Ejemplo n.º 1
function WIDGET_springMenu($dataArray)
    global $_CONF;
    $rand = rand(1, 1000);
    $slideCounter = 1;
    $retval = '';
    $templateFile = 'spring-menu.thtml';
    // define the JS we need for this theme..
    $outputHandle = outputHandler::getInstance();
    // core js
    $outputHandle->addLinkScript($_CONF['site_url'] . '/javascript/addons/accordion-image-menu/jquery.accordionImageMenu.min.js');
    $outputHandle->addLinkStyle($_CONF['site_url'] . '/javascript/addons/accordion-image-menu/accordionImageMenu.css');
    $T = new Template($_CONF['path_layout'] . '/widgets');
    if (isset($dataArray['template'])) {
        $templateFile = $dataArray['template'];
    $T->set_file('widget', $templateFile);
    $T->set_var('rand', $rand);
    $T->set_block('widget', 'images', 'i');
    foreach ($dataArray['images'] as $images) {
        if (isset($images['link']) && $images['link'] != '') {
            $T->set_var('link', $images['link']);
        $imageURL = str_replace("%site_url%", $_CONF['site_url'], $images['image']);
        $T->set_var('image', $imageURL);
        $T->set_var('slidecounter', $slideCounter);
        $T->parse('i', 'images', true);
    $last = 0;
    $T->set_block('widget', 'options', 'o');
    foreach ($dataArray['options'] as $option => $value) {
        $optionLine = '';
        if ($last > 0) {
            $optionLine .= ',';
        $optionLine .= "'" . $option . "'" . ": " . "'" . $value . "'";
        $T->set_var('optionvalue', $optionLine);
        $T->parse('o', 'options', true);
    $T->parse('output', 'widget');
    $retval = $T->finish($T->get_var('output'));
    return $retval;
Ejemplo n.º 2
* Shows the form the admin uses to send glFusion members a message. Now you
* can email a user or an entire group depending upon whether uid or grp_id is
* set.  if both arguments are >0, the group send function takes precedence
* @return   string      HTML for the email form
function MAIL_displayForm($uid = 0, $grp_id = 0, $from = '', $replyto = '', $subject = '', $message = '')
    global $_CONF, $_TABLES, $_USER, $LANG31, $LANG03, $LANG_ADMIN;
    $retval = '';
    if (isset($_POST['postmode'])) {
        $postmode = COM_applyFilter($_POST['postmode']);
        if ($postmode != 'html' || $postmode != 'plaintext') {
            $postmode = $_CONF['postmode'];
    } else {
        $postmode = $_CONF['postmode'];
    $mail_templates = new Template($_CONF['path_layout'] . 'admin/mail');
    $mail_templates->set_file('form', 'mailform.thtml');
    if ($postmode == 'html') {
        $mail_templates->set_var('show_htmleditor', true);
    } else {
    $mail_templates->set_var('postmode', $postmode);
    $mail_templates->set_var('lang_postmode', $LANG03[2]);
    $mail_templates->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
    $mail_templates->set_var('startblock_email', COM_startBlock($LANG31[1], '', COM_getBlockTemplate('_admin_block', 'header')));
    $mail_templates->set_var('php_self', $_CONF['site_admin_url'] . '/mail.php');
    $usermode = $uid > 0 && $grp_id == 0 ? true : false;
    $send_to_group = $usermode ? '' : '1';
    $mail_templates->set_var('send_to_group', $send_to_group);
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/user.php', 'text' => $LANG_ADMIN['admin_users']), array('url' => $_CONF['site_admin_url'] . '/group.php', 'text' => $LANG_ADMIN['admin_groups']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $instructions = $usermode ? $LANG31[28] : $LANG31[19];
    $icon = $_CONF['layout_url'] . '/images/icons/mail.png';
    $admin_menu = ADMIN_createMenu($menu_arr, $instructions, $icon);
    $mail_templates->set_var('admin_menu', $admin_menu);
    if ($usermode) {
        // we're sending e-Mail to a specific user
        $mail_templates->set_var('lang_instructions', $LANG31[28]);
        $mail_templates->set_var('lang_to', $LANG31[18]);
        $to_user = '';
        $lang_warning = $LANG31[29];
        $warning = '';
        // get the user data, and check the privacy settings
        $result = DB_query("SELECT username,fullname,email FROM {$_TABLES['users']} WHERE uid = " . (int) $uid);
        $nrows = DB_numRows($result);
        if ($nrows > 0) {
            $A = DB_fetchArray($result);
            $username = $_CONF['show_fullname'] ? $A['fullname'] : $A['username'];
            $to_user = $username . ' (' . $A['email'] . ')';
            $emailfromadmin = DB_getItem($_TABLES['userprefs'], 'emailfromadmin', "uid = " . (int) $uid);
            $warning = $emailfromadmin == 1 ? '' : $LANG31[30];
        $mail_templates->set_var('to_user', $to_user);
        $mail_templates->set_var('to_uid', $uid);
        $mail_templates->set_var('lang_warning', $lang_warning);
        $mail_templates->set_var('warning', $warning);
    } else {
        // we're sending e-Mail to a group of users
        $mail_templates->set_var('lang_instructions', $LANG31[19]);
        $mail_templates->set_var('lang_to', $LANG31[27]);
        $mail_templates->set_var('lang_selectgroup', $LANG31[25]);
        // build group options select, allow for possibility grp_id has been supplied
        $group_options = '';
        $result = DB_query("SELECT grp_id, grp_name FROM {$_TABLES['groups']} WHERE grp_name <> 'All Users'");
        $nrows = DB_numRows($result);
        $groups = array();
        for ($i = 0; $i < $nrows; $i++) {
            $A = DB_fetchArray($result);
            $groups[$A['grp_id']] = ucwords($A['grp_name']);
        foreach ($groups as $groupID => $groupName) {
            if (SEC_inGroup('Root') || SEC_inGroup($groupName) && $groupName != 'Logged-in Users' && $groupName != 'Mail Admin') {
                $group_options .= '<option value="' . $groupID . '"';
                $group_options .= $groupID == $grp_id ? ' selected="selected"' : '';
                $group_options .= '>' . $groupName . '</option>';
        $mail_templates->set_var('group_options', $group_options);
    $mail_templates->set_var('lang_from', $LANG31[2]);
    $frm = empty($from) ? $_CONF['site_name'] : $from;
    $mail_templates->set_var('site_name', $frm);
    $mail_templates->set_var('lang_replyto', $LANG31[3]);
    $rto = empty($replyto) ? $_CONF['site_mail'] : $replyto;
    $mail_templates->set_var('site_mail', $rto);
    $mail_templates->set_var('lang_subject', $LANG31[4]);
    $mail_templates->set_var('subject', $subject);
    $mail_templates->set_var('lang_body', $LANG31[5]);
    $mail_templates->set_var('message_text', $message);
    $mail_templates->set_var('message_html', $message);
    $mail_templates->set_var('lang_sendto', $LANG31[6]);
    $mail_templates->set_var('lang_allusers', $LANG31[7]);
    $mail_templates->set_var('lang_admin', $LANG31[8]);
    $mail_templates->set_var('lang_options', $LANG31[9]);
    $mail_templates->set_var('lang_HTML', $LANG31[10]);
    $mail_templates->set_var('lang_urgent', $LANG31[11]);
    $mail_templates->set_var('lang_ignoreusersettings', $LANG31[14]);
    $mail_templates->set_var('lang_send', $LANG31[12]);
    $mail_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $mail_templates->set_var('gltoken_name', CSRF_TOKEN);
    $mail_templates->set_var('gltoken', SEC_createToken());
    PLG_templateSetVars('contact', $mail_templates);
    $mail_templates->parse('output', 'form');
    $retval = $mail_templates->finish($mail_templates->get_var('output'));
    SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral('advancededitor'), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
    return $retval;
Ejemplo n.º 3
* Display form to email a story to someone.
* @param    string  $sid    ID of article to email
* @return   string          HTML for email story form
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
    global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG_LOGIN;
    $retval = '';
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
        $display = COM_siteHeader('menu', $LANG_LOGIN[1]);
        $display .= SEC_loginRequiredForm();
        $display .= COM_siteFooter();
        echo $display;
    $result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'" . COM_getTopicSql('AND') . COM_getPermSql('AND'));
    $A = DB_fetchArray($result);
    if ($A['count'] == 0) {
        return COM_refresh($_CONF['site_url'] . '/index.php');
    if ($msg > 0) {
        $retval .= COM_showMessage($msg, '', '', 0, 'info');
    if (empty($from) && empty($fromemail)) {
        if (!COM_isAnonUser()) {
            $from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
            $fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
    $postmode = $_CONF['mailuser_postmode'];
    $mail_template = new Template($_CONF['path_layout'] . 'profiles');
    $mail_template->set_file('form', 'contactauthorform.thtml');
    if ($postmode == 'html') {
        $mail_template->set_var('show_htmleditor', true);
    } else {
    $mail_template->set_var('lang_postmode', $LANG03[2]);
    $mail_template->set_var('postmode', $postmode);
    $mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
    $mail_template->set_var('lang_fromname', $LANG08[20]);
    $mail_template->set_var('name', $from);
    $mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
    $mail_template->set_var('email', $fromemail);
    $mail_template->set_var('lang_toname', $LANG08[18]);
    $mail_template->set_var('toname', $to);
    $mail_template->set_var('lang_toemailaddress', $LANG08[19]);
    $mail_template->set_var('toemail', $toemail);
    $mail_template->set_var('lang_shortmessage', $LANG08[27]);
    $mail_template->set_var('shortmsg', @htmlspecialchars($shortmsg, ENT_COMPAT, COM_getEncodingt()));
    $mail_template->set_var('lang_warning', $LANG08[22]);
    $mail_template->set_var('lang_sendmessage', $LANG08[16]);
    $mail_template->set_var('story_id', $sid);
    PLG_templateSetVars('emailstory', $mail_template);
    $mail_template->set_var('end_block', COM_endBlock());
    $mail_template->parse('output', 'form');
    $retval .= $mail_template->finish($mail_template->get_var('output'));
    return $retval;
Ejemplo n.º 4
            $output .= " - <b>" . $i . "</b> -&nbsp;&nbsp;";
        } else {
            $output .= " - " . $i . " -&nbsp;&nbsp;";
    $tpl->set_var("PROGRESS", $output);
    $tpl->parse("PROGRESS_ROW", "progress_row");
//build current questionary page
$double = false;
$page_content = $geo->get_page($page_number);
$numbering = $question_number ? $geo->get_page_questionnumber($page_number) : 0;
foreach ($page_content as $segment) {
    $entity = $segment;
    //clear cell for line
    //get question number if needed
    $numbering_string = $numbering != 0 && isset($entity["input_id"]) ? $numbering++ . ". " : "";
    // build HTML for each element
    switch ($entity["type"]) {
            $tpl->set_var("DESCRIPTION", $UBB->encode($entity["text"]));
            $tpl->parse("QUEST_CELL", "description", true);
            $tpl->set_var("CAPTION", nl2br(norm_post($entity["text"])));
            $tpl->parse("QUEST_CELL", "caption", true);
            $tpl->parse("QUEST_CELL", "empty_line", true);
Ejemplo n.º 5
* User request for a new password - send email with a link and request id
* @param username string   name of user who requested the new password
* @param msg      int      index of message to display (if any)
* @return         string   form or meta redirect
function requestpassword($username, $msg = 0)
    global $_CONF, $_TABLES, $LANG04;
    $retval = '';
    // no remote users!
    $username = DB_escapeString($username);
    $result = DB_query("SELECT uid,email,passwd,status FROM {$_TABLES['users']} WHERE username = '******' AND (account_type & " . LOCAL_USER . ")");
    $nrows = DB_numRows($result);
    if ($nrows == 1) {
        $A = DB_fetchArray($result);
        if ($_CONF['usersubmission'] == 1 && $A['status'] == USER_ACCOUNT_AWAITING_APPROVAL) {
            echo COM_refresh($_CONF['site_url'] . '/index.php?msg=48');
        $reqid = substr(md5(uniqid(rand(), 1)), 1, 16);
        DB_change($_TABLES['users'], 'pwrequestid', "{$reqid}", 'uid', (int) $A['uid']);
        $T = new Template($_CONF['path_layout'] . 'email/');
        $T->set_file(array('html_msg' => 'mailtemplate_html.thtml', 'text_msg' => 'mailtemplate_text.thtml'));
        $T->set_block('html_msg', 'content', 'contentblock');
        $T->set_block('text_msg', 'contenttext', 'contenttextblock');
        $T->set_var('content_text', sprintf($LANG04[88], $username));
        $T->parse('contentblock', 'content', true);
        $T->parse('contenttextblock', 'contenttext', true);
        $T->set_var('url', $_CONF['site_url'] . '/users.php?mode=newpwd&uid=' . $A['uid'] . '&rid=' . $reqid);
        $T->set_var('button_text', $LANG04[91]);
        $T->parse('contentblock', 'content', true);
        $T->parse('contenttextblock', 'contenttext', true);
        $T->set_var('content_text', $LANG04[89]);
        $T->parse('contentblock', 'content', true);
        $T->parse('contenttextblock', 'contenttext', true);
        $T->set_var('site_url', $_CONF['site_url']);
        $T->set_var('site_name', $_CONF['site_name']);
        $T->set_var('title', $_CONF['site_name'] . ': ' . $LANG04[16]);
        $T->parse('output', 'html_msg');
        $mailhtml = $T->finish($T->get_var('output'));
        $T->parse('textoutput', 'text_msg');
        $mailtext = $T->finish($T->get_var('textoutput'));
        $msgData['htmlmessage'] = $mailhtml;
        $msgData['textmessage'] = $mailtext;
        $msgData['subject'] = $_CONF['site_name'] . ': ' . $LANG04[16];
        $msgData['from']['name'] = $_CONF['site_name'];
        $msgData['from']['email'] = $_CONF['noreply_mail'];
        $msgData['to']['email'] = $A['email'];
        $msgData['to']['name'] = $username;
        if ($msg) {
            echo COM_refresh($_CONF['site_url'] . "/index.php?msg={$msg}");
        } else {
            echo COM_refresh($_CONF['site_url'] . '/index.php');
    } else {
        echo COM_refresh($_CONF['site_url'] . '/users.php?mode=getpassword');
    return $retval;
Ejemplo n.º 6
 $tpl->set_block("language", "category_edit_title");
 $tpl->set_block("language", "category_edit_description");
 $tpl->set_block("language", "category_edit_ubb");
 $tpl->set_block("language", "category_edit_button_ok");
 $tpl->set_block("language", "category_edit_button_cancel");
 $tpl->set_var(array("DOC_ROOT" => $config_webserver_ip));
 $tpl->parse("TITLE", "category_edit_title");
 $tpl->parse("LANGUAGE_FEEDBACK_HEADLINE_NULL", "category_edit_feedback_headline_null");
 $tpl->parse("LANGUAGE_DESCRIPTION", "category_edit_description");
 $tpl->parse("LANGUAGE_UBB", "category_edit_ubb");
 $tpl->parse("BUTTON_LABEL", "category_edit_button_ok");
 $tpl->parse("LANGUAGE_BUTTON_CANCEL", "category_edit_button_cancel");
 $tpl->parse("CONTENT", $current_file);
 $tpl->parse("OUT", "blueprint");
 $out = $tpl->get_var("OUT");
 $fp = fopen("{$topic_doc_root}/templates/{$language}/{$current_file}.ihtml", "w");
 fwrite($fp, $out);
 echo "&nbsp;&nbsp;&nbsp; {$current_file}.ihtml abgeschlossen. (... {$topic_doc_root}/templates/{$language}/{$current_file}.ihtml)<br>";
 //* category_sort.ihtml
 $current_file = "category_sort";
 $tpl->set_file($current_file, "{$current_file}.ihtml");
 $tpl->set_block("language", "category_sort_title");
 $tpl->set_block("language", "category_sort_button_ok");
 $tpl->set_block("language", "category_sort_button_cancel");
 $tpl->set_var(array("DOC_ROOT" => $config_webserver_ip));
 $tpl->parse("TITLE", "category_sort_title");
 $tpl->parse("BUTTON_LABEL", "category_sort_button_ok");
Ejemplo n.º 7
 public function parse($p1, $p2 = '', $fulltag)
     global $_CONF, $_TABLES, $_USER, $LANG01;
     $retval = '';
     $skip = 0;
     $dt = new Date('now', $_USER['tzid']);
     // topic = specific topic or 'all'
     // display = how many stories to display, if 0, then all
     // meta = show meta data (i.e.; who when etc)
     // titleLink - make title a hot link
     // featured - 0 = show all, 1 = only featured, 2 = all except featured
     // frontpage - 1 = show only items marked for frontpage - 0 = show all
     // cols - number of columns to show
     // template - the template name
     $topic = $p1;
     if ($topic == 'all') {
         $topic = '';
     $uniqueID = md5($p1 . $p2);
     $display = 10;
     // display 10 articles
     $meta = 0;
     // do not display meta data
     $titleLink = 0;
     // do not use links in title
     $featured = 0;
     // 0 = show all, 1 = only featured, 2 = all except featured
     $frontpage = 0;
     // only show items marked for frontpage
     $cols = 3;
     // number of columns
     $truncate = 0;
     // maximum number of characters to include in story text
     $template = 'headlines.thtml';
     $px = explode(' ', trim($p2));
     if (is_array($px)) {
         foreach ($px as $part) {
             if (substr($part, 0, 8) == 'display:') {
                 $a = explode(':', $part);
                 $display = $a[1];
             } elseif (substr($part, 0, 5) == 'meta:') {
                 $a = explode(':', $part);
                 $meta = $a[1];
             } elseif (substr($part, 0, 10) == 'titlelink:') {
                 $a = explode(':', $part);
                 $titleLink = $a[1];
             } elseif (substr($part, 0, 9) == 'featured:') {
                 $a = explode(':', $part);
                 $featured = $a[1];
             } elseif (substr($part, 0, 10) == 'frontpage:') {
                 $a = explode(':', $part);
                 $frontpage = (int) $a[1];
             } elseif (substr($part, 0, 5) == 'cols:') {
                 $a = explode(':', $part);
                 $cols = $a[1];
             } elseif (substr($part, 0, 9) == 'template:') {
                 $a = explode(':', $part);
                 $template = $a[1];
             } elseif (substr($part, 0, 9) == 'truncate:') {
                 $a = explode(':', $part);
                 $truncate = (int) $a[1];
             } else {
         if ($skip != 0) {
             if (count($px) > $skip) {
                 for ($i = 0; $i < $skip; $i++) {
                 $caption = trim(implode(' ', $px));
             } else {
                 $caption = '';
     } else {
         $caption = trim($p2);
     if ($display < 0) {
         $display = 3;
     $hash = CACHE_security_hash();
     $instance_id = 'whatsnew_headlines_' . $uniqueID . '_' . $hash . '_' . $_USER['theme'];
     if (($cache = CACHE_check_instance($instance_id, 0)) !== FALSE) {
         return $cache;
     $archivetid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1");
     $sql = " (date <= NOW()) AND (draft_flag = 0)";
     if (empty($topic)) {
         $sql .= COM_getLangSQL('tid', 'AND', 's');
     // if a topic was provided only select those stories.
