function invitetogroup_submit(Pieform $form, $values)
{
global $SESSION, $USER, $group, $user;
group_invite_user($group, $user->id, $USER, isset($values['role']) ? $values['role'] : null);
$SESSION->add_ok_msg(get_string('userinvited', 'group'));
redirect(profile_url($user));
}
function requestfriendship_submit(Pieform $form, $values)
{
global $USER, $SESSION, $id, $goto;
$loggedinid = $USER->get('id');
$user = get_record('usr', 'id', $id);
// friend db record
$f = new StdClass();
$f->ctime = db_format_timestamp(time());
// notification info
$n = new StdClass();
$n->url = profile_url($USER, false);
$n->users = array($user->id);
$n->fromuser = $loggedinid;
$lang = get_user_language($user->id);
$displayname = display_name($USER, $user);
$n->strings = new stdClass();
$n->strings->urltext = (object) array('key' => 'Requests');
$f->owner = $id;
$f->requester = $loggedinid;
$f->message = $values['message'];
insert_record('usr_friend_request', $f);
$n->subject = get_string_from_language($lang, 'requestedfriendlistsubject', 'group');
if (isset($values['message']) && !empty($values['message'])) {
$n->message = get_string_from_language($lang, 'requestedfriendlistmessageexplanation', 'group', $displayname) . $values['message'];
} else {
$n->message = get_string_from_language($lang, 'requestedfriendlistinboxmessage', 'group', $displayname);
}
require_once 'activity.php';
activity_occurred('maharamessage', $n);
handle_event('addfriendrequest', array('requester' => $loggedinid, 'owner' => $id));
$SESSION->add_ok_msg(get_string('friendformrequestsuccess', 'group', display_name($id)));
redirect($goto);
}
public static function render_instance(BlockInstance $instance, $editing = false)
{
global $USER;
require_once get_config('docroot') . 'lib/view.php';
$configdata = $instance->get('configdata');
// this will make sure to unserialize it for us
$configdata['viewid'] = $instance->get('view');
$view = new View($configdata['viewid']);
$group = $view->get('group');
$result = '';
$artefactid = isset($configdata['artefactid']) ? $configdata['artefactid'] : null;
if ($artefactid) {
$artefact = $instance->get_artefact_instance($configdata['artefactid']);
if (!file_exists($artefact->get_path())) {
return '';
}
$urlbase = get_config('wwwroot');
// edit view doesn't use subdomains, neither do groups
if (get_config('cleanurls') && get_config('cleanurlusersubdomains') && !$editing && empty($group)) {
$viewauthor = new User();
$viewauthor->find_by_id($view->get('owner'));
$viewauthorurlid = $viewauthor->get('urlid');
if ($urlallowed = !is_null($viewauthorurlid) && strlen($viewauthorurlid)) {
$urlbase = profile_url($viewauthor) . '/';
}
}
// Send the current language to the pdf viewer
$language = current_language();
$language = str_replace('_', '-', substr($language, 0, substr_count($language, '_') > 0 ? 5 : 2));
if ($language != 'en' && !file_exists(get_config('docroot') . 'artefact/file/blocktype/pdf/js/pdfjs/web/locale/' . $language . '/viewer.properties')) {
// In case the language file exists as a string with both lower and upper case, eg fr_FR we test for this
$language = substr($language, 0, 2) . '-' . strtoupper(substr($language, 0, 2));
if (!file_exists(get_config('docroot') . 'artefact/file/blocktype/pdf/js/pdfjs/web/locale/' . $language . '/viewer.properties')) {
// In case we fail to find a language of 5 chars, eg pt_BR (Portugese, Brazil) we try the 'parent' pt (Portugese)
$language = substr($language, 0, 2);
if ($language != 'en' && !file_exists(get_config('docroot') . 'artefact/file/blocktype/pdf/js/pdfjs/web/locale/' . $language . '/viewer.properties')) {
$language = 'en-GB';
}
}
}
$result = '<iframe src="' . $urlbase . 'artefact/file/blocktype/pdf/viewer.php?editing=' . $editing . '&ingroup=' . !empty($group) . '&file=' . $artefactid . '&lang=' . $language . '&view=' . $instance->get('view') . '" width="100%" height="500" frameborder="0"></iframe>';
require_once get_config('docroot') . 'artefact/comment/lib.php';
require_once get_config('docroot') . 'lib/view.php';
$view = new View($configdata['viewid']);
list($commentcount, $comments) = ArtefactTypeComment::get_artefact_comments_for_view($artefact, $view, $instance->get('id'), true, $editing);
}
$smarty = smarty_core();
if ($artefactid) {
$smarty->assign('commentcount', $commentcount);
$smarty->assign('comments', $comments);
}
$smarty->assign('html', $result);
return $smarty->fetch('blocktype:pdf:pdfrender.tpl');
}
/**
* Given a query string and limits, return an array of matching users using the
* search plugin defined in config.php
*
* @param string The query string
* @param integer How many results to return
* @param integer What result to start at (0 == first result)
* @return array A data structure containing results looking like ...
* $results = array(
* count => integer, // total number of results
* limit => integer, // how many results are returned
* offset => integer, // starting from which result
* results => array( // the result records
* array(
* id => integer,
* username => string,
* institution => string,
* firstname => string,
* lastname => string,
* preferredname => string,
* email => string,
* ),
* array(
* id => integer,
* username => string,
* institution => string,
* firstname => string,
* lastname => string,
* preferredname => string,
* email => string,
* ),
* array(...),
* ),
* );
*/
function search_user($query_string, $limit, $offset = 0, $data = array())
{
$plugin = get_config('searchplugin');
safe_require('search', $plugin);
$results = call_static_method(generate_class_name('search', $plugin), 'search_user', $query_string, $limit, $offset, $data);
if ($results['data']) {
foreach ($results['data'] as &$result) {
$result['name'] = display_name($result);
$result['url'] = profile_url($result);
}
}
return $results;
}
/**
* Notify user (if configured), do the masquerading and emit event. Called when
* no (further) interaction with the admin is needed before the loginas.
*
* @param string $why The masquerading reason (if given) or null.
