function SERVICE_CMSOPEN_postnuke($authenticate_only)
{
global $phpnuke, $default_access, $web_root, $root_dir, $cms_user_access, $cms_type, $include_path;
if (!defined("LOADED_AS_MODULE") and $phpnuke == "false") {
die("You can't access this file directly...<br><br>Generally this means that Jinzora was " . "installed as a PostNuke module and you're trying to access it outside of PostNuke");
}
if (function_exists('pnSecAuthAction')) {
if (!pnSecAuthAction(0, 'Jinzora::', "::", ACCESS_READ)) {
include 'header.php';
die('Access Denied');
include 'footer.php';
}
}
// Now let's get the users name IF we need it
if (pnUserGetVar('uname') != "") {
$username = pnUserGetVar('uname');
} else {
$username = "******";
}
// Ok, now let's authenticate this user
userAuthenticate($username);
// Now let's see if we only wanted the user access
if ($authenticate_only == true) {
return;
}
include_once "header.php";
// Now let's open the table
OpenTable();
}
function mediashareResendInvitation($invitationId, $albumId)
{
$args = array('invitationId' => $invitationId, 'emails' => FormUtil::getPassedValue('emails'), 'subject' => FormUtil::getPassedValue('subject'), 'text' => FormUtil::getPassedValue('text'), 'sender' => FormUtil::getPassedValue('sender'), 'senderemail' => pnUserGetVar('email'), 'expires' => FormUtil::getPassedValue('expires'));
if (!pnModAPIFunc('mediashare', 'invitation', 'resendInvitation', $args)) {
return false;
}
return pnRedirect(pnModURL('mediashare', 'invitation', 'list', array('aid' => $albumId)));
}
function cookiedecode()
{
if (!pnUserLoggedIn()) {
return;
}
global $cookie;
$cookie = array(pnUserGetVar('uid'), pnUserGetVar('uname'), pnUserGetVar('pass'), pnUserGetVar('storynum'), pnUserGetVar('umode'), pnUserGetVar('uorder'), pnUserGetVar('thold'), pnUserGetVar('noscore'), pnUserGetVar('ublockon'), pnUserGetVar('theme'), pnUserGetVar('commentmax'));
return $cookie;
}
function dplink_user_main()
{
$url = trim(pnModGetVar('dplink', 'url'));
$window = pnModGetVar('dplink', 'use_window');
$wrap = pnModGetVar('dplink', 'use_postwrap');
$user_data = array();
$home = pnGetBaseURL();
$home .= 'user.php?op=loginscreen&module=NS-User';
if (!pnUserLoggedIn()) {
pnRedirect($home);
}
// We need to get the user password string from the database
$uid = pnUserGetVar('uid');
list($dbconn) = pnDBGetConn();
$pntables = pnDBGetTables();
$usertable = $pntables['users'];
$usercol =& $pntables['users_column'];
$sql = "SELECT {$usercol['uname']}, {$usercol['pass']}, {$usercol['name']}, {$usercol['email']} " . "FROM {$usertable} WHERE {$usercol['uid']} = {$uid}";
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
die('Could not get user details');
}
if ($result->EOF) {
die('Could not get user detail');
}
list($uname, $password, $user_name, $user_email) = $result->fields;
$result->Close();
$user_data['login'] = $uname;
$user_data['passwd'] = $password;
$user_data['name'] = $user_name;
$user_data['email'] = $user_email;
$parm = serialize($user_data);
$check = md5($parm);
$cparm = gzcompress($parm);
$bparm = urlencode(base64_encode($cparm));
if ($window) {
$url .= '/index.php?login=pn&userdata=' . $bparm . '&check=' . $check;
header('Location: ' . $url);
} else {
$url .= '/index.php?login=pn%26userdata=' . $bparm . '%26check=' . $check;
if ($wrap) {
header('Location: modules.php?op=modload&name=PostWrap&file=index&page=' . $url);
} else {
header('Location: modules.php?op=modload&name=dplink&file=index&url=' . $url);
}
}
exit;
}
function smarty_function_mediashare_uservar($params, &$smarty)
{
$dom = ZLanguage::getModuleDomain('mediashare');
if (!isset($params['varName'])) {
$smarty->trigger_error(__f('Missing [%1$s] in \'%2$s\'', array('varName', 'mediashare_uservar'), $dom));
return false;
}
if (!isset($params['userId'])) {
$smarty->trigger_error(__f('Missing [%1$s] in \'%2$s\'', array('userId', 'mediashare_uservar'), $dom));
return false;
}
$var = pnUserGetVar($params['varName'], $params['userId']);
$var = DataUtil::formatForDisplay($var);
if (isset($params['assign'])) {
$smarty->assign($params['assign'], $var);
}
return $var;
}
function blocks_user_block($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!pnSecAuthAction(0, 'Userblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
if (pnUserLoggedIn() && pnUserGetVar('ublockon') == 1) {
$column =& $pntable['users_column'];
$uid = pnUserGetVar('uid');
$getblock = $dbconn->Execute("SELECT {$column['ublock']} FROM {$pntable['users']} WHERE {$column['uid']}=" . pnVarPrepForStore($uid) . "");
list($ublock) = $getblock->fields;
$username = pnUserGetVar('name');
$row['title'] = _MENUFOR . " " . pnVarPrepForDisplay($username) . "";
$row['content'] = $ublock;
return themesideblock($row);
}
}
function smarty_function_mediashare_username($params, &$smarty)
{
$dom = ZLanguage::getModuleDomain('mediashare');
if (!isset($params['userId'])) {
$smarty->trigger_error(__f('Missing [%1$s] in \'%2$s\'', array('userId', 'mediashare_username'), $dom));
return false;
}
if (mediashareAccessUserRealName()) {
$name = pnUserGetVar('name', $params['userId']);
} else {
$name = null;
}
if (!$name) {
$name = pnUserGetVar('uname', $params['userId']);
}
$name = DataUtil::formatForDisplay($name);
if (isset($params['assign'])) {
$smarty->assign($params['assign'], $name);
}
return $name;
}
/**
* Install the TimeIt module.
*
* @return boolean
*/
function install()
{
// create the socialNetwork table
try {
DoctrineUtil::createTablesFromModels('TimeIt');
} catch (Exception $e) {
LogUtil::registerError($e->getMessage());
return false;
}
// add module vars
pnModSetVar('TimeIt', 'monthtoday', '#FF3300');
pnModSetVar('TimeIt', 'monthon', '');
pnModSetVar('TimeIt', 'monthoff', '#d4d2d2');
pnModSetVar('TimeIt', 'rssatomitems', 20);
pnModSetVar('TimeIt', 'notifyEvents', 0);
pnModSetVar('TimeIt', 'notifyEventsEmail', pnUserGetVar('email', 2));
pnModSetVar('TimeIt', 'itemsPerPage', 25);
pnModSetVar('TimeIt', 'filterByPermission', 0);
pnModSetVar('TimeIt', 'popupOnHover', 0);
pnModSetVar('TimeIt', 'colorCats', 1);
pnModSetVar('TimeIt', 'googleMapsApiKey', '');
pnModSetVar('TimeIt', 'mapViewType', 'googleMaps');
pnModSetVar('TimeIt', 'mapHeight', 320);
pnModSetVar('TimeIt', 'mapWidth', 480);
pnModSetVar('TimeIt', 'colorCatsProp', 'Main');
pnModSetVar('TimeIt', 'hideTimeItAddress', 0);
pnModSetVar('TimeIt', 'defaultCalendar', 1);
pnModSetVar('TimeIt', 'firstWeekDay', 1);
pnModSetVar('TimeIt', 'defalutCatColor', 'silver');
pnModSetVar('TimeIt', 'truncateTitle', 30);
pnModSetVar('TimeIt', 'enablecategorization', 1);
pnModSetVar('TimeIt', 'userdeletionMode', 'anonymize');
// or delete
pnModSetVar('TimeIt', 'dateformat', 'datebrief');
pnModSetVar('TimeIt', 'defaultPrivateCalendar', 0);
pnModSetVar('TimeIt', 'sortMode', 'byname');
// or bysortvalue
return true;
}
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* To read the license please read the docs/license.txt or visit
* http://www.gnu.org/copyleft/gpl.html
*
*/
// grab the form variables
$tplview = pnVarCleanFromInput('tplview');
$viewtype = pnVarCleanFromInput('viewtype');
$eid = pnVarCleanFromInput('eid');
$Date = pnVarCleanFromInput('Date');
$print = pnVarCleanFromInput('print');
$uid = pnUserGetVar('uid');
$pc_username = pnVarCleanFromInput('pc_username');
$output =& new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
if (!pnModAPILoad('postcalendar', 'user')) {
die('Could not load PostCalendar user API');
}
$theme = pnUserGetTheme();
if (!pnThemeLoad($theme)) {
die('Could not load theme');
}
$output->Text('<html><head>');
$output->Text("<title>" . pnConfigGetVar('sitename') . ' :: ' . pnConfigGetVar('slogan') . "</title>\n");
$output->Text('<link rel="StyleSheet" href="themes/' . $theme . '/style/styleNN.css" type="text/css" />');
$output->Text('<style type="text/css">@import url("themes/' . $theme . '/style/style.css"); </style>');
$output->Text('</head>');
/**
* display block
*/
function postcalendar_calendarblock_display($blockinfo)
{
// You supposed to be here?
if (!pnSecAuthAction(0, 'PostCalendar:calendarblock:', "{$blockinfo['title']}::", ACCESS_OVERVIEW)) {
return false;
}
// find out what view we're using
$template_view = pnVarCleanFromInput('tplview');
if (!isset($template_view)) {
$template_view = 'default';
}
// find out what template we're using
$template_name = _SETTING_TEMPLATE;
if (!isset($template_name) || empty($template_name)) {
$template_name = 'default';
}
// What is today's correct date
$Date =& postcalendar_getDate();
// Get variables from content block
$vars = unserialize($blockinfo['content']);
$showcalendar = $vars['pcbshowcalendar'];
$showevents = $vars['pcbeventoverview'];
$eventslimit = $vars['pcbeventslimit'];
$nextevents = $vars['pcbnextevents'];
$pcbshowsslinks = $vars['pcbshowsslinks'];
$pcbeventsrange = $vars['pcbeventsrange'];
// Let's setup the info to build this sucka!
