public function testAddUser()
{
$u = new USER();
$details = array("firstname" => 'Test', "lastname" => 'User', "email" => '*****@*****.**', "emailpublic" => '0', "postcode" => 'EH1 99SP', "mp_alert" => false, "url" => '', "password" => '', "optin" => '0', "status" => 'User');
$u->add($details, false);
$id = $u->user_id();
$u->init($id);
$this->assertEquals('Test', $u->firstname());
$this->assertEquals('EH1 99SP', $u->postcode());
}
public function get_gid_geo_objects()
{
$gid = \USER::init()->get('gid');
$lang = \CORE::lng();
$geo_list = array();
$DB = \DB::init();
if ($DB->connect()) {
$sql = "SELECT * FROM `mt-geo-objects` LEFT OUTER JOIN `mt-geo-types` ON `geo-type`=`gt-id`;";
$sth = $DB->dbh->prepare($sql);
$sth->execute();
$DB->query_count();
if ($sth->rowCount() > 0) {
while ($r = $sth->fetch()) {
if ($gid == 1) {
$geo_list[$r['geo-id']] = $r['gt-name-short-' . $lang] . ' ' . $r['geo-title-' . $lang];
}
}
}
}
return $geo_list;
}
function resolve($REPORT, $COMMENT)
{
// The user has chosen to either delete or not delete the comment.
// And we might be sending emails.
global $PAGE;
if (get_http_var('deletecomment') == 'true') {
$upheld = true;
} else {
$upheld = false;
}
$success = $REPORT->resolve($upheld, $COMMENT);
if ($success) {
if ($upheld == true) {
print "<p>The comment has been deleted.</p>\n";
}
print "<p>The report has been resolved.</p>\n";
if (get_http_var('sendtoreporter') == 'true') {
// We're sending an email to the reporter.
// Either approving or declining what they suggested.
if ($REPORT->user_id() > 0) {
// The reporting user was logged in at the time,
// so get their email address.
$USER = new USER();
$USER->init($REPORT->user_id());
$email = $USER->email();
} else {
// Non-logged-in user; they should have left their address.
$email = $REPORT->email();
}
// Prepare the data needed for either email.
$data = array('to' => $email);
$merge = array('FIRSTNAME' => $REPORT->firstname(), 'LASTNAME' => $REPORT->lastname(), 'REPORTBODY' => strip_tags($REPORT->body()));
// Add stuff specific to each type of email.
if ($upheld == true) {
$data['template'] = 'report_upheld';
} else {
$data['template'] = 'report_declined';
$merge['COMMENTURL'] = 'http://' . DOMAIN . $COMMENT->url();
$merge['REASON'] = get_http_var('declinedreason');
}
$success = send_template_email($data, $merge);
if ($success) {
print "<p>An email has been sent to the person who made the report.</p>\n";
} else {
$PAGE->error_message("Failed when sending an email to the person who made the report.");
}
}
if (get_http_var('sendtocommenter') == 'true') {
// We're telling the commenter that their comment has been deleted.
$USER = new USER();
$USER->init($COMMENT->user_id());
// Create the URL for if a user wants to return and post another comment.
// Remove the anchor for their now deleted comment.
$addcommentsurl = 'http://' . DOMAIN . preg_replace("/#.*\$/", '#addcomment', $COMMENT->url());
$data = array('to' => $USER->email(), 'template' => 'comment_deleted_blank', 'subject' => 'One of your comments has been deleted');
$merge = array('REPLYBODY' => get_http_var('commentermail'), 'FIRSTNAME' => $USER->firstname(), 'LASTNAME' => $USER->lastname(), 'ADDCOMMENTURL' => $addcommentsurl, 'COMMENTBODY' => strip_tags($COMMENT->body()));
// We only send this email if a comment has been deleted.
$success = send_template_email($data, $merge);
if ($success) {
print "<p>An email has been sent to the person who posted the comment.</p>\n";
} else {
$PAGE->error_message("Failed when sending an email to the person who posted the comment.");
}
}
}
$URL = new URL('admin_home');
print '<p><a href="' . $URL->generate() . '">Back</a></p>';
}
function display_user($user_id = "")
{
global $THEUSER, $PAGE, $DATA, $this_page, $who;
// We're either going to be:
// Displaying the details of a user who's just been edited
// (their user_id will be in $user_id now).
// Viewing THEUSER's own data.
