echo format_error_block($errors);
echo get_user_input_form(NULL, $HTTP_VARS);
}
} else {
//is_secretimage_code_valid
echo format_error_block(get_opendb_lang_var('invalid_verify_code'));
echo get_user_input_form(NULL, $HTTP_VARS);
}
echo format_footer_links($footer_links_r);
echo _theme_footer();
} else {
$page_title = get_opendb_lang_var('new_account');
echo _theme_header($page_title, is_show_login_menu_enabled());
echo "\n<h2>" . $page_title . "</h2>";
echo get_user_input_form(NULL, $HTTP_VARS);
echo format_footer_links($footer_links_r);
echo _theme_footer();
}
} else {
//End of $HTTP_VARS['op'] checks
opendb_operation_not_available();
}
}
}
}
}
}
}
}
}
}
function get_item_review_block($item_r)
{
$buffer .= "<h3>" . get_opendb_lang_var('review(s)') . "</h3>";
$result = fetch_review_rs($item_r['item_id']);
if ($result) {
$buffer .= "<ul>";
while ($review_r = db_fetch_assoc($result)) {
$action_links = NULL;
$buffer .= "<li>";
// even if already review author its possible to revoke rights to
// edit / modify own reviews by revoking the PERM_USER_REVIEWER grant!
if (is_user_granted_permission(PERM_ADMIN_REVIEWER) || is_user_granted_permission(PERM_USER_REVIEWER) && is_review_author($review_r['sequence_number'])) {
$action_links_rs = NULL;
if (get_opendb_config_var('item_review', 'update_support') !== FALSE) {
$action_links[] = array(url => "item_review.php?op=edit&sequence_number=" . $review_r['sequence_number'] . "&item_id=" . $item_r['item_id'] . "&instance_no=" . $item_r['instance_no'], text => get_opendb_lang_var('edit'));
}
if (get_opendb_config_var('item_review', 'delete_support') !== FALSE) {
$action_links[] = array(url => "item_review.php?op=delete&sequence_number=" . $review_r['sequence_number'] . "&item_id=" . $item_r['item_id'] . "&instance_no=" . $item_r['instance_no'], text => get_opendb_lang_var('delete'));
}
$buffer .= format_footer_links($action_links);
}
$buffer .= "<p class=\"author\">";
$buffer .= get_opendb_lang_var('on_date_name_wrote_the_following', array('date' => get_localised_timestamp(get_opendb_config_var('item_display', 'review_datetime_mask'), $review_r['update_on']), 'fullname' => fetch_user_name($review_r['author_id']), 'user_id' => $review_r['author_id']));
$buffer .= "</p>";
$buffer .= "<p class=\"comments\">" . nl2br(trim($review_r['comment']));
if ($review_r['item_id'] != $item_r['item_id']) {
$buffer .= "<span class=\"reference\">" . get_opendb_lang_var('review_for_item_type_title', array('s_item_type' => $review_r['s_item_type'], 'item_id' => $review_r['item_id'])) . "</span>";
}
$buffer .= "</p>";
$average = $review_r['rating'];
$attribute_type_r = fetch_attribute_type_r("S_RATING");
$buffer .= "<span class=\"rating\">" . get_display_field($attribute_type_r['s_attribute_type'], NULL, 'review()', $average, FALSE) . "</span>";
$buffer .= "</li>";
}
//while
$buffer .= "</ul>";
} else {
$buffer .= '<p>' . get_opendb_lang_var('no_item_reviews') . '</p>';
}
$action_links = NULL;
if (is_user_granted_permission(PERM_USER_REVIEWER)) {
$action_links[] = array(url => "item_review.php?op=add&item_id=" . $item_r['item_id'] . "&instance_no=" . $item_r['instance_no'], text => get_opendb_lang_var('review'));
$buffer .= format_footer_links($action_links);
}
return $buffer;
}
function show_login_form($HTTP_VARS, $errors = NULL)
{
global $PHP_SELF;
echo _theme_header(get_opendb_lang_var('login'), is_show_login_menu_enabled());
echo "<h2>" . get_opendb_lang_var('login') . "</h2>";
if (is_not_empty_array($errors)) {
echo format_error_block($errors);
}
echo "<div id=\"loginFormDiv\">";
if ($HTTP_VARS['rememberMeLogin'] == 'true') {
echo "<p class=\"rememberMeLoginMessage\">" . get_opendb_lang_var('not_authorized_to_page_login') . "</p>";
}
if (strlen($HTTP_VARS['redirect']) > 0) {
echo "<p class=\"redirectMessage\">" . get_opendb_lang_var('login_redirect_message', array('pageid' => get_page_id($HTTP_VARS['redirect']))) . "</p>";
}
echo "<form id=\"loginForm\" action=\"{$PHP_SELF}\" method=\"POST\" name=\"login\">";
// The user tried to go straight to a menu item with an invalid session.
