$T = new Template(MG_getTemplatePath($album_id));
$T->set_file(array('page' => 'album_page.thtml', 'noitems' => 'album_page_noitems.thtml'));
SESS_setVar('mediagallery.album.page', $page + 1);
$T->set_var(array('site_url' => $_MG_CONF['site_url'], 'birdseed' => $birdseed, 'birdseed_ul' => $birdseedUL, 'album_title' => PLG_replaceTags($MG_albums[$album_id]->title, 'mediagallery', 'album_title'), 'url_slideshow' => $url_slideshow, 'table_columns' => $columns_per_page, 'table_column_width' => intval(100 / $columns_per_page) . '%', 'top_pagination' => COM_printPageNavigation($_MG_CONF['site_url'] . '/album.php?aid=' . $album_id . '&sort=' . $sortOrder, $page + 1, ceil($total_items_in_album / $media_per_page)), 'bottom_pagination' => COM_printPageNavigation($_MG_CONF['site_url'] . '/album.php?aid=' . $album_id . '&sort=' . $sortOrder, $page + 1, ceil($total_items_in_album / $media_per_page)), 'page_number' => sprintf("%s %d %s %d", $LANG_MG03['page'], $current_print_page, $LANG_MG03['of'], $total_print_pages), 'jumpbox' => $album_jumpbox, 'album_jumpbox_raw' => $album_jumpbox_raw, 'album_id' => $album_id, 'lbslideshow' => $lbSlideShow, 'album_description' => $MG_albums[$album_id]->display_album_desc ? PLG_replaceTags($MG_albums[$album_id]->description, 'mediagallery', 'album_description') : '', 'album_id_display' => $MG_albums[0]->owner_id || $_MG_CONF['enable_media_id'] == 1 ? $LANG_MG03['album_id_display'] . $album_id : '', 'lang_slideshow' => $lang_slideshow, 'select_adminbox' => $admin_box, 'admin_box_items' => $admin_box_items, 'admin_menu' => $admin_menu, 'select_sortbox' => $sort_box, 'select_sortbox_raw' => $sort_box_raw, 'album_last_update' => $album_last_update[0], 'album_owner' => $ownername, 'media_count' => $MG_albums[$album_id]->getMediaCount(), 'lang_search' => $LANG_MG01['search']));
if ($MG_albums[$album_id]->enable_rss) {
$rssfeedname = sprintf($_MG_CONF['rss_feed_name'] . "%06d", $album_id);
$feedUrl = MG_getFeedUrl($rssfeedname . '.rss');
$rsslink = '<a href="' . $feedUrl . '"' . ' type="application/rss+xml">';
$rsslink .= '<img src="' . MG_getImageFile('feed.png') . '" style="border:none;" alt=""/></a>';
$T->set_var('rsslink', $rsslink);
} else {
$T->set_var('rsslink', '');
}
$subscribe = '';
if (!COM_isAnonUser()) {
if (PLG_isSubscribed('mediagallery', '', $album_id, $_USER['uid'])) {
$subscribe = '<a class="subscribelink" href="' . $_MG_CONF['site_url'] . '/subscription.php?op=unsubscribe&sid=' . $album_id . '">' . $LANG01['unsubscribe'] . '</a>';
$subscribe_url = $_MG_CONF['site_url'] . '/subscription.php?op=unsubscribe&sid=' . $album_id;
$subscribe_text = $LANG01['unsubscribe'];
} else {
$subscribe = '<a class="subscribelink" href="' . $_MG_CONF['site_url'] . '/subscription.php?op=subscribe&sid=' . $album_id . '">' . $LANG01['subscribe'] . '</a>';
$subscribe_url = $_MG_CONF['site_url'] . '/subscription.php?op=subscribe&sid=' . $album_id;
$subscribe_text = $LANG01['subscribe'];
}
$T->set_var('subscribe', $subscribe);