     if (!empty($topic)) {
         $sql .= " AND s.tid = '" . DB_escapeString($topic) . "' ";
     if ($featured == 1) {
         $sql .= " AND s.featured = 1 ";
     } else {
         if ($featured == 2) {
             $sql .= " AND s.featured = 0 ";
     if ($frontpage == 1) {
         $sql .= " AND frontpage = 1 ";
     if ($topic != $archivetid) {
         $sql .= " AND s.tid != '{$archivetid}' ";
     $sql .= COM_getPermSQL('AND', 0, 2, 's');
     $sql .= COM_getTopicSQL('AND', 0, 's') . ' ';
     $userfields = 'u.uid, u.username, u.fullname';
     if ($_CONF['allow_user_photo'] == 1) {
         $userfields .= ', u.photo';
         if ($_CONF['use_gravatar']) {
             $userfields .= ', u.email';
     $orderBy = ' date DESC ';
     $headlinesSQL = "SELECT STRAIGHT_JOIN s.*, UNIX_TIMESTAMP(s.date) AS unixdate, " . 'UNIX_TIMESTAMP(s.expire) as expireunix, ' . $userfields . ", t.topic, t.imageurl " . "FROM {$_TABLES['stories']} AS s, {$_TABLES['users']} AS u, " . "{$_TABLES['topics']} AS t WHERE (s.uid = u.uid) AND (s.tid = t.tid) AND" . $sql . "ORDER BY featured DESC," . $orderBy;
     if ($display > 0) {
         $headlinesSQL .= " LIMIT " . $display;
     $result = DB_query($headlinesSQL);
     $numRows = DB_numRows($result);
     if ($numRows < $cols) {
         $cols = $numRows;
     if ($cols > 6) {
         $cols = 6;
     if ($numRows > 0) {
         $T = new Template($_CONF['path'] . 'system/autotags/');
         $T->set_file('page', $template);
         $T->set_var('columns', $cols);
         $T->set_block('page', 'headlines', 'hl');
         $newstories = array();
         while ($A = DB_fetchArray($result)) {
             if ($A['attribution_author'] != '') {
                 $author = $A['attribution_author'];
             } else {
                 $author = $A['username'];
             $title = COM_undoSpecialChars($A['title']);
             $title = str_replace('&nbsp;', ' ', $title);
             $subtitle = COM_undoSpecialChars($A['subtitle']);
             if ($A['story_image'] != '') {
                 $story_image = $_CONF['site_url'] . $A['story_image'];
             } else {
                 $story_image = '';
             $A['introtext'] = STORY_renderImages($A['sid'], $A['introtext']);
             if (!empty($A['bodytext'])) {
                 $closingP = strrpos($A['introtext'], "</p>");
                 if ($closingP !== FALSE) {
                     $text = substr($A['introtext'], 0, $closingP);
                     $A['introtext'] = $text;
                 // adds the read more link
                 $T->set_var('readmore_url', COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']));
                 $T->set_var('lang_readmore', $LANG01['continue_reading']);
             if ($truncate > 0) {
                 $A['introtext'] = $this->truncateHTML($A['introtext'], $truncate, '...');
             $topicurl = $_CONF['site_url'] . '/index.php?topic=' . $A['tid'];
             if ($A['commentcode'] >= 0) {
                 $cmtLinkArray = CMT_getCommentLinkWithCount('article', $A['sid'], $_CONF['site_url'] . '/article.php?story=' . $A['sid'], $A['comments'], 1);
                 $T->set_var(array('lang_comments' => '', 'comments_count' => $cmtLinkArray['comment_count'], 'comments_url' => $cmtLinkArray['url'], 'comments_url_extra' => $cmtLinkArray['url_extra']));
             } else {
             $T->set_var(array('titlelink' => $titleLink ? TRUE : '', 'meta' => $meta ? TRUE : '', 'lang_by' => $LANG01[95], 'lang_posted_in' => $LANG01['posted_in'], 'story_topic_url' => $topicurl, 'title' => $title, 'subtitle' => $subtitle, 'story_image' => $story_image, 'text' => PLG_replaceTags($A['introtext']), 'date' => $A['date'], 'time' => $dt->format('Y-m-d', true) . 'T' . $dt->format('H:i:s', true), 'topic' => $A['topic'], 'tid' => $A['tid'], 'author' => $author, 'author_id' => $A['uid'], 'sid' => $A['sid'], 'short_date' => $dt->format($_CONF['shortdate'], true), 'date_only' => $dt->format($_CONF['dateonly'], true), 'date' => $dt->format($dt->getUserFormat(), true), 'url' => COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']), 'attribution_url' => $A['attribution_url'], 'attribution_name' => $A['attribution_name']));
             $T->parse('hl', 'headlines', true);
         $retval = $T->finish($T->parse('output', 'page'));
         CACHE_create_instance($instance_id, $retval, 0);
     return $retval;
Ejemplo n.º 8
function FF_postEditor($postData, $forumData, $action, $viewMode)
    global $_CONF, $_TABLES, $_FF_CONF, $FF_userprefs, $_USER, $LANG_GF01, $LANG_GF02, $LANG_GF10, $REMOTE_ADDR;
    $retval = '';
    $editmoderator = false;
    $numAttachments = 0;
    $edit_val = '';
    $sticky_val = '';
    $locked_val = '';
    if (COM_isAnonUser()) {
        $uid = 1;
    } else {
        $uid = $_USER['uid'];
    // initialize defaults
    if ($_FF_CONF['bbcode_disabled']) {
        $disable_bbcode_val = ' checked="checked"';
    } else {
        $disable_bbcode_val = '';
    if ($_FF_CONF['smilies_disabled']) {
        $disable_smilies_val = ' checked="checked"';
    } else {
        $disable_smilies_val = '';
    if ($_FF_CONF['urlparse_disabled']) {
        $disable_urlparse_val = ' checked="checked"';
    } else {
        $disable_urlparse_val = '';
    // check postmode
    if (isset($postData['postmode'])) {
        // this means we are editing or previewing (or both)
        if (isset($postData['postmode_switch'])) {
            // means they selected a switch
            $chkpostmode = _ff_chkpostmode($postData['postmode'], $postData['postmode_switch']);
            if ($chkpostmode != $postData['postmode']) {
                $postData['postmode'] = $chkpostmode;
                $postData['postmode_switch'] = 0;
    } else {
        if ($_FF_CONF['post_htmlmode'] && $_FF_CONF['allow_html']) {
            $postData['postmode'] = 'html';
        } else {
            $postData['postmode'] = 'text';
    // verify postmode is allowed
    if ($postData['postmode'] == 'html' || $postData['postmode'] == 'HTML') {
        if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
            $postData['postmode'] = 'html';
        } else {
            $postData['postmode'] = 'text';
    $postData['postmode_switch'] = 0;
    // action specific setup
    if ($action == 'edittopic' || $viewMode) {
        // need to see what options were checked...
        $status = 0;
        // get our options...
        if (isset($postData['disable_bbcode']) && $postData['disable_bbcode'] == 1) {
            $disable_bbcode_val = ' checked="checked"';
            $status += DISABLE_BBCODE;
        } else {
            $disable_bbcode_val = '';
        if (isset($postData['disable_smilies']) && $postData['disable_smilies'] == 1) {
            $disable_smilies_val = ' checked="checked"';
            $status += DISABLE_SMILIES;
        } else {
            $disable_smilies_val = '';
        if (isset($postData['disable_urlparse']) && $postData['disable_urlparse'] == 1) {
            $disable_urlparse_val = ' checked="checked"';
            $status += DISABLE_URLPARSE;
        } else {
            $disable_urlparse_val = '';
    // create our template
    $peTemplate = new Template($_CONF['path'] . 'plugins/forum/templates/');
    $peTemplate->set_file('posteditor', 'posteditor.thtml');
    if ($postData['postmode'] == 'html') {
        $peTemplate->set_var('html_mode', true);
    } else {
    if ($viewMode == PREVIEW_VIEW) {
        $peTemplate->set_var('preview_post', FF_previewPost($postData, $action));
    $uniqueid = isset($postData['uniqueid']) ? COM_applyFilter($postData['uniqueid'], true) : mt_rand();
    $peTemplate->set_var('uniqueid', $uniqueid);
    if (SEC_inGroup($postData['use_attachment_grpid']) && $_FF_CONF['maxattachments'] > 0) {
        $peTemplate->set_var('use_attachments', true);
    if ($action == 'newtopic') {
        $peTemplate->set_var('save_button', 'savetopic');
        $postmessage = $LANG_GF02['PostTopic'];
        $peTemplate->set_var('hidden_action', 'newtopic');
    if ($action == 'edittopic') {
        $peTemplate->set_var('save_button', 'saveedit');
        if (isset($postData['forum']) && forum_modPermission($postData['forum'], $_USER['uid'], 'mod_edit')) {
            $editmoderator = true;
            $peTemplate->set_var('hidden_modedit', '1');
        } else {
            $peTemplate->set_var('hidden_modedit', '0');
            $editmoderator = false;
        $postmessage = $LANG_GF02['EditTopic'];
        $peTemplate->set_var('hidden_action', 'edittopic');
        $peTemplate->set_var('hidden_editpost', 'yes');
        if ($editmoderator) {
            $username = $postData['name'];
        } elseif ($postData['uid'] > 1) {
            $username = COM_getDisplayName($postData['uid']);
        $postData['comment'] = str_ireplace('</textarea>', '&lt;/textarea&gt;', $postData['comment']);
        if (isset($postData['pid'])) {
            $peTemplate->set_var('hidden_editpid', $postData['pid']);
        $peTemplate->set_var('hidden_editid', $postData['id']);
        $edit_prompt = $LANG_GF02['msg190'] . '<br/><input type="checkbox" name="silentedit" ';
        if (isset($postData['silentedit']) && $postData['silentedit'] == 1 or !isset($postData['modedit']) and $_FF_CONF['silent_edit_default']) {
            $edit_prompt .= 'checked="checked" ';
            $edit_val = ' checked="checked" ';
        } else {
            $edit_val = '';
        $edit_prompt .= 'value="1"/>';
        $peTemplate->set_var('attachments', '<div id="fileattachlist">' . _ff_showattachments($postData['id'], 'edit') . '</div>');
        $numAttachments = DB_Count($_TABLES['ff_attachments'], 'topic_id', $postData['id']);
        $allowedAttachments = $_FF_CONF['maxattachments'] - $numAttachments;
        $peTemplate->set_var('fcounter', $allowedAttachments);
    } else {
        $numAttachments = (int) DB_Count($_TABLES['ff_attachments'], 'topic_id', $uniqueid);
        $allowedAttachments = $_FF_CONF['maxattachments'] - $numAttachments;
        $peTemplate->set_var('fcounter', $allowedAttachments);
        $peTemplate->set_var('attachments', '');
        if ($uniqueid > 0) {
            $peTemplate->set_var('attachments', '<div id="fileattachlist">' . _ff_showattachments($uniqueid, 'edit') . '</div>');
        $edit_prompt = '&nbsp;';
    if ($action == 'newreply') {
        $peTemplate->set_var('save_button', 'savereply');
        $postmessage = $LANG_GF02['PostReply'];
        $peTemplate->set_var('hidden_action', 'newreply');
        if (!$viewMode) {
            $postData['subject'] = $LANG_GF01['RE'] . $postData['subject'];
        $quoteid = isset($_GET['quoteid']) ? COM_applyFilter($_GET['quoteid'], true) : 0;
        $postData['mood'] = '';
        if ($quoteid > 0 && !$viewMode) {
            $quotesql = DB_query("SELECT * FROM {$_TABLES['ff_topic']} WHERE id=" . (int) $quoteid);
            $quotearray = DB_fetchArray($quotesql);
            $quotearray['name'] = urldecode($quotearray['name']);
            $quotearray['comment'] = $quotearray['comment'];
            $postData['comment'] = sprintf($_FF_CONF['quoteformat'], $quotearray['name'], $quotearray['comment']);
        $postData['editpid'] = $postData['id'];
    if ($_FF_CONF['use_sfs']) {
        $peTemplate->set_var('usesfs', 1);
    if (COM_isAnonUser()) {
        if (!$_FF_CONF['use_sfs']) {
            $postData['email'] = '';
        $peTemplate->set_var('anonymous_user', true);
        $peTemplate->set_var('post_message', $postmessage);
        $peTemplate->set_var('LANG_NAME', $LANG_GF02['msg33']);
        $peTemplate->set_var('name', htmlentities(strip_tags(COM_checkWords(trim(USER_sanitizeName(isset($postData['name']) ? $postData['name'] : ''))))), ENT_COMPAT, COM_getEncodingt());
        if (isset($postData['email'])) {
            $peTemplate->set_var('email', strip_tags($postData['email']));
    } else {
        $peTemplate->set_var('member_user', true);
        $peTemplate->set_var('post_message', $postmessage);
        $peTemplate->set_var('LANG_NAME', $LANG_GF02['msg33']);
        if (!isset($username) or $username == '') {
            if ($action == 'edittopic') {
                if ($editmoderator) {
                    $username = $postData['name'];
                } else {
                    $username = COM_getDisplayName($_USER['uid']);
            } else {
                $username = COM_getDisplayName($_USER['uid']);
        $peTemplate->set_var('username', $username);
        $peTemplate->set_var('xusername', urlencode($username));
    $moodoptions = '';
    if ($_FF_CONF['show_moods']) {
        if (isset($postData['mood']) && $postData['mood'] != '') {
            $postData['mood'] = COM_applyFilter($postData['mood']);
        if (!isset($postData['mood']) || $postData['mood'] == '') {
            $moodoptions = '<option value="" selected="selected">' . $LANG_GF01['NOMOOD'] . '</option>';
        if ($dir = @opendir($_CONF['path_html'] . '/forum/images/moods')) {
            while (($file = readdir($dir)) !== false) {
                if (strlen($file) > 3 && substr(strtolower(trim($file)), -4, 4) == '.gif') {
                    $file = str_replace(array('.gif', '.jpg'), array('', ''), $file);
                    if (isset($postData['mood']) && $file == $postData['mood']) {
                        $moodoptions .= "<option selected=\"selected\">" . $file . "</option>";
                    } else {
                        $moodoptions .= "<option>" . $file . "</option>";
                } else {
                    $moodoptions .= '';
        $peTemplate->set_var('LANG_MOOD', $LANG_GF02['msg36']);
        $peTemplate->set_var('moodoptions', $moodoptions);
    $sub_dot = '...';
    $sub_none = '';
    $postData['subject'] = str_replace($sub_dot, $sub_none, $postData['subject']);
    if ($_FF_CONF['allow_smilies']) {
        $peTemplate->set_var('smiley_enabled', true);
    if ($_FF_CONF['allow_img_bbcode']) {
        $peTemplate->set_var('allow_img_bbcode', true);
    // if this is the first time showing the new submission form - then check if notify option should be on
    if (!$viewMode) {
        if (isset($postData['editpid']) && $postData['editpid'] > 0) {
            $notifyTopicid = $postData['editpid'];
        } else {
            $notifyTopicid = $postData['id'];
        if (!isset($postData['forum'])) {
            $postData['forum'] = '';
        if (DB_getItem($_TABLES['ff_userprefs'], 'alwaysnotify', "uid=" . (int) $uid) == 1 or FF_isSubscribed($postData['forum'], $notifyTopicid, $uid)) {
            $postData['notify'] = 'on';
            // check and see if user has un-subscribed to this topic
            $nid = -$notifyTopicid;
            if ($notifyTopicid > 0 and DB_getItem($_TABLES['subscriptions'], 'id', "type='forum' AND category=" . (int) $postData['forum'] . " AND id={$nid} AND uid={$uid}") > 1) {
                $postData['notify'] = '';
        } else {
            $postData['notify'] = '';
    if ($editmoderator) {
        if (isset($postData['notify']) && $postData['notify'] == 'on' or isset($postData['notify']) && $postData['notify'] == 'on') {
            $notify_val = 'checked="checked"';
        } else {
            $notify_val = '';
        $notify_prompt = $LANG_GF02['msg38'] . '<br/><input type="checkbox" name="notify" value="on" ' . $notify_val . '/>';
        // check that this is the parent topic - only able to make it skicky or locked
        if (!isset($postData['pid']) || $postData['pid'] == 0) {
            if (!isset($locked_val) and !isset($sticky_val) and $action == 'edittopic') {
                if (!isset($postData['locked_switch']) and isset($postData['locked']) && $postData['locked'] == 1 or isset($postData['locked_switch']) && $postData['locked_switch'] == 1) {
                    $locked_val = 'checked="checked"';
                } else {
                    $locked_val = '';
                if (!isset($postData['sticky_switch']) and isset($postData['sticky']) && $postData['sticky'] == 1 or isset($postData['sticky_switch']) && $postData['sticky_switch'] == 1) {
                    $sticky_val = 'checked="checked"';
                } else {
                    $sticky_val = '';
