/** * Event callback after triggering "user_forum_post_created". * * @param array $info * Details about forum post. */ function nodejs_forum_event_user_forum_post_created_callback($info) { $postID = intval(vartrue($info['data']['post_id'], 0)); $postUserID = intval(vartrue($info['data']['post_user'], 0)); $postThreadID = intval(vartrue($info['data']['post_thread'], 0)); if ($postID === 0 || $postThreadID === 0) { return; } // Get forum plugin preferences. $plugForumPrefs = e107::getPlugConfig('forum')->getPref(); $db = e107::getDb(); // Load thread. $thread = $db->retrieve('forum_thread', '*', 'thread_id = ' . $postThreadID); $threadUser = intval(vartrue($thread['thread_user'], 0)); // Load forum to check (read) permission. $forum = $db->retrieve('forum', '*', 'forum_id = ' . intval(vartrue($thread['thread_forum_id'], 0))); // Author of the forum post. $authorPost = e107::user($postUserID); // Author of the forum topic. $authorThread = e107::user($threadUser); e107_require_once(e_PLUGIN . 'nodejs/nodejs.main.php'); $template = e107::getTemplate('nodejs_forum'); $sc = e107::getScBatch('nodejs_forum', true); $tp = e107::getParser(); // Get topic page number. $postNum = $db->count('forum_post', '(*)', "WHERE post_id <= " . $postID . " AND post_thread = " . $postThreadID . " ORDER BY post_id ASC"); $postPage = ceil($postNum / vartrue($plugForumPrefs['postspage'], 10)); // Push rendered row item into Latest Forum Posts menu. $sc_vars = array('author' => $authorPost, 'post' => $info['data'], 'thread' => $thread, 'topicPage' => $postPage); $sc->setVars($sc_vars); $markup = $tp->parseTemplate($template['MENU']['RECENT']['ITEM'], true, $sc); $message = (object) array('broadcast' => true, 'channel' => 'nodejs_notify', 'callback' => 'nodejsForumMenu', 'type' => 'latestForumPosts', 'markup' => $markup); nodejs_enqueue_message($message); // Broadcast logged in users to inform about new forum post created. if ($authorPost) { $sc->setVars($sc_vars); $markup = $tp->parseTemplate($template['NOTIFICATION']['POST_ALL'], true, $sc); // It's a public forum, so broadcast every online user. if (intval(vartrue($forum['forum_class'], 0)) === 0) { $message = (object) array('broadcast' => true, 'channel' => 'nodejs_notify', 'callback' => 'nodejsForum', 'type' => 'newForumPostAny', 'markup' => $markup, 'exclude' => $postUserID); nodejs_enqueue_message($message); } else { $forumClass = vartrue($forum['forum_class'], 0); $db->select('nodejs_presence'); while ($row = $db->fetch()) { if (isset($row['uid']) && check_class($forumClass, null, $row['uid'])) { $message = (object) array('channel' => 'nodejs_user_' . $row['uid'], 'callback' => 'nodejsForum', 'type' => 'newForumPostAny', 'markup' => $markup, 'exclude' => $postUserID); nodejs_enqueue_message($message); } } } } // Broadcast logged in (thread-author) user to inform about new forum post created in his/her topic. if (isset($authorThread['user_id'])) { $sc->setVars($sc_vars); $markup = $tp->parseTemplate($template['NOTIFICATION']['POST_OWN'], true, $sc); $message = (object) array('channel' => 'nodejs_user_' . $authorThread['user_id'], 'callback' => 'nodejsForum', 'type' => 'newForumPostOwn', 'markup' => $markup, 'exclude' => $postUserID); nodejs_enqueue_message($message); } }
function sc_link_navigator($parm = '') { global $rs; $frm = e107::getForm(); $mains = ""; if (vartrue($this->plugPrefs['link_navigator_frontpage'])) { $mains .= '<li><a class="btn btn-default" href="' . e107::url('links_page', 'index') . '">' . LAN_LINKS_14 . '</a></li>'; } if (vartrue($this->plugPrefs['link_navigator_refer'])) { $mains .= '<li><a class="btn btn-default" href="' . e107::url('links_page', 'top') . '">' . LAN_LINKS_12 . '</a></li>'; } if (vartrue($this->plugPrefs['link_navigator_rated']) && vartrue($this->plugPrefs['link_rating'])) { $mains .= '<li><a class="btn btn-default" href="' . e107::url('links_page', 'rated') . '">' . LAN_LINKS_13 . '</a></li>'; } if (vartrue($this->plugPrefs['link_navigator_category'])) { $mains .= '<li><a class="btn btn-default" href="' . e107::url('links_page', 'allcats') . '">' . LAN_LINKS_43 . '</a></li>'; } if (vartrue($this->plugPrefs['link_navigator_links'])) { $mains .= '<li><a class="btn btn-default" href="' . e107::url('links_page', 'alllinks') . '">' . LAN_LINKS_51 . '</a></li>'; } if (vartrue($this->plugPrefs['link_navigator_submit']) && vartrue($this->plugPrefs['link_submit']) && check_class($this->plugPrefs['link_submit_class'])) { $mains .= '<li><a class="btn btn-default" href="' . e107::url('links_page', 'submit') . '">' . LAN_LINKS_27 . '</a></li>'; } if (vartrue($this->plugPrefs['link_navigator_manager']) && vartrue($this->plugPrefs['link_manager']) && check_class($this->plugPrefs['link_manager_class'])) { $mains .= '<li><a class="btn btn-default" href="' . e107::url('links_page', 'manage') . '">' . LAN_LINKS_35 . '</a></li>'; } return $mains; }
function init() { if (!empty($_GET['filter'])) { $action = $_GET['filter']; $this->adminMenu['main/' . $action]['selected'] = true; } $pref = e107::pref('faqs'); $this->access = array('main/create' => varset($pref['admin_faq_create'], e_UC_ADMIN), 'main/edit' => varset($pref['admin_faq_edit'], e_UC_ADMIN), 'main/delete' => varset($pref['admin_faq_delete'], e_UC_ADMIN), 'cat/list' => check_class($pref['admin_cat_create']) || check_class($pref['admin_cat_edit']) ? e_UC_ADMIN : e_UC_NOBODY, 'cat/create' => varset($pref['admin_cat_create'], e_UC_ADMIN), 'cat/edit' => varset($pref['admin_cat_edit'], e_UC_ADMIN), 'cat/delete' => varset($pref['admin_cat_delete'], e_UC_ADMIN)); }
function sc_faq_submit_question() { $faqpref = e107::getPlugConfig('faqs')->getPref(); $frm = e107::getForm(); if (check_class($faqpref['add_faq'])) { $text = "<div class='faq-submit-question-container'><a class='e-expandit faq-submit-question' href='faqs.php'>Submit a Question</a>\n\t\t\t<div class='e-hideme faq-submit-question-form'>\n\t\t\t<form method=\"post\" action=\"" . e_SELF . "?cat.{$id}.{$idx}\" id=\"dataform\">\n\t\t\t<div>" . $frm->textarea('ask_a_question', '') . '<br />' . $frm->submit('submit_a_question', 'Go') . "</div>\n\t\t\t</form>\n\t\t\t</div>\n\t\t\t</div>\t\t\t\n\t\t\t"; return $text; } }
function check_allowed($class_id) { global $sql; if (!$sql->db_Select('userclass_classes', '*', "userclass_id = {$class_id}")) { header("location:" . SITEURL); exit; } $row = $sql->db_Fetch(); if (!getperms('0') && !check_class($row['userclass_editclass'])) { header("location:" . SITEURL); exit; } }
public function init() { $ns = e107::getRender(); $uploadAccess = e107::pref('core', 'upload_class'); if (!check_class($uploadAccess)) { $text = "<div style='text-align:center'>" . LAN_UL_002 . "</div>"; $ns->tablerender(LAN_UL_020, $text); return; } if (isset($_POST['upload'])) { $this->processUpload(); return; } $this->renderForm(); }
/** * Render menu contents. */ function renderMenu() { $template = e107::getTemplate('paypal_donation'); $sc = e107::getScBatch('paypal_donation', true); $tp = e107::getParser(); $db = e107::getDb(); $db->select('paypal_donation', '*', 'pd_status = 1 ORDER BY pd_weight ASC'); $text = ''; while ($row = $db->fetch()) { if (check_class($row['pd_visibility']) === true) { $item = array('menu_item' => $row, 'amounts' => $this->getAmounts($row['pd_id']), 'raised' => $this->getRaised($row['pd_id'])); $sc->setVars($item); $text .= $tp->parseTemplate($template['MENU'], true, $sc); } } e107::getRender()->tablerender(LAN_PAYPAL_DONATION_FRONT_01, $text); unset($text); }
/** * Print out upload form elements and/or process submitted uploads. * Your <form> tag must include: enctype='multipart/form-data' - in order to work. * * Example usage: * <code> * // Process uploaded file (sent by the form below), it'll print out message (if any) * if(isset($_POST['etrigger_uploadfiles'])) * { * // NOTE: chmod permissions after upload are set to 0755 * echo e107::getParser()->parseTemplate('{UPLOADFILE='.e_MEDIA.'public|process=1&upload_file_mask=jpg,jpeg,png,gif&upload_final_chmod=493}'); * } * * // Render upload form * echo '<form action="'.e_SELF.'" enctype="multipart/form-data" method="post">'; * echo e107::getParser()->parseTemplate('{UPLOADFILE='.e_MEDIA.'public|nowarn&trigger=etrigger_uploadfiles}'); * echo '</form>'; * </code> * * @todo Human readable *nix like permissions option (upload_final_chmod) e.g. 'rw-rw-r--' --> 0664, 'rwxrwxrwx' --> 0777 * * @param string $parm upload_path|parameters (GET query format) * Available parameters: * - trigger [render] (string): name attribute of upload trigger button, default 'uploadfiles' * - name [render|processing] (string): name of upload (file) field, without array brackets ([]), default 'file_userfile' * - up_container [render] (string): the id attribute of upload container (containing upload field(s)), default 'up_container' * - up_row [render] (string): the id attribute of upload added fields (diuplicates), default 'upline' * - process [render|processing] ('0'|'1' boolean): main shortcode action, 0 - render markup, 1 - process uploaded files, default '0' * - upload_file_mask [processing] (string): 'file_mask' parameter of process_uploaded_files() - comma-separated list of file types which if defined limits the allowed file types to those which are * in both this list and the file specified by the 'filetypes' option. Enables restriction to, for example, image files. {@link process_uploaded_files()), * default is empty string * - upload_filetypes [processing] (string): 'filetypes' parameter of process_uploaded_files() - name of file containing list of valid file types, default is empty string * - upload_extra_file_types [processing] (string): 'extra_file_types' parameter of process_uploaded_files() - '0' (default) rejects totally unknown file extensions; * '1' accepts totally unknown file extensions which are in $options['filetypes'] file; comma-separated list of additional permitted file extensions * - upload_final_chmod [processing] (string): 'final_chmod' parameter of process_uploaded_files() - chmod() to be applied to uploaded files (0644 default). * NOTE: you need to provide number with numerci base of decimal (as a string) which will be auto-converted to octal number * Example: '493' --> 0755; '511' --> 0777 * - upload_max_upload_size [processing] (string): 'max_upload_size' parameter of process_uploaded_files() - maximum size of uploaded files in bytes, * or as a string with a 'multiplier' letter (e.g. 16M) at the end, default is empty string * - upload_overwrite [processing] ('0'|'1' boolean): 