function loadTextFromArgs($arg, $postmode = '')
{
if (!empty($postmode)) {
$this->setPostmode($postmode);
}
if ($this->_postmode == 'html' || $this->_postmode == 'wikitext') {
$this->_text = COM_checkHTML(COM_checkWords($arg), 'story.edit');
} else {
$this->_text = COM_makeClickableLinks(htmlspecialchars(COM_checkWords($arg)));
}
return $this->_text;
}
/**
* Returns text ready for display.
*
* @param string $text Text to prepare for display
* @param string $postmode Indicates if text is html, adveditor, wikitext or plaintext
* @param int $version version of GLText engine
* @return string Escaped String
* @access public
*
*/
public static function getDisplayText($text, $postmode, $version)
{
if ($version == GLTEXT_FIRST_VERSION) {
// first version
if ($postmode == 'plaintext') {
$text = COM_nl2br($text);
}
if ($postmode == 'wikitext') {
$text = self::_editUnescape($text, $postmode);
$text = self::renderWikiText($text);
}
} else {
// latest version
if ($postmode == 'html' || $postmode == 'adveditor') {
// Get rid of any newline characters
$text = str_replace("\n", '', $text);
$text = self::_handleSpecialTag_callback($text, array('[code]', '[/code]', '<pre><code>', '</code></pre>'), '_escapeSPChars');
$text = self::_handleSpecialTag_callback($text, array('[raw]', '[/raw]', '<!--raw--><span class="raw">', '</span><!--/raw-->'), '_escapeSPChars');
}
if ($postmode == 'plaintext') {
$text = htmlspecialchars($text, ENT_QUOTES, COM_getEncodingt());
$text = COM_makeClickableLinks($text);
$text = COM_nl2br($text);
}
if ($postmode == 'wikitext') {
$text = self::_editUnescape($text, $postmode);
$text = self::renderWikiText($text);
// $text = self::_htmLawed($text, 'story.edit');
}
$text = COM_checkWords($text);
}
$text = PLG_replaceTags(self::_displayEscape($text));
return $text;
}
/**
* used for the lists of submissions and draft stories in admin/moderation.php
*
* @param string $fieldName
* @param string $fieldValue
* @param array $A
* @param array $icon_arr
* @return string
*/
function ADMIN_getListField_moderation($fieldName, $fieldValue, $A, $icon_arr)
{
global $_CONF, $_TABLES, $LANG_ADMIN;
$type = '';
if (isset($A['_moderation_type'])) {
$type = $A['_moderation_type'];
}
switch ($fieldName) {
case 'edit':
$retval = COM_createLink($icon_arr['edit'], $A['edit']);
break;
case 'delete':
$retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"delete\"" . XHTML . ">";
break;
case 'approve':
$retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"approve\"" . XHTML . ">" . "<input type=\"hidden\" name=\"id[{$A['row']}]\" value=\"{$A[0]}\"" . XHTML . ">";
break;
case 'day':
$retval = strftime($_CONF['daytime'], $A['day']);
break;
case 'tid':
$retval = DB_getItem($_TABLES['topics'], 'topic', "tid = '{$A['tid']}'");
break;
case 'uid':
$name = '';
if ($A['uid'] == 1) {
$name = htmlspecialchars(COM_stripslashes(DB_getItem($_TABLES['commentsubmissions'], 'name', "cid = '{$A['id']}'")));
}
if (empty($name)) {
$name = COM_getDisplayName($A['uid']);
}
if ($A['uid'] == 1) {
$retval = $name;
} else {
$retval = COM_createLink($name, $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid']);
}
break;
case 'publishfuture':
if (!SEC_inGroup('Comment Submitters', $A['uid']) && $A['uid'] > 1) {
$retval = "<input type=\"checkbox\" name=\"publishfuture[]\" value=\"{$A['uid']}\"" . XHTML . ">";
} else {
$retval = $LANG_ADMIN['na'];
}
break;