*/
function do_masquerade($why = null)
{
global $USER, $SESSION;
$id = param_integer('id');
$who = display_name($USER, $id);
$when = format_date(time());
if (get_config('masqueradingnotified')) {
$msg = (object) array('subject' => get_string('masqueradenotificationsubject', 'admin'), 'message' => $why === null ? get_string('masqueradenotificationnoreason', 'admin', $who, $when) : get_string('masqueradenotificationreason', 'admin', $who, $when, $why), 'users' => array($id), 'url' => profile_url($USER, false), 'urltext' => $who);
activity_occurred('maharamessage', $msg);
$SESSION->add_info_msg(get_string('masqueradenotificationdone', 'admin'));
}
$USER->change_identity_to($id);
// Permissions checking is done in here
handle_event('loginas', array('who' => $who, 'when' => $when, 'reason' => $why));
redirect(get_config('wwwroot'));
}
function denyrequest_submit(Pieform $form, $values)
{
global $USER, $SESSION, $id;
$loggedinid = $USER->get('id');
$user = get_record('usr', 'id', $id);
// friend db record
$f = new StdClass();
$f->ctime = db_format_timestamp(time());
// notification info
$n = new StdClass();
$n->url = profile_url($USER, false);
$n->users = array($user->id);
$n->fromuser = $USER->get('id');
$lang = get_user_language($user->id);
$displayname = display_name($USER, $user);
$n->urltext = $displayname;
delete_records('usr_friend_request', 'owner', $loggedinid, 'requester', $id);
$n->subject = get_string_from_language($lang, 'friendrequestrejectedsubject', 'group');
if (isset($values['reason']) && !empty($values['reason'])) {
$n->message = get_string_from_language($lang, 'friendrequestrejectedmessagereason', 'group', $displayname) . $values['reason'];
} else {
$n->message = get_string_from_language($lang, 'friendrequestrejectedmessage', 'group', $displayname);
}
require_once 'activity.php';
activity_occurred('maharamessage', $n);
handle_event('removefriendrequest', array('owner' => $loggedinid, 'requester' => $id));
$SESSION->add_ok_msg(get_string('friendformrejectsuccess', 'group'));
$offset = param_integer('offset', 0);
switch (param_alpha('returnto', 'myfriends')) {
case 'find':
$goto = 'user/find.php';
break;
case 'view':
$goto = profile_url($user, false);
break;
default:
$goto = 'user/myfriends.php';
break;
}
$goto .= strpos($goto, '?') ? '&offset=' . $offset : '?offset=' . $offset;
$goto = get_config('wwwroot') . $goto;
redirect($goto);
}
public function Contacts()
{
$time = time() - 60 * 2;
$sql = "SELECT t.id_user as id, t.name as name, t.lastname as lastname, a.company as company, a.id_company as idcompany, t.connection,\n IF(t.id_file, t.id_file, a.id_file) as pictureid, IF(t.id_file, f.file, f2.file) as picture, IF(a.id_company = '{$this->MApp->user->company}', 0, 1) as companyu\n FROM {$this->dbglobal}user as t \n LEFT JOIN {$this->dbglobal}company a on t.id_company = a.id_company\n LEFT JOIN {$this->dbglobal}company_relation cr on t.id_company = cr.id_relation\n left join {$this->dbglobal}nz_file f on f.id_file = t.id_file\n left join {$this->dbglobal}nz_file f2 on f2.id_file = a.id_file\n WHERE t.id_user != '{$this->MApp->user->id}' and t.active = '1' and t.valid = '1' and (cr.id_company = '{$this->MApp->user->company}' OR t.id_company = '{$this->MApp->user->company}' )\n ORDER BY companyu, a.company, t.name, t.lastname";
$users = $this->db->query($sql)->result();
foreach ($users as $key => $user) {
$user->status = $this->ContactStatus($user->connection);
unset($users[$key]->companyu);
$user->opened = round($this->session->userdata('udata-user-chat-' . $user->id));
$user->size = round($this->session->userdata('udata-user-chat-' . $user->id . '-size'));
if ($user->pictureid) {
$users[$key]->picture = profile_url($user->pictureid, $user->picture);
} else {
$users[$key]->picture = '';
}
unset($users[$key]->pictureid);
}
return $users;
}
public static function getRecordDataById($type, $id)
{
$sql = 'SELECT p1.id, p1.topic, p1.parent, p1.poster, COALESCE(p1.subject, p2.subject) AS subject, p2.subject,
p1.body, p1.ctime, p1.deleted, p1.sent, p1.path,
u.username, u.preferredname, u.firstname, u.lastname, u.profileicon,
f.title as forumname, f.id as forumid,
g.name as groupname, g.id as groupid
FROM {interaction_forum_post} p1
LEFT JOIN {interaction_forum_post} p2 ON p2.parent IS NULL AND p2.topic = p1.topic
LEFT JOIN {usr} u ON u.id = p1.poster
LEFT JOIN {interaction_forum_topic} ift on p1.topic = ift.id
LEFT JOIN {interaction_instance} f ON ift.forum = f.id AND f.plugin=\'forum\'
LEFT JOIN {group} g ON f.group = g.id
WHERE p1.id = ?';
$record = get_record_sql($sql, array($id));
if (!$record || $record->deleted) {
return false;
}
$record->body = str_replace(array("\r\n", "\n", "\r"), ' ', strip_tags($record->body));
$record->ctime = format_date(strtotime($record->ctime));
$record->authorlink = '<a href="' . profile_url($record->poster) . '" class="forumuser">' . display_name($record->poster, null, true) . '</a>';
return $record;
}
public static function build_html(&$data, $onview)
{
global $USER, $THEME;
$candelete = $data->canedit || $USER->get('admin');
$deletedmessage = array();
foreach (ArtefactTypeAnnotationfeedback::deleted_by_types_description() as $k => $v) {
$deletedmessage[$k] = get_string($v, 'artefact.annotation');
}
$authors = array();
$lastcomment = self::last_public_annotation_feedback($data->annotation, $data->view, $data->artefact);
$editableafter = time() - 60 * get_config_plugin('artefact', 'annotation', 'commenteditabletime');
foreach ($data->data as &$item) {
$isadminfeedback = $item->admin == 1 || $item->staff == 1 || $item->feedbackinstitutionadmin == 1 || $item->feedbackinstitutionstaff == 1;
$item->ts = strtotime($item->ctime);
$item->date = format_date($item->ts, 'strftimedatetime');
if ($item->ts < strtotime($item->lastcontentupdate)) {
$item->updated = format_date(strtotime($item->lastcontentupdate), 'strftimedatetime');
}
$item->isauthor = $item->author && $item->author == $USER->get('id');
if ($item->private) {
$item->pubmessage = get_string('annotationfeedbackisprivate', 'artefact.annotation');
}
if (isset($data->showcomment) && $data->showcomment == $item->id) {
$item->highlight = 1;
}
$is_export_preview = param_integer('export', 0);
if ($item->deletedby) {
$item->deletedmessage = $deletedmessage[$item->deletedby];
} else {
if (($candelete || $item->isauthor) && !$is_export_preview && !$isadminfeedback) {
// If the auther was admin/staff and not the owner of the annotation,
// the feedback can't be deleted.
$item->deleteform = pieform(self::delete_annotation_feedback_form($data->annotation, $data->view, $data->artefact, $data->block, $item->id));
}
}
// Comment authors can edit recent comments if they're private or if no one has replied yet.
if (!$item->deletedby && $item->isauthor && !$is_export_preview && ($item->private || $item->id == $lastcomment->id) && $item->ts > $editableafter) {
$item->canedit = 1;
}
// Form to make private comment public, or request that a
// private comment be made public.
if (!$item->deletedby && $item->private && $item->author && $data->owner && ($item->isauthor || $data->isowner)) {
if (empty($item->requestpublic) && $data->isowner || $item->isauthor && $item->requestpublic == 'owner' || $data->isowner && $item->requestpublic == 'author') {
if (!$is_export_preview) {
$item->makepublicform = pieform(self::make_annotation_feedback_public_form($data->annotation, $data->view, $data->artefact, $data->block, $item->id));
}
} else {
if ($item->isauthor && $item->requestpublic == 'author' || $data->isowner && $item->requestpublic == 'owner') {
$item->makepublicrequested = 1;
}
}
} else {
if (!$item->deletedby && $item->private && !$item->author && $data->owner && $data->isowner && $item->requestpublic == 'author' && !$is_export_preview) {
$item->makepublicform = pieform(self::make_annotation_feedback_public_form($data->annotation, $data->view, $data->artefact, $data->block, $item->id));
} else {
if (!$item->deletedby && $item->private && !$data->owner && $item->group && $item->requestpublic == 'author') {
// no owner as comment is on a group view / artefact
if ($item->isauthor) {
$item->makepublicrequested = 1;
} else {
if ($data->artefact && $data->canedit || $data->view && $data->canedit && !$is_export_preview) {
$item->makepublicform = pieform(self::make_annotation_feedback_public_form($data->annotation, $data->view, $data->artefact, $data->block, $item->id));
} else {
$item->makepublicrequested = 1;
}
}
}
}
}
if ($item->author) {
if (isset($authors[$item->author])) {
$item->author = $authors[$item->author];
} else {
$item->author = $authors[$item->author] = (object) array('id' => $item->author, 'username' => $item->username, 'firstname' => $item->firstname, 'lastname' => $item->lastname, 'preferredname' => $item->preferredname, 'email' => $item->email, 'staff' => $item->staff, 'admin' => $item->admin, 'deleted' => $item->deleted, 'profileicon' => $item->profileicon, 'profileurl' => profile_url($item->author));
}
}
}
$extradata = array('annotation' => $data->annotation, 'view' => $data->view, 'artefact' => !empty($data->artefact) ? $data->artefact : '', 'blockid' => $data->block);
$data->jsonscript = 'artefact/annotation/annotations.json.php';
$data->baseurl = get_config('wwwroot') . 'artefact/artefact.php?' . 'artefact=' . $data->annotation . '&view=' . $data->view . (isset($data->block) ? '&block=' . $data->block : '');
$smarty = smarty_core();
$smarty->assign_by_ref('data', $data->data);
$smarty->assign('canedit', $data->canedit);
$smarty->assign('viewid', $data->view);
$smarty->assign('position', $data->position);
$smarty->assign('baseurl', $data->baseurl);
$data->tablerows = $smarty->fetch('artefact:annotation:annotationlist.tpl');
$pagination = build_pagination(array('id' => 'annotationfeedback_pagination_' . $data->block, 'class' => 'center', 'url' => $data->baseurl, 'jsonscript' => $data->jsonscript, 'datatable' => 'annotationfeedbacktable_' . $data->block, 'count' => $data->count, 'limit' => $data->limit, 'offset' => $data->offset, 'forceoffset' => isset($data->forceoffset) ? $data->forceoffset : null, 'resultcounttextsingular' => get_string('annotation', 'artefact.annotation'), 'resultcounttextplural' => get_string('annotations', 'artefact.annotation'), 'extradata' => $extradata));
$data->pagination = $pagination['html'];
$data->pagination_js = $pagination['javascript'];
}
/**
* Get all views for a (user,group,institution), grouping views
* into their collections. Empty collections not returned.
