// PHPmotion http://www.phpmotion.com //
///////////////////////////////////////////////////////////////////////////////////////
// License: You are not to sell or distribute this software without permission //
// Help and support please visit http://www.phpmotion.com //
// Copyright reserved //
///////////////////////////////////////////////////////////////////////////////////////
include_once '../classes/config.php';
include_once '../classes/permissions.php';
$word_length = $config['max_tag_word_length'];
$id = (int) mysql_real_escape_string($_GET['id']);
if (!empty($_POST)) {
$id = (int) mysql_real_escape_string($_POST['id']);
}
// check if uid is in the requesting url
if ($id == '') {
ErrorDisplay1($config['invalid_request']);
die;
}
//______PERMISSIONS CHECK _____________________________________________________________________________
$usercheck = new LoadPermissions('', $id, 'blogs');
//($user_id, $content_id, $content_type);
$usercheck->CheckPermissions();
$usercheck->ActionsCheck('edit');
//Can be ( edit, delete, both ) dies if user does not have permissions
//_____________________________________________________________________________________________________
// Some basic presets
$show_notification = 0;
$show_success = 0;
$show_warning = 0;
// update mysql database
if (isset($_POST['submit'])) {
<?php
include_once '../classes/config.php';
include_once '../classes/permissions.php';
$id = mysql_real_escape_string($_GET['id']);
if (!empty($_POST)) {
$id = mysql_real_escape_string($_POST['id']);
}
// check if uid is in the requesting url
if ($id == "") {
ErrorDisplay1($config["invalid_request"]);
die;
}
//check permissions again
/////////////////////////
$usercheck = new LoadPermissions('', $id, 'image_album');
//($user_id, $content_id, $content_type);
$usercheck->CheckPermissions();
$usercheck->ActionsCheck('edit');
//Can be ( edit, delete, both ) this returns error and dies if user does not have permissions
// Some basic presets
$show_notification = 0;
///////////////////////
//update mysql database
///////////////////////
if ($_POST["submitted"] == "yes") {
//get form post (no mysql_real_escapE) so that it can be checked for full completion
$title = $_POST["title"];
$description = $_POST["description"];
$tags = $_POST["tags"];
//check if form filled in fully
///////////////////////////////////
$sql_1 = "SELECT * FROM member_profile WHERE user_id = {$user_id}";
$result_1 = @mysql_fetch_array(@mysql_query($sql_1));
$my_real_name = $result_1['first_name'];
//if the member has not yet updated their profile to show real name then use their username and email instead
if ($my_real_name == "") {
$my_real_name = $user_name . ' (' . $result_1['email_address'] . ')';
//this will create something like: inmotion (me@gmail.com)
}
//send email --------resuable------------------------------------->>
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
$email_template = 'email_templates/invitemessage_internal.htm';
$subject = $config['invite_email_subject'];
$to = $friends_email;
$from = $config['notifications_from_email'];
$template = $email_template;
$TBS = new clsTinyButStrong();
$TBS->NoErr = true;
$TBS->LoadTemplate("{$template}");
$TBS->tbs_show(TBS_NOTHING);
$message = $TBS->Source;
//load postage.php
include 'includes/postage.php';
//>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
}
//Show Success
///////////////
ErrorDisplay1($config['error_4']);
//invitation sent out
die;
//END
