Example #1
0
function uddeIMselectComboUserlist( $myself, $my_gid, $lids, $config ) {
	$database = uddeIMgetDatabase();
	$users = Array();
	
	getAdditonalGroups($add_special, $add_admin, $config);

	$ret = '<select multiple="multiple" name="userlist" class="inputbox" ondblclick="userlistdblclick(this.selectedIndex, \'listsform\', \'userlist\', \'selectionlist\', '.$config->maxonlists.')" size="10">';

	if (($config->restrictcon==1 && uddeIMisReggedOnly($my_gid)) ||
		($config->restrictcon==2 && uddeIMisAllNotAdmin($my_gid) && !uddeIMisAdmin2($my_gid, $config)) ||
		($config->restrictcon==3) ) {

		if ($lids)
			$temp = "u.id NOT IN (".uddeIMquoteSmart($lids).") AND ";
		$somanyfriends = 0;
		if (uddeIMcheckCB()) {
			$users = uddeIMselectCBbuddies($myself, $config, $temp);
			$somanyfriends = count($users);
		}

		if (!$somanyfriends) { // no friends found, maybe there are some in CBE?
			if (uddeIMcheckCBE()) {
				$users = uddeIMselectCBEbuddies($myself, $config, $temp);
				$somanyfriends = count($users);
			}
			if (uddeIMcheckCBE2()) {
				$users = uddeIMselectCBE2buddies($myself, $config, $temp);
				$somanyfriends = count($users);
			}
		}

		if (!$somanyfriends) { // no friends found, maybe there are some in JS?
			if (uddeIMcheckJS()) {
				$users = uddeIMselectJSbuddies($myself, $config, $temp);
				$somanyfriends = count($users);
			}
		}

	} else {


		if (uddeIMcheckJversion()>=2) {		// J1.6
			$temp = "";
			if ($lids)
				$temp = "AND u.id NOT IN (".uddeIMquoteSmart($lids).") ";
			switch ($config->hideallusers) {
				case 3:		// special users
					$sql="SELECT DISTINCT u.id,u.".($config->realnames ? "name" : "username")." AS displayname FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
								INNER JOIN #__usergroups AS g ON um.group_id=g.id 
								WHERE u.block=0 ".$temp."AND g.id NOT IN (3,4,5,6,7,8".$add_admin.$add_special.") ORDER BY u.".($config->realnames ? "name" : "username");
					break;
				case 2:		// admins
					$sql="SELECT DISTINCT u.id,u.".($config->realnames ? "name" : "username")." AS displayname FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
								INNER JOIN #__usergroups AS g ON um.group_id=g.id 
								WHERE u.block=0 ".$temp."AND g.id NOT IN (7,8".$add_admin.") ORDER BY u.".($config->realnames ? "name" : "username");
					break;
				case 1:		// superadmins
					$sql="SELECT DISTINCT u.id,u.".($config->realnames ? "name" : "username")." AS displayname FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
								INNER JOIN #__usergroups AS g ON um.group_id=g.id 
								WHERE u.block=0 ".$temp."AND g.id NOT IN (8) ORDER BY u.".($config->realnames ? "name" : "username");
					break;
				default:	// none
					$sql="SELECT u.id,u.".($config->realnames ? "name" : "username")." AS displayname FROM #__users AS u WHERE u.block=0 ".$temp."ORDER BY u.".($config->realnames ? "name" : "username");
					break;
			}
			if (uddeIMisAdmin($my_gid) || uddeIMisAdmin2($my_gid, $config))		// do not hide users when it is an admin
				$sql="SELECT u.id,u.".($config->realnames ? "name" : "username")." AS displayname FROM #__users AS u WHERE u.block=0 ".$temp."ORDER BY u.".($config->realnames ? "name" : "username");
		} else {
			$temp = "";
			if ($lids)
				$temp = "AND id NOT IN (".uddeIMquoteSmart($lids).") ";
			switch ($config->hideallusers) {
				case 3:		// special users
					$sql="SELECT id,".($config->realnames ? "name" : "username")." AS displayname FROM #__users WHERE block=0 ".$temp."AND gid NOT IN (19,20,21,23,24,25".$add_admin.$add_special.") ORDER BY ".($config->realnames ? "name" : "username");
					break;
				case 2:		// admins
					$sql="SELECT id,".($config->realnames ? "name" : "username")." AS displayname FROM #__users WHERE block=0 ".$temp."AND gid NOT IN (24,25".$add_admin.") ORDER BY ".($config->realnames ? "name" : "username");
					break;
				case 1:		// superadmins
					$sql="SELECT id,".($config->realnames ? "name" : "username")." AS displayname FROM #__users WHERE block=0 ".$temp."AND gid NOT IN (25) ORDER BY ".($config->realnames ? "name" : "username");
					break;
				default:	// none
					$sql="SELECT id,".($config->realnames ? "name" : "username")." AS displayname FROM #__users WHERE block=0 ".$temp."ORDER BY ".($config->realnames ? "name" : "username");
					break;
			}
			if (uddeIMisAdmin($my_gid) || uddeIMisAdmin2($my_gid, $config))		// do not hide users when it is an admin
				$sql="SELECT id,".($config->realnames ? "name" : "username")." AS displayname FROM #__users WHERE block=0 ".$temp."ORDER BY ".($config->realnames ? "name" : "username");
		}
		$database->setQuery( $sql );
		$users = $database->loadObjectList(); 
		if (!$users)
			$users = Array();
	}

	if ( count( $users ) )  {
		foreach ( $users as $user )
			$ret .= '<option value="'.$user->id.'">'.$user->displayname.'</option>';
	}
	$ret .= '</select>';
	return $ret;
}
Example #2
0
function uddeIMdrawWriteform($myself, $my_gid, $item_id, $backto, $recipname, $pmessage, $messageid, $dwf_isreply, $dwf_errorcode, $dwf_sysgm, $config) {
	$pathtouser  = uddeIMgetPath('user');
	$pathtosite  = uddeIMgetPath('live_site');

