public function ilist($parent_id = NULL)
{
$where = '';
if (!is_null($parent_id)) {
$where .= 'and parent_id=' . dbq($parent_id);
}
return db_array("select * from " . $this->table_name . " where status=0 {$where} order by parent_id, prio desc, iname");
}
function add_thread($itemid, $onlyshadow = false)
{
$items = q("SELECT `uid`, `created`, `edited`, `commented`, `received`, `changed`, `wall`, `private`, `pubmail`, `moderated`, `visible`, `spam`, `starred`, `bookmark`, `contact-id`,\n\t\t\t`deleted`, `origin`, `forum_mode`, `mention`, `network` FROM `item` WHERE `id` = %d AND (`parent` = %d OR `parent` = 0) LIMIT 1", intval($itemid), intval($itemid));
if (!$items) {
return;
}
$item = $items[0];
$item['iid'] = $itemid;
if (!$onlyshadow) {
$result = dbq("INSERT INTO `thread` (`" . implode("`, `", array_keys($item)) . "`) VALUES ('" . implode("', '", array_values($item)) . "')");
logger("add_thread: Add thread for item " . $itemid . " - " . print_r($result, true), LOGGER_DEBUG);
}
// is it already a copy?
if ($itemid == 0 or $item['uid'] == 0) {
return;
}
// Is it a visible public post?
if (!$item["visible"] or $item["deleted"] or $item["moderated"] or $item["private"]) {
return;
}
// is it an entry from a connector? Only add an entry for natively connected networks
if (!in_array($item["network"], array(NETWORK_DFRN, NETWORK_DIASPORA, NETWORK_OSTATUS, ""))) {
return;
}
// Only do these checks if the post isn't a wall post
if (!$item["wall"]) {
// Check, if hide-friends is activated - then don't do a shadow entry
$r = q("SELECT `hide-friends` FROM `profile` WHERE `is-default` AND `uid` = %d AND NOT `hide-friends`", $item['uid']);
if (!count($r)) {
return;
}
// Check if the contact is hidden or blocked
$r = q("SELECT `id` FROM `contact` WHERE NOT `hidden` AND NOT `blocked` AND `id` = %d", $item['contact-id']);
if (!count($r)) {
return;
}
}
// Only add a shadow, if the profile isn't hidden
$r = q("SELECT `uid` FROM `user` where `uid` = %d AND NOT `hidewall`", $item['uid']);
if (!count($r)) {
return;
}
$item = q("SELECT * FROM `item` WHERE `id` = %d", intval($itemid));
if (count($item) and $item[0]["allow_cid"] == '' and $item[0]["allow_gid"] == '' and $item[0]["deny_cid"] == '' and $item[0]["deny_gid"] == '') {
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = 0 LIMIT 1", dbesc($item['uri']));
if (!$r) {
// Preparing public shadow (removing user specific data)
require_once "include/items.php";
require_once "include/Contact.php";
unset($item[0]['id']);
$item[0]['uid'] = 0;
$item[0]['contact-id'] = get_contact($item[0]['author-link'], 0);
$public_shadow = item_store($item[0], false, false, true);
logger("add_thread: Stored public shadow for post " . $itemid . " under id " . $public_shadow, LOGGER_DEBUG);
}
}
}
function makeStructure($parent, $prefix, $sort)
{
global $user, $id, $path, $cfg, $lang;
$db = dbq("SELECT id, title, type, online, sort FROM {$cfg['db']['prefix']}_structure WHERE parent = {$parent} AND viewRights LIKE '%({$user['parent']})%' ORDER BY {$sort}");
if (is_array($db)) {
for ($i = 0; $i < count($db); $i++) {
echo '<tr><td><table><tr>';
echo $prefix;
if (isset($db[$i + 1])) {
echo '<td class="thread trb"> </td>';
} else {
echo '<td class="thread tr"> </td>';
}
if (in_array(array($db[$i]['id'], $db[$i]['title']), $path) && dbq("SELECT * FROM {$cfg['db']['prefix']}_structure WHERE parent = {$db[$i]['id']}")) {
echo '<td class="thread bl">';
} else {
echo '<td class="thread l">';
}
if (file_exists('img/ico-rec/' . $db[$i]['type'] . '.gif')) {
echo '<img src="img/ico-rec/' . $db[$i]['type'] . '.gif" alt="' . ucfirst($db[$i]['type']) . '" /></td><td>';
} else {
echo '<img src="img/ico-rec/folder.gif" alt="' . ucfirst($db[$i]['type']) . '" /></td><td>';
}
if ($db[$i]['id'] == $id) {
echo '<strong>';
}
if ($db[$i]['online'] == 0) {
echo '<em>';
}
if ($user['parent'] == '970') {
$sql = "SELECT * FROM user WHERE email = '" . $_SESSION['epUser']['title'] . "'";
$test = dbq($sql);
echo '<a href=".?id=' . $db[$i]['id'] . '&aid=' . $test[0]['id'] . '">' . htmlspecialchars($db[$i]['title']) . '</a>';
} else {
if ($db[$i]['title'] != '') {
echo '<a href=".?id=' . $db[$i]['id'] . '">' . htmlspecialchars($db[$i]['title']) . '</a>';
} else {
echo '<a href=".?id=' . $db[$i]['id'] . '">' . $lang[5] . '</a>';
}
}
if ($db[$i]['online'] == 0) {
echo '</em>';
}
if ($db[$i]['id'] == $id) {
echo '</strong>';
}
echo '</td></tr></table></td></tr>';
if (in_array(array($db[$i]['id'], $db[$i]['title']), $path) && dbq("SELECT * FROM {$cfg['db']['prefix']}_structure WHERE parent = {$db[$i]['id']}")) {
if (isset($db[$i + 1])) {
makeStructure($db[$i]['id'], $prefix . '<td class="thread tb"> </td>', $db[$i]['sort']);
} else {
makeStructure($db[$i]['id'], $prefix . '<td class="thread"> </td>', $db[$i]['sort']);
}
}
}
}
}
function add_thread($itemid)
{
$items = q("SELECT `uid`, `created`, `edited`, `commented`, `received`, `changed`, `wall`, `private`, `pubmail`, `moderated`, `visible`, `spam`, `starred`, `bookmark`, `contact-id`,\n\t\t\t`deleted`, `origin`, `forum_mode`, `mention`, `network` FROM `item` WHERE `id` = %d AND (`parent` = %d OR `parent` = 0) LIMIT 1", intval($itemid), intval($itemid));
if (!$items) {
return;
}
$item = $items[0];
$item['iid'] = $itemid;
$result = dbq("INSERT INTO `thread` (`" . implode("`, `", array_keys($item)) . "`) VALUES ('" . implode("', '", array_values($item)) . "')");
logger("add_thread: Add thread for item " . $itemid . " - " . print_r($result, true), LOGGER_DEBUG);
}
public function IndexAction()
{
#get filters from the search form
$f = $this->get_filter();
$this->set_list_sorting();
$this->list_where = ' 1=1 ';
$this->set_list_search();
//other filters add to $this->list_where here
//if search - no category
if ($f['s'] == '') {
$this->list_where .= ' and icat=' . dbq($f['icat']);
}
$this->get_list_rows();
//add/modify rows from db
/*
foreach ($this->list_rows as $k => $row) {
$this->list_rows[$k]['field'] = 'value';
}
*/
$ps = array('list_rows' => $this->list_rows, 'count' => $this->list_count, 'pager' => $this->list_pager, 'f' => $this->list_filter);
return $ps;
}
function save_np_categories($userid = 0, $subscribe = 0, $categories = array())
{
if ($subscribe == false) {
$sql = 'DELETE FROM np_customer_category WHERE custid_fk = ' . $userid;
dbq($sql);
$return['success'] = true;
$return['message'] = 'User removed from Newsletter Pro';
} else {
if (count($categories) <= 0) {
$return['success'] = false;
$return['message'] = 'Unable to save user. At least one category is required.';
} else {
$sql = 'DELETE FROM np_customer_category WHERE custid_fk = ' . $userid;
dbq($sql);
foreach ($categories as $cat) {
$sql = 'INSERT INTO np_customer_category (custid_fk, categoryid_fk) VALUES (' . $userid . ', ' . $cat . ');';
dbq($sql);
}
$return['success'] = true;
$return['message'] = 'Newsletter Pro categories have been saved.';
}
}
return $return;
}
function local_delivery($importer, $data)
{
$a = get_app();
logger(__FUNCTION__, LOGGER_TRACE);
if ($importer['readonly']) {
// We aren't receiving stuff from this person. But we will quietly ignore them
// rather than a blatant "go away" message.
logger('local_delivery: ignoring');
return 0;
//NOTREACHED
}
// Consume notification feed. This may differ from consuming a public feed in several ways
// - might contain email or friend suggestions
// - might contain remote followup to our message
// - in which case we need to accept it and then notify other conversants
// - we may need to send various email notifications
$feed = new SimplePie();
$feed->set_raw_data($data);
$feed->enable_order_by_date(false);
$feed->init();
if ($feed->error()) {
logger('local_delivery: Error parsing XML: ' . $feed->error());
}
// Check at the feed level for updated contact name and/or photo
$name_updated = '';
$new_name = '';
$photo_timestamp = '';
$photo_url = '';
$contact_updated = '';
$rawtags = $feed->get_feed_tags(NAMESPACE_DFRN, 'owner');
// Fallback should not be needed here. If it isn't DFRN it won't have DFRN updated tags
// if(! $rawtags)
// $rawtags = $feed->get_feed_tags( SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($rawtags) {
$elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
if ($elems['name'][0]['attribs'][NAMESPACE_DFRN]['updated']) {
$name_updated = $elems['name'][0]['attribs'][NAMESPACE_DFRN]['updated'];
$new_name = $elems['name'][0]['data'];
// Manually checking for changed contact names
if ($new_name != $importer['name'] and $new_name != "" and $name_updated <= $importer['name-date']) {
$name_updated = date("c");
$photo_timestamp = date("c");
}
}
if (x($elems, 'link') && $elems['link'][0]['attribs']['']['rel'] === 'photo' && $elems['link'][0]['attribs'][NAMESPACE_DFRN]['updated']) {
if ($photo_timestamp == "") {
$photo_timestamp = datetime_convert('UTC', 'UTC', $elems['link'][0]['attribs'][NAMESPACE_DFRN]['updated']);
}
$photo_url = $elems['link'][0]['attribs']['']['href'];
}
}
if ($photo_timestamp && strlen($photo_url) && $photo_timestamp > $importer['avatar-date']) {
$contact_updated = $photo_timestamp;
logger('local_delivery: Updating photo for ' . $importer['name']);
require_once "include/Photo.php";
$photos = import_profile_photo($photo_url, $importer['importer_uid'], $importer['id']);
q("UPDATE `contact` SET `avatar-date` = '%s', `photo` = '%s', `thumb` = '%s', `micro` = '%s'\n\t\t\tWHERE `uid` = %d AND `id` = %d AND NOT `self`", dbesc(datetime_convert()), dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), intval($importer['importer_uid']), intval($importer['id']));
}
if ($name_updated && strlen($new_name) && $name_updated > $importer['name-date']) {
if ($name_updated > $contact_updated) {
$contact_updated = $name_updated;
}
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($importer['importer_uid']), intval($importer['id']));
$x = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `id` = %d AND `name` != '%s' AND NOT `self`", dbesc(notags(trim($new_name))), dbesc(datetime_convert()), intval($importer['importer_uid']), intval($importer['id']), dbesc(notags(trim($new_name))));
// do our best to update the name on content items
if (count($r) and notags(trim($new_name)) != $r[0]['name']) {
q("UPDATE `item` SET `author-name` = '%s' WHERE `author-name` = '%s' AND `author-link` = '%s' AND `uid` = %d AND `author-name` != '%s'", dbesc(notags(trim($new_name))), dbesc($r[0]['name']), dbesc($r[0]['url']), intval($importer['importer_uid']), dbesc(notags(trim($new_name))));
}
}
if ($contact_updated and $new_name and $photo_url) {
poco_check($importer['url'], $new_name, NETWORK_DFRN, $photo_url, "", "", "", "", "", $contact_updated, 2, $importer['id'], $importer['importer_uid']);
}
// Currently unsupported - needs a lot of work
$reloc = $feed->get_feed_tags(NAMESPACE_DFRN, 'relocate');
if (isset($reloc[0]['child'][NAMESPACE_DFRN])) {
$base = $reloc[0]['child'][NAMESPACE_DFRN];
$newloc = array();
$newloc['uid'] = $importer['importer_uid'];
$newloc['cid'] = $importer['id'];
$newloc['name'] = notags(unxmlify($base['name'][0]['data']));
$newloc['photo'] = notags(unxmlify($base['photo'][0]['data']));
$newloc['thumb'] = notags(unxmlify($base['thumb'][0]['data']));
$newloc['micro'] = notags(unxmlify($base['micro'][0]['data']));
$newloc['url'] = notags(unxmlify($base['url'][0]['data']));
$newloc['request'] = notags(unxmlify($base['request'][0]['data']));
$newloc['confirm'] = notags(unxmlify($base['confirm'][0]['data']));
$newloc['notify'] = notags(unxmlify($base['notify'][0]['data']));
$newloc['poll'] = notags(unxmlify($base['poll'][0]['data']));
$newloc['sitepubkey'] = notags(unxmlify($base['sitepubkey'][0]['data']));
/** relocated user must have original key pair */
/*$newloc['pubkey'] = notags(unxmlify($base['pubkey'][0]['data']));
$newloc['prvkey'] = notags(unxmlify($base['prvkey'][0]['data']));*/
logger("items:relocate contact " . print_r($newloc, true) . print_r($importer, true), LOGGER_DEBUG);
// update contact
$r = q("SELECT photo, url FROM contact WHERE id=%d AND uid=%d;", intval($importer['id']), intval($importer['importer_uid']));
if ($r === false) {
return 1;
}
$old = $r[0];
$x = q("UPDATE contact SET\n\t\t\t\t\tname = '%s',\n\t\t\t\t\tphoto = '%s',\n\t\t\t\t\tthumb = '%s',\n\t\t\t\t\tmicro = '%s',\n\t\t\t\t\turl = '%s',\n\t\t\t\t\tnurl = '%s',\n\t\t\t\t\trequest = '%s',\n\t\t\t\t\tconfirm = '%s',\n\t\t\t\t\tnotify = '%s',\n\t\t\t\t\tpoll = '%s',\n\t\t\t\t\t`site-pubkey` = '%s'\n\t\t\tWHERE id=%d AND uid=%d;", dbesc($newloc['name']), dbesc($newloc['photo']), dbesc($newloc['thumb']), dbesc($newloc['micro']), dbesc($newloc['url']), dbesc(normalise_link($newloc['url'])), dbesc($newloc['request']), dbesc($newloc['confirm']), dbesc($newloc['notify']), dbesc($newloc['poll']), dbesc($newloc['sitepubkey']), intval($importer['id']), intval($importer['importer_uid']));
if ($x === false) {
return 1;
}
// update items
$fields = array('owner-link' => array($old['url'], $newloc['url']), 'author-link' => array($old['url'], $newloc['url']), 'owner-avatar' => array($old['photo'], $newloc['photo']), 'author-avatar' => array($old['photo'], $newloc['photo']));
foreach ($fields as $n => $f) {
$x = q("UPDATE `item` SET `%s`='%s' WHERE `%s`='%s' AND uid=%d", $n, dbesc($f[1]), $n, dbesc($f[0]), intval($importer['importer_uid']));
if ($x === false) {
return 1;
}
}
// TODO
// merge with current record, current contents have priority
// update record, set url-updated
// update profile photos
// schedule a scan?
