function toolbar_mainbody($vars)
{
global $CFG;
require_once $CFG->dirroot . 'lib/filelib.php';
// to ensure file_get_contents()
if (isloggedin()) {
$toolbar = file_get_contents($CFG->dirroot . "mod/toolbar/toolbar.inc");
} else {
//$toolbar = file_get_contents($CFG->dirroot . "mod/toolbar/toolbarloggedout.inc");
}
if (isset($vars[1]) && $vars[1] == 'box') {
$css = file_get_contents($CFG->dirroot . "mod/toolbar/css-box");
} else {
$css = file_get_contents($CFG->dirroot . "mod/toolbar/css");
}
$css = str_replace("{{url}}", $CFG->wwwroot, $css);
$toolbar .= "{$css}";
$toolbar = str_replace("{{url}}", $CFG->wwwroot, $toolbar);
$toolbar = str_replace("{{menu}}", templates_variables_substitute(array(array(), "menu")), $toolbar);
$toolbar = str_replace("{{topmenu}}", templates_variables_substitute(array(array(), "topmenu")), $toolbar);
$toolbar = str_replace("{{logon}}", __gettext("Log on:"), $toolbar);
$toolbar = str_replace("{{username}}", __gettext("Username"), $toolbar);
$toolbar = str_replace("{{password}}", __gettext("Password"), $toolbar);
$toolbar = str_replace("{{poweredby}}", __gettext("Powered by Elgg"), $toolbar);
$toolbar = str_replace("{{remember}}", __gettext("Remember me"), $toolbar);
if (isloggedin()) {
$toolbar = str_replace("{{usericon}}", "<a href=\"{$CFG->wwwroot}{$_SESSION['username']}\">" . user_icon_html($_SESSION['userid'], 50) . "</a>", $toolbar);
} else {
$toolbar = str_replace("{{usericon}}", user_icon_html(-1, 50), $toolbar);
}
return $toolbar;
}
/**
*
*/
function User($var)
{
global $CFG;
$this->exists = false;
// Both username or userid may be passed
if (is_numeric($var)) {
// Numeric, we probably received a userid
$info = get_record('users', 'ident', $var);
} elseif (is_string($var)) {
// String, we probably recieved a username
$info = get_record('users', 'username', $var);
}
if (!empty($info)) {
$this->exists = true;
$this->ident = $info->ident;
$this->username = $info->username;
$this->email = $info->email;
$this->name = user_name($info->ident);
$this->alias = $info->alias;
$this->code = $info->code;
$this->icon_quota = $info->icon_quota;
$this->file_quota = $info->file_quota;
$this->user_type = $info->user_type;
$this->owner = $info->owner;
ereg('^([a-zA-Z]*) (.*)', $this->name, $groups);
$this->firstname = trim($groups[1]);
$this->lastname = trim($groups[2]);
// Load the weblog id's, starting with communities
// Need to select two fields to collect instead of just u.ident else
// this very handy datalib function will return false...
$communities = get_records_sql('SELECT DISTINCT u.ident,u.name
FROM ' . $CFG->prefix . 'friends f
JOIN ' . $CFG->prefix . 'users u
ON u.ident = f.friend
WHERE f.owner = ?
AND u.user_type = ?', array($this->ident, 'community'));
$this->blogs = array();
// Add the own weblog id (is same as user id)
$this->blogs[] = $this->ident;
// Add the communities
if ($communities) {
foreach ($communities as $community) {
$this->blogs[] = $community->ident;
}
}
$this->icon = user_icon_html($info->ident, 100, true);
}
}
global $CFG;
global $db;
// Search criteria are passed in $parameter from run("search:display")
$handle = 0;
foreach ($data['profile:details'] as $profiletype) {
if ($profiletype->internal_name == $parameter[0] && $profiletype->field_type == "keywords") {
$handle = 1;
}
}
if ($handle) {
$sub_result = "";
$searchline = "tagtype = " . $db->qstr($parameter[0]) . " AND tag = " . $db->qstr($parameter[1]) . "";
$searchline = "(" . run("users:access_level_sql_where", $_SESSION['userid']) . ") and " . $searchline;
$searchline = str_replace("owner", "t.owner", $searchline);
//$parameter[1] = stripslashes($parameter[1]);
if ($result = get_record_sql('SELECT DISTINCT u.* FROM ' . $CFG->prefix . 'tags t
JOIN ' . $CFG->prefix . 'users u ON u.ident = t.owner
WHERE ' . $searchline)) {
foreach ($result as $key => $info) {
$icon = user_icon_html($info->ident, 100, true);
$sub_result .= "\t\t\t<item>\n";
$sub_result .= "\t\t\t\t<name><![CDATA[" . htmlspecialchars(stripslashes(user_name($info->ident)), ENT_COMPAT, 'utf-8') . "]]></name>\n";
$sub_result .= "\t\t\t\t<link>" . url . htmlspecialchars($info->username, ENT_COMPAT, 'utf-8') . "</link>\n";
$sub_result .= "\t\t\t\t<link>{$icon}</link>\n";
$sub_result .= "\t\t\t</item>\n";
}
}
if ($sub_result != "") {
$run_result .= "\t\t<profiles tagtype=\"" . addslashes(htmlspecialchars($parameter[0], ENT_COMPAT, 'utf-8')) . "\">\n" . $sub_result . "\t\t</profiles>\n";
}
}
<?php
global $CFG;
// Given a user ID as a parameter, will display a list of communities
if (isset($parameter[0])) {
$community_id = (int) $parameter[0];
$community_name = user_info('username', $community_id);
$community_owner = user_info('owner', $community_id);
$result = run('community:members:data', array($community_id));
$i = 1;
if (!empty($result)) {
foreach ($result as $key => $info) {
$link = $CFG->wwwroot . $info->username . "/";
$friends_name = user_name($info->ident);
$info->icon = run("icons:get", $info->ident);
$friends_icon = user_icon_html($info->ident, COMMUNITY_ICON_SIZE);
// $friends_menu = run("users:infobox:menu",array($info->ident));
$functions = array();
if ($community_owner != $info->ident && $community_owner == $_SESSION['userid']) {
$msg = "onclick=\"return confirm('" . __gettext("Are you sure you want to separate this user from the community?") . "')\"";
$functions[] = "<a href=\"" . $CFG->wwwroot . $community_name . "/community/separate/" . $info->ident . "\" {$msg}>" . __gettext("Separate") . "</a>";
} else {
if ($community_owner == $info->ident) {
$functions[] = "<b>(" . __gettext("Owner") . ")</b>";
}
}
$functions = implode("\n", array_map(create_function('$entry', "return \"<li>\$entry</li>\";"), $functions));
$members .= templates_draw(array('context' => 'community_member', 'name' => $friends_name, 'icon' => $friends_icon, 'link' => $link, 'functions' => $functions));
if ($i % COMMUNITY_MEMBERS_PER_ROW == 0) {
$members .= "</tr><tr>";
}
/**
* Display a comment.
