/** this script is included by include/begin.inc.php, so available to all user executable scripts. */ function redirect_login($PHP_SELF, $HTTP_VARS, $rememberMeLogin = FALSE) { $redirect = basename($PHP_SELF); $url = get_url_string($HTTP_VARS); if (strlen($url) > 0) { $redirect .= '?' . $url; } opendb_redirect("login.php?op=login&rememberMeLogin="******"true" : "false") . "&redirect=" . urlencode($redirect)); }
function get_printable_page_url($pageid) { global $PHP_SELF; global $HTTP_VARS; if ($pageid == 'listings' || $pageid == 'borrow' || $pageid == 'item_display') { return "{$PHP_SELF}?" . get_url_string($HTTP_VARS, array('mode' => 'printable')); } else { return NULL; } }
function getAlphaListBlock($PHP_SELF, $HTTP_VARS) { $buffer = '<ul class="alphalist">'; $context_vars = $HTTP_VARS; if (get_opendb_config_var('listings', 'alphalist_new_search_context') !== FALSE) { $context_vars = array('owner_id' => $HTTP_VARS['owner_id'], 'order_by' => $HTTP_VARS['order_by'], 'sortorder' => $HTTP_VARS['sortorder']); } foreach (array_merge(array('#'), range('A', 'Z')) as $char) { if ($HTTP_VARS['letter'] == $char) { $buffer .= "<li class=\"current\">{$char}</li>"; } else { $buffer .= "<li><a href=\"{$PHP_SELF}?" . get_url_string($context_vars, array('letter' => $char), array('page_no')) . "\">" . $char . "</a></li>"; } } if (strlen($HTTP_VARS['letter']) > 0) { $buffer .= "<li class=\"all\"><a href=\"{$PHP_SELF}?" . get_url_string($context_vars, array('letter' => '')) . "\">" . get_opendb_lang_var('all') . "</a></li>"; } $buffer .= '</ul>'; return $buffer; }
} db_free_result($addr_results); } //if($addr_results) $activate_url = get_site_url() . 'user_admin.php?op=activate&user_id=' . $HTTP_VARS['user_id']; $delete_url = get_site_url() . 'user_admin.php?op=delete&user_id=' . $HTTP_VARS['user_id']; $message = get_opendb_lang_var('new_account_email', array('admin_name' => get_opendb_lang_var('site_administrator', 'site', get_opendb_config_var('site', 'title')), 'user_info' => $user_info_lines, 'site' => get_opendb_config_var('site', 'title'), 'activate_url' => $activate_url, 'delete_url' => $delete_url)); return send_email_to_site_admins(PERM_ADMIN_CREATE_USER, $HTTP_VARS['email_addr'], get_opendb_lang_var('new_account'), $message, $errors); } if (is_site_enabled()) { if (is_opendb_valid_session() || $HTTP_VARS['op'] == 'signup') { if ($HTTP_VARS['op'] == 'gfx_code_check' && is_numeric($HTTP_VARS['gfx_random_number'])) { secretimage($HTTP_VARS['gfx_random_number']); } else { if (is_array(get_opendb_session_var('user_listing_url_vars'))) { $footer_links_r[] = array(url => "user_listing.php?" . get_url_string(get_opendb_session_var('user_listing_url_vars')), text => get_opendb_lang_var('back_to_user_listing')); } if ($HTTP_VARS['op'] == 'new_user') { if (is_user_granted_permission(PERM_ADMIN_CREATE_USER)) { echo _theme_header(get_opendb_lang_var('add_new_user')); echo "<h2>" . get_opendb_lang_var('add_new_user') . "</h2>"; echo get_user_input_form(NULL, $HTTP_VARS); echo format_footer_links($footer_links_r); echo _theme_footer(); } else { opendb_not_authorised_page(PERM_ADMIN_CREATE_USER, $HTTP_VARS, $HTTP_VARS); } } else { if ($HTTP_VARS['op'] == 'edit') { if (is_user_granted_update_permission($HTTP_VARS)) { if ($HTTP_VARS['user_id'] == get_opendb_session_var('user_id')) {
