/**
* Gets all User data from DB by User ID
*
* <code>
* $user_data = array(
* *string 'userid' => 'User ID'
* )
* </code>
*
* @static
* @param array $user_data
* @return array|boolean User data as array or false if error
*/
public static function getById($user_data)
{
$user = get_user_by_userid($user_data['userid']);
if ($user) {
return $user;
} else {
self::$error = array('error' => ZBX_API_ERROR_INTERNAL, 'data' => 'User with id: ' . $user_data['userid'] . ' doesn\'t exists.');
return false;
}
}
function make_acktab_by_eventid($eventid)
{
$table = new CTableInfo();
$table->SetHeader(array(S_TIME, S_USER, S_COMMENTS));
$acks = get_acknowledges_by_eventid($eventid);
while ($ack = DBfetch($acks)) {
$user = get_user_by_userid($ack['userid']);
$table->AddRow(array(date('d-m-Y h:i:s A', $ack['clock']), $user['alias'], new CCol(zbx_nl2br($ack['message']), 'wraptext')));
}
return $table;
}
//$orderby="a.`date_posted` DESC"; // default
break;
case 'views':
$tplvars['page_title'] = $GLOBALS['_lang'][105];
$input['acclevel_code'] = 'search_blog';
$orderby = "a.`stat_views` DESC";
break;
case 'comm':
$tplvars['page_title'] = $GLOBALS['_lang'][106];
$input['acclevel_code'] = 'search_blog';
$orderby = "a.`stat_comments` DESC";
break;
case 'uid':
$input['acclevel_code'] = 'search_blog';
$input['uid'] = sanitize_and_format_gpc($_GET, 'uid', TYPE_INT, 0, 0);
$tplvars['page_title'] = sprintf($GLOBALS['_lang'][108], get_user_by_userid($input['uid']));
$where = "a.`fk_user_id`=" . $input['uid'] . " AND " . $where;
$orderby = "a.`post_id` DESC";
break;
case 'tag':
$tplvars['page_title'] = $GLOBALS['_lang'][107];
$input['acclevel_code'] = 'search_blog';
$input['tags'] = isset($_GET['tags']) ? $_GET['tags'] : '';
// remove extra spaces and words with less than 3 chars
$input['tags'] = trim(preg_replace(array("/\\s\\s+/", "/\\b[^\\s]{1,3}\\b/"), array(' ', ''), $input['tags']));
$input['tags'] = sanitize_and_format($input['tags'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]);
if (!empty($input['tags'])) {
$select .= ",MATCH (a.`title`,a.`post_content`) AGAINST ('" . $input['tags'] . "' IN BOOLEAN MODE) as `match_score`";
$where .= " AND MATCH (a.`title`,a.`post_content`) AGAINST ('" . $input['tags'] . "' IN BOOLEAN MODE)";
$orderby = "`match_score` DESC";
} else {
$output['pic_width'] = get_site_option('pic_width', 'core_photo');
$loop_comments = array();
if (!empty($photo_id)) {
$query = "SELECT `photo_id`,`is_private`,`photo`,`caption`,`fk_user_id`,`_user` as `user`,`status`,`allow_comments`,`allow_rating`,`stat_votes`,`stat_votes_total` FROM `{$dbtable_prefix}user_photos` WHERE `photo_id`={$photo_id}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$output = array_merge($output, mysql_fetch_assoc($res));
$is_friend = false;
if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id'])) {
$is_friend = is_network_member($output['fk_user_id'], $_SESSION[_LICENSE_KEY_]['user']['user_id'], NET_FRIENDS);
}
if (!empty($output['is_private']) && (empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) || $output['fk_user_id'] != $_SESSION[_LICENSE_KEY_]['user']['user_id'] && !$is_friend)) {
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = sprintf($GLOBALS['_lang'][277], _BASEURL_ . '/profile.php?uid=' . $output['fk_user_id'], get_user_by_userid($output['fk_user_id']));
redirect2page('info.php', $topass);
} elseif ($output['status'] == STAT_APPROVED || !empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $output['fk_user_id'] == $_SESSION[_LICENSE_KEY_]['user']['user_id']) {
$output['caption'] = sanitize_and_format($output['caption'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
if (!empty($output['allow_rating'])) {
if ($output['stat_votes'] > 0) {
$output['rate_num'] = number_format($output['stat_votes_total'] / $output['stat_votes'], 1);
} else {
$output['rate_num'] = 0;
}
$output['rate_percent'] = (int) ($output['rate_num'] * 100 / 5);
} else {
unset($output['allow_rating']);
}
if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $output['fk_user_id'] == $_SESSION[_LICENSE_KEY_]['user']['user_id']) {
$output['photo_owner'] = true;
$query .= " OR (`fk_user_id`=" . $input['uid'] . " AND `fk_net_id`=" . $input['net_id'] . " AND `fk_user_id_other`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "')";
