/** * displayYouTubeVideoPage * * @param array $video * * @return void */ function displayYouTubeVideoPage($video) { // Save video id for ajax call $_SESSION['source_id'] = $video['source_id']; $this->displayHeader(); // Video not found in db if (!is_array($video)) { echo ' <div class="info-alert"> <h2>' . T_('Missing or Invalid Video.') . '</h2> <p>' . T_('This video cannot be found. Are you sure you typed in URL correctly?') . '</p> </div>'; $this->displayFooter(); return; } elseif ($video['source_id'] == '0') { $this->displayVideoNotFound($video, 'YouTube'); return; } $youTubeService = new Zend_Gdata_YouTube(); $status = null; // Get video entry try { $videoEntry = $youTubeService->getVideoEntry($video['source_id']); } catch (Exception $e) { $response = $e->getRawResponseBody(); $private = stripos($response, 'Private video'); $notFound = stripos($response, 'Video not found'); // Video not found at YouTube if ($notFound !== false) { $this->displayVideoNotFound($video, 'YouTube'); return; } elseif ($private !== false) { echo ' <div class="error-alert"> <p>' . T_('Sorry, this video is private.') . '</p> <p>' . $e->getMessage() . '</p> </div>'; $this->displayFooter(); return; } else { echo ' <div class="error-alert"> <p>' . T_('Could not get video information.') . '</p> <p>' . $e->getMessage() . '</p> </div>'; $this->displayFooter(); return; } } // Video is public/unlisted if ($status == null) { $status = $this->getUploadStatus($video['source_id']); } $url = 'video.php?u=' . $video['created_id'] . '&id=' . $video['id']; // Is youtube processing finished? if ($status !== 'Finished') { echo ' <div class="ok-alert"> <p><b>' . T_('Your video was uploaded to YouTube successfully.') . '</b></p> <p>' . T_('However it may take a few moments before you video is viewable. Please check back later.') . '</p> <p id="js_msg"></p><br/> <p>' . T_('Current status: ') . '<span id="current_status">' . $status . '</span></p> <p id="refresh"><a href="' . $url . '">' . T_('Refresh') . '</a></p> </div>'; $this->displayFooter(); return; } // Ajax is done at this point, we don't need the id anymore unset($_SESSION['source_id']); $videoUrl = 'http://www.youtube.com/e/' . $video['source_id'] . '?version=3&enablejsapi=1&rel=0&wmode=transparent'; $this->displayVideoStartCode(); echo ' <div id="sections_menu"> <ul> <li><a href="video.php">' . T_('Latest Videos') . '</a></li> <li><a href="video.php?u=' . $video['created_id'] . '">' . getUserDisplayName($video['created_id'], 2) . '</a></li> </ul> </div>'; // Can you edit/delete this video? if ($video['created_id'] == $this->fcmsUser->id || $this->fcmsUser->access == 1) { echo ' <div id="video_edit"> <form action="' . $url . '" method="post"> <div id="delete"> <input type="hidden" id="id" name="id" value="' . $video['id'] . '"/> <input type="hidden" id="source_id" name="source_id" value="' . $video['source_id'] . '"/> <input class="btn" type="submit" id="remove_video" name="remove_video" value="' . T_('Remove Video') . '"/> <label for="delete_youtube">' . T_('Delete from YouTube?') . '</label> <input type="checkbox" id="delete_youtube" name="delete_youtube"/> </div> </form> </div>'; } echo ' <div id="video_desc"> <img src="' . getCurrentAvatar($video['created_id']) . '"/> <h2>' . cleanOutput($video['title']) . '</h2> <p>' . cleanOutput($video['description']) . '</p> </div> <div id="video_content"> <iframe class="youtube-player" type="text/html" width="' . $video['width'] . '" height="' . $video['height'] . '" src="http://www.youtube.com/embed/' . $video['source_id'] . '" allowfullscreen frameborder="0"> </iframe> </div>'; echo '<p>' . T_('Views') . ': ' . $videoEntry->getVideoViewCount() . '</p>'; $params = array('id' => $video['id']); displayComments($url, 'video', $params); $this->displayFooter(); }
/** * displayHeader * * @return void */ function displayHeader() { $params = array('currentUserId' => $this->fcmsUser->id, 'sitename' => getSiteName(), 'nav-link' => getNavLinks(), 'pagetitle' => T_('Help'), 'pageId' => 'help', 'path' => URL_PREFIX, 'displayname' => getUserDisplayName($this->fcmsUser->id), 'version' => getCurrentVersion()); displayPageHeader($params); echo ' <div id="leftcolumn"> <h3>' . T_('Topics') . '</h3> <ul class="menu"> <li><a href="?topic=photo">' . T_('Photo Gallery') . '</a></li> <li><a href="?topic=video">' . T_('Video Gallery') . '</a></li> <li><a href="?topic=settings">' . T_('Personal Settings') . '</a></li> <li><a href="?topic=address">' . T_('Address Book') . '</a></li> <li><a href="?topic=admin">' . T_('Administration') . '</a></li> </ul> </div> <div id="maincolumn">'; }
/** * displayAdminEditSubjectForm * * @param int $thread * @return void */ function displayAdminEditSubjectForm($thread) { $thread = (int) $thread; $sql = "SELECT t.`id`, p.`user`, `subject`, `started_by`, `post` \n FROM `fcms_board_threads` AS t, `fcms_board_posts` AS p \n WHERE t.`id` = ?\n AND p.`thread` = t.`id`\n LIMIT 1"; $row = $this->fcmsDatabase->getRow($sql, $thread); if ($row === false) { $this->fcmsError->displayError(); return; } $pos = strpos($row['subject'], '#ANOUNCE#'); $subject = $row['subject']; $sticky = ''; if ($pos !== false) { $sticky = '<input type="hidden" name="sticky" id="sticky" value="1"/>'; $subject = substr($row['subject'], 9, strlen($row['subject']) - 9); } $displayname = getUserDisplayName($row['started_by']); echo ' <form method="post" action="messageboard.php"> <fieldset> <legend><span>' . T_('Edit Thread') . '</span></legend> <div> <label for="subject">' . T_('Subject') . ':</label> <input class="frm_text" type="text" name="subject" id="subject" size="50" value="' . cleanOutput($subject, 'html') . '"/> </div> <div> <label for="showname">' . T_('Name') . ':</label> <input type="text" disabled="disabled" name="showname" id="showname" size="50" value="' . cleanOutput($displayname) . '"/> </div> <p><textarea disabled="disabled" name="post" id="post" rows="10" cols="63">' . cleanOutput($row['post'], 'html') . '</textarea></p> <p> ' . $sticky . ' <input type="hidden" name="thread" id="thread" value="' . $thread . '"/> <input class="sub1" type="submit" name="edit_admin_submit" id="edit_admin_submit" value="' . T_('Edit') . '"/> ' . T_('or') . ' <a href="messageboard.php?thread=' . $thread . '">' . T_('Cancel') . '</a> </p> </fieldset> </form>'; }
/** * displayCreateUserForm * * Displays the form for creating a new user to be added to the family tree * * @param string $type * @param int $userId * * @return void */ function displayCreateUserForm($type, $userId) { $userId = (int) $userId; $displayname = getUserDisplayName($userId, 2); switch ($type) { case 'father': $sex = 'M'; $legend = sprintf(T_('Add New Father for %s'), $displayname); $options = $this->getAddFatherMotherAdditionalOptions($userId, $type); break; case 'mother': $sex = 'F'; $legend = sprintf(T_('Add New Mother for %s'), $displayname); $options = $this->getAddFatherMotherAdditionalOptions($userId, $type); break; case 'brother': $sex = 'M'; $legend = sprintf(T_('Add New Brother for %s'), $displayname); $options = $this->getAddBrotherSisterAdditionalOptions($userId); break; case 'sister': $sex = 'F'; $legend = sprintf(T_('Add New Sister for %s'), $displayname); $options = $this->getAddBrotherSisterAdditionalOptions($userId); break; case 'spouse': $sex = '?'; $legend = sprintf(T_('Add New Spouse for %s'), $displayname); $options = $this->getAddSpouseAdditionalOptions($userId); break; case 'child': $sex = '?'; $legend = sprintf(T_('Add New Child for %s'), $displayname); $options = $this->getAddChildAdditionalOptions($userId); break; default: echo ' <div class="error-alert">' . T_('Invalid Display Type') . '</div>'; return; } if ($options === false) { $this->fcmsError->displayError(); return; } $dayList = array(); $i = 1; while ($i <= 31) { $dayList[$i] = $i; $i++; } $monthList = array(); $i = 1; while ($i <= 12) { $monthList[$i] = getMonthAbbr($i); $i++; } $validator = new FormValidator(); echo ' <form action="familytree.php?create=submit" method="post"> <fieldset