/**
* sidに対応する多言語記事が存在する場合はその記事へのリンクを作成し返す関数
* $sid : story id
* --------------
* return : 多言語記事へのリンク
**/
function CUSTOM_multilangstory($sid)
{
global $_CONF, $_TABLES;
$retval = '';
if (empty($_CONF['languages']) || empty($_CONF['language_files']) || count($_CONF['languages']) != count($_CONF['language_files'])) {
return $retval;
}
$work = split('_', $sid);
$cur_lang = array_pop($work);
if (empty($cur_lang) || !array_key_exists($cur_lang, $_CONF['languages'])) {
return $retval;
}
$entries = array();
$mini_sid = implode('_', $work);
foreach ($_CONF['languages'] as $key => $value) {
if ($cur_lang != $key) {
$mul_sid = DB_getItem($_TABLES['stories'], 'sid', 'sid="' . $mini_sid . '_' . $key . '"');
if (!empty($mul_sid)) {
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $mul_sid);
$entries[] = '<a href="' . $url . '">' . $value . '</a>';
}
}
}
if (sizeof($entries) > 0) {
$retval .= COM_makeList($entries);
}
return $retval;
}
}
} else {
$show_comments = true;
}
// Display the comments, if there are any ..
if ($story->displayElements('commentcode') >= 0 and $show_comments) {
$delete_option = SEC_hasRights('story.edit') && $story->getAccess() == 3 ? true : false;
require_once $_CONF['path_system'] . 'lib-comment.php';
$story_template->set_var('commentbar', CMT_userComments($story->getSid(), $story->displayElements('title'), 'article', $order, $mode, 0, $page, false, $delete_option, $story->displayElements('commentcode')));
}
if ($_CONF['trackback_enabled'] && $story->displayElements('trackbackcode') >= 0 && $show_comments) {
if (SEC_hasRights('story.ping')) {
if ($story->displayElements('draft_flag') == 0 && $story->displayElements('day') < time()) {
$url = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&id=' . $story->getSid();
$story_template->set_var('send_trackback_link', COM_createLink($LANG_TRB['send_trackback'], $url));
$story_template->set_var('send_trackback_url', $url);
$story_template->set_var('lang_send_trackback_text', $LANG_TRB['send_trackback']);
}
}
$permalink = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
$story_template->set_var('trackback', TRB_renderTrackbackComments($story->getSID(), 'article', $story->displayElements('title'), $permalink));
} else {
$story_template->set_var('trackback', '');
}
$display .= $story_template->finish($story_template->parse('output', 'article'));
$display .= COM_siteFooter();
}
} else {
$display .= COM_refresh($_CONF['site_url'] . '/index.php');
}
COM_output($display);
function LIB_GetListField($fieldname, $fieldvalue, $A, $icon_arr)
{
global $_CONF;
global $LANG_ACCESS;
$retval = '';
switch ($fieldname) {
//編集アイコン
case 'editid':
$retval = "<a href=\"{$_CONF['site_admin_url']}";
$retval .= "/plugins/" . THIS_SCRIPT;
$retval .= "?mode=edit";
$retval .= "&id={$A['group_id']}\">";
$retval .= "{$icon_arr['edit']}</a>";
break;
case 'copy':
$url = $_CONF['site_admin_url'] . "/plugins/" . THIS_SCRIPT;
$url .= "?";
$url .= "mode=copy";
$url .= "&id={$A['group_id']}";
$retval = COM_createLink($icon_arr['copy'], $url);
break;
case 'code':
$name = COM_applyFilter($A['code']);
$url = $_CONF['site_url'] . "/" . THIS_SCRIPT2;
$url .= "?";
$url .= "gcode=" . $A['code'];
$url .= "&m=gcode";
$url = COM_buildUrl($url);
$retval = COM_createLink($name, $url);
break;
case 'group_id':
$name = COM_applyFilter($A['group_id']);
$url = $_CONF['site_url'] . "/" . THIS_SCRIPT2;
$url .= "?";
$url .= "gid=" . $A['group_id'];
$url .= "&m=gid";
$url = COM_buildUrl($url);
$retval = COM_createLink($name, $url);
break;
//各項目
//各項目
default:
$retval = $fieldvalue;
break;
}
return $retval;
}
/**
* Callback function for the ListFactory class
*
* This function gets called by the ListFactory class and formats
* each row accordingly for example pulling usernames from the
* users table and displaying a link to their profile.
*
* @param array $row An array of plain data to format
* @return array A reformatted version of the input array
*
*/
public function searchFormatCallback($preSort, $row)
{
global $_CONF, $LANG09;
if ($preSort) {
if (is_array($row[LF_SOURCE_TITLE])) {
$row[LF_SOURCE_TITLE] = implode($_CONF['search_separator'], $row[LF_SOURCE_TITLE]);
}
if (is_numeric($row['uid'])) {
if (empty($this->_names[$row['uid']])) {
$this->_names[$row['uid']] = htmlspecialchars(COM_getDisplayName($row['uid']));
if ($row['uid'] != 1) {
$this->_names[$row['uid']] = COM_createLink($this->_names[$row['uid']], $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $row['uid']);
}
}
$row['uid'] = $this->_names[$row['uid']];
}
} else {
$row[LF_SOURCE_TITLE] = COM_createLink($row[LF_SOURCE_TITLE], $this->_searchURL . '&type=' . $row[LF_SOURCE_NAME] . '&mode=search');
if ($row['url'] != '#') {
$row['url'] = ($row['url'][0] == '/' ? $_CONF['site_url'] : '') . $row['url'];
if (isset($this->_url_rewrite[$row[LF_SOURCE_NAME]]) && $this->_url_rewrite[$row[LF_SOURCE_NAME]]) {
$row['url'] = COM_buildUrl($row['url']);
}
if (isset($this->_append_query[$row[LF_SOURCE_NAME]]) && $this->_append_query[$row[LF_SOURCE_NAME]]) {
if (!empty($this->_query)) {
$row['url'] .= (strpos($row['url'], '?') ? '&' : '?') . 'query=' . urlencode($this->_query);
}
}
}
$row['title'] = $this->_shortenText($this->_query, $row['title'], 8);
$row['title'] = stripslashes(str_replace('$', '$', $row['title']));
$row['title'] = COM_createLink($row['title'], $row['url']);
if ($row['description'] == 'LF_NULL') {
$row['description'] = '<i>' . $LANG09[70] . '</i>';
} elseif ($row['description'] != '<i>' . $LANG09[70] . '</i>') {
$row['description'] = stripslashes($this->_shortenText($this->_query, PLG_replaceTags($row['description']), $this->_wordlength));
}
if ($row['date'] != 'LF_NULL') {
$dt = COM_getUserDateTimeFormat(intval($row['date']));
$row['date'] = $dt[0];
}
if ($row['hits'] != 'LF_NULL') {
$row['hits'] = COM_NumberFormat($row['hits']) . ' ';
// simple solution to a silly problem!
}
}
return $row;
}
/**
* Returns an array of (
* 'id' => $id (string),
* 'title' => $title (string),
* 'uri' => $uri (string),
* 'date' => $date (int: Unix timestamp),
* 'image_uri' => $image_uri (string)
* )
*/
public function getItemsByDate($tid = '', $all_langs = FALSE)
{
global $_CONF, $_TABLES;
$entries = array();
if (empty(Dataproxy::$startDate) or empty(Dataproxy::$endDate)) {
return $entries;
}
$sql = "SELECT sid, title, UNIX_TIMESTAMP(date) AS day " . " FROM {$_TABLES['stories']} " . "WHERE (draft_flag = 0) AND (date <= NOW()) " . " AND (UNIX_TIMESTAMP(date) BETWEEN '" . Dataproxy::$startDate . "' AND '" . Dataproxy::$endDate . "') ";
if (!empty($tid)) {
$sql .= "AND (tid = '" . addslashes($tid) . "') ";
}
if (!Dataproxy::isRoot()) {
$sql .= COM_getTopicSql('AND', Dataproxy::uid()) . COM_getPermSql('AND', Dataproxy::uid());
if (function_exists('COM_getLangSQL') and $all_langs === FALSE) {
$sql .= COM_getLangSQL('sid', 'AND');
}
}
$result = DB_query($sql);
if (DB_error()) {
return $entries;
}
while (($A = DB_fetchArray($result, FALSE)) !== FALSE) {
$entry = array();
$entry['id'] = stripslashes($A['sid']);
$entry['title'] = stripslashes($A['title']);
$entry['uri'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . stripslashes($A['sid']));
$entry['date'] = $A['day'];
$entry['imageurl'] = FALSE;
$entries[] = $entry;
}
return $entries;
}
/**
* Saves a story submission
*
* @param array $A Data for that submission
* @return string HTML redirect
*
*/
function savestory($A)
{
global $_CONF, $_TABLES, $_USER;
$retval = '';
$story = new Story();
$story->loadSubmission();
// pseudo-formatted story text for the spam check
$result = PLG_checkforSpam($story->GetSpamCheckFormat(), $_CONF['spamx']);
if ($result > 0) {
COM_updateSpeedlimit('submit');
COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden');
}
COM_updateSpeedlimit('submit');
$result = $story->saveSubmission();
if ($result == STORY_NO_ACCESS_TOPIC) {
// user doesn't have access to this topic - bail
$retval = COM_refresh($_CONF['site_url'] . '/index.php');
} elseif ($result == STORY_SAVED || $result == STORY_SAVED_SUBMISSION) {
if (isset($_CONF['notification']) && in_array('story', $_CONF['notification'])) {
sendNotification($_TABLES['storysubmission'], $story);
}
if ($result == STORY_SAVED) {
$retval = COM_refresh(COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()));
} else {
$retval = COM_refresh($_CONF['site_url'] . '/index.php?msg=2');
}
}
return $retval;
}
/**
* Returns the trackback URL for an entry
*
* Note: Trackback pings default to stories, so we leave off the type if it
* is 'article' to create shorter URLs.
*
* @param string $id the entry's ID
* @param string $type type of the entry ('article' = story, etc.)
