow_user']} WHERE ssid = " . (int) $service['service_id'] . " AND uid=" . (int) $uid; DB_query($sql, 1); } } if ($newuser == 0) { PLG_profileSave('', $uid); } else { PLG_createUser($uid); } if ($userChanged) { PLG_userInfoChanged($uid); } CACHE_remove_instance('mbmenu'); $errors = DB_error(); if (empty($errors)) { echo PLG_afterSaveSwitch($_CONF['aftersave_user'], "{$_CONF['site_url']}/users.php?mode=profile&uid={$uid}", 'user', 21); } else { $retval .= COM_siteHeader('menu', $LANG28[22]); $retval .= COM_errorLog('Error in USER_save() in ' . $_CONF['site_admin_url'] . '/user.php'); $retval .= COM_siteFooter(); echo $retval; exit; } } else { $retval = COM_siteHeader('menu', $LANG28[1]); $retval .= COM_errorLog($LANG28[10]); if (DB_count($_TABLES['users'], 'uid', $uid) > 0) { $retval .= USER_edit($uid); } else { $retval .= USER_edit(); } $retval .= COM_siteFooter(); echo $retval; exit; } if ($_USER_VERBOSE) { COM_errorLog("***************leaving USER_save()*****************", 1); } return $retval; }
$moved = ""; } if ($CONF_FORUM['show_subject_length'] > 0 and strlen($record['subject']) > $CONF_FORUM['show_subject_length']) { $subject = COM_truncate($record['subject'], $CONF_FORUM['show_subject_length'], '...'); } else { $subject = $record['subject']; } if ($record['uid'] > 1) { $firstposterName = COM_getDisplayName($record['uid']); } else { $firstposterName = $record['name']; } $topicinfo = "<b>{$LANG_GF01['STARTEDBY']} {$firstposterName}, {$firstdate}</b><br" . XHTML . ">"; $lastpostinfo = stripBBCode($lastpostinfo); // Simple function to strip out bbcode so tooltips display better $lastpostinfo = strip_tags(COM_truncate($record['comment'], $CONF_FORUM['contentinfo_numchars'], '...')); $lastpostinfo = htmlspecialchars($lastpostinfo); // Escape things like " so it displays properly in tooltip $topicinfo .= str_replace(LB, "<br" . XHTML . ">", forum_mb_wordwrap($lastpostinfo, $CONF_FORUM['linkinfo_width'], LB)); if (function_exists('COM_getTooltip')) { $topiclink = "viewtopic.php?showtopic={$record['id']}"; $tooltip_subject = COM_getTooltip($subject, $topicinfo, $topiclink); //$subject = ''; $topiclisting->set_var('tooltip_subject', $tooltip_subject); } $topiclisting->set_var('topicinfo', $topicinfo); $topiclisting->parse('folderimg', $folderimg); $topiclisting->set_var('topic_id', $record['id']); $topiclisting->set_var('subject', $subject); $topiclisting->set_var('fullsubject', $record['subject']); $topiclisting->set_var('gotomsg', $gotomsg);
function showtopic($showtopic, $mode = '', $onetwo = 1, $page = 1) { global $CONF_FORUM, $_CONF, $_TABLES, $_USER, $LANG_GF01, $LANG_GF02, $LANG_GF09; global $highlight; global $oldPost; $oldPost = 0; //$mytimer = new timerobject(); //$mytimer->setPercision(2); //$mytimer->startTimer(); //$intervalTime = $mytimer->stopTimer(); //COM_errorLog("Show Topic Display Time1: $intervalTime"); if (!class_exists('StringParser')) { require_once $CONF_FORUM['path_include'] . 'bbcode/stringparser_bbcode.class.php'; } $topictemplate = COM_newTemplate(CTL_plugin_templatePath('forum')); $topictemplate->set_file(array('topictemplate' => 'topic.thtml', 'forum_icons' => 'forum_icons.thtml', 'forum_links' => 'forum_links.thtml')); $topictemplate->set_block('topictemplate', 'block_user_information'); $topictemplate->set_block('topictemplate', 'block_anon_user_information'); $topictemplate->set_block('topictemplate', 'location'); $topictemplate->set_block('topictemplate', 'ip_address'); $topictemplate->set_block('topictemplate', 'anon_ip_address'); $topictemplate->set_block('topictemplate', 'user_signature'); $topictemplate->set_block('topictemplate', 'mod_functions'); $blocks = array('block_user_name', 'block_anon_user_name', 'block_user_information', 'block_anon_user_information', 'user_signature', 'mod_functions'); foreach ($blocks as $block) { $topictemplate->set_block('topictemplate', $block); } $topictemplate->set_block('forum_icons', 'topiclocked_icon'); $topictemplate->set_block('forum_icons', 'mood_icon'); $blocks = array('profile_link', 'pm_link', 'email_link', 'website_link', 'quotetopic_link', 'edittopic_link'); foreach ($blocks as $block) { $topictemplate->set_block('forum_links', $block); } // if preview, only stripslashes is gpc=on, else assume from db so strip if ($mode == 'preview') { $showtopic['subject'] = COM_stripslashes($showtopic['subject']); } else { $showtopic['subject'] = stripslashes($showtopic['subject']); } $min_height = 50; // Base minimum height of topic - will increase if avatar or sig is used $date = strftime($CONF_FORUM['default_Topic_Datetime_format'], $showtopic['date']); $sql = "SELECT u.*, ui.location FROM {$_TABLES['users']} u, {$_TABLES['userinfo']} ui \n \t\tWHERE u.uid = ui.uid \n \t\tAND u.uid = '{$showtopic['uid']}'"; $userQuery = DB_query($sql); if ($showtopic['uid'] > 1 and DB_numRows($userQuery) == 1) { $userarray = DB_fetchArray($userQuery); $username = COM_getDisplayName($showtopic['uid']); $userlink = "<a href=\"{$_CONF['site_url']}/users.php?mode=profile&uid={$showtopic['uid']}\" "; $userlink .= "class=\"authorname {$onetwo}\"><b>{$username}</b></a>"; $uservalid = true; $postcount = DB_query("SELECT * FROM {$_TABLES['forum_topic']} WHERE uid='{$showtopic['uid']}'"); $posts = DB_numRows($postcount); // STARS CODE if (SEC_inGroup(1, $showtopic['uid'])) { $user_level = showrank(7, $LANG_GF01['admin']); $user_levelname = $LANG_GF01['admin']; } else { if (forum_modPermission($showtopic['forum'], $showtopic['uid'])) { $user_level = showrank(6, $LANG_GF01['moderator']); $user_levelname = $LANG_GF01['moderator']; } else { if ($posts < $CONF_FORUM['level2']) { $user_level = showrank(1, $CONF_FORUM['level1name']); $user_levelname = $CONF_FORUM['level1name']; } elseif ($posts >= $CONF_FORUM['level2'] && $posts < $CONF_FORUM['level3']) { $user_level = showrank(2, $CONF_FORUM['level2name']); $user_levelname = $CONF_FORUM['level2name']; } elseif ($posts >= $CONF_FORUM['level3'] && $posts < $CONF_FORUM['level4']) { $user_level = showrank(3, $CONF_FORUM['level3name']); $user_levelname = $CONF_FORUM['level3name']; } elseif ($posts >= $CONF_FORUM['level4'] && $posts < $CONF_FORUM['level5']) { $user_level = showrank(4, $CONF_FORUM['level4name']); $user_levelname = $CONF_FORUM['level4name']; } elseif ($posts > $CONF_FORUM['level5']) { $user_level = showrank(5, $CONF_FORUM['level5name']); $user_levelname = $CONF_FORUM['level5name']; } } } // Still allow photo to be showen for users if ($showtopic['uid'] > 1 and ($userarray['photo'] != "" or !empty($_CONF['default_photo']))) { $avatar = USER_getPhoto($showtopic['uid'], '', '', $CONF_FORUM['avatar_width']); $min_height = $min_height + 50; } else { $avatar = ''; } $regdate = $LANG_GF01['REGISTERED'] . ': ' . strftime($_CONF['shortdate'], strtotime($userarray['regdate'])) . '<br' . XHTML . '>'; $numposts = $LANG_GF01['POSTS'] . ': ' . $posts; if (DB_count($_TABLES['sessions'], 'uid', $showtopic['uid']) > 0 and DB_getItem($_TABLES['userprefs'], 'showonline', "uid={$showtopic['uid']}") == 1) { $avatar .= '<br' . XHTML . '>' . $LANG_GF01['STATUS'] . ' ' . $LANG_GF01['ONLINE']; } else { $avatar .= '<br' . XHTML . '>' . $LANG_GF01['STATUS'] . ' ' . $LANG_GF01['OFFLINE']; } if ($userarray['sig'] != '') { $sig = $userarray['sig']; $min_height = $min_height + 30; } else { $sig = ''; } } else { $uservalid = false; $userlink = urldecode($showtopic['name']); } if ($CONF_FORUM['show_moods'] && $showtopic['mood'] != "") { $topictemplate->set_var('moodicon', gf_getImage($showtopic['mood'], 'moods')); $topictemplate->set_var('moodicontext', $showtopic['mood']); $topictemplate->parse('mood_icon', 'mood_icon'); $min_height = $min_height + 30; } else { $topictemplate->set_var('mood_icon', ''); } //$intervalTime = $mytimer->stopTimer(); //COM_errorLog("Show Topic Display Time3: $intervalTime"); // Handle Pre ver 2.5 quoting and New Line Formatting - consider adding this to a migrate function if ($CONF_FORUM['pre2.5_mode']) { // try to determine if we have an old post... if (strstr($showtopic['comment'], '<pre class="forumCode">') !== false) { $oldPost = 1; } if (strstr($showtopic['comment'], "[code]<code>") !== false) { $oldPost = 1; } if (strstr($showtopic['comment'], "<pre>") !== false) { $oldPost = 1; } if (stristr($showtopic['comment'], '[code') == false || stristr($showtopic['comment'], '[code]<code>') == true) { if (strstr($showtopic['comment'], "<pre>") !== false) { $oldPost = 1; } $showtopic['comment'] = str_replace('<pre>', '[code]', $showtopic['comment']); $showtopic['comment'] = str_replace('</pre>', '[/code]', $showtopic['comment']); } $showtopic['comment'] = str_ireplace("[code]<code>", '[code]', $showtopic['comment']); $showtopic['comment'] = str_ireplace("</code>[/code]", '[/code]', $showtopic['comment']); $showtopic['comment'] = str_replace(array("<br />\r\n", "<br />\n\r", "<br />\r", "<br />\n", "<br>\r\n", "<br>\n\r", "<br>\r", "<br>\n"), '<br' . XHTML . '>', $showtopic['comment']); $showtopic['comment'] = preg_replace("/\\[QUOTE\\sBY=\\s(.+?)\\]/i", "[QUOTE] Quote by \$1:", $showtopic['comment']); /* Reformat code blocks - version 2.3.3 and prior */ $showtopic['comment'] = str_replace('<pre class="forumCode">', '[code]', $showtopic['comment']); $showtopic['comment'] = preg_replace("/\\[QUOTE\\sBY=(.+?)\\]/i", "[QUOTE] Quote by \$1:", $showtopic['comment']); if ($oldPost) { if (strstr($showtopic['comment'], "\\'") !