* N E W S C O M M E N T S * ======================================= */ $USESKIN = skin_news; $ets_outter->main_title = $config->get('site_name') . ': ' . $l['title-news']; $ets_outter->page_title = $l['title-news']; if (!isset($_PATH['id'])) { jsRedirect('index.php'); } $id = $_PATH['id']; if (!is_numeric($id)) { jsRedirect(script_path . 'index.php'); } $data = $db->getArray(' # Get one news post SELECT t1.blog_id, t1.author_id, t1.date, t1.subject, t1.body, t1.access, t1.custom AS custom_text, t1.comments, t1.html, t1.smiles, t1.bb, t2.username AS author, t2.custom AS custom_title FROM ' . db_blogs . ' AS t1, ' . db_users . ' AS t2 WHERE t1.blog_id = "' . $id . '" AND t1.author_id = t2.user_id LIMIT 1;'); $b->setDate($config->get('news_date_format')); $ets->news[0] = $b->format($data, $user, $l['edit']); // get comments. $ets->list_comments = $b->getComments($id, $config->get('comment_date_format'), $l['guest'], $user, $l['edit']); // form to add comment $name = $user->isLogedIn ? $user->get('username') : $l['guest']; $submit_text = sprintf($l['comment_submit'], $name); $ets->add_comment = ' <script type="text/javascript"> function insertWindow( gotopage ) { window.open( gotopage, \'newwindow\',\'toolbar=0,location=0,directories=0,menuBar=0,resizable=1,scrollbars=yes,width=400,height=500,left=20,top=20\'); } </script>
if ($clean['password'] != $clean['confirm-password']) { $baddata = true; $problems[] = $l['reg-badpassword']; } // valid email? if (!pear_check_email($clean['email'])) { $baddata = true; $problems[] = $l['reg-bademail']; } // check if username exists if ($user->userExists($clean['username'])) { $baddata = true; $problems[] = $l['reg-badusername']; } // email in use? $echeck = $db->getArray("SELECT count(*) as c FROM " . db_users . " WHERE email = '" . slash_if_needed($clean['email']) . "';"); if ($echeck['c'] >= 1) { $baddata = true; $problems[] = $l['reg-usedemail']; } // see if template files exist & we have access to them. if (!nlb_user::templateExists($clean['template'])) { $baddata = true; $problems[] = $l['reg-badtemplatechoice']; } if (!$baddata) { /** * A D D U S E R */ $text->makeClean('slash_if_needed', 'trim'); $c = $text->clean;
* Show page of blogs for user */ $USERID = $path['user']; if (!is_numeric($USERID)) { jsRedirect(script_path . 'index.php'); } $u = new nlb_user($db, $USERID); // $u is the user who's friends page we are viewing $page = 0; if (isset($path['page'])) { $page = $path['page']; } $perpage = $u->get('perpage'); $page_start = $page * $perpage; // get avatar for this user $av = $db->getArray('SELECT file, isCustom FROM ' . db_avatars . ' WHERE owner_id=' . $USERID . ' AND type=1;'); if (!empty($av)) { if ($av['isCustom'] == 1) { $file = 'avatars/'; } else { $file = 'avatars/default/'; } $file .= $av['file']; $ets->avatar_url = script_path . $file; $ets->avatar = '<img src="' . script_path . $file . '" />'; } // get list of friends $list = $db->getAllArray('SELECT friend_id FROM ' . db_friends . ' WHERE owner_id = ' . $USERID . ';'); if ($db->getRowCount() == 0) { // This user has no friends. $ets->blog[0]->body = $l['no-friends'];
header("Content-type: text/xml"); require_once 'config.php'; require_once 'system/functions.php'; require_once 'system/sqldb2.class.php'; $path = fetch_url_data(); if (!isset($path['id'])) { jsRedirect(script_path . 'index.php'); // I'm not sure if re-directing is the best option since RSS should be used by // client apps, but if there is something wrong with the path info, then chances // are that someone is just trying to make an error appear. } $userid = addslashes($path['id']); $home_url = full_url . build_link('blog.php', array('user' => $userid)); $db = new sqldb2($DB_CONFIG); // user exists? $user_check = $db->getArray('SELECT count(user_id) AS c FROM ' . db_users . ' WHERE user_id="' . $userid . '";'); if ($user_check['c'] != 1) { // die('Invalid User'); jsRedirect(script_path . 'index.php'); } $user = $db->getArray('SELECT username FROM ' . db_users . ' WHERE user_id="' . $userid . '";'); $USER = $user['username']; $blogs = $db->query('SELECT u.username AS author, b.* FROM ' . db_users . ' AS u, ' . db_blogs . ' AS b WHERE b.author_id = ' . $userid . ' AND b.author_id = u.user_id AND b.access = ' . access_public . ' ORDER BY b.date DESC LIMIT 0, 10'); // print first part of rss echo '<rss version="2.0"> <channel> <title>Public blogs posted by ' . $USER . '</title>
