function GetNotifications()
{
    global $loguserid, $NotifFormat;
    $notifs = array();
    if (!$loguserid) {
        return $notifs;
    }
    // TODO do it better!
    $staffnotif = '';
    if (HasPermission('admin.viewstaffpms')) {
        $staffnotif = ' OR user=-1';
    }
    $ndata = Query("SELECT type,id,date,args FROM {notifications} WHERE user={0}{$staffnotif} ORDER BY date DESC", $loguserid);
    while ($n = Fetch($ndata)) {
        $ncb = $NotifFormat[$n['type']];
        if (function_exists($ncb)) {
            $ndesc = $ncb($n['id'], $n['args'] ? unserialize($n['args']) : null);
        } else {
            $ndesc = htmlspecialchars($n['type'] . ':' . $n['id']);
        }
        $ts = '<span class="nobr">';
        $te = '</span>';
        $ndesc = $ts . str_replace("\n", $te . '<br>' . $ts, $ndesc) . $te;
        $notifs[] = array('date' => $n['date'], 'formattedDate' => relativedate($n['date']), 'text' => $ndesc);
    }
    return $notifs;
}
Example #2
0
 public function get_accepted($pid = 0)
 {
     $myID = getUserID();
     $query = $this->mmdb->get_members($pid, $myID);
     $members = array();
     foreach ($query->result() as $row) {
         $dateJoined = convert_datetime($row->date_joined);
         $data = array('id' => $row->id, 'display_name' => $row->display_name, 'joined_by' => (int) $row->joined_by, 'date_joined' => $row->is_accepted == 1 ? relativedate(strtotime($dateJoined), false) : 'n/a', 'is_accepted' => (int) $row->is_accepted, 'role_id' => (int) $row->project_role, 'role' => $row->is_accepted == 1 ? $row->project_role_name : 'None', 'tasks' => number_format($row->tasks), 'files' => number_format($row->files), 'is_contact' => $row->is_friend == 1 ? 1 : 0, 'is_me' => $myID == $row->id ? 1 : 0);
         //Filter for members
         if ($row->is_accepted == 1) {
             $members[] = $data;
         }
     }
     generate_json(array('status' => 1, 'members' => $members));
 }
Example #3
0
 public function index()
 {
     $myID = getUserID();
     $items = array();
     $categories = array();
     $query = $this->mdb->get_notes($myID);
     foreach ($query->result() as $row) {
         $date = convert_datetime($row->date_created);
         $items[] = array('id' => $row->id, 'title' => $row->title, 'category' => empty($row->category) ? 'Uncategorized' : $row->category, 'content' => empty($row->content) ? 'No description' : $row->content, 'date' => relativedate(strtotime($date), false));
     }
     $query = $this->mdb->get_categories($myID);
     foreach ($query->result() as $row) {
         $categories[] = $row->category;
     }
     generate_json(array('status' => 1, 'items' => $items, 'categories' => $categories));
 }
Example #4
0
 public function index()
 {
     $myID = getUserID();
     $query = $this->mdb->get_contacts($myID);
     $items = array();
     $initials = array();
     $initial = '';
     foreach ($query->result() as $row) {
         $lastname = trim($row->lastname);
         $middlename = trim($row->middlename);
         $firstname = trim($row->firstname);
         $displayname = $row->display_name;
         $nameToDisplay = $displayname;
         $date = convert_datetime($row->date_added);
         if (!empty($lastname)) {
             $nameToDisplay = ucfirst($lastname);
             if (!empty($firstname)) {
                 $nameToDisplay .= ", " . ucfirst($firstname);
             }
             if (!empty($middlename)) {
                 $nameToDisplay .= ' ' . ucfirst(substr($middlename, 0, 1)) . '.';
             }
         }
         if ($initial !== strtoupper(substr($nameToDisplay, 0, 1))) {
             $initial = strtoupper(substr($nameToDisplay, 0, 1));
         }
         $contactNo = array();
         $contactNoQ = unserialize($row->contact_number);
         $addressQ = unserialize($row->location);
         if ($contactNoQ) {
             foreach ($contactNoQ as $rContact) {
                 if ($rContact['privacy'] == 0) {
                     $contactNo[] = $rContact['contact'];
                 }
             }
         }
         $address = '';
         if ($addressQ) {
             $address = $addressQ['privacy'] == 0 ? $addressQ['location'] : 'Private';
         }
         $items[] = array('id' => $row->id, 'group' => in_array($initial, $initials) ? "" : $initial, 'display_name' => $nameToDisplay, 'nickname' => $displayname, 'email_address' => $row->email_privacy == 0 ? $row->email_address : 'Private', 'company' => empty($row->company) ? '-' : $row->company, 'address' => empty($address) ? '-' : $address, 'gender' => ucfirst($row->gender), 'date_added' => relativedate(strtotime($date), false), 'contact_no' => count($contactNo) ? implode(", ", $contactNo) : '-');
         $initials[] = $initial;
     }
     generate_json(array('status' => 1, 'items' => $items));
 }
Example #5
0
 public function data($pid = 0)
 {
     requirelogin();
     updateLastActive();
     $page = (int) $this->input->get('page');
     $page = $page > 1 ? $page : 1;
     $pageOrig = $page > 1 ? $page - 1 : 0;
     $itemsPerPage = 10;
     $sqStart = $pageOrig * $itemsPerPage;
     $sql = $this->ldb->get_data($pid, $sqStart, $itemsPerPage);
     $items = array();
     foreach ($sql->result() as $row) {
         $timestamp = convert_datetime($row->date_added);
         $items[] = array('activity' => projectlogs_read($row->type, $row->tag_data), 'actor_id' => $row->actor_id, 'actor_name' => $row->display_name, 'timestamp' => relativedate(strtotime($timestamp)), 'redirect' => $row->redirect);
     }
     $qAllItems = $this->ldb->get_data($pid, 0, 0);
     $allItems = (int) $qAllItems->num_rows();
     $total_page = $allItems > 0 ? ceil($allItems / $itemsPerPage) : 1;
     generate_json(array('status' => 1, 'items' => $items, 'total_page' => number_format($total_page), 'current_page' => $page, 'previous_page' => $page > 1 ? $page - 1 : '', 'next_page' => $page < $total_page ? $page + 1 : '', 'total_items' => number_format($allItems)));
 }
Example #6
0
 public function get_notif()
 {
     $myID = getUserID();
     $page = (int) $this->input->get('page');
     $page = $page > 1 ? $page : 1;
     $pageOrig = $page > 1 ? $page - 1 : 0;
     $itemsPerPage = 20;
     $sqStart = $pageOrig * $itemsPerPage;
     $query = $this->mdb->get_all_notif($myID, $sqStart, $itemsPerPage);
     $items = array();
     foreach ($query->result() as $row) {
         $tagData = explode("|", $row->tag_data);
         $description = display_notif($row->type, $tagData, $row->counter);
         $description = convert_tag($description, 'span', array('class' => 'tag'));
         $dateNotify = convert_datetime($row->date_notify);
         $items[] = array('id' => $row->id, 'description' => $description, 'actor_id' => $row->actor_id, 'redirect_uri' => $row->redirect, 'timestamp' => relativedate(strtotime($dateNotify), true), 'is_read' => $row->is_read, 'is_new' => $row->is_new);
     }
     $qAllItems = $this->mdb->get_all_notif($myID, 0, 0);
     $allItems = (int) $qAllItems->num_rows();
     $total_page = $allItems > 0 ? ceil($allItems / $itemsPerPage) : 1;
     $this->mdb->update_notif(array('notify_to' => $myID, 'is_new' => 1), array('is_new' => 0));
     generate_json(array('status' => 1, 'items' => $items, 'total_page' => number_format($total_page), 'current_page' => $page, 'previous_page' => $page > 1 ? $page - 1 : '', 'next_page' => $page < $total_page ? $page + 1 : '', 'total_items' => number_format($allItems)));
 }
Example #7
0
 public function lists($page = 1)
 {
     requirelogin();
     updateLastActive();
     $myID = getUserID();
     $page = (int) $page;
     $page = $page > 1 ? $page : 1;
     $pageOrig = $page > 1 ? $page - 1 : 0;
     $itemsPerPage = 6;
     $sqStart = $pageOrig * $itemsPerPage;
     $query = $this->mdb->projects_get($myID, $sqStart, $itemsPerPage);
     $items = array();
     foreach ($query->result() as $row) {
         $allTasks = (int) $row->active_tasks + (int) $row->completed_tasks;
         $tActive_percent = (int) $row->active_tasks > 0 ? $row->active_tasks / $allTasks * 100 : 0;
         $tCompleted_percent = (int) $row->completed_tasks > 0 ? $row->completed_tasks / $allTasks * 100 : 0;
         $tPending_percent = (int) $row->pending_tasks > 0 ? $row->pending_tasks / ($allTasks + $row->pending_tasks) * 100 : 0;
         $items[] = array('id' => $row->id, 'name' => $row->project_name, 'active_tasks' => array('count' => $row->active_tasks, 'percentage' => $tActive_percent), 'completed_tasks' => array('count' => $row->completed_tasks, 'percentage' => $tCompleted_percent), 'pending_tasks' => array('count' => $row->pending_tasks, 'percentage' => $tPending_percent), 'creator' => $row->display_name, 'description' => empty($row->description) ? '[No description]' : $row->description, 'last_update' => relativedate(strtotime($row->last_update), false), 'created_month' => date("M", strtotime($row->date_created)), 'created_year' => date("Y", strtotime($row->date_created)), 'avatar' => 'pictures/avatar/' . $row->creator_id . '/thumb');
     }
     $qAllItems = $this->mdb->projects_get($myID, 0, 0);
     $allItems = (int) $qAllItems->num_rows();
     $total_page = $allItems > 0 ? ceil($allItems / $itemsPerPage) : 1;
     generate_json(array('status' => 1, 'items' => $items, 'total_page' => number_format($total_page), 'current_page' => $page, 'previous_page' => $page > 1 ? $page - 1 : '', 'next_page' => $page < $total_page ? $page + 1 : '', 'total_items' => number_format($allItems)));
 }
function dag_run_private()
{
    require_once "modules/dag/misc_functions.php";
    global $session;
    if (httpget('manage') != "true") {
        page_header("Dag Durnick's Table");
        output("<span style='color: #9900FF'>", true);
        output("`c`bDag Durnick's Table`b`c");
    } else {
        dag_manage();
    }
    $op = httpget('op');
    addnav("Navigation");
    addnav("I?Return to the Inn", "inn.php");
    if ($op != '') {
        addnav("Talk to Dag Durnick", "runmodule.php?module=dag");
    }
    if ($op == "list") {
        output("Dag fishes a small leather bound book out from under his cloak, flips through it to a certain page and holds it up for you to see.");
        output("\"`7Deese ain't the most recent figgers, I ain't just had time to get th' other numbers put in.`0\"`n`n");
        // ***ADDED***
        // By Andrew Senger
        // Added for new Bounty Code
        output("`c`bThe Bounty List`b`c`n");
        $sql = "SELECT bountyid,amount,target,setter,setdate FROM " . db_prefix("bounty") . " WHERE status=0 AND setdate<='" . date("Y-m-d H:i:s") . "' ORDER BY bountyid ASC";
        $result = db_query($sql);
        rawoutput("<table border=0 cellpadding=2 cellspacing=1 bgcolor='#999999'>");
        $amount = translate_inline("Amount");
        $level = translate_inline("Level");
        $name = translate_inline("Name");
        $loc = translate_inline("Location");
        $sex = translate_inline("Sex");
        $alive = translate_inline("Alive");
        $last = translate_inline("Last On");
        rawoutput("<tr class='trhead'><td><b>{$amount}</b></td><td><b>{$level}</b></td><td><b>{$name}</b></td><td><b>{$loc}</b></td><td><b>{$sex}</b></td><td><b>{$alive}</b></td><td><b>{$last}</b></td>");
        $listing = array();
        $totlist = 0;
