function pligg_validate()
{
// returns the value for register validation
$vars = array('validate' => misc_validate);
check_actions('pligg_validate', $vars);
return $vars['validate'];
}
function Logout($url = './')
{
$this->user_login = "";
$this->authenticated = FALSE;
$this->SetIDCookie(0, '');
define('wheretoreturn', $url);
check_actions('logout_success');
//header("Pragma: no-cache");
header("Cache-Control: no-cache, must-revalidate");
header("Location: {$url}");
header("Expires: " . gmdate("r", time() - 3600));
header("ETag: \"logingout" . time() . "\"");
die;
}
function delete_storylink($linkid)
{
if (!is_numeric($linkid)) {
return;
}
$query = "SELECT * FROM " . table_links . " WHERE link_id = '{$linkid}'";
if (!($result = mysql_query($query))) {
error_page(mysql_error());
} else {
$sql_array = mysql_fetch_object($result);
}
# delete the story link
$query = "DELETE FROM " . table_links . " WHERE link_id = '{$linkid}'";
if (!($result = mysql_query($query))) {
error_page(mysql_error());
}
# delete the story comments
$query = "DELETE FROM " . table_comments . " WHERE comment_link_id = '{$linkid}'";
if (!($result = mysql_query($query))) {
error_page(mysql_error());
}
# delete the saved links
$query = "DELETE FROM " . table_saved_links . " WHERE saved_link_id = '{$linkid}'";
if (!($result = mysql_query($query))) {
error_page(mysql_error());
}
# delete the story tags
$query = "DELETE FROM " . table_tags . " WHERE tag_link_id = '{$linkid}'";
if (!($result = mysql_query($query))) {
error_page(mysql_error());
}
# delete the story trackbacks
$query = "DELETE FROM " . table_trackbacks . " WHERE trackback_link_id = '{$linkid}'";
if (!($result = mysql_query($query))) {
error_page(mysql_error());
}
# delete the story votes
$query = "DELETE FROM " . table_votes . " WHERE vote_link_id = '{$linkid}'";
if (!($result = mysql_query($query))) {
error_page(mysql_error());
}
# delete additional categories
$query = "DELETE FROM " . table_additional_categories . " WHERE ac_link_id = '{$linkid}'";
if (!($result = mysql_query($query))) {
error_page(mysql_error());
}
// module system hook
$vars = array('link_id' => $linkid);
check_actions('admin_story_delete', $vars);
}
function insert_vote($user = 0, $value = 10)
{
if (parent::insert_vote($user, $value)) {
$vote = new Vote();
$vote->type = 'links';
$vote->link = $this->id;
if (Voting_Method == 2) {
$this->votes = $vote->rating("!=0");
$this->votecount = $vote->count("!=0");
$this->reports = $this->count_all_votes("<0");
} else {
$this->reports = $this->count_all_votes("<0");
$this->votes = $vote->count() - $this->reports;
}
$this->store_basic();
$this->check_should_publish();
$vars = array('vote' => $this);
check_actions('link_insert_vote_post', $vars);
return true;
}
return false;
}
function delete_comment($key)
{
global $db;
if (!is_numeric($key)) {
return;
}
$link_id = $db->get_var("SELECT comment_link_id FROM `" . table_comments . "` WHERE `comment_id` = " . $key . ";");
$vars = array('comment_id' => $key);
check_actions('comment_deleted', $vars);
$comments = $db->get_results($sql = "SELECT comment_id FROM " . table_comments . " WHERE `comment_parent` = '{$key}'");
foreach ($comments as $comment) {
$vars = array('comment_id' => $comment->comment_id);
check_actions('comment_deleted', $vars);
}
$db->query('DELETE FROM `' . table_comments . '` WHERE `comment_parent` = "' . $key . '"');
$db->query('DELETE FROM `' . table_comments . '` WHERE `comment_id` = "' . $key . '"');
$link = new Link();
$link->id = $link_id;
$link->read();
$link->recalc_comments();
$link->store();
}
function insert_anonymous_comment(&$vars)
{
global $db;
$link_id = $vars['link_id'];
$user_id = $vars['user_id'];
$randkey = $vars['randkey'];
$comment_content = $db->escape($vars['comment_content']);
$a_username = $vars['a_username'];
$a_email = $vars['a_email'];
$a_website = $vars['a_website'];
$sql = "INSERT INTO " . table_comments . " (comment_user_id, comment_link_id, comment_date, comment_randkey, comment_content,`comment_anonymous_username`, `comment_anonymous_email`, `comment_anonymous_website` ) VALUES ({$user_id}, {$link_id}, NOW(), {$randkey}, '{$comment_content}', '{$a_username}','{$a_email}', '{$a_website}')";
$result = $db->query($sql);
// DB 04/15/11
$vars = array('comment' => $db->insert_id);
check_actions('after_comment_submit', $vars);
/////
// DB 12/17/08
$link = new Link();
$link->id = $link_id;
$link->read();
$link->adjust_comment(1);
$link->store();
/////
}
function insert_comment()
{
global $link, $db, $current_user, $main_smarty, $the_template, $story_url;
$main_smarty->assign('TheComment', $_POST['comment_content']);
if ($vars['error'] == true) {
$error = true;
return;
}
require_once mnminclude . 'comment.php';
$comment = new Comment();
$cancontinue = false;
//anonymous comment
$cancontinue_anon = false;
$anon = $_POST['anon'];
$comment->content = sanitize($_POST['comment_content'], 4);
if (strlen($comment->content) > maxCommentLength) {
$main_smarty->assign('url', $_SERVER['REQUEST_URI']);
$main_smarty->assign('tpl_center', $the_template . '/comment_errors');
$main_smarty->display($the_template . '/pligg.tpl');
exit;
}
if (sanitize($_POST['link_id'], 3) == $link->id && $current_user->authenticated && sanitize($_POST['user_id'], 3) == $current_user->user_id && sanitize($_POST['randkey'], 3) > 0) {
if (sanitize($_POST['comment_content'], 4) != '') {
// this is a normal new comment
$cancontinue = true;
}
if (is_array($_POST['reply_comment_content'])) {
// comment replies
foreach ($_POST['reply_comment_content'] as $id => $value) {
if ($id > 0 && $value) {
$comment->content = sanitize($value, 4);
$comment->parent = $id;
$cancontinue = true;
break;
}
}
}
} elseif ($_POST['link_id'] == $link->id && $_POST['randkey'] > 0 && $anon == 1) {
if (strlen($_POST['comment_content']) > 0) {
check_actions('register_check_errors', $vars);
if ($vars['error'] == true) {
$error = true;
} elseif (!$current_user->authenticated) {
$vars = array('link_id' => $link->id, 'randkey' => $_POST['randkey'], 'user_id' => $_POST['user_id'], 'a_email' => $_POST['a_email'], 'a_username' => $_POST['a_username'], 'a_website' => $_POST['a_website'], 'comment_content' => sanitize($_POST['comment_content'], 4));
check_actions('anonymous_comment', $vars);
}
}
}
$parrent_comment_id = sanitize($_POST['parrent_comment_id'], 3);
if ($cancontinue == true) {
$comment->link = $link->id;
if ($parrent_comment_id != 0) {
$comment->parent = $parrent_comment_id;
} else {
$comment->parent = 0;
}
$comment->randkey = sanitize($_POST['randkey'], 3);
$comment->author = sanitize($_POST['user_id'], 3);
$vars = array('comment' => &$comment);
check_actions('story_insert_comment', $vars);
if ($vars['comment']->status) {
$comment->status = $vars['comment']->status;
}
$comment->store();
$vars['comment'] = $comment->id;
check_actions('after_comment_submit', $vars);
$story_url = getmyurl("storyURL", $link->category_safe_names(), urlencode($link->title_url), $link->id);
//$story_url;
header('Location: ' . $story_url . "#comment-reply-" . $comment->id);
die;
}
}
<?php
// The source code packaged with this file is Free Software, Copyright (C) 2005 by
// Ricardo Galli <gallir at uib dot es>.
