function joinGroup($group_id, $privacy)
{
global $db, $current_user, $main_smarty, $the_template, $my_base_url, $my_pligg_base;
if (!is_numeric($group_id)) {
die;
}
$privacy = $db->get_var("SELECT group_privacy FROM " . table_groups . " WHERE group_id = {$group_id}");
if ($privacy == '') {
$member_status = 'active';
} else {
$member_status = 'inactive';
}
$sql = "INSERT INTO " . table_group_member . " ( `member_user_id` , `member_group_id`, `member_role`,`member_status` ) VALUES ('" . $current_user->user_id . "', '" . $group_id . "','normal','" . $member_status . "' ) ";
$db->query($sql);
//member count update increase
if (isMemberActive($group_id) == 'active') {
$member_count = get_group_members($group_id);
$member_update = "update " . table_groups . " set group_members = '" . $member_count . "' where group_id = '" . $group_id . "'";
$db->query($member_update);
}
if ($privacy == 'restricted') {
$my_base_url = $my_base_url;
$my_pligg_base = $my_pligg_base;
if (phpnum() == 4) {
require_once 'class.phpmailer4.php';
} else {
require_once 'class.phpmailer5.php';
}
//$site_mail = $main_smarty->get_config_vars('PLIGG_Comment_mail_from');
$from = "*****@*****.**";
$activate = my_base_url . my_pligg_base . "/join_group.php?activate=true&group_id=" . $group_id . "&user_id=" . $current_user->user_id . "";
$inactivate = my_base_url . my_pligg_base . "/join_group.php?activate=false";
$str .= "Hello Admin<br />A new member has requested to join your group.<br/>To activate click link below<br/><a href='" . my_base_url . my_pligg_base . "/join_group.php?activate=true&group_id=" . $group_id . "&user_id=" . $current_user->user_id . "'>Activate</a><br />";
$str .= "To deactivate click link below<br/><a href='" . my_base_url . my_pligg_base . "/join_group.php?activate=false&group_id=" . $group_id . "&user_id=" . $current_user->user_id . "'>Deactivate</a><br />";
$subject = "Request to join group";
$creator_id = get_group_creator($group_id);
$to = get_group_user_email($creator_id);
//$to = $creator_id;
$message = $str;
echo $message . ":" . $to . ":" . $from . ":" . $subject;
$mail = new PHPMailer();
$mail->From = $from;
$mail->FromName = "Administrator";
$mail->AddAddress($to);
$mail->AddReplyTo($from);
$mail->IsHTML(true);
$mail->Subject = $subject;
$mail->Body = $message;
$mail->Send();
}
}
function print_summary($type = 'full', $fetch = false, $link_summary_template = 'link_summary.tpl')
{
global $current_user, $globals, $the_template, $smarty, $ranklist;
// DB 09/03/08
if (!is_numeric($this->id)) {
return false;
}
///
include_once './Smarty.class.php';
$main_smarty = new Smarty();
$main_smarty->compile_check = false;
// enable caching at your own risk. this code is still experimental
//$smarty->cache = true;
$main_smarty->cache_lifetime = 120;
$main_smarty->compile_dir = mnmpath . "cache/templates_c/";
$main_smarty->template_dir = mnmpath . "templates/";
$main_smarty->cache_dir = mnmpath . "cache/";
$main_smarty->config_dir = "";
$main_smarty->assign('pligg_language', pligg_language);
$main_smarty->config_load(lang_loc . "/languages/lang_" . pligg_language . ".conf");
if (phpnum() == 4) {
$main_smarty->force_compile = true;
}
$main_smarty = $this->fill_smarty($main_smarty, $type);
$main_smarty->assign('use_title_as_link', use_title_as_link);
$main_smarty->assign('open_in_new_window', open_in_new_window);
$main_smarty->assign('the_template', The_Template);
include mnminclude . 'extra_fields_smarty.php';
if ($fetch == false) {
$main_smarty->display($the_template . '/' . $link_summary_template, 'story' . $this->id . "|" . $current_user->user_id . "|" . $type);
} else {
return $main_smarty->fetch($the_template . '/' . $link_summary_template, 'story' . $this->id . "|" . $current_user->user_id . "|" . $type);
}
}
function akismet_showpage()
{
global $main_smarty, $the_template, $current_user, $db;
force_authentication();
$canIhaveAccess = 0;
$canIhaveAccess = $canIhaveAccess + checklevel('god');
if ($canIhaveAccess == 1) {
if (phpnum() >= 5) {
include_once akismet_lib_path . 'Akismet.class_5.php';
} else {
include_once akismet_lib_path . 'Akismet.class_4.php';
}
$navwhere['text1'] = 'Akismet';
$navwhere['link1'] = URL_akismet;
define('pagename', 'akismet');
$main_smarty->assign('pagename', pagename);
define('modulename', 'akismet');
$main_smarty->assign('modulename', modulename);
if (isset($_REQUEST['view'])) {
$view = sanitize($_REQUEST['view'], 3);
} else {
$view = '';
}
if ($view == '') {
$wordpress_key = get_misc_data('wordpress_key');
if ($wordpress_key == '') {
header('Location: ' . URL_akismet . '&view=manageKey');
}
$spam_links = get_misc_data('spam_links');
if ($spam_links != '') {
$spam_links = unserialize(get_misc_data('spam_links'));
} else {
$spam_links = array();
}
$main_smarty->assign('spam_links', $spam_links);
$main_smarty->assign('spam_links_count', count($spam_links));
$spam_comments = get_misc_data('spam_comments');
if ($spam_comments != '') {
$spam_comments = unserialize(get_misc_data('spam_comments'));
} else {
$spam_comments = array();
}
$main_smarty->assign('spam_comments', $spam_comments);
$main_smarty->assign('spam_comments_count', count($spam_comments));
$main_smarty = do_sidebar($main_smarty, $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
$main_smarty->assign('tpl_center', akismet_tpl_path . 'main');
$main_smarty->display($template_dir . '/admin/admin.tpl');
}
if ($view == 'manageKey') {
$wordpress_key = get_misc_data('wordpress_key');
$main_smarty->assign('wordpress_key', $wordpress_key);
$main_smarty = do_sidebar($main_smarty, $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
$main_smarty->assign('tpl_center', akismet_tpl_path . 'manageKey');