        for ($i = 0; $i < db_num_rows($result); $i++) {
            $row = db_fetch_assoc($result);
            $amount = (int) $row['amount'];
            $sql = "SELECT name,alive,sex,level,laston,loggedin,lastip,location FROM " . db_prefix("accounts") . " WHERE acctid={$row['target']}";
            $result2 = db_query($sql);
            if (db_num_rows($result2) == 0) {
                /* this person has been deleted, clear bounties */
                $sql = "UPDATE " . db_prefix("bounty") . " SET status=1 WHERE target={$row['target']}";
                db_query($sql);
                continue;
            }
            $row2 = db_fetch_assoc($result2);
            $yesno = 0;
            for ($j = 0; $j <= $i; $j++) {
                if (isset($listing[$j]) && $listing[$j]['Name'] == $row2['name']) {
                    $listing[$j]['Amount'] = $listing[$j]['Amount'] + $amount;
                    $yesno = 1;
                }
            }
            if ($yesno == 0) {
                $loggedin = date("U") - strtotime($row2['laston']) < getsetting("LOGINTIMEOUT", 900) && $row2['loggedin'];
                $listing[] = array('Amount' => $amount, 'Level' => $row2['level'], 'Name' => $row2['name'], 'Location' => $row2['location'], 'Sex' => $row2['sex'], 'Alive' => $row2['alive'], 'LastOn' => $row2['laston'], 'LoggedIn' => $loggedin);
                $totlist = $totlist + 1;
            }
        }
        $sort = httpget("sort");
        if ($sort == "level") {
            usort($listing, 'dag_sortbountieslevel');
        } elseif ($sort != "") {
            usort($listing, 'dag_sortbounties');
        } else {
            usort($listing, 'dag_sortbountieslevel');
        }
        for ($i = 0; $i < $totlist; $i++) {
            rawoutput("<tr class='" . ($i % 2 ? "trdark" : "trlight") . "'><td>");
            output_notl("`^%s`0", $listing[$i]['Amount']);
            rawoutput("</td><td>");
            output_notl("`^%s`0", $listing[$i]['Level']);
            rawoutput("</td><td>");
            output_notl("`^%s`0", $listing[$i]['Name']);
            rawoutput("</td><td>");
            output($listing[$i]['LoggedIn'] ? "`#Online`0" : $listing[$i]['Location']);
            rawoutput("</td><td>");
            output($listing[$i]['Sex'] ? "`!Female`0" : "`!Male`0");
            rawoutput("</td><td>");
            output($listing[$i]['Alive'] ? "`1Yes`0" : "`4No`0");
            rawoutput("</td><td>");
            $laston = relativedate($listing[$i]['LastOn']);
            output_notl("%s", $laston);
            rawoutput("</td></tr>");
        }
        rawoutput("</table>");
        // ***END ADDING***
    } else {
        if ($op == "addbounty") {
            if (get_module_pref("bounties") >= get_module_setting("maxbounties")) {
                output("Dag gives you a piercing look.");
                output("`7\"Ye be thinkin' I be an assassin or somewhat?  Ye already be placin' more than 'nuff bounties for t'day.  Now, be ye gone before I stick a bounty on yer head fer annoyin' me.\"`n`n");
            } else {
                $fee = get_module_setting("bountyfee");
                if ($fee < 0 || $fee > 100) {
                    $fee = 10;
                    set_module_setting("bountyfee", $fee);
                }
                $min = get_module_setting("bountymin");
                $max = get_module_setting("bountymax");
                output("Dag Durnick glances up at you and adjusts the pipe in his mouth with his teeth.`n");
                output("`7\"So, who ye be wantin' to place a hit on? Just so ye be knowing, they got to be legal to be killin', they got to be at least level %s, and they can't be having too much outstandin' bounty nor be getting hit too frequent like, so if they ain't be listed, they can't be contracted on!  We don't run no slaughterhouse here, we run a.....business.  Also, there be a %s%% listin' fee fer any hit ye be placin'.\"`n`n", get_module_setting("bountylevel"), get_module_setting("bountyfee"));
                rawoutput("<form action='runmodule.php?module=dag&op=finalize' method='POST'>");
                output("`2Target: ");
                rawoutput("<input name='contractname'>");
                output_notl("`n");
                output("`2Amount to Place: ");
                rawoutput("<input name='amount' id='amount' width='5'>");
                output_notl("`n`n");
                $final = translate_inline("Finalize Contract");
                rawoutput("<input type='submit' class='button' value='{$final}'>");
                rawoutput("</form>");
                addnav("", "runmodule.php?module=dag&op=finalize");
            }
        } elseif ($op == "finalize") {
            if (httpget('subfinal') == 1) {
                $sql = "SELECT acctid,name,login,level,locked,age,dragonkills,pk,experience FROM " . db_prefix("accounts") . " WHERE name='" . addslashes(rawurldecode(stripslashes(httppost('contractname')))) . "' AND locked=0";
            } else {
                $contractname = stripslashes(rawurldecode(httppost('contractname')));
                $name = "%";
                for ($x = 0; $x < strlen($contractname); $x++) {
                    $name .= substr($contractname, $x, 1) . "%";
                }
                $sql = "SELECT acctid,name,login,level,locked,age,dragonkills,pk,experience FROM " . db_prefix("accounts") . " WHERE name LIKE '" . addslashes($name) . "' AND locked=0";
            }
            $result = db_query($sql);
            if (db_num_rows($result) == 0) {
                output("Dag Durnick sneers at you, `7\"There not be anyone I be knowin' of by that name.  Maybe ye should come back when ye got a real target in mind?\"");
            } elseif (db_num_rows($result) > 100) {
                output("Dag Durnick scratches his head in puzzlement, `7\"Ye be describing near half th' town, ye fool?  Why don't ye be giving me a better name now?\"");
            } elseif (db_num_rows($result) > 1) {
                output("Dag Durnick searches through his list for a moment, `7\"There be a couple of 'em that ye could be talkin' about.  Which one ye be meaning?\"`n");
                rawoutput("<form action='runmodule.php?module=dag&op=finalize&subfinal=1' method='POST'>");
                output("`2Target: ");
                rawoutput("<select name='contractname'>");
                for ($i = 0; $i < db_num_rows($result); $i++) {
                    $row = db_fetch_assoc($result);
                    rawoutput("<option value=\"" . rawurlencode($row['name']) . "\">" . full_sanitize($row['name']) . "</option>");
                }
                rawoutput("</select>");
                output_notl("`n`n");
                $amount = httppost('amount');
                output("`2Amount to Place: ");
                rawoutput("<input name='amount' id='amount' width='5' value='{$amount}'>");
                output_notl("`n`n");
                $final = translate_inline("Finalize Contract");
                rawoutput("<input type='submit' class='button' value='{$final}'>");
                rawoutput("</form>");
                addnav("", "runmodule.php?module=dag&op=finalize&subfinal=1");
            } else {
                // Now, we have just the one, so check it.
                $row = db_fetch_assoc($result);
                if ($row['locked']) {
                    output("Dag Durnick sneers at you, `7\"There not be anyone I be knowin' of by that name.  Maybe ye should come back when ye got a real target in mind?\"");
                } elseif ($row['login'] == $session['user']['login']) {
                    output("Dag Durnick slaps his knee laughing uproariously, `7\"Ye be wanting to take out a contract on yerself?  I ain't be helping no suicider, now!\"");
                } elseif ($row['level'] < get_module_setting("bountylevel") || $row['age'] < getsetting("pvpimmunity", 5) && $row['dragonkills'] == 0 && $row['pk'] == 0 && $row['experience'] < getsetting("pvpminexp", 1500)) {
                    output("Dag Durnick stares at you angrily, `7\"I told ye that I not be an assassin.  That ain't a target worthy of a bounty.  Now get outta me sight!\"");
                } else {
                    // All good!
                    $amt = abs((int) httppost('amount'));
                    $min = get_module_setting("bountymin") * $row['level'];
                    $max = get_module_setting("bountymax") * $row['level'];
                    $fee = get_module_setting("bountyfee");
                    $cost = round($amt * ((100 + $fee) / 100), 0);
                    $curbounty = 0;
                    $sql = "SELECT sum(amount) AS total FROM " . db_prefix("bounty") . " WHERE status=0 AND target={$row['acctid']}";
                    $result = db_query($sql);
                    if (db_num_rows($result) > 0) {
                        $nrow = db_fetch_assoc($result);
                        $curbounty = $nrow['total'];
                    }
                    if ($amt < $min) {
                        output("Dag Durnick scowls, `7\"Ye think I be workin' for that pittance?  Be thinkin' again an come back when ye willing to spend some real coin.  That mark be needin' at least %s gold to be worth me time.\"", $min);
                    } elseif ($session['user']['gold'] < $cost) {
                        output("Dag Durnick scowls, `7\"Ye don't be havin enough gold to be settin' that contract.  Wastin' my time like this, I aught to be puttin' a contract on YE instead!");
                    } elseif ($amt + $curbounty > $max) {
                        if ($curbounty) {
                            output("Dag looks down at the pile of coin and just leaves them there.");
                            output("`7\"I'll just be passin' on that contract.  That's way more'n `^%s`7 be worth and ye know it.  I ain't no durned assassin. A bounty o' %s already be on their head, what with the bounties I ain't figgered in to th' book already.  I might be willin' t'up it to %s, after me %s%% listin' fee of course\"`n`n", $row['name'], $curbounty, $max, $fee);
                        } else {
                            output("Dag looks down at the pile of coin and just leaves them there.");
                            output("`7\"I'll just be passin' on that contract.  That's way more'n `^%s`7 be worth and ye know it.  I ain't no durned assassin.  I might be willin' t'let y' set one of %s, after me %s%% listin' fee of course\"`n`n", $row['name'], $max, $fee);
                        }
                    } else {
                        output("You slide the coins towards Dag Durnick, who deftly palms them from the table.");
                        output("`7\"I'll just be takin' me %s%% listin' fee offa the top.  The word be put out that ye be wantin' `^%s`7 taken care of. Be patient, and keep yer eyes on the news.\"`n`n", $fee, $row['name']);
                        set_module_pref("bounties", get_module_pref("bounties") + 1);
                        $session['user']['gold'] -= $cost;
                        // ***ADDED***
                        // By Andrew Senger
                        // Adding for new Bounty Code
                        $setdate = time();
                        // random set date up to 4 hours in the future.