== false) { $showtopic['comment'] = stripslashes($showtopic['comment']); } } } $showtopic['comment'] = gf_formatTextBlock($showtopic['comment'], $showtopic['postmode'], $mode); $showtopic['subject'] = gf_formatTextBlock($showtopic['subject'], 'text', $mode); if ($CONF_FORUM['show_subject_length'] > 0 and strlen($showtopic['subject']) > $CONF_FORUM['show_subject_length']) { $showtopic['subject'] = COM_truncate("{$showtopic['subject']}", $CONF_FORUM['show_subject_length'], '...'); } //$intervalTime = $mytimer->stopTimer(); //COM_errorLog("Show Topic Display Time2: $intervalTime"); if ($mode != 'preview' && $uservalid && !COM_isAnonUser() && $_USER['uid'] == $showtopic['uid']) { /* Check if user can still edit this post - within allowed edit timeframe */ $editAllowed = false; if ($CONF_FORUM['allowed_editwindow'] > 0) { $t1 = $showtopic['date']; $t2 = $CONF_FORUM['allowed_editwindow']; if (time() - $t2 < $t1) { $editAllowed = true; } } else { $editAllowed = true; } if ($editAllowed) { $editlink = "{$_CONF['site_url']}/forum/createtopic.php?method=edit&forum={$showtopic['forum']}&id={$showtopic['id']}&editid={$showtopic['id']}&page={$page}"; $editlinktext = $LANG_GF09['edit']; $topictemplate->set_var('editlink', $editlink); $topictemplate->set_var('editlinktext', $editlinktext); $topictemplate->set_var('LANG_edit', $LANG_GF01['EDITICON']); $topictemplate->parse('edittopic_link', 'edittopic_link'); } } if ($highlight != '') { $showtopic['subject'] = str_replace("{$highlight}", "<span class=\"highlight\">{$highlight}</span>", $showtopic['subject']); $showtopic['comment'] = str_replace("{$highlight}", "<span class=\"highlight\">{$highlight}</span>", $showtopic['comment']); } if (!isset($showtopic['pid'])) { $showtopic['pid'] = 0; } if ($showtopic['pid'] == 0) { $replytopicid = $showtopic['id']; $is_lockedtopic = $showtopic['locked']; $views = $showtopic['views']; $topictemplate->set_var('read_msg', sprintf($LANG_GF02['msg49'], $views)); if ($is_lockedtopic) { $topictemplate->parse('topiclocked_icon', 'topiclocked_icon'); } } else { $replytopicid = $showtopic['pid']; $is_lockedtopic = DB_getItem($_TABLES['forum_topic'], 'locked', "id={$showtopic['pid']}"); $topictemplate->set_var('read_msg', ''); } if ($CONF_FORUM['allow_user_dateformat']) { $date = COM_getUserDateTimeFormat($showtopic['date']); $topictemplate->set_var('posted_date', $date[0]); } else { $date = strftime($CONF_FORUM['default_Topic_Datetime_format'], $showtopic['date']); $topictemplate->set_var('posted_date', $date); } if ($mode != 'preview') { if ($is_lockedtopic == 0) { $is_readonly = DB_getItem($_TABLES['forum_forums'], 'is_readonly', 'forum_id=' . $showtopic['forum']); if ($is_readonly == 0 or forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_edit')) { $quotelink = "{$_CONF['site_url']}/forum/createtopic.php?method=postreply&forum={$showtopic['forum']}&id={$replytopicid}&quoteid={$showtopic['id']}"; $quotelinktext = $LANG_GF09['quote']; $topictemplate->set_var('quotelink', $quotelink); $topictemplate->set_var('quotelinktext', $quotelinktext); $topictemplate->set_var('LANG_quote', $LANG_GF01['QUOTEICON']); $topictemplate->parse('quotetopic_link', 'quotetopic_link'); } } $topictemplate->set_var('topic_post_id', $showtopic['id']); if ($showtopic['uid'] > 1 && $uservalid) { $profile_link = "{$_CONF['site_url']}/users.php?mode=profile&uid={$showtopic['uid']}"; $profile_linktext = $LANG_GF09['profile']; $topictemplate->set_var('profilelink', $profile_link); $topictemplate->set_var('profilelinktext', $profile_linktext); $topictemplate->set_var('LANG_profile', $LANG_GF01['ProfileLink']); $topictemplate->parse('profile_link', 'profile_link'); if ($CONF_FORUM['use_pm_plugin']) { $pmusernmame = COM_getDisplayName($showtopic['uid']); $pmplugin_link = forumPLG_getPMlink($pmusernmame); if ($pmplugin_link != '') { $pm_link = $pmplugin_link; $pm_linktext = $LANG_GF09['pm']; $topictemplate->set_var('pmlink', $pm_link); $topictemplate->set_var('pmlinktext', $pm_linktext); $topictemplate->set_var('LANG_pm', $LANG_GF01['PMLink']); $topictemplate->parse('pm_link', 'pm_link'); } } } if ($userarray['email'] != '' && $showtopic["uid"] > 1) { $email_link = "{$_CONF['site_url']}/profiles.php?uid={$showtopic['uid']}"; $email_linktext = $LANG_GF09['email']; $topictemplate->set_var('emaillink', $email_link); $topictemplate->set_var('emaillinktext', $email_linktext); $topictemplate->set_var('LANG_email', $LANG_GF01['EmailLink']); $topictemplate->parse('email_link', 'email_link'); } if ($userarray['homepage'] != '') { $homepage = trim($userarray['homepage']); if (strtolower(substr($homepage, 0, 4)) != 'http') { $homepage = 'http://' . $homepage; } $homepagetext = $LANG_GF09['website']; $topictemplate->set_var('websitelink', $homepage); $topictemplate->set_var('websitelinktext', $homepagetext); $topictemplate->set_var('LANG_website', $LANG_GF01['WebsiteLink']); $topictemplate->parse('website_link', 'website_link'); } if ($userarray['location'] != '' && $showtopic["uid"] > 1) { $topictemplate->set_var('user_location', $userarray['location']); $topictemplate->parse('location', 'location'); } } else { if (isset($_GET['onlytopic']) and $_GET['onlytopic'] != 1) { $topictemplate->set_var('posted_date', ''); $topictemplate->set_var('preview_topic_subject', $showtopic['subject']); } else { $topictemplate->set_var('preview_topic_subject', ''); } $topictemplate->set_var('read_msg', ''); $topictemplate->set_var('topiclocked_icon', ''); $topictemplate->set_var('preview_mode', 'none'); } //$intervalTime = $mytimer->stopTimer(); //COM_errorLog("Show Topic Display Time4: $intervalTime"); $showtopic['comment'] = str_replace('{', '{', $showtopic['comment']); $showtopic['comment'] = str_replace('}', '}', $showtopic['comment']); // Temporary correspondence. You should cope in more roots. $showtopic['comment'] = str_replace(array("<br />", "<br>"), '<br' . XHTML . '>', $showtopic['comment']); $topictemplate->set_var('layout_url', $CONF_FORUM['layout_url']); $topictemplate->set_var('csscode', $onetwo); $topictemplate->set_var('postmode', $showtopic['postmode']); $topictemplate->set_var('userlink', $userlink); $topictemplate->set_var('lang_forum', $LANG_GF01['FORUM']); $topictemplate->set_var('user_levelname', $user_levelname); $topictemplate->set_var('user_level', $user_level); $topictemplate->set_var('avatar', $avatar); $topictemplate->set_var('regdate', $regdate); $topictemplate->set_var('numposts', $numposts); if (forum_modPermission($showtopic['forum'], $_USER['uid'], 'mod_ban')) { $topictemplate->set_var('ip', $showtopic['ip']); if ($showtopic['uid'] == 1) { $topictemplate->parse('ip_address', 'anon_ip_address'); } else { $topictemplate->parse('ip_address', 'ip_address'); } } else { $topictemplate->set_var('ip_address', ''); } $topictemplate->set_var('imgset', $CONF_FORUM['imgset']); $topictemplate->set_var('topic_subject', $showtopic['subject']); $topictemplate->set_var('LANG_ON2', $LANG_GF01['ON2']); if ($mode != 'preview') { $mod_functions = forum_getmodFunctions($showtopic); if (!empty($mod_functions)) { $topictemplate->set_var('mod_functions', $mod_functions); $topictemplate->parse('mod_functions', 'mod_functions'); } else { $topictemplate->set_var('mod_functions', ''); } } $topictemplate->set_var('topic_comment', $showtopic['comment']); $topictemplate->set_var('comment_minheight', "min-height:{$min_height}px"); if (trim($sig) != '') { $topictemplate->set_var('sig', PLG_replaceTags($sig)); $topictemplate->set_var('show_sig', ''); $topictemplate->parse('user_signature', 'user_signature'); } else { $topictemplate->set_var('sig', ''); $topictemplate->set_var('show_sig', 'none'); $topictemplate->set_var('user_signature', ''); } $topictemplate->set_var('forumid', $showtopic['forum']); $topictemplate->set_var('topic_id', $showtopic['id']); $topictemplate->set_var('member_badge', forumPLG_getMemberBadge($showtopic['uid'])); if ($uservalid) { $topictemplate->parse('user_name', 'block_user_name'); $topictemplate->parse('user_information', 'block_user_information'); } else { $topictemplate->parse('user_name', 'block_anon_user_name'); $topictemplate->parse('user_information', 'block_anon_user_information'); } $topictemplate->parse('output', 'topictemplate'); $retval = $topictemplate->finish($topictemplate->get_var('output')); //$intervalTime = $mytimer->stopTimer(); //COM_errorLog("Show Topic Display Time5: $intervalTime"); return $retval; }
/** * Truncates a string to a certain length at the most sensible point. * First, if there's a '.' character near the end of the string, the string is truncated after this character. * If there is no '.', the string is truncated after the last ' ' character. * If the string is truncated, " ..." is appended. * If the string is already shorter than $length, it is returned unchanged. * * @static * @param string string A string to be truncated. * @param int length the maximum length the string should be truncated to * @return string the truncated string */ function iTrunc($string, $length) { if (strlen($string) <= $length) { return $string; } $pos = strrpos($string, "."); if ($pos >= $length - 4) { $string = COM_truncate($string, $length - 4); $pos = strrpos($string, "."); } if ($pos >= $length * 0.4) { return COM_truncate($string, $pos + 1) . " ..."; } $pos = strrpos($string, " "); if ($pos >= $length - 4) { $string = COM_truncate($string, $length - 4); $pos = strrpos($string, " "); } if ($pos >= $length * 0.4) { return COM_truncate($string, $pos) . " ..."; } return COM_truncate($string, $length - 4) . " ..."; }
function FF_showtopic($showtopic, $mode = '', $onetwo = 1, $page = 1, $topictemplate) { global $_FF_CONF, $_CONF, $_TABLES, $_USER, $LANG_GF01, $LANG_GF02, $_SYSTEM; global $highlight; global $forumfiles; global $canPost; $retval = ''; if (isset($showtopic['date'])) { $dt = new Date($showtopic['date'], $_USER['tzid']); } else { $dt = new Date('now', $_USER['tzid']); } static $cacheUserArray = array(); static $_user_already_voted = array(); $oldPost = 0; if (!class_exists('StringParser')) { require_once $_CONF['path'] . 'lib/bbcode/stringparser_bbcode.class.php'; } if ($mode == 'preview') { $topictemplate->set_var(array('lang_postpreview' => $LANG_GF01['PREVIEW_HEADER'], 'preview' => true)); } $min_height = 50; // Base minimum height of topic - will increase if avatar or sig is used $foundUser = 0; if ($showtopic['uid'] > 1) { if (isset($cacheUserArray[$showtopic['uid']])) { $userarray = $cacheUserArray[$showtopic['uid']]; $username = $userarray['display_name']; $location = $userarray['location']; $posts = $userarray['posts']; $user_level = $userarray['user_level']; $user_levelname = $userarray['user_levelname']; $avatar = $userarray['avatar']; $onlinestatus = $userarray['onlinestatus']; $min_height = $userarray['min_height']; $regdate = $userarray['regdate']; $numposts = $userarray['numposts']; $foundUser = 1; } else { $sql = "SELECT users.*,userprefs.*,userinfo.*,gf_userinfo.rating,gf_userinfo.signature FROM {$_TABLES['users']} users LEFT JOIN {$_TABLES['userprefs']} userprefs ON users.uid=userprefs.uid LEFT JOIN {$_TABLES['userinfo']} userinfo ON users.uid=userinfo.uid LEFT JOIN {$_TABLES['ff_userinfo']} gf_userinfo ON users.uid=gf_userinfo.uid WHERE users.uid=" . (int) $showtopic['uid']; $userQuery = DB_query($sql); if (DB_numRows($userQuery) == 1) { $userarray = DB_fetchArray($userQuery); $username = COM_getDisplayName($showtopic['uid']); $userarray['display_name'] = $username; $postcount = DB_query("SELECT * FROM {$_TABLES['ff_topic']} WHERE uid='" . (int) $showtopic['uid'] . "'"); $posts = DB_numRows($postcount); $userarray['posts'] = $posts; $starimage = '<img src="%s" alt="' . $LANG_GF01['FORUM'] . ' %s" title="' . $LANG_GF01['FORUM'] . ' %s"/>'; if ($posts < $_FF_CONF['level2']) { $user_level = sprintf($starimage, _ff_getImage('rank1', 'ranks'), $_FF_CONF['level1name'], $_FF_CONF['level1name']); $user_levelname = $_FF_CONF['level1name']; } elseif ($posts >= $_FF_CONF['level2'] && $posts < $_FF_CONF['level3']) { $user_level = sprintf($starimage, _ff_getImage('rank2', 'ranks'), $_FF_CONF['level2name'], $_FF_CONF['level2name']); $user_levelname = $_FF_CONF['level2name']; } elseif ($posts >= $_FF_CONF['level3'] && $posts < $_FF_CONF['level4']) { $user_level = sprintf($starimage, _ff_getImage('rank3', 'ranks'), $_FF_CONF['level3name'], $_FF_CONF['level3name']); $user_levelname = $_FF_CONF['level3name']; } elseif ($posts >= $_FF_CONF['level4'] && $posts < $_FF_CONF['level5']) { $user_level = sprintf($starimage, _ff_getImage('rank4', 'ranks'), $_FF_CONF['level4name'], $_FF_CONF['level4name']); $user_levelname = $_FF_CONF['level4name']; } elseif ($posts > $_FF_CONF['level5']) { $user_level = sprintf($starimage, _ff_getImage('rank5', 'ranks'), $_FF_CONF['level5name'], $_FF_CONF['level5name']); $user_levelname = $_FF_CONF['level5name']; } if (forum_modPermission($showtopic['forum'], $showtopic['uid'])) { $user_level = sprintf($starimage, _ff_getImage('rank_mod', 'ranks'), $LANG_GF01['moderator'], $LANG_GF01['moderator']); $user_levelname = $LANG_GF01['moderator']; } if (SEC_inGroup(1, $showtopic['uid'])) { $user_level = sprintf($starimage, _ff_getImage('rank_admin', 'ranks'), $LANG_GF01['admin'], $LANG_GF01['admin']); $user_levelname = $LANG_GF01['admin']; } $userarray['user_level'] = $user_level; $userarray['user_levelname'] = $user_levelname; if ($userarray['photo'] != "") { $avatar = '<img src="' . USER_getPhoto($showtopic['uid'], '', '', '', '0') . '" alt="" title="" class="forum-userphoto" style="width:' . $_FF_CONF['avatar_width'] . 