function checkPerm($permission, $contentOwnerID)
{
$currUserID = wp_get_current_user();
$currUserID = $currUserID->ID;
$privacySettings = get_usermeta($contentOwnerID, 'privacy_settings');
if ($privacySettings) {
foreach ($privacySettings as $key => $perm) {
if ($key == $permission) {
$permission = $perm;
}
}
}
$friendList = new userFriends();
$friends = $friendList->get_friends($contentOwnerID);
if ($permission['status'] == 'friends' && is_friend($contentOwnerID)) {
return true;
}
if ($permission['status'] == 'all_members' && is_user_logged_in()) {
return true;
}
if ($permission['status'] == 'public') {
return true;
}
if ($currUserID == $contentOwnerID) {
return true;
}
return false;
// If someone hasn't set their privacy then we default to private
}
public function get_all()
{
$this->db->order_by("date", "desc");
$query = $this->db->get('statusupdates');
$users = array();
foreach ($query->result() as $row) {
$this->load->helper('misc_helper');
//check if it is a friend
if (is_friend($row->userid) or $row->userid == get_user()->get_id()) {
array_push($users, $this->prep_status($row));
}
}
return $users;
}
public static function render_instance(BlockInstance $instance, $editing = false)
{
global $USER, $exporter;
$userid = $instance->get_view()->get('owner');
if (!$userid) {
// 'My Friends' doesn't make sense for group/site views
return '';
}
$limit = isset($exporter) ? false : MAXFRIENDDISPLAY;
$friends = get_friends($userid, $limit, 0);
if ($friends['count']) {
self::build_myfriends_html($friends, $userid, $instance);
} else {
$friends = false;
}
$smarty = smarty_core();
$smarty->assign('friends', $friends);
$smarty->assign('searchingforfriends', array('<a href="' . get_config('wwwroot') . 'user/find.php">', '</a>'));
// If the user has no friends, try and display something useful, such
// as a 'request friendship' button
if (!$friends) {
$loggedinid = $USER->get('id');
$is_friend = is_friend($userid, $loggedinid);
if ($is_friend) {
$relationship = 'existingfriend';
} else {
if (record_exists('usr_friend_request', 'requester', $loggedinid, 'owner', $userid)) {
$relationship = 'requestedfriendship';
} else {
$relationship = 'none';
$friendscontrol = get_account_preference($userid, 'friendscontrol');
if ($friendscontrol == 'auto') {
require_once 'pieforms/pieform.php';
$newfriendform = pieform(array('name' => 'myfriends_addfriend', 'successcallback' => 'addfriend_submit', 'autofocus' => false, 'renderer' => 'div', 'elements' => array('add' => array('type' => 'button', 'usebuttontag' => true, 'class' => 'btn-default', 'value' => '<span class="icon icon-user-plus icon-lg prs"></span>' . get_string('addtomyfriends', 'group')), 'id' => array('type' => 'hidden', 'value' => $userid))));
$smarty->assign('newfriendform', $newfriendform);
}
$smarty->assign('friendscontrol', $friendscontrol);
}
}
$smarty->assign('relationship', $relationship);
}
$smarty->assign('loggedin', is_logged_in());
$smarty->assign('lookingatownpage', $USER->get('id') == $userid);
$smarty->assign('USERID', $userid);
return $smarty->fetch('blocktype:myfriends:myfriends.tpl');
}
function permitted($another_id)
{
return $another_id == current_user()['id'] || is_friend($another_id);
}
?>
">
<img src="<?php
echo select_thumbnail_image($row->id, $row->hasimage);
?>
" alt="" />
</a>
<a href="<?php
echo profile_route($row->id);
?>
"><?php
echo $row->firstname . ' ' . $row->lastname;
?>
</a>
<?php
if (!is_friend($row->id)) {
?>
- <a href="<?php
echo friends_add_route($row->id);
?>
">add as friend</a>
<?php
}
?>
</li>
<?php
}
?>
</ul>
<?php
}
foreach (prefectures() as $pref) {
?>
<option <?php
