function msg_selectbuddies($uid, $allusers = false)
{
global $_USER, $_CONF, $_TABLES;
$retval = '';
if ($allusers) {
// Show all site members - else users in selected group
$result = DB_query("SELECT uid,username,fullname from {$_TABLES['users']} ORDER BY username");
while (list($uid, $username, $fullname) = DB_fetchArray($result)) {
if (DB_count($_TABLES['messenger_buddies'], array('uid', 'buddy_id'), array($_USER['uid'], $uid)) == 0) {
if ($_CONF['show_fullname'] == 1 and trim($fullname) != '') {
$retval .= '<option value="' . $uid . '">' . $fullname . '</option>';
} elseif ($_CONF['show_fullname'] == 0) {
$retval .= '<option value="' . $uid . '">' . $username . '</option>';
}
}
}
} else {
$result = DB_query("SELECT user.uid,user.username,user.fullname FROM {$_TABLES['users']} user, {$_TABLES['messenger_buddies']} buddy WHERE user.uid=buddy.buddy_id AND buddy.uid={$_USER['uid']} ORDER BY username");
while (list($uid, $username, $fullname) = DB_fetchArray($result)) {
if ($_CONF['show_fullname'] == 1 and trim($fullname) != '') {
$retval .= '<option value="' . $uid . '">' . $fullname . '</option>';
} elseif ($_CONF['show_fullname'] == 0) {
$retval .= '<option value="' . $uid . '">' . $username . '</option>';
}
}
}
return $retval;
}
function upgrade_plugins_141()
{
global $_TABLES;
if (DB_count($_TABLES['plugins'], 'pi_name', 'links') == 1) {
DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '1.0.1', pi_gl_version = '1.4.1' WHERE pi_name = 'links'");
}
// add remarks-field to polls
if (DB_count($_TABLES['plugins'], 'pi_name', 'polls') == 1) {
DB_query("ALTER TABLE {$_TABLES['pollanswers']} ADD remark varchar(255) NULL AFTER votes");
DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '1.1.0', pi_gl_version = '1.4.1' WHERE pi_name = 'polls'");
}
if (DB_count($_TABLES['plugins'], 'pi_name', 'spamx') == 1) {
// delete MT-Blacklist entries from Spam-X plugin
DB_query("DELETE FROM {$_TABLES['spamx']} WHERE name = 'MTBlacklist'");
// the count of deleted spams was introduced in 1.4.0 but not added
// when upgrading from an older database, so add it now if it's missing
$val = DB_getItem($_TABLES['vars'], 'value', "name = 'spamx.counter'");
if (empty($val)) {
DB_save($_TABLES['vars'], 'name,value', "'spamx.counter','0'");
}
DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '1.1.0', pi_gl_version = '1.4.1' WHERE pi_name = 'spamx'");
}
// add field to support advanced editor and a help link in staticpages
if (DB_count($_TABLES['plugins'], 'pi_name', 'staticpages') == 1) {
DB_query("ALTER TABLE {$_TABLES['staticpage']} ADD postmode varchar(16) DEFAULT 'html' NOT NULL AFTER sp_inblock");
DB_query("ALTER TABLE {$_TABLES['staticpage']} ADD sp_help varchar(255) default '' AFTER sp_centerblock");
DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '1.4.3', pi_gl_version = '1.4.1' WHERE pi_name = 'staticpages'");
}
}
function MG_showAdminSubMenu($sub_menu)
{
global $_CONF, $_TABLES, $_MG_CONF, $LANG_MG01, $LANG_ADMIN, $LANG27;
$menu = '';
$admin_url = $_MG_CONF['admin_url'];
switch ($sub_menu) {
case 'member_albums':
$menu .= '<h3>' . $LANG_MG01['member_albums'] . '</h3>' . LB;
$menu .= '<ul>' . LB . '<li><a href="' . $admin_url . 'createmembers.php">' . $LANG_MG01['batch_create_members'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'purgealbums.php">' . $LANG_MG01['purge_member_albums'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'resetmembers.php">' . $LANG_MG01['reset_members'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'quotareport.php">' . $LANG_MG01['quota_reports'] . '</a></li>' . LB . '</ul>' . LB;
break;
case 'rss_feeds':
$menu .= '<h3>' . $LANG_MG01['rss_feeds'] . '</h3>' . LB;
$menu .= '<ul>' . LB . '<li><a href="' . $admin_url . 'rssrebuild.php?mode=full">' . $LANG_MG01['rss_rebuild_all'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'rssrebuild.php?mode=album">' . $LANG_MG01['rss_rebuild_album'] . '</a></li>' . LB . '</ul>' . LB;
break;
case 'batch_sessions':
$session_count = DB_count($_TABLES['mg_sessions'], 'session_status', '1');
$menu .= '<h3>' . $LANG_MG01['batch_sessions'] . '</h3>' . LB;
$menu .= '<ul>' . LB . '<li><a href="' . $admin_url . 'sessions.php">' . $LANG_MG01['paused_sessions'] . ' (' . $session_count . ')' . '</a></li>' . LB . '<li><a href="' . $admin_url . 'maint.php?mode=thumbs&step=one">' . $LANG_MG01['rebuild_thumb'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'maint.php?mode=resize&step=one">' . $LANG_MG01['resize_display'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'maint.php?mode=remove&step=one">' . $LANG_MG01['discard_originals'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'quota.php">' . $LANG_MG01['rebuild_quota'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'staticsortalbums.php">' . $LANG_MG01['static_sort_albums'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'staticsortmedia.php">' . $LANG_MG01['static_sort_media'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'massdelete.php">' . $LANG_MG01['batch_delete_albums'] . '</a></li>' . LB . '<li><a href="' . $_MG_CONF['site_url'] . '/admin.php?album_id=0&mode=globalperm&a=1">' . $LANG_MG01['globalperm'] . '</a></li>' . LB . '<li><a href="' . $_MG_CONF['site_url'] . '/admin.php?album_id=0&mode=globalattr&a=1">' . $LANG_MG01['globalattr'] . '</a></li>' . LB . '</ul>' . LB;
break;
case 'miscellaneous':
$menu .= '<h3>' . $LANG_MG01['miscellaneous'] . '</h3>' . LB;
$menu .= '<ul>' . LB . '<li><a href="' . $admin_url . 'usage_rpt.php">' . $LANG_MG01['usage_reports'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'exif_admin.php">' . $LANG_MG01['exif_admin_header'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'rssrebuild.php?mode=full">' . $LANG_MG01['rss_rebuild_all'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'rssrebuild.php?mode=album">' . $LANG_MG01['rss_rebuild_album'] . '</a></li>' . LB . '<li><a href="' . $admin_url . 'envcheck.php">' . $LANG_MG01['env_check'] . '</a></li>' . LB . '</ul>' . LB;
break;
}
return $menu;
}
function link()
{
global $_TABLES, $LANG_SX00;
if (DB_count($_TABLES['spamx'], 'name', 'MTBlacklist') > 0) {
$display = $LANG_SX00['uMTlist'];
} else {
$display = $LANG_SX00['initial_import'];
}
return $display;
}
function HELLO_count_hello()
{
global $_CONF, $_TABLES, $_USER, $LANG_HELLO01, $_HE_CONF;
$hellos = DB_count($_TABLES['hello_queue'], '1', '1');
$retval = '<p>' . $hellos . ' ' . $LANG_HELLO01['email_schedule'] . '</p>';
if ($hellos > 0) {
$retval .= '<p><a href="' . $_CONF['site_admin_url'] . '/plugins/hello/manual.php?action=go">' . $LANG_HELLO01['send_next'] . '</a> ' . $_HE_CONF['max_email'] . ' ' . $LANG_HELLO01['max'] . '</p>';
}
return $retval;
}
function MG_navigation()
{
global $_MG_CONF, $_CONF, $_TABLES, $LANG_MG01;
$retval = '';
$T = new Template($_MG_CONF['template_path'] . '/admin');
$T->set_file('admin', 'mg_navigation.thtml');
$queue_count = DB_count($_TABLES['mg_media_album_queue'], '', '');
$T->set_var(array('site_url' => $_MG_CONF['site_url'], 'admin_url' => $_MG_CONF['admin_url'], 'lang_configuration' => $LANG_MG01['configuration'], 'lang_system_options' => $LANG_MG01['system_options'], 'lang_exif_iptc' => $LANG_MG01['exif_admin_header'], 'lang_categories' => $LANG_MG01['category_manage_help'], 'lang_system_defaults' => $LANG_MG01['system_default_editor'], 'lang_album_defaults' => $LANG_MG01['album_default_editor'], 'lang_av_defaults' => $LANG_MG01['av_default_editor'], 'lang_reports' => $LANG_MG01['reports'], 'lang_usage_reports' => $LANG_MG01['usage_reports'], 'lang_quota_reports' => $LANG_MG01['quota_reports'], 'lang_batch_sessions' => $LANG_MG01['batch_sessions'], 'lang_paused_sessions' => $LANG_MG01['paused_sessions'], 'lang_rebuild_thumbs' => $LANG_MG01['rebuild_thumb'], 'lang_resize_images' => $LANG_MG01['resize_display'], 'lang_remove_originals' => $LANG_MG01['discard_originals'], 'lang_utilities' => $LANG_MG01['utilities'], 'lang_logviewer' => $LANG_MG01['log_viewer'], 'lang_php_info' => $LANG_MG01['phpinfo'], 'lang_documentation' => $LANG_MG01['documentation'], 'lang_import_wizards' => $LANG_MG01['import_wizards'], 'session_count' => DB_count($_TABLES['mg_sessions'], 'session_status', '1'), 'lang_member_album_options' => $LANG_MG01['member_album_options'], 'lang_rebuild_quota' => $LANG_MG01['rebuild_quota'], 'lang_batch_create_members' => $LANG_MG01['batch_create_members'], 'lang_member_albums' => $LANG_MG01['member_albums'], 'lang_static_sort_albums' => $LANG_MG01['static_sort_albums'], 'lang_static_sort_media' => $LANG_MG01['static_sort_media'], 'lang_mass_delete' => $LANG_MG01['batch_delete_albums'], 'lang_rss_options' => $LANG_MG01['rss_options'], 'lang_reset_member_attr' => $LANG_MG01['reset_members'], 'lang_rss_rebuild_all' => $LANG_MG01['rss_rebuild_all'], 'lang_rss_rebuild_album' => $LANG_MG01['rss_rebuild_album'], 'lang_rss_feeds' => $LANG_MG01['rss_feeds'], 'lang_album_sort' => $LANG_MG01['sort_albums'], 'lang_global_attr' => $LANG_MG01['globalattr'], 'lang_global_perm' => $LANG_MG01['globalperm'], 'lang_member_purge_album' => $LANG_MG01['purge_member_albums'], 'lang_reset_defaults' => $LANG_MG01['reset_defaults'], 'lang_filecheck' => $LANG_MG01['filecheck'], 'lang_glstory' => $LANG_MG01['gl_story']));