                        $setdate += e_rand(0, 14400);
                        $sql = "INSERT INTO " . db_prefix("bounty") . " (amount, target, setter, setdate) VALUES ({$amt}, " . $row['acctid'] . ", " . (int) $session['user']['acctid'] . ", '" . date("Y-m-d H:i:s", $setdate) . "')";
                        db_query($sql);
                        // ***END ADD***
                        debuglog("spent {$cost} to place a {$amt} bounty on {$row['name']}");
                    }
                }
            }
        } else {
            output("You stroll over to Dag Durnick, who doesn't even bother to look up at you.");
            output("He takes a long pull on his pipe.`n");
            output("`7\"Ye probably be wantin' to know if there's a price on yer head, ain't ye.\"`n`n");
            // ***ADDED***
            // By Andrew Senger
            // Adding for new Bounty Code
            $sql = "SELECT sum(amount) as total FROM " . db_prefix("bounty") . " WHERE status=0 AND setdate<='" . date("Y-m-d H:i:s") . "' AND target=" . $session['user']['acctid'];
            $result = db_query($sql);
            $curbounty = 0;
            if (db_num_rows($result) != 0) {
                $row = db_fetch_assoc($result);
                $curbounty = $row['total'];
            }
            if ($curbounty == 0) {
                output("\"`3Ye don't have no bounty on ya.  I suggest ye be keepin' it that way.\"");
            } else {
                output("\"`3Well, it be lookin like ye have `^%s gold`3 on yer head currently. Ye might wanna be watchin yourself.\"", $curbounty);
            }
            // ***END ADD***
            addnav("Bounties");
            addnav("Check the Wanted List", "runmodule.php?module=dag&op=list");
            addnav("Set a Bounty", "runmodule.php?module=dag&op=addbounty");
        }
    }
    modulehook('dagnav');
    if ($op == "list") {
        addnav("Sort List");
        addnav("View by Bounty", "runmodule.php?module=dag&op=list&sort=bounty");
        addnav("View by Level", "runmodule.php?module=dag&op=list&sort=level");
    }
    rawoutput("</span>");
    page_footer();
}
 }
 $write = translate_inline("Write Mail");
 // We assume that petitions are handled in default language
 $yourpeti = translate_mail("Your Petition", 0);
 $peti = translate_mail("Petition", 0);
 $row['body'] = str_replace("[charname]", translate_mail("[charname]", 0), $row['body']);
 $row['body'] = str_replace("[email]", translate_mail("[email]", 0), $row['body']);
 $row['body'] = str_replace("[description]", translate_mail("[description]", 0), $row['body']);
 // For email replies, make sure we don't overflow the URI buffer.
 $reppet = substr(stripslashes($row['body']), 0, 2000);
 output("`@From: ");
 if ($row['login'] > "") {
     rawoutput("<a href=\"mail.php?op=write&to=" . rawurlencode($row['login']) . "&body=" . rawurlencode("\n\n----- {$yourpeti} -----\n{$reppet}") . "&subject=RE:+{$peti}\" target=\"_blank\" onClick=\"" . popup("mail.php?op=write&to=" . rawurlencode($row['login']) . "&body=" . rawurlencode("\n\n----- {$yourpeti} -----\n{$reppet}") . "&subject=RE:+{$peti}") . ";return false;\"><img src='images/newscroll.GIF' width='16' height='16' alt='{$write}' border='0'></a>");
 }
 output_notl("`^`b%s`b`n", $row['name']);
 output("`@Date: `^`b%s`b (%s)`n", $row['date'], relativedate($row['date']));
 output("`@Status: %s`n", $statuses[$row['status']]);
 if ($row['closedate'] != '0000-00-00 00:00:00') {
     output("`@Last Update: `^%s`@ on `^%s (%s)`n", $row['closer'], $row['closedate'], dhms(strtotime('now') - strtotime($row['closedate']), true));
 }
 output("`@Body:`^`n");
 $body = htmlentities(stripslashes($row['body']), ENT_COMPAT, getsetting("charset", "ISO-8859-1"));
 $body = preg_replace("'([[:alnum:]_.-]+[@][[:alnum:]_.-]{2,}([.][[:alnum:]_.-]{2,})+)'i", "<a href='mailto:\\1?subject=RE: {$peti}&body=" . str_replace("+", " ", URLEncode("\n\n----- {$yourpeti} -----\n" . $row['body'])) . "'>\\1</a>", $body);
 $body = preg_replace("'([\\[][[:alnum:]_.-]+[\\]])'i", "<span class='colLtRed'>\\1</span>", $body);
 rawoutput("<span style='font-family: fixed-width'>" . nl2br($body) . "</span>");
 commentdisplay("`n`@Commentary:`0`n", "pet-{$id}", "Add information", 200);
 if ($viewpageinfo) {
     output("`n`n`@Page Info:`&`n");
     $row['pageinfo'] = stripslashes($row['pageinfo']);
     $body = HTMLEntities($row['pageinfo'], ENT_COMPAT, getsetting("charset", "ISO-8859-1"));
     $body = preg_replace("'([[:alnum:]_.-]+[@][[:alnum:]_.-]{2,}([.][[:alnum:]_.-]{2,})+)'i", "<a href='mailto:\\1?subject=RE: {$peti}&body=" . str_replace("+", " ", URLEncode("\n\n----- {$yourpeti} -----\n" . $row['body'])) . "'>\\1</a>", $body);
        addnav("", "bio.php?char=" . $row['acctid'] . "");
    }
    output_notl("`&%s`0", $row['name']);
    if ($session['user']['loggedin']) {
        rawoutput("</a>");
    }
    rawoutput("</td><td>");
    $loggedin = date("U") - strtotime($row['laston']) < getsetting("LOGINTIMEOUT", 900) && $row['loggedin'];
    output_notl("`&%s`0", $row['location']);
    if ($loggedin) {
        $online = translate_inline("`#(Online)");
        output_notl("%s", $online);
    }
    rawoutput("</td><td>");
    if (!$row['race']) {
        $row['race'] = RACE_UNKNOWN;
    }
    tlschema("race");
    output($row['race']);
    tlschema();
    rawoutput("</td><td>");
    $sex = translate_inline($row['sex'] ? "`%Female`0" : "`!Male`0");
    output_notl("%s", $sex);
    rawoutput("</td><td>");
    $laston = relativedate($row['laston']);
    output_notl("%s", $laston);
    rawoutput("</td></tr>");
}
rawoutput("</table>");
output_notl("`c");
page_footer();
Example #11
0
 private function loopComments($postID, $query)
 {
     $myID = getUserID();
     $items = array();
     $is_moderator = false;
     //Get project id
     $qp = $this->db->query("select project_id from posts where id = ?", array($postID));
     if ($qp->num_rows()) {
         $qpRow = $qp->row();
         if (is_numeric($qpRow->project_id)) {
             $is_moderator = validate_access('is_moderator', array('project_id' => $qpRow->project_id, 'user_id' => $myID));
         }
     }
     foreach ($query->result() as $cRow) {
         //reply snippet
         $replyItems = array();
         if ($cRow->comments) {
             $rQuery = $this->mdb->get_comment_snippet($postID, $cRow->id, 1);
             foreach ($rQuery->result() as $rRow) {
                 $dateCommented = convert_datetime($rRow->date_posted);
                 $replyItems[] = array('id' => $rRow->id, 'actor_id' => $rRow->user_id, 'actor_name' => $rRow->actor_name, 'replies' => $rRow->comments, 'agrees' => $rRow->agrees, 'disagrees' => $rRow->disagrees, 'is_agree' => $rRow->is_agree, 'is_disagree' => $rRow->is_disagree, 'date_commented' => relativedate(strtotime($dateCommented), false), 'comment' => $rRow->comment, 'update_buttons' => $rRow->user_id == $myID || $is_moderator ? 1 : 0);
             }
         }
         $rQuery = $this->mdb->get_comment_snippet($postID, $cRow->id, 2);
         $dateCommented = convert_datetime($cRow->date_posted);
         $items[] = array('id' => $cRow->id, 'actor_id' => $cRow->user_id, 'actor_name' => $cRow->actor_name, 'replies' => $cRow->comments, 'reply_snippet' => $replyItems, 'shownextcommentslink' => $rQuery->num_rows() > 1 ? 1 : 0, 'agrees' => $cRow->agrees, 'disagrees' => $cRow->disagrees, 'is_agree' => $cRow->is_agree, 'is_disagree' => $cRow->is_disagree, 'date_commented' => relativedate(strtotime($dateCommented), false), 'comment' => $cRow->comment, 'update_buttons' => $cRow->user_id == $myID || $is_moderator ? 1 : 0);
     }
     return $items;
 }
Example #12
0
<?php

$viewableforums = ForumsWithPermission('forum.viewforum');
$homepage = Settings::get('homepageText');
// timestamp => data
$lastActivity = array();
$maxitems = 10;
$lastposts = Query("\tSELECT\n\t\t\t\t\t\t\tt.(title,forum,lastpostdate,lastpostid),\n\t\t\t\t\t\t\tu.(_userfields)\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t{threads} t\n\t\t\t\t\t\t\tLEFT JOIN {forums} f ON f.id=t.forum\n\t\t\t\t\t\t\tLEFT JOIN {users} u ON u.id=t.lastposter\n\t\t\t\t\t\tWHERE f.id IN ({0c}) AND f.offtopic=0\n\t\t\t\t\t\tORDER BY t.lastpostdate DESC\n\t\t\t\t\t\tLIMIT {1u}", $viewableforums, $maxitems);
while ($lp = Fetch($lastposts)) {
    $user = getDataPrefix($lp, 'u_');
    $tags = ParseThreadTags($lp['t_title']);
    $fmtdate = relativedate($lp['t_lastpostdate']);
    $desc = UserLink($user) . __(' posted in ') . actionLinkTag($tags[0], 'post', $lp['t_lastpostid']);
    $lastActivity[$lp['t_lastpostdate']] = array('description' => $desc, 'formattedDate' => $fmtdate);
}
$bucket = 'lastactivity';
include 'lib/pluginloader.php';
krsort($lastActivity);
$lastActivity = array_slice($lastActivity, 0, $maxitems);
RenderTemplate('homepage', array('homepage' => $homepage, 'lastactivity' => $lastActivity));
$rFora = Query("select * from {forums} where id = {0}", Settings::get('newsForum'));
if (NumRows($rFora)) {
    $forum = Fetch($rFora);
    if (!HasPermission('forum.viewforum', $forum['id'])) {
        return;
    }
} else {
    return;
}
$fid = $forum['id'];
$total = $forum['numthreads'];
Example #13
0
if ($realFrom < 0) {
    $realLen += $realFrom;
    $realFrom = 0;
}
$rComments = Query("SELECT\n\t\tu.(_userfields),\n\t\tuc.id, uc.cid, uc.text, uc.date\n\t\tFROM {usercomments} uc\n\t\tLEFT JOIN {users} u ON u.id = uc.cid\n\t\tWHERE uc.uid={0}\n\t\tORDER BY uc.date ASC LIMIT {1u},{2u}", $id, $realFrom, $realLen);
$pagelinks = PageLinksInverted(actionLink("profile", $id, "from=", $user['name']), $cpp, $from, $total);
$comments = array();
while ($comment = Fetch($rComments)) {
    $cmt = array();
    $deleteLink = '';
    if ($canDeleteComments || $comment['cid'] == $loguserid && HasPermission('user.deleteownusercomments')) {
        $deleteLink = "<small style=\"float: right; margin: 0px 4px;\">" . actionLinkTag("&#x2718;", "profile", $id, "action=delete&cid=" . $comment['id'] . "&token={$loguser['token']}") . "</small>";
    }
    $cmt['deleteLink'] = $deleteLink;
    $cmt['userlink'] = UserLink(getDataPrefix($comment, 'u_'));
    $cmt['formattedDate'] = relativedate($comment['date']);
    $cmt['text'] = CleanUpPost($comment['text']);
    $comments[] = $cmt;
}
$commentField = '';
if ($canComment) {
    $commentField = "\n\t\t<form name=\"commentform\" method=\"post\" action=\"" . htmlentities(actionLink("profile")) . "\">\n\t\t\t<input type=\"hidden\" name=\"id\" value=\"{$id}\">\n\t\t\t<input type=\"text\" name=\"text\" style=\"width: 80%;\" maxlength=\"255\">\n\t\t\t<input type=\"submit\" name=\"actionpost\" value=\"" . __("Post") . "\">\n\t\t\t<input type=\"hidden\" name=\"token\" value=\"{$loguser['token']}\">\n\t\t</form>";
}
