/**
* Adds an event to the user's calendar
*
* The user has asked that an event be added to their personal
* calendar. Show a confirmation screen.
*
* @param string $eid event ID to add to user's calendar
* @return string HTML for confirmation form
*
*/
function adduserevent($eid)
{
global $_CONF, $_TABLES, $LANG_CALJP_1;
$retval = '';
$eventsql = "SELECT * FROM {$_TABLES['eventsjp']} WHERE eid='{$eid}'" . COM_getPermSql('AND');
$result = DB_query($eventsql);
$nrows = DB_numRows($result);
if ($nrows == 1) {
$retval .= COM_startBlock(sprintf($LANG_CALJP_1[11], COM_getDisplayName()));
$A = DB_fetchArray($result);
$cal_template = COM_newTemplate($_CONF['path'] . 'plugins/calendarjp/templates/');
$cal_template->set_file(array('addevent' => 'addevent.thtml'));
$cal_template->set_var('intro_msg', $LANG_CALJP_1[8]);
$cal_template->set_var('lang_event', $LANG_CALJP_1[12]);
$event_title = stripslashes($A['title']);
if (!empty($A['url']) && $A['url'] != 'http://') {
$event_title_and_url = COM_createLink($event_title, $A['url'], array('class' => 'url'));
$cal_template->set_var('event_url', $A['url']);
$cal_template->set_var('event_begin_anchortag', '<a href="' . $A['url'] . '" class="url">');
$cal_template->set_var('event_end_anchortag', '</a>');
} else {
$event_title_and_url = $event_title;
$cal_template->set_var('event_url', '');
$cal_template->set_var('event_begin_anchortag', '');
$cal_template->set_var('event_end_anchortag', '');
}
$cal_template->set_var('event_title', $event_title_and_url);
$cal_template->set_var('event_title_only', $event_title);
$cal_template->set_var('lang_starts', $LANG_CALJP_1[13]);
$cal_template->set_var('lang_ends', $LANG_CALJP_1[14]);
$thestart = COM_getUserDateTimeFormat($A['datestart'] . ' ' . $A['timestart']);
$theend = COM_getUserDateTimeFormat($A['dateend'] . ' ' . $A['timeend']);
if ($A['allday'] == 0) {
$cal_template->set_var('event_start', $thestart[0]);
$cal_template->set_var('event_end', $theend[0]);
} else {
$cal_template->set_var('event_start', strftime($_CONF['shortdate'], $thestart[1]));
$cal_template->set_var('event_end', strftime($_CONF['shortdate'], $theend[1]));
}
$cal_template->set_var('lang_where', $LANG_CALJP_1[4]);
$location = stripslashes($A['location']) . '<br' . XHTML . '>' . stripslashes($A['address1']) . '<br' . XHTML . '>' . stripslashes($A['address2']) . '<br' . XHTML . '>' . stripslashes($A['city']) . ', ' . stripslashes($A['state']) . ' ' . $A['zipcode'];
$cal_template->set_var('event_location', $location);
$cal_template->set_var('lang_description', $LANG_CALJP_1[5]);
$description = stripslashes($A['description']);
if (empty($A['postmode']) || $A['postmode'] == 'plaintext') {
$description = COM_nl2br($description);
}
$cal_template->set_var('event_description', PLG_replaceTags($description));
$cal_template->set_var('event_id', $eid);
$cal_template->set_var('lang_addtomycalendar', $LANG_CALJP_1[9]);
$cal_template->set_var('gltoken_name', CSRF_TOKEN);
$cal_template->set_var('gltoken', SEC_createToken());
$cal_template->parse('output', 'addevent');
$retval .= $cal_template->finish($cal_template->get_var('output'));
$retval .= COM_endBlock();
} else {
$retval .= COM_showMessage(23);
}
return $retval;
}
function MG_buildSearchBox(&$T, $searchinfo = array())
{
global $_CONF, $_MG_CONF, $_TABLES, $LANG_MG01, $LANG_MG03;
$cat_select = '<select name="cat_id">';
$select_cat_id = $searchinfo['cat_id'] == '' ? UC_SELECTED : '';
$cat_select .= '<option value="" ' . $select_cat_id . '>' . $LANG_MG03['all_categories'] . '</option>';
$result = DB_query("SELECT cat_id, cat_name FROM {$_TABLES['mg_category']} ORDER BY cat_id ASC");
while ($row = DB_fetchArray($result)) {
$select_cat_id = $searchinfo['cat_id'] == $row['cat_id'] ? UC_SELECTED : '';
$cat_select .= '<option value="' . $row['cat_id'] . '" ' . $select_cat_id . '>' . $row['cat_name'] . '</option>';
}
$cat_select .= '</select>';
$keytype = MG_optionlist(array('name' => 'keyType', 'current' => $searchinfo['keytype'], 'values' => array('phrase' => $LANG_MG03['exact_phrase'], 'all' => $LANG_MG03['all'], 'any' => $LANG_MG03['any'])));
$swhere = MG_optionlist(array('name' => 'swhere', 'current' => $searchinfo['swhere'], 'values' => array('0' => $LANG_MG03['title_desc_keywords'], '1' => $LANG_MG03['keywords_only'], '2' => $LANG_MG03['title_desc_only'], '3' => $LANG_MG01['artist'], '4' => $LANG_MG01['music_album'], '5' => $LANG_MG01['genre'])));
$nresults = MG_optionlist(array('name' => 'numresults', 'current' => $searchinfo['numresults'], 'values' => array('10' => '10', '20' => '20', '30' => '30', '40' => '40', '50' => '50')));
$userselect = '<select name="uid">';
$select_uid = $searchinfo['uid'] == '0' ? UC_SELECTED : '';
$userselect .= '<option value="0" ' . $select_uid . '>' . $LANG_MG01['all_users'] . '</option>';
$result = DB_query("SELECT uid FROM {$_TABLES['users']} WHERE uid > 1 ORDER BY username");
while ($U = DB_fetchArray($result)) {
$select_uid = $searchinfo['uid'] == $U['uid'] ? UC_SELECTED : '';
$userselect .= '<option value="' . $U['uid'] . '" ' . $select_uid . '>' . COM_getDisplayName($U['uid']) . '</option>';
}
$userselect .= '</select>';
$T->set_var(array('s_form_action' => $_MG_CONF['site_url'] . '/search.php', 'mode' => 'search', 'action' => '', 'cat_select' => $cat_select, 'keytype_select' => $keytype, 'swhere_select' => $swhere, 'nresults_select' => $nresults, 'user_select' => $userselect, 'lang_search_title' => $LANG_MG03['advanced_search'], 'lang_search_query' => $LANG_MG03['search_query'], 'lang_search_help' => $LANG_MG03['search_help'], 'lang_options' => $LANG_MG03['options'], 'lang_keywords' => $LANG_MG03['keywords'], 'lang_category' => $LANG_MG03['category'], 'lang_all_fields' => $LANG_MG03['all_fields'], 'lang_keyword_only' => $LANG_MG03['keywords_only'], 'lang_return_results' => $LANG_MG03['return_results'], 'lang_search_for' => $LANG_MG03['search_for'], 'lang_search_in' => $LANG_MG03['search_in'], 'lang_results' => $LANG_MG03['results'], 'lang_per_page' => $LANG_MG03['per_page'], 'lang_search' => $LANG_MG01['search'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_user' => $LANG_MG01['select_user']));
}
function MG_displaySearchBox($msg = '')
{
global $_CONF, $_MG_CONF, $_TABLES, $LANG_MG01, $LANG_MG03;
$retval = '';
$T = new Template(MG_getTemplatePath(0));
$T->set_file('search', 'search.thtml');
$cat_select = '<select name="cat_id">';
$cat_select .= '<option value="">' . $LANG_MG03['all_categories'] . '</option>';
$result = DB_query("SELECT * FROM {$_TABLES['mg_category']} ORDER BY cat_id ASC");
$nRows = DB_numRows($result);
for ($i = 0; $i < $nRows; $i++) {
$row = DB_fetchArray($result);
$cat_select .= '<option value="' . $row['cat_id'] . '">' . $row['cat_name'] . '</option>';
}
$cat_select .= '</select>';
$keytype = '<select name="keyType">';
$keytype .= '<option value="phrase">' . $LANG_MG03['exact_phrase'] . '</option>';
$keytype .= '<option value="all">' . $LANG_MG03['all'] . '</option>';
$keytype .= '<option value="any">' . $LANG_MG03['any'] . '</option>';
$keytype .= '</select>';
$swhere = '<select name="swhere">';
$swhere .= '<option value="0">' . $LANG_MG03['title_desc_keywords'] . '</option>';
$swhere .= '<option value="1">' . $LANG_MG03['keywords_only'] . '</option>';
$swhere .= '<option value="2">' . $LANG_MG03['title_desc_only'] . '</option>';
$swhere .= '<option value="3">' . $LANG_MG01['artist'] . '</option>';
$swhere .= '<option value="4">' . $LANG_MG01['music_album'] . '</option>';
$swhere .= '<option value="5">' . $LANG_MG01['genre'] . '</option>';
$swhere .= '</select>';
$nresults = '<select name="numresults">';
$nresults .= '<option value="10">10</option>';
$nresults .= '<option value="20">20</option>';
$nresults .= '<option value="30">30</option>';
$nresults .= '<option value="40">40</option>';
$nresults .= '<option value="50">50</option>';
$nresults .= '</select>';
$userselect = '<select name="uid">';
$userselect .= '<option value="0">' . $LANG_MG01['all_users'] . '</option>';
$sql = "SELECT uid,username,fullname FROM {$_TABLES['users']} WHERE uid > 1 ORDER BY username";
$result = DB_query($sql);
while ($U = DB_fetchArray($result)) {
$userselect .= '<option value="' . $U['uid'] . '">' . COM_getDisplayName($U['uid']) . '</option>' . LB;
}
$userselect .= '</select>';
$T->set_var(array('msg' => $msg, 's_form_action' => $_MG_CONF['site_url'] . '/search.php', 'mode' => 'search', 'action' => '', 'cat_select' => $cat_select, 'keytype_select' => $keytype, 'swhere_select' => $swhere, 'nresults_select' => $nresults, 'user_select' => $userselect, 'lang_search_title' => $LANG_MG03['advanced_search'], 'lang_search_query' => $LANG_MG03['search_query'], 'lang_search_help' => $LANG_MG03['search_help'], 'lang_options' => $LANG_MG03['options'], 'lang_keywords' => $LANG_MG03['keywords'], 'lang_category' => $LANG_MG03['category'], 'lang_all_fields' => $LANG_MG03['all_fields'], 'lang_keyword_only' => $LANG_MG03['keywords_only'], 'lang_return_results' => $LANG_MG03['return_results'], 'lang_search_for' => $LANG_MG03['search_for'], 'lang_search_in' => $LANG_MG03['search_in'], 'lang_results' => $LANG_MG03['results'], 'lang_per_page' => $LANG_MG03['per_page'], 'lang_search' => $LANG_MG01['search'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_user' => $LANG_MG01['select_user']));
$T->parse('output', 'search');
$retval .= $T->finish($T->get_var('output'));
return $retval;
}
$report->set_var('pm_link', '');
}
if ($siteMembers['homepage'] != '') {
$homepage = trim($siteMembers['homepage']);
if (strtolower(substr($homepage, 0, 4)) != 'http') {
$homepage = 'http://' . $homepage;
}
$report->set_var('link_url', $homepage);
$report->set_var('link_text', $LANG_GF09['home']);
$report->parse('website_link', 'link');
} else {
$report->set_var('website_link', '');
}
$regdate = explode(" ", $siteMembers['regdate']);
$report->set_var('member_uid', $siteMembers['uid']);
$report->set_var('member_name', COM_getDisplayName($siteMembers['uid']));
$report->set_var('csscode', $csscode);
$report->set_var('member_regdate', $regdate[0]);
$report->set_var('member_numposts', $siteMembers['posts']);
$report->set_var('member_uid', $siteMembers['uid']);
$report->parse('report_records', 'records', true);
if ($csscode == 2) {
$csscode = 1;
} else {
$csscode++;
}
}
$report->set_var('pagenavigation', COM_printPageNavigation($base_url, $page, $numpages));
$report->parse('output', 'report');
$display .= $report->finish($report->get_var('output'));
}
/**
* Shows story editor
*
* Displays the story entry form
*
* @param string $sid ID of story to edit
* @param string $mode 'preview', 'edit', 'editsubmission', 'clone'
* @param string $errormsg a message to display on top of the page
* @return string HTML for story editor
*
*/
function storyeditor($sid = '', $mode = '', $errormsg = '')
{
global $_CONF, $_TABLES, $_USER, $LANG24, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS, $LANG_DIRECTION, $LANG_MONTH, $LANG_WEEK;
$display = '';
if (!isset($_CONF['hour_mode'])) {
$_CONF['hour_mode'] = 12;
}
if (!empty($errormsg)) {
$display .= COM_showMessageText($errormsg, $LANG24[25]);
}
$story = new Story();
if ($mode == 'preview') {
// Handle Magic GPC Garbage:
while (list($key, $value) = each($_POST)) {
if (!is_array($value)) {
$_POST[$key] = COM_stripslashes($value);
} else {
while (list($subkey, $subvalue) = each($value)) {
$value[$subkey] = COM_stripslashes($subvalue);
}
}
}
$result = $story->loadFromArgsArray($_POST);
if ($_CONF['maximagesperarticle'] > 0) {
$errors = $story->checkAttachedImages();
if (count($errors) > 0) {
$msg = $LANG24[55] . LB . '<ul>' . LB;
foreach ($errors as $err) {
$msg .= '<li>' . $err . '</li>' . LB;
}
$msg .= '</ul>' . LB;
$display .= COM_showMessageText($msg, $LANG24[54]);
}
}
} else {
$result = $story->loadFromDatabase($sid, $mode);
}
if ($result == STORY_PERMISSION_DENIED || $result == STORY_NO_ACCESS_PARAMS) {
$display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied']);
COM_accessLog("User {$_USER['username']} tried to illegally access story {$sid}.");
return $display;
} elseif ($result == STORY_EDIT_DENIED || $result == STORY_EXISTING_NO_EDIT_PERMISSION) {
$display .= COM_showMessageText($LANG24[41], $LANG_ACCESS['accessdenied']);
$display .= STORY_renderArticle($story, 'p');
COM_accessLog("User {$_USER['username']} tried to illegally edit story {$sid}.");
return $display;
} elseif ($result == STORY_INVALID_SID) {
if ($mode == 'editsubmission') {
// that submission doesn't seem to be there any more (may have been
// handled by another Admin) - take us back to the moderation page
return COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
} else {
return COM_refresh($_CONF['site_admin_url'] . '/story.php');
}
} elseif ($result == STORY_DUPLICATE_SID) {
$display .= COM_showMessageText($LANG24[24]);
}
// Load HTML templates
$story_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/story');
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
$story_templates->set_file(array('editor' => 'storyeditor_advanced.thtml'));
$advanced_editormode = true;
$story_templates->set_var('change_editormode', 'onchange="change_editmode(this);"');
require_once $_CONF['path_system'] . 'classes/navbar.class.php';
$story_templates->set_var('show_preview', 'none');
$story_templates->set_var('lang_expandhelp', $LANG24[67]);
$story_templates->set_var('lang_reducehelp', $LANG24[68]);
$story_templates->set_var('lang_publishdate', $LANG24[69]);
$story_templates->set_var('lang_toolbar', $LANG24[70]);
$story_templates->set_var('toolbar1', $LANG24[71]);
$story_templates->set_var('toolbar2', $LANG24[72]);
$story_templates->set_var('toolbar3', $LANG24[73]);
$story_templates->set_var('toolbar4', $LANG24[74]);
$story_templates->set_var('toolbar5', $LANG24[75]);
if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
$story_templates->set_var('show_texteditor', 'none');
$story_templates->set_var('show_htmleditor', '');
} else {
$story_templates->set_var('show_texteditor', '');
$story_templates->set_var('show_htmleditor', 'none');
}
} else {
$story_templates->set_file(array('editor' => 'storyeditor.thtml'));
$advanced_editormode = false;
}
$story_templates->set_var('hour_mode', $_CONF['hour_mode']);
if ($story->hasContent()) {
$previewContent = STORY_renderArticle($story, 'p');
if ($advanced_editormode and $previewContent != '') {
$story_templates->set_var('preview_content', $previewContent);
} elseif ($previewContent != '') {
$display .= COM_startBlock($LANG24[26], '', COM_getBlockTemplate('_admin_block', 'header'));
$display .= $previewContent;
$display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
}
}
if ($advanced_editormode) {
$navbar = new navbar();
if (!empty($previewContent)) {
$navbar->add_menuitem($LANG24[79], 'showhideEditorDiv("preview",0);return false;', true);
$navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",1);return false;', true);
$navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",2);return false;', true);
$navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",3);return false;', true);
$navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",4);return false;', true);
$navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",5);return false;', true);
$navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",6);return false;', true);
} else {
$navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",0);return false;', true);
$navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",1);return false;', true);
$navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",2);return false;', true);
$navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",3);return false;', true);
$navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",4);return false;', true);
$navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",5);return false;', true);
}
if ($mode == 'preview') {
$story_templates->set_var('show_preview', '');
$story_templates->set_var('show_htmleditor', 'none');
$story_templates->set_var('show_texteditor', 'none');
$story_templates->set_var('show_submitoptions', 'none');
$navbar->set_selected($LANG24[79]);
} else {
$navbar->set_selected($LANG24[80]);
}
$story_templates->set_var('navbar', $navbar->generate());
}
$oldsid = $story->EditElements('originalSid');
if (!empty($oldsid) && $mode != 'clone') {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$story_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$story_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
}
if ($mode == 'editsubmission' || $story->type == 'submission') {
$story_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"' . XHTML . '>');
}
$story_templates->set_var('lang_author', $LANG24[7]);
$storyauthor = COM_getDisplayName($story->EditElements('uid'));
$story_templates->set_var('story_author', $storyauthor);
$story_templates->set_var('author', $storyauthor);
$story_templates->set_var('story_uid', $story->EditElements('uid'));