	// possible values for dwf_errorcode:
	// 0 = no error
	// 1 = no error, show complete userlist
	// 2 = don't send to yourself
	// 3 = username not found
	// 4 = no message
	// 5 = no username
	// 6 = too many recipients
	// 7 = wrong captcha code
	// 8 = does not allow public messages
	// 9 = one user has blocked you
	// 10 = sending to this group not allowed
	// 11 = contact list not found
	// 12 = error in from name (n/a, public frontend only)
	// 13 = error in from email (n/a, public frontend only)
	// 14 = time delay for spam protection
	// 15 = csrf protection
	// 16 = administrative blocking
	// 17 = user is banned
	// 18 = file upload failed
	// 19 = file size exceeded
	// 20 - file type not allowed
	// 21 - bad words

	// This functions expects values stripslashed

	// allowed to send messages?
	if ($config->waitdays && uddeIMisReggedOnly($my_gid)) {
		$rightnow=uddetime($config->timezone);
		$offset=((float)$config->waitdays) * 86400;
		$timeframe=$rightnow-$offset;
		$registerDate=uddeIMgetRegisterDate($myself, $config);
		// $registerDate=mktime(0, 0, 0, 3, 28, 2010);
		if ($timeframe<$registerDate) {
			$temp = ($registerDate-$timeframe)/86400;
			$showinboxlimit_borderbottom = "<span class='uddeim-warning'>";
			if ($temp>=1)
				$showinboxlimit_borderbottom.= _UDDEIM_WAITDAYS1.sprintf("%0.1f", $temp)._UDDEIM_WAITDAYS2;
			else 
				$showinboxlimit_borderbottom.= _UDDEIM_WAITDAYS1.sprintf("%0.1f", $temp*24)._UDDEIM_WAITDAYS2H;
			$showinboxlimit_borderbottom.= "</span>";
			echo "<div id='uddeim-bottomlines'>".$showinboxlimit_borderbottom."</div>";
			return;
		}
	}
	
	echo "<div id='uddeim-writeform'>\n";
	if ($dwf_sysgm) {
		echo "<br />";
		echo "<form enctype='multipart/form-data' name='sendeform' method='post' action='".uddeIMsefRelToAbs("index.php?option=com_uddeim&task=savesysgm&Itemid=".$item_id)."'>\n";
		uddeIMwriteCSRF($config);
		echo "<p><input type='checkbox' checked='checked' name='sysgm_sys' value='1' />"._UDDEIM_SEND_ASSYSM."</p>\n";

		if ($config->showgroups) {
			echo "<p><select name='sysgm_universe' size='1'>";
			echo "<option value='sysgm_toall'>"._UDDEIM_SEND_TOALL."</option>";
			echo "<option value='sysgm_toallspecial'>"._UDDEIM_SEND_TOALLSPECIAL."</option>";
			echo "<option value='sysgm_toalladmins'>"._UDDEIM_SEND_TOALLADMINS."</option>";
			echo "<option value='sysgm_toalllogged'>"._UDDEIM_SEND_TOALLLOGGED."</option>";
			$groups = uddeIMselectAROgroups();
			foreach ($groups as $group) {
				$groupid = $group->id;
				$groupname = $group->name;
				echo "<option value='".$groupid."'>".$groupname."</option>";
			}
			echo "</select></p>";
		} else {
			echo "<p><input type='radio' name='sysgm_universe' value='sysgm_toall' />"._UDDEIM_SEND_TOALL."<br />\n";
			echo "<input type='radio' name='sysgm_universe' checked='checked' value='sysgm_toallspecial' />"._UDDEIM_SEND_TOALLSPECIAL."<br />\n";
			echo "<input type='radio' name='sysgm_universe' checked='checked' value='sysgm_toalladmins' />"._UDDEIM_SEND_TOALLADMINS."<br />\n";
			echo "<input type='radio' name='sysgm_universe' value='sysgm_toalllogged' />"._UDDEIM_SEND_TOALLLOGGED."</p>\n";
		}
		echo "<p>"._UDDEIM_VALIDFOR_1;
		echo "<input name='sysgm_validfor' type='text' size='4' />"._UDDEIM_VALIDFOR_2."</p>\n";
		echo "<p>"._UDDEIM_SYSGM_SHORTHELP."</p>\n";
	} else {
		echo "<br />";
		echo "<form enctype='multipart/form-data' name='sendeform' method='post' action='".uddeIMsefRelToAbs("index.php?option=com_uddeim&task=save&Itemid=".$item_id)."'>";
		echo "<input type='hidden' name='sendeform_showallusers' value='' />\n";
		uddeIMwriteCSRF($config);
		if (uddeIMgetEMNmoderated($myself) ) { //&& uddeIMisReggedOnly($my_gid)) {
			echo "<p>"._UDDEIM_MCP_MODERATED."</p>";
		}
	}
	echo "\n";

	if($dwf_errorcode==0 && $backto) {
		echo "<input type='hidden' name='backto' value='".htmlspecialchars($backto)."' />";
	}

	if(!$dwf_sysgm) {
	
		if($dwf_isreply!=1) { // if this is NOT a reply

			echo "<table width='100%' cellspacing='0' cellpadding='0' width='100%'>";

			if(0 && $dwf_errorcode==0 && $recipname) {		// BUGBUG "0 &&". don't need this case
				echo "<tr><td valign='top'>";
				echo "<b>".$recipname."</b>";
				echo "<input type='hidden' name='to_name' id='input_to_name' value='".htmlentities($recipname, ENT_QUOTES, $config->charset)."' />&nbsp;";
				echo "</td></tr>";
			} else {