RenderTemplate('profile', array('username' => htmlspecialchars($uname), 'userlink' => UserLink($user), 'profileParts' => $profileParts, 'comments' => $comments, 'commentField' => $commentField, 'pagelinks' => $pagelinks));
if (!$mobileLayout) {
    $previewPost['text'] = Settings::get("profilePreviewText");
    $previewPost['num'] = 0;
    $previewPost['id'] = 0;
    foreach ($user as $key => $value) {
        $previewPost['u_' . $key] = $value;
    }
Example #14
0
 private function processItems($query)
 {
     $items = array();
     foreach ($query->result() as $row) {
         $dateAdded = convert_datetime($row->date_added);
         $icon = 'file';
         /* file configs */
         $music = array('.mp3', '.mid', '.ogg', '.wav', '.amr', '.ac3', '.wma');
         $images = array('.jpg', '.jpeg', '.gif', '.png');
         $videos = array('.mp4', '.flv', '.mkv', '.avi', '.wmv', '.3gp', '.mov');
         $txt = array('.txt', '.rtf');
         $excel = array('.xls', '.xlsx');
         $word = array('.doc', '.docx');
         $powerpoint = array('.ppt', '.pptx');
         $archives = array('.zip', '.rar', '.gz', '.7z', '.gzip');
         if ($row->attachment_type == 'file') {
             $ext = strtolower($row->extension);
             if (in_array($ext, $music)) {
                 $icon = 'file-music';
             }
             if (in_array($ext, $videos)) {
                 $icon = 'file-video';
             }
             if (in_array($ext, $images)) {
                 $icon = 'file-php';
             }
             if (in_array($ext, $txt)) {
                 $icon = 'text';
             }
             if (in_array($ext, $word)) {
                 $icon = 'file-word';
             }
             if (in_array($ext, $excel)) {
                 $icon = 'file-excel';
             }
             if (in_array($ext, $powerpoint)) {
                 $icon = 'file-power-point';
             }
             if (in_array($ext, $archives)) {
                 $icon = 'zip';
             }
             if ($ext == '.pdf') {
                 $icon = 'file-pdf';
             }
         } else {
             $icon = 'folder';
         }
         $items[] = array('id' => $row->id, 'attachment_type' => strtolower($row->attachment_type), 'uploader_id' => $row->uploader, 'uploader_name' => $row->uploader_name, 'filename' => $row->filename, 'filesize' => format_filesize($row->filesize), 'uploaded' => relativedate(strtotime($dateAdded), false), 'icon' => $icon);
     }
     return $items;
 }
function dag_manage()
{
    page_header("Dag's Bounty Lists");
    require_once "lib/superusernav.php";
    superusernav();
    // Add some bounty expiration for closed bounties
    $sql = "DELETE FROM " . db_prefix("bounty") . " WHERE status=1 AND windate <'" . date("Y-m-d H:i:s", strtotime("-" . getsetting("expirecontent", 180) / 10 . " days")) . "'";
    db_query($sql);
    addnav("Actions");
    addnav("A?View All Bounties", "runmodule.php?module=dag&manage=true&op=viewbounties&type=1&sort=1&dir=1&admin=true");
    addnav("O?View Open Bounties", "runmodule.php?module=dag&manage=true&op=viewbounties&type=2&sort=1&dir=1&admin=true");
    addnav("C?View Closed Bounties", "runmodule.php?module=dag&manage=true&op=viewbounties&type=3&sort=1&dir=1&admin=true");
    addnav("R?Refresh List", "runmodule.php?module=dag&manage=true&admin=true");
    rawoutput("<form action='runmodule.php?module=dag&manage=true&op=viewbounties&type=search&admin=true' method='POST'>");
    addnav("", "runmodule.php?module=dag&manage=true&op=viewbounties&type=search&admin=true");
    output("Setter: ");
    rawoutput("<input name='setter' value=\"" . htmlentities(stripslashes(httppost('setter'))) . "\">");
    output(" Winner: ");
    rawoutput("<input name='getter' value=\"" . htmlentities(stripslashes(httppost('getter'))) . "\">");
    output(" Target: ");
    rawoutput("<input name='target' value=\"" . htmlentities(stripslashes(httppost('target'))) . "\">");
    output_notl("`n");
    output("Order by: ");
    $id = translate_inline("ID");
    $amt = translate_inline("Amount");
    $targ = translate_inline("Target");
    $set = translate_inline("Setter");
    $sdate = translate_inline("Set Date");
    $stat = translate_inline("Status");
    $win = translate_inline("Winner");
    $wdate = translate_inline("Win Date");
    $desc = translate_inline("Descending");
    $asc = translate_inline("Ascending");
    $search = translate_inline("Search");
    rawoutput("<select name='s'>\r\n\t\t<option value='1'" . (httppost('s') == '1' ? " selected" : "") . ">{$id}</option>\r\n\t\t<option value='2'" . (httppost('s') == '2' ? " selected" : "") . ">{$amt}</option>\r\n\t\t<option value='3'" . (httppost('s') == '3' ? " selected" : "") . ">{$targ}</option>\r\n\t\t<option value='4'" . (httppost('s') == '4' ? " selected" : "") . ">{$set}</option>\r\n\t\t<option value='5'" . (httppost('s') == '5' ? " selected" : "") . ">{$sdate}</option>\r\n\t\t<option value='6'" . (httppost('s') == '6' ? " selected" : "") . ">{$stat}</option>\r\n\t\t<option value='7'" . (httppost('s') == '7' ? " selected" : "") . ">{$win}</option>\r\n\t\t<option value='8'" . (httppost('s') == '8' ? " selected" : "") . ">{$wdate}</option>\r\n\t\t</select>");
    rawoutput("<input type='radio' name='d' value='1'" . (httppost('d') == 1 ? " checked" : "") . "> {$desc}");
    rawoutput("<input type='radio' name='d' value='2'" . (httppost('d') == 1 ? "" : " checked") . "> {$asc}");
    output_notl("`n");
    rawoutput("<input type='submit' class='button' value='{$search}'>");
    rawoutput("</form>");
    $op = httpget('op');
    if ($op == "") {
        // ***ADDED***
        // By Andrew Senger
        // Adding for new Bounty Code
        output_notl("`n`n");
        output("`c`bThe Bounty List`b`c`n");
        $sql = "SELECT bountyid,amount,target,setter,setdate FROM " . db_prefix("bounty") . " WHERE status=0 ORDER BY bountyid ASC";
        $result = db_query($sql);
        rawoutput("<table border=0 cellpadding=2 cellspacing=1 bgcolor='#999999'>");
        $amt = translate_inline("Amount");
        $lev = translate_inline("Level");
        $name = translate_inline("Name");
        $loc = translate_inline("Location");
        $sex = translate_inline("Sex");
        $alive = translate_inline("Alive");
        $last = translate_inline("Last On");
        rawoutput("<tr class='trhead'><td><b>{$amt}</b></td><td><b>{$lev}</b></td><td><b>{$name}</b></td><td><b>{$loc}</b></td><td><b>{$sex}</b></td><td><b>{$alive}</b></td><td><b>{$last}</b></td>");
        $listing = array();
        $totlist = 0;
        for ($i = 0; $i < db_num_rows($result); $i++) {
            $row = db_fetch_assoc($result);
            $amount = (int) $row['amount'];
            $sql = "SELECT name,alive,sex,level,laston,loggedin,lastip,uniqueid FROM " . db_prefix("accounts") . " WHERE acctid={$row['target']}";
            $result2 = db_query($sql);
            if (db_num_rows($result2) == 0) {
                /* this person has been deleted, clear bounties */
                $sql = "UPDATE " . db_prefix("bounty") . " SET status=1 WHERE target={$row['target']}";
                db_query($sql);
                continue;
            }
            $row2 = db_fetch_assoc($result2);
            $yesno = 0;
            for ($j = 0; $j <= $i; $j++) {
                if ($listing[$j]['Name'] == $row2['name']) {
                    $listing[$j]['Amount'] = $listing[$j]['Amount'] + $amount;
                    $yesno = 1;
                }
            }
            if ($yesno == 0) {
                $listing[] = array('Amount' => $amount, 'Level' => $row2['level'], 'Name' => $row2['name'], 'Location' => $row2['location'], 'Sex' => $row2['sex'], 'Alive' => $row2['alive'], 'LastOn' => $row2['laston']);
                $totlist = $totlist + 1;
            }
        }
        usort($listing, 'dag_sortbounties');
        for ($i = 0; $i < $totlist; $i++) {
            rawoutput("<tr class='" . ($i % 2 ? "trdark" : "trlight") . "'><td>");
            output_notl("`^%s`0", $listing[$i]['Amount']);
            rawoutput("</td><td>");
            output_notl("`^%s`0", $listing[$i]['Level']);
            rawoutput("</td><td>");
            output_notl("`^%s`0", $listing[$i]['Name']);
            rawoutput("</td><td>");
            output($loggedin ? "`#Online`0" : $listing[$i]['Location']);
            rawoutput("</td><td>");
            output($listing[$i]['Sex'] ? "`!Female`0" : "`!Male`0");
            rawoutput("</td><td>");
            output($listing[$i]['Alive'] ? "`1Yes`0" : "`4No`0");
            rawoutput("</td><td>");
            $laston = relativedate($listing[$i]['LastOn']);
            if ($loggedin) {
                $laston = translate_inline("Now");
            }
            output_notl("%s", $laston);
            rawoutput("</td></tr>");
        }
        rawoutput("</table>");
        output("`n`n`c`bAdd Bounty`b`c`n");
        rawoutput("<form action='runmodule.php?module=dag&manage=true&op=addbounty&admin=true' method='POST'>");
        output("`2Target: ");
        rawoutput("<input name='contractname'>");
        output_notl("`n");
        output("`2Amount to Place: ");
        rawoutput("<input name='amount' id='amount' width='5'>");
        output_notl("`n`n");
        $final = translate_inline("Finalize Contract");
        rawoutput("<input type='submit' class='button' value='{$final}'>");
        rawoutput("</form>");
        addnav("", "runmodule.php?module=dag&manage=true&op=addbounty&admin=true");
    } else {
        if ($op == "addbounty") {
            if (httpget('subfinal') == 1) {
                $sql = "SELECT acctid,name,login,level,locked,age,dragonkills,pk,experience FROM " . db_prefix("accounts") . " WHERE name='" . addslashes(rawurldecode(stripslashes(httppost('contractname')))) . "' AND locked=0";
            } else {
                $contractname = stripslashes(rawurldecode(httppost('contractname')));
                $name = "%";
                for ($x = 0; $x < strlen($contractname); $x++) {
                    $name .= substr($contractname, $x, 1) . "%";
                }
                $sql = "SELECT acctid,name,login,level,locked,age,dragonkills,pk,experience FROM " . db_prefix("accounts") . " WHERE name LIKE '" . addslashes($name) . "' AND locked=0";
            }
            $result = db_query($sql);
            if (db_num_rows($result) == 0) {
                output("No one by that name!");
            } elseif (db_num_rows($result) > 100) {
                output("Too many names!");
            } elseif (db_num_rows($result) > 1) {
                output("Select the correct name:`n");
                rawoutput("<form action='runmodule.php?module=dag&manage=true&op=addbounty&subfinal=1&admin=true' method='POST'>");
                output("`2Target: ");
                rawoutput("<select name='contractname'>");
