function td_file_properties_link($File, $link_text)
{
    global $current_User;
    if (is_object($File) && $current_User->check_perm('files', 'edit_allowed', false, $File->get_FileRoot())) {
        // Check if File object is correct and current user has an access
        return '<a href="' . url_add_param($File->get_linkedit_url(), 'action=edit_properties&amp;fm_selected[]=' . rawurlencode($File->get_rdfp_rel_path()) . '&amp;' . url_crumb('file')) . '">' . $link_text . '</a>';
    } else {
        return $link_text;
    }
}
 /**
  * Display the widget!
  *
  * @param array MUST contain at least the basic display params
  */
 function display($params)
 {
     global $Blog;
     if (empty($Blog) || $Blog->get_setting('allow_access') != 'members') {
         // Use this widget only when blog is llowed only for members
         return;
     }
     $this->init_display($params);
     echo $this->disp_params['before'];
     echo '<a href="' . url_add_param($Blog->get('usersurl'), 'filter=new&amp;membersonly=1') . '">' . sprintf(T_('%d members'), $this->get_members_count()) . '</a>';
     echo $this->disp_params['after'];
     return true;
 }
 /**
  * Test {@link url_add_param()}
  */
 function test_url_add_param()
 {
     $this->assertEqual(url_add_param('foo', 'bar', '&'), 'foo?bar');
     $this->assertEqual(url_add_param('foo#anchor', 'bar', '&'), 'foo?bar#anchor');
     $this->assertEqual(url_add_param('foo?', 'bar', '&'), 'foo?bar');
     $this->assertEqual(url_add_param('foo?#anchor', 'bar', '&'), 'foo?bar#anchor');
     $this->assertEqual(url_add_param('?', 'bar', '&'), '?bar');
     $this->assertEqual(url_add_param('?#anchor', 'bar', '&'), '?bar#anchor');
     $this->assertEqual(url_add_param('#anchor', 'bar', '&'), '?bar#anchor');
     $this->assertEqual(url_add_param('?', array('foo' => 1)), '?foo=1');
     $this->assertEqual(url_add_param('?', array('foo' => array(1 => 2))), '?foo%5B1%5D=2');
     $this->assertEqual(url_add_param('?', array('foo' => array(1, 2))), '?foo%5B%5D=1&amp;foo%5B%5D=2');
     $this->assertEqual(url_add_param('?', array('foo' => '100%')), '?foo=100%25');
     $this->assertEqual(url_add_param('?', array('foo' => '1&2')), '?foo=1%262');
     $this->assertEqual(url_add_param('?', array('foo' => array('bar' => 1))), '?foo%5Bbar%5D=1');
 }
function contacts_groups($user_ID)
{
    global $current_User, $DB, $cache_user_contacts_groups;
    if (!is_array($cache_user_contacts_groups)) {
        // Execute only first time to init cache
        $cache_user_contacts_groups = array();
        // Get contacts of current user
        $groups_SQL = new SQL();
        $groups_SQL->SELECT('cgr_ID AS ID, cgu_user_ID AS user_ID, cgr_name AS name');
        $groups_SQL->FROM('T_messaging__contact_groupusers');
        $groups_SQL->FROM_add('LEFT JOIN T_messaging__contact_groups ON cgu_cgr_ID = cgr_ID');
        $groups_SQL->WHERE('cgr_user_ID = ' . $current_User->ID);
        $groups_SQL->ORDER_BY('cgr_name');
        $groups = $DB->get_results($groups_SQL->get());
        $remove_link = url_add_param(get_dispctrl_url('contacts'), 'action=remove_user&amp;view=contacts&amp;' . url_crumb('messaging_contacts'));
        foreach ($groups as $group) {
            // Init cache for groups for each contact of current user
            $group_name = $group->name . action_icon(T_('Remove user from this group'), 'remove', url_add_param($remove_link, 'user_ID=' . $group->user_ID . '&amp;group_ID=' . $group->ID));
            if (isset($cache_user_contacts_groups[$group->user_ID])) {
                // nth group of this user
                $cache_user_contacts_groups[$group->user_ID] .= '<br />' . $group_name;
            } else {
                // first group of this user
                $cache_user_contacts_groups[$group->user_ID] = $group_name;
            }
        }
    }
    if (isset($cache_user_contacts_groups[$user_ID])) {
        // user has groups
        echo $cache_user_contacts_groups[$user_ID];
    }
}
$current_skin_ID = $edited_Blog->get_setting($skin_type . '_skin_ID', true);
if ($current_User->check_perm('options', 'edit', false)) {
    // We have permission to modify:
    $block_item_Widget->global_icon(T_('Install new skin...'), 'new', $dispatcher . '?ctrl=skins&amp;action=new&amp;redirect_to=' . rawurlencode(url_rel_to_same_host(regenerate_url('', 'skinpage=selection', '', '&'), $admin_url)), T_('Install new'), 3, 4);
    $block_item_Widget->global_icon(T_('Keep current skin!'), 'close', regenerate_url('skinpage'), ' ' . T_('Don\'t change'), 3, 4);
}
$block_item_Widget->disp_template_replaced('block_start');
$SkinCache =& get_SkinCache();
$SkinCache->load_all();
if ($display_same_as_normal) {
    $skinshot_title = T_('Same as normal skin');
    $select_url = '?ctrl=coll_settings&tab=skin&blog=' . $edited_Blog->ID . '&amp;action=update&amp;skinpage=selection&amp;' . $skin_type . '_skin_ID=0&amp;' . url_crumb('collection');
    $disp_params = array('function' => 'select', 'selected' => $current_skin_ID == '0', 'select_url' => $select_url);
    Skin::disp_skinshot($skinshot_title, $skinshot_title, $disp_params);
}
$SkinCache->rewind();
while (($iterator_Skin =& $SkinCache->get_next()) != NULL) {
    if ($iterator_Skin->type != $skin_type) {
        // This skin cannot be used here...
        continue;
    }
    $selected = $current_skin_ID == $iterator_Skin->ID;
    $blog_skin_param = $skin_type . '_skin_ID=';
    $select_url = '?ctrl=coll_settings&tab=skin&blog=' . $edited_Blog->ID . '&amp;action=update&amp;skinpage=selection&amp;' . $blog_skin_param . $iterator_Skin->ID . '&amp;' . url_crumb('collection');
    $preview_url = url_add_param($edited_Blog->gen_blogurl(), 'tempskin=' . rawurlencode($iterator_Skin->folder));
    $disp_params = array('function' => 'select', 'selected' => $selected, 'select_url' => $select_url, 'function_url' => $preview_url);
    // Display skinshot:
    Skin::disp_skinshot($iterator_Skin->folder, $iterator_Skin->name, $disp_params);
}
echo '<div class="clear"></div>';
$block_item_Widget->disp_template_replaced('block_end');
Exemple #6
0
            if ($Messages->has_errors()) {
                // Redirect to a form for requesting an activation again if some errors exist
                $redirect = url_add_param($redirect, 'force_request=1', '&');
            }
        } elseif ($action == 'lostpassword') {
            // redirect to inskin lost password page
            $redirect = $Blog->get('lostpasswordurl', array('glue' => '&'));
            if (!empty($lostpassword_error)) {
                // Set this param to know after redirection if error was here
                $redirect = url_add_param($redirect, 'field_error=1', '&');
            }
        } else {
            // redirect to inskin login page
            $redirect = $Blog->get('loginurl', array('glue' => '&'));
        }
        $redirect = url_add_param($redirect, 'redirect_to=' . $redirect_to, '&');
        header_redirect($redirect);
        // already exited here
        exit(0);
    }
}
/**
 * Display standard login screen:
 */
switch ($action) {
    case 'lostpassword':
        // Lost password:
        $page_title = T_('Lost your password?');
        $hidden_params = array('redirect_to' => url_rel_to_same_host($redirect_to, $secure_htsrv_url));
        $wrap_width = '480px';
        // Use the links in the form title
 /**
  * Displays link for replying to the Comment if blog's setting allows this action
  *
  * @param string to display before link
  * @param string to display after link
  * @param string link text
  * @param string link title
  * @param string class name
  */
 function reply_link($before = ' ', $after = ' ', $text = '#', $title = '#', $class = '')
 {
     if (!is_logged_in(false)) {
         return false;
     }
     if (empty($this->ID)) {
         // Happens in Preview
         return false;
     }
     $this->get_Item();
     $this->Item->load_Blog();
     if (!$this->Item->Blog->get_setting('threaded_comments')) {
         // A blog's setting is OFF for replying to the comment
         return false;
     }
     if (!$this->Item->can_comment()) {
         // The comments are disabled
         return false;
     }
     // ID of a replying comment
     $comment_reply_ID = param('reply_ID', 'integer', 0);
     if ($text == '#') {
         // Use default text
         $text = $this->ID == $comment_reply_ID ? T_('You are currently replying to this comment') : T_('Reply to this comment');
     }
     if ($title == '#') {
         // Use default title
         $title = T_('Reply to this comment');
     }
     $class .= ' comment_reply';
     if ($this->ID == $comment_reply_ID) {
         // This comment is using for replying now
         $class .= ' active';
     }
     $class = ' class="' . trim($class) . '"';
     $url = url_add_param($this->Item->get_permanent_url(), 'reply_ID=' . $this->ID . '&amp;redir=no') . '#form_p' . $this->Item->ID;
     echo $before;
     // Display a link
     echo '<a href="' . $url . '" title="' . $title . '"' . $class . ' rel="' . $this->ID . '">' . $text . '</a>';
     echo $after;
     return true;
 }
/**
 * metaWeblog.getCategories
 *
 * @see http://www.xmlrpc.com/metaWeblogApi#metawebloggetcategories
 *
 * @param xmlrpcmsg XML-RPC Message
 *					0 blogid (string): Unique identifier of the blog the post will be added to.
 *						Currently ignored in b2evo, in favor of the category.
 *					1 username (string): Login for a Blogger user who has permission to edit the given
 *						post (either the user who originally created it or an admin of the blog).
 *					2 password (string): Password for said username.
 * @param array of params to narrow category selection
 */
function _wp_mw_getcategories($m, $params = array())
{
    global $DB, $Settings;
    // CHECK LOGIN:
    /**
     * @var User
     */
    if (!($current_User =& xmlrpcs_login($m, 1, 2))) {
        // Login failed, return (last) error:
        return xmlrpcs_resperror();
    }
    // GET BLOG:
    /**
     * @var Blog
     */
    if (!($Blog =& xmlrpcs_get_Blog($m, 0))) {
        // Login failed, return (last) error:
        return xmlrpcs_resperror();
    }
    $SQL = new SQL();
    $SQL->SELECT('cat_ID, cat_name, cat_order');
    $SQL->FROM('T_categories');
    $SQL->WHERE($Blog->get_sql_where_aggregate_coll_IDs('cat_blog_ID'));
    if (!empty($params['search'])) {
        // Category name starts with 'search'
        $SQL->WHERE_and('cat_name LIKE "' . $DB->like_escape($params['search']) . '%"');
    }
    if ($Settings->get('chapter_ordering') == 'manual') {
        // Manual order
        $SQL->ORDER_BY('cat_order');
    } else {
        // Alphabetic order
        $SQL->ORDER_BY('cat_name');
    }
    $rows = $DB->get_results($SQL->get());
    if ($DB->error) {
        // DB error
        return xmlrpcs_resperror(99, 'DB error: ' . $DB->last_error);
        // user error 9
    }
    $total_rows = count($rows);
    logIO('Categories: ' . $total_rows);
    $ChapterCache =& get_ChapterCache();
    $data = array();
    for ($i = 0; $i < $total_rows; $i++) {
        if (!empty($params['limit']) && $i >= $params['limit']) {
            // We found enough, exit the loop
            break;
        }
        $Chapter =& $ChapterCache->get_by_ID($rows[$i]->cat_ID, false, false);
        if (!$Chapter) {
            continue;
        }
        if (isset($params['search'])) {
            // wp.suggestCategories
            $data[] = new xmlrpcval(array('category_id' => new xmlrpcval(intval($Chapter->ID)), 'category_name' => new xmlrpcval($Chapter->name)), 'struct');
        } else {
            $data[] = new xmlrpcval(array('categoryId' => new xmlrpcval(intval($Chapter->ID)), 'parentId' => new xmlrpcval(intval($Chapter->parent_ID)), 'description' => new xmlrpcval($Chapter->name), 'categoryDescription' => new xmlrpcval($Chapter->description), 'categoryName' => new xmlrpcval($Chapter->name), 'htmlUrl' => new xmlrpcval($Chapter->get_permanent_url()), 'rssUrl' => new xmlrpcval(url_add_param($Chapter->get_permanent_url(), 'tempskin=_rss2'))), 'struct');
        }
    }
    logIO('OK.');
    return new xmlrpcresp(new xmlrpcval($data, 'array'));
}
    user_prevnext_links(array('user_tab' => 'avatar'));
    // ------------- END OF PREV/NEXT USER LINKS -------------------
}
$Form = new Form($form_action, 'user_checkchanges');
if (is_admin_page()) {
    $form_class = 'fform';
    $Form->title_fmt = '<span style="float:right">$global_icons$</span><div>$title$</div>' . "\n";
    $ctrl_param = '?ctrl=user&amp;user_tab=avatar&amp;user_ID=' . $edited_User->ID;
    $form_title = '';
    $form_class = 'fform';
    $Form->title_fmt = '<span style="float:right">$global_icons$</span><div>$title$</div>' . "\n";
} else {
    global $Blog;
    $form_title = '';
    $form_class = 'bComment';
    $ctrl_param = url_add_param($Blog->gen_blogurl(), 'disp=' . $disp);
}
if ($display_mode != 'js' && is_admin_page()) {
    if (!$user_profile_only) {
        echo_user_actions($Form, $edited_User, $action);
    }
    $form_text_title = T_('Crop profile picture');
    // used for js confirmation message on leave the changed form
    $form_title = get_usertab_header($edited_User, '', $form_text_title);
}
// Display this error when JS is not enabled
echo '<noscript>' . '<p class="error text-danger">' . T_('Please activate Javascript in your browser in order to use this feature.') . '</p>' . '<style type="text/css">form#user_checkchanges { display:none }</style>' . '</noscript>';
$Form->begin_form($form_class, $form_title, array('title' => isset($form_text_title) ? $form_text_title : $form_title));
if (is_admin_page()) {
    $Form->hidden_ctrl();
} else {
 /**
  * Handle messaging module htsrv actions
  */
 function handle_htsrv_action()
 {
     global $current_User, $Blog, $Session, $Messages, $samedomain_htsrv_url;
     // Init objects we want to work on.
     $action = param_action(true, true);
     $disp = param('disp', '/^[a-z0-9\\-_]+$/', 'threads');
     // Check that this action request is not a CSRF hacked request:
     $Session->assert_received_crumb('messaging_' . $disp);
     // Load classes
     load_class('messaging/model/_thread.class.php', 'Thread');
     load_class('messaging/model/_message.class.php', 'Message');
     if (!is_logged_in()) {
         // user must be logged in
         debug_die('User must be logged in to proceed with messaging updates!');
     }
     // Check permission:
     $current_User->check_perm('perm_messaging', 'reply', true);
     // set where to redirect
     $redirect_to = param('redirect_to', 'url', NULL);
     if (empty($redirect_to)) {
         if (isset($Blog)) {
             $redirect_to = url_add_param($Blog->gen_baseurl(), 'disp=' . $disp);
         } else {
             $redirect_to = url_add_param($baseurl, 'disp=' . $disp);
         }
     }
     if ($disp != 'contacts' && ($thrd_ID = param('thrd_ID', 'integer', '', true))) {
         // Load thread from cache:
         $ThreadCache =& get_ThreadCache();
         if (($edited_Thread =& $ThreadCache->get_by_ID($thrd_ID, false)) === false) {
             unset($edited_Thread);
             forget_param('thrd_ID');
             $Messages->add(sprintf(T_('Requested &laquo;%s&raquo; object does not exist any longer.'), T_('Thread')), 'error');
             $action = 'nil';
         }
     }
     switch ($disp) {
         // threads action
         case 'threads':
             if ($action != 'create') {
                 // Make sure we got a thrd_ID:
                 param('thrd_ID', 'integer', true);
             }
             switch ($action) {
                 case 'create':
                     // create thread
                     // check if create new thread is allowed
                     if (check_create_thread_limit()) {
                         // max new threads limit reached, don't allow to create new thread
                         debug_die('Invalid request, new conversation limit already reached!');
                     }
                     if (!create_new_thread()) {
                         // unsuccessful new thread creation
                         global $edited_Thread, $edited_Message, $thrd_recipients, $thrd_recipients_array;
                         $redirect_to .= '&action=new';
                         // save new message and thread params into the Session to not lose the content
                         $unsaved_message_params = array();
                         $unsaved_message_params['subject'] = $edited_Thread->title;
                         $unsaved_message_params['message'] = $edited_Message->text;
                         $unsaved_message_params['thrdtype'] = param('thrdtype', 'string', 'individual');
                         // alternative: discussion
                         $unsaved_message_params['thrd_recipients'] = $thrd_recipients;
                         $unsaved_message_params['thrd_recipients_array'] = $thrd_recipients_array;
                         save_message_params_to_session($unsaved_message_params);
                     }
                     break;
                 case 'delete':
                     // delete thread
                     // Check permission:
                     $current_User->check_perm('perm_messaging', 'delete', true);
                     $confirmed = param('confirmed', 'integer', 0);
                     if ($confirmed) {
                         $msg = sprintf(T_('Thread &laquo;%s&raquo; deleted.'), $edited_Thread->dget('title'));
                         $edited_Thread->dbdelete(true);
                         unset($edited_Thread);
                         forget_param('thrd_ID');
                         $Messages->add($msg, 'success');
                     } else {
                         $delete_url = $samedomain_htsrv_url . 'action.php?mname=messaging&thrd_ID=' . $edited_Thread->ID . '&action=delete&confirmed=1&redirect_to=' . $redirect_to . '&' . url_crumb('messaging_threads');
                         $ok_button = '<span class="linkbutton"><a href="' . $delete_url . '">' . T_('I am sure!') . '!</a></span>';
                         $cancel_button = '<span class="linkbutton"><a href="' . $redirect_to . '">CANCEL</a></span>';
                         $msg = sprintf(T_('You are about to delete all messages in the conversation &laquo;%s&raquo;.'), $edited_Thread->dget('title'));
                         $msg .= '<br />' . T_('This CANNOT be undone!') . '<br />' . T_('Are you sure?') . '<br /><br />' . $ok_button . "\t" . $cancel_button;
                         $Messages->add($msg, 'error');
                     }
                     break;
                 case 'leave':
                     // user wants to leave the thread
                     leave_thread($edited_Thread->ID, $current_User->ID, false);
                     $Messages->add(sprintf(T_('You have successfuly left the &laquo;%s&raquo; conversation!'), $edited_Thread->get('title')), 'success');
                     break;
                 case 'close':
                     // close the thread
                 // close the thread
                 case 'close_and_block':
                     // close the thread and block contact
                     leave_thread($edited_Thread->ID, $current_User->ID, true);
                     // user has closed this conversation because there was only one other user involved
                     $Messages->add(sprintf(T_('You have successfuly closed the &laquo;%s&raquo; conversation!'), $edited_Thread->get('title')), 'success');
                     if ($action == 'close_and_block') {
                         // user also wants to block contact with the other user involved in this thread
                         $block_user_ID = param('block_ID', 'integer', true);
                         $UserCache =& get_UserCache();
                         $blocked_User = $UserCache->get_by_ID($block_user_ID);
                         set_contact_blocked($block_user_ID, true);
                         $Messages->add(sprintf(T_('&laquo;%s&raquo; was blocked.'), $blocked_User->get('login')), 'success');
                     }
                     break;
             }
             break;
             // break from threads action switch
             // contacts action
         // break from threads action switch
         // contacts action
         case 'contacts':
             $user_ID = param('user_ID', 'string', true);
             if ($action != 'block' && $action != 'unblock') {
                 // only block or unblock is valid
                 debug_die("Invalid action param");
             }
             set_contact_blocked($user_ID, $action == 'block' ? 1 : 0);
             $redirect_to = str_replace('&amp;', '&', $redirect_to);
             break;
             // messages action
         // messages action
         case 'messages':
             if ($action == 'create') {
                 // create new message
                 create_new_message($thrd_ID);
             } elseif ($action == 'delete') {
                 // Check permission:
                 $current_User->check_perm('perm_messaging', 'delete', true);
                 $msg_ID = param('msg_ID', 'integer', true);
                 $MessageCache =& get_MessageCache();
                 if (($edited_Message =& $MessageCache->get_by_ID($msg_ID, false)) === false) {
                     $Messages->add(sprintf(T_('Requested &laquo;%s&raquo; object does not exist any longer.'), T_('Message')), 'error');
                     break;
                 }
                 $confirmed = param('confirmed', 'integer', 0);
                 if ($confirmed) {
                     // delete message
                     $edited_Message->dbdelete();
                     unset($edited_Message);
                     $Messages->add(T_('Message deleted.'), 'success');
                 } else {
                     $delete_url = $samedomain_htsrv_url . 'action.php?mname=messaging&disp=messages&thrd_ID=' . $thrd_ID . '&msg_ID=' . $msg_ID . '&action=delete&confirmed=1';
                     $delete_url = url_add_param($delete_url, 'redirect_to=' . rawurlencode($redirect_to), '&') . '&' . url_crumb('messaging_messages');
                     $ok_button = '<span class="linkbutton"><a href="' . $delete_url . '">' . T_('I am sure!') . '!</a></span>';
                     $cancel_button = '<span class="linkbutton"><a href="' . $redirect_to . '">CANCEL</a></span>';
                     $msg = T_('You are about to delete this message. ') . '<br /> ' . T_('This CANNOT be undone!') . '<br />' . T_('Are you sure?') . '<br /><br />' . $ok_button . $cancel_button;
                     $Messages->add($msg, 'error');
                 }
             }
             break;
     }
     header_redirect($redirect_to);
     // Will save $Messages into Session
 }
Exemple #11
0
$sql = 'SELECT T_blogs.*, user_login
					FROM T_blogs INNER JOIN T_users ON blog_owner_user_ID = user_ID';
if (!$current_User->check_perm('blogs', 'view')) {
    // We do not have perm to view all blogs... we need to restrict to those we're a member of:
    $sql .= " LEFT JOIN T_coll_user_perms ON (blog_advanced_perms <> 0\r\n\t\t       \t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND blog_ID = bloguser_blog_ID\r\n\t\t       \t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND bloguser_user_ID = {$current_User->ID} )\r\n\t\t       LEFT JOIN T_coll_group_perms ON (blog_advanced_perms <> 0\r\n\t\t          \t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND blog_ID = bloggroup_blog_ID\r\n\t\t          \t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND bloggroup_group_ID = {$current_User->group_ID} )\r\n\t\t       WHERE blog_owner_user_ID = {$current_User->ID}\r\n\t\t       \t\t\t\tOR bloguser_ismember <> 0\r\n\t\t\t\t\t\t\t\t \tOR bloggroup_ismember <> 0";
    $no_results = T_('Sorry, you have no permission to edit/view any blog\'s properties.');
} else {
    $no_results = T_('No blog has been created yet!');
}
// Create result set:
$Results =& new Results($sql, 'blog_');
$Results->Cache =& get_Cache('BlogCache');
$Results->title = T_('Blog list');
$Results->no_results_text = $no_results;
if ($current_User->check_perm('blogs', 'create')) {
    $Results->global_icon(T_('New blog...'), 'new', url_add_param($dispatcher, 'ctrl=collections&amp;action=new'), T_('New blog...'), 3, 4);
}
$Results->cols[] = array('th' => T_('ID'), 'order' => 'blog_ID', 'th_class' => 'shrinkwrap', 'td_class' => 'shrinkwrap', 'td' => '$blog_ID$');
function disp_coll_name($coll_name, $coll_ID)
{
    global $current_User, $ctrl;
    if ($ctrl == 'dashboard') {
        // Dashboard
        $edit_url = regenerate_url('ctrl', 'ctrl=dashboard&amp;blog=' . $coll_ID);
        $r = '<a href="' . $edit_url . '">';
        $r .= $coll_name;
        $r .= '</a>';
    } elseif ($current_User->check_perm('blog_properties', 'edit', false, $coll_ID)) {
        // Blog setting & can edit
        $edit_url = regenerate_url('ctrl', 'ctrl=coll_settings&amp;blog=' . $coll_ID);
        $r = '<a href="' . $edit_url . '" title="' . T_('Edit properties...') . '">';
Exemple #12
0
/**
 * wp.getTags
 *
 * @see http://codex.wordpress.org/XML-RPC_wp#wp.getTags
 *
 * @param xmlrpcmsg XML-RPC Message
 *					0 blogid (int): Unique identifier of the blog.
