function display()
{
$myreturn = sanitize_and_format($this->value, TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]);
if (!empty($this->config['use_bbcode'])) {
$myreturn = bbcode2html($myreturn);
}
if (!empty($this->config['use_smilies'])) {
$myreturn = text2smilies($myreturn);
}
return $myreturn;
}
function gen_blogposts_cache()
{
global $dbtable_prefix;
$dirname = dirname(__FILE__);
$temp = array();
if ($dirname[0] == '/') {
// unixes here
$temp = explode('/', $dirname);
} else {
// windows here
$temp = explode('\\', $dirname);
}
$interval = (int) $temp[count($temp) - 1];
// that's how often we're executed ;)
$short_blog_chars = 400;
$config = get_site_option(array('bbcode_blogs', 'use_smilies'), 'core_blog');
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$post_ids = array();
$query = "SELECT a.`post_id`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,a.`fk_user_id`,a.`_user` as `user`,a.`fk_blog_id`,a.`title`,a.`post_content`,b.`_photo` as `photo`,c.`blog_name` FROM `{$dbtable_prefix}blog_posts` a,`{$dbtable_prefix}user_profiles` b,`{$dbtable_prefix}user_blogs` c WHERE a.`fk_user_id`=b.`fk_user_id` AND a.`fk_blog_id`=c.`blog_id` AND a.`status`=" . STAT_APPROVED . " AND a.`last_changed`>=DATE_SUB('" . gmdate('YmdHis') . "',INTERVAL " . ($interval + 2) . " MINUTE)";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($blog = mysql_fetch_assoc($res)) {
$post_ids[] = $blog['post_id'];
$blog['title'] = remove_banned_words(sanitize_and_format($blog['title'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2EDIT]));
$blog['post_content'] = remove_banned_words($blog['post_content']);
$post_content_short = substr($blog['post_content'], 0, strrpos(substr($blog['post_content'], 0, $short_blog_chars), ' '));
$post_content_short = sanitize_and_format($post_content_short, TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]);
$blog['post_content'] = sanitize_and_format($blog['post_content'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]);
if (!empty($config['bbcode_blogs'])) {
$blog['post_content'] = bbcode2html($blog['post_content']);
$post_content_short = bbcode2html($post_content_short);
}
if (!empty($config['use_smilies'])) {
$blog['post_content'] = text2smilies($blog['post_content']);
$post_content_short = text2smilies($post_content_short);
}
if (empty($blog['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $blog['photo'])) {
$blog['photo'] = 'no_photo.gif';
} else {
$blog['has_photo'] = true;
}
if (empty($blog['fk_user_id'])) {
unset($blog['fk_user_id']);
}
$towrite = '<?php $post=' . var_export($blog, true) . ';';
$fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '.inc.php', $towrite);
$blog['post_content'] = $post_content_short;
$towrite = '<?php $post=' . var_export($blog, true) . ';';
$fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '_short.inc.php', $towrite);
}
return true;
}
function prepare_post(&$mode, &$post_data, &$error_msg, &$username, &$subject, &$message)
{
global $bb_cfg, $user, $userdata, $lang;
// Check username
if (!empty($username)) {
$username = clean_username($username);
if (!$userdata['session_logged_in'] || $userdata['session_logged_in'] && $username != $user->name) {
require INC_DIR . 'functions_validate.php';
if ($err = validate_username($username)) {
$error_msg .= $err;
}
} else {
$username = '';
}
}
// Check subject
if (!empty($subject)) {
$subject = str_replace('&', '&', $subject);
} else {
if ($mode == 'newtopic' || $mode == 'editpost' && $post_data['first_post']) {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['EMPTY_SUBJECT'] : $lang['EMPTY_SUBJECT'];
}
}
// Check message
if (!empty($message)) {
} else {
if ($mode != 'delete') {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['EMPTY_MESSAGE'] : $lang['EMPTY_MESSAGE'];
}
}
// Check smilies limit
if ($bb_cfg['max_smilies']) {
$count_smilies = substr_count(bbcode2html($message), '<img class="smile" src="' . $bb_cfg['smilies_path']);
if ($count_smilies > $bb_cfg['max_smilies']) {
$to_many_smilies = sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies']);
$error_msg .= !empty($error_msg) ? '<br />' . $to_many_smilies : $to_many_smilies;
}
}
if (IS_GUEST && !bb_captcha('check')) {
$error_msg .= !empty($error_msg) ? '<br />' . $lang['CAPTCHA_WRONG'] : $lang['CAPTCHA_WRONG'];
}
}
}
$s_hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" /><input type="hidden" name="' . POST_TOPIC_URL . '" value="' . $topic_id . '" /><input type="hidden" name="mode" value="split" />';
if (($total_posts = DB()->num_rows($result)) > 0) {
$postrow = DB()->sql_fetchrowset($result);
$template->assign_vars(array('FORUM_NAME' => htmlCHR($forum_name), 'U_VIEW_FORUM' => FORUM_URL . $forum_id, 'S_SPLIT_ACTION' => 'modcp.php', 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_FORUM_SELECT' => get_forum_select('admin', 'new_forum_id', $forum_id)));
for ($i = 0; $i < $total_posts; $i++) {
$post_id = $postrow[$i]['post_id'];
$poster_id = $postrow[$i]['poster_id'];
$poster = $postrow[$i]['username'];
$post_date = bb_date($postrow[$i]['post_time']);
$message = $postrow[$i]['post_text'];
//
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
$message = bbcode2html($message);
$row_class = !($i % 2) ? 'row1' : 'row2';
$template->assign_block_vars('postrow', array('ROW_CLASS' => $row_class, 'POSTER_NAME' => wbr($poster), 'POST_DATE' => $post_date, 'MESSAGE' => $message, 'CHECKBOX' => defined('BEGIN_CHECKBOX') ? TRUE : FALSE, 'POST_ID' => $post_id, 'ROW_ID' => $i, 'CB_ID' => 'cb_' . $i));
if ($post_id == $topic_first_post_id) {
define('BEGIN_CHECKBOX', TRUE);
}
}
}
}
$template->set_filenames(array('body' => 'modcp_split.tpl'));
break;
case 'ip':
$anon = GUEST_UID;
$rdns_ip_num = isset($_GET['rdns']) ? $_GET['rdns'] : "";
if (!$post_id) {
bb_die($lang['NO_SUCH_POST']);
function get_parsed_post($postrow, $mode = 'full', $return_chars = 600)
{
global $bb_cfg;
if ($bb_cfg['use_posts_cache'] && !empty($postrow['post_html'])) {
return $postrow['post_html'];
}
$message = bbcode2html($postrow['post_text']);
// Posts cache
if ($bb_cfg['use_posts_cache']) {
DB()->shutdown['post_html'][] = array('post_id' => (int) $postrow['post_id'], 'post_html' => (string) $message);
}
return $message;
}
$tpp = $_G['setting']['noticeperpage'];
// 公告列表
$_BCACHE->cachesql('noticelist', 'SELECT i.itemid FROM ' . tname('noticeitems') . " i WHERE i.shopid = '{$shop['itemid']}' AND i.grade>2 ORDER BY i.displayorder_s ASC, i.itemid DESC", 0, 1, $tpp, 0, 'storelist', 'notice', $shop['itemid']);
$noticelist_multipage = $_SBLOCK['noticelist_multipage'];
$resultcount = $_SBLOCK['noticelist_listcount'];
foreach ($_SBLOCK['noticelist'] as $result) {
$result = $_BCACHE->getiteminfo('notice', $result['itemid'], $shop['itemid']);
$result['time'] = date('Y-m-d', $result['dateline']);
$noticelist[] = $result;
}
$seo_title = $lang['noticelistpage'] . ' - ' . $seo_title;
$theurl = "store.php?id={$shop['itemid']}&action=notice";
} else {
//公告詳情
$notice = $_BCACHE->getiteminfo('notice', $_GET['xid'], $_GET['id']);
$notice['message'] = bbcode2html($notice['message']);
if (!$notice) {
showmessage('not_found_msg', 'index.php');
}
$allowreply = $shop['allowreply'] && $notice['allowreply'] ? 1 : 0;
$notice['time'] = date('Y-m-d', $notice['dateline']);
//更新統計數
$isupdate = freshcookie($action, $notice['itemid']);
if ($isupdate || !$_G['setting']['updateview']) {
updateviewnum($action, $notice['itemid']);
}
if (!empty($notice['jumpurl'])) {
$notice['jumpurl'] = str_replace('&', '&', $notice['jumpurl']);
header("Location:{$notice['jumpurl']}");
exit;
}
exit('Access Denied');
}
if (empty($_GET['xid'])) {