return 0;
}
// handle friend suggestion notification
$sugg = $feed->get_feed_tags(NAMESPACE_DFRN, 'suggest');
if (isset($sugg[0]['child'][NAMESPACE_DFRN])) {
$base = $sugg[0]['child'][NAMESPACE_DFRN];
$fsugg = array();
$fsugg['uid'] = $importer['importer_uid'];
$fsugg['cid'] = $importer['id'];
$fsugg['name'] = notags(unxmlify($base['name'][0]['data']));
$fsugg['photo'] = notags(unxmlify($base['photo'][0]['data']));
$fsugg['url'] = notags(unxmlify($base['url'][0]['data']));
$fsugg['request'] = notags(unxmlify($base['request'][0]['data']));
$fsugg['body'] = escape_tags(unxmlify($base['note'][0]['data']));
// Does our member already have a friend matching this description?
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `nurl` = '%s' AND `uid` = %d LIMIT 1", dbesc($fsugg['name']), dbesc(normalise_link($fsugg['url'])), intval($fsugg['uid']));
if (count($r)) {
return 0;
}
// Do we already have an fcontact record for this person?
$fid = 0;
$r = q("SELECT * FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1", dbesc($fsugg['url']), dbesc($fsugg['name']), dbesc($fsugg['request']));
if (count($r)) {
$fid = $r[0]['id'];
// OK, we do. Do we already have an introduction for this person ?
$r = q("select id from intro where uid = %d and fid = %d limit 1", intval($fsugg['uid']), intval($fid));
if (count($r)) {
return 0;
}
}
if (!$fid) {
$r = q("INSERT INTO `fcontact` ( `name`,`url`,`photo`,`request` ) VALUES ( '%s', '%s', '%s', '%s' ) ", dbesc($fsugg['name']), dbesc($fsugg['url']), dbesc($fsugg['photo']), dbesc($fsugg['request']));
}
$r = q("SELECT * FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1", dbesc($fsugg['url']), dbesc($fsugg['name']), dbesc($fsugg['request']));
if (count($r)) {
$fid = $r[0]['id'];
} else {
return 0;
}
$hash = random_string();
$r = q("INSERT INTO `intro` ( `uid`, `fid`, `contact-id`, `note`, `hash`, `datetime`, `blocked` )\n\t\t\tVALUES( %d, %d, %d, '%s', '%s', '%s', %d )", intval($fsugg['uid']), intval($fid), intval($fsugg['cid']), dbesc($fsugg['body']), dbesc($hash), dbesc(datetime_convert()), intval(0));
notification(array('type' => NOTIFY_SUGGEST, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $fsugg, 'link' => $a->get_baseurl() . '/notifications/intros', 'source_name' => $importer['name'], 'source_link' => $importer['url'], 'source_photo' => $importer['photo'], 'verb' => ACTIVITY_REQ_FRIEND, 'otype' => 'intro'));
return 0;
}
$ismail = false;
$rawmail = $feed->get_feed_tags(NAMESPACE_DFRN, 'mail');
if (isset($rawmail[0]['child'][NAMESPACE_DFRN])) {
logger('local_delivery: private message received');
$ismail = true;
$base = $rawmail[0]['child'][NAMESPACE_DFRN];
$msg = array();
$msg['uid'] = $importer['importer_uid'];
$msg['from-name'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['name'][0]['data']));
$msg['from-photo'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['avatar'][0]['data']));
$msg['from-url'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['uri'][0]['data']));
$msg['contact-id'] = $importer['id'];
$msg['title'] = notags(unxmlify($base['subject'][0]['data']));
$msg['body'] = escape_tags(unxmlify($base['content'][0]['data']));
$msg['seen'] = 0;
$msg['replied'] = 0;
$msg['uri'] = notags(unxmlify($base['id'][0]['data']));
$msg['parent-uri'] = notags(unxmlify($base['in-reply-to'][0]['data']));
$msg['created'] = datetime_convert(notags(unxmlify('UTC', 'UTC', $base['sentdate'][0]['data'])));
dbesc_array($msg);
$r = dbq("INSERT INTO `mail` (`" . implode("`, `", array_keys($msg)) . "`) VALUES ('" . implode("', '", array_values($msg)) . "')");
// send notifications.
require_once 'include/enotify.php';
$notif_params = array('type' => NOTIFY_MAIL, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $msg, 'source_name' => $msg['from-name'], 'source_link' => $importer['url'], 'source_photo' => $importer['thumb'], 'verb' => ACTIVITY_POST, 'otype' => 'mail');
notification($notif_params);
return 0;
// NOTREACHED
}
$community_page = 0;
$rawtags = $feed->get_feed_tags(NAMESPACE_DFRN, 'community');
if ($rawtags) {
$community_page = intval($rawtags[0]['data']);
}
if (intval($importer['forum']) != $community_page) {
q("update contact set forum = %d where id = %d", intval($community_page), intval($importer['id']));
$importer['forum'] = (string) $community_page;
}
logger('local_delivery: feed item count = ' . $feed->get_item_quantity());
// process any deleted entries
$del_entries = $feed->get_feed_tags(NAMESPACE_TOMB, 'deleted-entry');
if (is_array($del_entries) && count($del_entries)) {
foreach ($del_entries as $dentry) {
$deleted = false;
if (isset($dentry['attribs']['']['ref'])) {
$uri = $dentry['attribs']['']['ref'];
$deleted = true;
if (isset($dentry['attribs']['']['when'])) {
$when = $dentry['attribs']['']['when'];
$when = datetime_convert('UTC', 'UTC', $when, 'Y-m-d H:i:s');
} else {
$when = datetime_convert('UTC', 'UTC', 'now', 'Y-m-d H:i:s');
}
}
if ($deleted) {
// check for relayed deletes to our conversation
$is_reply = false;
$r = q("select * from item where uri = '%s' and uid = %d limit 1", dbesc($uri), intval($importer['importer_uid']));
if (count($r)) {
$parent_uri = $r[0]['parent-uri'];
if ($r[0]['id'] != $r[0]['parent']) {
$is_reply = true;
}
}
if ($is_reply) {
$community = false;
if ($importer['page-flags'] == PAGE_COMMUNITY || $importer['page-flags'] == PAGE_PRVGROUP) {
$sql_extra = '';
$community = true;
logger('local_delivery: possible community delete');
} else {
$sql_extra = " and contact.self = 1 and item.wall = 1 ";
}
// was the top-level post for this reply written by somebody on this site?
// Specifically, the recipient?
$is_a_remote_delete = false;
// POSSIBLE CLEANUP --> Why select so many fields when only forum_mode and wall are used?
$r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`,\n\t\t\t\t\t\t`contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item`\n\t\t\t\t\t\tINNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\t\t\tWHERE `item`.`uri` = '%s' AND (`item`.`parent-uri` = '%s' or `item`.`thr-parent` = '%s')\n\t\t\t\t\t\tAND `item`.`uid` = %d\n\t\t\t\t\t\t{$sql_extra}\n\t\t\t\t\t\tLIMIT 1", dbesc($parent_uri), dbesc($parent_uri), dbesc($parent_uri), intval($importer['importer_uid']));
if ($r && count($r)) {
$is_a_remote_delete = true;
}
// Does this have the characteristics of a community or private group comment?
// If it's a reply to a wall post on a community/prvgroup page it's a
// valid community comment. Also forum_mode makes it valid for sure.
// If neither, it's not.
if ($is_a_remote_delete && $community) {
if (!$r[0]['forum_mode'] && !$r[0]['wall']) {
$is_a_remote_delete = false;
logger('local_delivery: not a community delete');
}
}
if ($is_a_remote_delete) {
logger('local_delivery: received remote delete');
}
}
$r = q("SELECT `item`.*, `contact`.`self` FROM `item` INNER JOIN contact on `item`.`contact-id` = `contact`.`id`\n\t\t\t\t\tWHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1", dbesc($uri), intval($importer['importer_uid']), intval($importer['id']));
if (count($r)) {
$item = $r[0];
if ($item['deleted']) {
continue;
}
logger('local_delivery: deleting item ' . $item['id'] . ' uri=' . $item['uri'], LOGGER_DEBUG);
if ($item['object-type'] === ACTIVITY_OBJ_EVENT) {
logger("Deleting event " . $item['event-id'], LOGGER_DEBUG);
event_delete($item['event-id']);
}
if ($item['verb'] === ACTIVITY_TAG && $item['object-type'] === ACTIVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($item['object'], false);
$xt = parse_xml_string($item['target'], false);
if ($xt->type === ACTIVITY_OBJ_NOTE) {
$i = q("select * from `item` where uri = '%s' and uid = %d limit 1", dbesc($xt->id), intval($importer['importer_uid']));
if (count($i)) {
// For tags, the owner cannot remove the tag on the author's copy of the post.
$owner_remove = $item['contact-id'] == $i[0]['contact-id'] ? true : false;
$author_remove = $item['origin'] && $item['self'] ? true : false;
$author_copy = $item['origin'] ? true : false;
if ($owner_remove && $author_copy) {
continue;
}
if ($author_remove || $owner_remove) {
$tags = explode(',', $i[0]['tag']);
$newtags = array();
if (count($tags)) {
foreach ($tags as $tag) {
if (trim($tag) !== trim($xo->body)) {
$newtags[] = trim($tag);
}
}
}
q("update item set tag = '%s' where id = %d", dbesc(implode(',', $newtags)), intval($i[0]['id']));
create_tags_from_item($i[0]['id']);
}
}
}
}
if ($item['uri'] == $item['parent-uri']) {
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s',\n\t\t\t\t\t\t\t`body` = '', `title` = ''\n\t\t\t\t\t\t\tWHERE `parent-uri` = '%s' AND `uid` = %d", dbesc($when), dbesc(datetime_convert()), dbesc($item['uri']), intval($importer['importer_uid']));
create_tags_from_itemuri($item['uri'], $importer['importer_uid']);
create_files_from_itemuri($item['uri'], $importer['importer_uid']);
update_thread_uri($item['uri'], $importer['importer_uid']);
} else {
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s',\n\t\t\t\t\t\t\t`body` = '', `title` = ''\n\t\t\t\t\t\t\tWHERE `uri` = '%s' AND `uid` = %d", dbesc($when), dbesc(datetime_convert()), dbesc($uri), intval($importer['importer_uid']));
create_tags_from_itemuri($uri, $importer['importer_uid']);
create_files_from_itemuri($uri, $importer['importer_uid']);
update_thread_uri($uri, $importer['importer_uid']);
if ($item['last-child']) {
// ensure that last-child is set in case the comment that had it just got wiped.
q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d ", dbesc(datetime_convert()), dbesc($item['parent-uri']), intval($item['uid']));
// who is the last child now?