            $locked_prompt = $LANG_GF02['msg109'] . '<br/><input type="checkbox" name="locked_switch" ' . $locked_val . ' value="1"/>';
            $sticky_prompt = $LANG_GF02['msg61'] . '<br/><input type="checkbox" name="sticky_switch" ' . $sticky_val . ' value="1"/>';
        } else {
            $locked_prompt = '';
            $sticky_prompt = '';
    } else {
        if ($uid > 1) {
            if (isset($postData['notify']) && $postData['notify'] == 'on') {
                $notify_val = 'checked="checked"';
            } else {
                $notify_val = '';
            $notify_prompt = $LANG_GF02['msg38'] . '<br/><input type="checkbox" name="notify" ' . $notify_val . '/>';
            $locked_prompt = '';
        } else {
            $notify_prompt = '';
            $locked_prompt = '';
    if ($postData['postmode'] == 'html' || $postData['postmode'] == 'HTML') {
        $postmode_msg = $LANG_GF01['TEXTMODE'];
        $postData['postmode'] = 'html';
    } else {
        $postmode_msg = $LANG_GF01['HTMLMODE'];
    if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
        if ($action == 'edittopic') {
            $mode_prompt = $postmode_msg . '<br/><input type="checkbox" name="postmode_switch" value="1"/><input type="hidden" name="postmode" value="' . $postData['postmode'] . '"/>';
    if ($action == 'edittopic') {
        $peTemplate->set_var('bbcodeeditor', true);
    $postData['subject'] = str_replace('"', '&quot;', $postData['subject']);
    if (!$_FF_CONF['allow_smilies']) {
        $smilies = '';
    } else {
        $smilies = forumPLG_showsmilies(0);
    $disable_bbcode_prompt = $LANG_GF01['disable_bbcode'] . '&nbsp;<input type="checkbox" name="disable_bbcode" value="1" ' . $disable_bbcode_val . '/>';
    if ($_FF_CONF['allow_smilies']) {
        $disable_smilies_prompt = $LANG_GF01['disable_smilies'] . '&nbsp;<input type="checkbox" name="disable_smilies" value="1"' . $disable_smilies_val . ' />';
    } else {
        $disable_smilies_prompt = '';
    $disable_urlparse_prompt = $LANG_GF01['disable_urlparse'] . '&nbsp;<input type="checkbox" name="disable_urlparse" value="1"' . $disable_urlparse_val . ' />';
    $peTemplate->set_var('comment', @htmlspecialchars($postData['comment'], ENT_QUOTES, COM_getEncodingt()));
    $peTemplate->set_var(array('edit_val' => $edit_val, 'sticky_val' => $sticky_val, 'postmode_msg' => $postmode_msg, 'notify_val' => $notify_val, 'disable_bbcode_val' => $disable_bbcode_val, 'disable_smilies_val' => $disable_smilies_val, 'disable_urlparse_val' => $disable_urlparse_val, 'bbcode_prompt' => $disable_bbcode_prompt, 'smilies_prompt' => $disable_smilies_prompt, 'urlparse_prompt' => $disable_urlparse_prompt, 'LANG_SUBJECT' => $LANG_GF01['SUBJECT'], 'LANG_OPTIONS' => $LANG_GF01['OPTIONS'], 'mode_prompt' => isset($mode_prompt) ? $mode_prompt : '', 'notify_prompt' => $notify_prompt, 'locked_prompt' => $locked_prompt, 'sticky_prompt' => isset($sticky_prompt) ? $sticky_prompt : '', 'edit_prompt' => $edit_prompt, 'LANG_SUBMIT' => $LANG_GF01['SUBMIT'], 'LANG_PREVIEW' => $LANG_GF01['PREVIEW'], 'subject' => $postData['subject'], 'smilies' => $smilies, 'LANG_attachments' => $LANG_GF10['attachments'], 'LANG_maxattachments' => sprintf($LANG_GF10['maxattachments'], $_FF_CONF['maxattachments']), 'postmode' => $postData['postmode']));
    // Check and see if the filemgmt plugin is installed and enabled
    if (function_exists('filemgmt_buildAccessSql') && $_FF_CONF['enable_fm_integration'] == 1) {
        $peTemplate->set_var('filemgmt_category_options', gf_makeFilemgmtCatSelect($uid));
        $peTemplate->set_var('LANG_usefilemgmt', $LANG_GF10['usefilemgmt']);
        $peTemplate->set_var('LANG_description', $LANG_GF10['description']);
        $peTemplate->set_var('LANG_category', $LANG_GF10['category']);
    } else {
        $peTemplate->set_var('show_filemgmt_option', 'none');
    if (COM_isAnonUser()) {
        $peTemplate->set_var('hide_notify', 'none');
    if (function_exists('plugin_templatesetvars_captcha')) {
        plugin_templatesetvars_captcha('forum', $peTemplate);
    } else {
        $peTemplate->set_var('captcha', '');
    if ($postData['id'] > 0) {
        $peTemplate->set_var('topic_id', $postData['id']);
    $peTemplate->set_var(array('navbreadcrumbsimg' => _ff_getImage('nav_breadcrumbs'), 'navtopicimg' => _ff_getImage('nav_topic'), 'form_action' => $_CONF['site_url'] . '/forum/createtopic.php', 'referer' => $forumData['referer'], 'forum_id' => $forumData['forum'], 'cat_name' => $postData['cat_name'], 'cat_id' => $forumData['forum_cat'], 'forum_name' => $postData['forum_name'], 'subject' => @htmlspecialchars($postData['subject'], ENT_QUOTES, COM_getEncodingt()), 'LANG_HOME' => $LANG_GF01['HOMEPAGE'], 'forum_home' => $LANG_GF01['INDEXPAGE'], 'hidden_id' => $postData['id'], 'page' => $forumData['page'], 'LANG_bhelp' => $LANG_GF01['b_help'], 'LANG_ihelp' => $LANG_GF01['i_help'], 'LANG_uhelp' => $LANG_GF01['u_help'], 'LANG_qhelp' => $LANG_GF01['q_help'], 'LANG_chelp' => $LANG_GF01['c_help'], 'LANG_lhelp' => $LANG_GF01['l_help'], 'LANG_ohelp' => $LANG_GF01['o_help'], 'LANG_phelp' => $LANG_GF01['p_help'], 'LANG_whelp' => $LANG_GF01['w_help'], 'LANG_ahelp' => $LANG_GF01['a_help'], 'LANG_shelp' => $LANG_GF01['s_help'], 'LANG_fhelp' => $LANG_GF01['f_help'], 'LANG_hhelp' => $LANG_GF01['h_help'], 'LANG_thelp' => $LANG_GF01['t_help'], 'LANG_ehelp' => $LANG_GF01['e_help'], 'LANG_code' => $LANG_GF01['CODE'], 'LANG_fontcolor' => $LANG_GF01['FONTCOLOR'], 'LANG_fontsize' => $LANG_GF01['FONTSIZE'], 'LANG_closetags' => $LANG_GF01['CLOSETAGS'], 'LANG_codetip' => $LANG_GF01['CODETIP'], 'LANG_tiny' => $LANG_GF01['TINY'], 'LANG_small' => $LANG_GF01['SMALL'], 'LANG_normal' => $LANG_GF01['NORMAL'], 'LANG_large' => $LANG_GF01['LARGE'], 'LANG_huge' => $LANG_GF01['HUGE'], 'LANG_default' => $LANG_GF01['DEFAULT'], 'LANG_dkred' => $LANG_GF01['DKRED'], 'LANG_red' => $LANG_GF01['RED'], 'LANG_orange' => $LANG_GF01['ORANGE'], 'LANG_brown' => $LANG_GF01['BROWN'], 'LANG_yellow' => $LANG_GF01['YELLOW'], 'LANG_green' => $LANG_GF01['GREEN'], 'LANG_olive' => $LANG_GF01['OLIVE'], 'LANG_cyan' => $LANG_GF01['CYAN'], 'LANG_blue' => $LANG_GF01['BLUE'], 'LANG_dkblue' => $LANG_GF01['DKBLUE'], 'LANG_indigo' => $LANG_GF01['INDIGO'], 'LANG_violet' => $LANG_GF01['VIOLET'], 'LANG_white' => $LANG_GF01['WHITE'], 'LANG_black' => $LANG_GF01['BLACK']));
    $peTemplate->set_var('token_name', CSRF_TOKEN);
    $peTemplate->set_var('token', SEC_createToken());
    $peTemplate->set_var('postmode', $postData['postmode']);
    if ($_FF_CONF['use_wysiwyg_editor'] && $postData['postmode'] == 'html') {
        // hook into wysiwyg here
        switch (PLG_getEditorType()) {
            case 'ckeditor':
                $peTemplate->set_var('show_htmleditor', true);
                PLG_requestEditor('forum', 'forum_entry', 'ckeditor_forum.thtml');
                PLG_templateSetVars('forum_entry', $peTemplate);
            case 'tinymce':
                $peTemplate->set_var('show_htmleditor', true);
                PLG_requestEditor('forum', 'forum_entry', 'tinymce_forum.thtml');
                PLG_templateSetVars('forum_entry', $peTemplate);
                // don't support others right now
    $peTemplate->parse('output', 'posteditor');
    $retval .= $peTemplate->finish($peTemplate->get_var('output'));
    $urlfor = 'advancededitor';
    if ($uid == 1) {
        $urlfor = 'advancededitor' . md5($REMOTE_ADDR);
    SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral($urlfor), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
    if (!isset($_POST['editpost'])) {
        $_POST['editpost'] = '';
    if ($action != 'newtopic' && $_POST['editpost'] != 'yes' && ($action == 'newreply' || $viewMode)) {
        if ($FF_userprefs['showiframe']) {
            $retval .= "<iframe src=\"{$_CONF['site_url']}/forum/viewtopic.php?mode=preview&amp;showtopic=" . $postData['id'] . "&amp;onlytopic=1&amp;lastpost=true\" height=\"300\" width=\"100%\"></iframe>";
    return $retval;
Ejemplo n.º 9
function displayMenuChildren($type, $elements, $template_file)
    global $_CONF;
    $retval = '';
    $C = new Template($_CONF['path_layout'] . '/menu/');
    $C->set_file(array('page' => $template_file));
    $C->set_block('page', 'Elements', 'element');
    $lastElement = end($elements);
    foreach ($elements as $child) {
        $C->set_var(array('label' => $child['label'], 'url' => $child['url']));
        if (isset($child['target'])) {
            $C->set_var(array('target' => $child['target'] == '' ? '' : ' target="' . $child['target'] . '" '));
        } else {
            $C->set_var('target', '');
        if (isset($child['children']) && $child['children'] != NULL && is_array($child['children'])) {
            $C->set_var('hasparent', true);
            $childHTML = displayMenuChildren($type, $child['children'], $template_file);
            $C->set_var('haschildren', true);
            $C->set_var('children', $childHTML);
        if ($child == $lastElement) {
            $C->set_var('last', true);
        } else {
        $C->parse('element', 'Elements', true);
    $C->parse('output', 'page');
    $retval = $C->finish($C->get_var('output'));
    return $retval;
Ejemplo n.º 10
* Shows story editor
* Displays the story entry form
* @param    string      $sid            ID of story to edit
* @param    string      $action         'preview', 'edit', 'moderate', 'draft'
* @param    string      $errormsg       a message to display on top of the page
* @param    string      $currenttopic   topic selection for drop-down menu
* @return   string      HTML for story editor
function STORY_edit($sid = '', $action = '', $errormsg = '', $currenttopic = '')
    $display = '';
    switch ($action) {
        case 'clone':
        case 'edit':
        case 'preview':
        case 'error':
            $title = $LANG24[5];
            $saveoption = $LANG_ADMIN['save'];
            $submission = false;
        case 'moderate':
            $title = $LANG24[90];
            $saveoption = $LANG_ADMIN['moderate'];
            $submission = true;
        case 'draft':
            $title = $LANG24[91];
            $saveoption = $LANG_ADMIN['save'];
            $submission = true;
            $action = 'edit';
            $title = $LANG24[5];
            $saveoption = $LANG_ADMIN['save'];
            $submission = false;
            $action = 'edit';
    // Load HTML templates
    $story_templates = new Template($_CONF['path_layout'] . 'admin/story');
    $story_templates->set_file(array('editor' => 'storyeditor.thtml'));
    if (!isset($_CONF['hour_mode'])) {
        $_CONF['hour_mode'] = 12;
    if (!empty($errormsg)) {
        $display .= COM_showMessageText($errormsg, $LANG24[25], true);
    if (!empty($currenttopic)) {
        $allowed = DB_getItem($_TABLES['topics'], 'tid', "tid = '" . DB_escapeString($currenttopic) . "'" . COM_getTopicSql('AND'));
        if ($allowed != $currenttopic) {
            $currenttopic = '';
    $story = new Story();
    if ($action == 'preview' || $action == 'error') {
        while (list($key, $value) = each($_POST)) {
            if (!is_array($value)) {
                $_POST[$key] = $value;
            } else {
                while (list($subkey, $subvalue) = each($value)) {
                    $value[$subkey] = $subvalue;
        $result = $story->loadFromArgsArray($_POST);
    } else {
        $result = $story->loadFromDatabase($sid, $action);
    if ($result == STORY_PERMISSION_DENIED || $result == STORY_NO_ACCESS_PARAMS) {
        $display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied'], true);
        COM_accessLog("User {$_USER['username']} tried to access story {$sid}. - STORY_PERMISSION_DENIED or STORY_NO_ACCESS_PARAMS - " . $result);
        return $display;
    } elseif ($result == STORY_EDIT_DENIED || $result == STORY_EXISTING_NO_EDIT_PERMISSION) {
        $display .= COM_showMessageText($LANG24[41], $LANG_ACCESS['accessdenied'], true);
        $display .= STORY_renderArticle($story, 'p');
        COM_accessLog("User {$_USER['username']} tried to illegally edit story {$sid}. - STORY_EDIT_DENIED or STORY_EXISTING_NO_EDIT_PERMISSION");
        return $display;
    } elseif ($result == STORY_INVALID_SID) {
        if ($action == 'moderate') {
            // that submission doesn't seem to be there any more (may have been
            // handled by another Admin) - take us back to the moderation page
            echo COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
        } else {
            echo COM_refresh($_CONF['site_admin_url'] . '/story.php');
    } elseif ($result == STORY_DUPLICATE_SID) {
        $story_templates->set_var('error_message', $LANG24[24]);
    } elseif ($result == STORY_EMPTY_REQUIRED_FIELDS) {
        $story_templates->set_var('error_message', $LANG24[31]);
    if (empty($currenttopic) && $story->EditElements('tid') == '') {
        $story->setTid(DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND')));
    } else {
        if ($story->EditElements('tid') == '') {
    if (SEC_hasRights('story.edit')) {
        $allowedTopicList = COM_topicList('tid,topic', $story->EditElements('tid'), 1, true, 0);
        $allowedAltTopicList = '<option value="">' . $LANG33[44] . '</option>' . COM_topicList('tid,topic', $story->EditElements('alternate_tid'), 1, true, 0);
    } else {
        $allowedTopicList = COM_topicList('tid,topic', $story->EditElements('tid'), 1, true, 3);
        $allowedAltTopicList = '<option value="">' . $LANG33[44] . '</option>' . COM_topicList('tid,topic', $story->EditElements('alternate_tid'), 1, true, 3);
    if ($allowedTopicList == '') {
        $display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied'], true);
        COM_accessLog("User {$_USER['username']} tried to illegally access story {$sid}. No allowed topics.");
        return $display;
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/story.php', 'text' => $LANG_ADMIN['story_list']), array('url' => $_CONF['site_admin_url'] . '/moderation.php', 'text' => $LANG_ADMIN['submissions']));
    if (SEC_inGroup('Root')) {
        $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/story.php?global=x', 'text' => 'Global Settings');
    $menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']);
    require_once $_CONF['path_system'] . 'classes/navbar.class.php';
    $story_templates->set_var('hour_mode', $_CONF['hour_mode']);
    if ($story->hasContent()) {
        $previewContent = STORY_renderArticle($story, 'p');
        if ($previewContent != '') {
            $story_templates->set_var('preview_content', $previewContent);
    $navbar = new navbar();
    if (!empty($previewContent)) {
        $navbar->add_menuitem($LANG24[79], 'showhideEditorDiv("preview",0);return false;', true);
        $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",1);return false;', true);
        $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",2);return false;', true);
        $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",3);return false;', true);
        $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",4);return false;', true);
        $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",5);return false;', true);
        $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",6);return false;', true);
    } else {
        $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",0);return false;', true);
        $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",1);return false;', true);
        $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",2);return false;', true);
        $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",3);return false;', true);
        $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",4);return false;', true);
        $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",5);return false;', true);
    if ($action == 'preview') {
        $story_templates->set_var('show_preview', '');
        $story_templates->set_var('show_htmleditor', 'none');
        $story_templates->set_var('show_texteditor', 'none');
        $story_templates->set_var('show_submitoptions', 'none');
    } else {
        $story_templates->set_var('show_preview', 'none');