'px;"/>'; $min_height = $min_height + 150; } else { if (!isset($_CONF['default_photo']) || $_CONF['default_photo'] == '') { $img = $_CONF['site_url'] . '/images/userphotos/default.jpg'; } else { $img = $_CONF['default_photo']; } $avatar = '<img src="' . $img . '" alt="" title="" class="forum-userphoto" style="width:' . $_FF_CONF['avatar_width'] . 'px;"/>'; $min_height = $min_height + 150; } if ($_FF_CONF['enable_user_rating_system']) { if ($showtopic['uid'] > 1) { $min_height = $min_height + 10; } } if (SEC_inGroup('Root') && function_exists('plugin_cclabel_nettools') && isset($showtopic['ip'])) { $min_height = $min_height + 5; } $udt = new Date(strtotime($userarray['regdate']), $_USER['tzid']); $regdate = $udt->format($_CONF['shortdate'], true) . '<br/>'; $numposts = $posts; if (DB_count($_TABLES['sessions'], 'uid', (int) $showtopic['uid']) > 0 and DB_getItem($_TABLES['userprefs'], 'showonline', "uid=" . (int) $showtopic['uid'] . "") == 1) { $onlinestatus = $LANG_GF01['ONLINE']; } else { $onlinestatus = $LANG_GF01['OFFLINE']; } $userarray['avatar'] = $avatar; $userarray['onlinestatus'] = $onlinestatus; $userarray['min_height'] = $min_height; $userarray['regdate'] = $regdate; $userarray['numposts'] = $numposts; $location = $userarray['location']; $cacheUserArray[$showtopic['uid']] = $userarray; $foundUser = 1; } } } else { if (!isset($_CONF['default_photo']) || $_CONF['default_photo'] == '') { $img = $_CONF['site_url'] . '/images/userphotos/default.jpg'; } else { $img = $_CONF['default_photo']; } $avatar = '<img src="' . $img . '" alt="" title="" class="forum-userphoto" style="width:' . $_FF_CONF['avatar_width'] . 'px;"/>'; $min_height = $min_height + 150; } if ($foundUser) { $userlink = '<a href="' . $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $showtopic['uid'] . '" '; $userlink .= 'class="authorname ' . $onetwo . '" rel="nofollow"><strong>' . $username . '</strong></a>'; $uservalid = true; if ($userarray['sig'] != '' || $userarray['signature'] != '') { $sig = ''; $sig .= FF_getSignature($userarray['sig'], $userarray['signature'], 'html'); $min_height = $min_height + 30; } } else { $uservalid = false; $userlink = $LANG_GF01['ANON'] . $showtopic['name']; } if ($_FF_CONF['show_moods'] && $showtopic['mood'] != "") { $moodimage = '<img style="vertical-align:middle;" src="' . _ff_getImage($showtopic['mood'], 'moods') . '" title="' . $showtopic['mood'] . '" alt=""/><br/>'; $min_height = $min_height + 30; } $showtopic['comment'] = FF_formatTextBlock($showtopic['comment'], $showtopic['postmode'], $mode, $showtopic['status']); $showtopic['subject'] = @htmlspecialchars(strip_tags($showtopic['subject']), ENT_QUOTES, COM_getEncodingt()); $showtopic['subject'] = COM_truncate($showtopic['subject'], $_FF_CONF['show_subject_length'], '...'); if ($mode != 'preview' && $uservalid && !COM_isAnonUser() && (isset($_USER['uid']) && $_USER['uid'] == $showtopic['uid'])) { /* Check if user can still edit this post - within allowed edit timeframe */ $editAllowed = false; if ($_FF_CONF['allowed_editwindow'] > 0) { $t1 = $showtopic['date']; $t2 = $_FF_CONF['allowed_editwindow']; if (time() - $t2 < $t1) { $editAllowed = true; } } else { $editAllowed = true; } if ($editAllowed) { $editlink = $_CONF['site_url'] . '/forum/createtopic.php?mode=edittopic&forum=' . $showtopic['forum'] . '&id=' . $showtopic['id'] . '&editid=' . $showtopic['id'] . '&page=' . $page; $editlinkimg = '<img src="' . _ff_getImage('edit_button') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['EDITICON'] . '" title="' . $LANG_GF01['EDITICON'] . '"/>'; $topictemplate->set_var(array('editlink' => $editlink, 'editlinkimg' => $editlinkimg, 'LANG_edit' => $LANG_GF01['EDITICON'])); } } else { $topictemplate->set_var(array('editlink' => '', 'editlinkimg' => '', 'LANG_edit' => '')); } if ($highlight != '') { $showtopic['subject'] = str_replace("{$highlight}", "<span class=\"b\">{$highlight}</span>", $showtopic['subject']); $showtopic['comment'] = str_replace("{$highlight}", "<span class=\"b\">{$highlight}</span>", $showtopic['comment']); } if ($showtopic['pid'] == 0) { $replytopicid = $showtopic['id']; $is_lockedtopic = $showtopic['locked']; $views = $showtopic['views']; $topictemplate->set_var('read_msg', sprintf($LANG_GF02['msg49'], $views)); if ($is_lockedtopic) { $topictemplate->set_var('locked_icon', '<img src="' . _ff_getImage('padlock') . '" title="' . $LANG_GF02['msg114'] . '" alt=""/>'); } } else { $is_lockedtopic = $showtopic['locked']; $replytopicid = $showtopic['pid']; $topictemplate->set_var('read_msg', ''); } if ($_FF_CONF['allow_user_dateformat']) { $date = $dt->format($dt->getUserFormat(), true); } else { $date = $dt->format($_FF_CONF['default_Topic_Datetime_format'], true); } $topictemplate->set_var('posted_date', $date); if ($mode != 'preview') { if (!COM_isAnonUser()) { $bmArray = _ff_cacheBookMarks($_USER['uid']); if (isset($bmArray[$showtopic['id']])) { $topictemplate->set_var('bookmark_icon', '<img src="' . _ff_getImage('star_on_sm') . '" title="' . $LANG_GF02['msg204'] . '" alt=""/>'); $topictemplate->set_var('bookmarked', true); } else { $topictemplate->set_var('bookmark_icon', '<img src="' . _ff_getImage('star_off_sm') . '" title="' . $LANG_GF02['msg203'] . '" alt=""/>'); $topictemplate->unset_var('bookmarked'); } } $topictemplate->clear_var(array('quotelink', 'quotelinkimg', 'LANG_quote')); if ($is_lockedtopic == 0) { $is_readonly = $showtopic['is_readonly']; if ($is_readonly == 0 || forum_modPermission($showtopic['forum'], COM_isAnonUser() ? 1 : $_USER['uid'], 'mod_edit')) { if ($canPost != 0) { $quotelink = $_CONF['site_url'] . '/forum/createtopic.php?mode=newreply&forum=' . $showtopic['forum'] . '&id=' . $replytopicid . '&quoteid=' . $showtopic['id']; $quotelinkimg = '<img src="' . _ff_getImage('quote_button') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['QUOTEICON'] . '" title="' . $LANG_GF01['QUOTEICON'] . '"/>'; $topictemplate->set_var(array('quotelink' => $quotelink, 'quotelinkimg' => $quotelinkimg, 'LANG_quote' => $LANG_GF01['QUOTEICON'])); } } } $topictemplate->set_var(array('topic_post_link_begin' => '<a name="' . $showtopic['id'] . '">', 'topic_post_link_end' => '</a>')); $mod_functions = _ff_getmodFunctions($showtopic); $topictemplate->clear_var(array('profilelink', 'profilelinkimg', 'LANG_profile')); $topictemplate->clear_var(array('pmlink', 'pmlinkimg', 'LANG_pm')); if ($showtopic['uid'] > 1 && $uservalid) { $profile_link = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $showtopic['uid']; $profile_linkimg = '<img src="' . _ff_getImage('profile_button') . '" style="border:none;vertical-align:middle;" alt="' . $LANG_GF01['ProfileLink'] . '" title="' . $LANG_GF01['ProfileLink'] . '"/>'; $topictemplate->set_var(array('profilelink' => $profile_link, 'profilelinkimg' => $profile_linkimg, 'LANG_profile' => $LANG_GF01['ProfileLink'])); if ($_FF_CONF['use_pm_plugin'] && (!COM_isAnonUser() && $_USER['uid'] != $showtopic['uid'])) { $pmplugin_link = forumPLG_getPMlink($showtopic['uid']); if ($pmplugin_link != '') { $pm_link = $pmplugin_link; $pm_linkimg = '<img src="' . _ff_getImage('pm_button') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['PMLink'] . '" title="' . $LANG_GF01['PMLink'] . '"/>'; $topictemplate->set_var(array('pmlink' => $pm_link, 'pmlinkimg' => $pm_linkimg, 'LANG_pm' => $LANG_GF01['PMLink'])); } } } $topictemplate->clear_var(array('emaillink', 'emaillinkimg', 'LANG_email')); if (isset($userarray['email']) && $userarray['email'] != '' && $showtopic["uid"] > 1 && $userarray['emailfromuser'] == 1) { $email_link = $_CONF['site_url'] . '/profiles.php?uid=' . $showtopic['uid']; $email_linkimg = '<img src="' . _ff_getImage('email_button') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['EmailLink'] . '" title="' . $LANG_GF01['EmailLink'] . '"/>'; $topictemplate->set_var(array('emaillink' => $email_link, 'emaillinkimg' => $email_linkimg, 'LANG_email' => $LANG_GF01['EmailLink'])); } $topictemplate->clear_var(array('websitelink', 'websitelinkimg', 'LANG_website')); if (isset($userarray['homepage']) && $userarray['homepage'] != '') { $homepage = trim($userarray['homepage']); if (!preg_match("/http/i", $homepage)) { $homepage = 'http://' . $homepage; } $homepageimg = '<img src="' . _ff_getImage('website_button') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['WebsiteLink'] . '" title="' . $LANG_GF01['WebsiteLink'] . '"/>'; $topictemplate->set_var(array('websitelink' => $homepage, 'websitelinkimg' => $homepageimg, 'LANG_website' => $LANG_GF01['WebsiteLink'])); } $back2 = $LANG_GF01['back2top']; $backlink = '<center><a href="' . $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $replytopicid . '">' . $back2 . '</a></center>'; } else { if (!isset($_GET['onlytopic']) || $_GET['onlytopic'] != 1) { $topictemplate->set_var('preview_topic_subject', $showtopic['subject']); } else { $topictemplate->set_var('preview_topic_subject', ''); } $topictemplate->set_var('read_msg', ''); $topictemplate->set_var('locked_icon', ''); // Check and see if there are no [file] bbcode tags in content and reset the show_inline value // This is needed in case user had used the file bbcode tag and then removed it $imagerecs = ''; if (is_array($forumfiles)) { $imagerecs = implode(',', $forumfiles); } if (!empty($_POST['uniqueid'])) { $uniqueid = COM_applyFilter($_POST['uniqueid'], true); $sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $uniqueid . " "; if ($imagerecs != '') { $sql .