$retstring .= " title = \"" . filterAccess($row, $loginId, 'title') . "\""; $retstring .= " nationality = \"" . filterAccess($row, $loginId, 'nationality') . "\""; $retstring .= " picture = \"" . filterAccess($row, $loginId, 'picture') . "\""; $retstring .= " invitedby = \"" . filterAccess($row, $loginId, 'invitedby') . "\""; $retstring .= " url = \"" . filterAccess($row, $loginId, 'url') . "\""; $retstring .= " interests = \"" . filterAccess($row, $loginId, 'interests') . "\""; $retstring .= " profile = \"" . filterAccess($row, $loginId, 'profile') . "\""; $retstring .= " emailid= \"" . filterAccess($row, $loginId, 'emailid') . "\""; $retstring .= " loggedin = \"{$row['loggedin']}\""; $retstring .= " location = \"" . filterAccess($row, $loginId, 'location') . "\""; $retstring .= " grandscore = \"{$row['grandscore']}\""; $retstring .= " jointime = \"{$row['jointime']}\""; $retstring .= " timesvisited = \"{$row['timesvisited']}\""; $retstring .= " lastvisit = \"{$row['lastvisit']}\""; $retstring .= " lastaccessed = \"{$row['lastaccessed']}\""; $retstring .= " competences=\"" . filterAccess($row, $loginId, 'competences') . "\"/>"; } // load the video nodes $rs = mysql_query("SELECT * FROM videonodes ORDER BY name"); while ($row = mysql_fetch_array($rs)) { $tagg = ''; $rs1 = mysql_query("Select * from edges where fromID='{$row['id']}' and name='Has tags' "); while ($row1 = mysql_fetch_array($rs1)) { $rs2 = mysql_query("Select * from tagnodes where id='{$row1['toID']}' "); $row2 = mysql_fetch_array($rs2); $tagg = $tagg . $row2['name'] . ","; } if ($row['parentvideo'] != '' and !$isAdmin) { $parvid = mysql_query("SELECT submittedby, video_py FROM videonodes WHERE id='{$row['parentvideo']}'"); $arr = mysql_fetch_array($parvid); if ($arr['submittedby'] != $loginId) {
$res .= "<picture>{$row['picture']}</picture>"; $res .= "<video_py>{$row['video_py']}</video_py>"; $res .= "<comments>{$row['comments']}</comments>"; $res .= "</video>"; } } } } $res .= "</videos>"; $rs3 = mysql_query("SELECT u.action, p.id, p.name, p.name_py, p.alias, u.logs_py,\n\t\t\t\t DATE_FORMAT(u.Datetime, '%d/%m/%Y - %r') AS dt FROM useractions u, peoplenodes p, (SELECT MAX(t.dt) AS lastlogin\n\t\t\t\t FROM (SELECT datetime AS dt FROM useractions u WHERE takenby='{$loginId}'\n\t\t\t\t AND action='Login') t) l WHERE u.Datetime > l.lastlogin AND p.id=u.TakenBy"); $res .= "<acts>"; while ($row = mysql_fetch_array($rs3)) { $res .= "<act>"; $res .= "<action>{$row['action']}</action>"; //$res .= "<name>$row[name]</name>"; $res .= "<name>" . filterAccess($row, $loginId, 'name') . "</name>"; //$res .= "<name_py>$row[name_py]</name_py>"; $res .= "<dt>{$row['dt']}</dt>"; //$res .= "<logs_py>$row[logs_py]</logs_py>"; $res .= "</act>"; } $res .= "</acts>"; $res .= '<status>true</status>'; die($res . '</rsp>'); mysql_close($conn); ?> <?php function filterAccess($row, $uid, $prop) { global $loginId;