                for ($i = 0; $i < db_num_rows($result); $i++) {
                    $row = db_fetch_assoc($result);
                    rawoutput("<option value=\"" . rawurlencode($row['name']) . "\">" . full_sanitize($row['name']) . "</option>");
                }
                rawoutput("</select>");
                output_notl("`n`n");
                $amount = httppost('amount');
                output("`2Amount to Place: ");
                rawoutput("<input name='amount' id='amount' width='5' value='{$amount}'>");
                output_notl("`n`n");
                $final = translate_inline("Finalize Contract");
                rawoutput("<input type='submit' class='button' value='{$final}'>");
                rawoutput("</form>");
                addnav("", "runmodule.php?module=dag&manage=true&op=addbounty&subfinal=1");
            } else {
                // Now, we have just the one, so check it.
                $row = db_fetch_assoc($result);
                if ($row['locked']) {
                    output("Target is a locked user.");
                }
                $amt = (int) httppost('amount');
                if ($amt <= 0) {
                    output("That bounty value make no sense.");
                } else {
                    // All good!
                    $sql = "INSERT INTO " . db_prefix("bounty") . " (amount, target, setter, setdate) VALUES ({$amt}, " . $row['acctid'] . ", 0, '" . date("Y-m-d H:i:s") . "')";
                    db_query($sql);
                    output("Bounty added!");
                }
            }
        } else {
            if ($op == "viewbounties") {
                $type = httpget('type');
                $sort = httpget('sort');
                $dir = httpget('dir');
                output("`c`bThe Bounty List`b`c`n");
                if ($type == 1) {
                    output("`c`bViewing: `3All Bounties`b`c");
                } elseif ($type == 2) {
                    output("`c`bViewing: `3Open Bounties`b`c");
                } elseif ($type == 3) {
                    output("`c`bViewing: `3Closed Bounties`b`c");
                }
                addnav("Sorting");
                if ($sort == 1 && $dir == 1) {
                    addnav("1?By BountyID - Asc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=1&dir=2&admin=true");
                    output("`c`bSorting By: `3BountyID - Desc`b`c`n`n");
                } elseif ($sort == 1 && $dir == 2) {
                    addnav("1?By BountyID - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=1&dir=1&admin=true");
                    output("`c`bSorting By: `3BountyID - Asc`b`c`n`n");
                } else {
                    addnav("1?By BountyID - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=1&dir=1&admin=true");
                }
                if ($sort == 2 && $dir == 1) {
                    addnav("2?By Amount - Asc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=2&dir=2&admin=true");
                    output("`c`bSorting By: `3Amount - Desc`b`c`n`n");
                } elseif ($sort == 2 && $dir == 2) {
                    addnav("2?By Amount - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=2&dir=1&admin=true");
                    output("`c`bSorting By: `3Amount - Asc`b`c`n`n");
                } else {
                    addnav("2?By Amount - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=2&dir=1&admin=true");
                }
                if ($sort == 3 && $dir == 1) {
                    addnav("3?By Target - Asc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=3&dir=2&admin=true");
                    output("`c`bSorting By: `3Target - Desc`b`c`n`n");
                } elseif ($sort == 3 && $dir == 2) {
                    addnav("3?By Target - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=3&dir=1&admin=true");
                    output("`c`bSorting By: `3Target - Asc`b`c`n`n");
                } else {
                    addnav("3?By Target - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=3&dir=1&admin=true");
                }
                if ($sort == 4 && $dir == 1) {
                    addnav("4?By Setter - Asc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=4&dir=2&admin=true");
                    output("`c`bSorting By: `3Setter - Desc`b`c`n`n");
                } elseif ($sort == 4 && $dir == 2) {
                    addnav("4?By Setter - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=4&dir=1&admin=true");
                    output("`c`bSorting By: `3Setter - Asc`b`c`n`n");
                } else {
                    addnav("4?By Setter - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=4&dir=1&admin=true");
                }
                if ($sort == 5 && $dir == 1) {
                    addnav("5?By Set Date - Asc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=5&dir=2&admin=true");
                    output("`c`bSorting By: `3Set Date - Desc`b`c`n`n");
                } elseif ($sort == 5 && $dir == 2) {
                    addnav("5?By Set Date - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=5&dir=1&admin=true");
                    output("`c`bSorting By: `3Set Date - Asc`b`c`n`n");
                } else {
                    addnav("5?By Set Date - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=5&dir=1&admin=true");
                }
                if ($type == 1) {
                    if ($sort == 6 && $dir == 1) {
                        addnav("6?By Status - Asc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=6&dir=2&admin=true");
                        output("`c`bSorting By: `3Status - Desc`b`c`n`n");
                    } elseif ($sort == 6 && $dir == 2) {
                        addnav("6?By Status - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=6&dir=1&admin=true");
                        output("`c`bSorting By: `3Status - Asc`b`c`n`n");
                    } else {
                        addnav("6?By Status - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=6&dir=1&admin=true");
                    }
                }
                if ($type == 1 || $type == 3) {
                    if ($sort == 7 && $dir == 1) {
                        addnav("7?By Winner - Asc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=7&dir=2&admin=true");
                        output("`c`bSorting By: `3Winner - Desc`b`c`n`n");
                    } elseif ($sort == 7 && $dir == 2) {
                        addnav("7?By Winner - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=7&dir=1&admin=true");
                        output("`c`bSorting By: `3Winner - Asc`b`c`n`n");
                    } else {
                        addnav("7?By Winner - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=7&dir=1&admin=true");
                    }
                    if ($sort == 8 && $dir == 1) {
                        addnav("8?By Win Date - Asc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=8&dir=2&admin=true");
                        output("`c`bSorting By: `3Win Date - Desc`b`c`n`n");
                    } elseif ($sort == 8 && $dir == 2) {
                        addnav("8?By Win Date - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=8&dir=1&admin=true");
                        output("`c`bSorting By: `3Win Date - Asc`b`c`n`n");
                    } else {
                        addnav("8?By Win Date - Desc", "runmodule.php?module=dag&manage=true&op=viewbounties&type=" . $type . "&sort=8&dir=1&admin=true");
                    }
                }
                addnav("Return to Bounty Home", "runmodule.php?module=dag&manage=true&op=bounties&admin=true");
                switch ($type) {
                    case 1:
                        $t = "";
                        break;
                    case 2:
                        $t = " WHERE status=0";
                        break;
                    case 3:
                        $t = " WHERE status=1";
                        break;
                }
                switch ($sort) {
                    case 1:
                        $s = " ORDER BY bountyid";
                        break;
                    case 2:
                        $s = " ORDER BY amount";
                        break;
                    case 3:
                        $s = " ORDER BY target";
                        break;
                    case 4:
                        $s = " ORDER BY setter";
                        break;
                    case 5:
                        $s = " ORDER BY setdate";
                        break;
                    case 6:
                        $s = " ORDER BY status";
                        break;
                    case 7:
                        $s = " ORDER BY winner";
                        break;
                    case 8:
                        $s = " ORDER BY windate";
                        break;
                }
                switch ($dir) {
                    case 1:
                        $d = " DESC";
                        break;
                    case 2:
                        $d = " ASC";
                        break;
                }
                //override those options in favor of the search form if it exists
                if ($type == 'search') {
                    switch (httppost('s')) {
                        case 1:
                            $s = " ORDER BY bountyid";
                            break;
                        case 2:
                            $s = " ORDER BY amount";
                            break;
                        case 3:
                            $s = " ORDER BY target";
                            break;
                        case 4:
                            $s = " ORDER BY setter";
                            break;
                        case 5:
                            $s = " ORDER BY setdate";
                            break;
                        case 6:
                            $s = " ORDER BY status";
                            break;
                        case 7:
                            $s = " ORDER BY winner";
                            break;
                        case 8:
                            $s = " ORDER BY windate";
                            break;
                    }
                    switch (httppost('d')) {
                        case 1:
                            $d = " DESC";
                            break;
                        case 2:
                            $d = " ASC";
                            break;
                    }
                    $t = "";
                    if (httppost('setter') > '') {
                        if ($t > "") {
                            $t .= " AND";
                        }
                        $a = httppost('setter');
