/** * Run the loader, to load up field-restrictions from the XML file. * * @param string The default breadcrumbs * @param string The breadcrumb XML data */ function go($current_breadcrumbs, $data) { $this->tag_stack = array(); $this->attribute_stack = array(); $this->substitution_current_match_key = NULL; $this->substitution_current_label = NULL; $this->links = array(); $this->substitutions = array(); $breadcrumb_tpl = do_template('BREADCRUMB_ESCAPED'); $this->breadcrumb_tpl = $breadcrumb_tpl->evaluate(); $this->current_breadcrumbs = $current_breadcrumbs; // Create and setup our parser $xml_parser = @xml_parser_create(); if ($xml_parser === false) { return; // PHP5 default build on windows comes with this function disabled, so we need to be able to escape on error } xml_set_object($xml_parser, $this); @xml_parser_set_option($xml_parser, XML_OPTION_TARGET_ENCODING, get_charset()); @xml_parser_set_option($xml_parser, XML_OPTION_CASE_FOLDING, 0); xml_set_element_handler($xml_parser, 'startElement', 'endElement'); xml_set_character_data_handler($xml_parser, 'startText'); // Run the parser if (@xml_parse($xml_parser, $data, true) == 0) { attach_message('breadcrumbs.xml: ' . xml_error_string(xml_get_error_code($xml_parser)), 'warn'); return; } @xml_parser_free($xml_parser); }
/** * Standard modular run function. * * @param array A map of parameters. * @return tempcode The result of execution. */ function run($map) { require_code('textfiles'); $file = array_key_exists('param', $map) ? $map['param'] : 'admin_notes'; $title = array_key_exists('title', $map) ? $map['title'] : do_lang('NOTES'); $lang_none = array_key_exists('lang_none', $map) ? $map['lang_none'] : '0'; $scrolls = array_key_exists('scrolls', $map) ? $map['scrolls'] : '0'; $lang = $lang_none == '1' ? NULL : ''; $file = filter_naughty($file, true); $new = post_param('new', NULL); if (!is_null($new)) { $hooks = find_all_hooks('blocks', 'main_notes'); foreach (array_keys($hooks) as $hook) { require_code('hooks/blocks/main_notes/' . filter_naughty_harsh($hook)); $ob = object_factory('Hook_notes_' . filter_naughty_harsh($hook), true); if (is_null($ob)) { continue; } $ob->run($file); } write_text_file($file, $lang, $new); log_it('NOTES', $file); attach_message(do_lang_tempcode('SUCCESS'), 'inform'); } $contents = read_text_file($file, $lang, true); $post_url = get_self_url(); $map_comcode = ''; foreach ($map as $key => $val) { $map_comcode .= ' ' . $key . '="' . addslashes($val) . '"'; } return do_template('BLOCK_MAIN_NOTES', array('_GUID' => 'f737053505de3bd8ccfe806ec014b8fb', 'TITLE' => $title, 'BLOCK_NAME' => 'main_notes', 'MAP' => $map_comcode, 'CONTENTS' => $contents, 'SCROLLS' => array_key_exists('scrolls', $map) && $map['scrolls'] == '1', 'URL' => $post_url)); }
/** * Standard modular run function. * * @return tempcode The result of execution. */ function run() { require_javascript('javascript_realtime_rain'); require_javascript('javascript_ajax'); require_javascript('javascript_more'); require_lang('realtime_rain'); require_css('realtime_rain'); $title = get_page_title('REALTIME_RAIN'); if (!has_js()) { // Send them to the page permissions screen $url = build_url(array('page' => 'admin_stats', 'type' => 'misc'), '_SELF'); require_code('site2'); assign_refresh($url, 5.0); return do_template('REDIRECT_SCREEN', array('URL' => $url, 'TITLE' => $title, 'TEXT' => do_lang_tempcode('NO_JS_REALTIME'))); } $GLOBALS['TEMPCODE_SETGET']['chrome_frame'] = make_string_tempcode('1'); if (browser_matches('ie6')) { attach_message(do_lang_tempcode('IE_OLD_PLEASE_UPGRADE'), 'warn'); } if (!has_js()) { // Send them to the stats screen $url = build_url(array('page' => 'admin_stats', 'type' => 'misc'), '_SELF'); require_code('site2'); assign_refresh($url, 5.0); return do_template('REDIRECT_SCREEN', array('URL' => $url, 'TITLE' => $title, 'TEXT' => do_lang_tempcode('NO_JS_ADVANCED_SCREEN_REALTIME_RAIN'))); } $min_time = $GLOBALS['SITE_DB']->query_value('stats', 'MIN(date_and_time)'); if (is_null($min_time)) { $min_time = time(); } return do_template('REALTIME_RAIN_OVERLAY', array('MIN_TIME' => strval($min_time))); }
/** * Get information about the specified member. * * @param mixed The member for whom we are getting the page * @param ?string The member's name (by reference) (NULL: unknown) * @param ?AUTO_LINK The member's ID (by reference) (NULL: unknown) * @param ?string The member's IP (by reference) (NULL: unknown) * @return array The member's stats rows */ function lookup_member_page($member, &$name, &$id, &$ip) { if (!addon_installed('stats')) { return array(); } if (is_numeric($member)) { // From member ID $name = $GLOBALS['FORUM_DRIVER']->get_username(intval($member)); if (is_null($name)) { return array(); } $id = intval($member); $ip = $GLOBALS['FORUM_DRIVER']->get_member_ip($id); if (is_null($ip)) { $ip = '127.0.0.1'; } } elseif (strpos($member, '.') !== false || strpos($member, ':') !== false) { // From IP $ids = wrap_probe_ip($member); $ip = $member; if (is_null($ip)) { $ip = '127.0.0.1'; } if (count($ids) == 0) { return array(); } else { $id = $ids[0]['id']; } if (count($ids) != 1) { $also = new ocp_tempcode(); foreach ($ids as $t => $_id) { if ($t != 0) { if (!$also->is_empty()) { $also->attach(do_lang('LIST_SEP')); } $also->attach($GLOBALS['FORUM_DRIVER']->member_profile_hyperlink($_id['id'])); } } attach_message(do_lang_tempcode('MEMBERS_ALSO_ON_IP', $also), 'inform'); } $name = $GLOBALS['FORUM_DRIVER']->get_username($id); if (is_null($name)) { $name = do_lang('UNKNOWN'); } } else { // From name $id = $GLOBALS['FORUM_DRIVER']->get_member_from_username($member); $name = $member; if (is_null($id)) { return array(); } $ip = $GLOBALS['FORUM_DRIVER']->get_member_ip($id); if (is_null($ip)) { $ip = '127.0.0.1'; } } return $GLOBALS['SITE_DB']->query('SELECT ip,MAX(date_and_time) AS date_and_time FROM ' . get_table_prefix() . 'stats WHERE the_user='******' GROUP BY ip ORDER BY date_and_time DESC'); }
/** * A template has not been structurally cached, so compile it and store in the cache. * * @param ID_TEXT The theme the template is in the context of * @param PATH The path to the template file * @param ID_TEXT The codename of the template (e.g. foo) * @param ID_TEXT The actual codename to use for the template (e.g. thin_foo) * @param LANGUAGE_NAME The language the template is in the context of * @param string File type suffix of template file * @param ?ID_TEXT The theme to cache in (NULL: main theme) * @return tempcode The compiled tempcode */ function _do_template($theme, $path, $codename, $_codename, $lang, $suffix, $theme_orig = NULL) { if (is_null($theme_orig)) { $theme_orig = $theme; } $base_dir = ($theme == 'default' && ($suffix != '.css' || strpos($path, '/css_custom') === false) ? get_file_base() : get_custom_file_base()) . '/themes/'; global $CACHE_TEMPLATES, $FILE_ARRAY, $TEMPLATE_PREVIEW_OP, $MEM_CACHE; if (isset($FILE_ARRAY)) { $html = unixify_line_format(file_array_get('themes/' . $theme . $path . $codename . $suffix)); } else { $html = unixify_line_format(file_get_contents($base_dir . filter_naughty($theme . $path . $codename) . $suffix, FILE_TEXT)); } if (strpos($html, '{$,Parser hint: pure}') !== false) { return make_string_tempcode(preg_replace('#\\{\\$,.*\\}#U', '/*no minify*/', $html)); } if ($GLOBALS['SEMI_DEBUG_MODE'] && strpos($html, '.innerHTML') !== false && strpos($html, 'Parser hint: .innerHTML okay') === false) { require_code('site'); attach_message('Do not use the .innerHTML property in your Javascript because it will not work in true XHTML (when the browsers real XML parser is in action). Use ocPortal\'s global setInnerHTML/getInnerHTML functions.', 'warn'); } // Strip off trailing final lines from single lines templates. Editors often put these in, and it causes annoying "visible space" issues if (substr($html, -1, 1) == chr(10) && substr_count($html, chr(10)) == 1) { $html = substr($html, 0, strlen($html) - 1); } if ($TEMPLATE_PREVIEW_OP) { $test = post_param($codename, NULL); if (!is_null($test)) { $html = post_param($test . '_new'); } } $result = template_to_tempcode($html, 0, false, $codename, $theme, $lang); if ($CACHE_TEMPLATES && ($suffix == '.tpl' || $codename == 'no_cache')) { if (!is_null($MEM_CACHE)) { persistant_cache_set(array('TEMPLATE', $theme, $lang, $_codename), $result->to_assembly(), strpos($path, 'default/templates/') !== false); } else { $path2 = get_custom_file_base() . '/themes/' . $theme_orig . '/templates_cached/' . filter_naughty($lang) . '/'; $myfile = @fopen($path2 . filter_naughty($_codename) . $suffix . '.tcd', 'wb'); if ($myfile === false) { if (@mkdir($path2, 0777)) { require_code('files'); fix_permissions($path2, 0777); } else { if (file_exists($path2 . filter_naughty($_codename) . $suffix . '.tcd')) { warn_exit(do_lang_tempcode('WRITE_ERROR', $path2 . filter_naughty($_codename) . $suffix . '.tcd')); } else { warn_exit(do_lang_tempcode('WRITE_ERROR_CREATE', $path2 . filter_naughty($_codename) . $suffix . '.tcd')); } } } else { fwrite($myfile, $result->to_assembly($lang)); fclose($myfile); fix_permissions($path2 . filter_naughty($_codename) . $suffix . '.tcd'); } } } return $result; }
/** * Get the tempcode for the form to add a banner, with the information passed along to it via the parameters already added in. * * @param boolean Whether to simplify the banner interface (for the point-store buy process) * @param ID_TEXT The name of the banner * @param URLPATH The URL to the banner image * @param URLPATH The URL to the site the banner leads to * @param SHORT_TEXT The caption of the banner * @param LONG_TEXT Any notes associated with the banner * @param integer The banners "importance modulus" * @range 1 max * @param ?integer The number of hits the banner may have (NULL: not applicable for this banner type) * @range 0 max * @param SHORT_INTEGER The type of banner (0=permanent, 1=campaign, 2=default) * @set 0 1 2 * @param ?TIME The banner expiry date (NULL: never expires) * @param ?ID_TEXT The username of the banners submitter (NULL: current member) * @param BINARY Whether the banner has been validated * @param ID_TEXT The banner type (can be anything, where blank means 'normal') * @param SHORT_TEXT The title text for the banner (only used for text banners, and functions as the 'trigger text' if the banner type is shown inline) * @return tempcode The input field tempcode */ function get_banner_form_fields($simplified = false, $name = '', $image_url = '', $site_url = '', $caption = '', $notes = '', $importancemodulus = 3, $campaignremaining = 50, $the_type = 1, $expiry_date = NULL, $submitter = NULL, $validated = 1, $b_type = '', $title_text = '') { require_code('images'); $fields = new ocp_tempcode(); require_code('form_templates'); $fields->attach(form_input_codename(do_lang_tempcode('CODENAME'), do_lang_tempcode('DESCRIPTION_BANNER_NAME'), 'name', $name, true)); $fields->attach(form_input_line(do_lang_tempcode('DESTINATION_URL'), do_lang_tempcode('DESCRIPTION_BANNER_URL'), 'site_url', $site_url, false)); // Blank implies iframe if (!$simplified) { $types = nice_get_banner_types($b_type); if ($types->is_empty()) { warn_exit(do_lang_tempcode('NO_CATEGORIES')); } $fields->attach(form_input_list(do_lang_tempcode('_BANNER_TYPE'), do_lang_tempcode('_DESCRIPTION_BANNER_TYPE'), 'b_type', $types, NULL, false, false)); } else { $fields->attach(form_input_hidden('b_type', $b_type)); } if (has_specific_permission(get_member(), 'full_banner_setup')) { $fields->attach(form_input_username(do_lang_tempcode('OWNER'), do_lang_tempcode('DESCRIPTION_SUBMITTER'), 'submitter', is_null($submitter) ? $GLOBALS['FORUM_DRIVER']->get_username(get_member()) : $submitter, false)); } if (get_value('disable_staff_notes') !== '1') { $fields->attach(form_input_text(do_lang_tempcode('NOTES'), do_lang_tempcode('DESCRIPTION_NOTES'), 'notes', $notes, false)); } if (has_specific_permission(get_member(), 'bypass_validation_midrange_content', 'cms_banners')) { if ($validated == 0) { $validated = get_param_integer('validated', 0); if ($validated == 1) { attach_message(do_lang_tempcode('WILL_BE_VALIDATED_WHEN_SAVING')); } } if (addon_installed('unvalidated')) { $fields->attach(form_input_tick(do_lang_tempcode('VALIDATED'), do_lang_tempcode('DESCRIPTION_VALIDATED'), 'validated', $validated == 1)); } } $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => do_lang_tempcode('SOURCE_MEDIA')))); $fields->attach(form_input_upload(do_lang_tempcode('UPLOAD'), do_lang_tempcode('DESCRIPTION_UPLOAD_BANNER'), 'file', false, NULL, NULL, true, str_replace(' ', '', get_option('valid_images') . ',swf'))); $fields->attach(form_input_line(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('IMAGE_URL')), do_lang_tempcode('DESCRIPTION_URL_BANNER'), 'image_url', $image_url, false)); $fields->attach(form_input_line_comcode(do_lang_tempcode('BANNER_TITLE_TEXT'), do_lang_tempcode('DESCRIPTION_BANNER_TITLE_TEXT'), 'title_text', $title_text, false)); $fields->attach(form_input_line_comcode(do_lang_tempcode('DESCRIPTION'), do_lang_tempcode('DESCRIPTION_BANNER_DESCRIPTION'), 'caption', $caption, false)); $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => do_lang_tempcode('DEPLOYMENT_DETERMINATION')))); if (has_specific_permission(get_member(), 'full_banner_setup')) { $radios = new ocp_tempcode(); $radios->attach(form_input_radio_entry('the_type', strval(BANNER_PERMANENT), $the_type == BANNER_PERMANENT, do_lang_tempcode('BANNER_PERMANENT'))); $radios->attach(form_input_radio_entry('the_type', strval(BANNER_CAMPAIGN), $the_type == BANNER_CAMPAIGN, do_lang_tempcode('BANNER_CAMPAIGN'))); $radios->attach(form_input_radio_entry('the_type', strval(BANNER_DEFAULT), $the_type == BANNER_DEFAULT, do_lang_tempcode('BANNER_DEFAULT'))); $fields->attach(form_input_radio(do_lang_tempcode('DEPLOYMENT_AGREEMENT'), do_lang_tempcode('DESCRIPTION_BANNER_TYPE'), 'the_type', $radios)); $fields->attach(form_input_integer(do_lang_tempcode('HITS_ALLOCATED'), do_lang_tempcode('DESCRIPTION_HITS_ALLOCATED'), 'campaignremaining', $campaignremaining, false)); $total_importance = $GLOBALS['SITE_DB']->query_value_null_ok_full('SELECT SUM(importance_modulus) FROM ' . get_table_prefix() . 'banners WHERE ' . db_string_not_equal_to('name', $name)); if (is_null($total_importance)) { $total_importance = 0; } $fields->attach(form_input_integer(do_lang_tempcode('IMPORTANCE_MODULUS'), do_lang_tempcode('DESCRIPTION_IMPORTANCE_MODULUS', strval($total_importance), strval($importancemodulus)), 'importancemodulus', $importancemodulus, true)); } $fields->attach(form_input_date(do_lang_tempcode('EXPIRY_DATE'), do_lang_tempcode('DESCRIPTION_EXPIRY_DATE'), 'expiry_date', true, is_null($expiry_date), true, $expiry_date, 2)); return $fields; }