$main_smarty->display($template_dir . '/admin/admin.tpl');
}
if ($view == 'updateKey') {
if (isset($_REQUEST['key'])) {
$wordpress_key = sanitize($_REQUEST['key'], 3);
} else {
$wordpress_key = '';
}
misc_data_update('wordpress_key', $wordpress_key);
header('Location: ' . URL_akismet);
}
if ($view == 'manageSpam') {
$spam_links = get_misc_data('spam_links');
if ($spam_links != '') {
$spam_links = unserialize(get_misc_data('spam_links'));
} else {
$spam_links = array();
}
if (count($spam_links) > 0) {
$sql = "SELECT " . table_links . ".* FROM " . table_links . " WHERE ";
$sql .= 'link_id IN (' . implode(',', $spam_links) . ')';
$link_data = $db->get_results($sql);
$main_smarty->assign('link_data', object_2_array($link_data));
} else {
header('Location: ' . URL_akismet);
}
$main_smarty = do_sidebar($main_smarty, $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
$main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSpam');
$main_smarty->display($template_dir . '/admin/admin.tpl');
}
if ($view == 'manageSettings') {
$main_smarty = do_sidebar($main_smarty, $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
$main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSettings');
$main_smarty->display($template_dir . '/admin/admin.tpl');
}
/*
if($view == 'isSpam'){
if(isset($_REQUEST['link_id'])){$link_id = sanitize($_REQUEST['link_id'], 3);}else{$link_id='';}
$spam_links = get_misc_data('spam_links');
$spam_links = unserialize(get_misc_data('spam_links'));
unset($spam_links[$link_id]);
misc_data_update('spam_links', serialize($spam_links));
$link = new Link;
$link->id = $link_id;
$link->read(FALSE);
$link->status = 'discard';
$link->store();
header('Location: ' . URL_akismet . '&view=manageSpam');
}
if($view == 'isNotSpam'){
if(isset($_REQUEST['link_id'])){$link_id = sanitize($_REQUEST['link_id'], 3);}else{$link_id='';}
$spam_links = get_misc_data('spam_links');
$spam_links = unserialize(get_misc_data('spam_links'));
unset($spam_links[$link_id]);
misc_data_update('spam_links', serialize($spam_links));
$link = new Link;
$link->id = $link_id;
$link->read(FALSE);
$link->status = 'queued';
$link->store();
header('Location: ' . URL_akismet . '&view=manageSpam');
}
if($view == 'addSpam'){
$spam_links[1] = 1;
misc_data_update('spam_links', serialize($spam_links));
header('Location: ' . URL_akismet . '&view=manageSpam');
}
*/
if ($view == 'manageSpamcomments') {
$spam_comments = get_misc_data('spam_comments');
if ($spam_comments != '') {
$spam_comments = unserialize(get_misc_data('spam_comments'));
} else {
$spam_comments = array();
}
if (count($spam_comments) > 0) {
$sql = "SELECT * FROM " . table_prefix . "spam_comments WHERE ";
$sql .= 'linkid IN (' . implode(',', $spam_comments) . ')';
$link_data = $db->get_results($sql);
$user_cmt = new User();
$user_cmt_link = new Link();
$spam_output .= ' <form name="bulk_moderate" action="' . URL_akismet_isSpamcomment . '&action=bulkmod" method="post">';
$spam_output .= "<table>";
$spam_output .= "<tr><th>Author</th><th>Body</th><th>this is spam</th><th>this is NOT spam</th></tr>";
if ($link_data) {
foreach ($link_data as $spam_cmts) {
$user_cmt->id = $spam_cmts->userid;
$user_cmt->read();
$user_name = $user_cmt->username;
$user_cmt_link->id = $spam_cmts->linkid;
$user_cmt_link->read();
$spam_output .= "<tr>";
$spam_output .= "<td>" . $user_name . "</td>";
$spam_output .= "<td>" . save_text_to_html($spam_cmts->cmt_content) . "</td>";
$spam_output .= '<td><center><input type="radio" name="spamcomment[' . $spam_cmts->auto_id . ']" id="spamcomment-' . $spam_cmts->auto_id . '" value="spamcomment"></center></td>';
$spam_output .= '<td><center><input type="radio" name="spamcomment[' . $spam_cmts->auto_id . ']" id="spamcomment-' . $spam_cmts->auto_id . '" value="notspamcomment"></center></td>';
$spam_output .= "</tr>";
}
}
$spam_output .= "</table>";
$spam_output .= '<p align="right"><input type="submit" name="submit" value="Change Status" class="log2" /></p>';
$spam_output .= "</form>";
$main_smarty->assign('spam_output', $spam_output);
$main_smarty->assign('link_data', object_2_array($link_data));
} else {
header('Location: ' . URL_akismet);
}
$main_smarty = do_sidebar($main_smarty, $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
$main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSpamcomments');
$main_smarty->display($the_template . '/pligg.tpl');
}
if ($view == 'isSpam') {
if ($_GET['action'] == "bulkmod") {
if (isset($_POST['submit'])) {
$spam = array();
foreach ($_POST["spam"] as $k => $v) {
$spam[intval($k)] = $v;
}
foreach ($spam as $key => $value) {
if ($value == "spam") {
if (isset($key)) {
$link_id = sanitize($key, 3);
} else {
$link_id = '';
}
$spam_links = get_misc_data('spam_links');
$spam_links = unserialize(get_misc_data('spam_links'));
$key = array_search($link_id, $spam_links);
unset($spam_links[$key]);
misc_data_update('spam_links', serialize($spam_links));
$link = new Link();
$link->id = $link_id;
$link->read();
$link->status = 'discard';
$link->store();
$user = new User();
$user->id = $link->author;
$user->read();
$akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
$akismet->setCommentAuthor($user->username);
$akismet->setCommentAuthorEmail($user->email);
$akismet->setCommentAuthorURL($link->url);
$akismet->setCommentContent($link->content);
$akismet->setPermalink(getmyurl('story', $link->id));
$akismet->submitSpam();
} elseif ($value == "notspam") {
if (isset($key)) {
$link_id = sanitize($key, 3);
} else {
$link_id = '';
}
$spam_links = get_misc_data('spam_links');
$spam_links = unserialize(get_misc_data('spam_links'));
$key = array_search($link_id, $spam_links);
unset($spam_links[$key]);
