function notify_summary() { global $database, $user; $total_notifications = 0; $notify_array = array(); // CHECK THAT USER EXISTS if (is_object($user) && $user->user_exists && $user->user_info['user_hasnotifys']) { // BUILD NOTIFICATION QUERY $notify_query = "\r\n (\r\n SELECT \r\n '0' AS notify_grouped,\r\n count(se_notifys.notify_id) AS total_notifications, \r\n se_notifytypes.notifytype_id, \r\n se_notifytypes.notifytype_desc, \r\n se_notifytypes.notifytype_icon, \r\n se_notifytypes.notifytype_url, \r\n se_notifys.notify_urlvars, \r\n se_notifys.notify_text \r\n FROM se_notifys \r\n LEFT JOIN se_notifytypes \r\n ON se_notifys.notify_notifytype_id=se_notifytypes.notifytype_id \r\n WHERE \r\n notify_user_id='{$user->user_info['user_id']}'\r\n AND\r\n notifytype_group=1\r\n GROUP BY se_notifys.notify_notifytype_id\r\n ) UNION ALL (\r\n SELECT \r\n se_notifys.notify_object_id AS notify_grouped,\r\n count(se_notifys.notify_id) AS total_notifications, \r\n se_notifytypes.notifytype_id, \r\n se_notifytypes.notifytype_desc, \r\n se_notifytypes.notifytype_icon, \r\n se_notifytypes.notifytype_url, \r\n se_notifys.notify_urlvars, \r\n se_notifys.notify_text \r\n FROM se_notifys \r\n LEFT JOIN se_notifytypes \r\n ON se_notifys.notify_notifytype_id=se_notifytypes.notifytype_id \r\n WHERE \r\n notify_user_id='{$user->user_info['user_id']}' \r\n AND\r\n notifytype_group=0\r\n GROUP BY se_notifys.notify_notifytype_id, se_notifys.notify_object_id\r\n )\r\n "; // GET NOTIFICATIONS $notifys = $database->database_query($notify_query); while ($notify = $database->database_fetch_assoc($notifys)) { // REGISTER PRELOADED TEXT SE_Language::_preload($notify['notifytype_desc']); // GET URL VARS $urlvars = unserialize($notify['notify_urlvars']); $notify_url = vsprintf($notify['notifytype_url'], $urlvars); // GET DESC TEXT VARS $notify_text = unserialize($notify['notify_text']); // ADD THIS NOTIFICATION TO OUTPUT ARRAY $total_notifications += $notify['total_notifications']; $notify_array[] = array('notifytype_id' => $notify['notifytype_id'], 'notify_grouped' => $notify['notify_grouped'], 'notify_icon' => $notify['notifytype_icon'], 'notify_url' => $notify_url, 'notify_desc' => $notify['notifytype_desc'], 'notify_text' => $notify_text, 'notify_total' => $notify['total_notifications']); } } // RETURN LIST OF NOTIFICATIONS return array('total' => (int) $total_notifications, 'total_grouped' => (int) count($notify_array), 'notifys' => $notify_array); }
function search_poll() { global $database, $url, $results_per_page, $p, $search_text, $t, $search_objects, $results, $total_results; // CONSTRUCT QUERY $sql = "\r\n SELECT\r\n se_polls.poll_id,\r\n se_polls.poll_title,\r\n se_users.user_id,\r\n se_users.user_username,\r\n se_users.user_photo,\r\n se_users.user_fname,\r\n se_users.user_lname\r\n FROM\r\n se_polls,\r\n se_users,\r\n se_levels\r\n WHERE\r\n se_polls.poll_user_id=se_users.user_id &&\r\n se_users.user_level_id=se_levels.level_id &&\r\n (\r\n se_polls.poll_search='1' ||\r\n se_levels.level_poll_search='0'\r\n ) &&\r\n (\r\n poll_title LIKE '%{$search_text}%' ||\r\n poll_desc LIKE '%{$search_text}%' ||\r\n poll_options LIKE '%{$search_text}%'\r\n )\r\n "; // GET TOTAL ENTRIES $total_polls = $database->database_num_rows($database->database_query($sql . " LIMIT 201")); // IF NOT TOTAL ONLY if ($t == "poll") { // MAKE POLL PAGES $start = ($p - 1) * $results_per_page; $limit = $results_per_page + 1; // SEARCH POLLS $sql .= " ORDER BY se_polls.poll_id DESC LIMIT {$start}, {$limit}"; $resource = $database->database_query($sql) or die($database->database_error()); while ($poll_info = $database->database_fetch_assoc($resource)) { // CREATE AN OBJECT FOR AUTHOR $profile = new se_user(); $profile->user_info['user_id'] = $poll_info['user_id']; $profile->user_info['user_username'] = $poll_info['user_username']; $profile->user_info['user_fname'] = $poll_info['user_fname']; $profile->user_info['user_lname'] = $poll_info['user_lname']; $profile->user_info['user_photo'] = $poll_info['user_photo']; $profile->user_displayname(); $result_url = $url->url_create('poll', $poll_info['user_username'], $poll_info['poll_id']); $result_name = 2500112; $result_desc = 2500113; // IF EMPTY TITLE if (!trim($poll_info['poll_title'])) { SE_Language::_preload(589); SE_Language::load(); $poll_info['poll_title'] = SE_Language::_get(589); } $results[] = array('result_url' => $result_url, 'result_icon' => './images/icons/poll_poll48.gif', 'result_name' => $result_name, 'result_name_1' => $poll_info['poll_title'], 'result_desc' => $result_desc, 'result_desc_1' => $url->url_create('profile', $profile->user_info['user_username']), 'result_desc_2' => $profile->user_displayname, 'result_desc_3' => $poll_info['poll_desc']); } // SET TOTAL RESULTS $total_results = $total_polls; } // SET ARRAY VALUES SE_Language::_preload_multi(2500111, 2500112, 2500113); if ($total_polls > 200) { $total_polls = "200+"; } $search_objects[] = array('search_type' => 'poll', 'search_lang' => 2500111, 'search_total' => $total_polls); }
<?php // ENSURE THIS IS BEING INCLUDED IN AN SE SCRIPT if (!defined('SE_PAGE')) { exit; } // INCLUDE MUSIC CLASS FILES include "./include/class_music.php"; include "./include/functions_music.php"; // PRELOAD LANGUAGE SE_Language::_preload(4000004); // SET MAIN MENU VARS $plugin_vars['menu_main'] = array('file' => 'browse_music.php', 'title' => 4000004); // SET USER MENU VARS if ($user->level_info['level_music_allow']) { $plugin_vars['menu_user'] = array('file' => 'user_music.php', 'icon' => 'music_music16.gif', 'title' => 4000004); } // SET PROFILE MENU VARS if ($owner->level_info['level_music_allow'] && $page == "profile") { // GET USER SETTINGS $user->user_settings('usersetting_music_profile_autoplay,usersetting_music_site_autoplay,usersetting_xspfskin_id'); $owner->user_settings('usersetting_music_profile_autoplay,usersetting_music_site_autoplay,usersetting_xspfskin_id'); // GET SKIN INFO $owner_music = new se_music($owner->user_info['user_id']); $skin_info = $owner_music->skin_info($user->usersetting_info['usersetting_xspfskin_id']); if (!empty($skin_info)) { $smarty->assign('skin_title', $skin_info['xspfskin_title']); $smarty->assign('skin_height', $skin_info['xspfskin_height']); $smarty->assign('skin_width', $skin_info['xspfskin_width']); } // AUTOPLAY
function field_list($validate = 0, $format = 0, $search = 0, $field_where = "") { global $database, $datetime, $setting; // GET NON DEPENDENT FIELDS IN CAT IF NECESSARY $field_count = 0; $this->fields = array(); $field_query = "SELECT " . $this->type . "field_id AS field_id, " . $this->type . "field_order AS field_order, " . $this->type . "field_title AS field_title, " . $this->type . "field_desc AS field_desc, " . $this->type . "field_signup AS field_signup, " . $this->type . "field_error AS field_error, " . $this->type . "field_type AS field_type, " . $this->type . "field_style AS field_style, " . $this->type . "field_maxlength AS field_maxlength, " . $this->type . "field_link AS field_link, " . $this->type . "field_options AS field_options, " . $this->type . "field_required AS field_required, " . $this->type . "field_regex AS field_regex, " . $this->type . "field_special AS field_special, " . $this->type . "field_html AS field_html, " . $this->type . "field_search AS field_search, " . $this->type . "field_display AS field_display FROM se_" . $this->type . "fields WHERE " . $this->type . "field_dependency='0'"; if ($field_where != "") { $field_query .= " AND ({$field_where})"; } $field_query .= " ORDER BY " . $this->type . "field_order"; $fields = $database->database_query($field_query); while ($field_info = $database->database_fetch_assoc($fields)) { // SET FIELD VARS $is_field_error = 0; $field_value = ""; $field_value_formatted = ""; $field_value_min = ""; $field_value_max = ""; $field_options = array(); // FIELD TYPE SWITCH switch ($field_info[field_type]) { case 1: // TEXT FIELD // TEXT FIELD case 2: // TEXTAREA // VALIDATE POSTED FIELD VALUE if ($validate == 1) { // RETRIEVE POSTED FIELD VALUE AND FILTER FOR ADMIN-SPECIFIED HTML TAGS $var = "field_" . $field_info[field_id]; $field_value = security(cleanHTML(censor($_POST[$var]), $field_info[field_html])); if ($field_info[field_type] == 2) { $field_value = str_replace("\r\n", "<br>", $field_value); } // CHECK FOR REQUIRED if ($field_info[field_required] != 0 && trim($field_value) == "") { $this->is_error = 96; $is_field_error = 1; } // RUN PREG MATCH (ONLY FOR TEXT FIELDS) if ($field_info[field_regex] != "" && trim($field_value) != "") { if (!preg_match($field_info[field_regex], $field_value)) { $this->is_error = 97; $is_field_error = 1; } } // UPDATE SAVE VALUE QUERY if ($this->field_query != "") { $this->field_query .= ", "; } if ($field_info[field_special] == 2 || $field_info[field_special] == 3) { $field_value = ucwords($field_value); } $this->field_query .= $this->type . "value_{$field_info['field_id']}='{$field_value}'"; // CREATE A SEARCH QUERY FROM POSTED FIELD VALUE } elseif ($search == 1) { if ($field_info[field_search] == 2) { $var1 = "field_" . $field_info[field_id] . "_min"; if (isset($_POST[$var1])) { $field_value_min = $_POST[$var1]; } elseif (isset($_GET[$var1])) { $field_value_min = $_GET[$var1]; } else { $field_value_min = ""; } $var2 = "field_" . $field_info[field_id] . "_max"; if (isset($_POST[$var2])) { $field_value_max = $_POST[$var2]; } elseif (isset($_GET[$var2])) { $field_value_max = $_GET[$var2]; } else { $field_value_max = ""; } if ($field_value_min != "") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= $this->type . "value_{$field_info['field_id']} >= {$field_value_min}"; $this->url_string .= $var1 . "=" . urlencode($field_value_min) . "&"; } if ($field_value_max != "") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= $this->type . "value_{$field_info['field_id']} <= {$field_value_max}"; $this->url_string .= $var2 . "=" . urlencode($field_value_max) . "&"; } } elseif ($field_info[field_search] == 1) { $var = "field_" . $field_info[field_id]; if (isset($_POST[$var])) { $field_value = $_POST[$var]; } elseif (isset($_GET[$var])) { $field_value = $_GET[$var]; } else { $field_value = ""; } if ($field_value != "") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= $this->type . "value_{$field_info['field_id']} LIKE '%{$field_value}%'"; $this->url_string .