protected function _migrate_home()
{
$sql = 'SELECT *
FROM _members
WHERE user_id > 1
ORDER BY user_id';
$members = sql_rowset($sql);
foreach ($members as $row) {
foreach ($row as $k => $v) {
if (is_null($v)) {
$row->{$k} = '';
}
}
$sql_insert = array('bio_type' => $row->user_type, 'bio_level' => $row->user_level, 'bio_active' => $row->user_active, 'bio_alias' => $row->username_base, 'bio_name' => $row->username, 'bio_first' => '', 'bio_last' => '', 'bio_key' => $row->user_password, 'bio_address' => $row->user_email, 'bio_gender' => $row->user_gender, 'bio_birth' => $row->user_birthday, 'bio_birthlast' => $row->user_birthday_last, 'bio_regip' => $row->user_regip, 'bio_regdate' => $row->user_regdate, 'bio_session_time' => $row->user_session_time, 'bio_lastpage' => $row->user_lastpage, 'bio_timezone' => $row->user_timezone, 'bio_dst' => $row->user_dst, 'bio_dateformat' => $row->user_dateformat, 'bio_lang' => $row->user_lang, 'bio_country' => $row->user_country, 'bio_avatar' => $row->user_avatar, 'bio_actkey' => '', 'bio_recovery' => '', 'bio_fails' => $row->user_login_tries);
$sql = 'INSERT INTO _bio' . sql_build('INSERT', $sql_insert);
sql_query($sql);
}
return _pre('OK.', true);
}
public function insert_unread($uid, $cat, $el) {
$row = array(
'user_id' => (int) $uid,
'element' => (int) $cat,
'item' => (int) $el,
'datetime' => (int) $this->time
);
$sql = 'INSERT LOW_PRIORITY INTO _members_unread' . sql_build('INSERT', $row);
sql_query($sql);
}
public function _help_edit() {
global $user, $cache;
$error = array();
$sub = $this->control->get_var('sub', '');
$id = $this->control->get_var('id', 0);
$submit = _button();
switch ($sub) {
case 'cat':
$sql = 'SELECT c.*, m.*
FROM _help_cat c, _help_modules m
WHERE c.help_id = ?
AND c.help_module = m.module_id';
if (!$cat_data = sql_fieldrow(sql_filter($sql, $id))) {
fatal_error();
}
$order = $this->control->get_var('order', '');
if (!empty($order)) {
if (preg_match('/_(\d+)/', $order)) {
$sig = '-';
$order = str_replace('_', '', $order);
} else {
$sig = '+';
}
$sql = 'UPDATE _help_cat SET help_order = help_order ?? ??
WHERE help_id = ?';
sql_query(sql_filter($sql, $sig, $order, $id));
$this->_help_edit_move();
$cache->delete('help_cat');
redirect(s_link_control('comments', array('mode' => $this->mode)));
} // IF order
$module_id = $cat_data['help_module'];
$help_es = $cat_data['help_es'];
$help_en = $cat_data['help_en'];
break;
case 'faq':
$sql = 'SELECT *
FROM _help_faq
WHERE faq_id = ?';
if (!$faq_data = sql_fieldrow(sql_filter($sql, $id))) {
fatal_error();
}
$question_es = $faq_data['faq_question_es'];
$question_en = $faq_data['faq_question_en'];
$answer_es = $faq_data['faq_answer_es'];
$answer_en = $faq_data['faq_answer_en'];
$help_id = $faq_data['help_id'];
break;
default:
redirect(s_link_control('comments', array('mode' => $this->mode)));
break;
}
// IF submit
if ($submit) {
switch ($sub) {
case 'cat':
$module_id = $this->control->get_var('module_id', 0);
$help_es = $this->control->get_var('help_es', '');
$help_en = $this->control->get_var('help_en', '');
if (empty($help_es) || empty($help_en)) {
$error[] = 'CONTROL_COMMENTS_HELP_EMPTY';
}
// Update
if (!sizeof($error)) {
$sql_update = array(
'help_es' => $help_es,
'help_en' => $help_en,
'help_module' => (int) $module_id
);
$sql = 'UPDATE _help_cat SET ??
WHERE help_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $id));
$cache->delete('help_cat');
redirect(s_link_control('comments', array('mode' => $this->mode)));
}
break;
case 'faq':
$question_es = $this->control->get_var('question_es', '');
$question_en = $this->control->get_var('question_en', '');
$answer_es = $this->control->get_var('answer_es', '');
$answer_en = $this->control->get_var('answer_en', '');
$help_id = $this->control->get_var('help_id', 0);
if (empty($question_es) || empty($question_en) || empty($answer_es) || empty($answer_en)) {
$error[] = 'CONTROL_COMMENTS_HELP_EMPTY';
}
if (!sizeof($error)) {
$sql = 'SELECT *
FROM _help_cat
WHERE help_id = ?';
if (!$cat_data = sql_fieldrow(sql_filter($sql, $help_id))) {
$error[] = 'CONTROL_COMMENTS_HELP_NOCAT';
}
}
// Update
if (!sizeof($error)) {
$sql_update = array(
'help_id' => (int) $help_id,
'faq_question_es' => $question_es,
'faq_question_en' => $question_en,
'faq_answer_es' => $answer_es,
'faq_answer_en' => $answer_en
);
$sql = 'UPDATE _help_faq SET ??
WHERE faq_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $id));
$cache->delete('help_faq');
redirect(s_link_control('comments', array('mode' => $this->mode)));
}
break;
} // switch
if (sizeof($error)) {
_style('error', array(
'MESSAGE' => parse_error($error))
);
}
}
$this->nav();
$this->control->set_nav(array('mode' => $this->mode, 'manage' => $this->manage, 'sub' => $sub, 'id' => $id), 'CONTROL_EDIT');
$layout_vars = array(
'SUB' => $sub,
'S_HIDDEN' => s_hidden(array('module' => $this->control->module, 'mode' => $this->mode, 'manage' => $this->manage, 'sub' => $sub, 'id' => $id))
);
switch ($sub) {
case 'cat':
$sql = 'SELECT *
FROM _help_modules
ORDER BY module_id';
$result = sql_rowset($sql);
$select_mod = '';
foreach ($result as $row) {
$selected = ($row['module_id'] == $module_id);
$select_mod .= '<option' . (($selected) ? ' class="bold"' : '') . ' value="' . $row['module_id'] . '"' . (($selected) ? ' selected' : '') . '>' . $row['module_name'] . '</option>';
}
$layout_vars += array(
'MODULE' => $select_mod,
'HELP_ES' => $help_es,
'HELP_EN' => $help_en
);
break;
case 'faq':
$sql = 'SELECT *
FROM _help_cat
ORDER BY help_id';
$result = sql_rowset($sql);
$select_cat = '';
foreach ($result as $row) {
$selected = ($row['help_id'] == $help_id);
$select_cat .= '<option' . (($selected) ? ' class="bold"' : '') . ' value="' . $row['help_id'] . '"' . (($selected) ? ' selected' : '') . '>' . $row['help_es'] . ' | ' . $row['help_en'] . '</option>';
}
$layout_vars += array(
'CATEGORY' => $select_cat,
'QUESTION_ES' => $question_es,
'QUESTION_EN' => $question_en,
'ANSWER_ES' => $answer_es,
'ANSWER_EN' => $answer_en
);
break;
}
_style($layout_vars);
return;
}
protected function _posts_modify()
{
global $bio;
gfatal();
if (!$bio->v('auth_bio_post_modify')) {
$warning->now();
}
$v = $this->__(w('id 0 content'));
foreach ($v as $k => $vv) {
if (empty($vv)) {
$warning->now('#NO_' . $k);
}
}
$sql = 'SELECT post_id
FROM _bio_posts
WHERE post_id = ?
AND post_bio = ?';
if (!($post = sql_fieldrow(sql_filter($sql, $v->id, $bio->v('bio_id'))))) {
$warning->now();
}
$sql_update = array('post_content' => _prepare($v->content));
$sql = 'UPDATE _bio_posts SET ' . sql_build('UPDATE', $sql_update) . sql_filter('
WHERE post_id = ?', $v->id);
sql_query($sql);
return redirect(_link('alias', array('alias' => $bio->v('bio_alias'), 'messages', $post->post_id)));
}
protected function _publish_home()
{
global $bio;
$v = $this->__(w('address key subject content playing f 0 p 0'));
// TODO: Implement bio authorization
$this->_bio_publish($v->address, $v->key);
//
if (!$v->forum && !$v->post) {
$warning->now();
}
if ($v->forum) {
if (empty($v->subject)) {
$this->_error('NO_TOPIC_SUBJECT');
}
$sql = 'SELECT *
FROM _board_forums
WHERE forum_id = ?';
if (!($forum = sql_fieldrow(sql_filter($sql, $v->forum)))) {
$warning->now();
}
$v->subject = _subject($v->subject);
} else {
$sql = 'SELECT *
FROM _board_posts
WHERE post_id = ?';
if (!($post = sql_fieldrow(sql_filter($sql, $v->post)))) {
$warning->now();
}
$sql = 'SELECT *
FROM _board_topics
WHERE topic_id = ?';
if (!($topic = sql_fieldrow(sql_filter($sql, $post->post_topic)))) {
$warning->now();
}
}
if ($v->forum) {
if ($forum->forum_locked && !$this->auth_forum($forum, 'create')) {
$warning->now();
}
}
if (empty($v->content)) {
$this->_error('NO_TOPIC_CONTENT');
}
$v->content = _prepare($v->content);
// Start insert transaction
sql_transaction();
$sql_commit = false;
if ($v->forum) {
// Insert topic
$sql_insert = array('forum' => $v->forum, 'subject' => $v->subject, 'author' => $bio->v('bio_id'), 'time' => time(), 'active' => $bio->v('bio_confirmed'));
$v->topic_next = sql_put('_board_topics', prefix('topic', $sql_insert));
// Insert post
$sql_insert = array('forum' => $v->forum, 'topic' => $v->topic_next, 'parent' => 0, 'bio' => $bio->v('bio_id'), 'time' => time(), 'active' => $bio->v('bio_confirmed'), 'message' => $v->content, 'playing' => $v->playing);
$v->post_next = sql_put('_board_posts', prefix('post', $sql_insert));
if ($v->topic_next && $v->post_next) {
$sql_commit = true;
}
} else {
$sql_insert = array('forum' => $topic->topic_forum, 'topic' => $topic->topic_id, 'parent' => $v->post, 'bio' => $bio->v('bio_id'), 'time' => time(), 'active' => $bio->v('bio_confirmed'), 'message' => $v->content, 'playing' => $v->playing);
$v->post_next = sql_put('_board_posts', prefix('post', $sql_insert));
$sql_update = w();
$sql = 'UPDATE _board_topics SET topic_replies = topic_replies + 1' . sql_build('UPDATE', $sql_update) . sql_filter('
WHERE topic_id = ?', $topic->topic_id);
$updated = sql_affected($sql);
if ($v->post_next && $updated) {
$sql_commit = true;
}
}
if (!$sql_commit) {
sql_transaction('rollback');
$this->_error('ROLLBACK_MESSAGE');
}
sql_transaction('commit');
if (is_ghost() && $v->post) {
if ($bio->v('bio_confirmed')) {
$response = array('show' => 1, 'parent' => $v->post, 'post' => $v->post_next, 'content' => _message($v->content), 'time' => _format_date(), 'profile' => array('link' => _link_bio($bio->v('bio_alias')), 'name' => $bio->v('bio_name')));
} else {
$response = array('show' => 0, 'legend' => _lang('PUBLISH_TOPIC_GUEST'));
}
$this->output(json_encode($response));
}
return redirect(_link('board', array('topic', $v->topic)));
}
function _edit_home() {
global $user, $style;
$v = $this->__(array('id' => 0));
$sql = 'SELECT *
FROM _email
WHERE email_id = ?';
$email = sql_fieldrow(sql_filter($sql, $v['id']));
if (!$email = sql_fieldrow(sql_filter($sql, $v['id']))) {
$this->e('El registro de email no existe.');
}
$v_fields = array('data', 'batch', 'gretting', 'from', 'from_address', 'subject', 'message');
if (_button()) {
$v = array_merge($v, $this->__($v_fields));
$v['data'] = '_email_' . $v['data'];
$v['message'] = str_replace(array('<', '>', '"'), array('<', '>', '"'), $v['message']);
$sql = 'UPDATE _email SET ??