class="relationship-form"> <legend><span>' . $legend . '</span></legend> <div class="cols"> <div> <label for="fname"><b>' . T_('First Name') . '</b></label><br/> <input class="frm_text" type="text" name="fname" id="fname" size="25"/> </div> <div> <label for="mname"><b>' . T_('Middle Name') . '</b></label><br/> <input class="frm_text" type="text" name="mname" id="mname" size="25"/> </div> <div> <label for="lname"><b>' . T_('Last Name') . '</b></label><br/> <input class="frm_text" type="text" name="lname" id="lname" size="25"/> </div> </div>'; // don't show maiden name unless it's needed if ($sex == 'F' || $sex == '?') { echo ' <p class="maiden-name"> <label for="maiden"><b>' . T_('Maiden Name') . '</b></label><br/> <input class="frm_text" type="text" name="maiden" id="maiden" size="25"/> </p>'; } // We don't know the sex of the child or spouse, but we do for all other relationships if ($sex === '?') { echo ' <p> <label><b>' . T_('Sex') . '</b></label><br/> <select id="sex" name="sex"> ' . buildHtmlSelectOptions(array('M' => T_('Male'), 'F' => T_('Female')), '-1') . ' </select> </p>'; } else { echo '<div><input type="hidden" id="sex" name="sex" value="' . $sex . '"/></div>'; } echo ' <p id="living_deceased" style="display:none;"> <label for="living_option" class="radio_label"> <input type="radio" id="living_option" name="living_deceased_options" checked="checked" value="1"/> ' . T_('Living') . ' </label> <label for="deceased_option" class="radio_label"> <input type="radio" id="deceased_option" name="living_deceased_options" value="1"/> ' . T_('Deceased') . ' </label> </p> <div class="dob_dod"> <div class="half"> <label for="day"><b>' . T_('Birthday') . '</b></label><br/> <select id="bday" name="bday"> <option value="">' . T_('Day') . '</option> ' . buildHtmlSelectOptions($dayList, "") . ' </select> <select id="bmonth" name="bmonth"> <option value="">' . T_('Month') . '</option> ' . buildHtmlSelectOptions($monthList, "") . ' </select> <input class="frm_text" type="text" name="byear" id="byear" size="5" maxlength="4" placeholder="' . T_('Year') . '"/> </div> <div id="deceased" class="half"> <label for="day"><b>' . T_('Date Deceased') . '</b></label><br/> <select id="dday" name="dday"> <option value="">' . T_('Day') . '</option> ' . buildHtmlSelectOptions($dayList, "") . ' </select> <select id="dmonth" name="dmonth"> <option value="">' . T_('Month') . '</option> ' . buildHtmlSelectOptions($monthList, "") . ' </select> <input class="frm_text" type="text" name="dyear" id="dyear" size="5" maxlength="4" placeholder="' . T_('Year') . '"/> </div> </div> ' . $options . ' ' . $validator->getJsValidation($this->getProfile('create')) . ' <p> <input type="hidden" id="id" name="id" value="' . $userId . '"/> <input type="hidden" id="type" name="type" value="' . cleanOutput($type) . '"/> <input class="sub1" type="submit" id="submit" name="submit" value="' . T_('Add') . '"/> <a href="familytree.php?view=' . $this->currentTreeUserId . '">' . T_('Cancel') . '</a> </p> </fieldset> </form>'; }
/** * displayFeedAll * * Displays RSS 2.0 feed for all updates to the site * * ADDRESSADD Add address of non-member * ADDRESSEDIT Edit own address * AVATAR Change avatar * BOARD Message board post * CALENDAR Add date to calendar * DOCS Added document * GALCATCOM Commented on category of photos * GALCOM Commented on photo * GALLERY Added photo * JOINED Joined the site (became active) * NEWS Added family news * NEWSCOM Commented on family news * POLL Added poll * POLLCOM Commented on poll * PRAYERS Added prayer concern * RECIPES Added recipe * RECIPECOM Commented on recipe * STATUS Added status update * VIDEO Added video * VIDEOCOM Commented on video * WHEREISEVERYONE Checked in on foursquare * * @author: choc * @author: Ryan Haudenschilt <*****@*****.**> * * @return void */ function displayFeedAll() { $fcmsError = FCMS_Error::getInstance(); $fcmsDatabase = Database::getInstance($fcmsError); $url = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF']; $urlRoot = $url; $pos = strrpos($url, "/"); if ($pos === false) { $pos = strrpos($url, "\\"); } if (!($pos === false)) { $urlRoot = substr($url, 0, $pos); } // Get data $whatsNewData = getWhatsNewData(30); if ($whatsNewData === false) { return; } $output = "<?xml version=\"1.0\"?" . "> \n<rss version=\"2.0\"> \n<channel> \n<title>" . getSiteName() . " - " . T_('What\'s New') . "</title> \n<link>" . $url . "</link> \n<description>" . getSiteName() . " - " . T_('What\'s New') . " " . T_('RSS Feed') . "</description> \n<language>" . T_pgettext('Language Code for this translation', 'lang') . "</language> \n<managingEditor>" . getContactEmail() . "</managingEditor> \n"; foreach ($whatsNewData as $line) { $title = ""; $link = ""; $guid = ""; // Clean the data $cId = (int) $line['id']; $cId2 = (int) $line['id2']; $cUserid = (int) $line['userid']; $cTitle = html_convert_entities($line['title']); // Add Address if ($line['type'] == 'ADDRESSADD') { $displayname = getUserDisplayName($cId2); $for = getUserDisplayName($cUserid, 2, false); $link = 'addressbook.php?address=' . $cId; $title = sprintf(T_('%s has added address information for %s.'), $displayname, $for); } elseif ($line['type'] == 'ADDRESSEDIT') { $displayname = getUserDisplayName($cId2); $link = 'addressbook.php?address=' . $cId; $title = sprintf(T_('%s has updated his/her address.'), $displayname); } elseif ($line['type'] == 'AVATAR') { $displayname = getUserDisplayName($cUserid); $link = 'profile.php?member=' . $cUserid; $title = sprintf(T_('%s has changed his/her picture.'), $displayname); } elseif ($line['type'] == 'BOARD') { $sql = "SELECT min(`id`) AS id \n FROM `fcms_board_posts` \n WHERE `thread` = ?"; $minpost = $fcmsDatabase->getRow($sql, $cId2); if ($minpost === false) { // error will be logged, but not displayed continue; } $userName = getUserDisplayName($cUserid); $subject = $cTitle; $link = "messageboard.php?thread=" . $cId2; $pos = strpos($subject, '#ANOUNCE#'); if ($pos !== false) { $subject = substr($subject, 9, strlen($subject) - 9); } if ($cId == $minpost['id']) { $title = sprintf(T_('%s started the new thread %s.'), $userName, $subject); } else { $title = sprintf(T_('%s replied to %s.'), $userName, $subject); } } elseif ($line['type'] == 'CALENDAR') { // TODO // copy from calendar_class $displayname = getUserDisplayName($cUserid); $date_date = gmdate(T_('m-d-y'), strtotime($cId2)); $date_date2 = gmdate(T_('F j, Y'), strtotime($cId2)); $link = 'calendar.php?year=' . gmdate('Y', strtotime($date_date2)) . '&month=' . gmdate('m', strtotime($date_date2)) . '&day=' . gmdate('d', strtotime($date_date2)); $title = sprintf(T_('%s has added a new Calendar entry on %s for %s.'), $displayname, $date_date, $cTitle); } elseif ($line['type'] == 'DOCS') { $displayname = getUserDisplayName($cUserid); $link = 'documents.php'; $title = sprintf(T_('%s has added a new document (%s).'), $displayname, $cTitle); } elseif ($line['type'] == 'GALCATCOM') { $displayname = getUserDisplayName($cUserid); $link = 'gallery/index.php?uid' . $cId2 . '&cid=' . (int) $line['id3']; $title = sprintf(T_('%s commented on (%s).'), $displayname, $cTitle); } elseif ($line['type'] == 'GALCOM') { $displayname = getUserDisplayName($cUserid); $link = 'gallery/index.php?uid=0&cid=comments&pid=' . $cId; $title = sprintf(T_('%s commented on the following photo:'), $displayname); } elseif ($line['type'] == 'GALLERY') { $displayname = getUserDisplayName($cUserid); $link = 'gallery/index.php?uid=' . $cUserid . '&cid=' . $cId; $title = sprintf(T_('%s has added %d new photos to the %s category.'), $displayname, $cId2, $cTitle); } elseif ($line['type'] == 'JOINED') { $displayname = getUserDisplayName($cUserid); $link = "profile.php?member=" . $cUserid; $title = sprintf(T_('%s has joined the website.'), $displayname); } elseif ($line['type'] == 'NEWS') { $displayname = getUserDisplayName($cUserid); $link = 'familynews.php?getnews=' . $cUserid . '&newsid=' . $cId; $title = sprintf(T_('%s has added %s to his/her