/** ---------------------------------------- /** Encode email from template callback /** ----------------------------------------*/ function encode_email($str) { $email = is_array($str) ? trim($str['1']) : trim($str); $title = ''; $email = str_replace(array('"', "'"), '', $email); if ($p = strpos($email, "title=")) { $title = substr($email, $p + 6); $email = trim(substr($email, 0, $p)); } if (!class_exists('Typography')) { require PATH_CORE . 'core.typography' . EXT; } return Typography::encode_email($email, $title, TRUE); }
/** ---------------------------------------- /** Member Public Profile /** ----------------------------------------*/ function public_profile() { global $IN, $SESS, $LANG, $OUT, $DB, $FNS, $PREFS, $LOC, $REGX; /** ---------------------------------------- /** Can the user view profiles? /** ----------------------------------------*/ if ($SESS->userdata['can_view_profiles'] == 'n') { return $OUT->show_user_error('general', array($LANG->line('mbr_not_allowed_to_view_profiles'))); } /** ---------------------------------------- /** Fetch the member data /** ----------------------------------------*/ $sql = " SELECT m.member_id, m.weblog_id, m.tmpl_group_id, m.group_id, m.username, m.screen_name, m.email, m.signature, m.avatar_filename, m.avatar_width, m.avatar_height, m.photo_filename, m.photo_width, m.photo_height, m.url, m.location, m.occupation, m.interests, m.icq, m.aol_im, m.yahoo_im, m.msn_im, m.bio, m.join_date, m.last_visit, m.last_activity, m.last_entry_date, m.last_comment_date, m.last_forum_post_date, m.total_entries, m.total_comments, m.total_forum_topics, m.total_forum_posts, m.language, m.timezone, m.daylight_savings, m.bday_d, m.bday_m, m.bday_y, m.accept_user_email, g.group_title, g.can_send_private_messages FROM exp_members m, exp_member_groups g WHERE m.member_id = '".$this->cur_id."' AND g.site_id = '".$DB->escape_str($PREFS->ini('site_id'))."' AND m.group_id = g.group_id "; if ($this->is_admin == FALSE OR $SESS->userdata('group_id') != 1) { $sql .= "AND m.group_id != '2' "; } $sql .=" AND m.group_id != '3' AND m.group_id != '4'"; $query = $DB->query($sql); if ($query->num_rows == 0) { return $OUT->show_user_error('general', array($LANG->line('profile_not_available'))); } /** ---------------------------------------- /** Fetch the template /** ----------------------------------------*/ $content = $this->_load_element('public_profile'); /** ---------------------------------------- /** Is there an avatar? /** ----------------------------------------*/ if ($PREFS->ini('enable_avatars') == 'y' AND $query->row['avatar_filename'] != '') { $avatar_path = $PREFS->ini('avatar_url', 1).$query->row['avatar_filename']; $avatar_width = $query->row['avatar_width']; $avatar_height = $query->row['avatar_height']; $content = $this->_allow_if('avatar', $content); } else { $avatar_path = ''; $avatar_width = ''; $avatar_height = ''; $content = $this->_deny_if('avatar', $content); } /** ---------------------------------------- /** Is there a member photo? /** ----------------------------------------*/ if ($PREFS->ini('enable_photos') == 'y' AND $query->row['photo_filename'] != '') { $photo_path = $PREFS->ini('photo_url', 1).$query->row['photo_filename']; $photo_width = $query->row['photo_width']; $photo_height = $query->row['photo_height']; $content = $this->_allow_if('photo', $content); $content = $this->_deny_if('not_photo', $content); } else { $photo_path = ''; $photo_width = ''; $photo_height = ''; $content = $this->_deny_if('photo', $content); $content = $this->_allow_if('not_photo', $content); } /** ---------------------------------------- /** Forum specific stuff /** ----------------------------------------*/ $rank_class = 'rankMember'; $rank_title = ''; $rank_stars = ''; $stars = ''; if ($this->in_forum == TRUE) { $rank_query = $DB->query("SELECT rank_title, rank_min_posts, rank_stars FROM exp_forum_ranks ORDER BY rank_min_posts"); $mod_query = $DB->query("SELECT mod_member_id, mod_group_id FROM exp_forum_moderators"); $total_posts = ($query->row['total_forum_topics'] + $query->row['total_forum_posts']); /** ---------------------------------------- /** Assign the rank stars /** ----------------------------------------*/ if (preg_match("/{if\s+rank_stars\}(.