function getVideosAction()
{
$request = $_GET;
$videoClass = new BuckysVideo();
$categoryID = isset($request['cat']) ? buckys_escape_query_integer($request['cat']) : null;
$videoID = isset($request['video']) ? buckys_escape_query_integer($request['video']) : null;
$token = isset($request['TOKEN']) ? trim($request['TOKEN']) : null;
if (!$token) {
return ['STATUS_CODE' => STATUS_CODE_BAD_REQUEST, 'DATA' => ['STATUS' => 'ERROR', 'ERROR' => 'Api token should not be blank']];
}
if ($token != THENEWBOSTON_PUBLIC_API_KEY) {
return ['STATUS_CODE' => STATUS_CODE_UNAUTHORIZED, 'DATA' => ['STATUS' => 'ERROR', 'ERROR' => 'Api token is not valid.']];
}
$videos = $videoClass->getVideos($categoryID);
return ['STATUS_CODE' => STATUS_CODE_OK, "DATA" => $videos];
}
<?php
require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
if (!($userID = buckys_is_logged_in())) {
buckys_redirect('/index.php', MSG_NOT_LOGGED_IN_USER, MSG_TYPE_ERROR);
}
buckys_enqueue_stylesheet('trade.css');
buckys_enqueue_javascript('trade.js');
$TNB_GLOBALS['content'] = 'trade/offer_received';
$TNB_GLOBALS['headerType'] = 'trade';
$paramCurrentPage = buckys_escape_query_integer($_REQUEST['page']);
$paramTargetID = buckys_escape_query_integer($_REQUEST['targetID']);
$view = [];
//Get offer_received info
$tradeOfferIns = new BuckysTradeOffer();
$view['offers'] = $tradeOfferIns->getOfferReceived($userID, $paramTargetID);
$view['offers'] = fn_buckys_pagination($view['offers'], '/trade/offer_received.php', $paramCurrentPage, COMMON_ROWS_PER_PAGE);
$TNB_GLOBALS['title'] = 'Offers Received - BuckysRoomTrade';
//Mark the activity (offer received) as read
$tradeNotificationIns = new BuckysTradeNotification();
$tradeNotificationIns->markAsRead($userID, BuckysTradeNotification::ACTION_TYPE_OFFER_RECEIVED);
$tradeOfferIns->markAsRead($userID, BuckysTradeOffer::STATUS_OFFER_ACTIVE);
require DIR_FS_TEMPLATE . $TNB_GLOBALS['template'] . "/" . $TNB_GLOBALS['layout'] . ".php";
}
}
}
$topicID = isset($_GET['id']) ? buckys_escape_query_integer($_GET['id']) : 0;
$topic = BuckysForumTopic::getTopic($topicID);
if (!$topic) {
buckys_redirect('/forum');
}
$category = BuckysForumCategory::getCategory($topic['categoryID']);
//If the topic is not published(pending or suspended), only forum moderator and administrator can see this
if ($topic['status'] != 'publish' && !buckys_is_moderator() && $TNB_GLOBALS['user']['userID'] != $topic['creatorID']) {
buckys_redirect('/forum');
}
$orderBy = isset($_GET['orderby']) ? buckys_escape_query_string($_GET['orderby']) : 'oldest';
//Getting Replies
$page = isset($_GET['page']) ? buckys_escape_query_integer($_GET['page']) : 1;
$total = BuckysForumReply::getTotalNumOfReplies($topic['topicID'], 'publish');
$pagination = new Pagination($total, BuckysForumReply::$COUNT_PER_PAGE, $page);
$page = $pagination->getCurrentPage();
$replies = BuckysForumReply::getReplies($topic['topicID'], 'publish', $page, $orderBy);
$hierarchical = BuckysForumCategory::getCategoryHierarchical($topic['categoryID']);
//Mark Forum Notifications to read
if (buckys_check_user_acl(USER_ACL_REGISTERED)) {
BuckysForumNotification::makeNotificationsToRead($TNB_GLOBALS['user']['userID'], null, $topic['topicID']);
}
if (buckys_check_user_acl(USER_ACL_MODERATOR)) {
$reportID = BuckysReport::isReported($topicID, 'topic');
$categories = BuckysForumCategory::getAllCategories();
}
buckys_enqueue_javascript('sceditor/jquery.sceditor.bbcode.js');
buckys_enqueue_javascript('uploadify/jquery.uploadify.js');
<?php
require dirname(__FILE__) . '/includes/bootstrap.php';
//Getting Current User ID
$userID = buckys_is_logged_in();
//Getting User ID from Parameter
$profileID = get_secure_integer($_GET['user']);
$postID = buckys_escape_query_integer(isset($_GET['post']) ? $_GET['post'] : null);
