function admin_menu_dropdown() { //For custom admin pages $custom_pages = unserialize(CUSTOM_PAGES_ARRAY); $logged_in = login_check_logged_in_mini(); if ($logged_in > 1) { //Admin dropdown menu echo '<li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false">' . _("Admin tools") . '<span class="caret"></span></a> <ul class="dropdown-menu" role="menu"> <li><a href="' . SITE_URL . '/?p=admin&s=users">' . _("Users") . '</a></li> <li><a href="' . SITE_URL . '/?p=admin&s=version">' . _("Version") . '</a></li> <li><a href="' . SITE_URL . '/?p=admin&s=news">' . _("Site news") . '</a></li> <li><a href="' . SITE_URL . '/?p=admin&s=mess">' . _("Messages") . '</a></li>'; //Custom admin pages foreach ($custom_pages as $name => $content) { if (!strcmp($content['slug'], "admin")) { if (isset($content['subpages']) && !empty($content['subpages'])) { foreach ($content['subpages'] as $s_name => $s_content) { echo '<li ><a href="' . SITE_URL . '/?p=' . $content['slug'] . '&s=' . $s_content['slug'] . '" >' . $s_name . '</a></li>'; } } } } echo ' </ul> </li>'; } }
function category_display_edit() { if (login_check_logged_in_mini() < 1) { message_print_error(_("You need to be logged in to edit categories.")); return false; } if (isset($_REQUEST['id'])) { echo "<h1>" . _("Editing category") . "</h2>"; category_display_form(); } }
function notice_receive() { if (isset($_POST['notice_close'])) { //Check that logged in user owns the notice if (login_check_logged_in_mini() > 0) { $sql = "UPDATE " . PREFIX . "notice \r\n\t\t\tSET closed=NOW()\r\n\t\t\tWHERE user="******" AND id=" . sql_safe($_POST['notice_id']) . ";"; if (!mysql_query($sql)) { add_error(sprintf(_("Notice could not be closed.<br />SQL: %s<br />Error: %s"), $sql, mysql_error())); } } } }
function usermessage_receive() { // echo "<pre>".print_r($_POST,1)."</pre>"; if (isset($_POST['add_message']) && (!strcmp($_POST['add_message'], "Save this message") || !strcmp($_POST['add_message'], "Save new version"))) { if (login_check_logged_in_mini() < 2) { add_error(_("Unsuffient access")); return NULL; } if ($_POST['event'] == "") { add_error("Event cannot be empty"); } else { if ($_POST['message'] == "") { add_error("Message cannot be empty"); } else { //ok, lägg in skiten då if (!isset($_POST['subject']) || $_POST['subject'] == "") { $subject = 'NULL'; } else { $subject = $_POST['subject']; } if (!isset($_POST['criteria_name']) || $_POST['criteria_name'] == "") { $criteria_name = 'NULL'; } else { $criteria_name = $_POST['criteria_name']; } if (!isset($_POST['reward']) || $_POST['reward'] == "") { $reward = 'NULL'; } else { $reward = $_POST['reward']; } if (!isset($_POST['once'])) { $once = "once"; } else { $once = $_POST['once']; } $sendby_str = ""; $sendby = implode(",", $_POST['sendby']); if ($sendby != "") { } $sendby_str = ", sendby='" . $sendby . "'"; $sql = "INSERT INTO " . PREFIX . "messages_to_users SET\r\n\t\t\tevent='" . sql_safe($_POST['event']) . "',\r\n\t\t\ttype='" . sql_safe($_POST['type']) . "',\r\n\t\t\tsubject='" . sql_safe($subject) . "',\r\n\t\t\tmessage='" . sql_safe($_POST['message']) . "',\r\n\t\t\tcriteria_name='" . sql_safe($criteria_name) . "',\r\n\t\t\treward='" . sql_safe($reward) . "',\r\n\t\t\tonce='" . sql_safe($once) . "'\r\n\t\t\t" . $sendby_str . ";"; // echo "DEBUG1415:<pre>$sql</pre>"; if (!mysql_query($sql)) { add_error(sprintf(_("Message could not be added. Error: %s"), mysql_error())); } else { add_message(_("Message added")); //Lägg in criterier också. usermessage_criteria_save($criteria_name, $_POST['criteria']); } } } } }
