function spa_render_options_container($formid)
{
switch ($formid) {
case 'global':
include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-global-form.php';
spa_options_global_form();
break;
case 'display':
include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-display-form.php';
spa_options_display_form();
break;
case 'content':
include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-content-form.php';
spa_options_content_form();
break;
case 'members':
include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-members-form.php';
spa_options_members_form();
break;
case 'email':
include_once SF_PLUGIN_DIR . '/admin/panel-options/forms/spa-options-email-form.php';
spa_options_email_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_integration_container($formid)
{
switch ($formid) {
case 'page':
include_once SF_PLUGIN_DIR . '/admin/panel-integration/forms/spa-integration-page-form.php';
spa_integration_page_form();
break;
case 'storage':
include_once SF_PLUGIN_DIR . '/admin/panel-integration/forms/spa-integration-storage-form.php';
spa_integration_storage_form();
break;
case 'language':
include_once SF_PLUGIN_DIR . '/admin/panel-integration/forms/spa-integration-language-form.php';
spa_integration_language_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_themes_container($formid)
{
switch ($formid) {
case 'theme-list':
include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-list-form.php';
spa_themes_list_form();
break;
case 'mobile':
include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-mobile-form.php';
spa_themes_mobile_form();
break;
case 'tablet':
include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-tablet-form.php';
spa_themes_tablet_form();
break;
case 'editor':
include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-editor-form.php';
spa_themes_editor_form();
break;
case 'theme-upload':
include_once SF_PLUGIN_DIR . '/admin/panel-themes/forms/spa-themes-upload-form.php';
spa_themes_upload_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_admins_container($formid)
{
switch ($formid) {
case 'youradmin':
include_once SF_PLUGIN_DIR . '/admin/panel-admins/forms/spa-admins-your-options-form.php';
spa_admins_your_options_form();
break;
case 'globaladmin':
include_once SF_PLUGIN_DIR . '/admin/panel-admins/forms/spa-admins-global-options-form.php';
spa_admins_global_options_form();
break;
case 'manageadmin':
require_once ABSPATH . 'wp-admin/includes/admin.php';
include_once SF_PLUGIN_DIR . '/admin/panel-admins/forms/spa-admins-manage-admins-form.php';
spa_admins_manage_admins_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function sp_build_url($forumslug, $topicslug, $pageid, $postid = 0, $postindex = 0, $rss = 0)
{
if ($postid != 0 && $pageid == 0) {
$pageid = sp_determine_page($forumslug, $topicslug, sp_esc_int($postid), sp_esc_int($postindex));
}
$url = trailingslashit(sp_url());
if ($forumslug) {
$url .= $forumslug;
}
if ($topicslug) {
$url .= '/' . $topicslug;
}
if ($rss) {
if (!empty($forumslug) || !empty($topicslug)) {
$url .= '/';
}
$url .= 'rss';
}
if ($pageid > 1) {
$url .= '/page-' . $pageid;
}
$url = user_trailingslashit($url);
if ($postid) {
$url .= '#p' . $postid;
}
return esc_url($url);
}
function spa_render_profiles_container($formid)
{
switch ($formid) {
case 'options':
include_once SF_PLUGIN_DIR . '/admin/panel-profiles/forms/spa-profiles-options-form.php';
spa_profiles_options_form();
break;
case 'tabsmenus':
include_once SF_PLUGIN_DIR . '/admin/panel-profiles/forms/spa-profiles-tabs-menus-form.php';
spa_profiles_tabs_menus_form();
break;
case 'avatars':
include_once SF_PLUGIN_DIR . '/admin/panel-profiles/forms/spa-profiles-avatars-form.php';
spa_profiles_avatars_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function sp_admin_bar_admin_options_save()
{
$options = '';
$options['dashboardposts'] = isset($_POST['dashboardposts']);
sp_update_option('spAdminBar', $options);
sp_update_option('spAkismet', sp_esc_int($_POST['spAkismet']));
return __('Admin bar options updated!', 'spab');
}
function spa_render_toolbox_container($formid)
{
switch ($formid) {
case 'toolbox':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-toolbox-form.php';
spa_toolbox_toolbox_form();
break;
case 'environment':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-environment-form.php';
spa_toolbox_environment_form();
break;
case 'housekeeping':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-housekeeping-form.php';
spa_toolbox_housekeeping_form();
break;
case 'inspector':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-inspector-form.php';
spa_toolbox_inspector_form();
break;
case 'cron':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-cron-form.php';
spa_toolbox_cron_form();
break;
case 'log':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-log-form.php';
spa_toolbox_log_form();
break;
case 'errorlog':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-errorlog-form.php';
spa_toolbox_errorlog_form();
break;
case 'changelog':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-changelog-form.php';
spa_toolbox_changelog_form();
break;
case 'uninstall':
include_once SF_PLUGIN_DIR . '/admin/panel-toolbox/forms/spa-toolbox-uninstall-form.php';
spa_toolbox_uninstall_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_components_container($formid)
{
switch ($formid) {
case 'smileys':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-smileys-form.php';
spa_components_smileys_form();
break;
case 'login':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-login-form.php';
spa_components_login_form();
break;
case 'seo':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-seo-form.php';
spa_components_seo_form();
break;
case 'forumranks':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-forumranks-form.php';
spa_components_forumranks_form();
break;
case 'addmembers':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-special-ranks-add-form.php';
spa_components_sr_add_members_form($_GET['id']);
break;
case 'delmembers':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-special-ranks-del-form.php';
spa_components_sr_del_members_form($_GET['id']);
break;
case 'messages':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-messages-form.php';
spa_components_messages_form();
break;
case 'policies':
include_once SF_PLUGIN_DIR . '/admin/panel-components/forms/spa-components-policies-form.php';
spa_components_policies_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_get_login_data()
{
$sfcomps = array();
$sflogin = array();
$sflogin = sp_get_option('sflogin');
$sfcomps['sfregmath'] = $sflogin['sfregmath'];
$sfcomps['sfloginurl'] = sp_filter_url_display($sflogin['sfloginurl']);
$sfcomps['sfloginemailurl'] = sp_filter_url_display($sflogin['sfloginemailurl']);
$sfcomps['sflogouturl'] = sp_filter_url_display($sflogin['sflogouturl']);
$sfcomps['sfregisterurl'] = sp_filter_url_display($sflogin['sfregisterurl']);
$sfcomps['sptimeout'] = sp_esc_int($sflogin['sptimeout']);
$sfrpx = sp_get_option('sfrpx');
$sfcomps['sfrpxenable'] = $sfrpx['sfrpxenable'];
$sfcomps['sfrpxkey'] = $sfrpx['sfrpxkey'];
$sfcomps['sfrpxredirect'] = sp_filter_url_display($sfrpx['sfrpxredirect']);
return $sfcomps;
}
function spa_render_usergroups_container($formid)