/** * The do-next manager for before content management. * * @return tempcode The UI */ function misc() { require_lang('menus'); $also_url = build_url(array('page' => 'cms_chat'), get_module_zone('cms_chat')); attach_message(do_lang_tempcode('ALSO_SEE_CMS', escape_html($also_url->evaluate())), 'inform'); $this->add_one_label = do_lang_tempcode('ADD_CHATROOM'); $this->edit_this_label = do_lang_tempcode('EDIT_THIS_CHATROOM'); $this->edit_one_label = do_lang_tempcode('EDIT_CHATROOM'); require_code('templates_donext'); return do_next_manager(get_page_title('MANAGE_CHATROOMS'), comcode_lang_string('DOC_CHAT'), array(array('add_one', array('_SELF', array('type' => 'ad'), '_SELF'), do_lang('ADD_CHATROOM')), array('edit_one', array('_SELF', array('type' => 'ed'), '_SELF'), do_lang('EDIT_CHATROOM')), array('delete', array('_SELF', array('type' => 'delete_all'), '_SELF'), do_lang('DELETE_ALL_ROOMS'))), do_lang('MANAGE_CHATROOMS')); }
function auth_set($member_id, $oauth_url) { require_lang('facebook'); require_code('facebook_connect'); global $FACEBOOK_CONNECT; $code = get_param('code', '', true); if ($code == '') { $oauth_redir_url = $FACEBOOK_CONNECT->getLoginUrl(array('redirect_uri' => $oauth_url->evaluate(), 'scope' => array('publish_stream'))); header('Location: ' . $oauth_redir_url); exit; } if (!is_null(get_param('error_reason', NULL))) { attach_message(do_lang_tempcode('FACEBOOK_OAUTH_FAIL', escape_html(get_param('error_reason'))), 'warn'); return false; } // oauth apparently worked $access_token = $FACEBOOK_CONNECT->getAccessToken(); if (is_null($access_token)) { attach_message(do_lang_tempcode('FACEBOOK_OAUTH_FAIL', escape_html(do_lang('UNKNOWN'))), 'warn'); return false; } if (is_null($member_id)) { /*$FACEBOOK_CONNECT->setExtendedAccessToken(); Facebook API no longer has this $FACEBOOK_CONNECT->api('/oauth/access_token', 'POST', array( 'grant_type'=>'fb_exchange_token', 'client_id'=>get_option('facebook_appid'), 'client_secret'=>get_option('facebook_secret_code'), 'fb_exchange_token'=>$access_token ) );*/ if (get_option('facebook_uid') == '') { require_code('config2'); $facebook_uid = $FACEBOOK_CONNECT->getUser(); set_option('facebook_uid', strval($facebook_uid)); } } if (strpos($access_token, '|') === false || is_null($member_id)) { $save_to = 'facebook_oauth_token'; if (!is_null($member_id)) { $save_to .= '__' . strval($member_id); } set_long_value($save_to, $access_token); } if (get_page_name() != 'facebook_oauth') { header('Location: ' . str_replace('&syndicate_start__facebook=1', '', str_replace('oauth_in_progress=1&', 'oauth_in_progress=0&', $oauth_url->evaluate()))); exit; } return true; }
/** * Open a zip file for reading. * * @param PATH The zip file path * @return mixed The zip file resource (number if error) */ function zip_open($zip_file) { global $M_ZIP_DIR_HANDLES, $M_ZIP_DIR_OPEN_PATHS; if (function_exists('set_time_limit')) { @set_time_limit(200); } list($usec, $sec) = explode(' ', microtime(false)); $id = strval(intval($sec) - 1007700000) . str_pad(strval(intval($usec) * 1000000), 6, '0', STR_PAD_LEFT) . str_pad(strval(mt_rand(0, 999)), 3, '0', STR_PAD_LEFT); $_m_zip_open_file = explode('/', str_replace("\\", '/', $zip_file)); $m_zip_open_file = 'Z' . $id . $_m_zip_open_file[count($_m_zip_open_file) - 1]; $zip_dir = UNZIP_DIR . '/' . $m_zip_open_file . '/'; mkdir($zip_dir, 0777); $unzip_cmd = UNZIP_CMD; $unzip_cmd = str_replace('@_SRC_@', '"' . $zip_file . '"', $unzip_cmd); $unzip_cmd = str_replace('@_DST_@', '"' . $zip_dir . '"', $unzip_cmd); $bits = explode(' ', UNZIP_CMD); if (!@file_exists(array_shift($bits))) { $_config_url = build_url(array('page' => 'admin_config', 'type' => 'category', 'id' => 'SITE'), get_module_zone('admin_config')); $config_url = $_config_url->evaluate(); $config_url .= '#group_ARCHIVES'; attach_message(do_lang_tempcode('NO_SHELL_ZIP_POSSIBLE2', escape_html($config_url)), 'warn'); return substr(phpversion(), 0, 2) == '4.' ? 20 : constant('ZIPARCHIVE::ER_INTERNAL'); } $res = -1; // any nonzero value $unused_array_result = array(); if (strpos(@ini_get('disable_functions'), 'shell_exec') !== false) { attach_message(do_lang_tempcode('NO_SHELL_ZIP_POSSIBLE'), 'warn'); return substr(phpversion(), 0, 2) == '4.' ? 20 : constant('ZIPARCHIVE::ER_INTERNAL'); } $res = shell_exec($unzip_cmd); // IT IS IMPORTANT THAT YOUR COMMANDLINE ZUNZIP TOOL CORRECTLY SETS RESULT CODE // result code 0 == NO ERROR as in: if (is_null($res)) { m_deldir($zip_dir); return substr(phpversion(), 0, 2) == '4.' ? 20 : constant('ZIPARCHIVE::ER_INTERNAL'); } // OTHERWISE, you still have the option of parsing $unused_array_result to find clues of errors // (lines starting with or "inflating" mean no error) $m_zip_open_dirs = array(opendir($zip_dir)); $m_zip_dir_paths = array($zip_dir); $M_ZIP_DIR_HANDLES[$zip_file] = false; unset($M_ZIP_DIR_HANDLES[$zip_file]); $M_ZIP_DIR_OPEN_PATHS[$zip_file] = false; unset($M_ZIP_DIR_OPEN_PATHS[$zip_file]); return array($zip_file, $m_zip_open_file, $m_zip_open_dirs, $m_zip_dir_paths); }
/** * Standard modular run function. * * @param array A map of parameters. * @return tempcode The result of execution. */ function run($map) { require_lang('messaging'); require_code('feedback'); $to = array_key_exists('param', $map) ? $map['param'] : get_option('staff_address'); $post = post_param('post', ''); if (post_param_integer('_comment_form_post', 0) == 1 && $post != '') { if (addon_installed('captcha')) { if (get_option('captcha_on_feedback') == '1') { require_code('captcha'); enforce_captcha(); } } $message = new ocp_tempcode(); /*Used to be written out here*/ attach_message(do_lang_tempcode('MESSAGE_SENT'), 'inform'); require_code('mail'); $email_from = trim(post_param('email', $GLOBALS['FORUM_DRIVER']->get_member_email_address(get_member()))); mail_wrap(post_param('title'), $post, array($to), NULL, $email_from, $GLOBALS['FORUM_DRIVER']->get_username(get_member()), 3, NULL, false, get_member()); if ($email_from != '') { mail_wrap(do_lang('YOUR_MESSAGE_WAS_SENT_SUBJECT', post_param('title')), do_lang('YOUR_MESSAGE_WAS_SENT_BODY', $post), array($email_from), NULL, '', '', 3, NULL, false, get_member()); } } else { $message = new ocp_tempcode(); } $box_title = array_key_exists('title', $map) ? $map['title'] : do_lang('CONTACT_US'); $private = array_key_exists('private', $map) && $map['private'] == '1'; $em = $GLOBALS['FORUM_DRIVER']->get_emoticon_chooser(); require_javascript('javascript_editing'); $comcode_help = build_url(array('page' => 'userguide_comcode'), get_comcode_zone('userguide_comcode', false)); require_javascript('javascript_validation'); $comment_url = get_self_url(); $email_optional = array_key_exists('email_optional', $map) ? intval($map['email_optional']) == 1 : true; if (addon_installed('captcha')) { require_code('captcha'); $use_captcha = get_option('captcha_on_feedback') == '1' && use_captcha(); if ($use_captcha) { generate_captcha(); } } else { $use_captcha = false; } $comment_details = do_template('COMMENTS_POSTING_FORM', array('JOIN_BITS' => '', 'FIRST_POST_URL' => '', 'FIRST_POST' => '', 'USE_CAPTCHA' => $use_captcha, 'EMAIL_OPTIONAL' => $email_optional, 'POST_WARNING' => '', 'COMMENT_TEXT' => '', 'GET_EMAIL' => !$private, 'GET_TITLE' => !$private, 'EM' => $em, 'DISPLAY' => 'block', 'TITLE' => $box_title, 'COMMENT_URL' => $comment_url)); $out = do_template('BLOCK_MAIN_CONTACT_SIMPLE', array('_GUID' => '298a357f442f440c6b42e58d6717e57c', 'EMAIL_OPTIONAL' => true, 'COMMENT_DETAILS' => $comment_details, 'MESSAGE' => $message)); return $out; }
/** * Standard modular run function. * * @return tempcode The result of execution. */ function run() { require_code('templates_donext'); require_code('menus'); require_all_lang(); $type = get_param('type', 'misc'); if ((!has_specific_permission(get_member(), 'avoid_simplified_adminzone_look') || $GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) && num_staff_icons() < MIN_STAFF_ICONS_BEFORE_COLLAPSE) { if ($type == 'misc') { return do_next_manager_admin_simplified(); } } // Warning about whether the Setup Wizard still needs running if (get_param_integer('cancel_sw_warn', 0) == 1 || !addon_installed('setupwizard')) { set_value('setup_wizard_completed', '1'); } else { $_done_sw_once = get_value('setup_wizard_completed'); $done_sw_once = !is_null($_done_sw_once); if (!$done_sw_once && get_param('page', '') != 'admin_setupwizard' && has_actual_page_access(get_member(), 'admin_setupwizard')) { $setup_wizard_url = build_url(array('page' => 'admin_setupwizard'), get_module_zone('admin_setupwizard')); $cancel_sw_url = get_self_url(false, false, array('cancel_sw_warn' => 1)); attach_message(do_lang_tempcode('SETUP_WIZARD_NOT_RUN', escape_html($setup_wizard_url->evaluate()), escape_html($cancel_sw_url->evaluate())), 'notice'); } } switch ($type) { case 'misc': return do_next_manager_hooked('ADMIN_ZONE', 'DOC_ADMIN_ZONE', ''); case 'structure': return do_next_manager_hooked('STRUCTURE', 'DOC_STRUCTURE', 'structure'); case 'usage': return do_next_manager_hooked('USAGE', 'DOC_USAGE', 'usage'); case 'style': return do_next_manager_hooked('STYLE', 'DOC_STYLE', 'style'); case 'setup': return do_next_manager_hooked('SETUP', 'DOC_SETUP', 'setup'); case 'tools': return do_next_manager_hooked('TOOLS', 'DOC_TOOLS', 'tools'); case 'security': return do_next_manager_hooked('SECURITY', 'DOC_SECURITY', 'security'); case 'search': return $this->search(); } return new ocp_tempcode(); }
/** * Standard modular render function for profile tabs edit hooks. * * @param MEMBER The ID of the member who is being viewed * @param MEMBER The ID of the member who is doing the viewing * @param boolean Whether to leave the tab contents NULL, if tis hook supports it, so that AJAX can load it later * @return ?array A tuple: The tab title, the tab body text (may be blank), the tab fields, extra Javascript (may be blank) the suggested tab order, hidden fields (optional) (NULL: if $leave_to_ajax_if_possible was set) */ function render_tab($member_id_of, $member_id_viewing, $leave_to_ajax_if_possible = false) { $title = do_lang_tempcode('PHOTO'); $order = 30; // Actualiser if (post_param_integer('submitting_photo_tab', 0) == 1) { require_code('ocf_members_action'); require_code('ocf_members_action2'); ocf_member_choose_photo('photo_url', 'photo_file', $member_id_of); attach_message(do_lang_tempcode('SUCCESS_SAVE'), 'inform'); } if ($leave_to_ajax_if_possible) { return NULL; } $photo_url = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_photo_url'); $thumb_url = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_photo_thumb_url'); // UI fields $fields = new ocp_tempcode(); require_code('form_templates'); $fields->attach(form_input_upload(do_lang_tempcode('UPLOAD'), do_lang_tempcode('DESCRIPTION_UPLOAD'), 'photo_file', false, NULL, NULL, true, str_replace(' ', '', get_option('valid_images')))); $fields->attach(form_input_line(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('URL')), do_lang_tempcode('DESCRIPTION_ALTERNATE_URL'), 'photo_url', $photo_url, false)); if (get_option('is_on_gd') == '0' || !function_exists('imagetypes')) { $thumb_width = get_option('thumb_width'); $fields->attach(form_input_upload(do_lang_tempcode('THUMBNAIL'), do_lang_tempcode('DESCRIPTION_THUMBNAIL', escape_html($thumb_width)), 'photo_file2', false, NULL, NULL, true, str_replace(' ', '', get_option('valid_images')))); $fields->attach(form_input_line(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('URL')), do_lang_tempcode('DESCRIPTION_ALTERNATE_URL'), 'photo_thumb_url', $thumb_url, false)); } $hidden = new ocp_tempcode(); handle_max_file_size($hidden, 'image'); $hidden->attach(form_input_hidden('submitting_photo_tab', '1')); $text = new ocp_tempcode(); require_code('images'); $max = floatval(get_max_image_size()) / floatval(1024 * 1024); if ($max < 3.0) { require_code('files2'); $config_url = get_upload_limit_config_url(); $text->attach(paragraph(do_lang_tempcode(is_null($config_url) ? 'MAXIMUM_UPLOAD' : 'MAXIMUM_UPLOAD_STAFF', escape_html($max > 10.0 ? integer_format(intval($max)) : float_format($max)), is_null($config_url) ? '' : escape_html($config_url)))); } $text = do_template('OCF_EDIT_PHOTO_TAB', array('TEXT' => $text, 'MEMBER_ID' => strval($member_id_of), 'USERNAME' => $GLOBALS['FORUM_DRIVER']->get_username($member_id_of), 'PHOTO' => $GLOBALS['FORUM_DRIVER']->get_member_photo_url($member_id_of))); $javascript = ''; return array($title, $fields, $text, $javascript, $order, $hidden); }