function display_custom_pages_menu() { $custom_pages = unserialize(CUSTOM_PAGES_ARRAY); $logged_in_level = login_check_logged_in_mini(); // echo "<pre>".print_r($custom_pages,1)."</pre>"; foreach ($custom_pages as $name => $content) { if ((!isset($content['req_user_level']) || $content['req_user_level'] < 1 || $logged_in_level >= $content['req_user_level']) && strcmp($content['slug'], "admin")) { if (!isset($content['subpages']) || empty($content['subpages'])) { echo '<li ><a href="' . SITE_URL . '/?p=' . $content['slug'] . '" >' . $name . '</a></li>'; } else { echo '<li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false">' . $name . '<span class="caret"></span></a> <ul class="dropdown-menu" role="menu">'; foreach ($content['subpages'] as $s_name => $s_content) { if (!isset($s_content['req_user_level']) || $s_content['req_user_level'] < 1 || $logged_in_level >= $s_content['req_user_level']) { echo '<li ><a href="' . SITE_URL . '/?p=' . $content['slug'] . '&s=' . $s_content['slug'] . '" >' . $s_name . '</a></li>'; } } echo '</ul> </li>'; } } } }
function task_display_edit_single() { if (login_check_logged_in_mini() < 1) { message_print_error(_("You need to be logged in to edit tasks.")); return false; } if (isset($_REQUEST['id'])) { echo "<h1>" . _("Editing task") . "</h2>"; task_display_form(); } }
function comment_show_comments($id, $type) { $nr = 0; $inloggad = login_check_logged_in_mini(); //Hämta alla kommentarer $sql = "SELECT * FROM " . PREFIX . "comment WHERE comment_on=" . sql_safe($id) . " AND comment_type='{$type}' AND is_spam<1;"; if ($cc = @mysql_query($sql)) { while ($c = mysql_fetch_array($cc)) { $nr++; //Kolla om författaren är admin $admin = user_get_admin($c['user']); //skriv ut en anchor-pryl echo '<span class="anchor" id="anchor_comment_' . $c['id'] . '"></span>'; //Skriv ut kommentar if ($admin < 2) { echo "<div class=\"comment\" id=\"comment_" . $c['id'] . "\">"; } else { echo "<div class=\"comment admin_comment\" id=\"comment_" . $c['id'] . "\">"; } comment_display_single($c['id']); //Visa knapp för borttagning om man är admin if ($inloggad > 1) { echo "<form id=\"delete_comment_" . $c['id'] . "\" method=\"post\">\n\t\t\t\t\t\t<input type=\"hidden\" name=\"id\" value=\"" . $c['id'] . "\">\n\t\t\t\t\t\t<input type=\"hidden\" name=\"deletecomment\" value=\"" . $c['id'] . "\">\n\t\t\t\t\t\t<input type=\"button\" name=\"deletecomment_button\" onclick=\"confirmation_delete('delete_comment_" . $c['id'] . "', '" . _("Do you really want to delete the comment? This cannot be undone.") . "')\" value=\"" . _("Remove comment") . "\">\n\t\t\t\t\t</form>"; // <input type=\"button\" name=\"deletecomment_button\" onclick=\"return confirm('"._("Do you really want to delete the comment? This cannot be undone.")."');\" value=\""._("Remove comment")."\"> if ($aa = mysql_query("SELECT user from " . PREFIX . "comment WHERE id=" . sql_safe($c['id']) . ";")) { if ($a = mysql_fetch_array($aa)) { //Kolla om det är användarens kommentar. if (strcmp($a['user'], $_SESSION[PREFIX . "user_id"])) { spam_show_clicker($c['id'], "comment"); } } } } else { if ($inloggad >= 1) { //Om det är ens egen kommentar och den inte har några svar ska man kunna ta bort den. if ($aa = mysql_query("SELECT user from " . PREFIX . "comment WHERE id=" . sql_safe($c['id']) . ";")) { if ($a = mysql_fetch_array($aa)) { //Kolla om det är användarens kommentar. if (!strcmp($a['user'], $_SESSION[PREFIX . "user_id"])) { //Kolla så att det inte finns några svar if ($dd = mysql_query("SELECT id from " . PREFIX . "comment WHERE comment_on=" . sql_safe($c['id']) . " AND comment_type='comment';")) { if (mysql_affected_rows() < 1) { echo "<form id=\"delete_comment_" . $c['id'] . "\" method=\"post\">\n\t\t\t\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"id\" value=\"" . $c['id'] . "\">\n\t\t\t\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"deletecomment\" value=\"" . $c['id'] . "\">\n\t\t\t\t\t\t\t\t\t\t\t<input type=\"button\" name=\"deletecomment_button\" onclick=\"confirmation_delete('delete_comment_" . $c['id'] . "', '" . _("Do you really want to delete the comment? This cannot be undone.") . "')\" value=\"" . _("Remove comment") . "\">\n\t\t\t\t\t\t\t\t\t\t</form>"; // <input type=\"button\" name=\"deletecomment_button\" onclick=\"return confirm('"._("Do you really want to delete the comment? This cannot be undone.")."');\" value=\""._("Remove comment")."\"> } } } else { spam_show_clicker($c['id'], "comment"); } } } } } if ($inloggad > 0) { //Om man är inloggad ska man kunna svara echo "<a class=\"button\" onClick=\"showhide('replyto" . $c['id'] . "');\" href=\"#reply\">" . _("Reply") . "</a>"; echo "<div id=\"replyto" . $c['id'] . "\" style=\"display:none\">"; comment_form_show($c['id'], "comment", ""); echo "</div>"; } else { //Om man inte är inloggad ska man kunna svara med captcha echo "<a class=\"button\" onClick=\"showhide('replyto" . $c['id'] . "');\" href=\"#reply\">" . _("Reply") . "</a>"; echo "<div id=\"replyto" . $c['id'] . "\" style=\"display:none\">"; comment_form_show($c['id'], "comment", ""); echo "</div>"; } //Skriv ut svar på denna //echo "<br />DEBUG: $nr + comment_show_comments = "; $nr += comment_show_comments($c['id'], "comment"); //echo "$nr"; echo "</div>"; } } //echo "<br />DEBUG: return $nr;"; return $nr; }
function feedback_display_size_buttons($id, $div_id = "", $before_text = "", $after_text = "") { // echo "<p>feedback_display_size_buttons</p>"; // if(isset($_SESSION[PREFIX.'user_id']) && ($_SESSION[PREFIX.'user_id']==feedback_get_user($id) || $_SESSION[PREFIX."inloggad"]>=3)) if (login_check_logged_in_mini() > 1) { $is_show = true; } else { $is_show = false; } if ($is_show) { echo $before_text; } // else // echo "noshow"; // echo "=)"; if ($div_id == "") { $div_id = "feedback_size_buttons_" . $id; } echo "<div id=\"" . $div_id . "\">"; if ($is_show) { echo '<form class="form-inline"> <div class="form-group">'; echo "<h4>" . _("Size") . ":</h4>"; $size = feedback_get_size($id); if ($size == 1) { echo "<strong>[" . _("Bugfix") . "]</strong> "; } else { echo "<input type=\"submit\" id=\"bug_" . $id . "\" class=\"form-control\" onclick=\"feedback_operation('bugfix'," . $id . ", '" . $div_id . "'); return false;\" value=\"" . _("Bugfix") . "\">"; } if ($size == 2) { echo "<strong>[" . _("Required") . "]</strong> "; } else { echo "<button class=\"form-control\" id=\"bug_" . $id . "\" onclick=\"feedback_operation('required'," . $id . ", '" . $div_id . "'); return false;\">" . _("Required") . "</button>"; } if ($size == 3) { echo "<strong>[" . _("Small improvement") . "]</strong> "; } else { echo "<button class=\"form-control\" id=\"bug_" . $id . "\" onclick=\"feedback_operation('small_improvement'," . $id . ", '" . $div_id . "'); return false;\">" . _("Small improvement") . "</button>"; } if ($size == 4) { echo "<strong>[" . _("Big change") . "]</strong> "; } else { echo "<button class=\"form-control\" id=\"bug_" . $id . "\" onclick=\"feedback_operation('big_change'," . $id . ", '" . $div_id . "'); return false;\">" . _("Big change") . "</button>"; } echo "</div>"; echo "</form>"; } echo "</div>"; if ($is_show) { echo $after_text; } }
