Ejemplo n.º 1
0
 function Update_msg($idtopic, $idmsg, $contents, $user_id_msg, $history = true)
 {
     global $Sql, $User, $Group, $CONFIG_FORUM;
     $edit_mark = !$User->check_auth($CONFIG_FORUM['auth'], EDIT_MARK_FORUM) ? ", timestamp_edit = '" . time() . "', user_id_edit = '" . $User->get_attribute('user_id') . "'" : '';
     $Sql->query_inject("UPDATE " . PREFIX . "forum_msg SET contents = '" . strparse($contents) . "'" . $edit_mark . " WHERE id = '" . $idmsg . "'", __LINE__, __FILE__);
     $nbr_msg_before = $Sql->query("SELECT COUNT(*) FROM " . PREFIX . "forum_msg WHERE idtopic = '" . $idtopic . "' AND id < '" . $idmsg . "'", __LINE__, __FILE__);
     $msg_page = ceil(($nbr_msg_before + 1) / $CONFIG_FORUM['pagination_msg']);
     $msg_page_rewrite = $msg_page > 1 ? '-' . $msg_page : '';
     $msg_page = $msg_page > 1 ? '&pt=' . $msg_page : '';
     if ($User->get_attribute('user_id') != $user_id_msg && $history) {
         forum_history_collector(H_EDIT_MSG, $user_id_msg, 'topic' . url('.php?id=' . $idtopic . $msg_page, '-' . $idtopic . $msg_page_rewrite . '.php', '&') . '#m' . $idmsg);
     }
     return $nbr_msg_before;
 }
Ejemplo n.º 2
0
 function send($pm_to, $pm_idconvers, $pm_contents, $pm_from, $pm_status, $check_pm_before_send = true)
 {
     global $Sql;
     if ($check_pm_before_send) {
         $info_convers = $Sql->query_array(DB_TABLE_PM_TOPIC . " ", "last_user_id", "user_view_pm", "WHERE id = '" . $pm_idconvers . "'", __LINE__, __FILE__);
         if ($info_convers['last_user_id'] != $pm_from && $info_convers['user_view_pm'] > 0) {
             $Sql->query_inject("UPDATE " . DB_TABLE_MEMBER . " SET user_pm = user_pm - '" . $info_convers['user_view_pm'] . "' WHERE user_id = '" . $pm_from . "'", __LINE__, __FILE__);
             $Sql->query_inject("UPDATE " . DB_TABLE_PM_TOPIC . "  SET user_view_pm = 0 WHERE id = '" . $pm_idconvers . "'", __LINE__, __FILE__);
         }
     }
     $Sql->query_inject("INSERT INTO " . DB_TABLE_PM_MSG . " (idconvers, user_id, contents, timestamp, view_status) VALUES('" . $pm_idconvers . "', '" . $pm_from . "', '" . strparse($pm_contents) . "', '" . time() . "', 0)", __LINE__, __FILE__);
     $this->pm_msg_id = $Sql->insert_id("SELECT MAX(id) FROM " . PREFIX . "pm_msg");
     $Sql->query_inject("UPDATE " . DB_TABLE_PM_TOPIC . "  SET user_view_pm = user_view_pm + 1, nbr_msg = nbr_msg + 1, last_user_id = '" . $pm_from . "', last_msg_id = '" . $this->pm_msg_id . "', last_timestamp = '" . time() . "' WHERE id = '" . $pm_idconvers . "'", __LINE__, __FILE__);
     $Sql->query_inject("UPDATE " . DB_TABLE_MEMBER . " SET user_pm = user_pm + 1 WHERE user_id = '" . $pm_to . "'", __LINE__, __FILE__);
 }
    function send_bbcode($mail_object, $message, $email_test = '')
    {
        global $_NEWSLETTER_CONFIG, $LANG, $Sql;
        $error_mailing_list = array();
        $message = stripslashes(strparse($message));
        $message = ContentSecondParser::export_html_text($message);
        $mail_contents = '<html>
<head><title>' . $mail_object . '</title></head><body>';
        $mail_contents .= $message;
        if ($email_test == '') {
            $nbr = $Sql->count_table('newsletter', __LINE__, __FILE__);
            $Sql->query_inject("INSERT INTO " . PREFIX . "newsletter_arch (title,message,timestamp,type,nbr) VALUES('" . addslashes($mail_object) . "', '" . addslashes($message) . "', '" . time() . "', 'bbcode', '" . $nbr . "')", __LINE__, __FILE__);
            $mailing_list = array();
            $result = $Sql->query_while("SELECT id, mail \n\t\t\tFROM " . PREFIX . "newsletter \n\t\t\tORDER BY id", __LINE__, __FILE__);
            while ($row = $Sql->fetch_assoc($result)) {
                $mailing_list[] = array($row['id'], $row['mail']);
            }
            $Sql->query_close($result);
            $mail_sender = new Mail();
            $mail_sender->set_sender($_NEWSLETTER_CONFIG['sender_mail']);
            $mail_sender->set_mime(MIME_FORMAT_HTML);
            $mail_sender->set_object($mail_object);
            foreach ($mailing_list as $array_mail) {
                $mail_sender->set_recipients($array_mail[1]);
                $mail_contents_end = '<br /><br /><a href="' . HOST . DIR . '/newsletter/newsletter.php?id=' . $array_mail[0] . '">' . $LANG['newsletter_unscubscribe_text'] . '</a></body></html>';
                $mail_sender->set_content($mail_contents . $mail_contents_end);
                if (!$mail_sender->send()) {
                    $error_mailing_list[] = $array_mail[1];
                }
            }
            return $error_mailing_list;
        } else {
            $mail_sender = new Mail();
            $mail_sender->set_sender($_NEWSLETTER_CONFIG['sender_mail']);
            $mail_sender->set_mime(MIME_FORMAT_HTML);
            $mail_sender->set_recipients($email_test);
            $mail_sender->set_content($mail_contents . '</body></html>');
            $mail_sender->set_object($mail_object);
            $mail_sender->send();
            return true;
        }
    }
Ejemplo n.º 4
0
        $Errorh->handler($LANG['require_cat_create'], E_USER_WARNING);
    }
    $Template->pparse('admin_web_management2');
} elseif (!empty($_POST['previs']) && !empty($id_post)) {
    $Template->set_filenames(array('admin_web_management' => 'web/admin_web_management2.tpl'));
    $row = $Sql->query_array(PREFIX . 'web', '*', "WHERE id = '" . $id . "'", __LINE__, __FILE__);
    $title = retrieve(POST, 'name', '', TSTRING_UNCHANGE);
    $contents = retrieve(POST, 'contents', '', TSTRING_UNCHANGE);
    $url = retrieve(POST, 'url', '', TSTRING_UNCHANGE);
    $idcat = retrieve(POST, 'idcat', 0);
    $compt = retrieve(POST, 'compt', 0);
    $aprob = retrieve(POST, 'aprob', 0);
    $aprob_enable = $aprob == 1 ? 'checked="checked"' : '';
    $aprob_disable = $aprob == 0 ? 'checked="checked"' : '';
    $cat = $Sql->query("SELECT name FROM " . PREFIX . "web_cat WHERE id = '" . $idcat . "'", __LINE__, __FILE__);
    $Template->assign_block_vars('web', array('NAME' => $title, 'CONTENTS' => second_parse(stripslashes(strparse($contents))), 'URL' => $url, 'IDCAT' => $idcat, 'CAT' => $cat, 'COMPT' => $compt, 'DATE' => gmdate_format('date_format_short'), 'MODULE_DATA_PATH' => $Template->get_module_data_path('web'), 'L_DESC' => $LANG['description'], 'L_DATE' => $LANG['date'], 'L_COM' => $LANG['com'], 'L_VIEWS' => $LANG['views'], 'L_NOTE' => $LANG['note'], 'L_CATEGORY' => $LANG['categorie']));
    $Template->assign_vars(array('MODULE_DATA_PATH' => $Template->get_module_data_path('web'), 'THEME' => get_utheme(), 'LANG' => get_ulang(), 'IDWEB' => $id_post, 'TITLE' => $title, 'KERNEL_EDITOR' => display_editor(), 'NAME' => $title, 'CONTENTS' => $contents, 'URL' => $url, 'IDWEB' => $row['id'], 'IDCAT' => $idcat, 'COMPT' => $compt, 'APROB_ENABLED' => $aprob_enable, 'APROB_DISABLED' => $aprob_disable, 'L_NOTE' => $LANG['note'], 'L_REQUIRE_NAME' => $LANG['require_title'], 'L_REQUIRE_URL' => $LANG['require_url'], 'L_REQUIRE_CAT' => $LANG['require_cat'], 'L_WEB_ADD' => $LANG['web_add'], 'L_WEB_MANAGEMENT' => $LANG['web_management'], 'L_WEB_CAT' => $LANG['cat_management'], 'L_WEB_CONFIG' => $LANG['web_config'], 'L_REQUIRE' => $LANG['require'], 'L_CATEGORY' => $LANG['categorie'], 'L_TITLE' => $LANG['title'], 'L_URL_LINK' => $LANG['url'], 'L_VIEWS' => $LANG['views'], 'L_DESC' => $LANG['description'], 'L_APROB' => $LANG['aprob'], 'L_YES' => $LANG['yes'], 'L_NO' => $LANG['no'], 'L_UPDATE' => $LANG['update'], 'L_PREVIEW' => $LANG['preview'], 'L_RESET' => $LANG['reset']));
    $i = 0;
    $result = $Sql->query_while("SELECT id, name \n\tFROM " . PREFIX . "web_cat", __LINE__, __FILE__);
    while ($row = $Sql->fetch_assoc($result)) {
        $selected = $row['id'] == $idcat ? ' selected="selected"' : '';
        $Template->assign_block_vars('select', array('CAT' => '<option value="' . $row['id'] . '"' . $selected . '>' . $row['name'] . '</option>'));
        $i++;
    }
    $Sql->query_close($result);
    if ($i == 0) {
        $Errorh->handler($LANG['require_cat_create'], E_USER_WARNING);
    }
    $Template->pparse('admin_web_management');
} elseif (!empty($_POST['valid']) && !empty($id_post)) {
    $title = retrieve(POST, 'name', '');
Ejemplo n.º 5
0
<?php

require_once '../admin/admin_begin.php';
define('TITLE', $LANG['administration']);
require_once '../admin/admin_header.php';
if (!empty($_POST['msg_mbr'])) {
    $config_member['activ_register'] = retrieve(POST, 'activ_register', 0);
    $config_member['msg_mbr'] = stripslashes(strparse(retrieve(POST, 'contents', '', TSTRING_AS_RECEIVED)));
    $config_member['msg_register'] = $CONFIG_USER['msg_register'];
    $config_member['activ_mbr'] = retrieve(POST, 'activ_mbr', 0);
    $config_member['verif_code'] = isset($_POST['verif_code']) && @extension_loaded('gd') ? numeric($_POST['verif_code']) : 0;
    $config_member['verif_code_difficulty'] = retrieve(POST, 'verif_code_difficulty', 2);
    $config_member['delay_unactiv_max'] = retrieve(POST, 'delay_unactiv_max', 0);
    $config_member['force_theme'] = retrieve(POST, 'force_theme', 0);
    $config_member['activ_up_avatar'] = retrieve(POST, 'activ_up_avatar', 0);
    $config_member['width_max'] = retrieve(POST, 'width_max', 120);
    $config_member['height_max'] = retrieve(POST, 'height_max', 120);
    $config_member['weight_max'] = retrieve(POST, 'weight_max', 20);
    $config_member['activ_avatar'] = retrieve(POST, 'activ_avatar', 0);
    $config_member['avatar_url'] = retrieve(POST, 'avatar_url', '');
    $Sql->query_inject("UPDATE " . DB_TABLE_CONFIGS . " SET value = '" . addslashes(serialize($config_member)) . "' WHERE name = 'member'", __LINE__, __FILE__);
