function RenderBody()
{
global $currentUser;
if (!$currentUser || !$currentUser->CanPostInBBS())
return;
echo "<form action='add.php' method='post' id='frmBBSPost'>\n";
$csrf = new CSRFProtect();
$csrf->PrintToken();
echo "<div class='content'>\n";
echo " <input type='hidden' name='which' value='".(int)$this->topic."'>\n";
echo " <input type='hidden' name='type' value='post'>\n";
echo " message:\n";
echo " <textarea name='message' id='message'>";
if ($this->topic == FIXMETHREAD_ID && $_GET["from"])
printf("There is a problem with [url=%sprod.php?which=%d]this prod[/url]: ...",POUET_ROOT_URL,$_GET["from"]);
echo "</textarea>\n";
echo " <div><a href='faq.php#BB Code'><b>BB Code</b></a> is allowed here</div>\n";
echo "</div>\n";
echo "<div class='foot'>\n";
echo " <script language='JavaScript' type='text/javascript'>\n";
echo " <!--\n";
echo " document.observe('dom:loaded',function(){ AddPreviewButton($('submit')); });\n";
echo " //-->\n";
echo " </script>\n";
echo " <input type='submit' value='Submit' id='submit'>";
echo "</div>\n";
echo "</form>\n";
}
function RenderFooter() {
echo " <div class='foot'>";
echo " <form action='".$_SERVER["REQUEST_URI"]."' method='post'>";
$csrf = new CSRFProtect();
$csrf->PrintToken();
echo " <input name='logoID' type='hidden' value='".(int)$this->logo->id."'/>";
echo " <input name='submit' type='submit' value='rulez'/>";
echo " <input name='submit' type='submit' value='sucks'/>";
echo " </form>\n";
echo " </div>\n";
echo "</div>\n";
}
function RenderBody()
{
global $currentUser;
if (!get_login_id())
{
require_once("box-login.php");
$box = new PouetBoxLogin();
$box->RenderBody();
}
else
{
if (!$currentUser->CanPostInBBS())
return;
echo "<form action='add.php' method='post'>\n";
$csrf = new CSRFProtect();
$csrf->PrintToken();
echo "<div class='content'>\n";
echo " <input type='hidden' name='type' value='bbs'>\n";
echo " <label for='topic'>topic:</label>\n";
echo " <input name='topic' id='topic'/>\n";
echo " <label for='category'>category:</label>\n";
echo " <select name='category' id='category'>\n";
foreach($this->categories as $v)
printf("<option value='%s'>%s</option>",_html($v),_html($v));
echo " </select>\n";
echo " <label for='message'>message:</label>\n";
echo " <textarea name='message' id='message'></textarea>\n";
echo " <div><a href='faq.php#BB Code'><b>BB Code</b></a> is allowed here</div>\n";
echo "</div>\n";
echo "<div class='foot'>\n";
echo " <script language='JavaScript' type='text/javascript'>\n";
echo " <!--\n";
echo " document.observe('dom:loaded',function(){ AddPreviewButton($('submit')); });\n";
echo " //-->\n";
echo " </script>\n";
echo " <input type='submit' value='Submit' id='submit'>";
echo "</div>\n";
echo "</form>\n";
}
}
function Render()
{
global $currentUser;
echo "\n\n";
echo "<div class='pouettbl' id='".$this->uniqueID."'>\n";
echo "<h2>i'm gonna wreck it !</h2>\n";
echo "<ul class='boxlist'>\n";
$actions = array(
"recacheFrontPagePartial" => "flush front page cache",
"recacheFrontPage" => "flush entire front page cache",
"recacheTopDemos" => "recalculate top demo list",
);
foreach($actions as $k=>$v)
{
echo " <li>";
echo "<form method='post'>";
$csrf = new CSRFProtect();
$csrf->PrintToken();
echo _html($v).": ";
$func = "PouetAdmin_".$k."_Form";
if (function_exists($func)) $func();
echo "<input name='".$k."' type='submit' value='submit'/>";
echo "</form>";
echo "</li>\n";
}
echo " <li><a href='admin_modification_requests.php'>process modification requests</a></li>";
if ($currentUser->IsModerator())
{