default:
if ($fieldName == 4 && ($type === 'story' || $type === 'story_draft')) {
$retval = TOPIC_getTopicAdminColumn('article', $A[0]);
} elseif ($fieldName == 2 && $type === 'comment') {
$commentText = COM_getTextContent($A['comment']);
$excerpt = htmlspecialchars(COM_truncate($commentText, 140, '...'));
// try to provide a link to the parent item (e.g. article, poll)
$info = PLG_getItemInfo($A['type'], $A['sid'], 'title,url');
if (empty($info) || empty($info[0]) || empty($info[1])) {
// if not available, display excerpt from the comment
$retval = htmlspecialchars(COM_truncate($commentText, 40, '...'));
if (strlen($commentText) > 40) {
$retval = '<span title="' . $excerpt . '">' . $retval . '</span>';
}
} else {
$retval = COM_createLink($info[0], $info[1], array('title' => $excerpt));
}
} else {
$retval = COM_makeClickableLinks(stripslashes($fieldValue));
}
break;
}
return $retval;
}
/**
* Extract only the links from the post
*
* SLV has a problem with non-ASCII character sets, so we feed it the URLs
* only. We also remove all URLs containing our site's URL.
*
* Since we don't know if the post is in HTML or plain ASCII, we run it
* through getLinks() twice.
*
* @param string $comment The post to check
* @return string All the URLs in the post, sep. by linefeeds
*
*/
function prepareLinks($comment)
{
$links = array();
$linklist = '';
// some spam posts have extra backslashes
$comment = stripslashes($comment);
// some spammers have yet to realize that we're not supporting BBcode
// but since we want the URLs, convert it here ...
$comment = preg_replace('/\\[url=([^\\]]*)\\]/i', '<a href="\\1">', $comment);
$comment = str_replace(array('[/url]', '[/URL]'), array('</a>', '</a>'), $comment);
// get all links from <a href="..."> tags
$links = $this->getLinks($comment);
// strip all HTML, then get all the plain text links
$comment = COM_makeClickableLinks(strip_tags($comment));
$links += $this->getLinks($comment);
if (count($links) > 0) {
$this->checkWhitelist($links);
$linklist = implode("\n", $links);
}
return trim($linklist);
}
/**
* This is the second most importantest bit. This function must load the
* title, intro and body of the article from the post array, removing all
* HTML mode content into the nice safe form that geeklog can then (simply)
* spit back out into the page on render. After doing a magic tags
* replacement. And nl2br.
*
* This DOES NOT ADDSLASHES! We do that on DB store, because we want to
* keep our internal variables in "display mode", not in db mode or anything.
*
* @param $title string posttitle, only had stripslashes if necessary
* @param $intro string introtext, only had stripslashes if necessary
* @param $body string bodytext, only had stripslashes if necessary
* @return nothing
* @access private
*/
function _plainTextLoadStory($title, $intro, $body)
{
$this->_title = htmlspecialchars(strip_tags(COM_checkWords($title)));
$this->_introtext = COM_makeClickableLinks(htmlspecialchars(COM_checkWords($intro)));
$this->_bodytext = COM_makeClickableLinks(htmlspecialchars(COM_checkWords($body)));
}
/**
* Filters comment text and appends necessary tags (sig and/or edit)
*
* @copyright Jared Wenerd 2008
* @author Jared Wenerd, wenerd87 AT gmail DOT com
* @param string $comment comment text
* @param string $postmode ('html', 'plaintext', ...)
* @param string $type Type of item (article, poll, etc.)