$T->parse('output', 'admin');
$retval .= $T->finish($T->get_var('output'));
return $retval;
}
function nf_chkLookupListsbeforeDelete($listid, $id)
{
global $_TABLES, $NF_LISTS, $NF_MYAPP;
$retval = '';
// Depending on the list, you will need to customize this logic to test if it is used
// Example: Check if role name (list field 1) in this list is used in any workflows
if ($listid = $NF_MYAPP['lookuplists']['expense_request_roles']) {
// Check and see if this role 'process variable name' is used in a workflows
$variableName = nexlistValue($listid, $id, 0);
if (DB_count($_TABLES['nf_templatevariables'], 'variableName', $variableName)) {
$retval = 'Nexflow is using this list item to assign workflow tasks';
}
}
return $retval;
}
/**
* List all markers that the user has access to
*
* @retun string HTML for the list
*
*/
function MAPS_listMarkersAdmin()
{
global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG_ADMIN, $LANG_MAPS_1;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
if (DB_count($_TABLES['maps_markers']) == 0) {
return $retval = '';
}
$header_arr = array(array('text' => $LANG_MAPS_1['id'], 'field' => 'mkid', 'sort' => true), array('text' => $LANG_MAPS_1['name'], 'field' => 'name', 'sort' => true), array('text' => $LANG_MAPS_1['map_label'], 'field' => 'mapname', 'sort' => true), array('text' => $LANG_MAPS_1['active_field'], 'field' => 'active', 'sort' => true), array('text' => $LANG_MAPS_1['hidden_field'], 'field' => 'hidden', 'sort' => true), array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false));
$defsort_arr = array('field' => 'modified', 'direction' => 'desc');
$text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/plugins/maps/markers.php');
$sql = "SELECT\n\t a.*, b.name as mapname\n FROM {$_TABLES['maps_markers']} AS a\n\t\t\tLEFT JOIN\n\t\t\t {$_TABLES['maps_maps']} AS b\n\t\t\tON a.mid = b.mid\n\t\t\tWHERE 1=1";
$query_arr = array('sql' => $sql, 'default_filter' => COM_getPermSQL('AND', 0, 3));
$retval .= ADMIN_list('markers', 'plugin_getListField_markers', $header_arr, $text_arr, $query_arr, $defsort_arr);
return $retval;
}
/**
* List all maps that the user has access to
*
* @retun string HTML for the list
*
*/
function MAPS_listmaps()
{
global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG_ADMIN, $LANG_MAPS_1;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
if (DB_count($_TABLES['maps_maps']) == 0) {
return $retval = '';
}
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), array('text' => $LANG_MAPS_1['id'], 'field' => 'mid', 'sort' => true), array('text' => $LANG_MAPS_1['name'], 'field' => 'name', 'sort' => true), array('text' => $LANG_MAPS_1['active_field'], 'field' => 'active', 'sort' => true), array('text' => $LANG_MAPS_1['hidden_field'], 'field' => 'hidden', 'sort' => true));
$defsort_arr = array('field' => 'mid', 'direction' => 'asc');
$text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/plugins/maps/index.php');
$sql = "SELECT\n\t *\n FROM {$_TABLES['maps_maps']}\n\t\t\tWHERE 1=1";
$query_arr = array('table' => 'maps_maps', 'sql' => $sql, 'query_fields' => array('name', 'description'), 'default_filter' => COM_getPermSQL('AND', 0, 3));
$retval .= ADMIN_list('maps', 'plugin_getListField_maps', $header_arr, $text_arr, $query_arr, $defsort_arr);
return $retval;
}
/**
* Displays the list of ipn history from the log stored in the database
*
*/
function PAYPAL_listIPNlog()
{
global $_CONF, $_TABLES, $LANG_PAYPAL_1, $_USER;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
if (DB_count($_TABLES['paypal_ipnlog']) == 0) {
$retval .= '<p>' . $LANG_PAYPAL_1['ipnlog_empty'] . '</p>';
}
$header_arr = array(array('text' => $LANG_PAYPAL_1['ID'], 'field' => 'id', 'sort' => true), array('text' => $LANG_PAYPAL_1['IP_address'], 'field' => 'ip_addr', 'sort' => true), array('text' => $LANG_PAYPAL_1['date_time'], 'field' => 'time', 'sort' => true), array('text' => $LANG_PAYPAL_1['verified'], 'field' => 'verified', 'sort' => true), array('text' => $LANG_PAYPAL_1['txn_id'], 'field' => 'txn_id', 'sort' => true), array('text' => $LANG_PAYPAL_1['payment_status'], 'field' => 'payment_status', 'sort' => true), array('text' => $LANG_PAYPAL_1['purchaser'], 'field' => 'custom', 'sort' => true));
$defsort_arr = array('field' => 'id', 'direction' => 'desc');
$text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/plugins/paypal/ipnlog.php');
$sql = "SELECT * FROM {$_TABLES['paypal_ipnlog']} WHERE 1=1";
$query_arr = array('table' => 'paypal_ipnlog', 'sql' => $sql, 'query_fields' => array('id', 'ip_addr', 'time', 'verified', 'txn_id', 'ipn_data'), 'default_filter' => COM_getPermSQL('AND', 0, 3));
$retval .= ADMIN_list('paypal', 'plugin_getListField_paypal_IPNlog', $header_arr, $text_arr, $query_arr, $defsort_arr);
return $retval;
}
function PAYPAL_listDownloads()
{
global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG_ADMIN, $LANG_PAYPAL_1;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
if (DB_count($_TABLES['paypal_downloads']) == 0) {
$retval .= '<p>' . $LANG_PAYPAL_1['downloads_history_empty'] . '</p>';
}
$header_arr = array(array('text' => $LANG_PAYPAL_1['ID'], 'field' => 'id', 'sort' => true), array('text' => $LANG_PAYPAL_1['product_id'], 'field' => 'product_id', 'sort' => true), array('text' => $LANG_PAYPAL_1['filename_label'], 'field' => 'file', 'sort' => true), array('text' => $LANG_PAYPAL_1['date_time'], 'field' => 'dl_date', 'sort' => true), array('text' => $LANG_PAYPAL_1['user_id'], 'field' => 'user_id', 'sort' => true));
$defsort_arr = array('field' => 'id', 'direction' => 'desc');
$text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/plugins/paypal/downloads_history.php');
$sql = "SELECT\n\t *\n FROM {$_TABLES['paypal_downloads']}\n\t\t\tWHERE 1=1";
$query_arr = array('table' => 'paypal_downloads', 'sql' => $sql, 'query_fields' => array('id', 'product_id', 'file', 'dl_date', 'user_id'), 'default_filter' => COM_getPermSQL('AND', 0, 3));
$retval .= ADMIN_list('paypal', 'plugin_getListField_paypal_downloads', $header_arr, $text_arr, $query_arr, $defsort_arr);
return $retval;
}
/**
* Add a file to the submission queue
*
* Most of the code in this function has been lifted from the File Management
* plugin's submit.php
*
*/
function submit_file($submitter, $filename, $title, $desc, $version, $homepage, $cid = 0)
{
global $_CONF, $_USER, $_FM_TABLES, $_FMDOWNLOAD, $filemgmt_FileStore;
$myts = new MyTextSanitizer();
// MyTextSanitizer object
$name = basename($filename);
$url = rawurlencode($name);
$name = $myts->makeTboxData4Save($name);
$url = $myts->makeTboxData4Save($url);
if (DB_count($_FM_TABLES['filemgmt_filedetail'], 'url', $name) > 0) {
COM_errorLog("FM submit_file: file '" . $name . "' already exists in DB");
return false;
}
$title = $myts->makeTboxData4Save($title);
$homepage = $myts->makeTboxData4Save($homepage);
$version = $myts->makeTboxData4Save($version);
$size = sprintf('%u', filesize($filename));
$description = $myts->makeTareaData4Save($desc);
//$comments = ($_CONF['comment_code'] == 0) ? 1 : 0;
$comments = 0;
// prefer no comments on Geeklog tarballs
$date = time();
$tmpfilename = randomfilename();
$uploadfilename = basename($filename);
$pos = strrpos($uploadfilename, '.') + 1;
$fileExtension = strtolower(substr($uploadfilename, $pos));
if (array_key_exists($fileExtension, $_FMDOWNLOAD)) {
if ($_FMDOWNLOAD[$fileExtension] == 'reject') {
COM_errorLog("FM submit_file: file extension '" . $fileExtension . "' not allowed.");
return false;
}
$fileExtension = $_FMDOWNLOAD[$fileExtension];
$tmpfilename = $tmpfilename . '.' . $fileExtension;
$pos = strrpos($url, '.') + 1;
$url = strtolower(substr($url, 0, $pos)) . $fileExtension;
} else {
$tmpfilename = $tmpfilename . '.' . $fileExtension;
}
// would have preferred rename (i.e. move), but ran into file permission
// problems on www.geeklog.net ...