// START FIRST LINE IN TABLE (contains two fields: TO USER and select from ALL USER list)
				echo "<tr><td valign='top'>";
//				if ($dwf_errorcode==0 && $recipname) {	// does not really make sense
//					echo "<a href='".uddeIMsefRelToAbs("index.php?option=com_uddeim&task=new&Itemid=".$item_id)."'>"._UDDEIM_TODP."</a>";
//				} else {
				echo "<span title='".($config->allowmultipleuser ? _UDDEIM_TODP_TITLE_CC : _UDDEIM_TODP_TITLE)."'>";
				echo _UDDEIM_TODP;
//				}
				echo "<br />";

				if($dwf_errorcode==2 || $dwf_errorcode==3 || $dwf_errorcode==5 || 
				   $dwf_errorcode==6 || $dwf_errorcode==8 || $dwf_errorcode==9 || 
				   $dwf_errorcode==10 || $dwf_errorcode==11 || $dwf_errorcode==16 ||
				   $dwf_errorcode==17 || $dwf_errorcode==18 || $dwf_errorcode==19 ||
				   $dwf_errorcode==20) {
					$errorstyle='style="background-color: #ff0000;" ';
				} else {
					$errorstyle='';
				}

				echo "<input type='hidden' name='to_id' value='' />";
				echo "<input type='hidden' name='messageid' value='".$messageid."' />";
				if (!($config->flags & 0x04)) {
					echo "<input type='text' ".$errorstyle."name='to_name' id='input_to_name' value='".htmlentities($recipname, ENT_QUOTES, $config->charset)."' />&nbsp;";
				} else {
					echo "<span ".$errorstyle.">".htmlentities($recipname, ENT_QUOTES, $config->charset)."</span>";
					echo "<input type='hidden' name='to_name' id='input_to_name' value='".htmlentities($recipname, ENT_QUOTES, $config->charset)."' />&nbsp;";
				}
				echo "</span>";

				if ($config->useautocomplete) {
					uddeIMdoAutocomplete($config);
				}

// SECOND FIELD IN FIRST LINE IN TABLE
				echo "</td><td valign='top' align='right'>\n";
				$allusersallowed = 0;
				if( ($config->restrictallusers==0) ||
					($config->restrictallusers==1 && (uddeIMisSpecial($my_gid) || uddeIMisSpecial2($my_gid, $config))) || 
					($config->restrictallusers==2 && (uddeIMisAdmin($my_gid)   || uddeIMisAdmin2($my_gid, $config))) )
					$allusersallowed=1;
				if (!($config->flags & 0x01) && $allusersallowed) {
					if ($config->modeshowallusers==1 || $config->modeshowallusers==2) {
						if ($dwf_errorcode==0 && $config->modeshowallusers==1) {
							// link to drop down box with names of connected users, value is 2 since it is shown the first time (so selecting the link does not show an error message because of an empty recipient field)
							echo "<br />";
							echo "<a href=\"#\" onclick=\"document.sendeform.sendeform_showallusers.value='2'; document.sendeform.submit(); return false;\">"._UDDEIM_SHOWUSERS."</a>";
						} else { // now show all users
							uddeIMdoShowAllUsers($myself, $my_gid, $config, 1);
						}
					}
				}
				echo "</td></tr>";

// START SECOND LINE IN TABLE (colspan=2)
				if ($dwf_errorcode==3) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_NOSUCHUSER."</td></tr>";
				} elseif ($dwf_errorcode==2) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_NOTTOYOURSELF."</td></tr>";
				} elseif ($dwf_errorcode==5) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_ENTERNAME."</td></tr>";
				} elseif ($dwf_errorcode==6) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_TOOMANYRECIPIENTS."</td></tr>";
				} elseif ($dwf_errorcode==7) {
					if ($config->captchatype==0) {
						echo "<tr><td valign=left colspan=2>"._UDDEIM_WRONGCAPTCHA."</td></tr>";
					} else {
						echo "<tr><td valign=left colspan=2><span style='background-color: #ff0000;'>"._UDDEIM_WRONGCAPTCHA."</span></td></tr>";
					}
				} elseif ($dwf_errorcode==8) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_NOPUBLICMSG."</td></tr>";
				} elseif ($dwf_errorcode==9) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_ONEUSERBLOCKS."</td></tr>";
				} elseif ($dwf_errorcode==10) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_GROUPBLOCKED."</td></tr>";
				} elseif ($dwf_errorcode==11) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_NOSUCHLIST."</td></tr>";
				} elseif ($dwf_errorcode==12) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_ERRORINFROMNAME."</td></tr>";
				} elseif ($dwf_errorcode==13) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_ERRORINEMAIL."</td></tr>";
				} elseif ($dwf_errorcode==14) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_YOUHAVETOWAIT."</td></tr>";
				} elseif ($dwf_errorcode==15) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_ERRORCSRF."</td></tr>";
				} elseif ($dwf_errorcode==16) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_USERBLOCKED."</td></tr>";
				} elseif ($dwf_errorcode==17) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_USERBANNED."</td></tr>";
				} elseif ($dwf_errorcode==18) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_FILEUPLOAD_FAILED."</td></tr>";
				} elseif ($dwf_errorcode==19) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_FILESIZE_EXCEEDED."</td></tr>";
				} elseif ($dwf_errorcode==20) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_FILETYPE_NOTALLOWED."</td></tr>";
				} elseif ($dwf_errorcode==21) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_BADWORD."</td></tr>";
				}
// START THIRD LINE IN TABLE WHEN CONNECTIONS AVAILABLE