* @return string trackback URL for that entry
*
*/
function TRB_makeTrackbackUrl($id, $type = 'article')
{
global $_CONF;
$url = $_CONF['site_url'] . '/trackback.php?id=' . $id;
if (!empty($type) && $type != 'article') {
$url .= '&type=' . $type;
}
return COM_buildUrl($url);
}
/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @param int $user User ID of profile to get
* @param int $msg Message to display (if != 0)
* @return string HTML for user profile page
*
*/
function userprofile($user, $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG_LOGIN;
$retval = '';
if (empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
$retval .= COM_siteHeader('menu');
$retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$login = new Template($_CONF['path_layout'] . 'submit');
$login->set_file(array('login' => 'submitloginrequired.thtml'));
$login->set_var('xhtml', XHTML);
$login->set_var('login_message', $LANG_LOGIN[2]);
$login->set_var('site_url', $_CONF['site_url']);
$login->set_var('site_admin_url', $_CONF['site_admin_url']);
$login->set_var('layout_url', $_CONF['layout_url']);
$login->set_var('lang_login', $LANG_LOGIN[3]);
$login->set_var('lang_newuser', $LANG_LOGIN[4]);
$login->parse('output', 'login');
$retval .= $login->finish($login->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
return $retval;
}
$result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = {$user}");
$nrows = DB_numRows($result);
if ($nrows == 0) {
// no such user
return COM_refresh($_CONF['site_url'] . '/index.php');
}
$A = DB_fetchArray($result);
$display_name = COM_getDisplayName($user, $A['username'], $A['fullname']);
// format date/time to user preference
$curtime = COM_getUserDateTimeFormat($A['regdate']);
$A['regdate'] = $curtime[0];
$user_templates = new Template($_CONF['path_layout'] . 'users');
$user_templates->set_file(array('profile' => 'profile.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
$user_templates->set_var('xhtml', XHTML);
$user_templates->set_var('site_url', $_CONF['site_url']);
$user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
$user_templates->set_var('end_block', COM_endBlock());
$user_templates->set_var('lang_username', $LANG04[2]);
if ($_CONF['show_fullname'] == 1) {
$user_templates->set_var('username', $A['fullname']);
$user_templates->set_var('user_fullname', $A['username']);
} else {
$user_templates->set_var('username', $A['username']);
$user_templates->set_var('user_fullname', $A['fullname']);
}
if (SEC_hasRights('user.edit')) {
global $_IMAGE_TYPE, $LANG_ADMIN;
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>';
$edit_link_url = COM_createLink($edit_icon, "{$_CONF['site_admin_url']}/user.php?mode=edit&uid={$A['uid']}");
$user_templates->set_var('edit_link', $edit_link_url);
}
$photo = USER_getPhoto($user, $A['photo'], $A['email'], -1);
$user_templates->set_var('user_photo', $photo);
$user_templates->set_var('lang_membersince', $LANG04[67]);
$user_templates->set_var('user_regdate', $A['regdate']);
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('user_id', $user);
$user_templates->set_var('lang_sendemail', $LANG04[81]);
$user_templates->set_var('lang_homepage', $LANG04[6]);
$user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
$user_templates->set_var('lang_location', $LANG04[106]);
$user_templates->set_var('user_location', strip_tags($A['location']));
$user_templates->set_var('lang_bio', $LANG04[7]);
$user_templates->set_var('user_bio', nl2br(stripslashes($A['about'])));
$user_templates->set_var('lang_pgpkey', $LANG04[8]);
$user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
$user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
$user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
$user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
$user_templates->set_var('lang_title', $LANG09[16]);
$user_templates->set_var('lang_date', $LANG09[17]);
// for alternative layouts: use these as headlines instead of block titles
$user_templates->set_var('headline_last10stories', $LANG04[82]);
$user_templates->set_var('headline_last10comments', $LANG04[10]);
$user_templates->set_var('headline_postingstats', $LANG04[83]);
$result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$nrows = DB_numRows($result);
$tids = array();
for ($i = 0; $i < $nrows; $i++) {
$T = DB_fetchArray($result);
$tids[] = $T['tid'];
}
$topics = "'" . implode("','", $tids) . "'";
// list of last 10 stories by this user
if (count($tids) > 0) {
$sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
} else {
$nrows = 0;
}
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
$user_templates->set_var('article_url', $articleUrl);
$C['title'] = str_replace('$', '$', $C['title']);
$user_templates->set_var('story_title', COM_createLink(stripslashes($C['title']), $articleUrl, array('class' => 'b')));
$storytime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('story_date', $storytime[0]);
$user_templates->parse('story_row', 'strow', true);
}
} else {
$user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
}
// list of last 10 comments by this user
$sidArray = array();
if (count($tids) > 0) {
// first, get a list of all stories the current visitor has access to
$sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$result = DB_query($sql);
$numsids = DB_numRows($result);
for ($i = 1; $i <= $numsids; $i++) {
$S = DB_fetchArray($result);
$sidArray[] = $S['sid'];
}
}
$sidList = implode("', '", $sidArray);
$sidList = "'{$sidList}'";
// then, find all comments by the user in those stories
$sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = {$user}) GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
// SQL NOTE: Using a HAVING clause is usually faster than a where if the
// field is part of the select
// if (!empty ($sidList)) {
// $sql .= " AND (sid in ($sidList))";
// }
if (!empty($sidList)) {
$sql .= " HAVING sid in ({$sidList})";
}
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$comment_url = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $C['cid'];
$C['title'] = str_replace('$', '$', $C['title']);
$user_templates->set_var('comment_title', COM_createLink(stripslashes($C['title']), $comment_url, array('class' => 'b')));
$commenttime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('comment_date', $commenttime[0]);
$user_templates->parse('comment_row', 'row', true);
}
} else {
$user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
}
// posting stats for this user
$user_templates->set_var('lang_number_stories', $LANG04[84]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_stories', COM_numberFormat($N['count']));
$user_templates->set_var('lang_number_comments', $LANG04[85]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = {$user})";
if (!empty($sidList)) {
$sql .= " AND (sid in ({$sidList}))";
}
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_comments', COM_numberFormat($N['count']));
$user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
// Call custom registration function if enabled and exists
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
$user_templates->set_var('customfields', CUSTOM_userDisplay($user));
}
PLG_profileVariablesDisplay($user, $user_templates);
$user_templates->parse('output', 'profile');
$retval .= $user_templates->finish($user_templates->get_var('output'));
$retval .= PLG_profileBlocksDisplay($user);
return $retval;
}
/**
* Returns an array of (
* 'id' => $id (string),
* 'title' => $title (string),
* 'uri' => $uri (string),
* 'date' => $date (int: Unix timestamp),
* 'image_uri' => $image_uri (string)
* )
*/
function getItems($category, $all_langs = false)
{
global $_CONF, $_TABLES, $_CONF_ADVT;
$entries = array();
if ($this->uid == 1 and $this->isLoginRequired() === true) {
return $entries;
}
$sql = "SELECT * " . "FROM {$_TABLES['ad_ads']} " . "WHERE (cat_id ='" . DB_escapeString($category) . "') " . "ORDER BY ad_id";
$result = DB_query($sql);
if (DB_error()) {
return $entries;
}
while (($A = DB_fetchArray($result, false)) !== false) {
$entry = array();
$entry['id'] = $A['ad_id'];
$entry['title'] = $A['subject'];
$entry['uri'] = COM_buildUrl($_CONF['site_url'] . '/' . $_CONF_ADVT['pi_name'] . '/index.php?mode=detail&id=' . urlencode($A['ad_id']));
$entry['date'] = $A['add_date'];
$entry['image_uri'] = $retval['uri'];
$entries[] = $entry;
}
return $entries;
}
/**
* Implements the [topic:] autotag.
*
* @param string $op operation to perform
* @param string $content item (e.g. topic text), including the autotag
* @param array $autotag parameters used in the autotag
* @param mixed tag names (for $op='tagname') or formatted content
*
*/
function plugin_autotags_topic($op, $content = '', $autotag = '')
{
global $_CONF, $_TABLES, $LANG27, $_GROUPS;
if ($op == 'tagname') {
return array('topic', 'related_topics', 'related_items');
} elseif ($op == 'permission' || $op == 'nopermission') {
if ($op == 'permission') {
$flag = true;
} else {
$flag = false;
}
$tagnames = array();
if (isset($_GROUPS['Topic Admin'])) {
$group_id = $_GROUPS['Topic Admin'];
} else {
$group_id = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Topic Admin'");
}
$owner_id = SEC_getDefaultRootUser();
if (COM_getPermTag($owner_id, $group_id, $_CONF['autotag_permissions_topic'][0], $_CONF['autotag_permissions_topic'][1], $_CONF['autotag_permissions_topic'][2], $_CONF['autotag_permissions_topic'][3]) == $flag) {
$tagnames[] = 'topic';
}
if (COM_getPermTag($owner_id, $group_id, $_CONF['autotag_permissions_related_topics'][0], $_CONF['autotag_permissions_related_topics'][1], $_CONF['autotag_permissions_related_topics'][2], $_CONF['autotag_permissions_related_topics'][3]) == $flag) {
$tagnames[] = 'related_topics';
}
if (COM_getPermTag($owner_id, $group_id, $_CONF['autotag_permissions_related_items'][0], $_CONF['autotag_permissions_related_items'][1], $_CONF['autotag_permissions_related_items'][2], $_CONF['autotag_permissions_related_items'][3]) == $flag) {
$tagnames[] = 'related_items';
}
if (count($tagnames) > 0) {
return $tagnames;
}
} elseif ($op == 'description') {
return array('topic' => $LANG27['autotag_desc_topic'], 'related_topics' => $LANG27['autotag_desc_related_topics'], 'related_items' => $LANG27['autotag_desc_related_items']);
} elseif ($op == 'parse') {
