Esempio n. 1
0
function comment_add()
{
    if (isset($_SESSION["user_id"])) {
        $post_id = isset($_POST["post_id"]) ? $_POST["post_id"] : "";
        $body = isset($_POST["body"]) ? $_POST["body"] : "";
        if ($post_id != "" && $body != "") {
            $mysqli = db_connect();
            $sql = "SELECT Posts.Id,Posts.Title,Users.NotifyComments,Users.Username,Users.Email,Posts.UserId FROM Posts" . " INNER JOIN Users ON Users.Id=Posts.UserId" . " WHERE Posts.Id=" . $mysqli->real_escape_string($post_id);
            $post_result = $mysqli->query($sql);
            if ($post_result->num_rows > 0) {
                $post_row = $post_result->fetch_assoc();
                $link_title = $post_row["Title"] != "" ? $post_row["Title"] : "Untitled";
                // Add the comment to the comments table
                $sql = "INSERT INTO Comments (" . "PostId,UserId,Body,Created,IPCreated" . ") VALUES (" . $mysqli->real_escape_string($post_id) . "," . $mysqli->real_escape_string($_SESSION["user_id"]) . ",'" . $mysqli->real_escape_string($body) . "'" . ",Now()" . ",'" . $mysqli->real_escape_string($_SERVER["REMOTE_ADDR"]) . "'" . ")";
                $mysqli->query($sql);
                $new_comment_id = $mysqli->insert_id;
                // Update the number of comments on the post
                $count_sql = "SELECT COUNT(*) AS NumComments FROM Comments WHERE PostId=" . $mysqli->real_escape_string($post_id);
                $count_result = $mysqli->query($count_sql);
                $count_row = $count_result->fetch_assoc();
                $update_sql = "UPDATE Posts SET Comments=" . $mysqli->real_escape_string($count_row["NumComments"]) . " WHERE Id=" . $mysqli->real_escape_string($post_id);
                $update_result = $mysqli->query($update_sql);
                // do an email notification if required
                if ($post_row["UserId"] != $_SESSION["user_id"]) {
                    if ($post_row["NotifyComments"] == 1) {
                        $mail_to = $post_row["Email"];
                        $mail_subject = SITE_NAME . " - " . $_SESSION["user_name"] . " commented on '" . $post_row["Title"] . "'";
                        $mail_message = "You have received a new comment on your post '" . $link_title . "' by " . $_SESSION["user_name"] . "...\n---\n" . $body . "\n - " . $_SESSION["user_name"] . " (http://wetheusers.net/" . $_SESSION["user_name"] . ")\n---\n" . "http://wetheusers.net/post/" . $post_row["Id"] . "/" . toAscii($link_title) . "\n\n";
                        send_email($mail_to, $mail_subject, $mail_message);
                    }
                    SendSystemMessage($mysqli, $post_row["UserId"], $_SESSION["user_name"] . " commented on your post '" . $link_title . "'", "[" . $_SESSION["user_name"] . "](http://wetheusers.net/" . $_SESSION["user_name"] . ") commented on your post [" . $link_title . "](http://wetheusers.net/post/" . $post_row["Id"] . "/" . toAscii($link_title) . ")\n\n" . $body, 1);
                }
                // find out people who have commented previously that have NotifyOtherComments switched on
                $sql = "SELECT DISTINCT Users.Id AS UserId, Users.Email AS Email,Users.NotifyOtherComments" . " FROM Users" . " INNER JOIN Comments ON Comments.UserId=Users.Id AND Comments.PostId=" . $post_row["Id"] . " INNER JOIN Posts ON Posts.Id=" . $post_row["Id"] . " WHERE Comments.UserId<>" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.UserId<>Comments.UserId";
                // not if you wrote the comment
                // not if you wrote the post
                $result = $mysqli->query($sql);
                if ($result->num_rows > 0) {
                    while ($comment_row = @$result->fetch_assoc()) {
                        if ($comment_row["NotifyOtherComments"] == 1 && $post_row["UserId"] != $_SESSION["user_id"]) {
                            $mail_to = $comment_row["Email"];
                            $mail_subject = $_SESSION["user_name"] . " commented on '" . $post_row["Title"] . "' too";
                            $mail_message = "A new comment has been posted by " . $_SESSION["user_name"] . " on '" . $link_title . "' by " . $post_row["Username"] . ".\n---\n" . $body . "\n - " . $_SESSION["user_name"] . " (http://wetheusers.net/" . $_SESSION["user_name"] . ")\n---\n" . "http://wetheusers.net/post/" . $post_row["Id"] . "/" . toAscii($post_row["Title"]) . "\n\n";
                            send_email($mail_to, $mail_subject, $mail_message);
                        }
                        SendSystemMessage($mysqli, $comment_row["UserId"], "'" . $_SESSION["user_name"] . "' posted a new comment on '" . $link_title . "' by " . $post_row["Username"], "A new comment has been posted by [" . $_SESSION["user_name"] . "](http://wetheusers.net/" . $_SESSION["user_name"] . ") on [" . $link_title . "](http://wetheusers.net/post/" . $post_row["Id"] . "/" . toAscii($link_title) . ") by [" . $post_row["Username"] . "](http://wetheusers.net/" . $post_row["Username"] . ") (you have also commented on this post)\n\n" . $body, 2);
                    }
                }
                return "success";
            } else {
                header("Location: /404");
            }
        } else {
            header("Location: " . $_SERVER["HTTP_REFERER"] . "/failure");