= "AND id NOT IN ({$imagerecs})"; } DB_query($sql); } else { if (isset($_POST['id'])) { $tid = COM_applyFilter($_POST['id'], true); $sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $tid . " "; if ($imagerecs != '') { $sql .= "AND id NOT IN ({$imagerecs})"; } DB_query($sql); } } } $uniqueid = isset($_POST['uniqueid']) ? COM_applyFilter($_POST['uniqueid'], true) : 0; if ($showtopic['id'] > 0 && (!isset($_POST['action']) || $_POST['action'] != 'newreply')) { $topictemplate->set_var('attachments', _ff_showattachments((int) $showtopic['id'])); } elseif ($uniqueid > 0) { $topictemplate->set_var('attachments', _ff_showattachments((int) $uniqueid)); } if (SEC_inGroup('Root') && function_exists('plugin_cclabel_nettools') && isset($showtopic['ip'])) { $iplink = '<a href="' . $_CONF['site_admin_url'] . '/plugins/nettools/whois.php?domain=' . $showtopic['ip'] . '" target="_new">' . $showtopic['ip'] . '</a>'; $topictemplate->set_var('ipaddress', $iplink); } else { $topictemplate->set_var('ipaddress', ''); } $voteHTML = ''; if ($_FF_CONF['enable_user_rating_system']) { if ($showtopic['uid'] > 1) { //not an anonymous poster // grab the poster's current rating... $rating = _ff_getUserRating($showtopic['uid']); if ($rating > 0) { $grade = '+' . $rating; } else { $grade = $rating; } //Find out if user has rights to increase / decrease score if (!COM_isAnonUser() && $_USER['uid'] != $showtopic['uid']) { //Can't vote for yourself & must be logged in if (!isset($_user_already_voted[$showtopic['uid']])) { $_user_already_voted[$showtopic['uid']] = DB_getItem($_TABLES['ff_rating_assoc'], 'grade', "user_id = " . (int) $showtopic['uid'] . ' AND voter_id = ' . (int) $_USER['uid']); } if ($_user_already_voted[$showtopic['uid']] == '') { // user has never voted for this poster $vote_language = $LANG_GF01['grade_user']; $plus_vote = '<a href="#" onclick="ajax_voteuser(' . $_USER['uid'] . ',' . $showtopic['uid'] . ',' . $showtopic['id'] . ',1,1);return false;"><img src="' . $_CONF['site_url'] . '/forum/images/plus.png" alt="plus" /></a>'; $minus_vote = '<a href="#" onclick="ajax_voteuser(' . $_USER['uid'] . ',' . $showtopic['uid'] . ',' . $showtopic['id'] . ',-1,1);return false;"><img src="' . $_CONF['site_url'] . '/forum/images/minus.png" alt="minus" /></a>'; $min_height = $min_height + 10; } else { // user has already voted for this poster $vote_language = $LANG_GF01['retract_grade']; if ($_user_already_voted[$showtopic['uid']] > 0) { // gave a +1 show the minus to retract $plus_vote = ''; $minus_vote = '<a href="#" onclick="ajax_voteuser(' . $_USER['uid'] . ',' . $showtopic['uid'] . ',' . $showtopic['id'] . ',-1,0);return false;"><img src="' . $_CONF['site_url'] . '/forum/images/minus.png" alt="minus" /></a>'; $min_height = $min_height + 10; } else { // gave a -1 show the plus to retract $minus_vote = ''; $plus_vote = '<a href="#" onclick="ajax_voteuser(' . $_USER['uid'] . ',' . $showtopic['uid'] . ',' . $showtopic['id'] . ',1,0);return false;"><img src="' . $_CONF['site_url'] . '/forum/images/plus.png" alt="plus" /></a>'; $min_height = $min_height + 10; } } $voteHTML = '<div class="c' . $showtopic['uid'] . '"><span id="vote' . $showtopic['id'] . '">' . $vote_language . '<br />' . $minus_vote . $plus_vote . '<br />' . $LANG_GF01['grade'] . ': ' . $grade . '</span></div>'; } else { // display 'rating' $voteHTML = $LANG_GF01['grade'] . ': ' . $grade; } } } $topictemplate->set_var(array('user_name' => isset($username) ? $username : '******', 'vote_html' => $voteHTML, 'csscode' => $onetwo, 'postmode' => $showtopic['postmode'], 'userlink' => $userlink, 'lang_forum' => $LANG_GF01['FORUM'], 'user_levelname' => isset($user_levelname) ? $user_levelname : '', 'user_level' => isset($user_level) ? $user_level : '', 'magical_image' => isset($moodimage) ? $moodimage : '', 'avatar' => isset($avatar) ? $avatar : '', 'onlinestatus' => isset($onlinestatus) ? $onlinestatus : '', 'regdate' => isset($regdate) ? $regdate : '', 'numposts' => isset($numposts) ? $numposts : '', 'location' => isset($location) ? wordwrap(COM_truncate($location, 100), 20, '<br />') : '', 'topic_subject' => $showtopic['subject'], 'LANG_ON2' => $LANG_GF01['ON2'], 'mod_functions' => isset($mod_functions) ? $mod_functions : '', 'topic_comment' => $showtopic['comment'], 'subject' => $showtopic['subject'], 'comment_minheight' => "min-height:{$min_height}px", 'forumid' => $showtopic['forum'], 'topic_id' => $showtopic['id'], 'parent_id' => $replytopicid, 'back_link' => isset($backlink) ? $backlink : '', 'member_badge' => forumPLG_getMemberBadge($showtopic['uid']))); if ($replytopicid != 0) { $topictemplate->set_var('prefix', $LANG_GF01['RE']); } else { $topictemplate->set_var('prefix', ''); } if (isset($sig) && trim($sig) != '') { $topictemplate->set_var('sig', PLG_replaceTags($sig, 'forum', 'signature')); } else { $topictemplate->set_var('sig', ''); } }
/** * used for the lists of submissions and draft stories in admin/moderation.php * * @param string $fieldName * @param string $fieldValue * @param array $A * @param array $icon_arr * @return string */ function ADMIN_getListField_moderation($fieldName, $fieldValue, $A, $icon_arr) { global $_CONF, $_TABLES, $LANG_ADMIN; $type = ''; if (isset($A['_moderation_type'])) { $type = $A['_moderation_type']; } switch ($fieldName) { case 'edit': $retval = COM_createLink($icon_arr['edit'], $A['edit']); break; case 'delete': $retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"delete\"" . XHTML . ">"; break; case 'approve': $retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"approve\"" . XHTML . ">" . "<input type=\"hidden\" name=\"id[{$A['row']}]\" value=\"{$A[0]}\"" . XHTML . ">"; break; case 'day': $retval = strftime($_CONF['daytime'], $A['day']); break; case 'tid': $retval = DB_getItem($_TABLES['topics'], 'topic', "tid = '{$A['tid']}'"); break; case 'uid': $name = ''; if ($A['uid'] == 1) { $name = htmlspecialchars(COM_stripslashes(DB_getItem($_TABLES['commentsubmissions'], 'name', "cid = '{$A['id']}'"))); } if (empty($name)) { $name = COM_getDisplayName($A['uid']); } if ($A['uid'] == 1) { $retval = $name; } else { $retval = COM_createLink($name, $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid']); } break; case 'publishfuture': if (!SEC_inGroup('Comment Submitters', $A['uid']) && $A['uid'] > 1) { $retval = "<input type=\"checkbox\" name=\"publishfuture[]\" value=\"{$A['uid']}\"" . XHTML . ">"; } else { $retval = $LANG_ADMIN['na']; } break; default: if ($fieldName == 4 && ($type === 'story' || $type === 'story_draft')) { $retval = TOPIC_getTopicAdminColumn('article', $A[0]); } elseif ($fieldName == 2 && $type === 'comment') { $commentText = COM_getTextContent($A['comment']); $excerpt = htmlspecialchars(COM_truncate($commentText, 140, '...')); // try to provide a link to the parent item (e.g. article, poll) $info = PLG_getItemInfo($A['type'], $A['sid'], 'title,url'); if (empty($info) || empty($info[0]) || empty($info[1])) { // if not available, display excerpt from the comment $retval = htmlspecialchars(COM_truncate($commentText, 40, '...')); if (strlen($commentText) > 40) { $retval = '<span title="' . $excerpt . '">' . $retval . '</span>'; } } else { $retval = COM_createLink($info[0], $info[1], array('title' => $excerpt)); } } else { $retval = COM_makeClickableLinks(stripslashes($fieldValue)); } break; } return $retval; }
/** * Return list of articles for the Related Items block * * @param array $tids list of topic ids * @param int $max maximum number of items to return * @param int $trim max length of text * @return array array of links to related articles with unix timestamp as key */ function plugin_getrelateditems_story($tids, $max, $trim) { global $_CONF, $_TABLES; $where_sql = ''; $archivetid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1"); if (!empty($archivetid)) { $where_sql = " AND (ta.tid <> '{$archivetid}')"; } // Find the newest stories the user has access too $sql = "SELECT sid, title, UNIX_TIMESTAMP(date) s_date\n FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n WHERE ta.type = 'article' AND ta.id = sid AND (ta.tid IN ('" . implode("','", $tids) . "'))\n AND (date <= NOW()) AND (draft_flag = 0)" . $where_sql . COM_getPermSQL('AND') . COM_getLangSQL('sid', 'AND') . "\n GROUP BY sid ORDER BY s_date DESC LIMIT {$max}"; $result = DB_query($sql); $nrows = DB_numRows($result); $newstories = array(); if ($nrows > 0) { for ($x = 0; $x < $nrows; $x++) { $A = DB_fetchArray($result); $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']); $title = COM_undoSpecialChars(stripslashes($A['title'])); if ($trim > 0) { $titletouse = COM_truncate($title, $trim, '...'); } else { $titletouse = $title; } if ($title != $titletouse) { $attr = array('title' => htmlspecialchars($title)); } else { $attr = array(); } $astory = str_replace('$', '$', $titletouse); $astory = str_replace(' ', ' ', $astory); $newstories[$A['s_date']] = COM_createLink($astory, $url, $attr); } } return $newstories; }
$subject = ''; $is_forum = $LANG_GF02['msg138']; $topic_link = '<a href="' . $_CONF['site_url'] . '/forum/index.php?forum=' . $forum_id . '" title="' . $subject . '">' . $subject . '</a>'; } else { if ($topic_id < 0) { $neg_subscription = true; $topic_id = -$topic_id; } else { $neg_subscription = false; } $result = DB_query("SELECT subject,name,replies,views,uid,id FROM {$_TABLES['forum_topic']} WHERE id = '{$topic_id}'"); $A = DB_fetchArray($result); if ($A['subject'] == '') { $subject = $LANG_GF01['MISSINGSUBJECT']; } elseif (strlen($A['subject']) > 50) { $subject = htmlspecialchars(COM_truncate($A['subject'], 50, '...'), ENT_QUOTES, $CONF_FORUM['charset']); } else { $subject = htmlspecialchars($A['subject'], ENT_QUOTES, $CONF_FORUM['charset']); } $topic_link = '<a href="' . $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topic_id . '" title="'; $topic_link .= $subject . '">' . $subject . '</a>'; } $report->set_var('id', $notify_recid); $report->set_var('csscode', $i % 2 + 1); $report->set_var('forum', $forum_name); $report->set_var('linksubject', htmlspecialchars($subject, ENT_QUOTES, $CONF_FORUM['charset'])); $report->set_var('is_forum', $is_forum); $report->set_var('topic_link', $topic_link); $report->set_var('topicauthor', $A['name']); $report->set_var('date_added', $date_added); $report->set_var('uid', $A['uid']);
function getPath_ul($hot = 0, $sortOrder = 0, $page = 0) { global $MG_albums, $_MG_CONF; $path = '<li>' . ($hot ? '<a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $this->id . '&sort=' . $sortOrder . '&page=' . $page . '">' : '') . ($_MG_CONF['truncate_breadcrumb'] > 0 ? COM_truncate(strip_tags($this->title), $_MG_CONF['truncate_breadcrumb'], '...') : strip_tags($this->title)) . '</li>'; $tree = $MG_albums[$this->parent]; while ($tree->id != 0) { $path = '<li><a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $tree->id . '&sort=' . $sortOrder . '">' . ($_MG_CONF['truncate_breadcrumb'] > 0 ? COM_truncate(strip_tags($tree->title), $_MG_CONF['truncate_breadcrumb'], '...') : strip_tags($tree->title)) . '</a></li>' . $path; $tree = $MG_albums[$tree->parent]; } return $path; }
