function resolve($REPORT, $COMMENT) { // The user has chosen to either delete or not delete the comment. // And we might be sending emails. global $PAGE; if (get_http_var('deletecomment') == 'true') { $upheld = true; } else { $upheld = false; } $success = $REPORT->resolve($upheld, $COMMENT); if ($success) { if ($upheld == true) { print "<p>The comment has been deleted.</p>\n"; } print "<p>The report has been resolved.</p>\n"; if (get_http_var('sendtoreporter') == 'true') { // We're sending an email to the reporter. // Either approving or declining what they suggested. if ($REPORT->user_id() > 0) { // The reporting user was logged in at the time, // so get their email address. $USER = new USER(); $USER->init($REPORT->user_id()); $email = $USER->email(); } else { // Non-logged-in user; they should have left their address. $email = $REPORT->email(); } // Prepare the data needed for either email. $data = array('to' => $email); $merge = array('FIRSTNAME' => $REPORT->firstname(), 'LASTNAME' => $REPORT->lastname(), 'REPORTBODY' => strip_tags($REPORT->body())); // Add stuff specific to each type of email. if ($upheld == true) { $data['template'] = 'report_upheld'; } else { $data['template'] = 'report_declined'; $merge['COMMENTURL'] = 'http://' . DOMAIN . $COMMENT->url(); $merge['REASON'] = get_http_var('declinedreason'); } $success = send_template_email($data, $merge); if ($success) { print "<p>An email has been sent to the person who made the report.</p>\n"; } else { $PAGE->error_message("Failed when sending an email to the person who made the report."); } } if (get_http_var('sendtocommenter') == 'true') { // We're telling the commenter that their comment has been deleted. $USER = new USER(); $USER->init($COMMENT->user_id()); // Create the URL for if a user wants to return and post another comment. // Remove the anchor for their now deleted comment. $addcommentsurl = 'http://' . DOMAIN . preg_replace("/#.*\$/", '#addcomment', $COMMENT->url()); $data = array('to' => $USER->email(), 'template' => 'comment_deleted_blank', 'subject' => 'One of your comments has been deleted'); $merge = array('REPLYBODY' => get_http_var('commentermail'), 'FIRSTNAME' => $USER->firstname(), 'LASTNAME' => $USER->lastname(), 'ADDCOMMENTURL' => $addcommentsurl, 'COMMENTBODY' => strip_tags($COMMENT->body())); // We only send this email if a comment has been deleted. $success = send_template_email($data, $merge); if ($success) { print "<p>An email has been sent to the person who posted the comment.</p>\n"; } else { $PAGE->error_message("Failed when sending an email to the person who posted the comment."); } } } $URL = new URL('admin_home'); print '<p><a href="' . $URL->generate() . '">Back</a></p>'; }
} else { $expire = "session"; } // $returnurl is the url of where we'll send the user after login. $THEUSER->login($returnurl, $expire); } else { // Merge the validation errors with any we already have. $errors = array_merge($errors, $valid); display_page($errors); } } } elseif ($resend = get_http_var('resend')) { $USER = new USER(); $USER->init($resend); if (!$USER->confirmed()) { $details = array('email' => $USER->email(), 'firstname' => $USER->firstname(), 'lastname' => $USER->lastname()); $USER->send_confirmation_email($details); $this_page = 'userwelcome'; $PAGE->page_start(); $PAGE->stripe_start(); $message = array('title' => "Confirmation email resent", 'text' => "You should receive an email shortly which will contain a link. You will need to follow that link to confirm your email address before you can log in. Thanks."); $PAGE->message($message); $PAGE->stripe_end(); $PAGE->page_end(); } } else { // First time to the page... display_page(); } function display_page($errors = array()) {
function display_user($user_id = "") { global $THEUSER, $PAGE, $DATA, $this_page, $who; // We're either going to be: // Displaying the details of a user who's just been edited // (their user_id will be in $user_id now). // Viewing THEUSER's own data. // Viewing someone else's data (their id will be in the GET string // user_id variable). // We could do something cleverer so that if THEUSER has sufficient // privileges we display more data when they're viewing someone else's info // than what your average punter sees. // If $user_id is a user id, we've just edited that user's info. // FIRST: Work out whose info we're going to show. $edited = false; // Have we just edited someone's info? if (is_numeric($user_id) && $user_id == $THEUSER->user_id()) { // Display this user's just edited info. $display = "this user"; $edited = true; } elseif (is_numeric($user_id)) { // Display someone else's just edited info. $display = "another user"; $edited = true; } elseif (is_numeric(get_http_var("u"))) { // Display someone else's info. $user_id = get_http_var("u"); $display = "another user"; } elseif ($THEUSER->isloggedin()) { // Display this user's info. $display = "this user"; $user_id = $THEUSER->user_id(); } else { // Nothing to show! $URL = new URL('userlogin'); $URL->insert(array('ret' => '/user/')); $loginurl = $URL->generate(); header("Location: {$loginurl}"); exit; } // SECOND: Get the data for whoever we're going to show. if ($display == "another user") { // Viewing someone else's info. $USER = new USER(); $valid = $USER->init($user_id); if ($valid && $USER->confirmed() && !$USER->deleted()) { // Don't want to display unconfirmed or deleted users. $name = $USER->firstname() . " " . $USER->lastname(); $url = $USER->url(); if ($USER->emailpublic() == true) { $email = $USER->email(); } $status = $USER->status(); $registrationtime = $USER->registrationtime(); // Change the page title to reflect whose info we're viewing. $DATA->set_page_metadata($this_page, "title", "{$name}"); } else { // This user_id doesn't exist. $display = "none"; } } elseif ($display == "this user") { // Display THEUSER's info. $name = $THEUSER->firstname() . " " . $THEUSER->lastname(); $url = $THEUSER->url(); if ($edited) { // We want to show all the info to the user. $email = $THEUSER->email(); $emailpublic = $THEUSER->emailpublic() == true ? "Yes" : "No"; $optin = $THEUSER->optin() == true ? "Yes" : "No"; $postcode = $THEUSER->postcode(); } else { // We're showing them how they're seen to other people. if ($THEUSER->emailpublic()) { $email = $THEUSER->email(); } $registrationtime = $THEUSER->registrationtime(); $status = $THEUSER->status(); } // Change the page title to make it clear we're viewing THEUSER's // own info. Make them less worried about other people seeing some of the // info that shouldn't be public. $DATA->set_page_metadata($this_page, "title", "Your details"); } else { // There's nothing to display! } // THIRD: Print out what we've got. $PAGE->page_start(); if ($display != "none") { $PAGE->stripe_start(); if (isset($registrationtime)) { // Make registration time more user-friendly. list($date, $time) = explode(' ', $registrationtime); $registrationtime = format_date($date, LONGDATEFORMAT); } if ($edited) { print "\t\t\t\t<p><strong>" . ucfirst($who) . " details have been updated:</strong></p>\n"; } if ($this_page == 'userviewself' && !$edited) { $EDITURL = new URL('useredit'); ?> <p><strong>This is how other people see you.</strong> <a href="<?php echo $EDITURL->generate(); ?> ">Edit your details</a>.</p> <?php } ?> <div class="row"> <span class="label">Name</span> <span class="formw"><?php if (substr($name, -3) == ' MP') { print '<a href="/mp/' . make_member_url(substr($name, 0, -3)) . '">'; } echo htmlentities($name); if (substr($name, -3) == ' MP') { print '</a>'; } ?> </span> </div> <div class="row"> <span class="label">Email</span> <span class="formw"><?php if (isset($email)) { $escaped_email = str_replace('@', '@', htmlentities($email)); ?> <a href="mailto:<?php echo $escaped_email . "\">" . $escaped_email; ?> </a><?php } else { ?> Not public<?php } ?> </span> </div> <?php if (isset($postcode)) { if ($postcode == '') { $postcode = 'none'; } ?> <div class="row"> <br> <span class="label">UK Postcode</span> <span class="formw"><?php echo htmlentities($postcode); ?> <small>(not public)</small></span> </div> <?php } if (isset($url)) { if ($url == '') { $url = 'none'; } else { $url = '<a href="' . htmlentities($url) . '">' . htmlentities($url) . '</a>'; } ?> <div class="row"> <span class="label">Website</span> <span class="formw"><?php echo $url; ?> </span> </div> <?php } if (isset($emailpublic)) { ?> <div class="row"> <br>Let other people see your email address? <strong><?php echo htmlentities($emailpublic); ?> </strong></div> <?php } if (isset($optin)) { ?> <div class="row">Receive TheyWorkForYou.com emails? <strong><?php echo htmlentities($optin); ?> </strong></div> <?php } if (isset($status)) { ?> <div class="row"> <span class="label">Status</span> <span class="formw"><?php echo htmlentities($status); ?> </span> </div> <?php } if (isset($registrationtime)) { ?