* N E W S C O M M E N T S
* =======================================
*/
$USESKIN = skin_news;
$ets_outter->main_title = $config->get('site_name') . ': ' . $l['title-news'];
$ets_outter->page_title = $l['title-news'];
if (!isset($_PATH['id'])) {
jsRedirect('index.php');
}
$id = $_PATH['id'];
if (!is_numeric($id)) {
jsRedirect(script_path . 'index.php');
}
$data = $db->getArray(' # Get one news post
SELECT t1.blog_id, t1.author_id, t1.date, t1.subject, t1.body, t1.access, t1.custom AS custom_text, t1.comments, t1.html, t1.smiles, t1.bb, t2.username AS author, t2.custom AS custom_title
FROM ' . db_blogs . ' AS t1, ' . db_users . ' AS t2
WHERE t1.blog_id = "' . $id . '" AND t1.author_id = t2.user_id
LIMIT 1;');
$b->setDate($config->get('news_date_format'));
$ets->news[0] = $b->format($data, $user, $l['edit']);
// get comments.
$ets->list_comments = $b->getComments($id, $config->get('comment_date_format'), $l['guest'], $user, $l['edit']);
// form to add comment
$name = $user->isLogedIn ? $user->get('username') : $l['guest'];
$submit_text = sprintf($l['comment_submit'], $name);
$ets->add_comment = '
<script type="text/javascript">
function insertWindow( gotopage ) {
window.open( gotopage, \'newwindow\',\'toolbar=0,location=0,directories=0,menuBar=0,resizable=1,scrollbars=yes,width=400,height=500,left=20,top=20\');
}
</script>
if ($clean['password'] != $clean['confirm-password']) {
$baddata = true;
$problems[] = $l['reg-badpassword'];
}
// valid email?
if (!pear_check_email($clean['email'])) {
$baddata = true;
$problems[] = $l['reg-bademail'];
}
// check if username exists
if ($user->userExists($clean['username'])) {
$baddata = true;
$problems[] = $l['reg-badusername'];
}
// email in use?
$echeck = $db->getArray("SELECT count(*) as c FROM " . db_users . " WHERE email = '" . slash_if_needed($clean['email']) . "';");
if ($echeck['c'] >= 1) {
$baddata = true;
$problems[] = $l['reg-usedemail'];
}
// see if template files exist & we have access to them.
if (!nlb_user::templateExists($clean['template'])) {
$baddata = true;
$problems[] = $l['reg-badtemplatechoice'];
}
if (!$baddata) {
/**
* A D D U S E R
*/
$text->makeClean('slash_if_needed', 'trim');
$c = $text->clean;
* Show page of blogs for user
*/
$USERID = $path['user'];
if (!is_numeric($USERID)) {
jsRedirect(script_path . 'index.php');
}
$u = new nlb_user($db, $USERID);
// $u is the user who's friends page we are viewing
$page = 0;
if (isset($path['page'])) {
$page = $path['page'];
}
$perpage = $u->get('perpage');
$page_start = $page * $perpage;
// get avatar for this user
$av = $db->getArray('SELECT file, isCustom FROM ' . db_avatars . ' WHERE owner_id=' . $USERID . ' AND type=1;');
if (!empty($av)) {
if ($av['isCustom'] == 1) {
$file = 'avatars/';
} else {
$file = 'avatars/default/';
}
$file .= $av['file'];
$ets->avatar_url = script_path . $file;
$ets->avatar = '<img src="' . script_path . $file . '" />';
}
// get list of friends
$list = $db->getAllArray('SELECT friend_id FROM ' . db_friends . ' WHERE owner_id = ' . $USERID . ';');
if ($db->getRowCount() == 0) {
// This user has no friends.
$ets->blog[0]->body = $l['no-friends'];
header("Content-type: text/xml");
require_once 'config.php';
require_once 'system/functions.php';
require_once 'system/sqldb2.class.php';
$path = fetch_url_data();
if (!isset($path['id'])) {
jsRedirect(script_path . 'index.php');
// I'm not sure if re-directing is the best option since RSS should be used by
// client apps, but if there is something wrong with the path info, then chances
// are that someone is just trying to make an error appear.
}
$userid = addslashes($path['id']);
$home_url = full_url . build_link('blog.php', array('user' => $userid));
$db = new sqldb2($DB_CONFIG);
// user exists?