$tpp = $_G['setting']['consumeperpage'];
//消費卷列表
$_BCACHE->cachesql('consumelist', 'SELECT i.itemid FROM ' . tname('consumeitems') . " i WHERE i.shopid='{$shop['itemid']}' AND i.grade=3 ORDER BY i.displayorder_s ASC, i.itemid DESC", 0, 1, $tpp, 0, 'storelist', 'consume', $_GET['id']);
$consumelist_multipage = $_SBLOCK['consumelist_multipage'];
foreach ($_SBLOCK['consumelist'] as $result) {
$result = $_BCACHE->getiteminfo('consume', $result['itemid'], $_GET['id']);
$consumelist[] = $result;
}
$theurl = "store.php?id={$shop['itemid']}&action=consume";
$seo_description = strip_tags($consume['message']);
} else {
$consume = $_BCACHE->getiteminfo('consume', $_GET['xid'], $_GET['id']);
$consume['message'] = bbcode2html($consume['message']);
if (!$consume) {
showmessage('not_found_msg', 'index.php');
}
$allowreply = $shop['allowreply'] && $consume['allowreply'] ? 1 : 0;
if ($_GET['do'] == 'print') {
DB::query('UPDATE ' . tname('consumeitems') . ' SET downnum=downnum+1 WHERE itemid=\'' . $_GET['xid'] . '\'');
echo '<body onload="window.print()"><img src="' . $consume['subjectimage'] . '"></body>';
exit;
}
//更新統計數
$isupdate = freshcookie($action, $consume['itemid']);
if ($isupdate || !$_G['setting']['updateview']) {
updateviewnum($action, $consume['itemid']);
}
$consume['time'] = date('Y-m-d H:i', $consume['dateline']);
$goodlist_multipage = $_SBLOCK['goodlist_multipage'];
$resultcount = $_SBLOCK['goodlist_listcount'];
foreach ($_SBLOCK['goodlist'] as $result) {
$result = $_BCACHE->getiteminfo('good', $result['itemid'], $shop['itemid']);
$result['time'] = date('Y-m-d', $result['dateline']);
$result['thumb'] = str_replace('static/image/nophoto.gif', 'static/image/noimg.gif', $result['thumb']);
$result['message'] = trim(strip_tags($result['message']));
$result['intro'] = cutstr($result['intro'], 130, true);
$goodlist[] = $result;
}
$seo_title = $lang['goodlist'] . ' - ' . $seo_title;
$theurl = "store.php?id={$shop['itemid']}&action=good";
} else {
//商品詳情
$good = $_BCACHE->getiteminfo('good', $_GET['xid'], $_GET['id']);
$good['message'] = bbcode2html($good['message']);
if (!$good) {
showmessage('not_found_msg', 'index.php');
}
$allowreply = $shop['allowreply'] && $good['allowreply'] ? 1 : 0;
$good['time'] = date('Y-m-d H:i', $good['dateline']);
$relatedarr = array();
$relatedarr = getrelatedinfo('good', $good['itemid'], $shop['itemid']);
//更新統計數
$isupdate = freshcookie($action, $good['itemid']);
if ($isupdate || !$_G['setting']['updateview']) {
updateviewnum($action, $good['itemid']);
}
//評論
$listcount = $good['replynum'];
$_G['setting']['viewspace_pernum'] = intval($_G['setting']['viewspace_pernum']);
/**
* Creates the tpl loop to show comments and the textarea where new comments could be written. Handles the cases when user is
* not logged in or not allowed to post comments.
*
* @access public
* @param string $type the identifier for the item where comments are displayed. Can be one of 'user','photo','blog','video'
* @param int $parent_id the ID in the parent table of the item where these comments are posted.
* @param array $config reference to the $config array in the calling script. It needs 'use_captcha','bbcode_comments','smilies_comm'
* @param array $output reference to the $output array in the calling script. It injects additional variables in $output to be
* used by the template system.
*
*/
function create_comments_loop($type, $parent_id, &$output, $params = array())
{
global $dbtable_prefix, $__field2format, $_list_of_online_members, $page_last_modified_time;
$myreturn = array();
switch ($type) {
case 'user':
$table = "{$dbtable_prefix}comments_profile";
$allow_comments = !empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $_SESSION[_LICENSE_KEY_]['user']['user_id'] == $parent_id ? $_SESSION[_LICENSE_KEY_]['user']['prefs']['profile_comments'] : get_user_settings($parent_id, 'def_user_prefs', 'profile_comments');
break;
case 'blog':
$table = "{$dbtable_prefix}comments_blog";
$allow_comments = isset($output['allow_comments']) ? $output['allow_comments'] : 1;
break;
case 'photo':
$table = "{$dbtable_prefix}comments_photo";
$allow_comments = isset($output['allow_comments']) ? $output['allow_comments'] : 1;
break;
case 'video':
$table = "{$dbtable_prefix}comments_video";
$allow_comments = isset($output['allow_comments']) ? $output['allow_comments'] : 1;
break;
}
$config = get_site_option(array('use_captcha', 'bbcode_comments', 'smilies_comm'), 'core');
$edit_comment = sanitize_and_format_gpc($_GET, 'edit_comment', TYPE_INT, 0, 0);
$query = "SELECT a.`comment_id`,a.`comment`,a.`fk_user_id`,a.`_user` as `user`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,b.`_photo` as `photo` FROM `{$table}` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`fk_user_id`=b.`fk_user_id` WHERE a.`fk_parent_id`={$parent_id} AND a.`status`=" . STAT_APPROVED . " ORDER BY a.`comment_id` ASC";
if (isset($params['offset']) && isset($params['limit'])) {
$query .= " LIMIT " . $params['offset'] . ',' . $params['limit'];
$count_query = "SELECT count(*) FROM `{$table}` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`fk_user_id`=b.`fk_user_id` WHERE a.`fk_parent_id`={$parent_id} AND a.`status`=" . STAT_APPROVED;
if (!($res = @mysql_query($count_query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$totalrows = mysql_result($res, 0, 0);
}
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($rsrow = mysql_fetch_assoc($res)) {
if ($rsrow['date_posted'] > $page_last_modified_time) {
$page_last_modified_time = $rsrow['date_posted'];
}
// if someone has asked to edit his/her comment
if ($edit_comment == $rsrow['comment_id']) {
$output['comment_id'] = $rsrow['comment_id'];
$output['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
}
$rsrow['date_posted'] = strftime($_SESSION[_LICENSE_KEY_]['user']['prefs']['datetime_format'], $rsrow['date_posted'] + $_SESSION[_LICENSE_KEY_]['user']['prefs']['time_offset']);
$rsrow['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
if (!empty($config['bbcode_comments'])) {
$rsrow['comment'] = bbcode2html($rsrow['comment']);
}
if (!empty($config['smilies_comm'])) {
$rsrow['comment'] = text2smilies($rsrow['comment']);
}
// allow showing the edit links to rightfull owners
if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $rsrow['fk_user_id'] == $_SESSION[_LICENSE_KEY_]['user']['user_id']) {
$rsrow['editme'] = true;
}
if (empty($rsrow['fk_user_id'])) {
// for the link to member profile
unset($rsrow['fk_user_id']);
} else {
if (isset($_list_of_online_members[$rsrow['fk_user_id']])) {
$rsrow['is_online'] = 'is_online';
$rsrow['user_online_status'] = $GLOBALS['_lang'][102];
} else {
$rsrow['user_online_status'] = $GLOBALS['_lang'][103];
}
}
if (empty($rsrow['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $rsrow['photo'])) {
$rsrow['photo'] = 'no_photo.gif';
}
$myreturn[] = $rsrow;
}
if (!empty($myreturn)) {
$output['show_comments'] = true;
if (isset($totalrows)) {
$output['pager'] = pager($totalrows, $params['offset'], $params['limit']);
$output['num_comments'] = $totalrows;
} else {
$output['num_comments'] = count($myreturn);
}
}
if ($allow_comments) {
// may I post comments please?
if (allow_at_level('write_comments', $_SESSION[_LICENSE_KEY_]['user']['membership'])) {
$output['allow_comments'] = true;
if (empty($_SESSION[_LICENSE_KEY_]['user']['user_id'])) {
if (!empty($config['use_captcha'])) {
require _BASEPATH_ . '/includes/classes/sco_captcha.class.php';
$c = new sco_captcha(_BASEPATH_ . '/includes/fonts', 4);
$_SESSION['captcha_word'] = $c->gen_rnd_string(4);
$output['rand'] = make_seed();
$output['use_captcha'] = true;
}
}
// would you let me use bbcode?