}
if (isset($_on_before_delete)) {
for ($i = 0; isset($_on_before_delete[$i]); ++$i) {
call_user_func($_on_before_delete[$i]);
}
}
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (isset($_on_after_delete)) {
for ($i = 0; isset($_on_after_delete[$i]); ++$i) {
call_user_func($_on_after_delete[$i]);
}
}
if ($input['net_id'] == NET_BLOCK) {
del_message_filter(array('filter_type' => FILTER_SENDER, 'fk_user_id' => $_SESSION[_LICENSE_KEY_]['user']['user_id'], 'field_value' => $input['uid']));
add_member_score($input['uid'], 'unblock_member');
}
$topass['message']['type'] = MESSAGE_INFO;
$topass['message']['text'] = sprintf($GLOBALS['_lang'][87], get_user_by_userid($input['uid']), get_net_name($input['net_id']));
}
}
if ($error) {
// you must re-read all textareas from $_GET like this:
// $input['x']=addslashes_mq($_GET['x']);
$input = sanitize_and_format($input, TYPE_STRING, FORMAT_HTML2TEXT_FULL | FORMAT_STRIPSLASH);
$topass['input'] = $input;
}
$nextpage = _BASEURL_ . '/' . $nextpage;
redirect2page($nextpage, $topass, '', true);
$amtpls = array();
$i = 0;
while ($rsrow = mysql_fetch_assoc($res)) {
$rsrow = sanitize_and_format($rsrow, TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
$amtpls[$rsrow['amtpl_id']] = $rsrow['amtpl_name'];
if ($i == 0 && !$returned) {
$output['reason_title'] = $rsrow['subject'];
$output['reject_reason'] = $rsrow['message_body'];
}
$i++;
}
$output['amtpl_id'] = vector2options($amtpls);
switch ($output['t']) {
case AMTPL_REJECT_MEMBER:
$output['user_id'] = $output['id'];
$output['user'] = get_user_by_userid($output['id']);
$output['reject_member'] = true;
$tplvars['title'] = 'Reject a member profile';
break;
case AMTPL_REJECT_PHOTO:
$query = "SELECT `fk_user_id` as `user_id`,`_user` as `user`,`photo` FROM `{$dbtable_prefix}user_photos` WHERE `photo_id`=" . $output['id'];
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
list($output['user_id'], $output['user'], $output['photo']) = mysql_fetch_row($res);
}
$output['reject_photo'] = true;
$tplvars['title'] = 'Reject a photo';
break;
case AMTPL_REJECT_BLOG:
function get_act_new_oper_form($action = null)
{
$tblOper = new CTableInfo();
if (isset($_REQUEST['actionid']) && empty($action)) {
$action = get_action_by_actionid($_REQUEST['actionid']);
}
$operations = get_request("operations", array());
if (isset($_REQUEST['actionid']) && !isset($_REQUEST['form_refresh'])) {
$eventsource = $action['eventsource'];
} else {
$eventsource = get_request('eventsource');
}
$allowed_operations = get_operations_by_eventsource($eventsource);
/* init new_operation variable */
$new_operation = get_request('new_operation', array());
if (!is_array($new_operation)) {
$new_operation = array();
$new_operation['default_msg'] = 1;
}
if (!isset($new_operation['operationtype'])) {
$new_operation['operationtype'] = OPERATION_TYPE_MESSAGE;
}
if (!isset($new_operation['object'])) {
$new_operation['object'] = OPERATION_OBJECT_GROUP;
}
if (!isset($new_operation['objectid'])) {
$new_operation['objectid'] = 0;
}
if (!isset($new_operation['shortdata'])) {
$new_operation['shortdata'] = '{TRIGGER.NAME}: {STATUS}';
}
if (!isset($new_operation['longdata'])) {
$new_operation['longdata'] = '{TRIGGER.NAME}: {STATUS}';
}
if (!isset($new_operation['esc_step_from'])) {
$new_operation['esc_step_from'] = 1;
}
if (!isset($new_operation['esc_step_to'])) {
$new_operation['esc_step_to'] = 1;
}
if (!isset($new_operation['esc_period'])) {
$new_operation['esc_period'] = 0;
}
if (!isset($new_operation['evaltype'])) {
$new_operation['evaltype'] = 0;
}
if (!isset($new_operation['opconditions'])) {
$new_operation['opconditions'] = array();
}
if (!isset($new_operation['default_msg'])) {
$new_operation['default_msg'] = 0;
}
unset($update_mode);
$evaltype = $new_operation['evaltype'];
if (isset($new_operation['id'])) {
$tblOper->addItem(new CVar('new_operation[id]', $new_operation['id']));
$update_mode = true;
}
$tblNewOperation = new CTable(null, 'nowrap');
if (isset($_REQUEST['escalation'])) {
$tblStep = new CTable(null, 'nowrap');
$step_from = new CNumericBox('new_operation[esc_step_from]', $new_operation['esc_step_from'], 4);
