function set_value(&$all_values, $sanitize = true)
{
if ($sanitize) {
$this->value = remove_banned_words(sanitize_and_format_gpc($all_values, $this->config['dbfield'], TYPE_STRING, $GLOBALS['__field2format'][FIELD_TEXTFIELD], $this->empty_value['edit']));
} elseif (isset($all_values[$this->config['dbfield']])) {
$this->value = $all_values[$this->config['dbfield']];
}
return true;
}
function gen_blogposts_cache()
{
global $dbtable_prefix;
$dirname = dirname(__FILE__);
$temp = array();
if ($dirname[0] == '/') {
// unixes here
$temp = explode('/', $dirname);
} else {
// windows here
$temp = explode('\\', $dirname);
}
$interval = (int) $temp[count($temp) - 1];
// that's how often we're executed ;)
$short_blog_chars = 400;
$config = get_site_option(array('bbcode_blogs', 'use_smilies'), 'core_blog');
require_once _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$post_ids = array();
$query = "SELECT a.`post_id`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,a.`fk_user_id`,a.`_user` as `user`,a.`fk_blog_id`,a.`title`,a.`post_content`,b.`_photo` as `photo`,c.`blog_name` FROM `{$dbtable_prefix}blog_posts` a,`{$dbtable_prefix}user_profiles` b,`{$dbtable_prefix}user_blogs` c WHERE a.`fk_user_id`=b.`fk_user_id` AND a.`fk_blog_id`=c.`blog_id` AND a.`status`=" . STAT_APPROVED . " AND a.`last_changed`>=DATE_SUB('" . gmdate('YmdHis') . "',INTERVAL " . ($interval + 2) . " MINUTE)";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
while ($blog = mysql_fetch_assoc($res)) {
$post_ids[] = $blog['post_id'];
$blog['title'] = remove_banned_words(sanitize_and_format($blog['title'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2EDIT]));
$blog['post_content'] = remove_banned_words($blog['post_content']);
$post_content_short = substr($blog['post_content'], 0, strrpos(substr($blog['post_content'], 0, $short_blog_chars), ' '));
$post_content_short = sanitize_and_format($post_content_short, TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]);
$blog['post_content'] = sanitize_and_format($blog['post_content'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]);
if (!empty($config['bbcode_blogs'])) {
$blog['post_content'] = bbcode2html($blog['post_content']);
$post_content_short = bbcode2html($post_content_short);
}
if (!empty($config['use_smilies'])) {
$blog['post_content'] = text2smilies($blog['post_content']);
$post_content_short = text2smilies($post_content_short);
}
if (empty($blog['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $blog['photo'])) {
$blog['photo'] = 'no_photo.gif';
} else {
$blog['has_photo'] = true;
}
if (empty($blog['fk_user_id'])) {
unset($blog['fk_user_id']);
}
$towrite = '<?php $post=' . var_export($blog, true) . ';';
$fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '.inc.php', $towrite);
$blog['post_content'] = $post_content_short;
$towrite = '<?php $post=' . var_export($blog, true) . ';';
$fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '_short.inc.php', $towrite);
}
return true;
}
$input[$k] = sanitize_and_format_gpc($_POST, $k, $__field2type[$v], $__field2format[$v], array());
}
if (empty($input['is_main'])) {
$input['is_main'] = 0;
}
if (!empty($_POST['return'])) {
$input['return'] = sanitize_and_format_gpc($_POST, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD] | FORMAT_RUDECODE, '');
$nextpage = $input['return'];
}
if (isset($_on_after_post)) {
for ($i = 0; isset($_on_after_post[$i]); ++$i) {
call_user_func($_on_after_post[$i]);
}
}
if (!$error) {
$input['caption'] = remove_banned_words($input['caption']);
$query = "SELECT `photo_id`,`caption`,`is_main`,`photo`,`status` FROM `{$dbtable_prefix}user_photos` WHERE `photo_id` IN ('" . join("','", array_keys($input['caption'])) . "') AND `fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "'";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$old_captions = array();
$old_main = 0;
$photos = array();
$statuses = array();
while ($rsrow = mysql_fetch_assoc($res)) {
$old_captions[$rsrow['photo_id']] = sanitize_and_format($rsrow['caption'], TYPE_STRING, $__field2format[TEXT_DB2DB]);
$photos[$rsrow['photo_id']] = $rsrow['photo'];
if (!empty($rsrow['is_main'])) {
$old_main = $rsrow['photo_id'];
}
$statuses[$rsrow['photo_id']] = $rsrow['status'];
}
unset($input['fk_user_id']);
if (!empty($_POST['return'])) {
$input['return'] = sanitize_and_format($_POST['return'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD] | FORMAT_RUDECODE);
$nextpage = $input['return'];
}
// check for input errors
if (empty($input['comment'])) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = 'Please enter the comment';
$input['error_comment'] = 'red_border';
}
if (!$error) {
$now = gmdate('YmdHis');
$input['comment'] = remove_banned_words($input['comment']);
if (!empty($input['comment_id'])) {
$query = "UPDATE {$table} SET `last_changed`='{$now}'";
foreach ($default['defaults'] as $k => $v) {
if (isset($input[$k])) {
$query .= ",`{$k}`='" . $input[$k] . "'";
}
}
$query .= " WHERE `comment_id`=" . $input['comment_id'];
if (isset($_on_before_update)) {
for ($i = 0; isset($_on_before_update[$i]); ++$i) {
call_user_func($_on_before_update[$i]);
}
}
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
$nextpage = $input['return'];
}
// check for input errors
if (empty($input['title'])) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = $GLOBALS['_lang'][17];
}
if (empty($input['post_content'])) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = $GLOBALS['_lang'][18];
}
if (!$error) {
$input['title'] = remove_banned_words($input['title']);
$input['post_content'] = remove_banned_words($input['post_content']);
$config = get_site_option(array('manual_blog_approval'), 'core_blog');
$towrite = array();
// what to write in the cache file
if (!empty($input['post_id'])) {
$query = "UPDATE `{$dbtable_prefix}blog_posts` SET `last_changed`='" . gmdate('YmdHis') . "'";
if ($config['manual_blog_approval']) {
// set to pending only if the title or content was changed.
