/**
* Smarty function to display admin links for the example module
* based on the user's permissions
*
* Example
* <!--[exampleadminlinks start="[" end="]" seperator="|" class="pn-menuitem-title"]-->
*
* @author Andreas Krapohl
* @since 10/01/04
* @see function.exampleadminlinks.php::smarty_function_exampleadminlinks()
* @param array $params All attributes passed to this function from the template
* @param object &$smarty Reference to the Smarty object
* @param string $start start string
* @param string $end end string
* @param string $seperator link seperator
* @param string $class CSS class
* @return string the results of the module function
*/
function smarty_function_exampleadminlinks($params, &$smarty)
{
extract($params);
unset($params);
// set some defaults
if (!isset($start)) {
$start = '[';
}
if (!isset($end)) {
$end = ']';
}
if (!isset($seperator)) {
$seperator = '|';
}
if (!isset($class)) {
$class = 'pn-menuitem-title';
}
$adminlinks = "<span class=\"{$class}\">{$start} ";
if (pnSecAuthAction(0, 'Example::', '::', ACCESS_READ)) {
$adminlinks .= "<a href=\"" . pnVarPrepHTMLDisplay(pnModURL('Example', 'admin', 'view')) . "\">" . _VIEW . "</a> ";
}
if (pnSecAuthAction(0, 'Example::', '::', ACCESS_ADD)) {
$adminlinks .= "{$seperator} <a href=\"" . pnVarPrepHTMLDisplay(pnModURL('Example', 'admin', 'new')) . "\">" . _NEW . "</a> ";
}
if (pnSecAuthAction(0, 'Example::', '::', ACCESS_ADMIN)) {
$adminlinks .= "{$seperator} <a href=\"" . pnVarPrepHTMLDisplay(pnModURL('Example', 'admin', 'modifyconfig')) . "\">" . _MODIFYCONFIG . "</a> ";
}
$adminlinks .= "{$end}</span>\n";
return $adminlinks;
}
function blocks_ephem_block($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$currentlang = pnUserGetLang();
if (!pnSecAuthAction(0, 'Ephemeridsblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
if (pnConfigGetVar('multilingual') == 1) {
$column =& $pntable['ephem_column'];
$querylang = "AND ({$column['elanguage']}='" . pnVarPrepForStore($currentlang) . "' OR {$column['elanguage']}='')";
} else {
$querylang = "";
}
$today = getdate();
$eday = $today['mday'];
$emonth = $today['mon'];
$column =& $pntable['ephem_column'];
$result = $dbconn->Execute("SELECT {$column['yid']}, {$column['content']}\n FROM {$pntable['ephem']}\n WHERE {$column['did']}='" . pnVarPrepForStore($eday) . "' AND {$column['mid']}='" . pnVarPrepForStore($emonth) . "' {$querylang}");
$boxstuff = '<span class="pn-normal"><b>' . _ONEDAY . '</b></span><br />';
while (list($yid, $content) = $result->fields) {
$result->MoveNext();
$boxstuff .= '<br /><br />';
$boxstuff .= '<b>' . pnVarPrepForDisplay($yid) . '</b><br />' . pnVarPrepHTMLDisplay(nl2br($content)) . '';
}
if (empty($row['title'])) {
$row['title'] = _EPHEMERIDS;
}
$row['content'] = $boxstuff;
return themesideblock($row);
}
function Tools_admin_main()
{
// Permission check.
if (!pnSecAuthAction(0, 'Tools::', '::', ACCESS_ADMIN)) {
return pnVarPrepHTMLDisplay(_MODNOAUTH);
}
// Create a new output object.
$pnRender =& new pnRender('Tools');
// Return template.
return $pnRender->fetch('tools_admin.htm');
}
function blocks_weblinks_display($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!pnSecAuthAction(0, 'Weblinksblock::', "{$row['title']}::", ACCESS_READ)) {
return;
}
$url = explode('|', $row['url']);
if (!$url[0]) {
$row['content'] = 'You forgot to set the module name!';
return themesideblock($row);
}
if (!$url[1]) {
$url[1] = 10;
}
$links_col =& $pntable['links_links_column'];
$linksok = 0;
$linkcount = 0;
$result = $dbconn->Execute("SELECT {$links_col['cat_id']}, {$links_col['title']} FROM {$pntable['links_links']} ORDER BY {$links_col['date']} DESC");
while (list($cid, $title) = $result->fields) {
$result->MoveNext();
$linkcount++;
if (pnSecAuthAction(0, "Web Links::Category", "{$title}::{$cid}", ACCESS_READ)) {
$linksok++;
}
if ($linksok == $url[1]) {
break;
}
}
$oldurl = $url[1];
$url[1] = $linkcount;
$row['content'] = '<span class="pn-normal">';
$links_col =& $pntable['links_links_column'];
$cats_col =& $pntable['links_categories_column'];
$sql = "SELECT {$links_col['lid']} as lid, {$links_col['cat_id']} as catid, {$links_col['title']} as title, {$links_col['description']} as description, {$links_col['hits']} as hits, IF({$links_col['cat_id']}, CONCAT('/', {$cats_col['title']}), {$cats_col['title']}) AS cattitle\n FROM {$pntable['links_links']}\n LEFT JOIN {$pntable['links_categories']}\n ON {$cats_col['cat_id']}={$links_col['cat_id']}\n ORDER BY {$links_col['date']} DESC";
$result = $dbconn->SelectLimit($sql, $url[1]);
while (!$result->EOF) {
$lrow = $result->GetRowAssoc(false);
if (pnSecAuthAction(0, "Web Links::Category", "{$lrow['cattitle']}::{$lrow['catid']}", ACCESS_READ)) {
$lrow['title'] = pnVarPrepForDisplay($lrow['title']);
$lrow['description'] = pnVarPrepHTMLDisplay($lrow['description']);
$lrow['cattitle'] = pnVarPrepForDisplay($lrow['cattitle']);
$row['content'] .= "<strong><big>·</big></strong> <a href=\"modules.php?op=modload&name={$url['0']}&file=index&req=visit&lid={$lrow['lid']}\" target=\"_blank\" title=\"{$lrow['cattitle']}:\n{$lrow['description']}\" class=\"pn-sub\">{$lrow['title']}</a><br>\n";
$result->MoveNext();
}
}
//$row['content'] .= "<div align=\"right\"><font class=\"pn-sub\"><a href=\"modules.php?op=modload&name=Web_Links&file=index&req=NewLinks&newlinkshowdays=10\">"._READMORE."</a></font></div>";
$row['content'] .= '</span>';
return themesideblock($row);
}
function search_stories()
{
list($startnum, $active_stories, $total, $stories_topics, $stories_cat, $stories_author, $q, $bool) = pnVarCleanFromInput('startnum', 'active_stories', 'total', 'stories_topics', 'stories_cat', 'stories_author', 'q', 'bool');
if (!isset($active_stories) || !$active_stories) {
return;
}
if (!pnModAvailable('News')) {
return;
}
$output =& new pnHTML();
if (!isset($startnum) || !is_numeric($startnum)) {
$startnum = 1;
}
if (isset($total) && !is_numeric($total)) {
unset($total);
}
$dbconn =& pnDBGetConn(true);
$pntable =& pnDBGetTables();
if (empty($bool)) {
$bool = 'OR';
}
$flag = false;
$storcol =& $pntable['stories_column'];
$stcatcol =& $pntable['stories_cat_column'];
$topcol =& $pntable['topics_column'];
$query = '';
$query1 = "SELECT {$storcol['sid']} as sid,\n {$topcol['tid']} as topicid,\n {$topcol['topicname']} as topicname,\n {$topcol['topictext']} as topictext,\n {$storcol['catid']} as catid,\n {$storcol['time']} AS fdate,\n {$storcol['title']} AS story_title,\n {$storcol['aid']} AS aid,\n {$stcatcol['title']} AS cat_title\n FROM {$pntable['stories']}\n LEFT JOIN {$pntable['stories_cat']} ON ({$storcol['catid']}={$stcatcol['catid']})\n LEFT JOIN {$pntable['topics']} ON ({$storcol['topic']}={$topcol['tid']})\n WHERE ";
// hack to get this to work, but much better than what we had before
//$query .= " 1 = 1 ";
// words
$w = search_split_query($q);
if (isset($w)) {
foreach ($w as $word) {
if ($flag) {
switch ($bool) {
case 'AND':
$query .= ' AND ';
break;
case 'OR':
default:
$query .= ' OR ';
break;
}
}
$query .= '(';
$query .= "{$storcol['title']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
$query .= "{$storcol['hometext']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
$query .= "{$storcol['bodytext']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
//$query .= "$storcol[comments] LIKE '".pnVarPrepForStore($word)."' OR ";
$query .= "{$storcol['informant']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
$query .= "{$storcol['notes']} LIKE '" . pnVarPrepForStore($word) . "'";
$query .= ')';
$flag = true;
$no_flag = false;
}
} else {
$no_flag = true;
}
// topics
if (isset($stories_topics) && !empty($stories_topics)) {
$flag = false;
$start_flag = false;
// dont set AND/OR if nothing is in front
foreach ($stories_topics as $v) {
if (empty($v)) {
continue;
}
if (!$no_flag and !$start_flag) {
$query .= ' AND (';
$start_flag = true;
}
if ($flag) {
$query .= ' OR ';
}
$query .= "{$storcol['topic']}='" . pnVarPrepForStore($v) . "'";
$flag = true;
}
if (!$no_flag and $start_flag) {
$query .= ') ';
$no_flag = false;
}
}
// categories
if (!is_array($stories_cat)) {
$stories_cat[0] = '';
}
if (isset($stories_cat[0]) && !empty($stories_cat[0])) {
if (!$no_flag) {
$query .= ' AND (';
}
$flag = false;
foreach ($stories_cat as $v) {
if ($flag) {
$query .= ' OR ';
}
$query .= "{$stcatcol['catid']}='" . pnVarPrepForStore($v) . "'";
$flag = true;
}
if (!$no_flag) {
$query .= ') ';
$no_flag = false;
}
}
// authors
if (isset($stories_author) && $stories_author != '') {
if (!$no_flag) {
$query .= ' AND (';
}
$query .= "{$storcol['informant']}='" . pnVarPrepForStore($stories_author) . "'";
$result =& $dbconn->Execute("SELECT {$pntable['users_column']['uid']} as pn_uid FROM {$pntable['users']} WHERE {$pntable['users_column']['uname']} LIKE '%" . pnVarPrepForStore($stories_author) . "%' OR {$pntable['users_column']['name']} LIKE '%" . pnVarPrepForStore($stories_author) . "%'");
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
$query .= " OR {$storcol['aid']}={$row['pn_uid']}";
$result->MoveNext();
}
if (!$no_flag) {
$query .= ') ';
$no_flag = false;
}
} else {
$stories_author = '';
}
if (pnConfigGetVar('multilingual') == 1) {
if (!empty($query)) {
$query .= ' AND';
}
$query .= " ({$storcol['alanguage']}='" . pnVarPrepForStore(pnUserGetLang()) . "' OR {$storcol['alanguage']}='')";
}
if (empty($query)) {
$query = '1';
}
$query .= " ORDER BY {$storcol['time']} DESC";
$query = $query1 . $query;
// get the total count with permissions!
