public function onPageRequest($event) { global $config, $page, $user; if ($event->page_matches("featured_image")) { if ($event->get_arg(0) == "set" && $user->check_auth_token()) { if ($user->is_admin() && isset($_POST['image_id'])) { $id = int_escape($_POST['image_id']); if ($id > 0) { $config->set_int("featured_id", $id); $page->set_mode("redirect"); $page->set_redirect(make_link("post/view/{$id}")); } } } if ($event->get_arg(0) == "download") { $image = Image::by_id($config->get_int("featured_id")); if (!is_null($image)) { $page->set_mode("data"); $page->set_type("image/jpeg"); $page->set_data(file_get_contents($image->get_image_filename())); } } if ($event->get_arg(0) == "view") { $image = Image::by_id($config->get_int("featured_id")); if (!is_null($image)) { send_event(new DisplayingImageEvent($image, $page)); } } } }
public function onPageRequest($event) { global $page, $user; $this->getTip(); if ($event->page_matches("tips") && $user->is_admin()) { switch ($event->get_arg(0)) { case "list": $this->manageTips(); $this->getAll(); break; case "save": if ($user->check_auth_token()) { $this->saveTip(); $page->set_mode("redirect"); $page->set_redirect(make_link("tips/list")); } break; case "status": // FIXME: HTTP GET CSRF $tipID = int_escape($event->get_arg(1)); $this->setStatus($tipID); $page->set_mode("redirect"); $page->set_redirect(make_link("tips/list")); break; case "delete": // FIXME: HTTP GET CSRF $tipID = int_escape($event->get_arg(1)); $this->deleteTip($tipID); $page->set_mode("redirect"); $page->set_redirect(make_link("tips/list")); break; } } }
/** * Returns info about the current page number. * * @param PageRequestEvent $event * @return array */ private function get_list_pageinfo(PageRequestEvent $event) { global $config, $database; // get the amount of images per page $images_per_page = $config->get_int('index_images'); // if there are no tags, use default if (is_null($event->get_arg(1))) { $prefix = ""; $page_number = int_escape($event->get_arg(0)); $total_pages = ceil($database->get_one("SELECT COUNT(*) FROM images") / $images_per_page); } else { // if there are tags, use pages with tags $prefix = url_escape($event->get_arg(0)) . "/"; $page_number = int_escape($event->get_arg(1)); $total_pages = ceil($database->get_one("SELECT count FROM tags WHERE tag=:tag", array("tag" => $event->get_arg(0))) / $images_per_page); } // creates previous & next values // When previous first page, go to last page if ($page_number <= 1) { $prev = $total_pages; } else { $prev = $page_number - 1; } if ($page_number >= $total_pages) { $next = 1; } else { $next = $page_number + 1; } // Create return array $pageinfo = array("prev" => $prefix . $prev, "next" => $prefix . $next); return $pageinfo; }
protected function comment_to_html($comment, $trim = false) { $inner_id = $this->inner_id; // because custom themes can't add params, because PHP global $user; $tfe = new TextFormattingEvent($comment->comment); send_event($tfe); //$i_uid = int_escape($comment->owner_id); $h_name = html_escape($comment->owner_name); //$h_poster_ip = html_escape($comment->poster_ip); $h_comment = $trim ? substr($tfe->stripped, 0, 50) . "..." : $tfe->formatted; $i_comment_id = int_escape($comment->comment_id); $i_image_id = int_escape($comment->image_id); $stripped_nonl = str_replace("\n", "\\n", substr($tfe->stripped, 0, 50)); $stripped_nonl = str_replace("\r", "\\r", $stripped_nonl); $h_userlink = "<a href='" . make_link("user/{$h_name}") . "'>{$h_name}</a>"; $h_date = $comment->posted; $h_del = $user->can("delete_comment") ? ' - <a onclick="return confirm(\'Delete comment by ' . $h_name . ':\\n' . $stripped_nonl . '\');" ' . 