    ###### Régénération du cache $CONFIG_USER #######
    $Cache->Generate_file('member');
    redirect(HOST . SCRIPT);
} else {
    $Template->set_filenames(array('admin_members_config' => 'admin/admin_members_config.tpl'));
    #####################Activation du mail par le membre pour s'inscrire##################
    $array = array(0 => $LANG['no_activ_mbr'], 1 => $LANG['mail'], 2 => $LANG['admin']);
    $activ_mode_option = '';
    foreach ($array as $key => $value) {
        $selected = $CONFIG_USER['activ_mbr'] == $key ? 'selected="selected"' : '';
Ejemplo n.º 6
0
        $img_array = array();
        $dh = @opendir($rep);
        while (!is_bool($lang = readdir($dh))) {
            if (preg_match('`\\.(gif|png|jpg|jpeg|tiff)+$`i', $lang)) {
                $img_array[] = $lang;
            }
        }
        closedir($dh);
        foreach ($img_array as $key => $img_path) {
            $selected = $img_path == $icon ? ' selected="selected"' : '';
            $image_list .= '<option value="' . $img_path . '"' . ($img_direct_path ? '' : $selected) . '>' . $img_path . '</option>';
        }
    }
    $Template->assign_block_vars('articles', array('IDARTICLES' => $id_post, 'TITLE' => $title, 'CATEGORIES' => $categories, 'IMG_PATH' => $img_direct_path ? $icon : '', 'IMG_ICON' => !empty($icon) ? '<img src="' . $icon . '" alt="" class="valign_middle" />' : '', 'IMG_LIST' => $image_list, 'CONTENTS' => $contents_preview, 'USER_ID' => $user_id, 'CURRENT_DATE' => $current_date, 'START' => !empty($start) && $visible == 2 ? $start : '', 'END' => !empty($end) && $visible == 2 ? $end : '', 'HOUR' => $hour, 'MIN' => $min, 'DAY_RELEASE_S' => !empty($start_timestamp) ? gmdate_format('d', $start_timestamp) : '', 'MONTH_RELEASE_S' => !empty($start_timestamp) ? gmdate_format('m', $start_timestamp) : '', 'YEAR_RELEASE_S' => !empty($start_timestamp) ? gmdate_format('Y', $start_timestamp) : '', 'DAY_RELEASE_E' => !empty($end_timestamp) ? gmdate_format('d', $end_timestamp) : '', 'MONTH_RELEASE_E' => !empty($end_timestamp) ? gmdate_format('m', $end_timestamp) : '', 'YEAR_RELEASE_E' => !empty($end_timestamp) ? gmdate_format('Y', $end_timestamp) : '', 'DAY_DATE' => !empty($current_date_timestamp) ? gmdate_format('d', $current_date_timestamp) : '', 'MONTH_DATE' => !empty($current_date_timestamp) ? gmdate_format('m', $current_date_timestamp) : '', 'YEAR_DATE' => !empty($current_date_timestamp) ? gmdate_format('Y', $current_date_timestamp) : '', 'VISIBLE_WAITING' => $visible == 2 ? 'checked="checked"' : '', 'VISIBLE_ENABLED' => $visible == 1 ? 'checked="checked"' : '', 'VISIBLE_UNAPROB' => $visible == 0 ? 'checked="checked"' : ''));
    $pseudo = $Sql->query("SELECT login FROM " . DB_TABLE_MEMBER . " WHERE user_id = '" . $user_id . "'", __LINE__, __FILE__);
    $Template->assign_block_vars('articles.preview', array('USER_ID' => $user_id, 'TITLE' => $title, 'CONTENTS' => second_parse(stripslashes(strparse($contents))), 'PSEUDO' => $pseudo, 'DATE' => gmdate_format('date_format_short')));
    $Template->assign_vars(array('KERNEL_EDITOR' => display_editor(), 'L_REQUIRE_TITLE' => $LANG['require_title'], 'L_REQUIRE_TEXT' => $LANG['require_text'], 'L_REQUIRE_CAT' => $LANG['require_cat'], 'L_ARTICLES_MANAGEMENT' => $LANG['articles_management'], 'L_ARTICLES_ADD' => $LANG['articles_add'], 'L_ARTICLES_CAT' => $LANG['cat_management'], 'L_ARTICLES_CONFIG' => $LANG['articles_config'], 'L_ARTICLES_CAT_ADD' => $LANG['articles_cats_add'], 'L_PREVIEW' => $LANG['preview'], 'L_COM' => $LANG['com'], 'L_WRITTEN_BY' => $LANG['written_by'], 'L_ON' => $LANG['on'], 'L_EDIT_ARTICLE' => $LANG['edit_article'], 'L_REQUIRE' => $LANG['require'], 'L_PAGE_PROMPT' => $LANG['page_prompt'], 'L_CATEGORY' => $LANG['category'], 'L_TITLE' => $LANG['title'], 'L_ARTICLE_ICON' => $LANG['article_icon'], 'L_OR_DIRECT_PATH' => $LANG['or_direct_path'], 'L_VIEWS' => $LANG['views'], 'L_YES' => $LANG['yes'], 'L_NO' => $LANG['no'], 'L_ARTICLES_DATE' => $LANG['articles_date'], 'L_RELEASE_DATE' => $LANG['release_date'], 'L_IMMEDIATE' => $LANG['immediate'], 'L_UNAPROB' => $LANG['unaprob'], 'L_UNTIL' => $LANG['until'], 'L_TEXT' => $LANG['content'], 'L_EXPLAIN_PAGE' => $LANG['explain_page'], 'L_UPDATE' => $LANG['update'], 'L_RESET' => $LANG['reset']));
    $Template->pparse('admin_articles_management');
} elseif (!empty($_POST['valid']) && !empty($id_post)) {
    $title = retrieve(POST, 'title', '');
    $icon = retrieve(POST, 'icon', '');
    $icon_path = retrieve(POST, 'icon_path', '');
    $contents = retrieve(POST, 'contents', '', TSTRING_PARSE);
    $idcat = retrieve(POST, 'idcat', 0);
    $current_date = retrieve(POST, 'current_date', '', TSTRING_UNCHANGE);
    $start = retrieve(POST, 'start', '', TSTRING_UNCHANGE);
    $end = retrieve(POST, 'end', '', TSTRING_UNCHANGE);
    $hour = retrieve(POST, 'hour', '', TSTRING_UNCHANGE);
    $min = retrieve(POST, 'min', '', TSTRING_UNCHANGE);
    $get_visible = retrieve(POST, 'visible', 0);
    if (!empty($icon_path)) {
Ejemplo n.º 7
0
load_module_lang('forum');
define('TITLE', $LANG['administration']);
require_once '../admin/admin_header.php';
require_once '../forum/forum_begin.php';
$idcat = retrieve(GET, 'idcat', 0);
$class = retrieve(GET, 'id', 0);
if (!empty($_POST['add'])) {
    $Cache->load('forum');
    $parent_category = retrieve(POST, 'category', 0);
    $name = retrieve(POST, 'name', '');
    $url = retrieve(POST, 'url', '');
    $type = retrieve(POST, 'type', '');
    $aprob = retrieve(POST, 'aprob', 0);
    $status = retrieve(POST, 'status', 0);
    $subname = retrieve(POST, 'desc', '', TSTRING_UNCHANGE);
    $subname = strparse($subname, array(4 => 'title', 5 => 'style', 8 => 'quote', 9 => 'hide', 10 => 'list', 15 => 'align', 16 => 'float', 19 => 'indent', 20 => 'pre', 21 => 'table', 22 => 'swf', 23 => 'movie', 24 => 'sound', 25 => 'code', 26 => 'math', 27 => 'anchor', 28 => 'acronym', 29 => 'block', 30 => 'fieldset', 31 => 'mail', 32 => 'line', 33 => 'wikipedia', 34 => 'html'));
    if ($type == 1) {
        $url = '';
        $parent_category = 0;
    } elseif ($type == 2) {
        $url = '';
    } else {
        $status = 1;
    }
    $array_auth_all = Authorizations::build_auth_array_from_form(READ_CAT_FORUM, WRITE_CAT_FORUM, EDIT_CAT_FORUM);
    if (!empty($name)) {
        if (isset($CAT_FORUM[$parent_category])) {
            $list_parent_cats = '';
            $result = $Sql->query_while("SELECT id\n\t\t\tFROM " . PREFIX . "forum_cats\n\t\t\tWHERE id_left <= '" . $CAT_FORUM[$parent_category]['id_left'] . "' AND id_right >= '" . $CAT_FORUM[$parent_category]['id_right'] . "'", __LINE__, __FILE__);
            while ($row = $Sql->fetch_assoc($result)) {
                $list_parent_cats .= $row['id'] . ', ';
Ejemplo n.º 8
0
function shoutbox_mini($position, $block)
{
    global $Cache, $LANG, $User, $CONFIG_SHOUTBOX, $nbr_members, $last_member_id, $last_member_login, $Sql;
    if (strpos(SCRIPT, '/shoutbox/shoutbox.php') === false) {
        load_module_lang('shoutbox');
        $Cache->load('shoutbox');
        ###########################Insertion##############################
        $shoutbox = retrieve(POST, 'shoutbox', false);
        if ($shoutbox) {
            if ($User->get_attribute('user_readonly') > time()) {
                $Errorh->handler('e_readonly', E_USER_REDIRECT);
            }
            $shout_pseudo = substr(retrieve(POST, 'shout_pseudo', $LANG['guest']), 0, 25);
            $shout_contents = retrieve(POST, 'shout_contents', '', TSTRING_UNCHANGE);
            if (!empty($shout_pseudo) && !empty($shout_contents)) {
                if ($User->check_level($CONFIG_SHOUTBOX['shoutbox_auth'])) {
                    $check_time = $User->get_attribute('user_id') !== -1 && $CONFIG['anti_flood'] == 1 ? $Sql->query("SELECT MAX(timestamp) as timestamp FROM " . PREFIX . "shoutbox WHERE user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__) : '';
                    if (!empty($check_time) && !$User->check_max_value(AUTH_FLOOD)) {
                        if ($check_time >= time() - $CONFIG['delay_flood']) {
                            redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=flood', '', '&'));
                        }
                    }
                    $shout_contents = strparse($shout_contents, $CONFIG_SHOUTBOX['shoutbox_forbidden_tags']);
                    if (!check_nbr_links($shout_pseudo, 0)) {
                        redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=lp_flood', '', '&'));
                    }
                    if (!check_nbr_links($shout_contents, $CONFIG_SHOUTBOX['shoutbox_max_link'])) {
                        redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=l_flood', '', '&'));
                    }
                    $Sql->query_inject("INSERT INTO " . PREFIX . "shoutbox (login, user_id, level, contents, timestamp) VALUES ('" . $shout_pseudo . "', '" . $User->get_attribute('user_id') . "', '" . $User->get_attribute('level') . "', '" . $shout_contents . "', '" . time() . "')", __LINE__, __FILE__);
                    redirect(HOST . url(SCRIPT . '?' . QUERY_STRING, '', '&'));
                } else {
                    redirect(HOST . DIR . '/shoutbox/shoutbox.php' . url('?error=auth', '', '&'));
                }
            }
        }
        ###########################Affichage##############################
        $tpl = new Template('shoutbox/shoutbox_mini.tpl');
        import('core/menu_service');
        MenuService::assign_positions_conditions($tpl, $block);