if (empty($total)) {
$total = 0;
$countres =& $dbconn->Execute($query);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
while (!$countres->EOF) {
$row = $countres->GetRowAssoc(false);
if (pnSecAuthAction(0, 'Stories::Story', "{$row['aid']}:{$row['cat_title']}:{$row['sid']}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$row['topicname']}::{$row['topicid']}", ACCESS_READ)) {
$total++;
}
$countres->MoveNext();
}
}
$result = $dbconn->SelectLimit($query, 10, $startnum - 1);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
if (!$result->EOF) {
$output->Text(_STORIES_TOPICS . ': ' . $total . ' ' . _SEARCHRESULTS);
$output->SetInputMode(_PNH_VERBATIMINPUT);
// Rebuild the search string from previous information
$url = 'index.php?name=Search&action=search&active_stories=1&stories_author=' . pnVarPrepForDisplay($stories_author);
if (isset($stories_cat) && $stories_cat) {
foreach ($stories_cat as $v) {
$url .= "&stories_cat%5B%5D={$v}";
}
}
if (isset($stories_topics) && $stories_topics) {
foreach ($stories_topics as $v) {
$url .= "&stories_topics%5B%5D={$v}";
}
}
$url .= '&bool=' . pnVarPrepForDisplay($bool);
if (isset($q)) {
$url .= '&q=' . pnVarPrepForDisplay($q);
}
$output->Text('<dl>');
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
if (pnSecAuthAction(0, 'Stories::Story', "{$row['aid']}:{$row['cat_title']}:{$row['sid']}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$row['topicname']}::{$row['topicid']}", ACCESS_READ)) {
$row['fdate'] = ml_ftime(_DATELONG, $result->UnixTimeStamp($row['fdate']));
$output->Text('<dt><a href="index.php?name=News&file=article&sid=' . pnVarPrepForDisplay($row['sid']) . '">' . pnVarPrepHTMLDisplay($row['story_title']) . '</a></dt>');
$output->Text('<dd>');
$output->Text(pnVarPrepForDisplay($row['fdate']) . ' (');
if (!empty($row['topicid'])) {
$output->Text($row['topictext']);
}
if (!empty($row['catid'])) {
$output->Text(' - ' . pnVarPrepHTMLDisplay($row['cat_title']));
}
$output->Text(')</dd>');
}
$result->MoveNext();
}
$output->Text('</dl>');
// Munge URL for template
$urltemplate = $url . "&startnum=%%&total={$total}";
$output->Pager($startnum, $total, $urltemplate, 10);
} else {
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text(_SEARCH_NO_STORIES_TOPICS);
$output->SetInputMode(_PNH_PARSEINPUT);
}
$output->Linebreak(3);
return $output->GetOutput();
}
/**
* Update the configuration
*
* This is a standard function to update the configuration parameters of the
* module given the information passed back by the modification form
* Modify configuration
*
* @author Jim McDonald
* @param bold print items in bold
* @param itemsperpage number of items per page
*/
function Example_admin_updateconfig()
{
// Security check - important to do this as early as possible to avoid
// potential security holes or just too much wasted processing
if (!pnSecAuthAction(0, 'Example::', '::', ACCESS_ADMIN)) {
return pnVarPrepHTMLDisplay(_MODULENOAUTH);
}
// Get parameters from whatever input we need. All arguments to this
// function should be obtained from pnVarCleanFromInput(), getting them
// from other places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
list($bold, $itemsperpage) = pnVarCleanFromInput('bold', 'itemsperpage');
// Confirm authorisation code. This checks that the form had a valid
// authorisation code attached to it. If it did not then the function will
// proceed no further as it is possible that this is an attempt at sending
// in false data to the system
if (!pnSecConfirmAuthKey()) {
pnSessionSetVar('errormsg', pnVarPrepHTMLDisplay(_BADAUTHKEY));
return pnRedirect(pnModURL('Example', 'admin', 'view'));
}
// Update module variables. Note that depending on the HTML structure used
// to obtain the information from the user it is possible that the values
// might be empty, so it is important to check them all and assign them
// default values if required.
// ** Please note pnVarCleanFromInput will always return a set variable, even
// it's empty so isset() checking is not appropriate.
if (empty($bold)) {
$bold = false;
}
pnModSetVar('Example', 'bold', (bool) $bold);
if (empty($itemsperpage)) {
$itemsperpage = 10;
}
// make sure $itemsperpage is a positive integer
if (!is_integer($itemsperpage) || $itemsperpage < 1) {
pnSessionSetVar('errormsg', pnVarPrepForDisplay(_EXAMPLEITEMSPERPAGE));
$itemsperpage = (int) $itemsperpage;
if ($itemsperpage < 1) {
$itemsperpage = 25;
}
}
pnModSetVar('Example', 'itemsperpage', $itemsperpage);
// The configuration has been changed, so we clear all caches for
// this module.
$pnRender =& new pnRender('Example');
// Please note that by using clear_cache without any parameter,
// we clear all cached pages for this module.
$pnRender->clear_cache();
// the module configuration has been updated successfuly
pnSessionSetVar('statusmsg', _CONFIGUPDATED);
// Let any other modules know that the modules configuration has been updated
pnModCallHooks('module', 'updateconfig', 'Example', array('module' => 'Example'));
// This function generated no output, and so now it is complete we redirect
// the user to an appropriate page for them to carry on their work
return pnRedirect(pnModURL('Example', 'admin', 'view'));
}
function postcalendar_adminapi_buildAdminList($args)
{
extract($args);
$output = new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
pnThemeLoad(pnUserGetTheme());
// get the theme globals :: is there a better way to do this?
global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5;
global $textcolor1, $textcolor2;
$formUrl = pnModUrl(__POSTCALENDAR__, 'admin', 'adminevents');
$output->FormStart($formUrl);
$output->Text('<table border="0" cellpadding="1" cellspacing="0" width="100%" bgcolor="' . $bgcolor2 . '"><tr><td>');
$output->Text('<table border="0" cellpadding="5" cellspacing="0" width="100%" bgcolor="' . $bgcolor1 . '"><tr><td>');
$output->Text('<center><font size="4"><b>' . $title . '</b></font></center>');
$output->Text('</td></tr></table>');
$output->Text('</td></tr></table>');
$output->Linebreak();
$output->Text('<table border="0" cellpadding="1" cellspacing="0" width="100%" bgcolor="' . $bgcolor2 . '"><tr><td>');
$output->Text('<table border="0" cellpadding="5" cellspacing="0" width="100%" bgcolor="' . $bgcolor1 . '">');
if (!$result || $result->EOF) {
$output->Text('<tr><td width="100%" bgcolor="' . $bgcolor1 . '" align="center"><b>' . _PC_NO_EVENTS . '</b></td></tr>');
} else {
$output->Text('<tr><td bgcolor="' . $bgcolor1 . '" align="center"><b>' . _PC_EVENTS . '</b></td></tr>');
$output->Text('<table border="0" cellpadding="2" cellspacing="0" width="100%" bgcolor="' . $bgcolor1 . '">');
// build sorting urls
if (!isset($sdir)) {
$sdir = 1;
} else {
$sdir = $sdir ? 0 : 1;
}
$title_sort_url = pnModUrl(__POSTCALENDAR__, 'admin', $function, array('offset' => $offset, 'sort' => 'title', 'sdir' => $sdir));
$time_sort_url = pnModUrl(__POSTCALENDAR__, 'admin', $function, array('offset' => $offset, 'sort' => 'time', 'sdir' => $sdir));
$output->Text('<tr><td>select</td><td><a href="' . $title_sort_url . '">title</a></td><td><a href="' . $time_sort_url . '">timestamp</a><td></tr>');
// output the queued events
$count = 0;
for (; !$result->EOF; $result->MoveNext()) {
list($eid, $title, $timestamp) = $result->fields;
$output->Text('<tr>');
$output->Text('<td align="center" valign="top">');
$output->FormCheckbox('pc_event_id[]', false, $eid);
$output->Text('</td>');
$output->Text('<td align="left" valign="top" width="100%">');
$output->URL(pnModURL(__POSTCALENDAR__, 'admin', 'edit', array('pc_event_id' => $eid)), pnVarPrepHTMLDisplay(postcalendar_removeScriptTags($title)));
$output->Text('</td>');
$output->Text('<td align="left" valign="top" nowrap>');
$output->Text($timestamp);
$output->Text('</td>');
$output->Text('</tr>');
$count++;
}
$output->Text('</table>');
}
$output->Text('</td></tr></table>');
if ($result->NumRows()) {
$output->Linebreak();
// action to take?