'href="' . make_link('comment/delete/' . $i_comment_id . '/' . $i_image_id) . '">Del</a>' : ''; $h_reply = "[<a href='" . make_link("post/view/{$i_image_id}") . "'>Reply</a>]"; if ($inner_id == 0) { return "<div class='comment' style='margin-top: 8px;'>{$h_userlink}{$h_del} {$h_date} No.{$i_comment_id} {$h_reply}<p>{$h_comment}</p></div>"; } else { return "<table><tr><td nowrap class='doubledash'>>></td><td>" . "<div class='reply'>{$h_userlink}{$h_del} {$h_date} No.{$i_comment_id} {$h_reply}<p>{$h_comment}</p></div>" . "</td></tr></table>"; } }
public function display_image_banner(Page $page, Image $image) { global $config; $i_image = int_escape($image->id); $html = "\n\t\t\t<form action='" . make_link("image_report/add") . "' method='POST'>\n\t\t\t\t<input type='hidden' name='image_id' value='{$i_image}'>\n\t\t\t\t<input type='text' name='reason' value='Please enter a reason' onclick='this.value=\"\";'>\n\t\t\t\t<input type='submit' value='Report'>\n\t\t\t</form>\n\t\t"; $page->add_block(new Block("Report Image", $html, "left")); }
public function get_voter_html(Image $image) { $i_image_id = int_escape($image->id); $i_score = int_escape($image->numeric_score); $html = "\n\t\t\tCurrent Score: {$i_score}\n\n\t\t\t<p><form action='" . make_link("numeric_score_vote") . "' method='POST'>\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='hidden' name='vote' value='up'>\n\t\t\t<input type='submit' value='Vote Up'>\n\t\t\t</form>\n\n\t\t\t<form action='" . make_link("numeric_score_vote") . "' method='POST'>\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='hidden' name='vote' value='null'>\n\t\t\t<input type='submit' value='Remove Vote'>\n\t\t\t</form>\n\n\t\t\t<form action='" . make_link("numeric_score_vote") . "' method='POST'>\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='hidden' name='vote' value='down'>\n\t\t\t<input type='submit' value='Vote Down'>\n\t\t\t</form>\n\t\t"; return $html; }
/** * Generic thumbnail code; returns HTML rather than adding * a block since thumbs tend to go inside blocks... */ public function build_thumb_html(Image $image, $query = null) { global $config; $i_id = int_escape($image->id); $h_view_link = make_link("post/view/{$i_id}", $query); $h_thumb_link = $image->get_thumb_link(); // Removes the size tag if the file is an mp3 if ($image->ext == 'mp3') { $iitip = $image->get_tooltip(); $mp3tip = array("0x0"); $h_tip = str_replace($mp3tip, " ", $iitip); // Makes it work with a variation of the default tooltips (I.E $tags // $filesize // $size) $justincase = array(" //", "// ", " //", "// ", " "); if (strstr($h_tip, " ")) { $h_tip = html_escape(str_replace($justincase, "", $h_tip)); } else { $h_tip = html_escape($h_tip); } } else { $h_tip = html_escape($image->get_tooltip()); } // If file is flash or svg then sets thumbnail to max size. if ($image->ext == 'swf' || $image->ext == 'svg') { $tsize = get_thumbnail_size($config->get_int('thumb_width'), $config->get_int('thumb_height')); } else { $tsize = get_thumbnail_size($image->width, $image->height); } return "\n\t\t\t<center><div class='thumbblock'>\n\t\t\t\n\t\t\t\t<a href='{$h_view_link}' style='position: relative; display: block; height: {$tsize[1]}px; width: {$tsize[0]}px;'>\n\t\t\t\t\t<img id='thumb_{$i_id}' title='{$h_tip}' alt='{$h_tip}' class='highlighted' style='height: {$tsize[1]}px; width: {$tsize[0]}px;' src='{$h_thumb_link}'>\n\t\t\t\t</a>\n\t\t\t\n\t\t\t</div></center>\n\t\t"; }