*
* @param mixed $owner integer userid or array of userids
* @param mixed $group integer groupid or array of groupids
* @param mixed $institution string institution name or array of institution names
* @param string $matchconfig record all matches with given config hash (see set_access)
* @param boolean $includeprofile include profile view
* @param integer $submittedgroup return only views & collections submitted to this group
* @param $string $sort Order to sort by (defaults to 'c.name, v.title')
*
* @return array, array
*/
function get_views_and_collections($owner = null, $group = null, $institution = null, $matchconfig = null, $includeprofile = true, $submittedgroup = null, $sort = null)
{
$excludelocked = $group && group_user_access($group) != 'admin';
// Anonymous public viewing of a group with 'Allow submissions' checked needs to avoid including the dummy root profile page.
if ($owner == '0') {
$includeprofile = false;
}
$sql = "\n SELECT v.id, v.type, v.title, v.accessconf, v.ownerformat, v.startdate, v.stopdate, v.template,\n v.owner, v.group, v.institution, v.urlid, v.submittedgroup, v.submittedhost, " . db_format_tsfield('v.submittedtime', 'submittedtime') . ", v.submittedstatus,\n c.id AS cid, c.name AS cname,\n c.submittedgroup AS csubmitgroup, c.submittedhost AS csubmithost, " . db_format_tsfield('c.submittedtime', 'csubmittime') . ", c.submittedstatus AS csubmitstatus\n FROM {view} v\n LEFT JOIN {collection_view} cv ON v.id = cv.view\n LEFT JOIN {collection} c ON cv.collection = c.id\n WHERE v.type IN ('portfolio'";
$sql .= $includeprofile ? ", 'profile') " : ') ';
$sql .= $excludelocked ? 'AND v.locked != 1 ' : '';
if (is_null($owner) && is_null($group) && is_null($institution)) {
$values = array();
} else {
list($ownersql, $values) = self::multiple_owner_sql((object) array('owner' => $owner, 'group' => $group, 'institution' => $institution));
$sql .= "AND v.{$ownersql} ";
}
if ($submittedgroup) {
$sql .= 'AND v.submittedgroup = ? ';
$values[] = (int) $submittedgroup;
}
if ($sort == null) {
$sql .= 'ORDER BY c.name, v.title';
} else {
$sql .= "ORDER BY {$sort}";
}
$records = get_records_sql_assoc($sql, $values);
$collections = array();
$views = array();
if (!$records) {
return array($collections, $views);
}
self::get_extra_view_info($records, false, false);
foreach ($records as &$r) {
$vid = $r['id'];
$cid = $r['cid'];
$v = array('id' => $vid, 'type' => $r['type'], 'name' => $r['displaytitle'], 'url' => $r['fullurl'], 'startdate' => $r['startdate'], 'stopdate' => $r['stopdate'], 'template' => $r['template'], 'owner' => $r['owner'], 'submittedgroup' => $r['submittedgroup'], 'submittedhost' => $r['submittedhost'], 'submittedtime' => $r['submittedtime'], 'submittedstatus' => $r['submittedstatus']);
if (isset($r['user'])) {
$v['ownername'] = display_name($r['user']);
$v['ownerurl'] = profile_url($r['user']);
}
// If filtering by submitted views, and the view is submitted, but the collection isn't,
// then ignore the collection and return the view by itself.
if ($cid && (!$submittedgroup || $r['csubmitgroup'] == $r['submittedgroup'])) {
if (!isset($collections[$cid])) {
$collections[$cid] = array('id' => $cid, 'name' => $r['cname'], 'url' => $r['fullurl'], 'owner' => $r['owner'], 'group' => $r['group'], 'institution' => $r['institution'], 'submittedgroup' => $r['csubmitgroup'], 'submittedhost' => $r['csubmithost'], 'submittedtime' => $r['csubmittime'], 'submittedstatus' => $r['csubmitstatus'], 'template' => $r['template'], 'views' => array());
if (isset($r['user'])) {
$collections[$cid]['ownername'] = $v['ownername'];
$collections[$cid]['ownerurl'] = $v['ownerurl'];
}
if ($matchconfig && $matchconfig == $r['accessconf']) {
$collections[$cid]['match'] = true;
}
}
$collections[$cid]['views'][$vid] = $v;
} else {
$views[$vid] = $v;
if ($matchconfig && $matchconfig == $r['accessconf']) {
$views[$vid]['match'] = true;
}
}
}
return array($collections, $views);
}
public function get_htmlmessage($user)
{
$viewtitle = hsc($this->view->get('title'));
$reportername = hsc(display_default_name($this->reporter));
$reporterurl = profile_url($this->reporter);
$ctime = strftime(get_string_from_language($user->lang, 'strftimedaydatetime'), $this->ctime);
$message = hsc($this->message);
if (empty($this->artefact)) {
return get_string_from_language($user->lang, 'objectionablecontentviewhtml', 'activity', $viewtitle, $reportername, $ctime, $message, $this->view->get_url(), $viewtitle, $reporterurl, $reportername);
} else {
return get_string_from_language($user->lang, 'objectionablecontentviewartefacthtml', 'activity', $viewtitle, hsc($this->artefact->get('title')), $reportername, $ctime, $message, $this->view->get_url(), $viewtitle, $reporterurl, $reportername);
}
}
define('PUBLIC', 1);
require dirname(dirname(dirname(dirname(dirname(__FILE__))))) . '/init.php';
require_once get_config('docroot') . '/artefact/lib.php';
$fileid = param_integer('file');
$viewid = param_integer('view');
$editing = param_boolean('editing', false);
$ingroup = param_boolean('ingroup', false);
if (!artefact_in_view($fileid, $viewid)) {
throw new AccessDeniedException('');
}
if (!can_view_view($viewid)) {
throw new AccessDeniedException('');
}
$file = artefact_instance_from_id($fileid);
if (!$file instanceof ArtefactTypeFile) {
throw new NotFoundException();
}
$urlbase = get_config('wwwroot');
if (get_config('cleanurls') && get_config('cleanurlusersubdomains') && !$editing && !$ingroup) {
$view = new View($viewid);
$viewauthor = new User();
$viewauthor->find_by_id($view->get('owner'));
$viewauthorurlid = $viewauthor->get('urlid');
if ($urlallowed = !is_null($viewauthorurlid) && strlen($viewauthorurlid)) {
$urlbase = profile_url($viewauthor) . '/';
}
}
$smarty = smarty();
$smarty->assign('url', $urlbase . 'artefact/file/download.php?file=' . $fileid . '&view=' . $viewid);
$smarty->assign('title', $file->get('title'));
$smarty->display('blocktype:pdf:pdf.tpl');
/**
* Given a list of artefact ids, return a name and url for the thing that
* owns each artefact, suitable for display.
