/**
* Implementation of module_content()
*/
function gallery_content()
{
global $ssc_database, $ssc_site_url;
if (is_array($_GET['param'])) {
$page = array_shift($_GET['param']);
// Check page
if ($page == 'page') {
$page = (int) array_shift($_GET['param']);
} else {
ssc_not_found();
}
} else {
$page = 1;
}
$gid = (int) $_GET['path-id'];
// Check if gallery exists and is visible
$result = $ssc_database->query("SELECT title, description FROM #__gallery WHERE id = %d AND visible = 1 LIMIT 1", $gid);
if ($result && ($data = $ssc_database->fetch_assoc($result))) {
ssc_set_title($data['title']);
} else {
ssc_not_found();
}
// Fetch contents
$res = $ssc_database->query_paged($page, 20, "SELECT id, caption FROM #__gallery_content WHERE gallery_id = %d ORDER BY id ASC", $gid);
$result =& $res['result'];
$count = 20;
$out = '';
while (($data = $ssc_database->fetch_assoc($result)) && $count--) {
$out .= "<a href=\"{$ssc_site_url}/images/gallery/{$gid}/{$data['id']}\" class=\"" . (empty($data['caption']) ? 'gallery-nocap' : 'gallery-cap') . "\"><img src=\"{$ssc_site_url}/images/gallery/{$gid}/{$data['id']}_t\" alt=\"\" /><span>{$data['caption']}</span></a> \n";
}
return $out;
}
/**
* Implementation of module_content
*/
function admin_content()
{
global $ssc_user, $ssc_database;
$out = '';
if ($_GET['path'] != '/admin' || $ssc_user->gid == SSC_USER_GUEST) {
ssc_not_found();
return;
}
switch ($_GET['param']) {
case '':
ssc_set_title("Administration");
$out = _admin_base_content();
break;
default:
// Check for sub-page. args can be claimed from $_GET[param]
$_GET['param'] = explode("/", $_GET['param']);
$_GET['admin_page'] = array_shift($_GET['param']);
if (!login_check_auth($_GET['admin_page'])) {
ssc_not_allowed();
} else {
$out = module_hook('admin', $_GET['admin_page']);
}
if (empty($out)) {
ssc_not_found();
}
break;
}
return $out;
}
/**
* Implementation of module_content()
*/
function static_content()
{
global $ssc_database;
// We'll never accept params, so is gonna be a 404
if (!empty($_GET['param'])) {
ssc_not_found();
}
// Find content
$result = $ssc_database->query("SELECT title, created, modified, body FROM #__static WHERE id = %d LIMIT 1", $_GET['path-id']);
if ($result && ($data = $ssc_database->fetch_assoc($result))) {
if (!ssc_load_library('sscText')) {
ssc_not_found();
// Strictly speaking, the library /wasn't/ found...
}
ssc_set_title($data['title']);
return sscText::convert($data['body']);
}
ssc_not_found();
}
/**
* Implementation of module_admin()
*/
function nav_admin()
{
$out = '';
$action = array_shift($_GET['param']);
switch ($action) {
case 'link':
$out = ssc_generate_form('nav_edit_link');
break;
case 'widget':
$out = ssc_generate_form('nav_edit_widget');
break;
case '':
// Base page
global $ssc_database;
ssc_set_title('Navigation widgets');
$result = $ssc_database->query("SELECT args FROM #__sidebar WHERE module = 2 ORDER BY args ASC");
if ($result && $ssc_database->number_rows() > 0) {
while ($data = $ssc_database->fetch_assoc($result)) {
$data = explode(',', $data['args']);
// For each block
$out .= _nav_edit_table($data[0]);