// user access info
$story_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$story_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($story->EditElements('owner_id'));
$story_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', 'uid = ' . $story->EditElements('owner_id')));
$story_templates->set_var('owner_name', $ownername);
$story_templates->set_var('owner', $ownername);
$story_templates->set_var('owner_id', $story->EditElements('owner_id'));
$story_templates->set_var('lang_group', $LANG_ACCESS['group']);
$story_templates->set_var('group_dropdown', SEC_getGroupDropdown($story->EditElements('group_id'), 3));
$story_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$story_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$story_templates->set_var('permissions_editor', SEC_getPermissionsHTML($story->EditElements('perm_owner'), $story->EditElements('perm_group'), $story->EditElements('perm_members'), $story->EditElements('perm_anon')));
$story_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
$story_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$curtime = COM_getUserDateTimeFormat($story->EditElements('date'));
$story_templates->set_var('lang_date', $LANG24[15]);
$story_templates->set_var('publish_second', $story->EditElements('publish_second'));
$publish_ampm = '';
$publish_hour = $story->EditElements('publish_hour');
if ($publish_hour >= 12) {
if ($publish_hour > 12) {
$publish_hour = $publish_hour - 12;
}
$ampm = 'pm';
} else {
$ampm = 'am';
}
$ampm_select = COM_getAmPmFormSelection('publish_ampm', $ampm);
$story_templates->set_var('publishampm_selection', $ampm_select);
$month_options = COM_getMonthFormOptions($story->EditElements('publish_month'));
$story_templates->set_var('publish_month_options', $month_options);
$day_options = COM_getDayFormOptions($story->EditElements('publish_day'));
$story_templates->set_var('publish_day_options', $day_options);
$year_options = COM_getYearFormOptions($story->EditElements('publish_year'));
$story_templates->set_var('publish_year_options', $year_options);
if ($_CONF['hour_mode'] == 24) {
$hour_options = COM_getHourFormOptions($story->EditElements('publish_hour'), 24);
} else {
$hour_options = COM_getHourFormOptions($publish_hour);
}
$story_templates->set_var('publish_hour_options', $hour_options);
$minute_options = COM_getMinuteFormOptions($story->EditElements('publish_minute'));
$story_templates->set_var('publish_minute_options', $minute_options);
$story_templates->set_var('publish_date_explanation', $LANG24[46]);
$story_templates->set_var('story_unixstamp', $story->EditElements('unixdate'));
$story_templates->set_var('expire_second', $story->EditElements('expire_second'));
$expire_ampm = '';
$expire_hour = $story->EditElements('expire_hour');
if ($expire_hour >= 12) {
if ($expire_hour > 12) {
$expire_hour = $expire_hour - 12;
}
$ampm = 'pm';
} else {
$ampm = 'am';
}
$ampm_select = COM_getAmPmFormSelection('expire_ampm', $ampm);
if (empty($ampm_select)) {
// have a hidden field to 24 hour mode to prevent JavaScript errors
$ampm_select = '<input type="hidden" name="expire_ampm" value=""' . XHTML . '>';
}
$story_templates->set_var('expireampm_selection', $ampm_select);
$month_options = COM_getMonthFormOptions($story->EditElements('expire_month'));
$story_templates->set_var('expire_month_options', $month_options);
$day_options = COM_getDayFormOptions($story->EditElements('expire_day'));
$story_templates->set_var('expire_day_options', $day_options);
$year_options = COM_getYearFormOptions($story->EditElements('expire_year'));
$story_templates->set_var('expire_year_options', $year_options);
if ($_CONF['hour_mode'] == 24) {
$hour_options = COM_getHourFormOptions($story->EditElements('expire_hour'), 24);
} else {
$hour_options = COM_getHourFormOptions($expire_hour);
}
$story_templates->set_var('expire_hour_options', $hour_options);
$minute_options = COM_getMinuteFormOptions($story->EditElements('expire_minute'));
$story_templates->set_var('expire_minute_options', $minute_options);
$story_templates->set_var('expire_date_explanation', $LANG24[46]);
$story_templates->set_var('story_unixstamp', $story->EditElements('expirestamp'));
$atopic = DB_getItem($_TABLES['topics'], 'tid', "archive_flag = 1");
$have_archive_topic = empty($atopic) ? false : true;
if ($story->EditElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE) {
$story_templates->set_var('is_checked2', 'checked="checked"');
$story_templates->set_var('is_checked3', 'checked="checked"');
$js_showarchivedisabled = 'false';
$have_archive_topic = true;
// force display of auto archive option
} elseif ($story->EditElements('statuscode') == STORY_DELETE_ON_EXPIRE) {
$story_templates->set_var('is_checked2', 'checked="checked"');
$story_templates->set_var('is_checked4', 'checked="checked"');
if (!$have_archive_topic) {
$story_templates->set_var('is_checked3', 'style="display:none;"');
}
$js_showarchivedisabled = 'false';
} else {
if (!$have_archive_topic) {
$story_templates->set_var('is_checked3', 'style="display:none;"');
}
$js_showarchivedisabled = 'true';
}
$story_templates->set_var('lang_archivetitle', $LANG24[58]);
$story_templates->set_var('lang_option', $LANG24[59]);
$story_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
$story_templates->set_var('lang_story_stats', $LANG24[87]);
if ($have_archive_topic) {
$story_templates->set_var('lang_optionarchive', $LANG24[61]);
} else {
$story_templates->set_var('lang_optionarchive', '');
}
$story_templates->set_var('lang_optiondelete', $LANG24[62]);
$story_templates->set_var('lang_title', $LANG_ADMIN['title']);
$story_templates->set_var('story_title', $story->EditElements('title'));
$story_templates->set_var('lang_page_title', $LANG_ADMIN['page_title']);
$story_templates->set_var('page_title', $story->EditElements('page_title'));
$story_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
$story_templates->set_var('meta_description', $story->EditElements('meta_description'));
$story_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
$story_templates->set_var('meta_keywords', $story->EditElements('meta_keywords'));
if ($_CONF['meta_tags'] > 0) {
$story_templates->set_var('hide_meta', '');
} else {
$story_templates->set_var('hide_meta', ' style="display:none;"');
}
$story_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
if ($mode == 'preview') {
$tlist = TOPIC_getTopicSelectionControl('article', '', false, true, true);
} else {
$tlist = TOPIC_getTopicSelectionControl('article', $oldsid, false, true, true);
}
if (empty($tlist)) {
$display .= COM_showMessage(101);
return $display;
}
$story_templates->set_var('topic_selection', $tlist);
$story_templates->set_var('lang_show_topic_icon', $LANG24[56]);
if ($story->EditElements('show_topic_icon') == 1) {
$story_templates->set_var('show_topic_icon_checked', 'checked="checked"');
} else {
$story_templates->set_var('show_topic_icon_checked', '');
}
$story_templates->set_var('lang_cachetime', $LANG24['cache_time']);
$story_templates->set_var('lang_cachetime_desc', $LANG24['cache_time_desc']);
$story_templates->set_var('cache_time', $story->EditElements('cache_time'));
$story_templates->set_var('lang_draft', $LANG24[34]);
if ($story->EditElements('draft_flag')) {
$story_templates->set_var('is_checked', 'checked="checked"');
}
$story_templates->set_var('lang_mode', $LANG24[3]);
$story_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $story->EditElements('statuscode')));
$story_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $story->EditElements('commentcode')));
$story_templates->set_var('trackback_options', COM_optionList($_TABLES['trackbackcodes'], 'code,name', $story->EditElements('trackbackcode')));
// comment expire
$story_templates->set_var('lang_cmt_disable', $LANG24[63]);
if ($story->EditElements('cmt_close')) {
$story_templates->set_var('is_checked5', 'checked="checked"');
$js_showcmtclosedisabled = 'false';
} else {
$js_showcmtclosedisabled = 'true';
}
$month_options = COM_getMonthFormOptions($story->EditElements('cmt_close_month'));
$story_templates->set_var('cmt_close_month_options', $month_options);
$day_options = COM_getDayFormOptions($story->EditElements('cmt_close_day'));
$story_templates->set_var('cmt_close_day_options', $day_options);
// ensure that the year dropdown includes the close year
$endtm = mktime(0, 0, 0, date('m'), date('d') + $_CONF['article_comment_close_days'], date('Y'));
$yoffset = date('Y', $endtm) - date('Y');
$close_year = $story->EditElements('cmt_close_year');
if ($yoffset < -1) {
$year_options = COM_getYearFormOptions($close_year, $yoffset);
} elseif ($yoffset > 5) {
$year_options = COM_getYearFormOptions($close_year, -1, $yoffset);
} else {
$year_options = COM_getYearFormOptions($close_year);
}
$story_templates->set_var('cmt_close_year_options', $year_options);
$cmt_close_ampm = '';
$cmt_close_hour = $story->EditElements('cmt_close_hour');
//correct hour
if ($cmt_close_hour >= 12) {
if ($cmt_close_hour > 12) {
$cmt_close_hour = $cmt_close_hour - 12;
}
$ampm = 'pm';
} else {
$ampm = 'am';
}
$ampm_select = COM_getAmPmFormSelection('cmt_close_ampm', $ampm);
if (empty($ampm_select)) {
// have a hidden field to 24 hour mode to prevent JavaScript errors
$ampm_select = '<input type="hidden" name="cmt_close_ampm" value=""' . XHTML . '>';
}
$story_templates->set_var('cmt_close_ampm_selection', $ampm_select);
if ($_CONF['hour_mode'] == 24) {
$hour_options = COM_getHourFormOptions($story->EditElements('cmt_close_hour'), 24);
} else {
$hour_options = COM_getHourFormOptions($cmt_close_hour);
}
$story_templates->set_var('cmt_close_hour_options', $hour_options);
$minute_options = COM_getMinuteFormOptions($story->EditElements('cmt_close_minute'));
$story_templates->set_var('cmt_close_minute_options', $minute_options);
$story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
$featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
} else {
$featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"" . XHTML . ">";
}
$story_templates->set_var('featured_options', $featured_options);
$story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
$story_templates->set_var('story_introtext', $story->EditElements('introtext'));
$story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
$story_templates->set_var('lang_introtext', $LANG24[16]);
$story_templates->set_var('lang_bodytext', $LANG24[17]);
$story_templates->set_var('lang_postmode', $LANG24[4]);
$story_templates->set_var('lang_publishoptions', $LANG24[76]);
$story_templates->set_var('noscript', COM_getNoScript(false, $LANG24[77], sprintf($LANG24[78], $_CONF['site_admin_url'], $sid)));
$postmode = $story->EditElements('postmode');
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
$postmode = '';
}
}
$post_options = COM_optionList($_TABLES['postmodes'], 'code,name', $postmode);
$postmode_list = 'plaintext,html';
// If Advanced Mode - add post option and set default if editing story created with Advanced Editor
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
$postmode_list .= ',adveditor';
if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
$post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
} else {
$post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
}
}
if ($_CONF['wikitext_editor']) {
$postmode_list .= ',wikitext';
if ($story->EditElements('postmode') == 'wikitext') {
$post_options .= '<option value="wikitext" selected="selected">' . $LANG24[88] . '</option>';
} else {
$post_options .= '<option value="wikitext">' . $LANG24[88] . '</option>';
}
}
$story_templates->set_var('post_options', $post_options);
$postmode_array = explode(',', $postmode_list);
$allowed_html = '';
foreach ($postmode_array as $pm) {
$allowed_html .= COM_allowedHTML('story.edit', false, 1, $pm);
}
$allowed_tags = array('code', 'raw');
if ($_CONF['allow_page_breaks'] == 1) {
$allowed_tags = array_merge($allowed_tags, array('page_break'));
}
$allowed_html .= COM_allowedAutotags(false, $allowed_tags);
$story_templates->set_var('lang_allowed_html', $allowed_html);
$fileinputs = '';
$saved_images = '';
if ($_CONF['maximagesperarticle'] > 0) {
$story_templates->set_var('lang_images', $LANG24[47]);
$icount = DB_count($_TABLES['article_images'], 'ai_sid', $story->getSid());
if ($icount > 0) {
$result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . $story->getSid() . "'");
for ($z = 1; $z <= $icount; $z++) {
$I = DB_fetchArray($result_articles);
$saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . ' ' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']"' . XHTML . '><br' . XHTML . '>';
}
}
$newallowed = $_CONF['maximagesperarticle'] - $icount;
for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
$fileinputs .= $z . ') <input type="file" dir="ltr" name="file' . $z . '"' . XHTML . '>';
if ($z < $_CONF['maximagesperarticle']) {
$fileinputs .= '<br' . XHTML . '>';
}
}
$fileinputs .= '<br' . XHTML . '>' . $LANG24[51];
if ($_CONF['allow_user_scaling'] == 1) {
$fileinputs .= $LANG24[27];
}
$fileinputs .= $LANG24[28] . '<br' . XHTML . '>';
}
// Add JavaScript
$_SCRIPTS->setJavaScriptFile('story_editor', '/javascript/story_editor.js');
if ($_CONF['titletoid']) {
$_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
$story_templates->set_var('titletoid', true);
}
$_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
// Loads jQuery UI datepicker and timepicker-addon
$_SCRIPTS->setJavaScriptLibrary('jquery.ui.slider');
// $_SCRIPTS->setJavaScriptLibrary('jquery.ui.button');
$_SCRIPTS->setJavaScriptLibrary('jquery.ui.datepicker');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-i18n');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon-i18n');
// $_SCRIPTS->setJavaScriptLibrary('jquery-ui-slideraccess');
$_SCRIPTS->setJavaScriptFile('datetimepicker', '/javascript/datetimepicker.js');
$langCode = COM_getLangIso639Code();
$toolTip = $MESSAGE[118];
$imgUrl = $_CONF['site_url'] . '/images/calendar.png';
$_SCRIPTS->setJavaScript("jQuery(function () {" . " geeklog.hour_mode = {$_CONF['hour_mode']};" . " geeklog.datetimepicker.set('publish', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . " geeklog.datetimepicker.set('expire', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . " geeklog.datetimepicker.set('cmt_close', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . "});", TRUE, TRUE);
// Setup Advanced Editor
COM_setupAdvancedEditor('/javascript/storyeditor_adveditor.js');
$story_templates->set_var('saved_images', $saved_images);
$story_templates->set_var('image_form_elements', $fileinputs);
$story_templates->set_var('lang_hits', $LANG24[18]);
$story_templates->set_var('story_hits', $story->EditElements('hits'));
$story_templates->set_var('lang_comments', $LANG24[19]);
$story_templates->set_var('story_comments', $story->EditElements('comments'));
$story_templates->set_var('lang_trackbacks', $LANG24[29]);
$story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
$story_templates->set_var('lang_emails', $LANG24[39]);
$story_templates->set_var('story_emails', $story->EditElements('numemails'));
if ($mode == 'clone') {
$story_templates->set_var('story_id', COM_makesid());
} else {
$story_templates->set_var('story_id', $story->getSid());
$story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
}
$story_templates->set_var('lang_sid', $LANG24[12]);
$story_templates->set_var('lang_save', $LANG_ADMIN['save']);
$story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
$story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
$story_templates->set_var('gltoken_name', CSRF_TOKEN);
$token = SEC_createToken();
$story_templates->set_var('gltoken', $token);
$story_templates->parse('output', 'editor');
$display .= COM_startBlock($LANG24[5], '', COM_getBlockTemplate('_admin_block', 'header'));
$display .= SEC_getTokenExpiryNotice($token, $LANG24[91]);
$display .= $story_templates->finish($story_templates->get_var('output'));
$display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $display;
}
/**
* Send an email to the buyer
*
* @param string $status Order status (pending, paid, etc.)
* @param string $msg Optional message to include with email
*/
public function Notify($status = '', $gw_msg = '')
{
global $_CONF, $_PP_CONF, $_TABLES;
// Check if we're supposed to send a notification
if ($this->uid != 1 && $_PP_CONF['purch_email_user'] || $this->uid == 1 && $_PP_CONF['purch_email_anon']) {
PAYPAL_debug("Sending email to " . $this->uid);
// setup templates
$message = new Template(PAYPAL_PI_PATH . '/templates');
$message->set_file(array('subject' => 'purchase_email_subject.txt', 'msg_admin' => 'purchase_email_admin.txt', 'msg_user' => 'purchase_email_user.txt', 'msg_body' => 'purchase_email_body.txt'));
// Add all the items to the message
$total = (double) 0;
// Track total purchase value
$files = array();
// Array of filenames, for attachments
$num_format = "%5.2f";
$item_total = 0;
$have_physical = 0;
// Assume no physical items.