{
switch ($formid) {
case 'usergroups':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/spa-usergroups-display-main.php';
spa_usergroups_usergroup_main();
break;
case 'createusergroup':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-create-usergroup-form.php';
spa_usergroups_create_usergroup_form();
break;
case 'editusergroup':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-edit-usergroup-form.php';
spa_usergroups_edit_usergroup_form(sp_esc_int($_GET['id']));
break;
case 'delusergroup':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-delete-usergroup-form.php';
spa_usergroups_delete_usergroup_form(sp_esc_int($_GET['id']));
break;
case 'addmembers':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-add-members-form.php';
spa_usergroups_add_members_form(sp_esc_int($_GET['id']));
break;
case 'delmembers':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-delete-members-form.php';
spa_usergroups_delete_members_form(sp_esc_int($_GET['id']));
break;
case 'mapusers':
include_once SF_PLUGIN_DIR . '/admin/panel-usergroups/forms/spa-usergroups-map-users.php';
spa_usergroups_map_users();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_render_users_container($formid)
{
switch ($formid) {
case 'member-info':
require_once ABSPATH . 'wp-admin/includes/admin.php';
include_once SF_PLUGIN_DIR . '/admin/panel-users/forms/spa-users-members-form.php';
spa_users_members_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function spa_save_integration_page_data()
{
check_admin_referer('forum-adminform_integration', 'forum-adminform_integration');
$mess = '';
$slugid = sp_esc_int($_POST['slug']);
if ($slugid == '' || $slugid == 0) {
$setslug = '';
$setpage = 0;
} else {
$setpage = $slugid;
$page = spdb_table(SFWPPOSTS, "ID={$slugid}", 'row');
$setslug = $page->post_name;
if ($page->post_parent) {
$parent = $page->post_parent;
while ($parent) {
$thispage = spdb_table(SFWPPOSTS, "ID={$parent}", 'row');
$setslug = $thispage->post_name . '/' . $setslug;
$parent = $thispage->post_parent;
}
}
}
sp_update_option('sfpage', $setpage);
sp_update_option('sfslug', $setslug);
spa_update_check_option('sfinloop');
spa_update_check_option('sfmultiplecontent');
spa_update_check_option('sfwpheadbypass');
spa_update_check_option('sfwplistpages');
spa_update_check_option('sfscriptfoot');
spa_update_check_option('sfuseob');
spa_update_check_option('spwptexturize');
sp_update_option('spheaderspace', sp_esc_int($_POST['spheaderspace']));
if (!$setpage) {
$mess .= spa_text('Page slug missing');
$mess .= ' - ' . spa_text('Unable to determine forum permalink without it');
} else {
$mess .= spa_text('Forum page and slug updated');
sp_update_permalink(true);
}
do_action('sph_integration_save');
return $mess;
}
function spa_render_permissions_container($formid)
{
switch ($formid) {
case 'permissions':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/spa-permissions-display-main.php';
spa_permissions_permission_main();
break;
case 'createperm':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-add-permission-form.php';
spa_permissions_add_permission_form();
break;
case 'editperm':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-edit-permission-form.php';
spa_permissions_edit_permission_form(sp_esc_int($_GET['id']));
break;
case 'delperm':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-delete-permission-form.php';
spa_permissions_delete_permission_form(sp_esc_int($_GET['id']));
break;
case 'resetperms':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-reset-permissions-form.php';
spa_permissions_reset_perms_form();
break;
case 'newauth':
include_once SF_PLUGIN_DIR . '/admin/panel-permissions/forms/spa-permissions-add-auth-form.php';
spa_permissions_add_auth_form();
break;
# leave this for plugins to add to this panel
# leave this for plugins to add to this panel
case 'plugin':
include_once SF_PLUGIN_DIR . '/admin/panel-plugins/forms/spa-plugins-user-form.php';
$admin = isset($_GET['admin']) ? sp_esc_str($_GET['admin']) : '';
$save = isset($_GET['save']) ? sp_esc_str($_GET['save']) : '';
$form = isset($_GET['form']) ? sp_esc_int($_GET['form']) : '';
$reload = isset($_GET['reload']) ? sp_esc_str($_GET['reload']) : '';
spa_plugins_user_form($admin, $save, $form, $reload);
break;
}
}
function sp_featured_do_process_actions()
{
global $spThisUser, $spGlobals;
# only admins and mods
if (!$spThisUser->admin && !$spThisUser->moderator) {
return;
}
if (isset($_POST['featuretopic']) && !empty($_POST['featuretopicaction'])) {
$topic = sp_esc_int($_POST['featuretopic']);
$featured = $spGlobals['featured']['topics'];
if ($_POST['featuretopicaction'] == 'add') {
$featured[] = $topic;
$featured = array_unique($featured);
} else {
$key = array_search($topic, $featured);
if ($key !== false) {
unset($featured[$key]);
}
}
sp_add_sfmeta('featured', 'topics', $featured, true);
$spGlobals['featured']['topics'] = $featured;
}
if (isset($_POST['featurepost']) && !empty($_POST['featurepostaction'])) {
$post = sp_esc_int($_POST['featurepost']);
$featured = $spGlobals['featured']['posts'];
if ($_POST['featurepostaction'] == 'add') {
$featured[] = $post;
$featured = array_unique($featured);
} else {
$key = array_search($post, $featured);
if ($key !== false) {
unset($featured[$key]);
}
}
sp_add_sfmeta('featured', 'posts', $featured, true);
$spGlobals['featured']['posts'] = $featured;
}
}
<?php
/*
Simple:Press Admin
Ahah call for Users
$LastChangedDate: 2014-06-20 20:47:00 -0700 (Fri, 20 Jun 2014) $
$Rev: 11582 $
*/
if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) {
die('Access denied - you cannot directly call this file');
}
spa_admin_ahah_support();
# ----------------------------------
# Check Whether User Can Manage Users
if (!sp_current_user_can('SPF Manage Users')) {
spa_etext('Access denied - you do not have permission');
die;
}
$action = $_GET['action'];
if (isset($action) && $action == 'delete') {
$userid = sp_esc_int($_GET['id']);
if (!current_user_can('delete_user', $userid)) {
wp_die(spa_text("You can't delete that user."));
} else {
require_once ABSPATH . 'wp-admin/includes/user.php';
wp_delete_user($userid);
}
}
die;
/*
Simple:Press
Ahah call for View Member Profile
$LastChangedDate: 2015-09-05 07:36:03 -0700 (Sat, 05 Sep 2015) $
$Rev: 13390 $
*/
if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) {
die('Access denied - you cannot directly call this file');
}
sp_forum_api_support();
include_once SF_PLUGIN_DIR . '/forum/content/sp-common-view-functions.php';
include_once SF_PLUGIN_DIR . '/forum/content/sp-profile-view-functions.php';
# set up some globals for theme template files (spProfilePopup in this case) to use directly
global $spGroupView, $spThisGroup, $spForumView, $spThisForum, $spThisForumSubs, $spThisTopic, $spThisPost, $spThisPostUser, $spNewPosts, $spThisUser, $spProfileUser, $spMembersList, $spThisMemberGroup, $spThisMember, $spGlobals, $spDevice, $spMobile;
$userid = isset($_GET['user']) ? sp_esc_int($_GET['user']) : 0;
$action = isset($_GET['action']) ? $_GET['action'] : '';
do_action('sph_ProfileStart', $action);
global $spIsForum;
$spIsForum = true;
$spGlobals['editor'] = apply_filters('sph_this_editor', $spGlobals['editor']);
do_action('sph_load_editor', $spGlobals['editor']);
$out = '';
