Esempio n. 1
0
function resolve($REPORT, $COMMENT)
{
    // The user has chosen to either delete or not delete the comment.
    // And we might be sending emails.
    global $PAGE;
    if (get_http_var('deletecomment') == 'true') {
        $upheld = true;
    } else {
        $upheld = false;
    }
    $success = $REPORT->resolve($upheld, $COMMENT);
    if ($success) {
        if ($upheld == true) {
            print "<p>The comment has been deleted.</p>\n";
        }
        print "<p>The report has been resolved.</p>\n";
        if (get_http_var('sendtoreporter') == 'true') {
            // We're sending an email to the reporter.
            // Either approving or declining what they suggested.
            if ($REPORT->user_id() > 0) {
                // The reporting user was logged in at the time,
                // so get their email address.
                $USER = new USER();
                $USER->init($REPORT->user_id());
                $email = $USER->email();
            } else {
                // Non-logged-in user; they should have left their address.
                $email = $REPORT->email();
            }
            // Prepare the data needed for either email.
            $data = array('to' => $email);
            $merge = array('FIRSTNAME' => $REPORT->firstname(), 'LASTNAME' => $REPORT->lastname(), 'REPORTBODY' => strip_tags($REPORT->body()));
            // Add stuff specific to each type of email.
            if ($upheld == true) {
                $data['template'] = 'report_upheld';
            } else {
                $data['template'] = 'report_declined';
                $merge['COMMENTURL'] = 'http://' . DOMAIN . $COMMENT->url();
                $merge['REASON'] = get_http_var('declinedreason');
            }
            $success = send_template_email($data, $merge);
            if ($success) {
                print "<p>An email has been sent to the person who made the report.</p>\n";
            } else {
                $PAGE->error_message("Failed when sending an email to the person who made the report.");
            }
        }
        if (get_http_var('sendtocommenter') == 'true') {
            // We're telling the commenter that their comment has been deleted.
            $USER = new USER();
            $USER->init($COMMENT->user_id());
            // Create the URL for if a user wants to return and post another comment.
            // Remove the anchor for their now deleted comment.
            $addcommentsurl = 'http://' . DOMAIN . preg_replace("/#.*\$/", '#addcomment', $COMMENT->url());
            $data = array('to' => $USER->email(), 'template' => 'comment_deleted_blank', 'subject' => 'One of your comments has been deleted');
            $merge = array('REPLYBODY' => get_http_var('commentermail'), 'FIRSTNAME' => $USER->firstname(), 'LASTNAME' => $USER->lastname(), 'ADDCOMMENTURL' => $addcommentsurl, 'COMMENTBODY' => strip_tags($COMMENT->body()));
            // We only send this email if a comment has been deleted.
            $success = send_template_email($data, $merge);
            if ($success) {
                print "<p>An email has been sent to the person who posted the comment.</p>\n";
            } else {
                $PAGE->error_message("Failed when sending an email to the person who posted the comment.");
            }
        }
    }
    $URL = new URL('admin_home');
    print '<p><a href="' . $URL->generate() . '">Back</a></p>';
}
Esempio n. 2
0
            } else {
                $expire = "session";
            }
            // $returnurl is the url of where we'll send the user after login.
            $THEUSER->login($returnurl, $expire);
        } else {
            // Merge the validation errors with any we already have.
            $errors = array_merge($errors, $valid);
            display_page($errors);
        }
    }
} elseif ($resend = get_http_var('resend')) {
    $USER = new USER();
    $USER->init($resend);
    if (!$USER->confirmed()) {
        $details = array('email' => $USER->email(), 'firstname' => $USER->firstname(), 'lastname' => $USER->lastname());
        $USER->send_confirmation_email($details);
        $this_page = 'userwelcome';
        $PAGE->page_start();
        $PAGE->stripe_start();
        $message = array('title' => "Confirmation email resent", 'text' => "You should receive an email shortly which will contain a link. You will need to follow that link to confirm your email address before you can log in. Thanks.");
        $PAGE->message($message);
        $PAGE->stripe_end();
        $PAGE->page_end();
    }
} else {
    // First time to the page...
    display_page();
}
function display_page($errors = array())
{
Esempio n. 3
0
function display_user($user_id = "")