$output->Text('<table border="0" cellpadding="1" cellspacing="0" width="100%" bgcolor="' . $bgcolor2 . '"><tr><td>');
$output->Text('<table border="0" cellpadding="5" cellspacing="0" width="100%" bgcolor="' . $bgcolor1 . '"><tr>');
$output->Text('<td align="left" valign="middle">');
$seldata[0]['id'] = _ADMIN_ACTION_VIEW;
$seldata[0]['selected'] = 1;
$seldata[0]['name'] = _PC_ADMIN_ACTION_VIEW;
$seldata[1]['id'] = _ADMIN_ACTION_APPROVE;
$seldata[1]['selected'] = 0;
$seldata[1]['name'] = _PC_ADMIN_ACTION_APPROVE;
$seldata[2]['id'] = _ADMIN_ACTION_HIDE;
$seldata[2]['selected'] = 0;
$seldata[2]['name'] = _PC_ADMIN_ACTION_HIDE;
$seldata[3]['id'] = _ADMIN_ACTION_DELETE;
$seldata[3]['selected'] = 0;
$seldata[3]['name'] = _PC_ADMIN_ACTION_DELETE;
$output->FormSelectMultiple('action', $seldata);
$output->FormHidden('thelist', $function);
$output->FormSubmit(_PC_PERFORM_ACTION);
$output->Text('</td>');
$output->Text('</tr></table>');
$output->Text('</td></tr></table>');
$output->Linebreak();
// start previous next links
$output->Text('<table border="0" cellpadding="1" cellspacing="0" width="100%" bgcolor="' . $bgcolor2 . '"><tr><td>');
$output->Text('<table border="0" cellpadding="5" cellspacing="0" width="100%" bgcolor="' . $bgcolor1 . '"><tr>');
if ($offset > 1) {
$output->Text('<td align="left">');
$next_link = pnModUrl(__POSTCALENDAR__, 'admin', $function, array('offset' => $offset - $offset_increment, 'sort' => $sort, 'sdir' => $sdir));
$output->Text('<a href="' . $next_link . '"><< ' . _PC_PREV . ' ' . $offset_increment . '</a>');
$output->Text('</td>');
} else {
$output->Text('<td align="left"><< ' . _PC_PREV . '</td>');
}
if ($result->NumRows() >= $offset_increment) {
$output->Text('<td align="right">');
$next_link = pnModUrl(__POSTCALENDAR__, 'admin', $function, array('offset' => $offset + $offset_increment, 'sort' => $sort, 'sdir' => $sdir));
$output->Text('<a href="' . $next_link . '">' . _PC_NEXT . ' ' . $offset_increment . ' >></a>');
$output->Text('</td>');
} else {
$output->Text('<td align="right">' . _PC_NEXT . ' >></td>');
}
$output->Text('</tr></table>');
}
$output->Text('</td></tr></table>');
// end previous next links
$output->FormEnd();
return $output->GetOutput();
}
function Lenses_user_compare_view($args)
{
if (!pnSecAuthAction(0, 'Lenses::', '::', ACCESS_OVERVIEW)) {
return pnVarPrepHTMLDisplay(_MODULENOAUTH);
}
$lens = pnVarCleanFromInput('lens');
extract($args);
//an array object that will be returned. It will be two dimensional ... $array[field][tid]
$field_array = array();
$pnRender =& new pnRender('Lenses');
foreach ($lens as $tid => $value) {
$temp_array = pnModAPIFunc('Lenses', 'user', 'get', array('item_type' => 'lens', 'item_id' => $tid));
foreach ($temp_array as $field => $property) {
$field_array[$field][$tid] = $property;
}
}
$pnRender->assign('field_array', $field_array);
//print_r($field_array);
return $pnRender->fetch('lenses_user_compare_view.htm');
}
function Lenses_adminapi_report_company($args)
{
// Clean $tid from input.
$comp_tid = pnVarCleanFromInput('comp_tid');
// Get arguments from argument array
extract($args);
// Ensure valid values were passed in.
if (empty($comp_tid) || !is_numeric($comp_tid)) {
return pnVarPrepHTMLDisplay('Invalid company id.');
}
//set up the array that will be returned
$items = array();
// Get datbase setup
list($dbconn) = pnDBGetConn();
//get the table info
$pntable =& pnDBGetTables();
$table_lens =& $pntable['lenses'];
$field_lens =& $pntable['lenses_column'];
$table_polymer =& $pntable['lenses_polymers'];
$field_polymer =& $pntable['lenses_polymers_column'];
$sql = "SELECT * FROM {$table_lens} \n LEFT JOIN {$table_polymer} ON {$field_polymer['poly_tid']} = {$field_lens['poly_id']}\n WHERE {$field_lens['comp_id']} = {$comp_tid} AND {$field_lens['display']} = 1;";
//echo ("<p>".$sql."</p>");
$result = $dbconn->Execute($sql);
//print_r ($result);die;
// Check for an error with the database code, and if so set an appropriate
// error message and return
if ($dbconn->ErrorNo() != 0) {
return false;
}
// get polymer data to switch polymer IDs for polymer names
$polymer_data = pnModAPIFunc('Lenses', 'user', 'getall', array('item_type' => 'polymers'));
for (; !$result->EOF; $result->MoveNext()) {
list($tid, $name, $aliases, $comp_id, $poly_id, $visitint, $ew, $ct, $dk, $oz, $process_text, $process_simple, $qty, $replace_simple, $replace_text, $wear, $price, $markings, $fitting_guide, $website, $image, $other_info, $discontinued, $display, $redirect, $bc_simple, $bc_all, $max_plus, $max_minus, $max_diam, $min_diam, $diam_1, $base_curves_1, $powers_1, $diam_2, $base_curves_2, $powers_2, $diam_3, $base_curves_3, $powers_3, $sph_notes, $toric, $toric_type, $toric_type_simple, $cyl_power, $max_cyl_power, $cyl_axis, $cyl_axis_steps, $oblique, $cyl_notes, $bifocal, $bifocal_type, $add_text, $max_add, $cosmetic, $enh_names, $enh_names_simple, $opaque_names, $opaque_names_simple, $updated) = $result->fields;
$items_array[$tid] = array('tid' => $tid, 'name' => $name, 'aliases' => $aliases, 'comp_id' => $comp_id, 'comp_name' => $company_data[$comp_id][comp_name], 'poly_id' => $poly_id, 'poly_name' => $polymer_data[$poly_id][poly_name], 'fda_grp' => $polymer_data[$poly_id][fda_grp], 'h2o' => $polymer_data[$poly_id][h2o], 'visitint' => $visitint, 'ew' => $ew, 'ct' => $ct, 'dk' => $dk, 'oz' => $oz, 'process_text' => $process_text, 'process_simple' => $process_simple, 'qty' => $qty, 'replace_simple' => $replace_simple, 'replace_text' => $replace_text, 'wear' => $wear, 'price' => $price, 'markings' => $markings, 'fitting_guide' => $fitting_guide, 'website' => $website, 'image' => $image, 'other_info' => $other_info, 'discontinued' => $discontinued, 'display' => $display, 'redirect' => $redirect, 'bc_simple' => $bc_simple, 'bc_all' => $bc_all, 'max_plus' => $max_plus, 'max_minus' => $max_minus, 'max_diam' => $max_diam, 'min_diam' => $min_diam, 'diam_1' => $diam_1, 'base_curves_1' => $base_curves_1, 'powers_1' => $powers_1, 'diam_2' => $diam_2, 'base_curves_2' => $base_curves_2, 'powers_2' => $powers_2, 'diam_3' => $diam_3, 'base_curves_3' => $base_curves_3, 'powers_3' => $powers_3, 'sph_notes' => $sph_notes, 'toric' => $toric, 'toric_type' => $toric_type, 'toric_type_simple' => $toric_type_simple, 'cyl_power' => $cyl_power, 'max_cyl_power' => $max_cyl_power, 'cyl_axis' => $cyl_axis, 'cyl_axis_steps' => $cyl_axis_steps, 'oblique' => $oblique, 'cyl_notes' => $cyl_notes, 'bifocal' => $bifocal, 'bifocal_type' => $bifocal_type, 'add_text' => $add_text, 'max_add' => $max_add, 'cosmetic' => $cosmetic, 'enh_names' => $enh_names, 'enh_names_simple' => $enh_names_simple, 'opaque_names' => $opaque_names, 'opaque_names_simple' => $opaque_names_simple, 'updated' => $updated);
}
//print_r ($items_array);die;
// Return the item array
return $items_array;
}
function search_comments()
{
list($active_comments, $startnum, $total, $bool, $q) = pnVarCleanFromInput('active_comments', 'startnum', 'total', 'bool', 'q');
if (empty($active_comments)) {
return;
}
if (!pnModAvailable('Comments')) {
return;
}
$dbconn =& pnDBGetConn(true);
$pntable =& pnDBGetTables();
$output =& new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
if (!isset($startnum) || !is_numeric($startnum)) {
$startnum = 1;
}
if (isset($total) && !is_numeric($total)) {
unset($total);
}
$w = search_split_query($q);
$flag = false;
$column =& $pntable['comments_column'];
$query = "SELECT {$column['subject']} as subject, {$column['tid']} as tid, ";
$query .= "{$column['sid']} as sid, {$column['pid']} as pid, {$column['comment']} as comment FROM {$pntable['comments']} WHERE ";
foreach ($w as $word) {
if ($flag) {
switch ($bool) {
case 'AND':
$query .= ' AND ';
break;
case 'OR':
default:
$query .= ' OR ';
break;
}
}
$query .= '(';
$query .= "{$column['subject']} LIKE '" . pnVarPrepForStore($word) . "' OR ";
$query .= "{$column['comment']} LIKE '" . pnVarPrepForStore($word) . "'";
$query .= ')';
$flag = true;
}
$query .= " ORDER BY {$column['subject']}";
if (empty($total)) {
$countres =& $dbconn->Execute($query);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
$total = $countres->PO_RecordCount();
$countres->Close();
}
$result = $dbconn->SelectLimit($query, 10, $startnum - 1);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
if (!$result->EOF) {
$output->Text(_COMMENTS . ': ' . $total . ' ' . _SEARCHRESULTS);
$output->SetInputMode(_PNH_VERBATIMINPUT);
// Rebuild the search string from previous information
$url = "index.php?name=Search&action=search&active_comments=1&bool={$bool}&q={$q}";
$output->Text('<dl>');
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
$row['comment'] = strip_tags($row['comment']);
if (strlen($row['comment']) > 128) {
$row['comment'] = substr($row['comment'], 0, 125) . '...';
}
if ($row[subject] == "") {
$row[subject] = "No title";
}
if ($row[pid] != 0) {
// comment with parent posting
$output->Text("<dt><a href=\"index.php?name=Comments&req=showreply&tid={$row['tid']}&sid={$row['sid']}&pid={$row['pid']}\">" . pnVarPrepHTMLDisplay($row[subject]) . "</a></dt>");
} else {
// comment without parent posting
$output->Text("<dt><a href=\"index.php?name=Comments&tid={$row['tid']}&sid={$row['sid']}#{$row['tid']}\">" . pnVarPrepHTMLDisplay($row[subject]) . "</a></dt>");
}
$output->Text("<dd>" . pnVarPrepForDisplay($row[comment]) . "</dd>");
$result->MoveNext();
}
$output->Text('</dl>');
// Munge URL for template
$urltemplate = $url . "&startnum=%%&total={$total}";
$output->Pager($startnum, $total, $urltemplate, 10);
} else {
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text(_SEARCH_NO_COMMENTS);
$output->SetInputMode(_PNH_PARSEINPUT);
}
$output->Linebreak(3);
return $output->GetOutput();
}
function Lenses_admin_search_report($args)
{
// Clean input from the form.