// It's licensed under the AFFERO GENERAL PUBLIC LICENSE unless stated otherwise.
// You can get copies of the licenses here:
// http://www.affero.org/oagpl.html
// AFFERO GENERAL PUBLIC LICENSE is also included in the file called "COPYING".
include_once 'Smarty.class.php';
$main_smarty = new Smarty();
include_once 'config.php';
include_once mnminclude . 'html1.php';
include_once mnminclude . 'link.php';
include_once mnminclude . 'tags.php';
include_once mnminclude . 'search.php';
include_once mnminclude . 'smartyvariables.php';
// pagename
define('pagename', 'module');
$main_smarty->assign('pagename', pagename);
$vars = '';
check_actions('module_page', $vars);
function insert_vote($user = 0, $value = 10)
{
global $anon_karma;
require_once mnminclude . 'votes.php';
if (!is_numeric($this->id)) {
return false;
}
$vote = new Vote();
$vote->type = 'comments';
$vote->user = $user;
$vote->link = $this->id;
$vote->value = $value;
if ($vote->insert()) {
$vote = new Vote();
$vote->type = 'comments';
$vote->link = $this->id;
$this->votes = $vote->count() - $vote->count('<0');
if (comment_buries_spam > 0 && $vote->count_all("<0") >= comment_buries_spam) {
$this->status = 'discard';
$this->store();
$vars = array('comment_id' => $this->id);
check_actions('comment_spam', $vars);
require_once mnminclude . 'link.php';
$link = new Link();
$link->id = $this->link;
$link->read();
$link->recalc_comments();
$link->store();
}
$vars = array('vote' => $this);
check_actions('comment_insert_vote_post', $vars);
return $vote->sum();
}
return false;
}
echo "\t<category>" . htmlspecialchars($category_name) . "</category>\n";
// Calculate total vote count based on votes-downvotes
$vote_total = $link->votes - $link->reports;
echo "\t<votes>" . $vote_total . "</votes>\n";
echo "\t<upvotes>" . $link->votes . "</upvotes>\n";
echo "\t<downvotes>" . $link->reports . "</downvotes>\n";
echo "\t<guid>" . getmyFullurl("storyURL", $link->category_safe_names($link->category), urlencode($link->title_url), $link->id) . "</guid>\n";
// module system hook
$vars = array('item' => $link);
check_actions('rss_item', $vars);
echo "</item>\n\n";
}
}
// module system hook
$vars = '';
check_actions('rss_end_data', $vars);
do_rss_footer();
function do_rss_header($title)
{
global $last_modified, $dblang, $main_smarty;
header('Content-type: text/xml; charset=utf-8', true);
echo '<?xml version="1.0"?>' . "\n";
echo '<rss xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:media="http://search.yahoo.com/mrss/" xmlns:atom="http://www.w3.org/2005/Atom" version="2.0">' . "\n";
echo '<channel>' . "\n";
echo '<title>' . htmlspecialchars($main_smarty->get_config_vars("PLIGG_Visual_Name")) . ' ' . trim($title) . '</title>' . "\n";
echo '<link>' . my_base_url . my_pligg_base . '</link>' . "\n";
echo '<description>' . $main_smarty->get_config_vars("PLIGG_Visual_RSS_Description") . '</description>' . "\n";
echo '<pubDate>' . date('D, d M Y H:i:s T', $last_modified - misc_timezone * 3600) . '</pubDate>' . "\n";
echo '<language>' . $dblang . '</language>' . "\n";
}
function do_rss_footer()
<?php
include_once 'internal/Smarty.class.php';
$main_smarty = new Smarty();
include 'config.php';
include mnminclude . 'html1.php';
include mnminclude . 'link.php';
include mnminclude . 'smartyvariables.php';
$vars = '';
check_actions('error_404', $vars);
define('pagename', 'error_404');
$main_smarty->assign('pagename', pagename);
// sidebar
$main_smarty = do_sidebar($main_smarty);
// show the template
header("HTTP/1.1 404 Not Found");
$main_smarty->assign('tpl_center', $the_template . '/error_404_center');
$main_smarty->display($the_template . '/pligg.tpl');
exit;
<?php
// The source code packaged with this file is Free Software, Copyright (C) 2005 by
// Ricardo Galli <gallir at uib dot es>.
// It's licensed under the AFFERO GENERAL PUBLIC LICENSE unless stated otherwise.
