function nvweb_votes_event($event, $html) { global $webuser; global $website; global $current; $code = ''; $js = ''; if ($event == 'before_parse') { if ($_REQUEST['plugin'] == 'nv_votes') { if (empty($webuser->id)) { echo json_encode(array('error' => 'no_webuser')); } else { $status = webuser_vote::update_object_votes($webuser->id, $_POST['object'], $_POST['object_id'], $_POST['score'], true); if ($status === 'already_voted') { echo json_encode(array('error' => 'already_voted')); } else { if ($status === true) { echo json_encode(array('ok' => 'true')); } else { if (!$status) { echo json_encode(array('error' => 'error')); } } } } nvweb_clean_exit(); } else { // add jquery from CDN if not already loaded if (strpos($html, 'jquery') === false) { $code = '<script language="javascript" type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.0/jquery.min.js"></script>' . "\n"; } $js = ' function nvweb_votes_plugin_vote(value, callback) { jQuery.ajax({ type: "POST", url: "' . $website->absolute_path() . '/' . $current['route'] . '?plugin=nv_votes", data: { score: value, object: "' . $current['type'] . '", object_id: "' . $current['id'] . '" }, success: function(data) { if(callback) callback(data); }, dataType: "json" }); } '; nvweb_after_body("html", $code); nvweb_after_body("js", $js); } } return $html; }
function nvweb_menu($vars = array()) { global $website; global $DB; global $structure; global $current; $out = ''; nvweb_menu_load_dictionary(); nvweb_menu_load_routes(); nvweb_menu_load_structure(); nvweb_menu_load_actions(); $parent = intval(@$vars['parent']) + 0; $from = intval(@$vars['from']) + 0; $of = intval(@$vars['of']) + 0; if (isset($vars['parent']) && !is_numeric($vars['parent'])) { // assume parent attribute contains a property_id which has the category value $parent_property = nvweb_properties(array('property' => $vars['parent'])); if (!empty($parent_property)) { $parent = $parent_property; } } if ($of > 0) { // get options of the parent x in the order of the structure // example: // Home [5] Products [6] Contact [7] // | // -- Computers [8] Mobile Phones [9] // | // -- Apple [10] Dell [11] // // we want the categories under Products [6]: "Computers" [8] and "Mobile Phones" [9] // of: 2 (second item in the main structure) // <nv object="nvweb" name="menu" of="2" /> $parent = $structure['cat-0'][intval($of) - 1]->id; } if (empty($current['hierarchy'])) { $inverse_hierarchy = array(); // discover the parent from which get the menu if (!empty($current['category'])) { $inverse_hierarchy[] = $current['category']; $last = $current['category']; } else { $inverse_hierarchy[] = $current['object']->category; $last = $current['object']->category; } // get category parents until root (to know how many levels count from) while ($last > 0) { $last = $DB->query_single('parent', 'nv_structure', ' id = ' . protect($last)); $inverse_hierarchy[] = $last; } $current['hierarchy'] = array_reverse($inverse_hierarchy); } if ($from > 0) { // get a certain level of the menu based on the path to current item category with offset // example: // Home [5] Products [6] Contact [7] // | // -- Computers [8] Mobile Phones [9] // | // -- Apple [10] Dell [11] // // current item is a Dell computer (category = 11) // we want the menu from level 1 // from: 1 --> 8, 9 $parent = $current['hierarchy'][$from]; if (is_null($parent)) { return ''; } // the requested level of menu does not exist under the current category } $option = -1; if (isset($vars['option'])) { $option = intval($vars['option']); } if ($vars['mode'] == 'next' || $vars['mode'] == 'previous') { $out = nvweb_menu_render_arrow($vars); } else { $out = nvweb_menu_generate($vars['mode'], $vars['levels'], $parent, 0, $option, $vars['class']); if ($vars['mode'] == 'select') { nvweb_after_body('js', ' // jQuery required $("select.menu_level_0").off("change").on("change", function() { var option = $(this).find("option[value=" + $(this).val() + "]"); if($(option).attr("target") == "_blank") window.open($(option).attr("href")); else { if($(option).attr("href")=="#") window.location.replace($(option).attr("href") + "sid_" + $(option).attr("value")); else window.location.replace($(option).attr("href")); } }); '); } } return $out; }
function nvweb_contact_notify($vars, $is_error, $message) { global $events; $out = ''; switch ($vars['notify']) { case 'inline': if ($is_error) { $out = '<div class="nvweb-contact-form-error">' . $message . '</div>'; } else { $out = '<div class="nvweb-contact-form-success">' . $message . '</div>'; } break; case 'alert': nvweb_after_body('js', 'alert("' . $message . '");'); break; default: // if empty, default is alert if (empty($vars['notify'])) { nvweb_after_body('js', 'alert("' . $message . '");'); } else { // if not empty, it's a javascript function call if ($is_error && !empty($vars['error_callback'])) { nvweb_after_body('js', $vars['error_callback'] . '("' . $message . '");'); } else { nvweb_after_body('js', $vars['notify'] . '("' . $message . '");'); } } break; } $events->trigger('contact', 'after_sending', array('sent' => !$is_error, 'message' => $message)); return $out; }
function nvweb_template_processes($html) { global $session; global $theme; if (isset($session['nv.webuser/verify:email_confirmed'])) { unset($session['nv.webuser/verify:email_confirmed']); $text = $theme->t("subscribed_ok"); if (empty($text) || $text == "subscribed_ok") { $text = t(37, "E-Mail confirmed"); } nvweb_after_body("html", '<div id="nv_webuser_verify_email_confirmed" style=" transition: all 1s; text-align: center; width: 40%; margin: -48px 30% 0 30%; top: 50%; color: #555; position: fixed; z-index: 1000000; background: rgba(240, 255, 240, 0.7); box-shadow: 0 0 7px -2px #777; "> <span style="vertical-align: middle; font-size: 200%; ">✓</span> <span style="font-size: 125%; vertical-align: middle; ">' . $text . '</span> </div>'); nvweb_after_body("js", 'setTimeout(function() { document.getElementById("nv_webuser_verify_email_confirmed").style.opacity = 0; setTimeout(function() { document.getElementById("nv_webuser_verify_email_confirmed").style.display = "none"; }, 1000); }, 8000);'); } return $html; }
function nvweb_webuser($vars = array()) { global $website; global $theme; global $current; global $webgets; global $webuser; global $DB; $webget = "webuser"; if (!isset($webgets[$webget])) { $webgets[$webget] = array(); global $lang; if (empty($lang)) { $lang = new language(); $lang->load($current['lang']); } // default translations $webgets[$webget]['translations'] = array('login_incorrect' => t(4, 'Login incorrect.'), 'subscribed_ok' => t(541, 'Your email has been successfully subscribed to the newsletter.'), 'subscribe_error' => t(542, 'There was a problem subscribing your email to the newsletter.'), 'email_confirmation' => t(454, "An e-mail with a confirmation link has been sent to your e-mail account."), 'click_to_confirm_account' => t(607, "Click on the link below to confirm your account"), 'email_confirmation_notice' => t(608, "This is an automated e-mail sent as a result of a newsletter subscription request. If you received this e-mail by error just ignore it."), 'forgot_password_success' => t(648, "An e-mail with a temporary password has been sent to your e-mail account."), 'forgot_password_error' => t(446, "We're sorry. Your contact request could not be sent. Please try again or find another way to contact us.")); // theme translations // if the web theme has custom translations for this string subtypes, use it (for the user selected language) /* just add the following translations to your json theme dictionary: "login_incorrect": "Login incorrect.", "subscribed_ok": "Your email has been successfully subscribed to the newsletter.", "subscribe_error": "There was a problem subscribing your email to the newsletter.", "email_confirmation": "An e-mail with a confirmation link has been sent to your e-mail account.", "click_to_confirm_account": "Click on the link below to confirm your account", "email_confirmation_notice": "This is an automated e-mail sent as a result of a newsletter subscription request. If you received this e-mail by error just ignore it." "forgot_password_success": "An e-mail with a temporary password has been sent to your e-mail account.", "forgot_password_error": "We're sorry. Your contact request could not be sent. Please try again or find another way to contact us." */ if (!empty($website->theme) && method_exists($theme, 't')) { foreach ($webgets[$webget]['translations'] as $code => $text) { $theme_translation = $theme->t($code); if (!empty($theme_translation) && $code != $theme_translation) { $webgets[$webget]['translations'][$code] = $theme_translation; } } } } $out = ''; switch ($vars['mode']) { case 'id': if (!empty($webuser->id)) { $out = $webuser->id; } break; case 'username': if (!empty($webuser->username)) { $out = $webuser->username; } break; case 'fullname': if (!empty($webuser->fullname)) { $out = $webuser->fullname; } break; case 'gender': if (!empty($webuser->gender)) { $out = $webuser->gender; } break; case 'newsletter': $out = $webuser->newsletter; break; case 'email': if (!empty($webuser->email)) { $out = $webuser->email; } break; case 'authenticate': $webuser_website = $vars['website']; if (empty($webuser_website)) { $webuser_website = $website->id; } $signin_username = $_REQUEST[empty($vars['username_field']) ? 