/** * Standard modular run function. * * @param array A map of parameters. * @return tempcode The result of execution. */ function run($map) { $file = array_key_exists('param', $map) ? $map['param'] : 'admin_notes'; $title = array_key_exists('title', $map) ? $map['title'] : do_lang('NOTES'); $scrolls = array_key_exists('scrolls', $map) ? $map['scrolls'] : '0'; $new = post_param('new', NULL); if (!is_null($new)) { set_long_value('note_text_' . $file, $new); log_it('NOTES', $file); attach_message(do_lang_tempcode('SUCCESS'), 'inform'); } $contents = get_long_value('note_text_' . $file); if (is_null($contents)) { $contents = ''; } $post_url = get_self_url(); $map_comcode = ''; foreach ($map as $key => $val) { $map_comcode .= ' ' . $key . '="' . addslashes($val) . '"'; } return do_template('BLOCK_MAIN_NOTES', array('_GUID' => '2a9e1c512b66600583735552b56e0911', 'TITLE' => $title, 'BLOCK_NAME' => 'main_db_notes', 'MAP' => $map_comcode, 'SCROLLS' => array_key_exists('scrolls', $map) && $map['scrolls'] == '1', 'CONTENTS' => $contents, 'URL' => $post_url)); }
/** * Standard modular render function for profile tabs edit hooks. * * @param MEMBER The ID of the member who is being viewed * @param MEMBER The ID of the member who is doing the viewing * @param boolean Whether to leave the tab contents NULL, if tis hook supports it, so that AJAX can load it later * @return ?array A tuple: The tab title, the tab body text (may be blank), the tab fields, extra Javascript (may be blank) the suggested tab order, hidden fields (optional) (NULL: if $leave_to_ajax_if_possible was set) */ function render_tab($member_id_of, $member_id_viewing, $leave_to_ajax_if_possible = false) { $title = do_lang_tempcode('MEMBER_TITLE'); $order = 50; // Actualiser $_title = post_param('member_title', NULL); if ($_title !== NULL) { require_code('ocf_members_action'); require_code('ocf_members_action2'); ocf_member_choose_title($_title, $member_id_of); attach_message(do_lang_tempcode('SUCCESS_SAVE'), 'inform'); } if ($leave_to_ajax_if_possible) { return NULL; } // UI fields $fields = new ocp_tempcode(); $_title = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_title'); require_code('form_templates'); $fields->attach(form_input_line(do_lang_tempcode('MEMBER_TITLE'), '', 'member_title', $_title, false, NULL, intval(get_option('max_member_title_length')))); $text = do_lang_tempcode('DESCRIPTION_MEMBER_TITLE', escape_html($GLOBALS['FORUM_DRIVER']->get_username($member_id_of))); $javascript = ''; return array($title, $fields, $text, $javascript, $order); }
/** * The UI for a "flow mode" gallery. * * @param tempcode Rating area * @param tempcode Commenting area * @param ID_TEXT Our gallery ID * @param ID_TEXT Virtual root gallery * @param tempcode The description of the gallery * @param tempcode The tempcode for our visible child galleries * @param boolean Whether may "download this gallery" * @param tempcode The URL to "edit this gallery" * @param tempcode The URL to "add a gallery" * @param tempcode The URL to "submit an image to this gallery" * @param tempcode The URL to "submit a video to this gallery" * @param tempcode The title of the page (our of get_page_title) * @param URLPATH The representative image for the gallery * @param integer The start position we are in browsing through child galleries * @param integer The maximum number of child galleries we can display per page * @param integer The number of child galleries we have * @param string The gallery title * @param tempcode Sorting UI * @return tempcode The UI */ function do_gallery_flow_mode($rating_details, $comment_details, $cat, $root, $description, $children, $may_download, $edit_url, $add_gallery_url, $submit_image_url, $submit_video_url, $title, $rep_image, $start, $max, $num_galleries, $fullname, $sorting) { list($sort, $sort_backwards, $sql_suffix_images, $sql_suffix_videos) = $this->get_sort_order(); $page_num = intval(floor(floatval($start) / floatval($max))) + 1; $num_pages = intval(ceil(floatval($num_galleries) / floatval($max))); $image_select = get_param('select', '*'); $video_select = get_param('video_select', '*'); $previous = $page_num == 1 ? new ocp_tempcode() : build_url(array('page' => '_SELF', 'start' => max($start - $max, 0) == 0 ? NULL : max($start - $max, 0), 'days' => get_param('days', '') == '' ? NULL : get_param('days'), 'sort' => $sort == 'add_date DESC' ? NULL : $sort, 'select' => $image_select == '*' ? NULL : $image_select, 'video_select' => $video_select == '*' ? NULL : $video_select), '_SELF', NULL, true); $next = $page_num == $num_pages ? new ocp_tempcode() : build_url(array('page' => '_SELF', 'start' => $start + $max, 'days' => get_param('days', '') == '' ? NULL : get_param('days'), 'sort' => $sort == 'add_date DESC' ? NULL : $sort, 'select' => $image_select == '*' ? NULL : $image_select, 'video_select' => $video_select == '*' ? NULL : $video_select), '_SELF', NULL, true); if ($num_pages < 2) { $browse = new ocp_tempcode(); } else { $browse = do_template('NEXT_BROWSER_BROWSE_NEXT', array('_GUID' => '5a01713ab670f1eb1dd17bde663e6e9f', 'PREVIOUS_LINK' => $previous, 'NEXT_LINK' => $next, 'PAGE_NUM' => integer_format($page_num), 'NUM_PAGES' => integer_format($num_pages))); } // View current entry $row = NULL; $current_entry = new ocp_tempcode(); $view_url = new ocp_tempcode(); $full_url = ''; $entry_edit_url = new ocp_tempcode(); $entry_rating_details = new ocp_tempcode(); $entry_comment_details = new ocp_tempcode(); $entry_trackback_details = new ocp_tempcode(); $entry_add_date_raw = ''; $entry_edit_date_raw = ''; $entry_views = ''; $entry_title = ''; $entry_submitter = NULL; $entry_description = new ocp_tempcode(); $probe_type = get_param('probe_type', 'first'); $probe_id = get_param_integer('probe_id', 0); if ($probe_type == 'first') { $where = db_string_equal_to('cat', $cat); if (!has_specific_permission(get_member(), 'see_unvalidated')) { $where .= ' AND validated=1'; } if (get_param('days', '') != '') { $where .= ' AND add_date>' . strval(time() - get_param_integer('days') * 60 * 60 * 24); } $first_video = $GLOBALS['SITE_DB']->query('SELECT *' . $sql_suffix_videos . ' FROM ' . get_table_prefix() . 'videos r WHERE ' . $where . ' ORDER BY ' . $sort, 1); if (array_key_exists(0, $first_video)) { $row = $first_video[0]; $probe_type = 'video'; $probe_id = $row['id']; } else { $where = db_string_equal_to('cat', $cat); if (!has_specific_permission(get_member(), 'see_unvalidated')) { $where .= ' AND validated=1'; } if (get_param('days', '') != '') { $where .= ' AND add_date>' . strval(time() - get_param_integer('days') * 60 * 60 * 24); } $first_image = $GLOBALS['SITE_DB']->query('SELECT *' . $sql_suffix_images . ' FROM ' . get_table_prefix() . 'images r WHERE ' . $where . ' ORDER BY ' . $sort, 1); if (array_key_exists(0, $first_image)) { $row = $first_image[0]; $probe_type = 'image'; $probe_id = $row['id']; } // If else, then we have no probe_type, and thus won't be able to show anything } } if (!is_null($row) && $row['validated'] == 0) { if (!has_specific_permission(get_member(), 'jump_to_unvalidated')) { access_denied('SPECIFIC_PERMISSION', 'jump_to_unvalidated'); } $warning_details = do_template('WARNING_TABLE', array('WARNING' => do_lang_tempcode(get_param_integer('redirected', 0) == 1 ? 'UNVALIDATED_TEXT_NON_DIRECT' : 'UNVALIDATED_TEXT'))); } else { $warning_details = new ocp_tempcode(); } switch ($probe_type) { case 'video': if (is_null($row)) { $map = array('cat' => $cat, 'id' => $probe_id); if (!has_specific_permission(get_member(), 'see_unvalidated')) { $map['validated'] = 1; } $rows = $GLOBALS['SITE_DB']->query_select('videos', array('*'), $map, '', 1); if (!array_key_exists(0, $rows)) { attach_message(do_lang_tempcode('MISSING_RESOURCE'), 'warn'); break; } $row = $rows[0]; } if (has_actual_page_access(NULL, 'cms_galleries', NULL, NULL) && has_edit_permission('mid', get_member(), $row['submitter'], 'cms_galleries', array('galleries', $cat))) { $entry_edit_url = build_url(array('page' => 'cms_galleries', 'type' => '_ev', 'id' => $row['id']), get_module_zone('cms_galleries')); } /*$view_url=build_url(array('page'=>'_SELF','type'=>'video','root'=>($root=='root')?NULL:$root,'wide'=>1,'id'=>$row['id']),'_SELF'); $thumb_url=$row['thumb_url']; if (($thumb_url!='') && (url_is_local($thumb_url))) $thumb_url=get_custom_base_url().'/'.$thumb_url; if ($thumb_url=='') $thumb_url=find_theme_image('na'); $thumb=do_image_thumb($thumb_url,'');*/ // Video HTML $thumb_url = $row['thumb_url']; $url = $row['url']; $video_player = show_gallery_media($url, $thumb_url, $row['video_width'], $row['video_height'], $row['video_length']); $view_url = build_url(array('page' => '_SELF', 'type' => 'video', 'id' => $row['id'], 'wide' => 1, 'days' => get_param('days', '') == '' ? NULL : get_param('days'), 'sort' => $sort == 'add_date DESC' ? NULL : $sort, 'select' => $image_select == '*' ? NULL : $image_select, 'video_select' => $video_select == '*' ? NULL : $video_select), '_SELF'); // Some extra variables relating to the currently selected entry $entry_title = get_translated_text($row['title']); $entry_rating_details = get_rating_box(get_self_url(true), $entry_title, 'videos', strval($row['id']), $row['allow_rating'] == 1, $row['submitter']); $entry_comment_details = get_comments('videos', $row['allow_comments'] == 1, strval($row['id']), false, get_value('comment_forum__videos'), NULL, NULL, false, false, $row['submitter'], $row['allow_comments'] == 2); $entry_trackback_details = get_trackbacks('videos', strval($row['id']), $row['allow_trackbacks'] == 1); $entry_add_date_raw = is_null($row['add_date']) ? '' : strval($row['add_date']); $entry_edit_date_raw = is_null($row['edit_date']) ? '' : strval($row['edit_date']); $entry_views = integer_format($row['video_views']); $current_entry = do_template('GALLERY_FLOWMODE_VIDEO', array('_GUID' => 'b6a795dc3853789df2a2951293d0fb26', '_TITLE' => get_translated_text($row['title']), 'EDIT_URL' => $entry_edit_url, 'MAIN' => true, 'RATING_DETAILS' => $entry_rating_details, 'DESCRIPTION' => get_translated_tempcode($row['comments']), 'CAT' => $cat, 'THUMB_URL' => $url, 'FULL_URL' => $full_url, 'ID' => strval($row['id']), 'VIEWS' => strval($row['video_views']), 'ADD_DATE_RAW' => strval($row['add_date']), 'EDIT_DATE_RAW' => is_null($row['edit_date']) ? '' : strval($row['edit_date']), 'SUBMITTER' => strval($row['submitter']), 'VIDEO_PLAYER' => $video_player, 'VIEW_URL' => $view_url, 'VIDEO_DETAILS' => show_video_details($row))); $GLOBALS['SITE_DB']->query_update('videos', array('video_views' => $row['video_views'] + 1), array('id' => $row['id']), '', 1, NULL, false, true); break; case 'image': if (is_null($row)) { $map = array('cat' => $cat, 'id' => $probe_id); if (!has_specific_permission(get_member(), 'see_unvalidated')) { $map['validated'] = 1; } $rows = $GLOBALS['SITE_DB']->query_select('images', array('*'), $map, '', 1); if (!array_key_exists(0, $rows)) { attach_message(do_lang_tempcode('MISSING_RESOURCE'), 'warn'); break; } $row = $rows[0]; } if (has_actual_page_access(NULL, 'cms_galleries', NULL, NULL) && has_edit_permission('mid', get_member(), $row['submitter'], 'cms_galleries', array('galleries', $cat))) { $entry_edit_url = build_url(array('page' => 'cms_galleries', 'type' => '_ed', 'id' => $row['id']), get_module_zone('cms_galleries')); } /*$view_url=build_url(array('page'=>'_SELF','type'=>'image','root'=>($root=='root')?NULL:$root,'wide'=>1,'id'=>$row['id']),'_SELF'); $thumb_url=ensure_thumbnail($row['url'],$row['thumb_url'],'galleries','images',$row['id']); $thumb=do_image_thumb($thumb_url,'');*/ $thumb_url = $row['url']; //do_image_thumb($row['url'],''); if (url_is_local($thumb_url)) { $file_size = file_exists(get_custom_file_base() . '/' . rawurldecode($thumb_url)) ? strval(filesize(get_custom_file_base() . '/' . rawurldecode($thumb_url))) : ''; $thumb_url = get_custom_base_url() . '/' . $thumb_url; } else { $file_size = ''; } $full_url = $thumb_url; $view_url = build_url(array('page' => '_SELF', 'type' => 'image', 'id' => $row['id'], 'wide' => 1, 'days' => get_param('days', '') == '' ? NULL : get_param('days'), 'sort' => $sort == 'add_date DESC' ? NULL : $sort, 'select' => $image_select == '*' ? NULL : $image_select, 'video_select' => $video_select == '*' ? NULL : $video_select), '_SELF'); // Some extra variables relatin to the currently selected entry $entry_title = get_translated_text($row['title']); $entry_rating_details = get_rating_box(get_self_url(true), $entry_title, 'images', strval($row['id']), $row['allow_rating'] == 1, $row['submitter']); $entry_comment_details = get_comments('images', $row['allow_comments'] == 1, strval($row['id']), false, get_value('comment_forum__images'), NULL, NULL, false, false, $row['submitter'], $row['allow_comments'] == 2); $entry_trackback_details = get_trackbacks('images', strval($row['id']), $row['allow_trackbacks'] == 1); $entry_add_date_raw = is_null($row['add_date']) ? '' : strval($row['add_date']); $entry_edit_date_raw = is_null($row['edit_date']) ? '' : strval($row['edit_date']); $entry_views = integer_format($row['image_views']); $current_entry = do_template('GALLERY_FLOWMODE_IMAGE', array('_GUID' => 'fd486cf9a3338bc277a7170a1961089b', '_TITLE' => get_translated_text($row['title']), 'EDIT_URL' => $entry_edit_url, 'MAIN' => true, 'RATING_DETAILS' => $entry_rating_details, 'DESCRIPTION' => get_translated_tempcode($row['comments']), 'FILE_SIZE' => $file_size, 'CAT' => $cat, 'THUMB_URL' => $thumb_url, 'FULL_URL' => $full_url, 'ID' => strval($row['id']), 'VIEWS' => strval($row['image_views']), 'ADD_DATE_RAW' => strval($row['add_date']), 'EDIT_DATE_RAW' => is_null($row['edit_date']) ? '' : strval($row['edit_date']), 'SUBMITTER' => strval($row['submitter']), 'THUMB' => $thumb_url, 'VIEW_URL' => $view_url)); $GLOBALS['SITE_DB']->query_update('images', array('image_views' => $row['image_views'] + 1), array('id' => $row['id']), '', 1, NULL, false, true); break; } $entries = new ocp_tempcode(); // Display entries $where = db_string_equal_to('cat', $cat); if (!has_specific_permission(get_member(), 'see_unvalidated')) { $where .