    $story_templates->set_var('navbar', $navbar->generate());
    $story_templates->set_var('start_block', COM_startBlock($title, '', COM_getBlockTemplate('_admin_block', 'header')));
    // start generating the story editor block
    $story_templates->set_var('block_start', COM_startBlock($title, '', COM_getBlockTemplate('_admin_block', 'header')));
    $oldsid = $story->EditElements('originalSid');
    if (!empty($oldsid)) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="deletestory"%s/>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $story_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $story_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        $story_templates->set_var('lang_delete_confirm', $MESSAGE[76]);
    if ($submission || $story->type == 'submission') {
        $story_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"/>');
    $story_templates->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG24[92], $_CONF['layout_url'] . '/images/icons/story.' . $_IMAGE_TYPE));
    $story_templates->set_var('lang_author', $LANG24[7]);
    $storyauthor = COM_getDisplayName($story->EditElements('uid'));
    $storyauthor_select = COM_optionList($_TABLES['users'], 'uid,username', $story->EditElements('uid'));
    $story_templates->set_var('story_author', $storyauthor);
    $story_templates->set_var('story_author_select', $storyauthor_select);
    $story_templates->set_var('author', $storyauthor);
    $story_templates->set_var('story_uid', $story->EditElements('uid'));
    // user access info
    $story_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $story_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($story->EditElements('owner_id'));
    $story_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', 'uid = ' . (int) $story->EditElements('owner_id')));
    $story_templates->set_var('owner_name', $ownername);
    $story_templates->set_var('owner', $ownername);
    $story_templates->set_var('owner_id', $story->EditElements('owner_id'));
    if (SEC_hasRights('story.edit')) {
        $story_templates->set_var('owner_dropdown', COM_buildOwnerList('owner_id', $story->EditElements('owner_id')));
    } else {
        $ownerInfo = '<input type="hidden" name="owner_id" value="' . $story->editElements('owner_id') . '" />' . $ownername;
        $story_templates->set_var('owner_dropdown', $ownerInfo);
    $story_templates->set_var('lang_group', $LANG_ACCESS['group']);
    if (SEC_inGroup($story->EditElements('group_id'))) {
        $story_templates->set_var('group_dropdown', SEC_getGroupDropdown($story->EditElements('group_id'), 3));
    } else {
        $gdrpdown = '<input type="hidden" name="group_id" value="' . $story->EditElements('group_id') . '"/>';
        $grpddown .= DB_getItem($_TABLES['groups'], 'grp_name', 'grp_id=' . (int) $story->EditElements('group_id'));
        $story_templates->set_var('group_dropdown', $grpddown);
    $story_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $story_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $story_templates->set_var('permissions_editor', SEC_getPermissionsHTML($story->EditElements('perm_owner'), $story->EditElements('perm_group'), $story->EditElements('perm_members'), $story->EditElements('perm_anon')));
    $story_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $curtime = COM_getUserDateTimeFormat($story->EditElements('date'));
    $story_templates->set_var('lang_date', $LANG24[15]);
    $story_templates->set_var('publish_second', $story->EditElements('publish_second'));
    $publish_ampm = '';
    $publish_hour = $story->EditElements('publish_hour');
    if ($publish_hour >= 12) {
        if ($publish_hour > 12) {
            $publish_hour = $publish_hour - 12;
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    $ampm_select = COM_getAmPmFormSelection('publish_ampm', $ampm);
    $story_templates->set_var('publishampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('publish_month'));
    $story_templates->set_var('publish_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('publish_day'));
    $story_templates->set_var('publish_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('publish_year'));
    $story_templates->set_var('publish_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('publish_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($publish_hour);
    $story_templates->set_var('publish_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('publish_minute'));
    $story_templates->set_var('publish_minute_options', $minute_options);
    $story_templates->set_var('publish_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('unixdate'));
    $story_templates->set_var('expire_second', $story->EditElements('expire_second'));
    $expire_ampm = '';
    $expire_hour = $story->EditElements('expire_hour');
    if ($expire_hour >= 12) {
        if ($expire_hour > 12) {
            $expire_hour = $expire_hour - 12;
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    $ampm_select = COM_getAmPmFormSelection('expire_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="expire_ampm" value=""/>';
    $story_templates->set_var('expireampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('expire_month'));
    $story_templates->set_var('expire_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('expire_day'));
    $story_templates->set_var('expire_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('expire_year'));
    $story_templates->set_var('expire_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('expire_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($expire_hour);
    $story_templates->set_var('expire_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('expire_minute'));
    $story_templates->set_var('expire_minute_options', $minute_options);
    $story_templates->set_var('expire_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('expirestamp'));
    if ($story->EditElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked3', 'checked="checked"');
        $story_templates->set_var('showarchivedisabled', 'false');
    } elseif ($story->EditElements('statuscode') == STORY_DELETE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked4', 'checked="checked"');
        $story_templates->set_var('showarchivedisabled', 'false');
    } else {
        $story_templates->set_var('showarchivedisabled', 'true');
    $story_templates->set_var('lang_archivetitle', $LANG24[58]);
    $story_templates->set_var('lang_option', $LANG24[59]);
    $story_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
    $story_templates->set_var('lang_story_stats', $LANG24[87]);
    $story_templates->set_var('lang_optionarchive', $LANG24[61]);
    $story_templates->set_var('lang_optiondelete', $LANG24[62]);
    $story_templates->set_var('lang_title', $LANG_ADMIN['title']);
    $story_templates->set_var('story_title', $story->EditElements('title'));
    $story_templates->set_var('story_subtitle', $story->EditElements('subtitle'));
    $story_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
    $story_templates->set_var('lang_alt_topic', $LANG_ADMIN['alt_topic']);
    $story_templates->set_var('topic_options', $allowedTopicList);
    $story_templates->set_var('alt_topic_options', $allowedAltTopicList);
    $story_templates->set_var('lang_show_topic_icon', $LANG24[56]);
    if ($story->EditElements('show_topic_icon') == 1) {
        $story_templates->set_var('show_topic_icon_checked', 'checked="checked"');
    } else {
        $story_templates->set_var('show_topic_icon_checked', '');
    $story_templates->set_var('story_image_url', $story->EditElements('story_image'));
    $story_templates->set_var('lang_draft', $LANG24[34]);
    if ($story->EditElements('draft_flag')) {
        $story_templates->set_var('is_checked', 'checked="checked"');
        $story_templates->set_var('unpublished_selected', 'selected="selected"');
    } else {
        $story_templates->set_var('published_selected', 'selected="selected"');
    $story_templates->set_var('lang_mode', $LANG24[3]);
    $story_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $story->EditElements('statuscode')));
    $story_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $story->EditElements('commentcode')));
    $story_templates->set_var('trackback_options', COM_optionList($_TABLES['trackbackcodes'], 'code,name', $story->EditElements('trackbackcode')));
    // comment expire
    $story_templates->set_var('lang_cmt_disable', $LANG24[63]);
    if ($story->EditElements('cmt_close')) {
        $story_templates->set_var('is_checked5', 'checked="checked"');
        //check box if enabled
        $story_templates->set_var('showcmtclosedisabled', 'false');
    } else {
        $story_templates->set_var('showcmtclosedisabled', 'true');
    $month_options = COM_getMonthFormOptions($story->EditElements('cmt_close_month'));
    $story_templates->set_var('cmt_close_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('cmt_close_day'));
    $story_templates->set_var('cmt_close_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('cmt_close_year'));
    $story_templates->set_var('cmt_close_year_options', $year_options);
    $cmt_close_ampm = '';
    $cmt_close_hour = $story->EditElements('cmt_close_hour');
    //correct hour
    if ($cmt_close_hour >= 12) {
        if ($cmt_close_hour > 12) {
            $cmt_close_hour = $cmt_close_hour - 12;
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    $ampm_select = COM_getAmPmFormSelection('cmt_close_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="cmt_close_ampm" value="" />';
    $story_templates->set_var('cmt_close_ampm_selection', $ampm_select);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('cmt_close_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($cmt_close_hour);
    $story_templates->set_var('cmt_close_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('cmt_close_minute'));
    $story_templates->set_var('cmt_close_minute_options', $minute_options);
    $story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
    if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
        $featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
        $featured_options_data = COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured'));
        $story_templates->set_var('featured_options_data', $featured_options_data);
    } else {
        $featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"/>";
    $story_templates->set_var('featured_options', $featured_options);
    $story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
    $story_templates->set_var('story_introtext', $story->EditElements('introtext'));
    $story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
    $story_templates->set_var('lang_introtext', $LANG24[16]);
    $story_templates->set_var('lang_bodytext', $LANG24[17]);
    $story_templates->set_var('lang_postmode', $LANG24[4]);
    $story_templates->set_var('lang_publishoptions', $LANG24[76]);
    $story_templates->set_var('lang_publishdate', $LANG24[69]);
    $story_templates->set_var('lang_nojavascript', $LANG24[77]);
    $story_templates->set_var('postmode', $story->EditElements('postmode'));
    if ($story->EditElements('postmode') == 'plaintext' || $story->EditElements('postmode') == 'text') {
        $allowedHTML = '';
    } else {
        $allowedHTML = COM_allowedHTML(SEC_getUserPermissions(), false, 'glfusion', 'story') . '<br/>';
    $allowedHTML .= COM_allowedAutotags(SEC_getUserPermissions(), false, 'glfusion', 'story');
    $story_templates->set_var('lang_allowed_html', $allowedHTML);
    $fileinputs = '';
    $saved_images = '';
    if ($_CONF['maximagesperarticle'] > 0) {
        $story_templates->set_var('lang_images', $LANG24[47]);
        $icount = DB_count($_TABLES['article_images'], 'ai_sid', DB_escapeString($story->getSid()));
        if ($icount > 0) {
            $result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . DB_escapeString($story->getSid()) . "'");
            for ($z = 1; $z <= $icount; $z++) {
                $I = DB_fetchArray($result_articles);
                $saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . '&nbsp;&nbsp;&nbsp;' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']" /><br />';
        $newallowed = $_CONF['maximagesperarticle'] - $icount;
        for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
            $fileinputs .= $z . ') <input type="file" dir="ltr" name="file[]' . '" />';
            if ($z < $_CONF['maximagesperarticle']) {
                $fileinputs .= '<br />';
        $fileinputs .= '<br />' . $LANG24[51];
        if ($_CONF['allow_user_scaling'] == 1) {
            $fileinputs .= $LANG24[27];
        $fileinputs .= $LANG24[28] . '<br />';
    $story_templates->set_var('saved_images', $saved_images);
    $story_templates->set_var('image_form_elements', $fileinputs);
    $story_templates->set_var('lang_hits', $LANG24[18]);
    $story_templates->set_var('story_hits', $story->EditElements('hits'));
    $story_templates->set_var('lang_comments', $LANG24[19]);
    $story_templates->set_var('story_comments', $story->EditElements('comments'));
    $story_templates->set_var('lang_trackbacks', $LANG24[29]);
    $story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
    $story_templates->set_var('lang_emails', $LANG24[39]);
    $story_templates->set_var('story_emails', $story->EditElements('numemails'));
    if ($_CONF['rating_enabled']) {
        $rating = @number_format($story->EditElements('rating'), 2);
        $votes = $story->EditElements('votes');
        $story_templates->set_var('rating', $rating);
        $story_templates->set_var('votes', $votes);
    $story_templates->set_var('attribution_url', $story->EditElements('attribution_url'));
    $story_templates->set_var('attribution_name', $story->EditElements('attribution_name'));
    $story_templates->set_var('attribution_author', $story->EditElements('attribution_author'));
    $story_templates->set_var('lang_attribution_url', $LANG24[105]);
    $story_templates->set_var('lang_attribution_name', $LANG24[106]);
    $story_templates->set_var('lang_attribution_author', $LANG24[107]);
    $story_templates->set_var('lang_attribution', $LANG24[108]);
    $sec_token_name = CSRF_TOKEN;
    $sec_token = SEC_createToken();
    $story_templates->set_var('story_id', $story->getSid());
    $story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
    $story_templates->set_var('lang_sid', $LANG24[12]);
    $story_templates->set_var('lang_save', $saveoption);
    $story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    $story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
    $story_templates->set_var('lang_timeout', $LANG_ADMIN['timeout_msg']);
    $story_templates->set_var('gltoken_name', CSRF_TOKEN);
    $story_templates->set_var('gltoken', $sec_token);
    $story_templates->set_var('security_token', $sec_token);
    $story_templates->set_var('security_token_name', $sec_token_name);
    $story_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    PLG_templateSetVars('storyeditor', $story_templates);
    if ($story->EditElements('postmode') != 'html') {
    SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral('advancededitor'), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
    $story_templates->parse('output', 'editor');
    $display .= $story_templates->finish($story_templates->get_var('output'));
    return $display;
Ejemplo n.º 11
* Displays the comment form
* @param    string  $title      Title of comment
* @param    string  $comment    Text of comment
* @param    string  $sid        ID of object comment belongs to
* @param    int     $pid        ID of parent comment
* @param    string  $type       Type of object comment is posted to
* @param    string  $mode       Mode, e.g. 'preview'
* @param    string  $postmode   Indicates if comment is plain text or HTML
* @return   string  HTML for comment form
function CMT_commentForm($title, $comment, $sid, $pid = '0', $type, $mode, $postmode)
    $retval = '';
    $cid = 0;
    $edit_comment = '';
    $filter = sanitizer::getInstance();
    $AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']);
    $filter->setNamespace('glfusion', 'comment');
    // never trust $uid ...
