function send_systememail($systememail, $recipient_email, $replace = array(), $bcc = FALSE) { global $setting, $database; // RETRIEVE EMAIL INFO $email = $database->database_fetch_assoc($database->database_query("SELECT * FROM se_systememails WHERE systememail_name='{$systememail}' LIMIT 1")); SE_Language::_preload_multi($email['systememail_subject'], $email['systememail_body']); SE_Language::load(); // GET/DECODE SUBJECT AND MESSAGE $subject = htmlspecialchars_decode(SE_Language::_get($email['systememail_subject']), ENT_QUOTES); $message = htmlspecialchars_decode(SE_Language::_get($email['systememail_body']), ENT_QUOTES); // REPLACE VARIABLES IN SUBJECT AND MESSAGE $subject = vsprintf($subject, $replace); $message = vsprintf($message, $replace); // ENCODE SUBJECT FOR UTF8 $subject = "=?UTF-8?B?" . base64_encode($subject) . "?="; // REPLACE CARRIAGE RETURNS WITH BREAKS $message = str_replace("\n", "<br>", $message); // SET HEADERS $sender = "{$setting['setting_email_fromname']} <{$setting['setting_email_fromemail']}>"; $headers = "MIME-Version: 1.0" . "\n"; $headers .= "Content-type: text/html; charset=utf-8" . "\n"; $headers .= "Content-Transfer-Encoding: 8bit" . "\n"; $headers .= "From: {$sender}" . "\n"; $headers .= "Return-Path: {$sender}" . "\n"; $headers .= "Reply-To: {$sender}\n"; // IF BCC, SET TO AND BCC if ($bcc) { $headers .= "Bcc: {$recipient_email}\n"; $recipient_email = "*****@*****.**"; } // SEND MAIL mail($recipient_email, $subject, $message, $headers); return true; }
function send_systememail($systememail, $recipient_email, $replace = array(), $bcc = FALSE) { global $setting, $database, $setting_smtp_email; $setting_email_query = $database->database_query("SELECT * FROM se_settings_email LIMIT 1"); $setting_smtp_email = $database->database_fetch_assoc($setting_email_query); // RETRIEVE EMAIL INFO $email = $database->database_fetch_assoc($database->database_query("SELECT * FROM se_systememails WHERE systememail_name='{$systememail}' LIMIT 1")); SE_Language::_preload_multi($email['systememail_subject'], $email['systememail_body']); SE_Language::load(); // GET/DECODE SUBJECT AND MESSAGE $subject = htmlspecialchars_decode(SE_Language::_get($email['systememail_subject']), ENT_QUOTES); $message = htmlspecialchars_decode(SE_Language::_get($email['systememail_body']), ENT_QUOTES); // REPLACE VARIABLES IN SUBJECT AND MESSAGE $subject = vsprintf($subject, $replace); $message = vsprintf($message, $replace); // ENCODE SUBJECT FOR UTF8 $subject = "=?UTF-8?B?" . base64_encode($subject) . "?="; // REPLACE CARRIAGE RETURNS WITH BREAKS $message = str_replace("\n", "<br>", $message); // SET HEADERS $sender = "{$setting['setting_email_fromname']} <{$setting['setting_email_fromemail']}>"; $headers = "MIME-Version: 1.0" . "\n"; $headers .= "Content-type: text/html; charset=utf-8" . "\n"; $headers .= "Content-Transfer-Encoding: 8bit" . "\n"; $headers .= "From: {$sender}" . "\n"; $headers .= "Return-Path: {$sender}" . "\n"; $headers .= "Reply-To: {$sender}\n"; // IF BCC, SET TO AND BCC if ($bcc) { $headers .= "Bcc: {$recipient_email}\n"; $recipient_email = "*****@*****.**"; } // SEND MAIL if ($setting_smtp_email['email_method'] == "mail") { mail($recipient_email, $subject, $message, $headers); } elseif ($setting_smtp_email['email_method'] == "smtp") { $mailer = new PHPMailer(); $mailer->IsSMTP(); $mailer->Subject = $subject; $mailer->From = $setting['setting_email_fromemail']; $mailer->FromName = $setting['setting_email_fromname']; $mailer->MsgHTML($message); $mailer->AddAddress($recipient_email); $mailer->Host = $setting_smtp_email['smtp_host']; $mailer->Username = $setting_smtp_email['smtp_user']; $mailer->Password = $setting_smtp_email['smtp_pass']; $mailer->Port = $setting_smtp_email['smtp_port']; if ($setting_smtp_email['smtp_port'] == 465) { $mailer->SMTPSecure = "ssl"; } else { $mailer->SMTPSecure = ""; } $mailer->Send(); } return true; }
function search_poll() { global $database, $url, $results_per_page, $p, $search_text, $t, $search_objects, $results, $total_results; // CONSTRUCT QUERY $sql = "\r\n SELECT\r\n se_polls.poll_id,\r\n se_polls.poll_title,\r\n se_users.user_id,\r\n se_users.user_username,\r\n se_users.user_photo,\r\n se_users.user_fname,\r\n se_users.user_lname\r\n FROM\r\n se_polls,\r\n se_users,\r\n se_levels\r\n WHERE\r\n se_polls.poll_user_id=se_users.user_id &&\r\n se_users.user_level_id=se_levels.level_id &&\r\n (\r\n se_polls.poll_search='1' ||\r\n se_levels.level_poll_search='0'\r\n ) &&\r\n (\r\n poll_title LIKE '%{$search_text}%' ||\r\n poll_desc LIKE '%{$search_text}%' ||\r\n poll_options LIKE '%{$search_text}%'\r\n )\r\n "; // GET TOTAL ENTRIES $total_polls = $database->database_num_rows($database->database_query($sql . " LIMIT 201")); // IF NOT TOTAL ONLY if ($t == "poll") { // MAKE POLL PAGES $start = ($p - 1) * $results_per_page; $limit = $results_per_page + 1; // SEARCH POLLS $sql .= " ORDER BY se_polls.poll_id DESC LIMIT {$start}, {$limit}"; $resource = $database->database_query($sql) or die($database->database_error()); while ($poll_info = $database->database_fetch_assoc($resource)) { // CREATE AN OBJECT FOR AUTHOR $profile = new se_user(); $profile->user_info['user_id'] = $poll_info['user_id']; $profile->user_info['user_username'] = $poll_info['user_username']; $profile->user_info['user_fname'] = $poll_info['user_fname']; $profile->user_info['user_lname'] = $poll_info['user_lname']; $profile->user_info['user_photo'] = $poll_info['user_photo']; $profile->user_displayname(); $result_url = $url->url_create('poll', $poll_info['user_username'], $poll_info['poll_id']); $result_name = 2500112; $result_desc = 2500113; // IF EMPTY TITLE if (!trim($poll_info['poll_title'])) { SE_Language::_preload(589); SE_Language::load(); $poll_info['poll_title'] = SE_Language::_get(589); } $results[] = array('result_url' => $result_url, 'result_icon' => './images/icons/poll_poll48.gif', 'result_name' => $result_name, 'result_name_1' => $poll_info['poll_title'], 'result_desc' => $result_desc, 'result_desc_1' => $url->url_create('profile', $profile->user_info['user_username']), 'result_desc_2' => $profile->user_displayname, 'result_desc_3' => $poll_info['poll_desc']); } // SET TOTAL RESULTS $total_results = $total_polls; } // SET ARRAY VALUES SE_Language::_preload_multi(2500111, 2500112, 2500113); if ($total_polls > 200) { $total_polls = "200+"; } $search_objects[] = array('search_type' => 'poll', 'search_lang' => 2500111, 'search_total' => $total_polls); }