copy($filename, $filemgmt_FileStore . 'tmp/' . $tmpfilename);
$logourl = '';
DB_query("INSERT INTO {$_FM_TABLES['filemgmt_filedetail']} (cid, title, url, homepage, version, size, platform, logourl, submitter, status, date, hits, rating, votes, comments) VALUES ('{$cid}', '{$title}', '{$url}', '{$homepage}', '{$version}', '{$size}', '{$tmpfilename}', '{$logourl}', '{$submitter}', 0, '{$date}', 0, 0, 0, '{$comments}')");
$newid = DB_insertId();
DB_query("INSERT INTO {$_FM_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '{$description}')");
return true;
}
function gf_resyncforum($id)
{
global $_CONF, $_TABLES;
COM_errorLog("Re-Syncing Forum id:{$id}");
// Update all the Topics lastupdated timestamp to that of the last posted comment
$topicsQuery = DB_query("SELECT id FROM {$_TABLES['gf_topic']} WHERE forum={$id} and pid=0");
$topicCount = DB_numRows($topicsQuery);
if ($topicCount > 0) {
$lastTopicQuery = DB_query("SELECT MAX(id) as maxid FROM {$_TABLES['gf_topic']} WHERE forum={$id}");
$lasttopic = DB_fetchArray($lastTopicQuery);
DB_query("UPDATE {$_TABLES['gf_forums']} SET last_post_rec = {$lasttopic['maxid']} WHERE forum_id={$id}");
$postCount = DB_Count($_TABLES['gf_topic'], 'forum', $id);
// Update the forum definition record to know the number of topics and number of posts
DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count={$topicCount}, post_count={$postCount} WHERE forum_id={$id}");
$recCount = 0;
while ($trecord = DB_fetchArray($topicsQuery)) {
$recCount++;
// Retrieve the oldest post records for this topic and update the lastupdated time in the parent topic record
$lsql = DB_query("SELECT MAX(id)as maxid FROM {$_TABLES['gf_topic']} WHERE pid={$trecord['id']}");
$lastrec = DB_fetchArray($lsql);
if ($lastrec['maxid'] != NULL) {
$postCount = DB_count($_TABLES['gf_topic'], 'forum', $id);
$latest = DB_getITEM($_TABLES['gf_topic'], date, "id={$lastrec['maxid']}");
DB_query("UPDATE {$_TABLES['gf_topic']} SET lastupdated = '{$latest}' where id='{$trecord['id']}'");
// Update the parent topic record to know the id of the Last Reply
DB_query("UPDATE {$_TABLES['gf_topic']} SET last_reply_rec = {$lastrec['maxid']} where id='{$trecord['id']}'");
} else {
$latest = DB_getITEM($_TABLES['gf_topic'], date, "id={$trecord['id']}");
DB_query("UPDATE {$_TABLES['gf_topic']} SET lastupdated = '{$latest}' WHERE id='{$trecord['id']}'");
}
// Recalculate and Update the number of replies
$numreplies = DB_Count($_TABLES['gf_topic'], "pid", $trecord['id']);
DB_query("UPDATE {$_TABLES['gf_topic']} SET replies = '{$numreplies}' WHERE id='{$trecord['id']}'");
}
COM_errorLog("{$recCount} Topic Records Updated");
} else {
DB_query("UPDATE {$_TABLES['gf_forums']} SET topic_count=0, post_count=0 WHERE forum_id={$id}");
COM_errorLog("No topic records to resync");
}
}
/**
* Displays the list of ipn history from the log stored in the database
*
*/
function PAYPAL_listTransactions()
{
global $_CONF, $_TABLES, $LANG_PAYPAL_1, $_USER;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
if (DB_count($_TABLES['paypal_ipnlog']) == 0) {
$retval .= '<p>' . $LANG_PAYPAL_1['ipnlog_empty'] . '</p>';
}
// Todo make mc_gross sortable (need a new field in paypal_purchases table
$header_arr = array(array('text' => $LANG_PAYPAL_1['date_time'], 'field' => 'time', 'sort' => true), array('text' => $LANG_PAYPAL_1['user_id'], 'field' => 'user_id', 'sort' => true), array('text' => $LANG_PAYPAL_1['gross_payment'], 'field' => 'mc_gross', 'sort' => false), array('text' => $LANG_PAYPAL_1['txn_id'], 'field' => 'txnid', 'sort' => true), array('text' => $LANG_PAYPAL_1['payment_status'], 'field' => 'status', 'sort' => true));
$defsort_arr = array('field' => 'time', 'direction' => 'desc');
$text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/plugins/paypal/purchase_history.php');
$sql = "SELECT i.txn_id AS txnid, i.ipn_data, i.time, u.username, u.uid, p.*\n\t\t\t\tFROM {$_TABLES['paypal_ipnlog']} AS i\n\t\t\tLEFT JOIN \n\t\t\t {$_TABLES['paypal_purchases']} AS p\n\t\t\tON\n\t\t\t i.txn_id = p.txn_id\n\t\t\tLEFT JOIN\n\t\t\t\t{$_TABLES['users']} AS u \n\t\t\tON\n\t\t\t\tp.user_id = u.uid\n\t\t\t\n\t\t\tWHERE 1 = 1 AND p.quantity <> ''\n\t\t\t\n\t\t\t";
$query_arr = array('sql' => $sql, 'default_filter' => 'GROUP BY i.txn_id', 'query_fields' => array('time', 'user_id', 'i.txn_id', 'p.status', 'u.username', 'i.ipn_data'));
$_SESSION['gross_total'] = 0;
//TODO $extra params to pass values to getListField
$retval .= ADMIN_list('paypal', 'PAYPAL_getListField_paypal_transactions', $header_arr, $text_arr, $query_arr, $defsort_arr, $filter = '', $extra = '', $options = '', $form_arr = '', $showsearch = true);
if ($_SESSION['gross_total'] > 0) {
$retval .= "<h2>Total page : {$_SESSION['gross_total']}</h2>";
}
return $retval;
}
function ajaxhandler_assignedVariables($taskid)
{
global $_TABLES, $op;
$options = '';
$sql = "SELECT b.id, b.variableName FROM {$_TABLES['nf_templateassignment']} a, {$_TABLES['nf_templatevariables']} b ";
if ($op == 'addAssignVar' or $op == 'delAssignVar') {
$sql .= "WHERE a.nf_processVariable=b.id AND a.nf_templateDataID='{$taskid}'";
$fieldid = 'selvariableassignment';
$fieldname = 'task_assignedVariables';
} elseif ($op == 'addPreNotifyVariable' or $op == 'delPreNotifyVariable') {
$sql .= "WHERE a.nf_prenotifyVariable=b.id AND a.nf_templateDataID='{$taskid}'";
if (DB_count($_TABLES['nf_templateassignment'], array('nf_templateDataID', 'nf_prenotifyVariable'), array($taskid, 999)) == 1) {
$options = "<option value=\"999\">TASK_OWNER</option>";
}
$fieldid = 'selprenotify';
$fieldname = 'task_prenotify';
} elseif ($op == 'addPostNotifyVariable' or $op == 'delPostNotifyVariable') {
$sql .= "WHERE a.nf_postnotifyVariable=b.id AND a.nf_templateDataID='{$taskid}'";
if (DB_count($_TABLES['nf_templateassignment'], array('nf_templateDataID', 'nf_postnotifyVariable'), array($taskid, 999)) == 1) {
$options = "<option value=\"999\">TASK_OWNER</option>";
}
$fieldid = 'selpostnotify';
$fieldname = 'task_postnotify';
} elseif ($op == 'addReminderNotifyVariable' or $op == 'delReminderNotifyVariable') {
$sql .= "WHERE a.nf_remindernotifyVariable=b.id AND a.nf_templateDataID='{$taskid}'";
if (DB_count($_TABLES['nf_templateassignment'], array('nf_templateDataID', 'nf_remindernotifyVariable'), array($taskid, 999)) == 1) {
$options = "<option value=\"999\">TASK_OWNER</option>";
}
$fieldid = 'selremindernotify';
$fieldname = 'task_remindernotify';
}
$q = DB_query($sql);
while (list($id, $label) = DB_fetchArray($q)) {
$options .= "<option value=\"{$id}\">{$label}</option>";
}
$html .= '<select id="' . $fieldid . '" name="' . $fieldname . '" size="4" style="width:160px;"><option value="1">' . $options . '</option></select>';
return htmlentities($html);
}
/**
* This function allows the administrator to import batches of users
*
* TODO: This function should first display the users that are to be imported,
* together with the invalid users and the reason of invalidity. Each valid line
* should have a checkbox that allows selection of final to be imported users.
* After clicking an extra button, the actual import should take place. This will
* prevent problems in case the list formatting is incorrect.
*
* @return string HTML with success or error message
*
*/
function importusers()
{
global $_CONF, $_TABLES, $LANG04, $LANG28;
// Setting this to true will cause import to print processing status to
// webpage and to the error.log file
$verbose_import = true;
$retval = '';
// Bulk import implies admin authorisation:
$_CONF['usersubmission'] = 0;
// First, upload the file
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
$upload->setPath($_CONF['path_data']);
$upload->setAllowedMimeTypes(array('text/plain' => '.txt'));
$upload->setFileNames('user_import_file.txt');
if ($upload->uploadFiles()) {
// Good, file got uploaded, now install everything
$thefile = current($_FILES);
$filename = $_CONF['path_data'] . 'user_import_file.txt';
if (!file_exists($filename)) {
// empty upload form
$retval = COM_refresh($_CONF['site_admin_url'] . '/user.php?mode=importform');
return $retval;
}
} else {
// A problem occurred, print debug information
$retval = COM_showMessageText($upload->printErrors(false), $LANG28[24]);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[22]));
return $retval;
}
$users = file($filename);
$retval .= COM_startBlock($LANG28[31], '', COM_getBlockTemplate('_admin_block', 'header'));
// Following variables track import processing statistics
$successes = 0;
$failures = 0;
foreach ($users as $line) {
$line = rtrim($line);
if (empty($line)) {
continue;
}
list($full_name, $u_name, $email) = explode("\t", $line);
$full_name = strip_tags($full_name);
$u_name = COM_applyFilter($u_name);
$email = COM_applyFilter($email);
if ($verbose_import) {
$retval .= "<br" . XHTML . "><b>Working on username={$u_name}, fullname={$full_name}, and email={$email}</b><br" . XHTML . ">\n";
COM_errorLog("Working on username={$u_name}, fullname={$full_name}, and email={$email}", 1);
}
// prepare for database
$userName = trim($u_name);
$fullName = trim($full_name);
$emailAddr = trim($email);
if (COM_isEmail($email)) {
// email is valid form
$ucount = DB_count($_TABLES['users'], 'username', DB_escapeString($userName));
$ecount = DB_count($_TABLES['users'], 'email', DB_escapeString($emailAddr));
if ($ucount == 0 && $ecount == 0) {
// user doesn't already exist - pass in optional true for $batchimport parm
$uid = USER_createAccount($userName, $emailAddr, '', $fullName, '', '', '', true);
$result = USER_createAndSendPassword($userName, $emailAddr, $uid);
if ($result) {
$successes++;
if ($verbose_import) {
$retval .= "<br" . XHTML . "> Account for <b>{$u_name}</b> created successfully.<br" . XHTML . ">\n";
COM_errorLog("Account for {$u_name} created successfully", 1);
}
} else {
// user creation failed
$retval .= "<br" . XHTML . ">ERROR: There was a problem creating the account for <b>{$u_name}</b>.<br" . XHTML . ">\n";
COM_errorLog("ERROR: here was a problem creating the account for {$u_name}.", 1);
}
} else {
if ($verbose_import) {
$retval .= "<br" . XHTML . "><b>{$u_name}</b> or <b>{$email}</b> already exists, account not created.<br" . XHTML . ">\n";
// user already exists
COM_errorLog("{$u_name},{$email}: username or email already exists, account not created", 1);
}
$failures++;
}
// end if $ucount == 0 && ecount == 0
} else {
if ($verbose_import) {
$retval .= "<br" . XHTML . "><b>{$email}</b> is not a valid email address, account not created<br" . XHTML . ">\n";
// malformed email
COM_errorLog("{$email} is not a valid email address, account not created", 1);
}
$failures++;
}
// end if COM_isEmail($email)
}
// end foreach
unlink($filename);
$retval .= '<p>' . sprintf($LANG28[32], $successes, $failures);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[24]));
return $retval;
}
/**
* Plugin function that is called after comment form is submitted.
