function SERVICE_CMSOPEN_postnuke($authenticate_only) { global $phpnuke, $default_access, $web_root, $root_dir, $cms_user_access, $cms_type, $include_path; if (!defined("LOADED_AS_MODULE") and $phpnuke == "false") { die("You can't access this file directly...<br><br>Generally this means that Jinzora was " . "installed as a PostNuke module and you're trying to access it outside of PostNuke"); } if (function_exists('pnSecAuthAction')) { if (!pnSecAuthAction(0, 'Jinzora::', "::", ACCESS_READ)) { include 'header.php'; die('Access Denied'); include 'footer.php'; } } // Now let's get the users name IF we need it if (pnUserGetVar('uname') != "") { $username = pnUserGetVar('uname'); } else { $username = "******"; } // Ok, now let's authenticate this user userAuthenticate($username); // Now let's see if we only wanted the user access if ($authenticate_only == true) { return; } include_once "header.php"; // Now let's open the table OpenTable(); }
function mediashareResendInvitation($invitationId, $albumId) { $args = array('invitationId' => $invitationId, 'emails' => FormUtil::getPassedValue('emails'), 'subject' => FormUtil::getPassedValue('subject'), 'text' => FormUtil::getPassedValue('text'), 'sender' => FormUtil::getPassedValue('sender'), 'senderemail' => pnUserGetVar('email'), 'expires' => FormUtil::getPassedValue('expires')); if (!pnModAPIFunc('mediashare', 'invitation', 'resendInvitation', $args)) { return false; } return pnRedirect(pnModURL('mediashare', 'invitation', 'list', array('aid' => $albumId))); }
function cookiedecode() { if (!pnUserLoggedIn()) { return; } global $cookie; $cookie = array(pnUserGetVar('uid'), pnUserGetVar('uname'), pnUserGetVar('pass'), pnUserGetVar('storynum'), pnUserGetVar('umode'), pnUserGetVar('uorder'), pnUserGetVar('thold'), pnUserGetVar('noscore'), pnUserGetVar('ublockon'), pnUserGetVar('theme'), pnUserGetVar('commentmax')); return $cookie; }
function dplink_user_main() { $url = trim(pnModGetVar('dplink', 'url')); $window = pnModGetVar('dplink', 'use_window'); $wrap = pnModGetVar('dplink', 'use_postwrap'); $user_data = array(); $home = pnGetBaseURL(); $home .= 'user.php?op=loginscreen&module=NS-User'; if (!pnUserLoggedIn()) { pnRedirect($home); } // We need to get the user password string from the database $uid = pnUserGetVar('uid'); list($dbconn) = pnDBGetConn(); $pntables = pnDBGetTables(); $usertable = $pntables['users']; $usercol =& $pntables['users_column']; $sql = "SELECT {$usercol['uname']}, {$usercol['pass']}, {$usercol['name']}, {$usercol['email']} " . "FROM {$usertable} WHERE {$usercol['uid']} = {$uid}"; $result = $dbconn->Execute($sql); if ($dbconn->ErrorNo() != 0) { die('Could not get user details'); } if ($result->EOF) { die('Could not get user detail'); } list($uname, $password, $user_name, $user_email) = $result->fields; $result->Close(); $user_data['login'] = $uname; $user_data['passwd'] = $password; $user_data['name'] = $user_name; $user_data['email'] = $user_email; $parm = serialize($user_data); $check = md5($parm); $cparm = gzcompress($parm); $bparm = urlencode(base64_encode($cparm)); if ($window) { $url .= '/index.php?login=pn&userdata=' . $bparm . '&check=' . $check; header('Location: ' . $url); } else { $url .= '/index.php?login=pn%26userdata=' . $bparm . '%26check=' . $check; if ($wrap) { header('Location: modules.php?op=modload&name=PostWrap&file=index&page=' . $url); } else { header('Location: modules.php?op=modload&name=dplink&file=index&url=' . $url); } } exit; }
function smarty_function_mediashare_uservar($params, &$smarty) { $dom = ZLanguage::getModuleDomain('mediashare'); if (!isset($params['varName'])) { $smarty->trigger_error(__f('Missing [%1$s] in \'%2$s\'', array('varName', 'mediashare_uservar'), $dom)); return false; } if (!isset($params['userId'])) { $smarty->trigger_error(__f('Missing [%1$s] in \'%2$s\'', array('userId', 'mediashare_uservar'), $dom)); return false; } $var = pnUserGetVar($params['varName'], $params['userId']); $var = DataUtil::formatForDisplay($var); if (isset($params['assign'])) { $smarty->assign($params['assign'], $var); } return $var; }
function blocks_user_block($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, 'Userblock::', "{$row['title']}::", ACCESS_READ)) { return; } if (pnUserLoggedIn() && pnUserGetVar('ublockon') == 1) { $column =& $pntable['users_column']; $uid = pnUserGetVar('uid'); $getblock = $dbconn->Execute("SELECT {$column['ublock']} FROM {$pntable['users']} WHERE {$column['uid']}=" . pnVarPrepForStore($uid) . ""); list($ublock) = $getblock->fields; $username = pnUserGetVar('name'); $row['title'] = _MENUFOR . " " . pnVarPrepForDisplay($username) . ""; $row['content'] = $ublock; return themesideblock($row); } }
function smarty_function_mediashare_username($params, &$smarty) { $dom = ZLanguage::getModuleDomain('mediashare'); if (!isset($params['userId'])) { $smarty->trigger_error(__f('Missing [%1$s] in \'%2$s\'', array('userId', 'mediashare_username'), $dom)); return false; } if (mediashareAccessUserRealName()) { $name = pnUserGetVar('name', $params['userId']); } else { $name = null; } if (!$name) { $name = pnUserGetVar('uname', $params['userId']); } $name = DataUtil::formatForDisplay($name); if (isset($params['assign'])) { $smarty->assign($params['assign'], $name); } return $name; }
/** * Install the TimeIt module. * * @return boolean */ function install() { // create the socialNetwork table try { DoctrineUtil::createTablesFromModels('TimeIt'); } catch (Exception $e) { LogUtil::registerError($e->getMessage()); return false; } // add module vars pnModSetVar('TimeIt', 'monthtoday', '#FF3300'); pnModSetVar('TimeIt', 'monthon', ''); pnModSetVar('TimeIt', 'monthoff', '#d4d2d2'); pnModSetVar('TimeIt', 'rssatomitems', 20); pnModSetVar('TimeIt', 'notifyEvents', 0); pnModSetVar('TimeIt', 'notifyEventsEmail', pnUserGetVar('email', 2)); pnModSetVar('TimeIt', 'itemsPerPage', 25); pnModSetVar('TimeIt', 'filterByPermission', 0); pnModSetVar('TimeIt', 'popupOnHover', 0); pnModSetVar('TimeIt', 'colorCats', 1); pnModSetVar('TimeIt', 'googleMapsApiKey', ''); pnModSetVar('TimeIt', 'mapViewType', 'googleMaps'); pnModSetVar('TimeIt', 'mapHeight', 320); pnModSetVar('TimeIt', 'mapWidth', 480); pnModSetVar('TimeIt', 'colorCatsProp', 'Main'); pnModSetVar('TimeIt', 'hideTimeItAddress', 0); pnModSetVar('TimeIt', 'defaultCalendar', 1); pnModSetVar('TimeIt', 'firstWeekDay', 1); pnModSetVar('TimeIt', 'defalutCatColor', 'silver'); pnModSetVar('TimeIt', 'truncateTitle', 30); pnModSetVar('TimeIt', 'enablecategorization', 1); pnModSetVar('TimeIt', 'userdeletionMode', 'anonymize'); // or delete pnModSetVar('TimeIt', 'dateformat', 'datebrief'); pnModSetVar('TimeIt', 'defaultPrivateCalendar', 0); pnModSetVar('TimeIt', 'sortMode', 'byname'); // or bysortvalue return true; }
* * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * * To read the license please read the docs/license.txt or visit * http://www.gnu.org/copyleft/gpl.html * */ // grab the form variables $tplview = pnVarCleanFromInput('tplview'); $viewtype = pnVarCleanFromInput('viewtype'); $eid = pnVarCleanFromInput('eid'); $Date = pnVarCleanFromInput('Date'); $print = pnVarCleanFromInput('print'); $uid = pnUserGetVar('uid'); $pc_username = pnVarCleanFromInput('pc_username'); $output =& new pnHTML(); $output->SetInputMode(_PNH_VERBATIMINPUT); if (!pnModAPILoad('postcalendar', 'user')) { die('Could not load PostCalendar user API'); } $theme = pnUserGetTheme(); if (!pnThemeLoad($theme)) { die('Could not load theme'); } $output->Text('<html><head>'); $output->Text("<title>" . pnConfigGetVar('sitename') . ' :: ' . pnConfigGetVar('slogan') . "</title>\n"); $output->Text('<link rel="StyleSheet" href="themes/' . $theme . '/style/styleNN.css" type="text/css" />'); $output->Text('<style type="text/css">@import url("themes/' . $theme . '/style/style.css"); </style>'); $output->Text('</head>');
/** * display block */ function postcalendar_calendarblock_display($blockinfo) { // You supposed to be here? if (!pnSecAuthAction(0, 'PostCalendar:calendarblock:', "{$blockinfo['title']}::", ACCESS_OVERVIEW)) { return false; } // find out what view we're using $template_view = pnVarCleanFromInput('tplview'); if (!isset($template_view)) { $template_view = 'default'; } // find out what template we're using $template_name = _SETTING_TEMPLATE; if (!isset($template_name) || empty($template_name)) { $template_name = 'default'; } // What is today's correct date $Date =& postcalendar_getDate(); // Get variables from content block $vars = unserialize($blockinfo['content']); $showcalendar = $vars['pcbshowcalendar']; $showevents = $vars['pcbeventoverview']; $eventslimit = $vars['pcbeventslimit']; $nextevents = $vars['pcbnextevents']; $pcbshowsslinks = $vars['pcbshowsslinks']; $pcbeventsrange = $vars['pcbeventsrange']; // Let's setup the info to build this sucka! $the_year = substr($Date, 0, 4); $the_month = substr($Date, 4, 2); $the_day = substr($Date, 6, 2); $uid = pnUserGetVar('uid'); $cacheid1 = $cacheid2 = $cacheid3 = ''; $theme = pnUserGetTheme(); pnThemeLoad($theme); global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5; global $textcolor1, $textcolor2; // 20021125 - rraymond :: we have to do this to make it work with envolution $pcModInfo = pnModGetInfo(pnModGetIDFromName(__POSTCALENDAR__)); $pcDir = pnVarPrepForOS($pcModInfo['directory']); require_once "modules/{$pcDir}/pnincludes/Smarty/Config_File.class.php"; unset($pcModInfo); // set up Smarty $tpl =& new pcSmarty(); // setup the Smarty cache id $templates_cached = true; if ($showcalendar) { $cacheid1 = md5($Date . 'M' . $template_view . $template_name . $showcalendar . $showevents . $nextevents . $uid . $theme); if (!