$step_from->addAction('onchange', 'javascript:' . $step_from->GetOption('onchange') . ' if(this.value == 0) this.value=1;');
$tblStep->addRow(array(S_FROM, $step_from));
$tblStep->addRow(array(S_TO, new CCol(array(new CNumericBox('new_operation[esc_step_to]', $new_operation['esc_step_to'], 4), ' [0-' . S_INFINITY . ']'))));
$tblStep->addRow(array(S_PERIOD, new CCol(array(new CNumericBox('new_operation[esc_period]', $new_operation['esc_period'], 5), ' [0-' . S_DEFAULT . ']'))));
$tblNewOperation->addRow(array(S_STEP, $tblStep));
} else {
$tblOper->addItem(new CVar('new_operation[esc_period]', $new_operation['esc_period']));
$tblOper->addItem(new CVar('new_operation[esc_step_from]', $new_operation['esc_step_from']));
$tblOper->addItem(new CVar('new_operation[esc_step_to]', $new_operation['esc_step_to']));
$tblOper->addItem(new CVar('new_operation[evaltype]', $new_operation['evaltype']));
}
$cmbOpType = new CComboBox('new_operation[operationtype]', $new_operation['operationtype'], 'submit()');
foreach ($allowed_operations as $oper) {
$cmbOpType->addItem($oper, operation_type2str($oper));
}
$tblNewOperation->addRow(array(S_OPERATION_TYPE, $cmbOpType));
switch ($new_operation['operationtype']) {
case OPERATION_TYPE_MESSAGE:
if ($new_operation['object'] == OPERATION_OBJECT_GROUP) {
$object_srctbl = 'usrgrp';
$object_srcfld1 = 'usrgrpid';
$object_name = get_group_by_usrgrpid($new_operation['objectid']);
$display_name = 'name';
} else {
$object_srctbl = 'users';
$object_srcfld1 = 'userid';
$object_name = get_user_by_userid($new_operation['objectid']);
$display_name = 'alias';
}
$tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid']));
if ($object_name) {
$object_name = $object_name[$display_name];
}
$cmbObject = new CComboBox('new_operation[object]', $new_operation['object'], 'submit()');
$cmbObject->addItem(OPERATION_OBJECT_USER, S_SINGLE_USER);
$cmbObject->addItem(OPERATION_OBJECT_GROUP, S_USER_GROUP);
$tblNewOperation->addRow(array(S_SEND_MESSAGE_TO, array($cmbObject, new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=' . $object_srctbl . '&srcfld1=' . $object_srcfld1 . '&srcfld2=' . $display_name . '",450,450)', 'T'))));
$tblNewOperation->addRow(array(S_DEFAULT_MESSAGE, new CCheckBox('new_operation[default_msg]', $new_operation['default_msg'], 'javascript: submit();', 1)));
if (!$new_operation['default_msg']) {
$tblNewOperation->addRow(array(S_SUBJECT, new CTextBox('new_operation[shortdata]', $new_operation['shortdata'], 77)));
$tblNewOperation->addRow(array(S_MESSAGE, new CTextArea('new_operation[longdata]', $new_operation['longdata'], 77, 7)));
} else {
$tblOper->addItem(new CVar('new_operation[shortdata]', $new_operation['shortdata']));
$tblOper->addItem(new CVar('new_operation[longdata]', $new_operation['longdata']));
}
break;
case OPERATION_TYPE_COMMAND:
$tblOper->addItem(new CVar('new_operation[object]', 0));
$tblOper->addItem(new CVar('new_operation[objectid]', 0));
$tblOper->addItem(new CVar('new_operation[shortdata]', ''));
$tblNewOperation->addRow(array(S_REMOTE_COMMAND, new CTextArea('new_operation[longdata]', $new_operation['longdata'], 77, 7)));
break;
case OPERATION_TYPE_HOST_ADD:
$tblOper->addItem(new CVar('new_operation[object]', 0));
$tblOper->addItem(new CVar('new_operation[objectid]', 0));
$tblOper->addItem(new CVar('new_operation[shortdata]', ''));
$tblOper->addItem(new CVar('new_operation[longdata]', ''));
break;
case OPERATION_TYPE_HOST_REMOVE:
$tblOper->addItem(new CVar('new_operation[object]', 0));
$tblOper->addItem(new CVar('new_operation[objectid]', 0));
$tblOper->addItem(new CVar('new_operation[shortdata]', ''));
$tblOper->addItem(new CVar('new_operation[longdata]', ''));
break;
case OPERATION_TYPE_GROUP_ADD:
$tblOper->addItem(new CVar('new_operation[object]', 0));
$tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid']));
$tblOper->addItem(new CVar('new_operation[shortdata]', ''));
$tblOper->addItem(new CVar('new_operation[longdata]', ''));
if ($object_name = DBfetch(DBselect('select name FROM groups WHERE groupid=' . $new_operation['objectid']))) {
$object_name = $object_name['name'];
}
$tblNewOperation->addRow(array(S_GROUP, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_group&srcfld1=groupid&srcfld2=name' . '",450,450)', 'T'))));
