/**
* Adds an event to the user's calendar
*
* The user has asked that an event be added to their personal
* calendar. Show a confirmation screen.
*
* @param string $eid event ID to add to user's calendar
* @return string HTML for confirmation form
*
*/
function adduserevent($eid)
{
global $_CONF, $_TABLES, $LANG_CALJP_1;
$retval = '';
$eventsql = "SELECT * FROM {$_TABLES['eventsjp']} WHERE eid='{$eid}'" . COM_getPermSql('AND');
$result = DB_query($eventsql);
$nrows = DB_numRows($result);
if ($nrows == 1) {
$retval .= COM_startBlock(sprintf($LANG_CALJP_1[11], COM_getDisplayName()));
$A = DB_fetchArray($result);
$cal_template = COM_newTemplate($_CONF['path'] . 'plugins/calendarjp/templates/');
$cal_template->set_file(array('addevent' => 'addevent.thtml'));
$cal_template->set_var('intro_msg', $LANG_CALJP_1[8]);
$cal_template->set_var('lang_event', $LANG_CALJP_1[12]);
$event_title = stripslashes($A['title']);
if (!empty($A['url']) && $A['url'] != 'http://') {
$event_title_and_url = COM_createLink($event_title, $A['url'], array('class' => 'url'));
$cal_template->set_var('event_url', $A['url']);
$cal_template->set_var('event_begin_anchortag', '<a href="' . $A['url'] . '" class="url">');
$cal_template->set_var('event_end_anchortag', '</a>');
} else {
$event_title_and_url = $event_title;
$cal_template->set_var('event_url', '');
$cal_template->set_var('event_begin_anchortag', '');
$cal_template->set_var('event_end_anchortag', '');
}
$cal_template->set_var('event_title', $event_title_and_url);
$cal_template->set_var('event_title_only', $event_title);
$cal_template->set_var('lang_starts', $LANG_CALJP_1[13]);
$cal_template->set_var('lang_ends', $LANG_CALJP_1[14]);
$thestart = COM_getUserDateTimeFormat($A['datestart'] . ' ' . $A['timestart']);
$theend = COM_getUserDateTimeFormat($A['dateend'] . ' ' . $A['timeend']);
if ($A['allday'] == 0) {
$cal_template->set_var('event_start', $thestart[0]);
$cal_template->set_var('event_end', $theend[0]);
} else {
$cal_template->set_var('event_start', strftime($_CONF['shortdate'], $thestart[1]));
$cal_template->set_var('event_end', strftime($_CONF['shortdate'], $theend[1]));
}
$cal_template->set_var('lang_where', $LANG_CALJP_1[4]);
$location = stripslashes($A['location']) . '<br' . XHTML . '>' . stripslashes($A['address1']) . '<br' . XHTML . '>' . stripslashes($A['address2']) . '<br' . XHTML . '>' . stripslashes($A['city']) . ', ' . stripslashes($A['state']) . ' ' . $A['zipcode'];
$cal_template->set_var('event_location', $location);
$cal_template->set_var('lang_description', $LANG_CALJP_1[5]);
$description = stripslashes($A['description']);
if (empty($A['postmode']) || $A['postmode'] == 'plaintext') {
$description = COM_nl2br($description);
}
$cal_template->set_var('event_description', PLG_replaceTags($description));
$cal_template->set_var('event_id', $eid);
$cal_template->set_var('lang_addtomycalendar', $LANG_CALJP_1[9]);
$cal_template->set_var('gltoken_name', CSRF_TOKEN);
$cal_template->set_var('gltoken', SEC_createToken());
$cal_template->parse('output', 'addevent');
$retval .= $cal_template->finish($cal_template->get_var('output'));
$retval .= COM_endBlock();
} else {
$retval .= COM_showMessage(23);
}
return $retval;
}
function _ff_getListField_memberlist($fieldname, $fieldvalue, $A, $icon_arr)
{
global $_CONF, $_USER, $_TABLES, $LANG_ADMIN, $LANG04, $LANG28, $_IMAGE_TYPE;
global $_FF_CONF, $_SYSTEM, $LANG_GF02;
if (!isset($A['status'])) {
$A['status'] = 0;
}
$retval = '';
switch ($fieldname) {
case 'username':
$url = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid'];
$retval = COM_createLink($fieldvalue, $url);
break;
case 'posts':
$posts = DB_count($_TABLES['ff_topic'], 'uid', $A['uid']);
$retval = $posts;
break;
case 'homepage':
$retval = '';
if ($A['homepage'] != '') {
$homepage = $A['homepage'];
if (!preg_match("/http/i", $homepage)) {
$homepage = 'http://' . $homepage;
}
$retval = '<a href="' . $homepage . '"><img src="' . _ff_getImage('home') . '" alt="Website"/></a>';
}
break;
case 'email':
if ($A['emailfromuser'] == '1') {
$retval = '<a href="' . $_CONF['site_url'] . '/profiles.php?uid=' . $A['uid'] . '"><img src="' . _ff_getImage('email') . '" alt="email"/></a>';
}
break;
case 'pm':
if ($_FF_CONF['use_pm_plugin']) {
$pmplugin_link = forumPLG_getPMlink($siteMembers['username']);
$retval = '<a href="' . $pmplugin_link . '"><img src="' . _ff_getImage('pm') . '" alt="PM"/></a>';
}
break;
case 'lastpost':
$A['posts'] = DB_count($_TABLES['ff_topic'], 'uid', $A['uid']);
if ($A['posts'] > 0) {
$reportlinkURL = $_CONF['site_url'] . '/forum/memberlist.php?op=last10posts&showuser='******'uid'];
$retval = '<a href="' . $reportlinkURL . '"><img src="' . _ff_getImage('latestposts') . '" alt="LatestPosts"/></a>';
}
break;
case 'regdate':
$phpdate = strtotime($fieldvalue);
$dt = new Date($phpdate, $_USER['tzid']);
$retval = $dt->format($_FF_CONF['default_Datetime_format'], true);
break;
default:
$retval = $fieldvalue;
break;
}
return $retval;
}
/**
* Constructor
*/
function display()
{
global $_CONF, $_TABLES, $LANG_SX00;
$action = '';
if (isset($_GET['action'])) {
$action = $_GET['action'];
} elseif (isset($_POST['paction'])) {
$action = $_POST['paction'];
}
if ($action == 'delete' && SEC_checkToken()) {
$entry = $_GET['entry'];
if (!empty($entry)) {
$dbentry = addslashes($entry);
DB_delete($_TABLES['spamx'], array('name', 'value'), array('HTTPHeader', $dbentry));
}
} elseif ($action == $LANG_SX00['addentry'] && SEC_checkToken()) {
$entry = '';
$name = COM_applyFilter($_REQUEST['header-name']);
$n = explode(':', $name);
$name = $n[0];
$value = $_REQUEST['header-value'];
if (!empty($name) && !empty($value)) {
$entry = $name . ': ' . $value;
}
$dbentry = addslashes($entry);
if (!empty($entry)) {
$result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('HTTPHeader','{$dbentry}')");
}
}
$token = SEC_createToken();
$display = '<hr' . XHTML . '>' . LB . '<p><b>';
$display .= $LANG_SX00['headerblack'];
$display .= '</b></p>' . LB . '<ul>' . LB;
$result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='HTTPHeader' ORDER BY value");
$nrows = DB_numRows($result);
for ($i = 0; $i < $nrows; $i++) {
list($e) = DB_fetchArray($result);
$display .= '<li>' . COM_createLink(htmlspecialchars($e), $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader&action=delete&entry=' . urlencode($e) . '&' . CSRF_TOKEN . '=' . $token) . '</li>' . LB;
}
$display .= '</ul>' . LB . '<p>' . $LANG_SX00['e1'] . '</p>' . LB;
$display .= '<p>' . $LANG_SX00['e2'] . '</p>' . LB;
$display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader">' . LB;
$display .= '<table border="0" width="100%">' . LB;
$display .= '<tr><td align="right"><b>Header:</b></td>' . LB;
$display .= '<td><input type="text" size="40" name="header-name"' . XHTML . '> e.g. <tt>User-Agent</tt></td></tr>' . LB;
$display .= '<tr><td align="right"><b>Content:</b></td>' . LB;
$display .= '<td><input type="text" size="40" name="header-value"' . XHTML . '> e.g. <tt>Mozilla</tt></td></tr>' . LB;
$display .= '</table>' . LB;
$display .= '<p><input type="submit" name="paction" value="' . $LANG_SX00['addentry'] . '"' . XHTML . '>';
$display .= '<input type="hidden" name="' . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . '></p>' . LB;
$display .= '</form>' . LB;
return $display;
}
/**
* Constructor
*/
function display()
{
global $_CONF, $_TABLES, $LANG_SX00;
$action = '';
if (isset($_GET['action'])) {
$action = $_GET['action'];
} elseif (isset($_POST['paction'])) {
$action = $_POST['paction'];
}
$entry = '';
if (isset($_GET['entry'])) {
$entry = COM_stripslashes($_GET['entry']);
} elseif (isset($_POST['pentry'])) {
$entry = COM_stripslashes($_POST['pentry']);
}
if ($action == 'delete' && SEC_checkToken()) {
$entry = DB_escapeString($entry);
DB_delete($_TABLES['spamx'], array('name', 'value'), array('Personal', $entry));
} elseif ($action == $LANG_SX00['addentry'] && SEC_checkToken()) {
if (!empty($entry)) {
$entry = DB_escapeString($entry);
$result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('Personal', '{$entry}')");
}
} elseif ($action == $LANG_SX00['addcen'] && SEC_checkToken()) {
foreach ($_CONF['censorlist'] as $entry) {
$entry = DB_escapeString($entry);
$result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('Personal', '{$entry}')");
}
}
$token = SEC_createToken();
$display = '<hr' . XHTML . '>' . LB . '<p><b>';
$display .= $LANG_SX00['pblack'];
$display .= '</b></p>' . LB . '<ul>' . LB;
$result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name = 'Personal'");
$nrows = DB_numRows($result);
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($result);
$e = $A['value'];
$display .= '<li>' . COM_createLink(htmlspecialchars($e), $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditBlackList&action=delete&entry=' . urlencode($e) . '&' . CSRF_TOKEN . '=' . $token) . '</li>' . LB;
}
$display .= '</ul>' . LB . '<p>' . $LANG_SX00['e1'] . '</p>' . LB;
$display .= '<p>' . $LANG_SX00['e2'] . '</p>' . LB;
$display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditBlackList">' . LB;
$display .= '<div><input type="text" size="30" name="pentry"' . XHTML . '> ';
$display .= '<input type="submit" name="paction" value="' . $LANG_SX00['addentry'] . '"' . XHTML . '>' . LB;
$display .= '<p>' . $LANG_SX00['e3'] . '</p> ';
$display .= '<input type="submit" name="paction" value="' . $LANG_SX00['addcen'] . '"' . XHTML . '>' . LB;
$display .= '<input type="hidden" name="' . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . '>' . LB;
$display .= '</div></form>' . LB;
return $display;
}
function parse($p1, $p2, $fulltag)
{
global $_CONF;
$retval = '';
$p1 .= empty($p2) ? '' : ' ' . $p2;
if (!empty($p1)) {
$lang = COM_getLanguageId();
$lang = empty($lang) ? 'en' : $lang;
// default to en
$attr['target'] = '_blank';
$attr['style'] = "cursor:help;text-decoration:none;')";
$url = "http://www.glfusion.org/wiki/doku.php/?do=search&id=" . trim(str_replace(' ', '_', $p1));
$retval = COM_createLink($p1, $url, $attr);
}
return $retval;
}
function HELLO_getListField_hello($fieldname, $fieldvalue, $A, $icon_arr)
{
global $_CONF;
switch ($fieldname) {
case 'see_hello':
$retval = '';
$retval .= COM_createLink($icon_arr['list'], "{$_CONF['site_admin_url']}/plugins/hello/read_email.php?mode=edit&hello_id={$A['hello_id']}");
break;
case 'creation':
$creation = COM_getUserDateTimeFormat(strtotime($A['creation']));
$retval .= $creation[0];
break;
default:
$retval = stripslashes($fieldvalue);
break;
}
return $retval;
}
function MAPS_getListField_maps_displayOverlaysToAdd($fieldname, $fieldvalue, $A, $icon_arr)
{
global $LANG_MAPS_1, $_MAPS_CONF;
switch ($fieldname) {
case "edit":
$edit_url = '#';
$retval = COM_createLink($icon_arr['disabled'], $edit_url, array('class' => 'add', 'id' => $A['oid'], 'mid' => $A['mid'], 'title' => $LANG_MAPS_1['add_overlay']));
break;
case "o_name":
$overlay_image = $_MAPS_CONF['path_overlay_images'] . $A['o_image'];
if (is_file($overlay_image)) {
$retval = COM_getTooltip($A['o_name'], '<img src="' . $_MAPS_CONF['site_url'] . '/timthumb.php?src=' . $_MAPS_CONF['images_overlay_url'] . $A['o_image'] . '&w=200&q=70&zc=1" alt="" />', '', $A['o_name'], $template = 'help');
} else {
$retval = $A['o_name'];
}
break;
default:
$retval = stripslashes($fieldvalue);
break;
}
return $retval;
}
/**
* used for the list of users in admin/user.php
*
*/
function ADMIN_getListField_ratings($fieldname, $fieldvalue, $A, $icon_arr)
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG04, $LANG28, $_IMAGE_TYPE;
$retval = '';
switch ($fieldname) {
case 'uid':
$retval = COM_createLink($fieldvalue, $_CONF['site_admin_url'] . '/plugins/forum/userrating_detail.php?vid=' . $A['uid']);
break;
case 'rating':
$retval = '<input type="text" name="new_rating-' . $A['uid'] . '" value="' . intval($A['rating']) . '" size="5" />';
break;
case 'username':
$retval = COM_createLink($fieldvalue, $_CONF['site_admin_url'] . '/plugins/forum/userrating_detail.php?uid=' . $A['uid']);
break;
case $_TABLES['users'] . '.uid':
$retval = $A['uid'];
break;
default:
$retval = $fieldvalue;
break;
}
return $retval;
}
/**
* Get an individual field for the icons screen.
