function FF_postEditor($postData, $forumData, $action, $viewMode)
{
global $_CONF, $_TABLES, $_FF_CONF, $FF_userprefs, $_USER, $LANG_GF01, $LANG_GF02, $LANG_GF10, $REMOTE_ADDR;
$retval = '';
$editmoderator = false;
$numAttachments = 0;
$edit_val = '';
$sticky_val = '';
$locked_val = '';
if (COM_isAnonUser()) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
// initialize defaults
if ($_FF_CONF['bbcode_disabled']) {
$disable_bbcode_val = ' checked="checked"';
} else {
$disable_bbcode_val = '';
}
if ($_FF_CONF['smilies_disabled']) {
$disable_smilies_val = ' checked="checked"';
} else {
$disable_smilies_val = '';
}
if ($_FF_CONF['urlparse_disabled']) {
$disable_urlparse_val = ' checked="checked"';
} else {
$disable_urlparse_val = '';
}
// check postmode
if (isset($postData['postmode'])) {
// this means we are editing or previewing (or both)
if (isset($postData['postmode_switch'])) {
// means they selected a switch
$chkpostmode = _ff_chkpostmode($postData['postmode'], $postData['postmode_switch']);
if ($chkpostmode != $postData['postmode']) {
$postData['postmode'] = $chkpostmode;
$postData['postmode_switch'] = 0;
}
}
} else {
if ($_FF_CONF['post_htmlmode'] && $_FF_CONF['allow_html']) {
$postData['postmode'] = 'html';
} else {
$postData['postmode'] = 'text';
}
}
// verify postmode is allowed
if ($postData['postmode'] == 'html' || $postData['postmode'] == 'HTML') {
if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
$postData['postmode'] = 'html';
} else {
$postData['postmode'] = 'text';
}
}
$postData['postmode_switch'] = 0;
// action specific setup
if ($action == 'edittopic' || $viewMode) {
// need to see what options were checked...
$status = 0;
// get our options...
if (isset($postData['disable_bbcode']) && $postData['disable_bbcode'] == 1) {
$disable_bbcode_val = ' checked="checked"';
$status += DISABLE_BBCODE;
} else {
$disable_bbcode_val = '';
}
if (isset($postData['disable_smilies']) && $postData['disable_smilies'] == 1) {
$disable_smilies_val = ' checked="checked"';
$status += DISABLE_SMILIES;
} else {
$disable_smilies_val = '';
}
if (isset($postData['disable_urlparse']) && $postData['disable_urlparse'] == 1) {
$disable_urlparse_val = ' checked="checked"';
$status += DISABLE_URLPARSE;
} else {
$disable_urlparse_val = '';
}
}
// create our template
$peTemplate = new Template($_CONF['path'] . 'plugins/forum/templates/');
$peTemplate->set_file('posteditor', 'posteditor.thtml');
if ($postData['postmode'] == 'html') {
$peTemplate->set_var('html_mode', true);
} else {
$peTemplate->unset_var('html_mode');
}
if ($viewMode == PREVIEW_VIEW) {
$peTemplate->set_var('preview_post', FF_previewPost($postData, $action));
}
$uniqueid = isset($postData['uniqueid']) ? COM_applyFilter($postData['uniqueid'], true) : mt_rand();
$peTemplate->set_var('uniqueid', $uniqueid);
if (SEC_inGroup($postData['use_attachment_grpid']) && $_FF_CONF['maxattachments'] > 0) {
$peTemplate->set_var('use_attachments', true);
}
if ($action == 'newtopic') {
$peTemplate->set_var('save_button', 'savetopic');
$postmessage = $LANG_GF02['PostTopic'];
$peTemplate->set_var('hidden_action', 'newtopic');
}
if ($action == 'edittopic') {
$peTemplate->set_var('save_button', 'saveedit');
if (isset($postData['forum']) && forum_modPermission($postData['forum'], $_USER['uid'], 'mod_edit')) {
$editmoderator = true;
$peTemplate->set_var('hidden_modedit', '1');
} else {
$peTemplate->set_var('hidden_modedit', '0');
$editmoderator = false;
}
$postmessage = $LANG_GF02['EditTopic'];
$peTemplate->set_var('hidden_action', 'edittopic');
$peTemplate->set_var('hidden_editpost', 'yes');
if ($editmoderator) {
$username = $postData['name'];
} elseif ($postData['uid'] > 1) {
$username = COM_getDisplayName($postData['uid']);
}
$postData['comment'] = str_ireplace('</textarea>', '</textarea>', $postData['comment']);
if (isset($postData['pid'])) {
$peTemplate->set_var('hidden_editpid', $postData['pid']);
}
$peTemplate->set_var('hidden_editid', $postData['id']);
$edit_prompt = $LANG_GF02['msg190'] . '<br/><input type="checkbox" name="silentedit" ';
if (isset($postData['silentedit']) && $postData['silentedit'] == 1 or !isset($postData['modedit']) and $_FF_CONF['silent_edit_default']) {
$edit_prompt .= 'checked="checked" ';
$edit_val = ' checked="checked" ';
} else {
$edit_val = '';
}
$edit_prompt .= 'value="1"/>';
$peTemplate->set_var('attachments', '<div id="fileattachlist">' . _ff_showattachments($postData['id'], 'edit') . '</div>');
$numAttachments = DB_Count($_TABLES['ff_attachments'], 'topic_id', $postData['id']);
$allowedAttachments = $_FF_CONF['maxattachments'] - $numAttachments;
$peTemplate->set_var('fcounter', $allowedAttachments);
} else {
$numAttachments = (int) DB_Count($_TABLES['ff_attachments'], 'topic_id', $uniqueid);
$allowedAttachments = $_FF_CONF['maxattachments'] - $numAttachments;
$peTemplate->set_var('fcounter', $allowedAttachments);
$peTemplate->set_var('attachments', '');
if ($uniqueid > 0) {
$peTemplate->set_var('attachments', '<div id="fileattachlist">' . _ff_showattachments($uniqueid, 'edit') . '</div>');
}
$edit_prompt = ' ';
}
if ($action == 'newreply') {
$peTemplate->set_var('save_button', 'savereply');
$postmessage = $LANG_GF02['PostReply'];
$peTemplate->set_var('hidden_action', 'newreply');
if (!$viewMode) {
$postData['subject'] = $LANG_GF01['RE'] . $postData['subject'];
}
$quoteid = isset($_GET['quoteid']) ? COM_applyFilter($_GET['quoteid'], true) : 0;
$postData['mood'] = '';
if ($quoteid > 0 && !$viewMode) {
$quotesql = DB_query("SELECT * FROM {$_TABLES['ff_topic']} WHERE id=" . (int) $quoteid);
$quotearray = DB_fetchArray($quotesql);
$quotearray['name'] = urldecode($quotearray['name']);
$quotearray['comment'] = $quotearray['comment'];
$postData['comment'] = sprintf($_FF_CONF['quoteformat'], $quotearray['name'], $quotearray['comment']);
}
$postData['editpid'] = $postData['id'];
}
if ($_FF_CONF['use_sfs']) {
$peTemplate->set_var('usesfs', 1);
}
if (COM_isAnonUser()) {
if (!$_FF_CONF['use_sfs']) {
$postData['email'] = '';
}
$peTemplate->set_var('anonymous_user', true);
$peTemplate->set_var('post_message', $postmessage);
$peTemplate->set_var('LANG_NAME', $LANG_GF02['msg33']);
$peTemplate->set_var('name', htmlentities(strip_tags(COM_checkWords(trim(USER_sanitizeName(isset($postData['name']) ? $postData['name'] : ''))))), ENT_COMPAT, COM_getEncodingt());
if (isset($postData['email'])) {
$peTemplate->set_var('email', strip_tags($postData['email']));
}
} else {
$peTemplate->set_var('member_user', true);
$peTemplate->set_var('post_message', $postmessage);
$peTemplate->set_var('LANG_NAME', $LANG_GF02['msg33']);
if (!isset($username) or $username == '') {
if ($action == 'edittopic') {
if ($editmoderator) {
$username = $postData['name'];
} else {
$username = COM_getDisplayName($_USER['uid']);
}
} else {
$username = COM_getDisplayName($_USER['uid']);
}
}
$peTemplate->set_var('username', $username);
$peTemplate->set_var('xusername', urlencode($username));
}
$moodoptions = '';
if ($_FF_CONF['show_moods']) {
if (isset($postData['mood']) && $postData['mood'] != '') {
$postData['mood'] = COM_applyFilter($postData['mood']);
}
if (!isset($postData['mood']) || $postData['mood'] == '') {
$moodoptions = '<option value="" selected="selected">' . $LANG_GF01['NOMOOD'] . '</option>';
}
if ($dir = @opendir($_CONF['path_html'] . '/forum/images/moods')) {
while (($file = readdir($dir)) !== false) {
if (strlen($file) > 3 && substr(strtolower(trim($file)), -4, 4) == '.gif') {
$file = str_replace(array('.gif', '.jpg'), array('', ''), $file);
if (isset($postData['mood']) && $file == $postData['mood']) {
$moodoptions .= "<option selected=\"selected\">" . $file . "</option>";
} else {
$moodoptions .= "<option>" . $file . "</option>";
}
} else {
$moodoptions .= '';
}
}
closedir($dir);
}
$peTemplate->set_var('LANG_MOOD', $LANG_GF02['msg36']);
$peTemplate->set_var('moodoptions', $moodoptions);
}
$sub_dot = '...';
$sub_none = '';
$postData['subject'] = str_replace($sub_dot, $sub_none, $postData['subject']);
if ($_FF_CONF['allow_smilies']) {
$peTemplate->set_var('smiley_enabled', true);
}
if ($_FF_CONF['allow_img_bbcode']) {
$peTemplate->set_var('allow_img_bbcode', true);
}
// if this is the first time showing the new submission form - then check if notify option should be on
if (!$viewMode) {
if (isset($postData['editpid']) && $postData['editpid'] > 0) {
$notifyTopicid = $postData['editpid'];
} else {
$notifyTopicid = $postData['id'];
}
if (!isset($postData['forum'])) {
$postData['forum'] = '';
}
if (DB_getItem($_TABLES['ff_userprefs'], 'alwaysnotify', "uid=" . (int) $uid) == 1 or FF_isSubscribed($postData['forum'], $notifyTopicid, $uid)) {
$postData['notify'] = 'on';
// check and see if user has un-subscribed to this topic
$nid = -$notifyTopicid;
if ($notifyTopicid > 0 and DB_getItem($_TABLES['subscriptions'], 'id', "type='forum' AND category=" . (int) $postData['forum'] . " AND id={$nid} AND uid={$uid}") > 1) {
$postData['notify'] = '';
}
} else {
$postData['notify'] = '';
}
}
if ($editmoderator) {
if (isset($postData['notify']) && $postData['notify'] == 'on' or isset($postData['notify']) && $postData['notify'] == 'on') {
$notify_val = 'checked="checked"';
} else {
$notify_val = '';
}
$notify_prompt = $LANG_GF02['msg38'] . '<br/><input type="checkbox" name="notify" value="on" ' . $notify_val . '/>';
// check that this is the parent topic - only able to make it skicky or locked
if (!isset($postData['pid']) || $postData['pid'] == 0) {
if (!isset($locked_val) and !isset($sticky_val) and $action == 'edittopic') {
if (!isset($postData['locked_switch']) and isset($postData['locked']) && $postData['locked'] == 1 or isset($postData['locked_switch']) && $postData['locked_switch'] == 1) {
$locked_val = 'checked="checked"';
} else {
$locked_val = '';
}
if (!isset($postData['sticky_switch']) and isset($postData['sticky']) && $postData['sticky'] == 1 or isset($postData['sticky_switch']) && $postData['sticky_switch'] == 1) {
$sticky_val = 'checked="checked"';
} else {
$sticky_val = '';
}
}
$locked_prompt = $LANG_GF02['msg109'] . '<br/><input type="checkbox" name="locked_switch" ' . $locked_val . ' value="1"/>';
$sticky_prompt = $LANG_GF02['msg61'] . '<br/><input type="checkbox" name="sticky_switch" ' . $sticky_val . ' value="1"/>';
} else {
$locked_prompt = '';
$sticky_prompt = '';
}
} else {
if ($uid > 1) {
if (isset($postData['notify']) && $postData['notify'] == 'on') {
$notify_val = 'checked="checked"';
} else {
$notify_val = '';
}
$notify_prompt = $LANG_GF02['msg38'] . '<br/><input type="checkbox" name="notify" ' . $notify_val . '/>';
$locked_prompt = '';
} else {
$notify_prompt = '';
$locked_prompt = '';
}
}
if ($postData['postmode'] == 'html' || $postData['postmode'] == 'HTML') {
$postmode_msg = $LANG_GF01['TEXTMODE'];
$postData['postmode'] = 'html';
} else {
$peTemplate->unset_var('show_htmleditor');
$postmode_msg = $LANG_GF01['HTMLMODE'];
}
if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
if ($action == 'edittopic') {
$mode_prompt = $postmode_msg . '<br/><input type="checkbox" name="postmode_switch" value="1"/><input type="hidden" name="postmode" value="' . $postData['postmode'] . '"/>';
}
}
if ($action == 'edittopic') {
$peTemplate->set_var('bbcodeeditor', true);
}
$postData['subject'] = str_replace('"', '"', $postData['subject']);
if (!$_FF_CONF['allow_smilies']) {
$smilies = '';
} else {
$smilies = forumPLG_showsmilies(0);
}
$disable_bbcode_prompt = $LANG_GF01['disable_bbcode'] . ' <input type="checkbox" name="disable_bbcode" value="1" ' . $disable_bbcode_val . '/>';
if ($_FF_CONF['allow_smilies']) {
$disable_smilies_prompt = $LANG_GF01['disable_smilies'] . ' <input type="checkbox" name="disable_smilies" value="1"' . $disable_smilies_val . ' />';
} else {
$disable_smilies_prompt = '';
}
$disable_urlparse_prompt = $LANG_GF01['disable_urlparse'] . ' <input type="checkbox" name="disable_urlparse" value="1"' . $disable_urlparse_val . ' />';
$peTemplate->set_var('comment', @htmlspecialchars($postData['comment'], ENT_QUOTES, COM_getEncodingt()));
$peTemplate->set_var(array('edit_val' => $edit_val, 'sticky_val' => $sticky_val, 'postmode_msg' => $postmode_msg, 'notify_val' => $notify_val, 'disable_bbcode_val' => $disable_bbcode_val, 'disable_smilies_val' => $disable_smilies_val, 'disable_urlparse_val' => $disable_urlparse_val, 'bbcode_prompt' => $disable_bbcode_prompt, 'smilies_prompt' => $disable_smilies_prompt, 'urlparse_prompt' => $disable_urlparse_prompt, 'LANG_SUBJECT' => $LANG_GF01['SUBJECT'], 'LANG_OPTIONS' => $LANG_GF01['OPTIONS'], 'mode_prompt' => isset($mode_prompt) ? $mode_prompt : '', 'notify_prompt' => $notify_prompt, 'locked_prompt' => $locked_prompt, 'sticky_prompt' => isset($sticky_prompt) ? $sticky_prompt : '', 'edit_prompt' => $edit_prompt, 'LANG_SUBMIT' => $LANG_GF01['SUBMIT'], 'LANG_PREVIEW' => $LANG_GF01['PREVIEW'], 'subject' => $postData['subject'], 'smilies' => $smilies, 'LANG_attachments' => $LANG_GF10['attachments'], 'LANG_maxattachments' => sprintf($LANG_GF10['maxattachments'], $_FF_CONF['maxattachments']), 'postmode' => $postData['postmode']));
// Check and see if the filemgmt plugin is installed and enabled
if (function_exists('filemgmt_buildAccessSql') && $_FF_CONF['enable_fm_integration'] == 1) {
$peTemplate->set_var('filemgmt_category_options', gf_makeFilemgmtCatSelect($uid));
$peTemplate->set_var('LANG_usefilemgmt', $LANG_GF10['usefilemgmt']);
$peTemplate->set_var('LANG_description', $LANG_GF10['description']);
$peTemplate->set_var('LANG_category', $LANG_GF10['category']);
} else {
$peTemplate->set_var('show_filemgmt_option', 'none');
}
if (COM_isAnonUser()) {
$peTemplate->set_var('hide_notify', 'none');
}
if (function_exists('plugin_templatesetvars_captcha')) {
plugin_templatesetvars_captcha('forum', $peTemplate);
} else {
$peTemplate->set_var('captcha', '');
}
if ($postData['id'] > 0) {
$peTemplate->set_var('topic_id', $postData['id']);
}
$peTemplate->set_var(array('navbreadcrumbsimg' => _ff_getImage('nav_breadcrumbs'), 'navtopicimg' => _ff_getImage('nav_topic'), 'form_action' => $_CONF['site_url'] . '/forum/createtopic.php', 'referer' => $forumData['referer'], 'forum_id' => $forumData['forum'], 'cat_name' => $postData['cat_name'], 'cat_id' => $forumData['forum_cat'], 'forum_name' => $postData['forum_name'], 'subject' => @htmlspecialchars($postData['subject'], ENT_QUOTES, COM_getEncodingt()), 'LANG_HOME' => $LANG_GF01['HOMEPAGE'], 'forum_home' => $LANG_GF01['INDEXPAGE'], 'hidden_id' => $postData['id'], 'page' => $forumData['page'], 'LANG_bhelp' => $LANG_GF01['b_help'], 'LANG_ihelp' => $LANG_GF01['i_help'], 'LANG_uhelp' => $LANG_GF01['u_help'], 'LANG_qhelp' => $LANG_GF01['q_help'], 'LANG_chelp' => $LANG_GF01['c_help'], 'LANG_lhelp' => $LANG_GF01['l_help'], 'LANG_ohelp' => $LANG_GF01['o_help'], 'LANG_phelp' => $LANG_GF01['p_help'], 'LANG_whelp' => $LANG_GF01['w_help'], 'LANG_ahelp' => $LANG_GF01['a_help'], 'LANG_shelp' => $LANG_GF01['s_help'], 'LANG_fhelp' => $LANG_GF01['f_help'], 'LANG_hhelp' => $LANG_GF01['h_help'], 'LANG_thelp' => $LANG_GF01['t_help'], 'LANG_ehelp' => $LANG_GF01['e_help'], 'LANG_code' => $LANG_GF01['CODE'], 'LANG_fontcolor' => $LANG_GF01['FONTCOLOR'], 'LANG_fontsize' => $LANG_GF01['FONTSIZE'], 'LANG_closetags' => $LANG_GF01['CLOSETAGS'], 'LANG_codetip' => $LANG_GF01['CODETIP'], 'LANG_tiny' => $LANG_GF01['TINY'], 'LANG_small' => $LANG_GF01['SMALL'], 'LANG_normal' => $LANG_GF01['NORMAL'], 'LANG_large' => $LANG_GF01['LARGE'], 'LANG_huge' => $LANG_GF01['HUGE'], 'LANG_default' => $LANG_GF01['DEFAULT'], 'LANG_dkred' => $LANG_GF01['DKRED'], 'LANG_red' => $LANG_GF01['RED'], 'LANG_orange' => $LANG_GF01['ORANGE'], 'LANG_brown' => $LANG_GF01['BROWN'], 'LANG_yellow' => $LANG_GF01['YELLOW'], 'LANG_green' => $LANG_GF01['GREEN'], 'LANG_olive' => $LANG_GF01['OLIVE'], 'LANG_cyan' => $LANG_GF01['CYAN'], 'LANG_blue' => $LANG_GF01['BLUE'], 'LANG_dkblue' => $LANG_GF01['DKBLUE'], 'LANG_indigo' => $LANG_GF01['INDIGO'], 'LANG_violet' => $LANG_GF01['VIOLET'], 'LANG_white' => $LANG_GF01['WHITE'], 'LANG_black' => $LANG_GF01['BLACK']));
$peTemplate->set_var('token_name', CSRF_TOKEN);
$peTemplate->set_var('token', SEC_createToken());
$peTemplate->set_var('postmode', $postData['postmode']);
$peTemplate->unset_var('show_htmleditor');
if ($_FF_CONF['use_wysiwyg_editor'] && $postData['postmode'] == 'html') {
// hook into wysiwyg here
switch (PLG_getEditorType()) {
case 'ckeditor':
$peTemplate->set_var('show_htmleditor', true);
PLG_requestEditor('forum', 'forum_entry', 'ckeditor_forum.thtml');
PLG_templateSetVars('forum_entry', $peTemplate);
break;
case 'tinymce':
$peTemplate->set_var('show_htmleditor', true);
PLG_requestEditor('forum', 'forum_entry', 'tinymce_forum.thtml');
PLG_templateSetVars('forum_entry', $peTemplate);
break;
default:
// don't support others right now
break;
}
}
$peTemplate->parse('output', 'posteditor');
$retval .= $peTemplate->finish($peTemplate->get_var('output'));
$urlfor = 'advancededitor';
if ($uid == 1) {
$urlfor = 'advancededitor' . md5($REMOTE_ADDR);
}
SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral($urlfor), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
if (!isset($_POST['editpost'])) {
$_POST['editpost'] = '';
}
if ($action != 'newtopic' && $_POST['editpost'] != 'yes' && ($action == 'newreply' || $viewMode)) {
if ($FF_userprefs['showiframe']) {
$retval .= "<iframe src=\"{$_CONF['site_url']}/forum/viewtopic.php?mode=preview&showtopic=" . $postData['id'] . "&onlytopic=1&lastpost=true\" height=\"300\" width=\"100%\"></iframe>";
}
}
return $retval;
}
/**
* Shows the user registration form
*
* @param int $msg message number to show
* @param string $referrer page to send user to after registration
* @return string HTML for user registration page
*/
function newuserform($msg = '')
{
global $_CONF, $LANG01, $LANG04;
$retval = '';
if ($_CONF['disable_new_user_registration']) {
COM_setMsg($LANG04[122], 'error');
echo COM_refresh($_CONF['site_url']);
}
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userForm')) {
return CUSTOM_userForm($msg);
}
if (!empty($msg)) {
$retval .= COM_showMessageText($msg, $LANG04[21], false, 'info');
