/** * display * * @return void */ public function display() { $id = (int) $_GET['avatar']; // Get user info $sql = "SELECT `id`, `fname`, `lname`, `maiden`, `avatar`, `gravatar`\n FROM `fcms_users`\n WHERE `id` = ?"; $row = $this->fcmsDatabase->getRow($sql, $id); if ($row === false) { $this->fcmsError->displayError(); return; } $name = cleanOutput($row['fname']) . ' ' . cleanOutput($row['lname']); echo ' <form id="frm" name="frm" enctype="multipart/form-data" action="?avatar=' . $id . '" method="post"> <fieldset> <legend><span>' . sprintf(T_pgettext('%s is a persons full name', 'Picture for %s'), $name) . '</span></legend> <div class="field-row"> <div class="field-label"><b>' . T_('Current Picture') . '</b></div> <div class="field-widget"> <img src="' . getCurrentAvatar($id) . '"/> </div> </div>'; $this->displayUploadArea(); echo ' <p> <input type="hidden" name="avatar_orig" value="' . cleanOutput($row['avatar']) . '"/> <input class="sub1" type="submit" name="submitUpload" id="submitUpload" value="' . T_('Submit') . '"/> <a href="familytree.php">' . T_('Cancel') . '</a> </p> </fieldset> </form>'; }
/** * Constructor * * @return void */ public function __construct($fcmsError, $fcmsDatabase, $fcmsUser) { $this->fcmsError = $fcmsError; $this->fcmsDatabase = $fcmsDatabase; $this->fcmsUser = $fcmsUser; $this->fcmsTemplate = array('currentUserId' => $this->fcmsUser->id, 'sitename' => cleanOutput(getSiteName()), 'nav-link' => getAdminNavLinks(), 'pagetitle' => T_('Dashboard'), 'path' => URL_PREFIX, 'displayname' => $this->fcmsUser->displayName, 'version' => getCurrentVersion(), 'year' => date('Y')); $this->control(); }
/** * getWhatsNewDataObject * * @param array $data * * @return array */ function getWhatsNewDataObject($data) { $title = ''; $details = ''; switch ($data['type']) { case 'CALENDAR': $title = '<a href="calendar.php?event=' . $data['id'] . '">' . cleanOutput($data['title']) . '</a>'; $details = date('F j, Y', strtotime($data['id2'])); break; case 'DOCS': $title = '<a href="documents.php">' . cleanOutput($data['title']) . '</a>'; $details = cleanOutput($data['details']); break; case 'GALCOM': foreach ($data['photos'] as $p) { $photoSrc = $this->fcmsPhotoGallery->getPhotoSource($p); $title = '<a href="gallery/index.php?uid=0&cid=comments&pid=' . (int) $data['id'] . '"><img src="' . $photoSrc . '"/></a>'; } $details = cleanOutput($data['title']); break; case 'GALLERY': $title = '<a href="gallery/index.php?uid=' . (int) $data['userid'] . '&cid=' . $data['id'] . '">' . cleanOutput($data['title']) . '</a>'; $details = ''; foreach ($data['photos'] as $p) { $photoSrc = $this->fcmsPhotoGallery->getPhotoSource($p); $details .= ' <a href="gallery/index.php?uid=' . (int) $data['userid'] . '&cid=' . $data['id'] . '&pid=' . (int) $p['id'] . '"> <img src="' . $photoSrc . '" alt="' . cleanOutput($p['caption']) . '"/> </a> '; } break; case 'NEWS': $name = !empty($data['title']) ? cleanOutput($data['title']) : T_('untitled'); $title = '<a href="familynews.php?getnews=' . $data['userid'] . '&newsid=' . $data['id'] . '">' . $name . '</a>'; $details = removeBBCode($data['details']); $details = cleanOutput($details); if (strlen($details) > 300) { $details = substr($details, 0, 300); $details .= '...<br/><br/><a href="familynews.php?getnews=' . $data['userid'] . '&newsid=' . (int) $data['id'] . '">' . T_('Read More') . '</a>'; } break; case 'POLL': $title = '<a href="polls.php?id=' . (int) $data['id'] . '">' . cleanOutput($data['title']) . '</a>'; break; case 'PRAYERS': $title = '<a href="prayers.php">' . cleanOutput($data['title']) . '</a>'; $details = cleanOutput($data['details']); break; case 'RECIPES': $title = '<a href="recipes.php?category=' . $data['id2'] . '&id=' . $data['id'] . '">' . cleanOutput($data['title']) . '</a>'; break; case 'THREAD': $subject = $data['title']; $pos = strpos($subject, '#ANOUNCE#'); if ($pos !== false) { $subject = substr($subject, 9, strlen($subject) - 9); } $subject = cleanOutput($subject); $title = '<a href="messageboard.php?thread=' . (int) $data['id2'] . '" title="' . $subject . '">' . $subject . '</a>'; $details = removeBBCode($data['details']); $details = cleanOutput($details); if (strlen($details) > 300) { $details = substr($details, 0, 300); $details .= '...<br/><br/><a href="messageboard.php?thread=' . (int) $data['id2'] . '">' . T_('Read More') . '</a>'; } break; case 'VIDEO': $title = '<a href="video.php?u=' . (int) $data['userid'] . '&id=' . (int) $data['id'] . '"><img src="http://i.ytimg.com/vi/' . $data['id2'] . '/default.jpg"/></a>'; break; default: $title = ''; $details = ''; break; } return array('title' => $title, 'details' => $details); }
/** * displayPolls * * @return void */ function displayPolls() { $this->displayHeader(); $page = isset($_GET['page']) ? (int) $_GET['page'] : 1; $pollsData = $this->fcmsPoll->getPolls($page); if ($pollsData === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } $ids = $pollsData['ids']; unset($pollsData['ids']); $votesLkup = $this->fcmsPoll->getPollsTotalVotes($ids); if ($votesLkup === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } $pollParams = array(); foreach ($pollsData as $row) { $pollParams[] = array('url' => '?id=' . (int) $row['id'], 'question' => cleanOutput($row['question'], 'html'), 'date' => fixDate(T_('M. j, Y, g:i a'), $this->fcmsUser->tzOffset, $row['started']), 'vote' => $votesLkup[$row['id']]); } $templateParams = array('textPastPolls' => T_('Past Polls'), 'textQuestion' => T_('Question'), 'textDate' => T_('Date'), 'textVotes' => T_('Votes'), 'polls' => $pollParams); loadTemplate('poll', 'polls', $templateParams); $this->displayFooter(); }
/** * displayAward * * Displays details about the given award type. * Along with who the award was awarded to and any other awards they own. * * @param int $userid * @param int $type * * @return void */ function displayAward($userid, $type) { $userid = (int) $userid; $sql = "SELECT a.`id`, a.`user`, a.`award`, a.`month`, a.`date`, a.`item_id`, a.`count`, u.`fname`\n FROM `fcms_user_awards` AS a,\n `fcms_users` AS u\n WHERE a.`user` = '{$userid}'\n AND a.`award` = '{$type}'\n AND a.`user` = u.`id`"; $rows = $this->fcmsDatabase->getRows($sql, array($userid, $type)); if ($rows === false) { $this->fcmsError->displayError(); return; } if (count($rows) <= 0) { echo ' <p class="error-alert">' . T_('Invalid Member/Award.') . '</p>'; return; } $awardList = array(); foreach ($rows as $r) { $awardList[] = $r; $fname = $r['fname']; } $currentAward = array('id' => $awardList[0]['id'], 'award' => $awardList[0]['award'], 'month' => $awardList[0]['month'], 'date' => $awardList[0]['date'], 'item_id' => $awardList[0]['item_id'], 'count' => $awardList[0]['count']); $awardsInfo = $this->getAwardsInfoList(); $totalTimesAwarded = count($awardList); $string = T_ngettext('%s has been given this award %d time.', '%s has been given this award %d times.', $totalTimesAwarded); $awardedCount = sprintf($string, $fname, $totalTimesAwarded) . '</h5>'; if ($userid == $this->fcmsUser->id) { $string = T_ngettext('You have been given this award %d time.', 'You have been given this award %d times.', $totalTimesAwarded); $awardedCount = sprintf($string, $totalTimesAwarded) . '</h5>'; } echo ' <div id="current-award"> <div class="' . $currentAward['award'] . '"></div> <h1>' . $awardsInfo[$currentAward['award']]['name'] . '</h1> <h2>' . $awardsInfo[$currentAward['award']]['description'] . '</h2> </div> <h5 class="times-awarded">' . $awardedCount . '</h5>'; foreach ($awardList as $r) { $details = ''; $date = ''; if (strlen($r['month']) == 6) { $year = substr($r['month'], 0, 4); $month = substr($r['month'], 4, 2); $date = date('F, Y', strtotime("{$year}-{$month}-01")); } switch ($r['award']) { case 'board': $details = sprintf(T_pgettext('Ex: December, 2011 - 10 posts', '%s - %s posts'), $date, $r['count']); break; case 'gallery': $details = sprintf(T_pgettext('Ex: December, 2011 - 10 photos', '%s - %s photos'), $date, $r['count']); break; case 'recipes': $details = sprintf(T_pgettext('Ex: December, 2011 - 10 recipes', '%s - %s recipes'), $date, $r['count']); break; case 'news': $details = sprintf(T_pgettext('Ex: December, 2011 - 10 posts', '%s - %s posts'), $date, $r['count']); break; case 'docs': $details = sprintf(T_pgettext('Ex: December, 2011 - 10 documents', '%s - %s documents'), $date, $r['count']); break; case 'icebreaker': $thread = (int) $r['item_id']; $replies = sprintf(T_pgettext('Ex: 21 replies', '%d replies'), $r['count']); $details = $date . ' - <a href="messageboard.php?thread=' . $thread . '">' . $this->fcmsMessageBoard->getThreadSubject($thread) . '</a> - ' . $replies; break; case 'shutterbug': $id = (int) $r['item_id']; $photo = $this->fcmsPhotoGallery->getPhotoInfo($id); $views = sprintf(T_pgettext('Ex: 210 views', '%d views'), $r['count']); $photoSrc = $this->fcmsPhotoGallery->getPhotoSource($photo); $details = $date . ' - ' . $views . '<br/>'; $details .= '<a href="gallery/index.php?uid=' . $photo['user'] . '&cid=' . $photo['category'] . '&pid=' . $photo['id'] . '">'; $details .= '<img src="' . $photoSrc . '"/>'; $details .= '</a>'; break; case 'interesting': $id = (int) $r['item_id']; $views = sprintf(T_pgettext('Ex: 21 comments', '%d comments'), $r['count']); $sql = "SELECT `title`\n FROM `fcms_news`\n WHERE `id` = '{$id}'"; $news = $this->fcmsDatabase->getRow($sql, $id); if ($news === false) { $this->fcmsError->displayError(); return; } $title = cleanOutput($news['title']); $details = $date . ' - <a href="familynews.php?getnews=' . $r['user'] . '&newsid=' . $id . '">' . $title . '</a> - ' . $views; break; case 'secretive': $views = sprintf(T_pgettext('Ex: 210 private messages', '%d private messages'), $r['count']); $details = $date . ' - ' . $views . '<br/>'; break; case 'planner': $views = sprintf(T_pgettext('Ex: 53 events', '%d events'), $r['count']); $details = $date . ' - ' . $views . '<br/>'; break; case 'photogenic': $views = sprintf(T_pgettext('Ex: 53 photos', '%d photos'), $r['count']); $details = $date . ' - ' . $views . '<br/>'; break; } echo ' <p>' . $details . '</p>'; } }
/** * displayEditForm * * @return void */ function displayEditForm() { $this->displayHeader(); $id = (int) $_GET['edit']; $cat = cleanOutput($_GET['cat']); $this->fcmsBook->displayEditForm($id, 'addressbook.php?cat=' . $cat . '&address=' . $id); $this->displayFooter(); }
/** * displayConfirmDeleteCommentForm * * @return void */ function displayConfirmDeleteCommentForm() { $uid = (int) $_GET['uid']; $cid = $_GET['cid']; // not always an # $pid = (int) $_GET['pid']; $id = (int) $_POST['id']; $this->displayHeader(); echo ' <div class="info-alert"> <form action="index.php?confirmed=1" method="post"> <h2>' . T_('Are you sure you want to DELETE this Comment?') . '</h2> <p><b><i>' . T_('This can NOT be undone.') . '</i></b></p> <div> <input type="hidden" name="uid" value="' . $uid . '"/> <input type="hidden" name="cid" value="' . cleanOutput($cid) . '"/> <input type="hidden" name="pid" value="' . $pid . '"/> <input type="hidden" name="id" value="' . $id . '"/> <input style="float:left;" type="submit" id="delcom" name="delcom" value="' . T_('Yes') . '"/> <a style="float:right;" href="index.php?uid=' . $uid . '&cid=' . cleanOutput($cid) . '&pid=' . $pid . '">' . T_('Cancel') . '</a> </div> </form> </div>'; $this->displayFooter(); }
/** * getMembersInCategory * * @param int $cid * * @return string */ function getMembersInCategory($uid, $cid) { $retVal = ''; $sql = "SELECT u.`id`, u.`fname`, u.`lname`, u.`avatar`, u.`gravatar`\n FROM `fcms_gallery_photos_tags` AS t\n LEFT JOIN `fcms_gallery_photos` AS p ON t.`photo` = p.`id`\n LEFT JOIN `fcms_category` AS c ON p.`category` = c.`id`\n LEFT JOIN `fcms_users` AS u ON t.`user` = u.`id`\n WHERE p.`category` = ?\n AND p.`user` = ?\n GROUP BY u.`id`"; $rows = $this->fcmsDatabase->getRows($sql, array($cid, $uid)); if ($rows === false) { $this->fcmsError->displayError(); return $retVal; } if (count($rows) <= 0) { if ($uid == $this->fcmsUser->id || $this->fcmsUser->access < 2) { $retVal .= '<a href="?tag=' . $cid . '&user='******'">' . T_('Tag Members In Photos') . '</a>'; } return $retVal; } $retVal .= ' <ul class="avatar-member-list-small">'; foreach ($rows as $row) { $id = (int) $row['id']; $displayname = cleanOutput($row['fname']) . ' ' . cleanOutput($row['lname']); $avatarPath = getAvatarPath($row['avatar'], $row['gravatar'], '../'); $retVal .= ' <li> <a href="index.php?uid=0&cid=' . $id . '" class="tooltip" title="" onmouseover="showTooltip(this)" onmouseout="hideTooltip(this)"> <img class="avatar" alt="avatar" src="' . $avatarPath . '"/> </a> <div class="tooltip" style="display:none;"> <h5>' . $displayname . '</h5> <span>' . sprintf(T_('Click to view more photos of %s.'), $displayname) . '</span> </div> </li>'; } $retVal .= ' </ul>'; return $retVal; }
/** * displayMembersTreeList * * Displays the list of members for viewing their family tree * * @return void */ function displayMembersTreeList() { // Get list of available users $sql = "SELECT `id`, `fname`, `mname`, `lname`, `maiden`\n FROM `fcms_users` \n WHERE `id` != ?\n ORDER BY `lname`, `fname`"; $rows = $this->fcmsDatabase->getRows($sql, $this->fcmsUser->id); if ($rows === false) { $this->fcmsError->displayError(); return; } if (count($rows) < 1) { return; } echo ' <form action="familytree.php" method="get" id="view_tree_form"> <p> <select name="view"> <option value="' . $this->fcmsUser->id . '">' . T_('View Family Tree for...') . '</option> <option value="' . $this->fcmsUser->id . '">----------</option>'; foreach ($rows as $r) { $selected = $this->currentTreeUserId == $r['id'] ? ' selected="selected"' : ''; $maiden = empty($r['maiden']) ? ', ' : ' (' . $r['maiden'] . '), '; echo ' <option value="' . $r['id'] . '"' . $selected . '>' . cleanOutput($r['lname']) . $maiden . ' ' . cleanOutput($r['fname']) . ' ' . cleanOutput($r['mname']) . '</option>'; } echo ' </select> <input type="submit" value="' . T_('View') . '"/> </p> </form>'; }
/** * displayGeneralForm * * @return void */ function displayGeneralForm() { $this->displayHeader(); $sql = "SELECT `name`, `value`\n FROM `fcms_config`"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } $row = array(); foreach ($rows as $r) { $row[$r['name']] = $r['value']; } // Activate Options $activateList = array('0' => T_('Admin Activation'), '1' => T_('Auto Activation')); $activateOptions = buildHtmlSelectOptions($activateList, $row['auto_activate']); // Register Options $registerList = array('0' => T_('Off'), '1' => T_('On')); $registerOptions = buildHtmlSelectOptions($registerList, $row['registration']); // Start of week $startSun = $row['start_week'] == 0 ? 'checked' : ''; $startMon = $row['start_week'] == 1 ? 'checked' : ''; $startTue = $row['start_week'] == 2 ? 'checked' : ''; $startWed = $row['start_week'] == 3 ? 'checked' : ''; $startThr = $row['start_week'] == 4 ? 'checked' : ''; $startFri = $row['start_week'] == 5 ? 'checked' : ''; $startSat = $row['start_week'] == 6 ? 'checked' : ''; // Site Off Options // TODO - config table or file? $siteOffYes = ''; $siteOffNo = ''; if ($row['site_off'] == 1) { $siteOffYes = 'checked'; } else { $siteOffNo = 'checked'; } // Debug $debugList = array('0' => T_('Off'), '1' => T_('On')); $debugOptions = buildHtmlSelectOptions($debugList, $row['debug']); $message = ''; if (isset($_SESSION['success'])) { $message = '<div class="alert-message success">'; $message .