//If the parameter is null, goto homepage
if (!$profileID) {
buckys_redirect('/index.php');
}
//Getting UserData from Id
$userData = BuckysUser::getUserData($profileID);
//Goto Homepage if the userID is not correct
if (!buckys_not_null($userData) || !BuckysUser::checkUserID($profileID, true)) {
buckys_redirect('/index.php');
}
$postType = isset($_GET['type']) ? $_GET['type'] : 'all';
if (!in_array($postType, ['all', 'user', 'friends'])) {
$postType = 'all';
}
//if logged user can see all resources of the current user
$canViewPrivate = $userID == $profileID || BuckysFriend::isFriend($userID, $profileID) || BuckysFriend::isSentFriendRequest($profileID, $userID);
$posts = BuckysPost::getPostsByUserID($profileID, $userID, BuckysPost::INDEPENDENT_POST_PAGE_ID, $canViewPrivate, $postID, null, $postType);
/*if( !buckys_not_null($posts) )
{
//Goto Index Page
buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}*/
//Mark the notifications to read
/**
* Add shop product action by Ajax
*/
function addShopProduct()
{
$userID = buckys_is_logged_in();
if (!$userID) {
return;
}
$inputValidFlag = true;
$requiredFields = ['title', 'subtitle', 'description', 'category', 'return_policy', 'shipping_price', 'price'];
if ($_REQUEST['return_policy'] == '') {
$_REQUEST['return_policy'] = 'None';
}
foreach ($requiredFields as $requiredField) {
if ($_REQUEST[$requiredField] == '') {
$inputValidFlag = false;
}
}
$categoryClass = new BuckysShopCategory();
$category = $categoryClass->getCategoryByID($_REQUEST['category']);
if (!$category['isDownloadable'] && $_REQUEST['location'] == '') {
$inputValidFlag = false;
} else {
if ($category['isDownloadable'] == 1) {
$_REQUEST['location'] = 0;
}
}
if (isset($_REQUEST['price']) && (!is_numeric($_REQUEST['price']) || $_REQUEST['price'] <= 0)) {
$inputValidFlag = false;
}
$shippingPriceList = [];
if (isset($_REQUEST['shipping_price'])) {
$shippingPriceList = json_decode($_REQUEST['shipping_price'], true);
if (!is_array($shippingPriceList) || count($shippingPriceList) < 1) {
$inputValidFlag = false;
}
}
$listingFeeType = get_secure_integer($_REQUEST['listing_fee_type']);
if ($listingFeeType === null) {
$inputValidFlag = false;
}
if ($inputValidFlag && $userID !== false) {
$shopProductIns = new BuckysShopProduct();
$data['userID'] = $userID;
$data['title'] = get_secure_string($_REQUEST['title']);
$data['subtitle'] = get_secure_string($_REQUEST['subtitle']);
$data['description'] = get_secure_string($_REQUEST['description']);
$data['catID'] = get_secure_string($_REQUEST['category']);
$data['images'] = get_secure_string($_REQUEST['images']);
$data['locationID'] = buckys_escape_query_integer($_REQUEST['location']);
$data['returnPolicy'] = get_secure_string($_REQUEST['return_policy']);
$data['price'] = get_secure_string($_REQUEST['price']);
$data['listingDuration'] = get_secure_string($_REQUEST['listing_duration']);
$data['expiryDate'] = $data['listingDuration'] == -1 ? '0000-00-00 00:00:00' : date('Y-m-d H:i:s', time() + 3600 * 24 * $data['listingDuration']);
$data['createdDate'] = date('Y-m-d H:i:s');
$data['images'] = moveShopTmpImages($data['images']);
if ($category['isDownloadable'] == 1) {
if (!$_REQUEST['filename'] || file_exists(DIR_FS_SHOP_IMG_TMP . $_REQUEST['filename'])) {
echo json_encode(['success' => 0, 'msg' => 'Please select a zip file.']);
exit;
}
$data['isDownloadable'] = 1;
$filename = moveShopTmpProduct($_REQUEST['filename']);
$data['fileName'] = $filename;
}
if ($data['images'] === false) {
echo json_encode(['success' => 0, 'msg' => 'Something goes wrong, please contact administrator.']);
exit;
}
if ($newProductID = $shopProductIns->addProduct($data, $listingFeeType)) {
$shopProductIns->addShippingPrice($newProductID, $shippingPriceList);
echo json_encode(['success' => 1, 'msg' => 'Your item has been added successfully.']);