*
* @param unknown_type $comment_obj
*/
function commentwall_displaycomment($comment_obj)
{
global $CFG;
$html = "";
$owner_username = user_info("name", $comment_obj->wallowner);
$comment_owner_username = $comment_obj->comment_owner != 0 ? user_info("name", $comment_obj->comment_owner) : __gettext("Anonymous User");
$icon = $comment_obj->comment_owner != 0 ? user_info('icon', $comment_obj->comment_owner) : -1;
$userlogo = user_icon_html($comment_obj->comment_owner, 60, true);
// $CFG->wwwroot.'_icon/user/'.$icon.'/w/50';
$userlink = $comment_obj->comment_owner != 0 ? $CFG->wwwroot . user_info("username", $comment_obj->comment_owner) . "/" : "";
$date = date("l jS F Y, g:ia", $comment_obj->posted);
$text = $comment_obj->content;
$replytowall = __gettext("Post reply");
$replytootherwall = sprintf(__gettext("Reply on %s's wall"), $comment_owner_username);
$delete = __gettext("Delete");
$doaction = "{$CFG->wwwroot}mod/commentwall/do_action.php?owner=" . page_owner() . "&return_url=" . urlencode($_SERVER['REQUEST_URI']);
$replybar = "";
if (isloggedin()) {
//$replybar .= "<a href=\"#commentwall_form_-1\">$replytowall</a>";
if ($comment_obj->wallowner != $comment_obj->comment_owner && $comment_obj->comment_owner != 0) {
$replybar .= "<a href=\"{$CFG->wwwroot}mod/commentwall/index.php?owner={$comment_obj->comment_owner}&wallowner={$comment_obj->comment_owner}&comment_owner={$_SESSION['userid']}&reply={$comment_obj->ident}&return_url=" . urlencode($_SERVER['REQUEST_URI']) . "\">{$replytootherwall}</a> | ";
}
if (commentwall_permissions_check($comment_obj->comment_owner) || commentwall_permissions_check($comment_obj->wallowner)) {
$replybar .= "<a href=\"{$doaction}&action=commentwall::delete&ident={$comment_obj->ident}\">{$delete}</a>";
}
}
$html = templates_draw(array('context' => "commentwallobject", 'userlogo' => $userlogo, 'userlink' => $userlink, 'usertxt' => $comment_owner_username, 'date' => $date, 'text' => $text, 'replybar' => $replybar));
return $html;
}
<table id="search_table" cellpadding="0" cellspacing="0">
<tr>
<td width="10%" colspan="2">{$icontoggle}</td>
<td width="25%" valign="top"><b>{$name}</b></td>
<td width="25%" valign="top"><b>{$description}</b></td>
<td width="12%" valign="top"><b>{$connections}</b></td>
<td width="12%" valign="top"><b>{$posts}</b></td>
<td width="16%" valign="top"><b>{$type}</b></td>
</tr>
END;
foreach ($results as $result) {
$blogposts = count_records("weblog_posts", "weblog", $result->ident);
$description = get_field("profile_data", "value", "owner", $result->ident, "name", 'minibio');
$icon_html = user_icon_html($result->ident);
$name = htmlspecialchars($result->name);
$iconcode = "<a href=\"{$CFG->wwwroot}{$result->username}\">{$icon_html}</a>";
if (!$displayicons) {
// Uncomment this if we move to Javascript unhide
// $iconcode = "<span style=\"display:none\" class=\"iconhide\">".$iconcode."</span>";
$iconcode = " ";
}
$rowspan = "";
$plus = "";
if (!empty($filter)) {
if ($drilldown != $result->ident) {
$plus = "<a href=\"index.php?display={$display}&searchtype={$searchtype}&filter={$filter}&drilldown=" . $result->ident . "#drilldown" . $result->ident . "\">+</a>";
} else {
$plus = "<a href=\"index.php?display={$display}&searchtype={$searchtype}&filter={$filter}\">-</a>";
$rowspan = "rowspan=\"2\"";
<?php
global $CFG, $USER;
global $page_owner;
$textlib = textlib_get_instance();
// If this is someone else's portfolio, display the user's icon
//$run_result .= "<li id=\"sidebar_user\">";
$info = get_record('users', 'ident', $page_owner);
if (!($tagline = get_field_sql('SELECT value FROM ' . $CFG->prefix . 'profile_data
WHERE owner = ' . $page_owner . " AND name = 'minibio'\n AND (" . run("users:access_level_sql_where", $USER->ident) . ")"))) {
$tagline = " ";
}
$ul_username = user_info('username', $page_owner);
$info->icon = run("icons:get", $page_owner);
$icon = user_icon_html($info->ident, 67);
$name = stripslashes(user_name($info->ident));
//$name = run("profile:display:name");
$url = url . $info->username . "/";
$lmshosts = '';
if ($info->ident == $USER->ident) {
// fetch aliases
if ($aliases = get_records('users_alias', 'user_id', $USER->ident)) {
foreach ($aliases as $alias) {
if (!empty($CFG->lmshosts) && is_array($CFG->lmshosts) && array_key_exists($alias->installid, $CFG->lmshosts)) {
$name = $alias->installid;
if (!empty($CFG->lmshosts[$alias->installid]['name'])) {
$name = $CFG->lmshosts[$alias->installid]['name'];
}
$lmshosts .= '<a href="' . $CFG->lmshosts[$alias->installid]['baseurl'] . '">' . $name . '</a><br />';
}
}
global $page_owner;
if (user_type($page_owner) == "person" && run("permissions:check", array("userdetails:change", $page_owner))) {
$title = run("profile:display:name") . " :: " . __gettext("Community invitations") . "";
if ($pending_requests = get_records_sql('SELECT fr.ident AS request_id,u.*
FROM ' . $CFG->prefix . 'friends_requests fr LEFT JOIN ' . $CFG->prefix . 'users u ON u.ident = fr.owner