* @param bool $edit if true append edit tag
* @param int $cid commentid if editing comment (for proper sig)
* @return string of comment text
*/
function CMT_prepareText($comment, $postmode, $type, $edit = false, $cid = null)
{
global $_USER, $_TABLES, $LANG03, $_CONF;
if ($postmode == 'html') {
$html_perm = $type == 'article' ? 'story.edit' : "{$type}.edit";
$comment = COM_checkWords(COM_checkHTML(COM_stripslashes($comment), $html_perm));
} else {
// plaintext
$comment = htmlspecialchars(COM_checkWords(COM_stripslashes($comment)));
$newcomment = COM_makeClickableLinks($comment);
if (strcmp($comment, $newcomment) != 0) {
$comment = nl2br($newcomment);
}
}
if ($edit) {
$comment .= '<div class="comment-edit">' . $LANG03[30] . ' ' . strftime($_CONF['date'], time()) . ' ' . $LANG03[31] . ' ' . $_USER['username'] . '</div><!-- /COMMENTEDIT -->';
$text = $comment;
}
if (empty($_USER['uid'])) {
$uid = 1;
} elseif ($edit && is_numeric($cid)) {
//if comment moderator
$uid = DB_getItem($_TABLES['comments'], 'uid', "cid = '{$cid}'");
} else {
$uid = $_USER['uid'];
}
$sig = '';
if ($uid > 1) {
$sig = DB_getItem($_TABLES['users'], 'sig', "uid = '{$uid}'");
if (!empty($sig)) {
$comment .= '<!-- COMMENTSIG --><div class="comment-sig">';
if ($postmode == 'html') {
$comment .= '---<br' . XHTML . '>' . nl2br($sig);
} else {
$comment .= '---' . LB . $sig;
}
$comment .= '</div><!-- /COMMENTSIG -->';
}
}
return $comment;
}
function MG_saveComment($title, $comment, $sid, $pid, $type, $postmode, $uid, $cmtdate, $ipaddress = '')
{
global $_CONF, $_TABLES, $_USER, $_SERVER, $LANG03;
USES_lib_comment();
$ret = 0;
// Sanity check
if (empty($sid) || empty($title) || empty($comment) || empty($type)) {
COM_errorLog("CMT_saveComment: {$uid} from {$_SERVER['REMOTE_ADDR']} tried " . 'to submit a comment with one or more missing values.');
return $ret = 1;
}
// Check that anonymous comments are allowed
if ($uid == 1 && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
COM_errorLog("CMT_saveComment: IP address {$_SERVER['REMOTE_ADDR']} " . 'attempted to save a comment with anonymous comments disabled for site.');
return $ret = 2;
}
// Let plugins have a chance to decide what to do before saving the comment, return errors.
if ($someError = PLG_commentPreSave($uid, $title, $comment, $sid, $pid, $type, $postmode)) {
return $someError;
}
if ($ipaddress == '') {
$ipaddress = $_SERVER['REMOTE_ADDR'];
}
// Clean 'em up a bit!
if ($postmode == 'html') {
$comment = COM_checkWords(COM_checkHTML(DB_escapeString($comment)));
} else {
$comment = htmlspecialchars(COM_checkWords($comment));
$newcomment = COM_makeClickableLinks($comment);
if (strcmp($comment, $newcomment) != 0) {
$comment = nl2br($newcomment);
$postmode = 'html';
}
}
$title = COM_checkWords(strip_tags($title));
// Get signature
$sig = '';
if ($uid > 1) {
$sig = DB_getItem($_TABLES['users'], 'sig', "uid = '{$uid}'");
}
if (!empty($sig)) {
if ($postmode == 'html') {
$comment .= '<p>---<br>' . nl2br($sig);
} else {
$comment .= LB . LB . '---' . LB . $sig;
}
}
// check for non-int pid's
// this should just create a top level comment that is a reply to the original item
if (!is_numeric($pid) || $pid < 0) {
$pid = 0;
}
if (!empty($title) && !empty($comment)) {
$title = DB_escapeString($title);
$comment = DB_escapeString($comment);
// Insert the comment into the comment table
DB_query("LOCK TABLES {$_TABLES['comments']} WRITE");
if ($pid > 0) {
$result = DB_query("SELECT rht, indent FROM {$_TABLES['comments']} WHERE cid = {$pid} " . "AND sid = '{$sid}'");
list($rht, $indent) = DB_fetchArray($result);
if (!DB_error()) {
DB_query("UPDATE {$_TABLES['comments']} SET lft = lft + 2 " . "WHERE sid = '{$sid}' AND type = '{$type}' AND lft >= {$rht}");
DB_query("UPDATE {$_TABLES['comments']} SET rht = rht + 2 " . "WHERE sid = '{$sid}' AND type = '{$type}' AND rht >= {$rht}");
DB_save($_TABLES['comments'], 'sid,uid,comment,date,title,pid,lft,rht,indent,type,ipaddress', "'{$sid}',{$uid},'{$comment}','{$cmtdate}','{$title}',{$pid},{$rht},{$rht}+1,{$indent}+1,'{$type}','{$ipaddress}'");
} else {
//replying to non-existent comment or comment in wrong article
COM_errorLog("CMT_saveComment: {$uid} from {$ipaddress} tried " . 'to reply to a non-existent comment or the pid/sid did not match');
$ret = 4;
// Cannot return here, tables locked!