<?php if ($this->_tpl_vars['user']->level_info['level_profile_status'] != 0) { ?> <?php $javascript_lang_import_list = SELanguage::_javascript_redundancy_filter(array(773, 1113, 743, 744, 745, 746, 747)); $javascript_lang_import_first = TRUE; if (is_array($javascript_lang_import_list) && !empty($javascript_lang_import_list)) { echo "\n<script type='text/javascript'>\n<!--\n"; echo "SocialEngine.Language.Import({\n"; foreach ($javascript_lang_import_list as $javascript_import_id) { if (!$javascript_lang_import_first) { echo ",\n"; } echo " " . $javascript_import_id . " : '" . addslashes(SE_Language::_get($javascript_import_id)) . "'"; $javascript_lang_import_first = FALSE; } echo "\n});\n//-->\n</script>\n"; } ?> <?php echo ' <script type="text/javascript"> <!-- SocialEngine.Viewer.user_status = \''; echo $this->_tpl_vars['user']->user_info['user_status']; echo '\'; //--> </script> ';
function he_wall_group_photo_upload($group_id, $media_desc, $new_action_id) { global $user, $url, $misc, $setting; $group = new se_group($user->user_info['user_id'], $group_id); // CHECK IF USER IS ALLOWED TO UPLOAD PHOTOS $privacy_max = $group->group_privacy_max($user); if (!($privacy_max & $group->group_info['group_privacy']) || !($privacy_max & $group->group_info['group_upload'])) { $result = array('result' => 0, 'error' => SE_Language::get(690706101)); } $album_id = he_wall::get_group_album($group_id); // GET TOTAL SPACE USED $space_used = $group->group_media_space(); if ($group->groupowner_level_info['level_group_album_storage']) { $space_left = $group->groupowner_level_info['level_group_album_storage'] - $space_used; } else { $space_left = $dfs = disk_free_space("/") ? $dfs : pow(2, 32); } $update_album = 0; $file_result = $group->group_media_upload('wall_photo', $album_id, $space_left); if ($file_result['is_error'] == 0) { $media_path = str_replace('./', '', $group->group_dir($group->group_info['group_id']) . $file_result['groupmedia_id'] . "_thumb.jpg"); $media_link = "group_album_file.php?group_id={$group->group_info['group_id']}&groupmedia_id={$file_result['groupmedia_id']}"; if (file_exists($media_path)) { $thumb_width = (int) $setting['setting_he_wall_photo_thumb_width']; $thumb_height = (int) $setting['setting_he_wall_photo_thumb_height']; $media_width = $misc->photo_size($media_path, $thumb_width, $thumb_height, "w"); $media_height = $misc->photo_size($media_path, $thumb_width, $thumb_height, "h"); $result = array('result' => 1, 'media_path' => $media_path, 'media_width' => $media_width, 'media_height' => $media_height); } // UPDATE ALBUM UPDATED DATE he_wall::update_group_album($album_id); he_wall::update_group_album_media($file_result['groupmedia_id'], $media_desc); he_wall::add_group_album_media($new_action_id, $file_result['groupmedia_id']); // UPDATE LAST UPDATE DATE (SAY THAT 10 TIMES FAST) $group->group_lastupdate(); } else { $error_msg = sprintf(SE_Language::_get($file_result['is_error']), $file_result['file_name']); $result = array('result' => 0, 'error' => $error_msg); } return $result; }
function comment_post($comment_body, $comment_secure, $object_title = "", $object_owner = "", $object_owner_id = 0, $object_privacy = "") { global $database, $user, $owner, $setting, $actions, $notify, $url; $comment_id = 0; $comment_date = time(); // RETRIEVE AND CHECK SECURITY CODE IF NECESSARY if ($setting['setting_comment_code']) { // NOW IN HEADER $code_found = false; if (@$_SESSION['code'] == $comment_secure) { $code_found = true; } if (!empty($_SESSION['codes']) && is_array($_SESSION['codes'])) { foreach ($_SESSION['codes'] as $index => $code_info) { if ($code_info['code'] == $comment_secure) { $code_found = true; unset($_SESSION['codes'][$index]); } } } if (!$code_found) { $this->is_error = 1; } //session_start(); //$code = $_SESSION['code']; //if($code == "") { $code = randomcode(); } //if($comment_secure != $code) { $this->is_error = 1; } } // MAKE SURE COMMENT BODY IS NOT EMPTY - ADD BREAKS AND CENSOR $comment_body = cleanHTML(censor($comment_body), $setting['setting_comment_html'], array("style")); $comment_body = preg_replace('/(\\r\\n?)/', "\n", $comment_body); $comment_body = str_replace("\n", "<br>", $comment_body); $comment_body = preg_replace('/(<br>){3,}/is', '<br><br>', $comment_body); $comment_body = str_replace("'", "\\'", $comment_body); if (!trim($comment_body)) { $this->is_error = 1; $comment_body = ""; } // ADD COMMENT IF NO ERROR if (!$this->is_error) { $resource = $database->database_query("\r\n INSERT INTO `se_{$this->comment_type}comments` (\r\n `{$this->comment_type}comment_{$this->comment_identifier}`,\r\n `{$this->comment_type}comment_authoruser_id`,\r\n `{$this->comment_type}comment_date`,\r\n `{$this->comment_type}comment_body`\r\n ) VALUES (\r\n '{$this->comment_identifying_value}',\r\n '{$user->user_info['user_id']}',\r\n '{$comment_date}',\r\n '{$comment_body}'\r\n )\r\n "); $comment_id = $database->database_insert_id(); // New handling - total cached in parent table if ($resource && $this->comment_parent_type && $this->comment_parent_identifier) { $database->database_query("\r\n UPDATE\r\n `se_{$this->comment_parent_type}`\r\n SET\r\n `{$this->comment_parent_identifier}_totalcomments`=`{$this->comment_parent_identifier}_totalcomments`+1\r\n WHERE\r\n `{$this->comment_identifier}`='{$this->comment_identifying_value}'\r\n LIMIT\r\n 1\r\n "); } // INSERT ACTION IF USER EXISTS if ($user->user_exists) { $commenter = $user->user_displayname; $comment_body_encoded = strip_tags($comment_body); if (strlen($comment_body_encoded) > 250) { $comment_body_encoded = substr($comment_body_encoded, 0, 247) . "..."; } $comment_body_encoded = str_replace(array("<br>", "<br />"), " ", $comment_body_encoded); $actions->actions_add($user, $this->comment_type . "comment", array($user->user_info['user_username'], $user->user_displayname, $owner->user_info['user_username'], $owner->user_displayname, $comment_body_encoded, $this->comment_identifying_value, $object_title, $object_owner_id), array(), 0, false, $object_owner, $object_owner_id, $object_privacy); } else { SE_Language::_preload(835); SE_Language::load(); $commenter = SE_Language::_get(835); } // SEND PROFILE COMMENT NOTIFICATION IF COMMENTER IS NOT OWNER if ($owner->user_info['user_id'] != $user->user_info['user_id']) { $notifytype = $notify->notify_add($owner->user_info['user_id'], $this->comment_type . "comment", $this->comment_identifying_value, array($owner->user_info['user_username'], $this->comment_identifying_value, $object_owner_id), array($object_title)); $object_url = $url->url_base . vsprintf($notifytype['notifytype_url'], array($owner->user_info['user_username'], $this->comment_identifying_value)); $owner->user_settings(); if ($owner->usersetting_info['usersetting_notify_' . $this->comment_type . 