function resolve($REPORT, $COMMENT)
{
// The user has chosen to either delete or not delete the comment.
// And we might be sending emails.
global $PAGE;
if (get_http_var('deletecomment') == 'true') {
$upheld = true;
} else {
$upheld = false;
}
$success = $REPORT->resolve($upheld, $COMMENT);
if ($success) {
if ($upheld == true) {
print "<p>The comment has been deleted.</p>\n";
}
print "<p>The report has been resolved.</p>\n";
if (get_http_var('sendtoreporter') == 'true') {
// We're sending an email to the reporter.
// Either approving or declining what they suggested.
if ($REPORT->user_id() > 0) {
// The reporting user was logged in at the time,
// so get their email address.
$USER = new USER();
$USER->init($REPORT->user_id());
$email = $USER->email();
} else {
// Non-logged-in user; they should have left their address.
$email = $REPORT->email();
}
// Prepare the data needed for either email.
$data = array('to' => $email);
$merge = array('FIRSTNAME' => $REPORT->firstname(), 'LASTNAME' => $REPORT->lastname(), 'REPORTBODY' => strip_tags($REPORT->body()));
// Add stuff specific to each type of email.
if ($upheld == true) {
$data['template'] = 'report_upheld';
} else {
$data['template'] = 'report_declined';
$merge['COMMENTURL'] = 'http://' . DOMAIN . $COMMENT->url();
$merge['REASON'] = get_http_var('declinedreason');
}
$success = send_template_email($data, $merge);
if ($success) {
print "<p>An email has been sent to the person who made the report.</p>\n";
} else {
$PAGE->error_message("Failed when sending an email to the person who made the report.");
}
}
if (get_http_var('sendtocommenter') == 'true') {
// We're telling the commenter that their comment has been deleted.
$USER = new USER();
$USER->init($COMMENT->user_id());
// Create the URL for if a user wants to return and post another comment.
// Remove the anchor for their now deleted comment.
$addcommentsurl = 'http://' . DOMAIN . preg_replace("/#.*\$/", '#addcomment', $COMMENT->url());
$data = array('to' => $USER->email(), 'template' => 'comment_deleted_blank', 'subject' => 'One of your comments has been deleted');
$merge = array('REPLYBODY' => get_http_var('commentermail'), 'FIRSTNAME' => $USER->firstname(), 'LASTNAME' => $USER->lastname(), 'ADDCOMMENTURL' => $addcommentsurl, 'COMMENTBODY' => strip_tags($COMMENT->body()));
// We only send this email if a comment has been deleted.
$success = send_template_email($data, $merge);
if ($success) {
print "<p>An email has been sent to the person who posted the comment.</p>\n";
} else {
$PAGE->error_message("Failed when sending an email to the person who posted the comment.");
}
}
}
$URL = new URL('admin_home');
print '<p><a href="' . $URL->generate() . '">Back</a></p>';
}
} else {
$expire = "session";
}
// $returnurl is the url of where we'll send the user after login.
$THEUSER->login($returnurl, $expire);
} else {
// Merge the validation errors with any we already have.
$errors = array_merge($errors, $valid);
display_page($errors);
}
}
} elseif ($resend = get_http_var('resend')) {
$USER = new USER();
$USER->init($resend);
if (!$USER->confirmed()) {
$details = array('email' => $USER->email(), 'firstname' => $USER->firstname(), 'lastname' => $USER->lastname());
$USER->send_confirmation_email($details);
$this_page = 'userwelcome';
$PAGE->page_start();
$PAGE->stripe_start();
$message = array('title' => "Confirmation email resent", 'text' => "You should receive an email shortly which will contain a link. You will need to follow that link to confirm your email address before you can log in. Thanks.");
$PAGE->message($message);
$PAGE->stripe_end();
$PAGE->page_end();
}
} else {
// First time to the page...
display_page();
}
function display_page($errors = array())
{
function display_user($user_id = "")
{
global $THEUSER, $PAGE, $DATA, $this_page, $who;
// We're either going to be:
// Displaying the details of a user who's just been edited
// (their user_id will be in $user_id now).