+?){\/if\}/i", $content, $matches)) { $rank_stars = $matches['1']; $content = str_replace($matches['0'], '{rank_stars}', $content); } if ($rank_stars != '' AND $rank_query->num_rows > 0) { $num_stars = NULL; $rank_title = ''; $i = 1; foreach ($rank_query->result as $rank) { if ($num_stars == NULL) { $num_stars = $rank['rank_stars']; $rank_title = $rank['rank_title']; } if ($rank['rank_min_posts'] >= $total_posts) { $stars = str_repeat($rank_stars, $num_stars); break; } else { $num_stars = $rank['rank_stars']; $rank_title = $rank['rank_title']; } if ($i++ == $rank_query->num_rows) { $stars = str_repeat($rank_stars, $num_stars); break; } } } /** ---------------------------------------- /** Assign the member rank /** ----------------------------------------*/ // Is the user an admin? $admin_query = $DB->query('SELECT admin_group_id, admin_member_id FROM exp_forum_administrators'); $is_admin = FALSE; if ($admin_query->num_rows > 0) { foreach ($admin_query->result as $row) { if ($row['admin_member_id'] != 0) { if ($row['admin_member_id'] == $this->cur_id) { $is_admin = TRUE; break; } } elseif ($row['admin_group_id'] != 0) { if ($row['admin_group_id'] == $query->row['group_id']) { $is_admin = TRUE; break; } } } } if ($query->row['group_id'] == 1 OR $is_admin == TRUE) { $rankclass = 'rankAdmin'; $rank_class = 'rankAdmin'; $rank_title = $LANG->line('administrator'); } else { if ($mod_query->num_rows > 0) { foreach ($mod_query->result as $mod) { if ($mod['mod_member_id'] == $this->cur_id OR $mod['mod_group_id'] == $query->row['group_id']) { $rank_class = 'rankModerator'; $rank_title = $LANG->line('moderator'); break; } } } } } /** ---------------------------------------- /** Parse variables /** ----------------------------------------*/ $qs = ($PREFS->ini('force_query_string') == 'y') ? '' : '?'; if ($this->in_forum == TRUE) { $search_path = $this->forum_path.'member_search/'.$this->cur_id.'/'; } else { $search_path = $FNS->fetch_site_index(0, 0).$qs.'ACT='.$FNS->fetch_action_id('Search', 'do_search').'&mbr='.urlencode($query->row['member_id']); } $ignore_form = array('hidden_fields' => array('toggle[]' => '', 'name' => '', 'daction' => ''), 'action' => $this->_member_path('update_ignore_list'), 'id' => 'target' ); if ( ! in_array($query->row['member_id'], $SESS->userdata['ignore_list'])) { $ignore_button = "<a href='".$this->_member_path('edit_ignore_list')."' ". "onclick='dynamic_action(\"add\");list_addition(\"".$query->row['screen_name']."\");return false;'>". "{lang:ignore_member}</a></form>"; } else { $ignore_button = "<a href='".$this->_member_path('edit_ignore_list')."' ". "onclick='dynamic_action(\"delete\");list_addition(\"".$query->row['member_id']."\", \"toggle[]\");return false;'>". "{lang:unignore_member}</a></form>"; } $content = $this->_var_swap($content, array( 'aim_console' => "onclick=\"window.open('".$this->_member_path('aim_console/'.$this->cur_id)."', '_blank', 'width=240,height=360,scrollbars=yes,resizable=yes,status=yes,screenx=5,screeny=5');\"", 'icq_console' => "onclick=\"window.open('".$this->_member_path('icq_console/'.$this->cur_id)."', '_blank', 'width=650,height=580,scrollbars=yes,resizable=yes,status=yes,screenx=5,screeny=5');\"", 'yahoo_console' => "http://edit.yahoo.com/config/send_webmesg?.target=".$query->row['yahoo_im']."&.src=pg", 'email_console' => "onclick=\"window.open('".$this->_member_path('email_console/'.$this->cur_id)."', '_blank', 'width=650,height=600,scrollbars=yes,resizable=yes,status=yes,screenx=5,screeny=5');\"", 'send_private_message' => $this->_member_path('messages/pm/'.$this->cur_id), 'search_path' => $search_path, 'path:avatar_url' => $avatar_path, 'avatar_width' => $avatar_width, 'avatar_height' => $avatar_height, 'path:photo_url' => $photo_path, 'photo_width' => $photo_width, 'photo_height' => $photo_height, 'rank_class' => $rank_class, 'rank_stars' => $stars, 'rank_title' => $rank_title, 'ignore_link' => $this->list_js(). $FNS->form_declaration($ignore_form). $ignore_button ) ); $vars = $FNS->assign_variables($content, '/'); $this->var_single = $vars['var_single']; $this->var_pair = $vars['var_pair']; $this->var_cond = $FNS->assign_conditional_variables($content, '/'); /** ---------------------------------------- /** Parse conditional pairs /** ----------------------------------------*/ foreach ($this->var_cond as $val) { /** ---------------------------------------- /** Conditional statements /** ----------------------------------------*/ $cond = $FNS->prep_conditional($val['0']); $lcond = substr($cond, 0, strpos($cond, ' ')); $rcond = substr($cond, strpos($cond, ' ')); if ( isset($query->row[$val['3']])) { $lcond = str_replace($val['3'], "\$query->row['".$val['3']."']", $lcond); $cond = $lcond.' '.$rcond; $cond = str_replace("\|", "|", $cond); eval("\$result = ".$cond.";"); if ($result) { $content = preg_replace("/".LD.