        }
    } else {
        header("Location: /401");
    }
}
 public function save($title, $album)
 {
     $album->title = sanitizeText($title);
     $slug = toAscii($title);
     $album->slug = $album->id . (!empty($slug) ? '-' . $slug : '');
     $album->save();
     return $album;
 }
function generateFileName($name)
{
    $i = 0;
    $fname = toAscii($name . $i) . ".rdf";
    while (file_exists("rdf/" . $fname)) {
        $i++;
        $fname = toAscii($name . $i) . ".rdf";
    }
    return $fname;
}
Esempio n. 4
0
 function getUniqueFilename($path, $name, $extension = 'csv')
 {
     // Deleting "." from extension
     $extension = str_replace('.', '', $extension);
     // Setting initial name
     $init_name = $name = toAscii($name);
     // Setting counter
     $i = 1;
     // Checking for existed name
     while (file_exists($path . $init_name . '.' . $extension)) {
         $init_name = $name . '_' . $i++;
     }
     // Returning unique filename (without path)
     return $init_name . '.' . $extension;
 }
Esempio n. 5
0
function render_tag_rss($tag)
{
    $mysqli = db_connect();
    $xml = "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" . "<rss version=\"2.0\" xmlns:atom=\"http://www.w3.org/2005/Atom\">\n" . "<channel>\n" . "<title>" . $tag . " - " . SITE_NAME . "</title>\n" . "<atom:link href=\"http://wetheusers.net/tag/" . $tag . "/rss\" rel=\"self\" type=\"application/rss+xml\" />\n" . "<link>http://wetheusers.net/tag/" . $tag . "</link>\n" . "<description>The public posts tagged '" . $tag . "' at wetheusers.net</description>\n" . "<lastBuildDate>" . date("r") . "</lastBuildDate>\n" . "<language>en-gb</language>\n";
    $sql = "SELECT DISTINCT Posts.*,DATE_FORMAT(Posts.Created, '%a, %d %b %Y %T') AS RssPubDate, Users.Username,Users.Avatar,null AS LikeId FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " INNER JOIN PostTags ON Posts.Id=PostTags.PostId" . " INNER JOIN Tags ON PostTags.TagId=Tags.Id" . " WHERE Posts.Privacy=" . POST_PRIVACY_PUBLIC . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Tags.Name='" . $mysqli->real_escape_string($tag) . "'" . " ORDER BY Created DESC LIMIT 20";
    $posts_result = $mysqli->query($sql);
    while ($post_row = @$posts_result->fetch_assoc()) {
        $rss_pub_date = $post_row["RssPubDate"] . " GMT";
        $img_html = $post_row["Photo"] != "" ? "<p><img src=\"http://wetheusers.net/" . $post_row["Photo"] . "\" /></p>\n" : "";
        $xml .= "<item>\n" . "<title>" . strip_tags($post_row["Title"]) . "</title>\n" . "<link>http://wetheusers.net/post/" . $post_row["Id"] . "/" . toAscii($post_row["Title"]) . "</link>\n" . "<guid>http://wetheusers.net/post/" . $post_row["Id"] . "/" . toAscii($post_row["Title"]) . "</guid>\n" . "<pubDate>" . $rss_pub_date . "</pubDate>\n" . "<description><![CDATA[" . $img_html . Markdown($post_row["Body"]) . "]]></description>\n" . "</item>\n";
    }
    // end the feed
    $xml .= "</channel>\n" . "</rss>\n";
    return $xml;
}
Esempio n. 6
0
 /**
  * Method to add games
  *
  * @param array $val
  * @param boolean $isAdmin
  * @return bool
  */
 public function add($val, $isAdmin = false)
 {
     $expected = ['title', 'description', 'category', 'content' => '', 'approved' => \Config::get('game-need-confirm') ? 0 : 1, 'verified' => 0, 'width' => '100%', 'height' => '450'];
     /**
      * @var $title
      * @var $description
      * @var $category
      * @var $approved
      * @var $verified
      * @var $content
      * @var $width
      * @var $height
      */
     extract(array_merge($expected, $val));
     if ($isAdmin) {
         $approved = 1;
     }
     $gameFile = '';
     if (\Input::hasFile('file')) {
         $maxSize = \Config::get('game-max-upload', 10000000);
         $file = \Input::file('file');
         $ext = $file->getClientOriginalExtension();
         if ($file->getSize() > $maxSize or strtolower($ext) != 'swf') {
             return false;
         }
         $userid = \Auth::user()->id;
         $filePath = "uploads/games/" . $userid . '/';
         //ensure the folder exists
         $this->file->makeDirectory(public_path() . '/' . $filePath, 0777, true, true);
         $fileName = md5($file->getClientOriginalName() . time()) . '.swf';
         $gameFile = $filePath . $fileName;
         $file->move(public_path() . '/' . $filePath, $fileName);
     }
     $gameIcon = '';
     if (\Input::hasFile('icon')) {
         if (!$this->photoRepository->imagesMetSizes(\Input::file('icon'))) {
             return false;
         }
         $user = \Auth::user();
         $gameIcon = $this->photoRepository->upload(\Input::file('icon'), ['path' => 'users/' . $user->id, 'slug' => 'games-', 'userid' => $user->id]);
     }
     //one of game file and content must not be empty
     if (empty($gameFile) and empty($content)) {
         return false;
     }
     $category = sanitizeText($category);
     if (!$this->category->get($category)) {
         return false;
     }
     $slug = toAscii($title);
     if (!empty($title)) {
         $game = $this->model->newInstance();
         $game->title = sanitizeText($title, 130);
         $game->description = sanitizeText($description);
         $game->category = $category;
         $game->user_id = \Auth::user()->id;
         $game->verified = $verified;
