function __wps__forum($atts) { global $wpdb, $current_user; $level = __wps__get_current_userlevel(); $html = ''; $topic_id = ''; extract( shortcode_atts( array( 'cat' => '' ), $atts, WPS_SHORTCODE_PREFIX.'-forum' ) ); $cat_id = $cat; // resolve stubs if using permalinks if ( get_option(WPS_OPTIONS_PREFIX.'_permalink_structure') && get_query_var('stub')) { $stubs = explode('/', get_query_var('stub')); $stub0 = $stubs[0]; $stub1 = $stubs[1]; if (WPS_DEBUG) echo $stub0.'/'.$stub1.'<br />'; if ($stub0 && get_option(WPS_OPTIONS_PREFIX.'_permalinks_cats')) { // Two parameters, so go to topic $cat_id = __wps__get_stub_id($stub0, 'forum-cat'); $topic_id = __wps__get_stub_id($stub1, 'forum-topic'); if (!$cat_id) $cat_id = ''; if (!$topic_id) $topic_id = ''; if (WPS_DEBUG) echo '(1):'.$cat_id.'/'.$topic_id.' ('.$stub0.'/'.$stub1.')<br />'; } else { // One parameter, so go to category if ($stub0) $stub1 = $stub0; $cat_id = __wps__get_stub_id($stub1, 'forum-cat'); if (WPS_DEBUG) echo '(2):'.$cat_id.' ('.$stub1.')<br />'; if (!$cat_id) { // Couldn't find category, so look for topic instead $cat_id = ''; $topic_id = __wps__get_stub_id($stub1, 'forum-topic'); if (WPS_DEBUG) echo '(3):'.$topic_id.' ('.$stub1.')<br />'; if (!$topic_id) $topic_id = ''; } } $html .= "<div id='symposium_perma_cat_id' style='display:none'>".$cat_id."</div>"; $html .= "<div id='symposium_perma_topic_id' style='display:none'>".$topic_id."</div>"; } // not using AJAX (or permalinks not found, for backward compatibility with old links) if ( ( $topic_id == '' && $cat_id == '') || ( !$cat_id != '' && get_option(WPS_OPTIONS_PREFIX.'_forum_ajax') && !get_option(WPS_OPTIONS_PREFIX.'_permalink_structure') ) ) { $cat_id = isset($_GET['cid']) ? $_GET['cid'] : 0; $topic_id = isset($_GET['show']) ? $_GET['show'] : 0; } // Wrapper $html .= "<div class='__wps__wrapper'>"; // Check to see if this member is in the included list of roles $user = get_userdata( $current_user->ID ); $can_view = false; $viewer = str_replace('_', '', str_replace(' ', '', strtolower(get_option(WPS_OPTIONS_PREFIX.'_viewer')))); if (is_user_logged_in()) { $capabilities = $user->{$wpdb->base_prefix.'capabilities'}; if ($capabilities) { foreach ( $capabilities as $role => $name ) { if ($role) { $role = strtolower($role); $role = str_replace(' ', '', $role); $role = str_replace('_', '', $role); if (WPS_DEBUG) $html .= 'Checking global forum (symposium_forum) role '.$role.' against '.$viewer.'<br />'; if (strpos($viewer, $role) !== FALSE) $can_view = true; } } } else { // No WordPress role stored } } $everyone = str_replace(' ', '', strtolower(__('everyone', WPS_TEXT_DOMAIN))); // Deal with some foreign translations of 'everyone' if ( $can_view || strpos($viewer, $everyone) !== FALSE ) { $html .= "<div id='__wps__forum_div'>"; if ( get_option(WPS_OPTIONS_PREFIX.'_permalink_structure') || !get_option(WPS_OPTIONS_PREFIX.'_forum_ajax') ) { if ($topic_id == 0) { $forum = __wps__getForum($cat_id); if (($x = strpos($forum, '[|]')) !== FALSE) $forum = substr($forum, $x+3); $html .= $forum; } else { $html .= __wps__getTopic($topic_id); } } $html .= "</div>"; } else { $html .= "<p>".__("Sorry, but you are not permitted to view the forum.", WPS_TEXT_DOMAIN)."</p>"; if (__wps__get_current_userlevel() == 5) $html .= sprintf(__('Permissions are set via the WordPress admin dashboard->%s->Options->Forum.', WPS_TEXT_DOMAIN), WPS_WL_SHORT); } $html .= "</div>"; // End Wrapper $html .= "<div style='clear: both'></div>"; // Send HTML return $html; }
echo 'NOT LOGGED IN'; exit; } } // Get Topic **************************************************************** if ($_POST['action'] == 'getTopic') { $topic_id = $_POST['topic_id']; $group_id = $_POST['group_id']; if (is_int($topic_id) && is_int($group_id)): echo __wps__getTopic($topic_id, $group_id); else: echo 'Possible SQL injection (forum_functions.php): '.$topic_id.'|'.$group_id; endif; exit; } // Get Forum **************************************************************** if ($_POST['action'] == 'getForum') { $cat_id = $_POST['cat_id']; if (isset($_POST['limit_from'])) { $limit_from = $_POST['limit_from']; } else { $limit_from = 0; } $group_id = $_POST['group_id'];