if ($db->query("INSERT INTO " . table_prefix . "likes SET like_update_id='{$_GET['lid']}', like_user_id='{$current_user->user_id}'")) {
$db->query("UPDATE " . table_prefix . "updates SET update_likes=update_likes+1 WHERE update_id='{$_GET['lid']}'");
} else {
$db->query("DELETE FROM " . table_prefix . "likes WHERE like_update_id='{$_GET['lid']}' AND like_user_id='{$current_user->user_id}'");
$db->query("UPDATE " . table_prefix . "updates SET update_likes=update_likes-1 WHERE update_id='{$_GET['lid']}'");
}
$count = $db->get_var("SELECT COUNT(*) FROM " . table_prefix . "likes WHERE like_update_id='{$_GET['lid']}'");
print $count;
exit;
} elseif (is_numeric($_GET['hid'])) {
$db->query("UPDATE " . table_users . " SET status_excludes=IF(status_excludes!='',CONCAT(status_excludes,'" . ',' . $_GET['hid'] . "'),'" . $_GET['hid'] . "') WHERE user_id='{$current_user->user_id}'");
} elseif (is_numeric($_GET['id'])) {
$sql = "SELECT SQL_CALC_FOUND_ROWS * FROM " . table_prefix . "updates a\r\n\t\t\tLEFT JOIN " . table_prefix . "likes ON like_user_id={$current_user->user_id} AND like_update_id=update_id\r\n\t\t\tLEFT JOIN " . table_friends . " b ON a.update_user_id=b.friend_to\r\n\t\t\tLEFT JOIN " . table_users . " c ON a.update_user_id=c.user_id\r\n\t\t\tWHERE update_id={$_GET['id']}";
$update = $db->get_row($sql);
if ($update->update_id) {
$main_smarty->assign('posttitle', 'Status Update #' . $_GET['id']);
$main_smarty->assign('update', get_object_vars($update));
$main_smarty->assign('settings', get_status_settings());
$main_smarty->assign('current_user', get_object_vars($current_user));
$main_smarty->assign('current_username', '@' . $current_user->user_login);
$main_smarty->assign('tpl_center', '../modules/status/templates/status_permalink');
$main_smarty->display($the_template . '/pligg.tpl');
exit;
}
}
}
if ($_SERVER['HTTP_REFERER']) {
header("Location: " . $_SERVER['HTTP_REFERER']);
} else {
header("Location: " . getmyurl('user2', $current_user->user_login, 'profile'));
}
function status_showpage()
{
global $db, $main_smarty, $the_template;
include_once 'config.php';
include_once mnminclude . 'html1.php';
include_once mnminclude . 'link.php';
include_once mnminclude . 'tags.php';
include_once mnminclude . 'smartyvariables.php';
$main_smarty = do_sidebar($main_smarty);
force_authentication();
$canIhaveAccess = 0;
$canIhaveAccess = $canIhaveAccess + checklevel('admin');
if ($canIhaveAccess == 1) {
if ($_POST['submit']) {
if ($_REQUEST['status_level']) {
$level = join(',', $_REQUEST['status_level']);
}
if ($_REQUEST['status_profile_level']) {
$level1 = join(',', $_REQUEST['status_profile_level']);
}
$_REQUEST = str_replace('"', "'", $_REQUEST);
misc_data_update('status_level', mysql_real_escape_string($level));
misc_data_update('status_profile_level', mysql_real_escape_string($level1));
misc_data_update('status_switch', mysql_real_escape_string($_REQUEST['status_switch']));
misc_data_update('status_allowsearch', mysql_real_escape_string($_REQUEST['status_allowsearch']));
misc_data_update('status_place', mysql_real_escape_string($_REQUEST['status_place']));
misc_data_update('status_pre_format', mysql_real_escape_string($_REQUEST['status_pre_format']));
misc_data_update('status_post_format', mysql_real_escape_string($_REQUEST['status_post_format']));
misc_data_update('status_pre_comment', mysql_real_escape_string($_REQUEST['status_pre_comment']));
misc_data_update('status_post_comment', mysql_real_escape_string($_REQUEST['status_post_comment']));
misc_data_update('status_pre_story', mysql_real_escape_string($_REQUEST['status_pre_story']));