// Viewing someone else's data (their id will be in the GET string
// user_id variable).
// We could do something cleverer so that if THEUSER has sufficient
// privileges we display more data when they're viewing someone else's info
// than what your average punter sees.
// If $user_id is a user id, we've just edited that user's info.
// FIRST: Work out whose info we're going to show.
$edited = false;
// Have we just edited someone's info?
if (is_numeric($user_id) && $user_id == $THEUSER->user_id()) {
// Display this user's just edited info.
$display = "this user";
$edited = true;
} elseif (is_numeric($user_id)) {
// Display someone else's just edited info.
$display = "another user";
$edited = true;
} elseif (is_numeric(get_http_var("u"))) {
// Display someone else's info.
$user_id = get_http_var("u");
$display = "another user";
} elseif ($THEUSER->isloggedin()) {
// Display this user's info.
$display = "this user";
$user_id = $THEUSER->user_id();
} else {
// Nothing to show!
$URL = new URL('userlogin');
$URL->insert(array('ret' => '/user/'));
$loginurl = $URL->generate();
header("Location: {$loginurl}");
exit;
}
// SECOND: Get the data for whoever we're going to show.
if ($display == "another user") {
// Viewing someone else's info.
$USER = new USER();
$valid = $USER->init($user_id);
if ($valid && $USER->confirmed() && !$USER->deleted()) {
// Don't want to display unconfirmed or deleted users.
$name = $USER->firstname() . " " . $USER->lastname();
$url = $USER->url();
if ($USER->emailpublic() == true) {
$email = $USER->email();
}
$status = $USER->status();
$registrationtime = $USER->registrationtime();
// Change the page title to reflect whose info we're viewing.
$DATA->set_page_metadata($this_page, "title", "{$name}");
} else {
// This user_id doesn't exist.
$display = "none";
}
} elseif ($display == "this user") {
// Display THEUSER's info.
$name = $THEUSER->firstname() . " " . $THEUSER->lastname();
$url = $THEUSER->url();
if ($edited) {
// We want to show all the info to the user.
$email = $THEUSER->email();
$emailpublic = $THEUSER->emailpublic() == true ? "Yes" : "No";
$optin = $THEUSER->optin() == true ? "Yes" : "No";
$postcode = $THEUSER->postcode();
} else {
// We're showing them how they're seen to other people.
if ($THEUSER->emailpublic()) {
$email = $THEUSER->email();
}
$registrationtime = $THEUSER->registrationtime();
$status = $THEUSER->status();
}
// Change the page title to make it clear we're viewing THEUSER's
// own info. Make them less worried about other people seeing some of the
// info that shouldn't be public.
$DATA->set_page_metadata($this_page, "title", "Your details");
} else {
// There's nothing to display!
}
// THIRD: Print out what we've got.
$PAGE->page_start();
if ($display != "none") {
$PAGE->stripe_start();
if (isset($registrationtime)) {
// Make registration time more user-friendly.
list($date, $time) = explode(' ', $registrationtime);
$registrationtime = format_date($date, LONGDATEFORMAT);
}
if ($edited) {
print "\t\t\t\t<p><strong>" . ucfirst($who) . " details have been updated:</strong></p>\n";
}
if ($this_page == 'userviewself' && !$edited) {
$EDITURL = new URL('useredit');
?>
<p><strong>This is how other people see you.</strong> <a href="<?php
echo $EDITURL->generate();
?>
">Edit your details</a>.</p>
<?php
}
?>
<div class="row">
<span class="label">Name</span>
<span class="formw"><?php
if (substr($name, -3) == ' MP') {
print '<a href="/mp/' . make_member_url(substr($name, 0, -3)) . '">';
}
echo htmlentities($name);
if (substr($name, -3) == ' MP') {
print '</a>';
}
?>
</span>
</div>
<div class="row">
<span class="label">Email</span>
<span class="formw"><?php
if (isset($email)) {
$escaped_email = str_replace('@', '@', htmlentities($email));
?>
<a href="mailto:<?php