}
} else {
$rht = DB_getItem($_TABLES['comments'], 'MAX(rht)', "sid = '{$sid}'");
if (DB_error()) {
$rht = 0;
}
DB_save($_TABLES['comments'], 'sid,uid,comment,date,title,pid,lft,rht,indent,type,ipaddress', "'{$sid}',{$uid},'{$comment}','{$cmtdate}','{$title}',{$pid},{$rht}+1,{$rht}+2,0,'{$type}','{$ipaddress}'");
}
$cid = DB_insertId();
DB_query('UNLOCK TABLES');
// Send notification of comment if no errors and notications enabled for comments
if ($ret == 0 && isset($_CONF['notification']) && in_array('comment', $_CONF['notification'])) {
CMT_sendNotification($title, $comment, $uid, $ipaddress, $type, $cid);
}
} else {
COM_errorLog("CMT_saveComment: {$uid} from {$ipaddress} tried " . 'to submit a comment with invalid $title and/or $comment.');
return $ret = 5;
}
return $ret;
}
/**
* Apply filters to the text element
*
* @param string $text
* @param string $postMode
* @return string
*/
private function _applyTextFilter($text, $postMode)
{
$text = GLText::remove4byteUtf8Chars($text);
if ($this->_text_version == GLTEXT_FIRST_VERSION) {
// first version
// Remove any autotags the user doesn't have permission to use
$text = PLG_replaceTags($text, '', true);
$text = COM_checkWords($text, 'story');
if (in_array($postMode, array('html', 'adveditor', 'wikitext'))) {
// html or wikitext
$text = GLText::checkHTML($text, 'story.edit');
} else {
// plaintext
$text = COM_makeClickableLinks(htmlspecialchars($text));
}
} else {
// latest version
// Now not do anything here to hold the raw text.
// And do all of the text processing just before display.