'signin_username' : $vars['username_field']]; $signin_password = $_REQUEST[empty($vars['password_field']) ? 'signin_password' : $vars['password_field']]; // a page may have several forms, which one do we have to check? if (!empty($vars['form'])) { list($field_name, $field_value) = explode('=', $vars['form']); if ($_POST[$field_name] != $field_value) { return; } } // ignore empty (or partial empty) forms if (!empty($signin_username) && !empty($signin_password)) { $signed_in = $webuser->authenticate($webuser_website, $signin_username, $signin_password); if (!$signed_in) { $message = $webgets[$webget]['translations']['login_incorrect']; if (empty($vars['notify'])) { $vars['notify'] = 'inline'; } switch ($vars['notify']) { case 'alert': nvweb_after_body('js', 'alert("' . $message . '");'); break; case 'inline': $out = '<div class="nvweb-signin-form-error">' . $message . '</div>'; break; // javascript callback // javascript callback default: nvweb_after_body('js', $vars['error_callback'] . '("' . $message . '");'); break; } } else { $webuser->set_cookie(); if (!empty($vars['notify'])) { if ($vars['notify'] == 'callback') { nvweb_after_body('js', $vars['callback'] . '(true);'); } } } } break; case 'signout_link': $out = NVWEB_ABSOLUTE . $website->homepage() . '?webuser_signout'; break; case 'forgot_password': // pre checks: correct form, not spambot, email not empty and valid // load the associated user account // create temporary password and send email // TODO: don't change the password, just generate a link and let the user enter their preferred new password // a page may have several forms, which one do we have to check? if (!empty($vars['form'])) { list($field_name, $field_value) = explode('=', $vars['form']); if ($_POST[$field_name] != $field_value) { return; } } // check if this send request really comes from the website and not from a spambot if (parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->subdomain . '.' . $website->domain && parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->domain) { return; } if (empty($vars['email_field'])) { $vars['email_field'] = 'newsletter_email'; } $email = $_REQUEST[$vars['email_field']]; $email = filter_var($email, FILTER_SANITIZE_EMAIL); if (!empty($vars['email_field']) && !empty($email)) { $ok = false; if (filter_var($email, FILTER_VALIDATE_EMAIL) !== FALSE) { $wu_id = $DB->query_single('id', 'nv_webusers', ' email = ' . protect($email) . ' AND website = ' . $website->id); $wu = new webuser(); if (!empty($wu_id)) { $wu->load($wu_id); if ($wu->access == 0 || $wu->access == 2 && ($wu->access_begin == 0 || time() > $wu->access_begin) && ($wu->access_end == 0 || time() < $wu->access_end)) { // generate new password $password = generate_password(8, false, 'luds'); $wu->set_password($password); $ok = $wu->save(); // send a message to communicate the new webuser's email $message = navigate_compose_email(array(array('title' => $website->name, 'content' => t(451, "This is an automated e-mail sent as a result of a password request process. If you received this e-mail by error just ignore it.")), array('title' => t(1, "User"), 'content' => $wu->username), array('title' => t(2, "Password"), 'content' => $password), array('footer' => '<a href="' . $website->absolute_path() . $website->homepage() . '">' . $website->name . '</a>'))); @nvweb_send_email($website->name, $message, $wu->email); } } } if ($ok) { $message = $webgets[$webget]['translations']['forgot_password_success']; } else { $message = $webgets[$webget]['translations']['forgot_password_error']; } if (empty($vars['notify'])) { $vars['notify'] = 'inline'; } switch ($vars['notify']) { case 'alert': nvweb_after_body('js', 'alert("' . $message . '");'); break; case 'inline': if ($ok) { $out = '<div class="nvweb-forgot-password-form-success">' . $message . '</div>'; } else { $out = '<div class="nvweb-forgot-password-form-error">' . $message . '</div>'; } break; case 'boolean': $out = $ok; break; case 'false': break; // javascript callback // javascript callback case 'callback': default: if ($ok) { nvweb_after_body('js', $vars['callback'] . '("' . $message . '");'); } else { if (!empty($vars['error_callback'])) { nvweb_after_body('js', $vars['error_callback'] . '("' . $message . '");'); } else { nvweb_after_body('js', $vars['callback'] . '("' . $message . '");'); } } break; } } break; case 'signup': // TODO // pre checks: correct form, not spambot, email not empty and valid // get the profile data from the form // more checks: password strength & confirmation, etc. // save the new webuser account // prepare account confirmation (unless not required by webget attributes) // leave the account blocked // generate an activation key // send confirmation email // if no account confirmation is required, auto login break; case 'avatar': $size = '48'; $extra = ''; if (!empty($vars['size'])) { $size = intval($vars['size']); } if (!empty($vars['border'])) { $extra .= '&border=' . $vars['border']; } if (!empty($webuser->avatar)) { $out = '<img class="' . $vars['class'] . '" src="' . NVWEB_OBJECT . '?type=image' . $extra . '&id=' . $webuser->avatar . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { if (!empty($vars['default'])) { // the comment creator has not an avatar, but the template wants to show a default one // 3 cases: // numerical -> ID of the avatar image file in Navigate CMS // absolute path (http://www...) // relative path (/img/avatar.png) -> path to the avatar file included in the THEME used if (is_numeric($vars['default'])) { $out = '<img class="' . $vars['class'] . '" src="' . NVWEB_OBJECT . '?type=image' . $extra . '&id=' . $vars['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { if (strpos($vars['default'], 'http://') === 0) { $out = '<img class="' . $vars['class'] . '" src="' . $vars['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { if ($vars['default'] == 'none') { $out = ''; } else { $out = '<img class="' . $vars['class'] . '"src="' . NAVIGATE_URL . '/themes/' . $website->theme . '/' . $vars['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } } } } else { $gravatar_hash = ""; $gravatar_default = 'blank'; if (!empty($vars['gravatar_default'])) { $gravatar_default = $vars['gravatar_default']; } if (!empty($webuser->email)) { $gravatar_hash = md5(strtolower(trim($webuser->email))); } if (!empty($gravatar_hash) && $gravatar_default != 'none') { // gravatar real url: https://www.gravatar.com/avatar/ // we use libravatar to get more userbase $gravatar_url = 'https://seccdn.libravatar.org/avatar/' . $gravatar_hash . '?s=' . $size . '&d=' . $gravatar_default; $out = '<img class="' . $vars['class'] . '" src="' . $gravatar_url . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { $out = '<img class="' . $vars['class'] . '" src="data:image/gif;base64,R0lGODlhAQABAPAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" width="' . $size . 'px" height="' . $size . 'px"/>'; } } } break; case 'newsletter_subscribe': // a page may have several forms, which one do we have to check? if (!empty($vars['form'])) { list($field_name, $field_value) = explode('=', $vars['form']); if ($_POST[$field_name] != $field_value) { return; } } // check if this send request really comes from the website and not from a spambot if (parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->subdomain . '.' . $website->domain && parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->domain) { return; } if (empty($vars['email_field'])) { $vars['email_field'] = 'newsletter_email'; } $email = $_REQUEST[$vars['email_field']]; $email = filter_var($email, FILTER_SANITIZE_EMAIL); if (!empty($vars['email_field']) && !empty($email)) { $ok = false; if (filter_var($email, FILTER_VALIDATE_EMAIL) !