                        $setter = "%";
                        for ($i = 0; $i < strlen($a); $i++) {
                            $setter .= $a[$i] . "%";
                        }
                        $sql = "SELECT acctid FROM " . db_prefix("accounts") . " WHERE name LIKE '{$setter}'";
                        $result = db_query($sql);
                        $ids = array();
                        while ($row = db_fetch_assoc($result)) {
                            array_push($ids, $row['acctid']);
                        }
                        if (count($ids) == 0) {
                            $ids[0] = 0;
                        }
                        $t .= " setter IN (" . join(",", $ids) . ")";
                    }
                    if (httppost('getter') > '') {
                        if ($t > "") {
                            $t .= " AND";
                        }
                        $a = httppost('getter');
                        $getter = "%";
                        for ($i = 0; $i < strlen($a); $i++) {
                            $getter .= $a[$i] . "%";
                        }
                        $sql = "SELECT acctid FROM " . db_prefix("accounts") . " WHERE name LIKE '{$getter}'";
                        $result = db_query($sql);
                        $ids = array();
                        while ($row = db_fetch_assoc($result)) {
                            array_push($ids, $row['acctid']);
                        }
                        if (count($ids) == 0) {
                            $ids[0] = 0;
                        }
                        $t .= " winner IN (" . join(",", $ids) . ")";
                    }
                    if (httppost('target') > '') {
                        if ($t > "") {
                            $t .= " AND";
                        }
                        $a = httppost('target');
                        $target = "%";
                        for ($i = 0; $i < strlen($a); $i++) {
                            $target .= $a[$i] . "%";
                        }
                        $sql = "SELECT acctid FROM " . db_prefix("accounts") . " WHERE name LIKE '{$target}'";
                        $result = db_query($sql);
                        $ids = array();
                        while ($row = db_fetch_assoc($result)) {
                            array_push($ids, $row['acctid']);
                        }
                        if (count($ids) == 0) {
                            $ids[0] = 0;
                        }
                        $t .= " target IN (" . join(",", $ids) . ")";
                    }
                    if ($t > "") {
                        $t = " WHERE" . $t;
                    }
                }
                $sql = "SELECT bountyid,amount,target,setter,setdate,status,winner,windate FROM " . db_prefix("bounty") . $t . $s . $d;
                $result = db_query($sql);
                rawoutput("<table border=0 cellpadding=2 cellspacing=1 bgcolor='#999999'>");
                $id = translate_inline("ID");
                $amt = translate_inline("Amt");
                $targ = translate_inline("Target");
                $set = translate_inline("Setter");
                $sdate = translate_inline("Set Date/Time");
                $stat = translate_inline("Status");
                $win = translate_inline("Winner");
                $wdate = translate_inline("Win Date/Time");
                $ops = translate_inline("Ops");
                rawoutput("<tr class='trhead'><td><b>{$id}</b></td><td><b>{$amt}</b></td><td><b>{$targ}</b></td><td><b>{$set}</b></td><td><b>{$sdate}</b></td><td><b>{$stat}</b></td><td><b>{$win}</b></td><td><b>{$wdate}</b></td><td>{$ops}</td></tr>");
                for ($i = 0; $i < db_num_rows($result); $i++) {
                    $row = db_fetch_assoc($result);
                    if ($row['target'] == 0) {
                        $target['name'] = translate_inline("`2Green Dragon");
                    } else {
                        $sql = "SELECT name FROM " . db_prefix("accounts") . " WHERE acctid=" . (int) $row['target'];
                        $result2 = db_query($sql);
                        if (db_num_rows($result2) == 0) {
                            $target['name'] = translate_inline("`4Deleted Character");
                        } else {
                            $target = db_fetch_assoc($result2);
                        }
                    }
                    if ($row['setter'] == 0) {
                        $setter['name'] = translate_inline("`2Green Dragon");
                    } else {
                        $sql = "SELECT name FROM " . db_prefix("accounts") . " WHERE acctid=" . (int) $row['setter'];
                        $result3 = db_query($sql);
                        if (db_num_rows($result3) == 0) {
                            $setter['name'] = translate_inline("`4Deleted Character");
                        } else {
                            $setter = db_fetch_assoc($result3);
                        }
                    }
                    $winner['name'] = "";
                    if ($row['winner'] == 0 && $row['status'] == 1) {
                        $winner['name'] = translate_inline("`2Green Dragon");
                    } elseif ($row['status'] == 1) {
                        $sql = "SELECT name FROM " . db_prefix("accounts") . " WHERE acctid=" . (int) $row['winner'];
                        $result4 = db_query($sql);
                        if (db_num_rows($result4) == 0) {
                            $winner['name'] = translate_inline("`2Deleted Character");
                        } else {
                            $winner = db_fetch_assoc($result4);
                        }
                    }
                    rawoutput("<tr class='" . ($i % 2 ? "trdark" : "trlight") . "'><td>");
                    output_notl("`^%s`0", $row['bountyid']);
                    rawoutput("</td><td>");
                    output_notl("`^%s`0", $row['amount']);
                    rawoutput("</td><td>");
                    output_notl("`&%s`0", $target['name']);
                    rawoutput("</td><td>");
                    output_notl("`^%s`0", $setter['name']);
                    rawoutput("</td><td>");
                    output_notl("`^%s`0", $row['setdate']);
                    rawoutput("</td><td>");
                    output($row['status'] == 0 ? "`^Open`0" : "`^Closed`0");
                    rawoutput("</td><td>");
                    output_notl("`^%s`0", $winner['name']);
                    rawoutput("</td><td>");
                    output_notl("`^%s`0", $row['status'] ? $row['windate'] : "");
                    rawoutput("</td><td>");
                    if ($row['status'] == 0) {
                        $link = "runmodule.php?module=dag&manage=true&op=closebounty&id={$row['bountyid']}&admin=true";
                        $close = translate_inline("Close");
                        rawoutput("<a href=\"{$link}\">{$close}</a>");
                        addnav("", $link);
                    } else {
                        rawoutput("&nbsp;");
                    }
                    rawoutput("</td></tr>");
                }
                rawoutput("</table>");
            } else {
                if ($op == "closebounty") {
                    $windate = date("Y-m-d H:i:s");
                    $bountyid = (int) httpget('id');
                    $sql = "UPDATE " . db_prefix("bounty") . " SET status=1,winner=0,windate=\"{$windate}\" WHERE bountyid={$bountyid}";
                    db_query($sql);
                    output("Bounty closed.");
                    // ***END ADD***
                }
            }
        }
    }
    page_footer();
}
function letteropener_run()
{
    global $session;
    page_header("Letter opener");
    require_once "common.php";
    require_once "lib/systemmail.php";
    require_once "lib/sanitize.php";
    require_once "lib/http.php";
    $maildb = "mail";
    if (get_module_setting("outbox")) {
        $maildb = "mailoutbox";
    }
    $op = httpget('op');
    $order = "acctid";
    if ($sort != "") {
        $order = "{$sort}";
    }
    $display = 0;
    $query = httppost('q');
    if ($query === false) {
        $query = httpget('q');
    }
    addnav("Back to the grotto", "superuser.php");
    addnav(array("Show last %s YOMs", get_module_setting("num")), "runmodule.php?module=letteropener&op=lastfew");
    if ($op == "read") {
        $id = httpget('id');
        $sql = "SELECT msgfrom,msgto from " . db_prefix($maildb) . " where messageid=\"" . $id . "\"";
        $result = db_query($sql);
        $row = db_fetch_assoc($result);
        $acctid = $row['msgto'];
        $sqlz = "SELECT login from " . db_prefix("accounts") . " where acctid=\"" . $acctid . "\"";
        $result = db_query($sqlz);
        $rowz = db_fetch_assoc($result);
        $login = $rowz['login'];
        addnav("Read Someone else's mail", "runmodule.php?module=letteropener");
        //addnav("~");
        addnav(array("All YOMs to %s", $login), "runmodule.php?module=letteropener&op=to&to={$login}");
        addnav(array("All YOMs from %s", $login), "runmodule.php?module=letteropener&op=from&from={$login}");
        $sql = "SELECT " . db_prefix($maildb) . ".*," . db_prefix("accounts") . ".name,login FROM " . db_prefix($maildb) . " LEFT JOIN " . db_prefix("accounts") . " ON " . db_prefix("accounts") . ".acctid=" . db_prefix($maildb) . ".msgfrom WHERE msgto=\"" . $acctid . "\" AND messageid=\"" . $id . "\"";
        $result = db_query($sql);
        if (db_num_rows($result) > 0) {
            $row = db_fetch_assoc($result);
            tlschema("mail");
            if ((int) $row['msgfrom'] == 0) {
                $row['name'] = translate_inline("`i`^System`0`i");
                if (is_array(unserialize($row['subject']))) {
                    $row['subject'] = unserialize($row['subject']);
                    $row['subject'] = call_user_func_array("sprintf_translate", $row['subject']);
                }
                if (is_array(unserialize($row['body']))) {
                    $row['body'] = unserialize($row['body']);
                    $row['body'] = call_user_func_array("sprintf_translate", $row['body']);
                }
            }
            tlschema();
            if (!$row['seen']) {
                output("`b`#NEW`b`n");
            } else {
                output("`n");
            }
            if ((int) $row['msgfrom'] != 0) {
                addnav("Or");
                //$othername=$row['msgfrom'];
                //$sql="select login from ".db_prefix("accounts")." where acctid=$othername";
                //$result = db_query($sql);
                $othername = $row['login'];
                addnav(array("All YOMs to %s", $othername), "runmodule.php?module=letteropener&op=to&to={$othername}");