function privmess_display_single_message($message_id) { if (login_check_logged_in_mini() > 0) { //Show message $sql = "SELECT sender, sent, subject, message, reciever\r\n\t\t\tFROM " . PREFIX . "privmess \r\n\t\t\tWHERE (reciever='" . sql_safe($_SESSION[PREFIX . 'user_id']) . "' OR sender='" . sql_safe($_SESSION[PREFIX . 'user_id']) . "')\r\n\t\t\tAND id=" . sql_safe($message_id) . ";"; if ($mm = mysql_query($sql)) { if ($m = mysql_fetch_array($mm)) { $message = str_replace("\n\r", "<br />", $m['message']); $message = str_replace("\r\n", "<br />", $message); $message = str_replace("\n", "<br />", $message); $message = str_replace("\r", "<br />", $message); $message = str_replace("<br /><br />", "</p><p>", $message); $message = str_replace("</p><p></p><p>", "</p><p>", $message); $reply_link = '<a class="btn btn-default" href="#reply" aria-controls="reply" role="tab" data-toggle="tab" onclick="return replace_html_div_inner(\'reply\', \'' . SITE_URL . '/operation/privmess_reply.php?message_id=' . $message_id . '\');" >'; echo ' <div class="row"> <div class="col-xm-12"> <div class="panel panel-default"> <div class="panel-heading"> <p class="author">'; if ($m['sender']) { echo sprintf(_("Sent by: %s"), user_get_link($m['sender'])) . '<br />'; } echo sprintf(_("Time sent: %s"), date("Y-m-d H:i", strtotime($m['sent']))) . '</p> <h1 class="panel-title">' . $m['subject'] . '</h1> <div class="clearfix"></div> </div> <div class="panel-body"> <p>' . $message . '</p> </div> <div class="panel-footer">'; if ($m['reciever'] == $_SESSION[PREFIX . 'user_id']) { echo ' <form method="get"> <input type="hidden" name="message_id" value="' . $message_id . '"> <input type="hidden" name="p" value="user"> <input type="hidden" name="s" value="privmess">'; if ($m['sender']) { echo $reply_link . _("Reply") . '</a>'; } echo ' <input type="submit" name="privmess_mark_unread" value="' . _("Mark unread") . '" class="btn btn-default"> <input type="submit" name="privmess_delete" value="' . _("Delete") . '" class="btn btn-default" onclick="return confirm(\'' . _("Are you sure you want to delete this message?") . '\')">'; echo ' </form> '; } else { echo "<p>" . sprintf(_("Sent to %s"), user_get_link($m['reciever'])) . "</p>"; } echo ' </div> </div> </div> </div>'; } else { echo "<p class=\"error\">Message could not be found</p>"; } } } else { echo "Not logged in"; } }
function login_display_link($a_text = "") { login_check_logged_in_mini(); if (isset($_SESSION[PREFIX . "username"])) { //User dropdown menu user_display_dropdown(); } else { // echo '<a href="#main_login_form" onclick="toggleshow(\'main_login_form\');">'._("Log in").'</a>'; // echo '<a href="#main_login_form" onclick="$( \'#main_login_form\' ).slideDown( \'normal\');">'._("Log in").'</a>'; echo '<a class="hidden-lg hidden-md hidden-sm" href="#" onclick="$( \'#main_login_form\' ).slideDown( \'normal\');" ' . $a_text . '>' . _("Log in") . '</a>'; //Just on small (xs) devices echo '<a class="hidden-xs" href="#" onclick="$( \'#main_login_form\' ).slideDown( \'normal\');" ' . '>' . _("Log in") . '</a>'; //Not on small (xs) devices } }