'comment']) { send_systememail($this->comment_type . "comment", $owner->user_info['user_email'], array($owner->user_displayname, $commenter, "<a href=\"{$object_url}\">{$object_url}</a>")); } } } return array('comment_id' => $comment_id, 'comment_body' => $comment_body, 'comment_date' => $comment_date); }
function search_music() { global $database, $url, $results_per_page, $p, $search_text, $t, $search_objects, $results, $total_results, $user; // CONSTRUCT QUERY $sql = "\r\n SELECT\r\n se_music.*,\r\n se_users.user_id,\r\n se_users.user_username,\r\n se_users.user_photo,\r\n se_users.user_fname,\r\n se_users.user_lname\r\n FROM\r\n se_music\r\n LEFT JOIN\r\n se_users\r\n ON se_users.user_id=se_music.music_user_id\r\n WHERE\r\n se_music.music_title LIKE '%{$search_text}%'\r\n "; // GET TOTAL RESULTS $total_music = $database->database_num_rows($database->database_query($sql . " LIMIT 201")); // IF NOT TOTAL ONLY if ($t == "music") { // MAKE MUSIC PAGES $start = ($p - 1) * $results_per_page; $limit = $results_per_page + 1; // Lang for download song SE_Language::_preload(4000095); SE_Language::load(); // SEARCH MUSIC $sql .= " ORDER BY se_music.music_id DESC LIMIT {$start}, {$limit}"; $resource = $database->database_query($sql) or die($database->database_error()); while ($music_info = $database->database_fetch_assoc($resource)) { // CREATE AN OBJECT FOR USER $profile = new se_user(); $profile->user_info['user_id'] = $music_info['user_id']; $profile->user_info['user_username'] = $music_info['user_username']; $profile->user_info['user_fname'] = $music_info['user_fname']; $profile->user_info['user_lname'] = $music_info['user_lname']; $profile->user_info['user_photo'] = $music_info['user_photo']; $profile->user_displayname(); $result_url = $url->url_create('profile', $music_info['user_username']); $result_name = 4000105; $result_desc = 4000106; $userdir = $url->url_userdir($music_info['user_id']); $music_path = "{$userdir}{$music_info['music_id']}.{$music_info['music_ext']}"; // IF NO TITLE if (!trim($music_info['music_title'])) { SE_Language::_preload(589); SE_Language::load(); $music_info['music_title'] = SE_Language::_get(589); } $dl_lv = SE_Language::_get(4000095); $desc3 = <<<EOF <br /> <table><tr><td> <object width="17" height="17" data="images/music_button.swf?song_url={$music_path}" type="application/x-shockwave-flash"> <param value="images/music_button.swf?song_url={$music_path}" name="movie" /> <img width="17" height="17" alt="" src="noflash.gif" /> </object> </td> EOF; if ($user->user_exists && $user->level_info['level_music_allow_downloads']) { $desc3 .= <<<EOF <td style="padding-left:10px;vertical-align:middle;"> <a type="application/force-download" href="{$music_path}">{$dl_lv}</a> </td> EOF; } $desc3 .= "</tr></table>"; $results[] = array('result_url' => $result_url, 'result_icon' => './images/icons/music_music48.gif', 'result_name' => $result_name, 'result_name_1' => $music_info['music_title'], 'result_desc' => $result_desc, 'result_desc_1' => $url->url_create('profile', $profile->user_info['user_username']), 'result_desc_2' => $profile->user_displayname, 'result_desc_3' => $desc3); } // SET TOTAL RESULTS $total_results = $total_music; } // SET ARRAY VALUES SE_Language::_preload_multi(4000104, 4000105, 4000106); if ($total_music > 200) { $total_music = "200+"; } $search_objects[] = array('search_type' => 'music', 'search_lang' => 4000104, 'search_total' => $total_music); }
function search_album() { global $database, $url, $results_per_page, $p, $search_text, $t, $search_objects, $results, $total_results; // CONSTRUCT QUERY $album_query = "\r\n\t(\r\n\tSELECT\r\n '1' AS sub_type,\r\n\t se_media.media_album_id AS album_id,\r\n\t se_media.media_title AS title,\r\n\t se_media.media_desc AS description,\r\n\t se_media.media_id AS media_id,\r\n\t se_media.media_ext AS media_ext,\r\n\t se_users.user_id,\r\n\t se_users.user_username,\r\n\t se_users.user_photo,\r\n\t se_users.user_fname,\r\n\t se_users.user_lname\r\n\tFROM\r\n\t se_media,\r\n\t se_albums,\r\n\t se_users,\r\n\t se_levels\r\n\tWHERE\r\n\t se_media.media_album_id=se_albums.album_id AND\r\n\t se_albums.album_user_id=se_users.user_id AND\r\n\t se_users.user_level_id=se_levels.level_id AND\r\n\t (\r\n\t se_albums.album_search='1' OR\r\n\t se_levels.level_album_search='0'\r\n\t )\r\n\t AND\r\n\t (\r\n\t se_media.media_title LIKE '%{$search_text}%' OR\r\n\t se_media.media_desc LIKE '%{$search_text}%'\r\n\t )\r\n\tORDER BY media_id DESC\r\n\t)\r\n\tUNION ALL\r\n\t(\r\n\tSELECT\r\n\t '2' AS sub_type,\r\n\t se_albums.album_id AS album_id,\r\n\t se_albums.album_title AS title,\r\n\t se_albums.album_desc AS description,\r\n\t se_albums.album_cover AS media_id,\r\n\t se_media.media_ext AS media_ext,\r\n\t se_users.user_id,\r\n\t se_users.user_username,\r\n\t se_users.user_photo,\r\n\t se_users.user_fname,\r\n\t se_users.user_lname\r\n\tFROM\r\n\t se_albums,\r\n\t se_users,\r\n\t se_levels,\r\n\t se_media\r\n\tWHERE\r\n\t se_albums.album_user_id=se_users.user_id AND\r\n\t se_users.user_level_id=se_levels.level_id AND\r\n\t se_albums.album_cover=se_media.media_id AND \r\n\t (\r\n\t se_albums.album_search='1' OR\r\n\t se_levels.level_album_search='0'\r\n\t )\r\n\t AND\r\n\t (\r\n\t se_albums.album_title LIKE '%{$search_text}%' OR\r\n\t se_albums.album_desc LIKE '%{$search_text}%'\r\n\t )\r\n\tORDER BY album_id DESC\r\n\t)"; // GET TOTAL RESULTS $total_albums = $database->database_num_rows($database->database_query($album_query . " LIMIT 201")); // IF NOT TOTAL ONLY if ($t == "album") { // MAKE ALBUM PAGES $start = ($p - 1) * $results_per_page; $limit = $results_per_page + 1; // SEARCH ALBUMS $albums = $database->database_query($album_query . " ORDER BY album_id DESC LIMIT {$start}, {$limit}"); while ($album_info = $database->database_fetch_assoc($albums)) { // CREATE AN OBJECT FOR USER $profile = new se_user(); $profile->user_info['user_id'] = $album_info['user_id']; $profile->user_info['user_username'] = $album_info['user_username']; $profile->user_info['user_fname'] = $album_info['user_fname']; $profile->user_info['user_lname'] = $album_info['user_lname']; $profile->user_info['user_photo'] = $album_info['user_photo']; $profile->user_displayname(); // RESULT IS A MEDIA if ($album_info[sub_type] == 1) { $result_url = $url->url_create('album_file', $album_info['user_username'], $album_info['album_id'], $album_info['media_id']); $result_name = 1000119; $result_desc = 1000121; // RESULT IS AN ALBUM } else { $result_url = $url->url_create('album', $album_info['user_username'], $album_info['album_id']); $result_name = 1000120; $result_desc = 1000122; } // SET THUMBNAIL, IF AVAILABLE switch ($album_info['media_ext']) { case "jpeg": case "jpg": case "gif": case "png": case "bmp": $thumb_path = $url->url_userdir($album_info['user_id']) . $album_info['media_id'] . "_thumb.jpg"; break; case "mp3": case "mp4": case "wav": $thumb_path = "./images/icons/audio_big.gif"; break; case "mpeg": case "mpg": case "mpa": case "avi": case "swf": case "mov": case "ram": case "rm": $thumb_path = "./images/icons/video_big.gif"; break; default: $thumb_path = "./images/icons/file_big.gif"; } if (!file_exists($thumb_path)) { $thumb_path = "./images/icons/file_big.gif"; } // IF NO TITLE if ($album_info['title'] == "") { SE_Language::_preload(589); SE_Language::load(); $album_info['title'] = SE_Language::_get(589); } // IF DESCRIPTION IS LONG if (strlen($album_info['description']) > 150) { $album_info['description'] = substr($album_info['description'], 0, 147) . "..."; } $results[] = array('result_url' => $result_url, 'result_icon' => $thumb_path, 'result_name' => $result_name, 'result_name_1' => $album_info['title'], 'result_desc' => $result_desc, 'result_desc_1' => $url->url_create('profile', $album_info['user_username']), 'result_desc_2' => $profile->user_displayname, 'result_desc_3' => $album_info['description']); } // SET TOTAL RESULTS $total_results = $total_albums; } // SET ARRAY VALUES SE_Language::_preload_multi(1000118, 1000119, 1000120, 1000121, 1000122); if ($total_albums > 200) { $total_albums = "200+"; } $search_objects[] = array('search_type' => 'album', 'search_lang' => 1000118, 'search_total' => $total_albums); }
switch ($secondary[field_type]) { case "1": case "2": $subnet_field2_value = $subnet_info[subnet_field2_value]; $subnet_field2_value_date = 0; break; case "3": case "4": $subnet_field2_value_date = 0; // LOOP OVER FIELD OPTIONS $options = $secondary[field_options]; for ($i = 0, $max = count($options); $i < $max; $i++) { if ($subnet_info[subnet_field2_value] == $options[$i][value]) { SE_Language::_preload_multi($options[$i][label]); SE_Language::load(); $subnet_field2_value = SE_Language::_get($options[$i][label]); break; } } break; case "5": $subnet_field2_value_date = $subnet_info[subnet_field2_value]; $subnet_field2_value = $datetime->cdate($setting[setting_dateformat], $subnet_info[subnet_field2_value]); break; } } // SET SUBNET ARRAY AND INCREMENT SUBNET COUNT SE_Language::_preload($subnet_info[subnet_name]); $subnet_array[] = array('subnet_id' => $subnet_info[subnet_id], 'subnet_name' => $subnet_info[subnet_name], 'subnet_field1_qual' => $subnet_info[subnet_field1_qual], 'subnet_field1_value_formatted' => $subnet_field1_value, 'subnet_field1_value' => $subnet_info[subnet_field1_value], 'subnet_field1_month' => $datetime->cdate("n", $subnet_field1_value_date), 'subnet_field1_day' => $datetime->cdate("j", $subnet_field1_value_date), 'subnet_field1_year' => $datetime->cdate("Y", $subnet_field1_value_date), 'subnet_field2_qual' => $subnet_field2_qual, 'subnet_field2_value_formatted' => $subnet_field2_value, 'subnet_field2_value' => $subnet_info[subnet_field2_value], 'subnet_field2_month' => $datetime->cdate("n", $subnet_field2_value_date), 'subnet_field2_day' => $datetime->cdate("j", $subnet_field2_value_date), 'subnet_field2_year' => $datetime->cdate("Y", $subnet_field2_value_date), 'subnet_users' => $subnet_info[users]); } // SET NUMBER OF USERS IN DEFAULT SUBNETWORK
$group_title = $group->group_info['group_title']; if (strlen($group_title) > 100) { $group_title = substr($group_title, 0, 97) . "..."; } $actions->actions_add($user, "newgroupmedia", array($user->user_info['user_username'], $user->user_displayname, $group->group_info['group_id'], $group_title), $action_media, 60, FALSE, "group", $group->group_info['group_id'], $group->group_info['group_privacy']); } // OUTPUT JSON RESULT if ($isAjax) { SE_Language::load(); if ($update_album) { $result = "success"; $size = sprintf(SE_Language::_get($file_result['file1']['message']), $file_result['file1']['file_name']); $error = null; } else { $result = "failure"; $error = sprintf(SE_Language::_get($file_result['file1']['message']), $file_result['file1']['file_name']); $size = null; } $json = '{"result":"' . $result . '","error":"' . $error . '","size":"' . $size . '"}'; if (!headers_sent()) { header('Content-type: application/json'); } echo $json; exit; } else { $show_uploader = 0; } } // END TASK // GET MAX FILESIZE ALLOWED $max_filesize_kb = $group->groupowner_level_info['level_group_album_maxsize'] / 1024;
} // CHECK IF USER IS ALLOWED TO COMMENT $functionname = $object_owner . "_privacy_max"; $privacy_max = $object_owner_class->{$functionname}($user); if (!($privacy_max & $permission['object_comments'])) { exit; } // SET OBJECT TITLE $object_title = $object_info[$col . "_title"]; if ($tab == "eventmedia" || $tab == "groupmedia") { $object_title = $object_owner_class->{$object_owner . "_info"}[$object_owner . "_title"]; } if (!$object_title) { SE_Language::_preload(589); SE_Language::load(); $object_title = SE_Language::_get(589); } // START COMMENT OBJECT $comment = new se_comment($type, $iden, $value, $tab, $col); // POST COMMENT $comment_info = $comment->comment_post($_POST['comment_body'], $_POST['comment_secure'], $object_title, $object_owner, $object_owner_id, $permission['object_privacy']); $is_error = $comment->is_error; $comment_body = isset($comment_info['comment_body']) ? $comment_info['comment_body'] : NULL; $comment_date = isset($comment_info['comment_date']) ? $comment_info['comment_date'] : NULL; // RUN JAVASCRIPT FUNCTION (JSON) echo json_encode(array('is_error' => $is_error, 'comment_body' => $comment_body, 'comment_date' => $comment_date)); exit; } elseif ($task == "comment_edit") { // MUST BE LOGGED IN TO USE THIS TASK if (!$user->user_exists) { exit;