* Needs to at least save the comment and check return value.
* Add any additional logic your plugin may need to perform on comments.
*
* $title comment title
* $comment comment text
* $id Item id to which $cid belongs
* $pid comment parent
* $postmode 'html' or 'text'
*
*/
function _mg_savecomment($title, $comment, $id, $pid, $postmode)
{
global $_CONF, $_MG_CONF, $_TABLES, $LANG03;
$retval = '';
$title = strip_tags($title);
$pid = COM_applyFilter($pid, true);
$postmode = COM_applyFilter($postmode);
$ret = CMT_saveComment($title, $comment, $id, $pid, 'mediagallery', $postmode);
if ($ret > 0) {
$retval = '';
if (SESS_isSet('glfusion.commentpresave.error')) {
$retval = COM_showMessageText(SESS_getVar('glfusion.commentpresave.error'), '', true);
SESS_unSet('glfusion.commentpresave.error');
}
$retval .= CMT_commentform($title, $comment, $id, $pid, 'mediagallery', $LANG03[14], $postmode);
return $retval;
} else {
$comments = DB_count($_TABLES['comments'], array('sid', 'type'), array(DB_escapeString($id), 'mediagallery'));
DB_change($_TABLES['mg_media'], 'media_comments', $comments, 'media_id', DB_escapeString($id));
return COM_refresh($_MG_CONF['site_url'] . "/media.php?s={$id}#comments");
}
}
function nf_updateMiscDataField($fieldid, $taskid, $projectid, $data)
{
global $_CONF, $_TABLES, $CONF_NF;
$fielddata = ppPrepareForDB($data);
if (!empty($fielddata)) {
if (DB_count($_TABLES['nf_projectdataresults'], array('field_id', 'project_id', 'task_id'), array($fieldid, $projectid, $taskid))) {
$sql = "UPDATE {$_TABLES['nf_projectdataresults']} SET textdata = '{$fielddata}' ";
$sql .= "WHERE field_id={$fieldid} AND project_id={$projectid} AND task_id={$taskid}";
} else {
$sql = "INSERT INTO {$_TABLES['nf_projectdataresults']} (field_id,project_id,task_id,textdata) ";
$sql .= "VALUES ({$fieldid},{$projectid},{$taskid},'{$fielddata}') ";
}
DB_query($sql);
}
}
$sql .= "WHERE a.nf_postnotifyVariable=b.id AND a.nf_templateDataID='{$taskID}'";
$q = DB_query($sql);
$options = '';
if (DB_count($_TABLES['nf_templateassignment'], array('nf_templateDataID', 'nf_postnotifyVariable'), array($taskID, 999)) == 1) {
$options = "<option value=\"999\">TASK_OWNER</option>";
}
while (list($id, $label) = DB_fetchArray($q)) {
$options .= "<option value=\"{$id}\">{$label}</option>";
}
$p->set_var('assigned_postNotifyVariables', $options);
// Set task reminder notify variables dropdown list options
$sql = "SELECT b.id, b.variableName FROM {$_TABLES['nf_templateassignment']} a, {$_TABLES['nf_templatevariables']} b ";
$sql .= "WHERE a.nf_remindernotifyVariable=b.id AND a.nf_templateDataID='{$taskID}'";
$q = DB_query($sql);
$options = '';
if (DB_count($_TABLES['nf_templateassignment'], array('nf_templateDataID', 'nf_remindernotifyVariable'), array($taskID, 999)) == 1) {
$options = "<option value=\"999\">TASK_OWNER</option>";
}
while (list($id, $label) = DB_fetchArray($q)) {
$options .= "<option value=\"{$id}\">{$label}</option>";
}
$p->set_var('assigned_reminderNotifyVariables', $options);
// Set Next-tasks field
$next_tasks = '';
if ($taskID != null) {
$sql = "Select nf_templateDataTo FROM {$_TABLES['nf_templatedatanextstep']} WHERE nf_templateDataFrom={$taskID} ";
$sql .= "ORDER BY nf_templateDataTo";
$tempvar = DB_query($sql);
$numTasks = DB_numRows($tempvar);
if ($numTasks > 0) {
for ($tasksCntr = 0; $tasksCntr < $numTasks; $tasksCntr++) {
/**
* Save topic to the database
*
* @param string $tid Topic ID
* @param string $topic Name of topic (what the user sees)
* @param int $inherit whether to inherit
* @param int $hidden whether to hide
* @param string $parent_id Parent ID
* @param string $imageUrl (partial) URL to topic image
* @param string $meta_description Topic meta description
* @param string $meta_keywords Topic meta keywords
* @param int $sortNum number for sort order in "Topics" block
* @param int $limitNews number of stories per page for this topic
* @param int $owner_id ID of owner
* @param int $group_id ID of group topic belongs to
* @param int $perm_owner Permissions the owner has
* @param int $perm_group Permissions the group has
* @param int $perm_members Permissions members have
* @param int $perm_anon Permissions anonymous users have
* @param string $is_default 'on' if this is the default topic
* @param string $is_archive 'on' if this is the archive topic
* @return string HTML redirect or error message
*/
function savetopic($tid, $topic, $inherit, $hidden, $parent_id, $imageUrl, $meta_description, $meta_keywords, $sortNum, $limitNews, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon, $is_default, $is_archive)
{
global $_CONF, $_TABLES, $_USER, $LANG27, $MESSAGE;
$retval = '';
// Convert array values to numeric permission values
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
$tid = COM_sanitizeID($tid);
// Check if tid is a restricted name
$restricted_tid = false;
if (!strcasecmp($tid, TOPIC_ALL_OPTION) || !strcasecmp($tid, TOPIC_NONE_OPTION) || !strcasecmp($tid, TOPIC_HOMEONLY_OPTION) || !strcasecmp($tid, TOPIC_SELECTED_OPTION) || !strcasecmp($tid, TOPIC_ROOT)) {
$restricted_tid = true;
}
// Check if tid is used by another topic
$duplicate_tid = false;
$old_tid = '';
if (isset($_POST['old_tid'])) {
$old_tid = COM_applyFilter($_POST['old_tid']);
if (!empty($old_tid)) {
$old_tid = COM_sanitizeID($old_tid);
// See if new topic id
if (strcasecmp($tid, $old_tid)) {
if (!strcasecmp($tid, DB_getItem($_TABLES['topics'], 'tid', "tid = '{$tid}'"))) {
$duplicate_tid = true;
}
}
} else {
if (!strcasecmp($tid, DB_getItem($_TABLES['topics'], 'tid', "tid = '{$tid}'"))) {
$duplicate_tid = true;
}
}
}
// Make sure parent id exists
$parent_id_found = false;
if ($parent_id == DB_getItem($_TABLES['topics'], 'tid', "tid = '{$parent_id}'") || $parent_id == TOPIC_ROOT) {
$parent_id_found = true;
}
// Check if parent archive topic, if so bail
$archive_parent = false;
$archive_tid = DB_getItem($_TABLES['topics'], 'tid', 'archive_flag = 1');
if ($parent_id == $archive_tid) {
$archive_parent = true;
}
// If archive topic, make sure no child topics else bail
$archive_child = false;
$is_archive = $is_archive == 'on' ? 1 : 0;
if ($is_archive) {
if ($tid == DB_getItem($_TABLES['topics'], 'parent_id', "parent_id = '{$tid}'")) {
$archive_child = true;
}
}
if (DB_count($_TABLES['topics'], 'tid', $tid) > 0) {
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid = '{$tid}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
} else {
$access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
}
if ($access < 3 || !SEC_inGroup($group_id)) {
$retval .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $MESSAGE[30]));
COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
} else {
// Now check access to parent topic
if ($parent_id != TOPIC_ROOT) {
if (DB_count($_TABLES['topics'], 'tid', $parent_id) > 0) {
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid = '{$parent_id}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
}
$in_Group = SEC_inGroup($A['group_id']);
} else {
$access = 3;
$in_Group = true;
}
if ($access < 3 || !$in_Group) {
$retval .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $MESSAGE[30]));
COM_accessLog("User {$_USER['username']} tried to illegally assign topic {$tid} to {$parent_id}.");
} elseif (!empty($tid) && !empty($topic) && !$restricted_tid && !$duplicate_tid && !$archive_parent && !$archive_child && $parent_id_found) {
if ($imageUrl === '/images/topics/') {
$imageUrl = '';
}
$topic = GLText::remove4byteUtf8Chars(strip_tags($topic));
$topic = DB_escapeString($topic);
$meta_description = GLText::remove4byteUtf8Chars(strip_tags($meta_description));
$meta_description = DB_escapeString($meta_description);
$meta_keywords = GLText::remove4byteUtf8Chars(strip_tags($meta_keywords));
$meta_keywords = DB_escapeString($meta_keywords);
if ($is_default == 'on') {
$is_default = 1;
DB_query("UPDATE {$_TABLES['topics']} SET is_default = 0 WHERE is_default = 1");
} else {
$is_default = 0;
}
if ($is_archive) {
// $tid is the archive topic
// - if it wasn't already, mark all its stories "archived" now
if ($archive_tid != $tid) {
$sql = "UPDATE {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n SET s.featured = 0, s.frontpage = 0, s.statuscode = " . STORY_ARCHIVE_ON_EXPIRE . "\n WHERE ta.type = 'article' AND ta.tid = '{$tid}' AND ta.id = s.sid";
DB_query($sql);
$sql = "UPDATE {$_TABLES['topics']} SET archive_flag = 0 WHERE archive_flag = 1";
DB_query($sql);
}
// Set hidden and inherit to false since archive topic now
$inherit = '';
$hidden = '';
} else {
// $tid is not the archive topic
// - if it was until now, reset the "archived" status of its stories
if ($archive_tid == $tid) {
$sql = "UPDATE {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n SET s.statuscode = 0\n WHERE ta.type = 'article' AND ta.tid = '{$tid}' AND ta.id = s.sid";
DB_query($sql);
$sql = "UPDATE {$_TABLES['topics']} SET archive_flag = 0 WHERE archive_flag = 1";
DB_query($sql);
}
}
$inherit = $inherit == 'on' ? 1 : 0;
$hidden = $hidden == 'on' ? 1 : 0;
// Cannot hide root topics so switch if needed
if ($parent_id == TOPIC_ROOT && $hidden == 1) {
$hidden = 0;
}
// If not a new topic and id change then...