echo $escaped_email . "\">" . $escaped_email;
?>
</a><?php
} else {
?>
Not public<?php
}
?>
</span>
</div>
<?php
if (isset($postcode)) {
if ($postcode == '') {
$postcode = 'none';
}
?>
<div class="row"> <br>
<span class="label">UK Postcode</span>
<span class="formw"><?php
echo htmlentities($postcode);
?>
<small>(not public)</small></span>
</div>
<?php
}
if (isset($url)) {
if ($url == '') {
$url = 'none';
} else {
$url = '<a href="' . htmlentities($url) . '">' . htmlentities($url) . '</a>';
}
?>
<div class="row">
<span class="label">Website</span>
<span class="formw"><?php
echo $url;
?>
</span>
</div>
<?php
}
if (isset($emailpublic)) {
?>
<div class="row"> <br>Let other people see your email address? <strong><?php
echo htmlentities($emailpublic);
?>
</strong></div>
<?php
}
if (isset($optin)) {
?>
<div class="row">Receive TheyWorkForYou.com emails? <strong><?php
echo htmlentities($optin);
?>
</strong></div>
<?php
}
if (isset($status)) {
?>
<div class="row">
<span class="label">Status</span>
<span class="formw"><?php
echo htmlentities($status);
?>
</span>
</div>
<?php
}
if (isset($registrationtime)) {
?>
<div class="row">
<span class="label">Joined</span>
<span class="formw"><?php
echo htmlentities($registrationtime);
?>
</span>
</div>
<?php
}
if ($edited && $this_page == 'userviewself') {
$EDITURL = new URL('useredit');
$VIEWURL = new URL('userviewself');
?>
<p> <br><a href="<?php
echo $EDITURL->generate();
?>
">Edit again</a> or <a href="<?php
echo $VIEWURL->generate();
?>
">see how others see you</a>.</p>
<?php
}
$PAGE->stripe_end();
# Email alerts
if ($this_page == 'userviewself') {
$PAGE->stripe_start();
print '<h3>Your email alerts</h3>';
$db = new ParlDB();
$q = $db->query('SELECT * FROM alerts WHERE email = "' . mysql_escape_string($THEUSER->email()) . '" ORDER BY confirmed,deleted,alert_id');
$out = '';
for ($i = 0; $i < $q->rows(); ++$i) {
$row = $q->row($i);
$criteria = explode(' ', $row['criteria']);
$ccc = array();
foreach ($criteria as $c) {
if (preg_match('#^speaker:(\\d+)#', $c, $m)) {
$MEMBER = new MEMBER(array('person_id' => $m[1]));
$ccc[] = 'spoken by ' . $MEMBER->full_name();
} else {
$ccc[] = $c;
}
}
$criteria = join(' ', $ccc);
$token = $row['alert_id'] . '-' . $row['registrationtoken'];
if (!$row['confirmed']) {
$action = '<a href="/A/' . $token . '">Confirm</a>';
} elseif ($row['deleted']) {
$action = '<form action="/alert/undelete/" method="post"><input type="hidden" name="t" value="' . $token . '"><input type="submit" value="Undelete"></form>';
} else {
$action = '<form action="/alert/delete/" method="post"><input type="hidden" name="t" value="' . $token . '"><input type="submit" value="Delete"></form>';
}
$out .= '<tr><td>' . $criteria . '</td><td>' . $action . '</td></tr>';
}
print '<p>To add a new alert, simply visit an MP or Peer\'s page or conduct a search — to be given the option of turning them into alerts automatically — or visit <a href="/alert/">the manual addition page</a>.</p>';
if ($out) {
print '<p>Here are your email alerts:</p>';
print '<table cellpadding="3" cellspacing="0"><tr><th>Criteria</th><th>Action</th></tr>' . $out . '</table>';
} else {
print '<p>You currently have no email alerts set up.</p>';
}
$PAGE->stripe_end();
}
if (!$edited) {
$args = array('user_id' => $user_id, 'page' => get_http_var('p'));
$COMMENTLIST = new COMMENTLIST();
$COMMENTLIST->display('user', $args);
}
} else {
$message = array('title' => 'Sorry...', 'text' => "We don't have a user ID, so we can't show you anyone's details.");
$PAGE->message($message);
}
$PAGE->page_end();
}
if ($remember == "true") {
$expire = "never";
} else {
$expire = "session";
}
// $returnurl is the url of where we'll send the user after login.
$THEUSER->login($returnurl, $expire);
} else {
// Merge the validation errors with any we already have.