<?php message_display_messages_and_errors(); if (login_check_logged_in_mini() > 0) { notice_display_notices($_SESSION[PREFIX . 'user_id']); } if (isset($_GET['reg'])) { //Register form login_form_registration(); } else { if (isset($_GET['lostpassword'])) { login_password_recovery_display(); } else { if (isset($_GET['p'])) { if (custom_page_display()) { //Do nothing else. =) } else { if (!strcmp($_GET['p'], "feedback")) { feedback_show(); } else { if (!strcmp($_GET['p'], "news")) { news_show(); } else { if (!strcmp($_GET['p'], "user") && isset($_GET['s']) && !strcmp($_GET['s'], "profile")) { if (isset($_GET['user'])) { $user = $_GET['user']; } else { if (isset($_SESSION[PREFIX . 'user_id'])) { $user = $_SESSION[PREFIX . 'user_id']; } else { echo "<p class=\"well message_box\">" . _("Missing user id") . "</p>";
function user_display_settings() { login_check_logged_in_mini(); if (isset($_GET['user'])) { if (user_get_admin($_SESSION[PREFIX . "user_id"]) && user_exists($_GET['user'])) { $user_id = $_GET['user']; } } else { $user_id = $_SESSION[PREFIX . "user_id"]; } if (!$user_id) { echo "<div class=\"message_box error well\">No valid user</div>"; } else { echo "<h1>" . sprintf(_("Settings for %s"), user_get_name($user_id)) . "</h1>"; echo '<form method="post">'; //Username echo '<div class="form-group"> <label for="username_input">' . _("Username") . '</label> <input type="text" name="username" id="username_input" placeholder="' . _("Username") . '" class="form-control" value="' . user_get_name($user_id) . '"> </div>'; //email echo '<div class="form-group"> <label for="email_input">' . _("Email") . '</label> <input type="text" name="email" id="email_input" placeholder="' . _("Email") . '" class="form-control" value="' . user_get_email($user_id) . '"> </div>'; //password echo '<div class="form-group"> <label for="password_input">' . _("Password") . '</label> <input type="password" name="password" id="password_input" placeholder="' . _("Password") . '" class="form-control"> </div>'; //Flattr id echo '<div class="form-group"> <label for="flattr_id_input">' . _("Flattr id") . '</label> <input type="text" name="flattr_id" id="flattr_id_input" placeholder="' . _("Flattr id") . '" class="form-control" value="' . flattr_get_flattrID($user_id) . '"> </div>'; //Flattr choice // echo "<pre>".print_r(flattr_get_flattr_choice($user_id, "comment"),1)."</pre>"; echo '<div class="checkbox">'; echo '<label> <input type="checkbox" name="flattr_choice[]" value="comment"'; if (flattr_get_flattr_choice($user_id, "comment")) { echo ' checked'; } echo '> ' . sprintf(_("Display Flattr-button on <strong>%s</strong>"), _("comments")) . ' </label>'; echo '</div>'; echo '<div class="checkbox">'; echo '<label> <input type="checkbox" name="flattr_choice[]" value="feedback"'; if (flattr_get_flattr_choice($user_id, "feedback")) { echo ' checked'; } echo '> ' . sprintf(_("Display Flattr-button on <strong>%s</strong>"), _("feedbacks")) . ' </label>'; echo '</div>'; if (defined('CUSTOM_SETTINGS')) { $custom_settings = unserialize(CUSTOM_SETTINGS); if (isset($custom_settings['flattr'])) { foreach ($custom_settings['flattr'] as $custom_flattr_choice => $translation) { user_setting_flattr_display($user_id, $custom_flattr_choice, $translation); } } } //Save button echo '<input type="submit" class="btn btn-success" value="' . _("Save") . '" name="user_update_settings">'; echo '</form>'; } }