if (!empty($old_tid)) {
if ($tid != $old_tid) {
changetopicid($tid, $old_tid);
$old_tid = DB_escapeString($old_tid);
DB_delete($_TABLES['topics'], 'tid', $old_tid);
}
}
DB_save($_TABLES['topics'], 'tid, topic, inherit, hidden, parent_id, imageurl, meta_description, meta_keywords, sortnum, limitnews, is_default, archive_flag, owner_id, group_id, perm_owner, perm_group, perm_members, perm_anon', "'{$tid}', '{$topic}', {$inherit}, {$hidden}, '{$parent_id}', '{$imageUrl}', '{$meta_description}', '{$meta_keywords}','{$sortNum}','{$limitNews}',{$is_default},'{$is_archive}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon}");
if ($old_tid != $tid) {
PLG_itemSaved($tid, 'topic', $old_tid);
} else {
PLG_itemSaved($tid, 'topic');
}
// Reorder Topics, Delete topic cache and reload topic tree
reorderTopics();
// update feed(s)
COM_rdfUpToDateCheck('article', $tid);
COM_redirect($_CONF['site_admin_url'] . '/topic.php?msg=13');
} elseif ($restricted_tid) {
$retval .= COM_errorLog($LANG27[31], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
} elseif ($duplicate_tid) {
$retval .= COM_errorLog($LANG27[49], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
} elseif ($archive_parent) {
$retval .= COM_errorLog($LANG27[46], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
} elseif ($archive_child) {
$retval .= COM_errorLog($LANG27[47], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
} elseif (!$parent_id_found) {
$retval .= COM_errorLog($LANG27[48], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
} else {
$retval .= COM_errorLog($LANG27[7], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
}
}
return $retval;
}
echo ppNavbar($navbarMenu);
list($questions, $answers, $score) = DB_fetchArray($query);
echo '<table width="100%" border="0" cellspacing="0" cellpadding="0">';
echo '<tr><td width="100%" style="padding-left:5px;">Your score for the quiz <b>' . $quizname . '</b> was: ' . $score . '/' . $total_score . ', pass score is: ' . $pass_score;
echo $helpmsg . '</td></tr>';
echo '<tr><td width="100%"><hr></td></tr>';
echo '<tr><td width="100%">';
$arrQuest = explode(",", $questions);
$arrAns = explode(",", $answers);
$i = 0;
foreach ($arrQuest as $qid) {
$quizResultAnsID = $arrAns[$i];
$i++;
$query = DB_query("SELECT question, qanswer, qvalue FROM {$_TABLES['quiz_questions']} WHERE qid={$qid}");
list($question, $qanswer, $qvalue) = DB_fetchArray($query);
if (DB_count($_TABLES['quiz_images'], "qid", $qid) != 0) {
$imageonfile = true;
} else {
$imageonfile = false;
}
echo '<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td colspan="4"align="left">' . $i . ') ' . $question . '<br><span style="padding-left:18px;"><b>Value: </b>' . $qvalue . '</span></td>
</tr>
<tr>';
if ($imageonfile) {
$iquery = DB_query("SELECT * FROM {$_TABLES['quiz_images']} WHERE qid={$qid}");
list($id, $qid, $filename, $title) = DB_fetchArray($iquery);
$questionimage = $_CONF['site_url'] . "/quiz/question_images/{$qid}/{$filename}";
echo '<td valign="top" style="padding:5px;"><img src="' . $questionimage . '"></td>';
} else {
/**
* Creates list of uninstalled plugins (if any) and offers install link to them.
*
* @param string $token Security token to use in list
* @return string HTML containing list of uninstalled plugins
*
*/
function show_newplugins($token)
{
global $_CONF, $_TABLES, $LANG32;
require_once $_CONF['path_system'] . 'lib-admin.php';
$plugins = array();
$plugins_dir = $_CONF['path'] . 'plugins/';
$fd = opendir($plugins_dir);
$index = 1;
$retval = '';
$data_arr = array();
while (($dir = @readdir($fd)) == TRUE) {
if ($dir != '.' && $dir != '..' && $dir != 'CVS' && substr($dir, 0, 1) != '.' && is_dir($plugins_dir . $dir)) {
clearstatcache();
// Check and see if this plugin is installed - if there is a record.
// If not then it's a new plugin
if (DB_count($_TABLES['plugins'], 'pi_name', $dir) == 0) {
$plugin_ok = false;
$plugin_new_style = false;
// additionally, check if a 'functions.inc' exists
if (file_exists($plugins_dir . $dir . '/functions.inc')) {
// new plugins will have a autoinstall.php
if (file_exists($plugins_dir . $dir . '/autoinstall.php')) {
$plugin_ok = true;
$plugin_new_style = true;
} else {
// and finally, since we're going to link to it, check
// if an install script exists
$adminurl = $_CONF['site_admin_url'];
if (strrpos($adminurl, '/') == strlen($adminurl)) {
$adminurl = substr($adminurl, 0, -1);
}
$pos = strrpos($adminurl, '/');
if ($pos === false) {
// didn't work out - use the URL
$admindir = $_CONF['site_admin_url'];
} else {
$admindir = $_CONF['path_html'] . substr($adminurl, $pos + 1);
}
$fh = @fopen($admindir . '/plugins/' . $dir . '/install.php', 'r');
if ($fh) {
fclose($fh);
$plugin_ok = true;
$plugin_new_style = false;
}
}
if ($plugin_ok) {
if ($plugin_new_style) {
$url = $_CONF['site_admin_url'] . '/plugins.php' . '?mode=autoinstall&plugin=' . $dir;
} else {
$url = $_CONF['site_admin_url'] . '/plugins/' . $dir . '/install.php?action=install';
}
$url .= '&' . CSRF_TOKEN . '=' . $token;
$data_arr[] = array('pi_name' => $dir, 'pi_display_name' => plugin_get_pluginname($dir), 'pi_gl_version' => '', 'number' => $index, 'install_link' => $url);
$index++;
}
}
}
}
}
$header_arr = array(array('text' => $LANG32[59], 'field' => 'info_uninstalled'), array('text' => $LANG32[16], 'field' => 'pi_display_name'), array('text' => $LANG32[17], 'field' => 'pi_version'), array('text' => $LANG32[50], 'field' => 'pi_dependencies'), array('text' => $LANG32[22], 'field' => 'install_link'));
$text_arr = array('title' => $LANG32[14]);
$retval .= ADMIN_simpleList('ADMIN_getListField_newplugins', $header_arr, $text_arr, $data_arr);
return $retval;
}
/**
* Submit static page. The page is updated if it exists, or a new one is created
*
* @param array args Contains all the data provided by the client
* @param string &output OUTPUT parameter containing the returned text
* @param string &svc_msg OUTPUT parameter containing any service messages
* @return int Response code as defined in lib-plugins.php
*/
function service_submit_staticpages($args, &$output, &$svc_msg)
{
global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG12, $LANG_STATIC, $LANG_LOGIN, $_GROUPS, $_SP_CONF;
$output = '';
if (!SEC_hasRights('staticpages.edit')) {
$output = COM_siteHeader('menu', $LANG_STATIC['access_denied']);
$output .= COM_showMessageText($LANG_STATIC['access_denied_msg'], $LANG_STATIC['access_denied'], true);
$output .= COM_siteFooter();
return PLG_RET_AUTH_FAILED;
}
if (defined('DEMO_MODE')) {
$output = COM_siteHeader('menu');
$output .= COM_showMessageText('Option disabled in Demo Mode', 'Option disabled in Demo Mode', true);
$output .= COM_siteFooter();
return PLG_REG_AUTH_FAILED;
}
$gl_edit = false;
if (isset($args['gl_edit'])) {
$gl_edit = $args['gl_edit'];
}
if ($gl_edit) {
// This is EDIT mode, so there should be an sp_old_id
if (empty($args['sp_old_id'])) {
if (!empty($args['id'])) {
$args['sp_old_id'] = $args['id'];
} else {
return PLG_RET_ERROR;
}
if (empty($args['sp_id'])) {
$args['sp_id'] = $args['sp_old_id'];
}
}
} else {
if (empty($args['sp_id']) && !empty($args['id'])) {
$args['sp_id'] = $args['id'];
}
}
if (empty($args['sp_uid'])) {
$args['sp_uid'] = $_USER['uid'];
}
if (empty($args['sp_title']) && !empty($args['title'])) {
$args['sp_title'] = $args['title'];
}
if (empty($args['sp_content']) && !empty($args['content'])) {
$args['sp_content'] = $args['content'];
}
if (isset($args['category']) && is_array($args['category']) && !empty($args['category'][0])) {
$args['sp_tid'] = $args['category'][0];
}
if (!isset($args['owner_id'])) {
$args['owner_id'] = $_USER['uid'];
}
if (empty($args['group_id'])) {
$args['group_id'] = SEC_getFeatureGroup('staticpages.edit', $_USER['uid']);
}
$args['sp_id'] = COM_sanitizeID($args['sp_id']);
if (!$gl_edit) {
if (strlen($args['sp_id']) > STATICPAGE_MAX_ID_LENGTH) {
if (function_exists('WS_makeId')) {
$args['sp_id'] = WS_makeId($slug, STATICPAGE_MAX_ID_LENGTH);
} else {
$args['sp_id'] = COM_makeSid();
}
}
}
// Apply filters to the parameters passed by the webservice
if ($args['gl_svc']) {
$par_str = array('mode', 'sp_id', 'sp_old_id', 'sp_tid', 'sp_format', 'postmode');
$par_num = array('sp_uid', 'sp_hits', 'owner_id', 'group_id', 'sp_where', 'sp_php', 'commentcode', 'sp_search', 'sp_status');
