}
// send us back
Session::setMessage('You commented on this update.');
$json = array('success' => '1');
echo json_encode($json);
}
} elseif ($action == 'comment-reply') {
// validate update
$updateID = Filter::numeric($_GET['u']);
$update = Update::load($updateID);
if ($update == null) {
header('Location: ' . Url::error());
exit;
}
$commentID = Filter::numeric($_POST['commentID']);
$message = Filter::formattedText($_POST['message']);
if ($message == '') {
$json = array('error' => 'Your reply cannot be empty.');
exit(json_encode($json));
} else {
// post the comment
$reply = new Comment(array('creator_id' => Session::getUserID(), 'project_id' => $project->getID(), 'update_id' => $updateID, 'parent_id' => $commentID, 'message' => $message));
$reply->save();
// log it
$logEvent = new Event(array('event_type_id' => 'create_update_comment_reply', 'project_id' => $project->getID(), 'user_1_id' => Session::getUserID(), 'item_1_id' => $commentID, 'item_2_id' => $reply->getID(), 'item_3_id' => $updateID, 'data_1' => $message));
$logEvent->save();
// send email notification, if desired
$creator = User::load($update->getCreatorID());
if ($creator->getID() != Session::getUserID()) {
// don't email yourself
if ($creator->getNotifyCommentTaskUpdate()) {
<?php
require_once "../../global.php";
$action = Filter::text($_POST['action']);
if ($action == 'edit') {
// assign POST data to variables
$username = Filter::text($_GET['un']);
$pw = Filter::text($_POST['txtPassword']);
$pw2 = Filter::text($_POST['txtConfirmPassword']);
$email = Filter::email($_POST['txtEmail']);
$name = Filter::text($_POST['txtName']);
$month = Filter::text($_POST['selBirthMonth']);
$year = Filter::text($_POST['selBirthYear']);
$sex = Filter::text($_POST['selGender']);
$location = Filter::text($_POST['txtLocation']);
$biography = Filter::formattedText($_POST['txtBiography']);
$user = User::loadByUsername($username);
// make sure user exists
if ($user === null) {
$json = array('error' => 'That user does not exist.');
exit(json_encode($json));
}
// new passwords provided?
if ($pw != "" || $pw2 != "") {
// do the passwords match?
if ($pw != $pw2) {
$json = array('error' => 'Sorry, your new passwords do not match.');
exit(json_encode($json));
}
}
// validate email address
<?php
require_once "../../global.php";
require_once TEMPLATE_PATH . '/site/helper/format.php';
$subject = Filter::text($_POST['subject']);
$body = Filter::formattedText($_POST['body']);
if (empty($subject) || empty($body)) {
$json = array('error' => 'You must provide a subject and body for the email.');
exit(json_encode($json));
}
$massEmailAddresses = User::getMassEmailAddresses();
$newEmail = array('to' => SMTP_FROM_EMAIL, 'subject' => '[' . PIPELINE_NAME . '] ' . $subject, 'message' => $body, 'bcc' => $massEmailAddresses);
$sendEmail = Email::send($newEmail);
if (!$sendEmail !== true) {
$json = array('error' => $sendEmail);
exit(json_encode($json));
}
$numMassEmails = formatCount(count($massEmailAddresses), 'user', 'users');
// send us back
Session::setMessage("Your mass email was sent to " . $numMassEmails . ".");
$json = array('success' => '1');
echo json_encode($json);
<?php
require_once './../../global.php';
include_once TEMPLATE_PATH . '/site/helper/format.php';
// get submitted data
$title = Filter::text($_POST['txtTitle']);
$pitch = Filter::formattedText($_POST['txtPitch']);
$specs = Filter::text($_POST['txtSpecs']);
$rules = Filter::text($_POST['txtRules']);
$deadline = Filter::text($_POST['txtDeadline']);
$private = Filter::text($_POST['chkPrivate']);
// validate data
if (empty($title)) {
$json = array('error' => 'You must provide a project title.');
exit(json_encode($json));
}
if (empty($pitch)) {
$json = array('error' => 'You must provide a project pitch.');
exit(json_encode($json));
}
// must be valid deadline or empty
$formattedDeadline = strtotime($deadline);
if ($formattedDeadline === false && $deadline != '') {
$json = array('error' => 'Deadline must be a valid date or empty.');
exit(json_encode($json));
}
// format deadline for MYSQL
$formattedDeadline = $formattedDeadline != '' ? date("Y-m-d H:i:s", $formattedDeadline) : null;
// format private
$private = empty($private) ? 0 : 1;
// create the project
<?php
require_once './../../global.php';
// check project
$slug = Filter::text($_GET['slug']);
$project = Project::getProjectFromSlug($slug);
if ($project == null) {
$json = array('error' => 'That project does not exist.');
exit(json_encode($json));
}
$action = Filter::text($_POST['action']);
if ($action == "pitch") {
// edit the pitch
$newPitch = Filter::formattedText($_POST['pitch']);
$oldPitch = $project->getPitch();
if ($oldPitch != $newPitch) {
$project->setPitch($newPitch);
$project->save();
$logEvent = new Event(array('event_type_id' => 'edit_pitch', 'project_id' => $project->getID(), 'user_1_id' => Session::getUserID(), 'data_1' => $oldPitch, 'data_2' => $newPitch));
$logEvent->save();
$json = array('success' => '1');
Session::setMessage("You edited the pitch.");
echo json_encode($json);
} else {
$json = array('error' => 'You did not make any changes.');
exit(json_encode($json));
}
} elseif ($action == "specs") {
// edit the specs
$newSpecs = Filter::text($_POST['specs']);
$oldSpecs = $project->getSpecs();