if ($autotag['tag'] != 'topic' && $autotag['tag'] != 'related_topics' && $autotag['tag'] != 'related_items') {
return $content;
}
if ($autotag['tag'] == 'topic') {
$tid = COM_applyFilter($autotag['parm1']);
if (!empty($tid) && SEC_hasTopicAccess($tid) > 0) {
$tid = DB_escapeString($tid);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['topics']} WHERE tid = '{$tid}'";
$result = DB_query($sql);
$A = DB_fetchArray($result);
if ($A['count'] == 1) {
$url = COM_buildUrl($_CONF['site_url'] . '/index.php?topic=' . $tid);
$linktext = $autotag['parm2'];
if (empty($linktext)) {
$linktext = stripslashes(DB_getItem($_TABLES['topics'], 'topic', "tid = '{$tid}'"));
}
$link = COM_createLink($linktext, $url);
$content = str_replace($autotag['tagstr'], $link, $content);
}
}
} elseif ($autotag['tag'] == 'related_topics') {
$id = COM_applyFilter($autotag['parm1']);
$type = '';
$max = $_CONF['related_topics_max'];
// Article Default
$tids = array();
$skip = 0;
$px = explode(' ', trim($autotag['parm2']));
if (is_array($px)) {
foreach ($px as $part) {
if (substr($part, 0, 5) == 'type:') {
$a = explode(':', $part);
$type = $a[1];
$skip++;
} elseif (substr($part, 0, 4) == 'max:') {
$a = explode(':', $part);
$max = $a[1];
$skip++;
} elseif (substr($part, 0, 6) == 'topic:') {
$a = explode(':', $part);
$tids[] = $a[1];
// Add each topic when found
$skip++;
} else {
break;
}
}
}
$related_topics = '';
if (!empty($type) and !empty($id)) {
// Return topics of object
$related_topics = TOPIC_relatedTopics($type, $id, $max);
} elseif (!empty($tids)) {
// Since list of topics specified add id to topic list (since really a topic)
if (!empty($id)) {
$tids[] = $id;
}
$related_topics = TOPIC_relatedTopics('', '', $max, $tids);
}
if (!empty($related_topics)) {
$content = str_replace($autotag['tagstr'], $related_topics, $content);
}
} elseif ($autotag['tag'] == 'related_items') {
$id = COM_applyFilter($autotag['parm1']);
$type = '';
$max = $_CONF['related_topics_max'];
// Article Default
$trim = 0;
$include_types = array();
$tids = array();
$skip = 0;
$px = explode(' ', trim($autotag['parm2']));
if (is_array($px)) {
foreach ($px as $part) {
if (substr($part, 0, 5) == 'type:') {
$a = explode(':', $part);
$type = $a[1];
$skip++;
} elseif (substr($part, 0, 4) == 'max:') {
$a = explode(':', $part);
$max = $a[1];
$skip++;
} elseif (substr($part, 0, 5) == 'trim:') {
$a = explode(':', $part);
$trim = $a[1];
$skip++;
} elseif (substr($part, 0, 6) == 'topic:') {
$a = explode(':', $part);
$tids[] = $a[1];
// Add each topic when found
$skip++;
} elseif (substr($part, 0, 8) == 'include:') {
$a = explode(':', $part);
$include_types[] = $a[1];
// Add each type when found
$skip++;
} else {
break;
}
}
}
$related_items = '';
if (!empty($type) and !empty($id)) {
// Return topics of object
$related_items = TOPIC_relatedItems($type, $id, $include_types, $max, $trim, $tids);
} elseif (!empty($tids) or !empty($id)) {
// Since list of topics specified add id to topic list (since really a topic)
$tids[] = $id;
$related_items = TOPIC_relatedItems('', '', $include_types, $max, $trim, $tids);
}
if (!empty($related_items)) {
$content = str_replace($autotag['tagstr'], $related_items, $content);
}
}
return $content;
}
}
/**
* Returns a list of stories with a give topic id
*/
function SITEMAPMENU_listStory($tid)
{
global $_CONF, $_TABLES, $LANG_DIR;
$retval = '';
$sql = "SELECT sid, title, UNIX_TIMESTAMP(date) AS day " . "FROM {$_TABLES['stories']} " . "WHERE (draft_flag = 0) AND (date <= NOW())";
if ($tid != 'all') {
$sql .= " AND (tid = '{$tid}')";
}
$sql .= COM_getTopicSql('AND') . COM_getPermSql('AND') . " ORDER BY date DESC";
$result = DB_query($sql);
$numrows = DB_numRows($result);
if ($numrows > 0) {
$entries = array();
for ($i = 0; $i < $numrows; $i++) {
$A = DB_fetchArray($result);
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
$entries[] = '<a class="nav-link" href="' . $url . '">' . SITEMAPMENU_esc(stripslashes($A['title'])) . '</a>';
}
$retval .= COM_makeList($entries) . LB;
}
return $retval;
}
function fncsendmail($m = "", $id = 0, $username = "", $email = "")
{
$pi_name = "userbox";
global $_CONF;
global $_TABLES;
global $LANG_USERBOX_MAIL;
global $LANG_USERBOX_ADMIN;
global $_USER;
global $_USERBOX_CONF;
global $LANG28;
$retval = '';
$site_name = $_CONF['site_name'];
$subject = $LANG_USERBOX_MAIL['subject_' . $m];
$message = $LANG_USERBOX_MAIL['message_' . $m];
if ($m === "data_delete") {
$msg .= $LANG28['2'] . ":" . $id . LB;
$msg .= $LANG28['3'] . ":" . $title . LB;
//URL
$url = $_CONF['site_url'] . "/userbox/profile.php";
$url = COM_buildUrl($url);
} else {
$sql = "SELECT ";
$sql .= " t1.*";
$sql .= " ,t2.uid";
$sql .= " ,t2.username";
$sql .= " ,t2.fullname";
$sql .= " ,t2.email";
$sql .= " FROM ";
$sql .= $_TABLES['USERBOX_base'] . " AS t1";
$sql .= "," . $_TABLES['users'] . " AS t2";
$sql .= " WHERE ";
$sql .= " t1.id = {$id}";
$sql .= " AND t1.id = t2.uid";
$result = DB_query($sql);
$numrows = DB_numRows($result);
if ($numrows > 0) {
$A = DB_fetchArray($result);
$A = array_map('stripslashes', $A);
$email = $A['email'];
//下書
if ($A['draft_flag'] == 1) {
$msg .= $LANG_USERBOX_ADMIN['draft'] . LB;
}
//コア
$msg .= $LANG28['2'] . ":" . $A['uid'] . LB;
$msg .= $LANG28['3'] . ":" . $A['username'] . LB;
$msg .= $LANG28['4'] . ":" . $A['fullname'] . LB;
//基本項目
$msg .= $LANG_USERBOX_ADMIN['page_title'] . ":" . $A['page_title'] . LB;
$msg .= $LANG_USERBOX_ADMIN['description'] . ":" . $A['description'] . LB;
$msg .= $LANG_USERBOX_ADMIN['hits'] . ":" . $A['hits'] . LB;
$msg .= $LANG_USERBOX_ADMIN['comments'] . ":" . $A['comments'] . LB;
$msg .= $LANG_USERBOX_ADMIN['meta_description'] . ":" . $A['meta_description'] . LB;
$msg .= $LANG_USERBOX_ADMIN['meta_keywords'] . ":" . $A['meta_keywords'] . LB;
$msg .= $LANG_USERBOX_ADMIN['commentcode'] . ":" . $A['commentcode'] . LB;
$msg .= $LANG_USERBOX_ADMIN['comment_expire'] . ":" . $A['comment_expire'] . LB;
// 準備中 $msg.= $LANG_USERBOX_ADMIN['language_id'].":".$A['language_id'].LB;
$msg .= $LANG_USERBOX_ADMIN['owner_id'] . ":" . $A['owner_id'] . LB;
$msg .= $LANG_USERBOX_ADMIN['group_id'] . ":" . $A['group_id'] . LB;
$msg .= $LANG_USERBOX_ADMIN['perm_owner'] . ":" . $A['perm_owner'] . LB;
$msg .= $LANG_USERBOX_ADMIN['perm_group'] . ":" . $A['perm_group'] . LB;
$msg .= $LANG_USERBOX_ADMIN['perm_members'] . ":" . $A['perm_members'] . LB;
$msg .= $LANG_USERBOX_ADMIN['perm_anon'] . ":" . $A['perm_anon'] . LB;
$msg .= $LANG_USERBOX_ADMIN['modified'] . ":" . $A['modified'] . LB;
$msg .= $LANG_USERBOX_ADMIN['created'] . ":" . $A['created'] . LB;
$msg .= $LANG_USERBOX_ADMIN['expired'] . ":" . $A['expired'] . LB;
$msg .= $LANG_USERBOX_ADMIN['released'] . ":" . $A['released'] . LB;
$msg .= $LANG_USERBOX_ADMIN['orderno'] . ":" . $A['orderno'] . LB;
$msg .= $LANG_USERBOX_ADMIN['trackbackcode'] . ":" . $A['trackbackcode'] . LB;
$msg .= $LANG_USERBOX_ADMIN['draft'] . ":" . $A['draft'] . LB;
$msg .= $LANG_USERBOX_ADMIN['udatetime'] . ":" . $A['udatetime'] . LB;
$msg .= $LANG_USERBOX_ADMIN['uuid'] . ":" . $A['uuid'] . LB;
//koko
//カテゴリ
$msg .= DATABOX_getcategoriesText($id, 0, $pi_name);
//追加項目
$group_id = stripslashes($A['group_id']);
$owner_id = stripslashes($A['owner_id']);
$chk_user = DATABOX_chkuser($group_id, $owner_id, "userbox.admin");
$addition_def = DATABOX_getadditiondef($pi_name);
$additionfields = DATABOX_getadditiondatas($id, $pi_name);
$msg .= DATABOX_getaddtionfieldsText($additionfields, $addition_def, $chk_user, $pi_name, $A['fieldset_id']);
//タイムスタンプ 更新ユーザ
$msg .= $LANG_USERBOX_ADMIN['udatetime'] . ":" . $A['udatetime'] . LB;
$msg .= $LANG_USERBOX_ADMIN['uuid'] . ":" . $A['uuid'] . LB;
//URL
$url = $_CONF['site_url'] . "/userbox/profile.php";
$url .= "?";
if ($_USERBOX_CONF['datacode']) {
$url .= "m=code";
$url .= "&code=" . $A['username'];
} else {
$url .= "m=id";
$url .= "&id=" . $A['id'];
}
$url = COM_buildUrl($url);
}
}
if ($_USERBOX_CONF['mail_to_draft'] == 0 and $A['draft_flag'] == 1) {
} else {
$message .= $msg . LB;
$message .= $url . LB;
$message .= $LANG_USERBOX_MAIL['sig'] . LB;
$mail_to = $_USERBOX_CONF['mail_to'];
//--- to user
if ($_USERBOX_CONF['mail_to_owner'] == 1) {
if (array_search($email, $mail_to) === false) {
$to = $email;
COM_mail($to, $subject, $message);
}
}
//--- to admin
if (!empty($mail_to)) {
$to = implode($mail_to, ",");
COM_mail($to, $subject, $message);
}
}
return $retval;
}
/**
* This function will allow plugins to support the use of custom autolinks
* in other site content. Plugins can now use this API when saving content
* and have the content checked for any autolinks before saving.
* The autolink would be like: [story:20040101093000103 here]
*
* @param string $content Content that should be parsed for autolinks
* @param string $plugin Optional if you only want to parse using a specific plugin
*
*/
function PLG_replaceTags($content, $plugin = '')
{
global $_CONF, $_TABLES, $LANG32;
if (isset($_CONF['disable_autolinks']) && $_CONF['disable_autolinks'] == 1) {
// autolinks are disabled - return $content unchanged
return $content;
}
$autolinkModules = PLG_collectTags();
// For each supported module, scan the content looking for any AutoLink tags
$tags = array();
$contentlen = MBYTE_strlen($content);
$content_lower = MBYTE_strtolower($content);
foreach ($autolinkModules as $moduletag => $module) {
$autotag_prefix = '[' . $moduletag . ':';
$offset = 0;
$prev_offset = 0;
while ($offset < $contentlen) {
$start_pos = MBYTE_strpos($content_lower, $autotag_prefix, $offset);
if ($start_pos === false) {
break;
} else {
$end_pos = MBYTE_strpos($content_lower, ']', $start_pos);
$next_tag = MBYTE_strpos($content_lower, '[', $start_pos + 1);
if ($end_pos > $start_pos and ($next_tag === false or $end_pos < $next_tag)) {
$taglength = $end_pos - $start_pos + 1;
$tag = MBYTE_substr($content, $start_pos, $taglength);
$parms = explode(' ', $tag);
// Extra test to see if autotag was entered with a space
// after the module name
if (MBYTE_substr($parms[0], -1) == ':') {
$startpos = MBYTE_strlen($parms[0]) + MBYTE_strlen($parms[1]) + 2;
$label = str_replace(']', '', MBYTE_substr($tag, $startpos));
$tagid = $parms[1];
} else {
$label = str_replace(']', '', MBYTE_substr($tag, MBYTE_strlen($parms[0]) + 1));
$parms = explode(':', $parms[0]);
if (count($parms) > 2) {
// whoops, there was a ':' in the tag id ...