         $game->slug = hash('crc32', $title . time());
         $game->approved = $approved;
         if (isset($content)) {
             $game->iframe_content = $content;
         }
         $game->game_path = $gameFile;
         $game->logo = $gameIcon;
         if ($width) {
             $game->width = sanitizeText($width);
         }
         if ($height) {
             $game->height = sanitizeText($height);
         }
         $game->save();
         $this->event->fire('game.add', [$game]);
         return $game;
     }
     return false;
 }
 /**
  * Returns array('success'=>true) or array('error'=>'error message')
  */
 function handleUpload($uploadDirectory, $replaceOldFile = FALSE)
 {
     if (!is_writable($uploadDirectory)) {
         return array('error' => "Server error. Upload directory isn't writable.");
     }
     if (!$this->file) {
         return array('error' => 'No files were uploaded.');
     }
     $size = $this->file->getSize();
     if ($size == 0) {
         return array('error' => 'File is empty');
     }
     if ($size > $this->sizeLimit) {
         return array('error' => 'File is too large');
     }
     $pathinfo = pathinfo($this->file->getName());
     $filename = $pathinfo['filename'];
     $filename = toAscii($filename) . "_" . date("Y_m_d_H_i_s");
     //$filename = md5(uniqid());
     $ext = $pathinfo['extension'];
     if ($this->allowedExtensions && !in_array(strtolower($ext), $this->allowedExtensions)) {
         $these = implode(', ', $this->allowedExtensions);
         return array('error' => 'File has an invalid extension, it should be one of ' . $these . '.');
     }
     if (!$replaceOldFile) {
         /// don't overwrite previous files that were uploaded
         while (file_exists($uploadDirectory . $filename . '.' . $ext)) {
             $filename .= rand(10, 99);
         }
     }
     if ($this->file->save($uploadDirectory . $filename . '.' . $ext)) {
         return array('success' => true, 'filename' => $filename . '.' . $ext);
     } else {
         return array('error' => 'Could not save uploaded file.' . 'The upload was cancelled, or server error encountered');
     }
 }
Esempio n. 8
0
                echo "Modultyp: " . toAscii(array($sline[9], $sline[10], $sline[11], $sline[12], $sline[13], $sline[14], $sline[15], $sline[16], $sline[17], $sline[18], $sline[19], $sline[20])) . "; ";
                break;
            case "04":
                echo " -> ";
                $mode = "";
                if ($sline[9] == "01") {
                    $mode = "Automatik";
                }
                if ($sline[9] == "02") {
                    $mode = "Manuell";
                }
                if ($sline[9] == "04") {
                    $mode = "Adaption";
                }
                echo "Betriebsart: " . $sline[9] . ": {$mode}";
                break;
            case "05":
            case "06":
                echo " -> ";
                echo "Messwert: " . hexdec($sline[9] . $sline[10]) * 0.01 . "; ";
                echo "Bereich Anfang: " . hexdec($sline[11] . $sline[12]) * 0.01 . "; ";
                echo "Bereich Ende: " . hexdec($sline[13] . $sline[14]) * 0.01 . "; ";
                echo "Einheit: " . toAscii(array($sline[15], $sline[16], $sline[17], $sline[18], $sline[19])) . "; ";
                echo "Teiler: " . toAscii(array($sline[20]));
                break;
        }
        echo "\n";
    }
    echo "\n";
}
echo "</pre>";
Esempio n. 9
0
	</form>
<?php 
$notfound = array();
$files = array();
if ($os) {
    $path = "./os/" . toAscii(basename($os)) . ".html";
    if (file_exists($path)) {
        $files[] = $path;
    }
} else {
    $families = explode(",", $families);
    $families = array_reverse($families);
    $files[] = "./defaults/default.html";
    foreach ($families as $family) {
        $path = "./results/" . toAscii(basename($family)) . ".html";
        if (file_exists($path)) {
            $files[] = $path;
        } else {
            if (!empty($family)) {
                $notfound[] = $family;
            }
        }
    }
}
if (count($notfound) > 0) {
    ?>
	<p class="legend unsupported"><span class="icon-unsupported" aria-hidden="true"></span>
<?php 
    $notfound = array_reverse($notfound);
    $notfoundLength = count($notfound);
Esempio n. 10
0
$db = array('server' => 'localhost', 'user' => 'root', 'password' => 'monkey00', 'database' => 'swapi');
// $nodes = [];
// $links = [];
// $people = [];
$link = mysqli_connect($db['server'], $db['user'], $db['password'], $db['database']);
// $q = "SELECT * FROM craft_entryversions WHERE id NOT IN (SELECT id FROM (SELECT max(id) AS id, entryId FROM craft_entryversions GROUP BY entryId) X) AND locale = '".$locale."'";
$q = "SELECT * FROM data WHERE name <> ''";
$r = $link->query($q);
foreach ($r as $row) {
    $people[$row['id']] = toAscii($row['name']);
    // if ($row['killer'] > 0 AND $row['film'] != NULL) {
    // $node['match'] =
    $death['match'] = 1;
    $death['name'] = htmlspecialchars($row['name']);
    $death['artist'] = $row['film'];
    $death['id'] = toAscii($row['name']);
    $count = "SELECT * FROM `deaths` WHERE `killer` = '" . $row['id'] . "'";
    $countR = $link->query($count);
    // print_r($countR);
    // exit;
    $death['playcount'] = $countR->num_rows;
