/** * Function used to update video */ function update_video($array = NULL) { global $eh, $Cbucket, $db, $Upload; $Upload->validate_video_upload_form(NULL, TRUE); if (empty($eh->error_list)) { $required_fields = $Upload->loadRequiredFields($array); $location_fields = $Upload->loadLocationFields($array); $option_fields = $Upload->loadOptionFields($array); $upload_fields = array_merge($required_fields, $location_fields, $option_fields); //Adding Custom Upload Fields if (count($Upload->custom_upload_fields) > 0) { $upload_fields = array_merge($upload_fields, $Upload->custom_upload_fields); } //Adding Custom Form Fields if (count($Upload->custom_form_fields) > 0) { $upload_fields = array_merge($upload_fields, $Upload->custom_form_fields); } //Adding custom fields from group if (count($Upload->custom_form_fields_groups) > 0) { $custom_fields_from_group_fields = array(); $custom_fields_from_group = $Upload->custom_form_fields_groups; foreach ($custom_fields_from_group as $cffg) { $custom_fields_from_group_fields = array_merge($custom_fields_from_group_fields, $cffg['fields']); } $upload_fields = array_merge($upload_fields, $custom_fields_from_group_fields); } if (!$array) { $array = $_POST; } $vid = $array['videoid']; $the_video = get_video_details($vid); if (is_array($_FILES)) { $array = array_merge($array, $_FILES); } foreach ($upload_fields as $field) { $name = formObj::rmBrackets($field['name']); $val = $array[$name]; if (empty($val) && $field['use_if_value']) { } else { if ($field['use_func_val']) { $val = $field['validate_function']($val); } if (!empty($field['db_field'])) { $query_field[] = $field['db_field']; } if (is_array($val)) { $new_val = ''; foreach ($val as $v) { $new_val .= "#" . $v . "# "; } $val = $new_val; } if (!$field['clean_func'] || !apply_func($field['clean_func'], $val) && !is_array($field['clean_func'])) { $val = $val; } else { $val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val)); } if (!empty($field['db_field'])) { $query_val[] = $val; } } } #$query = "INSERT INTO video ("; $total_fields = count($query_field); /* for($key=0;$key<$total_fields;$key++) { $query .= query_field[$key]." = '".$query_val[$key]."'" ; if($key<$total_fields-1) $query .= ','; } */ if (has_access('admin_access', TRUE)) { if (!empty($array['status'])) { $query_field[] = 'status'; $query_val[] = $array['status']; } if (!empty($array['duration']) && is_numeric($array['duration']) && $array['duration'] > 0) { $query_field[] = 'duration'; $query_val[] = $array['duration']; } if (!empty($array['views'])) { $query_field[] = 'views'; $query_val[] = $array['views']; } if (!empty($array['rating'])) { $query_field[] = 'rating'; $rating = $array['rating']; if (!is_numeric($rating) || $rating < 0 || $rating > 10) { $rating = 1; } $query_val[] = $rating; } if (!empty($array['rated_by'])) { $query_field[] = 'rated_by'; $query_val[] = $array['rated_by']; } } if (!userid()) { e(lang("you_dont_have_permission_to_update_this_video")); } elseif (!$this->video_exists($vid)) { e(lang("class_vdo_del_err")); } elseif (!$this->is_video_owner($vid, userid()) && !has_access('admin_access', TRUE)) { e(lang("no_edit_video")); } else { //pr($upload_fields); //Updating Slug if (config('auto_update_slug') != 'no' || !$the_video['slug']) { if ($the_video['title'] != $array['title']) { $slug = slug($array['title']); if ($the_video['slug'] != $slug) { $db->update(tbl('slugs'), array('in_use'), array('no'), "object_id='{$vid}' AND object_type='v' "); $slug_arr = add_slug($slug, $vid, 'v'); $query_field[] = 'slug_id'; $query_val[] = $slug_arr['id']; } } } $db->update(tbl('video'), $query_field, $query_val, " videoid='{$vid}'"); call_actions('update_video', array('videoid' => $vid, 'data' => $array)); //echo $db->db_query; e(lang("class_vdo_update_msg"), 'm'); } } }