$errors = array_merge($errors, $valid);
display_page($errors);
}
}
} elseif ($resend = get_http_var('resend')) {
$USER = new USER();
$USER->init($resend);
if (!$USER->confirmed()) {
$details = array('email' => $USER->email(), 'firstname' => $USER->firstname(), 'lastname' => $USER->lastname());
$USER->send_confirmation_email($details);
$this_page = 'userwelcome';
$PAGE->page_start();
$PAGE->stripe_start();
$message = array('title' => "Confirmation email resent", 'text' => "You should receive an email shortly which will contain a link. You will need to follow that link to confirm your email address before you can log in. Thanks.");
$PAGE->message($message);
$PAGE->stripe_end();
$PAGE->page_end();
}
} else {
// First time to the page...
display_page();
}
public function show()
{
\CORE::msg('debug', 'umenu');
$UI = \CORE\UI::init();
$USER = \USER::init();
$UI->pos['js'] .= '
<script>
$(document).ready(function() {
function change_language(xlang){
$.post("./?lang="+xlang, function(){
location.reload();
});
}
$("a.change_language").click(function(e){
e.preventDefault();
var xlang = $(this).attr("rel");
change_language(xlang);
});
});
</script>
';
if ($USER->auth()) {
// authorized users
$UI->pos['mainmenu'] .= '
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
' . \CORE::t('reports', 'Отчеты') . ' <span class="caret"></span></a>
<ul class="dropdown-menu">
<li class="dropdown-header">' . \CORE::t('input_forms', 'Формы ввода данных:') . '</li>
<li class="divider"></li>
<li><a href="./?c=frm&act=ps">' . \CORE::t('mt_frm_passport', 'Паспорт образовательного учреждения') . '</a></li>
<li><a href="./?c=frm&act=bmt1">' . \CORE::t('mt_frm_bmt1', 'Форма БМТ-1') . '</a></li>
<li><a href="./?c=frm&act=kom1">' . \CORE::t('mt_frm_kom1', 'Форма КОМ-1') . '</a></li>
<li><a href="./?c=frm&act=tm1">' . \CORE::t('mt_frm_tm1', 'Форма ОШ-1') . '</a></li>
<li><a href="./?c=frm&act=fb">' . \CORE::t('mt_frm_fb', 'Форма ФБ') . '</a></li>
<li><a href="./?c=frm&act=km1">' . \CORE::t('mt_frm_km1', 'Форма КМ-1') . '</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
' . \CORE::t('statistic', 'Статистика') . ' <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="./?c=stat">----</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
' . \CORE::t('visualization', 'Визуализация') . ' <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="./?c=map">' . \CORE::t('map', 'Карта') . '</a></li>
<li><a href="./?c=vs">' . \CORE::t('datavisual', 'Визуализация данных') . '</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
' . \CORE::t('opendata', 'Открытые данные') . ' <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="./?c=page&act=about_opendata">' . \CORE::t('about_opendata', 'Об открытых данных') . '</a></li>
<li><a href="./?c=od">' . \CORE::t('opendata', 'Открытые данные') . '</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
' . \CORE::t('zayavki', 'Заявки') . ' <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="./?c=apps&act=create">' . \CORE::t('reg_form', 'Форма регистрации') . '</a></li>
<li><a href="./?c=apps&act=status_check">' . \CORE::t('check_app', 'Проверить статус заявки') . '</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
' . \CORE::t('project', 'Проект') . ' <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="./?c=page&act=about">' . \CORE::t('about_project', 'Описание проекта') . '</a></li>
<li><a href="./?c=page&act=team">' . \CORE::t('project_team', 'Команда проекта') . '</a></li>
</ul>
</li>
';
$UI->pos['user1'] .= '
<ul class="nav navbar-nav">
' . LANGUAGE::SWITCHER(true) . '
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
<small><i class="glyphicon glyphicon-cog"></i> </small>
' . $USER->get('username') . '
<span class="caret"></span></a>
<ul class="dropdown-menu">
<!--<li>
<a href="./?c=user&act=profile">
<small><i class="glyphicon glyphicon-user"></i> </small>
<span class="text">' . \CORE::t('profile', 'Профиль') . '</span>
</a>
</li>-->
<!--<li>
<a href="./?c=user&act=change_password">
<small><i class="glyphicon glyphicon-pencil"></i> </small>
<span class="text">' . \CORE::t('cpasswd', 'Сменить пароль') . '</span>
</a>
</li>
-->
<li class="divider"></li>
<li>
<a href="./?c=user&act=logout">
<small><i class="glyphicon glyphicon-off"></i> </small>
<span class="text">' . \CORE::t('logout', 'Logout') . '</span>
</a>
</li>
</ul>
</li>
</ul>
';
} else {
// guests