*
* @param string $fieldname Name of field (from the array, not the db)
* @param mixed $fieldvalue Value of the field
* @param array $A Array of all fields from the database
* @param array $icon_arr System icon array
* @param object $EntryList This entry list object
* @return string HTML for field display in the table
*/
function MAPS_getListField_icons($fieldname, $fieldvalue, $A, $icon_arr)
{
global $_CONF, $_MAPS_CONF, $LANG_ADMIN, $LANG_STATIC, $_TABLES;
switch ($fieldname) {
case "icon_id":
$retval = COM_createLink($icon_arr['edit'], "{$_CONF['site_admin_url']}/plugins/maps/icons.php?mode=edit&id={$A['icon_id']}");
break;
case "icon_name":
$retval = $A['icon_name'];
break;
case "icon_image":
$icon_image = $_MAPS_CONF['path_icons_images'] . $A['icon_image'];
if (is_file($icon_image)) {
$retval = '<img src="' . $_MAPS_CONF['images_icons_url'] . $A['icon_image'] . '" alt="' . $A['icon_image'] . '">';
} else {
$retval = '';
}
break;
default:
$retval = $fieldvalue;
break;
}
return $retval;
}
/**
* Administer user registrations.
* This will appear in the admin area for administrators, and as part of
* the event detail for event owners. Owners can delete registrations.
*
* @param integer $rp_id Repeat ID being viewed or checked
* @return string HTML for admin list
*/
function EVLIST_adminRSVP($rp_id)
{
global $LANG_EVLIST, $LANG_ADMIN, $_TABLES, $_CONF, $_IMAGE_TYPE;
/*
+-------------------+----------+-------------------+-------+-------+-------+-----+------+------+
| tic_id | tic_type | ev_id | rp_id | fee | paid | uid | used | dt |
+-------------------+----------+-------------------+-------+-------+-------+-----+------+------+
| 20150209083155975 | 1 | 20150209081055236 | 7552 | 15.00 | 15.00 | 3 | 0 | 0 |
+-------------------+----------+-------------------+-------+-------+-------+-----+------+------+
1 row in set (0.00 sec)
*/
USES_lib_admin();
USES_evlist_class_repeat();
$Ev = new evRepeat($rp_id);
if ($Ev->rp_id == 0) {
return '';
}
DB_query("SET @tk_count = 0;");
$sql = "SELECT @tk_count := @tk_count +1 as tic_count,\n tk.dt, tk.tic_id, tk.tic_type, tk.rp_id, tk.fee, tk.paid,\n tk.uid, tk.used, tt.description, u.fullname,\n {$Ev->Event->options['max_rsvp']} as max_rsvp\n FROM {$_TABLES['evlist_tickets']} tk\n LEFT JOIN {$_TABLES['evlist_tickettypes']} tt\n ON tt.id = tk.tic_type\n LEFT JOIN {$_TABLES['users']} u\n ON u.uid = tk.uid\n WHERE tk.ev_id = '{$Ev->Event->id}' ";
$title = $LANG_EVLIST['pi_title'] . ': ' . $LANG_EVLIST['admin_rsvp'] . ' -- ' . COM_createLink($Ev->Event->Detail->title . ' (' . $Ev->date_start . ')', EVLIST_URL . '/event.php?eid=' . $rp_id);
$title .= ' <a href="' . $_CONF['site_admin_url'] . '/plugins/evlist/index.php?printtickets&eid=' . $Ev->ev_id . '" class="lgButton blue" target="_new">' . $LANG_EVLIST['print_tickets'] . '</a>';
$title .= ' <a href="' . $_CONF['site_admin_url'] . '/plugins/evlist/index.php?exporttickets&eid=' . $Ev->rp_id . '" class="lgButton blue">' . $LANG_EVLIST['export_list'] . '</a>';
if ($Ev->Event->options['use_reg'] == EV_RSVP_REPEAT) {
$sql .= " AND rp_id = '{$Ev->rp_id}' ";
}
$defsort_arr = array('field' => 'dt', 'direction' => 'ASC');
$text_arr = array('has_menu' => false, 'has_extras' => false, 'title' => $title, 'form_url' => EVLIST_URL . '/event.php?rp_id=' . $rp_id, 'help_url' => '');
$header_arr = array(array('text' => $LANG_EVLIST['rsvp_date'], 'field' => 'dt', 'sort' => true), array('text' => $LANG_EVLIST['name'], 'field' => 'fullname', 'sort' => false), array('text' => $LANG_EVLIST['fee'], 'field' => 'fee', 'sort' => false), array('text' => $LANG_EVLIST['paid'], 'field' => 'paid', 'sort' => false), array('text' => $LANG_EVLIST['ticket_num'], 'field' => 'tic_id', 'sort' => false), array('text' => $LANG_EVLIST['date_used'], 'field' => 'used', 'sort' => false), array('text' => $LANG_EVLIST['waitlisted'], 'field' => 'tic_count', 'sort' => false));
$options_arr = array('chkdelete' => true, 'chkfield' => 'tic_id', 'chkname' => 'delrsvp', 'chkactions' => '<input data-uk-tooltip name="tickdelete" type="image" src="' . $_CONF['layout_url'] . '/images/admin/delete.' . $_IMAGE_TYPE . '" style="vertical-align:text-bottom;" title="' . $LANG_ADMIN['delete'] . '" class="gl_mootip"' . ' onclick="return confirm(\'' . $LANG_EVLIST['conf_del_item'] . '\');" /> ' . $LANG_ADMIN['delete'] . ' ' . '<input data-uk-tooltip name="tickreset" type="image" src="' . $_CONF['site_url'] . '/evlist/images/reset.png' . '" style="vertical-align:text-bottom;" title="' . $LANG_EVLIST['reset_usage'] . '" class="gl_mootip"' . ' onclick="return confirm(\'' . $LANG_EVLIST['conf_reset'] . '\');" /> ' . $LANG_EVLIST['reset_usage'] . '<input type="hidden" name="ev_id" value="' . $rp_id . '"/>');
$query_arr = array('sql' => $sql);
$retval .= ADMIN_list('evlist', 'EVLIST_getField_rsvp', $header_arr, $text_arr, $query_arr, $defsort_arr, '', '', $options_arr);
return $retval;
}
/**
* List all backups, i.e. all files ending in .sql or .sql.gz
*
* @return string HTML for the list of files or an error when not writable
*/
function DBADMIN_list()
{
global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG08, $LANG_ADMIN, $LANG_DB_BACKUP;
global $token;
USES_lib_admin();
$retval = '';
if (is_writable($_CONF['backup_path'])) {
$backups = array();
$fd = opendir($_CONF['backup_path']);
$index = 0;
while (false !== ($file = @readdir($fd))) {
if ($file != '.' && $file != '..' && $file != 'CVS' && preg_match('/\\.sql(\\.gz)?$/i', $file)) {
$index++;
clearstatcache();
$backups[] = $file;
}
}
// AS, 2004-03-29 - Sort backup files by date, newest first.
// Order given by 'readdir' might not be correct.
usort($backups, 'DBADMIN_compareBackupFiles');
$data_arr = array();
$diskIconUrl = $_CONF['layout_url'] . '/images/admin/disk.' . $_IMAGE_TYPE;
$attr['title'] = $LANG_DB_BACKUP['download'];
$alt = $LANG_DB_BACKUP['download'];
$num_backups = count($backups);
$icon_img = COM_createImage($diskIconUrl, $alt, $attr);
for ($i = 0; $i < $num_backups; $i++) {
$downloadUrl = LGLIB_ADMIN_URL . '/index.php?download=x&file=' . urlencode($backups[$i]);
$downloadLink = COM_createLink($icon_img, $downloadUrl, $attr);
$downloadLink .= ' ';
$attr['style'] = 'vertical-align:top;';
$downloadLink .= COM_createLink($backups[$i], $downloadUrl, $attr);
$backupfile = $_CONF['backup_path'] . $backups[$i];
$backupfilesize = COM_numberFormat(filesize($backupfile)) . ' <b>' . $LANG_DB_BACKUP['bytes'] . '</b>';
$data_arr[$i] = array('file' => $downloadLink, 'size' => $backupfilesize, 'filename' => $backups[$i]);
}
$retval .= DBADMIN_menu("<p>{$LANG_DB_BACKUP['db_explanation']}</p><p>" . sprintf($LANG_DB_BACKUP['total_number'], $index) . '</p>');
$header_arr = array(array('text' => $LANG_DB_BACKUP['backup_file'], 'field' => 'file'), array('text' => $LANG_DB_BACKUP['size'], 'field' => 'size'));
$text_arr = array('form_url' => LGLIB_ADMIN_URL . '/index.php');
$form_arr = array('bottom' => '', 'top' => '');
if ($num_backups > 0) {
$form_arr['bottom'] = '<input type="hidden" name="delete" value="x" />' . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '" />' . LB;
}
$options = array('chkselect' => true, 'chkminimum' => 0, 'chkfield' => 'filename');
$retval .= ADMIN_simpleList('', $header_arr, $text_arr, $data_arr, $options, $form_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
} else {
$retval .= COM_startBlock($LANG08[06], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $LANG_DB_BACKUP['no_access'];
COM_errorLog($_CONF['backup_path'] . ' is not writable.', 1);
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
}
return $retval;
}
/**
* Render all the trackback comments for a specific entry
*
* @param string $sid entry id
* @param string $type type of entry ('article' = story, etc.)
* @param string $title the entry's title
* @param string $permalink link to the entry
* @param string trackback_url trackback URL for this entry
* @return string HTML (formatted list of trackback comments)
*
*/
function TRB_renderTrackbackComments($sid, $type, $title, $permalink, $trackback_url = '')
{
global $_CONF, $_TABLES, $LANG_TRB;
$link_and_title = COM_createLink($title, $permalink);
if (empty($trackback_url)) {
$trackback_url = TRB_makeTrackbackUrl($sid, $type);
}
$template = COM_newTemplate($_CONF['path_layout'] . 'trackback');
$template->set_file(array('trackback' => 'trackback.thtml', 'comment' => 'trackbackcomment.thtml'));
$template->set_var('lang_trackback', $LANG_TRB['trackback']);
$template->set_var('lang_trackback_url', $LANG_TRB['this_trackback_url']);
$template->set_var('permalink', $permalink);
$template->set_var('permalink_and_title', $link_and_title);
$template->set_var('trackback_url', $trackback_url);
$result = DB_query("SELECT cid,url,title,blog,excerpt,ipaddress,UNIX_TIMESTAMP(date) AS day " . "FROM {$_TABLES['trackback']} WHERE sid = '{$sid}' AND type = '{$type}' ORDER BY date");
$numrows = DB_numRows($result);
$template->set_var('trackback_comment_count', $numrows);
$num_comments = sprintf($LANG_TRB['num_comments'], $numrows);
$template->set_var('trackback_comment_text', $num_comments);
if ($numrows == 0) {
$template->set_var('lang_trackback_comments', $LANG_TRB['no_comments']);
$template->set_var('lang_trackback_comments_no_link', $LANG_TRB['no_comments']);
} else {
$template->set_var('lang_trackback_comments', sprintf($LANG_TRB['intro_text'], $link_and_title));
$template->set_var('lang_trackback_comments_no_link', sprintf($LANG_TRB['intro_text'], $title));
}
$delete_option = TRB_allowDelete($sid, $type);
$token = '';
if ($delete_option && $numrows > 0) {
$token = SEC_createToken();
}
for ($i = 0; $i < $numrows; $i++) {
$A = DB_fetchArray($result);
$comment = TRB_formatComment($A['url'], $A['title'], $A['blog'], $A['excerpt'], $A['day'], $delete_option, $A['cid'], $A['ipaddress'], $token);
$template->set_var('formatted_comment', $comment);
$template->parse('trackback_comments', 'comment', true);
}
$template->parse('output', 'trackback');
return $template->finish($template->get_var('output'));
}
/**
* Get an individual field for the maps screen.