*
* @param array $ids list of artefact ids
*
* @return array list of StdClass objects, each containing a name & url property
*/
function artefact_get_owner_info($ids)
{
$data = get_records_sql_assoc('
SELECT
a.id AS aid, a.owner, a.group, a.institution,
u.id, u.username, u.firstname, u.lastname, u.preferredname, u.email, u.urlid,
g.name AS groupname, g.urlid as groupurlid,
i.displayname
FROM
{artefact} a
LEFT JOIN {usr} u ON a.owner = u.id
LEFT JOIN {group} g ON a.group = g.id
LEFT JOIN {institution} i ON a.institution = i.name
WHERE
a.id IN (' . join(',', array_fill(0, count($ids), '?')) . ')', $ids);
$wwwroot = get_config('wwwroot');
foreach ($data as &$d) {
if ($d->institution == 'mahara') {
$name = get_config('sitename');
$url = $wwwroot;
} else {
if ($d->institution) {
$name = $d->displayname;
$url = $wwwroot . 'institution/index.php?institution=' . $d->institution;
} else {
if ($d->group) {
$name = $d->groupname;
$url = group_homepage_url((object) array('id' => $d->group, 'urlid' => $d->groupurlid));
} else {
$name = display_name($d);
$url = profile_url($d);
}
}
}
$d = (object) array('name' => $name, 'url' => $url);
}
return $data;
}
$template->assign_block_vars('switch_no_members', array());
}
// No group members
if ($group_info['group_type'] == GROUP_HIDDEN && !$is_group_member && !$is_moderator) {
$template->assign_block_vars('switch_hidden_group', array());
}
// Pending
if ($is_moderator) {
$modgroup_pending_list = DB()->fetch_rowset("\n\t\t\t\t\tSELECT u.username, u.avatar_ext_id, u.user_rank, u.user_id, u.user_opt, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email\n\t\t\t\t\tFROM " . BB_USER_GROUP . " ug, " . BB_USERS . " u\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND ug.user_pending = 1\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\tORDER BY u.username\n\t\t\t\t\tLIMIT 200\n\t\t\t\t");
$modgroup_pending_count = count($modgroup_pending_list);
}
if ($is_moderator && $modgroup_pending_list) {
foreach ($modgroup_pending_list as $i => $member) {
$user_id = $member['user_id'];
generate_user_info($member, $bb_cfg['default_dateformat'], $is_moderator, $from, $posts, $joined, $pm, $email, $www, $user_time, $avatar);
$row_class = !($i % 2) ? 'row1' : 'row2';
$user_select = '<input type="checkbox" name="member[]" value="' . $user_id . '">';
$template->assign_block_vars('pending', array('ROW_CLASS' => $row_class, 'AVATAR_IMG' => $avatar, 'USER' => profile_url($member), 'FROM' => $from, 'JOINED' => $joined, 'POSTS' => $posts, 'USER_ID' => $user_id, 'PM' => $pm, 'EMAIL' => $email));
}
$template->assign_vars(array('PENDING_USERS' => true));
}
$template->assign_vars(array('MEMBERS' => true));
}
if ($is_moderator) {
$template->assign_block_vars('switch_mod_option', array());
$template->assign_block_vars('switch_add_member', array());
}
}
}
}
print_page('group.tpl');
/**
* Returns data about available skins. Tightly coupled with view/skin.php, which uses it to
* display the skins picker
* @param int $limit
* @param int $offset
* @param string $filter Should be: all, public, user, or site
* @return object
*/
public static function get_myskins_data($limit = 9, $offset = 0, $filter = 'all')
{
global $USER;
$userid = $USER->get('id');
$owner = null;
$favorites = get_field('skin_favorites', 'favorites', 'user', $userid);
$favorites = unserialize($favorites);
if (!is_array($favorites)) {
$favorites = array();
}
$sort = 'title, id';
$cols = 'id, title, description, owner, type, ctime, mtime';
switch ($filter) {
case 'public':
$count = count_records('skin', 'type', 'public');
$skindata = get_records_array('skin', 'type', 'public', $sort, $cols, $offset, $limit);
break;
case 'user':
$count = count_records_select('skin', 'owner = ? and type != ?', array($userid, 'site'));
$skindata = get_records_select_array('skin', 'owner = ? and type != ?', array($userid, 'site'), $sort, $cols, $offset, $limit);
break;
case 'site':
$count = count_records('skin', 'type', 'site');
$skindata = get_records_array('skin', 'type', 'site', $sort, $cols, $offset, $limit);
break;
default:
$count = count_records_select('skin', 'owner = ? or type in (?, ?)', array($userid, 'site', 'public'));
$skindata = get_records_select_array('skin', 'owner = ? or type in (?, ?)', array($userid, 'site', 'public'), $sort, $cols, $offset, $limit);
break;
}
$data = array();
if ($skindata) {
for ($i = 0; $i < count($skindata); $i++) {
$skinobj = new Skin(0, $skindata[$i]);
$index[$skindata[$i]->id] = $i;
$data[$i]['id'] = $skindata[$i]->id;
$data[$i]['title'] = $skindata[$i]->title;
$data[$i]['owner'] = $skindata[$i]->owner;
$data[$i]['type'] = $skindata[$i]->type;
if ($skinobj->can_edit()) {
$data[$i]['removable'] = true;
$data[$i]['editable'] = true;
}
if (in_array($skindata[$i]->id, $favorites)) {
$data[$i]['favorite'] = true;
} else {
$data[$i]['favorite'] = false;
}
$owner = new User();
$owner->find_by_id($skindata[$i]->owner);
$data[$i]['metadata'] = array('displayname' => display_name($owner), 'profileurl' => profile_url($owner), 'description' => nl2br($skindata[$i]->description), 'ctime' => format_date(strtotime($skindata[$i]->ctime)), 'mtime' => format_date(strtotime($skindata[$i]->mtime)));
}
}
return (object) array('data' => $data, 'count' => $count);
}
if (!$user_id) {
$this->ajax_die($lang['NO_USER_ID_SPECIFIED']);
}
$reg_ip = DB()->fetch_rowset("SELECT username, user_id, user_rank FROM " . BB_USERS . "\n\t\t\tWHERE user_reg_ip = '{$profiledata['user_reg_ip']}'\n\t\t\t\tAND user_reg_ip != ''\n\t\t\t\tAND user_id != {$profiledata['user_id']}\n\t\t\tORDER BY username ASC");
$last_ip = DB()->fetch_rowset("SELECT username, user_id, user_rank FROM " . BB_USERS . "\n\t\t\tWHERE user_last_ip = '{$profiledata['user_last_ip']}'\n\t\t\t\tAND user_last_ip != ''\n\t\t\t\tAND user_id != {$profiledata['user_id']}");
$link_reg_ip = $link_last_ip = '';
if (!empty($reg_ip)) {
$link_reg_ip .= $lang['OTHER_IP'] . ' ';
foreach ($reg_ip as $row) {
$link_reg_ip .= profile_url($row) . ' ';
}
}
if (!empty($last_ip)) {
$link_last_ip .= $lang['OTHER_IP'] . ' ';
foreach ($last_ip as $row) {
$link_last_ip .= profile_url($row) . ' ';
}
}
if ($profiledata['user_level'] == ADMIN && !IS_ADMIN) {
$reg_ip = $last_ip = $lang['HIDDEN'];
} elseif ($profiledata['user_level'] == MOD && IS_MOD) {
$reg_ip = $last_ip = $lang['HIDDEN'];
} else {
$user_reg_ip = decode_ip($profiledata['user_reg_ip']);
$user_last_ip = decode_ip($profiledata['user_last_ip']);
$reg_ip = '<a href="' . $bb_cfg['whois_info'] . $user_reg_ip . '" class="gen" target="_blank">' . $user_reg_ip . '</a>';
$last_ip = '<a href="' . $bb_cfg['whois_info'] . $user_last_ip . '" class="gen" target="_blank">' . $user_last_ip . '</a>';
}
$this->response['ip_list_html'] = '
<br /><table class="mod_ip bCenter borderless" cellspacing="1">
<tr class="row5" >
/**
* creates the profile sideblock
*/
function profile_sideblock()
{
global $USER, $SESSION;
safe_require('notification', 'internal');
require_once 'group.php';
require_once 'institution.php';
$data = array('id' => $USER->get('id'), 'myname' => display_name($USER, null, true), 'username' => $USER->get('username'), 'url' => profile_url($USER), 'profileiconurl' => get_config('wwwroot') . 'artefact/file/profileicons.php');
$authinstance = $SESSION->get('mnetuser') ? $SESSION->get('authinstance') : $USER->get('authinstance');
if ($authinstance) {
$authobj = AuthFactory::create($authinstance);
if ($authobj->authname == 'xmlrpc') {
$peer = get_peer($authobj->wwwroot);
if ($SESSION->get('mnetuser')) {
$data['mnetloggedinfrom'] = get_string('youhaveloggedinfrom1', 'auth.xmlrpc', $authobj->wwwroot, $peer->name);
} else {
$data['peer'] = array('name' => $peer->name, 'wwwroot' => $peer->wwwroot);
}
}
}
$invitedgroups = get_records_sql_array('SELECT g.*, gmi.ctime, gmi.reason
FROM {group} g
JOIN {group_member_invite} gmi ON gmi.group = g.id
WHERE gmi.member = ? AND g.deleted = ?', array($USER->get('id'), 0));
$data['invitedgroups'] = $invitedgroups ? count($invitedgroups) : 0;
$data['invitedgroupsmessage'] = $data['invitedgroups'] == 1 ? get_string('invitedgroup') : get_string('invitedgroups');
$data['pendingfriends'] = count_records('usr_friend_request', 'owner', $USER->get('id'));
$data['pendingfriendsmessage'] = $data['pendingfriends'] == 1 ? get_string('pendingfriend') : get_string('pendingfriends');
// Check if we want to limit the displayed groups by the account setting
$limitto = null;
$limit = $USER->get_account_preference('groupsideblockmaxgroups');
if (isset($limit) && is_numeric($limit)) {
$limitto = intval($limit);
}
$sort = null;
if ($sortorder = $USER->get_account_preference('groupsideblocksortby')) {
$sort = $sortorder;
}
if ($limitto === null) {
$data['groups'] = group_get_user_groups($USER->get('id'), null, $sort);
$total = count($data['groups']);
} else {
if ($limitto === 0) {
$data['groups'] = null;
} else {
list($data['groups'], $total) = group_get_user_groups($USER->get('id'), null, $sort, $limitto);
}
}
$limitstr = '';
if (!empty($limitto) && $limitto < $total) {
switch ($sort) {
case 'earliest':
$limitstr = get_string('numberofmygroupsshowingearliest', 'blocktype.mygroups', $limitto, $total);
break;
case 'latest':
$limitstr = get_string('numberofmygroupsshowinglatest', 'blocktype.mygroups', $limitto, $total);
break;
default:
$limitstr = get_string('numberofmygroupsshowing', 'blocktype.mygroups', $limitto, $total);
break;
}
}
$data['grouplimitstr'] = $limitstr;
$data['views'] = get_records_sql_array('SELECT v.id, v.title, v.urlid, v.owner
FROM {view} v
INNER JOIN {view_tag} vt ON (vt.tag = ? AND vt.view = v.id)
WHERE v.owner = ?