// You can get copies of the licenses here:
// http://www.affero.org/oagpl.html
// AFFERO GENERAL PUBLIC LICENSE is also included in the file called "COPYING".
include_once 'Smarty.class.php';
$main_smarty = new Smarty();
include 'config.php';
include mnminclude . 'html1.php';
include mnminclude . 'link.php';
include mnminclude . 'smartyvariables.php';
$vars = '';
check_actions('404Error', $vars);
define('pagename', '404');
$main_smarty->assign('pagename', pagename);
// sidebar
$main_smarty = do_sidebar($main_smarty);
// show the template
$main_smarty->assign('tpl_center', '404error');
$main_smarty->display($the_template . '/pligg.tpl');
function insert_comment()
{
global $commentownerid, $link, $db, $current_user, $main_smarty, $the_template;
check_actions('story_edit_comment', $vars);
// Check if is a POST of a comment
if (sanitize($_POST['link_id'], 3) == $link->id && $current_user->authenticated && sanitize($_POST['user_id'], 3) == $current_user->user_id && is_numeric(sanitize($_POST['randkey'], 3)) && sanitize($_POST['randkey'], 3) > 0 && sanitize($_POST['comment_content'], 4) != '') {
require_once mnminclude . 'comment.php';
$comment = new Comment();
$comment->id = $link->commentid;
$comment->read();
$comment->link = $link->id;
$comment->randkey = sanitize($_POST['randkey'], 3);
$comment->author = $commentownerid;
$comment->content = sanitize($_POST['comment_content'], 4);
if (strlen($comment->content) > maxCommentLength) {
$main_smarty->assign('url', $_SERVER['REQUEST_URI']);
$main_smarty->assign('tpl_center', $the_template . '/comment_errors');
$main_smarty->display($the_template . '/pligg.tpl');
exit;
}
$vars['comment'] = $comment->id;
$vars = array('comment' => &$comment);
check_actions('after_comment_edit', $vars);
if ($vars['comment']->status) {
$comment->status = $vars['comment']->status;
}
$comment->store();
header('Location: ' . getmyurl('story', sanitize($_POST['link_id'], 3)));
die;
}
}
foreach ($links as $dblink) {
$link->id = $dblink->link_id;
$cached_links[$dblink->link_id] = $dblink;
$link->read();
$category_name = $db->get_var("SELECT category_name FROM " . table_categories . " WHERE category_id = {$link->category} AND category_lang='{$dblang}'");
$link->content = str_replace("\n", "<br />", $link->content);
$link->content = str_replace("’", "'", $link->content);
$link->content = str_replace("–", "-", $link->content);
$link->content = str_replace("—", "-", $link->content);
$link->content = str_replace("“", "\"", $link->content);
$link->content = str_replace("”", "\"", $link->content);
echo "<item>\n";
echo "\t<title><![CDATA[" . $link->title . "]]></title>\n";
echo "\t<link>" . getmyFullurl("storyURL", $link->category_safe_names($link->category), $link->title_url, $link->id) . "</link>\n";
$vars = array('link' => $link);
check_actions('rss_add_data', $vars);
echo ' <source url="' . getmyFullurl("storyURL", $link->category_safe_names($link->category), $link->title_url, $link->id) . '"><![CDATA[' . $link->title . ']]></source>';
echo "\n\t<description><![CDATA[" . $link->content . " ]]></description>\n";
if (!empty($link_date)) {
echo "\t<pubDate>" . date("r", $link->{$link_date} - misc_timezone * 3600) . "</pubDate>\n";
} else {
echo "\t<pubDate>" . date("r", time() - misc_timezone * 3600) . "</pubDate>\n";
}
echo "\t<author>" . $dblink->user_login . "</author>\n";
echo "\t<category>" . htmlspecialchars($category_name) . "</category>\n";
echo "\t<votes>" . $link->votes . "</votes>\n";
echo "\t<guid>" . getmyFullurl("storyURL", $link->category_safe_names($link->category), $link->title_url, $link->id) . "</guid>\n";
echo "</item>\n\n";
}
}
do_rss_footer();
// code to prevent CSRF
$CSRF->check_expired('admin_users_edit');
// code to prevent CSRF
if ($CSRF->check_valid(sanitize($_GET['token'], 3), 'admin_users_edit')) {
$user = $db->get_row('SELECT * FROM ' . table_users . ' where user_login="******"user"], 3) . '"');
canIChangeUser($user->user_level);
if ($user) {
$userdata = new User();
$userdata->username = $user->user_login;
if (!$userdata->read()) {
echo "Error reading user data.";
die;
}
// module system hook
$vars = '';
check_actions('admin_users_save', $vars);
$userdata->username = trim(sanitize($_GET["login"], 3));
$userdata->level = trim(sanitize($_GET["level"], 3));
$userdata->email = trim(sanitize($_GET["email"], 3));
if ($_GET["password"] && $_GET["password"] == $_GET["password2"]) {
$userdata->pass = $_GET["password"];
}
$userdata->store();
// breadcrumbs and page title
$navwhere['text1'] = $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel');
$navwhere['link1'] = getmyurl('admin', '');
$navwhere['text2'] = $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel_1');
$navwhere['link2'] = my_pligg_base . "/admin/admin_users.php";
$navwhere['text3'] = $main_smarty->get_config_vars('PLIGG_Visual_Breadcrumb_Edit_User_Data_Saved');
$main_smarty->assign('navbar_where', $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
}
// breadcrumbs and page title
$navwhere['text1'] = $main_smarty->get_config_vars('PLIGG_Visual_Breadcrumb_Live');
$navwhere['link1'] = getmyurl('live', '');
$main_smarty->assign('navbar_where', $navwhere);
$main_smarty->assign('posttitle', $main_smarty->get_config_vars('PLIGG_Visual_Breadcrumb_Live'));
$main_smarty->assign('page_header', $main_smarty->get_config_vars('PLIGG_Visual_Breadcrumb_Live'));
$globals['body-args'] = 'onload="start()"';
// misc smarty
$main_smarty->assign('items_to_show', items_to_show);
$main_smarty->assign('showsideleftsidebar', "no");
$main_smarty->assign('showsiderightsidebar', "no");
// pagename
define('pagename', 'live');
$main_smarty->assign('pagename', pagename);
// sidebar
$main_smarty = do_sidebar($main_smarty);
// module system hook
$vars = '';
check_actions('live', $vars);
// misc smarty that has to come after do_sidebar
$main_smarty->assign('body_args', 'onload="start()"');
// restrict access to admins
$canIhaveAccess = 0;
$canIhaveAccess = $canIhaveAccess + checklevel('admin');