    if (COM_isAnonUser()) {
        $uid = 1;
    } else {
        $uid = $_USER['uid'];
    $commentuid = $uid;
    if (($mode == 'edit' || $mode == 'preview_edit') && isset($_REQUEST['cid'])) {
        $cid = COM_applyFilter($_REQUEST['cid']);
        $commentuid = DB_getItem($_TABLES['comments'], 'uid', "cid = " . (int) $cid);
    if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
        $retval .= SEC_loginRequiredForm();
        return $retval;
    } else {
        COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
        $last = 0;
        if ($mode != 'edit' && $mode != 'preview' && $mode != 'preview_new' && $mode != 'preview_edit') {
            //not edit mode or preview changes
            $last = COM_checkSpeedlimit('comment');
        if ($last > 0) {
            $retval .= COM_showMessageText($LANG03[7] . $last . $LANG03[8], $LANG12[26], false);
        } else {
            if (empty($postmode)) {
                $postmode = $_CONF['comment_postmode'];
            $AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']);
            $comment = $filter->filterHTML($comment);
            $display_comment = $filter->displayText($comment);
            $edit_comment = $filter->editableText($comment);
            $title = $filter->displayText($title);
            $title = $filter->editableText($title);
            $_POST['title'] = $title;
            $_POST['comment'] = $display_comment;
            // Preview mode:
            if (($mode == $LANG03[14] || $mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') && !empty($title) && !empty($comment)) {
                $start = new Template($_CONF['path_layout'] . 'comment');
                $start->set_file(array('comment' => 'startcomment.thtml'));
                $start->set_var('hide_if_preview', 'style="display:none"');
                // Clean up all the vars
                $A = array();
                foreach ($_POST as $key => $value) {
                    if ($key == 'pid' || $key == 'cid') {
                        $A[$key] = (int) COM_applyFilter($_POST[$key], true);
                    } else {
                        if ($key == 'title' || $key == 'comment') {
                            // these have already been filtered above
                            $A[$key] = $_POST[$key];
                        } else {
                            if ($key == 'username') {
                                $A[$key] = @htmlspecialchars(COM_checkWords(strip_tags($_POST[$key])), ENT_QUOTES, COM_getEncodingt());
                            } else {
                                $A[$key] = COM_applyFilter($_POST[$key]);
                //correct time and username for edit preview
                if ($mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') {
                    $A['nice_date'] = DB_getItem($_TABLES['comments'], 'UNIX_TIMESTAMP(date)', "cid = " . (int) $cid);
                    if ($_USER['uid'] != $commentuid) {
                        $A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $commentuid);
                if (empty($A['username'])) {
                    $A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $uid);
                $author_id = PLG_getItemInfo($type, $sid, 'author');
                $thecomments = CMT_getComment($A, 'flat', $type, 'ASC', false, true, 0, $author_id);
                $start->set_var('comments', $thecomments);
                $retval .= '<a name="comment_entry"></a>';
                $retval .= COM_startBlock($LANG03[14]) . $start->finish($start->parse('output', 'comment')) . COM_endBlock();
            } else {
                if ($mode == 'preview_new' || $mode == 'preview_edit') {
                    $retval .= COM_showMessageText($LANG03[12], $LANG03[17], true);
                    $mode = 'error';
            $comment_template = new Template($_CONF['path_layout'] . 'comment');
            $comment_template->set_file('form', 'commentform.thtml');
            if ($mode == 'preview_new') {
                $comment_template->set_var('mode', 'new');
                $comment_template->set_var('show_anchor', '');
            } else {
                if ($mode == 'preview_edit') {
                    $comment_template->set_var('mode', 'edit');
                    $comment_template->set_var('show_anchor', '');
                } else {
                    $comment_template->set_var('mode', $mode);
                    $comment_template->set_var('show_anchor', 1);
            $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
            if ($_CONF['show_fullname'] == 1) {
                $comment_template->set_var('lang_username', $LANG_ACCESS['name']);
            } else {
                $comment_template->set_var('lang_username', $LANG03[5]);
            $comment_template->set_var('sid', $sid);
            $comment_template->set_var('pid', $pid);
            $comment_template->set_var('type', $type);
            if ($mode == 'edit' || $mode == 'preview_edit') {
                //edit modes
                $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[41]));
                $comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . @htmlspecialchars(COM_applyFilter($_REQUEST['cid']), ENT_COMPAT, COM_getEncodingt()) . '"/>');
            } else {
                $comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
                $comment_template->set_var('cid', '');
            $comment_template->set_var('CSRF_TOKEN', SEC_createToken());
            $comment_template->set_var('token_name', CSRF_TOKEN);
            if (!COM_isAnonUser()) {
                $comment_template->set_var('uid', $_USER['uid']);
                $name = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
                $comment_template->set_var('username', $name);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]);
                $comment_template->set_var('username_disabled', 'disabled="disabled"');
                $comment_template->set_var('suballowed', true);
                $isSub = 0;
                if ($mode == 'preview_edit' || $mode == 'preview_new') {
                    $isSub = isset($_POST['subscribe']) ? 1 : 0;
                } else {
                    if (PLG_isSubscribed('comment', $type, $sid)) {
                        $isSub = 1;
                if ($isSub == 0) {
                    $subchecked = '';
                } else {
                    $subchecked = 'checked="checked"';
                $comment_template->set_var('subchecked', $subchecked);
            } else {
                //Anonymous user
                $comment_template->set_var('uid', 1);
                if (isset($_POST['username'])) {
                    $name = $filter->sanitizeUsername(COM_applyFilter($_POST['username']));
                    //for preview
                } else {
                    $name = $LANG03[24];
                    //anonymous user
                $usernameblock = '<input type="text" name="username" size="16" value="' . $name . '" maxlength="32"/>';
                $comment_template->set_var('username', $name);
                // $usernameblock);
                $comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new');
                $comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
                $comment_template->set_var('username_disabled', '');
            if ($postmode == 'html') {
                $comment_template->set_var('htmlmode', true);
            $comment_template->set_var('lang_title', $LANG03[16]);
            $comment_template->set_var('title', @htmlspecialchars($title, ENT_COMPAT, COM_getEncodingt()));
            $comment_template->set_var('lang_comment', $LANG03[9]);
            $comment_template->set_var('comment', $edit_comment);
            $comment_template->set_var('lang_postmode', $LANG03[2]);
            $comment_template->set_var('postmode', $postmode);
            $comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
            $comment_template->set_var('allowed_html', $filter->getAllowedHTML() . '<br/>' . COM_AllowedAutotags('', false, 'glfusion', 'comment'));
            $comment_template->set_var('lang_importantstuff', $LANG03[18]);
            $comment_template->set_var('lang_instr_line1', $LANG03[19]);
            $comment_template->set_var('lang_instr_line2', $LANG03[20]);
            $comment_template->set_var('lang_instr_line3', $LANG03[21]);
            $comment_template->set_var('lang_instr_line4', $LANG03[22]);
            $comment_template->set_var('lang_instr_line5', $LANG03[23]);
            if ($mode == 'edit' || $mode == 'preview_edit') {
                //editing comment or preview changes
                $comment_template->set_var('lang_preview', $LANG03[28]);
            } else {
                //new comment
                $comment_template->set_var('lang_preview', $LANG03[14]);
            if (function_exists('msg_replaceEmoticons')) {
                $comment_template->set_var('smilies', msg_showsmilies());
            PLG_templateSetVars('comment', $comment_template);
            if ($mode == 'preview_edit' || $mode == 'edit' && $_CONF['skip_preview'] == 1) {
                //for editing
                $comment_template->set_var('save_type', 'saveedit');
                $comment_template->set_var('lang_save', $LANG03[29]);
                $comment_template->set_var('save_option', '<input type="submit" name="saveedit" value="' . $LANG03[29] . '"/>');
            } elseif ($_CONF['skip_preview'] == 1 || $mode == 'preview_new') {
                //new comment
                $comment_template->set_var('save_type', 'savecomment');
                $comment_template->set_var('lang_save', $LANG03[11]);
                $comment_template->set_var('save_option', '<input type="submit" name="savecomment" value="' . $LANG03[11] . '"/>');
            $comment_template->set_var('end_block', COM_endBlock());
            $comment_template->parse('output', 'form');
            $retval .= $comment_template->finish($comment_template->get_var('output'));
    return $retval;
Ejemplo n.º 12
 $story_template->set_var('story_title', $pagetitle);
 $story_template->set_var('story_subtitle', $story->DisplayElements('subtitle'));
 if ($_CONF['hidestorydate'] != 1) {
     $story_template->set_var('story_date', $story->displayElements('date'));
 if ($_CONF['contributedbyline'] == 1) {
     $story_template->set_var('lang_contributedby', $LANG01[1]);
     $authorname = COM_getDisplayName($story->displayElements('uid'));
     $story_template->set_var('author', $authorname);
     $story_template->set_var('story_author', $authorname);
     $story_template->set_var('story_author_username', $story->DisplayElements('username'));
 if ($story_image != '') {
     $story_template->set_var('story_image', $story_image);
 } else {
 $story_options = array();
 if ($_CONF['hideemailicon'] == 0 && (!COM_isAnonUser() || $_CONF['loginrequired'] == 0 && $_CONF['emailstoryloginrequired'] == 0)) {
     $emailUrl = $_CONF['site_url'] . '/profiles.php?sid=' . $story->getSid() . '&amp;what=emailstory';
     $story_options[] = COM_createLink($LANG11[2], $emailUrl, array('rel' => 'nofollow'));
     $story_template->set_var('email_story_url', $emailUrl);
     $story_template->set_var('lang_email_story', $LANG11[2]);
     $story_template->set_var('lang_email_story_alt', $LANG01[64]);
 $printUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&amp;mode=print');
 if ($_CONF['hideprintericon'] == 0) {
     $story_options[] = COM_createLink($LANG11[3], $printUrl, array('rel' => 'nofollow'));
     $story_template->set_var('print_story_url', $printUrl);
     $story_template->set_var('lang_print_story', $LANG11[3]);
     $story_template->set_var('lang_print_story_alt', $LANG01[65]);
Ejemplo n.º 13
 * as well. The absolute width of the portal is used to calculate the 
 * absolute width of portal columns with relative width specifications.
// $portal_width = 800;
$portal_width = 0;
foreach ($columns as $column) {
      $column_width = calculate_absolute_length(
    $column_width = $column->get_attribute("bid:portal:column:width");
    $portal_width += $column_width;
    $tpl->set_var(array("PORTAL_COLUMN_ID" => $column->get_id(), "PORTAL_COLUMN_WIDTH" => $column->get_attribute("bid:portal:column:width")));
    //clear variable for next column
    //editing area for column
    if ($writeable && $steam->get_login_user()->get_name() != "guest") {
        $tpl->parse("EDIT_AREA", "edit_area");
    if (sizeof($columnPortlets[$column->get_id()]) > 0) {
        // column does contain portlets
        foreach ($columnPortlets[$column->get_id()] as $portlet) {
            if ($portlet->get_attribute("bid:portlet")) {
                //get the linked portlet if neccessary
                if ($portlet instanceof steam_link) {
                    $portlet = $portlet->get_link_object();
                //get content of portlet
                $content = $portlet->get_attribute("bid:portlet:content");
                if (is_array($content) && count($content) > 0) {
Ejemplo n.º 14
 function displayThumb($s, $sortOrder, $force = 0, $imageFrame = '')
     global $_USER, $_CONF, $_MG_CONF, $MG_albums, $_TABLES, $_MG_USERPREFS, $LANG_MG03, $LANG_MG01, $glversion, $ratedIds;
     $retval = '';
     $T = new Template(MG_getTemplatePath($this->album_id));
     if ($MG_albums[$this->album_id]->display_columns == 1) {
         $media_cell_image_template = 'album_page_body_media_cell_1.thtml';
     } else {
         $media_cell_image_template = 'album_page_body_media_cell.thtml';
     if ($force) {
         $media_cell_image_template = 'album_page_body_media_cell.thtml';
     $T->set_file(array('media_cell_image' => $media_cell_image_template, 'media_rate_results' => 'album_page_body_media_cell_rating.thtml', 'media_comments' => 'album_page_body_media_cell_comment.thtml', 'media_views' => 'album_page_body_media_cell_view.thtml', 'media_cell_keywords' => 'album_page_body_media_cell_keywords.thtml', 'mp3_podcast' => 'mp3_podcast.thtml'));
     $F = new Template($_MG_CONF['template_path']);
     $F->set_var('media_frame', $MG_albums[$this->album_id]->imageFrameTemplate);
     // --- set the default thumbnail
     $data_type = '';
     $videoid = '';
     $url_orig = '';
     switch ($this->type) {
         case 0:
             // standard image
             $data_type = 'image';
             $default_thumbnail = 'tn/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext;
             if (!file_exists($_MG_CONF['path_mediaobjects'] . $default_thumbnail)) {
                 $default_thumbnail = 'tn/' . $this->filename[0] . '/' . $this->filename . '.jpg';
             if ($_MG_CONF['discard_original'] == 1) {
                 $orig = 'disp';
             } else {
                 $orig = 'orig';
             $default_orig_file = $orig . '/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext;
             if (file_exists($_MG_CONF['path_mediaobjects'] . $default_orig_file)) {
                 $url_orig = $_MG_CONF['site_url'] . '/mediaobjects/' . $default_orig_file;
             } else {
                 $url_orig = '';
         case 1:
             // video file
             switch ($this->mime_type) {
                 case 'video/x-flv':
                     $default_thumbnail = 'placeholder_flv.svg';
                     if ($MG_albums[$this->album_id]->tnWidth > $MG_albums[$this->album_id]->tnHeight) {
                         $default_thumbnail = 'placeholder_flv_w.svg';
                     } else {
                         $default_thumbnail = 'placeholder_flv.svg';
                 case 'application/x-shockwave-flash':
                     if ($MG_albums[$this->album_id]->tnWidth > $MG_albums[$this->album_id]->tnHeight) {
                         $default_thumbnail = 'placeholder_flash_w.svg';
                     } else {
                         $default_thumbnail = 'placeholder_flash.svg';
                 case 'video/mpeg':
                 case 'video/x-mpeg':
                 case 'video/x-mpeq2a':
                 case 'video/webm':
                     if ($MG_albums[$this->album_id]->tnWidth > $MG_albums[$this->album_id]->tnHeight) {
                         $default_thumbnail = 'placeholder_video_w.svg';
                     } else {
                         $default_thumbnail = 'placeholder_video.svg';
                     $orig = 'orig';
                     $default_orig_file = $orig . '/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext;
                     if (file_exists($_MG_CONF['path_mediaobjects'] . $default_orig_file)) {
                         $url_orig = $_MG_CONF['site_url'] . '/mediaobjects/' . $default_orig_file;
                     } else {
                         $url_orig = '';
                     $data_type = 'html5video';
                 case 'video/x-motion-jpeg':
                 case 'video/quicktime':
                 case 'video/x-qtc':
                 case 'audio/mpeg':
                 case 'video/x-m4v':
                     if ($MG_albums[$this->album_id]->tnWidth > $MG_albums[$this->album_id]->tnHeight) {
                         $default_thumbnail = 'placeholder_video_w.svg';
                     } else {
                         $default_thumbnail = 'placeholder_video.svg';
                 case 'asf':
                 case 'video/x-ms-asf':
                 case 'video/x-ms-asf-plugin':
                 case 'video/avi':
                 case 'video/msvideo':
                 case 'video/x-msvideo':
                 case 'video/avs-video':
                 case 'video/x-ms-wmv':
                 case 'video/x-ms-wvx':
                 case 'video/x-ms-wm':
                 case 'application/x-troff-msvideo':
                 case 'application/x-ms-wmz':
                 case 'application/x-ms-wmd':
                     if ($MG_albums[$this->album_id]->tnWidth > $MG_albums[$this->album_id]->tnHeight) {
                         $default_thumbnail = 'placeholder_video_w.svg';
                     } else {
                         $default_thumbnail = 'placeholder_video.svg';
                     if ($MG_albums[$this->album_id]->tnWidth > $MG_albums[$this->album_id]->tnHeight) {
                         $default_thumbnail = 'placeholder_video_w.svg';
                     } else {
                         $default_thumbnail = 'placeholder_video.svg';
                     $orig = 'orig';
                     $default_orig_file = $orig . '/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext;
                     if (file_exists($_MG_CONF['path_mediaobjects'] . $default_orig_file)) {
                         $url_orig = $_MG_CONF['site_url'] . '/mediaobjects/' . $default_orig_file;
                     } else {
                         $url_orig = '';
                     $data_type = 'html5video';
         case 2:
             // music file
             $default_thumbnail = 'placeholder_audio.svg';
             if ($MG_albums[$this->album_id]->tnWidth > $MG_albums[$this->album_id]->tnHeight) {
                 $default_thumbnail = 'placeholder_audio_w.svg';
             } else {
                 $default_thumbnail = 'placeholder_audio.svg';
         case 4:
             // other files
             switch ($this->mime_type) {
                 case 'application/zip':
                 case 'zip':
                 case 'arj':
                 case 'rar':
                 case 'gz':
                     $default_thumbnail = 'placeholder_zip.svg';
                 case 'pdf':
                 case 'application/pdf':
                     $default_thumbnail = 'placeholder_pdf.svg';
                     if (isset($_MG_CONF['dt'][$this->mime_ext])) {
                         $default_thumbnail = $_MG_CONF['dt'][$this->mime_ext];
                     } else {
                         switch ($this->mime_ext) {
                             case 'pdf':
                                 $default_thumbnail = 'placeholder_pdf.svg';
                             case 'arj':
                                 $default_thumbnail = 'zip.png';
                                 $default_thumbnail = 'placeholder_zip.svg';
                             case 'gz':
                                 $default_thumbnail = 'zip.png';
                                 $default_thumbnail = 'placeholder_zip.svg';
                                 $default_thumbnail = 'generic.png';
                                 $default_thumbnail = 'placeholder.svg';
         case 5:
         case 'embed':
             require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-remotemedia.php';
             if (preg_match("/youtube/i", $this->remote_url)) {
                 $default_thumbnail = 'youtube.png';
                 $data_type = 'youtube';
                 $videoid = getYoutubeId($this->remote_url);
             } else {
                 if (preg_match("/google/i", $this->remote_url)) {
                     $default_thumbnail = 'googlevideo.png';
                 } else {
                     if (preg_match("/vimeo/i", $this->remote_url)) {
                         $default_thumbnail = 'placeholder_viemo.svg';
                         $data_type = 'vimeo';
                         $videoid = getVimeoId($this->remote_url);
                     } else {
                         $default_thumbnail = 'remote.png';
             if ($MG_albums[$this->album_id]->tnWidth > $MG_albums[$this->album_id]->tnHeight) {
                 $default_thumbnail = 'placeholder_video_w.svg';
             } else {
                 $default_thumbnail = 'placeholder_video.svg';
             $url_orig = $this->remote_url;
     if ($this->tn_attached == 1) {
         $media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/' . $default_thumbnail;
         $media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . $default_thumbnail;
         foreach ($_MG_CONF['validExtensions'] as $ext) {
             if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $this->filename[0] . '/tn_' . $this->filename . $ext)) {
                 $media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/tn/' . $this->filename[0] . '/tn_' . $this->filename . $ext;
                 $media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . 'tn/' . $this->filename[0] . '/tn_' . $this->filename . $ext;
     } else {
         $media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/' . $default_thumbnail;
         $media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . $default_thumbnail;
     // type == 1 video
     // type == 2 audio
     if (($this->type == 1 || $this->type == 2 || $this->type == 5) && ($MG_albums[$this->album_id]->playback_type == 0 || $MG_albums[$this->album_id]->playback_type == 1) && $_MG_CONF['popup_from_album'] == 1) {
         if ($MG_albums[$this->album_id]->playback_type == 0) {
             if ($this->type == 2) {
                 // determine what type of player we will use (WMP, QT or Flash)
                 $player = $_MG_CONF['mp3_player'];
                 if (isset($_MG_USERPREFS['mp3_player']) && $_MG_USERPREFS['mp3_player'] != -1) {
                     $player = $_MG_USERPREFS['mp3_player'];
                 switch ($player) {
                     case 0:
                         // WMP
                         $new_y = 260;
                         $new_x = 340;
                     case 1:
                         // QT
                         $new_y = 25;
                         $new_x = 350;
                     case 2:
                         $new_y = 360;
                         $new_x = 580;
                 if ($this->mime_type == 'audio/mpeg') {
                     $new_y = 360;
                     $new_x = 580;
                 if ($this->tn_attached == 1 && $player != 2) {
                     $tnsize = @getimagesize($media_thumbnail_file);
                     $new_y += $tnsize[0];
                     if ($tnsize[1] > $new_x) {
                         $new_x = $tnsize[1];
                 if ($MG_albums[$this->album_id]->playback_type == 0) {
                     $url_display_item = "javascript:showVideo('" . $_MG_CONF['site_url'] . '/video.php?n=' . $this->id . "'," . $new_y . ',' . $new_x . ')';
                 } else {
                     $url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
                 $resolution_x = $new_x;
                 $resolution_y = $new_y;
             } else {
                 // must be a video...