$val['0'].RD."(.*?)".LD.'\/if'.RD."/s", "\\1", $content); } else { $content = preg_replace("/".LD.$val['0'].RD."(.*?)".LD.'\/if'.RD."/s", "", $content); } } /** ---------------------------------------- /** {if accept_email} /** ----------------------------------------*/ if (preg_match("/^if\s+accept_email.*/i", $val['0'])) { if ($query->row['accept_user_email'] == 'n') { $content = preg_replace("/".LD.$val['0'].RD."(.+?)".LD.'\/if'.RD."/s", "", $content); } else { $content = preg_replace("/".LD.$val['0'].RD."(.+?)".LD.'\/if'.RD."/s", "\\1", $content); } } /** ---------------------------------------- /** {if can_private_message} /** ----------------------------------------*/ if (stristr($val['0'], 'can_private_message')) { if ($query->row['can_send_private_messages'] == 'n') { $content = preg_replace("/".LD.$val['0'].RD."(.+?)".LD.'\/if'.RD."/s", "", $content); } else { $content = preg_replace("/".LD.$val['0'].RD."(.+?)".LD.'\/if'.RD."/s", "\\1", $content); } } /** ------------------------------------- /** {if ignore} /** -------------------------------------*/ if (stristr($val['0'], 'ignore')) { if ($query->row['member_id'] == $SESS->userdata['member_id']) { $content = $this->_deny_if('ignore', $content); } else { $content = $this->_allow_if('ignore', $content); } } } // END CONDITIONAL PAIRS if ( ! class_exists('Typography')) { require PATH_CORE.'core.typography'.EXT; } $TYPE = new Typography; /** ---------------------------------------- /** Parse "single" variables /** ----------------------------------------*/ foreach ($this->var_single as $key => $val) { /** ---------------------------------------- /** Format URLs /** ----------------------------------------*/ if ($key == 'url') { if (substr($query->row['url'], 0, 4) != "http" AND ! ereg('://', $query->row['url'])) $query->row['url'] = "http://".$query->row['url']; } /** ---------------------------------------- /** "last_visit" /** ----------------------------------------*/ if (ereg("^last_visit", $key)) { $content = $this->_var_swap_single($key, ($query->row['last_activity'] > 0) ? $LOC->decode_date($val, $query->row['last_activity']) : '', $content); } /** ---------------------------------------- /** "join_date" /** ----------------------------------------*/ if (ereg("^join_date", $key)) { $content = $this->_var_swap_single($key, ($query->row['join_date'] > 0) ? $LOC->decode_date($val, $query->row['join_date']) : '', $content); } /** ---------------------------------------- /** "last_entry_date" /** ----------------------------------------*/ if (ereg("^last_entry_date", $key)) { $content = $this->_var_swap_single($key, ($query->row['last_entry_date'] > 0) ? $LOC->decode_date($val, $query->row['last_entry_date']) : '', $content); } /** ---------------------------------------- /** "last_forum_post_date" /** ----------------------------------------*/ if (ereg("^last_forum_post_date", $key)) { $content = $this->_var_swap_single($key, ($query->row['last_forum_post_date'] > 0) ? $LOC->decode_date($val, $query->row['last_forum_post_date']) : '', $content); } /** ---------------------------------------- /** parse "recent_comment" /** ----------------------------------------*/ if (ereg("^last_comment_date", $key)) { $content = $this->_var_swap_single($key, ($query->row['last_comment_date'] > 0) ? $LOC->decode_date($val, $query->row['last_comment_date']) : '', $content); } /** ---------------------- /** {name} /** ----------------------*/ $name = ( ! $query->row['screen_name']) ? $query->row['username'] : $query->row['screen_name']; $name = $this->_convert_special_chars($name); if ($key == "name") { $content = $this->_var_swap_single($val, $name, $content); } /** ---------------------- /** {member_group} /** ----------------------*/ if ($key == "member_group") { $content = $this->_var_swap_single($val, $query->row['group_title'], $content); } /** ---------------------- /** {email} /** ----------------------*/ if ($key == "email") { $content = $this->_var_swap_single($val, $TYPE->encode_email($query->row['email']), $content); } /** ---------------------- /** {birthday} /** ----------------------*/ if ($key == "birthday") { $birthday = ''; if ($query->row['bday_m'] != '' AND $query->row['bday_m'] != 0) { $month = (strlen($query->row['bday_m']) == 1) ? '0'.$query->row['bday_m'] : $query->row['bday_m']; $m = $LOC->localize_month($month); $birthday .= $LANG->line($m['1']); if ($query->row['bday_d'] != '' AND $query->row['bday_d'] != 0) { $birthday .= ' '.$query->row['bday_d']; } } if ($query->row['bday_y'] != '' AND $query->row['bday_y'] != 0) { if ($birthday != '') { $birthday .