        if ($User->get_attribute('user_id') !== -1) {
            $tpl->assign_vars(array('SHOUTBOX_PSEUDO' => $User->get_attribute('login'), 'C_HIDDEN_SHOUT' => true));
        } else {
            $tpl->assign_vars(array('SHOUTBOX_PSEUDO' => $LANG['guest'], 'C_VISIBLE_SHOUT' => true));
        }
        $refresh_delay = empty($CONFIG_SHOUTBOX['shoutbox_refresh_delay']) ? 60 : $CONFIG_SHOUTBOX['shoutbox_refresh_delay'];
        $tpl->assign_vars(array('SID' => SID, 'SHOUT_REFRESH_DELAY' => (int) max($refresh_delay, 0), 'L_ALERT_TEXT' => $LANG['require_text'], 'L_ALERT_UNAUTH_POST' => $LANG['e_unauthorized'], 'L_ALERT_FLOOD' => $LANG['e_flood'], 'L_ALERT_LINK_FLOOD' => sprintf($LANG['e_l_flood'], $CONFIG_SHOUTBOX['shoutbox_max_link']), 'L_ALERT_LINK_PSEUDO' => $LANG['e_link_pseudo'], 'L_ALERT_INCOMPLETE' => $LANG['e_incomplete'], 'L_ALERT_READONLY' => $LANG['e_readonly'], 'L_DELETE_MSG' => $LANG['alert_delete_msg'], 'L_SHOUTBOX' => $LANG['title_shoutbox'], 'L_MESSAGE' => $LANG['message'], 'L_PSEUDO' => $LANG['pseudo'], 'L_SUBMIT' => $LANG['submit'], 'L_REFRESH' => $LANG['refresh'], 'L_ARCHIVES' => $LANG['archives']));
        $array_class = array('member', 'modo', 'admin');
        $result = $Sql->query_while("SELECT id, login, user_id, level, contents\n    \tFROM " . PREFIX . "shoutbox\n    \tORDER BY timestamp DESC\n    \t" . $Sql->limit(0, 25), __LINE__, __FILE__);
        while ($row = $Sql->fetch_assoc($result)) {
            $row['user_id'] = (int) $row['user_id'];
            if ($User->check_level(MODO_LEVEL) || $row['user_id'] === $User->get_attribute('user_id') && $User->get_attribute('user_id') !== -1) {
                $del_message = '<script type="text/javascript"><!--
    			document.write(\'<a href="javascript:Confirm_del_shout(' . $row['id'] . ');" title="' . $LANG['delete'] . '"><img src="' . TPL_PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/delete_mini.png" alt="" /></a>\');
    			--></script><ins><noscript><p><a href="' . TPL_PATH_TO_ROOT . '/shoutbox/shoutbox' . url('.php?del=true&amp;id=' . $row['id']) . '"><img src="' . TPL_PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/delete_mini.png" alt="" /></a></p></noscript></ins>';
            } else {
                $del_message = '';
            }
            if ($row['user_id'] !== -1) {
                $row['login'] = $del_message . ' <a style="font-size:10px;" class="' . $array_class[$row['level']] . '" href="' . TPL_PATH_TO_ROOT . '/member/member' . url('.php?id=' . $row['user_id'], '-' . $row['user_id'] . '.php') . '">' . (!empty($row['login']) ? wordwrap_html($row['login'], 16) : $LANG['guest']) . '</a>';
            } else {
                $row['login'] = $del_message . ' <span class="text_small" style="font-style: italic;">' . (!empty($row['login']) ? wordwrap_html($row['login'], 16) : $LANG['guest']) . '</span>';
            }
            $tpl->assign_block_vars('shout', array('IDMSG' => $row['id'], 'PSEUDO' => $row['login'], 'CONTENTS' => ucfirst(second_parse($row['contents']))));
        }
        $Sql->query_close($result);
        return $tpl->parse(TEMPLATE_STRING_MODE);
    }
    return '';
}
Ejemplo n.º 9
0
         redirect(HOST . SCRIPT . SID2 . '#m' . $previous_id);
     } elseif ($edit) {
         $Template->set_filenames(array('guestbook' => 'guestbook/guestbook.tpl'));
         if ($row['user_id'] !== -1) {
             $Template->assign_vars(array('C_HIDDEN_GUESTBOOK' => true, 'PSEUDO' => $row['login']));
         } else {
             $Template->assign_vars(array('C_VISIBLE_GUESTBOOK' => true, 'PSEUDO' => $row['login']));
         }
         $Template->assign_vars(array('UPDATE' => url('?update=1&amp;id=' . $id_get . '&amp;token=' . $Session->get_token()), 'CONTENTS' => unparse($row['contents']), 'KERNEL_EDITOR' => display_editor('guestbook_contents', $CONFIG_GUESTBOOK['guestbook_forbidden_tags']), 'DATE' => gmdate_format('date_format_short', $row['timestamp']), 'THEME' => get_utheme(), 'DISPLAY_FORBIDDEN_TAGS' => !empty($forbidden_tags) ? '[' . str_replace(', ', '], [', $forbidden_tags) . ']' : '', 'L_FORBIDDEN_TAGS' => !empty($forbidden_tags) ? $LANG['forbidden_tags'] : '', 'L_ALERT_TEXT' => $LANG['require_text'], 'L_UPDATE_MSG' => $LANG['update_msg'], 'L_REQUIRE' => $LANG['require'], 'L_MESSAGE' => $LANG['message'], 'L_PSEUDO' => $LANG['pseudo'], 'L_SUBMIT' => $LANG['update'], 'L_PREVIEW' => $LANG['preview'], 'L_RESET' => $LANG['reset']));
         $Template->pparse('guestbook');
     } elseif ($update) {
         $Session->csrf_get_protect();
         $guestbook_contents = retrieve(POST, 'guestbook_contents', '', TSTRING_UNCHANGE);
         $guestbook_pseudo = retrieve(POST, 'guestbook_pseudo', $LANG['guest']);
         if (!empty($guestbook_contents) && !empty($guestbook_pseudo)) {
             $guestbook_contents = strparse($guestbook_contents, $CONFIG_GUESTBOOK['guestbook_forbidden_tags']);
             if (!check_nbr_links($guestbook_contents, $CONFIG_GUESTBOOK['guestbook_max_link'])) {
                 redirect(HOST . SCRIPT . url('?error=l_flood', '', '&') . '#errorh');
             }
             $Sql->query_inject("UPDATE " . PREFIX . "guestbook SET contents = '" . $guestbook_contents . "', login = '******' WHERE id = '" . $id_get . "'", __LINE__, __FILE__);
             $Cache->Generate_module_file('guestbook');
             redirect(HOST . SCRIPT . SID2 . '#m' . $id_get);
         } else {
             $Errorh->handler('e_incomplete', E_USER_REDIRECT);
         }
     } else {
         redirect(HOST . SCRIPT . SID2);
     }
 } else {
     redirect(HOST . SCRIPT . SID2);
 }
Ejemplo n.º 10
0
 if ($User->get_attribute('user_readonly') > time()) {
     echo -6;
     exit;
 }
 $shout_pseudo = !empty($_POST['pseudo']) ? strprotect(utf8_decode($_POST['pseudo'])) : $LANG['guest'];
 $shout_contents = !empty($_POST['contents']) ? trim(utf8_decode($_POST['contents'])) : '';
 if (!empty($shout_pseudo) && !empty($shout_contents)) {
     if ($User->check_level($CONFIG_SHOUTBOX['shoutbox_auth'])) {
         $check_time = $User->get_attribute('user_id') !== -1 && $CONFIG['anti_flood'] == 1 ? $Sql->query("SELECT MAX(timestamp) as timestamp FROM " . PREFIX . "shoutbox WHERE user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__) : '';
         if (!empty($check_time) && !$User->check_max_value(AUTH_FLOOD)) {
             if ($check_time >= time() - $CONFIG['delay_flood']) {
                 echo -2;
                 exit;
             }
         }
         $shout_contents = strparse($shout_contents, $CONFIG_SHOUTBOX['shoutbox_forbidden_tags']);
         if (!check_nbr_links($shout_pseudo, 0)) {
             echo -3;
             exit;
         }
         if (!check_nbr_links($shout_contents, $CONFIG_SHOUTBOX['shoutbox_max_link'])) {
             echo -4;
             exit;
         }
         $Sql->query_inject("INSERT INTO " . PREFIX . "shoutbox (login, user_id, level, contents, timestamp) VALUES('" . $shout_pseudo . "', '" . $User->get_attribute('user_id') . "', '" . $User->get_attribute('level') . "', '" . $shout_contents . "', '" . time() . "')", __LINE__, __FILE__);
         $last_msg_id = $Sql->insert_id("SELECT MAX(id) FROM " . PREFIX . "shoutbox");
         $array_class = array('member', 'modo', 'admin');
         if ($User->get_attribute('user_id') !== -1) {
             $shout_pseudo = '<a href="javascript:Confirm_del_shout(' . $last_msg_id . ');" title="' . $LANG['delete'] . '"><img src="../templates/' . get_utheme() . '/images/delete_mini.png" alt="" /></a> <a style="font-size:10px;" class="' . $array_class[$User->get_attribute('level')] . '" href="../member/member' . url('.php?id=' . $User->get_attribute('user_id'), '-' . $User->get_attribute('user_id') . '.php') . '">' . (!empty($shout_pseudo) ? wordwrap_html($shout_pseudo, 16) : $LANG['guest']) . '</a>';
         } else {
             $shout_pseudo = '<span class="text_small" style="font-style: italic;">' . (!empty($shout_pseudo) ? wordwrap_html($shout_pseudo, 16) : $LANG['guest']) . '</span>';
Ejemplo n.º 11
0
function retrieve($var_type, $var_name, $default_value, $force_type = NULL, $flags = 0)
{
    $var = null;
    switch ($var_type) {
        case GET:
            if (isset($_GET[$var_name])) {
                $var = $_GET[$var_name];
            }
            break;
        case POST:
            if (isset($_POST[$var_name])) {
                $var = $_POST[$var_name];
            }
            break;
        case REQUEST:
            if (isset($_REQUEST[$var_name])) {
                $var = $_REQUEST[$var_name];
            }
            break;
        case COOKIE:
            if (isset($_COOKIE[$var_name])) {
                $var = $_COOKIE[$var_name];
            }
            break;
        case FILES:
            if (isset($_FILES[$var_name])) {
                $var = $_FILES[$var_name];
            }
            break;
        default:
            break;
    }
    if ($var === null || $flags & USE_DEFAULT_IF_EMPTY != 0 && empty($var)) {
        return $default_value;
    }
    $force_type = !isset($force_type) ? gettype($default_value) : $force_type;
    switch ($force_type) {
        case TINTEGER:
            return (int) $var;
        case TSTRING:
            return strprotect($var);
        case TSTRING_UNCHANGE:
            if (MAGIC_QUOTES) {
                $var = trim(stripslashes($var));
            } else {
                $var = trim($var);
            }
            return (string) $var;
        case TSTRING_PARSE:
            return strparse($var);
        case TBOOL:
            return (bool) $var;
