function display() { $myreturn = sanitize_and_format($this->value, TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]); if (!empty($this->config['use_bbcode'])) { $myreturn = bbcode2html($myreturn); } if (!empty($this->config['use_smilies'])) { $myreturn = text2smilies($myreturn); } return $myreturn; }
function gen_blogposts_cache() { global $dbtable_prefix; $dirname = dirname(__FILE__); $temp = array(); if ($dirname[0] == '/') { // unixes here $temp = explode('/', $dirname); } else { // windows here $temp = explode('\\', $dirname); } $interval = (int) $temp[count($temp) - 1]; // that's how often we're executed ;) $short_blog_chars = 400; $config = get_site_option(array('bbcode_blogs', 'use_smilies'), 'core_blog'); require_once _BASEPATH_ . '/includes/classes/fileop.class.php'; $fileop = new fileop(); $post_ids = array(); $query = "SELECT a.`post_id`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,a.`fk_user_id`,a.`_user` as `user`,a.`fk_blog_id`,a.`title`,a.`post_content`,b.`_photo` as `photo`,c.`blog_name` FROM `{$dbtable_prefix}blog_posts` a,`{$dbtable_prefix}user_profiles` b,`{$dbtable_prefix}user_blogs` c WHERE a.`fk_user_id`=b.`fk_user_id` AND a.`fk_blog_id`=c.`blog_id` AND a.`status`=" . STAT_APPROVED . " AND a.`last_changed`>=DATE_SUB('" . gmdate('YmdHis') . "',INTERVAL " . ($interval + 2) . " MINUTE)"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($blog = mysql_fetch_assoc($res)) { $post_ids[] = $blog['post_id']; $blog['title'] = remove_banned_words(sanitize_and_format($blog['title'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2EDIT])); $blog['post_content'] = remove_banned_words($blog['post_content']); $post_content_short = substr($blog['post_content'], 0, strrpos(substr($blog['post_content'], 0, $short_blog_chars), ' ')); $post_content_short = sanitize_and_format($post_content_short, TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]); $blog['post_content'] = sanitize_and_format($blog['post_content'], TYPE_STRING, $GLOBALS['__field2format'][TEXT_DB2DISPLAY]); if (!empty($config['bbcode_blogs'])) { $blog['post_content'] = bbcode2html($blog['post_content']); $post_content_short = bbcode2html($post_content_short); } if (!empty($config['use_smilies'])) { $blog['post_content'] = text2smilies($blog['post_content']); $post_content_short = text2smilies($post_content_short); } if (empty($blog['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $blog['photo'])) { $blog['photo'] = 'no_photo.gif'; } else { $blog['has_photo'] = true; } if (empty($blog['fk_user_id'])) { unset($blog['fk_user_id']); } $towrite = '<?php $post=' . var_export($blog, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '.inc.php', $towrite); $blog['post_content'] = $post_content_short; $towrite = '<?php $post=' . var_export($blog, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '_short.inc.php', $towrite); } return true; }
// $output['message_body']=sanitize_and_format($output['message_body'],TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]); check_login_member('message_read'); $output['message_body'] = nl2br($output['message_body']); break; case MESS_FLIRT: check_login_member('flirt_read'); break; case MESS_SYSTEM: // check_login_member('auth'); this check was made at the begining if (empty($output['_user_other'])) { $output['_user_other'] = $GLOBALS['_lang'][135]; } $tpl->set_var('spam_controls', false); break; } $output['message_body'] = text2smilies(bbcode2html($output['message_body'])); if (empty($output['photo'])) { $output['photo'] = 'no_photo.gif'; } if (empty($output['other_id'])) { unset($output['other_id']); } else { require _BASEPATH_ . '/includes/network_functions.inc.php'; if (is_network_member($_SESSION[_LICENSE_KEY_]['user']['user_id'], $output['other_id'], NET_BLOCK)) { $output['is_blocked'] = true; } $output['net_block'] = NET_BLOCK; } $output['mailbox_name'] = $my_folders[$output['fid']]; $output['return2me'] = 'message_read.php'; if (!empty($_SERVER['QUERY_STRING'])) {