/** * It is this functions responsibility to encode the listing row URL * to include any context information. */ function addListingRow($title, $cover_image_url, $comments, $attributes_r) { $title = trim(strip_tags($title)); $comments = trim(strip_tags($comments)); $cover_image_url = trim(strip_tags($cover_image_url)); if (is_array($attributes_r)) { // lets make sure we don't already have a row with the same $attributes_r set. if (is_array($this->_item_list_rs)) { for ($i = 0; $i < count($this->_item_list_rs); $i++) { if (is_array($this->_item_list_rs['attributes'])) { $found = TRUE; reset($attributes_r); while (list($key, $value) = each($attributes_r)) { // if not set, this is considered no match and do next for loop cycle if (!isset($this->_item_list_rs['attributes'][$key]) || $this->_item_list_rs['attributes'][$key] != $key) { $found = FALSE; break; } } if ($found) { return FALSE; } } } } if (strlen($this->_more_info_url) > 0) { $more_info_url = $this->_titleMaskCfg->expand_mask($attributes_r, $this->_more_info_url); } $opendb_link_url = get_url_string($this->_http_vars, $attributes_r); $this->_item_list_rs[] = array('title' => $title, 'cover_image_url' => trim($cover_image_url), 'comments' => trim(strip_tags(str_replace('<br>', "\n", $comments))), 'more_info_url' => trim($more_info_url), 'opendb_link_url' => trim($opendb_link_url), 'attributes' => $attributes_r); } // else ignore return TRUE; }
<?php ini_set('include_path', ini_get('include_path') . PATH_SEPARATOR . '../lib'); require_once 'init.php'; require_once 'data.php'; require_once 'output.php'; //list($response_format, $response_mime_type) = parse_format($_GET['format'], 'html'); $url_string = get_url_string(); if (is_string($url_string)) { switch (basename($url_string)) { case 'reg': case 'login': include 'login.php'; break; case 'browse': include 'browse.php'; break; case 'submit': include 'submit.php'; break; case 'help': include 'help.php'; break; case 'forum': include 'forum.php'; break; default: // check if basename equals username // if not throw error break; }
function writeRowImpl($row_column_rs) { if ($this->_toggle) { $this->rowclass = "oddRow"; } else { $this->rowclass = "evenRow"; } $this->_write("\n<tr class=\"" . $this->rowclass . "\">"); for ($i = 0; $i < count($row_column_rs); $i++) { $header_column_r = $this->_header_column_rs[$i]; $columnClass = NULL; if (strlen($header_column_r['fieldname']) > 0) { $columnClass = $header_column_r['fieldname']; } switch ($row_column_rs[$i]['column_type']) { case 'action_links': $this->_write('<td class="action_links ' . $columnClass . '">'); $this->_write(ifempty(format_action_links($row_column_rs[$i]['action_links']), get_opendb_lang_var('not_applicable'))); $this->_write('</td>'); break; case 'username': $this->_write('<td class="username ' . $columnClass . '">'); $user_id = $row_column_rs[$i]['user_id']; $fullname = $row_column_rs[$i]['fullname']; if ($user_id == get_opendb_session_var('user_id')) { $this->_write(get_opendb_lang_var('current_user', array('fullname' => $fullname, 'user_id' => $user_id))); } else { $user_name = get_opendb_lang_var('user_name', array('fullname' => $fullname, 'user_id' => $user_id)); if ($this->_include_href_links && is_user_granted_permission(PERM_VIEW_USER_PROFILE)) { $item_title = ''; // lets find the title column. for ($j = 0; $j < count($row_column_rs); $j++) { if ($row_column_rs[$j]['column_type'] == 'title') { $item_title = trim(strip_tags($row_column_rs[$j]['item_title'])); break; } } $url = "user_profile.php?uid=" . $user_id; if (is_array($row_column_rs[$i]['extra_http_vars'])) { $url .= "&" . get_url_string($row_column_rs[$i]['extra_http_vars']); } $url .