$time = pnVarCleanFromInput('time');
// Extract any extra arguments.
extract($args);
// Permission check.
if (!pnSecAuthAction(0, 'Lenses::', '::', ACCESS_ADMIN)) {
return pnVarPrepHTMLDisplay(_MODULENOAUTH);
}
// Start a new output object.
$pnRender =& new pnRender('Lenses');
// Call API function to get all lenses.
$lenses_data = pnModAPIFunc('Lenses', 'user', 'search_report', array('time' => $time));
//
// Assign $lenses to template.
$pnRender->assign('lenses_data', $lenses_data);
$pnRender->assign('time', $time);
// Return templated output.
return $pnRender->fetch('lenses_admin_search_report.htm');
}
function postcalendar_admin_testSystem()
{
global $bgcolor1, $bgcolor2;
if (!PC_ACCESS_ADMIN) {
return _POSTCALENDAR_NOAUTH;
}
$modinfo = pnModGetInfo(pnModGetIDFromName(__POSTCALENDAR__));
$pcDir = pnVarPrepForOS($modinfo['directory']);
$version = $modinfo['version'];
unset($modinfo);
$tpl = new pcSmarty();
$infos = array();
if (phpversion() >= '4.1.0') {
$__SERVER =& $_SERVER;
$__ENV =& $_ENV;
} else {
$__SERVER =& $HTTP_SERVER_VARS;
$__ENV =& $HTTP_ENV_VARS;
}
if (defined('_PN_VERSION_NUM')) {
$pnVersion = _PN_VERSION_NUM;
} else {
$pnVersion = pnConfigGetVar('Version_Num');
}
array_push($infos, array('CMS Version', $pnVersion));
array_push($infos, array('Sitename', pnConfigGetVar('sitename')));
array_push($infos, array('url', pnGetBaseURL()));
array_push($infos, array('PHP Version', phpversion()));
if ((bool) ini_get('safe_mode')) {
$safe_mode = "On";
} else {
$safe_mode = "Off";
}
array_push($infos, array('PHP safe_mode', $safe_mode));
if ((bool) ini_get('safe_mode_gid')) {
$safe_mode_gid = "On";
} else {
$safe_mode_gid = "Off";
}
array_push($infos, array('PHP safe_mode_gid', $safe_mode_gid));
$base_dir = ini_get('open_basedir');
if (!empty($base_dir)) {
$open_basedir = "{$base_dir}";
} else {
$open_basedir = "NULL";
}
array_push($infos, array('PHP open_basedir', $open_basedir));
array_push($infos, array('SAPI', php_sapi_name()));
array_push($infos, array('OS', php_uname()));
array_push($infos, array('WebServer', $__SERVER['SERVER_SOFTWARE']));
array_push($infos, array('Module dir', "modules/{$pcDir}"));
$modversion = array();
include "modules/{$pcDir}/pnversion.php";
$error = '';
if ($modversion['version'] != $version) {
$error = '<br /><div style=\\"color: red;\\">';
$error .= "new version {$modversion['version']} installed but not updated!";
$error .= '</div>';
}
array_push($infos, array('Module version', $version . " {$error}"));
array_push($infos, array('smarty version', $tpl->_version));
array_push($infos, array('smarty location', SMARTY_DIR));
array_push($infos, array('smarty template dir', $tpl->template_dir));
$info = $tpl->compile_dir;
$error = '';
if (!file_exists($tpl->compile_dir)) {
$error .= " compile dir doesn't exist! [{$tpl->compile_dir}]<br />";
} else {
// dir exists -> check if it's writeable
if (!is_writeable($tpl->compile_dir)) {
$error .= " compile dir not writeable! [{$tpl->compile_dir}]<br />";
}
}
if (strlen($error) > 0) {
$info .= "<br /><div style=\"color: red;\">{$error}</div>";
}
array_push($infos, array('smarty compile dir', $info));
$info = $tpl->cache_dir;
$error = "";
if (!file_exists($tpl->cache_dir)) {
$error .= " cache dir doesn't exist! [{$tpl->cache_dir}]<br />";
} else {
// dir exists -> check if it's writeable
if (!is_writeable($tpl->cache_dir)) {
$error .= " cache dir not writeable! [{$tpl->cache_dir}]<br />";
}
}
if (strlen($error) > 0) {
$info .= "<br /><div style=\"color: red;\">{$error}</div>";
}
array_push($infos, array('smarty cache dir', $info));
$header = <<<EOF
\t<html>
\t<head></head>
\t<body bgcolor=
EOF;
$header .= '"' . $GLOBALS['style']['BGCOLOR2'] . '">';
$output .= $header;
$output = postcalendar_adminmenu();
$output .= '<table border="1" cellpadding="3" cellspacing="1">';
$output .= ' <tr><th align="left">Name</th><th align="left">Value</th>';
$output .= '</tr>';
foreach ($infos as $info) {
$output .= '<tr><td ><b>' . pnVarPrepHTMLDisplay($info[0]) . '</b></td>';
$output .= '<td>' . pnVarPrepHTMLDisplay($info[1]) . '</td></tr>';
}
$output .= '</table>';
$output .= '<br /><br />';
$output .= postcalendar_admin_modifyconfig('', false);
$output .= "</body></html>";
return $output;
}
/**
* display block
*/
function admin_messages_messagesblock_display($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!isset($row['title'])) {
$row['title'] = '';
}
if (!pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::", ACCESS_READ)) {
return;
}
$messagestable = $pntable['message'];
$messagescolumn =& $pntable['message_column'];
if (pnConfigGetVar('multilingual') == 1) {
$currentlang = pnUserGetLang();
$querylang = "AND ({$messagescolumn['mlanguage']}='{$currentlang}' OR {$messagescolumn['mlanguage']}='')";
} else {
$querylang = '';
}
$sql = "SELECT {$messagescolumn['mid']},\n {$messagescolumn['title']},\n {$messagescolumn['content']},\n {$messagescolumn['date']},\n {$messagescolumn['view']}\n FROM {$messagestable}\n WHERE {$messagescolumn['active']} = 1 \n AND ( {$messagescolumn['expire']} > unix_timestamp(now())\n OR {$messagescolumn['expire']} = 0)\n {$querylang}\n ORDER by {$messagescolumn['mid']} DESC";
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
return;
}
$output = new pnHTML();
while (list($mid, $title, $content, $date, $view) = $result->fields) {
$result->MoveNext();
$show = 0;
if (pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::{$mid}", ACCESS_READ)) {
switch ($view) {
case 1:
// Message for everyone
$show = 1;
break;
case 2:
// Message for users
if (pnUserLoggedIn()) {
$show = 1;
}
break;
case 3:
// Messages for non-users
if (!pnUserLoggedIn()) {
$show = 1;
}
break;
case 4:
// Messages for administrators of any description
if (pnSecAuthAction(0, '::', '::', ACCESS_ADMIN)) {
$show = 1;
}
break;
}
}
if ($show) {
list($title, $content) = pnModCallHooks('item', 'transform', '', array($title, $content));
$output->TableStart('', '', 0);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$ttitle = $output->Linebreak();
$ttitle .= $output->Text($title);
$ttitle .= $output->Linebreak(2);
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->TableAddRow(array("<font class=\"pn-title\">" . pnVarPrepHTMLDisplay($ttitle) . "</font>"), 'center');
$output->TableAddRow(array("<font class=\"pn-normal\">" . pnVarPrepHTMLDisplay($content) . "</font>"), 'left');
$output->SetInputMode(_PNH_PARSEINPUT);
$output->TableEnd();
}
}
if ($output->output != "") {
// Don't want a title
$row['title'] = '';
$row['content'] = $output->GetOutput();
return themesideblock($row);
}
}
function Meds_user_display($args)
{
// Permission check.
if (!pnSecAuthAction(0, 'Meds::', '::', ACCESS_READ)) {
return pnVarPrepHTMLDisplay(_MODULENOTSUBSCRIBED);
}
// This is a flag to use in the template for
// the purpose of displaying a go-back link.
// This flag is needed because the go back link
// is not needed when the user dialed in a med
// and displayed it directly (ie, non-search)
$search = pnVarCleanFromInput('search');
// Get the object type and start number.
$med_id = pnVarCleanFromInput('med_id');
// Get medication from database.
$med = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'med', 'med_id' => $med_id));
// Check if medication could not be obtained.
if (!$med) {
return pnVarPrepHTMLDisplay(_NOSUCHITEM);
}
if (strpos($med['rxInfo'], "pdf/") === 0) {
$med['rxInfo'] = "modules/Meds/pn" . $med['rxInfo'];
}
//print (strpos($med['rxInfo'], "pdf/"));
//information used for popup windows. I'm sure there's a better way to do this but...
$pregnancy = pnModAPIFunc('Meds', 'user', 'preg_descriptions');
$schedules = pnModAPIFunc('Meds', 'user', 'sched_descriptions');
if ($med['pres_id1']) {
$pres_info1 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'preserve', 'pres_id' => $med['pres_id1']));
}
if ($med['pres_id2']) {
$pres_info2 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'preserve', 'pres_id' => $med['pres_id2']));
}
$comp_info = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'company', 'comp_id' => $med['comp_id']));
$comp_text = pnModFunc('Meds', 'user', 'company_popup', array('comp_info' => $comp_info));
if ($med['moa_id1']) {
$moa_info1 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'moa', 'moa_id' => $med['moa_id1']));
}
if ($med['moa_id2']) {
$moa_info2 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'moa', 'moa_id' => $med['moa_id2']));
}
if ($med['moa_id3']) {
$moa_info3 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'moa', 'moa_id' => $med['moa_id3']));
}
if ($med['moa_id4']) {
$moa_info4 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'moa', 'moa_id' => $med['moa_id4']));
}
// Start a new output object.
$pnRender =& new pnRender('Meds');
// Assign medication's data to template.
$pnRender->assign('med', $med);
//assign popup info to templates
$pnRender->assign('preg', $pregnancy[$med['preg']]);
$pnRender->assign('sched', $schedules[$med['schedule']]);
$pnRender->assign('comp_text', $comp_text);
$pnRender->assign('preserve_info1', $pres_info1['comments']);
$pnRender->assign('preserve_info2', $pres_info2['comments']);
$pnRender->assign('moa_info1', $moa_info1['comments']);
$pnRender->assign('moa_info2', $moa_info2['comments']);
$pnRender->assign('moa_info3', $moa_info3['comments']);
$pnRender->assign('moa_info4', $moa_info4['comments']);
// Assign flag to template; for search back-links.
if (!empty($search)) {
$pnRender->assign('search', $search);
}
// Assign flag for admin permission capacity.