# is it a popup profile?
if ($action == 'popup') {
if (empty($userid)) {
sp_notify(SPFAILURE, sp_text('Invalid profile request'));
$out .= sp_render_queued_notification();
$out .= '<div class="sfmessagestrip">';
$out .= apply_filters('sph_ProfileErrorMsg', sp_text('Sorry, an invalid profile request was detected'));
$out .= '</div>';
$key = sp_esc_int($_GET['key']);
# remove the forum rank
$sql = 'DELETE FROM ' . SFMETA . " WHERE meta_type='forum_rank' AND meta_id='{$key}'";
spdb_query($sql);
}
if ($action == 'del_specialrank') {
$key = sp_esc_int($_GET['key']);
$specialRank = sp_get_sfmeta('special_rank', false, $key);
# remove members rank first
spdb_query('DELETE FROM ' . SFSPECIALRANKS . ' WHERE special_rank="' . $specialRank[0]['meta_key'] . '"');
# remove the forum rank
$sql = 'DELETE FROM ' . SFMETA . " WHERE meta_type='special_rank' AND meta_id='{$key}'";
spdb_query($sql);
}
if ($action == 'show') {
$key = sp_esc_int($_GET['key']);
$specialRank = sp_get_sfmeta('special_rank', false, $key);
$users = spdb_select('col', 'SELECT display_name
FROM ' . SFSPECIALRANKS . '
JOIN ' . SFMEMBERS . ' ON ' . SFSPECIALRANKS . '.user_id = ' . SFMEMBERS . '.user_id
WHERE special_rank = "' . $specialRank[0]['meta_key'] . '"
ORDER BY display_name');
echo '<fieldset class="sfsubfieldset">';
echo '<legend>' . spa_text('Special Rank Members') . '</legend>';
if ($users) {
echo '<ul class="memberlist">';
for ($x = 0; $x < count($users); $x++) {
echo '<li>' . sp_filter_name_display($users[$x]) . '</li>';
}
echo '</ul>';
} else {
function sp_UpdateProfile()
{
global $spGlobals, $spThisUser;
# make sure nonce is there
check_admin_referer('forum-profile', 'forum-profile');
$message = array();
# dont update forum if its locked down
if ($spGlobals['lockdown']) {
$message['type'] = 'error';
$message['text'] = sp_text('This forum is currently locked - access is read only - profile not updated');
return $message;
}
# do we have a form to update?
if (isset($_GET['form'])) {
$thisForm = sp_esc_str($_GET['form']);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid form');
return $message;
}
# do we have an actual user to update?
if (isset($_GET['userid'])) {
$thisUser = sp_esc_int($_GET['userid']);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid user');
return $message;
}
# Check the user ID for current user of admin edit
if ($thisUser != $spThisUser->ID && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('Profile update aborted - no valid user');
return $message;
}
if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) {
$pass1 = $pass2 = '';
if (isset($_POST['pass1'])) {
$pass1 = $_POST['pass1'];
}
if (isset($_POST['pass2'])) {
$pass2 = $_POST['pass2'];
}
if (empty($pass1) || empty($pass2) || $pass1 != $pass2) {
$message['type'] = 'error';
$message['text'] = sp_text('Cannot save profile until password has been changed');
return $message;
}
}
# form save filter
$thisForm = apply_filters('sph_profile_save_thisForm', $thisForm);
# valid save attempt, so lets process the save
switch ($thisForm) {
case 'show-memberships':
# update memberships
# any usergroup removals?
if (isset($_POST['usergroup_leave'])) {
foreach ($_POST['usergroup_leave'] as $membership) {
sp_remove_membership(sp_esc_str($membership), $thisUser);
}
}
# any usergroup joins?
if (isset($_POST['usergroup_join'])) {
foreach ($_POST['usergroup_join'] as $membership) {
sp_add_membership(sp_esc_int($membership), $thisUser);
}
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileMemberships', $message, $thisUser);
# output update message
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Memberships updated');
}
break;
case 'account-settings':
# update account settings
# check for password update
$pass1 = $pass2 = '';
if (isset($_POST['pass1'])) {
$pass1 = $_POST['pass1'];
}
if (isset($_POST['pass2'])) {
$pass2 = $_POST['pass2'];
}
if (!empty($pass1) || !empty($pass2)) {
if ($pass1 != $pass2) {
$message['type'] = 'error';
$message['text'] = sp_text('Please enter the same password in the two password fields');
return $message;
} else {
# update the password
$user = new stdClass();
$user->ID = (int) $thisUser;
$user->user_pass = $pass1;
wp_update_user(get_object_vars($user));
if (isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw) {
delete_user_meta($spThisUser->ID, 'sp_change_pw');
}
}
}
# now check the email is valid and unique
$update = apply_filters('sph_ProfileUserEmailUpdate', true);
if ($update) {
$curEmail = sp_filter_email_save($_POST['curemail']);
$email = sp_filter_email_save($_POST['email']);
if ($email != $curEmail) {
if (empty($email)) {
$message['type'] = 'error';
$message['text'] = sp_text('Please enter a valid email address');
return $message;
} elseif (($owner_id = email_exists($email)) && $owner_id != $thisUser) {
$message['type'] = 'error';
$message['text'] = sp_text('The email address is already registered. Please choose another one');
return $message;
}
# save new email address
$sql = 'UPDATE ' . SFUSERS . " SET user_email='{$email}' WHERE ID=" . $thisUser;
spdb_query($sql);
}
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileSettings', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Account settings updated');
}
break;
case 'edit-profile':
# update profile settings
# validate any username change
$update = apply_filters('sph_ProfileUserDisplayNameUpdate', true);
if ($update) {
$spProfile = sp_get_option('sfprofile');
if ($spProfile['nameformat'] || $spThisUser->admin) {
$display_name = !empty($_POST['display_name']) ? trim($_POST['display_name']) : spdb_table(SFUSERS, "ID={$thisUser}", 'user_login');
$display_name = sp_filter_name_save($display_name);
# make sure display name isnt already used
if ($_POST['oldname'] != $display_name) {
$records = spdb_table(SFMEMBERS, "display_name='{$display_name}'");
if ($records) {
foreach ($records as $record) {
if ($record->user_id != $thisUser) {
$message['type'] = 'error';
$message['text'] = $display_name . ' ' . sp_text('is already in use - please choose a different display name');
return $message;
}
}
}
# validate display name
$errors = new WP_Error();
$user = new stdClass();
$user->display_name = $display_name;
sp_validate_display_name($errors, true, $user);
if ($errors->get_error_codes()) {
$message['type'] = 'error';
$message['text'] = sp_text('The display name you have chosen is not allowed on this site');
return $message;
}
# now save the display name
sp_update_member_item($thisUser, 'display_name', $display_name);
# Update new users list with changed display name
sp_update_newuser_name(sp_filter_name_save($_POST['oldname']), $display_name);