foreach ($par_str as $str) {
if (isset($args[$str])) {
$args[$str] = COM_applyBasicFilter($args[$str]);
} else {
$args[$str] = '';
}
}
foreach ($par_num as $num) {
if (isset($args[$num])) {
$args[$num] = COM_applyBasicFilter($args[$num], true);
} else {
$args[$num] = 0;
}
}
}
// START: Staticpages defaults
if ($args['sp_status'] != 1) {
$args['sp_status'] = 0;
}
if (empty($args['sp_format'])) {
$args['sp_format'] = 'allblocks';
}
if (empty($args['sp_tid'])) {
$args['sp_tid'] = 'all';
}
if ($args['sp_where'] < 0 || $args['sp_where'] > 4) {
$args['sp_where'] = 0;
}
if ($args['sp_php'] < 0 || $args['sp_php'] > 2) {
$args['sp_php'] = 0;
}
if ($args['commentcode'] < -1 || $args['commentcode'] > 1) {
$args['commentcode'] = $_CONF['comment_code'];
}
if ($args['sp_search'] != 1) {
$args['sp_search'] = 0;
}
if ($args['gl_svc']) {
// Permissions
if (!isset($args['perm_owner'])) {
$args['perm_owner'] = $_SP_CONF['default_permissions'][0];
} else {
$args['perm_owner'] = COM_applyBasicFilter($args['perm_owner'], true);
}
if (!isset($args['perm_group'])) {
$args['perm_group'] = $_SP_CONF['default_permissions'][1];
} else {
$args['perm_group'] = COM_applyBasicFilter($args['perm_group'], true);
}
if (!isset($args['perm_members'])) {
$args['perm_members'] = $_SP_CONF['default_permissions'][2];
} else {
$args['perm_members'] = COM_applyBasicFilter($args['perm_members'], true);
}
if (!isset($args['perm_anon'])) {
$args['perm_anon'] = $_SP_CONF['default_permissions'][3];
} else {
$args['perm_anon'] = COM_applyBasicFilter($args['perm_anon'], true);
}
if (!isset($args['sp_onmenu'])) {
$args['sp_onmenu'] = '';
} else {
if ($args['sp_onmenu'] == 'on' && empty($args['sp_label'])) {
$svc_msg['error_desc'] = 'Menu label missing';
return PLG_RET_ERROR;
}
}
if (empty($args['sp_content'])) {
$svc_msg['error_desc'] = 'No content';
return PLG_RET_ERROR;
}
if (empty($args['sp_inblock']) && $_SP_CONF['in_block'] == '1') {
$args['sp_inblock'] = 'on';
}
if (empty($args['sp_centerblock'])) {
$args['sp_centerblock'] = '';
}
}
// END: Staticpages defaults
$sp_id = $args['sp_id'];
$sp_status = $args['sp_status'];
$sp_uid = $args['sp_uid'];
$sp_title = $args['sp_title'];
$sp_content = $args['sp_content'];
$sp_hits = $args['sp_hits'];
$sp_format = $args['sp_format'];
$sp_onmenu = $args['sp_onmenu'];
$sp_label = '';
if (!empty($args['sp_label'])) {
$sp_label = $args['sp_label'];
}
$commentcode = $args['commentcode'];
$owner_id = $args['owner_id'];
$group_id = $args['group_id'];
$perm_owner = $args['perm_owner'];
$perm_group = $args['perm_group'];
$perm_members = $args['perm_members'];
$perm_anon = $args['perm_anon'];
$sp_php = $args['sp_php'];
$sp_nf = '';
if (!empty($args['sp_nf'])) {
$sp_nf = $args['sp_nf'];
}
$sp_old_id = $args['sp_old_id'];
$sp_centerblock = $args['sp_centerblock'];
$sp_help = '';
if (!empty($args['sp_help'])) {
$sp_help = $args['sp_help'];
}
$sp_tid = $args['sp_tid'];
$sp_where = $args['sp_where'];
$sp_inblock = $args['sp_inblock'];
$postmode = $args['postmode'];
$sp_search = $args['sp_search'];
if ($gl_edit && !empty($args['gl_etag'])) {
// First load the original staticpage to check if it has been modified
$o = array();
$s = array();
$r = service_get_staticpages(array('sp_id' => $sp_old_id, 'gl_svc' => true), $o, $s);
if ($r == PLG_RET_OK) {
if ($args['gl_etag'] != $o['updated']) {
$svc_msg['error_desc'] = 'A more recent version of the staticpage is available';
return PLG_RET_PRECONDITION_FAILED;
}
} else {
$svc_msg['error_desc'] = 'The requested staticpage no longer exists';
return PLG_RET_ERROR;
}
}
// Check for unique page ID
$duplicate_id = false;
$delete_old_page = false;
if (DB_count($_TABLES['staticpage'], 'sp_id', $sp_id) > 0) {
if ($sp_id != $sp_old_id) {
$duplicate_id = true;
}
} elseif (!empty($sp_old_id)) {
if ($sp_id != $sp_old_id) {
$delete_old_page = true;
}
}
if ($duplicate_id) {
$output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']);
$output .= COM_errorLog($LANG_STATIC['duplicate_id'], 2);
if (!$args['gl_svc']) {
$output .= PAGE_edit($sp_id);
}
$output .= COM_siteFooter();
$svc_msg['error_desc'] = 'Duplicate ID';
return PLG_RET_ERROR;
} elseif (!empty($sp_title) && !empty($sp_content)) {
if (empty($sp_hits)) {
$sp_hits = 0;
}
if ($sp_onmenu == 'on') {
$sp_onmenu = 1;
} else {
$sp_onmenu = 0;
}
if ($sp_nf == 'on') {
$sp_nf = 1;
} else {
$sp_nf = 0;
}
if ($sp_centerblock == 'on') {
$sp_centerblock = 1;
} else {
$sp_centerblock = 0;
}
if ($sp_inblock == 'on') {
$sp_inblock = 1;
} else {
$sp_inblock = 0;
}
// Clean up the text
if ($_SP_CONF['censor'] == 1) {
$sp_content = COM_checkWords($sp_content);
$sp_title = COM_checkWords($sp_title);
}
if ($_SP_CONF['filter_html'] == 1) {
$sp_content = COM_checkHTML($sp_content, 'staticpages.edit');
}
$sp_title = strip_tags($sp_title);
$sp_label = strip_tags($sp_label);
$sp_content = DB_escapeString($sp_content);
$sp_title = DB_escapeString($sp_title);
$sp_label = DB_escapeString($sp_label);
// If user does not have php edit perms, then set php flag to 0.
if ($_SP_CONF['allow_php'] != 1 || !SEC_hasRights('staticpages.PHP')) {
$sp_php = 0;
}
// make sure there's only one "entire page" static page per topic
if ($sp_centerblock == 1 && $sp_where == 0) {
$sql = "UPDATE {$_TABLES['staticpage']} SET sp_centerblock = 0 WHERE sp_centerblock = 1 AND sp_where = 0 AND sp_tid = '" . DB_escapeString($sp_tid) . "'";
// multi-language configuration - allow one entire page
// centerblock for all or none per language
if (!empty($_CONF['languages']) && !empty($_CONF['language_files']) && ($sp_tid == 'all' || $sp_tid == 'none')) {
$ids = explode('_', $sp_id);
if (count($ids) > 1) {
$lang_id = array_pop($ids);
$sql .= " AND sp_id LIKE '%\\_" . DB_escapeString($lang_id) . "'";
}
}
DB_query($sql);
}
$formats = array('allblocks', 'blankpage', 'leftblocks', 'rightblocks', 'noblocks');
if (!in_array($sp_format, $formats)) {
$sp_format = 'allblocks';
}
if (!$args['gl_svc']) {
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
}
DB_save($_TABLES['staticpage'], 'sp_id,sp_status,sp_uid,sp_title,sp_content,sp_date,sp_hits,sp_format,sp_onmenu,sp_label,commentcode,owner_id,group_id,' . 'perm_owner,perm_group,perm_members,perm_anon,sp_php,sp_nf,sp_centerblock,sp_help,sp_tid,sp_where,sp_inblock,postmode,sp_search', "'{$sp_id}',{$sp_status}, {$sp_uid},'{$sp_title}','{$sp_content}',NOW(),{$sp_hits},'{$sp_format}',{$sp_onmenu},'{$sp_label}','{$commentcode}',{$owner_id},{$group_id}," . "{$perm_owner},{$perm_group},{$perm_members},{$perm_anon},'{$sp_php}','{$sp_nf}',{$sp_centerblock},'{$sp_help}','{$sp_tid}',{$sp_where}," . "'{$sp_inblock}','{$postmode}',{$sp_search}");
if ($delete_old_page && !empty($sp_old_id)) {
DB_delete($_TABLES['staticpage'], 'sp_id', $sp_old_id);
DB_change($_TABLES['comments'], 'sid', DB_escapeString($sp_id), array('sid', 'type'), array(DB_escapeString($sp_old_id), 'staticpages'));
PLG_itemDeleted($sp_old_id, 'staticpages');
}
PLG_itemSaved($sp_id, 'staticpages');
$url = COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $sp_id);
$output .= PLG_afterSaveSwitch($_SP_CONF['aftersave'], $url, 'staticpages');
$svc_msg['id'] = $sp_id;
return PLG_RET_OK;
} else {
$output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']);
$output .= COM_errorLog($LANG_STATIC['no_title_or_content'], 2);
if (!$args['gl_svc']) {
$output .= PAGE_edit($sp_id);
}
$output .= COM_siteFooter();
return PLG_RET_ERROR;
}
}
/**
* Move a route UP or Down
*
* @param int $rid
*/
function moveRoute($rid)
{
global $_TABLES;
$rid = intval($rid, 10);
$direction = \Geeklog\Input::fGet('dir', '');
// if the router id exists
if (DB_count($_TABLES['routes'], 'rid', $rid)) {
$rid = DB_escapeString($rid);
if ($direction === 'up') {
$sql = "UPDATE {$_TABLES['routes']} SET priority = priority - 11 WHERE rid = " . $rid;
DB_query($sql);
reorderRoutes();
} elseif ($direction === 'down') {
$sql = "UPDATE {$_TABLES['routes']} SET priority = priority + 11 WHERE rid = " . $rid;
DB_query($sql);
reorderRoutes();
}
} else {
COM_errorLog("block admin error: Attempt to move an non-existing route id: {$rid}");
}
}
$numpages = 1;
$offset = 0;
$show = 0;
$skipForum = true;
} else {
if ($show == 0 and $FF_userprefs['topicsperpage'] > 0) {
$show = $FF_userprefs['topicsperpage'];
} elseif ($show == 0) {
$show = 20;
}
// Check if this is the first page.