/** * Callback function to help format links in COM_makeClickableLinks * * @param string $http set to 'http://' when not already in the url * @param string $link the url * @return string link enclosed in <a>...</a> tags * */ function COM_makeClickableLinksCallback($http, $link) { global $_CONF; static $encoding = null; if ($encoding === null) { $encoding = COM_getEncodingt(); } if (substr($link, -1) === '.') { $link = substr($link, 0, -1); $end = '.'; } else { $end = ''; } if (isset($_CONF['linktext_maxlen']) && $_CONF['linktext_maxlen'] > 0) { $text = COM_truncate($link, $_CONF['linktext_maxlen'], '...', 10); } else { $text = $link; } $text = htmlspecialchars($text, ENT_QUOTES, $encoding); return '<a href="' . $http . $link . '">' . $text . '</a>' . $end; }
// Check for SPAM $spamcheck = '<h1>' . $_POST['subject'] . '</h1><p>' . $_POST['comment'] . '</p>'; $result = PLG_checkforSpam($spamcheck, $_CONF['spamx']); // Now check the result and redirect to index.php if spam action was taken if ($result > 0) { // then tell them to get lost ... $display .= COM_showMessage($result, 'spamx'); $display = gf_createHTMLDocument($display); COM_output($display); exit; } } $postmode = gf_chkpostmode($postmode, $mode_switch); $subject = gf_preparefordb(strip_tags($_POST['subject']), 'text'); if (strlen($subject) > 100) { $subject = COM_truncate($subject, 99, '...'); } $comment = gf_preparefordb($_POST['comment'], $postmode); $locked = 0; $sticky = 0; if ($_POST['modedit'] == 1) { if ($_POST['locked_switch'] == 1) { $locked = 1; } if ($_POST['sticky_switch'] == 1) { $sticky = 1; } } $fields = "forum,name,date,lastupdated,subject,comment,postmode,ip,mood,uid,pid,sticky,locked"; $sql = "INSERT INTO {$_TABLES['forum_topic']} ({$fields}) "; $sql .= "VALUES ('{$forum}','{$name}','{$date}',{$date},'{$subject}','{$comment}', ";
/** * return a field value for the block administration list * */ function BLOCK_getListField($fieldname, $fieldvalue, $A, $icon_arr, $token) { global $_CONF, $LANG_ADMIN, $LANG21, $_IMAGE_TYPE; $retval = false; $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); $enabled = $A['is_enabled'] == 1 ? true : false; if ($access > 0 && BLOCK_hasTopicAccess($A['tid']) > 0) { switch ($fieldname) { case 'edit': $retval = ''; if ($access == 3) { $attr['title'] = $LANG_ADMIN['edit']; $retval .= COM_createLink($icon_arr['edit'], $_CONF['site_admin_url'] . '/block.php?edit=x&bid=' . $A['bid'], $attr); } break; case 'blockorder': $order = $A['blockorder']; $retval = $enabled ? $order : '<span class="disabledfield">' . $order . '</span>'; break; case 'move': if ($access == 3) { if ($A['onleft'] == 1) { $side = $LANG21[40]; $blockcontrol_image = 'block-right.' . $_IMAGE_TYPE; $moveTitleMsg = $LANG21[59]; $switchside = '1'; } else { $blockcontrol_image = 'block-left.' . $_IMAGE_TYPE; $moveTitleMsg = $LANG21[60]; $switchside = '0'; } $retval .= "<img src=\"{$_CONF['layout_url']}/images/admin/{$blockcontrol_image}\" width=\"45\" height=\"20\" usemap=\"#arrow{$A['bid']}\" alt=\"\">" . "<map id=\"arrow{$A['bid']}\" name=\"arrow{$A['bid']}\">" . "<area coords=\"0,0,12,20\" title=\"{$LANG21[58]}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where=up&" . CSRF_TOKEN . "={$token}\" alt=\"{$LANG21[58]}\">" . "<area coords=\"13,0,29,20\" title=\"{$moveTitleMsg}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where={$switchside}&" . CSRF_TOKEN . "={$token}\" alt=\"{$moveTitleMsg}\">" . "<area coords=\"30,0,43,20\" title=\"{$LANG21[57]}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where=dn&" . CSRF_TOKEN . "={$token}\" alt=\"{$LANG21[57]}\">" . "</map>"; } break; case 'name': $name = COM_truncate($A['name'], 20, ' ...', true); $retval = $enabled ? $name : '<span class="disabledfield">' . $name . '</span>'; break; case 'title': $title = COM_truncate(strip_tags($A['title']), 20, ' ...', true); $retval = $enabled ? $title : '<span class="disabledfield">' . $title . '</span>'; break; case 'tid': $topic = COM_truncate($A['tid'], 20, ' ...', true); $retval = $enabled ? $topic : '<span class="disabledfield">' . $topic . '</span>'; break; case 'delete': $retval = ''; if ($access == 3 && $A['type'] != 'gldefault') { $attr['title'] = $LANG_ADMIN['delete']; $attr['onclick'] = "return confirm('" . $LANG21[69] . "');"; $retval .= COM_createLink($icon_arr['delete'], $_CONF['site_admin_url'] . '/block.php' . '?delete=x&bid=' . $A['bid'] . '&' . CSRF_TOKEN . '=' . $token, $attr); } break; case 'is_enabled': if ($access == 3) { if ($enabled) { $switch = ' checked="checked"'; $title = 'title="' . $LANG_ADMIN['disable'] . '" '; } else { $title = 'title="' . $LANG_ADMIN['enable'] . '" '; $switch = ''; } $retval = '<input class="blk-clicker" type="checkbox" id="enabledblocks[' . $A['bid'] . ']" name="enabledblocks[' . $A['bid'] . ']" ' . $title . 'onclick="submit()" value="' . $A['bid'] . '"' . $switch . '>'; $retval .= '<input type="hidden" name="bidarray[' . $A['bid'] . ']" value="' . $A['onleft'] . '" >'; } break; default: $retval = $enabled ? $fieldvalue : '<span class="disabledfield">' . $fieldvalue . '</span>'; break; } } return $retval; }
/** * Display a monthly calendar. * Dates that have events scheduled are highlighted. * * @param integer $year Year to display, default is current year * @param integer $month Starting month * @param integer $day Starting day * @param integer $cat Event category * @plaram integer $cal Calendar ID * @return string HTML for calendar page */ function EVLIST_monthview($year = 0, $month = 0, $day = 0, $cat = 0, $cal = 0, $opt = '') { global $_CONF, $_EV_CONF, $LANG_MONTH; EVLIST_setViewSession('month', $year, $month, $day); $retval = ''; list($currentyear, $currentmonth, $currentday) = explode('-', $_EV_CONF['_today']); // Default to the current month if ($year == 0) { $year = $currentyear; } if ($month == 0) { $month = $currentmonth; } if ($day == 0) { $day = $currentday; } $cat = (int) $cat; $cal = (int) $cal; // Set the calendar header. $cal_header = EVLIST_calHeader($year, $month, $day, 'month', $cat, $cal); // Get all the dates in the month $calendarView = Date_Calc::getCalendarMonth($month, $year, '%Y-%m-%d'); $x = count($calendarView) - 1; $y = count($calendarView[$x]) - 1; $starting_date = $calendarView[0][0]; $ending_date = $calendarView[$x][$y]; $daynames = EVLIST_getDayNames(); $events = EVLIST_getEvents($starting_date, $ending_date, array('cat' => $cat, 'cal' => $cal)); $nextmonth = $month + 1; $nextyear = $year; if ($nextmonth > 12) { $nextmonth = 1; $nextyear = $year + 1; } $prevmonth = $month - 1; $prevyear = $year; if ($prevmonth < 1) { $prevmonth = 12; $prevyear = $year - 1; } $tplpath = EVLIST_PI_PATH . '/templates/monthview'; $tpl = 'monthview'; if ($opt == 'print') { $tpl .= '_print'; } elseif ($_EV_CONF['cal_tmpl'] == 'json') { $tpl .= '_json'; } $T = new Template($tplpath); $T->set_file(array('monthview' => $tpl . '.thtml', 'allday_event' => 'event_allday.thtml', 'timed_event' => 'event_timed.thtml')); foreach ($daynames as $key => $dayname) { $T->set_var('dayname' . $key, $dayname); } list($y, $m, $d) = explode('-', $starting_date); $weekOfYear = Date_Calc::weekOfYear($d, $m, $y); $calendars_used = array(); $i = 0; $T->set_block('monthview', 'weekBlock', 'wBlock'); foreach ($calendarView as $weeknum => $weekdata) { list($weekYear, $weekMonth, $weekDay) = explode('-', $weekdata[0]); $T->set_var(array('wyear' => $weekYear, 'wmonth' => $weekMonth, 'wday' => $weekDay, 'urlfilt_cat' => $cat, 'urlfilt_cal' => $cal, 'weeknum' => $weekOfYear, $tplx => 'true')); $weekOfYear++; foreach ($weekdata as $daynum => $daydata) { list($y, $m, $d) = explode('-', $daydata); if ($daydata == $_EV_CONF['_today']) { $dayclass = 'today'; } elseif ($m == $month) { $dayclass = 'on'; } else { $dayclass = 'other-month'; } $T->set_var('cal_day_anchortags', COM_createLink(sprintf("%02d", $d), EVLIST_URL . '/index.php?view=day&' . "cat={$cat}&cal={$cal}" . "&day={$d}&month={$m}&year={$y}", array('class' => 'cal-date'))); if (!isset($events[$daydata])) { // Just to avoid foreach() errors $events[$daydata] = array(); } $dayentries = ''; $T->clear_var('cal_day_entries'); $T->set_block('monthview', 'dayBlock', 'dBlock'); foreach ($events[$daydata] as $event) { if (empty($event['title'])) { continue; } $ev_hover = ''; $ev_title = COM_truncate($event['title'], 40, '...'); // Sanitize fields for display. No HTML in the popup. $title = htmlentities(strip_tags($event['title'])); $summary = htmlentities(strip_tags($event['summary'])); // add the calendar to the array to create the JS checkboxes $calendars_used[$event['cal_id']] = array('cal_name' => $event['cal_name'], 'cal_ena_ical' => $event['cal_ena_ical'], 'cal_id' => $event['cal_id'], 'fgcolor' => $event['fgcolor'], 'bgcolor' => $event['bgcolor']); // Create the hover tooltip. Timed events show the times first if ($event['allday'] == 0) { $ev_hover = date($_CONF['timeonly'], strtotime($event['rp_date_start'] . ' ' . $event['rp_time_start1'])); if ($event['split'] == 1 && !empty($event['rp_time_start2'])) { $ev_hover .= ' & ' . date($_CONF['timeonly'], strtotime($event['rp_date_start'] . ' ' . $event['rp_time_start2'])); } $ev_hover .= ' - '; } else { $ev_hover = ''; } // All events show the summary or title, if available if (!empty($summary)) { $ev_hover .= $summary; } else { $ev_hover .= $title; } $T->set_var(array('cal_id' => $event['cal_id'], 'cal_id_url' => $cal_id, 'cat_id' => $cat, 'ev_hover' => $ev_hover, 'ev_title' => $ev_title, 'eid' => $event['rp_id'], 'fgcolor' => $event['fgcolor'], 'bgcolor' => $event['bgcolor'], 'pi_url' => EVLIST_URL)); if ($event['allday'] == 1) { $dayentries .= $T->parse('output', 'allday_event', true); } else { $dayentries .= $T->parse('output', 'timed_event', true); } } // Now set the vars for the entire day block $T->set_var(array('year' => $y, 'month' => $m, 'day' => $d, 'cal_day_style' => $dayclass, 'pi_url' => EVLIST_URL, 'cal_day_entries' => $dayentries)); //if ($_EV_CONF['_can_add']) { if (EVLIST_canSubmit()) { // Add the "Add Event" link for the day $T->set_var('can_add', 'true'); } $T->parse('dBlock', 'dayBlock', true); } $T->parse('wBlock', 'weekBlock', true); $T->clear_var('dBlock'); } $T->set_var(array('pi_url' => EVLIST_URL, 'thisyear' => $year, 'thismonth' => $month, 'thismonth_str' => $LANG_MONTH[(int) $month], 'prevmonth' => $prevmonth, 'prevyear' => $prevyear, 'nextmonth' => $nextmonth, 'nextyear' => $nextyear, 'urlfilt_cat' => (int) $cat, 'urlfilt_cal' => (int) $cal, 'cal_header' => $cal_header, 'cal_footer' => EVLIST_calFooter($calendars_used), 'cal_checkboxes' => EVLIST_cal_checkboxes($calendars_used), 'site_name' => $_CONF['site_name'], 'site_slogan' => $_CONF['site_slogan'])); $T->parse('output', 'monthview'); return $T->finish($T->get_var('output')); }