/** * Creates the tpl loop to show comments and the textarea where new comments could be written. Handles the cases when user is * not logged in or not allowed to post comments. * * @access public * @param string $type the identifier for the item where comments are displayed. Can be one of 'user','photo','blog','video' * @param int $parent_id the ID in the parent table of the item where these comments are posted. * @param array $config reference to the $config array in the calling script. It needs 'use_captcha','bbcode_comments','smilies_comm' * @param array $output reference to the $output array in the calling script. It injects additional variables in $output to be * used by the template system. * */ function create_comments_loop($type, $parent_id, &$output, $params = array()) { global $dbtable_prefix, $__field2format, $_list_of_online_members, $page_last_modified_time; $myreturn = array(); switch ($type) { case 'user': $table = "{$dbtable_prefix}comments_profile"; $allow_comments = !empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $_SESSION[_LICENSE_KEY_]['user']['user_id'] == $parent_id ? $_SESSION[_LICENSE_KEY_]['user']['prefs']['profile_comments'] : get_user_settings($parent_id, 'def_user_prefs', 'profile_comments'); break; case 'blog': $table = "{$dbtable_prefix}comments_blog"; $allow_comments = isset($output['allow_comments']) ? $output['allow_comments'] : 1; break; case 'photo': $table = "{$dbtable_prefix}comments_photo"; $allow_comments = isset($output['allow_comments']) ? $output['allow_comments'] : 1; break; case 'video': $table = "{$dbtable_prefix}comments_video"; $allow_comments = isset($output['allow_comments']) ? $output['allow_comments'] : 1; break; } $config = get_site_option(array('use_captcha', 'bbcode_comments', 'smilies_comm'), 'core'); $edit_comment = sanitize_and_format_gpc($_GET, 'edit_comment', TYPE_INT, 0, 0); $query = "SELECT a.`comment_id`,a.`comment`,a.`fk_user_id`,a.`_user` as `user`,UNIX_TIMESTAMP(a.`date_posted`) as `date_posted`,b.`_photo` as `photo` FROM `{$table}` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`fk_user_id`=b.`fk_user_id` WHERE a.`fk_parent_id`={$parent_id} AND a.`status`=" . STAT_APPROVED . " ORDER BY a.`comment_id` ASC"; if (isset($params['offset']) && isset($params['limit'])) { $query .= " LIMIT " . $params['offset'] . ',' . $params['limit']; $count_query = "SELECT count(*) FROM `{$table}` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`fk_user_id`=b.`fk_user_id` WHERE a.`fk_parent_id`={$parent_id} AND a.`status`=" . STAT_APPROVED; if (!($res = @mysql_query($count_query))) { trigger_error(mysql_error(), E_USER_ERROR); } $totalrows = mysql_result($res, 0, 0); } if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($rsrow = mysql_fetch_assoc($res)) { if ($rsrow['date_posted'] > $page_last_modified_time) { $page_last_modified_time = $rsrow['date_posted']; } // if someone has asked to edit his/her comment if ($edit_comment == $rsrow['comment_id']) { $output['comment_id'] = $rsrow['comment_id']; $output['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]); } $rsrow['date_posted'] = strftime($_SESSION[_LICENSE_KEY_]['user']['prefs']['datetime_format'], $rsrow['date_posted'] + $_SESSION[_LICENSE_KEY_]['user']['prefs']['time_offset']); $rsrow['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); if (!empty($config['bbcode_comments'])) { $rsrow['comment'] = bbcode2html($rsrow['comment']); } if (!empty($config['smilies_comm'])) { $rsrow['comment'] = text2smilies($rsrow['comment']); } // allow showing the edit links to rightfull owners if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $rsrow['fk_user_id'] == $_SESSION[_LICENSE_KEY_]['user']['user_id']) { $rsrow['editme'] = true; } if (empty($rsrow['fk_user_id'])) { // for the link to member profile unset($rsrow['fk_user_id']); } else { if (isset($_list_of_online_members[$rsrow['fk_user_id']])) { $rsrow['is_online'] = 'is_online'; $rsrow['user_online_status'] = $GLOBALS['_lang'][102]; } else { $rsrow['user_online_status'] = $GLOBALS['_lang'][103]; } } if (empty($rsrow['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $rsrow['photo'])) { $rsrow['photo'] = 