Family News.'), $displayname, $cTitle); } elseif ($line['type'] == 'NEWSCOM') { $displayname = getUserDisplayName($cUserid); $link = 'familynews.php?getnews=' . $cUserid . '&newsid=' . $cId; $title = sprintf(T_('%s commented on Family News %s.'), $displayname, $cTitle); } elseif ($line['type'] == 'POLL') { $link = 'polls.php?id=' . $cId; $title = sprintf(T_('A new Poll (%s) has been added.'), $cTitle); } elseif ($line['type'] == 'POLLCOM') { $displayname = getUserDisplayName($cUserid); $link = 'polls.php?id=' . $cId; $title = sprintf(T_('%s commented on Poll %s.'), $displayname, $cTitle); } elseif ($line['type'] == 'PRAYERS') { $displayname = getUserDisplayName($cUserid); $link = 'prayers.php'; $title = sprintf(T_('%s has added a Prayer Concern for %s.'), $displayname, $cTitle); } elseif ($line['type'] == 'RECIPES') { $displayname = getUserDisplayName($cUserid); $link = 'recipes.php?category=' . $cId2 . '&id=' . $cId; $title = sprintf(T_('%s has added the recipe %s.'), $displayname, $cTitle); } elseif ($line['type'] == 'RECIPECOM') { $displayname = getUserDisplayName($cUserid); $link = 'recipes.php?category=' . $cId2 . '&id=' . $cId; $title = sprintf(T_('%s commented on Recipe %s.'), $displayname, $cTitle); } elseif ($line['type'] == 'STATUS') { $displayname = getUserDisplayName($cUserid); $link = 'home.php'; $title = $displayname . ': ' . $cTitle; } elseif ($line['type'] == 'VIDEO') { $displayname = getUserDisplayName($cUserid); $link = 'video.php?u=' . $cUserid . '&id=' . $cId; $title = sprintf(T_('%s has added a the video %s.'), $displayname, $cTitle); } elseif ($line['type'] == 'VIDEOCOM') { $displayname = getUserDisplayName($cUserid); $link = 'video.php?u=' . $cUserid . '&id=' . $cId; $title = sprintf(T_('%s commented on the video %s.'), $displayname, $cTitle); } elseif ($line['type'] == 'WHEREISEVERYONE') { $displayname = getUserDisplayName($cUserid); $link = 'whereiseveryone.php'; $title = sprintf(T_('%s visited %s.'), $displayname, $cTitle); } $output .= "\n<item>\n<title><![CDATA[{$title}]]></title> \n<pubDate>" . gmdate(T_('D, d M Y H:i:s'), strtotime($line['date'])) . " GMT</pubDate> \n<link>{$urlRoot}/{$link}</link> \n<guid isPermaLink=\"false\"><![CDATA[{$urlRoot} {$title} " . gmdate(T_('D, d M Y H:i:s'), strtotime($line['date'])) . "]]></guid> \n</item>"; } $output .= "\n</channel>\n</rss>"; echo $output; }
/** * displayAddRecipeSubmit * * @return void */ function displayAddRecipeSubmit() { $name = strip_tags($_POST['name']); $category = (int) $_POST['category']; $ingredients = strip_tags($_POST['ingredients']); $directions = strip_tags($_POST['directions']); $thumbnail = 'no_recipe.jpg'; $uploadsPath = getUploadsAbsolutePath(); // Upload Recipe Image if (isset($_FILES['thumbnail']) && $_FILES['thumbnail']['name'] && $_FILES['thumbnail']['error'] < 1) { $this->fcmsImage->destination = $uploadsPath . 'upimages/'; $this->fcmsImage->uniqueName = true; $thumbnail = $this->fcmsImage->upload($_FILES['thumbnail']); if ($this->fcmsImage->error == 1) { $this->displayHeader(); echo ' <p class="error-alert"> ' . sprintf(T_('Thumbnail [%s] is not a supported type. Thumbnails must be of type (.jpg, .jpeg, .gif, .bmp or .png).'), $this->img->name) . ' </p>'; $this->displayFooter(); return; } $this->fcmsImage->resize(100, 100); if ($this->fcmsImage->error > 0) { $this->displayHeader(); echo ' <p class="error-alert"> ' . T_('There was an error uploading your thumbnail.') . ' </p>'; $this->displayFooter(); return; } } $sql = "INSERT INTO `fcms_recipes` \n (`name`, `thumbnail`, `category`, `ingredients`, `directions`, `user`, `date`) \n VALUES\n (?, ?, ?, ?, ?, ?, NOW())"; $params = array($name, $thumbnail, $category, $ingredients, $directions, $this->fcmsUser->id); $rec_id = $this->fcmsDatabase->insert($sql, $params); if ($rec_id === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email members $sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) > 0) { foreach ($rows as $r) { $recipeUser = getUserDisplayName($this->fcmsUser->id); $to = getUserDisplayName($r['user']); $subject = sprintf(T_('%s has added the recipe: %s'), $recipeUser, $name); $email = $r['email']; $url = getDomainAndDir(); $email_headers = getEmailHeaders(); $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'recipes.php?category=' . $category . ' ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $email_headers); } } header("Location: recipes.php?category={$category}&id={$rec_id}"); }
/** * emailMembersNewPhotos * * @param int $categoryId * * @return void */ function emailMembersNewPhotos($categoryId) { $sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) > 0) { $name = getUserDisplayName($this->fcmsUser->id); $subject = sprintf(T_('%s has added a new photo.'), $name); $url = getDomainAndDir(); $emailHeaders = getEmailHeaders(); foreach ($rows as $r) { $to = getUserDisplayName($r['user']); $email = $r['email']; $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'index.php?uid=' . $this->fcmsUser->id . '&cid=' . $category . ' ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $emailHeaders); } } }
/** * displayAddDocumentSubmit * * @return void */ function displayAddDocumentSubmit() { $doc = $_FILES['doc']['name']; $doc = cleanFilename($doc); $desc = $_POST['desc']; $mime = $_FILES['doc']['type']; $result = $this->fcmsDocument->uploadDocument($_FILES['doc'], $doc); if ($result === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } $sql = "INSERT INTO `fcms_documents` (\n `name`, `description`, `mime`, `user`, `date`\n ) VALUES(\n ?, ?, ?, ?, NOW()\n )"; $params = array($doc, $desc, $mime, $this->fcmsUser->id); if (!$this->fcmsDatabase->insert($sql, $params)) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email members $sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if (count($rows) > 0) { $name = getUserDisplayName($this->fcmsUser->id); $url = getDomainAndDir(); $subject = sprintf(T_('%s has added a new document (%s).'), $name, $doc); $email_headers = getEmailHeaders(); foreach ($rows as $r) { $to = getUserDisplayName($r['user']); $email = $r['email']; $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'documents.php ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $email_headers); } } $_SESSION['ok'] = 1; header("Location: documents.php"); }
/** * displayNewPostSubmit * * @return void */ function displayNewPostSubmit() { $post = $_POST['post']; $threadId = (int) $_POST['thread_id']; // Update Thread info $sql = "UPDATE `fcms_board_threads` \n SET `updated` = NOW(), \n `updated_by` = ?\n WHERE `id` = ?"; if (!$this->fcmsDatabase->update($sql, array($this->fcmsUser->id, $threadId))) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Insert new Post $sql = "INSERT INTO `fcms_board_posts`\n (`date`, `thread`, `user`, `post`)\n VALUES\n (NOW(), ?, ?, ?)"; $params = array($threadId, $this->fcmsUser->id, $post); if (!$this->fcmsDatabase->insert($sql, $params)) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email members $sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if (count($rows) > 0) { $name = getUserDisplayName($this->fcmsUser->id); $sql = "SELECT `subject` \n FROM `fcms_board_threads` \n WHERE `id` = ?"; $threadInfo = $this->fcmsDatabase->getRow($sql, $threadId); if ($threadInfo === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } $threadSubject = $threadInfo['subject']; $pos = strpos($threadSubject, '#ANOUNCE#'); if ($pos !== false) { $threadSubject = substr($threadSubject, 9, strlen($threadSubject) - 9); } $emailHeaders = getEmailHeaders(); $subject = sprintf(T_('%s has replied to the thread: %s'), $name, $threadSubject); $url = getDomainAndDir(); foreach ($rows as $r) { $email = $r['email']; $to = getUserDisplayName($r['user']); $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'messageboard.php?thread=' . $threadId . ' ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $emailHeaders); } } header("Location: messageboard.php?thread={$threadId}"); }
