function checkPerm($permission, $contentOwnerID) { $currUserID = wp_get_current_user(); $currUserID = $currUserID->ID; $privacySettings = get_usermeta($contentOwnerID, 'privacy_settings'); if ($privacySettings) { foreach ($privacySettings as $key => $perm) { if ($key == $permission) { $permission = $perm; } } } $friendList = new userFriends(); $friends = $friendList->get_friends($contentOwnerID); if ($permission['status'] == 'friends' && is_friend($contentOwnerID)) { return true; } if ($permission['status'] == 'all_members' && is_user_logged_in()) { return true; } if ($permission['status'] == 'public') { return true; } if ($currUserID == $contentOwnerID) { return true; } return false; // If someone hasn't set their privacy then we default to private }
public function get_all() { $this->db->order_by("date", "desc"); $query = $this->db->get('statusupdates'); $users = array(); foreach ($query->result() as $row) { $this->load->helper('misc_helper'); //check if it is a friend if (is_friend($row->userid) or $row->userid == get_user()->get_id()) { array_push($users, $this->prep_status($row)); } } return $users; }
public static function render_instance(BlockInstance $instance, $editing = false) { global $USER, $exporter; $userid = $instance->get_view()->get('owner'); if (!$userid) { // 'My Friends' doesn't make sense for group/site views return ''; } $limit = isset($exporter) ? false : MAXFRIENDDISPLAY; $friends = get_friends($userid, $limit, 0); if ($friends['count']) { self::build_myfriends_html($friends, $userid, $instance); } else { $friends = false; } $smarty = smarty_core(); $smarty->assign('friends', $friends); $smarty->assign('searchingforfriends', array('<a href="' . get_config('wwwroot') . 'user/find.php">', '</a>')); // If the user has no friends, try and display something useful, such // as a 'request friendship' button if (!$friends) { $loggedinid = $USER->get('id'); $is_friend = is_friend($userid, $loggedinid); if ($is_friend) { $relationship = 'existingfriend'; } else { if (record_exists('usr_friend_request', 'requester', $loggedinid, 'owner', $userid)) { $relationship = 'requestedfriendship'; } else { $relationship = 'none'; $friendscontrol = get_account_preference($userid, 'friendscontrol'); if ($friendscontrol == 'auto') { require_once 'pieforms/pieform.php'; $newfriendform = pieform(array('name' => 'myfriends_addfriend', 'successcallback' => 'addfriend_submit', 'autofocus' => false, 'renderer' => 'div', 'elements' => array('add' => array('type' => 'button', 'usebuttontag' => true, 'class' => 'btn-default', 'value' => '<span class="icon icon-user-plus icon-lg prs"></span>' . get_string('addtomyfriends', 'group')), 'id' => array('type' => 'hidden', 'value' => $userid)))); $smarty->assign('newfriendform', $newfriendform); } $smarty->assign('friendscontrol', $friendscontrol); } } $smarty->assign('relationship', $relationship); } $smarty->assign('loggedin', is_logged_in()); $smarty->assign('lookingatownpage', $USER->get('id') == $userid); $smarty->assign('USERID', $userid); return $smarty->fetch('blocktype:myfriends:myfriends.tpl'); }
function permitted($another_id) { return $another_id == current_user()['id'] || is_friend($another_id); }
?> "> <img src="<?php echo select_thumbnail_image($row->id, $row->hasimage); ?> " alt="" /> </a> <a href="<?php echo profile_route($row->id); ?> "><?php echo $row->firstname . ' ' . $row->lastname; ?> </a> <?php if (!is_friend($row->id)) { ?> - <a href="<?php echo friends_add_route($row->id); ?> ">add as friend</a> <?php } ?> </li> <?php } ?> </ul> <?php }