= ', '; } $birthday .= $query->row['bday_y']; } if ($birthday == '') { $birthday = ''; } $content = $this->_var_swap_single($val, $birthday, $content); } /** ---------------------- /** {timezone} /** ----------------------*/ if ($key == "timezone") { $timezone = ($query->row['timezone'] != '') ? $LANG->line($query->row['timezone']) : ''; $content = $this->_var_swap_single($val, $timezone, $content); } /** ---------------------- /** {local_time} /** ----------------------*/ if (ereg("^local_time", $key)) { $time = $LOC->now; if ($SESS->userdata('member_id') != $this->cur_id) { // Default is UTC? $zone = ($query->row['timezone'] == '') ? 'UTC' : $query->row['timezone']; $time = $LOC->set_localized_time($time, $zone, $query->row['daylight_savings']); } $content = $this->_var_swap_single($key, $LOC->decode_date($val, $time), $content); } /** ---------------------- /** {bio} /** ----------------------*/ if (ereg("^bio$", $key)) { $bio = $TYPE->parse_type($query->row[$val], array( 'text_format' => 'xhtml', 'html_format' => 'safe', 'auto_links' => 'y', 'allow_img_url' => 'n' ) ); $content = $this->_var_swap_single($key, $bio, $content); } // Special condideration for {total_forum_replies}, and // {total_forum_posts} whose meanings do not match the // database field names if (ereg("^total_forum_replies", $key)) { $content = $this->_var_swap_single($key, $query->row['total_forum_posts'], $content); } if (ereg("^total_forum_posts", $key)) { $total_posts = $query->row['total_forum_topics'] + $query->row['total_forum_posts']; $content = $this->_var_swap_single($key, $total_posts, $content); } /** ---------------------------------------- /** parse basic fields (username, screen_name, etc.) /** ----------------------------------------*/ if (isset($query->row[$val])) { $content = $this->_var_swap_single($val, $query->row[$val], $content); } } /** ------------------------------------- /** Do we have custom fields to show? /** ------------------------------------*/ // Grab the data for the particular member $sql = "SELECT m_field_id, m_field_name, m_field_label, m_field_description, m_field_fmt FROM exp_member_fields "; if ($SESS->userdata['group_id'] != 1) { $sql .= " WHERE m_field_public = 'y' "; } $sql .= " ORDER BY m_field_order"; $query = $DB->query($sql); if ($query->num_rows > 0) { $fnames = array(); foreach ($query->result as $row) { $fnames[$row['m_field_name']] = $row['m_field_id']; } $result = $DB->query("SELECT * FROM exp_member_data WHERE member_id = '{$this->cur_id}'"); /** ---------------------------------------- /** Parse conditionals for custom fields /** ----------------------------------------*/ foreach ($this->var_cond as $val) { // Prep the conditional $cond = $FNS->prep_conditional($val['0']); $lcond = substr($cond, 0, strpos($cond, ' ')); $rcond = substr($cond, strpos($cond, ' ')); if (isset($fnames[$val['3']])) { $lcond = str_replace($val['3'], "\$result->row['m_field_id_".$fnames[$val['3']]."']", $lcond); $cond = $lcond.' '.$rcond; $cond = str_replace("\|", "|", $cond); eval("\$rez = ".$cond.";"); if ($rez) { $content = preg_replace("/".LD.$val['0'].RD."(.*?)".LD.'\/if'.RD."/s", "\\1", $content); } else { $content = preg_replace("/".LD.$val['0'].RD."(.*?)".LD.'\/if'.RD."/s", "", $content); } } } // END CONDITIONALS /** ---------------------------------------- /** Parse single variables /** ----------------------------------------*/ foreach ($this->var_single as $key => $val) { foreach ($query->result as $row) { if ($row['m_field_name'] == $key) { $field_data = ( ! isset( $result->row['m_field_id_'.$row['m_field_id']] )) ? '' : $result->row['m_field_id_'.$row['m_field_id']]; if ($field_data != '') { $field_data = $TYPE->parse_type($field_data, array( 'text_format' => $row['m_field_fmt'], 'html_format' => 'none', 'auto_links' => 'n', 'allow_img_url' => 'n' ) ); } $content = $this->_var_swap_single($val, $field_data, $content); } } } /** ---------------------------------------- /** Parse auto-generated "custom_fields" /** ----------------------------------------*/ $field_chunk = $this->_load_element('public_custom_profile_fields'); // Is there a chunk to parse? if ($query->num_rows == 0) { $content = preg_replace("/{custom_profile_fields}/s", '', $content); } else { if ( ! class_exists('Typography')) { require PATH_CORE.'core.typography'.EXT; } $TYPE = new Typography; $str = ''; foreach ($query->result as $row) { $temp = $field_chunk; $field_data = ( ! isset( $result->row['m_field_id_'.