$tpl->is_cached($template_name . '/views/calendarblock/month_view.html', $cacheid1)) { $templates_cached = false; } } if ($showevents) { $cacheid2 = md5($Date . 'T' . $template_view . $template_name . $showcalendar . $showevents . $nextevents . $uid . $theme); if (!$tpl->is_cached($template_name . '/views/calendarblock/todays_events.html', $cacheid2)) { $templates_cached = false; } } if ($nextevents) { $cacheid3 = md5($Date . 'U' . $template_view . $template_name . $showcalendar . $showevents . $nextevents . $uid . $theme); if (!$tpl->is_cached($template_name . '/views/calendarblock/upcoming_events.html', $cacheid3)) { $templates_cached = false; } } // start the output container $output = pnModAPIFunc(__POSTCALENDAR__, 'user', 'pageSetup'); // if one of the templates is not cached, we need to run the following if (!$templates_cached) { // set up the next and previous months to move to $prev_month = Date_Calc::beginOfPrevMonth(1, $the_month, $the_year, '%Y%m%d'); $next_month = Date_Calc::beginOfNextMonth(1, $the_month, $the_year, '%Y%m%d'); $last_day = Date_Calc::daysInMonth($the_month, $the_year); $pc_prev = pnModURL(__POSTCALENDAR__, 'user', 'view', array('tplview' => $template_view, 'viewtype' => 'month', 'Date' => $prev_month)); $pc_next = pnModURL(__POSTCALENDAR__, 'user', 'view', array('tplview' => $template_view, 'viewtype' => 'month', 'Date' => $next_month)); $pc_month_name = pnModAPIFunc(__POSTCALENDAR__, 'user', 'getmonthname', array('Date' => mktime(0, 0, 0, $the_month, $the_day, $the_year))); $month_link_url = pnModURL(__POSTCALENDAR__, 'user', 'view', array('tplview' => $template_view, 'viewtype' => 'month', 'Date' => date('Ymd', mktime(0, 0, 0, $the_month, 1, $the_year)))); $month_link_text = $pc_month_name . ' ' . $the_year; //******************************************************************* // Here we get the events for the current month view //******************************************************************* $day_of_week = 1; $pc_month_names = array(_CALJAN, _CALFEB, _CALMAR, _CALAPR, _CALMAY, _CALJUN, _CALJUL, _CALAUG, _CALSEP, _CALOCT, _CALNOV, _CALDEC); $pc_short_day_names = array(_CALSUNDAYSHORT, _CALMONDAYSHORT, _CALTUESDAYSHORT, _CALWEDNESDAYSHORT, _CALTHURSDAYSHORT, _CALFRIDAYSHORT, _CALSATURDAYSHORT); $pc_long_day_names = array(_CALSUNDAY, _CALMONDAY, _CALTUESDAY, _CALWEDNESDAY, _CALTHURSDAY, _CALFRIDAY, _CALSATURDAY); switch (_SETTING_FIRST_DAY_WEEK) { case _IS_MONDAY: $pc_array_pos = 1; $first_day = date('w', mktime(0, 0, 0, $the_month, 0, $the_year)); $end_dow = date('w', mktime(0, 0, 0, $the_month, $last_day, $the_year)); if ($end_dow != 0) { $the_last_day = $last_day + (7 - $end_dow); } else { $the_last_day = $last_day; } break; case _IS_SATURDAY: $pc_array_pos = 6; $first_day = date('w', mktime(0, 0, 0, $the_month, 2, $the_year)); $end_dow = date('w', mktime(0, 0, 0, $the_month, $last_day, $the_year)); if ($end_dow == 6) { $the_last_day = $last_day + 6; } elseif ($end_dow != 5) { $the_last_day = $last_day + (5 - $end_dow); } else { $the_last_day = $last_day; } break; case _IS_SUNDAY: default: $pc_array_pos = 0; $first_day = date('w', mktime(0, 0, 0, $the_month, 1, $the_year)); $end_dow = date('w', mktime(0, 0, 0, $the_month, $last_day, $the_year)); if ($end_dow != 6) { $the_last_day = $last_day + (6 - $end_dow); } else { $the_last_day = $last_day; } break; } $month_view_start = date('Y-m-d', mktime(0, 0, 0, $the_month, 1, $the_year)); $month_view_end = date('Y-m-t', mktime(0, 0, 0, $the_month, 1, $the_year)); $today_date = postcalendar_today('%Y-%m-%d'); $starting_date = date('m/d/Y', mktime(0, 0, 0, $the_month, 1 - $first_day, $the_year)); $ending_date = date('m/t/Y', mktime(0, 0, 0, $the_month + $pcbeventsrange, 1, $the_year)); $eventsByDate =& pnModAPIFunc(__POSTCALENDAR__, 'user', 'pcGetEvents', array('start' => $starting_date, 'end' => $ending_date)); $calendarView = Date_Calc::getCalendarMonth($the_month, $the_year, '%Y-%m-%d'); $sdaynames = array(); $numDays = count($pc_short_day_names); for ($i = 0; $i < $numDays; $i++) { if ($pc_array_pos >= $numDays) { $pc_array_pos = 0; } array_push($sdaynames, $pc_short_day_names[$pc_array_pos]); $pc_array_pos++; } $daynames = array(); $numDays = count($pc_long_day_names); for ($i = 0; $i < $numDays; $i++) { if ($pc_array_pos >= $numDays) { $pc_array_pos = 0; } array_push($daynames, $pc_long_day_names[$pc_array_pos]); $pc_array_pos++; } $dates = array(); while ($starting_date <= $ending_date) { array_push($dates, $starting_date); list($m, $d, $y) = explode('/', $starting_date); $starting_date = Date_Calc::nextDay($d, $m, $y, '%m/%d/%Y'); } $categories =& pnModAPIFunc(__POSTCALENDAR__, 'user', 'getCategories'); if (isset($calendarView)) { $tpl->assign_by_ref('CAL_FORMAT', $calendarView); } $tpl->assign_by_ref('A_MONTH_NAMES', $pc_month_names); $tpl->assign_by_ref('A_LONG_DAY_NAMES', $pc_long_day_names); $tpl->assign_by_ref('A_SHORT_DAY_NAMES', $pc_short_day_names); $tpl->assign_by_ref('S_LONG_DAY_NAMES', $daynames); $tpl->assign_by_ref('S_SHORT_DAY_NAMES', $sdaynames); $tpl->assign_by_ref('A_EVENTS', $eventsByDate); $tpl->assign_by_ref('A_CATEGORY', $categories); $tpl->assign_by_ref('PREV_MONTH_URL', $pc_prev); $tpl->assign_by_ref('NEXT_MONTH_URL', $pc_next); $tpl->assign_by_ref('MONTH_START_DATE', $month_view_start); $tpl->assign_by_ref('MONTH_END_DATE', $month_view_end); $tpl->assign_by_ref('TODAY_DATE', $today_date); $tpl->assign_by_ref('DATE', $Date); $tpl->assign_by_ref('DISPLAY_LIMIT', $eventslimit); $tpl->assign('TODAYS_EVENTS_TITLE', _PC_TODAYS_EVENTS); $tpl->assign('UPCOMING_EVENTS_TITLE', _PC_UPCOMING_EVENTS); $tpl->assign('NO_EVENTS', _PC_BLOCK_NO_EVENTS); } if ($showcalendar) { // we need to create a unique ID for caching purposes $output .= $tpl->fetch($template_name . '/views/calendarblock/month_view.html', $cacheid1); } if ($showevents) { if ($showcalendar) { $tpl->assign('SHOW_TITLE', 1); } else { $tpl->assign('SHOW_TITLE', 0); } // we need to create a unique ID for caching purposes $output .= $tpl->fetch($template_name . '/views/calendarblock/todays_events.html', $cacheid2); } if ($nextevents) { if ($showcalendar || $showevents) { $tpl->assign('SHOW_TITLE', 1); } else { $tpl->assign('SHOW_TITLE', 0); } // we need to create a unique ID for caching purposes $output .= $tpl->fetch($template_name . '/views/calendarblock/upcoming_events.html', $cacheid3); } if ($pcbshowsslinks) { $output .= '<br /><br />'; $submit_event_url = pnModURL(__POSTCALENDAR__, 'user', 'submit'); $search_event_url = pnModURL(__POSTCALENDAR__, 'user', 'search'); $output .= '<center>'; if (PC_ACCESS_ADD) { $output .= '[ <a href="' . $submit_event_url . '">' . _PC_SUBMIT_EVENT . '</a> ] '; } $output .= '[ <a href="' . $search_event_url . '">' . _PC_SEARCH_EVENT . '</a> ]'; $output .= '</center>'; } // Populate block info and pass to theme $blockinfo['content'] = $output; return themesideblock($blockinfo); }
function rss_connect(&$row, $use_proxy) { $pntable = pnDBGetTables(); $proxy = pnUserGetVar('proxy'); // build HTTP request header $str = ""; $str .= "GET {$row['url']} HTTP/1.0 \r\n"; // if we need to use a proxy, we must build the HTTP header if ($proxy['host'] != "" && $proxy['port'] != "" && $use_proxy && $proxy['enable']) { // copy host information from proxy settings // echo "Connecting to proxyserver "; $host = $proxy['host']; $port = $proxy['port']; $conn_type = "proxy "; // used for debugging and errors only // add some extra header lines if PROXY authentication is required if ($proxy['name'] != "" && $proxy['pass'] != "") { $str .= "Proxy-Authorization: Basic "; $str .= base64_encode($proxy['name'] . ":" . $proxy['pass']) . "\r\n"; $row['conn_comment'] .= " \n<!-- via Authenticating Proxy {$proxy['name']}:{$proxy['pass']}@{$proxy['host']}:{$proxy['port']} -->"; } else { $row['conn_comment'] .= " \n<!-- via Proxy {$proxy['host']}:{$proxy['port']} -->"; } } else { $u = parse_url($row['url']); $u['port'] = $u['port'] ? $u['port'] : 80; // copy the remote host information in case of no proxy if ($this->_debug) { echo "Connecting to host "; } $host = $u['host']; $port = $u['port']; $conn_type = "remote "; // used for debugging and errors only // add some extra header info if SITE authentication is required if ($uname != "" && $pass != "") { $str .= "Authorization: Basic "; $str .= base64_encode($set['uname'] . ":" . $set['pass']) . "\r\n"; $row['conn_comment'] .= " \n<!-- using authentication {$set['uname']}:{$set['pass']} -->"; } } // End with empty line according to protocol. $str .= "\r\n"; // open the connection to the remote host, or the proxy $fp = fsockopen($host, $port, $errno, $errstr, 2); if (!$fp) { return false; } else { // write the request fputs($fp, $str); return $fp; } }