break;
case OPERATION_TYPE_GROUP_REMOVE:
$tblOper->addItem(new CVar('new_operation[object]', 0));
$tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid']));
$tblOper->addItem(new CVar('new_operation[shortdata]', ''));
$tblOper->addItem(new CVar('new_operation[longdata]', ''));
if ($object_name = DBfetch(DBselect('select name FROM groups WHERE groupid=' . $new_operation['objectid']))) {
$object_name = $object_name['name'];
}
$tblNewOperation->addRow(array(S_GROUP, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_group&srcfld1=groupid&srcfld2=name' . '",450,450)', 'T'))));
break;
case OPERATION_TYPE_TEMPLATE_ADD:
$tblOper->addItem(new CVar('new_operation[object]', 0));
$tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid']));
$tblOper->addItem(new CVar('new_operation[shortdata]', ''));
$tblOper->addItem(new CVar('new_operation[longdata]', ''));
if ($object_name = DBfetch(DBselect('SELECT host FROM hosts ' . ' WHERE status=' . HOST_STATUS_TEMPLATE . ' AND hostid=' . $new_operation['objectid']))) {
$object_name = $object_name['host'];
}
$tblNewOperation->addRow(array(S_TEMPLATE, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_templates&srcfld1=hostid&srcfld2=host' . '",450,450)', 'T'))));
break;
case OPERATION_TYPE_TEMPLATE_REMOVE:
$tblOper->addItem(new CVar('new_operation[object]', 0));
$tblOper->addItem(new CVar('new_operation[objectid]', $new_operation['objectid']));
$tblOper->addItem(new CVar('new_operation[shortdata]', ''));
$tblOper->addItem(new CVar('new_operation[longdata]', ''));
if ($object_name = DBfetch(DBselect('SELECT host FROM hosts ' . ' WHERE status=' . HOST_STATUS_TEMPLATE . ' AND hostid=' . $new_operation['objectid']))) {
$object_name = $object_name['host'];
}
$tblNewOperation->addRow(array(S_TEMPLATE, array(new CTextBox('object_name', $object_name, 40, 'yes'), new CButton('select_object', S_SELECT, 'return PopUp("popup.php?dstfrm=' . S_ACTION . '&dstfld1=new_operation%5Bobjectid%5D&dstfld2=object_name' . '&srctbl=host_templates&srcfld1=hostid&srcfld2=host' . '",450,450)', 'T'))));
break;
}
// new Operation conditions
if (isset($_REQUEST['escalation'])) {
$tblCond = new CTable();
$opconditions = $new_operation['opconditions'];
$allowed_opconditions = get_opconditions_by_eventsource($eventsource);
// show opcondition LIST
zbx_rksort($opconditions);
/* group opconditions by type */
$grouped_opconditions = array();
$cond_el = new CTable(S_NO_CONDITIONS_DEFINED);
$i = 0;
foreach ($opconditions as $val) {
if (!isset($val['conditiontype'])) {
$val['conditiontype'] = 0;
}
if (!isset($val['operator'])) {
$val['operator'] = 0;
}
if (!isset($val['value'])) {
$val['value'] = 0;
}
if (!str_in_array($val["conditiontype"], $allowed_opconditions)) {
continue;
}
$label = chr(ord('A') + $i);
$cond_el->addRow(array('(' . $label . ')', array(new CCheckBox("g_opconditionid[]", 'no', null, $i), get_condition_desc($val["conditiontype"], $val["operator"], $val["value"]))));
$tblCond->addItem(new CVar("new_operation[opconditions][{$i}][conditiontype]", $val["conditiontype"]));
$tblCond->addItem(new CVar("new_operation[opconditions][{$i}][operator]", $val["operator"]));
$tblCond->addItem(new CVar("new_operation[opconditions][{$i}][value]", $val["value"]));
$grouped_opconditions[$val["conditiontype"]][] = $label;
$i++;
}
unset($opconditions);
$cond_buttons = array();
if (!isset($_REQUEST['new_opcondition'])) {
$cond_buttons[] = new CButton('new_opcondition', S_NEW);
}
if ($cond_el->ItemsCount() > 0) {
if ($cond_el->ItemsCount() > 1) {
/* prepare opcondition calcuation type selector */
switch ($evaltype) {
case ACTION_EVAL_TYPE_AND:
$group_op = $glog_op = S_AND;
break;
case ACTION_EVAL_TYPE_OR:
$group_op = $glog_op = S_OR;
break;
default:
$group_op = S_OR;
$glog_op = S_AND;
break;
}
foreach ($grouped_opconditions as $id => $val) {
$grouped_opconditions[$id] = '(' . implode(' ' . $group_op . ' ', $val) . ')';
}
$grouped_opconditions = implode(' ' . $glog_op . ' ', $grouped_opconditions);
$cmb_calc_type = new CComboBox('new_operation[evaltype]', $evaltype, 'submit()');
$cmb_calc_type->addItem(ACTION_EVAL_TYPE_AND_OR, S_AND_OR_BIG);
$cmb_calc_type->addItem(ACTION_EVAL_TYPE_AND, S_AND_BIG);