} else {
echo json_encode(['success' => 0, 'msg' => 'You do not have enough credits for that.']);
}
} else {
//error
echo json_encode(['success' => 0, 'msg' => 'Please input required field(s).']);
}
}
<?php
require dirname(__FILE__) . '/includes/bootstrap.php';
//Getting Current User ID
$userID = buckys_is_logged_in();
//Getting User ID from Parameter
$profileID = get_secure_integer($_GET['user']);
$albumID = isset($_GET['albumID']) ? buckys_escape_query_integer($_GET['albumID']) : null;
$postID = isset($_GET['post']) ? buckys_escape_query_integer($_GET['post']) : null;
//When displaying page's photo
$showPagePhotoFlag = false;
$paramPageID = BuckysPost::INDEPENDENT_POST_PAGE_ID;
$pageData = null;
if (isset($_GET['pid'])) {
$paramPageID = $_GET['pid'];
$pageIns = new BuckysPage();
$pageData = $pageIns->getPageByID($paramPageID);
if ($pageData) {
$profileID = $pageData['userID'];
$showPagePhotoFlag = true;
}
}
//If the parameter is null, goto homepage
if (!$profileID) {
buckys_redirect('/index.php');
}
//Getting UserData from Id
$userData = BuckysUser::getUserData($profileID);
//Goto Homepage if the userID is not correct
if (!buckys_not_null($userData) || !BuckysUser::checkUserID($profileID, true)) {
buckys_redirect('/index.php');
buckys_redirect('/forum/category.php?id=' . $categoryID, MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
BuckysReport::approveObjects($_REQUEST['reportID']);
buckys_redirect("/forum/moderator.php?id=" . $categoryID, MSG_REPORTED_OBJECT_APPROVED);
} else {
if ($_REQUEST['action'] == 'block-user') {
$return = isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum/category.php?id=' . $categoryID;
//Check forum token
if (!buckys_check_form_token('request')) {
buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Admin, Site Moderator, Category Admin and Category Moderator can't be blocked
if (!(buckys_is_admin() || buckys_is_moderator() || buckys_is_forum_admin($category['categoryID']) || buckys_is_forum_moderator($category['categoryID']))) {
buckys_redirect($return, MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
$blockedUserID = buckys_escape_query_integer($_REQUEST['userID']);
if ($blockedUserID == $userID) {
buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
BuckysForumModerator::blockUser($blockedUserID, $category['categoryID']);
buckys_redirect($return, MSG_BLOCK_USER_SUCCESS);
} else {
if ($_REQUEST['action'] == 'unblock-users') {
$return = isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/forum/moderator.php?id=' . $categoryID;
//Check forum token
if (!buckys_check_form_token('request')) {
buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Admin, Site Moderator, Category Admin and Category Moderator can't apply
if (!(buckys_is_admin() || buckys_is_moderator() || buckys_is_forum_admin($category['categoryID']) || buckys_is_forum_moderator($category['categoryID']))) {
buckys_redirect($return, MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
<?php
require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
if (!($userID = buckys_is_logged_in())) {
buckys_redirect('/index.php', MSG_NOT_LOGGED_IN_USER, MSG_TYPE_ERROR);
}
buckys_enqueue_stylesheet('trade.css');
buckys_enqueue_javascript('trade.js');
$TNB_GLOBALS['content'] = 'trade/traded';
$TNB_GLOBALS['headerType'] = 'trade';
$paramCurrentPage = buckys_escape_query_integer($_REQUEST['page']);
$paramType = buckys_escape_query_string($_REQUEST['type']);
$view = [];
$baseURL = '/trade/traded.php';
if ($paramType == 'history') {
$baseURL .= '?type=' . $paramType;
} else {
$paramType = 'completed';
}
//Get offer_received info
$tradeIns = new BuckysTrade();
$countryIns = new BuckysCountry();
$view['trades'] = $tradeIns->getTradesByUserID($userID, $paramType);
$view['trades'] = fn_buckys_pagination($view['trades'], $baseURL, $paramCurrentPage, COMMON_ROWS_PER_PAGE);