'no_photo.gif'; } $myreturn[] = $rsrow; } if (!empty($myreturn)) { $output['show_comments'] = true; if (isset($totalrows)) { $output['pager'] = pager($totalrows, $params['offset'], $params['limit']); $output['num_comments'] = $totalrows; } else { $output['num_comments'] = count($myreturn); } } if ($allow_comments) { // may I post comments please? if (allow_at_level('write_comments', $_SESSION[_LICENSE_KEY_]['user']['membership'])) { $output['allow_comments'] = true; if (empty($_SESSION[_LICENSE_KEY_]['user']['user_id'])) { if (!empty($config['use_captcha'])) { require _BASEPATH_ . '/includes/classes/sco_captcha.class.php'; $c = new sco_captcha(_BASEPATH_ . '/includes/fonts', 4); $_SESSION['captcha_word'] = $c->gen_rnd_string(4); $output['rand'] = make_seed(); $output['use_captcha'] = true; } } // would you let me use bbcode? if (!empty($config['bbcode_comments'])) { $output['bbcode_comments'] = true; } // if we came back after an error get what was previously posted if (isset($_SESSION['topass']['input'])) { $output = array_merge($output, $_SESSION['topass']['input']); unset($_SESSION['topass']['input']); } } else { unset($output['allow_comments']); } } else { unset($output['allow_comments']); } if (!empty($edit_comment)) { $_SERVER['QUERY_STRING'] = str_replace('&edit_comment=' . $edit_comment, '', $_SERVER['QUERY_STRING']); } return $myreturn; }
if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } while ($rsrow = mysql_fetch_assoc($res)) { // if someone has asked to edit his/her comment if ($edit_comment == $rsrow['comment_id']) { $output['comment_id'] = $rsrow['comment_id']; $output['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]); } $rsrow['date_posted'] = strftime($time_options['datetime_format'], $rsrow['date_posted'] + $time_options['time_offset']); $rsrow['comment'] = sanitize_and_format($rsrow['comment'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); if (!empty($config['bbcode_comments'])) { $rsrow['comment'] = bbcode2html($rsrow['comment']); } if (!empty($config['smilies_comm'])) { $rsrow['comment'] = text2smilies($rsrow['comment']); } if (empty($rsrow['fk_user_id'])) { // for the link to member profile unset($rsrow['fk_user_id']); } if (empty($rsrow['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $rsrow['photo'])) { $rsrow['photo'] = 'no_photo.gif'; } $loop[] = $rsrow; } if (!empty($loop)) { $output['num_comments'] = count($loop); } } } else {
} while ($blog = mysql_fetch_assoc($res)) { $last_approved = $blog['last_changed']; unset($blog['last_changed']); $blog['fk_blog_id'] = (string) $blog['fk_blog_id']; $blog['title'] = sanitize_and_format($blog['title'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]); $post_content_short = substr($blog['post_content'], 0, strrpos(substr($blog['post_content'], 0, $short_blog_chars), ' ')); $post_content_short = sanitize_and_format($post_content_short, TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); $blog['post_content'] = sanitize_and_format($blog['post_content'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); if (!empty($config['bbcode_blogs'])) { $blog['post_content'] = bbcode2html($blog['post_content']); $post_content_short = bbcode2html($post_content_short); } if (!empty($config['use_smilies'])) { $blog['post_content'] = text2smilies($blog['post_content']); $post_content_short = text2smilies($post_content_short); } if (empty($blog['photo']) || !is_file(_PHOTOPATH_ . '/t1/' . $blog['photo'])) { $blog['photo'] = 'no_photo.gif'; } else { $blog['has_photo'] = true; } if (empty($blog['fk_user_id'])) { unset($blog['fk_user_id']); } $towrite = '<?php $post=' . var_export($blog, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '.inc.php', $towrite); $blog['post_content'] = $post_content_short; $towrite = '<?php $post=' . var_export($blog, true) . ';'; $fileop->file_put_contents(_CACHEPATH_ . '/blogs/posts/' . $blog['post_id'][0] . '/' . $blog['post_id'] . '_short.inc.php', $towrite); if (!isset($blog_details[$blog['fk_blog_id']])) {