				$have_lists=0;
				if( ($config->enablelists==1) ||
					($config->enablelists==2 && (uddeIMisSpecial($my_gid) || uddeIMisSpecial2($my_gid, $config))) || 
					($config->enablelists==3 && (uddeIMisAdmin($my_gid)   || uddeIMisAdmin2($my_gid, $config))) )
					$have_lists=1;

				if (!($config->flags & 0x02)) {
					if ($config->showconnex || $have_lists) {
						// if (uddeIMcheckCB() && $showconnex && !($recipname && $dwf_errorcode==0)) {
						uddeIMdoShowConnections($myself, $my_gid, $config);	// this creates a third row in table
					}
				}
			}
			echo "</table>";
			echo "<br />";
		} else { // it IS a reply
			if ($dwf_errorcode) {
				echo "<table width='100%' cellspacing='0' cellpadding='0'>";
				if ($dwf_errorcode==7) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_WRONGCAPTCHA."</td></tr>";
				} elseif ($dwf_errorcode==13) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_ERRORINEMAIL."</td></tr>";
				} elseif ($dwf_errorcode==14) {
					echo "<tr><td valign=left colspan=2>"._UDDEIM_YOUHAVETOWAIT."</td></tr>";
				}
				echo "</table>";
				echo "<br />";
			}
			echo "<input type='hidden' name='to_id' value='".htmlentities($recipname, ENT_QUOTES, $config->charset)."' />&nbsp;";
			echo "<input type='hidden' name='messageid' value='".$messageid."' />";
			echo "<input type='hidden' name='to_name' value='' />";
		}
	}

	if(($config->showtextcounter && $config->maxlength) || 
		$config->cryptmode==2 || $config->cryptmode==4) {
		uddeIMaddScript($pathtosite."/components/com_uddeim/js/uddeimtools.js");
	}

	if($config->allowbb || $config->allowsmile) {
		uddeIMaddScript($pathtosite."/components/com_uddeim/js/bbsmile.js");
		$num = uddeIMdoSmileysEx($config);
		uddeIMdoBB($config);
		uddeIMdoSmileys($config, $num);
	}

// well, I think the complete textarea should be red (or only the label? or both?)
//	if($dwf_errorcode==4) {
//		$errorstyle=' style="background-color: #ff0000;"';
//	} else {
		$errorstyle='';
//	}

	if($dwf_isreply==1) {
		echo "<span".$errorstyle.">"._UDDEIM_REPLY."</span>";
	} else {
		echo "<span".$errorstyle.">"._UDDEIM_MESSAGE."</span>";
	}
	echo "<br />";

	$thestyle = "";
	if ($config->width)
		$thestyle .= "width: ".(int)$config->width."px; ";

	if ($dwf_errorcode==4 || $dwf_errorcode==21)
		$thestyle .= "background-color: #ff0000; ";

	$errorstyle="";
	if ($thestyle!="")
		$errorstyle="style='".$thestyle."' ";

	// ================================== TEXTBOX/TEXTCOUNTER ==============================

	if($config->showtextcounter && $config->maxlength) {
		$uc = ($config->showtextcounter) ? "textCount(document.sendeform.pmessage,document.sendeform.characterstyped,".$config->maxlength.");" : "";
		echo "<textarea name='pmessage' ".$errorstyle."class='inputbox' rows='".(int)$config->rows."' cols='".(int)$config->cols."' onkeydown='".$uc."' onkeyup='".$uc."'>".$pmessage."</textarea>";
		echo "<div class='uddeim-textcounter'>";
		echo "<input style='background-color: lightgray;' readonly='readonly' type='text' name='characterstyped' size='4' maxlength='4' value='".$config->maxlength."' /> "._UDDEIM_CHARSLEFT;
		echo "</div>";
	} else {
		echo "<textarea name='pmessage' ".$errorstyle."class='inputbox' rows='".(int)$config->rows."' cols='".(int)$config->cols."'>".$pmessage."</textarea>";
	}

	// ================================== FILE UPLOAD ==============================

	if( $config->enableattachment && uddeIMisAttachmentAllowed($my_gid, $config))
		uddeIMshowUploadButtons($config);

	// ================================== PASSWORD ==============================

	// CRYPT
	if($config->cryptmode==2 || $config->cryptmode==4) {
		echo "<div class='uddeim-password'>";
		echo "<a href='javascript:uddeidswap(\"divpass\");'>"._UDDEIM_PASSWORDBOX."</a>";
		echo "<span id='divpass' style='visibility:hidden;'>: <input name='cryptpass' value='' />"._UDDEIM_ENCRYPTIONTEXT."</span>";
		echo "</div>";
	}