'overwrite' parameter of process_uploaded_files() - maximum number of files which can be uploaded - default is '0' (unlimited) * - return_type [processing] ('0'|'message'|'result'): 'message' (default) - return messages (eMessage::render() method); * 'result' - return array generated by process_uploaded_files(); * '0' - return empty string; * NOTE: upload messages are added to 'upload_shortcode' message namespace * <code> * // render messages manually (return_type=0) * echo e107::getMessage()->render('upload_shortcode'); * // OR copy them to the default message namespace * e107::getMessage()->moveStack('upload_shortcode', 'default'); * // Do something... and render all messages * echo e107::getMessage()->render(); * <code> * @return mixed Based on 'return_type' parameter - string or uploaded array result */ function uploadfile_shortcode($parm) { if (!FILE_UPLOADS) { return LAN_UPLOAD_SERVEROFF; } if (USER_AREA === TRUE && !check_class(e107::getPref('upload_class'))) { return LAN_DISABLED; } $parm = explode('|', $parm, 2); $path = $parm[0]; if ($path && !is_writable($path)) { return LAN_UPLOAD_777 . " <b>" . str_replace("../", "", $path) . "</b>"; } $parms = array(); parse_str(varset($parm[1], ''), $parms); $parms = array_merge(array('trigger' => 'uploadfiles', 'name' => 'file_userfile', 'up_container' => 'up_container', 'up_row' => 'upline', 'process' => '0', 'upload_file_mask' => '', 'upload_filetypes' => '', 'upload_extra_file_types' => '0', 'upload_final_chmod' => '', 'upload_max_upload_size' => '0', 'upload_max_file_count' => '0', 'upload_overwrite' => '0', 'return_type' => 'message', 'disable_button' => '0'), $parms); // PROCESS UPLOADED FILES, optional usage by external code if ($parms['process']) { e107_require_once(e_HANDLER . 'upload_handler.php'); $options = array('file_mask' => $parms['upload_file_mask'], 'filetypes' => $parms['upload_filetypes'], 'extra_file_types' => $parms['upload_extra_file_types'] ? true : false, 'final_chmod' => $parms['upload_final_chmod'] ? intval(intval($parms['upload_final_chmod']), 8) : 0644, 'max_upload_size' => $parms['upload_max_upload_size'], 'file_array_name' => $parms['name'], 'max_file_count' => $parms['upload_max_file_count'], 'overwrite' => $parms['upload_overwrite'] ? true : false); $uploaded = process_uploaded_files($path, false, $options); if ($uploaded) { $emessage = e107::getMessage(); foreach ($uploaded as $finfo) { $emessage->addStack($finfo['message'], 'upload_shortcode', $finfo['error'] ? E_MESSAGE_ERROR : E_MESSAGE_SUCCESS); } if ($parms['return_type'] == 'message') { return $emessage->render('upload_shortcode'); } } return $parms['return_type'] == 'result' ? $uploaded : ''; } // RENDER FORM $onclickt = !isset($parms['nowarn']) ? " onclick=\"return jsconfirm('" . LAN_UPLOAD_CONFIRM . "')\"" : ''; $onclickd = " onclick=\"duplicateHTML('{$parms['up_row']}','{$parms['up_container']}');\""; $name = $parms['name'] . '[]'; $text .= "\n\t <!-- Upload Shortcode -->\n\t\t\t<div>\n\t\t\t\t<div class='field-spacer'>\n\t\t\t\t\t<button class='action duplicate' type='button' value='no-value'{$onclickd}><span>" . LAN_UPLOAD_ADDFILE . "</span></button>"; // Media Manager does the submit, not the shortcode. if (!$parms['disable_button']) { $text .= "<button class='upload' type='submit' name='{$parms['trigger']}' value='no-value'{$onclickt}><span>" . LAN_UPLOAD_FILES . "</span></button>"; } $text .= "\n\t\t\t\t</div>\n\t\t\t\t<div id='{$parms['up_container']}'>\n\t\t\t\t\t<div id='{$parms['up_row']}' class='nowrap'>\n\t\t\t\t\t\t<input class='tbox file' type='file' name='{$name}' />\n\t\t\t </div>\n\t\t\t\t</div>\n\t\t\t\t<div class='field-help'>Upload to: <strong>" . str_replace('../', '', $path) . "</strong></div>\n\t\t\t</div>\n\t\t\t<!-- End Upload Shortcode -->\n\t\t"; return $text; }
function check_perm() { global $prefs; if ($prefs['editor_class'] == "admin") { if (ADMIN) { return True; } } elseif ($prefs['editor_class'] == "users") { if (USER) { return True; } } elseif ($prefs['editor_class'] == "all") { return True; } elseif ($prefs['editor_class'] == "admin") { if (ADMIN) { return True; } } elseif (check_class($prefs['editor_class'])) { return True; } else { return False; } }
/** * Display selection dropdown of all user classes * * @param int $class - if its e_UC_MEMBER, all classes are shown. Otherwise only the class matching the value is shown. * @return string */ function class_list($class, $form_name) { global $sql; $text = "<select class='tbox' id='class' name='class' onchange=\"uc_switch('user')\">"; $text .= "<option value=''>" . US_LAN_2 . "</option>"; if (ADMINPERMS == '0' && $class == e_UC_MEMBER) { $text .= "<option value='all'>" . US_LAN_3 . "</option>"; } if ($class == e_UC_MEMBER) { $sql->db_Select("userclass_classes", "userclass_id, userclass_name", "ORDER BY userclass_name", "nowhere"); while ($row = $sql->db_Fetch()) { if (check_class($row['userclass_id']) || ADMINPERMS == '0') { $text .= "<option value='" . $row['userclass_id'] . ":" . $row['userclass_name'] . "'>" . $row['userclass_name'] . "</option>"; } } } else { $sql->db_Select("userclass_classes", "userclass_id, userclass_name", "userclass_id='" . intval($class) . "' ORDER BY userclass_name"); while ($row = $sql->db_Fetch()) { $text .= "<option value='" . $row['userclass_id'] . ":" . $row['userclass_name'] . "'>" . $row['userclass_name'] . "</option>"; } } return $text; }
$text .= '</td>'; if (check_class($pref['eb_teams_create_class']) && $pref['eb_links_showcreateteam'] == 1) { $text .= '<td>'; $text .= '<form action="' . e_PLUGIN . 'ebattles/clancreate.php" method="post">'; $text .= '<div>'; $text .= '<input type="hidden" name="userid" value="' . USERID . '"/>'; $text .= '<input type="hidden" name="username" value="' . USERNAME . '"/>'; $text .= '</div>'; // $text .= ebImageTextButton('createteam', 'add.png', '', 'simple', '', EB_CLANS_L7); $text .= '<div class="buttons"><button style="display:block; float:left; margin:0 0 0 0; padding:0 0 0 0; background-color:transparent; border:0px; font-size:100%; text-decoration:none; font-weight:bold; cursor:pointer;" type="submit" name="createteam" title="' . EB_CLANS_L7 . '"><img src="' . e_PLUGIN . 'ebattles/images/add.png" alt="' . EB_CLANS_L7 . '" style="vertical-align:middle"/></button></div> <div style="clear:both"></div>'; $text .= '</form>'; $text .= '</td>'; } $text .= '</tr>'; if (check_class(e_UC_MEMBER)) { $text .= '<tr>'; $text .= '<td>'; $text .= '<a href="' . $profile_link . '">'; $text .= EB_MENU_L4; $text .= '</a><br />'; $text .= '</td>'; $text .= '</tr>'; /* Get User Information */ $text .= displayUserInfo(USERID, $profile_link); } $text .= '</table>'; $ns->tablerender($ebattles_title, $text); /*************************************************************************************** Functions ***************************************************************************************/
} if (isset($linkspage_pref['link_menu_navigator_links']) && $linkspage_pref['link_menu_navigator_links']) { if (isset($linkspage_pref['link_menu_navigator_rendertype']) && $linkspage_pref['link_menu_navigator_rendertype'] == "1") { $mains .= $rs->form_option(LCLAN_OPT_68, "0", e107::url('links_page', 'alllinks'), ""); } else { $mains .= $bullet . " <a href='" . e107::url('links_page', 'alllinks') . "'>" . LCLAN_OPT_68 . "</a><br />"; } } if (isset($linkspage_pref['link_menu_navigator_submit']) && $linkspage_pref['link_menu_navigator_submit'] && isset($linkspage_pref['link_submit']) && $linkspage_pref['link_submit'] && check_class($linkspage_pref['link_submit_class'])) { if (isset($linkspage_pref['link_menu_navigator_rendertype']) && $linkspage_pref['link_menu_navigator_rendertype'] == "1") { $mains .= $rs->form_option(LAN_LINKS_27, "0", e107::url('links_page', 'submit'), ""); } else { $mains .= $bullet . " <a href='" . e107::url('links_page', 'submit') . "'>" . LAN_LINKS_27 . "</a><br />"; } } if (isset($linkspage_pref['link_menu_navigator_manager']) && $linkspage_pref['link_menu_navigator_manager'] && isset($linkspage_pref['link_manager']) && $linkspage_pref['link_manager'] && check_class($linkspage_pref['link_manager_class'])) { if (isset($linkspage_pref['link_menu_navigator_rendertype']) && $linkspage_pref['link_menu_navigator_rendertype'] == "1") { $mains .= $rs->form_option(LCLAN_ITEM_35, "0", e107::url('links_page', 'manage'), ""); } else { $mains .= $bullet . " <a href='" . e107::url('links_page', 'manage') . "'>" . LCLAN_ITEM_35 . "</a><br />"; } } if ($mains) { $cap = isset($linkspage_pref['link_menu_navigator_caption']) && $linkspage_pref['link_menu_navigator_caption'] ? $linkspage_pref['link_menu_navigator_caption'] : LCLAN_OPT_82; if (isset($linkspage_pref['link_menu_navigator_rendertype']) && $linkspage_pref['link_menu_navigator_rendertype'] == "1") { $selectjs = "style='width:100%;' onchange=\"if(this.options[this.selectedIndex].value != ''){ return document.location=this.options[this.selectedIndex].value; }\" "; $text .= $rs->form_select_open("navigator", $selectjs); $text .= $rs->form_option($cap, "0", "", ""); $text .= $mains; $text .= $rs->form_select_close(); $text .= "<br />";
function parse_parent($parent) { if (!check_class($parent['forum_postclass'])) { $status = '(' . LAN_FORUM_0056 . ')'; } return vartrue($status); }
} $qry = "\n\t\t\tSELECT t.thread_name, f.forum_name, f.forum_class from #forum_t AS t\n\t\t\tLEFT JOIN #forum AS f ON f.forum_id = t.thread_forum_id\n\t\t\tWHERE t.thread_id = " . intval($tmp[0]); $sql->db_Select_gen($qry); $forum = $sql->db_Fetch(); $online_location_page = ONLINE_EL13 . " .:. " . $forum['forum_name'] . "->" . ONLINE_EL14 . " .:. " . $forum['thread_name'] . "->" . ONLINE_EL15 . ": " . $t_page; $online_location = str_replace("php.", "php?", $online_location); if (!check_class($forum['forum_class'])) { $class_check = FALSE; $online_location_page = ONLINE_EL13 . ": \"" . CLASSRESTRICTED . "\""; } } elseif (strstr($online_location, "_viewforum")) { $sql->db_Select("forum", "forum_name, forum_class", "forum_id=" . intval($tmp[0])); $forum = $sql->db_Fetch(); $online_location_page = ONLINE_EL13 . " .:. " . $forum['forum_name']; $online_location = str_replace("php.", "php?", $online_location); if (!check_class($forum['forum_class'])) { $class_check = FALSE; $online_location_page = ONLINE_EL13 . ": \"" . CLASSRESTRICTED . "\""; } } elseif (strstr($online_location, "_post")) { $sql->db_Select("forum_t", "thread_name, thread_forum_id", "thread_forum_id=" . intval($tmp[0]) . " AND thread_parent=0"); $forum_t = $sql->db_Fetch(); $sql->db_Select("forum", "forum_name", "forum_id=" . $forum_t['thread_forum_id']); $forum = $sql->db_Fetch(); $online_location_page = ONLINE_EL12 . ": " . ONLINE_EL13 . " .:. " . $forum['forum_name'] . "->" . ONLINE_EL14 . " .:. " . $forum_t['thread_name']; $online_location = e_PLUGIN . "forum/forum_viewtopic.php?{$tmp['0']}.{$tmp['1']}"; } } if (strstr($online_location, "admin")) { $class_check = FALSE; $online_location_page = ADMINAREA;