// Viewing THEUSER's own data.
// Viewing someone else's data (their id will be in the GET string
// user_id variable).
// We could do something cleverer so that if THEUSER has sufficient
// privileges we display more data when they're viewing someone else's info
// than what your average punter sees.
// If $user_id is a user id, we've just edited that user's info.
// FIRST: Work out whose info we're going to show.
$edited = false;
// Have we just edited someone's info?
if (is_numeric($user_id) && $user_id == $THEUSER->user_id()) {
// Display this user's just edited info.
$display = "this user";
$edited = true;
} elseif (is_numeric($user_id)) {
// Display someone else's just edited info.
$display = "another user";
$edited = true;
} elseif (is_numeric(get_http_var("u"))) {
// Display someone else's info.
$user_id = get_http_var("u");
$display = "another user";
} elseif ($THEUSER->isloggedin()) {
// Display this user's info.
$display = "this user";
$user_id = $THEUSER->user_id();
} else {
// Nothing to show!
$URL = new URL('userlogin');
$URL->insert(array('ret' => '/user/'));
$loginurl = $URL->generate();
header("Location: {$loginurl}");
exit;
}
// SECOND: Get the data for whoever we're going to show.
if ($display == "another user") {
// Viewing someone else's info.
$USER = new USER();
$valid = $USER->init($user_id);
if ($valid && $USER->confirmed() && !$USER->deleted()) {
// Don't want to display unconfirmed or deleted users.
$name = $USER->firstname() . " " . $USER->lastname();
$url = $USER->url();
if ($USER->emailpublic() == true) {
$email = $USER->email();
}
$status = $USER->status();
$registrationtime = $USER->registrationtime();
// Change the page title to reflect whose info we're viewing.
$DATA->set_page_metadata($this_page, "title", "{$name}");
} else {
// This user_id doesn't exist.
$display = "none";
}
} elseif ($display == "this user") {
// Display THEUSER's info.
$name = $THEUSER->firstname() . " " . $THEUSER->lastname();
$url = $THEUSER->url();
if ($edited) {
// We want to show all the info to the user.
$email = $THEUSER->email();
$emailpublic = $THEUSER->emailpublic() == true ? "Yes" : "No";
$optin = $THEUSER->optin() == true ? "Yes" : "No";
$postcode = $THEUSER->postcode();
} else {
// We're showing them how they're seen to other people.
if ($THEUSER->emailpublic()) {
$email = $THEUSER->email();
}
$registrationtime = $THEUSER->registrationtime();
$status = $THEUSER->status();
}
// Change the page title to make it clear we're viewing THEUSER's
// own info. Make them less worried about other people seeing some of the
// info that shouldn't be public.
$DATA->set_page_metadata($this_page, "title", "Your details");
} else {
// There's nothing to display!
}
// THIRD: Print out what we've got.
$PAGE->page_start();
if ($display != "none") {
$PAGE->stripe_start();
if (isset($registrationtime)) {
// Make registration time more user-friendly.