# do we need to sync display name with wp?
$options = sp_get_member_item($thisUser, 'user_options');
if ($options['namesync']) {
spdb_query('UPDATE ' . SFUSERS . ' SET display_name="' . $display_name . '" WHERE ID=' . $thisUser);
}
}
}
}
# save the url
$update = apply_filters('sph_ProfileUserWebsiteUpdate', true);
if ($update) {
$url = sp_filter_url_save($_POST['website']);
$sql = 'UPDATE ' . SFUSERS . ' SET user_url="' . $url . '" WHERE ID=' . $thisUser;
spdb_query($sql);
}
# update first name, last name, location and biorgraphy
$update = apply_filters('sph_ProfileUserFirstNameUpdate', true);
if ($update) {
update_user_meta($thisUser, 'first_name', sp_filter_name_save(trim($_POST['first_name'])));
}
$update = apply_filters('sph_ProfileUserLastNameUpdate', true);
if ($update) {
update_user_meta($thisUser, 'last_name', sp_filter_name_save(trim($_POST['last_name'])));
}
$update = apply_filters('sph_ProfileUserLocationUpdate', true);
if ($update) {
update_user_meta($thisUser, 'location', sp_filter_title_save(trim($_POST['location'])));
}
$update = apply_filters('sph_ProfileUserBiographyUpdate', true);
if ($update) {
update_user_meta($thisUser, 'description', sp_filter_save_kses($_POST['description']));
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileProfile', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Profile settings updated');
}
break;
case 'edit-identities':
# update identity settings
# update the user identities
$update = apply_filters('sph_ProfileUserAIMUpdate', true);
if ($update) {
update_user_meta($thisUser, 'aim', sp_filter_title_save(trim($_POST['aim'])));
}
$update = apply_filters('sph_ProfileUserYahooUpdate', true);
if ($update) {
update_user_meta($thisUser, 'yim', sp_filter_title_save(trim($_POST['yim'])));
}
$update = apply_filters('sph_ProfileUserGoogleUpdate', true);
if ($update) {
update_user_meta($thisUser, 'jabber', sp_filter_title_save(trim($_POST['jabber'])));
}
$update = apply_filters('sph_ProfileUserMSNUpdate', true);
if ($update) {
update_user_meta($thisUser, 'msn', sp_filter_title_save(trim($_POST['msn'])));
}
$update = apply_filters('sph_ProfileUserICQUpdate', true);
if ($update) {
update_user_meta($thisUser, 'icq', sp_filter_title_save(trim($_POST['icq'])));
}
$update = apply_filters('sph_ProfileUserSkypeUpdate', true);
if ($update) {
update_user_meta($thisUser, 'skype', sp_filter_title_save(trim($_POST['skype'])));
}
$update = apply_filters('sph_ProfileUserFacebookUpdate', true);
if ($update) {
update_user_meta($thisUser, 'facebook', sp_filter_title_save(trim($_POST['facebook'])));
}
$update = apply_filters('sph_ProfileUserMySpaceUpdate', true);
if ($update) {
update_user_meta($thisUser, 'myspace', sp_filter_title_save(trim($_POST['myspace'])));
}
$update = apply_filters('sph_ProfileUserTwitterUpdate', true);
if ($update) {
update_user_meta($thisUser, 'twitter', sp_filter_title_save(trim($_POST['twitter'])));
}
$update = apply_filters('sph_ProfileUserLinkedInUpdate', true);
if ($update) {
update_user_meta($thisUser, 'linkedin', sp_filter_title_save(trim($_POST['linkedin'])));
}
$update = apply_filters('sph_ProfileUserYouTubeUpdate', true);
if ($update) {
update_user_meta($thisUser, 'youtube', sp_filter_title_save(trim($_POST['youtube'])));
}
$update = apply_filters('sph_ProfileUserGooglePlusUpdate', true);
if ($update) {
update_user_meta($thisUser, 'googleplus', sp_filter_title_save(trim($_POST['googleplus'])));
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileIdentities', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Identities updated');
}
break;
case 'avatar-upload':
# upload avatar
# did we get an avatar to upload?
if (empty($_FILES['avatar-upload']['name'])) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar filename was empty');
return $message;
}
# Verify the file extension
global $spPaths;
$uploaddir = SF_STORE_DIR . '/' . $spPaths['avatars'] . '/';
$filename = basename($_FILES['avatar-upload']['name']);
$path = pathinfo($filename);
$ext = strtolower($path['extension']);
if ($ext != 'jpg' && $ext != 'jpeg' && $ext != 'gif' && $ext != 'png') {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, only JPG, JPEG, PNG, or GIF files are allowed');
return $message;
}
# check image file mimetype
$mimetype = 0;
$mimetype = exif_imagetype($_FILES['avatar-upload']['tmp_name']);
if (empty($mimetype) || $mimetype == 0 || $mimetype > 3) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file is an invalid format');
return $message;
}
# make sure file extension and mime type actually match
if ($mimetype == 1 && $ext != 'gif' || $mimetype == 2 && ($ext != 'jpg' && $ext != 'jpeg') || $mimetype == 3 && $ext != 'png') {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the file mime type does not match file extension');
return $message;
}
# Clean up file name just in case
$filename = date('U') . sp_filter_filename_save(basename($_FILES['avatar-upload']['name']));
$uploadfile = $uploaddir . $filename;
# check for existence
if (file_exists($uploadfile)) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file already exists');
return $message;
}
# check file size against limit if provided
$spAvatars = sp_get_option('sfavatars');
if ($_FILES['avatar-upload']['size'] > $spAvatars['sfavatarfilesize']) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file exceeds the maximum allowed size');
return $message;
}
# valid avatar, so try moving the uploaded file to the avatar storage directory
if (move_uploaded_file($_FILES['avatar-upload']['tmp_name'], $uploadfile)) {
@chmod("{$uploadfile}", 0644);
# do we need to resize?
$sfavatars = sp_get_option('sfavatars');
if ($sfavatars['sfavatarresize']) {
$editor = wp_get_image_editor($uploadfile);
if (is_wp_error($editor)) {
@unlink($uploadfile);
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, there was a problem resizing the avatar');
return $message;
} else {
$editor->resize($sfavatars['sfavatarsize'], $sfavatars['sfavatarsize'], true);
$imageinfo = $editor->save($uploadfile);
$filename = $imageinfo['file'];
}
}
# update member avatar data
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['uploaded'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
} else {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, the avatar file could not be moved to the avatar storage location');
return $message;
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarUpload', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Uploaded avatar updated');
}
break;
case 'avatar-pool':
# pool avatar
# get pool avatar name
$filename = sp_filter_filename_save($_POST['spPoolAvatar']);
# error if no pool avatar provided
if (empty($filename)) {
$message['type'] = 'error';
$message['text'] = sp_text('Sorry, you must select a pool avatar before trying to save it');
return $message;
}
# save the pool avatar
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['pool'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarPool', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Pool avatar updated');
}
break;
case 'avatar-remote':
# remote avatar
# get remote avatar name
$filename = sp_filter_url_save($_POST['spAvatarRemote']);