h($profile['pref'] == $pref ? 'selected' : '');
?>
><?php
h($pref);
?>
</option>
<?php
}
?>
</select>
</div>
<div><input type="submit" value="更新" /></div>
</form>
</div>
<?php
} elseif (!is_friend($owner['id'])) {
?>
<h2>あなたは友だちではありません</h2>
<div id="profile-friend-form">
<form method="POST" action="/friends/<?php
h($owner['account_name']);
?>
">
<input type="submit" value="このユーザと友だちになる" />
</form>
</div>
<?php
}
function addfriend_submit(Pieform $form, $values)
{
global $USER, $SESSION;
$user = get_record('usr', 'id', $values['id']);
$loggedinid = $USER->get('id');
if (is_friend($loggedinid, $user->id)) {
$SESSION->add_info_msg(get_string('alreadyfriends', 'group', display_name($user)));
delete_records('usr_friend_request', 'owner', $loggedinid, 'requester', $user->id);
redirect(profile_url($user));
}
// friend db record
$f = new StdClass();
$f->ctime = db_format_timestamp(time());
// notification info
$n = new StdClass();
$n->url = profile_url($USER, false);
$n->users = array($user->id);
$lang = get_user_language($user->id);
$displayname = display_name($USER, $user);
$n->urltext = $displayname;
$f->usr1 = $values['id'];
$f->usr2 = $loggedinid;
db_begin();
delete_records('usr_friend_request', 'owner', $loggedinid, 'requester', $user->id);
insert_record('usr_friend', $f);
db_commit();
$n->subject = get_string_from_language($lang, 'addedtofriendslistsubject', 'group', $displayname);
$n->message = get_string_from_language($lang, 'addedtofriendslistmessage', 'group', $displayname, $displayname);
require_once 'activity.php';
activity_occurred('maharamessage', $n);
handle_event('addfriend', array('user' => $f->usr2, 'friend' => $f->usr1));
$SESSION->add_ok_msg(get_string('friendformaddsuccess', 'group', display_name($user)));
redirect(profile_url($user));
}
/**
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
define('MENUITEM', 'groups/findfriends');
require dirname(dirname(__FILE__)) . '/init.php';
require_once 'pieforms/pieform.php';
$id = param_integer('id');
if (!is_friend($id, $USER->get('id')) || !($user = get_record('usr', 'id', $id, 'deleted', 0))) {
throw new AccessDeniedException(get_string('cantremovefriend', 'group'));
}
$user->introduction = get_field('artefact', 'title', 'artefacttype', 'introduction', 'owner', $id);
define('TITLE', get_string('removefromfriends', 'group', display_name($id)));
$returnto = param_alpha('returnto', 'myfriends');
$offset = param_integer('offset', 0);
switch ($returnto) {
case 'find':
$goto = 'user/find.php';
break;
case 'view':
$goto = profile_url($user, false);
break;
default:
$goto = 'user/myfriends.php';
<div id="profile-left-item">
<div class="float-left">
<img src="<?php
echo select_profile_image($user->id, $user->hasimage);
?>
" alt="" width="180px"/>
</div>
<div class="float-left" style="margin-bottom: 14px;">
<h4>
<?php
echo $user->firstname . ' ' . $user->lastname;
?>
</h4>
<?php
if (!is_friend($user->id)) {
?>
<a href="<?php
echo friends_add_route($user->id, TRUE);
?>
">add as friend</a>
<?php
}
?>
</div>
<div class="clear"></div>
<div class="left-menu-line"></div>
</div>
<div id="profile-left-item">
<div class="float-left">
<h3>Friends</h3>
public static function render_instance(BlockInstance $instance, $editing = false)
{
global $USER;
$userid = $instance->get_view()->get('owner');
if (!$userid) {
// 'My Friends' doesn't make sense for group/site views
return '';
}
$smarty = smarty_core();
$records = get_records_sql_array('SELECT usr1, usr2 FROM {usr_friend}
JOIN {usr} u1 ON (u1.id = usr1 AND u1.deleted = 0)
JOIN {usr} u2 ON (u2.id = usr2 AND u2.deleted = 0)
WHERE usr1 = ? OR usr2 = ?