*
* @param string $fieldname Name of field (from the array, not the db)
* @param mixed $fieldvalue Value of the field
* @param array $A Array of all fields from the database
* @param array $icon_arr System icon array
* @param object $EntryList This entry list object
* @return string HTML for field display in the table
*/
function plugin_getListField_maps($fieldname, $fieldvalue, $A, $icon_arr)
{
global $_CONF, $LANG_ADMIN, $LANG_STATIC, $_TABLES, $_MAPS_CONF;
switch ($fieldname) {
case "edit":
$retval = COM_createLink($icon_arr['edit'], "{$_CONF['site_admin_url']}/plugins/maps/map_edit.php?mode=edit&mid={$A['mid']}");
break;
case "name":
$map_title = stripslashes($A['name']);
$url = $_MAPS_CONF['site_url'] . '/index.php?mode=map&mid=' . $A['mid'];
$link = COM_createLink($map_title, $url, array('title' => $LANG_MAPS_1['title_display']));
if ($A['description'] != '') {
$retval = COM_getTooltip($A['name'], $A['description'], $url, $A['name'], 'help');
} else {
$retval = $link;
}
break;
case "id":
$retval = $A['mid'];
break;
case "active":
if ($fieldvalue == 1) {
$retval = '<img src="' . $_CONF['site_admin_url'] . '/plugins/maps/images/green_dot.gif" alt="" valign="center">';
} else {
$retval = '<img src="' . $_CONF['site_admin_url'] . '/plugins/maps/images/red_dot.gif" alt="">';
}
break;
case "hidden":
if ($fieldvalue == 0) {
$retval = '<img src="' . $_CONF['site_admin_url'] . '/plugins/maps/images/green_dot.gif" alt="">';
} else {
$retval = '<img src="' . $_CONF['site_admin_url'] . '/plugins/maps/images/red_dot.gif" alt="">';
}
break;
default:
$retval = stripslashes($fieldvalue);
break;
}
return $retval;
}
/**
* Displays a login form
* This is the version of the login form displayed in the content area of the
* page (not the side bar). It will present all options (remote authentication
* - including OpenID, new registration link, etc.) according to the current
* configuration settings.
*
* @param array $use_config options to override some of the defaults
* @return string HTML of the login form
*/
function SEC_loginForm($use_config = array())
{
global $_CONF, $LANG01, $LANG04, $_SCRIPTS;
$retval = '';
$have_remote_login = false;
$default_config = array('hide_forgotpw_link' => false, 'hidden_fields' => '', 'no_oauth_login' => false, 'no_3rdparty_login' => false, 'no_openid_login' => false, 'no_newreg_link' => false, 'no_plugin_vars' => false, 'title' => $LANG04[65], 'message' => $LANG04[66], 'button_text' => $LANG04[80]);
$config = array_merge($default_config, $use_config);
$loginform = COM_newTemplate($_CONF['path_layout'] . 'users');
$loginform->set_file('login', 'loginform.thtml');
$loginform->set_var('start_block_loginagain', COM_startBlock($config['title']));
$loginform->set_var('lang_message', $config['message']);
if ($config['no_newreg_link'] || $_CONF['disable_new_user_registration']) {
$loginform->set_var('lang_newreglink', '');
} else {
$loginform->set_var('lang_newreglink', $LANG04[123]);
}
$loginform->set_var('lang_username', $LANG04[2]);
$loginform->set_var('lang_password', $LANG01[57]);
if ($config['hide_forgotpw_link']) {
$loginform->set_var('lang_forgetpassword', '');
$loginform->set_var('forgetpassword_link', '');
} else {
$loginform->set_var('lang_forgetpassword', $LANG04[25]);
$forget = COM_createLink($LANG04[25], $_CONF['site_url'] . '/users.php?mode=getpassword', array('rel' => 'nofollow'));
$loginform->set_var('forgetpassword_link', $forget);
}
$loginform->set_var('lang_login', $config['button_text']);
$loginform->set_var('lang_remote_login', $LANG04[167]);
$loginform->set_var('lang_remote_login_desc', $LANG04[168]);
$loginform->set_var('end_block', COM_endBlock());
// 3rd party remote authentification.
$services = '';
if (!$config['no_3rdparty_login'] && $_CONF['user_login_method']['3rdparty'] && $_CONF['usersubmission'] == 0) {
$modules = SEC_collectRemoteAuthenticationModules();
if (count($modules) > 0) {
if (!$_CONF['user_login_method']['standard'] && count($modules) == 1) {
$select = '<input type="hidden" name="service" value="' . $modules[0] . '"' . XHTML . '>' . $modules[0];
} else {
// Build select
$select = '<select name="service">';
if ($_CONF['user_login_method']['standard']) {
$select .= '<option value="">' . $_CONF['site_name'] . '</option>';
}
foreach ($modules as $service) {
$select .= '<option value="' . $service . '">' . $service . '</option>';
}
$select .= '</select>';
}
$loginform->set_file('services', 'services.thtml');
$loginform->set_var('lang_service', $LANG04[121]);
$loginform->set_var('select_service', $select);
$loginform->parse('output', 'services');
$services .= $loginform->finish($loginform->get_var('output'));
}
}
if (!empty($config['hidden_fields'])) {
// allow caller to (ab)use {services} for hidden fields
$services .= $config['hidden_fields'];
}
$loginform->set_var('services', $services);
// OpenID remote authentification.
if (!$config['no_openid_login'] && $_CONF['user_login_method']['openid'] && $_CONF['usersubmission'] == 0 && !$_CONF['disable_new_user_registration']) {
$have_remote_login = true;
$_SCRIPTS->setJavascriptFile('login', '/javascript/login.js');
$loginform->set_file('openid_login', '../loginform_openid.thtml');
$loginform->set_var('lang_openid_login', $LANG01[128]);
$loginform->set_var('input_field_size', 40);
// for backward compatibility - not used any more
$app_url = isset($_SERVER['SCRIPT_URI']) ? $_SERVER['SCRIPT_URI'] : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
$loginform->set_var('app_url', $app_url);
$loginform->parse('output', 'openid_login');
$loginform->set_var('openid_login', $loginform->finish($loginform->get_var('output')));
} else {
$loginform->set_var('openid_login', '');
}
// OAuth remote authentification.
if (!$config['no_oauth_login'] && $_CONF['user_login_method']['oauth'] && $_CONF['usersubmission'] == 0 && !$_CONF['disable_new_user_registration']) {
$have_remote_login = true;
$_SCRIPTS->setJavascriptFile('login', '/javascript/login.js');
$modules = SEC_collectRemoteOAuthModules();
if (count($modules) == 0) {
$loginform->set_var('oauth_login', '');
} else {
$html_oauth = '';
// Grab oauth icons from theme
if ($_CONF['theme_oauth_icons']) {
$icon_path = $_CONF['layout_url'] . '/images/';
} else {
$icon_path = $_CONF['site_url'] . '/images/';
}
foreach ($modules as $service) {
$loginform->set_file('oauth_login', '../loginform_oauth.thtml');
$loginform->set_var('oauth_service', $service);
$loginform->set_var('lang_oauth_service', $LANG01[$service]);
// for sign in image
$loginform->set_var('oauth_sign_in_image', $icon_path . $service . '-login-icon.png');
$loginform->parse('output', 'oauth_login');
$html_oauth .= $loginform->finish($loginform->get_var('output'));
}
$loginform->set_var('oauth_login', $html_oauth);
}
} else {
$loginform->set_var('oauth_login', '');
}
if ($have_remote_login) {
$loginform->set_var('remote_login_class', 'remote-login-enabled');
}
if (!$config['no_plugin_vars']) {
PLG_templateSetVars('loginform', $loginform);
}
$loginform->parse('output', 'login');
$retval .= $loginform->finish($loginform->get_var('output'));
return $retval;
}
/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @return string HTML for user profile page
*
*/
function userprofile()
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN;
// @param int $user User ID of profile to get
// @param int $msg Message to display (if != 0)
// @param string $plugin optional plugin name for message
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
$retval .= SEC_loginRequiredForm();
return $retval;
}
if (isset($_GET['uid'])) {
$user = COM_applyFilter($_GET['uid'], true);
if (!is_numeric($user) || $user < 2) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
if (isset($_GET['username'])) {
$username = $_GET['username'];
if (!USER_validateUsername($username, 1)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
if (empty($username) || $username == '') {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
$username = DB_escapeString($username);
$user = DB_getItem($_TABLES['users'], 'uid', "username = '******'");
if ($user < 2) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
}
$msg = 0;
if (isset($_GET['msg'])) {
$msg = COM_applyFilter($_GET['msg'], true);
}
$plugin = '';
if ($msg > 0 && isset($_GET['plugin'])) {
$plugin = COM_applyFilter($_GET['plugin']);
}
$result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,lastlogin,homepage,about,location,pgpkey,photo,email,status,emailfromadmin,emailfromuser,showonline FROM {$_TABLES['userinfo']},{$_TABLES['userprefs']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['userinfo']}.uid = {$_TABLES['userprefs']}.uid AND {$_TABLES['users']}.uid = " . (int) $user);
$nrows = DB_numRows($result);
if ($nrows == 0) {
// no such user
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
$A = DB_fetchArray($result);
if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights('user.edit')) {
COM_displayMessageAndAbort(30, '', 403, 'Forbidden');
}
$display_name = @htmlspecialchars(COM_getDisplayName($user, $A['username'], $A['fullname']), ENT_COMPAT, COM_getEncodingt());
if ($msg > 0) {
$retval .= COM_showMessage($msg, $plugin, '', 0, 'info');
}
// format date/time to user preference
$curtime = COM_getUserDateTimeFormat($A['regdate']);
$A['regdate'] = $curtime[0];
$user_templates = new Template($_CONF['path_layout'] . 'users');
$user_templates->set_file(array('profile' => 'profile.thtml', 'email' => 'email.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
$user_templates->set_var('layout_url', $_CONF['layout_url']);
$user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
$user_templates->set_var('end_block', COM_endBlock());
$user_templates->set_var('lang_username', $LANG04[2]);
$user_templates->set_var('tooltip', COM_getTooltipStyle());
if ($_CONF['show_fullname'] == 1) {
if (empty($A['fullname'])) {
$username = $A['username'];
$fullname = '';
} else {
$username = $A['fullname'];
$fullname = $A['username'];
}
} else {
$username = $A['username'];
$fullname = '';
}
$username = @htmlspecialchars($username, ENT_COMPAT, COM_getEncodingt());
$fullname = @htmlspecialchars($fullname, ENT_COMPAT, COM_getEncodingt());
if ($A['status'] == USER_ACCOUNT_DISABLED) {
$username = sprintf('%s - %s', $username, $LANG28[42]);
if (!empty($fullname)) {
$fullname = sprintf('% - %s', $fullname, $LANG28[42]);
}
}
$user_templates->set_var('username', $username);
$user_templates->set_var('user_fullname', $fullname);
if (SEC_hasRights('user.edit') || isset($_USER['uid']) && $_USER['uid'] == $A['uid']) {
global $_IMAGE_TYPE, $LANG_ADMIN;
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '" />';
if ($_USER['uid'] == $A['uid']) {
$edit_url = "{$_CONF['site_url']}/usersettings.php";
} else {
$edit_url = "{$_CONF['site_admin_url']}/user.php?edit=x&uid={$A['uid']}";
}
$edit_link_url = COM_createLink($edit_icon, $edit_url);
$user_templates->set_var('edit_icon', $edit_icon);
$user_templates->set_var('edit_link', $edit_link_url);
$user_templates->set_var('user_edit', $edit_url);
} else {
$user_templates->set_var('user_edit', '');
}
if (isset($A['photo']) && empty($A['photo'])) {
$A['photo'] = '(none)';
// user does not have a photo
}
$lastlogin = $A['lastlogin'];
$lasttime = COM_getUserDateTimeFormat($lastlogin);
$photo = USER_getPhoto($user, $A['photo'], $A['email'], -1, 0);
$user_templates->set_var('user_photo', $photo);
$user_templates->set_var('lang_membersince', $LANG04[67]);
$user_templates->set_var('user_regdate', $A['regdate']);
if ($_CONF['lastlogin'] && $A['showonline']) {
$user_templates->set_var('lang_lastlogin', $LANG28[35]);
if (!empty($lastlogin)) {
$user_templates->set_var('user_lastlogin', $lasttime[0]);
} else {
$user_templates->set_var('user_lastlogin', $LANG28[36]);
}
}
if ($A['showonline']) {
if (DB_count($_TABLES['sessions'], 'uid', (int) $user)) {
$user_templates->set_var('online', 'online');
}
}
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('user_id', $user);
if ($A['email'] == '' || $A['emailfromuser'] == 0) {
$user_templates->set_var('email_option', '');
} else {
$user_templates->set_var('lang_sendemail', $LANG04[81]);
$user_templates->parse('email_option', 'email', true);
}
$user_templates->set_var('lang_homepage', $LANG04[6]);
$user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
$user_templates->set_var('lang_location', $LANG04[106]);
$user_templates->set_var('user_location', strip_tags($A['location']));
$user_templates->set_var('lang_online', $LANG04[160]);
$user_templates->set_var('lang_bio', $LANG04[7]);
$user_templates->set_var('user_bio', nl2br($A['about']));
$user_templates->set_var('follow_me', SOC_getFollowMeIcons($user, 'follow_user_profile.thtml'));
$user_templates->set_var('lang_pgpkey', $LANG04[8]);
$user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
$user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
}
$user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