$UI->pos['mainmenu'] .= '
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
' . \CORE::t('visualization', 'Визуализация') . ' <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="./?c=map">' . \CORE::t('map', 'Карта') . '</a></li>
<li><a href="./?c=vs">' . \CORE::t('datavisual', 'Визуализация данных') . '</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
' . \CORE::t('opendata', 'Открытые данные') . ' <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="./?c=page&act=about_opendata">' . \CORE::t('about_opendata', 'Об открытых данных') . '</a></li>
<li><a href="./?c=od">' . \CORE::t('opendata', 'Открытые данные') . '</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
' . \CORE::t('zayavleniya', 'Заявления') . ' <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="./?c=apps&act=create">' . \CORE::t('reg_form', 'Форма регистрации') . '</a></li>
<li><a href="./?c=apps&act=status_check">' . \CORE::t('check_app', 'Проверить статус заявки') . '</a></li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
' . \CORE::t('about', 'О проекте') . ' <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="./?c=page&act=about">' . \CORE::t('about_project', 'Описание проекта') . '</a></li>
<li><a href="./?c=page&act=team">' . \CORE::t('team', 'Команда проекта') . '</a></li>
</ul>
</li>
';
$UI->pos['user1'] .= '<form action="./?c=user&act=login" method="post" class="navbar-form">
' . LANGUAGE::SWITCHER();
$UI->pos['user1'] .= '<div class="form-group">
<input type="text" name="login" placeholder="' . \CORE::t('login', 'Login') . '" value="' . \COOKIE::get('lastuser') . '" class="form-control" style="width:150px;">
</div>
<div class="form-group">
<input type="password" name="password" placeholder="' . \CORE::t('password', 'Password') . '" class="form-control" style="width:150px;">
</div>
<button type="submit" class="btn btn-warning">' . \CORE::t('login', 'Login') . '</button>
';
$UI->pos['user1'] .= '</form>
';
}
}
function display_user($user_id = "")
{
global $THEUSER, $PAGE, $DATA, $this_page, $who;
// We're either going to be:
// Displaying the details of a user who's just been edited
// (their user_id will be in $user_id now).
// Viewing THEUSER's own data.
// Viewing someone else's data (their id will be in the GET string
// user_id variable).
// We could do something cleverer so that if THEUSER has sufficient
// privileges we display more data when they're viewing someone else's info
// than what your average punter sees.
// If $user_id is a user id, we've just edited that user's info.
// FIRST: Work out whose info we're going to show.
$edited = false;
// Have we just edited someone's info?
if (is_numeric($user_id) && $user_id == $THEUSER->user_id()) {
// Display this user's just edited info.
$display = "this user";
$edited = true;
} elseif (is_numeric($user_id)) {
// Display someone else's just edited info.
$display = "another user";
$edited = true;
} elseif (is_numeric(get_http_var("u"))) {
// Display someone else's info.
$user_id = get_http_var("u");
$display = "another user";
} elseif ($THEUSER->isloggedin()) {
// Display this user's info.
$display = "this user";
$user_id = $THEUSER->user_id();
} else {
// Nothing to show!
$URL = new URL('userlogin');
$URL->insert(array('ret' => '/user/'));
$loginurl = $URL->generate();
header("Location: {$loginurl}");
exit;
}
// SECOND: Get the data for whoever we're going to show.
$db = new ParlDB();
if ($display == "another user") {
// Viewing someone else's info.
$USER = new USER();
$valid = $USER->init($user_id);
if ($valid && $USER->confirmed() && !$USER->deleted()) {
// Don't want to display unconfirmed or deleted users.
$name = $USER->firstname() . " " . $USER->lastname();
$url = $USER->url();
if ($USER->emailpublic() == true) {
$email = $USER->email();
}
$status = $USER->status();
$registrationtime = $USER->registrationtime();
// Change the page title to reflect whose info we're viewing.
$DATA->set_page_metadata($this_page, "title", "{$name}");
$q = $db->query('select count(*) as c from video_timestamps where deleted=0 and user_id= ' . $USER->user_id());
$video = $q->field(0, 'c');
} else {
// This user_id doesn't exist.
$display = "none";
}
} elseif ($display == "this user") {
// Display THEUSER's info.
$name = $THEUSER->firstname() . " " . $THEUSER->lastname();
$url = $THEUSER->url();
if ($edited) {
// We want to show all the info to the user.