    $death['affinity'] = (int) $row['affinity'];
    $death['group'] = (int) $row['film'];
    $death['value'] = $row['episodes'];
    // $node['id'] =
    $deaths[] = $death;
    // }
    // match": 1.0,
    //    "name": "Diamonds On The Soles Of Her Shoes",
    //    "artist": "Paul Simon",
    //    "id": "diamonds_on_the_soles_of_her_shoes_paul_simon",
Esempio n. 11
0
 static function format($data, $highlight = false)
 {
     $timer = new timer();
     $single = false;
     //	test_array($items);
     if (isset($data['ID'])) {
         $single = true;
         $data = array($data);
     }
     //test_array($items);
     $i = 1;
     $n = array();
     //test_array($items);
     foreach ($data as $item) {
         if ($highlight) {
             $item = parent::highlight($item, $highlight);
         }
         $item['url'] = toAscii($item['name']);
         $n[] = $item;
     }
     if ($single) {
         $n = $n[0];
     }
     $timer->_stop(__NAMESPACE__, __CLASS__, __FUNCTION__, func_get_args());
     return $n;
 }
Esempio n. 12
0
 public function render_template()
 {
     $this->default_vars();
     if (is_array($this->vars['folder'])) {
         $folder = $this->vars['folder'];
     } else {
         $folder = array($this->vars['folder']);
     }
     if (isset($this->vars['page'])) {
         if (isset($this->vars['page']['js']) && $this->vars['page']['js'] != '') {
             if (!is_array($this->vars['page']['js'])) {
                 $this->vars['page']['js'] = explode(",", $this->vars['page']['js']);
             }
         }
         if (isset($this->vars['page']['template'])) {
             $folders = $folder;
             $tfile = $this->vars['page']['template'];
             $tfile = explode(".", $tfile);
             $tfile = $tfile[0];
             $version = $this->f3->get('_v');
             foreach ($folders as $f) {
                 if (file_exists('' . $f . '' . $tfile . '.twig')) {
                     if (file_exists('' . $f . '_js/' . $tfile . '.js')) {
                         $this->vars['page']['template_js'] = '/' . $f . '_js/' . $tfile . '.' . $version . '.js';
                     }
                     if (file_exists('' . $f . '_css/' . $tfile . '.css')) {
                         $this->vars['page']['template_css'] = '/' . $f . '_css/' . $tfile . '.' . $version . '.css';
                     }
                     if (file_exists('' . $f . 'template/' . $tfile . '.jtmpl')) {
                         $this->vars['page']['template_jtmpl'] = '/' . 'template/' . $tfile . '.jtmpl';
                     }
                     break;
                 }
             }
             $this->vars['page']['template'] = $this->vars['page']['template'] . ".twig";
         }
         //test_array($this->vars['page']);
     }
     //test_array($this->vars['page']);
     if ($this->config['strictfolder']) {
         $folder = $this->vars['folder'];
     }
     $loader = new Twig_Loader_Filesystem($folder);
     $options = array();
     if (!isLocal() && $this->f3->get("CACHE")) {
         //	$options['cache'] = $this->config['cache_dir'];
     }
     $options['debug'] = true;
     //$options['cache'] = false;
     //test_array($this->vars);
     $twig = new Twig_Environment($loader, $options);
     $twig->addExtension(new Twig_Extension_Debug());
     $twig->addFilter(new Twig_SimpleFilter('toAscii', function ($string) {
         $string = toAscii($string);
         return $string;
     }));
     $twig->addFilter(new Twig_SimpleFilter('scrub', function ($string) {
         $f3 = \Base::instance();
         $string = $f3->scrub($string);
         return $string;
     }));
     //test_array(array("template"=>$this->template,"vars"=>$this->vars));
     return $twig->render($this->template, $this->vars);
 }
Esempio n. 13
0
}
// must be valid deadline or empty
$formattedDeadline = strtotime($deadline);
if ($formattedDeadline === false && $deadline != '') {
    $json = array('error' => 'Deadline must be a valid date or empty.');
    exit(json_encode($json));
}
// format deadline for MYSQL
$formattedDeadline = $formattedDeadline != '' ? date("Y-m-d H:i:s", $formattedDeadline) : null;
// format private
$private = empty($private) ? 0 : 1;
// create the project
$project = new Project(array('creator_id' => Session::getUserID(), 'title' => $title, 'slug' => '', 'pitch' => $pitch, 'specs' => $specs, 'rules' => $rules, 'status' => Project::STATUS_PRE_PRODUCTION, 'deadline' => $formattedDeadline, 'private' => $private));
$project->save();
// generate slug from project title/ID
$slug = toAscii($title);
$slug = $project->getID() . '-' . $slug;
// save new slug
$project->setSlug($slug);
$project->save();
// add creator as ProjectUser
$pu = new ProjectUser(array('project_id' => $project->getID(), 'user_id' => Session::getUserID(), 'relationship' => ProjectUser::CREATOR));
$pu->save();
// log it
$logEvent = new Event(array('event_type_id' => 'create_project', 'project_id' => $project->getID(), 'user_1_id' => Session::getUserID()));
$logEvent->save();
// send us back
//$successURL = Url::project($project->getID());
$successURL = Url::peopleInvite($project->getID());
Session::setMessage('Project created! Now you need some members.');
$json = array('success' => '1', 'successUrl' => $successURL);
/**
 * Converts to lowercase url friendly string.