array_shift($parms);
$tagid = implode(':', $parms);
} else {
$tagid = $parms[1];
}
}
$newtag = array('module' => $module, 'tag' => $moduletag, 'tagstr' => $tag, 'startpos' => $start_pos, 'length' => $taglength, 'parm1' => str_replace(']', '', $tagid), 'parm2' => $label);
$tags[] = $newtag;
} else {
// Error: tags do not match - return with no changes
return $content . $LANG32[32];
}
$prev_offset = $offset;
$offset = $end_pos;
}
}
}
// If we have found 1 or more AutoLink tag
if (count($tags) > 0) {
// Found the [tag] - Now process them all
foreach ($tags as $autotag) {
$function = 'plugin_autotags_' . $autotag['module'];
if ($autotag['module'] == 'geeklog' and (empty($plugin) or $plugin == 'geeklog')) {
$url = '';
$linktext = $autotag['parm2'];
if ($autotag['tag'] == 'story') {
$autotag['parm1'] = COM_applyFilter($autotag['parm1']);
if (!empty($autotag['parm1'])) {
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $autotag['parm1']);
if (empty($linktext)) {
$linktext = stripslashes(DB_getItem($_TABLES['stories'], 'title', "sid = '{$autotag['parm1']}'"));
}
}
}
if (!empty($url)) {
$filelink = COM_createLink($linktext, $url);
$content = str_replace($autotag['tagstr'], $filelink, $content);
}
} elseif (function_exists($function) and (empty($plugin) or $plugin == $autotag['module'])) {
$content = $function('parse', $content, $autotag);
}
}
}
return $content;
}
$p->set_var('LANG_title', $LANG_GF01['TITLE']);
$p->set_var('LANG_date', $LANG_GF01['DATE']);
$p->set_var('LANG_comments', $LANG_GF01['COMMENTS']);
if ($nrows > 0) {
$base_url = $_CONF['site_admin_url'] . '/plugins/forum/migrate.php';
if (!empty($curtopic)) {
$base_url .= '?tid=' . $curtopic;
}
for ($i = 0; $i < $nrows; $i++) {
list($topic, $sid, $story, $date, $comments) = DB_fetchArray($result);
$p->set_var('sid', $sid);
$p->set_var('topic', stripslashes($topic));
if ($curtopic == "submissions") {
$story_link = $_CONF['site_admin_url'] . '/story.php?mode=editsubmission&id=' . $sid;
} else {
$story_link = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
}
$p->set_var('story_link', $story_link);
$p->set_var('story_title', $story);
$p->set_var('date', $date);
$p->set_var('num_comments', $comments);
$p->set_var('cssid', $i % 2 + 1);
$p->parse('story_record', 'records', true);
}
$p->set_var('page_navigation', COM_printPageNavigation($base_url, $page, $numpages));
}
$p->set_var('gltoken_name', CSRF_TOKEN);
$p->set_var('gltoken', SEC_createToken());
$p->parse('output', 'page');
$display .= $p->finish($p->get_var('output'));
$display .= COM_endBlock();
function LIB_GetListField($fieldname, $fieldvalue, $A, $icon_arr)
{
global $_CONF, $LANG_ACCESS;
$retval = '';
$allow_display = COM_applyFilter($A['allow_display'], true);
switch ($fieldname) {
//編集アイコン
case 'editid':
$retval = "<a href=\"{$_CONF['site_admin_url']}";
$retval .= "/plugins/" . THIS_SCRIPT;
$retval .= "?mode=edit";
$retval .= "&id={$A['category_id']}\">";
$retval .= "{$icon_arr['edit']}</a>";
break;
case 'copy':
$url = $_CONF['site_admin_url'] . "/plugins/" . THIS_SCRIPT;
$url .= "?";
$url .= "mode=copy";
$url .= "&id={$A['category_id']}";
$retval = COM_createLink($icon_arr['copy'], $url);
break;
//コード
//コード
case 'code':
if ($allow_display < 2) {
$name = COM_applyFilter($A['code']);
$url = $_CONF['site_url'] . "/" . THIS_SCRIPT;
$url .= "?";
$url .= "code=" . $A['code'];
$url .= "&m=code";
$url = COM_buildUrl($url);
$retval = COM_createLink($name, $url);
break;
}
case 'category_id':
if ($allow_display < 2) {
$name = COM_applyFilter($A['category_id']);
$url = $_CONF['site_url'] . "/" . THIS_SCRIPT;
$url .= "?";
$url .= "id=" . $A['category_id'];
$url .= "&m=id";
$url = COM_buildUrl($url);
$retval = COM_createLink($name, $url);
break;
}
//各項目
//各項目
default:
$retval = $fieldvalue;
break;
}
return $retval;
}
/**
* Provide a block to switch languages
*
* Provides a drop-down menu (or simple link, if you only have two languages)
* to switch languages. This can be used as a PHP block or called from within
* your theme's header.thtml:
* <code>
* <?php print phpblock_switch_language(); ?>
* </code>
*
* @return string HTML for drop-down or link to switch languages
*
*/
function phpblock_switch_language()
{
global $_CONF;
$retval = '';
if (empty($_CONF['languages']) || empty($_CONF['language_files']) || count($_CONF['languages']) != count($_CONF['language_files'])) {
return $retval;
}
$lang = COM_getLanguage();
$langId = COM_getLanguageId($lang);
if (count($_CONF['languages']) == 2) {
foreach ($_CONF['languages'] as $key => $value) {
if ($key != $langId) {
$newLang = $value;
$newLangId = $key;
break;
}
}
$switchUrl = COM_buildUrl($_CONF['site_url'] . '/switchlang.php?lang=' . $newLangId);
$retval .= COM_createLink($newLang, $switchUrl);
} else {
$retval .= '<form name="change" action="' . $_CONF['site_url'] . '/switchlang.php" method="get">' . LB;
$retval .= '<input type="hidden" name="oldlang" value="' . $langId . '"' . XHTML . '>' . LB;
$retval .= '<select onchange="change.submit()" name="lang">';
foreach ($_CONF['languages'] as $key => $value) {
if ($lang == $_CONF['language_files'][$key]) {
$selected = ' selected="selected"';
} else {
$selected = '';
}
$retval .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>' . LB;
}
$retval .= '</select>' . LB;
$retval .= '</form>' . LB;
}
return $retval;
}
function PAGE_getListField($fieldname, $fieldvalue, $A, $icon_arr, $token)
{
global $_CONF, $_USER, $LANG_ADMIN, $LANG_STATIC, $LANG_ACCESS, $_TABLES;
$retval = '';
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
$enabled = $A['sp_status'] == 1 ? true : false;
$dt = new Date('now', $_USER['tzid']);
switch ($fieldname) {
case 'edit':
if ($access == 3) {
$attr['title'] = $LANG_ADMIN['edit'];
$retval = COM_createLink($icon_arr['edit'], $_CONF['site_admin_url'] . '/plugins/staticpages/index.php' . '?edit=x&sp_id=' . $A['sp_id'], $attr);
} else {
$retval = $icon_arr['blank'];
}
break;
case 'copy':
if ($access >= 2) {
$attr['title'] = $LANG_ADMIN['copy'];
$retval = COM_createLink($icon_arr['copy'], $_CONF['site_admin_url'] . '/plugins/staticpages/index.php' . '?clone=x&sp_id=' . $A['sp_id'], $attr);
} else {
$retval = $icon_arr['blank'];
}
break;
case "sp_title":
$sp_title = $A['sp_title'];
if ($enabled) {
$url = COM_buildUrl($_CONF['site_url'] . '/page.php?page=' . $A['sp_id']);
$retval = COM_createLink($sp_title, $url, array('title' => $LANG_STATIC['title_display']));
} else {
$retval = '<span class="disabledfield">' . $sp_title . '</span>';
}
break;
case 'access':
if ($access == 3) {
$privs = $LANG_ACCESS['edit'];
} else {
$privs = $LANG_ACCESS['readonly'];
}
$retval = $enabled ? $privs : '<span class="disabledfield">' . $privs . '</span>';
break;
case "sp_uid":
$owner = COM_getDisplayName($A['sp_uid']);
$retval = $enabled ? $owner : '<span class="disabledfield">' . $owner . '</span>';
break;
case "sp_centerblock":
if ($A['sp_centerblock']) {
switch ($A['sp_where']) {
case '1':
$where = $LANG_STATIC['centerblock_top'];
break;
case '2':
$where = $LANG_STATIC['centerblock_feat'];
break;
case '3':
$where = $LANG_STATIC['centerblock_bottom'];
break;
default:
$where = $LANG_STATIC['centerblock_entire'];
break;
}
} else {
$where = $LANG_STATIC['centerblock_no'];
}
$retval = $enabled ? $where : '<span class="disabledfield">' . $where . '</span>';
break;
case "unixdate":
$dt->setTimestamp($A['unixdate']);
$datetime = $dt->format($_CONF['daytime'], true);
$retval = $enabled ? $datetime : '<span class="disabledfield">' . $datetime . '</span>';
break;
case 'delete':
if ($access == 3) {
$attr['title'] = $LANG_ADMIN['delete'];
$attr['onclick'] = "return confirm('" . $LANG_STATIC['delete_confirm'] . "');";
$retval = COM_createLink($icon_arr['delete'], $_CONF['site_admin_url'] . '/plugins/staticpages/index.php' . '?delete=x&sp_id=' . $A['sp_id'] . '&' . CSRF_TOKEN . '=' . $token, $attr);
} else {
$retval = $icon_arr['blank'];
}
break;
case 'sp_status':
if ($access == 3) {
if ($enabled) {
$switch = ' checked="checked"';
$title = 'title="' . $LANG_ADMIN['disable'] . '" ';
} else {
$title = 'title="' . $LANG_ADMIN['enable'] . '" ';
$switch = '';
}
$retval = '<input class="sp-enabler" type="checkbox" name="enabledstaticpages[' . $A['sp_id'] . ']" ' . $title . 'onclick="submit()" value="1"' . $switch . '/>';
$retval .= '<input type="hidden" name="sp_idarray[' . $A['sp_id'] . ']" value="1" />';
} else {
$retval = $enabled ? $LANG_ACCESS['yes'] : $LANG_ACCESS['No'];
}
break;
default:
$retval = $enabled ? $fieldvalue : '<span class="disabledfield">' . $fieldvalue . '</span>';
break;
}
return $retval;
}
/**
* Handles a comment edit submission
*
* @copyright Jared Wenerd 2008
* @author Jared Wenerd, wenerd87 AT gmail DOT com
* @param string $mode whether to store edited comment in the queue
* @return string HTML (possibly a refresh)
*/
function CMT_handleEditSubmit($mode = null)
{
global $_CONF, $_TABLES, $_USER, $LANG03;
$display = '';
$type = COM_applyFilter($_POST['type']);
$sid = COM_applyFilter($_POST['sid']);
$cid = COM_applyFilter($_POST['cid']);
$postmode = COM_applyFilter($_POST['postmode']);
$commentuid = DB_getItem($_TABLES['comments'], 'uid', "cid = '{$cid}'");
if (empty($_USER['uid'])) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
// check for bad input
if (empty($sid) || empty($_POST['title']) || empty($_POST['comment']) || !is_numeric($cid) || $cid < 1) {
COM_errorLog("CMT_handleEditSubmit(): {{$_USER['uid']} from {$_SERVER['REMOTE_ADDR']} tried to edit a comment with one or more missing values.");
return COM_refresh($_CONF['site_url'] . '/index.php');
} elseif ($uid != $commentuid && !SEC_hasRights('comment.moderate')) {
//check permissions
COM_errorLog("CMT_handleEditSubmit(): {{$_USER['uid']} from {$_SERVER['REMOTE_ADDR']} tried " . 'to edit a comment without proper permission.');
return COM_refresh($_CONF['site_url'] . '/index.php');
}
$comment = CMT_prepareText($_POST['comment'], $postmode, $type);
$title = COM_checkWords(strip_tags(COM_stripslashes($_POST['title'])));
if ($mode == $LANG03[35]) {
$table = $_TABLES['commentsubmissions'];
} else {
$table = $_TABLES['comments'];
}
if (!empty($title) && !empty($comment)) {
COM_updateSpeedlimit('comment');
$title = addslashes($title);
$comment = addslashes($comment);
// save the comment into the table
DB_query("UPDATE {$table} SET comment = '{$comment}', title = '{$title}'" . " WHERE cid={$cid} AND sid='{$sid}'");
if (DB_error()) {
//saving to non-existent comment or comment in wrong article
COM_errorLog("CMT_handleEditSubmit(): {$_USER['uid']} from {$_SERVER['REMOTE_ADDR']} tried " . 'to edit to a non-existent comment or the cid/sid did not match');
return COM_refresh($_CONF['site_url'] . '/index.php');
}
//save edit information for published comment
if ($mode != $LANG03[35]) {
DB_save($_TABLES['commentedits'], 'cid,uid,time', "{$cid},{$uid},NOW()");
} else {
return COM_refresh(COM_buildUrl($_CONF['site_admin_url'] . "/moderation.php"));
}
} else {
COM_errorLog("CMT_handleEditSubmit(): {$_USER['uid']} from {$_SERVER['REMOTE_ADDR']} tried " . 'to submit a comment with invalid $title and/or $comment.');
return COM_refresh($_CONF['site_url'] . '/index.php');
}
return COM_refresh(COM_buildUrl($_CONF['site_url'] . "/article.php?story={$sid}"));
}
function _parseElement()
{
global $_SP_CONF, $_USER, $_TABLES, $LANG01, $_CONF, $_GROUPS;
$returnArray = array();
$childArray = array();
$item_array = array();
if ($this->active != 1 && $this->id != 0) {
return NULL;
}
if ($this->group_id == 998 && !COM_isAnonUser()) {
return NULL;
}
if (isset($_REQUEST['topic'])) {
$topic = COM_applyFilter($_REQUEST['topic']);
} else {
$topic = '';
}
if (COM_isAnonUser()) {
$anon = 1;
} else {
$anon = 0;
}
$allowed = true;
if ($this->group_id != 998 && $this->id != 0 && !SEC_inGroup($this->group_id)) {
return NULL;
}
if ($this->group_id == 1 && !isset($_GROUPS['Root'])) {
return NULL;
}
switch ($this->type) {
case ET_SUB_MENU:
$this->replace_macros();
break;
case ET_FUSION_ACTION:
switch ($this->subtype) {
case 0:
// home
$this->url = $_CONF['site_url'] . '/';
break;
case 1:
// contribute
if ($anon && ($_CONF['loginrequired'] || $_CONF['submitloginrequired'])) {
return NULL;
}
if (empty($topic)) {
$this->url = $_CONF['site_url'] . '/submit.php?type=story';
} else {
$this->url = $_CONF['site_url'] . '/submit.php?type=story&topic=' . $topic;
}
$label = $LANG01[71];
break;
case 2:
// directory
if ($anon && ($_CONF['loginrequired'] || $_CONF['directoryloginrequired'])) {
return NULL;
}
$this->url = $_CONF['site_url'] . '/directory.php';
if (!empty($topic)) {
$this->url = COM_buildUrl($this->url . '?topic=' . urlencode($topic));
}
break;
case 3:
// prefs
if ($anon && ($_CONF['loginrequired'] || $_CONF['profileloginrequired'])) {
return NULL;
}
$this->url = $_CONF['site_url'] . '/usersettings.php?mode=edit';
break;
case 4:
// search
if ($anon && ($_CONF['loginrequired'] || $_CONF['searchloginrequired'])) {
return NULL;
}
$this->url = $_CONF['site_url'] . '/search.php';
break;
case 5:
// stats
if (!SEC_hasRights('stats.view')) {
return NULL;
}
$this->url = $_CONF['site_url'] . '/stats.php';
break;
default:
// unknown?