$T->set_var('subscribe_url', $subscribe_url);
$T->set_var('subscribe_text', $subscribe_text);
}
PLG_templateSetVars('mediagallery', $T);
if ($total_media == 0) {
$T->set_var(array('lang_no_image' => $LANG_MG03['no_media_objects']));
$topicResults = DB_query($sql);
$totalresults = DB_numRows($topicResults);
// Retrieve forum details and category name
$sql = "SELECT forum.forum_name,forum.forum_id AS forum, category.cat_name,category.id,forum.is_readonly,forum.grp_id,forum.rating_post,forum.rating_view FROM {$_TABLES['ff_forums']} forum ";
$sql .= "LEFT JOIN {$_TABLES['ff_categories']} category on category.id=forum.forum_cat ";
$sql .= "WHERE forum.forum_id = " . (int) $forum;
$category = DB_fetchArray(DB_query($sql));
if ($totalresults < 1 && $skipForum == false) {
$errMsg .= '<div class="pluginAlert" style="padding:10px;margin:10px;">' . $LANG_GF02['msg05'] . '</div>';
}
$canPost = _ff_canPost($category);
$subscribe = '';
$forumsubscribed = '';
if (!COM_isAnonUser() && $skipForum == false) {
// Check for user subscription status
$sub_check = PLG_isSubscribed('forum', $forum, 0, $uid);
if ($sub_check == false) {
$subscribelinkimg = '<img src="' . _ff_getImage('forumnotify_on') . '" style="vertical-align:middle;" alt="' . $LANG_GF01['FORUMSUBSCRIBE'] . '" title="' . $LANG_GF01['FORUMSUBSCRIBE'] . '"/>';
$subscribelink = $_CONF['site_url'] . '/forum/index.php?op=subscribe&forum=' . $forum;
$subcribelanguage = $LANG_GF01['FORUMSUBSCRIBE'];
$sub_option = 'subscribe_forum';
} else {
$subscribelinkimg = '<img src="' . _ff_getImage('forumnotify_off') . '" alt="' . $LANG_GF01['FORUMUNSUBSCRIBE'] . '" title="' . $LANG_GF01['FORUMUNSUBSCRIBE'] . '" style="vertical-align:middle;"/>';
$subscribelink = $_CONF['site_url'] . '/forum/notify.php?filter=2';
$subcribelanguage = $LANG_GF01['FORUMUNSUBSCRIBE'];
$sub_option = 'unsubscribe_forum';
$formsubscribed = TRUE;
}
$token = SEC_createToken();
$topiclisting->set_var(array('subscribelink' => $subscribelink, 'subscribelinkimg' => $subscribelinkimg, 'forumsubscribed' => $forumsubscribed, 'LANG_subscribe' => $subcribelanguage, 'forum' => $forum, 'suboption' => $sub_option, 'token' => $token, 'token_name' => CSRF_TOKEN));
}
/**
* Displays the comment form
*
* @param string $title Title of comment
* @param string $comment Text of comment
* @param string $sid ID of object comment belongs to
* @param int $pid ID of parent comment
* @param string $type Type of object comment is posted to
* @param string $mode Mode, e.g. 'preview'
* @param string $postmode Indicates if comment is plain text or HTML
* @return string HTML for comment form
*
*/
function CMT_commentForm($title, $comment, $sid, $pid = '0', $type, $mode, $postmode)
{
global $_CONF, $_TABLES, $_USER, $LANG03, $LANG12, $LANG_LOGIN, $LANG_ACCESS;
$retval = '';
$cid = 0;
$edit_comment = '';
$filter = sanitizer::getInstance();
$AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']);
$filter->setAllowedelements($AllowedElements);
$filter->setNamespace('glfusion', 'comment');
// never trust $uid ...