echo " <li><a href='admin_faq.php'>edit faq items</a></li>";
}
echo "</ul>\n";
echo "</div>\n";
}
function RenderAverage() {
$p = "isok";
if ($this->prod->voteavg < 0) $p = "sucks";
if ($this->prod->voteavg > 0) $p = "rulez";
echo "<ul id='avgstats'>";
echo "<li><img src='".POUET_CONTENT_URL."gfx/".$p.".gif' alt='".$p."' /> ".sprintf("%.2f",$this->prod->voteavg)."</li>\n";
$cdcs = count($this->userCDCs);
if ($this->isPouetCDC) $cdcs++;
if ($cdcs)
{
echo "<li><img src='".POUET_CONTENT_URL."gfx/titles/coupdecoeur.gif' alt='cdcs' /> ".$cdcs."</li>\n";
}
global $currentUser;
if ($currentUser)
{
echo "<li>";
echo "<form action='prod.php?which=".$this->prod->id."' method='post' id='watchlistFrm'>";
$csrf = new CSRFProtect();
$csrf->PrintToken();
$row = SQLLib::SelectRow(sprintf_esc("select * from watchlist where prodID = %d and userID = %d",$this->prod->id,$currentUser->id));
if ($row)
{
echo "<input type='hidden' name='wlAction' value='removeFromWatchlist'>";
echo "<input type='submit' value='remove from watchlist' class='remove'/>";
}
else
{
echo "<input type='hidden' name='wlAction' value='addToWatchlist'>";
echo "<input type='submit' value='add to watchlist' class='add'/>";
}
echo "</form>";
?>
<script type="text/javascript">
<!--
document.observe("dom:loaded",function(){
$("watchlistFrm").observe("submit",function(e){
e.stop();
var opt = Form.serializeElements( $("watchlistFrm").select("input"), {hash:true} );
opt["partial"] = true;
new Ajax.Request( $("watchlistFrm").action, {
method: "post",
parameters: opt,
onSuccess: function(transport) {
if (transport.responseText.length)
{
fireSuccessOverlay( opt["wlAction"] == "addToWatchlist" ? "added to watchlist !" : "removed from watchlist !" );
$("watchlistFrm").update( transport.responseText );
}
else
{
fireErrorOverlay();
}
}
});
});
});
//-->
</script>
<?
echo "</li>\n";
}
echo "</ul>";
printf("<div id='alltimerank'>alltime top: %s</div>",$this->prod->rank ? "#".(int)$this->prod->rank : "n/a");
}
function Render()
{
global $REQUESTTYPES;
echo "<table id='".$this->uniqueID."' class='boxtable'>\n";
echo " <tr>\n";
echo " <th colspan='6'>".$this->title."</th>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <th>date</th>\n";
echo " <th>user</th>\n";
echo " <th>item</th>\n";
echo " <th>request</th>\n";
echo " <th>details</th>\n";
echo " <th> </th>\n";
echo " </tr>\n";
foreach($this->requests as $r)
{
echo " <tr>\n";
echo " <td>".$r->requestDate."</td>\n";
echo " <td>".$r->user->PrintLinkedAvatar()." ".$r->user->PrintLinkedName()."</td>\n";
echo " <td>".$r->itemType.": ";
switch ($r->itemType)
{
case "prod": if ($r->prod) echo $r->prod->RenderSingleRowShort();
}
echo "</td>\n";
echo " <td>".$REQUESTTYPES[$r->requestType]::Describe()."</td>\n";
echo " <td>";
$data = unserialize($r->requestBlob);
global $REQUESTTYPES;
if ($REQUESTTYPES[$r->requestType])
echo $REQUESTTYPES[$r->requestType]::Display($r->itemID,$data);
echo "</td>\n";
echo "<td>";
printf("<form action='%s' method='post' enctype='multipart/form-data'>\n",_html(selfPath()));
$csrf = new CSRFProtect();
$csrf->PrintToken();
printf(" <input type='hidden' name='requestID' value='%d'/>",$r->id);
printf(" <input type='submit' name='requestAccept' value='accept !'/>");
printf(" <input type='submit' name='requestDeny' value='deny !'/>");
printf(" <input type='hidden' name='%s' value='%s'/>\n",PouetFormProcessor::fieldName,"adminModReq");
printf("</form>\n\n\n");
echo "</td>\n";
echo " </tr>\n";
}
echo "</table>\n";
?>
<script type="text/javascript">
<!--