$canIhaveAccess = $canIhaveAccess + checklevel('moderator');
$main_smarty->assign('isAdmin', $canIhaveAccess);
// show the template
$main_smarty->assign('tpl_center', $the_template . '/live_center');
$main_smarty->display($the_template . '/pligg.tpl');
$main_smarty->display($the_template . '/functions/live_js.tpl');
function do_sidebar($var_smarty, $navwhere = '')
{
// show the categories in the sidebar
global $db, $dblang, $globals, $the_cats;
if ($navwhere == '') {
global $navwhere;
}
// fix for 'undefined index' errors
if (!isset($navwhere['text4'])) {
$navwhere['text4'] = '';
} else {
$navwhere['text4'] = htmlspecialchars($navwhere['text4']);
}
if (!isset($navwhere['text3'])) {
$navwhere['text3'] = '';
} else {
$navwhere['text3'] = htmlspecialchars($navwhere['text3']);
}
if (!isset($navwhere['text2'])) {
$navwhere['text2'] = '';
} else {
$navwhere['text2'] = htmlspecialchars($navwhere['text2']);
}
if (!isset($navwhere['text1'])) {
$navwhere['text1'] = '';
} else {
$navwhere['text1'] = htmlspecialchars($navwhere['text1']);
}
if (!isset($navwhere['link4'])) {
$navwhere['link4'] = '';
}
if (!isset($navwhere['link3'])) {
$navwhere['link3'] = '';
}
if (!isset($navwhere['link2'])) {
$navwhere['link2'] = '';
}
if (!isset($navwhere['link1'])) {
$navwhere['link1'] = '';
}
$var_smarty->assign('navbar_where', $navwhere);
$var_smarty->assign('body_args', '');
// fix for 'undefined index' errors
$_caching = $var_smarty->cache;
// get the current cache settings
$var_smarty->cache = true;
// cache has to be on otherwise is_cached will always be false
$var_smarty->cache_lifetime = -1;
// lifetime has to be set to something otherwise is_cached will always be false
$thetpl = $var_smarty->get_template_vars('the_template_sidebar_modules') . '/categories.tpl';
// check to see if the category sidebar module is already cached
// if it is, use it
if (isset($_GET['category'])) {
$thecat = sanitize($_GET['category'], 3);
} else {
$thecat = '';
}
if ($var_smarty->is_cached($thetpl, 'sidebar|category|' . $thecat)) {
$var_smarty->assign('cat_array', 'x');
// this is needed. sidebar.tpl won't include the category module if cat_array doesnt have some data
} else {
if (isset($_GET['category'])) {
$thecat = get_cached_category_data('category_safe_name', urlencode(sanitize($_GET['category'], 1)));
$thecat = $thecat->category_name;
}
$var_smarty->assign('UrlMethod', urlmethod);
foreach ($the_cats as $cat) {
if ($cat->category_id == $thecat && $cat->category_lang == $dblang && $cat->category_parent == 0) {
$globals['category_id'] = $cat->category_id;
$globals['category_name'] = $cat->category_name;
}
}
$pos = strrpos($_SERVER["SCRIPT_NAME"], "/");
$script_name = substr($_SERVER["SCRIPT_NAME"], $pos + 1, 100);
$script_name = str_replace(".php", "", $script_name);
include_once 'dbtree.php';
$login_user = $db->escape(sanitize($_COOKIE['mnm_user'], 3));
if ($login_user) {
/////// for user set category----sorojit.
$sqlGeticategory = $db->get_var("SELECT user_categories from " . table_users . " where user_login = '******';");
$array1 = "SELECT * from " . table_categories . " where category__auto_id in ({$sqlGeticategory})";
$result = mysql_query($array1);
$array = array();
while ($row = mysql_fetch_array($result)) {
//print_r($row);
$row[] = $row;
}
$right = array();
$array1 = "SELECT * from " . table_categories . " where category__auto_id in ({$sqlGeticategory}) ORDER BY lft";
$result1 = mysql_query($array1);
while ($row = mysql_fetch_object($result1)) {
$a[] = $row;
}
$result = $a;
$i = 0;
$lastspacer = 0;
// added @ thanks to `parterburn` - http://www.pligg.com/forum/showthread.php?t=4888
foreach ($result as $row) {
if (count($right) > 0) {
// check if we should remove a node from the stack
while ($right[count($right) - 1] < $row->rgt) {
if (array_pop($right) == NULL) {
break;
// We've reached the top of the category chain
}
}
}
$array[$i]['principlecat'] = $row->rgt - $row->lft - 1;
$array[$i]['spacercount'] = count($right);
$array[$i]['lastspacercount'] = $lastspacer;
$array[$i]['spacerdiff'] = abs($lastspacer - count($right));
$array[$i]['auto_id'] = $row->category__auto_id;
$array[$i]['name'] = $row->category_name;
$array[$i]['safename'] = $row->category_safe_name;
if (isset($row->category_color)) {
$array[$i]['color'] = $row->category_color;
}
if (isset($row->category_parent)) {
$array[$i]['parent'] = $row->category_parent;
$array[$i]['parent_name'] = GetCatName($row->category_parent);
$array[$i]['parent_subcat_count'] = GetSubCatCount($row->category_parent);
}
$array[$i]['subcat_count'] = GetSubCatCount($row->category__auto_id);
$lastspacer = count($right);
$i = $i + 1;
$right[] = $row->rgt;
}
///////end of for user set category
$var_smarty->assign('start', 0);
} else {
$array = tree_to_array(0, table_categories);
$var_smarty->assign('start', 1);
}
$var_smarty->assign('lastspacer', 0);
$var_smarty->assign('cat_array', $array);
// use the 'totals' table now
$published_count = get_story_count('published');
$var_smarty->assign('published_count', $published_count);
// $sql = "select *, count(*) as count from " . table_links . ", " . table_categories . " where category_lang='$dblang' and category_id=link_category group by link_category ORDER BY category_name ASC";
// $categorylist = object_2_array($db->get_results($sql));
// $var_smarty->assign('categorylist', $categorylist);
$var_smarty->assign('category_url', getmyurl('maincategory'));
}
$var_smarty->cache = $_caching;
// set cache back to original value
$vars = '';
check_actions('do_sidebar', $vars);
return $var_smarty;
}
function do_submit1()
{
global $db, $main_smarty, $dblang, $the_template, $linkres, $current_user, $Story_Content_Tags_To_Allow;
$linkres = new Link();
$main_smarty->assign('auto_vote', auto_vote);
$main_smarty->assign('Submit_Show_URL_Input', Submit_Show_URL_Input);
$main_smarty->assign('Submit_Require_A_URL', Submit_Require_A_URL);
$main_smarty->assign('link_id', sanitize($_POST['id'], 3));