$the_year = substr($Date, 0, 4);
$the_month = substr($Date, 4, 2);
$the_day = substr($Date, 6, 2);
$uid = pnUserGetVar('uid');
$cacheid1 = $cacheid2 = $cacheid3 = '';
$theme = pnUserGetTheme();
pnThemeLoad($theme);
global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5;
global $textcolor1, $textcolor2;
// 20021125 - rraymond :: we have to do this to make it work with envolution
$pcModInfo = pnModGetInfo(pnModGetIDFromName(__POSTCALENDAR__));
$pcDir = pnVarPrepForOS($pcModInfo['directory']);
require_once "modules/{$pcDir}/pnincludes/Smarty/Config_File.class.php";
unset($pcModInfo);
// set up Smarty
$tpl =& new pcSmarty();
// setup the Smarty cache id
$templates_cached = true;
if ($showcalendar) {
$cacheid1 = md5($Date . 'M' . $template_view . $template_name . $showcalendar . $showevents . $nextevents . $uid . $theme);
if (!$tpl->is_cached($template_name . '/views/calendarblock/month_view.html', $cacheid1)) {
$templates_cached = false;
}
}
if ($showevents) {
$cacheid2 = md5($Date . 'T' . $template_view . $template_name . $showcalendar . $showevents . $nextevents . $uid . $theme);
if (!$tpl->is_cached($template_name . '/views/calendarblock/todays_events.html', $cacheid2)) {
$templates_cached = false;
}
}
if ($nextevents) {
$cacheid3 = md5($Date . 'U' . $template_view . $template_name . $showcalendar . $showevents . $nextevents . $uid . $theme);
if (!$tpl->is_cached($template_name . '/views/calendarblock/upcoming_events.html', $cacheid3)) {
$templates_cached = false;
}
}
// start the output container
$output = pnModAPIFunc(__POSTCALENDAR__, 'user', 'pageSetup');
// if one of the templates is not cached, we need to run the following
if (!$templates_cached) {
// set up the next and previous months to move to
$prev_month = Date_Calc::beginOfPrevMonth(1, $the_month, $the_year, '%Y%m%d');
$next_month = Date_Calc::beginOfNextMonth(1, $the_month, $the_year, '%Y%m%d');
$last_day = Date_Calc::daysInMonth($the_month, $the_year);
$pc_prev = pnModURL(__POSTCALENDAR__, 'user', 'view', array('tplview' => $template_view, 'viewtype' => 'month', 'Date' => $prev_month));
$pc_next = pnModURL(__POSTCALENDAR__, 'user', 'view', array('tplview' => $template_view, 'viewtype' => 'month', 'Date' => $next_month));
$pc_month_name = pnModAPIFunc(__POSTCALENDAR__, 'user', 'getmonthname', array('Date' => mktime(0, 0, 0, $the_month, $the_day, $the_year)));
$month_link_url = pnModURL(__POSTCALENDAR__, 'user', 'view', array('tplview' => $template_view, 'viewtype' => 'month', 'Date' => date('Ymd', mktime(0, 0, 0, $the_month, 1, $the_year))));
$month_link_text = $pc_month_name . ' ' . $the_year;
//*******************************************************************
// Here we get the events for the current month view
//*******************************************************************
$day_of_week = 1;
$pc_month_names = array(_CALJAN, _CALFEB, _CALMAR, _CALAPR, _CALMAY, _CALJUN, _CALJUL, _CALAUG, _CALSEP, _CALOCT, _CALNOV, _CALDEC);
$pc_short_day_names = array(_CALSUNDAYSHORT, _CALMONDAYSHORT, _CALTUESDAYSHORT, _CALWEDNESDAYSHORT, _CALTHURSDAYSHORT, _CALFRIDAYSHORT, _CALSATURDAYSHORT);
$pc_long_day_names = array(_CALSUNDAY, _CALMONDAY, _CALTUESDAY, _CALWEDNESDAY, _CALTHURSDAY, _CALFRIDAY, _CALSATURDAY);
switch (_SETTING_FIRST_DAY_WEEK) {
case _IS_MONDAY:
$pc_array_pos = 1;
$first_day = date('w', mktime(0, 0, 0, $the_month, 0, $the_year));
$end_dow = date('w', mktime(0, 0, 0, $the_month, $last_day, $the_year));
if ($end_dow != 0) {
$the_last_day = $last_day + (7 - $end_dow);
} else {
$the_last_day = $last_day;
}
break;
case _IS_SATURDAY:
$pc_array_pos = 6;
$first_day = date('w', mktime(0, 0, 0, $the_month, 2, $the_year));
$end_dow = date('w', mktime(0, 0, 0, $the_month, $last_day, $the_year));
if ($end_dow == 6) {
$the_last_day = $last_day + 6;
} elseif ($end_dow != 5) {
$the_last_day = $last_day + (5 - $end_dow);
} else {
$the_last_day = $last_day;
}
break;
case _IS_SUNDAY:
default:
$pc_array_pos = 0;
$first_day = date('w', mktime(0, 0, 0, $the_month, 1, $the_year));
$end_dow = date('w', mktime(0, 0, 0, $the_month, $last_day, $the_year));
if ($end_dow != 6) {
$the_last_day = $last_day + (6 - $end_dow);
} else {
$the_last_day = $last_day;
}
break;
}
$month_view_start = date('Y-m-d', mktime(0, 0, 0, $the_month, 1, $the_year));
$month_view_end = date('Y-m-t', mktime(0, 0, 0, $the_month, 1, $the_year));
$today_date = postcalendar_today('%Y-%m-%d');
$starting_date = date('m/d/Y', mktime(0, 0, 0, $the_month, 1 - $first_day, $the_year));
$ending_date = date('m/t/Y', mktime(0, 0, 0, $the_month + $pcbeventsrange, 1, $the_year));
$eventsByDate =& pnModAPIFunc(__POSTCALENDAR__, 'user', 'pcGetEvents', array('start' => $starting_date, 'end' => $ending_date));
$calendarView = Date_Calc::getCalendarMonth($the_month, $the_year, '%Y-%m-%d');
$sdaynames = array();
$numDays = count($pc_short_day_names);
for ($i = 0; $i < $numDays; $i++) {
if ($pc_array_pos >= $numDays) {
$pc_array_pos = 0;
}
array_push($sdaynames, $pc_short_day_names[$pc_array_pos]);
$pc_array_pos++;
}
$daynames = array();
$numDays = count($pc_long_day_names);
for ($i = 0; $i < $numDays; $i++) {
if ($pc_array_pos >= $numDays) {
$pc_array_pos = 0;
}
array_push($daynames, $pc_long_day_names[$pc_array_pos]);
$pc_array_pos++;
}
$dates = array();
while ($starting_date <= $ending_date) {
array_push($dates, $starting_date);
list($m, $d, $y) = explode('/', $starting_date);
$starting_date = Date_Calc::nextDay($d, $m, $y, '%m/%d/%Y');
}
$categories =& pnModAPIFunc(__POSTCALENDAR__, 'user', 'getCategories');
if (isset($calendarView)) {
$tpl->assign_by_ref('CAL_FORMAT', $calendarView);
}
$tpl->assign_by_ref('A_MONTH_NAMES', $pc_month_names);
$tpl->assign_by_ref('A_LONG_DAY_NAMES', $pc_long_day_names);
$tpl->assign_by_ref('A_SHORT_DAY_NAMES', $pc_short_day_names);
$tpl->assign_by_ref('S_LONG_DAY_NAMES', $daynames);
$tpl->assign_by_ref('S_SHORT_DAY_NAMES', $sdaynames);
$tpl->assign_by_ref('A_EVENTS', $eventsByDate);
$tpl->assign_by_ref('A_CATEGORY', $categories);
$tpl->assign_by_ref('PREV_MONTH_URL', $pc_prev);
$tpl->assign_by_ref('NEXT_MONTH_URL', $pc_next);
$tpl->assign_by_ref('MONTH_START_DATE', $month_view_start);
$tpl->assign_by_ref('MONTH_END_DATE', $month_view_end);
$tpl->assign_by_ref('TODAY_DATE', $today_date);
$tpl->assign_by_ref('DATE', $Date);
$tpl->assign_by_ref('DISPLAY_LIMIT', $eventslimit);
$tpl->assign('TODAYS_EVENTS_TITLE', _PC_TODAYS_EVENTS);
$tpl->assign('UPCOMING_EVENTS_TITLE', _PC_UPCOMING_EVENTS);
$tpl->assign('NO_EVENTS', _PC_BLOCK_NO_EVENTS);
}
if ($showcalendar) {
// we need to create a unique ID for caching purposes
$output .= $tpl->fetch($template_name . '/views/calendarblock/month_view.html', $cacheid1);
}
if ($showevents) {
if ($showcalendar) {
$tpl->assign('SHOW_TITLE', 1);
} else {
$tpl->assign('SHOW_TITLE', 0);
}
// we need to create a unique ID for caching purposes
$output .= $tpl->fetch($template_name . '/views/calendarblock/todays_events.html', $cacheid2);
}
if ($nextevents) {
if ($showcalendar || $showevents) {
$tpl->assign('SHOW_TITLE', 1);
} else {
$tpl->assign('SHOW_TITLE', 0);
}
// we need to create a unique ID for caching purposes
$output .= $tpl->fetch($template_name . '/views/calendarblock/upcoming_events.html', $cacheid3);
}
if ($pcbshowsslinks) {
$output .= '<br /><br />';
$submit_event_url = pnModURL(__POSTCALENDAR__, 'user', 'submit');
$search_event_url = pnModURL(__POSTCALENDAR__, 'user', 'search');
$output .= '<center>';
if (PC_ACCESS_ADD) {
$output .= '[ <a href="' . $submit_event_url . '">' . _PC_SUBMIT_EVENT . '</a> ] ';
}
$output .= '[ <a href="' . $search_event_url . '">' . _PC_SEARCH_EVENT . '</a> ]';
$output .= '</center>';
}
// Populate block info and pass to theme
$blockinfo['content'] = $output;
return themesideblock($blockinfo);
}
function rss_connect(&$row, $use_proxy)
{
$pntable = pnDBGetTables();
$proxy = pnUserGetVar('proxy');
// build HTTP request header
$str = "";
$str .= "GET {$row['url']} HTTP/1.0 \r\n";
// if we need to use a proxy, we must build the HTTP header
if ($proxy['host'] != "" && $proxy['port'] != "" && $use_proxy && $proxy['enable']) {
// copy host information from proxy settings
// echo "Connecting to proxyserver ";
$host = $proxy['host'];
$port = $proxy['port'];
$conn_type = "proxy ";
// used for debugging and errors only
// add some extra header lines if PROXY authentication is required
if ($proxy['name'] != "" && $proxy['pass'] != "") {
$str .= "Proxy-Authorization: Basic ";
$str .= base64_encode($proxy['name'] . ":" . $proxy['pass']) . "\r\n";
$row['conn_comment'] .= " \n<!-- via Authenticating Proxy {$proxy['name']}:{$proxy['pass']}@{$proxy['host']}:{$proxy['port']} -->";
} else {
$row['conn_comment'] .= " \n<!-- via Proxy {$proxy['host']}:{$proxy['port']} -->";
}
} else {
$u = parse_url($row['url']);
$u['port'] = $u['port'] ? $u['port'] : 80;
// copy the remote host information in case of no proxy
if ($this->_debug) {
echo "Connecting to host ";
}
$host = $u['host'];
$port = $u['port'];
$conn_type = "remote ";
// used for debugging and errors only
// add some extra header info if SITE authentication is required
if ($uname != "" && $pass != "") {
$str .= "Authorization: Basic ";
$str .= base64_encode($set['uname'] . ":" . $set['pass']) . "\r\n";
$row['conn_comment'] .= " \n<!-- using authentication {$set['uname']}:{$set['pass']} -->";
}
}
// End with empty line according to protocol.