$dl_links = '';
// Start with empty download links
USES_paypal_class_product();
foreach ($this->items as $id => $item) {
if (!PAYPAL_is_plugin_item($item['product_id'])) {
$P = new Product($item['product_id']);
if ($P->prod_type & PP_PROD_PHYSICAL == PP_PROD_PHYSICAL) {
$have_physical = 1;
}
// Add the file to the filename array, if any. Download
// links are only included if the order status is 'paid'
$file = $P->file;
if (!empty($file) && $this->status == 'paid') {
$files[] = $file;
$dl_url = PAYPAL_URL . '/download.php?';
// There should always be a token, but fall back to the
// product ID if there isn't
if (!empty($item['token'])) {
$dl_url .= 'token=' . urlencode($item['token']);
} else {
$dl_url .= 'id=' . $item['item_number'];
}
$dl_links .= "<a href=\"{$dl_url}\">{$dl_url}</a><br />";
}
}
$ext = (double) $item['quantity'] * (double) $item['price'];
$item_total += $ext;
$item_descr = isset($item['description']) ? $item['description'] : $item['descrip'];
//$message->set_block('message', 'ItemList', 'List');
$opts = json_decode($item['options_text'], true);
if ($opts) {
foreach ($opts as $opt_text) {
$options_text .= " -- {$opt_text}<br />";
}
}
$message->set_block('msg_body', 'ItemList', 'List');
$message->set_var(array('qty' => $item['quantity'], 'price' => sprintf($num_format, $item['price']), 'ext' => sprintf($num_format, $ext), 'name' => $item_descr, 'options_text' => $options_text));
//PAYPAL_debug("Qty: {$item['quantity']} : Amount: {$item['price']} : Name: {$item['name']}", 'debug_ipn');
$message->parse('List', 'ItemList', true);
}
// Determine if files will be attached to this message based on
// global config and whether there are actually any files to
// attach. Affects the 'files' flag in the email template and
// which email function is used.
if ((is_numeric($this->uid) && $this->uid != 1 && $_PP_CONF['purch_email_user_attach'] || (!is_numeric($this->uid) || $this->uid == 1) && $_PP_CONF['purch_email_anon_attach']) && count($files) > 0) {
$do_send_attachments = true;
} else {
$do_send_attachments = false;
}
$total_amount = $item_total + $this->tax + $this->shipping + $this->handling;
$user_name = COM_getDisplayName($this->uid);
if ($this->billto_name == '') {
$this->billto_name = $user_name;
}
$message->set_var(array('payment_gross' => sprintf($num_format, $total_amount), 'payment_items' => sprintf($num_format, $item_total), 'tax' => sprintf($num_format, $this->tax), 'shipping' => sprintf($num_format, $this->shipping), 'handling' => sprintf($num_format, $this->handling), 'payment_date' => $_PP_CONF['now']->toMySQL(true), 'payer_email' => $this->buyer_email, 'payer_name' => $this->billto_name, 'site_name' => $_CONF['site_name'], 'txn_id' => $this->pmt_txn_id, 'pi_url' => PAYPAL_URL, 'pi_admin_url' => PAYPAL_ADMIN_URL, 'dl_links' => $dl_links, 'files' => $do_send_attachments ? 'true' : '', 'buyer_uid' => $this->uid, 'user_name' => $user_name, 'gateway_name' => $this->pmt_method, 'pending' => $this->status == 'pending' ? 'true' : '', 'gw_msg' => $gw_msg, 'status' => $this->status, 'order_instr' => $this->instructions));
// parse templates for subject/text
$subject = trim($message->parse('output', 'subject'));
$message->set_var('purchase_details', $message->parse('detail', 'msg_body'));
$user_text = $message->parse('user_out', 'msg_user');
$admin_text = $message->parse('admin_out', 'msg_admin');
if ($this->buyer_email != '') {
// if specified to mail attachment, do so, otherwise skip
// attachment
if ($do_send_attachments) {
// Make sure plugin functions are available
USES_paypal_functions();
PAYPAL_mailAttachment($this->buyer_email, $subject, $user_text, $_CONF['site_email'], true, 0, '', '', $files);
} else {
// Otherwise send a standard notification
COM_emailNotification(array('to' => array($this->buyer_email), 'from' => $_CONF['site_mail'], 'htmlmessage' => $user_text, 'subject' => $subject));
}
}
// Send a notification to the administrator, new purchases only
if ($status == '') {
if ($_PP_CONF['purch_email_admin'] == 2 || $have_physical && $_PP_CONF['purch_email_admin'] == 1) {
PAYPAL_debug('Sending email to Admin');
$email_addr = empty($_PP_CONF['admin_email_addr']) ? $_CONF['site_mail'] : $_PP_CONF['admin_email_addr'];
COM_emailNotification(array('to' => array($email_addr), 'from' => $_CONF['noreply_mail'], 'htmlmessage' => $admin_text, 'subject' => $subject));
}
}
}
}
/**
* Show topic administration form
*
* @param string tid ID of topic to edit
* @return string HTML for the topic editor
*/
function edittopic($tid = '')
{
global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG04, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS;
$retval = '';
if (empty($tid)) {
// new topic - set defaults
$A = array('tid' => '', 'topic' => '', 'sortnum' => 0, 'parent_id' => TOPIC_ROOT, 'inherit' => 1, 'hidden' => 0, 'limitnews' => '', 'is_default' => 0, 'archive_flag' => 0);
} else {
$result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access == 0 || $access == 2) {
$retval .= COM_showMessageText($LANG27[13], $LANG27[12]);
COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
return $retval;
}
}
$token = SEC_createToken();
$retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= SEC_getTokenExpiryNotice($token);
if (!is_array($A) || empty($A['owner_id'])) {
$A['owner_id'] = $_USER['uid'];
// this is the one instance where we default the group
// most topics should belong to the Topic Admin group
if (isset($_GROUPS['Topic Admin'])) {
$A['group_id'] = $_GROUPS['Topic Admin'];
} else {
$A['group_id'] = SEC_getFeatureGroup('topic.edit');
}
SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']);
$access = 3;
}
$topic_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/topic');
$topic_templates->set_file('editor', 'topiceditor.thtml');
if (!empty($tid) && SEC_hasRights('topic.edit')) {
$delButton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsConfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$topic_templates->set_var('delete_option', sprintf($delButton, $jsConfirm));
$topic_templates->set_var('delete_option_no_confirmation', sprintf($delButton, ''));
$topic_templates->set_var('allow_delete', true);
$topic_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
$topic_templates->set_var('confirm_message', $MESSAGE[76]);
$topic_templates->set_var('warning_msg', $LANG27[6]);
}
if ($_CONF['titletoid'] && empty($tid)) {
$_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
$topic_templates->set_var('titletoid', true);
}
$topic_templates->set_var('lang_topicid', $LANG27[2]);
$topic_templates->set_var('topic_id', $A['tid']);
$topic_templates->set_var('lang_parent_id', $LANG27[32]);
$topic_templates->set_var('parent_id_options', TOPIC_getTopicListSelect($A['parent_id'], 1, false, $A['tid'], true));
$topic_templates->set_var('lang_inherit', $LANG27[33]);
$topic_templates->set_var('lang_inherit_info', $LANG27[34]);
if ($A['inherit'] == 1) {
$topic_templates->set_var('inherit_checked', 'checked="checked"');
} else {
$topic_templates->set_var('inherit_checked', '');
}
$topic_templates->set_var('lang_hidden', $LANG27[35]);
$topic_templates->set_var('lang_hidden_info', $LANG27[36]);
if ($A['hidden'] == 1) {
$topic_templates->set_var('hidden_checked', 'checked="checked"');
} else {
$topic_templates->set_var('hidden_checked', '');
}
$topic_templates->set_var('lang_donotusespaces', $LANG27[5]);
$topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($A['owner_id']);
$topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
$topic_templates->set_var('owner_name', $ownername);
$topic_templates->set_var('owner', $ownername);
$topic_templates->set_var('owner_id', $A['owner_id']);
$topic_templates->set_var('lang_group', $LANG_ACCESS['group']);
$topic_templates->set_var('lang_save', $LANG_ADMIN['save']);
$topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
$topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']);
$topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
$topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
// show sort order only if they specified sortnum as the sort method
if ($_CONF['sortmethod'] !== 'alpha') {
$topic_templates->set_var('lang_sortorder', $LANG27[10]);
if ($A['sortnum'] == 0) {
$A['sortnum'] = '';
}
$topic_templates->set_var('sort_order', '<input type="text" size="5" maxlength="5" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
} else {
$topic_templates->set_var('lang_sortorder', $LANG27[14]);
$topic_templates->set_var('sort_order', $LANG27[15] . '<input type="hidden" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
}
$topic_templates->set_var('lang_storiesperpage', $LANG27[11]);
if ($A['limitnews'] == 0) {
$topic_templates->set_var('story_limit', '');
} else {
$topic_templates->set_var('story_limit', $A['limitnews']);
}
$topic_templates->set_var('default_limit', $_CONF['limitnews']);
$topic_templates->set_var('lang_defaultis', $LANG27[16]);
$topic_templates->set_var('lang_topicname', $LANG27[3]);
$topic_templates->set_var('topic_name', htmlspecialchars(stripslashes($A['topic']), ENT_QUOTES, COM_getEncodingt()));
if (empty($A['tid'])) {
$A['imageurl'] = '/images/topics/';
}
$topic_templates->set_var('lang_topicimage', $LANG27[4]);
$topic_templates->set_var('lang_uploadimage', $LANG27[27]);
$topic_templates->set_var('lang_maxsize', $LANG27[28]);
$topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']);
$topic_templates->set_var('max_url_length', 255);
$topic_templates->set_var('image_url', $A['imageurl']);
if (empty($_CONF['image_lib'])) {
$scaling = $LANG04[162];
} else {
$scaling = $LANG04[161];
}
$topic_templates->set_var('icon_max_dimensions', sprintf($LANG04[160], $_CONF['max_topicicon_width'], $_CONF['max_topicicon_height'], $_CONF['max_topicicon_size'], $scaling));
$topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
$topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
if (!empty($A['meta_description'])) {
$topic_templates->set_var('meta_description', $A['meta_description']);
}
if (!empty($A['meta_keywords'])) {
$topic_templates->set_var('meta_keywords', $A['meta_keywords']);
}
if ($_CONF['meta_tags'] > 0) {
$topic_templates->set_var('hide_meta', '');
} else {
$topic_templates->set_var('hide_meta', ' style="display:none;"');
}
$topic_templates->set_var('lang_defaulttopic', $LANG27[22]);
$topic_templates->set_var('lang_defaulttext', $LANG27[23]);
if ($A['is_default'] == 1) {
$topic_templates->set_var('default_checked', 'checked="checked"');
} else {
$topic_templates->set_var('default_checked', '');
}
$topic_templates->set_var('lang_archivetopic', $LANG27[25]);
$topic_templates->set_var('lang_archivetext', $LANG27[26]);
$topic_templates->set_var('archive_disabled', '');
if ($A['archive_flag'] == 1) {
$topic_templates->set_var('archive_checked', 'checked="checked"');
} else {
$topic_templates->set_var('archive_checked', '');
// Only 1 topic can be the archive topic - so check if there already is one
if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) {
$topic_templates->set_var('archive_disabled', 'disabled');
}
}
if (empty($tid)) {
$num_stories = $LANG_ADMIN['na'];
} else {
$nResult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND ta.tid = '" . DB_escapeString($tid) . "'" . COM_getPermSql('AND'));
$N = DB_fetchArray($nResult);
$num_stories = COM_numberFormat($N['count']);
}
$topic_templates->set_var('lang_num_stories', $LANG27[30]);
$topic_templates->set_var('num_stories', $num_stories);
$topic_templates->set_var('gltoken_name', CSRF_TOKEN);
$topic_templates->set_var('gltoken', $token);
$topic_templates->parse('output', 'editor');
$retval .= $topic_templates->finish($topic_templates->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* This function used to send out reminders to users to access the site or account may be deleted
*
* @return string HTML with success or error message
*
*/
function batchreminders()
{
global $_CONF, $_TABLES, $LANG04, $LANG28;
$msg = '';
$user_list = array();
if (isset($_POST['delitem'])) {
$user_list = $_POST['delitem'];
}
if (count($user_list) == 0) {
$msg = $LANG28[79] . '<br' . XHTML . '>';
}
$c = 0;
if (isset($_POST['delitem']) and is_array($_POST['delitem'])) {
foreach ($_POST['delitem'] as $delitem) {
$userid = COM_applyFilter($delitem);
$useremail = DB_getItem($_TABLES['users'], 'email', "uid = '{$userid}'");
$username = DB_getItem($_TABLES['users'], 'username', "uid = '{$userid}'");
$lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '{$userid}'");
$lasttime = COM_getUserDateTimeFormat($lastlogin);
if (file_exists($_CONF['path_data'] . 'reminder_email.txt')) {
$template = COM_newTemplate($_CONF['path_data']);
$template->set_file(array('mail' => 'reminder_email.txt'));
$template->set_var('site_name', $_CONF['site_name']);
$template->set_var('site_slogan', $_CONF['site_slogan']);
$template->set_var('lang_username', $LANG04[2]);
$template->set_var('username', $username);
$template->set_var('name', COM_getDisplayName($uid));
$template->set_var('lastlogin', $lasttime[0]);
$template->parse('output', 'mail');
$mailtext = $template->finish($template->get_var('output'));
} else {
if ($lastlogin == 0) {
$mailtext = $LANG28[83] . "\n\n";
} else {
$mailtext = sprintf($LANG28[82], $lasttime[0]) . "\n\n";
}
$mailtext .= sprintf($LANG28[84], $username) . "\n";
$mailtext .= sprintf($LANG28[85], $_CONF['site_url'] . '/users.php?mode=getpassword') . "\n\n";
}
$subject = sprintf($LANG28[81], $_CONF['site_name']);
if ($_CONF['site_mail'] !== $_CONF['noreply_mail']) {
$mailfrom = $_CONF['noreply_mail'];
$mailtext .= LB . LB . $LANG04[159];
} else {
$mailfrom = $_CONF['site_mail'];
}
if (COM_mail($useremail, $subject, $mailtext, $mailfrom)) {
DB_query("UPDATE {$_TABLES['users']} SET num_reminders=num_reminders+1 WHERE uid={$userid}");
$c++;
} else {
COM_errorLog("Error attempting to send account reminder to use:{$username} ({$userid})");
}
}
}
// Since this function is used for deletion only, its necessary to say that
// zero where deleted instead of just leaving this message away.
COM_numberFormat($c);
// just in case we have more than 999)..
$msg .= "{$LANG28[80]}: {$c}<br" . XHTML . ">\n";
return $msg;
}
/**
* Display fields for the RSVP admin list
*
* @param string $fieldname Name of field
* @param mixed $fieldvalue Value of field
* @param array $A Array of all fields ($name=>$value)
* @param array $icon_arr Handy array of icon images
* @return string Field value formatted for display
*/
function EVLIST_getField_rsvp($fieldname, $fieldvalue, $A, $icon_arr)
{
global $_CONF, $LANG_ACCESS, $LANG_ADMIN;
USES_class_date();
$retval = '';
switch ($fieldname) {
case 'tic_count':
if ($fieldvalue <= $A['max_rsvp']) {
$retval = '';
} else {
$retval = 'Yes';
}
break;
case 'uid':
$retval = COM_getDisplayName($fieldvalue);
break;
case 'rank':
if ($fieldvalue > $A['max_signups']) {
$retval = 'Yes';
} else {
$retval = 'No';
}
break;
case 'dt':
case 'used':
if ($fieldvalue > 0) {
$d = new Date($fieldvalue, $_CONF['timezone']);
$retval = $d->format($_CONF['shortdate'] . ' ' . $_CONF['timeformat'], false);
} else {
$retval = '';
}
break;
default:
$retval = $fieldvalue;
break;
}
return $retval;
}
/**
* Show topic administration form
*
* @param string tid ID of topic to edit
* @return string HTML for the topic editor
*
*/
function edittopic($tid = '')
{
global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
$retval = '';
if (empty($tid)) {
// new topic - set defaults
$A = array();
$A['tid'] = '';
$A['topic'] = '';
$A['sortnum'] = 0;
$A['limitnews'] = '';
// leave empty!