/** * Function used to create collection preview */ function update_collection($array = NULL) { global $db; if ($array == NULL) { $array = $_POST; } if (is_array($_FILES)) { $array = array_merge($array, $_FILES); } $this->validate_form_fields($array); $cid = $array['collection_id']; if (!error()) { $reqFields = $this->load_required_fields($array); $otherFields = $this->load_other_fields($array); $collection_fields = array_merge($reqFields, $otherFields); if ($this->custom_collection_fields > 0) { $collection_fields = array_merge($collection_fields, $this->custom_collection_fields); } foreach ($collection_fields as $field) { $name = formObj::rmBrackets($field['name']); $val = $array[$name]; if ($field['use_func_val']) { $val = $field['validate_function']($val); } if (!empty($field['db_field'])) { $query_field[] = $field['db_field']; } if (is_array($val)) { $new_val = ''; foreach ($val as $v) { $new_val .= "#" . $v . "# "; } $val = $new_val; } if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) { $val = $val; } else { $val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val)); } if (!empty($field['db_field'])) { $query_val[] = $val; } } if (has_access('admin_access', TRUE)) { if (!empty($array['total_comments'])) { $total_comments = $array['total_comments']; if (!is_numeric($total_comments) || $total_comments < 0) { $total_comments = 0; } $query_field[] = "total_comments"; $query_val[] = $total_comments; } if (!empty($array['total_objects'])) { $tobj = $array['total_objects']; if (!is_numeric($tobj) || $tobj < 0) { $tobj = 0; } $query_field[] = "total_objects"; $query_val[] = $tobj; } } } if (!error()) { if (!userid()) { e(lang("you_not_logged_in")); } elseif (!$this->collection_exists($cid)) { e(lang("collect_not_exist")); } elseif (!$this->is_collection_owner($cid, userid()) && !has_access('admin_access', TRUE)) { e(lang("cant_edit_collection")); } else { $db->update(tbl($this->section_tbl), $query_field, $query_val, " collection_id = {$cid}"); e(lang("collection_updated"), "m"); if (!empty($array['collection_thumb']['tmp_name'])) { $this->upload_thumb($cid, $array['collection_thumb']); } } } }
/** * Update Photo */ function update_photo($array = NULL) { global $db; if ($array == NULL) { $array = $_POST; } $this->validate_form_fields($array); $pid = $array['photo_id']; $cid = $this->get_photo_field($pid, 'collection_id'); if (!error()) { $reqFields = $this->load_required_forms($array); $otherFields = $this->load_other_forms($array); $fields = array_merge($reqFields, $otherFields); foreach ($fields as $field) { $name = formObj::rmBrackets($field['name']); $val = $array[$name]; if ($field['use_func_val']) { $val = $field['validate_function']($val); } if (!empty($field['db_field'])) { $query_field[] = $field['db_field']; } if (is_array($val)) { $new_val = ''; foreach ($val as $v) { $new_val .= "#" . $v . "# "; } $val = $new_val; } if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) { $val = $val; } else { $val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val)); } if (!empty($field['db_field'])) { $query_val[] = $val; } } if (has_access('admin_access', TRUE)) { if (isset($array['views'])) { $query_field[] = 'views'; $query_val[] = $array['views']; } if (isset($array['total_comments'])) { $query_field[] = "total_comments"; $query_val[] = $array['total_comments']; } if (isset($array['total_favorites'])) { $query_field[] = "total_favorites"; $query_val[] = $array['total_favorites']; } if (isset($array['downloaded'])) { $query_field[] = "downloaded"; $query_val[] = $array['downloaded']; } if (isset($array['voters'])) { $query_field[] = "voters"; $query_val[] = $array['voters']; } } if (!error()) { if (!userid()) { e(lang("you_not_logged_in")); } elseif (!$this->photo_exists($pid)) { e(lang("photo_not_exists")); } elseif ($this->get_photo_owner($pid) != userid() && !has_access('admin_access', TRUE)) { e(lang("cant_edit_photo")); } else { if ($cid != $array['collection_id']) { $this->collection->change_collection($array['collection_id'], $pid, $cid); } $db->update(tbl('photos'), $query_field, $query_val, " photo_id='{$pid}'"); e(lang("photo_updated_successfully"), "m"); } } } }