if (!empty($config['bbcode_comments'])) {
$output['bbcode_comments'] = true;
}
// if we came back after an error get what was previously posted
if (isset($_SESSION['topass']['input'])) {
$output = array_merge($output, $_SESSION['topass']['input']);
unset($_SESSION['topass']['input']);
}
} else {
unset($output['allow_comments']);
}
} else {
unset($output['allow_comments']);
}
if (!empty($edit_comment)) {
$_SERVER['QUERY_STRING'] = str_replace('&edit_comment=' . $edit_comment, '', $_SERVER['QUERY_STRING']);
}
return $myreturn;
}
$sql = "SELECT forum_name, allow_reg_tracker, forum_tpl_id FROM " . BB_FORUMS . " WHERE forum_id = {$forum_id} LIMIT 1";
if (!$forum_id or !($f_data = DB()->fetch_row($sql))) {
bb_die($lang['FORUM_NOT_EXIST']);
}
// tpl_data
$tpl_data = array();
$sql = "SELECT * FROM " . BB_TOPIC_TPL . " WHERE tpl_id = {$f_data['forum_tpl_id']} LIMIT 1";
if (!$f_data['forum_tpl_id'] or !($tpl_data = DB()->fetch_row($sql))) {
if (!$edit_tpl_mode) {
redirect(POSTING_URL . "?mode=newtopic&f={$forum_id}");
}
}
$template->assign_vars(array('PAGE_TITLE' => $lang['NEW_RELEASE'], 'FORUM_NAME' => $f_data['forum_name'], 'FORUM_ID' => $forum_id, 'TPL_FORM_ACTION' => POSTING_URL . "?mode=newtopic&f={$forum_id}", 'REGULAR_TOPIC_HREF' => POSTING_URL . "?mode=newtopic&f={$forum_id}", 'TOR_REQUIRED' => $f_data['allow_reg_tracker'], 'EDIT_TPL' => $edit_tpl_mode, 'CAN_EDIT_TPL' => $can_edit_tpl, 'EDIT_TPL_URL' => POSTING_URL . "?mode=new_rel&f={$forum_id}&edit_tpl=1"));
if ($tpl_data) {
// tpl_rules_html
$tpl_rules_html = '';
if ($tpl_data['tpl_rules_post_id']) {
if (!($tpl_rules_html = bbcode2html(DB()->fetch_row("SELECT post_text FROM " . BB_POSTS_TEXT . " WHERE post_id = " . $tpl_data['tpl_rules_post_id'], 'post_text')))) {
$tpl_data['tpl_rules_post_id'] = 0;
DB()->query("UPDATE " . BB_TOPIC_TPL . " SET tpl_rules_post_id = 0 WHERE tpl_id = {$f_data['forum_tpl_id']} LIMIT 1");
}
}
$template->assign_vars(array('TPL_ID' => $tpl_data['tpl_id'], 'TPL_NAME' => $tpl_data['tpl_name'], 'TPL_SRC_FORM_VAL' => $tpl_data['tpl_src_form'], 'TPL_SRC_TITLE_VAL' => $tpl_data['tpl_src_title'], 'TPL_SRC_MSG_VAL' => $tpl_data['tpl_src_msg'], 'TPL_RULES_HTML' => $tpl_rules_html));
}
if ($edit_tpl_mode) {
$template->assign_vars(array('NO_TPL_ASSIGNED' => !$f_data['forum_tpl_id'], 'TPL_SELECT' => get_select('forum_tpl', $f_data['forum_tpl_id'])));
if ($tpl_data) {
$template->assign_vars(array('TPL_COMMENT' => $tpl_data['tpl_comment'], 'TPL_RULES_POST_ID' => $tpl_data['tpl_rules_post_id'], 'TPL_LAST_EDIT_TIME' => bb_date($tpl_data['tpl_last_edit_tm'], 'd-M-y H:i'), 'TPL_LAST_EDIT_USER' => get_username(intval($tpl_data['tpl_last_edit_by'])), 'TPL_LAST_EDIT_TIMESTAMP' => $tpl_data['tpl_last_edit_tm']));
}
}
print_page(TEMPLATES_DIR . 'posting_tpl.tpl');
$output['show_comments'] = true;
$config = get_site_option(array('use_captcha', 'bbcode_comments', 'smilies_comm'), 'core');
$query = "SELECT a.`comment_id`,a.`comment`,a.`fk_user_id`,a.`_user` as `user`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,b.`_photo` as `photo` FROM `{$dbtable_prefix}comments_blog` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`fk_user_id`=b.`fk_user_id` WHERE a.`fk_parent_id`=" . $output['post_id'] . " ORDER BY a.`comment_id` ASC";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($rsrow = mysql_fetch_assoc($res)) {
// if someone has asked to edit his/her comment
if ($edit_comment == $rsrow['comment_id']) {
$output['comment_id'] = $rsrow['comment_id'];
$output['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
}
$rsrow['date_posted'] = strftime($time_options['datetime_format'], $rsrow['date_posted'] + $time_options['time_offset']);
$rsrow['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
if (!empty($config['bbcode_comments'])) {
$rsrow['comment'] = bbcode2html($rsrow['comment']);
}
if (!empty($config['smilies_comm'])) {
$rsrow['comment'] = text2smilies($rsrow['comment']);
}
if (empty($rsrow['fk_user_id'])) {
// for the link to member profile
unset($rsrow['fk_user_id']);
}
if (empty($rsrow['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $rsrow['photo'])) {
$rsrow['photo'] = 'no_photo.gif';
}
$loop[] = $rsrow;
}
if (!empty($loop)) {
$output['num_comments'] = count($loop);
$subject = sprintf($lang['MC_COMMENT_PM_SUBJECT'], $lang['MC_COMMENT'][$mc_type]['type']);
$message = sprintf($lang['MC_COMMENT_PM_MSG'], get_username($post['poster_id']), make_url(POST_URL . "{$post_id}#{$post_id}"), $lang['MC_COMMENT'][$mc_type]['type'], $mc_text);
send_pm($post['poster_id'], $subject, $message);
cache_rm_user_sessions($post['poster_id']);
}
switch ($mc_type) {
case 1:
// Комментарий
$mc_class = 'success';
break;
case 2:
// Информация
$mc_class = 'info';
break;
case 3:
// Предупреждение
$mc_class = 'warning';
break;
case 4:
// Нарушение
$mc_class = 'danger';
break;
default:
$mc_class = '';
break;
}
$this->response['mc_type'] = $mc_type;
$this->response['post_id'] = $post_id;
$this->response['mc_title'] = sprintf($lang['MC_COMMENT'][$mc_type]['title'], profile_url($userdata));
$this->response['mc_text'] = bbcode2html($mc_text);
$this->response['mc_class'] = $mc_class;
$blog_archive = array();
$query = "SELECT a.`post_id`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,UNIX_TIMESTAMP(a.`last_changed`) as `last_changed`,a.`fk_user_id`,a.`_user` as `user`,a.`fk_blog_id`,a.`title`,a.`post_content`,b.`_photo` as `photo`,c.`blog_name` FROM `{$dbtable_prefix}blog_posts` a,`{$dbtable_prefix}user_profiles` b,`{$dbtable_prefix}user_blogs` c WHERE a.`fk_user_id`=b.`fk_user_id` AND a.`fk_blog_id`=c.`blog_id` AND a.`status`=" . STAT_APPROVED;
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($blog = mysql_fetch_assoc($res)) {
$last_approved = $blog['last_changed'];
unset($blog['last_changed']);
$blog['fk_blog_id'] = (string) $blog['fk_blog_id'];
$blog['title'] = sanitize_and_format($blog['title'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
$post_content_short = substr($blog['post_content'], 0, strrpos(substr($blog['post_content'], 0, $short_blog_chars), ' '));
$post_content_short = sanitize_and_format($post_content_short, TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
$blog['post_content'] = sanitize_and_format($blog['post_content'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
if (!empty($config['bbcode_blogs'])) {
$blog['post_content'] = bbcode2html($blog['post_content']);
$post_content_short = bbcode2html($post_content_short);
}
if (!empty($config['use_smilies'])) {
$blog['post_content'] = text2smilies($blog['post_content']);
$post_content_short = text2smilies($post_content_short);
}
if (empty($blog['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $blog['photo'])) {
$blog['photo'] = 'no_photo.gif';
} else {
$blog['has_photo'] = true;
}
if (empty($blog['fk_user_id'])) {
unset($blog['fk_user_id']);
}
$towrite = '<?php $post=' . var_export($blog, true) . ';';
$fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '.inc.php', $towrite);