{
    global $THEUSER, $PAGE, $DATA, $this_page, $who;
    // We're either going to be:
    //	Displaying the details of a user who's just been edited
    //		(their user_id will be in $user_id now).
    //	Viewing THEUSER's own data.
    //	Viewing someone else's data (their id will be in the GET string
    //		user_id variable).
    // We could do something cleverer so that if THEUSER has sufficient
    // privileges we display more data when they're viewing someone else's info
    // than what your average punter sees.
    // If $user_id is a user id, we've just edited that user's info.
    // FIRST: Work out whose info we're going to show.
    $edited = false;
    // Have we just edited someone's info?
    if (is_numeric($user_id) && $user_id == $THEUSER->user_id()) {
        // Display this user's just edited info.
        $display = "this user";
        $edited = true;
    } elseif (is_numeric($user_id)) {
        // Display someone else's just edited info.
        $display = "another user";
        $edited = true;
    } elseif (is_numeric(get_http_var("u"))) {
        // Display someone else's info.
        $user_id = get_http_var("u");
        $display = "another user";
    } elseif ($THEUSER->isloggedin()) {
        // Display this user's info.
        $display = "this user";
        $user_id = $THEUSER->user_id();
    } else {
        // Nothing to show!
        $URL = new URL('userlogin');
        $URL->insert(array('ret' => '/user/'));
        $loginurl = $URL->generate();
        header("Location: {$loginurl}");
        exit;
    }
    // SECOND: Get the data for whoever we're going to show.
    if ($display == "another user") {
        // Viewing someone else's info.
        $USER = new USER();
        $valid = $USER->init($user_id);
        if ($valid && $USER->confirmed() && !$USER->deleted()) {
            // Don't want to display unconfirmed or deleted users.
            $name = $USER->firstname() . " " . $USER->lastname();
            $url = $USER->url();
            if ($USER->emailpublic() == true) {
                $email = $USER->email();
            }
            $status = $USER->status();
            $registrationtime = $USER->registrationtime();
            // Change the page title to reflect whose info we're viewing.
            $DATA->set_page_metadata($this_page, "title", "{$name}");
        } else {
            // This user_id doesn't exist.
            $display = "none";
        }
    } elseif ($display == "this user") {
        // Display THEUSER's info.
        $name = $THEUSER->firstname() . " " . $THEUSER->lastname();
        $url = $THEUSER->url();
        if ($edited) {
            // We want to show all the info to the user.
            $email = $THEUSER->email();
            $emailpublic = $THEUSER->emailpublic() == true ? "Yes" : "No";
            $optin = $THEUSER->optin() == true ? "Yes" : "No";
            $postcode = $THEUSER->postcode();
        } else {
            // We're showing them how they're seen to other people.
            if ($THEUSER->emailpublic()) {
                $email = $THEUSER->email();
            }
            $registrationtime = $THEUSER->registrationtime();
            $status = $THEUSER->status();
        }
        // Change the page title to make it clear we're viewing THEUSER's
        // own info. Make them less worried about other people seeing some of the
        // info that shouldn't be public.
        $DATA->set_page_metadata($this_page, "title", "Your details");
    } else {
        // There's nothing to display!
    }
    // THIRD: Print out what we've got.
    $PAGE->page_start();
    if ($display != "none") {
        $PAGE->stripe_start();
        if (isset($registrationtime)) {
            // Make registration time more user-friendly.
            list($date, $time) = explode(' ', $registrationtime);
            $registrationtime = format_date($date, LONGDATEFORMAT);
        }
        if ($edited) {
            print "\t\t\t\t<p><strong>" . ucfirst($who) . " details have been updated:</strong></p>\n";
        }
        if ($this_page == 'userviewself' && !$edited) {
            $EDITURL = new URL('useredit');
            ?>
				<p><strong>This is how other people see you.</strong> <a href="<?php 
            echo $EDITURL->generate();
            ?>
">Edit your details</a>.</p>
<?php 
        }
        ?>
				<div class="row">
				<span class="label">Name</span>
				<span class="formw"><?php 
        if (substr($name, -3) == ' MP') {
            print '<a href="/mp/' . make_member_url(substr($name, 0, -3)) . '">';
        }
        echo htmlentities($name);
        if (substr($name, -3) == ' MP') {
            print '</a>';
        }
        ?>
</span>
				</div>