if ($pref['cb_emote'] && $pref['smiley_activate']) { $texta .= "\n\t\t<input class='btn btn-default button' type='button' style='cursor:pointer' size='30' value='" . CHATBOX_L14 . "' onclick=\"expandit('emote')\" />\n\t\t<div class='well' style='display:none' id='emote'>" . r_emote() . "</div>\n"; } $texta .= "</div>\n</form>\n"; } if ($emessage != "") { $texta .= "<div style='text-align:center'><b>" . $emessage . "</b></div>"; } if (!($text = $e107cache->retrieve("nq_chatbox"))) { global $pref, $tp; $pref['chatbox_posts'] = $pref['chatbox_posts'] ? $pref['chatbox_posts'] : 10; $chatbox_posts = $pref['chatbox_posts']; if (!isset($pref['cb_mod'])) { $pref['cb_mod'] = e_UC_ADMIN; } define("CB_MOD", check_class($pref['cb_mod'])); $qry = "\n\tSELECT c.*, u.user_name, u.user_image FROM #chatbox AS c\n\tLEFT JOIN #user AS u ON SUBSTRING_INDEX(c.cb_nick,'.',1) = u.user_id\n\tORDER BY c.cb_datestamp DESC LIMIT 0, " . intval($chatbox_posts); global $CHATBOXSTYLE; if ($CHATBOXSTYLE) { $legacySrch = array('{USERNAME}', '{MESSAGE}', '{TIMEDATE}'); $legacyRepl = array('{CB_USERNAME}', '{CB_MESSAGE}', '{CB_TIMEDATE}'); $CHATBOX_TEMPLATE['start'] = ""; $CHATBOX_TEMPLATE['item'] = str_replace($legacySrch, $legacyRepl, $CHATBOXSTYLE); $CHATBOX_TEMPLATE['end'] = ""; } else { $tp->parseTemplate("{SETIMAGE: w=40}", true); // set thumbnail size. // FIXME - move to template $CHATBOX_TEMPLATE['start'] = "<ul class='media-list unstyled'>"; $CHATBOX_TEMPLATE['item'] = "<li class='media'>\n\t\t\t\t\t\t\t\t\t\t<span class='media-object pull-left'>{CB_AVATAR}</span> \n\t\t\t\t\t\t\t\t\t\t<div class='media-body'><b>{CB_USERNAME}</b> \n\t\t\t\t\t\t\t\t\t\t<small class='muted smalltext'>{CB_TIMEDATE}</small><br />\n\t\t\t\t\t\t\t\t\t\t<p>{CB_MESSAGE}</p>\n\t\t\t\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t\t\t\t\t</li>\n"; $CHATBOX_TEMPLATE['end'] = "</ul>";
function renderLatestComments() { $sql = e107::getDb(); $tp = e107::getParser(); if (!check_class('B')) { // return; } if (!($rows = $sql->retrieve('comments', '*', 'comment_blocked=2 ORDER BY comment_id DESC LIMIT 25', true))) { return null; } $sc = e107::getScBatch('comment'); $text = ' <ul class="media-list unstyled">'; // <button class='btn btn-mini'><i class='icon-pencil'></i> Edit</button> //XXX Always keep template hardcoded here - heavy use of ajax and ids. $count = 1; foreach ($rows as $row) { $hide = $count > 3 ? ' hide' : ''; $TEMPLATE = "{SETIMAGE: w=40&h=40}\n\t\t\t<li id='comment-" . $row['comment_id'] . "' class='media" . $hide . "'>\n\t\t\t\t<span class='media-object pull-left'>{USER_AVATAR=" . $row['comment_author_id'] . "}</span> \n\t\t\t\t<div class='btn-group pull-right'>\n\t \t<button data-target='" . e_BASE . "comment.php' data-comment-id='" . $row['comment_id'] . "' data-comment-action='delete' class='btn btn-sm btn-mini btn-danger'><i class='icon-remove'></i> Delete</button>\n\t \t<button data-target='" . e_BASE . "comment.php' data-comment-id='" . $row['comment_id'] . "' data-comment-action='approve' class='btn btn-sm btn-mini btn-success'><i class='icon-ok'></i> Approve</button>\n\t </div>\n\t\t\t\t<div class='media-body'><small class='muted smalltext'>Posted by {USERNAME} {TIMEDATE=relative}</small><br />\n\t\t\t\t\t<p>{COMMENT}</p> \n\t\t\t\t</div>\n\t\t\t\t</li>"; //TODO LAN for 'Posted by [x] '; $sc->setVars($row); $text .= $tp->parseTemplate($TEMPLATE, true, $sc); $count++; } $text .= ' </ul> <div class="right"> <a class="btn btn-mini btn-primary text-right" href="' . e_ADMIN . 'comment.php?searchquery=&filter_options=comment_blocked__2">View all</a> </div> '; // $text .= "<small class='text-center text-warning'>Note: Not fully functional at the moment.</small>"; $ns = e107::getRender(); return $ns->tablerender("Latest Comments", $text, 'core-infopanel_online', true); }
/** * Validate all user-modifable extended user fields which are presented. * Primarily intended to validate data entered by a user or admin * * @param array $inArray is the input data (usually from $_POST or $_POST['ue'], although doesn't have to be) - may have 'surplus' values * @param array $hideArray is a set of possible 'hide' flags * @param boolean $isSignup TRUE causes required fields to be specifically checked, else only data passed is checked * * @return array with three potential subkeys: * 'data' - valid data values (key is field name) * ['data']['user_hidden_fields'] is the hidden fields * 'errors' - data values in error * 'errortext' - error message corresponding to erroneous value * * @todo - does $hidden_fields need to be merged with values for fields not processed? (Probably not - should only relate to fields current user can see) * @todo - make sure admin can edit fields of other users */ public function userExtendedValidateAll($inArray, $hideArray, $isSignup = FALSE) { $tp = e107::getParser(); $eufVals = array(); // 'Answer' array $hideFlags = array(); foreach ($this->fieldDefinitions as $k => $defs) { $category = $defs['user_extended_struct_parent']; if ($category == 0 || $isSignup && (int) $this->catDefinitions[$category]['user_extended_struct_applicable'] === (int) e_UC_MEMBER && (int) $this->catDefinitions[$category]['user_extended_struct_write'] === (int) e_UC_MEMBER || check_class($this->catDefinitions[$category]['user_extended_struct_applicable']) && check_class($this->catDefinitions[$category]['user_extended_struct_write'])) { // Category applicable to user if ($isSignup && (int) $defs['user_extended_struct_applicable'] === (int) e_UC_MEMBER && (int) $defs['user_extended_struct_write'] === (int) e_UC_MEMBER || check_class($defs['user_extended_struct_applicable']) && check_class($defs['user_extended_struct_write'])) { // User can also update field $f = 'user_' . $defs['user_extended_struct_name']; if (isset($inArray[$f]) || $isSignup && $defs['user_extended_struct_required'] == 1) { // Only allow valid keys $val = varset($inArray[$f], FALSE); $err = $this->user_extended_validate_entry($val, $defs); if ($err === true) { // General error - usually empty field; could be unacceptable value, or regex fail and no error message defined $eufVals['errortext'][$f] = str_replace('--SOMETHING--', $tp->toHtml(defset($defs['user_extended_struct_text'], $defs['user_extended_struct_text']), FALSE, 'defs'), LAN_USER_75); $eufVals['errors'][$f] = ERR_GENERIC; } elseif ($err) { // Specific error message returned - usually regex fail $eufVals['errortext'][$f] = $err; $eufVals['errors'][$f] = ERR_GENERIC; } elseif (!$err) { $eufVals['data'][$f] = $tp->toDB($val); } if (isset($hideArray[$f])) { $hideFlags[] = $f; } } } } } $hidden_fields = implode('^', $hideFlags); if ($hidden_fields != '') { $hidden_fields = '^' . $hidden_fields . '^'; } $eufVals['data']['user_hidden_fields'] = $hidden_fields; return $eufVals; }
function displayPersonalManager() { global $qs, $lc, $link_shortcodes, $cobj, $row, $from, $linkspage_pref; $db = e107::getDb(); $db2 = e107::getDb('db2'); $template = e107::getTemplate('links_page', 'links_page'); $tp = e107::getParser(); if (!(isset($linkspage_pref['link_manager']) && $linkspage_pref['link_manager'])) { //jsx_location(e107::url('links_page', 'index')); $url = e107::url('links_page', 'index'); e107::getRedirect()->go($url); } //delete link if (isset($linkspage_pref['link_directdelete']) && $linkspage_pref['link_directdelete']) { if (isset($_POST['delete'])) { $tmp = array_pop(array_flip($_POST['delete'])); list($delete, $del_id) = explode("_", $tmp); } if (isset($delete) && $delete == 'main') { $db->select("links_page", "link_category, link_order, link_author", "link_id='" . intval($del_id) . "'"); // Get the position of target in the order $row = $db->fetch(); if ($row['link_author'] != USERID) { e107::redirect(); exit; } $db->select("links_page", "link_id", "link_order>'" . $row['link_order'] . "' && link_category='" . intval($row['link_category']) . "'"); while ($row = $db->fetch()) { $db2->update("links_page", "link_order=link_order-1 WHERE link_id='" . $row['link_id'] . "'"); } if ($db->delete("links_page", "link_id='" . intval($del_id) . "'")) { $mes->addSuccess(LCLAN_ADMIN_10 . " #" . $del_id . " " . LCLAN_ADMIN_11); } } } //show existing links if (!check_class($linkspage_pref['link_manager_class'])) { //jsx_location(e107::url('links_page', 'index')); $url = e107::url('links_page', 'index'); e107::getRedirect()->go($url); } else { $qry = "\n\t\tSELECT l.*, lc.*\n\t\tFROM #links_page AS l\n\t\tLEFT JOIN #links_page_cat AS lc ON lc.link_category_id = l.link_category\n\t\tWHERE /* l.link_active = 1 AND */ l.link_author = '" . USERID . "'\n\t\tORDER BY l.link_name\n\t\t"; $link_table_manage = ""; if (!($manager_total = $db->gen($qry))) { $text = LAN_LINKS_MANAGER_4; } else { $link_table_manage_start = $tp->parseTemplate($template['LINK_TABLE_MANAGE_START'], FALSE, $link_shortcodes); while ($row = $db->fetch()) { $link_shortcodes->setVars($row); $link_table_manage .= $tp->parseTemplate($template['LINK_TABLE_MANAGE'], FALSE, $link_shortcodes); } $link_table_manage_end = $tp->parseTemplate($template['LINK_TABLE_MANAGE_END'], FALSE, $link_shortcodes); $text = $link_table_manage_start . $link_table_manage . $link_table_manage_end; } $navigator = displayNavigator(); $text = $navigator . $text; e107::getRender()->tablerender(LAN_LINKS_35, $text); //show link create $lc->show_link_create(); } return; }
// ---------------------- // build the yearselector // ---------------------- $year_selector = "<div class='forumheader' style='text-align: center; margin-bottom: 2px;'>"; $year_selector .= "" . BLOGCAL_ARCHIV1 . ": <select name='activate' onchange='urljump(this.options[selectedIndex].value)' class='tbox'>\n"; for ($i = $start_year; $i <= $end_year; $i++) { $start = mktime(0, 0, 0, 1, 1, intval($req_year)); $end = mktime(23, 59, 59, 12, 31, intval($req_year)); // create the option entry $year_link = $prefix . "/archive.php?year." . $i; $year_selector .= "<option value='" . $year_link . "'"; if ($i == $req_year) { $year_selector .= " selected='selected'"; if ($bcSql->db_Select("news", "news_id, news_datestamp, news_class", "news_datestamp > {$start} AND news_datestamp < {$end}")) { while ($news = $bcSql->db_Fetch()) { if (check_class($news['news_class'])) { list($xmonth, $xday) = explode(" ", date("n j", $news['news_datestamp'])); if (!$day_links[$xmonth][$xday]) { $day_links[$xmonth][$xday] = e107::getUrl()->create('news/list/day', 'id=' . formatDate($req_year, $xmonth, $xday)); } } } } } $year_selector .= ">" . $i . "</option>\n"; } $year_selector .= "</select>\n</div>"; // -------------------------- // create the archive display // -------------------------- $newline = 0;
