message('error', 'Save directory ' . htmlspecialchars($dirs['SaveDir']) . ' does not exist!'); $err = TRUE; } if ($err) { show_upload_form($dirs); } else { $_SESSION['configuration'] = array_merge($_SESSION['configuration'], $dirs); message('notice', 'Configuration changed'); $show_info = TRUE; } } else { $show_info = TRUE; } break; case 'feat_upload': show_upload_form($_SESSION['configuration']); break; case 'feat_security_real': if (isset($_POST['submit_save'])) { $vals = grab_values('blowfish_secret;ForceSSL:bool;ShowPhpInfo:bool;ShowChgPassword:bool;AllowArbitraryServer:bool;LoginCookieRecall:book;LoginCookieValidity:int'); $err = FALSE; if (empty($vals['blowfish_secret'])) { message('warning', 'Blowfish secret is empty, you will not be able to use cookie authentication.'); } if ($vals['AllowArbitraryServer']) { message('warning', 'Arbitrary server connection might be dangerous as it might allow access to internal servers that are not reachable from outside.'); } if (isset($vals['LoginCookieValidity']) && $vals['LoginCookieValidity'] < 1) { message('error', 'Invalid cookie validity time'); $err = TRUE; }
message('error', 'Save directory ' . htmlspecialchars($dirs['SaveDir']) . ' does not exist!'); $err = TRUE; } if ($err) { show_upload_form($dirs); } else { $configuration = array_merge($configuration, $dirs); message('notice', 'Configuration changed'); $show_info = TRUE; } } else { $show_info = TRUE; } break; case 'feat_upload': show_upload_form($configuration); break; case 'feat_security_real': if (isset($_POST['submit_save'])) { $vals = grab_values('blowfish_secret;ForceSSL:bool;ShowPhpInfo:bool;ShowChgPassword:bool;AllowArbitraryServer:bool;LoginCookieRecall:book;LoginCookieValidity:int'); $err = FALSE; if (empty($vals['blowfish_secret'])) { message('warning', 'Blowfish secret is empty, you will not be able to use cookie authentication.'); } if ($vals['AllowArbitraryServer']) { message('warning', 'Arbitrary server connection might be dangerous as it might allow access to internal servers that are not reachable from outside.'); } if (isset($vals['LoginCookieValidity']) && $vals['LoginCookieValidity'] < 1) { message('error', 'Invalid cookie validity time'); $err = TRUE; }
function __wps__activity_stream($uid1='', $version='wall', $limit_from=0, $limit_count=10, $post='', $show_add_comment=true) { // Get button style from extension if available $button_style = __wps__get_extension_button_style(); // version = stream_activity, friends_activity, all_activity // uid1 = the user's page (which we are looking at) // uid2 = the current user // $limit_from (starting post) // $limit_count (how many to show) // $post (individual activity post ID if applicable) global $wpdb,$current_user; if ($uid1 == '') $uid1 = $current_user->ID; $uid2 = $current_user->ID; // Get privacy level for this member's activity $privacy = $uid1 > 0 ? __wps__get_meta($uid1, 'wall_share') : 'public'; $html = ""; $html = apply_filters( '__wps__activity_top', $html, $uid1, $uid2, $version ); if (is_user_logged_in() || $privacy == 'public') { $is_friend = ($uid1 > 0) ? __wps__friend_of($uid1, $current_user->ID) : false; if ( ($uid1 == $uid2) || (is_user_logged_in() && strtolower($privacy) == 'everyone') || (strtolower($privacy) == 'public') || (strtolower($privacy) == 'friends only' && $is_friend) || __wps__get_current_userlevel() == 5) { $profile_page = __wps__get_url('profile'); if ($profile_page[strlen($profile_page)-1] != '/') { $profile_page .= '/'; } $q = __wps__string_query($profile_page); $html .= "<div id='__wps__wall'>"; if ( ( ( ($version == 'stream_activity') && ($uid2 > 0) ) || ( ($limit_from == 0) && ($post == '') && ($uid1 != '') && ( ($uid1 == $uid2) || ($is_friend)) ) && (is_user_logged_in()) ) ) { // Post Comment Input if ($show_add_comment) { if ($uid1 == $uid2) { $whatsup = stripslashes(get_option(WPS_OPTIONS_PREFIX.'_status_label')); $whatsup = str_replace("'", "`", $whatsup); } else { $whatsup = __('Write a comment...', WPS_TEXT_DOMAIN); } $html .= "<div id='symposium_user_id' style='display:none'>".strtolower($current_user->ID)."</div>"; $html .= "<div id='symposium_user_login' style='display:none'>".strtolower($current_user->user_login)."</div>"; $html .= "<div id='symposium_user_email' style='display:none'>".strtolower($current_user->user_email)."