== FALSE) { $wu_id = $DB->query_single('id', 'nv_webusers', ' email = ' . protect($email) . ' AND website = ' . $website->id); $wu = new webuser(); if (!empty($wu_id)) { $wu->load($wu_id); if ($wu->access == 0 || $wu->access == 2 && ($wu->access_begin == 0 || time() > $wu->access_begin) && ($wu->access_end == 0 || time() < $wu->access_end)) { $wu->newsletter = 1; $ok = $wu->save(); } } if (empty($wu_id) || $wu->access == 1 && !empty($wu->activation_key)) { // create a new webuser account with that email $username = strtolower(substr($email, 0, strpos($email, '@'))); // left part of the email if (!empty($username) && !in_array($username, array('info', 'admin', 'contact', 'demo', 'test'))) { // check if the proposed username already exists, // in that case use the full email as username // ** if the email already exists, the subscribe process only updates the newsletter setting! $wu_id = $DB->query_single('id', 'nv_webusers', ' username = '******' AND website = ' . $website->id); } if (!empty($wu_id)) { // oops, user already exists... try another username -- the full email address $wu_id = $DB->query_single('id', 'nv_webusers', ' username = '******' AND website = ' . $website->id); if (empty($wu_id)) { // ok, email is a new username $username = $email; } else { // nope, email is already used (this code should never execute **) $username = uniqid($username . '-'); } } else { // new sign up $wu->id = 0; $wu->website = $website->id; $wu->email = $email; $wu->newsletter = 1; $wu->language = $current['lang']; // infer the webuser language by the active website language $wu->username = $username; $wu->access = 1; // user is blocked until the server recieves an email confirmation } $wu->activation_key = md5($wu->email . rand(1, 9999999)); $ok = $wu->save(); // send a message to verify the new user's email $email_confirmation_link = $website->absolute_path() . '/nv.webuser/verify?email=' . $wu->email . '&hash=' . $wu->activation_key; $message = navigate_compose_email(array(array('title' => $website->name, 'content' => $webgets[$webget]['translations']['click_to_confirm_account'] . '<br />' . '<a href="' . $email_confirmation_link . '">' . $email_confirmation_link . '</a>'), array('footer' => $webgets[$webget]['translations']['email_confirmation_notice'] . '<br />' . '<a href="' . $website->absolute_path() . $website->homepage() . '">' . $website->name . '</a>'))); @nvweb_send_email($website->name, $message, $wu->email); $pending_confirmation = true; } } $message = $webgets[$webget]['translations']['subscribe_error']; if ($pending_confirmation) { $message = $webgets[$webget]['translations']['email_confirmation']; } else { if ($ok) { $message = $webgets[$webget]['translations']['subscribed_ok']; } } if (empty($vars['notify'])) { $vars['notify'] = 'inline'; } switch ($vars['notify']) { case 'alert': nvweb_after_body('js', 'alert("' . $message . '");'); break; case 'inline': if ($ok) { $out = '<div class="nvweb-newsletter-form-success">' . $message . '</div>'; } else { $out = '<div class="nvweb-newsletter-form-error">' . $message . '</div>'; } break; case 'boolean': $out = $ok; break; case 'false': break; // javascript callback // javascript callback case 'callback': default: if ($ok) { nvweb_after_body('js', $vars['callback'] . '("' . $message . '");'); } else { if (!empty($vars['error_callback'])) { nvweb_after_body('js', $vars['error_callback'] . '("' . $message . '");'); } else { nvweb_after_body('js', $vars['callback'] . '("' . $message . '");'); } } break; } } break; } return $out; }
function nvweb_gallery($vars = array()) { global $website; global $DB; global $current; global $webgets; $out = ''; $webget = 'gallery'; // the request can come from a free item or from a category, so we have to load the first element available $item = NULL; $border = ''; if (!empty($vars['border'])) { $border = '&border=' . $vars['border']; } $items = PHP_INT_MAX; // number of images shown, 0 => all gallery photos if (!empty($vars['items']) && $vars['items'] != '0') { $items = intval($vars['items']); } $order = 'priority'; // display images using the assigned priority if (!empty($vars['order'])) { $order = $vars['order']; } if (!empty($vars['item'])) { if (is_object($vars['item'])) { $item = $vars['item']; } else { if (is_numeric($vars['item'])) { $item = new item(); $item->load($vars['item']); } } } else { if ($current['type'] == 'item') { // check publishing is enabled $enabled = nvweb_object_enabled($current['object']); if ($enabled || $_REQUEST['preview'] == 'true' && $current['navigate_session'] == 1) { $item = $current['object']; } } else { if ($current['type'] == 'structure') { $DB->query(' SELECT id, permission, date_published, date_unpublish FROM nv_items WHERE category = ' . protect($current['object']->id) . ' AND website = ' . $website->id . ' '); $rs = $DB->first(); $enabled = nvweb_object_enabled($rs); if ($enabled || $_REQUEST['preview'] == 'true' && $current['navigate_session'] == 1) { $item = new item(); $item->load($rs->id); } } } } if ($item == NULL) { return ''; } if (empty($vars['width']) && empty($vars['height'])) { $vars['width'] = 120; $vars['height'] = 90; } else { if (empty($vars['height'])) { $vars['height'] = ''; } else { if (empty($vars['width'])) { $vars['width'] = ''; } } } // which gallery model? $out = array(); switch (@$vars['mode']) { case 'image': if (is_array($item->galleries)) { $gallery = $item->galleries[0]; } if (is_string($item->galleries)) { $gallery = mb_unserialize($item->galleries); $gallery = $gallery[0]; } // no images in the gallery? if (!is_array($gallery)) { return ''; } $gallery = nvweb_gallery_reorder($gallery, $order); $image_ids = array_keys($gallery); $position = intval($vars['position']); $image_selected = $image_ids[$position]; // no image found at the requested position if (empty($image_selected)) { return ''; } list($image_title, $image_description) = nvweb_gallery_image_caption($image_selected, $gallery); if (!empty($vars['return']) && $vars['return'] == 'url') { $out[] = NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $image_selected . '&disposition=inline'; } else { if (!empty($vars['return']) && $vars['return'] == 'thumbnail') { $out[] = '<img src="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $image_selected . '&disposition=inline&width=' . $vars['width'] . '&height=' . $vars['height'] . $border . '" alt="' . $image_description . '" title="' . $image_title . '" />'; } else { if (!empty($vars['return']) && $vars['return'] == 'thumbnail_url') { $out[] = NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $image_selected . '&disposition=inline&width=' . $vars['width'] . '&height=' . $vars['height'] . $border; } else { $out[] = '<div class="nv_gallery_item"> <a class="nv_gallery_a" href="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $image_selected . '&disposition=inline" rel="gallery[item-' . $item->id . ']"> <img class="nv_gallery_image" src="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $image_selected . '&disposition=inline&width=' . $vars['width'] . '&height=' . $vars['height'] . $border . '" alt="' . $image_description . '" title="' . $image_title . '" /> </a> </div>'; } } } break; case 'greybox': /* var image_set = [{'caption': 'Flower', 'url': 'http://static.flickr.com/119/294309231_a3d2a339b9.jpg'}, {'caption': 'Nice waterfall', 'url': 'http://www.widerange.org/images/large/plitvicka.jpg'}]; */ $out[] = '<div class="nv_gallery">'; $gallery = mb_unserialize($item->galleries); $gallery = $gallery[0]; $gallery = nvweb_gallery_reorder($gallery, $order); $first = true; $jsout = "var image_set_" . $item->id . " = ["; $preload = array(); foreach ($gallery as $image => $dictionary) { list($image_title, $image_description) = nvweb_gallery_image_caption($image, $gallery); if ($first) { $out[] = '<a href="#" onclick="return GB_showImageSet(image_set_' . $item->id . ', 1);"> <img class="nv_gallery_image" src="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $image . '&disposition=inline&width=' . $vars['width'] . '&height=' . $vars['height'] . $border . '" alt="' . $image_description . '" title="' . $image_title . '" /> </a>'; } if (!$first) { $jsout .= ',' . "\n"; } $jsout .= '{"caption": "' . $image_title . '", "url": "' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $image . '&disposition=inline"}'; $preload[] = "'" . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $image . '&disposition=inline'; $first = false; $items--; if ($items <= 0) { break; } } $jsout .