/*$out .= ssc_admin_table($data[1], "SELECT n.id, p.title parent, n.title, n.desc description, n.url, COUNT(n.id) FROM
#__navigation n, #__navigation p WHERE n.l BETWEEN p.l AND p.r
AND p.bid = %d AND n.bid = %d GROUP BY n.id ORDER BY n.l", array($data[0], $data[0]),
array('link' => 'title', 'linkpath' => '/admin/nav/link/'));/**/
$out .= ssc_generate_form('nav_add_link', $data[0]);
}
} else {
ssc_add_message(SSC_MSG_INFO, t('No navigation widgets exist yet.') . $ssc_database->error());
$out = l(t('Create widget'), '/admin/nav/widget');
}
break;
default:
ssc_not_found();
break;
}
return $out;
}
/**
* Display the list of events - implementation of module_content
*
* Only one type of display so don't need to parse any sort of input
*
* @return string Main body content
*/
function events_content()
{
global $ssc_database;
// Set up the event time borders
$borders['past'] = date("Y-m-d", strtotime(ssc_var_get('events.recent', '-2 weeks')));
$borders['current-past'] = date("Y-m-d", strtotime(ssc_var_get('events.current.old', '-1 week')));
$borders['current-future'] = date("Y-m-d", strtotime(ssc_var_get('events.current.new', '+1 week')));
$borders['future'] = date("Y-m-d", strtotime(ssc_var_get('events.future', '+2 months')));
// Get all events within the range
$result = $ssc_database->query("SELECT title, description, uri, date, flags FROM #__events WHERE date >= '%s' AND date <= '%s' ORDER BY date ASC", $borders['past'], $borders['future']);
if (!$result) {
ssc_not_found();
return;
}
ssc_set_title(ssc_var_get('events.title', 'Events'));
// Load first event if possible
if ($ssc_database->number_rows() > 0) {
$data = $ssc_database->fetch_assoc($result);
} else {
$data = null;
}
// And start displaying the results
$out = '<h3>' . t('Recent events') . '</h3>';
$in = false;
while ($data && $data['date'] <= $borders['current-past']) {
if (!$in) {
$out .= '<ul class="events-list">';
$in = true;
}
$out .= _events_print_db_event($data);
$data = $ssc_database->fetch_assoc($result);
}
if ($in) {
$out .= '</ul>';
$in = false;
} else {
$out .= t('There are no recent events');
}
$out .= '<h3>' . t('Current events') . '</h3>';
while ($data && $data['date'] <= $borders['current-future']) {
if (!$in) {
$out .= '<ul class="events-list">';
$in = true;
}
$out .= _events_print_db_event($data);
$data = $ssc_database->fetch_assoc($result);
}
if ($in) {
$out .= '</ul>';
$in = false;
} else {
$out .= t('There are no current events');
}
$out .= '<h3>' . t('Upcoming events') . '</h3>';
while ($data) {
if (!$in) {
$out .= '<ul class="events-list">';
$in = true;
}
$out .= _events_print_db_event($data);
$data = $ssc_database->fetch_assoc($result);
}
if ($in) {
$out .= '</ul>';
} else {
$out .= t('There are no upcoming events');
}
return $out;
}
/**
* Implementation of module_content()
*
* Results content. At this stage, no arguments so present results for entire regatta. Bracket refers to mouse-over
*
* - /
* No parameters. Should show abbr'd |sail|class|name|skip (crew)|place(corr. time)[|place(corr. time)...]
*
* - /heat/<num> or /heat-<num
* Show detailed version for a heat perhaps? Probably not feasable.