                addnav(array("All YOMs from %s", $othername), "runmodule.php?module=letteropener&op=from&from={$othername}");
            }
            output("`b`2From:`b `^%s`n", $row['name']);
            output("`b`2Subject:`b `^%s`n", $row['subject']);
            output("`b`2Sent:`b `^%s`n", $row['sent']);
            output_notl("<hr>`n", true);
            output_notl(str_replace("\n", "`n", $row['body']));
            output_notl("`n<hr>`n", true);
            rawoutput("<table width='50%' border='0' cellpadding='0' cellspacing='5'><tr>");
            rawoutput("<td align='right'>&nbsp;</td>");
            rawoutput("</tr><tr>");
            $sql = "SELECT messageid FROM " . db_prefix($maildb) . " WHERE msgto='{$acctid}' AND messageid < '{$id}' ORDER BY messageid DESC LIMIT 1";
            $result = db_query($sql);
            if (db_num_rows($result) > 0) {
                $row = db_fetch_assoc($result);
                $pid = $row['messageid'];
            } else {
                $pid = 0;
            }
            $sql = "SELECT messageid FROM " . db_prefix($maildb) . " WHERE msgto='{$acctid}' AND messageid > '{$id}' ORDER BY messageid  LIMIT 1";
            $result = db_query($sql);
            if (db_num_rows($result) > 0) {
                $row = db_fetch_assoc($result);
                $nid = $row['messageid'];
            } else {
                $nid = 0;
            }
            $prev = translate_inline("< Previous");
            $next = translate_inline("Next >");
            rawoutput("<td nowrap='true'>");
            if ($pid > 0) {
                rawoutput("<a href='runmodule.php?module=letteropener&op=read&id={$pid}' class='motd'>" . htmlentities($prev) . "</a>");
                addnav("", "runmodule.php?module=letteropener&op=read&id={$pid}");
            } else {
                rawoutput(htmlentities($prev));
            }
            rawoutput("</td><td nowrap='true'>");
            if ($nid > 0) {
                rawoutput("<a href='runmodule.php?module=letteropener&op=read&id={$nid}' class='motd'>" . htmlentities($next) . "</a>");
                addnav("", "runmodule.php?module=letteropener&op=read&id={$nid}");
            } else {
                rawoutput(htmlentities($next));
            }
            rawoutput("</td>");
            rawoutput("</tr></table>");
        }
    } elseif ($op == "lastfew") {
        output("Here are the last %s non-system YOMs", get_module_setting("num"));
        $sql = "select * from " . db_prefix($maildb) . " where msgfrom>0 ORDER BY messageid DESC limit " . get_module_setting("num") . "";
        $res = db_query($sql);
        $to = translate_inline("To");
        $from = translate_inline("From");
        require_once "lib/sanitize.php";
        for ($i = 0; $i < db_num_rows($res); $i++) {
            $row = db_fetch_assoc($res);
            $sql2 = "select name from " . db_prefix("accounts") . " where acctid=" . $row['msgto'] . "";
            $res2 = db_query($sql2);
            $row2 = db_fetch_assoc($res2);
            $toname = color_sanitize($row2['name']);
            $sql3 = "select name from " . db_prefix("accounts") . " where acctid=" . $row['msgfrom'] . "";
            $res3 = db_query($sql3);
            $row3 = db_fetch_assoc($res3);
            $fromname = color_sanitize($row3['name']);
            rawoutput("<table border=1 width=100%><tr><td>{$from} :{$fromname} - " . date("M d, h:i a", strtotime($row['sent'])) . " - {$to} : {$toname}</td></tr><tr><td>" . $row['body'] . "</td></tr></table><br>");
        }
    } elseif ($op == "") {
        output("Whose mail would you like to read?`n");
        rawoutput("<form action='runmodule.php?module=letteropener' method='POST'>");
        rawoutput("<input name='q' id='q'>");
        $se = translate_inline("Search");
        rawoutput("<input type='submit' class='button' value='{$se}'>");
        rawoutput("</form>");
        rawoutput("<script language='JavaScript'>document.getElementById('q').focus();</script>");
        addnav("", "runmodule.php?module=letteropener");
        $searchresult = false;
        $where = "";
        $op = "";
        $sql = "SELECT acctid,login,name FROM " . db_prefix("accounts");
        if ($query != "") {
            $where = "WHERE login='******' OR name='{$query}'";
            $searchresult = db_query($sql . " {$where}  ORDER BY '{$order}' LIMIT 2");
        }
        if ($query !== false || $searchresult) {
            if (db_num_rows($searchresult) != 1) {
                $where = "WHERE login LIKE '%{$query}%' OR acctid LIKE '%{$query}%' OR name LIKE '%{$query}%' OR emailaddress LIKE '%{$query}%' OR lastip LIKE '%{$query}%' OR uniqueid LIKE '%{$query}%' OR gentimecount LIKE '%{$query}%' OR level LIKE '%{$query}%'";
                $searchresult = db_query($sql . " {$where}  ORDER BY '{$order}' LIMIT 101");
            }
            if (db_num_rows($searchresult) <= 0) {
                output("`\$No results found`0");
                $where = "";
            } elseif (db_num_rows($searchresult) > 100) {
                output("`\$Too many results found, narrow your search please.`0");
                $op = "";
                $where = "";
            } else {
                $op = "";
                $display = 1;
            }
        }
        if ($display == 1) {
            $q = "";
            if ($query) {
                $q = "&q={$query}";
            }
            $acid = translate_inline("AcctID");
            $login = translate_inline("Login");
            $nm = translate_inline("Name");
            $rn = 0;
            $oorder = "";
            while ($row = db_fetch_assoc($searchresult)) {
                $laston = relativedate($row['laston']);
                $loggedin = date("U") - strtotime($row['laston']) < getsetting("LOGINTIMEOUT", 900) && $row['loggedin'];
                if ($loggedin) {
                    $laston = translate_inline("`#Online`0");
                }
                $row['laston'] = $laston;
                if ($row[$order] != $oorder) {
                    $rn++;
                }
                $oorder = $row[$order];
                rawoutput("<table align=center border=1 width=350>");
                rawoutput("<tr class='trhead'><td>{$acid}: ");
                output_notl("`&%s`0", $row['acctid'], true);
                rawoutput("</td><td>{$login}: ");
                output_notl("`&%s`0", $row['login'], true);
                rawoutput("</td>");
                rawoutput("<td rowspan=2 align=left nowrap>");
                addnav("", "runmodule.php?module=letteropener&op=to&to={$row['login']}");
                addnav("", "runmodule.php?module=letteropener&op=from&from={$row['login']}");
                $to = translate_inline("All messages `#to`& this person");
                $from = translate_inline("All messages `#from`& this person");
                output_notl("<a href='runmodule.php?module=letteropener&op=to&to={$row['login']}'>`&&#149;%s`7</a>", $to, true);
                rawoutput("<br>");
                output_notl("<a href='runmodule.php?module=letteropener&op=from&from={$row['login']}'>`&&#149;%s`7</a>", $from, true);
                rawoutput("</td></tr><tr><td colspan=2>");
                output_notl("`&%s`7", $row['name'], true);
                rawoutput("</td></tr></table><Br>");
            }
        }
    } elseif ($op == "to") {
        $subject = "";
        $body = "";
        $row = "";
        addnav("Read someone else's mail", "runmodule.php?module=letteropener");
        $to = httpget('to');
        $from = httpget('from');
        if ($to != "") {
            $sql = "SELECT acctid,login,name superuser FROM " . db_prefix("accounts") . " WHERE login=\"{$to}\"";
            $result = db_query($sql);
            $row = db_fetch_assoc($result);
            $sql = "SELECT acctid FROM " . db_prefix("accounts") . " WHERE login='******'login'] . "'";
            $result = db_query($sql);
            $row2 = db_fetch_assoc($result);
            $acctid = $row2['acctid'];
            rawoutput("<table>");
            $session['message'] = "";
            $sql = "SELECT subject,messageid," . db_prefix("accounts") . ".name,msgfrom,seen,sent FROM " . db_prefix($maildb) . " LEFT JOIN " . db_prefix("accounts") . " ON " . db_prefix("accounts") . ".acctid=" . db_prefix($maildb) . ".msgfrom WHERE msgto=\"" . $acctid . "\" ORDER BY sent DESC";
            $result = db_query($sql);
            if (db_num_rows($result) > 0) {
                while ($row = db_fetch_assoc($result)) {
                    tlschema("mail");
                    if ((int) $row['msgfrom'] == 0) {
                        $row['name'] = translate_inline("`i`^System`0`i");
                        if (is_array(unserialize($row['subject']))) {
                            $row['subject'] = unserialize($row['subject']);
                            $row['subject'] = call_user_func_array("sprintf_translate", $row['subject']);
                        }
                    }
                    tlschema();
                    $id = $row['messageid'];
                    output_notl("<tr>", true);
                    output_notl("<td nowrap><img src='images/" . ($row['seen'] ? "old" : "new") . "scroll.GIF' width='16' height='16' alt='" . ($row['seen'] ? "Old" : "New") . "'></td>", true);
                    output_notl("<td><a href='runmodule.php?module=letteropener&op=read&id={$id}&login={$to}'>", true);
                    addnav("", "runmodule.php?module=letteropener&op=read&id={$id}&login={$to}");
                    if (trim($row['subject']) == "") {
                        output("`i(No Subject)`i");
                    } else {
                        output_notl($row['subject']);
                    }
                    output_notl("</a></td><td><a href='runmodule.php?module=letteropener&op=read&id={$id}&login={$to}'>", true);
                    addnav("", "runmodule.php?module=letteropener&op=read&id={$id}&login={$to}");
                    output("- from %s", $row['name']);
                    output_notl("</a></td><td><a href='runmodule.php?module=letteropener&op=read&id={$id}&login={$to}'>" . date("M d, h:i a", strtotime($row['sent'])) . "</a></td>", true);
                    addnav("", "runmodule.php?module=letteropener&op=read&id={$id}&login={$to}");
                    output_notl("</tr>", true);
                }
                //}
            } else {
                output("`iThey have no mail.`i");
            }
        } elseif (db_num_rows($result) == 0) {
            output("`@No one was found who matches \"%s\".  ", stripslashes($to));
            $try = translate_inline("Please try again");
            output_notl("<a href='runmodule.php?module=letteropener'>{$try}</a>.", true);