}
return $text;
}
function dlformat(&$T, &$A, $isListing = false, $cid = ROOTID)
{
global $_CONF, $_TABLES, $LANG01, $_DLM_CONF, $LANG_DLM, $mytree;
$A['rating'] = number_format($A['rating'], 2);
$A['title'] = DLM_htmlspecialchars($A['title']);
$A['project'] = DLM_htmlspecialchars($A['project']);
$A['url'] = DLM_htmlspecialchars($A['url']);
$A['homepage'] = DLM_htmlspecialchars($A['homepage']);
$A['version'] = DLM_htmlspecialchars($A['version']);
$A['size'] = DLM_htmlspecialchars($A['size']);
$A['md5'] = DLM_htmlspecialchars($A['md5']);
$A['logourl'] = DLM_htmlspecialchars($A['logourl']);
$A['postmode'] = DLM_htmlspecialchars($A['postmode']);
$A['tags'] = DLM_htmlspecialchars($A['tags']);
$A['datetime'] = strftime($_DLM_CONF['date_format'], $A['date']);
if (version_compare(VERSION, '2.1.0') >= 0) {
require_once $_CONF['path_system'] . 'classes/gltext.class.php';
$A['description'] = GLText::getDisplayText($A['description'], $A['postmode'], 2);
$A['detail'] = GLText::getDisplayText($A['detail'], $A['postmode'], 2);
} else {
require_once $_CONF['path'] . 'plugins/downloads/include/gltext.class.php';
$gltext = new GLPText();
$A['description'] = $gltext->getDisplayText($A['description'], $A['postmode']);
$A['detail'] = $gltext->getDisplayText($A['detail'], $A['postmode']);
}
$filedetail_url = COM_buildURL($_CONF['site_url'] . '/downloads/index.php?id=' . $A['lid']);
$visitfile_url = COM_buildURL($_CONF['site_url'] . '/downloads/visit.php?id=' . $A['lid']);
if ($isListing && !empty($A['detail'])) {
$A['description'] .= '<p class="download-break">' . COM_createLink($LANG_DLM['more'], $filedetail_url) . '</p>';
}
$result = DB_query("SELECT username, fullname, photo " . "FROM {$_TABLES['users']} " . "WHERE uid = {$A['owner_id']}");
$B = DB_fetchArray($result);
$submitter_name = COM_getDisplayName($A['owner_id'], $B['username'], $B['fullname']);
if (empty($submitter_name)) {
$submitter_name = $LANG_DLM['unknown_uid'];
} else {
$submitter_name = COM_createLink($submitter_name, $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['owner_id']);
}
$path = $mytree->getNicePathFromId($A['cid'], 'title', $_CONF['site_url'] . '/downloads/index.php');
$temp = $mytree->getSepalator();
$path = substr($path, 0, strlen($path) - strlen($temp));
$path = str_replace($temp, ' <img src="' . $_CONF['site_url'] . '/downloads/images/arrow.gif" alt="arrow"' . XHTML . '> ', $path);
$tags = '-';
if (!empty($A['tags'])) {
$tags = getTagList($A['tags']);
if (empty($tags)) {
$tags = '-';
}
}
$notags = $tags == '-' ? 'dlm_notags' : '';
$T->set_var('lang_category', $LANG_DLM['category']);
$T->set_var('category_path', $path);
$T->set_var('lang_tags', $LANG_DLM['tags']);
$T->set_var('tags', $tags);
$T->set_var('notags', $notags);
$T->set_var('lang_submitter', $LANG_DLM['submitter']);
$T->set_var('submitter_name', $submitter_name);
$T->set_var('lid', $A['lid']);
$T->set_var('cid', $A['cid']);
$T->set_var('lang_dlnow', $LANG_DLM['dlnow']);
$T->set_var('dtitle', $A['title']);
$T->set_var('filedetail_url', $filedetail_url);
$T->set_var('visitfile_url', $visitfile_url);
$T->set_var('listing_cid', $cid);
$T->set_var('lang_download_button', $LANG_DLM['download_button']);
$startdate = time() - 60 * 60 * 24 * 7;
if ($startdate < $A['date']) {
$image_new = COM_createImage($_CONF['site_url'] . '/downloads/images/newred.gif', $LANG_DLM['newthisweek']);