function buildAlbumBox(&$album_selectbox, $selected, $access = 1, $hide = 0, $type = 'upload', $level = 0) { global $_USER, $_MG_CONF; $_MG_USERPREFS = MG_getUserPrefs(); $mgadmin = SEC_hasRights('mediagallery.admin'); $count = 0; $indent = ''; $z = 0; while ($z < $level) { $indent .= " "; $z++; } if ($type == 'upload') { if ($_MG_CONF['member_albums'] && $this->isMemberAlbum() && $this->owner_id == $_USER['uid'] && $_MG_USERPREFS['active'] || $this->member_uploads && $this->access >= 2 || $this->access >= $access || $mgadmin) { if ($this->id != $hide) { if (!$this->hidden || $this->hidden && $mgadmin) { if ($this->id != 0) { $album_selectbox .= '<option value="' . $this->id . '"' . ($this->id == $selected ? ' selected="selected" ' : '') . '>' . $indent; $tatitle = strip_tags($this->title); if (strlen($tatitle) > 50) { $aTitle = COM_truncate($tatitle, 50) . '...'; } else { $aTitle = $tatitle; } $album_selectbox .= $aTitle . '</option>'; $count++; } } } } } if ($type == 'edit') { if ($this->id == $selected || $_MG_CONF['member_albums'] && $_MG_CONF['member_album_root'] == $this->id && $_MG_CONF['member_create_new'] && $_MG_USERPREFS['active'] || $this->access >= $access) { if ($this->id != $hide) { if (!$this->hidden || $mgadmin) { $album_selectbox .= '<option value="' . $this->id . '"' . ($this->id == $selected ? ' selected="selected" ' : '') . '>' . $indent; $tatitle = strip_tags($this->title); if (strlen($tatitle) > 50) { $aTitle = COM_truncate($tatitle, 50) . '...'; } else { $aTitle = $tatitle; } //$aTitle = $tatitle; // . '(' . $this->access . ')'; $album_selectbox .= $aTitle . '</option>'; $count++; } } } } if ($type == 'create') { if ($_MG_CONF['member_albums'] && $_MG_CONF['member_album_root'] == $this->id && $_MG_CONF['member_create_new'] && $_MG_USERPREFS['active'] || $this->access >= $access) { if ($this->id != $hide) { if (!$this->hidden || $this->hidden && $mgadmin) { if ($this->id != 0 || ($mgadmin || $_MG_CONF['member_albums'] == 1 && $_MG_CONF['member_album_root'] == 0 && $_MG_CONF['member_create_new'])) { $album_selectbox .= '<option value="' . $this->id . '"' . ($this->id == $selected ? ' selected="selected" ' : '') . '>' . $indent; $tatitle = strip_tags($this->title); if (strlen($tatitle) > 50) { $aTitle = COM_truncate($tatitle, 50) . '...'; } else { $aTitle = $tatitle; } $album_selectbox .= $aTitle . '</option>'; $count++; } } } } } if ($type == 'manage') { if ($this->access >= $access) { if (!$this->hidden || $this->hidden && $mgadmin) { if ($this->id != 0 || ($mgadmin || $_MG_CONF['member_albums'] == 1 && $_MG_CONF['member_album_root'] == 0 && $_MG_CONF['member_create_new'])) { $album_selectbox .= '<option ' . ($this->id == $hide ? 'disabled="disabled" ' : '') . ' value="' . $this->id . '"' . ($this->id == $selected && $this->id != $hide ? ' selected="selected" ' : '') . '>' . $indent; $tatitle = strip_tags($this->title); if (strlen($tatitle) > 50) { $aTitle = COM_truncate($tatitle, 50) . '...'; } else { $aTitle = $tatitle; } $album_selectbox .= $aTitle . '</option>'; $count++; } } } } if ($this->id != $hide || $this->id == $hide && $type == 'manage') { $children = $this->getChildren(); foreach ($children as $child) { $child_album = new mgAlbum($child); $count += $child_album->buildAlbumBox($album_selectbox, $selected, $access, $hide, $type, $level + 1); } } return $count; }
function phpblock_storypicker() { global $_TABLES, $_CONF, $topic; $LANG_STORYPICKER = array('choose' => 'Choose a story'); $max_stories = 5; //how many stories to display in the list $topicsql = ''; $sid = ''; if (isset($_GET['story'])) { $sid = COM_applyFilter($_GET['story']); $stopic = DB_getItem($_TABLES['stories'], 'tid', 'sid = \'' . DB_escapeString($sid) . '\''); if (!empty($stopic)) { $topic = $stopic; } else { $sid = ''; } } if (empty($topic)) { if (isset($_GET['topic'])) { $topic = COM_applyFilter($_GET['topic']); } elseif (isset($_POST['topic'])) { $topic = COM_applyFilter($_POST['topic']); } else { $topic = ''; } } if (!empty($topic)) { $topicsql = " AND tid = '" . DB_escapeString($topic) . "'"; } if (empty($topicsql)) { $topic = DB_getItem($_TABLES['topics'], 'tid', 'archive_flag = 1'); if (empty($topic)) { $topicsql = ''; } else { $topicsql = " AND tid <> '" . DB_escapeString($topic) . "'"; } } $sql = 'SELECT sid, title FROM ' . $_TABLES['stories'] . ' WHERE draft_flag = 0 AND date <= now()' . COM_getPermSQL(' AND') . COM_getTopicSQL(' AND') . $topicsql . ' ORDER BY date DESC LIMIT ' . $max_stories; $res = DB_query($sql); $list = ''; while ($A = DB_fetchArray($res)) { $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']); $list .= '<li><a href=' . $url . '>' . htmlspecialchars(COM_truncate($A['title'], 41, '...')) . "</a></li>\n"; } return $list; }
/** * return a field value for the topic administration list * */ function TOPIC_getListField($fieldname, $fieldvalue, $A, $icon_arr, $token) { global $_CONF, $LANG_ADMIN, $LANG27, $_IMAGE_TYPE; $retval = false; $access = SEC_inGroup('Topic Admin') ? 3 : SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); if ($access > 0) { switch ($fieldname) { case 'edit': $retval = ''; if ($access == 3) { $attr['title'] = $LANG_ADMIN['edit']; $retval .= COM_createLink($icon_arr['edit'], $_CONF['site_admin_url'] . '/topic.php?edit=x&tid=' . $A['tid'], $attr); } break; case 'tid': $retval = COM_truncate($fieldvalue, 20, ' ...', true); break; case 'topic': $retval = COM_truncate($fieldvalue, 28, ' ...', true); break; case 'sort_by': $retval = $LANG27[30 + $fieldvalue]; break; case 'is_default': case 'archive_flag': $retval = $fieldvalue != 0 ? $icon_arr['check'] : ''; break; case 'move': if ($access == 3) { if ($A['onleft'] == 1) { $side = $LANG21[40]; $blockcontrol_image = 'block-right.' . $_IMAGE_TYPE; $moveTitleMsg = $LANG21[59]; $switchside = '1'; } else { $blockcontrol_image = 'block-left.' . $_IMAGE_TYPE; $moveTitleMsg = $LANG21[60]; $switchside = '0'; } $retval .= "<img src=\"{$_CONF['layout_url']}/images/admin/{$blockcontrol_image}\" width=\"45\" height=\"20\" usemap=\"#arrow{$A['bid']}\" alt=\"\"" . XHTML . ">" . "<map id=\"arrow{$A['bid']}\" name=\"arrow{$A['bid']}\">" . "<area coords=\"0,0,12,20\" title=\"{$LANG21[58]}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where=up&" . CSRF_TOKEN . "={$token}\" alt=\"{$LANG21[58]}\"" . XHTML . ">" . "<area coords=\"13,0,29,20\" title=\"{$moveTitleMsg}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where={$switchside}&" . CSRF_TOKEN . "={$token}\" alt=\"{$moveTitleMsg}\"" . XHTML . ">" . "<area coords=\"30,0,43,20\" title=\"{$LANG21[57]}\" href=\"{$_CONF['site_admin_url']}/block.php?move=1&bid={$A['bid']}&where=dn&" . CSRF_TOKEN . "={$token}\" alt=\"{$LANG21[57]}\"" . XHTML . ">" . "</map>"; } break; case 'delete': $retval = ''; if ($access == 3) { $attr['title'] = $LANG_ADMIN['delete']; $attr['onclick'] = 'return doubleconfirm(\'' . $LANG27[40] . '\',\'' . $LANG27[6] . ' ' . $LANG27[56] . '\');'; $retval .= COM_createLink($icon_arr['delete'], $_CONF['site_admin_url'] . '/topic.php' . '?delete=x&tid=' . $A['tid'] . '&' . CSRF_TOKEN . '=' . $token, $attr); } break; default: $retval = $fieldvalue; break; } } return $retval; }
/** * Callback function to help format links in COM_makeClickableLinks * * @param string $http set to 'http://' when not already in the url * @param string $link the url * @return string link enclosed in <a>...</a> tags * */ function COM_makeClickableLinksCallback($http, $link) { $text = COM_truncate($link, 50, '...', '10'); return "<a href=\"{$http}{$link}\">{$text}</a>"; }
/** * Saves the user's information back to the database * * @A array User's data * */ function saveuser($A) { global $_CONF, $_TABLES, $_USER, $LANG04, $LANG24, $_US_VERBOSE; if ($_US_VERBOSE) { COM_errorLog('**** Inside saveuser in usersettings.php ****', 1); } $reqid = DB_getItem($_TABLES['users'], 'pwrequestid', "uid = " . (int) $_USER['uid']); if ($reqid != $A['uid']) { DB_change($_TABLES['users'], 'pwrequestid', "NULL", 'uid', (int) $_USER['uid']); COM_accessLog("An attempt was made to illegally change the account information of user {$_USER['uid']}."); return COM_refresh($_CONF['site_url'] . '/index.php'); } if (isset($_POST['merge'])) { if (COM_applyFilter($_POST['remoteuid'], true) != $_USER['uid']) { echo COM_refresh($_CONF['site_url'] . '/usersettings.php?mode=edit'); } USER_mergeAccounts(); } // If not set or possibly removed from template - initialize variable if (!isset($A['cooktime'])) { $A['cooktime'] = 0; } else { $A['cooktime'] = COM_applyFilter($A['cooktime'], true); } // If empty or invalid - set to user default // So code after this does not fail the user password required test if ($A['cooktime'] < 0) { // note that == 0 is allowed! $A['cooktime'] = $_USER['cookietimeout']; } // to change the password, email address, or cookie timeout, // we need the user's current password $account_type = DB_getItem($_TABLES['users'], 'account_type', "uid = {$_USER['uid']}"); $service = DB_getItem($_TABLES['users'], 'remoteservice', "uid = {$_USER['uid']}"); if ($service == '') { $current_password = DB_getItem($_TABLES['users'], 'passwd', "uid = {$_USER['uid']}"); if (!empty($A['newp']) || $A['email'] != $_USER['email'] || $A['cooktime'] != $_USER['cookietimeout']) { if (empty($A['passwd']) || !SEC_check_hash($A['passwd'], $current_password)) { return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=83'); } elseif ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) { $ret = CUSTOM_userCheck($A['username'], $A['email']); if (!empty($ret)) { // Need a numeric return for the default message handler // - if not numeric use default message if (!is_numeric($ret)) { $ret['number'] = 97; } return COM_refresh("{$_CONF['site_url']}/usersettings.php?msg={$ret}"); } } } elseif ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) { $ret = CUSTOM_userCheck($A['username'], $A['email']); if (!empty($ret)) { // Need a numeric return for the default message hander - if not numeric use default message // - if not numeric use default message if (!is_numeric($ret)) { $ret = 97; } return COM_refresh("{$_CONF['site_url']}/usersettings.php?msg={$ret}"); } } } // Let plugins have a chance to decide what to do before saving the user, return errors. $msg = PLG_itemPreSave('useredit', $A['username']); if (!empty($msg)) { // need a numeric return value - otherwise use default message if (!is_numeric($msg)) { $msg = 97; } return COM_refresh("{$_CONF['site_url']}/usersettings.php?msg={$msg}"); } // no need to filter the password as it's encoded anyway if ($_CONF['allow_username_change'] == 1) { $A['new_username'] = $A['new_username']; if (!empty($A['new_username']) && USER_validateUsername($A['new_username']) && $A['new_username'] != $_USER['username']) { $A['new_username'] = DB_escapeString($A['new_username']); if (DB_count($_TABLES['users'], 'username', $A['new_username']) == 0) { if ($_CONF['allow_user_photo'] == 1) { $photo = DB_getItem($_TABLES['users'], 'photo', "uid = " . (int) $_USER['uid']); if (!empty($photo) && strstr($photo, $_USER['username']) !