document.observe("dom:loaded",function(){
$$("#pouetbox_adminreq input[type='submit']").invoke("observe","click",function(e){ e.element().setAttribute("clicked","true"); });
$$("#pouetbox_adminreq form").invoke("observe","submit",function(e){
e.stop();
var reqAction = e.element().select("input[type='submit'][clicked='true']").first().name;
var reason = null;
if (reqAction == "requestDeny")
{
reason = prompt("Enter the reason why you want to deny this request");
if (reason == null || !reason.length)
return;
}
e.element().select("input[type='submit']").invoke("setAttribute","disabled",true);
var opt = Form.serializeElements( e.element().select("input[type='hidden']"), {hash:true} );
opt["partial"] = true;
opt["comment"] = reason;
opt[ reqAction ] = true;
new Ajax.Request( e.element().action, {
method: e.element().method,
parameters: opt,
onSuccess: function(transport) {
if (transport.responseJSON.success)
{
e.element().up("tr").remove();
fireSuccessOverlay( transport.responseJSON.success == "accepted" ? "request accepted !" : "request denied !");
}
else
{
fireErrorOverlay( transport.responseJSON.errors.join("<br/>") );
}
}
});
});
});
//-->
</script>
<?
}
function RenderEditRowEnd($row)
{
echo "<td>";
$csrf = new CSRFProtect();
$csrf->PrintToken();
if ($row->id)
echo "<input type='hidden' name='edit".static::$slug."ID' value='".$row->id."'/>";
echo "<input type='submit' value='Submit'/>";
echo "</td>\n";
}
function Display()
{
$showBox = true;
if (count($this->errors))
{
$msg = new PouetBoxModalMessage( true );
$msg->classes[] = "errorbox";
$msg->title = "An error has occured:";
$msg->message = "<ul><li>".implode("</li><li>",$this->errors)."</li></ul>";
$msg->Render();
}
else
{
if ($_POST[ self::fieldName ] && $this->objects[$_POST[ self::fieldName ]])
{
$msg = new PouetBoxModalMessage( true );
$msg->classes[] = "successbox";
$msg->title = "Success!";
if ($this->successURL)
$msg->message = "<a href='"._html($this->successURL)."'>".$this->successMessage."</a>";
else
$msg->message = "<a href='".POUET_ROOT_URL."'>go back to the front page</a>";
$msg->Render();
$showBox = false;
}
}
if ($showBox)
{
foreach($this->objects as $key=>$object)
{
$object->Load();
if ($this->renderForm)
{
printf("<form action='%s' method='post' enctype='multipart/form-data'>\n",_html(selfPath()));
$csrf = new CSRFProtect();
$csrf->PrintToken();
}
$object->Render();
if ($this->renderForm)
{
printf(" <input type='hidden' name='%s' value='%s'/>\n",self::fieldName,_html($key));
printf("</form>\n\n\n");
}
}
}
}
} break;
case "bbs":
{
$box = new PouetBoxBBSOpen();
$thing = "bbs";
$data = $_POST["message"];
$message->returnPage = "index.php";
} break;
default:
{
$message->message = "not implemented!";
} break;
}
}
if ($box) {
$csrf = new CSRFProtect();
if (!$csrf->ValidateToken())
{
$message->classes[] = "errorbox";
$message->message = "who are you and where did you come from ?";
}
else
{
$errormessage = $box->ParsePostMessage($_POST);
if (!$errormessage) {
$message->title = "You've successfully added the following ".$thing.":";
$message->message = $data;
if ($box instanceof PouetBoxCachable)
$box->ForceCacheUpdate();
} else {
$message->classes[] = "errorbox";
function RenderFooter() {
global $currentUser;
if (!$currentUser) {
echo " <div class='foot'><a href='oneliner.php'>more</a>...</div>\n";
} else {
//$funnytext = "have fun";
//$funnytext = "get a cookie coz u'll need one to post";
//$funnytext = "demo my ipod me beautiful!";
//$funnytext = "bbcode and unicode doesnt work on oneliner";