        case TUNSIGNED_INT:
            $var = (int) $var;
            return $var > 0 ? $var : max(0, $default_value);
        case TUNSIGNED_DOUBLE:
            $var = (double) $var;
            return $var > 0.0 ? $var : max(0.0, $default_value);
        case TSTRING_HTML:
            return strprotect($var, HTML_NO_PROTECT);
        case TSTRING_AS_RECEIVED:
            return (string) $var;
        case TARRAY:
            return (array) $var;
        case TDOUBLE:
            return (double) $var;
        case TNONE:
            return $var;
        default:
            return $default_value;
    }
}
Ejemplo n.º 12
0
     if ($file_size > 1) {
         $size_tpl = $file_size . ' ' . $LANG['unit_megabytes'];
     } elseif ($file_size > 0) {
         $size_tpl = $file_size * 1024 . ' ' . $LANG['unit_kilobytes'];
     } else {
         $size_tpl = $DOWNLOAD_LANG['unknown_size'];
     }
     $creation_calendar = new MiniCalendar('creation');
     $creation_calendar->set_date($file_creation_date);
     $release_calendar = new MiniCalendar('release_date');
     $release_calendar->set_date($file_release_date);
     if ($file_visibility < 0 || $file_visibility > 2) {
         $file_visibility = 0;
     }
     $Template->assign_vars(array('C_DISPLAY_DOWNLOAD' => true, 'C_IMG' => !empty($file_image), 'C_EDIT_AUTH' => false, 'MODULE_DATA_PATH' => $Template->get_module_data_path('download'), 'NAME' => stripslashes($file_title), 'CONTENTS' => second_parse(stripslashes(strparse($file_contents))), 'CREATION_DATE' => $file_creation_date->format(DATE_FORMAT_SHORT), 'RELEASE_DATE' => $file_release_date->get_timestamp() > 0 ? $file_release_date->format(DATE_FORMAT_SHORT) : $DOWNLOAD_LANG['unknown_date'], 'SIZE' => $size_tpl, 'COUNT' => $file_hits, 'THEME' => get_utheme(), 'HITS' => sprintf($DOWNLOAD_LANG['n_times'], (int) $file_hits), 'NUM_NOTES' => sprintf($DOWNLOAD_LANG['num_notes'], 0), 'U_IMG' => $file_image, 'IMAGE_ALT' => str_replace('"', '\\"', $file_title), 'LANG' => get_ulang(), 'CONTRIBUTION_COUNTERPART' => $contribution_counterpart_source, 'CONTRIBUTION_COUNTERPART_PREVIEW' => second_parse(stripslashes($contribution_counterpart)), 'FORCE_DOWNLOAD_SELECTED' => $file_download_method == 'force_download' ? ' selected="selected"' : '', 'REDIRECTION_SELECTED' => $file_download_method != 'force_download' ? ' selected="selected"' : '', 'L_DATE' => $LANG['date'], 'L_SIZE' => $LANG['size'], 'L_DOWNLOAD' => $DOWNLOAD_LANG['download'], 'L_DOWNLOAD_FILE' => $DOWNLOAD_LANG['download_file'], 'L_FILE_INFOS' => $DOWNLOAD_LANG['file_infos'], 'L_INSERTION_DATE' => $DOWNLOAD_LANG['insertion_date'], 'L_RELEASE_DATE' => $DOWNLOAD_LANG['release_date'], 'L_DOWNLOADED' => $DOWNLOAD_LANG['downloaded'], 'L_NOTE' => $LANG['note'], 'APPROVED' => ' checked="checked"', 'U_DOWNLOAD_FILE' => url('count.php?id=' . $edit_file_id, 'file-' . $edit_file_id . '+' . url_encode_rewrite($file_title) . '.php')));
     $Template->assign_vars(array('C_CONTRIBUTION' => !$auth_write, 'TITLE' => stripslashes($file_title), 'COUNT' => $file_hits, 'DESCRIPTION' => htmlspecialchars(stripslashes($file_contents), ENT_COMPAT, 'ISO-8859-1'), 'SHORT_DESCRIPTION' => htmlspecialchars(stripslashes($file_short_contents), ENT_COMPAT, 'ISO-8859-1'), 'FILE_IMAGE' => $file_image, 'URL' => $file_url, 'SIZE_FORM' => $file_size, 'DATE' => $file_creation_date->format(DATE_FORMAT_SHORT, TIMEZONE_AUTO), 'CATEGORIES_TREE' => $auth_write ? $download_categories->build_select_form($file_cat_id, 'idcat', 'idcat', 0, DOWNLOAD_WRITE_CAT_AUTH_BIT, $CONFIG_DOWNLOAD['global_auth'], IGNORE_AND_CONTINUE_BROWSING_IF_A_CATEGORY_DOES_NOT_MATCH) : $download_categories->build_select_form($file_cat_id, 'idcat', 'idcat', 0, DOWNLOAD_CONTRIBUTION_CAT_AUTH_BIT, $CONFIG_DOWNLOAD['global_auth'], IGNORE_AND_CONTINUE_BROWSING_IF_A_CATEGORY_DOES_NOT_MATCH), 'SHORT_DESCRIPTION_PREVIEW' => second_parse(stripslashes(strparse($file_short_contents))), 'VISIBLE_WAITING' => $file_visibility == 2 ? ' checked="checked"' : '', 'VISIBLE_ENABLED' => $file_visibility == 1 ? ' checked="checked"' : '', 'VISIBLE_HIDDEN' => $file_visibility == 0 ? ' checked="checked"' : '', 'APPROVED' => $file_approved ? ' checked="checked"' : '', 'DATE_CALENDAR_CREATION' => $creation_calendar->display(), 'DATE_CALENDAR_RELEASE' => $release_calendar->display(), 'BOOL_IGNORE_RELEASE_DATE' => $ignore_release_date ? 'true' : 'false', 'STYLE_FIELD_RELEASE_DATE' => $ignore_release_date ? 'none' : 'block', 'IGNORE_RELEASE_DATE_CHECKED' => $ignore_release_date ? ' checked="checked"' : '', 'BEGINING_CALENDAR' => $begining_calendar->display(), 'END_CALENDAR' => $end_calendar->display()));
 } else {
     $file_creation_date = new Date(DATE_NOW, TIMEZONE_AUTO);
     $file_release_date = new Date(DATE_NOW, TIMEZONE_AUTO);
     $creation_calendar = new MiniCalendar('creation');
     $creation_calendar->set_date($file_creation_date);
     $release_calendar = new MiniCalendar('release_date');
     $ignore_release_date = false;
     if (!$ignore_release_date) {
         $release_calendar->set_date($file_release_date);
     }
     $begining_calendar = new MiniCalendar('begining_date');
     $end_calendar = new MiniCalendar('end_date');
     $end_calendar->set_style('margin-left:150px;');
     $begining_calendar->set_date(new Date(DATE_NOW, TIMEZONE_AUTO));
     $end_calendar->set_date(new Date(DATE_NOW, TIMEZONE_AUTO));
Ejemplo n.º 13
0
         $Template->assign_vars(array('C_FORUM_POST_TYPE' => true, 'CHECKED_NORMAL' => $type == 0 ? 'checked="ckecked"' : '', 'CHECKED_POSTIT' => $type == 1 ? 'checked="ckecked"' : '', 'CHECKED_ANNONCE' => $type == 2 ? 'checked="ckecked"' : '', 'L_TYPE' => '* ' . $LANG['type'], 'L_DEFAULT' => $LANG['default'], 'L_POST_IT' => $LANG['forum_postit'], 'L_ANOUNCE' => $LANG['forum_announce']));
     }
     $nbr_poll_field = 0;
     for ($i = 0; $i < 20; $i++) {
         $answer = retrieve(POST, 'a' . $i, '');
         if (!empty($anwser)) {
             $Template->assign_block_vars('answers_poll', array('ID' => $i, 'ANSWER' => stripslashes($anwser)));
             $nbr_poll_field++;
         }
     }
     for ($i = $nbr_poll_field; $i < 5; $i++) {
         $Template->assign_block_vars('answers_poll', array('ID' => $i, 'ANSWER' => ''));
         $nbr_poll_field++;
     }
     $poll_type = retrieve(POST, 'poll_type', 0);
     $Template->assign_vars(array('THEME' => get_utheme(), 'LANG' => get_ulang(), 'FORUM_NAME' => $CONFIG_FORUM['forum_name'], 'SID' => SID, 'MODULE_DATA_PATH' => $Template->get_module_data_path('forum'), 'TITLE' => $title, 'DESC' => $subtitle, 'CONTENTS' => $contents, 'KERNEL_EDITOR' => display_editor(), 'POLL_QUESTION' => $question, 'IDTOPIC' => 0, 'SELECTED_SIMPLE' => 'checked="ckecked"', 'NO_DISPLAY_POLL' => !empty($question) ? 'false' : 'true', 'NBR_POLL_FIELD' => $nbr_poll_field, 'SELECTED_SIMPLE' => $poll_type == 0 ? 'checked="ckecked"' : '', 'SELECTED_MULTIPLE' => $poll_type == 1 ? 'checked="ckecked"' : '', 'DATE' => $LANG['on'] . ' ' . gmdate_format('date_format'), 'CONTENTS_PREVIEW' => second_parse(stripslashes(strparse($contents))), 'C_FORUM_PREVIEW_MSG' => true, 'C_DELETE_POLL' => $is_modo ? true : false, 'C_ADD_POLL_FIELD' => $nbr_poll_field <= 19 ? true : false, 'U_ACTION' => 'post.php' . url('?update=1&amp;new=msg&amp;id=' . $id_get . '&amp;idt=' . $idt_get . '&amp;idm=' . $id_m . '&amp;token=' . $Session->get_token()), 'U_FORUM_CAT' => '<a href="forum' . url('.php?id=' . $id_get, '-' . $id_get . '.php') . '">' . $CAT_FORUM[$id_get]['name'] . '</a>', 'U_TITLE_T' => '<a href="topic' . url('.php?id=' . $idt_get, '-' . $idt_get . '.php') . '">' . $title . '</a>', 'L_ACTION' => $LANG['forum_edit_subject'], 'L_REQUIRE' => $LANG['require'], 'L_REQUIRE_TEXT' => $LANG['require_text'], 'L_REQUIRE_TITLE' => $LANG['require_title'], 'L_REQUIRE_TITLE_POLL' => $LANG['require_title_poll'], 'L_FORUM_INDEX' => $LANG['forum_index'], 'L_TITLE' => $LANG['title'], 'L_DESC' => $LANG['description'], 'L_MESSAGE' => $LANG['message'], 'L_SUBMIT' => $LANG['update'], 'L_PREVIEW' => $LANG['preview'], 'L_RESET' => $LANG['reset'], 'L_POLL' => $LANG['poll'], 'L_OPEN_MENU_POLL' => $LANG['open_menu_poll'], 'L_QUESTION' => $LANG['question'], 'L_POLL_TYPE' => $LANG['poll_type'], 'L_ANSWERS' => $LANG['answers'], 'L_SINGLE' => $LANG['simple_answer'], 'L_MULTIPLE' => $LANG['multiple_answer'], 'L_DELETE_POLL' => $LANG['delete_poll']));
     $Template->pparse('forum_post');
 } else {
     $Template->set_filenames(array('forum_post' => 'forum/forum_post.tpl', 'forum_top' => 'forum/forum_top.tpl', 'forum_bottom' => 'forum/forum_bottom.tpl'));
     $contents = $Sql->query("SELECT contents FROM " . PREFIX . "forum_msg WHERE id = '" . $id_first . "'", __LINE__, __FILE__);
     $get_error_e = retrieve(GET, 'errore', '');
     if ($get_error_e == 'incomplete_t') {
         $Errorh->handler($LANG['e_incomplete'], E_USER_NOTICE);
     }
     if ($is_modo) {
         $Template->assign_vars(array('C_FORUM_POST_TYPE' => true, 'CHECKED_NORMAL' => $topic['type'] == '0' ? 'checked="ckecked"' : '', 'CHECKED_POSTIT' => $topic['type'] == '1' ? 'checked="ckecked"' : '', 'CHECKED_ANNONCE' => $topic['type'] == '2' ? 'checked="ckecked"' : '', 'L_TYPE' => '* ' . $LANG['type'], 'L_DEFAULT' => $LANG['default'], 'L_POST_IT' => $LANG['forum_postit'], 'L_ANOUNCE' => $LANG['forum_announce']));
     }
     $poll = $Sql->query_array(PREFIX . 'forum_poll', 'question', 'answers', 'votes', 'type', "WHERE idtopic = '" . $idt_get . "'", __LINE__, __FILE__);
     $array_answer = explode('|', $poll['answers']);
     $array_votes = explode('|', $poll['votes']);