= "];"; nvweb_after_body('js', $jsout); nvweb_after_body('js', 'AJS.preloadImages(' . implode(',', $preload) . ')'); $out[] = '<div style=" clear: both; "></div>'; $out[] = '</div>'; break; case 'piecemaker': $gallery = mb_unserialize($item->galleries); $gallery = nvweb_gallery_reorder($gallery[0], $order); foreach ($gallery as $image => $dictionary) { list($image_title, $image_description) = nvweb_gallery_image_caption($image, $gallery); $out[] = '<Image Source="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $image . '&disposition=inline&width=' . $vars['width'] . '&height=' . $vars['height'] . $border . '" Title="' . $image_title . '"></Image>'; $items--; if ($items <= 0) { break; } } break; case 'images': // plain IMG without links or divs // TO DO: add alt and title to the image if (is_array($item->galleries)) { $gallery = $item->galleries[0]; } if (is_string($item->galleries)) { $gallery = mb_unserialize($item->galleries); $gallery = $gallery[0]; } $gallery = nvweb_gallery_reorder($gallery, $order); $images = array_keys($gallery); if (empty($images)) { return ''; } foreach ($images as $img) { list($image_title, $image_description) = nvweb_gallery_image_caption($img, $gallery); $out[] = '<img class="nv_gallery_image" src="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $img . '&disposition=inline&width=' . $vars['width'] . '&height=' . $vars['height'] . $border . '" alt="' . $image_description . '" title="' . $image_title . '" />'; $items--; if ($items <= 0) { break; } } break; case 'image_links': // IMG wrapped by a link // TO DO: add alt and title to the image if (is_array($item->galleries)) { $gallery = $item->galleries[0]; } if (is_string($item->galleries)) { $gallery = mb_unserialize($item->galleries); $gallery = $gallery[0]; } $gallery = nvweb_gallery_reorder($gallery, $order); $images = array_keys($gallery); if (empty($images)) { return ''; } foreach ($images as $img) { list($image_title, $image_description) = nvweb_gallery_image_caption($img, $gallery); $out[] = ' <a class="nv_gallery_a" href="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $img . '&disposition=inline"> <img class="nv_gallery_image" src="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $img . '&disposition=inline&width=' . $vars['width'] . '&height=' . $vars['height'] . $border . '" alt="' . $image_description . '" title="' . $image_title . '" /> </a>'; $items--; if ($items <= 0) { break; } } break; case 'prettyphoto': case 'prettyPhoto': default: $out[] = '<div class="nv_gallery">'; if (is_array($item->galleries)) { $gallery = $item->galleries[0]; } if (is_string($item->galleries)) { $gallery = mb_unserialize($item->galleries); $gallery = $gallery[0]; } $gallery = nvweb_gallery_reorder($gallery, $order); $first = true; foreach ($gallery as $image => $dictionary) { if ($vars['only_first'] == 'true') { $style = ' style="display: none;" '; if ($first) { $style = ' style="display: block;" '; } $first = false; } list($image_title, $image_description) = nvweb_gallery_image_caption($img, $gallery); $out[] = '<div class="nv_gallery_item" ' . $style . '> <a class="nv_gallery_a" href="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $image . '&disposition=inline" rel="gallery[item-' . $item->id . ']"> <img class="nv_gallery_image" src="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $image . '&disposition=inline&width=' . $vars['width'] . '&height=' . $vars['height'] . $border . '" alt="' . $image_description . '" title="' . $image_title . '" /> </a> </div>'; $items--; if ($items <= 0) { break; } } $out[] = '<div style=" clear: both; "></div>'; $out[] = '</div>'; break; } $out = implode("\n", $out); return $out; }
function nvweb_metatags($vars = array()) { global $website; global $current; global $DB; global $structure; global $events; // process page title and (to do: get specific metatags) $section = ''; $separator = ' | '; if (!empty($vars['title_separator'])) { $separator = $vars['title_separator']; } switch ($current['type']) { case 'item': $section = $DB->query_single('text', 'nv_webdictionary', ' node_type = ' . protect($current['type']) . ' AND node_id = ' . protect($current['object']->id) . ' AND subtype = ' . protect('title') . ' AND website = ' . $website->id . ' AND lang = ' . protect($current['lang'])); $section = $separator . $section; break; case 'structure': $breadcrumbs = nvweb_breadcrumbs(array('separator' => $separator, 'links' => 'false')); $section = $separator . $breadcrumbs; break; default: } // global website metatags $metatags = $website->metatags; if (is_array($metatags)) { $metatags = $metatags[$current['lang']]; } if (!empty($website->metatag_description[$current['lang']])) { $metatags .= "\n" . '<meta name="language" content="' . $current['lang'] . '" />' . "\n"; } if (!empty($website->metatag_description[$current['lang']])) { $metatags .= "\n" . '<meta name="description" content="' . $website->metatag_description[$current['lang']] . '" />' . "\n"; } // retrieve content tags and add it to the global metatags of the website $tags_website = str_replace(', ', ',', $website->metatag_keywords[$current['lang']]); $tags_website = explode(',', $tags_website); $tags_website = array_filter($tags_website); $tags_content = webdictionary::load_element_strings($current['type'], $current['object']->id); $tags_content = str_replace(', ', ',', @$tags_content[$current['lang']]['tags']); $tags_content = explode(',', $tags_content); $tags_content = array_filter($tags_content); $tags = array_merge($tags_website, $tags_content); $tags = implode(',', $tags); if (strpos($metatags, '<meta name="keywords" content="') !== FALSE) { $metatags = str_replace('<meta name="keywords" content="', '<meta name="keywords" content="' . $tags, $metatags); } else { $metatags .= '<meta name="keywords" content="' . $tags . '" />'; } if (@$vars['generator'] != 'false') { $current_version = update::latest_installed(); $metatags .= "\n" . '<meta name="generator" content="Navigate CMS ' . $current_version->version . '" />'; } if ($website->favicon > 0) { $favicon = NAVIGATE_DOWNLOAD . '?wid=' . $website->id . '&id=' . $website->favicon . '&disposition=inline'; $metatags .= "\n" . '<link rel="shortcut icon" href="' . $favicon . '" />'; } // website public feeds $DB->query('SELECT id FROM nv_feeds WHERE website = ' . $website->id . ' AND permission = 0 AND enabled = 1'); $feeds = $DB->result('id'); for ($f = 0; $f < count($feeds); $f++) { $feed = new feed(); $feed->load($feeds[$f]); if (strpos(strtolower($feed->format), 'rss') !== false) { $mime = 'application/rss+xml'; } else { if (strpos(strtolower($feed->format), 'atom') !== false) { $mime = 'application/atom+xml'; } else { $mime = 'text/xml'; } } $metatags .= "\n" . '<link rel="alternate" type="' . $mime . '" title="' . $feed->dictionary[$current['lang']]['title'] . '" href="' . $website->absolute_path() . $feed->paths[$current['lang']] . '" />'; } $out = '<title>' . $website->name . $section . '</title>' . "\n"; $out .= $metatags; if (!empty($website->additional_scripts) && empty($_SESSION['APP_USER#' . APP_UNIQUE])) { nvweb_after_body('html', $website->additional_scripts); } $events->trigger('metatags', 'render', array('out' => &$out, 'default_title' => $website->name . $section, 'section' => $section)); return $out; }
function nvweb_blocks_render_poll($object) { global $current; global $webgets; global $session; $webget = 'blocks'; nvweb_blocks_init(); if ($object->class != 'poll') { return; } if (!isset($session['polls'][$object->id])) { $session['polls'][$object->id] = false; } if ($_GET['poll_vote'] == $object->id && !empty($_POST['vote'])) { // submit vote and show results if (empty($session['polls'][$object->id])) { foreach ($object->trigger[$current['lang']] as $i => $answer) { if ($answer['code'] == $_POST['vote']) { $object->trigger[$current['lang']][$i]['votes'] = $object->trigger[$current['lang']][$i]['votes'] + 1; } } $object->save(); $session['polls'][$object->id] = true; } $out = nvweb_blocks_render_poll_results($object); echo $out; nvweb_clean_exit(); } else { if ($_GET['poll_result'] == $object->id) { echo nvweb_blocks_render_poll_results($object); nvweb_clean_exit(); } else { if (!empty($session['polls'][$object->id])) { $out = '<div class="block-poll ' . $object->type . '-' . $object->id . '" data-id="' . $object->id . '">'; $out .= nvweb_blocks_render_poll_results($object); $out .= '</div>'; } else { $out = '<div class="block-poll ' . $object->type . '-' . $object->id . '" data-id="' . $object->id . '">'; $out .= '<form action="?" method="post" id="block_poll_' . $object->type . '-' . $object->id . '_form">'; foreach ($object->trigger[$current['lang']] as $answer) { $out .= '<div class="block-poll-answer">'; $out .= ' <input type="radio" id="' . $object->type . '-' . $object->id . '-answer-' . $answer['code'] . '" name="' . $object->type . '-' . $object->id . '-answer" value="' . $answer['code'] . '" />'; $out .= ' <label for="' . $object->type . '-' . $object->id . '-answer-' . $answer['code'] . '">' . $answer['title'] . '</label>'; $out .= '</div>'; } $out .