}
$user_templates = new Template($_CONF['path_layout'] . 'users');
$user_templates->set_file('regform', 'registrationform.thtml');
$user_templates->set_var('start_block', COM_startBlock($LANG04[22]));
$user_templates->set_var('lang_instructions', $LANG04[23]);
$user_templates->set_var('lang_username', $LANG04[2]);
$user_templates->set_var('lang_fullname', $LANG04[3]);
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('lang_email_conf', $LANG04[124]);
if ($_CONF['registration_type'] == 1) {
// verification link
$user_templates->set_var('lang_passwd', $LANG01[57]);
$user_templates->set_var('lang_passwd_conf', $LANG04[176]);
$user_templates->set_var('lang_warning', $LANG04[167]);
} else {
$user_templates->set_var('lang_warning', $LANG04[24]);
}
$user_templates->set_var('lang_register', $LANG04[27]);
PLG_templateSetVars('registration', $user_templates);
$user_templates->set_var('end_block', COM_endBlock());
$username = '';
if (!empty($_POST['username'])) {
$username = trim($_POST['username']);
}
$user_templates->set_var('username', @htmlentities($username, ENT_COMPAT, COM_getEncodingt()));
$fullname = '';
if (!empty($_POST['fullname'])) {
$fullname = $_POST['fullname'];
}
$fullname = USER_sanitizeName($fullname);
$user_templates->set_var('fullname', @htmlentities($fullname, ENT_COMPAT, COM_getEncodingt()));
switch ($_CONF['user_reg_fullname']) {
case 2:
$user_templates->set_var('require_fullname', 'true');
case 1:
$user_templates->set_var('show_fullname', 'true');
}
$email = '';
if (!empty($_POST['email'])) {
$email = COM_applyFilter($_POST['email']);
}
$user_templates->set_var('email', $email);
$email_conf = '';
if (!empty($_POST['email_conf'])) {
$email_conf = COM_applyFilter($_POST['email_conf']);
}
$user_templates->set_var('email_conf', $email_conf);
$user_templates->parse('output', 'regform');
$retval .= $user_templates->finish($user_templates->get_var('output'));
return $retval;
}
/**
* Shows search form
*
* Shows advanced search page
*
* @author Tony Bibbs, tony AT geeklog DOT net
* @return string HTML output for form
*
*/
public function showForm()
{
global $_CONF, $_TABLES, $LANG09;
$retval = '';
// Verify current user my use the search form
if (!$this->_isFormAllowed()) {
return SEC_loginRequiredForm();
}
$retval .= COM_startBlock($LANG09[1], 'advancedsearch.html');
$searchform = COM_newTemplate($_CONF['path_layout'] . 'search');
$searchform->set_file(array('searchform' => 'searchform.thtml', 'authors' => 'searchauthors.thtml'));
$searchform->set_var('search_intro', $LANG09[19]);
$searchform->set_var('lang_keywords', $LANG09[2]);
$searchform->set_var('lang_keytype', $LANG09[36]);
$searchform->set_var('lang_date', $LANG09[20]);
$searchform->set_var('lang_to', $LANG09[21]);
$searchform->set_var('date_format', $LANG09[22]);
$searchform->set_var('lang_topic', $LANG09[3]);
$searchform->set_var('lang_all', $LANG09[4]);
$searchform->set_var('topic_option_list', TOPIC_getTopicListSelect($this->_topic, 2, true));
$searchform->set_var('lang_type', $LANG09[5]);
$searchform->set_var('lang_results', $LANG09[59]);
$searchform->set_var('lang_per_page', $LANG09[60]);
$searchform->set_var('lang_exact_phrase', $LANG09[43]);
$searchform->set_var('lang_all_words', $LANG09[44]);
$searchform->set_var('lang_any_word', $LANG09[45]);
$searchform->set_var('lang_titles', $LANG09[69]);
$escquery = htmlspecialchars($this->_query);
$escquery = str_replace(array('{', '}'), array('{', '}'), $escquery);
$searchform->set_var('query', $escquery);
$searchform->set_var('datestart', $this->_dateStart);
$searchform->set_var('dateend', $this->_dateEnd);
if ($this->_titlesOnly) {
$searchform->set_var('title_checked', ' checked="checked"');
} else {
$searchform->set_var('title_checked', '');
}
$phrase_selected = '';
$all_selected = '';
$any_selected = '';
if ($this->_keyType == 'phrase') {
$phrase_selected = 'selected="selected"';
} else {
if ($this->_keyType == 'all') {
$all_selected = 'selected="selected"';
} else {
if ($this->_keyType == 'any') {
$any_selected = 'selected="selected"';
}
}
}
$searchform->set_var('key_phrase_selected', $phrase_selected);
$searchform->set_var('key_all_selected', $all_selected);
$searchform->set_var('key_any_selected', $any_selected);
$options = '';
$plugintypes = array('all' => $LANG09[4], 'stories' => $LANG09[6], 'comments' => $LANG09[7]);
$plugintypes = array_merge($plugintypes, PLG_getSearchTypes());
// Generally I don't like to hardcode HTML but this seems easiest
foreach ($plugintypes as $key => $val) {
$options .= "<option value=\"{$key}\"";
if ($this->_type == $key) {
$options .= ' selected="selected"';
}
$options .= ">{$val}</option>" . LB;
}
$searchform->set_var('plugin_types', $options);
if ($_CONF['contributedbyline'] == 1) {
$searchform->set_var('lang_authors', $LANG09[8]);
$searchusers = array();
$result = DB_query("SELECT DISTINCT uid FROM {$_TABLES['comments']}");
while ($A = DB_fetchArray($result)) {
$searchusers[$A['uid']] = $A['uid'];
}
$result = DB_query("SELECT DISTINCT uid FROM {$_TABLES['stories']} WHERE (date <= NOW()) AND (draft_flag = 0)");
while ($A = DB_fetchArray($result)) {
$searchusers[$A['uid']] = $A['uid'];
}
$inlist = implode(',', $searchusers);
if (!empty($inlist)) {
$sql = "SELECT uid,username,fullname FROM {$_TABLES['users']} WHERE uid IN ({$inlist})";
if (isset($_CONF['show_fullname']) && $_CONF['show_fullname'] == 1) {
/* Caveat: This will group all users with an emtpy fullname
* together, so it's not exactly sorted by their
* full name ...
*/
$sql .= ' ORDER BY fullname,username';
} else {
$sql .= ' ORDER BY username';
}
$result = DB_query($sql);
$options = '';
while ($A = DB_fetchArray($result)) {
$options .= '<option value="' . $A['uid'] . '"';
if ($A['uid'] == $this->_author) {
$options .= ' selected="selected"';
}
$options .= '>' . htmlspecialchars(COM_getDisplayName('', $A['username'], $A['fullname'])) . '</option>';
}
$searchform->set_var('author_option_list', $options);
$searchform->parse('author_form_element', 'authors', true);
} else {
$searchform->set_var('author_form_element', '<input type="hidden" name="author" value="0"' . XHTML . '>');
}
} else {
$searchform->set_var('author_form_element', '<input type="hidden" name="author" value="0"' . XHTML . '>');
}
// Results per page
$options = '';
$limits = explode(',', $_CONF['search_limits']);
foreach ($limits as $limit) {
$options .= "<option value=\"{$limit}\"";
if ($_CONF['num_search_results'] == $limit) {
$options .= ' selected="selected"';
}
$options .= ">{$limit}</option>" . LB;
}
$searchform->set_var('search_limits', $options);
$searchform->set_var('lang_search', $LANG09[10]);
PLG_templateSetVars('search', $searchform);
$searchform->parse('output', 'searchform');
$retval .= $searchform->finish($searchform->get_var('output'));
$retval .= COM_endBlock();
return $retval;
}
if ($total_print_pages == 0) {
$total_print_pages = 1;
}
$birdseed = MG_getBirdseed(0, 0, 0, $total_print_pages);
$ownername = DB_getItem($_TABLES['users'], 'username', "uid=" . intval($root_album->owner_id));
$album_last_update = MG_getUserDateTimeFormat($root_album->last_update);
$pagination = COM_printPageNavigation($_MG_CONF['site_url'] . '/index.php', $page + 1, $total_pages);
$rsslink = '';
if ($_MG_CONF['rss_full_enabled']) {
$rsslink = COM_createLink(COM_createImage(MG_getImageFile('feed.png'), '', array('class' => 'mg_rssimg')), MG_getFeedUrl($_MG_CONF['rss_feed_name'] . '.rss'), array('type' => 'application/rss+xml'));
}
$T = COM_newTemplate(MG_getTemplatePath_byName($root_album->skin));
$T->set_file('page', 'album_page.thtml');
$T->set_var(array('site_url' => $_MG_CONF['site_url'], 'birdseed' => $birdseed, 'album_title' => PLG_replaceTags($root_album->title), 'table_columns' => $columns_per_page, 'table_column_width' => intval(100 / $columns_per_page) . '%', 'top_pagination' => $pagination, 'bottom_pagination' => $pagination, 'page_number' => sprintf("%s %d %s %d", $LANG_MG03['page'], $current_print_page, $LANG_MG03['of'], $total_print_pages), 'jumpbox' => MG_buildAlbumJumpbox($root_album, $album_id, 1, -1), 'album_id' => $album_id, 'album_description' => $root_album->display_album_desc ? PLG_replaceTags($root_album->description) : '', 'album_id_display' => $root_album->owner_id || $_MG_CONF['enable_media_id'] == 1 ? $LANG_MG03['album_id_display'] . $album_id : '', 'select_adminbox' => COM_isAnonUser() ? '' : MG_buildAdminbox($root_album), 'album_last_update' => $album_last_update[0], 'album_owner' => $ownername, 'media_count' => $root_album->getMediaCount(), 'lang_menulabel' => $LANG_MG03['menulabel'], 'lang_search' => $LANG_MG01['search'], 'rsslink' => $rsslink, 'list_title' => $LANG_MG03['list_title'], 'list_desc' => $LANG_MG03['list_desc'], 'list_size' => $LANG_MG03['list_size'], 'list_user' => $LANG_MG03['list_user'], 'list_updated' => $LANG_MG03['list_updated']));
// completed setting header / footer vars, parse them
PLG_templateSetVars('mediagallery', $T);
// main processing of the album contents.
if ($total_media > 0) {
$k = 0;
$col = 0;
$T->set_block('page', 'ImageColumn', 'IColumn');
$T->set_block('page', 'ImageRow', 'IRow');
for ($i = 0; $i < $media_per_page; $i += $columns_per_page) {
$next_columns = $i + $columns_per_page;
for ($j = $i; $j < $next_columns; $j++) {
if ($j >= $total_media) {
$T->parse('IRow', 'ImageRow', true);
$T->set_var('IColumn', '');
break 2;
}
$T->set_var('clear_float', '');
/**
* Shows the story submission form
*
*/
function submitstory($topic = '')
{
global $_CONF, $_TABLES, $_USER, $LANG12, $LANG24;
$retval = '';
$story = new Story();
if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
// preview
$story->loadSubmission();
$retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
} else {
$story->initSubmission($topic);
}
$storyform = new Template($_CONF['path_layout'] . 'submit');
if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($_CONF['path_layout'] . 'submit/submitstory_advanced.thtml')) {
$storyform->set_file('storyform', 'submitstory_advanced.thtml');
$storyform->set_var('change_editormode', 'onchange="change_editmode(this);"');
$storyform->set_var('lang_expandhelp', $LANG24[67]);
$storyform->set_var('lang_reducehelp', $LANG24[68]);
if ($story->EditElements('postmode') == 'html') {
$storyform->set_var('show_texteditor', 'none');
$storyform->set_var('show_htmleditor', '');
} else {
$storyform->set_var('show_texteditor', '');
$storyform->set_var('show_htmleditor', 'none');
}
} else {
$storyform->set_file('storyform', 'submitstory.thtml');
if ($story->EditElements('postmode') == 'html') {
$storyform->set_var('show_texteditor', 'none');
$storyform->set_var('show_htmleditor', '');
} else {
$storyform->set_var('show_texteditor', '');
$storyform->set_var('show_htmleditor', 'none');
}
}
$storyform->set_var('xhtml', XHTML);
$storyform->set_var('site_url', $_CONF['site_url']);
$storyform->set_var('site_admin_url', $_CONF['site_admin_url']);
$storyform->set_var('layout_url', $_CONF['layout_url']);
$storyform->set_var('lang_username', $LANG12[27]);
if (!empty($_USER['username'])) {
$storyform->set_var('story_username', $_USER['username']);
$storyform->set_var('author', COM_getDisplayName());
$storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
$storyform->set_var('lang_loginout', $LANG12[34]);
} else {
$storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
$storyform->set_var('lang_loginout', $LANG12[2]);
if (!$_CONF['disable_new_user_registration']) {
$storyform->set_var('separator', ' | ');
$storyform->set_var('seperator', ' | ');
$storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => "nofollow")));
}
}
$storyform->set_var('lang_title', $LANG12[10]);
$storyform->set_var('story_title', $story->EditElements('title'));
$storyform->set_var('lang_topic', $LANG12[28]);
$tlist = COM_topicList('tid,topic', $story->EditElements('tid'));
if (empty($tlist)) {
$retval .= COM_showMessage(101);
return $retval;
}
$storyform->set_var('story_topic_options', $tlist);
$storyform->set_var('lang_story', $LANG12[29]);
$storyform->set_var('lang_introtext', $LANG12[54]);
$storyform->set_var('lang_bodytext', $LANG12[55]);
$storyform->set_var('story_introtext', $story->EditElements('introtext'));
$storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
$storyform->set_var('lang_postmode', $LANG12[36]);
$storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $story->EditElements('postmode')));
$storyform->set_var('allowed_html', COM_allowedHTML());
$storyform->set_var('story_uid', $story->EditElements('uid'));
$storyform->set_var('story_sid', $story->EditElements('sid'));
$storyform->set_var('story_date', $story->EditElements('unixdate'));
$storyform->set_var('lang_preview', $LANG12[32]);
PLG_templateSetVars('story', $storyform);
if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
$storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
}
$retval .= COM_startBlock($LANG12[6], 'submitstory.html');
$storyform->parse('theform', 'storyform');
$retval .= $storyform->finish($storyform->get_var('theform'));
$retval .= COM_endBlock();
return $retval;
}
/**
* Displays a login form
*
* This is the version of the login form displayed in the content area of the
* page (not the side bar). It will present all options (remote authentication
* - including new registration link, etc.) according to the current
* configuration settings.
*
* @param array $use_options options to override default settings
* @return string HTML of the login form
*
*/
function SEC_loginForm($use_options = array())
{
global $_CONF, $_USER, $LANG01, $LANG04;
$retval = '';
$default_options = array('forgotpw_link' => true, 'hidden_fields' => '', 'oauth_login' => true, '3rdparty_login' => true, 'newreg_link' => true, 'verification_link' => false, 'plugin_vars' => true, 'prefill_user' => false, 'title' => $LANG04[65], 'message' => '', 'footer_message' => '', 'button_text' => $LANG04[80], 'form_action' => $_CONF['site_url'] . '/users.php');
$options = array_merge($default_options, $use_options);
$loginform = new Template($_CONF['path_layout'] . 'users');
$loginform->set_file('login', 'loginform.thtml');
$loginform->set_var('form_action', $options['form_action']);
$loginform->set_var('footer_message', $options['footer_message']);
$loginform->set_var('start_block_loginagain', COM_startBlock($options['title']));
$loginform->set_var('lang_message', $options['message']);
if ($options['newreg_link'] == false || $_CONF['disable_new_user_registration']) {
$loginform->set_var('lang_newreglink', '');
} else {
$loginform->set_var('lang_newreglink', $LANG04[123]);
}
$loginform->set_var('lang_username', $LANG04[2]);
$loginform->set_var('lang_password', $LANG01[57]);
if ($options['forgotpw_link']) {
$loginform->set_var('lang_forgetpassword', $LANG04[25]);
$forget = COM_createLink($LANG04[25], $_CONF['site_url'] . '/users.php?mode=getpassword', array('rel' => 'nofollow'));
$loginform->set_var('forgetpassword_link', $forget);
} else {
$loginform->set_var('lang_forgetpassword', '');
$loginform->set_var('forgetpassword_link', '');
}
$loginform->set_var('lang_login', $options['button_text']);
$loginform->set_var('end_block', COM_endBlock());
// 3rd party remote authentication.
$services = '';
if ($options['3rdparty_login'] && $_CONF['user_login_method']['3rdparty'] && $_CONF['usersubmission'] == 0) {
$modules = SEC_collectRemoteAuthenticationModules();
if (count($modules) > 0) {
if (!$_CONF['user_login_method']['standard'] && count($modules) == 1) {
$select = '<input type="hidden" name="service" value="' . $modules[0] . '"/>' . $modules[0] . LB;
} else {
// Build select
$select = '<select name="service">';
if ($_CONF['user_login_method']['standard']) {
$select .= '<option value="">' . $_CONF['site_name'] . '</option>' . LB;
}
foreach ($modules as $service) {
$select .= '<option value="' . $service . '">' . $service . '</option>' . LB;
}
$select .= '</select>';
}
$loginform->set_file('services', 'services.thtml');
$loginform->set_var('lang_service', $LANG04[121]);
$loginform->set_var('select_service', $select);
$loginform->parse('output', 'services');
$services .= $loginform->finish($loginform->get_var('output'));
}
}
if (!empty($options['hidden_fields'])) {
// allow caller to (ab)use {services} for hidden fields
$services .= $options['hidden_fields'];
$loginform->set_var('hidden_fields', $options['hidden_fields']);
}
$loginform->set_var('services', $services);
// OAuth remote authentication.
if ($options['oauth_login'] && $_CONF['user_login_method']['oauth']) {
$modules = SEC_collectRemoteOAuthModules();
if (count($modules) == 0) {
$loginform->set_var('oauth_login', '');
} else {
$html_oauth = '';
foreach ($modules as $service) {
$loginform->set_file('oauth_login', '../loginform_oauth.thtml');
$loginform->set_var('oauth_service', $service);
$loginform->set_var('oauth_service_display', ucwords($service));
// for sign in image
$loginform->set_var('oauth_sign_in_image', $_CONF['site_url'] . '/images/login-with-' . $service . '.png');
$loginform->parse('output', 'oauth_login');
$html_oauth .= $loginform->finish($loginform->get_var('output'));
}
$loginform->set_var('oauth_login', $html_oauth);
}
} else {
$loginform->set_var('oauth_login', '');
}
if ($options['verification_link']) {
$loginform->set_var('lang_verification', $LANG04[169]);
$verify = COM_createLink($LANG04[25], $_CONF['site_url'] . '/users.php?mode=getnewtoken', array('rel' => 'nofollow'));
$loginform->set_var('verification_link', $verify);
} else {
$loginform->set_var('lang_verification', '');
$loginform->set_var('verification_link', '');
}
if ($options['prefill_user'] && isset($_USER['username']) && $_USER['username'] != '') {
$loginform->set_var('loginname', $_USER['username']);
$loginform->set_var('focus', 'passwd');
} else {
$loginform->set_var('loginname', '');
$loginform->set_var('focus', 'loginname');
}
if ($options['plugin_vars']) {
PLG_templateSetVars('loginform', $loginform);
}
$loginform->parse('output', 'login');
$retval .= $loginform->finish($loginform->get_var('output'));
return $retval;
}
/**
* Takes an article class and renders HTML in the specified template and style.