$clean_authorname = vartrue($_POST['author_name'], USERNAME); $clean_comment = $_POST['comment']; $clean_subject = $_POST['subject']; $_SESSION['comment_author_name'] = $clean_authorname; $row['comment_pid'] = $pid; $row['comment_item_id'] = intval($_POST['itemid']); $row['comment_type'] = e107::getComment()->getCommentType($tp->toDB($_POST['table'], true)); $row['comment_subject'] = $tp->toDB($_POST['subject']); $row['comment_comment'] = $tp->toDB($_POST['comment']); $row['user_image'] = USERIMAGE; $row['user_id'] = USERID ? USERID : 0; $row['user_name'] = USERNAME; $row['comment_author_name'] = $tp->toDB($clean_authorname); $row['comment_author_id'] = USERID ? USERID : 0; $row['comment_datestamp'] = time(); $row['comment_blocked'] = check_class($pref['comments_moderate']) ? 2 : 0; $row['comment_share'] = $_POST['comment_share']; $newid = e107::getComment()->enter_comment($row); // $newid = e107::getComment()->enter_comment($clean_authorname, $clean_comment, $_POST['table'], intval($_POST['itemid']), $pid, $clean_subject); if (is_numeric($newid) && $_GET['mode'] == 'submit') { $row['comment_id'] = $newid; $width = $pid ? 1 : 0; $ret['html'] = "\n<!-- Appended -->\n<li>"; $ret['html'] .= e107::getComment()->render_comment($row, 'comments', 'comment', intval($_POST['itemid']), $width); $ret['html'] .= "</li>\n<!-- end Appended -->\n"; $ret['error'] = false; } else { $ret['error'] = true; $ret['msg'] = $newid; } echo json_encode($ret);
/** * Converts the supplied text (presumed to be from user input) to a format suitable for storing in a database table. * * @param string $data * @param boolean $nostrip [optional] Assumes all data is GPC ($_GET, $_POST, $_COOKIE) unless indicate otherwise by setting this var to TRUE. * If magic quotes is enabled on the server and you do not tell toDB() that the data is non GPC then slashes will be stripped when they should not be. * @param boolean $no_encode [optional] This parameter should nearly always be FALSE. It is used by the save_prefs() function to preserve HTML content within prefs even when * the save_prefs() function has been called by a non admin user / user without html posting permissions. * @param boolean $mod [optional] The 'no_html' and 'no_php' modifiers blanket prevent HTML and PHP posting regardless of posting permissions. (used in logging) * The 'pReFs' value is for internal use only, when saving prefs, to prevent sanitisation of HTML. * @param boolean $original_author [optional] * @return string * @todo complete the documentation of this essential method */ public function toDB($data, $nostrip = FALSE, $no_encode = FALSE, $mod = FALSE, $original_author = FALSE) { $core_pref = e107::getConfig(); if (is_array($data)) { foreach ($data as $key => $var) { //Fix - sanitize keys as well $ret[$this->toDB($key, $nostrip, $no_encode, $mod, $original_author)] = $this->toDB($var, $nostrip, $no_encode, $mod, $original_author); } return $ret; } if (MAGIC_QUOTES_GPC == TRUE && $nostrip == FALSE) { $data = stripslashes($data); } if ($mod != 'pReFs') { $data = $this->preFilter($data); if (!check_class($core_pref->get('post_html', e_UC_MAINADMIN)) || !check_class($core_pref->get('post_script', e_UC_MAINADMIN))) { $data = $this->dataFilter($data); } } if (check_class($core_pref->get('post_html'))) { $no_encode = TRUE; } if ($core_pref->get('html_abuse')) { if ($this->htmlAbuseFilter($data)) { $no_encode = FALSE; } } if (is_numeric($original_author) && !check_class($core_pref->get('post_html'), '', $original_author)) { $no_encode = FALSE; } if ($no_encode === TRUE && strpos($mod, 'no_html') === FALSE) { $search = array('$', '"', "'", '\\', '<?'); $replace = array('$', '"', ''', '\', '<?'); $ret = str_replace($search, $replace, $data); } else { $data = htmlspecialchars($data, ENT_QUOTES, 'UTF-8'); $data = str_replace('\\', '\', $data); $ret = preg_replace("/&#(\\d*?);/", "&#\\1;", $data); } // XXX - php_bbcode pref missing? if (strpos($mod, 'no_php') !== FALSE || !check_class($core_pref->get('php_bbcode'))) { $ret = preg_replace("#\\[(php)#i", "[\\1", $ret); } return $ret; }
/** * Render Field Value * @param string $field field name * @param mixed $value field value * @param array $attributes field attributes including render parameters, element options - see e_admin_ui::$fields for required format * @return string */ function renderValue($field, $value, $attributes, $id = 0) { if (!empty($attributes['multilan']) && is_array($value)) { $value = varset($value[e_LANGUAGE], ''); } $parms = array(); if (isset($attributes['readParms'])) { if (!is_array($attributes['readParms'])) { parse_str($attributes['readParms'], $attributes['readParms']); } $parms = $attributes['readParms']; } if (vartrue($attributes['inline'])) { $parms['editable'] = true; } // attribute alias if (vartrue($attributes['sort'])) { $parms['sort'] = true; } // attribute alias if (!empty($parms['type'])) { $attributes['type'] = $parms['type']; } $this->renderValueTrigger($field, $value, $parms, $id); $tp = e107::getParser(); switch ($field) { case 'options': if (varset($attributes['type']) == "method") { $attributes['mode'] = "read"; if (isset($attributes['method']) && $attributes['method'] && method_exists($this, $attributes['method'])) { $method = $attributes['method']; return $this->{$method}($parms, $value, $id, $attributes); } elseif (method_exists($this, 'options')) { //return $this->options($field, $value, $attributes, $id); // consistent method arguments, fixed in admin cron administration return $this->options($parms, $value, $id, $attributes); // OLD breaks admin->cron 'options' column } } if (!$value) { parse_str(str_replace('&', '&', e_QUERY), $query); //FIXME - FIX THIS // keep other vars in tact $query['action'] = 'edit'; $query['id'] = $id; //$edit_query = array('mode' => varset($query['mode']), 'action' => varset($query['action']), 'id' => $id); $query = http_build_query($query); $value = "<div class='btn-group'>"; if (vartrue($parms['sort'])) { $mode = preg_replace('/[^\\w]/', '', vartrue($_GET['mode'], '')); $from = intval(vartrue($_GET['from'], 0)); $value .= "<a class='e-sort sort-trigger btn btn-default' style='cursor:move' data-target='" . e_SELF . "?mode={$mode}&action=sort&ajax_used=1&from={$from}' title='" . LAN_RE_ORDER . "'>" . ADMIN_SORT_ICON . "</a> "; } $cls = false; if (varset($parms['editClass'])) { $cls = deftrue($parms['editClass']) ? constant($parms['editClass']) : $parms['editClass']; } if ((false === $cls || check_class($cls)) && varset($parms['edit'], 1) == 1) { /* $value .= "<a href='".e_SELF."?{$query}' class='e-tip btn btn-large' title='".LAN_EDIT."' data-placement='left'> <img class='icon action edit list' src='".ADMIN_EDIT_ICON_PATH."' alt='".LAN_EDIT."' /></a>"; */ $value .= "<a href='" . e_SELF . "?{$query}' class='btn btn-default' title='" . LAN_EDIT . "' data-toggle='tooltip' data-placement='left'>\r\n\t\t\t\t\t\t" . ADMIN_EDIT_ICON . "</a>"; } $delcls = vartrue($attributes['noConfirm']) ? ' no-confirm' : ''; if (varset($parms['deleteClass']) && varset($parms['delete'], 1) == 1) { $cls = deftrue($parms['deleteClass']) ? constant($parms['deleteClass']) : $parms['deleteClass']; if (check_class($cls)) { $value .= $this->submit_image('etrigger_delete[' . $id . ']', $id, 'delete', LAN_DELETE . ' [ ID: ' . $id . ' ]', array('class' => 'action delete btn btn-default' . $delcls)); } } else { $value .= $this->submit_image('etrigger_delete[' . $id . ']', $id, 'delete', LAN_DELETE . ' [ ID: ' . $id . ' ]', array('class' => 'action delete btn btn-default' . $delcls)); } } //$attributes['type'] = 'text'; $value .= "</div>"; return $value; break; case 'checkboxes': $value = $this->checkbox(vartrue($attributes['toggle'], 'multiselect') . '[' . $id . ']', $id); //$attributes['type'] = 'text'; return $value; break; } switch ($attributes['type']) { case 'number': if (!$value) { $value = '0'; } if ($parms) { if (!isset($parms['sep'])) { $value = number_format($value, $parms['decimals']); } else { $value = number_format($value, $parms['decimals'], vartrue($parms['point'], '.'), vartrue($parms['sep'], ' ')); } } if (!vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) { $mode = preg_replace('/[^\\w]/', '', vartrue($_GET['mode'], '')); $value = "<a class='e-tip e-editable editable-click' data-name='" . $field . "' title=\"" . LAN_EDIT . " " . $attributes['title'] . "\" data-type='text' data-pk='" . $id . "' data-url='" . e_SELF . "?mode={$mode}&action=inline&id={$id}&ajax_used=1' href='#'>" . $value . "</a>"; } $value = vartrue($parms['pre']) . $value . vartrue($parms['post']); // else same break; case 'ip': //$e107 = e107::getInstance(); $value = e107::getIPHandler()->ipDecode($value); // else same break; case 'templates': case 'layouts': $pre = vartrue($parms['pre']); $post = vartrue($parms['post']); unset($parms['pre'], $parms['post']); if ($parms) { $attributes['writeParms'] = $parms; } elseif (isset($attributes['writeParms'])) { if (is_string($attributes['writeParms'])) { parse_str($attributes['writeParms'], $attributes['writeParms']); } } $attributes['writeParms']['raw'] = true; $tmp = $this->renderElement($field, '', $attributes); // Inline Editing. //@SecretR - please FIXME! if (!vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) { $mode = preg_replace('/[^\\w]/', '', vartrue($_GET['mode'], '')); $source = str_replace('"', "'", json_encode($wparms)); $value = "<a class='e-tip e-editable editable-click' data-name='" . $field . "' data-source=\"" . $source . "\" title=\"" . LAN_EDIT . " " . $attributes['title'] . "\" data-type='select' data-pk='" . $id . "' data-url='" . e_SELF . "?mode=&action=inline&id={$id}&ajax_used=1' href='#'>" . $value . "</a>"; } // $value = $pre.vartrue($tmp[$value]).