 *
 * @param string $string_
 *
 * @return string
 */
function toLowercaseUrlIdentifier($string_, $preserveUnicode_ = false)
{
    if ($preserveUnicode_) {
        $string_ = mb_convert_encoding($string_, 'HTML-ENTITIES', libstd_get('charset', 'env'));
    } else {
        $string_ = toAscii($string_);
    }
    $string_ = preg_replace('/[^a-z0-9]/i', '-', $string_);
    $string_ = preg_replace('/-+/', '-', strtolower($string_));
    if ('-' === $string_) {
        return null;
    }
    return $string_;
}
Esempio n. 15
0
 function sendNewItemNotification($itemid, $title, $body)
 {
     global $CONF, $member;
     // create text version of html post
     $ascii = toAscii($body);
     $mailto_msg = _NOTIFY_NI_MSG . " \n";
     //		$mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $itemid . "\n\n";
     $temp = parse_url($CONF['Self']);
     if ($temp['scheme']) {
         $mailto_msg .= createItemLink($itemid) . "\n\n";
     } else {
         $tempurl = $this->getURL();
         if (substr($tempurl, -1) == '/' || substr($tempurl, -4) == '.php') {
             $mailto_msg .= $tempurl . '?itemid=' . $itemid . "\n\n";
         } else {
             $mailto_msg .= $tempurl . '/?itemid=' . $itemid . "\n\n";
         }
     }
     $mailto_msg .= _NOTIFY_TITLE . ' ' . strip_tags($title) . "\n";
     $mailto_msg .= _NOTIFY_CONTENTS . "\n " . $ascii . "\n";
     $mailto_msg .= getMailFooter();
     $mailto_title = $this->getName() . ': ' . _NOTIFY_NI_TITLE;
     $frommail = $member->getNotifyFromMailAddress();
     $notify =& new NOTIFICATION($this->getNotifyAddress());
     $notify->notify($mailto_title, $mailto_msg, $frommail);
 }
Esempio n. 16
0
 static function format($data, $childrenGrouping = false, $highlight = false)
 {
     $timer = new timer();
     $single = false;
     //	test_array($items);
     if (isset($data['ID'])) {
         $single = true;
         $data = array($data);
     }
     //test_array($items);
     $i = 1;
     $n = array();
     //test_array($items);
     foreach ($data as $item) {
         if ($highlight) {
             $item = parent::highlight($item, $highlight);
         }
         $item['url'] = toAscii($item['category']);
         $n[] = $item;
     }
     if ($single) {
         $n = $n[0];
     }
     $records = $n;
     if (count($records) && !isset($n['ID']) && $childrenGrouping) {
         $rows = array();
         foreach ($records as $row) {
             $row['children'] = array();
             $rows[$row['ID']] = $row;
         }
         foreach ($rows as $k => &$v) {
             if ($v['parentID'] == $v['ID']) {
                 continue;
             }
             if (isset($rows[$v['parentID']])) {
                 $rows[$v['parentID']]['children'][] =& $v;
             }
         }
         foreach ($rows as $item) {
             if ($item['parentID']) {
                 unset($rows[$item['ID']]);
             }
         }
         //	array_splice($rows, 2);
         //test_array($rows);
         $n = $rows;
         $nn = array();
         foreach ($n as $key => $item) {
             $nn[] = $item;
         }
         $n = $nn;
     }
     //test_array($n);
     $timer->_stop(__NAMESPACE__, __CLASS__, __FUNCTION__, func_get_args());
     return $n;
 }
Esempio n. 17
0
function post_add()
{
    if (isset($_SESSION["user_id"])) {
        $post_title = isset($_POST["title"]) ? $_POST["title"] : "";
        $post_body = isset($_POST["body"]) ? $_POST["body"] : "";
        $post_tags = isset($_POST["tags"]) ? $_POST["tags"] : "";
        $post_privacy = isset($_POST["privacy"]) ? $_POST["privacy"] : "";
        $post_status = isset($_POST["status"]) ? $_POST["status"] : "";
        $link_title = $post_title != "" ? $post_title : "Untitled";
        if ($post_privacy != "" && $post_status != "") {
            $new_post_id = 0;
            $mysqli = db_connect();
            $mysqli->query("INSERT INTO Posts (UserId,Title,Body,Privacy,Status,Created,IPCreated) VALUES (" . "'" . $mysqli->real_escape_string($_SESSION["user_id"]) . "'," . "'" . $mysqli->real_escape_string($post_title) . "'," . "'" . $mysqli->real_escape_string($post_body) . "'," . "'" . $mysqli->real_escape_string($post_privacy) . "'," . "'" . $mysqli->real_escape_string($post_status) . "'," . "NOW()," . "'" . $mysqli->real_escape_string($_SERVER["REMOTE_ADDR"]) . "'" . ")");
            $new_post_id = $mysqli->insert_id;
            // do we have a photo ?