> <div class="row"> <span class="label">Joined</span> <span class="formw"><?php echo htmlentities($registrationtime); ?> </span> </div> <?php } if ($edited && $this_page == 'userviewself') { $EDITURL = new URL('useredit'); $VIEWURL = new URL('userviewself'); ?> <p> <br><a href="<?php echo $EDITURL->generate(); ?> ">Edit again</a> or <a href="<?php echo $VIEWURL->generate(); ?> ">see how others see you</a>.</p> <?php } $PAGE->stripe_end(); # Email alerts if ($this_page == 'userviewself') { $PAGE->stripe_start(); print '<h3>Your email alerts</h3>'; $db = new ParlDB(); $q = $db->query('SELECT * FROM alerts WHERE email = "' . mysql_escape_string($THEUSER->email()) . '" ORDER BY confirmed,deleted,alert_id'); $out = ''; for ($i = 0; $i < $q->rows(); ++$i) { $row = $q->row($i); $criteria = explode(' ', $row['criteria']); $ccc = array(); foreach ($criteria as $c) { if (preg_match('#^speaker:(\\d+)#', $c, $m)) { $MEMBER = new MEMBER(array('person_id' => $m[1])); $ccc[] = 'spoken by ' . $MEMBER->full_name(); } else { $ccc[] = $c; } } $criteria = join(' ', $ccc); $token = $row['alert_id'] . '-' . $row['registrationtoken']; if (!$row['confirmed']) { $action = '<a href="/A/' . $token . '">Confirm</a>'; } elseif ($row['deleted']) { $action = '<form action="/alert/undelete/" method="post"><input type="hidden" name="t" value="' . $token . '"><input type="submit" value="Undelete"></form>'; } else { $action = '<form action="/alert/delete/" method="post"><input type="hidden" name="t" value="' . $token . '"><input type="submit" value="Delete"></form>'; } $out .= '<tr><td>' . $criteria . '</td><td>' . $action . '</td></tr>'; } print '<p>To add a new alert, simply visit an MP or Peer\'s page or conduct a search — to be given the option of turning them into alerts automatically — or visit <a href="/alert/">the manual addition page</a>.</p>'; if ($out) { print '<p>Here are your email alerts:</p>'; print '<table cellpadding="3" cellspacing="0"><tr><th>Criteria</th><th>Action</th></tr>' . $out . '</table>'; } else { print '<p>You currently have no email alerts set up.</p>'; } $PAGE->stripe_end(); } if (!$edited) { $args = array('user_id' => $user_id, 'page' => get_http_var('p')); $COMMENTLIST = new COMMENTLIST(); $COMMENTLIST->display('user', $args); } } else { $message = array('title' => 'Sorry...', 'text' => "We don't have a user ID, so we can't show you anyone's details."); $PAGE->message($message); } $PAGE->page_end(); }
function display_user($user_id = "") { global $THEUSER, $PAGE, $DATA, $this_page, $who; // We're either going to be: // Displaying the details of a user who's just been edited // (their user_id will be in $user_id now). // Viewing THEUSER's own data. // Viewing someone else's data (their id will be in the GET string // user_id variable). // We could do something cleverer so that if THEUSER has sufficient // privileges we display more data when they're viewing someone else's info // than what your average punter sees. // If $user_id is a user id, we've just edited that user's info. // FIRST: Work out whose info we're going to show. $edited = false; // Have we just edited someone's info? if (is_numeric($user_id) && $user_id == $THEUSER->user_id()) { // Display this user's just edited info. $display = "this user"; $edited = true; } elseif (is_numeric($user_id)) { // Display someone else's just edited info. $display = "another user"; $edited = true; } elseif (is_numeric(get_http_var("u"))) { // Display someone else's info. $user_id = get_http_var("u"); $display = "another user"; } elseif ($THEUSER->isloggedin()) { // Display this user's info. $display = "this user"; $user_id = $THEUSER->user_id(); } else { // Nothing to show! $URL = new URL('userlogin'); $URL->insert(array('ret' => '/user/')); $loginurl = $URL->generate(); header("Location: {$loginurl}"); exit; } // SECOND: Get the data for whoever we're going to show. $db = new ParlDB(); if ($display == "another user") { // Viewing someone else's info. $USER = new USER(); $valid = $USER->init($user_id); if ($valid && $USER->confirmed() && !