= '<a class="close" href="#" onclick="$(this).up(\'div\').hide(); return false;">×</a>'; $message .= T_('Changes Updated Successfully') . '</div>'; unset($_SESSION['success']); } echo ' <form action="config.php?view=general" method="post"> <fieldset> <legend>' . T_('General Configuration') . '</legend> ' . $message . ' <div class="clearfix"> <label for="sitename">' . T_('Site Name') . '</label> <div class="input"> <input class="xlarge span8" id="sitename" name="sitename" type="text" value="' . cleanOutput($row['sitename']) . '"> </div> </div> <div class="clearfix"> <label for="contact">' . T_('Contact Email') . '</label> <div class="input"> <input class="xlarge span8" id="contact" name="contact" type="text" value="' . cleanOutput($row['contact']) . '"> </div> <script type="text/javascript"> var email = new LiveValidation(\'contact\', {onlyOnSubmit: true}); email.add(Validate.Email, {failureMessage: "' . T_('That\'s not a valid email address is it?') . '"}); email.add(Validate.Length, {minimum: 10}); </script> </div> <div class="clearfix"> <label for="registration">' . T_('Registration') . '</label> <div class="input"> <select id="registration" name="registration"> ' . $registerOptions . ' </select> </div> </div> <div class="clearfix"> <label for="activation">' . T_('Account Activation') . '</label> <div class="input"> <select id="activation" name="activation"> ' . $activateOptions . ' </select> </div> </div> <div class="clearfix"> <label>' . T_('Start of the Week') . '</label> <div class="input"> <ul class="inputs-list"> <li> <label> <input type="radio" ' . $startSun . ' id="start_sun" name="start_week" value="0"> <span>' . T_('Sunday') . '</span> </label> </li> <li> <label> <input type="radio" ' . $startMon . ' id="start_mon" name="start_week" value="1"> <span>' . T_('Monday') . '</span> </label> </li> <li> <label> <input type="radio" ' . $startTue . ' id="start_tue" name="start_week" value="2"> <span>' . T_('Tuesday') . '</span> </label> </li> <li> <label> <input type="radio" ' . $startWed . ' id="start_wed" name="start_week" value="3"> <span>' . T_('Wednesday') . '</span> </label> </li> <li> <label> <input type="radio" ' . $startThr . ' id="start_thr" name="start_week" value="4"> <span>' . T_('Thursday') . '</span> </label> </li> <li> <label> <input type="radio" ' . $startFri . ' id="start_fri" name="start_week" value="5"> <span>' . T_('Friday') . '</span> </label> </li> <li> <label> <input type="radio" ' . $startSat . ' id="start_sat" name="start_week" value="6"> <span>' . T_('Saturday') . '</span> </label> </li> </ul> </div> </div> <div class="clearfix"> <label>' . T_('Turn Off Site?') . '</label> <div class="input"> <ul class="inputs-list"> <li> <label> <input type="radio" ' . $siteOffYes . ' id="site_off_yes" name="site_off" value="yes"> <span>' . T_('Yes, turn the site off, so no one can access it.') . '</span> </label> </li> <li> <label> <input type="radio" ' . $siteOffNo . ' id="site_off_no" name="site_off" value="no"> <span>' . T_('No, keep the site on and running.') . '</span> </label> </li> </ul> </div> </div> <div class="clearfix"> <label for="debug">' . T_('Debug') . '</label> <div class="input"> <select id="debug" name="debug"> ' . $debugOptions . ' </select> </div> </div> <div class="actions"> <input type="submit" class="btn primary" id="submit-sitename" name="submit-sitename" value="' . T_('Save') . '"> </div> </fieldset> </form>'; $this->displayFooter(); }
/** * displayDetails * * @return void */ function displayDetails() { $this->displayHeader(array('jsOnload' => 'initAddRelative();')); $id = (int) $_GET['details']; $sql = "SELECT *\n FROM `fcms_users`\n WHERE `id` = ?"; $user = $this->fcmsDatabase->getRow($sql, $id); if ($user === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } $canEdit = false; $editLink = ''; if ($user['phpass'] == 'NONMEMBER' || $this->fcmsUser->access == 1) { $canEdit = true; $editLink = '<li><a href="?edit=' . $id . '">' . T_('Edit This Person') . '</a></li>'; } $avatarPath = getAvatarPath($user['avatar'], $user['gravatar']); $status = $user['phpass'] == 'NONMEMBER' ? T_('Non-member') : T_('Member'); // Bio if (strlen($user['bio']) > 0) { $bio = cleanOutput($user['bio']); } elseif ($canEdit) { $bio = '<a href="?edit=' . $id . '">' . T_('Share some information about this person.') . '</a>'; } else { $bio = T_('This user does not have a bio.'); } // Get Parents $parents = $this->fcmsFamilyTree->getParentsOfUsers(array($user['id'])); if ($parents === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } $father = array(); $mother = array(); foreach ($parents as $parent) { if ($parent['sex'] == 'M') { $father[] = $parent; } else { $mother[] = $parent; } } // Get spouse $spouse = $this->fcmsFamilyTree->getSpousesOfUsers(array($user['id'])); if ($spouse === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } // Get children $children = $this->fcmsFamilyTree->getChildrenOfUsers($spouse); if ($children === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } list($bday, $death) = $this->fcmsFamilyTree->getFormattedBirthdayAndDeath($user); echo ' <div id="sections_menu"> <ul> <li><a href="?view=' . $id . '">' . T_('View Family Tree') . '</a></li> </ul> </div> <div id="actions_menu"> <ul class="tools"> ' . $editLink . ' <li><a class="add" href="#' . $id . '">' . T_('Add Family Member') . '</a></li> </ul> </div> <div class="person-details"> <img class="avatar" src="' . $avatarPath . '"/> <h1>' . $user['fname'] . ' ' . $user['lname'] . '</h1> <p class="member_status">' . $status . '</p> </div> <p> ' . $bday . '<br/> ' . $death . ' </p> <h3>' . T_('Bio') . '</h3> <p>' . $bio . '</p> <h3>' . T_('Immediate Family') . '</h3> <ul id="immediate-family">'; // Print parents, spouses, and children $types = array('father' => array('M' => T_('Father')), 'mother' => array('F' => T_('Mother')), 'spouse' => array('M' => T_('Spouse'), 'F' => T_('Spouse')), 'children' => array('M' => T_('Son'), 'F' => T_('Daughter'))); foreach ($types as $type => $i18n) { foreach (${$type} as $relative) { if (!empty($relative)) { $relAvatarPath = getAvatarPath($relative['avatar'], $relative['gravatar']); $maiden = strlen($relative['maiden']) > 0 ? '(' . $relative['maiden'] . ')' : ''; echo ' <li> <img class="small-avatar" src="' . $relAvatarPath . '"/> <p> <a href="?details=' . $relative['id'] . '"> ' . $relative['fname'] . ' ' . $relative['mname'] . ' ' . $relative['lname'] . ' ' . $maiden . ' </a> <i>' . $i18n[$relative['sex']] . '</i> </p> </li>'; } } } $this->displayFooter(); }
/** * displayImages * * @return void */ function displayImages() { global $fcmsUser; displayHeader(); if (isset($_SESSION['delete_ok'])) { unset($_SESSION['delete_ok']); echo '<p class="ok-alert">' . T_('Image was Deleted Successfully') . '</p>'; } echo ' <h2>' . T_('Upload Image') . '</h2> <form enctype="multipart/form-data" action="upimages.php" method="post"> <p><input type="file" name="upfile" id="upfile" size="30" title="' . T_('Choose the image you want to upload.') . '"/></p> <div><input type="submit" name="upload" id="upload" value="' . T_('Upload Image') . '"/></div> </form> <p> </p> <h2>' . T_('Uploaded Images') . '</h2> <table>'; $uploadsPath = getUploadsAbsolutePath(); $img_dir = opendir($uploadsPath . 'upimages'); while ($file = readdir($img_dir)) { if ($file !== 'index.htm') { $images_in_dir[] = $file; } } natcasesort($images_in_dir); reset($images_in_dir); $i = 0; $total_size = 0; foreach ($images_in_dir as $file) { // Skip directories that start with a period if ($file[0] === '.') { continue; } $img_name_arr = explode(".", $file); $img_type = end($img_name_arr); $this_size = filesize($uploadsPath . 'upimages/' . $file); $total_size += $this_size; $img_info = getimagesize($uploadsPath . 