            upload_photo($new_post_id, $mysqli);
            // break the tags up into individual terms
            $tags = explode(",", $post_tags);
            if (count($tags) > 0) {
                // trim all tags
                $tags = array_map("trim", $tags);
                foreach ($tags as $tag) {
                    if ($tag != "") {
                        $tag = strtolower($tag);
                        $tag_id = 0;
                        // find out if the tag exists
                        $sql = "SELECT * FROM Tags WHERE Name='" . $mysqli->real_escape_string($tag) . "'";
                        $result = $mysqli->query($sql);
                        if ($result->num_rows > 0) {
                            // if it does exist, get it's ID
                            $row = @$result->fetch_assoc();
                            $tag_id = $row["Id"];
                        } else {
                            // if it does not exist, add it, and get the ID
                            $sql = "INSERT INTO Tags (Name) VALUES ('" . $mysqli->real_escape_string($tag) . "')";
                            $mysqli->query($sql);
                            $tag_id = $mysqli->insert_id;
                        }
                        // add the tag to the PostTags list
                        $mysqli->query("INSERT INTO PostTags (PostId,TagId,Created) VALUES (" . $mysqli->real_escape_string($new_post_id) . "," . $mysqli->real_escape_string($tag_id) . ",Now())");
                    }
                }
            }
            if ($post_status == POST_STATUS_PUBLISHED) {
                // check if we have any users to notify
                if ($post_privacy == POST_PRIVACY_FRIENDS_ONLY) {
                    // fetch people that the writer calls a friend AND where the people call the writer a friend
                    $sql = "SELECT DISTINCT Users.Id,Users.Email,Users.NotifyFriendsPosts FROM Users" . " LEFT OUTER JOIN Friends FriendsOfMe ON FriendsOfMe.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND FriendsOfMe.FriendId=Users.Id" . " LEFT OUTER JOIN Friends FriendsOfAuthor ON Users.Id=FriendsOfAuthor.UserId AND FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " WHERE (FriendsOfAuthor.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND FriendsOfMe.FriendId=Users.Id)";
                } else {
                    if ($post_privacy != POST_PRIVACY_PRIVATE) {
                        // fetch everybody that calls the author a friend
                        $sql = "SELECT Users.Id,Users.Email,Users.NotifyFriendsPosts FROM Users" . " INNER JOIN Friends ON Friends.UserId=Users.Id" . " WHERE Friends.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]);
                    } else {
                        $sql = "SELECT * FROM Friends WHERE 1=2";
                    }
                }
                $user_result = $mysqli->query($sql);
                if ($user_result->num_rows > 0) {
                    while ($user_row = @$user_result->fetch_assoc()) {
                        if ($user_row["NotifyFriendsPosts"] == 1) {
                            $mail_to = $user_row["Email"];
                            $mail_subject = SITE_NAME . " - '" . $_SESSION["user_name"] . "' has a new post!";
                            $mail_message = "Your friend '" . $_SESSION["user_name"] . "' has just posted the following...\n\n" . $post_title . "\n" . "http://wetheusers.net/post/" . $new_post_id . "/" . toAscii($link_title) . "\n\n";
                            send_email($mail_to, $mail_subject, $mail_message);
                        }
                        // send the system message
                        SendSystemMessage($mysqli, $user_row["Id"], $_SESSION["user_name"] . " has written a new post - " . $post_title, "[" . $_SESSION["user_name"] . "](http://wetheusers.net/" . $_SESSION["user_name"] . ") has written a new post - [" . $link_title . "](http://wetheusers.net/post/" . $new_post_id . "/" . toAscii($link_title) . ")", 3);
                    }
                }
            }
            return $new_post_id;
        } else {
            return -1;
        }
    } else {
        header("Location: /401");
    }
}
Esempio n. 18
0
 function company()
 {
     $result = array();
     $user = $this->user;
     $ID = isset($_GET['ID']) ? $_GET['ID'] : "";
     $ID_orig = $ID;
     $values = array("company" => $this->post("company", true), "invitecode" => $this->post("invitecode"), "admin_email" => $this->post("admin_email", "A valid email is Required"));
     $errors = $this->errors;
     if ($values['invitecode'] == "") {
         $values['invitecode'] = $values['company'] . "-" . md5($values['company'] . "meetpad" . date("dmyhis"));
     }
     $companyO = models\company::getInstance();
     $exists = $companyO->getAll("company='{$values['company']}'");
     $exists = isset($exists[0]) ? $exists[0] : false;
     if ($exists && $exists['ID'] != $ID) {
         $errors['company'] = "A company with that name already exists<br> Admin Contact: {$exists['admin_email']}";
     }
     //test_array($errors);
     $groups = array();
     $categories = array();
     $groups_id = array();
     $categories_id = array();
     $groupCount = 0;
     $catCount = 0;
     foreach ($_POST as $key => $val) {
         if (strpos($key, "group-edit-") > -1) {
             $itemID = str_replace("group-edit-", '', $key);
             $groups_id[] = $itemID;
             $groups[] = array("ID" => $itemID, "group" => $val, "orderby" => count($groups));