function mediashare_userapi_getSubAlbumsData($args) { // Check access if (!SecurityUtil::checkPermission('mediashare::', '::', ACCESS_READ)) { return LogUtil::registerPermissionError(); } $dom = ZLanguage::getModuleDomain('mediashare'); // Argument check if (!isset($args['albumId'])) { return LogUtil::registerError(__f('Missing [%1$s] in \'%2$s\'', array('albumId', 'userapi.getSubAlbumsData'), $dom)); } $albumId = (int) $args['albumId']; $startnum = isset($args['startnum']) ? (int) $args['startnum'] : -1; $numitems = isset($args['numitems']) ? (int) $args['numitems'] : -1; $recursively = isset($args['recursively']) ? (bool) $args['recursively'] : false; $access = isset($args['access']) ? (int) $args['access'] : 0xff; $excludeAlbumId = isset($args['excludeAlbumId']) ? (int) $args['excludeAlbumId'] : null; $onlyMine = isset($args['onlyMine']) ? $args['onlyMine'] : false; $includeMainItem = isset($args['includeMainItem']) ? (bool) $args['includeMainItem'] : true; // FIXME rework this to default false $pntable = pnDBGetTables(); $albumsColumn = $pntable['mediashare_albums_column']; $accessibleAlbumSql = pnModAPIFunc('mediashare', 'user', 'getAccessibleAlbumsSql', array('albumId' => $recursively ? null : $albumId, 'access' => $access, 'field' => $albumsColumn['id'])); if (!$accessibleAlbumSql) { return false; } $excludeRestriction = ''; if ($excludeAlbumId != null) { if (!($excludeAlbum = pnModAPIFunc('mediashare', 'user', 'getAlbum', array('albumId' => $excludeAlbumId)))) { return false; } $excludeRestriction = " AND ({$albumsColumn['nestedSetLeft']} < {$excludeAlbum['nestedSetLeft']}\r\n OR {$albumsColumn['nestedSetRight']} > {$excludeAlbum['nestedSetRight']}) "; } $mineSql = ''; if ($onlyMine) { $uid = (int) pnUserGetVar('uid'); $mineSql = " AND {$albumsColumn['ownerId']} = '{$uid}'"; } $where = "({$accessibleAlbumSql}) {$excludeRestriction} {$mineSql}"; if ($recursively) { $orderby = "{$albumsColumn['nestedSetLeft']}, {$albumsColumn['title']}"; } else { $where .= " AND {$albumsColumn['parentAlbumId']} = '{$albumId}'"; $orderby = $albumsColumn['title']; } $subalbums = DBUtil::selectObjectArray('mediashare_albums', $where, $orderby, $startnum, $numitems, 'id'); if ($subalbums === false) { return LogUtil::registerError(__f('Error in %1$s: %2$s.', array('userapi.getSubAlbumsData', 'Could not retrieve the sub albums information.'), $dom)); } foreach (array_keys($subalbums) as $k) { $subalbums[$k]['mainMediaItem'] = null; if ($includeMainItem && (int) $subalbums[$k]['mainMediaId'] > 0) { $subalbums[$k]['mainMediaItem'] = pnModAPIFunc('mediashare', 'user', 'getMediaItem', array('mediaId' => $subalbums[$k]['mainMediaId'])); } $subalbums[$k]['extappData'] = unserialize($subalbums[$k]['extappData']); mediashareAddKeywords($subalbums[$k]); } return $subalbums; }
/** * display item * This is a standard function to provide detailed information on a single item * available from the module. */ function postcalendar_user_display($args) { list($eid, $viewtype, $tplview, $pc_username, $Date, $print, $category, $topic, $pc_facility) = pnVarCleanFromInput('eid', 'viewtype', 'tplview', 'pc_username', 'Date', 'print', 'pc_category', 'pc_topic', 'pc_facility'); // added to allow the view & providers to remain as the user last saw it -- JRM if ($_SESSION['viewtype']) { $viewtype = $_SESSION['viewtype']; } if ($_SESSION['pc_username']) { $pc_username = $_SESSION['pc_username']; } // funky things happen if the view is 'details' and we don't have an event ID // so in such a case, we're going to revert to the 'day' view -- JRM if ($viewtype == 'details' && (!isset($eid) || $eid == "")) { $_SESSION['viewtype'] = 'day'; $viewtype = $_SESSION['viewtype']; } extract($args); if (empty($Date) && empty($viewtype)) { return false; } if (empty($tplview)) { $tplview = 'default'; } $uid = pnUserGetVar('uid'); $theme = pnUserGetTheme(); //$cacheid = md5($Date.$viewtype.$tplview._SETTING_TEMPLATE.$eid.$print.$uid.'u'.$pc_username.$theme.'c'.$category.'t'.$topic); $cacheid = md5(strtotime("now")); switch ($viewtype) { case 'details': if (!(bool) PC_ACCESS_READ) { return _POSTCALENDARNOAUTH; } $event = pnModAPIFunc('PostCalendar', 'user', 'eventDetail', array('eid' => $eid, 'Date' => $Date, 'print' => $print, 'cacheid' => $cacheid)); if ($event === false) { pnRedirect(pnModURL(__POSTCALENDAR__, 'user')); } $out = "\n\n<!-- START user_display -->\n\n"; $out .= $event; $out .= "\n\n<!-- END user_display -->\n\n"; break; default: if (!(bool) PC_ACCESS_OVERVIEW) { return _POSTCALENDARNOAUTH; } $out = "\n\n<!-- START user_display -->\n\n"; $out .= pnModAPIFunc('PostCalendar', 'user', 'buildView', array('Date' => $Date, 'viewtype' => $viewtype, 'cacheid' => $cacheid)); $out .= "\n\n<!-- END user_display -->\n\n"; break; } // Return the output that has been generated by this function return $out; }
function postcalendar_admin_submit($args) { if (!PC_ACCESS_ADMIN) { return _POSTCALENDAR_NOAUTH; } pnModAPILoad(__POSTCALENDAR__, 'user'); $output = postcalendar_adminmenu(); // get the theme globals :: is there a better way to do this? pnThemeLoad(pnUserGetTheme()); global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5, $textcolor1, $textcolor2; extract($args); $Date = postcalendar_getDate(); $year = substr($Date, 0, 4); $month = substr($Date, 4, 2); $day = substr($Date, 6, 2); // basic event information $event_subject = pnVarCleanFromInput('event_subject'); $event_desc = pnVarCleanFromInput('event_desc'); $event_sharing = pnVarCleanFromInput('event_sharing'); $event_category = pnVarCleanFromInput('event_category'); $event_topic = pnVarCleanFromInput('event_topic'); // event start information $event_startmonth = pnVarCleanFromInput('event_startmonth'); $event_startday = pnVarCleanFromInput('event_startday'); $event_startyear = pnVarCleanFromInput('event_startyear'); $event_starttimeh = pnVarCleanFromInput('event_starttimeh'); $event_starttimem = pnVarCleanFromInput('event_starttimem'); $event_startampm = pnVarCleanFromInput('event_startampm'); // event end information $event_endmonth = pnVarCleanFromInput('event_endmonth'); $event_endday = pnVarCleanFromInput('event_endday'); $event_endyear = pnVarCleanFromInput('event_endyear'); $event_endtype = pnVarCleanFromInput('event_endtype'); $event_dur_hours = pnVarCleanFromInput('event_dur_hours'); $event_dur_minutes = pnVarCleanFromInput('event_dur_minutes'); $event_duration = 60 * 60 * $event_dur_hours + 60 * $event_dur_minutes; $event_allday = pnVarCleanFromInput('event_allday'); // location data $event_location = pnVarCleanFromInput('event_location'); $event_street1 = pnVarCleanFromInput('event_street1'); $event_street2 = pnVarCleanFromInput('event_street2'); $event_city = pnVarCleanFromInput('event_city'); $event_state = pnVarCleanFromInput('event_state'); $event_postal = pnVarCleanFromInput('event_postal'); $event_location_info = serialize(compact('event_location', 'event_street1', 'event_street2', 'event_city', 'event_state', 'event_postal')); // contact data $event_contname = pnVarCleanFromInput('event_contname'); $event_conttel = pnVarCleanFromInput('event_conttel'); $event_contemail = pnVarCleanFromInput('event_contemail'); $event_website = pnVarCleanFromInput('event_website'); $event_fee = pnVarCleanFromInput('event_fee'); // event repeating data $event_repeat = pnVarCleanFromInput('event_repeat'); $event_repeat_freq = pnVarCleanFromInput('event_repeat_freq'); $event_repeat_freq_type = pnVarCleanFromInput('event_repeat_freq_type'); $event_repeat_on_num = pnVarCleanFromInput('event_repeat_on_num'); $event_repeat_on_day = pnVarCleanFromInput('event_repeat_on_day'); $event_repeat_on_freq = pnVarCleanFromInput('event_repeat_on_freq'); $event_recurrspec = serialize(compact('event_repeat_freq', 'event_repeat_freq_type', 'event_repeat_on_num', 'event_repeat_on_day', 'event_repeat_on_freq')); $pc_html_or_text = pnVarCleanFromInput('pc_html_or_text'); $form_action = pnVarCleanFromInput('form_action'); $pc_event_id = pnVarCleanFromInput('pc_event_id'); $data_loaded = pnVarCleanFromInput('data_loaded'); $is_update = pnVarCleanFromInput('is_update'); $authid = pnVarCleanFromInput('authid'); if (pnUserLoggedIn()) { $uname = pnUserGetVar('uname'); } else { $uname = pnConfigGetVar('anonymous'); } if (!isset($event_repeat)) { $event_repeat = 0; } // lets wrap all the data into array for passing to submit and preview functions if (!isset($pc_event_id) || empty($pc_event_id) || $data_loaded) { $eventdata = compact('event_subject', 'event_desc', 'event_sharing', 'event_category', 'event_topic', 'event_startmonth', 'event_startday', 'event_startyear', 'event_starttimeh', 'event_starttimem', 'event_startampm', 'event_endmonth', 'event_endday', 'event_endyear', 'event_endtype', 'event_dur_hours', 'event_dur_minutes', 'event_duration', 'event_allday', 'event_location', 'event_street1', 'event_street2', 'event_city', 'event_state', 'event_postal', 'event_location_info', 'event_contname', 'event_conttel', 'event_contemail', 'event_website', 'event_fee', 'event_repeat', 'event_repeat_freq', 'event_repeat_freq_type', 'event_repeat_on_num', 'event_repeat_on_day', 'event_repeat_on_freq', 'event_recurrspec', 'uname', 'Date', 'year', 'month', 'day', 'pc_html_or_text'); $eventdata['is_update'] = $is_update; $eventdata['pc_event_id'] = $pc_event_id; $eventdata['data_loaded'] = true; } else { $event = postcalendar_userapi_pcGetEventDetails($pc_event_id); $eventdata['event_subject'] = $event['title']; $eventdata['event_desc'] = $event['hometext']; $eventdata['event_sharing'] = $event['sharing']; $eventdata['event_category'] = $event['catid']; $eventdata['event_topic'] = $event['topic']; $eventdata['event_startmonth'] = substr($event['eventDate'], 5, 2); $eventdata['event_startday'] = substr($event['eventDate'], 8, 2); $eventdata['event_startyear'] = substr($event['eventDate'], 0, 4); $eventdata['event_starttimeh'] = substr($event['startTime'], 0, 2); $eventdata['event_starttimem'] = substr($event['startTime'], 3, 2); $eventdata['event_startampm'] = $eventdata['event_starttimeh'] < 12 ? _PC_AM : _PC_PM; $eventdata['event_endmonth'] = substr($event['endDate'], 5, 2); $eventdata['event_endday'] = substr($event['endDate'], 8, 2); $eventdata['event_endyear'] = substr($event['endDate'], 0, 4); $eventdata['event_endtype'] = $event['endDate'] == '0000-00-00' ? '0' : '1'; $eventdata['event_dur_hours'] = $event['duration_hours']; $eventdata['event_dur_minutes'] = $event['duration_minutes']; $eventdata['event_duration'] = $event['duration']; $eventdata['event_allday'] = $event['alldayevent']; $loc_data = unserialize($event['location']); $eventdata['event_location'] = $loc_data['event_location']; $eventdata['event_street1'] = $loc_data['event_street1']; $eventdata['event_street2'] = $loc_data['event_street2']; $eventdata['event_city'] = $loc_data['event_city']; $eventdata['event_state'] = $loc_data['event_state']; $eventdata['event_postal'] = $loc_data['event_postal']; $eventdata['event_location_info'] = $loc_data; $eventdata['event_contname'] = $event['contname']; $eventdata['event_conttel'] = $event['conttel']; $eventdata['event_contemail'] = $event['contemail']; $eventdata['event_website'] = $event['website']; $eventdata['event_fee'] = $event['fee']; $eventdata['event_repeat'] = $event['recurrtype']; $eventdata['event_pid'] = $event['pid']; $eventdata['event_aid'] = $event['aid']; $rspecs = unserialize($event['recurrspec']); $eventdata['event_repeat_freq'] = $rspecs['event_repeat_freq']; $eventdata['event_repeat_freq_type'] = $rspecs['event_repeat_freq_type']; $eventdata['event_repeat_on_num'] = $rspecs['event_repeat_on_num']; $eventdata['event_repeat_on_day'] = $rspecs['event_repeat_on_day']; $eventdata['event_repeat_on_freq'] = $rspecs['event_repeat_on_freq']; $eventdata['event_recurrspec'] = $rspecs; $eventdata['uname'] = $uname; $eventdata['Date'] = $Date; $eventdata['year'] = $year; $eventdata['month'] = $month; $eventdata['day'] = $day; $eventdata['is_update'] = true; $eventdata['pc_event_id'] = $pc_event_id; $eventdata['data_loaded'] = true; $eventdata['pc_html_or_text'] = $pc_html_or_text; } // lets get the module's information $modinfo = pnModGetInfo(pnModGetIDFromName(__POSTCALENDAR__)); $categories = pnModAPIFunc(__POSTCALENDAR__, 'user', 'getCategories'); //================================================================ // ERROR CHECKING //================================================================ $required_vars = array('event_subject', 'event_desc'); $required_name = array(_PC_EVENT_TITLE, _PC_EVENT_DESC); $error_msg = ''; $reqCount = count($required_vars); for ($r = 0; $r < $reqCount; $r++) { if (empty(${$required_vars}[$r]) || !preg_match('/\\S/i', ${$required_vars}[$r])) { $error_msg .= '<b>' . $required_name[$r] . '</b> ' . _PC_SUBMIT_ERROR4 . '<br />'; } } unset($reqCount); // check repeating frequencies if ($event_repeat == REPEAT) { if (!isset($event_repeat_freq) || $event_repeat_freq < 1 || empty($event_repeat_freq)) { $error_msg .= _PC_SUBMIT_ERROR5 . '<br />'; } elseif (!is_numeric($event_repeat_freq)) { $error_msg .= _PC_SUBMIT_ERROR6 . '<br />'; } } elseif ($event_repeat == REPEAT_ON) { if (!isset($event_repeat_on_freq) || $event_repeat_on_freq < 1 || empty($event_repeat_on_freq)) { $error_msg .= _PC_SUBMIT_ERROR5 . '<br />'; } elseif (!is_numeric($event_repeat_on_freq)) { $error_msg .= _PC_SUBMIT_ERROR6 . '<br />'; } } // check date validity if (_SETTING_TIME_24HOUR) { $startTime = $event_starttimeh . ':' . $event_starttimem; $endTime = $event_endtimeh . ':' . $event_endtimem; } else { if ($event_startampm == _AM_VAL) { $event_starttimeh = $event_starttimeh == 12 ? '00' : $event_starttimeh; } else { $event_starttimeh = $event_starttimeh != 12 ? $event_starttimeh += 12 : $event_starttimeh; } $startTime = $event_starttimeh . ':' . $event_starttimem; } $sdate = strtotime($event_startyear . '-' . $event_startmonth . '-' . $event_startday); $edate = strtotime($event_endyear . '-' . $event_endmonth . '-' . $event_endday); $tdate = strtotime(date('Y-m-d')); if ($edate < $sdate && $event_endtype == 1) { $error_msg .= _PC_SUBMIT_ERROR1 . '<br />'; } if (!checkdate($event_startmonth, $event_startday, $event_startyear)) { $error_msg .= _PC_SUBMIT_ERROR2 . '<br />'; } if (!checkdate($event_endmonth, $event_endday, $event_endyear)) { $error_msg .= _PC_SUBMIT_ERROR3 . '<br />'; } //================================================================ // Preview the event //================================================================ if ($form_action == 'preview') { if (!empty($error_msg)) { $preview = false; $output .= '<table border="0" width="100%" cellpadding="1" cellspacing="0"><tr><td bgcolor="red">'; $output .= '<table border="0" width="100%" cellpadding="1" cellspacing="0"><tr><td bgcolor="pink">'; $output .= '<center><b>' . _PC_SUBMIT_ERROR . '</b></center>'; $output .= '<br />'; $output .= $error_msg; $output .= '</td></td></table>'; $output .= '</td></td></table>'; $output .= '<br /><br />'; } else { $output .= pnModAPIFunc(__POSTCALENDAR__, 'user', 'eventPreview', $eventdata); $output .= '<br />'; } } //================================================================ // Enter the event into the DB //================================================================ if ($form_action == 'commit') { //if (!pnSecConfirmAuthKey()) { return(_NO_DIRECT_ACCESS); } if (!empty($error_msg)) { $preview = false; $output .= '<table border="0" width="100%" cellpadding="1" cellspacing="0"><tr><td bgcolor="red">'; $output .= '<table border="0" width="100%" cellpadding="1" cellspacing="0"><tr><td bgcolor="pink">'; $output .= '<center><b>' . _PC_SUBMIT_ERROR . '</b></center>'; $output .= '<br />'; $output .= $error_msg; $output .= '</td></td></table>'; $output .= '</td></td></table>'; $output .= '<br /><br />'; } else { if (!pnModAPIFunc(__POSTCALENDAR__, 'admin', 'submitEvent', $eventdata)) { $output .= '<center><div style="padding:5px; border:1px solid red; background-color: pink;">'; $output .= "<b>" . _PC_EVENT_SUBMISSION_FAILED . "</b>"; $output .= '</div></center><br />'; $output .= '<br />'; } else { // clear the Smarty cache $tpl = new pcSmarty(); $tpl->clear_all_cache(); $output .= '<center><div style="padding:5px; border:1px solid green; background-color: lightgreen;">'; if ($is_update) { $output .= "<b>" . _PC_EVENT_EDIT_SUCCESS . "</b>"; } else { $output .= "<b>" . _PC_EVENT_SUBMISSION_SUCCESS . "</b>"; } $output .= '</div></center><br />'; $output .= '<br />'; // clear the form vars $event_subject = $event_desc = $event_sharing = $event_category = $event_topic = $event_startmonth = $event_startday = $event_startyear = $event_starttimeh = $event_starttimem = $event_startampm = $event_endmonth = $event_endday = $event_endyear = $event_endtype = $event_dur_hours = $event_dur_minutes = $event_duration = $event_allday = $event_location = $event_street1 = $event_street2 = $event_city = $event_state = $event_postal = $event_location_info = $event_contname = $event_conttel = $event_contemail = $event_website = $event_fee = $event_repeat = $event_repeat_freq = $event_repeat_freq_type = $event_repeat_on_num = $event_repeat_on_day = $event_repeat_on_freq = $event_recurrspec = $uname = $Date = $year = $month = $day = $pc_html_or_text = null; $is_update = false; $pc_event_id = 0; // lets wrap all the data into array for passing to submit and preview functions $eventdata = compact('event_subject', 'event_desc', 'event_sharing', 'event_category', 'event_topic', 'event_startmonth', 'event_startday', 'event_startyear', 'event_starttimeh', 'event_starttimem', 'event_startampm', 'event_endmonth', 'event_endday', 'event_endyear', 'event_endtype', 'event_dur_hours', 'event_dur_minutes', 'event_duration', 'event_allday', 'event_location', 'event_street1', 'event_street2', 'event_city', 'event_state', 'event_postal', 'event_location_info', 'event_contname', 'event_conttel', 'event_contemail', 'event_website', 'event_fee', 'event_repeat', 'event_repeat_freq', 'event_repeat_freq_type', 'event_repeat_on_num', 'event_repeat_on_day', 'event_repeat_on_freq', 'event_recurrspec', 'uname', 'Date', 'year', 'month', 'day', 'pc_html_or_text', 'is_update', 'pc_event_id'); } } } $output .= pnModAPIFunc('PostCalendar', 'admin', 'buildSubmitForm', $eventdata); return $output; }
/** * get a Time String in the right format * * @deprecated * * @param time $ - prefix string * @return mixed string if successfull, false if not */ function GetUserTime($time) { LogUtil::log(__f('Warning! Function %1$s is deprecated.', 'GetUserTime'), E_USER_DEPRECATED); if (empty($time)) { return; } if (pnUserLoggedIn()) { $time += (pnUserGetVar('tzoffset') - System::getVar('timezone_server')) * 3600; } else { $time += (System::getVar('timezone_offset') - System::getVar('timezone_server')) * 3600; } return ($time); }
function user_user_main($var) { include 'header.php'; user_menu_draw(); if (pnUserLoggedIn()) { $uname = pnUserGetVar('uname'); if (pnModAvailable('Comments')) { user_main_last10com($uname); } if (pnModAvailable('News')) { user_main_last10submit($uname); } include 'footer.php'; } // ?else }