$user_templates->set_var('lang_title', $LANG09[16]);
$user_templates->set_var('lang_date', $LANG09[17]);
// for alternative layouts: use these as headlines instead of block titles
$user_templates->set_var('headline_last10stories', $LANG04[82] . ' ' . $display_name);
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('headline_last10comments', $LANG04[10] . ' ' . $display_name);
}
$user_templates->set_var('headline_postingstats', $LANG04[83] . ' ' . $display_name);
$result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$nrows = DB_numRows($result);
$tids = array();
for ($i = 0; $i < $nrows; $i++) {
$T = DB_fetchArray($result);
$tids[] = $T['tid'];
}
$topics = "'" . implode("','", $tids) . "'";
// list of last 10 stories by this user
if (sizeof($tids) > 0) {
$sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = '" . (int) $user . "') AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
} else {
$nrows = 0;
}
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
$user_templates->set_var('article_url', $articleUrl);
$C['title'] = str_replace('$', '$', $C['title']);
$user_templates->set_var('story_title', COM_createLink($C['title'], $articleUrl, array('class' => '')));
$storytime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('story_date', $storytime[0]);
$user_templates->parse('story_row', 'strow', true);
}
} else {
$user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
}
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
// list of last 10 comments by this user
$sidArray = array();
if (sizeof($tids) > 0) {
// first, get a list of all stories the current visitor has access to
$sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$result = DB_query($sql);
$numsids = DB_numRows($result);
for ($i = 1; $i <= $numsids; $i++) {
$S = DB_fetchArray($result);
$sidArray[] = $S['sid'];
}
}
$sidList = implode("', '", $sidArray);
$sidList = "'{$sidList}'";
// then, find all comments by the user in those stories
$sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = '" . (int) $user . "') GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
// SQL NOTE: Using a HAVING clause is usually faster than a where if the
// field is part of the select
// if (!empty ($sidList)) {
// $sql .= " AND (sid in ($sidList))";
// }
if (!empty($sidList)) {
$sql .= " HAVING sid in ({$sidList})";
}
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$C['title'] = str_replace('$', '$', $C['title']);
$comment_url = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $C['cid'];
$user_templates->set_var('comment_title', COM_createLink($C['title'], $comment_url, array('class' => '')));
$commenttime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('comment_date', $commenttime[0]);
$user_templates->parse('comment_row', 'row', true);
}
} else {
$user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
}
}
// posting stats for this user
$user_templates->set_var('lang_number_stories', $LANG04[84]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = " . (int) $user . ") AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_stories', COM_numberFormat($N['count']));
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('lang_number_comments', $LANG04[85]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = " . (int) $user . ")";
if (!empty($sidList)) {
$sql .= " AND (sid in ({$sidList}))";
}
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_comments', COM_numberFormat($N['count']));
$user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
}
// hook to the profile icon display
$profileIcons = PLG_profileIconDisplay($user);
if (is_array($profileIcons) && count($profileIcons) > 0) {
$user_templates->set_block('profile', 'profileicon', 'pi');
for ($x = 0; $x < count($profileIcons); $x++) {
if (isset($profileIcons[$x]['url']) && $profileIcons[$x]['url'] != '' && isset($profileIcons[$x]['icon']) && $profileIcons[$x]['icon'] != '') {
$user_templates->set_var('profile_icon_url', $profileIcons[$x]['url']);
$user_templates->set_var('profile_icon_icon', $profileIcons[$x]['icon']);
$user_templates->set_var('profile_icon_text', $profileIcons[$x]['text']);
$user_templates->parse('pi', 'profileicon', true);
}
}
}
// Call custom registration function if enabled and exists
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
$user_templates->set_var('customfields', CUSTOM_userDisplay($user));
}
PLG_profileVariablesDisplay($user, $user_templates);
$user_templates->parse('output', 'profile');
$retval .= $user_templates->finish($user_templates->get_var('output'));
$retval .= PLG_profileBlocksDisplay($user);
return $retval;
}
/**
* Shows the story submission form
*
*/
function submitstory($topic = '')
{
global $_CONF, $_TABLES, $_USER, $LANG12, $LANG24;
$retval = '';
$story = new Story();
if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
// preview
$story->loadSubmission();
$retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
} else {
$story->initSubmission($topic);
}
$storyform = new Template($_CONF['path_layout'] . 'submit');
if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($_CONF['path_layout'] . 'submit/submitstory_advanced.thtml')) {
$storyform->set_file('storyform', 'submitstory_advanced.thtml');
$storyform->set_var('change_editormode', 'onchange="change_editmode(this);"');
$storyform->set_var('lang_expandhelp', $LANG24[67]);
$storyform->set_var('lang_reducehelp', $LANG24[68]);
if ($story->EditElements('postmode') == 'html') {
$storyform->set_var('show_texteditor', 'none');
$storyform->set_var('show_htmleditor', '');
} else {
$storyform->set_var('show_texteditor', '');
$storyform->set_var('show_htmleditor', 'none');
}
} else {
$storyform->set_file('storyform', 'submitstory.thtml');
if ($story->EditElements('postmode') == 'html') {
$storyform->set_var('show_texteditor', 'none');
$storyform->set_var('show_htmleditor', '');
} else {
$storyform->set_var('show_texteditor', '');
$storyform->set_var('show_htmleditor', 'none');
}
}
$storyform->set_var('xhtml', XHTML);
$storyform->set_var('site_url', $_CONF['site_url']);
$storyform->set_var('site_admin_url', $_CONF['site_admin_url']);
$storyform->set_var('layout_url', $_CONF['layout_url']);
$storyform->set_var('lang_username', $LANG12[27]);
if (!empty($_USER['username'])) {
$storyform->set_var('story_username', $_USER['username']);
$storyform->set_var('author', COM_getDisplayName());
$storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
$storyform->set_var('lang_loginout', $LANG12[34]);
} else {
$storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
$storyform->set_var('lang_loginout', $LANG12[2]);
if (!$_CONF['disable_new_user_registration']) {
$storyform->set_var('separator', ' | ');
$storyform->set_var('seperator', ' | ');
$storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => "nofollow")));
}
}
$storyform->set_var('lang_title', $LANG12[10]);
$storyform->set_var('story_title', $story->EditElements('title'));
$storyform->set_var('lang_topic', $LANG12[28]);
$tlist = COM_topicList('tid,topic', $story->EditElements('tid'));
if (empty($tlist)) {
$retval .= COM_showMessage(101);
return $retval;
}
$storyform->set_var('story_topic_options', $tlist);
$storyform->set_var('lang_story', $LANG12[29]);
$storyform->set_var('lang_introtext', $LANG12[54]);
$storyform->set_var('lang_bodytext', $LANG12[55]);
$storyform->set_var('story_introtext', $story->EditElements('introtext'));
$storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
$storyform->set_var('lang_postmode', $LANG12[36]);
$storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $story->EditElements('postmode')));
$storyform->set_var('allowed_html', COM_allowedHTML());
$storyform->set_var('story_uid', $story->EditElements('uid'));
$storyform->set_var('story_sid', $story->EditElements('sid'));
$storyform->set_var('story_date', $story->EditElements('unixdate'));
$storyform->set_var('lang_preview', $LANG12[32]);
PLG_templateSetVars('story', $storyform);
if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
$storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
}
$retval .= COM_startBlock($LANG12[6], 'submitstory.html');
$storyform->parse('theform', 'storyform');
$retval .= $storyform->finish($storyform->get_var('theform'));
$retval .= COM_endBlock();
return $retval;
}
/**
* List all backups, i.e. all files ending in .sql
*
* @return string HTML for the list of files or an error when not writable
*
*/
function DBADMIN_list()
{
global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG08, $LANG_ADMIN, $LANG_DB_BACKUP;
$retval = '';
if (is_writable($_CONF['backup_path'])) {
$backups = array();
$fd = opendir($_CONF['backup_path']);
$index = 0;
while (false !== ($file = @readdir($fd))) {
if ($file != '.' && $file != '..' && $file != 'CVS' && preg_match('/\\.sql(\\.gz)?$/i', $file)) {
$index++;
clearstatcache();
$backups[] = $file;
}
}
usort($backups, 'DBADMIN_compareBackupFiles');
$data_arr = array();
$thisUrl = $_CONF['site_admin_url'] . '/database.php';
$diskIconUrl = $_CONF['layout_url'] . '/images/admin/disk.' . $_IMAGE_TYPE;
$attr['title'] = $LANG_DB_BACKUP['download'];
$alt = $LANG_DB_BACKUP['download'];
$num_backups = count($backups);
for ($i = 0; $i < $num_backups; $i++) {
$downloadUrl = $thisUrl . '?download=x&file=' . urlencode($backups[$i]);
$downloadLink = COM_createLink(COM_createImage($diskIconUrl, $alt, $attr), $downloadUrl, $attr);
$downloadLink .= ' ';
$attr['style'] = 'vertical-align:top;';
$downloadLink .= COM_createLink($backups[$i], $downloadUrl, $attr);
$backupfile = $_CONF['backup_path'] . $backups[$i];
$backupfilesize = COM_numberFormat(filesize($backupfile)) . ' <b>' . $LANG_DB_BACKUP['bytes'] . '</b>';
$data_arr[$i] = array('file' => $downloadLink, 'size' => $backupfilesize, 'filename' => $backups[$i]);
}
$token = SEC_createToken();
$menu_arr = array();
$allInnoDB = DBADMIN_innodbStatus();
$menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?backupdb=x', 'text' => $LANG_DB_BACKUP['create_backup']);
$menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?optimize=x', 'text' => $LANG_DB_BACKUP['optimize_menu']);
if (!$allInnoDB && DBADMIN_supported_engine('InnoDB')) {
$menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?innodb=x', 'text' => $LANG_DB_BACKUP['convert_menu']);
}
if ($allInnoDB && DBADMIN_supported_engine('MyISAM')) {
$menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?myisam=x', 'text' => $LANG_DB_BACKUP['convert_myisam_menu']);
}
$menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/database.php?config=x', 'text' => $LANG_DB_BACKUP['configure']);
$menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']);
$retval .= COM_startBlock($LANG_DB_BACKUP['database_admin'], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, "<p>{$LANG_DB_BACKUP['db_explanation']}</p>" . '<p>' . sprintf($LANG_DB_BACKUP['total_number'], $index) . '</p>', $_CONF['layout_url'] . '/images/icons/database.' . $_IMAGE_TYPE);
$header_arr = array(array('text' => $LANG_DB_BACKUP['backup_file'], 'field' => 'file'), array('text' => $LANG_DB_BACKUP['size'], 'field' => 'size'));
$text_arr = array('form_url' => $thisUrl);
$form_arr = array('bottom' => '', 'top' => '');
if ($num_backups > 0) {
$form_arr['bottom'] = '<input type="hidden" name="delete" value="x">' . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '">' . LB;
}
$options = array('chkdelete' => true, 'chkminimum' => 0, 'chkfield' => 'filename');
$retval .= ADMIN_simpleList('', $header_arr, $text_arr, $data_arr, $options, $form_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
} else {
$retval .= COM_startBlock($LANG08[06], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $LANG_DB_BACKUP['no_access'];
COM_errorLog($_CONF['backup_path'] . ' is not writable.', 1);
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
}
return $retval;
}
function LIB_GetListField($fieldname, $fieldvalue, $A, $icon_arr)
{
global $_CONF;
global $LANG_ACCESS;
$retval = '';
switch ($fieldname) {
//編集アイコン
case 'editid':
$retval = "<a href=\"{$_CONF['site_admin_url']}";
$retval .= "/plugins/" . THIS_SCRIPT;
$retval .= "?mode=edit";
$retval .= "&id={$A['group_id']}\">";
$retval .= "{$icon_arr['edit']}</a>";
break;
case 'copy':
$url = $_CONF['site_admin_url'] . "/plugins/" . THIS_SCRIPT;
$url .= "?";
$url .= "mode=copy";
$url .= "&id={$A['group_id']}";
$retval = COM_createLink($icon_arr['copy'], $url);
break;
case 'code':
$name = COM_applyFilter($A['code']);
$url = $_CONF['site_url'] . "/" . THIS_SCRIPT2;
$url .= "?";
$url .= "gcode=" . $A['code'];
$url .= "&m=gcode";
$url = COM_buildUrl($url);
$retval = COM_createLink($name, $url);
break;
case 'group_id':
$name = COM_applyFilter($A['group_id']);
$url = $_CONF['site_url'] . "/" . THIS_SCRIPT2;
$url .= "?";
$url .= "gid=" . $A['group_id'];
$url .= "&m=gid";
$url = COM_buildUrl($url);
$retval = COM_createLink($name, $url);
break;
//各項目
//各項目
default:
$retval = $fieldvalue;
break;
}
return $retval;
}
/**
* Implements the [story:] autotag.