// Set a "redirect" variable here so that after we give them a full session
// we can redirect them back to the page they really wanted.
if (strlen($HTTP_VARS['redirect']) > 0) {
echo "<input type=\"hidden\" name=\"redirect\" value=\"" . $HTTP_VARS['redirect'] . "\">";
}
echo "<input type=\"hidden\" name=\"op\" value=\"login\">";
echo "\n<ul>" . "\n<li><label class=\"label\" for=\"uid\">" . get_opendb_lang_var('userid') . "</label>" . "<input type=\"text\" class=\"text\" id=\"uid\" name=\"uid\" value=\"" . $HTTP_VARS['uid'] . "\"></li>" . "\n<li><label class=\"label\" for=\"password\">" . get_opendb_lang_var('password') . "</label>" . "<input type=\"password\" class=\"password\" id=\"passwd\" name=\"passwd\"></li>";
echo "\n<li><label class=\"label\" for=\"remember\">" . get_opendb_lang_var('remember_me') . "</label>" . "<input type=\"checkbox\" class=\"remember\" id=\"remember\" name=\"remember\" value=\"true\"></li>";
echo "</ul>" . "\n<input type=\"submit\" class=\"submit\" value=\"" . get_opendb_lang_var('login') . "\">";
echo "</form>";
// force uid field focus for login
echo "\n<script type=\"text/javascript\">\n\t\tdocument.forms['login']['uid'].focus();\n\t</script>";
if (is_site_enabled() && is_valid_opendb_mailer()) {
if (strlen($HTTP_VARS['uid']) > 0 && get_opendb_config_var('login', 'enable_new_pwd_gen') !== FALSE && is_user_granted_permission(PERM_CHANGE_PASSWORD, $HTTP_VARS['uid'])) {
$footer_links_r[] = array(url => $PHP_SELF . "?op=newpassword&uid=" . urlencode($HTTP_VARS['uid']), text => get_opendb_lang_var('forgot_your_pwd'));
}
// no point if site disabled, email is not available
if (get_opendb_config_var('email', 'send_to_site_admin') !== FALSE) {
$footer_links_r[] = array(text => get_opendb_lang_var('email_administrator'), target => "popup(640,480)", url => "email.php?op=send_to_site_admin&inc_menu=N");
}
}
// Indicate we should show the signup link.
if (get_opendb_config_var('login.signup', 'enable') !== FALSE) {
$footer_links_r[] = array(url => "user_admin.php?op=signup", text => get_opendb_lang_var('sign_me_up'));
}
echo format_footer_links($footer_links_r);
echo "</div>";
echo _theme_footer();
}
function get_edit_form($op, $item_r, $status_type_r, $HTTP_VARS)
{
global $PHP_SELF;
// Work out $op value to submit.
if ($op == 'edit' || $op == 'refresh' || $op == 'newinstance') {
$op2 = 'update';
} else {
if ($op == 'new' || $op == 'site' || $op == 'clone_item') {
$op2 = 'insert';
} else {
$op2 = $op;
}
}
// last resort!