$avatar = sp_get_member_item($thisUser, 'avatar');
$avatar['remote'] = $filename;
sp_update_member_item($thisUser, 'avatar', $avatar);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileAvatarRemote', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Remote avatar updated');
}
break;
case 'edit-signature':
# save signature
# Check if maxmium links has been exceeded
$numLinks = substr_count($_POST['postitem'], '</a>');
$spFilters = sp_get_option('sffilters');
if (!sp_get_auth('create_links', 'global', $thisUser) && $numLinks > 0 && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('You are not allowed to put links in signatures');
return $message;
}
if (sp_get_auth('create_links', 'global', $thisUser) && $spFilters['sfmaxlinks'] != 0 && $numLinks > $spFilters['sfmaxlinks'] && !$spThisUser->admin) {
$message['type'] = 'error';
$message['text'] = sp_text('Maximum number of allowed links exceeded in signature') . ': ' . $spFilters['sfmaxlinks'] . ' ' . sp_text('allowed');
return $message;
}
// $sig = esc_sql(sp_filter_save_kses(trim($_POST['postitem'])));
$sig = sp_filter_content_save($_POST['postitem'], 'edit');
sp_update_member_item($thisUser, 'signature', $sig);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileSignature', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Signature updated');
}
break;
case 'edit-photos':
# save photos
$photos = array();
$spProfileOptions = sp_get_option('sfprofile');
for ($x = 0; $x < $spProfileOptions['photosmax']; $x++) {
$photos[$x] = sp_filter_url_save($_POST['photo' . $x]);
}
update_user_meta($thisUser, 'photos', $photos);
# fire action for plugins
$message = apply_filters('sph_UpdateProfilePhotos', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Photos updated');
}
break;
case 'edit-global-options':
# save global options
$options = sp_get_member_item($thisUser, 'user_options');
$options['hidestatus'] = isset($_POST['hidestatus']) ? true : false;
$update = apply_filters('sph_ProfileUserSyncNameUpdate', true);
if ($update) {
$options['namesync'] = isset($_POST['namesync']) ? true : false;
}
sp_update_member_item($thisUser, 'user_options', $options);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileGlobalOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Global options updated');
}
break;
case 'edit-posting-options':
# save posting options
$update = apply_filters('sph_ProfileUserEditorUpdate', true);
if ($update) {
$options = sp_get_member_item($thisUser, 'user_options');
if (isset($_POST['editor'])) {
$options['editor'] = sp_esc_int($_POST['editor']);
}
sp_update_member_item($thisUser, 'user_options', $options);
}
# fire action for plugins
$message = apply_filters('sph_UpdateProfilePostingOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Posting options updated');
}
break;
case 'edit-display-options':
# save display options
$options = sp_get_member_item($thisUser, 'user_options');
if (isset($_POST['timezone'])) {
if (preg_match('/^UTC[+-]/', $_POST['timezone'])) {
# correct for manual UTC offets
$userOffset = preg_replace('/UTC\\+?/', '', $_POST['timezone']) * 3600;
} else {
# get timezone offset for user
$date_time_zone_selected = new DateTimeZone(sp_esc_str($_POST['timezone']));
$userOffset = timezone_offset_get($date_time_zone_selected, date_create());
}
# get timezone offset for server based on wp settings
$wptz = get_option('timezone_string');
if (empty($wptz)) {
$serverOffset = get_option('gmt_offset');
} else {
$date_time_zone_selected = new DateTimeZone($wptz);
$serverOffset = timezone_offset_get($date_time_zone_selected, date_create());
}
# calculate time offset between user and server
$options['timezone'] = (int) round(($userOffset - $serverOffset) / 3600, 2);
$options['timezone_string'] = sp_esc_str($_POST['timezone']);
} else {
$options['timezone'] = 0;
$options['timezone_string'] = 'UTC';
}
if (isset($_POST['unreadposts'])) {
$sfcontrols = sp_get_option('sfcontrols');
$options['unreadposts'] = is_numeric($_POST['unreadposts']) ? max(min(sp_esc_int($_POST['unreadposts']), $sfcontrols['sfmaxunreadposts']), 0) : $sfcontrols['sfdefunreadposts'];
}
$options['topicASC'] = isset($_POST['topicASC']);
$options['postDESC'] = isset($_POST['postDESC']);
sp_update_member_item($thisUser, 'user_options', $options);
# fire action for plugins
$message = apply_filters('sph_UpdateProfileDisplayOptions', $message, $thisUser);
# output profile save status
if (empty($message)) {
$message['type'] = 'success';
$message['text'] = sp_text('Display options updated');
}
break;
default:
break;
}
# let plugins do their thing on success
$message = apply_filters('sph_ProfileFormSave_' . $thisForm, $message, $thisUser, $thisForm);
do_action('sph_UpdateProfile', $thisUser, $thisForm);
# reset the plugin_data just in case
sp_reset_member_plugindata($thisUser);
# done saving - return the messages
return $message;
}
function sp_MemberListUsergroupSelect($args = '')
{
global $spMembersList;
if (empty($spMembersList->userGroups)) {
return;
}
if (!sp_get_auth('view_members_list')) {
return;
}
global $spMembersList;
$defs = array('tagId' => 'spUsergroupSelect', 'tagClass' => 'spUsergroupSelect', 'selectClass' => 'spControl', 'echo' => 1);
$a = wp_parse_args($args, $defs);
$a = apply_filters('sph_MemberListUsergroupSelect_args', $a);
extract($a, EXTR_SKIP);
# sanitize before use
$tagId = esc_attr($tagId);
$tagClass = esc_attr($tagClass);
$selectClass = esc_attr($selectClass);
$echo = (int) $echo;
$search = !empty($_POST['msearch']) && !isset($_POST['allmembers']) ? '&msearch=' . sp_esc_str($_POST['msearch']) : '';
$search = !empty($_GET['msearch']) ? '&msearch=' . sp_esc_str($_GET['msearch']) : $search;
$ug = !empty($_POST['ug']) && !isset($_POST['allmembers']) ? sp_esc_int($_POST['ug']) : '';
$ug = !empty($_GET['ug']) ? sp_esc_int($_GET['ug']) : $ug;
$out = "<div id='{$tagId}' class='{$tagClass}'>";
$out .= "<select class='{$selectClass}' name='sp_usergroup_select' onchange='javascript:spjChangeURL(this)'>";
$out .= "<option value='#'>" . sp_text('Select Specific Usergroup') . "</option>";
foreach ($spMembersList->userGroups as $usergroup) {
$selected = $usergroup['usergroup_id'] == $ug ? "selected='selected'" : '';
$out .= "<option {$selected} value='" . sp_get_sfqurl(sp_url('members')) . 'ug=' . $usergroup['usergroup_id'] . $search . "'>" . sp_filter_title_display($usergroup['usergroup_name']) . '</option>';
}
if (!empty($ug)) {
$out .= "<option value='" . sp_get_sfqurl(sp_url('members')) . $search . "'>" . sp_text('Reset to Default Usergroups') . "</option>";
}
$out .= '</select>';
$out .= "</div>\n";
$out = apply_filters('sph_MemberListUsergroupSelect', $out, $a);
if ($echo) {
echo $out;
} else {
return $out;
}
}
function sp_render_forum($content)
{
global $spIsForum, $spContentLoaded, $spVars, $spGlobals, $spThisUser, $spStatus;
# make sure we are at least in the html body before outputting any content
if (!sp_get_option('sfwpheadbypass') && !did_action('wp_head')) {
return '';
}
if ($spIsForum && !post_password_required(get_post(sp_get_option('sfpage')))) {
# Limit forum display to within the wp loop?
if (sp_get_option('sfinloop') && !in_the_loop()) {
return $content;