	// ================================== CAPTCHA ==============================

	if ( $config->usecaptcha>=4 ||																			// all users (incl. admins)
		($config->usecaptcha==3 && !uddeIMisAdmin($my_gid)   && !uddeIMisAdmin2($my_gid, $config)) ||		// CAPTCHA enabled for public frontend, registered and special users
		($config->usecaptcha==2 && !uddeIMisSpecial($my_gid) && !uddeIMisSpecial2($my_gid, $config)) ) {	// CAPTCHA enabled for public frontend and registered users (note: 0 is not required since this is done in public.php)
		// CAPTCHA
		if ($config->captchatype==0) {
			if($dwf_errorcode==7) {
				$errorstyle='style="background-color: #ff0000;" ';
			} else {
				$errorstyle='';
			}
			echo "<div class='uddeim-captcha'>";
			echo "<label for='security_code'>"._UDDEIM_SECURITYCODE." </label><input id='security_code' name='security_code' type='text' ".$errorstyle." />&nbsp;";

			if (class_exists('JFactory')) {
				// CAPTCHA15
				echo "<img style='vertical-align:middle;' src='".$pathtosite."/components/com_uddeim/captcha15.php' alt='' /><br />";
			} else {
				// CAPTCHA10
				echo "<img style='vertical-align:middle;' src='".$pathtosite."/components/com_uddeim/captcha.php' alt='' /><br />";
			}
			echo "</div>";
		} else {
			$pathtouser  = uddeIMgetPath('user');
			require_once($pathtouser."/recaptchalib.php");
			echo "<div class='uddeim-captcha'>";
		    echo recaptcha_get_html($config->recaptchapub);
			echo "</div>";
		}
	}

	// ================================== Show the SEND OPTIONS ==============================

	$showoptions =  ($config->trashoriginal && $dwf_isreply==1) ||
					($config->trashoriginalsent && !$dwf_sysgm) ||
					($config->allowcopytome && !$dwf_sysgm) ||
					($config->addccline && $config->allowmultipleuser && !$dwf_sysgm) ||
					($config->allowemailnotify && $config->emailwithmessage==2 && (uddeIMisAdmin($my_gid) || uddeIMisAdmin2($my_gid, $config))) ||
					($config->allowemailnotify && $dwf_sysgm);

	if ($showoptions) {
		echo "<div class='uddeim-sendoption'>";
	}
	if($config->trashoriginal && $dwf_isreply==1) {
		echo "<input type='checkbox' value='1' checked='checked' name='tobedeleted' />"._UDDEIM_TRASHORIGINAL."&nbsp;";
	}
	if($config->trashoriginalsent && !$dwf_sysgm) {
		echo "<input type='checkbox' value='1' name='tobedeletedsent' />"._UDDEIM_TRASHORIGINALSENT."&nbsp;";
	}
	if($config->allowcopytome && !$dwf_sysgm) {
		echo "<input type='checkbox' value='1' name='copytome' />"._UDDEIM_SENDCOPYTOME."&nbsp;";
	}
	if($config->addccline && $config->allowmultipleuser && !$dwf_sysgm) {
		echo "<span title='"._UDDEIM_ADDCCINFO_TITLE."'>";
		echo "<input type='checkbox' value='1' checked='checked' name='addccinfo' />"._UDDEIM_ADDCCINFO;
		echo "</span>";
	}
	// Email notifications must be on AND emailwithmessage for admins AND its an admin
	if($config->allowemailnotify && $config->emailwithmessage==2 && (uddeIMisAdmin($my_gid) || uddeIMisAdmin2($my_gid, $config))) {
		echo "<span title='"._UDDEAIM_ADDEMAIL_TITLE."'>";
		echo "<input type='checkbox' value='1' name='forceembedded' />"._UDDEAIM_ADDEMAIL_SELECT;
		echo "</span>";
	}
	if($config->allowemailnotify && $dwf_sysgm) {
		echo "<span><input type='checkbox' value='1' name='sysgm_nonotify' />"._UDDEIM_SEND_NONOTIFY."</span>\n";
	}

	if ($showoptions) {
		echo "</div>";
	}

	// ================================== SEND BUTTON ==============================

	echo "<div class='uddeim-sendbutton'>";
	// when going back one page (history(-1)) the button stays disabled
    // echo "<input type='submit' name='reply' class='button' onclick=\"this.disabled=true;this.value='"._UDDEIM_PROCESSING."';this.form.submit();\" value='"._UDDEIM_SUBMIT."' /> ";
    echo "<input type='submit' name='reply' class='button' value='"._UDDEIM_SUBMIT."' /> ";
	echo "</div>";

	echo "</form>\n";
	echo "</div>\n"; // end of uddeim-writeform
}
Example #3
0
function uddeIMdoShowAllUsers($myself, $my_gid, $config, $mode, $enabled=1, $defaultvalue=0) {						
	$database = uddeIMgetDatabase();

	$sep=",";
	if ($config->separator==1)
		$sep=";";

	if (uddeIMcheckJversion()>=2) {		// J1.6
		$hide = "";
		if ($config->hideusers)
			$hide = "AND u.id NOT IN (".uddeIMquoteSmart($config->hideusers).") ";