list($date, $time) = explode(' ', $registrationtime);
$registrationtime = format_date($date, LONGDATEFORMAT);
}
if ($edited) {
print "\t\t\t\t<p><strong>" . ucfirst($who) . " details have been updated:</strong></p>\n";
}
if ($this_page == 'userviewself' && !$edited) {
$EDITURL = new URL('useredit');
?>
<p><strong>This is how other people see you.</strong> <a href="<?php
echo $EDITURL->generate();
?>
">Edit your details</a>.</p>
<?php
}
?>
<div class="row">
<span class="label">Name</span>
<span class="formw"><?php
if (substr($name, -3) == ' MP') {
print '<a href="/mp/' . make_member_url(substr($name, 0, -3)) . '">';
}
echo htmlentities($name);
if (substr($name, -3) == ' MP') {
print '</a>';
}
?>
</span>
</div>
<div class="row">
<span class="label">Email</span>
<span class="formw"><?php
if (isset($email)) {
$escaped_email = str_replace('@', '@', htmlentities($email));
?>
<a href="mailto:<?php
echo $escaped_email . "\">" . $escaped_email;
?>
</a><?php
} else {
?>
Not public<?php
}
?>
</span>
</div>
<?php
if (isset($postcode)) {
if ($postcode == '') {
$postcode = 'none';
}
?>
<div class="row"> <br>
<span class="label">UK Postcode</span>
<span class="formw"><?php
echo htmlentities($postcode);
?>
<small>(not public)</small></span>
</div>
<?php
}
if (isset($url)) {
if ($url == '') {
$url = 'none';
} else {
$url = '<a href="' . htmlentities($url) . '">' . htmlentities($url) . '</a>';
}
?>
<div class="row">
<span class="label">Website</span>
<span class="formw"><?php
echo $url;
?>
</span>
</div>
<?php
}
if (isset($emailpublic)) {
?>
<div class="row"> <br>Let other people see your email address? <strong><?php
echo htmlentities($emailpublic);
?>
</strong></div>
<?php
}
if (isset($optin)) {
?>
<div class="row">Receive TheyWorkForYou.com emails? <strong><?php
echo htmlentities($optin);
?>
</strong></div>
<?php
}
if (isset($status)) {
?>
<div class="row">
<span class="label">Status</span>
<span class="formw"><?php
echo htmlentities($status);
?>
</span>
</div>
<?php
}
if (isset($registrationtime)) {
?>
<div class="row">
<span class="label">Joined</span>
<span class="formw"><?php
echo htmlentities($registrationtime);
?>
</span>
</div>
<?php
}
if ($edited && $this_page == 'userviewself') {
$EDITURL = new URL('useredit');
$VIEWURL = new URL('userviewself');
?>
<p> <br><a href="<?php
echo $EDITURL->generate();
?>
">Edit again</a> or <a href="<?php
echo $VIEWURL->generate();
?>
">see how others see you</a>.</p>
<?php
}
$PAGE->stripe_end();
# Email alerts
if ($this_page == 'userviewself') {
$PAGE->stripe_start();
print '<h3>Your email alerts</h3>';
$db = new ParlDB();
$q = $db->query('SELECT * FROM alerts WHERE email = "' . mysql_escape_string($THEUSER->email()) . '" ORDER BY confirmed,deleted,alert_id');
$out = '';
for ($i = 0; $i < $q->rows(); ++$i) {
$row = $q->row($i);
$criteria = explode(' ', $row['criteria']);
$ccc = array();
foreach ($criteria as $c) {
if (preg_match('#^speaker:(\\d+)#', $c, $m)) {
$MEMBER = new MEMBER(array('person_id' => $m[1]));
$ccc[] = 'spoken by ' . $MEMBER->full_name();
} else {
$ccc[] = $c;
}
}
$criteria = join(' ', $ccc);
$token = $row['alert_id'] . '-' . $row['registrationtoken'];
if (!$row['confirmed']) {
$action = '<a href="/A/' . $token . '">Confirm</a>';
} elseif ($row['deleted']) {
$action = '<form action="/alert/undelete/" method="post"><input type="hidden" name="t" value="' . $token . '"><input type="submit" value="Undelete"></form>';
} else {
$action = '<form action="/alert/delete/" method="post"><input type="hidden" name="t" value="' . $token . '"><input type="submit" value="Delete"></form>';
}
$out .= '<tr><td>' . $criteria . '</td><td>' . $action . '</td></tr>';
}
print '<p>To add a new alert, simply visit an MP or Peer\'s page or conduct a search — to be given the option of turning them into alerts automatically — or visit <a href="/alert/">the manual addition page</a>.</p>';
if ($out) {
print '<p>Here are your email alerts:</p>';
print '<table cellpadding="3" cellspacing="0"><tr><th>Criteria</th><th>Action</th></tr>' . $out . '</table>';
} else {
print '<p>You currently have no email alerts set up.</p>';
}
$PAGE->stripe_end();
}
if (!$edited) {
$args = array('user_id' => $user_id, 'page' => get_http_var('p'));
$COMMENTLIST = new COMMENTLIST();
$COMMENTLIST->display('user', $args);
}
} else {
$message = array('title' => 'Sorry...', 'text' => "We don't have a user ID, so we can't show you anyone's details.");
$PAGE->message($message);
}
$PAGE->page_end();
}
function display_user($user_id = "")
{
global $THEUSER, $PAGE, $DATA, $this_page, $who;
// We're either going to be:
// Displaying the details of a user who's just been edited
// (their user_id will be in $user_id now).
