/** * save notifications * * @param int $id * @param UserTable $user */ private function saveNotifications( $id, $user ) { global $_CB_framework; $row = new NotificationTable(); $isModerator = CBGroupJive::isModerator( $user->get( 'id' ) ); $group = CBGroupJive::getGroup( $id ); $row->load( array( 'user_id' => (int) $user->get( 'id' ), 'group' => (int) $group->get( 'id' ) ) ); $returnUrl = $_CB_framework->pluginClassUrl( $this->element, false, array( 'action' => 'groups', 'func' => 'show', 'id' => (int) $group->get( 'id' ) ) ); if ( ! CBGroupJive::canAccessGroup( $group, $user ) ) { cbRedirect( $returnUrl, CBTxt::T( 'Group does not exist.' ), 'error' ); } elseif ( ! $this->params->get( 'notifications', 1 ) ) { cbRedirect( $returnUrl, CBTxt::T( 'You do not have access to notifications in this group.' ), 'error' ); } elseif ( $row->get( 'id' ) && ( $user->get( 'id' ) != $row->get( 'user_id' ) ) ) { cbRedirect( $returnUrl, CBTxt::T( 'You do not have sufficient permissions to edit this users notifications.' ), 'error' ); } elseif ( ! $isModerator ) { if ( ! CBGroupJive::canCreateGroupContent( $user, $group ) ) { cbRedirect( $returnUrl, CBTxt::T( 'You do not have sufficient permissions to notifications in this group.' ), 'error' ); } } $row->set( 'user_id', $row->get( 'user_id', (int) $user->get( 'id' ) ) ); $row->set( 'group', $row->get( 'group', (int) $group->get( 'id' ) ) ); foreach ( $this->getInput()->subTree( 'params' ) as $k => $v ) { if ( is_array( $v ) || is_object( $v ) ) { continue; } $k = Get::clean( $k, GetterInterface::COMMAND ); if ( $k ) { if ( is_numeric( $v ) ) { $v = (int) $this->input( 'post/params.' . $k, null, GetterInterface::INT ); } else { $v = $this->input( 'post/params.' . $k, null, GetterInterface::STRING ); } $row->params()->set( $k, $v ); } } $row->set( 'params', $row->params()->asJson() ); if ( $row->getError() || ( ! $row->check() ) ) { $_CB_framework->enqueueMessage( CBTxt::T( 'GROUP_NOTIFICATIONS_FAILED_TO_SAVE', 'Notifications failed to save! Error: [error]', array( '[error]' => $row->getError() ) ), 'error' ); $this->showGroupNotifications( $id, $user ); return; } if ( $row->getError() || ( ! $row->store() ) ) { $_CB_framework->enqueueMessage( CBTxt::T( 'GROUP_NOTIFICATIONS_FAILED_TO_SAVE', 'Notifications failed to save! Error: [error]', array( '[error]' => $row->getError() ) ), 'error' ); $this->showGroupNotifications( $id, $user ); return; } cbRedirect( $returnUrl, CBTxt::T( 'Notifications saved successfully!' ) ); }
/** * Method to get a parameter value from CMS user object * * @param string $key Parameter key * @param mixed $default Parameter default value * @param string $type [optional] Default: GetterInterface::RAW. Or const int GetterInterface::COMMAND|GetterInterface::INT|... or array( const ) or array( $key => const ) * @return mixed The value or the default if it did not exist */ public function getParam($key, $default = null, $type = GetterInterface::RAW) { return Get::clean($this->cmsOwnUser->getParam($key, $default), $type); }
/** * Returns the file name cleaned of the unique id * * @return string */ public function name() { static $cache = array(); $id = $this->path(); if ( ! isset( $cache[$id] ) ) { $name = $this->params()->get( 'name' ); if ( ! $name ) { $extension = $this->extension(); if ( $this->get( 'filename' ) ) { $name = Get::clean( pathinfo( $this->get( 'filename' ), PATHINFO_FILENAME ), GetterInterface::STRING ) . '.' . $extension; } else { $name = preg_replace( '/[^-a-zA-Z0-9_.]/', '', pathinfo( $id, PATHINFO_FILENAME ) ) . '.' . $extension; } } $cache[$id] = $name; } return $cache[$id]; }
/** * Returns the file name cleaned of the unique id * * @return string */ public function getFileName() { static $cache = array(); $id = $this->get( 'value' ); if ( ! isset( $cache[$id] ) ) { $domain = $this->getLinkDomain(); if ( $domain ) { if ( in_array( $domain, array( 'youtube', 'youtu' ) ) ) { $name = preg_replace( '%^.*(?:v=|v/|/)([\w-]+).*%i', '$1', $id ); } else { $name = pathinfo( $id, PATHINFO_FILENAME ) . '.' . $this->getExtension(); } $cache[$id] = $name; } else { $extension = $this->getExtension(); if ( $this->get( 'file' ) ) { $cache[$id] = Get::clean( pathinfo( $this->get( 'file' ), PATHINFO_FILENAME ), GetterInterface::STRING ) . '.' . $extension; } else { $cache[$id] = preg_replace( '/[^-a-zA-Z0-9_.]/', '', pathinfo( $id, PATHINFO_FILENAME ) ) . '.' . $extension; } } } return $cache[$id]; }