= $var . "=" . urlencode($field_value) . "&"; } } else { $field_value = ""; } // DO NOT VALIDATE FIELD VALUE AND DON'T CREATE SEARCH VALUE } else { // RETRIEVE DATABASE FIELD VALUE if ($this->value_info != "") { $value_column = $this->type . "value_" . $field_info[field_id]; $field_value = $this->value_info[$value_column]; } } // FORMAT VALUE FOR DISPLAY if ($format == 1 && $field_info[field_display] != 0) { // LINK BROWSABLE FIELD VALUES IF NECESSARY if ($field_info[field_display] == 2) { $br_exploded_field_values = explode("<br>", trim($field_value)); $exploded_field_values = array(); foreach ($br_exploded_field_values as $key => $value) { $comma_exploded_field_values = explode(",", trim($value)); array_walk($comma_exploded_field_values, 'link_field_values', array($field_info[field_id], "", $field_info[field_link], $field_info[field_display])); $exploded_field_values[$key] = implode(", ", $comma_exploded_field_values); } $field_value_formatted = implode("<br>", $exploded_field_values); // MAKE SURE TO LINK FIELDS WITH A LINK TAG } else { $exploded_field_values = array(trim($field_value)); array_walk($exploded_field_values, 'link_field_values', array($field_info[field_id], "", $field_info[field_link], $field_info[field_display])); $field_value_formatted = implode("", $exploded_field_values); } // DECODE TO MAKE HTML TAGS FOR FIELDS VALID $field_value_formatted = htmlspecialchars_decode($field_value_formatted, ENT_QUOTES); // FORMAT VALUE FOR FORM } else { if ($field_info[field_type] == 1) { $options = unserialize($field_info[field_options]); for ($i = 0, $max = count($options); $i < $max; $i++) { SE_Language::_preload_multi($options[$i][label]); SE_Language::load(); $field_options[] = array('label' => SE_Language::_get($options[$i][label])); } } if ($field_info[field_type] == 2) { $field_value = str_replace("<br>", "\r\n", $field_value); } } break; case 3: // SELECT BOX // SELECT BOX case 4: // RADIO BUTTON // VALIDATE POSTED FIELD if ($validate == 1) { // RETRIEVE POSTED FIELD VALUE $var = "field_" . $field_info[field_id]; $field_value = censor($_POST[$var]); // CHECK FOR REQUIRED if ($field_info[field_required] != 0 && ($field_value == "-1" || $field_value == "")) { $this->is_error = 96; $is_field_error = 1; } // UPDATE SAVE VALUE QUERY if ($this->field_query != "") { $this->field_query .= ", "; } $this->field_query .= $this->type . "value_{$field_info['field_id']}='{$field_value}'"; // CREATE A SEARCH QUERY FROM POSTED FIELD VALUE } elseif ($search == 1) { if ($field_info[field_search] == 2) { $var1 = "field_" . $field_info[field_id] . "_min"; if (isset($_POST[$var1])) { $field_value_min = $_POST[$var1]; } elseif (isset($_GET[$var1])) { $field_value_min = $_GET[$var1]; } else { $field_value_min = ""; } $var2 = "field_" . $field_info[field_id] . "_max"; if (isset($_POST[$var2])) { $field_value_max = $_POST[$var2]; } elseif (isset($_GET[$var2])) { $field_value_max = $_GET[$var2]; } else { $field_value_max = ""; } if ($field_value_min != "" && $field_value_min != "-1") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= $this->type . "value_{$field_info['field_id']} >= {$field_value_min}"; $this->url_string .= $var1 . "=" . urlencode($field_value_min) . "&"; } if ($field_value_max != "" && $field_value_max != "-1") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= $this->type . "value_{$field_info['field_id']} <= {$field_value_max}"; $this->url_string .= $var2 . "=" . urlencode($field_value_max) . "&"; } } elseif ($field_info[field_search] == 1) { $var = "field_" . $field_info[field_id]; if (isset($_POST[$var])) { $field_value = $_POST[$var]; } elseif (isset($_GET[$var])) { $field_value = $_GET[$var]; } else { $field_value = ""; } if ($field_value != "-1" && $field_value != "") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= $this->type . "value_{$field_info['field_id']}='{$field_value}'"; $this->url_string .= $var . "=" . urlencode($field_value) . "&"; } } else { $field_value = ""; } // DO NOT VALIDATE FIELD VALUE AND DON'T CREATE SEARCH VALUE } else { // RETRIEVE DATABASE FIELD VALUE if ($this->value_info != "") { $value_column = $this->type . "value_" . $field_info[field_id]; $field_value = $this->value_info[$value_column]; } } // LOOP OVER FIELD OPTIONS $options = unserialize($field_info[field_options]); for ($i = 0, $max = count($options); $i < $max; $i++) { $dep_field_info = ""; $dep_field_value = ""; $dep_field_options = ""; // OPTION HAS DEPENDENCY if ($options[$i][dependency] == "1") { $dep_field_query = "SELECT " . $this->type . "field_id AS field_id, " . $this->type . "field_type AS field_type, " . $this->type . "field_title AS field_title, " . $this->type . "field_style AS field_style, " . $this->type . "field_options AS field_options, " . $this->type . "field_maxlength AS field_maxlength, " . $this->type . "field_link AS field_link, " . $this->type . "field_required AS field_required, " . $this->type . "field_regex AS field_regex, " . $this->type . "field_display AS field_display FROM se_" . $this->type . "fields WHERE " . $this->type . "field_id='" . $options[$i][dependent_id] . "' AND " . $this->type . "field_dependency='{$field_info['field_id']}'"; $dep_field = $database->database_query($dep_field_query); if ($database->database_num_rows($dep_field) != "1") { $options[$i][dependency] = 0; } else { $dep_field_info = $database->database_fetch_assoc($dep_field); // VALIDATE POSTED FIELD VALUE if ($validate == 1) { // OPTION SELECTED if ($field_value == $options[$i][value]) { $dep_var = "field_" . $dep_field_info[field_id]; $dep_field_value = censor($_POST[$dep_var]); // DEP FIELD TYPE switch ($dep_field_info[field_type]) { // TEXT FIELD case "1": // CHECK FOR REQUIRED if ($dep_field_info[field_required] != 0 && trim($dep_field_value) == "") { $this->is_error = 96; $is_field_error = 1; } // RUN PREG MATCH if ($dep_field_info[field_regex] != "" && trim($dep_field_value) != "") { if (!preg_match($dep_field_info[field_regex], $dep_field_value)) { $this->is_error = 97; $is_field_error = 1; } } break; // SELECT BOX // SELECT BOX case "3": // CHECK FOR REQUIRED if ($dep_field_info['field_required'] != 0 && ($dep_field_value == "-1" || $dep_field_value == "")) { $this->is_error = 96; $is_field_error = 1; } break; } // OPTION NOT SELECTED } else { $dep_field_value = ""; } // UPDATE SAVE VALUE QUERY if ($this->field_query != "") { $this->field_query .= ", "; } $this->field_query .= $this->type . "value_{$dep_field_info['field_id']}='{$dep_field_value}'"; // DO NOT VALIDATE POSTED FIELD VALUE } else { // RETRIEVE DATABASE FIELD VALUE if ($this->value_info != "") { $value_column = $this->type . "value_" . $dep_field_info[field_id]; $dep_field_value = $this->value_info[$value_column]; } } // RETRIEVE DEP FIELD OPTIONS $dep_options = unserialize($dep_field_info[field_options]); for ($i2 = 0, $max2 = count($dep_options); $i2 < $max2; $i2++) { SE_Language::_preload($dep_options[$i2][label]); $dep_field_options[] = array('value' => $dep_options[$i2][value], 'label' => $dep_options[$i2][label]); if ($dep_options[$i2][value] == $dep_field_value) { $dep_field_value_formatted = $dep_options[$i2][label]; } } } } // FORMAT VALUE FOR DISPLAY IF OPTION IS SELECTED if ($format == 1 && $field_value == $options[$i][value] && $field_info[field_display] != 0) { SE_Language::_preload_multi($dep_field_info[field_title], $options[$i][label]); SE_Language::load(); $field_value_formatted = SE_Language::_get($options[$i][label]); // LINK FIELD VALUES IF NECESSARY if ($field_info[field_display] == 2) { link_field_values($field_value_formatted, "", array($field_info[field_id], $options[$i][value], "", $field_info[field_display])); } // ADD DEPENDENT VALUE TO FIELD VALUE if ($dep_field_value != "" && $dep_field_info[field_display] != 0) { if ($dep_field_info[field_type] == 3) { $dep_field_value_formatted = SE_Language::_get($dep_field_value_formatted); } else { $dep_field_value_formatted = $dep_field_value; } link_field_values($dep_field_value_formatted, "", array($dep_field_info[field_id], $dep_field_value, $dep_field_info[field_link], $dep_field_info[field_display])); $field_value_formatted .= " " . SE_Language::_get($dep_field_info[field_title]) . " " . $dep_field_value_formatted; } } // SET OPTIONS ARRAY SE_Language::_preload_multi($dep_field_info[field_title], $options[$i][label]); $field_options[] = array('value' => $options[$i][value], 'label' => $options[$i][label], 'dependency' => $options[$i][dependency], 'dep_field_id' => $dep_field_info[field_id], 'dep_field_title' => $dep_field_info[field_title], 'dep_field_type' => $dep_field_info[field_type], 'dep_field_required' => $dep_field_info[field_required], 'dep_field_maxlength' => $dep_field_info[field_maxlength], 'dep_field_options' => $dep_field_options, 'dep_field_style' => $dep_field_info[field_style], 'dep_field_value' => $dep_field_value, 'dep_field_error' => $dep_field_error); } break; case 5: // DATE FIELD // SET MONTH, DAY, AND YEAR FORMAT FROM SETTINGS switch ($setting[setting_dateformat]) { case "n/j/Y": case "n.j.Y": case "n-j-Y": $month_format = "n"; $day_format = "j"; $year_format = "Y"; $date_order = "mdy"; break; case "Y/n/j": case "Ynj": $month_format = "n"; $day_format = "j"; $year_format = "Y"; $date_order = "ymd"; break; case "Y-n-d": $month_format = "n"; $day_format = "d"; $year_format = "Y"; $date_order = "ymd"; break; case "Y-m-d": $month_format = "m"; $day_format = "d"; $year_format = "Y"; $date_order = "ymd"; break; case "j/n/Y": case "j.n.Y": $month_format = "n"; $day_format = "j"; $year_format = "Y"; $date_order = "dmy"; break; case "M. j, Y": $month_format = "M"; $day_format = "j"; $year_format = "Y"; $date_order = "mdy"; break; case "F j, Y": case "l, F j, Y": $month_format = "F"; $day_format = "j"; $year_format = "Y"; $date_order = "mdy"; break; case "j F Y": case "D j F Y": case "l j F Y": $month_format = "F"; $day_format = "j"; $year_format = "Y"; $date_order = "dmy"; break; case "D-j-M-Y": case "D j M Y": case "j-M-Y": $month_format = "M"; $day_format = "j"; $year_format = "Y"; $date_order = "dmy"; break; case "Y-M-j": $month_format = "M"; $day_format = "j"; $year_format = "Y"; $date_order = "ymd"; break; } // VALIDATE POSTED VALUE if ($validate == 1) { // RETRIEVE POSTED FIELD VALUE $var1 = "field_" . $field_info[field_id] . "_1"; $var2 = "field_" . $field_info[field_id] . "_2"; $var3 = "field_" . $field_info[field_id] . "_3"; $field_1 = $_POST[$var1]; $field_2 = $_POST[$var2]; $field_3 = $_POST[$var3]; // ORDER DATE VALUES PROPERLY switch ($date_order) { case "mdy": $month = $field_1; $day = $field_2; $year = $field_3; break; case "ymd": $year = $field_1; $month = $field_2; $day = $field_3; break; case "dmy": $day = $field_1; $month = $field_2; $year = $field_3; break; } // CONSTRUCT FIELD VALUE $field_value = str_pad($year, 4, '0', STR_PAD_LEFT) . "-" . str_pad($month, 2, '0', STR_PAD_LEFT) . '-' . str_pad($day, 2, '0', STR_PAD_LEFT); // CHECK FOR REQUIRED if ($field_info['field_required'] && ($month == "00" || $day == "00" || $year == "00")) { $this->is_error = 96; $is_field_error = 1; } // UPDATE SAVE VALUE QUERY if ($this->field_query != "") { $this->field_query .= ", "; } $this->field_query .= $this->type . "value_{$field_info['field_id']}='{$field_value}'"; // CREATE A SEARCH QUERY FROM POSTED FIELD VALUE } elseif ($search == 1) { // DATE IS A BIRTHDAY if ($field_info[field_special] == 1) { // RESET DATE ORDER SO MONTH IS LAST $date_order = "mdy"; // RETRIEVE MIN/MAX YEARS $var3_min = "field_" . $field_info[field_id] . "_3_min"; $var3_max = "field_" . $field_info[field_id] . "_3_max"; if (isset($_POST[$var3_min])) { $field_3_min = $_POST[$var3_min]; } elseif (isset($_GET[$var3_min])) { $field_3_min = $_GET[$var3_min]; } else { $field_3_min = ""; } if (isset($_POST[$var3_max])) { $field_3_max = $_POST[$var3_max]; } elseif (isset($_GET[$var3_max])) { $field_3_max = $_GET[$var3_max]; } else { $field_3_max = ""; } $this->url_string .