$config = new nlb_config($db); include $config->langfile(); $user = new nlb_user($db); $user->checkLogin(); if (!isset($path['user'])) { jsRedirect(script_path . 'index.php'); // need a user id!! } else { $USERID = $path['user']; if (!is_numeric($USERID)) { jsRedirect(script_path . 'index.php'); } // get info on user $info = $db->getArray(' SELECT username, email, blog_count, birthday, gender, registered, bio FROM ' . db_users . ' WHERE user_id="' . $USERID . '" LIMIT 1;'); if (empty($info)) { jsRedirect(script_path . 'index.php'); // not valid userid } // comment count $tmp = $db->getArray('SELECT COUNT(comment_id) AS count FROM ' . db_comments . ' WHERE author_id="' . $USERID . '";'); $info['comment_count'] = $tmp['count']; // friends count $tmp = $db->getArray('SELECT COUNT(*) AS count FROM ' . db_friends . ' WHERE owner_id="' . $USERID . '";'); $info['num_friends'] = $tmp['count']; // as friend count $tmp = $db->getArray('SELECT COUNT(*) AS count FROM ' . db_friends . ' WHERE friend_id = ' . $USERID . ' ;'); $info['num_as_friend'] = $tmp['count'];
} $start = $page * $perpage; // get and process a page of members $i = 0; $all = $db->getAllArray("SELECT user_id, username, blog_count, registered FROM " . db_users . " WHERE valid = 1 ORDER BY {$sort} {$way} LIMIT {$start}, {$perpage} ;"); foreach ($all as $row) { stripslashes_array($row); $ets->members[$i]->username = $row['username']; $ets->members[$i]->blog_count = $row['blog_count']; $ets->members[$i]->url_blogs = build_link('blog.php', array('user' => $row['user_id'])); $ets->members[$i]->url_profile = build_link('profile.php', array('user' => $row['user_id'])); $ets->members[$i]->registered = date($date_format, $row['registered']); $i++; } // setup next/prev links $total = $db->getArray("SELECT count(*) as c FROM " . db_users . ";"); $total = $total['c']; if ($page > 0) { $ets->url_page_prev = build_link('members.php', array('page' => $page - 1, 'sort' => $sort, 'way' => $way)); } if ($total > $perpage * ($page + 1)) { $ets->url_page_next = build_link('members.php', array('page' => $page + 1, 'sort' => $sort, 'way' => $way)); } // build sort links $i = 0; foreach ($allowed_sort as $item) { $ets->sort[$i]->item = $l['mem-sort-' . $item]; $ets->sort[$i]->asc = $l['mem-asc']; $ets->sort[$i]->desc = $l['mem-desc']; $ets->sort[$i]->url_asc = build_link('members.php', array('sort' => $item, 'way' => 'asc')); $ets->sort[$i]->url_desc = build_link('members.php', array('sort' => $item, 'way' => 'desc'));
require_once 'system/nlb_user.class.php'; require_once 'system/nlb_config.class.php'; require_once 'ets.php'; // Sweet template library $start = mymicrotime(); $db = new sqldb2($DB_CONFIG); $config = new nlb_config($db); $user = new nlb_user($db); //$user->checklogin(); DONT CHECK FOR LOGIN ON THIS PAGE! include $config->langfile(); // include lang file if (!isset($_GET['id'])) { jsRedirect('index.php'); } $id = addslashes($_GET['id']); $row = $db->getArray('SELECT reason, expires FROM ' . db_banned . ' WHERE banned_id="' . $id . '";'); if (empty($row)) { die("empty"); } $body = $l['banned_msg']; $body = str_replace("%REASON%", $row['reason'], $body); $body = str_replace("%DATE%", date('r', $row['expires']), $body); $ets->page_body = $body; $ets_outter->sitenav = buildMainNav($l, $user); $ets_outter->query_count = $db->getquerycount(); $ets_outter->script_path = script_path; $ets_outter->gen_time = mymicrotime($start, 5); $ets_outter->main_title = $config->get('site_name') . ": " . $l['title-arebanned']; $ets_outter->page_title = $l['title-arebanned']; $ets_outter->welcome[] = $user->getWelcomeTags(); printt($ets_outter, skin_header);