$pnRender->assign('is_admin', pnSecAuthAction(0, 'Meds::', '::', ACCESS_ADMIN));
// Let any hooks know that we are displaying an item. As this is a display
// hook we're passing a URL as the extra info, which is the URL that any
// hooks will show after they have finished their own work. It is normal
// for that URL to bring the user back to this function
$pnRender->assign('hooks', pnModCallHooks('item', 'display', $med_id, pnModURL('Meds', 'user', 'display', array('med_id' => $med_id))));
// Get options for all dropdowns. These are not used
// for dropdowns here, but rather are used to help convert
// the med's various ids back into meaning texts.
$pnRender->assign(pnModAPIFunc('Meds', 'user', 'getall_selects'));
// Return templated output.
return $pnRender->fetch('meds_user_display.htm');
}
function referers_admin_main()
{
include "header.php";
$bgcolor2 = $GLOBALS["bgcolor2"];
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
GraphicAdmin();
OpenTable();
echo "<center><font class=\"pn-title\"><b>" . _HTTPREFERERS . "</b></font></center>";
CloseTable();
if (!pnSecAuthAction(0, 'Referers::', '::', ACCESS_ADMIN)) {
echo _REFERERSNOAUTH;
include 'footer.php';
return;
}
// Added by Leithya - Start
list($sortby, $page) = pnVarCleanFromInput('sortby', 'page');
if (!isset($page) || !is_numeric($page)) {
$page = 1;
}
if ($sortby != "pn_url") {
$sortby = "pn_frequency";
}
$column =& $pntable['referer_column'];
if ($sortby == 'pn_url') {
$sort = "ORDER BY {$column['url']} ";
} else {
$sort = "ORDER BY {$column['frequency']} DESC ";
}
$pagesize = '25';
$min = $pagesize * ($page - 1);
$max = $pagesize;
// Added by Leithya - End
// Edited by Leithya - Start
OpenTable();
echo "<center><font class=\"pn-normal\"><b>" . _WHOLINKS . "</b</font></center><br /><br />" . "<table border=0 width=\"100%\">" . "<tr><td><font class=\"pn-normal\"><a class=\"pn-sub\" href='admin.php?module=NS-Referers&op=main&sortby=pn_frequency'>" . _FREQUENCY . "</a></font></td>" . "<td><font class=\"pn-normal\"><a class=\"pn-sub\" href='admin.php?module=NS-Referers&op=main&sortby=pn_url'>" . _URL . "</a></font></td>" . "<td><font class=\"pn-sub\">" . _PERCENT . "</font></td></tr>";
/**
* fifers: grab the total count of referers for percentage calculations
*/
$hresult = $dbconn->Execute("SELECT SUM({$column['frequency']}) FROM {$pntable['referer']}");
list($totalfreq) = $hresult->fields;
$hresult5 = $dbconn->Execute("SELECT * FROM {$pntable['referer']}");
list($totalurl) = $hresult5->fields;
$totalurl = $hresult5->PO_RecordCount();
$hresult = $dbconn->Execute("SELECT {$column['url']}, {$column['frequency']} FROM {$pntable['referer']} {$sort} LIMIT " . $min . "," . $max . " ");
while (list($url, $freq) = $hresult->fields) {
$urls = str_replace('&', ' &', $url);
$urls = str_replace('/', '/ ', $urls);
$url = pnVarPrepForDisplay($url);
// Edited by Leithya - End
/*
$hresult = $dbconn->Execute("SELECT $column[url], $column[frequency] FROM $pntable[referer] ORDER BY $column[frequency] DESC");
while(list($url, $freq) = $hresult->fields) {
*/
$hresult->MoveNext();
echo "<tr>\n" . "<td bgcolor=\"{$bgcolor2}\"><font class=\"pn-normal\">" . pnVarPrepForDisplay($freq) . "</font></td>\n" . "<td bgcolor=\"{$bgcolor2}\"><font class=\"pn-normal\">" . ($url == "bookmark" ? "" : "<a target=_blank href={$url}>") . pnVarPrepForDisplay($urls) . ($url == "bookmark" ? "" : "</a>") . "</font></td>\n" . "<td bgcolor=\"{$bgcolor2}\"><font class=\"pn-normal\">" . round($freq / $totalfreq * 100, 2) . " %</font></td>\n" . "</tr>\n";
}
echo "</table><font class=\"pn-normal\">" . _TOTAL . " " . pnVarPrepForDisplay($totalfreq) . " </font><br />";
// Added by Leithya - Start
if ($totalurl > $pagesize) {
$total_pages = ceil($totalurl / $pagesize) + 0.99;
$prev_page = $page - 1;
$next_page = $page + 1;
if ($prev_page > 0) {
echo "<a class=\"pn-normal\" href='admin.php?module=NS-Referers&op=main&sortby={$sortby}&page={$prev_page}'><font class=\"pn-sub\"> <-- </font></a>";
}
for ($n = 1; $n < $total_pages; $n++) {
if ($n == $page) {
echo " <font class=\"pn-sub\">{$n}</font></a> ";
} else {
echo " <a class=\"pn-normal\" href='admin.php?module=NS-Referers&op=main&sortby={$sortby}&page={$n}'><font class=\"pn-sub\">" . pnVarPrepHTMLDisplay($n) . "</font></a> ";
}
}
if ($next_page <= $total_pages) {
echo "<a class=\"pn-normal\" href='admin.php?module=NS-Referers&op=main&sortby={$sortby}&page={$next_page}'><font class=\"pn-sub\"> --> </font></a>";
}
}
// Added by Leithya - End
echo "<form action=\"admin.php\" method=\"post\">" . "<input type=\"hidden\" name=\"module\" value=\"NS-Referers\">" . "<input type=\"hidden\" name=\"authid\" value=\"" . pnSecGenAuthKey() . "\">" . "<input type=\"hidden\" name=\"op\" value=\"delete\">" . "<center><input type=\"submit\" value=\"" . _DELETEREFERERS . "\"></center></form>";
CloseTable();
// Access Referer Settings
OpenTable();
echo "<center><font class=\"pn-title\"><b>" . _REFERERSCONF . "</b></font></center><br /><br />";
echo "<center><a href=\"admin.php?module=" . $GLOBALS['module'] . "&op=getConfig\">" . _REFERERSCONF . "</a></center>";
CloseTable();
include "footer.php";
}
function modifyUser($chng_user)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
include "header.php";
GraphicAdmin();
OpenTable();
echo "<center><font class=\"pn-title\"><b>" . _USERADMIN . "</b></font></center>";
CloseTable();
$column =& $pntable['users_column'];
$result = $dbconn->Execute("SELECT {$column['uid']}, {$column['uname']}, {$column['name']},\n {$column['url']}, {$column['email']}, {$column['femail']},\n {$column['user_icq']}, {$column['user_aim']},\n {$column['user_yim']}, {$column['user_msnm']},\n {$column['user_from']}, {$column['user_occ']},\n {$column['user_intrest']}, {$column['user_viewemail']},\n {$column['user_avatar']}, {$column['user_sig']}, {$column['bio']}, {$column['pass']}\n FROM {$pntable['users']} \n WHERE {$column['uname']}='{$chng_user}'");
if ($result->EOF) {
$result = $dbconn->Execute("SELECT {$column['uid']}, {$column['uname']}, {$column['name']},\n {$column['url']}, {$column['email']}, {$column['femail']},\n {$column['user_icq']}, {$column['user_aim']},\n {$column['user_yim']}, {$column['user_msnm']},\n {$column['user_from']}, {$column['user_occ']},\n {$column['user_intrest']}, {$column['user_viewemail']},\n {$column['user_avatar']}, {$column['user_sig']},\n {$column['bio']}, {$column['pass']}\n FROM {$pntable['users']} \n WHERE {$column['uid']}='{$chng_user}'");
}
if (!$result->EOF) {
list($chng_uid, $chng_uname, $chng_name, $chng_url, $chng_email, $chng_femail, $chng_user_icq, $chng_user_aim, $chng_user_yim, $chng_user_msnm, $chng_user_from, $chng_user_occ, $chng_user_intrest, $chng_user_viewemail, $chng_avatar, $chng_user_sig, $chng_bio, $chng_pass) = $result->fields;
if (!pnSecAuthAction(0, 'Users::', "{$chng_uname}::{$chng_uid}", ACCESS_EDIT)) {
echo _MODIFYUSERSEDITNOAUTH;
include 'footer.php';
return;
}
OpenTable();
echo "<center><font class=\"pn-title\"><b>" . _USERUPDATE . ": <i>" . pnVarPrepForDisplay(stripslashes($chng_user)) . "</i></b></font></center>" . "<form action=\"admin.php\" method=\"post\">" . "<table border=\"0\">" . "<tr><td><font class=\"pn-normal\">" . _USERID . "</font></td>" . "<td><font class=\"pn-normal\"><b>" . pnVarPrepForDisplay($chng_uid) . "</font></b></td></tr>" . "<tr><td><font class=\"pn-normal\">" . _NICKNAME . "</font></td>" . "<td><input type=\"text\" name=\"chng_uname\" value=\"{$chng_uname}\"> <font class=\"pn-sub\">" . _REQUIRED . "</font></td></tr>" . "<input type=\"hidden\" name=\"chng_name\" value=\"{$chng_name}\">" . "<input type=\"hidden\" name=\"chng_url\" value=\"{$chng_url}\">" . "<tr><td><font class=\"pn-normal\">" . _EMAIL . "</font></td>" . "<td><input type=\"text\" name=\"chng_email\" value=\"{$chng_email}\" size=\"30\" maxlength=\"60\"> <font class=\"pn-sub\">" . _REQUIRED . "</font></td></tr>" . "<input type=\"hidden\" name=\"chng_femail\" value=\"{$chng_femail}\">" . "<input type=\"hidden\" name=\"chng_user_icq\" value=\"{$chng_user_icq}\">" . "<input type=\"hidden\" name=\"chng_user_aim\" value=\"{$chng_user_aim}\">" . "<input type=\"hidden\" name=\"chng_user_yim\" value=\"{$chng_user_yim}\">" . "<input type=\"hidden\" name=\"chng_user_msnm\" value=\"{$chng_user_msnm}\">" . "<input type=\"hidden\" name=\"chng_user_from\" value=\"{$chng_user_from}\">" . "<input type=\"hidden\" name=\"chng_user_occ\" value=\"{$chng_user_occ}\">" . "<input type=\"hidden\" name=\"chng_user_intrest\" value=\"{$chng_user_intrest}\">" . "<tr><td><font class=\"pn-normal\">" . _BIO . "</font></td>" . "<td><textarea cols=\"80\" rows=\"10\" name=\"chng_bio\">" . pnVarPrepHTMLDisplay(nl2br($chng_bio)) . "</textarea></td></tr>" . "<tr><td><font class=\"pn-normal\">" . _OPTION . "</font></td>";