public function onPageRequest($event) { global $database, $user; if ($event->page_matches("log/view")) { if ($user->is_admin()) { $wheres = array(); $args = array(); $page_num = int_escape($event->get_arg(0)); if ($page_num <= 0) { $page_num = 1; } if (!empty($_GET["time"])) { $wheres[] = "date_sent LIKE :time"; $args["time"] = $_GET["time"] . "%"; } if (!empty($_GET["module"])) { $wheres[] = "section = :module"; $args["module"] = $_GET["module"]; } if (!empty($_GET["user"])) { if ($database->engine->name == "pgsql") { if (preg_match("#\\d+\\.\\d+\\.\\d+\\.\\d+(/\\d+)?#", $_GET["user"])) { $wheres[] = "(username = :user OR address << :user)"; } else { $wheres[] = "lower(username) = lower(:user)"; } } else { $wheres[] = "(username = :user OR address = :user)"; } $args["user"] = $_GET["user"]; } if (!empty($_GET["priority"])) { $wheres[] = "priority >= :priority"; $args["priority"] = int_escape($_GET["priority"]); } else { $wheres[] = "priority >= :priority"; $args["priority"] = 20; } $where = ""; if (count($wheres) > 0) { $where = "WHERE "; $where .= join(" AND ", $wheres); } $limit = 50; $offset = ($page_num - 1) * $limit; $page_total = $database->cache->get("event_log_length"); if (!$page_total) { $page_total = $database->get_one("SELECT count(*) FROM score_log {$where}", $args); // don't cache a length of zero when the extension is first installed if ($page_total > 10) { $database->cache->set("event_log_length", 600); } } $args["limit"] = $limit; $args["offset"] = $offset; $events = $database->get_all("SELECT * FROM score_log {$where} ORDER BY id DESC LIMIT :limit OFFSET :offset", $args); $this->theme->display_events($events, $page_num, 100); } } }
public function get_voter_html(Image $image, $is_favorited) { $i_image_id = int_escape($image->id); $name = $is_favorited ? "unset" : "set"; $label = $is_favorited ? "Un-Favorite" : "Favorite"; $html = "\n\t\t\t" . make_form(make_link("change_favorite")) . "\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='hidden' name='favorite_action' value='{$name}'>\n\t\t\t<input type='submit' value='{$label}'>\n\t\t\t</form>\n\t\t"; return $html; }
public function get_resize_html($image_id) { global $user; global $config; $i_image_id = int_escape($image_id); $html = "\n\t\t\t" . make_form(make_link("resize"), 'POST', false, 'resize_image') . "\n\t\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}' />\n\t\t\t\t<input type='submit' value='Resize' id='resize_image_submit' />\n\t\t\t</form>\n\t\t"; return $html; }
/** * One will very rarely construct a user directly, more common * would be to use User::by_id, User::by_session, etc */ public function User($row) { $this->id = int_escape($row['id']); $this->name = $row['name']; $this->email = $row['email']; $this->join_date = $row['joindate']; $this->admin = $row['admin'] == 'Y'; }
public function onPageRequest($event) { global $config, $database, $page, $user; if ($event->page_matches("regen_thumb") && $user->is_admin() && isset($_POST['image_id'])) { $image = Image::by_id(int_escape($_POST['image_id'])); send_event(new ThumbnailGenerationEvent($image->hash, $image->ext)); $this->theme->display_results($page, $image); } }