if (COM_isAnonUser()) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
$commentuid = $uid;
if (($mode == 'edit' || $mode == 'preview_edit') && isset($_REQUEST['cid'])) {
$cid = COM_applyFilter($_REQUEST['cid']);
$commentuid = DB_getItem($_TABLES['comments'], 'uid', "cid = " . (int) $cid);
}
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
$retval .= SEC_loginRequiredForm();
return $retval;
} else {
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
$last = 0;
if ($mode != 'edit' && $mode != 'preview' && $mode != 'preview_new' && $mode != 'preview_edit') {
//not edit mode or preview changes
$last = COM_checkSpeedlimit('comment');
}
if ($last > 0) {
$retval .= COM_showMessageText($LANG03[7] . $last . $LANG03[8], $LANG12[26], false);
} else {
if (empty($postmode)) {
$postmode = $_CONF['comment_postmode'];
}
$AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']);
$filter->setPostmode($postmode);
$filter->setCensorData(true);
$filter->setAllowedElements($AllowedElements);
$comment = $filter->filterHTML($comment);
$display_comment = $filter->displayText($comment);
$edit_comment = $filter->editableText($comment);
$filter->setPostmode('text');
$title = $filter->displayText($title);
$title = $filter->editableText($title);
$filter->setPostmode($postmode);
$_POST['title'] = $title;
$_POST['comment'] = $display_comment;
// Preview mode:
if (($mode == $LANG03[14] || $mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') && !empty($title) && !empty($comment)) {
$start = new Template($_CONF['path_layout'] . 'comment');
$start->set_file(array('comment' => 'startcomment.thtml'));
$start->set_var('hide_if_preview', 'style="display:none"');
// Clean up all the vars
$A = array();
foreach ($_POST as $key => $value) {
if ($key == 'pid' || $key == 'cid') {
$A[$key] = (int) COM_applyFilter($_POST[$key], true);
} else {
if ($key == 'title' || $key == 'comment') {
// these have already been filtered above
$A[$key] = $_POST[$key];
} else {
if ($key == 'username') {
$A[$key] = @htmlspecialchars(COM_checkWords(strip_tags($_POST[$key])), ENT_QUOTES, COM_getEncodingt());
} else {
$A[$key] = COM_applyFilter($_POST[$key]);
}
}
}
}
//correct time and username for edit preview
if ($mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') {
$A['nice_date'] = DB_getItem($_TABLES['comments'], 'UNIX_TIMESTAMP(date)', "cid = " . (int) $cid);
if ($_USER['uid'] != $commentuid) {
$A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $commentuid);
}
}
if (empty($A['username'])) {
$A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $uid);
}
$author_id = PLG_getItemInfo($type, $sid, 'author');
$thecomments = CMT_getComment($A, 'flat', $type, 'ASC', false, true, 0, $author_id);
$start->set_var('comments', $thecomments);
$retval .= '<a name="comment_entry"></a>';
$retval .= COM_startBlock($LANG03[14]) . $start->finish($start->parse('output', 'comment')) . COM_endBlock();
} else {
if ($mode == 'preview_new' || $mode == 'preview_edit') {
$retval .= COM_showMessageText($LANG03[12], $LANG03[17], true);
$mode = 'error';
}
}
$comment_template = new Template($_CONF['path_layout'] . 'comment');
$comment_template->set_file('form', 'commentform.thtml');
if ($mode == 'preview_new') {
$comment_template->set_var('mode', 'new');
$comment_template->set_var('show_anchor', '');
} else {
if ($mode == 'preview_edit') {
$comment_template->set_var('mode', 'edit');
$comment_template->set_var('show_anchor', '');
} else {
$comment_template->set_var('mode', $mode);
$comment_template->set_var('show_anchor', 1);
}
}
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
if ($_CONF['show_fullname'] == 1) {
$comment_template->set_var('lang_username', $LANG_ACCESS['name']);
} else {
$comment_template->set_var('lang_username', $LANG03[5]);
}
$comment_template->set_var('sid', $sid);
$comment_template->set_var('pid', $pid);
$comment_template->set_var('type', $type);
if ($mode == 'edit' || $mode == 'preview_edit') {
//edit modes
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[41]));
$comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . @htmlspecialchars(COM_applyFilter($_REQUEST['cid']), ENT_COMPAT, COM_getEncodingt()) . '"/>');
} else {
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
$comment_template->set_var('cid', '');
}
$comment_template->set_var('CSRF_TOKEN', SEC_createToken());
$comment_template->set_var('token_name', CSRF_TOKEN);
if (!COM_isAnonUser()) {
$comment_template->set_var('uid', $_USER['uid']);
$name = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
$comment_template->set_var('username', $name);
$comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout');
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]);
$comment_template->set_var('username_disabled', 'disabled="disabled"');
$comment_template->set_var('suballowed', true);
$isSub = 0;
if ($mode == 'preview_edit' || $mode == 'preview_new') {
$isSub = isset($_POST['subscribe']) ? 1 : 0;
} else {
if (PLG_isSubscribed('comment', $type, $sid)) {
$isSub = 1;
}
}
if ($isSub == 0) {
$subchecked = '';
} else {
$subchecked = 'checked="checked"';
}
$comment_template->set_var('subchecked', $subchecked);
} else {
//Anonymous user
$comment_template->set_var('uid', 1);
if (isset($_POST['username'])) {
$name = $filter->sanitizeUsername(COM_applyFilter($_POST['username']));
//for preview
} else {
$name = $LANG03[24];
//anonymous user
}
$usernameblock = '<input type="text" name="username" size="16" value="' . $name . '" maxlength="32"/>';
$comment_template->set_var('username', $name);
// $usernameblock);
$comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new');
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
$comment_template->set_var('username_disabled', '');
}
if ($postmode == 'html') {
$comment_template->set_var('htmlmode', true);
}
$comment_template->set_var('lang_title', $LANG03[16]);
$comment_template->set_var('title', @htmlspecialchars($title, ENT_COMPAT, COM_getEncodingt()));
$comment_template->set_var('lang_comment', $LANG03[9]);
$comment_template->set_var('comment', $edit_comment);
$comment_template->set_var('lang_postmode', $LANG03[2]);
$comment_template->set_var('postmode', $postmode);
$comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
$comment_template->set_var('allowed_html', $filter->getAllowedHTML() . '<br/>' . COM_AllowedAutotags('', false, 'glfusion', 'comment'));
$comment_template->set_var('lang_importantstuff', $LANG03[18]);
$comment_template->set_var('lang_instr_line1', $LANG03[19]);
$comment_template->set_var('lang_instr_line2', $LANG03[20]);
$comment_template->set_var('lang_instr_line3', $LANG03[21]);
$comment_template->set_var('lang_instr_line4', $LANG03[22]);
$comment_template->set_var('lang_instr_line5', $LANG03[23]);
if ($mode == 'edit' || $mode == 'preview_edit') {
//editing comment or preview changes
$comment_template->set_var('lang_preview', $LANG03[28]);
} else {
//new comment
$comment_template->set_var('lang_preview', $LANG03[14]);
}
if (function_exists('msg_replaceEmoticons')) {
$comment_template->set_var('smilies', msg_showsmilies());
}
$comment_template->unset_var('save_type');
PLG_templateSetVars('comment', $comment_template);
if ($mode == 'preview_edit' || $mode == 'edit' && $_CONF['skip_preview'] == 1) {
//for editing
$comment_template->set_var('save_type', 'saveedit');
$comment_template->set_var('lang_save', $LANG03[29]);
$comment_template->set_var('save_option', '<input type="submit" name="saveedit" value="' . $LANG03[29] . '"/>');
} elseif ($_CONF['skip_preview'] == 1 || $mode == 'preview_new') {
//new comment
$comment_template->set_var('save_type', 'savecomment');
$comment_template->set_var('lang_save', $LANG03[11]);
$comment_template->set_var('save_option', '<input type="submit" name="savecomment" value="' . $LANG03[11] . '"/>');
}
$comment_template->set_var('end_block', COM_endBlock());
$comment_template->parse('output', 'form');
$retval .= $comment_template->finish($comment_template->get_var('output'));
}
}
return $retval;
}