$row['m_field_id']] )) ? '' : $result->row['m_field_id_'.$row['m_field_id']]; if ($field_data != '') { $field_data = $TYPE->parse_type($field_data, array( 'text_format' => $row['m_field_fmt'], 'html_format' => 'safe', 'auto_links' => 'y', 'allow_img_url' => 'n' ) ); } $temp = str_replace('{field_name}', $row['m_field_label'], $temp); $temp = str_replace('{field_description}', $row['m_field_description'], $temp); $temp = str_replace('{field_data}', $field_data, $temp); $str .= $temp; } $content = preg_replace("/{custom_profile_fields}/s", $str, $content); } } // END if ($quey->num_rows > 0) /** ---------------------------------------- /** Clean up left over variables /** ----------------------------------------*/ $content = preg_replace("/{custom_profile_fields}/s", '', $content); $content = preg_replace("/".LD."if\s+.*?".RD.".*?".LD.'\/if'.RD."/s", "", $content); return $content; }
/** ---------------------------------------- /** Custom Member Profile Data /** ----------------------------------------*/ function custom_profile_data() { global $DB, $SESS, $TMPL, $FNS, $PREFS, $LOC, $LANG; $member_id = ( ! $TMPL->fetch_param('member_id')) ? $SESS->userdata['member_id'] : $TMPL->fetch_param('member_id'); /** ---------------------------------------- /** Default Member Data /** ----------------------------------------*/ $query = $DB->query("SELECT m.member_id, m.group_id, m.username, m.screen_name, m.email, m.signature, m.avatar_filename, m.avatar_width, m.avatar_height, m.photo_filename, m.photo_width, m.photo_height, m.url, m.location, m.occupation, m.interests, m.bio, m.join_date, m.last_visit, m.last_activity, m.last_entry_date, m.last_comment_date, m.last_forum_post_date, m.total_entries, m.total_comments, m.total_forum_topics, m.total_forum_posts, m.language, m.timezone, m.daylight_savings, m.bday_d, m.bday_m, m.bday_y, g.group_title FROM exp_members m, exp_member_groups g WHERE m.member_id = '".$DB->escape_str($member_id)."' AND g.site_id = '".$DB->escape_str($PREFS->ini('site_id'))."' AND m.group_id = g.group_id"); if ($query->num_rows == 0) { return $TMPL->tagdata = ''; } $default_fields = $query->row; /** ---------------------------------------- /** Is there an avatar? /** ----------------------------------------*/ if ($PREFS->ini('enable_avatars') == 'y' AND $query->row['avatar_filename'] != '') { $avatar_path = $PREFS->ini('avatar_url', 1).$query->row['avatar_filename']; $avatar_width = $query->row['avatar_width']; $avatar_height = $query->row['avatar_height']; $avatar = 'TRUE'; } else { $avatar_path = ''; $avatar_width = ''; $avatar_height = ''; $avatar = 'FALSE'; } /** ---------------------------------------- /** Is there a member photo? /** ----------------------------------------*/ if ($PREFS->ini('enable_photos') == 'y' AND $query->row['photo_filename'] != '') { $photo_path = $PREFS->ini('photo_url', 1).$query->row['photo_filename']; $photo_width = $query->row['photo_width']; $photo_height = $query->row['photo_height']; $photo = 'TRUE'; } else { $photo_path = ''; $photo_width = ''; $photo_height = ''; $photo = 'FALSE'; } /** ---------------------------------------- /** Parse variables /** ----------------------------------------*/ $qs = ($PREFS->ini('force_query_string') == 'y') ? '' : '?'; if ($this->in_forum == TRUE) { $search_path = $this->forum_path.'member_search/'.$this->cur_id.'/'; } else { $search_path = $FNS->fetch_site_index(0, 0).$qs.'ACT='.$FNS->fetch_action_id('Search', 'do_search').'&mbr='.urlencode($query->row['member_id']); } $more_fields = array( 'send_private_message' => $this->_member_path('messages/pm/'.$member_id), 'search_path' => $search_path, 'avatar_url' => $avatar_path, 'avatar_filename' => $query->row['avatar_filename'], 'avatar_width' => $avatar_width, 'avatar_height' => $avatar_height, 'photo_url' => $photo_path, 'photo_filename' => $query->row['photo_filename'], 'photo_width' => $photo_width, 'photo_height' => $photo_height,); $default_fields = array_merge($default_fields, $more_fields); /** ---------------------------------------- /** Fetch the custom member field definitions /** ----------------------------------------*/ $fields = array(); $query = $DB->query("SELECT m_field_id, m_field_name, m_field_fmt FROM exp_member_fields"); if ($query->num_rows > 0) { foreach ($query->result as $row) { $fields[$row['m_field_name']] = array($row['m_field_id'], $row['m_field_fmt']); } } $query = $DB->query("SELECT * FROM exp_member_data WHERE member_id = '".