= "&subject=" . urlencode(ifempty($item_title, get_opendb_lang_var('no_subject'))); $this->_write("<a href=\"{$url}\" title=\"" . htmlspecialchars(get_opendb_lang_var('user_profile')) . "\">{$user_name}</a>"); } else { $this->_write($user_name); } } $this->_write('</td>'); break; case 'interest': // opendb_logger(OPENDB_LOG_INFO, __FILE__, __FUNCTION__, "_xajax=" . $_xajax===NULL?"nulles":"nonnul"); $item_id = $row_column_rs[$i]['item_id']; $instance_no = $row_column_rs[$i]['instance_no']; $level = $row_column_rs[$i]['level']; if ($level > 0) { $this->addHelpEntry(get_opendb_lang_var('interest_help'), 'interest_1.gif', 'interest'); $new_level_value = 0; $level_display .= "<img" . " id=\"interest_level_{$item_id}" . "_{$instance_no}\"" . " src=\"" . theme_image_src('interest_1.gif') . "\"" . " alt=\"" . get_opendb_lang_var('interest_remove') . "\"" . " title=\"" . get_opendb_lang_var('interest_remove') . "\"" . " onclick=\"xajax_ajax_update_interest_level('{$item_id}', '{$instance_no}', document.getElementById('new_level_value_{$item_id}\\_{$instance_no}').value);\"" . " style=\"cursor:pointer;\"" . " >"; } else { $new_level_value = 1; $level_display .= "<img" . " id=\"interest_level_{$item_id}" . "_{$instance_no}\"" . " src=\"" . theme_image_src('interest_0.gif') . "\"" . " alt=\"" . get_opendb_lang_var('interest_mark') . "\"" . " title=\"" . get_opendb_lang_var('interest_mark') . "\"" . " onclick=\"xajax_ajax_update_interest_level('{$item_id}','{$instance_no}', document.getElementById('new_level_value_{$item_id}\\_{$instance_no}').value);\"" . " style=\"cursor:pointer;\"" . " >"; } $this->_write('<td class="interest ' . $columnClass . '">'); $this->_write("<input id=\"new_level_value_{$item_id}" . "_{$instance_no}\" type=\"hidden\" value=\"{$new_level_value}\" />"); $this->_write($level_display); $this->_write('</td>'); break; case 'item_type_image': $this->_write('<td class="item_type_image ' . $columnClass . '">'); $s_item_type = $row_column_rs[$i]['s_item_type']; if (!is_array($this->_item_type_rs[$s_item_type]) || strlen($this->_item_type_rs[$s_item_type]['image']) == 0) { $this->_item_type_rs[$s_item_type] = fetch_item_type_r($s_item_type); // expand to the actual location once only. if (strlen($this->_item_type_rs[$s_item_type]['image']) > 0) { $this->_item_type_rs[$s_item_type]['image'] = theme_image_src($this->_item_type_rs[$s_item_type]['image']); } else { $this->_item_type_rs[$s_item_type]['image'] = 'none'; } if (strlen($this->_item_type_rs[$s_item_type]['description']) > 0) { $this->_item_type_rs[$s_item_type]['description'] = htmlspecialchars($this->_item_type_rs[$s_item_type]['description']); } else { $this->_item_type_rs[$s_item_type]['description'] = NULL; } } if (strlen($this->_item_type_rs[$s_item_type]['image']) > 0 && $this->_item_type_rs[$s_item_type]['image'] != 'none') { $this->_write(theme_image($this->_item_type_rs[$s_item_type]['image'], $this->_item_type_rs[$s_item_type]['description'], 's_item_type')); } else { // otherwise write the item type itself in place of the image. $this->_write($s_item_type); } $this->_write('</td>'); break; case 'theme_image': $this->_write('<td class="' . $columnClass . '">'); $this->_write(theme_image($row_column_rs[$i]['src'], htmlspecialchars($row_column_rs[$i]['title']), $row_column_rs[$i]['type'])); $this->_write('</td>'); break; case 'title': $title_href_link = $row_column_rs[$i]['title_href_link']; $is_item_reviewed = $row_column_rs[$i]['is_item_reviewed']; $is_borrowed_or_returned = $row_column_rs[$i]['is_borrowed_or_returned']; $item_title = ''; if ($this->_include_href_links && is_user_granted_permission(PERM_VIEW_ITEM_DISPLAY)) { $item_title = '<a href="' . $title_href_link . '">' . $row_column_rs[$i]['item_title'] . '</a>'; } else { $item_title = $row_column_rs[$i]['item_title']; } if ($is_item_reviewed) { // show star if rated - Add it to the actual title, so we can do a bit more with title masks $this->addHelpEntry(get_opendb_lang_var('item_reviewed'), 'rs.gif', 'item_reviewed'); $item_title .