 *					1 username (string): User login.
 *					2 password (string): Password for said username.
 */
function wp_gettags($m)
{
    // CHECK LOGIN:
    /**
     * @var User
     */
    if (!($current_User =& xmlrpcs_login($m, 1, 2))) {
        // Login failed, return (last) error:
        return xmlrpcs_resperror();
    }
    // GET BLOG:
    /**
     * @var Blog
     */
    if (!($Blog =& xmlrpcs_get_Blog($m, 0))) {
        // Login failed, return (last) error:
        return xmlrpcs_resperror();
    }
    $data = array();
    $tags = get_tags($Blog->ID);
    if (!empty($tags)) {
        logIO('Got ' . count($tags) . ' tags');
        load_funcs('_core/_url.funcs.php');
        $BlogCache =& get_BlogCache();
        foreach ($tags as $tag) {
            if (($l_Blog =& $BlogCache->get_by_id($tag->cat_blog_ID, false)) === false) {
                continue;
            }
            $tag_url = $l_Blog->gen_tag_url($tag->tag_name);
            $data[] = new xmlrpcval(array('tag_id' => new xmlrpcval($tag->tag_ID, 'int'), 'name' => new xmlrpcval($tag->tag_name), 'count' => new xmlrpcval($tag->tag_count, 'int'), 'slug' => new xmlrpcval(''), 'html_url' => new xmlrpcval($tag_url), 'rss_url' => new xmlrpcval(url_add_param($tag_url, 'tempskin=_rss2', '&'))), 'struct');
        }
    }
    logIO('OK.');
    return new xmlrpcresp(new xmlrpcval($data, 'array'));
}
Exemple #13
0
            $link_log_in = 'href="' . get_login_url('blocked comment email', $commented_Item->get_url('public_view')) . '"';
            $link_register = 'href="' . get_user_register_url($commented_Item->get_url('public_view'), 'blocked comment email') . '"';
            $Messages->add(sprintf(T_('Your comment contains an email address. Please <a %s>log in</a> or <a %s>create an account now</a> instead. This will allow people to send you private messages without revealing your email address to SPAM robots.'), $link_log_in, $link_register), 'error');
            // Save the user data if he will go to register form after this action
            $register_user = array('name' => $Comment->author, 'email' => $Comment->author_email);
            $Session->set('core.register_user', $register_user);
        } else {
            // No registration
            $Messages->add(T_('Your comment contains an email address. We recommend you check the box "Allow message form." below instead. This will allow people to contact you without revealing your email address to SPAM robots.'), 'error');
        }
    }
    // Passthrough comment_cookies & comment_allow_msgform params:
    // fp> moved this down here in order to keep return URLs clean whenever this is not needed.
    $redirect_to = url_add_param($redirect_to, 'redir=no&comment_cookies=' . $comment_cookies . '&comment_allow_msgform=' . $comment_allow_msgform, '&');
    if (!empty($reply_ID)) {
        $redirect_to = url_add_param($redirect_to, 'reply_ID=' . $reply_ID, '&');
    }
    $redirect_to .= '#comment_preview';
    header_redirect();
    exit(0);
} else {
    // delete any preview comment from session data:
    $Session->delete('core.preview_Comment');
}
// RECORD comment:
$result = $Comment->dbinsert();
// Create links
if ($result && !empty($preview_attachments)) {
    global $DB;
    load_class('links/model/_linkcomment.class.php', 'LinkComment');
    $order = 1;
 /**
  * Display the widget!
  *
  * @param array MUST contain at least the basic display params
  */
 function display($params)
 {
     /**
      * @var Blog
      */
     global $Blog;
     $this->init_display($params);
     // Collection common links:
     echo $this->disp_params['block_start'];
     // Display title if requested
     $this->disp_title();
     echo $this->disp_params['list_start'];
     if ($this->disp_params['show_recently']) {
         echo $this->disp_params['item_start'];
         echo '<strong><a href="' . $Blog->get('url') . '">' . T_('Recently') . '</a></strong>';
         echo $this->disp_params['item_end'];
     }
     if ($this->disp_params['show_search']) {
         echo $this->disp_params['item_start'];
         echo '<strong><a href="' . $Blog->get('searchurl') . '">' . T_('Search') . '</a></strong>';
         echo $this->disp_params['item_end'];
     }
     if ($this->disp_params['show_postidx']) {
         echo $this->disp_params['item_start'];
         echo '<strong><a href="' . $Blog->get('postidxurl') . '">' . T_('Post index') . '</a></strong>';
         echo $this->disp_params['item_end'];
     }
     if ($this->disp_params['show_archives']) {
         // fp> TODO: don't display this if archives plugin not installed... or depluginize archives (I'm not sure)
         echo $this->disp_params['item_start'];
         echo '<strong><a href="' . $Blog->get('arcdirurl') . '">' . T_('Archives') . '</a></strong>';
         echo $this->disp_params['item_end'];
     }
     if ($this->disp_params['show_categories']) {
         echo $this->disp_params['item_start'];
         echo '<strong><a href="' . $Blog->get('catdirurl') . '">' . T_('Categories') . '</a></strong>';
         echo $this->disp_params['item_end'];
     }
     if ($this->disp_params['show_mediaidx']) {
         echo $this->disp_params['item_start'];
         echo '<strong><a href="' . $Blog->get('mediaidxurl') . '">' . T_('Photo index') . '</a></strong>';
         echo $this->disp_params['item_end'];
     }
     if ($this->disp_params['show_latestcomments'] && $Blog->get_setting('comments_latest')) {
         // Display link to latest comments if this feature is enabled for current blog
         echo $this->disp_params['item_start'];
         echo '<strong><a href="' . $Blog->get('lastcommentsurl') . '">' . T_('Latest comments') . '</a></strong>';
         echo $this->disp_params['item_end'];
     }
     if ($this->disp_params['show_owneruserinfo']) {
         echo $this->disp_params['item_start'];
         echo '<strong><a href="' . url_add_param($Blog->get('userurl'), 'user_ID=' . $Blog->owner_user_ID) . '">' . T_('Owner details') . '</a></strong>';
         echo $this->disp_params['item_end'];
     }
     if ($this->disp_params['show_ownercontact'] && ($url = $Blog->get_contact_url(true))) {
         // owner allows contact:
         echo $this->disp_params['item_start'];
         echo '<strong><a href="' . $url . '">' . T_('Contact') . '</a></strong>';
         echo $this->disp_params['item_end'];
     }
     if ($this->disp_params['show_sitemap']) {
         echo $this->disp_params['item_start'];
         echo '<strong><a href="' . $Blog->get('sitemapurl') . '">' . T_('Site map') . '</a></strong>';
         echo $this->disp_params['item_end'];
     }
     echo $this->disp_params['list_end'];
     echo $this->disp_params['block_end'];
     return true;
 }
Exemple #15
0
/**
 * Template tag. Initializes internal states for the most common skin displays.
 *
 * For more specific skins, this function should not be called and
 * equivalent code should be customized within the skin.
 *
 * @param string What are we going to display. Most of the time the global $disp should be passed.
 */
function skin_init($disp)
{
    /**
     * @var Blog
     */
    global $Blog;
    /**
     * @var Item
     */
    global $Item;
    /**
     * @var Skin
     */
    global $Skin;
    global $robots_index;
    global $seo_page_type;
    global $redir, $ReqURL, $ReqURI, $m, $w, $preview;
    global $Chapter;
    global $Debuglog;
    /**
     * @var ItemList2
     */
    global $MainList;
    /**
     * This will give more detail when $disp == 'posts'; otherwise it will have the same content as $disp
     * @var string
     */
    global $disp_detail, $Settings;
    global $Timer;
    global $Messages, $PageCache;
    $Timer->resume('skin_init');
    if (empty($disp_detail)) {
        $disp_detail = $disp;
    }
    $Debuglog->add('skin_init: ' . $disp, 'skins');
    // This is the main template; it may be used to display very different things.
    // Do inits depending on current $disp:
    switch ($disp) {
        case 'posts':
        case 'single':
        case 'page':
        case 'feedback-popup':
        case 'search':
            // We need to load posts for this display:
            // Note: even if we request the same post as $Item above, the following will do more restrictions (dates, etc.)
            // Init the MainList object:
            init_MainList($Blog->get_setting('posts_per_page'));
            // Init post navigation
            $post_navigation = $Skin->get_post_navigation();
            if (empty($post_navigation)) {
                $post_navigation = $Blog->get_setting('post_navigation');
            }
            break;
    }
    // SEO stuff & redirects if necessary:
    $seo_page_type = NULL;
    switch ($disp) {
        // CONTENT PAGES:
        case 'single':
        case 'page':
            init_ajax_forms();
            // auto requires jQuery
            init_ratings_js();
            init_voting_comment_js();
            init_scrollwide_js();
            // Add jQuery Wide Scroll plugin
            if ($disp == 'single') {
                $seo_page_type = 'Single post page';
            } else {
                $seo_page_type = '"Page" page';
            }
            // Check if the post has 'redirected' status:
            if (!$preview && $Item->status == 'redirected' && $redir == 'yes') {
                // $redir=no here allows to force a 'single post' URL for commenting
                // Redirect to the URL specified in the post:
                $Debuglog->add('Redirecting to post URL [' . $Item->url . '].');
                header_redirect($Item->url, true);
            }
            // Check if we want to redirect to a canonical URL for the post
            // Please document encountered problems.
            if (!$preview && ($Blog->get_setting('canonical_item_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_item_urls'))) {
                // We want to redirect to the Item's canonical URL:
                $canonical_url = $Item->get_permanent_url('', '', '&');
                if (preg_match('|[&?](page=\\d+)|', $ReqURI, $page_param)) {
                    // A certain post page has been requested, keep only this param and discard all others:
                    $canonical_url = url_add_param($canonical_url, $page_param[1], '&');
                }
                if (preg_match('|[&?](mode=quote&[qcp]+=\\d+)|', $ReqURI, $page_param)) {
                    // A quote of comment/post, keep only these params and discard all others:
                    $canonical_url = url_add_param($canonical_url, $page_param[1], '&');
                }
                if (!is_same_url($ReqURL, $canonical_url)) {
                    // The requested URL does not look like the canonical URL for this post...
                    // url difference was resolved
                    $url_resolved = false;
                    // Check if the difference is because of an allowed post navigation param
                    if (preg_match('|[&?]cat=(\\d+)|', $ReqURI, $cat_param)) {
                        // A category post navigation param is set
                        $extended_url = '';
                        if ($post_navigation == 'same_category' && isset($cat_param[1])) {
                            // navigatie through posts from the same category
                            $category_ids = postcats_get_byID($Item->ID);
                            if (in_array($cat_param[1], $category_ids)) {
                                // cat param is one of this Item categories
                                $extended_url = $Item->add_navigation_param($canonical_url, $post_navigation, $cat_param[1], '&');
                                // Set MainList navigation target to the requested category
                                $MainList->nav_target = $cat_param[1];
                            }
                        }
                        $url_resolved = is_same_url($ReqURL, $extended_url);
                    }
                    if (!$url_resolved && $Blog->get_setting('canonical_item_urls') && $redir == 'yes' && !$Item->check_cross_post_nav('auto', $Blog->ID)) {
                        // REDIRECT TO THE CANONICAL URL:
                        $Debuglog->add('Redirecting to canonical URL [' . $canonical_url . '].');
                        header_redirect($canonical_url, true);
                    } else {
                        // Use rel="canoncial":
                        add_headline('<link rel="canonical" href="' . $canonical_url . '" />');
                    }
                    // EXITED.
                }
            }
            if (!$MainList->result_num_rows) {
                // There is nothing to display for this page, don't index it!
                $robots_index = false;
            }
            break;
        case 'posts':
            init_ajax_forms('blog');
            // auto requires jQuery
            init_scrollwide_js('blog');
            // Add jQuery Wide Scroll plugin
            // fp> if we add this here, we have to exetnd the inner if()
            // init_ratings_js( 'blog' );
            // Get list of active filters:
            $active_filters = $MainList->get_active_filters();
            if (!empty($active_filters)) {
                // The current page is being filtered...
                if (array_diff($active_filters, array('page')) == array()) {
                    // This is just a follow "paged" page
                    $disp_detail = 'posts-next';
                    $seo_page_type = 'Next page';
                    if ($Blog->get_setting('paged_noindex')) {
                        // We prefer robots not to index category pages:
                        $robots_index = false;
                    }
                } elseif (array_diff($active_filters, array('cat_array', 'cat_modifier', 'cat_focus', 'posts', 'page')) == array()) {
                    // This is a category page
                    $disp_detail = 'posts-cat';
                    $seo_page_type = 'Category page';
                    if ($Blog->get_setting('chapter_noindex')) {
                        // We prefer robots not to index category pages:
                        $robots_index = false;
                    }
                    global $cat, $catsel;
                    if (empty($catsel) && preg_match('~[0-9]+~', $cat)) {
                        // We are on a single cat page:
                        // NOTE: we must have selected EXACTLY ONE CATEGORY through the cat parameter
                        // BUT: - this can resolve to including children
                        //      - selecting exactly one cat through catsel[] is NOT OK since not equivalent (will exclude children)
                        // echo 'SINGLE CAT PAGE';
                        if ($Blog->get_setting('canonical_cat_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_cat_urls')) {
                            // Check if the URL was canonical:
                            if (!isset($Chapter)) {
                                $ChapterCache =& get_ChapterCache();
                                /**
                                 * @var Chapter
                                 */
                                $Chapter =& $ChapterCache->get_by_ID($MainList->filters['cat_array'][0], false);
                            }
                            if ($Chapter) {
                                if ($Chapter->parent_ID) {
                                    // This is a sub-category page (i-e: not a level 1 category)
                                    $disp_detail = 'posts-subcat';
                                }
                                $canonical_url = $Chapter->get_permanent_url(NULL, NULL, $MainList->get_active_filter('page'), NULL, '&');
                                if (!is_same_url($ReqURL, $canonical_url)) {
                                    // fp> TODO: we're going to lose the additional params, it would be better to keep them...
                                    // fp> what additional params actually?