/** * Replaces @MENTION with profile urls * * @return string */ public function profiles() { global $_CB_database, $_CB_framework; /** @var UserTable[] $users */ static $users = array(); foreach ( $this->words as $k => $word ) { if ( preg_match( $this->regexp['profile'], $word, $match ) ) { $cleanWord = Get::clean( $match[1], GetterInterface::STRING ); if ( ! isset( $users[$cleanWord] ) ) { $user = new UserTable(); if ( is_numeric( $match[1] ) ) { $user->load( (int) $match[1] ); } if ( ! $user->get( 'id' ) ) { $wordNext2 = ( isset( $this->words[$k+1] ) && ( ! preg_match( $this->regexp['profile'], $this->words[$k+1] ) ) ? $cleanWord . ' ' . Get::clean( $this->words[$k+1], GetterInterface::STRING ) : null ); $wordNext3 = ( $wordNext2 && isset( $this->words[$k+2] ) && ( ! preg_match( $this->regexp['profile'], $this->words[$k+2] ) ) ? $wordNext2 . ' ' . Get::clean( $this->words[$k+2], GetterInterface::STRING ) : null ); $wordNext4 = ( $wordNext3 && isset( $this->words[$k+3] ) && ( ! preg_match( $this->regexp['profile'], $this->words[$k+3] ) ) ? $wordNext3 . ' ' . Get::clean( $this->words[$k+3], GetterInterface::STRING ) : null ); $wordNext5 = ( $wordNext4 && isset( $this->words[$k+4] ) && ( ! preg_match( $this->regexp['profile'], $this->words[$k+4] ) ) ? $wordNext4 . ' ' . Get::clean( $this->words[$k+4], GetterInterface::STRING ) : null ); $wordNext6 = ( $wordNext5 && isset( $this->words[$k+5] ) && ( ! preg_match( $this->regexp['profile'], $this->words[$k+5] ) ) ? $wordNext5 . ' ' . Get::clean( $this->words[$k+5], GetterInterface::STRING ) : null ); $query = 'SELECT c.*, u.*' . "\n FROM " . $_CB_database->NameQuote( '#__users' ) . " AS u" . "\n LEFT JOIN " . $_CB_database->NameQuote( '#__comprofiler' ) . " AS c" . ' ON c.' . $_CB_database->NameQuote( 'id' ) . ' = u.' . $_CB_database->NameQuote( 'id' ) . "\n WHERE ( u." . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $cleanWord ) // Match username exactly . ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $cleanWord ); // Match name exactly if ( $wordNext2 ) { // 2 Words $query .= ' OR u.' . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $wordNext2 ) // Match username +1 word exactly . ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $wordNext2 ); // Match name +1 word exactly } if ( $wordNext3 ) { // 3 Words $query .= ' OR u.' . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $wordNext3 ) // Match username +2 words exactly . ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $wordNext3 ); // Match name +2 words exactly } if ( $wordNext4 ) { // 4 Words $query .= ' OR u.' . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $wordNext4 ) // Match username +3 words exactly . ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $wordNext4 ); // Match name +3 words exactly } if ( $wordNext5 ) { // 5 Words $query .= ' OR u.' . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $wordNext5 ) // Match username +4 words exactly . ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $wordNext5 ); // Match name +4 words exactly } if ( $wordNext6 ) { // 6 Words $query .= ' OR u.' . $_CB_database->NameQuote( 'username' ) . ' = ' . $_CB_database->Quote( $wordNext6 ) // Match username +5 words exactly . ' OR u.' . $_CB_database->NameQuote( 'name' ) . ' = ' . $_CB_database->Quote( $wordNext6 ); // Match name +5 words exactly } $query .= ' )' . "\n ORDER BY u." . $_CB_database->NameQuote( 'username' ) . ", u." . $_CB_database->NameQuote( 'name' ); $_CB_database->setQuery( $query ); $_CB_database->loadObject( $user ); } $users[$cleanWord] = $user; } $user = $users[$cleanWord]; if ( $user->get( 'id' ) ) { $this->parsed = preg_replace( '/@' . (int) $user->get( 'id' ) . '\b|@' . preg_quote( $user->get( 'name' ), '/' ) . '\b|@' . preg_quote( $user->get( 'username' ), '/' ) . '\b|' . preg_quote( $word, '/' ) . '\b/i', '<a href="' . $_CB_framework->userProfileUrl( (int) $user->get( 'id' ) ) . '" rel="nofollow">@' . htmlspecialchars( getNameFormat( $user->get( 'name' ), $user->get( 'username' ), Application::Config()->get( 'name_format' ) ) ) . '</a>', $this->parsed ); } } } return $this->parsed; }