$r = q("SELECT `id` FROM `item` WHERE `parent-uri` = '%s' AND `type` != 'activity' AND `deleted` = 0 AND `uid` = %d\n\t\t\t\t\t\t\t\tORDER BY `created` DESC LIMIT 1", dbesc($item['parent-uri']), intval($importer['importer_uid']));
if (count($r)) {
q("UPDATE `item` SET `last-child` = 1 WHERE `id` = %d", intval($r[0]['id']));
}
}
// if this is a relayed delete, propagate it to other recipients
if ($is_a_remote_delete) {
proc_run('php', "include/notifier.php", "drop", $item['id']);
}
}
}
}
}
}
foreach ($feed->get_items() as $item) {
$is_reply = false;
$item_id = $item->get_id();
$rawthread = $item->get_item_tags(NAMESPACE_THREAD, 'in-reply-to');
if (isset($rawthread[0]['attribs']['']['ref'])) {
$is_reply = true;
$parent_uri = $rawthread[0]['attribs']['']['ref'];
}
if ($is_reply) {
$community = false;
if ($importer['page-flags'] == PAGE_COMMUNITY || $importer['page-flags'] == PAGE_PRVGROUP) {
$sql_extra = '';
$community = true;
logger('local_delivery: possible community reply');
} else {
$sql_extra = " and contact.self = 1 and item.wall = 1 ";
}
// was the top-level post for this reply written by somebody on this site?
// Specifically, the recipient?
$is_a_remote_comment = false;
$top_uri = $parent_uri;
$r = q("select `item`.`parent-uri` from `item`\n\t\t\t\tWHERE `item`.`uri` = '%s'\n\t\t\t\tLIMIT 1", dbesc($parent_uri));
if ($r && count($r)) {
$top_uri = $r[0]['parent-uri'];
// POSSIBLE CLEANUP --> Why select so many fields when only forum_mode and wall are used?
$r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`,\n\t\t\t\t\t`contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item`\n\t\t\t\t\tINNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\t\tWHERE `item`.`uri` = '%s' AND (`item`.`parent-uri` = '%s' or `item`.`thr-parent` = '%s')\n\t\t\t\t\tAND `item`.`uid` = %d\n\t\t\t\t\t{$sql_extra}\n\t\t\t\t\tLIMIT 1", dbesc($top_uri), dbesc($top_uri), dbesc($top_uri), intval($importer['importer_uid']));
if ($r && count($r)) {
$is_a_remote_comment = true;
}
}
// Does this have the characteristics of a community or private group comment?
// If it's a reply to a wall post on a community/prvgroup page it's a
// valid community comment. Also forum_mode makes it valid for sure.
// If neither, it's not.
if ($is_a_remote_comment && $community) {
if (!$r[0]['forum_mode'] && !$r[0]['wall']) {
$is_a_remote_comment = false;
logger('local_delivery: not a community reply');
}
}
if ($is_a_remote_comment) {
logger('local_delivery: received remote comment');
$is_like = false;
// remote reply to our post. Import and then notify everybody else.
$datarray = get_atom_elements($feed, $item);
$r = q("SELECT `id`, `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['importer_uid']));
// Update content if 'updated' changes
if (count($r)) {
$iid = $r[0]['id'];
if (edited_timestamp_is_newer($r[0], $datarray)) {
// do not accept (ignore) an earlier edit than one we currently have.
if (datetime_convert('UTC', 'UTC', $datarray['edited']) < $r[0]['edited']) {
continue;
}
logger('received updated comment', LOGGER_DEBUG);
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s', `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d", dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['tag']), dbesc(datetime_convert('UTC', 'UTC', $datarray['edited'])), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
create_tags_from_itemuri($item_id, $importer['importer_uid']);
proc_run('php', "include/notifier.php", "comment-import", $iid);
}
continue;
}
$own = q("select name,url,thumb from contact where uid = %d and self = 1 limit 1", intval($importer['importer_uid']));
$datarray['type'] = 'remote-comment';
$datarray['wall'] = 1;
$datarray['parent-uri'] = $parent_uri;
$datarray['uid'] = $importer['importer_uid'];
$datarray['owner-name'] = $own[0]['name'];
$datarray['owner-link'] = $own[0]['url'];
$datarray['owner-avatar'] = $own[0]['thumb'];
$datarray['contact-id'] = $importer['id'];
if ($datarray['verb'] === ACTIVITY_LIKE || $datarray['verb'] === ACTIVITY_DISLIKE || $datarray['verb'] === ACTIVITY_ATTEND || $datarray['verb'] === ACTIVITY_ATTENDNO || $datarray['verb'] === ACTIVITY_ATTENDMAYBE) {
$is_like = true;
$datarray['type'] = 'activity';
$datarray['gravity'] = GRAVITY_LIKE;
$datarray['last-child'] = 0;
// only one like or dislike per person
// splitted into two queries for performance issues
$r = q("select id from item where uid = %d and `contact-id` = %d and verb = '%s' and (`parent-uri` = '%s') and deleted = 0 limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']), dbesc($datarray['parent-uri']));
if ($r && count($r)) {
continue;
}
$r = q("select id from item where uid = %d and `contact-id` = %d and verb = '%s' and (`thr-parent` = '%s') and deleted = 0 limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']), dbesc($datarray['parent-uri']));
if ($r && count($r)) {
continue;
}
}
if ($datarray['verb'] === ACTIVITY_TAG && $datarray['object-type'] === ACTIVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($datarray['object'], false);
$xt = parse_xml_string($datarray['target'], false);
if ($xt->type == ACTIVITY_OBJ_NOTE && $xt->id) {
// fetch the parent item
$tagp = q("select * from item where uri = '%s' and uid = %d limit 1", dbesc($xt->id), intval($importer['importer_uid']));
if (!count($tagp)) {
continue;
}
// extract tag, if not duplicate, and this user allows tags, add to parent item
if ($xo->id && $xo->content) {
$newtag = '#[url=' . $xo->id . ']' . $xo->content . '[/url]';
if (!stristr($tagp[0]['tag'], $newtag)) {
$i = q("SELECT `blocktags` FROM `user` where `uid` = %d LIMIT 1", intval($importer['importer_uid']));
if (count($i) && !intval($i[0]['blocktags'])) {
q("UPDATE item SET tag = '%s', `edited` = '%s', `changed` = '%s' WHERE id = %d", dbesc($tagp[0]['tag'] . (strlen($tagp[0]['tag']) ? ',' : '') . $newtag), intval($tagp[0]['id']), dbesc(datetime_convert()), dbesc(datetime_convert()));
create_tags_from_item($tagp[0]['id']);
}
}
}
}
}
$posted_id = item_store($datarray);
$parent = 0;
if ($posted_id) {
$datarray["id"] = $posted_id;
$r = q("SELECT `parent`, `parent-uri` FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($posted_id), intval($importer['importer_uid']));
if (count($r)) {
$parent = $r[0]['parent'];
$parent_uri = $r[0]['parent-uri'];
}
if (!$is_like) {
$r1 = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `uid` = %d AND `parent` = %d", dbesc(datetime_convert()), intval($importer['importer_uid']), intval($r[0]['parent']));
$r2 = q("UPDATE `item` SET `last-child` = 1, `changed` = '%s' WHERE `uid` = %d AND `id` = %d", dbesc(datetime_convert()), intval($importer['importer_uid']), intval($posted_id));
}
if ($posted_id && $parent) {
proc_run('php', "include/notifier.php", "comment-import", "{$posted_id}");
if (!$is_like && !$importer['self']) {
require_once 'include/enotify.php';
notification(array('type' => NOTIFY_COMMENT, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . urlencode(get_item_guid($posted_id)), 'source_name' => stripslashes($datarray['author-name']), 'source_link' => $datarray['author-link'], 'source_photo' => link_compare($datarray['author-link'], $importer['url']) ? $importer['thumb'] : $datarray['author-avatar'], 'verb' => ACTIVITY_POST, 'otype' => 'item', 'parent' => $parent, 'parent_uri' => $parent_uri));
}
}
return 0;
// NOTREACHED
}
} else {
// regular comment that is part of this total conversation. Have we seen it? If not, import it.
$item_id = $item->get_id();
$datarray = get_atom_elements($feed, $item);
if ($importer['rel'] == CONTACT_IS_FOLLOWER) {
continue;
}
$r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['importer_uid']));
// Update content if 'updated' changes
if (count($r)) {
if (edited_timestamp_is_newer($r[0], $datarray)) {
// do not accept (ignore) an earlier edit than one we currently have.
if (datetime_convert('UTC', 'UTC', $datarray['edited']) < $r[0]['edited']) {
continue;
}
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s', `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d", dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['tag']), dbesc(datetime_convert('UTC', 'UTC', $datarray['edited'])), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
create_tags_from_itemuri($item_id, $importer['importer_uid']);
}
// update last-child if it changes
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d", dbesc(datetime_convert()), dbesc($parent_uri), intval($importer['importer_uid']));
$r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d", intval($allow[0]['data']), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
}
continue;
}
$datarray['parent-uri'] = $parent_uri;
$datarray['uid'] = $importer['importer_uid'];
$datarray['contact-id'] = $importer['id'];
if ($datarray['verb'] === ACTIVITY_LIKE || $datarray['verb'] === ACTIVITY_DISLIKE || $datarray['verb'] === ACTIVITY_ATTEND || $datarray['verb'] === ACTIVITY_ATTENDNO || $datarray['verb'] === ACTIVITY_ATTENDMAYBE) {
$datarray['type'] = 'activity';
$datarray['gravity'] = GRAVITY_LIKE;
// only one like or dislike per person
// splitted into two queries for performance issues
$r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent-uri` = '%s') limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']), dbesc($parent_uri));
if ($r && count($r)) {
continue;
}
$r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`thr-parent` = '%s') limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']), dbesc($parent_uri));
if ($r && count($r)) {
continue;
}
}
if ($datarray['verb'] === ACTIVITY_TAG && $datarray['object-type'] === ACTIVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($datarray['object'], false);
$xt = parse_xml_string($datarray['target'], false);
if ($xt->type == ACTIVITY_OBJ_NOTE) {
$r = q("select * from item where `uri` = '%s' AND `uid` = %d limit 1", dbesc($xt->id), intval($importer['importer_uid']));
if (!count($r)) {
continue;
}
// extract tag, if not duplicate, add to parent item
if ($xo->content) {
if (!stristr($r[0]['tag'], trim($xo->content))) {
q("UPDATE item SET tag = '%s' WHERE id = %d", dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[url=' . $xo->id . ']' . $xo->content . '[/url]'), intval($r[0]['id']));
create_tags_from_item($r[0]['id']);
}
}
}
}
$posted_id = item_store($datarray);
// find out if our user is involved in this conversation and wants to be notified.
if (!x($datarray['type']) || $datarray['type'] != 'activity') {
$myconv = q("SELECT `author-link`, `author-avatar`, `parent` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d AND `parent` != 0 AND `deleted` = 0", dbesc($top_uri), intval($importer['importer_uid']));
if (count($myconv)) {
$importer_url = $a->get_baseurl() . '/profile/' . $importer['nickname'];
// first make sure this isn't our own post coming back to us from a wall-to-wall event
if (!link_compare($datarray['author-link'], $importer_url)) {
foreach ($myconv as $conv) {
// now if we find a match, it means we're in this conversation
if (!link_compare($conv['author-link'], $importer_url)) {
continue;
}
require_once 'include/enotify.php';
$conv_parent = $conv['parent'];
notification(array('type' => NOTIFY_COMMENT, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . urlencode(get_item_guid($posted_id)), 'source_name' => stripslashes($datarray['author-name']), 'source_link' => $datarray['author-link'], 'source_photo' => link_compare($datarray['author-link'], $importer['url']) ? $importer['thumb'] : $datarray['author-avatar'], 'verb' => ACTIVITY_POST, 'otype' => 'item', 'parent' => $conv_parent, 'parent_uri' => $parent_uri));
// only send one notification
break;
}
}
}
}
continue;
}
} else {
// Head post of a conversation. Have we seen it? If not, import it.
$item_id = $item->get_id();
$datarray = get_atom_elements($feed, $item);
if (x($datarray, 'object-type') && $datarray['object-type'] === ACTIVITY_OBJ_EVENT) {
$ev = bbtoevent($datarray['body']);
if ((x($ev, 'desc') || x($ev, 'summary')) && x($ev, 'start')) {
$ev['cid'] = $importer['id'];
$ev['uid'] = $importer['uid'];
$ev['uri'] = $item_id;
$ev['edited'] = $datarray['edited'];
$ev['private'] = $datarray['private'];
$ev['guid'] = $datarray['guid'];
$r = q("SELECT * FROM `event` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['uid']));
if (count($r)) {
$ev['id'] = $r[0]['id'];
}
$xyz = event_store($ev);
continue;
}
}
$r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['importer_uid']));
// Update content if 'updated' changes
if (count($r)) {
if (edited_timestamp_is_newer($r[0], $datarray)) {
// do not accept (ignore) an earlier edit than one we currently have.
if (datetime_convert('UTC', 'UTC', $datarray['edited']) < $r[0]['edited']) {
continue;
}
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s', `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d", dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['tag']), dbesc(datetime_convert('UTC', 'UTC', $datarray['edited'])), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
create_tags_from_itemuri($item_id, $importer['importer_uid']);
update_thread_uri($item_id, $importer['importer_uid']);
}
// update last-child if it changes
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d", intval($allow[0]['data']), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
}
continue;
}
$datarray['parent-uri'] = $item_id;
$datarray['uid'] = $importer['importer_uid'];
$datarray['contact-id'] = $importer['id'];
if (!link_compare($datarray['owner-link'], $importer['url'])) {
// The item owner info is not our contact. It's OK and is to be expected if this is a tgroup delivery,
// but otherwise there's a possible data mixup on the sender's system.
