} if (($result = BuckysPrivateMessenger::addUserToBuddylist($userID, $cUserID)) === true) { //Getting New Messenger Lists $newUserHTML = BuckysPrivateMessenger::getUserListHTML($userID); render_result_xml(array('status' => 'success', 'html' => $newUserHTML)); } else { render_result_xml(array('status' => 'error', 'message' => $result)); } exit; } //Remove user from the buddy list if ($_POST['action'] == 'remove-user') { header('Content-type: application/xml'); $cUserID = $_POST['userID']; $cUserIDHash = $_POST['userIDHash']; if (!$cUserID || !$cUserIDHash || !buckys_check_id_encrypted($cUserID, $cUserIDHash)) { render_result_xml(array('status' => 'error', 'message' => MSG_INVALID_REQUEST)); exit; } $userInfo = BuckysUser::getUserBasicInfo($userID); if ($userInfo['messenger_privacy'] == 'all') { $result = BuckysPrivateMessenger::blockUser($userID, $cUserID); if (is_array($result)) { render_result_xml(array('status' => 'success', 'type' => 'block', 'id' => $result['userID'], 'name' => $result['firstName'] . " " . $result['lastName'], 'icon' => BuckysUser::getProfileIcon($result))); } else { render_result_xml(array('status' => 'error', 'message' => $result)); } } else { if (($result = BuckysPrivateMessenger::removeUserFromBuddylist($userID, $cUserID)) === true) { //Getting New Messenger Lists render_result_xml(array('status' => 'success', 'type' => 'remove'));
/** * Save Post * * @param $userID * @param array $data * @return bool|int|null|string */ public static function savePost($userID, $data) { global $db; $now = date('Y-m-d H:i:s'); $type = isset($data['type']) ? $data['type'] : 'text'; if (!in_array($type, ['text', 'image', 'video'])) { $type = 'text'; } $data['pageID'] = isset($data['pageID']) && is_numeric($data['pageID']) ? $data['pageID'] : BuckysPost::INDEPENDENT_POST_PAGE_ID; if ($data['pageID'] != BuckysPost::INDEPENDENT_POST_PAGE_ID && !buckys_check_id_encrypted($data['pageID'], $data['pageIDHash'])) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } if (isset($data['profileID']) && !BuckysFriend::isFriend($userID, $data['profileID'])) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); return false; } if (!isset($data['profileID'])) { $data['profileID'] = 0; } if (!BuckysUsersDailyActivity::checkUserDailyLimit($userID, 'posts')) { buckys_add_message(sprintf(MSG_DAILY_POSTS_LIMIT_EXCEED_ERROR, USER_DAILY_LIMIT_POSTS), MSG_TYPE_ERROR); return false; } if ($type == 'text') { if (trim($data['content']) == '') { buckys_add_message(MSG_CONTENT_IS_EMPTY, MSG_TYPE_ERROR); return false; } // Strip tags, and change url to clickable $data['content'] = strip_tags($data['content']); $newId = $db->insertFromArray(TABLE_POSTS, ['poster' => $userID, 'pageID' => $data['pageID'], 'profileID' => $data['profileID'], 'content' => $data['content'], 'type' => $type, 'youtube_url' => '', 'post_date' => $now, 'visibility' => $data['post_visibility']]); if (!$newId) { buckys_add_message($db->getLastError(), MSG_TYPE_ERROR); return false; } } else { if ($type == 'video') { //Check Youtube URL is Valid or Not if (!buckys_validate_youtube_url($data['youtube_url'])) { buckys_add_message(MSG_INVALID_YOUTUBE_URL, MSG_TYPE_ERROR); return false; } $newId = $db->insertFromArray(TABLE_POSTS, ['poster' => $userID, 'pageID' => $data['pageID'], 'profileID' => $data['profileID'], 'content' => $data['content'], 'type' => $type, 'youtube_url' => $data['youtube_url'], 'post_date' => $now, 'visibility' => $data['post_visibility']]); if (!$newId) { buckys_add_message($db->getLastError(), MSG_TYPE_ERROR); return false; } } else { if ($type == 'image') { $newId = BuckysPost::savePhoto($userID, $data); } } } if (!isset($newId)) { return false; } switch ($type) { case 'image': // No message break; case 'video': buckys_add_message(MSG_NEW_VIDEO_CREATED, MSG_TYPE_SUCCESS); break; case 'text': buckys_add_message(MSG_NEW_POST_CREATED, MSG_TYPE_SUCCESS); break; default: break; } BuckysUsersDailyActivity::addPost($userID); return $newId; }
