/** * get a list of comments for an RSS feed * * @param Object $PAGEDATA The page * * @return array array of articles **/ function Comments_rssHandler($PAGEDATA) { $hideComments = isset($PAGEDATA->vars['hide_comments']) && $PAGEDATA->vars['hide_comments']; if ($hideComments) { die('comments are hidden'); } require_once SCRIPTBASE . 'ww.plugins/comments/frontend/libs.php'; $comments = Comments_getListOfComments($PAGEDATA, 'desc', 10); $items = array(); foreach ($comments as $comment) { $items[] = array('title' => 'comment by ' . $comment['name'], 'description' => $comment['comment'], 'link' => '//' . $_SERVER['HTTP_HOST'] . $PAGEDATA->getRelativeURL() . '#comments-' . $comment['id'], 'guid' => 'comment-' . $comment['id'], 'pubDate' => Core_dateM2H($comment['cdate'], 'rfc822')); } return array('title' => 'Comments for ' . $PAGEDATA->getRelativeURL(), 'link' => '//' . $_SERVER['HTTP_HOST'] . $PAGEDATA->getRelativeURL() . '#comments', 'description' => 'Comments for ' . $PAGEDATA->getRelativeURL(), 'generator' => 'WebME CMS', 'items' => $items); }
/** * retrieve HTML summary for a set page * * @param int $id ID of the page * * @return string HTML summary for a set page */ function PageSummaries_getHtml($id) { $PAGEDATA = Page::getInstance($id); global $sitedomain; $r = dbRow('select * from page_summaries where page_id="' . $PAGEDATA->id . '"'); if (!count($r)) { return '<em>' . __('This page is marked as a page summary, but there is no ' . 'information on how to handle it.') . '</em>'; } if ($r['rss']) { return PageSummaries_rssToHtml($r['rss']); } // { build rss $title = $PAGEDATA->title == '' ? $sitedomain : htmlspecialchars($PAGEDATA->title); $rss = '<' . '?xml version="1.0" ?' . '><rss version="2.0"><channel><title>' . $title . '</title>'; $rss .= '<link>' . $_SERVER['REQUEST_URI'] . '</link><description>RSS for ' . $PAGEDATA->name . '</description>'; $category = $PAGEDATA->category ? ' and category="' . $PAGEDATA->category . '"' : ''; $containedpages = PageSummaries_getContainedPages($r['parent_id']); if (count($containedpages)) { $q2 = dbAll('select edate,name,title,body from pages where id in (' . join(',', $containedpages) . ')' . $category . ' order by cdate desc limit 20'); foreach ($q2 as $r2) { $rss .= '<item>'; if (!$r2['title']) { $r2['title'] = $r2['name']; } $rss .= '<title>' . htmlspecialchars($r2['title']) . '</title>'; $rss .= '<pubDate>' . Core_dateM2H($r2['edate']) . '</pubDate>'; // { build body if ($r['amount_to_show'] == 0 || $r['amount_to_show'] == 1) { $length = $r['amount_to_show'] == 0 ? 300 : 600; $body = substr(preg_replace('/<[^>]*>/', '', str_replace(array('&', ' ', '‘'), array('&', ' ', '''), $r2['body'])), 0, $length) . '...'; } else { $body = $r2['body']; } $body = str_replace('€', '€', $body); // } $rss .= '<description>' . $body . '</description>'; $rss .= '<link>http://' . $_SERVER['HTTP_HOST'] . '/' . urlencode(str_replace(' ', '-', $r2['name'])) . '</link>'; $rss .= '</item>'; } } $rss .= '</channel></rss>'; dbQuery('update page_summaries set rss="' . addslashes($rss) . '" where page_id="' . $PAGEDATA->id . '"'); // } return PageSummaries_rssToHtml($rss); }
/** * show the news in Headline mode * * @param array $PAGEDATA the page object * * @return string HTML of the news */ function News_displayHeadlines($PAGEDATA) { $items_per_page = isset($PAGEDATA->vars['news_items']) ? $PAGEDATA->vars['news_items'] : 5; $p = isset($_REQUEST['news_page']) ? (int) $_REQUEST['news_page'] : 0; if ($p < 0) { $p = 0; } $arr = Core_cacheLoad('pages', 'news-' . $GLOBALS['id'] . '-' . $p . '-' . $items_per_page); if ($arr === false) { $order_by = isset($PAGEDATA->vars['news_order']) ? addslashes($PAGEDATA->vars['news_order']) : 'associated_date desc'; $rs = dbAll('select * from pages where parent=' . $GLOBALS['id'] . ' order by ' . $order_by . ',cdate desc limit ' . $p . ',' . $items_per_page); $num_stories = dbOne('select count(id) as num from pages where parent=' . $GLOBALS['id'], 'num'); Core_cacheSave('pages', 'news-' . $GLOBALS['id'] . '-' . $p . '-' . $items_per_page, array($num_stories, $rs)); } else { $num_stories = $arr[0]; $rs = $arr[1]; unset($arr); } $nextprev = array(); $nextprev[] = '<span class="page_n_of_n">' . __('page %1 of %2', array(1 + floor($p / $items_per_page), ceil($num_stories / $items_per_page)), 'core') . '</span>'; if ($p) { $nextprev[] = '<a class="prev" href="?news_page=' . ($p - $items_per_page) . '">' . __('Previous Page') . '</a>'; } if ($p + $items_per_page < $num_stories) { $nextprev[] = '<a class="next" href="?news_page=' . ($p + $items_per_page) . '">' . __('Next Page') . '</a>'; } $nextprev = '<div class="nextprev">' . join(' | ', $nextprev) . '</div>'; $html = $nextprev; $links = array(); foreach ($rs as $r) { $page = Page::getInstance($r['id'], $r); $content = isset($PAGEDATA->vars['news_display']) && $PAGEDATA->vars['news_display'] == 'full' ? $page->render() : substr(preg_replace('/<[^>]*>/', '', preg_replace('#<h1>[^<]*</h1>#', '', $page->render())), 0, 600); $date = isset($PAGEDATA->vars['news_title']) && $PAGEDATA->vars['news_title'] == 'yes' ? '<h2 class="news-header"><a href="' . $page->getRelativeURL() . '">' . htmlspecialchars($page->name) . '</a></h2>' . '<a class="news-date" href="' . $page->getRelativeURL() . '">' . __('posted on %1', array(Core_dateM2H($page->associated_date)), 'core') . '</a>' : ''; if (!isset($page->associated_date) || !$page->associated_date) { $page->associated_date = $page->cdate; } $links[] = $date . '<p class="news-paragraph">' . $content . '...</p>'; } $html .= join('<div class="news-break"></div>', $links); $html .= $nextprev; return $html; }