				<div class="row">
				<span class="label">Email</span>
				<span class="formw"><?php 
        if (isset($email)) {
            $escaped_email = str_replace('@', '&#64;', htmlentities($email));
            ?>
<a href="mailto:<?php 
            echo $escaped_email . "\">" . $escaped_email;
            ?>
</a><?php 
        } else {
            ?>
Not public<?php 
        }
        ?>
</span>
				</div>

<?php 
        if (isset($postcode)) {
            if ($postcode == '') {
                $postcode = 'none';
            }
            ?>
				<div class="row">&nbsp;<br>
				<span class="label">UK Postcode</span>
				<span class="formw"><?php 
            echo htmlentities($postcode);
            ?>
 <small>(not public)</small></span>
				</div>

<?php 
        }
        if (isset($url)) {
            if ($url == '') {
                $url = 'none';
            } else {
                $url = '<a href="' . htmlentities($url) . '">' . htmlentities($url) . '</a>';
            }
            ?>
				<div class="row">
				<span class="label">Website</span>
				<span class="formw"><?php 
            echo $url;
            ?>
</span>
				</div>

<?php 
        }
        if (isset($emailpublic)) {
            ?>
				<div class="row">&nbsp;<br>Let other people see your email address? <strong><?php 
            echo htmlentities($emailpublic);
            ?>
</strong></div>

<?php 
        }
        if (isset($optin)) {
            ?>
				<div class="row">Receive TheyWorkForYou.com emails? <strong><?php 
            echo htmlentities($optin);
            ?>
</strong></div>