$post; // FIXME "Fatal error: Only variables can be passed by reference" featurebox list page. break; case 'checkboxes': case 'comma': case 'dropdown': // XXX - should we use readParams at all here? see writeParms check below if ($parms && is_array($parms)) { //FIXME return no value at all when 'editable=1' is a readParm. See FAQs templates. // $value = vartrue($parms['pre']).vartrue($parms[$value]).vartrue($parms['post']); // break; } // NEW - multiple (array values) support // FIXME - add support for multi-level arrays (option groups) if (!is_array($attributes['writeParms'])) { parse_str($attributes['writeParms'], $attributes['writeParms']); } $wparms = $attributes['writeParms']; if (!is_array(varset($wparms['__options']))) { parse_str($wparms['__options'], $wparms['__options']); } if (!empty($wparms['optArray'])) { $fopts = $wparms; $wparms = $fopts['optArray']; unset($fopts['optArray']); $wparms['__options'] = $fopts; } $opts = $wparms['__options']; unset($wparms['__options']); $_value = $value; if ($attributes['type'] == 'checkboxes' || $attributes['type'] == 'comma') { $opts['multiple'] = true; } if (vartrue($opts['multiple'])) { $ret = array(); $value = is_array($value) ? $value : explode(',', $value); foreach ($value as $v) { if (isset($wparms[$v])) { $ret[] = $wparms[$v]; } } $value = implode(', ', $ret); } else { $ret = ''; if (isset($wparms[$value])) { $ret = $wparms[$value]; } $value = $ret; } $value = $value ? vartrue($parms['pre']) . defset($value, $value) . vartrue($parms['post']) : ''; // Inline Editing. // Inline Editing with 'comma' @SecretR - please FIXME - empty values added. @see news 'render type' or 'media-manager' category for test examples. if (!vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) { $xtype = $attributes['type'] == 'dropdown' ? 'select' : 'checklist'; // $value = "<a class='e-tip e-editable editable-click' data-name='".$field."' data-value='{$_value}' data-source=\"".$source."\" title=\"".LAN_EDIT." ".$attributes['title']."\" data-type='".$xtype."' data-pk='".$id."' data-url='".e_SELF."?mode=&action=inline&id={$id}&ajax_used=1' href='#'>".$value."</a>"; $value = $this->renderInline($field, $id, $attributes['title'], $_value, $value, $xtype, $wparms); } // return ; break; case 'radio': if ($parms && is_array($parms)) { $value = vartrue($parms['pre']) . vartrue($parms[$value]) . vartrue($parms['post']); break; } if (!is_array($attributes['writeParms'])) { parse_str($attributes['writeParms'], $attributes['writeParms']); } $value = vartrue($attributes['writeParms']['__options']['pre']) . vartrue($attributes['writeParms'][$value]) . vartrue($attributes['writeParms']['__options']['post']); break; case 'tags': if (!empty($parms['constant'])) { $value = defset($value, $value); } if (vartrue($parms['truncate'])) { $value = $tp->text_truncate($value, $parms['truncate'], '...'); } elseif (vartrue($parms['htmltruncate'])) { $value = $tp->html_truncate($value, $parms['htmltruncate'], '...'); } if (vartrue($parms['wrap'])) { $value = $tp->htmlwrap($value, (int) $parms['wrap'], varset($parms['wrapChar'], ' ')); } if (vartrue($parms['link']) && $id) { $link = str_replace('[id]', $id, $parms['link']); $link = $tp->replaceConstants($link); // SEF URL is not important since we're in admin. $dialog = vartrue($parms['target']) == 'dialog' ? " e-dialog" : ""; // iframe $ext = vartrue($parms['target']) == 'blank' ? " rel='external' " : ""; // new window $modal = vartrue($parms['target']) == 'modal' ? " data-toggle='modal' data-cache='false' data-target='#uiModal' " : ""; if ($parms['link'] == 'sef' && $this->getController()->getListModel()) { $model = $this->getController()->getListModel(); // copy url config if (!$model->getUrl()) { $model->setUrl($this->getController()->getUrl()); } // assemble the url $link = $model->url(); } elseif (vartrue($data[$parms['link']])) { $link = $tp->replaceConstants(vartrue($data[$parms['link']])); } // in case something goes wrong... if ($link) { $value = "<a class='e-tip{$dialog}' {$ext} href='" . $link . "' {$modal} title='Quick View' >" . $value . "</a>"; } } if (empty($value)) { $value = '-'; $setValue = "data-value=''"; } else { $setValue = ""; if ($attributes['type'] == 'tags' && !empty($value)) { $setValue = "data-value='" . $value . "'"; $value = str_replace(",", ", ", $value); // add spaces so it wraps, but don't change the actual values. } } if (!vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) { $options['selectize'] = array('create' => true, 'maxItems' => 7, 'mode' => 'multi', 'e_editable' => $field . '_' . $id); $tpl = $this->text($field, $value, 80, $options); $mode = preg_replace('/[^\\w]/', '', vartrue($_GET['mode'], '')); $value = "<a id='" . $field . '_' . $id . "' class='e-tip e-editable editable-click editable-tags' data-emptytext='-' data-tpl='" . str_replace("'", '"', $tpl) . "' data-name='" . $field . "' title=\"" . LAN_EDIT . " " . $attributes['title'] . "\" data-type='text' data-pk='" . $id . "' " . $setValue . " data-url='" . e_SELF . "?mode={$mode}&action=inline&id={$id}&ajax_used=1' href='#'>" . $value . "</a>"; } $value = vartrue($parms['pre']) . $value . vartrue($parms['post']); break; case 'text': if (!empty($parms['constant'])) { $value = defset($value, $value); } if (vartrue($parms['truncate'])) { $value = $tp->text_truncate($value, $parms['truncate'], '...'); } elseif (vartrue($parms['htmltruncate'])) { $value = $tp->html_truncate($value, $parms['htmltruncate'], '...'); } if (vartrue($parms['wrap'])) { $value = $tp->htmlwrap($value, (int) $parms['wrap'], varset($parms['wrapChar'], ' ')); } if (vartrue($parms['link']) && $id) { $link = str_replace('[id]', $id, $parms['link']); $link = $tp->replaceConstants($link); // SEF URL is not important since we're in admin. $dialog = vartrue($parms['target']) == 'dialog' ? " e-dialog" : ""; // iframe $ext = vartrue($parms['target']) == 'blank' ? " rel='external' " : ""; // new window $modal = vartrue($parms['target']) == 'modal' ? " data-toggle='modal' data-cache='false' data-target='#uiModal' " : ""; if ($parms['link'] == 'sef' && $this->getController()->getListModel()) { $model = $this->getController()->getListModel(); // copy url config if (!$model->getUrl()) { $model->setUrl($this->getController()->getUrl()); } // assemble the url $link = $model->url(); } elseif (vartrue($data[$parms['link']])) { $link = $tp->replaceConstants(vartrue($data[$parms['link']])); } // in case something goes wrong... if ($link) { $value = "<a class='e-tip{$dialog}' {$ext} href='" . $link . "' {$modal} title='Quick View' >" . $value . "</a>"; } } if (empty($value)) { $value = '-'; $setValue = "data-value=''"; } else { $setValue = ""; if ($attributes['type'] == 'tags' && !empty($value)) { $setValue = "data-value='" . $value . "'"; $value = str_replace(",", ", ", $value); // add spaces so it wraps, but don't change the actual values. } } if (!vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) { $mode = preg_replace('/[^\\w]/', '', vartrue($_GET['mode'], '')); $value = "<a class='e-tip e-editable editable-click' data-emptytext='-' data-name='" . $field . "' title=\"" . LAN_EDIT . " " . $attributes['title'] . "\" data-type='text' data-pk='" . $id . "' " . $setValue . " data-url='" . e_SELF . "?mode={$mode}&action=inline&id={$id}&ajax_used=1' href='#'>" . $value . "</a>"; } $value = vartrue($parms['pre']) . $value . vartrue($parms['post']); break; case 'bbarea': case 'textarea': if ($attributes['type'] == 'textarea' && !vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) { return $this->renderInline($field, $id, $attributes['title'], $value, substr($value, 0, 50) . "...", 'textarea'); //FIXME. } $expand = '...'; $toexpand = false; if ($attributes['type'] == 'bbarea' && !isset($parms['bb'])) { $parms['bb'] = true; } //force bb parsing for bbareas $elid = trim(str_replace('_', '-', $field)) . '-' . $id; if (!vartrue($parms['noparse'])) { $value = $tp->toHTML($value, vartrue($parms['bb']) ? true : false, vartrue($parms['parse'])); } if (vartrue($parms['expand']) || vartrue($parms['truncate']) || vartrue($parms['htmltruncate'])) { $ttl = vartrue($parms['expand']); if ($ttl == 1) { $ttl = $expand . "<button class='btn btn-default btn-xs btn-mini pull-right'>More..</button>"; $ttl1 = "<button class='btn btn-default btn-xs btn-mini pull-right'>..Less</button>"; } else { $ttl1 = null; } $expands = '<a href="#' . $elid . '-expand" class="e-show-if-js e-expandit">' . defset($ttl, $ttl) . "</a>"; $contracts = '<a href="#' . $elid . '-expand" class="e-show-if-js e-expandit">' . defset($ttl1, $ttl1) . "</a>"; } $oldval = $value; if (vartrue($parms['truncate'])) { $value = $oldval = strip_tags($value); $value = $tp->text_truncate($value, $parms['truncate'], ''); $toexpand = $value != $oldval; } elseif (vartrue($parms['htmltruncate'])) { $value = $tp->html_truncate($value, $parms['htmltruncate'], ''); $toexpand = $value != $oldval; } if ($toexpand) { // force hide! TODO - core style .expand-c (expand container) // TODO: Hide 'More..' button when text fully displayed. $value .= '<span class="expand-c" style="display: none" id="' . $elid . '-expand"><span>' . str_replace($value, '', $oldval) . $contracts . '</span></span>'; $value .= $expands; // 'More..' button. Keep it at the bottom so it does't cut the sentence. } break; case 'icon': $value = $tp->toIcon($value, array('size' => '2x')); break; case 'file': if (vartrue($parms['base'])) { $url = $parms['base'] . $value; } else { $url = e107::getParser()->replaceConstants($value, 'full'); } $name = basename($value); $value = '<a href="' . $url . '" title="Direct link to ' . $name . '" rel="external">' . $name . '</a>'; break; case 'image': //TODO - thumb, js tooltip... if ($value) { if (strpos($value, ",") !== false) { $tmp = explode(",", $value); $value = $tmp[0]; unset($tmp); } $vparm = array('thumb' => 'tag', 'w' => vartrue($parms['thumb_aw'], '80')); if ($video = e107::getParser()->toVideo($value, $vparm)) { return $video; } $fileOnly = basename($value); // Not an image but a file. (media manager) if (!preg_match("/\\.(png|jpg|jpeg|gif|PNG|JPG|JPEG|GIF)\$/", $fileOnly) && false !== strpos($fileOnly, '.')) { $icon = "{e_IMAGE}filemanager/zip_32.png"; $src = $tp->replaceConstants(vartrue($parms['pre']) . $icon, 'abs'); // return $value; return e107::getParser()->toGlyph('fa-file', 'size=2x'); // return '<img src="'.$src.'" alt="'.$value.'" class="e-thumb" title="'.$value.'" />'; } if (vartrue($parms['thumb'])) { $thparms = array(); // Support readParms example: thumb=1&w=200&h=300 // Support readParms example: thumb=1&aw=80&ah=30 if (isset($parms['h'])) { $thparms['h'] = intval($parms['h']); } if (isset($parms['ah'])) { $thparms['ah'] = intval($parms['ah']); } if (isset($parms['w'])) { $thparms['w'] = intval($parms['w']); } if (isset($parms['aw'])) { $thparms['aw'] = intval($parms['aw']); } // Support readParms example: thumb=200x300 (wxh) if (strpos($parms['thumb'], 'x') !