                                    if ($Blog->get_setting('canonical_cat_urls') && $redir == 'yes') {
                                        // REDIRECT TO THE CANONICAL URL:
                                        header_redirect($canonical_url, true);
                                    } else {
                                        // Use rel="canonical":
                                        add_headline('<link rel="canonical" href="' . $canonical_url . '" />');
                                    }
                                }
                            }
                        }
                        if ($post_navigation == 'same_category') {
                            // Category is set and post navigation should go through the same category, set navigation target param
                            $MainList->nav_target = $cat;
                        }
                    }
                } elseif (array_diff($active_filters, array('tags', 'posts', 'page')) == array()) {
                    // This is a tag page
                    $disp_detail = 'posts-tag';
                    $seo_page_type = 'Tag page';
                    if ($Blog->get_setting('tag_noindex')) {
                        // We prefer robots not to index tag pages:
                        $robots_index = false;
                    }
                    if ($Blog->get_setting('canonical_tag_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_tag_urls')) {
                        // Check if the URL was canonical:
                        $canonical_url = $Blog->gen_tag_url($MainList->get_active_filter('tags'), $MainList->get_active_filter('page'), '&');
                        if (!is_same_url($ReqURL, $canonical_url)) {
                            if ($Blog->get_setting('canonical_tag_urls') && $redir == 'yes') {
                                // REDIRECT TO THE CANONICAL URL:
                                header_redirect($canonical_url, true);
                            } else {
                                // Use rel="canoncial":
                                add_headline('<link rel="canonical" href="' . $canonical_url . '" />');
                            }
                        }
                    }
                } elseif (array_diff($active_filters, array('ymdhms', 'week', 'posts', 'page')) == array()) {
                    // This is an archive page
                    // echo 'archive page';
                    $disp_detail = 'posts-date';
                    $seo_page_type = 'Date archive page';
                    if ($Blog->get_setting('canonical_archive_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_archive_urls')) {
                        // Check if the URL was canonical:
                        $canonical_url = $Blog->gen_archive_url(substr($m, 0, 4), substr($m, 4, 2), substr($m, 6, 2), $w, '&', $MainList->get_active_filter('page'));
                        if (!is_same_url($ReqURL, $canonical_url)) {
                            if ($Blog->get_setting('canonical_archive_urls') && $redir == 'yes') {
                                // REDIRECT TO THE CANONICAL URL:
                                header_redirect($canonical_url, true);
                            } else {
                                // Use rel="canoncial":
                                add_headline('<link rel="canonical" href="' . $canonical_url . '" />');
                            }
                        }
                    }
                    if ($Blog->get_setting('archive_noindex')) {
                        // We prefer robots not to index archive pages:
                        $robots_index = false;
                    }
                } else {
                    // Other filtered pages:
                    // pre_dump( $active_filters );
                    $disp_detail = 'posts-filtered';
                    $seo_page_type = 'Other filtered page';
                    if ($Blog->get_setting('filtered_noindex')) {
                        // We prefer robots not to index other filtered pages:
                        $robots_index = false;
                    }
                }
            } else {
                // This is the default blog page
                $disp_detail = 'posts-default';
                $seo_page_type = 'Default page';
                if ($Blog->get_setting('canonical_homepage') && $redir == 'yes' || $Blog->get_setting('relcanonical_homepage')) {
                    // Check if the URL was canonical:
                    $canonical_url = $Blog->gen_blogurl();
                    if (!is_same_url($ReqURL, $canonical_url)) {
                        if ($Blog->get_setting('canonical_homepage') && $redir == 'yes') {
                            // REDIRECT TO THE CANONICAL URL:
                            header_redirect($canonical_url, true);
                        } else {
                            // Use rel="canoncial":
                            add_headline('<link rel="canonical" href="' . $canonical_url . '" />');
                        }
                    }
                }
                if ($Blog->get_setting('default_noindex')) {
                    // We prefer robots not to index archive pages:
                    $robots_index = false;
                }
            }
            break;
        case 'search':
            $seo_page_type = 'Search page';
            if ($Blog->get_setting('filtered_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
            // SPECIAL FEATURE PAGES:
        // SPECIAL FEATURE PAGES:
        case 'feedback-popup':
            $seo_page_type = 'Comment popup';
            if ($Blog->get_setting($disp . '_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
        case 'arcdir':
            $seo_page_type = 'Date archive directory';
            if ($Blog->get_setting($disp . '_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
        case 'catdir':
            $seo_page_type = 'Category directory';
            if ($Blog->get_setting($disp . '_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
        case 'msgform':
            init_ajax_forms('blog');
            // auto requires jQuery
            $seo_page_type = 'Contact form';
            if ($Blog->get_setting($disp . '_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
        case 'messages':
        case 'contacts':
        case 'threads':
            init_results_js('blog');
            // Add functions to work with Results tables
            // just in case some robot would be logged in:
            $seo_page_type = 'Messaging module';
            $robots_index = false;
            break;
        case 'login':
            global $Plugins, $transmit_hashed_password;
            $seo_page_type = 'Login form';
            $robots_index = false;
            require_js('functions.js', 'blog');
            $transmit_hashed_password = (bool) $Settings->get('js_passwd_hashing') && !(bool) $Plugins->trigger_event_first_true('LoginAttemptNeedsRawPassword');
            if ($transmit_hashed_password) {
                // Include JS for client-side password hashing:
                require_js('sha1_md5.js', 'blog');
            }
            break;
        case 'register':
            if (is_logged_in()) {
                // If user is logged in the register form should not be displayed. In this case redirect to the blog home page.
                $Messages->add(T_('You are already logged in.'), 'note');
                header_redirect($Blog->gen_blogurl(), false);
            }
            $seo_page_type = 'Register form';
            $robots_index = false;
            break;
        case 'lostpassword':
            if (is_logged_in()) {
                // If user is logged in the lost password form should not be displayed. In this case redirect to the blog home page.
                $Messages->add(T_('You are already logged in.'), 'note');
                header_redirect($Blog->gen_blogurl(), false);
            }
            $seo_page_type = 'Lost password form';
            $robots_index = false;
            break;
        case 'profile':
            global $rsc_url;
            require_css($rsc_url . 'css/jquery/smoothness/jquery-ui.css');
            init_userfields_js('blog');
        case 'avatar':
        case 'pwdchange':
        case 'userprefs':
        case 'subs':
            $seo_page_type = 'Special feature page';
            if ($Blog->get_setting('special_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
        case 'users':
            $seo_page_type = 'Users list';
            $robots_index = false;
            global $rsc_url;
            require_css($rsc_url . 'css/jquery/smoothness/jquery-ui.css');
            init_results_js('blog');
            // Add functions to work with Results tables
            break;
        case 'user':
            $seo_page_type = 'User display';
            if (is_logged_in()) {
                // Used for combo_box contacts groups
                require_js('form_extensions.js', 'blog');
            }
            break;
        case 'edit':
            init_datepicker_js('blog');
            require_js('admin.js', 'blog');
            init_inskin_editing('blog');
            init_plugins_js('blog');
            break;
        case 'edit_comment':
            init_plugins_js('blog');
            break;
        case 'useritems':
        case 'usercomments':
            global $inc_path, $display_params, $viewed_User;
            // get user_ID because we want it in redirect_to in case we need to ask for login.
            $user_ID = param('user_ID', 'integer', true, true);
            if (empty($user_ID)) {
                bad_request_die(sprintf(T_('Parameter &laquo;%s&raquo; is required!'), 'user_ID'));
            }
            // set where to redirect in case of error
            $error_redirect_to = empty($Blog) ? $baseurl : $Blog->gen_blogurl();
            if (!is_logged_in()) {
                // Redirect to the login page if not logged in and allow anonymous user setting is OFF
                $Messages->add(T_('You must log in to view this user profile.'));
                header_redirect(get_login_url('cannot see user'), 302);
                // will have exited
            }
            if (is_logged_in() && !check_user_status('can_view_user', $user_ID)) {
                // user is logged in, but his/her status doesn't permit to view user profile
                if (check_user_status('can_be_validated')) {
                    // user is logged in but his/her account is not active yet
                    // Redirect to the account activation page
                    $Messages->add(T_('You must activate your account before you can view this user profile. <b>See below:</b>'));
                    header_redirect(get_activate_info_url(), 302);
                    // will have exited
                }
                $Messages->add(T_('Your account status currently does not permit to view this user profile.'));
                header_redirect($error_redirect_to, 302);
                // will have exited
            }
            if (!empty($user_ID)) {
                $UserCache =& get_UserCache();
                $viewed_User = $UserCache->get_by_ID($user_ID, false);
                if (empty($viewed_User)) {
                    $Messages->add(T_('The requested user does not exist!'));
                    header_redirect($error_redirect_to);
                    // will have exited
                }
                if ($viewed_User->check_status('is_closed')) {
                    $Messages->add(T_('The requested user account is closed!'));
                    header_redirect($error_redirect_to);
                    // will have exited
                }
            }
            // Require results.css to display thread query results in a table
            require_css('results.css');
            // Results/tables styles
            // Require functions.js to show/hide a panel with filters
            require_js('functions.js', 'blog');
            // Include this file to expand/collapse the filters panel when JavaScript is disabled
            require_once $inc_path . '_filters.inc.php';
            $display_params = !empty($Skin) ? $Skin->get_template('Results') : NULL;
            if ($disp == 'useritems') {
                // Init items list
                global $user_ItemList;
                $param_prefix = 'useritems_';
                $page = param($param_prefix . 'paged', 'integer', 1);
                $orderby = param($param_prefix . 'orderby', 'string', $Blog->get_setting('orderby'));
                $order = param($param_prefix . 'order', 'string', $Blog->get_setting('orderdir'));
                $useritems_Blog = NULL;
                $user_ItemList = new ItemList2($useritems_Blog, NULL, NULL, NULL, 'ItemCache', $param_prefix);
                $user_ItemList->load_from_Request();
                $user_ItemList->set_filters(array('page' => $page, 'authors' => $user_ID, 'orderby' => str_replace($param_prefix, '', $orderby), 'order' => str_replace($param_prefix, '', $order)));
                $user_ItemList->query();
            } else {
                // Init comments list
                global $user_CommentList;
                $param_prefix = 'usercmts_';
                $page = param($param_prefix . 'paged', 'integer', 1);
                $orderby = param($param_prefix . 'orderby', 'string', 'date');
                $order = param($param_prefix . 'order', 'string', $Blog->get_setting('orderdir'));
                $user_CommentList = new CommentList2(NULL, NULL, 'CommentCache', $param_prefix);
                $user_CommentList->load_from_Request();
                $user_CommentList->set_filters(array('page' => $page, 'author_IDs' => $user_ID, 'orderby' => str_replace($param_prefix, '', $orderby), 'order' => str_replace($param_prefix, '', $order)));
                $user_CommentList->query();
            }
            break;
        case 'comments':
            if (!$Blog->get_setting('comments_latest')) {
                // If latest comments page is disabled - Display 404 page with error message
                $Messages->add(T_('This feature is disabled.'), 'error');
                global $disp;
                $disp = '404';
            } else {
                break;
            }
        case '404':
            // We have a 404 unresolved content error
            // How do we want do deal with it?
            skin_404_header();
            // This MAY or MAY not have exited -- will exit on 30x redirect, otherwise will return here.
            // Just in case some dumb robot needs extra directives on this:
            $robots_index = false;
            break;
    }
    if (!empty($_SERVER['HTTP_USER_AGENT'])) {
        // Detect IE browser version
        preg_match('/msie (\\d+)/i', $_SERVER['HTTP_USER_AGENT'], $browser_ie);
        if (count($browser_ie) == 2 && $browser_ie[1] < 7) {
            // IE < 7
            require_css('ie6.css', 'relative');
            $Messages->add(T_('Your web browser is too old. For this site to work correctly, we recommend you use a more recent browser.'), 'note');
        }
    }
    // dummy var for backward compatibility with versions < 2.4.1 -- prevents "Undefined variable"
    global $global_Cache, $credit_links;
    $credit_links = $global_Cache->get('creds');
    $Timer->pause('skin_init');
    // Check if user is logged in with a not active account, and display an error message if required
    check_allow_disp($disp);
    // initialize Blog enabled widgets, before displaying anything
    init_blog_widgets($Blog->ID);
    // Initialize displaying....
    $Timer->start('Skin:display_init');
    $Skin->display_init();
    $Timer->pause('Skin:display_init');
    // Send default headers:
    // See comments inside of this function:
    headers_content_mightcache('text/html');
    // In most situations, you do NOT want to cache dynamic content!
    // Never allow Messages to be cached!
    if ($Messages->count() && !empty($PageCache)) {
        // Abort PageCache collect
        $PageCache->abort_collect();
    }
}
    /**
     * Display the widget!
     *
     * @param array MUST contain at least the basic display params
     */
    function display($params)
    {
        // Template params: $widget_title$, $switch_url$
        $params = array_merge(array('wms_template_normal_to_mobile' => '<p><a href="$switch_url$">' . T_('Switch to mobile skin') . '</a></p>', 'wms_template_normal_to_tablet' => '<p><a href="$switch_url$">' . T_('Switch to tablet skin') . '</a></p>', 'wms_template_mobile' => '<div id="switch">$widget_title$:<div>
							<span class="on active">' . T_('ON') . '</span>
							<a href="$switch_url$" class="off">' . T_('OFF') . '</a>
						</div></div>', 'wms_template_tablet' => '<div id="switch">$widget_title$:<div>
							<span class="on active">' . T_('ON') . '</span>
							<a href="$switch_url$" class="off">' . T_('OFF') . '</a>
						</div></div>'), $params);
        global $ReqURI, $Session, $Blog;
        if (empty($Blog)) {
            // Blog must be defined
            return;
        }
        $is_mobile_session = $Session->is_mobile_session();
        $is_tablet_session = $Session->is_tablet_session();
        if (!$is_mobile_session && !$is_tablet_session || $is_mobile_session && $Blog->get_setting('mobile_skin_ID', true) < 1 || $is_tablet_session && $Blog->get_setting('tablet_skin_ID', true) < 1) {
            // Display the switcher only for mobile/tablet devices and when the mobile/tablet skins are defined
            return;
        }
        $force_skin = $Session->get('force_skin');
        $this->init_display($params);
        // Collection common links:
        echo $this->disp_params['block_start'];
        if (empty($force_skin) || $force_skin == 'mobile' || $force_skin == 'tablet') {
            // Mobile skin is enabled now, Display a link to switch on desktop skin
            if (empty($force_skin)) {
                // Set what skin to use when user didn't switch skin yet
                $force_skin = $is_mobile_session ? 'mobile' : 'tablet';
            }
            $switch_url = url_add_param($ReqURI, 'force_skin=normal');
            $template_name = 'wms_template_' . $force_skin;
        } else {
            // Desktop skin is enabled now, Display a link to switch back on mobile/tablet skin
            $this->disp_title($this->disp_params['title']);
            $switch_url = url_add_param($ReqURI, 'force_skin=auto');
            if ($is_mobile_session) {
                // Mobile session
                $template_name = 'wms_template_normal_to_mobile';
            } else {
                // Tablet session
                $template_name = 'wms_template_normal_to_tablet';
            }
        }
        echo $this->disp_params['block_body_start'];
        // Print out the template with the replaced vars
        echo str_replace(array('$widget_title$', '$switch_url$'), array($this->disp_params['title'], $switch_url), $params[$template_name]);
        echo $this->disp_params['block_body_end'];
        echo $this->disp_params['block_end'];
        return true;
    }
                // Redirect to upload avatar
                $redirect_to = get_user_avatar_url();
            }
            break;
        case 'upload_avatar':
            // Redirect to display user profile form
            $redirect_to = url_add_param($Blog->gen_blogurl(), 'disp=profile', '&');
            break;
    }
    if (!empty($redirect_to)) {
        header_redirect($redirect_to);
    }
}
if (!param_errors_detected() || !isset($disp)) {
    // User data is updated without errors
    // redirect will save $Messages into Session:
    $redirect_to = NULL;
    if (isset($disp)) {
        $redirect_to = url_add_param($Blog->gen_blogurl(), 'disp=' . $disp, '&');
    }
    // redirect to the corresponding display form
    header_redirect($redirect_to);
    // EXITED
} else {
    // Errors exist; Don't redirect; Display a template to save a received data from request
    $SkinCache =& get_SkinCache();
    $Skin =& $SkinCache->get_by_ID($Blog->get_skin_ID());
    $skin = $Skin->folder;
    $ads_current_skin_path = $skins_path . $skin . '/';
    require $ads_current_skin_path . 'index.main.php';
}
            param('comments_number', 'integer', $total_comments_number);
        }
        $show_comments_expiry = param('show_comments_expiry', 'string', 'active', false, true);
        $expiry_statuses = array('active');
        if ($show_comments_expiry == 'all') {
            // Display also the expired comments
            $expiry_statuses[] = 'expired';
        }
        global $CommentList;
        $CommentList = new CommentList2($Blog);
        // Filter list:
        $CommentList->set_filters(array('types' => array('comment', 'trackback', 'pingback'), 'statuses' => $statuses, 'order' => 'ASC', 'post_ID' => $Item->ID, 'comments' => 20, 'expiry_statuses' => $expiry_statuses));
        $CommentList->query();
        // We do not want to comment actions use new redirect
        param('save_context', 'boolean', false);
        param('redirect_to', 'url', url_add_param($admin_url, 'ctrl=items&blog=' . $blog . '&p=' . $Item->ID, '&'), false, true);
        param('item_id', 'integer', $Item->ID);
        param('currentpage', 'integer', 1);
        param('show_comments', 'string', $show_comments, false, true);
        // display status filter
        ?>
			<div class="bFeedback">
			<a id="comments"></a>
			<h4>
			<?php 
        echo T_('Comments'), ', ', T_('Trackbacks'), ', ', T_('Pingbacks') . ' (' . generic_ctp_number($Item->ID, 'feedbacks', 'total') . ')';
        $opentrash_link = get_opentrash_link();
        $refresh_link = '<span class="floatright">' . action_icon(T_('Refresh comment list'), 'refresh', 'javascript:startRefreshComments(' . $Item->ID . ')') . '</span> ';
        echo $refresh_link . $opentrash_link;
        ?>
:</h4>
Exemple #19
0

<?php 
// ------------------------- MESSAGES GENERATED FROM ACTIONS -------------------------
messages(array('block_start' => '<div class="action_messages">', 'block_end' => '</div>'));
// --------------------------------- END OF MESSAGES ---------------------------------
?>


<?php 
// ----------------------------- MESSAGE FORM ----------------------------
if (empty($return)) {
    // We are *not* coming back after sending a message:
    if (empty($redirect_to)) {
        // We haven't asked for a specific return URL, so we'll come back to here with a param.
        $redirect_to = url_add_param($ReqURI, 'return=1', '&');
    }
    // The form, per se:
    require $skins_path . '_msgform.disp.php';
} else {
    // We are coming back after sending a message:
    echo '<p>' . T_('Thank you for your message. I will reply as soon as possible.') . '</p>';
    // This is useful for testing but does not really make sense on production:
    echo '<p><a href="' . regenerate_url() . '">' . T_('Send another message?') . '</a></p>';
}
// ------------------------- END OF MESSAGE FORM -------------------------
?>



/**
 * Memorize that a specific css that file will be required by the current page.
 * All requested files will be included in the page head only once (when headlines is called)
 *
 * Accepts absolute urls, filenames relative to the rsc/css directory.
 * Set $relative_to_base to TRUE to prevent this function from adding on the rsc_path
 *
 * @todo dh>merge with require_js()
 * @param string alias, url or filename (relative to rsc/css) for CSS file
 * @param boolean|string Is the file's path relative to the base path/url?
 * @param string title.  The title for the link tag
 * @param string media.  ie, 'print'
 * @param string version number to append at the end of requested url to avoid getting an old version from the cache
 */
function require_css($css_file, $relative_to = 'rsc_url', $title = NULL, $media = NULL, $version = '#')
{
    global $rsc_url, $debug, $app_version;
    static $required_css;
    if ($relative_to === 'relative' || $relative_to === true) {
        // Make the file relative to current page <base>:
        $css_url = $css_file;
    } elseif (preg_match('~^https?://~', $css_file)) {
        // It's an absolute url, keep it as is:
        $css_url = $css_file;
    } elseif ($relative_to === 'rsc_url' || $relative_to === false) {
        // Get the file from $rsc_url:
        $css_url = $rsc_url . 'css/' . $css_file;
    } elseif ($relative_to === 'blog') {
        // Get the file from $rsc_url:
        global $Blog;
        $css_url = $Blog->get_local_rsc_url() . 'css/' . $css_file;
    } else {
        debug_die('Unknown $relative to argument in require_css()');
    }
    if (!empty($version)) {
        // Be sure to get a fresh copy of this CSS file after application upgrades:
        if ($version == '#') {
            $version = $app_version;
        }
        $css_url = url_add_param($css_url, 'v=' . $version);
    }
    // Add to headlines, if not done already:
    // fp> TODO: check for url without version to avoid duplicate load due to lack of verison in @import statements
    if (empty($required_css) || !in_array(strtolower($css_url), $required_css)) {
        $required_css[] = strtolower($css_url);
        $start_link_tag = '<link rel="stylesheet"';
        if (!empty($title)) {
            $start_link_tag .= ' title="' . $title . '"';
        }
        if (!empty($media)) {
            $start_link_tag .= ' media="' . $media . '"';
        }
        $start_link_tag .= ' type="text/css" href="';
        $end_link_tag = '" />';
        add_headline($start_link_tag . $css_url . $end_link_tag);
    }
}
Exemple #21
0
/**
 * Outputs debug info, according to {@link $debug} or $force param. This gets called typically at the end of the page.