WHERE fr.friend = ? AND u.user_type = \'community\' ORDER BY u.name ASC', array($page_owner))) {
$body = "<p>" . __gettext("The following comunities would like to invite you to become a member.") . "</p>";
foreach ($pending_requests as $pending_user) {
$where = run("users:access_level_sql_where", $_SESSION['userid']);
if ($description = get_record_select('profile_data', "({$where}) and name = 'minibio' and owner = " . $pending_user->ident)) {
$description = "<p>" . stripslashes($description->value) . "</p>";
} else {
$description = "<p> </p>";
}
$request_id = $pending_user->request_id;
$pending_user->name = run("profile:display:name", $pending_user->ident);
$col1 = "<p><b>" . $pending_user->name . "</b></p>" . $description;
$col1 .= "<p>";
$col1 .= "<a href=\"" . url . $pending_user->username . "/\">" . __gettext("Profile") . "</a> | ";
$col1 .= "<a href=\"" . url . $pending_user->username . "/weblog/\">" . __gettext("Blog") . "</a></p>";
$col2 = "<p><a href=\"" . url . "mod/community/user_community_invitations.php?action=community:approve:invitation&request_id={$request_id}\">" . __gettext("Accept") . "</a> | <a href=\"" . url . "mod/community/user_community_invitations.php?action=community:decline:invitation&request_id={$request_id}\">Decline</a></p>";
$ident = $pending_user->ident;
$pending_user->icon = run("icons:get", $pending_user->ident);
$body .= templates_draw(array('context' => 'adminTable', 'name' => user_icon_html($pending_user->ident), 'column1' => $col1, 'column2' => $col2));
}
} else {
$body = "<p>" . __gettext("You have no pending community membership invitations.") . "</p>";
}
$run_result = templates_draw(array('context' => 'contentholder', 'title' => $title, 'body' => $body));
}
}
if (is_array($result)) {
$numfriends = count($result);
if ($numfriends > 1000) {
$result = array_slice($result, 0, 1000);
$body .= '<p>' . sprintf(__gettext("Displaying 1000 most recently active people, of %d found."), $numfriends) . '</p>';
}
}
$i = 1;
if (!empty($result)) {
foreach ($result as $key => $info) {
$link = $CFG->wwwroot . $info->username . "/";
$friends_name = run("profile:display:name", $info->ident);
$info->icon = run("icons:get", $info->ident);
$friends_menu = run("users:infobox:menu", array($info->ident, "friendsof"));
$friends_menu = run("users:infobox:delete", array($info->ident, "friendsof"));
$friends_icon = user_icon_html($info->ident, FRIENDS_ICON_SIZE);
$friends .= templates_draw(array('context' => 'friends_friend', 'name' => $friends_name, 'icon' => $friends_icon, 'link' => $link, 'friend_menu' => $friends_menu));
if ($i % FRIENDS_PER_ROW == 0) {
$friends .= "</tr><tr>";
}
$i++;
}
} else {
if ($user_id == $_SESSION['userid']) {
$friends .= "<td><p>" . __gettext("Nobody's listed you as a friend! Maybe you need to start chatting to some other users?") . "</p></td>";
} else {
$friends .= "<td><p>" . __gettext("This user isn't currently listed as anyone's friend. Maybe you could be the first?") . "</p></td>";
}
}
}
$run_result = templates_draw(array('context' => 'friends_friends', 'friends' => $friends));
END;
$run_result .= run("foaf:generate:fields", $parameter);
$run_result .= "\t\t<vCard:ADR rdf:parseType=\"Resource\">\n";
$run_result .= run("vcard:generate:fields:adr", $parameter);
$run_result .= "\t\t</vCard:ADR>\n";
if ($friends = get_records_sql('SELECT u.* FROM ' . $CFG->prefix . 'friends f
JOIN ' . $CFG->prefix . 'users u ON u.ident = f.friend
WHERE f.owner = ?', array($user->ident))) {
foreach ($friends as $friend) {
$name = htmlspecialchars(stripslashes($friend->name), ENT_COMPAT, 'utf-8');
$email = htmlspecialchars(sha1("mailto:" . $friend->email), ENT_COMPAT, 'utf-8');
$username = htmlspecialchars($friend->username, ENT_COMPAT, 'utf-8');
$personalurl = url . $username . "/";
$foafurl = $personalurl . "foaf/";
if ($friend->icon != -1) {
$iconurl = user_icon_html($friend->ident, 100, true);
$iconstring = "<foaf:depiction rdf:resource=\"{$iconurl}\" />";
} else {
$iconstring = "";
}
$extras = run("foaf:knows:elements", $friend->ident);
$run_result .= <<<END
<foaf:knows>
<foaf:Person>
<foaf:nick>{$username}</foaf:nick>
<foaf:name>{$name}</foaf:name>
<foaf:mbox_sha1sum>{$email}</foaf:mbox_sha1sum>
<foaf:homepage rdf:resource="{$personalurl}"/>
<rdfs:seeAlso rdf:resource="{$foafurl}"/>
{$iconstring}
function templates_variables_substitute($param)
{
global $CFG;
$variables = $param[0];
$template_variable = $param[1];
$run_result = '';
// Substitute variables in templates:
// where {{variablename}} is found in the template, this function is passed
// "variablename" and returns the proper variable
global $menubar;
global $submenubar;
global $metatags;
global $PAGE;
global $template_id;
global $template_name;
global $db;
//error_log("tvs " . print_r($template_variable,1));
$result = "";
if (isset($variables[$template_variable])) {
$result .= $variables[$template_variable];
} else {
$vars = array();
if (substr_count($template_variable, ":") > 0) {
$vars = explode(":", $template_variable);
$template_variable = $vars[0];