/** * Prepares field data for saving to database (safe transfer from $postdata to $user) * Override * * @param FieldTable $field * @param UserTable $user RETURNED populated: touch only variables related to saving this field (also when not validating for showing re-edit) * @param array $postdata Typically $_POST (but not necessarily), filtering required. * @param string $reason 'edit' for save profile edit, 'register' for registration, 'search' for searches */ public function prepareFieldDataSave(&$field, &$user, &$postdata, $reason) { $this->_prepareFieldMetaSave($field, $user, $postdata, $reason); foreach ($field->getTableColumns() as $col) { $value = stripslashes(cbGetParam($postdata, $col, '', _CB_ALLOWRAW)); if ($value !== null) { $value = Get::clean($value, GetterInterface::HTML); } $validated = $this->validate($field, $user, $col, $value, $postdata, $reason); if ($value !== null) { if ($validated && isset($user->{$col}) && (string) $user->{$col} !== (string) $value) { $this->_logFieldUpdate($field, $user, $reason, $user->{$col}, $value); } $user->{$col} = $value; } } }
/** * Utility function to return a value from a named array or a specified default. * TO CONTRARY OF MAMBO AND JOOMLA mos Get Param: * 1) DOES NOT MODIFY ORIGINAL ARRAY * 2) Does sanitize ints * 3) Does return default array() for a default value array(0) which indicates sanitizing an array of ints. * * @param array $arr A named array * @param string $name The key to search for * @param mixed $def The default value to give if no key found * @param int $mask An options mask: _MOS_NOTRIM prevents trim, _MOS_ALLOWHTML allows safe html, _MOS_ALLOWRAW allows raw input * @return string|array */ function cbGetParam(&$arr, $name, $def = null, $mask = 0) { if (isset($arr[$name])) { if (is_array($arr[$name])) { $ret = array(); foreach (array_keys($arr[$name]) as $k) { $ret[$k] = cbGetParam($arr[$name], $k, $def, $mask); if ($def === array(0)) { $ret[$k] = (int) $ret[$k]; } } } else { $ret = $arr[$name]; if (is_string($ret)) { if (!($mask & _CB_NOTRIM)) { $ret = trim($ret); } if (!($mask & _CB_ALLOWRAW)) { $ret = Get::clean($ret, GetterInterface::STRING); } if (is_int($def)) { $ret = (int) $ret; } elseif (is_float($def)) { $ret = (double) $ret; } elseif (!get_magic_quotes_gpc()) { $ret = addslashes($ret); } } } return $ret; } elseif (false !== ($firstSeparator = strpos($name, '['))) { // html-input-name-encoded array selection, e.g. a[b][c] $indexes = null; $mainArrName = substr($name, 0, $firstSeparator); $count = preg_match_all('/\\[([^\\[\\]]+)\\]/', substr($name, $firstSeparator), $indexes); if (isset($arr[$mainArrName]) && $count > 0) { $a = $arr[$mainArrName]; for ($i = 0; $i < $count - 1; $i++) { if (!isset($a[$indexes[1][$i]])) { $a = null; break; } $a = $a[$indexes[1][$i]]; } } else { $a = null; $i = null; } if ($a !== null) { return cbGetParam($a, $indexes[1][$i], $def, $mask); } } if ($def === array(0)) { return array(); } return $def; }
/** * Parses a string for PHP functions * * @param string $input * @param array $vars * @return string */ static public function formatCondition( $input, $vars = array() ) { // \[cb:parse(?: +function="([^"/\[\] ]+)")( +(?: ?[a-zA-Z-_]+="(?:[^"]|\\")+")+)?(?:(?:\s*/])|(?:]((?:[^\[]|\[(?!/?cb:parse[^\]]*])|(?R))+)?\[/cb:parse])) $regex = '%\[cb:parse(?: +function="([^"/\[\] ]+)")( +(?: ?[a-zA-Z-_]+="(?:[^"]|\\\\")+")+)?(?:(?:\s*/])|(?:]((?:[^\[]|\[(?!/?cb:parse[^\]]*])|(?R))+)?