WHERE email_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', ksql('email', $v)), $v['id']));
$this->e('El mensaje programado fue actualizado.');
}
$tables = sql_rowset('SHOW TABLES', false, false, false, MYSQL_NUM);
$i = 0;
foreach ($tables as $table) {
$table = $table[0];
$search = '_email_';
if (preg_match('#' . $search . '#i', $table)) {
if (!$i) {
$style->assign_block_vars('tables', array());
}
$style->assign_block_vars('tables.row', array(
'TABLE' => str_replace($search, '', $table))
);
$i++;
}
}
$sv = array();
foreach ($v_fields as $field) {
$sv[strtoupper($field)] = $email['email_' . $field];
}
$this->as_vars($sv);
}
public function auth_update($f, $v = false, $uid = false)
{
global $core;
if ($uid === false) {
$uid = $this->v('bio_id');
}
$field = $this->auth_field($f);
if ($field !== false) {
$cv = isset($this->auth[$uid][$field['field_alias']]);
switch ($v) {
case true:
if ($cv) {
return;
}
$sql_insert = array('bio' => $uid, 'field' => $field['field_id']);
$sql = 'INSERT INTO _bio_auth' . sql_build('INSERT', prefix('auth', $sql_insert));
sql_query($sql);
$this->auth[$uid][$field['field_alias']] = true;
break;
case false:
if (!$cv) {
return;
}
$sql = 'DELETE FROM _bio_auth
WHERE auth_bio = ?
AND auth_field = ?';
sql_query(sql_filter($sql, $uid, $field['field_id']));
unset($this->auth[$uid][$field['field_alias']]);
break;
}
$core->cache->unload();
}
return;
}
public function _home() {
global $config, $user, $cache, $upload, $comments;
if (_button()) {
$cat_id = request_var('cat_id', 0);
$post_subject = request_var('post_subject', '');
$post_desc = request_var('post_desc', '', true);
$post_message = request_var('post_text', '', true);
if (empty($post_desc) || empty($post_message)) {
_pre('Campos requeridos.', true);
}
$post_message = $comments->prepare($post_message);
$post_desc = $comments->prepare($post_desc);
$news_alias = friendly($post_subject);
//
$sql_insert = array(
'news_fbid' => '',
'cat_id' => $cat_id,
'news_active' => 1,
'news_alias' => $news_alias,
'post_reply' => 0,
'post_type' => 0,
'poster_id' => $user->d('id'),
'post_subject' => $post_subject,
'post_text' => $post_message,
'post_desc' => $post_desc,
'post_views' => 0,
'post_replies' => 0,
'post_time' => time(),
'post_ip' => $user->ip,
'image' => 0
);
$sql = 'INSERT _news' . sql_build('INSERT', $sql_insert);
$news_id = sql_query_nextid($sql);
// Upload news thumbnail
$send = $upload->process($config['news_path'], 'thumbnail');
if (count($this->error)) {
$error = array_merge($error, $this->error);
return;
}
if ($send !== false) {
foreach ($send as $row) {
$resize = $upload->resize($row, $config['news_path'], $config['news_path'], $news_id, array(100, 100), false, false, true);
if ($resize === false) {
continue;
}
}
}
$cache->delete('news');
redirect(s_link('news', $news_alias));
}
$sql = 'SELECT cat_id, cat_name
FROM _news_cat
ORDER BY cat_order';
$news_cat = sql_rowset($sql);
foreach ($news_cat as $i => $row) {
if (!$i) _style('cat');
_style('cat.row', array(
'CAT_ID' => $row['cat_id'],
'CAT_NAME' => $row['cat_name'])
);
}
return;
}
public function _home() {
global $config, $user, $cache;
if (!_button()) {
return false;
}
$request = _request(array('name' => '', 'local' => 0, 'location' => '', 'genre' => '', 'email' => '', 'www' => '', 'mods' => ''));
$request->subdomain = get_subdomain($request->name);
if (!$request->name) {
_pre('Ingresa el nombre del artista.', true);
}
$sql_insert = array(
'a_active' => 1,
'subdomain' => $request->subdomain,
'name' => $request->name,
'local' => (int) $request->local,
'datetime' => time(),
'location' => $request->location,
'genre' => $requeset->genre,
'email' => $request->email,
'www' => str_replace('http://', '', $request->www)
);
$artist_id = sql_insert('artists', $sql_insert);
// Cache
$cache->delete('ub_list a_records ai_records a_recent');
set_config('max_artists', $config['max_artists'] + 1);
// Create directories
artist_check($artist_id);
artist_check($artist_id . ' gallery');
artist_check($artist_id . ' media');
artist_check($artist_id . ' thumbnails');
artist_check($artist_id . ' x1');
// Mods
if (!empty($request->mods)) {
$usernames = w();
$a_mods = explode(nr(), $request->mods);
foreach ($a_mods as $each) {
$username_base = get_username_base($each);
$sql = 'SELECT *
FROM _members
WHERE username_base = ?
AND user_type <> ?
AND user_id <> ?';
if (!$userdata = sql_fieldrow(sql_filter($sql, $username_base, USER_INACTIVE, 1))) {
continue;
}
$sql_insert = array(
'ub' => $artist_id,
'user_id' => $userdata['user_id']
);
sql_insert('artists_auth', $sql_insert);
//
$update = array('user_type' => USER_ARTIST, 'user_auth_control' => 1);
if (!$userdata['user_rank']) {
$update['user_rank'] = (int) $config['default_a_rank'];
}
$sql = 'UPDATE _members SET ??
WHERE user_id = ?
AND user_type NOT IN (??, ??)';
sql_query(sql_filter($sql, sql_build('UPDATE', $update), $userdata['user_id'], USER_INACTIVE, USER_FOUNDER));
}
redirect(s_link('a', $subdomain));
}
}
protected function _clear_home()
{
global $bio;
$v = $this->__(w('id 0'));
if ($v->id) {
$sql = 'SELECT *
FROM _press
WHERE press_id = ?';
if (!($press = sql_fieldrow(sql_filter($sql, $v->id)))) {
$warning->now();
}
$sql_update = array('active' => 0, 'start' => 0, 'end' => 0, 'last' => 0);
$sql = 'UPDATE _press SET ' . sql_build('UPDATE', prefix('press', $sql_update)) . sql_filter('
WHERE press_id = ?', $v->id);
sql_query($sql);
$warning->now('ok');
}
$sql = 'SELECT press_id, press_subject
FROM _press
ORDER BY press_start';
$press = sql_rowset($sql);
$response = '';
foreach ($press as $i => $row) {
if (!$i) {
_style('press');
}
_style('press.row', array('LINK' => _link($this->m(), array('x1' => 'clear', 'id' => $row->press_id)), 'SUBJECT' => $row->subject));
}
return true;
}
public function registry($action, $uid = false)
{
$method = preg_replace('#^(INSERT|UPDATE|DELETE) (.*?)$#is', '\\1', $action);
$method = strtolower($method);
if (!in_array($method, w('insert update delete'))) {
return;
}
if (!($whitelist = get_file(XFS . XCOR . 'store/sql_history'))) {
return;
}
if (!count($whitelist)) {
return;
}
$action = str_replace(array("\n", "\t", "\r"), array('', '', ' '), $action);
$table = preg_replace('#^(INSERT\\ INTO|UPDATE|DELETE\\ FROM) (\\_[a-z\\_]+) (.*?)$#is', '\\2', $action);
if (!in_array($table, $whitelist)) {
return;
}
$actions = '';
switch ($method) {
case 'insert':
if (!preg_match('#^INSERT INTO (\\_[a-z\\_]+) \\((.*?)\\) VALUES \\((.*?)\\)$#is', $action, $s_action)) {
return;
}
$keys = array_map('trim', explode(',', $s_action[2]));
$values = array_map('trim', explode(',', $s_action[3]));
foreach ($values as $i => $row) {
$values[$i] = preg_replace('#^\'(.*?)\'$#i', '\\1', $row);
}
if (count($keys) != count($values)) {
return;
}
$query = array('table' => $s_action[1], 'query' => array_combine($keys, $values));
break;
case 'update':
if (!preg_match('#^UPDATE (\\_[a-z\\_]+) SET (.*?) WHERE (.*?)$#is', $action, $s_action)) {
return;
}
$all = array('set' => array_map('trim', explode(',', $s_action[2])), 'where' => array_map('trim', explode('AND', $s_action[3])));
foreach ($all as $j => $v) {
foreach ($v as $i => $row) {
$v_row = array_map('trim', explode('=', $row));
$all[$j][$v_row[0]] = preg_replace('#^\'(.*?)\'$#i', '\\1', $v_row[1]);
unset($all[$j][$i]);
}
}
$query = array('table' => $s_action[1], 'set' => $all['set'], 'where' => $all['where']);
break;
case 'delete':
if (!preg_match('#^DELETE FROM (\\_[a-z\\_]+) WHERE (.*?)$#is', $action, $s_action)) {
return;
}
$all = array('where' => array_map('trim', explode('AND', $s_action[2])));
foreach ($all as $j => $v) {
foreach ($v as $i => $row) {
$v_row = array_map('trim', explode('=', $row));
$all[$j][$v_row[0]] = preg_replace('#^\'(.*?)\'$#i', '\\1', $v_row[1]);
unset($all[$j][$i]);
}
}
$query = array('table' => $s_action[1], 'where' => $all['where']);
break;
}
global $bio;
$sql_insert = array('time' => time(), 'uid' => $bio->v('bio_id'), 'method' => $method, 'actions' => json_encode($query));
$sql = 'INSERT INTO _log' . sql_build('INSERT', prefix('log', $sql_insert));
_sql($sql);
return;
}
}
if (empty($proveedor)) {
$error[] = 'Debe ingresar el nombre del proveedor.';
}
if (!sizeof($error)) {
$sql = 'SELECT *
FROM _prov
WHERE p_nit = ? OR p_name = ?';
if ($row = sql_fieldrow(sql_filter($sql, $nit, strtoupper($proveedor)))) {
$error[] = 'El NIT o proveedor ya existe.';
}
}
if (!sizeof($error)) {
$psf = request_var('psf', 0);
$insert_prov = array('p_nit' => $nit, 'p_name' => strtoupper($proveedor), 'p_sf' => $psf);
sql_query('INSERT INTO _prov' . sql_build('INSERT', $insert_prov));
xlog('pi.' . $nit, 0, 0);
}
break;
}
if (!sizeof($error)) {
if ($screen == 'p') {
redirect(array('insert', 'p'));
}
if ($return_this != $user->data['user_return_insert']) {
$sql = 'UPDATE _users SET user_return_insert = ?
WHERE user_id = ?';
sql_query(sql_filter($sql, $return_this, $user->data['user_id']));
}
if ($screen == 'c') {
$return_this = 1;
function xlog($a, $e, $f = -9)
{
global $db, $user;
$action = $a . ($f != -9 ? '.' . $f : '');
$insert = array('log_user_id' => (int) $user->data['user_id'], 'log_date' => (int) time(), 'log_exe' => (int) $e, 'log_action' => $action);
$sql = 'INSERT INTO _log' . sql_build('INSERT', $insert);
sql_query($sql);
}
private function remove() {
global $config, $user;
$auth_url = s_link('acp', array('artist_auth', 'a' => $this->object['subdomain']));
if (_button('cancel')) {
redirect($auth_url);
}
$submit = _button('remove');
$confirm = _button('confirm');
if ($submit || $confirm) {
$result = request_var('s_members', array(0));
if (sizeof($result)) {
$sql = 'SELECT m.user_id, m.username, m.user_rank
FROM _artists_auth a, _members m
WHERE a.ub = ?
AND m.user_id IN (??)
AND m.user_id <> ?
AND m.user_type <> ??
AND a.user_id = m.user_id
ORDER BY m.user_id';
$result = sql_rowset(sql_filter($sql, $this->object['ub'], implode(',', $result), $user->data['user_id'], USER_INACTIVE), 'user_id');
}
if (!$result) {
redirect($auth_url);
}
/*
If Confirm button is pressed.
*/
if ($confirm) {
foreach ($result as $row) {
$update = w();
$user_type = USER_ARTIST;
$sql = 'SELECT COUNT(ub) AS total
FROM _artists_auth
WHERE user_id = ?';
$total = sql_field(sql_filter($sql, $row['user_id']), 'total', 0);
if ($total == 1) {
$update['user_auth_control'] = 0;
$user_type = USER_NORMAL;
if ($item['user_rank'] == $config['default_a_rank']) {
$update['user_rank'] = 0;
}
$sql = 'SELECT *
FROM _artists_fav
WHERE user_id = ?';
if (sql_fieldrow(sql_filter($sql, $row['user_id']))) {
$user_type = USER_FAN;
}
$update['user_type'] = $user_type;
$sql = 'UPDATE _members SET ??
WHERE user_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', $update), $row['user_id']));
}
$sql = 'DELETE FROM _artists_auth
WHERE ub = ?