/** * displayYouTubeVideoPage * * @param array $video * * @return void */ function displayYouTubeVideoPage($video) { $this->displayHeader(); // Video not found in db if (!is_array($video)) { echo ' <div class="info-alert"> <h2>' . T_('Missing or Invalid Video.') . '</h2> <p>' . T_('This video cannot be found. Are you sure you typed in URL correctly?') . '</p> </div>'; $this->displayFooter(); return; } elseif ($video['source_id'] == '0') { $this->displayVideoNotFound($video, 'YouTube'); return; } // Save video id for ajax call $_SESSION['source_id'] = $video['source_id']; $url = 'video.php?u=' . $video['created_id'] . '&id=' . $video['id']; $views = T_('Unknown'); // Get authed google client $googleClient = getAuthedGoogleClient($this->fcmsUser->id); // If this user has a google account setup, we should get a google client in return // so go ahead and do googly/youtuby stuff if ($googleClient !== false) { // Get video entry try { $youtube = new Google_Service_YouTube($googleClient); $videoEntry = $youtube->videos->listVideos('id,snippet,status,contentDetails,processingDetails,statistics', array('id' => $video['source_id'])); } catch (Exception $e) { $this->fcmsError->add(array('type' => 'operation', 'message' => 'Could not search YouTube.', 'error' => $e, 'file' => __FILE__, 'line' => __LINE__)); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Make sure we found the video first if (!isset($videoEntry['items'][0])) { $this->displayVideoNotFound($video, 'YouTube'); $this->displayFooter(); return; } $status = $videoEntry['items'][0]['status']['uploadStatus']; $views = $videoEntry['items'][0]['statistics']['viewCount']; // Let's handle all the upload statuses if ($status === 'deleted') { $this->displayVideoNotFound($video, 'YouTube'); $this->displayFooter(); return; } else { if ($status === 'failed') { // TODO echo '<h1>FAILED</h1>'; $this->displayFooter(); return; } else { if ($status === 'rejected') { $reason = $videoEntry['items'][0]['status']['rejectionReason']; echo ' <div class="info-alert"> <p><b>' . T_('This video was Rejected by YouTube') . '</b></p> <p>' . T_('Rejection reason:') . ' ' . $reason . '</p> <p>' . T_('Would you like to delete this video?') . '</p> <form action="' . $url . '" method="post"> <input type="hidden" id="id" name="id" value="' . $video['id'] . '"/> <input type="hidden" id="source_id" name="source_id" value="' . $video['source_id'] . '"/> <input class="sub1" type="submit" id="delete_video" name="delete_video" value="' . T_('Yes') . '"/> ' . T_('or') . ' <a href="video.php">' . T_('No') . '</a> </form> </div>'; $this->displayFooter(); return; } else { if ($status === 'uploaded') { $percentComplete = 0; $steps = array('fileDetailsAvailability', 'processingIssuesAvailability', 'tagSuggestionsAvailability', 'editorSuggestionsAvailability', 'thumbnailsAvailability'); foreach ($steps as $step) { if ($videoEntry['items'][0]['processingDetails'][$step] === 'available') { $percentComplete += 20; } } $message = $percentComplete; echo ' <div class="ok-alert"> <p><b>' . T_('This video was uploaded to YouTube successfully.') . '</b></p> <p>' . T_('However it may take a few moments before you video is viewable. Please check back later.') . '</p> <p> ' . T_('Percentage complete:') . ' <span id="current_complete">' . $percentComplete . '%</span> </p> <p id="js_msg"></p> <p id="refresh"><a href="' . $url . '">' . T_('Refresh') . '</a></p> </div>'; $this->displayFooter(); return; } } } } } $videoUrl = 'http://www.youtube.com/e/' . $video['source_id'] . '?version=3&enablejsapi=1&rel=0&wmode=transparent'; $this->displayVideoStartCode(); echo ' <div id="sections_menu"> <ul> <li><a href="video.php">' . T_('Latest Videos') . '</a></li> <li><a href="video.php?u=' . $video['created_id'] . '">' . getUserDisplayName($video['created_id'], 2) . '</a></li> </ul> </div>'; // Can you edit/delete this video? if ($video['created_id'] == $this->fcmsUser->id || $this->fcmsUser->access == 1) { echo ' <div id="video_edit"> <form action="' . $url . '" method="post"> <div id="delete"> <input type="hidden" id="id" name="id" value="' . $video['id'] . '"/> <input type="hidden" id="source_id" name="source_id" value="' . $video['source_id'] . '"/> <input class="btn" type="submit" id="remove_video" name="remove_video" value="' . T_('Remove Video') . '"/> <label for="delete_youtube">' . T_('Delete from YouTube?') . '</label> <input type="checkbox" id="delete_youtube" name="delete_youtube"/> </div> </form> </div>'; } echo ' <div id="video_desc"> <img src="' . getCurrentAvatar($video['created_id']) . '"/> <h2>' . cleanOutput($video['title']) . '</h2> <p>' . cleanOutput($video['description']) . '</p> </div> <div id="video_content"> <iframe class="youtube-player" type="text/html" width="854" height="480" src="http://www.youtube.com/embed/' . $video['source_id'] . '" allowfullscreen frameborder="0"> </iframe> </div>'; echo '<p>' . T_('Views') . ': ' . cleanOutput($views) . '</p>'; $params = array('id' => $video['id']); displayComments($url, 'video', $params); $this->displayFooter(); }
/** * displayNews * * Prints out the news info when looping through a list of news. * Used when viewing last 5 and users news. * * @param array $data * * @return void */ function displayNews($data) { $displayname = getUserDisplayName($data['user']); $updated = fixDate(T_('F j, Y g:i a'), $this->fcmsUser->tzOffset, $data['updated']); $created = fixDate(T_('F j, Y g:i a'), $this->fcmsUser->tzOffset, $data['created']); $newsSource = ''; // Imported news if (strlen($data['external_type']) > 0) { $newsSource = ' <span style="background-color:#eee; color:#999; font-size:13px;"> ' . sprintf(T_('Originally from %s, %s.'), $data['external_type'], $created) . ' </span><br/>'; $news = strip_tags($data['news']); } else { $news = removeBBCode($data['news']); $news = cleanOutput($news); } if (strlen($data['news']) > 300) { $news = substr($news, 0, 300); $news .= '...<br/><br/><a href="?getnews=' . $data['user'] . '&newsid=' . (int) $data['id'] . '">' . T_('Read More') . '</a>'; } if (empty($data['title'])) { $data['title'] = T_('untitled'); } echo ' <div class="news-post"> <h2> <a href="?getnews=' . $data['user'] . '&newsid=' . (int) $data['id'] . '">' . cleanOutput($data['title']) . '</a> </h2> <span class="date">' . $updated . ' - ' . $displayname . '</span> <p>' . $newsSource . $news . '</p> <p class="news-comments"> <a href="?getnews=' . $data['user'] . '&newsid=' . (int) $data['id'] . '#comments">' . T_('Comments') . '</a> - ' . getNewsComments($data['id']) . ' </p> </div>'; }
/** * displayAttendForm * * @return void */ function displayAttendForm() { $this->displayHeader(); $id = (int) $_GET['event']; $code = $_GET['code']; $sql = "SELECT `id`, `event_id`, `user`, `created`, `updated`, `attending`, `code`, `response`\n FROM `fcms_invitation` \n WHERE `event_id` = ?\n AND `code` = ?"; $params = array($id, $code); $invitation = $this->fcmsDatabase->getRow($sql, $params); if ($invitation === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($invitation) <= 0) { echo '<p><b>' . T_('Invalid Invitation Code!') . '</b></p>'; $this->displayFooter(); return; } $sql = "SELECT c.`id`, c.`date`, c.`time_start`, c.`time_end`, c.`date_added`, \n c.`title`, c.`desc`, c.`created_by`, cat.`name` AS category, c.`repeat`, c.`private`\n FROM `fcms_calendar` AS c, `fcms_category` AS cat \n WHERE c.`id` = ?\n AND c.`category` = cat.