*/
function sailing_content()
{
global $ssc_database;
ssc_add_js('/modules/sailing/sailing.js');
// See if results exist
$result = $ssc_database->query("SELECT name, description, updated, flags, heats FROM #__sailing_series WHERE id = %d LIMIT 1", $_GET['path-id']);
if (!($result && ($data = $ssc_database->fetch_assoc($result)))) {
ssc_not_found();
return;
}
// Set up some flags
$flags = $data['flags'];
$prefix = $flags & SSC_SAILING_PREFIX ? "Division " : "";
$show_class = ($flags & SSC_SAILING_CLASS) > 0;
$show_club = ($flags & SSC_SAILING_CLUB) > 0;
// Heat numbers
$heats = explode(",", $data['heats']);
// Description / title
ssc_set_title($data['name']);
$out = "";
if (strlen($data['description']) > 0) {
if (!ssc_load_library('sscText')) {
$out .= check_plain($data['description']);
} else {
$out .= sscText::convert($data['description']);
}
}
// Prepare for table
$result = $ssc_database->query("SELECT r.results, r.times, r.points, r.division, e.number, e.skipper, e.crew, e.name AS boatname, e.class, e.club FROM #__sailing_results r LEFT JOIN #__sailing_entries e ON e.id = r.uid WHERE r.series_id = %d ORDER BY r.division ASC, r.points ASC", $_GET['path-id']);
if (!$result || $ssc_database->number_rows() < 1) {
// Empty or sql failure
$out .= "There are no race results available for this series yet";
return $out;
} else {
// Start outputting
$out .= '<table class="sail-table" summary="Race results">';
$col_header = _ssc_sailing_table_header($flags, $heats, $col_count);
// Loop through results
$div = '-1';
while ($data = $ssc_database->fetch_assoc($result)) {
// Re-echo headers for each division
if ($div != $data['division']) {
if ($div == '-1') {
$out .= "<thead><tr><th class=\"div-heading\" colspan=\"{$col_count['total']}\">{$prefix}{$data['division']}</th></tr>";
$out .= "{$col_header}</thead><tbody>";
} else {
$out .= '<tr><th class="div-heading" colspan="' . $col_count['total'] . '">' . $prefix . $data['division'] . '</th></tr>';
$out .= $col_header;
}
$div = $data['division'];
}
// Row contents
$out .= "<tr><td>{$data['number']}</td>" . ($show_class ? "<td>{$data['class']}</td>" : '') . "<td>{$data['boatname']}</td>";
if ($data['crew'] != '') {
$out .= "<td><span title=\"{$data['crew']}\">{$data['skipper']}</span></td>";
} else {
$out .= "<td>{$data['skipper']}</td>";
}
if ($show_club) {
$out .= "<td>{$data['club']}</td>";
}
// Parse results
$heats = explode(",", $data['results']);
$times = explode(",", $data['times']);
for ($i = 0; $i < $col_count['heats']; $i++) {
if ($times[$i] != '') {
if ((double) $times[$i] > 0) {
$out .= '<td><span title="' . sprintf("%1.1f", (double) $times[$i]) . " min\">{$heats[$i]}</span></td>";
} else {
$out .= "<td><span title=\"{$times[$i]}\">{$heats[$i]}</span></td>";
}
} else {
$out .= "<td>{$heats[$i]}</td>";
}
}
$out .= '</tr>';
}
// Tidy up
$out .= '</tbody></table>';
}
return $out;
}
/**
* Rendering function
* @param string $body Generated HTML for the primary page.
* Passed byref so we don't need to copy an entire string
*/
function theme_render(&$body)
{
global $ssc_site_path, $ssc_site_url;
$theme = ssc_var_get('theme_default', SSC_DEFAULT_THEME);
$info = theme_get_info();
for ($i = 0; $i < $info['mini_count']; $i++) {
$side[$i] = theme_side($i);
}
$site_name = ssc_var_get('site_name', false);
$meta = _theme_get_meta() . '<title>' . ssc_set_title() . ($site_name ? " | " . $site_name : '') . "</title>\n";
$m = module_hook('meta');
foreach ($m as $src) {
$meta .= $src;
}
$lang = ssc_var_get('language', 'en');
$logo = ssc_var_get('theme_show_logo', false) ? ssc_var_get('theme_logo', '') : false;
$title = ssc_var_get('theme_show_title', false) ? "{$site_name}" : false;
$quip = ssc_var_get('theme_show_quip', false) ? ssc_var_get('theme_quip', '') : false;
$breadcrumb = ssc_var_get('theme_breadcrumb', false);
$messages = theme_messages();
$foot = ssc_var_get('theme_show_foot', false) ? ssc_var_get('theme_foot', '') : '';
if (empty($foot)) {
$foot = 'XHTML and CSS valid<br />Powered by <a href="http://www.smoothsailingcms.org">SSC</a>';
} else {
$foot .= 'XHTML and CSS valid<br />Powered by <a href="http://www.smoothsailingcms.org">SSC</a>';
}
//$side = array();
$body = '<h2>' . ssc_set_title() . '</h2>' . $body;
// Show the page
include "{$ssc_site_path}/themes/{$theme}/site.tpl.php";
}
/**
* User profile edit
*/
function login_profile()
{
global $ssc_database;
// Are we superprofile editing?