AND user_id = ?';
sql_query(sql_filter($sql, $this->object['ub'], $row['user_id']));
}
return redirect($auth_url);
}
/*
Display confirm dialog
*/
$result_list = '';
foreach ($result as $row) {
$result_list .= (($result_list != '') ? ', ' : '') . $row['username'];
$result_hidden .= s_hidden(array('s_members[]' => $row['user_id']));
}
$message = count($result) == 1 ? '2' : '';
$layout_vars = array(
'MESSAGE_TEXT' => sprintf(lang('acp_artist_auth_delete' . $message), $this->object['name'], $result_list),
'S_CONFIRM_ACTION' => s_link('acp', array('artist_auth', 'a' => $this->object['subdomain'])),
'S_HIDDEN_FIELDS' => $result_hidden
);
page_layout('ACP_ARTIST_AUTH', 'confirm', $layout_vars);
}
redirect($auth_url);
return;
}
public function v($k, $v = false) {
$a = (isset($this->config[$k])) ? $this->config[$k] : false;
if ($v !== false) {
$update = array('config_value' => $v);
if ($a !== false) {
$sql = 'UPDATE _config SET ??
WHERE config_name = ?';
$sql = sql_filter($sql, sql_build('UPDATE', $update), $k);
} else {
$update['config_name'] = $k;
$sql = 'INSERT INTO _config' . sql_build('INSERT', $update);
}
sql_query($sql);
$this->config[$k] = $a = $v;
}
return $a;
}
public final function _install()
{
global $core;
// TODO: Improve module installation!
// Pre run check
if (!($modules = $core->cache->load('modules'))) {
$sql = 'SELECT *
FROM _modules
ORDER BY module_name';
$modules = $core->cache->store(_rowset($sql));
}
$run_install = true;
foreach ($modules as $row) {
if ($row['module_alias'] === $this->m()) {
$run_install = false;
}
}
// Run module install
if ($run_install) {
$proc = $this->install();
// Post install
$sql_insert = array('alias' => $this->m(), 'name' => $proc['NAME'], 'author' => $proc['AUTHOR'], 'link' => $proc['LINK']);
$sql = 'INSERT INTO _modules' . sql_build('INSERT', prefix('module', $sql_insert));
sql_query($sql);
}
return;
}
function session_create($user_id = false)
{
global $db, $config;
$this->data = array();
// Garbage collection ... remove old sessions updating user information
// if necessary. It means (potentially) 11 queries but only infrequently
if ($this->time_now > $config['session_last_gc'] + $config['session_gc']) {
$this->session_gc();
}
if ($user_id !== false) {
$this->cookie_data['u'] = $user_id;
$sql = 'SELECT *
FROM _users
WHERE user_id = ?';
$this->data = sql_fieldrow(sql_filter($sql, $this->cookie_data['u']));
}
// If no data was returned one or more of the following occured:
// Key didn't match one in the DB
// User does not exist
if (!sizeof($this->data)) {
$this->cookie_data['u'] = 1;
$sql = 'SELECT *
FROM _users
WHERE user_id = ?';
$this->data = sql_fieldrow(sql_filter($sql, $this->cookie_data['u']));
}
if ($this->data['user_id'] != 1) {
$sql = 'SELECT session_time, session_id
FROM _sessions
WHERE session_user_id = ?
ORDER BY session_time DESC
LIMIT 1';
if ($sdata = sql_fieldrow(sql_filter($sql, $this->data['user_id']))) {
$this->data = array_merge($sdata, $this->data);
unset($sdata);
$this->session_id = $this->data['session_id'];
}
$this->data['session_last_visit'] = isset($this->data['session_time']) && $this->data['session_time'] ? $this->data['session_time'] : ($this->data['user_lastvisit'] ? $this->data['user_lastvisit'] : time());
} else {
$this->data['session_last_visit'] = time();
}
//
// Do away with ultimately?
$this->data['is_user'] = $this->data['user_id'] != 1 ? true : false;
//
//
// Create or update the session
$sql_ary = array('session_user_id' => (int) $this->data['user_id'], 'session_start' => (int) $this->time_now, 'session_last_visit' => (int) $this->data['session_last_visit'], 'session_time' => (int) $this->time_now, 'session_page' => (string) $this->page, 'session_ip' => (string) $this->ip);
$sql = 'UPDATE _sessions SET ??
WHERE session_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', $sql_ary), $this->session_id));
if (!$this->session_id || !sql_affectedrows()) {
$this->session_id = $this->data['session_id'] = md5(unique_id());
$sql_ary['session_id'] = (string) $this->session_id;
sql_query('INSERT INTO _sessions' . sql_build('INSERT', $sql_ary));
}
$cookie_expire = $this->time_now + 31536000;
$this->set_cookie('u', $this->cookie_data['u'], $cookie_expire);
$this->set_cookie('sid', $this->session_id, 0);
return true;
}
public function v($k, $v = false, $nr = false)
{
$a = isset($this->config->{$k}) ? $this->config->{$k} : false;
if ($nr !== false && $v !== false) {
$this->config->{$k} = $v;
return $v;
}
if ($v !== false) {
$sql_update = array('config_value' => $v);
if ($a !== false) {
$sql = 'UPDATE _config SET ' . sql_build('UPDATE', $sql_update) . sql_filter('
WHERE config_name = ?', $k);
} else {
$sql_update['config_name'] = $k;
$sql = 'INSERT INTO _config' . sql_build('INSERT', $sql_update);
}
sql_query($sql);
$this->config->{$k} = $a = $v;
}
return $a;
}
function _refresh_config($tpl, $add_vars = false)
{
if (@file_exists('./style/' . $tpl . '/xs_config.cfg'))
{
$style_config = array();
include('./style/' . $tpl . '/xs_config.cfg');
if (count($style_config))
{
global $core;
for ($i = 0; $i < count($style_config); $i++)
{
if (!isset($this->style_config[$style_config[$i]['var']]))
{
$this->style_config[$style_config[$i]['var']] = $style_config[$i]['default'];
if ($add_vars)
{
$this->vars['TPL_CFG_' . strtoupper($style_config[$i]['var'])] = $style_config[$i]['default'];
}
}
}
$str = $this->_serialize($this->style_config);
$config_name = 'xs_style_' . $tpl;
if (isset($core->config[$config_name]))
{
$sql = 'UPDATE _config SET config_value = ?
WHERE config_name = ?';
$sql = sql_filter($sql, $str, $config_name);
}
else
{
$sql_insert = array(
'config_name' => $config_name,
'config_value' => $str
);
$sql = 'INSERT INTO _config' . sql_build('INSERT', $sql_insert);
}
sql_query($sql);
$core->config[$config_name] = $str;
return true;
}
}
return false;
}
/**
* Create a new session
*
* If upon trying to start a session we discover there is nothing existing we
* jump here. Additionally this method is called directly during login to regenerate
* the session for the specific user. In this method we carry out a number of tasks;
* garbage collection, (search)bot checking, banned user comparison. Basically
* though this method will result in a new session for a specific user.
*/
public function session_create($bio_id = false, $_update = true)
{
global $core;
$this->base = w();
// Garbage collection. Remove old sessions updating user information
// if necessary. It means (potentially) 11 queries but only infrequently
if (time() > $core->v('session_last_gc') + $core->v('session_gc')) {
$this->session_gc();
}
// If we've been passed a bio_id we'll grab data based on that
if ($bio_id !== false) {
$this->cookie['u'] = $bio_id;
$this->base = $this->select($this->cookie['u']);
}
// If no data was returned one or more of the following occured:
// User does not exist
// User is inactive
// User is bot
if (!count($this->base) || !is_array($this->base)) {
$this->cookie['u'] = 1;
$this->base = $this->select($this->cookie['u']);
}
$this->base->session_last_visit = time();
if ($this->base->bio_id != 1) {
$sql = 'SELECT session_time, session_id
FROM _sessions
WHERE session_bio_id = ?
ORDER BY session_time DESC
LIMIT 1';
if ($result = sql_fieldrow(sql_filter($sql, $this->base->bio_id))) {
$this->base = array_merge($this->base, $result);
$this->session = $this->base->session_id;
unset($result);
}
$this->base->session_last_visit = isset($this->base->session_time) && $this->base->session_time ? $this->base->session_time : ($this->base->bio_lastvisit ? $this->base->bio_lastvisit : time());
}
// Create or update the session
$sql_ary = array('session_bio_id' => $this->base->bio_id, 'session_start' => time(), 'session_last_visit' => $this->base->session_last_visit, 'session_time' => time(), 'session_browser' => (string) $this->browser, 'session_ip' => (string) $this->ip);
if ($_update) {
$sql_ary['session_page'] = (string) $this->page;
$this->base->session_page = $sql_ary['session_page'];
}
$run_update = false;
if ($this->session) {
$run_update = true;
$sql = 'UPDATE _sessions SET ' . sql_build('UPDATE', $sql_ary) . sql_filter('
WHERE session_id = ?', $this->session);
sql_query($sql);
}
if (!$this->session || $run_update && !sql_affectedrows()) {
$this->session = $this->base->session_id = $sql_ary['session_id'] = (string) md5(unique_id());
$sql = 'INSERT INTO _sessions' . sql_build('INSERT', $sql_ary);
sql_query($sql);
}
$this->set_cookie('u', $this->cookie['u'], time() + 31536000);
$this->set_cookie('sid', $this->session, 0);
return true;
}
function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, &$post_username, &$post_subject, &$post_message, &$post_np, &$poll_title, &$poll_options, &$poll_length, $ub = '')
{
global $config, $lang, $userdata, $user_ip, $tree;
$current_time = time();
/*
//
// Retreive authentication info to determine if this user has moderator status
//
$is_auth = $tree['auth'][POST_FORUM_URL . $forum_id];
$is_mod = $is_auth['auth_mod'];
if ($mode == 'newtopic' || $mode == 'reply' && !$is_mod)
{
//
// Flood control
//
$where_sql = ($userdata['user_id'] == GUEST) ? "poster_ip = '$user_ip'" : 'poster_id = ' . $userdata['user_id'];
$sql = "SELECT MAX(post_time) AS last_post_time
FROM _forum_posts
WHERE $where_sql";
if ($row = sql_fieldrow($result)) {
if (intval($row['last_post_time']) > 0 && ($current_time - intval($row['last_post_time'])) < intval($config['flood_interval'])) {
trigger_error('Flood_Error');
}
}
}
*/
if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post']))
{
$topic_vote = (!empty($poll_title) && count($poll_options) >= 2) ? 1 : 0;
if ($mode != 'editpost') {
$sql_insert = array(
'topic_title' => $post_subject,
'topic_poster' => $userdata['user_id'],
'topic_time' => $current_time,
'forum_id' => $forum_id,
'topic_status' => TOPIC_UNLOCKED,
'topic_important' => $topic_type,
'topic_vote' => $topic_vote
);
if (!empty($ub)) {
$sql_insert['ub'] = $ub;
}
sql_insert('forum_topics', $sql_insert);
} else {
$sql_update = array(
'topic_title' => $post_subject,
'topic_important' => $topic_type
);
if ($post_data['edit_vote'] || !empty($poll_title)) {
$sql_update['topic_vote'] = $topic_vote;
}
$sql = 'UPDATE _forum_topics SET ??
WHERE topic_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $topic_id));
}
if ($mode == 'newtopic') {
$topic_id = sql_nextid();
}
}
$edited_sql = ($mode == 'editpost' && !$post_data['last_post'] && $post_data['poster_post']) ? '' : '';
if ($mode != 'editpost') {
$sql_insert = array(
'topic_id' => $topic_id,
'forum_id' => $forum_id,
'poster_id' => $userdata['user_id'],
'post_username' => $post_username,
'post_time' => $current_time,
'poster_ip' => $user_ip,
'post_subject' => $post_subject,
'post_text' => $post_message,
'post_np' => $post_np
);
sql_insert('forum_posts', $sql_insert);
} else {
$sql_update = array(
'post_username' => $post_username,
'post_subject' => $post_subject,
'post_text' => $post_text,
'post_np' => $post_np
);
$sql = 'UPDATE _forum_posts SET ??
WHERE post_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $post_id));
}
if ($mode != 'editpost') {
$post_id = sql_nextid();
}
//
// Add poll
//
if (($mode == 'newtopic' || ($mode == 'editpost' && $post_data['edit_poll'])) && !empty($poll_title) && count($poll_options) >= 2)
{
if ($post_data['has_poll']) {
$sql_update = array(
'vote_text' => $poll_title,
'vote_length' => ($poll_length * 86400)
);
$sql = 'UPDATE _poll_options SET ??