define('pagename', 'submit');
$main_smarty->assign('pagename', pagename);
$linkres->store();
$linkres->id = sanitize($_POST['id'], 3);
$thecat = get_cached_category_data('category_id', $linkres->category);
$main_smarty->assign('request_category_name', $thecat->category_name);
if (!isset($_POST['summarytext'])) {
$linkres->link_summary = utf8_substr(sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow), 0, StorySummary_ContentTruncate - 1);
$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary));
} else {
$linkres->link_summary = sanitize($_POST['summarytext'], 4, $Story_Content_Tags_To_Allow);
$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary));
if (utf8_strlen($linkres->link_summary) > StorySummary_ContentTruncate) {
loghack('SubmitAStory-SummaryGreaterThanLimit', 'username: '******'|email: ' . sanitize($_POST["email"], 3), true);
$linkres->link_summary = utf8_substr($linkres->link_summary, 0, StorySummary_ContentTruncate - 1);
$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary));
}
}
$sid = $_POST["sid"];
tags_insert_string($sid, $dblang, $linkres->tags);
//$main_smarty->assign('the_story', $linkres->print_summary('full', true));
$main_smarty->assign('tags', $linkres->tags);
if (!empty($linkres->tags)) {
$tags_words = str_replace(",", ", ", $linkres->tags);
$tags_url = urlencode($linkres->tags);
$main_smarty->assign('tags_words', $tags_words);
$main_smarty->assign('tags_url', $tags_url);
}
$main_smarty->assign('submit_url_title', $linkres->url_title);
$main_smarty->assign('submit_id', $linkres->id);
$main_smarty->assign('submit_title', str_replace('"', """, $link_title));
$main_smarty->assign('submit_content', $link_content);
include mnminclude . 'redirector.php';
$x = new redirector($_SERVER['REQUEST_URI']);
//$Sid=$_SESSION['newSid'];
header("Location:" . my_base_url . my_pligg_base . "/story.php?title={$sid}");
$vars = '';
check_actions('do_submit2', $vars);
$_SESSION['step'] = 2;
$main_smarty->display($the_template . '/pligg.tpl');
}
}
$get = array();
foreach ($_GET as $k => $v) {
$get[$k] = stripslashes(htmlentities(strip_tags($v), ENT_QUOTES, 'UTF-8'));
}
$get['return'] = addslashes($get['return']);
$main_smarty->assign('get', $get);
}
$_REQUEST['search'] = str_replace(array(':\\', ':\\', '|'), array('://', ':/', '/'), $_REQUEST['search']);
#$_GET['search'] = $_REQUEST['search'] = sanitize(str_replace(array(':\\',':\\','|'),array('://',':/','/'),$_REQUEST['search']),2);
if ($_REQUEST['search'] == '-') {
$_GET['search'] = $_REQUEST['search'] = '';
}
// module system hook
$vars = '';
check_actions('search_top', $vars);
$search = new Search();
if (isset($_REQUEST['from'])) {
$search->newerthan = sanitize($_REQUEST['from'], 3);
}
if (preg_match('/^\\s*((http[s]?:\\/+)?(www\\.)?([\\w_\\-\\d]+\\.)+\\w{2,4}(\\/[\\w_\\-\\d\\.]+)*\\/?(\\?[^\\s]*)?)\\s*$/i', $_REQUEST['search'], $m)) {
$_REQUEST['url'] = $m[1];
} else {
$search->searchTerm = $db->escape(sanitize($_REQUEST['search']), 3);
}
if (!isset($_REQUEST['search'])) {
$search->orderBy = "link_modified DESC";
}
if (isset($_REQUEST['tag'])) {
$search->searchTerm = sanitize($_REQUEST['search'], 3);
$search->isTag = true;
function save_profile()
{
global $user, $current_user, $db;
if (!isset($_POST['save_profile']) || !isset($_POST['process']) || $_POST['user_id'] != $current_user->user_id) {
return;
}
if (!check_email(cleanit($_POST['email']))) {
echo '<p class="form-error">' . _(PLIGG_Visual_Profile_BadEmail) . '</p>';
} else {
$user->email = cleanit($_POST['email']);
}
$user->url = cleanit($_POST['url']);
$user->public_email = cleanit($_POST['public_email']);
$user->location = cleanit($_POST['location']);
$user->occupation = cleanit($_POST['occupation']);
$user->aim = cleanit($_POST['aim']);
$user->msn = cleanit($_POST['msn']);
$user->yahoo = cleanit($_POST['yahoo']);
$user->gtalk = cleanit($_POST['gtalk']);
$user->skype = cleanit($_POST['skype']);
$user->irc = cleanit($_POST['irc']);
$user->names = cleanit($_POST['names']);
check_actions('profile_save');
$avatar_source = cleanit($_POST['avatarsource']);
if ($avatar_source != "" && $avatar_source != "useruploaded") {
loghack('Updating profile, avatar source is not one of the list options.', 'username: '******'|email: ' . $_POST["email"]);
$avatar_source == "";
}
$user->avatar_source = $avatar_source;
if (!empty($_POST['password']) || !empty($_POST['password2'])) {
$oldpass = $_POST['oldpassword'];
$userX = $db->get_row("SELECT user_id, user_pass, user_login FROM " . table_users . " WHERE user_login = '******'");
$saltedpass = generateHash($oldpass, substr($userX->user_pass, 0, SALT_LENGTH));
if ($userX->user_pass == $saltedpass) {
if ($_POST['password'] !== $_POST['password2']) {
$msg = '<p align=center><span class=error>' . _(PLIGG_Visual_Profile_BadPass) . '</span></p>';
return $msg;
} else {
$user->pass = trim($_POST['password']);
$msg = '<p align=center><span class=error>' . _(PLIGG_Visual_Profile_PassUpdated) . '</span></p>';
}
} else {
$msg = '<p align=center><span class=error>' . PLIGG_Visual_Profile_BadOldPass . '</span></p>';
return $msg;
}
}
$user->store();
$user->read();
$current_user->Authenticate($user->username, $user->pass);
if (!$msg) {
$msg = '<p align=center><span class=error>' . _(PLIGG_Visual_Profile_DataUpdated) . '</span></p>';
}
return $msg;
}
<?php
include_once 'Smarty.class.php';
$main_smarty = new Smarty();
include 'config.php';
include mnminclude . 'html1.php';
include mnminclude . 'link.php';
include mnminclude . 'group.php';
include mnminclude . 'smartyvariables.php';
include_once mnminclude . 'user.php';
global $current_user;
// Reuqest user to login.
if ($current_user->authenticated != TRUE) {
$vars = '';
check_actions('anonymous_story_user_id', $vars);
if ($vars['anonymous_story'] != true) {
force_authentication();
}
}
$main_smarty->assign('tpl_center', $the_template . '/userDataset');
$main_smarty->display($the_template . '/pligg.tpl');
// Ricardo Galli <gallir at uib dot es>.