`id` \n LIMIT 1"; $event = $this->fcmsDatabase->getRow($sql, $id); if ($event === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($event) <= 0) { echo '<p><b>' . T_('Invalid Event!') . '</b></p>'; $this->displayFooter(); return; } $times = $this->fcmsCalendar->getTimesList(); $date = formatDate(T_('F j, Y'), $event['date']); $title = cleanOutput($event['title']); $host = getUserDisplayname($event['created_by'], 2); $time = ''; $cat = ''; $desc = ''; list($year, $month, $day) = explode('-', $event['date']); // handle time if (isset($times[$event['time_start']])) { // one moment in time if ($event['time_start'] == $event['time_end']) { $time = '<br/>' . sprintf(T_('beginning at %s'), $times[$event['time_start']]); } else { $time = '<br/>' . sprintf(T_('between %s and %s'), $times[$event['time_start']], $times[$event['time_end']]); } } if (!empty($event['desc'])) { $desc = '<br/>' . cleanOutput($event['desc']); } echo ' <div id="event_details"> <h1>' . $title . '</h1> <p id="desc">' . $desc . '</p> <div> <h2>' . T_('When') . '</h2> <p><b>' . $date . '</b> ' . $time . '</p> <h2>' . T_('Host') . '</h2> <p>' . $host . '</p> </div> </div>'; if ($invitation['attending'] === null) { echo ' <form action="invitation.php?event=' . $id . '&code=' . $code . '" method="post"> <h1 id="attending_header">' . T_('Are you attending?') . '</h1> <ul id="attending" class="clearfix"> <li> <label for="yes"> <img src="ui/img/attend_yes.png"/><br/> <b>' . T_('Yes') . '</b> </label> <input type="radio" id="yes" name="attending" value="1"/> </li> <li> <label for="maybe"> <img src="ui/img/attend_maybe.png"/><br/> <b>' . T_('Maybe') . '</b> </label> <input type="radio" id="maybe" name="attending" value="2"/> </li> <li> <label for="no"> <img src="ui/img/attend_no.png"/><br/> <b>' . T_('No') . '</b> </label> <input type="radio" id="no" name="attending" value="0"/> </li> <li class="submit"> <textarea id="response" name="response" cols="50" rows="10"></textarea> <input type="hidden" id="id" name="id" value="' . $invitation['id'] . '"/> <input type="submit" id="attend_submit" name="attend_submit" value="' . T_('Submit') . '"/> </li> </ul> </form>'; } // Get info on who's coming $sql = "SELECT `user`, `email`, `attending`, `response`, `updated`\n FROM `fcms_invitation`\n WHERE `event_id` = '{$id}'"; $rows = $this->fcmsDatabase->getRows($sql, $id); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } $yesCount = 0; $noCount = 0; $maybeCount = 0; $undecidedCount = 0; $responses = array(); foreach ($rows as $r) { $img = ''; if ($r['attending'] === null) { $undecidedCount++; $img = T_('Undecided'); } elseif ($r['attending'] == 0) { $noCount++; $img = '<img src="ui/img/attend_no.png" alt="' . T_('No') . '"/>'; } elseif ($r['attending'] == 1) { $yesCount++; $img = '<img src="ui/img/attend_yes.png" alt="' . T_('Yes') . '"/>'; } elseif ($r['attending'] > 1) { $maybeCount++; $img = '<img src="ui/img/attend_maybe.png" alt="' . T_('Maybe') . '"/>'; } $displayname = cleanOutput($r['email']); if ($r['user'] != 0) { $displayname = getUserDisplayName($r['user'], 2); } $responses[] = array('user' => $r['user'], 'updated' => $r['updated'], 'displayname' => $displayname, 'response' => $r['response'], 'attending' => $r['attending'], 'img' => $img); } echo ' <div id="leftcolumn"> <h3>' . T_('Who\'s Coming') . '</h3> <h3 class="coming"><img src="ui/themes/default/img/ok.gif"> ' . T_('Yes') . ' (' . $yesCount . ')</h3> <h3 class="coming"><img src="ui/themes/default/img/help.gif"> ' . T_('Maybe') . ' (' . $maybeCount . ')</h3> <h3 class="coming"><img src="ui/themes/default/img/delete.gif"> ' . T_('No') . ' (' . $noCount . ')</h3> <h3 class="coming">' . T_('Undecided') . ' (' . $undecidedCount . ')</h3> </div> <div id="maincolumn">'; foreach ($responses as $response) { if (isset($response['attending'])) { echo ' <div class="comment_block clearfix"> ' . $response['img'] . ' <b>' . $response['displayname'] . '</b> <i>' . $response['updated'] . '</i> <p> ' . cleanOutput($response['response']) . ' </p> </div>'; } } echo ' </div>'; $this->displayFooter(); }
/** * displayPrayers * * @return void */ function displayPrayers() { $this->displayHeader(array('jsOnload' => ' $(\'.delform input[type="submit"]\').click(function(e) { return confirmDeleteLink(this, "' . T_('Are you sure you want to DELETE this?') . '", e); });')); if (isset($_SESSION['success'])) { displayOkMessage(); unset($_SESSION['success']); } if (isset($_SESSION['delete_success'])) { displayOkMessage(T_('Prayer Concern Deleted Successfully')); unset($_SESSION['delete_success']); } if ($this->fcmsUser->access <= 5) { echo ' <div id="actions_menu"> <ul><li><a class="action" href="?addconcern=yes">' . T_('Add a Prayer Concern') . '</a></li></ul> </div>'; } $page = getPage(); $from = $page * 5 - 5; $sql = "SELECT p.`id`, `for`, `desc`, `user`, `date` \n FROM `fcms_prayers` AS p, `fcms_users` AS u \n WHERE u.`id` = p.`user` \n ORDER BY `date` DESC \n LIMIT {$from}, 5"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) <= 0) { echo ' <div class="blank-state"> <h2>' . T_('Nothing to see here') . '</h2> <h3>' . T_('Currently no one has added any Prayer Concerns.') . '</h3> <h3><a href="?addconcern=yes">' . T_('Why don\'t you add a new Prayer Concern now?') . '</a></h3> </div>'; $this->displayFooter(); return; } foreach ($rows as $r) { $date = fixDate(T_('F j, Y, g:i a'), $this->fcmsUser->tzOffset, $r['date']); $displayname = getUserDisplayName($r['user']); echo ' <hr/> <h4>' . $date . '</h4> <div class="edit_delete">'; // Edit if ($this->fcmsUser->id == $r['user'] || $this->fcmsUser->access < 2) { echo ' <form method="post" action="prayers.php"> <input type="hidden" name="id" value="' . (int) $r['id'] . '"/> <input type="hidden" name="for" value="' . cleanOutput($r['for']) . '"/> <input type="hidden" name="desc" value="' . cleanOutput($r['desc']) . '"/> <input type="submit" name="editprayer" value="' . T_('Edit') . '" class="editbtn" title="' . T_('Edit this Prayer Concern') . '"/> </form>'; } // Delete if ($this->fcmsUser->access < 2) { echo ' <form class="delform" method="post" action="prayers.php"> <input type="hidden" name="id" value="' . (int) $r['id'] . '"/> <input type="submit" name="delprayer" value="' . T_('Delete') . '" class="delbtn" title="' . T_('Delete this Prayer Concern') . '"/> </form>'; } echo ' </div> <div class="for"> <b>' . sprintf(T_('%s asks that you please pray for...'), '<a href="profile.php?member=' . (int) $r['user'] . '">' . $displayname . '</a>') . '</b> <div>' . cleanOutput($r['for']) . '</div> </div> <div class="because"> <b>' . T_('Because...') . '</b> <div>' . parse($r['desc']) . '</div> </div> <div class="top"><a href="#top">' . T_('Back to Top') . '</a></div>'; } // Display Pagination $sql = "SELECT count(`id`) AS c \n FROM `fcms_prayers`"; $r = $this->fcmsDatabase->getRow($sql); if ($r === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } $prayercount = (int) $r['c']; $total_pages = ceil($prayercount / 5); displayPagination('prayers.php', $page, $total_pages); $this->displayFooter(); }
/** * showDocuments * * @param int $page * @return void */ function showDocuments($page = 1) { $from = $page * 25 - 25; $sql = "SELECT `id`, `name`, `description`, `user`, `date` \n FROM `fcms_documents` AS d \n ORDER BY `date` DESC \n LIMIT {$from}, 25"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->fcmsError->displayError(); return; } if (count($rows) > 0) { echo ' <script type="text/javascript" src="ui/js/tablesort.js"></script> <table id="docs" class="sortable"> <thead> <tr> <th class="sortfirstasc">' . T_('Document') . '</th> <th>' . T_('Description') . '</th> <th>' . T_('Uploaded By') . '</th> <th>' . T_('Date Added') . '</th> </tr> </thead> <tbody>'; foreach ($rows as $r) { $date = fixDate(T_('m/d/Y h:ia'), $this->fcmsUser->tzOffset, $r['date']); echo ' <tr> <td> <a href="?download=' . cleanOutput($r['name']) . '">' . cleanOutput($r['name']) . '</a>'; if ($this->fcmsUser->access < 3 || $this->fcmsUser->id == $r['user']) { echo ' <form method="post" action="documents.php"> <div> <input type="hidden" name="id" value="' . (int) $r['id'] . '"/> <input type="hidden" name="name" value="' . cleanOutput($r['name']) . '"/> <input type="submit" name="deldoc" value="' . T_('Delete') . '" class="delbtn" title="' . T_('Delete this Document') . '"/> </div> </form>'; } echo ' </td> <td>' . cleanOutput($r['description']) . '</td> <td>' . getUserDisplayName($r['user']) . '</td> <td>' . $date . '</td> </tr>'; } echo ' </tbody> </table>'; // Pages $sql = "SELECT count(`id`) AS c \n FROM `fcms_documents`"; $row = $this->fcmsDatabase->getRow($sql); if ($row === false) { $this->fcmsError->displayError(); return; } $docscount = isset($row['c']) ? $row['c'] : 0; $total_pages = ceil($docscount / 25); displayPages('documents.php', $page, $total_pages); } else { echo ' <div class="blank-state"> <h2>' . T_('Nothing to see here') . '</h2> <h3>' . T_('Currently no one has shared any documents.') . '</h3> <h3><a href="?adddoc=yes">' . T_('Why don\'t you share a document now?') . '</a></h3> </div>'; } }
