function group_display($requestID) { global $db, $main_smarty, $the_template; if (!is_numeric($requestID)) { die; } $group = $db->get_row("SELECT * FROM " . table_groups . " WHERE group_id = {$requestID}"); if ($group) { $group_id = $group->group_id; $group_name = $group->group_name; $group_safename = $group->group_safename; $group_description = $group->group_description; $group_creator = $group->group_creator; $group_status = $group->group_status; $group_members = $group->group_members; $group_date = $group->group_date; $group_privacy = $group->group_privacy; $group_avatar = $group->group_avatar; $group_vote_to_publish = $group->group_vote_to_publish; $group_notify_email = $group->group_notify_email; $date = $db->get_var(" SELECT DATE_FORMAT(group_date, '%b, %e %Y') from " . table_groups . " WHERE group_id = {$group->group_id}"); //echo $date; $group_date = $date; //$group_date = date('M j, Y', $group->group_date); //smarty variables $main_smarty->assign('pretitle', "{$group_name} - {$group_description}"); $main_smarty->assign('group_id', $group_id); $main_smarty->assign('group_name', $group_name); $main_smarty->assign('group_safename', $group_safename); $main_smarty->assign('group_description', $group_description); $main_smarty->assign('group_creator', $group_creator); $main_smarty->assign('group_status', $group_status); $main_smarty->assign('group_members', $group_members); $main_smarty->assign('group_privacy', $group_privacy); $main_smarty->assign('group_avatar', $group_avatar); $main_smarty->assign('group_date', $group_date); $main_smarty->assign('group_notify_email', $group_notify_email); $main_smarty->assign('group_vote_to_publish', $group_vote_to_publish); //get group avatar path if ($group_avatar == "uploaded" && file_exists(mnmpath . "avatars/groups_uploaded/" . $group_id . "_" . group_avatar_size_width . ".jpg")) { $imgsrc = my_base_url . my_pligg_base . "/avatars/groups_uploaded/" . $group_id . "_" . group_avatar_size_width . ".jpg"; } else { $imgsrc = my_base_url . my_pligg_base . "/templates/" . $the_template . "/img/group_large.gif"; } $main_smarty->assign('imgsrc', $imgsrc); //get group creator and his urls $g_name = get_group_username($group_creator); $main_smarty->assign('group_submitter', $g_name); $main_smarty->assign('submitter_profile_url', getmyurl('user', $g_name)); $main_smarty->assign('group_avatar_url', getmyurl('group_avatar', $group_id)); //check group admin global $current_user; $canIhaveAccess = $canIhaveAccess + checklevel('admin'); $canIhaveAccess = $canIhaveAccess + checklevel('moderator'); if ($current_user->user_id == $group_creator || $canIhaveAccess == 1) { $main_smarty->assign('is_group_admin', 1); } //check member //include_once(mnminclude.'group.php'); $main_smarty->assign('is_group_member', isMember($group_id)); //check isMemberActive $main_smarty->assign('is_member_active', isMemberActive($group_id)); // Joining and unjoining member links // Set the url to an empty string if the user has already joined the maximum // allowable number of groups if (reached_max_joinable_groups($db, $current_user)) { $join_url = ''; } else { $join_url = getmyurl('join_group', $group_id, $group_privacy); } $main_smarty->assign('join_group_url', $join_url); $main_smarty->assign('join_group_privacy_url', $join_url); $main_smarty->assign('unjoin_group_url', getmyurl("unjoin_group", $group_id, $group_privacy)); $main_smarty->assign('join_group_withdraw', getmyurl("join_group_withdraw", $group_id, $current_user->user_id)); //check logged or not $main_smarty->assign('user_logged_in', $current_user->user_login); //sidebar $main_smarty = do_sidebar($main_smarty); //$main_smarty->assign('form_action', $_SERVER["PHP_SELF"]); $group_story_url = getmyurl("group_story_title", $group_safename); $main_smarty->assign('group_story_url', $group_story_url); $main_smarty->assign('form_action', $group_story_url); $main_smarty->assign('edit_form_action', getmyurl("editgroup", $group_id)); $group_array = array($group_name, $group_description, $group_privacy); return $group_array; } }