function blocks_past_block($row) { $catid = pnVarCleanFromInput('catid'); list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $oldnum = pnConfigGetVar('perpage'); if (!pnSecAuthAction(0, 'Pastblock::', "{$row['title']}::", ACCESS_READ)) { return; } if (pnUserLoggedIn()) { $storyhome = pnUserGetVar('storynum'); } else { $storyhome = pnConfigGetVar('storyhome'); } // Break out options from our content field $vars = pnBlockVarsFromContent($row['content']); // Defaults if (empty($storynum)) { $storynum = 10; } if (empty($vars['limit'])) { $vars['limit'] = 10; } $storynum = $vars['limit']; $column =& $pntable['stories_column']; if (!isset($catid) || $catid == '') { $articles = getArticles("{$column['ihome']}=0", "{$column['time']} DESC", $storynum, $storyhome); } else { $articles = getArticles("{$column['catid']}={$catid}", "{$column['time']} DESC", $storynum, $storyhome); } $time2 = ""; setlocale(LC_TIME, pnConfigGetVar('locale')); $boxstuff = "<table width=\"100%\" cellpadding=\"1\" cellspacing=\"0\" border=\"0\" class=\"pn-normal\">\n"; $vari = 0; $see = 0; foreach ($articles as $article) { $info = genArticleInfo($article); $links = genArticleLinks($info); $preformat = genArticlePreformat($info, $links); // a little bit tricky to remove the bold property from link description // (2001-11-15, hdonner) $preformat['title'] = str_replace("pn-title", "pn-normal", $preformat['title']); if (!pnSecAuthAction(0, 'Stories::Story', "{$info['aid']}:{$info['cattitle']}:{$info['sid']}", ACCESS_READ) || !pnSecAuthAction(0, 'Topics::Topic', "{$info['topicname']}::{$info['tid']}", ACCESS_READ)) { continue; } $see = 1; ereg("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $info['time'], $datetime2); $datetime2 = ml_ftime("" . _DATESTRING2 . "", mktime($datetime2[4], $datetime2[5], $datetime2[6], $datetime2[2], $datetime2[3], $datetime2[1])); $datetime2 = ucfirst($datetime2); if ($time2 == $datetime2) { $boxstuff .= "<tr><td valign=\"top\"><big><strong>·</strong></big></td>" . "<td valign=\"top\" width=\"100%\"><span class=\"pn-normal\">" . $preformat['title'] . " ({$info['comments']})</span></td></tr>\n"; } else { $boxstuff .= "<tr><td colspan=\"2\"><b>{$datetime2}</b></td></tr>\n" . "<tr><td valign=\"top\"><big><strong>·</strong></big></td>" . "<td valign=\"top\" width=\"100%\"><span class=\"pn-normal\">{$preformat['title']} ({$info['comments']})</span></td></tr>\n"; $time2 = $datetime2; } $vari++; if ($vari == $vars['limit']) { $usernum = pnUserGetVar('storynum'); if (!empty($usernum)) { $storynum = $usernum; } else { $storynum = pnConfigGetVar('storyhome'); } $min = $oldnum + $storynum; $boxstuff .= "<tr><td> </td><td valign=\"top\"><a class=\"pn-normal\""; if (!isset($catid)) { $boxstuff .= "href=\"modules.php?op=modload&name=Search&file=index&action=search&overview=1&active_stories=1\"><b>" . _OLDERARTICLES . "</b></a></td></tr>\n"; } else { $boxstuff .= "href=\"modules.php?op=modload&name=Search&file=index&action=search&overview=1&active_stories=1&stories_cat[0]={$catid}\"><b>" . _OLDERARTICLES . "</b></a></td></tr>\n"; } } } $boxstuff .= "</table>"; if ($see == 1) { if (empty($row['title'])) { $row['title'] = _PASTARTICLES; } $row['content'] = $boxstuff; return themesideblock($row); } }
/** * List */ function mediashare_user_list($args) { $keyword = mediashareGetStringUrl('key', $args); $uname = mediashareGetStringUrl('uname', $args); $albumId = mediashareGetIntUrl('aid', $args, null); $order = mediashareGetStringUrl('order', $args, 'title'); $orderDir = mediashareGetStringUrl('orderdir', $args); $recordPos = mediashareGetIntUrl('pos', $args, 0); $template = isset($args['tpl']) ? $args['tpl'] : 'list'; if (!($items = pnModAPIFunc('mediashare', 'user', 'getList', compact('keyword', 'uname', 'albumId', 'order', 'orderDir', 'recordPos')))) { return false; } if (!($itemCount = pnModAPIFunc('mediashare', 'user', 'getListCount', compact('keyword', 'uname', 'albumId')))) { return false; } $dom = ZLanguage::getModuleDomain('mediashare'); $filterTexts = array(); if ($keyword != '') { $filterTexts[] = __f('Items tagged with "%s"', DataUtil::formatForDisplay($keyword), $dom); } if ($uname != '') { $filterTexts[] = __f('Items by %s', DataUtil::formatForDisplay($uname), $dom); } if ($albumId != null) { if (!($album = pnModAPIFunc('mediashare', 'user', 'getAlbum', array('albumId' => $albumId)))) { return false; } $albumOwner = pnUserGetVar('uname', $album['ownerId']); $filterTexts[] = __f('Items from %1$s\'s album \'%2$s\'', array(DataUtil::formatForDisplay($albumOwner), $album['title']), $dom); } if (count($filterTexts)) { $filterText = implode(', ', $filterTexts); } else { $filterText = __('All items', $dom); } // Build the output $render =& pnRender::getInstance('mediashare', false); $render->assign('keyword', $keyword); $render->assign('items', $items); $render->assign('itemCount', $itemCount); $render->assign('order', $order); $render->assign('filterText', $filterText); $render->assign('orderTitleClass', $order == 'title' ? ' class="selected"' : ''); $render->assign('orderUnameClass', $order == 'uname' ? ' class="selected"' : ''); $render->assign('orderCreatedClass', $order == 'created' ? ' class="selected"' : ''); $render->assign('orderModifiedClass', $order == 'modified' ? ' class="selected"' : ''); $render->assign('pos', $recordPos); $template = DataUtil::formatForOS($template); if (!$render->template_exists("mediashare_user_{$template}.html")) { $template = 'list'; } return $render->fetch("mediashare_user_{$template}.html"); }
/** * Checks if user controlled block state * * Checks if the user has a state set for a current block * Sets the default state for that block if not present * * @access private */ function pnCheckUserBlock($row) { if (!isset($row['bid'])) { $row['bid'] = ''; } if (pnUserLoggedIn()) { $uid = pnUserGetVar('uid'); $dbconn =& pnDBGetConn(true); $pntable =& pnDBGetTables(); $column =& $pntable['userblocks_column']; $sql = "SELECT {$column['active']}\n\t\t FROM {$pntable['userblocks']}\n\t\t WHERE {$column['bid']} = '" . pnVarPrepForStore($row['bid']) . "'\n\t\t\t AND {$column['uid']} = '" . pnVarPrepForStore($uid) . "'"; $result =& $dbconn->Execute($sql); if ($dbconn->ErrorNo() != 0) { pnSessionSetVar('errormsg', 'Error: ' . $dbconn->ErrorNo() . ': ' . $dbconn->ErrorMsg()); return true; } if ($result->EOF) { $uid = pnVarPrepForStore($uid); $row['bid'] = pnVarPrepForStore($row['bid']); $sql = "INSERT INTO {$pntable['userblocks']}\n\t\t\t \t\t ({$column['uid']},\n\t\t\t\t\t \t\t\t{$column['bid']},\n\t\t\t\t\t \t\t\t{$column['active']})\n\t\t\t\t\tVALUES (" . pnVarPrepForStore($uid) . ",\n\t\t\t\t\t '{$row['bid']}',\n\t\t\t\t\t\t\t" . pnVarPrepForStore($row['defaultstate']) . ")"; $result =& $dbconn->Execute($sql); if ($dbconn->ErrorNo() != 0) { pnSessionSetVar('errormsg', 'Error: ' . $dbconn->ErrorNo() . ': ' . $dbconn->ErrorMsg()); return true; } return true; } else { list($active) = $result->fields; return $active; } } else { return false; } }
/** * User info */ function mediashare_editapi_getUserInfo() { $dom = ZLanguage::getModuleDomain('mediashare'); $user = (int) pnUserGetVar('uid'); $pntable = pnDBGetTables(); $mediaTable = $pntable['mediashare_media']; $mediaColumn = $pntable['mediashare_media_column']; $storageTable = $pntable['mediashare_mediastore']; $storageColumn = $pntable['mediashare_mediastore_column']; $sql = "SELECT SUM({$storageColumn['bytes']})\n FROM {$mediaTable}\n LEFT JOIN {$storageTable} original\n ON original.{$storageColumn['id']} = {$mediaColumn['originalId']}\n WHERE {$mediaColumn['ownerId']} = '{$user}'"; $result = DBUtil::executeSQL($sql); if ($result === false) { return LogUtil::registerError(__f('Error in %1$s: %2$s.', array('editapi.getUserInfo', 'Could not retrieve the user information.'), $dom)); } $limitTotal = pnModGetVar('mediashare', 'mediaSizeLimitTotal'); $totalCapacityUsed = DBUtil::marshallObjects($result, array('used')); $totalCapacityUsed = $totalCapacityUsed[0]['used']; $user = array('totalCapacityUsed' => $totalCapacityUsed, 'totalCapacityLeft' => $totalCapacityUsed > $limitTotal ? 0 : $limitTotal - $totalCapacityUsed, 'mediaSizeLimitSingle' => pnModGetVar('mediashare', 'mediaSizeLimitSingle'), 'mediaSizeLimitTotal' => $limitTotal); return $user; }
function checkuserblock($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!isset($row['bid'])) { $row['bid'] = ''; } if (pnUserLoggedIn()) { $uid = pnUserGetVar('uid'); $column =& $pntable['userblocks_column']; $sql = "SELECT {$column['active']} FROM " . $pntable['userblocks'] . " WHERE " . $column['bid'] . "='" . pnVarPrepForStore($row['bid']) . "' AND " . $column['uid'] . "=" . pnVarPrepForStore($uid); $result = $dbconn->Execute($sql); if ($result === false) { PN_DBMsgError($dbconn, __FILE__, __LINE__, "Error <br>{$sql}"); } if ($result->EOF) { $uid = pnVarPrepForStore($uid); $row['bid'] = pnVarPrepForStore($row['bid']); $sql = "INSERT INTO {$pntable['userblocks']} ({$column['uid']}, {$column['bid']}, {$column['active']}) VALUES (" . pnVarPrepForStore($uid) . ", '{$row['bid']}', '1')"; $result = $dbconn->Execute($sql); if ($result === false) { PN_DBMsgError($dbconn, __FILE__, __LINE__, "Error <br>{$sql}"); } return true; } else { list($active) = $result->fields; return $active; } } else { return false; } }
/** * Timezone Function * * @author Fred B (fredb86) */ function ml_ftime($datefmt, $timestamp = -1) { if (!isset($datefmt)) { return null; } if ($timestamp < 0) { $timestamp = time(); } $day_of_week_short = explode(' ', _DAY_OF_WEEK_SHORT); $month_short = explode(' ', _MONTH_SHORT); $day_of_week_long = explode(' ', _DAY_OF_WEEK_LONG); $month_long = explode(' ', _MONTH_LONG); $ml_date = ereg_replace('%a', $day_of_week_short[(int) strftime('%w', $timestamp)], $datefmt); $ml_date = ereg_replace('%A', $day_of_week_long[(int) strftime('%w', $timestamp)], $ml_date); $ml_date = ereg_replace('%b', $month_short[(int) strftime('%m', $timestamp) - 1], $ml_date); $ml_date = ereg_replace('%B', $month_long[(int) strftime('%m', $timestamp) - 1], $ml_date); if (pnUserLoggedIn()) { $thezone = pnUserGetVar('timezone_offset'); } else { $thezone = pnConfigGetVar('timezone_offset'); } $timezone_all = explode(' ', _TIMEZONES); $offset_all = explode(' ', _TZOFFSETS); $indexofzone = 0; for ($i = 0; $i < sizeof($offset_all); $i++) { if ($offset_all[$i] == $thezone) { $indexofzone = $i; } } $ml_date = ereg_replace('%Z', $timezone_all[$indexofzone], $ml_date); return strftime($ml_date, $timestamp); }