                 // set the default playback options...
                 $playback_options['play'] = $_MG_CONF['swf_play'];
                 $playback_options['menu'] = $_MG_CONF['swf_menu'];
                 $playback_options['quality'] = $_MG_CONF['swf_quality'];
                 $playback_options['height'] = $_MG_CONF['swf_height'];
                 $playback_options['width'] = $_MG_CONF['swf_width'];
                 $playback_options['loop'] = $_MG_CONF['swf_loop'];
                 $playback_options['scale'] = $_MG_CONF['swf_scale'];
                 $playback_options['wmode'] = $_MG_CONF['swf_wmode'];
                 $playback_options['allowscriptaccess'] = $_MG_CONF['swf_allowscriptaccess'];
                 $playback_options['bgcolor'] = $_MG_CONF['swf_bgcolor'];
                 $playback_options['swf_version'] = $_MG_CONF['swf_version'];
                 $playback_options['flashvars'] = $_MG_CONF['swf_flashvars'];
                 $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($this->id) . "'");
                 while ($poRow = DB_fetchArray($poResult)) {
                     $playback_options[$poRow['option_name']] = $poRow['option_value'];
                 if ($this->resolution_x > 0) {
                     $resolution_x = $this->resolution_x;
                     $resolution_y = $this->resolution_y;
                 } else {
                     if ($this->media_resolution_x == 0 && $this->remote_media != 1) {
                         $size = @filesize($_MG_CONF['path_mediaobjects'] . 'orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext);
                         // skip files over 8M in size..
                         if ($size < 8388608) {
                             $ThisFileInfo = IMG_getMediaMetaData($_MG_CONF['path_mediaobjects'] . 'orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext);
                             if ($ThisFileInfo['video']['resolution_x'] < 1 || $ThisFileInfo['video']['resolution_y'] < 1) {
                                 if (isset($ThisFileInfo['meta']['onMetaData']['width']) && isset($ThisFileInfo['meta']['onMetaData']['height'])) {
                                     $resolution_x = $ThisFileInfo['meta']['onMetaData']['width'];
                                     $resolution_y = $ThisFileInfo['meta']['onMetaData']['height'];
                                 } else {
                                     $resolution_x = -1;
                                     $resolution_y = -1;
                             } else {
                                 $resolution_x = $ThisFileInfo['video']['resolution_x'];
                                 $resolution_y = $ThisFileInfo['video']['resolution_y'];
                             if ($resolution_x != 0) {
                                 $sql = "UPDATE " . $_TABLES['mg_media'] . " SET media_resolution_x=" . intval($resolution_x) . ",media_resolution_y=" . intval($resolution_y) . " WHERE media_id='" . DB_escapeString($this->id) . "'";
                                 DB_query($sql, 1);
                     } else {
                         $resolution_x = $this->resolution_x;
                         $resolution_y = $this->resolution_y;
                 $resolution_x = $playback_options['width'];
                 $resolution_y = $playback_options['height'];
                 if ($resolution_x < 1 || $resolution_y < 1) {
                     $resolution_x = 480;
                     $resolution_y = 320;
                 } else {
                     $resolution_x = $resolution_x + 40;
                     $resolution_y = $resolution_y + 40;
                 if ($this->mime_type == 'video/x-flv' && $_MG_CONF['use_flowplayer'] != 1) {
                     $resolution_x = $resolution_x + 60;
                     if ($resolution_x < 590) {
                         $resolution_x = 590;
                     $resolution_y = $resolution_y + 80;
                     if ($resolution_y < 500) {
                         $resolution_y = 500;
                 if ($this->type == 5) {
                     $resolution_x = 460;
                     $resolution_y = 380;
                 $url_display_item = "javascript:showVideo('" . $_MG_CONF['site_url'] . '/video.php?n=' . $this->id . "'," . $resolution_y . ',' . $resolution_x . ')';
         } else {
             $url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
         // check to see if comments and rating are enabled, if not, put a link to edit...
         if ($MG_albums[$this->album_id]->access == 3) {
             $T->set_var(array('edit_link' => '<br/><a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=mediaedit&amp;s=1&amp;album_id=' . $this->album_id . '&amp;mid=' . $this->id . '">' . $LANG_MG01['edit'] . '</a>'));
         } else {
             $T->set_var(array('edit_link' => ''));
     } else {
         if ($MG_albums[$this->album_id]->useAlternate == 1 && $this->type != 5 && !empty($this->remote_url)) {
             $url_display_item = $this->remote_url;
         } else {
             $url_display_item = $_MG_CONF['site_url'] . '/media.php?f=0' . '&amp;sort=' . $sortOrder . '&amp;s=' . $this->id;
     if ($this->type == 4) {
         // other
         $url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
     if (strstr($media_thumbnail_file, '.svg')) {
         $media_size = array($MG_albums[$this->album_id]->tnWidth, $MG_albums[$this->album_id]->tnHeight);
     } else {
         $media_size = @getimagesize($media_thumbnail_file);
     if ($media_size == false) {
         if ($this->type == 2) {
             $default_thumbnail = 'placeholder_audio.svg';
         } else {
             $default_thumbnail = 'placeholder_missing.svg';
         $media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/' . $default_thumbnail;
         $media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . $default_thumbnail;
         $tn_height = $MG_albums[$this->album_id]->tnHeight;
         $tn_width = $MG_albums[$this->album_id]->tnWidth;
         $media_size = array($tn_width, $tn_height);
     $media_time = MG_getUserDateTimeFormat($this->time);
     $upload_time = MG_getUserDateTimeFormat($this->upload_time);
     $url_media_item = $url_display_item;
     // -- decide what thumbnail size to use, small, medium, large...
     if (isset($_MG_USERPREFS['tn_size']) && $_MG_USERPREFS['tn_size'] != -1) {
         $tn_size = $_MG_USERPREFS['tn_size'];
     } else {
         $tn_size = $MG_albums[$this->album_id]->tn_size;
     switch ($tn_size) {
         case '0':
             $tn_height = 100;
             $tn_width = 100;
         case '1':
             $tn_height = 150;
             $tn_width = 150;
         case '2':
             $tn_height = 200;
             $tn_width = 200;
         case '3':
         case '4':
             $tn_height = $MG_albums[$this->album_id]->tnHeight;
             $tn_width = $MG_albums[$this->album_id]->tnWidth;
             if ($tn_height == 0) {
                 $tn_height = 200;
             if ($tn_width == 0) {
                 $tn_width = 200;
             $tn_height = 150;
             $tn_width = 150;
     if ($media_size[0] > $media_size[1]) {
         // landscape
         $ratio = $media_size[0] / $tn_width;
         $newwidth = $tn_width;
         $newheight = round($media_size[1] / $ratio);
     } else {
         $ratio = $media_size[1] / $tn_height;
         if ($ratio == 0) {
             $newheight = $tn_height;
             $newwidth = $tn_width;
         } else {
             $newheight = $tn_height;
             $newwidth = round($media_size[0] / $ratio);
     if ($media_size[0] > $media_size[1]) {
         $ratio = $media_size[0] / 50;
         $smallwidth = 50;
         $smallheight = round($media_size[1] / $ratio);
     } else {
         $ratio = $media_size[1] / 50;
         if ($ratio == 0) {
             $smallheight = 50;
             $smallwidth = 50;
         } else {
             $smallheight = 50;
             $smallwidth = round($media_size[0] / $ratio);
     if ($this->owner_id != "" && $this->owner_id > 1) {
         $username = DB_getItem($_TABLES['users'], 'username', "uid=" . intval($this->owner_id));
     } else {
         $username = '******';
     if (!isset($resolution_x)) {
         $resolution_x = $newwidth;
     if (!isset($resolution_y)) {
         $resolution_y = $newheight;
     if ($this->mime_type == 'audio/mpeg' && $MG_albums[$this->album_id]->mp3ribbon) {
         $T->set_var(array('mp3_file' => $_MG_CONF['mediaobjects_url'] . '/orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext, 'site_url' => $_MG_CONF['site_url'], 'id' => $this->mime_ext . rand()));
         $T->parse('mp3_podcast', 'mp3_podcast');
     } else {
         $T->set_var(array('mp3_podcast' => ''));
      * build the small rating bar
     if ($MG_albums[$this->album_id]->enable_rating > 0) {
         $uid = COM_isAnonUser() ? 1 : $_USER['uid'];
         $static = false;
         // check to see if we are the owner, if so, no rating for us...