ORDER BY ' . db_random() . '
LIMIT ?', array($userid, $userid, MAXFRIENDDISPLAY));
// get the friends into a 4x4 array
if ($records) {
$friends = array();
for ($i = 0; $i < 4; $i++) {
if (isset($records[4 * $i])) {
$friends[$i] = array();
for ($j = 4 * $i; $j < ($i + 1) * 4; $j++) {
if (isset($records[$j])) {
if ($records[$j]->usr1 == $userid) {
$friends[$i][] = $records[$j]->usr2;
} else {
$friends[$i][] = $records[$j]->usr1;
}
}
}
}
}
} else {
$friends = false;
}
$smarty->assign('friends', $friends);
// If the user has no friends, try and display something useful, such
// as a 'request friendship' button
$loggedinid = $USER->get('id');
$is_friend = is_friend($userid, $loggedinid);
if ($is_friend) {
$relationship = 'existingfriend';
} else {
if (record_exists('usr_friend_request', 'requester', $loggedinid, 'owner', $userid)) {
$relationship = 'requestedfriendship';
} else {
$relationship = 'none';
$friendscontrol = get_account_preference($userid, 'friendscontrol');
if ($friendscontrol == 'auto') {
$newfriendform = pieform(array('name' => 'myfriends_addfriend', 'successcallback' => 'addfriend_submit', 'autofocus' => false, 'renderer' => 'div', 'elements' => array('add' => array('type' => 'submit', 'value' => get_string('addtomyfriends', 'group')), 'id' => array('type' => 'hidden', 'value' => $userid))));
$smarty->assign('newfriendform', $newfriendform);
}
$smarty->assign('friendscontrol', $friendscontrol);
}
}
$smarty->assign('relationship', $relationship);
$smarty->assign_by_ref('USER', $USER);
$smarty->assign('USERID', $userid);
return $smarty->fetch('blocktype:myfriends:myfriends.tpl');
}
}
if ($userid == 0) {
redirect();
}
// Get the user's details
if (!isset($user)) {
if (!($user = get_record('usr', 'id', $userid, 'deleted', 0))) {
if ($USER->is_logged_in()) {
throw new UserNotFoundException("User with id {$userid} not found");
} else {
// For logged-out users we show "access denied" in order to prevent an enumeration attack
throw new AccessDeniedException(get_string('youcannotviewthisusersprofile', 'error'));
}
}
}
$is_friend = is_friend($userid, $loggedinid);
if ($loggedinid == $userid) {
$view = $USER->get_profile_view();
} else {
$userobj = new User();
$userobj->find_by_id($userid);
$view = $userobj->get_profile_view();
}
# access will either be logged in (always) or public as well
if (!$view) {
// No access, so restrict profile view
throw new AccessDeniedException(get_string('youcannotviewthisusersprofile', 'error'));
}
$viewid = $view->get('id');
// Special behaviour: Logged in users who the page hasn't been shared with, see a special page
// with the user's name, icon, and little else.
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL
* @copyright (C) 2006-2008 Catalyst IT Ltd http://catalyst.net.nz
*
*/
define('INTERNAL', 1);
define('MENUITEM', 'groups/findfriends');
require dirname(dirname(__FILE__)) . '/init.php';
require_once 'pieforms/pieform.php';
$id = param_integer('id');
$returnto = param_alpha('returnto', 'myfriends');
if (is_friend($id, $USER->get('id')) || get_friend_request($id, $USER->get('id')) || get_account_preference($id, 'friendscontrol') != 'auth' || $id == $USER->get('id') || !($user = get_record('usr', 'id', $id, 'deleted', 0))) {
throw new AccessDeniedException(get_string('cantrequestfriendship', 'group'));
}
$user->introduction = get_field('artefact', 'title', 'artefacttype', 'introduction', 'owner', $id);
define('TITLE', get_string('sendfriendshiprequest', 'group', display_name($id)));
$form = pieform(array('name' => 'requestfriendship', 'autofocus' => false, 'elements' => array('message' => array('type' => 'textarea', 'title' => get_string('message'), 'cols' => 50, 'rows' => 4), 'submit' => array('type' => 'submitcancel', 'value' => array(get_string('requestfriendship', 'group'), get_string('cancel')), 'goto' => get_config('wwwroot') . ($returnto == 'find' ? 'user/find.php' : ($returnto == 'view' ? 'user/view.php?id=' . $id : 'user/myfriends.php'))))));
$smarty = smarty();
$smarty->assign('heading', TITLE);
$smarty->assign('form', $form);
$smarty->assign('user', $user);
$smarty->display('user/requestfriendship.tpl');