misc_data_update('spam_links', serialize($spam_links));
$link = new Link();
$link->id = $link_id;
$link->read(FALSE);
$link->status = 'queued';
$link->store();
$user = new User();
$user->id = $link->author;
$user->read();
$akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
$akismet->setCommentAuthor($user->username);
$akismet->setCommentAuthorEmail($user->email);
$akismet->setCommentAuthorURL($link->url);
$akismet->setCommentContent($link->content);
$akismet->setPermalink(getmyurl('story', $link->id));
$akismet->submitHam();
}
}
}
}
header('Location: ' . URL_akismet . '&view=manageSpam');
}
if ($view == 'isSpamcomment') {
if ($_GET['action'] == "bulkmod") {
if (isset($_POST['submit'])) {
$spamcomment = array();
foreach ($_POST["spamcomment"] as $k => $v) {
$spamcomment[intval($k)] = $v;
}
foreach ($spamcomment as $key => $value) {
if ($value == "spamcomment") {
if (isset($key)) {
$link_id = sanitize($key, 3);
} else {
$link_id = '';
}
global $db;
$spam_comments = get_misc_data('spam_comments');
$spam_comments = unserialize(get_misc_data('spam_comments'));
$key = array_search($link_id, $spam_comments);
unset($spam_comments[$key]);
$sql_result = "Select * from " . table_prefix . "spam_comments where auto_id=" . $link_id;
$result_arr = $db->get_results($sql_result);
if ($result_arr) {
foreach ($result_arr as $result_arr_comments) {
$link = new Link();
$link->id = $result_arr_comments->linkid;
$link->read();
$user = new User();
$user->id = $result_arr_comments->userid;
$user->read();
$akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
$akismet->setCommentAuthor($user->username);
$akismet->setCommentAuthorEmail($user->email);
$akismet->setCommentAuthorURL($link->url);
$akismet->setCommentContent($result_arr_comments->cmt_content);
$akismet->setPermalink(getmyurl('story', $link->id));
$akismet->submitSpam();
}
}
misc_data_update('spam_comments', serialize($spam_comments));
$db->query(' Delete from ' . table_prefix . 'spam_comments where auto_id=' . $link_id);
} elseif ($value == "notspamcomment") {
if (isset($key)) {
$link_id = sanitize($key, 3);
} else {
$link_id = '';
}
global $db;
$spam_comments = get_misc_data('spam_comments');
$spam_comments = unserialize(get_misc_data('spam_comments'));
$key = array_search($link_id, $spam_comments);
unset($spam_comments[$key]);
$sql_result = " Select * from " . table_prefix . "spam_comments where auto_id={$link_id}";
$result_arr = $db->get_results($sql_result);
if ($result_arr) {
foreach ($result_arr as $result_arr_comments) {
$link = new Link();
$link->id = $result_arr_comments->linkid;
$link->read();
$user = new User();
$user->id = $result_arr_comments->userid;
$user->read();
$akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
$akismet->setCommentAuthor($user->username);
$akismet->setCommentAuthorEmail($user->email);
$akismet->setCommentAuthorURL($link->url);
$akismet->setCommentContent($result_arr_comments->cmt_content);
$akismet->setPermalink(getmyurl('story', $link->id));
$akismet->submitHam();
$sql = "INSERT INTO " . table_comments . " (comment_parent, comment_user_id, comment_link_id , comment_date, comment_randkey, comment_content) VALUES ({$result_arr_comments->cmt_parent}, {$result_arr_comments->userid}, {$result_arr_comments->linkid}, now(), '{$result_arr_comments->cmt_rand}', '{$result_arr_comments->cmt_content}')";
$db->query($sql);
}
}
misc_data_update('spam_comments', serialize($spam_comments));
$sql_delete = ' Delete from ' . table_prefix . 'spam_comments where auto_id=' . $link_id;
$db->query($sql_delete);
$link->adjust_comment(1);
$link->store();
}
}
}
header('Location: ' . URL_akismet . '&view=manageSpamcomments');
}
}
}
}
function check_for_enabled_module($name, $version)
{
global $db;
if ($name == 'PHP') {
if (phpnum() == $version) {
return $version;
}
} else {
$sql = 'SELECT `id` FROM ' . table_modules . ' where `folder` = "' . $name . '" and `version` >= ' . $version . ' and `enabled` = 1;';
//echo $sql;
$theId = $db->get_var($sql);
return $theId;
}
}
}
}
}
if ($_POST["processlogin"] == 5 && pligg_validate()) {
// resend confirmation email
$email = sanitize($db->escape(trim($_POST['email'])), 4);
if (check_email($email)) {
$user = $db->get_row("SELECT * FROM `" . table_users . "` where `user_email` = '" . $email . "' AND user_level!='Spammer'");
if ($user) {
$encode = md5($_POST['email'] . $user->karma . $user->username . pligg_hash() . $main_smarty->get_config_vars('PLIGG_Visual_Name'));
$domain = $main_smarty->get_config_vars('PLIGG_Visual_Name');
$validation = my_base_url . my_pligg_base . "/validation.php?code={$encode}&uid=" . urlencode($user->username) . "&email=" . urlencode($_POST['email']);
$str = $main_smarty->get_config_vars('PLIGG_PassEmail_verification_message');
eval('$str = "' . str_replace('"', '\\"', $str) . '";');
$message = "{$str}";
if (phpnum() >= 5) {
require "libs/class.phpmailer5.php";
} else {
require "libs/class.phpmailer4.php";
}
$mail = new PHPMailer();
$mail->From = $main_smarty->get_config_vars('PLIGG_PassEmail_From');
$mail->FromName = $main_smarty->get_config_vars('PLIGG_PassEmail_Name');
$mail->AddAddress($_POST['email']);
$mail->AddReplyTo($main_smarty->get_config_vars('PLIGG_PassEmail_From'));
$mail->IsHTML(false);
$mail->Subject = $main_smarty->get_config_vars('PLIGG_PassEmail_Subject_verification');
$mail->Body = $message;
$mail->CharSet = 'utf-8';
#print_r($mail);
if (!$mail->Send()) {
if ($exists) {
$errors = $main_smarty->get_config_vars('PLIGG_Visual_Group_Title_Exists');
}
}
if (!$errors) {
//to insert a group