/** * produce a HTML version of the product * * @param string $product the product to render * @param string $template multi-view product or single-view? * @param boolean $add_wrapper wrap in div.products-product before return * * @return string html of the product */ function render($product, $template = 'singleview', $add_wrapper = true) { global $DBVARS, $PAGEDATA; $GLOBALS['products_template_used'] = $template; if (isset($DBVARS['online_store_currency'])) { $csym = $DBVARS['online_store_currency']; } $smarty = Products_setupSmarty(); $smarty->assign('product', $product); $smarty->assign('product_id', $product->get('id')); $smarty->assign('_name', __FromJson($product->name)); $smarty->assign('_stock_number', $product->stock_number); if (!is_array(@$this->data_fields)) { $this->data_fields = array(); } $productVals = array(); foreach ($this->data_fields as $f) { $f->n = preg_replace('/[^a-zA-Z0-9\\-_]/', '_', $f->n); $val = $product->get($f->n); $required = @$f->r ? ' required' : ''; switch ($f->t) { case 'checkbox': // { $val = $val ? __('Yes') : __('No'); $smarty->assign($f->n, $val); break; // } // } case 'colour': // { if (@$f->u) { // user-definable WW_addScript('/j/mColorPicker/mColorPicker.js'); $h = '<input class="color-picker" ' . 'name="products_values_' . $f->n . '" ' . 'style="height:20px;width:20px;" ' . 'value="' . htmlspecialchars($val) . '" ' . 'data-text="hidden"/>' . '<style>#mColorPickerFooter,#mColorPickerImg{display:none}</style>'; WW_addInlineScript('$(".color-picker")' . '.mColorPicker({"imageFolder":"/j/mColorPicker/images/"});'); } else { $h = 'TODO'; } $smarty->assign($f->n, $h); break; // } // } case 'date': // { if (@$f->u) { // user-definable $smarty->assign($f->n, '<input class="product-field date ' . $f->n . $required . '" name="' . 'products_values_' . $f->n . '"/>'); $format = @$f->e ? $f->e : 'yy-mm-dd'; $y = date('Y'); WW_addInlineScript('$("input[name=products_values_' . $f->n . ']").datepicker({' . '"dateFormat":"' . $format . '",' . 'changeYear:true,changeMonth:true,yearRange:"1900:' . $y . '"' . '});'); WW_addInlineScript('$("input.hasDatepicker").each(function() {' . 'if (this.value!="") return;' . '$(this).datepicker("setDate", "+0");' . '});'); } else { $val = Core_dateM2H($val); $smarty->assign($f->n, $val); } break; // } // } case 'hidden': // { $smarty->assign($f->n, '<input type="hidden" name="products_values_' . $f->n . '" value="' . htmlspecialchars($val) . '"/>'); break; // } // } case 'selectbox': // { if (@$f->u) { $valid_entries = explode("\n", $val); foreach ($valid_entries as $k => $v) { $v = trim($v); if ($v == '') { unset($valid_entries[$k]); } else { $valid_entries[$k] = $v; } } if (!count($valid_entries)) { $valid_entries = explode("\n", $f->e); } $h = '<select name="products_values_' . $f->n . '" class="' . $required . '">'; $translateable = @$f->tr && 1; foreach ($valid_entries as $e) { $e = trim($e); if ($e == '' || !in_array($e, $valid_entries)) { continue; } $o = $e; $p = ''; if (strpos($e, '|') !== false) { $bits = explode('|', $e); $e = $bits[0]; $p = 'price="' . (int) $bits[1] . '"'; } $h .= '<option ' . $p . ' value="' . htmlspecialchars($o) . '"'; if ($translateable) { $h .= ' class="__"'; } $h .= '>' . htmlspecialchars($e) . '</option>'; } $h .= '</select>'; } else { $val = preg_replace('/\\|.*/', '', $val); $h = $val; } $smarty->assign($f->n, $h); break; // } // } case 'selected-image': // { $smarty->assign($f->n, '<input type="hidden" name="products_values_' . $f->n . '" ' . 'class="product-field ' . $f->n . $required . '"/>'); break; // } // } case 'textarea': // { textarea if (@$f->u) { $val = trim(preg_replace('/<[^>]*>/', '', $val)); $smarty->assign($f->n, '<textarea class="product-field ' . $f->n . $required . '" name="products_values_' . $f->n . '">' . htmlspecialchars($val) . '</textarea>'); } else { $smarty->assign($f->n, $val); } break; // } // } case 'user': // { $u = User::getInstance($val, false, false); $val = $u ? $u->get('name') : 'no name'; $smarty->assign($f->n, $val); break; // } // } default: // { everything else if (@$f->u) { $smarty->assign($f->n, '<input class="product-field ' . $f->n . $required . '" value="' . htmlspecialchars($val) . '" name="products_values_' . $f->n . '"/>'); } else { $smarty->assign($f->n, $val); } // } } $productVals[$f->n] = $val; $PAGEDATA->title = str_replace('{{$' . $f->n . '}}', $val, $PAGEDATA->title); } if (isset($PAGEDATA->vars['products_pagedescriptionoverride']) && $PAGEDATA->vars['products_pagedescriptionoverride']) { $desc = preg_replace('/<[^>]*>/', '', $productVals['description']); $desc = trim(preg_replace('/\\s+/m', ' ', $desc)); $PAGEDATA->description = substr($desc, 0, 153) . '...'; } if (isset($product->ean)) { $smarty->assign('_ean', $product->ean); } // { $_name, $_stock_number, $_ean $PAGEDATA->title = str_replace(array('{{$_name}}', '{{$_stock_number}}', '{{$_ean}}'), array($product->get('_name'), $product->get('_stock_number'), $product->vals['ean']), $PAGEDATA->title); // } $html = ''; if ($add_wrapper) { $classes = array('products-product'); if ($this->stock_control) { $classes[] = 'stock-control'; } $html .= '<div class="' . join(' ', $classes) . '" id="products-' . $product->get('id') . '">'; } $html .= $smarty->fetch(USERBASE . '/ww.cache/products/templates/types_' . $template . '_' . $this->id); if ($template == 'singleview') { $PAGEDATA->vars['header_html'] = (isset($PAGEDATA->vars['header_html']) ? $PAGEDATA->vars['header_html'] : '') . '<link rel="canonical" href="' . htmlspecialchars($product->getRelativeUrl()) . '" />'; if ($this->allow_comments) { $html .= Core_commentsShow('http://' . $_SERVER['HTTP_HOST'] . $product->getRelativeURL()); } } if ($add_wrapper) { $html .= '</div>'; } return $html; }