$linked_field_value = "{$year} {$month} {$day}"; break; case "dmy": $linked_field_value = "{$day} {$month} {$year}"; break; } } break; case 6: $browse_query .= " AND FIND_IN_SET('{$field_value}', profilevalue_{$field_info['field_id']})"; $options = unserialize($field_info['field_options']); for ($i = 0, $max = count($options); $i < $max; $i++) { if ($field_value == $options[$i]['value']) { SE_Language::_preload($options[$i]['label']); SE_Language::load(); $linked_field_value = SE_Language::_get($options[$i]['label']); } } break; } // GET TOTAL USERS $total_users = $database->database_num_rows($database->database_query($browse_query)); // MAKE BROWSE PAGES $page_vars = make_page($total_users, $users_per_page, $p); // ADD LIMIT TO QUERY $browse_query .= " ORDER BY {$sort} LIMIT {$page_vars['0']}, {$users_per_page}"; // GET USERS $online_users_array = online_users(); $users = $database->database_query($browse_query); while ($user_info = $database->database_fetch_assoc($users)) { $browse_user = new se_user();
} else { $database->database_query("UPDATE se_grouptopics SET grouptopic_totalposts=grouptopic_totalposts+1 WHERE grouptopic_id='{$grouptopic_id}' LIMIT 1"); $database->database_query("INSERT INTO se_groupposts (grouppost_grouptopic_id, grouppost_authoruser_id, grouppost_date, grouppost_body) VALUES ('{$grouptopic_id}', '{$user->user_info['user_id']}', '" . time() . "', '{$grouppost_body}')"); $post_id = $database->database_insert_id(); // INSERT ACTION IF USER EXISTS if ($user->user_exists) { $poster = $user->user_displayname; $grouppost_body_encoded = strip_tags($grouppost_body, '<br>'); if (strlen($grouppost_body_encoded) > 250) { $grouppost_body_encoded = substr($grouppost_body_encoded, 0, 247) . "..."; } $actions->actions_add($user, "grouppost", array($user->user_info['user_username'], $user->user_displayname, $group->group_info['group_id'], $grouptopic_info['grouptopic_id'], $grouptopic_info['grouptopic_subject'], $post_id, $grouppost_body_encoded), array(), 0, false, 'group', $group->group_info['group_id'], $group->group_info['group_privacy']); } else { SE_Language::_preload(835); SE_Language::load(); $poster = SE_Language::_get(835); } // SEND GROUP POST NOTIFICATION IF COMMENTER IS NOT OWNER if ($group->group_info['group_user_id'] != $user->user_info['user_id']) { $groupowner = new se_user(array($group->group_info['group_user_id'])); $notifytype = $notify->notify_add($group->group_info['group_user_id'], 'grouppost', $group->group_info['group_id'], array($group->group_info['group_id']), array($group->group_info['group_title'])); $object_url = $url->url_base . vsprintf($notifytype[notifytype_url], array($group->group_info[group_id])); $groupowner->user_settings(); if ($groupowner->usersetting_info['usersetting_notify_grouppost']) { send_systememail("grouppost", $groupowner->user_info['user_email'], array($groupowner->user_displayname, $poster, "<a href=\"{$object_url}\">{$object_url}</a>")); } } $group->group_lastupdate(); echo "window.parent.location.href = '" . $url->url_create('group_discussion_post', NULL, $group->group_info['group_id'], $grouptopic_id, $post_id) . "';"; } echo "</script></head><body></body></html>";
'education_degree' => '', 'education_concentration1' => '', 'education_concentration2' => '', 'education_concentration3' => '' ); $yearoptions = array(); foreach (range(date('Y') + 4, date('Y') - 100) as $number) { $yearoptions[$number] = $number; } $foroptions = array(); foreach (explode('|',SE_Language::_get(11040103)) as $v) { $foroptions[$v] = $v; } //print_r($foroptions); //print_r($yearoptions); $smarty->assign('yearoptions',$yearoptions); $smarty->assign('foroptions',$foroptions); // ASSIGN VARIABLES AND INCLUDE FOOTER $smarty->assign('educations', $educations); $smarty->assign('rc_education', $rc_education); $smarty->assign('is_error', $rc_validator->has_errors()); $smarty->assign('error_message', join(" ",$rc_validator->get_errors())); $smarty->assign('result', $result);
for ($n = 0; $n < count($field->fields_all[$i]['field_options']); $n++) { if ($field->fields_all[$i]['field_options'][$n]['value'] == $field->fields_all[$i]['field_value']) { $field_value = $field->fields_all[$i]['field_value_formatted']; } } } if ($field->fields_all[$i]['field_type'] == 5) { SE_Language::_preload(852); SE_Language::load(); $years_old = "<br/>(" . sprintf(SE_Language::_get(852), $datetime->age($field->fields_all[$i]['field_value'])) . ")"; if (substr($field->fields_all[$i]['field_value'], 0, 4) == "0000") { $years_old = ""; } $field_value = $field->fields_all[$i]['field_value_formatted'] . $years_old; } if ($field->fields_all[$i]['field_type'] == 6) { for ($n = 0; $n < count($field->fields_all[$i]['field_options']); $n++) { if (in_array($field->fields_all[$i]['field_options'][$n]['value'], $field->fields_all[$i]['field_value'])) { $field_value = $field->fields_all[$i]['field_value_formatted']; } } } SE_Language::_preload($field->fields_all[$i]['field_title']); SE_Language::load(); $row_qinformer .= "\r\n \t\t <tr>\r\n \t\t <td\twidth=40%>" . SE_Language::_get($field->fields_all[$i]['field_title']) . "</td>\r\n \t\t <td width=60%>" . $field_value . "</td>\r\n \t\t </tr>\r\n\t\t"; } } } } } echo "\r\n<table width=100% border=0 cellspacing=3 cellpadding=0 class=q_inform align=center>\r\n" . $row_qinformer . "\r\n</table>\r\n";