== false) { list($thparms['w'], $thparms['h']) = explode('x', $parms['thumb']); } // Support readParms example: thumb={width} if (!isset($parms['w']) && is_numeric($parms['thumb']) && '1' != $parms['thumb']) { $thparms['w'] = intval($parms['thumb']); } elseif (vartrue($parms['thumb_aw'])) { $thparms['aw'] = intval($parms['thumb_aw']); } // return print_a($thparms,true); $src = $tp->replaceConstants(vartrue($parms['pre']) . $value, 'abs'); $thsrc = $tp->thumbUrl(vartrue($parms['pre']) . $value, $thparms, varset($parms['thumb_urlraw'])); $alt = basename($src); $ttl = '<img src="' . $thsrc . '" alt="' . $alt . '" class="thumbnail e-thumb" />'; $value = '<a href="' . $src . '" data-modal-caption="' . $alt . '" data-target="#uiModal" class="e-modal e-image-preview" title="' . $alt . '" rel="external">' . $ttl . '</a>'; } else { $src = $tp->replaceConstants(vartrue($parms['pre']) . $value, 'abs'); $alt = $src; //basename($value); $ttl = vartrue($parms['title'], 'LAN_PREVIEW'); $value = '<a href="' . $src . '" class="e-image-preview" title="' . $alt . '" rel="external">' . defset($ttl, $ttl) . '</a>'; } } break; case 'files': $ret = '<ol>'; for ($i = 0; $i < 5; $i++) { $k = $key . '[' . $i . '][path]'; $ival = $value[$i]['path']; $ret .= '<li>' . $ival . '</li>'; } $ret .= '</ol>'; $value = $ret; break; case 'datestamp': $value = $value ? e107::getDate()->convert_date($value, vartrue($parms['mask'], 'short')) : ''; break; case 'date': // just show original value break; case 'userclass': $dispvalue = $this->_uc->uc_get_classname($value); // Inline Editing. if (!vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) { $mode = preg_replace('/[^\\w]/', '', vartrue($_GET['mode'], '')); $uc_options = vartrue($parms['classlist'], 'public,guest,nobody,member,admin,main,classes'); // defaults to 'public,guest,nobody,member,classes' (userclass handler) unset($parms['classlist']); $array = e107::getUserClass()->uc_required_class_list($uc_options); //XXX Ugly looking (non-standard) function naming - TODO discuss name change. $source = str_replace('"', "'", json_encode($array, JSON_FORCE_OBJECT)); //NOTE Leading ',' required on $value; so it picks up existing value. $value = "<a class='e-tip e-editable editable-click' data-placement='left' data-value='" . $value . "' data-name='" . $field . "' data-source=\"" . $source . "\" title=\"" . LAN_EDIT . " " . $attributes['title'] . "\" data-type='select' data-pk='" . $id . "' data-url='" . e_SELF . "?mode={$mode}&action=inline&id={$id}&ajax_used=1' href='#'>" . $dispvalue . "</a>"; } else { $value = $dispvalue; } break; case 'userclasses': // return $value; $classes = explode(',', $value); $uv = array(); foreach ($classes as $cid) { if (!empty($parms['defaultLabel']) && $cid === '') { $uv[] = $parms['defaultLabel']; continue; } $uv[] = $this->_uc->getName($cid); } $dispvalue = implode(vartrue($parms['separator'], "<br />"), $uv); // Inline Editing. if (!vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) { $uc_options = vartrue($parms['classlist'], 'public,guest, nobody,member,admin,main,classes'); // defaults to 'public,guest,nobody,member,classes' (userclass handler) $array = e107::getUserClass()->uc_required_class_list($uc_options); //XXX Ugly looking (non-standard) function naming - TODO discuss name change. //$mode = preg_replace('/[^\w]/', '', vartrue($_GET['mode'], '')); $mode = $tp->filter(vartrue($_GET['mode'], ''), 'w'); $source = str_replace('"', "'", json_encode($array, JSON_FORCE_OBJECT)); //NOTE Leading ',' required on $value; so it picks up existing value. $value = "<a class='e-tip e-editable editable-click' data-placement='bottom' data-value='," . $value . "' data-name='" . $field . "' data-source=\"" . $source . "\" title=\"" . LAN_EDIT . " " . $attributes['title'] . "\" data-type='checklist' data-pk='" . $id . "' data-url='" . e_SELF . "?mode={$mode}&action=inline&id={$id}&ajax_used=1' href='#'>" . $dispvalue . "</a>"; } else { $value = $dispvalue; } unset($parms['classlist']); break; /*case 'user_name': case 'user_loginname': case 'user_login': case 'user_customtitle': case 'user_email':*/ /*case 'user_name': case 'user_loginname': case 'user_login': case 'user_customtitle': case 'user_email':*/ case 'user': /*if(is_numeric($value)) { $value = e107::user($value); if($value) { $value = $value[$attributes['type']] ? $value[$attributes['type']] : $value['user_name']; } else { $value = 'not found'; } }*/ $row_id = $id; // Dirty, but the only way for now $id = 0; $ttl = LAN_ANONYMOUS; //Defaults to user_id and user_name (when present) and when idField and nameField are not present. // previously set - real parameters are idField && nameField $id = vartrue($parms['__idval']); if ($value && !is_numeric($value)) { $id = vartrue($parms['__idval']); $ttl = $value; } elseif ($value && is_numeric($value)) { $id = $value; if (vartrue($parms['__nameval'])) { $ttl = $parms['__nameval']; } else { $user = e107::user($value); if (vartrue($user['user_name'])) { $ttl = $user['user_name']; } } } if (!empty($parms['link']) && $id && $ttl && is_numeric($id)) { // Stay in admin area. $link = e_ADMIN . "users.php?mode=main&action=edit&id=" . $id . "&readonly=1&iframe=1"; // e107::getUrl()->create('user/profile/view', array('id' => $id, 'name' => $ttl)) $value = '<a class="e-modal" data-modal-caption="User #' . $id . ' : ' . $ttl . '" href="' . $link . '" title="Go to user profile">' . $ttl . '</a>'; } else { $value = $ttl; } // Inline Editing. if (!vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) { // Need a Unique Field ID to store field settings using e107::js('settings'). $fieldID = $this->name2id($field . '_' . microtime(true)); // Unique ID for each rows. $eEditableID = $this->name2id($fieldID . '_' . $row_id); $tpl = $this->userpicker($field, '', $ttl, $id, array('id' => $fieldID, 'selectize' => array('e_editable' => $eEditableID))); $mode = preg_replace('/[^\\w]/', '', vartrue($_GET['mode'], '')); $value = "<a id='" . $eEditableID . "' class='e-tip e-editable editable-click editable-userpicker' data-clear='false' data-tpl='" . str_replace("'", '"', $tpl) . "' data-name='" . $field . "' title=\"" . LAN_EDIT . " " . $attributes['title'] . "\" data-type='text' data-pk='" . $row_id . "' data-value='" . $id . "' data-url='" . e_SELF . "?mode={$mode}&action=inline&id={$row_id}&ajax_used=1' href='#'>" . $ttl . "</a>"; } break; case 'bool': case 'boolean': $false = vartrue($parms['trueonly']) ? "" : ADMIN_FALSE_ICON; if (!vartrue($attributes['noedit']) && vartrue($parms['editable']) && !vartrue($parms['link'])) { if (isset($parms['false'])) { $false = $parms['false']; } else { $false = $value === '' ? "□" : "✗"; } $true = varset($parms['true'], '✓'); // custom representation for 'true'. (supports font-awesome when set by css) $value = intval($value); $wparms = vartrue($parms['reverse']) ? array(0 => $true, 1 => $false) : array(0 => $false, 1 => $true); $dispValue = $wparms[$value]; return $this->renderInline($field, $id, $attributes['title'], $value, $dispValue, 'select', $wparms); } if (vartrue($parms['reverse'])) { $value = $value ? $false : ADMIN_TRUE_ICON; } else { $value = $value ? ADMIN_TRUE_ICON : $false; } break; case 'url': if (!$value) { break; } $ttl = $value; if (vartrue($parms['href'])) { return $tp->replaceConstants(vartrue($parms['pre']) . $value, varset($parms['replace_mod'], 'abs')); } if (vartrue($parms['truncate'])) { $ttl = $tp->text_truncate($value, $parms['truncate'], '...'); } $value = "<a href='" . $tp->replaceConstants(vartrue($parms['pre']) . $value, 'abs') . "' title='{$value}'>" . $ttl . "</a>"; break; case 'email': if (!$value) { break; } $ttl = $value; if (vartrue($parms['truncate'])) { $ttl = $tp->text_truncate($value, $parms['truncate'], '...'); } $value = "<a href='mailto:" . $value . "' title='{$value}'>" . $ttl . "</a>"; break; case 'method': // Custom Function $method = $attributes['field']; // prevents table alias in method names. ie. u.my_method. $_value = $value; if ($attributes['data'] == 'array') { $value = e107::unserialize($value); // (saved as array, return it as an array) } $meth = !empty($attributes['method']) ? $attributes['method'] : $method; if (method_exists($this, $meth)) { $parms['field'] = $field; $value = call_user_func_array(array($this, $meth), array($value, 'read', $parms)); } else { return "<span class='label label-important label-danger'>Missing: " . $method . "()</span>"; } // print_a($attributes); // Inline Editing. if (!vartrue($attributes['noedit']) && vartrue($parms['editable'])) { $mode = preg_replace('/[^\\w]/', '', vartrue($_GET['mode'], '')); $methodParms = call_user_func_array(array($this, $method), array($value, 'inline', $parms)); if (!empty($methodParms['inlineType'])) { $attributes['inline'] = $methodParms['inlineType']; $methodParms = !empty($methodParms['inlineData']) ? $methodParms['inlineData'] : null; } if (is_string($attributes['inline'])) { switch ($attributes['inline']) { case 'checklist': $xtype = 'checklist'; break; case 'select': case 'dropdown': $xtype = 'select'; break; case 'textarea': $xtype = 'textarea'; break; default: $xtype = 'text'; $methodParms = null; break; } } if (!empty($xtype)) { $value = $this->renderInline($field, $id, $attributes['title'], $_value, $value, $xtype, $methodParms); } } break; case 'hidden': return vartrue($parms['show']) ? $value ? $value : vartrue($parms['empty']) : ''; break; case 'language': // All Known Languages. if (!empty($value)) { $_value = $value; if (strlen($value) === 2) { $value = e107::getLanguage()->convert($value); } } if (!vartrue($attributes['noedit']) && vartrue($parms['editable'])) { $wparms = e107::getLanguage()->getList(); return $this->renderInline($field, $id, $attributes['title'], $_value, $value, 'select', $wparms); } return $value; break; case 'lanlist': // installed languages. $options = e107::getLanguage()->getLanSelectArray(); if ($options) { if (!is_array($attributes['writeParms'])) { parse_str($attributes['writeParms'], $attributes['writeParms']); } $wparms = $attributes['writeParms']; if (!is_array(varset($wparms['__options']))) { parse_str($wparms['__options'], $wparms['__options']); } $opts = $wparms['__options']; if ($opts['multiple']) { $ret = array(); $value = is_array($value) ? $value : explode(',', $value); foreach ($value as $v) { if (isset($options[$v])) { $ret[] = $options[$v]; } } $value = implode(', ', $ret); } else { $ret = ''; if (isset($options[$value])) { $ret = $options[$value]; } $value = $ret; } $value = $value ? vartrue($parms['pre']) . $value . vartrue($parms['post']) : ''; } else { $value = ''; } break; //TODO - order //TODO - order default: //unknown type break; } return $value; }