// the tgroup delivery code called from item_store will correct it if it's a forum,
// but we're going to unconditionally correct it here so that the post will always be owned by our contact.
logger('local_delivery: Correcting item owner.', LOGGER_DEBUG);
$datarray['owner-name'] = $importer['senderName'];
$datarray['owner-link'] = $importer['url'];
$datarray['owner-avatar'] = $importer['thumb'];
}
if ($importer['rel'] == CONTACT_IS_FOLLOWER && !tgroup_check($importer['importer_uid'], $datarray)) {
continue;
}
// This is my contact on another system, but it's really me.
// Turn this into a wall post.
$notify = item_is_remote_self($importer, $datarray);
$posted_id = item_store($datarray, false, $notify);
if (stristr($datarray['verb'], ACTIVITY_POKE)) {
$verb = urldecode(substr($datarray['verb'], strpos($datarray['verb'], '#') + 1));
if (!$verb) {
continue;
}
$xo = parse_xml_string($datarray['object'], false);
if ($xo->type == ACTIVITY_OBJ_PERSON && $xo->id) {
// somebody was poked/prodded. Was it me?
$links = parse_xml_string("<links>" . unxmlify($xo->link) . "</links>", false);
foreach ($links->link as $l) {
$atts = $l->attributes();
switch ($atts['rel']) {
case "alternate":
$Blink = $atts['href'];
break;
default:
break;
}
}
if ($Blink && link_compare($Blink, $a->get_baseurl() . '/profile/' . $importer['nickname'])) {
// send a notification
require_once 'include/enotify.php';
notification(array('type' => NOTIFY_POKE, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . urlencode(get_item_guid($posted_id)), 'source_name' => stripslashes($datarray['author-name']), 'source_link' => $datarray['author-link'], 'source_photo' => link_compare($datarray['author-link'], $importer['url']) ? $importer['thumb'] : $datarray['author-avatar'], 'verb' => $datarray['verb'], 'otype' => 'person', 'activity' => $verb, 'parent' => $datarray['parent']));
}
}
}
continue;
}
}
return 0;
// NOTREACHED
}
<?php
$pricebook_cats = dbq('SELECT * FROM nec_dealer');
?>
<style type="text/css">
table#users {
margin-top: 20px;
font-size: 11px;
}
#users th {
text-align: left;
background: #E1E7EA;
}
#users th.over {
background: #ccc;
}
#users td, #users th {
border: 1px solid #CCCCCC;
border-collapse: collapse;
padding: 4px 4px;
}
.approvebox {
text-align: center;
}
.approvebox input {
margin: 0;
width: 13px;
height: 13px;
overflow: hidden;
}
function do_export_table($t = '', $isvar = 0, $MAXI = 838860)
{
global $D;
@set_time_limit(600);
if ($_REQUEST['s']) {
$sth = db_query("show create table `{$t}`");
$row = mysql_fetch_row($sth);
$ct = preg_replace("/\n\r|\r\n|\n|\r/", $D, $row[1]);
ex_w("DROP TABLE IF EXISTS `{$t}`;{$D}{$ct};{$D}{$D}");
}
if ($_REQUEST['d']) {
$exsql = '';
ex_w("/*!40000 ALTER TABLE `{$t}` DISABLE KEYS */;{$D}");
$sth = db_query("select * from `{$t}`");
while ($row = mysql_fetch_row($sth)) {
$values = '';
foreach ($row as $v) {
$values .= ($values ? ',' : '') . dbq($v);
}
$exsql .= ($exsql ? ',' : '') . "(" . $values . ")";
if (strlen($exsql) > $MAXI) {
ex_w("INSERT INTO `{$t}` VALUES {$exsql};{$D}");
$exsql = '';
}
}
if ($exsql) {
ex_w("INSERT INTO `{$t}` VALUES {$exsql};{$D}");
}
ex_w("/*!40000 ALTER TABLE `{$t}` ENABLE KEYS */;{$D}{$D}");
}
flush();
}
$_POST = array_map('strip_slashes_deep', $_POST);
$_GET = array_map('strip_slashes_deep', $_GET);
}
if (isset($_GET['type']) && isset($_GET['id']) && preg_match('/^[0-9]+$/', $_GET['id'])) {
if ($_GET['type'] == 'image') {
$record = dbq("SELECT parent FROM wp_image_gallery WHERE id = {$_GET['id']}");
if (!dbq("DELETE FROM `wp_image_gallery` WHERE `id` = '{$_GET['id']}' LIMIT 1")) {
echo "ERROR";
} else {
@unlink($cfg['data'] . "images/" . $_GET['id'] . "-s.jpg");
@unlink($cfg['data'] . "images/" . $_GET['id'] . "-m.jpg");
@unlink($cfg['data'] . "images/" . $_GET['id'] . "-l.jpg");
echo "DELETE SUCCESS";
}
} else {
if ($_GET['type'] == 'file') {
$record = dbq("SELECT parent FROM wp_file_gallery WHERE id = {$_GET['id']}");
if (!dbq("DELETE FROM `wp_file_gallery` WHERE `id` = '{$_GET['id']}' LIMIT 1")) {
echo "ERROR";
} else {
$file = glob($cfg['data'] . "files/" . $_GET['id'] . ".*");
@unlink($file[0]);
echo "DELETE SUCCESS";
}
}
}
$parentID = $record[0]['parent'];
dbq("UPDATE wp_structure SET modified = NOW() WHERE id = {$parentID}");
dbq("UPDATE wp_file_gallery SET modified = NOW() WHERE parent = {$parentID}");
dbq("UPDATE wp_image_gallery SET modified = NOW() WHERE parent = {$parentID}");
}
function do_export_table($t = '', $isvar = 0, $MAXI = 838860)
{
set_time_limit(600);
if ($_REQUEST['s']) {
$sth = db_query("show create table `{$t}`");
$row = mysql_fetch_row($sth);
echo "DROP TABLE IF EXISTS `{$t}`;\n{$row['1']};\n\n";
}
if ($_REQUEST['d']) {
$exsql = '';
echo "/*!40000 ALTER TABLE `{$t}` DISABLE KEYS */;\n";
$sth = db_query("select * from `{$t}`");
while ($row = mysql_fetch_row($sth)) {
$values = '';
foreach ($row as $value) {
$values .= ($values ? ',' : '') . "'" . dbq($value) . "'";
}
$exsql .= ($exsql ? ',' : '') . "(" . $values . ")";
if (strlen($exsql) > $MAXI) {
echo "INSERT INTO `{$t}` VALUES {$exsql};\n";
$exsql = '';
}
}
if ($exsql) {
echo "INSERT INTO `{$t}` VALUES {$exsql};\n";
}
echo "/*!40000 ALTER TABLE `{$t}` ENABLE KEYS */;\n";
echo "\n";
}
flush();
}
/**
* @brief
*
* @param array $sender
* @param array $arr
* @param array $deliveries
* @return array
*/
function process_channel_sync_delivery($sender, $arr, $deliveries)
{
require_once 'include/import.php';
/** @FIXME this will sync red structures (channel, pconfig and abook). Eventually we need to make this application agnostic. */
$result = array();
foreach ($deliveries as $d) {
$r = q("select * from channel where channel_hash = '%s' limit 1", dbesc($d['hash']));
if (!$r) {
$result[] = array($d['hash'], 'not found');
continue;
}
$channel = $r[0];
$max_friends = service_class_fetch($channel['channel_id'], 'total_channels');
$max_feeds = account_service_class_fetch($channel['channel_account_id'], 'total_feeds');
if ($channel['channel_hash'] != $sender['hash']) {
logger('process_channel_sync_delivery: possible forgery. Sender ' . $sender['hash'] . ' is not ' . $channel['channel_hash']);
$result[] = array($d['hash'], 'channel mismatch', $channel['channel_name'], '');
continue;
}
if (array_key_exists('config', $arr) && is_array($arr['config']) && count($arr['config'])) {
foreach ($arr['config'] as $cat => $k) {
foreach ($arr['config'][$cat] as $k => $v) {
set_pconfig($channel['channel_id'], $cat, $k, $v);
}
}
}
if (array_key_exists('obj', $arr) && $arr['obj']) {
sync_objs($channel, $arr['obj']);
}
if (array_key_exists('likes', $arr) && $arr['likes']) {
import_likes($channel, $arr['likes']);
}
if (array_key_exists('app', $arr) && $arr['app']) {
sync_apps($channel, $arr['app']);
}
if (array_key_exists('chatroom', $arr) && $arr['chatroom']) {
sync_chatrooms($channel, $arr['chatroom']);
}
if (array_key_exists('conv', $arr) && $arr['conv']) {
import_conv($channel, $arr['conv']);
}
if (array_key_exists('mail', $arr) && $arr['mail']) {
import_mail($channel, $arr['mail']);
}
if (array_key_exists('event', $arr) && $arr['event']) {
sync_events($channel, $arr['event']);
}
if (array_key_exists('event_item', $arr) && $arr['event_item']) {
sync_items($channel, $arr['event_item']);
}
if (array_key_exists('item', $arr) && $arr['item']) {
sync_items($channel, $arr['item']);
}
if (array_key_exists('item_id', $arr) && $arr['item_id']) {
sync_items($channel, $arr['item_id']);
}
if (array_key_exists('menu', $arr) && $arr['menu']) {
sync_menus($channel, $arr['menu']);
}
if (array_key_exists('channel', $arr) && is_array($arr['channel']) && count($arr['channel'])) {
if (array_key_exists('channel_pageflags', $arr['channel']) && intval($arr['channel']['channel_pageflags'])) {
// These flags cannot be sync'd.
// remove the bits from the incoming flags.
// These correspond to PAGE_REMOVED and PAGE_SYSTEM on redmatrix
if ($arr['channel']['channel_pageflags'] & 0x8000) {
$arr['channel']['channel_pageflags'] = $arr['channel']['channel_pageflags'] - 0x8000;
}
if ($arr['channel']['channel_pageflags'] & 0x1000) {
$arr['channel']['channel_pageflags'] = $arr['channel']['channel_pageflags'] - 0x1000;
}
}
$disallowed = array('channel_id', 'channel_account_id', 'channel_primary', 'channel_prvkey', 'channel_address', 'channel_notifyflags', 'channel_removed', 'channel_deleted', 'channel_system');
$clean = array();
foreach ($arr['channel'] as $k => $v) {
if (in_array($k, $disallowed)) {
continue;
}
$clean[$k] = $v;
}
if (count($clean)) {
foreach ($clean as $k => $v) {
$r = dbq("UPDATE channel set " . dbesc($k) . " = '" . dbesc($v) . "' where channel_id = " . intval($channel['channel_id']));
}
}
}
if (array_key_exists('abook', $arr) && is_array($arr['abook']) && count($arr['abook'])) {
$total_friends = 0;
$total_feeds = 0;
$r = q("select abook_id, abook_feed from abook where abook_channel = %d", intval($channel['channel_id']));
if ($r) {
// don't count yourself
$total_friends = count($r) > 0 ? count($r) - 1 : 0;
foreach ($r as $rr) {
if (intval($rr['abook_feed'])) {
$total_feeds++;
}
}
}
$disallowed = array('abook_id', 'abook_account', 'abook_channel', 'abook_rating', 'abook_rating_text');
foreach ($arr['abook'] as $abook) {
if (!array_key_exists('abook_blocked', $abook)) {
// convert from redmatrix
$abook['abook_blocked'] = $abook['abook_flags'] & 0x1 ? 1 : 0;
$abook['abook_ignored'] = $abook['abook_flags'] & 0x2 ? 1 : 0;
$abook['abook_hidden'] = $abook['abook_flags'] & 0x4 ? 1 : 0;
$abook['abook_archived'] = $abook['abook_flags'] & 0x8 ? 1 : 0;
$abook['abook_pending'] = $abook['abook_flags'] & 0x10 ? 1 : 0;
$abook['abook_unconnected'] = $abook['abook_flags'] & 0x20 ? 1 : 0;
$abook['abook_self'] = $abook['abook_flags'] & 0x80 ? 1 : 0;
$abook['abook_feed'] = $abook['abook_flags'] & 0x100 ? 1 : 0;
}
$clean = array();
if ($abook['abook_xchan'] && $abook['entry_deleted']) {
logger('process_channel_sync_delivery: removing abook entry for ' . $abook['abook_xchan']);
require_once 'include/Contact.php';
$r = q("select abook_id, abook_feed from abook where abook_xchan = '%s' and abook_channel = %d and abook_self = 0 limit 1", dbesc($abook['abook_xchan']), intval($channel['channel_id']));
if ($r) {
contact_remove($channel['channel_id'], $r[0]['abook_id']);
if ($total_friends) {
$total_friends--;
}
if (intval($r[0]['abook_feed'])) {
$total_feeds--;
}
}
continue;
}
// Perform discovery if the referenced xchan hasn't ever been seen on this hub.