== false) { $newphoto = preg_replace('/' . $_USER['username'] . '/', $_USER['uid'], $photo, 1); $imgpath = $_CONF['path_images'] . 'userphotos/'; @rename($imgpath . $photo, $imgpath . $newphoto); DB_change($_TABLES['users'], 'photo', DB_escapeString($newphoto), "uid", (int) $_USER['uid']); } } DB_change($_TABLES['users'], 'username', $A['new_username'], "uid", (int) $_USER['uid']); } else { return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=51'); } } } // a quick spam check with the unfiltered field contents $profile = '<h1>' . $LANG04[1] . ' ' . $_USER['username'] . '</h1><p>'; // this is a hack, for some reason remoteservice links made SPAMX SLV check barf if (empty($service)) { $profile .= COM_createLink($A['homepage'], $A['homepage']) . '<br />'; } $profile .= $A['location'] . '<br />' . $A['sig'] . '<br />' . $A['about'] . '<br />' . $A['pgpkey'] . '</p>'; $result = PLG_checkforSpam($profile, $_CONF['spamx']); if ($result > 0) { COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden'); } $A['email'] = COM_applyFilter($A['email']); $A['email_conf'] = COM_applyFilter($A['email_conf']); $A['homepage'] = COM_applyFilter($A['homepage']); // basic filtering only $A['fullname'] = COM_truncate(trim(USER_sanitizeName($A['fullname'])), 80); $A['location'] = strip_tags($A['location']); $A['sig'] = strip_tags($A['sig']); $A['about'] = strip_tags($A['about']); $A['pgpkey'] = strip_tags($A['pgpkey']); if (!COM_isEmail($A['email'])) { return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=52'); } else { if ($A['email'] !== $A['email_conf']) { return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=78'); } else { if (emailAddressExists($A['email'], $_USER['uid'])) { return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=56'); } else { if ($service == '') { if (!empty($A['newp'])) { $A['newp'] = trim($A['newp']); $A['newp_conf'] = trim($A['newp_conf']); if ($A['newp'] == $A['newp_conf'] && SEC_check_hash($A['passwd'], $current_password)) { $passwd = SEC_encryptPassword($A['newp']); DB_change($_TABLES['users'], 'passwd', DB_escapeString($passwd), "uid", (int) $_USER['uid']); if ($A['cooktime'] > 0) { $cooktime = $A['cooktime']; $token_ttl = $A['cooktime']; } else { $cooktime = 0; $token_ttl = 14400; } $ltToken = SEC_createTokenGeneral('ltc', $token_ttl); SEC_setCookie($_CONF['cookie_password'], $ltToken, time() + $cooktime); } elseif (!SEC_check_hash($A['passwd'], $current_password)) { return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=68'); } elseif ($A['newp'] != $A['newp_conf']) { return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=67'); } } } else { // Cookie if ($A['cooktime'] > 0) { $cooktime = $A['cooktime']; } else { $cooktime = 0; } $ltToken = SEC_createTokenGeneral('ltc', $cooktime); SEC_setCookie($_CONF['cookie_password'], $ltToken, time() + $cooktime); } if ($_US_VERBOSE) { COM_errorLog('cooktime = ' . $A['cooktime'], 1); } if ($A['cooktime'] <= 0) { $cookie_timeout = 0; $token_ttl = 14400; } else { $cookie_timeout = time() + $A['cooktime']; $token_ttl = $A['cooktime']; } SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], $cookie_timeout, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true); DB_query("DELETE FROM {$_TABLES['tokens']} WHERE owner_id=" . (int) $_USER['uid'] . " AND urlfor='ltc'"); if ($cookie_timeout > 0) { $ltToken = SEC_createTokenGeneral('ltc', $token_ttl); SEC_setCookie($_CONF['cookie_password'], $ltToken, $cookie_timeout, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true); } else { SEC_setCookie($_CONF['cookie_password'], '', -10000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true); } if ($_CONF['allow_user_photo'] == 1) { $delete_photo = ''; if (isset($A['delete_photo'])) { $delete_photo = $A['delete_photo']; } $filename = handlePhotoUpload($delete_photo); } if (!empty($A['homepage'])) { $pos = MBYTE_strpos($A['homepage'], ':'); if ($pos === false) { $A['homepage'] = 'http://' . $A['homepage']; } else { $prot = substr($A['homepage'], 0, $pos + 1); if ($prot != 'http:' && $prot != 'https:') { $A['homepage'] = 'http:' . substr($A['homepage'], $pos + 1); } } $A['homepage'] = DB_escapeString($A['homepage']); } $A['fullname'] = DB_escapeString($A['fullname']); $A['email'] = DB_escapeString($A['email']); $A['location'] = DB_escapeString($A['location']); $A['sig'] = DB_escapeString($A['sig']); $A['about'] = DB_escapeString($A['about']); $A['pgpkey'] = DB_escapeString($A['pgpkey']); if (!empty($filename)) { if (!file_exists($_CONF['path_images'] . 'userphotos/' . $filename)) { $filename = ''; } } DB_query("UPDATE {$_TABLES['users']} SET fullname='{$A['fullname']}',email='{$A['email']}',homepage='{$A['homepage']}',sig='{$A['sig']}',cookietimeout=" . (int) $A['cooktime'] . ",photo='" . DB_escapeString($filename) . "' WHERE uid=" . (int) $_USER['uid']); DB_query("UPDATE {$_TABLES['userinfo']} SET pgpkey='{$A['pgpkey']}',about='{$A['about']}',location='{$A['location']}' WHERE uid=" . (int) $_USER['uid']); // Call custom registration save function if enabled and exists if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) { CUSTOM_userSave($_USER['uid']); } PLG_userInfoChanged((int) $_USER['uid']); // at this point, the user information has been saved, but now we're going to check to see if // the user has requested resynchronization with their remoteservice account $msg = 5; // default msg = Your account information has been successfully saved if (isset($A['resynch'])) { if ($_CONF['user_login_method']['oauth'] && strpos($_USER['remoteservice'], 'oauth.') === 0) { $modules = SEC_collectRemoteOAuthModules(); $active_service = count($modules) == 0 ? false : in_array(substr($_USER['remoteservice'], 6), $modules); if (!$active_service) { $status = -1; $msg = 115; // Remote service has been disabled. } else { require_once $_CONF['path_system'] . 'classes/oauthhelper.class.php'; $service = substr($_USER['remoteservice'], 6); $consumer = new OAuthConsumer($service); $callback_url = $_CONF['site_url']; $consumer->setRedirectURL($callback_url); $user = $consumer->authenticate_user(); $consumer->doSynch($user); } } if ($msg != 5) { $msg = 114; // Account saved but re-synch failed. COM_errorLog($MESSAGE[$msg]); } } PLG_profileExtrasSave(); PLG_profileSave(); if ($_US_VERBOSE) { COM_errorLog('**** Leaving saveuser in usersettings.php ****', 1); } return COM_refresh($_CONF['site_url'] . '/users.php?mode=profile&uid=' . $_USER['uid'] . '&msg=' . $msg); } } } }
function getPathUL($hot = 0, $sortOrder = 0, $page = 0) { global $MG_albums, $_MG_CONF; $retval = ''; $tree = $MG_albums[$this->parent]; while ($tree->id != 0) { $retval .= '<li>'; $retval .= ' <a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $tree->id . '&sort=' . $sortOrder . '">'; $retval .= $_MG_CONF['truncate_breadcrumb'] > 0 ? COM_truncate(strip_tags($tree->title), $_MG_CONF['truncate_breadcrumb'], '...') : strip_tags($tree->title); $retval .= '</a>'; $tree = $MG_albums[$tree->parent]; } $retval .= '<li>'; if ($hot) { $retval .= '<a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $this->id . '&sort=' . $sortOrder . '&page=' . $page . '">'; } $retval .= $_MG_CONF['truncate_breadcrumb'] > 0 ? COM_truncate(strip_tags($this->title), $_MG_CONF['truncate_breadcrumb'], '...') : strip_tags($this->title); if ($hot) { $retval .= '</a>'; } $retval .= '</li>'; return $retval; }
/** * Callback function to help format links in COM_makeClickableLinks * * @param string $http set to 'http://' when not already in the url * @param string $link the url * @return string link enclosed in <a>...</a> tags * */ function COM_makeClickableLinksCallback($http, $link) { global $_CONF; static $encoding = null; if ($encoding === null) { $encoding = COM_getEncodingt(); } // When $link ends with a period, the period will be moved out of the link // text (bug #0001675) if (substr($link, -1) === '.') { $link = substr($link, 0, -1); $end = '.'; } else { $end = ''; } if ($_CONF['linktext_maxlen'] > 0) { $text = COM_truncate($link, $_CONF['linktext_maxlen'], '...', 10); } else { $text = $link; } $text = htmlspecialchars($text, ENT_QUOTES, $encoding); return '<a href="' . $http . $link . '">' . $text . '</a>' . $end; }
function createuser() { global $_CONF, $_TABLES, $LANG01, $LANG04, $MESSAGE, $REMOTE_ADDR; $retval = ''; $retval = ''; $passwd = ''; $passwd_conf = ''; if ($_CONF['disable_new_user_registration']) { COM_setMsg($LANG04[122], 'error'); echo COM_refresh($_CONF['site_url']); } $email = isset($_POST['email']) ? COM_applyFilter($_POST['email']) : ''; $email_conf = isset($_POST['email_conf']) ? COM_applyFilter($_POST['email_conf']) : ''; $username = isset($_POST['username']) ? $_POST['username'] : ''; if (isset($_POST['passwd'])) { $passwd = trim($_POST['passwd']); } if (isset($_POST['passwd_conf'])) { $passwd_conf = trim($_POST['passwd_conf']); } $username = COM_truncate(trim($username), 48); if (!USER_validateUsername($username)) { $retval .= newuserform($LANG04[162]); return $retval; } $email = COM_truncate(trim($email), 96); $email_conf = trim($email_conf); if ($_CONF['registration_type'] == 1) { if (empty($passwd) || $passwd != $passwd_conf) { $retval .= newuserform($MESSAGE[67]); return $retval; } } $fullname = ''; if (!empty($_POST['fullname'])) { $fullname = COM_truncate(trim(USER_sanitizeName($_POST['fullname'])), 80); } if (!isset($_CONF['disallow_domains'])) { $_CONF['disallow_domains'] = ''; } if (COM_isEmail($email) && !empty($username) && $email === $email_conf && !USER_emailMatches($email, $_CONF['disallow_domains']) && strlen($username) <= 48) { $ucount = DB_count($_TABLES['users'], 'username', DB_escapeString($username)); $ecount = DB_count($_TABLES['users'], 'email', DB_escapeString($email)); if ($ucount == 0 and $ecount == 0) { // For glFusion, it would be okay to create this user now. But check // with a custom userform first, if one exists. if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) { $msg = CUSTOM_userCheck($username, $email); if (!empty($msg)) { // no, it's not okay with the custom userform $retval = CUSTOM_userForm($msg); return $retval; } } // Let plugins have a chance to decide what to do before creating the user, return errors. $spamCheckData = array('username' => $username, 'email' => $email, 'ip' => $REMOTE_ADDR); $msg = PLG_itemPreSave('registration', $spamCheckData); if (!empty($msg)) { $retval .= newuserform($msg); return $retval; } if ($_CONF['registration_type'] == 1 && !empty($passwd)) { $encryptedPasswd = SEC_encryptPassword($passwd); } else { $encryptedPasswd = ''; } $uid = USER_createAccount($username, $email, $encryptedPasswd, $fullname); if ($_CONF['usersubmission'] == 1) { if (DB_getItem($_TABLES['users'], 'status', "uid = " . (int) $uid) == USER_ACCOUNT_AWAITING_APPROVAL) { echo COM_refresh($_CONF['site_url'] . '/index.php?msg=48'); } else { $retval = emailpassword($username, $passwd, 1); } } else { $retval = emailpassword($username, $passwd); } return $retval; } else { $retval .= newuserform($LANG04[19]); } } else { if ($email !== $email_conf) { $msg = $LANG04[125]; $retval .= newuserform($msg); } else { // invalid username or email address if (empty($username) || strlen($username) > 48) { $msg = $LANG01[32]; // invalid username } else { $msg = $LANG04[18]; // invalid email address } $retval .= newuserform($msg); } } return $retval; }