= $var3_min . "=" . urlencode($field_3_min) . "&"; $this->url_string .= $var3_max . "=" . urlencode($field_3_max) . "&"; // CONSTRUCT SEARCH VALUES (MIN YEAR) // IMPORTANT NOTE - BECAUSE IT DISPLAYS THE AGE (NOT THE YEAR) TO THE SEARCHER, THIS ACTUALLY CORRESPONDS TO THE MINIMUM AGE (MAXIMUM YEAR) $field_value_min = str_pad($field_3_min, 4, '0', STR_PAD_LEFT); if ($field_value_min != "0000") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= $this->type . "value_{$field_info['field_id']}<='{$field_value_min}-" . date('m', time()) . "-" . date('d', time()) . "'"; } // CONSTRUCT SEARCH VALUES (MAX YEAR) // IMPORTANT NOTE - BECAUSE IT DISPLAYS THE AGE (NOT THE YEAR) TO THE SEARCHER, THIS ACTUALLY CORRESPONDS TO THE MAXIMUM AGE (MINIMUM YEAR) $field_value_max = str_pad($field_3_max, 4, '0', STR_PAD_LEFT); if ($field_value_max != "0000") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= $this->type . "value_{$field_info['field_id']}>=DATE_ADD('" . ($field_value_max - 1) . "-" . date('m', time()) . "-" . date('d', time()) . "', INTERVAL 1 DAY)"; } // EXCLUDE USERS WHO HAVE NOT ENTERED A BIRTH YEAR if ($field_value_min != "0000" || $field_value_max != "0000") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= "YEAR(" . $this->type . "value_{$field_info['field_id']})<>'0000'"; } // DATE IS NOT A BIRTHDAY } else { // RETRIEVE VALUES $var1 = "field_" . $field_info[field_id] . "_1"; $var2 = "field_" . $field_info[field_id] . "_2"; $var3 = "field_" . $field_info[field_id] . "_3"; if (isset($_POST[$var1])) { $field_1 = $_POST[$var1]; } elseif (isset($_GET[$var1])) { $field_1 = $_GET[$var1]; } else { $field_1 = ""; } if (isset($_POST[$var2])) { $field_2 = $_POST[$var2]; } elseif (isset($_GET[$var2])) { $field_2 = $_GET[$var2]; } else { $field_2 = ""; } if (isset($_POST[$var3])) { $field_3 = $_POST[$var3]; } elseif (isset($_GET[$var3])) { $field_3 = $_GET[$var3]; } else { $field_3 = ""; } $this->url_string .= $var1 . "=" . urlencode($field_1) . "&"; $this->url_string .= $var2 . "=" . urlencode($field_2) . "&"; $this->url_string .= $var3 . "=" . urlencode($field_3) . "&"; // ORDER DATE VALUES PROPERLY switch ($date_order) { case "mdy": $month = str_pad($field_1, 2, '0', STR_PAD_LEFT); $day = str_pad($field_2, 2, '0', STR_PAD_LEFT); $year = str_pad($field_3, 4, '0', STR_PAD_LEFT); break; case "ymd": $year = str_pad($field_1, 4, '0', STR_PAD_LEFT); $month = str_pad($field_2, 2, '0', STR_PAD_LEFT); $day = str_pad($field_3, 2, '0', STR_PAD_LEFT); break; case "dmy": $day = str_pad($field_1, 2, '0', STR_PAD_LEFT); $month = str_pad($field_2, 2, '0', STR_PAD_LEFT); $year = str_pad($field_3, 4, '0', STR_PAD_LEFT); break; } // CONSTRUCT FIELD VALUE $field_value = $year . "-" . $month . '-' . $day; if ($month != "00") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= "MONTH(" . $this->type . "value_{$field_info['field_id']})='{$month}'"; } if ($day != "00") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= "DAY(" . $this->type . "value_{$field_info['field_id']})='{$day}'"; } if ($year != "0000") { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= "YEAR(" . $this->type . "value_{$field_info['field_id']})='{$year}'"; } } // DO NOT VALIDATE FIELD VALUE AND DON'T CREATE SEARCH VALUE } else { // RETRIEVE DATABASE FIELD VALUE if ($this->value_info != "") { $value_column = $this->type . "value_" . $field_info[field_id]; $field_value = $this->value_info[$value_column]; } else { $field_value = "0000-00-00"; } } $year = substr($field_value, 0, 4); $month = substr($field_value, 5, 2); $day = substr($field_value, 8, 2); // FORMAT VALUE FOR DISPLAY if ($format == 1 && $field_info[field_display] != 0) { if ($field_value != "0000-00-00") { if ($year == "0000") { $year = ""; } if ($month == "00") { $month = ""; } else { $month = $datetime->cdate("F", mktime(0, 0, 0, $month, 1, 1990)); } if ($day == "00") { $day = ""; } else { $day = $datetime->cdate("{$day_format}", mktime(0, 0, 0, 1, $day, 1990)); } switch ($date_order) { case "mdy": $field_value_formatted = "{$month} {$day} {$year}"; break; case "ymd": $field_value_formatted = "{$year} {$month} {$day}"; break; case "dmy": $field_value_formatted = "{$day} {$month} {$year}"; break; } if ($field_info[field_display] == 2) { link_field_values($field_value_formatted, "", array($field_info[field_id], $field_value, "", $field_info[field_display])); } } // FORMAT VALUE FOR FORM } else { // GET LANGUAGE VARS SE_Language::_preload_multi(579, 580, 581); // CONSTRUCT MONTH ARRAY $month_array = array(); $month_array[0] = array('name' => "579", 'value' => "0", 'selected' => ""); for ($m = 1; $m <= 12; $m++) { if ($month == $m) { $selected = " SELECTED"; } else { $selected = ""; } $month_array[$m] = array('name' => $datetime->cdate("{$month_format}", mktime(0, 0, 0, $m, 1, 1990)), 'value' => $m, 'selected' => $selected); } // CONSTRUCT DAY ARRAY $day_array = array(); $day_array[0] = array('name' => "580", 'value' => "0", 'selected' => ""); for ($d = 1; $d <= 31; $d++) { if ($day == $d) { $selected = " SELECTED"; } else { $selected = ""; } $day_array[$d] = array('name' => $datetime->cdate("{$day_format}", mktime(0, 0, 0, 1, $d, 1990)), 'value' => $d, 'selected' => $selected); } // CONSTRUCT YEAR ARRAY $year_array = array(); $year_count = 1; $current_year = $datetime->cdate("Y", time()); $year_array[0] = array('name' => "581", 'value' => "0", 'selected' => ""); for ($y = $current_year; $y >= 1920; $y--) { if ($year == $y) { $selected = " SELECTED"; } else { $selected = ""; } $year_array[$year_count] = array('name' => $y, 'value' => $y, 'selected' => $selected); $year_count++; } // ORDER DATE ARRAYS PROPERLY switch ($date_order) { case "mdy": $date_array1 = $month_array; $date_array2 = $day_array; $date_array3 = $year_array; break; case "ymd": $date_array1 = $year_array; $date_array2 = $month_array; $date_array3 = $day_array; break; case "dmy": $date_array1 = $day_array; $date_array2 = $month_array; $date_array3 = $year_array; break; } } break; case 6: // CHECKBOXES // VALIDATE POSTED FIELD if ($validate == 1) { // RETRIEVE POSTED FIELD VALUE $var = "field_" . $field_info[field_id]; $field_value = $_POST[$var]; // CHECK FOR REQUIRED if ($field_info[field_required] != 0 && count($field_value) == 0) { $this->is_error = 96; $is_field_error = 1; } // UPDATE SAVE VALUE QUERY if ($this->field_query != "") { $this->field_query .= ", "; } $this->field_query .= $this->type . "value_{$field_info['field_id']}='" . implode(",", $field_value) . "'"; // CREATE A SEARCH QUERY FROM POSTED FIELD VALUE } elseif ($search == 1) { $var = "field_" . $field_info[field_id]; if (isset($_POST[$var])) { $field_value = $_POST[$var]; } elseif (isset($_GET[$var])) { $field_value = $_GET[$var]; } else { $field_value = ""; } if (count($field_value) != 0 && $field_value != "") { for ($o = 0; $o < count($field_value); $o++) { if ($this->field_query != "") { $this->field_query .= " AND "; } $this->field_query .= "FIND_IN_SET('" . $field_value[$o] . "', " . $this->type . "value_{$field_info['field_id']})"; $this->url_string .= $var . "[]=" . urlencode($field_value[$o]) . "&"; } } // DO NOT VALIDATE FIELD VALUE AND DON'T CREATE SEARCH VALUE } else { // RETRIEVE DATABASE FIELD VALUE if ($this->value_info != "") { $value_column = $this->type . "value_" . $field_info[field_id]; $field_value = explode(",", $this->value_info[$value_column]); } } // LOOP OVER FIELD OPTIONS $options = unserialize($field_info[field_options]); for ($i = 0, $max = count($options); $i < $max; $i++) { $dep_field_info = ""; $dep_field_value = ""; $dep_field_options = ""; // OPTION HAS DEPENDENCY if ($options[$i][dependency] == "1") { $dep_field_query = "SELECT " . $this->type . "field_id AS field_id, " . $this->type . "field_type AS field_type, " . $this->type . "field_title AS field_title, " . $this->type . "field_style AS field_style, " . $this->type . "field_options AS field_options, " . $this->type . "field_maxlength AS field_maxlength, " . $this->type . "field_link AS field_link, " . $this->type . "field_required AS field_required, " . $this->type . "field_regex AS field_regex, " . $this->type . "field_display AS field_display FROM se_" . $this->type . "fields WHERE " . $this->type . "field_id='" . $options[$i][dependent_id] . "' AND " . $this->type . "field_dependency='{$field_info['field_id']}'"; $dep_field = $database->database_query($dep_field_query); if ($database->database_num_rows($dep_field) != "1") { $options[$i][dependency] = 0; } else { $dep_field_info = $database->database_fetch_assoc($dep_field); // VALIDATE POSTED FIELD VALUE if ($validate == 1) { // OPTION SELECTED if (in_array($options[$i][value], $field_value)) { $dep_var = "field_" . $dep_field_info[field_id]; $dep_field_value = censor($_POST[$dep_var]); // DEP FIELD TYPE switch ($dep_field_info[field_type]) { // TEXT FIELD case "1": // CHECK FOR REQUIRED if ($dep_field_info[field_required] != 0 && trim($dep_field_value) == "") { $this->is_error = 96; $is_field_error = 1; } // RUN PREG MATCH if ($dep_field_info[field_regex] != "" && trim($dep_field_value) != "") { if (!preg_match($dep_field_info[field_regex], $dep_field_value)) { $this->is_error = 97; $is_field_error = 1; } } break; // SELECT BOX // SELECT BOX case "3": // CHECK FOR REQUIRED if ($dep_field_info['field_required'] != 0 && ($dep_field_value == "-1" || $dep_field_value == "")) { $this->is_error = 96; $is_field_error = 1; } break; } // OPTION NOT SELECTED } else { $dep_field_value = ""; } // UPDATE SAVE VALUE QUERY if ($this->field_query != "") { $this->field_query .= ", "; } $this->field_query .= $this->type . "value_{$dep_field_info['field_id']}='{$dep_field_value}'"; // DO NOT VALIDATE POSTED FIELD VALUE } else { // RETRIEVE DATABASE FIELD VALUE if ($this->value_info != "") { $value_column = $this->type . "value_" . $dep_field_info[field_id]; $dep_field_value = $this->value_info[$value_column]; } } // RETRIEVE DEP FIELD OPTIONS $dep_options = unserialize($dep_field_info[field_options]); for ($i2 = 0, $max2 = count($dep_options); $i2 < $max2; $i2++) { SE_Language::_preload($dep_options[$i2][label]); $dep_field_options[] = array('value' => $dep_options[$i2][value], 'label' => $dep_options[$i2][label]); if ($dep_options[$i2][value] == $dep_field_value) { $dep_field_value_formatted = $dep_options[$i2][label]; } } } } // FORMAT VALUE FOR DISPLAY IF OPTION IS SELECTED if ($format == 1 && in_array($options[$i][value], $field_value) && $field_info[field_display] != 0) { SE_Language::_preload_multi($dep_field_info[field_title], $options[$i][label]); SE_Language::load(); $formatted_prelim = SE_Language::_get($options[$i][label]); // LINK FIELD VALUES IF NECESSARY if ($field_info[field_display] == 2) { link_field_values($formatted_prelim, "", array($field_info[field_id], $options[$i][value], "", $field_info[field_display])); } // ADD DEPENDENT VALUE TO FIELD VALUE if ($dep_field_value != "" && $dep_field_info[field_display] != 0) { if ($dep_field_info[field_type] == 3) { $dep_field_value_formatted = SE_Language::_get($dep_field_value_formatted); } else { $dep_field_value_formatted = $dep_field_value; } link_field_values($dep_field_value_formatted, "", array($dep_field_info[field_id], $dep_field_value, $dep_field_info[field_link], $dep_field_info[field_display])); $field_value_formatted .