\[/cb:parse]))%i'; if ( preg_match_all( $regex, $input, $results, PREG_SET_ORDER ) ) { foreach( $results as $matches ) { $function = ( isset( $matches[1] ) ? $matches[1] : null ); if ( $function ) { $value = ( isset( $matches[3] ) ? self::formatCondition( $matches[3], $vars ) : null ); $options = new Registry(); if ( isset( $matches[2] ) ) { if ( preg_match_all( '/(?:([a-zA-Z-_]+)="((?:[^"]|\\\\\\\\")+)")+/i', $matches[2], $optionResults, PREG_SET_ORDER ) ) { foreach( $optionResults as $option ) { $k = ( isset( $option[1] ) ? $option[1] : null ); $v = ( isset( $option[2] ) ? $option[2] : null ); if ( $k ) { $options->set( $k, $v ); } } } } $method = $options->get( 'method' ); $options->unsetEntry( 'method' ); switch ( $function ) { case 'clean': switch( $method ) { case 'cmd': $input = str_replace( $matches[0], Get::clean( $value, GetterInterface::COMMAND ), $input ); break; case 'numeric': $input = str_replace( $matches[0], Get::clean( $value, GetterInterface::NUMERIC ), $input ); break; case 'unit': $input = str_replace( $matches[0], Get::clean( $value, GetterInterface::UINT ), $input ); break; case 'int': case 'integer': $input = str_replace( $matches[0], Get::clean( $value, GetterInterface::INT ), $input ); break; case 'bool': case 'boolean': $input = str_replace( $matches[0], Get::clean( $value, GetterInterface::BOOLEAN ), $input ); break; case 'str': case 'string': $input = str_replace( $matches[0], Get::clean( $value, GetterInterface::STRING ), $input ); break; case 'html': $input = str_replace( $matches[0], Get::clean( $value, GetterInterface::HTML ), $input ); break; case 'float': $input = str_replace( $matches[0], Get::clean( $value, GetterInterface::FLOAT ), $input ); break; case 'base64': $input = str_replace( $matches[0], Get::clean( $value, GetterInterface::BASE64 ), $input ); break; case 'tags': $input = str_replace( $matches[0], strip_tags( $value ), $input ); break; } break; case 'convert': switch( $method ) { case 'uppercase': $input = str_replace( $matches[0], strtoupper( $value ), $input ); break; case 'uppercasewords': $input = str_replace( $matches[0], ucwords( $value ), $input ); break; case 'uppercasefirst': $input = str_replace( $matches[0], ucfirst( $value ), $input ); break; case 'lowercase': $input = str_replace( $matches[0], strtolower( $value ), $input ); break; case 'lowercasefirst': $input = str_replace( $matches[0], lcfirst( $value ), $input ); break; } break; case 'math': $input = str_replace( $matches[0], self::formatMath( $value ), $input ); break; case 'time': $input = str_replace( $matches[0], ( $options->has( 'time' ) ? strtotime( $options->get( 'time', null, GetterInterface::STRING ), ( is_numeric( $value ) ? (int) $value : strtotime( $value ) ) ) : strtotime( $value ) ), $input ); break; case 'date': $offset = $options->get( 'offset' ); $input = str_replace( $matches[0], cbFormatDate( ( is_numeric( $value ) ? (int) $value : strtotime( $value ) ), ( $offset ? true : false ), true, $options->get( 'date-format' ), $options->get( 'time-format' ), ( $offset != 'true' ? $offset : null ) ), $input ); break; case 'length': $input = str_replace( $matches[0], strlen( $value ), $input ); break; case 'replace': $input = str_replace( $matches[0], ( $options->has( 'count' ) ? str_replace( $options->get( 'search' ), $options->get( 'replace' ), $value, $options->get( 'count', 0, GetterInterface::INT ) ) : str_replace( $options->get( 'search' ), $options->get( 'replace' ), $value ) ), $input ); break; case 'position': switch( $options->get( 'occurrence' ) ) { case 'last': $input = str_replace( $matches[0], strrpos( $value, $options->get( 'search' ) ), $input ); break; case 'first': default: $input = str_replace( $matches[0], strpos( $value, $options->get( 'search' ) ), $input ); break; } break; case 'occurrence': $input = str_replace( $matches[0], strstr( $value, $options->get( 'search' ) ), $input ); break; case 'repeat': $input = str_replace( $matches[0], str_repeat( $value, $options->get( 'count', 0, GetterInterface::INT ) ), $input ); break; case 'extract': $input = str_replace( $matches[0], ( $options->has( 'length' ) ? substr( $value, $options->get( 'start', 0, GetterInterface::INT ), $options->get( 'length', 0, GetterInterface::INT ) ) : substr( $value, $options->get( 