$newdownload = '<span class="badgenew">NEW</span>';
}
$T->set_var('image_newdownload', $image_new);
// Image (New)
$T->set_var('newdownload', $newdownload);
// Badge (New)
if ($A['hits'] >= $_DLM_CONF['download_popular']) {
$image_pop = COM_createImage($_CONF['site_url'] . '/downloads/images/pop.gif', $LANG_DLM['popular']);
$popdownload = '<span class="badgepop">POP</span>';
}
$T->set_var('image_popular', $image_pop);
// Image (Pop)
$T->set_var('popdownload', $popdownload);
// Badge (Pop)
// category image
$cat_title = DLM_htmlspecialchars($A['cat_title']);
if ($_DLM_CONF['download_useshots'] && !empty($A['imgurl'])) {
$imgurl = $_DLM_CONF['snapcat_url'] . '/' . DLM_htmlspecialchars($A['imgurl']);
} else {
$imgurl = $_CONF['site_url'] . '/downloads/images/download.png';
}
$category_image = COM_createImage($imgurl, $cat_title, array('width' => $_DLM_CONF['download_shotwidth']));
$T->set_var('category_image', $category_image);
$T->set_var('download_title', $LANG_DLM['click2dl'] . ': ' . $A['url']);
$T->set_var('url', $A['url']);
$T->set_var('file_description', $A['description']);
$T->set_var('file_detail', $A['detail']);
$T->set_var('rating', $A['rating']);
if ($A['rating'] != "0" || $A['rating'] != "0.00") {
$votestring = sprintf($LANG_DLM['numvotes'], $A['votes']);
}
$T->set_var('votestring', $votestring);
if (!empty($A['mg_autotag'])) {
// use the mediagallery autotag as a snapshot.
$mg_autotag = str_replace(array('[', ']'), '', $A['mg_autotag']);
$mg_autotag = '[' . $mg_autotag . ' width:' . $_DLM_CONF['max_tnimage_width'] . ' height:' . $_DLM_CONF['max_tnimage_height'] . ' align:left]';
$T->set_var('mg_autotag', PLG_replaceTags($mg_autotag, 'mediagallery'));
$T->set_var('snapshot', '');
$T->set_var('snaplinkicon', '');
} elseif (!empty($A['logourl'])) {
$safename = DLM_createSafeFileName($A['logourl']);
$imgpath = $_DLM_CONF['path_tnstore'] . $safename;
$imgpath = DLM_modTNPath($imgpath);
$tnimgurl = $_DLM_CONF['tnstore_url'] . '/' . $safename;
$tnimgurl = substr($tnimgurl, 0, -3) . substr($imgpath, -3);
// align the extension
$sizeattributes = DLM_getImgSizeAttr($imgpath);
$T->set_var('snapshot_url', $_DLM_CONF['snapstore_url'] . '/' . $safename);
$T->set_var('thumbnail_url', $tnimgurl);
$T->set_var('snapshot_sizeattr', $sizeattributes);
$T->set_var('lang_click2see', $LANG_DLM['click2see']);
$T->set_var('show_snapshoticon', '');
$T->set_var('show_snapshoticon_na', 'none');
$T->set_var('mg_autotag', '');
if ($_DLM_CONF['show_tn_image']) {
$T->parse('snapshot', 'tsnapshot');
} else {
$T->parse('snaplinkicon', 'tsnaplinkicon');
}
} else {
$tnimgurl = $_CONF['site_url'] . '/downloads/images/blank.png';
$T->set_var('thumbnail_url', $tnimgurl);
$T->set_var('snapshot_url', $_CONF['site_url'] . '/downloads/index.php');
$T->set_var('snapshot_sizeattr', 'width="200" height="200" ');
$T->set_var('show_snapshoticon', 'none');
$T->set_var('show_snapshoticon_na', '');
$T->parse('snapshot', 'tsnapshot');
$T->set_var('snaplinkicon', '');
$T->set_var('mg_autotag', '');
}
$T->set_var('lang_version', $LANG_DLM['ver']);
$T->set_var('lang_rating', $LANG_DLM['ratingc']);
$T->set_var('lang_submitdate', $LANG_DLM['submitdate']);
$T->set_var('lang_size', $LANG_DLM['size']);
$T->set_var('datetime', $A['datetime']);
$T->set_var('version', $A['version']);