// It's licensed under the AFFERO GENERAL PUBLIC LICENSE unless stated otherwise.
// You can get copies of the licenses here:
// http://www.affero.org/oagpl.html
// AFFERO GENERAL PUBLIC LICENSE is also included in the file called "COPYING".
include_once 'Smarty.class.php';
$main_smarty = new Smarty();
include 'config.php';
include mnminclude . 'html1.php';
include mnminclude . 'link.php';
include mnminclude . 'tags.php';
include mnminclude . 'search.php';
include mnminclude . 'smartyvariables.php';
// module system hook
$vars = '';
check_actions('upcoming_top', $vars);
// find the name of the current category
if (isset($_REQUEST['category'])) {
$thecat = get_cached_category_data('category_safe_name', sanitize($_REQUEST['category'], 1));
$main_smarty->assign('request_category_name', $thecat->category_name);
$catID = $thecat->category_id;
$thecat = $thecat->category_name;
if (!$thecat) {
header("Location: {$my_pligg_base}/404error.php");
// header("Location: 404error.php");
// $main_smarty->assign('tpl_center', '404error');
// $main_smarty->display($the_template . '/pligg.tpl');
die;
}
$main_smarty->assign('category', $thecat);
}
define('pagename', 'admin_page');
$main_smarty->assign('pagename', pagename);
// read the mysql database to get the pligg version
$sql = "SELECT data FROM " . table_misc_data . " WHERE name = 'pligg_version'";
$pligg_version = $db->get_var($sql);
$main_smarty->assign('version_number', $pligg_version);
global $db;
if (isset($_REQUEST['mode'])) {
$mode = $_REQUEST['mode'];
if (is_numeric($_REQUEST['link_id'])) {
$link_id = $_REQUEST['link_id'];
if ($mode == 'delete' && is_numeric($link_id)) {
$db->query(" delete from " . table_links . " where link_id=" . $link_id);
// module system hook
$vars = array('link_id' => $link_id);
check_actions('admin_story_delete', $vars);
header("Location: " . my_pligg_base . "/admin/admin_page.php");
die;
}
}
}
$sql = " SELECT * from " . table_links . " where link_status='page'";
$page_id = $db->get_results($sql);
if ($page_id) {
foreach ($page_id as $page_results) {
$page_title .= '<tr>
<td>
<a href="' . getmyurl("page", $page_results->link_title_url) . '" title="' . $page_results->link_title . '" target="_blank">' . $page_results->link_title . '</a>
</td>
<td style="text-align:center;">
<a href="' . $my_base_url . $my_pligg_base . '/admin/edit_page.php?link_id=' . $page_results->link_id . '"><img src="' . $my_base_url . $my_pligg_base . '/templates/admin/images/user_edit.gif" alt="' . $main_smarty->get_config_vars("PLIGG_Visual_AdminPanel_Page_Edit") . '" title="' . $main_smarty->get_config_vars("PLIGG_Visual_AdminPanel_Page_Edit") . '" /></a>
$results[$key]['status'] = $friend->get_friend_status($val['user_id']);
} else {
unset($results[$key]);
}
}
$main_smarty->assign('userlist', $results);
}
$main_smarty->assign('search', $keyword);
$main_smarty->assign('page_header', $user->username);
$navwhere['text3'] = $main_smarty->get_config_vars('PLIGG_Visual_Search_SearchResults') . ' ' . $keyword;
$main_smarty->assign('posttitle', $main_smarty->get_config_vars('PLIGG_Visual_Breadcrumb_Profile') . " " . $login . " - " . $main_smarty->get_config_vars('PLIGG_Visual_Search_SearchResults') . ' ' . $keyword);
}
$main_smarty->assign('navbar_where', $navwhere);
// a hook
$vars = '';
check_actions('user_post_views', $vars);
// determine which user page to display
global $db, $main_smarty, $view, $user, $rows, $page_size, $offset;
$the_page = 'profile';
switch ($view) {
case 'history':
// Submitted
do_history();
$main_smarty->assign('user_pagination', do_pages($rows, $page_size, $the_page, true));
break;
case 'published':
do_published();
$main_smarty->assign('user_pagination', do_pages($rows, $page_size, $the_page, true));
break;
case 'shaken':
do_shaken();
} elseif (str_ends_with($url['path'], '/page/1') || str_ends_with($url['path'], '/page/1/')) {
header("HTTP/1.1 301 Moved Permanently");
header("Location: ../" . ($_SERVER['QUERY_STRING'] ? '?' . $_SERVER['QUERY_STRING'] : ''));
exit;
}
include_once 'internal/Smarty.class.php';
$main_smarty = new Smarty();
include 'config.php';
include mnminclude . 'html1.php';
include mnminclude . 'link.php';
include mnminclude . 'tags.php';
include mnminclude . 'search.php';
include mnminclude . 'smartyvariables.php';
// module system hook
$vars = '';
check_actions('index_top', $vars);
// find the name of the current category
if (isset($_REQUEST['category'])) {
$thecat = get_cached_category_data('category_safe_name', sanitize($_REQUEST['category'], 1));
$main_smarty->assign('request_category_name', $thecat->category_name);
$catID = $thecat->category_id;
$thecat = $thecat->category_name;
if (!$thecat) {
header("Location: {$my_pligg_base}/error_404.php");
//$main_smarty->assign('tpl_center', 'error_404_center');
//$main_smarty->display($the_template . '/pligg.tpl');
die;
}
}
// start a new search
$search = new Search();
function save_profile()
{
global $user, $current_user, $db, $main_smarty, $CSRF, $canIhaveAccess, $language;
if ($CSRF->check_valid(sanitize($_POST['token'], 3), 'profile_change')) {
if (!isset($_POST['save_profile']) || !$_POST['process'] || !$canIhaveAccess && sanitize($_POST['user_id'], 3) != $current_user->user_id) {
return;
}
if ($user->email != sanitize($_POST['email'], 3)) {
if (!check_email(sanitize($_POST['email'], 3))) {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadEmail");
return $savemsg;
} elseif (email_exists(trim(sanitize($_POST['email'], 3)))) {
// if email already exists
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Error_EmailExists");
return $savemsg;
} else {