if ($_GET['path'] == '/admin') {
$uid = (int) array_shift($_GET['param']);
if ($uid == 0) {
// New user
$ssc_user = new StdClass();
// Set up neat default values
$ssc_user->fullname = t('New user');
$ssc_user->gid = 0;
$ssc_user->id = 0;
} else {
// Existing - need to attempt retrieval
$result = $ssc_database->query("SELECT id, username, fullname, displayname, email, gid FROM #__user WHERE id = %d LIMIT 1", $uid);
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, t('Error retrieving user details'));
}
$ssc_user = $ssc_database->fetch_object($result);
if (!$ssc_user) {
ssc_not_found();
}
}
} else {
// Just self-editing
global $ssc_user;
}
ssc_set_title($ssc_user->fullname);
$form = array('#action' => '', '#method' => 'post');
$fieldset = array('#type' => 'fieldset', '#title' => t('User details'), '#parent' => true);
$fieldset['uid'] = array('#type' => 'hidden', '#value' => $ssc_user->id);
$fieldset['user'] = array('#type' => 'text', '#value' => $ssc_user->username, '#maxlen' => 20, '#required' => true, '#title' => t('Username'), '#description' => t('Username used to log in with'));
$fieldset['disp'] = array('#type' => 'text', '#value' => $ssc_user->displayname, '#maxlen' => 20, '#required' => true, '#title' => t('Display name'), '#description' => t('Name to display when shown on main page'));
$fieldset['full'] = array('#type' => 'text', '#value' => $ssc_user->fullname, '#maxlen' => 30, '#required' => true, '#title' => t('Full name'), '#description' => t('Full name for administration uses'));
$fieldset['email'] = array('#type' => 'text', '#value' => $ssc_user->email, '#maxlen' => 50, '#size' => 30, '#required' => true, '#title' => t('Email address'), '#description' => t('Required for administration uses'));
// Populate list
$options = array(-1 => 'Guest');
$result = $ssc_database->query("SELECT id, name FROM #__group WHERE id > 0 ORDER BY name ASC");
while ($data = $ssc_database->fetch_assoc($result)) {
$options[$data['id']] = $data['name'];
}
// Admin only the permission
if ($_GET['path'] == '/admin') {
$fieldset['grp'] = array('#type' => 'select', '#value' => $options, '#selected' => $ssc_user->gid, '#title' => t('Permission group'), '#description' => t('Group for the user to belong to'));
}
$submit = array('#type' => 'submit', '#value' => t('Save'));
//$fieldset['sub'] = $submit;
$form['details'] = $fieldset;
$fieldset = array('#type' => 'fieldset', '#title' => t('Update password'), '#parent' => true);
// Choose whether we need users password or admin password
if ($_GET['path'] == '/admin') {
$fieldset['admin'] = array('#type' => 'password', '#title' => t('Admin password'), '#description' => t('Administrator password for verification'), '#required' => true);
} else {
$fieldset['old'] = array('#type' => 'password', '#title' => t('Current password'), '#description' => t('Current password for verification'), '#required' => true);
}
$fieldset['n1'] = array('#type' => 'password', '#title' => t('New password'), '#description' => t('Password to change for user'), '#required' => true);
$fieldset['n2'] = array('#type' => 'password', '#title' => t('Repeat new password'), '#description' => t('Repeat to avoid typos'), '#required' => true);
$form['pass'] = $fieldset;
$form['sub'] = $submit;
return $form;
}
/**
* Implementation of module_content()
*
* Blog content and parameters can be interpreted in several different methods
*
* - /
* No parameters. Should show (paged) all posts in the blog.
*
* - /tag/xxx
* Responds with paged posts relating to that tag.