* Formats the given article into HTML. Called by index.php, article.php,
* submit.php and admin/story.php (Preview mode for the last two).
*
* @param Story $story The story to display, an instance of the Story class.
* @param string $index n = Full display of article. p = 'Preview' mode. Else introtext only.
* @param string $storyTpl The template to use to render the story.
* @param string $query A search query, if one was specified.
* @return string Article as formatted HTML.
* Note: Formerly named COM_Article, and re-written totally since then.
*/
function STORY_renderArticle($story, $index = '', $storyTpl = 'storytext.thtml', $query = '')
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG05, $LANG11, $LANG_TRB, $_IMAGE_TYPE, $mode;
static $storyCounter = 0;
if ($story->DisplayElements('featured') == 1) {
$article_filevar = 'featuredarticle';
} elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE && $story->DisplayElements('expire') <= time()) {
$article_filevar = 'archivearticle';
} else {
$article_filevar = 'article';
}
if (empty($storyTpl)) {
$storyTpl = 'storytext.thtml';
}
// Change article template file with the topic (feature request #275)
$templateDir = $_CONF['path_layout'];
$topicDir = $templateDir . 'topics/' . $story->DisplayElements('tid') . '/';
if (is_dir($topicDir) && file_exists($topicDir . $storyTpl)) {
$templateDir = $topicDir;
}
$article = COM_newTemplate($templateDir);
$article->set_file(array('article' => $storyTpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml'));
// begin instance caching...
$cache_time = $story->DisplayElements('cache_time');
$current_article_tid = $story->DisplayElements('tid');
$retval = false;
// If stays false will rebuild article and not used cache (checks done below)
if ($cache_time > 0 || $cache_time == -1) {
$hash = CACHE_security_hash();
$cacheInstance = 'article__' . $story->getSid() . '_' . $index . $mode . '_' . $article_filevar . '_' . $current_article_tid . '_' . $hash . '_' . $_USER['theme'];
if ($_CONF['cache_templates']) {
$retval = $article->check_instance($cacheInstance, $article_filevar);
} else {
$retval = CACHE_check_instance($cacheInstance);
}
if ($retval && $cache_time == -1) {
// Cache file found so use it since no time limit set to recreate
} elseif ($retval && $cache_time > 0) {
$lu = CACHE_get_instance_update($cacheInstance);
$now = time();
if ($now - $lu < $cache_time) {
// Cache file found so use it since under time limit set to recreate
} else {
// generate article and create cache file
// Cache time is not built into template caching so need to delete it manually and reset $retval
if ($_CONF['cache_templates']) {
// Need to close and recreate template class since issues arise when theme templates are cached
unset($article);
// Close template class
CACHE_remove_instance($cacheInstance);
$article = COM_newTemplate($_CONF['path_layout']);
$article->set_file(array('article' => $storyTpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml'));
} else {
// theme templates are not cache so can go ahead and delete story cache
CACHE_remove_instance($cacheInstance);
}
$retval = false;
}
} else {
// Need to reset especially if caching is disabled for a certain story but template caching has been enabled for the theme
$retval = false;
}
}
$articleUrl = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
$article->set_var('article_url', $articleUrl);
$article->set_var('story_title', $story->DisplayElements('title'));
// Date formatting set by user therefore cannot be cached
$article->set_var('story_date', $story->DisplayElements('date'), false, true);
$article->set_var('story_datetime', $story->DisplayElements('datetime'), false, true);
// Story views increase with every visit so cannot be cached
if ($_CONF['hideviewscount'] != 1) {
$article->set_var('lang_views', $LANG01[106], false, true);
$article->set_var('story_hits', $story->DisplayElements('hits'), false, true);
}
// Topic Icon is user configurable so do not cache
$topicname = $story->DisplayElements('topic');
$topicurl = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $story->DisplayElements('tid'));
if ((!isset($_USER['noicons']) || $_USER['noicons'] != 1) && $story->DisplayElements('show_topic_icon') == 1) {
$imageurl = $story->DisplayElements('imageurl');
if (!empty($imageurl)) {
$imageurl = COM_getTopicImageUrl($imageurl);
$article->set_var('story_topic_image_url', $imageurl, false, true);
$topicimage = '<img src="' . $imageurl . '" class="float' . $_CONF['article_image_align'] . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
$article->set_var('story_anchortag_and_image', COM_createLink($topicimage, $topicurl, array()), false, true);
$article->set_var('story_topic_image', $topicimage, false, true);
$topicimage_noalign = '<img src="' . $imageurl . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
$article->set_var('story_anchortag_and_image_no_align', COM_createLink($topicimage_noalign, $topicurl, array()), false, true);
$article->set_var('story_topic_image_no_align', $topicimage_noalign, false, true);
}
}
// Main article content
if ($index == 'p') {
$introtext = $story->getPreviewText('introtext');
$bodytext = $story->getPreviewText('bodytext');
} else {
$introtext = $story->displayElements('introtext');
$bodytext = $story->displayElements('bodytext');
}
$readmore = empty($bodytext) ? 0 : 1;
$numwords = COM_numberFormat(count(explode(' ', COM_getTextContent($bodytext))));
if (COM_onFrontpage()) {
$bodytext = '';
}
if (!empty($query)) {
$introtext = COM_highlightQuery($introtext, $query);
$bodytext = COM_highlightQuery($bodytext, $query);
}
// Create article only if preview, or query not empty, or if no cache version or cache version is not required
if ($index == 'p' || !empty($query) || !$retval) {
$article->set_var('article_filevar', '');
$article->set_var('site_name', $_CONF['site_name']);
//$article->set_var( 'story_date', $story->DisplayElements('date') );
$article->set_var('story_date_short', $story->DisplayElements('shortdate'));
$article->set_var('story_date_only', $story->DisplayElements('dateonly'));
$article->set_var('story_id', $story->getSid());
if ($_CONF['contributedbyline'] == 1) {
$article->set_var('lang_contributed_by', $LANG01[1]);
$article->set_var('contributedby_uid', $story->DisplayElements('uid'));
$fullname = $story->DisplayElements('fullname');
$username = $story->DisplayElements('username');
$article->set_var('contributedby_user', $username);
if (empty($fullname)) {
$article->set_var('contributedby_fullname', $username);
} else {
$article->set_var('contributedby_fullname', $fullname);
}
$authorname = COM_getDisplayName($story->DisplayElements('uid'), $username, $fullname);
$article->set_var('contributedby_author', $authorname);
$article->set_var('author', $authorname);
$profileUrl = '';
if ($story->DisplayElements('uid') > 1) {
$profileUrl = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $story->DisplayElements('uid');
$article->set_var('start_contributedby_anchortag', '<a class="storybyline" href="' . $profileUrl . '" rel="author">');
$article->set_var('end_contributedby_anchortag', '</a>');
$article->set_var('contributedby_url', $profileUrl);
}
$photo = '';
if ($_CONF['allow_user_photo'] == 1) {
$authphoto = $story->DisplayElements('photo');
if (empty($authphoto)) {
$authphoto = '(none)';
// user does not have a photo
}
$photo = USER_getPhoto($story->DisplayElements('uid'), $authphoto, $story->DisplayElements('email'));
}
if (!empty($photo)) {
$article->set_var('contributedby_photo', $photo);
$article->set_var('author_photo', $photo);
$camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>';
$article->set_var('camera_icon', COM_createLink($camera_icon, $profileUrl));
} else {
$article->set_var('contributedby_photo', '');
$article->set_var('author_photo', '');
$article->set_var('camera_icon', '');
}
}
$article->set_var('story_topic_id', $story->DisplayElements('tid'));
$article->set_var('story_topic_name', $topicname);
$article->set_var('story_topic_url', $topicurl);
$recent_post_anchortag = '';
$article->set_var('lang_permalink', $LANG01[127]);
$show_comments = true;
// n = Full display of article. p = 'Preview' mode.
if ($index != 'n' && $index != 'p' || !empty($query)) {
$attributes = ' class="non-ul"';
$attr_array = array('class' => 'non-ul');
if (!empty($query)) {
$attributes .= ' rel="bookmark"';
$attr_array['rel'] = 'bookmark';
}
$article->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '"' . $attributes . '>');
$article->set_var('end_storylink_anchortag', '</a>');
$article->set_var('story_title_link', COM_createLink($story->DisplayElements('title'), $articleUrl, $attr_array));
} else {
$article->set_var('story_title_link', $story->DisplayElements('title'));
}
$related_topics = '';
if ($index == 'n') {
if ($_CONF['supported_version_theme'] == '1.8.1') {
$article->set_var('breadcrumb_trail', TOPIC_breadcrumbs('article', $story->getSid()));
}
if ($_CONF['related_topics'] > 0) {
$related_topics = TOPIC_relatedTopics('article', $story->getSid(), $_CONF['related_topics_max']);
$article->set_var('related_topics', $related_topics);
}
} elseif ($index != 'p') {
if ($_CONF['related_topics'] > 1) {
$related_topics = TOPIC_relatedTopics('article', $story->getSid(), $_CONF['related_topics_max']);
$article->set_var('related_topics', $related_topics);
}
}
$page_selector = '';
$readmore_link = '';
$post_comment_link = '';
$plugin_itemdisplay = '';
$comments_with_count = '';
$trackbacks_with_count = '';
if ($index == 'n' || $index == 'p') {
if (empty($bodytext)) {
$article->set_var('story_introtext', $introtext);
$article->set_var('story_text_no_br', $introtext);
} else {
if ($_CONF['allow_page_breaks'] == 1 && $index == 'n') {
$story_page = 1;
// page selector
if (is_numeric($mode)) {
$story_page = $mode;
if ($story_page <= 0) {
$story_page = 1;
$mode = 0;
} elseif ($story_page > 1) {
$introtext = '';
}
}
$article_array = explode('[page_break]', $bodytext);
$page_break_count = count($article_array);
if ($story_page > $page_break_count) {
// Can't have page count greater than actual number of pages
$story_page = $page_break_count;
}
$page_selector = COM_printPageNavigation($articleUrl, $story_page, $page_break_count, 'mode=', $_CONF['url_rewrite'], $LANG01[118]);
if (count($article_array) > 1) {
$bodytext = $article_array[$story_page - 1];
}
$article->set_var('page_selector', $page_selector);
if ($_CONF['page_break_comments'] == 'last' && $story_page < count($article_array) || $_CONF['page_break_comments'] == 'first' && $story_page != 1) {
$show_comments = false;
}
$article->set_var('story_page', $story_page);
}
$article->set_var('story_introtext', $introtext . '<br' . XHTML . '><br' . XHTML . '>' . $bodytext);
$article->set_var('story_text_no_br', $introtext . ' ' . $bodytext);
}
$article->set_var('story_introtext_only', $introtext);
$article->set_var('story_bodytext_only', $bodytext);
if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && SEC_hasRights('story.ping')) {
$url = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&id=' . $story->getSid();
$article->set_var('send_trackback_link', COM_createLink($LANG_TRB['send_trackback'], $url));
$pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
$article->set_var('send_trackback_icon', COM_createLink($pingico, $url));
$article->set_var('send_trackback_url', $url);
$article->set_var('lang_send_trackback_text', $LANG_TRB['send_trackback']);
}
$article->set_var('story_display', $index == 'p' ? 'preview' : 'article');
$article->set_var('story_counter', 0);
} else {
$article->set_var('story_introtext', $introtext);
$article->set_var('story_text_no_br', $introtext);
$article->set_var('story_introtext_only', $introtext);
if ($readmore) {
$article->set_var('lang_readmore', $LANG01[2]);
$article->set_var('lang_readmore_words', $LANG01[62]);
$article->set_var('readmore_words', $numwords);
$readmore_link = COM_createLink($LANG01[2], $articleUrl, array('class' => 'story-read-more-link')) . ' (' . $numwords . ' ' . $LANG01[62] . ') ';
$article->set_var('readmore_link', $readmore_link);
$article->set_var('start_readmore_anchortag', '<a href="' . $articleUrl . '" class="story-read-more-link">');
$article->set_var('end_readmore_anchortag', '</a>');
$article->set_var('read_more_class', 'class="story-read-more-link"');
}
if ($story->DisplayElements('commentcode') >= 0 && $show_comments) {
$commentsUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#comments';
$article->set_var('comments_url', $commentsUrl);
$article->set_var('comments_text', COM_numberFormat($story->DisplayElements('comments')) . ' ' . $LANG01[3]);
$article->set_var('comments_count', COM_numberFormat($story->DisplayElements('comments')));
$article->set_var('lang_comments', $LANG01[3]);
$comments_with_count = sprintf($LANG01[121], COM_numberFormat($story->DisplayElements('comments')));
if ($story->DisplayElements('comments') > 0) {
$result = DB_query("SELECT UNIX_TIMESTAMP(date) AS day,username,fullname,{$_TABLES['comments']}.uid as cuid FROM {$_TABLES['comments']},{$_TABLES['users']} WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid AND sid = '" . $story->getSid() . "' ORDER BY date DESC LIMIT 1");
$C = DB_fetchArray($result);
$recent_post_anchortag = '<span class="storybyline">' . $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . COM_getDisplayName($C['cuid'], $C['username'], $C['fullname']) . '</span>';
$comments_with_count = COM_createLink($comments_with_count, $commentsUrl);
$article->set_var('comments_with_count', $comments_with_count);
$article->set_var('start_comments_anchortag', '<a href="' . $commentsUrl . '">');
$article->set_var('end_comments_anchortag', '</a>');
} else {
$article->set_var('comments_with_count', $comments_with_count);
if ($_CONF['comment_on_same_page'] == true) {
$recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '#commenteditform');
} else {
$recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&pid=0&type=article');
if ($_CONF['show_comments_at_replying'] == true) {
$recent_post_anchortag .= '#commenteditform';
}
}
}
if ($story->DisplayElements('commentcode') == 0) {
if ($_CONF['comment_on_same_page'] == true) {
$postCommentUrl = $_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '#commenteditform';
} else {
$postCommentUrl = $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&pid=0&type=article';
if ($_CONF['show_comments_at_replying'] == true) {
$postCommentUrl .= '#commenteditform';
}
}
$post_comment_link = COM_createLink($LANG01[60], $postCommentUrl, array('rel' => 'nofollow'));
$article->set_var('post_comment_link', $post_comment_link);
/*
$article->set_var( 'subscribe_link',
COM_createLink('Nubbies', '', array('rel' => 'nofollow'))
);
*/
$article->set_var('lang_post_comment', $LANG01[60]);
$article->set_var('start_post_comment_anchortag', '<a href="' . $postCommentUrl . '" rel="nofollow">');
$article->set_var('end_post_comment_anchortag', '</a>');
}
}
if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && $story->DisplayElements('trackbackcode') >= 0 && $show_comments) {
$num_trackbacks = COM_numberFormat($story->DisplayElements('trackbacks'));
$trackbacksUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#trackback';
$article->set_var('trackbacks_url', $trackbacksUrl);
$article->set_var('trackbacks_text', $num_trackbacks . ' ' . $LANG_TRB['trackbacks']);
$article->set_var('trackbacks_count', $num_trackbacks);
$article->set_var('lang_trackbacks', $LANG_TRB['trackbacks']);
if (SEC_hasRights('story.ping')) {
$pingurl = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&id=' . $story->getSid();
$pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
$article->set_var('send_trackback_icon', COM_createLink($pingico, $pingurl));
}
$trackbacks_with_count = sprintf($LANG01[122], $num_trackbacks);
if ($story->DisplayElements('trackbacks') > 0) {
$trackbacks_with_count = COM_createLink($trackbacks_with_count, $trackbacksUrl);
}
$article->set_var('trackbacks_with_count', $trackbacks_with_count);
}
if ($_CONF['hideemailicon'] == 1 || COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
$article->set_var('email_icon', '');
} else {
$emailUrl = $_CONF['site_url'] . '/profiles.php?sid=' . $story->getSid() . '&what=emailstory';
$emailicon = '<img src="' . $_CONF['layout_url'] . '/images/mail.' . $_IMAGE_TYPE . '" alt="' . $LANG01[64] . '" title="' . $LANG11[2] . '"' . XHTML . '>';
$article->set_var('email_icon', COM_createLink($emailicon, $emailUrl));
$article->set_var('email_story_url', $emailUrl);
$article->set_var('lang_email_story', $LANG11[2]);
$article->set_var('lang_email_story_alt', $LANG01[64]);
}
$printUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&mode=print');
if ($_CONF['hideprintericon'] == 1) {
$article->set_var('print_icon', '');
} else {
$printicon = '<img src="' . $_CONF['layout_url'] . '/images/print.' . $_IMAGE_TYPE . '" alt="' . $LANG01[65] . '" title="' . $LANG11[3] . '"' . XHTML . '>';
$article->set_var('print_icon', COM_createLink($printicon, $printUrl, array('rel' => 'nofollow')));
$article->set_var('print_story_url', $printUrl);
$article->set_var('lang_print_story', $LANG11[3]);
$article->set_var('lang_print_story_alt', $LANG01[65]);
}
$article->set_var('story_display', 'index');
$storyCounter++;
$article->set_var('story_counter', $storyCounter);
}
$article->set_var('recent_post_anchortag', $recent_post_anchortag);
if ($index != 'p' && SEC_hasRights('story.edit') && $story->checkAccess() == 3 && TOPIC_hasMultiTopicAccess('article', $story->DisplayElements('sid')) == 3) {
$editUrl = $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' . $story->getSid();
$editiconhtml = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>';
$article->set_var('edit_link', COM_createLink($LANG01[4], $editUrl));
$article->set_var('edit_url', $editUrl);
$article->set_var('lang_edit_text', $LANG01[4]);
$article->set_var('edit_icon', COM_createLink($editiconhtml, $editUrl, array('class' => 'editlink')));
$article->set_var('edit_image', $editiconhtml);
}
$navi_list = true;
$feedback_list = true;
if ($index == 'p') {
$navi_list = false;
$feedback_list = false;
} else {
$navi_list = $page_selector !== '' || $readmore_link !== '' || $post_comment_link !== '';
$feedback_list = $plugin_itemdisplay !== '' || $comments_with_count !== '' || $trackbacks_with_count !== '';
}
$story_footer = $navi_list || $feedback_list || $related_topics !== '';
$article->set_var('navi_list', $navi_list);
$article->set_var('feedback_list', $feedback_list);
$article->set_var('story_footer', $story_footer);
if ($story->DisplayElements('featured') == 1) {
$article->set_var('lang_todays_featured_article', $LANG05[4]);
$article->parse('story_bodyhtml', 'featuredbodytext', true);
PLG_templateSetVars('featuredstorytext', $article);
} elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE && $story->DisplayElements('expire') <= time()) {
$article->parse('story_bodyhtml', 'archivestorybodytext', true);
PLG_templateSetVars('archivestorytext', $article);
} else {
$article->parse('story_bodyhtml', 'bodytext', true);
PLG_templateSetVars('storytext', $article);
}
// Add related articles
if ($index === 'n') {
$article->set_var('related_articles_by_keyword', Story::getRelatedArticlesByKeywords($story->getSid(), $story->DisplayElements('meta_keywords')));
}
PLG_templateSetVars($article_filevar, $article);
if ($index != 'p' && ($cache_time > 0 || $cache_time == -1)) {
$article->create_instance($cacheInstance, $article_filevar);
// CACHE_create_instance($cacheInstance, $article);
}
} else {
PLG_templateSetVars($article_filevar, $article);
if (!$_CONF['cache_templates']) {
// Hack (see Geeklog Bug Tracker issue #0001817): Cannot set the template variable directly with set_var since
// this template variable was set with set_file which uses the templatecode array (set_var uses varvals array)
// so have to update the templatecode array directly. This array really shouldn't be accessed this way
// and this hack should be changed in the future: either set_var or set_file functions need to allow update of the file template variable found in templatecode
// $article->set_var($article_filevar, $retval);
$article->templateCode[$article_filevar] = $retval;
}
}
$article->parse('finalstory', $article_filevar);
return $article->finish($article->get_var('finalstory'));
}
/**
* Display form to email a story to someone.