function postformat($mname, $data)
{
global $_G, $_SC, $_SGLOBAL;
$data['shopurl'] = B_URL . "/store.php?id=" . $_SGLOBAL['panelinfo']['itemid'];
$data['shopname'] = $_SGLOBAL['panelinfo']['subject'];
$data['sourceurl'] = B_URL . "/store.php?id=" . $_SGLOBAL['panelinfo']['itemid'] . "&action=" . $mname . "&xid=" . $data['itemid'];
$finalmsg = '';
switch ($mname) {
case 'good':
$finalmsg .= "[b][size=3]" . b_lang("good_minprice") . "[/size]" . "[/b][size=3][color=Red]" . $data['minprice'] . b_lang('rmb_yuan') . "[/color][/size] [size=3][b]" . b_lang('good_priceo') . "[/b]" . "" . $data['priceo'] . b_lang('rmb_yuan') . "[/size]\r\n\r\n";
$finalmsg .= "[size=3][b]" . b_lang("good_subjectimage") . "[/b][/size]\r\n[img]" . getattachurl($data['subjectimage']) . "[/img]\r\n\r\n";
$finalmsg .= "[size=3][b]" . b_lang('good_message') . "[/b][/size]\r\n[quote]" . bbs_bbcode(bbcode2html($data['message'])) . "[/quote]\r\n";
if ($relatedmsg = bbs_getrelatedinfo($mname, $data['itemid'], $_SGLOBAL['panelinfo']['itemid'])) {
$finalmsg .= "[align=left][size=3][b]" . b_lang('item_related') . "[/b][/size][/align]" . $relatedmsg . "\r\n";
}
$finalmsg .= "[align=left][size=3][b]" . b_lang('ownedshop') . "[/b][url=" . $data['shopurl'] . "]" . $data['shopname'] . "[/url][/size][/align]\r\n";
$finalmsg .= "[align=left][size=3][b]" . b_lang("good_cats") . "[/b]" . bbs_getitemcatids($data['catid'], $mname) . "[/size][/align]\r\n";
if ($attrmsg = bbs_getitemattr($data['catid'], $data['itemid'])) {
$finalmsg .= "[align=left][size=3][b]" . b_lang("good_attributes") . "[/b]" . $attrmsg . "[/size][/align]\r\n";
}
$finalmsg .= "[align=left][size=3][b]" . b_lang("good_validity") . "[/b]" . date("Y-m-d", $data['validity_start']) . b_lang('validityto') . date("Y-m-d", $data['validity_end']) . "[/size][/align]\r\n";
break;
case 'notice':
if (!empty($data['message']['jumpurl'])) {
$finalmsg .= "[size=3][b]" . b_lang('notice_jumpurl') . "[/b][url=" . $data['jumpurl'] . "]" . $data['jumpurl'] . "[/url][/size]\r\n";
} else {
$finalmsg .= "[size=3][b]" . b_lang("notice_subjectimage") . "[/b][/size]\r\n[img]" . getattachurl($data['subjectimage']) . "[/img]\r\n\r\n";
$finalmsg .= "[size=3][b]" . b_lang('notice_message') . "[/b][/size]\r\n[quote]" . bbs_bbcode(bbcode2html($data['message'])) . "[/quote]\r\n";
}
$finalmsg .= "[align=left][size=3][b]" . b_lang('ownedshop') . "[/b][url=" . $data['shopurl'] . "]" . $data['shopname'] . "[/url][/size][/align]\r\n";
$finalmsg .= "[align=left][size=3][b]" . b_lang("notice_cats") . "[/b]" . bbs_getitemcatids($data['catid'], $mname) . "[/size][/align]\r\n";
if ($attrmsg = bbs_getitemattr($data['catid'], $data['itemid'])) {
$finalmsg .= "[align=left][size=3][b]" . b_lang("good_attributes") . "[/b]" . $attrmsg . "[/size][/align]\r\n";
}
$finalmsg .= "[align=left][size=3][b]" . b_lang("notice_validity") . "[/b]" . date("Y-m-d", $data['validity_start']) . b_lang('validityto') . date("Y-m-d", $data['validity_end']) . "[/size][/align]\r\n";
break;
case 'consume':
$finalmsg .= "[size=3][b]" . b_lang("consume_nav") . "[/b][/size]\r\n[img]" . getattachurl($data['subjectimage']) . "[/img]\r\n\r\n";
$finalmsg .= "[align=left][size=3][b]" . b_lang("consume_validity") . "[/b]" . date("Y-m-d", $data['validity_start']) . b_lang('validityto') . date("Y-m-d", $data['validity_end']) . "[/size][/align]\r\n";
$finalmsg .= "[align=left][size=3][b]" . b_lang("consume_message") . "[/b]" . $data['message'] . "[/size][/align]\r\n";
$finalmsg .= "[align=left][size=3][b]" . b_lang("consume_exception") . "[/b]" . $data['exception'] . "[/size][/align]\r\n";
$finalmsg .= "[align=left][size=3][b]" . b_lang("consume_tel") . "[/b]" . $_SGLOBAL['panelinfo']['tel'] . "[/size][/align]\r\n";
$finalmsg .= "[align=left][size=3][b]" . b_lang("consume_address") . "[/b]" . $_SGLOBAL['panelinfo']['address'] . "[/size][/align]\r\n";
$finalmsg .= "[align=left][size=3][b]" . b_lang('ownedshop') . "[/b][url=" . $data['shopurl'] . "]" . $data['shopname'] . "[/url][/size][/align]\r\n";
$finalmsg .= "[align=left][size=3][b]" . b_lang("consume_cats") . "[/b]" . bbs_getitemcatids($data['catid'], $mname) . "[/size][/align]\r\n";
if ($attrmsg = bbs_getitemattr($data['catid'], $data['itemid'])) {
$finalmsg .= "[align=left][size=3][b]" . b_lang("good_attributes") . "[/b]" . $attrmsg . "[/size][/align]\r\n";
}
break;
case 'groupbuy':
$finalmsg .= "[b][size=3]" . b_lang("groupbuy_priceo") . "[/size]" . "[/b][size=3][color=Red]" . $data['groupbuypriceo'] . b_lang('rmb_yuan') . "[/color][/size] [size=3][b]" . b_lang('group_buyprice') . "[/b]" . "" . $data['groupbuyprice'] . b_lang('rmb_yuan') . "[/size] ";
$finalmsg .= "[size=3][b]" . b_lang("groupbuy_validity") . "[/b]" . date("Y-m-d", $data['validity_start']) . b_lang('validityto') . date("Y-m-d", $data['validity_end']) . " [url=" . $data['sourceurl'] . "#groupbyjoin" . "][color=Red]" . b_lang('groupbyjoin') . "[/color][/url][/size]\r\n";
$finalmsg .= "[size=3][b]" . b_lang("groupbuy_subjectimage") . "[/b][/size]\r\n[img]" . getattachurl($data['subjectimage']) . "[/img]\r\n\r\n";
$finalmsg .= "[size=3][b]" . b_lang('groupbuy_message') . "[/b][/size]\r\n[quote]" . bbs_bbcode(bbcode2html($data['message'])) . "[/quote]\r\n";
$finalmsg .= "[size=3][url=" . $data['sourceurl'] . "#groupbyjoin" . "][color=Red]" . b_lang('groupbyjoin') . "[/color][/url][/size]\r\n\r\n";
if ($relatedmsg = bbs_getrelatedinfo($mname, $data['itemid'], $_SGLOBAL['panelinfo']['itemid'])) {
$finalmsg .= "[align=left][size=3][b]" . b_lang('item_related') . "[/b][/size][/align]" . $relatedmsg . "\r\n";
}
$finalmsg .= "[align=left][size=3][b]" . b_lang('ownedshop') . "[/b][url=" . $data['shopurl'] . "]" . $data['shopname'] . "[/url][/size][/align]\r\n";
$finalmsg .= "[align=left][size=3][b]" . b_lang("groupbuy_cats") . "[/b]" . bbs_getitemcatids($data['catid'], $mname) . "[/size][/align]\r\n";
if ($attrmsg = bbs_getitemattr($data['catid'], $data['itemid'])) {
$finalmsg .= "[align=left][size=3][b]" . b_lang("good_attributes") . "[/b]" . $attrmsg . "[/size][/align]\r\n";
}
break;
case 'album':
$finalmsg .= "[size=3][b]" . b_lang("album_message") . "[/b][/size]" . $data['item']['subject'] . "\r\n\r\n";
$finalmsg .= "[size=3][b]" . b_lang("album_photolist") . "[/b][/size]\r\n\r\n";
if (!empty($data['photolist'])) {
foreach ($data['photolist'] as $photo) {
$finalmsg .= "[size=3]" . $photo['subject'] . "[/size]\r\n";
$finalmsg .= "[img]" . getattachurl($photo['subjectimage']) . "[/img]\r\n\r\n";
}
}
$finalmsg .= "[align=left][size=3][b]" . b_lang('ownedshop') . "[/b][url=" . $data['shopurl'] . "]" . $data['shopname'] . "[/url][/size][/align]\r\n";
$finalmsg .= "[align=left][size=3][b]" . b_lang("album_cats") . "[/b]" . bbs_getitemcatids($data['item']['catid'], $mname) . "[/size][/align]\r\n";
if ($attrmsg = bbs_getitemattr($data['catid'], $data['itemid'])) {
$finalmsg .= "[align=left][size=3][b]" . b_lang("good_attributes") . "[/b]" . $attrmsg . "[/size][/align]\r\n";