/** * displayCreateSubmit * * @return void */ function displayCreateSubmit() { $this->displayHeader(); // Check Required Fields $requiredFields = array('username', 'password', 'fname', 'lname', 'sex', 'email'); $missingRequired = false; foreach ($requiredFields as $field) { if (!isset($_POST[$field])) { $missingRequired = true; } } if ($missingRequired) { $this->fcmsAdminMembers->displayCreateMemberForm(T_('Missing Required Field')); $this->displayFooter(); return; } // Check Email $sql = "SELECT `email` FROM `fcms_users` \n WHERE `email` = ?"; $rows = $this->fcmsDatabase->getRows($sql, $_POST['email']); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) > 0) { $this->fcmsAdminMembers->displayCreateMemberForm(sprintf(T_('The email address %s is already in use. Please choose a different email.'), $_POST['email'])); $this->displayFooter(); return; } // birthday $year = ''; $month = ''; $day = ''; if (!empty($_POST['year'])) { $year = (int) $_POST['year']; } if (!empty($_POST['month'])) { $month = (int) $_POST['month']; $month = str_pad($month, 2, "0", STR_PAD_LEFT); } if (!empty($_POST['day'])) { $day = (int) $_POST['day']; $day = str_pad($day, 2, "0", STR_PAD_LEFT); } $fname = strip_tags($_POST['fname']); $mname = strip_tags($_POST['mname']); $lname = strip_tags($_POST['lname']); $maiden = strip_tags($_POST['maiden']); $sex = strip_tags($_POST['sex']); $email = strip_tags($_POST['email']); $username = strip_tags($_POST['username']); $hasher = new PasswordHash(8, FALSE); $hashPassword = $hasher->HashPassword($_POST['password']); // Create new member $sql = "INSERT INTO `fcms_users`\n (`access`, `joindate`, `fname`, `mname`, `lname`, `maiden`, `sex`, `email`, `dob_year`, `dob_month`, `dob_day`,\n `username`, `phpass`, `activated`)\n VALUES\n (3, NOW(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 1)"; $params = array($fname, $mname, $lname, $maiden, $sex, $email, $year, $month, $day, $username, $hashPassword); $lastid = $this->fcmsDatabase->insert($sql, $params); if ($lastid === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } // Create member's address $sql = "INSERT INTO `fcms_address`\n (`user`, `created_id`, `created`, `updated_id`, `updated`)\n VALUES\n (?, ?, NOW(), ?, NOW())"; $addressParams = array($lastid, $this->fcmsUser->id, $this->fcmsUser->id); if (!$this->fcmsDatabase->insert($sql, $addressParams)) { $this->fcmsError->displayError(); $this->displayFooter(); return; } // Create member's settings $sql = "INSERT INTO `fcms_user_settings`\n (`user`)\n VALUES\n (?)"; if (!$this->fcmsDatabase->insert($sql, array($lastid))) { $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email member if (isset($_POST['invite'])) { $from = getUserDisplayName($this->fcmsUser->id, 2); $sitename = getSiteName(); $subject = sprintf(T_('Invitation to %s'), $sitename); $url = getDomainAndDir(); $pos = strrpos($url, 'admin/'); if ($pos !== false) { $url = substr($url, 0, $pos); } $message = $fname . ' ' . $lname . ', ' . sprintf(T_('You have been invited by %s to join %s.'), $from, $sitename) . ' ' . T_('You can login using the following information') . ': ' . T_('URL') . ': ' . $url . ' ' . T_('Username') . ': ' . $username . ' ' . T_('Password') . ': ' . $_POST['password'] . ' ' . T_('Thanks') . ', ' . sprintf(T_('The %s Webmaster'), $sitename) . ' ' . T_('This is an automated response, please do not reply.'); mail($email, $subject, $message, getEmailHeaders()); } $this->fcmsAdminMembers->displayMemberList(1); displayOkMessageAdmin(); $this->displayFooter(); }
/** * displayInbox * * @return void */ function displayInbox() { $this->displayHeader(array('jsOnload' => ' $(\'.pm_footer input[type="submit"]\').click(function(e) { return confirmDeleteLink(this, "' . T_('Are you sure you want to DELETE this?') . '", e); });')); if (isset($_SESSION['success'])) { displayOkMessage(); unset($_SESSION['success']); } $header = T_('Inbox'); if (isset($_SESSION['private_messages']) && $_SESSION['private_messages'] > 0) { $header = sprintf(T_('Inbox (%d)'), $_SESSION['private_messages']); } echo ' <form method="post" action="privatemsg.php"> <table id="pm" cellpadding="0" cellspacing="0"> <tr> <th colspan="3" class="pm_header">' . $header . '</th> </tr>'; $sql = "SELECT p.`id`, `to`, `from`, `title`, `date`, `read`, u.`avatar`, u.`gravatar`\n FROM `fcms_privatemsg` AS p\n LEFT JOIN `fcms_users` AS u ON p.`from` = u.`id`\n WHERE `to` = ?\n ORDER BY `date` DESC"; $rows = $this->fcmsDatabase->getRows($sql, $this->fcmsUser->id); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } foreach ($rows as $r) { $date = fixDate(T_('M. j, Y, g:i a'), $this->fcmsUser->tzOffset, $r['date']); $avatarPath = getAvatarPath($r['avatar'], $r['gravatar']); $from = getUserDisplayName($r['from']); $rowClass = ''; $linkClass = 'read'; if ($r['read'] < 1) { $rowClass = 'new'; $linkClass = ''; } echo ' <tr class="' . $rowClass . '"> <td class="img"></td> <td> <div class="user"> <img src="' . $avatarPath . '" alt="' . $from . '" title="' . $from . '"/> </div> <a class="' . $linkClass . '" href="?pm=' . (int) $r['id'] . '">' . cleanOutput($r['title']) . '</a> <span>' . $date . '</span> </td> <td class="check"><input type="checkbox" name="del[]" value="' . (int) $r['id'] . '"/></td> </tr>'; } echo ' <tr> <th colspan="3" class="pm_footer"> <input class="sub1" type="submit" name="delete" value="' . T_('Delete Selected') . '"/> </th> </tr> </table> </form>'; $this->displayFooter(); }
/** * display * * @return void */ public function display() { $_SESSION['fcms_uploader_type'] = 'basic'; // Setup the list of active members for possible tags $sql = "SELECT `id` \n FROM `fcms_users` \n WHERE `activated` > 0\n ORDER BY `fname`, `lname`"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->fcmsError->displayError(); return; } $autocompleteList = ''; foreach ($rows as $r) { $autocompleteList .= '{ data: "' . $r['id'] . '", value: "' . cleanOutput(getUserDisplayName($r['id'], 2)) . '" }, '; } $autocompleteList = substr($autocompleteList, 0, -2); // remove the extra comma space at the end // Display the form echo ' <form id="autocomplete_form" enctype="multipart/form-data" action="?action=upload" method="post" class="photo-uploader"> <div class="header"> <label>' . T_('Category') . '</label> ' . $this->getCategoryInputs() . ' </div> <ul class="upload-types"> ' . $this->getUploadTypesNavigation('upload') . ' </ul> <div class="upload-area"> <div class="basic"> <p style="float:right"> <a class="help" href="../help.php?topic=photo#gallery-howworks">' . T_('Help') . '</a> </p> <p> <label><b>' . T_('Photo') . '</b></label><br/> <input name="photo_filename" type="file" size="50"/> </p> <p> <label><b>' . T_('Caption') . '</b></label><br/> <input class="frm_text" type="text" name="photo_caption" size="50"/> </p> <div id="tag-options"> <label><b>' . T_('Who is in this Photo?') . '</b></label><br/> <input type="text" id="autocomplete_input" class="frm_text autocomplete_input" autocomplete="off" size="50" tabindex="3"/> <div id="autocomplete_instructions" class="autocomplete_instructions"> ' . T_('Type name of person...') . ' </div> <ul id="autocomplete_selected" class="autocomplete_selected"></ul> <div id="autocomplete_search" class="autocomplete_search" style="display:none"></div> <script type="text/javascript"> $(document).ready(function() { var users = [ ' . $autocompleteList . ' ]; $("#autocomplete_input").autocomplete({ lookup: users, showNoSuggestionNotice: true, noSuggestionNotice: "' . T_('No users found') . '", tabDisabled: true, onSelect: function (suggestion) { $("#autocomplete_instructions").hide(); $("#autocomplete_form").append( "<input type=\\"hidden\\" name=\\"tagged[]\\" class=\\"tagged\\" value=\\"" + suggestion.data + "\\">" ); $("#autocomplete_input").val("").focus(); $("#autocomplete_selected").append( "<li>" + suggestion.value + "<a href=\\"#\\" alt=\\"" + suggestion.data + "\\" " + "onclick=\\"removeTagged(this);\\">x</a></li>" ); } }); }); </script> </div> <p class="rotate-options"> <label><b>' . T_('Rotate') . '</b></label><br/> <input type="radio" id="left" name="rotate" value="left"/> <label for="left" class="radio_label">' . T_('Left') . '</label> <input type="radio" id="right" name="rotate" value="right"/> <label for="right" class="radio_label">' . T_('Right') . '</label> </p> </div><!--/basic--> </div> <div class="footer"> <input class="sub1" type="submit" id="submit-photos" name="addphoto" value="' . T_('Submit') . '"/> </div> </form> <script type="text/javascript"> $("#submit-photos").click(function(e) { ' . $this->getJsUploadValidation() . ' }); </script>'; }