function postcalendar_userapi_eventDetail($args, $admin = false) { if (!(bool) PC_ACCESS_READ) { return _POSTCALENDARNOAUTH; } // get the theme globals :: is there a better way to do this? pnThemeLoad(pnUserGetTheme()); global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5; global $textcolor1, $textcolor2; $popup = pnVarCleanFromInput('popup'); extract($args); unset($args); if (!isset($cacheid)) { $cacheid = null; } if (!isset($eid)) { return false; } if (!isset($nopop)) { $nopop = false; } $uid = pnUserGetVar('uid'); //================================================================= // Find out what Template we're using //================================================================= $template_name = _SETTING_TEMPLATE; if (!isset($template_name)) { $template_name = 'default'; } //================================================================= // Setup Smarty Template Engine //================================================================= $tpl = new pcSmarty(); if ($admin) { $template = $template_name . '/admin/details.html'; $args['cacheid'] = ''; $print = 0; $Date =& postcalendar_getDate(); $tpl->caching = false; } else { $template = $template_name . '/user/details.html'; } if (!$tpl->is_cached($template, $cacheid)) { // let's get the DB information list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); // get the event's information $event =& postcalendar_userapi_pcGetEventDetails($eid); // if the above is false, it's a private event for another user // we should not diplay this - so we just exit gracefully if ($event === false) { return false; } //================================================================= // get event's topic information //================================================================= $topics_table = $pntable['topics']; $topics_column = $pntable['topics_column']; $topicsql = "SELECT {$topics_column['topictext']},{$topics_column['topicimage']}\n FROM {$topics_table}\n WHERE {$topics_column['topicid']} = {$event['topic']}\n LIMIT 1"; $topic_result = $dbconn->Execute($topicsql); list($event['topictext'], $event['topicimg']) = $topic_result->fields; $location = unserialize($event['location']); $event['location'] = $location['event_location']; $event['street1'] = $location['event_street1']; $event['street2'] = $location['event_street2']; $event['city'] = $location['event_city']; $event['state'] = $location['event_state']; $event['postal'] = $location['event_postal']; $event['date'] = str_replace('-', '', $Date); //================================================================= // populate the template //================================================================= if (!empty($event['location']) || !empty($event['street1']) || !empty($event['street2']) || !empty($event['city']) || !empty($event['state']) || !empty($event['postal'])) { $tpl->assign('LOCATION_INFO', true); } else { $tpl->assign('LOCATION_INFO', false); } if (!empty($event['contname']) || !empty($event['contemail']) || !empty($event['conttel']) || !empty($event['website'])) { $tpl->assign('CONTACT_INFO', true); } else { $tpl->assign('CONTACT_INFO', false); } $display_type = substr($event['hometext'], 0, 6); if ($display_type == ':text:') { $prepFunction = 'pcVarPrepForDisplay'; $event['hometext'] = substr($event['hometext'], 6); } elseif ($display_type == ':html:') { $prepFunction = 'pcVarPrepHTMLDisplay'; $event['hometext'] = substr($event['hometext'], 6); } else { $prepFunction = 'pcVarPrepHTMLDisplay'; } unset($display_type); // prep the vars for output $event['title'] =& $prepFunction($event['title']); $event['hometext'] =& $prepFunction($event['hometext']); $event['desc'] =& $event['hometext']; $event['conttel'] =& $prepFunction($event['conttel']); $event['contname'] =& $prepFunction($event['contname']); $event['contemail'] =& $prepFunction($event['contemail']); $event['website'] =& $prepFunction(postcalendar_makeValidURL($event['website'])); $event['fee'] =& $prepFunction($event['fee']); $event['location'] =& $prepFunction($event['location']); $event['street1'] =& $prepFunction($event['street1']); $event['street2'] =& $prepFunction($event['street2']); $event['city'] =& $prepFunction($event['city']); $event['state'] =& $prepFunction($event['state']); $event['postal'] =& $prepFunction($event['postal']); $tpl->assign_by_ref('A_EVENT', $event); //================================================================= // populate the template $ADMIN_OPTIONS //================================================================= $target = ''; if (_SETTING_OPEN_NEW_WINDOW) { $target = 'target="csCalendar"'; } $admin_edit_url = $admin_delete_url = ''; if (pnSecAuthAction(0, 'PostCalendar::', '::', ACCESS_ADMIN)) { $admin_edit_url = pnModURL(__POSTCALENDAR__, 'admin', 'submit', array('pc_event_id' => $eid)); $admin_delete_url = pnModURL(__POSTCALENDAR__, 'admin', 'adminevents', array('action' => _ACTION_DELETE, 'pc_event_id' => $eid)); } $user_edit_url = $user_delete_url = ''; if (pnUserLoggedIn()) { $logged_in_uname = $_SESSION['authUser']; } else { $logged_in_uname = ''; } $can_edit = false; if (pnSecAuthAction(0, 'PostCalendar::', '::', ACCESS_ADD) && validateGroupStatus($logged_in_uname, getUsername($event['uname']))) { $user_edit_url = pnModURL(__POSTCALENDAR__, 'user', 'submit', array('pc_event_id' => $eid)); $user_delete_url = pnModURL(__POSTCALENDAR__, 'user', 'delete', array('pc_event_id' => $eid)); $can_edit = true; } $tpl->assign('STYLE', $GLOBALS['style']); $tpl->assign_by_ref('ADMIN_TARGET', $target); $tpl->assign_by_ref('ADMIN_EDIT', $admin_edit_url); $tpl->assign_by_ref('ADMIN_DELETE', $admin_delete_url); $tpl->assign_by_ref('USER_TARGET', $target); $tpl->assign_by_ref('USER_EDIT', $user_edit_url); $tpl->assign_by_ref('USER_DELETE', $user_delete_url); $tpl->assign_by_ref('USER_CAN_EDIT', $can_edit); } //================================================================= // Parse the template //================================================================= if ($popup != 1 && $print != 1) { $output = "\n\n<!-- START POSTCALENDAR OUTPUT [-: HTTP://POSTCALENDAR.TV :-] -->\n\n"; $output .= $tpl->fetch($template, $cacheid); $output .= "\n\n<!-- END POSTCALENDAR OUTPUT [-: HTTP://POSTCALENDAR.TV :-] -->\n\n"; } else { $theme = pnUserGetTheme(); echo "<html><head>"; echo "<LINK REL=\"StyleSheet\" HREF=\"themes/{$theme}/style/styleNN.css\" TYPE=\"text/css\">\n\n\n"; echo "<style type=\"text/css\">\n"; echo "@import url(\"themes/{$theme}/style/style.css\"); "; echo "</style>\n"; echo "</head><body>\n"; $tpl->display($template, $cacheid); echo postcalendar_footer(); echo "\n</body></html>"; session_write_close(); exit; } return $output; }
/** * get the options for commenting * * @public * @return array the comment options array */ function pnUserGetCommentOptionsArray() { if (pnUserLoggedIn()) { $mode = pnUserGetVar('umode'); $order = pnUserGetVar('uorder'); $thold = pnUserGetVar('thold'); } if (empty($mode)) { $mode = 'thread'; } if (empty($order)) { $order = 0; } if (empty($thold)) { $thold = 0; } return array('mode' => $mode, 'order' => $order, 'thold' => $thold); }
function pnMailHackAttempt($detecting_file = "(no filename available)", $detecting_line = "(no line number available)", $hack_type = "(no type given)", $message = "(no message given)") { # Backwards compatibility fix with php 4.0.x and 4.1.x or greater Neo if (phpversion() >= "4.2.0") { $_pv = $_POST; $_gv = $_GET; $_rv = $_REQUEST; $_sv = $_SERVER; $_ev = $_ENV; $_cv = $_COOKIE; $_fv = $_FILES; $_snv = $_SESSION; } else { global $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $HTTP_COOKIE_VARS, $HTTP_POST_FILES, $HTTP_SESSION_VARS; $_pv = $HTTP_POST_VARS; $_gv = $HTTP_GET_VARS; $_rv = array(); $_sv = $HTTP_SERVER_VARS; $_ev = $HTTP_ENV_VARS; $_cv = $HTTP_COOKIE_VARS; $_fv = $HTTP_POST_FILES; $_snv = $HTTP_SESSION_VARS; } $output = "Attention site admin of " . pnConfigGetVar('sitename') . ",\n"; $output .= "On " . ml_ftime(_DATEBRIEF, GetUserTime(time())); $output .= " at " . ml_ftime(_TIMEBRIEF, GetUserTime(time())); $output .= " the Postnuke code has detected that somebody tried to" . " send information to your site that may have been intended" . " as a hack. Do not panic, it may be harmless: maybe this" . " detection was triggered by something you did! Anyway, it" . " was detected and blocked. \n"; $output .= "The suspicious activity was recognized in {$detecting_file} " . "on line {$detecting_line}, and is of the type {$hack_type}. \n"; $output .= "Additional information given by the code which detected this: " . $message; $output .= "\n\nBelow you will find a lot of information obtained about " . "this attempt, that may help you to find what happened and " . "maybe who did it.\n\n"; $output .= "\n=====================================\n"; $output .= "Information about this user:\n"; $output .= "=====================================\n"; if (!pnUserLoggedIn()) { $output .= "This person is not logged in.\n"; } else { $output .= "Postnuke username: "******"\n" . "Registered email of this Postnuke user: "******"\n" . "Registered real name of this Postnuke user: "******"\n"; } $output .= "IP numbers: [note: when you are dealing with a real cracker " . "these IP numbers might not be from the actual computer he is " . "working on]" . "\n\t IP according to HTTP_CLIENT_IP: " . getenv('HTTP_CLIENT_IP') . "\n\t IP according to REMOTE_ADDR: " . getenv('REMOTE_ADDR') . "\n\t IP according to GetHostByName(\$REMOTE_ADDR): " . GetHostByName($REMOTE_ADDR) . "\n\n"; $output .= "\n=====================================\n"; $output .= "Information in the \$_REQUEST array\n"; $output .= "=====================================\n"; while (list($key, $value) = each($_rv)) { $output .= "REQUEST * {$key} : {$value}\n"; } $output .= "\n=====================================\n"; $output .= "Information in the \$_GET array\n"; $output .= "This is about variables that may have been "; $output .