include mnminclude . 'user.php'; include mnminclude . 'smartyvariables.php'; check_referrer(); if (isset($_GET['link_id']) && isset($_GET['group_id'])) { $group_id = $_GET['group_id']; $link_id = $_GET['link_id']; if (!is_numeric($group_id)) { die; } if (!is_numeric($link_id)) { die; } $role = $db->get_var("SELECT member_role FROM " . table_group_member . " WHERE member_group_id = {$group_id} AND member_user_id = '" . $current_user->user_id . "'"); if ($role == 'banned') { die; } $privacy = $db->get_var("SELECT group_privacy FROM " . table_groups . " WHERE group_id = '{$group_id}';"); if ($privacy != 'private' || isMemberActive($group_id) == 'active') { global $db, $current_user; $current_userid = $current_user->user_id; $sql = "INSERT IGNORE INTO " . table_group_shared . " ( `share_link_id` , `share_group_id`, `share_user_id` ) VALUES ('" . $link_id . "', '" . $group_id . "','" . $current_userid . "' ) "; //echo $sql; $results = $db->query($sql); $redirect = ''; $redirect = getmyurl("group_story", $group_id); header("Location: {$redirect}"); } else { $redirect = getmyurl("groups"); header("Location: {$redirect}"); } }
if ($_REQUEST['title']) { $requestTitle = $db->escape(strip_tags($_REQUEST['title'])); //$requestTitle = sanitize($_GET['title'], 3); $requestID = $db->get_var("SELECT group_id FROM " . table_groups . " WHERE group_safename = '" . $requestTitle . "';"); } // breadcrumbs and page titles $navwhere['text1'] = $main_smarty->get_config_vars('PLIGG_Visual_Breadcrumb_Submit'); $navwhere['link1'] = getmyurl('submit', ''); $main_smarty->assign('posttitle', $requestTitle); $main_smarty = do_sidebar($main_smarty); // pagename define('pagename', 'group_story'); $main_smarty->assign('pagename', pagename); $privacy = $db->get_var("SELECT group_privacy FROM " . table_groups . " WHERE group_id = '{$requestID}';"); if ($requestID > 0) { if ($privacy != 'private' || isMemberActive($requestID) == 'active') { group_shared($requestID); group_stories($requestID); //displaying member of a group member_display($requestID); } else { $main_smarty->assign('group_shared_display', $main_smarty->get_config_vars('PLIGG_Visual_Group_Is_Private')); $main_smarty->assign('group_upcoming_display', $main_smarty->get_config_vars('PLIGG_Visual_Group_Is_Private')); $main_smarty->assign('group_published_display', $main_smarty->get_config_vars('PLIGG_Visual_Group_Is_Private')); $main_smarty->assign('member_display', $main_smarty->get_config_vars('PLIGG_Visual_Group_Is_Private')); } } else { $redirect = ''; $redirect = getmyurl("groups"); header("Location: {$redirect}"); die;
function group_display($requestID) { global $db, $main_smarty, $the_template; if (!is_numeric($requestID)) { die; } $group = $db->get_row("SELECT group_id,group_creator, group_status, group_members, group_date, group_name,group_safename, group_description, group_privacy, group_avatar FROM " . table_groups . " WHERE group_id = {$requestID}"); if ($group) { $group_id = $group->group_id; $group_name = $group->group_name; $group_safename = $group->group_safename; $group_description = $group->group_description; $group_creator = $group->group_creator; $group_status = $group->group_status; $group_members = $group->group_members; $group_date = $group->group_date; $group_privacy = $group->group_privacy; $group_avatar = $group->group_avatar; $date = $db->get_var(" SELECT DATE_FORMAT(group_date, '%b, %e %Y') from " . table_groups . " WHERE group_id = {$group->group_id}"); //echo $date; $group_date = $date; //$group_date = date('M j, Y', $group->group_date); //smarty variables $main_smarty->assign('group_id', $group_id); $main_smarty->assign('group_name', $group_name); $main_smarty->assign('group_safename', $group_safename); $main_smarty->assign('group_description', $group_description); $main_smarty->assign('group_creator', $group_creator); $main_smarty->assign('group_status', $group_status); $main_smarty->assign('group_members', $group_members); $main_smarty->assign('group_privacy', $group_privacy); $main_smarty->assign('group_avatar', $group_avatar); $main_smarty->assign('group_date', $group_date); //get group avatar path if ($group_avatar == "uploaded") { $imgsrc = my_base_url . my_pligg_base . "/avatars/groups_uploaded/" . $group_id . "_" . group_avatar_size_width . ".jpg"; } else { $imgsrc = my_base_url . my_pligg_base . "/templates/" . $the_template . "/images/group_large.gif"; } $main_smarty->assign('imgsrc', $imgsrc); //get group creator and his urls $g_name = get_group_username($group_creator); $main_smarty->assign('group_submitter', $g_name); $main_smarty->assign('submitter_profile_url', getmyurl('user', $g_name)); $main_smarty->assign('group_avatar_url', getmyurl('group_avatar', $group_id)); //check group admin global $current_user; $canIhaveAccess = $canIhaveAccess + checklevel('god'); if ($current_user->user_id == $group_creator || $canIhaveAccess == 1) { $main_smarty->assign('is_group_admin', 1); } //check member //include_once(mnminclude.'group.php'); $main_smarty->assign('is_group_member', isMember($group_id)); //check isMemberActive $main_smarty->assign('is_member_active', isMemberActive($group_id)); //joinig unjoining member link $main_smarty->assign('join_group_url', getmyurl("join_group", $group_id, $group_privacy)); $main_smarty->assign('join_group_privacy_url', getmyurl("join_group", $group_id, $group_privacy)); $main_smarty->assign('unjoin_group_url', getmyurl("unjoin_group", $group_id, $group_privacy)); $main_smarty->assign('join_group_withdraw', getmyurl("join_group_withdraw", $group_id, $current_user->user_id)); //check logged or not $main_smarty->assign('user_logged_in', $current_user->user_login); //sidebar $main_smarty = do_sidebar($main_smarty); //$main_smarty->assign('form_action', $_SERVER["PHP_SELF"]); $group_story_url = getmyurl("group_story_title", $group_safename); $main_smarty->assign('form_action', $group_story_url); $main_smarty->assign('edit_form_action', getmyurl("editgroup", $group_id)); $group_array = array($group_name, $group_description, $group_privacy); return $group_array; } }
$text = sanitize($_POST['status'], 3); } else { $text = mysql_real_escape_string(close_tags($_POST['status'])); } // Post to a group if (enable_group && ($groupname = strstr($text, '!'))) { $groupname = substr($groupname, 1); // Check if user is allowed to post to the group $groups = $db->get_results("SELECT * FROM " . table_groups . " WHERE group_status='Enable' ORDER BY group_name DESC"); foreach ($groups as $group) { if (strpos($groupname, $group->group_name) === 0) { $group_id = $group->group_id; break; } } if ($group_id && isMemberActive($group_id) != 'active') { $_SESSION['status_error'] = '<div class="error_message">You are not a member of the group "' . $group->group_name . '"</div>'; } } // Post to all users if (preg_match('/\\*(\\w+)/', $text, $m)) { $level = strtolower($m[1]); if ($isgod) { // God can message all existing levels $levels = $db->get_results("SELECT DISTINCT user_level FROM " . table_users); foreach ($levels as $l) { if ($l->user_level == $level) { break; } } if ($l->user_level != $level && $level != 'all') {