$insert_group = "INSERT INTO " . table_groups . " (group_creator, group_status, group_members, group_date, group_safename, group_name, group_description, group_privacy, group_vote_to_publish) VALUES ({$group_author}, '{$group_status}', {$group_members},FROM_UNIXTIME({$group_date}),'{$group_safename}','{$group_name}', '{$group_description}', '{$group_privacy}', '{$group_vote_to_publish}')";
$result = $db->query($insert_group);
//get linkid inserted above
$in_id = $db->get_var("select max(group_id) as group_id from " . table_groups . " ");
//echo 'sdgfdsgds'.$in_id;
//to make group creator a member
$insert_member = "INSERT INTO " . table_group_member . " (`member_user_id` , `member_group_id`, `member_role`) VALUES (" . $group_author . ", " . $in_id . ",'admin' )";
$db->query($insert_member);
if (isset($_POST['group_mailer'])) {
if (phpnum() == 4) {
require_once mnminclude . 'class.phpmailer4.php';
} else {
require_once mnminclude . 'class.phpmailer5.php';
}
if (isset($_POST['group_mailer'])) {
global $db, $current_user;
$names = $_POST['group_mailer'];
$v1 = explode(",", $names);
$name = "";
$user = new User();
$user->id = $current_user->user_id;
$user->read();
$author_email = $user->email;
$username = $user->username;
foreach ($v1 as $t) {
function save_profile()
{
global $user, $current_user, $db, $main_smarty, $CSRF, $canIhaveAccess, $language;
if ($CSRF->check_valid(sanitize($_POST['token'], 3), 'profile_change')) {
if (!isset($_POST['save_profile']) || !$_POST['process'] || !$canIhaveAccess && sanitize($_POST['user_id'], 3) != $current_user->user_id) {
return;
}
if ($user->email != sanitize($_POST['email'], 3)) {
if (!check_email(sanitize($_POST['email'], 3))) {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadEmail");
return $savemsg;
} elseif (email_exists(trim(sanitize($_POST['email'], 3)))) {
// if email already exists
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Error_EmailExists");
return $savemsg;
} else {
if (pligg_validate()) {
$encode = md5($_POST['email'] . $user->karma . $user->username . pligg_hash() . $main_smarty->get_config_vars('PLIGG_Visual_Name'));
$domain = $main_smarty->get_config_vars('PLIGG_Visual_Name');
$validation = my_base_url . my_pligg_base . "/validation.php?code={$encode}&uid=" . urlencode($user->username) . "&email=" . urlencode($_POST['email']);
$str = $main_smarty->get_config_vars('PLIGG_PassEmail_verification_message');
eval('$str = "' . str_replace('"', '\\"', $str) . '";');
$message = "{$str}";
if (phpnum() >= 5) {
require "libs/class.phpmailer5.php";
} else {
require "libs/class.phpmailer4.php";
}
$mail = new PHPMailer();
$mail->From = $main_smarty->get_config_vars('PLIGG_PassEmail_From');
$mail->FromName = $main_smarty->get_config_vars('PLIGG_PassEmail_Name');
$mail->AddAddress($_POST['email']);
$mail->AddReplyTo($main_smarty->get_config_vars('PLIGG_PassEmail_From'));
$mail->IsHTML(false);
$mail->Subject = $main_smarty->get_config_vars('PLIGG_PassEmail_Subject_verification');
$mail->Body = $message;
$mail->CharSet = 'utf-8';
#print_r($mail);
if (!$mail->Send()) {
return false;
}
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Noemail") . ' ' . sprintf($main_smarty->get_config_vars("PLIGG_Visual_Register_ToDo"), $main_smarty->get_config_vars('PLIGG_PassEmail_From'));
} else {
$user->email = sanitize($_POST['email'], 2);
}
}
}
// User settings
if (Allow_User_Change_Templates && file_exists("./templates/" . $_POST['template'] . "/header.tpl")) {
$domain = $_SERVER['HTTP_HOST'] == 'localhost' ? '' : preg_replace('/^www/', '', $_SERVER['HTTP_HOST']);
setcookie("template", $_POST['template'], time() + 60 * 60 * 24 * 30, '/', $domain);
}
$sqlGetiCategory = "SELECT category__auto_id from " . table_categories . " where category__auto_id!= 0;";
$sqlGetiCategoryQ = mysql_query($sqlGetiCategory);
$arr = array();
while ($row = mysql_fetch_array($sqlGetiCategoryQ, MYSQL_NUM)) {
$arr[] = $row[0];
}
$select_check = $_POST['chack'];
if (!$select_check) {
$select_check = array();
}
$diff = array_diff($arr, $select_check);
$select_checked = $db->escape(implode(",", $diff));
$sql = "UPDATE " . table_users . " set user_categories='{$select_checked}' WHERE user_id = '{$user->id}'";
$query = mysql_query($sql);
/////
// Santizie user input
$user->url = sanitize($_POST['url'], 2);
$user->public_email = sanitize($_POST['public_email'], 2);
$user->location = sanitize($_POST['location'], 2);
$user->occupation = sanitize($_POST['occupation'], 2);
$user->facebook = sanitize($_POST['facebook'], 2);
$user->twitter = sanitize($_POST['twitter'], 2);
$user->linkedin = sanitize($_POST['linkedin'], 2);
$user->googleplus = sanitize($_POST['googleplus'], 2);
$user->skype = sanitize($_POST['skype'], 2);
$user->pinterest = sanitize($_POST['pinterest'], 2);
$user->names = sanitize($_POST['names'], 2);
if (user_language) {
$user->language = sanitize($_POST['language'], 2);
}
// Convert user input social URLs to username values
$facebookUrl = $user->facebook;
preg_match("/https?:\\/\\/(www\\.)?facebook\\.com\\/([^\\/]*)/", $facebookUrl, $matches);
if ($matches) {
$user->facebook = $matches[2];
}
$twitterUrl = $user->twitter;
preg_match("/https?:\\/\\/(www\\.)?twitter\\.com\\/(#!\\/)?@?([^\\/]*)/", $twitterUrl, $matches);
if ($matches) {
$user->twitter = $matches[3];
}
$linkedinUrl = $user->linkedin;
preg_match("/https?:\\/\\/(www\\.)?linkedin\\.com\\/in\\/([^\\/]*)/", $linkedinUrl, $matches);
if ($matches) {
$user->linkedin = $matches[2];
}
$googleplusUrl = $user->googleplus;
preg_match("/https?:\\/\\/plus\\.google\\.com\\/([^\\/]*)/", $googleplusUrl, $matches);
if ($matches) {
$user->googleplus = $matches[1];
}
$pinterestUrl = $user->pinterest;
preg_match("/https?:\\/\\/(www\\.)?pinterest\\.com\\/([^\\/]*)/", $pinterestUrl, $matches);
if ($matches) {
$user->pinterest = $matches[2];
}
// module system hook
$vars = '';
check_actions('profile_save', $vars);