</div>"; // Add status surrounding div $html .= '<div id="symposium_add_status">'; // The textarea $html .= '<textarea '; if (get_option(WPS_OPTIONS_PREFIX.'_elastic')) $html .= 'class="elastic" '; $html .= 'id="__wps__comment" onblur="this.value=(this.value==\'\') ? \''.$whatsup.'\' : this.value;" onfocus="this.value=(this.value==\''.$whatsup.'\') ? \'\' : this.value;">'; $html .= $whatsup; $html .= '</textarea>'; if (get_option(WPS_OPTIONS_PREFIX.'_show_buttons')) { $html .= '<input id="__wps__add_comment" type="submit" class="__wps__button" style="'.$button_style.'" value="'.__('Post', WPS_TEXT_DOMAIN).'" /><br />'; } else { $html .= '<br />'; } // Embed YouTube... if (get_option(WPS_OPTIONS_PREFIX."_activity_youtube")) { $html .= '<input type="submit" id="activity_youtube_embed_button" onclick="return false;" class="__wps__button" style="'.$button_style.'" value="'.__('YouTube', WPS_TEXT_DOMAIN).'">'; $html .= '<div id="activity_youtube_embed_id"></div>'; } // Attach an image... if (get_option(WPS_OPTIONS_PREFIX."_activity_images")) { include_once('server/file_upload_include.php'); $html .= show_upload_form( WP_CONTENT_DIR.'/wps-content/members/'.$current_user->ID.'/activity_upload/', WP_CONTENT_URL.'/wps-content/members/'.$current_user->ID.'/activity_upload/', 'activity', __('Add image', WPS_TEXT_DOMAIN), 0, 0, 0, $uid1, $button_style ); } $html .= '</div>'; // End surrounding div } } $html = apply_filters( '__wps__activity_below_whatsup', $html, $uid1, $uid2, $version ); if ($post != '') { $post_cid = 'c.cid = '.$post.' AND '; } else { $post_cid = ''; } // Add groups join if in use if (function_exists('__wps__groups')) { $groups = "LEFT JOIN ".$wpdb->prefix."symposium_groups g ON c.subject_uid = g.gid"; $group_field = ", g.content_private"; } else { $groups = ""; $group_field = ", 'on' as content_private"; } if (WPS_DEBUG) $html .= '$version='.$version.'<br />'; if ($version == "all_activity" || $version == "stream_activity") { $sql = "SELECT c.*, u.display_name, u2.display_name AS subject_name" . $group_field . " FROM ".$wpdb->base_prefix."symposium_comments c LEFT JOIN ".$wpdb->base_prefix."users u ON c.author_uid = u.ID LEFT JOIN ".$wpdb->base_prefix."users u2 ON c.subject_uid = u2.ID " . $groups . " WHERE ( ".$post_cid." c.comment_parent = 0 ) AND c.type != 'photo' ORDER BY c.comment_timestamp DESC LIMIT %d,%d"; $comments = $wpdb->get_results($wpdb->prepare($sql, $limit_from, $limit_count)); } if ($version == "friends_activity") { $sql = "SELECT c.*, u.display_name, u2.display_name AS subject_name" . $group_field . " FROM ".$wpdb->base_prefix."symposium_comments c LEFT JOIN ".$wpdb->base_prefix."users u ON c.author_uid = u.ID LEFT JOIN ".$wpdb->base_prefix."users u2 ON c.subject_uid = u2.ID " . $groups . " WHERE ( ".$post_cid." ( ( (c.subject_uid = %d) OR (c.author_uid = %d) OR (c.subject_uid = %d) OR (c.author_uid = %d) OR ( c.author_uid IN (SELECT friend_to FROM ".$wpdb->base_prefix."symposium_friends WHERE friend_from = %d)) ) AND c.comment_parent = 0 OR ( %d IN (SELECT author_uid FROM ".$wpdb->base_prefix."symposium_comments WHERE comment_parent = c.cid ) AND ( c.author_uid IN (SELECT friend_to FROM ".$wpdb->base_prefix."symposium_friends WHERE friend_from = %d)) ) ) ) AND c.type != 'photo' ORDER BY c.comment_timestamp DESC LIMIT %d,%d"; $comments = $wpdb->get_results($wpdb->prepare($sql, $uid1, $uid1, $uid2, $uid2, $uid1, $uid1, $uid1, $limit_from, $limit_count)); } if ($version == "wall") { $sql = "SELECT c.*, u.display_name, u2.display_name AS subject_name" . $group_field . " FROM ".$wpdb->base_prefix."symposium_comments c LEFT JOIN ".$wpdb->base_prefix."users u ON c.author_uid = u.ID LEFT JOIN ".$wpdb->base_prefix."users u2 ON c.subject_uid = u2.ID " . $groups . " WHERE (".$post_cid." ( ( (c.subject_uid = %d OR c.author_uid = %d) AND c.comment_parent = 0 ) OR ( %d IN (SELECT author_uid FROM ".$wpdb->base_prefix."symposium_comments WHERE comment_parent = c.cid ) ) ) ) AND c.type != 'photo' ORDER BY c.comment_timestamp DESC LIMIT %d,%d"; $comments = $wpdb->get_results($wpdb->prepare($sql, $uid1, $uid1, $uid1, $limit_from, $limit_count)); } if (WPS_DEBUG) $html .= $wpdb->last_query.'