function invitetogroup_submit(Pieform $form, $values)
    global $SESSION, $USER, $group, $user;
    group_invite_user($group, $user->id, $USER, isset($values['role']) ? $values['role'] : null);
    $SESSION->add_ok_msg(get_string('userinvited', 'group'));
Exemple #2
function requestfriendship_submit(Pieform $form, $values)
    global $USER, $SESSION, $id, $goto;
    $loggedinid = $USER->get('id');
    $user = get_record('usr', 'id', $id);
    // friend db record
    $f = new StdClass();
    $f->ctime = db_format_timestamp(time());
    // notification info
    $n = new StdClass();
    $n->url = profile_url($USER, false);
    $n->users = array($user->id);
    $n->fromuser = $loggedinid;
    $lang = get_user_language($user->id);
    $displayname = display_name($USER, $user);
    $n->strings = new stdClass();
    $n->strings->urltext = (object) array('key' => 'Requests');
    $f->owner = $id;
    $f->requester = $loggedinid;
    $f->message = $values['message'];
    insert_record('usr_friend_request', $f);
    $n->subject = get_string_from_language($lang, 'requestedfriendlistsubject', 'group');
    if (isset($values['message']) && !empty($values['message'])) {
        $n->message = get_string_from_language($lang, 'requestedfriendlistmessageexplanation', 'group', $displayname) . $values['message'];
    } else {
        $n->message = get_string_from_language($lang, 'requestedfriendlistinboxmessage', 'group', $displayname);
    require_once 'activity.php';
    activity_occurred('maharamessage', $n);
    handle_event('addfriendrequest', array('requester' => $loggedinid, 'owner' => $id));
    $SESSION->add_ok_msg(get_string('friendformrequestsuccess', 'group', display_name($id)));
Exemple #3
 public static function render_instance(BlockInstance $instance, $editing = false)
     global $USER;
     require_once get_config('docroot') . 'lib/view.php';
     $configdata = $instance->get('configdata');
     // this will make sure to unserialize it for us
     $configdata['viewid'] = $instance->get('view');
     $view = new View($configdata['viewid']);
     $group = $view->get('group');
     $result = '';
     $artefactid = isset($configdata['artefactid']) ? $configdata['artefactid'] : null;
     if ($artefactid) {
         $artefact = $instance->get_artefact_instance($configdata['artefactid']);
         if (!file_exists($artefact->get_path())) {
             return '';
         $urlbase = get_config('wwwroot');
         // edit view doesn't use subdomains, neither do groups
         if (get_config('cleanurls') && get_config('cleanurlusersubdomains') && !$editing && empty($group)) {
             $viewauthor = new User();
             $viewauthorurlid = $viewauthor->get('urlid');
             if ($urlallowed = !is_null($viewauthorurlid) && strlen($viewauthorurlid)) {
                 $urlbase = profile_url($viewauthor) . '/';
         // Send the current language to the pdf viewer
         $language = current_language();
         $language = str_replace('_', '-', substr($language, 0, substr_count($language, '_') > 0 ? 5 : 2));
         if ($language != 'en' && !file_exists(get_config('docroot') . 'artefact/file/blocktype/pdf/js/pdfjs/web/locale/' . $language . '/')) {
             // In case the language file exists as a string with both lower and upper case, eg fr_FR we test for this
             $language = substr($language, 0, 2) . '-' . strtoupper(substr($language, 0, 2));
             if (!file_exists(get_config('docroot') . 'artefact/file/blocktype/pdf/js/pdfjs/web/locale/' . $language . '/')) {
                 // In case we fail to find a language of 5 chars, eg pt_BR (Portugese, Brazil) we try the 'parent' pt (Portugese)
                 $language = substr($language, 0, 2);
                 if ($language != 'en' && !file_exists(get_config('docroot') . 'artefact/file/blocktype/pdf/js/pdfjs/web/locale/' . $language . '/')) {
                     $language = 'en-GB';
         $result = '<iframe src="' . $urlbase . 'artefact/file/blocktype/pdf/viewer.php?editing=' . $editing . '&ingroup=' . !empty($group) . '&file=' . $artefactid . '&lang=' . $language . '&view=' . $instance->get('view') . '" width="100%" height="500" frameborder="0"></iframe>';
         require_once get_config('docroot') . 'artefact/comment/lib.php';
         require_once get_config('docroot') . 'lib/view.php';
         $view = new View($configdata['viewid']);
         list($commentcount, $comments) = ArtefactTypeComment::get_artefact_comments_for_view($artefact, $view, $instance->get('id'), true, $editing);
     $smarty = smarty_core();
     if ($artefactid) {
         $smarty->assign('commentcount', $commentcount);
         $smarty->assign('comments', $comments);
     $smarty->assign('html', $result);
     return $smarty->fetch('blocktype:pdf:pdfrender.tpl');
 * Given a query string and limits, return an array of matching users using the
 * search plugin defined in config.php
 * @param string  The query string
 * @param integer How many results to return
 * @param integer What result to start at (0 == first result)
 * @return array  A data structure containing results looking like ...
 *         $results = array(
 *               count   => integer, // total number of results
 *               limit   => integer, // how many results are returned
 *               offset  => integer, // starting from which result
 *               results => array(   // the result records
 *                   array(
 *                       id            => integer,
 *                       username      => string,
 *                       institution   => string,
 *                       firstname     => string,
 *                       lastname      => string,
 *                       preferredname => string,
 *                       email         => string,
 *                   ),
 *                   array(
 *                       id            => integer,
 *                       username      => string,
 *                       institution   => string,
 *                       firstname     => string,
 *                       lastname      => string,
 *                       preferredname => string,
 *                       email         => string,
 *                   ),
 *                   array(...),
 *               ),
 *           );
function search_user($query_string, $limit, $offset = 0, $data = array())
    $plugin = get_config('searchplugin');
    safe_require('search', $plugin);
    $results = call_static_method(generate_class_name('search', $plugin), 'search_user', $query_string, $limit, $offset, $data);
    if ($results['data']) {
        foreach ($results['data'] as &$result) {
            $result['name'] = display_name($result);
            $result['url'] = profile_url($result);
    return $results;
Exemple #5
 * Notify user (if configured), do the masquerading and emit event. Called when
 * no (further) interaction with the admin is needed before the loginas.
 * @param string $why The masquerading reason (if given) or null.