/** * displayInvitationSubmit * * @return void */ function displayInvitationSubmit() { $this->displayHeader(); $calendarId = (int) $_POST['calendar']; // make sure the user submitted atleast one email address if (!isset($_POST['all-members']) && !isset($_POST['email']) && !isset($_POST['non-member-emails'])) { $error = T_('You must invite at least one guest.'); displayInvitationForm($calendarId, $error); return; } // Get any invitations already sent for this event $invitations = $this->getInvitations($calendarId, true); if ($invitations === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (!isset($invitations['_current_user'])) { // add the current user (host) to the invite as attending $sql = "INSERT INTO `fcms_invitation` \n (`event_id`, `user`, `created`, `updated`, `attending`)\n VALUES \n (?, ?, NOW(), NOW(), 1)"; $params = array($calendarId, $this->fcmsUser->id); if (!$this->fcmsDatabase->insert($sql, $params)) { $this->fcmsError->displayError(); $this->displayFooter(); return; } } // Get the calendar event title $sql = "SELECT `title` \n FROM `fcms_calendar` \n WHERE `id` = ?"; $r = $this->fcmsDatabase->getRow($sql, $calendarId); if ($r === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } $title = $r['title']; $invitees = array(); $nonMembers = array(); $members = array(); // get emails from textarea if (isset($_POST['non-member-emails'])) { $nonMembers = explode("\n", $_POST['non-member-emails']); } // get any members that have been invited if (isset($_POST['all-members'])) { $sql = "SELECT `id`, `email` \n FROM `fcms_users` \n WHERE `activated` > 0\n AND `phpass` != 'NONMEMBER'\n AND `id` != ?"; $rows = $this->fcmsDatabase->getRows($sql, $this->fcmsUser->id); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } foreach ($rows as $r) { array_push($members, array('id' => $r['id'], 'email' => $r['email'])); } } elseif (isset($_POST['member'])) { foreach ($_POST['member'] as $id) { array_push($members, array('id' => $id, 'email' => $_POST["id{$id}"])); } } // merge all emails into one big list $invitees = array_merge($nonMembers, $members); // Create the invite and send the emails to each invitee foreach ($invitees as $invitee) { if (empty($invitee)) { continue; } // create a code for this user $code = uniqid(''); $user = 0; $email = ''; $toEmail = ''; $toName = ''; $fromName = getUserDisplayName($this->fcmsUser->id); $url = getDomainAndDir(); // member if (is_array($invitee)) { $user = (int) $invitee['id']; $toEmail = rtrim($invitee['email']); $toName = getUserDisplayName($user); $email = null; $url .= 'calendar.php?event=' . $calendarId; } else { $user = 0; $toEmail = rtrim($invitee); $toName = $toEmail; $email = $toEmail; $url .= 'invitation.php?event=' . $calendarId . '&code=' . $code; } // Skip email address that have already been invited if (isset($invitations[$toEmail])) { continue; } // add an invitation to db $sql = "INSERT INTO `fcms_invitation` \n (`event_id`, `user`, `email`, `created`, `updated`, `code`)\n VALUES \n (?, ?, ?, NOW(), NOW(), ?)"; $params = array($calendarId, $user, $email, $code); if (!$this->fcmsDatabase->insert($sql, $params)) { $this->fcmsError->displayError(); $this->displayFooter(); return; } // Send email invitation $subject = sprintf(T_pgettext('%s is the title of an event', 'Invitation: %s'), $title); $msg = sprintf(T_pgettext('%s is the name of a person, like Dear Bob,', 'Dear %s,'), $toName) . ' ' . sprintf(T_pgettext('The first %s is the name of a person, the second is the title of an event', '%s has invited you to %s.'), $fromName, $title) . ' ' . T_('Please visit the link below to view the rest of this invitation.') . ' ' . $url . ' ---- ' . T_('This is an automated response, please do not reply.') . ' '; $email_headers = getEmailHeaders(); mail($toEmail, $subject, $msg, $email_headers); } displayOkMessage(); $this->fcmsCalendar->displayEvent($calendarId); $this->displayFooter(); }
/** * Generate OpenGraph meta tags for a given User * * @param array $data user data * @return string */ function getUserHTML($data) { $return = '<div class="h-card">' . PHP_EOL . '<h1><a class="p-name u-url" href="https://<%= htmlWebpackPlugin.options.data.domain %>/user/' . $data['username'] . '/">' . htmlspecialchars(getUserDisplayName($data)) . '</a></h1>' . PHP_EOL; if (!empty($data['html'])) { $return .= '<p class="p-note">' . $data['html'] . '</p>' . PHP_EOL; } if (!empty($data['displayname'])) { $return .= '<p class="p-given-name">' . $data['displayname'] . '</p>' . PHP_EOL; } $return .= '<p class="p-nickname">' . $data['username'] . '</p>' . PHP_EOL . '</div>'; return $return; }
/** * getMembersOnline * * @return mixed - array on success, false on failure */ function getMembersOnline() { $membersOnline = array('textLastSeen' => T_('Last Seen'), 'membersOnline' => array()); $last24hours = time() - 60 * 60 * 24; $sql = "SELECT * \n FROM fcms_users \n WHERE UNIX_TIMESTAMP(`activity`) >= ?\n ORDER BY `activity` DESC"; $rows = $this->fcmsDatabase->getRows($sql, $last24hours); if ($rows === false) { $this->fcmsError->setMessage('Could not get members online.'); return false; } foreach ($rows as $r) { $membersOnline['membersOnline'][] = array('id' => (int) $r['id'], 'avatar' => getCurrentAvatar($r['id']), 'displayname' => getUserDisplayName($r['id']), 'since' => getHumanTimeSince(strtotime($r['activity']))); } return $membersOnline; }
/** * displayInvitationDetails * * @param int $id * * @return void */ function displayInvitationDetails($id) { // Get info on who's coming $sql = "SELECT `id`, `user`, `email`, `attending`, `response`, `updated`\n FROM `fcms_invitation`\n WHERE `event_id` = ?\n ORDER BY `updated` DESC"; $rows = $this->fcmsDatabase->getRows($sql, $id); if ($rows === false) { $this->fcmsError->displayError(); displayFooter(); exit; } $yesCount = 0; $noCount = 0; $maybeCount = 0; $undecidedCount = 0; $comingYes = ''; $comingNo = ''; $comingMaybe = ''; $comingUndecided = ''; $responses = array(); $usersLkup = array(); foreach ($rows as $r) { $usersLkup[$r['user']] = array('attending' => $r['attending'], 'id' => $r['id']); $img = ''; $displayname = cleanOutput($r['email']); if ($r['user'] != 0) { $displayname = getUserDisplayName($r['user'], 2); } if ($r['attending'] === null) { $undecidedCount++; $comingUndecided .= "<p>{$displayname}</p>"; } elseif ($r['attending'] == 0) { $noCount++; $img = '<img class="avatar" src="ui/img/attend_no.png" alt="' . T_('No') . '"/>'; $comingNo .= "<p>{$displayname}</p>"; } elseif ($r['attending'] == 1) { $yesCount++; $img = '<img class="avatar" src="ui/img/attend_yes.png" alt="' . T_('Yes') . '"/>'; $comingYes .= "<p>{$displayname}</p>"; } elseif ($r['attending'] > 1) { $maybeCount++; $img = '<img class="avatar" src="ui/img/attend_maybe.png" alt="' . T_('Maybe') . '"/>'; $comingMaybe .