public function onPageRequest(PageRequestEvent $event) { global $page, $user; if ($event->page_matches("regen_thumb") && $user->can("delete_image") && isset($_POST['image_id'])) { $image = Image::by_id(int_escape($_POST['image_id'])); send_event(new ThumbnailGenerationEvent($image->hash, $image->ext, true)); $this->theme->display_results($page, $image); } }
public function get_rater_html($image_id, $rating) { $i_image_id = int_escape($image_id); $s_checked = $rating == 's' ? " checked" : ""; $q_checked = $rating == 'q' ? " checked" : ""; $e_checked = $rating == 'e' ? " checked" : ""; $html = "\n\t\t\t<tr>\n\t\t\t\t<td>Rating</td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type='radio' name='rating' value='s' id='s'{$s_checked}><label for='s'>Safe</label>\n\t\t\t\t\t<input type='radio' name='rating' value='q' id='q'{$q_checked}><label for='q'>Questionable</label>\n\t\t\t\t\t<input type='radio' name='rating' value='e' id='e'{$e_checked}><label for='e'>Explicit</label>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t"; return $html; }
/** * @param Image $image * @param null|string $query * @return string */ public function build_featured_html(Image $image, $query = null) { $i_id = int_escape($image->id); $h_view_link = make_link("post/view/{$i_id}", $query); $h_thumb_link = $image->get_thumb_link(); $h_tip = html_escape($image->get_tooltip()); $tsize = get_thumbnail_size($image->width, $image->height); return "\n\t\t\t<a href='{$h_view_link}'>\n\t\t\t\t<img id='thumb_{$i_id}' title='{$h_tip}' alt='{$h_tip}' class='highlighted' style='height: {$tsize[1]}px; width: {$tsize[0]}px;' src='{$h_thumb_link}'>\n\t\t\t</a>\n\t\t"; }
/** * Generic thumbnail code; returns HTML rather than adding * a block since thumbs tend to go inside blocks... */ public function build_thumb_html(Image $image, $query = null) { global $config; $i_id = int_escape($image->id); $h_view_link = make_link("post/view/{$i_id}", $query); $h_tip = html_escape($image->get_tooltip()); $h_thumb_link = $image->get_thumb_link(); $tsize = get_thumbnail_size($image->width, $image->height); return "<a class='thumb' href='{$h_view_link}'><img id='{$i_id}' title='{$h_tip}' alt='{$h_tip}' " . "width='{$tsize[0]}' height='{$tsize[1]}' src='{$h_thumb_link}' /></a>"; }
/** * Generic thumbnail code; returns HTML rather than adding * a block since thumbs tend to go inside blocks... */ public function build_thumb_html(Image $image, $query = null) { global $config; $i_id = int_escape($image->id); $h_view_link = make_link("post/view/{$i_id}", $query); $h_tip = html_escape($image->get_tooltip()); $h_thumb_link = $image->get_thumb_link(); $tsize = get_thumbnail_size($image->width, $image->height); return "\n\t\t\t<div class='thumbblock'>\n\t\t\t<div class='rr thumb'>\n\t\t\t\t<div class='rrtop'><div></div></div>\n\t\t\t\t<div class='rrcontent'>\n\t\t\t\t<a href='{$h_view_link}' style='position: relative; display: block; height: {$tsize[1]}px; width: {$tsize[0]}px;'>\n\t\t\t\t\t<img id='thumb_{$i_id}' title='{$h_tip}' alt='{$h_tip}' style='height: {$tsize[1]}px; width: {$tsize[0]}px;' src='{$h_thumb_link}'>\n\t\t\t\t</a>\n\t\t\t\t</div>\n\t\t\t\t<div class='rrbot'><div></div></div>\n\t\t\t</div>\n\t\t\t</div>\n\t\t"; }