$member_id."'"); if ($query->num_rows == 0) { foreach ($fields as $key => $val) { $TMPL->tagdata = $TMPL->swap_var_single($key, '', $TMPL->tagdata); } return $TMPL->tagdata; } if ( ! class_exists('Typography')) { require PATH_CORE.'core.typography'.EXT; } $TYPE = new Typography; foreach ($query->result as $row) { $cond = array('avatar' => $avatar, 'photo' => $photo); foreach($fields as $key => $value) { if (substr($key, 0, 7) == 'mfield_'); $cond[$key] = $TYPE->parse_type($row['m_field_id_'.$value['0']], array( 'text_format' => $value['1'], 'html_format' => 'safe', 'auto_links' => 'y', 'allow_img_url' => 'n' ) ); } $TMPL->tagdata = $FNS->prep_conditionals($TMPL->tagdata, $cond); /** ---------------------------------------- /** Swap Variables /** ----------------------------------------*/ foreach ($TMPL->var_single as $key => $val) { /** ---------------------------------------- /** parse default member data /** ----------------------------------------*/ /** ---------------------------------------- /** Format URLs /** ----------------------------------------*/ if ($key == 'url') { if (substr($default_fields['url'], 0, 4) != "http" AND ! ereg('://', $default_fields['url'])) $default_fields['url'] = "http://".$default_fields['url']; } /** ---------------------------------------- /** "last_visit" /** ----------------------------------------*/ if (ereg("^last_visit", $key)) { $TMPL->tagdata = $this->_var_swap_single($key, ($default_fields['last_activity'] > 0) ? $LOC->decode_date($val, $default_fields['last_activity']) : '', $TMPL->tagdata); } /** ---------------------------------------- /** "join_date" /** ----------------------------------------*/ if (ereg("^join_date", $key)) { $TMPL->tagdata = $this->_var_swap_single($key, ($default_fields['join_date'] > 0) ? $LOC->decode_date($val, $default_fields['join_date']) : '', $TMPL->tagdata); } /** ---------------------------------------- /** "last_entry_date" /** ----------------------------------------*/ if (ereg("^last_entry_date", $key)) { $TMPL->tagdata = $this->_var_swap_single($key, ($default_fields['last_entry_date'] > 0) ? $LOC->decode_date($val, $default_fields['last_entry_date']) : '', $TMPL->tagdata); } /** ---------------------------------------- /** "last_forum_post_date" /** ----------------------------------------*/ if (ereg("^last_forum_post_date", $key)) { $TMPL->tagdata = $this->_var_swap_single($key, ($default_fields['last_forum_post_date'] > 0) ? $LOC->decode_date($val, $default_fields['last_forum_post_date']) : '', $TMPL->tagdata); } /** ---------------------------------------- /** parse "recent_comment" /** ----------------------------------------*/ if (ereg("^last_comment_date", $key)) { $TMPL->tagdata = $this->_var_swap_single($key, ($default_fields['last_comment_date'] > 0) ? $LOC->decode_date($val, $default_fields['last_comment_date']) : '', $TMPL->tagdata); } /** ---------------------- /** {name} /** ----------------------*/ $name = ( ! $default_fields['screen_name']) ? $default_fields['username'] : $default_fields['screen_name']; $name = $this->_convert_special_chars($name); if ($key == "name") { $TMPL->tagdata = $this->_var_swap_single($val, $name, $TMPL->tagdata); } /** ---------------------- /** {member_group} /** ----------------------*/ if ($key == "member_group") { $TMPL->tagdata = $this->_var_swap_single($val, $default_fields['group_title'], $TMPL->tagdata); } /** ---------------------- /** {email} /** ----------------------*/ if ($key == "email") { $TMPL->tagdata = $this->_var_swap_single($val, $TYPE->encode_email($default_fields['email']), $TMPL->tagdata); } /** ---------------------- /** {birthday} /** ----------------------*/ if ($key == "birthday") { $birthday = ''; if ($default_fields['bday_m'] != '' AND $default_fields['bday_m'] != 0) { $month = (strlen($default_fields['bday_m']) == 1) ? '0'.$default_fields['bday_m'] : $default_fields['bday_m']; $m = $LOC->localize_month($month); $birthday .= $LANG->line($m['1']); if ($default_fields['bday_d'] != '' AND $default_fields['bday_d'] != 0) { $birthday .= ' '.$default_fields['bday_d']; } } if ($default_fields['bday_y'] != '' AND $default_fields['bday_y'] != 0) { if ($birthday != '') { $birthday .= ', '; } $birthday .= $default_fields['bday_y']; } if ($birthday == '') { $birthday = ''; } $TMPL->tagdata = $this->_var_swap_single($val, $birthday, $TMPL->tagdata); } /** ---------------------- /** {timezone} /** ----------------------*/ if ($key == "timezone") { $timezone = ($default_fields['timezone'] != '') ? $LANG->line($default_fields['timezone']) : ''; $TMPL->tagdata = $this->_var_swap_single($val, $timezone, $TMPL->tagdata); } /** ---------------------- /** {local_time} /** ----------------------*/ if (ereg("^local_time", $key)) { $time = $LOC->now; if ($SESS->userdata('member_id') != $this->cur_id) { // Default is UTC? $zone = ($default_fields['timezone'] == '') ? 