if ($page == 0) {
$page = 1;
}
$topicCount = 0;
$topicCount = DB_count($_TABLES['ff_topic'], array('pid', 'forum'), array(0, $forum));
$numpages = ceil($topicCount / $show);
$offset = ($page - 1) * $show;
}
$base_url = $_CONF['site_url'] . '/forum/index.php?forum=' . $forum . '&show=' . $show;
$displaypostpages = '';
$dt = new Date('now', $_USER['tzid']);
$topiclisting = new Template($_CONF['path'] . 'plugins/forum/templates/');
$topiclisting->set_file('topiclisting', 'topiclisting.thtml');
$topiclisting->set_var(array('LANG_HOME' => $LANG_GF01['HOMEPAGE'], 'forum_home' => $LANG_GF01['INDEXPAGE'], 'navbreadcrumbsimg' => '<img src="' . _ff_getImage('nav_breadcrumbs') . '" alt=""/>', 'img_asc1' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc2' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc3' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc4' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc5' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_desc1' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc2' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc3' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc4' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc5' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'tooltip_style' => COM_getToolTipStyle()));
switch ($sort) {
case 1:
if ($order == 0) {
$sortOrder = "subject ASC";
$topiclisting->set_var('img_asc1', '<img src="' . _ff_getImage('asc_on') . '" alt=""/>');
$topiclisting->set_var('sort_subject', true);
function _userSetnewpwd()
{
global $_CONF, $_TABLES, $_USER, $LANG04;
$retval = '';
if (empty($_POST['passwd']) || $_POST['passwd'] != $_POST['passwd_conf']) {
echo COM_refresh($_CONF['site_url'] . '/users.php?mode=newpwd&uid=' . COM_applyFilter($_POST['uid'], true) . '&rid=' . COM_applyFilter($_POST['rid']));
} else {
$uid = COM_applyFilter($_POST['uid'], true);
$reqid = COM_sanitizeID(COM_applyFilter($_POST['rid']));
if (!empty($uid) && is_numeric($uid) && $uid > 1 && !empty($reqid) && strlen($reqid) == 16) {
$uid = (int) $uid;
$safereqid = DB_escapeString($reqid);
$valid = DB_count($_TABLES['users'], array('uid', 'pwrequestid'), array($uid, $safereqid));
if ($valid == 1) {
$passwd = SEC_encryptPassword($_POST['passwd']);
DB_change($_TABLES['users'], 'passwd', DB_escapeString($passwd), "uid", $uid);
DB_delete($_TABLES['sessions'], 'uid', $uid);
DB_change($_TABLES['users'], 'pwrequestid', "NULL", 'uid', $uid);
echo COM_refresh($_CONF['site_url'] . '/users.php?msg=53');
} else {
// request invalid or expired
$retval .= COM_showMessage(54, '', '', 1, 'error');
$retval .= getpasswordform();
}
} else {
// this request doesn't make sense - ignore it
echo COM_refresh($_CONF['site_url']);
}
}
}
/**
* Checks for Static Pages Version
* Note: Needed for upgrades from old versions - don't remove.
*
* @return int indicates which version of the plugin we're dealing with:
* - 0 = not installed,
* - 1 = original plugin,
* - 2 = version by Phill or Tom,
* - 3 = v1.3 (center block, etc.),
* - 4 = v1.4 ('in block' flag)
*/
private function getStaticPagesVersion()
{
global $_TABLES;
$retval = 0;
if (DB_count($_TABLES['plugins'], 'pi_name', 'staticpages') > 0) {
$result = DB_query("DESCRIBE {$_TABLES['staticpage']}");
$numRows = DB_numRows($result);
$retval = 1;
// assume v1.1 for now ...
for ($i = 0; $i < $numRows; $i++) {
$A = DB_fetchArray($result, true);
if ($A[0] === 'sp_nf') {
$retval = 3;
// v1.3
} elseif ($A[0] === 'sp_pos') {
$retval = 2;
// v1.2
} elseif ($A[0] === 'sp_inblock') {
$retval = 4;
// v1.4
break;
}
}
}
return $retval;
}
/**
* List logged requests
*
* @param int $page page number
* @return string HTML for list of entries
*
*/
function _bb_listEntries($page = 1, $msg = '')
{
global $_CONF, $_USER, $_TABLES, $LANG_BAD_BEHAVIOR, $LANG_BB2_RESPONSE, $LANG_ADMIN;
$retval = '';
if ($page < 1) {
$page = 1;
}
$filter = 'all';
if (isset($_REQUEST['filter'])) {
$filter = COM_applyFilter($_REQUEST['filter']);
}
$where = '';
if ($filter != 'all') {
$where = ' WHERE ' . WP_BB_LOG . '.key="' . DB_escapeString($filter) . '"';
}
$start = ($page - 1) * 50;
if ($filter != 'all') {
$entries = DB_count(WP_BB_LOG, WP_BB_LOG . '.key', DB_escapeString($filter));
} else {
$entries = DB_count(WP_BB_LOG);
}
if ($start > $entries) {
$start = 1;
$page = 1;
}
$donate = $LANG_BAD_BEHAVIOR['description'];
if (DB_getItem($_TABLES['vars'], 'value', "name = 'bad_behavior2.donate'") == 1) {
$donate .= '<p>' . $LANG_BAD_BEHAVIOR['donate_msg'] . '</p>' . LB;
}
// writing the menu on top
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/bad_behavior2/ban.php', 'text' => 'List Banned IPs'), array('url' => $_CONF['site_admin_url'] . '/plugins/bad_behavior2/ban.php?mode=add', 'text' => 'Ban IPs'), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= COM_startBlock($LANG_BAD_BEHAVIOR['plugin_display_name'] . ' - ' . $LANG_BAD_BEHAVIOR['block_title_list'], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $donate, $_CONF['site_url'] . '/bad_behavior2/images/bad_behavior2.png');
$retval .= '<br />';
if (!empty($msg)) {
$retval .= COM_showMessage($msg, 'bad_behavior2');
}
$templates = new Template($_CONF['path'] . 'plugins/' . BAD_BEHAVIOR_PLUGIN . '/templates');
$templates->set_file('list', 'log.thtml');
$templates->set_var(array('lang_ip' => $LANG_BAD_BEHAVIOR['row_ip'], 'lang_user_agent' => $LANG_BAD_BEHAVIOR['row_user_agent'], 'lang_referer' => $LANG_BAD_BEHAVIOR['row_referer'], 'lang_reason' => $LANG_BAD_BEHAVIOR['row_reason'], 'lang_response' => $LANG_BAD_BEHAVIOR['row_response'], 'lang_method' => $LANG_BAD_BEHAVIOR['row_method'], 'lang_protocol' => $LANG_BAD_BEHAVIOR['row_protocol'], 'lang_date' => $LANG_BAD_BEHAVIOR['row_date'], 'lang_search' => $LANG_BAD_BEHAVIOR['search'], 'lang_ip_date' => $LANG_BAD_BEHAVIOR['ip_date'], 'lang_headers' => $LANG_BAD_BEHAVIOR['headers'], 'lang_filter_select' => $LANG_BAD_BEHAVIOR['filter'], 'lang_go' => $LANG_BAD_BEHAVIOR['go']));
$filter_select = '<option value="all"';
if ($filter == '') {
$filter_select .= ' selected="selected" ';
}
$filter_select .= '>' . $LANG_BAD_BEHAVIOR['no_filter'] . '</option>';
foreach ($LANG_BB2_RESPONSE as $code => $text) {
$filter_select .= '<option value="' . $code . '"';
if ($filter == $code) {
$filter_select .= ' selected="selected" ';
}
$filter_select .= '>' . $text . '</option>';
}
$templates->set_var('filter_select', $filter_select);
$result = DB_query("SELECT id,ip,date,request_method,request_uri,server_protocol,http_headers,user_agent,request_entity,`key` FROM " . WP_BB_LOG . " " . $where . " ORDER BY date DESC LIMIT {$start},50");
$num = DB_numRows($result);
$templates->set_block('list', 'logrow', 'lrow');
for ($i = 0; $i < $num; $i++) {
$A = DB_fetchArray($result);
$lcount = 50 * ($page - 1) + $i + 1;
foreach ($A as $key => $val) {
$A[$key] = htmlspecialchars($val, ENT_QUOTES, COM_getEncodingt());
}
$dt = new Date($A['date'], $_USER['tzid']);
$headers = str_replace("\n", "<br/>\n", $A['http_headers']);
$headers = str_replace("User-Agent:", "<strong>User-Agent:</strong>", $headers);
$headers = str_replace("Host:", "<strong>Host:</strong>", $headers);
$headers = str_replace("POST ", "<strong>POST</strong> ", $headers);
$headers = str_replace("GET ", "<strong>GET</strong> ", $headers);
$headers = str_replace("Accept-Language:", "<strong>Accept-Language:</strong> ", $headers);
$headers = str_replace("Accept-Encoding:", "<strong>Accept-Encoding:</strong> ", $headers);
$headers = str_replace("Accept-Charset:", "<strong>Accept-Charset:</strong> ", $headers);
$headers = str_replace("X-Forwarded-For:", "<strong>X-Forwarded-For:</strong> ", $headers);
$headers = str_replace("Cookie:", "<strong>Cookie:</strong> ", $headers);
$headers = str_replace("Via:", "<strong>Via:</strong> ", $headers);
$headers = str_replace("Connection:", "<strong>Connection:</strong>", $headers);
$headers = str_replace("Accept:", "<strong>Accept:</strong>", $headers);
$headers = str_replace("Cache-Control:", "<strong>Cache-Control:</strong>", $headers);
$headers = str_replace("Referer:", "<strong>Referer:</strong>", $headers);
$headers = str_replace("Pragma:", "<strong>Pragma:</strong>", $headers);
$headers = str_replace("Proxy-", "<strong>Proxy-</strong>", $headers);
$headers = str_replace("Cf-Connecting-Ip", "<strong>Cf-Connecting-Ip</strong>", $headers);
$headers = str_replace("Cf-Ipcountry", "<strong>Cf-Ipcountry</strong>", $headers);
$headers = str_replace("X-Forwarded-Proto", "<strong>X-Forwarded-Proto</strong>", $headers);
$headers = str_replace("Cf-Visitor", "<strong>Cf-Visitor</strong>", $headers);