$str .= "\r\n";
// open the connection to the remote host, or the proxy
$fp = fsockopen($host, $port, $errno, $errstr, 2);
if (!$fp) {
return false;
} else {
// write the request
fputs($fp, $str);
return $fp;
}
}
function mediashare_userapi_getSubAlbumsData($args)
{
// Check access
if (!SecurityUtil::checkPermission('mediashare::', '::', ACCESS_READ)) {
return LogUtil::registerPermissionError();
}
$dom = ZLanguage::getModuleDomain('mediashare');
// Argument check
if (!isset($args['albumId'])) {
return LogUtil::registerError(__f('Missing [%1$s] in \'%2$s\'', array('albumId', 'userapi.getSubAlbumsData'), $dom));
}
$albumId = (int) $args['albumId'];
$startnum = isset($args['startnum']) ? (int) $args['startnum'] : -1;
$numitems = isset($args['numitems']) ? (int) $args['numitems'] : -1;
$recursively = isset($args['recursively']) ? (bool) $args['recursively'] : false;
$access = isset($args['access']) ? (int) $args['access'] : 0xff;
$excludeAlbumId = isset($args['excludeAlbumId']) ? (int) $args['excludeAlbumId'] : null;
$onlyMine = isset($args['onlyMine']) ? $args['onlyMine'] : false;
$includeMainItem = isset($args['includeMainItem']) ? (bool) $args['includeMainItem'] : true;
// FIXME rework this to default false
$pntable = pnDBGetTables();
$albumsColumn = $pntable['mediashare_albums_column'];
$accessibleAlbumSql = pnModAPIFunc('mediashare', 'user', 'getAccessibleAlbumsSql', array('albumId' => $recursively ? null : $albumId, 'access' => $access, 'field' => $albumsColumn['id']));
if (!$accessibleAlbumSql) {
return false;
}
$excludeRestriction = '';
if ($excludeAlbumId != null) {
if (!($excludeAlbum = pnModAPIFunc('mediashare', 'user', 'getAlbum', array('albumId' => $excludeAlbumId)))) {
return false;
}
$excludeRestriction = " AND ({$albumsColumn['nestedSetLeft']} < {$excludeAlbum['nestedSetLeft']}\r\n OR {$albumsColumn['nestedSetRight']} > {$excludeAlbum['nestedSetRight']}) ";
}
$mineSql = '';
if ($onlyMine) {
$uid = (int) pnUserGetVar('uid');
$mineSql = " AND {$albumsColumn['ownerId']} = '{$uid}'";
}
$where = "({$accessibleAlbumSql}) {$excludeRestriction} {$mineSql}";
if ($recursively) {
$orderby = "{$albumsColumn['nestedSetLeft']}, {$albumsColumn['title']}";
} else {
$where .= " AND {$albumsColumn['parentAlbumId']} = '{$albumId}'";
$orderby = $albumsColumn['title'];
}
$subalbums = DBUtil::selectObjectArray('mediashare_albums', $where, $orderby, $startnum, $numitems, 'id');
if ($subalbums === false) {
return LogUtil::registerError(__f('Error in %1$s: %2$s.', array('userapi.getSubAlbumsData', 'Could not retrieve the sub albums information.'), $dom));
}
foreach (array_keys($subalbums) as $k) {
$subalbums[$k]['mainMediaItem'] = null;
if ($includeMainItem && (int) $subalbums[$k]['mainMediaId'] > 0) {
$subalbums[$k]['mainMediaItem'] = pnModAPIFunc('mediashare', 'user', 'getMediaItem', array('mediaId' => $subalbums[$k]['mainMediaId']));
}
$subalbums[$k]['extappData'] = unserialize($subalbums[$k]['extappData']);
mediashareAddKeywords($subalbums[$k]);
}
return $subalbums;
}
/**
* display item
* This is a standard function to provide detailed information on a single item
* available from the module.
*/
function postcalendar_user_display($args)
{
list($eid, $viewtype, $tplview, $pc_username, $Date, $print, $category, $topic, $pc_facility) = pnVarCleanFromInput('eid', 'viewtype', 'tplview', 'pc_username', 'Date', 'print', 'pc_category', 'pc_topic', 'pc_facility');
// added to allow the view & providers to remain as the user last saw it -- JRM
if ($_SESSION['viewtype']) {
$viewtype = $_SESSION['viewtype'];
}
if ($_SESSION['pc_username']) {
$pc_username = $_SESSION['pc_username'];
}
// funky things happen if the view is 'details' and we don't have an event ID
// so in such a case, we're going to revert to the 'day' view -- JRM
if ($viewtype == 'details' && (!isset($eid) || $eid == "")) {
$_SESSION['viewtype'] = 'day';
$viewtype = $_SESSION['viewtype'];
}
extract($args);
if (empty($Date) && empty($viewtype)) {
return false;
}
if (empty($tplview)) {
$tplview = 'default';
}
$uid = pnUserGetVar('uid');
$theme = pnUserGetTheme();
//$cacheid = md5($Date.$viewtype.$tplview._SETTING_TEMPLATE.$eid.$print.$uid.'u'.$pc_username.$theme.'c'.$category.'t'.$topic);
$cacheid = md5(strtotime("now"));
switch ($viewtype) {
case 'details':
if (!(bool) PC_ACCESS_READ) {
return _POSTCALENDARNOAUTH;
}
$event = pnModAPIFunc('PostCalendar', 'user', 'eventDetail', array('eid' => $eid, 'Date' => $Date, 'print' => $print, 'cacheid' => $cacheid));
if ($event === false) {
pnRedirect(pnModURL(__POSTCALENDAR__, 'user'));
}
$out = "\n\n<!-- START user_display -->\n\n";
$out .= $event;
$out .= "\n\n<!-- END user_display -->\n\n";
break;
default:
if (!(bool) PC_ACCESS_OVERVIEW) {
return _POSTCALENDARNOAUTH;
}
$out = "\n\n<!-- START user_display -->\n\n";
$out .= pnModAPIFunc('PostCalendar', 'user', 'buildView', array('Date' => $Date, 'viewtype' => $viewtype, 'cacheid' => $cacheid));
$out .= "\n\n<!-- END user_display -->\n\n";
break;
}
// Return the output that has been generated by this function
return $out;
}
function postcalendar_admin_submit($args)
{
if (!PC_ACCESS_ADMIN) {
return _POSTCALENDAR_NOAUTH;
}
pnModAPILoad(__POSTCALENDAR__, 'user');
$output = postcalendar_adminmenu();
// get the theme globals :: is there a better way to do this?
pnThemeLoad(pnUserGetTheme());
global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5, $textcolor1, $textcolor2;
extract($args);
$Date = postcalendar_getDate();
$year = substr($Date, 0, 4);
$month = substr($Date, 4, 2);
$day = substr($Date, 6, 2);
// basic event information
$event_subject = pnVarCleanFromInput('event_subject');
$event_desc = pnVarCleanFromInput('event_desc');
$event_sharing = pnVarCleanFromInput('event_sharing');
$event_category = pnVarCleanFromInput('event_category');
$event_topic = pnVarCleanFromInput('event_topic');
// event start information
$event_startmonth = pnVarCleanFromInput('event_startmonth');
$event_startday = pnVarCleanFromInput('event_startday');
$event_startyear = pnVarCleanFromInput('event_startyear');
$event_starttimeh = pnVarCleanFromInput('event_starttimeh');
$event_starttimem = pnVarCleanFromInput('event_starttimem');
$event_startampm = pnVarCleanFromInput('event_startampm');
// event end information
$event_endmonth = pnVarCleanFromInput('event_endmonth');
$event_endday = pnVarCleanFromInput('event_endday');
$event_endyear = pnVarCleanFromInput('event_endyear');
$event_endtype = pnVarCleanFromInput('event_endtype');
$event_dur_hours = pnVarCleanFromInput('event_dur_hours');
$event_dur_minutes = pnVarCleanFromInput('event_dur_minutes');
$event_duration = 60 * 60 * $event_dur_hours + 60 * $event_dur_minutes;
$event_allday = pnVarCleanFromInput('event_allday');
// location data
$event_location = pnVarCleanFromInput('event_location');
$event_street1 = pnVarCleanFromInput('event_street1');
$event_street2 = pnVarCleanFromInput('event_street2');
$event_city = pnVarCleanFromInput('event_city');
$event_state = pnVarCleanFromInput('event_state');
$event_postal = pnVarCleanFromInput('event_postal');
$event_location_info = serialize(compact('event_location', 'event_street1', 'event_street2', 'event_city', 'event_state', 'event_postal'));
// contact data
$event_contname = pnVarCleanFromInput('event_contname');
$event_conttel = pnVarCleanFromInput('event_conttel');
$event_contemail = pnVarCleanFromInput('event_contemail');
$event_website = pnVarCleanFromInput('event_website');
$event_fee = pnVarCleanFromInput('event_fee');
// event repeating data
$event_repeat = pnVarCleanFromInput('event_repeat');
$event_repeat_freq = pnVarCleanFromInput('event_repeat_freq');
$event_repeat_freq_type = pnVarCleanFromInput('event_repeat_freq_type');
$event_repeat_on_num = pnVarCleanFromInput('event_repeat_on_num');
$event_repeat_on_day = pnVarCleanFromInput('event_repeat_on_day');
$event_repeat_on_freq = pnVarCleanFromInput('event_repeat_on_freq');
$event_recurrspec = serialize(compact('event_repeat_freq', 'event_repeat_freq_type', 'event_repeat_on_num', 'event_repeat_on_day', 'event_repeat_on_freq'));
$pc_html_or_text = pnVarCleanFromInput('pc_html_or_text');
$form_action = pnVarCleanFromInput('form_action');
$pc_event_id = pnVarCleanFromInput('pc_event_id');
$data_loaded = pnVarCleanFromInput('data_loaded');
$is_update = pnVarCleanFromInput('is_update');
$authid = pnVarCleanFromInput('authid');
if (pnUserLoggedIn()) {
$uname = pnUserGetVar('uname');
} else {
$uname = pnConfigGetVar('anonymous');
}
if (!isset($event_repeat)) {
$event_repeat = 0;
}
// lets wrap all the data into array for passing to submit and preview functions
if (!isset($pc_event_id) || empty($pc_event_id) || $data_loaded) {
$eventdata = compact('event_subject', 'event_desc', 'event_sharing', 'event_category', 'event_topic', 'event_startmonth', 'event_startday', 'event_startyear', 'event_starttimeh', 'event_starttimem', 'event_startampm', 'event_endmonth', 'event_endday', 'event_endyear', 'event_endtype', 'event_dur_hours', 'event_dur_minutes', 'event_duration', 'event_allday', 'event_location', 'event_street1', 'event_street2', 'event_city', 'event_state', 'event_postal', 'event_location_info', 'event_contname', 'event_conttel', 'event_contemail', 'event_website', 'event_fee', 'event_repeat', 'event_repeat_freq', 'event_repeat_freq_type', 'event_repeat_on_num', 'event_repeat_on_day', 'event_repeat_on_freq', 'event_recurrspec', 'uname', 'Date', 'year', 'month', 'day', 'pc_html_or_text');
$eventdata['is_update'] = $is_update;
$eventdata['pc_event_id'] = $pc_event_id;
$eventdata['data_loaded'] = true;
} else {
$event = postcalendar_userapi_pcGetEventDetails($pc_event_id);
$eventdata['event_subject'] = $event['title'];
$eventdata['event_desc'] = $event['hometext'];
$eventdata['event_sharing'] = $event['sharing'];
$eventdata['event_category'] = $event['catid'];
$eventdata['event_topic'] = $event['topic'];
$eventdata['event_startmonth'] = substr($event['eventDate'], 5, 2);
$eventdata['event_startday'] = substr($event['eventDate'], 8, 2);