WHERE topic_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $topic_id));
} else {
$sql_insert = array(
'topic_id' => $topic_id,
'vote_text' => $poll_title,
'vote_start' => $current_time,
'vote_length' => ($poll_length * 86400)
);
sql_insert('poll_options', $sql_insert);
}
$delete_option_sql = '';
$old_poll_result = w();
if ($mode == 'editpost' && $post_data['has_poll']) {
$sql = 'SELECT vote_option_id, vote_result
FROM _poll_results
WHERE vote_id = ?
ORDER BY vote_option_id ASC';
$result = sql_rowset(sql_filter($sql, $poll_id));
foreach ($result as $row) {
$old_poll_result[$row['vote_option_id']] = $row['vote_result'];
if (!isset($poll_options[$row['vote_option_id']])) {
$delete_option_sql .= ($delete_option_sql != '') ? ', ' . $row['vote_option_id'] : $row['vote_option_id'];
}
}
} else {
$poll_id = sql_nextid();
}
$poll_option_id = 1;
while (list($option_id, $option_text) = each($poll_options)) {
if (!empty($option_text)) {
$option_text = str_replace("\'", "''", htmlspecialchars($option_text));
$poll_result = ($mode == "editpost" && isset($old_poll_result[$option_id])) ? $old_poll_result[$option_id] : 0;
if ($mode != 'editpost' || !isset($old_poll_result[$option_id])) {
$sql_insert = array(
'vote_id' => $poll_id,
'vote_option_id' => $poll_option_id,
'vote_option_text' => $option_text,
'vote_result' => $poll_result
);
sql_insert('poll_results', $sql_insert);
} else {
$sql_update = array(
'vote_option_text' => $option_text,
'vote_result' => $poll_result
);
$sql = 'UPDATE _poll_results SET ??
WHERE vote_option_id = ?
AND vote_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', $sql_update), $option_id, $poll_id));
}
$poll_option_id++;
}
}
if (!empty($delete_option_sql))
{
$sql = 'DELETE FROM _poll_results
WHERE vote_option_id IN (??)
AND vote_id = ?';
sql_query(sql_filter($sql, $delete_option_sql, $poll_id));
}
}
redirect(s_link('post', $post_id) . '#' . $post_id);
return false;
}
public function run() {
global $config, $auth, $user, $comments;
$topic_id = request_var('t', 0);
$post_id = request_var('p', 0);
if (!$topic_id && !$post_id) {
fatal_error();
}
//
// Get topic data
//
if ($post_id) {
$sql_from = ', _forum_posts p, _forum_posts p2, _members m ';
$sql_where = sql_filter('p.post_id = ? AND p.poster_id = m.user_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= ?', $post_id, $post_id);
$sql_count = ', p.post_text, m.username AS reply_username, COUNT(p2.post_id) AS prev_posts, p.post_deleted';
$sql_order = ' GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_locked, t.topic_replies, t.topic_time, t.topic_important, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_locked, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_announce, f.auth_pollcreate, f.auth_vote ORDER BY p.post_id ASC';
} else {
$sql_from = $sql_count = $sql_order = '';
$sql_where = sql_filter('t.topic_id = ?', $topic_id);
}
$sql = 'SELECT t.*, f.*' . $sql_count . '
FROM _forum_topics t, _forums f' . $sql_from . '
WHERE ' . $sql_where . ' AND f.forum_id = t.forum_id' . $sql_order;
if (!$topic_data = sql_fieldrow($sql)) {
fatal_error();
}
switch ($topic_data['forum_alias']) {
case 'events':
$sql = 'SELECT event_alias
FROM _events
WHERE event_topic = ?';
if ($event_alias = sql_field(sql_filter($sql, $topic_data['topic_id']), 'event_alias', '')) {
redirect(s_link('events', $event_alias));
}
break;
}
//
// Hide deleted posts
if (isset($topic_data['post_deleted']) && $topic_data['post_deleted']) {
fatal_error();
}
//
// Check mod auth
$mod_auth = $user->is('mod');
//
// Init vars
//
$forum_id = (int) $topic_data['forum_id'];
$topic_id = (int) $topic_data['topic_id'];
$topic_url = s_link('topic', $topic_id);
$reply = request_var('reply', 0);
$start = request_var('offset', 0);
$submit_reply = _button('post');
$submit_vote = _button('vote');
$post_message = '';
$post_reply_message = '';
$post_np = '';
$current_time = time();
$error = $is_auth = w();
if (!$post_id && $reply) {
$reply = 0;
}
//
// Start member auth
//
$is_auth = $auth->forum(AUTH_ALL, $forum_id, $topic_data);
if ($submit_reply || $submit_vote) {
$auth_key = ($submit_reply) ? 'auth_reply' : 'auth_vote';
if (((!$is_auth['auth_view'] || !$is_auth['auth_read'])) || !$is_auth[$auth_key]) {
if (!$user->is('member')) {
do_login();
}
$can_reply_closed = $auth->option(w('forum topics delete'));
if (!$can_reply_closed && ($topic_data['forum_locked'] || $topic_data['topic_locked'])) {
$error[] = 'TOPIC_LOCKED';
if ($submit_vote && !$topic_data['topic_vote']) {
$error[] = 'POST_HAS_NO_POLL';
}
}
if (!sizeof($error)) {
redirect($topic_url);
}
}
if (!sizeof($error)) {
if ($submit_vote) {
$vote_option = request_var('vote_id', 0);
if ($vote_option) {
$sql = 'SELECT vd.vote_id
FROM _poll_options vd, _poll_results vr
WHERE vd.topic_id = ?
AND vr.vote_id = vd.vote_id
AND vr.vote_option_id = ?
GROUP BY vd.vote_id';
if ($vote_id = sql_field(sql_filter($sql, $topic_id, $vote_option), 'vote_id', 0)) {
$sql = 'SELECT *
FROM _poll_voters
WHERE vote_id = ?
AND vote_user_id = ?';
if (!sql_fieldrow(sql_filter($sql, $vote_id, $user->d('user_id')))) {
$sql = 'UPDATE _poll_results SET vote_result = vote_result + 1
WHERE vote_id = ?
AND vote_option_id = ?';
sql_query(sql_filter($sql, $vote_id, $vote_option));
$insert_vote = array(
'vote_id' => (int) $vote_id,
'vote_user_id' => (int) $user->d('user_id'),
'vote_user_ip' => $user->ip,
'vote_cast' => (int) $vote_option
);
sql_insert('poll_voters', $insert_vote);
}
}
}
redirect(s_link('topic', $topic_id));
} else {
$post_message = request_var('message', '', true);
$post_np = request_var('np', '');
if ($reply) {
$post_reply_message = request_var('reply_message', '', true);
}
// Check message
if (empty($post_message)) {
$error[] = 'EMPTY_MESSAGE';
}
if (!sizeof($error) && !$mod_auth)
{
$sql = 'SELECT MAX(post_time) AS last_post_time
FROM _forum_posts
WHERE poster_id = ?';
if ($last_post_time = sql_field(sql_filter($sql, $user->d('user_id')))) {
if (intval($last_post_time) > 0 && ($current_time - intval($last_post_time)) < intval($config['flood_interval'])) {
$error[] = 'FLOOD_ERROR';
}
}
}
if (!sizeof($error)) {
$update_topic = w();
if (strstr($post_message, '-Anuncio-') && $user->is('mod')) {
$topic_announce = 1;
$post_message = str_replace('-Anuncio-', '', $post_message);
$update_topic['topic_announce'] = $topic_announce;
}
if (strstr($post_message, '-Cerrado-') && $user->is('mod')) {
$topic_locked = 1;
$post_message = str_replace('-Cerrado-', '', $post_message);
$update_topic['topic_locked'] = $topic_locked;
}
$post_message = $comments->prepare($post_message);
if ($reply && $post_reply_message != '') {
$post_reply_message = preg_replace('#(^|[\n ]|\()(http|https|ftp)://([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)(gif|jpg|jpeg|png)#ie', '', $post_reply_message);
}
if ($reply && empty($post_reply_message)) {
$post_reply_message = '...';
}
if ($reply && $post_reply_message != '') {
$post_message = '<blockquote><strong>' . $topic_data['reply_username'] . "</strong>" . nr(false, 2) . $post_reply_message . '</blockquote><br /> ' . $post_message;
} else {
$reply = 0;
}
$insert_data = array(
'topic_id' => (int) $topic_id,
'forum_id' => (int) $forum_id,
'poster_id' => (int) $user->d('user_id'),
'post_time' => (int) $current_time,
'poster_ip' => $user->ip,
'post_text' => $post_message,
'post_np' => $post_np
);
if ($reply) {
$insert_data['post_reply'] = $post_id;
}
$post_id = sql_insert('forum_posts', $insert_data);
$user->delete_unread(UH_T, $topic_id);
$user->save_unread(UH_T, $topic_id);
if (!in_array($forum_id, forum_for_team_array()) && $topic_data['topic_points']) {
//$user->points_add(1);
}
//
$a_list = forum_for_team_list($forum_id);
if (count($a_list)) {
$sql_delete_unread = 'DELETE FROM _members_unread
WHERE element = ?
AND item = ?
AND user_id NOT IN (??)';
sql_query(sql_filter($sql_delete_unread, 8, $topic_id, implode(', ', $a_list)));
}
$update_topic['topic_last_post_id'] = $post_id;
if ($topic_locked) {
topic_feature($topic_id, 0);
}
$sql = 'UPDATE _forums SET forum_posts = forum_posts + 1, forum_last_topic_id = ?
WHERE forum_id = ?';
sql_query(sql_filter($sql, $topic_id, $forum_id));
$sql = 'UPDATE _forum_topics SET topic_replies = topic_replies + 1, ' . sql_build('UPDATE', $update_topic) . sql_filter('
WHERE topic_id = ?', $topic_id);
sql_query($sql);
$sql = 'UPDATE _members SET user_posts = user_posts + 1
WHERE user_id = ?';
sql_query(sql_filter($sql, $user->d('user_id')));
redirect(s_link('post', $post_id) . '#' . $post_id);
}
}
}
}
if (!$is_auth['auth_view'] || !$is_auth['auth_read']) {
if (!$user->is('member')) {
do_login();
}
fatal_error();
}
if ($post_id) {
$start = floor(($topic_data['prev_posts'] - 1) / (int) $config['posts_per_page']) * (int) $config['posts_per_page'];
$user->d('user_topic_order', 0);
}
if ($user->is('member')) {
//
// Is user watching this topic?
//
$sql = 'SELECT notify_status
FROM _forum_topics_fav
WHERE topic_id = ?
AND user_id = ?';
if (!sql_field(sql_filter($sql, $topic_id, $user->d('user_id')), 'notify_status')) {
if (_button('watch')) {
$sql_insert = array(
'user_id' => $user->d('user_id'),
'topic_id' => $topic_id,
'notify_status' => 0
);
sql_insert('forum_topics_fav', $sql_insert);
redirect($topic_url . (($start) ? 's' . $start . '/' : ''));
}
_style('watch_topic');
}
}
//
// Get all data for the topic
//
$get_post_id = ($reply) ? 'post_id' : 'topic_id';
$get_post_data['p.' . $get_post_id] = ${$get_post_id};
if (!$user->is('founder')) {
$get_post_data['p.post_deleted'] = 0;
}
$sql = 'SELECT p.*, u.user_id, u.username, u.username_base, u.user_avatar, u.user_posts, u.user_gender, u.user_rank, u.user_sig
FROM _forum_posts p, _members u
WHERE u.user_id = p.poster_id
AND p.post_deleted = 0
AND ' . sql_build('SELECT', $get_post_data) . '
ORDER BY p.post_time ' . (($user->d('user_topic_order')) ? 'DESC' : 'ASC') .
((!$reply) ? ' LIMIT ' . (int) $start . ', ' . (int) $config['posts_per_page'] : '');
if (!$messages = sql_rowset($sql)) {
if ($topic_data['topic_replies'] + 1) {
fatal_error();
}
redirect(s_link('topic', $topic_id));
}
//
// Re-count topic replies
//
if ($user->is('founder')) {
$sql = 'SELECT COUNT(p.post_id) AS total
FROM _forum_posts p, _members u
WHERE p.topic_id = ?
AND u.user_id = p.poster_id';
if ($total = sql_field(sql_filter($sql, $topic_id), 'total')) {
$topic_data['topic_replies2'] = $total - 1;
}
}
//
// Update the topic views
//
if (!$start && !$user->is('founder')) {
$sql = 'UPDATE _forum_topics
SET topic_views = topic_views + 1
WHERE topic_id = ?';
sql_query(sql_filter($sql, $topic_id));
}
//
// If the topic contains a poll, then process it
//
if ($topic_data['topic_vote']) {
$sql = 'SELECT vd.vote_id, vd.vote_text, vd.vote_start, vd.vote_length, vr.vote_option_id, vr.vote_option_text, vr.vote_result
FROM _poll_options vd, _poll_results vr
WHERE vd.topic_id = ?