}
switch ($template_variable) {
case "username":
if (logged_on) {
$result = $_SESSION['username'];
} else {
$result = __gettext("Guest");
}
break;
case "usericonid":
if (logged_on) {
$result = user_info("icon", $_SESSION['userid']);
} else {
$result = 0;
}
break;
case "name":
if (logged_on) {
$result = htmlspecialchars($_SESSION['name'], ENT_COMPAT, 'utf-8');
} else {
$result = __gettext("Guest");
}
break;
case "userfullname":
if (logged_on) {
$result = __gettext("Welcome") . " " . htmlspecialchars($_SESSION['name'], ENT_COMPAT, 'utf-8');
} else {
$result = __gettext("Welcome") . " " . __gettext("Guest") . " [<a href=\"" . url . "login/index.php\">" . __gettext("Log in") . "</a>]";
}
break;
case "menu":
if (logged_on) {
$result = templates_draw(array('menuitems' => menu_join('', $PAGE->menu), 'context' => 'menu'));
}
break;
case "submenu":
$result = templates_draw(array('submenuitems' => menu_join(' | ', $PAGE->menu_sub), 'context' => 'submenu'));
break;
case "topmenu":
$result = templates_draw(array('topmenuitems' => menu_join('', $PAGE->menu_top), 'context' => 'topmenu'));
break;
case "url":
$result = url;
break;
case "sitename":
$result = $CFG->sitename;
break;
case "tagline":
$result = $CFG->tagline;
break;
case "metatags":
if (!empty($template_name)) {
// use a defined style
$result = '<link href="' . $CFG->wwwroot . '_templates/css/' . $template_name . '" rel="stylesheet" type="text/css" />' . "\n";
} else {
// use whatever's in $template['css']
$result = "<style type=\"text/css\">\n" . templates_draw(array('template' => $template_name, 'context' => 'css')) . "\n</style>\n";
}
// locate css at end
$result = $metatags . "\n" . $result;
break;
case 'perf':
$perf = get_performance_info();
if (defined('ELGG_PERFTOLOG')) {
error_log("PERF: " . $perf['txt']);
}
if (defined('ELGG_PERFTOFOOT') || $CFG->debug > 7 || $CFG->perfdebug > 7) {
$result = $perf['html'];
}
break;
case 'randomusers':
$result = "";
if (isset($vars[1])) {
$vars[1] = (int) $vars[1];
} else {
$vars[1] = 3;
}
if ($users = get_records_sql("SELECT DISTINCT u.*,i.filename AS iconfile, " . $db->random . " as rand \n FROM " . $CFG->prefix . "profile_data t JOIN " . $CFG->prefix . "users u ON u.ident = t.owner\n LEFT JOIN " . $CFG->prefix . "icons i ON i.ident = u.icon \n WHERE t.name IN (?,?,?) AND u.icon != ? AND t.access = ? AND u.user_type = ? \n ORDER BY rand LIMIT " . $vars[1], array('biography', 'minibio', 'interests', -1, 'PUBLIC', 'person'))) {
$usercount = 0;
foreach ($users as $user) {
if ($usercount > 0) {
$result .= ", ";
} else {
$result .= " ";
}
$result .= "<a href=\"" . $CFG->wwwroot . $user->username . "/\">" . $user->name . "</a>";
$usercount++;
}
} else {
$result .= __gettext("Sorry, no users have filled in their profiles yet.");
}
break;
case 'people':
$result = "";
if (isset($vars[1])) {
$vars[1] = $db->qstr($vars[1]);
} else {
$vars[1] = "'interests'";
}
if (isset($vars[2])) {
$vars[2] = $db->qstr($vars[2]);
} else {
$vars[2] = "'foo'";
}
if (isset($vars[3])) {
$vars[3] = (int) $vars[3];
} else {
$vars[3] = 5;
}
$users = get_records_sql("SELECT users.*, icons.filename as iconfile, icons.ident as iconid FROM " . $CFG->prefix . "tags LEFT JOIN " . $CFG->prefix . "users ON users.ident = tags.owner left join " . $CFG->prefix . "icons on icons.ident = users.icon WHERE tags.tag = " . $vars[2] . " AND tags.tagtype = " . $vars[1] . " AND users.icon != -1 AND tags.access = 'PUBLIC' and users.user_type = 'person' ORDER BY rand( ) LIMIT " . $vars[3]);
if (sizeof($users) > 0 && is_array($users)) {
$result .= <<<END
<table width="550px" border="0" cellpadding="0" cellspacing="0">
<tr>
END;
foreach ($users as $user) {
$icon_html = user_icon_html($user->ident, 67);
$result .= <<<END
<td align="center">
<div class="image_holder">
<a href="{$CFG->wwwroot}{$user->username}/">{$icon_html}</a>
</div>
<div class="userdetails">
<p><a href="{$CFG->wwwroot}{$user->username}/">{$user->name}</a></p>
</div>
END;
}
$result .= <<<END
<tr>
</table>
END;
}
break;
case "toptags":
if (isset($vars[1])) {
$vars[1] = $db->qstr($vars[1]);
} else {
$vars[1] = "'town'";
}
if ($tags = get_records_sql("SELECT tag, count(ident) as numtags FROM `" . $CFG->prefix . "tags` WHERE access = 'public' and tagtype=" . $vars[1] . " group by tag order by numtags desc limit 20")) {
$tag_count = 0;
foreach ($tags as $tag) {
$result .= "<a href=\"" . url . "tag/" . urlencode(htmlspecialchars(strtolower($tag->tag), ENT_COMPAT, 'utf-8')) . "\" title=\"" . htmlspecialchars($tag->tag, ENT_COMPAT, 'utf-8') . " (" . $tag->numtags . ")\">";
$result .= $tag->tag . "</a>";
if ($tag_count < sizeof($tags) - 1) {
$result .= ", ";
}
$tag_count++;
}
}
break;
case "populartags":
$result = "";
if ($tags = get_records_sql("SELECT tag, count(ident) as numtags FROM `" . $CFG->prefix . "tags` WHERE access = 'public' and tag!='' group by tag having numtags > 1 order by ident desc limit 20")) {
$max = 0;
foreach ($tags as $tag) {
if ($tag->numtags > $max) {
$max = $tag->numtags;
}
}