$this->url = $_CONF['site_url'] . '/';
break;
}
break;
case ET_FUSION_MENU:
$this->url = '';
switch ($this->subtype) {
case USER_MENU:
// if anonymous user - show login entry
if (COM_isAnonUser()) {
$this->label = $LANG01[58];
$this->url = $_CONF['site_url'] . '/users.php';
$this->target = '';
break;
}
// logged-in user see My Account entry
$item_array = getUserMenu();
$this->label = $LANG01[47];
break;
case ADMIN_MENU:
$this->url = $_CONF['site_admin_url'];
$item_array = getAdminMenu();
break;
case TOPIC_MENU:
$item_array = getTopicMenu();
break;
case STATICPAGE_MENU:
$item_array = array();
$order = '';
if (!empty($_SP_CONF['sort_menu_by'])) {
$order = ' ORDER BY ';
if ($_SP_CONF['sort_menu_by'] == 'date') {
$order .= 'sp_date DESC';
} else {
if ($_SP_CONF['sort_menu_by'] == 'label') {
$order .= 'sp_label';
} else {
if ($_SP_CONF['sort_menu_by'] == 'title') {
$order .= 'sp_title';
} else {
// default to "sort by id"
$order .= 'sp_id';
}
}
}
}
$result = DB_query('SELECT sp_id, sp_label FROM ' . $_TABLES['staticpage'] . ' WHERE sp_onmenu = 1 AND sp_status = 1' . COM_getPermSql('AND') . $order);
$nrows = DB_numRows($result);
$menuitems = array();
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($result);
$url = COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $A['sp_id']);
$label = $A['sp_label'];
$item_array[] = array('label' => $label, 'url' => $url);
}
break;
case PLUGIN_MENU:
$item_array = array();
$plugin_menu = PLG_getMenuItems();
if (count($plugin_menu) == 0) {
$this->access = 0;
} else {
for ($i = 1; $i <= count($plugin_menu); $i++) {
$url = current($plugin_menu);
$label = key($plugin_menu);
$item_array[] = array('label' => $label, 'url' => $url);
next($plugin_menu);
}
}
break;
case HEADER_MENU:
default:
}
break;
case ET_PLUGIN:
$plugin_menus = _mbPLG_getMenuItems();
if (isset($plugin_menus[$this->subtype])) {
$this->url = $plugin_menus[$this->subtype];
} else {
$this->access = 0;
$allowed = 0;
}
break;
case ET_STATICPAGE:
$this->url = COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $this->subtype);
break;
case ET_URL:
$this->replace_macros();
break;
case ET_PHP:
$functionName = $this->subtype;
if (function_exists($functionName)) {
$item_array = $functionName();
}
break;
case ET_TOPIC:
$this->url = $_CONF['site_url'] . '/index.php?topic=' . $this->subtype;
break;
default:
break;
}
if ($this->id != 0 && $this->group_id == 998 && SEC_inGroup('Root')) {
return NULL;
}
if ($allowed == 0 || $this->access == 0) {
return NULL;
}
if ($this->type == ET_FUSION_MENU || $this->type == ET_PHP) {
$childArray = $item_array;
} else {
if (!empty($this->children)) {
$howmany = $this->getChildcount();
if ($howmany > 0) {
$children = $this->getChildren();
foreach ($children as $child) {
$elementArray = $child->_parseElement();
if ($elementArray != NULL) {
$childArray[] = $elementArray;
}
}
}
} else {
$childArray = NULL;
}
}
$returnArray = array('label' => $this->label, 'url' => $this->url, 'target' => $this->target, 'children' => is_array($childArray) ? $childArray : NULL);
return $returnArray;
}
function phpblock_storypicker()
{
global $_TABLES, $_CONF, $topic;
$LANG_STORYPICKER = array('choose' => 'Choose a story');
$max_stories = 5;
//how many stories to display in the list
$topicsql = '';
$sid = '';
if (isset($_GET['story'])) {
$sid = COM_applyFilter($_GET['story']);
$stopic = DB_getItem($_TABLES['stories'], 'tid', 'sid = \'' . DB_escapeString($sid) . '\'');
if (!empty($stopic)) {
$topic = $stopic;
} else {
$sid = '';
}
}
if (empty($topic)) {
if (isset($_GET['topic'])) {
$topic = COM_applyFilter($_GET['topic']);
} elseif (isset($_POST['topic'])) {
$topic = COM_applyFilter($_POST['topic']);
} else {
$topic = '';
}
}
if (!empty($topic)) {
$topicsql = " AND tid = '" . DB_escapeString($topic) . "'";
}
if (empty($topicsql)) {
$topic = DB_getItem($_TABLES['topics'], 'tid', 'archive_flag = 1');
if (empty($topic)) {
$topicsql = '';
} else {
$topicsql = " AND tid <> '" . DB_escapeString($topic) . "'";
}
}
$sql = 'SELECT sid, title FROM ' . $_TABLES['stories'] . ' WHERE draft_flag = 0 AND date <= now()' . COM_getPermSQL(' AND') . COM_getTopicSQL(' AND') . $topicsql . ' ORDER BY date DESC LIMIT ' . $max_stories;
$res = DB_query($sql);
$list = '';
while ($A = DB_fetchArray($res)) {
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
$list .= '<li><a href=' . $url . '>' . htmlspecialchars(COM_truncate($A['title'], 41, '...')) . "</a></li>\n";
}
return $list;
}
/**
* article: delete a comment
*
* @param int $cid Comment to be deleted
* @param string $id Item id to which $cid belongs
* @return mixed false for failure, HTML string (redirect?) for success
*/
function plugin_deletecomment_article($cid, $id)
{
global $_CONF, $_TABLES, $_USER;
$retval = '';
$has_editPermissions = SEC_hasRights('story.edit');
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon " . "FROM {$_TABLES['stories']} WHERE sid = '{$id}'");
$A = DB_fetchArray($result);
if ($has_editPermissions && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3) {
CMT_deleteComment($cid, $id, 'article');
$comments = DB_count($_TABLES['comments'], 'sid', $id);
DB_change($_TABLES['stories'], 'comments', $comments, 'sid', $id);
// Comment count in Older Stories block may have changed so delete cache
$cacheInstance = 'olderstories__';
// remove all olderstories instances
CACHE_remove_instance($cacheInstance);
COM_redirect(COM_buildUrl($_CONF['site_url'] . "/article.php?story={$id}") . '#comments');
} else {
COM_errorLog("User {$_USER['username']} (IP: {$_SERVER['REMOTE_ADDR']}) " . "tried to illegally delete comment {$cid} from {$id}");
COM_redirect($_CONF['site_url'] . '/index.php');
}
return $retval;
}
/**
* Return information for a story
*
* This is the story equivalent of PLG_getItemInfo. See lib-plugins.php for
* details.
*
* @param string $sid story ID or '*'
* @param string $what comma-separated list of story properties
* @param int $uid user ID or 0 = current user
* @param array $options (reserved for future extensions)
* @return mixed string or array of strings with the information
*
*/
function STORY_getItemInfo($sid, $what, $uid = 0, $options = array())
{
global $_CONF, $_TABLES;
// parse $what to see what we need to pull from the database
$properties = explode(',', $what);
$fields = array();
foreach ($properties as $p) {
switch ($p) {
case 'date-created':
$fields[] = 'UNIX_TIMESTAMP(date) AS unixdate';
break;
case 'description':
$fields[] = 'introtext';
$fields[] = 'bodytext';
break;
case 'excerpt':
$fields[] = 'introtext';
break;
case 'feed':
$fields[] = 'tid';
break;
case 'id':
$fields[] = 'sid';
break;
case 'title':
$fields[] = 'title';
break;
case 'url':
// needed for $sid == '*', but also in case we're only requesting
// the URL (so that $fields isn't emtpy)
$fields[] = 'sid';
break;
default:
// nothing to do
break;
}
}
$fields = array_unique($fields);
if (count($fields) == 0) {
$retval = array();
return $retval;
}
// prepare SQL request
if ($sid == '*') {
$where = ' WHERE';
} else {
$where = " WHERE (sid = '" . addslashes($sid) . "') AND";
}
$where .= ' (draft_flag = 0) AND (date <= NOW())';
if ($uid > 0) {
$permSql = COM_getPermSql('AND', $uid) . COM_getTopicSql('AND', $uid);
} else {
$permSql = COM_getPermSql('AND') . COM_getTopicSql('AND');
}
$sql = "SELECT " . implode(',', $fields) . " FROM {$_TABLES['stories']}" . $where . $permSql;
if ($sid != '*') {
$sql .= ' LIMIT 1';
}
$result = DB_query($sql);
$numRows = DB_numRows($result);
$retval = array();
for ($i = 0; $i < $numRows; $i++) {
$A = DB_fetchArray($result);
$props = array();
foreach ($properties as $p) {
switch ($p) {
case 'date-created':
$props['date-created'] = $A['unixdate'];
break;
case 'description':
$props['description'] = trim(PLG_replaceTags(stripslashes($A['introtext']) . ' ' . stripslashes($A['bodytext'])));
break;
case 'excerpt':
$excerpt = stripslashes($A['introtext']);
if (!empty($A['bodytext'])) {
$excerpt .= "\n\n" . stripslashes($A['bodytext']);
}
$props['excerpt'] = trim(PLG_replaceTags($excerpt));
break;
case 'feed':
$feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '::all'");
if (empty($feedfile)) {
$feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '::frontpage'");
}
if (empty($feedfile)) {
$feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '{$A['tid']}'");
}
if (empty($feedfile)) {
$props['feed'] = '';
} else {
$props['feed'] = SYND_getFeedUrl($feedfile);
}
break;
case 'id':
$props['id'] = $A['sid'];
break;
case 'title':
$props['title'] = stripslashes($A['title']);
break;
case 'url':
if (empty($A['sid'])) {
$props['url'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
} else {
$props['url'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
}
break;
default:
// return empty string for unknown properties
$props[$p] = '';
break;
}
}
$mapped = array();
foreach ($props as $key => $value) {
if ($sid == '*') {
if ($value != '') {
$mapped[$key] = $value;
}
} else {
$mapped[] = $value;
}
}
if ($sid == '*') {
$retval[] = $mapped;
} else {
$retval = $mapped;
break;
}
}
if ($sid != '*' && count($retval) == 1) {
$retval = $retval[0];
}
return $retval;
}
/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @return string HTML for user profile page
*
*/
function userprofile()
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN;
// @param int $user User ID of profile to get
// @param int $msg Message to display (if != 0)
// @param string $plugin optional plugin name for message
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
$retval .= SEC_loginRequiredForm();
return $retval;
}
if (isset($_GET['uid'])) {
$user = COM_applyFilter($_GET['uid'], true);
if (!is_numeric($user) || $user < 2) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
if (isset($_GET['username'])) {
$username = $_GET['username'];
if (!USER_validateUsername($username, 1)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
if (empty($username) || $username == '') {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
$username = DB_escapeString($username);
$user = DB_getItem($_TABLES['users'], 'uid', "username = '******'");
if ($user < 2) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
}
$msg = 0;
if (isset($_GET['msg'])) {
$msg = COM_applyFilter($_GET['msg'], true);
}
$plugin = '';
if ($msg > 0 && isset($_GET['plugin'])) {
$plugin = COM_applyFilter($_GET['plugin']);
}
$result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,lastlogin,homepage,about,location,pgpkey,photo,email,status,emailfromadmin,emailfromuser,showonline FROM {$_TABLES['userinfo']},{$_TABLES['userprefs']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['userinfo']}.uid = {$_TABLES['userprefs']}.uid AND {$_TABLES['users']}.uid = " . (int) $user);
$nrows = DB_numRows($result);
if ($nrows == 0) {
// no such user
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
$A = DB_fetchArray($result);
if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights('user.edit')) {
COM_displayMessageAndAbort(30, '', 403, 'Forbidden');
}
$display_name = @htmlspecialchars(COM_getDisplayName($user, $A['username'], $A['fullname']), ENT_COMPAT, COM_getEncodingt());
if ($msg > 0) {
$retval .= COM_showMessage($msg, $plugin, '', 0, 'info');
}
// format date/time to user preference
$curtime = COM_getUserDateTimeFormat($A['regdate']);