/** * Function used add new topic in group * @param ARRAY details */ function add_topic($array, $redirect_to_topic = false) { global $db; if ($array == NULL) { $array = $_POST; } if (is_array($_FILES)) { $array = array_merge($array, $_FILES); } $fields = $this->load_add_topic_form_fields($array); validate_cb_form($fields, $array); $user = userid(); if (!error()) { foreach ($fields as $field) { $name = formObj::rmBrackets($field['name']); $val = $array[$name]; if ($field['use_func_val']) { $val = $field['validate_function']($val); } if (!empty($field['db_field'])) { $query_field[] = $field['db_field']; } if (is_array($val)) { $new_val = ''; foreach ($val as $v) { $new_val .= "#" . $v . "# "; } $val = $new_val; } if (!$field['clean_func'] || !apply_func($field['clean_func'], $val) && !is_array($field['clean_func'])) { $val = $val; } else { $val = apply_func($field['clean_func'], sql_free($val)); } if (empty($val) && !empty($field['default_value'])) { $val = $field['default_value']; } if (!empty($field['db_field'])) { $query_val[] = $val; } } } $gp_details = $this->get_group_details($array['group_id']); //Checking for weather user is allowed to post topics or not $this->validate_posting_previlige($gp_details); if (!error()) { //Adding Topic icon $query_field[] = "topic_icon"; $query_val[] = $array['topic_icon']; //UID $query_field[] = "userid"; $query_val[] = $user; //DATE ADDED $query_field[] = "date_added"; $query_val[] = now(); $query_field[] = "last_post_time"; $query_val[] = now(); //GID $query_field[] = "group_id"; $query_val[] = $array['group_id']; //Checking If posting requires approval or not $query_field[] = "approved"; if ($gp_details['post_type'] == 1) { $query_val[] = "no"; } else { $query_val[] = "yes"; } //Inserting IN Database now $db->insert(tbl($this->gp_topic_tbl), $query_field, $query_val); $insert_id = $db->insert_id(); //Increasing Group Topic Counts $count_topics = $this->count_group_topics($array['group_id']); $db->update(tbl($this->gp_tbl), array("total_topics"), array($count_topics), " group_id='" . $array['group_id'] . "'"); //leaving msg e(lang("grp_tpc_msg"), "m"); //Redirecting to topic if ($redirect_to_topic) { $grp_details = $this->get_details($insert_id); redirect_to(group_link($grp_details)); } return $insert_id; } }
/** * Function used to update playlist details */ function edit_playlist($array = null) { global $db; if (is_null($array)) { $array = $_POST; } $name = mysql_clean($array['name']); $pdetails = $this->get_playlist($array['pid'] ? $array['pid'] : $array['list_id']); if (!$pdetails) { e(lang("playlist_not_exist")); } elseif (!userid()) { e(lang("you_not_logged_in")); } elseif ($this->playlist_exists($name, userid(), $this->type)) { e(sprintf(lang("play_list_with_this_name_arlready_exists"), $name)); } else { $upload_fields = $this->load_playlist_fields($array); $fields = array(); foreach ($upload_fields as $group) { $fields = array_merge($fields, $group['fields']); } validate_cb_form($fields, $array); if (!error()) { foreach ($fields as $field) { $name = formObj::rmBrackets($field['name']); $val = $array[$name]; if ($field['use_func_val']) { $val = $field['validate_function']($val); } if (is_array($val)) { $new_val = ''; foreach ($val as $v) { $new_val .= "#" . $v . "# "; } $val = $new_val; } if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) { $val = $val; } else { $val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val)); } if (!empty($field['db_field'])) { $query_values[$name] = $val; } } if (has_access('admin_access')) { if (isset($array['played']) and !empty($array['played'])) { $query_values['played'] = $array['played']; } } $query_values['last_update'] = NOW(); $db->update(tbl('playlists'), array_keys($query_values), array_values($query_values), " playlist_id = '" . $pdetails['playlist_id'] . "' "); $array['playlist_id'] = $array['pid'] ? $array['pid'] : $array['list_id']; cb_do_action('update_playlist', array('object_id' => $array['pid'] ? $array['pid'] : $array['list_id'], 'results' => $array)); } /*$db->update(tbl($this->playlist_tbl),array("playlist_name"), array($name)," playlist_id='".$params['pid']."'");*/ e(lang("play_list_updated"), "m"); } }