} // SET PERIOD switch ($period) { case "week": $interval = "86400"; $stat_date_format = "D"; $date_compare = "j"; $num_points = 8; if (date('w', time()) == 0) { $day_num = 7; } else { $day_num = date('w', time()); } $old_stat_date = mktime(0, 0, 0, date('n', time()), date('j', time()) - $day_num + 1 - 7 * ($start - 1), date('Y', time())); $last_stat_date = mktime(0, 0, 0, date('n', time()), date('j', time()) - $day_num + 1 - 7 * ($start - 1) + 7, date('Y', time())); $chart['chart_data'][1][0] .= " (" . SE_Language::_get(512) . " " . $datetime->cdate("M jS", $old_stat_date) . ")"; break; case "month": $interval = "86400"; $stat_date_format = "j"; $date_compare = "j"; $num_points = date("t", time()) + 1; $old_stat_date = mktime(0, 0, 0, date('n', time()) - ($start - 1), 1, date('Y', time())); $last_stat_date = mktime(0, 0, 0, date('n', time()) - ($start - 1) + 1, 1, date('Y', time())); $chart['chart_data'][1][0] .= " (" . $datetime->cdate("F", $old_stat_date) . ")"; break; case "year": $interval = "2678400"; $stat_date_format = "M."; $date_compare = "n"; $num_points = 13;
exit; } // SET ERROR VARIABLES AND EMPTY VARS $is_error = 0; $submitted = 0; // TRY TO SEND MESSAGE if ($task == "send") { $to = $_POST['to']; $subject = $_POST['subject']; $message = $_POST['message']; $user->user_message_send($to, $subject, $message); $is_error = $user->is_error; if ($is_error != 0) { SE_Language::_preload($is_error); SE_Language::load(); $error_message = SE_Language::_get($is_error); } // SEND AJAX CONFIRMATION echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=UTF-8'><script type='text/javascript'>"; echo "window.parent.messageSent('{$is_error}', '" . str_replace("'", "\\'", $error_message) . "');"; echo "</script></head><body></body></html>"; exit; } // GET LIST OF FRIENDS FOR SUGGEST BOX $total_friends = $user->user_friend_total(0); $friends = $user->user_friend_list(0, $total_friends, 0); // ASSIGN SMARTY VARS AND INCLUDE FOOTER $smarty->assign('is_error', $is_error); $smarty->assign('submitted', $submitted); $smarty->assign_by_ref('friends', $friends); $smarty->assign('to_user', $to_user);
$signup_user->user_info['user_id'] = $signup['user_id']; $signup_user->user_info['user_username'] = $signup['user_username']; $signup_user->user_info['user_photo'] = $signup['user_photo']; $signup_user->user_info['user_fname'] = $signup['user_fname']; $signup_user->user_info['user_lname'] = $signup['user_lname']; $signup_user->user_displayname(); $signup_array[] = $signup_user; } // GET RECENT STATUS UPDATES $statuses = $database->database_query("SELECT user_id, user_username, user_fname, user_lname, user_status FROM se_users WHERE user_subnet_id='{$n}' AND user_id<>'{$user->user_info['user_id']}' AND user_status<>'' ORDER BY user_status_date DESC LIMIT 10"); while ($status = $database->database_fetch_assoc($statuses)) { $status_user = new se_user(); $status_user->user_info['user_id'] = $status['user_id']; $status_user->user_info['user_username'] = $status['user_username']; $status_user->user_info['user_fname'] = $status['user_fname']; $status_user->user_info['user_lname'] = $status['user_lname']; $status_user->user_displayname(); $statuses_array[] = array('status_user_id' => $status['user_id'], 'status_user_username' => $status['user_username'], 'status_user_displayname' => $status_user->user_displayname, 'status_user_status' => $status['user_status']); } // SET GLOBAL PAGE TITLE $global_page_title[0] = 1155; SE_Language::_preload($network_info['subnet_name']); SE_Language::load(); $global_page_title[1] = SE_Language::_get($network_info['subnet_name']); $global_page_description = $global_page_title; // ASSIGN SMARTY VARIABLES AND INCLUDE FOOTER $smarty->assign('network', $network_info); $smarty->assign('signups', $signup_array); $smarty->assign('statuses', $statuses_array); $smarty->assign('actions', $actions->actions_display(2, $setting['setting_actions_actionsperuser'], "se_users.user_subnet_id='{$network_info['subnet_id']}'")); include "footer.php";
// OUTPUT ob_end_clean(); if (!$is_error && $music->music_delete($music_id)) { echo '{"result":"success"}'; } else { echo '{"result":"failure"}'; } exit; } elseif ($task == "editsongtitle") { if (empty($user) || !$user->user_exists || !$user->level_info['level_music_allow']) { $is_error = 1; } if (!trim($music_title)) { SE_Language::_preload(4000086); SE_Language::load(); $music_title = SE_Language::_get(4000086); } $music = new se_music($user->user_info['user_id']); // OUTPUT ob_end_clean(); if (!$is_error && $music->music_track_update($music_id, $music_title)) { echo '{"result":"success"}'; } else { echo '{"result":"failure"}'; } exit; } elseif ($task == "moveupsong") { if (empty($user) || !$user->user_exists || !$user->level_info['level_music_allow']) { $is_error = 1; } $music = new se_music($user->user_info['user_id']);
if( $_POST['contacts_choosed'] && $quiz ) { $subject = htmlspecialchars_decode(SE_Language::_get(690691168), ENT_QUOTES); $message = nl2br(htmlspecialchars_decode(SE_Language::_get(690691169), ENT_QUOTES)); $mass_mailing = new he_mass_mailing(); $campaign_id = $mass_mailing->create_campaign($subject, $message, -1, 1); if( $campaign_id ) { $users = explode(',', $_POST['contacts']); $replace = array($user->user_info['user_displayname'], $quiz['name'], $url->url_base.'browse_quiz_results.php?quiz_id='.$quiz['id']); foreach( $users as $user_id ) { if( intval($user_id) ) $mass_mailing->add_message_into_queue_for_user($campaign_id, $user_id, $replace); } $emails = explode(',', $_POST['emails']); foreach( $emails as $email ) { $email = trim($email); if( $email && is_email_address($email) ) $mass_mailing->add_message_into_queue_for_email($campaign_id, $email, '', $replace); } $result = array( 'message' => SE_Language::_get(690691164), 'status' => true ); } else { $result = array( 'message' => SE_Language::_get(690691165), 'status' => false ); } he_print_json($result); } ?>
<?php /* $Id: admin_lostpass.php 8 2009-01-11 06:02:53Z nico-izo $ */ $page = "admin_lostpass"; include "admin_header.php"; $task = isset($_POST['task']) ? $_POST['task'] : "main"; // SET ERROR VARS $is_error = 0; $submitted = 0; if ($task == "send_email") { $admin_email = $_POST['admin_email']; $admin_query = $database->database_query("SELECT admin_id FROM se_admins WHERE admin_email='{$admin_email}' LIMIT 1"); $submitted = 1; if ($database->database_num_rows($admin_query) != 1) { $is_error = 1; } else { $lostpassword_code = randomcode(15); $lostpassword_time = time(); $admin_lost = $database->database_fetch_assoc($admin_query); $database->database_query("UPDATE se_admins SET admin_lostpassword_code='{$lostpassword_code}', admin_lostpassword_time='{$lostpassword_time}' WHERE admin_id='{$admin_lost['admin_id']}' LIMIT 1"); $prefix = $url->url_base; $link = "<a href=\"{$prefix}" . "admin/admin_lostpass_reset.php?admin_id={$admin_lost['admin_id']}&r={$lostpassword_code}\">{$prefix}" . "admin/admin_lostpass_reset.php?admin_id={$admin_lost['admin_id']}&r={$lostpassword_code}</a>"; SE_Language::_preload_multi(40, 41); SE_Language::load(); send_generic($admin_email, $admin_email, SE_Language::_get(40), SE_Language::_get(41), array("[link]"), array($link)); } } // ASSIGN VARIABLES AND INCLUDE FOOTER $smarty->assign('is_error', $is_error); $smarty->assign('submitted', $submitted); include "admin_footer.php";