$eventdata['event_startyear'] = substr($event['eventDate'], 0, 4);
$eventdata['event_starttimeh'] = substr($event['startTime'], 0, 2);
$eventdata['event_starttimem'] = substr($event['startTime'], 3, 2);
$eventdata['event_startampm'] = $eventdata['event_starttimeh'] < 12 ? _PC_AM : _PC_PM;
$eventdata['event_endmonth'] = substr($event['endDate'], 5, 2);
$eventdata['event_endday'] = substr($event['endDate'], 8, 2);
$eventdata['event_endyear'] = substr($event['endDate'], 0, 4);
$eventdata['event_endtype'] = $event['endDate'] == '0000-00-00' ? '0' : '1';
$eventdata['event_dur_hours'] = $event['duration_hours'];
$eventdata['event_dur_minutes'] = $event['duration_minutes'];
$eventdata['event_duration'] = $event['duration'];
$eventdata['event_allday'] = $event['alldayevent'];
$loc_data = unserialize($event['location']);
$eventdata['event_location'] = $loc_data['event_location'];
$eventdata['event_street1'] = $loc_data['event_street1'];
$eventdata['event_street2'] = $loc_data['event_street2'];
$eventdata['event_city'] = $loc_data['event_city'];
$eventdata['event_state'] = $loc_data['event_state'];
$eventdata['event_postal'] = $loc_data['event_postal'];
$eventdata['event_location_info'] = $loc_data;
$eventdata['event_contname'] = $event['contname'];
$eventdata['event_conttel'] = $event['conttel'];
$eventdata['event_contemail'] = $event['contemail'];
$eventdata['event_website'] = $event['website'];
$eventdata['event_fee'] = $event['fee'];
$eventdata['event_repeat'] = $event['recurrtype'];
$eventdata['event_pid'] = $event['pid'];
$eventdata['event_aid'] = $event['aid'];
$rspecs = unserialize($event['recurrspec']);
$eventdata['event_repeat_freq'] = $rspecs['event_repeat_freq'];
$eventdata['event_repeat_freq_type'] = $rspecs['event_repeat_freq_type'];
$eventdata['event_repeat_on_num'] = $rspecs['event_repeat_on_num'];
$eventdata['event_repeat_on_day'] = $rspecs['event_repeat_on_day'];
$eventdata['event_repeat_on_freq'] = $rspecs['event_repeat_on_freq'];
$eventdata['event_recurrspec'] = $rspecs;
$eventdata['uname'] = $uname;
$eventdata['Date'] = $Date;
$eventdata['year'] = $year;
$eventdata['month'] = $month;
$eventdata['day'] = $day;
$eventdata['is_update'] = true;
$eventdata['pc_event_id'] = $pc_event_id;
$eventdata['data_loaded'] = true;
$eventdata['pc_html_or_text'] = $pc_html_or_text;
}
// lets get the module's information
$modinfo = pnModGetInfo(pnModGetIDFromName(__POSTCALENDAR__));
$categories = pnModAPIFunc(__POSTCALENDAR__, 'user', 'getCategories');
//================================================================
// ERROR CHECKING
//================================================================
$required_vars = array('event_subject', 'event_desc');
$required_name = array(_PC_EVENT_TITLE, _PC_EVENT_DESC);
$error_msg = '';
$reqCount = count($required_vars);
for ($r = 0; $r < $reqCount; $r++) {
if (empty(${$required_vars}[$r]) || !preg_match('/\\S/i', ${$required_vars}[$r])) {
$error_msg .= '<b>' . $required_name[$r] . '</b> ' . _PC_SUBMIT_ERROR4 . '<br />';
}
}
unset($reqCount);
// check repeating frequencies
if ($event_repeat == REPEAT) {
if (!isset($event_repeat_freq) || $event_repeat_freq < 1 || empty($event_repeat_freq)) {
$error_msg .= _PC_SUBMIT_ERROR5 . '<br />';
} elseif (!is_numeric($event_repeat_freq)) {
$error_msg .= _PC_SUBMIT_ERROR6 . '<br />';
}
} elseif ($event_repeat == REPEAT_ON) {
if (!isset($event_repeat_on_freq) || $event_repeat_on_freq < 1 || empty($event_repeat_on_freq)) {
$error_msg .= _PC_SUBMIT_ERROR5 . '<br />';
} elseif (!is_numeric($event_repeat_on_freq)) {
$error_msg .= _PC_SUBMIT_ERROR6 . '<br />';
}
}
// check date validity
if (_SETTING_TIME_24HOUR) {
$startTime = $event_starttimeh . ':' . $event_starttimem;
$endTime = $event_endtimeh . ':' . $event_endtimem;
} else {
if ($event_startampm == _AM_VAL) {
$event_starttimeh = $event_starttimeh == 12 ? '00' : $event_starttimeh;
} else {
$event_starttimeh = $event_starttimeh != 12 ? $event_starttimeh += 12 : $event_starttimeh;
}
$startTime = $event_starttimeh . ':' . $event_starttimem;
}
$sdate = strtotime($event_startyear . '-' . $event_startmonth . '-' . $event_startday);
$edate = strtotime($event_endyear . '-' . $event_endmonth . '-' . $event_endday);
$tdate = strtotime(date('Y-m-d'));
if ($edate < $sdate && $event_endtype == 1) {
$error_msg .= _PC_SUBMIT_ERROR1 . '<br />';
}
if (!checkdate($event_startmonth, $event_startday, $event_startyear)) {
$error_msg .= _PC_SUBMIT_ERROR2 . '<br />';
}
if (!checkdate($event_endmonth, $event_endday, $event_endyear)) {
$error_msg .= _PC_SUBMIT_ERROR3 . '<br />';
}
//================================================================
// Preview the event
//================================================================
if ($form_action == 'preview') {
if (!empty($error_msg)) {
$preview = false;
$output .= '<table border="0" width="100%" cellpadding="1" cellspacing="0"><tr><td bgcolor="red">';
$output .= '<table border="0" width="100%" cellpadding="1" cellspacing="0"><tr><td bgcolor="pink">';
$output .= '<center><b>' . _PC_SUBMIT_ERROR . '</b></center>';
$output .= '<br />';
$output .= $error_msg;
$output .= '</td></td></table>';
$output .= '</td></td></table>';
$output .= '<br /><br />';
} else {
$output .= pnModAPIFunc(__POSTCALENDAR__, 'user', 'eventPreview', $eventdata);
$output .= '<br />';
}
}
//================================================================
// Enter the event into the DB
//================================================================
if ($form_action == 'commit') {
//if (!pnSecConfirmAuthKey()) { return(_NO_DIRECT_ACCESS); }
if (!empty($error_msg)) {
$preview = false;
$output .= '<table border="0" width="100%" cellpadding="1" cellspacing="0"><tr><td bgcolor="red">';
$output .= '<table border="0" width="100%" cellpadding="1" cellspacing="0"><tr><td bgcolor="pink">';
$output .= '<center><b>' . _PC_SUBMIT_ERROR . '</b></center>';
$output .= '<br />';
$output .= $error_msg;
$output .= '</td></td></table>';
$output .= '</td></td></table>';
$output .= '<br /><br />';
} else {
if (!pnModAPIFunc(__POSTCALENDAR__, 'admin', 'submitEvent', $eventdata)) {
$output .= '<center><div style="padding:5px; border:1px solid red; background-color: pink;">';
$output .= "<b>" . _PC_EVENT_SUBMISSION_FAILED . "</b>";
$output .= '</div></center><br />';
$output .= '<br />';
} else {
// clear the Smarty cache
$tpl = new pcSmarty();
$tpl->clear_all_cache();
$output .= '<center><div style="padding:5px; border:1px solid green; background-color: lightgreen;">';
if ($is_update) {
$output .= "<b>" . _PC_EVENT_EDIT_SUCCESS . "</b>";
} else {
$output .= "<b>" . _PC_EVENT_SUBMISSION_SUCCESS . "</b>";
}
$output .= '</div></center><br />';
$output .= '<br />';
// clear the form vars
$event_subject = $event_desc = $event_sharing = $event_category = $event_topic = $event_startmonth = $event_startday = $event_startyear = $event_starttimeh = $event_starttimem = $event_startampm = $event_endmonth = $event_endday = $event_endyear = $event_endtype = $event_dur_hours = $event_dur_minutes = $event_duration = $event_allday = $event_location = $event_street1 = $event_street2 = $event_city = $event_state = $event_postal = $event_location_info = $event_contname = $event_conttel = $event_contemail = $event_website = $event_fee = $event_repeat = $event_repeat_freq = $event_repeat_freq_type = $event_repeat_on_num = $event_repeat_on_day = $event_repeat_on_freq = $event_recurrspec = $uname = $Date = $year = $month = $day = $pc_html_or_text = null;
$is_update = false;
$pc_event_id = 0;
// lets wrap all the data into array for passing to submit and preview functions
$eventdata = compact('event_subject', 'event_desc', 'event_sharing', 'event_category', 'event_topic', 'event_startmonth', 'event_startday', 'event_startyear', 'event_starttimeh', 'event_starttimem', 'event_startampm', 'event_endmonth', 'event_endday', 'event_endyear', 'event_endtype', 'event_dur_hours', 'event_dur_minutes', 'event_duration', 'event_allday', 'event_location', 'event_street1', 'event_street2', 'event_city', 'event_state', 'event_postal', 'event_location_info', 'event_contname', 'event_conttel', 'event_contemail', 'event_website', 'event_fee', 'event_repeat', 'event_repeat_freq', 'event_repeat_freq_type', 'event_repeat_on_num', 'event_repeat_on_day', 'event_repeat_on_freq', 'event_recurrspec', 'uname', 'Date', 'year', 'month', 'day', 'pc_html_or_text', 'is_update', 'pc_event_id');
}
}
}
$output .= pnModAPIFunc('PostCalendar', 'admin', 'buildSubmitForm', $eventdata);
return $output;
}
/**
* get a Time String in the right format
*
* @deprecated
*
* @param time $ - prefix string
* @return mixed string if successfull, false if not
*/
function GetUserTime($time)
{
LogUtil::log(__f('Warning! Function %1$s is deprecated.', 'GetUserTime'), E_USER_DEPRECATED);
if (empty($time)) {
return;
}
if (pnUserLoggedIn()) {
$time += (pnUserGetVar('tzoffset') - System::getVar('timezone_server')) * 3600;
} else {
$time += (System::getVar('timezone_offset') - System::getVar('timezone_server')) * 3600;
}
return ($time);
}
function user_user_main($var)
{
include 'header.php';
user_menu_draw();
if (pnUserLoggedIn()) {
$uname = pnUserGetVar('uname');
if (pnModAvailable('Comments')) {
user_main_last10com($uname);
}
if (pnModAvailable('News')) {
user_main_last10submit($uname);
}
include 'footer.php';
}
// ?else
}
function blocks_past_block($row)
{
$catid = pnVarCleanFromInput('catid');
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$oldnum = pnConfigGetVar('perpage');
if (!pnSecAuthAction(0, 'Pastblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
if (pnUserLoggedIn()) {
$storyhome = pnUserGetVar('storynum');
} else {
$storyhome = pnConfigGetVar('storyhome');
}
// Break out options from our content field
$vars = pnBlockVarsFromContent($row['content']);
// Defaults
if (empty($storynum)) {
$storynum = 10;
}
if (empty($vars['limit'])) {
$vars['limit'] = 10;
}
$storynum = $vars['limit'];
$column =& $pntable['stories_column'];