// Viewing THEUSER's own data.
// Viewing someone else's data (their id will be in the GET string
// user_id variable).
// We could do something cleverer so that if THEUSER has sufficient
// privileges we display more data when they're viewing someone else's info
// than what your average punter sees.
// If $user_id is a user id, we've just edited that user's info.
// FIRST: Work out whose info we're going to show.
$edited = false;
// Have we just edited someone's info?
if (is_numeric($user_id) && $user_id == $THEUSER->user_id()) {
// Display this user's just edited info.
$display = "this user";
$edited = true;
} elseif (is_numeric($user_id)) {
// Display someone else's just edited info.
$display = "another user";
$edited = true;
} elseif (is_numeric(get_http_var("u"))) {
// Display someone else's info.
$user_id = get_http_var("u");
$display = "another user";
} elseif ($THEUSER->isloggedin()) {
// Display this user's info.
$display = "this user";
$user_id = $THEUSER->user_id();
} else {
// Nothing to show!
$URL = new URL('userlogin');
$URL->insert(array('ret' => '/user/'));
$loginurl = $URL->generate();
header("Location: {$loginurl}");
exit;
}
// SECOND: Get the data for whoever we're going to show.
$db = new ParlDB();
if ($display == "another user") {
// Viewing someone else's info.
$USER = new USER();
$valid = $USER->init($user_id);
if ($valid && $USER->confirmed() && !$USER->deleted()) {
// Don't want to display unconfirmed or deleted users.
$name = $USER->firstname() . " " . $USER->lastname();
$url = $USER->url();
if ($USER->emailpublic() == true) {
$email = $USER->email();
}
$status = $USER->status();
$registrationtime = $USER->registrationtime();
// Change the page title to reflect whose info we're viewing.
$DATA->set_page_metadata($this_page, "title", "{$name}");
$q = $db->query('select count(*) as c from video_timestamps where deleted=0 and user_id= ' . $USER->user_id());
$video = $q->field(0, 'c');
} else {
// This user_id doesn't exist.
$display = "none";
}
} elseif ($display == "this user") {
// Display THEUSER's info.
$name = $THEUSER->firstname() . " " . $THEUSER->lastname();
$url = $THEUSER->url();
if ($edited) {
// We want to show all the info to the user.
$email = $THEUSER->email();
$emailpublic = $THEUSER->emailpublic() == true ? "Yes" : "No";
$optin = $THEUSER->optin() == true ? "Yes" : "No";
$postcode = $THEUSER->postcode();
} else {
// We're showing them how they're seen to other people.
if ($THEUSER->emailpublic()) {
$email = $THEUSER->email();
}
$registrationtime = $THEUSER->registrationtime();
$status = $THEUSER->status();
}
$q = $db->query('select count(*) as c from video_timestamps where deleted=0 and user_id= ' . $THEUSER->user_id());
$video = $q->field(0, 'c');
// Change the page title to make it clear we're viewing THEUSER's
// own info. Make them less worried about other people seeing some of the
// info that shouldn't be public.
$DATA->set_page_metadata($this_page, "title", "Your details");
} else {
// There's nothing to display!
