function article_list($start, $limit, $sort_by = "article_id DESC", $where = "", $article_details = 0) {
global $database, $user, $owner;
// BEGIN QUERY
$article_query = "SELECT se_articles.*, se_articlecats.articlecat_title, count(articlecomment_id) AS total_comments";
// IF NO USER ID SPECIFIED, RETRIEVE USER INFORMATION
if($this->user_id == 0) { $article_query .= ", se_users.user_id, se_users.user_username, se_users.user_photo, se_users.user_fname, se_users.user_lname "; }
// CONTINUE QUERY
$article_query .= " FROM se_articles LEFT JOIN se_articlecats ON se_articles.article_articlecat_id=se_articlecats.articlecat_id LEFT JOIN se_articlecomments ON se_articles.article_id=se_articlecomments.articlecomment_article_id";
// IF NO USER ID SPECIFIED, JOIN TO USER TABLE
if($this->user_id == 0) { $article_query .= " LEFT JOIN se_users ON se_articles.article_user_id=se_users.user_id"; }
// ADD WHERE IF NECESSARY
if($where != "" | $this->user_id != 0) { $article_query .= " WHERE"; }
// ENSURE USER ID IS NOT EMPTY
if($this->user_id != 0) { $article_query .= " article_user_id='".$this->user_id."'"; }
// INSERT AND IF NECESSARY
if($this->user_id != 0 & $where != "") { $article_query .= " AND"; }
// ADD WHERE CLAUSE, IF NECESSARY
if($where != "") { $article_query .= " $where"; }
// ADD GROUP BY, ORDER, AND LIMIT CLAUSE
$article_query .= " GROUP BY article_id ORDER BY $sort_by LIMIT $start, $limit";
// RUN QUERY
$articleentries = $database->database_query($article_query);
$rc_tag = new rc_articletag();
// GET BLOG ENTRIES INTO AN ARRAY
$article_array = Array();
while($article_info = $database->database_fetch_assoc($articleentries)) {
// CREATE OBJECT FOR EVENT
$article = new rc_article($article_info[user_id]);
$article->article_exists = 1;
$article->article_info= $article_info;
// CONVERT HTML CHARACTERS BACK
//$article_body = str_replace("\r\n", "", html_entity_decode($article_info[article_body]));
// IF NO USER ID SPECIFIED, CREATE OBJECT FOR AUTHOR
if($this->user_id == 0) {
$author = new se_user();
$author->user_exists = 1;
$author->user_info[user_id] = $article_info[user_id];
$author->user_info[user_username] = $article_info[user_username];
$author->user_info[user_photo] = $article_info[user_photo];
$author->user_info[user_fname] = $article_info[user_fname];
$author->user_info[user_lname] = $article_info[user_lname];
// OTHERWISE, SET AUTHOR TO OWNER/LOGGED-IN USER
} elseif($owner->user_exists != 0 & $owner->user_info[user_id] == $article_info[article_user_id]) {
$author = $owner;
} elseif($user->user_exists != 0 & $user->user_info[user_id] == $article_info[article_user_id]) {
$author = $user;
}
$author->user_displayname();
// SET EVENT ARRAY
$article_array[] = Array('article' => $article,
'tags' => $rc_tag->get_object_tags($article_info['article_id']),
'article_author' => $author);
}
// RETURN ARRAY
return $article_array;
} // END article_list() METHOD
include "footer.php";
}
if(isset($_POST['articlecat_id'])) { $articlecat_id = $_POST['articlecat_id']; } elseif(isset($_GET['articlecat_id'])) { $articlecat_id = $_GET['articlecat_id']; } else { $articlecat_id = ""; }
if(isset($_POST['p'])) { $p = $_POST['p']; } elseif(isset($_GET['p'])) { $p = $_GET['p']; } else { $p = 1; }
$keyword = rc_toolkit::get_request('keyword');
$f = rc_toolkit::get_request('f');
$tag = rc_toolkit::get_request('tag');
// CREATE ARTICLE OBJECT
$now = time();
$current_time = time();
$article = new rc_article();
$rc_tag = new rc_articletag();
$criterias = array(
"article_approved = '1'",
"article_draft = '0'",
"article_search= '1'"
);
if ($owner->user_exists) {
$criterias[] = "article_user_id = '{$owner->user_info['user_id']}'";
}
if (strlen($keyword)) {
$criterias[] = "(article_title LIKE '%$keyword%' OR article_body LIKE '%$keyword%')";
}
if ($f == 1) {
$criterias[] = "article_featured = '1'";
$comments = $comment->comment_list(0, 10);
// CHECK IF USER IS ALLOWED TO COMMENT
$allowed_to_comment = 1;
if(!($privacy_max & $rc_article->article_info[article_comments])) { $allowed_to_comment = 0; }