$view['myID'] = $userID;
switch ($paramType) {
case 'history':
$view['pagetitle'] = 'My Trade History';
break;
case 'completed':
default:
$userID = buckys_is_logged_in();
//Process Some Actions
if (isset($_GET['action']) && $_GET['action'] == 'ban-user') {
if (!BuckysModerator::isModerator($userID)) {
die(MSG_PERMISSION_DENIED);
}
if (!isset($_GET['userID']) || !BuckysUser::checkUserID($userID)) {
buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Ban User
BuckysBanUser::banUser($_GET['userID']);
buckys_redirect('/index.php', MSG_BAN_USER);
exit;
}
//Getting User ID from Parameter
$profileID = buckys_escape_query_integer(isset($_GET['user']) ? $_GET['user'] : null);
//If the parameter is null, goto homepage
if (!$profileID) {
buckys_redirect('/index.php');
}
//Getting UserData from Id
$userData = BuckysUser::getUserData($profileID);
//Goto Homepage if the userID is not correct
if (!buckys_not_null($userData) || !BuckysUser::checkUserID($profileID, true) && !buckys_check_user_acl(USER_ACL_ADMINISTRATOR)) {
buckys_redirect('/index.php');
}
$postType = isset($_GET['type']) ? $_GET['type'] : 'all';
if (!in_array($postType, ['all', 'user', 'friends'])) {
$postType = 'all';
}
//if logged user can see all resources of the current user
<?php
require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
if (!($userID = buckys_is_logged_in())) {
buckys_redirect('/index.php', MSG_NOT_LOGGED_IN_USER, MSG_TYPE_ERROR);
}
$productID = buckys_escape_query_integer($_GET['id']);
$shopProductClass = new BuckysShopProduct();
if (!$shopProductClass->isPurchased($userID, $productID)) {
buckys_redirect('/shop/purchase.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
$productData = $shopProductClass->getProductById($productID);
if (!$productData || !$productData['isDownloadable']) {
buckys_redirect('/shop/purchase.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
if (!file_exists(DIR_FS_SHOP_PRODUCTS . $productData['fileName'])) {
buckys_redirect('/shop/purchase.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
$filename = preg_replace("/[^a-zA-Z0-9\\._-\\s]/", '', $productData['title']);
$filename = str_replace(" ", '-', $filename);
//Download Zip File
header("Expires: Mon, 26 Nov 1962 00:00:00 GMT");
header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: Application/zip");
header("Content-disposition: attachment; filename=" . $filename . ".zip");
$fp = fopen(DIR_FS_SHOP_PRODUCTS . $productData['fileName'], "r");
while (!feof($fp)) {
$buffer = fread($fp, 1024 * 1024 * 3);
echo $buffer;
<?php
/**
* Show All Videos
*/
require dirname(__FILE__) . '/includes/bootstrap.php';
$videoClass = new BuckysVideo();
$subjectID = isset($_GET['subject']) ? buckys_escape_query_string($_GET['subject']) : 0;
$categoryID = isset($_GET['cat']) ? buckys_escape_query_integer($_GET['cat']) : null;
$videoID = isset($_GET['video']) ? buckys_escape_query_integer($_GET['video']) : null;
if ($videoID) {
$video = $videoClass->getVideo($videoID);
if (!$video) {
buckys_redirect("/videos.php", MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
exit;
}
$categoryID = $video['categoryID'];
}
if ($categoryID) {
$category = $videoClass->getCategory($categoryID);
$categoryVideos = $videoClass->getVideos($categoryID);
if (!$videoID) {
$video = $categoryVideos[0];
}
//Getting Forum Recent Posts
$topics = BuckysForumTopic::getTopics(1, 'publish', $category['forumCategoryID'], 'lastReplyDate DESC', 10);
$forumCategory = BuckysForumCategory::getCategory($category['forumCategoryID']);
//Get Prev, Next Video
$prevVideoId = null;
$nextVideoId = null;
foreach ($categoryVideos as $idx => $v) {
<?php
require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
buckys_enqueue_stylesheet('trade.css');
buckys_enqueue_javascript('trade.js');