AND vr.vote_id = vd.vote_id
ORDER BY vr.vote_option_order, vr.vote_option_id ASC';
if ($vote_info = sql_rowset(sql_filter($sql, $topic_id))) {
$sql = 'SELECT vote_id
FROM _poll_voters
WHERE vote_id = ?
AND vote_user_id = ?';
$user_voted = sql_field(sql_filter($sql, $vote_info[0]['vote_id'], $user->d('user_id')), 'vote_id', 0);
$poll_expired = ($vote_info[0]['vote_length']) ? (($vote_info[0]['vote_start'] + $vote_info[0]['vote_length'] < $current_time) ? true : 0) : 0;
_style('poll', array(
'POLL_TITLE' => $vote_info[0]['vote_text'])
);
if ($user_voted || $poll_expired || !$is_auth['auth_vote'] || $topic_data['topic_locked']) {
$vote_results_sum = 0;
foreach ($vote_info as $row) {
$vote_results_sum += $row['vote_result'];
}
_style('poll.results');
foreach ($vote_info as $row) {
$vote_percent = ($vote_results_sum > 0) ? $row['vote_result'] / $vote_results_sum : 0;
_style('poll.results.item', array(
'CAPTION' => $row['vote_option_text'],
'RESULT' => $row['vote_result'],
'PERCENT' => sprintf("%.1d", ($vote_percent * 100)))
);
}
} else {
_style('poll.options', array(
'S_VOTE_ACTION' => $topic_url)
);
foreach ($vote_info as $row) {
_style('poll.options.item', array(
'POLL_OPTION_ID' => $row['vote_option_id'],
'POLL_OPTION_CAPTION' => $row['vote_option_text'])
);
}
}
}
}
//
// Advanced auth
//
$controls = $user_profile = w();
$unset_user_profile = w('user_id user_posts user_gender');
_style('posts');
foreach ($messages as $row) {
if ($user->is('member')) {
$poster = ($row['user_id'] != GUEST) ? $row['username'] : (($row['post_username'] != '') ? $row['post_username'] : lang('guest'));
$controls[$row['post_id']]['reply'] = s_link('post', $row['post_id'], 'reply');
if ($mod_auth) {
$controls[$row['post_id']]['edit'] = s_link('acp', array('forums_post_modify', 'msg_id' => $row['post_id']));
$controls[$row['post_id']]['delete'] = s_link('acp', array('forums_post_delete', 'msg_id' => $row['post_id']));
}
}
$user_profile[$row['user_id']] = $comments->user_profile($row, '', $unset_user_profile);
$data = array(
'POST_ID' => $row['post_id'],
'POST_DATE' => $user->format_date($row['post_time']),
'MESSAGE' => $comments->parse_message($row['post_text']),
'PLAYING' => $row['post_np'],
'DELETED' => $row['post_deleted'],
'UNREAD' => 0
);
foreach ($user_profile[$row['user_id']] as $key => $value) {
$data[strtoupper($key)] = $value;
}
_style('posts.item', $data);
_style('posts.item.' . (($row['user_id'] != GUEST) ? 'username' : 'guestuser'));
if (isset($controls[$row['post_id']])) {
_style('posts.item.controls');
foreach ($controls[$row['post_id']] as $item => $url) {
_style('posts.item.controls.'.$item, array('URL' => $url));
}
}
}
//
// Display Member topic auth
//
/*
if ($mod_auth) {
$mod = array((($topic_data['topic_important']) ? 'important' : 'normal'), 'delete', 'move', ((!$topic_data['topic_locked']) ? 'lock' : 'unlock'), 'split', 'merge');
$mod_topic = w();
foreach ($mod as $item) {
if ($auth->option(array('forum', 'topics', $item))) {
$mod_topic[strtoupper($item)] = s_link('acp', array('topic', topic' => $topic_id, 'mode' => $item));
}
}
if (sizeof($mod_topic)) {
_style('auth');
foreach ($mod_topic as $k => $v) {
_style('auth.item', array(
'URL' => $v,
'LANG' => lang($k . '_topic'))
);
}
}
}
*/
build_num_pagination($topic_url . 's%d/', ($topic_data['topic_replies'] + 1), $config['posts_per_page'], $start, '', 'TOPIC_');
//
// Posting box
if (sizeof($error)) {
_style('post_error', array(
'MESSAGE' => parse_error($error))
);
}
$can_reply_closed = $auth->option(array('forum', 'topics', 'delete'));
if ((!$topic_data['forum_locked'] && !$topic_data['topic_locked']) || $can_reply_closed) {
if ($user->is('member')) {
if ($is_auth['auth_reply']) {
$s_post_action = (($reply) ? s_link('post', $post_id, 'reply') : $topic_url) . '#e';
_style('post_box', array(
'MESSAGE' => $post_message,
'NP' => $post_np,
'S_POST_ACTION' => $s_post_action)
);
if ($reply) {
if (empty($post_reply_message)) {
$post_reply_message = $comments->remove_quotes($topic_data['post_text']);
}
if (!empty($post_reply_message)) {
$rx = array('#(^|[\n ]|\()(http|https|ftp)://([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)(gif|jpg|jpeg|png)#is', '#\[yt:[0-9a-zA-Z\-\=\_]+\]#is', '#\[sb\]#is', '#\[\/sb\]#is');
$post_reply_message = preg_replace($rx, '', $post_reply_message);
}
if (empty($post_reply_message)) {
$post_reply_message = '...';
}
_style('post_box.reply', array(
'MESSAGE' => $post_reply_message)
);
}
}
}
}
// MOD: Featured topic
if ($user->is('mod')) {
$v_lang = ($topic_data['topic_featured']) ? 'REM' : 'ADD';
_style('feature', array(
'U_FEAT' => s_link('acp', array('forums_topic_feature', 'msg_id', $topic_data['topic_id'])),
'V_LANG' => lang('topic_featured_' . $v_lang))
);
}
//
// Send vars to template
//
v_style(array(
'FORUM_NAME' => $topic_data['forum_name'],
'TOPIC_TITLE' => $topic_data['topic_title'],
'TOPIC_REPLIES' => $topic_data['topic_replies'],
'S_TOPIC_ACTION' => $topic_url . (($start) ? 's' . $start . '/' : ''),
'U_VIEW_FORUM' => s_link('forum', $topic_data['forum_alias']))
);
$layout_file = 'topic';
if (@file_exists('./template/custom/topics_' . $forum_id . '.htm')) {
$layout_file = 'custom/topics_' . $forum_id;
}
if (@file_exists('./template/custom/topic_' . $topic_id . '.htm')) {
$layout_file = 'custom/topic_' . $topic_id;
}
$this->_title = $topic_data['topic_title'];
$this->_template = $layout_file;
return;
}
private function profile() {
global $user, $config, $comments, $cache, $upload;
$error = w();
$fields = w('public_email timezone dateformat location sig msnm yim lastfm website occ interests os fav_genres fav_artists rank color');
$length_ary = w('location sig msnm yim website occ interests os fav_genres fav_artists');
$_fields = new stdClass;
foreach ($fields as $field) {
$_fields->$field = $user->d('user_' . $field);
}
$_fields->avatar = $user->d('user_avatar');
$_fields->gender = $user->d('user_gender');
$_fields->hideuser = $user->d('user_hideuser');
$_fields->email_dc = $user->d('user_email_dc');
$_fields->birthday_day = (int) substr($user->d('user_birthday'), 6, 2);
$_fields->birthday_month = (int) substr($user->d('user_birthday'), 4, 2);
$_fields->birthday_year = (int) substr($user->d('user_birthday'), 0, 4);
if (_button()) {
foreach ($_fields as $field => $value) {
$_fields->$field = request_var($field, $value);
}
$_fields->password1 = request_var('password1', '');
$_fields->password2 = request_var('password2', '');
$_fields->hideuser = _button('hideuser');
$_fields->email_dc = _button('email_dc');
if (!empty($_fields->password1)) {
if (empty($_fields->password2)) {
$error[] = 'EMPTY_PASSWORD2';
}
if (!sizeof($error)) {
if ($_fields->password1 != $_fields->password2) {
$error[] = 'PASSWORD_MISMATCH';
} else if (strlen($_fields->password1) > 30) {
$error[] = 'PASSWORD_LONG';
}
}
}
unset($_fields->password1, $_fields->password2);
foreach ($length_ary as $field) {
if (strlen($_fields->$field) < 2) {
$_fields->$field = '';
}
}
if (!empty($_fields->website)) {
if (!preg_match('#^http[s]?:\/\/#i', $_fields->website)) {
$_fields->website = 'http://' . $_fields->website;
}
if (!preg_match('#^http[s]?\\:\\/\\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i', $_fields->website)) {
$_fields->website = '';
}
}
if (!empty($_fields->rank)) {
$rank_word = explode(' ', $_fields->rank);
if (sizeof($rank_word) > 10) {
$error[] = 'RANK_TOO_LONG';
}
if (!sizeof($error)) {
$rank_limit = 15;
foreach ($rank_word as $each) {
if (preg_match_all('#\&.*?\;#is', $each, $each_preg)) {
foreach ($each_preg[0] as $each_preg_each) {
$rank_limit += (strlen($each_preg_each) - 1);
}
}
if (strlen($each) > $rank_limit) {
$error[] = 'RANK_TOO_LONG';
break;
}
}
}
}
// Rank
if (!empty($_fields->rank) && !sizeof($error)) {
$sql = 'SELECT rank_id
FROM _ranks
WHERE rank_title = ?';
if (!$rank_id = sql_field(sql_filter($sql, $_fields->rank), 'rank_id', 0)) {
$insert = array(
'rank_title' => $_fields->rank,
'rank_min' => -1,
'rank_max' => -1,
'rank_special' => 1
);
$rank_id = sql_insert('ranks', $insert);
}
if ($user->d('user_rank')) {
$sql = 'SELECT user_id
FROM _members
WHERE user_rank = ?';
$size_rank = sql_rowset(sql_filter($sql, $user->d('user_rank')), false, 'user_id');
if (sizeof($size_rank) == 1) {
$sql = 'DELETE FROM _ranks
WHERE rank_id = ?';
sql_query(sql_filter($sql, $user->d('user_rank')));
}
}
$_fields->rank = $rank_id;
$cache->delete('ranks');
}
if (!$_fields->birthday_month || !$_fields->birthday_day || !$_fields->birthday_year) {
$error[] = 'EMPTY_BIRTH_MONTH';
}
// Update user avatar
if (!sizeof($error)) {
$upload->avatar_process($user->d('username_base'), $_fields, $error);
}
if (!sizeof($error)) {
if (!empty($_fields->sig)) {
$_fields->sig = $comments->prepare($_fields->sig);
}
$_fields->birthday = (string) (leading_zero($_fields->birthday_year) . leading_zero($_fields->birthday_month) . leading_zero($_fields->birthday_day));
unset($_fields->birthday_day, $_fields->birthday_month, $_fields->birthday_year);
$_fields->dateformat = 'd M Y H:i';
$_fields->hideuser = $user->d('user_hideuser');
$_fields->email_dc = $user->d('user_email_dc');
$member_data = w();
foreach ($_fields as $field => $value) {
if ($value != $user->d($field)) {
$member_data['user_' . $field] = $_fields->$field;
}
}
if (sizeof($member_data)) {
$sql = 'UPDATE _members SET ' . sql_build('UPDATE', $member_data) . sql_filter('
WHERE user_id = ?', $user->d('user_id'));
$sql = 'UPDATE _members SET ??