= " " . SE_Language::_get($dep_field_info[field_title]) . " " . $dep_field_value_formatted; } if (trim($field_value_formatted) != "") { $field_value_formatted .= ", "; } $field_value_formatted .= $formatted_prelim; } // SET OPTIONS ARRAY SE_Language::_preload_multi($dep_field_info[field_title], $options[$i][label]); $field_options[] = array('value' => $options[$i][value], 'label' => $options[$i][label], 'dependency' => $options[$i][dependency], 'dep_field_id' => $dep_field_info[field_id], 'dep_field_title' => $dep_field_info[field_title], 'dep_field_type' => $dep_field_info[field_type], 'dep_field_required' => $dep_field_info[field_required], 'dep_field_maxlength' => $dep_field_info[field_maxlength], 'dep_field_options' => $dep_field_options, 'dep_field_style' => $dep_field_info[field_style], 'dep_field_value' => $dep_field_value, 'dep_field_error' => $dep_field_error); } break; } // SET FIELD ERROR IF ERROR OCCURRED if ($is_field_error == 1) { $field_error = $field_info[field_error]; } else { $field_error = 0; } // SET FIELD VALUE ARRAY FOR LATER USE // FIX THIS FOR CHECKBOXES (USED FOR SUBNETS?) $this->fields_new[$this->type . "value_" . $field_info[field_id]] = $field_value; // SET SPECIAL FIELDS, IF NECESSARY if ($field_info[field_special] != 0) { $this->field_special[$field_info[field_special]] = $field_value; } // SAVE FORMATTED FIELD VALUE IN ARRAY if ($field_value_formatted != "") { $this->field_values[] = $field_value_formatted; } // SET FIELD ARRAY AND INCREMENT FIELD COUNT if ($format == 0 && $search == 0 || $format == 1 && $field_value_formatted != "" || $search == 1 && $field_info[field_search] != 0) { SE_Language::_preload_multi($field_info[field_title], $field_info[field_desc], $field_info[field_error]); $this->fields[] = $this->fields_all[] = array('field_id' => $field_info[field_id], 'field_title' => $field_info[field_title], 'field_desc' => $field_info[field_desc], 'field_type' => $field_info[field_type], 'field_required' => $field_info[field_required], 'field_style' => $field_info[field_style], 'field_maxlength' => $field_info[field_maxlength], 'field_special' => $field_info[field_special], 'field_signup' => $field_info[field_signup], 'field_search' => $field_info[field_search], 'field_options' => $field_options, 'field_value' => $field_value, 'field_value_formatted' => $field_value_formatted, 'field_value_min' => $field_value_min, 'field_value_max' => $field_value_max, 'field_error' => $field_error, 'date_array1' => $date_array1, 'date_array2' => $date_array2, 'date_array3' => $date_array3); $field_count++; } } }
$block_user = new se_user(); $block_user->user_info['user_id'] = $block['user_id']; $block_user->user_info['user_username'] = $block['user_username']; $block_user->user_info['user_photo'] = $block['user_photo']; $block_user->user_info['user_fname'] = $block['user_fname']; $block_user->user_info['user_lname'] = $block['user_lname']; $block_user->user_displayname(); $block_array[] = $block_user; } } // GET PREVIOUS PRIVACY SETTINGS for ($c = 0; $c < count($level_profile_privacy); $c++) { if (user_privacy_levels($level_profile_privacy[$c]) != "") { SE_Language::_preload(user_privacy_levels($level_profile_privacy[$c])); $privacy_options[$level_profile_privacy[$c]] = user_privacy_levels($level_profile_privacy[$c]); } } for ($c = 0; $c < count($level_profile_comments); $c++) { if (user_privacy_levels($level_profile_comments[$c]) != "") { SE_Language::_preload(user_privacy_levels($level_profile_comments[$c])); $comment_options[$level_profile_comments[$c]] = user_privacy_levels($level_profile_comments[$c]); } } // ASSIGN VARIABLES AND INCLUDE FOOTER $smarty->assign('result', $result); $smarty->assign('is_error', $is_error); $smarty->assign('blocked_users', $block_array); $smarty->assign('actiontypes', $actiontypes_array); $smarty->assign('privacy_options', $privacy_options); $smarty->assign('comment_options', $comment_options); include "footer.php";
} } // GET PREVIOUS PRIVACY SETTINGS for ($c = 0; $c < count($level_album_privacy); $c++) { if (user_privacy_levels($level_album_privacy[$c]) != "") { SE_Language::_preload(user_privacy_levels($level_album_privacy[$c])); $privacy_options[$level_album_privacy[$c]] = user_privacy_levels($level_album_privacy[$c]); } } for ($c = 0; $c < count($level_album_comments); $c++) { if (user_privacy_levels($level_album_comments[$c]) != "") { SE_Language::_preload(user_privacy_levels($level_album_comments[$c])); $comment_options[$level_album_comments[$c]] = user_privacy_levels($level_album_comments[$c]); } } for ($c = 0; $c < count($level_album_tag); $c++) { if (user_privacy_levels($level_album_tag[$c]) != "") { SE_Language::_preload(user_privacy_levels($level_album_tag[$c])); $tag_options[$level_album_tag[$c]] = user_privacy_levels($level_album_tag[$c]); } } // RESTORE LINE BREAKS $album_info[album_desc] = str_replace("<br>", "\r\n", $album_info[album_desc]); // ASSIGN VARIABLES AND SHOW EDIT ALBUMS PAGE $smarty->assign('result', $result); $smarty->assign('is_error', $is_error); $smarty->assign('album_info', $album_info); $smarty->assign('privacy_options', $privacy_options); $smarty->assign('comment_options', $comment_options); $smarty->assign('tag_options', $tag_options); include "footer.php";
$user->user_delete(); $total_users = $total_users - 1; } } } // LOOP OVER USER LEVELS $levels = $database->database_query("SELECT level_id, level_name FROM se_levels ORDER BY level_name"); while ($level_info = $database->database_fetch_assoc($levels)) { $level_array[$level_info[level_id]] = $level_info; } // LOOP OVER SUBNETWORKS $subnets = $database->database_query("SELECT subnet_id, subnet_name FROM se_subnets ORDER BY subnet_name"); $subnet_array[0] = array('subnet_id' => 0, 'subnet_name' => 152); SE_Language::_preload(152); while ($subnet_info = $database->database_fetch_assoc($subnets)) { SE_Language::_preload($subnet_info[subnet_name]); $subnet_array[$subnet_info[subnet_id]] = $subnet_info; } // PULL USERS INTO AN ARRAY $users = $database->database_query($user_query); while ($user_info = $database->database_fetch_assoc($users)) { $user = new se_user(); $user->user_info[user_id] = $user_info[user_id]; $user->user_info[user_username] = $user_info[user_username]; $user->user_info[user_fname] = $user_info[user_fname]; $user->user_info[user_lname] = $user_info[user_lname]; $user->user_displayname(); $user_info[user_displayname] = $user->user_displayname; $user_array[] = $user_info; } // ASSIGN VARIABLES AND SHOW VIEW USERS PAGE
<?php // ENSURE THIS IS BEING INCLUDED IN AN SE SCRIPT defined('SE_PAGE') or exit; // INCLUDE FUNCTION FILE include_once "./include/functions_document.php"; // INCLUDE CLASS FILE include_once "./include/class_document.php"; // PRELOAD LANGUAGE SE_Language::_preload(650003010); $query = "SELECT * FROM se_document_parameters"; $params = $database->database_fetch_assoc($database->database_query($query)); // SET MAIN MENU VARS if (!$user->user_exists && $params[permission_document] || $user->user_exists && $user->level_info['level_document_allow']) { $plugin_vars['menu_main'] = array('file' => 'browse_documents.php', 'title' => 650003010); } // SET USER MENU VARS if ($user->user_exists && $user->level_info['level_document_allow']) { $plugin_vars[menu_user] = array('file' => 'user_documents.php', 'icon' => 'document16.gif', 'title' => 650003010); } // SET PROFILE MENU VARS if ($owner->level_info['level_document_allow'] && $page == "profile") { //SHOWING A DOCUMENT TAB IF THE USER HAS ATLEAST ONE DOCUMENT if ($page == "profile") { if (isset($_POST['p'])) { $p = $_POST['p']; } elseif (isset($_GET['p'])) { $p = $_GET['p']; } else { $p = 1; }
// AN ERROR OCCURED SEND THE DATA BACK $blogentry_info = array('blogentry_id' => $blogentry_id, 'blogentry_title' => $blogentry_title, 'blogentry_body' => $blogentry_body, 'blogentry_blogentrycat_id' => $blogentry_blogentrycat_id, 'blogentry_search' => $blogentry_search, 'blogentry_privacy' => $blogentry_privacy, 'blogentry_comments' => $blogentry_comments, 'blogentry_trackbacks' => $blogentry_trackbacks); } // GET BLOG ENTRY CATEGORIES $blogentrycats_array = $blog->blog_category_list($user->user_info['user_id']); // GET PREVIOUS PRIVACY SETTINGS $level_blog_privacy = unserialize($user->level_info['level_blog_privacy']); rsort($level_blog_privacy); for ($c = 0; $c < count($level_blog_privacy); $c++) { $lvar = user_privacy_levels($level_blog_privacy[$c]); if ($lvar) { SE_Language::_preload($privacy_options[$level_blog_privacy[$c]] = $lvar); } } $level_blog_comments = unserialize($user->level_info['level_blog_comments']); rsort($level_blog_comments); for ($c = 0; $c < count($level_blog_comments); $c++) { $lvar = user_privacy_levels($level_blog_comments[$c]); if ($lvar) { SE_Language::_preload($comment_options[$level_blog_comments[$c]] = $lvar); } } // CONVERT HTML CHARACTERS BACK $blogentry_info['blogentry_body'] = str_replace("\r\n", "", htmlspecialchars_decode($blogentry_info['blogentry_body'])); // ASSIGN VARIABLES AND SHOW NEW BLOGENTRY PAGE $smarty->assign('blogentry_info', $blogentry_info); $smarty->assign('blogentrycats', $blogentrycats_array); $smarty->assign('privacy_options', $privacy_options); $smarty->assign('comment_options', $comment_options); $smarty->assign('comments_total', $comments_total); include "footer.php";