function do_masquerade($why = null)
    global $USER, $SESSION;
    $id = param_integer('id');
    $who = display_name($USER, $id);
    $when = format_date(time());
    if (get_config('masqueradingnotified')) {
        $msg = (object) array('subject' => get_string('masqueradenotificationsubject', 'admin'), 'message' => $why === null ? get_string('masqueradenotificationnoreason', 'admin', $who, $when) : get_string('masqueradenotificationreason', 'admin', $who, $when, $why), 'users' => array($id), 'url' => profile_url($USER, false), 'urltext' => $who);
        activity_occurred('maharamessage', $msg);
        $SESSION->add_info_msg(get_string('masqueradenotificationdone', 'admin'));
    // Permissions checking is done in here
    handle_event('loginas', array('who' => $who, 'when' => $when, 'reason' => $why));
Exemple #6
function denyrequest_submit(Pieform $form, $values)
    global $USER, $SESSION, $id;
    $loggedinid = $USER->get('id');
    $user = get_record('usr', 'id', $id);
    // friend db record
    $f = new StdClass();
    $f->ctime = db_format_timestamp(time());
    // notification info
    $n = new StdClass();
    $n->url = profile_url($USER, false);
    $n->users = array($user->id);
    $n->fromuser = $USER->get('id');
    $lang = get_user_language($user->id);
    $displayname = display_name($USER, $user);
    $n->urltext = $displayname;
    delete_records('usr_friend_request', 'owner', $loggedinid, 'requester', $id);
    $n->subject = get_string_from_language($lang, 'friendrequestrejectedsubject', 'group');
    if (isset($values['reason']) && !empty($values['reason'])) {
        $n->message = get_string_from_language($lang, 'friendrequestrejectedmessagereason', 'group', $displayname) . $values['reason'];
    } else {
        $n->message = get_string_from_language($lang, 'friendrequestrejectedmessage', 'group', $displayname);
    require_once 'activity.php';
    activity_occurred('maharamessage', $n);
    handle_event('removefriendrequest', array('owner' => $loggedinid, 'requester' => $id));
    $SESSION->add_ok_msg(get_string('friendformrejectsuccess', 'group'));
    $offset = param_integer('offset', 0);
    switch (param_alpha('returnto', 'myfriends')) {
        case 'find':
            $goto = 'user/find.php';
        case 'view':
            $goto = profile_url($user, false);
            $goto = 'user/myfriends.php';
    $goto .= strpos($goto, '?') ? '&offset=' . $offset : '?offset=' . $offset;
    $goto = get_config('wwwroot') . $goto;
Exemple #7
 public function Contacts()
     $time = time() - 60 * 2;
     $sql = "SELECT t.id_user as id, as name, t.lastname as lastname, as company, a.id_company as idcompany, t.connection,\n    IF(t.id_file, t.id_file, a.id_file) as pictureid, IF(t.id_file, f.file, f2.file) as picture, IF(a.id_company = '{$this->MApp->user->company}', 0, 1) as companyu\n    FROM {$this->dbglobal}user as t    \n    LEFT JOIN {$this->dbglobal}company a on t.id_company = a.id_company\n    LEFT JOIN {$this->dbglobal}company_relation cr on t.id_company = cr.id_relation\n    left join {$this->dbglobal}nz_file f on f.id_file = t.id_file\n    left join {$this->dbglobal}nz_file f2 on f2.id_file = a.id_file\n    WHERE t.id_user != '{$this->MApp->user->id}' and = '1' and t.valid = '1' and (cr.id_company = '{$this->MApp->user->company}' OR t.id_company = '{$this->MApp->user->company}' )\n    ORDER BY companyu,,, t.lastname";
     $users = $this->db->query($sql)->result();
     foreach ($users as $key => $user) {
         $user->status = $this->ContactStatus($user->connection);
         $user->opened = round($this->session->userdata('udata-user-chat-' . $user->id));
         $user->size = round($this->session->userdata('udata-user-chat-' . $user->id . '-size'));
         if ($user->pictureid) {
             $users[$key]->picture = profile_url($user->pictureid, $user->picture);
         } else {
             $users[$key]->picture = '';
     return $users;
 public static function getRecordDataById($type, $id)
     $sql = 'SELECT, p1.topic, p1.parent, p1.poster, COALESCE(p1.subject, p2.subject) AS subject, p2.subject,
     p1.body, p1.ctime, p1.deleted, p1.sent, p1.path,
     u.username, u.preferredname, u.firstname, u.lastname, u.profileicon,
     f.title as forumname, as forumid, as groupname, as groupid
     FROM {interaction_forum_post} p1
     LEFT JOIN {interaction_forum_post} p2 ON p2.parent IS NULL AND p2.topic = p1.topic
     LEFT JOIN {usr} u ON = p1.poster
     LEFT JOIN {interaction_forum_topic} ift on p1.topic =
     LEFT JOIN {interaction_instance} f ON = AND f.plugin=\'forum\'
     LEFT JOIN {group} g ON =
     WHERE = ?';
     $record = get_record_sql($sql, array($id));
     if (!$record || $record->deleted) {
         return false;
     $record->body = str_replace(array("\r\n", "\n", "\r"), ' ', strip_tags($record->body));
     $record->ctime = format_date(strtotime($record->ctime));
     $record->authorlink = '<a href="' . profile_url($record->poster) . '" class="forumuser">' . display_name($record->poster, null, true) . '</a>';
     return $record;
Exemple #9
 public static function build_html(&$data, $onview)
     global $USER, $THEME;
     $candelete = $data->canedit || $USER->get('admin');
     $deletedmessage = array();
     foreach (ArtefactTypeAnnotationfeedback::deleted_by_types_description() as $k => $v) {
         $deletedmessage[$k] = get_string($v, 'artefact.annotation');
     $authors = array();
     $lastcomment = self::last_public_annotation_feedback($data->annotation, $data->view, $data->artefact);
     $editableafter = time() - 60 * get_config_plugin('artefact', 'annotation', 'commenteditabletime');
     foreach ($data->data as &$item) {
         $isadminfeedback = $item->admin == 1 || $item->staff == 1 || $item->feedbackinstitutionadmin == 1 || $item->feedbackinstitutionstaff == 1;
         $item->ts = strtotime($item->ctime);
         $item->date = format_date($item->ts, 'strftimedatetime');
         if ($item->ts < strtotime($item->lastcontentupdate)) {
             $item->updated = format_date(strtotime($item->lastcontentupdate), 'strftimedatetime');
         $item->isauthor = $item->author && $item->author == $USER->get('id');
         if ($item->private) {
             $item->pubmessage = get_string('annotationfeedbackisprivate', 'artefact.annotation');
         if (isset($data->showcomment) && $data->showcomment == $item->id) {
             $item->highlight = 1;
         $is_export_preview = param_integer('export', 0);
         if ($item->deletedby) {
             $item->deletedmessage = $deletedmessage[$item->deletedby];
         } else {
             if (($candelete || $item->isauthor) && !$is_export_preview && !$isadminfeedback) {
                 // If the auther was admin/staff and not the owner of the annotation,
                 // the feedback can't be deleted.
                 $item->deleteform = pieform(self::delete_annotation_feedback_form($data->annotation, $data->view, $data->artefact, $data->block, $item->id));
         // Comment authors can edit recent comments if they're private or if no one has replied yet.
         if (!$item->deletedby && $item->isauthor && !$is_export_preview && ($item->private || $item->id == $lastcomment->id) && $item->ts > $editableafter) {
             $item->canedit = 1;
         // Form to make private comment public, or request that a
         // private comment be made public.
         if (!$item->deletedby && $item->private && $item->author && $data->owner && ($item->isauthor || $data->isowner)) {
             if (empty($item->requestpublic) && $data->isowner || $item->isauthor && $item->requestpublic == 'owner' || $data->isowner && $item->requestpublic == 'author') {
                 if (!$is_export_preview) {
                     $item->makepublicform = pieform(self::make_annotation_feedback_public_form($data->annotation, $data->view, $data->artefact, $data->block, $item->id));
             } else {
                 if ($item->isauthor && $item->requestpublic == 'author' || $data->isowner && $item->requestpublic == 'owner') {
                     $item->makepublicrequested = 1;
         } else {
             if (!$item->deletedby && $item->private && !$item->author && $data->owner && $data->isowner && $item->requestpublic == 'author' && !$is_export_preview) {
                 $item->makepublicform = pieform(self::make_annotation_feedback_public_form($data->annotation, $data->view, $data->artefact, $data->block, $item->id));
             } else {
                 if (!$item->deletedby && $item->private && !$data->owner && $item->group && $item->requestpublic == 'author') {
                     // no owner as comment is on a group view / artefact
                     if ($item->isauthor) {
                         $item->makepublicrequested = 1;
                     } else {
                         if ($data->artefact && $data->canedit || $data->view && $data->canedit && !$is_export_preview) {
                             $item->makepublicform = pieform(self::make_annotation_feedback_public_form($data->annotation, $data->view, $data->artefact, $data->block, $item->id));
                         } else {
                             $item->makepublicrequested = 1;
         if ($item->author) {
             if (isset($authors[$item->author])) {
                 $item->author = $authors[$item->author];
             } else {
                 $item->author = $authors[$item->author] = (object) array('id' => $item->author, 'username' => $item->username, 'firstname' => $item->firstname, 'lastname' => $item->lastname, 'preferredname' => $item->preferredname, 'email' => $item->email, 'staff' => $item->staff, 'admin' => $item->admin, 'deleted' => $item->deleted, 'profileicon' => $item->profileicon, 'profileurl' => profile_url($item->author));
     $extradata = array('annotation' => $data->annotation, 'view' => $data->view, 'artefact' => !empty($data->artefact) ? $data->artefact : '', 'blockid' => $data->block);
     $data->jsonscript = 'artefact/annotation/annotations.json.php';
     $data->baseurl = get_config('wwwroot') . 'artefact/artefact.php?' . 'artefact=' . $data->annotation . '&view=' . $data->view . (isset($data->block) ? '&block=' . $data->block : '');
     $smarty = smarty_core();
     $smarty->assign_by_ref('data', $data->data);
     $smarty->assign('canedit', $data->canedit);
     $smarty->assign('viewid', $data->view);
     $smarty->assign('position', $data->position);
     $smarty->assign('baseurl', $data->baseurl);
     $data->tablerows = $smarty->fetch('artefact:annotation:annotationlist.tpl');
     $pagination = build_pagination(array('id' => 'annotationfeedback_pagination_' . $data->block, 'class' => 'center', 'url' => $data->baseurl, 'jsonscript' => $data->jsonscript, 'datatable' => 'annotationfeedbacktable_' . $data->block, 'count' => $data->count, 'limit' => $data->limit, 'offset' => $data->offset, 'forceoffset' => isset($data->forceoffset) ? $data->forceoffset : null, 'resultcounttextsingular' => get_string('annotation', 'artefact.annotation'), 'resultcounttextplural' => get_string('annotations', 'artefact.annotation'), 'extradata' => $extradata));
     $data->pagination = $pagination['html'];
     $data->pagination_js = $pagination['javascript'];
Exemple #10
  * Get all views for a (user,group,institution), grouping views
  * into their collections.  Empty collections not returned.