*
* @param string $sid ID of article to email
* @return string HTML for email story form
*
*/
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG_LOGIN;
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
$display = COM_siteHeader('menu', $LANG_LOGIN[1]);
$display .= SEC_loginRequiredForm();
$display .= COM_siteFooter();
echo $display;
exit;
}
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'" . COM_getTopicSql('AND') . COM_getPermSql('AND'));
$A = DB_fetchArray($result);
if ($A['count'] == 0) {
return COM_refresh($_CONF['site_url'] . '/index.php');
}
if ($msg > 0) {
$retval .= COM_showMessage($msg, '', '', 0, 'info');
}
if (empty($from) && empty($fromemail)) {
if (!COM_isAnonUser()) {
$from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
$fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
}
}
$postmode = $_CONF['mailuser_postmode'];
$mail_template = new Template($_CONF['path_layout'] . 'profiles');
$mail_template->set_file('form', 'contactauthorform.thtml');
if ($postmode == 'html') {
$mail_template->set_var('show_htmleditor', true);
} else {
$mail_template->unset_var('show_htmleditor');
}
$mail_template->set_var('lang_postmode', $LANG03[2]);
$mail_template->set_var('postmode', $postmode);
$mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
$mail_template->set_var('lang_fromname', $LANG08[20]);
$mail_template->set_var('name', $from);
$mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
$mail_template->set_var('email', $fromemail);
$mail_template->set_var('lang_toname', $LANG08[18]);
$mail_template->set_var('toname', $to);
$mail_template->set_var('lang_toemailaddress', $LANG08[19]);
$mail_template->set_var('toemail', $toemail);
$mail_template->set_var('lang_shortmessage', $LANG08[27]);
$mail_template->set_var('shortmsg', @htmlspecialchars($shortmsg, ENT_COMPAT, COM_getEncodingt()));
$mail_template->set_var('lang_warning', $LANG08[22]);
$mail_template->set_var('lang_sendmessage', $LANG08[16]);
$mail_template->set_var('story_id', $sid);
PLG_templateSetVars('emailstory', $mail_template);
$mail_template->set_var('end_block', COM_endBlock());
$mail_template->parse('output', 'form');
$retval .= $mail_template->finish($mail_template->get_var('output'));
return $retval;
}
function MG_albumThumbnail($album_id)
{
global $_MG_CONF, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01, $LANG_MG03;
$sql = "SELECT album_title,album_parent,album_views,enable_album_views," . "media_count,album_desc,album_cover_filename,last_update,tn_attached " . "FROM {$_TABLES['mg_albums']} " . "WHERE album_id=" . intval($album_id);
$result = DB_query($sql);
$album_data = DB_fetchArray($result);
$cover_filename = $album_data['album_cover_filename'];
if ($album_data['media_count'] > 0) {
if ($cover_filename != '' && $cover_filename != '0') {
// Testing!
if (strpos($cover_filename, 'tn_') === 0) {
$tmpfilename = 'tn/' . $cover_filename[3] . '/' . $cover_filename;
} else {
$type = $_MG_CONF['gallery_tn_size'];
// Root album
if ($album_data['album_parent'] > 0) {
$type = DB_getItem($_TABLES['mg_albums'], 'tn_size', 'album_id=' . $album_data['album_parent']);
}
$tmpfilename = 'tn/' . $cover_filename[0] . '/' . $cover_filename;
$tmpfilename = MG_getThumbPath($tmpfilename, $type);
$tmpfilename = rtrim($tmpfilename, '.');
}
list($album_last_image, $mediasize) = MG_getImageUrl($tmpfilename);
$album_last_update = MG_getUserDateTimeFormat($album_data['last_update']);
if ($mediasize == false) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/empty.png';
$mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'empty.png');
}
} else {
$filename = MG_getAlbumCover($album_id);
if ($filename == '' || $filename == NULL || $filename == " ") {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/empty.png';
$mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'empty.png');
} else {
list($album_last_image, $mediasize) = MG_getImageUrl('tn/' . $filename[0] . '/' . $filename);
if ($mediasize == false) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/missing.png';
$mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
}
}
}
$album_media_count = $album_data['media_count'];
if ($album_data['last_update'] > 0) {
$album_last_update = MG_getUserDateTimeFormat($album_data['last_update']);
$lang_updated = $_MG_CONF['dfid'] == '99' ? '' : $LANG_MG03['updated_prompt'];
} else {
$album_last_update[0] = '';
$lang_updated = '';
}
$lang_updated = $_MG_CONF['dfid'] == '99' ? '' : $LANG_MG03['updated_prompt'];
if (isset($_USER['uid']) && $_USER['uid'] > 1) {
$lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '" . $_USER['uid'] . "'");
if ($album_data['last_update'] > $lastlogin) {
$album_last_update[0] = '<span class="mgUpdated">' . $album_last_update[0] . '</span>';
}
}
} else {
// nothing in the album yet...
$filename = MG_getAlbumCover($album_id);
if ($filename == '') {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/empty.png';
$mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'empty.png');
} else {
list($album_last_image, $mediasize) = MG_getImageUrl('tn/' . $filename[0] . '/' . $filename);
if ($mediasize == false) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/missing.png';
$mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
}
}
$album_last_update[0] = '';
$lang_updated = '';
}
if ($album_data['tn_attached'] == 1) {
list($album_last_image, $mediasize) = MG_getImageUrl('covers/cover_' . $album_id);
if ($mediasize == false) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/missing.png';
$mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
}
}
$children = MG_getAlbumChildren($album_id);
$subalbums = count($children);
$total_images_subalbums = MG_getMediaCount($album_id);
$parent_album = new mgAlbum($album_data['album_parent']);
$_MG_USERPREFS = MG_getUserPrefs();
if (isset($_MG_USERPREFS['tn_size']) && $_MG_USERPREFS['tn_size'] != -1) {
$tn_size = $_MG_USERPREFS['tn_size'];
} else {
$tn_size = $parent_album->tn_size;
}
list($tn_height, $tn_width) = MG_getTNSize($tn_size, $parent_album->tnHeight, $parent_album->tnWidth);
list($newwidth, $newheight) = MG_getImageWH_3($mediasize[0], $mediasize[1], $tn_width, $tn_height);
$media_item_thumbnail = MG_getFramedImage($parent_album->album_skin, $album_data['album_title'], $_MG_CONF['site_url'] . '/album.php?aid=' . $album_id . '&page=1', $album_last_image, $newwidth, $newheight);
$C = COM_newTemplate(MG_getTemplatePath($album_data['album_parent']));
$C->set_file('cell', 'album_page_album_cell.thtml');
$C->set_var(array('media_item_thumbnail' => $media_item_thumbnail, 'u_viewalbum' => $_MG_CONF['site_url'] . '/album.php?aid=' . $album_id . '&page=1', 'album_last_image' => $album_last_image, 'album_title' => $album_data['album_title'], 'album_media_count' => $album_data['media_count'], 'subalbum_media_count' => $total_images_subalbums, 'album_desc' => PLG_replaceTags($album_data['album_desc']), 'album_last_update' => $album_last_update[0], 'img_height' => $newheight, 'img_width' => $newwidth, 's_media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"', 'row_height' => $tn_height, 'updated' => $lang_updated, 'lang_album' => $LANG_MG00['album'], 'lang_views' => $LANG_MG03['views'], 'views' => $album_data['album_views'], 'lang_views' => $album_data['enable_album_views'] ? $LANG_MG03['views'] : '', 'views' => $album_data['enable_album_views'] ? $album_data['album_views'] : '', 'subalbumcount' => $subalbums > 0 ? '(' . $subalbums . ')' : '', 'lang_subalbums' => $subalbums > 0 ? $LANG_MG01['subalbums'] : ''));
PLG_templateSetVars('mediagallery', $C);
$C->parse('output', 'cell');
$celldisplay = $C->finish($C->get_var('output'));
return $celldisplay;
}
/**
* Displays the comment form
*
* @param string $title Title of comment
* @param string $comment Text of comment
* @param string $sid ID of object comment belongs to
* @param int $pid ID of parent comment
* @param string $type Type of object comment is posted to
* @param string $mode Mode, e.g. 'preview'
* @param string $postmode Indicates if comment is plain text or HTML
* @param string $format 'threaded', 'nested', or 'flat'
* @param string $order 'ASC' or 'DESC' or blank
* @param int $page Page number of comments to display
* @return string HTML for comment form
*
*/
function CMT_commentForm($title, $comment, $sid, $pid = '0', $type, $mode, $postmode, $format = '', $order = '', $page = '')
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG03, $LANG12, $LANG_ADMIN, $LANG_ACCESS, $MESSAGE, $_SCRIPTS;
$retval = '';
// never trust $uid ...
if (empty($_USER['uid'])) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
if (empty($format)) {
if (isset($_REQUEST['format'])) {
$format = COM_applyFilter($_REQUEST['format']);
}
if (!in_array($format, array('threaded', 'nested', 'flat', 'nocomment'))) {
if (COM_isAnonUser()) {
$format = $_CONF['comment_mode'];
} else {
$format = DB_getItem($_TABLES['usercomment'], 'commentmode', "uid = {$uid}");
}
}
}
if (empty($order)) {
if (isset($_REQUEST['order'])) {
$order = COM_applyFilter($_REQUEST['order']);
}
}
if (empty($page)) {
if (isset($_REQUEST['cpage'])) {
$page = COM_applyFilter($_REQUEST['cpage'], true);
if (empty($page)) {
$page = 1;
}
}
}
$commentuid = $uid;
$table = '';
if ($mode == 'edit' || $mode == $LANG03[28]) {
$table = $_TABLES['comments'];
} elseif ($mode == 'editsubmission' || $mode == $LANG03[34]) {
$table = $_TABLES['commentsubmissions'];
}
if (!empty($table)) {
$cid = 0;
if (isset($_REQUEST[CMT_CID])) {
$cid = COM_applyFilter($_REQUEST[CMT_CID], true);
}
if ($cid <= 0) {
return COM_refresh($_CONF['site_url'] . '/index.php');
}
$commentuid = DB_getItem($table, 'uid', "cid = '{$cid}'");
}
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
$retval .= SEC_loginRequiredForm();
return $retval;
} else {
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
$last = 0;
if ($mode != 'edit' && $mode != 'editsubmission' && $mode != $LANG03[28] && $mode != $LANG03[34]) {
// not edit mode or preview changes
$last = COM_checkSpeedlimit('comment');
}
if ($last > 0) {
if (COMMENT_ON_SAME_PAGE) {
$retval .= COM_showMessageText($LANG03[45], $MESSAGE[40]);
} else {
$retval .= COM_showMessageText($LANG03[7] . $last . $LANG03[8], $LANG12[26]);
}
} else {
// Add JavaScript
$_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
if ($postmode != 'html' && $postmode != 'plaintext') {
if (empty($postmode) && $_CONF['advanced_editor'] && $_USER['advanced_editor']) {
$postmode = 'html';
} elseif (empty($postmode)) {
$postmode = $_CONF['postmode'];
}
}
$sig = '';
if ($uid > 1) {
$sig = DB_getItem($_TABLES['users'], 'sig', "uid = '{$uid}'");
}
// Note:
// $comment / $newcomment is what goes into the preview / is
// actually stored in the database -> strip HTML
// $commenttext is what the user entered and goes back into the
// <textarea> -> don't strip HTML
$commenttext = htmlspecialchars(COM_stripslashes($comment));
// Replace $, {, and } with special HTML equivalents
$commenttext = str_replace('$', '$', $commenttext);
$commenttext = str_replace('{', '{', $commenttext);
$commenttext = str_replace('}', '}', $commenttext);
// Remove any autotags the user doesn't have permission to use
$commenttext = PLG_replaceTags($commenttext, '', true);
// Autotags can now be used in templates when an article is rendered
// for this reason, replace [, ] in order to prevent garbled characters
$commenttext = str_replace('[', '[', $commenttext);
$commenttext = str_replace(']', ']', $commenttext);
$title = COM_checkWords(strip_tags(COM_stripslashes($title)));
// $title = str_replace('$','$',$title); done in CMT_getComment
$_POST['title'] = $title;
$newcomment = $comment;
if ($mode == $LANG03[28]) {
// for preview
$newcomment = CMT_prepareText($comment, $postmode, $type, true, $cid);
} elseif ($mode == $LANG03[34]) {
$newcomment = CMT_prepareText($comment, $postmode, $type, true);
} else {
$newcomment = CMT_prepareText($comment, $postmode, $type);
}
$_POST['comment'] = $newcomment;
// Preview mode:
if (($mode == $LANG03[14] || $mode == $LANG03[28] || $mode == $LANG03[34]) && !empty($title) && !empty($comment)) {
$start = COM_newTemplate($_CONF['path_layout'] . 'comment');
$start->set_file(array('comment' => 'startcomment.thtml'));
$start->set_var('hide_if_preview', 'style="display:none"');
$start->set_var('area_id', 'commentpreview');
// Clean up all the vars
$A = array();
foreach ($_POST as $key => $value) {
if ($key == CMT_PID || $key == CMT_CID) {
$A[$key] = COM_applyFilter($_POST[$key], true);
} else {
if ($key == 'title' || $key == 'comment') {
// these have already been filtered above
$A[$key] = $_POST[$key];
} else {
if ($key == CMT_USERNAME) {
$A[$key] = htmlspecialchars(COM_checkWords(strip_tags(COM_stripslashes($_POST[$key]))));
} else {
$A[$key] = COM_applyFilter($_POST[$key]);
}
}
}
}
// correct time and username for edit preview
if ($mode == $LANG03[28] || $mode == $LANG03[34]) {
$A['nice_date'] = DB_getItem($table, 'UNIX_TIMESTAMP(date)', "cid = '{$cid}'");
if ($_USER['uid'] != $commentuid) {
$uresult = DB_query("SELECT username, fullname, email, photo FROM {$_TABLES['users']} WHERE uid = {$commentuid}");
$A = array_merge($A, DB_fetchArray($uresult));
}
}
if ($uid != 1 || empty($A[CMT_USERNAME])) {
$A[CMT_USERNAME] = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}");
}
if (COMMENT_ON_SAME_PAGE) {
if (isset($A[CMT_CID])) {
$A['cid'] = $A[CMT_CID];
}
$A['sid'] = $A[CMT_SID];
$A['pid'] = $A[CMT_PID];
$A['uid'] = $A[CMT_UID];
$A['type'] = $A[CMT_TYPE];
$A['username'] = $A[CMT_USERNAME];
}
$thecomments = CMT_getComment($A, 'flat', $type, 'ASC', false, true);
$start->set_var('comments', $thecomments);
$retval .= COM_startBlock($LANG03[14]) . $start->finish($start->parse('output', 'comment')) . COM_endBlock();
} else {
if ($mode == $LANG03[14]) {
$retval .= COM_showMessageText($LANG03[12], $LANG03[17]);
$mode = 'error';
}
}
$permission = $type == 'article' ? 'story.edit' : "{$type}.edit";
$comment_template = COM_newTemplate($_CONF['path_layout'] . 'comment');
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
$comment_template->set_file('form', 'commentform_advanced.thtml');
if (COM_isAnonUser()) {
$link_message = "";
} else {
$link_message = $LANG01[138];
}
$comment_template->set_var('noscript', COM_getNoScript(false, '', $link_message));
// Setup Advanced Editor
COM_setupAdvancedEditor('/javascript/submitcomment_adveditor.js', $permission);
} else {
$comment_template->set_file('form', 'commentform.thtml');
}
$is_comment_page = CMT_isCommentPage();
if ($is_comment_page) {
$comment_template->set_var('nprefix', '');
} else {
$comment_template->set_var('nprefix', 'cmt_');
}
$comment_template->set_var('format', $format);
$comment_template->set_var('order', $order);
$comment_template->set_var('cpage', $page);
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
if ($_CONF['show_fullname'] == 1) {
$comment_template->set_var('lang_username', $LANG_ACCESS['name']);
} elseif (COM_isAnonUser()) {
$comment_template->set_var('lang_username', $LANG03[44]);
} else {
$comment_template->set_var('lang_username', $LANG03[5]);
}
$comment_template->set_var('sid', $sid);
$comment_template->set_var('pid', $pid);
$comment_template->set_var('type', $type);
if ($mode == 'edit' || $mode == 'editsubmission' || $mode == $LANG03[28] || $mode == $LANG03[34]) {
$comment_template->set_var('hidewhenediting', ' style="display:none;"');
} else {
$comment_template->set_var('hidewhenediting', '');
}
if (COMMENT_ON_SAME_PAGE) {
list($plgurl, $plgid) = CMT_getCommentUrlId($type);
// Filemgmt plugin is doing special processing.
// Therefore, I support specially, against my better judgment.
// May should delete this code part.
if ($type == 'filemgmt') {
$sid = str_replace('fileid_', '', $sid);
}
$formurl = "{$plgurl}?{$plgid}={$sid}#commentpreview";
} else {
$formurl = $_CONF['site_url'] . '/comment.php#commentpreview';
// commentpreview needed for when showing replies on the same page
}
if ($mode == 'edit' || $mode == $LANG03[28]) {
//edit modes
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[32]));
$comment_template->set_var('cid', '<input type="hidden" name="' . CMT_CID . '" value="' . $cid . '"' . XHTML . '>');
} else {
if ($mode == 'editsubmission' || $mode == $LANG03[34]) {
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[33]));
$comment_template->set_var('cid', '<input type="hidden" name="' . CMT_CID . '" value="' . $cid . '"' . XHTML . '>');
} else {
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
$comment_template->set_var('cid', '');
}
}
$comment_template->set_var('form_url', $formurl);
if (COM_isAnonUser()) {
// Anonymous user
$comment_template->set_var('uid', 1);
if (isset($A[CMT_USERNAME])) {
$name = $A[CMT_USERNAME];
// for preview
} elseif (isset($_COOKIE[$_CONF['cookie_anon_name']])) {
// stored as cookie, name used before
$name = htmlspecialchars(COM_checkWords(strip_tags(COM_stripslashes($_COOKIE[$_CONF['cookie_anon_name']]))));
} else {
$name = COM_getDisplayName(1);
// anonymous user
}
$usernameblock = '<input type="text" name="' . CMT_USERNAME . '" size="16" value="' . $name . '" maxlength="32"' . XHTML . '>';
$comment_template->set_var('username', $usernameblock);
$comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new');
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
} else {
if ($commentuid != $_USER['uid']) {
$uresult = DB_query("SELECT username, fullname FROM {$_TABLES['users']} WHERE uid = {$commentuid}");
list($username, $fullname) = DB_fetchArray($uresult);
} else {
$username = $_USER['username'];
$fullname = $_USER['fullname'];
}
$comment_template->set_var('gltoken_name', CSRF_TOKEN);
$comment_template->set_var('gltoken', SEC_createToken());
$comment_template->set_var('uid', $commentuid);
$name = COM_getDisplayName($commentuid, $username, $fullname);
$comment_template->set_var('username', $name);
$comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout');
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]);
}
$comment_template->set_var('lang_cancel', $LANG_ADMIN['cancel']);
if ($mode == 'editsubmission' or $mode == 'edit' or $mode == $LANG03[34] or $mode == $LANG03[28]) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$comment_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$comment_template->set_var('allow_delete', true);
$comment_template->set_var('lang_delete', $LANG_ADMIN['delete']);
$comment_template->set_var('confirm_message', $MESSAGE[76]);
}
if ($mode == 'editsubmission' or $mode == $LANG03[34]) {
// Preview Submission changes (for edit)
$comment_template->set_var('formtype', 'editsubmission');
} elseif ($mode == 'edit' or $mode == $LANG03[28]) {
// Preview changes (for edit)
$comment_template->set_var('formtype', 'edit');
} else {
$comment_template->set_var('formtype', 'new');
}
if ($postmode == 'html') {
$comment_template->set_var('show_texteditor', 'none');
$comment_template->set_var('show_htmleditor', '');
} else {
$comment_template->set_var('show_texteditor', '');
$comment_template->set_var('show_htmleditor', 'none');
}
$comment_template->set_var('lang_title', $LANG03[16]);
$comment_template->set_var('title', htmlspecialchars($title));
$comment_template->set_var('lang_comment', $LANG03[9]);
$comment_template->set_var('comment', $commenttext);
$comment_template->set_var('lang_postmode', $LANG03[2]);
$comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
$allowed_html = '';
foreach (array('plaintext', 'html') as $pm) {
$allowed_html .= COM_allowedHTML($permission, false, 1, $pm);
}
$allowed_html .= COM_allowedAutotags();
$comment_template->set_var('allowed_html', $allowed_html);
$comment_template->set_var('lang_importantstuff', $LANG03[18]);
$comment_template->set_var('lang_instr_line1', $LANG03[19]);
$comment_template->set_var('lang_instr_line2', $LANG03[20]);
$comment_template->set_var('lang_instr_line3', $LANG03[21]);
$comment_template->set_var('lang_instr_line4', $LANG03[22]);
$comment_template->set_var('lang_instr_line5', $LANG03[23]);
if ($mode == 'edit' || $mode == $LANG03[28]) {
//editing comment or preview changes
$comment_template->set_var('lang_preview', $LANG03[28]);
} elseif ($mode == 'editsubmission' || $mode == $LANG03[34]) {
$comment_template->set_var('lang_preview', $LANG03[34]);
} else {
//new comment
$comment_template->set_var('lang_preview', $LANG03[14]);
}
if ($mode == $LANG03[28] || $mode == 'edit' && $_CONF['skip_preview'] == 1) {
PLG_templateSetVars('comment', $comment_template);
// Only for a edit form with a save button displayed (CAPTCHA related issue)
// for editing
$comment_template->set_var('save_option', '<input type="submit" name="' . CMT_MODE . '" value="' . $LANG03[29] . '"' . XHTML . '>');
$comment_template->set_var('allow_save', true);
$comment_template->set_var('lang_save', $LANG03[29]);
} elseif ($mode == $LANG03[34] || $mode == 'editsubmission' && $_CONF['skip_preview'] == 1) {
PLG_templateSetVars('comment', $comment_template);
// editing submission comment
$comment_template->set_var('save_option', '<input type="submit" name="' . CMT_MODE . '" value="' . $LANG03[35] . '"' . XHTML . '>');
$comment_template->set_var('allow_save', true);
$comment_template->set_var('lang_save', $LANG03[35]);
} elseif ($_CONF['skip_preview'] == 1 || $mode == $LANG03[14]) {
PLG_templateSetVars('comment', $comment_template);
$comment_template->set_var('save_option', '<input type="submit" name="' . CMT_MODE . '" value="' . $LANG03[11] . '"' . XHTML . '>');
$comment_template->set_var('allow_save', true);
$comment_template->set_var('lang_save', $LANG03[11]);
}
if ($_CONF['allow_reply_notifications'] == 1 && $uid != 1 && ($mode == '' || $mode == $LANG03[14] || $mode == 'error')) {
$checked = '';
if (isset($_POST['notify'])) {
$checked = ' checked="checked"';
}
$comment_template->set_var('notification', '<p><input type="checkbox"' . ' name="notify"' . $checked . '>' . $LANG03[36] . '</p>');
}
$comment_template->set_var('end_block', COM_endBlock());
$comment_template->parse('output', 'form');
$retval .= $comment_template->finish($comment_template->get_var('output'));
}
}
return $retval;
}
/**
* Provide a form to edit a new or existing ad.