ORDER BY v.title', array(get_string('profile'), $USER->get('id')));
if ($data['views']) {
require_once 'view.php';
foreach ($data['views'] as $v) {
$view = new View(0, (array) $v);
$view->set('dirty', false);
$v->fullurl = $view->get_url();
}
}
$data['artefacts'] = get_records_sql_array('SELECT a.id, a.artefacttype, a.title
FROM {artefact} a
INNER JOIN {artefact_tag} at ON (a.id = at.artefact AND tag = ?)
WHERE a.owner = ?
ORDER BY a.title', array(get_string('profile'), $USER->get('id')));
if (!empty($data['artefacts'])) {
// check if we have any blogposts and fetch their blog id if we do
foreach ($data['artefacts'] as $key => $value) {
if ($value->artefacttype == 'blogpost') {
$value->blogid = get_field('artefact', 'parent', 'id', $value->id);
}
}
}
return $data;
}
public static function wallpost_submit(Pieform $form, $values)
{
global $USER;
$record = (object) array('instance' => $values['instance'], 'from' => $USER->get('id'), 'replyto' => $values['replyto'] ? $values['replyto'] : null, 'private' => (int) (bool) $values['private'], 'postdate' => db_format_timestamp(time()), 'text' => $values['text']);
insert_record('blocktype_wall_post', $record);
$instance = new BlockInstance($values['instance']);
$owner = $instance->get_view()->get('owner');
$smarty = smarty_core();
$smarty->assign('instanceid', $instance->get('id'));
$smarty->assign('ownwall', !empty($USER) && $USER->get('id') == $owner);
if ($posts = self::fetch_posts($instance)) {
$smarty->assign('wallposts', $posts);
}
$renderedposts = $smarty->fetch('blocktype:wall:inlineposts.tpl');
$form->reply(PIEFORM_OK, array('message' => get_string('addpostsuccess', 'blocktype.wall'), 'posts' => $renderedposts, 'block' => $values['instance'], 'goto' => profile_url($owner)));
}
}
DB()->query("UPDATE " . BB_TOPICS . " SET topic_status = " . TOPIC_UNLOCKED . " WHERE topic_id = {$tor['topic_id']} LIMIT 1");
} else {
$this->verify_mod_rights($tor['forum_id']);
}
// Подтверждение изменения статуса, выставленного другим модератором
if ($tor['tor_status'] != TOR_NOT_APPROVED && $tor['checked_user_id'] != $userdata['user_id'] && $tor['checked_time'] + 2 * 3600 > TIMENOW) {
if (empty($this->request['confirmed'])) {
$msg = $lang['TOR_STATUS_OF'] . " {$lang['TOR_STATUS_NAME'][$tor['tor_status']]}\n\n";
$msg .= ($username = get_username($tor['checked_user_id'])) ? $lang['TOR_STATUS_CHANGED'] . html_entity_decode($username) . ", " . delta_time($tor['checked_time']) . $lang['TOR_BACK'] . "\n\n" : "";
$msg .= $lang['PROCEED'] . '?';
$this->prompt_for_confirm($msg);
}
}
change_tor_status($attach_id, $new_status);
$this->response['status'] = $bb_cfg['tor_icons'][$new_status] . ' <b> ' . $lang['TOR_STATUS_NAME'][$new_status] . '</b> · ' . profile_url($userdata) . ' · <i>' . delta_time(TIMENOW) . $lang['TOR_BACK'] . '</i>';
if ($bb_cfg['tor_comment'] && ($comment && $comment != $lang['COMMENT'] || in_array($new_status, $bb_cfg['tor_reply']))) {
if ($tor['poster_id'] > 0) {
$subject = sprintf($lang['TOR_MOD_TITLE'], $tor['topic_title']);
$message = sprintf($lang['TOR_MOD_MSG'], get_username($tor['poster_id']), make_url(TOPIC_URL . $tor['topic_id']), $bb_cfg['tor_icons'][$new_status] . ' ' . $lang['TOR_STATUS_NAME'][$new_status]);
if ($comment && $comment != $lang['COMMENT']) {
$message .= "\n\n[b]" . $lang['COMMENT'] . '[/b]: ' . $comment;
}
send_pm($tor['poster_id'], $subject, $message, $userdata['user_id']);
cache_rm_user_sessions($tor['poster_id']);
}
}
break;
case 'status_reply':
if (!$bb_cfg['tor_comment']) {
$this->ajax_die($lang['MODULE_OFF']);
if (!defined('BB_ROOT')) {
die(basename(__FILE__));
}
global $lang;
// Obtain user/online information
$logged_online = $guests_online = 0;
$time_online = TIMENOW - 300;
# $time_online = 0;
$ulist = array(ADMIN => array(), MOD => array(), GROUP_MEMBER => array(), USER => array());
$users_cnt = array('admin' => 0, 'mod' => 0, 'group_member' => 0, 'ignore_load' => 0, 'user' => 0, 'guest' => 0);
$online = $online_short = array('userlist' => '');
$sql = "\n\tSELECT\n\t\tu.username, u.user_id, u.user_opt, u.user_rank, u.user_level,\n\t\ts.session_logged_in, s.session_ip, (s.session_time - s.session_start) AS ses_len, COUNT(s.session_id) AS sessions, COUNT(DISTINCT s.session_ip) AS ips\n\tFROM " . BB_SESSIONS . " s, " . BB_USERS . " u\n\tWHERE s.session_time > {$time_online}\n\t\tAND u.user_id = s.session_user_id\n\tGROUP BY s.session_user_id\n\tORDER BY u.username\n";
foreach (DB()->fetch_rowset($sql) as $u) {
if ($u['session_logged_in']) {
$stat = array();
$name = profile_url($u);
$level = $u['user_level'];
if ($level == ADMIN) {
$name = "<b>{$name}</b>";
$users_cnt['admin']++;
} else {
if ($level == MOD) {
$name = "<b>{$name}</b>";
$users_cnt['mod']++;
} else {
if ($level == GROUP_MEMBER) {
$name = "<b>{$name}</b>";
$users_cnt['group_member']++;
} else {
$users_cnt['user']++;
}
}
// just in case, someone calls with replyto and returnto=view, which shouldn't
// happen anyway. But in that case, proceed to first user in recipient-list
if (sizeof($users) > 1) {
$user = $users[0];
}
}
define('TITLE', get_string('sendmessageto', 'module.multirecipientnotification'));
$returnto = param_alpha('returnto', 'myfriends');
$offset = param_integer('offset', 0);
switch ($returnto) {
case 'find':
$goto = 'user/find.php';
break;
case 'view':
$goto = profile_url($user, false);
break;
case 'inbox':
$goto = 'account/activity';
break;
case 'institution':
$goto = ($inst = param_alpha('inst', null)) ? 'institution/index.php?institution=' . $inst : 'account/activity';
break;
default:
$goto = 'module/multirecipientnotification/outbox.php';
break;
}
if ($offset > 0) {
$goto .= strpos($goto, '?') ? '&offset=' . $offset : '?offset=' . $offset;
}
$form = pieform(array('name' => 'sendmessage', 'autofocus' => false, 'validatecallback' => 'sendmessage_validate', 'elements' => array('recipients' => array('type' => 'autocomplete', 'title' => get_string('titlerecipient', 'module.multirecipientnotification'), 'defaultvalue' => $users, 'ajaxurl' => get_config('wwwroot') . 'module/multirecipientnotification/sendmessage.json.php', 'initfunction' => 'translate_ids_to_names', 'multiple' => true, 'ajaxextraparams' => array(), 'rules' => array('required' => true)), 'subject' => array('title' => get_string('titlesubject', 'module.multirecipientnotification'), 'type' => 'text', 'name' => 'subject', 'size' => '40', 'defaultvalue' => $subject, 'rules' => array('required' => true)), 'message' => array('type' => 'textarea', 'title' => $messages ? get_string('Reply', 'group') : get_string('message'), 'cols' => 80, 'rows' => 10, 'rules' => array('maxlength' => 65536, 'required' => true)), 'goto' => array('type' => 'hidden', 'value' => $goto), 'submit' => array('type' => 'submitcancel', 'class' => 'btn-success', 'value' => array($messages ? get_string('Reply', 'group') : get_string('sendmessage', 'group'), get_string('cancel')), 'goto' => get_config('wwwroot') . $goto))));
$studentid = (string) get_field('artefact', 'title', 'owner', $USER->get('id'), 'artefacttype', 'studentid');
if ($studentid !== '') {
$ownerformatoptions[FORMAT_NAME_STUDENTID] = sprintf($formatstring, get_string('studentid'), $studentid);
}
// Clean urls are only available for portfolio views owned by groups or users who already
// have their own clean profiles or group homepages.