<?php require dirname(dirname(__FILE__)) . '/includes/bootstrap.php'; if (isset($_POST['action'])) { if ($_POST['action'] == 'thumb-up' || $_POST['action'] == 'thumb-down') { if (!buckys_check_user_acl(USER_ACL_REGISTERED)) { $data = ['status' => 'error', 'message' => MSG_PLEASE_LOGIN_TO_CAST_VOTE]; } else { if (!$_POST['objectID'] || !$_POST['objectIDHash'] || !$_POST['objectType'] || !buckys_check_id_encrypted($_POST['objectID'], $_POST['objectIDHash'])) { $data = ['status' => 'error', 'message' => MSG_INVALID_REQUEST]; } else { if ($_POST['objectType'] == 'topic') { $result = BuckysForumTopic::voteTopic($TNB_GLOBALS['user']['userID'], $_POST['objectID'], $_POST['action'] == 'thumb-up' ? 1 : -1); } else { $result = BuckysForumReply::voteReply($TNB_GLOBALS['user']['userID'], $_POST['objectID'], $_POST['action'] == 'thumb-up' ? 1 : -1); } if (is_int($result)) { $data = ['status' => 'success', 'message' => MSG_THANKS_YOUR_VOTE, 'votes' => ($result > 0 ? "+" : "") . $result]; } else { $data = ['status' => 'error', 'message' => $result]; } } } render_result_xml($data); exit; } } else { if (isset($_GET['action']) && $_GET['action'] == 'delete') { //Delete this topic $userID = buckys_is_logged_in(); $topicID = isset($_GET['id']) ? get_secure_integer($_GET['id']) : null;
if ($_REQUEST['action'] == 'accept') { if (BuckysFriend::accept($userID, $_REQUEST['friendID'])) { buckys_redirect('/myfriends.php?type=requested', MSG_FRIEND_REQUEST_APPROVED); } else { buckys_redirect('/myfriends.php?type=requested', $db->getLastError(), MSG_TYPE_ERROR); } } else { if ($_REQUEST['action'] == 'delete') { if (BuckysFriend::delete($userID, $_REQUEST['friendID'])) { buckys_redirect($return, MSG_FRIEND_REQUEST_REMOVED); } else { buckys_redirect($return, $db->getLastError(), MSG_TYPE_ERROR); } } else { if ($_REQUEST['action'] == 'request') { if (!isset($_REQUEST['friendID']) || !isset($_REQUEST['friendIDHash']) || !buckys_check_id_encrypted($_REQUEST['friendID'], $_REQUEST['friendIDHash'])) { buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } if (!BuckysUser::checkUserID($_REQUEST['friendID'])) { buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } if (BuckysFriend::isFriend($userID, $_REQUEST['friendID'])) { buckys_redirect($return, MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } if (BuckysFriend::isSentFriendRequest($userID, $_REQUEST['friendID'])) { buckys_redirect($return, MSG_FRIEND_REQUEST_ALREADY_SENT, MSG_TYPE_ERROR); } if (BuckysFriend::isSentFriendRequest($_REQUEST['friendID'], $userID)) { buckys_redirect($return, MSG_FRIEND_REQUEST_ALREADY_SENT, MSG_TYPE_ERROR); } if (BuckysFriend::sendFriendRequest($userID, $_REQUEST['friendID'])) {
} //Check the url parameters is correct if (!isset($_GET['id']) || !isset($_GET['idHash']) || !buckys_check_id_encrypted($_GET['id'], $_GET['idHash'])) { buckys_redirect('/moderator.php?type=' . $moderatorType, MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } BuckysModerator::chooseModerator($_GET['id']); buckys_redirect('/moderator.php?type=' . $moderatorType); } //Process Actions if (isset($_POST['action'])) { if ($_POST['action'] == 'apply_candidate') { $newID = BuckysModerator::applyCandidate($userID, $moderatorType, $_POST['moderator_text']); buckys_redirect('/moderator.php?type=' . $moderatorType, MSG_APPLY_JOB_SUCCESSFULLY); } if ($_POST['action'] == 'thumb-up' || $_POST['action'] == 'thumb-down') { if (!$_POST['candidateID'] || !$_POST['candidateIDHash'] || !buckys_check_id_encrypted($_POST['candidateID'], $_POST['candidateIDHash'])) { $data = array('status' => 'error', 'message' => MSG_INVALID_REQUEST); } else { $result = BuckysModerator::voteCandidate($userID, $_POST['candidateID'], $_POST['action'] == 'thumb-up' ? true : false); if (is_int($result)) { $data = array('status' => 'success', 'message' => MSG_THANKS_YOUR_VOTE, 'votes' => ($result > 0 ? "+" : "") . $result); } else { $data = array('status' => 'error', 'message' => $result); } } render_result_xml($data); exit; } } //Get Remaind Date $timeOffset = strtotime('next Monday') - time();