$A['regdate'] = $curtime[0];
$user_templates = new Template($_CONF['path_layout'] . 'users');
$user_templates->set_file(array('profile' => 'profile.thtml', 'email' => 'email.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
$user_templates->set_var('layout_url', $_CONF['layout_url']);
$user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
$user_templates->set_var('end_block', COM_endBlock());
$user_templates->set_var('lang_username', $LANG04[2]);
$user_templates->set_var('tooltip', COM_getTooltipStyle());
if ($_CONF['show_fullname'] == 1) {
if (empty($A['fullname'])) {
$username = $A['username'];
$fullname = '';
} else {
$username = $A['fullname'];
$fullname = $A['username'];
}
} else {
$username = $A['username'];
$fullname = '';
}
$username = @htmlspecialchars($username, ENT_COMPAT, COM_getEncodingt());
$fullname = @htmlspecialchars($fullname, ENT_COMPAT, COM_getEncodingt());
if ($A['status'] == USER_ACCOUNT_DISABLED) {
$username = sprintf('%s - %s', $username, $LANG28[42]);
if (!empty($fullname)) {
$fullname = sprintf('% - %s', $fullname, $LANG28[42]);
}
}
$user_templates->set_var('username', $username);
$user_templates->set_var('user_fullname', $fullname);
if (SEC_hasRights('user.edit') || isset($_USER['uid']) && $_USER['uid'] == $A['uid']) {
global $_IMAGE_TYPE, $LANG_ADMIN;
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '" />';
if ($_USER['uid'] == $A['uid']) {
$edit_url = "{$_CONF['site_url']}/usersettings.php";
} else {
$edit_url = "{$_CONF['site_admin_url']}/user.php?edit=x&uid={$A['uid']}";
}
$edit_link_url = COM_createLink($edit_icon, $edit_url);
$user_templates->set_var('edit_icon', $edit_icon);
$user_templates->set_var('edit_link', $edit_link_url);
$user_templates->set_var('user_edit', $edit_url);
} else {
$user_templates->set_var('user_edit', '');
}
if (isset($A['photo']) && empty($A['photo'])) {
$A['photo'] = '(none)';
// user does not have a photo
}
$lastlogin = $A['lastlogin'];
$lasttime = COM_getUserDateTimeFormat($lastlogin);
$photo = USER_getPhoto($user, $A['photo'], $A['email'], -1, 0);
$user_templates->set_var('user_photo', $photo);
$user_templates->set_var('lang_membersince', $LANG04[67]);
$user_templates->set_var('user_regdate', $A['regdate']);
if ($_CONF['lastlogin'] && $A['showonline']) {
$user_templates->set_var('lang_lastlogin', $LANG28[35]);
if (!empty($lastlogin)) {
$user_templates->set_var('user_lastlogin', $lasttime[0]);
} else {
$user_templates->set_var('user_lastlogin', $LANG28[36]);
}
}
if ($A['showonline']) {
if (DB_count($_TABLES['sessions'], 'uid', (int) $user)) {
$user_templates->set_var('online', 'online');
}
}
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('user_id', $user);
if ($A['email'] == '' || $A['emailfromuser'] == 0) {
$user_templates->set_var('email_option', '');
} else {
$user_templates->set_var('lang_sendemail', $LANG04[81]);
$user_templates->parse('email_option', 'email', true);
}
$user_templates->set_var('lang_homepage', $LANG04[6]);
$user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
$user_templates->set_var('lang_location', $LANG04[106]);
$user_templates->set_var('user_location', strip_tags($A['location']));
$user_templates->set_var('lang_online', $LANG04[160]);
$user_templates->set_var('lang_bio', $LANG04[7]);
$user_templates->set_var('user_bio', nl2br($A['about']));
$user_templates->set_var('follow_me', SOC_getFollowMeIcons($user, 'follow_user_profile.thtml'));
$user_templates->set_var('lang_pgpkey', $LANG04[8]);
$user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
$user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
}
$user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
$user_templates->set_var('lang_title', $LANG09[16]);
$user_templates->set_var('lang_date', $LANG09[17]);
// for alternative layouts: use these as headlines instead of block titles
$user_templates->set_var('headline_last10stories', $LANG04[82] . ' ' . $display_name);
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('headline_last10comments', $LANG04[10] . ' ' . $display_name);
}
$user_templates->set_var('headline_postingstats', $LANG04[83] . ' ' . $display_name);
$result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$nrows = DB_numRows($result);
$tids = array();
for ($i = 0; $i < $nrows; $i++) {
$T = DB_fetchArray($result);
$tids[] = $T['tid'];
}
$topics = "'" . implode("','", $tids) . "'";
// list of last 10 stories by this user
if (sizeof($tids) > 0) {
$sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = '" . (int) $user . "') AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
} else {
$nrows = 0;
}
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
$user_templates->set_var('article_url', $articleUrl);
$C['title'] = str_replace('$', '$', $C['title']);
$user_templates->set_var('story_title', COM_createLink($C['title'], $articleUrl, array('class' => '')));
$storytime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('story_date', $storytime[0]);
$user_templates->parse('story_row', 'strow', true);
}
} else {
$user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
}
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
// list of last 10 comments by this user
$sidArray = array();
if (sizeof($tids) > 0) {
// first, get a list of all stories the current visitor has access to
$sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$result = DB_query($sql);
$numsids = DB_numRows($result);
for ($i = 1; $i <= $numsids; $i++) {
$S = DB_fetchArray($result);
$sidArray[] = $S['sid'];
}
}
$sidList = implode("', '", $sidArray);
$sidList = "'{$sidList}'";
// then, find all comments by the user in those stories
$sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = '" . (int) $user . "') GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
// SQL NOTE: Using a HAVING clause is usually faster than a where if the
// field is part of the select
// if (!empty ($sidList)) {
// $sql .= " AND (sid in ($sidList))";
// }
if (!empty($sidList)) {
$sql .= " HAVING sid in ({$sidList})";
}
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$C['title'] = str_replace('$', '$', $C['title']);
$comment_url = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $C['cid'];
$user_templates->set_var('comment_title', COM_createLink($C['title'], $comment_url, array('class' => '')));
$commenttime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('comment_date', $commenttime[0]);
$user_templates->parse('comment_row', 'row', true);
}
} else {
$user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
}
}
// posting stats for this user
$user_templates->set_var('lang_number_stories', $LANG04[84]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = " . (int) $user . ") AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_stories', COM_numberFormat($N['count']));
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('lang_number_comments', $LANG04[85]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = " . (int) $user . ")";
if (!empty($sidList)) {
$sql .= " AND (sid in ({$sidList}))";
}
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_comments', COM_numberFormat($N['count']));
$user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
}
// hook to the profile icon display
$profileIcons = PLG_profileIconDisplay($user);
if (is_array($profileIcons) && count($profileIcons) > 0) {
$user_templates->set_block('profile', 'profileicon', 'pi');
for ($x = 0; $x < count($profileIcons); $x++) {
if (isset($profileIcons[$x]['url']) && $profileIcons[$x]['url'] != '' && isset($profileIcons[$x]['icon']) && $profileIcons[$x]['icon'] != '') {
$user_templates->set_var('profile_icon_url', $profileIcons[$x]['url']);
$user_templates->set_var('profile_icon_icon', $profileIcons[$x]['icon']);
$user_templates->set_var('profile_icon_text', $profileIcons[$x]['text']);
$user_templates->parse('pi', 'profileicon', true);
}
}
}
// Call custom registration function if enabled and exists
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
$user_templates->set_var('customfields', CUSTOM_userDisplay($user));
}
PLG_profileVariablesDisplay($user, $user_templates);
$user_templates->parse('output', 'profile');
$retval .= $user_templates->finish($user_templates->get_var('output'));
$retval .= PLG_profileBlocksDisplay($user);
return $retval;
}
/**
* Handles a comment delete
*
* @copyright Vincent Furia 2005
* @author Vincent Furia, vinny01 AT users DOT sourceforge DOT net
* @return string HTML (possibly a refresh)
*/
function handleDelete($formtype)
{
global $_CONF, $_TABLES;
$display = '';
if ($formtype == 'editsubmission') {
DB_delete($_TABLES['commentsubmissions'], 'cid', COM_applyFilter($_REQUEST['cid'], true));
$display = COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
} else {
$type = COM_applyFilter($_REQUEST['type']);
$sid = COM_applyFilter($_REQUEST['sid']);
switch ($type) {
case 'article':
$has_editPermissions = SEC_hasRights('story.edit');
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['stories']} WHERE sid = '{$sid}'");
$A = DB_fetchArray($result);
if ($has_editPermissions && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3) {
CMT_deleteComment(COM_applyFilter($_REQUEST['cid'], true), $sid, 'article');
$comments = DB_count($_TABLES['comments'], 'sid', $sid);
DB_change($_TABLES['stories'], 'comments', $comments, 'sid', $sid);
$display .= COM_refresh(COM_buildUrl($_CONF['site_url'] . "/article.php?story={$sid}") . '#comments');
} else {
COM_errorLog("User {$_USER['username']} (IP: {$_SERVER['REMOTE_ADDR']}) tried to illegally delete comment {$cid} from {$type} {$sid}");
$display .= COM_refresh($_CONF['site_url'] . '/index.php');
}
break;
default:
// assume plugin
if (!($display = PLG_commentDelete($type, COM_applyFilter($_REQUEST['cid'], true), $sid))) {
$display = COM_refresh($_CONF['site_url'] . '/index.php');
}
break;
}
}
return $display;
}
/**
* Prepare a banner item for rendering
*
* @param array $A banner details
* @param ref $template reference of the banner template
*
*/
function prepare_banner_item($A, &$template)
{
global $_CONF, $_USER, $LANG_ADMIN, $LANG_BANNER, $_IMAGE_TYPE, $LANG_DIRECTION;
$url = COM_buildUrl($_CONF['site_url'] . '/banner/portal.php?what=banner&item=' . $A['bid']);
$template->set_var('banner_url', $url);
$template->set_var('banner_actual_url', $A['url']);
$template->set_var('banner_actual_url_encoded', urlencode($A['url']));
$template->set_var('banner_name', stripslashes($A['title']));
$template->set_var('banner_name_encoded', urlencode($A['title']));
$template->set_var('banner_hits', COM_numberFormat($A['hits']));
$content = stripslashes($A['title']);
$template->set_var('banner_html', $content);
if (!COM_isAnonUser() && !SEC_hasRights('banner.edit')) {
$reporturl = $_CONF['site_url'] . '/banner/index.php?mode=report&bid=' . $A['bid'];
$template->set_var('banner_broken', COM_createLink($LANG_BANNER[117], $reporturl, array('class' => 'pluginSmallText', 'rel' => 'nofollow')));
} else {
$template->set_var('banner_broken', '');
}
$bannerimg = nl2br(stripslashes($A['description']));
$flg_link = empty($A['url']) ? false : true;
$banner = banner_buildBanner($A['bid'], $content, $bannerimg, $flg_link);
$template->set_var('banner_description', $banner);