$cmb_calc_type->addItem(ACTION_EVAL_TYPE_OR, S_OR_BIG);
$tblNewOperation->addRow(array(S_TYPE_OF_CALCULATION, new CCol(array($cmb_calc_type, new CTextBox('preview', $grouped_opconditions, 60, 'yes')))));
unset($cmb_calc_type, $group_op, $glog_op);
/* end of calcuation type selector */
} else {
$tblCond->addItem(new CVar('new_operation[evaltype]', ACTION_EVAL_TYPE_AND_OR));
}
$cond_buttons[] = new CButton('del_opcondition', S_DELETE_SELECTED);
} else {
$tblCond->addItem(new CVar('new_operation[evaltype]', ACTION_EVAL_TYPE_AND_OR));
}
$tblCond->addRow($cond_el);
$tblCond->addRow(new CCol($cond_buttons));
// end of opcondition LIST
$tblNewOperation->addRow(array(S_CONDITIONS, $tblCond));
unset($grouped_opconditions, $cond_el, $cond_buttons, $tblCond);
}
$tblOper->addRow($tblNewOperation);
$td = new CCol(array(new CButton('add_operation', isset($update_mode) ? S_SAVE : S_ADD), SPACE, new CButton('cancel_new_operation', S_CANCEL)));
$td->addOption('colspan', '3');
$td->addOption('style', 'text-align: right;');
$tblOper->SetFooter($td);
return $tblOper;
}
$last_page['url'] = 'tr_status.php?hostid=' . get_profile('web.tr_status.hostid', 0);
}
redirect($last_page['url']);
exit;
}
}
}
$msg = $bulk ? ' BULK ACKNOWLEDGE ' : array('"' . expand_trigger_description_by_data($db_data) . '"', BR(), explode_exp($db_data["expression"], 1));
show_table_header(array(S_ALARM_ACKNOWLEDGES_BIG, ' : ', $msg));
echo SBR;
if (!$bulk) {
$table = new CTable(NULL, 'ack_msgs');
$table->setAlign('center');
$db_acks = get_acknowledges_by_eventid($db_data['eventid']);
while ($db_ack = DBfetch($db_acks)) {
$db_user = get_user_by_userid($db_ack['userid']);
$table->addRow(array(new CCol($db_user['alias'], 'user'), new CCol(date('d-m-Y h:i:s A', $db_ack['clock']), 'time')), 'title');
$msgCol = new CCol(zbx_nl2br($db_ack['message']));
$msgCol->setColspan(2);
$table->addRow($msgCol, 'msg');
}
/**/
if ($table->getNumRows() > 0) {
$table->Show();
echo SBR;
}
}
insert_new_message_form($events, $bulk);
?>
<?php
function Upload_image()
{
$config['upload_path'] = './new_picture';
$config['max_size'] = 1024 * 10;
$config['allowed_types'] = 'gif|png|jpg|jpeg';
$config['encrypt_name'] = TRUE;
$this->load->library('upload', $config);
if (!empty($new_picture)) {
if (($new_picture_type == 'image/gif' || $new_picture_type == 'image/jpeg' || $new_picture_type == 'image/pjpeg' || $new_picture_type == 'image/png') && $new_picture_size > 0 && $new_picture_size <= MM_MAXFILESIZE && $new_picture_width <= MM_MAXIMGWIDTH && $new_picture_height <= MM_MAXIMGHEIGHT) {
if ($_FILES['new_picture']['error'] == 0) {
// Move the file to the target upload folder
$target = MM_UPLOADPATH . basename($new_picture);
if (move_uploaded_file($_FILES['new_picture']['tmp_name'], $target)) {
// The new picture file move was successful, now make sure any old picture is deleted
if (!empty($old_picture) && $old_picture != $new_picture) {
@unlink(MM_UPLOADPATH . $old_picture);
}
} else {
// The new picture file move failed, so delete the temporary file and set the error flag
@unlink($_FILES['new_picture']['tmp_name']);
$error = true;
echo '<p class="error">Sorry, there was a problem uploading your picture.</p>';
}
}
} else {
// The new picture file is not valid, so delete the temporary file and set the error flag
@unlink($_FILES['new_picture']['tmp_name']);
$error = true;
echo '<p class="error">Your picture must be a GIF, JPEG, or PNG image file no greater than ' . MM_MAXFILESIZE / 1024 . ' KB and ' . MM_MAXIMGWIDTH . 'x' . MM_MAXIMGHEIGHT . ' pixels in size.</p>';
}
}
// Update the profile data in the database
if (!$error) {
if (!empty($first_name) && !empty($last_name) && !empty($gender) && !empty($birthdate) && !empty($city) && !empty($state)) {
update_user($first_name, $last_name, $gender, $birthdate, $city, $state, $new_picture, $_SESSION['user_id']);
// Confirm success with the user
echo '<p>Your profile has been successfully updated. Would you like to <a href="viewprofile.php">view your profile</a>?</p>';
exit;
} else {
echo '<p class="error">You must enter all of the profile data (the picture is optional).</p>';
}
} else {
// Grab the profile data from the database