$tag_count = 0;
foreach ($tags as $tag) {
if ($max > 1) {
$size = round(log($tag->numtags) / log($max) * 300);
} else {
$size = 100;
}
$result .= "<a href=\"" . url . "tag/" . urlencode(htmlspecialchars(strtolower($tag->tag), ENT_COMPAT, 'utf-8')) . "\" style=\"font-size: {$size}%\" title=\"" . htmlspecialchars($tag->tag, ENT_COMPAT, 'utf-8') . " (" . $tag->numtags . ")\">";
$result .= $tag->tag . "</a>";
if ($tag_count < sizeof($tags) - 1) {
$result .= ", ";
}
$tag_count++;
}
}
break;
default:
break;
}
}
if (!empty($CFG->templates->variables_substitute) && !empty($CFG->templates->variables_substitute[$template_variable])) {
if (is_array($CFG->templates->variables_substitute[$template_variable])) {
foreach ($CFG->templates->variables_substitute[$template_variable] as $sub_function) {
$result .= $sub_function($vars);
}
} elseif (is_callable($CFG->templates->variables_substitute[$template_variable])) {
$result .= $CFG->templates->variables_substitute[$template_variable]($vars);
}
}
$run_result .= $result;
return $run_result;
}
}
if ($users = get_records_sql($sql)) {
$run_result .= "<h2>" . __gettext("Users and communities with files or folders in category") . " '" . $parameter[1] . "'</h2>\n";
$body = "<table><tr>";
$i = 1;
$w = 100;
if (sizeof($users) > 4) {
$w = 50;
}
foreach ($users as $key => $info) {
$friends_userid = $info->ident;
$friends_name = user_name($info->ident);
$info->icon = run("icons:get", $info->ident);
$friends_menu = run("users:infobox:menu", array($info->ident));
$link_keyword = urlencode($parameter[1]);
$friends_icon = user_icon_html($info->ident, $w);
$body .= <<<END
<td align="center">
<p>
<a href="{$CFG->wwwroot}search/index.php?file={$link_keyword}&owner={$friends_userid}">
{$friends_icon}</a><br />
<span class="userdetails">
{$friends_name}
{$friends_menu}
</span>
</p>
</td>
END;
if ($i % 5 == 0) {
$body .= "\n</tr><tr>\n";
}
if (isset($parameter)) {
global $CFG, $profile_id;
$msg = $parameter;
$sent = optional_param('sent');
$author = new StdClass();
$authorid = $sent == 1 ? $msg->to_id : $msg->from_id;
if ($authorInfo = get_record('users', 'ident', $authorid)) {
$author->username = $authorInfo->username;
$author->fullname = htmlspecialchars($authorInfo->name, ENT_COMPAT, 'utf-8');
$author->ident = $authorInfo->ident;
} else {
$author->username = "";
$author->fullname = "";
$author->ident = -1;
}
$author->icon = '<a href="' . url . $author->username . '/">' . user_icon_html($author->ident) . "</a>";
$date = strftime("%d %b %Y, %H:%M", $msg->posted);
$title = run("weblogs:text:process", $msg->title);
$body = run("weblogs:text:process", $msg->body);
$reply = __gettext("Reply");
$returnConfirm = __gettext("Are you sure you want to permanently delete this message?");
$Delete = __gettext("Delete");
$from_msg = __gettext("To:");
if (!$sent) {
$from_msg = __gettext("From:");
$links = '<a href="' . $CFG->wwwroot . 'mod/messages/compose.php?action=reply&msg_id=' . $msg->ident . '&to=' . $msg->from_id . '">' . $reply . '</a> |';
}
$links .= ' <a href="' . $CFG->wwwroot . 'mod/messages/messages_actions.php?action=delete&sent=' . $sent . '&msg_id=' . $msg->ident . '" onclick="return confirm(\'' . $returnConfirm . '\')">' . $Delete . '</a> |';
// Updated the message to the read status
if ($msg->status == "unread" && $msg->to_id == $profile_id) {
$msg->status = "read";
function blog_executive_summary_keyword($vars)
{
global $CFG;
$body = "";
if (!isset($vars[1])) {
$blog_posts = 2;
} else {
$blog_posts = $vars[1];
}
$where = run("users:access_level_sql_where", $_SESSION['userid']);
if (!isset($vars[2]) || $vars[2] == "all") {
$posts = get_records_sql("select * from " . $CFG->prefix . "weblog_posts where ({$where}) order by posted desc limit {$blog_posts}");
} else {
$blog_id = (int) user_info_username('ident', $vars[2]);
$posts = get_records_sql("select * from " . $CFG->prefix . "weblog_posts where ({$where}) and weblog = {$blog_id} order by posted desc limit {$blog_posts}");
}
if (is_array($posts) && !empty($posts)) {
foreach ($posts as $post) {
$body .= "<div class=\"frontpage-blog-executive-summary\">";
$body .= "<div class=\"frontpage-blog-executive-icon\"><img src=\"" . user_icon_html($post->weblog, 100, true) . "\" align=\"left\" class=\"usericon\" /></div>";
$body .= "<h4>" . $post->title . "</h4>";
$body .= "<p class=\"frontpage-blog-date\">" . strftime("%B %d, %Y", $post->posted) . "</p>";
$postbodyarray = explode(" ", preg_replace("|\\w{3,10}://[\\w\\.\\-_]+(:\\d+)?[^\\s\"\\'<>\\(\\)\\{\\}]*|", "", strip_tags($post->body)), 30);
$body .= "<p class=\"frontpage-blog-content\">" . implode(" ", array_slice($postbodyarray, 0, sizeof($postbodyarray) - 1)) . " ...</p>";
$body .= "<p class=\"frontpage-blog-from\">" . __gettext("From:") . " <a href=\"{$CFG->wwwroot}" . user_info("username", $post->weblog) . "\">" . user_info("name", $post->weblog) . "</a> - ";
$body .= "<a href=\"{$CFG->wwwroot}" . user_info("username", $post->weblog) . "/weblog/" . $post->ident . ".html\">" . __gettext("Read more") . "</a></p>";