     $module_data_path = $Template->get_module_data_path('forum');
Ejemplo n.º 14
0
                     $Sql->query_inject("UPDATE " . DB_TABLE_PM_MSG . " SET contents = '" . $contents . "', timestamp = '" . time() . "' WHERE id = '" . $pm_edit . "'", __LINE__, __FILE__);
                 } else {
                     $Errorh->handler('e_auth', E_USER_REDIRECT);
                 }
             } else {
                 $Errorh->handler('e_incomplete', E_USER_REDIRECT);
             }
             redirect(HOST . DIR . '/member/pm' . url('.php?id=' . $pm['idconvers'], '-0-' . $pm['idconvers'] . '.php', '&') . '#m' . $pm_edit);
         } else {
             $Template->set_filenames(array('pm' => 'member/pm.tpl'));
             $Template->assign_vars(array('LANG' => get_ulang(), 'THEME' => get_utheme(), 'KERNEL_EDITOR' => display_editor(), 'L_REQUIRE_MESSAGE' => $LANG['require_text'], 'L_REQUIRE' => $LANG['require'], 'L_EDIT' => $LANG['edit'], 'L_PRIVATE_MESSAGE' => $LANG['private_message'], 'L_MESSAGE' => $LANG['message'], 'L_SUBMIT' => $LANG['update'], 'L_PREVIEW' => $LANG['preview'], 'L_RESET' => $LANG['reset']));
             $contents = retrieve(POST, 'contents', '', TSTRING_UNCHANGE);
             $title = retrieve(POST, 'title', '', TSTRING_UNCHANGE);
             $Template->assign_block_vars('edit_pm', array('CONTENTS' => (!empty($_POST['prw_convers']) xor !empty($_POST['prw'])) ? $contents : unparse($pm['contents']), 'U_ACTION_EDIT' => url('.php?edit=' . $pm_edit . '&amp;token=' . $Session->get_token()), 'U_PM_BOX' => '<a href="pm.php' . SID . '">' . $LANG['pm_box'] . '</a>', 'U_USER_VIEW' => '<a href="' . url('member.php?id=' . $User->get_attribute('user_id') . '&amp;view=1', 'member-' . $User->get_attribute('user_id') . '.php?view=1') . '">' . $LANG['member_area'] . '</a>'));
             if (!empty($_POST['prw_convers']) xor !empty($_POST['prw'])) {
                 $Template->assign_block_vars('edit_pm.show_pm', array('DATE' => gmdate_format('date_format'), 'CONTENTS' => second_parse(stripslashes(strparse($_POST['contents'])))));
             }
             if ($id_first == $pm_edit) {
                 $Template->assign_vars(array('SUBMIT_NAME' => 'convers', 'L_TITLE' => $LANG['title']));
                 $Template->assign_block_vars('edit_pm.title', array('TITLE' => (!empty($_POST['prw_convers']) xor !empty($_POST['prw'])) ? $title : $convers['title']));
             } else {
                 $Template->assign_vars(array('SUBMIT_NAME' => 'edit_pm'));
             }
             $Template->pparse('pm');
         }
     } else {
         $Errorh->handler('e_pm_noedit', E_USER_REDIRECT);
     }
 } else {
     $Errorh->handler('e_auth', E_USER_REDIRECT);
 }
Ejemplo n.º 15
0
     if ($news_size > 1) {
         $size_tpl = $news_size . ' ' . $LANG['unit_megabytes'];
     } elseif ($news_size > 0) {
         $size_tpl = $news_size * 1024 . ' ' . $LANG['unit_kilobytes'];
     } else {
         $size_tpl = $NEWS_LANG['unknown_size'];
     }
     $creation_calendar = new MiniCalendar('creation');
     $creation_calendar->set_date($news_creation_date);
     $release_calendar = new MiniCalendar('release_date');
     $release_calendar->set_date($news_release_date);
     if ($news_visibility < 0 || $news_visibility > 2) {
         $news_visibility = 0;
     }
     $Template->assign_vars(array('C_DISPLAY_NEWS' => true, 'C_IMG' => !empty($news_image), 'C_EDIT_AUTH' => false, 'MODULE_DATA_PATH' => $Template->get_module_data_path('news'), 'NAME' => stripslashes($news_title), 'CONTENTS' => second_parse(stripslashes(strparse($news_contents))), 'CREATION_DATE' => $news_creation_date->format(DATE_FORMAT_SHORT), 'RELEASE_DATE' => $news_release_date->get_timestamp() > 0 ? $news_release_date->format(DATE_FORMAT_SHORT) : $NEWS_LANG['unknown_date'], 'SIZE' => $size_tpl, 'COUNT' => $news_hits, 'THEME' => get_utheme(), 'HITS' => sprintf($NEWS_LANG['n_times'], (int) $news_hits), 'NUM_NOTES' => sprintf($NEWS_LANG['num_notes'], 0), 'U_IMG' => $news_image, 'IMAGE_ALT' => str_replace('"', '\\"', $news_title), 'LANG' => get_ulang(), 'L_DATE' => $LANG['date'], 'L_SIZE' => $LANG['size'], 'L_NEWS' => $NEWS_LANG['news'], 'L_NEWS_FILE' => $NEWS_LANG['news_news'], 'L_FILE_INFOS' => $NEWS_LANG['news_infos'], 'L_INSERTION_DATE' => $NEWS_LANG['insertion_date'], 'L_RELEASE_DATE' => $NEWS_LANG['release_date'], 'L_NEWSED' => $NEWS_LANG['newsed'], 'L_NOTE' => $LANG['note'], 'U_NEWS_FILE' => url('count.php?id=' . $edit_news_id, 'news-' . $edit_news_id . '+' . url_encode_rewrite($news_title) . '.php')));
     $Template->assign_vars(array('TITLE' => stripslashes($news_title), 'COUNT' => $news_hits, 'DESCRIPTION' => $news_contents, 'SHORT_DESCRIPTION' => $news_short_contents, 'FILE_IMAGE' => $news_image, 'URL' => $news_url, 'SIZE_FORM' => $news_size, 'DATE' => $news_creation_date->format(DATE_FORMAT_SHORT, TIMEZONE_AUTO), 'CATEGORIES_TREE' => $news_categories->build_select_form($news_cat_id, 'idcat', 'idcat', 0, WRITE_CAT_NEWS, $CONFIG_NEWS['global_auth'], IGNORE_AND_CONTINUE_BROWSING_IF_A_CATEGORY_DOES_NOT_MATCH), 'SHORT_DESCRIPTION_PREVIEW' => second_parse(stripslashes(strparse($news_short_contents))), 'VISIBLE_WAITING' => $news_visibility == 2 ? ' checked="checked"' : '', 'VISIBLE_ENABLED' => $news_visibility == 1 ? ' checked="checked"' : '', 'VISIBLE_UNAPROVED' => $news_visibility == 0 ? ' checked="checked"' : '', 'DATE_CALENDAR_CREATION' => $creation_calendar->display(), 'DATE_CALENDAR_RELEASE' => $release_calendar->display(), 'BOOL_IGNORE_RELEASE_DATE' => $ignore_release_date ? 'true' : 'false', 'STYLE_FIELD_RELEASE_DATE' => $ignore_release_date ? 'none' : 'block', 'IGNORE_RELEASE_DATE_CHECKED' => $ignore_release_date ? ' checked="checked"' : '', 'BEGINING_CALENDAR' => $begining_calendar->display(), 'END_CALENDAR' => $end_calendar->display()));
 } else {
     $news_creation_date = new Date(DATE_NOW, TIMEZONE_AUTO);
     $news_release_date = new Date(DATE_NOW, TIMEZONE_AUTO);
     $creation_calendar = new MiniCalendar('creation');
     $creation_calendar->set_date($news_creation_date);
     $release_calendar = new MiniCalendar('release_date');
     $ignore_release_date = false;
     if (!$ignore_release_date) {
         $release_calendar->set_date($news_release_date);
     }
     $begining_calendar = new MiniCalendar('begining_date');
     $end_calendar = new MiniCalendar('end_date');
     $end_calendar->set_style('margin-left:150px;');
     $begining_calendar->set_date(new Date(DATE_NOW, TIMEZONE_AUTO));
     $end_calendar->set_date(new Date(DATE_NOW, TIMEZONE_AUTO));
Ejemplo n.º 16
0
     $media_categories->recount_media_per_cat($media['idcat']);
     if ($media['approved']) {
         import('events/contribution');
         import('events/contribution_service');
         $corresponding_contributions = ContributionService::find_by_criteria('media', $media['idedit']);
         if (count($corresponding_contributions) > 0) {
             $media_contribution = $corresponding_contributions[0];
             $media_contribution->set_status(EVENT_STATUS_PROCESSED);
             ContributionService::save_contribution($media_contribution);
         }
     }
     import('content/syndication/feed');
     Feed::clear_cache('media');
     redirect_confirm('media' . url('.php?id=' . $media['idedit']), $MEDIA_LANG['edit_success'], TIME_REDIRECT);
 } elseif (!$media['idedit'] && (($auth_write = $User->check_auth($auth_cat, MEDIA_AUTH_WRITE)) || $User->check_auth($auth_cat, MEDIA_AUTH_CONTRIBUTION))) {
     $Sql->query_inject("INSERT INTO " . PREFIX . "media (idcat, iduser, timestamp, name, contents, url, mime_type, infos, width, height, users_note) VALUES ('" . $media['idcat'] . "', '" . $User->Get_attribute('user_id') . "', '" . time() . "', '" . $media['name'] . "', '" . strparse($media['contents']) . "', '" . $media['url'] . "', '" . $media['mime_type'] . "', " . "'" . ($User->check_auth($auth_cat, MEDIA_AUTH_WRITE) ? MEDIA_STATUS_APROBED : 0) . "', '" . $media['width'] . "', '" . $media['height'] . "', '')", __LINE__, __FILE__);
     $new_id_media = $Sql->insert_id("SELECT MAX(id) FROM " . PREFIX . "media");
     $media_categories->recount_media_per_cat($media['idcat']);
     import('content/syndication/feed');
     Feed::clear_cache('media');
     if (!$auth_write) {
         import('events/contribution');
         import('events/contribution_service');
         $media_contribution = new Contribution();
         $media_contribution->set_id_in_module($new_id_media);
         $media_contribution->set_description(stripslashes($media['counterpart']));
         $media_contribution->set_entitled(stripslashes(sprintf($MEDIA_LANG['contribution_entitled'], $media['name'])));
         $media_contribution->set_fixing_url('/media/media_action.php?edit=' . $new_id_media);
         $media_contribution->set_poster_id($User->get_attribute('user_id'));
         $media_contribution->set_module('media');
         $media_contribution->set_auth(Authorizations::capture_and_shift_bit_auth(Authorizations::merge_auth($MEDIA_CATS[0]['auth'], $media_categories->compute_heritated_auth($media['idcat'], MEDIA_AUTH_WRITE, AUTH_CHILD_PRIORITY), MEDIA_AUTH_WRITE, AUTH_CHILD_PRIORITY), MEDIA_AUTH_WRITE, CONTRIBUTION_AUTH_BIT));
Ejemplo n.º 17
0
     redirect(HOST . DIR . '/member/register' . url('.php?error=incomplete') . '#errorh');
 }
 if (is_numeric($row['regex']) && $row['regex'] >= 1 && $row['regex'] <= 5) {
     $array_regex = array(1 => '`^[0-9]+$`', 2 => '`^[a-z]+$`', 3 => '`^[a-z0-9]+$`', 4 => '`^[a-z0-9._-]+@(?:[a-z0-9_-]{2,}\\.)+[a-z]{2,4}$`i', 5 => '`^http(s)?://[a-z0-9._/-]+\\.[-[:alnum:]]+\\.[a-zA-Z]{2,4}(.*)$`i');