            popup_footer();
            exit;
        } else {
            output_notl("<select name='to' id='to' onChange='check_su_warning();'>", true);
            $superusers = array();
            for ($i = 0; $i < db_num_rows($result); $i++) {
                $row = db_fetch_assoc($result);
                output_notl("<option value=\"" . HTMLEntities($row['login']) . "\">", true);
                output_notl("%s", full_sanitize($row['name']));
                if ($row['superuser'] & SU_GIVES_YOM_WARNING && !($row['superuser'] & SU_OVERRIDE_YOM_WARNING)) {
                    array_push($superusers, $row['login']);
                }
            }
            output_notl("</select>`n", true);
        }
        output_notl("</table>", true);
    } elseif ($op == "from") {
        $subject = "";
        $body = "";
        $row = "";
        addnav("Read someone else's mail", "runmodule.php?module=letteropener");
        $from = httpget('from');
        if ($from != "") {
            $sql = "SELECT acctid,login,name superuser FROM " . db_prefix("accounts") . " WHERE login=\"{$from}\"";
            $result = db_query($sql);
            $row = db_fetch_assoc($result);
            $sql = "SELECT acctid FROM " . db_prefix("accounts") . " WHERE login='******'login'] . "'";
            $result = db_query($sql);
            $row2 = db_fetch_assoc($result);
            $acctid = $row2['acctid'];
            output_notl("<table>", true);
            $session['message'] = "";
            $sql = "SELECT subject,messageid," . db_prefix("accounts") . ".name,msgto,seen,sent FROM " . db_prefix($maildb) . " LEFT JOIN " . db_prefix("accounts") . " ON " . db_prefix("accounts") . ".acctid=" . db_prefix($maildb) . ".msgto WHERE msgfrom=\"" . $acctid . "\" ORDER BY sent DESC";
            $result = db_query($sql);
            if (db_num_rows($result) > 0) {
                for ($i = 0; $i < db_num_rows($result); $i++) {
                    $row = db_fetch_assoc($result);
                    $sql2 = "Select name from " . db_prefix("accounts") . " where acctid=" . $row['msgto'] . "";
                    $result2 = db_query($sql2);
                    $row2 = db_fetch_assoc($result2);
                    $toname = $row2['name'];
                    $id = $row['messageid'];
                    output_notl("<tr>", true);
                    output_notl("<td nowrap><img src='images/" . ($row['seen'] ? "old" : "new") . "scroll.GIF' width='16' height='16' alt='" . ($row['seen'] ? "Old" : "New") . "'></td>", true);
                    output_notl("<td><a href='runmodule.php?module=letteropener&op=read&id={$id}&login={$from}'>", true);
                    if (trim($row['subject']) == "") {
                        output("`i(No Subject)`i");
                    } else {
                        output_notl($row['subject']);
                    }
                    output_notl("</a></td><td><a href='runmodule.php?module=letteropener&op=read&id={$id}&login={$from}'>", true);
                    addnav("", "runmodule.php?module=letteropener&op=read&id={$id}&login={$from}");
                    output("- to %s", $toname);
                    output_notl("</a></td><td><a href='runmodule.php?module=letteropener&op=read&id={$id}&login={$from}'>" . date("M d, h:i a", strtotime($row['sent'])) . "</a></td>", true);
                    output_notl("</tr>", true);
                }
                //}
            } else {
                output("`iThey have not sent any mail.`i");
            }
        } elseif (db_num_rows($result) == 0) {
            output("`@No one was found who matches \"%s\".  ", stripslashes($from));
            $try = translate_inline("Please try again");
            output_notl("<a href='runmodule.php?module=letteropener'>{$try}</a>.", true);
            popup_footer();
            exit;
        } else {
            output_notl("<select name='to' id='to' onChange='check_su_warning();'>", true);
            $superusers = array();
            for ($i = 0; $i < db_num_rows($result); $i++) {
                $row = db_fetch_assoc($result);
                output_notl("<option value=\"" . HTMLEntities($row['login']) . "\">", true);
                output_notl("%s", full_sanitize($row['name']));
                if ($row['superuser'] & SU_GIVES_YOM_WARNING && !($row['superuser'] & SU_OVERRIDE_YOM_WARNING)) {
                    array_push($superusers, $row['login']);
                }
            }
            output_notl("</select>`n", true);
        }
        output_notl("</table>", true);
    }
    page_footer();
}
    output_notl("%s", $row['uniqueid']);
    rawoutput("</td><td>");
    // "43200" used so will basically round to nearest day rather than floor number of days
    $expire = sprintf_translate("%s days", round((strtotime($row['banexpire']) + 43200 - strtotime("now")) / 86400, 0));
    if (substr($expire, 0, 2) == "1 ") {
        $expire = translate_inline("1 day");
    }
    if (date("Y-m-d", strtotime($row['banexpire'])) == date("Y-m-d")) {
        $expire = translate_inline("Today");
    }
    if (date("Y-m-d", strtotime($row['banexpire'])) == date("Y-m-d", strtotime("1 day"))) {
        $expire = translate_inline("Tomorrow");
    }
    if ($row['banexpire'] == "0000-00-00") {
        $expire = translate_inline("Never");
    }
    output_notl("%s", $expire);
    rawoutput("</td><td>");
    output_notl("%s", $row['banreason']);
    rawoutput("</td><td>");
    $file = "user.php?op=removeban&subop=xml&ip={$row['ipfilter']}&id={$row['uniqueid']}";
    rawoutput("<div id='user{$i}'><a href='{$file}' target='_blank' onClick=\"getUserInfo('{$row['ipfilter']}','{$row['uniqueid']}',{$i}); return false;\">");
    output_notl("%s", $showuser, true);
    rawoutput("</a></div>");
    addnav("", $file);
    rawoutput("</td><td>");
    output_notl("%s", relativedate($row['lasthit']));
    rawoutput("</td></tr>");
    $i++;
}
rawoutput("</table>");
Example #18
0
 private function processFeedData($data)
 {
     $items = array();
     $myID = getUserID();
     $temp_item = end($data);
     $is_moderator = false;
     if (isset($temp_item->project_id) && is_numeric($temp_item->project_id)) {
         $is_moderator = validate_access('is_moderator', array('project_id' => $temp_item->project_id, 'user_id' => $myID));
     }
     foreach ($data as $row) {
         //comment snippet
         $commentItems = array();
         if ($row->comments) {
             $query = $this->mdb->get_comment_snippet($row->id, 0, 2);
             foreach ($query->result() as $cRow) {
                 //reply snippet
                 $replyItems = array();
                 if ($cRow->comments) {
                     $rQuery = $this->mdb->get_comment_snippet($row->id, $cRow->id, 1);
                     foreach ($rQuery->result() as $rRow) {
                         $dateCommented = convert_datetime($rRow->date_posted);
                         $replyItems[] = array('id' => $rRow->id, 'actor_id' => $rRow->user_id, 'actor_name' => $rRow->actor_name, 'replies' => $rRow->comments, 'agrees' => $rRow->agrees, 'disagrees' => $rRow->disagrees, 'is_agree' => $rRow->is_agree, 'is_disagree' => $rRow->is_disagree, 'date_commented' => relativedate(strtotime($dateCommented), false), 'comment' => $rRow->comment, 'update_buttons' => $rRow->user_id == $myID || $is_moderator ? 1 : 0);
                     }
                 }
                 $rQuery = $this->mdb->get_comment_snippet($row->id, $cRow->id, 2);
                 $dateCommented = convert_datetime($cRow->date_posted);
                 $commentItems[] = array('id' => $cRow->id, 'actor_id' => $cRow->user_id, 'actor_name' => $cRow->actor_name, 'replies' => $cRow->comments, 'reply_snippet' => $replyItems, 'shownextcommentslink' => $rQuery->num_rows() > 1 ? 1 : 0, 'agrees' => $cRow->agrees, 'disagrees' => $cRow->disagrees, 'is_agree' => $cRow->is_agree, 'is_disagree' => $cRow->is_disagree, 'date_commented' => relativedate(strtotime($dateCommented), false), 'comment' => $cRow->comment, 'update_buttons' => $cRow->user_id == $myID || $is_moderator ? 1 : 0);
             }
         }
         $query = $this->mdb->get_comment_snippet($row->id, 0, 3);
         $datePosted = convert_datetime($row->date_posted);
         /* Attachments Start */
         $attachments = array();
         $aQuery = $this->mdb->get_attachments($temp_item->project_id, $row->id);
         $hx = 0;
         foreach ($aQuery->result() as $aRow) {
             $imgs = array('.gif', '.jpg', '.jpeg', '.png');
             if (in_array(strtolower($aRow->extension), $imgs) && $aRow->deleted_by == 0) {
                 $hx++;
                 $imgW = '';
                 $imgH = '';
                 $fullpath = 'uploads/files/' . $aRow->uploader . '/thumbs/' . $aRow->filepath;
                 if (is_file($fullpath)) {
                     $imgSize = getimagesize($fullpath);
                     $imgW = $imgSize[0];
                     $imgH = $imgSize[1];
                 }
                 $attachments['images'][] = array('id' => $aRow->id, 'filename' => $aRow->filename, 'filesize' => format_filesize($aRow->filesize), 'width' => $imgW, 'height' => $imgH, 'hidden' => $hx > 3 ? 1 : 0);
             } else {
                 $attachments['files'][] = array('id' => $aRow->id, 'filename' => $aRow->filename, 'filesize' => format_filesize($aRow->filesize), 'deleted_by' => $aRow->deleted_by);
             }
         }
         /* Attachments End */
         /* Params */
         $qParam = unserialize($row->params);
         $params = array();
         if ($qParam && is_array($qParam)) {
             foreach ($qParam as $param) {
                 $paramNameQuery = $this->db->get_where("users", array('id' => $param));
                 if ($paramNameQuery->num_rows()) {
                     $paramRow = $paramNameQuery->row();
                     $params[] = array('id' => $paramRow->id, 'name' => $paramRow->display_name);
                 }
             }
         }
         /* Params End */
         $items[] = array('id' => $row->id, 'poster_id' => $row->poster_id, 'poster_picture' => 'pictures/avatar/' . $row->id . '/thumb', 'poster_name' => $row->poster_name, 'post' => sprintf(htmlentities($row->post_message), $row->params), 'agrees' => $row->agrees, 'disagrees' => $row->disagrees, 'comments' => $row->comments, 'comment_snippet' => $commentItems, 'shownextcommentslink' => $query->num_rows() > 2 ? 1 : 0, 'is_agree' => $row->is_agree, 'is_disagree' => $row->is_disagree, 'date_posted' => relativedate(strtotime($datePosted), false), 'timestamp' => strtotime($row->date_modified), 'update_buttons' => $row->poster_id == $myID || $is_moderator ? 1 : 0, 'edit_button' => $row->poster_id == $myID ? 1 : 0, 'attachments' => $attachments, 'params' => $params, 'post_type' => $row->post_type);
     }
     return $items;
 }