             if ($val != "") {
                 $groupCount = $groupCount + 1;
             }
         }
         if (strpos($key, "group-add-") > -1) {
             $groups[] = array("ID" => "", "group" => $val, "orderby" => count($groups));
             if ($val != "") {
                 $groupCount = $groupCount + 1;
             }
         }
         if (strpos($key, "category-add-") > -1) {
             $categories[] = array("ID" => "", "category" => $val, "orderby" => count($categories));
             if ($val != "") {
                 $catCount = $catCount + 1;
             }
         }
         if (strpos($key, "category-edit-") > -1) {
             $itemID = str_replace("category-edit-", '', $key);
             $categories_id[] = $itemID;
             $categories[] = array("ID" => str_replace("category-edit-", '', $key), "category" => $val, "orderby" => count($categories));
             if ($val != "") {
                 $catCount = $catCount + 1;
             }
         }
     }
     if ($groupCount <= 0) {
         $errors['company-groups'] = "No Groups Added, Please add at least 1 group to the company";
     }
     if ($catCount <= 0) {
         $errors['company-categories'] = "No Categories Added, Please add at least 1 category to the company";
     }
     //test_array($categories);
     if (count($errors) == 0) {
         $ID = models\company::save($ID, $values);
         models\company::saveGroups($ID, $groups);
         models\company::saveCategories($ID, $categories);
         //	->saveGroups($groups)->removeGroups($group_remove_list)->saveCategories($categories)->removeCategories($category_remove_list)->show();
         if ($ID_orig != $ID) {
             models\company::addUser($this->user["ID"], $ID, true);
         }
     }
     $return = array("ID" => $ID, "errors" => $errors);
     if ($ID_orig != $ID) {
         $return['new'] = toAscii($values['company']);
     }
     return $GLOBALS["output"]['data'] = $return;
 }
Esempio n. 19
0
function comment_like($post_id, $comment_id)
{
    if (isset($_SESSION["user_id"])) {
        // open database connection
        $mysqli = db_connect();
        // get the post
        $sql = "SELECT Posts.*,Users.Username,Users.Avatar,Users.NotifyLikes AS NotifyLikes,Users.Email AS Email FROM Posts" . " INNER JOIN Users ON Posts.UserId=Users.Id" . " LEFT OUTER JOIN Friends FriendsA ON Posts.UserId=FriendsA.UserId AND FriendsA.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " WHERE" . " ((FriendsA.FriendId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND Posts.Privacy=" . POST_PRIVACY_FRIENDS_ONLY . ")" . " OR" . " (Posts.Privacy=" . POST_PRIVACY_PUBLIC . ")" . " OR" . " (Posts.UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . "))" . " AND Posts.Status=" . POST_STATUS_PUBLISHED . " AND Posts.Id='" . $mysqli->real_escape_string($post_id) . "'";
        $post_result = $mysqli->query($sql);
        $sql = "SELECT * FROM Comments" . " INNER JOIN Users ON Comments.UserId=Users.Id" . " WHERE Comments.Id='" . $mysqli->real_escape_string($comment_id) . "'";
        $comment_result = $mysqli->query($sql);
        if ($post_result->num_rows > 0 && $comment_result->num_rows > 0) {
            $post_row = $post_result->fetch_assoc();
            $comment_row = $comment_result->fetch_assoc();
            // remove previous likes (to prevent repeated calls)
            $sql = "DELETE FROM CommentLikes WHERE UserId=" . $mysqli->real_escape_string($_SESSION["user_id"]) . " AND PostId=" . $mysqli->real_escape_string($post_id) . " AND CommentId=" . $mysqli->real_escape_string($comment_id);
            $mysqli->query($sql);
            // add a new like
            $sql = "INSERT INTO CommentLikes (UserId,PostId,CommentId,Created,IPCreated) VALUES (" . $mysqli->real_escape_string($_SESSION["user_id"]) . "," . $mysqli->real_escape_string($post_id) . "," . $mysqli->real_escape_string($comment_id) . ",NOW(),'" . $mysqli->real_escape_string($_SERVER["REMOTE_ADDR"]) . "')";
            $mysqli->query($sql);
            // find out how many likes the comment now has
            $sql = "SELECT COUNT(Id) AS NumLikes FROM CommentLikes WHERE PostId=" . $mysqli->real_escape_string($post_id) . " AND CommentId=" . $mysqli->real_escape_string($comment_id);
            $likes_result = $mysqli->query($sql);
            $likes_row = $likes_result->fetch_assoc();
            // update the like count on the post
            $sql = "UPDATE Comments SET Likes=" . $mysqli->real_escape_string($likes_row["NumLikes"]) . " WHERE Id=" . $mysqli->real_escape_string($comment_id);
            $mysqli->query($sql);
            // find out if the User wants a notification
            if ($comment_row["NotifyLikes"] == 1) {
                $mail_to = $comment_row["Email"];
                $mail_subject = SITE_NAME . " - " . $_SESSION["user_name"] . " liked your comment to the post '" . $post_row["Title"] . "'";
                $mail_message = $_SESSION["user_name"] . " liked your comment to the post '" . $post_row["Title"] . "'. The comment now has " . $likes_row["NumLikes"] . " likes.\n\n" . "http://wetheusers.net/post/" . $post_row["Id"] . "/" . toAscii($post_row["Title"]) . "\n\n";
                send_email($mail_to, $mail_subject, $mail_message);
            }