*
* - /yyyy/mm/dd/post-name
* Retrieve the post based on the url safe-name
*
* - /id/123
* Used as permalink. Perma-redirect to current /yyyy/mm/dd/post-name url
*
* - /yyyy
* Archival retrieval of posts (no content) in the specified year
*
* - /atom
* Atom style feed for the current blog
*/
function blog_content()
{
global $ssc_database, $ssc_site_path;
$result = $ssc_database->query("SELECT name, comments, page FROM #__blog WHERE id = %d LIMIT 1", $_GET['path-id']);
if ($result && ($data = $ssc_database->fetch_assoc($result))) {
// Load display library
if (!ssc_load_library('sscText')) {
ssc_not_found();
return;
}
// Get blog settings
ssc_set_title($data['name']);
$_GET['param'] = explode("/", $_GET['param']);
$_GET['blog_comments'] = (bool) $data['comments'];
$action = array_shift($_GET['param']);
if ($action == '' || $action == 'page') {
// Show paged posts
array_unshift($_GET['param'], 'page');
if (count($_GET['param']) > 2) {
ssc_not_found();
}
return _blog_gen_post($data['page'], $_GET['path'] . '/page/', "SELECT p.id, p.title, p.created, p.urltext, u.displayname author, count(c.post_id) count, p.body, p.commentsdisabled FROM\n\t\t\t\t#__blog_post p LEFT JOIN #__user u ON u.id = p.author_id LEFT JOIN #__blog_comment c ON (post_id = p.id AND (status & %d = 0))\n\t\t\t\tWHERE blog_id = %d AND p.is_draft = 0 GROUP BY p.id ORDER BY p.created DESC", SSC_BLOG_COMMENT_SPAM, $_GET['path-id']);
} elseif ($action == 'tag') {
// Show posts for the tag
if (count($_GET['param']) == 2 || count($_GET['param']) > 3) {
ssc_not_found();
}
$tag = array_shift($_GET['param']);
if (empty($tag)) {
ssc_not_found();
}
// If to parameter for the tag, die gracefully
return _blog_gen_post($data['page'], $_GET['path'] . '/tag/' . $tag . '/page/', "SELECT p.id, p.title, p.created, p.urltext, u.displayname author, count(c.post_id) count, p.body, p.commentsdisabled FROM \n\t\t\t\t#__blog_post p LEFT JOIN #__user u ON u.id = p.author_id LEFT JOIN #__blog_comment c ON (post_id = p.id AND (status & %d = 0))\n\t\t\t\tLEFT JOIN #__blog_relation r ON r.post_id = p.id LEFT JOIN #__blog_tag t ON t.id = r.tag_id WHERE blog_id = %d AND p.is_draft = 0 AND t.tag = '%s'\n\t\t\t\tGROUP BY p.id ORDER BY p.created DESC", SSC_BLOG_COMMENT_SPAM, $_GET['path-id'], $tag);
} elseif ($action == 'id') {
// Redirect as needed
if (count($_GET['param']) != 1) {
ssc_not_found();
}
// Extra parameters
$result = $ssc_database->query("SELECT created, urltext FROM #__blog_post WHERE id = %d AND is_draft = 0 LIMIT 1", (int) array_shift($_GET['param']));
if ($data = $ssc_database->fetch_object($result)) {
ssc_redirect($_GET['path'] . date("/Y/m/d/", $data->created) . $data->urltext, 301);
return;
}
// Post ID doesn't exist - kill
ssc_not_found();
} elseif ($action == 'feed') {
// Internal redirect to atom feed
$feedPath = $ssc_site_path . '/modules/blog/atom-' . $_GET['path-id'] . '.xml';
// Check if feed exists yet
if (!file_exists($feedPath)) {
ssc_not_found();
}
// Try and read it
$rss = file_get_contents($feedPath);
// See if read success?
if ($rss === FALSE) {
ssc_not_found();
}
// Guess not - die gracefully
// Output rss
header("Content-Type: application/xml", true);
echo $rss;
// And now quit ...
ssc_close();
// ... fully
exit(0);
} elseif ($action == 'atom') {
if (count($_GET['param']) > 1) {
ssc_not_found();
}
header("Content-Type: application/atom+xml", true);
include $ssc_site_path . '/modules/blog/rss.inline.php';
ssc_close();
exit(0);
} else {
// Not those - is int?