// { dashboard $c .= '<div id="t-dashboard">'; $sql = 'select users.id as uid,users.name as user, threads.name as thread,' . 'posts.body as body, posts.id as id, posts.created_date as date,' . 'forums.name as forum, forums.moderator_groups as groups' . ' from user_accounts as users, forums_threads as threads, forums_posts ' . 'as posts, forums ' . 'where users.id=posts.author_id and threads.id=posts.thread_id ' . 'and threads.forum_id = forums.id and posts.moderated=0 ' . 'and forums.page_id = ' . $page['id']; $posts = dbAll($sql); $c .= '<strong>Posts Requiring Moderation</strong>'; $c .= '<table id="forum-datatable-requires-moderation" class="forum-page-table">' . '<thead>'; $c .= '<tr><th>Date</th>'; $c .= '<th>Author</th>'; $c .= '<th>Forum</th>'; $c .= '<th>Thread</th>'; $c .= '<th>Posts</th>'; $c .= '<th>Moderation</th>'; $c .= '</tr></thead><tbody>'; foreach ($posts as $post) { $c .= '<tr id="post-for-moderation-' . $post['id'] . '">'; $c .= '<td>' . Core_dateM2H($post['date']) . '</td>'; $c .= '<td>' . htmlspecialchars($post['user']) . '</td>'; $c .= '<td>' . htmlspecialchars($post['forum']) . '</td>'; $c .= '<td>' . htmlspecialchars($post['thread']) . '</td>'; $c .= '<td>' . htmlspecialchars($post['body']) . '</td>'; $c .= '<td>'; $c .= '<a class="approve" id="approve_' . $post['id'] . '" ' . 'href="javascript:;">Approve</a><br />' . '<a class="delete" id="delete_' . $post['id'] . '" ' . 'href="javascript:;">Delete</a>'; $c .= '</td></tr>'; } $c .= '</tbody></table></div>'; // } // { forums $c .= '<div id="t-forums">'; $forums = dbAll('select name, id from forums where page_id = ' . $page['id']); $groups = dbAll('select name, id from groups'); $c .= '<table id="forum-moderators-table">';
/** * display a specific thread * * @param object &$PAGEDATA the page object * @param int &$id the thread's ID * * @return string HTML of the forum creation tool */ function Forum_showThread(&$PAGEDATA, &$id) { require_once SCRIPTBASE . 'ww.incs/bb2html.php'; WW_addCSS('/ww.plugins/forum/frontend/forum.css'); $script = '$(function(){$(".ratings").ratings();});'; WW_addScript('ratings/ratings.js'); WW_addInlineScript($script); $thread = dbRow('select * from forums_threads where id=' . $id); $forum_id = $thread['forum_id']; if (!$thread || !count($thread)) { return '<em class="error">Error: this thread does not exist!</em>'; } $c = Forum_getForumBreadcrumbs($PAGEDATA, $thread['forum_id']) . ' » <a href="' . $PAGEDATA->getRelativeUrl() . '?forum-f=' . $forum_id . '&forum-t=' . $id . '">' . htmlspecialchars($thread['name']) . '</a>'; $c .= '<table id="forum-posts"><tr><th>Author</th><th>Post</th></tr>'; $posts = dbAll('select * from forums_posts where thread_id=' . $id . ' and moderated = 1 order by created_date'); foreach ($posts as $post) { $user = User::getInstance($post['author_id']); if ($user) { $user_name = $user->get('name'); $user_id = $post['author_id']; $user_email = $user->get('email'); } else { $user_name = 'unknown'; $user_id = 0; $user_email = ''; } $c .= '<tr p-data=\'({"id":' . $post['id'] . ',"cdate":"' . $post['created_date'] . '"' . ',"uid":' . $post['author_id'] . '})\'>' . '<td class="user-details"><a name="forum-c-' . $post['id'] . '"></a>' . htmlspecialchars($user_name) . '</td>' . '<td><div class="post-header">Posted: ' . Core_dateM2H($post['created_date'], 'datetime') . '</div></td></tr>'; $count_posts = $user_id ? dbOne('select count(id) from forums_posts where author_id=' . $user->get('id'), 'count(id)') : 0; $emailHash = md5(trim(strtolower($user_email))); $c .= '<tr><td><img class="avatar" data-uid="' . $user_id . '" />' . '<span>Posts: ' . $count_posts . '</span>' . '<p>Helpfulness:' . '<span class="ratings" id="forum_user_' . $user_email . '"' . ' type="forum_user">rating</span></p>'; $c .= '</td><td class="post">' . bb2html($post['body']) . '</td></tr>'; } $c .= '</table>'; // { post form if (isset($_SESSION['userdata']) && $_SESSION['userdata']['id']) { $c .= '<div id="forum-post-submission-form"><script defer="defer">var forum_id=' . $forum_id . ',forum_thread_id=' . $id . ';</script></div>'; WW_addScript('//cdn.ckeditor.com/4.4.3/standard/ckeditor.js'); WW_addScript('//cdn.ckeditor.com/4.4.3/standard/adapters/jquery.js'); WW_addScript('forum/frontend/forum.js'); } else { $c .= '<div class="forum-not-logged-in">In order to post to this thread,' . ' you must <a href="/_r?type=loginpage">login' . '</a> first.</div>'; } // } return $c; }
$history = array(); $orders = dbAll('select meta,id,status,total,user_id,date_created from online_store_orders' . ' order by date_created desc'); foreach ($orders as $order) { if ($order['user_id'] != 0 && $order['user_id'] == $user['id']) { array_push($history, $order); } } if (count($history) == 0) { return $html .= '<p><i>No recent orders</i></p>'; } WW_addScript('online-store/frontend/user-profile.js'); $html .= '<table id="online_store_orders"> <tr> <th>' . __('Date', 'core') . '</th> <th>' . __('Amount', 'core') . '</th> <th>' . __('Status', 'core') . '</th> <th>' . __('Invoice', 'core') . '</th> </tr>'; foreach ($history as $order) { $status = $order['status'] == 1 ? 'Paid' : 'Unpaid'; $meta = json_decode($order['meta'], true); $oid = $order['id']; $html .= '<tr>' . '<td>' . Core_dateM2H($order['date_created']) . '</td>' . '<td>' . $order['total'] . '</td>' . '<td>' . $status . '</td>' . '<td>' . '<a href="' . $PAGEDATA->getRelativeUrl() . '?onlinestore_iid=' . $oid . '">' . __('Details') . '</a> | '; if (isset($meta['invoice-type']) && $meta['invoice-type'] == 'pdf') { $html .= '<a href="javascript:os_invoice(' . $oid . ', \'pdf\', true)">PDF</a>'; } else { $html .= '<a href="javascript:os_invoice(' . $oid . ', \'html\')">' . __('Invoice') . '</a>' . ' (<a href="javascript:os_invoice(' . $oid . ', \'html\', true)">' . __('print') . '</a> | ' . '<a href="javascript:os_invoice(' . $oid . ', \'pdf\', true)">PDF</a>)'; } $html .= '</td></tr>'; } $html .= '</table>';