  * @param mixed   $owner integer userid or array of userids
  * @param mixed   $group integer groupid or array of groupids
  * @param mixed   $institution string institution name or array of institution names
  * @param string  $matchconfig record all matches with given config hash (see set_access)
  * @param boolean $includeprofile include profile view
  * @param integer $submittedgroup return only views & collections submitted to this group
  * @param $string $sort Order to sort by (defaults to ', v.title')
  * @return array, array
 function get_views_and_collections($owner = null, $group = null, $institution = null, $matchconfig = null, $includeprofile = true, $submittedgroup = null, $sort = null)
     $excludelocked = $group && group_user_access($group) != 'admin';
     // Anonymous public viewing of a group with 'Allow submissions' checked needs to avoid including the dummy root profile page.
     if ($owner == '0') {
         $includeprofile = false;
     $sql = "\n            SELECT, v.type, v.title, v.accessconf, v.ownerformat, v.startdate, v.stopdate, v.template,\n                v.owner,, v.institution, v.urlid, v.submittedgroup, v.submittedhost, " . db_format_tsfield('v.submittedtime', 'submittedtime') . ", v.submittedstatus,\n       AS cid, AS cname,\n                c.submittedgroup AS csubmitgroup, c.submittedhost AS csubmithost, " . db_format_tsfield('c.submittedtime', 'csubmittime') . ", c.submittedstatus AS csubmitstatus\n            FROM {view} v\n                LEFT JOIN {collection_view} cv ON = cv.view\n                LEFT JOIN {collection} c ON cv.collection =\n            WHERE  v.type IN ('portfolio'";
     $sql .= $includeprofile ? ", 'profile') " : ') ';
     $sql .= $excludelocked ? 'AND v.locked != 1 ' : '';
     if (is_null($owner) && is_null($group) && is_null($institution)) {
         $values = array();
     } else {
         list($ownersql, $values) = self::multiple_owner_sql((object) array('owner' => $owner, 'group' => $group, 'institution' => $institution));
         $sql .= "AND v.{$ownersql} ";
     if ($submittedgroup) {
         $sql .= 'AND v.submittedgroup = ? ';
         $values[] = (int) $submittedgroup;
     if ($sort == null) {
         $sql .= 'ORDER BY, v.title';
     } else {
         $sql .= "ORDER BY {$sort}";
     $records = get_records_sql_assoc($sql, $values);
     $collections = array();
     $views = array();
     if (!$records) {
         return array($collections, $views);
     self::get_extra_view_info($records, false, false);
     foreach ($records as &$r) {
         $vid = $r['id'];
         $cid = $r['cid'];
         $v = array('id' => $vid, 'type' => $r['type'], 'name' => $r['displaytitle'], 'url' => $r['fullurl'], 'startdate' => $r['startdate'], 'stopdate' => $r['stopdate'], 'template' => $r['template'], 'owner' => $r['owner'], 'submittedgroup' => $r['submittedgroup'], 'submittedhost' => $r['submittedhost'], 'submittedtime' => $r['submittedtime'], 'submittedstatus' => $r['submittedstatus']);
         if (isset($r['user'])) {
             $v['ownername'] = display_name($r['user']);
             $v['ownerurl'] = profile_url($r['user']);
         // If filtering by submitted views, and the view is submitted, but the collection isn't,
         // then ignore the collection and return the view by itself.
         if ($cid && (!$submittedgroup || $r['csubmitgroup'] == $r['submittedgroup'])) {
             if (!isset($collections[$cid])) {
                 $collections[$cid] = array('id' => $cid, 'name' => $r['cname'], 'url' => $r['fullurl'], 'owner' => $r['owner'], 'group' => $r['group'], 'institution' => $r['institution'], 'submittedgroup' => $r['csubmitgroup'], 'submittedhost' => $r['csubmithost'], 'submittedtime' => $r['csubmittime'], 'submittedstatus' => $r['csubmitstatus'], 'template' => $r['template'], 'views' => array());
                 if (isset($r['user'])) {
                     $collections[$cid]['ownername'] = $v['ownername'];
                     $collections[$cid]['ownerurl'] = $v['ownerurl'];
                 if ($matchconfig && $matchconfig == $r['accessconf']) {
                     $collections[$cid]['match'] = true;
             $collections[$cid]['views'][$vid] = $v;
         } else {
             $views[$vid] = $v;
             if ($matchconfig && $matchconfig == $r['accessconf']) {
                 $views[$vid]['match'] = true;
     return array($collections, $views);
 public function get_htmlmessage($user)
     $viewtitle = hsc($this->view->get('title'));
     $reportername = hsc(display_default_name($this->reporter));
     $reporterurl = profile_url($this->reporter);
     $ctime = strftime(get_string_from_language($user->lang, 'strftimedaydatetime'), $this->ctime);
     $message = hsc($this->message);
     if (empty($this->artefact)) {
         return get_string_from_language($user->lang, 'objectionablecontentviewhtml', 'activity', $viewtitle, $reportername, $ctime, $message, $this->view->get_url(), $viewtitle, $reporterurl, $reportername);
     } else {
         return get_string_from_language($user->lang, 'objectionablecontentviewartefacthtml', 'activity', $viewtitle, hsc($this->artefact->get('title')), $reportername, $ctime, $message, $this->view->get_url(), $viewtitle, $reporterurl, $reportername);
Exemple #12
define('PUBLIC', 1);
require dirname(dirname(dirname(dirname(dirname(__FILE__))))) . '/init.php';
require_once get_config('docroot') . '/artefact/lib.php';
$fileid = param_integer('file');
$viewid = param_integer('view');
$editing = param_boolean('editing', false);
$ingroup = param_boolean('ingroup', false);
if (!artefact_in_view($fileid, $viewid)) {
    throw new AccessDeniedException('');
if (!can_view_view($viewid)) {
    throw new AccessDeniedException('');
$file = artefact_instance_from_id($fileid);
if (!$file instanceof ArtefactTypeFile) {
    throw new NotFoundException();
$urlbase = get_config('wwwroot');
if (get_config('cleanurls') && get_config('cleanurlusersubdomains') && !$editing && !$ingroup) {
    $view = new View($viewid);
    $viewauthor = new User();
    $viewauthorurlid = $viewauthor->get('urlid');
    if ($urlallowed = !is_null($viewauthorurlid) && strlen($viewauthorurlid)) {
        $urlbase = profile_url($viewauthor) . '/';
$smarty = smarty();
$smarty->assign('url', $urlbase . 'artefact/file/download.php?file=' . $fileid . '&view=' . $viewid);
$smarty->assign('title', $file->get('title'));
Exemple #13
 * Given a list of artefact ids, return a name and url for the thing that
 * owns each artefact, suitable for display.