}
# Has forum content already been loaded and are we limiting?
if (!sp_get_option('sfmultiplecontent') && $spContentLoaded) {
return $content;
}
$spContentLoaded = true;
sp_set_server_timezone();
# offer a way for forum display to be short circuited but always show for admins unless an upgrade
$message = sp_abort_display_forum();
$content .= $message;
if (!empty($message) && (!$spThisUser->admin || $spStatus != 'ok')) {
return $content;
}
# process query arg actions
# check for edit operation. Need tp check for '_x' in case using mobile as buttin is an image
if (isset($_POST['editpost']) || isset($_POST['editpost_x'])) {
sp_save_edited_post();
}
if (isset($_POST['edittopic'])) {
sp_save_edited_topic();
}
if (isset($_POST['ordertopicpins'])) {
sp_promote_pinned_topic();
}
if (isset($_POST['makepostreassign'])) {
sp_reassign_post();
}
if (isset($_POST['approvepost'])) {
sp_approve_post(false, sp_esc_int($_POST['approvepost']), $spVars['topicid']);
}
if (isset($_POST['unapprovepost'])) {
sp_unapprove_post(sp_esc_int($_POST['unapprovepost']));
}
if (isset($_POST['doqueue'])) {
sp_remove_waiting_queue();
}
if (isset($_POST['notifyuser'])) {
sp_post_notification(sp_esc_str($_POST['sp_notify_user']), sp_esc_str($_POST['message']), sp_esc_int($_POST['postid']));
}
# move a topic and redirect to that topic
if (isset($_POST['maketopicmove'])) {
if (empty($_POST['forumid'])) {
sp_notify(1, sp_text('Destination forum not selected'));
return;
}
sp_move_topic();
$forumslug = spdb_table(SFFORUMS, 'forum_id=' . sp_esc_int(sp_esc_int($_POST['forumid'])), 'forum_slug');
$topicslug = spdb_table(SFTOPICS, 'topic_id=' . sp_esc_int(sp_esc_int($_POST['currenttopicid'])), 'topic_slug');
$returnURL = sp_build_url($forumslug, $topicslug, 0);
sp_redirect($returnURL);
}
# move a post and redirect to the post
if (isset($_POST['makepostmove1']) || isset($_POST['makepostmove2']) || isset($_POST['makepostmove3'])) {
sp_move_post();
if (isset($_POST['makepostmove1'])) {
$returnURL = sp_permalink_from_postid(sp_esc_int($_POST['postid']));
sp_redirect($returnURL);
}
}
# cancel a post move
if (isset($_POST['cancelpostmove'])) {
$meta = sp_get_sfmeta('post_move', 'post_move');
if ($meta) {
$id = $meta[0]['meta_id'];
sp_delete_sfmeta($id);
unset($spGlobals['post_move']);
}
}
# rebuild the forum and post indexes
if (isset($_POST['rebuildforum']) || isset($_POST['rebuildtopic'])) {
sp_build_post_index(sp_esc_int($_POST['topicid']), true);
sp_build_forum_index(sp_esc_int($_POST['forumid']), false);
}
# Set display mode if topic view (for editing posts)
if ($spVars['pageview'] == 'topic' && isset($_POST['postedit'])) {
$spVars['displaymode'] = 'edit';
$spVars['postedit'] = $_POST['postedit'];
} else {
$spVars['displaymode'] = 'posts';
}
# clean cache of timed our records
sp_clean_cache();
#--Scratch Pad Area---Please Leave Here---------
#--End Scratch Pad Area-------------------------
# let other plugins check for posted actions
do_action('sph_setup_forum');
# do we use output buffering?
$ob = sp_get_option('sfuseob');
if ($ob) {
ob_start();
}
# set up some stuff before wp page content
$content .= sp_display_banner();
$content = apply_filters('sph_before_wp_page_content', $content);
# run any other wp filters on page content but exclude ours
if (!$ob) {
remove_filter('the_content', 'sp_render_forum', 1);
$content = apply_filters('the_content', $content);
$content = wpautop($content);
add_filter('the_content', 'sp_render_forum', 1);
}
# set up some stuff after wp page content
$content = apply_filters('sph_after_wp_page_content', $content);
$content .= '<div id="dialogcontainer" style="display:none;"></div>';
$content .= sp_js_check();
# echo any wp page content
echo $content;
# now add our content
do_action('sph_before_template_processing');
sp_process_template();
do_action('sph_after_template_processing');
# Return if using output buffering
if ($ob) {
$forum = ob_get_contents();
ob_end_clean();
return $forum;
}
}
# not returning any content since we output it already unless password needed
if (post_password_required(get_post(sp_get_option('sfpage')))) {
return $content;
}
}
function sp_setup_page_type()
{
global $spVars, $spGlobals, $spThisUser, $spBootCache, $spStatus;
if ($spStatus != 'ok') {
return;
}
if (isset($spGlobals['pagetypedone']) && $spGlobals['pagetypedone'] == true) {
return;
}
$spGlobals['pagetypedone'] = true;
# If user has made no posts yet optionaly load the profile form
$pageview = '';
$goProfile = false;
if ($spThisUser->member && $spThisUser->posts == -1) {
sp_update_member_item($spThisUser->ID, 'posts', 0);
# reset posts to 0 on first visit
# do new users need to visit profile first?
$sfprofile = sp_get_option('sfprofile');
$goProfile = $sfprofile['firstvisit'];
}
# do we need to redirec to profile for pw change or first visit?
if ($spThisUser->member && ($goProfile || isset($spThisUser->sp_change_pw) && $spThisUser->sp_change_pw)) {
$spVars['member'] = (int) $spThisUser->ID;
$pageview = 'profileedit';
$spVars['forumslug'] = '';
$spVars['topicslug'] = '';
}
if ($pageview == '') {
if (!empty($spVars['feed'])) {
$pageview = 'feed';
} else {
if (!empty($spVars['forumslug'])) {
$pageview = 'forum';
} else {
if (!empty($spVars['profile'])) {
if ($spVars['profile'] == 'edit') {
$pageview = 'profileedit';
}
if ($spVars['profile'] == 'show') {
$pageview = 'profileshow';
}
} else {
if (!empty($spVars['newposts'])) {
$pageview = 'newposts';
} else {
if (!empty($spVars['members'])) {
$pageview = 'members';
} else {
$pageview = 'group';
# and if a single group id is passed load ot ointo spVars
if (isset($_GET['group'])) {
$spVars['singlegroupid'] = sp_esc_int($_GET['group']);
}
# Check if single forum only is on
if (isset($spGlobals['display']['forums']['singleforum']) && $spGlobals['display']['forums']['singleforum']) {
$fid = sp_single_forum_user();
if ($fid) {
$cforum = spdb_table(SFFORUMS, "forum_id={$fid}", 'row');
$spVars['forumid'] = $fid;
$spVars['forumslug'] = $cforum->forum_slug;
$spVars['forumname'] = $cforum->forum_name;
$spBootCache = '';
$pageview = 'forum';
}
}
}
}
}
}
}
if (!empty($spVars['topicslug'])) {
$pageview = 'topic';
}
if (isset($_GET['search']) && !empty($spVars['searchvalue'])) {
$pageview = 'search';
}
}
# profile via ssl if doing ssl logins
if ($pageview == 'profileedit' && force_ssl_admin() && !is_ssl()) {
if (sp_profile_tab_active('profile') && sp_profile_menu_active('account-settings')) {
if (0 === strpos($_SERVER['REQUEST_URI'], 'http')) {
wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
exit;
} else {
wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
}
}
$spVars['pageview'] = apply_filters('sph_pageview', $pageview);
}
/*
Simple:Press
Ahah call for View Member Profile
$LastChangedDate: 2014-08-15 02:46:05 -0700 (Fri, 15 Aug 2014) $
$Rev: 11882 $
*/
if (preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) {
die('Access denied - you cannot directly call this file');
}
sp_forum_api_support();
include_once SF_PLUGIN_DIR . '/forum/content/sp-common-view-functions.php';
include_once SF_PLUGIN_DIR . '/forum/content/sp-profile-view-functions.php';
# set up some globals for theme template files (spProfilePopup in this case) to use directly
global $spGroupView, $spThisGroup, $spForumView, $spThisForum, $spThisForumSubs, $spThisTopic, $spThisPost, $spThisPostUser, $spNewPosts, $spThisUser, $spProfileUser, $spMembersList, $spThisMemberGroup, $spThisMember, $spGlobals, $spVars, $spDevice, $spMobile;
$userid = sp_esc_int($_GET['user']);
$action = isset($_GET['action']) ? $_GET['action'] : '';
do_action('sph_ProfileStart', $action);
if (isset($_GET['menu']) && $_GET['menu'] == 'account-settings') {
?>
<script type="text/javascript" src="<?php
echo admin_url('js/password-strength-meter.min.js');
?>
"></script>
<script type="text/javascript" src="<?php
echo admin_url('js/user-profile.min.js');