foreach (prefectures() as $pref) { ?> <option <?php h($profile['pref'] == $pref ? 'selected' : ''); ?> ><?php h($pref); ?> </option> <?php } ?> </select> </div> <div><input type="submit" value="更新" /></div> </form> </div> <?php } elseif (!is_friend($owner['id'])) { ?> <h2>あなたは友だちではありません</h2> <div id="profile-friend-form"> <form method="POST" action="/friends/<?php h($owner['account_name']); ?> "> <input type="submit" value="このユーザと友だちになる" /> </form> </div> <?php }
function addfriend_submit(Pieform $form, $values) { global $USER, $SESSION; $user = get_record('usr', 'id', $values['id']); $loggedinid = $USER->get('id'); if (is_friend($loggedinid, $user->id)) { $SESSION->add_info_msg(get_string('alreadyfriends', 'group', display_name($user))); delete_records('usr_friend_request', 'owner', $loggedinid, 'requester', $user->id); redirect(profile_url($user)); } // friend db record $f = new StdClass(); $f->ctime = db_format_timestamp(time()); // notification info $n = new StdClass(); $n->url = profile_url($USER, false); $n->users = array($user->id); $lang = get_user_language($user->id); $displayname = display_name($USER, $user); $n->urltext = $displayname; $f->usr1 = $values['id']; $f->usr2 = $loggedinid; db_begin(); delete_records('usr_friend_request', 'owner', $loggedinid, 'requester', $user->id); insert_record('usr_friend', $f); db_commit(); $n->subject = get_string_from_language($lang, 'addedtofriendslistsubject', 'group', $displayname); $n->message = get_string_from_language($lang, 'addedtofriendslistmessage', 'group', $displayname, $displayname); require_once 'activity.php'; activity_occurred('maharamessage', $n); handle_event('addfriend', array('user' => $f->usr2, 'friend' => $f->usr1)); $SESSION->add_ok_msg(get_string('friendformaddsuccess', 'group', display_name($user))); redirect(profile_url($user)); }
/** * * @package mahara * @subpackage core * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); define('MENUITEM', 'groups/findfriends'); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'pieforms/pieform.php'; $id = param_integer('id'); if (!is_friend($id, $USER->get('id')) || !($user = get_record('usr', 'id', $id, 'deleted', 0))) { throw new AccessDeniedException(get_string('cantremovefriend', 'group')); } $user->introduction = get_field('artefact', 'title', 'artefacttype', 'introduction', 'owner', $id); define('TITLE', get_string('removefromfriends', 'group', display_name($id))); $returnto = param_alpha('returnto', 'myfriends'); $offset = param_integer('offset', 0); switch ($returnto) { case 'find': $goto = 'user/find.php'; break; case 'view': $goto = profile_url($user, false); break; default: $goto = 'user/myfriends.php';
<div id="profile-left-item"> <div class="float-left"> <img src="<?php echo select_profile_image($user->id, $user->hasimage); ?> " alt="" width="180px"/> </div> <div class="float-left" style="margin-bottom: 14px;"> <h4> <?php echo $user->firstname . ' ' . $user->lastname; ?> </h4> <?php if (!is_friend($user->id)) { ?> <a href="<?php echo friends_add_route($user->id, TRUE); ?> ">add as friend</a> <?php } ?> </div> <div class="clear"></div> <div class="left-menu-line"></div> </div> <div id="profile-left-item"> <div class="float-left"> <h3>Friends</h3>
public static function render_instance(BlockInstance $instance, $editing = false) { global $USER; $userid = $instance->get_view()->get('owner'); if (!