 * @param array $ids list of artefact ids
 * @return array list of StdClass objects, each containing a name & url property
function artefact_get_owner_info($ids)
    $data = get_records_sql_assoc('
   AS aid, a.owner,, a.institution,
  , u.username, u.firstname, u.lastname, u.preferredname,, u.urlid,
   AS groupname, g.urlid as groupurlid,
            {artefact} a
            LEFT JOIN {usr} u ON a.owner =
            LEFT JOIN {group} g ON =
            LEFT JOIN {institution} i ON a.institution =
   IN (' . join(',', array_fill(0, count($ids), '?')) . ')', $ids);
    $wwwroot = get_config('wwwroot');
    foreach ($data as &$d) {
        if ($d->institution == 'mahara') {
            $name = get_config('sitename');
            $url = $wwwroot;
        } else {
            if ($d->institution) {
                $name = $d->displayname;
                $url = $wwwroot . 'institution/index.php?institution=' . $d->institution;
            } else {
                if ($d->group) {
                    $name = $d->groupname;
                    $url = group_homepage_url((object) array('id' => $d->group, 'urlid' => $d->groupurlid));
                } else {
                    $name = display_name($d);
                    $url = profile_url($d);
        $d = (object) array('name' => $name, 'url' => $url);
    return $data;
Exemple #14
                        $template->assign_block_vars('switch_no_members', array());
                    // No group members
                    if ($group_info['group_type'] == GROUP_HIDDEN && !$is_group_member && !$is_moderator) {
                        $template->assign_block_vars('switch_hidden_group', array());
                    // Pending
                    if ($is_moderator) {
                        $modgroup_pending_list = DB()->fetch_rowset("\n\t\t\t\t\tSELECT u.username, u.avatar_ext_id, u.user_rank, u.user_id, u.user_opt, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email\n\t\t\t\t\tFROM " . BB_USER_GROUP . " ug, " . BB_USERS . " u\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND ug.user_pending = 1\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\tORDER BY u.username\n\t\t\t\t\tLIMIT 200\n\t\t\t\t");
                        $modgroup_pending_count = count($modgroup_pending_list);
                    if ($is_moderator && $modgroup_pending_list) {
                        foreach ($modgroup_pending_list as $i => $member) {
                            $user_id = $member['user_id'];
                            generate_user_info($member, $bb_cfg['default_dateformat'], $is_moderator, $from, $posts, $joined, $pm, $email, $www, $user_time, $avatar);
                            $row_class = !($i % 2) ? 'row1' : 'row2';
                            $user_select = '<input type="checkbox" name="member[]" value="' . $user_id . '">';
                            $template->assign_block_vars('pending', array('ROW_CLASS' => $row_class, 'AVATAR_IMG' => $avatar, 'USER' => profile_url($member), 'FROM' => $from, 'JOINED' => $joined, 'POSTS' => $posts, 'USER_ID' => $user_id, 'PM' => $pm, 'EMAIL' => $email));
                        $template->assign_vars(array('PENDING_USERS' => true));
                    $template->assign_vars(array('MEMBERS' => true));
            if ($is_moderator) {
                $template->assign_block_vars('switch_mod_option', array());
                $template->assign_block_vars('switch_add_member', array());
Exemple #15
  * Returns data about available skins. Tightly coupled with view/skin.php, which uses it to
  * display the skins picker
  * @param int $limit
  * @param int $offset
  * @param string $filter Should be: all, public, user, or site
  * @return object
 public static function get_myskins_data($limit = 9, $offset = 0, $filter = 'all')
     global $USER;
     $userid = $USER->get('id');
     $owner = null;
     $favorites = get_field('skin_favorites', 'favorites', 'user', $userid);
     $favorites = unserialize($favorites);
     if (!is_array($favorites)) {
         $favorites = array();
     $sort = 'title, id';
     $cols = 'id, title, description, owner, type, ctime, mtime';
     switch ($filter) {
         case 'public':
             $count = count_records('skin', 'type', 'public');
             $skindata = get_records_array('skin', 'type', 'public', $sort, $cols, $offset, $limit);
         case 'user':
             $count = count_records_select('skin', 'owner = ? and type != ?', array($userid, 'site'));
             $skindata = get_records_select_array('skin', 'owner = ? and type != ?', array($userid, 'site'), $sort, $cols, $offset, $limit);
         case 'site':
             $count = count_records('skin', 'type', 'site');
             $skindata = get_records_array('skin', 'type', 'site', $sort, $cols, $offset, $limit);
             $count = count_records_select('skin', 'owner = ? or type in (?, ?)', array($userid, 'site', 'public'));
             $skindata = get_records_select_array('skin', 'owner = ? or type in (?, ?)', array($userid, 'site', 'public'), $sort, $cols, $offset, $limit);
     $data = array();
     if ($skindata) {
         for ($i = 0; $i < count($skindata); $i++) {
             $skinobj = new Skin(0, $skindata[$i]);
             $index[$skindata[$i]->id] = $i;
             $data[$i]['id'] = $skindata[$i]->id;
             $data[$i]['title'] = $skindata[$i]->title;
             $data[$i]['owner'] = $skindata[$i]->owner;
             $data[$i]['type'] = $skindata[$i]->type;
             if ($skinobj->can_edit()) {
                 $data[$i]['removable'] = true;
                 $data[$i]['editable'] = true;
             if (in_array($skindata[$i]->id, $favorites)) {
                 $data[$i]['favorite'] = true;
             } else {
                 $data[$i]['favorite'] = false;
             $owner = new User();
             $data[$i]['metadata'] = array('displayname' => display_name($owner), 'profileurl' => profile_url($owner), 'description' => nl2br($skindata[$i]->description), 'ctime' => format_date(strtotime($skindata[$i]->ctime)), 'mtime' => format_date(strtotime($skindata[$i]->mtime)));
     return (object) array('data' => $data, 'count' => $count);
Exemple #16
        if (!$user_id) {
        $reg_ip = DB()->fetch_rowset("SELECT username, user_id, user_rank FROM " . BB_USERS . "\n\t\t\tWHERE user_reg_ip = '{$profiledata['user_reg_ip']}'\n\t\t\t\tAND user_reg_ip != ''\n\t\t\t\tAND user_id != {$profiledata['user_id']}\n\t\t\tORDER BY username ASC");
        $last_ip = DB()->fetch_rowset("SELECT username, user_id, user_rank FROM " . BB_USERS . "\n\t\t\tWHERE user_last_ip = '{$profiledata['user_last_ip']}'\n\t\t\t\tAND user_last_ip != ''\n\t\t\t\tAND user_id != {$profiledata['user_id']}");
        $link_reg_ip = $link_last_ip = '';
        if (!empty($reg_ip)) {
            $link_reg_ip .= $lang['OTHER_IP'] . ' ';
            foreach ($reg_ip as $row) {
                $link_reg_ip .= profile_url($row) . ' ';
        if (!empty($last_ip)) {
            $link_last_ip .= $lang['OTHER_IP'] . ' ';
            foreach ($last_ip as $row) {
                $link_last_ip .= profile_url($row) . ' ';
        if ($profiledata['user_level'] == ADMIN && !IS_ADMIN) {
            $reg_ip = $last_ip = $lang['HIDDEN'];
        } elseif ($profiledata['user_level'] == MOD && IS_MOD) {
            $reg_ip = $last_ip = $lang['HIDDEN'];
        } else {
            $user_reg_ip = decode_ip($profiledata['user_reg_ip']);
            $user_last_ip = decode_ip($profiledata['user_last_ip']);
            $reg_ip = '<a href="' . $bb_cfg['whois_info'] . $user_reg_ip . '" class="gen" target="_blank">' . $user_reg_ip . '</a>';
            $last_ip = '<a href="' . $bb_cfg['whois_info'] . $user_last_ip . '" class="gen" target="_blank">' . $user_last_ip . '</a>';
        $this->response['ip_list_html'] = '
			<br /><table class="mod_ip bCenter borderless" cellspacing="1">
				<tr class="row5" >
Exemple #17
 * creates the profile sideblock
function profile_sideblock()
    global $USER, $SESSION;
    safe_require('notification', 'internal');
    require_once 'group.php';
    require_once 'institution.php';
    $data = array('id' => $USER->get('id'), 'myname' => display_name($USER, null, true), 'username' => $USER->get('username'), 'url' => profile_url($USER), 'profileiconurl' => get_config('wwwroot') . 'artefact/file/profileicons.php');
    $authinstance = $SESSION->get('mnetuser') ? $SESSION->get('authinstance') : $USER->get('authinstance');
    if ($authinstance) {
        $authobj = AuthFactory::create($authinstance);
        if ($authobj->authname == 'xmlrpc') {
            $peer = get_peer($authobj->wwwroot);
            if ($SESSION->get('mnetuser')) {
                $data['mnetloggedinfrom'] = get_string('youhaveloggedinfrom1', 'auth.xmlrpc', $authobj->wwwroot, $peer->name);
            } else {
                $data['peer'] = array('name' => $peer->name, 'wwwroot' => $peer->wwwroot);
    $invitedgroups = get_records_sql_array('SELECT g.*, gmi.ctime, gmi.reason
             FROM {group} g
             JOIN {group_member_invite} gmi ON =
             WHERE gmi.member = ? AND g.deleted = ?', array($USER->get('id'), 0));
    $data['invitedgroups'] = $invitedgroups ? count($invitedgroups) : 0;
    $data['invitedgroupsmessage'] = $data['invitedgroups'] == 1 ? get_string('invitedgroup') : get_string('invitedgroups');
    $data['pendingfriends'] = count_records('usr_friend_request', 'owner', $USER->get('id'));
    $data['pendingfriendsmessage'] = $data['pendingfriends'] == 1 ? get_string('pendingfriend') : get_string('pendingfriends');
    // Check if we want to limit the displayed groups by the account setting
    $limitto = null;
    $limit = $USER->get_account_preference('groupsideblockmaxgroups');
    if (isset($limit) && is_numeric($limit)) {
        $limitto = intval($limit);
    $sort = null;
    if ($sortorder = $USER->get_account_preference('groupsideblocksortby')) {
        $sort = $sortorder;
    if ($limitto === null) {
        $data['groups'] = group_get_user_groups($USER->get('id'), null, $sort);
        $total = count($data['groups']);
    } else {
        if ($limitto === 0) {
            $data['groups'] = null;
        } else {
            list($data['groups'], $total) = group_get_user_groups($USER->get('id'), null, $sort, $limitto);
    $limitstr = '';
    if (!empty($limitto) && $limitto < $total) {
        switch ($sort) {
            case 'earliest':
                $limitstr = get_string('numberofmygroupsshowingearliest', 'blocktype.mygroups', $limitto, $total);
            case 'latest':
                $limitstr = get_string('numberofmygroupsshowinglatest', 'blocktype.mygroups', $limitto, $total);
                $limitstr = get_string('numberofmygroupsshowing', 'blocktype.mygroups', $limitto, $total);
    $data['grouplimitstr'] = $limitstr;
    $data['views'] = get_records_sql_array('SELECT, v.title, v.urlid, v.owner
        FROM {view} v
        INNER JOIN {view_tag} vt ON (vt.tag = ? AND vt.view =
        WHERE v.owner = ?