<br />'; // Build wall if ($comments) { $cnt = 0; foreach ($comments as $comment) { $continue = true; if (is_user_logged_in() && $version == "friends_activity" && $uid1 != $uid2 && $comment->author_uid == $uid1 && $comment->subject_uid == $uid1) { $sql = "SELECT COUNT(*) FROM ".$wpdb->base_prefix."symposium_comments c WHERE c.comment_parent = %d AND c.is_group != 'on' AND c.author_uid != %d"; if ($wpdb->get_var($wpdb->prepare($sql, $comment->cid, $uid1)) == 0) $continue = false; if (WPS_DEBUG) $html .= $wpdb->last_query.'<br />'; } if ($continue) { if (WPS_DEBUG) $html .= '<br>continue<br>'; $cnt++; $privacy = __wps__get_meta($comment->author_uid, 'wall_share'); if ( ($comment->subject_uid == $uid1) || ($comment->author_uid == $uid1) || (strtolower($privacy) == 'everyone' && $uid2 > 0) || (strtolower($privacy) == 'public') || (strtolower($privacy) == 'friends only' && (__wps__friend_of($comment->author_uid, $uid1) || (__wps__friend_of($comment->author_uid, $uid2) && $version == "stream_activity") ) ) ) { // If a group post and user is not the author we need to check privacy of group settings if ($comment->is_group == 'on' && $comment->author_uid != $uid2) { // If not private group, or a member, then display if ($comment->content_private != 'on' || __wps__member_of($comment->subject_uid) == 'yes') { $private_group = ''; } else { // Otherwise hide $private_group = 'on'; } } else { // Not a group post so not applicable $private_group = ''; } if ($private_group != 'on') { // Check to avoid poke's (as private) if ( ($comment->type != 'poke') || ($comment->type == 'poke' && ($comment->author_uid == $uid2 || $comment->subject_uid == $uid2 )) ) { $comment_div = "<div class='wall_post_div' id='post_".$comment->cid."'>"; // Avatar $comment_inner_div = "<div class='wall_post_avatar'>"; $comment_inner_div .= get_avatar($comment->author_uid, 64); $comment_inner_div .= "</div>"; $user_info = get_user_by('id', $comment->author_uid); if ($user_info && $user_info->user_login != 'nobody') { $comment_inner_div .= '<a href="'.$profile_page.$q.'uid='.$comment->author_uid.'">'.stripslashes($comment->display_name).'</a> '; if ($comment->author_uid != $comment->subject_uid && !$comment->is_group) { $comment_inner_div .= ' → '; $user_info = get_userdata($comment->subject_uid); if ($user_info->user_login != 'nobody') { $comment_inner_div .= '<a href="'.$profile_page.$q.'uid='.$comment->subject_uid.'">'.stripslashes($comment->subject_name).'</a> '; } else { $comment_inner_div .= stripslashes($comment->subject_name).' '; } } } else { $comment_inner_div .= stripslashes($comment->display_name).' '; if ($comment->author_uid != $comment->subject_uid && !$comment->is_group) { $comment_inner_div .= ' → '; $user_info = get_userdata($comment->subject_uid); if ($user_info->user_login != 'nobody') { $comment_inner_div .= '<a href="'.$profile_page.$q.'uid='.$comment->subject_uid.'">'.stripslashes($comment->subject_name).'</a> '; } else { $comment_inner_div .= stripslashes($comment->subject_name).' '; } } } $comment_inner_div .= __wps__time_ago($comment->comment_timestamp)."."; $comment_inner_div .= "<div class='__wps__activity_icons'>"; // Like/dislike icons if (get_option(WPS_OPTIONS_PREFIX.'_activity_likes') && is_user_logged_in() && $comment->author_uid != $uid2 ) { $sql = "SELECT COUNT(*) FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND uid = %d"; $already_liked = $wpdb->get_var($wpdb->prepare($sql, $comment->cid, $current_user->ID)); if (!$already_liked) { $comment_inner_div .= "<div class='wall_post_like delete_post_top'>"; $comment_inner_div .= "<img class='wall_add_like' title='".__('You like this.', WPS_TEXT_DOMAIN)."' data-action='like' rel='".$comment->cid."' style='width:20px;height:20px;' src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/smilies/good.png' />"; $comment_inner_div .= "<img class='wall_add_like' title='".__('You do not like this.', WPS_TEXT_DOMAIN)."' data-action='dislike' rel='".$comment->cid."' style='width:20px;height:20px' src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/smilies/bad.png' />"; $comment_inner_div .= "</div>"; } } // Delete and report $comment_inner_div .= "<div style='width:60px; float:right;height:16px;'>"; if (get_option(WPS_OPTIONS_PREFIX.'_allow_reports') == 'on') { $comment_inner_div .= " <a title='post_".