}
break;
default:
break;
}
$finalmsg .= "[size=3][b]" . b_lang('sourceurl') . "[/b][url=" . $data['sourceurl'] . "]" . $data['sourceurl'] . "[/url][/size]";
return $finalmsg;
}
$this->ajax_die($lang['FLOOD_ERROR']);
}
}
}
// Double Post Control
if (!empty($row['last_post_time']) && !IS_AM) {
$sql = "\n\t\t\t\tSELECT pt.post_text\n\t\t\t\tFROM " . BB_POSTS . " p, " . BB_POSTS_TEXT . " pt\n\t\t\t\tWHERE {$where_sql}\n\t\t\t\t\tAND p.post_time = " . (int) $row['last_post_time'] . "\n\t\t\t\t\tAND pt.post_id = p.post_id\n\t\t\t\tLIMIT 1\n\t\t\t";
if ($row = DB()->fetch_row($sql)) {
$last_msg = DB()->escape($row['post_text']);
if ($last_msg == $message) {
$this->ajax_die($lang['DOUBLE_POST_ERROR']);
}
}
}
if ($bb_cfg['max_smilies']) {
$count_smilies = substr_count(bbcode2html($message), '<img class="smile" src="' . $bb_cfg['smilies_path']);
if ($count_smilies > $bb_cfg['max_smilies']) {
$this->ajax_die(sprintf($lang['MAX_SMILIES_PER_POST'], $bb_cfg['max_smilies']));
}
}
DB()->sql_query("INSERT INTO " . BB_POSTS . " (topic_id, forum_id, poster_id, post_time, poster_ip) VALUES ({$topic_id}, " . $post['forum_id'] . ", " . $userdata['user_id'] . ", '" . TIMENOW . "', '" . USER_IP . "')");
$post_id = DB()->sql_nextid();
DB()->sql_query("INSERT INTO " . BB_POSTS_TEXT . " (post_id, post_text) VALUES ({$post_id}, '" . DB()->escape($message) . "')");
update_post_stats('reply', $post, $post['forum_id'], $topic_id, $post_id, $userdata['user_id']);
$s_message = str_replace('\\n', "\n", $message);
$s_topic_title = str_replace('\\n', "\n", $post['topic_title']);
add_search_words($post_id, stripslashes($s_message), stripslashes($s_topic_title));
update_post_html(array('post_id' => $post_id, 'post_text' => $message));
if ($bb_cfg['topic_notify_enabled']) {
$notify = !empty($this->request['notify']);
user_notification('reply', $post, $post['topic_title'], $post['forum_id'], $topic_id, $notify);
function showbasicfield($mname, $editvalue, $_SSCONFIG, $categorylist, $file = 'admin')
{
global $_G, $_SGLOBAL, $item;
//編輯頁面基本字段
$required = '<span style="color:red">*</span>';
pklabel(array('type' => 'input', 'other' => 'style="' . pktitlestyle($editvalue['styletitle']) . '"', 'alang' => $mname . '_subject', 'name' => 'subject', 'value' => $editvalue['subject'], 'required' => $required));
if ($mname == 'notice' || $mname == 'shop') {
showstyletitle($mname, substr($editvalue['styletitle'], 0, 7));
}
if (in_array($mname, array('good', 'album', 'consume', 'notice', 'groupbuy')) || pkperm('isadmin') && $mname == 'shop') {
if (pkperm('isadmin') && $mname == 'shop') {
$categorylist = getmodelcategory($mname);
showsetting('syncfid', 'syncfid', '' . (empty($editvalue['syncfid']) ? '' : $editvalue['syncfid']), 'text');
echo '<tr><td class="td27" colspan="2">' . lang('category_' . $mname) . '<span style="color:red">*</span></td></tr><tr><td colspan="2" class="vtop rowform" id="' . $showarr['name'] . 'div">';
echo InteractionCategoryMenu($categorylist, 'catid', $editvalue['catid'], 1);
echo '<span id="span_catid"></span></td></tr>';
} else {
$categorylist = mymodelcategory($mname);
echo '<tr><td class="td27" colspan="2">' . lang('category_' . $mname) . '<span style="color:red">*</span></td></tr><tr><td class="vtop rowform" id="catiddiv" colspan="2">';
echo InteractionCategoryMenu($categorylist, 'catid', $editvalue['catid'], 1);
echo '<span id="span_catid"></span></td></tr>';
}
if ($editvalue['attr_ids']) {
require_once B_ROOT . '/batch.attribute.php';
$itemattrupdate = getattributesettingsupdate($editvalue['catid'], $editvalue['attr_ids']);
} else {
$itemattrupdate = '';
}
echo '<tr><td colspan="2" style="border-top:none;"><div id="attributes">' . $itemattrupdate . '</div></td></tr>';
} elseif (!pkperm('isadmin') && $mname == 'shop') {
$categorylist = getmodelcategory($mname);
$editvalue['catid'] = $categorylist[$editvalue['catid']]['name'];
showsetting($mname . '_catid', 'catid', $editvalue['catid'], 'p');
}
if ($mname != 'consume') {
pklabel(array('type' => 'file', 'alang' => $mname . '_subjectimage', 'name' => 'subjectimage', 'value' => $editvalue['subjectimage'], 'fileurl' => A_URL . '/' . $editvalue['subjectimage']));
}
// 過期時間
if (in_array($mname, array('shop', 'good', 'consume', 'notice', 'groupbuy'))) {
if (empty($editvalue['validity_start'])) {
$editvalue['validity_start'] = date('Y-m-d', $_G['timestamp']);
} else {
$editvalue['validity_start'] = date('Y-m-d', $editvalue['validity_start']);
}
if (!pkperm('isadmin') && $_G['myshopstatus'] == 'verified' && $mname == 'shop') {
showsetting('validity_start', 'validity_start', $editvalue['validity_start'], 'p');
} else {
showsetting('validity_start', 'validity_start', $editvalue['validity_start'], 'calendar', '', 0, '', '', $value['required']);
}
if (empty($editvalue['validity_end'])) {
$editvalue['validity_end'] = mktime(0, 0, 0, date('m', $_G['timestamp']), date('d', $_G['timestamp']), date('Y', $_G['timestamp']) + 10);
if ($mname == 'consume') {
$editvalue['validity_end'] = mktime(0, 0, 0, date('m', $_G['timestamp']) + 10, date('d', $_G['timestamp']), date('Y', $_G['timestamp']));
}
}
$editvalue['validity_end'] = date('Y-m-d', $editvalue['validity_end']);
if (!pkperm('isadmin') && $_G['myshopstatus'] == 'verified' && $mname == 'shop') {
showsetting('validity_end', 'validity_end', $editvalue['validity_end'], 'p');
} else {
showsetting('validity_end', 'validity_end', $editvalue['validity_end'], 'calendar', '', 0, '', '', $value['required']);
}
}
if ($mname == 'consume') {
pklabel(array('type' => 'textarea', 'alang' => 'consume_message', 'name' => 'message', 'value' => $editvalue['message']));
pklabel(array('type' => 'textarea', 'alang' => 'consume_exception', 'name' => 'exception', 'value' => $editvalue['exception']));
if ($_G['setting']['allowcreateimg']) {
$createimgradio = array(0, lang('createimg'), array('createimg' => '', 'uploadimg' => 'none'));
}
if ($_SGLOBAL['panelinfo']['group']['consumemaker'] == 1 || ckfounder($_G['uid'])) {
$uploadimgradio = array(1, lang('uploadimg'), array('createimg' => 'none', 'uploadimg' => ''));
}
if (!empty($createimgradio) || !empty($uploadimgradio)) {
showconsumemaker(array($uploadimgradio, $createimgradio), $file);
}
}
/* 顯示商品描述 */
if ($mname == 'good') {
pklabel(array('type' => 'textarea', 'alang' => 'good_intro', 'name' => 'intro', 'value' => $editvalue['intro']));
}
if (pkperm('isadmin') && $mname != 'shop') {
/*
if($_GET['action'] == 'add') {
showtablerow('', 'colspan="2" class="td27"', lang($mname.'_shopid').$required);
showtablerow('class="noborder"', array('class="vtop rowform"', 'class="vtop tips2"'), array(
show_cat_shop_linkarea(),
lang($mname.'_shopid_comment')
));
} elseif($_GET['action'] == 'edit') {
showhiddenfields(array('shopid' => $editvalue['shopid']));
}*/
} elseif ($mname != 'shop') {
showhiddenfields(array('shopid' => $editvalue['shopid']));
} else {