* @param array $A Array of ad data for edit form
* @param string $mode Edit mode
* @param boolean $admin True for administrator edit, false for normal
* @return string HTML for ad edit form
*/
function adEdit($A, $mode = 'edit', $admin = false)
{
global $_TABLES, $LANG_ADVT, $_CONF, $_CONF_ADVT, $LANG_ADMIN, $_USER, $LANG_ACCESS, $_GROUPS, $LANG12, $LANG24, $MESSAGE, $LANG_postmodes;
USES_classifieds_class_adtype();
// Determine if this user is an admin. Deprecates the $admin parameter.
$admin = SEC_hasRights($_CONF_ADVT['pi_name'] . '.admin') ? 1 : 0;
// only valid users allowed
if (COM_isAnonUser() || $_CONF_ADVT['usercanedit'] == 0 && !$admin) {
return CLASSIFIEDS_errorMsg($LANG_ADVT['no_permission'], 'alert', $LANG_ADVT['access_denied']);
}
// We know that we need to have categories, so make sure some exist
// before even trying to display the form. The category dropdown is
// created later since it needs the existing cat_id, if any.
if (DB_count($_TABLES['ad_category']) < 1) {
return CLASSIFIEDS_errorMsg($LANG_ADVT['no_categories'], 'info');
}
$time = time();
// used to compare now with expiration date
if ($admin) {
$T = new Template(CLASSIFIEDS_PI_PATH . '/templates/admin');
$T->set_file('adedit', "adminedit.thtml");
$action_url = CLASSIFIEDS_ADMIN_URL . '/index.php';
} else {
$T = new Template(CLASSIFIEDS_PI_PATH . '/templates');
$T->set_file('adedit', "submitform.thtml");
$action_url = CLASSIFIEDS_URL . '/index.php';
}
// Set up the wysiwyg editor, if available
switch (PLG_getEditorType()) {
case 'ckeditor':
$T->set_var('show_htmleditor', true);
PLG_requestEditor('classifieds', 'classifieds_entry', 'ckeditor_classifieds.thtml');
PLG_templateSetVars('classifieds_entry', $T);
break;
case 'tinymce':
$T->set_var('show_htmleditor', true);
PLG_requestEditor('classifieds', 'classifieds_entry', 'tinymce_classifieds.thtml');
PLG_templateSetVars('classifieds_entry', $T);
break;
default:
// don't support others right now
$T->set_var('show_htmleditor', false);
break;
}
switch ($mode) {
case 'editsubmission':
case 'moderate':
$savemode = 'savesubmission';
$delete_img = 'delsubimg';
$delete_ad = 'deletesubmission';
$type = 'moderate';
$saveoption = $LANG_ADMIN['moderate'];
$cancel_url = $_CONF['site_admin_url'] . '/moderation.php';
break;
case 'edit':
$savemode = 'savesubmission';
$delete_img = 'delsubimg';
$delete_ad = 'deletesubmission';
$saveoption = $LANG_ADMIN['save'];
$type = 'submission';
$cancel_url = $action_url;
break;
case 'update_ad':
default:
$savemode = 'update_ad';
$delete_img = 'delete_img';
$delete_ad = 'delete_ad';
$saveoption = $LANG_ADMIN['save'];
$type = '';
$cancel_url = $action_url;
break;
}
// Admins (only) use this form for submissions as well as edits,
// so we need to expect an empty array.
if (empty($A['ad_id'])) {
if (!$admin) {
return CLASSIFIEDS_errorMsg($LANG_ADVT['no_permission'], 'alert', $LANG_ADVT['access_denied']);
}
$A['ad_id'] = COM_makeSid();
$A['subject'] = '';
$A['descript'] = '';
$A['price'] = '';
$A['url'] = '';
$A['exp_date'] = '';
$A['add_date'] = time();
$A['ad_type'] = 0;
$A['perm_owner'] = $_CONF_ADVT['default_permissions'][0];
$A['perm_group'] = $_CONF_ADVT['default_permissions'][1];
$A['perm_members'] = $_CONF_ADVT['default_permissions'][2];
$A['perm_anon'] = $_CONF_ADVT['default_permissions'][3];
$A['uid'] = $_USER['uid'];
if (isset($_REQUEST['cat'])) {
$A['cat_id'] = intval($_REQUEST['cat']);
} else {
$A['cat_id'] = 0;
}
$catsql = "SELECT cat_id,perm_anon,keywords\n FROM {$_TABLES['ad_category']} ";
if ($A['cat_id'] > 0) {
$catsql .= "WHERE cat_id = {$A['cat_id']} ";
} else {
$catsql .= "ORDER BY cat_name ASC ";
}
$catsql .= "LIMIT 1";
$r = DB_query($catsql, 1);
if ($r && DB_numRows($r) > 0) {
$row = DB_fetchArray($r, false);
$A['cat_id'] = $row['cat_id'];
$A['keywords'] = trim($row['keywords']);
} else {
$A['cat_id'] = 0;
$A['keywords'] = '';
}
$A['owner_id'] = $_USER['uid'];
// Set ad owner to current user for new ads
$A['group_id'] = isset($_GROUPS['classifieds Admin']) ? $_GROUPS['classifieds Admin'] : SEC_getFeatureGroup('classifieds.edit');
$A['exp_sent'] = 0;
// set expiration & duration info for a new ad
$T->set_var('expiration_date', $LANG_ADVT['runfor']);
// "run for: X days"
$comments_enabled = $_CONF_ADVT['commentsupport'] == 1 ? 0 : 1;
$T->set_var("sel_{$comments_enabled}", 'selected');
if ($_CONF_ADVT['purchase_enabled']) {
USES_classifieds_class_userinfo();
$User = new adUserInfo();
$T->set_var('days', min($_CONF_ADVT['default_duration'], $User->getMaxDays()));
} else {
$T->set_var('days', $_CONF_ADVT['default_duration']);
}
$photocount = 0;
// No photos yet with a new ad
} else {
// This is an existing ad with values already in $A
$T->set_var('expiration_date', $LANG_ADVT['expiration']);
$T->set_var('days', '0');
// Disable the perm_anon checkbox if it's disabled by the category.
if (!$admin && DB_getItem($_TABLES['ad_category'], 'perm_anon', "cat_id='{$A['cat_id']}'") == '0') {
$T->set_var('vis_disabled', 'disabled');
}
// get the photo information
$sql = "SELECT photo_id, filename \n FROM {$_TABLES['ad_photo']} \n WHERE ad_id='{$A['ad_id']}'";
$photo = DB_query($sql, 1);
// save the count of photos for later use
if ($photo) {
$photocount = DB_numRows($photo);
} else {
$photocount = 0;
}
$comments_enabled = (int) $A['comments_enabled'];
$T->set_var("sel_{$comments_enabled}", 'selected');
}
// Get the max image size in MB and set the message
$img_max = $_CONF['max_image_size'] / 1048576;
// Show in MB
// Sanitize entries from the database
$A['subject'] = htmlspecialchars($A['subject']);
$A['descript'] = htmlspecialchars($A['descript']);
$A['keywords'] = htmlspecialchars($A['keywords']);
$A['price'] = htmlspecialchars($A['price']);
$A['url'] = htmlspecialchars($A['url']);
$A['ad_type'] = (int) $A['ad_type'];
// set expiration & duration based on existing info
if ($A['exp_date'] == '') {
$T->set_var('row_exp_date', '');
} else {
if ($A['exp_date'] < $time) {
$T->set_var('already_expired', $LANG_ADVT['already_expired']);
} else {
$T->set_var('row_exp_date', date("d M Y", $A['exp_date']));
}
}
$T->set_var(array('post_options' => $post_options, 'change_editormode' => 'onchange="change_editmode(this);"', 'glfusionStyleBasePath' => $_CONF['site_url'] . '/fckeditor', 'gltoken_name' => CSRF_TOKEN, 'gltoken' => SEC_createToken(), 'has_delbtn' => 'true', 'txt_photo' => "{$LANG_ADVT['photo']}<br />" . sprintf($LANG_ADVT['image_max'], $img_max), 'type' => $type, 'action_url' => $action_url, 'max_file_size' => $_CONF['max_image_size'], 'row_cat_id' => $A['cat_id'], 'row_ad_id' => $A['ad_id'], 'row_subject' => $A['subject'], 'row_descript' => $A['descript'], 'row_price' => $A['price'], 'row_url' => $A['url'], 'keywords' => $A['keywords'], 'exp_date' => $A['exp_date'], 'add_date' => $A['add_date'], 'ad_type_selection' => AdType::makeSelection($A['ad_type']), 'sel_list_catid' => CLASSIFIEDS_buildCatSelection($A['cat_id']), 'saveoption' => $saveoption, 'cancel_url' => $cancel_url));
// set expiration & duration based on existing info
if ($A['exp_date'] == '') {
$T->set_var('row_exp_date', '');
} else {
if ($A['exp_date'] < $time) {
$T->set_var('already_expired', $LANG_ADVT['already_expired']);
} else {
$T->set_var('row_exp_date', date("d M Y", $A['exp_date']));
}
}
// Set up permission editor on the admin template if needed.
// Otherwise, set hidden values with existing permissions
if ($admin) {
// Set up owner selection
$T->set_var(array('ownerselect' => CLASSIFIEDS_userDropdown($A['owner_id']), 'permissions_editor' => SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']), 'group_dropdown' => SEC_getGroupDropdown($A['group_id'], 3)));
} else {
$ownername = COM_getDisplayName($A['owner_id']);
$T->set_var(array('owner_id' => $A['owner_id'], 'ownername' => $ownername, 'perm_owner' => $A['perm_owner'], 'perm_group' => $A['perm_group'], 'perm_members' => $A['perm_members'], 'perm_anon' => $A['perm_anon'], 'group_id' => $A['group_id']));
if ($A['perm_anon'] == 2) {
$T->set_var('perm_anon_chk', 'checked');
}
}
// Set up the photo fields. Use $photocount defined above.
// If there are photos, read the $photo result. Otherwise,
// or if this is a new ad, just clear the photo area
$T->set_block('adedit', 'PhotoRow', 'PRow');
$i = 0;
if ($photocount > 0) {
while ($prow = DB_fetchArray($photo, false)) {
$i++;
$T->set_var(array('img_url' => LGLIB_ImageUrl(CLASSIFIEDS_IMGPATH . '/' . $prow['filename'], $_CONF_ADVT['img_max_width'], $_CONF_ADVT['img_max_height']), 'thumb_url' => LGLIB_ImageUrl(CLASSIFIEDS_IMGPATH . '/' . $prow['filename'], $_CONF_ADVT['thumb_max_size'], $_CONF_ADVT['thumb_max_size']), 'seq_no' => $i, 'ad_id' => $A['ad_id'], 'del_img_url' => $action_url . "?mode={$delete_img}&mid={$prow['photo_id']}" . "&id={$A['ad_id']}"));
$T->parse('PRow', 'PhotoRow', true);
}
} else {
$T->parse('PRow', '');
}
// add upload fields for unused images
$T->set_block('adedit', 'UploadFld', 'UFLD');
for ($j = $i; $j < $_CONF_ADVT['imagecount']; $j++) {
$T->parse('UFLD', 'UploadFld', true);
}
$T->parse('output', 'adedit');
return $T->finish($T->get_var('output'));
}
/**
* Shows the user registration form
*
* @param int $msg message number to show
* @param string $referrer page to send user to after registration
* @return string HTML for user registration page
*/
function newuserform($msg = '')
{
global $_CONF, $LANG04;
$retval = '';
if (!empty($msg)) {
$retval .= COM_showMessageText($msg, $LANG04[21]);
}
$user_templates = COM_newTemplate($_CONF['path_layout'] . 'users');
$user_templates->set_file('regform', 'registrationform.thtml');
$user_templates->set_var('start_block', COM_startBlock($LANG04[22]));
$user_templates->set_var('lang_instructions', $LANG04[23]);
$user_templates->set_var('lang_username', $LANG04[2]);
$user_templates->set_var('lang_email', $LANG04[5]);
$user_templates->set_var('lang_email_conf', $LANG04[124]);
$user_templates->set_var('lang_warning', $LANG04[24]);
$user_templates->set_var('lang_register', $LANG04[27]);
PLG_templateSetVars('registration', $user_templates);
$user_templates->set_var('end_block', COM_endBlock());
$username = '';
if (!empty($_POST['username'])) {
$username = COM_applyFilter($_POST['username']);
}
$user_templates->set_var('username', $username);
$email = '';
if (!empty($_POST['email'])) {
$email = COM_applyFilter($_POST['email']);
}
$user_templates->set_var('email', $email);
$email_conf = '';
if (!empty($_POST['email_conf'])) {
$email_conf = COM_applyFilter($_POST['email_conf']);
}
$user_templates->set_var('email_conf', $email_conf);
$user_templates->parse('output', 'regform');
$retval .= $user_templates->finish($user_templates->get_var('output'));
return $retval;
}
/**
* Shows the story submission form
*
*/
function submitstory($topic = '')
{
global $_CONF, $_TABLES, $_USER, $LANG12, $LANG24, $REMOTE_ADDR;
$retval = '';
$story = new Story();
if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
// preview
$story->loadSubmission();
$retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
$retval .= '<div style="border-bottom:1px solid #cccccc"></div>';
} else {
$story->initSubmission($topic);
$story->loadSubmission();
}
if ($_CONF['story_submit_by_perm_only']) {
$topicList = COM_topicList('tid,topic', $story->EditElements('tid'), 1, false, 3);
} else {
$topicList = COM_topicList('tid,topic', $story->EditElements('tid'));
}
// no topics
if ($topicList == '') {
$retval = COM_showMessageText($LANG24[66], '', 1, 'error');
return $retval;
}
$retval .= COM_startBlock($LANG12[6]);
$storyform = new Template($_CONF['path_layout'] . 'submit');
$storyform->set_file('storyform', 'submitstory.thtml');
if ($story->EditElements('postmode') == 'html') {
$storyform->set_var('show_htmleditor', true);
} else {
$storyform->unset_var('show_htmleditor');
}
$storyform->set_var('site_admin_url', $_CONF['site_admin_url']);
$storyform->set_var('lang_username', $LANG12[27]);
if (!COM_isAnonUser()) {
$storyform->set_var('story_username', $_USER['username']);
$storyform->set_var('author', COM_getDisplayName());
$storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
$storyform->set_var('lang_loginout', $LANG12[34]);
} else {
$storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
$storyform->set_var('lang_loginout', $LANG12[2]);
if (!$_CONF['disable_new_user_registration']) {
$storyform->set_var('separator', ' | ');
$storyform->set_var('seperator', ' | ');
$storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => "nofollow")));
}
}
$storyform->set_var('lang_title', $LANG12[10]);
$storyform->set_var('story_title', $story->EditElements('title'));
$storyform->set_var('lang_topic', $LANG12[28]);
$storyform->set_var('story_topic_options', $topicList);
/*
if ( $_CONF['story_submit_by_perm_only'] ) {
$storyform->set_var('story_topic_options', COM_topicList('tid,topic',$story->EditElements('tid'),1,false,3));
} else {
$storyform->set_var('story_topic_options', COM_topicList('tid,topic',$story->EditElements('tid')));
}
*/
$storyform->set_var('lang_story', $LANG12[29]);
$storyform->set_var('lang_introtext', $LANG12[54]);
$storyform->set_var('lang_bodytext', $LANG12[55]);
$storyform->set_var('story_introtext', $story->EditElements('introtext'));
$storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
$storyform->set_var('lang_postmode', $LANG12[36]);
$storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $story->EditElements('postmode')));
$storyform->set_var('postmode', $story->EditElements('postmode'));
$storyform->set_var('allowed_html', COM_allowedHTML(SEC_getUserPermissions(), false, 'glfusion', 'story') . '<br/>' . COM_allowedAutotags(SEC_getUserPermissions(), false, 'glfusion', 'story'));
$storyform->set_var('story_uid', $story->EditElements('uid'));
$storyform->set_var('story_sid', $story->EditElements('sid'));
$storyform->set_var('story_date', $story->EditElements('unixdate'));
PLG_templateSetVars('story', $storyform);
if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
$storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
}
$storyform->set_var('lang_preview', $LANG12[32]);
$storyform->parse('theform', 'storyform');
$retval .= $storyform->finish($storyform->get_var('theform'));
$retval .= COM_endBlock();
$urlfor = 'advancededitor';
if (COM_isAnonUser()) {
$urlfor = 'advancededitor' . md5($REMOTE_ADDR);
}
$rc = @setcookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral($urlfor), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
return $retval;
}
/**
* Display form to email a story to someone.