 *
 * @param boolean true to force output regardless of {@link $debug}
 * @param boolean true to force clean output (without HTML) regardless of {@link $is_cli}
 */
function debug_info($force = false, $force_clean = false)
{
    global $debug, $debug_done, $debug_jslog, $debug_jslog_done, $Debuglog, $DB, $obhandler_debug, $Timer, $ReqHost, $ReqPath, $is_cli;
    global $cache_imgsize, $cache_File;
    global $Session;
    global $db_config, $tableprefix, $http_response_code, $disp, $disp_detail, $robots_index, $robots_follow, $content_type_header;
    /**
     * @var Hit
     */
    global $Hit;
    // Detect content-type
    $content_type = NULL;
    foreach (headers_list() as $header) {
        if (stripos($header, 'content-type:') !== false) {
            // content type sent
            # "Content-Type:text/html;charset=utf-8" => "text/html"
            $content_type = trim(array_shift(explode(';', array_pop(explode(':', $header, 2)))));
            break;
        }
    }
    // ---- Print AJAX Log
    if (empty($debug_jslog_done) && ($debug || $debug_jslog) && $content_type == 'text/html') {
        // Display debug jslog once
        global $rsc_url, $app_version;
        echo '<script type="text/javascript" src="' . $rsc_url . 'js/debug_jslog.js"></script>';
        echo '<script type="text/javascript" src="' . $rsc_url . 'js/jquery/jquery.cookie.min.js"></script>';
        $jquery_ui_css_url = url_add_param($rsc_url . 'css/jquery/smoothness/jquery-ui.css', 'v=' . $app_version);
        echo '<link href="' . $jquery_ui_css_url . '" type="text/css" rel="stylesheet" />';
        $jslog_style_cookies = param_cookie('jslog_style', 'string');
        $jslog_styles = array();
        if (!empty($jslog_style_cookies)) {
            // Get styles only from cookies
            $jslog_style_cookies = explode(';', $jslog_style_cookies);
            foreach ($jslog_style_cookies as $jsc => $style) {
                if (strpos($style, 'height') !== false) {
                    // Unset the height param from defined styles ( and the display param if jslog is disabled )
                    unset($jslog_style_cookies[$jsc]);
                }
            }
            $jslog_styles[] = implode(';', $jslog_style_cookies);
        } else {
            if (!is_logged_in()) {
                // Align top when evobar is hidden
                $jslog_styles[] = 'top:0';
            }
            if ($debug_jslog) {
                // Display the jslog
                $jslog_styles[] = 'display:block';
            }
        }
        $jslog_styles = count($jslog_styles) > 0 ? ' style="' . implode(';', $jslog_styles) . '"' : '';
        $close_url = url_add_param($_SERVER['REQUEST_URI'], 'jslog');
        echo '<div id="debug_ajax_info" class="debug"' . $jslog_styles . '>';
        echo '<div class="jslog_titlebar">AJAX Debug log' . get_manual_link('ajax_debug_log') . action_icon(T_('Close'), 'close', $close_url, NULL, NULL, NULL, array('class' => 'jslog_switcher')) . '</div>';
        echo '<div id="jslog_container"></div>';
        echo '<div class="jslog_statusbar">' . '<a href="' . $_SERVER['REQUEST_URI'] . '#" class="jslog_clear">' . T_('Clear') . '</a>' . '</div>';
        echo '</div>';
        // Make sure debug jslog output only happens once:
        $debug_jslog_done = true;
    }
    // ----
    if (!$force) {
        if (!empty($debug_done)) {
            // Already displayed!
            return;
        }
        if (empty($debug)) {
            // No debug output desired:
            return;
        }
        // Do not display, if no content-type header has been sent or it's != "text/html" (debug > 1 skips this)
        if ($debug < 2) {
            if ($content_type != 'text/html') {
                return;
            }
        }
    }
    //Make sure debug output only happens once:
    $debug_done = true;
    // clean output:
    $clean = $is_cli || $force_clean;
    $printf_format = '| %-45s | %-5s | %-7s | %-5s |';
    $table_headerlen = 73;
    /* This calculates the number of dashes to print e. g. on the top and
    	 * bottom of the table and after the header, making the table look
    	 * better (looks like the tables of the mysql command line client).
    	 * Normally, the value won't change, so it's hardcoded above. If you
    	 * change the printf() format above, this might be useful.
    	preg_match_all( '#\d+#', $printf_format, $table_headerlen );
    	$table_headerlen = array_sum( $table_headerlen[0] ) +
    									strlen( preg_replace( '#[^ \|]+#', '',
    												$printf_format ) ) - 2;
    	*/
    $ReqHostPathQuery = $ReqHost . $ReqPath . (empty($_SERVER['QUERY_STRING']) ? '' : '?' . $_SERVER['QUERY_STRING']);
    echo "\n\n\n";
    echo $clean ? '*** Debug info ***' . "\n\n" : '<div class="debug" id="debug_info"><h2>Debug info</h2>';
    if (!$obhandler_debug) {
        // don't display changing items when we want to test obhandler
        // ---------------------------
        echo '<div class="log_container"><div>';
        echo 'HTTP Response code: ' . $http_response_code;
        echo $clean ? "\n" : '<br />';
        echo '$content_type_header: ' . $content_type_header;
        echo $clean ? "\n" : '<br />';
        echo '$disp: ' . $disp . ' -- detail: ' . $disp_detail;
        echo $clean ? "\n" : '<br />';
        echo '$robots_index: ' . $robots_index;
        echo $clean ? "\n" : '<br />';
        echo '$robots_follow: ' . $robots_follow;
        echo $clean ? "\n" : '<br />';
        echo '</div></div>';
        // ================================== DB Summary ================================
        if (isset($DB)) {
            echo '<div class="log_container"><div>';
            echo $DB->num_queries . ' SQL queries executed in ' . $Timer->get_duration('SQL QUERIES') . " seconds\n";
            if (!$clean) {
                echo ' &nbsp; <a href="' . $ReqHostPathQuery . '#evo_debug_queries">scroll down to details</a><p>';
            }
            echo '</div></div>';
        }
        // ========================== Timer table ================================
        $time_page = $Timer->get_duration('total');
        $timer_rows = array();
        foreach ($Timer->get_categories() as $l_cat) {
            if ($l_cat == 'sql_query') {
                continue;
            }
            $timer_rows[$l_cat] = $Timer->get_duration($l_cat);
        }
        // Don't sort to see orginal order of creation
        // arsort( $timer_rows );
        // ksort( $timer_rows );
        // Remove "total", it will get output as the last one:
        $total_time = $timer_rows['total'];
        unset($timer_rows['total']);
        $percent_total = $time_page > 0 ? number_format(100 / $time_page * $total_time, 2) : '0';
        if ($clean) {
            echo '== Timers ==' . "\n\n";
            echo '+' . str_repeat('-', $table_headerlen) . '+' . "\n";
            printf($printf_format . "\n", 'Category', 'Time', '%', 'Count');
            echo '+' . str_repeat('-', $table_headerlen) . '+' . "\n";
        } else {
            echo '<table class="debug_timer"><thead>' . '<tr><td colspan="4" class="center">Timers</td></tr>' . '<tr><th>Category</th><th>Time</th><th>%</th><th>Count</th></tr>' . '</thead>';
            // Output "total":
            echo "\n<tfoot><tr>" . '<td>total</td>' . '<td class="right red">' . $total_time . '</td>' . '<td class="right">' . $percent_total . '%</td>' . '<td class="right">' . $Timer->get_count('total') . '</td></tr></tfoot>';
            echo '<tbody>';
        }
        $table_rows_collapse = array();
        foreach ($timer_rows as $l_cat => $l_time) {
            $percent_l_cat = $time_page > 0 ? number_format(100 / $time_page * $l_time, 2) : '0';
            if ($clean) {
                $row = sprintf($printf_format, $l_cat, $l_time, $percent_l_cat . '%', $Timer->get_count($l_cat));
            } else {
                $row = "\n<tr>" . '<td>' . $l_cat . '</td>' . '<td class="right">' . $l_time . '</td>' . '<td class="right">' . $percent_l_cat . '%</td>' . '<td class="right">' . $Timer->get_count($l_cat) . '</td></tr>';
            }
            // Maybe ignore this row later, but not for clean display.
            if (!$clean && $percent_l_cat < 1) {
                // Hide everything that tool less tahn 5% of the time
                $table_rows_collapse[] = $row;
            } else {
                echo $row . "\n";
            }
        }
        $count_collapse = count($table_rows_collapse);
        // Collapse ignored rows, allowing to expand them with Javascript:
        if ($count_collapse > 5) {
            echo '<tr><td colspan="4" class="center" id="evo-debuglog-timer-long-header">';
            echo '<a href="" onclick="var e = document.getElementById(\'evo-debuglog-timer-long\'); e.style.display = (e.style.display == \'none\' ? \'\' : \'none\'); return false;">+ ' . $count_collapse . ' queries &lt; 1%</a> </td></tr>';
            echo '</tbody>';
            echo '<tbody id="evo-debuglog-timer-long" style="display:none;">';
        }
        echo implode("\n", $table_rows_collapse) . "\n";
        if ($clean) {
            // "total" (done in tfoot for html above)
            echo sprintf($printf_format, 'total', $total_time, $percent_total . '%', $Timer->get_count('total'));
            echo '+' . str_repeat('-', $table_headerlen) . '+' . "\n\n";
        } else {
            echo "\n</tbody></table>";
            // add jquery.tablesorter to the "Debug info" table.
            global $rsc_uri;
            echo '
			<script type="text/javascript" src="' . $rsc_uri . 'js/jquery/jquery.tablesorter.min.js"></script>
			<script type="text/javascript">
			(function($){
				var clicked_once;
				jQuery("table.debug_timer th").click( function(event) {
					if( clicked_once ) return; else clicked_once = true;
					jQuery("#evo-debuglog-timer-long tr").appendTo(jQuery("table.debug_timer tbody")[0]);
					jQuery("#evo-debuglog-timer-long-header").remove();
					// click for tablesorter:
					jQuery("table.debug_timer").tablesorter();
					jQuery(event.currentTarget).click();
				});
			})(jQuery);
			</script>';
        }
        // ================================ Opcode caching ================================
        echo '<div class="log_container"><div>';
        echo 'Opcode cache: ' . get_active_opcode_cache();
        echo $clean ? "\n" : '<p>';
        echo '</div></div>';
        // ================================ Memory Usage ================================
        echo '<div class="log_container"><div>';
        foreach (array('memory_get_usage' => array('display' => 'Memory usage', 'high' => 8000000), 'memory_get_peak_usage' => array('display' => 'Memory peak usage', 'high' => 8000000)) as $l_func => $l_var) {
            if (function_exists($l_func)) {
                $_usage = $l_func();
                if ($_usage > $l_var['high']) {
                    echo $clean ? '[!!] ' : '<span style="color:red; font-weight:bold">';
                }
                echo $l_var['display'] . ': ' . bytesreadable($_usage, !$clean);
                if (!$clean && $_usage > $l_var['high']) {
                    echo '</span>';
                }
                echo $clean ? "\n" : '<br />';
            }
        }
        echo 'Len of serialized $cache_imgsize: ' . strlen(serialize($cache_imgsize));
        echo $clean ? "\n" : '<br />';
        echo 'Len of serialized $cache_File: ' . strlen(serialize($cache_File));
        echo $clean ? "\n" : '<br />';
        echo '</div></div>';
    }
    // DEBUGLOG(s) FROM PREVIOUS SESSIONS, after REDIRECT(s) (with list of categories at top):
    if (isset($Session) && ($sess_Debuglogs = $Session->get('Debuglogs')) && !empty($sess_Debuglogs)) {
        $count_sess_Debuglogs = count($sess_Debuglogs);
        if ($count_sess_Debuglogs > 1) {
            // Links to those Debuglogs:
            if ($clean) {
                // kind of useless, but anyway...
                echo "\n" . 'There are ' . $count_sess_Debuglogs . ' Debuglogs from redirected pages.' . "\n";
            } else {
                echo '<p>There are ' . $count_sess_Debuglogs . ' Debuglogs from redirected pages: ';
                for ($i = 1; $i <= $count_sess_Debuglogs; $i++) {
                    echo '<a href="' . $ReqHostPathQuery . '#debug_sess_debuglog_' . $i . '">#' . $i . '</a> ';
                }
                echo '</p>';
            }
        }
        foreach ($sess_Debuglogs as $k => $sess_Debuglog) {
            $log_categories = array('error', 'note', 'all');
            // Categories to output (in that order)
            if ($clean) {
                $log_container_head = "\n" . '== Debug messages from redirected page (#' . ($k + 1) . ') ==' . "\n" . 'See below for the Debuglog from the current request.' . "\n";
                echo format_to_output($sess_Debuglog->display(array('container' => array('string' => $log_container_head, 'template' => false), 'all' => array('string' => '= %s =' . "\n\n", 'template' => false)), '', false, $log_categories, '', 'raw', false), 'raw');
            } else {
                $log_container_head = '<h3 id="debug_sess_debuglog_' . ($k + 1) . '" style="color:#f00;">Debug messages from redirected page (#' . ($k + 1) . ')</h3>' . '<p><a href="' . $ReqHostPathQuery . '#debug_debuglog">See below for the Debuglog from the current request.</a></p>';
                $log_cats = array_keys($sess_Debuglog->get_messages($log_categories));
                // the real list (with all replaced and only existing ones)
                $log_head_links = array();
                foreach ($log_cats as $l_cat) {
                    $log_head_links[] .= '<a href="' . $ReqHostPathQuery . '#debug_redir_' . ($k + 1) . '_info_cat_' . str_replace(' ', '_', $l_cat) . '">' . $l_cat . '</a>';
                }
                $log_container_head .= implode(' | ', $log_head_links);
                echo format_to_output($sess_Debuglog->display(array('container' => array('string' => $log_container_head, 'template' => false), 'all' => array('string' => '<h4 id="debug_redir_' . ($k + 1) . '_info_cat_%s">%s:</h4>', 'template' => false)), '', false, $log_categories), 'htmlbody');
            }
        }
        // Delete logs since they have been displayed...
        // EXCEPT if we are redirecting, because in this case we won't see these logs in a browser (only in request debug tools)
        // So in that case we want them to move over to the next page...
        if ($http_response_code < 300 || $http_response_code >= 400) {
            // This is NOT a 3xx redirect, assume debuglogs have been seen & delete them:
            $Session->delete('Debuglogs');
        }
    }
    // CURRENT DEBUGLOG (with list of categories at top):
    $log_categories = array('error', 'note', 'all');
    // Categories to output (in that order)
    $log_container_head = $clean ? "\n" . '== Debug messages ==' . "\n" : '<h3 id="debug_debuglog">Debug messages</h3>';
    if (!empty($sess_Debuglogs)) {
        // link to first sess_Debuglog:
        if ($clean) {
            $log_container_head .= 'See above for the Debuglog(s) from before the redirect.' . "\n";
        } else {
            $log_container_head .= '<p><a href="' . $ReqHostPathQuery . '#debug_sess_debuglog_1">See above for the Debuglog(s) from before the redirect.</a></p>';
        }
    }
    if (!$clean) {
        $log_cats = array_keys($Debuglog->get_messages($log_categories));
        // the real list (with all replaced and only existing ones)
        $log_head_links = array();
        foreach ($log_cats as $l_cat) {
            $log_head_links[] .= '<a href="' . $ReqHostPathQuery . '#debug_info_cat_' . str_replace(' ', '_', $l_cat) . '">' . $l_cat . '</a>';
        }
        $log_container_head .= implode(' | ', $log_head_links);
        echo format_to_output($Debuglog->display(array('container' => array('string' => $log_container_head, 'template' => false), 'all' => array('string' => '<h4 id="debug_info_cat_%s">%s:</h4>', 'template' => false)), '', false, $log_categories), 'htmlbody');
        echo '<h3 id="evo_debug_queries">DB</h3>';
    } else {
        echo format_to_output($Debuglog->display(array('container' => array('string' => $log_container_head, 'template' => false), 'all' => array('string' => '= %s =' . "\n\n", 'template' => false)), '', false, $log_categories, '', 'raw', false), 'raw');
        echo "\n" . '== DB ==' . "\n\n";
    }
    if ($db_config) {
        if (!$clean) {
            echo '<pre>';
        }
        echo 'Config DB Username: '******'user'] . "\n" . 'Config DB Database: ' . $db_config['name'] . "\n" . 'Config DB Host: ' . (isset($db_config['host']) ? $db_config['host'] : 'unset (localhost)') . "\n" . 'Config DB tables prefix: ' . $tableprefix . "\n" . 'Config DB connection charset: ' . $db_config['connection_charset'] . "\n";
        echo $clean ? "\n" : '</pre>';
    }
    if (!isset($DB)) {
        echo 'No DB object.' . ($clean ? "\n" : '');
    } else {
        echo '<pre>Current DB charset: ' . $DB->connection_charset . "</pre>\n";
        $DB->dump_queries(!$clean);
    }
    if (!$clean) {
        echo '</div>';
    }
}
Exemple #22
0
 /**
  * Build the evobar menu
  */
 function build_evobar_menu()
 {
     /**
      * @var Menu
      */
     global $topleft_Menu, $topright_Menu;
     global $current_User;
     global $baseurl, $home_url, $admin_url, $debug, $debug_jslog, $dev_menu, $seo_page_type, $robots_index;
     global $Blog, $blog, $activate_collection_toolbar;
     global $Settings;
     $perm_admin_normal = $current_User->check_perm('admin', 'normal');
     $perm_admin_restricted = $current_User->check_perm('admin', 'restricted');
     $entries = NULL;
     $working_blog = get_working_blog();
     if ($working_blog) {
         // Set collection url only when current user has an access to the working blog
         if (is_admin_page()) {
             // Front page of the working blog
             $BlogCache =& get_BlogCache();
             $working_Blog =& $BlogCache->get_by_ID($working_blog);
             $collection_url = $working_Blog->get('url');
         } else {
             // Dashboard of the working blog
             $collection_url = $admin_url . '?ctrl=dashboard&amp;blog=' . $working_blog;
         }
     }
     if ($perm_admin_normal || $perm_admin_restricted) {
         // Normal OR Restricted Access to Admin:
         $entries = array();
         if ($perm_admin_normal) {
             // Only for normal access
             $entries['b2evo'] = array('text' => '<strong>b2evolution</strong>', 'href' => $home_url, 'entry_class' => 'rwdhide');
         }
         $entries['front'] = array('text' => T_('Front<u>-office</u>'), 'href' => $baseurl, 'title' => T_('Go to the site home page (Front-office)'));
         $entries['dashboard'] = array('text' => T_('Back<u>-office</u>'), 'href' => $admin_url, 'title' => T_('Go to the site dashboard (Back-office)'));
         if ($perm_admin_normal) {
             // Only for normal access
             $entries['write'] = array('text' => '<span class="fa fa-plus-square"></span> ' . T_('Post'), 'title' => T_('No blog is currently selected'), 'disabled' => true, 'entry_class' => 'rwdhide');
         }
         if ($working_blog) {
             // Display a link to manage first available collection
             $entries['blog'] = array('text' => T_('Collection'), 'href' => $collection_url, 'disabled' => true);
         }
         $entries['tools'] = array('text' => T_('More'), 'href' => $admin_url . '#', 'disabled' => true);
     }
     if ((!is_admin_page() || !empty($activate_collection_toolbar)) && !empty($Blog)) {
         // A blog is currently selected AND we can activate toolbar items for selected collection:
         if ($current_User->check_perm('blog_post_statuses', 'edit', false, $Blog->ID)) {
             // We have permission to add a post with at least one status:
             $write_item_url = $Blog->get_write_item_url();
             if ($write_item_url) {
                 // write item URL is not empty, so it's sure that user can create new post
                 if (!$perm_admin_normal) {
                     $entries['write'] = array('text' => '<span class="fa fa-plus-square"></span> ' . T_('Post'));
                 }
                 $entries['write']['href'] = $write_item_url;
                 $entries['write']['disabled'] = false;
                 $entries['write']['title'] = T_('Write a new post into this blog');
             }
         }
         if ($perm_admin_normal && $working_blog) {
             if (empty($write_item_url)) {
                 // Display restricted message on this blog
                 $entries['write']['title'] = T_('You don\'t have permission to post into this blog');
             }
             // BLOG MENU:
             $entries['blog'] = array('text' => T_('Collection'), 'title' => T_('Manage this blog'), 'href' => $collection_url);
             $display_separator = false;
             if ($current_User->check_perm('blog_ismember', 'view', false, $Blog->ID)) {
                 // Check if current user has an access to post lists