if ($urlallowed = get_config('cleanurls') && $view->get('type') == 'portfolio' && !$institution) {
if ($group) {
$groupdata = get_record('group', 'id', $group);
if ($urlallowed = !is_null($groupdata->urlid) && strlen($groupdata->urlid)) {
$cleanurlbase = group_homepage_url($groupdata) . '/';
}
} else {
$userurlid = $USER->get('urlid');
if ($urlallowed = !is_null($userurlid) && strlen($userurlid)) {
$cleanurlbase = profile_url($USER) . '/';
}
}
}
$editview = array('name' => 'editview', 'method' => 'post', 'autofocus' => 'title', 'autoselect' => $new ? 'title' : null, 'plugintype' => 'core', 'pluginname' => 'view', 'elements' => array('id' => array('type' => 'hidden', 'value' => $view->get('id')), 'new' => array('type' => 'hidden', 'value' => $new), 'title' => array('type' => 'text', 'title' => get_string('title', 'view'), 'defaultvalue' => $view->get('title'), 'rules' => array('required' => true)), 'urlid' => array('type' => 'text', 'title' => get_string('viewurl', 'view'), 'prehtml' => '<span class="description">' . (isset($cleanurlbase) ? $cleanurlbase : '') . '</span> ', 'description' => get_string('viewurldescription', 'view') . ' ' . get_string('cleanurlallowedcharacters'), 'defaultvalue' => $new ? null : $view->get('urlid'), 'rules' => array('maxlength' => 100, 'regex' => get_config('cleanurlvalidate')), 'ignore' => !$urlallowed || $new), 'description' => array('type' => 'wysiwyg', 'title' => get_string('description', 'view'), 'rows' => 10, 'cols' => 70, 'defaultvalue' => $view->get('description'), 'rules' => array('maxlength' => 65536)), 'tags' => array('type' => 'tags', 'title' => get_string('tags'), 'description' => get_string('tagsdescprofile'), 'defaultvalue' => $view->get('tags'), 'help' => true)));
if ($group) {
$grouproles = $USER->get('grouproles');
if ($grouproles[$group] == 'admin') {
$editview['elements']['locked'] = array('type' => 'switchbox', 'title' => get_string('Locked', 'view'), 'description' => get_string('lockedgroupviewdesc', 'view'), 'defaultvalue' => $view->get('locked'), 'disabled' => $view->get('type') == 'grouphomepage');
}
}
if (!($group || $institution)) {
$default = $view->get('ownerformat');
if (!$default) {
$default = FORMAT_NAME_DISPLAYNAME;
}
}
if ($page < $num_pages) {
$pagination .= $pagination == '' ? '<a href="' . $base_url . '&sort=' . $sort . '&order=' . $order . '&page=' . ($page + 1) . '">' . $lang['NEXT'] . '</a>' : ' | <a href="' . $base_url . '&sort=' . $sort . '&order=' . $order . '&page=' . ($page + 1) . '">' . $lang['NEXT'] . '</a>';
}
if ($num_pages > 2) {
$pagination .= ' <input type="text" name="page" maxlength="5" size="2" class="post" /> <input type="submit" name="submit" value="' . $lang['GO'] . '" class="post" />';
}
$template->assign_vars(array('TPL_ADMIN_USER_SEARCH_RESULTS' => true, 'PAGE_NUMBER' => sprintf($lang['PAGE_OF'], $page, $num_pages), 'PAGINATION' => $pagination, 'NEW_SEARCH' => sprintf($lang['SEARCH_USERS_NEW'], $text, $total_pages['total'], 'admin_user_search.php'), 'U_USERNAME' => $sort == 'username' ? "{$base_url}&sort={$sort}&order={$o_order}" : "{$base_url}&sort=username&order={$order}", 'U_EMAIL' => $sort == 'user_email' ? "{$base_url}&sort={$sort}&order={$o_order}" : "{$base_url}&sort=user_email&order={$order}", 'U_POSTS' => $sort == 'posts' ? "{$base_url}&sort={$sort}&order={$o_order}" : "{$base_url}&sort=posts&order={$order}", 'U_JOINDATE' => $sort == 'regdate' ? "{$base_url}&sort={$sort}&order={$o_order}" : "{$base_url}&sort=regdate&order={$order}", 'U_LASTVISIT' => $sort == 'lastvisit' ? "{$base_url}&sort={$sort}&order={$o_order}" : "{$base_url}&sort=lastvisit&order={$order}", 'S_POST_ACTION' => "{$base_url}&sort={$sort}&order={$order}"));
if (!($result = DB()->sql_query($select_sql))) {
bb_die('Could not select user data');
}
$rowset = DB()->sql_fetchrowset($result);
$users_sql = '';
foreach ($rowset as $array) {
$users_sql .= $users_sql == '' ? $array['user_id'] : ', ' . $array['user_id'];
}
$sql = "SELECT ban_userid AS user_id FROM " . BB_BANLIST . " WHERE ban_userid IN ({$users_sql})";
if (!($result = DB()->sql_query($sql))) {
bb_die('Could not select banned data');
}
unset($banned);
$banned = array();
while ($row = DB()->sql_fetchrow($result)) {
$banned[$row['user_id']] = true;
}
for ($i = 0; $i < count($rowset); $i++) {
$row_class = !($i % 2) ? 'row1' : 'row2';
$template->assign_block_vars('userrow', array('ROW_CLASS' => $row_class, 'USER' => profile_url($rowset[$i]), 'EMAIL' => $rowset[$i]['user_email'], 'JOINDATE' => bb_date($rowset[$i]['user_regdate']), 'LASTVISIT' => bb_date($rowset[$i]['user_lastvisit']), 'POSTS' => $rowset[$i]['user_posts'], 'BAN' => !isset($banned[$rowset[$i]['user_id']]) ? $lang['NOT_BANNED'] : $lang['BANNED'], 'ABLED' => $rowset[$i]['user_active'] ? $lang['ENABLED'] : $lang['DISABLED'], 'U_VIEWPOSTS' => "../search.php?search_author=1&uid={$rowset[$i]['user_id']}", 'U_MANAGE' => '../profile.php?mode=editprofile&' . POST_USERS_URL . '=' . $rowset[$i]['user_id'] . '&admin=1', 'U_PERMISSIONS' => 'admin_ug_auth.php?mode=user&' . POST_USERS_URL . '=' . $rowset[$i]['user_id']));
}
}
print_page('admin_user_search.tpl', 'admin');
public static function render_instance(BlockInstance $instance, $editing = false)
{
global $USER;
$configdata = $instance->get('configdata');
$view = $instance->get('view');
$full = isset($configdata['full']) ? $configdata['full'] : false;
$results = array();
$smarty = smarty_core();
$smarty->assign('view', $view);
$viewownerdisplay = null;
// Display all posts, from all blogs, owned by this user
$tagsin = $tagsout = array();
$results = self::get_blog_posts_in_block($instance, $tagsin, $tagsout);
if ($tagsin || $tagsout) {
$smarty->assign('blockid', $instance->get('id'));
$smarty->assign('editing', $editing);
if ($editing) {
// Get list of blogs owned by this user to create the "Add new post" shortcut while editing
$viewowner = $instance->get_view()->get('owner');
if (!$viewowner || !($blogs = get_records_select_array('artefact', 'artefacttype = \'blog\' AND owner = ?', array($viewowner), 'title ASC', 'id, title'))) {
$blogs = array();
}
$smarty->assign('tagselect', implode(', ', $tagsin));
$smarty->assign('blogs', $blogs);
}
// if posts are not found with the selected tag, notify the user
if (!$results) {
$smarty->assign('badtag', implode(', ', $tagsin));
$smarty->assign('badnotag', implode(', ', $tagsout));
return $smarty->fetch('blocktype:taggedposts:taggedposts.tpl');
}
// update the view_artefact table so journal entries are accessible when this is the only block on the page