'upimages/' . $file); $win_w = $img_info[0] + 50; $win_h = $img_info[1] + 50; $path = 'uploads/upimages/'; if (defined('UPLOADS')) { $path = 'file.php?u='; } $i++; echo ' <tr'; if ($i % 2 != 0) { echo 'class="alt"'; } echo '> <td class="v"> <button class="viewbtn" onclick="window.open(\'' . URL_PREFIX . $path . basename($file) . '\',\'file\', \'width=' . $win_w . ',height=' . $win_h . ',resizable=no,location=no,menubar=no,status=no\'); return false;"/> </td> <td class="file"> <a href="#" onclick="insertUpImage(\'[IMG=' . $path . basename($file) . ']\')" title="' . T_('Click to insert image into message.') . '">' . $file . '</a> </td> <td>'; if ($fcmsUser->access < 2) { echo ' <form method="post" action="upimages.php"> <div> <input type="hidden" name="img" value="' . cleanOutput($file) . '"/> <input type="submit" name="delimg" value="' . T_('Delete') . '" class="delbtn" title="' . T_('Delete this Image') . '" onclick="javascript:return confirm(\'' . T_('Are you sure you want to DELETE this image?') . '\');"/> </div> </form>'; } echo ' </td> <td class="n">' . $img_info[0] . 'x' . $img_info[1] . '</td> <td class="n">' . formatSize($this_size) . '</td> </tr>'; } echo ' <tr> <td></td> <td></td> <td></td> <td class="n">' . T_('Total Size') . '</td> <td class="n">' . formatSize($total_size) . '</td> </tr> </table>'; displayFooter(); }
/** * getDisplayNameFromData * * @param array $data * * @return string */ private function getDisplayNameFromData($data) { $ret = ''; switch ($data['displayname']) { case '1': $ret = cleanOutput($data['fname']); break; case '2': $ret = cleanOutput($data['fname']) . ' ' . cleanOutput($data['lname']); break; case '3': $ret = cleanOutput($data['username']); break; default: $ret = cleanOutput($data['username']); break; } return $ret; }
/** * displayFormPage * * @param string $displayMessage * * @return void */ function displayFormPage($displayMessage = '') { $this->displayHeader(); if (isset($_SESSION['success'])) { echo ' <div class="alert-message success"> <a class="close" href="#" onclick="$(this).up(\'div\').hide(); return false;">×</a> ' . T_('Changes Updated Successfully') . ' </div>'; unset($_SESSION['success']); } $r = getFoursquareConfigData(); $id = isset($r['fs_client_id']) ? cleanOutput($r['fs_client_id']) : ''; $secret = isset($r['fs_client_secret']) ? cleanOutput($r['fs_client_secret']) : ''; $url = isset($r['fs_callback_url']) ? cleanOutput($r['fs_callback_url']) : ''; if (empty($id) || empty($secret) || empty($url)) { echo ' <div class="row"> <div class="span4"> <h2>' . T_('Step 1') . '</h2> <p>' . T_('Go to Foursquare and register a new app.') . '</p> </div> <div class="span12"> <h3><a href="https://foursquare.com/developers/register">' . T_('Register a new foursquare app.') . '</a></h3> <p> ' . T_('Be sure to include settings.php as part of your callback url. For example: if your site is located at http://www.my-awesome-site.com/fcms/index.php then your callback url should be http://www.my-awesome-site.com/fcms/settings.php') . ' </p> </div><!-- /span12 --> </div><!-- /row --> <p> </p> <p> </p> <p> </p> <div class="row"> <div class="span4"> <h2>' . T_('Step 2') . '</h2> <p>' . T_('Fill out the form below with the information you provided in Step 1.') . '</p> </div> <div class="span12">'; } echo ' <form action="foursquare.php" method="post"> <fieldset> <legend>' . T_('Foursquare Confirguration') . '</legend> <div class="clearfix"> <label for="id">' . T_('Client ID') . '</label> <div class="input"> <input type="text" name="id" id="id" size="50" value="' . $id . '"/> </div> </div> <div class="clearfix"> <label for="secret">' . T_('Client Secret') . '</label> <div class="input"> <input type="text" name="secret" id="secret" size="50" value="' . $secret . '"/> </div> </div> <div class="clearfix"> <label for="url">' . T_('Callback URL') . '</label> <div class="input"> <input class="frm_text" type="text" name="url" id="url" size="50" value="' . $url . '"/> </div> </div> <div class="actions"> <input class="btn primary" type="submit" name="submit" value="' . T_('Save') . '"/> </div> </fieldset> </form>'; if (empty($id) || empty($secret) || empty($url)) { echo ' </div><!-- /span12 --> </div><!-- /row -->'; } $this->displayFooter(); }
/** * displayUploadArea * * @return void */ protected function displayUploadArea() { $id = (int) $_GET['avatar']; echo ' <link rel="stylesheet" href="ui/js/jqueryui/jquery-ui.min.css"> <link rel="stylesheet" href="ui/js/jqueryui/jquery-ui.theme.min.css"> <link rel="stylesheet" href="inc/thirdparty/plupload/js/jquery.ui.plupload/css/jquery.ui.plupload.css"> <script type="text/javascript" src="ui/js/jqueryui/jquery-ui.min.js"></script> <script type="text/javascript" src="inc/thirdparty/plupload/js/plupload.full.min.js"></script> <script type="text/javascript" src="inc/thirdparty/plupload/js/jquery.ui.plupload/jquery.ui.plupload.min.js"></script> <script> $(document).ready(function() { $("#uploader").plupload({ runtimes : "html5,flash,silverlight,html4", url : "familytree.php?advanced_avatar=' . $id . '", max_file_size : "100mb", multi_selection : false, buttons: { "start" : false, }, multipart_params: { "plupload" : "1", }, filters : [ {title : "Image files", extensions : "jpg,jpeg,gif,png"} ], resize : { width: 80, height: 80, quality: 90, crop: true }, // Sort files sortable: true, // Views to activate views: { list : false, thumbs : true, active : "thumbs" }, // Flash settings flash_swf_url : "../inc/thirdparty/plupload/js/Moxie.swf", // Silverlight settings silverlight_xap_url : "../inc/thirdparty/plupload/js/Moxie.xap", init : { FilesAdded: function(up, files) { while (up.files.length > 1) { up.removeFile(up.files[0]); } }, FileUploaded: function(up, file, info) { window.location.href = "familytree.php"; } } }); $("#frm").submit(function(event) { event.preventDefault(); var uploader = $("#uploader").plupload("getUploader"); uploader.settings.multipart_params = { "avatar_orig" : $("#avatar_orig").val() }; $("#uploader").plupload("start"); }); }); </script> <div class="field-label"> </div> <div id="plupload_container" class="field-widget"> <div id="uploader"></div> <input type="hidden" id="avatar_orig" name="avatar_orig" value="' . cleanOutput($this->data['avatar']) . '"/><br/> </div>'; }
/** * displayEditForm * * @return void */ function displayEditForm() { $this->displayHeader(); $id = (int) $_GET['editpoll']; $sql = "SELECT `question`, o.`id`, `option` \n FROM `fcms_polls` AS p, `fcms_poll_options` AS o \n WHERE p.`id` = o.`poll_id` \n AND p.`id` = ?"; $rows = $this->fcmsDatabase->getRows($sql, $id); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (isset($_SESSION['success'])) { echo ' <div class="alert-message success"> <a class="close" href="#" onclick="$(this).up(\'div\').hide(); return false;">×</a> ' . T_('Changes Updated Successfully') . ' </div>'; unset($_SESSION['success']); } echo ' <form id="editform" name="editform" action="?page=admin_polls" method="post"> <fieldset> <legend><span>' . T_('Edit Poll') . '</span></legend>'; $i = 1; foreach ($rows as $row) { if ($i < 2) { echo ' <h3>' . cleanOutput($row['question']) . '</h3>'; } echo ' <div class="clearfix"> <label for="show' . $i . '">' . sprintf(T_('Option %s'), $i) . '</label> <div class="input"> <input type="text" name="show' . $i . '" id="show' . $i . '" '; if ($i < 3) { echo "class=\"required\""; } echo ' size="50" value="' . cleanOutput($row['option']) . '"/> <input type="hidden" name="option' . $i . '" value="' . $row['id'] . '"/>'; // Needs to be created by js if ($i >= 3) { echo ' <input type="button" name="deleteoption" class="btn small danger" style="width:auto;" value="' . T_('Delete') . '" onclick="document.editform.show' . $i . '.value=\'\';"/>'; } echo ' </div> </div>'; $i++; } while ($i < 11) { echo ' <div class="clearfix"> <label for="show' . $i . '">' . sprintf(T_('Option %s'), $i) . '</label> <div class="input"> <input type="text" id="show' . $i . '" name="show' . $i . '" size="50" value=""/> <input type="hidden" name="option' . $i . '" value="new"/> </div> </div>'; $i++; } echo ' <p class="actions"> <input class="btn primary" type="submit" name="editsubmit" id="editsubmit" value="' . T_('Edit') . '"/> <a class="btn secondary" href="polls.php">' . T_('Cancel') . '</a> </p> </fieldset> </form>'; $this->displayFooter(); }