$body .= "</div>";
}
}
return $body;
}
function generic_comments_annotate($object_id, $object_type, $parameters = NULL)
{
global $CFG;
global $page_owner;
// prevent some notices
$comment_sort = null;
$commentsbody = null;
$sort_sequence = null;
$owner_username = user_info('username', $page_owner);
// create a form to display comments for this object, and then display the comments for one page
$default_comment_form_text = __gettext("Add a comment");
// gettext variable
if (!$parameters) {
$comment_form_type = 'integrated';
$comment_form_text = $default_comment_form_text;
} else {
if (isset($parameters['comment_form_type'])) {
$comment_form_type = $parameters['comment_form_type'];
} else {
$comment_form_type = 'integrated';
}
if (isset($parameters['comment_form_text'])) {
$comment_form_text = $parameters['comment_form_text'];
} else {
$comment_form_text = $default_comment_form_text;
}
}
if (in_array($comment_form_type, array('integrated', 'separate'))) {
$item_details = "";
if ($object_type == "file::file" || $object_type == "file::folder") {
$item_details = display_run_displayobject('file', $object_id, $object_type);
}
if ($object_type == "mediastream::media") {
$item_details = display_run_displayobject('mediastream', $object_id, $object_type);
}
$run_result = <<<END
<form action="{$CFG->wwwroot}mod/generic_comments/action_redirection.php" method="post">
<h2>{$comment_form_text}</h2>
END;
// $field = display_input_field(array("new_comment","","longtext"));
$field = <<<END
<textarea name="new_comment" id="new_comment"></textarea>
END;
if (logged_on) {
$userid = $_SESSION['userid'];
} else {
$userid = -1;
}
$field .= <<<END
<input type="hidden" name="action" value="comment:add" />
<input type="hidden" name="object_id" value="{$object_id}" />
<input type="hidden" name="object_type" value="{$object_type}" />
<input type="hidden" name="owner" value="{$userid}" />
<input type="hidden" name="comment_form_type" value="{$comment_form_type}" />
<input type="hidden" name="comment_sort" value="{$comment_sort}" />
END;
$run_result .= templates_draw(array('context' => 'databox1', 'name' => __gettext("Your comment text"), 'column1' => $field));
if (logged_on) {
$comment_name = $_SESSION['name'];
} else {
$comment_name = __gettext("Guest");
}
$run_result .= templates_draw(array('context' => 'databox1', 'name' => __gettext("Your name"), 'column1' => "<input type=\"text\" name=\"postedname\" value=\"" . htmlspecialchars($comment_name, ENT_COMPAT, 'utf-8') . "\" />"));
$run_result .= templates_draw(array('context' => 'databox1', 'name' => ' ', 'column1' => "<input type=\"submit\" value=\"" . __gettext("Add comment") . "\" />"));
$run_result .= <<<END
</form>
END;
// get the comments
$commentsbody = "";
//which page of comments to display (page numbers are 0-based)
$page = optional_param('commentpage', 0, PARAM_INT);
$sort_sequence = optional_param('comment_sort', '');
//$perpage = 20; // set to 0/false to disable paging
$perpage = 5;
// set to 0/false to disable paging - set to 5 for testing - KJ
$offset = $page * $perpage;
if ($sort_sequence != 'DESC') {
$sort_sequence = 'ASC';
}
if ($comment_form_type == 'integrated') {
$thispageurl = generic_comments_add_parameter_to_url(get_url($object_id, $object_type), 'comment_sort', $sort_sequence);
} elseif ($comment_form_type == 'separate') {
$thispageurl = $CFG->wwwroot . "mod/generic_comments/comment_page.php?object_id={$object_id}&object_type={$object_type}&comment_sort={$sort_sequence}";
}
if ($comments = get_records_sql("SELECT * FROM {$CFG->prefix}comments WHERE object_id = {$object_id} AND object_type = '{$object_type}' ORDER BY posted {$sort_sequence}")) {
$numcomments = count($comments);
$pagelinks = '';
if (!empty($perpage) && $numcomments > $perpage) {
$comments = array_slice($comments, $offset, $perpage);
$numpages = ceil($numcomments / $perpage);
$pagelinks = __gettext("Page: ");
for ($i = 1; $i <= $numpages; $i++) {
$pagenum = $i - 1;
if ($pagenum != $page) {
if ($pagenum) {
$pageurl = generic_comments_add_parameter_to_url($thispageurl, 'commentpage', $pagenum);
}
//$pageurl = $thispageurl . (($pagenum) ? '.' . $pagenum : '');
$pagelinks .= ' <a href="' . $pageurl . '">' . $i . '</a>';
} else {
$pagelinks .= ' ' . $i . ' ';
}
}
//$thispageurl .= '.' . $page;
$thispageurl = generic_comments_add_parameter_to_url($thispageurl, 'commentpage', $page);
}
foreach ($comments as $comment) {
$commentmenu = "";
if (isloggedin() && ($comment->owner == $_SESSION['userid'] || run("permissions:check", array("comment:delete", $_SESSION['userid'], $comment->object_id, $comment->object_type)))) {
$Delete = __gettext("Delete");
$commentmenu = <<<END
\t <a href="{$CFG->wwwroot}mod/generic_comments/action_redirection.php?action=comment:delete&comment_form_type={$comment_form_type}&comment_delete={$comment->ident}">{$Delete}</a>
END;
}
$comment->postedname = htmlspecialchars($comment->postedname, ENT_COMPAT, 'utf-8');
// turn commentor name into a link if they're a registered user