function requestfriendship_submit(Pieform $form, $values)
{
global $USER, $SESSION, $id;
$loggedinid = $USER->get('id');
$user = get_record('usr', 'id', $id);
if (isset($options['query']['0']) && in_array($options['query']['0'], $submodules_allowed)) {
$submodule = $options['query']['0'];
$template = 'user_favorite_' . $submodule;
require 'modules/user/favorite_' . $submodule . '.php';
} else {
session_write_close();
header('Location: ' . $config['BASE_URL'] . '/error/invalid_module');
die;
}
} else {
$template = 'user_' . $module;
require 'modules/user/' . $module . '.php';
}
} else {
$prefs = get_user_prefs($uid);
$is_friend = is_friend($uid);
$friends = get_user_friends($uid, $prefs['show_friends'], $is_friend);
$playlist = get_user_playlist($uid, $prefs['show_playlist'], $is_friend);
$favorites = get_user_favorites($uid, $prefs['show_favorites'], $is_friend);
$subscriptions = get_user_subscriptions($uid, $prefs['show_subscriptions'], $is_friend);
$subscribers = get_user_subscribers($uid, $prefs['show_subscribers'], $is_friend);
$albums = get_user_albums($uid);
$photos = get_user_favorite_photos($uid, $prefs['show_favorites'], $is_friend);
$games = get_user_favorite_games($uid, $prefs['show_favorites'], $is_friend);
$show_wall = false;
$wall_public = $prefs['wall_public'];
$walls = array();
$walls_total = 0;
if ($wall_public == '1') {
$show_wall = true;
} else {
<a href="<?php
echo profile_route($row->id);
?>
"><img src="<?php
echo select_thumbnail_image($row->id, $row->hasimage);
?>
" /></a>
<a href="<?php
echo profile_route($row->id);
?>
"><?php
echo $row->firstname . ' ' . $row->lastname;
?>
</a>
<?php
if (!is_friend(get_user()->get_id(), $row->id)) {
?>
- <a href="<?php
echo friends_add_route($row->id);
?>
">add as friend</a>
<?php
}
?>
</li>
<?php
}
?>
</ul>
<?php
}
/**
* can a user send a message to another?
*
* @param int/object from the user to send the message
* @param int/object to the user to receive the message
* @return boolean whether userfrom is allowed to send messages to userto
*/
function can_send_message($from, $to)
{
if (empty($from)) {
return false;
// not logged in
}
if (!is_object($from)) {
$from = get_record('usr', 'id', $from);
}
if (is_object($to)) {
$to = $to->id;
}
$messagepref = get_account_preference($to, 'messages');
return is_friend($from->id, $to) && $messagepref == 'friends' || $messagepref == 'allow' || $from->admin;
}
define('TITLE', get_string('sendfriendshiprequest', 'group', display_name($id)));
$returnto = param_alpha('returnto', 'myfriends');
$offset = param_integer('offset', 0);
switch ($returnto) {
case 'find':
$goto = 'user/find.php';
break;
case 'view':
$goto = profile_url($user, false);
break;
default:
$goto = 'user/myfriends.php';
}
$goto .= strpos($goto, '?') ? '&offset=' . $offset : '?offset=' . $offset;
$goto = get_config('wwwroot') . $goto;
if (is_friend($id, $USER->get('id'))) {
$SESSION->add_ok_msg(get_string('alreadyfriends', 'group', display_name($id)));
redirect($goto);
} else {
if (get_friend_request($id, $USER->get('id'))) {
$SESSION->add_info_msg(get_string('friendshipalreadyrequestedowner', 'group', display_name($id)));
redirect(get_config('wwwroot') . 'user/myfriends.php?filter=pending');
}
}
$form = pieform(array('name' => 'requestfriendship', 'autofocus' => false, 'elements' => array('message' => array('type' => 'textarea', 'title' => get_string('messageoptional'), 'labelescaped' => true, 'cols' => 50, 'rows' => 4, 'rules' => array('required' => true, 'maxlength' => 255)), 'submit' => array('class' => 'btn-default', 'type' => 'submitcancel', 'value' => array(get_string('requestfriendship', 'group'), get_string('cancel')), 'goto' => $goto))));
$smarty = smarty();
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('form', $form);
$smarty->assign('user', $user);
$smarty->display('user/requestfriendship.tpl');
function requestfriendship_submit(Pieform $form, $values)
<?php
/**
*
* @package mahara
* @subpackage core
* @author Catalyst IT Ltd
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
* @copyright For copyright information on Mahara, please see the README file distributed with this software.