* * @category None * @package None * @author Kae Verens <*****@*****.**> * @license GPL 2.0 * @link http://kvsites.ie/ */ if (!Core_isAdmin()) { Core_quit(); } require SCRIPTBASE . 'ww.plugins/sms/admin/libs.php'; echo '<div id="sms_wrapper">'; $clink = '<a href="javascript:sms_edit(0);">Create Addressbook</a>'; echo $clink; $rs = dbAll('select * from sms_addressbooks order by name'); if (count($rs)) { // show addressbooks echo '<table><tr><th>Name</th><td>Created Date</td><td>Subscribers</td></tr>'; foreach ($rs as $r) { if ($r['subscribers'] == '') { $r['subscribers'] = '[]'; } $ss = json_decode($r['subscribers']); echo '<tr id="sms_row_' . $r['id'] . '">' . '<td>' . htmlspecialchars($r['name']) . '</td>' . '<td>' . Core_dateM2H($r['date_created']) . '</td>' . '<td>' . count($ss) . '</td>' . '<td><a href="javascript:sms_edit(' . $r['id'] . ')">edit</a></td>' . '<td><a href="javascript:sms_delete(' . $r['id'] . ')">[x]</a></td>' . '</tr>'; } echo '</table>'; } else { echo '<em>No addressbooks exist yet. Please create one: ' . $clink . '</em>'; } echo '</div>'; echo '<script src="/ww.plugins/sms/admin/addressbooks.js"></script>';
/** * sends a form, or displays the form instead with errors on top * * @param array $page page db row * @param array $vars page meta data * @param array $form_fields array of fields * * @return HTML of either the result, or the form with errors on top */ function Form_send($page, $vars, $form_fields) { $c = ''; $plaintext = ''; $values = array(); $email = ''; foreach ($form_fields as $r2) { $name = preg_replace('/[^a-zA-Z0-9_]/', '', $r2['name']); $separator = "\n" . str_repeat('-', 80) . "\n"; $val = ''; switch ($r2['type']) { case 'checkbox': // { $val = @$_REQUEST[$name]; $values[$r2['name']] = $val == 'on' ? 'yes' : 'no'; if ($val == 'on') { $plaintext .= 'selected option: ' . htmlspecialchars($r2['name']) . $separator; } break; // } // } case 'date': case 'ccdate': // { $val = Core_dateM2H(@$_REQUEST[$name]); if ($r2['type'] == 'ccdate') { $val = preg_replace('#.* ([a-zA-Z]*, [0-9]+)#', "\$1", $val); } $values[$r2['name']] = $val; $plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator; break; // } // } case 'email': // { $val = @$_REQUEST[$name]; $values[$r2['name']] = $val; $plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator; $email = $val; break; // } // } case 'file': // { build $files array which emulates the $_FILES array // { first remove old uploads $dir = USERBASE . '/f/.files/forms/'; if (!is_dir($dir)) { break; } $fs = new DirectoryIterator($dir); $time = time(); foreach ($fs as $f) { if ($f->isDot()) { continue; } if ($f->isDir()) { $diff = $time - $f->getMTime(); if ($diff > 600) { // file is older than 10 minutes CoreDirectory::delete($f->getPathname()); } } } // } $session_id = session_id(); $dir .= $session_id; if (!is_dir($dir)) { break; } $_FILES = array(); $uploads = new DirectoryIterator($dir); foreach ($uploads as $upload) { if ($upload->isDot() || $upload->isDir()) { continue; } array_push($_FILES, array('name' => $upload->getFileName(), 'type' => mime_content_type($upload->getPathname()), 'tmp_name' => $upload->getPathname(), 'error' => 0, 'size' => $upload->getSize())); } break; // } // } case 'html-block': case 'next-page-link': case 'previous-page-link': case 'page-break': // { not inputs - don't add them break; // } // } default: // { $val = @$_REQUEST[$name]; $values[$r2['name']] = $val; $val = nl2br($val); $plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator; // } } } $from_field = preg_replace('/[^a-zA-Z]/', '', $vars['forms_replyto']); $from = isset($_REQUEST[$from_field]) ? $_REQUEST[$from_field] : ''; if (@$vars['forms_create_user']) { $id = dbOne('select id from user_accounts where email="' . addslashes($email) . '"', 'id'); if (!$id) { dbQuery('insert into user_accounts set email="' . addslashes($email) . '",' . 'extras="' . addslashes(json_encode($values)) . '"'); $id = dbLastInsertId(); if (isset($_FILES) && count($_FILES)) { @mkdir(USERBASE . '/f/user-files'); @mkdir(USERBASE . '/f/user-files/' . $id); foreach ($_FILES as $file) { copy($file['tmp_name'], USERBASE . '/f/user-files/' . $id . '/' . $file['name']); } } } } if ($vars['forms_send_as_email']) { $form = Form_readonly($page['id'], $vars, $form_fields); $to = $vars['forms_recipient']; $form = str_replace(array('<input type="submit" value="' . __('Submit Form') . '" />', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" ' . 'class="ww_form" enctype="multipart/form-data">', '</form>'), '', $form); cmsMail($to, $from, $_SERVER['HTTP_HOST'] . ' ' . __FromJson($page['name']), '<html><head></head><body>' . $form . '</body></html>', $_FILES); if (is_dir(USERBASE . '/f/.files/forms/' . session_id())) { // remove uploaded files CoreDirectory::delete(USERBASE . '/f/.files/forms/' . session_id()); } } if ($vars['forms_record_in_db']) { Form_saveValues($page['id'], $form_fields); } $c .= '<div id="thankyoumessage">' . $vars['forms_successmsg'] . '</div>'; return $c; }
<?php if (!Core_isAdmin()) { Core_quit(); } echo '<h2>Credits</h2><p>You have <strong>' . (int) $GLOBALS['DBVARS']['sitecredits-credits'] . '</strong> credits.</p><button id="buy-credits">Buy Credits</button>'; WW_addScript('site-credits/admin/overview.js'); echo '<h2>Account history</h2>'; $rs = dbAll('select cdate, description, amt, total from sitecredits_accounts order by ' . 'cdate desc'); if ($rs && count($rs)) { echo '<table><tr><th>Date</th><th>Description</th><th>Amt</th><th>Total' . '</th></tr>'; foreach ($rs as $r) { echo '<tr><td>' . Core_dateM2H($r['cdate']) . '</td>' . '<td>' . htmlspecialchars($r['description']) . '</td>' . '<td>' . $r['amt'] . '</td><td>' . $r['total'] . '</td></tr>'; } echo '</table>'; } else { echo '<p>No credits accounting history to show.</p>'; }