                 $items_url = $admin_url . '?ctrl=items&amp;blog=' . $Blog->ID . '&amp;filter=restore';
                 // Collection front page
                 $entries['blog']['entries']['coll_front'] = array('text' => T_('Collection Front Page') . '&hellip;', 'href' => $Blog->get('url'));
                 // Collection dashboard
                 $entries['blog']['entries']['coll_dashboard'] = array('text' => T_('Collection Dashboard') . '&hellip;', 'href' => $admin_url . '?ctrl=dashboard&amp;blog=' . $Blog->ID);
                 $entries['blog']['entries'][] = array('separator' => true);
                 if ($Blog->get('type') == 'manual') {
                     // Manual view
                     $entries['blog']['entries']['manual'] = array('text' => T_('Manual view') . '&hellip;', 'href' => $items_url . '&amp;tab=manual');
                 }
                 if ($Blog->get_setting('use_workflow')) {
                     // Workflow view
                     $entries['blog']['entries']['workflow'] = array('text' => T_('Workflow view') . '&hellip;', 'href' => $items_url . '&amp;tab=tracker');
                 }
                 $entries['blog']['entries']['posts'] = array('text' => T_('Posts') . '&hellip;', 'href' => $items_url);
                 $display_separator = true;
             }
             // Check if user has permission for published, draft or depreceted comments (any of these)
             if ($current_User->check_perm('blog_comments', 'edit', false, $Blog->ID)) {
                 // Comments:
                 $entries['blog']['entries']['comments'] = array('text' => T_('Comments') . '&hellip;', 'href' => $admin_url . '?ctrl=comments&amp;blog=' . $Blog->ID . '&amp;filter=restore');
                 $display_separator = true;
             }
             // Chapters / Categories:
             if ($current_User->check_perm('blog_cats', 'edit', false, $Blog->ID)) {
                 // Either permission for a specific blog or the global permission:
                 $entries['blog']['entries']['chapters'] = array('text' => T_('Categories') . '&hellip;', 'href' => $admin_url . '?ctrl=chapters&amp;blog=' . $Blog->ID);
                 $display_separator = true;
             }
             if ($display_separator) {
                 $entries['blog']['entries'][] = array('separator' => true);
             }
             // PLACE HOLDER FOR FILES MODULE:
             $entries['blog']['entries']['files'] = NULL;
             // BLOG SETTINGS:
             if ($current_User->check_perm('blog_properties', 'edit', false, $Blog->ID)) {
                 // We have permission to edit blog properties:
                 $blog_param = '&amp;blog=' . $Blog->ID;
                 $entries['blog']['entries']['features'] = array('text' => T_('Features'), 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=home' . $blog_param, 'entries' => array('front' => array('text' => T_('Front page') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=home' . $blog_param), 'posts' => array('text' => T_('Posts') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=features' . $blog_param), 'comments' => array('text' => T_('Comments') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=comments' . $blog_param), 'other' => array('text' => T_('Other displays') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=other' . $blog_param), 'more' => array('text' => T_('More') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=more' . $blog_param)));
                 $entries['blog']['entries']['skin'] = array('text' => T_('Skin') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=skin' . $blog_param);
                 $entries['blog']['entries']['plugin_settings'] = array('text' => T_('Plugins') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=plugin_settings' . $blog_param);
                 $entries['blog']['entries']['widgets'] = array('text' => T_('Widgets') . '&hellip;', 'href' => $admin_url . '?ctrl=widgets' . $blog_param);
                 if (!is_admin_page()) {
                     // Display a menu to turn on/off the debug containers
                     global $ReqURI, $Session;
                     if ($Session->get('display_containers_' . $Blog->ID) == 1) {
                         // To hide the debug containers
                         $entries['blog']['entries']['containers'] = array('text' => T_('Hide containers'), 'href' => url_add_param(regenerate_url('display_containers'), 'display_containers=hide'));
                     } else {
                         // To show the debug containers
                         $entries['blog']['entries']['containers'] = array('text' => T_('Show containers'), 'href' => url_add_param(regenerate_url('display_containers'), 'display_containers=show'));
                     }
                 }
                 $entries['blog']['entries']['general'] = array('text' => T_('Settings'), 'href' => $admin_url . '?ctrl=coll_settings' . $blog_param, 'entries' => array('general' => array('text' => T_('General') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=general' . $blog_param), 'urls' => array('text' => T_('URLs') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=urls' . $blog_param), 'seo' => array('text' => T_('SEO') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=seo' . $blog_param)));
                 if ($current_User->check_perm('options', 'view', false, $Blog->ID)) {
                     // Post Types & Statuses
                     $entries['blog']['entries']['general']['entries']['item_types'] = array('text' => T_('Post Types') . '&hellip;', 'href' => $admin_url . '?ctrl=itemtypes&amp;tab=settings&amp;tab3=types' . $blog_param);
                     $entries['blog']['entries']['general']['entries']['item_statuses'] = array('text' => T_('Post Statuses') . '&hellip;', 'href' => $admin_url . '?ctrl=itemstatuses&amp;tab=settings&amp;tab3=statuses' . $blog_param);
                 }
                 $entries['blog']['entries']['general']['entries']['advanced'] = array('text' => T_('Advanced') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=advanced' . $blog_param);
                 if ($Blog && $Blog->advanced_perms) {
                     $entries['blog']['entries']['general']['entries']['userperms'] = array('text' => T_('User perms') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=perm' . $blog_param);
                     $entries['blog']['entries']['general']['entries']['groupperms'] = array('text' => T_('Group perms') . '&hellip;', 'href' => $admin_url . '?ctrl=coll_settings&amp;tab=permgroup' . $blog_param);
                 }
                 if ($current_User->check_perm('options', 'view')) {
                     // Check if current user has a permission to view the common settings of the blogs
                     $entries['blog']['entries']['general']['entries']['common_settings'] = array('text' => T_('Common Settings') . '&hellip;', 'href' => $admin_url . '?ctrl=collections&amp;tab=blog_settings');
                 }
             }
         }
     }
     if ($perm_admin_restricted) {
         // DEV MENU:
         $dev_entries = array();
         if ($dev_menu || $debug || $debug_jslog) {
             if (isset($Blog)) {
                 $dev_entries['coll'] = array('text' => 'Collection = ' . $Blog->shortname, 'disabled' => true);
             }
             global $disp, $is_front;
             if (!empty($disp)) {
                 $dev_entries['disp'] = array('text' => '$disp = ' . $disp, 'disabled' => true);
             }
             global $disp_detail;
             if (!empty($disp_detail)) {
                 $dev_entries['disp_detail'] = array('text' => '$disp_detail = ' . $disp_detail, 'disabled' => true);
             }
             if (!empty($seo_page_type)) {
                 // Set in skin_init()
                 $dev_entries['seo_page_type'] = array('text' => '> ' . $seo_page_type, 'disabled' => true);
             }
             global $is_front;
             if (!empty($is_front)) {
                 $dev_entries['front'] = array('text' => 'This is the FRONT page', 'disabled' => true);
             }
             if ($robots_index === false) {
                 $debug_text = 'NO INDEX';
             } else {
                 $debug_text = 'do index';
             }
             $dev_entries['noindex'] = array('text' => $debug_text, 'disabled' => true);
         }
         if (($dev_menu || $debug) && !is_admin_page() && !empty($Blog)) {
             // Display a menu to turn on/off the debug containers
             global $ReqURI, $Session;
             $dev_entries[] = array('separator' => true);
             if ($Session->get('display_containers_' . $Blog->ID) == 1) {
                 // To hide the debug containers
                 $dev_entries['containers'] = array('text' => T_('Hide containers'), 'href' => url_add_param(regenerate_url('display_containers'), 'display_containers=hide'));
             } else {
                 // To show the debug containers
                 $dev_entries['containers'] = array('text' => T_('Show containers'), 'href' => url_add_param(regenerate_url('display_containers'), 'display_containers=show'));
             }
             if ($Session->get('display_includes_' . $Blog->ID) == 1) {
                 // To hide the debug includes
                 $dev_entries['includes'] = array('text' => T_('Hide includes'), 'href' => url_add_param(regenerate_url('display_containers'), 'display_includes=hide'));
             } else {
                 // To show the debug includes
                 $dev_entries['includes'] = array('text' => T_('Show includes'), 'href' => url_add_param(regenerate_url('display_containers'), 'display_includes=show'));
             }
         }
         // MORE menu:
         if ($current_User->check_perm('users', 'view')) {
             // Users:
             $entries['tools']['disabled'] = false;
             $entries['tools']['entries']['users'] = array('text' => T_('Users') . '&hellip;', 'href' => $admin_url . '?ctrl=users');
         }
         // PLACE HOLDER FOR MESSAGING MODULE:
         $entries['tools']['entries']['messaging'] = NULL;
         // PLACE HOLDER FOR FILES MODULE:
         $entries['tools']['entries']['files'] = NULL;
         $perm_options = $current_User->check_perm('options', 'view');
         $perm_spam = $perm_options && $current_User->check_perm('spamblacklist', 'view');
         $perm_emails = $current_User->check_perm('emails', 'view');
         $perm_maintenance = $current_User->check_perm('perm_maintenance', 'upgrade');
         if ($perm_spam || $perm_options || $perm_maintenance) {
             $entries['tools']['entries'][] = array('separator' => true);
             if ($perm_emails) {
                 $entries['tools']['entries']['email'] = array('text' => T_('Emails'), 'href' => $admin_url . '?ctrl=campaigns', 'entries' => array('campaigns' => array('text' => T_('Campaigns') . '&hellip;', 'href' => $admin_url . '?ctrl=campaigns'), 'blocked' => array('text' => T_('Addresses') . '&hellip;', 'href' => $admin_url . '?ctrl=email'), 'sent' => array('text' => T_('Sent') . '&hellip;', 'href' => $admin_url . '?ctrl=email&amp;tab=sent'), 'return' => array('text' => T_('Returned') . '&hellip;', 'href' => $admin_url . '?ctrl=email&amp;tab=return'), 'settings' => array('text' => T_('Settings') . '&hellip;', 'href' => $admin_url . '?ctrl=email&amp;tab=settings')));
             }
             $entries['tools']['disabled'] = false;
             $entries['tools']['entries']['system'] = array('text' => T_('System'), 'href' => $admin_url . '?ctrl=system');
             if ($perm_options) {
                 $entries['tools']['entries']['system']['entries']['status'] = array('text' => T_('Status') . '&hellip;', 'href' => $admin_url . '?ctrl=system');
             }
             if ($perm_options) {
                 $entries['tools']['entries']['system']['entries']['crontab'] = array('text' => T_('Scheduler') . '&hellip;', 'href' => $admin_url . '?ctrl=crontab');
             }
             if ($perm_spam) {
                 $entries['tools']['entries']['system']['entries']['antispam'] = array('text' => T_('Antispam') . '&hellip;', 'href' => $admin_url . '?ctrl=antispam');
             }
         }
         if ($perm_options) {
             // Global settings:
             $entries['tools']['entries']['system']['entries']['regional'] = array('text' => T_('Regional') . '&hellip;', 'href' => $admin_url . '?ctrl=regional');
             $entries['tools']['entries']['system']['entries']['skins'] = array('text' => T_('Skins') . '&hellip;', 'href' => $admin_url . '?ctrl=skins&amp;tab=system');
             $entries['tools']['entries']['system']['entries']['plugins'] = array('text' => T_('Plugins') . '&hellip;', 'href' => $admin_url . '?ctrl=plugins');
             $entries['tools']['entries']['system']['entries']['remote'] = array('text' => T_('Remote publishing') . '&hellip;', 'href' => $admin_url . '?ctrl=remotepublish');
             $entries['tools']['entries']['system']['entries']['maintenance'] = array('text' => T_('Maintenance') . '&hellip;', 'href' => $admin_url . '?ctrl=tools');
             $entries['tools']['entries']['system']['entries']['syslog'] = array('text' => T_('System log'), 'href' => '?ctrl=syslog');
         }
     }
     if ($entries !== NULL) {
         $topleft_Menu->add_menu_entries(NULL, $entries);
     }
     // ---------------------------------------------------------------------------
     /*
      * RIGHT MENU
      */
     global $localtimenow, $is_admin_page;
     $entries = array();
     // Dev menu:
     global $debug_jslog;
     if ($debug || $debug_jslog) {
         // Show JS log menu if debug is enabled
         $dev_entries[] = array('separator' => true);
         $dev_entries['jslog'] = array('text' => T_('JS log'), 'title' => T_('JS log'), 'class' => 'jslog_switcher');
     }
     if (!empty($dev_entries)) {
         // Add Dev menu if at least one entry is should be displayed
         $entries['dev'] = array('href' => $admin_url . '#', 'text' => '<span class="fa fa-wrench"></span> Dev', 'entries' => $dev_entries);
     }
     // User menu:
     $current_user_Group = $current_User->get_Group();
     $userprefs_entries = array('name' => array('text' => $current_User->get_avatar_imgtag('crop-top-32x32', '', 'left') . '&nbsp;' . $current_User->get_preferred_name() . '<br />&nbsp;<span class="note">' . $current_user_Group->get_name() . '</span>', 'href' => get_user_profile_url()));
     $userprefs_entries[] = array('separator' => true);
     $user_profile_url = get_user_profile_url();
     if (!empty($user_profile_url)) {
         // Display this menu item only when url is available to current user
         $userprefs_entries['profile'] = array('text' => T_('Edit your profile') . '&hellip;', 'href' => $user_profile_url);
     }
     $user_avatar_url = get_user_avatar_url();
     if (!empty($user_avatar_url)) {
         // Display this menu item only when url is available to current user
         $userprefs_entries['avatar'] = array('text' => T_('Your profile picture') . '&hellip;', 'href' => $user_avatar_url);
     }
     $user_pwdchange_url = get_user_pwdchange_url();
     if (!empty($user_pwdchange_url)) {
         // Display this menu item only when url is available to current user
         $userprefs_entries['pwdchange'] = array('text' => T_('Change password') . '&hellip;', 'href' => $user_pwdchange_url);
     }
     $user_preferences_url = get_user_preferences_url();
     if (!empty($user_preferences_url)) {
         // Display this menu item only when url is available to current user
         $userprefs_entries['userprefs'] = array('text' => T_('Preferences') . '&hellip;', 'href' => $user_preferences_url);
     }
     $user_subs_url = get_user_subs_url();
     if (!empty($user_subs_url)) {
         // Display this menu item only when url is available to current user
         $userprefs_entries['subs'] = array('text' => T_('Notifications') . '&hellip;', 'href' => $user_subs_url);
     }
     $entries['userprefs'] = array('text' => '<strong>' . $current_User->get_colored_login(array('login_text' => 'name')) . '</strong>', 'href' => get_user_profile_url(), 'entries' => $userprefs_entries);
     $entries['time'] = array('text' => date(locale_shorttimefmt(), $localtimenow), 'disabled' => true, 'entry_class' => 'rwdhide');
     if ($current_User->check_perm('admin', 'normal') && $current_User->check_perm('options', 'view')) {
         // Make time as link to Timezone settings if permission
         $entries['time']['disabled'] = false;
         $entries['time']['href'] = $admin_url . '?ctrl=time';
     }
     // ADMIN SKINS:
     if ($is_admin_page) {
         $admin_skins = get_admin_skins();
         if (count($admin_skins) > 1) {
             // We have several admin skins available: display switcher:
             $entries['userprefs']['entries']['admskins'] = array('text' => T_('Admin skin'));
             $redirect_to = rawurlencode(regenerate_url('', '', '', '&'));
             foreach ($admin_skins as $admin_skin) {
                 $entries['userprefs']['entries']['admskins']['entries'][$admin_skin] = array('text' => $admin_skin, 'href' => $admin_url . '?ctrl=users&amp;action=change_admin_skin&amp;new_admin_skin=' . rawurlencode($admin_skin) . '&amp;redirect_to=' . $redirect_to);
             }
         }
     }
     $entries['userprefs']['entries'][] = array('separator' => true);
     $entries['userprefs']['entries']['logout'] = array('text' => T_('Log out!'), 'href' => get_user_logout_url());
     $topright_Menu->add_menu_entries(NULL, $entries);
 }
 		return false;
 	}
 }/* ]]> *
 </script>';*/
 $Form = new Form($samedomain_htsrv_url . 'comment_post.php', 'bComment_form_id_' . $Item->ID, 'post', NULL, 'multipart/form-data');
 $Form->switch_template_parts($params['form_params']);
 $Form->begin_form('bComment', '', array('target' => '_self'));
 // TODO: dh> a plugin hook would be useful here to add something to the top of the Form.
 //           Actually, the best would be, if the $Form object could be changed by a plugin
 //           before display!
 $Form->add_crumb('comment');
 $Form->hidden('comment_post_ID', $Item->ID);
 if (!empty($comment_reply_ID)) {
     $Form->hidden('reply_ID', $comment_reply_ID);
     // Link to scroll back up to replying comment
     echo '<a href="' . url_add_param($Item->get_permanent_url(), 'reply_ID=' . $comment_reply_ID . '&amp;redir=no') . '#c' . $comment_reply_ID . '" class="comment_reply_current" rel="' . $comment_reply_ID . '">' . T_('You are currently replying to a specific comment') . '</a>';
 }
 $Form->hidden('redirect_to', $Item->get_feedback_url($disp == 'feedback-popup', '&'));
 if (check_user_status('is_validated')) {
     // User is logged in and activated:
     $Form->info_field(T_('User'), '<strong>' . $current_User->get_identity_link(array('link_text' => $params['author_link_text'])) . '</strong> ' . get_user_profile_link(' [', ']', T_('Edit profile')));
 } else {
     // User is not logged in or not activated:
     if (is_logged_in() && empty($comment_author) && empty($comment_author_email)) {
         $comment_author = $current_User->login;
         $comment_author_email = $current_User->email;
     }
     // Note: we use funky field names to defeat the most basic guestbook spam bots
     $Form->text($dummy_fields['name'], $comment_author, 40, T_('Name'), '', 100, 'bComment');
     $Form->text($dummy_fields['email'], $comment_author_email, 40, T_('Email'), '<br />' . T_('Your email address will <strong>not</strong> be revealed on this site.'), 100, 'bComment');
     $Item->load_Blog();
Exemple #24
0
 /**
  * @param boolean do we want to redirect back to where we came from after message?
  */
 function get_contact_url($with_redirect = true)
 {
     $r = url_add_param($this->get('msgformurl'), 'recipient_id=' . $this->owner_user_ID);
     if ($with_redirect) {
         $r .= '&amp;redirect_to=' . rawurlencode(regenerate_url('', '', '', '&'));
     }
     return $r;
 }
Exemple #25
0
/**
 * Initialize internal states for the most common skin displays.
 *
 * For more specific skins, this function may not be called and
 * equivalent code may be customized within the skin.
 *
 * @param string What are we going to display. Most of the time the global $disp should be passed.
 */
function skin_init($disp)
{
    /**
     * @var Blog
     */
    global $Blog;
    /**
     * @var Item
     */
    global $Item;
    /**
     * @var Skin
     */
    global $Skin;
    global $robots_index;
    global $seo_page_type;
    global $redir, $ReqURL, $ReqURI, $m, $w, $preview;
    global $Chapter;
    global $Debuglog;
    /**
     * @var ItemList2
     */
    global $MainList;
    /**
     * This will give more detail when $disp == 'posts'; otherwise it will have the same content as $disp
     * @var string
     */
    global $disp_detail, $Settings;
    global $Timer;
    global $Messages, $PageCache;
    global $Session, $current_User;
    $Timer->resume('skin_init');
    if (empty($disp_detail)) {
        $disp_detail = $disp;
    }
    $Debuglog->add('skin_init: $disp=' . $disp, 'skins');
    // This is the main template; it may be used to display very different things.