$start = mymicrotime(); $db = new sqldb2($DB_CONFIG); $blog = new nlb_blog($db); $user = new nlb_user($db); $config = new nlb_config($db); include $config->langfile(); $user->checkLogin(); if ($user->isLogedIn) { // timezone $blog->setDateOffset($config->get('server_timezone'), $user->get('timezone')); } // // T O T A L S // // public blogs $tmp = $db->getArray('SELECT COUNT(blog_id) AS c FROM ' . db_blogs . ' WHERE access="' . access_public . '";'); $total_public = $tmp['c']; // private blogs $tmp = $db->getArray('SELECT COUNT(blog_id) AS c FROM ' . db_blogs . ' WHERE access="' . access_private . '";'); $total_private = $tmp['c']; // valid users $tmp = $db->getArray('SELECT COUNT(user_id) AS c FROM ' . db_users . ' WHERE valid=1;'); $total_users = $tmp['c']; // comments $tmp = $db->getArray('SELECT COUNT(comment_id) AS c FROM ' . db_comments . ' ;'); $total_comments = $tmp['c']; // // R E C E N T (last 24 hours). // $past = strtotime('-1 day'); // comments
if ($searchBody) { $query .= ' AND b.body LIKE "%' . $q . '%"'; $rquery .= ' AND b.body LIKE "%' . $q . '%"'; } if ($searchSubject) { $query .= ' AND b.subject LIKE "%' . $q . '%"'; $rquery .= ' AND b.subject LIKE "%' . $q . '%"'; } if (isset($_POST['author']) && $_POST['author'] != "") { $authorid = $user->getIdByName(slash_if_needed($_POST['author'])); if ($authorid != -1) { $query .= ' AND b.author_id = ' . $authorid; $rquery .= ' AND b.author_id = ' . $authorid; } } $count = $db->getArray($rquery); if ($count['results'] == 0) { //------------------------ // NO RESULTS TO SHOW //------------------------ $mask = 'form'; $ets->noresults = 1; } else { //------------------------ // WORK IS DONE, REDIRECT USER //------------------------ $_SESSION['results'] = $count['results']; $_SESSION['query'] = $query; $mask = 'redirect'; $ets->url = build_link('search.php?page=0'); }
$config = new nlb_config($db); require_once $config->langfile(); $user = new nlb_user($db); $user->checkLogin(); if (isset($path['id'])) { /** * ======================================= * Show single blog & Comments * ======================================= */ $blog_id = $path['id']; if (!is_numeric($blog_id)) { jsRedirect(script_path . 'index.php'); } // blog exists? $test = $db->getArray('SELECT count(blog_id) as c FROM ' . db_blogs . ' WHERE blog_id="' . $blog_id . '";'); if ($test['c'] == 0) { // bad blog id jsRedirect(script_path . 'index.php'); } $q = '# GET BLOG SELECT b.blog_id, b.author_id, b.date, b.subject, b.body, b.access, b.mood, b.custom AS custom_text, b.comments, b.html, b.smiles, b.bb, u.username AS author, u.custom AS custom_title, u.date_format FROM ' . db_blogs . ' AS b, ' . db_users . ' AS u WHERE b.author_id = u.user_id AND b.blog_id = "' . $blog_id . '" ORDER BY b.date DESC LIMIT 1 ;'; $thisblog = $db->getArray($q); if ($thisblog['access'] == access_news) { jsRedirect(build_link('index.php', array('action' => 'comment', 'id' => $blog_id))); } if ($thisblog['access'] == access_private && !$user->isLogedIn) {
require_once 'system/nlb_user.class.php'; require_once 'system/nlb_config.class.php'; require_once 'system/text.class.php'; require_once 'ets.php'; $start = mymicrotime(); $db = new sqldb2($DB_CONFIG); $config = new nlb_config($db); $blog = new nlb_blog($db); $user = new nlb_user($db); $user->checklogin(); if (!isset($_POST['parent']) || empty($_POST['parent'])) { jsRedirect('index.php'); } $parent = $_POST['parent']; // get some info about this blog $info = $db->getArray('SELECT access, comments FROM ' . db_blogs . ' WHERE blog_id="' . $parent . '" LIMIT 1;'); // if anything goes wrong, decide where we will go. if ($info['access'] == access_news) { $go = build_link('index.php', array('action' => 'comment', 'id' => $parent)); } else { $go = build_link('blog.php', array('id' => $parent)); } // are we alowed to blog here? if ($info['comments'] == -1) { jsRedirect($go); } // do we have any data to submit? if (!isset($_POST['body']) || empty($_POST['body'])) { jsRedirect($go); } $body = slash_if_needed($_POST['body']);