require dirname(__FILE__) . '/includes/bootstrap.php'; $reportTypes = array(); foreach ($BUCKYS_GLOBALS['reportObjectTypes'] as $arr) { $reportTypes = array_merge($arr, $reportTypes); } if (!($userID = buckys_is_logged_in())) { echo MSG_INVALID_REQUEST; exit; } $type = isset($_REQUEST['type']) ? strtolower($_REQUEST['type']) : null; if (!in_array($type, $reportTypes)) { echo MSG_INVALID_REQUEST; exit; } if (isset($_POST['action'])) { if ($_POST['action'] == 'report') { if (!isset($_POST['id']) || !isset($_POST['idHash']) || !buckys_check_id_encrypted($_POST['id'], $_POST['idHash'])) { $data = array('status' => 'error', 'message' => MSG_INVALID_REQUEST); } else { $result = BuckysReport::reportObject($userID, $_POST['id'], $type); if ($result === true) { $data = array('status' => 'success', 'message' => MSG_THANKS_YOUR_REPORT); } else { $data = array('status' => 'error', 'message' => $result); } } render_result_xml($data); exit; } }
require dirname(__FILE__) . '/includes/bootstrap.php'; //Getting Current User ID if (!buckys_check_user_acl(USER_ACL_REGISTERED)) { buckys_redirect('/index.php', MSG_PERMISSION_DENIED, MSG_TYPE_ERROR); } if (isset($_POST['action']) && $_POST['action'] == 'get-users') { $users = BuckysUser::searchUsers($_REQUEST['term'], $userID); $result = []; foreach ($users as $row) { $result[] = ["id" => $row['userID'], 'label' => $row['fullName'], 'value' => $row['fullName'], 'hash' => buckys_encrypt_id($row['userID'])]; } echo json_encode($result); buckys_exit(); } if (isset($_POST['action']) && $_POST['action'] == 'send-money') { if (!isset($_POST['receiverID']) || !isset($_POST['receiverIDHash']) || !isset($_POST['amount']) || !buckys_check_id_encrypted($_POST['receiverID'], $_POST['receiverIDHash'])) { buckys_redirect('/credits.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } $result = BuckysTransaction::sendCredits($_POST['receiverID'], $_POST['amount']); if ($result === true) { buckys_redirect('/credits.php', MSG_SENT_CREDITS_SUCCESSFULLY); } else { buckys_redirect('/credits.php', $result, MSG_TYPE_ERROR); } exit; } $page = isset($_GET['page']) ? $_GET['page'] : 1; $totalCount = BuckysTransaction::getNumOfCreditActivities($userID); //Init Pagination Class $pagination = new Pagination($totalCount, BuckysTransaction::$COUNT_PER_PAGE, $page); $page = $pagination->getCurrentPage();
<?php require dirname(__FILE__) . '/includes/bootstrap.php'; //If the user is not logged in, redirect to the index page if (!($userID = buckys_is_logged_in())) { buckys_redirect('/index.php'); } if (isset($_POST['action']) && $_POST['action'] == 'change_password') { $isValid = true; if (!$_POST['userID'] || !$_POST['userIDHash'] || !buckys_check_id_encrypted($_POST['userID'], $_POST['userIDHash']) || $userID != $_POST['userID']) { buckys_redirect("/index.php"); } if (!$_POST['currentPassword'] || !$_POST['newPassword'] || !$_POST['newPassword2']) { buckys_redirect("/change_password.php", MSG_INVALID_REQUEST, MSG_TYPE_ERROR); $isValid = false; } else { if ($_POST['newPassword'] != $_POST['newPassword2']) { buckys_redirect("/change_password.php", MSG_NOT_MATCH_PASSWORD, MSG_TYPE_ERROR); $isValid = false; } else { if (!buckys_check_password_strength($_POST['newPassword'])) { buckys_redirect("/change_password.php", MSG_NEW_PASSWORD_STRENGTH_ERROR, MSG_TYPE_ERROR); $isValid = false; } } } //Check Current Password $data = BuckysUser::getUserData($userID); if (!$data) { buckys_redirect("/index.php"); }