    // Do inits depending on current $disp:
    switch ($disp) {
        case 'front':
        case 'posts':
        case 'single':
        case 'page':
        case 'terms':
        case 'download':
        case 'feedback-popup':
            // We need to load posts for this display:
            if ($disp == 'terms') {
                // Initialize the redirect param to know what page redirect after accepting of terms:
                param('redirect_to', 'url', '');
            }
            // Note: even if we request the same post as $Item above, the following will do more restrictions (dates, etc.)
            // Init the MainList object:
            init_MainList($Blog->get_setting('posts_per_page'));
            // Init post navigation
            $post_navigation = $Skin->get_post_navigation();
            if (empty($post_navigation)) {
                $post_navigation = $Blog->get_setting('post_navigation');
            }
            if (!empty($MainList) && $MainList->single_post && ($single_Item =& mainlist_get_item())) {
                // If we are currently viewing a single post
                // We assume the current user will have read the entire post and all its current comments:
                $single_Item->update_read_timestamps(true, true);
                // Restart the items list:
                $MainList->restart();
            }
            break;
        case 'search':
            // Searching post, comments and categories
            load_funcs('collections/_search.funcs.php');
            // Check previous search keywords so it can be displayed in the search input box
            param('s', 'string', '', true);
            break;
    }
    // SEO stuff & redirects if necessary:
    $seo_page_type = NULL;
    switch ($disp) {
        // CONTENT PAGES:
        case 'single':
        case 'page':
        case 'terms':
            if ($disp == 'terms' && !$Item) {
                // Wrong post ID for terms page:
                global $disp;
                $disp = '404';
                $Messages->add(sprintf(T_('Terms not found. (post ID #%s)'), get_param('p')), 'error');
                break;
            }
            if (!$preview && empty($Item)) {
                // No Item, incorrect request and incorrect state of the application, a 404 redirect should have already happened
                //debug_die( 'Invalid page URL!' );
            }
            if ($disp == 'single') {
                $seo_page_type = 'Single post page';
            } else {
                $seo_page_type = '"Page" page';
            }
            if (!$preview) {
                // Check if item has a goal to insert a hit into DB
                $Item->check_goal();
            }
            // Check if the post has 'redirected' status:
            if (!$preview && $Item->status == 'redirected' && $redir == 'yes') {
                // $redir=no here allows to force a 'single post' URL for commenting
                // Redirect to the URL specified in the post:
                $Debuglog->add('Redirecting to post URL [' . $Item->url . '].');
                header_redirect($Item->url, true, true);
            }
            // Check if we want to redirect to a canonical URL for the post
            // Please document encountered problems.
            if (!$preview && ($Blog->get_setting('canonical_item_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_item_urls'))) {
                // We want to redirect to the Item's canonical URL:
                $canonical_url = $Item->get_permanent_url('', '', '&');
                if (preg_match('|[&?](page=\\d+)|', $ReqURI, $page_param)) {
                    // A certain post page has been requested, keep only this param and discard all others:
                    $canonical_url = url_add_param($canonical_url, $page_param[1], '&');
                }
                if (preg_match('|[&?](mode=quote&[qcp]+=\\d+)|', $ReqURI, $page_param)) {
                    // A quote of comment/post, keep only these params and discard all others:
                    $canonical_url = url_add_param($canonical_url, $page_param[1], '&');
                }
                if (!is_same_url($ReqURL, $canonical_url)) {
                    // The requested URL does not look like the canonical URL for this post...
                    // url difference was resolved
                    $url_resolved = false;
                    // Check if the difference is because of an allowed post navigation param
                    if (preg_match('|[&?]cat=(\\d+)|', $ReqURI, $cat_param)) {
                        // A category post navigation param is set
                        $extended_url = '';
                        if ($post_navigation == 'same_category' && isset($cat_param[1])) {
                            // navigatie through posts from the same category
                            $category_ids = postcats_get_byID($Item->ID);
                            if (in_array($cat_param[1], $category_ids)) {
                                // cat param is one of this Item categories
                                $extended_url = $Item->add_navigation_param($canonical_url, $post_navigation, $cat_param[1], '&');
                                // Set MainList navigation target to the requested category
                                $MainList->nav_target = $cat_param[1];
                            }
                        }
                        $url_resolved = is_same_url($ReqURL, $extended_url);
                    }
                    if (preg_match('|[&?]tag=([^&A-Z]+)|', $ReqURI, $tag_param)) {
                        // A tag post navigation param is set
                        $extended_url = '';
                        if ($post_navigation == 'same_tag' && isset($tag_param[1])) {
                            // navigatie through posts from the same tag
                            $tag_names = $Item->get_tags();
                            if (in_array($tag_param[1], $tag_names)) {
                                // tag param is one of this Item tags
                                $extended_url = $Item->add_navigation_param($canonical_url, $post_navigation, $tag_param[1], '&');
                                // Set MainList navigation target to the requested tag
                                $MainList->nav_target = $tag_param[1];
                            }
                        }
                        $url_resolved = is_same_url($ReqURL, $extended_url);
                    }
                    if (!$url_resolved && $Blog->get_setting('canonical_item_urls') && $redir == 'yes' && !$Item->check_cross_post_nav('auto', $Blog->ID)) {
                        // REDIRECT TO THE CANONICAL URL:
                        $Debuglog->add('Redirecting to canonical URL [' . $canonical_url . '].');
                        header_redirect($canonical_url, true);
                    } else {
                        // Use rel="canoncial":
                        add_headline('<link rel="canonical" href="' . $canonical_url . '" />');
                    }
                    // EXITED.
                }
            }
            if (!$MainList->result_num_rows) {
                // There is nothing to display for this page, don't index it!
                $robots_index = false;
            }
            break;
        case 'download':
            if (empty($Item)) {
                // No Item, incorrect request and incorrect state of the application, a 404 redirect should have already happened
                debug_die('Invalid page URL!');
            }
            $download_link_ID = param('download', 'integer', 0);
            // Check if we can allow to download the selected file
            $LinkCache =& get_LinkCache();
            if (!(($download_Link =& $LinkCache->get_by_ID($download_link_ID, false, false)) && ($LinkItem =& $download_Link->get_LinkOwner()) && ($LinkItem->Item && $LinkItem->Item->ID == $Item->ID) && ($download_File =& $download_Link->get_File()) && $download_File->exists())) {
                // Bad request, Redirect to Item permanent url
                $Messages->add(T_('The requested file is not available for download.'), 'error');
                $canonical_url = $Item->get_permanent_url('', '', '&');
                $Debuglog->add('Redirecting to canonical URL [' . $canonical_url . '].');
                header_redirect($canonical_url, true);
            }
            // Save the downloading Link to the global vars
            $GLOBALS['download_Link'] =& $download_Link;
            // Save global $Item to $download_Item, because $Item can be rewritten by function get_featured_Item() in some skins
            $GLOBALS['download_Item'] =& $Item;
            init_ajax_forms('blog');
            // auto requires jQuery
            // Initialize JavaScript to download file after X seconds
            add_js_headline('
jQuery( document ).ready( function ()
{
	jQuery( "#download_timer_js" ).show();
} );

var b2evo_download_timer = ' . intval($Blog->get_setting('download_delay')) . ';
var downloadInterval = setInterval( function()
{
	jQuery( "#download_timer" ).html( b2evo_download_timer );
	if( b2evo_download_timer == 0 )
	{ // Stop timer and download a file
		clearInterval( downloadInterval );
		jQuery( "#download_help_url" ).show();
	}
	b2evo_download_timer--;
}, 1000 );');
            // Use meta tag to download file when JavaScript is NOT enabled
            add_headline('<meta http-equiv="refresh" content="' . intval($Blog->get_setting('download_delay')) . '; url=' . $download_Link->get_download_url(array('type' => 'action')) . '" />');
            $seo_page_type = 'Download page';
            if ($Blog->get_setting($disp . '_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
        case 'posts':
            init_ajax_forms('blog');
            // auto requires jQuery
            // fp> if we add this here, we have to exetnd the inner if()
            // init_ratings_js( 'blog' );
            // Get list of active filters:
            $active_filters = $MainList->get_active_filters();
            if (!empty($active_filters)) {
                // The current page is being filtered...
                if (array_diff($active_filters, array('page')) == array()) {
                    // This is just a follow "paged" page
                    $disp_detail = 'posts-next';
                    $seo_page_type = 'Next page';
                    if ($Blog->get_setting('paged_noindex')) {
                        // We prefer robots not to index category pages:
                        $robots_index = false;
                    }
                } elseif (array_diff($active_filters, array('cat_array', 'cat_modifier', 'cat_focus', 'posts', 'page')) == array()) {
                    // This is a category page
                    $disp_detail = 'posts-cat';
                    $seo_page_type = 'Category page';
                    if ($Blog->get_setting('chapter_noindex')) {
                        // We prefer robots not to index category pages:
                        $robots_index = false;
                    }
                    global $cat, $catsel;
                    if (empty($catsel) && preg_match('~^[0-9]+$~', $cat)) {
                        // We are on a single cat page:
                        // NOTE: we must have selected EXACTLY ONE CATEGORY through the cat parameter
                        // BUT: - this can resolve to including children
                        //      - selecting exactly one cat through catsel[] is NOT OK since not equivalent (will exclude children)
                        // echo 'SINGLE CAT PAGE';
                        if ($Blog->get_setting('canonical_cat_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_cat_urls')) {
                            // Check if the URL was canonical:
                            if (!isset($Chapter)) {
                                $ChapterCache =& get_ChapterCache();
                                /**
                                 * @var Chapter
                                 */
                                $Chapter =& $ChapterCache->get_by_ID($MainList->filters['cat_array'][0], false);
                            }
                            if ($Chapter) {
                                if ($Chapter->parent_ID) {
                                    // This is a sub-category page (i-e: not a level 1 category)
                                    $disp_detail = 'posts-subcat';
                                }
                                $canonical_url = $Chapter->get_permanent_url(NULL, NULL, $MainList->get_active_filter('page'), NULL, '&');
                                if (!is_same_url($ReqURL, $canonical_url)) {
                                    // fp> TODO: we're going to lose the additional params, it would be better to keep them...
                                    // fp> what additional params actually?
                                    if ($Blog->get_setting('canonical_cat_urls') && $redir == 'yes') {
                                        // REDIRECT TO THE CANONICAL URL:
                                        header_redirect($canonical_url, true);
                                    } else {
                                        // Use rel="canonical":
                                        add_headline('<link rel="canonical" href="' . $canonical_url . '" />');
                                    }
                                }
                            } else {
                                // If the requested chapter was not found display 404 page
                                $Messages->add(T_('The requested chapter was not found'));
                                global $disp;
                                $disp = '404';
                                break;
                            }
                        }
                        if ($post_navigation == 'same_category') {
                            // Category is set and post navigation should go through the same category, set navigation target param
                            $MainList->nav_target = $cat;
                        }
                    }
                } elseif (array_diff($active_filters, array('tags', 'posts', 'page')) == array()) {
                    // This is a tag page
                    $disp_detail = 'posts-tag';
                    $seo_page_type = 'Tag page';
                    if ($Blog->get_setting('tag_noindex')) {
                        // We prefer robots not to index tag pages:
                        $robots_index = false;
                    }
                    if ($Blog->get_setting('canonical_tag_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_tag_urls')) {
                        // Check if the URL was canonical:
                        $canonical_url = $Blog->gen_tag_url($MainList->get_active_filter('tags'), $MainList->get_active_filter('page'), '&');
                        if (!is_same_url($ReqURL, $canonical_url)) {
                            if ($Blog->get_setting('canonical_tag_urls') && $redir == 'yes') {
                                // REDIRECT TO THE CANONICAL URL:
                                header_redirect($canonical_url, true);
                            } else {
                                // Use rel="canoncial":
                                add_headline('<link rel="canonical" href="' . $canonical_url . '" />');
                            }
                        }
                    }
                    $tag = $MainList->get_active_filter('tags');
                    if ($post_navigation == 'same_tag' && !empty($tag)) {
                        // Tag is set and post navigation should go through the same tag, set navigation target param
                        $MainList->nav_target = $tag;
                    }
                } elseif (array_diff($active_filters, array('ymdhms', 'week', 'posts', 'page')) == array()) {
                    // This is an archive page
                    // echo 'archive page';
                    $disp_detail = 'posts-date';
                    $seo_page_type = 'Date archive page';
                    if ($Blog->get_setting('canonical_archive_urls') && $redir == 'yes' || $Blog->get_setting('relcanonical_archive_urls')) {
                        // Check if the URL was canonical:
                        $canonical_url = $Blog->gen_archive_url(substr($m, 0, 4), substr($m, 4, 2), substr($m, 6, 2), $w, '&', $MainList->get_active_filter('page'));
                        if (!is_same_url($ReqURL, $canonical_url)) {
                            if ($Blog->get_setting('canonical_archive_urls') && $redir == 'yes') {
                                // REDIRECT TO THE CANONICAL URL:
                                header_redirect($canonical_url, true);
                            } else {
                                // Use rel="canoncial":
                                add_headline('<link rel="canonical" href="' . $canonical_url . '" />');
                            }
                        }
                    }
                    if ($Blog->get_setting('archive_noindex')) {
                        // We prefer robots not to index archive pages:
                        $robots_index = false;
                    }
                } else {
                    // Other filtered pages:
                    // pre_dump( $active_filters );
                    $disp_detail = 'posts-filtered';
                    $seo_page_type = 'Other filtered page';
                    if ($Blog->get_setting('filtered_noindex')) {
                        // We prefer robots not to index other filtered pages:
                        $robots_index = false;
                    }
                }
            } elseif ($Blog->get_setting('front_disp') == 'posts') {
                // This is the default blog page only if the 'front_disp' is set to 'posts'
                $disp_detail = 'posts-default';
                $seo_page_type = 'Default page';
                if ($Blog->get_setting('default_noindex')) {
                    // We prefer robots not to index archive pages:
                    $robots_index = false;
                }
            }
            break;
        case 'search':
            $seo_page_type = 'Search page';
            if ($Blog->get_setting('filtered_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
            // SPECIAL FEATURE PAGES:
        // SPECIAL FEATURE PAGES:
        case 'feedback-popup':
            $seo_page_type = 'Comment popup';
            if ($Blog->get_setting($disp . '_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
        case 'arcdir':
            $seo_page_type = 'Date archive directory';
            if ($Blog->get_setting($disp . '_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
        case 'catdir':
            $seo_page_type = 'Category directory';
            if ($Blog->get_setting($disp . '_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
        case 'msgform':
            global $disp;
            // get expected message form type
            $msg_type = param('msg_type', 'string', '');
            // initialize
            $recipient_User = NULL;
            $Comment = NULL;
            $allow_msgform = NULL;
            // get possible params
            $recipient_id = param('recipient_id', 'integer', 0, true);
            $comment_id = param('comment_id', 'integer', 0, true);
            $post_id = param('post_id', 'integer', 0, true);
            $subject = param('subject', 'string', '');
            // try to init recipient_User
            if (!empty($recipient_id)) {
                $UserCache =& get_UserCache();
                $recipient_User =& $UserCache->get_by_ID($recipient_id);
            } elseif (!empty($comment_id)) {
                // comment id is set, try to get comment author user
                $CommentCache =& get_CommentCache();
                $Comment = $CommentCache->get_by_ID($comment_id, false);
                if ($Comment = $CommentCache->get_by_ID($comment_id, false)) {
                    $recipient_User =& $Comment->get_author_User();
                    if (empty($recipient_User) && $Comment->allow_msgform && is_email($Comment->get_author_email())) {
                        // set allow message form to email because comment author (not registered) accepts email
                        $allow_msgform = 'email';
                        param('recipient_address', 'string', $Comment->get_author_email());
                        param('recipient_name', 'string', $Comment->get_author_name());
                    }
                }
            } else {
                // Recipient was not defined, try set the blog owner as recipient
                global $Blog;
                if (empty($Blog)) {
                    // Blog is not set, this is an invalid request
                    debug_die('Invalid send message request!');
                }
                $recipient_User = $Blog->get_owner_User();
            }
            if ($recipient_User) {
                // recipient User is set
                // get_msgform_possibility returns NULL (false), only if there is no messaging option between current_User and recipient user
                $allow_msgform = $recipient_User->get_msgform_possibility();
                if ($msg_type == 'email' && $recipient_User->get_msgform_possibility(NULL, 'email') != 'email') {
                    // User doesn't want to receive email messages, Restrict if this was requested by wrong url:
                    $msg_type = '';
                }
                if ($allow_msgform == 'login') {
                    // user must login first to be able to send a message to this User
                    $disp = 'login';
                    param('action', 'string', 'req_login');
                    // override redirect to param
                    param('redirect_to', 'url', regenerate_url(), true, true);
                    if (($msg_Blog =& get_setting_Blog('msg_blog_ID')) && $Blog->ID != $msg_Blog->ID) {
                        // Redirect to special blog for messaging actions if it is defined in general settings
                        header_redirect(url_add_param($msg_Blog->get('msgformurl', array('glue' => '&')), 'redirect_to=' . rawurlencode($redirect_to), '&'));
                    }
                    $Messages->add(T_('You must log in before you can contact this user'));
                } elseif ($allow_msgform == 'PM' && check_user_status('can_be_validated')) {
                    // user is not activated
                    if ($recipient_User->accepts_email()) {
                        // recipient User accepts email allow to send email
                        $allow_msgform = 'email';
                        $msg_type = 'email';
                        $activateinfo_link = 'href="' . get_activate_info_url(NULL, '&amp;') . '"';
                        $Messages->add(sprintf(T_('You must activate your account before you can send a private message to %s. However you can send them an email if you\'d like. <a %s>More info &raquo;</a>'), $recipient_User->get('login'), $activateinfo_link), 'warning');
                    } else {
                        // Redirect to the activate info page for not activated users
                        $Messages->add(T_('You must activate your account before you can contact a user. <b>See below:</b>'));
                        header_redirect(get_activate_info_url(), 302);
                        // will have exited
                    }
                } elseif ($msg_type == 'PM' && $allow_msgform == 'email') {
                    // only email is allowed but user expect private message form
                    if (!empty($current_User) && $recipient_id == $current_User->ID) {
                        $Messages->add(T_('You cannot send a private message to yourself. However you can send yourself an email if you\'d like.'), 'warning');
                    } else {
                        $Messages->add(sprintf(T_('You cannot send a private message to %s. However you can send them an email if you\'d like.'), $recipient_User->get('login')), 'warning');
                    }
                } elseif ($msg_type != 'email' && $allow_msgform == 'PM') {
                    // private message form should be displayed, change display to create new individual thread with the given recipient user
                    // check if creating new PM is allowed
                    if (check_create_thread_limit(true)) {
                        // thread limit reached
                        header_redirect();
                        // exited here
                    }
                    global $edited_Thread, $edited_Message, $recipients_selected;
                    // Load classes
                    load_class('messaging/model/_thread.class.php', 'Thread');
                    load_class('messaging/model/_message.class.php', 'Message');
                    // Set global variable to auto define the FB autocomplete plugin field
                    $recipients_selected = array(array('id' => $recipient_User->ID, 'title' => $recipient_User->login));
                    init_tokeninput_js('blog');
                    $disp = 'threads';
                    $edited_Thread = new Thread();
                    $edited_Message = new Message();
                    $edited_Message->Thread =& $edited_Thread;
                    $edited_Thread->recipients = $recipient_User->login;
                    param('action', 'string', 'new', true);
                    param('thrdtype', 'string', 'individual', true);
                }
                if ($allow_msgform == 'email') {
                    // set recippient user param
                    set_param('recipient_id', $recipient_User->ID);
                }
            }
            if ($allow_msgform == NULL) {
                // should be Prevented by UI
                if (!empty($recipient_User)) {
                    $Messages->add(sprintf(T_('The user "%s" does not want to be contacted through the message form.'), $recipient_User->get('login')), 'error');
                } elseif (!empty($Comment)) {
                    $Messages->add(T_('This commentator does not want to get contacted through the message form.'), 'error');
                }
                $blogurl = $Blog->gen_blogurl();
                // If it was a front page request or the front page is set to 'msgform' then we must not redirect to the front page because it is forbidden for the current User
                $redirect_to = is_front_page() || $Blog->get_setting('front_disp') == 'msgform' ? url_add_param($blogurl, 'disp=403', '&') : $blogurl;
                header_redirect($redirect_to, 302);
                // exited here
            }
            if ($allow_msgform == 'PM' || $allow_msgform == 'email') {
                // Some message form is available
                // Get the suggested subject for the email:
                if (empty($subject)) {
                    // no subject provided by param:
                    global $DB;
                    if (!empty($comment_id)) {
                        // fp>TODO there should be NO SQL in this file. Make a $ItemCache->get_by_comment_ID().