public function onPageRequest(PageRequestEvent $event) { global $page, $user; if ($event->page_matches("api/shimmie")) { $page->set_mode("data"); $page->set_type("text/plain"); if ($event->page_matches("api/shimmie/get_tags")) { $tag = $event->get_arg(0); if (empty($tag) && isset($_GET['tag'])) { $tag = $_GET['tag']; } $res = $this->api_get_tags($tag); $page->set_data(json_encode($res)); } elseif ($event->page_matches("api/shimmie/get_image")) { $arg = $event->get_arg(0); if (empty($arg) && isset($_GET['id'])) { $arg = $_GET['id']; } $image = Image::by_id(int_escape($arg)); // FIXME: handle null image $image->get_tag_array(); // tag data isn't loaded into the object until necessary $safe_image = new _SafeImage($image); $page->set_data(json_encode($safe_image)); } elseif ($event->page_matches("api/shimmie/find_images")) { $search_terms = $event->get_search_terms(); $page_number = $event->get_page_number(); $page_size = $event->get_page_size(); $images = Image::find_images(($page_number - 1) * $page_size, $page_size, $search_terms); $safe_images = array(); foreach ($images as $image) { $image->get_tag_array(); $safe_images[] = new _SafeImage($image); } $page->set_data(json_encode($safe_images)); } elseif ($event->page_matches("api/shimmie/get_user")) { $query = $user->id; $type = "id"; if ($event->count_args() == 1) { $query = $event->get_arg(0); $type = "name"; } elseif (isset($_GET['id'])) { $query = $_GET['id']; } elseif (isset($_GET['name'])) { $query = $_GET['name']; $type = "name"; } $all = $this->api_get_user($type, $query); $page->set_data(json_encode($all)); } else { $page->set_mode("redirect"); $page->set_redirect(make_link("ext_doc/shimmie_api")); } } }
public function get_voter_html(Image $image) { global $user; $i_image_id = int_escape($image->id); $i_score = int_escape($image->numeric_score); $html = "\n\t\t\tCurrent Score: {$i_score}\n\n\t\t\t<p><form action='" . make_link("numeric_score_vote") . "' method='POST'>\n\t\t\t" . $user->get_auth_html() . "\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='hidden' name='vote' value='up'>\n\t\t\t<input type='submit' value='Vote Up'>\n\t\t\t</form>\n\n\t\t\t<form action='" . make_link("numeric_score_vote") . "' method='POST'>\n\t\t\t" . $user->get_auth_html() . "\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='hidden' name='vote' value='null'>\n\t\t\t<input type='submit' value='Remove Vote'>\n\t\t\t</form>\n\n\t\t\t<form action='" . make_link("numeric_score_vote") . "' method='POST'>\n\t\t\t" . $user->get_auth_html() . "\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='hidden' name='vote' value='down'>\n\t\t\t<input type='submit' value='Vote Down'>\n\t\t\t</form>\n\t\t"; if ($user->is_admin()) { $html .= "\n\t\t\t<form action='" . make_link("numeric_score/remove_votes_on") . "' method='POST'>\n\t\t\t" . $user->get_auth_html() . "\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='submit' value='Remove All Votes'>\n\t\t\t</form>\n\n\t\t\t<p><a href='" . make_link("numeric_score_votes/{$i_image_id}") . "'>See All Votes</a>\n\t\t\t"; } return $html; }
/** * @param Image $image * @param array $reporters */ public function display_image_banner(Image $image, $reporters) { global $page; $i_image = int_escape($image->id); $html = ""; if (count($reporters) > 0) { $html .= "<b>Image reported by " . html_escape(implode(", ", $reporters)) . "</b><p>"; } $html .= "\n\t\t\t" . make_form(make_link("image_report/add")) . "\n\t\t\t\t<input type='hidden' name='image_id' value='{$i_image}'>\n\t\t\t\t<input type='text' name='reason' placeholder='Please enter a reason'>\n\t\t\t\t<input type='submit' value='Report'>\n\t\t\t</form>\n\t\t"; $page->add_block(new Block("Report Image", $html, "left")); }