$userid) { // 'My Friends' doesn't make sense for group/site views return ''; } $smarty = smarty_core(); $records = get_records_sql_array('SELECT usr1, usr2 FROM {usr_friend} JOIN {usr} u1 ON (u1.id = usr1 AND u1.deleted = 0) JOIN {usr} u2 ON (u2.id = usr2 AND u2.deleted = 0) WHERE usr1 = ? OR usr2 = ? ORDER BY ' . db_random() . ' LIMIT ?', array($userid, $userid, MAXFRIENDDISPLAY)); // get the friends into a 4x4 array if ($records) { $friends = array(); for ($i = 0; $i < 4; $i++) { if (isset($records[4 * $i])) { $friends[$i] = array(); for ($j = 4 * $i; $j < ($i + 1) * 4; $j++) { if (isset($records[$j])) { if ($records[$j]->usr1 == $userid) { $friends[$i][] = $records[$j]->usr2; } else { $friends[$i][] = $records[$j]->usr1; } } } } } } else { $friends = false; } $smarty->assign('friends', $friends); // If the user has no friends, try and display something useful, such // as a 'request friendship' button $loggedinid = $USER->get('id'); $is_friend = is_friend($userid, $loggedinid); if ($is_friend) { $relationship = 'existingfriend'; } else { if (record_exists('usr_friend_request', 'requester', $loggedinid, 'owner', $userid)) { $relationship = 'requestedfriendship'; } else { $relationship = 'none'; $friendscontrol = get_account_preference($userid, 'friendscontrol'); if ($friendscontrol == 'auto') { $newfriendform = pieform(array('name' => 'myfriends_addfriend', 'successcallback' => 'addfriend_submit', 'autofocus' => false, 'renderer' => 'div', 'elements' => array('add' => array('type' => 'submit', 'value' => get_string('addtomyfriends', 'group')), 'id' => array('type' => 'hidden', 'value' => $userid)))); $smarty->assign('newfriendform', $newfriendform); } $smarty->assign('friendscontrol', $friendscontrol); } } $smarty->assign('relationship', $relationship); $smarty->assign_by_ref('USER', $USER); $smarty->assign('USERID', $userid); return $smarty->fetch('blocktype:myfriends:myfriends.tpl'); }
} if ($userid == 0) { redirect(); } // Get the user's details if (!isset($user)) { if (!($user = get_record('usr', 'id', $userid, 'deleted', 0))) { if ($USER->is_logged_in()) { throw new UserNotFoundException("User with id {$userid} not found"); } else { // For logged-out users we show "access denied" in order to prevent an enumeration attack throw new AccessDeniedException(get_string('youcannotviewthisusersprofile', 'error')); } } } $is_friend = is_friend($userid, $loggedinid); if ($loggedinid == $userid) { $view = $USER->get_profile_view(); } else { $userobj = new User(); $userobj->find_by_id($userid); $view = $userobj->get_profile_view(); } # access will either be logged in (always) or public as well if (!$view) { // No access, so restrict profile view throw new AccessDeniedException(get_string('youcannotviewthisusersprofile', 'error')); } $viewid = $view->get('id'); // Special behaviour: Logged in users who the page hasn't been shared with, see a special page // with the user's name, icon, and little else.
* along with this program. If not, see <http://www.gnu.org/licenses/>. * * @package mahara * @subpackage core * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL * @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz * */ define('INTERNAL', 1); define('MENUITEM', 'groups/findfriends'); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'pieforms/pieform.php'; $id = param_integer('id'); $returnto = param_alpha('returnto', 'myfriends'); if (is_friend($id, $USER->get('id')) || get_friend_request($id, $USER->get('id')) || get_account_preference($id, 'friendscontrol') != 'auth' || $id == $USER->get('id') || !($user = get_record('usr', 'id', $id, 'deleted', 0))) { throw new AccessDeniedException(get_string('cantrequestfriendship', 'group')); } $user->introduction = get_field('artefact', 'title', 'artefacttype', 'introduction', 'owner', $id); define('TITLE', get_string('sendfriendshiprequest', 'group', display_name($id))); $form = pieform(array('name' => 'requestfriendship', 'autofocus' => false, 'elements' => array('message' => array('type' => 'textarea', 'title' => get_string('message'), 'cols' => 50, 'rows' => 4), 'submit' => array('type' => 'submitcancel', 'value' => array(get_string('requestfriendship', 'group'), get_string('cancel')), 'goto' => get_config('wwwroot') . ($returnto == 'find' ? 'user/find.php' : ($returnto == 'view' ? 'user/view.php?id=' . $id : 'user/myfriends.php')))))); $smarty = smarty(); $smarty->assign('heading', TITLE); $smarty->assign('form', $form); $smarty->assign('user', $user); $smarty->display('user/requestfriendship.tpl'); function requestfriendship_submit(Pieform $form, $values) { global $USER, $SESSION, $id; $loggedinid = $USER->get('id'); $user = get_record('usr', 'id', $id);