// This relies on the undocumented behaviour that red sites send xchan info with the abook
// and import_author_xchan will look them up on all federated networks
if ($abook['abook_xchan'] && $abook['xchan_addr']) {
$h = zot_get_hublocs($abook['abook_xchan']);
if (!$h) {
$xhash = import_author_xchan(encode_item_xchan($abook));
if (!$xhash) {
logger('process_channel_sync_delivery: import of ' . $abook['xchan_addr'] . ' failed.');
continue;
}
}
}
foreach ($abook as $k => $v) {
if (in_array($k, $disallowed) || strpos($k, 'abook') !== 0) {
continue;
}
$clean[$k] = $v;
}
if (!array_key_exists('abook_xchan', $clean)) {
continue;
}
$r = q("select * from abook where abook_xchan = '%s' and abook_channel = %d limit 1", dbesc($clean['abook_xchan']), intval($channel['channel_id']));
// make sure we have an abook entry for this xchan on this system
if (!$r) {
if ($max_friends !== false && $total_friends > $max_friends) {
logger('process_channel_sync_delivery: total_channels service class limit exceeded');
continue;
}
if ($max_feeds !== false && intval($clean['abook_feed']) && $total_feeds > $max_feeds) {
logger('process_channel_sync_delivery: total_feeds service class limit exceeded');
continue;
}
q("insert into abook ( abook_xchan, abook_channel ) values ('%s', %d ) ", dbesc($clean['abook_xchan']), intval($channel['channel_id']));
$total_friends++;
if (intval($clean['abook_feed'])) {
$total_feeds++;
}
}
if (count($clean)) {
foreach ($clean as $k => $v) {
if ($k == 'abook_dob') {
$v = dbescdate($v);
}
$r = dbq("UPDATE abook set " . dbesc($k) . " = '" . dbesc($v) . "' where abook_xchan = '" . dbesc($clean['abook_xchan']) . "' and abook_channel = " . intval($channel['channel_id']));
}
}
}
}
// sync collections (privacy groups) oh joy...
if (array_key_exists('collections', $arr) && is_array($arr['collections']) && count($arr['collections'])) {
$x = q("select * from groups where uid = %d", intval($channel['channel_id']));
foreach ($arr['collections'] as $cl) {
$found = false;
if ($x) {
foreach ($x as $y) {
if ($cl['collection'] == $y['hash']) {
$found = true;
break;
}
}
if ($found) {
if ($y['name'] != $cl['name'] || $y['visible'] != $cl['visible'] || $y['deleted'] != $cl['deleted']) {
q("update groups set name = '%s', visible = %d, deleted = %d where hash = '%s' and uid = %d", dbesc($cl['name']), intval($cl['visible']), intval($cl['deleted']), dbesc($cl['hash']), intval($channel['channel_id']));
}
if (intval($cl['deleted']) && !intval($y['deleted'])) {
q("delete from group_member where gid = %d", intval($y['id']));
}
}
}
if (!$found) {
$r = q("INSERT INTO `groups` ( hash, uid, visible, deleted, name )\n\t\t\t\t\t\tVALUES( '%s', %d, %d, %d, '%s' ) ", dbesc($cl['collection']), intval($channel['channel_id']), intval($cl['visible']), intval($cl['deleted']), dbesc($cl['name']));
}
// now look for any collections locally which weren't in the list we just received.
// They need to be removed by marking deleted and removing the members.
// This shouldn't happen except for clones created before this function was written.
if ($x) {
$found_local = false;
foreach ($x as $y) {
foreach ($arr['collections'] as $cl) {
if ($cl['collection'] == $y['hash']) {
$found_local = true;
break;
}
}
if (!$found_local) {
q("delete from group_member where gid = %d", intval($y['id']));
q("update groups set deleted = 1 where id = %d and uid = %d", intval($y['id']), intval($channel['channel_id']));
}
}
}
}
// reload the group list with any updates
$x = q("select * from groups where uid = %d", intval($channel['channel_id']));
// now sync the members
if (array_key_exists('collection_members', $arr) && is_array($arr['collection_members']) && count($arr['collection_members'])) {
// first sort into groups keyed by the group hash
$members = array();
foreach ($arr['collection_members'] as $cm) {
if (!array_key_exists($cm['collection'], $members)) {
$members[$cm['collection']] = array();
}
$members[$cm['collection']][] = $cm['member'];
}
// our group list is already synchronised
if ($x) {
foreach ($x as $y) {
// for each group, loop on members list we just received
foreach ($members[$y['hash']] as $member) {
$found = false;
$z = q("select xchan from group_member where gid = %d and uid = %d and xchan = '%s' limit 1", intval($y['id']), intval($channel['channel_id']), dbesc($member));
if ($z) {
$found = true;
}
// if somebody is in the group that wasn't before - add them
if (!$found) {
q("INSERT INTO `group_member` (`uid`, `gid`, `xchan`)\n\t\t\t\t\t\t\t\t\tVALUES( %d, %d, '%s' ) ", intval($channel['channel_id']), intval($y['id']), dbesc($member));
}
}
// now retrieve a list of members we have on this site
$m = q("select xchan from group_member where gid = %d and uid = %d", intval($y['id']), intval($channel['channel_id']));
if ($m) {
foreach ($m as $mm) {
// if the local existing member isn't in the list we just received - remove them
if (!in_array($mm['xchan'], $members[$y['hash']])) {
q("delete from group_member where xchan = '%s' and gid = %d and uid = %d", dbesc($mm['xchan']), intval($y['id']), intval($channel['channel_id']));
}
}
}
}
}
}
}
if (array_key_exists('profile', $arr) && is_array($arr['profile']) && count($arr['profile'])) {
$disallowed = array('id', 'aid', 'uid');
foreach ($arr['profile'] as $profile) {
$x = q("select * from profile where profile_guid = '%s' and uid = %d limit 1", dbesc($profile['profile_guid']), intval($channel['channel_id']));
if (!$x) {
q("insert into profile ( profile_guid, aid, uid ) values ('%s', %d, %d)", dbesc($profile['profile_guid']), intval($channel['channel_account_id']), intval($channel['channel_id']));
$x = q("select * from profile where profile_guid = '%s' and uid = %d limit 1", dbesc($profile['profile_guid']), intval($channel['channel_id']));
if (!$x) {
continue;
}
}
$clean = array();
foreach ($profile as $k => $v) {
if (in_array($k, $disallowed)) {
continue;
}
$clean[$k] = $v;
/**
* @TODO check if these are allowed, otherwise we'll error
* We also need to import local photos if a custom photo is selected
*/
}
if (count($clean)) {
foreach ($clean as $k => $v) {
$r = dbq("UPDATE profile set `" . dbesc($k) . "` = '" . dbesc($v) . "' where profile_guid = '" . dbesc($profile['profile_guid']) . "' and uid = " . intval($channel['channel_id']));
}
}
}
}
if (array_key_exists('item', $arr) && $arr['item']) {
sync_items($channel, $arr['item']);
}
if (array_key_exists('item_id', $arr) && $arr['item_id']) {
sync_items($channel, $arr['item_id']);
}
$addon = array('channel' => $channel, 'data' => $arr);
call_hooks('process_channel_sync_delivery', $addon);
// we should probably do this for all items, but usually we only send one.
require_once 'include/DReport.php';
if (array_key_exists('item', $arr) && is_array($arr['item'][0])) {
$DR = new DReport(z_root(), $d['hash'], $d['hash'], $arr['item'][0]['message_id'], 'channel sync processed');
$DR->addto_recipient($channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>');
} else {
$DR = new DReport(z_root(), $d['hash'], $d['hash'], 'sync packet', 'channel sync delivered');
}
$result[] = $DR->get();
}
return $result;
}
} else {
?>
<?php
echo $lang[68];
?>
<?php
}
?>
</td>
</tr>
<tr>
<td colspan="4">
<label>File Can Be Accessed By:</label><br />
<?php
$webUsers = dbq("SELECT `id`, `title` FROM {$cfg['db']['prefix']}_folder, {$cfg['db']['prefix']}_structure WHERE link = id AND online = 1 AND parent = 44 ORDER BY position");
$webAccess = dbq("SELECT * FROM {$cfg['db']['prefix']}_access WHERE link = {$id}");
$wac[$id] = array();
if (isset($webAccess) && is_array($webAccess) && count($webAccess) > 0) {
foreach ($webAccess as $wa) {
$wac[$id][] = $wa['access'];
}
}
?>
<div id="webUsersCategories">
<?php
/*if(isset($wuc))
{
print_r($wuc);
}*/
if (isset($webUsers) && is_array($webUsers) && count($webUsers) > 0) {
foreach ($webUsers as $wuc) {
<?php
require "cfg.php";
require "fn.php";
if (!@mysql_connect($cfg['db']['address'], $cfg['db']['username'], $cfg['db']['password'])) {
$errors[] = $lang[78];
}
if (!@mysql_select_db($cfg['db']['name'])) {
$errors[] = $lang[79];
}
$id = $_POST['id'];
if (!is_numeric($id)) {
exit('no id passed to script');
}
$sql = 'DELETE FROM wp_form_element WHERE id = ' . $id;
dbq($sql);
$json['outcome'] = 'success';
echo json_encode($json);
function mail_store($arr)
{
if (!$arr['channel_id']) {
logger('mail_store: no uid');
return 0;
}
if (strpos($arr['body'], '<') !== false || strpos($arr['body'], '>') !== false) {
$arr['body'] = escape_tags($arr['body']);
}
if (array_key_exists('attach', $arr) && is_array($arr['attach'])) {
$arr['attach'] = json_encode($arr['attach']);
}
$arr['account_id'] = x($arr, 'account_id') ? intval($arr['account_id']) : 0;
$arr['mid'] = x($arr, 'mid') ? notags(trim($arr['mid'])) : random_string();
$arr['from_xchan'] = x($arr, 'from_xchan') ? notags(trim($arr['from_xchan'])) : '';
$arr['to_xchan'] = x($arr, 'to_xchan') ? notags(trim($arr['to_xchan'])) : '';
$arr['created'] = x($arr, 'created') !== false ? datetime_convert('UTC', 'UTC', $arr['created']) : datetime_convert();
$arr['expires'] = x($arr, 'expires') !== false ? datetime_convert('UTC', 'UTC', $arr['expires']) : NULL_DATE;
$arr['title'] = x($arr, 'title') ? notags(trim($arr['title'])) : '';
$arr['parent_mid'] = x($arr, 'parent_mid') ? notags(trim($arr['parent_mid'])) : '';
$arr['body'] = x($arr, 'body') ? trim($arr['body']) : '';
$arr['mail_flags'] = x($arr, 'mail_flags') ? intval($arr['mail_flags']) : 0;
if (!$arr['parent_mid']) {
logger('mail_store: missing parent');
$arr['parent_mid'] = $arr['mid'];
}
$r = q("SELECT `id` FROM mail WHERE `mid` = '%s' AND channel_id = %d LIMIT 1", dbesc($arr['mid']), intval($arr['channel_id']));
if ($r) {
logger('mail_store: duplicate item ignored. ' . print_r($arr, true));
return 0;
}
call_hooks('post_mail', $arr);
if (x($arr, 'cancel')) {
logger('mail_store: post cancelled by plugin.');
return 0;
}
dbesc_array($arr);
logger('mail_store: ' . print_r($arr, true), LOGGER_DATA);
$r = dbq("INSERT INTO mail (`" . implode("`, `", array_keys($arr)) . "`) VALUES ('" . implode("', '", array_values($arr)) . "')");
// find the item we just created
$r = q("SELECT `id` FROM mail WHERE `mid` = '%s' AND `channel_id` = %d ORDER BY `id` ASC ", $arr['mid'], intval($arr['channel_id']));
if ($r) {
$current_post = $r[0]['id'];
logger('mail_store: created item ' . $current_post, LOGGER_DEBUG);
$arr['id'] = $current_post;
// for notification
} else {
logger('mail_store: could not locate created item');
return 0;
}
if (count($r) > 1) {
logger('mail_store: duplicated post occurred. Removing duplicates.');
q("DELETE FROM mail WHERE `mid` = '%s' AND `channel_id` = %d AND `id` != %d ", $arr['mid'], intval($arr['channel_id']), intval($current_post));
} else {
require_once 'include/enotify.php';
$notif_params = array('from_xchan' => $arr['from_xchan'], 'to_xchan' => $arr['to_xchan'], 'type' => NOTIFY_MAIL, 'item' => $arr, 'verb' => ACTIVITY_POST, 'otype' => 'mail');
notification($notif_params);
}
call_hooks('post_mail_end', $arr);
return $current_post;
}
<?php
require 'db_conn.php';
require 'fn.php';