<?php $filters = array(); if (isset($_REQUEST['from_date'])) { $filters[] = 'meeting_date>"' . addslashes($_REQUEST['from_date']) . '"' . ' and meeting_date<"' . addslashes($_REQUEST['from_date']) . ' 24"'; } $sql = 'select * from meetings'; if (count($filters)) { $sql .= ' where (' . join(') and (', $filters) . ')'; } $sql .= ' order by meeting_time'; $meetings = dbAll($sql); echo '<table id="meetings">' . '<thead><tr><th>Meeting Time</th><th>Who</th><th>Is Meeting Who</th>' . '<th>Question List</th><th> </th></tr></thead>'; echo '<tbody>'; foreach ($meetings as $meeting) { $user = User::getInstance($meeting['user_id'], false, false); $customer = User::getInstance($meeting['customer_id'], false, false); $formname = dbOne('select name from forms_nonpage where id=' . $meeting['form_id'], 'name'); $username = $user ? $user->get('name') : 'no such user'; $customername = $customer ? $customer->get('name') : 'no such user'; echo '<tr id="meeting-' . $meeting['id'] . '">' . '<td>' . Core_dateM2H($meeting['meeting_time'], 'datetime') . '</td>' . '<td>' . htmlspecialchars($username) . '</td>' . '<td>' . htmlspecialchars($customername) . '</td>' . '<td>' . $formname . '</td>' . '<td><a href="#" class="edit">' . __('Edit') . '</a>' . ' | <a href="#" class="delete">' . __('[x]') . '</a></td>' . '</tr>'; } echo '</tbody></table>'; echo '<button id="meetings-create">' . __('Create') . '</button>'; WW_addScript('/ww.plugins/meetings/admin.js');
/** * frontend of the classified ads thing * * @param object $PAGEDATA the page object * * @return html */ function ClassifiedAds_frontend($PAGEDATA) { global $unused_uri; $html = $PAGEDATA->render(); $bits = false; if ($unused_uri == '') { $cid = 0; } else { $bits = explode('/', preg_replace('/\\/$/', '', $unused_uri)); $cid = ClassifiedAds_getCategoryId($bits); } $sql = 'select name from classifiedads_categories where id=' . $cid; WW_addInlineScript('var classifiedads_categoryId=' . $cid . ', classifiedads_categoryName="' . addslashes(dbOne($sql, 'name')) . '"' . ', classifiedads_paypal="' . $PAGEDATA->vars['classified-ads-paypal'] . '";'); $html = '<div id="classifiedads-wrapper">'; // { breadcrumbs if ($bits) { $html .= '<div class="breadcrumbs">' . ClassifiedAds_getBreadcrumbs($PAGEDATA, $bits); if ($cid) { $html .= ' <span class="divider">»</span>' . ' <button class="classifiedads-advertise-button">' . 'Advertise Here</button>'; WW_addScript('classified-ads/frontend/advertise.js'); } $html .= '</div>'; } // } if ($bits && preg_match('/^[0-9]+-.*/', $bits[count($bits) - 1])) { $ad_id = (int) preg_replace('/[^0-9].*/', '', $bits[count($bits) - 1]); $ad = ClassifiedAds::get($ad_id); $html .= '<div id="classifiedads-single">' . '<h2>' . htmlspecialchars($ad['title']) . '</h2>' . '<table id="classifiedads-ad-details"><tr>' . '<td class="classifiedads-creation-date">Posted: ' . Core_dateM2H($ad['creation_date']) . '</td>' . '<td class="classifiedads-location">Location: ' . htmlspecialchars($ad['location']) . '</td>' . '<td class="classifiedads-cost">Cost: €' . htmlspecialchars($ad['cost']) . '</td></tr></table>'; $images = array(); $dir = '/userfiles/' . $ad['user_id'] . '/classified-ads/' . $ad['id']; if (file_exists(USERBASE . '/f' . $dir)) { $files = new DirectoryIterator(USERBASE . '/f' . $dir); foreach ($files as $f) { if ($f->isDot() || $f->isDir()) { continue; } $images[] = '<a href="/f' . $dir . '/' . $f->getFilename() . '" target="popup">' . '<img src="/a/f=getImg/w=128/h=128' . $dir . '/' . $f->getFilename() . '"' . ' style="max-width:128px;max-height:128px"/></a>'; } } $html .= '<p class="classified-ads-body">' . nl2br(htmlspecialchars($ad['body'])) . '</p>' . join('', $images); $html .= '<table class="classifiedads-contact"><tr>'; if ($ad['phone']) { $html .= '<td>Phone: ' . htmlspecialchars($ad['phone']) . '</td>'; } /* if ($ad['email']) { $html.='<td>Email: <a href="#" class="classified-ads-email"' .' data-ad-id="'.$ad['id'].'">click to send</a></td>'; } */ $html .= '</tr></table>'; $html .= '</div>'; } else { // show sub-categories and ads // { sub-categories $subcats = dbAll('select id, icon, name from classifiedads_categories where parent=' . $cid . ' order by name'); if (count($subcats)) { $html .= '<div id="classifiedads-subcats">' . '<h2>Categories</h2><ul>'; foreach ($subcats as $cat) { $url = ClassifiedAds_getCategoryUrl($cat['id']); $html .= '<li>' . '<a href="' . $url . '">'; if ($cat['icon']) { $html .= '<img src="/a/f=getImg/' . $cat['icon'] . '/w=32/h=32"/>'; } $html .= htmlspecialchars($cat['name']); $html .= '</a></li>'; } $html .= '</div>'; } // } // { ads $subcatsRecursive = ClassifiedAds_getCategoryIdsRecursive($cid); $ads = ClassifiedAds::getByCategories($subcatsRecursive); $html .= '<table id="classifiedads-ads">' . '<thead><tr><th colspan="2">Title</th><th>Location</th><th>Posted</th>' . '<th>Price</th></tr></thead><tbody>'; $today = date('Y-m-d'); foreach ($ads as $ad) { if ($ad['expiry_date'] < $today) { dbQuery('delete from classifiedads_ad where id=' . $ad['id']); Core_cacheClear('classifiedads_ad'); continue; } $url = ClassifiedAds_getCategoryUrl($ad['category_id']) . '/' . $ad['id'] . '-' . preg_replace('/[^a-z0-9A-Z]/', '-', $ad['title']); $img = ''; $adDir = '/userfiles/' . $ad['user_id'] . '/classified-ads/' . $ad['id']; $dir = USERBASE . '/f' . $adDir; if (file_exists($dir)) { $files = new DirectoryIterator($dir); foreach ($files as $f) { if (!$f->isDot()) { $img = '<img style="max-width:64px;max-height:64px;" src="/a/f=getImg/w=64/h=64' . $adDir . '/' . $f->getFilename() . '"/>'; break; } } } $html .= '<tr class="ad-top-details"><td rowspan="2">' . $img . '</td><td><a href="' . $url . '">' . htmlspecialchars($ad['title']) . '</a></td>' . '<td class="location">' . htmlspecialchars($ad['location']) . '</td>' . '<td class="posted">' . Core_dateM2H($ad['creation_date']) . '</td>' . '<td class="price">€' . htmlspecialchars($ad['cost']) . '</td>' . '</tr><tr class="ad-bottom-details">' . '<td colspan="4">' . $ad['excerpt'] . '</td></tr>'; } $html .= '</tbody></table>'; // } } $html .= '</div>'; $html .= @$PAGEDATA->vars['footer']; WW_addCSS('/ww.plugins/classified-ads/frontend/style.css'); WW_addScript('/j/uploader.js'); return $html; }
