//Getting Current User ID if (!($userID = buckys_is_logged_in())) { buckys_redirect('/index.php', MSG_NOT_LOGGED_IN_USER, MSG_TYPE_ERROR); } $type = isset($_REQUEST['type']) ? $_REQUEST['type'] : ''; if (!in_array($type, ['all', 'pending', 'requested'])) { $type = 'all'; } if (isset($_REQUEST['action'])) { $return = isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/myfriends.php?type=' . $type; $isAjax = isset($_REQUEST['buckys_ajax']) ? true : false; if ($isAjax) { header('Content-type: application/xml'); } $friendID = buckys_escape_query_integer($_REQUEST['friendID']); if (!buckys_check_form_token('request')) { if ($isAjax) { $resultXML = ['status' => 'error', 'message' => MSG_INVALID_REQUEST]; render_result_xml($resultXML); } else { buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } exit; } if ($_REQUEST['action'] == 'unfriend') { if (BuckysFriend::unfriend($userID, $friendID)) { if ($isAjax) { $resultXML = ['status' => 'success', 'message' => MSG_FRIEND_REMOVED, 'html' => 'Send Friend Request', 'action' => 'unfriend', 'link' => '/myfriends.php?action=request&friendID=' . $friendID . buckys_get_token_param()]; render_result_xml($resultXML); } else { buckys_redirect($return, MSG_FRIEND_REMOVED);
<?php require dirname(__FILE__) . '/includes/bootstrap.php'; //Getting Current User ID if (!buckys_check_user_acl(USER_ACL_MODERATOR)) { buckys_redirect('/index.php', MSG_PERMISSION_DENIED, MSG_TYPE_ERROR); } $classAds = new BuckysAds(); if (isset($_REQUEST['action'])) { if (!buckys_check_form_token()) { buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } if ($_REQUEST['action'] == 'reject-ads') { $classAds->rejectAds($_REQUEST['adID']); buckys_redirect('/manage_ads.php', MSG_AD_ADS_REJECTED); } else { if ($_REQUEST['action'] == 'approve-ads') { $classAds->approveAds($_REQUEST['adID']); buckys_redirect('/manage_ads.php', MSG_AD_ADS_APPROVED); } } } $page = isset($_GET['page']) ? $_GET['page'] : 1; $totalCount = $classAds->getPendingAdsCount(); //Init Pagination Class $pagination = new Pagination($totalCount, BuckysAds::$COUNT_PER_PAGE, $page); $page = $pagination->getCurrentPage(); $objects = $classAds->getPendingAds($page, BuckysAds::$COUNT_PER_PAGE); buckys_enqueue_javascript('manage_ads.js'); buckys_enqueue_stylesheet('account.css'); buckys_enqueue_stylesheet('moderator.css');
/** * Create New Message * * @param mixed $data * @return bool */ public static function composeMessage($data) { global $db; if (!buckys_check_form_token()) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } $receivers = $data['to']; if (!buckys_not_null($receivers)) { buckys_add_message(MSG_SENDER_EMPTY_ERROR, MSG_TYPE_ERROR); return false; } if (trim($data['subject']) == '') { buckys_add_message(MSG_MESSAGE_SUBJECT_EMPTY_ERROR, MSG_TYPE_ERROR); return false; } if (trim($data['body']) == '') { buckys_add_message(MSG_MESSAGE_BODY_EMPTY_ERROR, MSG_TYPE_ERROR); return false; } $createdDate = date("Y-m-d H:i:s"); if (!is_array($receivers)) { $receivers = [$receivers]; } //Remove Duplicated Messages $receivers = array_unique($receivers); $nonFriend = []; $sents = []; $errors = []; $isError = false; foreach ($receivers as $receiver) { //Create A message row for Sender $sender = $data['userID']; $receiverInfo = BuckysUser::getUserBasicInfo($receiver); //confirm that current user and receiver is friend /*if(!BuckysFriend::isFriend($receiver, $sender)) { $nonFriend[] = $receiverInfo['firstName'] . " " . $receiverInfo['lastName']; $isError = true; continue; }*/ $insertData = ['userID' => $sender, 'sender' => $sender, 'receiver' => $receiver, 'subject' => $data['subject'], 'body' => $data['body'], 'status' => 'read', 'created_date' => $createdDate]; $newId1 = $db->insertFromArray(TABLE_MESSAGES, $insertData); //Create A message row for receiver $sender = $data['userID']; $insertData = ['userID' => $receiver, 'sender' => $sender, 'receiver' => $receiver, 'subject' => $data['subject'], 'body' => $data['body'], 'status' => 'unread', 'created_date' => $createdDate]; $newId2 = $db->insertFromArray(TABLE_MESSAGES, $insertData); $sents[] = $receiverInfo['firstName'] . ' ' . $receiverInfo['lastName']; } if (count($sents) > 0) { buckys_add_message(MSG_NEW_MESSAGE_SENT, MSG_TYPE_SUCCESS); } if (count($nonFriend) > 0) { if (count($nonFriend) > 1) { $msg = sprintf(MSG_COMPOSE_MESSAGE_ERROR_TO_NON_FRIENDS, implode(", ", $nonFriend)); } else { $msg = sprintf(MSG_COMPOSE_MESSAGE_ERROR_TO_NON_FRIEND, $nonFriend[0]); } buckys_add_message($msg, MSG_TYPE_ERROR); } return !$isError; }