*
* @param string $op operation to perform
* @param string $content item (e.g. story text), including the autotag
* @param array $autotag parameters used in the autotag
* @param mixed tag names (for $op='tagname') or formatted content
*/
function plugin_autotags_story($op, $content = '', $autotag = '')
{
global $_CONF, $_TABLES, $LANG24, $_GROUPS;
if ($op == 'tagname') {
return 'story';
} elseif ($op == 'permission' || $op == 'nopermission') {
$flag = $op == 'permission';
$tagnames = array();
if (isset($_GROUPS['Story Admin'])) {
$group_id = $_GROUPS['Story Admin'];
} else {
$group_id = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Story Admin'");
}
$owner_id = SEC_getDefaultRootUser();
$p = 'autotag_permissions_story';
if (COM_getPermTag($owner_id, $group_id, $_CONF[$p][0], $_CONF[$p][1], $_CONF[$p][2], $_CONF[$p][3]) == $flag) {
$tagnames[] = 'story';
}
if (count($tagnames) > 0) {
return $tagnames;
}
} elseif ($op == 'description') {
return array('story' => $LANG24['autotag_desc_story']);
} else {
$sid = COM_applyFilter($autotag['parm1']);
$sid = COM_switchLanguageIdForObject($sid);
if (!empty($sid)) {
$result = DB_query("SELECT COUNT(*) AS count " . "FROM {$_TABLES['stories']} " . "WHERE sid = '{$sid}'");
$A = DB_fetchArray($result);
if ($A['count'] > 0) {
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
$linktext = $autotag['parm2'];
if (empty($linktext)) {
$linktext = stripslashes(DB_getItem($_TABLES['stories'], 'title', "sid = '{$sid}'"));
}
$link = COM_createLink($linktext, $url);
$content = str_replace($autotag['tagstr'], $link, $content);
}
}
return $content;
}
}
$retval = '';
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/index.php', 'text' => $LANG_ADMIN['admin_home']));
$retval .= ADMIN_createMenu($menu_arr, $LANG_SX00['instructions'], $_CONF['site_admin_url'] . '/plugins/spamx/images/spamx.png');
$files = array();
if ($dir = @opendir($_CONF['path'] . 'plugins/spamx/modules/')) {
while (($file = readdir($dir)) !== false) {
if (is_file($_CONF['path'] . 'plugins/spamx/modules/' . $file)) {
if (substr($file, -16) == '.Admin.class.php') {
$tmp = str_replace('.Admin.class.php', '', $file);
array_push($files, $tmp);
}
}
}
closedir($dir);
}
$retval .= '<p><b>' . $LANG_SX00['adminc'] . '</b></p><ul>';
foreach ($files as $file) {
require_once $_CONF['path'] . 'plugins/spamx/modules/' . $file . '.Admin.class.php';
$CM = new $file();
$retval .= '<li>' . COM_createLink($CM->link(), $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=' . $file) . '</li>';
}
$retval .= '<li>' . COM_createLink($LANG_SX00['documentation'], $_CONF['site_url'] . '/docs/english/spamx.html') . '</li>';
$retval .= '</ul>';
$display = COM_siteHeader('menu', $LANG_SX00['plugin_name']);
$display .= $retval;
if (isset($_REQUEST['command'])) {
$CM = new $_REQUEST['command']();
$display .= $CM->display();
}
$display .= COM_siteFooter();
echo $display;
$start = $page * $media_per_page;
$current_print_page = floor($start / $media_per_page) + 1;
if ($current_print_page == 0) {
$current_print_page = 1;
}
$total_print_pages = $total_pages;
if ($total_print_pages == 0) {
$total_print_pages = 1;
}
$birdseed = MG_getBirdseed(0, 0, 0, $total_print_pages);
$ownername = DB_getItem($_TABLES['users'], 'username', "uid=" . intval($root_album->owner_id));
$album_last_update = MG_getUserDateTimeFormat($root_album->last_update);
$pagination = COM_printPageNavigation($_MG_CONF['site_url'] . '/index.php', $page + 1, $total_pages);
$rsslink = '';
if ($_MG_CONF['rss_full_enabled']) {
$rsslink = COM_createLink(COM_createImage(MG_getImageFile('feed.png'), '', array('class' => 'mg_rssimg')), MG_getFeedUrl($_MG_CONF['rss_feed_name'] . '.rss'), array('type' => 'application/rss+xml'));
}
$T = COM_newTemplate(MG_getTemplatePath_byName($root_album->skin));
$T->set_file('page', 'album_page.thtml');
$T->set_var(array('site_url' => $_MG_CONF['site_url'], 'birdseed' => $birdseed, 'album_title' => PLG_replaceTags($root_album->title), 'table_columns' => $columns_per_page, 'table_column_width' => intval(100 / $columns_per_page) . '%', 'top_pagination' => $pagination, 'bottom_pagination' => $pagination, 'page_number' => sprintf("%s %d %s %d", $LANG_MG03['page'], $current_print_page, $LANG_MG03['of'], $total_print_pages), 'jumpbox' => MG_buildAlbumJumpbox($root_album, $album_id, 1, -1), 'album_id' => $album_id, 'album_description' => $root_album->display_album_desc ? PLG_replaceTags($root_album->description) : '', 'album_id_display' => $root_album->owner_id || $_MG_CONF['enable_media_id'] == 1 ? $LANG_MG03['album_id_display'] . $album_id : '', 'select_adminbox' => COM_isAnonUser() ? '' : MG_buildAdminbox($root_album), 'album_last_update' => $album_last_update[0], 'album_owner' => $ownername, 'media_count' => $root_album->getMediaCount(), 'lang_menulabel' => $LANG_MG03['menulabel'], 'lang_search' => $LANG_MG01['search'], 'rsslink' => $rsslink, 'list_title' => $LANG_MG03['list_title'], 'list_desc' => $LANG_MG03['list_desc'], 'list_size' => $LANG_MG03['list_size'], 'list_user' => $LANG_MG03['list_user'], 'list_updated' => $LANG_MG03['list_updated']));
// completed setting header / footer vars, parse them
PLG_templateSetVars('mediagallery', $T);
// main processing of the album contents.
if ($total_media > 0) {
$k = 0;
$col = 0;
$T->set_block('page', 'ImageColumn', 'IColumn');
$T->set_block('page', 'ImageRow', 'IRow');
for ($i = 0; $i < $media_per_page; $i += $columns_per_page) {
$next_columns = $i + $columns_per_page;
for ($j = $i; $j < $next_columns; $j++) {
/**
* used for the list of plugins in admin/plugins.php
*
*/
function PLUGINS_getListField($fieldname, $fieldvalue, $A, $icon_arr, $token)
{
global $_CONF, $LANG_ADMIN, $LANG32, $_PLUGINS, $pluginData;
$retval = false;
$update = $A['update'] == 1 ? true : false;
$bundled = $A['bundled'] == 1 ? true : false;
$installed = $A['installed'] == 1 ? true : false;
$enabled = $A['pi_enabled'] == 1 ? true : false;
switch ($fieldname) {
case 'control':
if (!$installed) {
$attr['title'] = $LANG32[60];
$attr['onclick'] = 'return confirm(\'' . $LANG32[80] . '\');';
$retval = COM_createLink($icon_arr['add'], $_CONF['site_admin_url'] . '/plugins/' . $A['pi_name'] . '/install.php' . '?action=install' . '&' . CSRF_TOKEN . '=' . $token, $attr);
} else {
if ($enabled) {
$switch = ' checked="checked"';
$title = 'title="' . $LANG_ADMIN['disable'] . '" ';
} else {
$switch = '';
$title = 'title="' . $LANG_ADMIN['enable'] . '" ';
}
$retval = '<input type="checkbox" name="enabledplugins[' . $A['pi_name'] . ']"' . ' onclick="submit()" value="1"' . $switch . $title . XHTML . ">";
$retval .= '<input type="hidden" name="pluginarray[' . $A['pi_name'] . ']" value="1" />';
}
break;
case 'version':
if ($update) {
$retval = $A['pi_version'] . ' ';
$attr['title'] = $LANG32[38];
$attr['onclick'] = 'return confirm(\'' . $LANG32[77] . '\');';
$attr['style'] = 'vertical-align:top;';
$retval .= COM_createLink($icon_arr['update'], $_CONF['site_admin_url'] . '/plugins.php' . '?update=x' . '&pi_name=' . $A['pi_name'] . '&' . CSRF_TOKEN . '=' . $token, $attr);
$retval .= ' <span class="warning">' . $A['pi_code_version'] . '</span><br ' . XHTML . '>';
} elseif ($enabled) {
$retval = $A['pi_version'];
} elseif (!$installed) {
$retval = '<span class="disabledfield">' . $A['pi_code_version'] . '</span>';
} else {
$retval = '<span class="disabledfield">' . $A['pi_version'] . '</span>';
}
break;
case 'info':
$tip = $A['name'] . '::' . $A['description'] . '<p><b>' . $LANG32[81] . ':</b></p>' . '<p>' . $A['maintainer'] . '</p>' . '<p><b>' . $LANG32[82] . ':</b></p>' . '<p>glFusion: v' . $A['glfusionversion'] . '<br />' . 'PHP: v' . $A['phpversion'] . '</p>';
$attr['class'] = COM_getTooltipStyle();
$attr['title'] = $tip;
if ($enabled) {
$retval = COM_createLink($icon_arr['info'], '#', $attr);
} else {
$retval = COM_createLink($icon_arr['greyinfo'], '#', $attr);
}
break;
case 'bundled':
if ($bundled) {
$retval = $enabled ? $icon_arr['check'] : $icon_arr['greycheck'];
} else {
$retval = '';
}
break;
case 'pi_homepage':
if ($enabled) {
$attr['target'] = '_blank';
$retval = COM_createLink($fieldvalue, $fieldvalue, $attr);
} else {
$retval = $enabled ? $fieldvalue : '<span class="disabledfield">' . $fieldvalue . '</span>';
}
break;
case 'unplug':
if ($installed) {
$attr['title'] = $LANG32[79];
$attr['onclick'] = 'return doubleconfirm(\'' . $LANG32[76] . '\',\'' . $LANG32[31] . '\');';
$retval = COM_createLink($icon_arr['delete'], $_CONF['site_admin_url'] . '/plugins.php' . '?delete=x' . '&pi_name=' . $A['pi_name'] . '&' . CSRF_TOKEN . '=' . $token, $attr);
} else {
$attr['title'] = $LANG32[79];
$attr['onclick'] = 'return doubleconfirm(\'' . $LANG32[88] . '\',\'' . $LANG32[89] . '\');';
$retval = COM_createLink($icon_arr['delete'], $_CONF['site_admin_url'] . '/plugins.php' . '?remove=x' . '&pi_name=' . $A['pi_name'] . '&' . CSRF_TOKEN . '=' . $token, $attr);
}
break;
default:
$retval = $enabled ? $fieldvalue : '<span class="disabledfield">' . $fieldvalue . '</span>';
break;
}
return $retval;
}
/**
* Prepare a banner item for rendering
*
* @param array $A banner details
* @param ref $template reference of the banner template
*
*/
function prepare_banner_item($A, &$template)
{
global $_CONF, $_USER, $LANG_ADMIN, $LANG_BANNER, $_IMAGE_TYPE, $LANG_DIRECTION;
$url = COM_buildUrl($_CONF['site_url'] . '/banner/portal.php?what=banner&item=' . $A['bid']);
$template->set_var('banner_url', $url);
$template->set_var('banner_actual_url', $A['url']);
$template->set_var('banner_actual_url_encoded', urlencode($A['url']));
$template->set_var('banner_name', stripslashes($A['title']));
$template->set_var('banner_name_encoded', urlencode($A['title']));
$template->set_var('banner_hits', COM_numberFormat($A['hits']));
$content = stripslashes($A['title']);
$template->set_var('banner_html', $content);
if (!COM_isAnonUser() && !SEC_hasRights('banner.edit')) {
$reporturl = $_CONF['site_url'] . '/banner/index.php?mode=report&bid=' . $A['bid'];
$template->set_var('banner_broken', COM_createLink($LANG_BANNER[117], $reporturl, array('class' => 'pluginSmallText', 'rel' => 'nofollow')));
} else {
$template->set_var('banner_broken', '');
}
$bannerimg = nl2br(stripslashes($A['description']));
$flg_link = empty($A['url']) ? false : true;
$banner = banner_buildBanner($A['bid'], $content, $bannerimg, $flg_link);
$template->set_var('banner_description', $banner);
if (SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 && SEC_hasRights('banner.edit')) {
$editurl = $_CONF['site_admin_url'] . '/plugins/banner/index.php?mode=edit&bid=' . $A['bid'];
$template->set_var('banner_edit', COM_createLink($LANG_ADMIN['edit'], $editurl));
$edit_icon = "<img src=\"{$_CONF['layout_url']}/images/edit.{$_IMAGE_TYPE}\" " . "alt=\"{$LANG_ADMIN['edit']}\" title=\"{$LANG_ADMIN['edit']}\"" . XHTML . ">";
$attr = array('class' => 'editlink');
$template->set_var('edit_icon', COM_createLink($edit_icon, $editurl, $attr));
} else {
$template->set_var('banner_edit', '');
$template->set_var('edit_icon', '');
}
}
/**
* Shows story editor
*
* Displays the story entry form
*
* @param string $sid ID of story to edit
* @param string $mode 'preview', 'edit', 'editsubmission', 'clone'
* @param string $errormsg a message to display on top of the page
* @return string HTML for story editor
*
*/
function storyeditor($sid = '', $mode = '', $errormsg = '')
{
global $_CONF, $_TABLES, $_USER, $LANG24, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS, $LANG_DIRECTION, $LANG_MONTH, $LANG_WEEK;
$display = '';
if (!isset($_CONF['hour_mode'])) {
$_CONF['hour_mode'] = 12;
}
if (!empty($errormsg)) {
$display .= COM_showMessageText($errormsg, $LANG24[25]);
}
$story = new Story();
if ($mode == 'preview') {
// Handle Magic GPC Garbage:
while (list($key, $value) = each($_POST)) {
if (!is_array($value)) {
$_POST[$key] = COM_stripslashes($value);
} else {
while (list($subkey, $subvalue) = each($value)) {