$sql = 'select status,id,invoice_num, total,date_created,authorised' . ' from online_store_orders' . ' where ' . $filter . ' order by date_created desc'; $rs = dbAll($sql); if (is_array($rs) && count($rs)) { $c .= '<div style="margin:0 10%">' . '<table id="onlinestore-orders-table" width="100%" class="desc"><thead><tr>' . '<th><input type="checkbox" id="onlinestore-orders-selectall"/></th>' . '<th>' . __('Order ID') . '</th>' . '<th>' . __('Invoice Num') . '</th>' . '<th>' . __('Date') . '</th>' . '<th>' . __('Amount') . '</th>' . '<th>' . __('Items') . '</th>' . '<th>' . __('Invoice') . '</th>' . '<th>' . __('Checkout Form') . '</th>' . '<th>' . __('Status') . '</th>' . '</tr></thead><tbody>'; foreach ($rs as $r) { $c .= '<tr data-id="' . $r['id'] . '">' . '<td><input class="mass-actions" type="checkbox"/></td>' . '<td>' . $r['id'] . '</td>' . '<td>' . htmlspecialchars($r['invoice_num']) . '</td>' . '<td><span style="display:none">' . $r['date_created'] . '</span>' . Core_dateM2H($r['date_created']) . '</td><td>' . $csym . sprintf('%.2f', $r['total']) . '</td>' . '<td><a href="javascript:os_listItems(' . $r['id'] . ')">' . __('Items') . '</a></td>' . '<td><a href="javascript:os_invoice(' . $r['id'] . ')">' . __('Invoice') . '</a>' . ' (<a href="javascript:os_invoice(' . $r['id'] . ',true)">' . __('Print') . '</a>)</td>' . '<td>' . '<a href="javascript:onlinestoreFormValues(' . $r['id'] . ')">' . __('Checkout Form') . '</a>' . '</td>' . '<td><a href="javascript:onlinestoreStatus(' . $r['id'] . ',' . (int) $r['status'] . ')" ' . 'id="os_status_' . $r['id'] . '">' . htmlspecialchars($statii[(int) $r['status']]) . '</a>'; if ($r['authorised']) { $c .= ' <strong>' . __('Authorised') . '</strong>'; } $c .= '</td></tr>'; } $c .= '</tbody></table></div>' . '<select id="onlinestore-orders-action"><option value="0"> -- </option>' . '<option value="1">' . __('Mark as Unpaid') . '</option>' . '<option value="2">' . __('Mark as Paid') . '</option>' . '<option value="3">' . __('Mark as Dispatched') . '</option>' . '<option value="4">' . __('Download as PDF') . '</option>' . '</select>'; } else { $c .= '<em>' . __('No orders with this status exist') . '</em>'; } $c .= '</div>'; // } // { authorised payments if ($has_authrs) { $c .= '<div id="online-store-authorised"><table class="wide"><tr><th>' . '<input type="checkbox"/></th><th>' . __('ID') . '</th><th>' . __('Date') . '</th><th>' . __('Total') . '</th>' . '<th>' . __('Status') . '</th></tr>'; foreach ($authrs as $r) { $c .= '<tr id="capture' . $r['id'] . '"><td><input type="checkbox" id="auth' . $r['id'] . '"/></td>' . '<td>' . $r['id'] . '</td><td>' . Core_dateM2H($r['date_created']) . '</td>' . '<td>' . $r['total'] . '</td><td>' . $statii[(int) $r['status']] . '</td></tr>'; } /* TODO: translation needed */ $c .= '</table><input type="button" value="Capture selected transactions"/>'; $c .= '</div>'; } // } $c .= '</div>'; echo $c; WW_addScript('/ww.plugins/online-store/admin/orders.js');
$trusted = $is_admin || dbOne('select value from site_vars where name="no_moderation"', 'value') ? 1 : 0; if (!is_numeric($page)) { echo '{"status":0, "message":"The page id should be a number"}'; } elseif (!dbOne('select id from pages where id = ' . $page, 'id')) { echo '{"status":0, "message":"No page with that id exists"}'; } else { dbQuery('insert into comments set name = "' . addslashes($name) . '", email = "' . addslashes($email) . '", objectid = ' . $page . ', isvalid = ' . $trusted . ', cdate = now(), comment = "' . addslashes($comment) . '", homepage ="' . addslashes($site) . '"'); $id = dbOne('select last_insert_id() as id', 'id'); // $_SESSION['comment_ids'][] = $id; // turning this off to avoid confusion... if (isset($DBVARS['comments_moderatorEmail']) && $DBVARS['comments_moderatorEmail']) { mail($DBVARS['comments_moderatorEmail'], '[' . $_SERVER['HTTP_HOST'] . '] new comment', addslashes($name) . " has commented on your site:\n" . addslashes($comment) . "\n\nTo approve or delete this comment, please log into your administration area and go to Communication>Comments", 'From: noreply@' . $_SERVER['HTTP_HOST'] . "\nReply-to: noreply@" . $_SERVER['HTTP_HOST']); } $count = dbOne('select count(id) from comments where objectid = ' . $page, 'count(id)'); $datetime = dbOne('select cdate from comments where id = ' . $id, 'cdate'); $date = Core_dateM2H($datetime); if ($count > 1) { $addIntroString = 0; } else { $addIntroString = 1; } $data = array('status' => 1, 'id' => $id, 'name' => $name, 'humandate' => $date, 'mysqldate' => $datetime, 'comment' => $comment, 'add' => $addIntroString, 'moderated' => $trusted ? 0 : 1); echo json_encode($data); }
if (strpos($img, '<img') === 0) { $img = preg_replace('/>.*/', '', $img); $img = preg_replace('/.*src="([^"]*)".*/', '\\1', $img); $img = preg_replace('#^/f/#', '', $img); $thumb = '<img src="/a/f=getImg/w=' . $vars->thumbnailw . '/h=' . $vars->thumbnailh . '/' . $img . '" style="float:left;"/>'; } } $body = ''; if ($vars->characters_shown) { $body = preg_replace('#<h1[^<]*</h1>#', '', $pagerendered); $body = str_replace(array("\n", "\r"), ' ', $body); $body = preg_replace('/<script defer="defer"[^>]*>.*?<\\/script>/', '', $body); $body = preg_replace('/<[^>]*>/', '', $body); $body = '<br /><i>' . substr($body, 0, $vars->characters_shown) . '...</i>'; } $links[] = '<a href="' . $page->getRelativeURL() . '"><strong>' . htmlspecialchars(__FromJson($page->name)) . '</strong><div class="date">' . Core_dateM2H($page->associated_date) . '</div><span class="news-body">' . $thumb . $body . '</span></a>'; } $html .= '<div id="news-wrapper-' . $vars->id . '" class="news_excerpts_wrapper"><ul class="news_excerpts"><li>' . join('</li><li>', $links) . '</li></ul></div>'; if (isset($vars->scrolling) && $vars->scrolling) { $n_items = isset($vars->stories_to_show) && is_numeric($vars->stories_to_show) ? $vars->stories_to_show : 2; if (isset($vars->scrolling) && $vars->scrolling) { WW_addScript('/j/jquery.vticker.js'); WW_addCSS('/ww.plugins/news/c/scroller.css'); $html .= '<script defer="defer">$(function(){ $("#news-wrapper-' . $vars->id . '").vTicker({ speed: 15000, pause: 5000, showItems: ' . $n_items . ', animation: "", mousePause: true });