}
// THIRD: Print out what we've got.
$PAGE->page_start();
if ($display != "none") {
$PAGE->stripe_start();
if (isset($registrationtime)) {
// Make registration time more user-friendly.
list($date, $time) = explode(' ', $registrationtime);
$registrationtime = format_date($date, LONGDATEFORMAT);
}
if ($edited) {
print "\t\t\t\t<p><strong>" . ucfirst($who) . " details have been updated:</strong></p>\n";
}
if ($this_page == 'userviewself' && !$edited) {
$EDITURL = new URL('useredit');
?>
<p><strong>This is how other people see you.</strong> <a href="<?php
echo $EDITURL->generate();
?>
">Edit your details</a>.</p>
<?php
}
?>
<div class="row">
<span class="label">Name</span>
<span class="formw"><?php
if (substr($name, -3) == ' MP') {
print '<a href="/mp/' . make_member_url(substr($name, 0, -3)) . '">';
}
echo htmlentities($name);
if (substr($name, -3) == ' MP') {
print '</a>';
}
?>
</span>
</div>
<div class="row">
<span class="label">Email</span>
<span class="formw"><?php
if (isset($email)) {
$escaped_email = str_replace('@', '@', htmlentities($email));
?>
<a href="mailto:<?php
echo $escaped_email . "\">" . $escaped_email;
?>
</a><?php
} else {
?>
Not public<?php
}
?>
</span>
</div>
<?php
if (isset($postcode)) {
if ($postcode == '') {
$postcode = 'none';
}
?>
<div class="row"> <br>
<span class="label">UK Postcode</span>
<span class="formw"><?php
echo htmlentities($postcode);
?>
<small>(not public)</small></span>
</div>
<?php
}
if (isset($url)) {
if ($url == '') {
$url = 'none';
} else {
$url = '<a href="' . htmlentities($url) . '">' . htmlentities($url) . '</a>';
}
?>
<div class="row">
<span class="label">Website</span>
<span class="formw"><?php
echo $url;
?>
</span>
</div>
<?php
}
if (isset($emailpublic)) {
?>
<div class="row"> <br>Let other people see your email address? <strong><?php
echo htmlentities($emailpublic);
?>
</strong></div>
<?php
}
if (isset($optin)) {
?>
<div class="row">Receive TheyWorkForYou.com emails? <strong><?php
echo htmlentities($optin);
?>
</strong></div>
<?php
}
if (isset($status)) {
?>
<div class="row">
<span class="label">Status</span>
<span class="formw"><?php
echo htmlentities($status);
?>
</span>
</div>
<?php
}
if (isset($registrationtime)) {
?>
<div class="row">
<span class="label">Joined</span>
<span class="formw"><?php
echo htmlentities($registrationtime);
?>
</span>
</div>
<?php
}
if (isset($video)) {
echo '<div class="row"><span class="label">Videos timestamped</span>
<span class="formw">', $video, '</span></div>';
}
if ($edited && $this_page == 'userviewself') {
$EDITURL = new URL('useredit');
$VIEWURL = new URL('userviewself');
?>
<p> <br><a href="<?php
echo $EDITURL->generate();
?>
">Edit again</a> or <a href="<?php
echo $VIEWURL->generate();
?>
">see how others see you</a>.</p>
<?php
}
$PAGE->stripe_end();
# Email alerts
if ($this_page == 'userviewself') {
$PAGE->stripe_start();
print '<h3>Your email alerts</h3>';
alerts_manage($THEUSER->email());
$PAGE->stripe_end();
}
if (!$edited) {
$args = array('user_id' => $user_id, 'page' => get_http_var('p'));
$COMMENTLIST = new COMMENTLIST();
$COMMENTLIST->display('user', $args);
}
} else {
$message = array('title' => 'Sorry...', 'text' => "We don't have a user ID, so we can't show you anyone's details.");
$PAGE->message($message);
}
$PAGE->page_end();
}