$value[$subkey] = COM_stripslashes($subvalue);
}
}
}
$result = $story->loadFromArgsArray($_POST);
if ($_CONF['maximagesperarticle'] > 0) {
$errors = $story->checkAttachedImages();
if (count($errors) > 0) {
$msg = $LANG24[55] . LB . '<ul>' . LB;
foreach ($errors as $err) {
$msg .= '<li>' . $err . '</li>' . LB;
}
$msg .= '</ul>' . LB;
$display .= COM_showMessageText($msg, $LANG24[54]);
}
}
} else {
$result = $story->loadFromDatabase($sid, $mode);
}
if ($result == STORY_PERMISSION_DENIED || $result == STORY_NO_ACCESS_PARAMS) {
$display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied']);
COM_accessLog("User {$_USER['username']} tried to illegally access story {$sid}.");
return $display;
} elseif ($result == STORY_EDIT_DENIED || $result == STORY_EXISTING_NO_EDIT_PERMISSION) {
$display .= COM_showMessageText($LANG24[41], $LANG_ACCESS['accessdenied']);
$display .= STORY_renderArticle($story, 'p');
COM_accessLog("User {$_USER['username']} tried to illegally edit story {$sid}.");
return $display;
} elseif ($result == STORY_INVALID_SID) {
if ($mode == 'editsubmission') {
// that submission doesn't seem to be there any more (may have been
// handled by another Admin) - take us back to the moderation page
return COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
} else {
return COM_refresh($_CONF['site_admin_url'] . '/story.php');
}
} elseif ($result == STORY_DUPLICATE_SID) {
$display .= COM_showMessageText($LANG24[24]);
}
// Load HTML templates
$story_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/story');
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
$story_templates->set_file(array('editor' => 'storyeditor_advanced.thtml'));
$advanced_editormode = true;
$story_templates->set_var('change_editormode', 'onchange="change_editmode(this);"');
require_once $_CONF['path_system'] . 'classes/navbar.class.php';
$story_templates->set_var('show_preview', 'none');
$story_templates->set_var('lang_expandhelp', $LANG24[67]);
$story_templates->set_var('lang_reducehelp', $LANG24[68]);
$story_templates->set_var('lang_publishdate', $LANG24[69]);
$story_templates->set_var('lang_toolbar', $LANG24[70]);
$story_templates->set_var('toolbar1', $LANG24[71]);
$story_templates->set_var('toolbar2', $LANG24[72]);
$story_templates->set_var('toolbar3', $LANG24[73]);
$story_templates->set_var('toolbar4', $LANG24[74]);
$story_templates->set_var('toolbar5', $LANG24[75]);
if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
$story_templates->set_var('show_texteditor', 'none');
$story_templates->set_var('show_htmleditor', '');
} else {
$story_templates->set_var('show_texteditor', '');
$story_templates->set_var('show_htmleditor', 'none');
}
} else {
$story_templates->set_file(array('editor' => 'storyeditor.thtml'));
$advanced_editormode = false;
}
$story_templates->set_var('hour_mode', $_CONF['hour_mode']);
if ($story->hasContent()) {
$previewContent = STORY_renderArticle($story, 'p');
if ($advanced_editormode and $previewContent != '') {
$story_templates->set_var('preview_content', $previewContent);
} elseif ($previewContent != '') {
$display .= COM_startBlock($LANG24[26], '', COM_getBlockTemplate('_admin_block', 'header'));
$display .= $previewContent;
$display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
}
}
if ($advanced_editormode) {
$navbar = new navbar();
if (!empty($previewContent)) {
$navbar->add_menuitem($LANG24[79], 'showhideEditorDiv("preview",0);return false;', true);
$navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",1);return false;', true);
$navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",2);return false;', true);
$navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",3);return false;', true);
$navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",4);return false;', true);
$navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",5);return false;', true);
$navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",6);return false;', true);
} else {
$navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",0);return false;', true);
$navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",1);return false;', true);
$navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",2);return false;', true);
$navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",3);return false;', true);
$navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",4);return false;', true);
$navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",5);return false;', true);
}
if ($mode == 'preview') {
$story_templates->set_var('show_preview', '');
$story_templates->set_var('show_htmleditor', 'none');
$story_templates->set_var('show_texteditor', 'none');
$story_templates->set_var('show_submitoptions', 'none');
$navbar->set_selected($LANG24[79]);
} else {
$navbar->set_selected($LANG24[80]);
}
$story_templates->set_var('navbar', $navbar->generate());
}
$oldsid = $story->EditElements('originalSid');
if (!empty($oldsid) && $mode != 'clone') {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$story_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$story_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
}
if ($mode == 'editsubmission' || $story->type == 'submission') {
$story_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"' . XHTML . '>');
}
$story_templates->set_var('lang_author', $LANG24[7]);
$storyauthor = COM_getDisplayName($story->EditElements('uid'));
$story_templates->set_var('story_author', $storyauthor);
$story_templates->set_var('author', $storyauthor);
$story_templates->set_var('story_uid', $story->EditElements('uid'));
// user access info
$story_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$story_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($story->EditElements('owner_id'));
$story_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', 'uid = ' . $story->EditElements('owner_id')));
$story_templates->set_var('owner_name', $ownername);
$story_templates->set_var('owner', $ownername);
$story_templates->set_var('owner_id', $story->EditElements('owner_id'));
$story_templates->set_var('lang_group', $LANG_ACCESS['group']);
$story_templates->set_var('group_dropdown', SEC_getGroupDropdown($story->EditElements('group_id'), 3));
$story_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$story_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$story_templates->set_var('permissions_editor', SEC_getPermissionsHTML($story->EditElements('perm_owner'), $story->EditElements('perm_group'), $story->EditElements('perm_members'), $story->EditElements('perm_anon')));
$story_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
$story_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$curtime = COM_getUserDateTimeFormat($story->EditElements('date'));
$story_templates->set_var('lang_date', $LANG24[15]);
$story_templates->set_var('publish_second', $story->EditElements('publish_second'));
$publish_ampm = '';
$publish_hour = $story->EditElements('publish_hour');
if ($publish_hour >= 12) {
if ($publish_hour > 12) {
$publish_hour = $publish_hour - 12;
}
$ampm = 'pm';
} else {
$ampm = 'am';
}
$ampm_select = COM_getAmPmFormSelection('publish_ampm', $ampm);
$story_templates->set_var('publishampm_selection', $ampm_select);
$month_options = COM_getMonthFormOptions($story->EditElements('publish_month'));
$story_templates->set_var('publish_month_options', $month_options);
$day_options = COM_getDayFormOptions($story->EditElements('publish_day'));
$story_templates->set_var('publish_day_options', $day_options);
$year_options = COM_getYearFormOptions($story->EditElements('publish_year'));
$story_templates->set_var('publish_year_options', $year_options);
if ($_CONF['hour_mode'] == 24) {
$hour_options = COM_getHourFormOptions($story->EditElements('publish_hour'), 24);
} else {
$hour_options = COM_getHourFormOptions($publish_hour);
}
$story_templates->set_var('publish_hour_options', $hour_options);
$minute_options = COM_getMinuteFormOptions($story->EditElements('publish_minute'));
$story_templates->set_var('publish_minute_options', $minute_options);
$story_templates->set_var('publish_date_explanation', $LANG24[46]);
$story_templates->set_var('story_unixstamp', $story->EditElements('unixdate'));
$story_templates->set_var('expire_second', $story->EditElements('expire_second'));
$expire_ampm = '';
$expire_hour = $story->EditElements('expire_hour');
if ($expire_hour >= 12) {
if ($expire_hour > 12) {
$expire_hour = $expire_hour - 12;
}
$ampm = 'pm';
} else {
$ampm = 'am';
}
$ampm_select = COM_getAmPmFormSelection('expire_ampm', $ampm);
if (empty($ampm_select)) {
// have a hidden field to 24 hour mode to prevent JavaScript errors
$ampm_select = '<input type="hidden" name="expire_ampm" value=""' . XHTML . '>';
}
$story_templates->set_var('expireampm_selection', $ampm_select);
$month_options = COM_getMonthFormOptions($story->EditElements('expire_month'));
$story_templates->set_var('expire_month_options', $month_options);
$day_options = COM_getDayFormOptions($story->EditElements('expire_day'));
$story_templates->set_var('expire_day_options', $day_options);
$year_options = COM_getYearFormOptions($story->EditElements('expire_year'));
$story_templates->set_var('expire_year_options', $year_options);
if ($_CONF['hour_mode'] == 24) {
$hour_options = COM_getHourFormOptions($story->EditElements('expire_hour'), 24);
} else {
$hour_options = COM_getHourFormOptions($expire_hour);
}
$story_templates->set_var('expire_hour_options', $hour_options);
$minute_options = COM_getMinuteFormOptions($story->EditElements('expire_minute'));
$story_templates->set_var('expire_minute_options', $minute_options);
$story_templates->set_var('expire_date_explanation', $LANG24[46]);
$story_templates->set_var('story_unixstamp', $story->EditElements('expirestamp'));
$atopic = DB_getItem($_TABLES['topics'], 'tid', "archive_flag = 1");
$have_archive_topic = empty($atopic) ? false : true;
if ($story->EditElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE) {
$story_templates->set_var('is_checked2', 'checked="checked"');
$story_templates->set_var('is_checked3', 'checked="checked"');
$js_showarchivedisabled = 'false';
$have_archive_topic = true;
// force display of auto archive option
} elseif ($story->EditElements('statuscode') == STORY_DELETE_ON_EXPIRE) {
$story_templates->set_var('is_checked2', 'checked="checked"');
$story_templates->set_var('is_checked4', 'checked="checked"');
if (!$have_archive_topic) {
$story_templates->set_var('is_checked3', 'style="display:none;"');
}
$js_showarchivedisabled = 'false';
} else {
if (!$have_archive_topic) {
$story_templates->set_var('is_checked3', 'style="display:none;"');
}
$js_showarchivedisabled = 'true';
}
$story_templates->set_var('lang_archivetitle', $LANG24[58]);
$story_templates->set_var('lang_option', $LANG24[59]);
$story_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
$story_templates->set_var('lang_story_stats', $LANG24[87]);
if ($have_archive_topic) {
$story_templates->set_var('lang_optionarchive', $LANG24[61]);
} else {
$story_templates->set_var('lang_optionarchive', '');
}
$story_templates->set_var('lang_optiondelete', $LANG24[62]);
$story_templates->set_var('lang_title', $LANG_ADMIN['title']);
$story_templates->set_var('story_title', $story->EditElements('title'));
$story_templates->set_var('lang_page_title', $LANG_ADMIN['page_title']);
$story_templates->set_var('page_title', $story->EditElements('page_title'));
$story_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
$story_templates->set_var('meta_description', $story->EditElements('meta_description'));
$story_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
$story_templates->set_var('meta_keywords', $story->EditElements('meta_keywords'));
if ($_CONF['meta_tags'] > 0) {
$story_templates->set_var('hide_meta', '');
} else {
$story_templates->set_var('hide_meta', ' style="display:none;"');
}
$story_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