'UTC' : $default_fields['timezone']; $time = $LOC->set_localized_time($time, $zone, $default_fields['daylight_savings']); } $TMPL->tagdata = $this->_var_swap_single($key, $LOC->decode_date($val, $time), $TMPL->tagdata); } /** ---------------------- /** {bio} /** ----------------------*/ if (ereg("^bio$", $key)) { $bio = $TYPE->parse_type($default_fields[$val], array( 'text_format' => 'xhtml', 'html_format' => 'safe', 'auto_links' => 'y', 'allow_img_url' => 'n' ) ); $TMPL->tagdata = $this->_var_swap_single($key, $bio, $TMPL->tagdata); } // Special condideration for {total_forum_replies}, and // {total_forum_posts} whose meanings do not match the // database field names if (ereg("^total_forum_replies", $key)) { $TMPL->tagdata = $this->_var_swap_single($key, $default_fields['total_forum_posts'], $TMPL->tagdata); } if (ereg("^total_forum_posts", $key)) { $total_posts = $default_fields['total_forum_topics'] + $default_fields['total_forum_posts']; $TMPL->tagdata = $this->_var_swap_single($key, $total_posts, $TMPL->tagdata); } /** ---------------------------------------- /** parse basic fields (username, screen_name, etc.) /** ----------------------------------------*/ if (isset($default_fields[$val])) { $TMPL->tagdata = $this->_var_swap_single($val, $default_fields[$val], $TMPL->tagdata); } /** ---------------------------------------- /** parse custom member fields /** ----------------------------------------*/ if ( isset($fields[$val]) AND isset($row['m_field_id_'.$fields[$val]['0']])) { $TMPL->tagdata = $TMPL->swap_var_single( $val, $TYPE->parse_type( $row['m_field_id_'.$fields[$val]['0']], array( 'text_format' => $fields[$val]['1'], 'html_format' => 'safe', 'auto_links' => 'y', 'allow_img_url' => 'n' ) ), $TMPL->tagdata ); } } } return $TMPL->tagdata; }
/** ---------------------------------------- /** Preview /** ----------------------------------------*/ function preview() { global $IN, $TMPL, $FNS, $DB, $SESS, $LOC, $REGX, $EXT, $LANG, $OUT; $entry_id = isset($_POST['entry_id']) ? $_POST['entry_id'] : $IN->QSTR; if (!is_numeric($entry_id) or empty($_POST['comment'])) { return FALSE; } /** ---------------------------------------- /** Instantiate Typography class /** ----------------------------------------*/ if (!class_exists('Typography')) { require PATH_CORE . 'core.typography' . EXT; } $TYPE = new Typography(FALSE, FALSE); $TYPE->encode_email = FALSE; $sql = "SELECT exp_weblogs.comment_text_formatting, exp_weblogs.comment_html_formatting, exp_weblogs.comment_allow_img_urls, exp_weblogs.comment_auto_link_urls, exp_weblogs.comment_max_chars\n FROM exp_weblogs, exp_weblog_titles\n WHERE exp_weblog_titles.weblog_id = exp_weblogs.weblog_id \n AND exp_weblog_titles.entry_id = '" . $DB->escape_str($entry_id) . "'"; $query = $DB->query($sql); if ($query->num_rows == 0) { return ''; } /** ------------------------------------- /** Check size of comment /** -------------------------------------*/ if ($query->row['comment_max_chars'] != '' and $query->row['comment_max_chars'] != 0) { if (strlen($_POST['comment']) > $query->row['comment_max_chars']) { $str = str_replace("%n", strlen($_POST['comment']), $LANG->line('cmt_too_large')); $str = str_replace("%x", $query->row['comment_max_chars'], $str); return $OUT->show_user_error('submission', $str); } } if ($query->num_rows == '') { $formatting = 'none'; } else { $formatting = $query->row['comment_text_formatting']; } $tagdata = $TMPL->tagdata; // ------------------------------------------- // 'comment_preview_tagdata' hook. // - Play with the tagdata contents of the comment preview // if ($EXT->active_hook('comment_preview_tagdata') === TRUE) { $tagdata = $EXT->call_extension('comment_preview_tagdata', $tagdata); if ($EXT->end_script === TRUE) { return; } } // // ------------------------------------------- /** ---------------------------------------- /** Fetch all the date-related variables /** ----------------------------------------*/ $comment_date = array(); if (preg_match_all("/" . LD . "comment_date\\s+format=[\"'](.*?)