*
* @param string $sid ID of article to email
* @param bool $cc Whether to send a copy of the message to the author
* @param string $to name of person / friend to email
* @param string $toemail friend's email address
* @param string $from name of person sending the email
* @param string $fromemail sender's email address
* @param string $shortmsg short intro text to send with the story
* @param string $msg Error message code
* @return string HTML for email story form
*
*/
function mailstoryform($sid, $cc = false, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG08;
require_once $_CONF['path_system'] . 'lib-story.php';
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
$retval .= SEC_loginRequiredForm();
return $retval;
}
$story = new Story();
$result = $story->loadFromDatabase($sid, 'view');
if ($result != STORY_LOADED_OK) {
COM_redirect($_CONF['site_url'] . '/index.php');
}
if ($msg > 0) {
$retval .= COM_showMessage($msg);
}
if (empty($from) && empty($fromemail)) {
if (!COM_isAnonUser()) {
$from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
$fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
}
}
$cc = $cc ? ' checked="checked"' : '';
$mail_template = COM_newTemplate($_CONF['path_layout'] . 'profiles');
$mail_template->set_file('form', 'contactauthorform.thtml');
$mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
$mail_template->set_var('lang_title', $LANG08[31]);
$mail_template->set_var('story_title', $story->displayElements('title'));
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
$mail_template->set_var('story_url', $url);
$link = COM_createLink($story->displayElements('title'), $url);
$mail_template->set_var('story_link', $link);
$mail_template->set_var('lang_fromname', $LANG08[20]);
$mail_template->set_var('name', $from);
$mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
$mail_template->set_var('email', $fromemail);
$mail_template->set_var('lang_toname', $LANG08[18]);
$mail_template->set_var('toname', $to);
$mail_template->set_var('lang_toemailaddress', $LANG08[19]);
$mail_template->set_var('toemail', $toemail);
if (!$_CONF['mail_cc_enabled']) {
$mail_template->set_var('cc_enabled', ' style="display: none"');
} else {
$mail_template->set_var('cc', $cc);
$mail_template->set_var('lang_cc', $LANG08[36]);
$mail_template->set_var('lang_cc_description', $LANG08[37]);
}
$mail_template->set_var('lang_shortmessage', $LANG08[27]);
$mail_template->set_var('shortmsg', htmlspecialchars($shortmsg));
$mail_template->set_var('lang_warning', $LANG08[22]);
$mail_template->set_var('lang_sendmessage', $LANG08[16]);
$mail_template->set_var('story_id', $sid);
$mail_template->set_var('end_block', COM_endBlock());
PLG_templateSetVars('emailstory', $mail_template);
$mail_template->parse('output', 'form');
$retval .= $mail_template->finish($mail_template->get_var('output'));
return $retval;
}
function albumThumbnail()
{
global $_CONF, $_MG_CONF, $_MG_USERPREFS, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01, $LANG_MG03, $MG_albums;
if ($this->media_count > 0) {
if ($this->cover_filename != '' && $this->cover_filename != '0') {
$media_size = false;
foreach ($_MG_CONF['validExtensions'] as $ext) {
if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $this->cover_filename[0] . '/' . $this->cover_filename . $ext)) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/tn/' . $this->cover_filename[0] . '/' . $this->cover_filename . $ext;
$mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'tn/' . $this->cover_filename[0] . '/' . $this->cover_filename . $ext);
break;
}
}
$album_last_update = MG_getUserDateTimeFormat($this->last_update);
if ($mediasize == false) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
$mediasize = array($this->tnWidth, $this->tnHeight);
}
} else {
$filename = $this->findCover();
if ($filename == '' || $filename == NULL || $filename == " ") {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
$mediasize = array($this->tnWidth, $this->tnHeight);
} else {
$mediasize = false;
foreach ($_MG_CONF['validExtensions'] as $ext) {
if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $filename[0] . '/' . $filename . $ext)) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/tn/' . $filename[0] . '/' . $filename . $ext;
$mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'tn/' . $filename[0] . '/' . $filename . $ext);
break;
}
}
if ($mediasize == false) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
$mediasize = array($this->tnWidth, $this->tnHeight);
//@getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
}
}
}
$album_media_count = $this->media_count;
if ($this->last_update > 0) {
$album_last_update = MG_getUserDateTimeFormat($this->last_update);
$lang_updated = $_MG_CONF['dfid'] == '99' ? '' : $LANG_MG03['updated_prompt'];
} else {
$album_last_update[0] = '';
$lang_updated = '';
}
$lang_updated = $_MG_CONF['dfid'] == '99' ? '' : $LANG_MG03['updated_prompt'];
if (!COM_isAnonUser()) {
$lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '" . (int) $_USER['uid'] . "'");
if ($this->last_update > $lastlogin) {
$album_last_update[0] = '<font color="red">' . $album_last_update[0] . '</font>';
}
}
} else {
// nothing in the album yet...
$filename = $this->findCover();
if ($filename == '') {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
$mediasize = array($this->tnWidth, $this->tnHeight);
} else {
$mediasize = false;
foreach ($_MG_CONF['validExtensions'] as $ext) {
if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $filename[0] . '/' . $filename . $ext)) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/tn/' . $filename[0] . '/' . $filename . $ext;
$mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'tn/' . $filename[0] . '/' . $filename . $ext);
break;
}
}
if ($mediasize == false) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
$mediasize = array($this->tnWidth, $this->tnHeight);
// @getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
}
}
$album_last_update[0] = '';
$lang_updated = '';
}
if ($this->tn_attached == 1) {
$mediasize = false;
foreach ($_MG_CONF['validExtensions'] as $ext) {
if (file_exists($_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $this->id . $ext)) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/covers/cover_' . $this->id . $ext;
$mediasize = @getimagesize($_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $this->id . $ext);
break;
}
}
if ($mediasize == false) {
$album_last_image = $_MG_CONF['mediaobjects_url'] . '/placeholder.svg';
$mediasize = array($this->tnWidth, $this->tnHeight);
//@getimagesize($_MG_CONF['path_mediaobjects'] . 'missing.png');
}
}
$subalbums = count($this->children);
$total_images_subalbums = $this->getMediaCount();
if (isset($_MG_USERPREFS['tn_size']) && $_MG_USERPREFS['tn_size'] != -1) {
$tn_size = $_MG_USERPREFS['tn_size'];
} else {
$tn_size = $MG_albums[$this->parent]->tn_size;
}
switch ($tn_size) {
case '0':
//small
$tn_height = 100;
$tn_width = 100;
break;
case '1':
//medium
$tn_height = 150;
$tn_width = 150;
break;
case '2':
$tn_height = 200;
$tn_width = 200;
break;
case '3':
case '4':
$tn_height = $MG_albums[$this->parent]->tnHeight;
$tn_width = $MG_albums[$this->parent]->tnWidth;
if ($tn_height == 0) {
$tn_height = 200;
}
if ($tn_width == 0) {
$tn_width = 200;
}
break;
default:
$tn_height = 200;
$tn_width = 200;
break;
}
if ($mediasize[0] > $mediasize[1]) {
$ratio = $mediasize[0] / $tn_height;
$newwidth = $tn_height;
$newheight = round($mediasize[1] / $ratio);
} else {
$ratio = $mediasize[1] / $tn_height;
$newheight = $tn_height;
$newwidth = round($mediasize[0] / $ratio);
}
$F = new Template($_MG_CONF['template_path']);
$F->set_var('media_frame', $MG_albums[$this->parent]->albumFrameTemplate);
$F->set_var(array('border_width' => $newwidth + 20, 'border_height' => $newheight + 20, 'media_link_start' => '<a href="' . $_MG_CONF['site_url'] . '/album.php?aid=' . $this->id . '&page=1' . '">', 'media_link_end' => '</a>', 'url_media_item' => $_MG_CONF['site_url'] . '/album.php?aid=' . $this->id . '&page=1', 'media_thumbnail' => $album_last_image, 'media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"', 'media_height' => $newheight, 'media_width' => $newwidth, 'media_tag' => $this->title, 'frWidth' => $newwidth - $MG_albums[$this->parent]->afrWidth, 'frHeight' => $newheight - $MG_albums[$this->parent]->afrHeight));
$F->parse('media', 'media_frame');
$media_item_thumbnail = $F->finish($F->get_var('media'));
$C = new Template(MG_getTemplatePath($this->parent));
if ($this->parent != 0 && $MG_albums[$this->parent]->display_columns == 1) {
$C->set_file('cell', 'album_page_body_album_cell_1.thtml');
} else {
$C->set_file('cell', 'album_page_body_album_cell.thtml');
}
$C->set_var(array('media_item_thumbnail' => $media_item_thumbnail, 'media_item_thumbnail_raw' => $album_last_image, 'u_viewalbum' => $_MG_CONF['site_url'] . '/album.php?aid=' . $this->id . '&page=1', 'album_last_image' => $album_last_image, 'album_title' => $this->title, 'album_media_count' => $this->media_count, 'subalbum_media_count' => $total_images_subalbums, 'album_desc' => PLG_replaceTags($this->description, 'mediagallery', 'album_description'), 'album_last_update' => $album_last_update[0], 'img_height' => $newheight, 'img_width' => $newwidth, 's_media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"', 'border_width' => $newwidth + 20, 'border_height' => $newheight + 20, 'row_height' => $tn_height + 40, 'updated' => $lang_updated, 'lang_album' => $LANG_MG00['album'], 'lang_views' => $LANG_MG03['views'], 'views' => $this->views));
if ($this->enable_album_views) {
$C->set_var(array('lang_views' => $LANG_MG03['views'], 'views' => $this->views));
} else {
$C->set_var(array('lang_views' => '', 'views' => ''));
}
if ($subalbums > 0) {
$C->set_var(array('subalbumcount' => '(' . $subalbums . ')', 'lang_subalbums' => $LANG_MG01['subalbums']));
} else {
$C->set_var(array('subalbumcount' => '', 'lang_subalbums' => ''));
}
PLG_templateSetVars('mediagallery', $C);
$C->parse('output', 'cell');
$celldisplay = $C->finish($C->get_var('output'));
return $celldisplay;
}
public function displayThumb($opt = array())
{
global $_USER, $_CONF, $_MG_CONF, $_TABLES, $LANG_MG03, $LANG_MG01;
$sortOrder = isset($opt['sortorder']) ? $opt['sortorder'] : 0;
$searchmode = isset($opt['searchmode']) ? $opt['searchmode'] : 0;
$album = isset($opt['album_id']) ? $opt['album_id'] : NULL;
$mode = isset($opt['imageonly']) ? $opt['imageonly'] : 0;
// $mode = 1 return image only
if ($album === NULL) {
$album = new mgAlbum($this->album_id);
}
$type = $this->type;
$_MG_USERPREFS = MG_getUserPrefs();
// $type == 1 video
// $type == 2 audio
if (($type == 1 || $type == 2 || $type == 5) && ($album->playback_type == 0 || $album->playback_type == 1) && $_MG_CONF['popup_from_album'] == 1) {
if ($album->playback_type == 0) {
if ($type == 2) {
// determine what type of player we will use (WMP, QT or Flash)
$player = $_MG_CONF['mp3_player'];
if (isset($_MG_USERPREFS['mp3_player']) && $_MG_USERPREFS['mp3_player'] != -1) {
$player = $_MG_USERPREFS['mp3_player'];
}
switch ($player) {
case 0:
// WMP
$new_y = 260;
$new_x = 340;
break;
case 1:
// QT
$new_y = 25;
$new_x = 350;
break;
case 2:
$new_y = 360;
$new_x = 580;
break;
}
if ($this->mime_type == 'audio/mpeg') {
$new_y = 360;
$new_x = 580;
}
if ($this->tn_attached == 1 && $player != 2) {
$tnsize = $this->media_size;
$new_y += $tnsize[0];
if ($tnsize[1] > $new_x) {
$new_x = $tnsize[1];
}
}
if ($album->playback_type == 0) {
$url_display_item = self::getHref_showvideo($this->id, $new_y, $new_x);
} else {
$url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
}
$resolution_x = $new_x;
$resolution_y = $new_y;
} else {
// must be a video...
$playback_options['height'] = $_MG_CONF['swf_height'];
$playback_options['width'] = $_MG_CONF['swf_width'];
$poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} " . "WHERE media_id='" . addslashes($this->id) . "'");
while ($poRow = DB_fetchArray($poResult)) {
$playback_options[$poRow['option_name']] = $poRow['option_value'];
}
if ($this->resolution_x > 0) {
$resolution_x = $this->resolution_x;
$resolution_y = $this->resolution_y;
} else {
if ($this->resolution_x == 0 && $this->remote_media != 1) {
$filepath = self::getFilePath('orig', $this->filename, $this->mime_ext);
$size = @filesize($filepath);
// skip files over 8M in size..
if ($size < 8388608) {
list($resolution_x, $resolution_y) = self::getResolutionID3($filepath);
}
} else {
$resolution_x = $this->resolution_x;
$resolution_y = $this->resolution_y;
}
}
$resolution_x = $playback_options['width'];
$resolution_y = $playback_options['height'];
if ($resolution_x < 1 || $resolution_y < 1) {
$resolution_x = 480;
$resolution_y = 320;
} else {
$resolution_x = $resolution_x + 40;
$resolution_y = $resolution_y + 40;
}
if ($this->mime_type == 'video/x-flv' && $_MG_CONF['use_flowplayer'] != 1) {
$resolution_x = $resolution_x + 60;
if ($resolution_x < 590) {
$resolution_x = 590;
}
$resolution_y = $resolution_y + 80;
if ($resolution_y < 500) {
$resolution_y = 500;
}
}
if ($type == 5) {
$resolution_x = 460;
$resolution_y = 380;
}
$url_display_item = self::getHref_showvideo($this->id, $resolution_y, $resolution_x);
}
} else {
$url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
}
} else {
if ($album->useAlternate == 1 && $type != 5 && !empty($this->remote_url)) {
$url_display_item = $this->remote_url;
} else {
$url_display_item = $_MG_CONF['site_url'] . '/media.php?f=0' . '&sort=' . $sortOrder . '&s=' . $this->id;
}
}
$url_media_item = $url_display_item;
// -- decide what thumbnail size to use, small, medium, large...
if (isset($_MG_USERPREFS['tn_size']) && $_MG_USERPREFS['tn_size'] != -1) {
$tn_size = $_MG_USERPREFS['tn_size'];
} else {
if ($searchmode == 1) {
$tn_size = $_MG_CONF['search_tn_size'];
} else {
$tn_size = $album->tn_size;
}
}
list($tn_width, $tn_height) = self::getTNSize($tn_size, $album->tnWidth, $album->tnHeight);
list($newwidth, $newheight) = self::getImageWH($this->media_size[0], $this->media_size[1], $tn_width, $tn_height);
if (!isset($resolution_x)) {
$resolution_x = $newwidth;
}
if (!isset($resolution_y)) {
$resolution_y = $newheight;
}
$username = '******';
if ($this->owner_id != '' && $this->owner_id > 1) {
$username = DB_getItem($_TABLES['users'], 'username', "uid=" . intval($this->owner_id));
}
$filepath = self::getFilePath('orig', $this->filename, $this->mime_ext);
$fs_bytes = @filesize($filepath);
$fileSize = MG_getSize($fs_bytes);
$direct_url = self::getFileUrl('disp', $this->filename, $this->mime_ext);
$direct_path = self::getFilePath('disp', $this->filename, $this->mime_ext);
if (!file_exists($direct_path)) {
$direct_url = self::getFileUrl('disp', $this->filename, 'jpg');
}
$edit_item = '';
if ($album->access == 3) {
$edit_item = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=mediaedit&s=1&album_id=' . $this->album_id . '&mid=' . $this->id . '">' . $LANG_MG01['edit'] . '</a>';
}
// build the small rating bar
$rating_box = '';
if ($album->enable_rating > 0) {
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-rating.php';
$starSize = $_MG_CONF['use_large_stars'] == 1 ? '' : 'sm';
$rating_box = MG_getRatingBar($album->enable_rating, $this->owner_id, $this->id, $this->votes, $this->rating, $starSize);
}
$hrefdirect = '';
if ($this->type == 0) {
// standard image
if ($this->remote == 1) {
$hrefdirect = $this->remote_url;
} else {
$hrefdirect = $direct_url;
}
}
$caption = PLG_replaceTags(str_replace('$', '$', $this->title));
if ($searchmode == 1) {
$templatePath = MG_getTemplatePath_byName($_MG_CONF['search_album_skin']);
} else {
$templatePath = MG_getTemplatePath($this->album_id);
}
$L = COM_newTemplate($templatePath);
$L->set_file('media_link', 'medialink.thtml');
$L->set_var(array('hrefdirect' => $hrefdirect, 'href' => $url_media_item, 'caption' => $caption, 'id' => 'id' . rand()));
$media_start_link = $L->finish($L->parse('media_link_start', 'media_link'));
if ($searchmode == 1) {
$skin = $_MG_CONF['search_frame_skin'];
$info = array('media_type' => $this->type, 'mime_type' => $this->mime_type, 'media_filename' => $this->filename, 'media_mime_ext' => $this->mime_ext, 'remote_media' => $this->remote_url, 'media_tn_attached' => $this->tn_attached);
list($media_thumbnail, $media_thumbnail_file, $media_size) = self::getThumbInfo($info, $tn_size);
} else {
$skin = $album->image_skin;
$media_thumbnail = $this->media_thumbnail;
}
$media_item_thumbnail = MG_getFramedImage($skin, $this->title, $url_media_item, $media_thumbnail, $newwidth, $newheight, $media_start_link);
if ($mode == 1) {
return $media_item_thumbnail;
}
$edit_link = '';
if (($type == 1 || $type == 2 || $type == 5) && ($album->playback_type == 0 || $album->playback_type == 1) && $_MG_CONF['popup_from_album'] == 1) {
// check to see if comments and rating are enabled, if not, put a link to edit...