function album_list($start, $limit, $sort_by = "album_id DESC", $where = "") { global $database, $user, $owner; // BEGIN QUERY $sql = "\r\n SELECT\r\n se_albums.*,\r\n se_albums.album_totalfiles AS total_files,\r\n se_albums.album_totalspace AS total_space\r\n "; // IF NO USER ID SPECIFIED, RETRIEVE USER INFORMATION if (!$this->user_id) { $sql .= ",\r\n se_users.user_id,\r\n se_users.user_username,\r\n se_users.user_photo,\r\n se_users.user_fname,\r\n se_users.user_lname\r\n "; } // CONTINUE QUERY $sql .= "\r\n FROM\r\n se_albums\r\n "; // IF NO USER ID SPECIFIED, JOIN TO USER TABLE if (!$this->user_id) { $sql .= "\r\n LEFT JOIN\r\n se_users\r\n ON se_albums.album_user_id=se_users.user_id\r\n "; } // ADD WHERE IF NECESSARY if (!empty($where) || $this->user_id) { $sql .= "\r\n WHERE\r\n "; } // ENSURE USER ID IS NOT EMPTY if ($this->user_id) { $sql .= "\r\n album_user_id='{$this->user_id}'\r\n "; } // INSERT AND IF NECESSARY if ($this->user_id && !empty($where)) { $sql .= " AND"; } // ADD WHERE CLAUSE, IF NECESSARY if (!empty($where)) { $sql .= "\r\n {$where}\r\n "; } // ADD ORDER, AND LIMIT CLAUSE $sql .= "\r\n ORDER BY\r\n {$sort_by}\r\n LIMIT\r\n {$start}, {$limit}\r\n "; // RUN QUERY $resource = $database->database_query($sql); // GET ALBUMS INTO AN ARRAY $album_array = array(); while ($album_info = $database->database_fetch_assoc($resource)) { // IF NO USER ID SPECIFIED, CREATE OBJECT FOR AUTHOR if (!$this->user_id) { $author = new se_user(); $author->user_exists = TRUE; $author->user_info['user_id'] = $album_info['user_id']; $author->user_info['user_username'] = $album_info['user_username']; $author->user_info['user_fname'] = $album_info['user_fname']; $author->user_info['user_lname'] = $album_info['user_lname']; $author->user_info['user_photo'] = $album_info['user_photo']; $author->user_displayname(); } elseif ($owner->user_exists && $owner->user_info['user_id'] == $album_info['album_user_id']) { $author =& $owner; } elseif ($user->user_exists && $user->user_info['user_id'] == $album_info['album_user_id']) { $author =& $user; } // CONVERT SPACE TO MB $album_space_mb = $album_info['total_space'] / 1024 / 1024; $album_space_mb = round($album_space_mb, 2); // GET PATH OF ALBUM COVER $album_cover_id = 0; $album_cover_ext = ""; if ($album_info['album_cover']) { $album_cover_query = $database->database_query("SELECT media_id, media_ext FROM se_media WHERE media_id='{$album_info['album_cover']}' AND media_album_id='{$album_info['album_id']}' LIMIT 1"); if ($database->database_num_rows($album_cover_query)) { $album_cover_array = $database->database_fetch_assoc($album_cover_query); $album_cover_id = $album_cover_array['media_id']; $album_cover_ext = $album_cover_array['media_ext']; } } // CREATE ARRAY OF ALBUM DATA SE_Language::_preload(user_privacy_levels($album_info['album_privacy'])); // SET OTHER INFO $album_info['album_author'] =& $author; $album_info['album_space'] = $album_space_mb; $album_info['album_privacy'] = user_privacy_levels($album_info['album_privacy']); $album_info['album_cover_id'] = $album_cover_id; $album_info['album_cover_ext'] = $album_cover_ext; $album_info['album_files'] = $album_info['total_files']; $album_array[] = $album_info; unset($author, $album_info); } // RETURN ARRAY return $album_array; }
} $level_menu[] = $new_level_menu; $plugin_info['plugin_pages_level'] = $new_level_menu; // GET MAIN PAGES $plugin_pages_main = explode("<~!~>", $plugin_info['plugin_pages_main']); $main_pages = array(); for ($l = 0; $l < count($plugin_pages_main); $l++) { $plugin_page = explode("<!>", $plugin_pages_main[$l]); if ($plugin_page[0] != "" && $plugin_page[2] != "") { SE_Language::_preload($plugin_page[0]); $main_pages[] = array('title' => $plugin_page[0], 'icon' => $plugin_page[1], 'file' => $plugin_page[2]); } } $plugin_info['plugin_pages_main'] = $main_pages; // SET GLOBAL PLUGIN ARRAY SE_Language::_preload($plugin_info['plugin_menu_title']); $global_plugins[$plugin_info['plugin_type']] = $plugin_info; unset($plugin_vars); } // BACKWARDS COMPATIBILITY FOR THE $global_plugin CHANGE if (strpos($page, 'admin_level') !== FALSE) { $global_plugins = array_values($global_plugins); // Flush level settings $level_id = !empty($_POST['level_id']) ? $_POST['level_id'] : (!empty($_GET['level_id']) ? $_GET['level_id'] : NULL); if (is_object($cache_object) && $level_id && ($_GET['task'] == "dosave" || $_POST['task'] == "dosave")) { $cache_object->remove('site_level_settings_' . $level_id); } } // Nasty code to flush site settings if ((!empty($_GET['task']) || !empty($_POST['task'])) && is_object($cache_object)) { $cache_object->remove('site_settings');
function poll_list($start, $limit, $sort_by = "poll_id DESC", $where = "", $poll_details = 0) { global $database, $user; // BEGIN QUERY $sql = "\r\n SELECT\r\n se_polls.*,\r\n se_polls.poll_totalcomments AS total_comments\r\n "; // SELECT RELEVANT poll DETAILS IF NECESSARY if ($poll_details == 1) { $sql .= ",\r\n se_users.user_id,\r\n se_users.user_username,\r\n se_users.user_photo,\r\n se_users.user_fname,\r\n se_users.user_lname\r\n "; } // CONTINUE QUERY $sql .= "\r\n FROM\r\n se_polls\r\n "; // CONTINUE QUERY IF NECESSARY if ($poll_details == 1) { $sql .= "\r\n LEFT JOIN\r\n se_users\r\n ON se_polls.poll_user_id=se_users.user_id\r\n "; } // ADD WHERE IF NECESSARY if ($where != "" | $this->user_id != 0) { $sql .= "\r\n WHERE\r\n "; } // ENSURE USER ID IS NOT EMPTY if ($this->user_id != 0) { $sql .= "\r\n poll_user_id='{$this->user_id}'\r\n "; } // INSERT AND IF NECESSARY if ($this->user_id != 0 & $where != "") { $sql .= " AND"; } // ADD WHERE CLAUSE, IF NECESSARY if ($where != "") { $sql .= "\r\n {$where}\r\n "; } // ADD ORDER, AND LIMIT CLAUSE $sql .= "\r\n ORDER BY\r\n {$sort_by}\r\n LIMIT\r\n {$start}, {$limit}\r\n "; // RUN QUERY $resource = $database->database_query($sql) or die($database->database_error() . " SQL: " . $sql); // GET pollS INTO AN ARRAY $poll_array = array(); while ($poll_info = $database->database_fetch_assoc($resource)) { // CREATE OBJECT FOR poll $poll = new se_poll($poll_info['user_id']); $poll->poll_exists = TRUE; // CREATE OBJECT FOR poll CREATOR IF poll DETAILS if ($poll_details) { $creator = new se_user(); $creator->user_exists = TRUE; $creator->user_info['user_id'] = $poll_info['user_id']; $creator->user_info['user_username'] = $poll_info['user_username']; $creator->user_info['user_photo'] = $poll_info['user_photo']; $creator->user_info['user_fname'] = $poll_info['user_fname']; $creator->user_info['user_lname'] = $poll_info['user_lname']; $creator->user_displayname(); $poll->poll_owner =& $creator; unset($creator); } // TURN OPTIONS AND ANSWERS INTO ARRAYS, GET TOTAL VOTES $poll_info['poll_options'] = unserialize($poll_info['poll_options']); $poll_info['poll_answers'] = unserialize($poll_info['poll_answers']); $poll_info['poll_voted'] = unserialize($poll_info['poll_voted']); // GET IF THIS POLL HAS BEEN VOTED ON if (!$user->user_exists || in_array($user->user_info['user_id'], $poll_info['poll_voted'])) { $poll_info['poll_viewonly'] = TRUE; } else { $poll_info['poll_viewonly'] = FALSE; } // PRIVACY $poll_info['poll_privacy_lang'] = user_privacy_levels($poll_info['poll_privacy']); SE_Language::_preload($poll_info['poll_privacy_lang']); $poll->poll_info = $poll_info; $poll_array[] = $poll; } // RETURN ARRAY return $poll_array; }
$forum_info[forum_mods_js] = json_encode($mod_array); $forum_info[forum_mods_id_js] = json_encode($mod_array_id); // GET LEVELS $view_levels = array(); $post_levels = array(); $forumlevels = $database->database_query("SELECT * FROM se_forumlevels WHERE forumlevel_forum_id='{$forum_info['forum_id']}'"); while ($forumlevel_info = $database->database_fetch_assoc($forumlevels)) { if ($forumlevel_info[forumlevel_post]) { $post_levels[] = $forumlevel_info[forumlevel_level_id]; } $view_levels[] = $forumlevel_info[forumlevel_level_id]; } $forum_info[forum_level_view] = json_encode($view_levels); $forum_info[forum_level_post] = json_encode($post_levels); $forum_array[] = $forum_info; } SE_Language::_preload($forumcat_info[forumcat_title]); $forumcat_info[forums] = $forum_array; $forumcat_array[] = $forumcat_info; } // GET USER LEVELS $levels = $database->database_query("SELECT level_id, level_name, level_default FROM se_levels"); $level_array = array(); while ($level_info = $database->database_fetch_assoc($levels)) { $level_array[] = $level_info; } // ASSIGN VARIABLES AND SHOW FORUM SETUP PAGE $smarty->assign('is_error', $is_error); $smarty->assign('forumcats', $forumcat_array); $smarty->assign("levels", $level_array); include "admin_footer.php";
if ($_FILES[$fileid]['name'] != "") { $file_result[$fileid] = $group->group_media_upload($fileid, $groupalbum_info['groupalbum_id'], $space_left); if ($file_result[$fileid]['is_error'] == 0) { $file_result[$fileid]['message'] = 2000248; $media_path = str_replace('./', '', $group->group_dir($group->group_info['group_id']) . $file_result[$fileid]['groupmedia_id'] . "_thumb.jpg"); $media_link = "group_album_file.php?group_id={$group->group_info['group_id']}&groupmedia_id={$file_result[$fileid]['groupmedia_id']}"; if (file_exists($media_path)) { $media_width = $misc->photo_size($media_path, "100", "100", "w"); $media_height = $misc->photo_size($media_path, "100", "100", "h"); $action_media[] = array('media_link' => $media_link, 'media_path' => $media_path, 'media_width' => $media_width, 'media_height' => $media_height); } $update_album = 1; } else { $file_result[$fileid]['message'] = $file_result[$fileid]['is_error']; } SE_Language::_preload($file_result[$fileid]['message']); } } // UPDATE ALBUM UPDATED DATE AND ALBUM COVER IF FILE UPLOADED if ($update_album) { $database->database_query("UPDATE se_groupalbums SET groupalbum_dateupdated='" . time() . "' WHERE groupalbum_id='{$groupalbum_info['groupalbum_id']}'"); // UPDATE LAST UPDATE DATE (SAY THAT 10 TIMES FAST) $group->group_lastupdate(); // INSERT ACTION $group_title = $group->group_info['group_title']; if (strlen($group_title) > 100) { $group_title = substr($group_title, 0, 97) . "..."; } $actions->actions_add($user, "newgroupmedia", array($user->user_info['user_username'], $user->user_displayname, $group->group_info['group_id'], $group_title), $action_media, 60, FALSE, "group", $group->group_info['group_id'], $group->group_info['group_privacy']); } // OUTPUT JSON RESULT
if (group_privacy_levels($priv) != "") { SE_Language::_preload(group_privacy_levels($priv)); $privacy_options[$priv] = group_privacy_levels($priv); } } for ($c = 8; $c >= 0; $c--) { $priv = pow(2, $c) - 1; if (group_privacy_levels($priv) != "") { SE_Language::_preload(group_privacy_levels($priv)); $comment_options[$priv] = group_privacy_levels($priv); } } for ($c = 7; $c >= 0; $c--) { $priv = pow(2, $c) - 1; if (group_privacy_levels($priv) != "") { SE_Language::_preload(group_privacy_levels($priv)); $upload_options[$priv] = group_privacy_levels($priv); } } // ASSIGN VARIABLES AND SHOW USER GROUPS PAGE $smarty->assign('result', $result); $smarty->assign('is_error', $is_error); $smarty->assign('level_info', $level_info); $smarty->assign('level_group_privacy', unserialize($level_info[level_group_privacy])); $smarty->assign('level_group_comments', unserialize($level_info[level_group_comments])); $smarty->assign('level_group_discussion', unserialize($level_info[level_group_discussion])); $smarty->assign('level_group_upload', unserialize($level_info[level_group_upload])); $smarty->assign('level_group_tag', unserialize($level_info[level_group_tag])); $smarty->assign('group_privacy', $privacy_options); $smarty->assign('group_comments', $comment_options); $smarty->assign('group_discussion', $comment_options);