if (!isset($catid) || $catid == '') {
$articles = getArticles("{$column['ihome']}=0", "{$column['time']} DESC", $storynum, $storyhome);
} else {
$articles = getArticles("{$column['catid']}={$catid}", "{$column['time']} DESC", $storynum, $storyhome);
}
$time2 = "";
setlocale(LC_TIME, pnConfigGetVar('locale'));
$boxstuff = "<table width=\"100%\" cellpadding=\"1\" cellspacing=\"0\" border=\"0\" class=\"pn-normal\">\n";
$vari = 0;
$see = 0;
foreach ($articles as $article) {
$info = genArticleInfo($article);
$links = genArticleLinks($info);
$preformat = genArticlePreformat($info, $links);
// a little bit tricky to remove the bold property from link description
// (2001-11-15, hdonner)
$preformat['title'] = str_replace("pn-title", "pn-normal", $preformat['title']);
if (!pnSecAuthAction(0, 'Stories::Story', "{$info['aid']}:{$info['cattitle']}:{$info['sid']}", ACCESS_READ) || !pnSecAuthAction(0, 'Topics::Topic', "{$info['topicname']}::{$info['tid']}", ACCESS_READ)) {
continue;
}
$see = 1;
ereg("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $info['time'], $datetime2);
$datetime2 = ml_ftime("" . _DATESTRING2 . "", mktime($datetime2[4], $datetime2[5], $datetime2[6], $datetime2[2], $datetime2[3], $datetime2[1]));
$datetime2 = ucfirst($datetime2);
if ($time2 == $datetime2) {
$boxstuff .= "<tr><td valign=\"top\"><big><strong>·</strong></big></td>" . "<td valign=\"top\" width=\"100%\"><span class=\"pn-normal\">" . $preformat['title'] . " ({$info['comments']})</span></td></tr>\n";
} else {
$boxstuff .= "<tr><td colspan=\"2\"><b>{$datetime2}</b></td></tr>\n" . "<tr><td valign=\"top\"><big><strong>·</strong></big></td>" . "<td valign=\"top\" width=\"100%\"><span class=\"pn-normal\">{$preformat['title']} ({$info['comments']})</span></td></tr>\n";
$time2 = $datetime2;
}
$vari++;
if ($vari == $vars['limit']) {
$usernum = pnUserGetVar('storynum');
if (!empty($usernum)) {
$storynum = $usernum;
} else {
$storynum = pnConfigGetVar('storyhome');
}
$min = $oldnum + $storynum;
$boxstuff .= "<tr><td> </td><td valign=\"top\"><a class=\"pn-normal\"";
if (!isset($catid)) {
$boxstuff .= "href=\"modules.php?op=modload&name=Search&file=index&action=search&overview=1&active_stories=1\"><b>" . _OLDERARTICLES . "</b></a></td></tr>\n";
} else {
$boxstuff .= "href=\"modules.php?op=modload&name=Search&file=index&action=search&overview=1&active_stories=1&stories_cat[0]={$catid}\"><b>" . _OLDERARTICLES . "</b></a></td></tr>\n";
}
}
}
$boxstuff .= "</table>";
if ($see == 1) {
if (empty($row['title'])) {
$row['title'] = _PASTARTICLES;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
}
/**
* List
*/
function mediashare_user_list($args)
{
$keyword = mediashareGetStringUrl('key', $args);
$uname = mediashareGetStringUrl('uname', $args);
$albumId = mediashareGetIntUrl('aid', $args, null);
$order = mediashareGetStringUrl('order', $args, 'title');
$orderDir = mediashareGetStringUrl('orderdir', $args);
$recordPos = mediashareGetIntUrl('pos', $args, 0);
$template = isset($args['tpl']) ? $args['tpl'] : 'list';
if (!($items = pnModAPIFunc('mediashare', 'user', 'getList', compact('keyword', 'uname', 'albumId', 'order', 'orderDir', 'recordPos')))) {
return false;
}
if (!($itemCount = pnModAPIFunc('mediashare', 'user', 'getListCount', compact('keyword', 'uname', 'albumId')))) {
return false;
}
$dom = ZLanguage::getModuleDomain('mediashare');
$filterTexts = array();
if ($keyword != '') {
$filterTexts[] = __f('Items tagged with "%s"', DataUtil::formatForDisplay($keyword), $dom);
}
if ($uname != '') {
$filterTexts[] = __f('Items by %s', DataUtil::formatForDisplay($uname), $dom);
}
if ($albumId != null) {
if (!($album = pnModAPIFunc('mediashare', 'user', 'getAlbum', array('albumId' => $albumId)))) {
return false;
}
$albumOwner = pnUserGetVar('uname', $album['ownerId']);
$filterTexts[] = __f('Items from %1$s\'s album \'%2$s\'', array(DataUtil::formatForDisplay($albumOwner), $album['title']), $dom);
}
if (count($filterTexts)) {
$filterText = implode(', ', $filterTexts);
} else {
$filterText = __('All items', $dom);
}
// Build the output
$render =& pnRender::getInstance('mediashare', false);
$render->assign('keyword', $keyword);
$render->assign('items', $items);
$render->assign('itemCount', $itemCount);
$render->assign('order', $order);
$render->assign('filterText', $filterText);
$render->assign('orderTitleClass', $order == 'title' ? ' class="selected"' : '');
$render->assign('orderUnameClass', $order == 'uname' ? ' class="selected"' : '');
$render->assign('orderCreatedClass', $order == 'created' ? ' class="selected"' : '');
$render->assign('orderModifiedClass', $order == 'modified' ? ' class="selected"' : '');
$render->assign('pos', $recordPos);
$template = DataUtil::formatForOS($template);
if (!$render->template_exists("mediashare_user_{$template}.html")) {
$template = 'list';
}
return $render->fetch("mediashare_user_{$template}.html");
}
/**
* Checks if user controlled block state
*
* Checks if the user has a state set for a current block
* Sets the default state for that block if not present
*
* @access private
*/
function pnCheckUserBlock($row)
{
if (!isset($row['bid'])) {
$row['bid'] = '';
}
if (pnUserLoggedIn()) {
$uid = pnUserGetVar('uid');
$dbconn =& pnDBGetConn(true);
$pntable =& pnDBGetTables();
$column =& $pntable['userblocks_column'];
$sql = "SELECT {$column['active']}\n\t\t FROM {$pntable['userblocks']}\n\t\t WHERE {$column['bid']} = '" . pnVarPrepForStore($row['bid']) . "'\n\t\t\t AND {$column['uid']} = '" . pnVarPrepForStore($uid) . "'";
$result =& $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', 'Error: ' . $dbconn->ErrorNo() . ': ' . $dbconn->ErrorMsg());
return true;
}
if ($result->EOF) {
$uid = pnVarPrepForStore($uid);
$row['bid'] = pnVarPrepForStore($row['bid']);
$sql = "INSERT INTO {$pntable['userblocks']}\n\t\t\t \t\t ({$column['uid']},\n\t\t\t\t\t \t\t\t{$column['bid']},\n\t\t\t\t\t \t\t\t{$column['active']})\n\t\t\t\t\tVALUES (" . pnVarPrepForStore($uid) . ",\n\t\t\t\t\t '{$row['bid']}',\n\t\t\t\t\t\t\t" . pnVarPrepForStore($row['defaultstate']) . ")";
$result =& $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', 'Error: ' . $dbconn->ErrorNo() . ': ' . $dbconn->ErrorMsg());
return true;
}
return true;
} else {
list($active) = $result->fields;
return $active;
}
} else {
return false;
}
}
/**
* User info
*/
function mediashare_editapi_getUserInfo()
{
$dom = ZLanguage::getModuleDomain('mediashare');
$user = (int) pnUserGetVar('uid');
$pntable = pnDBGetTables();
$mediaTable = $pntable['mediashare_media'];
$mediaColumn = $pntable['mediashare_media_column'];
$storageTable = $pntable['mediashare_mediastore'];
$storageColumn = $pntable['mediashare_mediastore_column'];
$sql = "SELECT SUM({$storageColumn['bytes']})\n FROM {$mediaTable}\n LEFT JOIN {$storageTable} original\n ON original.{$storageColumn['id']} = {$mediaColumn['originalId']}\n WHERE {$mediaColumn['ownerId']} = '{$user}'";
$result = DBUtil::executeSQL($sql);
if ($result === false) {
return LogUtil::registerError(__f('Error in %1$s: %2$s.', array('editapi.getUserInfo', 'Could not retrieve the user information.'), $dom));
}
$limitTotal = pnModGetVar('mediashare', 'mediaSizeLimitTotal');
$totalCapacityUsed = DBUtil::marshallObjects($result, array('used'));
$totalCapacityUsed = $totalCapacityUsed[0]['used'];
$user = array('totalCapacityUsed' => $totalCapacityUsed, 'totalCapacityLeft' => $totalCapacityUsed > $limitTotal ? 0 : $limitTotal - $totalCapacityUsed, 'mediaSizeLimitSingle' => pnModGetVar('mediashare', 'mediaSizeLimitSingle'), 'mediaSizeLimitTotal' => $limitTotal);
return $user;
}
function checkuserblock($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!isset($row['bid'])) {
$row['bid'] = '';
}
if (pnUserLoggedIn()) {
$uid = pnUserGetVar('uid');
$column =& $pntable['userblocks_column'];
$sql = "SELECT {$column['active']} FROM " . $pntable['userblocks'] . " WHERE " . $column['bid'] . "='" . pnVarPrepForStore($row['bid']) . "' AND " . $column['uid'] . "=" . pnVarPrepForStore($uid);
$result = $dbconn->Execute($sql);
if ($result === false) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "Error <br>{$sql}");
}
if ($result->EOF) {
$uid = pnVarPrepForStore($uid);
$row['bid'] = pnVarPrepForStore($row['bid']);
$sql = "INSERT INTO {$pntable['userblocks']} ({$column['uid']}, {$column['bid']}, {$column['active']}) VALUES (" . pnVarPrepForStore($uid) . ", '{$row['bid']}', '1')";
$result = $dbconn->Execute($sql);
if ($result === false) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "Error <br>{$sql}");
}
return true;
} else {
list($active) = $result->fields;
return $active;
}
} else {
return false;
}
}
/**
* Timezone Function
*
* @author Fred B (fredb86)
*/
function ml_ftime($datefmt, $timestamp = -1)
{
if (!isset($datefmt)) {
return null;
}
if ($timestamp < 0) {
$timestamp = time();
}
$day_of_week_short = explode(' ', _DAY_OF_WEEK_SHORT);
$month_short = explode(' ', _MONTH_SHORT);
$day_of_week_long = explode(' ', _DAY_OF_WEEK_LONG);
$month_long = explode(' ', _MONTH_LONG);
$ml_date = ereg_replace('%a', $day_of_week_short[(int) strftime('%w', $timestamp)], $datefmt);
$ml_date = ereg_replace('%A', $day_of_week_long[(int) strftime('%w', $timestamp)], $ml_date);
$ml_date = ereg_replace('%b', $month_short[(int) strftime('%m', $timestamp) - 1], $ml_date);
$ml_date = ereg_replace('%B', $month_long[(int) strftime('%m', $timestamp) - 1], $ml_date);
if (pnUserLoggedIn()) {
$thezone = pnUserGetVar('timezone_offset');
} else {
$thezone = pnConfigGetVar('timezone_offset');
}
$timezone_all = explode(' ', _TIMEZONES);
$offset_all = explode(' ', _TZOFFSETS);
$indexofzone = 0;
for ($i = 0; $i < sizeof($offset_all); $i++) {
if ($offset_all[$i] == $thezone) {
$indexofzone = $i;
}
}
$ml_date = ereg_replace('%Z', $timezone_all[$indexofzone], $ml_date);
return strftime($ml_date, $timestamp);
}
function postcalendar_userapi_eventDetail($args, $admin = false)
{
if (!(bool) PC_ACCESS_READ) {
return _POSTCALENDARNOAUTH;
}
// get the theme globals :: is there a better way to do this?