if (SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 && SEC_hasRights('banner.edit')) {
$editurl = $_CONF['site_admin_url'] . '/plugins/banner/index.php?mode=edit&bid=' . $A['bid'];
$template->set_var('banner_edit', COM_createLink($LANG_ADMIN['edit'], $editurl));
$edit_icon = "<img src=\"{$_CONF['layout_url']}/images/edit.{$_IMAGE_TYPE}\" " . "alt=\"{$LANG_ADMIN['edit']}\" title=\"{$LANG_ADMIN['edit']}\"" . XHTML . ">";
$attr = array('class' => 'editlink');
$template->set_var('edit_icon', COM_createLink($edit_icon, $editurl, $attr));
} else {
$template->set_var('banner_edit', '');
$template->set_var('edit_icon', '');
}
}
public function parse($p1, $p2 = '', $fulltag)
{
global $_CONF, $_TABLES, $_USER, $LANG01;
USES_lib_comments();
$retval = '';
$skip = 0;
$dt = new Date('now', $_USER['tzid']);
// topic = specific topic or 'all'
// display = how many stories to display, if 0, then all
// meta = show meta data (i.e.; who when etc)
// titleLink - make title a hot link
// featured - 0 = show all, 1 = only featured, 2 = all except featured
// frontpage - 1 = show only items marked for frontpage - 0 = show all
// cols - number of columns to show
// template - the template name
$topic = $p1;
if ($topic == 'all') {
$topic = '';
}
$uniqueID = md5($p1 . $p2);
$display = 10;
// display 10 articles
$meta = 0;
// do not display meta data
$titleLink = 0;
// do not use links in title
$featured = 0;
// 0 = show all, 1 = only featured, 2 = all except featured
$frontpage = 0;
// only show items marked for frontpage
$cols = 3;
// number of columns
$truncate = 0;
// maximum number of characters to include in story text
$template = 'headlines.thtml';
$px = explode(' ', trim($p2));
if (is_array($px)) {
foreach ($px as $part) {
if (substr($part, 0, 8) == 'display:') {
$a = explode(':', $part);
$display = $a[1];
$skip++;
} elseif (substr($part, 0, 5) == 'meta:') {
$a = explode(':', $part);
$meta = $a[1];
$skip++;
} elseif (substr($part, 0, 10) == 'titlelink:') {
$a = explode(':', $part);
$titleLink = $a[1];
$skip++;
} elseif (substr($part, 0, 9) == 'featured:') {
$a = explode(':', $part);
$featured = $a[1];
$skip++;
} elseif (substr($part, 0, 10) == 'frontpage:') {
$a = explode(':', $part);
$frontpage = (int) $a[1];
$skip++;
} elseif (substr($part, 0, 5) == 'cols:') {
$a = explode(':', $part);
$cols = $a[1];
$skip++;
} elseif (substr($part, 0, 9) == 'template:') {
$a = explode(':', $part);
$template = $a[1];
$skip++;
} elseif (substr($part, 0, 9) == 'truncate:') {
$a = explode(':', $part);
$truncate = (int) $a[1];
$skip++;
} else {
break;
}
}
if ($skip != 0) {
if (count($px) > $skip) {
for ($i = 0; $i < $skip; $i++) {
array_shift($px);
}
$caption = trim(implode(' ', $px));
} else {
$caption = '';
}
}
} else {
$caption = trim($p2);
}
if ($display < 0) {
$display = 3;
}
$hash = CACHE_security_hash();
$instance_id = 'whatsnew_headlines_' . $uniqueID . '_' . $hash . '_' . $_USER['theme'];
if (($cache = CACHE_check_instance($instance_id, 0)) !== FALSE) {
return $cache;
}
$archivetid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1");
$sql = " (date <= NOW()) AND (draft_flag = 0)";
if (empty($topic)) {
$sql .= COM_getLangSQL('tid', 'AND', 's');
}
// if a topic was provided only select those stories.
if (!empty($topic)) {
$sql .= " AND s.tid = '" . DB_escapeString($topic) . "' ";
}
if ($featured == 1) {
$sql .= " AND s.featured = 1 ";
} else {
if ($featured == 2) {
$sql .= " AND s.featured = 0 ";
}
}
if ($frontpage == 1) {
$sql .= " AND frontpage = 1 ";
}
if ($topic != $archivetid) {
$sql .= " AND s.tid != '{$archivetid}' ";
}
$sql .= COM_getPermSQL('AND', 0, 2, 's');
$sql .= COM_getTopicSQL('AND', 0, 's') . ' ';
$userfields = 'u.uid, u.username, u.fullname';
if ($_CONF['allow_user_photo'] == 1) {
$userfields .= ', u.photo';
if ($_CONF['use_gravatar']) {
$userfields .= ', u.email';
}
}
$orderBy = ' date DESC ';
$headlinesSQL = "SELECT STRAIGHT_JOIN s.*, UNIX_TIMESTAMP(s.date) AS unixdate, " . 'UNIX_TIMESTAMP(s.expire) as expireunix, ' . $userfields . ", t.topic, t.imageurl " . "FROM {$_TABLES['stories']} AS s, {$_TABLES['users']} AS u, " . "{$_TABLES['topics']} AS t WHERE (s.uid = u.uid) AND (s.tid = t.tid) AND" . $sql . "ORDER BY featured DESC," . $orderBy;
if ($display > 0) {
$headlinesSQL .= " LIMIT " . $display;
}
$result = DB_query($headlinesSQL);
$numRows = DB_numRows($result);
if ($numRows < $cols) {
$cols = $numRows;
}
if ($cols > 6) {
$cols = 6;
}
if ($numRows > 0) {
$T = new Template($_CONF['path'] . 'system/autotags/');
$T->set_file('page', $template);
$T->set_var('columns', $cols);
$T->set_block('page', 'headlines', 'hl');
$newstories = array();
while ($A = DB_fetchArray($result)) {
$T->unset_var('readmore_url');
$T->unset_var('lang_readmore');
if ($A['attribution_author'] != '') {
$author = $A['attribution_author'];
} else {
$author = $A['username'];
}
$title = COM_undoSpecialChars($A['title']);
$title = str_replace(' ', ' ', $title);
$subtitle = COM_undoSpecialChars($A['subtitle']);
if ($A['story_image'] != '') {
$story_image = $_CONF['site_url'] . $A['story_image'];
} else {
$story_image = '';
}
$A['introtext'] = STORY_renderImages($A['sid'], $A['introtext']);
if (!empty($A['bodytext'])) {
$closingP = strrpos($A['introtext'], "</p>");
if ($closingP !== FALSE) {
$text = substr($A['introtext'], 0, $closingP);
$A['introtext'] = $text;
}
// adds the read more link
$T->set_var('readmore_url', COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']));
$T->set_var('lang_readmore', $LANG01['continue_reading']);
}
if ($truncate > 0) {
$A['introtext'] = $this->truncateHTML($A['introtext'], $truncate, '...');
}
$topicurl = $_CONF['site_url'] . '/index.php?topic=' . $A['tid'];
$dt->setTimestamp($A['unixdate']);
if ($A['commentcode'] >= 0) {
$cmtLinkArray = CMT_getCommentLinkWithCount('article', $A['sid'], $_CONF['site_url'] . '/article.php?story=' . $A['sid'], $A['comments'], 1);
$T->set_var(array('lang_comments' => '', 'comments_count' => $cmtLinkArray['comment_count'], 'comments_url' => $cmtLinkArray['url'], 'comments_url_extra' => $cmtLinkArray['url_extra']));
} else {
$T->unset_var('lang_comments');
$T->unset_var('comments_count');
$T->unset_var('comments_url');
$T->unset_var('comments_url_extra');
}
$T->set_var(array('titlelink' => $titleLink ? TRUE : '', 'meta' => $meta ? TRUE : '', 'lang_by' => $LANG01[95], 'lang_posted_in' => $LANG01['posted_in'], 'story_topic_url' => $topicurl, 'title' => $title, 'subtitle' => $subtitle, 'story_image' => $story_image, 'text' => PLG_replaceTags($A['introtext']), 'date' => $A['date'], 'time' => $dt->format('Y-m-d', true) . 'T' . $dt->format('H:i:s', true), 'topic' => $A['topic'], 'tid' => $A['tid'], 'author' => $author, 'author_id' => $A['uid'], 'sid' => $A['sid'], 'short_date' => $dt->format($_CONF['shortdate'], true), 'date_only' => $dt->format($_CONF['dateonly'], true), 'date' => $dt->format($dt->getUserFormat(), true), 'url' => COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']), 'attribution_url' => $A['attribution_url'], 'attribution_name' => $A['attribution_name']));
$T->parse('hl', 'headlines', true);
}
$retval = $T->finish($T->parse('output', 'page'));
CACHE_create_instance($instance_id, $retval, 0);
}
return $retval;
}
/**
* Display form to email a story to someone.
*
* @param string $sid ID of article to email
* @return string HTML for email story form
*
*/
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG08, $LANG_LOGIN;
require_once $_CONF['path_system'] . 'lib-story.php';
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
$retval = COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$login = new Template($_CONF['path_layout'] . 'submit');
$login->set_file(array('login' => 'submitloginrequired.thtml'));
$login->set_var('xhtml', XHTML);
$login->set_var('site_url', $_CONF['site_url']);
$login->set_var('site_admin_url', $_CONF['site_admin_url']);
$login->set_var('layout_url', $_CONF['layout_url']);
$login->set_var('login_message', $LANG_LOGIN[2]);
$login->set_var('lang_login', $LANG_LOGIN[3]);
$login->set_var('lang_newuser', $LANG_LOGIN[4]);
$login->parse('output', 'login');
$retval .= $login->finish($login->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
return $retval;
}
$story = new Story();
$result = $story->loadFromDatabase($sid, 'view');
if ($result != STORY_LOADED_OK) {
return COM_refresh($_CONF['site_url'] . '/index.php');
}
if ($msg > 0) {
$retval .= COM_showMessage($msg);
}
if (empty($from) && empty($fromemail)) {
if (!COM_isAnonUser()) {
$from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
$fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
}
}
$mail_template = new Template($_CONF['path_layout'] . 'profiles');
$mail_template->set_file('form', 'contactauthorform.thtml');
$mail_template->set_var('xhtml', XHTML);
$mail_template->set_var('site_url', $_CONF['site_url']);
$mail_template->set_var('site_admin_url', $_CONF['site_admin_url']);
$mail_template->set_var('layout_url', $_CONF['layout_url']);
$mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
$mail_template->set_var('lang_title', $LANG08[31]);
$mail_template->set_var('story_title', $story->displayElements('title'));
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
$mail_template->set_var('story_url', $url);
$link = COM_createLink($story->displayElements('title'), $url);
$mail_template->set_var('story_link', $link);
$mail_template->set_var('lang_fromname', $LANG08[20]);
$mail_template->set_var('name', $from);
$mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
$mail_template->set_var('email', $fromemail);
$mail_template->set_var('lang_toname', $LANG08[18]);
$mail_template->set_var('toname', $to);
$mail_template->set_var('lang_toemailaddress', $LANG08[19]);
$mail_template->set_var('toemail', $toemail);
$mail_template->set_var('lang_cc', $LANG08[36]);
$mail_template->set_var('lang_cc_description', $LANG08[37]);
$mail_template->set_var('lang_shortmessage', $LANG08[27]);
$mail_template->set_var('shortmsg', htmlspecialchars($shortmsg));
$mail_template->set_var('lang_warning', $LANG08[22]);
$mail_template->set_var('lang_sendmessage', $LANG08[16]);
$mail_template->set_var('story_id', $sid);
$mail_template->set_var('end_block', COM_endBlock());
PLG_templateSetVars('emailstory', $mail_template);
$mail_template->parse('output', 'form');
$retval .= $mail_template->finish($mail_template->get_var('output'));
return $retval;
}
/**
* Return a canonical link
*
* @param string $dir_topic current topic or 'all'
* @param int $year current year
* @param int $month current month
* @return string <link rel="canonical"> tag
*
*/
function DIR_canonicalLink($dir_topic, $year = 0, $month = 0)
{
global $_CONF;
$script = $_CONF['site_url'] . '/' . THIS_SCRIPT;
$tp = '?topic=' . urlencode($dir_topic);
$parts = '';
if ($year != 0 && $month != 0) {
$parts .= "&year={$year}&month={$month}";
} elseif ($year != 0) {
$parts .= "&year={$year}";
} elseif ($dir_topic == 'all') {
$tp = '';
}
$url = COM_buildUrl($script . $tp . $parts);
return '<link rel="canonical" href="' . $url . '"' . XHTML . '>' . LB;
}
/**
* CallBack function for the ListFactory class
*
* This function gets called by the ListFactory class and formats
* each row accordingly for example pulling usernames from the
* users table and displaying a link to their profile.