/** * displayAdvancedSearchSubmit * * @return void */ function displayAdvancedSearchSubmit() { $start = $_POST['start']; $end = $_POST['end']; $search = $_POST['search']; // validate dates $found = preg_match('/^\\d{4}-(1[012]|0?\\d)-(3[01]|[012]?\\d)$/', $start); if ($found === false || $found < 1) { $error = sprintf(T_('Invalid Date [%s]'), cleanOutput($start)); $this->displayAdvancedSearchForm($error); return; } $found = preg_match('/^\\d{4}-(1[012]|0?\\d)-(3[01]|[012]?\\d)$/', $end); if ($found === false || $found < 1) { $error = sprintf(T_('Invalid Date [%s]'), cleanOutput($end)); $this->displayAdvancedSearchForm($error); return; } // header is displayed by displayAdvancedSearchForm() $this->displayAdvancedSearchForm('', $search, $start, $end, false); $sql = "SELECT t.`id`, t.`subject`, t.`started_by`, t.`updated`, p.`post`,\n 'thread' AS type\n FROM `fcms_board_threads` AS t, `fcms_board_posts` AS p\n WHERE p.`thread` = t.`id`\n AND `subject` LIKE ?\n UNION\n SELECT t.`id`, t.`subject`, t.`started_by`, p.`date` AS updated, p.`post`,\n 'post' AS type\n FROM `fcms_board_threads` AS t, `fcms_board_posts` AS p\n WHERE p.`thread` = t.`id`\n AND `post` LIKE ?\n AND `date` >= ?\n AND `date` <= ?"; $params = array("%{$search}%", "%{$search}%", "{$start} 00:00:00", "{$end} 24:59:59"); $rows = $this->fcmsDatabase->getRows($sql, $params); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) <= 0) { echo ' <div class="search_result"> <p>' . T_('Could not find anything matching your search.') . '</p> </div>'; } $threadsFound = array(); foreach ($rows as $r) { // if the search is found both in the subject and post // skip the post, so we don't show doubles if ($r['type'] == 'post') { if (isset($threadsFound[$r['id']])) { continue; } } $threadsFound[$r['id']] = 1; // Remove #ANNOUNCE# $subject = $this->fcmsMessageBoard->fixSubject($r['subject']); // Clean html $subject = cleanOutput($subject, 'html'); // Put in our html (should be the only html rendered) $subject = highlight($search, $subject); // Remove orig bbcode $post = removeBBCode($r['post']); // Clean html $post = cleanOutput($post, 'html'); // Put in our html (should be the only html rendered) $post = highlight($search, $post); $date = fixDate('n/d/Y g:ia', $this->fcmsUser->tzOffset, $r['updated']); echo ' <div class="search_result"> <a href="?thread=' . $r['id'] . '">' . $subject . '</a> <p>' . $post . '</p> <span>' . $date . '</span> </div>'; } $this->displayFooter(); }
/** * displayMassEmailForm * * Displays the form for sending out mass emails. * * @param array $emails The email addresses you are mass mailing to * @param string $email The email address you are sending from * @param string $name The name you are sending from * @param string $subject The subject of the email * @param string $message The body of the email * @param string $show Show errors or not * * @return void */ function displayMassEmailForm($emails, $email = '', $name = '', $subject = '', $message = '', $show = '') { $errors = false; $err_email = ''; $err_name = ''; $err_subject = ''; $err_msg = ''; // Are we allowed to show errors? if (!empty($show)) { if (empty($email)) { $errors = true; $err_email = '<br/><span class="error">' . T_('Required') . '</span>'; } if (empty($name)) { $errors = true; $err_name = '<br/><span class="error">' . T_('Required') . '</span>'; } if (empty($subject)) { $errors = true; $err_subject = '<br/><span class="error">' . T_('Required') . '</span>'; } if (empty($message)) { $errors = true; $err_msg = '<br/><span class="error">' . T_('Required') . '</span>'; } } echo ' <p class="info-alert"> ' . T_('Filling out the form below will send an email to all the selected members in your addressbook. Sending an email to a large number of people can take a long time. Please be patient.') . ' </p>'; if ($errors) { echo ' <p class="error-alert">' . T_('Missing Required Field') . '</p>'; } echo ' <script type="text/javascript" src="ui/js/livevalidation.js"></script> <form method="post" class="contactform" action="addressbook.php"> <fieldset> <div class="field-row"> <div class="field-label"><label for="email"><b>' . T_('Your Email') . '</b></label></div> <div class="field-widget"> <input class="frm_text" value="' . cleanOutput($email) . '" type="text" name="email" id="email" size="30"/> ' . $err_email . ' </div> </div> <script type="text/javascript"> var femail = new LiveValidation(\'email\', { onlyOnSubmit: true }); femail.add(Validate.Presence, {failureMessage: ""}); </script> <div class="field-row"> <div class="field-label"><label for="name"><b>' . T_('Your Name') . '</b></label></div> <div class="field-widget"> <input class="frm_text" value="' . cleanOutput($name) . '" type="text" name="name" id="name" size="30"/> ' . $err_name . ' </div> </div> <script type="text/javascript"> var fname = new LiveValidation(\'name\', { onlyOnSubmit: true }); fname.add(Validate.Presence, {failureMessage: ""}); </script> <div class="field-row"> <div class="field-label"><label for="subject"><b>' . T_('Subject') . '</b></label></div> <div class="field-widget"> <input class="frm_text" value="' . cleanOutput($subject) . '" type="text" name="subject" id="subject" size="30"/> ' . $err_subject . ' </div> </div> <script type="text/javascript"> var fsub = new LiveValidation(\'subject\', { onlyOnSubmit: true }); fsub.add(Validate.Presence, {failureMessage: ""}); </script> <div class="field-row"> <div class="field-label"><label for="msg"><b>' . T_('Message') . '</b></label></div> <div class="field-widget"> <textarea name="msg" id="msg" rows="10" cols="40"/>' . cleanOutput($message, 'html') . '</textarea> ' . $err_msg . ' </div> </div> <script type="text/javascript"> var fmsg = new LiveValidation(\'msg\', { onlyOnSubmit: true }); fmsg.add(Validate.Presence, {failureMessage: ""}); </script> <div>'; foreach ($emails as $email) { echo ' <input type="hidden" name="emailaddress[]" value="' . cleanOutput($email) . '"/>'; } echo ' </div> <p> <input class="sub1" type="submit" name="sendemailsubmit" value="' . T_('Send Email') . '"/> ' . T_('or') . ' <a href="addressbook.php">' . T_('Cancel') . '</a> </p> </field> </form>'; }
/** * displayTimeEvents * * Given an array of events, and an hour. Displays all events for that hour. * * @param array $timeEvents * @param string $hour * @return void */ function displayTimeEvents($timeEvents, $hour) { if (!is_array($timeEvents)) { return; } $t = $this->getTimesList(); if (isset($timeEvents[$hour])) { if (isset($timeEvents[$hour][0])) { foreach ($timeEvents[$hour] as $event) { echo ' <div class="event"> <a class="' . cleanOutput($event['color']) . '" href="?event=' . $event['id'] . '"> <i>' . $t[$event['time_start']] . ' - ' . $t[$event['time_end']] . '</i> ' . cleanOutput($event['title'], 'html') . ' <span>' . cleanOutput($event['desc'], 'html') . '</span> </a> </div>'; } } else { echo ' <div class="event"> <a class="' . $timeEvents[$hour]['color'] . '" href="?event=' . $timeEvents[$hour]['id'] . '"> <i>' . $t[$timeEvents[$hour]['time_start']] . '</i> ' . cleanOutput($timeEvents[$hour]['title']) . ' <span>' . cleanOutput($timeEvents[$hour]['desc']) . '</span> </a> </div>'; } } }