= '<div class="block-poll-actions">'; $out .= ' <input type="submit" id="' . $object->type . '-' . $object->id . '-submit" value="' . $webgets[$webget]['translations']["vote"] . '" />'; $out .= ' <input type="button" value="' . $webgets[$webget]['translations']["results"] . '" />'; $out .= '</div>'; $out .= '</form>'; $out .= '</div>'; nvweb_after_body("js", ' function block_poll_' . $object->id . '_vote() { if(document.querySelector("input[name=\\"' . $object->type . '-' . $object->id . '-answer\\"]:checked")) { var vote_value = document.querySelector("input[name=\\"' . $object->type . '-' . $object->id . '-answer\\"]:checked").value; var request = new XMLHttpRequest(); request.open("POST", "?poll_vote=' . $object->id . '", true); request.setRequestHeader("Content-type","application/x-www-form-urlencoded"); request.onreadystatechange = function() { if (this.readyState === 4) { if (this.status >= 200 && this.status < 400) { var resp = this.responseText; document.querySelector(".' . $object->type . '-' . $object->id . '").innerHTML = resp; } else { // Error } } }; request.send("poll=' . $object->id . '&vote=" + vote_value); request = null; return false; } else return false; } function block_poll_' . $object->id . '_result() { var request = new XMLHttpRequest(); request.open("GET", "?poll_result=' . $object->id . '", true); request.onreadystatechange = function() { if (this.readyState === 4) { if (this.status >= 200 && this.status < 400) { var resp = this.responseText; document.querySelector(".' . $object->type . '-' . $object->id . '").innerHTML = resp; } else { // Error } } }; request.send(); request = null; return false; } document.querySelector("form[id=block_poll_' . $object->type . '-' . $object->id . '_form]").onsubmit = block_poll_' . $object->id . '_vote; document.querySelector(".block-poll-actions input[type=button]").onclick = block_poll_' . $object->id . '_result; '); } } } return $out; }
$html = nvweb_template_parse($html); } // if we have a delayed nv list we need to parse it now if (!empty($current['delayed_nvlists']) || !empty($current['delayed_nvsearches'])) { $html = nvweb_template_parse_lists($html, true); if (strpos($html, '{{nv ') !== false || strpos($html, '<nv ')) { $html = nvweb_template_parse_special($html); $html = nvweb_template_parse_lists($html); $html = nvweb_template_parse($html); } } $html = nvweb_template_oembed_parse($html); $html = nvweb_template_processes($html); $end .= nvweb_after_body('php'); $end = nvweb_after_body('html'); $end .= nvweb_after_body('js'); $end .= "\n\n"; $end .= '</body>'; $html = str_replace('</body>', $end, $html); $html = nvweb_template_tweaks($html); $html = nvweb_template_restore_special($html); $events->trigger('theme', 'after_parse', array('html' => &$html)); $html = nvweb_plugins_event('after_parse', $html); $html = nvweb_template_convert_nv_paths($html); $_SESSION['nvweb.' . $website->id] = $session; session_write_close(); if ($current['navigate_session'] == 1 && APP_DEBUG) { echo $html; echo "\n\r<!--\n\r" . '$current:' . "\n\r"; print_r($current); echo "\n\r!--><!--\n\r" . '$_SESSION:' . "\n\r";
function nvweb_list_paginator($type, $page, $total, $items_per_page, $params = array()) { global $theme; $out = array(); $pages = ceil($total / $items_per_page); $paginator_text_prev = '❬'; $paginator_text_next = '❭'; $paginator_text_first = '❬❘'; $paginator_text_last = '❘❭'; $paginator_text_etc = '…'; if (!empty($params['paginator_prev'])) { $paginator_text_prev = $theme->t($params['paginator_prev']); } if (!empty($params['paginator_next'])) { $paginator_text_next = $theme->t($params['paginator_next']); } if (!empty($params['paginator_first'])) { $paginator_text_first = $theme->t($params['paginator_first']); } if (!empty($params['paginator_last'])) { $paginator_text_last = $theme->t($params['paginator_last']); } if (!empty($params['paginator_etc'])) { $paginator_text_etc = $theme->t($params['paginator_etc']); } // keep existing URL variables except "page" and "route" (route is an internal navigate variable) $url_suffix = ''; if (!is_array($_GET)) { $_GET = array(); } foreach ($_GET as $key => $val) { if ($key == 'page' || $key == 'route') { continue; } if (is_array($val)) { foreach ($val as $val_item) { $url_suffix .= '&' . $key . '[]=' . $val_item; } } else { $url_suffix .= '&' . $key . '=' . $val; } } if ($pages > 1) { switch ($type) { case 'prev/next': $out[] = '<div class="paginator">'; if ($page > 1) { $out[] = '<a href="?page=' . ($page - 1) . $url_suffix . '" rel="prev">' . $paginator_text_prev . '</a>'; } // < if ($page < $pages) { $out[] = '<a href="?page=' . ($page + 1) . $url_suffix . '" rel="next">' . $paginator_text_next . '</a>'; } // ❭ $out[] = '<div style=" clear: both; "></div>'; $out[] = '</div>'; break; case 'first/prev/next/last': $out[] = '<div class="paginator">'; if ($page > 1) { $out[] = '<a href="?page=1' . $url_suffix . '" rel="first">' . $paginator_text_first . '</a>'; // <| $out[] = '<a href="?page=' . ($page - 1) . $url_suffix . '" rel="prev">' . $paginator_text_prev . '</a>'; // < } if ($page < $pages) { $out[] = '<a href="?page=' . ($page + 1) . $url_suffix . '" rel="next">' . $paginator_text_next . '</a>'; // ❭ $out[] = '<a href="?page=' . ($pages - 1) . $url_suffix . '" rel="last">' . $paginator_text_last . '</a>'; // |❭ } $out[] = '<div style=" clear: both; "></div>'; $out[] = '</div>'; break; case 'prev/central/next': $out[] = '<div class="paginator">'; if ($page > 1) { $out[] = '<a href="?page=' . ($page - 1) . $url_suffix . '" rel="prev">' . $paginator_text_prev . '</a>'; } // < for ($p = $page - 2; $p < $page + 3; $p++) { if ($p < 1) { continue; } if ($p > $pages) { break; } if ($p == $page) { $out[] = '<a href="?page=' . $p . $url_suffix . '" class="paginator-current">' . $p . '</a>'; } else { $out[] = '<a href="?page=' . $p . $url_suffix . '">' . $p . '</a>'; } } if ($page < $pages) { $out[] = '<a href="?page=' . ($page + 1) . $url_suffix . '" rel="next">' . $paginator_text_next . '</a>'; } // ❭ $out[] = '<div style=" clear: both; "></div>'; $out[] = '</div>'; break; case 'first/prev/central/next/last': $out[] = '<div class="paginator">'; if ($page > 1) { $out[] = '<a href="?page=1' . $url_suffix . '" rel="first">' . $paginator_text_first . '</a>'; // <| $out[] = '<a href="?page=' . ($page - 1) . $url_suffix . '" rel="prev">' . $paginator_text_prev . '</a>'; // < } for ($p = $page - 2; $p < $page + 3; $p++) { if ($p < 1) { continue; } if ($p > $pages) { break; } if ($p == $page) { $out[] = '<a href="?page=' . $p . $url_suffix . '" class="paginator-current">' . $p . '</a>'; } else { $out[] = '<a href="?page=' . $p . $url_suffix . '">' . $p . '</a>'; } } if ($page < $pages) { $out[] = '<a href="?page=' . ($page + 1) . $url_suffix . '" rel="next">' . $paginator_text_next . '</a>'; // ❭ $out[] = '<a href="?page=' . ($pages - 1) . $url_suffix . '" rel="last">' . $paginator_text_last . '</a>'; // |❭ } $out[] = '<div style=" clear: both; "></div>'; $out[] = '</div>'; break; case 'all_pages': $out[] = '<div class="paginator">'; for ($p = 1; $p <= $pages; $p++) { if ($p == $page) { $out[] = '<a href="?page=' . $p . $url_suffix . '" class="paginator-current">' . $p . '</a>'; } else { $out[] = '<a href="?page=' . $p . $url_suffix . '">' . $p . '</a>'; } } $out[] = '<div style=" clear: both; "></div>'; $out[] = '</div>'; break; case 'true': case 'classic': $out[] = '<div class="paginator">'; if ($page > 1) { $out[] = '<a href="?page=' . ($page - 1) . $url_suffix . '" rel="prev">' . $paginator_text_prev . '</a>'; } // < if ($page == 4) { $out[] = '<a href="?page=1' . $url_suffix . '">1</a>'; } else { if ($page > 3) { $out[] = '<a href="?page=1' . $url_suffix . '">1</a><span class="paginator-etc">' . $paginator_text_etc . '</span>'; } } for ($p = $page - 2; $p < $page + 3; $p++) { if ($p < 1) { continue; } if ($p > $pages) { break; } if ($p == $page) { $out[] = '<a href="?page=' . $p . $url_suffix . '" class="paginator-current">' . $p . '</a>'; } else { $out[] = '<a href="?page=' . $p . $url_suffix . '">' . $p . '</a>'; } } if ($page + 3 == $pages) { $out[] = '<a href="?page=' . $pages . $url_suffix . '">' . $pages . '</a>'; } else { if ($page + 3 < $pages) { $out[] = '<span class="paginator-etc">' . $paginator_text_etc . '</span><a href="?page=' . $pages . $url_suffix . '">' . $pages . '</a>'; } } if ($page < $pages) { $out[] = '<a href="?page=' . ($page + 1) . $url_suffix . '" rel="next">' . $paginator_text_next . '</a>'; } // ❭ $out[] = '<div style=" clear: both; "></div>'; $out[] = '</div>'; break; case 'false': default: // no paginator } } if (!empty($params['paginator_tag_id'])) { $paginator_html = implode("\n", $out); $paginator_func = function () use($params, $paginator_html) { global $html; $html = nvweb_replace_tag_contents($params['paginator_tag_id'], $paginator_html, $html); }; nvweb_after_body('php', $paginator_func); $paginator_html = ""; } else { $paginator_html = implode("\n", $out); } return $paginator_html; }