		$hide2 = "";
		if (uddeIMisReggedOnly($my_gid) && $config->blockgroups)
			$hide2 = "AND g.id NOT IN (".uddeIMquoteSmart($config->blockgroups).") ";

		getAdditonalGroups($add_special, $add_admin, $config);
		switch ($config->hideallusers) {
			case 3:		// special users
				$sql="SELECT DISTINCT u.".($config->realnames ? "name" : "username")." AS displayname, u.id 
						FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
							INNER JOIN #__usergroups AS g ON um.group_id=g.id 
							WHERE u.block=0 AND g.id NOT IN (3,4,5,6,7,8".$add_admin.$add_special.") AND u.id<>".$myself." ".$hide.$hide2."ORDER BY u.".($config->realnames ? "name" : "username");
				break;
			case 2:		// admins
				$sql="SELECT DISTINCT u.".($config->realnames ? "name" : "username")." AS displayname, u.id 
						FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
							INNER JOIN #__usergroups AS g ON um.group_id=g.id 
							WHERE u.block=0 AND g.id NOT IN (7,8".$add_admin.") AND u.id<>".$myself." ".$hide.$hide2."ORDER BY u.".($config->realnames ? "name" : "username");
				break;
			case 1:		// superadmins
				$sql="SELECT DISTINCT u.".($config->realnames ? "name" : "username")." AS displayname, u.id 
						FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
							INNER JOIN #__usergroups AS g ON um.group_id=g.id 
							WHERE u.block=0 AND g.id NOT IN (8) AND u.id<>".$myself." ".$hide.$hide2."ORDER BY u.".($config->realnames ? "name" : "username");
				break;
			default:	// none
				$sql="SELECT DISTINCT u.".($config->realnames ? "name" : "username")." AS displayname, u.id 
						FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
							INNER JOIN #__usergroups AS g ON um.group_id=g.id 
							WHERE u.block=0 AND u.id<>".$myself." ".$hide.$hide2."ORDER BY u.".($config->realnames ? "name" : "username");
				break;
		}
		if (uddeIMisAdmin($my_gid) || uddeIMisAdmin2($my_gid, $config))		// do not hide users when it is an admin
			$sql="SELECT ".($config->realnames ? "name" : "username")." AS displayname, id FROM #__users WHERE block=0 AND id<>".$myself." ORDER BY ".($config->realnames ? "name" : "username");
	} else {
		$hide = "";
		if ($config->hideusers)
			$hide = "AND id NOT IN (".uddeIMquoteSmart($config->hideusers).") ";

		$hide2 = "";
		if (uddeIMisReggedOnly($my_gid) && $config->blockgroups)
			$hide2 = "AND gid NOT IN (".uddeIMquoteSmart($config->blockgroups).") ";

		switch ($config->hideallusers) {
			case 3:		// special users
				$sql="SELECT ".($config->realnames ? "name" : "username")." AS displayname, id FROM #__users WHERE block=0 AND gid NOT IN (19,20,21,23,24,25".$add_admin.") AND id<>".$myself." ".$hide.$hide2."ORDER BY ".($config->realnames ? "name" : "username");
				break;
			case 2:		// admins
				$sql="SELECT ".($config->realnames ? "name" : "username")." AS displayname, id FROM #__users WHERE block=0 AND gid NOT IN (24,25".$add_admin.") AND id<>".$myself." ".$hide.$hide2."ORDER BY ".($config->realnames ? "name" : "username");
				break;
			case 1:		// superadmins
				$sql="SELECT ".($config->realnames ? "name" : "username")." AS displayname, id FROM #__users WHERE block=0 AND gid NOT IN (25) AND id<>".$myself." ".$hide.$hide2."ORDER BY ".($config->realnames ? "name" : "username");
				break;
			default:	// none
				$sql="SELECT ".($config->realnames ? "name" : "username")." AS displayname, id FROM #__users WHERE block=0 AND id<>".$myself." ".$hide.$hide2."ORDER BY ".($config->realnames ? "name" : "username");
				break;
		}
		if (uddeIMisAdmin($my_gid) || uddeIMisAdmin2($my_gid, $config))		// do not hide users when it is an admin
			$sql="SELECT ".($config->realnames ? "name" : "username")." AS displayname, id FROM #__users WHERE block=0 AND id<>".$myself." ORDER BY ".($config->realnames ? "name" : "username");
	}

	$database->setQuery($sql);
	$rows=$database->loadObjectList();
	if (!$rows)
		$rows = array();
	
	if ($mode==1) {					// CREATE NEW MESSAGE
		if ($config->allowmultipleuser)
			$allnames="<select size=\"1\" class=\"inputbox\" name=\"userlist\" onchange=\"document.sendeform.to_name.value=(document.sendeform.to_name.value.length>0 && document.sendeform.userlist.value.length>0) ? document.sendeform.to_name.value+'".$sep."'+document.sendeform.userlist.value : document.sendeform.userlist.value; return false;\">";
		else
			$allnames="<select size=\"1\" class=\"inputbox\" name=\"userlist\" onchange=\"document.sendeform.to_name.value=document.sendeform.userlist.value; return false;\">";
		$allnames.="<option value=\"\">&nbsp;</option>";
		foreach ($rows as $row) {
			$allnames.="<option value=\"".$row->displayname."\">".$row->displayname."</option>";
		}
		$allnames.="</select>";
		echo _UDDEIM_USERLIST."<br />";

	} elseif ($mode==2) {				// AUTOFORWARDING BOX
		$allnames="<select size=\"1\" class=\"inputbox\" name=\"autoforwardid\"".($enabled==1 ? "" : " disabled=\"disabled\"").">";
		foreach ($rows as $row) {
			$allnames.="<option value=\"".$row->id."\"".($defaultvalue==$row->id ? " selected=\"selected\"" : "").">".$row->displayname."</option>";
		}
		$allnames.="</select>";