        ORDER BY v.title', array(get_string('profile'), $USER->get('id')));
    if ($data['views']) {
        require_once 'view.php';
        foreach ($data['views'] as $v) {
            $view = new View(0, (array) $v);
            $view->set('dirty', false);
            $v->fullurl = $view->get_url();
    $data['artefacts'] = get_records_sql_array('SELECT, a.artefacttype, a.title
         FROM {artefact} a
         INNER JOIN {artefact_tag} at ON ( = at.artefact AND tag = ?)
         WHERE a.owner = ?
         ORDER BY a.title', array(get_string('profile'), $USER->get('id')));
    if (!empty($data['artefacts'])) {
        // check if we have any blogposts and fetch their blog id if we do
        foreach ($data['artefacts'] as $key => $value) {
            if ($value->artefacttype == 'blogpost') {
                $value->blogid = get_field('artefact', 'parent', 'id', $value->id);
    return $data;
Exemple #18
 public static function wallpost_submit(Pieform $form, $values)
     global $USER;
     $record = (object) array('instance' => $values['instance'], 'from' => $USER->get('id'), 'replyto' => $values['replyto'] ? $values['replyto'] : null, 'private' => (int) (bool) $values['private'], 'postdate' => db_format_timestamp(time()), 'text' => $values['text']);
     insert_record('blocktype_wall_post', $record);
     $instance = new BlockInstance($values['instance']);
     $owner = $instance->get_view()->get('owner');
     $smarty = smarty_core();
     $smarty->assign('instanceid', $instance->get('id'));
     $smarty->assign('ownwall', !empty($USER) && $USER->get('id') == $owner);
     if ($posts = self::fetch_posts($instance)) {
         $smarty->assign('wallposts', $posts);
     $renderedposts = $smarty->fetch('blocktype:wall:inlineposts.tpl');
     $form->reply(PIEFORM_OK, array('message' => get_string('addpostsuccess', 'blocktype.wall'), 'posts' => $renderedposts, 'block' => $values['instance'], 'goto' => profile_url($owner)));
         DB()->query("UPDATE " . BB_TOPICS . " SET topic_status = " . TOPIC_UNLOCKED . " WHERE topic_id = {$tor['topic_id']} LIMIT 1");
     } else {
     // Подтверждение изменения статуса, выставленного другим модератором
     if ($tor['tor_status'] != TOR_NOT_APPROVED && $tor['checked_user_id'] != $userdata['user_id'] && $tor['checked_time'] + 2 * 3600 > TIMENOW) {
         if (empty($this->request['confirmed'])) {
             $msg = $lang['TOR_STATUS_OF'] . " {$lang['TOR_STATUS_NAME'][$tor['tor_status']]}\n\n";
             $msg .= ($username = get_username($tor['checked_user_id'])) ? $lang['TOR_STATUS_CHANGED'] . html_entity_decode($username) . ", " . delta_time($tor['checked_time']) . $lang['TOR_BACK'] . "\n\n" : "";
             $msg .= $lang['PROCEED'] . '?';
     change_tor_status($attach_id, $new_status);
     $this->response['status'] = $bb_cfg['tor_icons'][$new_status] . ' <b> ' . $lang['TOR_STATUS_NAME'][$new_status] . '</b> &middot; ' . profile_url($userdata) . ' &middot; <i>' . delta_time(TIMENOW) . $lang['TOR_BACK'] . '</i>';
     if ($bb_cfg['tor_comment'] && ($comment && $comment != $lang['COMMENT'] || in_array($new_status, $bb_cfg['tor_reply']))) {
         if ($tor['poster_id'] > 0) {
             $subject = sprintf($lang['TOR_MOD_TITLE'], $tor['topic_title']);
             $message = sprintf($lang['TOR_MOD_MSG'], get_username($tor['poster_id']), make_url(TOPIC_URL . $tor['topic_id']), $bb_cfg['tor_icons'][$new_status] . ' ' . $lang['TOR_STATUS_NAME'][$new_status]);
             if ($comment && $comment != $lang['COMMENT']) {
                 $message .= "\n\n[b]" . $lang['COMMENT'] . '[/b]: ' . $comment;
             send_pm($tor['poster_id'], $subject, $message, $userdata['user_id']);
 case 'status_reply':
     if (!$bb_cfg['tor_comment']) {
if (!defined('BB_ROOT')) {
global $lang;
// Obtain user/online information
$logged_online = $guests_online = 0;
$time_online = TIMENOW - 300;
#	$time_online = 0;
$ulist = array(ADMIN => array(), MOD => array(), GROUP_MEMBER => array(), USER => array());
$users_cnt = array('admin' => 0, 'mod' => 0, 'group_member' => 0, 'ignore_load' => 0, 'user' => 0, 'guest' => 0);
$online = $online_short = array('userlist' => '');
$sql = "\n\tSELECT\n\t\tu.username, u.user_id, u.user_opt, u.user_rank, u.user_level,\n\t\ts.session_logged_in, s.session_ip, (s.session_time - s.session_start) AS ses_len, COUNT(s.session_id) AS sessions, COUNT(DISTINCT s.session_ip) AS ips\n\tFROM " . BB_SESSIONS . " s, " . BB_USERS . " u\n\tWHERE s.session_time > {$time_online}\n\t\tAND u.user_id = s.session_user_id\n\tGROUP BY s.session_user_id\n\tORDER BY u.username\n";
foreach (DB()->fetch_rowset($sql) as $u) {
    if ($u['session_logged_in']) {
        $stat = array();
        $name = profile_url($u);
        $level = $u['user_level'];
        if ($level == ADMIN) {
            $name = "<b>{$name}</b>";
        } else {
            if ($level == MOD) {
                $name = "<b>{$name}</b>";
            } else {
                if ($level == GROUP_MEMBER) {
                    $name = "<b>{$name}</b>";
                } else {
Exemple #21
    // just in case, someone calls with replyto and returnto=view, which shouldn't
    // happen anyway. But in that case, proceed to first user in recipient-list
    if (sizeof($users) > 1) {
        $user = $users[0];
define('TITLE', get_string('sendmessageto', 'module.multirecipientnotification'));
$returnto = param_alpha('returnto', 'myfriends');
$offset = param_integer('offset', 0);
switch ($returnto) {
    case 'find':
        $goto = 'user/find.php';
    case 'view':
        $goto = profile_url($user, false);
    case 'inbox':
        $goto = 'account/activity';
    case 'institution':
        $goto = ($inst = param_alpha('inst', null)) ? 'institution/index.php?institution=' . $inst : 'account/activity';
        $goto = 'module/multirecipientnotification/outbox.php';
if ($offset > 0) {
    $goto .= strpos($goto, '?') ? '&offset=' . $offset : '?offset=' . $offset;
$form = pieform(array('name' => 'sendmessage', 'autofocus' => false, 'validatecallback' => 'sendmessage_validate', 'elements' => array('recipients' => array('type' => 'autocomplete', 'title' => get_string('titlerecipient', 'module.multirecipientnotification'), 'defaultvalue' => $users, 'ajaxurl' => get_config('wwwroot') . 'module/multirecipientnotification/sendmessage.json.php', 'initfunction' => 'translate_ids_to_names', 'multiple' => true, 'ajaxextraparams' => array(), 'rules' => array('required' => true)), 'subject' => array('title' => get_string('titlesubject', 'module.multirecipientnotification'), 'type' => 'text', 'name' => 'subject', 'size' => '40', 'defaultvalue' => $subject, 'rules' => array('required' => true)), 'message' => array('type' => 'textarea', 'title' => $messages ? get_string('Reply', 'group') : get_string('message'), 'cols' => 80, 'rows' => 10, 'rules' => array('maxlength' => 65536, 'required' => true)), 'goto' => array('type' => 'hidden', 'value' => $goto), 'submit' => array('type' => 'submitcancel', 'class' => 'btn-success', 'value' => array($messages ? get_string('Reply', 'group') : get_string('sendmessage', 'group'), get_string('cancel')), 'goto' => get_config('wwwroot') . $goto))));
Exemple #22
$studentid = (string) get_field('artefact', 'title', 'owner', $USER->get('id'), 'artefacttype', 'studentid');
if ($studentid !== '') {
    $ownerformatoptions[FORMAT_NAME_STUDENTID] = sprintf($formatstring, get_string('studentid'), $studentid);
// Clean urls are only available for portfolio views owned by groups or users who already
// have their own clean profiles or group homepages.