/** * Function used to validate signup form */ function signup_user($array = NULL, $send_signup_email = true) { global $LANG, $db, $userquery; if ($array == NULL) { $array = $_POST; } if (is_array($_FILES)) { $array = array_merge($array, $_FILES); } $this->validate_form_fields($array); //checking terms and policy agreement if ($array['agree'] != 'yes' && !has_access('admin_access', true)) { e(lang('usr_ament_err')); } if (!verify_captcha()) { e(lang('usr_ccode_err')); } if (!error()) { $signup_fields = $this->load_signup_fields($array); //Adding Custom Signup Fields if (count($this->custom_signup_fields) > 0) { $signup_fields = array_merge($signup_fields, $this->custom_signup_fields); } foreach ($signup_fields as $field) { $name = formObj::rmBrackets($field['name']); $val = $array[$name]; if ($field['use_func_val']) { $val = $field['validate_function']($val); } //Overrides use_func_val if ($field['value_function'] && function_exists($field['value_function'])) { $val = $field['value_function']($val); } if (!empty($field['db_field'])) { $query_field[] = $field['db_field']; } if (is_array($val)) { $new_val = ''; foreach ($val as $v) { $new_val .= "#" . $v . "# "; } $val = $new_val; } if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) { $val = mysql_clean($val); } else { $val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val)); } if (!empty($field['db_field'])) { $query_val[] = $val; } } // Setting Verification type if (EMAIL_VERIFICATION == '1') { $status = 'unverified'; $welcome_email = 'no'; } else { $status = 'verified'; $welcome_email = 'yes'; } if (config('user_moderation') == 'yes') { $active = 'no'; } else { $active = 'yes'; } if (has_access('admin_access', true)) { if ($array['status'] == 'verified') { $status = 'verified'; $welcome_email = 'yes'; } else { $status = 'unverified'; $welcome_email = 'no'; } if ($array['active'] == 'yes') { $active = 'yes'; } else { $active = 'yes'; } $query_field[] = "level"; $query_val[] = $array['level']; } $query_field[] = "status"; $query_val[] = $status; $query_field[] = "active"; $query_val[] = $active; $query_field[] = "\twelcome_email_sent"; $query_val[] = $welcome_email; //Creating AV Code $avcode = RandomString(10); $query_field[] = "avcode"; $query_val[] = $avcode; //Signup IP $signup_ip = $_SERVER['REMOTE_ADDR']; $query_field[] = "signup_ip"; $query_val[] = $signup_ip; //Date Joined $now = NOW(); $query_field[] = "doj"; $query_val[] = $now; /** * A VERY IMPORTANT PART OF * OUR SIGNUP SYSTEM IS * SESSION KEY AND CODE * WHEN A USER IS LOGGED IN * IT IS ONLY VALIDATED BY * ITS SIGNUP KEY AND CODE * */ $sess_key = $this->create_session_key($_COOKIE['PHPSESSID'], $array['password']); $sess_code = $this->create_session_code(); $query_field[] = "user_session_key"; $query_val[] = $sess_key; $query_field[] = "user_session_code"; $query_val[] = $sess_code; $query = "INSERT INTO " . tbl("users") . " ("; $total_fields = count($query_field); //Adding Fields to query $i = 0; foreach ($query_field as $qfield) { $i++; $query .= $qfield; if ($i < $total_fields) { $query .= ','; } } $query .= ") VALUES ("; $i = 0; //Adding Fields Values to query foreach ($query_val as $qval) { $i++; $query .= "'{$qval}'"; if ($i < $total_fields) { $query .= ','; } } //Finalzing Query $query .= ")"; $db->Execute($query); $insert_id = $db->insert_id(); $db->insert(tbl($userquery->dbtbl['user_profile']), array("userid"), array($insert_id)); if (!has_access('admin_access', true) && EMAIL_VERIFICATION && $send_signup_email) { global $cbemail; $tpl = $cbemail->get_template('email_verify_template'); $more_var = array('{username}' => post('username'), '{password}' => post('password'), '{email}' => post('email'), '{avcode}' => $avcode); if (!is_array($var)) { $var = array(); } $var = array_merge($more_var, $var); $subj = $cbemail->replace($tpl['email_template_subject'], $var); $msg = nl2br($cbemail->replace($tpl['email_template'], $var)); //Now Finally Sending Email //cbmail(array('to'=>post('email'),'from'=>WEBSITE_EMAIL,'subject'=>$subj,'content'=>$msg)); } elseif (!has_access('admin_access', true) && $send_signup_email) { //$this->send_welcome_email($insert_id); } $log_array = array('username' => $array['username'], 'userid' => $insert_id, 'userlevel' => $array['level'], 'useremail' => $array['email'], 'success' => 'yes', 'details' => sprintf("%s signed up", $array['username'])); //Login Signup insert_log('signup', $log_array); //Adding User has Signup Feed addFeed(array('action' => 'signup', 'object_id' => $insert_id, 'object' => 'signup', 'uid' => $insert_id)); return $insert_id; } return false; }