*
*/
define('INTERNAL', 1);
require dirname(dirname(__FILE__)) . '/init.php';
require_once 'searchlib.php';
require_once 'group.php';
global $USER;
$query = param_variable('query', '');
$offset = param_integer('offset', 0);
$limit = 10;
$options = array('exclude' => $USER->get('id'));
$data = search_user($query, $limit, $offset, $options);
$user_data = [];
foreach ($data["data"] as $user_info) {
$user_info["is_friend"] = is_friend($user_info["id"], $USER->get('id'));
$user_data[] = $user_info;
}
$smarty = smarty();
$smarty->assign('user_data', $user_data);
$smarty->display('user/searchfriend.tpl');
define('INTERNAL', 1);
define('MENUITEM', 'groups');
require dirname(dirname(__FILE__)) . '/init.php';
require_once 'pieforms/pieform.php';
require_once 'group.php';
$groupid = param_integer('id');
$userid = param_integer('user');
define('GROUP', $groupid);
$group = group_current_group();
$user = get_record('usr', 'id', $userid, 'deleted', 0);
if (!$user) {
throw new UserNotFoundException(get_string('usernotfound', 'group', $userid));
}
$role = group_user_access($groupid);
if ($role != 'admin' && !group_user_can_assess_submitted_views($group->id, $USER->get('id'))) {
if (!$group->invitefriends || !is_friend($user->id, $USER->get('id'))) {
throw new AccessDeniedException(get_string('cannotinvitetogroup', 'group'));
}
}
if (record_exists('group_member', 'group', $groupid, 'member', $userid) || record_exists('group_member_invite', 'group', $groupid, 'member', $userid)) {
throw new UserException(get_string('useralreadyinvitedtogroup', 'group'));
}
define('TITLE', get_string('invitemembertogroup', 'group', display_name($userid), $group->name));
$roles = group_get_role_info($groupid);
foreach ($roles as $k => &$v) {
$v = $v->display;
}
safe_require('grouptype', $group->grouptype);
$form = pieform(array('name' => 'invitetogroup', 'autofocus' => false, 'method' => 'post', 'elements' => array('reason' => array('type' => 'textarea', 'cols' => 50, 'rows' => 4, 'title' => get_string('reason')), 'role' => array('type' => 'select', 'options' => $roles, 'title' => get_string('Role', 'group'), 'defaultvalue' => call_static_method('GroupType' . $group->grouptype, 'default_role'), 'ignore' => $role != 'admin'), 'submit' => array('type' => 'submitcancel', 'value' => array(get_string('invite', 'group'), get_string('cancel')), 'goto' => profile_url($user)))));
$smarty = smarty();
$smarty->assign('subheading', TITLE);
function getCommentsOfFriends()
{
$comments_of_friends = array();
$stmt = db_execute('SELECT * FROM comments ORDER BY created_at DESC LIMIT 1000');
while ($comment = $stmt->fetch()) {
if (!is_friend($comment['user_id'])) {
continue;
}
$entry = getEntry($comment['entry_id']);
$entry['is_private'] = $entry['private'] == 1;
if ($entry['is_private'] && !permitted($entry['user_id'])) {
continue;
}
$comments_of_friends[] = $comment;
if (sizeof($comments_of_friends) >= 10) {
break;
}
}
return $comments_of_friends;
}