?>
"></script>
<?php
}
# is it a popup profile?
function spa_save_usergroups_map_settings()
{
global $wp_roles;
check_admin_referer('forum-adminform_mapusers', 'forum-adminform_mapusers');
# save default usergroups
sp_add_sfmeta('default usergroup', 'sfguests', sp_esc_int($_POST['sfguestsgroup']));
# default usergroup for guests
sp_add_sfmeta('default usergroup', 'sfmembers', sp_esc_int($_POST['sfdefgroup']));
# default usergroup for members
# check for changes in wp role usergroup assignments
if (isset($_POST['sfrole'])) {
$roles = array_keys($wp_roles->role_names);
foreach ($_POST['sfrole'] as $index => $role) {
if ($_POST['sfoldrole'][$index] != $role) {
sp_add_sfmeta('default usergroup', $roles[$index], sp_esc_int($role));
}
}
}
$sfmemberopts = sp_get_option('sfmemberopts');
$sfmemberopts['sfsinglemembership'] = isset($_POST['sfsinglemembership']);
sp_update_option('sfmemberopts', $sfmemberopts);
$mess = spa_text('User mapping settings saved');
do_action('sph_option_map_settings_save');
return $mess;
}
function sp_lock_topic()
{
sp_lock_topic_toggle(sp_esc_int($_GET['topic']));
die;
}
function sp_promote_pinned_topic()
{
if (empty($_POST['orderpinsforumid'])) {
return '';
}
$forumid = $_POST['orderpinsforumid'];
if (!sp_get_auth('pin_topics', $forumid)) {
if (!is_user_logged_in()) {
$msg = sp_text('Access denied - are you logged in?');
} else {
$msg = sp_text('Access denied - you do not have permission');
}
sp_notify(SPFAILURE, $msg);
return;
}
if (!empty($_POST['topicid'])) {
for ($x = 0; $x < count($_POST['topicid']); $x++) {
if (empty($_POST['porder'][$x]) || $_POST['porder'][$x] == 0) {
$o = 1;
} else {
$o = $_POST['porder'][$x];
}
if (spdb_query('UPDATE ' . SFTOPICS . " SET topic_pinned={$o} WHERE topic_id=" . sp_esc_int($_POST['topicid'][$x])) == false) {
sp_notify(SPFAILURE, sp_text('Ordering of pinned topic failed'));
} else {
sp_notify(SPSUCCESS, sp_text('Pinned topics re-ordered'));
}
}
}
}
function spa_save_forumranks_data()
{
check_admin_referer('forum-adminform_forumranks', 'forum-adminform_forumranks');
# save forum ranks
for ($x = 0; $x < count($_POST['rankdesc']); $x++) {
if (!empty($_POST['rankdesc'][$x])) {
$rankdata = array();
$rankdata['posts'] = sp_esc_int($_POST['rankpost'][$x]);
$rankdata['usergroup'] = (int) $_POST['rankug'][$x];
$rankdata['badge'] = sp_filter_filename_save($_POST['rankbadge'][$x]);
if ($_POST['rankid'][$x] == -1) {
sp_add_sfmeta('forum_rank', sp_filter_title_save(trim($_POST['rankdesc'][$x])), $rankdata, 1);
} else {
sp_update_sfmeta('forum_rank', sp_filter_title_save(trim($_POST['rankdesc'][$x])), $rankdata, sp_esc_int($_POST['rankid'][$x]), 1);
}
}
}
do_action('sph_component_ranks_save');
$mess = spa_text('Forum ranks updated');
return $mess;
}
function spa_save_members_data()
{
check_admin_referer('forum-adminform_members', 'forum-adminform_members');
$mess = spa_text('Options updated');
$sfmemberopts = array();
$sfmemberopts['sfcheckformember'] = isset($_POST['sfcheckformember']);
$sfmemberopts['sfhidestatus'] = isset($_POST['sfhidestatus']);
sp_update_option('sfmemberopts', $sfmemberopts);
$sfguests = array();
$sfguests['reqemail'] = isset($_POST['reqemail']);
$sfguests['storecookie'] = isset($_POST['storecookie']);
sp_update_option('sfguests', $sfguests);
$sfuser = array();
$sfuser['sfuserinactive'] = isset($_POST['sfuserinactive']);
$sfuser['sfusernoposts'] = isset($_POST['sfusernoposts']);
if (isset($_POST['sfuserperiod']) && $_POST['sfuserperiod'] > 0) {
$sfuser['sfuserperiod'] = intval($_POST['sfuserperiod']);
} else {
$sfuser['sfuserperiod'] = 365;
# if not filled in make it one year
}
sp_update_option('account-name', sp_filter_name_save(trim($_POST['account-name'])));
sp_update_option('display-name', sp_filter_name_save(trim($_POST['display-name'])));
sp_update_option('guest-name', sp_filter_name_save(trim($_POST['guest-name'])));
# auto removal cron job
wp_clear_scheduled_hook('sph_cron_user');
if (isset($_POST['sfuserremove'])) {
$sfuser['sfuserremove'] = true;
wp_schedule_event(time(), 'daily', 'sph_cron_user');
} else {
$sfuser['sfuserremove'] = false;
}
sp_update_option('sfuserremoval', $sfuser);
sp_update_option('post_count_delete', isset($_POST['post_count_delete']));
$sfprofile = sp_get_option('sfprofile');
$sfprofile['namelink'] = sp_esc_int($_POST['namelink']);
sp_update_option('sfprofile', $sfprofile);
do_action('sph_option_members_save');
return $mess;
}
function spa_users_members_form()
{
spa_paint_options_init();
spa_paint_open_tab(spa_text('Users') . ' - ' . spa_text('Member Information'), true);
spa_paint_open_panel();
spa_paint_open_fieldset(spa_text('Member Information'), 'true', 'users-info');
if (isset($_POST['usersearch'])) {
$term = sp_filter_title_save(trim($_POST['usersearch']));
} else {
$term = '';
}
if (isset($_GET['userspage'])) {
$page = sp_esc_int($_GET['userspage']);
} else {
$page = '';
}
$user_search = new SP_User_Search($term, $page);
?>
<form id="posts-filter" name="searchfilter" action="<?php
echo SFADMINUSER . '&form=member-info';
?>
" method="post">
<div class="tablenav">
<?php
if ($user_search->results_are_paged()) {
?>
<div class="tablenav-pages">
<?php
$args = array();
if (!empty($user_search->search_term)) {
$args['usersearch'] = urlencode($user_search->search_term);
}
$user_search->paging_text = paginate_links(array('total' => ceil($user_search->total_users_for_query / $user_search->users_per_page), 'current' => $user_search->page, 'base' => 'admin.php?page=simple-press/admin/panel-users/spa-users.php&form=member-info&%_%', 'format' => 'userspage=%#%', 'add_args' => $args));
echo $user_search->page_links();
?>
</div>