$comment->cid."' href='javascript:void(0);' class='report_post report_post_top symposium_report'><img src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/warning.png' style='width:16px;height:16px' /></a>"; } if (__wps__get_current_userlevel() == 5 || $comment->subject_uid == $uid2 || $comment->author_uid == $uid2) { $comment_inner_div .= " <a title='".$comment->cid."' rel='post' href='javascript:void(0);' class='delete_post delete_post_top'><img src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/delete.png' style='width:16px;height:16px' /></a>"; } $comment_inner_div .= '</div>'; // Likes/Dislikes if (get_option(WPS_OPTIONS_PREFIX.'_activity_likes')) { $sql = "SELECT COUNT(*) FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'like'"; $likes = $wpdb->get_var($wpdb->prepare($sql, $comment->cid)); $start_likes = $likes; $sql = "SELECT vid FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'like' AND uid=%d"; $youlike = $wpdb->get_var($wpdb->prepare($sql, $comment->cid, $uid2)); $sql = "SELECT COUNT(*) FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'dislike'"; $dislikes = $wpdb->get_var($wpdb->prepare($sql, $comment->cid)); $sql = "SELECT vid FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'dislike' AND uid=%d"; $youdislike = $wpdb->get_var($wpdb->prepare($sql, $comment->cid, $uid2)); $comment_inner_div .= "<div id='__wps__likes_".$comment->cid."'>"; if ($likes) { $link = '<a id="symposium_show_likes" href="javascript:void(0)" rel="'.$comment->cid.'">'; $comment_inner_div .= "<img src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/smilies/good.png' style='width:16px;height:16px' /> "; if ($youlike) { $comment_inner_div .= __('You', WPS_TEXT_DOMAIN); $likes--; if ($likes > 1) { $comment_inner_div .= ' '.sprintf(__('and %s%d others</a> like this.', WPS_TEXT_DOMAIN), $link, $likes); } if ($likes == 1) { $comment_inner_div .= ' '.sprintf(__('and %s1 other</a> person likes this.', WPS_TEXT_DOMAIN), $link); } if ($likes == 0) { $comment_inner_div .= ' '.__('like this.', WPS_TEXT_DOMAIN); } } else { if ($likes > 1) { $comment_inner_div .= sprintf(__('%s%d people</a> like this.', WPS_TEXT_DOMAIN), $link, $likes); } if ($likes == 1) { $sql = "SELECT uid FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'like'"; $uid = $wpdb->get_var($wpdb->prepare($sql, $comment->cid)); $comment_inner_div .= __wps__profile_link($uid).' '.__('likes this.', WPS_TEXT_DOMAIN); } } } if ($dislikes) { if ($start_likes) $comment_inner_div .= '<br />'; $link = '<a id="symposium_show_likes" href="javascript:void(0)" rel="'.$comment->cid.'">'; $comment_inner_div .= "<img src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/smilies/bad.png' style='width:16px;height:16px' /> "; if ($youdislike) { $comment_inner_div .= __('You', WPS_TEXT_DOMAIN); $dislikes--; if ($dislikes > 1) { $comment_inner_div .= ' '.sprintf(__('and %s%d others</a> don\'t like this.', WPS_TEXT_DOMAIN), $link, $dislikes); } if ($dislikes == 1) { $comment_inner_div .= ' '.sprintf(__('and %s1 other</a> person don\'t like this.', WPS_TEXT_DOMAIN), $link); } if ($dislikes == 0) { $comment_inner_div .= ' '.__('don\'t like this.', WPS_TEXT_DOMAIN); } } else { if ($dislikes > 1) { $comment_inner_div .= sprintf(__('%s%d people</a> don\'t like this.', WPS_TEXT_DOMAIN), $link, $dislikes); } if ($dislikes == 1) { $sql = "SELECT uid FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'dislike'"; $uid = $wpdb->get_var($wpdb->prepare($sql, $comment->cid)); $comment_inner_div .= __wps__profile_link($uid).' '.__('doesn\'t like this.', WPS_TEXT_DOMAIN); } } } $comment_inner_div .= "</div>"; } $comment_inner_div .= "</div>"; // Always show reply fields or not? $show_class = (get_option(WPS_OPTIONS_PREFIX.'_profile_comments')) ? '' : 'symposium_wall_replies'; $show_field = (get_option(WPS_OPTIONS_PREFIX.'_profile_comments')) ? '' : 'display:none;'; // $text = the comment $text = $comment->comment; // Added to or comment on a gallery if ($comment->type == 'gallery' && strpos($text, '[]')) { $lib = explode('[]', $text); $text = '<div style="width:100%">'; // Add message $text .= $lib[0].'<br />'; $action = $lib[2]; $aid = $lib[1]; if ($action == 'comment') { $single_iid = $lib[3]; $comment_text = $lib[4]; } // Get album title $sql = "SELECT name FROM ".$wpdb->base_prefix."symposium_gallery WHERE gid = %d"; $album_title = $wpdb->get_var($wpdb->prepare($sql, $aid)); $text .