$formContents = get_edit_item_form($op, $item_r, $HTTP_VARS, $upload_file_fields);
if ($formContents !== FALSE) {
$pageContents = '';
$pageContents .= "<div class=\"tabContainer\">";
if ($upload_file_fields && is_file_upload_enabled()) {
$pageContents .= "\n<form name=\"itemInput\" action=\"{$PHP_SELF}\" method=\"POST\" enctype=\"multipart/form-data\">";
} else {
$pageContents .= "\n<form action=\"{$PHP_SELF}\" method=\"POST\">";
}
if (get_opendb_config_var('widgets', 'enable_javascript_validation') !== FALSE) {
$onclick_event = "if(!checkForm(this.form)){return false;}else{this.form.submit();}";
} else {
$onclick_event = "this.form.submit();";
}
$pageContents .= "<ul class=\"tabMenu\" id=\"tab-menu\">";
$pageContents .= "<li id=\"menu-details\" class=\"first activeTab\" onclick=\"return activateTab('details');\">" . get_opendb_lang_var('details') . "</li>";
$pageContents .= "<li id=\"menu-instance_info\" onclick=\"return activateTab('instance_info');\">" . get_opendb_lang_var('instance_info') . "</li>";
$pageContents .= "</ul>";
$pageContents .= "<div id=\"tab-content\">";
$pageContents .= "<ul class=\"saveButtons\">\n\t\t\t\t<li><input type=\"button\" class=\"button\" onclick=\"{$onclick_event}\" value=\"" . get_opendb_lang_var('save_item') . "\"></li>\n\t\t\t</ul>";
$pageContents .= "<div class=\"tabContent\" id=\"details\">";
$pageContents .= "\n<input type=\"hidden\" name=\"op\" value=\"{$op2}\">";
$pageContents .= "\n<input type=\"hidden\" name=\"start-op\" value=\"{$op}\">";
$pageContents .= "\n<input type=\"hidden\" name=\"s_item_type\" value=\"" . $item_r['s_item_type'] . "\">";
$pageContents .= "\n<input type=\"hidden\" name=\"parent_item_id\" value=\"" . $HTTP_VARS['parent_item_id'] . "\">";
$pageContents .= "\n<input type=\"hidden\" name=\"parent_instance_no\" value=\"" . $HTTP_VARS['parent_instance_no'] . "\">";
if ($op == 'clone_item' || is_not_empty_array($item_r)) {
if (is_numeric($item_r['item_id'])) {
$pageContents .= "\n<input type=\"hidden\" name=\"item_id\" value=\"" . $item_r['item_id'] . "\">";
}
if (is_numeric($item_r['instance_no'])) {
$pageContents .= "\n<input type=\"hidden\" name=\"instance_no\" value=\"" . $item_r['instance_no'] . "\">";
}
}
if (strlen($HTTP_VARS['owner_id']) > 0) {
$pageContents .= "\n<input type=\"hidden\" name=\"owner_id\" value=\"" . $HTTP_VARS['owner_id'] . "\">";
}
$pageContents .= $formContents;
$action_links_rs = NULL;
$pageContents .= "<ul class=\"saveButtons\">\n\t\t<li><input type=\"button\" class=\"button\" onclick=\"{$onclick_event}\" value=\"" . get_opendb_lang_var('save_item') . "\"></li>\n\t\t\t</ul>";
if (is_not_empty_array($action_links_rs)) {
$pageContents .= format_footer_links($action_links_rs);
}
$pageContents .= "</div>";
$pageContents .= get_edit_item_instance_form($op, $item_r, $status_type_r, $HTTP_VARS);
$pageContents .= "</div>";
$pageContents .= "</form>";
$pageContents .= "</div>";
return $pageContents;
} else {
return FALSE;
}
}