$A['is_default'] = 0;
$A['archive_flag'] = 0;
} else {
$result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access == 0 or $access == 2) {
$retval .= COM_startBlock($LANG27[12], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $LANG27[13];
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
return $retval;
}
}
$token = SEC_createToken();
$retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= SEC_getTokenExpiryNotice($token);
if (!is_array($A) || empty($A['owner_id'])) {
$A['owner_id'] = $_USER['uid'];
// this is the one instance where we default the group
// most topics should belong to the Topic Admin group
if (isset($_GROUPS['Topic Admin'])) {
$A['group_id'] = $_GROUPS['Topic Admin'];
} else {
$A['group_id'] = SEC_getFeatureGroup('topic.edit');
}
SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']);
$access = 3;
}
$topic_templates = new Template($_CONF['path_layout'] . 'admin/topic');
$topic_templates->set_file('editor', 'topiceditor.thtml');
$topic_templates->set_var('xhtml', XHTML);
$topic_templates->set_var('site_url', $_CONF['site_url']);
$topic_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
$topic_templates->set_var('layout_url', $_CONF['layout_url']);
if (!empty($tid) && SEC_hasRights('topic.edit')) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$topic_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$topic_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
$topic_templates->set_var('warning_msg', $LANG27[6]);
}
$topic_templates->set_var('lang_topicid', $LANG27[2]);
$topic_templates->set_var('topic_id', $A['tid']);
$topic_templates->set_var('lang_donotusespaces', $LANG27[5]);
$topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($A['owner_id']);
$topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
$topic_templates->set_var('owner_name', $ownername);
$topic_templates->set_var('owner', $ownername);
$topic_templates->set_var('owner_id', $A['owner_id']);
$topic_templates->set_var('lang_group', $LANG_ACCESS['group']);
$topic_templates->set_var('lang_save', $LANG_ADMIN['save']);
$topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
$topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']);
$topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
$topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
// show sort order only if they specified sortnum as the sort method
if ($_CONF['sortmethod'] != 'alpha') {
$topic_templates->set_var('lang_sortorder', $LANG27[10]);
if ($A['sortnum'] == 0) {
$A['sortnum'] = '';
}
$topic_templates->set_var('sort_order', '<input type="text" size="3" maxlength="3" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
} else {
$topic_templates->set_var('lang_sortorder', $LANG27[14]);
$topic_templates->set_var('sort_order', $LANG27[15]);
}
$topic_templates->set_var('lang_storiesperpage', $LANG27[11]);
if ($A['limitnews'] == 0) {
$topic_templates->set_var('story_limit', '');
} else {
$topic_templates->set_var('story_limit', $A['limitnews']);
}
$topic_templates->set_var('default_limit', $_CONF['limitnews']);
$topic_templates->set_var('lang_defaultis', $LANG27[16]);
$topic_templates->set_var('lang_topicname', $LANG27[3]);
$topic_templates->set_var('topic_name', stripslashes($A['topic']));
if (empty($A['tid'])) {
$A['imageurl'] = '/images/topics/';
}
$topic_templates->set_var('lang_topicimage', $LANG27[4]);
$topic_templates->set_var('lang_uploadimage', $LANG27[27]);
$topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']);
$topic_templates->set_var('lang_maxsize', $LANG27[28]);
$topic_templates->set_var('max_url_length', 255);
$topic_templates->set_var('image_url', $A['imageurl']);
$topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
$topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
if (!empty($A['meta_description'])) {
$topic_templates->set_var('meta_description', $A['meta_description']);
}
if (!empty($A['meta_keywords'])) {
$topic_templates->set_var('meta_keywords', $A['meta_keywords']);
}
$topic_templates->set_var('lang_defaulttopic', $LANG27[22]);
$topic_templates->set_var('lang_defaulttext', $LANG27[23]);
if ($A['is_default'] == 1) {
$topic_templates->set_var('default_checked', 'checked="checked"');
} else {
$topic_templates->set_var('default_checked', '');
}
$topic_templates->set_var('lang_archivetopic', $LANG27[25]);
$topic_templates->set_var('lang_archivetext', $LANG27[26]);
$topic_templates->set_var('archive_disabled', '');
if ($A['archive_flag'] == 1) {
$topic_templates->set_var('archive_checked', 'checked="checked"');
} else {
$topic_templates->set_var('archive_checked', '');
// Only 1 topic can be the archive topic - so check if there already is one
if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) {
$topic_templates->set_var('archive_disabled', 'disabled');
}
}
if (empty($tid)) {
$num_stories = $LANG_ADMIN['na'];
} else {
$nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE tid = '" . addslashes($tid) . "'" . COM_getPermSql('AND'));
$N = DB_fetchArray($nresult);
$num_stories = COM_numberFormat($N['count']);
}
$topic_templates->set_var('lang_num_stories', $LANG27[30]);
$topic_templates->set_var('num_stories', $num_stories);
$topic_templates->set_var('gltoken_name', CSRF_TOKEN);
$topic_templates->set_var('gltoken', $token);
$topic_templates->parse('output', 'editor');
$retval .= $topic_templates->finish($topic_templates->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
function processDetailGetOutstandingTasks($project_id, &$template)
{
global $_TABLES, $CONF_NF, $usermodeUID;
// Retrieve any Outstanding Tasks
// Determine the unique process id's for this project
$sql = "SELECT wf_process_id,related_processes FROM {$_TABLES['nf_projects']} WHERE id='{$project_id}'";
$query = DB_QUERY($sql);
$A = DB_fetchArray($query);
if ($A['related_processes'] != '') {
$projectProcesses = explode(',', $A['related_processes']);
} else {
$projectProcesses = array();
}
array_push($projectProcesses, $A['wf_process_id']);
// Check and see if there are any child process of this parent process - will if this is a regenerated process
$A['wf_process_id'] = NXCOM_filterInt($A['wf_process_id']);
$query = DB_query("SELECT id FROM {$_TABLES['nf_process']} WHERE pid={$A['wf_process_id']}");
while ($P = DB_fetchArray($query)) {
array_push($projectProcesses, $P['id']);
}
$cid = 1;
if (count($projectProcesses > 0)) {
foreach ($projectProcesses as $process_id) {
// Get tasks that have assignment by variable
$template->set_var('taskuser', $usermodeUID);
$template->set_var('user_options', nf_listUsers());
if ($process_id > 0) {
$sql = "SELECT distinct a.id, a.nf_processID,d.taskname, d.nf_templateID, a.status, a.archived, ";
$sql .= "a.createdDate, c.uid, c.nf_processVariable, a.nf_templateDataID FROM {$_TABLES['nf_queue']} a ";
$sql .= "LEFT JOIN {$_TABLES['nf_templateassignment']} b ON a.nf_templateDataID = b.nf_templateDataID ";
$sql .= "LEFT JOIN {$_TABLES['nf_productionassignments']} c ON c.task_id = a.id ";
$sql .= "LEFT JOIN {$_TABLES['nf_templatedata']} d on a.nf_templateDataID = d.id ";
$sql .= "WHERE a.nf_processID = '{$process_id}' AND (a.archived IS NULL OR a.archived = 0)";
$sql .= "ORDER BY a.id";
$q2 = DB_query($sql);
while ($B = DB_fetchArray($q2, false)) {
if ($B['nf_processVariable'] == '') {
continue;
}
$template->set_var('taskassign_mode', 'variable');
$template->set_var('otaskid', $B['id']);
if (SEC_hasRights('nexflow.edit')) {
$template->set_var('otask_span', 1);
$template->set_var('show_otaskaction', '');
} else {
$template->set_var('otask_span', 2);
$template->set_var('show_otaskaction', 'none');
}
$template->set_var('otask_user', COM_getDisplayName($B['uid']));
$template->set_var('otask_name', $B['taskname']);
$template->set_var('otask_date', $B['createdDate']);
$template->set_var('otask_id', $B['id']);
$template->set_var('variable_id', $B['nf_processVariable']);
if ($cid == 1) {
$template->parse('outstandingtask_records', 'outstandingtasks');
} else {
$template->parse('outstandingtask_records', 'outstandingtasks', true);
}
$cid++;
}
// while
}
}
}
}
/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @param int $user User ID of profile to get
* @param int $msg Message to display (if != 0)
* @return string HTML for user profile page
*
*/
function userprofile($user, $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG_LOGIN;
$retval = '';
if (empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
$retval .= COM_siteHeader('menu');
$retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$login = new Template($_CONF['path_layout'] . 'submit');
$login->set_file(array('login' => 'submitloginrequired.thtml'));
$login->set_var('xhtml', XHTML);
$login->set_var('login_message', $LANG_LOGIN[2]);
$login->set_var('site_url', $_CONF['site_url']);
$login->set_var('site_admin_url', $_CONF['site_admin_url']);
$login->set_var('layout_url', $_CONF['layout_url']);
$login->set_var('lang_login', $LANG_LOGIN[3]);
$login->set_var('lang_newuser', $LANG_LOGIN[4]);
$login->parse('output', 'login');
$retval .= $login->finish($login->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
return $retval;
}
$result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = {$user}");
$nrows = DB_numRows($result);
if ($nrows == 0) {
// no such user
return COM_refresh($_CONF['site_url'] . '/index.php');
}
$A = DB_fetchArray($result);
$display_name = COM_getDisplayName($user, $A['username'], $A['fullname']);
// format date/time to user preference
$curtime = COM_getUserDateTimeFormat($A['regdate']);
$A['regdate'] = $curtime[0];
$user_templates = new Template($_CONF['path_layout'] . 'users');
$user_templates->set_file(array('profile' => 'profile.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
$user_templates->set_var('xhtml', XHTML);
$user_templates->set_var('site_url', $_CONF['site_url']);
$user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
$user_templates->set_var('end_block', COM_endBlock());
$user_templates->set_var('lang_username', $LANG04[2]);
if ($_CONF['show_fullname'] == 1) {
$user_templates->set_var('username', $A['fullname']);
$user_templates->set_var('user_fullname', $A['username']);
} else {
$user_templates->set_var('username', $A['username']);
$user_templates->set_var('user_fullname', $A['fullname']);
}
if (SEC_hasRights('user.edit')) {
global $_IMAGE_TYPE, $LANG_ADMIN;
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>';
$edit_link_url = COM_createLink($edit_icon, "{$_CONF['site_admin_url']}/user.php?mode=edit&uid={$A['uid']}");
$user_templates->set_var('edit_link', $edit_link_url);
}
$photo = USER_getPhoto($user, $A['photo'], $A['email'], -1);
$user_templates->set_var('user_photo', $photo);
$user_templates->set_var('lang_membersince', $LANG04[67]);
$user_templates->set_var('user_regdate', $A['regdate']);
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('user_id', $user);
$user_templates->set_var('lang_sendemail', $LANG04[81]);
$user_templates->set_var('lang_homepage', $LANG04[6]);
$user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
$user_templates->set_var('lang_location', $LANG04[106]);
$user_templates->set_var('user_location', strip_tags($A['location']));
$user_templates->set_var('lang_bio', $LANG04[7]);
$user_templates->set_var('user_bio', nl2br(stripslashes($A['about'])));
$user_templates->set_var('lang_pgpkey', $LANG04[8]);
$user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
$user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
$user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
$user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
$user_templates->set_var('lang_title', $LANG09[16]);
$user_templates->set_var('lang_date', $LANG09[17]);
// for alternative layouts: use these as headlines instead of block titles
$user_templates->set_var('headline_last10stories', $LANG04[82]);
$user_templates->set_var('headline_last10comments', $LANG04[10]);
$user_templates->set_var('headline_postingstats', $LANG04[83]);
$result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$nrows = DB_numRows($result);
$tids = array();
for ($i = 0; $i < $nrows; $i++) {
$T = DB_fetchArray($result);
$tids[] = $T['tid'];
}
$topics = "'" . implode("','", $tids) . "'";
// list of last 10 stories by this user
if (count($tids) > 0) {
$sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
} else {
$nrows = 0;
}
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
$user_templates->set_var('article_url', $articleUrl);
$C['title'] = str_replace('$', '$', $C['title']);
$user_templates->set_var('story_title', COM_createLink(stripslashes($C['title']), $articleUrl, array('class' => 'b')));
$storytime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('story_date', $storytime[0]);
$user_templates->parse('story_row', 'strow', true);
}
} else {
$user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
}
// list of last 10 comments by this user
$sidArray = array();
if (count($tids) > 0) {
// first, get a list of all stories the current visitor has access to
$sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$result = DB_query($sql);
$numsids = DB_numRows($result);
for ($i = 1; $i <= $numsids; $i++) {
$S = DB_fetchArray($result);
$sidArray[] = $S['sid'];
}
}
$sidList = implode("', '", $sidArray);
$sidList = "'{$sidList}'";
// then, find all comments by the user in those stories
$sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = {$user}) GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
// SQL NOTE: Using a HAVING clause is usually faster than a where if the
// field is part of the select
// if (!empty ($sidList)) {
// $sql .= " AND (sid in ($sidList))";
// }
if (!empty($sidList)) {
$sql .= " HAVING sid in ({$sidList})";
}
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$comment_url = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $C['cid'];
$C['title'] = str_replace('$', '$', $C['title']);
$user_templates->set_var('comment_title', COM_createLink(stripslashes($C['title']), $comment_url, array('class' => 'b')));
$commenttime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('comment_date', $commenttime[0]);
$user_templates->parse('comment_row', 'row', true);
}
} else {
$user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
}
// posting stats for this user
$user_templates->set_var('lang_number_stories', $LANG04[84]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = {$user}) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_stories', COM_numberFormat($N['count']));
$user_templates->set_var('lang_number_comments', $LANG04[85]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = {$user})";
if (!empty($sidList)) {
$sql .= " AND (sid in ({$sidList}))";
}
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_comments', COM_numberFormat($N['count']));
$user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
// Call custom registration function if enabled and exists
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
$user_templates->set_var('customfields', CUSTOM_userDisplay($user));
}
PLG_profileVariablesDisplay($user, $user_templates);
$user_templates->parse('output', 'profile');
$retval .= $user_templates->finish($user_templates->get_var('output'));
$retval .= PLG_profileBlocksDisplay($user);
return $retval;
}
/**
* Create "What's Related" links for a story
* Creates an HTML-formatted list of links to be used for the What's Related
* block next to a story (in article view).
*
* @param string $related contents of gl_stories 'related' field
* @param int $uid user id of the author
* @param int $sid story id
* @return string HTML-formatted list of links
*/
function STORY_whatsRelated($related, $uid, $sid)
{
global $_CONF, $_TABLES, $LANG24;
// Is it enabled?