= '<div id="wps_gallery_album_name_'.$aid.'" style="display:none">'.stripslashes($album_title).'</div>'; // Get images $sql = "SELECT * FROM ".$wpdb->base_prefix."symposium_gallery_items WHERE gid = %d ORDER BY photo_order"; $photos = $wpdb->get_results($wpdb->prepare($sql, $aid)); $cnt = 0; if ($photos) { foreach ($photos as $photo) { $cnt++; // DB or Filesystem? if (get_option(WPS_OPTIONS_PREFIX.'_img_db') == "on") { $thumb_src = WP_CONTENT_URL."/plugins/wp-symposium/get_album_item.php?iid=".$photo->iid."&size=photo"; } else { $thumb_src = get_option(WPS_OPTIONS_PREFIX.'_img_url').'/members/'.$photo->owner.'/media/'.$aid.'/thumb_'.$photo->name; } $image = $thumb_src; $iid = $photo->iid; $name = $photo->title; if (($action == 'added' && $cnt == 1) || ($action == 'comment' && $iid == $single_iid)) { $image = preg_replace('/thumb_/', 'show_', $image, 1); $title = ''; $text .= '<a class="__wps__photo_cover_action wps_gallery_album" data-name="'.stripslashes($title).'" data-iid="'.$iid.'" href="'.$image.'" rev="'.$cnt.'" rel="symposium_gallery_photos_'.$aid.'" title="'.$name.'">'; $text .= '<img class="profile_activity_gallery_first_image" src="'.$image.'" /><br />'; $text .= '</a>'; } if ($action == 'added') { if (sizeof($photos) > 2) { if ($cnt == 2) { $text .= '<div id="wps_comment_plus" style="height:55px;overflow:hidden;width:100%">'; } if ($cnt > 1 && $cnt <= sizeof($photos)) { $text .= '<a class="__wps__photo_cover_action wps_gallery_album" data-name="'.stripslashes($title).'" data-owner="'.$photo->owner.'" data-iid="'.$iid.'" href="'.$image.'" rev="'.$cnt.'" rel="symposium_gallery_photos_'.$aid.'" title="'.$name.'">'; $text .= '<img style="width:50px;height:50px;margin-right:5px;margin-bottom:5px;float:left;" src="'.$image.'" />'; $text .= '</a>'; } if ($cnt == sizeof($photos)) { $text .= '</div>'; } } } else { if ($iid != $single_iid) { if (!isset($title)) $title = ''; $text .= '<a class="__wps__photo_cover_action wps_gallery_album" data-name="'.stripslashes($title).'" data-iid="'.$iid.'" href="'.$image.'" rev="'.$cnt.'" rel="symposium_gallery_photos_'.$aid.'" title="'.$name.'">'; $text .= '<img style="display:none;" src="'.$image.'" />'; $text .= '</a>'; } } } if ($cnt > 7 && $action == 'added') { $text .= '<div id="wps_gallery_comment_more" style="clear:both;cursor:pointer">'; $text .= __('more...', WPS_TEXT_DOMAIN).'</div>'; } } if ($action == 'comment') { $text .= $comment_text; } $text .= '</div>'; } // Check for any associated uploaded images for activity $directory = WP_CONTENT_DIR."/wps-content/members/".$comment->subject_uid.'/activity/'; if (file_exists($directory)) { $handler = opendir($directory); while ($image = readdir($handler)) { $path_parts = pathinfo($image); if ($path_parts['filename'] == $comment->cid) { $directoryURL = WP_CONTENT_URL."/wps-content/members/".$comment->subject_uid.'/activity/'.$image; $text .= '<div style="margin-bottom:5px"></div>'; // sort out text for title bar of dialog box if (strlen($comment->comment) < 75) { $title_bar = $comment->comment; } else { $title_bar = substr($comment->comment, 0, 75).'...'; } // remove emoticons to avoid breaking image link to popup $remove = array("{{", "}}", ":)",";)",":-)",":(",":'(",":x",":X",":D",":|",":?",":z",":P"); foreach ($remove as $key => $value){ $title_bar = str_replace($value, "", $title_bar); } // rev = this image to default on (would be a count of all images included) // rel = the 'group' of images to be included $text .= "<a target='_blank' href='".$directoryURL."' rev='1' rel='symposium_activity_images_".$comment->cid."' data-owner='".$comment->subject_uid."' data-name='".$title_bar."' data-iid='".$comment->cid."' class='wps_gallery_album'>"; $text .= '<img class="profile_activity_image" src="'.$directoryURL.'" />'; $text .= '</a>'; } } } // Finally show comment...! $text = stripslashes($text); $comment_inner_div .= '<div class="next_comment '.$show_class.'" id="'.$comment->cid.'">'; if ($comment->is_group) { $url = __wps__get_url('group'); $q = __wps__string_query($url); $url .= $q.'gid='.$comment->subject_uid.'&post='.$comment->cid; $group_name = $wpdb->get_var($wpdb->prepare("SELECT name FROM ".$wpdb->base_prefix."symposium_groups WHERE gid = %d", $comment->subject_uid)); $comment_inner_div .