<?php 
        }
        if (isset($status)) {
            ?>
				<div class="row">
				<span class="label">Status</span>
				<span class="formw"><?php 
            echo htmlentities($status);
            ?>
</span>
				</div>
<?php 
        }
        if (isset($registrationtime)) {
            ?>
				<div class="row">
				<span class="label">Joined</span>
				<span class="formw"><?php 
            echo htmlentities($registrationtime);
            ?>
</span>
				</div>
<?php 
        }
        if ($edited && $this_page == 'userviewself') {
            $EDITURL = new URL('useredit');
            $VIEWURL = new URL('userviewself');
            ?>
				<p>&nbsp;<br><a href="<?php 
            echo $EDITURL->generate();
            ?>
">Edit again</a> or <a href="<?php 
            echo $VIEWURL->generate();
            ?>
">see how others see you</a>.</p>
<?php 
        }
        $PAGE->stripe_end();
        # Email alerts
        if ($this_page == 'userviewself') {
            $PAGE->stripe_start();
            print '<h3>Your email alerts</h3>';
            $db = new ParlDB();
            $q = $db->query('SELECT * FROM alerts WHERE email = "' . mysql_escape_string($THEUSER->email()) . '" ORDER BY confirmed,deleted,alert_id');
            $out = '';
            for ($i = 0; $i < $q->rows(); ++$i) {
                $row = $q->row($i);
                $criteria = explode(' ', $row['criteria']);
                $ccc = array();
                foreach ($criteria as $c) {
                    if (preg_match('#^speaker:(\\d+)#', $c, $m)) {
                        $MEMBER = new MEMBER(array('person_id' => $m[1]));
                        $ccc[] = 'spoken by ' . $MEMBER->full_name();
                    } else {
                        $ccc[] = $c;
                    }
                }
                $criteria = join(' ', $ccc);
                $token = $row['alert_id'] . '-' . $row['registrationtoken'];
                if (!$row['confirmed']) {
                    $action = '<a href="/A/' . $token . '">Confirm</a>';
                } elseif ($row['deleted']) {
                    $action = '<form action="/alert/undelete/" method="post"><input type="hidden" name="t" value="' . $token . '"><input type="submit" value="Undelete"></form>';
                } else {
                    $action = '<form action="/alert/delete/" method="post"><input type="hidden" name="t" value="' . $token . '"><input type="submit" value="Delete"></form>';
                }
                $out .= '<tr><td>' . $criteria . '</td><td>' . $action . '</td></tr>';
            }
            print '<p>To add a new alert, simply visit an MP or Peer\'s page or conduct a search &#8212; to be given the option of turning them into alerts automatically &#8212; or visit <a href="/alert/">the manual addition page</a>.</p>';
            if ($out) {
                print '<p>Here are your email alerts:</p>';
                print '<table cellpadding="3" cellspacing="0"><tr><th>Criteria</th><th>Action</th></tr>' . $out . '</table>';
            } else {
                print '<p>You currently have no email alerts set up.</p>';
            }
            $PAGE->stripe_end();
        }
        if (!$edited) {
            $args = array('user_id' => $user_id, 'page' => get_http_var('p'));
            $COMMENTLIST = new COMMENTLIST();
            $COMMENTLIST->display('user', $args);
        }
    } else {
        $message = array('title' => 'Sorry...', 'text' => "We don't have a user ID, so we can't show you anyone's details.");
        $PAGE->message($message);
    }
    $PAGE->page_end();
}
Esempio n. 4
0
function display_user($user_id = "")
{
    global $THEUSER, $PAGE, $DATA, $this_page, $who;
    // We're either going to be:
    //	Displaying the details of a user who's just been edited
    //		(their user_id will be in $user_id now).
    //	Viewing THEUSER's own data.
    //	Viewing someone else's data (their id will be in the GET string
    //		user_id variable).
    // We could do something cleverer so that if THEUSER has sufficient
    // privileges we display more data when they're viewing someone else's info
    // than what your average punter sees.
    // If $user_id is a user id, we've just edited that user's info.
    // FIRST: Work out whose info we're going to show.
    $edited = false;
    // Have we just edited someone's info?
    if (is_numeric($user_id) && $user_id == $THEUSER->user_id()) {
        // Display this user's just edited info.
        $display = "this user";
        $edited = true;
    } elseif (is_numeric($user_id)) {
        // Display someone else's just edited info.
        $display = "another user";
        $edited = true;
    } elseif (is_numeric(get_http_var("u"))) {
        // Display someone else's info.
        $user_id = get_http_var("u");
        $display = "another user";
    } elseif ($THEUSER->isloggedin()) {
        // Display this user's info.
        $display = "this user";
        $user_id = $THEUSER->user_id();
    } else {
        // Nothing to show!
        $URL = new URL('userlogin');
        $URL->insert(array('ret' => '/user/'));
        $loginurl = $URL->generate();
        header("Location: {$loginurl}");
        exit;
    }
    // SECOND: Get the data for whoever we're going to show.
    $db = new ParlDB();
    if ($display == "another user") {
        // Viewing someone else's info.
        $USER = new USER();
        $valid = $USER->init($user_id);
        if ($valid && $USER->confirmed() && !$USER->deleted()) {
            // Don't want to display unconfirmed or deleted users.
            $name = $USER->firstname() . " " . $USER->lastname();
            $url = $USER->url();
            if ($USER->emailpublic() == true) {
                $email = $USER->email();
            }
            $status = $USER->status();
            $registrationtime = $USER->registrationtime();
            // Change the page title to reflect whose info we're viewing.
            $DATA->set_page_metadata($this_page, "title", "{$name}");
            $q = $db->query('select count(*) as c from video_timestamps where deleted=0 and user_id= ' . $USER->user_id());
            $video = $q->field(0, 'c');
        } else {
            // This user_id doesn't exist.
            $display = "none";
        }
    } elseif ($display == "this user") {
        // Display THEUSER's info.
        $name = $THEUSER->firstname() . " " . $THEUSER->lastname();
        $url = $THEUSER->url();
        if ($edited) {
            // We want to show all the info to the user.
            $email = $THEUSER->email();
            $emailpublic = $THEUSER->emailpublic() == true ? "Yes" : "No";
            $optin = $THEUSER->optin() == true ? "Yes" : "No";
            $postcode = $THEUSER->postcode();
        } else {
            // We're showing them how they're seen to other people.
            if ($THEUSER->emailpublic()) {
                $email = $THEUSER->email();
            }
            $registrationtime = $THEUSER->registrationtime();
            $status = $THEUSER->status();
        }
        $q = $db->query('select count(*) as c from video_timestamps where deleted=0 and user_id= ' . $THEUSER->user_id());
        $video = $q->field(0, 'c');
        // Change the page title to make it clear we're viewing THEUSER's
        // own info. Make them less worried about other people seeing some of the
        // info that shouldn't be public.
        $DATA->set_page_metadata($this_page, "title", "Your details");
    } else {
        // There's nothing to display!
    }
    // THIRD: Print out what we've got.
    $PAGE->page_start();
    if ($display != "none") {
        $PAGE->stripe_start();
        if (isset($registrationtime)) {
            // Make registration time more user-friendly.
            list($date, $time) = explode(' ', $registrationtime);
            $registrationtime = format_date($date, LONGDATEFORMAT);
        }
        if ($edited) {
            print "\t\t\t\t<p><strong>" . ucfirst($who) . " details have been updated:</strong></p>\n";
        }
        if ($this_page == 'userviewself' && !$edited) {
            $EDITURL = new URL('useredit');
            ?>
				<p><strong>This is how other people see you.</strong> <a href="<?php 
            echo $EDITURL->generate();
            ?>
">Edit your details</a>.</p>
<?php 
        }
        ?>
				<div class="row">
				<span class="label">Name</span>
				<span class="formw"><?php 
        if (substr($name, -3) == ' MP') {
            print '<a href="/mp/' . make_member_url(substr($name, 0, -3)) . '">';
        }
        echo htmlentities($name);
        if (substr($name, -3) == ' MP') {
            print '</a>';
        }
        ?>
</span>
				</div>