/** * displayFoursquareSubmit * * The submit screen for saving foursquare data. * * @return void */ function displayFoursquareSubmit() { $r = getFoursquareConfigData(); $id = cleanOutput($r['fs_client_id']); $secret = cleanOutput($r['fs_client_secret']); $url = cleanOutput($r['fs_callback_url']); $fsObj = new EpiFoursquare($id, $secret); $token = $fsObj->getAccessToken($_GET['code'], $url); $fsObjAuth = new EpiFoursquare($id, $secret, $token->access_token); $self = $fsObjAuth->get('/users/self'); $sql = "UPDATE `fcms_user_settings`\n SET `fs_user_id` = ?,\n `fs_access_token` = ?\n WHERE `user` = ?"; $params = array($self->response->user->id, $token->access_token, $this->fcmsUser->id); if (!$this->fcmsDatabase->update($sql, $params)) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } header("Location: settings.php?view=foursquare"); }
#!/usr/bin/php -q <?php require_once dirname(dirname(__FILE__)) . '/test/lib/utils.php'; require_once TEST . 'lib/Test-More.php'; require_once INC . 'config_inc.php'; require_once INC . 'utils.php'; diag('cleanOutput'); plan(2); $js_in = '<script type="text/javascript">alert("hey")</script>'; $js_out = cleanOutput($js_in); is($js_out, 'alert("hey")', 'javascript'); $js_html_in = '<script type="text/javascript">alert("hey")</script>'; $js_html_out = cleanOutput($js_html_in, 'html'); is($js_html_out, '<script type="text/javascript">alert("hey")</script>', 'javascript html');
/** * displayFormPage * * Displays the form for configuring a youtube app. * * @return void */ function displayFormPage() { global $fcmsUser; $this->displayHeader(); if (isset($_SESSION['success'])) { echo ' <div class="alert-message success"> <a class="close" href="#" onclick="$(this).up(\'div\').hide(); return false;">×</a> ' . T_('Changes Updated Successfully') . ' </div>'; unset($_SESSION['success']); } $r = getYouTubeConfigData(); $key = isset($r['youtube_key']) ? cleanOutput($r['youtube_key']) : ''; echo ' <div class="alert-message block-message info"> <h1>' . T_('YouTube Integration') . '</h1> <p> ' . T_('In order to integrate Family Connections with YouTube, you must get a Developer Key from Google, and provide that Key to Family Connections.') . ' </p> </div>'; if (empty($key)) { echo ' <div class="row"> <div class="span4"> <h2>' . T_('Step 1') . '</h2> <p> ' . T_('Got to Google and create a new YouTube Application.') . ' </p> </div> <div class="span12"> <h3> <a href="http://code.google.com/apis/youtube/dashboard/">' . T_('Create Youtube Application') . '</a><br/> </h3> </div><!-- /span12 --> </div><!-- /row --> <p> </p> <p> </p> <p> </p> <div class="row"> <div class="span4"> <h2>' . T_('Step 2') . '</h2> <p> ' . T_('Fill out the form below with the YouTube Developer Key provided by Google.') . ' </p> </div> <div class="span12">'; } echo ' <form method="post" action="youtube.php"> <fieldset> <legend>' . T_('YouTube') . '</legend> <div class="clearfix"> <label for="key">' . T_('Developer Key') . '</label> <div class="input"> <input class="span6" type="text" name="key" id="key" value="' . $key . '"/> </div> </div> <div class="actions"> <input class="btn primary" type="submit" name="submit" value="' . T_('Save') . '"/> </div> </fieldset> </form>'; if (empty($key)) { echo ' </div><!-- /span12 --> </div><!-- /row -->'; } $this->displayFooter(); }
/** * displayLatestMessageBoardPosts * * @param int $memberId * * @return void */ function displayLatestMessageBoardPosts($memberId) { $memberId = (int) $memberId; $sql = "SELECT t.`id`, `subject`, `date`, `post` \n FROM `fcms_board_posts` AS p, `fcms_board_threads` AS t, `fcms_users` AS u \n WHERE t.`id` = p.`thread` \n AND p.`user` = u.`id` \n AND u.`id` = ?\n ORDER BY `date` DESC \n LIMIT 0, 5"; $rows = $this->fcmsDatabase->getRows($sql, $memberId); if ($rows === false) { $this->fcmsError->displayError(); return; } if (count($rows) <= 0) { return; } echo ' <h2>' . T_('Latest Posts') . '</h2>'; $tzOffset = getTimezone($memberId); foreach ($rows as $row) { $date = fixDate(T_('F j, Y, g:i a'), $tzOffset, $row['date']); $subject = $row['subject']; $post = removeBBCode($row['post']); $post = cleanOutput($post); $pos = strpos($subject, '#ANOUNCE#'); if ($pos !== false) { $subject = substr($subject, 9, strlen($subject) - 9); } $subject = cleanOutput($subject); echo ' <p> <a href="messageboard.php?thread=' . $row['id'] . '">' . $subject . '</a> <span class="date">' . $date . '</span><br/> ' . $post . ' </p>'; } }
/** * displayAdminEditSubjectForm * * @param int $thread * @return void */ function displayAdminEditSubjectForm($thread) { $thread = (int) $thread; $sql = "SELECT t.`id`, p.`user`, `subject`, `started_by`, `post` \n FROM `fcms_board_threads` AS t, `fcms_board_posts` AS p \n WHERE t.`id` = ?\n AND p.`thread` = t.`id`\n LIMIT 1"; $row = $this->fcmsDatabase->getRow($sql, $thread); if ($row === false) { $this->fcmsError->displayError(); return; } $pos = strpos($row['subject'], '#ANOUNCE#'); $subject = $row['subject']; $sticky = ''; if ($pos !== false) { $sticky = '<input type="hidden" name="sticky" id="sticky" value="1"/>'; $subject = substr($row['subject'], 9, strlen($row['subject']) - 9); } $displayname = getUserDisplayName($row['started_by']); echo ' <form method="post" action="messageboard.php"> <fieldset> <legend><span>' . T_('Edit Thread') . '</span></legend> <div> <label for="subject">' . T_('Subject') . ':</label> <input class="frm_text" type="text" name="subject" id="subject" size="50" value="' . cleanOutput($subject, 'html') . '"/> </div> <div> <label for="showname">' . T_('Name') . ':</label> <input type="text" disabled="disabled" name="showname" id="showname" size="50" value="' . cleanOutput($displayname) . '"/> </div> <p><textarea disabled="disabled" name="post" id="post" rows="10" cols="63">' . cleanOutput($row['post'], 'html') . '</textarea></p> <p> ' . $sticky . ' <input type="hidden" name="thread" id="thread" value="' . $thread . '"/> <input class="sub1" type="submit" name="edit_admin_submit" id="edit_admin_submit" value="' . T_('Edit') . '"/> ' . T_('or') . ' <a href="messageboard.php?thread=' . $thread . '">' . T_('Cancel') . '</a> </p> </fieldset> </form>'; }
/** * displayHtmlForm * * @param string $error Any errors from the previous form * * @return void */ function displayHtmlForm($error = '0') { $user = isset($_POST['username']) ? cleanOutput($_POST['username']) : ''; $first = isset($_POST['fname']) ? cleanOutput($_POST['fname']) : ''; $last = isset($_POST['lname']) ? cleanOutput($_POST['lname']) : ''; $email = isset($_POST['email']) ? cleanOutput($_POST['email']) : ''; $fbData = getFacebookConfigData(); $fbUser = null; $facebook = null; echo ' <div id="column"> <h1>' . T_('Register') . '</h1>'; if ($error !== '0') { echo $error; } // Print the facebook register button if (!empty($fbData['fb_app_id']) && !empty($fbData['fb_secret'])) { $facebook = new Facebook(array('appId' => $fbData['fb_app_id'], 'secret' => $fbData['fb_secret'])); // Check if the user is logged in and authed $fbUser = $facebook->getUser(); if ($fbUser) { try { $fbProfile = $facebook->api('/me'); } catch (FacebookApiException $e) { $fbUser = null; } } } if ($fbUser && !isset($_GET['normal'])) { echo ' <p style="text-align:center; padding: 20px 0"> <a class="fbbutton" href="?facebook=1">' . T_('Register with Facebook') . '</a><br/><br/><br/> <small><a style="text-decoration:none" href="register.php?normal=1">' . T_('Cancel') . '</a></small> </p>'; } if (!$fbUser && $facebook) { $params = array('scope' => 'user_about_me,user_birthday,user_location,email,publish_actions'); echo ' <p style="text-align:right"> <a class="fbbutton" href="' . $facebook->getLoginUrl($params) . '">' . T_('Connect with Facebook') . '</a> </p>'; } if (!