public function optionsPageSubmit() { if (!check_class(e_UC_MAINADMIN)) { return false; } $ns = e107::getRender(); $sql = e107::getDb(); $mes = e107::getMessage(); $e_userclass = $this->getUserClassAdmin(); if (isset($_POST['add_class_tree'])) { $message = UCSLAN_62; $e_userclass->set_default_structure(); $e_userclass->calc_tree(); $e_userclass->save_tree(); $e_userclass->readTree(TRUE); // Need to re-read the tree to show correct info $message .= UCSLAN_64; } if (isset($_POST['flatten_class_tree'])) { $message = UCSLAN_65; $sql->update('userclass_classes', "userclass_parent='0'"); $e_userclass->calc_tree(); $e_userclass->save_tree(); $e_userclass->readTree(TRUE); // Need to re-read the tree to show correct info $message .= UCSLAN_64; } if (isset($_POST['rebuild_tree'])) { $message = UCSLAN_70; $e_userclass->calc_tree(); $e_userclass->save_tree(); $message .= UCSLAN_64; } /* if ($params == 'xml') $params = '.xml'; else $params = ''; if (isset($_POST['create_xml_db']) && ($params == '.xml')) { $message = $e_userclass->makeXMLFile() ? 'XML file created' : 'Error creating XML file'; } */ if ($message) { $mes->addSuccess($message); // $ns->tablerender('', "<div style='text-align:center'><b>".$message."</b></div>"); } }
function parse_parent($parent) { if (!check_class($parent['forum_postclass'])) { $status = '( ' . LAN_405 . ' )'; } return $status; }
function add_to_cart_form($prop1_list, $prop1_array, $prop1_prices, $prop1_name, $prop2_list, $prop2_array, $prop2_prices, $prop2_name, $prop3_list, $prop3_array, $prop3_prices, $prop3_name, $prop4_list, $prop4_array, $prop4_prices, $prop4_name, $prop5_list, $prop5_array, $prop5_prices, $prop5_name, $prop6_list, $prop6_array, $prop6_prices, $prop6_name, $unicode_character_before, $unicode_character_after, $item_price, $discount_id, $discount_class, $discount_valid_from, $discount_valid_till, $discount_code, $discount_flag, $discount_percentage, $discount_price, $property_prices, $unicode_character_before, $unicode_character_after, $print_discount_icons, $item_id, $item_name, $sku_number, $shipping_first_item, $shipping_additional_item, $handling_override, $category_id, $item_instock, $item_track_stock, $enable_ipn, $db_id, $category_order_class, $enable_number_input, $fill_basket) { $text .= "\r\n\t\t\t<br />\r\n\t\t\t<form method='post' action='easyshop_basket.php'>\r\n\t\t\t\t<div>"; // Include selected properties in the product form // Function include_prop returns an array! [0] is for $text and [1] is for $property_prices! $temp_array = Shop::include_prop($prop1_list, $prop1_array, $prop1_prices, $prop1_name, $prop2_list, $prop2_array, $prop2_prices, $prop2_name, $prop3_list, $prop3_array, $prop3_prices, $prop3_name, $prop4_list, $prop4_array, $prop4_prices, $prop4_name, $prop5_list, $prop5_array, $prop5_prices, $prop5_name, $prop6_list, $prop6_array, $prop6_prices, $prop6_name, $unicode_character_before, $unicode_character_after, $item_price); $text .= $temp_array[0]; $property_prices = $temp_array[1]; unset($temp_array); // Include selected discount in the product form // Function include_disc returns an array! [0] is for $text and [1] is for $item_price! $temp_array = Shop::include_disc($discount_id, $discount_class, $discount_valid_from, $discount_valid_till, $discount_code, $item_price, $discount_flag, $discount_percentage, $discount_price, $property_prices, $unicode_character_before, $unicode_character_after, $print_discount_icons); $text .= $temp_array[0]; // $item_price = $temp_array[1]; // Bugfix #75 unset($temp_array); // Include also currency sign to send it to the basket // Send the product data to the basket $text .= "\r\n\t\t\t\t<input type='hidden' name='unicode_character_before' value='" . $unicode_character_before . "'/>\r\n\t\t\t\t<input type='hidden' name='unicode_character_after' value='" . $unicode_character_after . "'/>\r\n\t\t\t\t<input type='hidden' name='item_id' value='" . $item_id . "'/>\r\n\t\t\t\t<input type='hidden' name='item_name' value='" . $item_name . "'/>\r\n\t\t\t\t<input type='hidden' name='sku_number' value='" . $sku_number . "'/>\r\n\t\t\t\t<input type='hidden' name='item_price' value='" . number_format($item_price, 2, '.', '') . "'/>\r\n\t\t\t\t<input type='hidden' name='shipping' value='" . number_format($shipping_first_item, 2, '.', '') . "'/>\r\n\t\t\t\t<input type='hidden' name='shipping2' value='" . number_format($shipping_additional_item, 2, '.', '') . "'/>\r\n\t\t\t\t<input type='hidden' name='handling' value='" . number_format($handling_override, 2, '.', '') . "'/>\r\n\t\t\t\t<input type='hidden' name='category_id' value='" . $category_id . "'/>"; // IPN addition to include stock tracking option if ($item_track_stock == 2 && $enable_ipn == 2) { $text .= "\r\n\t\t\t\t<input type='hidden' name='item_instock' value='" . $item_instock . "'>\r\n\t\t\t\t<input type='hidden' name='item_track_stock' value='" . $item_track_stock . "'>"; } // IPN addition to include Item's database ID into session variable $text .= "\r\n\t\t\t\t<input type='hidden' name='db_id' value='" . $db_id . "'>\r\n\t\t\t\t<input type='hidden' name='fill_basket' value='" . $fill_basket . "'/>"; // Include properties lists hidden in the form for ($n = 1; $n < 6; $n++) { $propname = "prop" . $n . "_name"; $proplist = "prop" . $n . "_list"; $propprices = "prop" . $n . "_prices"; $text .= "\r\n\t\t\t\t<input type='hidden' name='{$propname}' value='" . ${"prop" . $n . "_name"} . "'/>\r\n\t\t\t\t<input type='hidden' name='{$proplist}' value='" . ${"prop" . $n . "_list"} . "'/>\r\n\t\t\t\t<input type='hidden' name='{$propprices}' value='" . ${"prop" . $n . "_prices"} . "'/>"; } // Include user id if user is logged in if (USER) { $text .= "\r\n\t\t\t\t<input type='hidden' name='custom' value='" . USERID . "'/>"; } if (check_class($category_order_class)) { // Only display number and checkout button if user is member of order_class if ($enable_number_input == '1') { // Shop visitor can specify number of products $text .= "\r\n\t\t\t\t<div class='easyshop_nr_of_prod'>\r\n\t\t\t\t\t" . EASYSHOP_SHOP_80 . ": <input name='item_qty' type='text' value='1' size='2' />\r\n\t\t\t\t</div>"; } else { // Shop adds one product at each click on add button $text .= "\r\n\t\t\t\t<input type='hidden' name='item_qty' value='1' />"; } $text .= "\r\n\t\t\t\t<input type='hidden' name='return_url' value='" . e_SELF . (e_QUERY ? '?' . e_QUERY : '') . "'/>\r\n\t\t\t\t<input class='button' type='submit' value='" . EASYSHOP_SHOP_08 . "'/>"; } $text .= "\r\n\t\t\t\t</div>\r\n\t\t\t</form>"; return $text; }
function get_poll($query) { global $e107; $sql = e107::getDb(); if ($sql->gen($query)) { $pollArray = $sql->fetch(); if (!check_class($pollArray['poll_vote_userclass'])) { $POLLMODE = 'disallowed'; } else { switch ($pollArray['poll_storage_method']) { case POLL_MODE_COOKIE: $userid = ''; $cookiename = 'poll_' . $pollArray['poll_id']; if (isset($_COOKIE[$cookiename])) { $POLLMODE = 'voted'; } else { $POLLMODE = 'notvoted'; } break; case POLL_MODE_IP: $userid = e107::getIPHandler()->getIP(FALSE); $voted_ids = explode('^', substr($pollArray['poll_ip'], 0, -1)); if (in_array($userid, $voted_ids)) { $POLLMODE = 'voted'; } else { $POLLMODE = 'notvoted'; } break; case POLL_MODE_USERID: if (!USER) { $POLLMODE = 'disallowed'; } else { $userid = USERID; $voted_ids = explode('^', substr($pollArray['poll_ip'], 0, -1)); if (in_array($userid, $voted_ids)) { $POLLMODE = 'voted'; } else { $POLLMODE = 'notvoted'; } } break; } } } else { return FALSE; } if (isset($_POST['pollvote']) && $POLLMODE == 'notvoted' && $POLLMODE != 'disallowed') { if ($_POST['votea']) { // $sql -> db_Select("polls", "*", "poll_vote_userclass!=255 AND poll_type=1 ORDER BY poll_datestamp DESC LIMIT 0,1"); $row = $pollArray; extract($row); $votes = explode(chr(1), $poll_votes); if (is_array($_POST['votea'])) { /* multiple choice vote */ foreach ($_POST['votea'] as $vote) { $vote = intval($vote); $votes[$vote - 1]++; } } else { $votes[$_POST['votea'] - 1]++; } $optionArray = explode(chr(1), $pollArray['poll_options']); $optionArray = array_slice($optionArray, 0, -1); foreach ($optionArray as $k => $v) { if (!$votes[$k]) { $votes[$k] = 0; } } $votep = implode(chr(1), $votes); $pollArray['poll_votes'] = $votep; $sql->update("polls", "poll_votes = '{$votep}'" . ($pollArray['poll_storage_method'] != POLL_MODE_COOKIE ? ", poll_ip='" . $poll_ip . $userid . "^'" : '') . " WHERE poll_id=" . $poll_id); /*echo " <script type='text/javascript'> <!-- setcook({$poll_id}); //--> </script> "; */ $poll_cookie_expire = time() + 3600 * 24 * 356 * 15; // FIXME cannot be used after 2023 (this year is the maxium unixstamp on 32 bit system) cookie('poll_' . $poll_id . '', $poll_id, $poll_cookie_expire); $POLLMODE = 'voted'; } } $this->pollRow = $pollArray; $this->pollmode = $POLLMODE; }
function pageCheckPerms($page_class, $page_password, $page_title = " ") { global $ns, $tp, $pref, $HEADER, $FOOTER, $sql; // $tp added - also $pref - used by footer if (!check_class($page_class)) { $this->authorized = 'class'; return false; } if (!$page_password) { $this->authorized = true; $cookiename = $this->getCookieName(); if (isset($_COOKIE[$cookiename])) { cookie($cookiename, '', time() - 2592000); } return true; } if (isset($_POST['submit_page_pw'])) { if ($_POST['page_pw'] == $page_password) { $this->setPageCookie(); $this->authorized = true; return true; } else { e107::getMessage()->addError(LAN_PAGE_7); } } else { // TODO - e_COOKIE $cookiename = $this->getCookieName(); if (isset($_COOKIE[$cookiename]) && $_COOKIE[$cookiename] == md5($page_password . USERID)) { $this->authorized = true; return TRUE; } // Invalid/empty password here } $this->authorized = 'pw'; return false; }
/** * {EMAILICON: class=x} */ function sc_emailicon($parm = array()) { $pref = e107::getPref(); if (!check_class(varset($pref['email_item_class'], e_UC_MEMBER))) { return ''; } require_once e_HANDLER . 'emailprint_class.php'; return emailprint::render_emailprint('news', $this->news_item['news_id'], 1, $parm); }