$user = get_user_by_userid($_SESSION['user_id']);
if ($user != NULL) {
$first_name = $user['first_name'];
$last_name = $user['last_name'];
$gender = $user['gender'];
$birthdate = $user['birthdate'];
$city = $user['city'];
$state = $user['state'];
$old_picture = $user['picture'];
} else {
echo '<p class="error">There was a problem accessing your profile.</p>';
}
}
}
$last_page['url'] = 'tr_status.php?hostid=' . get_profile('web.tr_status.hostid', 0);
}
redirect($last_page['url']);
exit;
}
}
}
$msg = $bulk ? ' BULK ACKNOWLEDGE ' : array('"' . expand_trigger_description_by_data($db_data) . '"', BR(), explode_exp($db_data["expression"], 1));
show_table_header(array(S_ALARM_ACKNOWLEDGES_BIG, ' : ', $msg));
echo SBR;
if (!$bulk) {
$table = new CTable(NULL, "ack_msgs");
$table->SetAlign("center");
$db_acks = get_acknowledges_by_eventid($db_data["eventid"]);
while ($db_ack = DBfetch($db_acks)) {
$db_user = get_user_by_userid($db_ack["userid"]);
$table->AddRow(array(new CCol($db_user["alias"], "user"), new CCol(date("d-m-Y h:i:s A", $db_ack["clock"]), "time")), "title");
$msgCol = new CCol(zbx_nl2br($db_ack['message']));
$msgCol->SetColspan(2);
$table->AddRow($msgCol, "msg");
}
/**/
if ($table->GetNumRows() > 0) {
$table->Show();
echo SBR;
}
}
insert_new_message_form($events, $bulk);
?>
<?php
function get_resource_name($permission, $id)
{
$res = '-';
if ($permission == 'Graph') {
if (isset($id) && $id != 0) {
if ($graph = get_graph_by_graphid($id)) {
$res = $graph['name'];
}
} else {
if (!isset($id) || $id == 0) {
$res = 'All graphs';
}
}
} else {
if ($permission == 'Host') {
if (isset($id) && $id != 0) {
if ($host = get_host_by_hostid($id)) {
$res = $host['host'];
}
} else {
if (!isset($id) || $id == 0) {
$res = 'All hosts';
}
}
} else {
if ($permission == 'Screen') {
if (isset($id) && $id != 0) {
if ($screen = get_screen_by_screenid($id)) {
$res = $screen['name'];
}
} else {
if (!isset($id) || $id == 0) {
$res = 'All screens';
}
}
} else {
if ($permission == 'Item') {
if (isset($id) && $id != 0) {
if ($item = get_item_by_itemid($id)) {
if ($host = get_host_by_hostid($item['hostid'])) {
$res = $host['host'] . ':' . $item['description'];
}
}
} else {
if (!isset($id) || $id == 0) {
$res = 'All items';
}
}
} else {
if ($permission == 'User') {
if (isset($id) && $id != 0) {
if ($user = get_user_by_userid($id)) {
$res = $user['alias'];
}
} else {
if (!isset($id) || $id == 0) {
$res = 'All users';
}
}
} else {
if ($permission == 'Network map') {
if (isset($id) && $id != 0) {
if ($user = get_sysmap_by_sysmapid($id)) {
$res = $user['name'];
}
} else {
if (!isset($id) || $id == 0) {
$res = 'All maps';
}
}
} else {
if ($permission == 'Application') {
if (isset($id) && $id > 0) {
if ($app = get_application_by_applicationid($id)) {
$res = $app['name'];
}
} else {
if (!isset($id) || $id == 0) {
$res = 'All applications';
}
}
} else {
if ($permission == 'Service') {
if (isset($id) && $id > 0) {
if ($service = get_service_by_serviceid($id)) {
$res = $service['name'];
}
} else {
if (!isset($id) || $id == 0) {
$res = 'All services';
}
}
}
}
}
}
}
}
}
}
if ($res == '-' && isset($id) && $id > 0) {
$res = $id;
}
return $res;
}
$result = DBend($result);
show_messages($result, S_USER_UPDATED, S_CANNOT_UPDATE_USER);
if ($result) {
add_audit(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_USER_GROUP, 'User alias [' . $user['alias'] . '] name [' . $user['name'] . '] surname [' . $user['surname'] . ']');
unset($_REQUEST['usrgrpid']);
unset($_REQUEST['userid']);
}
unset($_REQUEST['grpaction']);
unset($_REQUEST['form']);
} else {
if ($_REQUEST['go'] == 'delete' && isset($_REQUEST['group_userid'])) {
$result = false;
$group_userid = get_request('group_userid', array());
DBstart();
foreach ($group_userid as $userid) {
if (!($user_data = get_user_by_userid($userid))) {
continue;
}
$result |= delete_user($userid);
if ($result) {
add_audit(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_USER, 'User alias [' . $user_data['alias'] . '] name [' . $user_data['name'] . '] surname [' . $user_data['surname'] . ']');
}
}
$result = DBend($result);
show_messages($result, S_USER_DELETED, S_CANNOT_DELETE_USER);
}
}
}
}
}
}
<?php
// Make sure the user is logged in before going any further.