pkregion(array('alang' => $mname . '_region', 'name' => 'region', 'options' => getmodelcategory('region'), 'value' => $editvalue['region'], 'required' => $required));
}
if ($mname == 'shop') {
pklabel(array('type' => 'input', 'alang' => 'global_seokeywords', 'name' => 'keywords', 'value' => $editvalue['keywords']));
pklabel(array('type' => 'textarea', 'alang' => 'global_seodescription', 'name' => 'description', 'value' => $editvalue['description']));
pklabel(array('type' => 'textarea', 'alang' => $mname . '_message', 'name' => 'message', 'value' => $editvalue['message']));
pklabel(array('type' => 'input', 'alang' => 'shop_letter', 'name' => 'letter', 'value' => $editvalue['letter']));
} elseif ($mname == 'good' || $mname == 'notice' || $mname == 'groupbuy') {
$editvalue['message'] = bbcode2html($editvalue['message']);
pklabel(array('type' => 'edit', 'alang' => $mname . '_message', 'name' => 'message', 'value' => $editvalue['message']));
}
/*
if($editvalue['grade'] > 1) {
showsetting($mname.'_onshow', array('grade', array(
array(3, lang($mname.'_onshow_true')),
array(2, lang($mname.'_onshow_false'))
)), $editvalue['grade'], 'select', '', 0, '', '', $required);
}*/
}
<?php
/**
* [品牌空間] (C)2001-2010 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: groupbuy.inc.php 4373 2010-09-08 08:27:09Z yumiao $
*/
if (!defined('IN_BRAND')) {
exit('Access Denied');
}
$_g_xid = intval($_GET['xid']);
$_g_uid = intval($_GET['uid']);
if ($_REQUEST['id'] && $_REQUEST['xid']) {
$groupbuy = $_BCACHE->getiteminfo('groupbuy', $_REQUEST['xid'], $_REQUEST['id']);
$groupbuy['message'] = bbcode2html($groupbuy['message']);
if (!$groupbuy) {
showmessage('not_found_msg', 'index.php');
}
}
if (!empty($_GET['do'])) {
if (!in_array($_GET['do'], array('markdelstatus', 'marknormalstatus', 'groupbuy_attend_detail'))) {
showmessage('system_error', '', 'error');
} else {
if (!ckfounder($_G['uid']) && !array_key_exists($_REQUEST['id'], $_G['myshopsarr'])) {
showmessage('no_perm', "store.php?id=" . $_GET['id'] . "&action=groupbuy&xid=" . $_g_xid);
}
}
}
if (submitcheck('submitgroupbuyjoin')) {
@(include_once B_ROOT . './uc_client/client.php');
<?php
define('BB_SCRIPT', 'terms');
define('BB_ROOT', './');
require BB_ROOT . 'common.php';
require INC_DIR . 'bbcode.php';
// Start session management
$user->session_start();
if (!$bb_cfg['terms'] && !IS_ADMIN) {
redirect('index.php');
}
$template->assign_vars(array('TERMS_EDIT' => bbcode2html(sprintf($lang['TERMS_EMPTY_TEXT'], $domain_name)), 'TERMS_HTML' => bbcode2html($bb_cfg['terms'])));
print_page('terms.tpl');
/**
* Filter content according to a filter.
*
* @param $data string of text to filter and format according its filter settings.
* @returns string with the filtered data.
*/
public static function Filter($data, $filter)
{
switch ($filter) {
/*
case 'php': $data = nl2br(makeClickable(eval('?>'.$data))); break;
case 'html': $data = nl2br(makeClickable($data)); break;*/
case 'htmlpurify':
$data = nl2br(CHTMLPurifier::Purify($data));
break;
case 'bbcode':
$data = nl2br(bbcode2html(htmlEnt($data)));
break;
case 'plain':
default:
$data = nl2br(makeClickable(htmlEnt($data)));
break;
}
return $data;
}
$email = '';
}
//
// Generate page
//
$profile_user_id = $profiledata['user_id'] == $userdata['user_id'];
$signature = $bb_cfg['allow_sig'] && $profiledata['user_sig'] ? $profiledata['user_sig'] : '';
if (bf($profiledata['user_opt'], 'user_opt', 'dis_sig')) {
if ($profile_user_id) {
$signature = $lang['SIGNATURE_DISABLE'];
} else {
$signature = '';
}
} else {
if ($signature) {
$signature = bbcode2html($signature);
}
}
$template->assign_vars(array('PAGE_TITLE' => sprintf($lang['VIEWING_USER_PROFILE'], $profiledata['username']), 'USERNAME' => $profiledata['username'], 'PROFILE_USER_ID' => $profiledata['user_id'], 'PROFILE_USER' => $profile_user_id, 'USER_REGDATE' => bb_date($profiledata['user_regdate'], 'Y-m-d H:i', false), 'POSTER_RANK' => $poster_rank ? "<span class=\"{$rank_style}\">" . $poster_rank . "</span>" : $lang['USER'], 'RANK_IMAGE' => $rank_image, 'RANK_SELECT' => $rank_select, 'POSTS' => $profiledata['user_posts'], 'PM' => '<a href="' . PM_URL . '?mode=post&' . POST_USERS_URL . '=' . $profiledata['user_id'] . '">' . $lang['SEND_PRIVATE_MESSAGE'] . '</a>', 'EMAIL' => $email, 'WWW' => $profiledata['user_website'], 'ICQ' => $profiledata['user_icq'], 'LAST_VISIT_TIME' => $profiledata['user_lastvisit'] ? bf($profiledata['user_opt'], 'user_opt', 'user_viewonline') && !IS_ADMIN ? $lang['HIDDEN_USER'] : bb_date($profiledata['user_lastvisit'], 'Y-m-d H:i', false) : $lang['NEVER'], 'LAST_ACTIVITY_TIME' => $profiledata['user_session_time'] ? bf($profiledata['user_opt'], 'user_opt', 'user_viewonline') && !IS_ADMIN ? $lang['HIDDEN_USER'] : bb_date($profiledata['user_session_time'], 'Y-m-d H:i', false) : $lang['NEVER'], 'USER_ACTIVE' => $profiledata['user_active'], 'LOCATION' => $profiledata['user_from'], 'OCCUPATION' => $profiledata['user_occ'], 'INTERESTS' => $profiledata['user_interests'], 'SKYPE' => $profiledata['user_skype'], 'TWITTER' => $profiledata['user_twitter'], 'USER_POINTS' => $profiledata['user_points'], 'GENDER' => $bb_cfg['gender'] ? $lang['GENDER_SELECT'][$profiledata['user_gender']] : '', 'BIRTHDAY' => $bb_cfg['birthday_enabled'] && $profiledata['user_birthday'] != '0000-00-00' ? $profiledata['user_birthday'] : '', 'AGE' => $bb_cfg['birthday_enabled'] && $profiledata['user_birthday'] != '0000-00-00' ? birthday_age($profiledata['user_birthday']) : '', 'L_VIEWING_PROFILE' => sprintf($lang['VIEWING_USER_PROFILE'], $profiledata['username']), 'L_MY_PROFILE' => sprintf($lang['VIEWING_MY_PROFILE'], 'profile.php?mode=editprofile'), 'U_SEARCH_USER' => "search.php?search_author=1&uid={$profiledata['user_id']}", 'U_SEARCH_TOPICS' => "search.php?uid={$profiledata['user_id']}&myt=1", 'U_SEARCH_RELEASES' => "tracker.php?rid={$profiledata['user_id']}#results", 'AVATAR_IMG' => get_avatar($profiledata['user_id'], $profiledata['avatar_ext_id'], !bf($profiledata['user_opt'], 'user_opt', 'dis_avatar')), 'SIGNATURE' => $signature, 'SHOW_PASSKEY' => IS_ADMIN || $profile_user_id, 'SHOW_ROLE' => IS_AM || $profile_user_id || $profiledata['user_active'], 'GROUP_MEMBERSHIP' => false, 'TRAF_STATS' => !(IS_AM || $profile_user_id)));
if (IS_ADMIN) {
$group_membership = array();
$sql = "\n\t\tSELECT COUNT(g.group_id) AS groups_cnt, g.group_single_user, ug.user_pending\n\t\tFROM " . BB_USER_GROUP . " ug\n\t\tLEFT JOIN " . BB_GROUPS . " g USING(group_id)\n\t\tWHERE ug.user_id = {$profiledata['user_id']}\n\t\tGROUP BY ug.user_id, g.group_single_user, ug.user_pending\n\t\tORDER BY NULL\n\t";
if ($rowset = DB()->fetch_rowset($sql)) {
$member = $pending = $single = 0;
foreach ($rowset as $row) {
if (!$row['group_single_user'] && !$row['user_pending']) {
$member = $row['groups_cnt'];
} else {
if (!$row['group_single_user'] && $row['user_pending']) {
$pending = $row['groups_cnt'];
} else {
//
// Has admin prevented user from sending PM's?
