/** * Show friendship statistics */ function show_friend_stats() { if (empty(main()->USER_ID)) { return _error_need_login(); } $_id = intval(main()->USER_ID); $sql = "SELECT * FROM " . db('log_user_action') . " WHERE action_name IN('add_friend', 'del_friend') AND owner_id=" . $_id . " ORDER BY add_date DESC"; list($add_sql, $pages, $total) = common()->divide_pages($sql); $stats_array = db()->query_fetch_all($sql . $add_sql); foreach ((array) $stats_array as $A) { $members_ids[] = $A["member_id"]; } $members_ids = array_unique((array) $members_ids); $user_infos = user($members_ids, "short"); foreach ((array) $stats_array as $A) { $replace2 = ["avatar" => _show_avatar($A["member_id"]), "event_date" => _format_date($A["add_date"], "long"), "user_nick" => $user_infos[$A["member_id"]]["nick"], "event" => $A["action_name"], "profile_url" => _profile_link($user_infos[$A["member_id"]])]; $items .= tpl()->parse($_GET["object"] . "/friend_stats_item", $replace2); } $replace = ["total" => $total, "pages" => $pages, "items" => $items, "back_url" => "./?object=" . $_GET["object"]]; return tpl()->parse($_GET["object"] . "/friend_stats_main", $replace); }
/** * Do delete comment */ function _delete($params = []) { if (empty(main()->USER_ID) && MAIN_TYPE_USER) { return _error_need_login(); } $_GET['id'] = intval($_GET['id']); $comment_info = db()->query_fetch('SELECT * FROM ' . db('comments') . ' WHERE id=' . intval($_GET['id'])); if (empty($comment_info['id'])) { return _e('No such comment!'); } $OBJECT_NAME = !empty($params['object_name']) ? $params['object_name'] : $_GET['object']; $OBJECT_ID = !empty($params['object_id']) ? intval($params['object_id']) : intval($_GET['id']); $SILENT_MODE = !empty($params['silent_mode']) ? 1 : 0; $RETURN_PATH = $_SERVER['HTTP_REFERER']; if (!empty($params['return_path'])) { $RETURN_PATH = process_url($params['return_path']); } elseif (!empty($params['return_action'])) { $RETURN_PATH = process_url('./?object=' . $_GET['object'] . '&action=' . $params['return_action'] . '&id=' . $comment_info['object_id']); } if (empty($OBJECT_NAME) || empty($OBJECT_ID)) { return ''; } if (module('comments')->_user_info['ban_comments'] && MAIN_TYPE_USER) { return _e('Sorry, you are not allowed to post comments!' . PHP_EOL . 'Perhaps, you broke some of our rules and moderator has banned you from using this feature. Please, enjoy our site in some other way!' . 'For more details <a href=\'./?object=faq&action=view&id=16\'>click here</a>'); } $module_obj = module($_GET['object']); // Check if user is allowed to perform this action $delete_allowed = false; $delete_allowed_check_method = is_object($module_obj) && method_exists($module_obj, module('comments')->_delete_allowed_method); if ($delete_allowed_check_method) { $m = module('comments')->_delete_allowed_method; $delete_allowed = (bool) module($_GET['object'])->{$m}(['user_id' => $comment_info['user_id'], 'object_id' => $comment_info['object_id']]); } else { $delete_allowed = main()->USER_ID && $comment_info['user_id'] == main()->USER_ID; } if (MAIN_TYPE_ADMIN || $SILENT_MODE) { $delete_allowed = true; } else { // get elapse time if (!empty(module('comments')->EDIT_LIMIT_TIME)) { $elapse_time = time() - $comment_info['add_date']; if ($elapse_time > module('comments')->EDIT_LIMIT_TIME) { return _e('allowed time to delete has expired'); } } } if (!$delete_allowed) { return _e('You are not allowed to perform this action'); } module('unread')->_set_read('comments', $_GET['id']); if (module('comments')->USE_TREE_MODE) { $have_children = db()->query_fetch('SELECT id FROM ' . db('comments') . ' WHERE object_name="' . $comment_info['object_name'] . '" AND object_id=' . $comment_info['object_id'] . ' AND parent_id=' . $comment_info['id'] . ' LIMIT 1'); if ($have_children) { db()->UPDATE('comments', ['text' => '__comment was deleted__', 'user_id' => 0], 'id=' . intval($_GET['id'])); } else { db()->query('DELETE FROM ' . db('comments') . ' WHERE id=' . intval($_GET['id']) . ' LIMIT 1'); } } else { db()->query('DELETE FROM ' . db('comments') . ' WHERE id=' . intval($_GET['id']) . ' LIMIT 1'); } // Execute custom on_update trigger (if exists one) $try_trigger_callback = [module($_GET['object']), module('comments')->_on_update_trigger]; if (is_callable($try_trigger_callback)) { call_user_func($try_trigger_callback, $params); } return !$SILENT_MODE ? js_redirect($RETURN_PATH, false) : ''; }