if (isset($options['query']['0']) && in_array($options['query']['0'], $submodules_allowed)) { $submodule = $options['query']['0']; $template = 'user_favorite_' . $submodule; require 'modules/user/favorite_' . $submodule . '.php'; } else { session_write_close(); header('Location: ' . $config['BASE_URL'] . '/error/invalid_module'); die; } } else { $template = 'user_' . $module; require 'modules/user/' . $module . '.php'; } } else { $prefs = get_user_prefs($uid); $is_friend = is_friend($uid); $friends = get_user_friends($uid, $prefs['show_friends'], $is_friend); $playlist = get_user_playlist($uid, $prefs['show_playlist'], $is_friend); $favorites = get_user_favorites($uid, $prefs['show_favorites'], $is_friend); $subscriptions = get_user_subscriptions($uid, $prefs['show_subscriptions'], $is_friend); $subscribers = get_user_subscribers($uid, $prefs['show_subscribers'], $is_friend); $albums = get_user_albums($uid); $photos = get_user_favorite_photos($uid, $prefs['show_favorites'], $is_friend); $games = get_user_favorite_games($uid, $prefs['show_favorites'], $is_friend); $show_wall = false; $wall_public = $prefs['wall_public']; $walls = array(); $walls_total = 0; if ($wall_public == '1') { $show_wall = true; } else {
<a href="<?php echo profile_route($row->id); ?> "><img src="<?php echo select_thumbnail_image($row->id, $row->hasimage); ?> " /></a> <a href="<?php echo profile_route($row->id); ?> "><?php echo $row->firstname . ' ' . $row->lastname; ?> </a> <?php if (!is_friend(get_user()->get_id(), $row->id)) { ?> - <a href="<?php echo friends_add_route($row->id); ?> ">add as friend</a> <?php } ?> </li> <?php } ?> </ul> <?php }
/** * can a user send a message to another? * * @param int/object from the user to send the message * @param int/object to the user to receive the message * @return boolean whether userfrom is allowed to send messages to userto */ function can_send_message($from, $to) { if (empty($from)) { return false; // not logged in } if (!is_object($from)) { $from = get_record('usr', 'id', $from); } if (is_object($to)) { $to = $to->id; } $messagepref = get_account_preference($to, 'messages'); return is_friend($from->id, $to) && $messagepref == 'friends' || $messagepref == 'allow' || $from->admin; }
define('TITLE', get_string('sendfriendshiprequest', 'group', display_name($id))); $returnto = param_alpha('returnto', 'myfriends'); $offset = param_integer('offset', 0); switch ($returnto) { case 'find': $goto = 'user/find.php'; break; case 'view': $goto = profile_url($user, false); break; default: $goto = 'user/myfriends.php'; } $goto .= strpos($goto, '?') ? '&offset=' . $offset : '?offset=' . $offset; $goto = get_config('wwwroot') . $goto; if (is_friend($id, $USER->get('id'))) { $SESSION->add_ok_msg(get_string('alreadyfriends', 'group', display_name($id))); redirect($goto); } else { if (get_friend_request($id, $USER->get('id'))) { $SESSION->add_info_msg(get_string('friendshipalreadyrequestedowner', 'group', display_name($id))); redirect(get_config('wwwroot') . 'user/myfriends.php?filter=pending'); } } $form = pieform(array('name' => 'requestfriendship', 'autofocus' => false, 'elements' => array('message' => array('type' => 'textarea', 'title' => get_string('messageoptional'), 'labelescaped' => true, 'cols' => 50, 'rows' => 4, 'rules' => array('required' => true, 'maxlength' => 255)), 'submit' => array('class' => 'btn-default', 'type' => 'submitcancel', 'value' => array(get_string('requestfriendship', 'group'), get_string('cancel')), 'goto' => $goto)))); $smarty = smarty(); $smarty->assign('PAGEHEADING', TITLE); $smarty->assign('form', $form); $smarty->assign('user', $user); $smarty->display('user/requestfriendship.tpl'); function requestfriendship_submit(Pieform $form, $values)