$row = mysql_real_escape_string($_GET['row']) - 1;
$col = mysql_real_escape_string($_GET['col']) - 1;
$parent = mysql_real_escape_string($_GET['parent']);
$programs = array();
$event = dbq('SELECT * FROM wp_timetable_event WHERE parent = ' . $parent . ' AND row = ' . $row . ' AND col = ' . $col);
if (isset($event) && !empty($event)) {
$event = array_shift($event);
$programs = explode('|', $event['programs']);
} else {
dbq('INSERT INTO wp_timetable_event (row, col, parent) VALUES (' . $row . ', ' . $col . ', ' . $parent . ')');
}
$db_programs = dbq('SELECT * FROM wp_structure WHERE type="submenu" AND parent IN (1524, 1535)');
?>
<div>
<form onsubmit="return saveData($(this));" class="timetable-event-details">
<p>
<label for="title">Title</label>
<input type="text" class="textfield width-100pct" name="title" value="<?php
echo isset($event['title']) ? stripslashes(htmlentities($event['title'])) : '';
?>
" />
</p>
<p>
?>
.gif" class="onoff" alt="online/offline" />
</span>
</li>
<?php
}
}
?>
</ul>
<input type="button" id="file-sort-save" value="save order" onClick="return saveSort('file-sort');" />
<img src="js/loading.gif" alt="loading" id="file-sort-no-show" />
</div>
<hr />
<?php
$sql = 'SELECT * FROM floorplan_dimensions WHERE wp_id = ' . $id . ' ORDER BY `position`';
$fpd = dbq($sql);
?>
<label>Floorplan Dimensions</label><br />
<label>Name - Value (sqm)</label><br />
<div id="fpd-parent">
<ul class="fpd-list">
<?php
if (is_array($fpd) && count($fpd) > 0) {
foreach ($fpd as $r) {
?>
<li id="<?php
echo $r['id'];
?>
" class="sort-li">
<img src="js/handle.gif" alt="move" class="move" />
<input type="hidden" name="fpd_id[]" value="<?php
function update_1036()
{
$r = dbq("SELECT * FROM `contact` WHERE `network` = 'dfrn' && `photo` LIKE '%include/photo%' ");
if (count($r)) {
foreach ($r as $rr) {
q("UPDATE `contact` SET `photo` = '%s', `thumb` = '%s', `micro` = '%s' WHERE `id` = %d LIMIT 1", dbesc(str_replace('include/photo', 'photo', $rr['photo'])), dbesc(str_replace('include/photo', 'photo', $rr['thumb'])), dbesc(str_replace('include/photo', 'photo', $rr['micro'])), intval($rr['id']));
}
}
}
" method="post">
<?php
require "tpl/inc/buttons.php";
?>
<div class="right-col-padding1">
<div class="width-99pct">
<table class="rec-table">
<?php
require "tpl/inc/record.php";
?>
<?php
$images = dbq('SELECT id, title FROM wp_structure WHERE parent = 3470 ORDER BY position');
$hl_packages = dbq('SELECT id, title FROM wp_structure WHERE parent = 3467 ORDER BY position');
$articles = dbq('SELECT id, title FROM wp_structure WHERE parent = 3465 ORDER BY position');
?>
<tr>
<td colspan="2">
<label>Select an item to preview</label><br />
<select id="item-selection" class="width-100pct textfield">
<option></option>
<optgroup label="Images">
<?php
foreach ($images as $item) {
?>
<option value="<?php
echo $item['id'];
" id="email_<?php
echo $jj;
?>
" value="Send" onclick="sendMail('<?php
echo $dir . $file;
?>
','email_addrs_<?php
echo $jj;
?>
');" /></td>
<!-- get category -->
<?php
$index = strrpos($file, "id-");
//$dotpos = strrpos($file, ".");
$cate_id = substr($file, $index + 3, 1);
$query = dbq("SELECT * FROM nec_dealer WHERE id=" . $cate_id);
$group_name = $query[0]['dealer_type'];
?>
<td><label>OR email to <?php
echo $group_name;
?>
group</label><br />
<!--<select id="dealers"><option value="">Select one group</option></select>-->
<input type="button" name="email_group" id="email_group_<?php
echo $jj;
?>
" value="Send" onclick="insertEmail('<?php
echo $dir . $file;
?>
function import_account($account_id)
{
if (!$account_id) {
logger("import_account: No account ID supplied");
return;
}
$max_identities = account_service_class_fetch($account_id, 'total_identities');
$max_friends = account_service_class_fetch($account_id, 'total_channels');
$max_feeds = account_service_class_fetch($account_id, 'total_feeds');
if ($max_identities !== false) {
$r = q("select channel_id from channel where channel_account_id = %d", intval($account_id));
if ($r && count($r) > $max_identities) {
notice(sprintf(t('Your service plan only allows %d channels.'), $max_identities) . EOL);
return;
}
}
$data = null;
$seize = x($_REQUEST, 'make_primary') ? intval($_REQUEST['make_primary']) : 0;
$import_posts = x($_REQUEST, 'import_posts') ? intval($_REQUEST['import_posts']) : 0;
$src = $_FILES['filename']['tmp_name'];
$filename = basename($_FILES['filename']['name']);
$filesize = intval($_FILES['filename']['size']);
$filetype = $_FILES['filename']['type'];
$completed = array_key_exists('import_step', $_SESSION) ? intval($_SESSION['import_step']) : 0;
if ($completed) {
logger('saved import step: ' . $_SESSION['import_step']);
}
if ($src) {
// This is OS specific and could also fail if your tmpdir isn't very large
// mostly used for Diaspora which exports gzipped files.
if (strpos($filename, '.gz')) {
@rename($src, $src . '.gz');
@system('gunzip ' . escapeshellarg($src . '.gz'));
}
if ($filesize) {
$data = @file_get_contents($src);
}
unlink($src);
}
if (!$src) {
$old_address = x($_REQUEST, 'old_address') ? $_REQUEST['old_address'] : '';
if (!$old_address) {
logger('mod_import: nothing to import.');
notice(t('Nothing to import.') . EOL);
return;
}
$email = x($_REQUEST, 'email') ? $_REQUEST['email'] : '';
$password = x($_REQUEST, 'password') ? $_REQUEST['password'] : '';
$channelname = substr($old_address, 0, strpos($old_address, '@'));
$servername = substr($old_address, strpos($old_address, '@') + 1);
$scheme = 'https://';
$api_path = '/api/red/channel/export/basic?f=&channel=' . $channelname;
if ($import_posts) {
$api_path .= '&posts=1';
}
$binary = false;
$redirects = 0;
$opts = array('http_auth' => $email . ':' . $password);
$url = $scheme . $servername . $api_path;
$ret = z_fetch_url($url, $binary, $redirects, $opts);
if (!$ret['success']) {
$ret = z_fetch_url('http://' . $servername . $api_path, $binary, $redirects, $opts);
}
if ($ret['success']) {
$data = $ret['body'];
} else {
notice(t('Unable to download data from old server') . EOL);
}
}
if (!$data) {
logger('mod_import: empty file.');
notice(t('Imported file is empty.') . EOL);
return;
}
$data = json_decode($data, true);
// logger('import: data: ' . print_r($data,true));
// print_r($data);
if (array_key_exists('user', $data) && array_key_exists('version', $data)) {
require_once 'include/Import/import_diaspora.php';
import_diaspora($data);
return;
}
$moving = false;
if (array_key_exists('compatibility', $data) && array_key_exists('database', $data['compatibility'])) {
$v1 = substr($data['compatibility']['database'], -4);
$v2 = substr(DB_UPDATE_VERSION, -4);
if ($v2 > $v1) {
$t = sprintf(t('Warning: Database versions differ by %1$d updates.'), $v2 - $v1);
notice($t);
}
if (array_key_exists('server_role', $data['compatibility']) && $data['compatibility']['server_role'] == 'basic') {
$moving = true;
}
}
if ($moving) {
$seize = 1;
}
// import channel
$relocate = array_key_exists('relocate', $data) ? $data['relocate'] : null;
if (array_key_exists('channel', $data)) {
if ($completed < 1) {
$channel = import_channel($data['channel'], $account_id, $seize);
} else {
$r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1", intval($account_id), dbesc($channel['channel_guid']));
if ($r) {
$channel = $r[0];
}
}
if (!$channel) {
logger('mod_import: channel not found. ', print_r($channel, true));
notice(t('Cloned channel not found. Import failed.') . EOL);
return;
}
}
if (!$channel) {
$channel = \App::get_channel();
}
if (!$channel) {
logger('mod_import: channel not found. ', print_r($channel, true));
notice(t('No channel. Import failed.') . EOL);
return;
}
if ($completed < 2) {
if (is_array($data['config'])) {
import_config($channel, $data['config']);
}
logger('import step 2');
$_SESSION['import_step'] = 2;
}
if ($completed < 3) {
if ($data['photo']) {
require_once 'include/photo/photo_driver.php';
import_channel_photo(base64url_decode($data['photo']['data']), $data['photo']['type'], $account_id, $channel['channel_id']);
}
if (is_array($data['profile'])) {
import_profiles($channel, $data['profile']);
}
logger('import step 3');
$_SESSION['import_step'] = 3;
}
if ($completed < 4) {
if (is_array($data['hubloc']) && !$moving) {
import_hublocs($channel, $data['hubloc'], $seize);
}
logger('import step 4');
$_SESSION['import_step'] = 4;
}
if ($completed < 5) {
// create new hubloc for the new channel at this site
$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_network, hubloc_primary, \n\t\t\t\thubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey )\n\t\t\t\tvalues ( '%s', '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )", dbesc($channel['channel_guid']), dbesc($channel['channel_guid_sig']), dbesc($channel['channel_hash']), dbesc(channel_reddress($channel)), dbesc('zot'), intval($seize ? 1 : 0), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(), $channel['channel_prvkey']))), dbesc(\App::get_hostname()), dbesc(z_root() . '/post'), dbesc(get_config('system', 'pubkey')));
// reset the original primary hubloc if it is being seized
if ($seize) {
$r = q("update hubloc set hubloc_primary = 0 where hubloc_primary = 1 and hubloc_hash = '%s' and hubloc_url != '%s' ", dbesc($channel['channel_hash']), dbesc(z_root()));
}
logger('import step 5');
$_SESSION['import_step'] = 5;
}
if ($completed < 6) {
// import xchans and contact photos
if ($seize) {
// replace any existing xchan we may have on this site if we're seizing control
$r = q("delete from xchan where xchan_hash = '%s'", dbesc($channel['channel_hash']));
$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_l, xchan_photo_m, xchan_photo_s, xchan_addr, xchan_url, xchan_follow, xchan_connurl, xchan_name, xchan_network, xchan_photo_date, xchan_name_date, xchan_hidden, xchan_orphan, xchan_censored, xchan_selfcensored, xchan_system, xchan_pubforum, xchan_deleted ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, %d, %d, %d )", dbesc($channel['channel_hash']), dbesc($channel['channel_guid']), dbesc($channel['channel_guid_sig']), dbesc($channel['channel_pubkey']), dbesc(z_root() . "/photo/profile/l/" . $channel['channel_id']), dbesc(z_root() . "/photo/profile/m/" . $channel['channel_id']), dbesc(z_root() . "/photo/profile/s/" . $channel['channel_id']), dbesc(channel_reddress($channel)), dbesc(z_root() . '/channel/' . $channel['channel_address']), dbesc(z_root() . '/follow?f=&url=%s'), dbesc(z_root() . '/poco/' . $channel['channel_address']), dbesc($channel['channel_name']), dbesc('zot'), dbesc(datetime_convert()), dbesc(datetime_convert()), 0, 0, 0, 0, 0, 0, 0);
}
logger('import step 6');
$_SESSION['import_step'] = 6;
}
if ($completed < 7) {
$xchans = $data['xchan'];
if ($xchans) {
foreach ($xchans as $xchan) {
$hash = make_xchan_hash($xchan['xchan_guid'], $xchan['xchan_guid_sig']);
if ($xchan['xchan_network'] === 'zot' && $hash !== $xchan['xchan_hash']) {
logger('forged xchan: ' . print_r($xchan, true));
continue;
}
if (!array_key_exists('xchan_hidden', $xchan)) {
$xchan['xchan_hidden'] = $xchan['xchan_flags'] & 0x1 ? 1 : 0;
$xchan['xchan_orphan'] = $xchan['xchan_flags'] & 0x2 ? 1 : 0;
$xchan['xchan_censored'] = $xchan['xchan_flags'] & 0x4 ? 1 : 0;