misc_data_update('status_post_story', mysql_real_escape_string($_REQUEST['status_post_story']));
misc_data_update('status_pre_username', mysql_real_escape_string($_REQUEST['status_pre_username']));
misc_data_update('status_post_username', mysql_real_escape_string($_REQUEST['status_post_username']));
misc_data_update('status_pre_search', mysql_real_escape_string($_REQUEST['status_pre_search']));
misc_data_update('status_post_search', mysql_real_escape_string($_REQUEST['status_post_search']));
misc_data_update('status_pre_submit', mysql_real_escape_string($_REQUEST['status_pre_submit']));
misc_data_update('status_post_submit', mysql_real_escape_string($_REQUEST['status_post_submit']));
misc_data_update('status_email', mysql_real_escape_string($_REQUEST['status_email']));
misc_data_update('status_clock', mysql_real_escape_string($_REQUEST['status_clock']));
misc_data_update('status_permalinks', mysql_real_escape_string($_REQUEST['status_permalinks']));
misc_data_update('status_inputonother', mysql_real_escape_string($_REQUEST['status_inputonother']));
misc_data_update('status_show_permalin', mysql_real_escape_string($_REQUEST['status_show_permalinks']));
misc_data_update('status_results', mysql_real_escape_string($_REQUEST['status_results']));
misc_data_update('status_max_chars', mysql_real_escape_string($_REQUEST['status_max_chars']));
misc_data_update('status_avatar', mysql_real_escape_string($_REQUEST['status_avatar']));
misc_data_update('status_groups', mysql_real_escape_string($_REQUEST['status_groups']));
misc_data_update('status_users', mysql_real_escape_string($_REQUEST['status_users']));
misc_data_update('status_user_switch', mysql_real_escape_string($_REQUEST['status_user_switch']));
misc_data_update('status_user_friends', mysql_real_escape_string($_REQUEST['status_user_friends']));
misc_data_update('status_user_story', mysql_real_escape_string($_REQUEST['status_user_story']));
misc_data_update('status_user_comment', mysql_real_escape_string($_REQUEST['status_user_comment']));
misc_data_update('status_user_group', mysql_real_escape_string($_REQUEST['status_user_group']));
misc_data_update('status_user_email', mysql_real_escape_string($_REQUEST['status_user_email']));
$db->query("ALTER TABLE " . table_users . " \r\n\t\t\t\t\tCHANGE `status_switch` `status_switch` TINYINT(1) DEFAULT '" . ($_REQUEST['status_user_switch'] + 0) . "',\r\n\t\t\t\t\tCHANGE `status_friends` `status_friends` TINYINT(1) DEFAULT '" . ($_REQUEST['status_user_friends'] + 0) . "',\r\n\t\t\t\t\tCHANGE `status_story` `status_story` TINYINT(1) DEFAULT '" . ($_REQUEST['status_user_story'] + 0) . "',\r\n\t\t\t\t\tCHANGE `status_comment` `status_comment` TINYINT(1) DEFAULT '" . ($_REQUEST['status_user_comment'] + 0) . "',\r\n\t\t\t\t\tCHANGE `status_group` `status_group` TINYINT(1) DEFAULT '" . ($_REQUEST['status_user_group'] + 0) . "',\r\n\t\t\t\t\tCHANGE `status_email` `status_email` TINYINT(1) DEFAULT '" . ($_REQUEST['status_user_email'] + 0) . "'");
header("Location: " . my_pligg_base . "/module.php?module=status");
die;
}
// breadcrumbs
$main_smarty->assign('navbar_where', $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
// breadcrumbs
define('modulename', 'status');
$main_smarty->assign('modulename', modulename);
define('pagename', 'admin_modifystatus');
$main_smarty->assign('pagename', pagename);
$main_smarty->assign('settings', get_status_settings());
$main_smarty->assign('tpl_center', status_tpl_path . 'status_main');
$main_smarty->display($template_dir . '/admin/admin.tpl');
} else {
header("Location: " . getmyurl('login', $_SERVER['REQUEST_URI']));
}
}