$action = (int) $action;
// Check for bad first param
if ($action == 0) {
ssc_not_found();
return;
}
// Check if the post name exists?
if (!empty($_GET['param'][2])) {
// Retrieve post
$result = $ssc_database->query("SELECT p.id, p.title, p.created, p.urltext, p.commentsdisabled, u.displayname author, p.body FROM #__blog_post p \n\t\t\t\t\tLEFT JOIN #__user u ON u.id = p.author_id WHERE blog_id = %d AND p.is_draft = 0 AND p.urltext = '%s' \n\t\t\t\t\tLIMIT 1", $_GET['path-id'], $_GET['param'][2]);
if (!($data = $ssc_database->fetch_object($result))) {
// No post with name - kill output
ssc_not_found();
return;
}
// Don't allow any further params
if (!empty($_GET['param'][3])) {
// Unless admin, and the param is 'mark'
if (login_check_auth("blog") && $_GET['param'][3] == 'mark') {
if ($ssc_database->query("UPDATE #__blog_comment SET status = status | %d WHERE post_id = %d", SSC_BLOG_COMMENT_READ, $data->id)) {
ssc_add_message(SSC_MSG_INFO, t('Marked the comments as read'));
}
} else {
ssc_not_found();
return;
}
}
// Comments disabled flag
$comments_disabled = $data->commentsdisabled;
// Post id number
$pid = $data->id;
$out = "\n<h3>{$data->title}</h3>\n";
$out .= t("Posted !date at !time by !author\n", array('!date' => date(ssc_var_get('date_med', SSC_DATE_MED), $data->created), '!time' => date(ssc_var_get('time_short', SSC_TIME_SHORT), $data->created), '!author' => $data->author)) . '<br />';
$result = $ssc_database->query("SELECT tag FROM #__blog_relation r, #__blog_tag t WHERE r.tag_id = t.id AND r.post_id = %d ORDER BY tag ASC", $data->id);
// Retrieve list of tags for the post
if ($ssc_database->number_rows()) {
$out .= "Tagged: ";
$txt = '';
while ($dat = $ssc_database->fetch_object($result)) {
$txt .= ', ' . l($dat->tag, $_GET['path'] . '/tag/' . $dat->tag);
}
$txt = substr($txt, 2);
$out .= $txt . '<br />';
}
$out .= sscText::convert($data->body);
if ($_GET['blog_comments']) {
// Retrieve comments
$out .= '<div class="clear"></div><h3 id="comments">Comments</h3>';
// Are we admin?
$is_admin = login_check_auth("blog");
if ($is_admin) {
$result = $ssc_database->query("SELECT id, author, email, site, created, status, body FROM #__blog_comment \n\t\t\t\t\t\tWHERE post_id = %d ORDER BY created ASC", $data->id, SSC_BLOG_COMMENT_SPAM, SSC_BLOG_COMMENT_SPAM);
// Start spam/ham/commentstate form
$out .= '<form action="" method="post"><div><input type="hidden" name="form-id" value="blog_spam_ham" />';
// Show (dis-)enable comments button on posts with or without comments
if ($comments_disabled == 0) {
$sub_disable_comments = array('#value' => 'Disable Comments', '#type' => 'submit', '#name' => "disable_comments[{$pid}]");
} else {
$sub_disable_comments = array('#value' => 'Enable Comments', '#type' => 'submit', '#name' => "enable_comments[{$pid}]");
}
// Render button
$out .= theme_render_input($sub_disable_comments);
} else {
$result = $ssc_database->query("SELECT author, email, site, created, body FROM #__blog_comment \n\t\t\t\t\t\tWHERE post_id = %d AND status & %d = 0 ORDER BY created ASC", $data->id, SSC_BLOG_COMMENT_SPAM);
}
if (!$result || $ssc_database->number_rows($result) == 0) {
// Bad SQL
$out .= t('There are no comments posted yet.');
} else {
// Admin user - show spam/ham/commentstate options
if ($is_admin) {