= ' AND validated=1'; } if (get_param('days', '') != '') { $where .= ' AND add_date>' . strval(time() - get_param_integer('days') * 60 * 60 * 24); } $_max_entries = get_value('flow_mode_max'); if (is_null($_max_entries)) { $max_entries = 50; } else { $max_entries = intval($_max_entries); } $query_rows_videos = $GLOBALS['SITE_DB']->query('SELECT *' . $sql_suffix_videos . ' FROM ' . get_table_prefix() . 'videos r WHERE ' . $where . ' ORDER BY ' . $sort, $max_entries); $query_rows_images = $GLOBALS['SITE_DB']->query('SELECT *' . $sql_suffix_images . ' FROM ' . get_table_prefix() . 'images r WHERE ' . $where . ' ORDER BY ' . $sort, $max_entries); // See if there is a numbering system to sort by $all_are = NULL; foreach ($query_rows_images as $q) { $this_are = strtolower(preg_replace('#\\d#', '', $q['url'])); if (is_null($all_are)) { $all_are = $this_are; } if ($all_are != $this_are) { $all_are = NULL; break; } } if (!is_null($all_are)) { global $M_SORT_KEY; $M_SORT_KEY = mixed(); $M_SORT_KEY = 'url'; usort($query_rows_images, 'multi_sort'); } $query_rows = array_merge($query_rows_images, $query_rows_videos); foreach ($query_rows as $row) { $type = array_key_exists('video_length', $row) ? 'video' : 'image'; if ($type == $probe_type && $row['id'] == $probe_id) { continue; } $caption = get_translated_tempcode($row['comments']); $probe_url = build_url(array('page' => '_SELF', 'type' => 'misc', 'root' => $root == 'root' ? NULL : $root, 'id' => $cat, 'flow_mode_interface' => get_param_integer('flow_mode_interface', NULL), 'probe_type' => $type, 'probe_id' => $row['id'], 'days' => get_param('days', '') == '' ? NULL : get_param('days'), 'sort' => $sort == 'add_date DESC' ? NULL : $sort, 'select' => $image_select == '*' ? NULL : $image_select, 'video_select' => $video_select == '*' ? NULL : $video_select), '_SELF'); $view_url_2 = build_url(array('page' => '_SELF', 'wide' => 1, 'type' => $type, 'root' => $root == 'root' ? NULL : $root, 'id' => $row['id'], 'days' => get_param('days', '') == '' ? NULL : get_param('days'), 'sort' => $sort == 'add_date DESC' ? NULL : $sort, 'select' => $image_select == '*' ? NULL : $image_select, 'video_select' => $video_select == '*' ? NULL : $video_select), '_SELF'); if (array_key_exists('url', $row)) { $thumb_url = ensure_thumbnail($row['url'], $row['thumb_url'], 'galleries', 'images', $row['id']); } else { $thumb_url = $row['thumb_url']; if ($thumb_url == '') { $thumb_url = find_theme_image('na'); } if (url_is_local($thumb_url)) { $thumb_url = get_custom_base_url() . '/' . $thumb_url; } } $class = $type == $probe_type && $row['id'] == $probe_id ? 'currentimage' : ''; $thumb = do_image_thumb($thumb_url, $caption); $entries->attach(do_template('GALLERY_FLOW_ENTRY', array('_GUID' => 'ff75c904ba7fe857484874483ed65f5a', 'DESCRIPTION' => get_translated_tempcode($row['comments']), '_TITLE' => get_translated_text($row['title']), 'TYPE' => $type, 'ID' => strval($row['id']), 'VIEWS' => strval($row[$type . '_views']), 'ADD_DATE_RAW' => strval($row['add_date']), 'EDIT_DATE_RAW' => is_null($row['edit_date']) ? '' : strval($row['edit_date']), 'SUBMITTER' => strval($row['submitter']), 'CLASS' => $class, 'THUMB' => $thumb, 'VIEW_URL' => $probe_url, 'VIEW_URL_2' => $view_url_2))); } $member_id = get_member_id_from_gallery_name($cat, NULL, true); if (get_forum_type() == 'ocf') { require_code('ocf_members'); require_code('ocf_members2'); } $member_details = is_null($member_id) || get_forum_type() != 'ocf' ? new ocp_tempcode() : ocf_show_member_box($member_id); $rep_image_url = ''; if ($rep_image != '' && url_is_local($rep_image)) { $rep_image_url = get_custom_base_url() . '/' . $rep_image; } elseif ($rep_image != '') { $rep_image_url = $rep_image; } list(, , , $first_entry_id, , , $first_type) = $this->build_set_navigation(db_string_equal_to('cat', $cat), '', '', $probe_id, $root, $probe_type, get_param_integer('slideshow', 0), get_param_integer('wide_high', 0), $start, $max, $cat, $sort, $sort_backwards, $sql_suffix_images, $sql_suffix_videos, get_param('select', '*'), get_param('video_select', '*')); return do_template('GALLERY_FLOW_MODE_SCREEN', array('_GUID' => '73728cb94579f06ab487627101011d43', 'FIRST_ENTRY_ID' => is_null($first_entry_id) ? '' : $first_type . ':' . strval($first_entry_id), 'SORTING' => $sorting, '_TITLE' => $fullname, 'MEMBER_ID' => is_null($member_id) ? '' : strval($member_id), 'VIEW_URL' => $view_url, 'FULL_URL' => $full_url, 'PROBE_TYPE' => $probe_type, 'PROBE_ID' => is_null($probe_id) ? '' : strval($probe_id), 'ENTRY_TITLE' => $entry_title, 'ENTRY_DESCRIPTION' => $entry_description, 'ENTRY_SUBMITTER' => is_null($entry_submitter) ? '' : strval($entry_submitter), 'ENTRY_VIEWS' => $entry_views, 'ENTRY_ADD_DATE_RAW' => $entry_add_date_raw, 'ENTRY_EDIT_DATE_RAW' => $entry_edit_date_raw, 'ENTRY_TRACKBACK_DETAILS' => $entry_trackback_details, 'ENTRY_RATING_DETAILS' => $entry_rating_details, 'ENTRY_COMMENT_DETAILS' => $entry_comment_details, 'ENTRY_EDIT_URL' => $entry_edit_url, 'WARNING_DETAILS' => $warning_details, 'TAGS' => get_loaded_tags('galleries'), 'RATING_DETAILS' => $rating_details, 'COMMENT_DETAILS' => $comment_details, 'BROWSE' => $browse, 'REP_IMAGE_URL' => $rep_image_url, 'TITLE' => $title, 'MEMBER_DETAILS' => $member_details, 'DESCRIPTION' => $description, 'CHILDREN' => $children, 'CURRENT_ENTRY' => $current_entry, 'ENTRIES' => $entries, 'ADD_GALLERY_URL' => $add_gallery_url, 'EDIT_URL' => $edit_url, 'IMAGE_URL' => $submit_image_url, 'VIDEO_URL' => $submit_video_url, 'MAY_DOWNLOAD' => $may_download, 'CAT' => $cat)); }
/** * Standard aed_module edit actualiser. * * @param ID_TEXT The entry being edited * @return ?tempcode Confirm message (NULL: continue) */ function edit_actualisation($id) { $id = intval($id); $name = post_param('name', ''); $cure = post_param('cure', ''); $cure_price = post_param_integer('cure_price', 0); $immunization = post_param('immunization', ''); $immunization_price = post_param_integer('immunization_price', 0); $spread_rate = post_param_integer('spread_rate', 12); $points_per_spread = post_param_integer('points_per_spread', 10); $enabled = post_param_integer('enabled', 0); require_code('uploads'); $urls = get_url('url', 'image', 'uploads/diseases_addon', 0, OCP_UPLOAD_IMAGE, false, '', ''); if ($urls[0] == '') { warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN_UPLOAD')); } if (substr($urls[0], 0, 8) != 'uploads/' && is_null(http_download_file($urls[0], 0, false)) && !is_null($GLOBALS['HTTP_MESSAGE_B'])) { attach_message($GLOBALS['HTTP_MESSAGE_B'], 'warn'); } $url = $urls[0]; $GLOBALS['SITE_DB']->query_update('diseases', array('name' => $name, 'image' => $url, 'cure' => $cure, 'cure_price' => $cure_price, 'immunisation' => $immunization, 'immunisation_price' => $immunization_price, 'spread_rate' => $spread_rate, 'points_per_spread' => $points_per_spread, 'enabled' => $enabled), array('id' => $id), '', 1); return NULL; }
/** * Try to return the human-readable version of the language id, passed in as $entry. * * @param integer The id * @param ?object The database connection to use (NULL: standard site connection) * @param ?LANGUAGE_NAME The language (NULL: uses the current language) * @return string The human-readable version */ function get_translated_text($entry, $connection = NULL, $lang = NULL) { if ($entry == 0) { return do_lang('FAILED_ENTRY'); } if ($entry === NULL) { fatal_exit(do_lang_tempcode('NULL_LANG_STRING')); } if ($connection === NULL) { $connection = $GLOBALS['SITE_DB']; } global $RECORD_LANG_STRINGS_CONTENT; if ($RECORD_LANG_STRINGS_CONTENT) { global $RECORDED_LANG_STRINGS_CONTENT; $RECORDED_LANG_STRINGS_CONTENT[$entry] = $connection->connection_write != $GLOBALS['SITE_DB']->connection_write; } if ($lang === NULL) { $lang = user_lang(); } if (array_key_exists($entry, $connection->text_lookup_original_cache) && $lang == user_lang()) { return $connection->text_lookup_original_cache[$entry]; } if ($lang == 'xxx') { return '!!!'; } // Helpful for testing language compliancy. We don't expect to see non x's/!'s if we're running this language $result = $connection->query_select('translate', array('text_original', 'text_parsed'), array('id' => $entry, 'language' => $lang), '', 1); if (!array_key_exists(0, $result)) { $result = $connection->query_select('translate', array('*'), array('id' => $entry, 'language' => get_site_default_lang()), '', 1); if (!array_key_exists(0, $result)) { $result = $connection->query_select('translate', array('*'), array('id' => $entry), '', 1); } if (array_key_exists(0, $result)) { $result[0]['text_original'] = google_translate($result[0]['text_original'], $lang); $result[0]['text_parsed'] = ''; $connection->query_insert('translate', array('broken' => 1, 'language' => $lang) + $result[0]); } } if (!array_key_exists(0, $result)) { $member_id = function_exists('get_member') ? get_member() : $GLOBALS['FORUM_DRIVER']->get_guest_id(); $connection->query_insert('translate', array('id' => $entry, 'source_user' => $member_id, 'broken' => 0, 'importance_level' => 3, 'text_original' => '', 'text_parsed' => '', 'language' => $lang)); $msg = do_lang('LANGUAGE_CORRUPTION', strval($entry)); if (preg_match('#^localhost[\\.\\:$]#', ocp_srv('HTTP_HOST')) != 0) { fatal_exit($msg); } require_code('site'); attach_message(make_string_tempcode($msg), 'warn'); return ''; } if ($lang == user_lang()) { $connection->text_lookup_original_cache[$entry] = $result[0]['text_original']; $connection->text_lookup_cache[$entry] = $result[0]['text_parsed']; } return $result[0]['text_original']; }
/** * Run the loader, to load up field-restrictions from the XML file. */ function go() { if (!addon_installed('xml_fields')) { return; } if (!is_file(get_custom_file_base() . '/data_custom/fields.xml')) { return; } $this->tag_stack = array(); $this->attribute_stack = array(); $this->levels_from_filtered = 0; $this->field_qualification_stack = array('*'); // Create and setup our parser $xml_parser = @xml_parser_create(); if ($xml_parser === false) { return; // PHP5 default build on windows comes with this function disabled, so we need to be able to escape on error } xml_set_object($xml_parser, $this); @xml_parser_set_option($xml_parser, XML_OPTION_TARGET_ENCODING, get_charset()); xml_set_element_handler($xml_parser, 'startElement', 'endElement'); xml_set_character_data_handler($xml_parser, 'startText'); // Run the parser $data = file_get_contents(get_custom_file_base() . '/data_custom/fields.xml', FILE_TEXT); if (trim($data) == '') { return; } if (@xml_parse($xml_parser, $data, true) == 0) { attach_message('fields.xml: ' . xml_error_string(xml_get_error_code($xml_parser)), 'warn'); return; } @xml_parser_free($xml_parser); }
/** * Standard modular render function for profile tabs edit hooks. * * @param MEMBER The ID of the member who is being viewed * @param MEMBER The ID of the member who is doing the viewing * @param boolean Whether to leave the tab contents NULL, if tis hook supports it, so that AJAX can load it later * @return ?array A tuple: The tab title, the tab body text (may be blank), the tab fields, extra Javascript (may be blank) the suggested tab order, hidden fields (optional) (NULL: if $leave_to_ajax_if_possible was set) */ function render_tab($member_id_of, $member_id_viewing, $leave_to_ajax_if_possible = false) { $title = do_lang_tempcode('AVATAR'); $order = 20; // Actualiser if (post_param_integer('submitting_avatar_tab', 0) == 1) { require_code('uploads'); if (has_specific_permission($member_id_viewing, 'own_avatars')) { if (!(is_swf_upload(true) && array_key_exists('avatar_file', $_FILES) || array_key_exists('avatar_file', $_FILES) && is_uploaded_file($_FILES['avatar_file']['tmp_name']))) { $urls = array(); $stock = post_param('avatar_alt_url', ''); if ($stock == '') { $stock = post_param('avatar_stock', NULL); if (!is_null($stock)) { $urls[0] = $stock == '' ? '' : find_theme_image($stock, false, true); } else { $urls[0] = ''; } // None } else { if (url_is_local($stock) && !$GLOBALS['FORUM_DRIVER']->is_super_admin($member_id_viewing)) { $old = $GLOBALS['FORUM_DB']->query_value('f_members', 'm_avatar_url', array('id' => $member_id_of)); if ($old != $stock) { access_denied('ASSOCIATE_EXISTING_FILE'); } } $urls[0] = $stock; // URL } } else { // We have chosen an upload. Note that we will not be looking at alt_url at this point, even though it is specified below for canonical reasons $urls = get_url('avatar_alt_url', 'avatar_file', file_exists(get_custom_file_base() . '/uploads/avatars') ? 