// Disabled' => 0, 'Enabled' => 1, 'Enabled (No Links)' => 2, 'Enabled (No Outbound Links)' => 3
if ($_CONF['whats_related']) {
// get the links from the story text
if ($_CONF['whats_related'] != 2) {
if (!empty($related)) {
$rel = explode("\n", $related);
} else {
$rel = array();
}
// Used to hunt out duplicates. Stores urls that have already passed filters
$urls = array();
foreach ($rel as $key => &$value) {
if (preg_match("/<a[^>]*href=[\"']([^\"']*)[\"'][^>]*>(.*?)<\\/a>/i", $value, $matches) === 1) {
// Go through array and remove links with no link text except link. Since a max of only 23 characters of link text showen then compare only this
if (substr($matches[1], 0, 23) != substr($matches[2], 0, 23)) {
// Check if outbound links (if needed)
$passd_check = false;
if ($_CONF['whats_related'] == 3) {
// no outbound links
if ($_CONF['site_url'] == substr($matches[1], 0, strlen($_CONF['site_url']))) {
$passd_check = true;
}
} else {
$passd_check = true;
}
if ($passd_check) {
// Go through array and remove any duplicates of this link
if (in_array($matches[1], $urls)) {
// remove it from the array
unset($rel[$key]);
} else {
$urls[] = $matches[1];
// Now Check Words
$value = '<a href="' . $matches[1] . '">' . COM_checkWords($matches[2], 'story') . '</a>';
}
} else {
// remove it from the array
unset($rel[$key]);
}
} else {
// remove it from the array
unset($rel[$key]);
}
} else {
$value = COM_checkWords($value, 'story');
}
}
}
$topics = array();
if (!COM_isAnonUser() || $_CONF['loginrequired'] == 0 && $_CONF['searchloginrequired'] == 0) {
// add a link to "search by author"
if ($_CONF['contributedbyline'] == 1) {
$author = $LANG24[37] . ' ' . COM_getDisplayName($uid);
if ($_CONF['whats_related_trim'] > 0 && MBYTE_strlen($author) > $_CONF['whats_related_trim']) {
$author = substr($author, 0, $_CONF['whats_related_trim'] - 3) . '...';
}
$topics[] = "<a href=\"{$_CONF['site_url']}/search.php?mode=search&type=stories&author={$uid}\">{$author}</a>";
}
// Retrieve topics
$tids = TOPIC_getTopicIdsForObject('article', $sid, 0);
foreach ($tids as $tid) {
// add a link to "search by topic"
$topic = $LANG24[38] . ' ' . stripslashes(DB_getItem($_TABLES['topics'], 'topic', "tid = '{$tid}'"));
// trim topics if needed
if ($_CONF['whats_related_trim'] > 0 && MBYTE_strlen($topic) > $_CONF['whats_related_trim']) {
$topic = substr($topic, 0, $_CONF['whats_related_trim'] - 3) . '...';
}
$topics[] = '<a href="' . $_CONF['site_url'] . '/search.php?mode=search&type=stories&topic=' . $tid . '">' . $topic . '</a>';
}
}
// If line limit then split between related links and topics
if ($_CONF['whats_related_max'] > 0) {
if ($_CONF['whats_related_max'] < 3) {
$rel = array();
// Reset related links so at least user search and default topic search is displayed
$topics = array_slice($topics, 0, 2);
} else {
$rel_max_num_items = intval($_CONF['whats_related_max'] / 2);
$topic_max_num_items = $rel_max_num_items;
if ($rel_max_num_items + $topic_max_num_items != $_CONF['whats_related_max']) {
$topic_max_num_items = $topic_max_num_items + 1;
}
// Now check if we have enough topics to display else give it to links
$topic_num_items = count($topics);
$rel_num_items = count($rel);
$added_flag = false;
if ($topic_num_items < $topic_max_num_items) {
$rel_max_num_items = $rel_max_num_items + ($topic_max_num_items - $topic_num_items);
$added_flag = true;
}
if (!$added_flag && $rel_num_items < $rel_max_num_items) {
$topic_max_num_items = $topic_max_num_items + ($rel_max_num_items - $rel_num_items);
}
$rel = array_slice($rel, 0, $rel_max_num_items);
$topics = array_slice($topics, 0, $topic_max_num_items);
}
}
$result = array_merge($rel, $topics);
$related = '';
if (count($result) > 0) {
$related = COM_makeList($result, 'list-whats-related');
}
} else {
$related = '';
}
return $related;
}
function listNewDownloads()
{
global $_CONF, $_FM_CONF, $_TABLES, $_TABLES, $myts, $eh, $mytree, $filemgmt_FileStore, $filemgmt_FileStoreURL, $filemgmt_FileSnapURL, $LANG_FM02;
// List downloads waiting for validation
$sql = "SELECT lid, cid, title, url, homepage, version, size, logourl, submitter, comments, platform ";
$sql .= "FROM {$_TABLES['filemgmt_filedetail']} where status=0 ORDER BY date DESC";
$result = DB_query($sql);
$numrows = DB_numRows($result);
$display = COM_siteHeader('menu');
// $display .= COM_startBlock('<b>'._MD_ADMINTITLE.'</b>');
$display .= filemgmt_navbar($LANG_FM02['nav4']);
$i = 1;
if ($numrows > 0) {
$display .= '<table width="100%" border="0" class="plugin">';
$display .= '<tr><td width="100%" class="pluginHeader" style="padding:5px;">' . _MD_DLSWAITING . " ({$numrows})</td></tr>";
while (list($lid, $cid, $title, $url, $homepage, $version, $size, $logourl, $submitter, $comments, $tmpnames) = DB_fetchArray($result)) {
$result2 = DB_query("SELECT description FROM {$_TABLES['filemgmt_filedesc']} WHERE lid='" . DB_escapeString($lid) . "'");
list($description) = DB_fetchArray($result2);
$title = $myts->makeTboxData4Edit($title);
$url = rawurldecode($myts->makeTboxData4Edit($url));
$logourl = rawurldecode($myts->makeTboxData4Edit($logourl));
$homepage = $myts->makeTboxData4Edit($homepage);
$version = $myts->makeTboxData4Edit($version);
$size = $myts->makeTboxData4Edit($size);
$description = $myts->makeTareaData4Edit($description);
$tmpfilenames = explode(";", $tmpnames);
$tempfileurl = $filemgmt_FileStoreURL . 'tmp/' . $tmpfilenames[0];
$tempfilepath = $filemgmt_FileStore . 'tmp/' . $tmpfilenames[0];
if (isset($tmpfilenames[1]) and $tmpfilenames[1] != '') {
$tempsnapurl = $filemgmt_FileSnapURL . 'tmp/' . $tmpfilenames[1];
} else {
$tempsnapurl = '';
}
$display .= '<tr><td>';
$display .= '<form action="index.php" method="post" enctype="multipart/form-data" style="margin:0px;">';
$display .= '<table width="100%" border="0" class="plugin">';
$display .= '<tr><td align="right" style="white-space:nowrap;">' . _MD_SUBMITTER . '</td><td>';
$display .= '<a href="' . $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $submitter . '">' . COM_getDisplayName($submitter) . '</a>';
$display .= '</td></tr>';
$display .= '<tr><td align="right" style="white-space:nowrap;">' . _MD_FILETITLE . '</td><td>';
$display .= '<input type="text" name="title" size="50" maxlength="100" value="' . $title . '" />';
$display .= '</td></tr><tr><td align="right" style="white-space:nowrap;">' . _MD_DLFILENAME . '</td><td>';
$display .= '<input type="text" name="url" size="50" maxlength="250" value="' . $url . '" />';
$display .= '</td></tr>';
$display .= '<tr><td align="right" style="white-space:nowrap;">' . _MD_CATEGORYC . '</td><td>';
$display .= $mytree->makeMySelBox('title', 'title', $cid);
$display .= '</td></tr>';
$display .= '<tr><td align="right" style="white-space:nowrap;">' . _MD_HOMEPAGEC . '</td><td>';
$display .= '<input type="text" name="homepage" size="50" maxlength="100" value="' . $homepage . '" /></td></tr>';
$display .= '<tr><td align="right">' . _MD_VERSIONC . '</td><td>';
$display .= '<input type="text" name="version" size="10" maxlength="10" value="' . $version . '" /></td></tr>';
$display .= '<tr><td align="right">' . _MD_FILESIZEC . '</td><td>';
$display .= '<input type="text" name="size" size="10" maxlength="8" value="' . $size . '" disabled="disabled" /> ' . _MD_BYTES . '</td></tr>';
$display .= '<tr><td align="right" style="vertical-align:top;white-space:nowrap;">' . _MD_DESCRIPTIONC . '</td><td>';
$display .= '<textarea name=description cols="60" rows="5">' . $description . '</textarea>';
$display .= '</td></tr>';
$display .= '<tr><td align="right" style="white-space:nowrap;">' . _MD_SHOTIMAGE . '</td><td>';
$display .= '<input type="text" name="logourl" size="50" maxlength="250" value="' . $logourl . '" />';
if ($tempsnapurl != '') {
$display .= '<span style="padding-left:20px;"><a href="' . $tempsnapurl . '">Preview</a></span>';
}
$display .= '</td></tr>';
$display .= '<tr><td></td><td>';
$display .= '</td></tr><tr><td style="white-space:nowrap;" align="right">' . _MD_COMMENTOPTION . '</td><td>';
if ($comments) {
$display .= '<input type="radio" name="commentoption" value="1" checked="checked" /> ' . _MD_YES . ' ';
$display .= '<input type="radio" name="commentoption" value="0" /> ' . _MD_NO . ' ';
} else {
$display .= '<input type="radio" name="commentoption" value="1" /> ' . _MD_YES . ' ';
$display .= '<input type="radio" name="commentoption" value="0" checked="checked" /> ' . _MD_NO . ' ';
}
$display .= '</td></tr>';
$display .= '<tr><td style="text-align:right;padding:10px;">';
$display .= '<input type="submit" onclick=\'this.form.op.value="delNewDownload"\' value="Delete" />';
$display .= '<input type="hidden" name="op" value="" />';
$display .= '<input type="hidden" name="lid" value="' . $lid . '" />';
$display .= '<span style="padding-left:10px;">';
$display .= '<input type="submit" value="' . _MD_APPROVE . '" onclick=\'this.form.op.value="approve"\' /></span>';
if ($_FM_CONF['outside_webroot'] == 1) {
$display .= '</td><td style="padding:10px;">Download to preview: <a href="' . $_CONF['site_url'] . '/filemgmt/visit.php?tid=' . $lid . '">tempfile</a></td></tr>';
} else {
$display .= '</td><td style="padding:10px;">Download to preview: <a href="' . $tempfileurl . '">tempfile</a></td></tr>';
}
if ($numrows > 1 and $i < $numrows) {
$i++;
}
$display .= '</table></form></td></tr>';
}
$display .= '</table>';
} else {
$display .= '<div style="padding:20px">' . _MD_NOSUBMITTED . '</div>';
}
$display .= COM_endBlock();
$display .= COM_siteFooter();
echo $display;
}
function PAGE_getListField($fieldname, $fieldvalue, $A, $icon_arr, $token)
{
global $_CONF, $_USER, $LANG_ADMIN, $LANG_STATIC, $LANG_ACCESS, $_TABLES;
$retval = '';
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
$enabled = $A['sp_status'] == 1 ? true : false;
$dt = new Date('now', $_USER['tzid']);
switch ($fieldname) {
case 'edit':
if ($access == 3) {
$attr['title'] = $LANG_ADMIN['edit'];
$retval = COM_createLink($icon_arr['edit'], $_CONF['site_admin_url'] . '/plugins/staticpages/index.php' . '?edit=x&sp_id=' . $A['sp_id'], $attr);
} else {
$retval = $icon_arr['blank'];
}
break;
case 'copy':
if ($access >= 2) {
$attr['title'] = $LANG_ADMIN['copy'];
$retval = COM_createLink($icon_arr['copy'], $_CONF['site_admin_url'] . '/plugins/staticpages/index.php' . '?clone=x&sp_id=' . $A['sp_id'], $attr);
} else {
$retval = $icon_arr['blank'];
}
break;
case "sp_title":
$sp_title = $A['sp_title'];
if ($enabled) {
$url = COM_buildUrl($_CONF['site_url'] . '/page.php?page=' . $A['sp_id']);
$retval = COM_createLink($sp_title, $url, array('title' => $LANG_STATIC['title_display']));
} else {
$retval = '<span class="disabledfield">' . $sp_title . '</span>';
}
break;
case 'access':
if ($access == 3) {
$privs = $LANG_ACCESS['edit'];
} else {
$privs = $LANG_ACCESS['readonly'];
}
$retval = $enabled ? $privs : '<span class="disabledfield">' . $privs . '</span>';
break;
case "sp_uid":
$owner = COM_getDisplayName($A['sp_uid']);
$retval = $enabled ? $owner : '<span class="disabledfield">' . $owner . '</span>';
break;
case "sp_centerblock":
if ($A['sp_centerblock']) {
switch ($A['sp_where']) {
case '1':
$where = $LANG_STATIC['centerblock_top'];
break;
case '2':
$where = $LANG_STATIC['centerblock_feat'];
break;
case '3':
$where = $LANG_STATIC['centerblock_bottom'];
break;
default:
$where = $LANG_STATIC['centerblock_entire'];
break;
}
} else {
$where = $LANG_STATIC['centerblock_no'];
}
$retval = $enabled ? $where : '<span class="disabledfield">' . $where . '</span>';
break;
case "unixdate":
$dt->setTimestamp($A['unixdate']);
$datetime = $dt->format($_CONF['daytime'], true);
$retval = $enabled ? $datetime : '<span class="disabledfield">' . $datetime . '</span>';
break;
case 'delete':
if ($access == 3) {
$attr['title'] = $LANG_ADMIN['delete'];
$attr['onclick'] = "return confirm('" . $LANG_STATIC['delete_confirm'] . "');";
$retval = COM_createLink($icon_arr['delete'], $_CONF['site_admin_url'] . '/plugins/staticpages/index.php' . '?delete=x&sp_id=' . $A['sp_id'] . '&' . CSRF_TOKEN . '=' . $token, $attr);
} else {
$retval = $icon_arr['blank'];
}
break;
case 'sp_status':
if ($access == 3) {
if ($enabled) {
$switch = ' checked="checked"';
$title = 'title="' . $LANG_ADMIN['disable'] . '" ';
} else {
$title = 'title="' . $LANG_ADMIN['enable'] . '" ';
$switch = '';
}
$retval = '<input class="sp-enabler" type="checkbox" name="enabledstaticpages[' . $A['sp_id'] . ']" ' . $title . 'onclick="submit()" value="1"' . $switch . '/>';
$retval .= '<input type="hidden" name="sp_idarray[' . $A['sp_id'] . ']" value="1" />';
} else {
$retval = $enabled ? $LANG_ACCESS['yes'] : $LANG_ACCESS['No'];
}
break;
default:
$retval = $enabled ? $fieldvalue : '<span class="disabledfield">' . $fieldvalue . '</span>';
break;
}
return $retval;
}
/**
* Display an ad's detail
* @param string $ad_id ID of ad to display
*/
function adDetail($ad_id = '')
{
global $_USER, $_TABLES, $_CONF, $LANG_ADVT, $_CONF_ADVT;
USES_lib_comments();
// Determind if this is an administrator
$admin = SEC_hasRights($_CONF_ADVT['pi_name'] . '.admin');
$ad_id = COM_sanitizeID($ad_id);
if ($ad_id == '') {
// An ad id is required for this function
return CLASSIFIEDS_errorMsg($LANG_ADVT['missing_id'], 'alert');
}
$srchval = isset($_GET['query']) ? trim($_GET['query']) : '';
// We use this in a few places here, so might as well just
// figure it out once and save it.
$perm_sql = COM_getPermSQL('AND', 0, 2, 'ad') . ' ' . COM_getPermSQL('AND', 0, 2, 'cat');
// get the ad information.
$sql = "SELECT ad.*\n FROM {$_TABLES['ad_ads']} ad\n LEFT JOIN {$_TABLES['ad_category']} cat\n ON ad.cat_id = cat.cat_id\n WHERE ad_id='{$ad_id}'";
if (!$admin) {
$sql .= $perm_sql;
}
$result = DB_query($sql);
if (!$result || DB_numRows($result) < 1) {
return CLASSIFIEDS_errorMsg($LANG_ADVT['no_ad_found'], 'note', 'Oops...');
}
$ad = DB_fetchArray($result, false);
// Check access to the ad. If granted, check that access isn't
// blocked by any category.
$my_access = CLASSIFIEDS_checkAccess($ad['ad_id'], $ad);
if ($my_access >= 2) {
$my_cat_access = CLASSIFIEDS_checkCatAccess($ad['cat_id'], false);
if ($my_cat_access < $my_access) {
$my_access = $my_cat_access;
}
}
if ($my_access < 2) {
return CLASSIFIEDS_errorMsg($LANG_ADVT['no_permission'], 'alert', $LANG_ADVT['access_denied']);
}
$cat = (int) $ad['cat_id'];
// Increment the views counter
$sql = "UPDATE {$_TABLES['ad_ads']} \n SET views = views + 1 \n WHERE ad_id='{$ad_id}'";
DB_query($sql);
// Get the previous and next ads
$condition = " AND ad.cat_id={$cat}";
if (!$admin) {
$condition .= $perm_sql;
}
$sql = "SELECT ad_id\n FROM {$_TABLES['ad_ads']} ad\n LEFT JOIN {$_TABLES['ad_category']} cat\n ON ad.cat_id = cat.cat_id\n WHERE ad_id < '{$ad_id}' \n {$condition}\n ORDER BY ad_id DESC\n LIMIT 1";
$r = DB_query($sql);
list($preAd_id) = DB_fetchArray($r, false);
$sql = "SELECT ad_id\n FROM {$_TABLES['ad_ads']} ad\n LEFT JOIN {$_TABLES['ad_category']} cat\n ON ad.cat_id = cat.cat_id\n WHERE ad_id > '{$ad_id}' \n {$condition}\n ORDER BY ad_id ASC\n LIMIT 1";
$r = DB_query($sql);
list($nextAd_id) = DB_fetchArray($r, false);
// Get the user contact info. If none, just show the email link
$sql = "SELECT * \n FROM {$_TABLES['ad_uinfo']} \n WHERE uid='{$ad['uid']}'";
//echo $sql;
$result = DB_query($sql);
$uinfo = array();
if ($result && DB_numRows($result) > 0) {
$uinfo = DB_fetchArray($result);
} else {
$uinfo['uid'] = '';
$uinfo['address'] = '';
$uinfo['city'] = '';
$uinfo['state'] = '';
$uinfo['postal'] = '';
$uinfo['tel'] = '';
$uinfo['fax'] = '';
}
// Get the hot results (most viewed ads)
$time = time();
$sql = "SELECT ad.ad_id, ad.cat_id, ad.subject,\n cat.cat_id, cat.fgcolor, cat.bgcolor\n FROM {$_TABLES['ad_ads']} ad\n LEFT JOIN {$_TABLES['ad_category']} cat\n ON ad.cat_id = cat.cat_id\n WHERE ad.exp_date > {$time} \n {$perm_sql}\n ORDER BY views DESC \n LIMIT 4";
//echo $sql;die;
$hotresult = DB_query($sql);
// convert line breaks & others to html
$patterns = array('/\\n/');
$replacements = array('<br />');
$ad['descript'] = PLG_replaceTags(COM_checkHTML($ad['descript']));
$ad['descript'] = preg_replace($patterns, $replacements, $ad['descript']);
$ad['subject'] = strip_tags($ad['subject']);
$ad['price'] = strip_tags($ad['price']);
$ad['url'] = COM_sanitizeUrl($ad['url']);
$ad['keywords'] = strip_tags($ad['keywords']);
// Highlight search terms, if any
if ($srchval != '') {
$ad['subject'] = COM_highlightQuery($ad['subject'], $srchval);
$ad['descript'] = COM_highlightQuery($ad['descript'], $srchval);
}
$detail = new Template(CLASSIFIEDS_PI_PATH . '/templates');
$detail->set_file('detail', 'detail.thtml');
if ($admin) {
$base_url = CLASSIFIEDS_ADMIN_URL . '/index.php';
$del_link = $base_url . '?delete=ad&ad_id=' . $ad_id;
$edit_link = $base_url . '?edit=ad&ad_id=' . $ad_id;
} else {
$base_url = CLASSIFIEDS_URL . '/index.php';
$del_link = $base_url . '?mode=Delete&id=' . $ad_id;
$edit_link = $base_url . '?mode=editad&id=' . $ad_id;
}
// Set up the "add days" form if this user is the owner
// or an admin
if ($my_access == 3) {
// How many days has the ad run?