if ($urlallowed = get_config('cleanurls') && $view->get('type') == 'portfolio' && !$institution) {
    if ($group) {
        $groupdata = get_record('group', 'id', $group);
        if ($urlallowed = !is_null($groupdata->urlid) && strlen($groupdata->urlid)) {
            $cleanurlbase = group_homepage_url($groupdata) . '/';
    } else {
        $userurlid = $USER->get('urlid');
        if ($urlallowed = !is_null($userurlid) && strlen($userurlid)) {
            $cleanurlbase = profile_url($USER) . '/';
$editview = array('name' => 'editview', 'method' => 'post', 'autofocus' => 'title', 'autoselect' => $new ? 'title' : null, 'plugintype' => 'core', 'pluginname' => 'view', 'elements' => array('id' => array('type' => 'hidden', 'value' => $view->get('id')), 'new' => array('type' => 'hidden', 'value' => $new), 'title' => array('type' => 'text', 'title' => get_string('title', 'view'), 'defaultvalue' => $view->get('title'), 'rules' => array('required' => true)), 'urlid' => array('type' => 'text', 'title' => get_string('viewurl', 'view'), 'prehtml' => '<span class="description">' . (isset($cleanurlbase) ? $cleanurlbase : '') . '</span> ', 'description' => get_string('viewurldescription', 'view') . ' ' . get_string('cleanurlallowedcharacters'), 'defaultvalue' => $new ? null : $view->get('urlid'), 'rules' => array('maxlength' => 100, 'regex' => get_config('cleanurlvalidate')), 'ignore' => !$urlallowed || $new), 'description' => array('type' => 'wysiwyg', 'title' => get_string('description', 'view'), 'rows' => 10, 'cols' => 70, 'defaultvalue' => $view->get('description'), 'rules' => array('maxlength' => 65536)), 'tags' => array('type' => 'tags', 'title' => get_string('tags'), 'description' => get_string('tagsdescprofile'), 'defaultvalue' => $view->get('tags'), 'help' => true)));
if ($group) {
    $grouproles = $USER->get('grouproles');
    if ($grouproles[$group] == 'admin') {
        $editview['elements']['locked'] = array('type' => 'switchbox', 'title' => get_string('Locked', 'view'), 'description' => get_string('lockedgroupviewdesc', 'view'), 'defaultvalue' => $view->get('locked'), 'disabled' => $view->get('type') == 'grouphomepage');
if (!($group || $institution)) {
    $default = $view->get('ownerformat');
    if (!$default) {
        $default = FORMAT_NAME_DISPLAYNAME;
    if ($page < $num_pages) {
        $pagination .= $pagination == '' ? '<a href="' . $base_url . '&sort=' . $sort . '&order=' . $order . '&page=' . ($page + 1) . '">' . $lang['NEXT'] . '</a>' : ' | <a href="' . $base_url . '&sort=' . $sort . '&order=' . $order . '&page=' . ($page + 1) . '">' . $lang['NEXT'] . '</a>';
    if ($num_pages > 2) {
        $pagination .= '&nbsp;&nbsp;<input type="text" name="page" maxlength="5" size="2" class="post" />&nbsp;<input type="submit" name="submit" value="' . $lang['GO'] . '" class="post" />';
    $template->assign_vars(array('TPL_ADMIN_USER_SEARCH_RESULTS' => true, 'PAGE_NUMBER' => sprintf($lang['PAGE_OF'], $page, $num_pages), 'PAGINATION' => $pagination, 'NEW_SEARCH' => sprintf($lang['SEARCH_USERS_NEW'], $text, $total_pages['total'], 'admin_user_search.php'), 'U_USERNAME' => $sort == 'username' ? "{$base_url}&sort={$sort}&order={$o_order}" : "{$base_url}&sort=username&order={$order}", 'U_EMAIL' => $sort == 'user_email' ? "{$base_url}&sort={$sort}&order={$o_order}" : "{$base_url}&sort=user_email&order={$order}", 'U_POSTS' => $sort == 'posts' ? "{$base_url}&sort={$sort}&order={$o_order}" : "{$base_url}&sort=posts&order={$order}", 'U_JOINDATE' => $sort == 'regdate' ? "{$base_url}&sort={$sort}&order={$o_order}" : "{$base_url}&sort=regdate&order={$order}", 'U_LASTVISIT' => $sort == 'lastvisit' ? "{$base_url}&sort={$sort}&order={$o_order}" : "{$base_url}&sort=lastvisit&order={$order}", 'S_POST_ACTION' => "{$base_url}&sort={$sort}&order={$order}"));
    if (!($result = DB()->sql_query($select_sql))) {
        bb_die('Could not select user data');
    $rowset = DB()->sql_fetchrowset($result);
    $users_sql = '';
    foreach ($rowset as $array) {
        $users_sql .= $users_sql == '' ? $array['user_id'] : ', ' . $array['user_id'];
    $sql = "SELECT ban_userid AS user_id FROM " . BB_BANLIST . " WHERE ban_userid IN ({$users_sql})";
    if (!($result = DB()->sql_query($sql))) {
        bb_die('Could not select banned data');
    $banned = array();
    while ($row = DB()->sql_fetchrow($result)) {
        $banned[$row['user_id']] = true;
    for ($i = 0; $i < count($rowset); $i++) {
        $row_class = !($i % 2) ? 'row1' : 'row2';
        $template->assign_block_vars('userrow', array('ROW_CLASS' => $row_class, 'USER' => profile_url($rowset[$i]), 'EMAIL' => $rowset[$i]['user_email'], 'JOINDATE' => bb_date($rowset[$i]['user_regdate']), 'LASTVISIT' => bb_date($rowset[$i]['user_lastvisit']), 'POSTS' => $rowset[$i]['user_posts'], 'BAN' => !isset($banned[$rowset[$i]['user_id']]) ? $lang['NOT_BANNED'] : $lang['BANNED'], 'ABLED' => $rowset[$i]['user_active'] ? $lang['ENABLED'] : $lang['DISABLED'], 'U_VIEWPOSTS' => "../search.php?search_author=1&amp;uid={$rowset[$i]['user_id']}", 'U_MANAGE' => '../profile.php?mode=editprofile&' . POST_USERS_URL . '=' . $rowset[$i]['user_id'] . '&admin=1', 'U_PERMISSIONS' => 'admin_ug_auth.php?mode=user&' . POST_USERS_URL . '=' . $rowset[$i]['user_id']));
print_page('admin_user_search.tpl', 'admin');
Exemple #24
 public static function render_instance(BlockInstance $instance, $editing = false)
     global $USER;
     $configdata = $instance->get('configdata');
     $view = $instance->get('view');
     $full = isset($configdata['full']) ? $configdata['full'] : false;
     $results = array();
     $smarty = smarty_core();
     $smarty->assign('view', $view);
     $viewownerdisplay = null;
     // Display all posts, from all blogs, owned by this user
     $tagsin = $tagsout = array();
     $results = self::get_blog_posts_in_block($instance, $tagsin, $tagsout);
     if ($tagsin || $tagsout) {
         $smarty->assign('blockid', $instance->get('id'));
         $smarty->assign('editing', $editing);
         if ($editing) {
             // Get list of blogs owned by this user to create the "Add new post" shortcut while editing
             $viewowner = $instance->get_view()->get('owner');
             if (!$viewowner || !($blogs = get_records_select_array('artefact', 'artefacttype = \'blog\' AND owner = ?', array($viewowner), 'title ASC', 'id, title'))) {
                 $blogs = array();
             $smarty->assign('tagselect', implode(', ', $tagsin));
             $smarty->assign('blogs', $blogs);
         // if posts are not found with the selected tag, notify the user
         if (!$results) {
             $smarty->assign('badtag', implode(', ', $tagsin));
             $smarty->assign('badnotag', implode(', ', $tagsout));
             return $smarty->fetch('blocktype:taggedposts:taggedposts.tpl');
         // update the view_artefact table so journal entries are accessible when this is the only block on the page