// add rel="nofollow" to comment links if they're not
if ($comment->owner > 0) {
$commentownerusername = user_info('username', $comment->owner);
$comment->postedname = '<a href="' . url . $commentownerusername . '/">' . $comment->postedname . '</a>';
$comment->icon = '<a href="' . url . $commentownerusername . '/">' . user_icon_html($comment->owner, 50) . "</a>";
$comment->body = run("weblogs:text:process", array($comment->body, false));
} else {
$comment->icon = "<img src=\"" . $CFG->wwwroot . "_icons/data/default.png\" width=\"50\" height=\"50\" align=\"left\" alt=\"\" />";
$comment->body = run("weblogs:text:process", array($comment->body, true));
}
$commentsbody .= templates_draw(array('context' => 'embeddedcomment', 'postedname' => $comment->postedname, 'body' => '<a name="cmt' . $comment->ident . '" id="cmt' . $comment->ident . '"></a>' . $comment->body, 'posted' => strftime("%A, %d %B %Y, %H:%M %Z", $comment->posted), 'usericon' => $comment->icon, 'permalink' => $thispageurl . "#cmt" . $comment->ident, 'links' => $commentmenu));
}
$commentsbody = templates_draw(array('context' => 'embeddedcomments', 'paging' => $pagelinks, 'comments' => $commentsbody));
}
$body = $item_details . $commentsbody . $run_result;
} elseif ($comment_form_type == 'summary') {
$count = count_records('comments', 'object_id', $object_id, 'object_type', $object_type);
if (!isset($count) || $count == 0) {
$comment_count = "0 " . __gettext("comments") . ".";
} elseif ($count == 1) {
$comment_count = "1 " . __gettext("comment") . ".";
} else {
$comment_count = $count . " " . __gettext("comments") . ".";
}
if ($parameters && strtoupper($parameters['comment_sort']) == 'DESC') {
$comment_sort = '&comment_sort=DESC';
}
$body = "<p>{$comment_count} <a href=\"{$CFG->wwwroot}mod/generic_comments/comment_page.php?object_id={$object_id}&object_type={$object_type}{$comment_sort}\">{$comment_form_text}</a>";
} elseif ($comment_form_type == 'inline') {
// Funky javascript inline editing
$count = count_records('comments', 'object_id', $object_id, 'object_type', $object_type);
if (!isset($count) || $count == 0) {
$comment_count = "0 " . __gettext("comments") . ".";
} elseif ($count == 1) {
$comment_count = "1 " . __gettext("comment") . ".";
} else {
$comment_count = $count . " " . __gettext("comments") . ".";
}
if ($parameters && strtoupper($parameters['comment_sort']) == 'DESC') {
$comment_sort = '&comment_sort=DESC';
}
// $field = display_input_field(array("new_comment","","longtext"));
$field = <<<END
\t\t<textarea name="new_comment" id="new_comment"></textarea>
END;
if (logged_on) {
$userid = $_SESSION['userid'];
} else {
$userid = -1;
}
/* There now follows a selection of nasty hacks. Yes yes, I know this is ugly, but it means that it falls back cleanly if no javascript is supported. TODO: There must be a better way, but i'm too tired just now to think of one.*/
if (logged_on) {
$comment_name = $_SESSION['name'];
} else {
$comment_name = __gettext("Guest");
}
$thispageurl = generic_comments_add_parameter_to_url(get_url($object_id, $object_type), 'comment_sort', $sort_sequence);
$comment_name_enc = templates_draw(array('context' => 'databox1', 'name' => __gettext("Your name"), 'column1' => "<input type=\"text\" name=\"postedname\" value=\"" . htmlspecialchars($comment_name, ENT_COMPAT, 'utf-8') . "\" />"));
$postcomment = __gettext("Post comment...");
if ($comments = get_records_sql("SELECT * FROM {$CFG->prefix}comments WHERE object_id = {$object_id} AND object_type = '{$object_type}' ORDER BY posted {$sort_sequence}")) {
$numcomments = count($comments);
$pagelinks = '';
if (!empty($perpage) && $numcomments > $perpage) {
$comments = array_slice($comments, $offset, $perpage);
$numpages = ceil($numcomments / $perpage);
$pagelinks = __gettext("Page: ");
for ($i = 1; $i <= $numpages; $i++) {
$pagenum = $i - 1;
if ($pagenum != $page) {
if ($pagenum) {
$pageurl = generic_comments_add_parameter_to_url($thispageurl, 'commentpage', $pagenum);
}
//$pageurl = $thispageurl . (($pagenum) ? '.' . $pagenum : '');
$pagelinks .= ' <a href="' . $pageurl . '">' . $i . '</a>';
} else {
$pagelinks .= ' ' . $i . ' ';
}
}
//$thispageurl .= '.' . $page;
$thispageurl = generic_comments_add_parameter_to_url($thispageurl, 'commentpage', $page);
}
foreach ($comments as $comment) {
$commentmenu = "";
if (isloggedin() && ($comment->owner == $_SESSION['userid'] || run("permissions:check", array("comment:delete", $_SESSION['userid'], $comment->object_id, $comment->object_type)))) {
$returnConfirm = __gettext("Are you sure you want to permanently delete this comment?");
$Delete = __gettext("Delete");
$commentmenu = <<<END
\t <a href="{$CFG->wwwroot}mod/generic_comments/action_redirection.php?action=comment:delete&comment_form_type={$comment_form_type}&comment_delete={$comment->ident}" onclick="return confirm('{$returnConfirm}')">{$Delete}</a>
END;
}
$comment->postedname = htmlspecialchars($comment->postedname, ENT_COMPAT, 'utf-8');