$user_check = $db->getArray('SELECT count(user_id) AS c FROM ' . db_users . ' WHERE user_id="' . $userid . '";');
if ($user_check['c'] != 1) {
// die('Invalid User');
jsRedirect(script_path . 'index.php');
}
$user = $db->getArray('SELECT username FROM ' . db_users . ' WHERE user_id="' . $userid . '";');
$USER = $user['username'];
$blogs = $db->query('SELECT u.username AS author, b.*
FROM ' . db_users . ' AS u, ' . db_blogs . ' AS b
WHERE b.author_id = ' . $userid . ' AND b.author_id = u.user_id AND b.access = ' . access_public . '
ORDER BY b.date DESC
LIMIT 0, 10');
// print first part of rss
echo '<rss version="2.0">
<channel>
<title>Public blogs posted by ' . $USER . '</title>
$config = new nlb_config($db);
include $config->langfile();
$user = new nlb_user($db);
$user->checkLogin();
if (!isset($path['user'])) {
jsRedirect(script_path . 'index.php');
// need a user id!!
} else {
$USERID = $path['user'];
if (!is_numeric($USERID)) {
jsRedirect(script_path . 'index.php');
}
// get info on user
$info = $db->getArray('
SELECT username, email, blog_count, birthday, gender, registered, bio
FROM ' . db_users . '
WHERE user_id="' . $USERID . '"
LIMIT 1;');
if (empty($info)) {
jsRedirect(script_path . 'index.php');
// not valid userid
}
// comment count
$tmp = $db->getArray('SELECT COUNT(comment_id) AS count FROM ' . db_comments . ' WHERE author_id="' . $USERID . '";');
$info['comment_count'] = $tmp['count'];
// friends count
$tmp = $db->getArray('SELECT COUNT(*) AS count FROM ' . db_friends . ' WHERE owner_id="' . $USERID . '";');
$info['num_friends'] = $tmp['count'];
// as friend count
$tmp = $db->getArray('SELECT COUNT(*) AS count FROM ' . db_friends . ' WHERE friend_id = ' . $USERID . ' ;');
$info['num_as_friend'] = $tmp['count'];
}
$start = $page * $perpage;
// get and process a page of members
$i = 0;
$all = $db->getAllArray("SELECT user_id, username, blog_count, registered FROM " . db_users . " WHERE valid = 1 ORDER BY {$sort} {$way} LIMIT {$start}, {$perpage} ;");
foreach ($all as $row) {
stripslashes_array($row);
$ets->members[$i]->username = $row['username'];
$ets->members[$i]->blog_count = $row['blog_count'];
$ets->members[$i]->url_blogs = build_link('blog.php', array('user' => $row['user_id']));
$ets->members[$i]->url_profile = build_link('profile.php', array('user' => $row['user_id']));
$ets->members[$i]->registered = date($date_format, $row['registered']);
$i++;
}
// setup next/prev links
$total = $db->getArray("SELECT count(*) as c FROM " . db_users . ";");
$total = $total['c'];
if ($page > 0) {
$ets->url_page_prev = build_link('members.php', array('page' => $page - 1, 'sort' => $sort, 'way' => $way));
}
if ($total > $perpage * ($page + 1)) {
$ets->url_page_next = build_link('members.php', array('page' => $page + 1, 'sort' => $sort, 'way' => $way));
}
// build sort links
$i = 0;
foreach ($allowed_sort as $item) {
$ets->sort[$i]->item = $l['mem-sort-' . $item];
$ets->sort[$i]->asc = $l['mem-asc'];
$ets->sort[$i]->desc = $l['mem-desc'];
$ets->sort[$i]->url_asc = build_link('members.php', array('sort' => $item, 'way' => 'asc'));
$ets->sort[$i]->url_desc = build_link('members.php', array('sort' => $item, 'way' => 'desc'));
require_once 'system/nlb_user.class.php';
require_once 'system/nlb_config.class.php';
require_once 'ets.php';
// Sweet template library
$start = mymicrotime();
$db = new sqldb2($DB_CONFIG);
$config = new nlb_config($db);
$user = new nlb_user($db);
//$user->checklogin(); DONT CHECK FOR LOGIN ON THIS PAGE!