/** * Like Post * * @param int $userID * @param int $postID * @param $action * @param bool $checkToken * @return bool|int|null|string */ public static function likePost($userID, $postID, $action, $checkToken = true) { global $db; $post = BuckysPost::getPostById($postID); if ($checkToken && !buckys_check_form_token('request')) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } if (!$post || $post['poster'] == $userID) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } if ($post['visibility'] == 0 && !BuckysFriend::isFriend($userID, $post['poster'])) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } if (!BuckysUsersDailyActivity::checkUserDailyLimit($userID, 'likes')) { buckys_add_message(sprintf(MSG_DAILY_LIKES_LIMIT_EXCEED_ERROR, USER_DAILY_LIMIT_LIKES), MSG_TYPE_ERROR); return false; } //Check already like it or not $query = $db->prepare("SELECT likeID FROM " . TABLE_POSTS_LIKES . " WHERE userID=%s AND postID=%s", $userID, $postID); $likeId = $db->getVar($query); if ($action == 'likePost') { if ($likeId) { buckys_add_message(MSG_ALREADY_LIKED_POST, MSG_TYPE_ERROR); return false; } BuckysUsersDailyActivity::addLikes($userID); //Like This post $rs = $db->insertFromArray(TABLE_POSTS_LIKES, ['userID' => $userID, 'postID' => $postID]); //Update likes on the posts table $query = $db->prepare('UPDATE ' . TABLE_POSTS . ' SET `likes`=`likes` + 1 WHERE postID=%d', $postID); $db->query($query); //Add Activity $activityId = BuckysActivity::addActivity($userID, $postID, 'post', 'like', $rs); //Add Notification BuckysActivity::addNotification($post['poster'], $activityId, BuckysActivity::NOTIFICATION_TYPE_LIKE_POST); //Increase Hits BuckysHit::addHit($postID, $userID); //Update User Stats BuckysUser::updateStats($post['poster'], 'likes', 1); return $rs; } else { if ($action == 'unlikePost') { if (!$likeId) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } BuckysUsersDailyActivity::addLikes($userID); $query = $db->prepare("DELETE FROM " . TABLE_POSTS_LIKES . " WHERE userID=%s AND postID=%s", $userID, $postID); $db->query($query); //Update likes on the posts table $query = $db->prepare('UPDATE ' . TABLE_POSTS . ' SET `likes`=`likes` - 1 WHERE postID=%d', $postID); $db->query($query); //Increase Hits BuckysHit::removeHit($postID, $userID); //Update User Stats BuckysUser::updateStats($post['poster'], 'likes', -1); return true; } } }
<?php require dirname(__FILE__) . '/includes/bootstrap.php'; if (!buckys_check_form_token('get')) { header("HTTP/1.0 404 Not Found"); exit; } $adKey = $_GET['key']; $url = base64_decode($_GET['url']); //Increase clicks $query = $db->prepare("UPDATE " . TABLE_ADS . " SET `clicks`=`clicks` + 1 WHERE `adKey`=%s", $adKey); $db->query($query); header("Location: " . $url);
<?php require dirname(dirname(__FILE__)) . '/includes/bootstrap.php'; $categoryID = isset($_GET['id']) ? $_GET['id'] : 0; if (isset($_REQUEST['action'])) { if ($_REQUEST['action'] == 'follow' || $_REQUEST['action'] == 'unfollow') { if (!($userID = buckys_is_logged_in()) && buckys_check_form_token('request')) { buckys_redirect(isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum', MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } $category = BuckysForumCategory::getCategory($categoryID); if (!$category || $_REQUEST['action'] == 'follow' && BuckysForumFollower::isFollow($category['categoryID'], $userID) || $_REQUEST['action'] == 'unfollow' && !BuckysForumFollower::isFollow($category['categoryID'], $userID) || $category['creatorID'] == $userID) { buckys_redirect(isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum', MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } if ($_REQUEST['action'] == 'follow') { BuckysForumFollower::followForum($userID, $categoryID); buckys_add_message(MSG_FOLLOW_FORUM_SUCCESS); } else { BuckysForumFollower::unfollowForum($userID, $categoryID); buckys_add_message(MSG_UNFOLLOW_FORUM_SUCCESS); } buckys_redirect(isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum'); } } $category = BuckysForumCategory::getCategory($categoryID); if (!$category) { buckys_redirect('/forum'); } //Getting Topics by category id $page = isset($_GET['page']) ? $_GET['page'] : 1; $orderby = isset($_GET['orderby']) ? $_GET['orderby'] : 'recent'; switch ($orderby) {
header('Content-type: application/xml'); $commentsHTML = ''; foreach ($comments as $comment) { $commentsHTML .= render_single_comment($comment, $userID, true); $lastDate = $comment['posted_date']; } $result = ['comment' => $commentsHTML]; render_result_xml(['comment' => $commentsHTML, 'lastdate' => $lastDate, 'hasmore' => $commentsHTML != '' && BuckysComment::hasMoreComments($postID, $lastDate) ? 'yes' : 'no']); } } else { if ($_GET['action']) { //Delete Post if ($_GET['action'] == 'delete-comment') { if (!$userID) { echo MSG_INVALID_REQUEST; exit; } $postID = $_GET['postID']; $commentID = $_GET['commentID']; $cUserID = $_GET['userID']; if (!buckys_check_form_token('request') || !BuckysComment::deleteComment($userID, $commentID)) { echo 'Invalid Request'; } else { header('content-type: application/xml'); $newCount = BuckysComment::getPostCommentsCount($postID); render_result_xml(['commentcount' => $newCount > 1 ? $newCount . " comments" : $newCount . " comment"]); } exit; } } }