//
if (bf($userdata['user_opt'], 'user_opt', 'dis_pm') && $mode != 'edit') {
$message = $lang['CANNOT_SEND_PRIVMSG'];
}
//
// Start output, first preview, then errors then post form
//
$page_title = $lang['SEND_PRIVATE_MESSAGE'];
if ($preview && !$error) {
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
$preview_message = htmlCHR($privmsg_message, false, ENT_NOQUOTES);
$preview_message = bbcode2html($privmsg_message);
if (count($orig_word)) {
$preview_subject = preg_replace($orig_word, $replacement_word, $privmsg_subject);
$preview_message = preg_replace($orig_word, $replacement_word, $preview_message);
} else {
$preview_subject = $privmsg_subject;
}
$s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />';
$s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
if (isset($privmsg_id)) {
$s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $privmsg_id . '" />';
}
$template->assign_vars(array('TPL_PREVIEW_POST' => true, 'TOPIC_TITLE' => wbr($preview_subject), 'POST_SUBJECT' => $preview_subject, 'MESSAGE_TO' => $to_username, 'MESSAGE_FROM' => $userdata['username'], 'POST_DATE' => bb_date(TIMENOW), 'PREVIEW_MSG' => $preview_message, 'S_HIDDEN_FIELDS' => $s_hidden_fields));
}
//
// Start error handling
$loop = array();
if (!empty($totalrows)) {
if ($o >= $totalrows) {
$o = $totalrows - $r;
$o = $o >= 0 ? $o : 0;
}
$query = "SELECT `mtpl_id`,`subject`,`message_body` FROM {$from} WHERE {$where} LIMIT {$o},{$r}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($rsrow = mysql_fetch_assoc($res)) {
// no need to sanitize
// $rsrow['subject']=sanitize_and_format($rsrow['subject'],TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]);
// $rsrow['message_body']=sanitize_and_format($rsrow['message_body'],TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]);
if ($config['bbcode_message']) {
$rsrow['message_body'] = bbcode2html($rsrow['message_body']);
}
$loop[] = $rsrow;
}
$output['pager2'] = pager($totalrows, $o, $r);
}
$output['return2me'] = 'my_responses.php';
if (!empty($_SERVER['QUERY_STRING'])) {
$output['return2me'] .= '?' . $_SERVER['QUERY_STRING'];
}
$output['return2me'] = rawurlencode($output['return2me']);
$tpl->set_file('content', 'my_responses.html');
$tpl->set_var('output', $output);
$tpl->set_loop('loop', $loop);
$tpl->process('content', 'content', TPL_LOOP | TPL_NOLOOP);
$tpl->drop_loop('loop');
function bbcodeout($text)
{
echo bbcode2html($text);
}
<?php
if (!empty($setmodules)) {
$module['GENERAL']['TERMS'] = basename(__FILE__);
return;
}
require './pagestart.php';
require INC_DIR . 'bbcode.php';
if (isset($_POST['post']) && $bb_cfg['terms'] != $_POST['message']) {
bb_update_config(array('terms' => $_POST['message']));
bb_die($lang['CONFIG_UPDATED']);
}
$template->assign_vars(array('S_ACTION' => 'admin_terms.php', 'EXT_LINK_NW' => $bb_cfg['ext_link_new_win'], 'MESSAGE' => $bb_cfg['terms'] ? $bb_cfg['terms'] : '', 'PREVIEW_HTML' => isset($_REQUEST['preview']) ? bbcode2html($_POST['message']) : ''));
print_page('admin_terms.tpl', 'admin');
// Предупреждение
$mc_class = 'warning';
break;
case 4:
// Нарушение
$mc_class = 'danger';
break;
default:
$mc_class = '';
break;
}
$mc_select_type = array();
foreach ($lang['MC_COMMENT'] as $key => $value) {
$mc_select_type[$key] = $value['type'];
}
$template->assign_block_vars('postrow', array('ROW_CLASS' => !($i % 2) ? 'row1' : 'row2', 'POST_ID' => $post_id, 'IS_NEWEST' => $post_id == $newest, 'POSTER_NAME' => profile_url(array('username' => $poster, 'user_rank' => $user_rank)), 'POSTER_NAME_JS' => addslashes($poster), 'POSTER_RANK' => $poster_rank, 'RANK_IMAGE' => $rank_image, 'POSTER_JOINED' => $bb_cfg['show_poster_joined'] ? $poster_longevity : '', 'POSTER_JOINED_DATE' => $poster_joined, 'POSTER_POSTS' => $bb_cfg['show_poster_posts'] ? $poster_posts : '', 'POSTER_FROM' => $bb_cfg['show_poster_from'] ? wbr($poster_from) : '', 'POSTER_BOT' => $poster_id == BOT_UID, 'POSTER_ID' => $poster_id, 'POSTER_AUTHOR' => $poster_id == $t_data['topic_poster'], 'POSTER_GENDER' => $bb_cfg['gender'] ? gender_image($postrow[$i]['user_gender']) : '', 'POSTED_AFTER' => $prev_post_time ? delta_time($postrow[$i]['post_time'], $prev_post_time) : '', 'IS_UNREAD' => is_unread($postrow[$i]['post_time'], $topic_id, $forum_id), 'IS_FIRST_POST' => !$start && $post_id == $t_data['topic_first_post_id'], 'MOD_CHECKBOX' => $moderation && ($start || defined('SPLIT_FORM_START')), 'POSTER_AVATAR' => $poster_avatar, 'POST_NUMBER' => $i + $start + 1, 'POST_DATE' => $post_date, 'MESSAGE' => $message, 'SIGNATURE' => $user_sig, 'EDITED_MESSAGE' => $l_edited_by, 'PM' => $pm_btn, 'PROFILE' => $profile_btn, 'QUOTE' => $quote_btn, 'EDIT' => $edit_btn, 'DELETE' => $delpost_btn, 'IP' => $ip_btn, 'POSTER_BIRTHDAY' => $bb_cfg['birthday_enabled'] && $this_date == $poster_birthday ? '<img src="' . $images['icon_birthday'] . '" alt="" title="' . $lang['HAPPY_BIRTHDAY'] . '" border="0" />' : '', 'MC_COMMENT' => $mc_type ? bbcode2html($mc_comment) : '', 'MC_BBCODE' => $mc_type ? $mc_comment : '', 'MC_CLASS' => $mc_class, 'MC_TITLE' => sprintf($lang['MC_COMMENT'][$mc_type]['title'], $mc_user_id), 'MC_SELECT_TYPE' => build_select("mc_type_{$post_id}", array_flip($mc_select_type), $mc_type), 'RG_AVATAR' => $rg_avatar, 'RG_NAME' => $rg_name, 'RG_URL' => GROUP_URL . $rg_id, 'RG_FIND_URL' => 'tracker.php?srg=' . $rg_id, 'RG_SIG' => $rg_signature, 'RG_SIG_ATTACH' => $postrow[$i]['attach_rg_sig']));
if ($postrow[$i]['post_attachment'] && $is_auth['auth_download'] && function_exists('display_post_attachments')) {
display_post_attachments($post_id, $postrow[$i]['post_attachment']);
}
if ($moderation && !defined('SPLIT_FORM_START') && ($start || $post_id == $t_data['topic_first_post_id'])) {
define('SPLIT_FORM_START', TRUE);
}
if ($poster_id != BOT_UID) {
$prev_post_time = $postrow[$i]['post_time'];
}
}
set_tracks(COOKIE_TOPIC, $tracking_topics, $topic_id, $max_post_time);
if (defined('SPLIT_FORM_START')) {
$template->assign_vars(array('SPLIT_FORM' => true, 'START' => $start, 'S_SPLIT_ACTION' => "modcp.php", 'POST_FORUM_URL' => POST_FORUM_URL, 'POST_TOPIC_URL' => POST_TOPIC_URL));
}
// Quick Reply
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$totalrows = mysql_result($res, 0, 0);
$loop = array();
if (!empty($totalrows)) {
if ($o >= $totalrows) {
$o = $totalrows - $r;
$o = $o >= 0 ? $o : 0;
}
$query = "SELECT `flirt_id`,`flirt_text`,`flirt_type` FROM {$from} WHERE {$where} LIMIT {$o},{$r}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($rsrow = mysql_fetch_assoc($res)) {
$rsrow['flirt_text'] = bbcode2html($rsrow['flirt_text']);
$loop[] = $rsrow;
}
$output['pager2'] = pager($totalrows, $o, $r);
}
$output['return2me'] = 'flirts.php';
if (!empty($_SERVER['QUERY_STRING'])) {