$email = $THEUSER->email();
$emailpublic = $THEUSER->emailpublic() == true ? "Yes" : "No";
$optin = $THEUSER->optin() == true ? "Yes" : "No";
$postcode = $THEUSER->postcode();
} else {
// We're showing them how they're seen to other people.
if ($THEUSER->emailpublic()) {
$email = $THEUSER->email();
}
$registrationtime = $THEUSER->registrationtime();
$status = $THEUSER->status();
}
$q = $db->query('select count(*) as c from video_timestamps where deleted=0 and user_id= ' . $THEUSER->user_id());
$video = $q->field(0, 'c');
// Change the page title to make it clear we're viewing THEUSER's
// own info. Make them less worried about other people seeing some of the
// info that shouldn't be public.
$DATA->set_page_metadata($this_page, "title", "Your details");
} else {
// There's nothing to display!
}
// THIRD: Print out what we've got.
$PAGE->page_start();
if ($display != "none") {
$PAGE->stripe_start();
if (isset($registrationtime)) {
// Make registration time more user-friendly.
list($date, $time) = explode(' ', $registrationtime);
$registrationtime = format_date($date, LONGDATEFORMAT);
}
if ($edited) {
print "\t\t\t\t<p><strong>" . ucfirst($who) . " details have been updated:</strong></p>\n";
}
if ($this_page == 'userviewself' && !$edited) {
$EDITURL = new URL('useredit');
?>
<p><strong>This is how other people see you.</strong> <a href="<?php
echo $EDITURL->generate();
?>
">Edit your details</a>.</p>
<?php
}
?>
<div class="row">
<span class="label">Name</span>
<span class="formw"><?php
if (substr($name, -3) == ' MP') {
print '<a href="/mp/' . make_member_url(substr($name, 0, -3)) . '">';
}
echo htmlentities($name);
if (substr($name, -3) == ' MP') {
print '</a>';
}
?>
</span>
</div>
<div class="row">
<span class="label">Email</span>
<span class="formw"><?php
if (isset($email)) {
$escaped_email = str_replace('@', '@', htmlentities($email));
?>
<a href="mailto:<?php
echo $escaped_email . "\">" . $escaped_email;
?>
</a><?php
} else {
?>
Not public<?php
}
?>
</span>
</div>
<?php
if (isset($postcode)) {
if ($postcode == '') {
$postcode = 'none';
}
?>
<div class="row"> <br>
<span class="label">UK Postcode</span>
<span class="formw"><?php
echo htmlentities($postcode);
?>
<small>(not public)</small></span>
</div>
<?php
}
if (isset($url)) {
if ($url == '') {
$url = 'none';
} else {
$url = '<a href="' . htmlentities($url) . '">' . htmlentities($url) . '</a>';
}
?>
<div class="row">
<span class="label">Website</span>
<span class="formw"><?php
echo $url;
?>
</span>
</div>
<?php
}
if (isset($emailpublic)) {
?>
<div class="row"> <br>Let other people see your email address? <strong><?php
echo htmlentities($emailpublic);
?>
</strong></div>
<?php
}
if (isset($optin)) {
?>
<div class="row">Receive TheyWorkForYou.com emails? <strong><?php
echo htmlentities($optin);
?>
</strong></div>
<?php
}
if (isset($status)) {
?>
<div class="row">
<span class="label">Status</span>
<span class="formw"><?php
echo htmlentities($status);
?>
</span>
</div>
<?php
}
if (isset($registrationtime)) {
?>
<div class="row">
<span class="label">Joined</span>
<span class="formw"><?php
echo htmlentities($registrationtime);
?>
</span>
</div>
<?php
}
if (isset($video)) {
echo '<div class="row"><span class="label">Videos timestamped</span>
<span class="formw">', $video, '</span></div>';
}
if ($edited && $this_page == 'userviewself') {
$EDITURL = new URL('useredit');
$VIEWURL = new URL('userviewself');
?>
<p> <br><a href="<?php
echo $EDITURL->generate();
?>
">Edit again</a> or <a href="<?php
echo $VIEWURL->generate();
?>