function nvweb_comments($vars = array()) { global $website; global $DB; global $current; global $webgets; global $dictionary; global $webuser; global $theme; global $events; global $session; $webget = 'comments'; if (!isset($webgets[$webget])) { $webgets[$webget] = array(); global $lang; if (empty($lang)) { $lang = new language(); $lang->load($current['lang']); } // default translations $webgets[$webget]['translations'] = array('post_a_comment' => t(379, 'Post a comment'), 'name' => t(159, 'Name'), 'email' => t(44, 'E-Mail'), 'website' => t(177, 'Website'), 'message' => t(380, 'Message'), 'email_will_not_be_published' => t(381, 'E-Mail will not be published'), 'submit' => t(382, 'Submit'), 'sign_in_or_sign_up_to_post_a_comment' => t(383, 'Sign in or Sign up to post a comment'), 'comments_on_this_entry_are_closed' => t(384, 'Comments on this entry are closed'), 'please_dont_leave_any_field_blank' => t(385, 'Please don\'t leave any field blank'), 'your_comment_has_been_received_and_will_be_published_shortly' => t(386, 'Your comment has been received and will be published shortly'), 'new_comment' => t(387, 'New comment'), 'review_comments' => t(388, 'Review comments')); // theme translations // if the web theme has custom translations for this string subtypes, use it (for the user selected language) /* just add the following translations to your json theme dictionary: "post_a_comment": "Post a comment", "name": "Name", "email": "E-Mail", "website": "Website", "message": "Message", "email_will_not_be_published": "E-Mail will not be published", "submit": "Submit", "sign_in_or_sign_up_to_post_a_comment": "Sign in or Sign up to post a comment", "comments_on_this_entry_are_closed": "Comments on this entry are closed", "please_dont_leave_any_field_blank": "Please don't leave any field blank", "your_comment_has_been_received_and_will_be_published_shortly": "Your comment has been received and will be published shortly", "new_comment": "New comment", "review_comments": "Review comments" */ if (!empty($website->theme) && method_exists($theme, 't')) { foreach ($webgets[$webget]['translations'] as $code => $text) { $theme_translation = $theme->t($code); if (!empty($theme_translation) && $theme_translation != $code) { $webgets[$webget]['translations'][$code] = $theme_translation; } } } } // set default callback if (empty($vars['callback'])) { $vars['callback'] = 'alert'; } // check callback attributes $callback = $vars['callback']; if (!empty($vars['alert_callback'])) { $callback = $vars['alert_callback']; } else { if (!empty($vars['callback_alert'])) { $callback = $vars['callback_alert']; } } $callback_error = $callback; if (!empty($vars['error_callback'])) { $callback_error = $vars['error_callback']; } else { if (!empty($vars['callback_error'])) { $callback_error = $vars['callback_error']; } } $out = ''; // if the current page belongs to a structure entry // we need to get the associated elements to retrieve and post its comments // (because structure entry pages can't have associated comments) // so, ONLY the FIRST element associated to a category can have comments in a structure entry page // (of course if the element has its own page, it can have its own comments) $element = $current['object']; if ($current['type'] == 'structure') { if (empty($current['structure_elements'])) { $current['structure_elements'] = $element->elements(); } $element = $current['structure_elements'][0]; } switch (@$vars['mode']) { case 'process': if (isset($_GET['nv_approve_comment'])) { // process 1-click comment approval $comment = new comment(); $comment->load($_GET['id']); if (!empty($comment->id) && $comment->status == -1) { $hash = $_GET['hash']; if ($hash == sha1($comment->id . $comment->email . APP_UNIQUE . serialize($website->contact_emails))) { // hash check passed $comment->status = 0; $comment->save(); $response = t(555, "Item has been successfully published."); if ($vars['notify'] == 'inline' || $callback == 'inline') { $out = '<div class="comment-success">' . $response . '</div>'; } else { if (!isset($vars['notify']) || $vars['notify'] == 'callback') { nvweb_after_body("js", $callback . '("' . $response . '");'); } } } else { $response = t(344, "Security error"); if ($vars['notify'] == 'inline' || $callback_error == 'inline') { $out = '<div class="comment-error">' . $response . '</div>'; } else { if (!isset($vars['notify']) || $vars['notify'] == 'callback') { nvweb_after_body("js", $callback_error . '("' . $response . '");'); } } } } else { $response = t(56, "Unexpected error"); if ($vars['notify'] == 'inline' || $callback_error == 'inline') { $out = '<div class="comment-error">' . $response . '</div>'; } else { if (!isset($vars['notify']) || $vars['notify'] == 'callback') { nvweb_after_body("js", $callback_error . '("' . $response . '");'); } } } } if (isset($_GET['nv_remove_comment'])) { // process 1-click comment removal $comment = new comment(); $comment->load($_GET['id']); if (!empty($comment->id) && $comment->status == -1) { $hash = $_GET['hash']; if ($hash == sha1($comment->id . $comment->email . APP_UNIQUE . serialize($website->contact_emails))) { // hash check passed $comment->delete(); $response = t(55, "Item successfully deleted"); if ($vars['notify'] == 'inline' || $callback == 'inline') { $out = '<div class="comment-success">' . $response . '</div>'; } else { if (!isset($vars['notify']) || $vars['notify'] == 'callback') { nvweb_after_body("js", $callback . '("' . $response . '");'); } } } else { $response = t(344, "Security error"); if ($vars['notify'] == 'inline' || $callback_error == 'inline') { $out = '<div class="comment-error">' . $response . '</div>'; } else { if (!isset($vars['notify']) || $vars['notify'] == 'callback') { nvweb_after_body("js", $callback_error . '("' . $response . '");'); } } } } else { $response = t(56, "Unexpected error"); if ($vars['notify'] == 'inline' || $callback_error == 'inline') { $out = '<div class="comment-error">' . $response . '</div>'; } else { if (!isset($vars['notify']) || $vars['notify'] == 'callback') { nvweb_after_body("js", $callback_error . '("' . $response . '");'); } } } } if ($_REQUEST['form-type'] == 'comment-reply' || isset($_POST[$vars['field-message']])) { // add comment if (empty($vars['field-name'])) { $vars['field-name'] = 'reply-name'; } if (empty($vars['field-email'])) { $vars['field-email'] = 'reply-email'; } if (empty($vars['field-url'])) { $vars['field-url'] = 'reply-url'; } if (empty($vars['field-message'])) { $vars['field-message'] = 'reply-message'; } if (!empty($vars['element'])) { $element = $vars['element']; } $comment_name = @$_REQUEST[$vars['field-name']]; $comment_email = @$_REQUEST[$vars['field-email']]; $comment_url = @$_REQUEST[$vars['field-url']]; $comment_message = @$_REQUEST[$vars['field-message']]; if ((empty($comment_name) || empty($comment_email)) && empty($webuser->id) || empty($comment_message)) { $response = $webgets[$webget]['translations']['please_dont_leave_any_field_blank']; if ($vars['notify'] == 'inline' || $callback_error == 'inline') { $out = '<div class="comment-error">' . $response . '</div>'; } else { if (!isset($vars['notify']) || $vars['notify'] == 'callback') { nvweb_after_body("js", $callback_error . '("' . $response . '");'); } } return $out; } $status = -1; // new comment, not approved if (empty($element->comments_moderator)) { $status = 0; } // all comments auto-approved // remove any <nv /> or {{nv}} tag $comment_name = core_remove_nvtags($comment_name); $comment_name = strip_tags($comment_name); $comment_message = core_remove_nvtags($comment_message); $comment = new comment(); $comment->id = 0; $comment->website = $website->id; $comment->item = $element->id; $comment->user = empty($webuser->id) ? 