$fbUser || isset($_GET['normal'])) { echo ' <form id="registerform" name="registerform" action="register.php" method="post"> <div class="field-row"> <div class="field-label"><label for="username"><b>' . T_('Username') . '</b> <span class="req">*</span></label></div> <div class="field-widget"> <input type="text" name="username" id="username" title="' . T_('Used for logging into the site.') . '" value="' . $user . '"/> </div> </div> <script type="text/javascript"> var funame = new LiveValidation(\'username\', { onlyOnSubmit: true }); funame.add(Validate.Presence, {failureMessage: "' . T_('Required: Can\' login without one.') . '"}); </script> <div class="field-row"> <div class="field-label"><label for="password"><b>' . T_('Password') . '</b> <span class="req">*</span></label></div> <div class="field-widget"> <input type="password" name="password" id="password" title="' . T_('Used for loggin into the site.') . '"/> </div> </div> <script type="text/javascript"> var fpass = new LiveValidation(\'password\', { onlyOnSubmit: true }); fpass.add(Validate.Presence, {failureMessage: "' . T_('Required: Can\'t login without one.') . '"}); </script> <div class="field-row"> <div class="field-label"><label for="fname"><b>' . T_('First Name') . '</b> <span class="req">*</span></label></div> <div class="field-widget"> <input type="text" name="fname" id="fname" title="' . T_('The name your mother gave you.') . '" value="' . $first . '"/> </div> </div> <script type="text/javascript"> var ffname = new LiveValidation(\'fname\', { onlyOnSubmit: true }); ffname.add(Validate.Presence, { failureMessage: "' . T_('Required') . '" }); </script> <div class="field-row"> <div class="field-label"><label for="lname"><b>' . T_('Last Name') . '</b> <span class="req">*</span></label></div> <div class="field-widget"> <input type="text" name="lname" id="lname" title="' . T_('Your family name.') . '" value="' . $last . '"/> </div> </div> <script type="text/javascript"> var flname = new LiveValidation(\'lname\', { onlyOnSubmit: true }); flname.add(Validate.Presence, {failureMessage: "' . T_('Required') . '"}); </script> <div class="field-row"> <div class="field-label"><label for="email"><b>' . T_('Email Address') . '</b> <span class="req">*</span></label></div> <div class="field-widget"> <input type="text" name="email" id="email" title="' . T_('Where can we send validation and updates?') . '" value="' . $email . '"/> </div> </div> <script type="text/javascript"> var femail = new LiveValidation(\'email\', { onlyOnSubmit: true }); femail.add( Validate.Presence, { failureMessage: "' . T_('Required') . '" } ); femail.add( Validate.Email, { failureMessage: "' . T_('Invalid Email') . '" } ); femail.add( Validate.Length, { minimum: 10 } ); </script> <p> <a class="cancel" href="index.php">' . T_('Cancel') . '</a> <input id="submit" name="submit" type="submit" value="' . T_('Submit') . '"/> </p> <div class="clear"></div> </form> </div>'; } }
/** * displayInbox * * @return void */ function displayInbox() { $this->displayHeader(array('jsOnload' => ' $(\'.pm_footer input[type="submit"]\').click(function(e) { return confirmDeleteLink(this, "' . T_('Are you sure you want to DELETE this?') . '", e); });')); if (isset($_SESSION['success'])) { displayOkMessage(); unset($_SESSION['success']); } $header = T_('Inbox'); if (isset($_SESSION['private_messages']) && $_SESSION['private_messages'] > 0) { $header = sprintf(T_('Inbox (%d)'), $_SESSION['private_messages']); } echo ' <form method="post" action="privatemsg.php"> <table id="pm" cellpadding="0" cellspacing="0"> <tr> <th colspan="3" class="pm_header">' . $header . '</th> </tr>'; $sql = "SELECT p.`id`, `to`, `from`, `title`, `date`, `read`, u.`avatar`, u.`gravatar`\n FROM `fcms_privatemsg` AS p\n LEFT JOIN `fcms_users` AS u ON p.`from` = u.`id`\n WHERE `to` = ?\n ORDER BY `date` DESC"; $rows = $this->fcmsDatabase->getRows($sql, $this->fcmsUser->id); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } foreach ($rows as $r) { $date = fixDate(T_('M. j, Y, g:i a'), $this->fcmsUser->tzOffset, $r['date']); $avatarPath = getAvatarPath($r['avatar'], $r['gravatar']); $from = getUserDisplayName($r['from']); $rowClass = ''; $linkClass = 'read'; if ($r['read'] < 1) { $rowClass = 'new'; $linkClass = ''; } echo ' <tr class="' . $rowClass . '"> <td class="img"></td> <td> <div class="user"> <img src="' . $avatarPath . '" alt="' . $from . '" title="' . $from . '"/> </div> <a class="' . $linkClass . '" href="?pm=' . (int) $r['id'] . '">' . cleanOutput($r['title']) . '</a> <span>' . $date . '</span> </td> <td class="check"><input type="checkbox" name="del[]" value="' . (int) $r['id'] . '"/></td> </tr>'; } echo ' <tr> <th colspan="3" class="pm_footer"> <input class="sub1" type="submit" name="delete" value="' . T_('Delete Selected') . '"/> </th> </tr> </table> </form>'; $this->displayFooter(); }
/** * displayUploadArea * * @return void */ protected function displayUploadArea() { $id = (int) $_GET['avatar']; echo ' <noscript> <style type="text/css"> applet, .photo-uploader {display: none;} #noscript {padding:1em;} #noscript p {background-color:#ff9; padding:3em; font-size:130%; line-height:200%;} #noscript p span {font-size:60%;} </style> <div id="noscript"> <p> ' . T_('JavaScript must be enabled in order for you to use the Advanced Uploader. However, it seems JavaScript is either disabled or not supported by your browser.') . '<br/> <span> ' . T_('Either enable JavaScript by changing your browser options.') . '<br/> ' . T_('or') . '<br/> ' . T_('Enable the Basic Upload option by changing Your Settings.') . ' </span> </p> </div> </noscript> <div class="field-label"> </div> <div class="field-widget"> <applet id="jumpLoaderApplet" name="jumpLoaderApplet" code="jmaster.jumploader.app.JumpLoaderApplet.class" archive="inc/thirdparty/jumploader_z.jar" width="300" height="300" mayscript> <param name="uc_sendImageMetadata" value="true"/> <param name="uc_uploadUrl" value="familytree.php?advanced_avatar=' . $id . '"/> <param name="vc_useThumbs" value="true"/> <param name="uc_uploadScaledImagesNoZip" value="true"/> <param name="uc_uploadScaledImages" value="true"/> <param name="uc_scaledInstanceNames" value="avatar"/> <param name="uc_scaledInstanceDimensions" value="80x80xcrop"/> <param name="uc_scaledInstanceQualityFactors" value="900"/> <param name="uc_uploadFormName" value="uploadForm"/> <param name="uc_maxFiles" value="1"/> <param name="vc_lookAndFeel" value="system"/> <param name="vc_uploadViewStartActionVisible" value="false"/> <param name="vc_uploadViewStopActionVisible" value="false"/> <param name="vc_uploadViewPasteActionVisible" value="false"/> <param name="vc_uploadViewRetryActionVisible" value="false"/> <param name="vc_uploadViewFilesSummaryBarVisible" value="false"/> <param name="vc_uiDefaults" value="Panel.background=#eff0f4; List.background=#eff0f4;"/> <param name="ac_fireAppletInitialized" value="true"/> <param name="ac_fireUploaderStatusChanged" value="true"/> <param name="ac_fireUploaderFileStatusChanged" value="true"/> </applet> <input type="hidden" id="avatar_orig" name="avatar_orig" value="' . cleanOutput($this->data['avatar']) . '"/><br/> <script type="text/javascript"> $(document).ready(function() { $("#frm").submit(function(event) { event.preventDefault(); var uploader = document.jumpLoaderApplet.getUploader(); var attrSet = uploader.getAttributeSet(); var origAttr = attrSet.createStringAttribute("avatar_orig", $("#avatar_orig").val()); origAttr.setSendToServer(true); uploader.startUpload(); }); }); function uploaderStatusChanged(uploader) { if (uploader.getStatus() == 0) { window.location.href = "familytree.php"; } } </script> </div>'; }