function submit_upload($array = NULL) { global $eh, $Cbucket, $db, $userquery; if (!$array) { $array = $_POST; } $this->validate_video_upload_form($array, TRUE); if (empty($eh->error_list)) { $required_fields = $this->loadRequiredFields($array); $location_fields = $this->loadLocationFields($array); $option_fields = $this->loadOptionFields($array); $upload_fields = array_merge($required_fields, $location_fields, $option_fields); //Adding Custom Upload Fields if (count($this->custom_upload_fields) > 0) { $upload_fields = array_merge($upload_fields, $this->custom_upload_fields); } //Adding Custom Form Fields if (count($this->custom_form_fields) > 0) { $upload_fields = array_merge($upload_fields, $this->custom_form_fields); } $userid = userid(); if (!userid() && has_access('allow_video_upload', true, false)) { $userid = $userquery->get_anonymous_user(); //$userid = $user['userid']; } elseif (userid() && !has_access('allow_video_upload', true, true)) { return false; } if (is_array($_FILES)) { $array = array_merge($array, $_FILES); } foreach ($upload_fields as $field) { $name = formObj::rmBrackets($field['name']); $val = $array[$name]; if ($field['use_func_val']) { $val = $field['validate_function']($val); } if (!empty($field['db_field'])) { $query_field[] = $field['db_field']; } if (is_array($val)) { $new_val = ''; foreach ($val as $v) { $new_val .= "#" . $v . "# "; } $val = $new_val; } if (!$field['clean_func'] || !apply_func($field['clean_func'], $val) && !is_array($field['clean_func'])) { $val = mysql_clean($val); } else { $val = apply_func($field['clean_func'], sql_free($val)); } if (empty($val) && !empty($field['default_value'])) { $val = $field['default_value']; } if (!empty($field['db_field'])) { $query_val[] = $val; } } //Adding Video Code $query_field[] = "file_name"; $file_name = mysql_clean($array['file_name']); $query_val[] = $file_name; //ADding Video Key $query_field[] = "videokey"; $query_val[] = $this->video_keygen(); //Userid $query_field[] = "userid"; if (!$array['userid']) { $query_val[] = $userid; } else { $query_val[] = $array['userid']; } //Upload Ip $query_field[] = "uploader_ip"; $query_val[] = $_SERVER['REMOTE_ADDR']; $activation = ACTIVATION; //Setting Activation Option if ($activation == 0) { $active = 'yes'; } else { $active = 'no'; } $query_field[] = "active"; $query_val[] = $active; $query_field[] = "date_added"; $query_val[] = now(); $query_field[] = 'file_directory'; $query_val[] = $array['file_directory']; /*$query = "INSERT INTO " . tbl("video") . " ("; $total_fields = count($query_field); //Adding Fields to query $i = 0; foreach ($query_field as $qfield) { $i++; $query .= $qfield; if ($i < $total_fields) $query .= ','; } $query .= ") VALUES ("; $i = 0; //Adding Fields Values to query foreach ($query_val as $qval) { $i++; $query .= "'$qval'"; if ($i < $total_fields) $query .= ','; } //Finalzing Query $query .= ")"; */ $the_fields = array(); $total_fields = count($query_field); for ($i = 0; $i < $total_fields; $i++) { $the_fields[$query_field[$i]] = $query_val[$i]; } //exit($query); if (!userid() && !has_access('allow_video_upload', false, false)) { e(lang("you_not_logged_in")); //exit(); } else { $insert_id = file_name_exists($file_name); if (!$insert_id) { //$db->Execute($query); $insert_id = db_insert(tbl('video'), $the_fields); //loggin Upload $log_array = array('success' => 'yes', 'action_obj_id' => $insert_id, 'userid' => $userid, 'details' => "uploaded a video"); insert_log('upload_video', $log_array); $db->update(tbl("users"), array("total_videos"), array("|f|total_videos+1"), " userid='" . $userid . "'"); } } } //Adding Video Feed //addFeed(array('action' => 'upload_video', 'object_id' => $insert_id, 'object' => 'video')); return $insert_id; }