= __("Group post in", WPS_TEXT_DOMAIN)." <a href='".$url."'>".stripslashes($group_name)."</a>: ".__wps__make_url($text); } else { $comment_inner_div .= __wps__make_url($text); } $comment_inner_div = apply_filters( '__wps__activity_row_item_filter', $comment_inner_div, $comment ); // Replies +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ $sql = "SELECT c.*, u.display_name FROM ".$wpdb->base_prefix."symposium_comments c LEFT JOIN ".$wpdb->base_prefix."users u ON c.author_uid = u.ID LEFT JOIN ".$wpdb->base_prefix."symposium_comments p ON c.comment_parent = p.cid WHERE c.comment_parent = %d AND c.is_group != 'on' ORDER BY c.cid"; $replies = $wpdb->get_results($wpdb->prepare($sql, $comment->cid)); $count = 0; if ($replies) { if (count($replies) > 4) { $comment_inner_div .= "<div id='view_all_comments_div'>"; $comment_inner_div .= "<a title='".$comment->cid."' class='view_all_comments' href='javascript:void(0);'>".__(sprintf("View all %d comments", count($replies)), WPS_TEXT_DOMAIN)."</a>"; $comment_inner_div .= "</div>"; } foreach ($replies as $reply) { $count++; if ($count > count($replies)-4) { $reply_style = ""; } else { $reply_style = "display:none; "; } $comment_inner_div .= "<div id='".$reply->cid."' class='reply_div' style='".$reply_style."'>"; $comment_inner_div .= "<div class='__wps__wall_reply_div'>"; $comment_inner_div .= "<div class='wall_reply'>"; $comment_inner_div .= '<a href="'.$profile_page.$q.'uid='.$reply->author_uid.'">'.stripslashes($reply->display_name).'</a> '; $comment_inner_div .= __wps__time_ago($reply->comment_timestamp)."."; $comment_inner_div .= '<div style="width:50px; float:right;">'; if (get_option(WPS_OPTIONS_PREFIX.'_allow_reports') == 'on') { $comment_inner_div .= " <a title='post_".$reply->cid."' href='javascript:void(0);' style='padding:0px' class='report_post symposium_report reply_warning'><img src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/warning.png' style='width:14px;height:14px' /></a>"; } // Like/dislike icons for reply if (get_option(WPS_OPTIONS_PREFIX.'_activity_likes') && is_user_logged_in() && $reply->author_uid != $uid2 ) { $sql = "SELECT COUNT(*) FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND uid = %d"; $already_liked = $wpdb->get_var($wpdb->prepare($sql, $reply->cid, $current_user->ID)); if (!$already_liked) { $comment_inner_div .= "<div class='wall_post_like delete_reply' style='margin:0;padding:0;'>"; $comment_inner_div .= "<img class='wall_add_like' title='".__('You like this.', WPS_TEXT_DOMAIN)."' data-action='like' rel='".$reply->cid."' style='padding:0;width:20px;height:20px;' src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/smilies/good.png' />"; $comment_inner_div .= "<img class='wall_add_like' title='".__('You do not like this.', WPS_TEXT_DOMAIN)."' data-action='dislike' rel='".$reply->cid."' style='padding:0;width:20px;height:20px' src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/smilies/bad.png' />"; $comment_inner_div .= "</div>"; } } if (__wps__get_current_userlevel($uid2) == 5 || $reply->subject_uid == $uid2 || $reply->author_uid == $uid2) { $comment_inner_div .= " <a title='".$reply->cid."' rel='reply' href='javascript:void(0);' style='padding:0px' class='delete_post delete_reply'><img src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/delete.png' style='width:14px;height:14px' /></a>"; } $comment_inner_div .= '</div>'; $comment_inner_div .= "<br />"; // Likes/Dislikes for replies if (get_option(WPS_OPTIONS_PREFIX.'_activity_likes')) { $sql = "SELECT COUNT(*) FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'like'"; $likes = $wpdb->get_var($wpdb->prepare($sql, $reply->cid)); $start_likes = $likes; $sql = "SELECT vid FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'like' AND uid=%d"; $youlike = $wpdb->get_var($wpdb->prepare($sql, $reply->cid, $uid2)); $sql = "SELECT COUNT(*) FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'dislike'"; $dislikes = $wpdb->get_var($wpdb->prepare($sql, $reply->cid)); $sql = "SELECT vid FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'dislike' AND uid=%d"; $youdislike = $wpdb->get_var($wpdb->prepare($sql, $reply->cid, $uid2)); $comment_inner_div .= "<div id='__wps__likes_".$reply->cid."'>"; if ($likes) { $link = '<a id="symposium_show_likes" href="javascript:void(0)" rel="'.