">see how others see you</a>.</p>
<?php
}
$PAGE->stripe_end();
# Email alerts
if ($this_page == 'userviewself') {
$PAGE->stripe_start();
print '<h3>Your email alerts</h3>';
alerts_manage($THEUSER->email());
$PAGE->stripe_end();
}
if (!$edited) {
$args = array('user_id' => $user_id, 'page' => get_http_var('p'));
$COMMENTLIST = new COMMENTLIST();
$COMMENTLIST->display('user', $args);
}
} else {
$message = array('title' => 'Sorry...', 'text' => "We don't have a user ID, so we can't show you anyone's details.");
$PAGE->message($message);
}
$PAGE->page_end();
}
<?php
if (!defined('DIR_BASE')) {
echo '[+_+]';
exit;
}
if (is_readable(DIR_CORE . '/classes/core.php')) {
require DIR_CORE . '/classes/core.php';
} else {
echo 'class CORE not found';
exit;
}
$CORE = CORE::init();
$USER = USER::init();
$UI = \CORE\UI::init();
$APP = \CORE\APP::init();
$APP->run();
$APP->stop();
$UI->render();
<?php
$pages = array('home' => 'home', 'user' => 'user', 'admin' => 'admin', 'about' => 'about', 'about_opendata' => 'about_opendata', 'team' => 'team');
\CORE\UI::init()->set_pages($pages);
\CORE::init()->set_modules(array('mt' => 1, 'frm' => 1, 'stat' => 1, 'map' => 1, 'vs' => 1, 'od' => 1, 'apps' => 1, 'translation' => 1));
$USER = \USER::init();
if ($USER->auth()) {
// for authorized users (!) because of $DB->connect()
// load translations from DB
$new_lng = array();
$c_lang = \CORE::lng();
$DB = \DB::init();
if ($DB->connect()) {
if (\CORE::get_c() != '') {
$sql = "SELECT * FROM `mt-translation` WHERE `t-module`=:module OR `t-module`='all';";
$sth = $DB->dbh->prepare($sql);
$sth->execute(array('module' => \CORE::get_c()));
} else {
$sql = "SELECT * FROM `mt-translation` WHERE `t-module`='all';";
$sth = $DB->dbh->prepare($sql);
$sth->execute();
}
$DB->query_count();
if ($sth->rowCount() > 0) {
while ($r = $sth->fetch()) {
$new_lng[$r['t-alias']] = $r['t-' . $c_lang];
}
}
}
\CORE::msg('debug', 'load translations from DB');
\CORE::set_lng($new_lng);
public function acl($c = '', $act = '')
{
// I think it needs Refactoring in the future =)
\CORE::msg('debug', 'Checking ACL');
$access = false;
$USER = \USER::init();
$uid = (int) $USER->get('uid');
$gid = (int) $USER->get('gid');
$uid = (string) $uid;
$gid = (string) $gid;
$acl = $this->get_acl_file();
// dafault acl settings (0-gid type)
$acl[0]['']['']['*'] = 1;
// default main page
$acl[0]['*']['*']['1'] = 1;
// for administrators
$acl[0]['user']['login']['0'] = 1;
// guests can try to login
if ($gid > 0) {
$acl[0]['user']['logout']['*'] = 1;
$acl[0]['user']['profile']['*'] = 1;
}
// group gid
if ($this->check_acl($acl, 0, $c, $act, $gid)) {
$access = true;
}
// user uid
if ($this->check_acl($acl, 1, $c, $act, $uid)) {
$access = true;
}
if (!$access) {
\CORE::msg('error', 'Access denied.');
}
return $access;
}
}
// if base url is not defined in config file
if (!defined("BASE_URL")) {
define("BASE_URL", URL::get_base_url());
}
/* CONNECT TO DATABASE */
$db = new MYSQLI_DB(CONFIG_DATABASE_HOST, CONFIG_DATABASE_PORT, CONFIG_DATABASE_USERNAME, CONFIG_DATABASE_PASSWORD, CONFIG_DATABASE_DBNAME);
if (DEBUG_MODE == true) {
$db->sql_debug = true;
$db->sql_query_monitor = true;
}
if ($db->conn === false) {
if (DEBUG_MODE == true) {
die('Error initializing the database connection.');
} else {
die;
}
}
/* INITIALIZATIONS */
URL::init();
USER::init();
LINKS::init(BASE_URL, ADMINISTRATOR_URL_PATH);
CONTENT::init();
DRAWLINE::init();
// set cache folder
CACHE::config("cache_folder", FOLDER_CACHE);
// remove $path variable
if (isset($path)) {
$path = NULL;
unset($path);
}