= "in the URL string or in a 'GET' type form.\n"; $output .= "=====================================\n"; while (list($key, $value) = each($_gv)) { $output .= "GET * {$key} : {$value}\n"; } $output .= "\n=====================================\n"; $output .= "Information in the \$_POST array\n"; $output .= "This is about visible and invisible form elements.\n"; $output .= "=====================================\n"; while (list($key, $value) = each($_pv)) { $output .= "POST * {$key} : {$value}\n"; } $output .= "\n=====================================\n"; $output .= "Browser information\n"; $output .= "=====================================\n"; global $HTTP_USER_AGENT; $output .= "HTTP_USER_AGENT: " . $HTTP_USER_AGENT . "\n"; $browser = (array) get_browser(); while (list($key, $value) = each($browser)) { $output .= "BROWSER * {$key} : {$value}\n"; } $output .= "\n=====================================\n"; $output .= "Information in the \$_SERVER array\n"; $output .= "=====================================\n"; while (list($key, $value) = each($_sv)) { $output .= "SERVER * {$key} : {$value}\n"; } $output .= "\n=====================================\n"; $output .= "Information in the \$_ENV array\n"; $output .= "=====================================\n"; while (list($key, $value) = each($_ev)) { $output .= "ENV * {$key} : {$value}\n"; } $output .= "\n=====================================\n"; $output .= "Information in the \$_COOKIE array\n"; $output .= "=====================================\n"; while (list($key, $value) = each($_cv)) { $output .= "COOKIE * {$key} : {$value}\n"; } $output .= "\n=====================================\n"; $output .= "Information in the \$_FILES array\n"; $output .= "=====================================\n"; while (list($key, $value) = each($_fv)) { $output .= "FILES * {$key} : {$value}\n"; } $output .= "\n=====================================\n"; $output .= "Information in the \$_SESSION array\n"; $output .= "This is session info. The variables\n"; $output .= " starting with PNSV are PostNukeSessionVariables.\n"; $output .= "=====================================\n"; while (list($key, $value) = each($_snv)) { $output .= "SESSION * {$key} : {$value}\n"; } $sitename = pnConfigGetVar('sitename'); $adminmail = pnConfigGetVar('adminmail'); $headers = "From: {$sitename} <{$adminmail}>\n" . "X-Priority: 1 (Highest)\n"; pnMail($adminmail, 'Attempted hack on your site? (type: ' . $hack_type . ')', $output, $headers); return; }
function print_details() { /* show error page */ // Request access to the global variables we need global $fontface, $fontsize, $docroot, $REQUEST_URI, $PHP_SELF; global $bgcolor, $textcolor; global $currentlang; list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $sitename = pnConfigGetVar('sitename'); $reportlevel = pnConfigGetVar('reportlevel'); $funtext = pnConfigGetVar('funtext'); $top = pnConfigGetVar('top'); if (pnConfigGetVar('multilingual') == 1) { $queryalang = "WHERE (alanguage='{$currentlang}' OR alanguage='')"; /* top stories */ } else { $queryalang = ""; } global $HTTP_SERVER_VARS; global $doc; $doc = getenv('REDIRECT_URL'); if (empty($HTTP_SERVER_VARS['HTTP_HOST'])) { $server = getenv('HTTP_HOST'); } else { $server = $HTTP_SERVER_VARS['HTTP_HOST']; } $doc = "http://{$server}{$doc}"; include "header.php"; OpenTable(); ?> <a class="pn-logo"><?php echo "" . _ERR404 . ""; ?> </a><br> <font class="pn-logo-small"><?php echo "" . _ERRPAGENF . " "; echo $doc; ?> </font><hr> <?php echo "<font class=\"pn-normal\">" . _ERRSORRY . ", {$doc}, "; echo "" . _ERRDOESNTEXIST . " \" {$sitename} \"<P></font>"; if ($reportlevel != 0) { echo "<p><font style=\"pn-normal\">"; echo "" . _ERRMAILED . ""; } if ($funtext != 0) { fun(); } ?> <br><p> <a class="pn-storytitle"><?php echo "" . _ERRCOMMONM . ""; ?> </a><br> <font class="pn-normal"><?php echo "" . _ERRCOMMONH . ""; ?> <?php echo "{$sitename}"; ?> : <UL> <LI><?php echo "" . _ERRURLEND . ""; ?> <CODE>.htm</CODE> - <STRONG><?php echo "" . _ERRALLPAGES . " \"{$sitename}\" " . _ERRENDWITH . ""; ?> <CODE>.php</CODE></STRONG> <LI><?php echo "" . _ERRUPPERCASE . ""; ?> - <STRONG><?php echo "" . _ERRALLLOWER . ""; ?> </STRONG> </UL></font></p> <a class="pn-storytitle"><?php echo "" . _ERRPOPPAGES . ""; ?> </a><br> <?php /*** * fifers: don't know what the $alanguage does here. left it in * because it always seems to be empty and I wasn't sure what it * was doing! */ $column =& $pntable['stories_column']; $sql = "SELECT {$column['sid']}, {$column['title']}, {$column['time']}, {$column['counter']} FROM {$pntable['stories']} ORDER BY {$column['counter']} DESC"; $result = $dbconn->SelectLimit($sql, $top); if ($result === false) { PN_DBMsgError($dbconn, __FILE__, __LINE__, "Error"); } if (!$result->EOF) { echo "<table border=\"0\" cellpadding=\"10\" width=\"100%\"><tr><td align=\"left\">\n" . "<font class=\"pn-title\">{$top} " . _READSTORIES . "</font><br><br>\n"; $lugar = 1; while (list($sid, $title, $time, $counter) = $result->fields) { if ($counter > 0) { $mode = pnUserGetVar('umode'); if (!empty($mode)) { $commentlink = "&mode={$mode}"; } else { $commentlink = '&mode=thread'; } echo "<font class=\"pn-normal\"> {$lugar}:</font> <a href=\"modules.php?op=modload&name=News&file=article&sid={$sid}{$commentlink}\">{$title}</a><font class=\"pn-normal\"> - ({$counter} " . _READS . ")</font><br>\n"; $lugar++; } $result->MoveNext(); } echo "</td></tr></table><br>\n"; } ?> </font><br> <a class="pn-storytitle"><?php echo "" . _ERRTRYHOME . ""; ?> </a></br> <font class="pn-normal"><?php echo "" . _ERRSTARTHERE . ""; ?> <A HREF="/"> <?php echo "{$sitename}</a> " . _ERRHP; ?> .</font> <p> <a class="pn-storytitle"><?php echo "" . _SEARCH . ""; ?> </a></br> <font class="pn-normal"><?php echo "" . _ERRFOPTION . ""; ?> . <CENTER><form action="modules.php" method=post> <!-- Credit to Mayday (mayday6971) for fix --> <input type="hidden" name="active_stories" value="1"> <input type="hidden" name="bool" value="AND"> <input type="hidden" name="stories_cat" value=""> <input type="hidden" name="stories_topics" value=""> <input type="hidden" name="op" value="modload"> <input type="hidden" name="name" value="Search"> <input type="hidden" name="file" value="index"> <input type="hidden" name="action" value="search"> <input type="hidden" name="overview" value="1"> <font size="-1" color="#000000"><br><b> <?php echo "" . _SEARCH . ""; ?> <?php echo $sitename; ?> </b><br> <input class="pn-text" type=name name=query size="25"></font></form></CENTER> <CENTER><form action="modules.php" method=post> <!-- Credit to Mayday (mayday6971) for fix --> <input type="hidden" name="active_stories" value="1"> <input type="hidden" name="stories_author" value=""> <input type="hidden" name="bool" value="AND"> <input type="hidden" name="stories_cat" value=""> <input type="hidden" name="q" value=""> <input type="hidden" name="op" value="modload"> <input type="hidden" name="name" value="Search"> <input type="hidden" name="file" value="index"> <input type="hidden" name="action" value="search"> <input type="hidden" name="overview" value="1"> <FONT size="-1"><BR><B><?php echo "" . _SEARCH . ""; ?> </B><?php echo "" . _TOPIC . ""; ?> <BR> <!-- Topic Selection --> <?php echo "<select class=\"pn-text\" NAME=\"topic\"onChange='submit()'>"; $column =& $pntable['topics_column']; $query = "SELECT {$column['tid']}, {$column['topictext']}\n FROM {$pntable['topics']}\n ORDER BY {$column['topictext']}"; $toplist = $dbconn->Execute($query); echo "<option value=\"\">" . _SELECTTOPIC . "</option>\n"; while (list($topicid, $topics) = $toplist->fields) { $toplist->MoveNext(); if ($topicid == $topic) { $sel = "selected "; } echo "<option {$sel} value=\"{$topicid}\">{$topics}</option>\n"; $sel = ""; } echo "</select>"; ?> </FONT></FORM></CENTER> </p> <a href="#" onload="type_text()"></a> <?php CloseTable(); include "footer.php"; }
/** * get authorisation information for this user * * @public * @return array two element array of user and group permissions */ function pnSecGetAuthInfo() { // Load the groups db info pnModDBInfoLoad('Groups'); pnModDBInfoLoad('Permissions'); $dbconn =& pnDBGetConn(true); $pntable =& pnDBGetTables(); // Tables we use $userpermtable = $pntable['user_perms']; $userpermcolumn =& $pntable['user_perms_column']; $groupmembershiptable = $pntable['group_membership']; $groupmembershipcolumn =& $pntable['group_membership_column']; $grouppermtable = $pntable['group_perms']; $grouppermcolumn =& $pntable['group_perms_column']; $realmtable = $pntable['realms']; $realmcolumn =& $pntable['realms_column']; // Empty arrays $userperms = array(); $groupperms = array(); $uids[] = -1; // Get user ID if (!pnUserLoggedIn()) { // Unregistered UID $uids[] = 0; $vars['Active User'] = '******'; } else { $uids[] = pnUserGetVar('uid'); $vars['Active User'] = pnUserGetVar('uid'); } $uids = implode(",", $uids); // Get user permissions $query = "SELECT {$userpermcolumn['realm']},\n {$userpermcolumn['component']},\n {$userpermcolumn['instance']},\n {$userpermcolumn['level']}\n FROM {$userpermtable}\n WHERE {$userpermcolumn['uid']} IN (" . pnVarPrepForStore($uids) . ")\n ORDER by {$userpermcolumn['sequence']}"; $result =& $dbconn->Execute($query); if ($dbconn->ErrorNo() != 0) { return array($userperms, $groupperms); } while (list($realm, $component, $instance, $level) = $result->fields) { $result->MoveNext(); //itevo $component = fixsecuritystring($component); $instance = fixsecuritystring($instance); $userperms[] = array('realm' => $realm, 'component' => $component, 'instance' => $instance, 'level' => $level); } // Get all groups that user is in $query = "SELECT {$groupmembershipcolumn['gid']}\n FROM {$groupmembershiptable}\n WHERE {$groupmembershipcolumn['uid']} IN (" . pnVarPrepForStore($uids) . ")"; $result =& $dbconn->Execute($query); if ($dbconn->ErrorNo() != 0) { return array($userperms, $groupperms); } $usergroups[] = -1; if (!pnUserLoggedIn()) { // Unregistered GID $usergroups[] = 0; } while (list($gid) = $result->fields) { $result->MoveNext(); $usergroups[] = $gid; } $usergroups = implode(",", $usergroups); // Get all group permissions $query = "SELECT {$grouppermcolumn['realm']},\n {$grouppermcolumn['component']},\n {$grouppermcolumn['instance']},\n {$grouppermcolumn['level']}\n FROM {$grouppermtable}\n WHERE {$grouppermcolumn['gid']} IN (" . pnVarPrepForStore($usergroups) . ")\n ORDER by {$grouppermcolumn['sequence']}"; $result =& $dbconn->Execute($query); if ($dbconn->ErrorNo() != 0) { return array($userperms, $groupperms); } while (list($realm, $component, $instance, $level) = $result->fields) { $result->MoveNext(); //itevo $component = fixsecuritystring($component); $instance = fixsecuritystring($instance); // Search/replace of special names preg_match_all("/<([^>]+)>/", $instance, $res); for ($i = 0; $i < count($res[1]); $i++) { $instance = preg_replace("/<([^>]+)>/", $vars[$res[1][$i]], $instance, 1); } $groupperms[] = array('realm' => $realm, 'component' => $component, 'instance' => $instance, 'level' => $level); } // we've now got the permissions info $GLOBALS['authinfogathered'] = 1; return array($userperms, $groupperms); }
/** * postcalendar_userapi_eventPreview * Creates the detailed event display and outputs html. * Accepts an array of key/value pairs * @param array $event array of event details from the form * @return string html output * @access public */ function postcalendar_userapi_eventPreview($args) { // get the theme globals :: is there a better way to do this? pnThemeLoad(pnUserGetTheme()); global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5; global $textcolor1, $textcolor2; extract($args); unset($args); $uid = pnUserGetVar('uid'); //================================================================= // Setup Smarty Template Engine //================================================================= $tpl = new pcSmarty(); $tpl->caching = false; // add preceding zeros $event_starttimeh = sprintf('%02d', $event_starttimeh); $event_starttimem = sprintf('%02d', $event_starttimem); $event_startday = sprintf('%02d', $event_startday); $event_startmonth = sprintf('%02d', $event_startmonth); $event_endday = sprintf('%02d', $event_endday); $event_endmonth = sprintf('%02d', $event_endmonth); if (!(bool) _SETTING_TIME_24HOUR) { if ($event_startampm == _PM_VAL) { if ($event_starttimeh != 12) { $event_starttimeh += 12; } } elseif ($event_startampm == _AM_VAL) { if ($event_starttimeh == 12) { $event_starttimeh = 00; } } } $event_startampm . " - "; $startTime = $event_starttimeh . ':' . $event_starttimem . ' '; $event = array(); $event['eid'] = ''; $event['uname'] = $uname; $event['catid'] = $event_category; if ($pc_html_or_text == 'html') { $prepFunction = 'pcVarPrepHTMLDisplay'; } else { $prepFunction = 'pcVarPrepForDisplay'; } $event['title'] = $prepFunction($event_subject); $event['hometext'] = $prepFunction($event_desc); $event['desc'] = $event['hometext']; $event['date'] = $event_startyear . $event_startmonth . $event_startday; $event['duration'] = $event_duration; $event['duration_hours'] = $event_dur_hours; $event['duration_minutes'] = $event_dur_minutes; $event['endDate'] = $event_endyear . '-' . $event_endmonth . '-' . $event_endday; $event['startTime'] = $startTime; $event['recurrtype'] = ''; $event['recurrfreq'] = ''; $event['recurrspec'] = $event_recurrspec; $event['topic'] = $event_topic; $event['alldayevent'] = $event_allday; $event['conttel'] = $prepFunction($event_conttel); $event['contname'] = $prepFunction($event_contname); $event['contemail'] = $prepFunction($event_contemail); $event['website'] = $prepFunction(postcalendar_makeValidURL($event_website)); $event['fee'] = $prepFunction($event_fee); $event['location'] = $prepFunction($event_location); $event['street1'] = $prepFunction($event_street1); $event['street2'] = $prepFunction($event_street2); $event['city'] = $prepFunction($event_city); $event['state'] = $prepFunction($event_state); $event['postal'] = $prepFunction($event_postal); //================================================================= // get event's topic information //================================================================= if (_SETTING_DISPLAY_TOPICS) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); $topics_table = $pntable['topics']; $topics_column = $pntable['topics_column']; $topicsql = "SELECT {$topics_column['topictext']},{$topics_column['topicimage']}\n \t \t FROM {$topics_table}\n \t \t WHERE {$topics_column['topicid']} = {$event['topic']}\n \t \t LIMIT 1"; $topic_result = $dbconn->Execute($topicsql); list($event['topictext'], $event['topicimg']) = $topic_result->fields; $topic_result->Close(); } else { $event['topictext'] = $event['topicimg'] = ''; } //================================================================= // Find out what Template we're using //================================================================= $template_name = _SETTING_TEMPLATE; if (!isset($template_name)) { $template_name = 'default'; } //================================================================= // populate the template //================================================================= if (!empty($event['location']) || !empty($event['street1']) || !empty($event['street2']) || !empty($event['city']) || !empty($event['state']) || !empty($event['postal'])) { $tpl->assign('LOCATION_INFO', true); } else { $tpl->assign('LOCATION_INFO', false); } if (!empty($event['contname']) || !empty($event['contemail']) || !empty($event['conttel']) || !empty($event['website'])) { $tpl->assign('CONTACT_INFO', true); } else { $tpl->assign('CONTACT_INFO', false); } $tpl->assign_by_ref('A_EVENT', $event); $tpl->assign('STYLE', $GLOBALS['style']); //================================================================= // Parse the template //================================================================= $output = "\n\n<!-- POSTCALENDAR HTTP://WWW.BAHRAINI.TV -->\n\n"; $output .= "\n\n<!-- POSTCALENDAR TEMPLATE START -->\n\n"; $output .= $tpl->fetch($template_name . '/user/preview.html'); $output .= "\n\n<!-- POSTCALENDAR TEMPLATE END -->\n\n"; return $output; }
function blocks_online_block($row) { list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); if (!pnSecAuthAction(0, 'Onlineblock::', "{$row['title']}::", ACCESS_READ)) { return; } $sessioninfocolumn =& $pntable['session_info_column']; $sessioninfotable = $pntable['session_info']; $sessioninfocolumn =& $pntable['session_info_column']; $sessioninfotable = $pntable['session_info']; $activetime = time() - pnConfigGetVar('secinactivemins') * 60; $query = "SELECT count( 1 )\n FROM {$sessioninfotable}\n WHERE {$sessioninfocolumn['lastused']} > {$activetime} AND {$sessioninfocolumn['uid']} >0\n\t\t GROUP BY {$sessioninfocolumn['uid']}\n\t\t "; $result = $dbconn->Execute($query); $numusers = $result->RecordCount(); $result->Close(); $query2 = "SELECT count( 1 )\n FROM {$sessioninfotable}\n WHERE {$sessioninfocolumn['lastused']} > {$activetime} AND {$sessioninfocolumn['uid']} = '0'\n\t\t\t GROUP BY {$sessioninfocolumn['ipaddr']}\n\t\t\t "; $result2 = $dbconn->Execute($query2); $numguests = $result2->RecordCount(); $result2->Close(); // Pluralise if ($numguests == 1) { $guests = _GUEST; } else { $guests = _GUESTS; } if ($numusers == 1) { $users = _MEMBER; } else { $users = _MEMBERS; } $content = "<span class=\"pn-normal\">" . _CURRENTLY . " " . pnVarPrepForDisplay($numguests) . " " . pnVarPrepForDisplay($guests) . " " . _AND . " " . pnVarPrepForDisplay($numusers) . " " . pnVarPrepForDisplay($users) . " " . _ONLINE . "<br />\n"; if (pnUserLoggedIn()) { $content .= '<br />' . _YOUARELOGGED . ' <b>' . pnUserGetVar('uname') . '</b>.<br />'; if (pnModAvailable('Messages')) { // display private messages only when module is active $column =& $pntable['priv_msgs_column']; $result2 = $dbconn->Execute("SELECT count(*) FROM {$pntable['priv_msgs']} WHERE {$column['to_userid']}=" . pnUserGetVar('uid')); list($numrow) = $result2->fields; // get unread messages $result3 = $dbconn->Execute("SELECT count(*) FROM {$pntable['priv_msgs']} WHERE {$column['to_userid']}=" . pnUserGetVar('uid') . " AND {$column['read_msg']}='0'"); list($unreadrow) = $result3->fields; if ($numrow == 0) { $content .= '<br /></span>'; } else { $content .= "<br />" . _YOUHAVE . " (<a class=\"pn-normal\" href=\"modules.php?op=modload&name=Messages&file=index\" title=\"" . _PRIVATEMSGS . "\">" . pnVarPrepForDisplay($numrow) . "</a>|<a class=\"pn-normal\" href=\"modules.php?op=modload&name=Messages&file=index\" title=\"" . _PRIVATEMSGNEW . "\">" . pnVarPrepForDisplay($unreadrow) . "</a>) "; if ($numrow == 1) { $content .= _PRIVATEMSG; } elseif ($numrow > 1) { $content .= _PRIVATEMSGS; } $content .= "</span><br />"; } } } else { $content .= '<br />' . _YOUAREANON . '</span><br />'; } if (empty($row['title'])) { $row['title'] = _WHOSONLINE; } $row['content'] = $content; return themesideblock($row); }
/** * get a Time String in the right format * * * @param time $ - prefix string * @return mixed string if successfull, false if not */ function GetUserTime($time) { if (empty($time)) { return; } if (pnUserLoggedIn()) { $time += (pnUserGetVar('timezone_offset') - pnConfigGetVar('timezone_offset')) * 3600; } else { $time += (12 - pnConfigGetVar('timezone_offset')) * 3600; } return $time; }