$TNB_GLOBALS['content'] = 'trade/search';
$TNB_GLOBALS['headerType'] = 'trade';
$paramCurrentPage = buckys_escape_query_integer(isset($_REQUEST['page']) ? $_REQUEST['page'] : 1);
$paramQueryStr = buckys_escape_query_string(isset($_REQUEST['q']) ? $_REQUEST['q'] : '');
$paramCategory = buckys_escape_query_string(isset($_REQUEST['cat']) ? $_REQUEST['cat'] : null);
$paramLocation = buckys_escape_query_string(isset($_REQUEST['loc']) ? $_REQUEST['loc'] : null);
$paramSort = buckys_escape_query_string(isset($_REQUEST['sort']) ? $_REQUEST['sort'] : null);
$paramUserID = buckys_escape_query_integer(isset($_REQUEST['user']) ? $_REQUEST['user'] : null);
$view = [];
//Get available items
$tradeItemIns = new BuckysTradeItem();
$countryIns = new BuckysCountry();
$tradeCatIns = new BuckysTradeCategory();
$itemResultList = $tradeItemIns->search($paramQueryStr, $paramCategory, $paramLocation, $paramUserID);
$itemResultList = $tradeItemIns->sortItems($itemResultList, $paramSort);
$view['categoryList'] = $tradeItemIns->countItemInCategory($itemResultList);
//Create Base URL for pagination of search page
$paginationUrlBase = buckys_trade_search_url($paramQueryStr, $paramCategory, $paramLocation, $paramSort, $paramUserID);
//Display
$view['items'] = fn_buckys_pagination($itemResultList, $paginationUrlBase, $paramCurrentPage, COMMON_ROWS_PER_PAGE);
$view['param']['q'] = $paramQueryStr;
$view['param']['cat'] = $paramCategory;
$view['param']['loc'] = $paramLocation;
$view['param']['sort'] = $paramSort;
$view['param']['user'] = $paramUserID;
$TNB_GLOBALS['tradeSearchParam'] = $view['param'];
<?php
require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
$userID = buckys_is_logged_in();
buckys_enqueue_stylesheet('trade.css');
buckys_enqueue_javascript('trade.js');
$TNB_GLOBALS['content'] = 'trade/view';
$TNB_GLOBALS['headerType'] = 'trade';
$paramItemID = buckys_escape_query_integer($_REQUEST['id']);
$view = [];
$tradeItemIns = new BuckysTradeItem();
$tradeCatIns = new BuckysTradeCategory();
$countryIns = new BuckysCountry();
$userIns = new BuckysUser();
$tradeOfferIns = new BuckysTradeOffer();
$view['item'] = $tradeItemIns->getItemById($paramItemID);
$view['myID'] = $userID;
if (!isset($view['item']) || $view['item']['status'] == BuckysTradeItem::STATUS_ITEM_INACTIVE) {
buckys_redirect('/trade/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Check if the items owner is active one
$userData = $userIns->getUserData($view['item']['userID']);
if ($userData['status'] == BuckysUser::STATUS_USER_BANNED) {
buckys_redirect('/trade/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Read more info from DB
$catData = $tradeCatIns->getCategoryByID($view['item']['catID']);
$view['item']['categoryName'] = isset($catData) ? $catData['name'] : '';
$countryData = $countryIns->getCountryById($view['item']['locationID']);
$view['item']['locationName'] = isset($countryData) ? $countryData['country_title'] : '';
$view['item']['userInfo'] = $userIns->getUserBasicInfo($view['item']['userID']);
require dirname(__FILE__) . '/includes/bootstrap.php';
//Getting Current User ID
if (!($userID = buckys_is_logged_in())) {
buckys_redirect('/index.php', MSG_NOT_LOGGED_IN_USER, MSG_TYPE_ERROR);
}
$type = isset($_REQUEST['type']) ? $_REQUEST['type'] : '';
if (!in_array($type, ['all', 'pending', 'requested'])) {
$type = 'all';
}
if (isset($_REQUEST['action'])) {
$return = isset($_REQUEST['return']) ? base64_decode($_REQUEST['return']) : '/myfriends.php?type=' . $type;
$isAjax = isset($_REQUEST['buckys_ajax']) ? true : false;
if ($isAjax) {
header('Content-type: application/xml');
}
$friendID = buckys_escape_query_integer($_REQUEST['friendID']);
if (!buckys_check_form_token('request')) {
if ($isAjax) {
$resultXML = ['status' => 'error', 'message' => MSG_INVALID_REQUEST];