$c .= '<thead>'; $c .= '<tr>'; foreach ($datafields as $data) { $name = $data->ti ? $data->ti : ucwords(str_replace('_', ' ', $data->n)); $c .= '<th>' . htmlspecialchars(ucfirst($name)) . '</th>'; } $c .= '</tr>'; $c .= '</thead>'; $c .= '<tbody>'; $c .= '<tr>'; foreach ($datafields as $data) { $c .= '<td>'; switch ($data->t) { case 'date': // { $c .= Core_dateM2H($product->vals[$data->n]); break; // } // } case 'checkbox': // { if (isset($product->vals[$data->n])) { $c .= __('Yes'); } else { $c .= __('No'); } break; // } // } case 'textarea': // {
/** * display products in a datatable format * * @param array $products array of product IDS to show * @param string $direction the orientation of the table * * @return string */ function Product_datatableMultiple($products, $direction) { $headers = array(); $header_types = array(); $data = array(); foreach ($products as $pid) { $row = array(); $product = Product::getInstance($pid); $type = ProductType::getInstance($product->vals['product_type_id']); if (!isset($type)) { $ptid = $product->vals['product_type_id']; return '<em>' . __('Product Type with ID %1 does not exist - please alert the admin of' . ' this site.', array($ptid), 'core') . '</em>'; } $row['name'] = $product->name; if (!is_array($type->data_fields)) { return __('Product Type "%1" has no data fields.', array($type->name), 'core'); } foreach ($type->data_fields as $df) { switch ($df->t) { case 'checkbox': // { $row[$df->n] = isset($product->vals[$df->n]) && $product->vals[$df->n] ? __('Yes') : __('No'); break; // } // } case 'date': // { $row[$df->n] = Core_dateM2H($product->vals[$df->n]); break; // } // } case 'textarea': // { $row[$df->n] = $product->vals[$df->n]; break; // } // } default: // { $row[$df->n] = htmlspecialchars($product->vals[$df->n]); break; // } } if (!in_array($df->n, $headers)) { if ($df->ti) { $headers[$df->n] = $df->ti; } else { $headers[$df->n] = ucwords($df->n); } $header_types[$df->n] = $df->t; } } $data[] = $row; } switch ($direction) { case 'horizontal': // { // { datatables WW_addScript('http://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/' . 'jquery.dataTables.min.js'); WW_addScript('/j/datatables-delay.js'); WW_addCSS('http://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/css/' . 'jquery.dataTables.css'); WW_addCSS('http://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/css/' . 'jquery.dataTables_themeroller.css'); // } WW_addScript('products/frontend/show-horizontal.js'); WW_addCSS('/ww.plugins/products/frontend/show-horizontal.css'); $html = '<table class="product-horizontal">'; $html .= '<thead><tr>'; foreach ($headers as $n => $v) { $html .= '<th o="' . htmlspecialchars($n) . '">' . htmlspecialchars($v) . '</th>'; } $html .= '</tr></thead><tbody>'; foreach ($data as $row) { $html .= '<tr>'; foreach ($headers as $n => $d) { $html .= '<td>' . $row[$n] . '</td>'; } $html .= '</tr>'; } $html .= '</tbody>'; $html .= '<tfoot><tr>'; foreach ($headers as $key => $name) { if ($header_types[$key] == 'checkbox') { $html .= '<th><select name="search_' . $name . '"><option></option>' . '<option value="0">' . __('No') . '</option>' . '<option value="1">' . __('Yes') . '</option>' . '</select></th>'; } else { $html .= '<th><input type="text" name="search_' . $name . '" /></th>'; } } $html .= '</tr></tfoot></table>'; break; // } // } case 'vertical': // { $html = '<table class="product-vertical">'; foreach ($headers as $n => $d) { $html .= '<tr class="' . $n . '"><th>' . $d . '</th>'; foreach ($data as $row) { $html .= '<td>' . $row[$n] . '</td>'; } $html .= '</tr>'; } $html .= '</table>'; break; // } } return $html; }
if (!isset($excerpt_length)) { $excerpt_length = 200; } if (isset($PAGEDATA->vars['blog_excerpt_length'])) { $excerpt_length = (int) $PAGEDATA->vars['blog_excerpt_length']; if ($excerpt_length < 10) { $excerpt_length = 200; } } foreach ($rs as $r) { $sclass = $r['status'] == '1' ? 'blog-published' : 'blog-unpublished'; $c .= '<div class="blog-excerpt-wrapper ' . $sclass . '" id="blog-entry-' . $r['id'] . '">'; $c .= '<h2 class="blog-header">' . htmlspecialchars($r['title']) . '</h2>'; $user = User::getInstance($r['user_id']); $name = $user ? $user->name : 'unknown'; $c .= '<div class="blog-meta">' . '<span class="blog-author" data-uid="' . $r['user_id'] . '">' . $name . '</span>' . '<span class="blog-separator"> ~ </span>' . '<span class="blog-date-published">' . Core_dateM2H($r['pdate']) . '</span>' . '</div>'; // } $excerpt = $r['excerpt'] ? $r['excerpt'] : substr(preg_replace('/\\s+/', ' ', str_replace(' ', ' ', preg_replace('/<[^>]*>/', ' ', $r['body']))), 0, $excerpt_length) . '...'; // { image if (!$r['excerpt_image']) { $img = preg_replace('/.*<img.*?src="([^"]*)".*/m', '\\1', str_replace(array("\n", "\r"), ' ', $r['body'])); if (strpos($img, '/f') === 0) { $r['excerpt_image'] = preg_replace('#^/f/#', '', $img); } } $img = ''; if ($r['excerpt_image']) { if (!isset($excerptImageSizeX)) { $excerptImageSizeX = 100; } if (!isset($excerptImageSizeY)) {