'start', 0, GetterInterface::INT ) ) ), $input ); break; case 'trim': switch( $options->get( 'direction' ) ) { case 'left': $input = str_replace( $matches[0], ( $options->has( 'characters' ) ? ltrim( $value, $options->get( 'characters', null, GetterInterface::STRING ) ) : ltrim( $value ) ), $input ); break; case 'right': $input = str_replace( $matches[0], ( $options->has( 'characters' ) ? rtrim( $value, $options->get( 'characters', null, GetterInterface::STRING ) ) : rtrim( $value ) ), $input ); break; default: $input = str_replace( $matches[0], ( $options->has( 'characters' ) ? trim( $value, $options->get( 'characters', null, GetterInterface::STRING ) ) : trim( $value ) ), $input ); break; } break; case 'encode': switch( $method ) { case 'cslashes': $input = str_replace( $matches[0], addcslashes( $value, $options->get( 'characters', null, GetterInterface::STRING ) ), $input ); break; case 'slashes': $input = str_replace( $matches[0], addslashes( $value ), $input ); break; case 'entity': $input = str_replace( $matches[0], htmlentities( $value ), $input ); break; case 'html': $input = str_replace( $matches[0], htmlspecialchars( $value ), $input ); break; case 'url': $input = str_replace( $matches[0], urlencode( $value ), $input ); break; case 'base64': $input = str_replace( $matches[0], base64_encode( $value ), $input ); break; case 'md5': $input = str_replace( $matches[0], md5( $value ), $input ); break; case 'sha1': $input = str_replace( $matches[0], sha1( $value ), $input ); break; case 'password': $user = new UserTable(); $input = str_replace( $matches[0], $user->hashAndSaltPassword( $value ), $input ); break; } break; case 'decode': switch( $method ) { case 'cslashes': $input = str_replace( $matches[0], stripcslashes( $value ), $input ); break; case 'slashes': $input = str_replace( $matches[0], stripslashes( $value ), $input ); break; case 'entity': $input = str_replace( $matches[0], html_entity_decode( $value ), $input ); break; case 'html': $input = str_replace( $matches[0], htmlspecialchars_decode( $value ), $input ); break; case 'url': $input = str_replace( $matches[0], urldecode( $value ), $input ); break; case 'base64': $input = str_replace( $matches[0], base64_encode( $value ), $input ); break; } break; default: if ( ! $function ) { continue; } $class = $options->get( 'class', null, GetterInterface::STRING ); $subFunction = null; $static = false; $result = null; if ( strpos( $function, '::' ) !== false ) { list( $class, $function ) = explode( '::', $function, 2 ); $static = true; } elseif ( strpos( $class, '::' ) !== false ) { $subFunction = $function; list( $class, $function ) = explode( '::', $class, 2 ); $static = true; } if ( $class ) { $object = null; $options->unsetEntry( 'class' ); if ( isset( $vars[$class] ) && is_object( $vars[$class] ) ) { $object = $vars[$class]; $class = get_class( $object ); } if ( $static ) { if ( $subFunction ) { if ( is_callable( array( $class, $function ) ) ) { $object = call_user_func_array( array( $class, $function ), array() ); if ( method_exists( $object, $subFunction ) ) { $result = call_user_func_array( array( $object, $subFunction ), $options->asArray() ); } } } else { if ( is_callable( array( $class, $function ) ) ) { $result = call_user_func_array( array( $class, $function ), $options->asArray() ); } } } else { if ( $object || class_exists( $class ) ) { if ( ! $object ) { $object = new $class(); if ( $value && method_exists( $object, 'load' ) ) { $object->load( $value ); } } if ( method_exists( $object, $function ) ) { $result = call_user_func_array( array( $object, $function ), $options->asArray() ); } } } } else { if ( function_exists( $function ) ) { $result = call_user_func_array( $function, $options->asArray() ); } } if ( $method && is_object( $result ) && method_exists( $result, $method ) ) { $result = call_user_func_array( array( $result, $method ), $options->asArray() ); } if ( ( ! is_array( $result ) ) && ( ! is_object( $result ) ) ) { $input = str_replace( $matches[0], $result, $input ); } break; } // If no replacement is done above then the string still exists; lets just replace the substitution with the found value: $input = str_replace( $matches[0], $value, $input ); } } $input = self::formatCondition( $input, $vars ); } return $input; }