$xchan['xchan_selfcensored'] = $xchan['xchan_flags'] & 0x8 ? 1 : 0;
$xchan['xchan_system'] = $xchan['xchan_flags'] & 0x10 ? 1 : 0;
$xchan['xchan_pubforum'] = $xchan['xchan_flags'] & 0x20 ? 1 : 0;
$xchan['xchan_deleted'] = $xchan['xchan_flags'] & 0x1000 ? 1 : 0;
}
$r = q("select xchan_hash from xchan where xchan_hash = '%s' limit 1", dbesc($xchan['xchan_hash']));
if ($r) {
continue;
}
dbesc_array($xchan);
$r = dbq("INSERT INTO xchan (`" . implode("`, `", array_keys($xchan)) . "`) VALUES ('" . implode("', '", array_values($xchan)) . "')");
require_once 'include/photo/photo_driver.php';
$photos = import_xchan_photo($xchan['xchan_photo_l'], $xchan['xchan_hash']);
if ($photos[4]) {
$photodate = NULL_DATE;
} else {
$photodate = $xchan['xchan_photo_date'];
}
$r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s', xchan_photo_date = '%s'\n\t\t\t\t\t\twhere xchan_hash = '%s'", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), dbesc($photos[3]), dbesc($photodate), dbesc($xchan['xchan_hash']));
}
}
logger('import step 7');
$_SESSION['import_step'] = 7;
}
// FIXME - ensure we have an xchan if somebody is trying to pull a fast one
if ($completed < 8) {
$friends = 0;
$feeds = 0;
// import contacts
$abooks = $data['abook'];
if ($abooks) {
foreach ($abooks as $abook) {
$abook_copy = $abook;
$abconfig = null;
if (array_key_exists('abconfig', $abook) && is_array($abook['abconfig']) && count($abook['abconfig'])) {
$abconfig = $abook['abconfig'];
}
unset($abook['abook_id']);
unset($abook['abook_rating']);
unset($abook['abook_rating_text']);
unset($abook['abconfig']);
unset($abook['abook_their_perms']);
unset($abook['abook_my_perms']);
$abook['abook_account'] = $account_id;
$abook['abook_channel'] = $channel['channel_id'];
if (!array_key_exists('abook_blocked', $abook)) {
$abook['abook_blocked'] = $abook['abook_flags'] & 0x1 ? 1 : 0;
$abook['abook_ignored'] = $abook['abook_flags'] & 0x2 ? 1 : 0;
$abook['abook_hidden'] = $abook['abook_flags'] & 0x4 ? 1 : 0;
$abook['abook_archived'] = $abook['abook_flags'] & 0x8 ? 1 : 0;
$abook['abook_pending'] = $abook['abook_flags'] & 0x10 ? 1 : 0;
$abook['abook_unconnected'] = $abook['abook_flags'] & 0x20 ? 1 : 0;
$abook['abook_self'] = $abook['abook_flags'] & 0x80 ? 1 : 0;
$abook['abook_feed'] = $abook['abook_flags'] & 0x100 ? 1 : 0;
}
if ($abook['abook_self']) {
$role = get_pconfig($channel['channel_id'], 'system', 'permissions_role');
if ($role === 'forum' || $abook['abook_my_perms'] & PERMS_W_TAGWALL) {
q("update xchan set xchan_pubforum = 1 where xchan_hash = '%s' ", dbesc($abook['abook_xchan']));
}
} else {
if ($max_friends !== false && $friends > $max_friends) {
continue;
}
if ($max_feeds !== false && intval($abook['abook_feed']) && $feeds > $max_feeds) {
continue;
}
}
dbesc_array($abook);
$r = dbq("INSERT INTO abook (`" . implode("`, `", array_keys($abook)) . "`) VALUES ('" . implode("', '", array_values($abook)) . "')");
$friends++;
if (intval($abook['abook_feed'])) {
$feeds++;
}
translate_abook_perms_inbound($channel, $abook_copy);
if ($abconfig) {
// @fixme does not handle sync of del_abconfig
foreach ($abconfig as $abc) {
set_abconfig($channel['channel_id'], $abc['xchan'], $abc['cat'], $abc['k'], $abc['v']);
}
}
}
}
logger('import step 8');
$_SESSION['import_step'] = 8;
}
if ($completed < 9) {
$groups = $data['group'];
if ($groups) {
$saved = array();
foreach ($groups as $group) {
$saved[$group['hash']] = array('old' => $group['id']);
if (array_key_exists('name', $group)) {
$group['gname'] = $group['name'];
unset($group['name']);
}
unset($group['id']);
$group['uid'] = $channel['channel_id'];
dbesc_array($group);
$r = dbq("INSERT INTO groups (`" . implode("`, `", array_keys($group)) . "`) VALUES ('" . implode("', '", array_values($group)) . "')");
}
$r = q("select * from `groups` where uid = %d", intval($channel['channel_id']));
if ($r) {
foreach ($r as $rr) {
$saved[$rr['hash']]['new'] = $rr['id'];
}
}
}
$group_members = $data['group_member'];
if ($group_members) {
foreach ($group_members as $group_member) {
unset($group_member['id']);
$group_member['uid'] = $channel['channel_id'];
foreach ($saved as $x) {
if ($x['old'] == $group_member['gid']) {
$group_member['gid'] = $x['new'];
}
}
dbesc_array($group_member);
$r = dbq("INSERT INTO group_member (`" . implode("`, `", array_keys($group_member)) . "`) VALUES ('" . implode("', '", array_values($group_member)) . "')");
}
}
logger('import step 9');
$_SESSION['import_step'] = 9;
}
if (is_array($data['obj'])) {
import_objs($channel, $data['obj']);
}
if (is_array($data['likes'])) {
import_likes($channel, $data['likes']);
}
if (is_array($data['app'])) {
import_apps($channel, $data['app']);
}
if (is_array($data['chatroom'])) {
import_chatrooms($channel, $data['chatroom']);
}
if (is_array($data['conv'])) {
import_conv($channel, $data['conv']);
}
if (is_array($data['mail'])) {
import_mail($channel, $data['mail']);
}
if (is_array($data['event'])) {
import_events($channel, $data['event']);
}
if (is_array($data['event_item'])) {
import_items($channel, $data['event_item'], false, $relocate);
}
if (is_array($data['menu'])) {
import_menus($channel, $data['menu']);
}
$addon = array('channel' => $channel, 'data' => $data);
call_hooks('import_channel', $addon);
$saved_notification_flags = notifications_off($channel['channel_id']);
if ($import_posts && array_key_exists('item', $data) && $data['item']) {
import_items($channel, $data['item'], false, $relocate);
}
notifications_on($channel['channel_id'], $saved_notification_flags);
if (array_key_exists('item_id', $data) && $data['item_id']) {
import_item_ids($channel, $data['item_id']);
}
// FIXME - ensure we have a self entry if somebody is trying to pull a fast one
// send out refresh requests
// notify old server that it may no longer be primary.
\Zotlabs\Daemon\Master::Summon(array('Notifier', 'location', $channel['channel_id']));
// This will indirectly perform a refresh_all *and* update the directory
\Zotlabs\Daemon\Master::Summon(array('Directory', $channel['channel_id']));
notice(t('Import completed.') . EOL);
change_channel($channel['channel_id']);
unset($_SESSION['import_step']);
goaway(z_root() . '/network');
}
public function SaveFacebook()
{
$item = FormUtils::form2dbhash($_REQUEST, 'access_token id email first_name last_name name username gender link locale timezone verified');
#TODO better validate
if (!$item['access_token'] || !$item['id']) {
throw new ApplicationException("Wrong facebook data", 1);
}
/*
$fb = new Facebook(array(
'appId' => $GLOBALS['FACEBOOK_APP_ID'],
'secret' => $GLOBALS['FACEBOOK_APP_SECRET'],
));
$fb_user_id = $facebook->getUser();
$user_profile = $facebook->api('/me');
*/
#check if such user exists
$users_id = 0;
#first - check by email
$hU = $this->model->one_by_email($item['email']);
if ($hU['id']) {
$users_id = $hU['id'];
}
if (!$users_id) {
#now check by facebook email
$hU = db_row("select * from users where fb_email=" . dbq($item['email']));
if ($hU['id']) {
$users_id = $hU['id'];
}
}
if (!$users_id) {
#now check by facebook id
$hU = db_row("select * from users where fb_id=" . dbq($item['id']));
if ($hU['id']) {
$users_id = $hU['id'];
}
}
if ($users_id) {
#update user's missing data from facebook
$vars = array('fb_access_token' => $item['access_token']);
if ($hU['sex'] != ($item['gender'] == 'male' ? 1 : 0)) {
$vars['sex'] = $item['gender'] == 'male' ? 1 : 0;
}
if (!$hU['fname']) {
$vars['fname'] = $item['first_name'];
}
if (!$hU['lname']) {
$vars['lname'] = $item['last_name'];
}
if ($hU['fb_email'] != $item['email'] && $item['email']) {
$vars['fb_email'] = $item['email'];
}
if (!$hU['fb_id']) {
$vars['fb_id'] = $item['id'];
}
if (!$hU['fb_link']) {
$vars['fb_link'] = $item['link'];
}
if (!$hU['fb_locale']) {
$vars['fb_locale'] = $item['locale'];
}
if (!$hU['fb_name']) {
$vars['fb_name'] = $item['name'];
}
if (!$hU['fb_timezone']) {
$vars['fb_timezone'] = $item['timezone'];
}
if (!$hU['fb_username']) {
$vars['fb_username'] = $item['username'];
}
if (!$hU['fb_verified']) {
$vars['fb_verified'] = $item['verified'] == 'true' ? 1 : 0;
}
if (!$hU['fb_picture_url']) {
$vars['fb_picture_url'] = 'http://graph.facebook.com/' . $item['username'] . '/picture';
}
db_update('users', $vars, $users_id);
} else {
#register user first if new
$users_id = $this->model->add(array('email' => $item['email'], 'nick' => $item['name'], 'sex' => $item['gender'] == 'male' ? 1 : 0, 'fname' => $item['first_name'], 'lname' => $item['last_name'], 'fb_id' => $item['id'], 'fb_link' => $item['link'], 'fb_locale' => $item['locale'], 'fb_name' => $item['name'], 'fb_timezone' => $item['timezone'], 'fb_username' => $item['username'], 'fb_verified' => $item['verified'] == 'true' ? 1 : 0, 'fb_picture_url' => 'http://graph.facebook.com/' . $item['username'] . '/picture', 'fb_access_token' => $item['access_token']));
}
#automatically login the user
$_SESSION['is_just_registered'] = 1;
$this->model->do_login($users_id);
$ps = array('status' => 0, 'err_msg' => '');
parse_json($ps);
}
$args['photo_usage'] = PHOTO_PROFILE;
}
if (array_key_exists('photo_usage', $args)) {
$args['photo_usage'] = $j['photo']['photo_usage'];
}
$args['type'] = $j['photo']['type'];
$args['item'] = $j['item'] ? $j['item'] : false;
// logger('redphotohelper: ' . print_r($j,true));
$r = q("select id from photo where resource_id = '%s' and uid = %d limit 1", dbesc($args['hash']), intval($channel['channel_id']));
if ($r) {
killme();
}
$ret = attach_store($channel, $channel['channel_hash'], 'import', $args);
$r = q("select * from item where resource_id = '%s' and resource_type = 'photo' and uid = %d limit 1", dbesc($args['hash']), intval($channel['channel_id']));
if ($r) {
$item = $r[0];
item_url_replace($channel, $item, $fr_server, z_root(), $fr_username);
dbesc_array($item);
$item_id = $item['id'];
unset($item['id']);
$str = '';
foreach ($item as $k => $v) {
if ($str) {
$str .= ",";
}
$str .= " `" . $k . "` = '" . $v . "' ";
}
$r = dbq("update `item` set " . $str . " where id = " . $item_id);
}
// logger('photo_import: ' . print_r($ret,true));
killme();
<?php
$dc_details = dbq("SELECT wp_display_centre.state_id FROM wp_display_centre WHERE link = '" . $record['parent'] . "'");
?>
<?php
require "tpl/inc/head.php";
?>
<body>
<div id="page">
<?php
require "tpl/inc/header.php";
?>
<?php
require "tpl/inc/path.php";
?>
<div id="content">
<div id="left-col">
<div id="left-col-border">
<?php
if (isset($errors)) {
require "tpl/inc/error.php";
}
?>
<?php
if (isset($messages)) {
require "tpl/inc/message.php";
}
$errorsChecked = true;
} else {
if (is_uploaded_file($_FILES['fileId']['tmp_name'])) {
if ($record['extension'] != '') {
unlink($cfg['data'] . "{$id}" . "." . $record['extension']);
}
$extension = strtolower(ereg_replace('.*\\.([A-Za-z0-9_-]+)$', '\\1', $_FILES['fileId']['name']));
move_uploaded_file($_FILES['fileId']['tmp_name'], $cfg['data'] . "{$id}.{$extension}");
$image_info = @getimagesize($cfg['data'] . "{$id}.{$extension}");
if (!is_file($cfg['data'] . $id) && is_array($image_info) && in_array($image_info[2], array(1, 2, 3))) {
