function email_build_note_message($p_note_id, &$subject, &$content) { $note = note_get_info(note_where_id_equals($p_note_id)); if ($note === false) { return false; } extract($note, EXTR_PREFIX_ALL, 'note'); $page = page_get_info(page_where_id_equals($note_page_id)); if ($page === false) { return false; } extract($page, EXTR_PREFIX_ALL, 'page'); $subject = "[{$page_page}] {$note_email}"; $content = ''; $content .= str_pad('', 70, '=') . "\n"; $content .= 'http://' . $_SERVER['SERVER_ADDR'] . $page_url . "\n"; $content .= str_pad('', 70, '-') . "\n"; $content .= "Note Id: {$note_id}\n"; $content .= "Email: {$note_email}\n"; $content .= "IP: {$note_ip}\n"; $content .= "Date Submitted: " . date('d-M-Y H:i:s', $note_date_submitted) . "\n"; $content .= "Visible: " . ($note_visible ? "Yes" : "No") . "\n"; $content .= str_pad('', 70, '-') . "\n"; $content .= $note_note . "\n"; $content .= str_pad('', 70, '=') . "\n"; return true; }
access_ensure_check_action(ACTION_NOTES_SUBMIT); $f_page_id = gpc_get_int('f_page_id'); $f_note_id = gpc_get_int('f_note_id'); $f_email = stripslashes(gpc_get_string('f_email')); $f_note = stripslashes(gpc_get_string('f_note')); ### insert note if (0 == $f_note_id) { $result = note_add($f_page_id, $f_email, $REMOTE_ADDR, $f_note); if ($result !== false) { email_note_added($result); } } else { $result = note_update($f_note_id, $f_email, $f_note); email_note_updated($f_note_id); } $t_page_info = page_get_info(page_where_id_equals($f_page_id)); if (false === $t_page_info) { echo "page not found"; exit; } $t_url = $t_page_info['url']; print_html_top(); print_head_top(); print_title($g_window_title); print_css($g_css_inc_file); if ($result) { print_meta_redirect($t_url, $g_time_wait); } print_head_bottom(); print_body_top(); print_header($g_page_title);
# -------------------------------------------------------- require_once 'core' . DIRECTORY_SEPARATOR . 'api.php'; login_cookie_check(); if (!isset($f_action)) { echo 'f_action not defined<br />'; exit; } # @@@@ add handling for confirm? # The access level check is done in the APIs if (isset($f_note_id)) { $t_note_info = note_get_info(note_where_id_equals($f_note_id)); if (false === $t_note_info) { echo "note not found"; exit; } $t_page_info = page_get_info(page_where_id_equals($t_note_info['page_id'])); if (false === $t_page_info) { echo "page not found"; exit; } $t_url = $t_page_info['url']; if ('accept' === $f_action) { note_accept($f_note_id); } else { if ('decline' === $f_action) { note_decline($f_note_id); } else { if ('archive' === $f_action) { note_archive($f_note_id); } else { if ('delete' === $f_action) {
function page_prepare_theme_data($p_page_id) { $t_page_data = array(); $t_page_info = page_get_info(page_where_id_equals($p_page_id)); if (false === $t_page_info) { return false; } $t_page_data['id'] = $t_page_info['id']; $t_page_data['page'] = $t_page_info['page']; $t_page_data['url'] = $t_page_info['url']; $t_page_data['last_updated'] = $t_page_info['last_updated']; $t_page_data['preview'] = false; $t_prev_page = page_get_info(page_where_id_equals($t_page_info['prev_id'])); $t_next_page = page_get_info(page_where_id_equals($t_page_info['next_id'])); if (false === $t_prev_page) { $t_page_data['prev_page'] = ''; $t_page_data['prev_url'] = ''; } else { $t_page_data['prev_page'] = $t_prev_page['page']; $t_page_data['prev_url'] = $t_prev_page['url']; } if (false === $t_next_page) { $t_page_data['next_page'] = ''; $t_page_data['next_url'] = ''; } else { $t_page_data['next_page'] = $t_next_page['page']; $t_page_data['next_url'] = $t_next_page['url']; } $t_page_data['notes'] = note_get_all_visible($p_page_id); return $t_page_data; }
function note_get_all_visible($p_page_id) { $notes = array(); $t_page_info = page_get_info(page_where_id_equals($p_page_id)); if (false === $t_page_info) { return false; } $c_page_id = db_prepare_int($p_page_id); $query = "SELECT *, UNIX_TIMESTAMP(date_submitted) as date_submitted\r\n\t\t\t\tFROM " . config_get('phpWN_note_table') . "\r\n\t\t\t\tWHERE page_id={$c_page_id}\r\n\t\t\t\tORDER BY date_submitted " . config_get('note_order'); $result = db_query($query); while ($row = db_fetch_array($result)) { extract($row, EXTR_PREFIX_ALL, 'v'); if (NOTE_VISIBLE_PENDING == $v_visible && access_check_action(ACTION_NOTES_VIEW_PENDING) === false) { continue; } if (NOTE_VISIBLE_ACCEPTED == $v_visible && access_check_action(ACTION_NOTES_VIEW_ACCEPTED) === false) { continue; } if (NOTE_VISIBLE_DECLINED == $v_visible && access_check_action(ACTION_NOTES_VIEW_DECLINED) === false) { continue; } if (NOTE_VISIBLE_ARCHIVED == $v_visible && access_check_action(ACTION_NOTES_VIEW_ARCHIVED) === false) { continue; } if (NOTE_VISIBLE_DELETED == $v_visible && access_check_action(ACTION_NOTES_VIEW_DELETED) === false) { continue; } $info['visible'] = $v_visible; $info['id'] = $v_id; $info['email'] = string_prepare_note_for_viewing($v_email, $t_page_info['url']); $info['note'] = string_prepare_note_for_viewing($v_note, $t_page_info['url']); $info['date'] = $v_date_submitted; $notes[] = $info; } return $notes; }