         // referencing this journal
         $dataobject = array('view' => $view, 'block' => $instance->get('id'));
         require_once get_config('docroot') . 'lib/view.php';
         $viewobj = new View($view);
         require_once get_config('docroot') . 'artefact/lib.php';
         safe_require('artefact', 'blog');
         safe_require('artefact', 'comment');
         foreach ($results as $result) {
             $dataobject["artefact"] = $result->parent;
             $result->postedbyon = get_string('postedbyon', '', display_default_name($result->owner), format_date(strtotime($result->ctime)));
             $result->displaydate = format_date(strtotime($result->ctime));
             $artefact = new ArtefactTypeBlogpost($result->id);
             // get comments for this post
             $result->commentcount = count_records_select('artefact_comment_comment', "onartefact = {$result->id} AND private = 0 AND deletedby IS NULL");
             $allowcomments = $artefact->get('allowcomments');
             if (empty($result->commentcount) && empty($allowcomments)) {
                 $result->commentcount = null;
             list($commentcount, $comments) = ArtefactTypeComment::get_artefact_comments_for_view($artefact, $viewobj, null, false);
             $result->comments = $comments;
             // get all tags for this post
             $taglist = get_records_array('artefact_tag', 'artefact', $result->id, "tag DESC");
             foreach ($taglist as $t) {
                 $result->taglist[] = $t->tag;
             if ($full) {
                 $rendered = $artefact->render_self(array('viewid' => $view, 'details' => true, 'blockid' => $instance->get('id')));
                 $result->html = $rendered['html'];
                 if (!empty($rendered['javascript'])) {
                     $result->html .= '<script type="application/javascript">' . $rendered['javascript'] . '</script>';
         // check if the user viewing the page is the owner of the selected tag
         $owner = $results[0]->owner;
         if ($USER->id != $owner) {
             $viewownerdisplay = get_user_for_display($owner);
         $smarty->assign('tagsin', $tagsin);
         $smarty->assign('tagsout', $tagsout);
     } else {
         if (!self::get_chooseable_tags()) {
             // error if block configuration fails
             $smarty->assign('configerror', get_string('notagsavailableerror', ''));
             return $smarty->fetch('blocktype:taggedposts:taggedposts.tpl');
         } else {
             // error if block configuration fails
             $smarty->assign('configerror', get_string('configerror', ''));
             return $smarty->fetch('blocktype:taggedposts:taggedposts.tpl');
     // add any needed links to the tags
     $tagstr = $tagomitstr = '';
     foreach ($tagsin as $key => $tag) {
         if ($key > 0) {
             $tagstr .= ', ';
         $tagstr .= $viewownerdisplay ? '"' . $tag . '"' : '"<a href="' . get_config('wwwroot') . 'tags.php?tag=' . $tag . '&sort=name&type=text">' . $tag . '</a>"';
     if (!empty($tagsout)) {
         foreach ($tagsout as $key => $tag) {
             if ($key > 0) {
                 $tagomitstr .= ', ';
             $tagomitstr .= $viewownerdisplay ? '"' . $tag . '"' : '"<a href="' . get_config('wwwroot') . 'tags.php?tag=' . $tag . '&sort=name&type=text">' . $tag . '</a>"';
     $blockheading = get_string('blockheadingtags', '', count($tagsin), $tagstr);
     $blockheading .= !empty($tagomitstr) ? get_string('blockheadingtagsomit', '', count($tagsout), $tagomitstr) : '';
     $blockheading .= $viewownerdisplay ? ' ' . get_string('by', '') . ' <a href="' . profile_url($viewownerdisplay) . '">' . display_name($viewownerdisplay) . '</a>' : '';
     $smarty->assign('full', $full);
     $smarty->assign('results', $results);
     $smarty->assign('blockheading', $blockheading);
     return $smarty->fetch('blocktype:taggedposts:taggedposts.tpl');
if (function_exists('Dwoo_Plugin_display_name')===false)
/* end template head */ ob_start(); /* template body */ ?><div class="sidebar-header">
    <h3><?php echo Dwoo_Plugin_str($this, "onlineusers", 'mahara', (is_string($tmp=(isset($this->scope["sbdata"]["count"]) ? $this->scope["sbdata"]["count"]:null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp), null, null, null, null);?></h3>
    <p id="lastminutes">(<?php echo Dwoo_Plugin_str($this, "lastminutes", 'mahara', (is_string($tmp=(isset($this->scope["sbdata"]["lastminutes"]) ? $this->scope["sbdata"]["lastminutes"]:null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp), null, null, null, null);?>)</p>
    <div class="sidebar-content">
        <ul class="cr">
$_fh7_data = (is_string($tmp=(isset($this->scope["sbdata"]["users"]) ? $this->scope["sbdata"]["users"]:null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp);
if ($this->isArray($_fh7_data) === true)
	foreach ($_fh7_data as $this->scope['user'])
/* -- foreach start output */
            <li><a href="<?php echo profile_url((is_string($tmp=(isset($this->scope["user"]) ? $this->scope["user"] : null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp));?>"><img src="<?php echo (is_string($tmp=$this->readVarInto(array (  1 =>   array (    0 => '->',  ),  2 =>   array (    0 => 'profileiconurl',  ),  3 =>   array (    0 => '',    1 => '',  ),), $this->scope["user"], false)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp);?>" alt="<?php echo Dwoo_Plugin_str($this, 'profileimagetext', 'mahara', null, Dwoo_Plugin_display_default_name($this, (is_string($tmp=(isset($this->scope["user"]) ? $this->scope["user"] : null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp)), null, null, null);?>" class="profile-icon-container"> <?php echo Dwoo_Plugin_display_name($this, (is_string($tmp=(isset($this->scope["user"]) ? $this->scope["user"] : null)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp), null, false, false);?></a><?php if ((is_string($tmp=$this->readVarInto(array (  1 =>   array (    0 => '->',  ),  2 =>   array (    0 => 'loggedinfrom',  ),  3 =>   array (    0 => '',    1 => '',  ),), (isset($this->scope["user"]) ? $this->scope["user"]:null), true)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp)) {
?> (<?php echo (is_string($tmp=$this->readVarInto(array (  1 =>   array (    0 => '->',  ),  2 =>   array (    0 => 'loggedinfrom',  ),  3 =>   array (    0 => '',    1 => '',  ),), $this->scope["user"], false)) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp);?>)<?php 
/* -- foreach end output */

    <p id="allonline"><a href="<?php echo (is_string($tmp=$this->scope["WWWROOT"]) ? htmlspecialchars($tmp, ENT_QUOTES, $this->charset) : $tmp);?>user/online.php"><?php echo Dwoo_Plugin_str($this, "allonline", 'mahara', null, null, null, null, null);?></a></p>
<?php  /* end template body */
return $this->buffer . ob_get_clean();
Exemple #26
 * Displays purified html on a page with an explanatory message.
 * @param string $html     The purified html.
