$noncompany_related_topics = take($related_topics_count, $noncompany_related_topics); resolve_companies($noncompany_related_topics); list($company_promoted, $star_promoted) = filter_promoted($topic['replies']); $smarty->assign('topic_head', $topic_head); $smarty->assign('replies', $topic['replies']); $smarty->assign('related_topics', $noncompany_related_topics); $smarty->assign('particip', $topic['particip']); $smarty->assign('tags', $topic['tags']); $smarty->assign(array('reply_count' => $reply_count, 'toplevel_reply_count' => $toplevel_reply_count)); $smarty->assign('num_pages', ceil($toplevel_reply_count / $topic_page_size)); $smarty->assign('page_num', $page_num); $smarty->assign('topic_id', $topic_id); $smarty->assign('reply_url', $reply_url); $smarty->assign(array('company_promoted_replies' => $company_promoted, 'star_promoted_replies' => $star_promoted)); $smarty->assign('flagged_topic', request_param('flagged_topic')); $smarty->assign('own_topic', $topic_head['author']['canonical_name'] == $sprink->current_username()); $smarty->assign('flagged_reply', request_param('flagged_reply')); if (request_param('shared_with')) { $smarty->assign('shared_with', explode(',', request_param('shared_with'))); } if (request_param('share_failed')) { $smarty->assign('share_failed_msg', true); } if (request_param('me_tood_topic')) { $smarty->assign('me_tood_topic_msg', true); } if (request_param('me_too_failed')) { $smarty->assign('me_too_failed_error', true); } if (request_param('no_self_star')) { $smarty->assign('self_star_error', true);
# c.f. RFC 821 p. 30. Doesn't handle quoted local-parts, #number domain # segments or dotted-quad domain segments. ## Validation | FIXME: not finished $bad_fields = array(); $contact_email = request_param('contact_email'); if (preg_match($email_regex, $contact_email)) { $contact_email = trim($contact_email); } else { array_push($bad_fields, 'contact_email'); } $contact_phone = request_param('contact_phone'); $contact_address = request_param('contact_address'); # TBD: additional links $sprink = new Sprinkles(); # TBD: this is expensive; cheapen! $active_username = $sprink->current_username(); if (!$active_username) { redirect($sprink->authorize_url('admin.php', false)); exit(0); } $existing_admin_users = $sprink->get_users(); if (!$sprink->user_is_admin()) { redirect('error.php'); exit(0); } sort($existing_admin_users); $admin_users_str = request_param('admin_users_str'); $admin_users = preg_split('/,\\s*|\\s+/', $admin_users_str); if (!member($active_username, $admin_users)) { array_push($bad_fields, 'admin_users_str'); } else {
<?php require_once "Sprinkles.php"; require_once 'admin-fields.php'; $sprink = new Sprinkles(); $user = $sprink->current_user(); $username = $sprink->current_username(); if (!$username) { redirect($sprink->authorize_url('admin.php', false)); exit(0); } $admin_users = $sprink->get_users(); if (!$sprink->user_is_admin()) { $sprink->add_std_hash_elems($smarty); $smarty->display('not-admin.t'); } $company_hcard = $sprink->company_hcard(); $company_name = $company_hcard["fn"]; # TBD: fetch the site_settings row just once per request. $sql = "select background_color, contact_email, contact_phone, " . "contact_address, logo_link, map_url, faq_type from site_settings"; $result = mysql_query($sql); if (!$result) { die("Failed to fetch site settings from database (" . mysql_error() . ")."); } $settings = mysql_fetch_assoc($result); $smarty->assign('admin_users', $admin_users); foreach ($fields as $i => $field) { if (request_param($field)) { $settings[$field] = request_param($field); } }