trigger_error(mysql_error(), E_USER_ERROR); } } elseif ($input['net_id'] == NET_BLOCK) { add_message_filter(array('filter_type' => FILTER_SENDER, 'fk_user_id' => $_SESSION[_LICENSE_KEY_]['user']['user_id'], 'field_value' => $input['uid'], 'fk_folder_id' => FOLDER_TRASH)); add_member_score($input['uid'], 'block_member'); } $topass['message']['type'] = MESSAGE_INFO; if (!empty($is_bidi) && empty($force_connect)) { $topass['message']['text'] = sprintf($GLOBALS['_lang'][83], $other_user_name); $request['fk_user_id'] = $input['uid']; $request['fk_user_id_other'] = $_SESSION[_LICENSE_KEY_]['user']['user_id']; $request['_user_other'] = sanitize_and_format($_SESSION[_LICENSE_KEY_]['user']['user'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]); $request['subject'] = sanitize_and_format(sprintf($GLOBALS['_lang'][84], $_SESSION[_LICENSE_KEY_]['user']['user']), TYPE_STRING, $__field2format[FIELD_TEXTFIELD]); $request['message_body'] = sanitize_and_format(sprintf($GLOBALS['_lang'][85], $_SESSION[_LICENSE_KEY_]['user']['user'], get_net_name($input['net_id'])), TYPE_STRING, $__field2format[FIELD_TEXTFIELD]); $request['message_type'] = MESS_SYSTEM; queue_or_send_message($request); } else { $topass['message']['text'] = sprintf($GLOBALS['_lang'][86], get_user_by_userid($input['uid']), get_net_name($input['net_id'])); } if (isset($_on_after_insert)) { for ($i = 0; isset($_on_after_insert[$i]); ++$i) { call_user_func($_on_after_insert[$i]); } } } } if ($error) { // you must re-read all textareas from $_GET like this: // $input['x']=addslashes_mq($_GET['x']); $input = sanitize_and_format($input, TYPE_STRING, FORMAT_HTML2TEXT_FULL | FORMAT_STRIPSLASH); $topass['input'] = $input;
function on_after_approve_comment() { global $dbtable_prefix, $comment_ids, $comment_type, $__field2format; switch ($comment_type) { case 'blog': $table = "`{$dbtable_prefix}comments_blog`"; $parent_table = "`{$dbtable_prefix}blog_posts`"; $parent_key = "`post_id`"; break; case 'photo': $table = "`{$dbtable_prefix}comments_photo`"; $parent_table = "`{$dbtable_prefix}user_photos`"; $parent_key = "`photo_id`"; break; case 'user': $table = "`{$dbtable_prefix}comments_profile`"; $parent_table = "`{$dbtable_prefix}user_profiles`"; $parent_key = "`fk_user_id`"; break; } // only for new comments (because of the processed=0) $query = "SELECT a.`comment_id`,a.`_user` as `comment_poster`,a.`fk_parent_id`,a.`fk_user_id`,b.`fk_user_id` as `fk_parent_owner_id` FROM {$table} a,{$parent_table} b WHERE a.`comment_id` IN ('" . join("','", $comment_ids) . "') AND a.`fk_parent_id`=b.{$parent_key} AND a.`processed`=0"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $comment_ids = array(); // yup $parent_ids = array(); $user_ids = array(); $parent_owner_ids = array(); $notifs = array(); while ($rsrow = mysql_fetch_assoc($res)) { $comment_ids[] = $rsrow['comment_id']; // get only the not processed ones if (isset($parent_ids[$rsrow['fk_parent_id']])) { ++$parent_ids[$rsrow['fk_parent_id']]; } else { $parent_ids[$rsrow['fk_parent_id']] = 1; } if (isset($user_ids[$rsrow['fk_user_id']])) { ++$user_ids[$rsrow['fk_user_id']]; } else { $user_ids[$rsrow['fk_user_id']] = 1; } if ($rsrow['fk_parent_owner_id'] != $rsrow['fk_user_id']) { if (!isset($notifs[$rsrow['fk_parent_owner_id']])) { $notifs[$rsrow['fk_parent_owner_id']]['comment_poster'] = $rsrow['comment_poster']; $notifs[$rsrow['fk_parent_owner_id']]['comment_id'] = $rsrow['comment_id']; $notifs[$rsrow['fk_parent_owner_id']]['parent_id'] = $rsrow['fk_parent_id']; } if (isset($parent_owner_ids[$rsrow['fk_parent_owner_id']])) { ++$parent_owner_ids[$rsrow['fk_parent_owner_id']]; } else { $parent_owner_ids[$rsrow['fk_parent_owner_id']] = 1; } } } // increment the number of comments of the item(s) if ($comment_type != 'user') { foreach ($parent_ids as $pid => $num) { $query = "UPDATE {$parent_table} SET `stat_comments`=`stat_comments`+{$num} WHERE {$parent_key}='{$pid}'"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } } else { foreach ($parent_ids as $pid => $num) { update_stats($pid, 'profile_comments', $num); } } // add the "received_comment" score to the owner of the item foreach ($parent_owner_ids as $uid => $num) { if (!empty($uid)) { add_member_score($uid, 'received_comment', $num); } } // add the "comments_made" score to the poster of the comment foreach ($user_ids as $uid => $num) { if (!empty($uid)) { update_stats($uid, 'comments_made', $num); } } // mark the posted comment(s) as not new anymore so we won't process them again next time. if (!empty($comment_ids)) { $query = "UPDATE {$table} SET `processed`=1 WHERE `comment_id` IN ('" . join("','", $comment_ids) . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } // send notifications to item owners. foreach ($notifs as $uid => $v) { $notification['fk_user_id'] = $uid; $notification['message_type'] = MESS_SYSTEM; switch ($comment_type) { case 'blog': $notification['subject'] = sanitize_and_format($GLOBALS['_lang'][160], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]); $notification['message_body'] = sanitize_and_format(sprintf($GLOBALS['_lang'][161], $v['comment_poster'], $v['parent_id'], $v['comment_id']), TYPE_STRING, $__field2format[FIELD_TEXTFIELD]); break; case 'photo': $notification['subject'] = sanitize_and_format($GLOBALS['_lang'][162], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]); $notification['message_body'] = sanitize_and_format(sprintf($GLOBALS['_lang'][163], $v['comment_poster'], $v['parent_id'], $v['comment_id']), TYPE_STRING, $__field2format[FIELD_TEXTFIELD]); break; case 'user': $notification['subject'] = sanitize_and_format($GLOBALS['_lang'][164], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]); $notification['message_body'] = sanitize_and_format(sprintf($GLOBALS['_lang'][165], $v['comment_poster'], $v['comment_id']), TYPE_STRING, $__field2format[FIELD_TEXTFIELD]); break; } queue_or_send_message($notification); } }
$error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = $GLOBALS['_lang'][49]; } } if (!$error) { $input['fk_user_id_other'] = $_SESSION[_LICENSE_KEY_]['user']['user_id']; $input['_user_other'] = $_SESSION[_LICENSE_KEY_]['user']['user']; $input['subject'] = sprintf($GLOBALS['_lang'][216], $_SESSION[_LICENSE_KEY_]['user']['user']); $input['message_type'] = MESS_FLIRT; if (isset($_on_before_insert)) { for ($i = 0; isset($_on_before_insert[$i]); ++$i) { call_user_func($_on_before_insert[$i]); } } queue_or_send_message($input, true); update_stats($_SESSION[_LICENSE_KEY_]['user']['user_id'], 'flirts_sent', 1); $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = $GLOBALS['_lang'][50]; if (isset($_on_after_insert)) { for ($i = 0; isset($_on_after_insert[$i]); ++$i) { call_user_func($_on_after_insert[$i]); } } } else { $nextpage = 'flirt_send.php'; // you must re-read all textareas from $_POST like this: // $input['x']=addslashes_mq($_POST['x']); unset($input['message_body']); $input['return'] = rawurlencode($input['return']); $input = sanitize_and_format($input, TYPE_STRING, FORMAT_HTML2TEXT_FULL | FORMAT_STRIPSLASH);