// referencing this journal
$dataobject = array('view' => $view, 'block' => $instance->get('id'));
require_once get_config('docroot') . 'lib/view.php';
$viewobj = new View($view);
require_once get_config('docroot') . 'artefact/lib.php';
safe_require('artefact', 'blog');
safe_require('artefact', 'comment');
foreach ($results as $result) {
$dataobject["artefact"] = $result->parent;
$result->postedbyon = get_string('postedbyon', 'artefact.blog', display_default_name($result->owner), format_date(strtotime($result->ctime)));
$result->displaydate = format_date(strtotime($result->ctime));
$artefact = new ArtefactTypeBlogpost($result->id);
// get comments for this post
$result->commentcount = count_records_select('artefact_comment_comment', "onartefact = {$result->id} AND private = 0 AND deletedby IS NULL");
$allowcomments = $artefact->get('allowcomments');
if (empty($result->commentcount) && empty($allowcomments)) {
$result->commentcount = null;
}
list($commentcount, $comments) = ArtefactTypeComment::get_artefact_comments_for_view($artefact, $viewobj, null, false);
$result->comments = $comments;
// get all tags for this post
$taglist = get_records_array('artefact_tag', 'artefact', $result->id, "tag DESC");
foreach ($taglist as $t) {
$result->taglist[] = $t->tag;
}
if ($full) {
$rendered = $artefact->render_self(array('viewid' => $view, 'details' => true, 'blockid' => $instance->get('id')));
$result->html = $rendered['html'];
if (!empty($rendered['javascript'])) {
$result->html .= '<script type="application/javascript">' . $rendered['javascript'] . '</script>';
}
}
}
// check if the user viewing the page is the owner of the selected tag
$owner = $results[0]->owner;
if ($USER->id != $owner) {
$viewownerdisplay = get_user_for_display($owner);
}
$smarty->assign('tagsin', $tagsin);
$smarty->assign('tagsout', $tagsout);
} else {
if (!self::get_chooseable_tags()) {
// error if block configuration fails
$smarty->assign('configerror', get_string('notagsavailableerror', 'blocktype.blog/taggedposts'));
return $smarty->fetch('blocktype:taggedposts:taggedposts.tpl');
} else {
// error if block configuration fails
$smarty->assign('configerror', get_string('configerror', 'blocktype.blog/taggedposts'));
return $smarty->fetch('blocktype:taggedposts:taggedposts.tpl');
}
}
// add any needed links to the tags
$tagstr = $tagomitstr = '';
foreach ($tagsin as $key => $tag) {
if ($key > 0) {
$tagstr .= ', ';
}
$tagstr .= $viewownerdisplay ? '"' . $tag . '"' : '"<a href="' . get_config('wwwroot') . 'tags.php?tag=' . $tag . '&sort=name&type=text">' . $tag . '</a>"';
}
if (!empty($tagsout)) {
foreach ($tagsout as $key => $tag) {
if ($key > 0) {
$tagomitstr .= ', ';
}
$tagomitstr .= $viewownerdisplay ? '"' . $tag . '"' : '"<a href="' . get_config('wwwroot') . 'tags.php?tag=' . $tag . '&sort=name&type=text">' . $tag . '</a>"';
}
}
$blockheading = get_string('blockheadingtags', 'blocktype.blog/taggedposts', count($tagsin), $tagstr);
$blockheading .= !empty($tagomitstr) ? get_string('blockheadingtagsomit', 'blocktype.blog/taggedposts', count($tagsout), $tagomitstr) : '';
$blockheading .= $viewownerdisplay ? ' ' . get_string('by', 'artefact.blog') . ' <a href="' . profile_url($viewownerdisplay) . '">' . display_name($viewownerdisplay) . '</a>' : '';
$smarty->assign('full', $full);
$smarty->assign('results', $results);
$smarty->assign('blockheading', $blockheading);
return $smarty->fetch('blocktype:taggedposts:taggedposts.tpl');
}
$this->getLoader()->loadPlugin('display_default_name');
if (function_exists('Dwoo_Plugin_display_name')===false)
$this->getLoader()->loadPlugin('display_name');
/* end template head */ ob_start(); /* template body */ ?><div class="sidebar-header">
<h3><?php echo Dwoo_Plugin_str($this, "onlineusers", 'mahara', (is_string($tmp=(isset($this->scope["sbdata"]["count"]) ? $this->scope["sbdata"]["count"]:null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp), null, null, null, null);?></h3>
<p id="lastminutes">(<?php echo Dwoo_Plugin_str($this, "lastminutes", 'mahara', (is_string($tmp=(isset($this->scope["sbdata"]["lastminutes"]) ? $this->scope["sbdata"]["lastminutes"]:null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp), null, null, null, null);?>)</p>
</div>
<div class="sidebar-content">
<ul class="cr">
<?php
$_fh7_data = (is_string($tmp=(isset($this->scope["sbdata"]["users"]) ? $this->scope["sbdata"]["users"]:null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp);
if ($this->isArray($_fh7_data) === true)
{
foreach ($_fh7_data as $this->scope['user'])
{
/* -- foreach start output */
?>
<li><a href="<?php echo profile_url((is_string($tmp=(isset($this->scope["user"]) ? $this->scope["user"] : null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp));?>"><img src="<?php echo (is_string($tmp=$this->readVarInto(array ( 1 => array ( 0 => '->', ), 2 => array ( 0 => 'profileiconurl', ), 3 => array ( 0 => '', 1 => '', ),), $this->scope["user"], false)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp);?>" alt="<?php echo Dwoo_Plugin_str($this, 'profileimagetext', 'mahara', null, Dwoo_Plugin_display_default_name($this, (is_string($tmp=(isset($this->scope["user"]) ? $this->scope["user"] : null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp)), null, null, null);?>" class="profile-icon-container"> <?php echo Dwoo_Plugin_display_name($this, (is_string($tmp=(isset($this->scope["user"]) ? $this->scope["user"] : null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp), null, false, false);?></a><?php if ((is_string($tmp=$this->readVarInto(array ( 1 => array ( 0 => '->', ), 2 => array ( 0 => 'loggedinfrom', ), 3 => array ( 0 => '', 1 => '', ),), (isset($this->scope["user"]) ? $this->scope["user"]:null), true)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp)) {
?> (<?php echo (is_string($tmp=$this->readVarInto(array ( 1 => array ( 0 => '->', ), 2 => array ( 0 => 'loggedinfrom', ), 3 => array ( 0 => '', 1 => '', ),), $this->scope["user"], false)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp);?>)<?php
}?></li>
<?php
/* -- foreach end output */
}
}?>
</ul>
<p id="allonline"><a href="<?php echo (is_string($tmp=$this->scope["WWWROOT"]) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp);?>user/online.php"><?php echo Dwoo_Plugin_str($this, "allonline", 'mahara', null, null, null, null, null);?></a></p>
</div>
<?php /* end template body */
return $this->buffer . ob_get_clean();
?>
/**
* Displays purified html on a page with an explanatory message.
*
* @param string $html The purified html.