if (pligg_validate()) {
$encode = md5($_POST['email'] . $user->karma . $user->username . pligg_hash() . $main_smarty->get_config_vars('PLIGG_Visual_Name'));
$domain = $main_smarty->get_config_vars('PLIGG_Visual_Name');
$validation = my_base_url . my_pligg_base . "/validation.php?code={$encode}&uid=" . urlencode($user->username) . "&email=" . urlencode($_POST['email']);
$str = $main_smarty->get_config_vars('PLIGG_PassEmail_verification_message');
eval('$str = "' . str_replace('"', '\\"', $str) . '";');
$message = "{$str}";
if (phpnum() >= 5) {
require "libs/class.phpmailer5.php";
} else {
require "libs/class.phpmailer4.php";
}
$mail = new PHPMailer();
$mail->From = $main_smarty->get_config_vars('PLIGG_PassEmail_From');
$mail->FromName = $main_smarty->get_config_vars('PLIGG_PassEmail_Name');
$mail->AddAddress($_POST['email']);
$mail->AddReplyTo($main_smarty->get_config_vars('PLIGG_PassEmail_From'));
$mail->IsHTML(false);
$mail->Subject = $main_smarty->get_config_vars('PLIGG_PassEmail_Subject_verification');
$mail->Body = $message;
$mail->CharSet = 'utf-8';
#print_r($mail);
if (!$mail->Send()) {
return false;
}
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Noemail") . ' ' . sprintf($main_smarty->get_config_vars("PLIGG_Visual_Register_ToDo"), $main_smarty->get_config_vars('PLIGG_PassEmail_From'));
} else {
$user->email = sanitize($_POST['email'], 2);
}
}
}
// User settings
if (Allow_User_Change_Templates && file_exists("./templates/" . $_POST['template'] . "/header.tpl")) {
$domain = $_SERVER['HTTP_HOST'] == 'localhost' ? '' : preg_replace('/^www/', '', $_SERVER['HTTP_HOST']);
setcookie("template", $_POST['template'], time() + 60 * 60 * 24 * 30, '/', $domain);
}
$sqlGetiCategory = "SELECT category__auto_id from " . table_categories . " where category__auto_id!= 0;";
$sqlGetiCategoryQ = mysql_query($sqlGetiCategory);
$arr = array();
while ($row = mysql_fetch_array($sqlGetiCategoryQ, MYSQL_NUM)) {
$arr[] = $row[0];
}
$select_check = $_POST['chack'];
if (!$select_check) {
$select_check = array();
}
$diff = array_diff($arr, $select_check);
$select_checked = $db->escape(implode(",", $diff));
$sql = "UPDATE " . table_users . " set user_categories='{$select_checked}' WHERE user_id = '{$user->id}'";
$query = mysql_query($sql);
/////
// Santizie user input
$user->url = sanitize($_POST['url'], 2);
$user->public_email = sanitize($_POST['public_email'], 2);
$user->location = sanitize($_POST['location'], 2);
$user->occupation = sanitize($_POST['occupation'], 2);
$user->facebook = sanitize($_POST['facebook'], 2);
$user->twitter = sanitize($_POST['twitter'], 2);
$user->linkedin = sanitize($_POST['linkedin'], 2);
$user->googleplus = sanitize($_POST['googleplus'], 2);
$user->skype = sanitize($_POST['skype'], 2);
$user->pinterest = sanitize($_POST['pinterest'], 2);
$user->names = sanitize($_POST['names'], 2);
if (user_language) {
$user->language = sanitize($_POST['language'], 2);
}
// Convert user input social URLs to username values
$facebookUrl = $user->facebook;
preg_match("/https?:\\/\\/(www\\.)?facebook\\.com\\/([^\\/]*)/", $facebookUrl, $matches);
if ($matches) {
$user->facebook = $matches[2];
}
$twitterUrl = $user->twitter;
preg_match("/https?:\\/\\/(www\\.)?twitter\\.com\\/(#!\\/)?@?([^\\/]*)/", $twitterUrl, $matches);
if ($matches) {
$user->twitter = $matches[3];
}
$linkedinUrl = $user->linkedin;
preg_match("/https?:\\/\\/(www\\.)?linkedin\\.com\\/in\\/([^\\/]*)/", $linkedinUrl, $matches);
if ($matches) {
$user->linkedin = $matches[2];
}
$googleplusUrl = $user->googleplus;
preg_match("/https?:\\/\\/plus\\.google\\.com\\/([^\\/]*)/", $googleplusUrl, $matches);
if ($matches) {
$user->googleplus = $matches[1];
}
$pinterestUrl = $user->pinterest;
preg_match("/https?:\\/\\/(www\\.)?pinterest\\.com\\/([^\\/]*)/", $pinterestUrl, $matches);
if ($matches) {
$user->pinterest = $matches[2];
}
// module system hook
$vars = '';
check_actions('profile_save', $vars);
/* $avatar_source = sanitize($_POST['avatarsource'], 2);
if($avatar_source != "" && $avatar_source != "useruploaded"){
loghack('Updating profile, avatar source is not one of the list options.', 'username: '******'|email: ' . sanitize($_POST["email"], 3));
$avatar_source == "";
}
$user->avatar_source=$avatar_source;
*/
if ($user->level == "admin" || $user->level == "moderator") {
if ($user->username != sanitize($_POST['user_login'], 3)) {
$user_login = sanitize($_POST['user_login'], 2);
if (preg_match('/\\pL/u', 'a')) {
// Check if PCRE was compiled with UTF-8 support
if (!preg_match('/^[_\\-\\d\\p{L}\\p{M}]+$/iu', $user_login)) {
// if username contains invalid characters
$savemsg = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserInvalid');
return $savemsg;
}
} else {
if (!preg_match('/^[^~`@%&=\\/;:\\.,<>!"\\\'\\^\\.\\[\\]\\$\\(\\)\\|\\*\\+\\-\\?\\{\\}\\\\]+$/', $user_login)) {
$savemsg = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserInvalid');
return $savemsg;
}
}
if (user_exists(trim($user_login))) {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Error_UserExists");
$user->username = $user_login;
return $savemsg;
} else {
$user->username = $user_login;
$saved['username'] = 1;
}
}
}
if (!empty($_POST['newpassword']) || !empty($_POST['newpassword2'])) {
$oldpass = sanitize($_POST['oldpassword'], 2);
$userX = $db->get_row("SELECT user_id, user_pass, user_login FROM " . table_users . " WHERE user_login = '******'");
$saltedpass = generateHash($oldpass, substr($userX->user_pass, 0, SALT_LENGTH));
if ($userX->user_pass == $saltedpass) {
if (sanitize($_POST['newpassword'], 3) !== sanitize($_POST['newpassword2'], 3)) {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadPass");