pnThemeLoad(pnUserGetTheme());
global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5;
global $textcolor1, $textcolor2;
$popup = pnVarCleanFromInput('popup');
extract($args);
unset($args);
if (!isset($cacheid)) {
$cacheid = null;
}
if (!isset($eid)) {
return false;
}
if (!isset($nopop)) {
$nopop = false;
}
$uid = pnUserGetVar('uid');
//=================================================================
// Find out what Template we're using
//=================================================================
$template_name = _SETTING_TEMPLATE;
if (!isset($template_name)) {
$template_name = 'default';
}
//=================================================================
// Setup Smarty Template Engine
//=================================================================
$tpl = new pcSmarty();
if ($admin) {
$template = $template_name . '/admin/details.html';
$args['cacheid'] = '';
$print = 0;
$Date =& postcalendar_getDate();
$tpl->caching = false;
} else {
$template = $template_name . '/user/details.html';
}
if (!$tpl->is_cached($template, $cacheid)) {
// let's get the DB information
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// get the event's information
$event =& postcalendar_userapi_pcGetEventDetails($eid);
// if the above is false, it's a private event for another user
// we should not diplay this - so we just exit gracefully
if ($event === false) {
return false;
}
//=================================================================
// get event's topic information
//=================================================================
$topics_table = $pntable['topics'];
$topics_column = $pntable['topics_column'];
$topicsql = "SELECT {$topics_column['topictext']},{$topics_column['topicimage']}\n FROM {$topics_table}\n WHERE {$topics_column['topicid']} = {$event['topic']}\n LIMIT 1";
$topic_result = $dbconn->Execute($topicsql);
list($event['topictext'], $event['topicimg']) = $topic_result->fields;
$location = unserialize($event['location']);
$event['location'] = $location['event_location'];
$event['street1'] = $location['event_street1'];
$event['street2'] = $location['event_street2'];
$event['city'] = $location['event_city'];
$event['state'] = $location['event_state'];
$event['postal'] = $location['event_postal'];
$event['date'] = str_replace('-', '', $Date);
//=================================================================
// populate the template
//=================================================================
if (!empty($event['location']) || !empty($event['street1']) || !empty($event['street2']) || !empty($event['city']) || !empty($event['state']) || !empty($event['postal'])) {
$tpl->assign('LOCATION_INFO', true);
} else {
$tpl->assign('LOCATION_INFO', false);
}
if (!empty($event['contname']) || !empty($event['contemail']) || !empty($event['conttel']) || !empty($event['website'])) {
$tpl->assign('CONTACT_INFO', true);
} else {
$tpl->assign('CONTACT_INFO', false);
}
$display_type = substr($event['hometext'], 0, 6);
if ($display_type == ':text:') {
$prepFunction = 'pcVarPrepForDisplay';
$event['hometext'] = substr($event['hometext'], 6);
} elseif ($display_type == ':html:') {
$prepFunction = 'pcVarPrepHTMLDisplay';
$event['hometext'] = substr($event['hometext'], 6);
} else {
$prepFunction = 'pcVarPrepHTMLDisplay';
}
unset($display_type);
// prep the vars for output
$event['title'] =& $prepFunction($event['title']);
$event['hometext'] =& $prepFunction($event['hometext']);
$event['desc'] =& $event['hometext'];
$event['conttel'] =& $prepFunction($event['conttel']);
$event['contname'] =& $prepFunction($event['contname']);
$event['contemail'] =& $prepFunction($event['contemail']);
$event['website'] =& $prepFunction(postcalendar_makeValidURL($event['website']));
$event['fee'] =& $prepFunction($event['fee']);
$event['location'] =& $prepFunction($event['location']);
$event['street1'] =& $prepFunction($event['street1']);
$event['street2'] =& $prepFunction($event['street2']);
$event['city'] =& $prepFunction($event['city']);
$event['state'] =& $prepFunction($event['state']);
$event['postal'] =& $prepFunction($event['postal']);
$tpl->assign_by_ref('A_EVENT', $event);
//=================================================================
// populate the template $ADMIN_OPTIONS
//=================================================================
$target = '';
if (_SETTING_OPEN_NEW_WINDOW) {
$target = 'target="csCalendar"';
}
$admin_edit_url = $admin_delete_url = '';
if (pnSecAuthAction(0, 'PostCalendar::', '::', ACCESS_ADMIN)) {
$admin_edit_url = pnModURL(__POSTCALENDAR__, 'admin', 'submit', array('pc_event_id' => $eid));
$admin_delete_url = pnModURL(__POSTCALENDAR__, 'admin', 'adminevents', array('action' => _ACTION_DELETE, 'pc_event_id' => $eid));
}
$user_edit_url = $user_delete_url = '';
if (pnUserLoggedIn()) {
$logged_in_uname = $_SESSION['authUser'];
} else {
$logged_in_uname = '';
}
$can_edit = false;
if (pnSecAuthAction(0, 'PostCalendar::', '::', ACCESS_ADD) && validateGroupStatus($logged_in_uname, getUsername($event['uname']))) {
$user_edit_url = pnModURL(__POSTCALENDAR__, 'user', 'submit', array('pc_event_id' => $eid));
$user_delete_url = pnModURL(__POSTCALENDAR__, 'user', 'delete', array('pc_event_id' => $eid));
$can_edit = true;
}
$tpl->assign('STYLE', $GLOBALS['style']);
$tpl->assign_by_ref('ADMIN_TARGET', $target);
$tpl->assign_by_ref('ADMIN_EDIT', $admin_edit_url);
$tpl->assign_by_ref('ADMIN_DELETE', $admin_delete_url);
$tpl->assign_by_ref('USER_TARGET', $target);
$tpl->assign_by_ref('USER_EDIT', $user_edit_url);
$tpl->assign_by_ref('USER_DELETE', $user_delete_url);
$tpl->assign_by_ref('USER_CAN_EDIT', $can_edit);
}
//=================================================================
// Parse the template
//=================================================================
if ($popup != 1 && $print != 1) {
$output = "\n\n<!-- START POSTCALENDAR OUTPUT [-: HTTP://POSTCALENDAR.TV :-] -->\n\n";
$output .= $tpl->fetch($template, $cacheid);
$output .= "\n\n<!-- END POSTCALENDAR OUTPUT [-: HTTP://POSTCALENDAR.TV :-] -->\n\n";
} else {
$theme = pnUserGetTheme();
echo "<html><head>";
echo "<LINK REL=\"StyleSheet\" HREF=\"themes/{$theme}/style/styleNN.css\" TYPE=\"text/css\">\n\n\n";
echo "<style type=\"text/css\">\n";
echo "@import url(\"themes/{$theme}/style/style.css\"); ";
echo "</style>\n";
echo "</head><body>\n";
$tpl->display($template, $cacheid);
echo postcalendar_footer();
echo "\n</body></html>";
session_write_close();
exit;
}
return $output;
}
/**
* get the options for commenting
*
* @public
* @return array the comment options array
*/
function pnUserGetCommentOptionsArray()
{
if (pnUserLoggedIn()) {
$mode = pnUserGetVar('umode');
$order = pnUserGetVar('uorder');
$thold = pnUserGetVar('thold');
}
if (empty($mode)) {
$mode = 'thread';
}
if (empty($order)) {
$order = 0;
}
if (empty($thold)) {
$thold = 0;
}
return array('mode' => $mode, 'order' => $order, 'thold' => $thold);
}
function pnMailHackAttempt($detecting_file = "(no filename available)", $detecting_line = "(no line number available)", $hack_type = "(no type given)", $message = "(no message given)")
{
# Backwards compatibility fix with php 4.0.x and 4.1.x or greater Neo
if (phpversion() >= "4.2.0") {
$_pv = $_POST;
$_gv = $_GET;
$_rv = $_REQUEST;
$_sv = $_SERVER;
$_ev = $_ENV;
$_cv = $_COOKIE;
$_fv = $_FILES;
$_snv = $_SESSION;
} else {
global $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_SERVER_VARS, $HTTP_ENV_VARS, $HTTP_COOKIE_VARS, $HTTP_POST_FILES, $HTTP_SESSION_VARS;
$_pv = $HTTP_POST_VARS;
$_gv = $HTTP_GET_VARS;
$_rv = array();
$_sv = $HTTP_SERVER_VARS;
$_ev = $HTTP_ENV_VARS;
$_cv = $HTTP_COOKIE_VARS;
$_fv = $HTTP_POST_FILES;
$_snv = $HTTP_SESSION_VARS;
}
$output = "Attention site admin of " . pnConfigGetVar('sitename') . ",\n";
$output .= "On " . ml_ftime(_DATEBRIEF, GetUserTime(time()));
$output .= " at " . ml_ftime(_TIMEBRIEF, GetUserTime(time()));
$output .= " the Postnuke code has detected that somebody tried to" . " send information to your site that may have been intended" . " as a hack. Do not panic, it may be harmless: maybe this" . " detection was triggered by something you did! Anyway, it" . " was detected and blocked. \n";
$output .= "The suspicious activity was recognized in {$detecting_file} " . "on line {$detecting_line}, and is of the type {$hack_type}. \n";
$output .= "Additional information given by the code which detected this: " . $message;
$output .= "\n\nBelow you will find a lot of information obtained about " . "this attempt, that may help you to find what happened and " . "maybe who did it.\n\n";
$output .= "\n=====================================\n";
$output .= "Information about this user:\n";
$output .= "=====================================\n";
if (!pnUserLoggedIn()) {
$output .= "This person is not logged in.\n";
} else {
$output .= "Postnuke username: "******"\n" . "Registered email of this Postnuke user: "******"\n" . "Registered real name of this Postnuke user: "******"\n";
}
$output .= "IP numbers: [note: when you are dealing with a real cracker " . "these IP numbers might not be from the actual computer he is " . "working on]" . "\n\t IP according to HTTP_CLIENT_IP: " . getenv('HTTP_CLIENT_IP') . "\n\t IP according to REMOTE_ADDR: " . getenv('REMOTE_ADDR') . "\n\t IP according to GetHostByName(\$REMOTE_ADDR): " . GetHostByName($REMOTE_ADDR) . "\n\n";
$output .= "\n=====================================\n";
$output .= "Information in the \$_REQUEST array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_rv)) {
$output .= "REQUEST * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_GET array\n";
$output .= "This is about variables that may have been ";
$output .= "in the URL string or in a 'GET' type form.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_gv)) {
$output .= "GET * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_POST array\n";
$output .= "This is about visible and invisible form elements.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_pv)) {
$output .= "POST * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Browser information\n";
$output .= "=====================================\n";
global $HTTP_USER_AGENT;