// SHOW FILES IN THIS ALBUM
$articlealbum_info = $database->database_fetch_assoc($database->database_query("SELECT articlealbum_id FROM se_articlealbums WHERE articlealbum_article_id='".$rc_article->article_info[article_id]."' LIMIT 1"));
$total_files = $rc_article->article_media_total($articlealbum_info[articlealbum_id]);
$file_array = $rc_article->article_media_list(0, 5, "RAND()", "(articlemedia_articlealbum_id='$articlealbum_info[articlealbum_id]')");
$rc_article->article_info[article_body] = str_replace("\r\n", "", html_entity_decode($rc_article->article_info[article_body]));
$rc_tag = new rc_articletag();
$article_tags = $rc_tag->get_object_tags($article_id);
// ASSIGN VARIABLES AND DISPLAY ARTICLE PAGE
$smarty->assign('article', $rc_article);
$smarty->assign('articleowner_info', $articleowner_info);
$smarty->assign('article_category', $article_category);
$smarty->assign('parent_category', $parent_category);
$smarty->assign('comments', $comments);
$smarty->assign('total_comments', $total_comments);
$smarty->assign('article_tags', $article_tags);
$smarty->assign('is_article_private', $is_article_private);
$smarty->assign('allowed_to_comment', $allowed_to_comment);
$smarty->assign('files', $file_array);
$smarty->assign('total_files', $total_files);
include "footer.php";
// CHECK THAT SEARCH IS NOT BLANK
if($user->level_info[level_article_search] == 0) { $article_search = 1; }
$article_approved = ($user->level_info[level_article_approved] == 0) ? 1 : 0;
// IF NO ERROR, SAVE ARTICLE
if($is_error == 0) {
$article_date_start = ($article_draft == 0) ? time() : 0;
if($subarticlecat_id != 0) { $articlecat_id = $subarticlecat_id; }
$article_id = $new_article->article_create($article_title, $article_body, $articlecat_id, $article_date_start, $article_draft, $article_approved, $article_search, $article_privacy, $article_comments);
if ($article_id > 0) {
$rc_tag = new rc_articletag();
$rc_tag->update_object_tags($article_id, $article_tags);
}
// INSERT ACTION
if ($article_approved == 1 and $article_draft == 0) {
$article_title_short = $article_title;
if(strlen($article_title_short) > 100) { $article_title_short = substr($article_title_short, 0, 97); $article_title_short .= "..."; }
$actions->actions_add($user, "newarticle", Array($user->user_info[user_username], $user->user_displayname, $article_id, $article_title_short, date("F j, Y, g:i a",$article_date_start)), Array(), 0, FALSE, "user", $user->user_info[user_id], $article_privacy);
}
header("Location: user_article_edit.php?article_id=$article_id&justadded=1");
exit();
}
}
<?
$page = "user_article_edit";
include "header.php";
if($user->level_info[level_article_allow] == 0) { header("Location: user_home.php"); exit(); }
if(isset($_POST['article_id'])) { $article_id = $_POST['article_id']; } elseif(isset($_GET['article_id'])) { $article_id = $_GET['article_id']; } else { $article_id = 0; }
if(isset($_POST['task'])) { $task = $_POST['task']; } elseif(isset($_GET['task'])) { $task = $_GET['task']; } else { $task = "main"; }
if(isset($_POST['justadded'])) { $justadded = $_POST['justadded']; } elseif(isset($_GET['justadded'])) { $justadded = $_GET['justadded']; } else { $justadded = ""; }
// INITIALIZE ARTICLE OBJECT
$article = new rc_article($user->user_info[user_id], $article_id);
$rc_tag = new rc_articletag();
if($article->article_exists == 0) { header("Location: user_article.php"); exit(); }
if($article->article_info[article_user_id] != $user->user_info[user_id]) { header("Location: user_article.php"); exit(); }
// SET ERROR VARIABLES
$is_error = 0;
$result = 0;
$error_message = "";
// GET PRIVACY SETTINGS
$level_article_privacy = unserialize($user->level_info[level_article_privacy]);
rsort($level_article_privacy);
$level_article_comments = unserialize($user->level_info[level_article_comments]);
rsort($level_article_comments);
// CHECK FOR ADMIN ALLOWANCE OF PHOTO
if($article->articleowner_level_info[level_article_photo] == 0 & ($task == "remove" | $task == "upload")) { $task = "main"; }