if ($mode == 'preview') {
$tlist = TOPIC_getTopicSelectionControl('article', '', false, true, true);
} else {
$tlist = TOPIC_getTopicSelectionControl('article', $oldsid, false, true, true);
}
if (empty($tlist)) {
$display .= COM_showMessage(101);
return $display;
}
$story_templates->set_var('topic_selection', $tlist);
$story_templates->set_var('lang_show_topic_icon', $LANG24[56]);
if ($story->EditElements('show_topic_icon') == 1) {
$story_templates->set_var('show_topic_icon_checked', 'checked="checked"');
} else {
$story_templates->set_var('show_topic_icon_checked', '');
}
$story_templates->set_var('lang_cachetime', $LANG24['cache_time']);
$story_templates->set_var('lang_cachetime_desc', $LANG24['cache_time_desc']);
$story_templates->set_var('cache_time', $story->EditElements('cache_time'));
$story_templates->set_var('lang_draft', $LANG24[34]);
if ($story->EditElements('draft_flag')) {
$story_templates->set_var('is_checked', 'checked="checked"');
}
$story_templates->set_var('lang_mode', $LANG24[3]);
$story_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $story->EditElements('statuscode')));
$story_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $story->EditElements('commentcode')));
$story_templates->set_var('trackback_options', COM_optionList($_TABLES['trackbackcodes'], 'code,name', $story->EditElements('trackbackcode')));
// comment expire
$story_templates->set_var('lang_cmt_disable', $LANG24[63]);
if ($story->EditElements('cmt_close')) {
$story_templates->set_var('is_checked5', 'checked="checked"');
$js_showcmtclosedisabled = 'false';
} else {
$js_showcmtclosedisabled = 'true';
}
$month_options = COM_getMonthFormOptions($story->EditElements('cmt_close_month'));
$story_templates->set_var('cmt_close_month_options', $month_options);
$day_options = COM_getDayFormOptions($story->EditElements('cmt_close_day'));
$story_templates->set_var('cmt_close_day_options', $day_options);
// ensure that the year dropdown includes the close year
$endtm = mktime(0, 0, 0, date('m'), date('d') + $_CONF['article_comment_close_days'], date('Y'));
$yoffset = date('Y', $endtm) - date('Y');
$close_year = $story->EditElements('cmt_close_year');
if ($yoffset < -1) {
$year_options = COM_getYearFormOptions($close_year, $yoffset);
} elseif ($yoffset > 5) {
$year_options = COM_getYearFormOptions($close_year, -1, $yoffset);
} else {
$year_options = COM_getYearFormOptions($close_year);
}
$story_templates->set_var('cmt_close_year_options', $year_options);
$cmt_close_ampm = '';
$cmt_close_hour = $story->EditElements('cmt_close_hour');
//correct hour
if ($cmt_close_hour >= 12) {
if ($cmt_close_hour > 12) {
$cmt_close_hour = $cmt_close_hour - 12;
}
$ampm = 'pm';
} else {
$ampm = 'am';
}
$ampm_select = COM_getAmPmFormSelection('cmt_close_ampm', $ampm);
if (empty($ampm_select)) {
// have a hidden field to 24 hour mode to prevent JavaScript errors
$ampm_select = '<input type="hidden" name="cmt_close_ampm" value=""' . XHTML . '>';
}
$story_templates->set_var('cmt_close_ampm_selection', $ampm_select);
if ($_CONF['hour_mode'] == 24) {
$hour_options = COM_getHourFormOptions($story->EditElements('cmt_close_hour'), 24);
} else {
$hour_options = COM_getHourFormOptions($cmt_close_hour);
}
$story_templates->set_var('cmt_close_hour_options', $hour_options);
$minute_options = COM_getMinuteFormOptions($story->EditElements('cmt_close_minute'));
$story_templates->set_var('cmt_close_minute_options', $minute_options);
$story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
$featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
} else {
$featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"" . XHTML . ">";
}
$story_templates->set_var('featured_options', $featured_options);
$story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
$story_templates->set_var('story_introtext', $story->EditElements('introtext'));
$story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
$story_templates->set_var('lang_introtext', $LANG24[16]);
$story_templates->set_var('lang_bodytext', $LANG24[17]);
$story_templates->set_var('lang_postmode', $LANG24[4]);
$story_templates->set_var('lang_publishoptions', $LANG24[76]);
$story_templates->set_var('noscript', COM_getNoScript(false, $LANG24[77], sprintf($LANG24[78], $_CONF['site_admin_url'], $sid)));
$postmode = $story->EditElements('postmode');
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
$postmode = '';
}
}
$post_options = COM_optionList($_TABLES['postmodes'], 'code,name', $postmode);
$postmode_list = 'plaintext,html';
// If Advanced Mode - add post option and set default if editing story created with Advanced Editor
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
$postmode_list .= ',adveditor';
if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
$post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
} else {
$post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
}
}
if ($_CONF['wikitext_editor']) {
$postmode_list .= ',wikitext';
if ($story->EditElements('postmode') == 'wikitext') {
$post_options .= '<option value="wikitext" selected="selected">' . $LANG24[88] . '</option>';
} else {
$post_options .= '<option value="wikitext">' . $LANG24[88] . '</option>';
}
}
$story_templates->set_var('post_options', $post_options);
$postmode_array = explode(',', $postmode_list);
$allowed_html = '';
foreach ($postmode_array as $pm) {
$allowed_html .= COM_allowedHTML('story.edit', false, 1, $pm);
}
$allowed_tags = array('code', 'raw');
if ($_CONF['allow_page_breaks'] == 1) {
$allowed_tags = array_merge($allowed_tags, array('page_break'));
}
$allowed_html .= COM_allowedAutotags(false, $allowed_tags);
$story_templates->set_var('lang_allowed_html', $allowed_html);
$fileinputs = '';
$saved_images = '';
if ($_CONF['maximagesperarticle'] > 0) {
$story_templates->set_var('lang_images', $LANG24[47]);
$icount = DB_count($_TABLES['article_images'], 'ai_sid', $story->getSid());
if ($icount > 0) {
$result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . $story->getSid() . "'");
for ($z = 1; $z <= $icount; $z++) {
$I = DB_fetchArray($result_articles);
$saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . ' ' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']"' . XHTML . '><br' . XHTML . '>';
}
}
$newallowed = $_CONF['maximagesperarticle'] - $icount;
for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
$fileinputs .= $z . ') <input type="file" dir="ltr" name="file' . $z . '"' . XHTML . '>';
if ($z < $_CONF['maximagesperarticle']) {
$fileinputs .= '<br' . XHTML . '>';
}
}
$fileinputs .= '<br' . XHTML . '>' . $LANG24[51];
if ($_CONF['allow_user_scaling'] == 1) {
$fileinputs .= $LANG24[27];
}
$fileinputs .= $LANG24[28] . '<br' . XHTML . '>';
}
// Add JavaScript
$_SCRIPTS->setJavaScriptFile('story_editor', '/javascript/story_editor.js');
if ($_CONF['titletoid']) {
$_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
$story_templates->set_var('titletoid', true);
}
$_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
// Loads jQuery UI datepicker and timepicker-addon
$_SCRIPTS->setJavaScriptLibrary('jquery.ui.slider');
// $_SCRIPTS->setJavaScriptLibrary('jquery.ui.button');
$_SCRIPTS->setJavaScriptLibrary('jquery.ui.datepicker');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-i18n');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon-i18n');
// $_SCRIPTS->setJavaScriptLibrary('jquery-ui-slideraccess');
$_SCRIPTS->setJavaScriptFile('datetimepicker', '/javascript/datetimepicker.js');
$langCode = COM_getLangIso639Code();
$toolTip = $MESSAGE[118];
$imgUrl = $_CONF['site_url'] . '/images/calendar.png';
$_SCRIPTS->setJavaScript("jQuery(function () {" . " geeklog.hour_mode = {$_CONF['hour_mode']};" . " geeklog.datetimepicker.set('publish', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . " geeklog.datetimepicker.set('expire', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . " geeklog.datetimepicker.set('cmt_close', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . "});", TRUE, TRUE);
// Setup Advanced Editor
COM_setupAdvancedEditor('/javascript/storyeditor_adveditor.js');
$story_templates->set_var('saved_images', $saved_images);
$story_templates->set_var('image_form_elements', $fileinputs);
$story_templates->set_var('lang_hits', $LANG24[18]);
$story_templates->set_var('story_hits', $story->EditElements('hits'));
$story_templates->set_var('lang_comments', $LANG24[19]);
$story_templates->set_var('story_comments', $story->EditElements('comments'));
$story_templates->set_var('lang_trackbacks', $LANG24[29]);
$story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
$story_templates->set_var('lang_emails', $LANG24[39]);
$story_templates->set_var('story_emails', $story->EditElements('numemails'));
if ($mode == 'clone') {
$story_templates->set_var('story_id', COM_makesid());
} else {
$story_templates->set_var('story_id', $story->getSid());
$story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
}
$story_templates->set_var('lang_sid', $LANG24[12]);
$story_templates->set_var('lang_save', $LANG_ADMIN['save']);
$story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
$story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
$story_templates->set_var('gltoken_name', CSRF_TOKEN);
$token = SEC_createToken();
$story_templates->set_var('gltoken', $token);
$story_templates->parse('output', 'editor');
$display .= COM_startBlock($LANG24[5], '', COM_getBlockTemplate('_admin_block', 'header'));
$display .= SEC_getTokenExpiryNotice($token, $LANG24[91]);
$display .= $story_templates->finish($story_templates->get_var('output'));
$display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $display;
}
/**
* Callback function for the ListFactory class
*
* This function gets called by the ListFactory class and formats
* each row accordingly for example pulling usernames from the
* users table and displaying a link to their profile.
*
* @param array $row An array of plain data to format
* @return array A reformatted version of the input array
*
*/
public function searchFormatCallback($preSort, $row)
{
global $_CONF, $LANG09;
if ($preSort) {
if (is_array($row[LF_SOURCE_TITLE])) {
$row[LF_SOURCE_TITLE] = implode($_CONF['search_separator'], $row[LF_SOURCE_TITLE]);
}
if (is_numeric($row['uid'])) {
if (empty($this->_names[$row['uid']])) {
$this->_names[$row['uid']] = htmlspecialchars(COM_getDisplayName($row['uid']));
if ($row['uid'] != 1) {
$this->_names[$row['uid']] = COM_createLink($this->_names[$row['uid']], $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $row['uid']);
}
}
$row['uid'] = $this->_names[$row['uid']];
}
} else {
$row[LF_SOURCE_TITLE] = COM_createLink($row[LF_SOURCE_TITLE], $this->_searchURL . '&type=' . $row[LF_SOURCE_NAME] . '&mode=search');
if ($row['url'] != '#') {
$row['url'] = ($row['url'][0] == '/' ? $_CONF['site_url'] : '') . $row['url'];
if (isset($this->_url_rewrite[$row[LF_SOURCE_NAME]]) && $this->_url_rewrite[$row[LF_SOURCE_NAME]]) {
$row['url'] = COM_buildUrl($row['url']);
}
if (isset($this->_append_query[$row[LF_SOURCE_NAME]]) && $this->_append_query[$row[LF_SOURCE_NAME]]) {
if (!empty($this->_query)) {
$row['url'] .= (strpos($row['url'], '?') ? '&' : '?') . 'query=' . urlencode($this->_query);
}
}
}
$row['title'] = $this->_shortenText($this->_query, $row['title'], 8);
$row['title'] = stripslashes(str_replace('$', '$', $row['title']));
$row['title'] = COM_createLink($row['title'], $row['url']);
if ($row['description'] == 'LF_NULL') {
$row['description'] = '<i>' . $LANG09[70] . '</i>';
} elseif ($row['description'] != '<i>' . $LANG09[70] . '</i>') {
$row['description'] = stripslashes($this->_shortenText($this->_query, PLG_replaceTags($row['description']), $this->_wordlength));
}
if ($row['date'] != 'LF_NULL') {
$dt = COM_getUserDateTimeFormat(intval($row['date']));
$row['date'] = $dt[0];
}
if ($row['hits'] != 'LF_NULL') {
$row['hits'] = COM_NumberFormat($row['hits']) . ' ';
// simple solution to a silly problem!