* @param string $filename The filename to serve the file as
* @param array $params Parameters previously passed to serve_file
*/
function display_cleaned_html($html, $filename, $params)
{
$smarty = smarty_core();
$smarty->assign('params', $params);
if ($params['owner']) {
$smarty->assign('htmlremovedmessage', get_string('htmlremovedmessage', 'artefact.file', hsc($filename), profile_url((int) $params['owner']), hsc(display_name($params['owner']))));
} else {
$smarty->assign('htmlremovedmessage', get_string('htmlremovedmessagenoowner', 'artefact.file', hsc($filename)));
}
$smarty->assign('content', $html);
$smarty->display('cleanedhtml.tpl');
exit;
}
define('INSTITUTIONALADMIN', 1);
define('MENUITEM', 'configusers/usersearch');
require dirname(dirname(dirname(__FILE__))) . '/init.php';
define('TITLE', get_string('accountsettings', 'admin'));
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'admin');
require_once 'pieforms/pieform.php';
require_once 'activity.php';
require_once get_config('docroot') . 'lib/antispam.php';
$id = param_integer('id');
$user = new User();
$user->find_by_id($id);
$authobj = AuthFactory::create($user->authinstance);
if (!$USER->is_admin_for_user($user)) {
$SESSION->add_error_msg(get_string('youcannotadministerthisuser', 'admin'));
redirect(profile_url($user));
}
if ($user->deleted) {
$smarty = smarty();
$smarty->assign('PAGEHEADING', TITLE . ': ' . display_name($user));
$smarty->assign('message', get_string('thisuserdeleted', 'admin'));
$smarty->display('message.tpl');
exit;
}
// Site-wide account settings
$currentdate = getdate();
$elements = array();
$elements['id'] = array('type' => 'hidden', 'rules' => array('integer' => true), 'value' => $id);
if (method_exists($authobj, 'change_username')) {
$elements['username'] = array('type' => 'text', 'title' => get_string('changeusername', 'admin'), 'description' => get_string('changeusernamedescription', 'admin'), 'defaultvalue' => $user->username, 'rules' => array('maxlength' => 236));
}
public static function build_html(&$data)
{
global $USER, $THEME;
$candelete = $data->canedit || $USER->get('admin');
$deletedmessage = array();
foreach (self::deleted_messages() as $k => $v) {
$deletedmessage[$k] = get_string($v, 'artefact.comment');
}
$authors = array();
$lastcomment = self::last_public_comment($data->view, $data->artefact);
$editableafter = time() - 60 * get_config_plugin('artefact', 'comment', 'commenteditabletime');
foreach ($data->data as &$item) {
$item->ts = strtotime($item->ctime);
$item->date = format_date($item->ts, 'strftimedatetime');
if ($item->ts < strtotime($item->lastcontentupdate)) {
$item->updated = format_date(strtotime($item->lastcontentupdate), 'strftimedatetime');
}
$item->isauthor = $item->author && $item->author == $USER->get('id');
if (!empty($item->attachments)) {
if ($data->isowner) {
$item->attachmessage = get_string('feedbackattachmessage', 'artefact.comment', get_string('feedbackattachdirname', 'artefact.comment'));
}
foreach ($item->attachments as &$a) {
$a->attachid = $a->attachment;
$a->attachtitle = $a->title;
$a->attachsize = display_size($a->size);
}
}
if ($item->private) {
$item->pubmessage = get_string('thiscommentisprivate', 'artefact.comment');
}
if (isset($data->showcomment) && $data->showcomment == $item->id) {
$item->highlight = 1;
}
$is_export_preview = param_integer('export', 0);
if ($item->deletedby) {
$item->deletedmessage = $deletedmessage[$item->deletedby];
} else {
if (($candelete || $item->isauthor) && !$is_export_preview) {
$item->deleteform = pieform(self::delete_comment_form($item->id));
}
}
// Comment authors can edit recent comments if they're private or if no one has replied yet.
if (!$item->deletedby && $item->isauthor && !$is_export_preview && ($item->private || $item->id == $lastcomment->id) && $item->ts > $editableafter) {
$item->canedit = 1;
}
// Form to make private comment public, or request that a
// private comment be made public
if (!$item->deletedby && $item->private && $item->author && $data->owner && ($item->isauthor || $data->isowner)) {
if (empty($item->requestpublic) && $data->isowner || $item->isauthor && $item->requestpublic == 'owner' || $data->isowner && $item->requestpublic == 'author') {
if (!$is_export_preview) {
$item->makepublicform = pieform(self::make_public_form($item->id));
}
} else {
if ($item->isauthor && $item->requestpublic == 'author' || $data->isowner && $item->requestpublic == 'owner') {
$item->makepublicrequested = 1;
}
}
} else {
if (!$item->deletedby && $item->private && !$item->author && $data->owner && $data->isowner && $item->requestpublic == 'author' && !$is_export_preview) {
$item->makepublicform = pieform(self::make_public_form($item->id));
} else {
if (!$item->deletedby && $item->private && !$data->owner && $item->group && $item->requestpublic == 'author') {
// no owner as comment is on a group view / artefact
if ($item->isauthor) {
$item->makepublicrequested = 1;
} else {
if ($data->artefact && $data->canedit || $data->view && $data->canedit && !$is_export_preview) {
$item->makepublicform = pieform(self::make_public_form($item->id));
} else {
$item->makepublicrequested = 1;
}
}
}
}
}
if ($item->author) {
if (isset($authors[$item->author])) {
$item->author = $authors[$item->author];
} else {
$item->author = $authors[$item->author] = (object) array('id' => $item->author, 'username' => $item->username, 'firstname' => $item->firstname, 'lastname' => $item->lastname, 'preferredname' => $item->preferredname, 'email' => $item->email, 'staff' => $item->staff, 'admin' => $item->admin, 'deleted' => $item->deleted, 'profileicon' => $item->profileicon, 'profileurl' => profile_url($item->author));
}
}
if (get_config_plugin('artefact', 'comment', 'commentratings') and $item->rating) {
$item->ratingdata = (object) array('value' => valid_rating($item->rating), 'min_rating' => MIN_RATING, 'max_rating' => MAX_RATING, 'export' => $data->export);
}
}
$extradata = array('view' => $data->view);
$data->jsonscript = 'artefact/comment/comments.json.php';
if (!empty($data->artefact)) {
$data->baseurl = get_config('wwwroot') . 'artefact/artefact.php?view=' . $data->view . '&artefact=' . $data->artefact;
$extradata['artefact'] = $data->artefact;
} else {
$data->baseurl = get_config('wwwroot') . 'view/view.php?id=' . $data->view;
}
$smarty = smarty_core();
$smarty->assign_by_ref('data', $data->data);
$smarty->assign('canedit', $data->canedit);
$smarty->assign('viewid', $data->view);
$smarty->assign('position', $data->position);
$smarty->assign('baseurl', $data->baseurl);
$data->tablerows = $smarty->fetch('artefact:comment:commentlist.tpl');
$pagination = build_pagination(array('id' => 'feedback_pagination', 'class' => 'center', 'url' => $data->baseurl, 'jsonscript' => $data->jsonscript, 'datatable' => 'feedbacktable', 'count' => $data->count, 'limit' => $data->limit, 'offset' => $data->offset, 'forceoffset' => isset($data->forceoffset) ? $data->forceoffset : null, 'resultcounttextsingular' => get_string('comment', 'artefact.comment'), 'resultcounttextplural' => get_string('comments', 'artefact.comment'), 'extradata' => $extradata));
$data->pagination = $pagination['html'];
$data->pagination_js = $pagination['javascript'];
}
function addfriend_submit(Pieform $form, $values)
{
global $USER, $SESSION;
$user = get_record('usr', 'id', $values['id']);
$loggedinid = $USER->get('id');
if (is_friend($loggedinid, $user->id)) {
$SESSION->add_info_msg(get_string('alreadyfriends', 'group', display_name($user)));
delete_records('usr_friend_request', 'owner', $loggedinid, 'requester', $user->id);
redirect(profile_url($user));
}
// friend db record
$f = new StdClass();
$f->ctime = db_format_timestamp(time());
// notification info
$n = new StdClass();
$n->url = profile_url($USER, false);
$n->users = array($user->id);
$lang = get_user_language($user->id);
$displayname = display_name($USER, $user);
$n->urltext = $displayname;
$f->usr1 = $values['id'];
$f->usr2 = $loggedinid;
db_begin();
delete_records('usr_friend_request', 'owner', $loggedinid, 'requester', $user->id);
insert_record('usr_friend', $f);
db_commit();
$n->subject = get_string_from_language($lang, 'addedtofriendslistsubject', 'group', $displayname);
$n->message = get_string_from_language($lang, 'addedtofriendslistmessage', 'group', $displayname, $displayname);
require_once 'activity.php';
activity_occurred('maharamessage', $n);
handle_event('addfriend', array('user' => $f->usr2, 'friend' => $f->usr1));
$SESSION->add_ok_msg(get_string('friendformaddsuccess', 'group', display_name($user)));
redirect(profile_url($user));
}
public function get_htmlmessage($user)
{
$post = $this->temp->post;
$reportername = hsc(display_default_name($this->reporter));
$reporterurl = profile_url($this->reporter);
$ctime = strftime(get_string_from_language($user->lang, 'strftimedaydatetime'), $this->ctime);
return get_string_from_language($user->lang, 'objectionablecontentposthtml', 'interaction.forum', hsc($post->topicsubject), $reportername, $ctime, $this->message, $post->posttime, $post->htmlbody, get_config('wwwroot') . $this->url, hsc($post->topicsubject), $reporterurl, $reportername);
}