'uploads/avatars' : 'uploads/ocf_avatars', 0, OCP_UPLOAD_IMAGE, false, '', '', false, true); if ((get_base_url() != get_forum_base_url() || array_key_exists('on_msn', $GLOBALS['SITE_INFO']) && $GLOBALS['SITE_INFO']['on_msn'] == '1') && $urls[0] != '' && url_is_local($urls[0])) { $urls[0] = get_custom_base_url() . '/' . $urls[0]; } } $avatar_url = $urls[0]; } else { $stock = post_param('avatar_stock'); $avatar_url = $stock == '' ? '' : find_theme_image($stock, false, true); } require_code('ocf_members_action'); require_code('ocf_members_action2'); ocf_member_choose_avatar($avatar_url, $member_id_of); attach_message(do_lang_tempcode('SUCCESS_SAVE'), 'inform'); } if ($leave_to_ajax_if_possible) { return NULL; } // UI fields $avatar_url = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_avatar_url'); require_javascript('javascript_multi'); $fields = new ocp_tempcode(); require_code('form_templates'); require_code('themes2'); $ids = get_all_image_ids_type('ocf_default_avatars', true); $found_it = false; foreach ($ids as $id) { $pos = strpos($avatar_url, '/' . $id); $selected = $pos !== false; if ($selected) { $found_it = true; } } $hidden = new ocp_tempcode(); if (has_specific_permission($member_id_viewing, 'own_avatars')) { $javascript = 'standardAlternateFields(\'avatar_file\',\'avatar_alt_url\',\'avatar_stock*\',true);'; $fields->attach(form_input_upload(do_lang_tempcode('UPLOAD'), do_lang_tempcode('DESCRIPTION_UPLOAD'), 'avatar_file', false, NULL, NULL, true, str_replace(' ', '', get_option('valid_images')))); handle_max_file_size($hidden, 'image'); $fields->attach(form_input_line(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('URL')), do_lang_tempcode('DESCRIPTION_ALTERNATE_URL'), 'avatar_alt_url', $found_it ? '' : $avatar_url, false)); $fields->attach(form_input_picture_choose_specific(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('STOCK')), do_lang_tempcode('DESCRIPTION_ALTERNATE_STOCK'), 'avatar_stock', $ids, $avatar_url, NULL, NULL, true)); } else { $javascript = ''; $fields->attach(form_input_picture_choose_specific(do_lang_tempcode('STOCK'), '', 'avatar_stock', $ids, $avatar_url, NULL, NULL, true)); } if ($avatar_url != '') { if (url_is_local($avatar_url)) { $avatar_url = get_complex_base_url($avatar_url) . '/' . $avatar_url; } $avatar = do_template('OCF_TOPIC_POST_AVATAR', array('_GUID' => '50a5902f3ab7e384d9cf99577b222cc8', 'AVATAR' => $avatar_url)); } else { $avatar = do_lang_tempcode('NONE_EM'); } $width = ocf_get_member_best_group_property($member_id_of, 'max_avatar_width'); $height = ocf_get_member_best_group_property($member_id_of, 'max_avatar_height'); $text = do_template('OCF_EDIT_AVATAR_TAB', array('_GUID' => 'dbdac6ca3bc752b54d2a24a4c6e69c7c', 'MEMBER_ID' => strval($member_id_of), 'USERNAME' => $GLOBALS['FORUM_DRIVER']->get_username($member_id_of), 'AVATAR' => $avatar, 'WIDTH' => integer_format($width), 'HEIGHT' => integer_format($height))); $hidden = new ocp_tempcode(); $hidden->attach(form_input_hidden('submitting_avatar_tab', '1')); return array($title, $fields, $text, $javascript, $order, $hidden); }
/** * Take details posted about a booking, and save to the database. * * @param array Booking details structure. * @param array Existing bookings to ignore (presumably the booking we're trying to make - if this is an edit). * @param ?MEMBER The member ID we are saving as (NULL: current user). * @return ?array Booking details structure (NULL: error -- reshow form). */ function save_booking_form_to_db($request, $ignore_bookings, $member_id = NULL) { if (is_null($member_id)) { $member_id = get_member(); } if (is_guest($member_id)) { fatal_exit(do_lang_tempcode('INTERNAL_ERROR')); } $test = check_booking_dates_available($request, $ignore_bookings); if (!is_null($test)) { attach_message($test, 'warn'); return NULL; } $request = add_booking($request, $member_id); return $request; }
/** * Render posts from a topic (usually tied into AJAX, to get iterative results). * * @param AUTO_LINK The topic ID * @param integer Maximum to load if non-threaded * @param boolean Whether this resource allows comments (if not, this function does nothing - but it's nice to move out this common logic into the shared function) * @param boolean Whether the comment box will be invisible if there are not yet any comments (and you're not staff) * @param ?string The name of the forum to use (NULL: default comment forum) * @param ?mixed The raw comment array (NULL: lookup). This is useful if we want to pass it through a filter * @param boolean Whether to reverse the posts * @param boolean Whether the current user may reply to the topic (influences what buttons show) * @param ?MEMBER User to highlight the posts of (NULL: none) * @param boolean Whether to allow ratings along with the comment (like reviews) * @param array List of post IDs to load * @param AUTO_LINK Parent node being loaded to * @return tempcode The tempcode for the comment topic */ function render_posts_from_topic($topic_id, $num_to_show_limit, $allow_comments, $invisible_if_no_comments, $forum_name, $preloaded_comments, $reverse, $may_reply, $highlight_by_user, $allow_reviews, $posts, $parent_id) { if (get_forum_type() == 'ocf' && !addon_installed('ocf_forum')) { return new ocp_tempcode(); } $max_thread_depth = get_param_integer('max_thread_depth', intval(get_option('max_thread_depth'))); $start = 0; // Load up posts from DB if (!$this->load_from_topic($topic_id, $num_to_show_limit, $start, $reverse, $posts)) { attach_message(do_lang_tempcode('MISSING_FORUM', escape_html($forum_name)), 'warn'); } if (!$this->error) { if (count($this->all_posts_ordered) == 0 && $invisible_if_no_comments) { return new ocp_tempcode(); } // Prepare review titles $this->set_reviews_rating_criteria(array('')); // Load up reviews if (get_forum_type() == 'ocf' && $allow_reviews) { $all_individual_review_ratings = $GLOBALS['SITE_DB']->query_select('review_supplement', array('*'), array('r_topic_id' => $topic_id)); } else { $all_individual_review_ratings = array(); } $forum_id = $GLOBALS['FORUM_DRIVER']->forum_id_from_name($forum_name); // Render $rendered = $this->render_posts($num_to_show_limit, $max_thread_depth, $may_reply, $highlight_by_user, $all_individual_review_ratings, $forum_id, $parent_id, true); $ret = $rendered[0]; return $ret; } return new ocp_tempcode(); }
/** * Bind the parameter bits, or recursively bind children (doesn't change self, returns a bound tempcode object) * * @param array Map of parameters to bind parameter bits to * @param ID_TEXT The codename of the template this tempcode is from * @param boolean Whether we are looking under a loop * @return tempcode The new bound tempcode object */ function bind(&$parameters, $codename, $under_loop = false) { // global $PREPROCESSED_BLOCKS; foreach ($parameters as $key => $val) { if (is_bool($val)) { $parameters[$key] = $val ? '1' : '0'; } } $out = new ocp_tempcode(); $out->codename = $codename; if ($GLOBALS['RECORD_TEMPLATES_TREE']) { $out->children = isset($this->children) ? $this->children : array(); foreach ($parameters as $key => $parameter) { if (is_object($parameter)) { $out->children[] = array($parameter->codename, isset($parameter->children) ? $parameter->children : array(), isset($parameter->fresh) ? $parameter->fresh : false); } elseif (is_string($parameter) && $key == '_GUID') { $out->children[] = array(':guid', array(array(':' . $parameter, array(), true)), true); } } } $last_param = false; foreach ($this->bits as $bit) { $bit_1 = $bit[1]; // if (($bit_1==TC_SYMBOL) && (isset($PREPROCESSED_BLOCKS[$bit[2]]))) // handle_symbol_preprocessing($bit); // Parameter binding of the variable as needed if ($bit[3]) { if ($bit_1 != TC_DIRECTIVE) { foreach ($bit[3] as $i => $param) { if (is_object($param)) { $bit[3][$i] = $param->bind($parameters, $codename, $under_loop); } } } else { $send_parameters =& $parameters; $bit_2 = $bit[2]; if ($bit_2 == 'IF_NON_PASSED' || $bit_2 == 'IF_PASSED') { $spec = $bit[3][0]->bits[0][2]; if (!isset($send_parameters[$spec])) { $send_parameters[$spec] = NULL; } } if ($bit_2 == 'LOOP') { $bit[3]['vars'] = $send_parameters; } else { foreach ($bit[3] as $i => $param) { if (is_object($param)) { $bit[3][$i] = $param->bind($send_parameters, $codename, $under_loop || $bit[2] == 'LOOP' || $bit[2] == 'IF_PASSED'); } // We need to be able to keep the parameters for bubbling down later if ($i == 0 && $bit_2 == 'IF_NON_EMPTY') { if (!$bit[3][$i]->is_empty()) { $bit[3][$i] = make_string_tempcode('1'); } } } if (isset($GLOBALS['DIRECTIVES_NEEDING_VARS'][$bit[2]])) { $bit[3]['vars'] = $send_parameters; } } } } // You ain't see me, right! // These may need to be bound if ($bit_1 == TC_PARAMETER || $bit_1 == TC_DIRECTIVE) { $bit_2 = $bit[2]; if ($bit_1 == TC_PARAMETER) { $last_param = true; if (!array_key_exists($bit_2, $parameters) || is_null($parameters[$bit_2])) { if ($bit_2 == '_GUID') { $parameters['_GUID'] = ''; if (function_exists('debug_backtrace')) { $trace = debug_backtrace(); $parameters['_GUID'] = array_key_exists(3, $trace) ? $trace[3]['function'] . '/' . $trace[2]['function'] : (array_key_exists(2, $trace) ? $trace[2]['function'] : $trace[1]['function']); } } else { //$out->bits[]=array($bit[0],$bit_1,$bit_2,$bit[3]); require_code('site'); if (!$under_loop) { attach_message(do_lang_tempcode('MISSING_TEMPLATE_PARAMETER', $bit_2, $codename), 'warn'); } continue; } } // Do the actual parameter lookup: turns the late parameter into an actual known quantity $param_value = $parameters[$bit_2]; $looked_up = is_array($param_value) ? count($param_value) == 0 ? '' : strval(count($param_value)) : $param_value; $out->attach($looked_up, false, $bit[0]); continue; } $last_param = false; // Handle the pass checking directives if ($bit_2 == 'IF_PASSED' || $bit_2 == 'IF_NON_PASSED') { $out->bits[] = array($bit[0], $bit_1, $bit_2, $bit[3]); continue; } } if ($last_param && $bit_1 == TC_KNOWN) { $last_param = false; $out->attach($bit[2], false, $bit[0]); continue; } // If we have got this far, $bit does not need any special binding itself (although it's parameters [if it has them] may have been) $out->bits[] = $bit; $last_param = false; } return $out; }
/** * Show value statistics for a custom profile field (show). * * @return tempcode The statistics */ function _stats() { $title = get_page_title('CUSTOM_PROFILE_FIELD_STATS'); breadcrumb_set_parents(array()); $f_name = 'field_' . strval(get_param_integer('id')); $_a = get_input_date('start'); $a = is_null($_a) ? '1=1' : 'm_join_time>' . strval((int) $_a); $_b = get_input_date('end'); $b = is_null($_b) ? '1=1' : 'm_join_time<' . strval((int) $_b); $members_in_range = $GLOBALS['FORUM_DB']->query('SELECT ' . $f_name . ',COUNT(' . $f_name . ') AS cnt FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_members m LEFT JOIN ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_member_custom_fields f ON m.id=f.mf_member_id WHERE ' . $a . ' AND ' . $b . ' GROUP BY ' . $f_name . ' ORDER BY cnt', 300); if (count($members_in_range) == 300) { attach_message(do_lang_tempcode('TOO_MUCH_CHOOSE__TOP_ONLY', escape_html(integer_format(300))), 'warn'); } $lines = new ocp_tempcode(); foreach ($members_in_range as $row) { if (!is_null($row[$f_name])) { $val = $row[$f_name]; if ($val == STRING_MAGIC_NULL) { continue; } $lines->attach(do_template('OCF_CPF_STATS_LINE', array('CNT' => integer_format($row['cnt']), 'VAL' => is_integer($val) ? integer_format($val) : $val))); } } if ($lines->is_empty()) { warn_exit(do_lang_tempcode('NO_DATA')); } return do_template('OCF_CPF_STATS_SCREEN', array('_GUID' => 'bb7be7acf936cd008e16bd515f7f39ac', 'TITLE' => $title, 'STATS' => $lines)); }
/** * The do-next manager for before setup management. * * @return tempcode The UI */ function misc() { require_lang('quiz'); require_lang('menus'); $also_url = build_url(array('page' => 'cms_quiz'), get_module_zone('cms_quiz')); attach_message(do_lang_tempcode('ALSO_SEE_CMS', escape_html($also_url->evaluate())), 'inform'); require_code('templates_donext'); return do_next_manager(get_page_title('MANAGE_QUIZZES'), comcode_lang_string('DOC_QUIZZES'), array(array('findwinners', array('_SELF', array('type' => 'find_winner'), '_SELF'), do_lang('FIND_WINNERS')), array('survey_results', array('_SELF', array('type' => 'survey_results'), '_SELF'), do_lang('SURVEY_RESULTS')), array('export', array('_SELF', array('type' => 'export'), '_SELF'), do_lang('EXPORT_QUIZ'))), do_lang('MANAGE_QUIZZES')); }
/** * Decrypt data using asymmetric encryption, and the site's private key (as unlocked by the given passphrase). * A fatal error will occur if the passphrase is empty, the key cannot be found, or if decryption fails for whatever reason. * * @param string Data to be decrypted * @param string Passphrase to unlock the site's private key * @return string Decrypted data */ function decrypt_data($data, $passphrase) { if ($data == '') { return ''; } if (!function_exists('openssl_pkey_get_private')) { return ''; } if (!function_exists('openssl_private_decrypt')) { return ''; } // Check the passphrase isn't empty (if it is legitimately empty, we're doing the site a favour by bailing out) if ($passphrase == '') { attach_message(do_lang_tempcode('ENCRYPTION_KEY_ERROR'), 'warn'); return ''; } // Remove the magic encryption marker and base64-decode it first $data = base64_decode(remove_magic_encryption_marker(str_replace('<br />', '', $data))); $key = openssl_pkey_get_private(array('file://' . get_option('decryption_key'), $passphrase)); if ($key === false) { attach_message(do_lang_tempcode('ENCRYPTION_KEY_ERROR'), 'warn'); return ''; } $maxlength = strlen($data); $decryption_keyfile = file_get_contents(get_option('decryption_key')); if (strpos($decryption_keyfile, 'AES') === false) { $maxlength = 128; } elseif (strpos($decryption_keyfile, 'AES-256') !== false) { $maxlength = 256; } elseif (strpos($decryption_keyfile, 'AES-512') !== false) { $maxlength = 512; } $output = ''; while (strlen($data) > 0) { $input = substr($data, 0, $maxlength); $data = substr($data, $maxlength); $decrypted = ''; if (!openssl_private_decrypt($input, $decrypted, $key)) { attach_message(do_lang_tempcode('DECRYPTION_ERROR'), 'warn'); return $output; } $output .= $decrypted; } return $output; }