$max_add_days = CLASSIFIEDS_calcMaxAddDays(($ad['exp_date'] - $ad['add_date']) / 86400);
if ($max_add_days > 0) {
$detail->set_var('max_add_days', $max_add_days);
}
}
if ($ad['exp_date'] < $time) {
$detail->set_var('is_expired', 'true');
}
USES_classifieds_class_category();
$detail->set_var(array('base_url' => $base_url, 'edit_link' => $edit_link, 'del_link' => $del_link, 'curr_loc' => adCategory::BreadCrumbs($cat, true), 'subject' => $ad['subject'], 'add_date' => date($_CONF['shortdate'], $ad['add_date']), 'exp_date' => date($_CONF['shortdate'], $ad['exp_date']), 'views_no' => $ad['views'], 'descript' => $ad['descript'], 'ad_type' => CLASSIFIEDS_getAdTypeString($ad['ad_type']), 'uinfo_address' => $uinfo['address'], 'uinfo_city' => $uinfo['city'], 'uinfo_state' => $uinfo['state'], 'uinfo_postcode' => $uinfo['postcode'], 'uinfo_tel' => $uinfo['tel'], 'uinfo_fax' => $uinfo['fax'], 'price' => $ad['price'], 'ad_id' => $ad_id, 'ad_url' => $ad['url'], 'username' => $_CONF_ADVT['disp_fullname'] == 1 ? COM_getDisplayName($ad['uid']) : DB_getItem($_TABLES['users'], 'username', "uid={$ad['uid']}"), 'fgcolor' => $ad['fgcolor'], 'bgcolor' => $ad['bgcolor'], 'cat_id' => $ad['cat_id']));
// Display a link to email the poster, or other message as needed
$emailfromuser = DB_getItem($_TABLES['userprefs'], 'emailfromuser', "uid={$ad['uid']}");
if ($_CONF['emailuserloginrequired'] == 1 && COM_isAnonUser() || $emailfromuser < 1) {
$detail->set_var('ad_uid', '');
} else {
$detail->set_var('ad_uid', $ad['uid']);
}
if ($my_access == 3) {
$detail->set_var('have_userlinks', 'true');
if ($admin || $_CONF_ADVT['usercanedit'] == 1) {
$detail->set_var('have_editlink', 'true');
} else {
$detail->set_var('have_editlink', '');
}
} else {
$detail->set_var('have_userlinks', '');
}
// Retrieve the photos and put into the template
$sql = "SELECT photo_id, filename\n FROM {$_TABLES['ad_photo']} \n WHERE ad_id='{$ad_id}'";
$photo = DB_query($sql);
$photo_detail = '';
$detail->set_var('have_photo', '');
// assume no photo available
if ($photo && DB_numRows($photo) >= 1) {
while ($prow = DB_fetchArray($photo)) {
$img_small = LGLIB_ImageUrl(CLASSIFIEDS_IMGPATH . '/' . $prow['filename'], $_CONF_ADVT['detail_img_width']);
$img_disp = CLASSIFIEDS_dispUrl($prow['filename']);
if (!empty($img_small)) {
$detail->set_block('detail', 'PhotoBlock', 'PBlock');
$detail->set_var(array('tn_width' => $_CONF_ADVT['detail_img_width'], 'small_url' => $img_small, 'disp_url' => $img_disp));
$detail->parse('PBlock', 'PhotoBlock', true);
$detail->set_var('have_photo', 'true');
}
}
}
if (DB_count($_TABLES['ad_ads'], 'owner_id', (int) $ad['owner_id']) > 1) {
$detail->set_var('byposter_url', CLASSIFIEDS_URL . '/index.php?' . "page=byposter&uid={$ad['owner_id']}");
}
// Show previous and next ads
if ($preAd_id != '') {
$detail->set_var('previous', '<a href="' . CLASSIFIEDS_makeURL('detail', $preAd_id) . "\"><<</a>");
}
if ($nextAd_id != '') {
$detail->set_var('next', '<a href="' . CLASSIFIEDS_makeURL('detail', $nextAd_id) . "\"> >></a>");
}
// Show the "hot results"
$hot_data = '';
if ($hotresult) {
$detail->set_block('detail', 'HotBlock', 'HBlock');
while ($hotrow = DB_fetchArray($hotresult)) {
$detail->set_var(array('hot_title' => $hotrow['subject'], 'hot_url' => CLASSIFIEDS_makeURL('detail', $hotrow['ad_id']), 'hot_cat' => displayCat($hotrow['cat_id'])));
/*$hot_data .= "<tr><td class=\"hottitle\"><a href=\"" .
CLASSIFIEDS_makeURL('detail', $hotrow['ad_id']) .
"\">{$hotrow['subject']}</a></small></td>\n";
$hot_data .= "<td class=\"hotcat\">( " . displayCat($hotrow['cat_id']) .
" )</td></tr>\n";*/
}
$detail->parse('HBlock', 'HotBlock', true);
}
$detail->set_var('whats_hot_row', $hot_data);
// Show the user comments
if (plugin_commentsupport_classifieds() && $ad['comments_enabled'] < 2) {
$detail->set_var('usercomments', CMT_userComments($ad_id, $ad['subject'], 'classifieds', '', '', 0, 1, false, false, $ad['comments_enabled']));
//$detail->set_var('usercomments', CMT_userComments($ad_id, $subject,
// 'classifieds'));
}
$detail->parse('output', 'detail');
$display = $detail->finish($detail->get_var('output'));
return $display;
}
function links_edit_category($cid, $pid)
{
global $_CONF, $_TABLES, $_USER, $MESSAGE, $LANG_LINKS_ADMIN, $LANG_ADMIN, $LANG_ACCESS, $_LI_CONF;
$retval = '';
$cid = addslashes($cid);
if (!empty($pid)) {
// have parent id, so making a new subcategory
// get parent access rights
$result = DB_query("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['linkcategories']} WHERE cid='" . addslashes($pid) . "'");
$A = DB_fetchArray($result);
$A['owner_id'] = $_USER['uid'];
$A['pid'] = $pid;
} elseif (!empty($cid)) {
// have category id, so editing a category
$sql = "SELECT * FROM {$_TABLES['linkcategories']} WHERE cid='{$cid}'" . COM_getPermSQL('AND');
$result = DB_query($sql);
$A = DB_fetchArray($result);
} else {
// nothing, so making a new top-level category
// get default access rights
$A['group_id'] = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Links Admin'");
SEC_setDefaultPermissions($A, $_LI_CONF['category_permissions']);
$A['owner_id'] = $_USER['uid'];
$A['pid'] = $_LI_CONF['root'];
}
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access < 3) {
return COM_showMessage(6, 'links');
}
$token = SEC_createToken();
$retval .= COM_startBlock($LANG_LINKS_ADMIN[56], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= SEC_getTokenExpiryNotice($token);
$T = new Template($_CONF['path'] . 'plugins/links/templates/admin');
$T->set_file(array('page' => 'categoryeditor.thtml'));
$T->set_var('xhtml', XHTML);
$T->set_var('site_url', $_CONF['site_url']);
$T->set_var('site_admin_url', $_CONF['site_admin_url']);
$T->set_var('layout_url', $_CONF['layout_url']);
$T->set_var('lang_pagetitle', $LANG_LINKS_ADMIN[28]);
$T->set_var('lang_link_list', $LANG_LINKS_ADMIN[53]);
$T->set_var('lang_new_link', $LANG_LINKS_ADMIN[51]);
$T->set_var('lang_validate_links', $LANG_LINKS_ADMIN[26]);
$T->set_var('lang_list_categories', $LANG_LINKS_ADMIN[50]);
$T->set_var('lang_new_category', $LANG_LINKS_ADMIN[52]);
$T->set_var('lang_admin_home', $LANG_ADMIN['admin_home']);
$T->set_var('instructions', $LANG_LINKS_ADMIN[29]);
$T->set_var('lang_category', $LANG_LINKS_ADMIN[30]);
$T->set_var('lang_cid', $LANG_LINKS_ADMIN[32]);
$T->set_var('lang_description', $LANG_LINKS_ADMIN[31]);
$T->set_var('lang_topic', $LANG_LINKS_ADMIN[33]);
$T->set_var('lang_parent', $LANG_LINKS_ADMIN[34]);
$T->set_var('lang_save', $LANG_ADMIN['save']);
if (!empty($cid)) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$T->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$T->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
} else {
$T->set_var('delete_option', '');
}
$T->set_var('lang_cancel', $LANG_ADMIN['cancel']);
if (!empty($cid)) {
$T->set_var('cid_value', $A['cid']);
$T->set_var('old_cid_value', $A['cid']);
$T->set_var('category_options', links_select_box(3, $A['pid']));
$T->set_var('category_value', $A['category']);
$T->set_var('description_value', $A['description']);
} else {
$A['cid'] = COM_makeSid();
$T->set_var('cid_value', $A['cid']);
$T->set_var('old_cid_value', '');
$T->set_var('category_options', links_select_box(3, $A['pid']));
$T->set_var('category_value', '');
$T->set_var('description_value', '');
}
if (!isset($A['tid'])) {
$A['tid'] = 'all';
}
$topics = COM_topicList('tid,topic', $A['tid'], 1, true);
$T->set_var('topic_list', $topics);
$alltopics = '<option value="all"';
if ($A['tid'] == 'all') {
$alltopics .= ' selected="selected"';
}
$alltopics .= '>' . $LANG_LINKS_ADMIN[35] . '</option>' . LB;
$T->set_var('topic_selection', '<select name="tid">' . $alltopics . $topics . '</select>');
if (empty($cid)) {
$num_links = $LANG_ADMIN['na'];
} else {
$nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['links']} WHERE cid='{$cid}'" . COM_getPermSQL('AND'));
$N = DB_fetchArray($nresult);
$num_links = COM_numberFormat($N['count']);
}
$T->set_var('lang_num_links', $LANG_LINKS_ADMIN[61]);
$T->set_var('num_links', $num_links);
// user access info
$T->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$T->set_var('lang_owner', $LANG_ACCESS['owner']);
$T->set_var('owner_name', COM_getDisplayName($A['owner_id']));
$T->set_var('cat_ownerid', $A['owner_id']);
$T->set_var('lang_group', $LANG_ACCESS['group']);
$T->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
$T->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$T->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']);
$T->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$T->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
$T->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$T->set_var('lang_lockmsg', $LANG_ACCESS['permmsg']);
$T->set_var('gltoken_name', CSRF_TOKEN);
$T->set_var('gltoken', $token);
$T->parse('output', 'page');
$retval .= $T->finish($T->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Shows poll editor
*
* Diplays the poll editor form
*
* @param string $pid ID of poll to edit
* @return string HTML for poll editor form
*
*/
function editpoll($pid = '')
{
global $_CONF, $_PO_CONF, $_GROUPS, $_TABLES, $_USER, $LANG25, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $LANG_POLLS;
$retval = '';
if (!empty($pid)) {
$topic = DB_query("SELECT * FROM {$_TABLES['polltopics']} WHERE pid='{$pid}'");
$T = DB_fetchArray($topic);
// Get permissions for poll
$access = SEC_hasAccess($T['owner_id'], $T['group_id'], $T['perm_owner'], $T['perm_group'], $T['perm_members'], $T['perm_anon']);
if ($access == 0 or $access == 2) {
// User doesn't have access...bail
$retval .= COM_startBlock($LANG25[21], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $LANG25[22];
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
COM_accessLog("User {$_USER['username']} tried to illegally submit or edit poll {$pid}.");
return $retval;
}
}
// writing the menu on top
require_once $_CONF['path_system'] . 'lib-admin.php';
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/polls/index.php', 'text' => $LANG_ADMIN['list_all']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$token = SEC_createToken();
$retval .= COM_startBlock($LANG25[5], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG_POLLS['editinstructions'], plugin_geticon_polls());
$retval .= SEC_getTokenExpiryNotice($token);
$poll_templates = new Template($_CONF['path'] . 'plugins/polls/templates/admin/');
$poll_templates->set_file(array('editor' => 'polleditor.thtml', 'question' => 'pollquestions.thtml', 'answer' => 'pollansweroption.thtml'));
$poll_templates->set_var('xhtml', XHTML);
$poll_templates->set_var('site_url', $_CONF['site_url']);
$poll_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
$poll_templates->set_var('layout_url', $_CONF['layout_url']);
if (!empty($pid) and $access == 3 and !empty($T['owner_id'])) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$poll_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$poll_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
} else {
$T['pid'] = COM_makeSid();
$T['topic'] = '';
$T['meta_description'] = '';
$T['meta_keywords'] = '';
$T['voters'] = 0;
$T['display'] = 1;
$T['is_open'] = 1;
$T['hideresults'] = 0;
$T['owner_id'] = $_USER['uid'];
if (isset($_GROUPS['Polls Admin'])) {
$T['group_id'] = $_GROUPS['Polls Admin'];
} else {
$T['group_id'] = SEC_getFeatureGroup('polls.edit');
}
SEC_setDefaultPermissions($T, $_PO_CONF['default_permissions']);
$T['statuscode'] = 0;
$T['commentcode'] = $_CONF['comment_code'];
$access = 3;
}
$poll_templates->set_var('lang_pollid', $LANG25[6]);
$poll_templates->set_var('poll_id', $T['pid']);
$poll_templates->set_var('lang_donotusespaces', $LANG25[7]);
$poll_templates->set_var('lang_topic', $LANG25[9]);
$poll_templates->set_var('poll_topic', htmlspecialchars($T['topic']));
$poll_templates->set_var('lang_mode', $LANG25[1]);
$poll_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
$poll_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
if (!empty($T['meta_description'])) {
$poll_templates->set_var('meta_description', $T['meta_description']);
}
if (!empty($T['meta_keywords'])) {
$poll_templates->set_var('meta_keywords', $T['meta_keywords']);
}
$poll_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $T['statuscode']));
$poll_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $T['commentcode']));
$poll_templates->set_var('lang_appearsonhomepage', $LANG25[8]);
$poll_templates->set_var('lang_openforvoting', $LANG25[33]);
$poll_templates->set_var('lang_hideresults', $LANG25[37]);
$poll_templates->set_var('poll_hideresults_explain', $LANG25[38]);
$poll_templates->set_var('poll_topic_info', $LANG25[39]);
if ($T['display'] == 1) {
$poll_templates->set_var('poll_display', 'checked="checked"');
}
if ($T['is_open'] == 1) {
$poll_templates->set_var('poll_open', 'checked="checked"');
}
if ($T['hideresults'] == 1) {
$poll_templates->set_var('poll_hideresults', 'checked="checked"');
}
// user access info
$poll_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$poll_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($T['owner_id']);
$poll_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$T['owner_id']}"));
$poll_templates->set_var('owner_name', $ownername);
$poll_templates->set_var('owner', $ownername);
$poll_templates->set_var('owner_id', $T['owner_id']);
$poll_templates->set_var('lang_group', $LANG_ACCESS['group']);
$poll_templates->set_var('group_dropdown', SEC_getGroupDropdown($T['group_id'], $access));
$poll_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$poll_templates->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']);
$poll_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$poll_templates->set_var('permissions_editor', SEC_getPermissionsHTML($T['perm_owner'], $T['perm_group'], $T['perm_members'], $T['perm_anon']));
$poll_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$poll_templates->set_var('lang_answersvotes', $LANG25[10]);
$poll_templates->set_var('lang_save', $LANG_ADMIN['save']);
$poll_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
// repeat for several questions
$question_sql = "SELECT question,qid " . "FROM {$_TABLES['pollquestions']} WHERE pid='{$pid}' ORDER BY qid;";
$questions = DB_query($question_sql);
include $_CONF['path_system'] . 'classes/navbar.class.php';
$navbar = new navbar();
for ($j = 0; $j < $_PO_CONF['maxquestions']; $j++) {
$display_id = $j + 1;
if ($j > 0) {
$poll_templates->set_var('style', 'style="display:none;"');
} else {
$poll_templates->set_var('style', '');
}
$navbar->add_menuitem($LANG25[31] . " {$display_id}", "showhidePollsEditorDiv(\"{$j}\",{$j},{$_PO_CONF['maxquestions']});return false;", true);
$Q = DB_fetchArray($questions);
$poll_templates->set_var('question_text', $Q['question']);
$poll_templates->set_var('question_id', $j);
$poll_templates->set_var('lang_question', $LANG25[31] . " {$display_id}");
$poll_templates->set_var('lang_saveaddnew', $LANG25[32]);
// answers
$answer_sql = "SELECT answer,aid,votes,remark " . "FROM {$_TABLES['pollanswers']} WHERE qid='{$j}' AND pid='{$pid}' ORDER BY aid";
$answers = DB_query($answer_sql);
for ($i = 0; $i < $_PO_CONF['maxanswers']; $i++) {
if (isset($answers)) {
$A = DB_fetchArray($answers);
$poll_templates->set_var('answer_text', htmlspecialchars($A['answer']));
$poll_templates->set_var('answer_votes', $A['votes']);
$poll_templates->set_var('remark_text', $A['remark']);
} else {
$poll_templates->set_var('answer_text', '');
$poll_templates->set_var('answer_votes', '');
$poll_templates->set_var('remark_text', '');
}
$poll_templates->parse('answer_option', 'answer', true);
}
$poll_templates->parse('question_list', 'question', true);
$poll_templates->clear_var('answer_option');
}
$navbar->set_selected($LANG25[31] . " 1");
$poll_templates->set_var('navbar', $navbar->generate());
$poll_templates->set_var('gltoken_name', CSRF_TOKEN);
$poll_templates->set_var('gltoken', $token);
$poll_templates->parse('output', 'editor');
$retval .= $poll_templates->finish($poll_templates->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @return string HTML for user profile page
*
*/
function userprofile()
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN;
// @param int $user User ID of profile to get
// @param int $msg Message to display (if != 0)
// @param string $plugin optional plugin name for message
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) {
$retval .= SEC_loginRequiredForm();
return $retval;
}
if (isset($_GET['uid'])) {
$user = COM_applyFilter($_GET['uid'], true);
if (!is_numeric($user) || $user < 2) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
if (isset($_GET['username'])) {
$username = $_GET['username'];
if (!USER_validateUsername($username, 1)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
if (empty($username) || $username == '') {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
$username = DB_escapeString($username);
$user = DB_getItem($_TABLES['users'], 'uid', "username = '******'");
if ($user < 2) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
}
$msg = 0;
if (isset($_GET['msg'])) {
$msg = COM_applyFilter($_GET['msg'], true);
}
$plugin = '';
if ($msg > 0 && isset($_GET['plugin'])) {
$plugin = COM_applyFilter($_GET['plugin']);
}
$result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,lastlogin,homepage,about,location,pgpkey,photo,email,status,emailfromadmin,emailfromuser,showonline FROM {$_TABLES['userinfo']},{$_TABLES['userprefs']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['userinfo']}.uid = {$_TABLES['userprefs']}.uid AND {$_TABLES['users']}.uid = " . (int) $user);
$nrows = DB_numRows($result);
if ($nrows == 0) {
// no such user
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
$A = DB_fetchArray($result);
if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights('user.edit')) {
COM_displayMessageAndAbort(30, '', 403, 'Forbidden');
}
$display_name = @htmlspecialchars(COM_getDisplayName($user, $A['username'], $A['fullname']), ENT_COMPAT, COM_getEncodingt());
if ($msg > 0) {
$retval .= COM_showMessage($msg, $plugin, '', 0, 'info');
}
// format date/time to user preference
$curtime = COM_getUserDateTimeFormat($A['regdate']);
$A['regdate'] = $curtime[0];