// turn commentor name into a link if they're a registered user
// add rel="nofollow" to comment links if they're not
if ($comment->owner > 0) {
$commentownerusername = user_info('username', $comment->owner);
$comment->postedname = '<a href="' . url . $commentownerusername . '/">' . $comment->postedname . '</a>';
$comment->icon = '<a href="' . url . $commentownerusername . '/">' . user_icon_html($comment->owner, 50) . "</a>";
$comment->body = run("weblogs:text:process", array($comment->body, false));
} else {
$comment->icon = "<img src=\"" . $CFG->wwwroot . "_icons/data/default.png\" width=\"50\" height=\"50\" align=\"left\" alt=\"\" />";
$comment->body = run("weblogs:text:process", array($comment->body, true));
}
$commentsbody .= templates_draw(array('context' => 'embeddedcomment', 'postedname' => $comment->postedname, 'body' => '<a name="cmt' . $comment->ident . '" id="cmt' . $comment->ident . '"></a>' . $comment->body, 'posted' => strftime("%A, %d %B %Y, %H:%M %Z", $comment->posted), 'usericon' => $comment->icon, 'permalink' => $thispageurl . "#cmt" . $comment->ident, 'links' => $commentmenu));
}
$commentsbody = templates_draw(array('context' => 'embeddedcomments', 'paging' => $pagelinks, 'comments' => $commentsbody));
}
$bodyfrm = <<<END
\t\t\t<span style="cursor:hand; cursor:pointer" onclick="showhide('oid_{$object_id}')">{$comment_count} {$comment_form_text}</span>
\t\t\t<div id="oid_{$object_id}" style="display:none">
\t\t\t\t{$commentsbody}
\t\t\t\t<form id="comment_{$object_id}">
\t\t\t\t\t{$field}
\t\t\t\t\t<input type="hidden" name="action" value="comment:add" />
\t\t\t\t\t<input type="hidden" name="object_id" value="{$object_id}" />
\t\t\t\t\t<input type="hidden" name="object_type" value="{$object_type}" />
\t\t\t\t\t<input type="hidden" name="owner" value="{$userid}" />
\t\t\t\t\t<input type="hidden" name="comment_form_type" value="integrated" />
\t\t\t\t\t<input type="hidden" name="comment_sort" value="{$comment_sort}" />
\t\t\t\t\t{$comment_name_enc}
\t\t\t\t</form>
\t\t\t\t<div id="ajaxmessages_{$object_id}"></div>
\t\t\t\t<div id="ajaxmessages_post_{$object_id}"><input type="button" style="cursor:hand; cursor:pointer" onclick="sendcomment('{$CFG->wwwroot}mod/generic_comments/action_redirection.php','comment_{$object_id}', {$object_id})" value="{$postcomment}" /></div>
\t\t\t</div>
END;
$body = "";
foreach (explode("\n", addslashes($bodyfrm)) as $line) {
$body .= "document.write(\"" . trim($line) . "\");";
}
}
return $body;
}
$comment->postedname = htmlspecialchars($comment->postedname, ENT_COMPAT, 'utf-8');
// turn commentor name into a link if they're a registered user
// add rel="nofollow" to comment links if they're not
if ($comment->owner > 0) {
$commentownerusername = user_info('username', $comment->owner);
$comment->postedname = '<a href="' . url . $commentownerusername . '/">' . $comment->postedname . '</a>';
$comment->icon = '<a href="' . url . $commentownerusername . '/">' . user_icon_html($comment->owner, 50) . "</a>";
$comment->body = run("weblogs:text:process", array($comment->body, false));
} else {
$comment->icon = "<img src=\"" . user_icon_html(-1, 50) . "\" width=\"50\" height=\"50\" align=\"left\" alt=\"\" />";
$comment->body = run("weblogs:text:process", array($comment->body, true));
}
$commentsbody .= templates_draw(array('context' => 'weblogcomment', 'postedname' => $comment->postedname, 'body' => '<a name="cmt' . $comment->ident . '" id="cmt' . $comment->ident . '"></a>' . $comment->body, 'posted' => strftime("%A, %d %B %Y, %H:%M %Z", $comment->posted), 'usericon' => $comment->icon, 'permalink' => $thispageurl . "#cmt" . $comment->ident, 'links' => $commentmenu));
}
$commentsbody = templates_draw(array('context' => 'weblogcomments', 'paging' => $pagelinks, 'comments' => $commentsbody, 'comments_str' => $commentsStr));
}
$run_result .= templates_draw(array('context' => 'weblogpost', 'date' => $date, 'username' => $username, 'usericon' => icon_html($usericon), 'body' => $body, 'fullname' => $fullname, 'title' => $postTitle, 'comments' => $commentsbody, 'links' => $links, 'postedby' => $postedby));
if (logged_on || !$CFG->disable_publiccomments && user_flag_get("publiccomments", $post->owner)) {
$run_result .= run("weblogs:comments:add", $post);
} else {
$run_result .= "<p>" . __gettext("You must be logged in to post a comment.") . "</p>";
}
$run_result .= run("weblogs:interesting:form", $post->ident);
} else {
// post is missing or prohibited
$run_result .= templates_draw(array('context' => 'weblogpost', 'date' => "", 'username' => "", 'usericon' => user_icon_html(-1), 'body' => $body, 'fullname' => "", 'title' => $postTitle, 'comments' => "", 'links' => $links, 'postedby' => $postedby));
}
} else {
$run_result .= templates_draw(array('context' => 'weblogpost', 'date' => $date, 'username' => $username, 'usericon' => icon_html($usericon), 'body' => $body, 'fullname' => $fullname, 'title' => $postTitle, 'commentslink' => $comments, 'links' => $links, 'postedby' => $postedby));
}
}