0 : $webuser->id; $comment->name = $comment_name; $comment->email = filter_var($comment_email, FILTER_SANITIZE_EMAIL); $comment->url = filter_var($comment_url, FILTER_SANITIZE_URL); $comment->ip = core_ip(); $comment->date_created = core_time(); $comment->date_modified = 0; $comment->status = $status; $comment->message = $comment_message; $properties = array(); // check if there are comment properties values if (isset($vars['field-properties-prefix'])) { // check every possible property $e_properties = property::elements($element->template, 'comment'); for ($ep = 0; $ep < count($e_properties); $ep++) { if (isset($_POST[$vars['field-properties-prefix'] . $e_properties[$ep]->id])) { $properties[$e_properties[$ep]->id] = $_POST[$vars['field-properties-prefix'] . $e_properties[$ep]->id]; } } } // trigger the "new_comment" event through the extensions system before inserting it! $extensions_messages = $events->trigger('comment', 'before_insert', array('comment' => $comment, 'properties' => $properties)); foreach ($extensions_messages as $ext_name => $ext_result) { if (isset($ext_result['error'])) { $response = $ext_result['error']; if ($vars['notify'] == 'inline' || $callback_error == 'inline') { $out = '<div class="comment-error">' . $response . '</div>'; } else { if (!isset($vars['notify']) || $vars['notify'] == 'callback') { nvweb_after_body("js", $callback_error . '("' . $response . '");'); } } return $out; } } $comment->insert(); if (!empty($properties)) { property::save_properties_from_array('comment', $comment->id, $element->template, $properties); } // reload the element to retrieve the new comments $element = new item(); $element->load($comment->item); if ($current['type'] == 'item' && !isset($vars['element'])) { $current['object'] = $element; } // trigger the "new_comment" event through the extensions system $events->trigger('comment', 'after_insert', array('comment' => &$comment, 'properties' => $properties)); if (!empty($comment->id)) { if ($status == -1) { $response = $webgets[$webget]['translations']['your_comment_has_been_received_and_will_be_published_shortly']; if ($vars['notify'] == 'inline' || $callback_error == 'inline') { $out = '<div class="comment-success">' . $response . '</div>'; } else { if (!isset($vars['notify']) || $vars['notify'] == 'callback') { nvweb_after_body("js", $callback . '("' . $response . '");'); } } } else { $response = $webgets[$webget]['translations']['your_comment_has_been_received_and_will_be_published_shortly']; if ($vars['notify'] == 'inline' || $callback_error == 'inline') { $out = '<div class="comment-success">' . $response . '</div>'; } else { if (!isset($vars['notify']) || $vars['notify'] == 'callback') { nvweb_after_body("js", $callback . '("' . $response . '");'); } } } } $notify_addresses = $website->contact_emails; if (!empty($element->comments_moderator)) { $notify_addresses[] = user::email_of($element->comments_moderator); } $hash = sha1($comment->id . $comment->email . APP_UNIQUE . serialize($website->contact_emails)); $base_url = nvweb_source_url('element', $element->id); // default colors $background_color = '#E5F1FF'; $text_color = '#595959'; $title_color = '#595959'; $background_color_db = $DB->query_single('value', 'nv_permissions', 'name = ' . protect("nvweb.comments.background_color") . ' AND website = ' . protect($website->id), 'id DESC'); $text_color_db = $DB->query_single('value', 'nv_permissions', 'name = ' . protect("nvweb.comments.text_color") . ' AND website = ' . protect($website->id), 'id DESC'); $title_color_db = $DB->query_single('value', 'nv_permissions', 'name = ' . protect("nvweb.comments.titles_color") . ' AND website = ' . protect($website->id), 'id DESC'); if (!empty($background_color_db)) { $background_color = str_replace('"', '', $background_color_db); } if (!empty($text_color_db)) { $text_color = str_replace('"', '', $text_color_db); } if (!empty($title_color_db)) { $title_color = str_replace('"', '', $title_color_db); } $message = navigate_compose_email(array(array('title' => t(9, 'Content'), 'content' => $element->dictionary[$current['lang']]['title']), array('title' => $webgets[$webget]['translations']['name'], 'content' => $comment_name . @$webuser->username), array('title' => $webgets[$webget]['translations']['email'], 'content' => $comment_email . @$webuser->email), array('title' => $webgets[$webget]['translations']['website'], 'content' => $comment_url . @$webuser->social_website), array('title' => $webgets[$webget]['translations']['message'], 'content' => nl2br($comment_message)), array('footer' => '<a href="' . NAVIGATE_URL . '/' . NAVIGATE_MAIN . '?wid=' . $website->id . '&fid=10&act=2&tab=5&id=' . $element->id . '"><strong>' . $webgets[$webget]['translations']['review_comments'] . '</strong></a>' . ' | ' . '<a style=" color: #008830" href="' . $base_url . '?nv_approve_comment&id=' . $comment->id . '&hash=' . $hash . '">' . t(258, "Publish") . '</a>' . ' | ' . '<a style=" color: #FF0090" href="' . $base_url . '?nv_remove_comment&id=' . $comment->id . '&hash=' . $hash . '">' . t(525, "Remove comment (without confirmation)") . '</a>')), array('background' => $background_color, 'title-color' => $title_color, 'content-color' => $text_color)); // trying to implement One-Click actions (used in Google GMail) // You need to be registered with Google first: https://developers.google.com/gmail/markup/registering-with-google $one_click_actions = ' <script type="application/ld+json"> { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "name": "' . $webgets[$webget]['translations']['review_comments'] . '", "url": "' . NAVIGATE_URL . '/' . NAVIGATE_MAIN . '?wid=' . $website->id . '&fid=10&act=2&tab=5&id=' . $element->id . '" } } </script> '; $message = '<html><head>' . $one_click_actions . '</head><body>' . $message . '</body></html>'; foreach ($website->contact_emails as $contact_address) { @nvweb_send_email($website->name . ' | ' . $webgets[$webget]['translations']['new_comment'], $message, $contact_address, null, true); } } break; case 'reply': if ($element->comments_enabled_to == 2 && empty($webuser->id)) { // Post a comment form (unsigned users) $out = ' <div class="comments-reply"> <div><div class="comments-reply-info">' . $webgets[$webget]['translations']['post_a_comment'] . '</div></div> <br /> <form action="' . NVWEB_ABSOLUTE . '/' . $current['route'] . '" method="post"> <input type="hidden" name="form-type" value="comment-reply" /> <div class="comments-reply-field"><label>' . $webgets[$webget]['translations']['name'] . '</label> <input type="text" name="reply-name" value="" /></div> <div class="comments-reply-field"><label>' . $webgets[$webget]['translations']['email'] . ' *</label> <input type="text" name="reply-email" value="" /></div> <div class="comments-reply-field"><label>' . $webgets[$webget]['translations']['message'] . '</label> <textarea name="reply-message"></textarea></div> <!-- {{navigate-comments-reply-extra-fields-placeholder}} --> <div class="comments-reply-field comments-reply-field-info-email"><label> </label> * ' . $webgets[$webget]['translations']['email_will_not_be_published'] . '</div> <div class="comments-reply-field comments-reply-field-submit"><input class="comments-reply-submit" type="submit" value="' . $webgets[$webget]['translations']['submit'] . '" /></div> </form> </div> '; $extensions_messages = $events->trigger('comment', 'reply_extra_fields', array('html' => &$out)); // add any extra field generated if (!empty($extensions_messages)) { $extra_fields = array_map(function ($v) { return $v; }, array_values($extensions_messages)); $out = str_replace('<!-- {{navigate-comments-reply-extra-fields-placeholder}} -->', implode("\n", $extra_fields), $out); } } else { if ($element->comments_enabled_to > 0 && !empty($webuser->id)) { // Post a comment form (signed in users) if (empty($vars['avatar_size'])) { $vars['avatar_size'] = 32; } $avatar_url = NVWEB_OBJECT . '?type=blank'; if (!empty($webuser->avatar)) { $avatar_url = NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $webuser->avatar . '&disposition=inline&width=' . $vars['avatar_size'] . '&height=' . $vars['avatar_size']; } $out = ' <div class="comments-reply"> <div><div class="comments-reply-info">' . $webgets[$webget]['translations']['post_a_comment'] . '</div></div> <br /> <form action="' . NVWEB_ABSOLUTE . '/' . $current['route'] . '" method="post"> <input type="hidden" name="form-type" value="comment-reply" /> <div class="comments-reply-field"><label style="display: none;"> </label> <img src="' . $avatar_url . '" width="' . $vars['avatar_size'] . '" height="' . $vars['avatar_size'] . '" align="absmiddle" /> <span class="comments-reply-username">' . $webuser->username . '</span><a class="comments-reply-signout" href="?webuser_signout">(x)</a></div> <br /> <div class="comments-reply-field"><label>' . $webgets[$webget]['translations']['message'] . '</label> <textarea name="reply-message"></textarea></div> <!-- {{navigate-comments-reply-extra-fields-placeholder}} --> <div class="comments-reply-field-submit"><input class="comments-reply-submit" type="submit" value="' . $webgets[$webget]['translations']['submit'] . '" /></div> </form> </div> '; $extensions_messages = $events->trigger('comment', 'reply_extra_fields', array('html' => $out)); // add any extra field generated if (!empty($extensions_messages)) { $extra_fields = array_map(function ($v) { return $v; }, array_values($extensions_messages)); $out = str_replace('<!