// For each comment, show it, it's visible state, and possible options
while ($data = $ssc_database->fetch_object($result)) {
$status = $data->status;
$out .= "<div class='" . ($status & SSC_BLOG_COMMENT_SPAM ? "blog-spam-icon" : "blog-notspam-icon") . "'><p>" . nl2br(check_plain($data->body)) . "</p><p>";
$out .= t("Posted !date at !time by !author\n", array('!date' => date(ssc_var_get('date_med', SSC_DATE_MED), $data->created), '!time' => date(ssc_var_get('time_short', SSC_TIME_SHORT), $data->created), '!author' => empty($data->site) ? check_plain($data->author) : l(check_plain($data->author), $data->site))) . '</p>';
$sub_hide = array('#value' => 'Hide comment', '#type' => 'submit');
$sub_show = array('#value' => 'Show comment', '#type' => 'submit');
$sub_spam = array('#value' => 'Mark spam', '#type' => 'submit');
$sub_ham = array('#value' => 'Unmark spam', '#type' => 'submit');
// If tree for actions
if ($status & SSC_BLOG_COMMENT_CAN_SPAM) {
// Hasn't been re-submitted yet
if ($status & SSC_BLOG_COMMENT_SPAM) {
// Was marked as spam
$sub_ham['#name'] = "ham[{$data->id}]";
$out .= theme_render_input($sub_ham);
$sub_show['#name'] = "show[{$data->id}]";
$out .= theme_render_input($sub_show);
} else {
// Was not marked spam
$sub_spam['#name'] = "spam[{$data->id}]";
$out .= theme_render_input($sub_spam);
$sub_hide['#name'] = "hide[{$data->id}]";
$out .= theme_render_input($sub_hide);
}
} else {
// Has already been resubmitted
if ($status & SSC_BLOG_COMMENT_SPAM) {
// Currently spam/hidden
$sub_show['#name'] = "show[{$data->id}]";
$out .= theme_render_input($sub_show);
} else {
// Marked as normal currently
$sub_hide['#name'] = "hide[{$data->id}]";
$out .= theme_render_input($sub_hide);
}
}
$out .= '</div><hr />';
}
} else {
// Just show comments
while ($data = $ssc_database->fetch_object($result)) {
//$out .= "<div class='gravatar' style='background-image: url(\""._blog_gravatar_get_url($data->email)."\");'>";
$out .= '<p>' . nl2br(check_plain($data->body)) . '</p><p>';
$out .= t("Posted !date at !time by !author\n", array('!date' => date(ssc_var_get('date_med', SSC_DATE_MED), $data->created), '!time' => date(ssc_var_get('time_short', SSC_TIME_SHORT), $data->created), '!author' => empty($data->site) ? $data->author : l($data->author, $data->site))) . '</p><hr />';
//'</p></div><hr />';
}
}
}
// End admin form
if ($is_admin) {
$out .= '</div></form>';
}
if ($comments_disabled == 0 || $is_admin) {
$out .= ssc_generate_form('blog_guest_comment', $pid);
} else {
$out .= '<br />' . t("Sorry, commenting has been closed on this post.");
}
}
return $out;
} elseif (isset($_GET['param'][0])) {
// First param set not expecting anything - kill page
ssc_not_found();
return;
} else {
// Yearly archive
return _blog_gen_post(10000, $_GET['path'] . '/page/', "SELECT p.id, p.title, p.created, p.urltext, u.displayname author, count(c.post_id) count, p.commentsdisabled FROM \n\t\t\t\t\t#__blog_post p LEFT JOIN #__blog_comment c ON (post_id = p.id AND (c.status & %d = 0)) LEFT JOIN #__user u ON u.id = p.author_id \n\t\t\t\t\tWHERE blog_id = %d AND p.created >= %d AND p.created < %d AND p.is_draft = 0 GROUP BY p.id ORDER BY p.created DESC", SSC_BLOG_COMMENT_SPAM, $_GET['path-id'], mktime(0, 0, 0, 1, 1, $action), mktime(0, 0, 0, 1, 0, $action + 1));
}
}
}
// Find content
ssc_not_found();
}