}
}
return $row;
}
$display .= doTest($url, 'data/test.txt', 'data directory');
@unlink($_CONF['path_data'] . 'test.txt');
} else {
$display .= '<li>' . sprintf($LANG_SECTEST['failed_tmp'], 'data') . '</li>';
}
$display .= checkDefaultPassword();
$display .= '</ol>';
} else {
$resultInstallDirCheck = checkInstallDir();
$resultPasswordCheck = checkDefaultPassword();
if ($failed_tests == 0) {
$display .= '<p>' . $LANG_SECTEST['okay'] . '</p>';
} else {
$display .= '<ol>';
$display .= $resultInstallDirCheck . LB . $resultPasswordCheck;
$display .= '</ol>';
}
}
if ($failed_tests > 0) {
$display .= '<p class="warningsmall"><strong>' . $LANG_SECTEST['please_fix'] . '</strong></p>';
DB_save($_TABLES['vars'], 'name,value', "'security_check','0'");
} else {
$display .= '<p>' . $LANG_SECTEST['please_note'] . '</p>';
DB_save($_TABLES['vars'], 'name,value', "'security_check','1'");
}
$ml = COM_createLink('geeklog-announce', 'http://lists.geeklog.net/mailman/listinfo/geeklog-announce');
$versioncheck = '<strong>' . $LANG01[107] . '</strong>';
$display .= '<p>' . sprintf($LANG_SECTEST['stay_informed'], $ml, $versioncheck) . '</p>';
$display .= COM_endBlock();
$display .= COM_siteFooter();
COM_output($display);
/**
* Display form to email a story to someone.
*
* @param string $sid ID of article to email
* @return string HTML for email story form
*
*/
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG08, $LANG_LOGIN;
require_once $_CONF['path_system'] . 'lib-story.php';
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
$retval = COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$login = new Template($_CONF['path_layout'] . 'submit');
$login->set_file(array('login' => 'submitloginrequired.thtml'));
$login->set_var('xhtml', XHTML);
$login->set_var('site_url', $_CONF['site_url']);
$login->set_var('site_admin_url', $_CONF['site_admin_url']);
$login->set_var('layout_url', $_CONF['layout_url']);
$login->set_var('login_message', $LANG_LOGIN[2]);
$login->set_var('lang_login', $LANG_LOGIN[3]);
$login->set_var('lang_newuser', $LANG_LOGIN[4]);
$login->parse('output', 'login');
$retval .= $login->finish($login->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
return $retval;
}
$story = new Story();
$result = $story->loadFromDatabase($sid, 'view');
if ($result != STORY_LOADED_OK) {
return COM_refresh($_CONF['site_url'] . '/index.php');
}
if ($msg > 0) {
$retval .= COM_showMessage($msg);
}
if (empty($from) && empty($fromemail)) {
if (!COM_isAnonUser()) {
$from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
$fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
}
}
$mail_template = new Template($_CONF['path_layout'] . 'profiles');
$mail_template->set_file('form', 'contactauthorform.thtml');
$mail_template->set_var('xhtml', XHTML);
$mail_template->set_var('site_url', $_CONF['site_url']);
$mail_template->set_var('site_admin_url', $_CONF['site_admin_url']);
$mail_template->set_var('layout_url', $_CONF['layout_url']);
$mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
$mail_template->set_var('lang_title', $LANG08[31]);
$mail_template->set_var('story_title', $story->displayElements('title'));
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
$mail_template->set_var('story_url', $url);
$link = COM_createLink($story->displayElements('title'), $url);
$mail_template->set_var('story_link', $link);
$mail_template->set_var('lang_fromname', $LANG08[20]);
$mail_template->set_var('name', $from);
$mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
$mail_template->set_var('email', $fromemail);
$mail_template->set_var('lang_toname', $LANG08[18]);
$mail_template->set_var('toname', $to);
$mail_template->set_var('lang_toemailaddress', $LANG08[19]);
$mail_template->set_var('toemail', $toemail);
$mail_template->set_var('lang_cc', $LANG08[36]);
$mail_template->set_var('lang_cc_description', $LANG08[37]);
$mail_template->set_var('lang_shortmessage', $LANG08[27]);
$mail_template->set_var('shortmsg', htmlspecialchars($shortmsg));
$mail_template->set_var('lang_warning', $LANG08[22]);
$mail_template->set_var('lang_sendmessage', $LANG08[16]);
$mail_template->set_var('story_id', $sid);
$mail_template->set_var('end_block', COM_endBlock());
PLG_templateSetVars('emailstory', $mail_template);
$mail_template->parse('output', 'form');
$retval .= $mail_template->finish($mail_template->get_var('output'));
return $retval;
}
/**
* Shows the story submission form
*
*/
function submitstory()
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG12, $LANG24, $_SCRIPTS;
// Add JavaScript
$_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
$retval = '';
$story = new Story();
if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
// preview
$story->loadSubmission();
$retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
} else {
$story->initSubmission();
}
$storyform = COM_newTemplate($_CONF['path_layout'] . 'submit');
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
$storyform->set_file('storyform', 'submitstory_advanced.thtml');
$storyform->set_var('change_editormode', 'onchange="change_editmode(this);"');
$storyform->set_var('lang_expandhelp', $LANG24[67]);
$storyform->set_var('lang_reducehelp', $LANG24[68]);
$link_message = COM_isAnonUser() ? '' : $LANG01[138];
$storyform->set_var('noscript', COM_getNoScript(false, '', $link_message));
// Setup Advanced Editor
COM_setupAdvancedEditor('/javascript/submitstory_adveditor.js');
if ($story->EditElements('postmode') === 'html') {
$storyform->set_var('show_texteditor', 'none');
$storyform->set_var('show_htmleditor', '');
} else {
$storyform->set_var('show_texteditor', '');
$storyform->set_var('show_htmleditor', 'none');
}
} else {
$storyform->set_file('storyform', 'submitstory.thtml');
if ($story->EditElements('postmode') === 'html') {
$storyform->set_var('show_texteditor', 'none');
$storyform->set_var('show_htmleditor', '');
} else {
$storyform->set_var('show_texteditor', '');
$storyform->set_var('show_htmleditor', 'none');
}
}
$storyform->set_var('lang_username', $LANG12[27]);
if (!COM_isAnonUser()) {
$storyform->set_var('story_username', $_USER['username']);
$storyform->set_var('author', COM_getDisplayName());
$storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
$storyform->set_var('lang_loginout', $LANG12[34]);
} else {
$storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
$storyform->set_var('lang_loginout', $LANG12[2]);
if (!$_CONF['disable_new_user_registration']) {
$storyform->set_var('separator', ' | ');
$storyform->set_var('seperator', ' | ');
$storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => 'nofollow')));
}
}
$storyform->set_var('lang_title', $LANG12[10]);
$storyform->set_var('story_title', $story->EditElements('title'));
$storyform->set_var('lang_topic', $LANG12[28]);
$tlist = TOPIC_getTopicSelectionControl('article', '', false, false, false);
$storyform->set_var('topic_selection', $tlist);
if (empty($tlist)) {
$retval .= COM_showMessage(101);
return $retval;
}
$storyform->set_var('story_topic_options', $tlist);
$storyform->set_var('lang_story', $LANG12[29]);
$storyform->set_var('lang_introtext', $LANG12[54]);
$storyform->set_var('lang_bodytext', $LANG12[55]);
$storyform->set_var('story_introtext', $story->EditElements('introtext'));
$storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
$storyform->set_var('lang_postmode', $LANG12[36]);
$postmode = $story->EditElements('postmode');
$storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
$allowed_html = '';
foreach (array('plaintext', 'html') as $pm) {
$allowed_html .= COM_allowedHTML('story.edit', false, 1, $pm);
}
$allowed_html .= COM_allowedAutotags();
$storyform->set_var('allowed_html', $allowed_html);
$storyform->set_var('story_uid', $story->EditElements('uid'));
$storyform->set_var('story_sid', $story->EditElements('sid'));
$storyform->set_var('story_date', $story->EditElements('unixdate'));
$storyform->set_var('lang_preview', $LANG12[32]);
PLG_templateSetVars('story', $storyform);
if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
$storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
}
$retval .= COM_startBlock($LANG12[6], 'submitstory.html');
$storyform->parse('theform', 'storyform');
$retval .= $storyform->finish($storyform->get_var('theform'));
$retval .= COM_endBlock();
return $retval;
}
/**
* CallBack function for the ListFactory class
*
* This function gets called by the ListFactory class and formats
* each row accordingly for example pulling usernames from the
* users table and displaying a link to their profile.
*
* @author Sami Barakat <s.m.barakat AT gmail DOT com>
* @access public
* @param array $row An array of plain data to format
* @return array A reformatted version of the input array
*
*/
function searchFormatCallBack($preSort, $row)
{
global $_CONF, $_USER;
$dt = new Date('now', $_USER['tzid']);
if ($preSort) {
$row[SQL_TITLE] = is_array($row[SQL_TITLE]) ? implode($_CONF['search_separator'], $row[SQL_TITLE]) : $row[SQL_TITLE];
if (is_numeric($row['uid'])) {
if (empty($this->_names[$row['uid']])) {
$this->_names[$row['uid']] = htmlspecialchars(COM_getDisplayName($row['uid']));
if ($row['uid'] != 1) {
$this->_names[$row['uid']] = COM_createLink($this->_names[$row['uid']], $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $row['uid']);
}
}
$row['uid'] = $this->_names[$row['uid']];
}
} else {
$row[SQL_TITLE] = COM_createLink($row[SQL_TITLE], $this->_searchURL . '&type=' . $row[SQL_NAME] . '&mode=search');
$row['url'] = ($row['url'][0] == '/' ? $_CONF['site_url'] : '') . $row['url'];
if ($this->_url_rewrite[$row[SQL_NAME]]) {
$row['url'] = COM_buildUrl($row['url']);
}
if ($row['title'] == '') {
$row['title'] = $row[SQL_TITLE];
}
$row['title'] = $row['title'];
// $this->_shortenText($this->_query, $row['title'], 6);
$row['title'] = str_replace('$', '$', $row['title']);
$row['title'] = COM_createLink($row['title'], $row['url']);
if ($row['description'] == '') {
$row['description'] = $_CONF['search_no_data'];
} else {
$row['description'] = $row['description'];
}
if ($row['description'] != $_CONF['search_no_data']) {
$row['description'] = $this->_shortenText($this->_query, $row['description'], $this->_wordlength);
}
$dt->setTimestamp($row['date']);
$row['date'] = $dt->format($_CONF['daytime'], true);
$row['hits'] = COM_NumberFormat($row['hits']) . ' ';
// simple solution to a silly problem!
}
return $row;
}
}
closedir($dir);
}
$header_arr = array(array('text' => $LANG_SX00['plugin'], 'field' => 'title'), array('text' => $LANG33[30], 'field' => 'regdate'), array('text' => $LANG_SX00['action'], 'field' => 'edit'));
$data_arr = array();
foreach ($files as $file) {
require_once $_CONF['path'] . 'plugins/spamx/' . $file . '.Admin.class.php';
$CM = new $file();
$action = 'Edit';
$link = $CM->linkText;
$regdate = '-';
if (strpos($link, 'Edit ') !== false) {
$link = substr($link, 5);
$regdate = DB_getItem($_TABLES['spamx'], 'regdate', "name = '{$CM->moduleName}' ORDER BY regdate DESC ");
} else {
$action = 'View';
}
$data_arr[] = array('title' => $link, 'regdate' => $regdate, 'edit' => COM_createLink($LANG_SX00[strtolower($action)], $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=' . $file));
}
$data_arr[] = array('title' => $LANG_SX00['documentation'], 'regdate' => '-', 'edit' => COM_createLink($LANG_SX00['view'], plugin_getdocumentationurl_spamx('index')));
$display .= ADMIN_simpleList(null, $header_arr, null, $data_arr);
if (isset($_REQUEST['command'])) {
$cmd = COM_applyFilter($_REQUEST['command']);
if (!empty($cmd) && in_array($cmd, $files)) {
$CM = new $cmd();
$display .= $CM->display();
}
}
$display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
$display = COM_createHTMLDocument($display, array('pagetitle' => $LANG_SX00['plugin_name']));
COM_output($display);