     $row['regex'] = $array_regex[$row['regex']];
 }
 $valid_field = true;
 if (!empty($row['regex']) && $row['field'] <= 2) {
     if (@preg_match($row['regex'], $field)) {
         $valid_field = true;
     } else {
         $valid_field = false;
     }
 }
 if ($row['field'] == 2) {
     $field = strparse($field);
 } elseif ($row['field'] == 4) {
     $array_field = is_array($field) ? $field : array();
     $field = '';
     foreach ($array_field as $value) {
         $field .= strprotect($value) . '|';
     }
 } elseif ($row['field'] == 6) {
     $field = '';
     $i = 0;
     $array_possible_values = explode('|', $row['possible_values']);
     foreach ($array_possible_values as $value) {
         $field .= !empty($_POST[$row['field_name'] . '_' . $i]) ? addslashes($_POST[$row['field_name'] . '_' . $i]) . '|' : '';
         $i++;
     }
     if ($row['required'] && empty($field)) {
Ejemplo n.º 18
0
     }
     if ($end_timestamp > time() && $end_timestamp > $start_timestamp) {
         $visible = 2;
     } else {
         $end = '';
     }
 } elseif ($get_visible == 1) {
     $start = '';
     $end = '';
 } else {
     $visible = 0;
     $start = '';
     $end = '';
 }
 $pseudo = $Sql->query("SELECT login FROM " . DB_TABLE_MEMBER . " WHERE user_id = " . $User->get_attribute('user_id'), __LINE__, __FILE__);
 $Template->assign_vars(array('C_ARTICLES_PREVIEW' => true, 'TITLE_PRW' => $title, 'DATE_PRW' => gmdate_format('date_format_short'), 'CONTENTS_PRW' => second_parse(stripslashes(strparse($contents))), 'PSEUDO_PRW' => $pseudo));
 $i = 0;
 $categories = '<option value="0" %s>' . $LANG['root'] . '</option>';
 $result = $Sql->query_while("SELECT id, level, name \n\tFROM " . PREFIX . "articles_cats\n\tORDER BY id_left", __LINE__, __FILE__);
 while ($row = $Sql->fetch_assoc($result)) {
     $margin = $row['level'] > 0 ? str_repeat('--------', $row['level']) : '--';
     $selected = $row['id'] == $idcat ? 'selected="selected"' : '';
     $categories .= '<option value="' . $row['id'] . '" ' . $selected . '>' . $margin . ' ' . $row['name'] . '</option>';
     $i++;
 }
 $Sql->query_close($result);
 $img_direct_path = strpos($icon, '/') !== false;
 $image_list = '<option value=""' . ($img_direct_path ? ' selected="selected"' : '') . '>--</option>';
 import('io/filesystem/folder');
 $image_list = '<option value="">--</option>';
 $image_folder_path = new Folder('./');
Ejemplo n.º 19
0
function pages_parse($contents)
{
    $contents = strparse($contents);
    $contents = preg_replace('`\\[link=([a-z0-9+#-]+)\\](.+)\\[/link\\]`isU', '<a href="/pages/$1">$2</a>', $contents);
    return (string) $contents;
}
Ejemplo n.º 20
0
 function display($integrated_in_environment = INTEGRATED_IN_ENVIRONMENT, $Template = false, $page_path_to_root = '')
 {
     global $Cache, $User, $Errorh, $Sql, $LANG, $CONFIG, $CONFIG_USER, $CONFIG_COM, $_array_rank, $_array_groups_auth, $Session;
     if ($integrated_in_environment) {
         $idcom_get = retrieve(GET, 'com', 0);
         $idcom_post = retrieve(POST, 'idcom', 0);
         $idcom = $idcom_post > 0 ? $idcom_post : $idcom_get;
         $this->set_arg($idcom);
     }
     $vars_simple = sprintf($this->vars, 0);
     $delcom = retrieve(GET, 'delcom', 0);
     $editcom = retrieve(GET, 'editcom', 0);
     $updatecom = retrieve(GET, 'updatecom', false);
     $path_redirect = $this->path . sprintf(str_replace('&amp;', '&', $this->vars), 0) . (!empty($page_path_to_root) && !$integrated_in_environment ? '&path_to_root=' . $page_path_to_root : '');
     if (!is_object($Template) || strtolower(get_class($Template)) != 'template') {
         $Template = new Template('framework/content/com.tpl');
     }
     if ($this->is_loaded()) {
         $Cache->load('com');
         import('util/captcha');
         $captcha = new Captcha();
         $captcha->set_difficulty($CONFIG_COM['com_verif_code_difficulty']);
         ###########################Insertion##############################
         if (retrieve(POST, 'valid_com', false) && !$updatecom) {
             if ($User->get_attribute('user_readonly') > time()) {
                 $Errorh->handler('e_auth', E_USER_REDIRECT);
             }
             $login = retrieve(POST, 'login', '');
             $contents = retrieve(POST, 'contents', '', TSTRING_UNCHANGE);
             if (!empty($login) && !empty($contents)) {
                 if ($this->lock_com >= 1 && !$User->check_level(MODO_LEVEL)) {
                     redirect($path_redirect);
                 }
                 if ($User->check_level($CONFIG_COM['com_auth'])) {
                     $check_time = $User->get_attribute('user_id') !== -1 && $CONFIG['anti_flood'] == 1 ? $Sql->query("SELECT MAX(timestamp) as timestamp FROM " . DB_TABLE_COM . " WHERE user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__) : '';
                     if (!empty($check_time) && !$User->check_max_value(AUTH_FLOOD)) {
                         if ($check_time >= time() - $CONFIG['delay_flood']) {
                             redirect($path_redirect . '&errorh=flood#errorh');
                         }
                     }
                     if ($CONFIG_COM['com_verif_code'] && !$captcha->is_valid()) {
                         redirect($path_redirect . '&errorh=verif#errorh');
                     }
                     $contents = strparse($contents, $CONFIG_COM['forbidden_tags']);
                     if (!check_nbr_links($login, 0)) {
                         redirect($path_redirect . '&errorh=l_pseudo#errorh');
                     }
                     if (!check_nbr_links($contents, $CONFIG_COM['max_link'])) {
                         redirect($path_redirect . '&errorh=l_flood#errorh');
                     }
                     $last_idcom = $this->add($contents, $login);
                     redirect($path_redirect . '#m' . $last_idcom);
                 } else {
                     redirect($path_redirect . '&errorh=auth#errorh');
                 }
             } else {
                 redirect($path_redirect . '&errorh=incomplete#errorh');
             }
         } elseif ($updatecom || $delcom > 0 || $editcom > 0) {
             if ($User->get_attribute('user_readonly') > time()) {
                 $Errorh->handler('e_auth', E_USER_REDIRECT);
             }
             $row = $Sql->query_array(DB_TABLE_COM, '*', "WHERE idcom = '" . $this->idcom . "' AND idprov = '" . $this->idprov . "' AND script = '" . $this->script . "'", __LINE__, __FILE__);
             $row['user_id'] = (int) $row['user_id'];
             if ($this->idcom != 0 && ($User->check_level(MODO_LEVEL) || $row['user_id'] === $User->get_attribute('user_id') && $User->get_attribute('user_id') !== -1)) {
                 if ($delcom > 0) {
                     $Session->csrf_get_protect();
                     $lastid_com = $this->del();
                     $lastid_com = !empty($lastid_com) ? '#m' . $lastid_com : '';
                     redirect($path_redirect . $lastid_com);
                 } elseif ($editcom > 0) {
                     $Template->assign_vars(array('CURRENT_PAGE_COM' => $integrated_in_environment, 'POPUP_PAGE_COM' => !$integrated_in_environment, 'AUTH_POST_COM' => true));
                     if ($row['user_id'] !== -1) {
                         $Template->assign_vars(array('C_HIDDEN_COM' => true, 'LOGIN' => $User->get_attribute('login')));
                     } else {
                         $Template->assign_vars(array('C_VISIBLE_COM' => true, 'LOGIN' => $row['login']));
                     }
                     $Template->assign_vars(array('IDPROV' => $row['idprov'], 'IDCOM' => $row['idcom'], 'SCRIPT' => $this->script, 'CONTENTS' => unparse($row['contents']), 'DATE' => gmdate_format('date_format', $row['timestamp']), 'THEME' => get_utheme(), 'KERNEL_EDITOR' => display_editor($this->script . 'contents', $CONFIG_COM['forbidden_tags']), 'L_LANGUAGE' => substr(get_ulang(), 0, 2), 'L_EDIT_COMMENT' => $LANG['edit_comment'], 'L_REQUIRE_LOGIN' => $LANG['require_pseudo'], 'L_REQUIRE_TEXT' => $LANG['require_text'], 'L_DELETE_MESSAGE' => $LANG['alert_delete_msg'], 'L_LOGIN' => $LANG['pseudo'], 'L_MESSAGE' => $LANG['message'], 'L_RESET' => $LANG['reset'], 'L_PREVIEW' => $LANG['preview'], 'L_PREVIEW' => $LANG['preview'], 'L_SUBMIT' => $LANG['update'], 'U_ACTION' => $this->path . sprintf($this->vars, $this->idcom) . '&amp;token=' . $Session->get_token() . '&amp;updatecom=1' . (!empty($page_path_to_root) && !$integrated_in_environment ? '&amp;path_to_root=' . $page_path_to_root : '')));
                 } elseif ($updatecom) {
                     $contents = retrieve(POST, 'contents', '', TSTRING_UNCHANGE);
                     $login = retrieve(POST, 'login', '');
                     if (!empty($contents) && !empty($login)) {
                         $contents = strparse($contents, $CONFIG_COM['forbidden_tags']);
                         if (!check_nbr_links($contents, $CONFIG_COM['max_link'])) {
                             redirect($path_redirect . '&errorh=l_flood#errorh');
                         }
                         $this->update($contents, $login);
                         redirect($path_redirect . '#m' . $this->idcom);
                     } else {
                         redirect($path_redirect . '&errorh=incomplete#errorh');
                     }
                 } else {
                     redirect($path_redirect . '&errorh=incomplete#errorh');
                 }
             } else {
                 $Errorh->handler('e_auth', E_USER_REDIRECT);
             }