$user_templates = new Template($_CONF['path_layout'] . 'users');
$user_templates->set_file(array('profile' => 'profile.thtml', 'email' => 'email.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml'));
$user_templates->set_var('layout_url', $_CONF['layout_url']);
$user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name));
$user_templates->set_var('end_block', COM_endBlock());
$user_templates->set_var('lang_username', $LANG04[2]);
$user_templates->set_var('tooltip', COM_getTooltipStyle());
if ($_CONF['show_fullname'] == 1) {
if (empty($A['fullname'])) {
$username = $A['username'];
$fullname = '';
} else {
$username = $A['fullname'];
$fullname = $A['username'];
}
} else {
$username = $A['username'];
$fullname = '';
}
$username = @htmlspecialchars($username, ENT_COMPAT, COM_getEncodingt());
$fullname = @htmlspecialchars($fullname, ENT_COMPAT, COM_getEncodingt());
if ($A['status'] == USER_ACCOUNT_DISABLED) {
$username = sprintf('%s - %s', $username, $LANG28[42]);
if (!empty($fullname)) {
$fullname = sprintf('% - %s', $fullname, $LANG28[42]);
}
}
$user_templates->set_var('username', $username);
$user_templates->set_var('user_fullname', $fullname);
if (SEC_hasRights('user.edit') || isset($_USER['uid']) && $_USER['uid'] == $A['uid']) {
global $_IMAGE_TYPE, $LANG_ADMIN;
$edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '" />';
if ($_USER['uid'] == $A['uid']) {
$edit_url = "{$_CONF['site_url']}/usersettings.php";
} else {
$edit_url = "{$_CONF['site_admin_url']}/user.php?edit=x&uid={$A['uid']}";
}
$edit_link_url = COM_createLink($edit_icon, $edit_url);
$user_templates->set_var('edit_icon', $edit_icon);
$user_templates->set_var('edit_link', $edit_link_url);
$user_templates->set_var('user_edit', $edit_url);
} else {
$user_templates->set_var('user_edit', '');
}
if (isset($A['photo']) && empty($A['photo'])) {
$A['photo'] = '(none)';
// user does not have a photo
}
$lastlogin = $A['lastlogin'];
$lasttime = COM_getUserDateTimeFormat($lastlogin);
$photo = USER_getPhoto($user, $A['photo'], $A['email'], -1, 0);
$user_templates->set_var('user_photo', $photo);
$user_templates->set_var('lang_membersince', $LANG04[67]);
$user_templates->set_var('user_regdate', $A['regdate']);
if ($_CONF['lastlogin'] && $A['showonline']) {
$user_templates->set_var('lang_lastlogin', $LANG28[35]);
if (!empty($lastlogin)) {
$user_templates->set_var('user_lastlogin', $lasttime[0]);
} else {
$user_templates->set_var('user_lastlogin', $LANG28[36]);
}
}
if ($A['showonline']) {
if (DB_count($_TABLES['sessions'], 'uid', (int) $user)) {
$user_templates->set_var('online', 'online');
}
}
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('user_id', $user);
if ($A['email'] == '' || $A['emailfromuser'] == 0) {
$user_templates->set_var('email_option', '');
} else {
$user_templates->set_var('lang_sendemail', $LANG04[81]);
$user_templates->parse('email_option', 'email', true);
}
$user_templates->set_var('lang_homepage', $LANG04[6]);
$user_templates->set_var('user_homepage', COM_killJS($A['homepage']));
$user_templates->set_var('lang_location', $LANG04[106]);
$user_templates->set_var('user_location', strip_tags($A['location']));
$user_templates->set_var('lang_online', $LANG04[160]);
$user_templates->set_var('lang_bio', $LANG04[7]);
$user_templates->set_var('user_bio', nl2br($A['about']));
$user_templates->set_var('follow_me', SOC_getFollowMeIcons($user, 'follow_user_profile.thtml'));
$user_templates->set_var('lang_pgpkey', $LANG04[8]);
$user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
$user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name));
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name));
}
$user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name));
$user_templates->set_var('lang_title', $LANG09[16]);
$user_templates->set_var('lang_date', $LANG09[17]);
// for alternative layouts: use these as headlines instead of block titles
$user_templates->set_var('headline_last10stories', $LANG04[82] . ' ' . $display_name);
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('headline_last10comments', $LANG04[10] . ' ' . $display_name);
}
$user_templates->set_var('headline_postingstats', $LANG04[83] . ' ' . $display_name);
$result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$nrows = DB_numRows($result);
$tids = array();
for ($i = 0; $i < $nrows; $i++) {
$T = DB_fetchArray($result);
$tids[] = $T['tid'];
}
$topics = "'" . implode("','", $tids) . "'";
// list of last 10 stories by this user
if (sizeof($tids) > 0) {
$sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = '" . (int) $user . "') AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
} else {
$nrows = 0;
}
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $C['sid']);
$user_templates->set_var('article_url', $articleUrl);
$C['title'] = str_replace('$', '$', $C['title']);
$user_templates->set_var('story_title', COM_createLink($C['title'], $articleUrl, array('class' => '')));
$storytime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('story_date', $storytime[0]);
$user_templates->parse('story_row', 'strow', true);
}
} else {
$user_templates->set_var('story_row', '<tr><td>' . $LANG01[37] . '</td></tr>');
}
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
// list of last 10 comments by this user
$sidArray = array();
if (sizeof($tids) > 0) {
// first, get a list of all stories the current visitor has access to
$sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND');
$result = DB_query($sql);
$numsids = DB_numRows($result);
for ($i = 1; $i <= $numsids; $i++) {
$S = DB_fetchArray($result);
$sidArray[] = $S['sid'];
}
}
$sidList = implode("', '", $sidArray);
$sidList = "'{$sidList}'";
// then, find all comments by the user in those stories
$sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = '" . (int) $user . "') GROUP BY sid,title,cid,UNIX_TIMESTAMP(date)";
// SQL NOTE: Using a HAVING clause is usually faster than a where if the
// field is part of the select
// if (!empty ($sidList)) {
// $sql .= " AND (sid in ($sidList))";
// }
if (!empty($sidList)) {
$sql .= " HAVING sid in ({$sidList})";
}
$sql .= " ORDER BY unixdate DESC LIMIT 10";
$result = DB_query($sql);
$nrows = DB_numRows($result);
if ($nrows > 0) {
for ($i = 0; $i < $nrows; $i++) {
$C = DB_fetchArray($result);
$user_templates->set_var('cssid', $i % 2 + 1);
$user_templates->set_var('row_number', $i + 1 . '.');
$C['title'] = str_replace('$', '$', $C['title']);
$comment_url = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $C['cid'];
$user_templates->set_var('comment_title', COM_createLink($C['title'], $comment_url, array('class' => '')));
$commenttime = COM_getUserDateTimeFormat($C['unixdate']);
$user_templates->set_var('comment_date', $commenttime[0]);
$user_templates->parse('comment_row', 'row', true);
}
} else {
$user_templates->set_var('comment_row', '<tr><td>' . $LANG01[29] . '</td></tr>');
}
}
// posting stats for this user
$user_templates->set_var('lang_number_stories', $LANG04[84]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = " . (int) $user . ") AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND');
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_stories', COM_numberFormat($N['count']));
if (!isset($_CONF['comment_engine']) || $_CONF['comment_engine'] == 'internal') {
$user_templates->set_var('lang_number_comments', $LANG04[85]);
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = " . (int) $user . ")";
if (!empty($sidList)) {
$sql .= " AND (sid in ({$sidList}))";
}
$result = DB_query($sql);
$N = DB_fetchArray($result);
$user_templates->set_var('number_comments', COM_numberFormat($N['count']));
$user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name);
}
// hook to the profile icon display
$profileIcons = PLG_profileIconDisplay($user);
if (is_array($profileIcons) && count($profileIcons) > 0) {
$user_templates->set_block('profile', 'profileicon', 'pi');
for ($x = 0; $x < count($profileIcons); $x++) {
if (isset($profileIcons[$x]['url']) && $profileIcons[$x]['url'] != '' && isset($profileIcons[$x]['icon']) && $profileIcons[$x]['icon'] != '') {
$user_templates->set_var('profile_icon_url', $profileIcons[$x]['url']);
$user_templates->set_var('profile_icon_icon', $profileIcons[$x]['icon']);
$user_templates->set_var('profile_icon_text', $profileIcons[$x]['text']);
$user_templates->parse('pi', 'profileicon', true);
}
}
}
// Call custom registration function if enabled and exists
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) {
$user_templates->set_var('customfields', CUSTOM_userDisplay($user));
}
PLG_profileVariablesDisplay($user, $user_templates);
$user_templates->parse('output', 'profile');
$retval .= $user_templates->finish($user_templates->get_var('output'));
$retval .= PLG_profileBlocksDisplay($user);
return $retval;
}
echo $p->finish($p->get_var('output'));
// Get all related Process Variables
$sql = "SELECT a.nf_templateVariableID, a.variableValue, b.variableName FROM {$_TABLES['nf_processvariables']} a, {$_TABLES['nf_templatevariables']} b ";
$sql .= "WHERE a.nf_templateVariableID=b.id AND a.nf_processID='{$A['nf_processID']}'";
$process_query = DB_query($sql);
echo '<table width="100%" class="plugin"><tr>';
echo '<th>Variable ID</th><th>Variable Name</th><th>Value</th><th>User Name if applicable</th>';
echo '</tr>';
$cssid = 1;
while ($B = DB_fetchArray($process_query, false)) {
echo '<tr class="pluginRow' . $cssid . '">';
echo "<td>{$B['nf_templateVariableID']}</td>";
echo "<td>{$B['variableName']}</td>";
echo "<td>{$B['variableValue']}</td>";
if ($B['variableValue'] > 0) {
echo '<td>' . COM_getDisplayName($B['variableValue']) . '</td>';
} else {
echo '<td>N/A</td>';
}
echo LB;
$cssid = $cssid == 1 ? 2 : 1;
}
echo '</td></table>';
}
} else {
echo '<div class="pluginAlert" style="text-align:center;margin-top:10px;padding:20px;">No Workflow Queue Records Found';
echo '<p><a href="' . $actionURL . '">Reset</a></p>';
echo '</div>';
}
echo COM_endBlock();
echo COM_siteFooter();
function nf_formatEmailMessage($type, $tid, $qid, $user)
{
global $CONF_NF, $_TABLES, $_CONF;
$sql = "SELECT taskname,prenotify_message,postnotify_message,reminder_message,prenotify_subject,postnotify_subject,reminder_subject FROM {$_TABLES['nf_templatedata']} WHERE id='{$tid}'";
list($taskname, $premessage, $postmessage, $remindermessage, $presubject, $postsubject, $remindersubject) = DB_fetchArray(DB_query($sql));
$message = '';
$subject = '';
switch ($type) {
case 'prenotify':
$message = trim($premessage) == '' ? $CONF_NF['prenotify_default_message'] : $premessage;
$subject = trim($presubject) == '' ? $CONF_NF['prenotify_default_subject'] : $presubject;
break;
case 'postnotify':
$message = trim($postmessage) == '' ? $CONF_NF['postnotify_default_message'] : $postmessage;
$subject = trim($postsubject) == '' ? $CONF_NF['postnotify_default_subject'] : $postsubject;
break;
case 'reminder':
$message = trim($remindermessage) == '' ? $CONF_NF['reminder_default_message'] : $remindermessage;
$subject = trim($remindersubject) == '' ? $CONF_NF['reminder_default_subject'] : $remindersubject;
break;
case 'escalation':
$message = $CONF_NF['escalation_message'];
$subject = $CONF_NF['escalation_subject'];
break;
}
$dateassigned = DB_getItem($_TABLES['nf_queue'], 'createdDate', "id='{$qid}'");
$processid = DB_getItem($_TABLES['nf_queue'], 'nf_processID', "id='{$qid}'");
if ($processid > 0) {
$nfclass = new nexflow($processid);
$pid = $nfclass->get_ProcessVariable('PID');
}
if (!isset($pid) or $pid < 1) {
$projectName = 'unknown';
$projectlink = 'N/A';
$pid = 0;
} else {
$projectName = DB_getItem($_TABLES['nf_projects'], 'description', "id={$pid}");
$projectlink = $CONF_NF['RequestDetailLink_URL'] . '?id=' . $pid . '?appmode=';
}
$taskowner_uids = nf_getAssignedUID($qid);
$taskowner = '';
foreach ($taskowner_uids as $taskowner_uid) {
$taskowner .= $taskowner == '' ? COM_getDisplayName($taskowner_uid) : ', ' . COM_getDisplayName($taskowner_uid);
}
$link = $CONF_NF['TaskConsole_URL'];
$search = array('[taskname]', '[taskowner]', '[user]', '[dateassigned]', '[newline]', '[here]', '[project]', '[projectname]', '[projectlink]', '[siteurl]');
$replace = array($taskname, $taskowner, $user, $dateassigned, "\n", $link, $pid, $projectName, $projectlink, $_CONF['site_url']);
$message = str_replace($search, $replace, $message);
$subject = str_replace($search, $replace, $subject);
// Make API call to add any workflow customized notification formatting
if (function_exists('PLG_Nexflow_tasknotification')) {
$parms = array('type' => $type, 'tid' => $tid, 'qid' => $qid, 'user' => $user);
$apiRetval = PLG_Nexflow_tasknotification($parms, $subject, $message);
if (!empty($apiRetval['subject'])) {
$subject = $apiRetval['subject'];
}
if (!empty($apiRetval['message'])) {
$message = $apiRetval['message'];
}
}
if ($CONF_NF['debug']) {
COM_errorLog("nf_formatEmailMessage => Type:{$type}, Subject:{$subject}, Message:{$message}");
}
return array($subject, $message);
}
/**
* Show the category editor
*/
function showEditor($cid, $mode = 'edit')
{
global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $_DLM_CONF, $LANG_DLM, $mytree;
$retval = '';
if (!empty($this->_editor_mode)) {
$mode = $this->_editor_mode;
} else {
$this->_editor_mode = $mode;
}
if ($mode == 'edit' || $mode == 'clone') {
if ($this->_retry == true) {
$this->_loadFromArgs($_POST);
} else {
$this->_loadFromDatabase($cid);
}
}
if ($mode == 'clone') {
$this->_cid = $this->_createID($this->_cid . '_');
$this->_old_cid = $this->_cid;
}
if ($mode == 'create') {
if ($this->_retry == true) {
$this->_loadFromArgs($_POST);
} else {
$this->_initVars();
}
}
$this->_checkHasAccess();
$blocktitle = $mode == 'edit' ? $LANG_DLM['modcat'] : $LANG_DLM['addcat'];
$retval .= $this->_showMessage();
$retval .= COM_startBlock($blocktitle, '', COM_getBlockTemplate('_admin_block', 'header'));
$T = new Template($_DLM_CONF['path_layout']);
$T->set_file(array('t_modcategory' => 'admin_modcategory.thtml', 't_admin_access' => 'admin_access.thtml', 't_admin_submit_delete' => 'admin_submit_delete.thtml'));
DLM_setDefaultTemplateVars($T);
$lang = array('title', 'imgurlmain', 'parent', 'save', 'delete', 'cancel', 'confirm_delete', 'topic', 'catid', 'is_enabled', 'corder', 'upload');
foreach ($lang as $v) {
$T->set_var('lang_' . $v, $LANG_DLM[$v]);
}
$T->set_var('preview', $this->_makeForm_category_image());
$T->set_var('imgurl', $this->_imgurl);
$T->set_var('imgurlold', $this->_imgurl);
$T->set_var('cid', $this->_cid);
$T->set_var('old_cid', $this->_old_cid);
$T->set_var('corder', $this->_corder);
$T->set_var('title', $this->_title);
$T->set_var('op', $mode == 'edit' ? 'saveCategory' : 'addCategory');
$T->set_var('delete_disabled', $mode == 'edit' ? '' : UC_DISABLED);
$T->set_var('val_is_enabled', $this->_is_enabled == 1 ? UC_CHECKED : '');
$T->set_var('selparents', $mytree->makeSelBox('title', 'corder', $this->_pid, 1, 'pid', '', $this->_cid));
// user access info
$lang = array('accessrights', 'owner', 'group', 'permissions', 'permissionskey', 'permmsg');
foreach ($lang as $v) {
$T->set_var('lang_' . $v, $LANG_ACCESS[$v]);
}
$this->_owner_id = (int) $this->_owner_id;
$T->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$this->_owner_id}"));
$ownername = COM_getDisplayName($this->_owner_id);
$T->set_var('owner_name', $ownername);
$T->set_var('owner', $ownername);
$T->set_var('ownerid', $this->_owner_id);
$T->set_var('group_dropdown', SEC_getGroupDropdown($this->_group_id, 3));
$T->set_var('permissions_editor', SEC_getPermissionsHTML($this->_perm_owner, $this->_perm_group, $this->_perm_members, $this->_perm_anon));
$hidden_values = $this->_makeForm_hidden('editor_mode', $this->_editor_mode);
$T->set_var('hidden_values', $hidden_values);
$T->parse('admin_access', 't_admin_access');
if ($mode == 'edit') {
$T->parse('admin_submit_delete', 't_admin_submit_delete');
}
$T->set_var('gltoken_name', CSRF_TOKEN);
$T->set_var('gltoken', SEC_createToken());
$T->parse('output', 't_modcategory');
$retval .= $T->finish($T->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
$retval = DLM_createHTMLDocument($retval, array('pagetitle' => $blocktitle));
return $retval;
}
$sql = "SELECT date,last_updated_date,uid,last_updated_uid FROM {$_TABLES['nxform_results']} WHERE id={$PD['results_id']}";
list($createdDate, $lastUpdatedDate, $createdUid, $lastUpdatedUid) = DB_fetchArray(DB_query($sql));
$createdDate = strftime("%Y-%m-%d %H:%M", $createdDate);
$createdUser = COM_getDisplayName($createdUid);
$form_date = "<b>[C]</b> {$createdDate}";
$form_details = '';
if (strpos($A['formtype'], 'RFI') !== false) {
$sql = "SELECT b.field_data FROM {$_TABLES['nxform_fields']} a LEFT JOIN {$_TABLES['nxform_resdata']} b ON a.id=b.field_id ";
$sql .= "WHERE label LIKE 'TITLE' AND b.result_id={$A['results_id']};";
list($rfi_title) = DB_fetchArray(DB_query($sql));
$form_details = "RFI Title: {$rfi_title}<br>";
}
$form_details .= "<b>Created:</b> {$createdDate}<br><b> by:</b> {$createdUser}";
if ($lastUpdatedDate != 0) {
$lastUpdatedDate = strftime("%Y-%m-%d %H:%M", $lastUpdatedDate);
$lastUpdatedUser = COM_getDisplayName($lastUpdatedUid);
$form_date = "<b>[U]</b> {$lastUpdatedDate}";
$form_details .= "<br><b>Updated:</b> {$lastUpdatedDate}<br><b> by:</b> {$lastUpdatedUser}";
}
$p->set_var('form_details', $form_details);
// Get last timestamp event for this form
$q = DB_query("SELECT timestamp FROM {$_TABLES['nf_projecttimestamps']} WHERE project_formid='{$PD['id']}' ORDER BY timestamp DESC limit 1");
list($timestamp) = DB_fetchArray($q);
$p->set_var('form_date', strftime("%m-%d-%Y %H:%M:%S", $timestamp));
$p->set_var('form_status', $CONF_NF['formstatus'][$PD['status']]);
$p->set_var('form_name', $PD['formtype']);
$p->set_var('form_url', '#" onClick="nfNewWindow(\'' . sprintf($viewFormURL, $PD['form_id'], $PD['results_id'], $project_id) . '\');"');
if ($PD['created_by_uid'] == $_USER['uid'] or SEC_inGroup('nexflow Admin')) {
$edit_link = '<a href="#" onClick="nfNewWindow(\'' . sprintf($editFormURL, $PD['form_id'], $PD['results_id'], $usermodeUID) . '\');">';
$edit_link .= '<img src="' . $_CONF['layout_url'] . '/nexflow/images/edit.gif" Title="Edit Form" border="0"></a>';
} else {
/**
* Display form to email a story to someone.