         if (isset($_USER['uid']) && $_USER['uid'] == $this->owner_id) {
             $static = true;
             $voted = 0;
         } else {
             if (in_array($this->id, $ratedIds)) {
                 $static = true;
                 $voted = 1;
             } else {
                 $static = 0;
                 $voted = 0;
         if ($MG_albums[$this->album_id]->enable_rating == 1 && COM_isAnonUser()) {
             $static = true;
         if ($_MG_CONF['use_large_stars'] == 1) {
             $starSize = '';
         } else {
             $starSize = 'sm';
         $rating_box = RATING_ratingBar('mediagallery', $this->id, $this->votes, $this->rating, $voted, 5, $static, $starSize);
     } else {
         $rating_box = '';
     $T->set_var('rating_box', '<center>' . $rating_box . '</center>');
     $fs_bytes = @filesize($_MG_CONF['path_mediaobjects'] . 'orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext);
     $fileSize = MG_get_size($fs_bytes);
     $direct_url = 'disp/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext;
     if (!file_exists($_MG_CONF['path_mediaobjects'] . $direct_url)) {
         $direct_url = 'disp/' . $this->filename[0] . '/' . $this->filename . '.jpg';
     if ($MG_albums[$this->album_id]->access == 3) {
         $edit_item = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=mediaedit&amp;s=1&amp;album_id=' . $this->album_id . '&amp;mid=' . $this->id . '">' . $LANG_MG01['edit'] . '</a>';
     } else {
         $edit_item = '';
     $L = new Template(MG_getTemplatePath($this->album_id));
     $L->set_file('media_link', 'medialink.thtml');
     $L->set_var('href', $url_media_item);
     if ($this->type == 0) {
         if ($this->remote == 1) {
             $L->set_var('hrefdirect', $this->remote_url);
         } else {
             $L->set_var('hrefdirect', $_MG_CONF['mediaobjects_url'] . '/' . $direct_url);
     $caption = PLG_replaceTags(str_replace('$', '&#36;', $this->title), 'mediagallery', 'media_description');
     if ($this->owner_id == $_USER['uid'] || SEC_hasRights('mediagallery.admin')) {
         $caption .= '<br />(' . $this->id . ')';
     $L->set_var('caption', $caption);
     $L->set_var('id', 'id' . rand());
     $L->parse('media_link_start', 'media_link');
     $media_start_link = $L->finish($L->get_var('media_link_start'));
     $T->set_var(array('play_now' => '', 'download_now' => $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id, 'play_in_popup' => "javascript:showVideo('" . $_MG_CONF['site_url'] . '/video.php?n=' . $this->id . "'," . $resolution_y . ',' . $resolution_x . ')', 'row_height' => $tn_height + 40, 'media_title' => PLG_replaceTags($this->title, 'mediagallery', 'media_title'), 'media_description' => PLG_replaceTags(nl2br($this->description), 'mediagallery', 'media_description'), 'media_tag' => strip_tags($this->title), 'media_time' => $media_time[0], 'upload_time' => $upload_time[0], 'media_owner' => $username, 'site_url' => $_MG_CONF['site_url'], 'lang_published' => $LANG_MG03['published'], 'lang_on' => $LANG_MG03['on'], 'lang_hyphen' => $this->album == '' ? '' : '-', 'media_link_start' => $media_start_link, 'media_link_end' => '</a>', 'artist' => $this->artist, 'musicalbum' => $this->album != '' ? $this->album : '', 'genre' => $this->genre != '' ? $this->genre : '', 'alt_edit_link' => $edit_item, 'filesize' => $fileSize, 'media_id' => $this->id, 'raw_media_thumbnail' => $media_thumbnail, 'display_url' => $url_media_item, 'orig_url' => $url_orig));
     if ($data_type != '') {
         $T->set_var('data_type', $data_type);
     } else {
     if ($videoid != '') {
         $T->set_var('videoid', $videoid);
     } else {
     // frame template variables
     $F->set_var(array('media_id' => $this->id, 'media_link_start' => $media_start_link, 'media_link_end' => '</a>', 'url_media_item' => $url_media_item, 'url_display_item' => $url_display_item, 'media_thumbnail' => $media_thumbnail, 'media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"', 'media_height' => $newheight, 'media_width' => $newwidth, 'border_width' => $newwidth + 15, 'border_height' => $newheight + 15, 'row_height' => $tn_height + 40, 'frWidth' => $newwidth - $MG_albums[$this->album_id]->frWidth, 'frHeight' => $newheight - $MG_albums[$this->album_id]->frHeight, 'media_tag' => strip_tags($this->description), 'filesize' => $fileSize));
     $F->parse('media', 'media_frame');
     $media_item_thumbnail = $F->finish($F->get_var('media'));
     $T->set_var(array('media_item_thumbnail' => $media_item_thumbnail, 'url_media_item' => $url_media_item, 'url_display_item' => $url_display_item, 'media_thumbnail' => $media_thumbnail, 'media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"'));
     if ($MG_albums[$this->album_id]->enable_keywords) {
         if (!empty($this->keywords)) {
             $kwText = '';
             $keyWords = array();
             $keyWords = explode(' ', $this->keywords);
             $numKeyWords = count($keyWords);
             for ($i = 0; $i < $numKeyWords; $i++) {
                 $keyWords[$i] = str_replace('"', ' ', $keyWords[$i]);
                 $searchKeyword = $keyWords[$i];
                 $keyWords[$i] = str_replace('_', ' ', $keyWords[$i]);
                 $kwText .= '<a href="' . $_MG_CONF['site_url'] . '/search.php?mode=search&amp;swhere=1&amp;keywords=' . $searchKeyword . '&amp;keyType=any">' . $keyWords[$i] . '</a> ';
             $T->set_var(array('media_keywords' => $kwText, 'lang_keywords' => $LANG_MG01['keywords']));
             $T->parse('media_cell_keywords', 'media_cell_keywords');
         } else {
             $T->set_var('lang_keywords', '');
     } else {
         $T->set_var(array('media_cell_keywords' => '', 'lang_keywords' => ''));
     if ($MG_albums[$this->album_id]->enable_rating) {
         $rating = $LANG_MG03['rating'] . ': <strong> ' . $this->rating / 2 . '</strong>/5 (' . $this->votes . ' ' . $LANG_MG03['votes'] . ')';
         $T->set_var('media_rating', $rating);
         $T->parse('media_rate_results', 'media_rate_results');
     if ($MG_albums[$this->album_id]->enable_comments) {
         $cmtLinkArray = CMT_getCommentLinkWithCount('mediagallery', $this->id, $_MG_CONF['site_url'] . '/media.php?f=0' . '&amp;sort=' . $sortOrder . '&amp;s=' . $this->id, $this->comments, 0);
         if ($this->type == 4 || $this->type == 1 && $MG_albums[$this->album_id]->playback_type != 2 || $this->type == 2 && $MG_albums[$this->album_id]->playback_type != 2 || $this->type == 5 && $MG_albums[$this->album_id]->playback_type != 2) {
             $cmtLink_alt = $cmtLinkArray['link_with_count'];
             // '<a href="' . $_MG_CONF['site_url'] . '/media.php?f=0' . '&amp;sort=' . $sortOrder . '&amp;s=' . $this->id . '">' . $LANG_MG03['comments'] . '</a>';
             $cmtLink = '';
         } else {
             $cmtLink = '';
             $cmtLink_alt = $cmtLinkArray['link_with_count'];
             //'<a href="' . $_MG_CONF['site_url'] . '/media.php?f=0' . '&amp;sort=' . $sortOrder . '&amp;s=' . $this->id . '">' . $LANG_MG03['comments'] . '</a>';
         $T->set_var(array('comments_with_count' => $cmtLinkArray['link_with_count'], 'media_comments_count' => $cmtLinkArray['comment_count'], 'lang_comments' => $cmtLink, 'lang_comments_hot' => $cmtLink_alt));
         $T->parse('media_comments', 'media_comments');
     if ($MG_albums[$this->album_id]->enable_views) {
         $T->set_var(array('media_views_count' => $this->views, 'lang_views' => $LANG_MG03['views']));
         $T->parse('media_views', 'media_views');
     $T->set_var(array('max-width' => $tn_width));
     PLG_templateSetVars('mediagallery', $T);
     $T->parse('media_cell', 'media_cell_image');
     $retval = $T->finish($T->get_var('media_cell'));
     return $retval;
Ejemplo n.º 15
         $topicTemplate->set_var(array('replytopiclink' => $replytopiclink, 'replytopiclinkimg' => $replytopiclinkimg, 'LANG_reply' => $LANG_GF01['POSTREPLY']));
 } else {
     $newtopiclink = '';
     $newtopiclinkimg = '';
 // Enable subscriptions if member
 if (!COM_isAnonUser()) {
     $forumid = $viewtopic['forum'];
     /* Check for a un-subscribe record */
     $ntopicid = -$showtopic;
     if (DB_count($_TABLES['subscriptions'], array('type', 'category', 'id', 'uid'), array('forum', (int) $forumid, $ntopicid, (int) $_USER['uid'])) > 0) {
         $notifylinkimg = '<img src="' . _ff_getImage('notify_on') . '" style="border:none;vertical-align:middle;" alt="' . $LANG_GF02['msg62'] . '" title="' . $LANG_GF02['msg62'] . '"/>';
         $notifylink = $_CONF['site_url'] . '/forum/notify.php?forum=' . $forumid . '&amp;submit=save&amp;topic=' . $showtopic;
         $topicTemplate->set_var('LANG_notify', $LANG_GF01['SubscribeLink']);
         $topicTemplate->set_var('suboption', 'subscribe_topic');
         /* Check if user has subscribed to complete forum */
     } elseif (DB_count($_TABLES['subscriptions'], array('type', 'category', 'id', 'uid'), array('forum', (int) $forumid, '0', (int) $_USER['uid'])) > 0) {
         $notifyID = DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category=" . (int) $forumid . " AND id=0 AND uid=" . (int) $_USER['uid']);
         $notifylinkimg = '<img src="' . _ff_getImage('notify_off') . '" style="border:none;vertical-align:middle;" alt="' . $LANG_GF02['msg137'] . '" title="' . $LANG_GF02['msg137'] . '"/>';
         $notifylink = $_CONF['site_url'] . '/forum/notify.php?submit=delete2&amp;id=' . $notifyID . '&amp;forum=' . $forumid . '&amp;topic=' . $showtopic;
         $topicTemplate->set_var('LANG_notify', $LANG_GF01['unSubscribeLink']);
         $topicTemplate->set_var('topic_subscribed', true);
         $topicTemplate->set_var('suboption', 'unsubscribe_topic');
         $topicTemplate->set_var('notify_id', $notifyID);
         /* Check if user is subscribed to this specific topic */
     } elseif (DB_count($_TABLES['subscriptions'], array('type', 'category', 'id', 'uid'), array('forum', (int) $forumid, (int) $showtopic, (int) $_USER['uid'])) > 0) {
         $notifyID = DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category=" . (int) $forumid . " AND id=" . (int) $showtopic . " AND uid=" . (int) $_USER['uid']);
         $notifylinkimg = '<img src="' . _ff_getImage('notify_off') . '" style="border:none;vertical-align:middle;" alt="' . $LANG_GF02['msg137'] . '" title="' . $LANG_GF02['msg137'] . '"/>';
         $notifylink = $_CONF['site_url'] . '/forum/notify.php?submit=delete2&amp;id=' . $notifyID . '&amp;forum=' . $forumid . '&amp;topic=' . $showtopic;
Ejemplo n.º 16
function forum_pagination($base_url, $curpage, $num_pages, $page_str = 'page=', $do_rewrite = false, $msg = '', $open_ended = '', $suffix = '')
    global $_CONF, $LANG05;
    $retval = '';
    $output = outputHandler::getInstance();
    if ($num_pages < 2) {
        return $retval;
    $T = new Template($_CONF['path'] . 'plugins/forum/templates');
    $T->set_file('pagination', 'pagination.thtml');
    if (!$do_rewrite) {
        $hasargs = strstr($base_url, '?');
        if ($hasargs) {
            $sep = '&amp;';
        } else {
            $sep = '?';
    } else {
        $sep = '/';
        $page_str = '';
    if ($curpage > 1) {
        $T->set_var('first', true);
        $T->set_var('first_link', $base_url . $sep . $page_str . '1' . $suffix);
        $pg = $sep . $page_str . ($curpage - 1);
        $T->set_var('prev', true);
        $T->set_var('prev_link', $base_url . $pg . $suffix);
        $output->addLink('prev', urldecode($base_url . $pg . $suffix));
    } else {
    $T->set_block('pagination', 'datarow', 'datavar');
    if ($curpage == 1) {
        $T->set_var('page_str', '1');
        $T->set_var('page_link', '#');
        $T->set_var('disabled', true);
        $T->set_var('active', true);
        $T->parse('datavar', 'datarow', true);
    } else {
        $T->set_var('page_str', '1');
        $pg = $sep . $page_str . 1;
        $T->set_var('page_link', $base_url . $pg . $suffix);
        $T->parse('datavar', 'datarow', true);
    if ($num_pages > 5) {
        $start_cnt = min(max(1, $curpage - 4), $num_pages - 5);
        $end_cnt = max(min($num_pages, $curpage + 2), 6);
        if ($start_cnt > 1) {
            $T->set_var('page_str', '...');
            $T->set_var('page_link', '#');
            $T->set_var('disabled', true);
            $T->parse('datavar', 'datarow', true);
        for ($i = $start_cnt + 1; $i < $end_cnt; $i++) {
            if ($i == $curpage) {
                $T->set_var('page_str', $i);
                $T->set_var('page_link', '#');
                $T->set_var('disabled', true);
                $T->set_var('active', true);
            } else {
                $T->set_var('page_str', $i);
                $pg = $sep . $page_str . $i;
                $T->set_var('page_link', $base_url . $pg . $suffix);
            $T->parse('datavar', 'datarow', true);
        if ($end_cnt < $num_pages) {
            $T->set_var('page_str', '...');
            $T->set_var('page_link', '#');
            $T->set_var('disabled', true);
            $T->parse('datavar', 'datarow', true);
        if ($curpage == $num_pages) {
            $T->set_var('page_str', $num_pages);
            $T->set_var('page_link', '#');
            $T->set_var('active', true);
        } else {
            $T->set_var('page_str', $num_pages);
            $pg = $sep . $page_str . $num_pages;
            $T->set_var('page_link', $base_url . $pg . $suffix);
        $T->parse('datavar', 'datarow', true);
    } else {
        for ($pgcount = $curpage - 10; $pgcount <= $curpage + 9 and $pgcount <= $num_pages; $pgcount++) {
            if ($pgcount <= 0) {
                $pgcount = 2;
            if ($pgcount == $curpage) {
                $T->set_var('active', true);
                $T->set_var('page_str', $curpage);
            } else {
                $T->set_var('page_str', $pgcount);
                $pg = $sep . $page_str . $pgcount;
                $T->set_var('page_link', $base_url . $pg . $suffix);
            $T->parse('datavar', 'datarow', true);
    if (!empty($open_ended)) {
        $T->set_var('open_ended', true);
    } else {
        if ($curpage == $num_pages) {
        } else {
            $T->set_var('next', true);
            $T->set_var('next_link', $base_url . $sep . $page_str . ($curpage + 1) . $suffix);
            $T->set_var('last', true);
            $T->set_var('last_link', $base_url . $sep . $page_str . $num_pages . $suffix);
            $output->addLink('next', urldecode($base_url . $sep . $page_str . ($curpage + 1) . $suffix));
    if (!empty($msg)) {
        $T->set_var('msg', $msg);
    $retval = $T->finish($T->parse('output', 'pagination'));
    return $retval;
Ejemplo n.º 17
function USER_userinfoPanel($U, $newuser = 0)
    $uid = $U['uid'];
    // set template
    $userform = new Template($_CONF['path_layout'] . 'admin/user/');
    $userform->set_file('user', 'userinfopanel.thtml');
    $userform->set_var(array('lang_personal_info_legend' => $LANG04[130], 'lang_userinfo_help_title' => $LANG04[148], 'lang_userinfo_help' => $LANG04[149], 'lang_homepage' => $LANG04[6], 'lang_location' => $LANG04[106], 'lang_signature' => $LANG04[32], 'lang_about' => $LANG04[7], 'lang_pgpkey' => $LANG04[8], 'lang_social_follow' => $LANG04[198], 'lang_social_info' => $LANG04[199], 'lang_social_service' => $LANG04[200], 'lang_social_username' => $LANG04[201]));
    $follow_me = SOC_followMeProfile($uid);
    if (is_array($follow_me) && count($follow_me) > 0) {
        $userform->set_block('user', 'social_links', 'sl');
        $userform->set_var('social_followme_enabled', true);
        foreach ($follow_me as $service) {
            $userform->set_var('service_display_name', $service['service_display_name']);
            $userform->set_var('service', $service['service']);
            $userform->set_var('service_username', $service['service_username']);
            $userform->parse('sl', 'social_links', true);
    } else {
    if ($_CONF['allow_user_photo'] == 1) {
        $userform->set_var('lang_userphoto', $LANG04[77]);
    $userform->set_var('homepage_value', @htmlspecialchars(COM_killJS($U['homepage']), ENT_NOQUOTES, COM_getEncodingt()));
    $userform->set_var('location_value', @htmlspecialchars(strip_tags($U['location']), ENT_NOQUOTES, COM_getEncodingt()));
    $userform->set_var('signature_value', @htmlspecialchars($U['sig'], ENT_NOQUOTES, COM_getEncodingt()));
    $userform->set_var('about_value', @htmlspecialchars($U['about'], ENT_NOQUOTES, COM_getEncodingt()));
    $userform->set_var('pgpkey_value', @htmlspecialchars($U['pgpkey'], ENT_NOQUOTES, COM_getEncodingt()));
    if ($_CONF['allow_user_photo'] == 1) {
        if (!empty($uid) && $uid > 1) {
            $photo = USER_getPhoto($uid, $U['photo'], $U['email'], -1);
            if (empty($photo)) {
                $userform->set_var('display_photo', '');
            } else {
                if (empty($U['photo'])) {
                    // external avatar
                    $photo = '<br/>' . $photo;
                } else {
                    // uploaded photo - add delete option
                    $photo = '<br/>' . $photo . '<br/>' . $LANG04[79] . '&nbsp;<input type="checkbox" name="delete_photo"/>' . LB;
                $userform->set_var('display_photo', $photo);
        } else {
            $userform->set_var('display_photo', '');
    if (!empty($uid) && $uid > 1) {
        $userform->set_var('plugin_userinfo_personalinfo', PLG_profileEdit($uid, 'userinfo', 'personalinfo'));
        $userform->set_var('plugin_userinfo', PLG_profileEdit($uid, 'userinfo'));
        if ($_CONF['custom_registration'] && function_exists('CUSTOM_userEdit')) {
            $userform->set_var('customfields', CUSTOM_userEdit($uid));
    $retval = $userform->finish($userform->parse('output', 'user'));
    return $retval;
Ejemplo n.º 18
if ($resultcreator) {
    $tpl->parse("QUESTION", "label_creator");
    $tpl->parse("CELL_QUESTION", "cell_question", true);
//Creation time header
if ($resultcreationtime) {
    $tpl->parse("QUESTION", "label_creation_time");
    $tpl->parse("CELL_QUESTION", "cell_question", true);
//output answers
$count = 1;
if ($values != "") {
    foreach ($values as $tkey => $tvalue) {
        $tdata = $tvalue;
        $tpl->set_var("COUNT", $count++);
        foreach ($entities as $ekey => $evalue) {
            $edata = $evalue;
            if (!isset($edata["input_id"])) {
            $input_id = trim($edata["input_id"]);