= "<p>{$displayname}</p>"; } $responses[] = array('user' => $r['user'], 'updated' => $r['updated'], 'displayname' => $displayname, 'response' => $r['response'], 'attending' => $r['attending'], 'img' => $img); } if (isset($usersLkup[$this->fcmsUser->id]) && $usersLkup[$this->fcmsUser->id]['attending'] === null) { echo ' <form action="calendar.php?event=' . $id . '" method="post"> <h1 id="attending_header">' . T_('Are you attending?') . '</h1> <ul id="attending"> <li> <label for="yes"> <img src="ui/img/attend_yes.png"/><br/> <b>' . T_('Yes') . '</b> </label> <input type="radio" id="yes" name="attending" value="1"/> </li> <li> <label for="maybe"> <img src="ui/img/attend_maybe.png"/><br/> <b>' . T_('Maybe') . '</b> </label> <input type="radio" id="maybe" name="attending" value="2"/> </li> <li> <label for="no"> <img src="ui/img/attend_no.png"/><br/> <b>' . T_('No') . '</b> </label> <input type="radio" id="no" name="attending" value="0"/> </li> <li class="submit"> <textarea id="response" name="response" cols="50" rows="10"></textarea> <input type="hidden" id="id" name="id" value="' . $usersLkup[$this->fcmsUser->id]['id'] . '"/> <input type="submit" id="attend_submit" name="attend_submit" value="' . T_('Submit') . '"/> </li> </ul> </form>'; } echo ' <div id="leftcolumn"> <div id="whos_coming"> <h3>' . T_('Who\'s Coming') . '</h3> <h3 class="coming"><span class="ok"></span>' . T_('Yes') . ' <i>' . $yesCount . '</i></h3> <div class="coming_details">' . $comingYes . '</div> <h3 class="coming"><span class="maybe"></span>' . T_('Maybe') . ' <i>' . $maybeCount . '</i></h3> <div class="coming_details">' . $comingMaybe . '</div> <h3 class="coming"><span class="no"></span>' . T_('No') . ' <i>' . $noCount . '</i></h3> <div class="coming_details">' . $comingNo . '</div> <h3 class="coming">' . T_('Undecided') . ' <i>' . $undecidedCount . '</i></h3> <div class="coming_details">' . $comingUndecided . '</div> </div> </div> <div id="maincolumn">'; foreach ($responses as $response) { if (isset($response['attending'])) { $updated = fixDate(T_('F j, Y g:i a'), $this->fcmsUser->tzOffset, $response['updated']); echo ' <div class="comment_block"> ' . $response['img'] . ' <b>' . $response['displayname'] . '</b> <i>' . $updated . '</i> <p> ' . cleanOutput($response['response']) . ' </p> </div>'; } } echo ' </div>'; }
/** * displayHeader * * @param array $options * * @return void */ function displayHeader($options = null) { $params = array('currentUserId' => $this->fcmsUser->id, 'sitename' => getSiteName(), 'nav-link' => getNavLinks(), 'pagetitle' => T_('Family Tree'), 'pageId' => 'familytree-page', 'path' => URL_PREFIX, 'displayname' => getUserDisplayName($this->fcmsUser->id), 'version' => getCurrentVersion()); displayPageHeader($params, $options); }
* @category FCMS * @package FamilyConnections * @author Ryan Haudenschilt <*****@*****.**> * @copyright 2007 Haudenschilt LLC * @license http://www.gnu.org/licenses/gpl-2.0.html GPLv2 * @link http://www.familycms.com/wiki/ */ session_start(); define('URL_PREFIX', ''); require 'fcms.php'; load('datetime'); // Check that the user is logged in isLoggedIn(); // Globals $currentUserId = cleanInput($_SESSION['login_id'], 'int'); $TMPL = array('sitename' => getSiteName(), 'nav-link' => getNavLinks(), 'pagetitle' => T_('CHANGE_ME'), 'path' => URL_PREFIX, 'displayname' => getUserDisplayName($currentUserId), 'version' => getCurrentVersion(), 'year' => date('Y')); control(); exit; /** * control * * The controlling structure for this script. * * @return void */ function control() { global $book; if (isset($_GET['add'])) { displayAddForm(); } elseif (isset($_POST['addsubmit'])) {
/** * displayAllNotifications * * @return void */ function displayAllNotifications() { global $fcmsUser; $this->displayHeader(); $sql = "SELECT `id`, `user`, `created_id`, `notification`, `data`, `created`, `updated`\n FROM `fcms_notification`\n WHERE `user` = ?\n AND `created_id` != ?"; $params = array($this->fcmsUser->id, $this->fcmsUser->id); $rows = $this->fcmsDatabase->getRows($sql, $params); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) <= 0) { if (isset($_SESSION['notifications'])) { unset($_SESSION['notifications']); } echo ' <p class="info-alert">' . T_('You do not have any notifications.') . '</p>'; return; } echo ' <div id="sections_menu"> <ul> <li><a href="notifications.php">' . T_('Unread Notifications') . '</a></li> </ul> </div> <div id="notifications-list">'; foreach ($rows as $r) { $date = getHumanTimeSince(strtotime($r['created'])); $date = ' <span class="date">' . $date . '</span>'; $info = ''; if ($r['notification'] == 'tagged_photo') { $displayName = getUserDisplayName($r['created_id']); list($uid, $cid, $pid, $filename) = explode(':', $r['data']); $data = array('id' => $pid, 'external_id' => null, 'filename' => $filename, 'user' => $uid); $photoSrc = $this->fcmsPhotoGallery->getPhotoSource($data); $info = sprintf(T_('%s has added a photo of you.'), $displayName) . $date; $info .= '<br/><a href="gallery/index.php?uid=' . $uid . '&cid=' . $cid . '&pid=' . $pid . '">'; $info .= '<img src="' . $photoSrc . '"/></a>'; } echo ' <p> ' . $info . ' </p>'; } echo ' </div>'; $this->displayFooter(); }
/** * displayAddNewsSubmit * * @return void */ function displayAddNewsSubmit() { $sql = "INSERT INTO `fcms_news`\n (`title`, `news`, `user`, `created`, `updated`)\n VALUES\n (?, ?, ? ,NOW(), NOW())"; $params = array($_POST['title'], $_POST['post'], $this->fcmsUser->id); $newNewsId = $this->fcmsDatabase->insert($sql, $params); if ($newNewsId === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email members $sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) > 0) { $name = getUserDisplayName($this->fcmsUser->id); $url = getDomainAndDir(); $email_headers = getEmailHeaders(); foreach ($rows as $r) { $to = getUserDisplayName($r['user']); $subject = sprintf(T_('%s has added %s to his/her Family News'), $name, $_POST['title']); $email = $r['email']; $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'familynews.php?getnews=' . $this->fcmsUser->id . ' ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $email_headers); } } $user = (int) $this->fcmsUser->id; header("Location: familynews.php?getnews={$user}&newsid={$newNewsId}"); }
/** * showComments * * Show the comments for the given recipe. * * @param int $id * @param int $category * @return void */ function showComments($id, $category) { $id = (int) $id; $category = (int) $category; $sql = "SELECT rc.`id`, rc.`recipe`, rc.`comment`, rc.`date`, rc.`user`, u.`avatar` \n FROM `fcms_recipe_comment` AS rc, `fcms_users` AS u \n WHERE `recipe` = '{$id}' \n AND rc.`user` = u.`id` \n ORDER BY `date`"; $rows = $this->fcmsDatabase->getRows($sql, $id); if ($rows === false) { $this->fcmsError->displayError(); return; } // Display current comments if (count($rows) >= 0) { foreach ($rows as $r) { $del_comment = ''; $date = fixDate(T_('F j, Y g:i a'), $this->fcmsUser->tzOffset, $r['date']); $displayname = getUserDisplayName($r['user']); $comment = $r['comment']; if ($this->fcmsUser->id == $r['user'] || $this->fcmsUser->access < 2) { $del_comment .= '<input type="submit" name="delcom" id="delcom" ' . 'value="' . T_('Delete') . '" class="gal_delcombtn" title="' . T_('Delete this Comment') . '"/>'; } echo ' <div id="comment' . $id . '" class="comment_block"> <form class="delcom" action="?category=' . $category . '&id=' . $id . '" method="post"> ' . $del_comment . ' <img class="avatar" alt="avatar" src="' . getCurrentAvatar($r['user']) . '"/> <b>' . $displayname . '</b> <span>' . $date . '</span> <p> ' . parse($comment) . ' </p> <input type="hidden" name="id" value="' . $r['id'] . '"> <input type="hidden" name="user" value="' . $r['user'] . '"> </form> </div>'; } } // Display add comment form echo ' <p> </p> <div class="add_comment_block"> <form action="?category=' . $category . '&id=' . $id . '" method="post"> ' . T_('Add Comment') . '<br/> <textarea class="frm_textarea" name="comment" id="comment" rows="3" cols="63"></textarea> <input type="hidden" name="recipe" value="' . $id . '"> <input type="submit" name="addcom" id="addcom" value="' . T_('Add Comment') . '" title="' . T_('Add Comment') . '" class="gal_addcombtn"/> </form> </div> <p> </p>'; }