*
* @param string $sid ID of article to email
* @return string HTML for email story form
*
*/
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG08, $LANG_LOGIN;
require_once $_CONF['path_system'] . 'lib-story.php';
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
$retval = COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$login = new Template($_CONF['path_layout'] . 'submit');
$login->set_file(array('login' => 'submitloginrequired.thtml'));
$login->set_var('xhtml', XHTML);
$login->set_var('site_url', $_CONF['site_url']);
$login->set_var('site_admin_url', $_CONF['site_admin_url']);
$login->set_var('layout_url', $_CONF['layout_url']);
$login->set_var('login_message', $LANG_LOGIN[2]);
$login->set_var('lang_login', $LANG_LOGIN[3]);
$login->set_var('lang_newuser', $LANG_LOGIN[4]);
$login->parse('output', 'login');
$retval .= $login->finish($login->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
return $retval;
}
$story = new Story();
$result = $story->loadFromDatabase($sid, 'view');
if ($result != STORY_LOADED_OK) {
return COM_refresh($_CONF['site_url'] . '/index.php');
}
if ($msg > 0) {
$retval .= COM_showMessage($msg);
}
if (empty($from) && empty($fromemail)) {
if (!COM_isAnonUser()) {
$from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
$fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
}
}
$mail_template = new Template($_CONF['path_layout'] . 'profiles');
$mail_template->set_file('form', 'contactauthorform.thtml');
$mail_template->set_var('xhtml', XHTML);
$mail_template->set_var('site_url', $_CONF['site_url']);
$mail_template->set_var('site_admin_url', $_CONF['site_admin_url']);
$mail_template->set_var('layout_url', $_CONF['layout_url']);
$mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
$mail_template->set_var('lang_title', $LANG08[31]);
$mail_template->set_var('story_title', $story->displayElements('title'));
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
$mail_template->set_var('story_url', $url);
$link = COM_createLink($story->displayElements('title'), $url);
$mail_template->set_var('story_link', $link);
$mail_template->set_var('lang_fromname', $LANG08[20]);
$mail_template->set_var('name', $from);
$mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
$mail_template->set_var('email', $fromemail);
$mail_template->set_var('lang_toname', $LANG08[18]);
$mail_template->set_var('toname', $to);
$mail_template->set_var('lang_toemailaddress', $LANG08[19]);
$mail_template->set_var('toemail', $toemail);
$mail_template->set_var('lang_cc', $LANG08[36]);
$mail_template->set_var('lang_cc_description', $LANG08[37]);
$mail_template->set_var('lang_shortmessage', $LANG08[27]);
$mail_template->set_var('shortmsg', htmlspecialchars($shortmsg));
$mail_template->set_var('lang_warning', $LANG08[22]);
$mail_template->set_var('lang_sendmessage', $LANG08[16]);
$mail_template->set_var('story_id', $sid);
$mail_template->set_var('end_block', COM_endBlock());
PLG_templateSetVars('emailstory', $mail_template);
$mail_template->parse('output', 'form');
$retval .= $mail_template->finish($mail_template->get_var('output'));
return $retval;
}
if (DB_numRows($modsql) > 0) {
while ($showmods = DB_fetchArray($modsql, false)) {
if ($showmods['mod_uid'] == '0') {
if ($showmods['mod_groupid'] > 0) {
$showmods['mod_username'] = _ff_getGroup($showmods['mod_groupid']);
}
if ($moderatorcnt == 1 or $moderators == '') {
$moderators = $showmods['mod_username'];
} else {
$moderators .= ', ' . $showmods['mod_username'];
}
} else {
if ($moderatorcnt == 1 or $moderators == '') {
$moderators = COM_getDisplayName($showmods['mod_uid']);
} else {
$moderators .= ', ' . COM_getDisplayName($showmods['mod_uid']);
}
}
$moderatorcnt++;
}
} else {
$moderators = $LANG_GF01['no_one'];
}
$forumlisting->set_var('moderator', sprintf($LANG_GF01['MODERATED'], $moderators));
} else {
$forumlisting->set_var('moderator', '');
}
$numForumsDisplayed++;
$busyforum = 0;
$quietforum = 1;
if ($postCount > 0) {
$cal_templates->set_var('lang_monday', $LANG_WEEK[2]);
$cal_templates->set_var('lang_tuesday', $LANG_WEEK[3]);
$cal_templates->set_var('lang_wednesday', $LANG_WEEK[4]);
$cal_templates->set_var('lang_thursday', $LANG_WEEK[5]);
$cal_templates->set_var('lang_friday', $LANG_WEEK[6]);
$cal_templates->set_var('lang_saturday', $LANG_WEEK[7]);
}
$cal_templates->set_var('month_options', CALENDARJP_getMonthFormOptions($month));
$cal_templates->set_var('lang_day', $LANG_CALJP_2[39]);
$cal_templates->set_var('lang_week', $LANG_CALJP_2[40]);
$cal_templates->set_var('lang_month', $LANG_CALJP_2[41]);
$navbar->set_selected($LANG_CALJP_2[41]);
// added by dengen ***********************
$cal_templates->set_var('navbar', $navbar->generate());
if ($mode == 'personal') {
$cal_templates->set_var('calendar_title', $LANG_CALJP_2[28] . ' ' . COM_getDisplayName());
} else {
$cal_templates->set_var('calendar_title', $_CONF['site_name'] . ' ' . $LANG_CALJP_2[29]);
}
$yroptions = '';
for ($y = $currentyear - 5; $y <= $currentyear + 5; $y++) {
$yroptions .= '<option value="' . $y . '"';
if ($y == $year) {
$yroptions .= ' selected="selected"';
}
$yroptions .= '>' . $y . '</option>' . LB;
}
$cal_templates->set_var('year_options', $yroptions);
for ($i = 1; $i <= 6; $i++) {
$wday = '';
for ($j = 1; $j <= 7; $j++) {
/**
* Callback function for the ListFactory class
*
* This function gets called by the ListFactory class and formats
* each row accordingly for example pulling usernames from the
* users table and displaying a link to their profile.
*
* @param array $row An array of plain data to format
* @return array A reformatted version of the input array
*
*/
public function searchFormatCallback($preSort, $row)
{
global $_CONF, $LANG09;
if ($preSort) {
if (is_array($row[LF_SOURCE_TITLE])) {
$row[LF_SOURCE_TITLE] = implode($_CONF['search_separator'], $row[LF_SOURCE_TITLE]);
}
if (is_numeric($row['uid'])) {
if (empty($this->_names[$row['uid']])) {
$this->_names[$row['uid']] = htmlspecialchars(COM_getDisplayName($row['uid']));
if ($row['uid'] != 1) {
$this->_names[$row['uid']] = COM_createLink($this->_names[$row['uid']], $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $row['uid']);
}
}
$row['uid'] = $this->_names[$row['uid']];
}
} else {
$row[LF_SOURCE_TITLE] = COM_createLink($row[LF_SOURCE_TITLE], $this->_searchURL . '&type=' . $row[LF_SOURCE_NAME] . '&mode=search');
if ($row['url'] != '#') {
$row['url'] = ($row['url'][0] == '/' ? $_CONF['site_url'] : '') . $row['url'];
if (isset($this->_url_rewrite[$row[LF_SOURCE_NAME]]) && $this->_url_rewrite[$row[LF_SOURCE_NAME]]) {
$row['url'] = COM_buildUrl($row['url']);
}
if (isset($this->_append_query[$row[LF_SOURCE_NAME]]) && $this->_append_query[$row[LF_SOURCE_NAME]]) {
if (!empty($this->_query)) {
$row['url'] .= (strpos($row['url'], '?') ? '&' : '?') . 'query=' . urlencode($this->_query);
}
}
}
$row['title'] = $this->_shortenText($this->_query, $row['title'], 8);
$row['title'] = stripslashes(str_replace('$', '$', $row['title']));
$row['title'] = COM_createLink($row['title'], $row['url']);
if ($row['description'] == 'LF_NULL') {
$row['description'] = '<i>' . $LANG09[70] . '</i>';
} elseif ($row['description'] != '<i>' . $LANG09[70] . '</i>') {
$row['description'] = stripslashes($this->_shortenText($this->_query, PLG_replaceTags($row['description']), $this->_wordlength));
}
if ($row['date'] != 'LF_NULL') {
$dt = COM_getUserDateTimeFormat(intval($row['date']));
$row['date'] = $dt[0];
}
if ($row['hits'] != 'LF_NULL') {
$row['hits'] = COM_NumberFormat($row['hits']) . ' ';
// simple solution to a silly problem!
}
}
return $row;
}
/**
* used for the lists of submissions and draft stories in admin/moderation.php
*
* @param string $fieldName
* @param string $fieldValue
* @param array $A
* @param array $icon_arr
* @return string
*/
function ADMIN_getListField_moderation($fieldName, $fieldValue, $A, $icon_arr)
{
global $_CONF, $_TABLES, $LANG_ADMIN;
$type = '';
if (isset($A['_moderation_type'])) {
$type = $A['_moderation_type'];
}
switch ($fieldName) {
case 'edit':
$retval = COM_createLink($icon_arr['edit'], $A['edit']);
break;
case 'delete':
$retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"delete\"" . XHTML . ">";
break;
case 'approve':
$retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"approve\"" . XHTML . ">" . "<input type=\"hidden\" name=\"id[{$A['row']}]\" value=\"{$A[0]}\"" . XHTML . ">";
break;
case 'day':
$retval = strftime($_CONF['daytime'], $A['day']);
break;
case 'tid':
$retval = DB_getItem($_TABLES['topics'], 'topic', "tid = '{$A['tid']}'");
break;
case 'uid':
$name = '';
if ($A['uid'] == 1) {
$name = htmlspecialchars(COM_stripslashes(DB_getItem($_TABLES['commentsubmissions'], 'name', "cid = '{$A['id']}'")));
}
if (empty($name)) {
$name = COM_getDisplayName($A['uid']);
}
if ($A['uid'] == 1) {
$retval = $name;
} else {
$retval = COM_createLink($name, $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid']);
}
break;
case 'publishfuture':
if (!SEC_inGroup('Comment Submitters', $A['uid']) && $A['uid'] > 1) {
$retval = "<input type=\"checkbox\" name=\"publishfuture[]\" value=\"{$A['uid']}\"" . XHTML . ">";
} else {
$retval = $LANG_ADMIN['na'];
}
break;
default:
if ($fieldName == 4 && ($type === 'story' || $type === 'story_draft')) {
$retval = TOPIC_getTopicAdminColumn('article', $A[0]);
} elseif ($fieldName == 2 && $type === 'comment') {
$commentText = COM_getTextContent($A['comment']);
$excerpt = htmlspecialchars(COM_truncate($commentText, 140, '...'));
// try to provide a link to the parent item (e.g. article, poll)
$info = PLG_getItemInfo($A['type'], $A['sid'], 'title,url');
if (empty($info) || empty($info[0]) || empty($info[1])) {
// if not available, display excerpt from the comment
$retval = htmlspecialchars(COM_truncate($commentText, 40, '...'));
if (strlen($commentText) > 40) {
$retval = '<span title="' . $excerpt . '">' . $retval . '</span>';
}
} else {
$retval = COM_createLink($info[0], $info[1], array('title' => $excerpt));
}
} else {
$retval = COM_makeClickableLinks(stripslashes($fieldValue));
}
break;
}
return $retval;
}
/**
* CallBack function for the ListFactory class
*
* This function gets called by the ListFactory class and formats
* each row accordingly for example pulling usernames from the
* users table and displaying a link to their profile.
*
* @author Sami Barakat <s.m.barakat AT gmail DOT com>
* @access public
* @param array $row An array of plain data to format
* @return array A reformatted version of the input array
*
*/
function searchFormatCallBack($preSort, $row)
{
global $_CONF, $_USER;
$dt = new Date('now', $_USER['tzid']);
if ($preSort) {
$row[SQL_TITLE] = is_array($row[SQL_TITLE]) ? implode($_CONF['search_separator'], $row[SQL_TITLE]) : $row[SQL_TITLE];
if (is_numeric($row['uid'])) {
if (empty($this->_names[$row['uid']])) {
$this->_names[$row['uid']] = htmlspecialchars(COM_getDisplayName($row['uid']));
if ($row['uid'] != 1) {
$this->_names[$row['uid']] = COM_createLink($this->_names[$row['uid']], $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $row['uid']);
}
}
$row['uid'] = $this->_names[$row['uid']];
}
} else {
$row[SQL_TITLE] = COM_createLink($row[SQL_TITLE], $this->_searchURL . '&type=' . $row[SQL_NAME] . '&mode=search');
$row['url'] = ($row['url'][0] == '/' ? $_CONF['site_url'] : '') . $row['url'];
if ($this->_url_rewrite[$row[SQL_NAME]]) {
$row['url'] = COM_buildUrl($row['url']);
}
if ($row['title'] == '') {
$row['title'] = $row[SQL_TITLE];
}
$row['title'] = $row['title'];
// $this->_shortenText($this->_query, $row['title'], 6);
$row['title'] = str_replace('$', '$', $row['title']);
$row['title'] = COM_createLink($row['title'], $row['url']);
if ($row['description'] == '') {
$row['description'] = $_CONF['search_no_data'];
} else {
$row['description'] = $row['description'];
}
if ($row['description'] != $_CONF['search_no_data']) {
$row['description'] = $this->_shortenText($this->_query, $row['description'], $this->_wordlength);
}
$dt->setTimestamp($row['date']);
$row['date'] = $dt->format($_CONF['daytime'], true);
$row['hits'] = COM_NumberFormat($row['hits']) . ' ';
// simple solution to a silly problem!
}
return $row;
}
/**
* Send an email notification for a new submission.
*
* @param string $table Table where the new submission can be found
* @param string $story Story object that was submitted.
*
*/
function sendNotification($table, $story)
{
global $_CONF, $_TABLES, $LANG01, $LANG08, $LANG24, $LANG29, $LANG_ADMIN;
$title = COM_undoSpecialChars($story->displayElements('title'));
if ($A['postmode'] == 'html') {
$A['introtext'] = strip_tags($A['introtext']);
}
$introtext = COM_undoSpecialChars($story->displayElements('introtext') . "\n" . $story->displayElements('bodytext'));
$storyauthor = COM_getDisplayName($story->displayelements('uid'));
$topic = stripslashes(DB_getItem($_TABLES['topics'], 'topic', 'tid = \'' . $story->displayElements('tid') . '\''));
$mailbody = "{$LANG08['31']}: {$title}\n" . "{$LANG24['7']}: {$storyauthor}\n" . "{$LANG08['32']}: " . strftime($_CONF['date']) . "\n" . "{$LANG_ADMIN['topic']}: {$topic}\n\n";
if ($_CONF['emailstorieslength'] > 0) {
if ($_CONF['emailstorieslength'] > 1) {
$introtext = MBYTE_substr($introtext, 0, $_CONF['emailstorieslength']) . '...';
}
$mailbody .= $introtext . "\n\n";
}
if ($table == $_TABLES['storysubmission']) {
$mailbody .= "{$LANG01['10']} <{$_CONF['site_admin_url']}/moderation.php>\n\n";
} else {
$articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
$mailbody .= $LANG08[33] . ' <' . $articleUrl . ">\n\n";
}
$mailsubject = $_CONF['site_name'] . ' ' . $LANG29[35];
$mailbody .= "\n------------------------------\n";
$mailbody .= "\n{$LANG08['34']}\n";
$mailbody .= "\n------------------------------\n";
COM_mail($_CONF['site_mail'], $mailsubject, $mailbody);
}