if ($chng_user_viewemail == 1) {
echo "<td><font class=\"pn-normal\"><input type=\"checkbox\" name=\"chng_user_viewemail\" value=\"1\" checked> " . _ALLOWUSERS . "</font></td></tr>";
} else {
echo "<td><font class=\"pn-normal\"><input type=\"checkbox\" name=\"chng_user_viewemail\" value=\"1\"> " . _ALLOWUSERS . "</font></td></tr>";
}
echo "<input type=\"hidden\" name=\"chng_user_sig\" value=\"{$chng_user_sig}\">" . "<tr><td><font class=\"pn-normal\">" . _PASSWORD . "</font></td>" . "<td><input type=\"password\" name=\"chng_pass\" size=\"12\" maxlength=\"12\"></td></tr>" . "<tr><td><font class=\"pn-normal\">" . _RETYPEPASSWD . "</font></td>" . "<td><input type=\"password\" name=\"chng_pass2\" size=\"12\" maxlength=\"12\"> <font class=\"pn-sub\">" . _FORCHANGES . "</font></td></tr>" . "<input type=\"hidden\" name=\"chng_avatar\" value=\"{$chng_avatar}\">" . "<input type=\"hidden\" name=\"chng_uid\" value=\"{$chng_uid}\">" . "<input type=\"hidden\" name=\"module\" value=\"NS-User\">" . "<input type=\"hidden\" name=\"op\" value=\"updateUser\">" . "<input type=\"hidden\" name=\"authid\" value=\"" . pnSecGenAuthKey() . "\">" . "<tr><td><input type=\"submit\" value=\"" . _SAVECHANGES . "\"></form></td></tr>" . "</table>";
CloseTable();
} else {
OpenTable();
echo "<center><b><font class=\"pn-normal\">" . _USERNOEXIST . "</b><br><br>" . "" . _GOBACK . "</font></center>";
CloseTable();
}
include "footer.php";
}
function dplink_adminmenu()
{
$theme = pnUserGetTheme();
pnThemeLoad($theme);
// Create output object
$output = new pnHTML();
// Security check
if (!pnSecAuthAction(0, 'dplink::', '::', ACCESS_ADMIN)) {
$output->Text(pnVarPrepHTMLDisplay(_SHIMLINKNOAUTH));
return $output->GetOutput();
}
//Title
ob_start();
OpenTable();
$oTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($oTable);
$output->Title(pnVarPrepHTMLDisplay('<b>' . _SHIMLINK . '</b>'));
$output->Text(pnVarPrepHTMLDisplay(_SHIMLINKMODIFYCONFIG));
ob_start();
CloseTable();
$cTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($cTable);
// Start form
$output->FormStart(pnModURL('dplink', 'admin', 'updateconfig'));
// Add an authorisation ID
$output->FormHidden('authid', pnSecGenAuthKey());
// Start the table that holds the information to be modified.
ob_start();
OpenTable();
$oTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($oTable);
$output->TableStart();
// dplink location
$row = array();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$row[] = $output->Text(pnVarPrepHTMLDisplay(_MODSUBJECT));
$row[] = $output->FormText('url', pnModGetVar('dplink', 'url'), 50, 50);
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->TableAddrow($row, 'left');
// Warning
$row = array();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$row[] = $output->Text(pnVarPrepHTMLDisplay(_MODWARNING));
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->TableAddrow($row, 'left');
// Use I-frame
$row = array();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$row[] = $output->Text(pnVarPrepHTMLDisplay(_MODWRAP));
$row[] = $output->FormCheckbox('use_wrap', pnModGetVar('dplink', 'use_wrap'));
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->TableAddrow($row, 'left');
// Open in New >Window
$row = array();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$row[] = $output->Text(pnVarPrepHTMLDisplay(_MODWINDOW));
$row[] = $output->FormCheckbox('use_window', pnModGetVar('dplink', 'use_window'));
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->TableAddrow($row, 'left');
$output->TableEnd();
ob_start();
CloseTable();
$cTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($cTable);
// End form
//$output->Linebreak(1);
ob_start();
OpenTable();
$oTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($oTable);
$output->Text('<div align="center"><br>');
$output->FormSubmit(pnVarPrepHTMLDisplay(_SHIMLINKUPDATE));
$output->Text('<br><br></div>');
ob_start();
CloseTable();
$cTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($cTable);
$output->FormEnd();
// Return the output that has been generated by this function
$output->SetOutputMode(_PNH_KEEPOUTPUT);
return $output->GetOutput();
}
function Tools_user_explain($args)
{
// Permission check.
if (!pnSecAuthAction(0, 'Tools::', '::', ACCESS_OVERVIEW)) {
return pnVarPrepHTMLDisplay(_MODULENOAUTH);
}
// Clean tool from input.
$tool = pnVarCleanFromInput('tool');
// White-list approach; we only allow these values as $tool.
$explanations = array('contact_lens', 'conversions', 'crt', 'incentives', 'keratometer', 'oblique', 'parks');
// Ensure proper value is passed in or default it.
if (!in_array($tool, $explanations)) {
$tool = $explanations[0];
//return pnVarPrepHTMLDisplay('Invalid Tool Specified');
}
// Create a new output object.
$pnRender =& new pnRender('Tools');
// Return template.
return $pnRender->fetch('tools_user_explain_' . (string) $tool . '.htm');
}
function PrintPage($sid)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// grab the actual story from the database
$column =& $pntable['stories_column'];
$result = $dbconn->Execute("SELECT {$column['title']},\n {$column['time']},\n {$column['hometext']},\n {$column['bodytext']},\n {$column['topic']},\n {$column['notes']},\n {$column['cid']},\n {$column['aid']}\n FROM {$pntable['stories']} where {$column['sid']} = '" . pnVarPrepForStore($sid) . "'");
list($title, $time, $hometext, $bodytext, $topic, $notes, $cid, $aid) = $result->fields;
if (!isset($title) || $title == '') {
include 'header.php';
echo _DBSELECTERROR;
include 'footer.php';
exit;
}
if ($dbconn->ErrorNo() != 0) {
include 'header.php';
echo _DBSELECTERROR;
include 'footer.php';
exit;
}
// Get data for "autorise check"
// Just a temp. solution;
// Print.php needs completely redesign by using getArticles() and genArticleInfo()
// fix for Stories::Story, Topics::Topic [larsneo]
// find out the cattitle
if ($cid == 0) {
// Default category
$cattitle = "" . _ARTICLES . "";
} else {
$catcolumn =& $pntable['stories_cat_column'];
$catquery = buildSimpleQuery('stories_cat', array('title'), "{$catcolumn['catid']} = {$cid}");
$catresult = $dbconn->Execute($catquery);
list($cattitle) = $catresult->fields;
}
// find out the topictext
$topicscolumn =& $pntable['topics_column'];
$topicquery = buildSimpleQuery('topics', array('topictext', 'topicname'), "{$topicscolumn['topicid']} = {$topic}");
$topicresult = $dbconn->Execute($topicquery);
list($topictext, $topicname) = $topicresult->fields;
if (pnSecAuthAction(0, 'Stories::Story', "{$aid}:{$cattitle}:{$sid}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$topicname}::{$topic}", ACCESS_READ)) {
// user is authorised to view Stories::Story and Topics::Topic
// Increment the read counter
$column =& $pntable['stories_column'];
$dbconn->Execute("UPDATE {$pntable['stories']} SET {$column['counter']}={$column['counter']}+1 WHERE {$column['sid']}='" . pnVarPrepForStore($sid) . "'");
$time = $result->UnixTimeStamp($time);
$cWhereIsPerso = WHERE_IS_PERSO;
if (!empty($cWhereIsPerso)) {
include "modules/NS-Multisites/print.inc.php";
} else {
$themesarein = "";
$ThemeSel = pnUserGetTheme();
}
/* with this code there's no output if wiki is removed [larsneo]
pnModAPILoad('Wiki', 'user');
list($title,
$hometext,
$bodytext,
$notes) = pnModAPIFunc('wiki',
'user',
'transform',
array('objectid' => $sid,
'extrainfo' => array($title,
$hometext,
$bodytext,
$notes)));
*/
// call hooks
list($title, $hometext, $bodytext, $notes) = pnModCallHooks('item', 'transform', '', array($title, $hometext, $bodytext, $notes));
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n" . "<html>\n" . "<head><title>" . pnConfigGetVar('sitename') . "</title>\n";
if (defined("_CHARSET") && _CHARSET != "") {
echo "<META HTTP-EQUIV=\"Content-Type\" " . "CONTENT=\"text/html; charset=" . _CHARSET . "\">\n";
}
//changed to local stylesheet
//echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"".$themesarein."themes/$ThemeSel/style/style.css\">";