                        $row = $DB->get_row('
							SELECT post_title
								FROM T_items__item, T_comments
							 WHERE comment_ID = ' . $DB->quote($comment_id) . '
								 AND post_ID = comment_item_ID');
                        if ($row) {
                            $subject = T_('Re:') . ' ' . sprintf(T_('Comment on %s'), $row->post_title);
                        }
                    }
                    if (empty($subject) && !empty($post_id)) {
                        // fp>TODO there should be NO SQL in this file. Use $ItemCache->get_by_ID.
                        $row = $DB->get_row('
								SELECT post_title
									FROM T_items__item
								 WHERE post_ID = ' . $post_id);
                        if ($row) {
                            $subject = T_('Re:') . ' ' . $row->post_title;
                        }
                    }
                }
                if ($allow_msgform == 'PM' && isset($edited_Thread)) {
                    $edited_Thread->title = $subject;
                } else {
                    param('subject', 'string', $subject, true);
                }
            }
            if (($msg_Blog =& get_setting_Blog('msg_blog_ID')) && $Blog->ID != $msg_Blog->ID) {
                // Redirect to special blog for messaging actions if it is defined in general settings
                header_redirect($msg_Blog->get('msgformurl', array('glue' => '&')));
            }
            $seo_page_type = 'Contact form';
            if ($Blog->get_setting($disp . '_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
        case 'messages':
        case 'contacts':
        case 'threads':
            switch ($disp) {
                case 'messages':
                    // Actions ONLY for disp=messages
                    // fp> The correct place to get thrd_ID is here, because we want it in redirect_to in case we need to ask for login.
                    $thrd_ID = param('thrd_ID', 'integer', '', true);
                    if (!is_logged_in()) {
                        // Redirect to the login page for anonymous users
                        $Messages->add(T_('You must log in to read your messages.'));
                        header_redirect(get_login_url('cannot see messages'), 302);
                        // will have exited
                    }
                    // check if user status allow to view messages
                    if (!$current_User->check_status('can_view_messages')) {
                        // user status does not allow to view messages
                        if ($current_User->check_status('can_be_validated')) {
                            // user is logged in but his/her account is not activate yet
                            $Messages->add(T_('You must activate your account before you can read & send messages. <b>See below:</b>'));
                            header_redirect(get_activate_info_url(), 302);
                            // will have exited
                        }
                        $Messages->add('You are not allowed to view Messages!');
                        header_redirect($Blog->gen_blogurl(), 302);
                        // will have exited
                    }
                    // check if user permissions allow to view messages
                    if (!$current_User->check_perm('perm_messaging', 'reply')) {
                        // Redirect to the blog url for users without messaging permission
                        $Messages->add('You are not allowed to view Messages!');
                        header_redirect($Blog->gen_blogurl(), 302);
                        // will have exited
                    }
                    if (!empty($thrd_ID)) {
                        // if this thread exists and current user is part of this thread update status because won't be any unread messages on this conversation
                        // we need to mark this early to make sure the unread message count will be correct in the evobar
                        mark_as_read_by_user($thrd_ID, $current_User->ID);
                    }
                    if (($unsaved_message_params = get_message_params_from_session()) !== NULL) {
                        // set Message and Thread saved params from Session
                        global $edited_Message, $action;
                        load_class('messaging/model/_message.class.php', 'Message');
                        $edited_Message = new Message();
                        $edited_Message->text = $unsaved_message_params['message'];
                        $edited_Message->original_text = $unsaved_message_params['message_original'];
                        $edited_Message->set_renderers($unsaved_message_params['renderers']);
                        $edited_Message->thread_ID = $thrd_ID;
                        $action = $unsaved_message_params['action'];
                    }
                    break;
                case 'contacts':
                    // Actions ONLY for disp=contacts
                    if (!is_logged_in()) {
                        // Redirect to the login page for anonymous users
                        $Messages->add(T_('You must log in to manage your contacts.'));
                        header_redirect(get_login_url('cannot see contacts'), 302);
                        // will have exited
                    }
                    if (!$current_User->check_status('can_view_contacts')) {
                        // user is logged in, but his status doesn't allow to view contacts
                        if ($current_User->check_status('can_be_validated')) {
                            // user is logged in but his/her account was not activated yet
                            // Redirect to the account activation page
                            $Messages->add(T_('You must activate your account before you can manage your contacts. <b>See below:</b>'));
                            header_redirect(get_activate_info_url(), 302);
                            // will have exited
                        }
                        // Redirect to the blog url for users without messaging permission
                        $Messages->add('You are not allowed to view Contacts!');
                        $blogurl = $Blog->gen_blogurl();
                        // If it was a front page request or the front page is set to display 'contacts' then we must not redirect to the front page because it is forbidden for the current User
                        $redirect_to = is_front_page() || $Blog->get_setting('front_disp') == 'contacts' ? url_add_param($blogurl, 'disp=403', '&') : $blogurl;
                        header_redirect($redirect_to, 302);
                    }
                    if (has_cross_country_restriction('any') && empty($current_User->ctry_ID)) {
                        // User may browse/contact other users only from the same country
                        $Messages->add(T_('Please specify your country before attempting to contact other users.'));
                        header_redirect(get_user_profile_url());
                    }
                    // Get action parameter from request:
                    $action = param_action();
                    if (!$current_User->check_perm('perm_messaging', 'reply')) {
                        // Redirect to the blog url for users without messaging permission
                        $Messages->add('You are not allowed to view Contacts!');
                        $blogurl = $Blog->gen_blogurl();
                        // If it was a front page request or the front page is set to display 'contacts' then we must not redirect to the front page because it is forbidden for the current User
                        $redirect_to = is_front_page() || $Blog->get_setting('front_disp') == 'contacts' ? url_add_param($blogurl, 'disp=403', '&') : $blogurl;
                        header_redirect($redirect_to, 302);
                        // will have exited
                    }
                    switch ($action) {
                        case 'add_user':
                            // Add user to contacts list
                            // Check that this action request is not a CSRF hacked request:
                            $Session->assert_received_crumb('messaging_contacts');
                            $user_ID = param('user_ID', 'integer', 0);
                            if ($user_ID > 0) {
                                // Add user to contacts
                                if (create_contacts_user($user_ID)) {
                                    // Add user to the group
                                    $group_ID = param('group_ID', 'string', '');
                                    if ($result = create_contacts_group_users($group_ID, $user_ID, 'group_ID_combo')) {
                                        // User has been added to the group
                                        $Messages->add(sprintf(T_('User has been added to the &laquo;%s&raquo; group.'), $result['group_name']), 'success');
                                    } else {
                                        // User has been added ONLY to the contacts list
                                        $Messages->add('User has been added to your contacts.', 'success');
                                    }
                                }
                                header_redirect($Blog->get('userurl', array('url_suffix' => 'user_ID=' . $user_ID, 'glue' => '&')));
                            }
                            break;
                        case 'unblock':
                            // Unblock user
                            // Check that this action request is not a CSRF hacked request:
                            $Session->assert_received_crumb('messaging_contacts');
                            $user_ID = param('user_ID', 'integer', 0);
                            if ($user_ID > 0) {
                                set_contact_blocked($user_ID, 0);
                                $Messages->add(T_('Contact was unblocked.'), 'success');
                            }
                            break;
                        case 'remove_user':
                            // Remove user from contacts group
                            // Check that this action request is not a CSRF hacked request:
                            $Session->assert_received_crumb('messaging_contacts');
                            $view = param('view', 'string', 'profile');
                            $user_ID = param('user_ID', 'integer', 0);
                            $group_ID = param('group_ID', 'integer', 0);
                            if ($user_ID > 0 && $group_ID > 0) {
                                // Remove user from selected group
                                if (remove_contacts_group_user($group_ID, $user_ID)) {
                                    // User has been removed from the group
                                    if ($view == 'contacts') {
                                        // Redirect to the contacts list
                                        header_redirect($Blog->get('contactsurl', array('glue' => '&')));
                                    } else {
                                        // Redirect to the user profile page
                                        header_redirect($Blog->get('userurl', array('url_suffix' => 'user_ID=' . $user_ID, 'glue' => '&')));
                                    }
                                }
                            }
                            break;
                        case 'add_group':
                            // Add users to the group
                            // Check that this action request is not a CSRF hacked request:
                            $Session->assert_received_crumb('messaging_contacts');
                            $group = param('group', 'string', '');
                            $users = param('users', 'string', '');
                            if ($result = create_contacts_group_users($group, $users)) {
                                // Users have been added to the group
                                $Messages->add(sprintf(T_('%d contacts have been added to the &laquo;%s&raquo; group.'), $result['count_users'], $result['group_name']), 'success');
                                $redirect_to = $Blog->get('contactsurl', array('glue' => '&'));
                                $item_ID = param('item_ID', 'integer', 0);
                                if ($item_ID > 0) {
                                    $redirect_to = url_add_param($redirect_to, 'item_ID=' . $item_ID, '&');
                                }
                                header_redirect($redirect_to);
                            }
                            break;
                        case 'rename_group':
                            // Rename the group
                            // Check that this action request is not a CSRF hacked request:
                            $Session->assert_received_crumb('messaging_contacts');
                            $group_ID = param('group_ID', 'integer', true);
                            if (rename_contacts_group($group_ID)) {
                                $item_ID = param('item_ID', 'integer', 0);
                                $redirect_to = url_add_param($Blog->get('contactsurl', array('glue' => '&')), 'g=' . $group_ID, '&');
                                if ($item_ID > 0) {
                                    $redirect_to = url_add_param($redirect_to, 'item_ID=' . $item_ID, '&');
                                }
                                $Messages->add(T_('The group has been renamed.'), 'success');
                                header_redirect($redirect_to);
                            }
                            break;
                        case 'delete_group':
                            // Delete the group
                            // Check that this action request is not a CSRF hacked request:
                            $Session->assert_received_crumb('messaging_contacts');
                            $group_ID = param('group_ID', 'integer', true);
                            if (delete_contacts_group($group_ID)) {
                                $item_ID = param('item_ID', 'integer', 0);
                                $redirect_to = $Blog->get('contactsurl', array('glue' => '&'));
                                if ($item_ID > 0) {
                                    $redirect_to = url_add_param($redirect_to, 'item_ID=' . $item_ID, '&');
                                }
                                $Messages->add(T_('The group has been deleted.'), 'success');
                                header_redirect($redirect_to);
                            }
                            break;
                    }
                    modules_call_method('switch_contacts_actions', array('action' => $action));
                    break;
                case 'threads':
                    // Actions ONLY for disp=threads
                    if (!is_logged_in()) {
                        // Redirect to the login page for anonymous users
                        $Messages->add(T_('You must log in to read your messages.'));
                        header_redirect(get_login_url('cannot see messages'), 302);
                        // will have exited
                    }
                    if (!$current_User->check_status('can_view_threads')) {
                        // user status does not allow to view threads
                        if ($current_User->check_status('can_be_validated')) {
                            // user is logged in but his/her account is not activate yet
                            $Messages->add(T_('You must activate your account before you can read & send messages. <b>See below:</b>'));
                            header_redirect(get_activate_info_url(), 302);
                            // will have exited
                        }
                        $Messages->add('You are not allowed to view Messages!');
                        $blogurl = $Blog->gen_blogurl();
                        // If it was a front page request or the front page is set to display 'threads' then we must not redirect to the front page because it is forbidden for the current User
                        $redirect_to = is_front_page() || $Blog->get_setting('front_disp') == 'threads' ? url_add_param($blogurl, 'disp=404', '&') : $blogurl;
                        header_redirect($redirect_to, 302);
                        // will have exited
                    }
                    if (!$current_User->check_perm('perm_messaging', 'reply')) {
                        // Redirect to the blog url for users without messaging permission
                        $Messages->add('You are not allowed to view Messages!');
                        $blogurl = $Blog->gen_blogurl();
                        // If it was a front page request or the front page is set to display 'threads' then we must not redirect to the front page because it is forbidden for the current User
                        $redirect_to = is_front_page() || $Blog->get_setting('front_disp') == 'threads' ? url_add_param($blogurl, 'disp=403', '&') : $blogurl;
                        header_redirect($redirect_to, 302);
                        // will have exited
                    }
                    $action = param('action', 'string', 'view');
                    if ($action == 'new') {
                        // Before new message form is displayed ...
                        if (has_cross_country_restriction('contact') && empty($current_User->ctry_ID)) {
                            // Cross country contact restriction is enabled, but user country is not set yet
                            $Messages->add(T_('Please specify your country before attempting to contact other users.'));
                            header_redirect(get_user_profile_url());
                        } elseif (check_create_thread_limit(true)) {
                            // don't allow to create new thread, because the new thread limit was already reached
                            set_param('action', 'view');
                        }
                    }
                    // Load classes
                    load_class('messaging/model/_thread.class.php', 'Thread');
                    load_class('messaging/model/_message.class.php', 'Message');
                    // Get action parameter from request:
                    $action = param_action('view');
                    switch ($action) {
                        case 'new':
                            // Check permission:
                            $current_User->check_perm('perm_messaging', 'reply', true);
                            global $edited_Thread, $edited_Message;
                            $edited_Thread = new Thread();
                            $edited_Message = new Message();
                            $edited_Message->Thread =& $edited_Thread;
                            modules_call_method('update_new_thread', array('Thread' => &$edited_Thread));
                            if (($unsaved_message_params = get_message_params_from_session()) !== NULL) {
                                // set Message and Thread saved params from Session
                                $edited_Message->text = $unsaved_message_params['message'];
                                $edited_Message->original_text = $unsaved_message_params['message_original'];
                                $edited_Message->set_renderers($unsaved_message_params['renderers']);
                                $edited_Thread->title = $unsaved_message_params['subject'];
                                $edited_Thread->recipients = $unsaved_message_params['thrd_recipients'];
                                $edited_Message->Thread = $edited_Thread;
                                global $thrd_recipients_array, $thrdtype, $action, $creating_success;
                                $thrd_recipients_array = $unsaved_message_params['thrd_recipients_array'];
                                $thrdtype = $unsaved_message_params['thrdtype'];
                                $action = $unsaved_message_params['action'];
                                $creating_success = !empty($unsaved_message_params['creating_success']) ? $unsaved_message_params['creating_success'] : false;
                            } else {
                                if (empty($edited_Thread->recipients)) {
                                    $edited_Thread->recipients = param('thrd_recipients', 'string', '');
                                }
                                if (empty($edited_Thread->title)) {
                                    $edited_Thread->title = param('subject', 'string', '');
                                }
                            }
                            break;
                        default:
                            // Check permission:
                            $current_User->check_perm('perm_messaging', 'reply', true);
                            break;
                    }
                    break;
            }
            // Actions for disp = messages, contacts, threads:
            if (($msg_Blog =& get_setting_Blog('msg_blog_ID')) && $Blog->ID != $msg_Blog->ID) {
                // Redirect to special blog for messaging actions if it is defined in general settings
                $blog_url_params = array('glue' => '&');
                if (!empty($thrd_ID)) {
                    // Don't forget the important param on redirect
                    $blog_url_params['url_suffix'] = 'thrd_ID=' . $thrd_ID;
                }
                header_redirect($msg_Blog->get($disp . 'url', $blog_url_params));
            }
            // just in case some robot would be logged in:
            $seo_page_type = 'Messaging module';
            $robots_index = false;
            // Display messages depending on user email status
            display_user_email_status_message();
            break;
        case 'login':
            global $Plugins, $transmit_hashed_password;
            if (is_logged_in()) {
                // User is already logged in
                if ($current_User->check_status('can_be_validated')) {
                    // account is not active yet, redirect to the account activation page
                    $Messages->add(T_('You are logged in but your account is not activated. You will find instructions about activating your account below:'));
                    header_redirect(get_activate_info_url(), 302);
                    // will have exited
                }
                // User is already logged in, redirect to "redirect_to" page
                $Messages->add(T_('You are already logged in.'), 'note');
                $redirect_to = param('redirect_to', 'url', NULL);
                if (empty($redirect_to)) {
                    // If empty redirect to referer page
                    $redirect_to = '';
                }
                header_redirect($redirect_to, 302);
                // will have exited
            }
            if (($login_Blog =& get_setting_Blog('login_blog_ID')) && $Blog->ID != $login_Blog->ID) {
                // Redirect to special blog for login/register actions if it is defined in general settings
                header_redirect($login_Blog->get('loginurl', array('glue' => '&')));
            }
            $seo_page_type = 'Login form';
            $robots_index = false;
            break;
        case 'register':
            if (is_logged_in()) {
                // If user is logged in the register form should not be displayed. In this case redirect to the blog home page.
                $Messages->add(T_('You are already logged in.'), 'note');
                header_redirect($Blog->gen_blogurl(), false);
            }
            if (($login_Blog =& get_setting_Blog('login_blog_ID')) && $Blog->ID != $login_Blog->ID) {
                // Redirect to special blog for login/register actions if it is defined in general settings
                header_redirect($login_Blog->get('registerurl', array('glue' => '&')));
            }
            $seo_page_type = 'Register form';
            $robots_index = false;
            // Check invitation code if it exists and registration is enabled
            global $display_invitation;
            $display_invitation = check_invitation_code();
            break;
        case 'lostpassword':
            if (is_logged_in()) {
                // If user is logged in the lost password form should not be displayed. In this case redirect to the blog home page.
                $Messages->add(T_('You are already logged in.'), 'note');
                header_redirect($Blog->gen_blogurl(), false);
            }
            if (($login_Blog =& get_setting_Blog('login_blog_ID')) && $Blog->ID != $login_Blog->ID) {
                // Redirect to special blog for login/register actions if it is defined in general settings
                header_redirect($login_Blog->get('lostpasswordurl', array('glue' => '&')));
            }
            $seo_page_type = 'Lost password form';
            $robots_index = false;
            break;
        case 'activateinfo':
            if (!is_logged_in()) {
                // Redirect to the login page for anonymous users
                $Messages->add(T_('You must log in before you can activate your account.'));
                header_redirect(get_login_url('cannot see messages'), 302);
                // will have exited
            }
            if (!$current_User->check_status('can_be_validated')) {
                // don't display activateinfo screen
                $after_email_validation = $Settings->get('after_email_validation');
                if ($after_email_validation == 'return_to_original') {
                    // we want to return to original page after account activation
                    // check if Session 'validatemail.redirect_to' param is still set
                    $redirect_to = $Session->get('core.validatemail.redirect_to');
                    if (empty($redirect_to)) {
                        // Session param is empty try to get general redirect_to param
                        $redirect_to = param('redirect_to', 'url', '');
                    } else {
                        // cleanup validateemail.redirect_to param from session
                        $Session->delete('core.validatemail.redirect_to');
                    }
                } else {
                    // go to after email validation url which is set in the user general settings form
                    $redirect_to = $after_email_validation;
                }
                if (empty($redirect_to) || preg_match('#disp=activateinfo#', $redirect_to)) {
                    // redirect_to is pointing to the activate info display or is empty
                    // redirect to referer page
                    $redirect_to = '';
                }
                if ($current_User->check_status('is_validated')) {
                    $Messages->add(T_('Your account has already been activated.'));
                }
                header_redirect($redirect_to, 302);
                // will have exited
            }
            if (($login_Blog =& get_setting_Blog('login_blog_ID')) && $Blog->ID != $login_Blog->ID) {
                // Redirect to special blog for login/register actions if it is defined in general settings
                header_redirect($login_Blog->get('activateinfourl', array('glue' => '&')));
            }
            break;
        case 'profile':
        case 'avatar':
            $action = param_action();
            if ($action == 'crop' && is_logged_in()) {
                // Check data for crop action:
                global $current_User, $cropped_File;
                $file_ID = param('file_ID', 'integer');
                if (!($cropped_File = $current_User->get_File_by_ID($file_ID, $error_code))) {
                    // Current user cannot crop this file
                    set_param('action', '');
                }
            }
        case 'pwdchange':
        case 'userprefs':
        case 'subs':
            $seo_page_type = 'Special feature page';
            if ($Blog->get_setting('special_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            // Display messages depending on user email status
            display_user_email_status_message();
            break;
        case 'users':
            if (!is_logged_in() && !$Settings->get('allow_anonymous_user_list')) {
                // Redirect to the login page if not logged in and allow anonymous user setting is OFF
                $Messages->add(T_('You must log in to view the user directory.'));
                header_redirect(get_login_url('cannot see user'), 302);
                // will have exited
            }
            if (is_logged_in() && !check_user_status('can_view_users')) {
                // user status doesn't permit to view users list
                if (check_user_status('can_be_validated')) {
                    // user is logged in but his/her account is not active yet
                    // Redirect to the account activation page
                    $Messages->add(T_('You must activate your account before you can view the user directory. <b>See below:</b>'));
                    header_redirect(get_activate_info_url(), 302);
                    // will have exited
                }
                // set where to redirect
                $error_redirect_to = empty($Blog) ? $baseurl : $Blog->gen_blogurl();
                $Messages->add(T_('Your account status currently does not permit to view the user directory.'));
                header_redirect($error_redirect_to, 302);
                // will have exited
            }
            if (has_cross_country_restriction('users', 'list') && empty($current_User->ctry_ID)) {
                // User may browse other users only from the same country
                $Messages->add(T_('Please specify your country before attempting to contact other users.'));
                header_redirect(get_user_profile_url());
            }
            $seo_page_type = 'Users list';
            $robots_index = false;
            break;
        case 'user':
            // get user_ID because we want it in redirect_to in case we need to ask for login.