include $config->langfile();
// include lang file
if (!isset($_GET['id'])) {
jsRedirect('index.php');
}
$id = addslashes($_GET['id']);
$row = $db->getArray('SELECT reason, expires FROM ' . db_banned . ' WHERE banned_id="' . $id . '";');
if (empty($row)) {
die("empty");
}
$body = $l['banned_msg'];
$body = str_replace("%REASON%", $row['reason'], $body);
$body = str_replace("%DATE%", date('r', $row['expires']), $body);
$ets->page_body = $body;
$ets_outter->sitenav = buildMainNav($l, $user);
$ets_outter->query_count = $db->getquerycount();
$ets_outter->script_path = script_path;
$ets_outter->gen_time = mymicrotime($start, 5);
$ets_outter->main_title = $config->get('site_name') . ": " . $l['title-arebanned'];
$ets_outter->page_title = $l['title-arebanned'];
$ets_outter->welcome[] = $user->getWelcomeTags();
printt($ets_outter, skin_header);
$start = mymicrotime();
$db = new sqldb2($DB_CONFIG);
$blog = new nlb_blog($db);
$user = new nlb_user($db);
$config = new nlb_config($db);
include $config->langfile();
$user->checkLogin();
if ($user->isLogedIn) {
// timezone
$blog->setDateOffset($config->get('server_timezone'), $user->get('timezone'));
}
//
// T O T A L S
//
// public blogs
$tmp = $db->getArray('SELECT COUNT(blog_id) AS c FROM ' . db_blogs . ' WHERE access="' . access_public . '";');
$total_public = $tmp['c'];
// private blogs
$tmp = $db->getArray('SELECT COUNT(blog_id) AS c FROM ' . db_blogs . ' WHERE access="' . access_private . '";');
$total_private = $tmp['c'];
// valid users
$tmp = $db->getArray('SELECT COUNT(user_id) AS c FROM ' . db_users . ' WHERE valid=1;');
$total_users = $tmp['c'];
// comments
$tmp = $db->getArray('SELECT COUNT(comment_id) AS c FROM ' . db_comments . ' ;');
$total_comments = $tmp['c'];
//
// R E C E N T (last 24 hours).
//
$past = strtotime('-1 day');
// comments
if ($searchBody) {
$query .= ' AND b.body LIKE "%' . $q . '%"';
$rquery .= ' AND b.body LIKE "%' . $q . '%"';
}
if ($searchSubject) {
$query .= ' AND b.subject LIKE "%' . $q . '%"';
$rquery .= ' AND b.subject LIKE "%' . $q . '%"';
}
if (isset($_POST['author']) && $_POST['author'] != "") {
$authorid = $user->getIdByName(slash_if_needed($_POST['author']));
if ($authorid != -1) {
$query .= ' AND b.author_id = ' . $authorid;
$rquery .= ' AND b.author_id = ' . $authorid;
}
}
$count = $db->getArray($rquery);
if ($count['results'] == 0) {
//------------------------
// NO RESULTS TO SHOW
//------------------------
$mask = 'form';
$ets->noresults = 1;
} else {
//------------------------
// WORK IS DONE, REDIRECT USER
//------------------------
$_SESSION['results'] = $count['results'];
$_SESSION['query'] = $query;
$mask = 'redirect';
$ets->url = build_link('search.php?page=0');
}
$config = new nlb_config($db);
require_once $config->langfile();
$user = new nlb_user($db);
$user->checkLogin();
if (isset($path['id'])) {
/**
* =======================================
* Show single blog & Comments
* =======================================
*/
$blog_id = $path['id'];
if (!is_numeric($blog_id)) {
jsRedirect(script_path . 'index.php');
}
// blog exists?
$test = $db->getArray('SELECT count(blog_id) as c FROM ' . db_blogs . ' WHERE blog_id="' . $blog_id . '";');
if ($test['c'] == 0) {
// bad blog id
jsRedirect(script_path . 'index.php');
}
$q = '# GET BLOG
SELECT b.blog_id, b.author_id, b.date, b.subject, b.body, b.access, b.mood, b.custom AS custom_text, b.comments, b.html, b.smiles, b.bb, u.username AS author, u.custom AS custom_title, u.date_format
FROM ' . db_blogs . ' AS b, ' . db_users . ' AS u
WHERE b.author_id = u.user_id AND b.blog_id = "' . $blog_id . '"
ORDER BY b.date DESC
LIMIT 1 ;';
$thisblog = $db->getArray($q);
if ($thisblog['access'] == access_news) {
jsRedirect(build_link('index.php', array('action' => 'comment', 'id' => $blog_id)));
}
if ($thisblog['access'] == access_private && !$user->isLogedIn) {
require_once 'system/nlb_user.class.php';
require_once 'system/nlb_config.class.php';
require_once 'system/text.class.php';
require_once 'ets.php';
$start = mymicrotime();
$db = new sqldb2($DB_CONFIG);
$config = new nlb_config($db);
$blog = new nlb_blog($db);
$user = new nlb_user($db);
$user->checklogin();
if (!isset($_POST['parent']) || empty($_POST['parent'])) {
jsRedirect('index.php');
}
$parent = $_POST['parent'];
// get some info about this blog
$info = $db->getArray('SELECT access, comments FROM ' . db_blogs . ' WHERE blog_id="' . $parent . '" LIMIT 1;');
// if anything goes wrong, decide where we will go.
if ($info['access'] == access_news) {
$go = build_link('index.php', array('action' => 'comment', 'id' => $parent));
} else {
$go = build_link('blog.php', array('id' => $parent));
}
// are we alowed to blog here?
if ($info['comments'] == -1) {
jsRedirect($go);
}
// do we have any data to submit?
if (!isset($_POST['body']) || empty($_POST['body'])) {
jsRedirect($go);
}
$body = slash_if_needed($_POST['body']);