function forum_user_profile($PAGEDATA, $user) { $script = '$(function(){$(".rating").ratings();}); '; WW_addScript('ratings/ratings.js'); WW_addInlineScript($script); $threads = dbOne('select count(id) from forums_threads where creator_id=' . $user['id'], 'count(id)'); $posts = dbOne('select count(id) from forums_posts where author_id=' . $user['id'], 'count(id)'); $emailHash = md5(trim(strtolower($user['email']))); $html = '<h1>Forum</h1> <table style="border:1px solid #ccc;margin:10px"> <tr> <td rowspan="3"> <img class="avatar" data-uid="' . $user['id'] . '"/> </td> <th>Threads Created:</th> <td>' . $threads . '</tr> </tr> <tr> <th>Posts:</th> <td>' . $posts . '</td> </tr> <tr> <th>Helpfulness Rating:</th> <td><p id="forum_user_' . $user['id'] . '" class="rating" type="forum_user">rating</p></td> </tr> </table>'; $recent = dbAll('select * from forums_posts where author_id=' . $user['id'] . ' order by created_date desc limit 4'); $ids = array(); foreach ($recent as $post) { if (!in_array($post['thread_id'], $ids)) { array_push($ids, $post['thread_id']); } } $threads = dbAll('select * from forums_threads where id=' . implode(' or id=', $ids)); $html .= '<h1>Forum - Your Recent Posts</h1> <table style="border:1px solid #ccc;margin:10px"> <tr> <th>Thread</th> <th>Date</th> <th>Post</th> </tr>'; foreach ($recent as $post) { foreach ($threads as $thread) { if ($thread['id'] == $post['thread_id']) { $thread_id = $thread['id']; $name = $thread['name']; $forum = $thread['forum_id']; break; } } $pagename = dbOne('select name from pages where id=(select page_id from forums where id=1)', 'name'); $link = '/_r?type=forum&forum-f=' . $forum . '&forum-t=' . $thread_id; $html .= '<tr> <td><a href="' . $link . '">' . $name . '</a></td> <td>' . Core_dateM2H($post['created_date']) . '</td> <td>' . substr($post['body'], 0, 40) . ' [...]</td> </tr>'; } $html .= '</table>'; return $html; }
$garr = array(); foreach ($grs as $gr) { if (!isset($groups[$gr['groups_id']])) { $groups[$gr['groups_id']] = dbOne("select name from groups where id={$gr['groups_id']} limit 1", 'name'); } $garr[] = $groups[$gr['groups_id']]; } echo join(', ', $garr); echo '</td>'; // } // { last login echo '<td><span class="nodisplay">' . $user['last_login'] . '</span>'; if ($user['last_login'] == '0000-00-00 00:00:00') { echo 'never</td>'; } else { echo Core_dateM2H($user['last_login']) . '</td>'; } // } // { last view echo '<td><span class="nodisplay">' . $user['last_view'] . '</span>'; if ($user['last_view'] == '0000-00-00 00:00:00') { echo 'never</td>'; } else { echo Core_dateM2H($user['last_view']) . '</td>'; } // } echo '<td><a href="siteoptions.php?page=users&id=' . $user['id'] . '">edi' . 't</a> <a href="siteoptions.php?page=users&id=' . $user['id'] . '&' . 'action=delete" onclick="return confirm(\'are you sure you want to del' . 'ete this user?\')">[x]</a></td></tr>'; } echo '</tbody></table>'; // } WW_addScript('/ww.admin/siteoptions/users-list.js');
/** * The main display function * * @param Object $page Page Info * * @return $html The comments and an add comment form **/ function Comments_displayComments($page) { if (!$GLOBALS['access_allowed']) { return ''; } // { order of display $commentboxfirst = isset($page->vars['comments_show_box_at_top']) && $page->vars['comments_show_box_at_top']; // } // { get list of existing comments $hideComments = isset($page->vars['hide_comments']) && $page->vars['hide_comments']; if ($hideComments) { if (count(@$_SESSION['comment_ids'])) { $query = 'select * from comments where objectid=' . $page->id . ' and id in (' . join(', ', $_SESSION['comment_ids']) . ')'; } else { $query = ''; } } else { if (count(@$_SESSION['comment_ids'])) { $query = 'select * from comments where objectid=' . $page->id . ' and (isvalid=1 or id in (' . join(', ', $_SESSION['comment_ids']) . '))'; } else { $query = 'select * from comments where objectid=' . $page->id . ' and isvalid=1'; } } if ($query) { $sql = $query . ' order by cdate ' . ($commentboxfirst ? 'desc' : 'asc'); $md5 = md5($sql); $comments = Core_cacheLoad('comments', $md5); if ($comments === false) { $comments = dbAll($sql); Core_cacheSave('comments', $md5, $comments); } } // } $clist = ''; if (count($comments)) { $clist = '<div id="start-comments" class="comments-list"><a name="comments"></a>' . '<strong>Comments</strong>'; foreach ($comments as $comment) { $id = $comment['id']; $datetime = $comment['cdate']; $allowedToEdit = Core_isAdmin() || isset($_SESSION['comment_ids']) && is_array($_SESSION['comment_ids']) && in_array($id, $_SESSION['comment_ids'], false); $clist .= '<div class="comment-wrapper'; if ($allowedToEdit) { $clist .= ' comment-editable" ' . 'cdate="' . $datetime . '" comment="' . htmlspecialchars($comment['comment']) . '"'; } else { $clist .= '" '; } $clist .= 'id="comment-wrapper-' . $comment['id'] . '"' . '><a name="comments-' . $id . '"></a>' . '<div class="comment-info" id="comment-info-' . $id . '">Posted by '; if (!empty($comment['site'])) { $clist .= '<a href="' . $comment['site'] . '" target=_blank>' . htmlspecialchars($comment['name']) . '</a>'; } else { $clist .= htmlspecialchars($comment['name']); } $clist .= ' on ' . Core_dateM2H($datetime) . '</div>' . '<div id="comment-' . $id . '" class="comments-comment">' . htmlspecialchars($comment['comment']) . '</div></div>'; } $clist .= '</div>'; } else { $clist .= ''; } // { get comment box HTML $allowComments = Core_cacheLoad('comments', 'allow-' . $page->id, -1); if ($allowComments === -1) { $allowComments = dbOne('select value from page_vars where name="allow_comments" and page_id=' . $page->id, 'value'); Core_cacheSave('comments', 'allow-' . $page->id, $allowComments); } $cbhtml = $allowComments == 'on' ? Comments_showCommentForm($page->id) : ''; if ($allowComments == 'on') { WW_addScript('comments/frontend/comments-frontend.js'); $cbhtml .= '<script src="//ajax.aspnetcdn.com/ajax/jquery.validate/1.9/' . 'jquery.validate.min.js"></script>'; } WW_addCSS('/ww.plugins/comments/frontend/comments.css'); // } return $commentboxfirst ? $cbhtml . $clist : $clist . $cbhtml; }