echo "<style type=\"text/css\">\n" . "<!--\n" . ".print-title {\n" . "background-color: transparent;\n" . "color: #990000;\n" . "font-family: Verdana, Arial, sans-serif;\n" . "font-size: 14px;\n" . "font-weight: bold;\n" . "text-decoration: none;\n" . "}\n" . ".print-sub {\n" . "background-color: transparent;\n" . "color: #000000;\n" . "font-family: Verdana, Arial, sans-serif;\n" . "font-size: 11px;\n" . "font-weight: normal;\n" . "text-decoration: none;\n" . "}\n" . ".print-normal {\n" . "background-color: transparent;\n" . "color: #000000;\n" . "font-family: Verdana, Arial, sans-serif;\n" . "font-size: 12px;\n" . "font-weight: normal;\n" . "text-decoration: none;\n" . "}\n" . ".print {\n" . "color: #000000;\n" . "background-color: #FFFFFF;\n" . "}\n" . "-->\n" . "</style>\n";
echo "</head>\n" . "<body class=\"print\" bgcolor=\"#FFFFFF\" text=\"#000000\">\n" . "\n<table border=\"0\" width=\"85%\" cellpadding=\"0\" cellspacing=\"1\" bgcolor=\"#FFFFFF\">\n" . "<tr><td>\n" . "<table border=\"0\" width=\"100%\" cellpadding=\"5\" cellspacing=\"1\" bgcolor=\"#FFFFFF\">\n" . "<tr><td>\n" . "<img src=\"" . WHERE_IS_PERSO . "images/" . pnConfigGetVar('site_logo') . "\" border=\"0\" alt=\"" . pnConfigGetVar('sitename') . "\">\n" . "<br /><br />\n" . "<b><font class=\"print-title\">" . pnVarPrepHTMLDisplay($title) . "</font></b><br /><br />\n" . "<font class=\"print-sub\">" . pnVarPrepHTMLDisplay($cattitle) . " / " . pnVarPrepHTMLDisplay($topictext) . "<br />\n" . "<b>" . _DATE . ":</b> " . ml_ftime(_DATETIMEBRIEF, $time) . "</font>\n" . "</td></tr>\n" . "<tr><td>\n" . "<font class=\"print-normal\">" . pnVarPrepHTMLDisplay($hometext) . "<br /><br />\n";
if (!empty($bodytext)) {
echo pnVarPrepHTMLDisplay($bodytext) . "<br />\n";
}
if (!empty($notes)) {
echo pnVarPrepHTMLDisplay($notes) . "<br />\n";
} else {
echo "<br />\n";
}
echo "</font>\n" . "</td></tr>\n" . "<tr><td>\n" . "<hr size=\"1\"><font class=\"print-normal\">\n" . "" . _COMESFROM . " " . pnConfigGetVar('sitename') . "<br />\n" . "<a class=\"print-normal\" href=\"" . pnGetBaseURL() . "\">" . pnGetBaseURL() . "</a>\n" . "<br /><br />\n" . "" . _THEURL . "" . "<br />\n" . "<a class=\"print-normal\" href=\"" . pnGetBaseURL() . "modules.php?op=modload&name=News&file=article&sid={$sid}\">" . pnGetBaseURL() . "modules.php?op=modload&name=News&file=article&sid={$sid}" . "</a>\n" . "</font>\n" . "</td></tr>\n" . "</table>\n</td></tr>\n</table>\n" . "</body>\n" . "</html>\n";
} else {
// user is not authorised to view Stories::Story and Topics::Topic
include 'header.php';
echo _BADAUTHKEY;
include 'footer.php';
exit;
}
}
function search_weblinks()
{
list($active_weblinks, $startnum, $total, $q, $bool) = pnVarCleanFromInput('active_weblinks', 'startnum', 'total', 'q', 'bool');
if (empty($active_weblinks)) {
return;
}
if (!pnModAvailable('Web_Links')) {
return;
}
$dbconn =& pnDBGetConn(true);
$pntable =& pnDBGetTables();
$output =& new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
if (!isset($startnum) || !is_numeric($startnum)) {
$startnum = 1;
}
if (isset($total) && !is_numeric($total)) {
unset($total);
}
$w = search_split_query($q);
$flag = false;
$column =& $pntable['links_links_column'];
$query = "SELECT {$column['url']} as url, {$column['title']} as title, {$column['description']} as description, {$column['lid']} as lid, {$column['cat_id']} as cat_id\n FROM {$pntable['links_links']}\n WHERE \n";
foreach ($w as $word) {
if ($flag) {
switch ($bool) {
case 'AND':
$query .= ' AND ';
break;
case 'OR':
default:
$query .= ' OR ';
break;
}
}
$query .= '(';
// web links
$query .= "{$column['description']} LIKE '" . pnVarPrepForStore($word) . "' OR \n";
$query .= "{$column['url']} LIKE '" . pnVarPrepForStore($word) . "' OR \n";
$query .= "{$column['submitter']} LIKE '" . pnVarPrepForStore($word) . "' OR \n";
$query .= "{$column['title']} LIKE '" . pnVarPrepForStore($word) . "' \n";
$query .= ')';
$flag = true;
}
$query .= " ORDER BY {$column['lid']}";
// get the total count with permissions!
if (empty($total)) {
$total = 0;
$countres =& $dbconn->Execute($query);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
while (!$countres->EOF) {
$row = $countres->GetRowAssoc(false);
// we have a link id so get its category
$column2 =& $pntable['links_categories_column'];
$result2 =& $dbconn->Execute("SELECT {$column2['title']} \n\t\t\t\t\t\t\t\t\tFROM {$pntable['links_categories']} \n\t\t\t\t\t\t\t\t\tWHERE {$column2['cat_id']}={$row['cat_id']}");
list($title) = $result2->fields;
if (pnSecAuthAction(0, 'Web Links::Link', "{$title}:{$row['title']}:{$row['lid']}", ACCESS_READ) && pnSecAuthAction(0, 'Web Links::Category', "{$title}::{$row['cat_id']}", ACCESS_READ)) {
$total++;
}
$countres->MoveNext();
}
}
$result = $dbconn->SelectLimit($query, 10, $startnum - 1);
// check for a db error
if ($dbconn->ErrorNo() != 0) {
return;
}
if (!$result->EOF) {
$output->Text(_WEBLINKS . ': ' . $total . ' ' . _SEARCHRESULTS);
$output->SetInputMode(_PNH_VERBATIMINPUT);
// Rebuild the search string from previous information
$url = "index.php?name=Search&action=search&active_weblinks=1&bool={$bool}&q={$q}";
$output->Text("<dl>");
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
// we have a link id so get its category
$column2 =& $pntable['links_categories_column'];
$result2 =& $dbconn->Execute("SELECT {$column2['title']} \n\t\t\t\t\t\t\t\t\tFROM {$pntable['links_categories']} \n\t\t\t\t\t\t\t\t\tWHERE {$column2['cat_id']}={$row['cat_id']}");
list($title) = $result2->fields;
if (pnSecAuthAction(0, 'Web Links::Link', "{$title}:{$row['title']}:{$row['lid']}", ACCESS_READ) && pnSecAuthAction(0, 'Web Links::Category', "{$title}::{$row['cat_id']}", ACCESS_READ)) {
$output->Text("<dt><a href=\"" . pnVarPrepForDisplay($row['url']) . "\">" . pnVarPrepForDisplay($row['title']) . "</a></dt><dd>" . pnVarPrepHTMLDisplay($row['description']) . "</dd>");
}
$result->MoveNext();
}
$output->Text("</dl>");
// Munge URL for template
$urltemplate = $url . "&startnum=%%&total={$total}";
$output->Pager($startnum, $total, $urltemplate, 10);
} else {
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text(_SEARCH_NO_LINKS);
$output->SetInputMode(_PNH_PARSEINPUT);
}
$output->Linebreak(3);
$flag = false;
$column =& $pntable['links_categories_column'];
$query = "SELECT {$column['cat_id']} as cat_id, {$column['title']} as title, {$column['cdescription']} as description\n FROM {$pntable['links_categories']}\n WHERE \n";
foreach ($w as $word) {
if ($flag) {
switch ($bool) {
case 'AND':
$query .= ' AND ';
break;
case 'OR':
default:
$query .= ' OR ';
break;
}
}
$query .= '(';
// web links
$query .= "{$column['cdescription']} LIKE '" . pnVarPrepForStore($word) . "'\n";
$query .= ')';
$flag = true;
}
$query .= " ORDER BY {$column['cat_id']}";
// get the total count with permissions!
if (empty($total)) {
$total = 0;
$countres =& $dbconn->Execute($query);
while (!$countres->EOF) {
$row = $countres->GetRowAssoc(false);
if (pnSecAuthAction(0, 'Web Links::Category', "{$title}:{$row['title']}:{$row['cat_id']}", ACCESS_READ)) {
$total++;
}
$countres->MoveNext();
}
}
$result = $dbconn->SelectLimit($query, 10, $startnum - 1);
if (!$result->EOF) {
$output->Text(_WEBLINKSCATEGORIES . ': ' . $total . ' ' . _SEARCHRESULTS);
$output->SetInputMode(_PNH_VERBATIMINPUT);
// Rebuild the search string from previous information
$url = "index.php?name=Search&action=search&active_weblinks=1&bool={$bool}&q={$q}";
$output->Text("<dl>");
while (!$result->EOF) {
$row = $result->GetRowAssoc(false);
if (pnSecAuthAction(0, 'Web Links::Category', "{$row['title']}::{$row['cat_id']}", ACCESS_READ)) {
$output->Text("<dt><a href=\"index.php?name=Web_Links&req=viewlink&cid=" . pnVarPrepForDisplay($row['cat_id']) . "\">" . pnVarPrepForDisplay($row['title']) . "</a></dt><dd>" . pnVarPrepHTMLDisplay($row['description']) . "</dd>");
}
$result->MoveNext();
}
$output->Text("</dl>");
// Munge URL for template
$urltemplate = $url . "&startnum=%%&total={$total}";
$output->Pager($startnum, $total, $urltemplate, 10);
} else {
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text(_SEARCH_NO_LINKSCATEGORIES);
$output->SetInputMode(_PNH_PARSEINPUT);
}
$output->Linebreak(3);
return $output->GetOutput();
}
function Lenses_admin_viewall_companies()
{
// Permission check.
if (!pnSecAuthAction(0, 'Lenses::', '::', ACCESS_ADMIN)) {
return pnVarPrepHTMLDisplay(_MODULENOAUTH);
}
// Start a new output object.
$pnRender =& new pnRender('Lenses');
// Call API function to get all companies.
$companies = pnModAPIFunc('Lenses', 'user', 'getall', array('item_type' => 'companies'));
// Assign $companies to template.