/** * displayLogin * * @return void */ function displayLogin() { $sitename = getSiteName(); if (isset($_GET['url'])) { $hidden = '<input type="hidden" name="url" id="url" value="' . cleanOutput($_GET['url']) . '"/>'; } else { $hidden = ''; } // Get available languages $lang_dir = "language/"; $lang_options = ''; if (is_dir($lang_dir)) { if ($dh = opendir($lang_dir)) { while (($file = readdir($dh)) !== false) { // Skip directories that start with a period if ($file[0] === '.') { continue; } // Skip files (messages.pot) if (!is_dir("{$lang_dir}{$file}")) { continue; } // Skip directories that don't include a messages.mo file if (!file_exists($lang_dir . $file . '/LC_MESSAGES/messages.mo')) { continue; } $arr[$file] = getLangName($file); } closedir($dh); asort($arr); foreach ($arr as $key => $val) { $lang_options .= '<option value="' . $key . '"'; if (isset($_SESSION['language'])) { if ($_SESSION['language'] == $key) { $lang_options .= ' selected="selected"'; } } $lang_options .= '>' . $val . '</option>'; } } } $forgotPassLink = '<a href="lostpw.php">' . T_('Forgot Password?') . '</a>'; $registerLink = ''; $facebookLogin = ''; if (isRegistrationOn()) { $registerLink = ' | <a href="register.php">' . T_('Register') . '</a>'; } $fbData = getFacebookConfigData(); $params = array('scope' => 'user_about_me,user_birthday,user_location,email,publish_stream,offline_access'); // Print the facebook register button if (!empty($fbData['fb_app_id']) && !empty($fbData['fb_secret'])) { $facebook = new Facebook(array('appId' => $fbData['fb_app_id'], 'secret' => $fbData['fb_secret'])); $facebookLogin = '******' . $facebook->getLoginUrl($params) . '" title="' . T_('Login using Facebook') . '"><img src="ui/img/facebook_tiny.png"/></a>'; } echo ' <div id="login_box"> <h1 id="login_header">' . T_('Login to') . ' ' . $sitename . '</h1> <form action="index.php" method="post"> <div style="float:right"> <select style="background-color:#e9f3fb; border:none;" onchange="window.location.href=\'?lang=\'+this.options[this.selectedIndex].value;"> <option>' . T_('Language') . ':</option> ' . $lang_options . ' </select> </div> <p><label for="user">' . T_('Username') . ':</label><input type="text" name="user" id="user"/></p> <p><label for="pass">' . T_('Password') . ':</label><input type="password" name="pass" id="pass"/></p> <p> <label class="rem" for="rem">' . T_('Remember Me') . '</label> <input class="rem" name="rem" id="rem" type="checkbox" value="1"/> ' . $hidden . ' <input type="submit" name="submit" id="submit" value="' . T_('Login') . '"/> </p> <div class="clear"></div> </form> <p style="text-align:center; margin-bottom:20px;">' . $forgotPassLink . $registerLink . '</p> <div style="color:silver; font-size:11px; float:left;">' . getCurrentVersion() . '</div> <div style="float:right"> ' . $facebookLogin . ' </div> </div> </body> </html>'; }
function displayContactForm() { $this->displayHeader(); $email = isset($_POST['email']) ? cleanOutput($_POST['email']) : ''; $name = isset($_POST['name']) ? cleanOutput($_POST['name']) : ''; $subject = isset($_POST['subject']) ? cleanOutput($_POST['subject']) : ''; $msg = isset($_POST['msg']) ? cleanOutput($_POST['msg'], 'html') : ''; if (isset($_SESSION['ok'])) { $okMessage = '<p>' . T_('The following message has been sent to the Administrator:') . '</p>' . $_SESSION['ok']; displayOkMessage($okMessage); unset($_SESSION['ok']); } echo ' <fieldset> <form method="post" class="contactform" action="contact.php"> <div class="field-row"> <div class="field-label"><label for="email"><b>' . T_('Your Email') . '</b></label></div> <div class="field-widget"><input type="text" id="email" name="email" size="30" value="' . $email . '"/></div> </div> <div class="field-row"> <div class="field-label"><label for="name"><b>' . T_('Your Name') . '</b></label></div> <div class="field-widget"><input type="text" id="name" name="name" size="30" value="' . $name . '"/></div> </div> <div class="field-row"> <div class="field-label"><label for="subject"><b>' . T_('Subject') . '</b></label></div> <div class="field-widget"><input type="text" id="subject" name="subject" size="30" value="' . $subject . '"/></div> </div> <div class="field-row"> <div class="field-label"><label for="msg"><b>' . T_('Message') . '</b></label></div> <div class="field-widget"><textarea name="msg" rows="10" cols="40">' . $msg . '</textarea></div> </div> <p><input type="submit" name="submit" value="' . T_('Submit') . '"/></p> </form> </fieldset>'; $this->displayFooter(); }
/** * display * * @return void */ public function display() { $_SESSION['fcms_uploader_type'] = 'basic'; // Setup the list of active members for possible tags $sql = "SELECT `id` \n FROM `fcms_users` \n WHERE `activated` > 0\n ORDER BY `fname`, `lname`"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->fcmsError->displayError(); return; } $autocompleteList = ''; foreach ($rows as $r) { $autocompleteList .= '{ data: "' . $r['id'] . '", value: "' . cleanOutput(getUserDisplayName($r['id'], 2)) . '" }, '; } $autocompleteList = substr($autocompleteList, 0, -2); // remove the extra comma space at the end // Display the form echo ' <form id="autocomplete_form" enctype="multipart/form-data" action="?action=upload" method="post" class="photo-uploader"> <div class="header"> <label>' . T_('Category') . '</label> ' . $this->getCategoryInputs() . ' </div> <ul class="upload-types"> ' . $this->getUploadTypesNavigation('upload') . ' </ul> <div class="upload-area"> <div class="basic"> <p style="float:right"> <a class="help" href="../help.php?topic=photo#gallery-howworks">' . T_('Help') . '</a> </p> <p> <label><b>' . T_('Photo') . '</b></label><br/> <input name="photo_filename" type="file" size="50"/> </p> <p> <label><b>' . T_('Caption') . '</b></label><br/> <input class="frm_text" type="text" name="photo_caption" size="50"/> </p> <div id="tag-options"> <label><b>' . T_('Who is in this Photo?') . '</b></label><br/> <input type="text" id="autocomplete_input" class="frm_text autocomplete_input" autocomplete="off" size="50" tabindex="3"/> <div id="autocomplete_instructions" class="autocomplete_instructions"> ' . T_('Type name of person...') . ' </div> <ul id="autocomplete_selected" class="autocomplete_selected"></ul> <div id="autocomplete_search" class="autocomplete_search" style="display:none"></div> <script type="text/javascript"> $(document).ready(function() { var users = [ ' . $autocompleteList . ' ]; $("#autocomplete_input").autocomplete({ lookup: users, showNoSuggestionNotice: true, noSuggestionNotice: "' . T_('No users found') . '", tabDisabled: true, onSelect: function (suggestion) { $("#autocomplete_instructions").hide(); $("#autocomplete_form").append( "<input type=\\"hidden\\" name=\\"tagged[]\\" class=\\"tagged\\" value=\\"" + suggestion.data + "\\">" ); $("#autocomplete_input").val("").focus(); $("#autocomplete_selected").append( "<li>" + suggestion.value + "<a href=\\"#\\" alt=\\"" + suggestion.data + "\\" " + "onclick=\\"removeTagged(this);\\">x</a></li>" ); } }); }); </script> </div> <p class="rotate-options"> <label><b>' . T_('Rotate') . '</b></label><br/> <input type="radio" id="left" name="rotate" value="left"/> <label for="left" class="radio_label">' . T_('Left') . '</label> <input type="radio" id="right" name="rotate" value="right"/> <label for="right" class="radio_label">' . T_('Right') . '</label> </p> </div><!--/basic--> </div> <div class="footer"> <input class="sub1" type="submit" id="submit-photos" name="addphoto" value="' . T_('Submit') . '"/> </div> </form> <script type="text/javascript"> $("#submit-photos").click(function(e) { ' . $this->getJsUploadValidation() . ' }); </script>'; }