WHERE user_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', $member_data), $user->d('user_id')));
}
redirect(s_link('m', $user->d('username_base')));
}
}
if (sizeof($error)) {
_style('error', array(
'MESSAGE' => parse_error($error))
);
}
if ($user->d('user_avatar')) {
_style('current_avatar', array(
'IMAGE' => $config['assets_url'] . 'avatars/' . $user->d('user_avatar'))
);
}
$s_genders_select = '';
foreach (array(1 => 'MALE', 2 => 'FEMALE') as $id => $value) {
$s_genders_select .= '<option value="' . $id . '"' . (($_fields->gender == $id) ? ' selected="true"' : '') . '>' . lang($value) . '</option>';
}
_style('gender', array(
'GENDER_SELECT' => $s_genders_select)
);
$s_day_select = '';
for ($i = 1; $i < 32; $i++) {
$s_day_select .= '<option value="' . $i . '"' . (($_fields->birthday_day == $i) ? ' selected="true"' : '') . '>' . $i . '</option>';
}
$s_month_select = '';
$months = array('January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December');
foreach ($months as $id => $value) {
$s_month_select .= '<option value="' . ($id + 1) . '"' . (($_fields->birthday_month == ($id + 1)) ? ' selected="true"' : '') . '>' . $user->lang['datetime'][$value] . '</option>';
}
$s_year_select = '';
for ($i = 2005; $i > 1899; $i--) {
$s_year_select .= '<option value="' . $i . '"' . (($_fields->birthday_year == $i) ? ' selected="true"' : '') . '>' . $i . '</option>';
}
_style('birthday', array(
'DAY' => $s_day_select,
'MONTH' => $s_month_select,
'YEAR' => $s_year_select)
);
$dateset = w();
$dateformat_select = '';
foreach ($dateset as $id => $value) {
$dateformat_select .= '<option value="' . $id . '"' . (($value == $_fields->dateformat) ? ' selected="selected"' : '') . '>' . $user->format_date(time(), $value) . '</option>';
}
$timezone_select = '';
foreach ($user->lang['zones'] as $id => $value) {
$timezone_select .= '<option value="' . $id . '"' . (($id == $_fields->timezone) ? ' selected="selected"' : '') . '>' . $value . '</option>';
}
unset($_fields->timezone, $_fields->dateformat);
if ($user->d('rank')) {
$sql = 'SELECT rank_title
FROM _ranks
WHERE rank_id = ?';
$_fields->rank = sql_field(sql_filter($sql, $user->d('rank')), 'rank_title', '--');
}
$output_vars = array(
'DATEFORMAT' => $dateformat_select,
'TIMEZONE' => $timezone_select,
'HIDEUSER_SELECTED' => ($_fields->hideuser) ? ' checked="checked"' : '',
'EMAIL_DC_SELECTED' => ($_fields->email_dc) ? ' checked="checked"' : ''
);
foreach ($_fields as $field => $value) {
$output_vars[strtoupper($field)] = $value;
}
v_style($output_vars);
$this->_title = 'MEMBER_OPTIONS';
$this->_template = 'profile';
return;
}
function sql_insert($table, $insert) {
$sql = 'INSERT INTO _' . $table . sql_build('INSERT', $insert);
return sql_query_nextid($sql);
}
<?php
define('IN_EX', true);
include '../includes/common.php';
$user->session_start();
$user->plogin();
$user->session_auth();
$sql = "SELECT *\n\tFROM _prov\n\tWHERE p_nit LIKE '%-%'";
$result = sql_rowset($sql);
foreach ($result as $row) {
$new_nit = str_replace(array('-', ' '), array('', ''), $row['p_nit']);
$sql = 'SELECT *
FROM _prov
WHERE p_nit = ?';
if (!($row2 = sql_fieldrow(sql_filter($sql, $new_nit)))) {
$sql_insert = array('p_nit' => $new_nit, 'p_name' => $row['p_name']);
$sql = 'INSERT INTO _prov' . sql_build('INSERT', $sql_insert);
sql_query($sql);
echo $sql . '*' . sql_affectedrows() . '<br />';
}
$sql = 'UPDATE _constancia SET c_nit = ?
WHERE c_nit = ?';
sql_query(sql_filter($sql, $new_nit, $row['p_nit']));
echo $sql . '*' . sql_affectedrows() . '<br />';
$sql = 'DELETE FROM _prov
WHERE p_nit = ?';
sql_query(sql_filter($sql, $row['p_nit']));
echo $sql . '*' . sql_affectedrows() . '<br />';
echo '<br />';
}
public function _panel() {
global $user, $config, $template;
$this->data['layout'] = request_var('layout', '');
$this->_auth();
if (!$this->data['layout']) {
$this->data['layout'] = 'main';
}
switch ($this->data['layout']) {
case 'website':
case 'favorites':
case 'vote':
$this->call_layout();
break;
default:
$this->_make(true);
/*
Build nav menu
*/
/*$s_layout = w();
$s_layout['a']['_01'] = true;
$s_layout['a']['_02'] = ($this->data['bio'] != '') ? true : false;
$s_layout['a']['_04'] = ($this->data['images'] > 1) ? true : false;
$s_layout['a']['_06'] = ($this->data['lirics'] > 0) ? true : false;
$s_layout['a']['_09'] = ($this->data['layout'] == 9) ? true : false;
$s_layout['a']['_12'] = ($this->data['layout'] == 12) ? true : false;
$s_layout['a']['_18'] = ($this->data['a_video'] > 0) ? true : false;
*/
$available = w();
foreach ($this->layout as $i => $row) {
if ($this->data['layout'] == $row['tpl']) {
$this->data['template'] = $row['tpl'];
}
if ($this->{'_' . $row['tpl']}()) {
$available[$row['tpl']] = true;
_style('nav', array(
'LANG' => lang($row['text']))
);
if ($this->data['layout'] == $row['tpl']) {
_style('nav.strong');
} else {
$tpl = ($row['tpl'] == 'main') ? '' : $row['tpl'];
_style('nav.a', array(
'URL' => s_link('a', $this->data['subdomain'], $tpl))
);
}
}
}
if (!isset($available[$this->data['layout']])) {
redirect(s_link('a', $this->data['subdomain']));
}
$this->_make();
//_pre($available, true);
/*foreach ($this->layout as $item => $data) {
$s_layout['x'][$item] = $data['code'];
if ($data['text'] == '') {
$s_layout['e'][$item] = $data['code'];
}
if (isset($s_layout['a'][$item]) && $s_layout['a'][$item] && $data['tpl'] != '') {
$s_layout['s'][$data['code']] = $data;
}
if (($this->data['layout'] == $data['code']) && $data['tpl'] != '') {
$this->data['template'] = $data['tpl'];
}
}
if (!in_array($this->data['layout'], $s_layout['x']) || (!isset($s_layout['s'][$this->data['layout']]) && !in_array($this->data['layout'], $s_layout['e']))) {
redirect(s_link('a', $this->data['subdomain']));
}*/
//
// Call selected layout
//
$this->call_layout();
//
// Build nav
//
/*foreach ($s_layout['s'] as $data) {
_style('nav', array(
'LANG' => lang($data['text']))
);
if ($this->data['layout'] == $data['code']) {
_style('nav.strong');
continue;
}
if ($data['code'] === 1) $data['code'] = '';
_style('nav.a', array(
'URL' => s_link('a', $this->data['subdomain'], $data['code']))
);
}*/
//
// Update stats
//
if (!$this->auth['mod']) {
$update_views = false;
$current_time = time();
$current_month = date('Ym', $current_time);
if ($this->auth['user']) {
$sql_viewers = array(
'datetime' => (int) $current_time,
'user_ip' => $user->ip
);
$sql_viewers2 = array(
'ub' => (int) $this->data['ub'],
'user_id' => (int) $user->d('user_id')
);
$sql = 'UPDATE _artists_viewers SET ??
WHERE ??';
sql_query(sql_filter($sql, sql_build('UPDATE', $sql_viewers), sql_build('SELECT', $sql_viewers2)));
if (!sql_affectedrows()) {
$update_views = true;
$sql_stats = array('ub' => (int) $this->data['ub'], 'date' => (int) $current_month);
sql_insert('artists_viewers', $sql_viewers + $sql_viewers2);
$sql = 'UPDATE _artists_stats SET members = members + 1
WHERE ??';
sql_query(sql_filter($sql, sql_build('SELECT', $sql_stats)));
if (!sql_affectedrows()) {
$sql_insert = array(
'members' => 1,
'guests' => 0
);
sql_insert('artists_stats', $sql_stats + $sql_insert);
}
$sql = 'SELECT user_id
FROM _artists_viewers
WHERE ub = ?
ORDER BY datetime DESC
LIMIT 10, 1';
if ($row = sql_fieldrow(sql_filter($sql, $this->data['ub']))) {
$sql = 'DELETE FROM _artists_viewers
WHERE ub = ?
AND user_id = ?';
sql_query(sql_filter($sql, $this->data['ub'], $row['user_id']));
}
}
}
$_ps = request_var('ps', 0);
if ((($this->auth['user'] && $update_views) || (!$this->auth['user'] && $this->data['layout'] == 1)) && !$_ps) {
$sql = 'UPDATE _artists SET views = views + 1
WHERE ub = ?';
sql_query(sql_filter($sql, $this->data['ub']));
$this->data['views']++;
if ((!$this->auth['user'] && $this->data['layout'] == 1) && !$_ps) {
$sql_stats = array(
'ub' => (int) $this->data['ub'],
'date' => (int) $current_month
);
$sql = 'UPDATE _artists_stats SET guests = guests + 1
WHERE ??';
sql_query(sql_filter($sql, sql_build('SELECT', $sql_stats)));
if (!sql_affectedrows()) {
$sql_insert = array(
'members' => 0,
'guests' => 1
);
sql_insert('artists_stats', $sql_stats + $sql_insert);
}
}
}
}
//
// Own events
//
$timezone = $config['board_timezone'] * 3600;
list($d, $m, $y) = explode(' ', gmdate('j n Y', time() + $user->timezone + $user->dst));
$midnight = gmmktime(0, 0, 0, $m, $d, $y) - $user->timezone - $user->dst;
$g = getdate($midnight);
$week = mktime(0, 0, 0, $m, ($d + (7 - ($g['wday'] - 1)) - (!$g['wday'] ? 7 : 0)), $y) - $timezone;
$sql = 'SELECT *
FROM _events e, _artists_events ae
WHERE ae.a_artist = ?
AND ae.a_event = e.id
ORDER BY e.date';
$result = sql_rowset(sql_filter($sql, $this->data['ub']));
$events = w();
foreach ($result as $row) {
if ($row['date'] >= $midnight) {
if ($row['date'] >= $midnight && $row['date'] < $midnight + 86400) {
$events['is_today'][] = $row;
} else if ($row['date'] >= $midnight + 86400 && $row['date'] < $midnight + (86400 * 2)) {
$events['is_tomorrow'][] = $row;
} else if ($row['date'] >= $midnight + (86400 * 2) && $row['date'] < $week) {
$events['is_week'][] = $row;
} else {
$events['is_future'][] = $row;
}
} else if ($row['images']) {
$events['is_gallery'][] = $row;
}
}
if (isset($events['is_gallery']) && sizeof($events['is_gallery'])) {
$gallery = $events['is_gallery'];
@krsort($gallery);
_style('events_gallery');
foreach ($gallery as $row) {
_style('events_gallery.item', array(
'URL' => s_link('events', $row['event_alias']),
'TITLE' => $row['title'],
'DATETIME' => $user->format_date($row['date'], lang('date_format')))
);
}
unset($events['is_gallery']);
}
if (sizeof($events)) {
_style('events_future');
foreach ($events as $is_date => $data) {
_style('events_future.set', array(
'L_TITLE' => lang('ue_' . $is_date))
);
foreach ($data as $item) {
_style('events_future.set.row', array(
'ITEM_ID' => $item['id'],
'TITLE' => $item['title'],
'DATE' => $user->format_date($item['date']),
'THUMBNAIL' => $config['events_url'] . 'future/thumbnails/' . $item['id'] . '.jpg',
'SRC' => $config['events_url'] . 'future/' . $item['id'] . '.jpg')
);
}
}
}
//
// Poll
//
$user_voted = false;
if ($this->auth['user'] && !$this->auth['mod']) {
$sql = 'SELECT *
FROM _artists_voters
WHERE ub = ?
AND user_id = ?';
if (sql_fieldrow(sql_filter($sql, $this->data['ub'], $user->d('user_id')))) {
$user_voted = true;
}
}
_style('ub_poll');
if ($this->auth['mod'] || !$this->auth['user'] || $user_voted) {
$sql = 'SELECT option_id, vote_result
FROM _artists_votes
WHERE ub = ?
ORDER BY option_id';
$results = sql_rowset(sql_filter($sql, $this->data['ub']), 'option_id', 'vote_result');
_style('ub_poll.results');
foreach ($this->voting['ub'] as $item) {
$vote_result = (isset($results[$item])) ? intval($results[$item]) : 0;
$vote_percent = ($this->data['votes'] > 0) ? $vote_result / $this->data['votes'] : 0;
_style('ub_poll.results.item', array(
'CAPTION' => lang('ub_vc' . $item),
'RESULT' => $vote_result,
'PERCENT' => sprintf("%.1d", ($vote_percent * 100)))
);
}
} else {
_style('ub_poll.options', array(
'S_VOTE_ACTION' => s_link('a', $this->data['subdomain'], 'vote'))
);
foreach ($this->voting['ub'] as $item) {
_style('ub_poll.options.item', array(
'ID' => $item,
'CAPTION' => lang('ub_vc' . $item))
);
}
}
//
// Downloads
//
if ($this->data['um'] || $this->data['uv']) {
$sql = 'SELECT *
FROM _dl
WHERE ub = ?