if ($album->access == 3) {
$edit_link = '<br' . XHTML . '><a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=mediaedit&s=1&album_id=' . $this->album_id . '&mid=' . $this->id . '">' . $LANG_MG01['edit'] . '</a>';
}
}
if ($_MG_CONF['use_upload_time'] == 1) {
$media_time = MG_getUserDateTimeFormat($this->upload_time);
} else {
$media_time = MG_getUserDateTimeFormat($this->time);
}
$media_title = !empty($this->title) ? PLG_replaceTags($this->title) : '';
$T = COM_newTemplate($templatePath);
$T->set_file(array('media_cell_image' => 'album_page_media_cell.thtml', 'mp3_podcast' => 'mp3_podcast.thtml'));
if ($this->mime_type == 'audio/mpeg' && $album->mp3ribbon) {
$T->set_var(array('mp3_file' => self::getFileUrl('orig', $this->filename, $this->mime_ext), 'site_url' => $_MG_CONF['site_url'], 'id' => $this->mime_ext . rand()));
$T->parse('mp3_podcast', 'mp3_podcast');
} else {
$T->set_var('mp3_podcast', '');
}
$T->set_var(array('edit_link' => $edit_link, 'play_now' => '', 'download_now' => $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id, 'play_in_popup' => self::getHref_showvideo($this->id, $resolution_y, $resolution_x), 'row_height' => $tn_height, 'media_title' => $media_title, 'media_description' => PLG_replaceTags(nl2br($this->description)), 'media_tag' => strip_tags($this->title), 'media_time' => $media_time[0], 'media_owner' => $username, 'media_item_thumbnail' => $media_item_thumbnail, 'site_url' => $_MG_CONF['site_url'], 'lang_published' => $LANG_MG03['published'], 'lang_on' => $LANG_MG03['on'], 'lang_hyphen' => $this->album == '' ? '' : '-', 'media_link_start' => $media_start_link, 'media_link_end' => '</a>', 'artist' => $this->artist, 'musicalbum' => $this->album != '' ? $this->album : '', 'genre' => $this->genre != '' ? $this->genre : '', 'alt_edit_link' => $edit_item, 'filesize' => $fileSize, 'media_id' => $this->id, 'rating_box' => $rating_box));
if ($album->enable_keywords) {
if (!empty($this->keywords)) {
$kwText = '';
$keyWords = array();
$keyWords = explode(' ', $this->keywords);
$numKeyWords = count($keyWords);
for ($i = 0; $i < $numKeyWords; $i++) {
$keyWords[$i] = str_replace('"', ' ', $keyWords[$i]);
$searchKeyword = $keyWords[$i];
$keyWords[$i] = str_replace('_', ' ', $keyWords[$i]);
$kwText .= '<a href="' . $_MG_CONF['site_url'] . '/search.php?mode=search&swhere=1&keywords=' . $searchKeyword . '&keyType=any">' . $keyWords[$i] . '</a>';
}
$T->set_var(array('enable_keywords' => 1, 'media_keywords' => $kwText, 'lang_keywords' => $LANG_MG01['keywords']));
} else {
$T->set_var('lang_keywords', '');
}
} else {
$T->set_var(array('enable_keywords' => '', 'lang_keywords' => ''));
}
if ($album->enable_comments) {
$link = '<a href="' . $_MG_CONF['site_url'] . '/media.php?f=0' . '&sort=' . $sortOrder . '&s=' . $this->id . '">' . $LANG_MG03['comments'] . '</a>';
$cmtLink = $LANG_MG03['comments'];
$cmtLink_alt = $link;
if ($type == 4 || $type == 1 && $album->playback_type != 2 || $type == 2 && $album->playback_type != 2 || $type == 5 && $album->playback_type != 2) {
$cmtLink = $link;
$cmtLink_alt = '';
}
$T->set_var(array('media_comments_count' => $this->comments, 'lang_comments' => $cmtLink, 'lang_comments_hot' => $cmtLink_alt));
$T->set_var('media_comments', $album->enable_comments);
}
if ($album->enable_views) {
$T->set_var(array('media_views_count' => $this->views, 'lang_views' => $LANG_MG03['views']));
$T->set_var('media_views', $album->enable_views);
}
PLG_templateSetVars('mediagallery', $T);
return $T->finish($T->parse('media_cell', 'media_cell_image'));
}
/**
* Displays the static page form
*
* @param array $A Data to display
* @param string $error Error message to display
*
*/
function PAGE_form($A, $error = false)
{
global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $action, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24, $LANG_postmodes, $MESSAGE;
USES_lib_admin();
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/staticpages/index.php', 'text' => $LANG_STATIC['page_list']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$template_path = staticpages_templatePath('admin');
if (!empty($sp_id) && ($action == 'edit' || $action == 'clone')) {
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
} else {
$A['owner_id'] = $_USER['uid'];
if (isset($_GROUPS['staticpages Admin'])) {
$A['group_id'] = $_GROUPS['staticpages Admin'];
} else {
$A['group_id'] = SEC_getFeatureGroup('staticpages.edit');
}
SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']);
$access = 3;
}
$retval = '';
if (empty($A['owner_id'])) {
$error = COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header'));
$error .= $LANG_STATIC['deny_msg'];
$error .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
}
if ($error) {
$retval .= $error . '<br/><br/>';
} else {
$sp_template = new Template($template_path);
$sp_template->set_file('form', 'editor.thtml');
$sp_template->set_var('lang_mode', $LANG24[3]);
$sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode']));
$ownername = COM_getDisplayName($A['owner_id']);
$sp_template->set_var(array('sp_search_checked' => $A['sp_search'] == 1 ? ' checked="checked"' : '', 'sp_status_checked' => $A['sp_status'] == 1 ? ' checked="checked"' : '', 'lang_accessrights' => $LANG_ACCESS['accessrights'], 'lang_owner' => $LANG_ACCESS['owner'], 'owner_username' => DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"), 'owner_name' => $ownername, 'owner' => $ownername, 'owner_id' => $A['owner_id'], 'lang_group' => $LANG_ACCESS['group'], 'group_dropdown' => SEC_getGroupDropdown($A['group_id'], $access), 'permissions_editor' => SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']), 'lang_permissions' => $LANG_ACCESS['permissions'], 'lang_perm_key' => $LANG_ACCESS['permissionskey'], 'permissions_msg' => $LANG_ACCESS['permmsg'], 'start_block_editor' => COM_startBlock($LANG_STATIC['staticpages'] . ' :: ' . $LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header')), 'lang_save' => $LANG_ADMIN['save'], 'lang_cancel' => $LANG_ADMIN['cancel'], 'lang_preview' => $LANG_ADMIN['preview'], 'lang_editor' => $LANG_STATIC['staticpageeditor'], 'lang_attributes' => $LANG_STATIC['attributes']));
if (SEC_hasRights('staticpages.delete') && $action != 'clone' && !empty($A['sp_old_id'])) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s/>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$sp_template->set_var('delete_button', true);
$sp_template->set_var('lang_delete_confirm', $MESSAGE[76]);
$sp_template->set_var('lang_delete', $LANG_ADMIN['delete']);
$sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
} else {
$sp_template->set_var('delete_option', '');
}
$sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']);
$sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['sp_uid']}"));
$authorname = COM_getDisplayName($A['sp_uid']);
$sp_template->set_var('name', $authorname);
$sp_template->set_var('author', $authorname);
$sp_template->set_var('lang_url', $LANG_STATIC['url']);
$sp_template->set_var('lang_id', $LANG_STATIC['id']);
$sp_template->set_var('sp_uid', $A['sp_uid']);
$sp_template->set_var('sp_id', $A['sp_id']);
$sp_template->set_var('sp_old_id', $A['sp_old_id']);
$sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $A['sp_id']));
$sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']);
$sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']);
$sp_template->set_var('lang_centerblock_include', $LANG21[51]);
$sp_template->set_var('lang_centerblock_desc', $LANG21[52]);
$sp_template->set_var('centerblock_help', $A['sp_help']);
$sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']);
if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) {
$sp_template->set_var('centerblock_checked', 'checked="checked"');
} else {
$sp_template->set_var('centerblock_checked', '');
}
$sp_template->set_var('lang_topic', $LANG_STATIC['topic']);
$sp_template->set_var('lang_position', $LANG_STATIC['position']);
$current_topic = '';
if (isset($A['sp_tid'])) {
$current_topic = $A['sp_tid'];
}
if (empty($current_topic)) {
$current_topic = 'none';
}
$topics = COM_topicList('tid,topic', $current_topic, 1, true);
$alltopics = '<option value="all"';
if ($current_topic == 'all') {
$alltopics .= ' selected="selected"';
}
$alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB;
$allnhp = '<option value="allnhp"';
if ($current_topic == 'allnhp') {
$allnhp .= ' selected="selected"';
}
$allnhp .= '>' . $LANG_STATIC['allnhp_topics'] . '</option>' . LB;
$notopic = '<option value="none"';
if ($current_topic == 'none') {
$notopic .= ' selected="selected"';
}
$notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB;
$sp_template->set_var('topic_selection', '<select name="sp_tid">' . $alltopics . $allnhp . $notopic . $topics . '</select>');
$position = '<select name="sp_where">';
$position .= '<option value="1"';
if ($A['sp_where'] == 1) {
$position .= ' selected="selected"';
}
$position .= '>' . $LANG_STATIC['position_top'] . '</option>';
$position .= '<option value="2"';
if ($A['sp_where'] == 2) {
$position .= ' selected="selected"';
}
$position .= '>' . $LANG_STATIC['position_feat'] . '</option>';
$position .= '<option value="3"';
if ($A['sp_where'] == 3) {
$position .= ' selected="selected"';
}
$position .= '>' . $LANG_STATIC['position_bottom'] . '</option>';
$position .= '<option value="0"';
if ($A['sp_where'] == 0) {
$position .= ' selected="selected"';
}
$position .= '>' . $LANG_STATIC['position_entire'] . '</option>';
$position .= '<option value="4"';
if ($A['sp_where'] == 4) {
$position .= ' selected="selected"';
}
$position .= '>' . $LANG_STATIC['position_nonews'] . '</option>';
$position .= '</select>';
$sp_template->set_var('pos_selection', $position);
if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) {
if (!isset($A['sp_php'])) {
$A['sp_php'] = 0;
}
$selection = '<select name="sp_php">' . LB;
$selection .= '<option value="0"';
if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) {
$selection .= ' selected="selected"';
}
$selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB;
$selection .= '<option value="1"';
if ($A['sp_php'] == 1) {
$selection .= ' selected="selected"';
}
$selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB;
$selection .= '<option value="2"';
if ($A['sp_php'] == 2) {
$selection .= ' selected="selected"';
}
$selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB;
$selection .= '</select>';
$sp_template->set_var('php_selector', $selection);
$sp_template->set_var('php_warn', $LANG_STATIC['php_warn']);
} else {
$sp_template->set_var('php_selector', '');
$sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']);
}
$sp_template->set_var('php_msg', $LANG_STATIC['php_msg']);
// old variables (for the 1.3-type checkbox)
$sp_template->set_var('php_checked', '');
$sp_template->set_var('php_type', 'hidden');
if (isset($A['sp_nf']) && $A['sp_nf'] == 1) {
$sp_template->set_var('exit_checked', 'checked="checked"');
} else {
$sp_template->set_var('exit_checked', '');
}
$sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']);
$sp_template->set_var('exit_info', $LANG_STATIC['exit_info']);
if (isset($A['sp_inblock']) && $A['sp_inblock'] == 1) {
$sp_template->set_var('inblock_checked', 'checked="checked"');
} else {
$sp_template->set_var('inblock_checked', '');
}
$sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']);
$sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']);
$curtime = COM_getUserDateTimeFormat($A['unixdate']);
$sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']);
$sp_template->set_var('sp_formateddate', $curtime[0]);
$sp_template->set_var('sp_date', $curtime[1]);
$sp_template->set_var('lang_title', $LANG_STATIC['title']);
$title = '';
if (isset($A['sp_title'])) {
$title = htmlspecialchars($A['sp_title']);
}
$sp_template->set_var('sp_title', $title);
$sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);
if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) {
$sp_template->set_var('onmenu_checked', 'checked="checked"');
} else {
$sp_template->set_var('onmenu_checked', '');
}
$sp_template->set_var('lang_label', $LANG_STATIC['label']);
if (isset($A['sp_label'])) {
$sp_template->set_var('sp_label', $A['sp_label']);
} else {
$sp_template->set_var('sp_label', '');
}
$sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);
$sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);
$sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);
$sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);
$sp_template->set_var('lang_rightblocks', $LANG_STATIC['rightblocks']);
$sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);
if (!isset($A['sp_format'])) {
$A['sp_format'] = '';
}
if ($A['sp_format'] == 'noblocks') {
$sp_template->set_var('noblock_selected', 'selected="selected"');
} else {
$sp_template->set_var('noblock_selected', '');
}
if ($A['sp_format'] == 'leftblocks') {
$sp_template->set_var('leftblocks_selected', 'selected="selected"');
} else {
$sp_template->set_var('leftblocks_selected', '');
}
if ($A['sp_format'] == 'rightblocks') {
$sp_template->set_var('rightblocks_selected', 'selected="selected"');
} else {
$sp_template->set_var('rightblocks_selected', '');
}
if ($A['sp_format'] == 'blankpage') {
$sp_template->set_var('blankpage_selected', 'selected="selected"');
} else {
$sp_template->set_var('blankpage_selected', '');
}
if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) {
$sp_template->set_var('allblocks_selected', 'selected="selected"');
} else {
$sp_template->set_var('allblocks_selected', '');
}
$sp_template->set_var('lang_content', $LANG_STATIC['content']);
$content = '';
if (isset($A['sp_content'])) {
$content = htmlspecialchars($A['sp_content']);
}
$sp_template->set_var('sp_content', $content);
if ($_SP_CONF['filter_html'] == 1) {
$sp_template->set_var('lang_allowedhtml', COM_allowedHTML(SEC_getUserPermissions(), false, 'staticpages', 'page'));
} else {
$sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']);
}
$sp_template->set_var('lang_hits', $LANG_STATIC['hits']);
if (empty($A['sp_hits'])) {
$sp_template->set_var('sp_hits', '0');
$sp_template->set_var('sp_hits_formatted', '0');
} else {
$sp_template->set_var('sp_hits', $A['sp_hits']);
$sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits']));
}
$sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
$sp_template->set_var('owner_dropdown', COM_buildOwnerList('owner_id', $A['owner_id']));
$sp_template->set_var('writtenby_dropdown', COM_buildOwnerList('sp_uid', $A['sp_uid']));
$sp_template->set_var('gltoken_name', CSRF_TOKEN);
$sp_template->set_var('gltoken', SEC_createToken());
$sp_template->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG_STATIC['instructions_edit'], plugin_geticon_staticpages()));
PLG_templateSetVars('sp_editor', $sp_template);
$retval .= $sp_template->parse('output', 'form');
}
return $retval;
}
/**
* Returns the site footer
*
* This loads the proper templates, does variable substitution and returns the
* HTML for the site footer.
*
* @param boolean $rightblock Whether or not to show blocks on right hand side default is no
* @param array $custom An array defining custom function to be used to format Rightblocks
* @see function COM_siteHeader
* @return string Formated HTML containing site footer and optionally right blocks
*
*/
function COM_siteFooter($rightblock = -1, $custom = '')
{
global $_CONF, $_TABLES, $LANG01, $_PAGE_TIMER, $topic, $LANG_BUTTONS;
// If the theme implemented this for us then call their version instead.
$function = $_CONF['theme'] . '_siteFooter';
if (function_exists($function)) {
return $function($rightblock, $custom);
}
COM_hit();
// Set template directory
$footer = new Template($_CONF['path_layout']);
// Set template file
$footer->set_file(array('footer' => 'footer.thtml', 'rightblocks' => 'rightblocks.thtml', 'leftblocks' => 'leftblocks.thtml'));
// Do variable assignments
$footer->set_var('xhtml', XHTML);
$footer->set_var('site_url', $_CONF['site_url']);
$footer->set_var('site_admin_url', $_CONF['site_admin_url']);
$footer->set_var('layout_url', $_CONF['layout_url']);
$footer->set_var('site_mail', "mailto:{$_CONF['site_mail']}");
$footer->set_var('site_name', $_CONF['site_name']);
$footer->set_var('site_slogan', $_CONF['site_slogan']);
$rdf = substr_replace($_CONF['rdf_file'], $_CONF['site_url'], 0, strlen($_CONF['path_html']) - 1);
$footer->set_var('rdf_file', $rdf);
$footer->set_var('rss_url', $rdf);
$year = date('Y');
$copyrightyear = $year;
if (!empty($_CONF['copyrightyear'])) {
$copyrightyear = $_CONF['copyrightyear'];
}
$footer->set_var('copyright_notice', ' ' . $LANG01[93] . ' © ' . $copyrightyear . ' ' . $_CONF['site_name'] . '<br' . XHTML . '> ' . $LANG01[94]);
$footer->set_var('copyright_msg', $LANG01[93] . ' © ' . $copyrightyear . ' ' . $_CONF['site_name']);
$footer->set_var('current_year', $year);
$footer->set_var('lang_copyright', $LANG01[93]);
$footer->set_var('trademark_msg', $LANG01[94]);
$footer->set_var('powered_by', $LANG01[95]);
$footer->set_var('geeklog_url', 'http://www.geeklog.net/');
$footer->set_var('geeklog_version', VERSION);
// Now add variables for buttons like e.g. those used by the Yahoo theme
$footer->set_var('button_home', $LANG_BUTTONS[1]);
$footer->set_var('button_contact', $LANG_BUTTONS[2]);
$footer->set_var('button_contribute', $LANG_BUTTONS[3]);
$footer->set_var('button_sitestats', $LANG_BUTTONS[7]);
$footer->set_var('button_personalize', $LANG_BUTTONS[8]);
$footer->set_var('button_search', $LANG_BUTTONS[9]);
$footer->set_var('button_advsearch', $LANG_BUTTONS[10]);
$footer->set_var('button_directory', $LANG_BUTTONS[11]);
/* Right blocks. Argh. Don't talk to me about right blocks...
* Right blocks will be displayed if Right_blocks_in_footer is set [1],
* AND (this function has been asked to show them (first param) OR the
* show_right_blocks conf variable has been set to override what the code
* wants to do.
*
* If $custom sets an array (containing functionname and first argument)
* then this is used instead of the default (COM_showBlocks) to render
* the right blocks (and left).
*
* [1] - if it isn't, they'll be in the header already.
*
*/
$displayRightBlocks = true;
if ($_CONF['right_blocks_in_footer'] == 1) {
if ($rightblock < 0 || !$rightblock) {
if (isset($_CONF['show_right_blocks'])) {
$displayRightBlocks = $_CONF['show_right_blocks'];
} else {
$displayRightBlocks = false;
}
} else {
$displayRightBlocks = true;
}
} else {
$displayRightBlocks = false;
}
if ($displayRightBlocks) {
/* Check if an array has been passed that includes the name of a plugin
* function or custom function.
* This can be used to take control over what blocks are then displayed
*/
if (is_array($custom)) {
$function = $custom['0'];
if (function_exists($function)) {
$rblocks = $function($custom['1'], 'right');
} else {
$rblocks = COM_showBlocks('right', $topic);
}
} else {
$rblocks = COM_showBlocks('right', $topic);
}
if (empty($rblocks)) {
$footer->set_var('geeklog_blocks', '');
$footer->set_var('right_blocks', '');
} else {
$footer->set_var('geeklog_blocks', $rblocks);
$footer->parse('right_blocks', 'rightblocks', true);
$footer->set_var('geeklog_blocks', '');
}
} else {
$footer->set_var('geeklog_blocks', '');
$footer->set_var('right_blocks', '');
}
if ($_CONF['left_blocks_in_footer'] == 1) {
$lblocks = '';
/* Check if an array has been passed that includes the name of a plugin
* function or custom function
* This can be used to take control over what blocks are then displayed
*/
if (is_array($custom)) {
$function = $custom[0];
if (function_exists($function)) {
$lblocks = $function($custom[1], 'left');
}
} else {
$lblocks = COM_showBlocks('left', $topic);
}
if (empty($lblocks)) {
$footer->set_var('left_blocks', '');
$footer->set_var('geeklog_blocks', '');
} else {
$footer->set_var('geeklog_blocks', $lblocks);
$footer->parse('left_blocks', 'leftblocks', true);
$footer->set_var('geeklog_blocks', '');
}
}
// Global centerspan variable set in index.php
if (isset($GLOBALS['centerspan'])) {
$footer->set_var('centerblockfooter-span', '</td></tr></table>');
}
$exectime = $_PAGE_TIMER->stopTimer();
$exectext = $LANG01[91] . ' ' . $exectime . ' ' . $LANG01[92];
$footer->set_var('execution_time', $exectime);
$footer->set_var('execution_textandtime', $exectext);
// Call to plugins to set template variables in the footer
PLG_templateSetVars('footer', $footer);
// Actually parse the template and make variable substitutions
$footer->parse('index_footer', 'footer');
// Return resulting HTML
return $footer->finish($footer->get_var('index_footer'));
}
function nexdoc_formatHeader($cid = 0, $reportmode = '')
{
global $_CONF;
$tpl = new Template($_CONF['path_layout'] . 'nexfile');
if ($reportmode == 'incoming') {
$tpl->set_file('header', 'incoming_header.thtml');
} else {
$tpl->set_file('header', 'filelisting_header.thtml');
}
if ($cid > 0) {
$tpl->set_var('showfolder', 'none');
} else {
$tpl->set_var('showfolderexpandlink', 'none');
}
if ($reportmode == 'approvals') {
$tpl->set_var('LANG_actionheading', 'Submitter');
} else {
$tpl->set_var('LANG_actionheading', 'Actions');
}
if ($reportmode == 'incoming' and SEC_hasRights('nexfile.edit')) {
$tpl->set_var('show_ownername', '');
} else {
$tpl->set_var('show_ownername', 'none');
}
$tpl->set_var('LANG_dateheading', 'Modified');
PLG_templateSetVars('nexfile_listingheader', $tpl);
$tpl->parse('output', 'header');
return $tpl->finish($tpl->get_var('output'));
}
/**
* Creates the product edit form.
*
* Creates the form for editing a product. If a product ID is supplied,
* then that product is read and becomes the current product. If not,
* then the current product is edited. If an empty product was created,
* then a new product is created here.