-- {{navigate-comments-reply-extra-fields-placeholder}} -->', implode("\n", $extra_fields), $out); } } else { if ($element->comments_enabled_to == 1) { $out = '<div class="comments-reply"> <div class="comments-reply-info">' . $webgets[$webget]['translations']['sign_in_or_sign_up_to_post_a_comment'] . '</div> </div>'; } else { $out = '<div class="comments-reply"> <div class="comments-reply-info">' . $webgets[$webget]['translations']['comments_on_this_entry_are_closed'] . '</div> </div>'; } } } break; case 'comments': setlocale(LC_ALL, $website->languages[$session['lang']]['system_locale']); list($comments, $comments_total) = nvweb_comments_list(0, NULL, NULL, $vars['order']); // get all comments of the current entry if (empty($vars['avatar_size'])) { $vars['avatar_size'] = '48'; } if (empty($vars['date_format'])) { $vars['date_format'] = '%d %B %Y %H:%M'; } for ($c = 0; $c < $comments_total; $c++) { $avatar = $comments[$c]->avatar; if (!empty($avatar)) { $avatar = '<img src="' . NVWEB_OBJECT . '?type=image&id=' . $avatar . '" width="' . $vars['avatar_size'] . 'px" height="' . $vars['avatar_size'] . 'px"/>'; } else { $avatar = '<img src="data:image/gif;base64,R0lGODlhAQABAPAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" width="' . $vars['avatar_size'] . 'px" height="' . $vars['avatar_size'] . 'px"/>'; } $comment = new comment(); $comment->load_from_resultset(array($comments[$c])); $depth = 'data-depth="' . $comment->depth() . '"'; $out .= ' <div class="comment"' . $depth . '> <div class="comment-avatar">' . $avatar . '</div> <div class="comment-username">' . (!empty($comments[$c]->username) ? $comments[$c]->username : $comments[$c]->name) . '</div> <div class="comment-date">' . Encoding::toUTF8(strftime($vars['date_format'], $comments[$c]->date_created)) . '</div> <div class="comment-message">' . nl2br($comments[$c]->message) . '</div> <div style="clear:both"></div> </div> '; } break; } return $out; }
function nvweb_liveedit($vars = array()) { global $website; global $current; global $DB; global $lang; global $theme; global $session; global $webuser; $out = array(); $url = ''; if (!empty($_SESSION['APP_USER#' . APP_UNIQUE])) { switch ($current['type']) { case 'item': $url = NAVIGATE_URL . '/' . NAVIGATE_MAIN . '?fid=10&act=2&id=' . $current['object']->id . '&tab=2&tab_language=' . $current['lang'] . '&quickedit=true&wid=' . $website->id; break; case 'structure': // load the first item $DB->query(' SELECT id FROM nv_items WHERE category = ' . protect($current['category']) . ' AND permission < 2 AND website = ' . $website->id . ' '); $rs = $DB->first(); $url = NAVIGATE_URL . '/' . NAVIGATE_MAIN . '?fid=10&act=2&id=' . $rs->id . '&tab=2&quickedit=true&wid=' . $website->id; break; default: } if (empty($lang)) { $lang = new language(); $lang->load($current['lang']); } // add jQuery if has not already been loaded in the template $includes = array(); if (strpos($vars['nvweb_html'], 'jquery') === false) { $includes[] = '<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>'; } $includes[] = '<script language="javascript" type="text/javascript" src="' . NAVIGATE_URL . '/js/navigate_liveedit.js"></script>'; $includes[] = '<link rel="stylesheet" type="text/css" href="' . NAVIGATE_URL . '/css/tools/navigate_liveedit.css" />'; nvweb_after_body('html', implode("\n", $includes) . "\n"); $comments = comment::pending_count(); // TODO: check user permissions before allowing "Create", "Edit" and other functions $out[] = '<div id="navigate_liveedit_bar" style="display: none;">'; $out[] = ' <a href="' . NAVIGATE_URL . '/' . NAVIGATE_MAIN . '" target="_blank"><img src="' . NAVIGATE_URL . '/img/navigatecms/navigatecms_logo_52x24_white.png" width="52" height="24" /></a>'; $out[] = ' <div> <ul class="navigate_liveedit_bar_menu"> <li><a href="' . NAVIGATE_URL . '/' . NAVIGATE_MAIN . '?fid=blocks&act=create" target="_blank"><img src="' . NAVIGATE_URL . '/img/icons/silk/brick.png" /> ' . t(437, 'Block') . '</a></li> <li><a href="' . NAVIGATE_URL . '/' . NAVIGATE_MAIN . '?fid=structure&act=create" target="_blank"><img src="' . NAVIGATE_URL . '/img/icons/silk/sitemap_color.png" /> ' . t(479, 'Structure entry') . '</a></li> <li><a href="' . NAVIGATE_URL . '/' . NAVIGATE_MAIN . '?fid=items&act=create" target="_blank"><img src="' . NAVIGATE_URL . '/img/icons/silk/page.png" /> ' . t(180, 'Item') . '</a></li> </ul> <a href="' . NAVIGATE_URL . '/' . NAVIGATE_MAIN . '?fid=items&act=create" target="_blank"><img src="' . NAVIGATE_URL . '/img/icons/silk/page_add.png" /> ' . t(38, 'Create') . '</a> </div> '; $out[] = ' <a href="' . NAVIGATE_URL . '/' . NAVIGATE_MAIN . '?fid=comments" target="_blank"><img src="' . NAVIGATE_URL . '/img/icons/silk/comments.png" /> ' . $comments . '</a>'; //$out[] = ' <div id="navigate_liveedit_bar_liveedit_button"><img src="'.NAVIGATE_URL.'/img/icons/silk/shape_square_select.png" /> '.t(458, 'Edit in place').'</div>'; $out[] = ' <div id="navigate_liveedit_bar_hide_button" style=" float: right; " title="' . t(554, 'Hide') . '">x</div>'; if (!empty($url)) { $out[] = '<a style="float: right;" href="' . $url . '" target="_blank"> <img src="' . NAVIGATE_URL . '/img/icons/silk/application_double.png" /> ' . t(456, 'Edit in Navigate CMS') . ' </a>'; } $out[] = ' <div id="navigate_liveedit_bar_information_button" style=" float: right; "><img src="' . NAVIGATE_URL . '/img/icons/silk/information.png" /> ' . t(457, 'Information') . '</div>'; $page_type = array('item' => t(180, 'Item'), 'structure' => t(16, 'Structure')); $page_type = $page_type[$current['type']]; $out[] = ' <div id="navigate_liveedit_bar_information">'; $out[] = ' <span>' . t(368, 'Theme') . ' <strong>' . $theme->title . '</strong></span>'; $out[] = ' <span>' . t(79, 'Template') . ' <strong>' . $theme->template_title($current['template'], false) . '</strong></span>'; $out[] = ' <span>' . t(160, 'Type') . ' <strong>' . $page_type . '</strong></span>'; $out[] = ' <span>ID <strong>' . $current['id'] . '</strong></span>'; $out[] = ' <span>' . t(46, 'Language') . ' <strong>' . language::name_by_code($session['lang']) . '</strong></span>'; $out[] = ' <span>' . t(647, 'Webuser') . ' <strong>' . (empty($webuser->id) ? '(' . mb_strtolower(t(581, "None")) . ')' : $webuser->username . ' (' . $webuser->id . ')') . '</strong></span>'; /* elements associated to this structure entry if($current['type']=='structure') { if(empty($current['structure_elements'])) $current['structure_elements'] = $current['object']->elements(); $se_ids = array(); for($se=0; $se < count($current['structure_elements']); $se++) $se_ids[] = $current['structure_elements'][$se]->id; if(!empty($se_ids)) $out[] = ' <span>'.t(22, 'Elements').' <strong>'.implode(', ', $se_ids).'</strong></span>'; } */ $out[] = ' </div>'; $out[] = '</div>'; } return implode("\n", $out); }
function nvweb_archive_render($type, $dataset, $archive_url, $categories) { global $website; global $session; $out = array(); setlocale(LC_ALL, $website->languages[$session['lang']]['system_locale']); if ($type == 'year' || $type == 'year-collapsed') { $year_months = array(); $year_stats = array(); foreach ($dataset as $row) { $year_months[$row->year][] = '<div> <a href="' . $archive_url . '?archive=' . $row->year . '-' . $row->month . '-' . implode(',', $categories) . '">' . Encoding::toUTF8(ucfirst(strftime('%B', mktime(0, 0, 0, $row->month, 1, 2000)))) . ' (' . $row->total . ') </a> </div>'; $year_stats[$row->year]['total'] += $row->total; } $first = ''; // default: show months of the first year in the list if ($type == 'year-collapsed') { // alternative: hide months for the first year, too $first = 'display: none;'; } foreach ($year_months as $year => $months) { $out[] = '<div class="nv-year"><a href="#" style=" display: block;" onclick=" return false; ">» ' . $year . ' (' . $year_stats[$year]['total'] . ')</a></div>'; $out[] = '<div style="' . $first . ' margin-left: 20px;" class="nv-year-months">'; $out[] = implode("\n", $months); $out[] = '</div>'; $first = 'display: none;'; } nvweb_after_body('js', ' jQuery(".nv-year").on("click", function() { $(this).next().toggle() }); '); } else { if ($type == 'month') { foreach ($dataset as $row) { $out[] = '<div> <a href="' . $archive_url . '?archive=' . $row->year . '-' . $row->month . '-' . implode(',', $categories) . '">' . Encoding::toUTF8(ucfirst(strftime('%B', mktime(0, 0, 0, $row->month, 1, 2000)))) . ' ' . $row->year . ' (' . $row->total . ') </a> </div>'; } } } $out = implode("\n", $out); return $out; }