[\"']" . RD . "/s", $tagdata, $matches)) { for ($j = 0; $j < count($matches['0']); $j++) { $matches['0'][$j] = str_replace(LD, '', $matches['0'][$j]); $matches['0'][$j] = str_replace(RD, '', $matches['0'][$j]); $comment_date[$matches['0'][$j]] = $LOC->fetch_date_params($matches['1'][$j]); } } /** ---------------------------------------- /** Set defaults based on member data as needed /** ----------------------------------------*/ if (isset($_POST['name']) and $_POST['name'] != '') { $name = stripslashes($IN->GBL('name', 'POST')); } elseif ($SESS->userdata['screen_name'] != '') { $name = $SESS->userdata['screen_name']; } else { $name = ''; } foreach (array('email', 'url', 'location') as $v) { if (isset($_POST[$v]) and $_POST[$v] != '') { ${$v} = stripslashes($IN->GBL($v, 'POST')); } elseif ($SESS->userdata[$v] != '') { ${$v} = $SESS->userdata[$v]; } else { ${$v} = ''; } } /** ---------------------------------------- /** Conditionals /** ----------------------------------------*/ $cond = $_POST; // Sanitized on input and also in prep_conditionals, so no real worries here $cond['logged_in'] = $SESS->userdata('member_id') == 0 ? 'FALSE' : 'TRUE'; $cond['logged_out'] = $SESS->userdata('member_id') != 0 ? 'FALSE' : 'TRUE'; $cond['name'] = $name; $cond['email'] = $email; $cond['url'] = $url == 'http://' ? '' : $url; $cond['location'] = $location; $tagdata = $FNS->prep_conditionals($tagdata, $cond); /** ---------------------------------------- /** Single Variables /** ----------------------------------------*/ foreach ($TMPL->var_single as $key => $val) { /** ---------------------------------------- /** {name} /** ----------------------------------------*/ if ($key == 'name') { $tagdata = $TMPL->swap_var_single($key, $name, $tagdata); } /** ---------------------------------------- /** {email} /** ----------------------------------------*/ if ($key == 'email') { $tagdata = $TMPL->swap_var_single($key, $email, $tagdata); } /** ---------------------------------------- /** {url} /** ----------------------------------------*/ if ($key == 'url') { $tagdata = $TMPL->swap_var_single($key, $url, $tagdata); } /** ---------------------------------------- /** {location} /** ----------------------------------------*/ if ($key == 'location') { $tagdata = $TMPL->swap_var_single($key, $location, $tagdata); } // Prep the URL if ($url != '') { $url = $REGX->prep_url($url); } /** ---------------------------------------- /** {url_or_email} /** ----------------------------------------*/ if ($key == "url_or_email") { $temp = $url; if ($temp == '' and $email != '') { $temp = $TYPE->encode_email($email, '', 0); } $tagdata = $TMPL->swap_var_single($val, $temp, $tagdata); } /** ---------------------------------------- /** {url_or_email_as_author} /** ----------------------------------------*/ if ($key == "url_or_email_as_author") { if ($url != '') { $tagdata = $TMPL->swap_var_single($val, "<a href=\"" . $url . "\">" . $name . "</a>", $tagdata); } else { if ($email != '') { $tagdata = $TMPL->swap_var_single($val, $TYPE->encode_email($email, $name), $tagdata); } else { $tagdata = $TMPL->swap_var_single($val, $name, $tagdata); } } } /** ---------------------------------------- /** {url_or_email_as_link} /** ----------------------------------------*/ if ($key == "url_or_email_as_link") { if ($url != '') { $tagdata = $TMPL->swap_var_single($val, "<a href=\"" . $url . "\">" . $url . "</a>", $tagdata); } else { if ($email != '') { $tagdata = $TMPL->swap_var_single($val, $TYPE->encode_email($email), $tagdata); } else { $tagdata = $TMPL->swap_var_single($val, $name, $tagdata); } } } /** ---------------------------------------- /** parse comment field /** ----------------------------------------*/ if ($key == 'comment') { // ------------------------------------------- // 'comment_preview_comment_format' hook. // - Play with the tagdata contents of the comment preview // if ($EXT->active_hook('comment_preview_comment_format') === TRUE) { $data = $EXT->call_extension('comment_preview_comment_format', $query->row); if ($EXT->end_script === TRUE) { return; } } else { $data = $TYPE->parse_type(stripslashes($IN->GBL('comment', 'POST')), array('text_format' => $query->row['comment_text_formatting'], 'html_format' => $query->row['comment_html_formatting'], 'auto_links' => $query->row['comment_auto_link_urls'], 'allow_img_url' => $query->row['comment_allow_img_urls'])); } // // ------------------------------------------- $tagdata = $TMPL->swap_var_single($key, $data, $tagdata); } /** ---------------------------------------- /** parse comment date /** ----------------------------------------*/ if (isset($comment_date[$key])) { foreach ($comment_date[$key] as $dvar) { $val = str_replace($dvar, $LOC->convert_timestamp($dvar, $LOC->now, TRUE), $val); } $tagdata = $TMPL->swap_var_single($key, $val, $tagdata); } } return $tagdata; }