/** * Callback looks up and substitutes a shortcode */ function doCode($matches) { // print_a($matches); if (in_array($matches[0], $this->ignoreCodes)) { return $matches[0]; } // XXX remove all globals, $sc_style removed global $pref, $e107cache, $menu_pref, $parm, $sql; $parmArray = false; if ($this->eVars) { if ($this->eVars->isVar($matches[1])) { return $this->eVars->{$matches}[1]; } } if (strpos($matches[1], E_NL) !== false) { return $matches[0]; } if (preg_match('/^([A-Z_]*):(.*)/', $matches[1], $newMatch)) { $code = $newMatch[1]; $parmStr = trim($newMatch[2]); $debugParm = $parmStr; parse_str($parmStr, $parm); $parmArray = true; } elseif (strpos($matches[1], '=')) { list($code, $parm) = explode('=', $matches[1], 2); } else { $code = $matches[1]; $parm = ''; } //look for the $sc_mode if (strpos($code, '|')) { list($code, $sc_mode) = explode("|", $code, 2); $code = trim($code); $sc_mode = trim($sc_mode); } else { $sc_mode = ''; } if ($parmArray == false) { $parm = trim($parm); $parm = str_replace(array('[[', ']]'), array('{', '}'), $parm); } if (E107_DBG_BBSC || E107_DBG_SC || E107_DBG_TIMEDETAILS) { $sql->db_Mark_Time("SC {$code}"); } if (E107_DBG_SC) { $dbg = "<strong>"; $dbg .= '{'; $dbg .= $code; $dbg .= $parm ? '=' . htmlentities($parm) : ""; $dbg .= '}'; $dbg .= "</strong>"; // echo $dbg; return $dbg; // trigger_error('starting shortcode {'.$code.'}', E_USER_ERROR); // no longer useful - use ?[debug=bbsc] } $scCode = ''; $scFile = ''; $_path = ''; $ret = ''; $_method = 'sc_' . strtolower($code); if (is_object($this->addedCodes) && method_exists($this->addedCodes, $_method)) { $ret = $this->addedCodes->{$_method}($parm, $sc_mode); if (E107_DBG_BBSC || E107_DBG_SC || E107_DBG_TIMEDETAILS) { $_class = get_class($this->addedCodes); // "(class loaded)"; // debug. $_function = $_method; $_path = "(already loaded)"; } } elseif (is_array($this->addedCodes) && array_key_exists($code, $this->addedCodes)) { $scCode = $this->addedCodes[$code]; // $_path = print_a($this->backTrace,true); //XXX $_path = print_a($this,true); } elseif (array_key_exists($code, $this->scList)) { $scCode = $this->scList[$code]; $_path = "(loaded earlier)"; // debug. } else { //.sc file not yet loaded, or shortcode is new function type if ($this->parseSCFiles == true) { if (array_key_exists($code, $this->registered_codes)) { //shortcode is registered, let's proceed. if (isset($this->registered_codes[$code]['perms'])) { if (!check_class($this->registered_codes[$code]['perms'])) { return ''; } } switch ($this->registered_codes[$code]['type']) { case 'class': //It is batch shortcode. Load the class and call the method $_class = $this->registered_codes[$code]['class']; $_method = 'sc_' . strtolower($code); if (!$this->isScClass($_class)) { if (!class_exists($_class) && $this->registered_codes[$code]['path']) { include_once $this->registered_codes[$code]['path']; } $this->initShortcodeClass($_class, false); if (!$this->isScClass($_class)) { return ''; } // egister passed eVars object on init - call it manually? // $this->callScFunc($_class, 'setVars', $this->var); } // FIXME - register passed eVars object - BAD solution - called on EVERY sc method call // XXX - removal candidate - I really think it should be done manually (outside the parser) // via e107::getScBatch(name)->setParserVars($eVars); // $this->callScFunc($_class, 'setParserVars', $this->eVars); $wrapper = $this->callScFunc($_class, 'wrapper', null); $ret = $this->callScFuncA($_class, $_method, array($parm, $sc_mode)); /*if (method_exists($this->scClasses[$_class], $_method)) { $ret = $this->scClasses[$_class]->$_method($parm, $sc_mode); } else { echo $_class.'::'.$_method.' NOT FOUND!<br />'; }*/ break; case 'override': case 'func': case 'plugin': //It is a function, so include the file and call the function $_function = $this->registered_codes[$code]['function']; if (!function_exists($_function) && $this->registered_codes[$code]['path']) { include_once $this->registered_codes[$code]['path'] . strtolower($code) . '.php'; } if (function_exists($_function)) { $ret = call_user_func($_function, $parm, $sc_mode); } break; case 'plugin_legacy': $scFile = e_PLUGIN . strtolower($this->registered_codes[$code]['path']) . '/' . strtolower($code) . '.sc'; break; // case 'override': // $scFile = e_CORE.'override/shortcodes/'.strtolower($code).'.sc'; // break; // case 'override': // $scFile = e_CORE.'override/shortcodes/'.strtolower($code).'.sc'; // break; case 'theme': $scFile = THEME . strtolower($code) . '.sc'; break; } } else { // Code is not registered, let's look for .sc or .php file // .php file takes precedence over .sc file if (is_readable(e_CORE . 'shortcodes/single/' . strtolower($code) . '.php')) { $_function = strtolower($code) . '_shortcode'; $_class = strtolower($code); $_path = e_CORE . 'shortcodes/single/' . strtolower($code) . '.php'; include_once e_CORE . 'shortcodes/single/' . strtolower($code) . '.php'; if (class_exists($_class, false)) { // SecretR - fix array(parm, sc_mode) causing parm to become an array, see issue 424 $ret = call_user_func(array($_class, $_function), $parm, $sc_mode); } elseif (function_exists($_function)) { $ret = call_user_func($_function, $parm, $sc_mode); } } else { $scFile = e_CORE . 'shortcodes/single/' . strtolower($code) . '.sc'; $_path = $scFile; } } if ($scFile && file_exists($scFile)) { $scCode = file_get_contents($scFile); $this->scList[$code] = $scCode; $_path = $scFile; } else { // $ret = 'Missing!'; $_path .= " MISSING!"; } } if (!isset($scCode)) { if (E107_DBG_BBSC) { trigger_error('shortcode not found:{' . $code . '}', E_USER_ERROR); } return $matches[0]; } if (E107_DBG_SC && $scFile) { // echo (isset($scFile)) ? "<br />sc_file= ".str_replace(e_CORE.'shortcodes/single/', '', $scFile).'<br />' : ''; // echo "<br />sc= <b>$code</b>"; } } if ($scCode) { $ret = @eval($scCode); if ($ret === false && E107_DEBUG_LEVEL > 0) { $string = print_a($scCode, true); e107::getMessage()->addDebug('Could not parse Shortcode ' . $scFile . ' :: {' . $code . '} ' . $string); } } if (isset($ret) && ($ret != '' || is_numeric($ret))) { // Wrapper support - see contact_template.php if (isset($this->wrappers[$code]) && !empty($this->wrappers[$code])) { list($pre, $post) = explode("{---}", $this->wrappers[$code], 2); $ret = $pre . $ret . $post; } else { //if $sc_mode exists, we need it to parse $sc_style if ($sc_mode) { $code = $code . '|' . $sc_mode; } if (is_array($this->sc_style) && array_key_exists($code, $this->sc_style)) { $pre = $post = ''; // old way - pre/post keys if (is_array($this->sc_style[$code])) { if (isset($this->sc_style[$code]['pre'])) { $pre = $this->sc_style[$code]['pre']; } if (isset($this->sc_style[$code]['post'])) { $post = $this->sc_style[$code]['post']; } } else { list($pre, $post) = explode("{---}", $this->sc_style[$code], 2); } $ret = $pre . $ret . $post; } } } if (E107_DBG_SC || E107_DBG_TIMEDETAILS) { $sql->db_Mark_Time("(After SC {$code})"); } if (E107_DBG_BBSC || E107_DBG_SC || E107_DBG_TIMEDETAILS) { global $db_debug; $other = array(); if ($_class) { $other['class'] = $_class; } if (vartrue($_function)) { $other['function'] = $_function; } if (vartrue($_path)) { $other['path'] = str_replace('../', '', $_path); } if ($this->debug_legacy) { $other = $this->debug_legacy; } $info = isset($this->registered_codes[$code]) ? print_a($this->registered_codes[$code], true) : print_a($other, true); $tmp = isset($debugParm) ? $debugParm : $parm; $db_debug->logCode(2, $code, $tmp, $info); } return isset($ret) ? $ret : ''; }
if (!defined("USER_WIDTH")) { define("USER_WIDTH", "width:95%"); } if (!empty($pref['news_subheader'])) { $text .= "\n\t <div class='alert alert-block alert-info '>\n\t " . $tp->toHTML($pref['news_subheader'], true, "BODY") . "\n\t </div>"; } $text .= "\n<div>\n <form id='dataform' method='post' action='" . e_SELF . "' enctype='multipart/form-data' onsubmit='return frmVerify()'>\n <table class='table fborder'>"; if (!USER) { $text .= "\n\t <tr>\n\t <td style='width:20%' class='forumheader3'>" . LAN_7 . "</td>\n\t <td style='width:80%' class='forumheader3'>\n\t <input class='tbox' type='text' name='submitnews_name' size='60' value='" . $tp->toHTML($submitnews_user, FALSE, 'USER_TITLE') . "' maxlength='100' required />\n\t </td>\n\t </tr>\n\t <tr>\n\t <td style='width:20%' class='forumheader3'>" . LAN_112 . "</td>\n\t <td style='width:80%' class='forumheader3'>\n\t <input class='tbox' type='text' name='submitnews_email' size='60' value='" . $tp->toHTML($submitnews_email, FALSE, 'LINKTEXT') . "' maxlength='100' required />\n\t </td>\n\t </tr>"; } $text .= "\n<tr>\n <td style='width:20%' class='forumheader3'>" . NWSLAN_6 . ": </td>\n\t<td style='width:80%' class='forumheader3'>"; if (!$sql->select("news_category")) { $text .= NWSLAN_10; } else { $text .= "\n\t\t<select name='cat_id' class='tbox form-control'>"; while (list($cat_id, $cat_name, $cat_icon) = $sql->db_Fetch(MYSQL_NUM)) { $sel = varset($_POST['cat_id'], '') == $cat_id ? "selected='selected'" : ""; $text .= "<option value='{$cat_id}' {$sel}>" . $tp->toHTML($cat_name, FALSE, "defs") . "</option>"; } $text .= "</select>"; } $text .= "\n </td>\n</tr>\n<tr>\n <td style='width:20%' class='forumheader3'>" . LAN_TITLE . "</td>\n\t<td style='width:80%' class='forumheader3'>\n <input class='tbox form-control' type='text' id='submitnews_title' name='submitnews_title' size='60' value='" . $tp->toHTML(vartrue($_POST['submitnews_title']), TRUE, 'USER_TITLE') . "' maxlength='200' style='width:90%' required />\n\t</td>\n</tr>\n<tr>\n \t<td style='width:20%' class='forumheader3'>" . LAN_135 . "</td>\n\t<td style='width:80%' class='forumheader3'>\n\t\t" . e107::getForm()->bbarea('submitnews_item', $tp->toForm(vartrue($_POST['submitnews_item'])), null, null, 'large', 'required=1') . "\n\t</td>\n</tr>\n"; if ($pref['subnews_attach'] && $pref['upload_enabled'] && check_class($pref['upload_class']) && FILE_UPLOADS) { $text .= "\n <tr>\n <td style='width:20%' class='forumheader3'>" . SUBNEWSLAN_5 . "<br /><span class='smalltext'>" . SUBNEWSLAN_6 . "</span></td>\n <td style='width:80%' class='forumheader3'>\n <input class='tbox' type='file' name='file_userfile[]' style='width:90%' multiple='multiple' />\n </td>\n </tr>"; } $text .= "\n <tr>\n <td colspan='2' style='text-align:center' class='forumheader'>\n <input class='btn btn-success button' type='submit' name='submitnews_submit' value='" . LAN_136 . "' />\n <input type='hidden' name='e-token' value='" . e_TOKEN . "' />\n </td>\n </tr>\n </table>\n </form>\n</div>"; $ns->tablerender(LAN_136, $text); if (!vartrue($pref['subnews_htmlarea'])) { e107::wysiwyg(false); } require_once FOOTERF;