 * @param string $filename The filename to serve the file as
 * @param array $params    Parameters previously passed to serve_file
function display_cleaned_html($html, $filename, $params)
    $smarty = smarty_core();
    $smarty->assign('params', $params);
    if ($params['owner']) {
        $smarty->assign('htmlremovedmessage', get_string('htmlremovedmessage', 'artefact.file', hsc($filename), profile_url((int) $params['owner']), hsc(display_name($params['owner']))));
    } else {
        $smarty->assign('htmlremovedmessage', get_string('htmlremovedmessagenoowner', 'artefact.file', hsc($filename)));
    $smarty->assign('content', $html);
define('MENUITEM', 'configusers/usersearch');
require dirname(dirname(dirname(__FILE__))) . '/init.php';
define('TITLE', get_string('accountsettings', 'admin'));
define('SECTION_PLUGINTYPE', 'core');
define('SECTION_PLUGINNAME', 'admin');
require_once 'pieforms/pieform.php';
require_once 'activity.php';
require_once get_config('docroot') . 'lib/antispam.php';
$id = param_integer('id');
$user = new User();
$authobj = AuthFactory::create($user->authinstance);
if (!$USER->is_admin_for_user($user)) {
    $SESSION->add_error_msg(get_string('youcannotadministerthisuser', 'admin'));
if ($user->deleted) {
    $smarty = smarty();
    $smarty->assign('PAGEHEADING', TITLE . ': ' . display_name($user));
    $smarty->assign('message', get_string('thisuserdeleted', 'admin'));
// Site-wide account settings
$currentdate = getdate();
$elements = array();
$elements['id'] = array('type' => 'hidden', 'rules' => array('integer' => true), 'value' => $id);
if (method_exists($authobj, 'change_username')) {
    $elements['username'] = array('type' => 'text', 'title' => get_string('changeusername', 'admin'), 'description' => get_string('changeusernamedescription', 'admin'), 'defaultvalue' => $user->username, 'rules' => array('maxlength' => 236));
 public static function build_html(&$data)
     global $USER, $THEME;
     $candelete = $data->canedit || $USER->get('admin');
     $deletedmessage = array();
     foreach (self::deleted_messages() as $k => $v) {
         $deletedmessage[$k] = get_string($v, 'artefact.comment');
     $authors = array();
     $lastcomment = self::last_public_comment($data->view, $data->artefact);
     $editableafter = time() - 60 * get_config_plugin('artefact', 'comment', 'commenteditabletime');
     foreach ($data->data as &$item) {
         $item->ts = strtotime($item->ctime);
         $item->date = format_date($item->ts, 'strftimedatetime');
         if ($item->ts < strtotime($item->lastcontentupdate)) {
             $item->updated = format_date(strtotime($item->lastcontentupdate), 'strftimedatetime');
         $item->isauthor = $item->author && $item->author == $USER->get('id');
         if (!empty($item->attachments)) {
             if ($data->isowner) {
                 $item->attachmessage = get_string('feedbackattachmessage', 'artefact.comment', get_string('feedbackattachdirname', 'artefact.comment'));
             foreach ($item->attachments as &$a) {
                 $a->attachid = $a->attachment;
                 $a->attachtitle = $a->title;
                 $a->attachsize = display_size($a->size);
         if ($item->private) {
             $item->pubmessage = get_string('thiscommentisprivate', 'artefact.comment');
         if (isset($data->showcomment) && $data->showcomment == $item->id) {
             $item->highlight = 1;
         $is_export_preview = param_integer('export', 0);
         if ($item->deletedby) {
             $item->deletedmessage = $deletedmessage[$item->deletedby];
         } else {
             if (($candelete || $item->isauthor) && !$is_export_preview) {
                 $item->deleteform = pieform(self::delete_comment_form($item->id));
         // Comment authors can edit recent comments if they're private or if no one has replied yet.
         if (!$item->deletedby && $item->isauthor && !$is_export_preview && ($item->private || $item->id == $lastcomment->id) && $item->ts > $editableafter) {
             $item->canedit = 1;
         // Form to make private comment public, or request that a
         // private comment be made public
         if (!$item->deletedby && $item->private && $item->author && $data->owner && ($item->isauthor || $data->isowner)) {
             if (empty($item->requestpublic) && $data->isowner || $item->isauthor && $item->requestpublic == 'owner' || $data->isowner && $item->requestpublic == 'author') {
                 if (!$is_export_preview) {
                     $item->makepublicform = pieform(self::make_public_form($item->id));
             } else {
                 if ($item->isauthor && $item->requestpublic == 'author' || $data->isowner && $item->requestpublic == 'owner') {
                     $item->makepublicrequested = 1;
         } else {
             if (!$item->deletedby && $item->private && !$item->author && $data->owner && $data->isowner && $item->requestpublic == 'author' && !$is_export_preview) {
                 $item->makepublicform = pieform(self::make_public_form($item->id));
             } else {
                 if (!$item->deletedby && $item->private && !$data->owner && $item->group && $item->requestpublic == 'author') {
                     // no owner as comment is on a group view / artefact
                     if ($item->isauthor) {
                         $item->makepublicrequested = 1;
                     } else {
                         if ($data->artefact && $data->canedit || $data->view && $data->canedit && !$is_export_preview) {
                             $item->makepublicform = pieform(self::make_public_form($item->id));
                         } else {
                             $item->makepublicrequested = 1;
         if ($item->author) {
             if (isset($authors[$item->author])) {
                 $item->author = $authors[$item->author];
             } else {
                 $item->author = $authors[$item->author] = (object) array('id' => $item->author, 'username' => $item->username, 'firstname' => $item->firstname, 'lastname' => $item->lastname, 'preferredname' => $item->preferredname, 'email' => $item->email, 'staff' => $item->staff, 'admin' => $item->admin, 'deleted' => $item->deleted, 'profileicon' => $item->profileicon, 'profileurl' => profile_url($item->author));
         if (get_config_plugin('artefact', 'comment', 'commentratings') and $item->rating) {
             $item->ratingdata = (object) array('value' => valid_rating($item->rating), 'min_rating' => MIN_RATING, 'max_rating' => MAX_RATING, 'export' => $data->export);
     $extradata = array('view' => $data->view);
     $data->jsonscript = 'artefact/comment/comments.json.php';
     if (!empty($data->artefact)) {
         $data->baseurl = get_config('wwwroot') . 'artefact/artefact.php?view=' . $data->view . '&artefact=' . $data->artefact;
         $extradata['artefact'] = $data->artefact;
     } else {
         $data->baseurl = get_config('wwwroot') . 'view/view.php?id=' . $data->view;
     $smarty = smarty_core();
     $smarty->assign_by_ref('data', $data->data);
     $smarty->assign('canedit', $data->canedit);
     $smarty->assign('viewid', $data->view);
     $smarty->assign('position', $data->position);
     $smarty->assign('baseurl', $data->baseurl);
     $data->tablerows = $smarty->fetch('artefact:comment:commentlist.tpl');
     $pagination = build_pagination(array('id' => 'feedback_pagination', 'class' => 'center', 'url' => $data->baseurl, 'jsonscript' => $data->jsonscript, 'datatable' => 'feedbacktable', 'count' => $data->count, 'limit' => $data->limit, 'offset' => $data->offset, 'forceoffset' => isset($data->forceoffset) ? $data->forceoffset : null, 'resultcounttextsingular' => get_string('comment', 'artefact.comment'), 'resultcounttextplural' => get_string('comments', 'artefact.comment'), 'extradata' => $extradata));
     $data->pagination = $pagination['html'];
     $data->pagination_js = $pagination['javascript'];
Exemple #29
function addfriend_submit(Pieform $form, $values)
    global $USER, $SESSION;
    $user = get_record('usr', 'id', $values['id']);
    $loggedinid = $USER->get('id');
    if (is_friend($loggedinid, $user->id)) {
        $SESSION->add_info_msg(get_string('alreadyfriends', 'group', display_name($user)));
        delete_records('usr_friend_request', 'owner', $loggedinid, 'requester', $user->id);
    // friend db record
    $f = new StdClass();
    $f->ctime = db_format_timestamp(time());
    // notification info
    $n = new StdClass();
    $n->url = profile_url($USER, false);
    $n->users = array($user->id);
    $lang = get_user_language($user->id);
    $displayname = display_name($USER, $user);
    $n->urltext = $displayname;
    $f->usr1 = $values['id'];
    $f->usr2 = $loggedinid;
    delete_records('usr_friend_request', 'owner', $loggedinid, 'requester', $user->id);
    insert_record('usr_friend', $f);
    $n->subject = get_string_from_language($lang, 'addedtofriendslistsubject', 'group', $displayname);
    $n->message = get_string_from_language($lang, 'addedtofriendslistmessage', 'group', $displayname, $displayname);
    require_once 'activity.php';
    activity_occurred('maharamessage', $n);
    handle_event('addfriend', array('user' => $f->usr2, 'friend' => $f->usr1));
    $SESSION->add_ok_msg(get_string('friendformaddsuccess', 'group', display_name($user)));
Exemple #30
 public function get_htmlmessage($user)
     $post = $this->temp->post;
     $reportername = hsc(display_default_name($this->reporter));
     $reporterurl = profile_url($this->reporter);
     $ctime = strftime(get_string_from_language($user->lang, 'strftimedaydatetime'), $this->ctime);
     return get_string_from_language($user->lang, 'objectionablecontentposthtml', '', hsc($post->topicsubject), $reportername, $ctime, $this->message, $post->posttime, $post->htmlbody, get_config('wwwroot') . $this->url, hsc($post->topicsubject), $reporterurl, $reportername);