$reply->cid.'">'; $comment_inner_div .= "<img src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/smilies/good.png' style='width:16px;height:16px' /> "; if ($youlike) { $comment_inner_div .= __('You', WPS_TEXT_DOMAIN); $likes--; if ($likes > 1) { $comment_inner_div .= ' '.sprintf(__('and %s%d others</a> like this.', WPS_TEXT_DOMAIN), $link, $likes); } if ($likes == 1) { $comment_inner_div .= ' '.sprintf(__('and %s1 other person</a> likes this.', WPS_TEXT_DOMAIN), $link); } if ($likes == 0) { $comment_inner_div .= ' '.__('like this.', WPS_TEXT_DOMAIN); } } else { if ($likes > 1) { $comment_inner_div .= sprintf(__('%s%d people</a> like this.', WPS_TEXT_DOMAIN), $link, $likes); } if ($likes == 1) { $sql = "SELECT uid FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'like'"; $uid = $wpdb->get_var($wpdb->prepare($sql, $reply->cid)); $comment_inner_div .= __wps__profile_link($uid).' '.__('likes this.', WPS_TEXT_DOMAIN); } } } if ($dislikes) { if ($start_likes) $comment_inner_div .= '<br />'; $link = '<a id="symposium_show_likes" href="javascript:void(0)" rel="'.$reply->cid.'">'; $comment_inner_div .= "<img src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/smilies/bad.png' style='width:16px;height:16px' /> "; if ($youdislike) { $comment_inner_div .= __('You', WPS_TEXT_DOMAIN); $dislikes--; if ($dislikes > 1) { $comment_inner_div .= ' '.sprintf(__('and %s%d others</a> don\'t like this.', WPS_TEXT_DOMAIN), $link, $dislikes); } if ($dislikes == 1) { $comment_inner_div .= ' '.sprintf(__('and %s1 other</a> person don\'t like this.', WPS_TEXT_DOMAIN), $link); } if ($dislikes == 0) { $comment_inner_div .= ' '.__('don\'t like this.', WPS_TEXT_DOMAIN); } } else { if ($dislikes > 1) { $comment_inner_div .= sprintf(__('%s%d people</a> don\'t like this.', WPS_TEXT_DOMAIN), $link, $dislikes); } if ($dislikes == 1) { $sql = "SELECT uid FROM ".$wpdb->base_prefix."symposium_likes WHERE cid = %d AND type = 'dislike'"; $uid = $wpdb->get_var($wpdb->prepare($sql, $reply->cid)); $comment_inner_div .= __wps__profile_link($uid).' '.__('doesn\'t like this.', WPS_TEXT_DOMAIN); } } } $comment_inner_div .= "</div>"; } $comment_inner_div .= __wps__make_url(stripslashes($reply->comment)); $comment_inner_div .= "</div>"; $comment_inner_div .= "</div>"; $comment_inner_div .= "<div class='wall_reply_avatar'>"; $comment_inner_div .= get_avatar($reply->author_uid, 40); $comment_inner_div .= "</div>"; $comment_inner_div .= "</div>"; } } else { $comment_inner_div .= "<div class='no_wall_replies'></div>"; } $comment_inner_div .= "<div style='clear:both;' id='__wps__comment_".$comment->cid."'></div>"; // Reply (comment) field if ( (is_user_logged_in()) && ( ($uid1 == $uid2) || ( strtolower($privacy) == 'everyone' || strtolower($privacy) == 'public' || (strtolower($privacy) == 'friends only' && $is_friend) || ($version = "stream_activity" && strtolower($privacy) == 'friends only' && __wps__friend_of($comment->author_uid, $current_user->ID)) ) ) ) { if ($comment->type != 'gallery' && $comment->type != 'friend') { $comment_inner_div .= '<div style="margin-top:5px;'.$show_field.'" id="__wps__reply_div_'.$comment->cid.'" >'; $comment_inner_div .= '<textarea title="'.$comment->cid.'" class="__wps__reply'; if (get_option(WPS_OPTIONS_PREFIX.'_elastic')) $comment_inner_div .= ' elastic'; $comment_inner_div .= '" id="__wps__reply_'.$comment->cid.'" onblur="this.value=(this.value==\'\') ? \''.__('Write a comment...', WPS_TEXT_DOMAIN).'\' : this.value;" onfocus="this.value=(this.value==\''.__('Write a comment...', WPS_TEXT_DOMAIN).'\') ? \'\' : this.value;">'.__('Write a comment...', WPS_TEXT_DOMAIN).'</textarea>'; if (get_option(WPS_OPTIONS_PREFIX.'_show_buttons')) { $comment_inner_div .= '<br /><input title="'.$comment->cid.'" type="submit" style="width:75px;'.$button_style.'" class="__wps__button symposium_add_reply" value="'.__('Add', WPS_TEXT_DOMAIN).'" />'; } $comment_inner_div .= '<input id="symposium_author_'.$comment->cid.'" type="hidden" value="'.$comment->subject_uid.'" />'; $comment_inner_div .= '</div>'; } } $comment_inner_div .= "</div>"; $comment_inner_div = apply_filters( '__wps__activity_item_inner_filter', $comment_inner_div ); $comment_div .= $comment_inner_div."