render_result_xml($resultXML);
} else {
buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
exit;
}
if ($_REQUEST['action'] == 'unfriend') {
if (BuckysFriend::unfriend($userID, $friendID)) {
if ($isAjax) {
$resultXML = ['status' => 'success', 'message' => MSG_FRIEND_REMOVED, 'html' => 'Send Friend Request', 'action' => 'unfriend', 'link' => '/myfriends.php?action=request&friendID=' . $friendID . buckys_get_token_param()];
render_result_xml($resultXML);
} else {
require dirname(dirname(__FILE__)) . '/includes/bootstrap.php';
//Getting Current User ID
if (!buckys_check_user_acl(USER_ACL_REGISTERED)) {
buckys_redirect('/index.php', MSG_PERMISSION_DENIED, MSG_TYPE_ERROR);
}
$userID = buckys_is_logged_in();
$classAds = new BuckysAds();
//Add Funds
if (isset($_POST['action']) && $_POST['action'] == 'add-funds') {
if (!buckys_check_form_token()) {
buckys_redirect('/ads/advertiser.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
$adID = buckys_escape_query_integer($_POST['id']);
$adDetail = $classAds->getAdById($adID);
if (!$adDetail || $adDetail['ownerID'] != $userID && buckys_check_user_acl(USER_ACL_MODERATOR)) {
buckys_redirect('/ads/advertiser.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
$result = $classAds->addFunds($userID, $adID, $_POST['amount']);
buckys_add_message($classAds->last_message, $result ? MSG_TYPE_SUCCESS : MSG_TYPE_ERROR);
}
buckys_enqueue_stylesheet('publisher.css');
$adID = buckys_escape_query_integer($_GET['id']);
$adDetail = $classAds->getAdById($adID);
if (!$adDetail || $adDetail['ownerID'] != $userID && buckys_check_user_acl(USER_ACL_MODERATOR)) {
buckys_redirect('/ads/advertiser.php');
}
$TNB_GLOBALS['headerType'] = "ads";
$TNB_GLOBALS['content'] = "ads/view";
buckys_enqueue_javascript('jquery.number.js');
$TNB_GLOBALS['title'] = "View Ad - thenewboston Ads";
require DIR_FS_TEMPLATE . $TNB_GLOBALS['template'] . "/" . $TNB_GLOBALS['layout'] . ".php";
/**
* Save Tracking number
*/
function saveTrackingNumber()
{
$userID = buckys_is_logged_in();
if (!$userID) {
//You should be logged in
return;
} else {
$tradeIns = new BuckysTrade();
$tradeID = buckys_escape_query_integer($_REQUEST['tradeID']);
$trackingNo = buckys_escape_query_string($_REQUEST['trackingNo']);
$tradeData = $tradeIns->getTradeByID($tradeID);
if (empty($tradeData) || $tradeData['sellerID'] != $userID && $tradeData['buyerID'] != $userID) {
//error, no permission
echo json_encode(['success' => 0, 'msg' => "You do not have permission."]);
} else {
if ($tradeData['sellerID'] == $userID) {
$tradeIns->updateTrade($tradeID, ['sellerTrackingNo' => $trackingNo]);
} else {
$tradeIns->updateTrade($tradeID, ['buyerTrackingNo' => $trackingNo]);
}
echo json_encode(['success' => 1, 'msg' => "You have saved tracking number successfully."]);
}
}
}
} else {
buckys_redirect('/messages_inbox.php', MSG_MESSAGE_REMOVED, MSG_TYPE_SUCCESS);
}
exit;
}
//Delete Message Foreer
if ($_POST['action'] == 'delete_forever') {
if (!BuckysMessage::deleteMessagesForever($_POST['messageID'])) {
buckys_redirect('/messages_inbox.php', "Error: " . $db->getLastError(), MSG_TYPE_ERROR);
} else {
buckys_redirect('/messages_inbox.php', MSG_MESSAGE_REMOVED, MSG_TYPE_SUCCESS);
}
exit;
}
}
$messageID = buckys_escape_query_integer(isset($_GET['message']) ? $_GET['message'] : null);
if (!$messageID) {
buckys_redirect('/messages_inbox.php');
}
$message = BuckysMessage::getMessage($messageID);
//If the current user is morderator and this message has been reported
if (!$message && buckys_check_user_acl(USER_ACL_MODERATOR) && BuckysReport::isReported($messageID, 'message')) {
//Getting Message
$message = BuckysMessage::getMessageById($messageID);
$msgType = 'reported';
}
if (!$message) {
buckys_redirect('/messages_inbox.php');
}
if (!isset($msgType)) {
//Make Message as read