public function get_voter_html(Image $image, $is_favorited) { global $page, $user; $i_image_id = int_escape($image->id); if (!$is_favorited) { $html = "<form action='" . make_link("change_favorite") . "' method='POST'>\n\t\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t\t<input type='hidden' name='favorite_action' value='set'>\n\t\t\t\t<input type='submit' value='Favorite'>\n\t\t\t\t</form>\n\t\t\t"; } else { $html = "<form action='" . make_link("change_favorite") . "' method='POST'>\n\t\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t\t<input type='hidden' name='favorite_action' value='unset'>\n\t\t\t\t<input type='submit' value='Un-Favorite'>\n\t\t\t\t</form>\n\t\t\t"; } return $html; }
public function get_voter(Image $image) { global $user, $page; $i_image_id = int_escape($image->id); $i_score = int_escape($image->numeric_score); $html = "\n\t\t\tCurrent Score: {$i_score}\n\n\t\t\t<p><form action='" . make_link("numeric_score_vote") . "' method='POST'>\n\t\t\t" . $user->get_auth_html() . "\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='hidden' name='vote' value='up'>\n\t\t\t<input type='submit' value='Vote Up'>\n\t\t\t</form>\n\n\t\t\t<form action='" . make_link("numeric_score_vote") . "' method='POST'>\n\t\t\t" . $user->get_auth_html() . "\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='hidden' name='vote' value='null'>\n\t\t\t<input type='submit' value='Remove Vote'>\n\t\t\t</form>\n\n\t\t\t<form action='" . make_link("numeric_score_vote") . "' method='POST'>\n\t\t\t" . $user->get_auth_html() . "\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='hidden' name='vote' value='down'>\n\t\t\t<input type='submit' value='Vote Down'>\n\t\t\t</form>\n\t\t"; if ($user->can("edit_other_vote")) { $html .= "\n\t\t\t<form action='" . make_link("numeric_score/remove_votes_on") . "' method='POST'>\n\t\t\t" . $user->get_auth_html() . "\n\t\t\t<input type='hidden' name='image_id' value='{$i_image_id}'>\n\t\t\t<input type='submit' value='Remove All Votes'>\n\t\t\t</form>\n\n\t\t\t<br><div id='votes-content'>\n\t\t\t\t<a\n\t\t\t\t\thref='" . make_link("numeric_score_votes/{$i_image_id}") . "'\n\t\t\t\t\tonclick='\$(\"#votes-content\").load(\"" . make_link("numeric_score_votes/{$i_image_id}") . "\"); return false;'\n\t\t\t\t>See All Votes</a>\n\t\t\t</div>\n\t\t\t"; } $page->add_block(new Block("Image Score", $html, "left", 20)); }
public function onPageRequest($event) { global $config, $database, $page; if ($event->page_matches("get_ico")) { $id = int_escape($event->get_arg(0)); $image = Image::by_id($id); $hash = $image->hash; $ha = substr($hash, 0, 2); $page->set_type("image/x-icon"); $page->set_mode("data"); $page->set_data(file_get_contents("images/{$ha}/{$hash}")); } }
/** * One will very rarely construct a user directly, more common * would be to use User::by_id, User::by_session, etc. * * @param mixed $row * @throws SCoreException */ public function __construct($row) { global $_user_classes; $this->id = int_escape($row['id']); $this->name = $row['name']; $this->email = $row['email']; $this->join_date = $row['joindate']; $this->passhash = $row['pass']; if (array_key_exists($row["class"], $_user_classes)) { $this->class = $_user_classes[$row["class"]]; } else { throw new SCoreException("User '{$this->name}' has invalid class '{$row["class"]}'"); } }