            SendSystemMessage($mysqli, $comment_row["UserId"], $_SESSION["user_name"] . " liked your comment to the post '" . $post_row["Title"] . "'", "[" . $_SESSION["user_name"] . "](http://wetheusers.net/" . $_SESSION["user_name"] . ") liked your comment to the post [" . $post_row["Title"] . "](http://wetheusers.net/post/" . $post_row["Id"] . "/" . toAscii($post_row["Title"]) . "). The comment now has " . $likes_row["NumLikes"] . " likes.", 6);
            return $likes_row["NumLikes"];
        } else {
            return -1;
        }
    } else {
        return -1;
    }
}
Esempio n. 20
0
function render_tile($mysqli, $post_row, $display_comments)
{
    $privacy_class = $post_row["Privacy"] == POST_PRIVACY_FRIENDS_ONLY ? "friends_only" : "";
    $html = "<div class=\"tile " . $privacy_class . "\">\n";
    if ($post_row["Photo"] != "") {
        $target_width = 320;
        //determine dimensions
        $width = intval($post_row["PhotoWidth"]);
        $height = intval($post_row["PhotoHeight"]);
        // make it smaller
        $ratio = $target_width / $width;
        // we want to end up at 280 width
        $width = round($width * $ratio);
        $height = round($height * $ratio);
        $html .= "<div class='photo'><a href=\"/post/" . $post_row["Id"] . "/" . toAscii($post_row["Title"]) . "\" title=\"" . $post_row["Title"] . "\"><img src=\"/" . $post_row["Photo"] . "\" width=\"" . $width . "\" height=\"" . $height . "\" alt=\"" . $post_row["Title"] . "\" /></a></div>\n";
    }
    $html .= "<div class=\"post\">\n";
    // render the post content
    $html .= "<h2><a href=\"/post/" . $post_row["Id"] . "/" . toAscii($post_row["Title"]) . "\" title=\"" . htmlspecialchars($post_row["Title"]) . "\">" . $post_row["Title"] . "</a></h2>\n";
    // look for twitter style name references in the body
    $pattern = "/@([a-zA-Z0-9_]+)/";
    $replace = "[@\$1](http://wetheusers.net/\$1)";
    $body = preg_replace($pattern, $replace, $post_row["Body"]);
    // look for hashtags
    $pattern = "/#([a-zA-Z0-9_]+)/";
    $replace = "[#\$1](http://wetheusers.net/explore/tag/\$1)";
    $body = preg_replace($pattern, $replace, $body);
    $html .= Markdown($body);
    // if we have no avatar, substitute with a generic image
    $avatar_image = $post_row["Avatar"] != "" ? $post_row["Avatar"] : "avatars/generic_64.jpg";
    $like_button = "";
    if (isset($_SESSION["user_id"])) {
        if ($post_row["UserId"] != $_SESSION["user_id"]) {
            $liked = $post_row["LikeId"] != null ? "liked" : "";
            $like_button = "<div title=\"Click to like or unlike\" class=\"like_button " . $liked . "\" post_id=\"" . $post_row["Id"] . "\" like_count_id=\"like_count_" . $post_row["Id"] . "\">&nbsp;</div>\n";
        }
    }
    // render the meta data
    $html .= "</div> <!-- .post -->\n" . "<div class=\"meta\">\n" . "<div class=\"avatar\"><a href=\"/" . $post_row["Username"] . "\" title=\"" . $post_row["Username"] . "\"><img src=\"/" . $avatar_image . "\" width=\"32\" height=\"32\" alt=\"" . $post_row["Username"] . "\" /></a></div>\n" . "<div class=\"info\"><a href=\"/" . $post_row["Username"] . "\" title=\"" . $post_row["Username"] . "\">" . $post_row["Username"] . "</a>\n" . " <ul class='controls'>\n" . "  <li><a href=\"/post/" . $post_row["Id"] . "/" . toAscii($post_row["Title"]) . "\">" . time_ago($post_row["Created"]) . "</a></li>\n" . "  <li><a href=\"/post/" . $post_row["Id"] . "/" . toAscii($post_row["Title"]) . "/#comments\">" . $post_row["Comments"] . " comments</a></li>\n" . "  <li><a href=\"/post/" . $post_row["Id"] . "/" . toAscii($post_row["Title"]) . "/#likes\"><span id=\"like_count_" . $post_row["Id"] . "\">" . $post_row["Likes"] . "</span> likes</a></li>\n" . " </ul>\n" . "</div> <!-- .info -->\n" . $like_button . "<div class=\"clear\"></div>\n" . "</div> <!-- .meta -->\n" . "</div> <!-- .tile -->\n";
    return $html;
}
Esempio n. 21
0
  SELECT mp_id, mp_mid, readed, deleted FROM ' . $source . '.mp_participants') or die(print_r($dbDestination->errorInfo()));
$r = $dbSource->query('SELECT * FROM mp_msg');
$dbDestination->beginTransaction();
$q = $dbDestination->prepare('INSERT INTO msg_messages (id, module, pmid, author, content, created_at, updated_at)
  VALUES (null, "pm", :k, :a, :c, :cr, :up)');
while ($d = $r->fetch()) {
    $q->execute(array("k" => $d['mp_id'], "a" => $d['mp_auteur'], "c" => bbcode_decode($d['mp_txt']), "cr" => $d['mp_date'], "up" => $d['mp_date']));
}
$dbDestination->commit();
echo "Updating PM timings (last message date)...\n";
$q = $dbDestination->query('UPDATE pm_topics f SET 
  created_at = (SELECT MIN(created_at) FROM msg_messages WHERE module = "pm" AND pmid = f.id),
  updated_at = (SELECT MAX(created_at) FROM msg_messages WHERE module = "pm" AND pmid = f.id)');
echo "Migrating news...\n";
$r = $dbSource->query('SELECT * FROM news');
$dbDestination->beginTransaction();
$q = $dbDestination->prepare('INSERT INTO news (id, title, description, author, created_at, updated_at, slug)
  VALUES (null, :t, :d, :a, :c, :u, :s)');
while ($d = $r->fetch()) {
    $q->execute(array("t" => $d['titre'], "a" => $d['auteur'], "d" => bbcode_decode($d['contenu']), "c" => $d['creation'], "u" => $d['creation'], "s" => toAscii($d['titre'])));
}
$dbDestination->commit();
echo "Migrating IP...\n";
$r = $dbSource->query('SELECT * FROM ip');
$dbDestination->beginTransaction();
$q = $dbDestination->prepare('INSERT INTO ips (ip, uid, created_at, updated_at)
  VALUES (:i, :u, :c, :u)');
while ($d = $r->fetch()) {
    $q->execute(array("i" => inet_ntop($d['ip']), "u" => $d['uid'], "c" => $d['creation'], "u" => $d['creation']));
}
$dbDestination->commit();