</div>"; $comment_div = apply_filters( '__wps__activity_item_filter', $comment_div ); // Check if forcing UTF8 (to handle umlets, etc) if (get_option(WPS_OPTIONS_PREFIX.'_force_utf8') == 'on') $comment_div = utf8_decode($comment_div); $html .= $comment_div; } } } else { // Protected by privacy settings } } // Comment by member with no replies and looking at friends activity } $id = 'wall'; if ($version == "all_activity" || $version == "stream_activity") { $id='all'; } if ($version == "friends_activity") { $id='activity'; } if ($post == '' && $cnt > 0) { // Set next comment to show // old version was $next (regression testing) = $limit_from+$cnt+1; $next = $limit_from+$limit_count; if (is_user_logged_in()) $html .= "<a href='javascript:void(0)' id='".$id."' class='showmore_wall' title='".($next)."'>".__("more...", WPS_TEXT_DOMAIN)."</a>"; } else { if ($post == '') { $html .= "<br />".__("Nothing to show, sorry.", WPS_TEXT_DOMAIN); } } } else { $html .= "<br />".__("Nothing to show, sorry.", WPS_TEXT_DOMAIN); } $html .= "</div>"; } else { if ($version == "friends_activity") { $html .= '<p>'.__("Sorry, this member has chosen not to share their activity.", WPS_TEXT_DOMAIN); } if ($version == "wall") { $html .= '<p>'.__("Sorry, this member has chosen not to share their activity.", WPS_TEXT_DOMAIN); } } return $html; // return __wps__buffer($html); } else { return __wps__show_login_link(__("Please <a href='%s'>login</a> to view this member's profile.", WPS_TEXT_DOMAIN), false); } return $html; }
if (is_user_logged_in()) { $html = ""; $uid1 = $_POST['uid1']; $html .= '<p>'.__('Choose an image...', WPS_TEXT_DOMAIN).' ('; $html .= '<a id="symposium_remove_avatar" href="javascript:void(0)">'.__('or click here to remove', WPS_TEXT_DOMAIN).'</a>)'; $html .= '</p>'; include_once('../server/file_upload_include.php'); $html .= show_upload_form( WP_CONTENT_DIR.'/wps-content/members/'.$current_user->ID.'/avatar_upload/', WP_CONTENT_URL.'/wps-content/members/'.$current_user->ID.'/avatar_upload/', 'avatar', __('Upload photo', WPS_TEXT_DOMAIN), 0, 0, 0, $uid1, __wps__get_extension_button_style() ); echo $html; } exit; } // Show Settings if ($_POST['action'] == 'menu_settings') { global $wpdb, $current_user;
$html .= '</select>'; $html .= " <img id='__wps__album_sharing_save' style='display:none' src='".get_option(WPS_OPTIONS_PREFIX.'_images')."/busy.gif' /><br />"; // Show maximum file upload size as set in PHP.INI to admin's if (__wps__get_current_userlevel($current_user->ID) == 5) { $html .= '<p>As set in PHP.INI, the upload_max_filesize is: '.ini_get('upload_max_filesize').'<br />(this message is only shown to site administrators)</p>'; } else { $html .= '<p>'.__('The maximum size of uploaded files is', WPS_TEXT_DOMAIN).' '.ini_get('upload_max_filesize').'.</p>'; } include_once('../server/file_upload_include.php'); $html .= show_upload_form( WP_CONTENT_DIR.'/wps-content/members/'.$current_user->ID.'/gallery_upload/', WP_CONTENT_URL.'/wps-content/members/'.$current_user->ID.'/gallery_upload/', 'gallery', __('Upload photo(s)', WPS_TEXT_DOMAIN), 0, 0, $album_id ); $html .= "<div id='__wps__gallery_flag' style='display:none'></div>"; // So that __wps__init_file_upload() knows it's the gallery } if ($photos) { $cnt=0; foreach ($photos as $photo) { $cnt++;
$html .= '<option value="'.$member->ID.'"'; if ($member->admin == 'on') { $html .= ' SELECTED'; } $html .= '>'.$member->display_name.'</option>'; } $html .= '</select>'; $html .= '</div>'; $html .= '</div>'; // Choose a new avatar $html .= '<div style="clear: right; margin-bottom:15px;">'; $html .= '<div style="float:right;">'; include_once('../server/file_upload_include.php'); $html .= show_upload_form( WP_CONTENT_DIR.'/wps-content/members/'.$current_user->ID.'/group_avatar_upload/', WP_CONTENT_URL.'/wps-content/members/'.$current_user->ID.'/group_avatar_upload/', 'group_avatar', __('Upload photo', WPS_TEXT_DOMAIN), 0, $gid ); $html .= '</div>'; $html .= '<p>'.__('Choose an image for the group...', WPS_TEXT_DOMAIN).'</p>'; $html .= '<div id="group_image_to_crop" style="width:95%;margin-bottom:15px; float:left;"></div>'; $html .= '</div>'; $html .= '<p style="clear:both">'; $html .= '<input type="submit" id="updateGroupSettingsButton" name="Submit" class="__wps__button" value="'.__('Save settings', WPS_TEXT_DOMAIN).'" /> '; $html .= '</p>'; $html .= '</div> ';