if (!$user->level_info['level_message_allow']) { header("Location: user_home.php"); exit; } // SET ERROR VARIABLES AND EMPTY VARS $is_error = 0; $submitted = 0; // TRY TO SEND MESSAGE if ($task == "send") { $to = $_POST['to']; $subject = $_POST['subject']; $message = $_POST['message']; $user->user_message_send($to, $subject, $message); $is_error = $user->is_error; if ($is_error != 0) { SE_Language::_preload($is_error); SE_Language::load(); $error_message = SE_Language::_get($is_error); } // SEND AJAX CONFIRMATION echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=UTF-8'><script type='text/javascript'>"; echo "window.parent.messageSent('{$is_error}', '" . str_replace("'", "\\'", $error_message) . "');"; echo "</script></head><body></body></html>"; exit; } // GET LIST OF FRIENDS FOR SUGGEST BOX $total_friends = $user->user_friend_total(0); $friends = $user->user_friend_list(0, $total_friends, 0); // ASSIGN SMARTY VARS AND INCLUDE FOOTER $smarty->assign('is_error', $is_error); $smarty->assign('submitted', $submitted);
} } for ($c = 0; $c < count($level_group_discussion); $c++) { if (group_privacy_levels($level_group_discussion[$c]) != "") { SE_Language::_preload(group_privacy_levels($level_group_discussion[$c])); $discussion_options[$level_group_discussion[$c]] = group_privacy_levels($level_group_discussion[$c]); } } for ($c = 0; $c < count($level_group_upload); $c++) { if (group_privacy_levels($level_group_upload[$c]) != "") { SE_Language::_preload(group_privacy_levels($level_group_upload[$c])); $upload_options[$level_group_upload[$c]] = group_privacy_levels($level_group_upload[$c]); } } for ($c = 0; $c < count($level_group_tag); $c++) { if (group_privacy_levels($level_group_tag[$c]) != "") { SE_Language::_preload(group_privacy_levels($level_group_tag[$c])); $tag_options[$level_group_tag[$c]] = group_privacy_levels($level_group_tag[$c]); } } // ASSIGN SMARTY VARIABLES AND DISPLAY EDIT STYLE PAGE $smarty->assign('group', $group); $smarty->assign('groupalbum_info', $groupalbum_info); $smarty->assign('privacy_options', $privacy_options); $smarty->assign('comment_options', $comment_options); $smarty->assign('discussion_options', $discussion_options); $smarty->assign('upload_options', $upload_options); $smarty->assign('tag_options', $tag_options); $smarty->assign('result', $result); $smarty->assign('style_group', htmlspecialchars($style_info['groupstyle_css'], ENT_QUOTES, 'UTF-8')); include "footer.php";
function forum_list($cat_id = 0) { global $database, $user; // SET LEVEL ID if ($user->user_exists) { $level_id = $user->level_info[level_id]; } else { $level_id = 0; } // GET FORUM CATEGORIES if ($cat_id == 0) { $sql = "SELECT * FROM se_forumcats ORDER BY forumcat_order"; } else { $sql = "SELECT * FROM se_forumcats WHERE cat_id='{$cat_id}'"; } $forumcats = $database->database_query($sql); while ($forumcat_info = $database->database_fetch_assoc($forumcats)) { // GET FORUMS $forum_array = array(); $forums = $database->database_query("SELECT * FROM se_forums WHERE forum_forumcat_id='{$forumcat_info['forumcat_id']}' ORDER BY forum_order"); while ($forum_info = $database->database_fetch_assoc($forums)) { $show_forum = false; if ($database->database_num_rows($database->database_query("SELECT NULL FROM se_forumlevels WHERE forumlevel_forum_id='{$forum_info['forum_id']}' AND forumlevel_level_id='{$level_id}'")) == 1) { $show_forum = true; } elseif ($user->user_exists && $this->forum_is_moderator($user->user_info[user_id], $forum_info[forum_id])) { $show_forum = true; } if ($show_forum) { SE_Language::_preload_multi($forum_info[forum_title], $forum_info[forum_desc]); // GET MODERATORS $mod_array = array(); $mod_array_id = array(); $mods = $database->database_query("SELECT se_users.user_id, se_users.user_username, se_users.user_fname, se_users.user_lname FROM se_forummoderators LEFT JOIN se_users ON se_forummoderators.forummoderator_user_id=se_users.user_id WHERE se_forummoderators.forummoderator_forum_id='{$forum_info['forum_id']}' AND se_users.user_id IS NOT NULL"); while ($user_info = $database->database_fetch_assoc($mods)) { $mod_user = new se_user(); $mod_user->user_info[user_id] = $user_info[user_id]; $mod_user->user_info[user_username] = $user_info[user_username]; $mod_user->user_info[user_fname] = $user_info[user_fname]; $mod_user->user_info[user_lname] = $user_info[user_lname]; $mod_user->user_displayname(); $mod_array[] = $mod_user; } $forum_info[forum_mods] = $mod_array; // GET LAST POST $lastpost = $database->database_query("SELECT se_forumposts.forumpost_id, se_forumposts.forumpost_date, se_forumposts.forumpost_authoruser_id, se_forumtopics.forumtopic_id, se_forumtopics.forumtopic_subject, se_users.user_id, se_users.user_username, se_users.user_fname, se_users.user_lname, se_users.user_photo FROM se_forumposts LEFT JOIN se_forumtopics ON se_forumposts.forumpost_forumtopic_id=se_forumtopics.forumtopic_id LEFT JOIN se_users ON se_forumposts.forumpost_authoruser_id=se_users.user_id WHERE se_forumtopics.forumtopic_forum_id='{$forum_info[forum_id]}' AND se_forumposts.forumpost_deleted='0' ORDER BY se_forumposts.forumpost_id DESC LIMIT 1"); if ($database->database_num_rows($lastpost) == 1) { $lastpost_info = $database->database_fetch_assoc($lastpost); $forum_info[lastpost] = true; // GET POST AUTHOR $author = new se_user(); if ($lastpost_info['forumpost_authoruser_id'] != $lastpost_info['user_id']) { $author->user_exists = false; } else { $author->user_exists = true; $author->user_info['user_id'] = $lastpost_info['user_id']; $author->user_info['user_username'] = $lastpost_info['user_username']; $author->user_info['user_fname'] = $lastpost_info['user_fname']; $author->user_info['user_lname'] = $lastpost_info['user_lname']; $author->user_info['user_photo'] = $lastpost_info['user_photo']; $author->user_displayname(); } $lastpost_info[author] = $author; $forum_info[lastpost_info] = $lastpost_info; } else { $forum_info[lastpost] = false; } if ($forum_info[lastpost]) { $forum_info[is_read] = false; if (isset($_COOKIE["forum_{$user->user_info[user_id]}_{$forum_info['forum_id']}"])) { if ($_COOKIE["forum_{$user->user_info[user_id]}_{$forum_info['forum_id']}"] >= $forum_info[lastpost_info][forumpost_date]) { $forum_info[is_read] = true; } } } else { $forum_info[is_read] = true; } $forum_array[] = $forum_info; } } SE_Language::_preload($forumcat_info[forumcat_title]); $forumcat_info[forums] = $forum_array; $forumcat_array[] = $forumcat_info; } return $forumcat_array; }
} // SET RESULT VARIABLES $result = 0; $is_error = 0; // GET USER SETTINGS $user->user_settings(); // GET NOTIFICATIONS $notifytypes = array(); $notifytype_query = $database->database_query("SELECT notifytype_id, notifytype_title, notifytype_name FROM se_notifytypes"); while ($notifytype_info = $database->database_fetch_assoc($notifytype_query)) { // Ignore notify types that are missing a corresponding usersetting column $usersetting_notifytype = "usersetting_notify_" . $notifytype_info['notifytype_name']; if (!array_key_exists($usersetting_notifytype, $user->usersetting_info)) { continue; } SE_Language::_preload($notifytype_info['notifytype_title']); $notifytypes[] = $notifytype_info; } // SAVE ACCOUNT SETTINGS if ($task == "dosave") { $user_email = $_POST['user_email']; $user_username = $_POST['user_username']; $user_timezone = $_POST['user_timezone']; $user_profilecat_id = $_POST['user_profilecat_id']; $notifications = $_POST['notifications']; // GET NOTIFICATIONS $usersettings = array(); foreach ($notifytypes as $notifytype) { // Ignore notify types that are missing a corresponding usersetting column $usersetting_notifytype = "usersetting_notify_" . $notifytype['notifytype_name']; if (!array_key_exists($usersetting_notifytype, $user->usersetting_info)) {
} $music = new se_music($user->user_info['user_id']); // OUTPUT ob_end_clean(); if (!$is_error && $music->music_delete($music_id)) { echo '{"result":"success"}'; } else { echo '{"result":"failure"}'; } exit; } elseif ($task == "editsongtitle") { if (empty($user) || !$user->user_exists || !$user->level_info['level_music_allow']) { $is_error = 1; } if (!trim($music_title)) { SE_Language::_preload(4000086); SE_Language::load(); $music_title = SE_Language::_get(4000086); } $music = new se_music($user->user_info['user_id']); // OUTPUT ob_end_clean(); if (!$is_error && $music->music_track_update($music_id, $music_title)) { echo '{"result":"success"}'; } else { echo '{"result":"failure"}'; } exit; } elseif ($task == "moveupsong") { if (empty($user) || !$user->user_exists || !$user->level_info['level_music_allow']) { $is_error = 1;
<?php // ENSURE THIS IS BEING INCLUDED IN AN SE SCRIPT defined('SE_PAGE') or exit; // INCLUDE GROUP FILES include "./include/class_group.php"; include "./include/functions_group.php"; // PRELOAD LANGUAGE SE_Language::_preload(2000007); // SET MENU VARS if ($user->user_exists && (int) $user->level_info['level_group_allow'] & 1 || !$user->user_exists && $setting['setting_permission_group']) { $plugin_vars['menu_main'] = array('file' => 'browse_groups.php', 'title' => 2000007); } if ((int) $user->level_info['level_group_allow'] & 2) { $plugin_vars['menu_user'] = array('file' => 'user_group.php', 'icon' => 'group_group16.gif', 'title' => 2000007); } // SET WHAT'S NEW PAGE UPDATES if ($user->level_info['level_group_allow'] & 1 && $page == "user_home") { // GET GROUP SUBSCRIPTIONS $group_subscribes = array(); $group_subscribe_query = $database->database_query("SELECT se_groupsubscribes.groupsubscribe_time, se_groups.group_id, se_groups.group_title, count(se_groupcomments.groupcomment_id) AS total_comments FROM se_groupsubscribes LEFT JOIN se_groups ON se_groupsubscribes.groupsubscribe_group_id=se_groups.group_id LEFT JOIN se_groupcomments ON se_groups.group_id=se_groupcomments.groupcomment_group_id AND se_groupcomments.groupcomment_date>se_groupsubscribes.groupsubscribe_time WHERE se_groupsubscribes.groupsubscribe_user_id='{$user->user_info['user_id']}' GROUP BY se_groups.group_id ORDER BY se_groups.group_title"); $total_group_subscribes = $database->database_num_rows($group_subscribe_query); while ($subscribe_info = $database->database_fetch_assoc($group_subscribe_query)) { $subscribe_info['total_photos'] = $database->database_num_rows($database->database_query("SELECT NULL FROM se_groupmedia INNER JOIN se_groupalbums ON se_groupmedia.groupmedia_groupalbum_id=se_groupalbums.groupalbum_id AND se_groupalbums.groupalbum_group_id='{$subscribe_info['group_id']}' WHERE se_groupmedia.groupmedia_date>'{$subscribe_info['groupsubscribe_time']}'")); $subscribe_info['total_posts'] = $database->database_num_rows($database->database_query("SELECT NULL FROM se_groupposts INNER JOIN se_grouptopics ON se_groupposts.grouppost_grouptopic_id=se_grouptopics.grouptopic_id AND se_grouptopics.grouptopic_group_id='{$subscribe_info['group_id']}' WHERE se_groupposts.grouppost_date>'{$subscribe_info['groupsubscribe_time']}'")); $group_subscribes[] = $subscribe_info; } // ASSIGN GROUP SUBSCRIPTION SMARY VARIABLE $smarty->assign('group_subscribes', $group_subscribes); $smarty->assign('total_group_subscribes', $total_group_subscribes); // SET PROFILE MENU VARS