$USER->deleted()) { // Don't want to display unconfirmed or deleted users. $name = $USER->firstname() . " " . $USER->lastname(); $url = $USER->url(); if ($USER->emailpublic() == true) { $email = $USER->email(); } $status = $USER->status(); $registrationtime = $USER->registrationtime(); // Change the page title to reflect whose info we're viewing. $DATA->set_page_metadata($this_page, "title", "{$name}"); $q = $db->query('select count(*) as c from video_timestamps where deleted=0 and user_id= ' . $USER->user_id()); $video = $q->field(0, 'c'); } else { // This user_id doesn't exist. $display = "none"; } } elseif ($display == "this user") { // Display THEUSER's info. $name = $THEUSER->firstname() . " " . $THEUSER->lastname(); $url = $THEUSER->url(); if ($edited) { // We want to show all the info to the user. $email = $THEUSER->email(); $emailpublic = $THEUSER->emailpublic() == true ? "Yes" : "No"; $optin = $THEUSER->optin() == true ? "Yes" : "No"; $postcode = $THEUSER->postcode(); } else { // We're showing them how they're seen to other people. if ($THEUSER->emailpublic()) { $email = $THEUSER->email(); } $registrationtime = $THEUSER->registrationtime(); $status = $THEUSER->status(); } $q = $db->query('select count(*) as c from video_timestamps where deleted=0 and user_id= ' . $THEUSER->user_id()); $video = $q->field(0, 'c'); // Change the page title to make it clear we're viewing THEUSER's // own info. Make them less worried about other people seeing some of the // info that shouldn't be public. $DATA->set_page_metadata($this_page, "title", "Your details"); } else { // There's nothing to display! } // THIRD: Print out what we've got. $PAGE->page_start(); if ($display != "none") { $PAGE->stripe_start(); if (isset($registrationtime)) { // Make registration time more user-friendly. list($date, $time) = explode(' ', $registrationtime); $registrationtime = format_date($date, LONGDATEFORMAT); } if ($edited) { print "\t\t\t\t<p><strong>" . ucfirst($who) . " details have been updated:</strong></p>\n"; } if ($this_page == 'userviewself' && !$edited) { $EDITURL = new URL('useredit'); ?> <p><strong>This is how other people see you.</strong> <a href="<?php echo $EDITURL->generate(); ?> ">Edit your details</a>.</p> <?php } ?> <div class="row"> <span class="label">Name</span> <span class="formw"><?php if (substr($name, -3) == ' MP') { print '<a href="/mp/' . make_member_url(substr($name, 0, -3)) . '">'; } echo htmlentities($name); if (substr($name, -3) == ' MP') { print '</a>'; } ?> </span> </div> <div class="row"> <span class="label">Email</span> <span class="formw"><?php if (isset($email)) { $escaped_email = str_replace('@', '@', htmlentities($email)); ?> <a href="mailto:<?php echo $escaped_email . "\">" . $escaped_email; ?> </a><?php } else { ?> Not public<?php } ?> </span> </div> <?php if (isset($postcode)) { if ($postcode == '') { $postcode = 'none'; } ?> <div class="row"> <br> <span class="label">UK Postcode</span> <span class="formw"><?php echo htmlentities($postcode); ?> <small>(not public)</small></span> </div> <?php } if (isset($url)) { if ($url == '') { $url = 'none'; } else { $url = '<a href="' . htmlentities($url) . '">' . htmlentities($url) . '</a>'; } ?> <div class="row"> <span class="label">Website</span> <span class="formw"><?php echo $url; ?> </span> </div> <?php } if (isset($emailpublic)) { ?> <div class="row"> <br>Let other people see your email address? <strong><?php echo htmlentities($emailpublic); ?> </strong></div> <?php } if (isset($optin)) { ?> <div class="row">Receive TheyWorkForYou.com emails? <strong><?php echo htmlentities($optin); ?> </strong></div> <?php } if (isset($status)) { ?> <div class="row"> <span class="label">Status</span> <span class="formw"><?php echo htmlentities($status); ?> </span> </div> <?php } if (isset($registrationtime)) { ?> <div class="row"> <span class="label">Joined</span> <span class="formw"><?php echo htmlentities($registrationtime); ?> </span> </div> <?php } if (isset($video)) { echo '<div class="row"><span class="label">Videos timestamped</span> <span class="formw">', $video, '</span></div>'; } if ($edited && $this_page == 'userviewself') { $EDITURL = new URL('useredit'); $VIEWURL = new URL('userviewself'); ?> <p> <br><a href="<?php echo $EDITURL->generate(); ?> ">Edit again</a> or <a href="<?php echo $VIEWURL->generate(); ?> ">see how others see you</a>.</p> <?php } $PAGE->stripe_end(); # Email alerts if ($this_page == 'userviewself') { $PAGE->stripe_start(); print '<h3>Your email alerts</h3>'; alerts_manage($THEUSER->email()); $PAGE->stripe_end(); } if (!$edited) { $args = array('user_id' => $user_id, 'page' => get_http_var('p')); $COMMENTLIST = new COMMENTLIST(); $COMMENTLIST->display('user', $args); } } else { $message = array('title' => 'Sorry...', 'text' => "We don't have a user ID, so we can't show you anyone's details."); $PAGE->message($message); } $PAGE->page_end(); }