@copy($cfg['data'] . "{$id}.{$extension}", $cfg['data'] . $id);
}
} else {
$extension = $record['extension'];
}
if (is_file($cfg['data'] . $id)) {
if (is_file($cfg['data'] . "{$id}-s.jpg")) {
unlink($cfg['data'] . "{$id}-s.jpg");
unlink($cfg['data'] . "{$id}-m.jpg");
unlink($cfg['data'] . "{$id}-l.jpg");
}
resize_img($cfg['data'] . $id, $cfg['data'] . "{$id}-s.jpg", $cfg['img']['small'][0], $cfg['img']['small'][1], $cfg['img']['small'][2], $cfg['img']['small'][3], $cfg['img']['small'][4], $cfg['img']['small'][5], $cfg['img']['small'][6], $cfg['img']['small'][7]);
resize_img($cfg['data'] . $id, $cfg['data'] . "{$id}-m.jpg", $cfg['img']['medium'][0], $cfg['img']['medium'][1], $cfg['img']['medium'][2], $cfg['img']['medium'][3], $cfg['img']['medium'][4], $cfg['img']['medium'][5], $cfg['img']['medium'][6], $cfg['img']['medium'][7]);
resize_img($cfg['data'] . $id, $cfg['data'] . "{$id}-l.jpg", $cfg['img']['large'][0], $cfg['img']['large'][1], $cfg['img']['large'][2], $cfg['img']['large'][3], $cfg['img']['large'][4], $cfg['img']['large'][5], $cfg['img']['large'][6], $cfg['img']['large'][7]);
unlink($cfg['data'] . $id);
}
if ($record['position'] != $_POST['position']) {
dbq("UPDATE {$cfg['db']['prefix']}_structure SET position = position + 1 WHERE position >= {$_POST['position']} ORDER BY position DESC");
}
dbq("UPDATE\r\n {$cfg['db']['prefix']}_structure,\r\n {$cfg['db']['prefix']}_hi_res\r\n SET\r\n title = '" . addslashes($_POST['title']) . "',\r\n uri = '{$uri}',\r\n online = {$online},\r\n sort = '{$_POST['sort']}',\r\n position = {$_POST['position']},\r\n modified = '{$time}',\r\n viewRights = '{$viewRights}',\r\n createRights = '{$createRights}',\r\n editRights = '{$editRights}',\r\n deleteRights = '{$deleteRights}',\r\n extension = '{$extension}'\r\n WHERE\r\n link = id AND\r\n id = {$id}");
}
<?php
if (!isset($errorsChecked)) {
if (!ereg('.+', $_POST['title'])) {
$errors[] = $lang[103];
}
if (dbq("SELECT * FROM {$cfg['db']['prefix']}_structure WHERE parent = {$record['parent']} AND id <> {$id} AND title = '" . addslashes($_POST['title']) . "' AND title <> ''")) {
$errors[] = $lang[104];
}
$uri = strtolower(ereg_replace('[^A-Za-z0-9]+', '-', strip_accents($_POST['title'])));
if (substr($uri, -1) == '-') {
$uri = substr_replace($uri, "", -1);
}
if (!preg_match('/^[0-9]+$/', $_POST['points'])) {
$errors[] = "Point value must be numeric.";
}
if (!isset($errors) && dbq("SELECT * FROM {$cfg['db']['prefix']}_structure WHERE parent = {$record['parent']} AND id <> {$id} AND uri = '{$uri}' AND uri <> ''")) {
$errors[] = $lang[105];
}
$errorsChecked = true;
} else {
if ($record['position'] != $_POST['position']) {
dbq("UPDATE {$cfg['db']['prefix']}_structure SET position = position + 1 WHERE position >= {$_POST['position']} ORDER BY position DESC");
}
dbq("UPDATE\r\n {$cfg['db']['prefix']}_structure,\r\n {$cfg['db']['prefix']}_prize\r\n SET\r\n title = '" . addslashes($_POST['title']) . "',\r\n uri = '{$uri}',\r\n online = {$online},\r\n sort = '{$_POST['sort']}',\r\n position = {$_POST['position']},\r\n modified = '{$time}',\r\n viewRights = '{$viewRights}',\r\n createRights = '{$createRights}',\r\n editRights = '{$editRights}',\r\n deleteRights = '{$deleteRights}',\r\n content = '" . addslashes(preg_replace('/src="..\\//', 'src="', $_POST['content'])) . "',\r\n points = '" . mysql_real_escape_string($_POST['points']) . "',\r\n synopsis = '" . mysql_real_escape_string($_POST['synopsis']) . "'\r\n WHERE\r\n link = id AND\r\n id = {$id}");
}
$price = mysql_real_escape_string($_GET['price']);
$id = $_GET['id'];
$parent = $_GET['parent'];
$type_id = $_GET['type_id'];
if (isset($_GET['price']) && isset($_GET['id']) && preg_match('/^[0-9]+$/', $_GET['id'])) {
if ($type == 'fabric' || $type == 'nail' || $type == "legs" || $type == "leather") {
if (!dbq("UPDATE `wp_model_element` SET `price` = '{$price}' WHERE `id` = '{$id}' LIMIT 1")) {
$msg = 'ERROR';
$title = 'Database Error';
} else {
$msg = 'SUCCESS';
$title = $price;
}
}
} else {
if (isset($_GET['price']) && isset($_GET['parent']) && preg_match('/^[0-9]+$/', $_GET['parent'])) {
if ($type == 'fabric' || $type == 'nail' || $type == "legs" || $type == "leather") {
if (!dbq("INSERT INTO `wp_model_element` (parent, type, type_id, price, position, online) VALUES ( '{$parent}' , '{$type}' , '{$type_id}' , '{$price}' , '1', '0' )")) {
$msg = 'ERROR';
$title = 'Database Error';
} else {
$msg = 'SUCCESS';
$title = $price;
}
}
} else {
$msg = 'ERROR';
$title = 'Input Error';
}
}
echo "titleDetails = {msg: '{$msg}', title: '{$title}'};";
<?php
}
}
?>
</ul>
<input type="button" id="image-sort-save" value="save order" onClick="return saveSort('image-sort');" />
<img src="js/loading.gif" alt="loading" id="image-sort-no-show" />
</div>
</td>
<td colspan="2">
<label>Upload Files</label><br />
<input type="file" id="jq-files" name="jq-files" onChange="return ajaxFileUpload('jq-files', 'file-parent');" />
<div id="file-parent">
<ul id="file-sort">
<?php
$linked_files = dbq("SELECT * FROM `wp_file_gallery` WHERE `parent` = '{$id}' ORDER BY `position`");
if (is_array($linked_files)) {
foreach ($linked_files as $lf) {
?>
<li class="sort-li" id="<?php
echo $lf['id'];
?>
">
<img src="js/handle.gif" alt="move" class="move" />
<img src="js/edit.gif" alt="edit" class="edit" onClick="$(this).siblings('.editor').css('display', 'inline'); $(this).siblings('.preview').css('display', 'none'); trapEnter('#edit-<?php
echo $lf['id'];
?>
', <?php
echo $lf['id'];
?>
, 'file');" />
<?php
if (!isset($errorsChecked)) {
if (!ereg('.+', $_POST['title'])) {
$errors[] = $lang[103];
}
if (dbq("SELECT * FROM {$cfg['db']['prefix']}_structure WHERE parent = {$record['parent']} AND id <> {$id} AND title = '" . addslashes($_POST['title']) . "' AND title <> ''")) {
$errors[] = $lang[104];
}
$uri = strtolower(ereg_replace('[^A-Za-z0-9]+', '-', strip_accents($_POST['title'])));
if (!isset($errors) && dbq("SELECT * FROM {$cfg['db']['prefix']}_structure WHERE parent = {$record['parent']} AND id <> {$id} AND uri = '{$uri}' AND uri <> ''")) {
$errors[] = $lang[105];
}
$errorsChecked = true;
} else {
if ($record['position'] != $_POST['position']) {
dbq("UPDATE {$cfg['db']['prefix']}_structure SET position = position + 1 WHERE position >= {$_POST['position']} ORDER BY position DESC");
}
dbq("UPDATE\r\n {$cfg['db']['prefix']}_structure,\r\n {$cfg['db']['prefix']}_type\r\n SET\r\n title = '" . addslashes($_POST['title']) . "',\r\n uri = '{$uri}',\r\n online = {$online},\r\n sort = '{$_POST['sort']}',\r\n position = {$_POST['position']},\r\n type_id = '{$_POST['type_id']}',\r\n modified = '{$time}',\r\n viewRights = '{$viewRights}',\r\n createRights = '{$createRights}',\r\n editRights = '{$editRights}',\r\n deleteRights = '{$deleteRights}',\r\n description = '" . addslashes(preg_replace('/src="..\\//', 'src="', $_POST['description'])) . "'\r\n WHERE\r\n link = id AND\r\n id = {$id}");
}
$portal_rea_upload = 0;
if (isset($_POST['portal_rea']) && $_POST['portal_rea'] == 1) {
$portal_rea = 1;
$portal_rea_upload = 1;
}
$portal_domain = 0;
$portal_domain_upload = 0;
if (isset($_POST['portal_domain']) && $_POST['portal_domain'] == 1) {
$portal_domain = 1;
$portal_domain_upload = 1;
}
$agent = 0;
if (isset($_POST['agent']) && $_POST['agent'] == 1) {
$agent = 1;
}
$under_contract = 0;
if (isset($_POST['under_contract']) && $_POST['under_contract'] == 1) {
$under_contract = 1;
}
$date = 'null';
if (($_POST['sold_date'] != '' || $_POST['sold_date'] != 0) && strtotime($_POST['sold_date'])) {
#echo $_POST['sold_date'];
$date = '\'' . date('Y-m-d', strtotime($_POST['sold_date'])) . '\'';
}
if (isset($_POST['portal_id']) && !empty($_POST['portal_id'])) {
$portal_id = $_POST['portal_id'];
} else {
$portal_id = $id + 106601363;
}
dbq("UPDATE\r\n\t{$cfg['db']['prefix']}_structure,\r\n\t{$cfg['db']['prefix']}_hl_package\r\n\tSET\r\n\ttitle = '" . addslashes($_POST['title']) . "',\r\n\t\turi = '{$uri}',\r\n\t\tonline = {$online},\r\n\t\tsort = '{$_POST['sort']}',\r\n\t\tposition = {$_POST['position']},\r\n\t\tmodified = '{$time}',\r\n\t\tviewRights = '{$viewRights}',\r\n\t\tcreateRights = '{$createRights}',\r\n\t\teditRights = '{$editRights}',\r\n\t\tdeleteRights = '{$deleteRights}',\r\n\t\tinclusions = '" . addslashes(preg_replace('/src="..\\//', 'src="', $_POST['inclusions'])) . "',\r\n\t\tfine_print = '" . addslashes(preg_replace('/src="..\\//', 'src="', $_POST['fine_print'])) . "',\r\n\t\tinclusion_id = '" . addslashes($inclusions) . "',\r\n\t\tfine_print_id = '" . addslashes($_POST['fine_print_id']) . "',\r\n\t\tstate_id = '" . addslashes($_POST['state_id']) . "',\r\n\t\tsuburb_id = '" . addslashes($_POST['suburb_id']) . "',\r\n\t\thome_id = '" . addslashes($_POST['home_id']) . "',\r\n\t\tfacade_id = '" . addslashes($_POST['facade_id']) . "',\r\n\t\t{$custom_home}\r\n\t\t{$custom_facade}\r\n\t\taddress = '" . addslashes($_POST['address']) . "',\r\n\t\tsquares = '" . addslashes($_POST['squares']) . "',\r\n\t\tdisplay_address = '{$display_address}', \r\n\t\tstreet_number = '" . addslashes($_POST['street_number']) . "',\r\n\t\tstreet_name = '" . addslashes($_POST['street_name']) . "',\r\n\t\tsuburb = '" . addslashes($_POST['suburb']) . "',\r\n\t\tpostcode = '" . addslashes($_POST['postcode']) . "',\r\n\t\tpackage_bed = '" . addslashes($_POST['package_bed']) . "',\r\n\t\tpackage_bath = '" . addslashes($_POST['package_bath']) . "',\r\n\t\tpackage_cars = '" . addslashes($_POST['package_cars']) . "',\r\n\t\tpackage_garages = '" . addslashes($_POST['package_garages']) . "',\r\n\t\testate = '" . addslashes($_POST['estate']) . "',\r\n\t\tcategory = '" . addslashes($_POST['category']) . "',\r\n\t\tstatus = '" . addslashes($_POST['status']) . "',\r\n\t\tunder_contract = '{$under_contract}',\r\n\t\tsold_date = " . $date . ",\r\n\t\tprice = {$price},\r\n\t\tdisplay_price = '" . addslashes($_POST['display_price']) . "',\r\n\t\tlot_size = '" . addslashes($_POST['lot_size']) . "',\r\n\t\thouse_size = '" . addslashes($_POST['house_size']) . "',\r\n\t\tbuilder_id = '" . addslashes($_POST['builder_id']) . "',\r\n\t\tcond = '" . addslashes($_POST['cond']) . "',\r\n\t\tfixed_site_cost = '" . addslashes($fixed_site_cost) . "',\r\n\t\tportal = '" . addslashes($portal) . "',\r\n\t\tportal_id = '" . addslashes($portal_id) . "',\r\n\t\tportal_title = '" . addslashes($_POST['portal_title']) . "',\r\n\t\tmeasurement_unit = '" . addslashes($_POST['measurement_unit']) . "',\r\n\t\tportal_upload = '" . $portal_upload . "',\r\n\t\tportal_rea_upload = '" . $portal_rea_upload . "',\r\n\t\tportal_domain_upload = '" . $portal_domain_upload . "',\r\n\t\tagent = '" . addslashes($_POST['agent']) . "',\r\n\t\tagent_name = '" . addslashes($_POST['agent_name']) . "',\r\n\t\tagent_phone = '" . addslashes($_POST['agent_phone']) . "',\r\n\t\tagent_mobile = '" . addslashes($_POST['agent_mobile']) . "',\r\n\t\tagent_email = '" . addslashes($_POST['agent_email']) . "',\r\n\t\tportal_rea = '" . addslashes($_POST['portal_rea']) . "',\r\n\t\tportal_domain = '" . addslashes($_POST['portal_domain']) . "'\r\n\t\tWHERE\r\n\t\tlink = id AND\r\n\t\tid = {$id}");
}