ORDER BY ud, title';
$this->ud_song = sql_rowset(sql_filter($sql, $this->data['ub']), 'ud', false, true);
foreach ($this->ud_song as $key => $data) {
$download_type = $this->dl_type($key);
_style('ud_block', array('LANG' => $download_type['lang']));
foreach ($data as $song) {
_style('ud_block.item', array(
'TITLE' => $song['title'])
);
if (isset($this->dl_data['id']) && ($song['id'] == $this->dl_data['id'])) {
_style('ud_block.item.strong');
continue;
}
_style('ud_block.item.a', array(
'URL' => s_link('a', $this->data['subdomain'], 'downloads', $song['id']))
);
}
}
}
//
// Fan count
//
$sql = 'SELECT COUNT(user_id) AS fan_count
FROM _artists_fav
WHERE ub = ?
ORDER BY joined DESC';
$fan_count = sql_field(sql_filter($sql, $this->data['ub']), 'fan_count', 0);
//
// Make fans
//
if (!$this->auth['mod'] && !$this->auth['smod']) {
_style('make_fans', array(
'FAV_URL' => s_link('a', $this->data['subdomain'], 'favorites'),
'FAV_LANG' => ($this->auth['fav']) ? '' : lang('ub_fav_add'))
);
}
//
// Set template
//
v_style(array(
'INACTIVE' => !$this->data['a_active'],
'UNAME' => $this->data['name'],
'GENRE' => $this->data['genre'],
'POSTS' => number_format($this->data['posts']),
'VOTES' => number_format($this->data['votes']),
'FANS' => $fan_count,
'L_FANS' => ($fan_count == 1) ? lang('fan') : lang('fans'),
'LOCATION' => ($this->data['local']) ? (($this->data['location'] != '') ? $this->data['location'] . ', ' : '') . 'Guatemala' : $this->data['location'])
);
$template->set_filenames(array(
'a_body' => 'artists.' . $this->data['template'] . '.htm')
);
$template->assign_var_from_handle('UB_BODY', 'a_body');
break;
}
return;
}
function sql_put($table, $assoc)
{
global $database;
$sql = 'INSERT INTO ' . $table . sql_build('INSERT', $assoc);
if (!($result = $database->query($sql))) {
return false;
}
return $database->nextid();
}
public function object() {
global $auth, $user, $config, $comments, $upload;
$mode = request_var('mode', '');
switch ($mode) {
case 'view':
case 'fav':
case 'rsvp':
$download_id = request_var('download_id', 0);
if (!$download_id) {
redirect(s_link('events', $this->v('event_alias')));
}
switch ($mode) {
case 'view':
$sql = 'SELECT e.*, COUNT(e2.image) AS prev_images
FROM _events_images e, _events_images e2
WHERE e.event_id = ?
AND e.event_id = e2.event_id
AND e.image = ?
AND e2.image <= ?
GROUP BY e.image
ORDER BY e.image ASC';
$sql = sql_filter($sql, $this->v('id'), $download_id, $download_id);
break;
case 'rsvp':
$sql = '';
break;
default:
$sql = 'SELECT e2.*
FROM _events_images e2
LEFT JOIN _events e ON e.id = e2.event_id
WHERE e2.event_id = ?
AND e2.image = ?';
$sql = sql_filter($sql, $this->v('id'), $download_id);
break;
}
if (!empty($sql)) {
if (!$imagedata = sql_fieldrow($sql)) {
redirect(s_link('events', $this->v('event_alias')));
}
}
break;
}
switch ($mode) {
case 'fav':
if (!$user->is('member')) {
do_login();
}
$sql = 'SELECT *
FROM _events_fav
WHERE event_id = ?
AND image_id = ?
AND member_id = ?';
if ($row = sql_fieldrow(sql_filter($sql, $this->v('id'), $imagedata['image'], $user->d('user_id')))) {
$sql = 'UPDATE _events_fav SET fav_date = ?
WHERE event_id = ?
AND image_id = ?';
sql_query(sql_filter($sql, time(), $this->v('id'), $imagedata['image']));
} else {
$sql_insert = array(
'event_id' => (int) $this->v('id'),
'image_id' => (int) $imagedata['image'],
'member_id' => (int) $user->d('user_id'),
'fav_date' => time()
);
sql_insert('events_fav', $sql_insert);
}
redirect(s_link('events', $this->v('event_alias'), $imagedata['image'], 'view'));
break;
case 'rsvp':
$choice = array_key(array_keys(request_var('choice', array(0 => ''))), 0);
$topic_id = $this->v('event_topic');
if (!$topic_id) {
fatal_error();
}
if (!$choice) {
redirect(s_link('events', $this->v('event_alias')));
}
if (!$user->is('member')) {
do_login();
}
$sql = 'SELECT vd.vote_id
FROM _poll_options vd, _poll_results vr
WHERE vd.topic_id = ?
AND vr.vote_id = vd.vote_id
AND vr.vote_option_id = ?
GROUP BY vd.vote_id';
if (!$vote_id = sql_field(sql_filter($sql, $topic_id, $choice), 'vote_id', 0)) {
fatal_error();
}
$sql = 'SELECT *
FROM _poll_voters
WHERE vote_id = ?
AND vote_user_id = ?';
if (!sql_fieldrow(sql_filter($sql, $vote_id, $user->d('user_id')))) {
$sql = 'UPDATE _poll_results SET vote_result = vote_result + 1
WHERE vote_id = ?
AND vote_option_id = ?';
sql_query(sql_filter($sql, $vote_id, $choice));
$insert_vote = array(
'vote_id' => (int) $vote_id,
'vote_user_id' => (int) $user->d('user_id'),
'vote_user_ip' => $user->ip,
'vote_cast' => (int) $choice
);
sql_insert('poll_voters', $insert_vote);
}
redirect(s_link('events', $this->v('event_alias')));
break;
case 'view':
default:
/**
* Generate thumbnail for events list.
*/
if ($user->is('colab') && !$this->v('images') && _button('create_thumbnail')) {
$location_large = $config['events_path'] . 'future/' . $this->v('id') . '.jpg';
$location_mini = $config['events_path'] . 'mini/' . $this->v('id') . '.jpg';
$x1 = request_var('x1', 0);
$y1 = request_var('y1', 0);
$x2 = request_var('x2', 0);
$y2 = request_var('y2', 0);
$w = request_var('w', 0);
$h = request_var('h', 0);
//Scale the image to the thumb_width set above
$scale = $config['events_thumb_width'] / $w;
$cropped = $upload->resizeThumbnailImage($location_mini, $location_large, $w, $h, $x1, $y1, $scale);
redirect(s_link('events'));
}
/**
* Normal operations
*/
$t_offset = request_var('offset', 0);
if ($mode == 'view') {
$sql = 'UPDATE _events_images
SET views = views + 1
WHERE event_id = ?
AND image = ?';
sql_query(sql_filter($sql, $this->v('id'), $imagedata['image']));
_style('selected', array(
'IMAGE' => $config['events_url'] . 'gallery/' . $this->v('id') . '/' . $imagedata['image'] . '.jpg',
'WIDTH' => $imagedata['width'],
'HEIGHT' => $imagedata['height'],
'FOOTER' => $imagedata['image_footer'])
);
if ($user->is('founder')) {
_style('selected.update', array(
'URL' => s_link('async eif'),
'EID' => $this->v('id'),
'PID' => $imagedata['image'])
);
}
$is_fav = false;
if ($user->is('member')) {
$sql = 'SELECT member_id
FROM _events_fav
WHERE event_id = ?
AND image_id = ?
AND member_id = ?';
if (sql_field(sql_filter($sql, $this->v('id'), $imagedata['image'], $user->d('user_id')), 'member_id', 0)) {
$is_fav = true;
}
}
if (!$is_fav || !$user->is('member')) {
_style('selected.fav', array(
'URL' => s_link('events', $this->v('id'), $imagedata['image'], 'fav'))
);
}
} else {
if (!$t_offset && $user->is('founder')) {
$sql = 'UPDATE _events SET views = views + 1
WHERE id = ?';
sql_query(sql_filter($sql, $this->v('id')));
}
}
$sql = 'SELECT t.topic_id, t.topic_title, t.topic_locked, t.topic_replies, t.topic_time, t.topic_important, t.topic_vote, t.topic_featured, t.topic_points, t.topic_last_post_id, f.forum_alias, f.forum_name, f.forum_locked, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_announce, f.auth_pollcreate, f.auth_vote
FROM _forum_topics t, _forums f
WHERE t.topic_id = ?
AND f.forum_id = t.forum_id';
if (!$event_topic = sql_fieldrow(sql_filter($sql, $this->v('event_topic')))) {
fatal_error();
}
$mod_auth = $user->is('mod');
$error = w();
$forum_id = $event_topic['forum_id'];
$submit_reply = _button('post');
$reply = request_var('reply', 0);
if ($reply) {
$post_reply = request_var('p', 0);
$sql = 'SELECT p.*, u.user_id, u.username
FROM _forum_posts p, _members u
WHERE p.post_id = ?
AND u.user_id = p.poster_id
AND p.post_deleted = 0';
if (!$post_data = sql_fieldrow(sql_filter($sql, $post_reply))) {
redirect(s_link('events', $this->v('event_alias')));
}
}
$is_auth = $auth->forum(AUTH_ALL, $forum_id, $event_topic);
$u_event_alias = s_link('events', $this->v('event_alias'));
$u_event_publish = ($reply) ? s_link('events', $this->v('event_alias'), $post_reply, 'reply') : $u_event_alias;
if ($submit_reply) {
$auth_key = 'auth_reply';
if (((!$is_auth['auth_view'] || !$is_auth['auth_read'])) || !$is_auth[$auth_key]) {
if (!$user->is('member')) {
do_login();
}
$can_reply_closed = $auth->option(array('forum', 'topics', 'delete'));
if (!$can_reply_closed && ($event_topic['forum_locked'] || $event_topic['topic_locked'])) {
$error[] = 'TOPIC_LOCKED';
}
if (sizeof($error)) {
redirect($u_event_alias);
}
}
$post_message = request_var('message', '', true);
if ($reply) {
$post_reply_message = request_var('reply_message', '', true);
}
// Check message
if (empty($post_message)) {
$error[] = 'EMPTY_MESSAGE';
}
if (sizeof($error)) {
redirect($u_event_alias);
}
if (!$mod_auth) {
$sql = 'SELECT MAX(post_time) AS last_post_time
FROM _forum_posts
WHERE poster_id = ?';
if ($last_post_time = sql_field(sql_filter($sql, $user->d('user_id')))) {
if (intval($last_post_time) > 0 && ($current_time - intval($last_post_time)) < intval($config['flood_interval'])) {
$error[] = 'FLOOD_ERROR';
}
}
}
if (sizeof($error)) {
redirect($u_event_alias);
}
$update_topic = w();
if (strstr($post_message, '-Anuncio-') && $user->is('mod')) {
$topic_announce = 1;
$post_message = str_replace('-Anuncio-', '', $post_message);
$update_topic['topic_announce'] = $topic_announce;
}
if (strstr($post_message, '-Cerrado-') && $user->is('mod')) {
$topic_locked = 1;
$post_message = str_replace('-Cerrado-', '', $post_message);
$update_topic['topic_locked'] = $topic_locked;
}
$post_message = $comments->prepare($post_message);
if ($reply && $post_reply_message != '') {
$post_reply_message = preg_replace('#(^|[\n ]|\()(http|https|ftp)://([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)(gif|jpg|jpeg|png)#ie', '', $post_reply_message);
}
if ($reply && empty($post_reply_message)) {
$post_reply_message = '...';
}
if ($reply && $post_reply_message != '') {
$post_message = '<blockquote><strong>' . $post_data['username'] . "</strong>" . nr(false, 2) . $post_reply_message . '</blockquote><br /> ' . $post_message;
} else {
$reply = 0;
}
$insert_data = array(
'topic_id' => (int) $this->v('event_topic'),
'forum_id' => (int) $forum_id,
'poster_id' => (int) $user->d('user_id'),
'post_time' => time(),
'poster_ip' => $user->ip,
'post_text' => $post_message,
'post_np' => ''
);
if ($reply) {
$insert_data['post_reply'] = $post_reply;
}
$post_id = sql_insert('forum_posts', $insert_data);
$user->delete_unread(UH_T, $this->v('event_topic'));
$user->save_unread(UH_T, $this->v('event_topic'));
//
$a_list = forum_for_team_list($forum_id);
if (count($a_list)) {
$sql_delete_unread = 'DELETE FROM _members_unread
WHERE element = ?