$output .= "HTTP_USER_AGENT: " . $HTTP_USER_AGENT . "\n";
$browser = (array) get_browser();
while (list($key, $value) = each($browser)) {
$output .= "BROWSER * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_SERVER array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_sv)) {
$output .= "SERVER * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_ENV array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_ev)) {
$output .= "ENV * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_COOKIE array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_cv)) {
$output .= "COOKIE * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_FILES array\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_fv)) {
$output .= "FILES * {$key} : {$value}\n";
}
$output .= "\n=====================================\n";
$output .= "Information in the \$_SESSION array\n";
$output .= "This is session info. The variables\n";
$output .= " starting with PNSV are PostNukeSessionVariables.\n";
$output .= "=====================================\n";
while (list($key, $value) = each($_snv)) {
$output .= "SESSION * {$key} : {$value}\n";
}
$sitename = pnConfigGetVar('sitename');
$adminmail = pnConfigGetVar('adminmail');
$headers = "From: {$sitename} <{$adminmail}>\n" . "X-Priority: 1 (Highest)\n";
pnMail($adminmail, 'Attempted hack on your site? (type: ' . $hack_type . ')', $output, $headers);
return;
}
function print_details()
{
/* show error page */
// Request access to the global variables we need
global $fontface, $fontsize, $docroot, $REQUEST_URI, $PHP_SELF;
global $bgcolor, $textcolor;
global $currentlang;
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$sitename = pnConfigGetVar('sitename');
$reportlevel = pnConfigGetVar('reportlevel');
$funtext = pnConfigGetVar('funtext');
$top = pnConfigGetVar('top');
if (pnConfigGetVar('multilingual') == 1) {
$queryalang = "WHERE (alanguage='{$currentlang}' OR alanguage='')";
/* top stories */
} else {
$queryalang = "";
}
global $HTTP_SERVER_VARS;
global $doc;
$doc = getenv('REDIRECT_URL');
if (empty($HTTP_SERVER_VARS['HTTP_HOST'])) {
$server = getenv('HTTP_HOST');
} else {
$server = $HTTP_SERVER_VARS['HTTP_HOST'];
}
$doc = "http://{$server}{$doc}";
include "header.php";
OpenTable();
?>
<a class="pn-logo"><?php
echo "" . _ERR404 . "";
?>
</a><br>
<font class="pn-logo-small"><?php
echo "" . _ERRPAGENF . " ";
echo $doc;
?>
</font><hr>
<?php
echo "<font class=\"pn-normal\">" . _ERRSORRY . ", {$doc}, ";
echo "" . _ERRDOESNTEXIST . " \" {$sitename} \"<P></font>";
if ($reportlevel != 0) {
echo "<p><font style=\"pn-normal\">";
echo "" . _ERRMAILED . "";
}
if ($funtext != 0) {
fun();
}
?>
<br><p>
<a class="pn-storytitle"><?php
echo "" . _ERRCOMMONM . "";
?>
</a><br>
<font class="pn-normal"><?php
echo "" . _ERRCOMMONH . "";
?>
<?php
echo "{$sitename}";
?>
:
<UL>
<LI><?php
echo "" . _ERRURLEND . "";
?>
<CODE>.htm</CODE> - <STRONG><?php
echo "" . _ERRALLPAGES . " \"{$sitename}\" " . _ERRENDWITH . "";
?>
<CODE>.php</CODE></STRONG>
<LI><?php
echo "" . _ERRUPPERCASE . "";
?>
- <STRONG><?php
echo "" . _ERRALLLOWER . "";
?>
</STRONG>
</UL></font></p>
<a class="pn-storytitle"><?php
echo "" . _ERRPOPPAGES . "";
?>
</a><br>
<?php
/***
* fifers: don't know what the $alanguage does here. left it in
* because it always seems to be empty and I wasn't sure what it
* was doing!
*/
$column =& $pntable['stories_column'];
$sql = "SELECT {$column['sid']}, {$column['title']}, {$column['time']}, {$column['counter']} FROM {$pntable['stories']} ORDER BY {$column['counter']} DESC";
$result = $dbconn->SelectLimit($sql, $top);
if ($result === false) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "Error");
}
if (!$result->EOF) {
echo "<table border=\"0\" cellpadding=\"10\" width=\"100%\"><tr><td align=\"left\">\n" . "<font class=\"pn-title\">{$top} " . _READSTORIES . "</font><br><br>\n";
$lugar = 1;
while (list($sid, $title, $time, $counter) = $result->fields) {
if ($counter > 0) {
$mode = pnUserGetVar('umode');
if (!empty($mode)) {
$commentlink = "&mode={$mode}";
} else {
$commentlink = '&mode=thread';
}
echo "<font class=\"pn-normal\"> {$lugar}:</font> <a href=\"modules.php?op=modload&name=News&file=article&sid={$sid}{$commentlink}\">{$title}</a><font class=\"pn-normal\"> - ({$counter} " . _READS . ")</font><br>\n";
$lugar++;
}
$result->MoveNext();
}
echo "</td></tr></table><br>\n";
}
?>
</font><br>
<a class="pn-storytitle"><?php
echo "" . _ERRTRYHOME . "";
?>
</a></br>
<font class="pn-normal"><?php
echo "" . _ERRSTARTHERE . "";
?>
<A HREF="/"> <?php
echo "{$sitename}</a> " . _ERRHP;
?>
.</font>
<p>
<a class="pn-storytitle"><?php
echo "" . _SEARCH . "";
?>
</a></br>
<font class="pn-normal"><?php
echo "" . _ERRFOPTION . "";
?>
.
<CENTER><form action="modules.php" method=post>
<!-- Credit to Mayday (mayday6971) for fix -->
<input type="hidden" name="active_stories" value="1">
<input type="hidden" name="bool" value="AND">
<input type="hidden" name="stories_cat" value="">
<input type="hidden" name="stories_topics" value="">
<input type="hidden" name="op" value="modload">
<input type="hidden" name="name" value="Search">
<input type="hidden" name="file" value="index">
<input type="hidden" name="action" value="search">
<input type="hidden" name="overview" value="1">
<font size="-1" color="#000000"><br><b>
<?php
echo "" . _SEARCH . "";
?>
<?php
echo $sitename;
?>
</b><br>
<input class="pn-text" type=name name=query size="25"></font></form></CENTER>
<CENTER><form action="modules.php" method=post>
<!-- Credit to Mayday (mayday6971) for fix -->
<input type="hidden" name="active_stories" value="1">
<input type="hidden" name="stories_author" value="">
<input type="hidden" name="bool" value="AND">
<input type="hidden" name="stories_cat" value="">
<input type="hidden" name="q" value="">
<input type="hidden" name="op" value="modload">
<input type="hidden" name="name" value="Search">
<input type="hidden" name="file" value="index">
<input type="hidden" name="action" value="search">
<input type="hidden" name="overview" value="1">
<FONT size="-1"><BR><B><?php
echo "" . _SEARCH . "";
?>
</B><?php
echo "" . _TOPIC . "";
?>
<BR>
<!-- Topic Selection -->
<?php
echo "<select class=\"pn-text\" NAME=\"topic\"onChange='submit()'>";
$column =& $pntable['topics_column'];
$query = "SELECT {$column['tid']}, {$column['topictext']}\n FROM {$pntable['topics']}\n ORDER BY {$column['topictext']}";
$toplist = $dbconn->Execute($query);
echo "<option value=\"\">" . _SELECTTOPIC . "</option>\n";
while (list($topicid, $topics) = $toplist->fields) {
$toplist->MoveNext();
if ($topicid == $topic) {
$sel = "selected ";
}
echo "<option {$sel} value=\"{$topicid}\">{$topics}</option>\n";
$sel = "";
}
echo "</select>";
?>
</FONT></FORM></CENTER>
</p>
<a href="#" onload="type_text()"></a>
<?php
CloseTable();
include "footer.php";
}
/**
* get authorisation information for this user
*
* @public
* @return array two element array of user and group permissions
*/
function pnSecGetAuthInfo()
{
// Load the groups db info
pnModDBInfoLoad('Groups');
pnModDBInfoLoad('Permissions');
$dbconn =& pnDBGetConn(true);
$pntable =& pnDBGetTables();
// Tables we use
$userpermtable = $pntable['user_perms'];
$userpermcolumn =& $pntable['user_perms_column'];
$groupmembershiptable = $pntable['group_membership'];
$groupmembershipcolumn =& $pntable['group_membership_column'];
$grouppermtable = $pntable['group_perms'];
$grouppermcolumn =& $pntable['group_perms_column'];
$realmtable = $pntable['realms'];
$realmcolumn =& $pntable['realms_column'];
// Empty arrays
$userperms = array();
$groupperms = array();
$uids[] = -1;
// Get user ID
if (!pnUserLoggedIn()) {
// Unregistered UID
$uids[] = 0;
$vars['Active User'] = '******';
} else {
$uids[] = pnUserGetVar('uid');
$vars['Active User'] = pnUserGetVar('uid');
}
$uids = implode(",", $uids);
// Get user permissions
$query = "SELECT {$userpermcolumn['realm']},\n {$userpermcolumn['component']},\n {$userpermcolumn['instance']},\n {$userpermcolumn['level']}\n FROM {$userpermtable}\n WHERE {$userpermcolumn['uid']} IN (" . pnVarPrepForStore($uids) . ")\n ORDER by {$userpermcolumn['sequence']}";
$result =& $dbconn->Execute($query);
if ($dbconn->ErrorNo() != 0) {
return array($userperms, $groupperms);
}
while (list($realm, $component, $instance, $level) = $result->fields) {
$result->MoveNext();
//itevo
$component = fixsecuritystring($component);
$instance = fixsecuritystring($instance);
$userperms[] = array('realm' => $realm, 'component' => $component, 'instance' => $instance, 'level' => $level);
}
// Get all groups that user is in
$query = "SELECT {$groupmembershipcolumn['gid']}\n FROM {$groupmembershiptable}\n WHERE {$groupmembershipcolumn['uid']} IN (" . pnVarPrepForStore($uids) . ")";
$result =& $dbconn->Execute($query);
if ($dbconn->ErrorNo() != 0) {
return array($userperms, $groupperms);
}
$usergroups[] = -1;
if (!pnUserLoggedIn()) {
// Unregistered GID
$usergroups[] = 0;
}
while (list($gid) = $result->fields) {
$result->MoveNext();
$usergroups[] = $gid;
}
$usergroups = implode(",", $usergroups);
// Get all group permissions
$query = "SELECT {$grouppermcolumn['realm']},\n {$grouppermcolumn['component']},\n {$grouppermcolumn['instance']},\n {$grouppermcolumn['level']}\n FROM {$grouppermtable}\n WHERE {$grouppermcolumn['gid']} IN (" . pnVarPrepForStore($usergroups) . ")\n ORDER by {$grouppermcolumn['sequence']}";
$result =& $dbconn->Execute($query);
if ($dbconn->ErrorNo() != 0) {
return array($userperms, $groupperms);
}
while (list($realm, $component, $instance, $level) = $result->fields) {
$result->MoveNext();
//itevo
$component = fixsecuritystring($component);
$instance = fixsecuritystring($instance);
// Search/replace of special names
preg_match_all("/<([^>]+)>/", $instance, $res);
for ($i = 0; $i < count($res[1]); $i++) {
$instance = preg_replace("/<([^>]+)>/", $vars[$res[1][$i]], $instance, 1);
}
$groupperms[] = array('realm' => $realm, 'component' => $component, 'instance' => $instance, 'level' => $level);
}
// we've now got the permissions info
$GLOBALS['authinfogathered'] = 1;
return array($userperms, $groupperms);
}
/**
* postcalendar_userapi_eventPreview
* Creates the detailed event display and outputs html.