function blog_trackback_receive() { global $database, $user, $setting; $is_error = FALSE; // Create trackback class instance $trackback = new Trackback(NULL, NULL, "UTF-8"); // Prepare data $trackback_eid = $trackback->e_id; $trackback_url = trim($trackback->url); $trackback_title = trim($trackback->title); $trackback_excerpt = trim($trackback->excerpt); $trackback_bname = trim($trackback->bname); $trackback_ip = $_SERVER['REMOTE_ADDR']; $trackback_time = time(); $trackback_excerpthash = md5($trackback_excerpt); // Clean body $trackback_excerpt = str_replace("\r\n", "<br />", cleanHTML(censor(htmlspecialchars_decode($trackback_excerpt)), $setting['setting_comment_html'])); // Trackbacks not allowed if (!$user->level_info['level_blog_trackbacks_allow']) { $is_error = 1500013; } // No ID specified if (!$trackback_eid) { $is_error = 1500008; } // Trackback URL is empty if (!$trackback_url) { $is_error = 1500009; } // Get entry info. TODO: switch to SELECT NULL? if (!$is_error) { $sql = "\r\n SELECT\r\n NULL\r\n FROM\r\n se_blogentries\r\n WHERE\r\n se_blogentries.blogentry_id='{$trackback_eid}'\r\n LIMIT\r\n 1\r\n "; $resource = $database->database_query($sql); // Entry not found if (!$database->database_num_rows($resource)) { $is_error = 1500010; } } // See if trackback has already been received if (!$is_error) { $sql = "\r\n SELECT\r\n NULL\r\n FROM\r\n se_blogtrackbacks\r\n WHERE\r\n blogtrackback_blogentry_id='{$trackback_eid}' &&\r\n blogtrackback_name='{$trackback_bname}' &&\r\n blogtrackback_excerpthash='{$trackback_excerpthash}'\r\n LIMIT\r\n 1\r\n "; $resource = $database->database_query($sql); // Already tracked if ($database->database_num_rows($resource)) { $is_error = 1500011; } } // Only 1/15 seconds if (!$is_error) { $trackback_timeout = 15; $sql = "\r\n SELECT\r\n NULL\r\n FROM\r\n se_blogtrackbacks\r\n WHERE\r\n blogtrackback_ip='{$trackback_ip}' &&\r\n blogtrackback_date>" . ($trackback_time - $trackback_timeout) . "\r\n LIMIT\r\n 1\r\n "; $resource = $database->database_query($sql); if ($database->database_num_rows($resource)) { $is_error = 1500012; } } // TODO: antispam // INSERT if (!$is_error) { $sql = "\r\n INSERT INTO se_blogtrackbacks\r\n (\r\n blogtrackback_blogentry_id,\r\n blogtrackback_name,\r\n blogtrackback_title,\r\n blogtrackback_excerpt,\r\n blogtrackback_excerpthash,\r\n blogtrackback_url,\r\n blogtrackback_ip,\r\n blogtrackback_date\r\n ) VALUES (\r\n '{$trackback_eid}',\r\n '{$trackback_bname}',\r\n '{$trackback_title}',\r\n '{$trackback_excerpt}',\r\n '{$trackback_excerpthash}',\r\n '{$trackback_url}',\r\n '{$trackback_ip}',\r\n '{$trackback_time}'\r\n )\r\n "; $resource = $database->database_query($sql); if (!$database->database_affected_rows($resource)) { $is_error = 1500013; } // UPDATE TRACKBACK COUNT $sql = "UPDATE se_blogentries SET blogentry_totaltrackbacks=blogentry_totaltrackbacks+1 WHERE blogentry_id='{$trackback_eid}' LIMIT 1"; $database->database_query($sql); } // LOG if (empty($blogentry_url) && !empty($_SERVER['HTTP_REFERER'])) { $blogentry_url = $_SERVER['HTTP_REFERER']; } if (empty($blogentry_url) && !empty($_SERVER['REMOTE_ADDR'])) { $blogentry_url = $_SERVER['REMOTE_ADDR']; } $sql = "\r\n INSERT INTO se_blogpings\r\n (\r\n blogping_blogentry_id,\r\n blogping_target_url,\r\n blogping_source_url,\r\n blogping_status,\r\n blogping_type,\r\n blogping_ip\r\n ) VALUES (\r\n '{$trackback_eid}',\r\n '" . $database->database_real_escape_string($_SERVER['REQUEST_URI']) . "',\r\n '" . $database->database_real_escape_string($blogentry_url) . "',\r\n '1',\r\n '2',\r\n '{$_SERVER['REMOTE_ADDR']}'\r\n )\r\n "; $resource = $database->database_query($sql); // GET ERROR MESSAGE SE_Language::_preload($is_error ? $is_error : 1500014); SE_Language::load(); $message = SE_Language::_get($is_error ? $is_error : 1500014); return $trackback->recieve(!$is_error, $message); }
} $contact_secure = $_POST['contact_secure']; if ($contact_secure != $code) { $is_error = 708; } } // SEND MESSAGE TO SUPERADMIN if (!$is_error) { $recepient_info = $database->database_fetch_assoc($database->database_query("SELECT admin_email, admin_name FROM se_admins ORDER BY admin_id LIMIT 1")); // GET SUBJECT AND MESSAGE SE_Language::_preload_multi(1153, 1154); SE_Language::load(); // COMPOSE SUBJECT $subject = vsprintf(SE_Language::_get(1153), array($contact_subject)); // COMPOSE MESSAGE $message = vsprintf(SE_Language::_get(1154), array($recepient_info['admin_name'], $contact_email, $contact_name, $contact_subject, $contact_message)); // SEND MAIL send_generic($recepient_info['admin_email'], $contact_email, $subject, $message, array(), array()); // SET RESULT $result = 1040; $contact_name = ""; $contact_email = $user->user_info['user_email']; $contact_subject = ""; $contact_message = ""; } } // SET GLOBAL PAGE TITLE/DESCRIPTION $global_page_title[0] = 754; $global_page_description[0] = 1035; // ASSIGN SMARTY VARIABLES AND INCLUDE FOOTER $smarty->assign('result', $result);
function get_errors() { // v3 compat .. uh .. if (class_exists('SE_Language')) { foreach ($this->errors as $k=>$v) { if (is_numeric($v)) { SE_Language::_preload($v); $has_lang_id = true; } } $errors = array(); if ($has_lang_id) { SE_Language::load(); } foreach ($this->errors as $k=>$v) { if (is_numeric($v)) { $v = SE_Language::_get($v); } $errors[$k] = $v; } } else { $errors = $this->errors; } return $errors; }