$task = $_POST['task']; } elseif (isset($_GET['task'])) { $task = $_GET['task']; } else { $task = ""; } // INCREMENT VIEW if ($task == "view") { $faq_id = $_GET['faq_id']; $database->database_query("UPDATE se_faqs SET faq_views=faq_views+1 WHERE faq_id='{$faq_id}'"); exit; } $faqcats = $database->database_query("SELECT * FROM se_faqcats ORDER BY faqcat_order"); while ($faqcat_info = $database->database_fetch_assoc($faqcats)) { $faq_array = array(); $faqs = $database->database_query("SELECT * FROM se_faqs WHERE faq_faqcat_id='{$faqcat_info['faqcat_id']}' ORDER BY faq_order"); while ($faq_info = $database->database_fetch_assoc($faqs)) { SE_Language::_preload_multi($faq_info[faq_subject], $faq_info['faq_content']); $faq_info['faq_content'] = htmlspecialchars_decode($faq_info['faq_content'], ENT_QUOTES); $faq_array[] = $faq_info; } SE_Language::_preload($faqcat_info['faqcat_title']); $faqcat_info[faqs] = $faq_array; $faqcat_array[] = $faqcat_info; } // SET GLOBAL PAGE TITLE/DESCRIPTION $global_page_title[0] = 957; $global_page_description[0] = 958; // ASSIGN SMARTY VARIABLES AND INCLUDE FOOTER $smarty->assign('faqcats', $faqcat_array); include "footer.php";
function comment_post($comment_body, $comment_secure, $object_title = "", $object_owner = "", $object_owner_id = 0, $object_privacy = "") { global $database, $user, $owner, $setting, $actions, $notify, $url; $comment_id = 0; $comment_date = time(); // RETRIEVE AND CHECK SECURITY CODE IF NECESSARY if ($setting['setting_comment_code']) { // NOW IN HEADER $code_found = false; if (@$_SESSION['code'] == $comment_secure) { $code_found = true; } if (!empty($_SESSION['codes']) && is_array($_SESSION['codes'])) { foreach ($_SESSION['codes'] as $index => $code_info) { if ($code_info['code'] == $comment_secure) { $code_found = true; unset($_SESSION['codes'][$index]); } } } if (!$code_found) { $this->is_error = 1; } //session_start(); //$code = $_SESSION['code']; //if($code == "") { $code = randomcode(); } //if($comment_secure != $code) { $this->is_error = 1; } } // MAKE SURE COMMENT BODY IS NOT EMPTY - ADD BREAKS AND CENSOR $comment_body = cleanHTML(censor($comment_body), $setting['setting_comment_html'], array("style")); $comment_body = preg_replace('/(\\r\\n?)/', "\n", $comment_body); $comment_body = str_replace("\n", "<br>", $comment_body); $comment_body = preg_replace('/(<br>){3,}/is', '<br><br>', $comment_body); $comment_body = str_replace("'", "\\'", $comment_body); if (!trim($comment_body)) { $this->is_error = 1; $comment_body = ""; } // ADD COMMENT IF NO ERROR if (!$this->is_error) { $resource = $database->database_query("\r\n INSERT INTO `se_{$this->comment_type}comments` (\r\n `{$this->comment_type}comment_{$this->comment_identifier}`,\r\n `{$this->comment_type}comment_authoruser_id`,\r\n `{$this->comment_type}comment_date`,\r\n `{$this->comment_type}comment_body`\r\n ) VALUES (\r\n '{$this->comment_identifying_value}',\r\n '{$user->user_info['user_id']}',\r\n '{$comment_date}',\r\n '{$comment_body}'\r\n )\r\n "); $comment_id = $database->database_insert_id(); // New handling - total cached in parent table if ($resource && $this->comment_parent_type && $this->comment_parent_identifier) { $database->database_query("\r\n UPDATE\r\n `se_{$this->comment_parent_type}`\r\n SET\r\n `{$this->comment_parent_identifier}_totalcomments`=`{$this->comment_parent_identifier}_totalcomments`+1\r\n WHERE\r\n `{$this->comment_identifier}`='{$this->comment_identifying_value}'\r\n LIMIT\r\n 1\r\n "); } // INSERT ACTION IF USER EXISTS if ($user->user_exists) { $commenter = $user->user_displayname; $comment_body_encoded = strip_tags($comment_body); if (strlen($comment_body_encoded) > 250) { $comment_body_encoded = substr($comment_body_encoded, 0, 247) . "..."; } $comment_body_encoded = str_replace(array("<br>", "<br />"), " ", $comment_body_encoded); $actions->actions_add($user, $this->comment_type . "comment", array($user->user_info['user_username'], $user->user_displayname, $owner->user_info['user_username'], $owner->user_displayname, $comment_body_encoded, $this->comment_identifying_value, $object_title, $object_owner_id), array(), 0, false, $object_owner, $object_owner_id, $object_privacy); } else { SE_Language::_preload(835); SE_Language::load(); $commenter = SE_Language::_get(835); } // SEND PROFILE COMMENT NOTIFICATION IF COMMENTER IS NOT OWNER if ($owner->user_info['user_id'] != $user->user_info['user_id']) { $notifytype = $notify->notify_add($owner->user_info['user_id'], $this->comment_type . "comment", $this->comment_identifying_value, array($owner->user_info['user_username'], $this->comment_identifying_value, $object_owner_id), array($object_title)); $object_url = $url->url_base . vsprintf($notifytype['notifytype_url'], array($owner->user_info['user_username'], $this->comment_identifying_value)); $owner->user_settings(); if ($owner->usersetting_info['usersetting_notify_' . $this->comment_type . 'comment']) { send_systememail($this->comment_type . "comment", $owner->user_info['user_email'], array($owner->user_displayname, $commenter, "<a href=\"{$object_url}\">{$object_url}</a>")); } } } return array('comment_id' => $comment_id, 'comment_body' => $comment_body, 'comment_date' => $comment_date); }
// MAKE SURE SUBMITTED PRIVACY OPTIONS ARE ALLOWED, IF NOT, SET TO EVERYONE if (!in_array($video_privacy, $level_video_privacy)) { $video_privacy = $level_video_privacy[0]; } if (!in_array($video_comments, $level_video_comments)) { $video_comments = $level_video_comments[0]; } $database->database_query("UPDATE se_videos SET video_title='{$video_title}', video_desc='{$video_desc}', video_search='{$video_search}', video_privacy='{$video_privacy}', video_comments='{$video_comments}' WHERE video_id='{$video_id}' AND video_user_id='{$user->user_info['user_id']}'"); } // GET VIDEOS $total_videos = $video->video_total("(video_is_converted<>'-1')"); $video_array = $video->video_list(0, $video->video_total(), "video_is_converted, video_id DESC", "", 1); // GET PREVIOUS PRIVACY SETTINGS for ($c = 0; $c < count($level_video_privacy); $c++) { if (user_privacy_levels($level_video_privacy[$c]) != "") { SE_Language::_preload(user_privacy_levels($level_video_privacy[$c])); $privacy_options[$level_video_privacy[$c]] = user_privacy_levels($level_video_privacy[$c]); } } for ($c = 0; $c < count($level_video_comments); $c++) { if (user_privacy_levels($level_video_comments[$c]) != "") { SE_Language::_preload(user_privacy_levels($level_video_comments[$c])); $comment_options[$level_video_comments[$c]] = user_privacy_levels($level_video_comments[$c]); } } // ASSIGN VARIABLES AND SHOW VIEW VIDEOS PAGE $smarty->assign('videos_total', $total_videos); $smarty->assign('videos', $video_array); $smarty->assign('privacy_options', $privacy_options); $smarty->assign('comment_options', $comment_options); include "footer.php";
if (user_privacy_levels($priv) != "") { SE_Language::_preload(user_privacy_levels($priv)); $privacy_options[$priv] = user_privacy_levels($priv); } } for ($c = 6; $c >= 0; $c--) { $priv = pow(2, $c) - 1; if (user_privacy_levels($priv) != "") { SE_Language::_preload(user_privacy_levels($priv)); $comment_options[$priv] = user_privacy_levels($priv); } } for ($c = 6; $c >= 0; $c--) { $priv = pow(2, $c) - 1; if (user_privacy_levels($priv) != "") { SE_Language::_preload(user_privacy_levels($priv)); $tag_options[$priv] = user_privacy_levels($priv); } } // ASSIGN VARIABLES AND SHOW ALBUM SETTINGS PAGE $smarty->assign('result', $result); $smarty->assign('is_error', $is_error); $smarty->assign('level_info', $level_info); $smarty->assign('level_album_privacy', unserialize($level_info[level_album_privacy])); $smarty->assign('level_album_comments', unserialize($level_info[level_album_comments])); $smarty->assign('level_album_tag', unserialize($level_info[level_album_tag])); $smarty->assign('level_album_profile', explode(",", $level_info[level_album_profile])); $smarty->assign('album_privacy', $privacy_options); $smarty->assign('album_comments', $comment_options); $smarty->assign('album_tag', $tag_options); include "admin_footer.php";
function search_album() { global $database, $url, $results_per_page, $p, $search_text, $t, $search_objects, $results, $total_results; // CONSTRUCT QUERY $album_query = "\r\n\t(\r\n\tSELECT\r\n '1' AS sub_type,\r\n\t se_media.media_album_id AS album_id,\r\n\t se_media.media_title AS title,\r\n\t se_media.media_desc AS description,\r\n\t se_media.media_id AS media_id,\r\n\t se_media.media_ext AS media_ext,\r\n\t se_users.user_id,\r\n\t se_users.user_username,\r\n\t se_users.user_photo,\r\n\t se_users.user_fname,\r\n\t se_users.user_lname\r\n\tFROM\r\n\t se_media,\r\n\t se_albums,\r\n\t se_users,\r\n\t se_levels\r\n\tWHERE\r\n\t se_media.media_album_id=se_albums.album_id AND\r\n\t se_albums.album_user_id=se_users.user_id AND\r\n\t se_users.user_level_id=se_levels.level_id AND\r\n\t (\r\n\t se_albums.album_search='1' OR\r\n\t se_levels.level_album_search='0'\r\n\t )\r\n\t AND\r\n\t (\r\n\t se_media.media_title LIKE '%{$search_text}%' OR\r\n\t se_media.media_desc LIKE '%{$search_text}%'\r\n\t )\r\n\tORDER BY media_id DESC\r\n\t)\r\n\tUNION ALL\r\n\t(\r\n\tSELECT\r\n\t '2' AS sub_type,\r\n\t se_albums.album_id AS album_id,\r\n\t se_albums.album_title AS title,\r\n\t se_albums.album_desc AS description,\r\n\t se_albums.album_cover AS media_id,\r\n\t se_media.media_ext AS media_ext,\r\n\t se_users.user_id,\r\n\t se_users.user_username,\r\n\t se_users.user_photo,\r\n\t se_users.user_fname,\r\n\t se_users.user_lname\r\n\tFROM\r\n\t se_albums,\r\n\t se_users,\r\n\t se_levels,\r\n\t se_media\r\n\tWHERE\r\n\t se_albums.album_user_id=se_users.user_id AND\r\n\t se_users.user_level_id=se_levels.level_id AND\r\n\t se_albums.album_cover=se_media.media_id AND \r\n\t (\r\n\t se_albums.album_search='1' OR\r\n\t se_levels.level_album_search='0'\r\n\t )\r\n\t AND\r\n\t (\r\n\t se_albums.album_title LIKE '%{$search_text}%' OR\r\n\t se_albums.album_desc LIKE '%{$search_text}%'\r\n\t )\r\n\tORDER BY album_id DESC\r\n\t)"; // GET TOTAL RESULTS $total_albums = $database->database_num_rows($database->database_query($album_query . " LIMIT 201")); // IF NOT TOTAL ONLY if ($t == "album") { // MAKE ALBUM PAGES $start = ($p - 1) * $results_per_page; $limit = $results_per_page + 1; // SEARCH ALBUMS $albums = $database->database_query($album_query . " ORDER BY album_id DESC LIMIT {$start}, {$limit}"); while ($album_info = $database->database_fetch_assoc($albums)) { // CREATE AN OBJECT FOR USER $profile = new se_user(); $profile->user_info['user_id'] = $album_info['user_id']; $profile->user_info['user_username'] = $album_info['user_username']; $profile->user_info['user_fname'] = $album_info['user_fname']; $profile->user_info['user_lname'] = $album_info['user_lname']; $profile->user_info['user_photo'] = $album_info['user_photo']; $profile->user_displayname(); // RESULT IS A MEDIA if ($album_info[sub_type] == 1) { $result_url = $url->url_create('album_file', $album_info['user_username'], $album_info['album_id'], $album_info['media_id']); $result_name = 1000119; $result_desc = 1000121; // RESULT IS AN ALBUM } else { $result_url = $url->url_create('album', $album_info['user_username'], $album_info['album_id']); $result_name = 1000120; $result_desc = 1000122; } // SET THUMBNAIL, IF AVAILABLE switch ($album_info['media_ext']) { case "jpeg": case "jpg": case "gif": case "png": case "bmp": $thumb_path = $url->url_userdir($album_info['user_id']) . $album_info['media_id'] . "_thumb.jpg"; break; case "mp3": case "mp4": case "wav": $thumb_path = "./images/icons/audio_big.gif"; break; case "mpeg": case "mpg": case "mpa": case "avi": case "swf": case "mov": case "ram": case "rm": $thumb_path = "./images/icons/video_big.gif"; break; default: $thumb_path = "./images/icons/file_big.gif"; } if (!file_exists($thumb_path)) { $thumb_path = "./images/icons/file_big.gif"; } // IF NO TITLE if ($album_info['title'] == "") { SE_Language::_preload(589); SE_Language::load(); $album_info['title'] = SE_Language::_get(589); } // IF DESCRIPTION IS LONG if (strlen($album_info['description']) > 150) { $album_info['description'] = substr($album_info['description'], 0, 147) . "..."; } $results[] = array('result_url' => $result_url, 'result_icon' => $thumb_path, 'result_name' => $result_name, 'result_name_1' => $album_info['title'], 'result_desc' => $result_desc, 'result_desc_1' => $url->url_create('profile', $album_info['user_username']), 'result_desc_2' => $profile->user_displayname, 'result_desc_3' => $album_info['description']); } // SET TOTAL RESULTS $total_results = $total_albums; } // SET ARRAY VALUES SE_Language::_preload_multi(1000118, 1000119, 1000120, 1000121, 1000122); if ($total_albums > 200) { $total_albums = "200+"; } $search_objects[] = array('search_type' => 'album', 'search_lang' => 1000118, 'search_total' => $total_albums); }
function site_statistics() { global $setting, $database, $database_name; $statistics = NULL; // CACHING $cache_object = SECache::getInstance('serial'); if (is_object($cache_object)) { $statistics = $cache_object->get('site_statistics'); } // RETRIEVAL //if( !is_array($statistics) || empty($statistics) ) if (!is_array($statistics)) { $statistics = array(); // Get default stats $total_members = $database->database_fetch_assoc($database->database_query("SELECT count(*) AS total_members FROM se_users")); $statistics['members'] = array('title' => 661, 'stat' => (int) (isset($total_members['total_members']) ? $total_members['total_members'] : 0)); if ($setting['setting_connection_allow']) { $total_friends = $database->database_fetch_assoc($database->database_query("SELECT count(*) AS total_friends FROM se_friends WHERE friend_status='1'")); $statistics['friends'] = array('title' => 662, 'stat' => (int) (isset($total_friends['total_friends']) ? $total_friends['total_friends'] : 0)); } $total_comments = 0; $comment_tables = $database->database_query("SHOW TABLES FROM `{$database_name}` LIKE 'se_%comments'"); while ($table_info = $database->database_fetch_array($comment_tables)) { $comment_type = strrev(substr(strrev(substr($table_info[0], 3)), 8)); $table_comments = $database->database_fetch_assoc($database->database_query("SELECT count(*) AS total_comments FROM `se_{$comment_type}comments`")); $total_comments += $table_comments['total_comments']; } $statistics['comments'] = array('title' => 663, 'stat' => (int) $total_comments); /* $total_media = 0; $media_tables = $database->database_query("SHOW TABLES FROM `{$database_name}` LIKE 'se_%media'"); while($table_info = $database->database_fetch_array($media_tables)) { $comment_type = strrev(substr(strrev(substr($table_info[0], 3)), 8)); $table_media = $database->database_fetch_assoc($database->database_query("SELECT count(*) AS total_media FROM se_{$comment_type}media")); $total_media += $total_media['total_media']; } $statistics['media'] = array( 'title' => 663, // TODO 'stat' => (int) $total_media ); */ /* $total_mediatags = 0; $mediatag_tables = $database->database_query("SHOW TABLES FROM `{$database_name}` LIKE 'se_%mediatags'"); while($table_info = $database->database_fetch_array($media_tables)) { $comment_type = strrev(substr(strrev(substr($table_info[0], 3)), 8)); $table_mediatags = $database->database_fetch_assoc($database->database_query("SELECT count(*) AS total_mediatags FROM se_{$comment_type}mediatags")); $total_mediatags += $total_mediatags['total_mediatags']; } $statistics['mediatags'] = array( 'title' => 663, // TODO 'stat' => (int) $total_mediatags ); */ // CALL HOOK // COMMENT OUT THIS NEXT LINE IF YOU ONLY WANT THE BASIC STATISTICS ($hook = SE_Hook::exists('se_site_statistics')) ? SE_Hook::call($hook, array('statistics' => &$statistics)) : NULL; // CACHE if (is_object($cache_object)) { $cache_object->store($statistics, 'site_statistics'); } } // Load language foreach ($statistics as $stat) { SE_Language::_preload($stat['title']); } return $statistics; }
function search_music() { global $database, $url, $results_per_page, $p, $search_text, $t, $search_objects, $results, $total_results, $user; // CONSTRUCT QUERY $sql = "\r\n SELECT\r\n se_music.*,\r\n se_users.user_id,\r\n se_users.user_username,\r\n se_users.user_photo,\r\n se_users.user_fname,\r\n se_users.user_lname\r\n FROM\r\n se_music\r\n LEFT JOIN\r\n se_users\r\n ON se_users.user_id=se_music.music_user_id\r\n WHERE\r\n se_music.music_title LIKE '%{$search_text}%'\r\n "; // GET TOTAL RESULTS $total_music = $database->database_num_rows($database->database_query($sql . " LIMIT 201")); // IF NOT TOTAL ONLY if ($t == "music") { // MAKE MUSIC PAGES $start = ($p - 1) * $results_per_page; $limit = $results_per_page + 1; // Lang for download song SE_Language::_preload(4000095); SE_Language::load(); // SEARCH MUSIC $sql .= " ORDER BY se_music.music_id DESC LIMIT {$start}, {$limit}"; $resource = $database->database_query($sql) or die($database->database_error()); while ($music_info = $database->database_fetch_assoc($resource)) { // CREATE AN OBJECT FOR USER $profile = new se_user(); $profile->user_info['user_id'] = $music_info['user_id']; $profile->user_info['user_username'] = $music_info['user_username']; $profile->user_info['user_fname'] = $music_info['user_fname']; $profile->user_info['user_lname'] = $music_info['user_lname']; $profile->user_info['user_photo'] = $music_info['user_photo']; $profile->user_displayname(); $result_url = $url->url_create('profile', $music_info['user_username']); $result_name = 4000105; $result_desc = 4000106; $userdir = $url->url_userdir($music_info['user_id']); $music_path = "{$userdir}{$music_info['music_id']}.{$music_info['music_ext']}"; // IF NO TITLE if (!trim($music_info['music_title'])) { SE_Language::_preload(589); SE_Language::load(); $music_info['music_title'] = SE_Language::_get(589); } $dl_lv = SE_Language::_get(4000095); $desc3 = <<<EOF <br /> <table><tr><td> <object width="17" height="17" data="images/music_button.swf?song_url={$music_path}" type="application/x-shockwave-flash"> <param value="images/music_button.swf?song_url={$music_path}" name="movie" /> <img width="17" height="17" alt="" src="noflash.gif" /> </object> </td> EOF; if ($user->user_exists && $user->level_info['level_music_allow_downloads']) { $desc3 .= <<<EOF <td style="padding-left:10px;vertical-align:middle;"> <a type="application/force-download" href="{$music_path}">{$dl_lv}</a> </td> EOF; } $desc3 .= "</tr></table>"; $results[] = array('result_url' => $result_url, 'result_icon' => './images/icons/music_music48.gif', 'result_name' => $result_name, 'result_name_1' => $music_info['music_title'], 'result_desc' => $result_desc, 'result_desc_1' => $url->url_create('profile', $profile->user_info['user_username']), 'result_desc_2' => $profile->user_displayname, 'result_desc_3' => $desc3); } // SET TOTAL RESULTS $total_results = $total_music; } // SET ARRAY VALUES SE_Language::_preload_multi(4000104, 4000105, 4000106); if ($total_music > 200) { $total_music = "200+"; } $search_objects[] = array('search_type' => 'music', 'search_lang' => 4000104, 'search_total' => $total_music); }
$total_comments = 0; $comment_tables = $database->database_query("SHOW TABLES FROM `{$database_name}` LIKE 'se_%comments'"); while ($table_info = $database->database_fetch_array($comment_tables)) { $comment_type = strrev(substr(strrev(substr($table_info[0], 3)), 8)); $table_comments = $database->database_fetch_assoc($database->database_query("SELECT count(*) AS total_comments FROM se_" . $comment_type . "comments WHERE " . $comment_type . "comment_authoruser_id='" . $user->user_info[user_id] . "'")); $total_comments += $table_comments[total_comments]; } // GET USER LEVEL ARRAY $levels = $database->database_query("SELECT level_id, level_name FROM se_levels ORDER BY level_name"); while ($level_info = $database->database_fetch_assoc($levels)) { $level_array[] = $level_info; } // GET PROFILECAT ARRAY $cats = $database->database_query("SELECT profilecat_id AS cat_id, profilecat_title AS cat_title FROM se_profilecats WHERE profilecat_dependency='0' ORDER BY profilecat_order"); while ($cat_info = $database->database_fetch_assoc($cats)) { SE_Language::_preload($cat_info[cat_title]); $cat_array[] = $cat_info; } // GET RECENT ACTIVITY (ACTIONS) $owner = $user; $actions = new se_actions(); $actions = $actions->actions_display(0, $setting[setting_actions_actionsonprofile], "se_actions.action_user_id='" . $user->user_info[user_id] . "'"); // ASSIGN VARIABLES AND SHOW EDIT USERS PAGE $smarty->assign('is_error', $is_error); $smarty->assign('result', $result); $smarty->assign('user', $user); $smarty->assign('levels', $level_array); $smarty->assign('cats', $cat_array); $smarty->assign('actions', $actions); $smarty->assign('old_subnet_name', $subnet[2]); $smarty->assign('new_subnet_name', $subnet[1]);
<?php // ENSURE THIS IS BEING INCLUDED IN AN SE SCRIPT defined('SE_PAGE') or exit; // INCLUDE POLL FILES include "./include/class_poll.php"; include "./include/functions_poll.php"; // PRELOAD LANGUAGE SE_Language::_preload(2500005); // SET MAIN MENU VARS if (!$user->user_exists && $setting['setting_permission_poll'] || $user->user_exists && 1 & (int) $user->level_info['level_poll_allow']) { $plugin_vars['menu_main'] = array('file' => 'browse_polls.php', 'title' => 2500005); } if ($user->user_exists && 4 & (int) $user->level_info['level_poll_allow']) { $plugin_vars['menu_user'] = array('file' => 'user_poll.php', 'icon' => 'poll_poll16.gif', 'title' => 2500005); } // SET PROFILE MENU VARS if (4 & (int) $owner->level_info['level_poll_allow'] && $page == "profile") { // START poll $poll = new se_poll($owner->user_info['user_id']); $entries_per_page = 5; $sort = "poll_datecreated DESC"; // GET PRIVACY LEVEL AND SET WHERE $privacy_max = $owner->user_privacy_max($user); $where = "(poll_privacy & {$privacy_max})"; // GET TOTAL ENTRIES $total_polls = $poll->poll_total($where); // GET ENTRY ARRAY $polls = $poll->poll_list(0, $entries_per_page, $sort, $where); // ASSIGN ENTRIES SMARY VARIABLE $smarty->assign('polls', $polls);