/* $avatar_source = sanitize($_POST['avatarsource'], 2);
if($avatar_source != "" && $avatar_source != "useruploaded"){
loghack('Updating profile, avatar source is not one of the list options.', 'username: '******'|email: ' . sanitize($_POST["email"], 3));
$avatar_source == "";
}
$user->avatar_source=$avatar_source;
*/
if ($user->level == "admin" || $user->level == "moderator") {
if ($user->username != sanitize($_POST['user_login'], 3)) {
$user_login = sanitize($_POST['user_login'], 2);
if (preg_match('/\\pL/u', 'a')) {
// Check if PCRE was compiled with UTF-8 support
if (!preg_match('/^[_\\-\\d\\p{L}\\p{M}]+$/iu', $user_login)) {
// if username contains invalid characters
$savemsg = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserInvalid');
return $savemsg;
}
} else {
if (!preg_match('/^[^~`@%&=\\/;:\\.,<>!"\\\'\\^\\.\\[\\]\\$\\(\\)\\|\\*\\+\\-\\?\\{\\}\\\\]+$/', $user_login)) {
$savemsg = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserInvalid');
return $savemsg;
}
}
if (user_exists(trim($user_login))) {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Error_UserExists");
$user->username = $user_login;
return $savemsg;
} else {
$user->username = $user_login;
$saved['username'] = 1;
}
}
}
if (!empty($_POST['newpassword']) || !empty($_POST['newpassword2'])) {
$oldpass = sanitize($_POST['oldpassword'], 2);
$userX = $db->get_row("SELECT user_id, user_pass, user_login FROM " . table_users . " WHERE user_login = '******'");
$saltedpass = generateHash($oldpass, substr($userX->user_pass, 0, SALT_LENGTH));
if ($userX->user_pass == $saltedpass) {
if (sanitize($_POST['newpassword'], 3) !== sanitize($_POST['newpassword2'], 3)) {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadPass");
return $savemsg;
} else {
$saltedpass = generateHash(sanitize($_POST['newpassword'], 3));
$user->pass = $saltedpass;
$saved['pass'] = 1;
}
} else {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadOldPass");
return $savemsg;
}
}
$user->store();
$user->read();
if ($saved['pass'] == 1 || $saved['username'] == 1) {
$current_user->Authenticate($user->username, $user->pass, false, $user->pass);
} else {
$current_user->Authenticate($user->username, $user->pass);
$saved['profile'] = 1;
}
return $saved;
} else {
return 'There was a token error.';
}
}
function akismet_save_comment($x)
{
print_r($x);
echo "this is php version" . phpnum();
}
function akismet_showpage()
{
global $main_smarty, $the_template, $current_user, $db;
force_authentication();
$canIhaveAccess = 0;
$canIhaveAccess = $canIhaveAccess + checklevel('admin');
if ($canIhaveAccess == 1) {
$navwhere['text1'] = 'Akismet';
$navwhere['link1'] = URL_akismet;
define('pagename', 'akismet');
$main_smarty->assign('pagename', pagename);
define('modulename', 'akismet');
$main_smarty->assign('modulename', modulename);
if (isset($_REQUEST['view'])) {
$view = sanitize($_REQUEST['view'], 3);
} else {
$view = '';
}
if ($view == '') {
$wordpress_key = get_misc_data('wordpress_key');
if ($wordpress_key == '') {
header('Location: ' . URL_akismet . '&view=manageKey');
die;
}
$main_smarty->assign('spam_links_count', akismet_get_link_count());
$main_smarty->assign('spam_comments_count', akismet_get_comment_count());
$main_smarty = do_sidebar($main_smarty, $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
$main_smarty->assign('tpl_center', akismet_tpl_path . 'main');
$main_smarty->display($template_dir . '/admin/admin.tpl');
}
if ($view == 'updateKey') {
if ($_REQUEST['key']) {
$wordpress_key = sanitize($_REQUEST['key'], 3);
// Verify key before save
if (phpnum() >= 5) {
include akismet_lib_path . 'Akismet.class_5.php';
$akismet = new Akismet(my_base_url . my_pligg_base, $wordpress_key);
if (!$akismet->isKeyValid()) {
$main_smarty->assign('error', 1);
} else {
misc_data_update('wordpress_key', $wordpress_key);
}
} else {
include akismet_lib_path . 'Akismet.class_4.php';
$akismet = new Akismet(my_base_url . my_pligg_base, $wordpress_key);
if (!$akismet->_isValidApiKey($wordpress_key)) {
$main_smarty->assign('error', 1);
} else {
misc_data_update('wordpress_key', $wordpress_key);
}
}
} else {
$wordpress_key = '';
misc_data_update('wordpress_key', $wordpress_key);
}
$view = 'manageKey';
}
if ($view == 'manageKey') {
$wordpress_key = get_misc_data('wordpress_key');
$main_smarty->assign('wordpress_key', $wordpress_key);
$main_smarty = do_sidebar($main_smarty, $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
$main_smarty->assign('tpl_center', akismet_tpl_path . 'manageKey');
$main_smarty->display($template_dir . '/admin/admin.tpl');
}
if ($view == 'manageSpam') {
$sql = "SELECT " . table_links . ".*, " . table_users . ".user_login FROM " . table_links . " \r\n\t\t\t\t\tLEFT JOIN " . table_users . " ON link_author=user_id \r\n\t\t\t\t\tLEFT JOIN " . table_prefix . "spam_links ON linkid=link_id\r\n\t\t\t\t\tWHERE !ISNULL(linkid)";
$link_data = $db->get_results($sql);
if (sizeof($link_data)) {
$main_smarty->assign('link_data', object_2_array($link_data));
} else {
header("Location: " . my_pligg_base . "/admin/admin_index.php");
// header('Location: ' . URL_akismet);
die;
}
$main_smarty = do_sidebar($main_smarty, $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
$main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSpam');
$main_smarty->display($template_dir . '/admin/admin.tpl');
}
if ($view == 'manageSettings') {
$main_smarty = do_sidebar($main_smarty, $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
$main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSettings');
$main_smarty->display($template_dir . '/admin/admin.tpl');
}
if ($view == 'manageSpamcomments') {
$sql = "SELECT * FROM " . table_prefix . "spam_comments ";