/** * Standard modular render function for profile tabs edit hooks. * * @param MEMBER The ID of the member who is being viewed * @param MEMBER The ID of the member who is doing the viewing * @param boolean Whether to leave the tab contents NULL, if tis hook supports it, so that AJAX can load it later * @return ?array A tuple: The tab title, the tab body text (may be blank), the tab fields, extra Javascript (may be blank) the suggested tab order, hidden fields (optional) (NULL: if $leave_to_ajax_if_possible was set) */ function render_tab($member_id_of, $member_id_viewing, $leave_to_ajax_if_possible = false) { $order = 0; // Actualiser if (post_param('submitting_settings_tab', NULL) !== NULL) { require_code('ocf_members_action2'); $is_ldap = ocf_is_ldap_member($member_id_of); $is_httpauth = ocf_is_httpauth_member($member_id_of); $is_remote = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_password_compat_scheme') == 'remote'; if ($is_ldap || $is_httpauth || $is_remote || $member_id_of != $member_id_viewing && !has_specific_permission($member_id_viewing, 'assume_any_member')) { $password = NULL; } else { $password = post_param('edit_password'); if ($password == '') { $password = NULL; } else { $password_confirm = trim(post_param('password_confirm')); if ($password != $password_confirm) { warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH')))); } } } $custom_fields = ocf_get_all_custom_fields_match($GLOBALS['FORUM_DRIVER']->get_members_groups($member_id_of), $member_id_of != $member_id_viewing && !has_specific_permission($member_id_viewing, 'view_any_profile_field') ? 1 : NULL, $member_id_of != $member_id_viewing ? NULL : 1, $member_id_of != $member_id_viewing ? NULL : 1); $actual_custom_fields = ocf_read_in_custom_fields($custom_fields, $member_id_of); $pt_allow = array_key_exists('pt_allow', $_POST) ? implode(',', $_POST['pt_allow']) : ''; $tmp_groups = $GLOBALS['OCF_DRIVER']->get_usergroup_list(true, true); $all_pt_allow = ''; foreach (array_keys($tmp_groups) as $key) { if ($key != db_get_first_id()) { if ($all_pt_allow != '') { $all_pt_allow .= ','; } $all_pt_allow .= strval($key); } } if ($pt_allow == $all_pt_allow) { $pt_allow = '*'; } $pt_rules_text = post_param('pt_rules_text', NULL); if (has_specific_permission($member_id_viewing, 'member_maintenance')) { $validated = post_param_integer('validated', 0); $primary_group = $is_ldap || !has_specific_permission($member_id_viewing, 'assume_any_member') ? NULL : post_param_integer('primary_group', NULL); $is_perm_banned = post_param_integer('is_perm_banned', 0); $old_is_perm_banned = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_is_perm_banned'); if ($old_is_perm_banned != $is_perm_banned) { if ($is_perm_banned == 1) { ocf_ban_member($member_id_of); } else { ocf_unban_member($member_id_of); } } $highlighted_name = post_param_integer('highlighted_name', 0); if (has_specific_permission($member_id_viewing, 'probate_members')) { $on_probation_until = get_input_date('on_probation_until'); $current__on_probation_until = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_on_probation_until'); if ((is_null($on_probation_until) || $on_probation_until <= time()) && $current__on_probation_until > time()) { log_it('STOP_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } elseif (!is_null($on_probation_until) && $on_probation_until > time() && $current__on_probation_until <= time()) { log_it('START_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } elseif (!is_null($on_probation_until) && $current__on_probation_until > $on_probation_until && $on_probation_until > time() && $current__on_probation_until > time()) { log_it('REDUCE_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } elseif (!is_null($on_probation_until) && $current__on_probation_until < $on_probation_until && $on_probation_until > time() && $current__on_probation_until > time()) { log_it('EXTEND_PROBATION', strval($member_id_of), $GLOBALS['FORUM_DRIVER']->get_username($member_id_of)); } } else { $on_probation_until = NULL; } } else { $validated = NULL; $primary_group = NULL; $highlighted_name = NULL; $on_probation_until = NULL; } if (has_actual_page_access($member_id_viewing, 'admin_ocf_join') || has_specific_permission($member_id_of, 'rename_self')) { $username = $is_ldap || $is_remote ? NULL : post_param('edit_username', NULL); } else { $username = NULL; } $email = post_param('email_address', NULL); if (!is_null($email)) { $email = trim($email); } $theme = post_param('theme', NULL); if ($is_remote) { $preview_posts = NULL; $zone_wide = NULL; $auto_monitor_contrib_content = NULL; $views_signatures = NULL; $timezone = NULL; } else { $preview_posts = post_param_integer('preview_posts', 0); $zone_wide = post_param_integer('zone_wide', 0); $auto_monitor_contrib_content = NULL; //post_param_integer('auto_monitor_contrib_content',0); Moved to notifications tab $views_signatures = post_param_integer('views_signatures', 0); $timezone = post_param('timezone', get_site_timezone()); } ocf_edit_member($member_id_of, $email, $preview_posts, post_param_integer('dob_day', -1), post_param_integer('dob_month', -1), post_param_integer('dob_year', -1), $timezone, $primary_group, $actual_custom_fields, $theme, post_param_integer('reveal_age', 0), $views_signatures, $auto_monitor_contrib_content, post_param('language', NULL), post_param_integer('allow_emails', 0), post_param_integer('allow_emails_from_staff', 0), $validated, $username, $password, $zone_wide, $highlighted_name, $pt_allow, $pt_rules_text, $on_probation_until); if (!array_key_exists('secondary_groups', $_POST)) { $_POST['secondary_groups'] = array(); } require_code('ocf_groups_action2'); $members_groups = $GLOBALS['OCF_DRIVER']->get_members_groups($member_id_of); $group_count = $GLOBALS['FORUM_DB']->query_value('f_groups', 'COUNT(*)'); $groups = list_to_map('id', $GLOBALS['FORUM_DB']->query_select('f_groups', array('*'), $group_count > 200 ? array('g_is_private_club' => 0) : NULL)); foreach ($_POST['secondary_groups'] as $group_id) { $group = $groups[intval($group_id)]; if ($group['g_hidden'] == 1 && !in_array($group['id'], $members_groups) && !has_specific_permission($member_id_viewing, 'see_hidden_groups')) { continue; } if (!in_array($group['id'], $members_groups) && (has_specific_permission($member_id_viewing, 'assume_any_member') || $group['g_open_membership'] == 1)) { ocf_add_member_to_group($member_id_of, $group['id']); } } foreach ($members_groups as $group_id) { if (!in_array(strval($group_id), $_POST['secondary_groups'])) { ocf_member_leave_group($group_id, $member_id_of); } } $GLOBALS['FORUM_DB']->query('DELETE FROM ' . $GLOBALS['FORUM_DB']->get_table_prefix() . 'f_member_known_login_ips WHERE i_member_id=' . strval($member_id_of) . ' AND ' . db_string_not_equal_to('i_val_code', '')); // So any re-confirms can happen if (addon_installed('awards')) { require_code('awards'); handle_award_setting('member', strval($member_id_of)); } attach_message(do_lang_tempcode('SUCCESS_SAVE'), 'inform'); } if ($leave_to_ajax_if_possible) { return NULL; } // UI $title = do_lang_tempcode('SETTINGS'); $myrow = $GLOBALS['FORUM_DRIVER']->get_member_row($member_id_of); if (is_null($myrow)) { warn_exit(do_lang_tempcode('USER_NO_EXIST')); } require_code('ocf_members_action2'); list($fields, $hidden) = ocf_get_member_fields_settings(false, $member_id_of, NULL, $myrow['m_email_address'], $myrow['m_preview_posts'], $myrow['m_dob_day'], $myrow['m_dob_month'], $myrow['m_dob_year'], get_users_timezone($member_id_of), $myrow['m_theme'], $myrow['m_reveal_age'], $myrow['m_views_signatures'], $myrow['m_auto_monitor_contrib_content'], $myrow['m_language'], $myrow['m_allow_emails'], $myrow['m_allow_emails_from_staff'], $myrow['m_validated'], $myrow['m_primary_group'], $myrow['m_username'], $myrow['m_is_perm_banned'], '', $myrow['m_zone_wide'], $myrow['m_highlighted_name'], $myrow['m_pt_allow'], get_translated_text($myrow['m_pt_rules_text'], $GLOBALS['FORUM_DB']), $myrow['m_on_probation_until']); // Awards? if (addon_installed('awards')) { require_code('awards'); $fields->attach(get_award_fields('member', strval($member_id_of))); } $redirect = get_param('redirect', NULL); if (!is_null($redirect)) { $hidden->attach(form_input_hidden('redirect', $redirect)); } $hidden->attach(form_input_hidden('submitting_settings_tab', '1')); $javascript = "\n\t\t\tvar form=document.getElementById('email_address').form;\n\t\t\tform.prior_profile_edit_submit=form.onsubmit;\n\t\t\tform.onsubmit=function()\n\t\t\t\t{\n\t\t\t\t\tif (typeof form.elements['edit_password']!='undefined')\n\t\t\t\t\t{\n\t\t\t\t\t\tif ((form.elements['password_confirm']) && (form.elements['password_confirm'].value!=form.elements['edit_password'].value))\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\twindow.fauxmodal_alert('" . php_addslashes(do_lang('PASSWORD_MISMATCH')) . "');\n\t\t\t\t\t\t\treturn false;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (typeof form.prior_profile_edit_submit!='undefined' && form.prior_profile_edit_submit) return form.prior_profile_edit_submit();\n\t\t\t\t\treturn true;\n\t\t\t\t};\n\t\t"; $text = ''; return array($title, $fields, $text, $javascript, $order, $hidden); }
function handle_facebook_connection_login($current_logged_in_member) { if (!class_exists('ocp_tempcode')) { return NULL; } if (is_guest($current_logged_in_member)) { $current_logged_in_member = NULL; // We are not a normal cookie login so ocPortal has loaded up a Guest session already in the expectation of keeping it. Unsetting it will force a rebind (existing session may be reused though) require_code('users_inactive_occasionals'); set_session_id(-1); } // If already session-logged-in onto a Facebook account, don't bother doing anything if (!is_null($current_logged_in_member) && $GLOBALS['FORUM_DRIVER']->get_member_row_field($current_logged_in_member, 'm_password_compat_scheme') == 'facebook') { return $current_logged_in_member; } // Who is this user, from Facebook's point of view? global $FACEBOOK_CONNECT; $facebook_uid = $FACEBOOK_CONNECT->getUser(); if (is_null($facebook_uid)) { return $current_logged_in_member; } try { $details = $FACEBOOK_CONNECT->api('/me'); } catch (Exception $e) { return $current_logged_in_member; } $details2 = $FACEBOOK_CONNECT->api('/me', array('fields' => 'picture', 'type' => 'normal')); if (!is_array($details) || !is_array($details2)) { return $current_logged_in_member; } $details = array_merge($details, $details2); if (!isset($details['name'])) { return $current_logged_in_member; } $username = $details['name']; $photo_url = array_key_exists('picture', $details) ? $details['picture'] : ''; if (is_array($photo_url)) { $photo_url = $photo_url['data']['url']; } if ($photo_url != '') { $photo_url = 'http://graph.facebook.com/' . strval($facebook_uid) . '/picture?type=large'; // In case URL changes } $avatar_url = $photo_url == '' ? mixed() : $photo_url; $photo_thumb_url = ''; if ($photo_url != '') { $photo_thumb_url = $photo_url; } $email_address = array_key_exists('email', $details) ? $details['email'] : ''; $timezone = mixed(); if (isset($details['timezone'])) { require_code('temporal'); $timezone = convert_timezone_offset_to_formal_timezone($details['timezone']); } $language = mixed(); if (isset($details['locale'])) { $language = strtoupper($details['locale']); } if ($language !== NULL) { if (!file_exists(get_custom_file_base() . '/lang_custom/' . $language)) { $language = preg_replace('#\\_.*$#', '', $language); if (!file_exists(get_custom_file_base() . '/lang_custom/' . $language)) { $language = ''; } } } $dob = array_key_exists('birthday', $details) ? $details['birthday'] : ''; $dob_day = mixed(); $dob_month = mixed(); $dob_year = mixed(); if ($dob != '') { $_dob = explode('/', $dob); $dob_day = intval($_dob[1]); $dob_month = intval($_dob[0]); $dob_year = intval($_dob[2]); } // See if they have logged in before - i.e. have a synched account $member_row = $GLOBALS['FORUM_DB']->query_select('f_members', array('*'), array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => $facebook_uid), 'ORDER BY id DESC', 1); $member = array_key_exists(0, $member_row) ? $member_row[0]['id'] : NULL; if (is_guest($member)) { $member = NULL; } /*if (!is_null($member)) // Useful for debugging { require_code('ocf_members_action2'); ocf_delete_member($member); $member=NULL; }*/ // If logged in before using Facebook, see if they've changed their name or email or timezone on Facebook -- if so, try and update locally to match if (!is_null($member)) { if (!is_null($current_logged_in_member) && $current_logged_in_member !== NULL && !is_guest($current_logged_in_member) && $current_logged_in_member != $member) { return $current_logged_in_member; } // User has an active login, and the Facebook account is bound to a DIFFERENT login. Take precedence to the other login that is active on top of this $last_visit_time = $member[0]['m_last_visit_time']; if ($timezone !== NULL) { if (tz_time(time(), $timezone) == tz_time(time(), $member[0]['m_timezone_offset'])) { $timezone = $member[0]['m_timezone_offset']; } // If equivalent, don't change } $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_members', 'id', array('m_username' => $username)); if (!is_null($test)) { $update_map = array('m_username' => $username, 'm_dob_day' => $dob_day, 'm_dob_month' => $dob_month, 'm_dob_year' => $dob_year); if ($email_address != '') { $update_map['m_email_address'] = $email_address; } if ($avatar_url !