/** * Gets the value of the class variable * * @param string $var The name of the class variable * @param mixed $default The value to return if no value is found * @param string|array $type [optional] Default: null: GetterInterface::COMMAND. Or const int GetterInterface::COMMAND|GetterInterface::INT|... or array( const ) or array( $key => const ) * @return mixed The value of the class var (or null if no var of that name exists) */ public function get($var, $default = null, $type = null) { if (!isset($this->{$var})) { return $default; } if ($type === null) { return $this->{$var}; } return Get::clean($this->{$var}, $type); }
/** * Saves activity * * @param int $id * @param Activity $stream * @param UserTable $user * @param UserTable $viewer */ private function saveActivity( $id, $stream, $user, $viewer ) { global $_CB_framework, $_PLUGINS; $cbModerator = CBActivity::isModerator( (int) $viewer->get( 'id' ) ); CBActivity::getTemplate( 'activity', false, false ); $row = new ActivityTable(); $row->load( (int) $id ); $canAccess = false; if ( ! $row->get( 'id' ) ) { if ( CBActivity::canCreate( $user, $viewer, $stream ) ) { $canAccess = true; } } elseif ( ( ( $row->get( 'type' ) == 'status' ) || ( $row->get( 'subtype' ) == 'status' ) ) && ( $cbModerator || ( $viewer->get( 'id' ) == $row->get( 'user_id' ) ) ) ) { $canAccess = true; } if ( ! $canAccess ) { header( 'HTTP/1.0 404 Not Found' ); exit(); } $messageLimit = ( $cbModerator ? 0 : (int) $stream->get( 'message_limit', 400 ) ); $showActions = (int) $stream->get( 'actions', 1 ); $actionLimit = ( $cbModerator ? 0 : (int) $stream->get( 'actions_message_limit', 100 ) ); $showLocations = (int) $stream->get( 'locations', 1 ); $locationLimit = ( $cbModerator ? 0 : (int) $stream->get( 'locations_address_limit', 200 ) ); $showLinks = (int) $stream->get( 'links', 1 ); $linkLimit = ( $cbModerator ? 0 : (int) $stream->get( 'links_link_limit', 5 ) ); $showTags = (int) $stream->get( 'tags', 1 ); $message = trim( $this->input( 'message', $row->get( 'message', null, GetterInterface::HTML ), GetterInterface::HTML ) ); // Remove duplicate spaces: $message = preg_replace( '/ {2,}/i', ' ', $message ); // Remove duplicate tabs: $message = preg_replace( '/\t{2,}/i', "\t", $message ); // Remove duplicate linebreaks: $message = preg_replace( '/(\r\n|\r|\n){2,}/i', '$1', $message ); $row->set( 'user_id', $row->get( 'user_id', $viewer->get( 'id' ) ) ); if ( $stream->get( 'type' ) && ( $stream->get( 'type' ) != 'status' ) ) { $row->set( 'type', $row->get( 'type', $stream->get( 'type' ) ) ); $row->set( 'subtype', $row->get( 'subtype', 'status' ) ); $parentDefault = null; } else { $row->set( 'type', $row->get( 'type', 'status' ) ); $parentDefault = ( $viewer->get( 'id' ) != $user->get( 'user_id' ) ? $user->get( 'user_id' ) : null ); } $row->set( 'item', $row->get( 'item', $stream->get( 'item' ) ) ); $row->set( 'parent', $row->get( 'parent', $stream->get( 'parent', $parentDefault ) ) ); if ( $messageLimit && ( cbutf8_strlen( $message ) > $messageLimit ) ) { $message = cbutf8_substr( $message, 0, $messageLimit ); } $row->set( 'message', $message ); if ( $showActions ) { $action = $this->getInput()->subTree( 'actions' ); $actionId = (int) $action->get( 'id', 0, GetterInterface::INT ); $actionMessage = ( $actionId ? trim( $action->get( 'message', '', GetterInterface::STRING ) ) : '' ); // Remove linebreaks: $actionMessage = str_replace( array( "\n", "\r\n" ), ' ', $actionMessage ); // Remove duplicate spaces: $actionMessage = preg_replace( '/ {2,}/i', ' ', $actionMessage ); // Remove duplicate tabs: $actionMessage = preg_replace( '/\t{2,}/i', "\t", $actionMessage ); if ( $actionLimit && ( cbutf8_strlen( $actionMessage ) > $actionLimit ) ) { $actionMessage = cbutf8_substr( $actionMessage, 0, $actionLimit ); } $actionId = ( $actionMessage ? $actionId : 0 ); $newAction = array( 'id' => $actionId, 'message' => ( $actionId ? $actionMessage : '' ), 'emote' => ( $actionId ? (int) $action->get( 'emote', 0, GetterInterface::INT ) : 0 ) ); $row->params()->set( 'action', $newAction ); } if ( $showLocations ) { $location = $this->getInput()->subTree( 'location' ); $locationId = (int) $location->get( 'id', 0, GetterInterface::INT ); $locationPlace = ( $locationId ? trim( $location->get( 'place', '', GetterInterface::STRING ) ) : '' ); $locationAddress = ( $locationId ? trim( $location->get( 'address', '', GetterInterface::STRING ) ) : '' ); if ( $locationLimit && ( cbutf8_strlen( $locationPlace ) > $locationLimit ) ) { $locationPlace = cbutf8_substr( $locationPlace, 0, $locationLimit ); } if ( $locationLimit && ( cbutf8_strlen( $locationAddress ) > $locationLimit ) ) { $locationAddress = cbutf8_substr( $locationAddress, 0, $locationLimit ); } $locationId = ( $locationPlace ? $locationId : 0 ); $newLocation = array( 'id' => $locationId, 'place' => ( $locationId ? $locationPlace : '' ), 'address' => ( $locationId ? $locationAddress : '' ) ); $row->params()->set( 'location', $newLocation ); } if ( $showLinks ) { $links = $this->getInput()->subTree( 'links' ); $newLinks = array(); /** @var ParamsInterface[] $links */ foreach ( $links as $i => $link ) { if ( $linkLimit && ( ( $i + 1 ) > $linkLimit ) ) { break; } $linkUrl = trim( $link->get( 'url', '', GetterInterface::STRING ) ); if ( $linkUrl ) { $attachment = $stream->parser()->attachment( $linkUrl ); if ( ! $attachment ) { continue; } $linkType = $attachment->get( 'type', '', GetterInterface::STRING ); switch ( $linkType ) { case 'video': $linkMedia = $attachment->subTree( 'media' )->subTree( 'video' )->subTree( 0 ); break; case 'audio': $linkMedia = $attachment->subTree( 'media' )->subTree( 'audio' )->subTree( 0 ); break; case 'image': case 'url': default: $linkMedia = $attachment->subTree( 'media' )->subTree( 'image' )->subTree( 0 ); break; } $newLinks[] = array( 'url' => $linkUrl, 'text' => null, 'title' => trim( $link->get( 'title', $attachment->subTree( 'title' )->get( 0, '', GetterInterface::STRING ), GetterInterface::STRING ) ), 'description' => trim( $link->get( 'description', $attachment->subTree( 'description' )->get( 0, '', GetterInterface::STRING ), GetterInterface::STRING ) ), 'media' => array( 'url' => $linkMedia->get( 'url', '', GetterInterface::STRING ), 'mimetype' => $linkMedia->get( 'mimetype', '', GetterInterface::STRING ), 'extension' => $linkMedia->get( 'extension', '', GetterInterface::STRING ), 'custom' => '' ), 'type' => $linkType, 'thumbnail' => $link->get( 'thumbnail', 1, GetterInterface::INT ), 'internal' => 0, ); } } $row->params()->set( 'links', $newLinks ); } if ( $row->get( 'id' ) ) { $row->params()->set( 'modified', $_CB_framework->getUTCDate() ); } $row->set( 'params', $row->params()->asJson() ); if ( $row->getError() || ( ! $row->check() ) ) { header( 'HTTP/1.0 500 Internal Server Error' ); exit(); } if ( $row->getError() || ( ! $row->store() ) ) { header( 'HTTP/1.0 500 Internal Server Error' ); exit(); } if ( $showTags ) { $tagsStream = $row->tags( $stream->source() ); if ( $tagsStream ) { $tags = $this->input( 'tags', array(), GetterInterface::RAW ); foreach ( $tagsStream->data() as $tag ) { /** @var TagTable $tag */ if ( ! in_array( $tag->get( 'user' ), $tags ) ) { $tag->delete(); $tagsStream->resetData(); } else { $key = array_search( $tag->get( 'user' ), $tags ); if ( $key !== false ) { unset( $tags[$key] ); } } } foreach ( $tags as $tagUser ) { if ( is_numeric( $tagUser ) ) { $tagUser = (int) $tagUser; } else { $tagUser = Get::clean( $tagUser, GetterInterface::STRING ); } $tag = new TagTable(); $tag->set( 'user_id', (int) $tagsStream->user()->get( 'id' ) ); $tag->set( 'type', $tagsStream->get( 'type', null, GetterInterface::STRING ) ); $tag->set( 'subtype', $tagsStream->get( 'subtype', null, GetterInterface::STRING ) ); $tag->set( 'item', $tagsStream->get( 'item', null, GetterInterface::STRING ) ); $tag->set( 'parent', $tagsStream->get( 'parent', null, GetterInterface::STRING ) ); $tag->set( 'user', $tagUser ); $tag->store(); $tagsStream->resetData(); } } } $rows = array( &$row ); if ( $stream->get( 'comments', 1 ) ) { CBActivity::preFetchComments( $rows, 'activity' ); } if ( $stream->get( 'tags', 1 ) ) { CBActivity::preFetchTags( $rows, 'activity' ); } CBActivity::preFetchUsers( $rows ); $_PLUGINS->trigger( 'activity_onPushActivity', array( $stream, $row ) ); echo HTML_cbactivityActivity::showActivity( $rows, $stream, 4, $user, $viewer, $this ); header( 'HTTP/1.0 200 OK' ); exit(); }