= theme_image('rs.gif', get_opendb_lang_var('item_reviewed'), 'item_reviewed'); } if ($is_borrowed_or_returned) { $this->addHelpEntry(get_opendb_lang_var('youve_borrow_or_return'), 'tick.gif', 'borrow_or_return'); $item_title .= theme_image("tick.gif", get_opendb_lang_var('youve_borrow_or_return'), 'borrow_or_return'); // show tick if previously borrowed or returned. } $this->_write('<td class="title ' . $columnClass . '">'); $this->_write($item_title); $this->_write('</td>'); break; case 'coverimage': $item_cover_image = $row_column_rs[$i]['item_cover_image']; $title_href_link = $row_column_rs[$i]['title_href_link']; $this->_write('<td class="coverimage ' . $columnId . 'Column">'); $file_r = file_cache_get_image_r($item_cover_image, 'listing'); if (is_array($file_r)) { $cover_image_tag = '<img src="' . $file_r['thumbnail']['url'] . '"'; if (is_numeric($file_r['thumbnail']['width'])) { $cover_image_tag .= ' width="' . $file_r['thumbnail']['width'] . '"'; } if (is_numeric($file_r['thumbnail']['height'])) { $cover_image_tag .= ' height="' . $file_r['thumbnail']['height'] . '"'; } $cover_image_tag .= '>'; if ($this->_mode != 'printable' && $this->_include_href_links) { $cover_image_tag = '<a href="' . $title_href_link . '">' . $cover_image_tag . '</a>'; } $this->_write($cover_image_tag); } $this->_write('</td>'); break; case 'display': $this->_write('<td class="' . $columnClass . '">'); $this->_write(get_display_field($row_column_rs[$i]['attribute_type'], $row_column_rs[$i]['prompt'], $row_column_rs[$i]['display_type'], $row_column_rs[$i]['value'], FALSE)); $this->_write('</td>'); break; case 'attribute_display': $this->_write('<td class="' . $columnClass . '">'); $this->_write(get_item_display_field($row_column_rs[$i]['item_r'], $row_column_rs[$i]['attribute_type_r'], $row_column_rs[$i]['value'], FALSE)); $this->_write('</td>'); break; case 'checkbox': $this->_write('<td class="checkbox">'); $value = $row_column_rs[$i]['value']; $this->_write('<input type="checkbox" class="checkbox" name="' . $this->_header_column_rs[$i]['fieldname'] . '[]" value="' . $value . '">'); $this->_write('</td>'); break; default: $this->_write('<td class="' . $columnClass . '">'); $this->_write($row_column_rs[$i]['value']); $this->_write('</td>'); break; } } $this->_write("\n</tr>"); }
function handle_site_search(&$sitePlugin, $HTTP_VARS, &$errors, &$footer_links_r) { global $PHP_SELF; $HTTP_VARS['op'] = 'site'; $formContents = '<div id="site-search">'; if ($sitePlugin->_queryListing($HTTP_VARS) !== FALSE) { $searchQuery = $sitePlugin->getSearchQuery(); if (is_not_empty_array($searchQuery)) { $formContents .= "<h3>" . get_opendb_lang_var('site_search_results', array('site_title' => $sitePlugin->getTitle())) . "</h3>"; $formContents .= '<div class="search-query"><dl>'; for ($i = 0; $i < count($searchQuery); $i++) { if ($searchQuery[$i]['field_type'] != 'hidden') { $formContents .= '<dt>' . $searchQuery[$i]['prompt'] . "</dt>"; $formContents .= '<dd>' . htmlspecialchars($searchQuery[$i]['value']) . '</dd>'; } } $formContents .