*
* @author Sami Barakat <s.m.barakat AT gmail DOT com>
* @access public
* @param array $row An array of plain data to format
* @return array A reformatted version of the input array
*
*/
function searchFormatCallBack($preSort, $row)
{
global $_CONF, $_USER;
$dt = new Date('now', $_USER['tzid']);
if ($preSort) {
$row[SQL_TITLE] = is_array($row[SQL_TITLE]) ? implode($_CONF['search_separator'], $row[SQL_TITLE]) : $row[SQL_TITLE];
if (is_numeric($row['uid'])) {
if (empty($this->_names[$row['uid']])) {
$this->_names[$row['uid']] = htmlspecialchars(COM_getDisplayName($row['uid']));
if ($row['uid'] != 1) {
$this->_names[$row['uid']] = COM_createLink($this->_names[$row['uid']], $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $row['uid']);
}
}
$row['uid'] = $this->_names[$row['uid']];
}
} else {
$row[SQL_TITLE] = COM_createLink($row[SQL_TITLE], $this->_searchURL . '&type=' . $row[SQL_NAME] . '&mode=search');
$row['url'] = ($row['url'][0] == '/' ? $_CONF['site_url'] : '') . $row['url'];
if ($this->_url_rewrite[$row[SQL_NAME]]) {
$row['url'] = COM_buildUrl($row['url']);
}
if ($row['title'] == '') {
$row['title'] = $row[SQL_TITLE];
}
$row['title'] = $row['title'];
// $this->_shortenText($this->_query, $row['title'], 6);
$row['title'] = str_replace('$', '$', $row['title']);
$row['title'] = COM_createLink($row['title'], $row['url']);
if ($row['description'] == '') {
$row['description'] = $_CONF['search_no_data'];
} else {
$row['description'] = $row['description'];
}
if ($row['description'] != $_CONF['search_no_data']) {
$row['description'] = $this->_shortenText($this->_query, $row['description'], $this->_wordlength);
}
$dt->setTimestamp($row['date']);
$row['date'] = $dt->format($_CONF['daytime'], true);
$row['hits'] = COM_NumberFormat($row['hits']) . ' ';
// simple solution to a silly problem!
}
return $row;
}
/**
* This function will allow plugins to support the use of custom autolinks
* in other site content. Plugins can now use this API when saving content
* and have the content checked for any autolinks before saving.
* The autolink would be like: [story:20040101093000103 here]
*
* @param string $content Content that should be parsed for autolinks
* @param string $namespace Optional Namespace or plugin name collecting tag info
* @param string $operation Optional Operation being performed
* @param string $plugin Optional if you only want to parse using a specific plugin
*
*/
function PLG_replaceTags($content, $namespace = '', $operation = '', $plugin = '')
{
global $_CONF, $_TABLES, $_BLOCK_TEMPLATE, $LANG32, $_AUTOTAGS, $mbMenu, $autoTagUsage;
if (isset($_CONF['disable_autolinks']) && $_CONF['disable_autolinks'] == 1) {
// autolinks are disabled - return $content unchanged
return $content;
}
static $recursionCount = 0;
if ($recursionCount > 5) {
COM_errorLog("AutoTag infinite recursion detected on " . $namespace . " " . $operation);
return $content;
}
$autolinkModules = PLG_collectTags();
$autoTagUsage = PLG_autoTagPerms();
if (!empty($namespace) && !empty($operation)) {
$postFix = '.' . $namespace . '.' . $operation;
} else {
$postFix = '';
}
// For each supported module, scan the content looking for any AutoLink tags
$tags = array();
$contentlen = utf8_strlen($content);
$content_lower = utf8_strtolower($content);
foreach ($autolinkModules as $moduletag => $module) {
$autotag_prefix = '[' . $moduletag . ':';
$offset = 0;
$prev_offset = 0;
while ($offset < $contentlen) {
$start_pos = utf8_strpos($content_lower, $autotag_prefix, $offset);
if ($start_pos === false) {
break;
} else {
$end_pos = utf8_strpos($content_lower, ']', $start_pos);
$next_tag = utf8_strpos($content_lower, '[', $start_pos + 1);
if ($end_pos > $start_pos and ($next_tag === false or $end_pos < $next_tag)) {
$taglength = $end_pos - $start_pos + 1;
$tag = utf8_substr($content, $start_pos, $taglength);
$parms = explode(' ', $tag);
// Extra test to see if autotag was entered with a space
// after the module name
if (utf8_substr($parms[0], -1) == ':') {
$startpos = utf8_strlen($parms[0]) + utf8_strlen($parms[1]) + 2;
$label = str_replace(']', '', utf8_substr($tag, $startpos));
$tagid = $parms[1];
} else {
$label = str_replace(']', '', utf8_substr($tag, utf8_strlen($parms[0]) + 1));
$parms = explode(':', $parms[0]);
if (count($parms) > 2) {
// whoops, there was a ':' in the tag id ...
array_shift($parms);
$tagid = implode(':', $parms);
} else {
$tagid = $parms[1];
}
}
$newtag = array('module' => $module, 'tag' => $moduletag, 'tagstr' => $tag, 'startpos' => $start_pos, 'length' => $taglength, 'parm1' => str_replace(']', '', $tagid), 'parm2' => $label);
$tags[] = $newtag;
} else {
// Error: tags do not match - return with no changes
return $content . $LANG32[32];
}
$prev_offset = $offset;
$offset = $end_pos;
}
}
}
// If we have found 1 or more AutoLink tag
if (count($tags) > 0) {
// Found the [tag] - Now process them all
$recursionCount++;
foreach ($tags as $autotag) {
$permCheck = $autotag['tag'] . $postFix;
if (empty($postFix) || !isset($autoTagUsage[$permCheck]) || $autoTagUsage[$permCheck] == 1) {
$function = 'plugin_autotags_' . $autotag['module'];
if ($autotag['module'] == 'glfusion' and (empty($plugin) or $plugin == 'glfusion')) {
$url = '';
$linktext = $autotag['parm2'];
if ($autotag['tag'] == 'story') {
$autotag['parm1'] = COM_applyFilter($autotag['parm1']);
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $autotag['parm1']);
if (empty($linktext)) {
$linktext = DB_getItem($_TABLES['stories'], 'title', "sid = '" . DB_escapeString($autotag['parm1']) . "'");
}
}
if (!empty($url)) {
$filelink = COM_createLink($linktext, $url);
$content = str_replace($autotag['tagstr'], $filelink, $content);
}
if ($autotag['tag'] == 'story_introtext') {
$url = '';
$linktext = '';
USES_lib_story();
if (isset($_USER['uid']) && $_USER['uid'] > 1) {
$result = DB_query("SELECT maxstories,tids,aids FROM {$_TABLES['userindex']} WHERE uid = {$_USER['uid']}");
$U = DB_fetchArray($result);
} else {
$U['maxstories'] = 0;
$U['aids'] = '';
$U['tids'] = '';
}
$sql = " (date <= NOW()) AND (draft_flag = 0)";
if (empty($topic)) {
$sql .= COM_getLangSQL('tid', 'AND', 's');
}
$sql .= COM_getPermSQL('AND', 0, 2, 's');
if (!empty($U['aids'])) {
$sql .= " AND s.uid NOT IN (" . str_replace(' ', ",", $U['aids']) . ") ";
}
if (!empty($U['tids'])) {
$sql .= " AND s.tid NOT IN ('" . str_replace(' ', "','", $U['tids']) . "') ";
}
$sql .= COM_getTopicSQL('AND', 0, 's') . ' ';
$userfields = 'u.uid, u.username, u.fullname';
$msql = "SELECT STRAIGHT_JOIN s.*, UNIX_TIMESTAMP(s.date) AS unixdate, " . 'UNIX_TIMESTAMP(s.expire) as expireunix, ' . $userfields . ", t.topic, t.imageurl " . "FROM {$_TABLES['stories']} AS s, {$_TABLES['users']} AS u, " . "{$_TABLES['topics']} AS t WHERE s.sid = '" . $autotag['parm1'] . "' AND (s.uid = u.uid) AND (s.tid = t.tid) AND" . $sql;
$result = DB_query($msql);
$nrows = DB_numRows($result);
if ($A = DB_fetchArray($result)) {
$story = new Story();
$story->loadFromArray($A);
$linktext = STORY_renderArticle($story, 'y');
}
$content = str_replace($autotag['tagstr'], $linktext, $content);
}
if ($autotag['tag'] == 'showblock') {
$blockName = COM_applyBasicFilter($autotag['parm1']);
$result = DB_query("SELECT * FROM {$_TABLES['blocks']} WHERE name = '" . DB_escapeString($blockName) . "'" . COM_getPermSQL('AND'));
if (DB_numRows($result) > 0) {
$skip = 0;
$B = DB_fetchArray($result);
$template = '';
$side = '';
$px = explode(' ', trim($autotag['parm2']));
if (is_array($px)) {
foreach ($px as $part) {
if (substr($part, 0, 9) == 'template:') {
$a = explode(':', $part);
$template = $a[1];
$skip++;
} elseif (substr($part, 0, 5) == 'side:') {
$a = explode(':', $part);
$side = $a[1];
$skip++;
break;
}
}
if ($skip != 0) {
if (count($px) > $skip) {
for ($i = 0; $i < $skip; $i++) {
array_shift($px);
}
$caption = trim(implode(' ', $px));
} else {
$caption = '';
}
}
}
if ($template != '') {
$_BLOCK_TEMPLATE[$blockName] = 'blockheader-' . $template . '.thtml,blockfooter-' . $template . '.thtml';
}
if ($side == 'left') {
$B['onleft'] = 1;
} else {
if ($side == 'right') {
$B['onleft'] = 0;
}
}
$linktext = COM_formatBlock($B);
$content = str_replace($autotag['tagstr'], $linktext, $content);
} else {
$content = str_replace($autotag['tagstr'], '', $content);
}
}
if ($autotag['tag'] == 'menu') {
$menu = '';
$menuID = trim($autotag['parm1']);
$menuHTML = displayMenu($menuID);
$content = str_replace($autotag['tagstr'], $menuHTML, $content);
}
if (isset($_AUTOTAGS[$autotag['tag']])) {
$content = autotags_autotag('parse', $content, $autotag);
}
} else {
if (function_exists($function) and (empty($plugin) or $plugin == $autotag['module'])) {
$content = $function('parse', $content, $autotag);
}
}
}
}
$recursionCount--;
}
return $content;
}