<?php
}
?>
<div>
<label class="hidden" for="post-search-input"><?php
spa_etext('Search Members');
?>
:</label>
<input type="text" class="sfacontrol" id="post-search-input" name="usersearch" value="<?php
echo esc_attr($user_search->search_term);
?>
" />
<input type="button" class="button-primary" onclick="javascript:document.searchfilter.submit();" id="sfusersearch" name="sfusersearch" value="<?php
spa_etext('Search Members');
?>
" />
</div>
<br class="clear" />
</div>
<br class="clear" />
</form>
<?php
if ($user_search->get_results()) {
?>
<?php
if ($user_search->is_search()) {
?>
<p><a href="<?php
echo SFADMINUSER;
?>
"><?php
echo sprintf(spa_text('%s Back to All Members'), '«');
?>
</a></p>
<?php
}
?>
<table id="memTable" class="widefat fixed spMobileTable1280">
<thead>
<tr>
<th style="text-align:center;width:4%"><?php
spa_etext('ID');
?>
</th>
<th style="text-align:center;"><?php
spa_etext('Login Name');
?>
</th>
<th style="text-align:center;"><?php
spa_etext('Display Name');
?>
</th>
<th style="text-align:center;width:15%"><?php
spa_etext('First Post');
?>
</th>
<th style="text-align:center;width:15%"><?php
spa_etext('Last Post');
?>
</th>
<th style="text-align:center;width:3.5%"><?php
spa_etext('Posts');
?>
</th>
<th style="text-align:center;"><?php
spa_etext('Last Visit');
?>
</th>
<th style="text-align:center;"><?php
spa_etext('Memberships');
?>
</th>
<th style="text-align:center;width:auto;"><?php
spa_etext('Rank');
?>
</th>
<th style="text-align:center;"><?php
spa_etext('Actions');
?>
</th>
</tr>
</thead>
<tbody id="users" class="list:user user-list">
<?php
$style = '';
$class = 'class="spMobileTableData"';
# grab user post/page counts
$users = $user_search->get_results();
# output users
foreach ($users as $userid) {
$data = spa_get_members_info($userid);
if ($data) {
?>
<tr id="user-delete-<?php
echo $userid;
?>
" <?php
echo $class;
?>
>
<td data-label='<?php
spa_etext('ID');
?>
'><?php
echo $userid;
?>
</td>
<td data-label='<?php
spa_etext('Login Name');
?>
'><?php
echo $data['login'];
?>
</td>
<?php
$displayname = !empty($data['display_name']) ? $data['display_name'] : '';
?>
<td data-label='<?php
spa_etext('Display Name');
?>
'><strong><?php
echo sp_filter_name_display($displayname);
?>
</strong></td>
<td data-label='<?php
spa_etext('First Post');
?>
'><?php
echo $data['first'];
?>
</td>
<td data-label='<?php
spa_etext('Last Post');
?>
'><?php
echo $data['last'];
?>
</td>
<td data-label='<?php
spa_etext('Posts');
?>
'>
<?php
if ($data['posts'] == -1) {
echo '<img style="vertical-align:top" src="' . SFADMINIMAGES . 'sp_UserNoPosts.png" title="' . spa_text('User has not yet visited forum') . '" alt="" />';
} else {
echo $data['posts'];
}
?>
</td>
<td data-label='<?php
spa_etext('Last Visit');
?>
'><?php
echo sp_date('d', $data['lastvisit']);
?>
</td>
<td data-label='<?php
spa_etext('Memberships');
?>
'><?php
echo $data['memberships'];
?>
</td>
<td data-label='<?php
spa_etext('Rank');
?>
'><?php
echo $data['rank'];
?>
</td>
<td style="text-align:center">
<?php
$site = SFHOMEURL . 'index.php?sp_ahah=profile&sfnonce=' . wp_create_nonce('forum-ahah') . "&action=popup&user={$userid}";
$title = spa_text('Member Profile');
$position = 'center';
echo '<a id="memberprofile' . $userid . '" href="javascript:void(null)" onclick="spjDialogAjax(this, \'' . $site . '\', \'' . $title . '\', 750, 0, \'' . $position . '\');"><img src="' . SFADMINIMAGES . 'sp_UserProfile.png" title="' . spa_text('View Member Profile') . '" alt="" /></a>';
# check to see if user can delete users before giving option to delete
if (current_user_can('delete_user', $userid)) {
$nonce = wp_create_nonce('bulk-users');
$url = admin_url('users.php?action=delete&user='******'&_wpnonce=' . $nonce . '&wp_http_referer=admin.php?page=simple-press/admin/panel-users/spa-users.php');
echo '<a href="' . $url . '"><img src="' . SFCOMMONIMAGES . 'delete.png" title="' . spa_text('Delete User') . '" alt="" />';
}
?>
</td>
</tr>
<?php
}
$class = strpos($class, 'alternate') === false ? 'class="spMobileTableData alternate"' : 'class="spMobileTableData"';
}
?>
</tbody>
</table>
<div class="tablenav">
<?php
if ($user_search->results_are_paged()) {
?>
<div class="tablenav-pages"><?php
$user_search->page_links();
?>
</div>
<?php
}
?>
<br class="clear" />
</div>
<?php
}
spa_paint_close_fieldset();
spa_paint_close_panel();
do_action('sph_users_members_panel');
spa_paint_close_container();
spa_paint_close_tab();
}
$p->newpost['postername'] = $spThisUser->display_name;
$p->newpost['posteremail'] = $spThisUser->user_email;
$p->newpost['userid'] = $spThisUser->ID;
}
$p->newpost['postcontent'] = $_POST['postitem'];
$p->newpost['posterip'] = sp_get_ip();
if (isset($_POST['topiclock'])) {
$p->newpost['topicstatus'] = 1;
}
if (!empty($_POST['editTimestamp'])) {
$yy = sp_esc_int($_POST['tsYear']);
$mm = sp_esc_int($_POST['tsMonth']);
$dd = sp_esc_int($_POST['tsDay']);
$hh = sp_esc_int($_POST['tsHour']);
$mn = sp_esc_int($_POST['tsMinute']);
$ss = sp_esc_int($_POST['tsSecond']);
$dd = $dd > 31 ? 31 : $dd;
$hh = $hh > 23 ? $hh - 24 : $hh;
$mn = $mn > 59 ? $mn - 60 : $mn;
$ss = $ss > 59 ? $ss - 60 : $ss;
$p->newpost['postdate'] = sprintf('%04d-%02d-%02d %02d:%02d:%02d', $yy, $mm, $dd, $hh, $mn, $ss);
}
# Permission checks on forum data --------------------------------------------------
$p->validateData();
if ($p->abort) {
sp_return_to_post($p->returnURL, $p->message);
die;
}
# let any plugins perform their stuff ----------------------------------------------
do_action('sph_editor_pre_post_create', $p->newpost);
$p->newpost = apply_filters('sph_editor_new_forum_post', $p->newpost);