return $savemsg;
} else {
$saltedpass = generateHash(sanitize($_POST['newpassword'], 3));
$user->pass = $saltedpass;
$saved['pass'] = 1;
}
} else {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadOldPass");
return $savemsg;
}
}
$user->store();
$user->read();
if ($saved['pass'] == 1 || $saved['username'] == 1) {
$current_user->Authenticate($user->username, $user->pass, false, $user->pass);
} else {
$current_user->Authenticate($user->username, $user->pass);
$saved['profile'] = 1;
}
return $saved;
} else {
return 'There was a token error.';
}
}
header('Location: ' . $my_pligg_base . '/' . $redirectUrl);
}
}
if (isset($_REQUEST['comment_id'])) {
global $db;
$comment_id = $_REQUEST['comment_id'];
if (!is_numeric($comment_id)) {
die;
}
$link_id = $db->get_var("SELECT comment_link_id FROM `" . table_comments . "` WHERE `comment_id` = {$comment_id}");
$vars = array('comment_id' => $comment_id);
check_actions('comment_deleted', $vars);
$db->query('DELETE FROM `' . table_comments . '` WHERE `comment_id` = "' . $comment_id . '"');
$comments = $db->get_results($sql = "SELECT comment_id FROM " . table_comments . " WHERE `comment_parent` = '{$comment_id}'");
foreach ($comments as $comment) {
$vars = array('comment_id' => $comment->comment_id);
check_actions('comment_deleted', $vars);
}
$db->query('DELETE FROM `' . table_comments . '` WHERE `comment_parent` = "' . $comment_id . '"');
$link = new Link();
$link->id = $link_id;
$link->read();
$link->recalc_comments();
$link->store();
$link = '';
if ($_SERVER['HTTP_REFERER'] && strpos($_SERVER['HTTP_REFERER'], $my_base_url . $my_pligg_base) === 0) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
} else {
header('Location: ' . $my_base_url . $my_pligg_base);
}
}
if (pligg_validate() && $user->user_lastlogin == "0000-00-00 00:00:00") {
$errorMsg = $main_smarty->get_config_vars('PLIGG_Visual_Resend_Email') . "<form method='post'>\r\n\t\t\t\t\t\t<div class='input-append notvalidated'>\r\n\t\t\t\t\t\t\t<input type='text' class='col-md-2' name='email'> \r\n\t\t\t\t\t\t\t<input type='submit' class='btn btn-default' value='Send'>\r\n\t\t\t\t\t\t\t<input type='hidden' name='processlogin' value='5'/>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t</form>";
} else {
$errorMsg = $main_smarty->get_config_vars('PLIGG_Visual_Login_Error');
}
} else {
$sql = "DELETE FROM " . table_login_attempts . " WHERE login_ip='{$lastip}' ";
$db->query($sql);
if (strlen(sanitize($_POST['return'], 3)) > 1) {
$return = sanitize($_POST['return'], 3);
} else {
$return = my_pligg_base . '/';
}
define('logindetails', $username . ";" . $password . ";" . $return);
$vars = '';
check_actions('login_success_pre_redirect', $vars);
if (strpos($_SERVER['SERVER_SOFTWARE'], "IIS") && strpos(php_sapi_name(), "cgi") >= 0) {
echo '<SCRIPT LANGUAGE="JavaScript">window.location="' . $return . '";</script>';
echo $main_smarty->get_config_vars('PLIGG_Visual_IIS_Logged_In') . '<a href = "' . $return . '">' . $main_smarty->get_config_vars('PLIGG_Visual_IIS_Continue') . '</a>';
} else {
header('Location: ' . $return);
}
die;
}
}
}
if ($_POST["processlogin"] == 3) {
// if user requests forgotten password
$email = sanitize($db->escape(trim($_POST['email'])), 4);
if (check_email($email)) {
$user = $db->get_row("SELECT * FROM `" . table_users . "` where `user_email` = '" . $email . "' AND user_level!='Spammer'");
function evaluate_formulas()
{
global $db;
$res = $db->get_results("select * from " . table_formulas . " where type = 'report' and enabled = 1;");
if (!$res) {
return;
}
foreach ($res as $formula) {
$reports = $this->count_all_votes("< 0");
$votes = $this->count_all_votes("> 0");
$from = $this->date;
$now = time();
$diff = $now - $from;
$hours = $diff / 3600;
$hours_since_submit = intval($hours * 100) / 100;
$evalthis = 'if (' . $formula->formula . '){return "1";}else{return "0";}';
if (eval($evalthis) == 1 && $this->status != 'spam') {
totals_adjust_count($this->status, -1);
totals_adjust_count('discard', 1);
$this->status = 'discard';
$this->store_basic();
$vars = array('link_id' => $this->id);
check_actions('story_discard', $vars);
}
}
}
function do_submit3()
{
global $db;
$linkres = new Link();
$linkres->id = sanitize($_POST['id'], 3);
if (!is_numeric($linkres->id)) {
die;
}
if (!Submit_Complete_Step2 && $_SESSION['step'] != 2) {
die('Wrong step');
}
$linkres->read();
totals_adjust_count($linkres->status, -1);
totals_adjust_count('queued', 1);
$linkres->status = 'queued';
$vars = array('linkres' => &$linkres);
check_actions('do_submit3', $vars);
if ($vars['linkres']->status == 'discard') {
$vars = array('link_id' => $linkres->id);
check_actions('story_discard', $vars);
} elseif ($vars['linkres']->status == 'spam') {
$vars = array('link_id' => $linkres->id);
check_actions('story_spam', $vars);
}
$linkres->store_basic();
$linkres->check_should_publish();
if (isset($_POST['trackback']) && sanitize($_POST['trackback'], 3) != '') {
require_once mnminclude . 'trackback.php';
$trackres = new Trackback();
$trackres->url = sanitize($_POST['trackback'], 3);
$trackres->link = $linkres->id;
$trackres->title = $linkres->title;
$trackres->author = $linkres->author;
$trackres->content = $linkres->content;
$res = $trackres->send();
}
$vars = array('linkres' => $linkres);
check_actions('submit_pre_redirect', $vars);
if ($vars['redirect']) {
header('Location: ' . $vars['redirect']);
} elseif ($linkres->link_group_id == 0) {
header("Location: " . getmyurl('upcoming'));
} else {
$redirect = getmyurl("group_story", $linkres->link_group_id);
header("Location: {$redirect}");
}
die;
}