         } elseif (isset($_GET['lock']) && $User->check_level(MODO_LEVEL)) {
             $Session->csrf_get_protect();
             if ($User->check_level(MODO_LEVEL)) {
                 $lock = retrieve(GET, 'lock', 0);
                 $this->lock($lock);
             }
             redirect($path_redirect . '#anchor_' . $this->script);
         } else {
             ###########################Affichage##############################
             $get_quote = retrieve(GET, 'quote', 0);
             $contents = '';
             if ($get_quote > 0) {
                 $info_com = $Sql->query_array(DB_TABLE_COM, 'login', 'contents', "WHERE script = '" . $this->script . "' AND idprov = '" . $this->idprov . "' AND idcom = '" . $get_quote . "'", __LINE__, __FILE__);
                 $contents = '[quote=' . $info_com['login'] . ']' . $info_com['contents'] . '[/quote]';
             }
             import('util/pagination');
             $pagination = new Pagination();
             $Template->assign_vars(array('ERROR_HANDLER' => '', 'CURRENT_PAGE_COM' => $integrated_in_environment, 'POPUP_PAGE_COM' => !$integrated_in_environment));
             if ($User->check_level(MODO_LEVEL)) {
                 $Template->assign_vars(array('COM_LOCK' => true, 'IMG' => $this->lock_com >= 1 ? 'unlock' : 'lock', 'L_LOCK' => $this->lock_com >= 1 ? $LANG['unlock'] : $LANG['lock'], 'U_LOCK' => $this->path . ($this->lock_com >= 1 ? $vars_simple . '&amp;lock=0&amp;token=' . $Session->get_token() : $vars_simple . '&amp;lock=1&amp;token=' . $Session->get_token()) . (!empty($page_path_to_root) && !$integrated_in_environment ? '&amp;path_to_root=' . $page_path_to_root : '')));
             }
             $get_error = !empty($_GET['errorh']) ? trim($_GET['errorh']) : '';
             $errno = E_USER_NOTICE;
             switch ($get_error) {
                 case 'auth':
                     $errstr = $LANG['e_unauthorized'];
                     $errno = E_USER_WARNING;
                     break;
                 case 'verif':
                     $errstr = $LANG['e_incorrect_verif_code'];
                     $errno = E_USER_WARNING;
                     break;
                 case 'l_flood':
                     $errstr = sprintf($LANG['e_l_flood'], $CONFIG_COM['max_link']);
                     break;
                 case 'l_pseudo':
                     $errstr = $LANG['e_link_pseudo'];
                     break;
                 case 'flood':
                     $errstr = $LANG['e_flood'];
                     break;
                 case 'incomplete':
                     $errstr = $LANG['e_incomplete'];
                     break;
                 default:
                     $errstr = '';
             }
             $Errorh->set_template($Template);
             if (!empty($errstr)) {
                 $Template->assign_vars(array('ERROR_HANDLER' => $Errorh->display($errstr, E_USER_NOTICE)));
             }
             if (!$this->lock_com || $User->check_level(MODO_LEVEL)) {
                 if ($captcha->is_available() && $CONFIG_COM['com_verif_code']) {
                     $Template->assign_vars(array('C_VERIF_CODE' => true, 'VERIF_CODE' => $captcha->display_form(), 'L_REQUIRE_VERIF_CODE' => $captcha->js_require()));
                 }
                 if ($User->check_level($CONFIG_COM['com_auth'])) {
                     $Template->assign_vars(array('AUTH_POST_COM' => true));
                 } else {
                     $Template->assign_vars(array('ERROR_HANDLER' => $Errorh->display($LANG['e_unauthorized'], E_USER_NOTICE)));
                 }
                 if ($User->get_attribute('user_id') !== -1) {
                     $Template->assign_vars(array('C_HIDDEN_COM' => true, 'LOGIN' => $User->get_attribute('login')));
                 } else {
                     $Template->assign_vars(array('C_VISIBLE_COM' => true, 'LOGIN' => $LANG['guest']));
                 }
             } else {
                 $Template->assign_vars(array('ERROR_HANDLER' => $Errorh->display($LANG['com_locked'], E_USER_NOTICE)));
             }
             $get_pos = strpos($_SERVER['QUERY_STRING'], '&pc');
             if ($get_pos) {
                 $get_page = substr($_SERVER['QUERY_STRING'], 0, $get_pos) . '&amp;pc';
             } else {
                 $get_page = $_SERVER['QUERY_STRING'] . '&amp;pc';
             }
             $is_modo = $User->check_level(MODO_LEVEL);
             $Template->assign_vars(array('C_COM_DISPLAY' => $this->get_attribute('nbr_com') > 0 ? true : false, 'C_IS_MODERATOR' => $is_modo, 'PAGINATION_COM' => $pagination->display($this->path . $vars_simple . '&amp;pc=%d#anchor_' . $this->script, $this->nbr_com, 'pc', $CONFIG_COM['com_max'], 3), 'LANG' => get_ulang(), 'IDCOM' => '', 'IDPROV' => $this->idprov, 'SCRIPT' => $this->script, 'PATH' => SCRIPT, 'UPDATE' => $integrated_in_environment == true ? SID : '', 'VAR' => $vars_simple, 'KERNEL_EDITOR' => display_editor($this->script . 'contents', $CONFIG_COM['forbidden_tags']), 'C_BBCODE_TINYMCE_MODE' => $User->get_attribute('user_editor') == 'tinymce', 'L_XML_LANGUAGE' => $LANG['xml_lang'], 'L_TITLE' => $CONFIG['com_popup'] == 0 || $integrated_in_environment === true ? $LANG['title_com'] : '', 'THEME' => get_utheme(), 'CONTENTS' => unparse($contents), 'L_REQUIRE_LOGIN' => $LANG['require_pseudo'], 'L_REQUIRE_TEXT' => $LANG['require_text'], 'L_VERIF_CODE' => $LANG['verif_code'], 'L_DELETE_MESSAGE' => $LANG['alert_delete_msg'], 'L_ADD_COMMENT' => $LANG['add_comment'], 'L_PUNISHMENT_MANAGEMENT' => $LANG['punishment_management'], 'L_WARNING_MANAGEMENT' => $LANG['warning_management'], 'L_LOGIN' => $LANG['pseudo'], 'L_MESSAGE' => $LANG['message'], 'L_QUOTE' => $LANG['quote'], 'L_RESET' => $LANG['reset'], 'L_PREVIEW' => $LANG['preview'], 'L_SUBMIT' => $LANG['submit'], 'U_ACTION' => $this->path . sprintf($this->vars, $this->idcom) . (!empty($page_path_to_root) && !$integrated_in_environment ? '&amp;path_to_root=' . $page_path_to_root : '') . '&amp;token=' . $Session->get_token()));
             $array_ranks = array(-1 => $LANG['guest'], 0 => $LANG['member'], 1 => $LANG['modo'], 2 => $LANG['admin']);
             $Cache->load('ranks');
             $j = 0;
             $result = $Sql->query_while("SELECT c.idprov, c.idcom, c.login, c.timestamp, m.user_id, m.login as mlogin, m.level, m.user_mail, m.user_show_mail, m.timestamp AS registered, m.user_avatar, m.user_msg, m.user_local, m.user_web, m.user_sex, m.user_msn, m.user_yahoo, m.user_sign, m.user_warning, m.user_ban, m.user_groups, s.user_id AS connect, c.contents\n\t\t\t\tFROM " . DB_TABLE_COM . " c\n\t\t\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = c.user_id\n\t\t\t\tLEFT JOIN " . DB_TABLE_SESSIONS . " s ON s.user_id = c.user_id AND s.session_time > '" . (time() - $CONFIG['site_session_invit']) . "'\n\t\t\t\tWHERE c.script = '" . $this->script . "' AND c.idprov = '" . $this->idprov . "'\n\t\t\t\tGROUP BY c.idcom\n\t\t\t\tORDER BY c.timestamp DESC\n\t\t\t\t" . $Sql->limit($pagination->get_first_msg($CONFIG_COM['com_max'], 'pc'), $CONFIG_COM['com_max']), __LINE__, __FILE__);
             while ($row = $Sql->fetch_assoc($result)) {
                 list($edit, $del) = array(false, false);
                 $is_guest = empty($row['user_id']);
                 if ($is_modo || $row['user_id'] == $User->get_attribute('user_id') && $User->get_attribute('user_id') !== -1) {
                     list($edit, $del) = array(true, true);
                 }
                 if (!$is_guest) {
                     $com_pseudo = '<a class="msg_link_pseudo" href="' . PATH_TO_ROOT . '/member/member' . url('.php?id=' . $row['user_id'], '-' . $row['user_id'] . '.php') . '" title="' . $row['mlogin'] . '"><span style="font-weight: bold;">' . wordwrap_html($row['mlogin'], 13) . '</span></a>';
                 } else {
                     $com_pseudo = '<span style="font-style:italic;">' . (!empty($row['login']) ? wordwrap_html($row['login'], 13) : $LANG['guest']) . '</span>';
                 }
                 $user_rank = $row['level'] === '0' ? $LANG['member'] : $LANG['guest'];
                 $user_group = $user_rank;
                 $user_rank_icon = '';
                 if ($row['level'] === '2') {
                     $user_rank = $_array_rank[-2][0];
                     $user_group = $user_rank;
                     $user_rank_icon = $_array_rank[-2][1];
                 } elseif ($row['level'] === '1') {
                     $user_rank = $_array_rank[-1][0];
                     $user_group = $user_rank;
                     $user_rank_icon = $_array_rank[-1][1];
                 } else {
                     foreach ($_array_rank as $msg => $ranks_info) {
                         if ($msg >= 0 && $msg <= $row['user_msg']) {
                             $user_rank = $ranks_info[0];
                             $user_rank_icon = $ranks_info[1];
                             break;
                         }
                     }
                 }
                 $user_assoc_img = !empty($user_rank_icon) ? '<img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/ranks/' . $user_rank_icon . '" alt="" />' : '';
                 if (!empty($row['user_groups']) && $_array_groups_auth) {
                     $user_groups = '';
                     $array_user_groups = explode('|', $row['user_groups']);
                     foreach ($_array_groups_auth as $idgroup => $array_group_info) {
                         if (is_numeric(array_search($idgroup, $array_user_groups))) {