public function display_block() { global $config, $page; //FIXME: input field alignment could be done more elegantly, without inline styling //FIXME: autocomplete='off' seems to be an invalid HTML tag $oekW = $config->get_int("oekaki_width", 400); $oekH = $config->get_int("oekaki_height", 400); if (isset($_POST['oekW']) && isset($_POST['oekH'])) { $oekW = int_escape($_POST['oekW']); $oekH = int_escape($_POST['oekH']); } $page->add_block(new Block("Oekaki", "\n\t\t\t<form form enctype='multipart/form-data' action='" . make_link("oekaki/create") . "' method='POST'>\n\t\t\t\t<input autocomplete='off' style='width: auto;' name='oekW' type='text' size='3' value='" . $oekW . "'/>" . "x" . "<input autocomplete='off' style='width: auto;' name='oekH' type='text' size='3' value='" . $oekH . "'/>" . "<input autocomplete='off' type='submit' value='Create!' />\n\t\t\t</form>\n\t\t\t", "left", 21)); // upload is 20 }
protected function create_display_html(WikiPage $page) { $owner = $page->get_owner(); $tfe = new TextFormattingEvent($page->body); send_event($tfe); global $user; $edit = "<table><tr>"; $edit .= Wiki::can_edit($user, $page) ? "\n\t\t\t\t<td>" . make_form(make_link("wiki_admin/edit")) . "\n\t\t\t\t\t<input type='hidden' name='title' value='" . html_escape($page->title) . "'>\n\t\t\t\t\t<input type='hidden' name='revision' value='" . int_escape($page->revision) . "'>\n\t\t\t\t\t<input type='submit' value='Edit'>\n\t\t\t\t</form></td>\n\t\t\t" : ""; if ($user->is_admin()) { $edit .= "\n\t\t\t\t<td>" . make_form(make_link("wiki_admin/delete_revision")) . "\n\t\t\t\t\t<input type='hidden' name='title' value='" . html_escape($page->title) . "'>\n\t\t\t\t\t<input type='hidden' name='revision' value='" . int_escape($page->revision) . "'>\n\t\t\t\t\t<input type='submit' value='Delete This Version'>\n\t\t\t\t</form></td>\n\t\t\t\t<td>" . make_form(make_link("wiki_admin/delete_all")) . "\n\t\t\t\t\t<input type='hidden' name='title' value='" . html_escape($page->title) . "'>\n\t\t\t\t\t<input type='submit' value='Delete All'>\n\t\t\t\t</form></td>\n\t\t\t"; } $edit .= "</tr></table>"; return "\n\t\t\t<div class='wiki-page'>\n\t\t\t{$tfe->formatted}\n\t\t\t<hr>\n\t\t\t<p class='wiki-footer'>\n\t\t\t\tRevision {$page->revision}\n\t\t\t\tby <a href='" . make_link("user/{$owner->name}") . "'>{$owner->name}</a>\n\t\t\t\tat {$page->date}\n\t\t\t\t{$edit}\n\t\t\t</p>\n\t\t\t</div>\n\t\t"; }
protected function build_options($duser) { global $database; global $config; global $user; $html = ""; $html .= "\n\t\t<form action='" . make_link("user_admin/change_pass") . "' method='POST'>\n\t\t\t<input type='hidden' name='name' value='{$duser->name}'>\n\t\t\t<input type='hidden' name='id' value='{$duser->id}'>\n\t\t\t<table style='width: 300px;'>\n\t\t\t\t<tr><td colspan='2'>Change Password</td></tr>\n\t\t\t\t<tr><td>Password</td><td><input type='password' name='pass1'></td></tr>\n\t\t\t\t<tr><td>Repeat Password</td><td><input type='password' name='pass2'></td></tr>\n\t\t\t\t<tr><td colspan='2'><input type='Submit' value='Change Password'></td></tr>\n\t\t\t</table>\n\t\t</form>\n\t\t<p><form action='" . make_link("user_admin/change_email") . "' method='POST'>\n\t\t\t<input type='hidden' name='id' value='{$duser->id}'>\n\t\t\t<table style='width: 300px;'>\n\t\t\t\t<tr><th colspan='2'>Change Email</th></tr>\n\t\t\t\t<tr><td>Address</td><td><input type='text' name='address' value='" . html_escape($duser->email) . "'></td></tr>\n\t\t\t\t<tr><td colspan='2'><input type='Submit' value='Set'></td></tr>\n\t\t\t</table>\n\t\t</form></p>\n\t\t"; if ($user->is_admin()) { $i_user_id = int_escape($duser->id); $h_is_admin = $duser->is_admin() ? " checked" : ""; $html .= "\n\t\t\t\t<p>" . make_form(make_link("user_admin/set_more")) . "\n\t\t\t\t\t<input type='hidden' name='id' value='{$i_user_id}'>\n\t\t\t\t\tAdmin: <input name='admin' type='checkbox'{$h_is_admin}>\n\t\t\t\t\t<input type='submit' value='Set'>\n\t\t\t\t</form>\n\t\t\t"; } return $html; }