* Accepts an array of key/value pairs
* @param array $event array of event details from the form
* @return string html output
* @access public
*/
function postcalendar_userapi_eventPreview($args)
{
// get the theme globals :: is there a better way to do this?
pnThemeLoad(pnUserGetTheme());
global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5;
global $textcolor1, $textcolor2;
extract($args);
unset($args);
$uid = pnUserGetVar('uid');
//=================================================================
// Setup Smarty Template Engine
//=================================================================
$tpl = new pcSmarty();
$tpl->caching = false;
// add preceding zeros
$event_starttimeh = sprintf('%02d', $event_starttimeh);
$event_starttimem = sprintf('%02d', $event_starttimem);
$event_startday = sprintf('%02d', $event_startday);
$event_startmonth = sprintf('%02d', $event_startmonth);
$event_endday = sprintf('%02d', $event_endday);
$event_endmonth = sprintf('%02d', $event_endmonth);
if (!(bool) _SETTING_TIME_24HOUR) {
if ($event_startampm == _PM_VAL) {
if ($event_starttimeh != 12) {
$event_starttimeh += 12;
}
} elseif ($event_startampm == _AM_VAL) {
if ($event_starttimeh == 12) {
$event_starttimeh = 00;
}
}
}
$event_startampm . " - ";
$startTime = $event_starttimeh . ':' . $event_starttimem . ' ';
$event = array();
$event['eid'] = '';
$event['uname'] = $uname;
$event['catid'] = $event_category;
if ($pc_html_or_text == 'html') {
$prepFunction = 'pcVarPrepHTMLDisplay';
} else {
$prepFunction = 'pcVarPrepForDisplay';
}
$event['title'] = $prepFunction($event_subject);
$event['hometext'] = $prepFunction($event_desc);
$event['desc'] = $event['hometext'];
$event['date'] = $event_startyear . $event_startmonth . $event_startday;
$event['duration'] = $event_duration;
$event['duration_hours'] = $event_dur_hours;
$event['duration_minutes'] = $event_dur_minutes;
$event['endDate'] = $event_endyear . '-' . $event_endmonth . '-' . $event_endday;
$event['startTime'] = $startTime;
$event['recurrtype'] = '';
$event['recurrfreq'] = '';
$event['recurrspec'] = $event_recurrspec;
$event['topic'] = $event_topic;
$event['alldayevent'] = $event_allday;
$event['conttel'] = $prepFunction($event_conttel);
$event['contname'] = $prepFunction($event_contname);
$event['contemail'] = $prepFunction($event_contemail);
$event['website'] = $prepFunction(postcalendar_makeValidURL($event_website));
$event['fee'] = $prepFunction($event_fee);
$event['location'] = $prepFunction($event_location);
$event['street1'] = $prepFunction($event_street1);
$event['street2'] = $prepFunction($event_street2);
$event['city'] = $prepFunction($event_city);
$event['state'] = $prepFunction($event_state);
$event['postal'] = $prepFunction($event_postal);
//=================================================================
// get event's topic information
//=================================================================
if (_SETTING_DISPLAY_TOPICS) {
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$topics_table = $pntable['topics'];
$topics_column = $pntable['topics_column'];
$topicsql = "SELECT {$topics_column['topictext']},{$topics_column['topicimage']}\n \t \t FROM {$topics_table}\n \t \t WHERE {$topics_column['topicid']} = {$event['topic']}\n \t \t LIMIT 1";
$topic_result = $dbconn->Execute($topicsql);
list($event['topictext'], $event['topicimg']) = $topic_result->fields;
$topic_result->Close();
} else {
$event['topictext'] = $event['topicimg'] = '';
}
//=================================================================
// Find out what Template we're using
//=================================================================
$template_name = _SETTING_TEMPLATE;
if (!isset($template_name)) {
$template_name = 'default';
}
//=================================================================
// populate the template
//=================================================================
if (!empty($event['location']) || !empty($event['street1']) || !empty($event['street2']) || !empty($event['city']) || !empty($event['state']) || !empty($event['postal'])) {
$tpl->assign('LOCATION_INFO', true);
} else {
$tpl->assign('LOCATION_INFO', false);
}
if (!empty($event['contname']) || !empty($event['contemail']) || !empty($event['conttel']) || !empty($event['website'])) {
$tpl->assign('CONTACT_INFO', true);
} else {
$tpl->assign('CONTACT_INFO', false);
}
$tpl->assign_by_ref('A_EVENT', $event);
$tpl->assign('STYLE', $GLOBALS['style']);
//=================================================================
// Parse the template
//=================================================================
$output = "\n\n<!-- POSTCALENDAR HTTP://WWW.BAHRAINI.TV -->\n\n";
$output .= "\n\n<!-- POSTCALENDAR TEMPLATE START -->\n\n";
$output .= $tpl->fetch($template_name . '/user/preview.html');
$output .= "\n\n<!-- POSTCALENDAR TEMPLATE END -->\n\n";
return $output;
}
function blocks_online_block($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!pnSecAuthAction(0, 'Onlineblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
$sessioninfocolumn =& $pntable['session_info_column'];
$sessioninfotable = $pntable['session_info'];
$sessioninfocolumn =& $pntable['session_info_column'];
$sessioninfotable = $pntable['session_info'];
$activetime = time() - pnConfigGetVar('secinactivemins') * 60;
$query = "SELECT count( 1 )\n FROM {$sessioninfotable}\n WHERE {$sessioninfocolumn['lastused']} > {$activetime} AND {$sessioninfocolumn['uid']} >0\n\t\t GROUP BY {$sessioninfocolumn['uid']}\n\t\t ";
$result = $dbconn->Execute($query);
$numusers = $result->RecordCount();
$result->Close();
$query2 = "SELECT count( 1 )\n FROM {$sessioninfotable}\n WHERE {$sessioninfocolumn['lastused']} > {$activetime} AND {$sessioninfocolumn['uid']} = '0'\n\t\t\t GROUP BY {$sessioninfocolumn['ipaddr']}\n\t\t\t ";
$result2 = $dbconn->Execute($query2);
$numguests = $result2->RecordCount();
$result2->Close();
// Pluralise
if ($numguests == 1) {
$guests = _GUEST;
} else {
$guests = _GUESTS;
}
if ($numusers == 1) {
$users = _MEMBER;
} else {
$users = _MEMBERS;
}
$content = "<span class=\"pn-normal\">" . _CURRENTLY . " " . pnVarPrepForDisplay($numguests) . " " . pnVarPrepForDisplay($guests) . " " . _AND . " " . pnVarPrepForDisplay($numusers) . " " . pnVarPrepForDisplay($users) . " " . _ONLINE . "<br />\n";
if (pnUserLoggedIn()) {
$content .= '<br />' . _YOUARELOGGED . ' <b>' . pnUserGetVar('uname') . '</b>.<br />';
if (pnModAvailable('Messages')) {
// display private messages only when module is active
$column =& $pntable['priv_msgs_column'];
$result2 = $dbconn->Execute("SELECT count(*) FROM {$pntable['priv_msgs']} WHERE {$column['to_userid']}=" . pnUserGetVar('uid'));
list($numrow) = $result2->fields;
// get unread messages
$result3 = $dbconn->Execute("SELECT count(*) FROM {$pntable['priv_msgs']} WHERE {$column['to_userid']}=" . pnUserGetVar('uid') . " AND {$column['read_msg']}='0'");
list($unreadrow) = $result3->fields;
if ($numrow == 0) {
$content .= '<br /></span>';
} else {
$content .= "<br />" . _YOUHAVE . " (<a class=\"pn-normal\" href=\"modules.php?op=modload&name=Messages&file=index\" title=\"" . _PRIVATEMSGS . "\">" . pnVarPrepForDisplay($numrow) . "</a>|<a class=\"pn-normal\" href=\"modules.php?op=modload&name=Messages&file=index\" title=\"" . _PRIVATEMSGNEW . "\">" . pnVarPrepForDisplay($unreadrow) . "</a>) ";
if ($numrow == 1) {
$content .= _PRIVATEMSG;
} elseif ($numrow > 1) {
$content .= _PRIVATEMSGS;
}
$content .= "</span><br />";
}
}
} else {
$content .= '<br />' . _YOUAREANON . '</span><br />';
}
if (empty($row['title'])) {
$row['title'] = _WHOSONLINE;
}
$row['content'] = $content;
return themesideblock($row);
}
/**
* get a Time String in the right format
*
*
* @param time $ - prefix string
* @return mixed string if successfull, false if not
*/
function GetUserTime($time)
{
if (empty($time)) {
return;
}
if (pnUserLoggedIn()) {
$time += (pnUserGetVar('timezone_offset') - pnConfigGetVar('timezone_offset')) * 3600;
} else {
$time += (12 - pnConfigGetVar('timezone_offset')) * 3600;
}
return $time;
}