                             $user_groups .= !empty($array_group_info['img']) ? '<img src="' . PATH_TO_ROOT . '/images/group/' . $array_group_info['img'] . '" alt="' . $array_group_info['name'] . '" title="' . $array_group_info['name'] . '"/><br />' : $LANG['group'] . ': ' . $array_group_info['name'];
                         }
                     }
                 } else {
                     $user_groups = $LANG['group'] . ': ' . $user_group;
                 }
                 $user_online = !empty($row['connect']) ? 'online' : 'offline';
                 if (empty($row['user_avatar'])) {
                     $user_avatar = $CONFIG_USER['activ_avatar'] == '1' && !empty($CONFIG_USER['avatar_url']) ? '<img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . $CONFIG_USER['avatar_url'] . '" alt="" />' : '';
                 } else {
                     $user_avatar = '<img src="' . $row['user_avatar'] . '" alt=""	/>';
                 }
                 $user_sex = '';
                 if ($row['user_sex'] == 1) {
                     $user_sex = $LANG['sex'] . ': <img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/man.png" alt="" /><br />';
                 } elseif ($row['user_sex'] == 2) {
                     $user_sex = $LANG['sex'] . ': <img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/woman.png" alt="" /><br />';
                 }
                 $user_msg = $row['user_msg'] > 1 ? $LANG['message_s'] . ': ' . $row['user_msg'] : $LANG['message'] . ': ' . $row['user_msg'];
                 if (!empty($row['user_local'])) {
                     $user_local = $LANG['place'] . ': ' . $row['user_local'];
                     $user_local = $user_local > 15 ? substr_html($user_local, 0, 15) . '...<br />' : $user_local . '<br />';
                 } else {
                     $user_local = '';
                 }
                 $contents = ucfirst(second_parse($row['contents']));
                 if (!$integrated_in_environment && !empty($page_path_to_root)) {
                     $contents = str_replace('"' . $page_path_to_root . '/', '"' . PATH_TO_ROOT . '/', $contents);
                 }
                 $Template->assign_block_vars('com_list', array('ID' => $row['idcom'], 'CONTENTS' => $contents, 'DATE' => $LANG['on'] . ': ' . gmdate_format('date_format', $row['timestamp']), 'CLASS_COLOR' => $j % 2 == 0 ? '' : 2, 'USER_ONLINE' => '<img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . $user_online . '.png" alt="" class="valign_middle" />', 'USER_PSEUDO' => $com_pseudo, 'USER_RANK' => $row['user_warning'] < '100' || time() - $row['user_ban'] < 0 ? $user_rank : $LANG['banned'], 'USER_IMG_ASSOC' => $user_assoc_img, 'USER_AVATAR' => $user_avatar, 'USER_GROUP' => $user_groups, 'USER_DATE' => !$is_guest ? $LANG['registered_on'] . ': ' . gmdate_format('date_format_short', $row['registered']) : '', 'USER_SEX' => $user_sex, 'USER_MSG' => !$is_guest ? $user_msg : '', 'USER_LOCAL' => $user_local, 'USER_MAIL' => !empty($row['user_mail']) && $row['user_show_mail'] == '1' ? '<a href="mailto:' . $row['user_mail'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/email.png" alt="' . $row['user_mail'] . '" title="' . $row['user_mail'] . '" /></a>' : '', 'USER_MSN' => !empty($row['user_msn']) ? '<a href="mailto:' . $row['user_msn'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/msn.png" alt="' . $row['user_msn'] . '" title="' . $row['user_msn'] . '" /></a>' : '', 'USER_YAHOO' => !empty($row['user_yahoo']) ? '<a href="mailto:' . $row['user_yahoo'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/yahoo.png" alt="' . $row['user_yahoo'] . '" title="' . $row['user_yahoo'] . '" /></a>' : '', 'USER_SIGN' => !empty($row['user_sign']) ? '____________________<br />' . second_parse($row['user_sign']) : '', 'USER_WEB' => !empty($row['user_web']) ? '<a href="' . $row['user_web'] . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/user_web.png" alt="' . $row['user_web'] . '" title="' . $row['user_yahoo'] . '" /></a>' : '', 'USER_WARNING' => !empty($row['user_warning']) ? $row['user_warning'] : '0', 'C_COM_MSG_EDIT' => $del, 'C_COM_MSG_DEL' => $edit, 'U_COM_EDIT' => $this->path . sprintf($this->vars, $row['idcom']) . '&amp;editcom=1' . (!empty($page_path_to_root) && !$integrated_in_environment ? '&amp;path_to_root=' . $page_path_to_root : '') . '#anchor_' . $this->script, 'U_COM_DEL' => $this->path . sprintf($this->vars, $row['idcom']) . '&amp;token=' . $Session->get_token() . '&amp;delcom=1' . (!empty($page_path_to_root) && !$integrated_in_environment ? '&amp;path_to_root=' . $page_path_to_root : '') . '#anchor_' . $this->script, 'U_COM_WARNING' => $is_modo && !$is_guest ? PATH_TO_ROOT . '/member/moderation_panel' . url('.php?action=warning&amp;id=' . $row['user_id'] . (!empty($page_path_to_root) && !$integrated_in_environment ? '&amp;path_to_root=' . $page_path_to_root : '')) . '" title="' . $LANG['warning_management'] : '', 'U_COM_PUNISHEMENT' => $is_modo && !$is_guest ? PATH_TO_ROOT . '/member/moderation_panel' . url('.php?action=punish&amp;id=' . $row['user_id'] . (!empty($page_path_to_root) && !$integrated_in_environment ? '&amp;path_to_root=' . $page_path_to_root : '')) . '" title="' . $LANG['punishment_management'] : '', 'U_USER_PM' => !$is_guest ? '<a href="' . PATH_TO_ROOT . '/member/pm' . url('.php?pm=' . $row['user_id'], '-' . $row['user_id'] . '.php') . '"><img src="' . PATH_TO_ROOT . '/templates/' . get_utheme() . '/images/' . get_ulang() . '/pm.png" alt="" /></a>' : '', 'U_ANCHOR' => $this->path . $vars_simple . (!empty($page_path_to_root) && !$integrated_in_environment ? '&amp;path_to_root=' . $page_path_to_root : '') . '#m' . $row['idcom'], 'U_QUOTE' => $this->path . sprintf($this->vars, $row['idcom']) . '&amp;quote=' . $row['idcom'] . (!empty($page_path_to_root) && !$integrated_in_environment ? '&amp;path_to_root=' . $page_path_to_root : '') . '#anchor_' . $this->script));
                 $j++;
             }
             $Sql->query_close($result);
         }
         return $Template->parse(TEMPLATE_STRING_MODE);
     } else {
         return 'error : class Comments loaded uncorrectly';
     }
 }
Ejemplo n.º 21
0
        $checked_normal = $type == 0 ? 'checked="ckecked"' : '';
        $checked_postit = $type == 1 ? 'checked="ckecked"' : '';
        $checked_annonce = $type == 2 ? 'checked="ckecked"' : '';
        $nbr_poll_field = 0;
        for ($i = 0; $i < 20; $i++) {
            $answer = retrieve(POST, 'a' . $i, '', TSTRING_UNCHANGE);
            if (!empty($answer)) {
                $Template->assign_block_vars('answers_poll', array('ID' => $i, 'ANSWER' => $answer));
                $nbr_poll_field++;
            } elseif ($i <= 5) {
                $Template->assign_block_vars('answers_poll', array('ID' => $i, 'ANSWER' => ''));
                $nbr_poll_field++;
            }
        }
        $poll_type = retrieve(POST, 'poll_type', 0);
        $Template->assign_vars(array('TITLE' => $title, 'DESC' => $subtitle, 'CONTENTS' => $contents, 'QUESTION' => $question, 'IDM' => $id_post_msg, 'DATE' => $LANG['on'] . ' ' . gmdate_format('date_format'), 'CONTENTS_PREVIEW' => second_parse(stripslashes(strparse($contents))), 'CHECKED_NORMAL' => $checked_normal, 'CHECKED_POSTIT' => $checked_postit, 'CHECKED_ANNONCE' => $checked_annonce, 'SELECTED_SIMPLE' => $poll_type == 0 ? 'checked="ckecked"' : '', 'SELECTED_MULTIPLE' => $poll_type == 1 ? 'checked="ckecked"' : '', 'NO_DISPLAY_POLL' => !empty($question) ? 'false' : 'true', 'NBR_POLL_FIELD' => $nbr_poll_field, 'C_FORUM_PREVIEW_MSG' => true, 'C_ADD_POLL_FIELD' => $nbr_poll_field <= 18 ? true : false, 'C_FORUM_POST_TYPE' => true, 'L_PREVIEW' => $LANG['preview'], 'L_TYPE' => '* ' . $LANG['type'], 'L_DEFAULT' => $LANG['default'], 'L_POST_IT' => $LANG['forum_postit'], 'L_ANOUNCE' => $LANG['forum_announce']));
    }
    list($users_list, $total_admin, $total_modo, $total_member, $total_visit, $total_online) = forum_list_user_online("AND s.session_script LIKE '/forum/%'");
    $Template->assign_vars(array('TOTAL_ONLINE' => $total_online, 'USERS_ONLINE' => $total_online - $total_visit == 0 ? '<em>' . $LANG['no_member_online'] . '</em>' : $users_list, 'ADMIN' => $total_admin, 'MODO' => $total_modo, 'MEMBER' => $total_member, 'GUEST' => $total_visit, 'L_USER' => $total_online > 1 ? $LANG['user_s'] : $LANG['user'], 'L_ADMIN' => $total_admin > 1 ? $LANG['admin_s'] : $LANG['admin'], 'L_MODO' => $total_modo > 1 ? $LANG['modo_s'] : $LANG['modo'], 'L_MEMBER' => $total_member > 1 ? $LANG['member_s'] : $LANG['member'], 'L_GUEST' => $total_visit > 1 ? $LANG['guest_s'] : $LANG['guest'], 'L_AND' => $LANG['and'], 'L_ONLINE' => strtolower($LANG['online'])));
    $Template->pparse('forum_move');
} elseif (!empty($id_post_msg) && !empty($post_topic)) {
    $msg = $Sql->query_array(PREFIX . 'forum_msg', 'idtopic', 'user_id', 'timestamp', 'contents', "WHERE id = '" . $id_post_msg . "'", __LINE__, __FILE__);
    $topic = $Sql->query_array(PREFIX . 'forum_topics', 'idcat', 'title', 'last_user_id', 'last_msg_id', 'last_timestamp', "WHERE id = '" . $msg['idtopic'] . "'", __LINE__, __FILE__);
    $to = retrieve(POST, 'to', 0);
    if (!$User->check_auth($CAT_FORUM[$topic['idcat']]['auth'], EDIT_CAT_FORUM)) {
        $Errorh->handler('e_auth', E_USER_REDIRECT);
    }
    $id_first = $Sql->query("SELECT MIN(id) FROM " . PREFIX . "forum_msg WHERE idtopic = '" . $msg['idtopic'] . "'", __LINE__, __FILE__);
    if ($id_first == $id_post_msg) {
        $Errorh->handler('e_unable_cut_forum', E_USER_REDIRECT);
    }
Ejemplo n.º 22
0
 function set_content($content)
 {
     $this->content = strparse($content, array(), DO_NOT_ADD_SLASHES);
 }