//$funnytext = "Most people including myself have some sensibility";
//$funnytext = "### song, people dancing ###";
//$funnytext = "PANTS OFF!";
//$funnytext = "The world may now !";
//$funnytext = "Captain: I'm in Mensa.";
//$funnytext = "SHOW US YOUR";
//$funnytext = "remember: NO CAPES!";
//$funnytext = "NO THURSDAY ARRIVALS!";
//$funnytext = "if garfield was a criminal, we would purchase him until afghanistan.";
//$funnytext = "crashes indeed.. but wow! NOOON..";
//$funnytext = "time is to unicode on the onliner";
$funnytext = "pou\303\253t 2.0: \303\274nic\303\270de \320\270ow \321\210\305\221rks in the \317\203neli\316\256er";
echo " <div class='foot loggedin'>\n";
echo " <span><a href='oneliner.php'>more</a>...</span>\n";
echo " <form id='frmIndexOneliner' action='add.php' method='post'>\n";
$csrf = new CSRFProtect();
$csrf->PrintToken();
echo " <input type='hidden' name='type' value='oneliner'>\n";
// we dont use placeholder="" because we want people to be able to post the default nonsense
echo " <input type='text' name='message' value='"._html($funnytext)."' id='onelinermsg' maxlength='300'/>\n";
echo " <input type='submit' value='Submit'/>\n";
echo " </form>\n";
echo " </div>\n";
?>
<script type="text/javascript">
var onelinerClicked = false;
$("onelinermsg").observe("focus",function(){
if (!onelinerClicked)
$("onelinermsg").value = "";
onelinerClicked = true;
});
$("frmIndexOneliner").observe("submit",function(ev){
if ($("onelinermsg").value.indexOf("[url")!=-1) {
alert("BBCode doesn't work in the oneliner!");
ev.stop();
}
});
</script>
<?
}
echo "</div>\n";
}
function RenderBody() {
global $currentUser;
if (!$currentUser) {
require_once("box-login.php");
$box = new PouetBoxLogin();
$box->RenderBody();
} else {
if (!$currentUser->CanPostInProdComments())
return;
echo "<form action='add.php' method='post' id='frmProdComment'>\n";
$csrf = new CSRFProtect();
$csrf->PrintToken();
echo "<div class='content'>\n";
echo " <input type='hidden' name='which' value='".(int)$this->prod."'>\n";
echo " <input type='hidden' name='type' value='comment'>\n";
if (!$this->myVote)
{
echo " <div id='prodvote'>\n";
echo " this prod\n";
echo " <input type='radio' name='rating' id='ratingrulez' value='rulez'/> <label for='ratingrulez'>rulez</label>\n";
echo " <input type='radio' name='rating' id='ratingpig' value='isok' checked='true'/> <label for='ratingpig'>is ok</label>\n";
echo " <input type='radio' name='rating' id='ratingsucks' value='sucks'/> <label for='ratingsucks'>sucks</label>\n";
echo " </div>\n";
}
echo " <textarea name='comment' id='comment'></textarea>\n";
echo " <div><a href='faq.php#BB Code'><b>BB Code</b></a> is allowed here</div>\n";
echo "</div>\n";
echo "<div class='foot'>\n";
echo " <input type='submit' value='Submit' id='submit'>";
echo "</div>\n";
echo "</form>\n";
?>
<script language="JavaScript" type="text/javascript">
<!--
document.observe("dom:loaded",function(){
$$(".tools").each(function(item){
var cid = item.readAttribute("data-cid");
item.update("<a href='#'>quote</a> |");
item.down("a").observe("click",function(e){
e.stop();
new Ajax.Request("ajax_prodcomment.php",{
"method":"post",
"parameters":$H({"id":cid}).toQueryString(),
"onSuccess":function(transport){
$("comment").value += "[quote]" + transport.responseJSON.comment.strip() + "[/quote]";
try { $("comment").scrollTo(); } catch(ex) {} // needs try-catch because of some dumbass popup blockers
}
});
});
});
AddPreviewButton($('submit'));
PreparePostForm( $$("#pouetbox_prodpost form").first() );
});
//-->
</script>
<?
}
}