            $user_ID = param('user_ID', 'integer', '', true);
            // set where to redirect in case of error
            $error_redirect_to = empty($Blog) ? $baseurl : $Blog->gen_blogurl();
            if (!is_logged_in()) {
                // Redirect to the login page if not logged in and allow anonymous user setting is OFF
                $user_available_by_group_level = true;
                if (!empty($user_ID)) {
                    $UserCache =& get_UserCache();
                    if ($User =& $UserCache->get_by_ID($user_ID, false)) {
                        // If user exists we can check if the anonymous users have an access to view the user by group level limitation
                        $User->get_Group();
                        $user_available_by_group_level = $User->Group->level >= $Settings->get('allow_anonymous_user_level_min') && $User->Group->level <= $Settings->get('allow_anonymous_user_level_max');
                    }
                }
                if (!$Settings->get('allow_anonymous_user_profiles') || !$user_available_by_group_level || empty($user_ID)) {
                    // If this user is not available for anonymous users
                    $Messages->add(T_('You must log in to view this user profile.'));
                    header_redirect(get_login_url('cannot see user'), 302);
                    // will have exited
                }
            }
            if (is_logged_in() && !check_user_status('can_view_user', $user_ID)) {
                // user is logged in, but his/her status doesn't permit to view user profile
                if (check_user_status('can_be_validated')) {
                    // user is logged in but his/her account is not active yet
                    // Redirect to the account activation page
                    $Messages->add(T_('You must activate your account before you can view this user profile. <b>See below:</b>'));
                    header_redirect(get_activate_info_url(), 302);
                    // will have exited
                }
                $Messages->add(T_('Your account status currently does not permit to view this user profile.'));
                header_redirect($error_redirect_to, 302);
                // will have exited
            }
            if (!empty($user_ID)) {
                $UserCache =& get_UserCache();
                $User =& $UserCache->get_by_ID($user_ID, false);
                if (empty($User)) {
                    $Messages->add(T_('The requested user does not exist!'));
                    header_redirect($error_redirect_to);
                    // will have exited
                }
                if ($User->check_status('is_closed')) {
                    $Messages->add(T_('The requested user account is closed!'));
                    header_redirect($error_redirect_to);
                    // will have exited
                }
                if (has_cross_country_restriction('any')) {
                    if (empty($current_User->ctry_ID)) {
                        // Current User country is not set
                        $Messages->add(T_('Please specify your country before attempting to contact other users.'));
                        header_redirect(get_user_profile_url());
                        // will have exited
                    }
                    if (has_cross_country_restriction('users', 'profile') && $current_User->ctry_ID !== $User->ctry_ID) {
                        // Current user country is different then edited user country and cross country user browsing is not enabled.
                        $Messages->add(T_('You don\'t have permission to view this user profile.'));
                        header_redirect(url_add_param($error_redirect_to, 'disp=403', '&'));
                        // will have exited
                    }
                }
            }
            // Initialize users list from session cache in order to display prev/next links:
            // It is used to navigate between users
            load_class('users/model/_userlist.class.php', 'UserList');
            global $UserList;
            $UserList = new UserList();
            $UserList->memorize = false;
            $UserList->load_from_Request();
            $seo_page_type = 'User display';
            break;
        case 'edit':
            global $current_User, $post_ID;
            // Post ID, go from $_GET when we edit a post from Front-office
            //          or from $_POST when we switch from Back-office
            $post_ID = param('p', 'integer', empty($post_ID) ? 0 : $post_ID, true);
            if (!is_logged_in()) {
                // Redirect to the login page if not logged in and allow anonymous user setting is OFF
                $redirect_to = url_add_param($Blog->gen_blogurl(), 'disp=edit');
                $Messages->add(T_('You must log in to create & edit posts.'));
                header_redirect(get_login_url('cannot edit posts', $redirect_to), 302);
                // will have exited
            }
            if (!$current_User->check_status('can_edit_post')) {
                if ($current_User->check_status('can_be_validated')) {
                    // user is logged in but his/her account was not activated yet
                    // Redirect to the account activation page
                    $Messages->add(T_('You must activate your account before you can create & edit posts. <b>See below:</b>'));
                    header_redirect(get_activate_info_url(), 302);
                    // will have exited
                }
                // Redirect to the blog url for users without messaging permission
                $Messages->add(T_('You are not allowed to create & edit posts!'));
                header_redirect($Blog->gen_blogurl(), 302);
            }
            // user logged in and the account was activated
            check_item_perm_edit($post_ID);
            if (!blog_has_cats($Blog->ID)) {
                // No categories are in this blog
                $error_message = T_('Since this blog has no categories, you cannot post into it.');
                if ($current_User->check_perm('blog_cats', 'edit', false, $Blog->ID)) {
                    // If current user has a permission to create a category
                    global $admin_url;
                    $error_message .= ' ' . sprintf(T_('You must <a %s>create categories</a> first.'), 'href="' . $admin_url . '?ctrl=chapters&amp;blog=' . $Blog->ID . '"');
                }
                $Messages->add($error_message, 'error');
                header_redirect($Blog->gen_blogurl(), 302);
            }
            // Prepare the 'In-skin editing':
            init_inskin_editing();
            break;
        case 'edit_comment':
            global $current_User, $edited_Comment, $comment_Item, $Item, $comment_title, $comment_content, $display_params;
            // comment ID
            $comment_ID = param('c', 'integer', 0, true);
            if (!is_logged_in()) {
                // Redirect to the login page if not logged in and allow anonymous user setting is OFF
                $redirect_to = url_add_param($Blog->gen_blogurl(), 'disp=edit_comment');
                $Messages->add(T_('You must log in to edit comments.'));
                header_redirect(get_login_url('cannot edit comments', $redirect_to), 302);
                // will have exited
            }
            if (!$current_User->check_status('can_edit_comment')) {
                if ($current_User->check_status('can_be_validated')) {
                    // user is logged in but his/her account was not activated yet
                    // Redirect to the account activation page
                    $Messages->add(T_('You must activate your account before you can edit comments. <b>See below:</b>'));
                    header_redirect(get_activate_info_url(), 302);
                    // will have exited
                }
                // Redirect to the blog url for users without messaging permission
                $Messages->add('You are not allowed to edit comments!');
                header_redirect($Blog->gen_blogurl(), 302);
            }
            if (empty($comment_ID)) {
                // Can't edit a not exisiting comment
                $Messages->add('Invalid comment edit URL!');
                global $disp;
                $disp = 404;
                break;
            }
            $CommentCache =& get_CommentCache();
            $edited_Comment = $CommentCache->get_by_ID($comment_ID);
            $comment_Item = $edited_Comment->get_Item();
            if (!$current_User->check_perm('comment!CURSTATUS', 'edit', false, $edited_Comment)) {
                // If User has no permission to edit comments with this comment status:
                $Messages->add('You are not allowed to edit the previously selected comment!');
                header_redirect($Blog->gen_blogurl(), 302);
            }
            $comment_title = '';
            $comment_content = htmlspecialchars_decode($edited_Comment->content);
            // Format content for editing, if we were not already in editing...
            $Plugins_admin =& get_Plugins_admin();
            $comment_Item->load_Blog();
            $params = array('object_type' => 'Comment', 'object_Blog' => &$comment_Item->Blog);
            $Plugins_admin->unfilter_contents($comment_title, $comment_content, $edited_Comment->get_renderers_validated(), $params);
            $Item = $comment_Item;
            $display_params = array();
            break;
        case 'useritems':
        case 'usercomments':
            global $display_params, $viewed_User;
            // get user_ID because we want it in redirect_to in case we need to ask for login.
            $user_ID = param('user_ID', 'integer', true, true);
            if (empty($user_ID)) {
                bad_request_die(sprintf(T_('Parameter &laquo;%s&raquo; is required!'), 'user_ID'));
            }
            // set where to redirect in case of error
            $error_redirect_to = empty($Blog) ? $baseurl : $Blog->gen_blogurl();
            if (!is_logged_in()) {
                // Redirect to the login page if not logged in and allow anonymous user setting is OFF
                $Messages->add(T_('You must log in to view this user profile.'));
                header_redirect(get_login_url('cannot see user'), 302);
                // will have exited
            }
            if (is_logged_in() && !check_user_status('can_view_user', $user_ID)) {
                // user is logged in, but his/her status doesn't permit to view user profile
                if (check_user_status('can_be_validated')) {
                    // user is logged in but his/her account is not active yet
                    // Redirect to the account activation page
                    $Messages->add(T_('You must activate your account before you can view this user profile. <b>See below:</b>'));
                    header_redirect(get_activate_info_url(), 302);
                    // will have exited
                }
                $Messages->add(T_('Your account status currently does not permit to view this user profile.'));
                header_redirect($error_redirect_to, 302);
                // will have exited
            }
            if (!empty($user_ID)) {
                $UserCache =& get_UserCache();
                $viewed_User = $UserCache->get_by_ID($user_ID, false);
                if (empty($viewed_User)) {
                    $Messages->add(T_('The requested user does not exist!'));
                    header_redirect($error_redirect_to);
                    // will have exited
                }
                if ($viewed_User->check_status('is_closed')) {
                    $Messages->add(T_('The requested user account is closed!'));
                    header_redirect($error_redirect_to);
                    // will have exited
                }
            }
            $display_params = !empty($Skin) ? $Skin->get_template('Results') : NULL;
            if ($disp == 'useritems') {
                // Init items list
                global $user_ItemList;
                $useritems_Blog = NULL;
                $user_ItemList = new ItemList2($useritems_Blog, NULL, NULL, NULL, 'ItemCache', 'useritems_');
                $user_ItemList->load_from_Request();
                $user_ItemList->set_filters(array('authors' => $user_ID), true, true);
                $user_ItemList->query();
            } else {
                // Init comments list
                global $user_CommentList;
                $user_CommentList = new CommentList2(NULL, NULL, 'CommentCache', 'usercmts_');
                $user_CommentList->load_from_Request();
                $user_CommentList->set_filters(array('author_IDs' => $user_ID), true, true);
                $user_CommentList->query();
            }
            break;
        case 'comments':
            if (!$Blog->get_setting('comments_latest')) {
                // If latest comments page is disabled - Display 404 page with error message
                $Messages->add(T_('This feature is disabled.'), 'error');
                global $disp;
                $disp = '404';
            }
            break;
        case 'closeaccount':
            global $current_User;
            if (!$Settings->get('account_close_enabled') || is_logged_in() && $current_User->check_perm('users', 'edit', false) || !is_logged_in() && !$Session->get('account_closing_success')) {
                // If an account closing page is disabled - Display 404 page with error message
                // Don't allow admins close own accounts from front office
                // Don't display this message for not logged in users, except of one case to display a bye message after account closing
                global $disp;
                $disp = '404';
            } elseif ($Session->get('account_closing_success')) {
                // User has closed the account
                global $account_closing_success;
                $account_closing_success = $Session->get('account_closing_success');
                // Unset this temp session var to don't display the message twice
                $Session->delete('account_closing_success');
                if (is_logged_in()) {
                    // log out current User
                    logout();
                }
            }
            break;
        case 'tags':
            $seo_page_type = 'Tags';
            if ($Blog->get_setting($disp . '_noindex')) {
                // We prefer robots not to index these pages:
                $robots_index = false;
            }
            break;
    }
    $Debuglog->add('skin_init: $disp=' . $disp . ' / $disp_detail=' . $disp_detail . ' / $seo_page_type=' . $seo_page_type, 'skins');
    // Make this switch block special only for 404 page
    switch ($disp) {
        case '404':
            // We have a 404 unresolved content error
            // How do we want do deal with it?
            skin_404_header();
            // This MAY or MAY not have exited -- will exit on 30x redirect, otherwise will return here.
            // Just in case some dumb robot needs extra directives on this:
            $robots_index = false;
            break;
    }
    global $Hit, $check_browser_version;
    if ($check_browser_version && $Hit->get_browser_version() > 0 && $Hit->is_IE(9, '<')) {
        // Display info message if browser IE < 9 version and it is allowed by config var:
        global $debug;
        $Messages->add(T_('Your web browser is too old. For this site to work correctly, we recommend you use a more recent browser.'), 'note');
        if ($debug) {
            $Messages->add('User Agent: ' . $Hit->get_user_agent(), 'note');
        }
    }
    // dummy var for backward compatibility with versions < 2.4.1 -- prevents "Undefined variable"
    global $global_Cache, $credit_links;
    $credit_links = $global_Cache->get('creds');
    $Timer->pause('skin_init');
    // Check if user is logged in with a not active account, and display an error message if required
    check_allow_disp($disp);
    // initialize Blog enabled widgets, before displaying anything
    init_blog_widgets($Blog->ID);
    // Initialize displaying....
    $Timer->start('Skin:display_init');
    $Skin->display_init();
    $Timer->pause('Skin:display_init');
    // Send default headers:
    // See comments inside of this function:
    headers_content_mightcache('text/html');
    // In most situations, you do NOT want to cache dynamic content!
    // Never allow Messages to be cached!
    if ($Messages->count() && !empty($PageCache)) {
        // Abort PageCache collect
        $PageCache->abort_collect();
    }
}
				<?php 
    }
    ?>
				<li><a href="<?php 
    echo url_add_param($Blog->get('url'), 'disp=user');
    ?>
"><?php 
    echo T_('My Profile');
    ?>
</a></li>
				<?php 
    if ($current_User->check_perm('perm_messaging', 'reply')) {
        // User has access for messages module
        ?>
				<li><a href="<?php 
        echo url_add_param($Blog->get('url'), 'disp=threads');
        ?>
"><?php 
        echo T_('My messages');
        ?>
</a></li>
				<?php 
    }
    ?>
				<li><a href="<?php 
    echo get_user_logout_url();
    ?>
"><?php 
    echo T_('Logout');
    ?>
</a></li>
        return $r;
    }
    return '?';
}
$Results->cols[] = array('th' => T_('Destination'), 'td' => '%display_link( {row} )%');
if ($current_User->check_perm('files', 'view')) {
    function file_actions($link_ID)
    {
        /**
         * @var File
         */
        global $current_File;
        global $edited_Item, $current_User;
        $r = '';
        if (isset($current_File)) {
            $title = T_('Locate this file!');
            $r = $current_File->get_linkedit_link($edited_Item->ID, get_icon('locate', 'imgtag', array('title' => $title)), $title) . ' ';
        }
        if ($current_User->check_perm('item', 'edit', false, $edited_Item)) {
            // Check that we have permission to edit item:
            $r .= action_icon(T_('Delete this link!'), 'unlink', regenerate_url('p,itm_ID,action', "link_ID={$link_ID}&amp;action=unlink"));
        }
        return $r;
    }
    $Results->cols[] = array('th' => T_('Actions'), 'td_class' => 'shrinkwrap', 'td' => '%file_actions( #link_ID# )%');
}
if ($current_User->check_perm('files', 'view') && $current_User->check_perm('item', 'edit', false, $edited_Item)) {
    // Check that we have permission to edit item:
    $Results->global_icon(T_('Link a file...'), 'link', url_add_param($Blog->get_filemanager_link(), 'fm_mode=link_item&amp;item_ID=' . $edited_Item->ID), T_('Link files'), 3, 4);
}
$Results->display();
Exemple #28
0
     } else {
         // We need posting permission
         $selected = autoselect_blog('blog_post_statuses', 'edit');
     }
     if (!$selected) {
         // No blog could be selected
         $Messages->add(T_('Sorry, you have no permission to post yet.'), 'error');
         $action = 'nil';
     } else {
         if (set_working_blog($selected)) {
             // Selected a new blog:
             $BlogCache =& get_BlogCache();
             $Blog =& $BlogCache->get_by_ID($blog);
         }
         // Where are we going to redirect to?
         param('redirect_to', 'url', url_add_param($admin_url, 'ctrl=items&filter=restore&blog=' . $Blog->ID, '&'));
         // What form buttton has been pressed?
         param('save', 'string', '');
         $exit_after_save = $action != 'create_edit';
     }
     break;
 case 'make_posts_pre':
     // form for edit several posts
     break;
 case 'make_posts_from_files':
     // Make posts with selected images:
     // Check that this action request is not a CSRF hacked request:
     $Session->assert_received_crumb('file');
     $FileRootCache =& get_FileRootCache();
     // getting root
     $root = param("root");
 /**
  * Add nav_target param into the end of the url, but only if it is necessary
  *
  * @param string the url
  * @param string the current blog or current skin post_navigation setting
  * @param integer the ID of the navigation target
  * @param string glue
  * @return string the received url or the received url extended with the navigation param
  */
 function add_navigation_param($url, $post_navigation, $nav_target, $glue = '&amp;')
 {
     if (empty($url) || empty($nav_target)) {
         // the url or the navigation target is not set we can't modify anything
         return $url;
     }
     switch ($post_navigation) {
         case 'same_category':
             // navigate through the selected category
             if ($this->main_cat_ID != $nav_target) {
                 $url = url_add_param($url, 'cat=' . $nav_target, $glue);
             }
             break;
             // 'same_tag' should be added here, with 'tag' param
         // 'same_tag' should be added here, with 'tag' param
         case 'same_author':
             // navigate through this item author's posts ( param not needed because a post always has only one author )
         // navigate through this item author's posts ( param not needed because a post always has only one author )
         case 'same_blog':
             // by default don't add any param
         // by default don't add any param
         default:
             break;
     }
     return $url;
 }
Exemple #30
0
    locale_restore_previous();
}
// Plugins should cleanup their temporary data here:
$Plugins->trigger_event('MessageFormSentCleanup', array('success_message' => $success_message));
if (empty($redirect_to) && empty($Blog)) {
    $redirect_to = $baseurl;
}
if ($success_message) {
    // Never say to whom we sent the email -- prevent user enumeration.
    $Messages->add(T_('Your message has been sent by email.'), 'success');
    if (empty($redirect_to)) {
        $redirect_to = $Blog->gen_blogurl();
        if (!empty($recipient_User)) {
            $redirect_to = url_add_param($redirect_to, 'disp=msgform&recipient_id=' . $recipient_User->ID);
        }
    }
    header_redirect($redirect_to);
    // exited here
}
// unsuccessful message send, save message params into the Session to not lose the content
$unsaved_message_params = array();
$unsaved_message_params['sender_name'] = $sender_name;
$unsaved_message_params['sender_address'] = $sender_address;
$unsaved_message_params['subject'] = $subject;
$unsaved_message_params['message'] = $original_content;
save_message_params_to_session($unsaved_message_params);
if (param_errors_detected() || empty($redirect_to)) {
    $redirect_to = url_add_param($Blog->gen_blogurl(), 'disp=msgform&recipient_id=' . $recipient_id, '&');
}
header_redirect($redirect_to);
//exited here