/** * @param cbinvitesInviteTable $row * @return bool */ static public function sendInvite( &$row ) { global $_CB_framework, $_PLUGINS; $plugin = $_PLUGINS->getLoadedPlugin( 'user', 'cbinvites' ); if ( ! $plugin ) { return false; } $params = $_PLUGINS->getPluginParams( $plugin ); $invitePrefix = CBTxt::T( $params->get( 'invite_prefix', '[sitename] - ' ) ); $inviteHeader = CBTxt::T( $params->get( 'invite_header', '<p>You have been invited by [username] to join [sitename]!</p><br>' ) ); $inviteFooter = CBTxt::T( $params->get( 'invite_footer', '<br><p>Invite Code - [code]<br>[sitename] - [site]<br>Registration - [register]<br>[username] - [profile]</p>' ) ); $cbUser = CBuser::getInstance( (int) $row->get( 'user_id' ), false ); $user = $cbUser->getUserData(); $extra = array( 'sitename' => $_CB_framework->getCfg( 'sitename' ), 'site' => $_CB_framework->getCfg( 'live_site' ), 'register' => $_CB_framework->viewUrl( 'registers', false, ( $row->get( 'code' ) ? array( 'invite_code' => $row->get( 'code' ) ) : array() ) ), 'profile' => $_CB_framework->viewUrl( 'userprofile', false, array( 'user' => (int) $row->get( 'user_id' ) ) ), 'code' => $row->get( 'code' ), 'to' => $row->get( 'to' ) ); $mailFromName = Get::clean( $cbUser->replaceUserVars( $params->get( 'invite_from_name', null ), true, false, $extra ), GetterInterface::STRING ); $mailFromAddr = Get::clean( $cbUser->replaceUserVars( $params->get( 'invite_from_address', null ), true, false, $extra ), GetterInterface::STRING ); $mailTo = Get::clean( $cbUser->replaceUserVars( $row->get( 'to' ), true, false, $extra ), GetterInterface::STRING ); $mailCC = Get::clean( $cbUser->replaceUserVars( $params->get( 'invite_cc', null ), true, false, $extra ), GetterInterface::STRING ); $mailBCC = Get::clean( $cbUser->replaceUserVars( $params->get( 'invite_bcc', null ), true, false, $extra ), GetterInterface::STRING ); $mailSubject = Get::clean( $cbUser->replaceUserVars( ( $invitePrefix . ( $row->get( 'subject' ) ? $row->get( 'subject' ) : CBTxt::T( 'Join Me!' ) ) ), true, false, $extra ), GetterInterface::STRING ); $mailBody = Get::clean( $cbUser->replaceUserVars( ( $inviteHeader . $row->get( 'body' ) . $inviteFooter ), false, false, $extra ), GetterInterface::HTML ); $mailAttachments = Get::clean( $cbUser->replaceUserVars( $params->get( 'invite_attachments', null ), true, false, $extra ), GetterInterface::STRING ); if ( $mailTo ) { $mailTo = preg_split( ' *, *', $mailTo ); } if ( $mailCC ) { $mailCC = preg_split( ' *, *', $mailCC ); } if ( $mailBCC ) { $mailBCC = preg_split( ' *, *', $mailBCC ); } if ( $mailAttachments ) { $mailAttachments = preg_split( ' *, *', $mailAttachments ); } if ( $mailTo && $mailSubject && $mailBody ) { if ( ! $mailFromName ) { $mailFromName = $user->name; $replyToName = null; } else { $replyToName = $user->name; } if ( ! $mailFromAddr ) { $mailFromAddr = $user->email; $replyToAddr = null; } else { $replyToAddr = $user->email; } $error = null; $sent = comprofilerMail( $mailFromAddr, $mailFromName, $mailTo, $mailSubject, $mailBody, ( (int) $params->get( 'invite_editor', 2 ) >= 2 ? true : false ), $mailCC, $mailBCC, $mailAttachments, $replyToAddr, $replyToName, $error ); if ( $sent ) { return true; } else { $row->setError( ( $error ? $error : CBTxt::T( 'Mailer failed to send.' ) ) ); } } else { if ( ! $mailTo ) { $row->setError( CBTxt::T( 'To address missing.' ) ); } elseif ( ! $mailSubject ) { $row->setError( CBTxt::T( 'Subject missing.' ) ); } elseif ( ! $mailBody ) { $row->setError( CBTxt::T( 'Body missing.' ) ); } } return false; }