$headers = str_replace("X-Http-Proto", "<strong>X-Http-Proto</strong>", $headers);
$headers = str_replace("X-Real-Ip", "<strong>X-Real-Ip</strong>", $headers);
$headers = str_replace("Content-Length", "<strong>Content-Length</strong>", $headers);
$headers = str_replace("Content-Type", "<strong>Content-Type</strong>", $headers);
$headers = str_replace("Te:", "<strong>Te:</strong>", $headers);
$headers = str_replace("Expect:", "<strong>Expect:</strong>", $headers);
$headers = str_replace("Dnt:", "<strong>Dnt:</strong>", $headers);
$entity = str_replace("\n", "<br/>\n", $A["request_entity"]);
$templates->set_var(array('row_num' => $lcount, 'cssid' => $i % 2 + 1, 'id' => $A['id'], 'ip' => $A['ip'], 'request_method' => $A['request_method'], 'http_host' => $A['request_uri'], 'server_protocol' => $A['server_protocol'], 'http_referer' => $headers, 'reason' => $LANG_BB2_RESPONSE[$A['key']], 'http_user_agent' => $A['user_agent'], 'http_response' => $entity, 'date_and_time' => $dt->toRFC822(true)));
$url = $_CONF['site_admin_url'] . '/plugins/' . BAD_BEHAVIOR_PLUGIN . '/index.php?mode=view&id=' . $A['id'];
if ($page > 1) {
$url .= '&page=' . $page;
}
$templates->set_var('start_headers_anchortag', '<a href="' . $url . '" title="' . $LANG_BAD_BEHAVIOR['title_show_headers'] . '">');
$templates->set_var('end_headers_anchortag', '</a>');
if (!empty($_CONF['ip_lookup'])) {
$iplookup = str_replace('*', $A['ip'], $_CONF['ip_lookup']);
$templates->set_var('start_ip_lookup_anchortag', '<a href="' . $iplookup . '" title="' . $LANG_BAD_BEHAVIOR['title_lookup_ip'] . '" target="_new">');
$templates->set_var('end_ip_lookup_anchortag', '</a>');
} else {
$templates->set_var('start_ip_lookup_anchortag', '');
$templates->set_var('end_ip_lookup_anchortag', '');
}
$templates->parse('lrow', 'logrow', true);
}
if ($entries > 50) {
$baseurl = $_CONF['site_admin_url'] . '/plugins/' . BAD_BEHAVIOR_PLUGIN . '/index.php?mode=list&filter=' . $filter;
$numpages = ceil($entries / 50);
$templates->set_var('google_paging', COM_printPageNavigation($baseurl, $page, $numpages));
} else {
$templates->set_var('google_paging', '');
}
$templates->parse('output', 'list');
$retval .= $templates->finish($templates->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
function LIB_Edit($pi_name, $id, $edt_flg, $msg = '', $errmsg = "", $mode = "edit")
{
global $_CONF;
global $_TABLES;
global $LANG_ADMIN;
global $MESSAGE;
global $LANG_ACCESS;
global $_USER;
$lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
global ${$lang_box_admin};
$lang_box_admin = ${$lang_box_admin};
$lang_box = "LANG_" . strtoupper($pi_name);
global ${$lang_box};
$lang_box = ${$lang_box};
$lang_box_noyes = "LANG_" . strtoupper($pi_name) . "_NOYES";
global ${$lang_box_noyes};
$lang_box_noyes = ${$lang_box_noyes};
$lang_box_inputtype = "LANG_" . strtoupper($pi_name) . "_INPUTTYPE";
global ${$lang_box_inputtype};
$lang_box_inputtype = ${$lang_box_inputtype};
$table = $_TABLES[strtoupper($pi_name) . '_def_group'];
$table1 = $_TABLES[strtoupper($pi_name) . '_def_category'];
$table2 = $_TABLES[strtoupper($pi_name) . '_def_field'];
// $cur_year = date( 'Y' );
// $year_startoffset=1990 - $cur_year +1;
// $year_endoffset=0;
$retval = '';
$delflg = false;
//メッセージ表示
if (!empty($msg)) {
$retval .= COM_showMessage($msg, $pi_name);
$retval .= $errmsg;
// clean 'em up
$code = COM_applyFilter($_POST['code']);
$name = COM_applyFilter($_POST['name']);
$description = $_POST['description'];
//COM_applyFilter($_POST['description']);
$orderno = COM_applyFilter($_POST['orderno']);
$parent_flg = COM_applyFilter($_POST['parent_flg'], true);
$input_type = COM_applyFilter($_POST['input_type'], true);
$uuid = $_USER['uid'];
} else {
if (empty($id)) {
$id = 0;
$code = "";
$name = "";
$description = "";
$orderno = "";
$parent_flg = 0;
$uuid = 0;
$udatetime = "";
//"";
} else {
$sql = "SELECT ";
$sql .= " *";
$sql .= " ,UNIX_TIMESTAMP(udatetime) AS udatetime_un" . LB;
$sql .= " FROM ";
$sql .= $table;
$sql .= " WHERE ";
$sql .= " group_id = {$id}";
$result = DB_query($sql);
$A = DB_fetchArray($result);
$code = COM_stripslashes($A['code']);
$name = COM_stripslashes($A['name']);
$description = COM_stripslashes($A['description']);
$orderno = COM_stripslashes($A['orderno']);
$parent_flg = COM_stripslashes($A['parent_flg']);
$input_type = COM_stripslashes($A['input_type']);
$uuid = COM_stripslashes($A['uuid']);
$wary = COM_getUserDateTimeFormat(COM_stripslashes($A['udatetime_un']));
$udatetime = $wary[0];
if ($edt_flg == FALSE) {
$delflg = true;
}
}
}
if ($mode === "copy") {
$id = 0;
//作成日付
$created = 0;
$created_month = 0;
$created_day = 0;
$created_year = 0;
$created_hour = 0;
$created_minute = 0;
//
$delflg = false;
}
$retval .= COM_startBlock($lang_box_admin['edit'], '', COM_getBlockTemplate('_admin_block', 'header'));
$tmplfld = DATABOX_templatePath('admin', 'default', $pi_name);
$templates = new Template($tmplfld);
$templates->set_file('editor', "group_editor.thtml");
//--
$templates->set_var('about_thispage', $lang_box_admin['about_admin_group']);
$templates->set_var('lang_must', $lang_box_admin['must']);
$templates->set_var('site_url', $_CONF['site_url']);
$templates->set_var('site_admin_url', $_CONF['site_admin_url']);
$token = SEC_createToken();
$retval .= SEC_getTokenExpiryNotice($token);
$templates->set_var('gltoken_name', CSRF_TOKEN);
$templates->set_var('gltoken', $token);
$templates->set_var('xhtml', XHTML);
$templates->set_var('script', THIS_SCRIPT);
//
$templates->set_var('lang_link_admin', $lang_box_admin['link_admin']);
$templates->set_var('lang_link_admin_top', $lang_box_admin['link_admin_top']);
//id
$templates->set_var('lang_group_id', $lang_box_admin['group_id']);
$templates->set_var('id', $id);
//コード、名前&説明
$templates->set_var('lang_code', $lang_box_admin['code']);
$templates->set_var('code', $code);
$templates->set_var('lang_name', $lang_box_admin['name']);
$templates->set_var('name', $name);
$templates->set_var('lang_description', $lang_box_admin['description']);
$templates->set_var('description', $description);
//順番
$templates->set_var('lang_orderno', $lang_box_admin['orderno']);
$templates->set_var('orderno', $orderno);
//親ブループ?
$templates->set_var('lang_parent_flg', $lang_box_admin['parent_flg']);
$list_parent_flg = DATABOX_getradiolist($lang_box_noyes, "parent_flg", $parent_flg);
$templates->set_var('list_parent_flg', $list_parent_flg);
//入力タイプ
$templates->set_var('lang_input_type', $lang_box_admin['input_type']);
$list_input_type = DATABOX_getradiolist($lang_box_inputtype, "input_type", $input_type);
$templates->set_var('list_input_type', $list_input_type);
//保存日時
$templates->set_var('lang_udatetime', $lang_box_admin['udatetime']);
$templates->set_var('udatetime', $udatetime);
$templates->set_var('lang_uuid', $lang_box_admin['uuid']);
$templates->set_var('uuid', $uuid);
// SAVE、CANCEL ボタン
$templates->set_var('lang_save', $LANG_ADMIN['save']);
$templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$templates->set_var('lang_preview', $LANG_ADMIN['preview']);
//delete_option
if ($delflg) {
$wkcnt = DB_count($table1, "categorygroup_id", $id);
if ($wkcnt > 0) {
$templates->set_var('lang_delete_help', $lang_box_admin['delete_help_group']);
} else {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
}
}
//
$templates->parse('output', 'editor');
$retval .= $templates->finish($templates->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +---------------------------------------------------------------------------+
//
require_once '../lib-common.php';
$project_id = COM_applyFilter($_POST['projectid'], true);
$taskuser = COM_applyFilter($_REQUEST['taskuser'], true);
if ($taskuser > 0 and SEC_inGroup('nexflow Admin')) {
$usermodeUID = $taskuser;
} else {
$usermodeUID = $_USER['uid'];
}
if (DB_count($_TABLES['nf_projects'], 'id', $project_id) == 1) {
if ($CONF_NF['debug']) {
COM_errorLog("Reclaim Project:{$project_id}");
}
$status = DB_getItem($_TABLES['nf_projects'], 'status', "id='{$project_id}'");
$prev_status = DB_getItem($_TABLES['nf_projects'], 'prev_status', "id='{$project_id}'");
if ($prev_status < 1 or $status == $prev_status) {
$prev_status = 1;
}
if ($status == 6) {
// Currently in Recycled State
DB_query("UPDATE {$_TABLES['nf_projects']} SET status='{$prev_status}', prev_status=6 WHERE id='{$project_id}'");
} elseif ($status == 7) {
// Currently in On-Hold State
DB_query("UPDATE {$_TABLES['nf_projects']} SET status='{$prev_status}', prev_status=7 WHERE id='{$project_id}'");
$taskQuery = DB_query("SELECT * FROM {$_TABLES['nf_projecttaskhistory']} WHERE project_id={$project_id} AND date_completed=0 AND status = 2");