				<div class="row">
				<span class="label">Email</span>
				<span class="formw"><?php 
        if (isset($email)) {
            $escaped_email = str_replace('@', '&#64;', htmlentities($email));
            ?>
<a href="mailto:<?php 
            echo $escaped_email . "\">" . $escaped_email;
            ?>
</a><?php 
        } else {
            ?>
Not public<?php 
        }
        ?>
</span>
				</div>

<?php 
        if (isset($postcode)) {
            if ($postcode == '') {
                $postcode = 'none';
            }
            ?>
				<div class="row">&nbsp;<br>
				<span class="label">UK Postcode</span>
				<span class="formw"><?php 
            echo htmlentities($postcode);
            ?>
 <small>(not public)</small></span>
				</div>

<?php 
        }
        if (isset($url)) {
            if ($url == '') {
                $url = 'none';
            } else {
                $url = '<a href="' . htmlentities($url) . '">' . htmlentities($url) . '</a>';
            }
            ?>
				<div class="row">
				<span class="label">Website</span>
				<span class="formw"><?php 
            echo $url;
            ?>
</span>
				</div>

<?php 
        }
        if (isset($emailpublic)) {
            ?>
				<div class="row">&nbsp;<br>Let other people see your email address? <strong><?php 
            echo htmlentities($emailpublic);
            ?>
</strong></div>

<?php 
        }
        if (isset($optin)) {
            ?>
				<div class="row">Receive TheyWorkForYou.com emails? <strong><?php 
            echo htmlentities($optin);
            ?>
</strong></div>

<?php 
        }
        if (isset($status)) {
            ?>
				<div class="row">
				<span class="label">Status</span>
				<span class="formw"><?php 
            echo htmlentities($status);
            ?>
</span>
				</div>
<?php 
        }
        if (isset($registrationtime)) {
            ?>
				<div class="row">
				<span class="label">Joined</span>
				<span class="formw"><?php 
            echo htmlentities($registrationtime);
            ?>
</span>
				</div>
<?php 
        }
        if (isset($video)) {
            echo '<div class="row"><span class="label">Videos timestamped</span>
				<span class="formw">', $video, '</span></div>';
        }
        if ($edited && $this_page == 'userviewself') {
            $EDITURL = new URL('useredit');
            $VIEWURL = new URL('userviewself');
            ?>
				<p>&nbsp;<br><a href="<?php 
            echo $EDITURL->generate();
            ?>
">Edit again</a> or <a href="<?php 
            echo $VIEWURL->generate();
            ?>
">see how others see you</a>.</p>
<?php 
        }
        $PAGE->stripe_end();
        # Email alerts
        if ($this_page == 'userviewself') {
            $PAGE->stripe_start();
            print '<h3>Your email alerts</h3>';
            alerts_manage($THEUSER->email());
            $PAGE->stripe_end();
        }
        if (!$edited) {
            $args = array('user_id' => $user_id, 'page' => get_http_var('p'));
            $COMMENTLIST = new COMMENTLIST();
            $COMMENTLIST->display('user', $args);
        }
    } else {
        $message = array('title' => 'Sorry...', 'text' => "We don't have a user ID, so we can't show you anyone's details.");
        $PAGE->message($message);
    }
    $PAGE->page_end();
}