function MG_getBirdseed($album_id, $hot = 0, $sortOrder = 0, $page = 0) { global $_CONF, $_MG_CONF, $LANG_MG03; $items = array(); $aid = $album_id; while ($aid != 0) { $album_data = MG_getAlbumData($aid, array('album_title', 'album_parent')); $url = NULL; if ($hot == 1) { $url = $_MG_CONF['site_url'] . '/album.php?aid=' . $aid . '&sort=' . $sortOrder; if ($aid == $album_id && $page > 1) { $url .= '&page=' . $page; } } $title = strip_tags($album_data['album_title']); if ($_MG_CONF['truncate_breadcrumb'] > 0) { $title = COM_truncate($title, $_MG_CONF['truncate_breadcrumb'], '...'); } $items[] = array('href' => $url, 'title' => $title); $hot = 1; $aid = $album_data['album_parent']; } if ($_MG_CONF['gallery_only'] != 1) { $url = NULL; if ($hot == 1) { $url = $_MG_CONF['site_url'] . '/index.php'; if ($album_id == 0 && $page > 1) { $url .= '?page=' . $page; } } $items[] = array('href' => $url, 'title' => $_MG_CONF['root_album_name']); } $items[] = array('href' => $_CONF['site_url'] . '/index.php', 'title' => $LANG_MG03['home']); $retval = ''; $count = count($items) - 1; foreach ($items as $key => $item) { $birdseed = ''; if ($key < $count) { } if ($item['href'] !== NULL) { $birdseed .= "<li>" . COM_createLink($item['title'], $item['href']) . "</li>"; } else { $birdseed .= "<li>" . $item['title'] . "</li>"; } $retval = $birdseed . $retval; } return $retval; }
$folder_msg = $LANG_GF02['msg61']; } elseif ($record['locked'] == 1) { $folderimg = '<img src="' . _ff_getImage('locked') . '" style="vertical-align:middle;" alt="' . $LANG_GF02['msg114'] . '" title="' . $LANG_GF02['msg114'] . '"/>'; $folder_icon = _ff_getImage('locked'); $folder_msg = $LANG_GF02['msg114']; } else { $folderimg = '<img src="' . _ff_getImage('noposts') . '" style="vertical-align:middle;" alt="' . $LANG_GF02['msg59'] . '" title="' . $LANG_GF02['msg59'] . '"/>'; $folder_icon = _ff_getImage('noposts'); $folder_msg = $LANG_GF02['msg59']; } $lastposter = $lastreply['name']; $moved = ''; if ($record['moved'] == 1) { $moved = "{$LANG_GF01['MOVED']}: "; } $subject = COM_truncate($record['subject'], $_FF_CONF['show_subject_length'], '...'); if ($_FF_CONF['use_censor']) { $subject = COM_checkWords($subject); $record['subject'] = COM_checkWords($record['subject']); } if ($record['attachments'] > 0) { $subject = $subject . ' <img src="' . $_CONF['site_url'] . '/forum/images/document_sm.gif" alt=""/>'; } $firstposterName = $record['name']; $topicinfo = htmlspecialchars($record['subject']) . '::' . htmlspecialchars(preg_replace('#\\r?\\n#', '<br/>', substr(strip_tags($record['comment']), 0, $_FF_CONF['contentinfo_numchars']) . '...')); $topiclisting->set_var(array('folderimg' => $folderimg, 'folder_icon' => $folder_icon, 'folder_msg' => $folder_msg, 'topicinfo' => $topicinfo, 'topic_id' => $record['id'], 'subject' => $subject, 'author' => $record['uid'] > 1 ? '<a href="' . $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $record['uid'] . '">' . $record['name'] . '</a>' : $record['name'], 'fullsubject' => $record['subject'], 'gotomsg' => $gotomsg, 'displaypageslink' => $displaypageslink, 'showuserlink' => $showuserlink, 'lastposter' => $lastposter, 'LANG_lastpost' => $LANG_GF02['msg188'], 'moved' => $moved, 'views' => $record['views'], 'replies' => $record['replies'], 'lastdate' => $lastdate, 'lastpostid' => $record['lpid'], 'LANG_BY' => $LANG_GF01['BY'], 'startdate' => $firstdate)); $topiclisting->parse('trow', 'topicrows', true); $displayCount++; } $topiclisting->set_var('pagenavigation', forum_pagination($base_url, $page, $numpages)); $topiclisting->set_var('page', $page);
/** * Display latest forum posts in the center block. * * @param where int where the block will be displayed (0..2) * @param page int page number * @param topic string topic ID * @return string HTML for the center blcok (can be empty) */ function CUSTOM_centerblock_forum($limit = '') { global $_CONF, $_USER, $_TABLES, $LANG_GF01, $CONF_FORUM; global $LANG_GF02, $mode, $order; //$TIMER = new timerobject(); //$TIMER->startTimer(); //$exectime = $TIMER->stopTimer(); if ($CONF_FORUM['installed_version'] < 2.6) { return; } if ($CONF_FORUM['registration_required'] && $_USER['uid'] < 2) { return; } $retval = ''; $cb_enable = $CONF_FORUM['show_centerblock']; $cb_where = $CONF_FORUM['centerblock_where']; // If enabled only for homepage and this is not page 1 or a topic page, // then set disable flag if ($CONF_FORUM['centerblock_homepage'] == 1 and ($page > 1 or !empty($topic))) { $cb_enable = 0; } elseif ($CONF_FORUM['centerblock_homepage'] == 0 and $page > 1) { $cb_where = 1; // Top of Page } // Check if there are no featured articles in this topic // and if so then place it at the top of the page if (!empty($topic)) { $fromsql = ", {$_TABLES['topic_assignments']} ta"; $wheresql = "WHERE ta.id = sid AND ta.tid='{$topic}' AND featured > 0"; } else { $fromsql = ''; $wheresql = 'WHERE featured = 1'; } $query = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} {$fromsql} {$wheresql}"); $result = DB_fetchArray($query); if ($result['count'] == 0 and $cb_where == 2) { $cb_where = 1; } $block = new Template($_CONF['path'] . 'system/custom/forum'); $block->set_file(array('block' => 'centerblock.thtml', 'record' => 'centerblock_displayline.thtml')); $block->set_var('xhtml', XHTML); $block->set_var('phpself', $_CONF['site_url'] . '/index.php'); $block->set_var('startblock', COM_startBlock($LANG_GF02['msg170'])); $block->set_var('endblock', COM_endBlock()); $block->set_var('site_url', $_CONF['site_url']); $block->set_var('layout_url', $CONF_FORUM['layout_url']); $block->set_var('LANG_title', $LANG_GF02['msg170']); $block->set_var('LANG_FORUM', $LANG_GF01['FORUM']); $block->set_var('LANG_TOPIC', $LANG_GF01['TOPIC']); $block->set_var('LANG_LASTPOST', $LANG_GF01['LASTPOST']); $block->set_var('LANG_viewlastpost', $LANG_GF02['msg160']); $block->set_var('LANG_forumjump', $LANG_GF02['msg195']); $groups = array(); $usergroups = SEC_getUserGroups(); foreach ($usergroups as $group) { $groups[] = $group; } $grouplist = implode(',', $groups); if ($limit != '') { $CONF_FORUM['centerblock_numposts'] = $limit; } $sql = "SELECT a.id, a.forum, a.name, a.date, a.lastupdated, a.last_reply_rec, a.subject, "; $sql .= "a.comment, a.uid, a.name, a.pid, a.replies, a.views, b.forum_name "; $sql .= "FROM {$_TABLES['forum_topic']} a "; $sql .= "LEFT JOIN {$_TABLES['forum_forums']} b ON a.forum=b.forum_id "; $sql .= "WHERE pid=0 AND b.grp_id IN ({$grouplist}) AND b.no_newposts = 0 "; $sql .= "ORDER BY lastupdated DESC LIMIT {$CONF_FORUM['centerblock_numposts']}"; $result = DB_query($sql); if (DB_numRows($result) == 0) { return; } $f_tooltip = function_exists('COM_getTooltip'); $cssid = 0; while ($A = DB_fetchArray($result)) { // $fullsubject = "{$A['subject']}\n{$LANG_GF01['POSTEDBY']}:{$A['name']}{$LANG_GF01['VIEWS']}:{$A['views']}, {$LANG_GF01['REPLIES']}:{$A['replies']}"; $fullsubject = "{$LANG_GF01['POSTEDBY']}:{$A['name']}{$LANG_GF01['VIEWS']}:{$A['views']}"; if (strlen($A['subject']) > $CONF_FORUM['cb_subject_size']) { $A['subject'] = COM_truncate($A['subject'], $CONF_FORUM['cb_subject_size'], '...'); } if ($CONF_FORUM['allow_user_dateformat']) { $firstdate = COM_getUserDateTimeFormat($A['date']); $firstdate = $firstdate[0]; $lastdate = COM_getUserDateTimeFormat($A['lastupdated']); $lastdate = $lastdate[0]; } else { $firstdate = strftime($CONF_FORUM['default_Datetime_format'], $A['date']); $lastdate = strftime($CONF_FORUM['default_Datetime_format'], $A['lastupdated']); } if ($A['uid'] > 1) { $topicinfo = COM_getDisplayName($A['uid']); //$topicinfo .= sprintf($LANG_GF01['LASTREPLYBY'],COM_getDisplayName($A['uid'])); } else { $topicinfo = "{$A['name']}"; } // $topicinfo .= "{$firstdate} " . " {$LANG_GF01['VIEWS']}:{$A['views']}, {$LANG_GF01['REPLIES']}:{$A['replies']}</span>"; // $topicinfo .= "{$firstdate} " . " {$LANG_GF01['VIEWS']}:{$A['views']}"."</span>"; if (empty($A['last_reply_rec']) or $A['last_reply_rec'] < 1) { $lastid = $A['id']; $lastcomment = $A['comment']; } else { $qlreply = DB_query("SELECT id,uid,name,comment FROM {$_TABLES['forum_topic']} WHERE id={$A['last_reply_rec']}"); $B = DB_fetchArray($qlreply); $lastid = $B['id']; $lastcomment = $B['comment']; if ($B['uid'] > 1) { $lastpostuser = sprintf("%s", COM_getDisplayName($B['uid'])); } else { $lastpostuser = sprintf("%s", $B['name']); } } $lastpostinfo = strip_tags(COM_truncate($lastcomment, $CONF_FORUM['contentinfo_numchars'], '...')); $lastpostinfo = str_replace(LB, "<br" . XHTML . ">", forum_mb_wordwrap($lastpostinfo, $CONF_FORUM['linkinfo_width'], LB)); $cssid = $cssid == 1 ? 2 : 1; $f_tooltip = 0; if ($f_tooltip) { $lastpostlink = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$A['id']}&lastpost=true#{$lastid}"; $block->set_var('tooltip_date', COM_getTooltip($lastdate, $lastpostinfo, $lastpostlink)); $topiclink = "{$_CONF['site_url']}/forum/viewtopic.php?showtopic={$A['id']}"; $block->set_var('tooltip_topic_subject', COM_getTooltip($A['subject'], $topicinfo, $topiclink)); } else { $block->set_var('lastpostinfo', $lastpostinfo); $block->set_var('topicinfo', $topicinfo); $block->set_var('date', $firstdate); $block->set_var('lastdate', $lastdate); $block->set_var('topic_subject', $A['subject']); } $block->set_var('lastpostuser', $lastpostuser); $block->set_var('lastpostid', $lastid); $block->set_var('cssid', $cssid); $block->set_var('img_dir', $CONF_FORUM['imgset']); $block->set_var('forum_id', $A['forum']); $block->set_var('forum_name', $A['forum_name']); $block->set_var('topic_id', $A['id']); $block->set_var('fullsubject', $fullsubject); $block->set_var('views', $A['views']); $block->set_var('replies', $A['replies']); $block->set_var('posts', $A['replies'] + 1); $block->set_var('lastpostby', $A['name']); $block->parse('block_records', 'record', true); } $block->parse('output', 'block'); $retval .= $block->finish($block->get_var('output')); //$exectime = $TIMER->stopTimer(); //COM_errorLog("Centerblock Execution Time: $exectime seconds"); return $retval; }