            switch ($edata["type"]) {
                case QUESTIONARY_INPUT_SELECT:
                case QUESTIONARY_INPUT_RADIO:
                    $text = $edata["options"][$tdata["bid:questionary:input"][$input_id]];
                    $text = umlaute($text);
                    $tpl->set_var("ANSWER", $text);
                    $tpl->parse("CELL_ANSWER", "cell_answer", true);
                case QUESTIONARY_INPUT_CHECKBOX:
Ejemplo n.º 19
 function generate()
     global $_CONF;
     $navtemplate = new Template($_CONF['path_layout'] . 'navbar');
     $navtemplate->set_file(array('navbar' => 'navbar.thtml', 'menuitem' => 'menuitem.thtml'));
     $navtemplate->set_var('xhtml', XHTML);
     $navtemplate->set_var('site_url', $_CONF['site_url']);
     $navtemplate->set_var('site_admin_url', $_CONF['site_admin_url']);
     $navtemplate->set_var('layout_url', $_CONF['layout_url']);
     if ($this->_parms != '') {
         $navtemplate->set_var('parms', $this->_parms);
     for ($i = 1; $i <= count($this->_menuitems); $i++) {
         $label = key($this->_menuitems);
         $linkurl = current($this->_menuitems);
         if (is_array($this->_onclick) and array_key_exists($label, $this->_onclick)) {
             $onclick = " onclick='{$this->_onclick[$label]}'";
             $navtemplate->set_var('onclick', $onclick);
             $navtemplate->set_var('link', $linkurl == '' ? '#' : $linkurl);
         } else {
             $navtemplate->set_var('onclick', '');
             $navtemplate->set_var('link', $linkurl);
         if ($label == $this->_selected) {
             $navtemplate->set_var('cssactive', ' id="active"');
             $navtemplate->set_var('csscurrent', ' id="current"');
         } else {
         $navtemplate->set_var('label', $label);
         $navtemplate->parse('menuitems', 'menuitem', true);
     $navtemplate->parse('output', 'navbar');
     $retval = $navtemplate->finish($navtemplate->get_var('output'));
     return $retval;
Ejemplo n.º 20
* Shows the story submission form
function submitstory($topic = '')
    global $_CONF, $_TABLES, $_USER, $LANG12, $LANG24, $REMOTE_ADDR;
    $retval = '';
    $story = new Story();
    if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        // preview
        $retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
        $retval .= '<div style="border-bottom:1px solid #cccccc"></div>';
    } else {
    if ($_CONF['story_submit_by_perm_only']) {
        $topicList = COM_topicList('tid,topic', $story->EditElements('tid'), 1, false, 3);
    } else {
        $topicList = COM_topicList('tid,topic', $story->EditElements('tid'));
    // no topics
    if ($topicList == '') {
        $retval = COM_showMessageText($LANG24[66], '', 1, 'error');
        return $retval;
    $retval .= COM_startBlock($LANG12[6]);
    $storyform = new Template($_CONF['path_layout'] . 'submit');
    $storyform->set_file('storyform', 'submitstory.thtml');
    if ($story->EditElements('postmode') == 'html') {
        $storyform->set_var('show_htmleditor', true);
    } else {
    $storyform->set_var('site_admin_url', $_CONF['site_admin_url']);
    $storyform->set_var('lang_username', $LANG12[27]);
    if (!COM_isAnonUser()) {
        $storyform->set_var('story_username', $_USER['username']);
        $storyform->set_var('author', COM_getDisplayName());
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
        $storyform->set_var('lang_loginout', $LANG12[34]);
    } else {
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
        $storyform->set_var('lang_loginout', $LANG12[2]);
        if (!$_CONF['disable_new_user_registration']) {
            $storyform->set_var('separator', ' | ');
            $storyform->set_var('seperator', ' | ');
            $storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => "nofollow")));
    $storyform->set_var('lang_title', $LANG12[10]);
    $storyform->set_var('story_title', $story->EditElements('title'));
    $storyform->set_var('lang_topic', $LANG12[28]);
    $storyform->set_var('story_topic_options', $topicList);
        if ( $_CONF['story_submit_by_perm_only'] ) {
            $storyform->set_var('story_topic_options', COM_topicList('tid,topic',$story->EditElements('tid'),1,false,3));
        } else {
            $storyform->set_var('story_topic_options', COM_topicList('tid,topic',$story->EditElements('tid')));
    $storyform->set_var('lang_story', $LANG12[29]);
    $storyform->set_var('lang_introtext', $LANG12[54]);
    $storyform->set_var('lang_bodytext', $LANG12[55]);
    $storyform->set_var('story_introtext', $story->EditElements('introtext'));
    $storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
    $storyform->set_var('lang_postmode', $LANG12[36]);
    $storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $story->EditElements('postmode')));
    $storyform->set_var('postmode', $story->EditElements('postmode'));
    $storyform->set_var('allowed_html', COM_allowedHTML(SEC_getUserPermissions(), false, 'glfusion', 'story') . '<br/>' . COM_allowedAutotags(SEC_getUserPermissions(), false, 'glfusion', 'story'));
    $storyform->set_var('story_uid', $story->EditElements('uid'));
    $storyform->set_var('story_sid', $story->EditElements('sid'));
    $storyform->set_var('story_date', $story->EditElements('unixdate'));
    PLG_templateSetVars('story', $storyform);
    if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        $storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
    $storyform->set_var('lang_preview', $LANG12[32]);
    $storyform->parse('theform', 'storyform');
    $retval .= $storyform->finish($storyform->get_var('theform'));
    $retval .= COM_endBlock();
    $urlfor = 'advancededitor';
    if (COM_isAnonUser()) {
        $urlfor = 'advancededitor' . md5($REMOTE_ADDR);
    $rc = @setcookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral($urlfor), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
    return $retval;
Ejemplo n.º 21
 public function testUnsetVarHashMultiple()
     $tp2 = new Template();
     $hash = array('test1' => 'test41', 'test2' => 'test42');
     $this->assertEquals("test41", $tp2->get_var('test1'));
     $this->assertEquals("test42", $tp2->get_var('test2'));
     $hash2 = array('test1', 'test2');
     $this->assertEquals("", $tp2->get_var('test1'));
     $this->assertEquals("", $tp2->get_var('test2'));
Ejemplo n.º 22
 function _UI_get_conf_element($group, $name, $display_name, $type, $val, $selectionArray = null, $deletable = false, $allow_reset = false)
     global $_CONF, $LANG_CONFIG;
     $t = new Template($GLOBALS['_CONF']['path_layout'] . 'admin/config');
     $t->set_file('element', 'config_element.thtml');
     $blocks = array('delete-button', 'text-element', 'passwd-element', 'placeholder-element', 'select-element', 'list-element', 'unset-param', 'keyed-add-button', 'unkeyed-add-button', 'text-area');
     if (is_array($blocks)) {
         foreach ($blocks as $block) {
             $t->set_block('element', $block);
     $t->set_var('lang_restore', $LANG_CONFIG['restore']);
     $t->set_var('lang_enable', $LANG_CONFIG['enable']);
     $t->set_var('lang_add_element', $LANG_CONFIG['add_element']);
     $t->set_var('name', $name);
     $t->set_var('display_name', $display_name);
     if (!is_array($val)) {
         if (is_float($val)) {
              * @todo FIXME: for Locales where the comma is the decimal
              *              separator, patch output to a decimal point
              *              to prevent it being cut off by COM_applyFilter
             $t->set_var('value', str_replace(',', '.', $val));
         } else {
             $t->set_var('value', htmlspecialchars($val));
     if ($deletable) {
         $t->set_var('delete', $t->parse('output', 'delete-button'));
     } else {
         if ($allow_reset) {
             $t->set_var('unset_link', "(<a href='#' onclick='unset(\"{$name}\");return false;' title='" . $LANG_CONFIG['disable'] . "'>X</a>)");
         if (($a = strrchr($name, '[')) !== FALSE) {
             $o = str_replace(array('[', ']'), array('_', ''), $name);
         } else {
             $o = $name;
         $helpUrl = $this->_get_ConfigHelp($group, $o);
         if (!empty($helpUrl)) {
             $t->set_var('doc_link', $helpUrl);
         } else {
             $t->set_var('doc_link', '');
         $docUrl = $this->_getConfigHelpDocument($group, $o);
         if ($docUrl != '') {
             $t->set_var('cfg_item', $o);
         } else {
     if ($type == "unset") {
         return $t->finish($t->parse('output', 'unset-param'));
     } elseif ($type == "text") {
         return $t->finish($t->parse('output', 'text-element'));
     } elseif ($type == "textarea") {
         return $t->finish($t->parse('output', 'text-area'));
     } elseif ($type == "passwd") {
         return $t->finish($t->parse('output', 'passwd-element'));
     } elseif ($type == "placeholder") {
         return $t->finish($t->parse('output', 'placeholder-element'));
     } elseif ($type == 'select') {
         // if $name is like "blah[0]", separate name and index
         $n = explode('[', $name);
         $name = $n[0];
         $index = null;
         if (count($n) == 2) {
             $i = explode(']', $n[1]);
             $index = $i[0];
         $type_name = $type . '_' . $name;
         if ($group == 'Core') {
             $fn = 'configmanager_' . $type_name . '_helper';
         } else {
             $fn = 'plugin_configmanager_' . $type_name . '_' . $group;
         if (function_exists($fn)) {
             if ($index === null) {
                 $selectionArray = $fn();
             } else {
                 $selectionArray = $fn($index);
         } else {
             if (is_array($selectionArray)) {
                 // leave sorting to the function otherwise
                 uksort($selectionArray, 'strcasecmp');
         if (!is_array($selectionArray)) {
             return $t->finish($t->parse('output', 'text-element'));
         $t->set_block('select-element', 'select-options', 'myoptions');
         if (is_array($selectionArray)) {
             foreach ($selectionArray as $sName => $sVal) {
                 if (is_bool($sVal)) {
                     $t->set_var('opt_value', $sVal ? 'b:1' : 'b:0');
                 } else {
                     $t->set_var('opt_value', $sVal);
                 $t->set_var('opt_name', $sName);
                 $t->set_var('selected', $val == $sVal ? 'selected="selected"' : '');
                 $t->parse('myoptions', 'select-options', true);
             if ($index == 'placeholder') {
                 $t->set_var('hide_row', ' style="display:none;"');
         return $t->parse('output', 'select-element');
     } elseif (strpos($type, "@") === 0) {
         $result = "";
         if (is_array($val)) {
             foreach ($val as $valkey => $valval) {
                 $result .= config::_UI_get_conf_element($group, $name . '[' . $valkey . ']', $display_name . '[' . $valkey . ']', substr($type, 1), $valval, $selectionArray, false);
         return $result;
     } elseif (strpos($type, "*") === 0 || strpos($type, "%") === 0) {
         $t->set_var('arr_name', $name);
         $t->set_var('array_type', $type);
         $button = $t->parse('output', strpos($type, "*") === 0 ? 'keyed-add-button' : 'unkeyed-add-button');
         $t->set_var('my_add_element_button', $button);
         $result = "";
         if (is_array($val)) {
             if ($type == '%select') {
                 $result .= config::_UI_get_conf_element($group, $name . '[placeholder]', 'placeholder', substr($type, 1), 'placeholder', $selectionArray, true);
             foreach ($val as $valkey => $valval) {
                 $result .= config::_UI_get_conf_element($group, $name . '[' . $valkey . ']', $valkey, substr($type, 1), $valval, $selectionArray, true);
         $t->set_var('my_elements', $result);
         return $t->parse('output', 'list-element');
Ejemplo n.º 23
Archivo: edit.php Proyecto: rolwi/koala
$tpl->set_block("content", "button_mission", "BUTTON_MISSION_ROW");
$tpl->set_block("content", "category_null", "DUMMY");
$tpl->set_block("content", "category_row", "CATEGORY_ROW");
$tpl->set_block("category_row", "topic_null", "DUMMY");
$tpl->set_block("category_row", "topic_row", "TOPIC_ROW");
$tpl->set_var(array("DUMMY" => "", "PORTAL_ID" => $portal->get_id(), "PORTAL_NAME" => $portal_name, "PORTLET_NAME" => $portlet_name, "PORTLET_ID" => $portlet->get_id(), "CATEGORY_ROW" => "", "TOPIC_ROW" => ""));
//parse "new" button
$tpl->set_var(array("BUTTON_MISSION" => "new", "BUTTON_URL" => "{$config_webserver_ip}/modules/portal2/portlets/topic/category_edit.php", "BUTTON_CANCEL_ACTION" => "opener.top.location.reload();window.close();"));
$tpl->parse("BUTTON_LABEL", "button_label_new");
$tpl->parse("BUTTON_MISSION_ROW", "button_mission", true);
if (is_array($content) && sizeof($content) > 0) {
    //show all catogories
    foreach ($content as $category_id => $category) {
        $tpl->set_var(array("CATEGORY_ID" => $category_id, "CATEGORY_NAME" => $category["title"]));
        //clear "TOPIC_ROW"
        if (is_array($category["topics"]) && sizeof($category["topics"]) > 0) {
            //show all topics of a category
            foreach ($category["topics"] as $topic_id => $topic) {
                $tpl->set_var(array("TOPIC_ID" => $topic_id, "TOPIC_NAME" => $topic["title"]));
                $tpl->parse("TOPIC_ROW", "topic_row", 1);
        } else {
            $tpl->parse("TOPIC_ROW", "topic_null");
        $tpl->parse("CATEGORY_ROW", "category_row", 1);
    //display sort button if there is enough content to sort something
    if (sizeof($content) > 1) {
        //parse "sort" button
        $tpl->set_var(array("BUTTON_MISSION" => "sort", "BUTTON_URL" => "{$config_webserver_ip}/modules/portal2/portlets/topic/category_sort.php"));
Ejemplo n.º 24
 if ($breakresult == "all") {
     $startitem = 0;
     $enditem = count($inventory);
 } else {
     $startitem = $breakresult * $page_number;
     $enditem = $startitem + $breakresult;
 foreach ($values as $key => $value) {
     if ($item_count <= $startitem) {
     if ($item_count > $enditem) {
     $tpl->set_var("ANSWER_ID", $value['obj_id']);
     $result = $value["bid:questionary:input"];
     foreach ($header as $id => $header_element) {
         $question = $geo->get_id($id);
         switch ($question["type"]) {
             case QUESTIONARY_INPUT_RADIO:
                 $text = @$question["options"][$result[$header_element[0]]];
                 $text = "";
                 foreach ($result[$header_element[0]] as $option) {
                     $text .= @$question["options"][$option] . "<br>";
Ejemplo n.º 25
 $topiclisting = new Template($_CONF['path'] . 'plugins/forum/templates/');
 $topiclisting->set_file('topiclisting', 'topiclisting.thtml');
 $topiclisting->set_var(array('LANG_HOME' => $LANG_GF01['HOMEPAGE'], 'forum_home' => $LANG_GF01['INDEXPAGE'], 'navbreadcrumbsimg' => '<img src="' . _ff_getImage('nav_breadcrumbs') . '" alt=""/>', 'img_asc1' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc2' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc3' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc4' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_asc5' => '<img src="' . _ff_getImage('asc') . '" alt=""/>', 'img_desc1' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc2' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc3' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc4' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'img_desc5' => '<img src="' . _ff_getImage('desc') . '" alt=""/>', 'tooltip_style' => COM_getToolTipStyle()));
 switch ($sort) {
     case 1:
         if ($order == 0) {
             $sortOrder = "subject ASC";
             $topiclisting->set_var('img_asc1', '<img src="' . _ff_getImage('asc_on') . '" alt=""/>');
             $topiclisting->set_var('sort_subject', true);
             $topiclisting->set_var('sort_asc', true);
             $topiclisting->set_var('new_sort_order', '1');
         } else {
             $sortOrder = "subject DESC";
             $topiclisting->set_var('img_desc1', '<img src="' . _ff_getImage('desc_on') . '" alt=""/>');
             $topiclisting->set_var('sort_subject', true);
             $topiclisting->set_var('new_sort_order', '0');
     case 2:
         if ($order == 0) {
             $sortOrder = "views ASC";
             $topiclisting->set_var('img_asc2', '<img src="' . _ff_getImage('asc_on') . '" alt=""/>');
             $topiclisting->set_var('sort_views', true);
             $topiclisting->set_var('sort_asc', true);
             $topiclisting->set_var('new_sort_order', '1');
         } else {
             $sortOrder = "views DESC";
             $topiclisting->set_var('img_desc2', '<img src="' . _ff_getImage('desc_on') . '" alt=""/>');
             $topiclisting->set_var('sort_views', true);
Ejemplo n.º 26
 $tpl->parse("LANGUAGE_ERROR", "fac_error");
 $tpl->parse("LANGUAGE_ERROR_CONTENT", "fac_error_content");
 $tpl->parse("LANGUAGE_ERROR_DESCRIPTION", "fac_error_description");
 $tpl->parse("LANGUAGE_ERROR_TITLE", "fac_error_title");
 $tpl->parse("LANGUAGE_FORM_EXPERT_FORMAT", "fac_expert_formatation");
 $tpl->parse("LANGUAGE_FORM_CONTENT", "fac_form_content");
 $tpl->parse("LANGUAGE_FORM_DESCRIPTION", "fac_form_description");
 $tpl->parse("LANGUAGE_FORM_TITLE", "fac_form_title");
 $tpl->parse("LANGUAGE_SITE_FORM", "fac_site_form");
 $tpl->parse("LANGUAGE_SITE_TITLE", "fac_site_title");
 $tpl->parse("LANGUAGE_NO_ACCESS", "fac_no_access");
 $tpl->parse("LANGUAGE_ERROR_NOT_LOGGED_IN", "fac_error_not_logged_in");
 $tpl->parse("CONTENT", $current_file);
 $tpl->parse("OUT", "blueprint");
 $out = $tpl->get_var("OUT");
 $tpl->unset_var(array("BUTTON_LABEL", "BUTTON_MISSION", "BUTTON_URL"));
 $fp = fopen("{$tmp_doc_root}/templates/{$language}/{$current_file}.ihtml", "w");
 fwrite($fp, $out);
 echo "&nbsp;&nbsp;&nbsp; {$current_file}.ihtml abgeschlossen. (... {$tmp_doc_root}/templates/{$language}/{$current_file}.ihtml)<br>";
 //* forum_edit_categorie.ihtml
 $current_file = "forum_edit_categorie";
 $tpl->set_file($current_file, "forum_add_categorie.ihtml");
 $tpl->set_block("language", "fec_button_cancel");
 $tpl->set_block("language", "fec_button_label_save");
 $tpl->set_block("language", "fec_error");
 $tpl->set_block("language", "fec_error_content");
 $tpl->set_block("language", "fec_error_description");
 $tpl->set_block("language", "fec_error_title");