if (!isset($_SESSION['user_id'])) {
echo anchor('controllers/editprofile/is_loged_in' . $row->user_id, 'is_loged_in');
exit;
} else {
echo anchor('You are logged in as ' . $_SESSION['username'] . '. <a contorllers/logout">Log out</a>.</p>');
}
// Grab the profile data from the database
if (!isset($_GET['user_id'])) {
$user_id = $_SESSION['user_id'];
} else {
$user_id = $_GET['user_id'];
}
$user = get_user_by_userid($user_id);
if ($user_id >= 1) {
// The user user was found so display the user data
echo '<table>';
if (!empty($user['username'])) {
echo '<tr><td class="label">Username:</td><td>' . $user['username'] . '</td></tr>';
}
if (!empty($user['first_name'])) {
echo '<tr><td class="label">First name:</td><td>' . $user['first_name'] . '</td></tr>';
}
if (!empty($user['last_name'])) {
echo '<tr><td class="label">Last name:</td><td>' . $user['last_name'] . '</td></tr>';
}
if (!empty($user['gender'])) {
echo '<tr><td class="label">Gender:</td><td>';
if ($user['gender'] == 'M') {
if (!is_network_member($input['fk_user_id'], $_SESSION[_LICENSE_KEY_]['user']['user_id'], NET_BLOCK)) {
// sender of the message: me
$input['fk_user_id_other'] = $_SESSION[_LICENSE_KEY_]['user']['user_id'];
$input['_user_other'] = $_SESSION[_LICENSE_KEY_]['user']['user'];
$input['subject'] = remove_banned_words($input['subject']);
$input['message_body'] = remove_banned_words($input['message_body']);
if (isset($_on_before_insert)) {
for ($i = 0; isset($_on_before_insert[$i]); ++$i) {
call_user_func($_on_before_insert[$i]);
}
}
queue_or_send_message($input, true);
// save the message in my outbox
$input['fk_user_id_other'] = $input['fk_user_id'];
$input['fk_user_id'] = $_SESSION[_LICENSE_KEY_]['user']['user_id'];
$input['_user_other'] = get_user_by_userid($input['fk_user_id_other']);
$query = "INSERT INTO `{$dbtable_prefix}user_outbox` SET `date_sent`='" . gmdate('YmdHis') . "'";
foreach ($user_outbox_default['defaults'] as $k => $v) {
if (isset($input[$k])) {
$query .= ",`{$k}`='" . $input[$k] . "'";
}
}
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
update_stats($_SESSION[_LICENSE_KEY_]['user']['user_id'], 'mess_sent', 1);
$topass['message']['type'] = MESSAGE_INFO;
$topass['message']['text'] = $GLOBALS['_lang'][198];
if (isset($_on_after_insert)) {
for ($i = 0; isset($_on_after_insert[$i]); ++$i) {
call_user_func($_on_after_insert[$i]);
function validate_operation($operation)
{
global $USER_DETAILS;
switch ($operation['operationtype']) {
case OPERATION_TYPE_MESSAGE:
switch ($operation['object']) {
case OPERATION_OBJECT_USER:
if (!get_user_by_userid($operation['objectid'])) {
error(S_INCORRECT_USER);
return false;
}
break;
case OPERATION_OBJECT_GROUP:
if (!get_group_by_usrgrpid($operation['objectid'])) {
error(S_INCORRECT_GROUP);
return false;
}
break;
default:
error(S_INCORRECT_OBJECT_TYPE);
return false;
}
break;
case OPERATION_TYPE_COMMAND:
return validate_commands($operation['longdata']);
case OPERATION_TYPE_HOST_ADD:
case OPERATION_TYPE_HOST_REMOVE:
break;
case OPERATION_TYPE_GROUP_ADD:
case OPERATION_TYPE_GROUP_REMOVE:
if (!uint_in_array($operation['objectid'], get_accessible_groups_by_user($USER_DETAILS, PERM_READ_WRITE, PERM_RES_IDS_ARRAY))) {
error(S_INCORRECT_GROUP);
return false;
}
break;
case OPERATION_TYPE_TEMPLATE_ADD:
case OPERATION_TYPE_TEMPLATE_REMOVE:
if (!uint_in_array($operation['objectid'], get_accessible_hosts_by_user($USER_DETAILS, PERM_READ_WRITE, PERM_RES_IDS_ARRAY))) {
error(S_INCORRECT_HOST);
return false;
}
break;
default:
error(S_INCORRECT_OPERATION_TYPE);
return false;
}
return true;
}
require _BASEPATH_ . '/includes/tables/user_inbox.inc.php';
require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/mailbox.inc.php';
$tpl = new phemplate(_BASEPATH_ . '/skins_site/' . get_my_skin() . '/', 'remove_nonjs');
$output = $user_inbox_default['defaults'];
if (isset($_SESSION['topass']['input'])) {
$output = $_SESSION['topass']['input'];