$output['return2me'] .= '?' . $_SERVER['QUERY_STRING'];
}
$output['return2me'] = rawurlencode($output['return2me']);
$tpl->set_file('content', 'flirts.html');
$tpl->set_loop('loop', $loop);
$tpl->set_var('output', $output);
$tpl->process('content', 'content', TPL_LOOP | TPL_NOLOOP);
$tpl->drop_loop('loop');
$tpl->drop_var('output.pager2');
// $output['message_body']=sanitize_and_format($output['message_body'],TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]);
check_login_member('message_read');
$output['message_body'] = nl2br($output['message_body']);
break;
case MESS_FLIRT:
check_login_member('flirt_read');
break;
case MESS_SYSTEM:
// check_login_member('auth'); this check was made at the begining
if (empty($output['_user_other'])) {
$output['_user_other'] = $GLOBALS['_lang'][135];
}
$tpl->set_var('spam_controls', false);
break;
}
$output['message_body'] = text2smilies(bbcode2html($output['message_body']));
if (empty($output['photo'])) {
$output['photo'] = 'no_photo.gif';
}
if (empty($output['other_id'])) {
unset($output['other_id']);
} else {
require _BASEPATH_ . '/includes/network_functions.inc.php';
if (is_network_member($_SESSION[_LICENSE_KEY_]['user']['user_id'], $output['other_id'], NET_BLOCK)) {
$output['is_blocked'] = true;
}
$output['net_block'] = NET_BLOCK;
}
$output['mailbox_name'] = $my_folders[$output['fid']];
$output['return2me'] = 'message_read.php';
if (!empty($_SERVER['QUERY_STRING'])) {
}
}
// Add the moderator
$username = $group_moderator['username'];
$user_id = $group_moderator['user_id'];
generate_user_info($group_moderator, $bb_cfg['default_dateformat'], $is_moderator, $from, $posts, $joined, $pm, $email, $www, $user_time, $avatar);
$group_type = '';
if ($group_info['group_type'] == GROUP_OPEN) {
$group_type = $lang['GROUP_OPEN'];
} elseif ($group_info['group_type'] == GROUP_CLOSED) {
$group_type = $lang['GROUP_CLOSED'];
} elseif ($group_info['group_type'] == GROUP_HIDDEN) {
$group_type = $lang['GROUP_HIDDEN'];
}
$i = 0;
$template->assign_vars(array('ROW_NUMBER' => $i + ($start + 1), 'GROUP_INFO' => true, 'PAGE_TITLE' => $lang['GROUP_CONTROL_PANEL'], 'GROUP_NAME' => htmlCHR($group_info['group_name']), 'GROUP_DESCRIPTION' => bbcode2html($group_info['group_description']), 'GROUP_SIGNATURE' => bbcode2html($group_info['group_signature']), 'GROUP_AVATAR' => get_avatar(GROUP_AVATAR_MASK . $group_id, $group_info['avatar_ext_id'], true), 'GROUP_DETAILS' => $group_details, 'GROUP_TIME' => !empty($group_info['group_time']) ? sprintf('%s <span class="posted_since">(%s)</span>', bb_date($group_info['group_time']), delta_time($group_info['group_time'])) : $lang['NONE'], 'MOD_USER' => profile_url($group_moderator), 'MOD_AVATAR' => $avatar, 'MOD_FROM' => $from, 'MOD_JOINED' => $joined, 'MOD_POSTS' => $posts, 'MOD_PM' => $pm, 'MOD_EMAIL' => $email, 'MOD_WWW' => $www, 'MOD_TIME' => !empty($group_info['mod_time']) ? bb_date($group_info['mod_time']) : $lang['NONE'], 'U_SEARCH_USER' => "search.php?mode=searchuser", 'U_SEARCH_RELEASES' => "tracker.php?srg={$group_id}", 'U_GROUP_RELEASES' => "group.php?view=releases&" . POST_GROUPS_URL . "={$group_id}", 'U_GROUP_MEMBERS' => "group.php?view=members&" . POST_GROUPS_URL . "={$group_id}", 'U_GROUP_CONFIG' => "group_edit.php?g={$group_id}", 'RELEASE_GROUP' => $group_info['release_group'] ? true : false, 'GROUP_TYPE' => $group_type, 'S_GROUP_OPEN_TYPE' => GROUP_OPEN, 'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED, 'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN, 'S_GROUP_OPEN_CHECKED' => $group_info['group_type'] == GROUP_OPEN ? ' checked="checked"' : '', 'S_GROUP_CLOSED_CHECKED' => $group_info['group_type'] == GROUP_CLOSED ? ' checked="checked"' : '', 'S_GROUP_HIDDEN_CHECKED' => $group_info['group_type'] == GROUP_HIDDEN ? ' checked="checked"' : '', 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_MODE_SELECT' => $select_sort_mode, 'S_ORDER_SELECT' => $select_sort_order, 'S_GROUP_ACTION' => "group.php?" . POST_GROUPS_URL . "={$group_id}"));
switch ($view_mode) {
case 'releases':
// TODO Correct SQL to posts with attach and limit them, optimization
if (!$group_info['release_group']) {
set_die_append_msg(false, false, $group_id);
bb_die($lang['NOT_A_RELEASE_GROUP']);
}
// Count releases for pagination
$all_releases = DB()->fetch_rowset("\n\t\t\t\tSELECT p.topic_id, p.forum_id, p.poster_id, t.topic_title, t.topic_time, f.forum_name, u.username, u.avatar_ext_id, u.user_opt, u.user_rank\n\t\t\t\tFROM " . BB_POSTS . " p\n\t\t\t\tLEFT JOIN " . BB_TOPICS . " t ON(p.topic_id = t.topic_id)\n\t\t\t\tLEFT JOIN " . BB_FORUMS . " f ON(p.forum_id= f.forum_id)\n\t\t\t\tLEFT JOIN " . BB_USERS . " u ON(p.poster_id = u.user_id)\n\t\t\t\tWHERE p.poster_rg_id = {$group_id}\n\t\t\t\tORDER BY t.topic_time DESC\n\t\t\t\tLIMIT {$rel_limit}\n\t\t\t");
$count_releases = count($all_releases);
generate_pagination(GROUP_URL . $group_id . "&view=releases", $count_releases, $per_page, $start);
$sql = "\n\t\t\t\tSELECT p.topic_id, p.forum_id, p.poster_id, t.topic_title, t.topic_time, f.forum_name, u.username, u.avatar_ext_id, u.user_opt, u.user_rank\n\t\t\t\tFROM " . BB_POSTS . " p\n\t\t\t\tLEFT JOIN " . BB_TOPICS . " t ON(p.topic_id = t.topic_id)\n\t\t\t\tLEFT JOIN " . BB_FORUMS . " f ON(p.forum_id= f.forum_id)\n\t\t\t\tLEFT JOIN " . BB_USERS . " u ON(p.poster_id = u.user_id)\n\t\t\t\tWHERE p.poster_rg_id = {$group_id}\n\t\t\t\tORDER BY t.topic_time DESC\n\t\t\t\tLIMIT {$start}, {$per_page}\n\t\t\t";
if (!($releases = DB()->fetch_rowset($sql))) {
set_die_append_msg(false, false, $group_id);
bb_die($lang['NO_SEARCH_MATCH']);
$output = array_merge($output, mysql_fetch_assoc($res));
$output['date_sent'] = strftime($config['datetime_format'], $output['date_sent'] + $config['time_offset']);
// no need to sanitize
// $output['subject']=sanitize_and_format($output['subject'],TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]);
switch ($output['message_type']) {
case MESS_MESS:
// no need to sanitize
// $output['message_body']=sanitize_and_format($output['message_body'],TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]);
break;
case MESS_FLIRT:
break;
case MESS_SYSTEM:
if (empty($output['_user_other'])) {
$output['_user_other'] = 'SYSTEM';
// translate
}
break;
}
$output['message_body'] = text2smilies(bbcode2html($output['message_body']));
if ($output['message_type'] == MESS_SYSTEM || empty($output['fk_user_id_other'])) {
unset($output['fk_user_id_other']);
}
}
$output['message_body'] = bbcode2html($output['message_body']);
$tpl->set_file('content', 'user_message_read.html');
$tpl->set_var('output', $output);
$tpl->process('content', 'content', TPL_OPTIONAL);
}
$tplvars['title'] = 'Read User Message';
$tplvars['page'] = 'user_message_read';
include 'frame.php';