AND item = ?
AND user_id NOT IN (??)';
sql_query(sql_filter($sql, 8, $this->v('event_topic'), implode(', ', $a_list)));
}
$update_topic['topic_last_post_id'] = $post_id;
if ($topic_locked) {
topic_feature($topic_id, 0);
}
$sql = 'UPDATE _forums SET forum_posts = forum_posts + 1, forum_last_topic_id = ?
WHERE forum_id = ?';
sql_query(sql_filter($sql, $this->v('event_topic'), $forum_id));
$sql = 'UPDATE _forum_topics SET topic_replies = topic_replies + 1, ' . sql_build('UPDATE', $update_topic) . sql_filter('
WHERE topic_id = ?', $this->v('event_topic'));
sql_query($sql);
$sql = 'UPDATE _members SET user_posts = user_posts + 1
WHERE user_id = ?';
sql_query(sql_filter($sql, $user->d('user_id')));
redirect($u_event_alias);
}
// Get event thumbnails
$t_per_page = 18;
if ($mode == 'view' && $download_id) {
$val = 1;
$sql = 'SELECT MAX(image) AS total
FROM _events_images
WHERE event_id = ?';
if ($maximage = sql_field(sql_filter($sql, $this->v('id')), 'total', 0)) {
$val = ($download_id == $maximage) ? 2 : 1;
}
$t_offset = floor(($imagedata['prev_images'] - $val) / $t_per_page) * $t_per_page;
}
if ($this->v('images')) {
$exception_sql = (isset($download_id) && $download_id) ? sql_filter(' AND g.image <> ? ', $download_id) : '';
$sql = 'SELECT g.*
FROM _events e, _events_images g
WHERE e.id = ?
AND e.id = g.event_id ' .
$exception_sql . '
ORDER BY g.image ASC
LIMIT ??, ??';
if (!$result = sql_rowset(sql_filter($sql, $this->v('id'), $t_offset, $t_per_page))) {
redirect(s_link('events', $this->v('id')));
}
build_num_pagination(s_link('events', $this->v('id'), 's%d'), $this->v('images'), $t_per_page, $t_offset, 'IMG_');
_style('thumbnails');
foreach ($result as $row) {
_style('thumbnails.item', array(
'URL' => s_link('events', $this->v('event_alias'), $row['image'], 'view'),
'IMAGE' => $config['events_url'] . 'gallery/' . $this->v('id') . '/thumbnails/' . $row['image'] . '.jpg',
'RIMAGE' => $config['events_url'] . 'gallery/' . $this->v('id') . '/' . $row['image'] . '.jpg',
'FOOTER' => $row['image_footer'],
'WIDTH' => $row['width'],
'HEIGHT' => $row['height'])
);
}
// Credits
$sql = 'SELECT *
FROM _events_colab c, _members m
WHERE c.colab_event = ?
AND c.colab_uid = m.user_id
ORDER BY m.username';
if ($result = sql_rowset(sql_filter($sql, $this->v('id')))) {
_style('collab');
foreach ($result as $row) {
_style('collab.row', array(
'PROFILE' => s_link('m', $row['username_base']),
'USERNAME' => $row['username'])
);
}
}
} else {
_style('event_flyer', array(
'IMAGE_SRC' => $config['events_url'] . 'future/' . $this->v('id') . '.jpg?u=' . $this->v('event_update'))
);
$location_mini = $config['events_path'] . 'mini/' . $this->v('id') . '.jpg';
if ($user->is('colab') && !$this->v('images') && !@file_exists($location_mini)) {
$large_filepath = $config['events_path'] . 'future/' . $this->v('id') . '.jpg';
_style('event_flyer.thumbnail', array(
'ACTION' => $u_event_alias,
'SCALE' => ($config['events_thumb_height'] / $config['events_thumb_width']),
'THUMB_WIDTH' => $config['events_thumb_width'],
'THUMB_HEIGHT' => $config['events_thumb_height'],
'LARGE_WIDTH' => $upload->getWidth($large_filepath),
'LARGE_HEIGHT' => $upload->getHeight($large_filepath)
));
}
}
list($d, $m, $y) = explode(' ', gmdate('j n Y', time() + $user->timezone + $user->dst));
$midnight = gmmktime(0, 0, 0, $m, $d, $y) - $user->timezone - $user->dst;
$event_date = $user->format_date($this->v('date'), 'j F Y \a \l\a\s H:i') . ' horas.';
if ($this->v('date') >= $midnight) {
if ($this->v('date') >= $midnight && $this->v('date') < $midnight + 86400) {
$event_date_format = lang('event_today');
} else if ($this->v('date') >= $midnight + 86400 && $this->v('date') < $midnight + (86400 * 2)) {
$event_date_format = lang('event_tomorrow');
} else {
$event_date_format = sprintf(lang('event_after'), $event_date);
}
} else {
if ($this->v('date') >= ($midnight - 86400)) {
$event_date_format = lang('event_yesterday');
} else {
$event_date_format = sprintf(lang('event_before'), $event_date);
}
}
v_style(array(
'EVENT_NAME' => $this->v('title'),
'EVENT_DATE' => $event_date_format,
'EVENT_URL' => $u_event_alias,
'EVENT_PUBLISH' => $u_event_publish)
);
$posts_offset = request_var('ps', 0);
$topic_id = $this->v('event_topic');
// START RSVP
if ($topic_id) {
$sql = 'SELECT vd.vote_id, vd.vote_text, vd.vote_start, vd.vote_length, vr.vote_option_id, vr.vote_option_text, vr.vote_result
FROM _poll_options vd, _poll_results vr
WHERE vd.topic_id = ?
AND vr.vote_id = vd.vote_id
ORDER BY vr.vote_option_order, vr.vote_option_id ASC';
if ($vote_info = sql_rowset(sql_filter($sql, $topic_id))) {
$sql = 'SELECT vote_id
FROM _poll_voters
WHERE vote_id = ?
AND vote_user_id = ?';
$user_voted = sql_field(sql_filter($sql, $vote_info[0]['vote_id'], $user->d('user_id')), 'vote_id', 0);
$poll_expired = ($vote_info[0]['vote_length']) ? (($vote_info[0]['vote_start'] + $vote_info[0]['vote_length'] < time()) ? true : false) : false;
_style('poll', array(
'POLL_TITLE' => $vote_info[0]['vote_text'])
);
if ($user_voted || $poll_expired) {
_style('poll.results');
foreach ($vote_info as $row) {
if ($this->v('date') >= $midnight) {
$caption = ($row['vote_result'] == 1) ? lang('rsvp_future_one') : lang('rsvp_future_more');
} else {
$caption = ($row['vote_result'] == 1) ? lang('rsvp_past_one') : lang('rsvp_past_more');
}
_style('poll.results.item', array(
'CAPTION' => $caption,
'RESULT' => $row['vote_result'])
);
break;
}
} else {
_style('poll.options', array(
'S_VOTE_ACTION' => s_link('events', $this->v('event_alias'), 1, 'rsvp'))
);
foreach ($vote_info as $row) {
$caption = ($this->v('date') >= $midnight) ? lang('rsvp_future') : lang('rsvp_past');
_style('poll.options.item', array(
'ID' => $row['vote_option_id'],
'CAPTION' => $caption)
);
break;
}
}
}
}
// END RSVP
$sql = 'SELECT p.*, u.user_id, u.username, u.username_base, u.user_avatar, u.user_posts, u.user_gender, u.user_rank
FROM _forum_posts p, _members u
WHERE p.topic_id = ?
AND u.user_id = p.poster_id
AND p.post_deleted = 0
ORDER BY p.post_time DESC
LIMIT ??, ??';
if (!$messages = sql_rowset(sql_filter($sql, $topic_id, $posts_offset, $config['posts_per_page']))) {
redirect(s_link('events', $this->v('event_alias')));
}
if (!$posts_offset) {
//unset($messages[0]);
}
$i = 0;
foreach ($messages as $row) {
if (!$i) {
$controls = w();
$user_profile = w();
$unset_user_profile = array('user_id', 'user_posts', 'user_gender');
_style('messages');
}
if ($user->is('member')) {
$controls[$row['post_id']]['reply'] = s_link('events', $this->v('event_alias'), $row['post_id'], 'reply');
if ($mod_auth) {
$controls[$row['post_id']]['edit'] = s_link('acp', array('forums_post_modify', 'msg_id' => $row['post_id']));
$controls[$row['post_id']]['delete'] = s_link('acp', array('forums_post_delete', 'msg_id' => $row['post_id']));
}
}
$user_profile[$row['user_id']] = $comments->user_profile($row, '', $unset_user_profile);
$data = array(
'POST_ID' => $row['post_id'],
'DATETIME' => $user->format_date($row['post_time']),
'MESSAGE' => $comments->parse_message($row['post_text']),
'PLAYING' => $row['post_np'],
'DELETED' => $row['post_deleted']
);
foreach ($user_profile[$row['user_id']] as $key => $value) {
$data[strtoupper($key)] = $value;
}
_style('messages.row', $data);
if (isset($controls[$row['post_id']])) {
_style('messages.row.controls');
foreach ($controls[$row['post_id']] as $item => $url) {
_style('messages.row.controls.' . $item, array(
'URL' => $url)
);
}
}
$i++;
}
build_num_pagination(s_link('events', $this->v('event_alias'), 'ps%d'), $event_topic['topic_replies'], $config['posts_per_page'], $posts_offset, 'MSG_');
$publish_ref = ($posts_offset) ? s_link('events', $this->v('event_alias'), 's' . $t_offset) : s_link('events', $this->v('event_alias'));
// Posting box
if ($user->is('member')) {
_style('publish', array(
'REF' => $publish_ref)
);
if ($reply) {
if (empty($post_reply_message)) {
$post_reply_message = $comments->remove_quotes($post_data['post_text']);
}
if (!empty($post_reply_message)) {
$rx = array('#(^|[\n ]|\()(http|https|ftp)://([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)(gif|jpg|jpeg|png)#is', '#\[yt:[0-9a-zA-Z\-\=\_]+\]#is', '#\[sb\]#is', '#\[\/sb\]#is');
$post_reply_message = preg_replace($rx, '', $post_reply_message);
}
if (empty($post_reply_message)) {
$post_reply_message = '...';
}
_style('publish.reply', array(
'MESSAGE' => $post_reply_message)
);
}
}
break;
}
$this->_title = $this->v('title');
$this->_template = 'events.view';
return true;
}
// Check ranks
if ($user_rank_min > $user_rank_max) {
$error[] = 'El rango mínimo no puede ser mayor al rango máximo.';
}
if (!sizeof($error)) {
$update = array();
$changes = array('user_rank_min', 'user_rank_max');
foreach ($changes as $item) {
if (${$item} != $userdata[$item]) {
$update[$item] = ${$item};
}
}
if (sizeof($update)) {
$sql = 'UPDATE _users SET ??
WHERE user_id = ?';
sql_query(sql_filter($sql, sql_build('UPDATE', $update), $userid));
}
redirect('ranks');
} else {
$bypass_vars = array('user_rank_min' => $user_rank_min, 'user_rank_max' => $user_rank_max);
layout($screen, $error, $bypass_vars);
}
// IF @so: !$error
}
}
layout($screen);
//
// Functions
//
function layout($where = 1, $error = array(), $params = array())
{
xlog('pe.' . $search, 0, 0);
break;
case 'c':
$update_data = array('c_exe' => (int) $exencion, 'c_date' => (int) $new_date, 'c_nit' => $nit, 'c_text' => $desc);
$table = '_constancia';
$sql_where = sql_filter('c_exe = ?', $search);
xlog('e', $search);
break;
case 'f':
$update_data = array('f_serie' => $serie, 'f_date' => $new_date, 'f_total' => $total, 'f_exe' => $exencion, 'f_fact' => $factura);
$table = '_factura';
$sql_where = sql_filter('f_exe = ? AND f_fact = ?', $search2, $search);
xlog('e', $search2, $search);
break;
}
$sql = 'UPDATE ' . $table . ' SET ' . sql_build('UPDATE', $update_data) . '
WHERE ' . $sql_where;
sql_query($sql);
//
// End update
page_header();
submenu();
?>
<div class="vsep-pre"><div class="vsep1"> </div></div>
<div class="colorbox darkborder pad10" align="center">
<strong>La información fue actualizada.</strong><br /><br /><a class="red bold" href="<?php
echo s_link('edit', $screen);
?>
">Click para regresar</a>.
</div>
<?php