function field_get($field_id) { global $database; $field_info = $database->database_fetch_assoc($database->database_query("SELECT " . $this->type . "field_id AS field_id, " . $this->type . "field_" . $this->type . "cat_id AS field_cat_id, " . $this->type . "field_order AS field_order, " . $this->type . "field_dependency AS field_dependency, " . $this->type . "field_title AS field_title, " . $this->type . "field_desc AS field_desc, " . $this->type . "field_error AS field_error, " . $this->type . "field_type AS field_type, " . $this->type . "field_style AS field_style, " . $this->type . "field_maxlength AS field_maxlength, " . $this->type . "field_link AS field_link, " . $this->type . "field_options AS field_options, " . $this->type . "field_required AS field_required, " . $this->type . "field_regex AS field_regex, " . $this->type . "field_special AS field_special, " . $this->type . "field_search AS field_search, " . $this->type . "field_display AS field_display, " . $this->type . "field_html AS field_html FROM se_" . $this->type . "fields WHERE " . $this->type . "field_id='{$field_id}'")); // PULL OPTIONS INTO NEW ARRAY $new_field_options = ""; $field_options = unserialize($field_info[field_options]); for ($i = 0; $i < count($field_options); $i++) { SE_Language::_preload_multi($field_options[$i][label]); SE_Language::load(); $field_options[$i][label] = SE_Language::_get($field_options[$i][label]); if ($field_options[$i][dependency] == 1) { $dep_field = $database->database_query("SELECT " . $this->type . "field_id AS field_id, " . $this->type . "field_title AS field_title FROM se_" . $this->type . "fields WHERE " . $this->type . "field_id='" . $field_options[$i][dependent_id] . "'"); if ($database->database_num_rows($dep_field) != "1") { $field_options[$i][dependency] = 0; } else { $field_options[$i][dependency] = 1; $dep_field_info = $database->database_fetch_assoc($dep_field); SE_Language::_preload_multi($dep_field_info[field_title]); SE_Language::load(); $dep_field_info[field_title] = SE_Language::_get($dep_field_info[field_title]); $field_options[$i][dependent_label] = $dep_field_info[field_title]; } } } // LOAD FIELD TITLE SE_Language::_preload_multi($field_info[field_title], $field_info[field_desc], $field_info[field_error]); SE_Language::load(); $field_info[field_title] = SE_Language::_get($field_info[field_title]); $field_info[field_desc] = SE_Language::_get($field_info[field_desc]); $field_info[field_error] = SE_Language::_get($field_info[field_error]); $field_info[field_options_detailed] = $field_options; return $field_info; }
$is_error = 473; } elseif (!is_file($path) || strpos($filename, "..") !== FALSE) { $is_error = 474; } elseif (!is_readable($path)) { $is_error = 475; } elseif (!is_writable($path)) { $is_error = 476; } // IF JSON REQUEST, SEND BACK DATA if ($task == "gettemplate") { $template_code = file_get_contents($path); $template_code = str_replace("'", "\\'", str_replace("\n", "\\n", str_replace("\\", "\\\\", str_replace("\r\n", "\n", $template_code)))); if ($is_error != 0) { SE_Language::_preload_multi($is_error); SE_Language::load(); $error_message = str_replace("'", "\\'", SE_Language::_get($is_error)); } $json = "{'is_error':{$is_error}, 'error_message':'{$error_message}', 'template':'{$template_code}'}"; echo $json; exit; // SAVE TEMPLATE } elseif ($task == "save") { // WRITE CODE TO FILE if ($is_error == 0) { $template_code = str_replace("{/php}", "", str_replace("{php}", "", htmlspecialchars_decode(str_replace("\\\\", "\\", $_POST['template_code']), ENT_QUOTES))); $handle = fopen($path, 'w+'); fwrite($handle, $template_code); fclose($handle); } exit; }
$field_info[field_suggestions] = $_POST['field_suggestions']; // SAVE FIELD $field_info = $field->field_save($field_info); // GET ERROR $is_error = $field->is_error; if ($field->is_error != 0) { SE_Language::_preload_multi($field->is_error); SE_Language::load(); $error_message = str_replace("'", "\\'", SE_Language::_get($field->is_error)); } // PULL OPTIONS INTO STRING $field_options_detailed = array(); for ($i = 0; $i < count($field_info[field_options]); $i++) { SE_Language::_preload_multi($field_info[field_options][$i][label]); SE_Language::load(); $field_info[field_options][$i][label] = SE_Language::_get($field_info[field_options][$i][label]); $field_options_detailed[] = $field_info[field_options][$i][value] . "<!>" . $field_info[field_options][$i][label] . "<!>" . $field_info[field_options][$i][dependency] . "<!>" . $field_info[field_options][$i][dependent_label] . "<!>" . $field_info[field_options][$i][dependent_id]; } $field_options_detailed = implode("<~!~>", $field_options_detailed); // SEND AJAX CONFIRMATION echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=UTF-8'><script type='text/javascript'>"; echo "window.parent.savefield_result('{$is_error}', '{$error_message}', '{$old_field_id}', '{$field_info['field_id']}', '{$field_info['field_title']}', '{$field_info['field_cat_id']}', '{$field_options_detailed}');"; echo "</script></head><body></body></html>"; exit; // ADD A NEW FIELD BOX } elseif ($task == "addfield") { $field->cat_list(); $cat_array = $field->cats; $smarty->assign('hideSearch', $hideSearch); $smarty->assign('hideDisplay', $hideDisplay); $smarty->assign('hideSpecial', $hideSpecial);
$poll_profile = !empty($_POST['poll_profile']) ? $_POST['poll_profile'] : (!empty($_GET['poll_profile']) ? $_GET['poll_profile'] : NULL); $is_error = FALSE; // VOTE if ($task == "votepoll") { if (!$user->user_exists || 2 & ~(int) $user->level_info['level_poll_allow']) { echo json_encode(array('result' => 'failure')); exit; } $poll_object = new se_poll(NULL, $poll_id); $result = $poll_object->poll_vote($vote); $poll_info = $poll_object->poll_info; unset($poll_info['poll_voted']); if (!$result) { SE_Language::_preload($poll_object->is_error); SE_Language::load(); echo json_encode(array('result' => 'failure', 'message' => SE_Language::_get($poll_object->is_error), 'debug' => $vote . ' ' . $poll_object->poll_info['poll_answers'][$vote])); exit; } echo json_encode($poll_info); exit; } elseif ($task == "infopoll") { if (!$user->user_exists && !$setting['setting_permission_poll'] || $user->user_exists && 1 & ~(int) $user->level_info['level_poll_allow']) { echo json_encode(array('result' => 'failure')); exit; } $poll_object = new se_poll(NULL, $poll_id); //$poll_object = new se_poll($user->user_info['user_id'], $poll_id); $poll_info = $poll_object->poll_info; unset($poll_info['poll_voted']); // SEND echo json_encode($poll_info);