$link_data = $db->get_results($sql);
if (sizeof($link_data)) {
$user_cmt = new User();
$user_cmt_link = new Link();
$spam_output .= ' <form name="bulk_moderate" action="' . URL_akismet_isSpamcomment . '&action=bulkmod" method="post">';
$spam_output .= '<table class="table table-bordered table-striped">';
$spam_output .= "<thead>\r\n\t\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t\t<th>Author</th>\r\n\t\t\t\t\t\t\t\t\t\t<th>Content</th>\r\n\t\t\t\t\t\t\t\t\t\t<th style='width:65px;text-align:center;'><input type='checkbox' name='all1' onclick='mark_all_spam();' style='display:none;'><a onclick='mark_all_spam();' style='cursor:pointer;text-decoration:none;'>Spam</a></th>\r\n\t\t\t\t\t\t\t\t\t\t<th style='width:80px;text-align:center;'><input type='checkbox' name='all2' onclick='mark_all_notspam();' style='display:none;'><a onclick='mark_all_notspam();' style='cursor:pointer;text-decoration:none;'>Not Spam</a></th>\r\n\t\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t\t<tbody>";
foreach ($link_data as $spam_cmts) {
$user_cmt->id = $spam_cmts->userid;
$user_cmt->read();
$user_name = $user_cmt->username;
$user_cmt_link->id = $spam_cmts->linkid;
$user_cmt_link->read();
$spam_output .= "<tr>";
$spam_output .= "\t<td>" . $user_name . "</td>";
$spam_output .= "\t<td><a href='story.php?id=" . ($user_cmt_link->id = $spam_cmts->linkid . "'>" . save_text_to_html($spam_cmts->cmt_content) . "</a></td>");
$spam_output .= ' <td style="text-align:center;"><input type="radio" name="spamcomment[' . $spam_cmts->auto_id . ']" id="spamcomment-' . $spam_cmts->auto_id . '" value="spamcomment"></td>';
$spam_output .= ' <td style="text-align:center;"><input type="radio" name="spamcomment[' . $spam_cmts->auto_id . ']" id="spamcomment-' . $spam_cmts->auto_id . '" value="notspamcomment"></td>';
$spam_output .= "</tr>";
}
$spam_output .= "</tbody></table>";
$spam_output .= '<p align="right" style="margin-top:10px;"><input type="submit" name="submit" value="Apply Changes" class="btn btn-default" /></p>';
$spam_output .= "</form>";
$main_smarty->assign('spam_output', $spam_output);
$main_smarty->assign('link_data', object_2_array($link_data));
} else {
header("Location: " . my_pligg_base . "/admin/admin_index.php");
// header('Location: ' . URL_akismet);
die;
}
$main_smarty = do_sidebar($main_smarty, $navwhere);
$main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
$main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSpamcomments');
$main_smarty->display($template_dir . '/admin/admin.tpl');
}
if (phpnum() >= 5) {
include_once akismet_lib_path . 'Akismet.class_5.php';
} else {
include_once akismet_lib_path . 'Akismet.class_4.php';
}
if ($view == 'isSpam') {
if ($_GET['action'] == "bulkmod") {
if (isset($_POST['submit'])) {
$spam = array();
foreach ($_POST["spam"] as $k => $v) {
$spam[intval($k)] = $v;
}
foreach ($spam as $key => $value) {
if (isset($key)) {
$link_id = sanitize($key, 3);
} else {
continue;
}
$link = new Link();
$link->id = $link_id;
$link->read();
$user = new User();
$user->id = $link->author;
$user->read();
if (phpnum() < 5) {
$comment = array('author' => $user->username, 'email' => $user->email, 'website' => $link->url, 'body' => $link->content, 'permalink' => my_base_url . getmyurl('story', $link->id));
$akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'), $comment);
} else {
$akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
$akismet->setCommentAuthor($user->username);
$akismet->setCommentAuthorEmail($user->email);
$akismet->setCommentAuthorURL($link->url);
$akismet->setCommentContent($link->content);
$akismet->setPermalink(my_base_url . getmyurl('story', $link->id));
}
if ($value == "spam") {
$link->status = 'spam';
$link->store();
killspam($user->id);
$akismet->submitSpam();
} elseif ($value == "notspam") {
$link->status = 'new';
$link->store();
$akismet->submitHam();
}
$db->query("DELETE FROM " . table_prefix . "spam_links WHERE linkid={$link_id}");
}
}
}
header('Location: ' . URL_akismet . '&view=manageSpam');
die;
}
if ($view == 'isSpamcomment') {
if ($_GET['action'] == "bulkmod") {
if (isset($_POST['submit'])) {
$spamcomment = array();
foreach ($_POST["spamcomment"] as $k => $v) {
$spamcomment[intval($k)] = $v;
}
foreach ($spamcomment as $key => $value) {
if (isset($key)) {
$link_id = sanitize($key, 3);
} else {
continue;
}
$sql_result = "Select * from " . table_prefix . "spam_comments where auto_id=" . $link_id;
$result = $db->get_row($sql_result);
#print_r($result);
$link = new Link();
$link->id = $result->linkid;
$link->read();
$user = new User();
$user->id = $result->userid;
$user->read();
#print_r($user);
if (phpnum() < 5) {
$comment = array('author' => $user->username, 'email' => $user->email, 'website' => $link->url, 'body' => $result->cmt_content, 'permalink' => my_base_url . getmyurl('story', $link->id));
$akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'), $comment);
} else {
$akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
$akismet->setCommentAuthor($user->username);
$akismet->setCommentAuthorEmail($user->email);
$akismet->setCommentAuthorURL($link->url);
$akismet->setCommentContent($result->cmt_content);
$akismet->setPermalink(my_base_url . getmyurl('story', $link->id));
}
if ($value == "spamcomment") {
$akismet->submitSpam();
} elseif ($value == "notspamcomment") {
$akismet->submitHam();
$sql = "INSERT INTO " . table_comments . " (comment_parent, comment_user_id, comment_link_id , comment_date, comment_randkey, comment_content) VALUES ('{$result->cmt_parent}', '{$result->userid}', '{$result->linkid}', now(), '{$result->cmt_rand}', '{$result->cmt_content}')";
$db->query($sql);
#print $sql;
}
$link->adjust_comment(1);