	} else {								// NOT USED
		$allnames="<select size=\"1\" class=\"inputbox\" name=\"userlist\">";
		$allnames.="<option value=\"0\">WRONG FUNCTION CALL</option>";
		foreach ($rows as $row) {
			$allnames.="<option value=\"".$row->displayname."\">".$row->displayname."</option>";
		}
		$allnames.="</select>";
	}
	echo $allnames;
}
Example #4
0
function uddeIMgetGroupID2($config) {	// 0=public, 1=registered, 2=special
	$database = uddeIMgetDatabase();
	$user = JFactory::getUser();
	$userid = $user->id;

	$sql="SELECT g.id AS gid 
		FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
		INNER JOIN #__usergroups AS g ON um.group_id=g.id WHERE u.id=".(int)$userid;
	$database->setQuery($sql);
	$rows = $database->loadObjectList();
	$my_gid = Array();					// 1 = Public, 2 = Registered, ...
	foreach($rows as $key => $value) {
		if ($value->gid<=1)
			$my_gid[] = (int)0;
		else
			$my_gid[] = (int)$value->gid;
	}
	if (uddeIMisSpecial($my_gid) || uddeIMisSpecial2($my_gid, $config))
		return 2;
	if (uddeIMisReggedOnly($my_gid))
		return 1;
	return 0;
}
Example #5
0
/**
 * returns userlist for autocomplete functionality
 * @since J!1.5 - uddeim 0.9b+ 2007-11-21
 * @author zenny
 */
function uddeIMcompleteUserName($myself, $config){
	// look for json encoding abilities, first native php, then global pear package, then local pear copy (switched by joomla version again)
	if (!function_exists('json_encode') && !class_exists('Services_JSON')) {
		if ( !@include_once('JSON.php') ) {
			require_once( uddeIMgetPath('absolute_path').'/components/com_uddeim/json.php' );
		}
	}

	$db = uddeIMgetDatabase();

	// get and filter input (switch for jjoom and joom again)
	$input = trim( class_exists('JRequest') ? JRequest::getVar('value') : uddeIMmosGetParam($_REQUEST, 'value', '') );
//	$input = rawurldecode($input);
//	$input = utf8_decode($input);
//	if (!class_exists('JFilterInput'))
	if (function_exists('iconv'))
		$input=iconv('UTF-8',$config->charset,$input);

	if (class_exists('JFilterInput'))
		$input = JFilterInput::clean($input, 'username');
	else
		$input = (string) preg_replace( '/[\x00-\x1F\x7F<>"\'%&]/', '', $input );

	// do not fetch stuff from db if request is faulty in any way or empty, but return an blank result set
	if ( strlen($input) == 0){
		$results = Array();
	} else {
		$fieldToUse = $config->realnames ? 'name' : 'username';
		// NOTE: modify the input quote to extend wildcard matching

		if (uddeIMcheckJversion()>=5) {		// J3.0
			if ($myself) {
				$my_gid = $config->usergid;

				$hide = "";
				if ($config->hideusers && !uddeIMisAdmin($my_gid) && !uddeIMisAdmin2($my_gid, $config))
					$hide = "AND u.id NOT IN (".uddeIMquoteSmart($config->hideusers).") ";

				$hide2 = "";
				if ($config->blockgroups && uddeIMisReggedOnly($my_gid))
					$hide2 = "AND g.id NOT IN (".uddeIMquoteSmart($config->blockgroups).") ";


				$query = sprintf( 'SELECT DISTINCT u.id,u.%1$s AS displayname FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
								INNER JOIN #__usergroups AS g ON um.group_id=g.id 
								WHERE u.block=0 AND u.%1$s LIKE %2$s '.$hide.$hide2.'ORDER BY u.%1$s LIMIT 50'
									, $fieldToUse
//									, JDatabase::quoteName( $fieldToUse )
									, $db->Quote( ($config->searchinstring ? '%' : '').$input.'%' )
								);
			}

		} elseif (uddeIMcheckJversion()>=2) {		// J1.6
			if ($myself) {
				$my_gid = $config->usergid;

				$hide = "";
				if ($config->hideusers && !uddeIMisAdmin($my_gid) && !uddeIMisAdmin2($my_gid, $config))
					$hide = "AND u.id NOT IN (".uddeIMquoteSmart($config->hideusers).") ";

				$hide2 = "";
				if ($config->blockgroups && uddeIMisReggedOnly($my_gid))
					$hide2 = "AND g.id NOT IN (".uddeIMquoteSmart($config->blockgroups).") ";


				$query = sprintf( 'SELECT DISTINCT u.id,u.%1$s AS displayname FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
								INNER JOIN #__usergroups AS g ON um.group_id=g.id 
								WHERE u.block=0 AND u.%1$s LIKE %2$s '.$hide.$hide2.'ORDER BY u.%1$s LIMIT 50'
									, $db->nameQuote( $fieldToUse ) // ok
									, $db->Quote( ($config->searchinstring ? '%' : '').$input.'%' )
								);
			} else {
				$hide = "";
				if ($config->hideusers && !uddeIMisAdmin($my_gid) && !uddeIMisAdmin2($my_gid, $config))
					$hide = "AND a.id NOT IN (".uddeIMquoteSmart($config->hideusers).") ";

				$hide2 = "";
				if ($config->pubblockgroups)
					$hide2 = "AND g.id NOT IN (".uddeIMquoteSmart($config->pubblockgroups).") ";