== NULL && ($test == '' || strpos($test, 'facebook') !== false || strpos($test, 'fbcdn') !== false)) { if ($timezone !== NULL) { $update_map['m_timezone_offset'] = $timezone; } $update_map['m_avatar_url'] = $avatar_url; $update_map['m_photo_url'] = $photo_url; $update_map['m_photo_thumb_url'] = $photo_thumb_url; } $GLOBALS['FORUM_DB']->query_update('f_members', $update_map, array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => strval($facebook_uid)), '', 1); if ($username != $member[0]['m_username']) { // Fix cacheing for usernames $to_fix = array('f_forums/f_cache_last_username', 'f_posts/p_poster_name_if_guest', 'f_topics/t_cache_first_username', 'f_topics/t_cache_last_username'); foreach ($to_fix as $fix) { list($table, $field) = explode('/', $fix); $GLOBALS['FORUM_DB']->query_update($table, array($field => $username), array($field => $member[0]['m_username'])); } } } } // Not logged in before using Facebook, so we need to create an account, or bind to the active ocPortal login if there is one $in_a_sane_place = get_page_name() != 'login' && (running_script('index') || running_script('execute_temp')); // If we're in some weird script, or the login module UI, it's not a sane place, don't be doing account creation yet if (is_null($member) && $in_a_sane_place) { // Bind to existing ocPortal login? if (!is_null($current_logged_in_member)) { /*if (post_param_integer('associated_confirm',0)==0) Won't work because Facebook is currently done in JS and cookies force this. If user wishes to cancel they must go to http://www.facebook.com/settings?tab=applications and remove the app, then run a lost password reset. { $title=get_page_title('LOGIN_FACEBOOK_HEADER'); $message=do_lang_tempcode('LOGGED_IN_SURE_FACEBOOK',escape_html($GLOBALS['FORUM_DRIVER']->get_username($current_logged_in_member))); $middle=do_template('YESNO_SCREEN',array('TITLE'=>$title,'TEXT'=>$message,'HIDDEN'=>form_input_hidden('associated_confirm','1'),'URL'=>get_self_url_easy())); $tpl=globalise($middle,NULL,'',true); $tpl->evaluate_echo(); exit(); }*/ $GLOBALS['FORUM_DB']->query_update('f_members', array('m_password_compat_scheme' => 'facebook', 'm_pass_hash_salted' => $facebook_uid), array('id' => $current_logged_in_member), '', 1); require_code('site'); require_lang('facebook'); attach_message(do_lang_tempcode('FACEBOOK_ACCOUNT_CONNECTED', escape_html(get_site_name()), escape_html($GLOBALS['FORUM_DRIVER']->get_username($current_logged_in_member)), array(escape_html($username))), 'inform'); return $current_logged_in_member; } // If we're still here, we have to create a new account... // ------------------------------------------------------- $completion_form_submitted = post_param('email_address', '') != ''; // If there's a conflicting username, we may need to change it (suffix a number) require_code('ocf_members_action2'); $username = get_username_from_human_name($username); // Ask ocP to finish off the profile from the information presented in the POST environment (a standard mechanism in ocPortal, for third party logins of various kinds) require_lang('ocf'); require_code('ocf_members'); require_code('ocf_groups'); require_code('ocf_members2'); require_code('ocf_members_action'); $_custom_fields = ocf_get_all_custom_fields_match(ocf_get_all_default_groups(true), NULL, NULL, NULL, 1); if (!$completion_form_submitted && count($_custom_fields) != 0 && get_value('no_finish_profile') !== '1') { $GLOBALS['FACEBOOK_FINISHING_PROFILE'] = true; $middle = ocf_member_external_linker_ask($username, 'facebook', $email_address, $dob_day, $dob_month, $dob_year); $tpl = globalise($middle, NULL, '', true); $tpl->evaluate_echo(); exit; } else { $username = post_param('username', $username); if (count($_custom_fields) != 0 && get_value('no_finish_profile') !== '1') { // Was not auto-generated, so needs to be checked ocf_check_name_valid($username, NULL, NULL); } $member = ocf_member_external_linker($username, $facebook_uid, 'facebook', false, $email_address, $dob_day, $dob_month, $dob_year, $timezone, $language, $avatar_url, $photo_url, $photo_thumb_url); } } if (!is_null($member)) { require_code('users_inactive_occasionals'); create_session($member, 1, isset($_COOKIE[get_member_cookie() . '_invisible']) && $_COOKIE[get_member_cookie() . '_invisible'] == '1'); // This will mark it as confirmed } return $member; }
/** * Standard modular UI to edit an entry. * * @return tempcode The UI */ function _ed() { $doing = 'EDIT_' . $this->lang_type; if ($this->catalogue && get_param('catalogue_name', '') != '') { $catalogue_title = get_translated_text($GLOBALS['SITE_DB']->query_value('catalogues', 'c_title', array('c_name' => get_param('catalogue_name')))); if ($this->type_code == 'd') { $doing = do_lang('CATALOGUE_GENERIC_EDIT', escape_html($catalogue_title)); } elseif ($this->type_code == 'c') { $doing = do_lang('CATALOGUE_GENERIC_EDIT_CATEGORY', escape_html($catalogue_title)); } } $title = get_page_title($doing); //$submit_name=(strpos($doing,' ')!==false)?protect_from_escaping($doing):do_lang($doing); //if (!is_null($this->edit_submit_name)) $submit_name=$this->edit_submit_name; $submit_name = do_lang_tempcode('SAVE'); //$test=$this->choose_catalogue($title); //if (!is_null($test)) return $test; $id = mixed(); // Define type as mixed $id = $this->non_integer_id ? get_param('id', false, true) : strval(get_param_integer('id')); $map = array('page' => '_SELF', 'type' => '__e' . $this->type_code, 'id' => $id); if (get_param('catalogue_name', '') != '') { $map['catalogue_name'] = get_param('catalogue_name'); } if (!is_null(get_param('redirect', NULL))) { $map['redirect'] = get_param('redirect'); } if (!is_null(get_param('continue', NULL))) { $map['continue'] = get_param('continue'); } if (!is_null($this->upload) || $this->possibly_some_kind_of_upload) { $map['uploading'] = 1; } $post_url = build_url($map, '_SELF'); if (multi_lang() && has_actual_page_access(get_member(), 'admin_lang') && user_lang() != get_site_default_lang()) { require_code('lang2'); $switch_url = get_self_url(false, false, array('keep_lang' => get_site_default_lang())); attach_message(do_lang_tempcode('lang:EDITING_CONTENT_IN_LANGUAGE_STAFF', escape_html(lookup_language_full_name(user_lang())), escape_html(lookup_language_full_name(get_site_default_lang())), escape_html($switch_url->evaluate())), 'warn'); } if (method_exists($this, 'get_submitter')) { list($submitter, $date_and_time) = $this->get_submitter($id); } else { $submitter = NULL; $date_and_time = NULL; } if (!is_null($this->permissions_require)) { check_edit_permission($this->permissions_require, $submitter, array($this->permissions_cat_require, is_null($this->permissions_cat_name) ? NULL : $this->get_cat($id), $this->permissions_cat_require_b, is_null($this->permissions_cat_name_b) ? NULL : $this->get_cat_b($id)), $this->permission_page_name); } if (!is_null($this->permissions_cat_require) && !has_category_access(get_member(), $this->permissions_cat_require, $this->get_cat($id))) { access_denied('CATEGORY_ACCESS'); } if (!is_null($this->permissions_cat_require_b) && !has_category_access(get_member(), $this->permissions_cat_require_b, $this->get_cat_b($id))) { access_denied('CATEGORY_ACCESS'); } $bits = $this->fill_in_edit_form($id); $delete_fields = new ocp_tempcode(); $all_delete_fields_given = false; $fields2 = new ocp_tempcode(); if (is_array($bits)) { $fields = $bits[0]; $hidden = $bits[1]; if (array_key_exists(2, $bits) && !is_null($bits[2])) { $delete_fields = $bits[2]; } if (array_key_exists(3, $bits) && !is_null($bits[3])) { $this->edit_text = $bits[3]; } if (array_key_exists(4, $bits) && $bits[4]) { $all_delete_fields_given = true; } if (array_key_exists(5, $bits) && !is_null($bits[5])) { $this->posting_form_text = $bits[5]; } if (array_key_exists(6, $bits) && !is_null($bits[6])) { $fields2 = $bits[6]; } if (array_key_exists(7, $bits)) { $this->posting_form_text_parsed = $bits[7]; } } else { $fields = $bits; $hidden = new ocp_tempcode(); } // Add in custom fields if ($this->has_tied_catalogue()) { require_code('fields'); $fields->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => do_lang_tempcode('MORE')))); append_form_custom_fields($this->award_type, $id, $fields, $hidden); } // SEO? if (!is_null($this->seo_type)) { require_code('seo2'); $fields2->attach(seo_get_fields($this->seo_type, $id)); } // Awards? if (addon_installed('awards')) { if (!is_null($this->award_type)) { require_code('awards'); $fields2->attach(get_award_fields($this->award_type, $id)); } } // Action fields / deletion options $delete_permission = true; if (!is_null($this->permissions_require)) { $delete_permission = has_delete_permission($this->permissions_require, get_member(), $submitter, is_null($this->permission_page_name) ? get_page_name() : $this->permission_page_name, array($this->permissions_cat_require, is_null($this->permissions_cat_name) ? NULL : $this->get_cat($id), $this->permissions_cat_require_b, is_null($this->permissions_cat_name_b) ? NULL : $this->get_cat_b($id))); } $may_delete = (!method_exists($this, 'may_delete_this') || $this->may_delete_this($id)) && (!is_numeric($id) || intval($id) >= db_get_first_id() + $this->protect_first) && $delete_permission; // Deletion options $action_fields = new ocp_tempcode(); if ($may_delete) { if (!$all_delete_fields_given) { $action_fields->attach(form_input_tick(do_lang_tempcode('DELETE'), do_lang_tempcode('DESCRIPTION_DELETE'), 'delete', false)); } if (addon_installed('points') && !is_null($submitter) && !is_null($date_and_time)) { $points_test = $GLOBALS['SITE_DB']->query_value_null_ok('gifts', 'id', array('date_and_time' => $date_and_time, 'gift_to' => $submitter, 'gift_from' => $GLOBALS['FORUM_DRIVER']->get_guest_id())); if (!is_null($points_test)) { require_lang('points'); $action_fields->attach(form_input_tick(do_lang_tempcode('REVERSE_TITLE'), do_lang_tempcode('REVERSE_TITLE_DESCRIPTION'), 'reverse_point_transaction', false)); } } $action_fields->attach($delete_fields); } if (!$this->appended_actions_already && !$action_fields->is_empty()) { $fields2->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => do_lang_tempcode('ACTIONS')))); } $fields2->attach($action_fields); if (!is_object($this->edit_text)) { $this->edit_text = make_string_tempcode(is_null($this->edit_text) ? '' : $this->edit_text); } if (!is_null($this->upload)) { if ($this->upload == 'image') { require_code('images'); $max = floatval(get_max_image_size()) / floatval(1024 * 1024); if ($max < 3.0) { require_code('files2'); $config_url = get_upload_limit_config_url(); $this->edit_text->attach(paragraph(do_lang_tempcode(is_null($config_url) ? 'MAXIMUM_UPLOAD' : 'MAXIMUM_UPLOAD_STAFF', escape_html($max > 10.0 ? integer_format(intval($max)) : float_format($max)), escape_html(is_null($config_url) ? '' : $config_url)))); } } else { require_code('files2'); $max = floatval(get_max_file_size()) / floatval(1024 * 1024); if ($max < 30.0) { $config_url = get_upload_limit_config_url(); $this->edit_text->attach(paragraph(do_lang_tempcode(is_null($config_url) ? 'MAXIMUM_UPLOAD' : 'MAXIMUM_UPLOAD_STAFF', escape_html($max > 10.0 ? integer_format(intval($max)) : float_format($max)), escape_html(is_null($config_url) ? '' : $config_url)))); } } } if (get_param('type', '_ed') == '_edit_catalogue') { require_javascript('javascript_catalogues'); // Existing fields $field_count = 0; $c_name = get_param('id', false, true); $rows = $GLOBALS['SITE_DB']->query_select('catalogue_fields', array('*'), array('c_name' => $c_name), 'ORDER BY cf_order'); $fields_existing = new ocp_tempcode(); foreach ($rows as $i => $myrow) { $name = get_translated_text($myrow['cf_name']); $description = get_translated_text($myrow['cf_description']); $prefix = 'existing_field_' . strval($myrow['id']) . '_'; list($_fields_existing, $_fields_hidden) = $this->get_field_fields($i == 0 && substr($c_name, 0, 1) != '_', count($rows) + 10, $prefix, $field_count, $name, $description, $myrow['cf_type'], $myrow['cf_defines_order'], $myrow['cf_visible'], $myrow['cf_searchable'], $myrow['cf_default'], $myrow['cf_required'], $myrow['cf_put_in_category'], $myrow['cf_put_in_search']); if (!is_ecommerce_catalogue($c_name) || $i > 9) { $_fields_existing->attach(do_template('FORM_SCREEN_FIELD_SPACER', array('TITLE' => do_lang_tempcode('ACTIONS')))); $_fields_existing->attach(form_input_tick(do_lang_tempcode('DELETE'), do_lang_tempcode('DESCRIPTION_DELETE'), $prefix . 'delete', false)); } $temp = do_template('FORM_FIELD_SET_GROUPER', array('_GUID' => '1492d973db45cbecff892ad4ac1af28f' . get_class($this), 'NAME' => $name, 'ID' => 'FIELD_' . strval($i + 1), 'FIELDS' => $_fields_existing->evaluate())); $fields_existing->attach($temp); $hidden->attach($_fields_hidden); $field_count++; } // New field $fields_new = new ocp_tempcode(); for ($i = 0; $i < 5; $i++) { list($_fields_new, $_fields_hidden) = $this->get_field_fields(false, count($rows) + 10, 'new_field_' . strval($i) . '_', $field_count); $temp = do_template('FORM_FIELD_SET_GROUPER', array('_GUID' => '8b9a632eafae003ccc6b007eefb0ce3d' . get_class($this), 'NAME' => do_lang_tempcode('NEW_FIELD', strval($i + 1)), 'ID' => 'NEW_FIELD_' . strval($i + 1), 'FIELDS' => $_fields_new->evaluate())); $fields_new->attach($temp); $hidden->attach($_fields_hidden); $field_count++; } $fields->attach($fields2); return do_template('CATALOGUE_EDITING_SCREEN', array('_GUID' => '584d7dc7c2c13939626102374f13f508' . get_class($this), 'HIDDEN' => $hidden, 'TITLE' => $title, 'TEXT' => $this->add_text, 'URL' => $post_url, 'FIELDS' => $fields->evaluate(), 'FIELDS_EXISTING' => $fields_existing->evaluate(), 'FIELDS_NEW' => $fields_new->evaluate(), 'SUBMIT_NAME' => $submit_name, 'JAVASCRIPT' => $this->javascript)); } list($warning_details, $ping_url) = handle_conflict_resolution(); if (!is_null($this->posting_form_title)) { $posting_form = get_posting_form($submit_name, $this->posting_form_text, $post_url, $hidden, $fields, $this->posting_form_title, '', $fields2, $this->posting_form_text_parsed, $this->javascript, NULL, $this->posting_field_required); return do_template('POSTING_SCREEN', array('_GUID' => '841b9af3aa80bcab86b907e4b942786a' . get_class($this), 'PREVIEW' => $this->do_preview, 'TITLE' => $title, 'SEPARATE_PREVIEW' => $this->second_stage_preview, 'PING_URL' => $ping_url, 'WARNING_DETAILS' => $warning_details, 'TEXT' => $this->add_text, 'POSTING_FORM' => $posting_form->evaluate(), 'JAVASCRIPT' => $this->javascript)); } else { $fields->attach($fields2); return do_template('FORM_SCREEN', array('_GUID' => '2d70be34595a16c6f170d966b894bfe2' . get_class($this), 'PREVIEW' => $this->do_preview, 'SEPARATE_PREVIEW' => $this->second_stage_preview, 'TITLE' => $title, 'SKIP_VALIDATION' => $this->skip_validation, 'PING_URL' => $ping_url, 'WARNING_DETAILS' => $warning_details, 'HIDDEN' => $hidden, 'TEXT' => $this->edit_text, 'URL' => $post_url, 'FIELDS' => $fields->evaluate(), 'SUBMIT_NAME' => $submit_name, 'JAVASCRIPT' => $this->javascript)); } }