$link->store();
$db->query(' Delete from ' . table_prefix . 'spam_comments where auto_id=' . $link_id);
}
}
header('Location: ' . URL_akismet . '&view=manageSpamcomments');
die;
}
}
} else {
header("Location: " . getmyurl('login', $_SERVER['REQUEST_URI']));
die;
}
}
function is_php4()
{
if (phpnum() == 4) {
return true;
}
}
function Create()
{
global $db, $main_smarty, $the_template, $my_base_url, $my_pligg_base;
if ($this->username == '') {
return false;
}
if ($this->pass == '') {
return false;
}
if ($this->email == '') {
return false;
}
if (!user_exists($this->username)) {
$userip = $_SERVER['REMOTE_ADDR'];
$saltedpass = generateHash($this->pass);
$sqlGetiCategory = "SELECT category__auto_id from " . table_categories . " where category__auto_id!= 0;";
$sqlGetiCategoryQ = mysql_query($sqlGetiCategory);
$arr = array();
$i = 0;
while ($row = mysql_fetch_array($sqlGetiCategoryQ, MYSQL_NUM)) {
$arr[$i] = $row['0'];
$i++;
}
$CategoriesId = implode(",", $arr);
if (pligg_validate() == 1) {
if ($db->query("INSERT INTO " . table_users . " (user_login, user_email, user_pass, user_date, user_ip,user_categories) VALUES ('" . $this->username . "', '" . $this->email . "', '" . $saltedpass . "', now(), '" . $userip . "', '" . $CategoriesId . "')")) {
$result = $db->get_row("SELECT user_email, user_pass, user_karma, user_lastlogin FROM " . table_users . " WHERE user_login = '******'");
$encode = md5($this->email . $result->user_karma . $this->username . pligg_hash() . $main_smarty->get_config_vars('PLIGG_Visual_Name'));
$username = $this->username;
$password = $this->pass;
$my_base_url = $my_base_url;
$my_pligg_base = $my_pligg_base;
$domain = $main_smarty->get_config_vars('PLIGG_Visual_Name');
$validation = my_base_url . my_pligg_base . "/validation.php?code={$encode}&uid=" . $this->username;
$str = $main_smarty->get_config_vars('PLIGG_PassEmail_verification_message');
eval("\$str = \"{$str}\";");
$message = "{$str}";
if (phpnum() >= 5) {
require "class.phpmailer5.php";
} else {
require "class.phpmailer4.php";
}
$mail = new PHPMailer();
$mail->From = $main_smarty->get_config_vars('PLIGG_PassEmail_From');
$mail->FromName = "Administrator";
$mail->AddAddress($this->email);
$mail->AddReplyTo($main_smarty->get_config_vars('PLIGG_PassEmail_From'));
$mail->IsHTML(false);
$mail->Subject = $main_smarty->get_config_vars('PLIGG_PassEmail_Subject_verification');
$mail->Body = $message;
if (!$mail->Send()) {
return false;
exit;
}
return true;
} else {
return false;
}
} else {
if ($db->query("INSERT INTO " . table_users . " (user_login, user_email, user_pass, user_date, user_ip, user_lastlogin,user_categories) VALUES ('" . $this->username . "', '" . $this->email . "', '" . $saltedpass . "', now(), '" . $userip . "', now(),'" . $CategoriesId . "')")) {
return true;
} else {
return false;
}
}
} else {
die('User already exists');
}
}
function Create()
{
global $db, $main_smarty, $the_template, $my_base_url, $my_pligg_base;
if ($this->username == '') {
return false;
}
if ($this->pass == '') {
return false;
}
if ($this->email == '') {
return false;
}
if (!user_exists($this->username)) {
require_once mnminclude . 'check_behind_proxy.php';
$userip = check_ip_behind_proxy();
$saltedpass = generateHash($this->pass);
if (pligg_validate()) {
if ($db->query("INSERT IGNORE INTO " . table_users . " (user_login, user_email, user_pass, user_date, user_ip,user_categories) VALUES ('" . $this->username . "', '" . $this->email . "', '" . $saltedpass . "', now(), '" . $userip . "', '')")) {
$result = $db->get_row("SELECT user_email, user_pass, user_karma, user_lastlogin FROM " . table_users . " WHERE user_login = '******'");
$encode = md5($this->email . $result->user_karma . $this->username . pligg_hash() . $main_smarty->get_config_vars('PLIGG_Visual_Name'));
$username = $this->username;
$password = $this->pass;
$my_base_url = $my_base_url;
$my_pligg_base = $my_pligg_base;
$domain = $main_smarty->get_config_vars('PLIGG_Visual_Name');
$validation = my_base_url . my_pligg_base . "/validation.php?code={$encode}&uid=" . $this->username;
$str = $main_smarty->get_config_vars('PLIGG_PassEmail_verification_message');
eval('$str = "' . str_replace('"', '\\"', $str) . '";');
$message = "{$str}";
if (phpnum() >= 5) {
require "class.phpmailer5.php";
} else {
require "class.phpmailer4.php";
}
$mail = new PHPMailer();
$mail->From = $main_smarty->get_config_vars('PLIGG_PassEmail_From');
$mail->FromName = $main_smarty->get_config_vars('PLIGG_PassEmail_Name');
$mail->AddAddress($this->email);
$mail->AddReplyTo($main_smarty->get_config_vars('PLIGG_PassEmail_From'));
$mail->IsHTML(false);
$mail->Subject = $main_smarty->get_config_vars('PLIGG_PassEmail_Subject_verification');
$mail->CharSet = 'utf-8';
$mail->Body = $message;
if (!$mail->Send()) {
return false;
exit;
}
return true;
} else {
return false;
}
} else {
if ($db->query("INSERT IGNORE INTO " . table_users . " (user_login, user_email, user_pass, user_date, user_ip, user_lastlogin,user_categories) VALUES ('" . $this->username . "', '" . $this->email . "', '" . $saltedpass . "', now(), '" . $userip . "', now(),'')")) {
return true;
} else {
return false;
}
}
} else {
die('User already exists');
}
}
//echo $sLang;
$sPath = './languages/' . $sLang . '.php';
if (file_exists($sPath)) {
require $sPath;
} else {
//defualt lang english
require './languages/en.php';
}
//if
//Security check
session_start();
if (!isset($_SESSION['login'])) {
redirect('index.php');
}
//security
if (phpnum() == 5) {
date_default_timezone_set($config['TIME_ZONE']);
}
$sMessage = '';
$cantFiles = 0;
$sPath = '';
if (!isset($_SESSION["path"])) {
$sRootPath = getcwd();
//Obtiene el directorio actual de trabajo.