// Check if restricted access has been enabled for download report to admin's only
if ($A['hits'] > 0 && DLM_hasAccess_history()) {
$T->set_var('begin_dlreport_link', '<a href="' . COM_buildURL($_CONF['site_url'] . '/downloads/history.php?lid=' . $A['lid']) . '">');
$T->set_var('end_dlreport_link', '</a>');
} else {
$T->set_var('begin_dlreport_link', '');
$T->set_var('end_dlreport_link', '');
}
$T->set_var('download_times', sprintf($LANG_DLM['dltimes'], $A['hits']));
$T->set_var('download_count', $A['hits']);
$T->set_var('lang_popularity', $LANG_DLM['popularity']);
$T->set_var('lang_filesize', $LANG_DLM['filesize']);
$T->set_var('file_size', DLM_PrettySize($A['size']));
$T->set_var('homepage_url', $A['homepage']);
$T->set_var('homepage_link', '-');
if (!empty($A['homepage'])) {
$T->set_var('homepage_link', COM_makeClickableLinks($A['homepage']));
}
$T->set_var('lang_homepage', $LANG_DLM['homepage']);
$T->set_var('lang_download', $LANG_DLM['download']);
$T->set_var('lang_filelink', $LANG_DLM['filelink']);
$T->set_var('lang_permalink', $LANG_DLM['permalink']);
$T->set_var('lang_ratethisfile', $LANG_DLM['ratethisfile']);
$T->set_var('lang_edit', $LANG_DLM['edit']);
$T->set_var('show_editlink', $_DLM_CONF['has_edit_rights'] ? '' : 'none');
$T->set_var('lang_md5_checksum', $LANG_DLM['md5_checksum']);
$T->set_var('md5_checksum', $A['md5']);
if ($A['commentcode'] == 0) {
$commentCount = DB_count($_TABLES['comments'], 'sid', addslashes($A['lid']));
$recentPostMessage = $LANG_DLM['commentswanted'];
if ($commentCount > 0) {
$result4 = DB_query("SELECT cid, UNIX_TIMESTAMP(date) AS day, username " . "FROM {$_TABLES['comments']}, {$_TABLES['users']} " . "WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid " . "AND sid = '" . addslashes($A['lid']) . "' " . "ORDER BY date DESC LIMIT 1");
$C = DB_fetchArray($result4);
$recentPostMessage = $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . $C['username'];
$comment_link = COM_createLink($commentCount . ' ' . $LANG01[3], $filedetail_url, array('title' => $recentPostMessage));
} else {
$A['title'] = str_replace(''', "'", $A['title']);
$A['title'] = str_replace('&', '&', $A['title']);
$url = $_CONF['site_url'] . '/comment.php?type=downloads&sid=' . $A['lid'] . '&title=' . rawurlencode($A['title']);
$comment_link = COM_createLink($LANG_DLM['entercomment'], $url, array('title' => $recentPostMessage));
}
$T->set_var('comment_link', $comment_link);
$T->set_var('show_comments', '');
} else {
$T->set_var('show_comments', 'none');
}
}
/**
* Returns formatted field values for the moderation lists
*
*/
function MODERATE_getListField($fieldname, $fieldvalue, $A, $icon_arr, $token)
{
global $_CONF, $_USER, $_TABLES, $LANG_ADMIN, $LANG28, $LANG29, $_IMAGE_TYPE;
$retval = '';
$type = '';
if (isset($A['_type_']) && !empty($A['_type_'])) {
$type = $A['_type_'];
} else {
return $retval;
// we can't work without an item type
}
$dt = new Date('now', $_USER['tzid']);
$field = $fieldname;
$field = $type == 'user' && $fieldname == 1 ? 'user' : $field;
$field = $type == 'story' && $fieldname == 2 ? 'day' : $field;
$field = $type == 'story' && $fieldname == 3 ? 'tid' : $field;
$field = $type == 'user' && $fieldname == 3 ? 'email' : $field;
$field = $type != 'user' && $fieldname == 4 ? 'uid' : $field;
$field = $type == 'user' && $fieldname == 4 ? 'day' : $field;