				$query = sprintf( 'SELECT DISTINCT u.id,u.%1$s AS displayname FROM ((#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
								INNER JOIN #__usergroups AS g ON um.group_id=g.id)
								INNER JOIN #__uddeim_emn AS b ON u.id=b.userid
								WHERE b.public=1 AND u.block=0 AND u.%1$s LIKE %2$s '.$hide.$hide2.'ORDER BY u.%1$s LIMIT 50'
									, $db->nameQuote( $fieldToUse ) // ok
									, $db->Quote( ($config->searchinstring ? '%' : '').$input.'%' )
								);
			}
		} else {
			if ($myself) {
				$my_gid = $config->usergid;

				$hide = "";
				if ($config->hideusers && !uddeIMisAdmin($my_gid) && !uddeIMisAdmin2($my_gid, $config))
					$hide = "AND id NOT IN (".uddeIMquoteSmart($config->hideusers).") ";

				$hide2 = "";
				if ($config->blockgroups && uddeIMisReggedOnly($my_gid))
					$hide2 = "AND gid NOT IN (".uddeIMquoteSmart($config->blockgroups).") ";
				$query = sprintf( 'SELECT %1$s AS displayname FROM `#__users` WHERE `block` = 0 AND %1$s LIKE %2$s '.$hide.$hide2.'ORDER BY %1$s LIMIT 50'
									, $db->nameQuote( $fieldToUse ) // ok
									, $db->Quote( ($config->searchinstring ? '%' : '').$input.'%' )
								);
			} else {
				$hide = "";
				if ($config->hideusers && !uddeIMisAdmin($my_gid) && !uddeIMisAdmin2($my_gid, $config))
					$hide = "AND a.id NOT IN (".uddeIMquoteSmart($config->hideusers).") ";

				$hide2 = "";
				if ($config->pubblockgroups)
					$hide2 = "AND a.gid NOT IN (".uddeIMquoteSmart($config->pubblockgroups).") ";
				$query = sprintf( 'SELECT a.%1$s AS displayname FROM `#__users` AS a, `#__uddeim_emn` AS b WHERE a.id=b.userid AND b.public=1 AND a.block=0 AND a.%1$s LIKE %2$s '.$hide.$hide2.'ORDER BY a.%1$s LIMIT 50'
									, $db->nameQuote( $fieldToUse ) // ok
									, $db->Quote( ($config->pubsearchinstring ? '%' : '').$input.'%' )
								);
			}
		}
		$db->setQuery( $query );
		$results = $db->loadObjectList();
	}
	$items = Array();

	$use_jason = 1;
	$use_xml = 0;
	if ($use_jason) {		// - old style uddeIM 1.1
		// assign results
		foreach ( $results as $item ) {
			// on some systems "rawurlencode" makes troubles, so special characters are displayed wrong, if this happens, remove this function
	//		$temp = iconv($config->charset,'UTF-8',$temp);
	//		$temp = ($item->displayname);			// works in J1.5
			$temp = $item->displayname;
			if (function_exists('iconv'))
				$temp = iconv($config->charset,'UTF-8',$temp);	// fix for 1.2
			$items[] = rawurlencode($temp);	// works in J1.0 - uddeIM 1.1 style
		}

		// encode to json and print, using available methods
		if (function_exists('json_encode'))
			echo json_encode($items);
		else{
			$json = new Services_JSON();
			echo $json->encode($items);
		}
	}
	if ($use_xml) {
		$i = 0;
		foreach ( $results as $item ) {
			$temp = $item->displayname;
			if (function_exists('iconv'))
				$temp = iconv($config->charset,'UTF-8',$temp);
			$items[] = array( "id"=>($i+1) ,"value"=>rawurlencode($temp), "info"=>rawurlencode("") );
			$i++;
		}
		header ("Expires: Mon, 26 Jul 1997 01:00:00 GMT"); // Date in the past
		header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified
		header ("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
		header ("Pragma: no-cache"); // HTTP/1.0
		header ("Content-Type: application/json");
		echo "[";
		$arr = array();
		for ($i=0;$i<count($items);$i++)
			$arr[] = "\"".$items[$i]['value']."\"";
//			$arr[] = "{\"id\": \"".$items[$i]['id']."\", \"value\": \"".$items[$i]['value']."\", \"info\": \"\"}";
		echo implode(", ", $arr);
		echo "]";
	}
}
Example #6
0
function uddeIMinsertEMNdefaults($myself, $config) {
	$database = uddeIMgetDatabase();
	$status = $config->notifydefault;
	$popup  = $config->popupdefault;
	$public = $config->pubfrontenddefault;
	$autoresponder = 0;		// autorespondertext will not be set here
	$autoforward   = 0;
	$autoforwardid = 0;
	$locked = 0;
	$mod	= 0;
	if (uddeIMisReggedOnly($config->usergid))
		$mod	= $config->modnewusers;
	$sql="INSERT INTO #__uddeim_emn (moderated, locked, status, popup, public, autoresponder, autoforward, autoforwardid, userid) VALUES (".
			(int)$mod.", ".
			(int)$locked.", ".
			(int)$status.", ".
			(int)$popup.", ".
			(int)$public.", ".
			(int)$autoresponder.", ".
			(int)$autoforward.", ".
			(int)$autoforwardid.", ".
			(int)$myself.")";
	$database->setQuery($sql);
	if (!$database->query()) {
		die("SQL error" . $database->stderr(true));
	}
}