= '</dl></div>'; } if ($sitePlugin->getRowCount() > 0) { // exact title match. if ($sitePlugin->getRowCount() == 1 && $sitePlugin->isPreviousPage() === FALSE) { // the site plugin process will have already queried for the itemData // based on the single row returned. return "__EXACT_TITLE_MATCH__"; } else { $formContents .= "\n<table class=\"listing-table\">"; $class = 'oddRow'; for ($i = 0; $i < $sitePlugin->getRowCount(); $i++) { $formContents .= "\n<tr class=\"{$class}\">"; $row_data_r = $sitePlugin->getRowData($i); $file_r = file_cache_get_image_r($row_data_r['cover_image_url'], 'site-add'); if (is_not_empty_array($file_r)) { $imageblock = "<img src=\"" . $file_r['thumbnail']['url'] . "\" "; if (is_numeric($file_r['thumbnail']['width'])) { $imageblock .= ' width="' . $file_r['thumbnail']['width'] . '"'; } if (is_numeric($file_r['thumbnail']['height'])) { $imageblock .= ' height="' . $file_r['thumbnail']['height'] . '"'; } $imageblock .= ">"; } $formContents .= "\n<td class=\"image\">" . $imageblock . "</td>"; $formContents .= "\n<td class=\"title\">"; $formContents .= "\n<a href=\"" . "item_input.php?" . $row_data_r['opendb_link_url'] . "\">" . $row_data_r['title'] . "</a>"; if (strlen($row_data_r['comments']) > 0) { $formContents .= '<p class=\\"comments\\">' . nl2br($row_data_r['comments']) . '</p>'; } $formContents .= "\n</td>"; if (strlen($row_data_r['more_info_url']) > 0) { $formContents .= "\n<td class=\"moreInfo\"><a href=\"" . $row_data_r['more_info_url'] . "\" target=\"_new\">" . get_opendb_lang_var('more_info') . "</a></td>"; } $formContents .= "\n</tr>"; $class = $class == 'oddRow' ? 'evenRow' : 'oddRow'; } $formContents .= "\n</table>"; unset($HTTP_VARS['page_no']); if ($sitePlugin->isPreviousPage() || $sitePlugin->isNextPage()) { if ($sitePlugin->isPreviousPage() || $sitePlugin->isNextPage()) { $HTTP_VARS['op'] = 'site-search'; $page_nav_url = get_url_string($HTTP_VARS); $formContents .= "<ul class=\"listingPager\">"; if ($sitePlugin->isPreviousPage()) { $formContents .= "<li class=\"previousPage\"><a href=\"item_input.php?{$page_nav_url}&page_no=" . ($sitePlugin->getPageNo() - 1) . "\">" . get_opendb_lang_var('previous_page') . "</a></li>"; } else { $formContents .= "<li class=\"previousPage disabled\">" . get_opendb_lang_var('previous_page') . "</a></li>"; } if ($sitePlugin->isNextPage()) { $formContents .= "<li class=\"nextPage\"><a href=\"item_input.php?{$page_nav_url}&page_no=" . ($sitePlugin->getPageNo() + 1) . "\">" . get_opendb_lang_var('next_page') . "</a></li>"; } else { $formContents .= "<li class=\"nextPage disabled\">" . get_opendb_lang_var('next_page') . "</a></li>"; } $formContents .= "</ul>"; } } } } else { $formContents .= "<p class=\"error\">" . get_opendb_lang_var('no_matches_found') . "</p>"; } $http_url_vars = get_url_string($HTTP_VARS, NULL, array('op', 'site_type', 's_item_type')); // either site-add / site-refresh if (is_exists_item_instance($HTTP_VARS['item_id'], $HTTP_VARS['instance'])) { $footer_links_r[] = array(url => "item_input.php?op=site-refresh" . (strlen($http_url_vars) > 0 ? "&" . $http_url_vars : ""), text => get_opendb_lang_var('new_search')); } else { $footer_links_r[] = array(url => "item_input.php?op=site-add" . (strlen($http_url_vars) > 0 ? "&" . $http_url_vars : ""), text => get_opendb_lang_var('new_search')); } $formContents .= "</div>"; return $formContents; } else { $errors = $sitePlugin->getErrors(); if ($errors === FALSE) { $errors = get_opendb_lang_var('undefined_error'); } return FALSE; } }