$output['_user_other'] = get_user_by_userid($output['fk_user_id']);
unset($_SESSION['topass']['input']);
$temp = 'message_write';
if (isset($_SESSION[_LICENSE_KEY_]['user'][$output['refnum']])) {
$temp = $_SESSION[_LICENSE_KEY_]['user'][$output['refnum']];
}
check_login_member($temp);
} elseif (!empty($_GET['to_id'])) {
$output['fk_user_id'] = (int) $_GET['to_id'];
$output['_user_other'] = get_user_by_userid($output['fk_user_id']);
check_login_member('message_write');
} elseif (!empty($_GET['mail_id'])) {
$output['refnum'] = mt_rand(10000, 99999);
$_SESSION[_LICENSE_KEY_]['user'][$output['refnum']] = 'message_reply';
check_login_member('message_reply');
$mail_id = (int) $_GET['mail_id'];
$query = "SELECT `mail_id`,`fk_user_id_other` as `fk_user_id`,`subject`,`message_body`,`_user_other`,`message_type` FROM `{$dbtable_prefix}user_inbox` WHERE `mail_id`={$mail_id} AND `fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "'";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$output = array_merge($output, mysql_fetch_assoc($res));
$output['subject'] = substr($output['subject'], 0, 3) == 'Re:' ? $output['subject'] : 'Re: ' . $output['subject'];
if ($output['message_type'] == MESS_MESS) {
$output['message_body'] = "\n\n[quote]" . $output['message_body'] . '[/quote]';
$user = get_user_by_userid($_REQUEST['userid']);
$group = get_group_by_usrgrpid($_REQUEST['usrgrpid']);
DBstart();
$result = add_user_to_group($_REQUEST['userid'], $_REQUEST['usrgrpid']);
$result = DBend($result);
show_messages($result, S_USER_UPDATED, S_CANNOT_UPDATE_USER);
if ($result) {
add_audit(AUDIT_ACTION_ADD, AUDIT_RESOURCE_USER_GROUP, 'User alias [' . $user['alias'] . '] name [' . $user['name'] . '] surname [' . $user['surname'] . ']');
unset($_REQUEST['usrgrpid']);
unset($_REQUEST['userid']);
}
unset($_REQUEST['grpaction']);
unset($_REQUEST['form']);
} else {
if (isset($_REQUEST['grpaction']) && isset($_REQUEST['usrgrpid']) && isset($_REQUEST['userid']) && $_REQUEST['grpaction'] == 0) {
$user = get_user_by_userid($_REQUEST['userid']);
$group = get_group_by_usrgrpid($_REQUEST['usrgrpid']);
DBstart();
$result = remove_user_from_group($_REQUEST['userid'], $_REQUEST['usrgrpid']);
$result = DBend($result);
show_messages($result, S_USER_UPDATED, S_CANNOT_UPDATE_USER);
if ($result) {
add_audit(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_USER_GROUP, 'User alias [' . $user['alias'] . '] name [' . $user['name'] . '] surname [' . $user['surname'] . ']');
unset($_REQUEST['usrgrpid']);
unset($_REQUEST['userid']);
}
unset($_REQUEST['grpaction']);
unset($_REQUEST['form']);
}
}
}
// if I am a friend with this gorgeous girl show me the hidden stuff also :)
if (empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) || !is_network_member($input['uid'], $_SESSION[_LICENSE_KEY_]['user']['user_id'], NET_FRIENDS)) {
$where .= " AND a.`is_private`=0";
}
} else {
$error = true;
}
$tplvars['page_title'] = sprintf($GLOBALS['_lang'][143], get_user_by_userid($input['uid']));
break;
case 'priv':
$input['acclevel_code'] = 'auth';
$input['uid'] = sanitize_and_format_gpc($_GET, 'uid', TYPE_INT, 0, 0);
if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $input['uid'] == $_SESSION[_LICENSE_KEY_]['user']['user_id']) {
redirect2page('my_photos.php');
}
$user_name = get_user_by_userid($input['uid']);
if (!empty($input['uid'])) {
require_once _BASEPATH_ . '/includes/network_functions.inc.php';
// if I am a friend with this gorgeous girl show me the hidden stuff :)
if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && is_network_member($input['uid'], $_SESSION[_LICENSE_KEY_]['user']['user_id'], NET_FRIENDS)) {
$where .= " AND a.`fk_user_id`=" . $input['uid'] . " AND `is_private`=1";
} else {
$output['no_results'] = sprintf($GLOBALS['_lang'][277], _BASEURL_ . '/profile.php?uid=' . $input['uid'], $user_name);
$error = true;
}
} else {
$error = true;
}
$tplvars['page_title'] = sprintf($GLOBALS['_lang'][279], $user_name);
break;
case 'field':