$_SESSION["path"] = $sRootPath;
$sPath = $sRootPath;
// echo "session path ".$_SESSION["path"];
} else {
$sPath = $_SESSION["path"];
// echo "Path: ".$sPath; //debug
if (isset($_REQUEST["dir"])) {
function save_profile()
{
global $user, $current_user, $db, $main_smarty, $CSRF, $canIhaveAccess, $language;
if ($CSRF->check_valid(sanitize($_POST['token'], 3), 'profile_change')) {
if (!isset($_POST['save_profile']) || !$_POST['process'] || !$canIhaveAccess && sanitize($_POST['user_id'], 3) != $current_user->user_id) {
return;
}
if ($user->email != sanitize($_POST['email'], 3)) {
if (!check_email(sanitize($_POST['email'], 3))) {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadEmail");
return $savemsg;
} elseif (email_exists(trim(sanitize($_POST['email'], 3)))) {
// if email already exists
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Error_EmailExists");
return $savemsg;
} else {
if (pligg_validate()) {
$encode = md5($_POST['email'] . $user->karma . $user->username . pligg_hash() . $main_smarty->get_config_vars('PLIGG_Visual_Name'));
$domain = $main_smarty->get_config_vars('PLIGG_Visual_Name');
$validation = my_base_url . my_pligg_base . "/validation.php?code={$encode}&uid=" . urlencode($user->username) . "&email=" . urlencode($_POST['email']);
$str = $main_smarty->get_config_vars('PLIGG_PassEmail_verification_message');
eval("\$str = \"{$str}\";");
$message = "{$str}";
if (phpnum() >= 5) {
require "libs/class.phpmailer5.php";
} else {
require "libs/class.phpmailer4.php";
}
$mail = new PHPMailer();
$mail->From = $main_smarty->get_config_vars('PLIGG_PassEmail_From');
$mail->FromName = $main_smarty->get_config_vars('PLIGG_PassEmail_Name');
$mail->AddAddress($_POST['email']);
$mail->AddReplyTo($main_smarty->get_config_vars('PLIGG_PassEmail_From'));
$mail->IsHTML(false);
$mail->Subject = $main_smarty->get_config_vars('PLIGG_PassEmail_Subject_verification');
$mail->Body = $message;
$mail->CharSet = 'utf-8';
#print_r($mail);
if (!$mail->Send()) {
return false;
}
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Noemail") . ' ' . sprintf($main_smarty->get_config_vars("PLIGG_Visual_Register_ToDo"), $main_smarty->get_config_vars('PLIGG_PassEmail_From'));
} else {
$user->email = sanitize($_POST['email'], 3);
}
}
}
$user->url = sanitize($_POST['url'], 3);
$user->public_email = sanitize($_POST['public_email'], 3);
$user->location = sanitize($_POST['location'], 3);
$user->occupation = sanitize($_POST['occupation'], 3);
$user->aim = sanitize($_POST['aim'], 3);
$user->msn = sanitize($_POST['msn'], 3);
$user->yahoo = sanitize($_POST['yahoo'], 3);
$user->gtalk = sanitize($_POST['gtalk'], 3);
$user->skype = sanitize($_POST['skype'], 3);
$user->irc = sanitize($_POST['irc'], 3);
$user->names = sanitize($_POST['names'], 3);
if (user_language) {
$user->language = sanitize($_POST['language'], 3);
}
// module system hook
$vars = '';
check_actions('profile_save', $vars);
$avatar_source = sanitize($_POST['avatarsource'], 3);
if ($avatar_source != "" && $avatar_source != "useruploaded") {
loghack('Updating profile, avatar source is not one of the list options.', 'username: '******'|email: ' . sanitize($_POST["email"], 3));
$avatar_source == "";
}
$user->avatar_source = $avatar_source;
if (!empty($_POST['newpassword']) || !empty($_POST['newpassword2'])) {
$oldpass = sanitize($_POST['oldpassword'], 3);
$userX = $db->get_row("SELECT user_id, user_pass, user_login FROM " . table_users . " WHERE user_login = '******'");
$saltedpass = generateHash($oldpass, substr($userX->user_pass, 0, SALT_LENGTH));
if ($userX->user_pass == $saltedpass) {
if (sanitize($_POST['newpassword'], 3) !== sanitize($_POST['newpassword2'], 3)) {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadPass");
return $savemsg;
} else {
$saltedpass = generateHash(sanitize($_POST['newpassword'], 3));
$user->pass = $saltedpass;
$user->store();
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_PassUpdated");
return $savemsg;
}
} else {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadOldPass");
return $savemsg;
}
}
$user->store();
$user->read();
if ($language != $user->language) {
header("Location: " . getmyurl('profile'));
exit;
}
$current_user->Authenticate($user->username, $user->pass);
if (!isset($savemsg)) {
$savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_DataUpdated");
}
return $savemsg;
} else {
return 'There was a token error.';
}
}
function print_summary($type = 'full')
{
global $current_user, $globals, $the_template, $smarty;
include_once './Smarty.class.php';
$smarty = new Smarty();
$smarty->compile_check = false;
// enable caching at your own risk. this code is still experimental
//$smarty->cache = true;
$smarty->cache_lifetime = 120;
$smarty->cache_dir = "templates_c/";
$smarty->compile_dir = "templates_c/";
$smarty->template_dir = "templates/";
$smarty->config_dir = "";
if (!$smarty->is_cached($the_template . '/link_summary.tpl', 'story' . $this->id . "|" . $current_user->user_id . "|" . $type)) {
if (phpnum() == 4) {
$smarty->force_compile = true;
}
$smarty = $this->fill_smarty($smarty, $type);
$smarty->assign('use_title_as_link', use_title_as_link);
$smarty->assign('open_in_new_window', open_in_new_window);
$smarty->assign('use_thumbnails', use_thumbnails);
$smarty->assign('the_template', The_Template);
// this is soooo ugly. we'll fix this for beta 9
$main_smarty = $smarty;
include mnminclude . 'extra_fields_smarty.php';
$smarty = $main_smarty;
}
$smarty->display($the_template . '/link_summary.tpl', 'story' . $this->id . "|" . $current_user->user_id . "|" . $type);
}