$query2 = "SELECT `title`,`post_content` FROM `{$dbtable_prefix}blog_posts` WHERE `post_id`=" . $input['post_id'];
if (!($res = @mysql_query($query2))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$rsrow = sanitize_and_format(mysql_fetch_assoc($res), TYPE_STRING, $__field2format[TEXT_DB2DB]);
if (strcmp($rsrow['title'], $input['title']) != 0 || strcmp($rsrow['post_content'], $input['post_content']) != 0) {
$query .= ",`status`=" . STAT_PENDING;
$input[$k] = sanitize_and_format_gpc($_POST, $k, $__field2type[$v], $__field2format[$v], $user_blogs_default['defaults'][$k]);
}
$input['fk_user_id'] = $_SESSION[_LICENSE_KEY_]['user']['user_id'];
if (!empty($_POST['return'])) {
$input['return'] = sanitize_and_format_gpc($_POST, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD] | FORMAT_RUDECODE, '');
$nextpage = $input['return'];
}
// check for input errors
if (empty($input['blog_name'])) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = $GLOBALS['_lang'][13];
}
if (!$error) {
$input['blog_name'] = remove_banned_words($input['blog_name']);
$input['blog_diz'] = remove_banned_words($input['blog_diz']);
require _BASEPATH_ . '/includes/classes/fileop.class.php';
$fileop = new fileop();
$towrite = array();
// what to write in the cache file
if (!empty($input['blog_id'])) {
foreach ($input as $k => $v) {
$towrite[$k] = sanitize_and_format_gpc($_POST, $k, TYPE_STRING, $__field2format[TEXT_GPC2DISPLAY], '');
}
$query = "UPDATE IGNORE `{$dbtable_prefix}user_blogs` SET ";
foreach ($user_blogs_default['defaults'] as $k => $v) {
if (isset($input[$k])) {
$query .= "`{$k}`='" . $input[$k] . "',";
}
}
$query = substr($query, 0, -1);
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = $GLOBALS['_lang'][196];
}
if (empty($input['message_body'])) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = $GLOBALS['_lang'][197];
}
if (!$error) {
// if the receiver didn't block me...
if (!is_network_member($input['fk_user_id'], $_SESSION[_LICENSE_KEY_]['user']['user_id'], NET_BLOCK)) {
// sender of the message: me
$input['fk_user_id_other'] = $_SESSION[_LICENSE_KEY_]['user']['user_id'];
$input['_user_other'] = $_SESSION[_LICENSE_KEY_]['user']['user'];
$input['subject'] = remove_banned_words($input['subject']);
$input['message_body'] = remove_banned_words($input['message_body']);
if (isset($_on_before_insert)) {
for ($i = 0; isset($_on_before_insert[$i]); ++$i) {
call_user_func($_on_before_insert[$i]);
}
}
queue_or_send_message($input, true);
// save the message in my outbox
$input['fk_user_id_other'] = $input['fk_user_id'];
$input['fk_user_id'] = $_SESSION[_LICENSE_KEY_]['user']['user_id'];
$input['_user_other'] = get_user_by_userid($input['fk_user_id_other']);
$query = "INSERT INTO `{$dbtable_prefix}user_outbox` SET `date_sent`='" . gmdate('YmdHis') . "'";
foreach ($user_outbox_default['defaults'] as $k => $v) {
if (isset($input[$k])) {
$query .= ",`{$k}`='" . $input[$k] . "'";
}