<?php /** * * @package mahara * @subpackage core * @author Catalyst IT Ltd * @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later * @copyright For copyright information on Mahara, please see the README file distributed with this software. * */ define('INTERNAL', 1); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'searchlib.php'; require_once 'group.php'; global $USER; $query = param_variable('query', ''); $offset = param_integer('offset', 0); $limit = 10; $options = array('exclude' => $USER->get('id')); $data = search_user($query, $limit, $offset, $options); $user_data = []; foreach ($data["data"] as $user_info) { $user_info["is_friend"] = is_friend($user_info["id"], $USER->get('id')); $user_data[] = $user_info; } $smarty = smarty(); $smarty->assign('user_data', $user_data); $smarty->display('user/searchfriend.tpl');
define('INTERNAL', 1); define('MENUITEM', 'groups'); require dirname(dirname(__FILE__)) . '/init.php'; require_once 'pieforms/pieform.php'; require_once 'group.php'; $groupid = param_integer('id'); $userid = param_integer('user'); define('GROUP', $groupid); $group = group_current_group(); $user = get_record('usr', 'id', $userid, 'deleted', 0); if (!$user) { throw new UserNotFoundException(get_string('usernotfound', 'group', $userid)); } $role = group_user_access($groupid); if ($role != 'admin' && !group_user_can_assess_submitted_views($group->id, $USER->get('id'))) { if (!$group->invitefriends || !is_friend($user->id, $USER->get('id'))) { throw new AccessDeniedException(get_string('cannotinvitetogroup', 'group')); } } if (record_exists('group_member', 'group', $groupid, 'member', $userid) || record_exists('group_member_invite', 'group', $groupid, 'member', $userid)) { throw new UserException(get_string('useralreadyinvitedtogroup', 'group')); } define('TITLE', get_string('invitemembertogroup', 'group', display_name($userid), $group->name)); $roles = group_get_role_info($groupid); foreach ($roles as $k => &$v) { $v = $v->display; } safe_require('grouptype', $group->grouptype); $form = pieform(array('name' => 'invitetogroup', 'autofocus' => false, 'method' => 'post', 'elements' => array('reason' => array('type' => 'textarea', 'cols' => 50, 'rows' => 4, 'title' => get_string('reason')), 'role' => array('type' => 'select', 'options' => $roles, 'title' => get_string('Role', 'group'), 'defaultvalue' => call_static_method('GroupType' . $group->grouptype, 'default_role'), 'ignore' => $role != 'admin'), 'submit' => array('type' => 'submitcancel', 'value' => array(get_string('invite', 'group'), get_string('cancel')), 'goto' => profile_url($user))))); $smarty = smarty(); $smarty->assign('subheading', TITLE);
function getCommentsOfFriends() { $comments_of_friends = array(); $stmt = db_execute('SELECT * FROM comments ORDER BY created_at DESC LIMIT 1000'); while ($comment = $stmt->fetch()) { if (!is_friend($comment['user_id'])) { continue; } $entry = getEntry($comment['entry_id']); $entry['is_private'] = $entry['private'] == 1; if ($entry['is_private'] && !permitted($entry['user_id'])) { continue; } $comments_of_friends[] = $comment; if (sizeof($comments_of_friends) >= 10) { break; } } return $comments_of_friends; }