$pnRender->assign('companies', $companies);
// Return templated output.
return $pnRender->fetch('lenses_admin_viewall_companies.htm');
}
/**
* run a module function
* @author Jim McDonald <*****@*****.**>
* @link http://www.mcdee.net
* @param 'modname' the name of the module
* @param 'type' the type of function to run
* @param 'func' the specific function to run
* @param 'args' the arguments to pass to the function
* @returns mixed
*/
function pnModFunc($modname, $type = 'user', $func = 'main', $args = array())
{
// define input, all numbers and booleans to strings
$modname = isset($modname) ? (string) $modname : '';
// validate
if (!pnVarValidate($modname, 'mod')) {
return null;
}
list($osmodname, $ostype, $osfunc) = pnVarPrepForOS($modname, $type, $func);
// Build function name and call function
$modfunc = "{$modname}_{$type}_{$func}";
if (pnModLoad($modname, $type)) {
if (function_exists($modfunc)) {
return $modfunc($args);
} else {
if (file_exists("modules/{$osmodname}/pn{$ostype}/{$osfunc}.php")) {
require_once "modules/{$osmodname}/pn{$ostype}/{$osfunc}.php";
if (function_exists($modfunc)) {
return $modfunc($args);
}
}
}
}
// if we get here, the function does not exist - show an error and die()
// to-do: get execptions working for better handling of such errors
include_once 'header.php';
echo pnVarPrepHTMLDisplay(_UNKNOWNFUNC) . " " . pnVarPrepForDisplay($modfunc) . "()<br />\n";
if (pnSecAuthAction(0, $modname . '.*', '.*', ACCESS_ADMIN)) {
foreach ($args as $key => $value) {
echo pnVarPrepForDisplay($key) . " => " . pnVarPrepForDisplay($value) . "<br />\n";
}
}
include_once 'footer.php';
exit;
}
function &pcVarPrepHTMLDisplay($s)
{
return pnVarPrepHTMLDisplay(postcalendar_removeScriptTags($s));
}
function user_user_userinfo()
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$uname = pnVarCleanFromInput('uname');
// some input checking
if (!$uname || $uname == "" || !!preg_match("/[[:space:]]/", $uname)) {
include 'header.php';
OpenTable();
echo _MODARGSERROR;
CloseTable();
include 'footer.php';
}
// End of check
$column =& $pntable['users_column'];
$sql = "SELECT {$column['femail']} AS femail,\n {$column['url']} AS url,\n {$column['bio']} AS bio,\n {$column['user_avatar']} AS user_avatar,\n {$column['user_icq']} AS user_icq,\n {$column['user_aim']} AS user_aim,\n {$column['user_yim']} AS user_yim,\n {$column['user_msnm']} AS user_msnm,\n {$column['user_from']} AS user_from,\n {$column['user_occ']} AS user_occ,\n {$column['user_intrest']} AS user_intrest,\n {$column['user_sig']} AS user_sig,\n {$column['uid']} AS pn_uid,\n {$column['pass']} AS pass FROM {$pntable['users']} WHERE {$column['uname']}='" . pnVarPrepForStore($uname) . "'";
$result = $dbconn->Execute($sql);
$userinfo = $result->GetRowAssoc(false);
include 'header.php';
if (!pnSecAuthAction(0, 'UserInfo::', '::', ACCESS_READ)) {
echo _BADAUTHKEY;
include 'footer.php';
exit;
}
OpenTable();
echo "<center><font class=\"pn-title\">" . pnVarPrepForDisplay($uname) . "</font></center><br>";
if (!$result->EOF && ($userinfo['url'] || $userinfo['femail'] || $userinfo['bio'] || $userinfo['user_avatar'] || $userinfo['user_icq'] || $userinfo['user_aim'] || $userinfo['user_yim'] || $userinfo['user_msnm'] || $userinfo['user_from'] || $userinfo['user_occ'] || $userinfo['user_intrest'] || $userinfo['user_sig'] || $userinfo['pn_uid'])) {
echo "<center>";
$userinfo['user_sig'] = nl2br($userinfo['user_sig']);
if ($userinfo['user_avatar']) {
echo "<img src=\"images/avatar/{$userinfo['user_avatar']}\" alt=\"\"><br>\n";
}
echo "<font class=\"pn-normal\"><br>" . _REGISTEREDUSER . " " . pnVarPrepForDisplay($userinfo['pn_uid']) . "<br></font>\n";
if ($userinfo['url']) {
echo "<font class=\"pn-normal\">" . _MYHOMEPAGE . " <a class=\"pn-normal\" href=\"{$userinfo['url']}\">" . pnVarPrepForDisplay($userinfo['url']) . "</a><br></font>\n";
}
if ($userinfo['femail']) {
echo "<font class=\"pn-normal\">" . _MYEMAIL . " <a class=\"pn-normal\" href=\"mailto:{$userinfo['femail']}\">" . pnVarPrepForDisplay($userinfo['femail']) . "</a><br></font>\n";
}
if ($userinfo['user_icq']) {
echo "<font class=\"pn-normal\">" . _ICQ . ": " . pnVarPrepForDisplay($userinfo['user_icq']) . "<br></font>\n";
}
if ($userinfo['user_aim']) {
echo "<font class=\"pn-normal\">" . _AIM . ": " . pnVarPrepForDisplay($userinfo['user_aim']) . "<br></font>\n";
}
if ($userinfo['user_yim']) {
echo "<font class=\"pn-normal\">" . _YIM . ": " . pnVarPrepForDisplay($userinfo['user_yim']) . "<br></font>\n";
}
if ($userinfo['user_msnm']) {
echo "<font class=\"pn-normal\">" . _MSNM . ": " . pnVarPrepForDisplay($userinfo['user_msnm']) . "<br></font>\n";
}
if ($userinfo['user_from']) {
echo "<font class=\"pn-normal\">" . _LOCATION . ": " . pnVarPrepForDisplay($userinfo['user_from']) . "<br></font>\n";
}
if ($userinfo['user_occ']) {
echo "<font class=\"pn-normal\">" . _OCCUPATION . ": " . pnVarPrepForDisplay($userinfo['user_occ']) . "<br></font>\n";
}
if ($userinfo['user_intrest']) {
echo "<font class=\"pn-normal\">" . _INTERESTS . ": " . pnVarPrepForDisplay($userinfo['user_intrest']) . "<br></font>\n";
}
if ($userinfo['user_sig']) {
echo "<font class=\"pn-normal\"><br>" . _SIGNATURE . ":<br>" . pnVarPrepHTMLDisplay($userinfo['user_sig']) . "<br></font>\n";
}
if ($userinfo['bio']) {
echo "<font class=\"pn-normal\"><br>" . _EXTRAINFO . ":<br>" . pnVarPrepForDisplay($userinfo['bio']) . "<br></font>\n";
}
// $column = &$pntable['session_column'];
// $result = $dbconn->Execute("SELECT $column[username]
// FROM $pntable[session]
// WHERE $column[username]='".pnVarPrepForStore($uname)."'");
// list($username) = $result->fields;
// if ($username == "") {
// $online = _OFFLINE;
// } else {
// $online = _ONLINE;
// }
// echo ""._REGISTEREDUSER." ".pnVarPrepForDisplay($userinfo['pn_uid'])."";
// if (pnUserLoggedIn()) {
// echo "<font class=\"pn-normal\"><br>"._USERSTATUS.": ".pnVarPrepForDisplay($online)."<br></font>\n";
// }
$activetime = time() - pnConfigGetVar('secinactivemins') * 60;
$userhack = "SELECT pn_uid\n\t\t\t\t\tFROM " . $pntable['session_info'] . "\n\t\t\t\t\tWHERE pn_uid = '{$userinfo['pn_uid']}'\n\t\t\t\t\tAND pn_lastused > '" . pnVarPrepForStore($activetime) . "'";
$userresult = $dbconn->Execute($userhack);
$online_state = $userresult->GetRowAssoc(false);
if (isset($online_state['pn_uid'])) {
$online = _ONLINE;
} else {
$online = _OFFLINE;
}
echo "<font class=\"pn-normal\"><br>" . _USERSTATUS . ": " . pnVarPrepForDisplay($online) . "<br></font>\n";
if (pnModAvailable('Messages')) {
echo "<font class=\"pn-normal\"><br>[ <a class=\"pn-normal\" href=\"modules.php?op=modload&name=Messages&file=replypmsg&send=1&uname={$uname}\">" . _USENDPRIVATEMSG . " " . pnVarPrepForDisplay($uname) . "</a> ]<br></font>\n";
}
echo "</center>";
if (pnModAvailable('Comments')) {
user_main_last10com($uname);
echo "<br>";
}
if (pnModAvailable('News')) {
user_main_last10submit($uname);
}
} else {
echo "<center><font class=\"pn-normal\">" . _NOINFOFOR . " " . pnVarPrepForDisplay($uname) . "</font></center>";
}
CloseTable();
include "footer.php";
}
// echo " <title>Search ".$title."</title>\n";
// echo " <name>op=modload&name=Search&file=index&action=search&active_stories=1&Search</name>\n";
// echo " <link>".$link."/modules.php</link>\n";
// echo "</textinput>\n";
echo "<image>\n";
echo " <title>{$image_title}</title>\n";
echo " <url>{$image_url}</url>\n";
echo " <link>{$image_link}</link>\n";
echo "</image>\n";
echo "<webMaster>{$webmaster}</webMaster>\n";
if ($managingeditor != "") {
echo "<managingEditor>{$managingeditor}</managingEditor>\n";
}
// while(list($sid, $title) = $result->fields) {
while (list($sid, $title, $ihome, $hometext) = $result->fields) {
$title = pnVarPrepHTMLDisplay($title);
$link = pnVarPrepForDisplay(pnGetBaseURL() . "modules.php?op=modload&name=News&file=article&sid={$sid}");
$content = pnVarPrepForDisplay($hometext);
echo "<item>\n";
echo "<title>{$title}</title>\n";
echo "<link>{$link}</link>\n";
if ($show_content) {
echo "<description>\n";
echo $content;
echo "</description>\n";
}
echo "</item>\n";
$result->MoveNext();
}
echo "</channel>\n";
echo "</rss>\n";
/**
* Update module config.
*/
function Meds_admin_update_config()
{
// Permission check.
if (!pnSecAuthAction(0, 'Meds::', '::', ACCESS_ADMIN)) {
return pnVarPrepHTMLDisplay(_MODULENOAUTH);
}
// Clean arguments from URL.
$per_page = pnVarCleanFromInput('per_page');
// Confirm authorizaton to carry out this function's action.
if (!pnSecConfirmAuthKey()) {
pnSessionSetVar('errormsg', pnVarPrepHTMLDisplay(_BADAUTHKEY));
return pnRedirect(pnModURL('Meds', 'admin', 'main'));
}
// Ensure a default.
if (empty($per_page) || !is_numeric($per_page) || $per_page < 1) {
$per_page = 10;
}
// Set the module variable.
pnModSetVar('Meds', 'per_page', (int) $per_page);
// Start a new output object.
$pnRender =& new pnRender('Meds');
// Dump module cache.
$pnRender->clear_cache();
// Set a status message.
pnSessionSetVar('statusmsg', _CONFIGUPDATED);
// Let any hooks know that something occurred.
pnModCallHooks('module', 'updateconfig', 'Meds', array('module' => 'Meds'));
// Redirect user.
return pnRedirect(pnModURL('Meds', 'admin', 'main'));
}