public function onPageRequest($event) { if ($event->page_matches("rss/images")) { $page_number = 0; $search_terms = array(); if ($event->count_args() == 1) { $page_number = int_escape($event->get_arg(0)); } else { if ($event->count_args() == 2) { $search_terms = explode(' ', $event->get_arg(0)); $page_number = int_escape($event->get_arg(1)); } } $images = Image::find_images(($page_number - 1) * 10, 10, $search_terms); $this->do_rss($images, $search_terms, $page_number); } }
public function onPageRequest($event) { global $database, $user; if ($event->page_matches("log/view")) { if ($user->is_admin()) { $wheres = array(); $args = array(); if (!empty($_GET["time"])) { $wheres[] = "date_sent LIKE ?"; $args[] = $_GET["time"] . "%"; } if (!empty($_GET["module"])) { $wheres[] = "section = ?"; $args[] = $_GET["module"]; } if (!empty($_GET["user"])) { if ($database->engine->name == "pgsql") { if (preg_match("#\\d+\\.\\d+\\.\\d+\\.\\d+(/\\d+)?#", $_GET["user"])) { $wheres[] = "(username = ? OR address << ?)"; $args[] = $_GET["user"]; $args[] = $_GET["user"]; } else { $wheres[] = "lower(username) = lower(?)"; $args[] = $_GET["user"]; } } else { $wheres[] = "(username = ? OR address = ?)"; $args[] = $_GET["user"]; $args[] = $_GET["user"]; } } if (!empty($_GET["priority"])) { $wheres[] = "priority >= ?"; $args[] = int_escape($_GET["priority"]); } $where = ""; if (count($wheres) > 0) { $where = "WHERE "; $where .= join(" AND ", $wheres); } $events = $database->get_all("SELECT * FROM score_log {$where} ORDER BY id DESC LIMIT 50", $args); $this->theme->display_events($events); } } }
public function onPageRequest($event) { global $page, $user; if ($event->page_matches("resize") && $user->is_admin()) { // Try to get the image ID $image_id = int_escape($event->get_arg(0)); if (empty($image_id)) { $image_id = isset($_POST['image_id']) ? $_POST['image_id'] : null; } if (empty($image_id)) { throw new ImageResizeException("Can not resize Image: No valid Image ID given."); } $image = Image::by_id($image_id); if (is_null($image)) { $this->theme->display_error($page, "Image not found", "No image in the database has the ID #{$image_id}"); } else { /* Check if options were given to resize an image. */ if (isset($_POST['resize_width']) || isset($_POST['resize_height'])) { /* get options */ $width = $height = 0; if (isset($_POST['resize_width'])) { $width = int_escape($_POST['resize_width']); } if (isset($_POST['resize_height'])) { $height = int_escape($_POST['resize_height']); } /* Attempt to resize the image */ try { $this->resize_image($image_id, $width, $height); //$this->theme->display_resize_page($page, $image_id); $page->set_mode("redirect"); $page->set_redirect(make_link("post/view/" . $image_id)); } catch (ImageResizeException $e) { $this->theme->display_resize_error($page, "Error Resizing", $e->error); } } else { /* Display options for resizing */ $this->theme->display_resize_page($page, $image_id); } } } }