/** * Add comments to the specified resource. * * @param boolean Whether this resource allows comments (if not, this function does nothing - but it's nice to move out this common logic into the shared function) * @param ID_TEXT The type (download, etc) that this commenting is for * @param ID_TEXT The ID of the type that this commenting is for * @param mixed The URL to where the commenting will pass back to (to put into the comment topic header) (URLPATH or Tempcode) * @param ?string The title to where the commenting will pass back to (to put into the comment topic header) (NULL: don't know, but not first post so not important) * @param ?string The name of the forum to use (NULL: default comment forum) * @param boolean Whether to not require a captcha * @param ?BINARY Whether the post is validated (NULL: unknown, find whether it needs to be marked unvalidated initially). This only works with the OCF driver (hence is the last parameter). * @param boolean Whether to force allowance * @param boolean Whether to skip a success message * @param boolean Whether posts made should not be shared * @return boolean Whether a hidden post has been made */ function actualise_post_comment($allow_comments, $content_type, $content_id, $content_url, $content_title, $forum = NULL, $avoid_captcha = false, $validated = NULL, $explicit_allow = false, $no_success_message = false, $private = false) { if (!$explicit_allow) { if (get_option('is_on_comments') == '0' || !$allow_comments) { return false; } if (!has_specific_permission(get_member(), 'comment', get_page_name())) { return false; } } if (running_script('preview')) { return false; } $forum_tie = get_option('is_on_strong_forum_tie') == '1'; if (addon_installed('captcha')) { if (array_key_exists('post', $_POST) && $_POST['post'] != '' && !$avoid_captcha) { require_code('captcha'); enforce_captcha(); } } $post_title = post_param('title', NULL); if (is_null($post_title) && !$forum_tie) { return false; } $post = post_param('post', NULL); if ($post == do_lang('POST_WARNING')) { $post = ''; } if ($post == do_lang('THREADED_REPLY_NOTICE', do_lang('POST_WARNING'))) { $post = ''; } if ($post == '' && $post_title !== '') { $post = $post_title; $post_title = ''; } if ($post === '') { warn_exit(do_lang_tempcode('NO_PARAMETER_SENT', 'post')); } if (is_null($post)) { $post = ''; } $email = trim(post_param('email', '')); if ($email != '') { $body = '> ' . str_replace(chr(10), chr(10) . '> ', $post); if (substr($body, -2) == '> ') { $body = substr($body, 0, strlen($body) - 2); } if (get_page_name() != 'tickets') { $post .= '[staff_note]'; } $post .= "\n\n" . '[email subject="Re: ' . comcode_escape($post_title) . ' [' . get_site_name() . ']" body="' . comcode_escape($body) . '"]' . $email . '[/email]' . "\n\n"; if (get_page_name() != 'tickets') { $post .= '[/staff_note]'; } } $content_title = strip_comcode($content_title); if (is_null($forum)) { $forum = get_option('comments_forum_name'); } $content_url_flat = is_object($content_url) ? $content_url->evaluate() : $content_url; $_parent_id = post_param('parent_id', ''); $parent_id = $_parent_id == '' ? NULL : intval($_parent_id); $poster_name_if_guest = post_param('poster_name_if_guest', ''); list($topic_id, $is_hidden) = $GLOBALS['FORUM_DRIVER']->make_post_forum_topic($forum, $content_type . '_' . $content_id, get_member(), $post_title, $post, $content_title, do_lang('COMMENT'), $content_url_flat, NULL, NULL, $validated, $explicit_allow ? 1 : NULL, $explicit_allow, $poster_name_if_guest, $parent_id, false, !$private && $post != '' ? 'comment_posted' : NULL, !$private && $post != '' ? $content_type . '_' . $content_id : NULL); if (!is_null($topic_id)) { if (!is_integer($forum)) { $forum_id = $GLOBALS['FORUM_DRIVER']->forum_id_from_name($forum); } else { $forum_id = (int) $forum; } if (get_forum_type() == 'ocf' && !is_null($GLOBALS['LAST_POST_ID'])) { $extra_review_ratings = array(); global $REVIEWS_STRUCTURE; if (array_key_exists($content_type, $REVIEWS_STRUCTURE)) { $reviews_rating_criteria = $REVIEWS_STRUCTURE[$content_type]; } else { $reviews_rating_criteria[] = ''; } foreach ($reviews_rating_criteria as $rating_type) { // Has there actually been any rating? $rating = post_param_integer('review_rating__' . fix_id($rating_type), NULL); if (!is_null($rating)) { if ($rating > 10 || $rating < 1) { log_hack_attack_and_exit('VOTE_CHEAT'); } $GLOBALS['SITE_DB']->query_insert('review_supplement', array('r_topic_id' => $GLOBALS['LAST_TOPIC_ID'], 'r_post_id' => $GLOBALS['LAST_POST_ID'], 'r_rating_type' => $rating_type, 'r_rating_for_type' => $content_type, 'r_rating_for_id' => $content_id, 'r_rating' => $rating)); } } } } if (!$private && $post != '') { list(, $submitter, , $safe_content_url, $cma_info) = get_details_behind_feedback_code($content_type, $content_id); $content_type_title = $content_type; if (!is_null($cma_info) && isset($cma_info['content_type_label'])) { $content_type_title = do_lang($cma_info['content_type_label']); } // Notification require_code('notifications'); $username = $GLOBALS['FORUM_DRIVER']->get_username(get_member()); $subject = do_lang('NEW_COMMENT_SUBJECT', get_site_name(), $content_title == '' ? ocp_mb_strtolower($content_type_title) : $content_title, array($post_title, $username), get_site_default_lang()); $username = $GLOBALS['FORUM_DRIVER']->get_username(get_member()); $message_raw = do_lang('NEW_COMMENT_BODY', comcode_escape(get_site_name()), comcode_escape($content_title == '' ? ocp_mb_strtolower($content_type_title) : $content_title), array($post_title == '' ? do_lang('NO_SUBJECT') : $post_title, post_param('post'), comcode_escape($content_url_flat), comcode_escape($username)), get_site_default_lang()); dispatch_notification('comment_posted', $content_type . '_' . $content_id, $subject, $message_raw); // Is the user gonna automatically enable notifications for this? if (get_forum_type() == 'ocf') { $auto_monitor_contrib_content = $GLOBALS['OCF_DRIVER']->get_member_row_field(get_member(), 'm_auto_monitor_contrib_content'); if ($auto_monitor_contrib_content == 1) { enable_notifications('comment_posted', $content_type . '_' . $content_id); } } // Activity $real_content_type = convert_ocportal_type_codes('feedback_type_code', $content_type, 'cma_hook'); if (may_view_content_behind_feedback_code($GLOBALS['FORUM_DRIVER']->get_guest_id(), $real_content_type, $content_id)) { if (is_null($submitter)) { $submitter = $GLOBALS['FORUM_DRIVER']->get_guest_id(); } $activity_type = is_null($submitter) || is_guest($submitter) ? '_ADDED_COMMENT_ON' : 'ADDED_COMMENT_ON'; if ($content_title == '') { syndicate_described_activity($activity_type . '_UNTITLED', ocp_mb_strtolower($content_type_title), $content_type_title, '', url_to_pagelink(is_object($safe_content_url) ? $safe_content_url->evaluate() : $safe_content_url), '', '', convert_ocportal_type_codes('feedback_type_code', $content_type, 'addon_name'), 1, NULL, false, $submitter); } else { syndicate_described_activity($activity_type, $content_title, ocp_mb_strtolower($content_type_title), $content_type_title, url_to_pagelink(is_object($safe_content_url) ? $safe_content_url->evaluate() : $safe_content_url), '', '', convert_ocportal_type_codes('feedback_type_code', $content_type, 'addon_name'), 1, NULL, false, $submitter); } } } if ($post != '' && $forum_tie && !$no_success_message) { require_code('site2'); assign_refresh($GLOBALS['FORUM_DRIVER']->topic_url($GLOBALS['FORUM_DRIVER']->find_topic_id_for_topic_identifier($forum, $content_type . '_' . $content_id), $forum), 0.0); } if ($post != '' && !$no_success_message) { attach_message(do_lang_tempcode('SUCCESS')); } return $is_hidden; }
/** * The actualiser for recommending the site. * * @return tempcode The UI. */ function actual() { breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('RECOMMEND_SITE')))); $name = post_param('name'); $message = post_param('message'); $recommender_email_address = post_param('recommender_email_address'); $invite = false; if (addon_installed('captcha')) { require_code('captcha'); enforce_captcha(); } require_code('type_validation'); $email_adrs_to_send = array(); $names_to_send = array(); foreach ($_POST as $key => $email_address) { if (substr($key, 0, 14) != 'email_address_') { continue; } if ($email_address == '') { continue; } if (get_magic_quotes_gpc()) { $email_address = stripslashes($email_address); } if (!is_valid_email_address($email_address)) { attach_message(do_lang_tempcode('INVALID_EMAIL_ADDRESS'), 'warn'); return $this->gui(); } else { $email_adrs_to_send[] = $email_address; $names_to_send[] = $email_address; } if (is_guest()) { break; } } $adrbook_emails = array(); $adrbook_names = array(); $adrbook_use_these = array(); foreach ($_POST as $key => $email_address) { if (preg_match('#details_email_|details_name_|^use_details_#', $key) == 0) { continue; } if (preg_match('#details_email_#', $key) != 0) { if (get_magic_quotes_gpc()) { $email_address = stripslashes($email_address); } if (is_valid_email_address($email_address)) { $curr_num = intval(preg_replace('#details_email_#', '', $key)); $adrbook_emails[$curr_num] = $email_address; } } if (preg_match('#details_name_#', $key)) { $curr_num = intval(preg_replace('#details_name_#', '', $key)); $adrbook_names[$curr_num] = $email_address; } if (preg_match('#^use_details_#', $key)) { $curr_num = intval(preg_replace('#use_details_#', '', $key)); $adrbook_use_these[$curr_num] = $curr_num; } } //add emails from address book file foreach ($adrbook_use_these as $key => $value) { $cur_email = array_key_exists($key, $adrbook_emails) && strlen($adrbook_emails[$key]) > 0 ? $adrbook_emails[$key] : ''; $cur_name = array_key_exists($key, $adrbook_names) && strlen($adrbook_names[$key]) > 0 ? $adrbook_names[$key] : ''; if (strlen($cur_email) > 0) { $email_adrs_to_send[] = $cur_email; $names_to_send[] = strlen($cur_name) > 0 ? $cur_name : $cur_email; } } if (count($email_adrs_to_send) == 0) { warn_exit(do_lang_tempcode('ERROR_NO_CONTACTS_SELECTED')); } foreach ($email_adrs_to_send as $key => $email_address) { if (get_magic_quotes_gpc()) { $email_address = stripslashes($email_address); } if (post_param_integer('wrap_message', 0) == 1) { $title = get_page_title('_RECOMMEND_SITE', true, array(escape_html(get_site_name()))); $referring_username = is_guest() ? NULL : get_member(); $_url = post_param_integer('invite', 0) == 1 ? build_url(array('page' => 'join', 'email_address' => $email_address, 'keep_referrer' => $referring_username), get_module_zone('join')) : build_url(array('page' => '', 'keep_referrer' => $referring_username), ''); $url = $_url->evaluate(); $join_url = $GLOBALS['FORUM_DRIVER']->join_url(); $_message = do_lang(post_param_integer('invite', 0) == 1 ? 'INVITE_MEMBER_MESSAGE' : 'RECOMMEND_MEMBER_MESSAGE', $name, $url, array(get_site_name(), $join_url)) . $message; } else { $title = get_page_title('RECOMMEND_LINK'); $_message = $message; } if (may_use_invites() && get_forum_type() == 'ocf' && !is_guest() && post_param_integer('invite', 0) == 1) { $invites = get_num_invites(get_member()); if ($invites > 0) { send_recommendation_email($name, $email_address, $_message, true, $recommender_email_address, post_param('subject', NULL), $names_to_send[$key]); $GLOBALS['FORUM_DB']->query_insert('f_invites', array('i_inviter' => get_member(), 'i_email_address' => $email_address, 'i_time' => time(), 'i_taken' => 0)); $invite = true; } } elseif (get_option('is_on_invites') == '0' && get_forum_type() == 'ocf') { $GLOBALS['FORUM_DB']->query_insert('f_invites', array('i_inviter' => get_member(), 'i_email_address' => $email_address, 'i_time' => time(), 'i_taken' => 0)); } if (!$invite) { send_recommendation_email($name, $email_address, $_message, false, $recommender_email_address, post_param('subject', NULL), $names_to_send[$key]); } } breadcrumb_set_self(do_lang_tempcode('DONE')); return inform_screen($title, do_lang_tempcode('RECOMMENDATION_MADE')); }