switch ($field) {
case 'edit':
$retval = COM_createLink($icon_arr['edit'], $A['edit']);
break;
case 'user':
$retval = '<img src="' . $_CONF['layout_url'] . '/images/admin/user.' . $_IMAGE_TYPE . '" style="vertical-align:bottom;"/> ' . $fieldvalue;
break;
case 'day':
$dt->setTimeStamp($A['day']);
$retval = $dt->format($_CONF['daytime'], true);
break;
case 'tid':
$retval = DB_getItem($_TABLES['topics'], 'topic', "tid = '" . DB_escapeString($A['tid']) . "'");
break;
case 'uid':
if (!isset($A['uid'])) {
$A['uid'] = 1;
}
// lookup the username from the uid
$username = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $A['uid']);
if ($A['uid'] == 1) {
// anonymous user
$retval = $icon_arr['greyuser'] . ' ' . '<span style="vertical-align:top">' . $username . '</span>';
} else {
$attr['title'] = $LANG28[108];
$url = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid'];
$retval = COM_createLink($icon_arr['user'], $url, $attr);
$retval .= ' ';
$attr['style'] = 'vertical-align:top;';
$retval .= COM_createLink($username, $url, $attr);
}
break;
case 'email':
$url = 'mailto:' . $fieldvalue;
$attr['title'] = $LANG28[111];
$retval = COM_createLink($icon_arr['mail'], $url, $attr);
$retval .= ' ';
$attr['title'] = $LANG28[99];
$url = $_CONF['site_admin_url'] . '/mail.php?uid=' . $A['uid'];
$attr['style'] = 'vertical-align:top;';
$retval .= COM_createLink($fieldvalue, $url, $attr);
break;
case 'approve':
$retval = '';
$attr['title'] = $LANG29[1];
$attr['onclick'] = 'return confirm(\'' . $LANG29[48] . '\');';
$retval .= COM_createLink($icon_arr['accept'], $_CONF['site_admin_url'] . '/moderation.php' . '?approve=x' . '&type=' . $A['_type_'] . '&id=' . $A[0] . '&' . CSRF_TOKEN . '=' . $token, $attr);
break;
case 'delete':
$retval = '';
$attr['title'] = $LANG_ADMIN['delete'];
$attr['onclick'] = 'return confirm(\'' . $LANG29[49] . '\');';
$retval .= COM_createLink($icon_arr['delete'], $_CONF['site_admin_url'] . '/moderation.php' . '?delete=x' . '&type=' . $A['_type_'] . '&id=' . $A[0] . '&' . CSRF_TOKEN . '=' . $token, $attr);
break;
default:
$retval = COM_makeClickableLinks($fieldvalue);
break;
}
return $retval;
}
/**
* This is the second most importantest bit. This function must load the
* title, intro and body of the article from the post array, removing all
* HTML mode content into the nice safe form that geeklog can then (simply)
* spit back out into the page on render. After doing a magic tags
* replacement. And nl2br.
*
* This DOES NOT ADDSLASHES! We do that on DB store, because we want to
* keep our internal variables in "display mode", not in db mode or anything.
*
* @param $title string posttitle, only had stripslashes if necessary
* @param $intro string introtext, only had stripslashes if necessary
* @param $body string bodytext, only had stripslashes if necessary
* @return nothing
* @access private
*/
function _plainTextLoadStory($title, $intro, $body)
{
$this->_title = htmlspecialchars(strip_tags(COM_checkWords($title)));
// Remove any autotags the user doesn't have permission to use
$intro = PLG_replaceTags($intro, '', true);
$body = PLG_replaceTags($body, '', true);
$this->_introtext = COM_makeClickableLinks(htmlspecialchars(COM_checkWords($intro)));
$this->_bodytext = COM_makeClickableLinks(htmlspecialchars(COM_checkWords($body)));
}