*
* @uses PAYPAL_getDocUrl()
* @uses PAYPAL_errorMessage()
* @uses PAYPAL_recurseCats()
* @param integer $id Optional ID, current record used if zero
* @return string HTML for edit form
*/
public function showForm($id = 0)
{
global $_TABLES, $_CONF, $_PP_CONF, $LANG_PP, $LANG24, $LANG_postmodes, $_SYSTEM;
$id = (int) $id;
if ($id > 0) {
// If an id is passed in, then read that record
if (!$this->Read($id)) {
return PAYPAL_errorMessage($LANG_PP['invalid_product_id'], 'info');
}
}
$id = $this->id;
$T = new Template(PAYPAL_PI_PATH . '/templates');
if ($_SYSTEM['framework'] == 'uikit') {
$T->set_file('product', 'product_form.uikit.thtml');
} else {
$T->set_file('product', 'product_form.thtml');
}
// Set up the wysiwyg editor, if available
switch (PLG_getEditorType()) {
case 'ckeditor':
$T->set_var('show_htmleditor', true);
PLG_requestEditor('paypal', 'paypal_entry', 'ckeditor_paypal.thtml');
PLG_templateSetVars('paypal_entry', $T);
break;
case 'tinymce':
$T->set_var('show_htmleditor', true);
PLG_requestEditor('paypal', 'paypal_entry', 'tinymce_paypal.thtml');
PLG_templateSetVars('paypal_entry', $T);
break;
default:
// don't support others right now
$T->set_var('show_htmleditor', false);
break;
}
// Add the current product ID to the form if it's an existing product.
if ($id > 0) {
$T->set_var('id', '<input type="hidden" name="id" value="' . $this->id . '" />');
$retval = COM_startBlock($LANG_PP['edit'] . ': ' . $this->name);
} else {
$T->set_var('id', '');
$retval = COM_startBlock($LANG_PP['new_product']);
}
$T->set_var(array('post_options' => $post_options, 'name' => htmlspecialchars($this->name, ENT_QUOTES, COM_getEncodingt()), 'category' => $this->cat_id, 'short_description' => htmlspecialchars($this->short_description, ENT_QUOTES, COM_getEncodingt()), 'description' => htmlspecialchars($this->description, ENT_QUOTES, COM_getEncodingt()), 'price' => sprintf('%.2f', $this->price), 'file' => htmlspecialchars($this->file, ENT_QUOTES, COM_getEncodingt()), 'expiration' => $this->expiration, 'pi_admin_url' => PAYPAL_ADMIN_URL, 'file_selection' => $this->FileSelector(), 'keywords' => htmlspecialchars($this->keywords, ENT_QUOTES, COM_getEncodingt()), 'cat_select' => PAYPAL_recurseCats('PAYPAL_callbackCatOptionList', $this->cat_id), 'currency' => $_PP_CONF['currency'], 'pi_url' => PAYPAL_URL, 'doc_url' => PAYPAL_getDocURL('product_form', $_CONF['language']), 'prod_type' => $this->prod_type, 'weight' => $this->weight, 'feat_chk' => $this->featured == 1 ? 'checked="checked"' : '', 'ena_chk' => $this->enabled == 1 ? 'checked="checked"' : '', 'tax_chk' => $this->taxable == 1 ? 'checked="checked"' : '', 'show_random_chk' => $this->show_random == 1 ? 'checked="checked"' : '', 'show_popular_chk' => $this->show_popular == 1 ? 'checked="checked"' : '', 'ship_sel_' . $this->shipping_type => 'selected="selected"', 'shipping_type' => $this->shipping_type, 'track_onhand' => $this->track_onhand, 'shipping_amt' => sprintf('%.2f', $this->shipping_amt), 'sel_comment_' . $this->comments_enabled => 'selected="selected"', 'rating_chk' => $this->rating_enabled == 1 ? 'checked="checked"' : '', 'trk_onhand_chk' => $this->track_onhand == 1 ? 'checked="checked"' : '', 'onhand' => $this->onhand, "oversell_sel{$this->oversell}" => 'selected="selected"', 'custom' => $this->custom, 'sale_price' => sprintf('%.2f', $this->sale_price), 'sale_beg' => $this->_InputDtFormat($this->sale_beg), 'sale_end' => $this->_InputDtFormat($this->sale_end), 'avail_beg' => $this->avail_beg, 'avail_end' => $this->avail_end));
// Create the button type selections. New products get the default
// button selected, existing products get the saved button selected
// or "none" if there is no button.
$T->set_block('product', 'BtnRow', 'BRow');
$have_chk = false;
foreach ($_PP_CONF['buttons'] as $key => $checked) {
if ($key == $this->btn_type || $this->isNew && $checked) {
$btn_chk = 'checked="checked"';
$have_chk = true;
} else {
$btn_chk = '';
}
$T->set_var(array('btn_type' => $key, 'btn_chk' => $key == $this->btn_type || $this->isNew && $checked ? 'checked="checked"' : '', 'btn_name' => $LANG_PP['buttons'][$key]));
$T->parse('BRow', 'BtnRow', true);
}
// Set the "none" selection if nothing was already selected
$T->set_var('none_chk', $have_chk ? '' : 'checked="checked"');
$T->set_block('product', 'ProdTypeRadio', 'ProdType');
foreach ($LANG_PP['prod_types'] as $value => $text) {
$T->set_var(array('type_val' => $value, 'type_txt' => $text, 'type_sel' => $this->prod_type == $value ? 'checked="checked"' : ''));
$T->parse('ProdType', 'ProdTypeRadio', true);
}
/*$T->set_block('options', 'OptionRow', 'OptRow');
for ($i = 0; $i < 7; $i++) {
$T->set_var(array(
'var' => $i,
'option_num' => $i + 1,
'on0_name' => $this->properties['options']['on0']['name'],
'on0_string' => $this->properties['options']['on0'][$i]['string'],
'on0_value' => $this->properties['options']['on0'][$i]['value'],
'on1_name' => $this->properties['options']['on1']['name'],
'on1_string' => $this->properties['options']['on1'][$i]['string'],
'on1_value' => $this->properties['options']['on1'][$i]['value'],
) );
$T->parse('OptRow', 'OptionRow', true);
}*/
if (!$this->isUsed()) {
$T->set_var('candelete', 'true');
}
// Set up the photo fields. Use $photocount defined above.
// If there are photos, read the $photo result. Otherwise,
// or if this is a new ad, just clear the photo area
$T->set_block('product', 'PhotoRow', 'PRow');
$i = 0;
// Get the existing photos. Will only have photos with an
// existing product entry.
$photocount = 0;
if ($this->id != NULL) {
$sql = "SELECT img_id, filename \n FROM {$_TABLES['paypal.images']} \n WHERE product_id='" . $this->id . "'";
$photo = DB_query($sql);
// save the count of photos for later use
if ($photo) {
$photocount = DB_numRows($photo);
}
// While we're checking the ID, set it as a hidden value
// for updating this record
$T->set_var('product_id', $this->id);
} else {
$T->set_var('product_id', '');
}
// If there are any images, retrieve and display the thumbnails.
if ($photocount > 0) {
while ($prow = DB_fetchArray($photo)) {
$i++;
$T->set_var('img_url', PAYPAL_URL . "/images/products/{$prow['filename']}");
$T->set_var('thumb_url', PAYPAL_ImageUrl($prow['filename']));
$T->set_var('seq_no', $i);
$T->set_var('del_img_url', PAYPAL_ADMIN_URL . '/index.php' . '?delete_img=x' . '&img_id=' . $prow['img_id'] . '&id=' . $this->id);
$T->parse('PRow', 'PhotoRow', true);
}
} else {
$T->parse('PRow', '');
}
// add upload fields for unused images
$T->set_block('product', 'UploadFld', 'UFLD');
for ($j = $i; $j < $_PP_CONF['max_images']; $j++) {
$T->parse('UFLD', 'UploadFld', true);
}
$i = 0;
foreach ($this->qty_discounts as $qty => $amt) {
$T->set_var(array('disc_qty' . $i => $qty, 'disc_amt' . $i => $amt));
$i++;
}
/*$sql = "SELECT cat_id, cat_name
FROM {$_TABLES['paypal.categories']}
WHERE enabled=1 AND parent_id=0";
$res = DB_query($sql);*/
/*$str = '';
while ($A = DB_fetchArray($res, false)) {
$str .= "<div><b>{$A['cat_name']}</b><br/>
<ul>" .
PAYPAL_recurseCats('prodform_catoption', 0, $A['cat_id'],
'', '', '',
0, 0, array('<ol>', '</ol>')) .
"</ul></div>";
}
$T->set_var('catselect', $str);*/
$retval .= $T->parse('output', 'product');
/*@setcookie($_CONF['cookie_name'].'fckeditor',
SEC_createTokenGeneral('advancededitor'),
time() + 1200, $_CONF['cookie_path'],
$_CONF['cookiedomain'], $_CONF['cookiesecure']);
*/
$retval .= COM_endBlock();
return $retval;
}
$pagelinks[$curid] = $title;
}
$links = array_reverse($pagelinks, true);
$breadcrumbs = '';
$i = 1;
foreach ($links as $pageid => $pagename) {
if ($i > 1) {
$pageview->set_var('separator', $CONF_SE['breadcrumb_separator']);
} else {
$pageview->set_var('separator', '');
}
$pageview->set_var('public_url', $CONF_SE['public_url']);
$pageview->set_var('pageid', $pageid);
$pageview->set_var('pagename', $pagename);
$pageview->parse('breadcrumb_links', 'breadcrumb_link', true);
$i++;
}
}
$pageview->parse('breadcrumbs', 'breadcrumbs');
PLG_templateSetVars('nexcontent', $pageview);
$pageview->set_var('siteheader', $siteheader);
$pageview->set_var('heading', $heading);
$pageview->set_var('pagetitle', $pagetitle);
$pageview->set_var('content', nexcontent_formatPage($catid, $page, $content));
$pageview->set_var('sitefooter', $sitefooter);
$pageview->parse('output', 'pageview');
echo $pageview->finish($pageview->get_var('output'));
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php?msg=1&plugin=nexcontent');
exit;
}
/**
* Displays the comment form
*
* @param string $title Title of comment
* @param string $comment Text of comment
* @param string $sid ID of object comment belongs to
* @param int $pid ID of parent comment
* @param string $type Type of object comment is posted to
* @param string $mode Mode, e.g. 'preview'
* @param string $postmode Indicates if comment is plain text or HTML
* @return string HTML for comment form
*
*/
function CMT_commentForm($title, $comment, $sid, $pid = '0', $type, $mode, $postmode)
{
global $_CONF, $_TABLES, $_USER, $LANG03, $LANG12, $LANG_LOGIN, $LANG_ACCESS;
$retval = '';
// never trust $uid ...
if (empty($_USER['uid'])) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
$commentuid = $uid;
$table = $_TABLES['comments'];
if (($mode == 'edit' || $mode == $LANG03[28]) && isset($_REQUEST['cid'])) {
$cid = COM_applyFilter($_REQUEST['cid']);
$commentuid = DB_getItem($_TABLES['comments'], 'uid', "cid = '{$cid}'");
} elseif ($mode == 'editsubmission' || $mode == $LANG03[34]) {
$cid = COM_applyFilter($_REQUEST['cid']);
$commentuid = DB_getItem($_TABLES['commentsubmissions'], 'uid', "cid = '{$cid}'");
$table = $_TABLES['commentsubmissions'];
}
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
$retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$loginreq = new Template($_CONF['path_layout'] . 'submit');
$loginreq->set_file('loginreq', 'submitloginrequired.thtml');
$loginreq->set_var('xhtml', XHTML);
$loginreq->set_var('login_message', $LANG_LOGIN[2]);
$loginreq->set_var('site_url', $_CONF['site_url']);
$loginreq->set_var('site_admin_url', $_CONF['site_admin_url']);
$loginreq->set_var('lang_login', $LANG_LOGIN[3]);
$loginreq->set_var('lang_newuser', $LANG_LOGIN[4]);
$loginreq->parse('errormsg', 'loginreq');
$retval .= $loginreq->finish($loginreq->get_var('errormsg'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
return $retval;
} else {
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
$last = 0;
if ($mode != 'edit' && $mode != 'editsubmission' && $mode != $LANG03[28] && $mode != $LANG03[34]) {
// not edit mode or preview changes
$last = COM_checkSpeedlimit('comment');
}
if ($last > 0) {
$retval .= COM_startBlock($LANG12[26], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG03[7] . $last . $LANG03[8] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
} else {
if ($_CONF['advanced_editor'] == 1 && file_exists($_CONF['path_layout'] . 'comment/commentform_advanced.thtml')) {
$postmode = 'html';
} elseif (empty($postmode)) {
$postmode = $_CONF['postmode'];
}
// Note:
// $comment / $newcomment is what goes into the preview / is
// actually stored in the database -> strip HTML
// $commenttext is what the user entered and goes back into the
// <textarea> -> don't strip HTML
$commenttext = htmlspecialchars(COM_stripslashes($comment));
// Replace $, {, and } with special HTML equivalents
$commenttext = str_replace('$', '$', $commenttext);
$commenttext = str_replace('{', '{', $commenttext);
$commenttext = str_replace('}', '}', $commenttext);
$title = COM_checkWords(strip_tags(COM_stripslashes($title)));
// $title = str_replace('$','$',$title); done in CMT_getComment
$_POST['title'] = $title;
$newcomment = $comment;
if ($mode == $LANG03[28]) {
// for preview
$newcomment = CMT_prepareText($comment, $postmode, $type, true, $cid);
} elseif ($mode == $LANG03[34]) {
$newcomment = CMT_prepareText($comment, $postmode, $type, true);
} else {
$newcomment = CMT_prepareText($comment, $postmode, $type);
}
$_POST['comment'] = $newcomment;
// Preview mode:
if (($mode == $LANG03[14] || $mode == $LANG03[28] || $mode == $LANG03[34]) && !empty($title) && !empty($comment)) {
$start = new Template($_CONF['path_layout'] . 'comment');
$start->set_file(array('comment' => 'startcomment.thtml'));
$start->set_var('xhtml', XHTML);
$start->set_var('site_url', $_CONF['site_url']);
$start->set_var('site_admin_url', $_CONF['site_admin_url']);
$start->set_var('layout_url', $_CONF['layout_url']);
$start->set_var('hide_if_preview', 'style="display:none"');
// Clean up all the vars
$A = array();
foreach ($_POST as $key => $value) {
if ($key == 'pid' || $key == 'cid') {
$A[$key] = COM_applyFilter($_POST[$key], true);
} else {
if ($key == 'title' || $key == 'comment') {
// these have already been filtered above
$A[$key] = $_POST[$key];
} else {
if ($key == 'username') {
$A[$key] = htmlspecialchars(COM_checkWords(strip_tags(COM_stripslashes($_POST[$key]))));
} else {
$A[$key] = COM_applyFilter($_POST[$key]);
}
}
}
}
// correct time and username for edit preview
if ($mode == $LANG03[28] || $mode == $LANG03[34]) {
$A['nice_date'] = DB_getItem($table, 'UNIX_TIMESTAMP(date)', "cid = '{$cid}'");
if ($_USER['uid'] != $commentuid) {
$uresult = DB_query("SELECT username, fullname, email, photo FROM {$_TABLES['users']} WHERE uid = {$commentuid}");
$A = array_merge($A, DB_fetchArray($uresult));
}
}
if (empty($A['username'])) {
$A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}");
}
$thecomments = CMT_getComment($A, 'flat', $type, 'ASC', false, true);
$start->set_var('comments', $thecomments);
$retval .= COM_startBlock($LANG03[14]) . $start->finish($start->parse('output', 'comment')) . COM_endBlock();
} else {
if ($mode == $LANG03[14]) {
$retval .= COM_startBlock($LANG03[17], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG03[12] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$mode = 'error';
}
}
$comment_template = new Template($_CONF['path_layout'] . 'comment');
if ($_CONF['advanced_editor'] == 1 && file_exists($_CONF['path_layout'] . 'comment/commentform_advanced.thtml')) {
$comment_template->set_file('form', 'commentform_advanced.thtml');
} else {
$comment_template->set_file('form', 'commentform.thtml');
}
$comment_template->set_var('xhtml', XHTML);
$comment_template->set_var('site_url', $_CONF['site_url']);
$comment_template->set_var('site_admin_url', $_CONF['site_admin_url']);
$comment_template->set_var('layout_url', $_CONF['layout_url']);
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
if ($_CONF['show_fullname'] == 1) {
$comment_template->set_var('lang_username', $LANG_ACCESS['name']);
} else {
$comment_template->set_var('lang_username', $LANG03[5]);
}
$comment_template->set_var('sid', $sid);
$comment_template->set_var('pid', $pid);
$comment_template->set_var('type', $type);
$formurl = $_CONF['site_url'] . '/comment.php';
if ($mode == 'edit' || $mode == $LANG03[28]) {
//edit modes
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[32]));
$comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . $cid . '"' . XHTML . '>');
} else {
if ($mode == 'editsubmission' || $mode == $LANG03[34]) {
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[33]));
$comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . $cid . '"' . XHTML . '>');
} else {
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
$comment_template->set_var('cid', '');
}
}
$comment_template->set_var('form_url', $formurl);
if (COM_isAnonUser()) {
// Anonymous user
$comment_template->set_var('uid', 1);
if (isset($A['username'])) {
$name = $A['username'];
// for preview
} elseif (isset($_COOKIE[$_CONF['cookie_anon_name']])) {
// stored as cookie, name used before
$name = htmlspecialchars(COM_checkWords(strip_tags(COM_stripslashes($_COOKIE[$_CONF['cookie_anon_name']]))));
} else {
$name = COM_getDisplayName(1);
// anonymous user
}
$usernameblock = '<input type="text" name="username" size="16" value="' . $name . '" maxlength="32"' . XHTML . '>';
$comment_template->set_var('username', $usernameblock);
$comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new');
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
} else {
if ($commentuid != $_USER['uid']) {
$uresult = DB_query("SELECT username, fullname FROM {$_TABLES['users']} WHERE uid = {$commentuid}");
list($username, $fullname) = DB_fetchArray($uresult);
} else {
$username = $_USER['username'];
$fullname = $_USER['fullname'];
}
$comment_template->set_var('gltoken_name', CSRF_TOKEN);
$comment_template->set_var('gltoken', SEC_createToken());
$comment_template->set_var('uid', $commentuid);
$name = COM_getDisplayName($commentuid, $username, $fullname);
$comment_template->set_var('username', $name);
$comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout');
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]);
}
if ($postmode == 'html') {
$comment_template->set_var('show_texteditor', 'none');
$comment_template->set_var('show_htmleditor', '');
} else {
$comment_template->set_var('show_texteditor', '');
$comment_template->set_var('show_htmleditor', 'none');
}
$comment_template->set_var('lang_title', $LANG03[16]);
$comment_template->set_var('title', htmlspecialchars($title));
$comment_template->set_var('lang_comment', $LANG03[9]);
$comment_template->set_var('comment', $commenttext);
$comment_template->set_var('lang_postmode', $LANG03[2]);
$comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
$comment_template->set_var('allowed_html', COM_allowedHTML($type == 'article' ? 'story.edit' : "{$type}.edit"));
$comment_template->set_var('lang_importantstuff', $LANG03[18]);
$comment_template->set_var('lang_instr_line1', $LANG03[19]);
$comment_template->set_var('lang_instr_line2', $LANG03[20]);
$comment_template->set_var('lang_instr_line3', $LANG03[21]);
$comment_template->set_var('lang_instr_line4', $LANG03[22]);
$comment_template->set_var('lang_instr_line5', $LANG03[23]);
if ($mode == 'edit' || $mode == $LANG03[28]) {
//editing comment or preview changes
$comment_template->set_var('lang_preview', $LANG03[28]);
} elseif ($mode == 'editsubmission' || $mode == $LANG03[34]) {
$comment_template->set_var('lang_preview', $LANG03[34]);
} else {
//new comment
$comment_template->set_var('lang_preview', $LANG03[14]);
}
PLG_templateSetVars('comment', $comment_template);
if ($mode == $LANG03[28] || $mode == 'edit' && $_CONF['skip_preview'] == 1) {
// for editing
$comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[29] . '"' . XHTML . '>');
} elseif ($mode == $LANG03[34] || $mode == 'editsubmission' && $_CONF['skip_preview'] == 1) {
// editing submission comment
$comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[35] . '"' . XHTML . '>');
} elseif ($_CONF['skip_preview'] == 1 || $mode == $LANG03[14]) {
$comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[11] . '"' . XHTML . '>');
}
if ($_CONF['allow_reply_notifications'] == 1 && $uid != 1 && ($mode == '' || $mode == $LANG03[14] || $mode == 'error')) {
$checked = '';
if (isset($_POST['notify'])) {
$checked = ' checked="checked"';
}
$comment_template->set_var('notification', '<p><input type="checkbox"' . ' name="notify"' . $checked . '>' . $LANG03[36] . '</p>');
}
$comment_template->set_var('end_block', COM_endBlock());
$comment_template->parse('output', 'form');
$retval .= $comment_template->finish($comment_template->get_var('output'));
}
}
return $retval;
}
/**
* Shows the story submission form
*
*/
function submitstory()
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG12, $LANG24, $_SCRIPTS;
// Add JavaScript
$_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
$retval = '';
$story = new Story();
if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
// preview
$story->loadSubmission();
$retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
} else {
$story->initSubmission();
}
$storyform = COM_newTemplate($_CONF['path_layout'] . 'submit');
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
$storyform->set_file('storyform', 'submitstory_advanced.thtml');
$storyform->set_var('change_editormode', 'onchange="change_editmode(this);"');
$storyform->set_var('lang_expandhelp', $LANG24[67]);
$storyform->set_var('lang_reducehelp', $LANG24[68]);
$link_message = COM_isAnonUser() ? '' : $LANG01[138];
$storyform->set_var('noscript', COM_getNoScript(false, '', $link_message));
// Setup Advanced Editor
COM_setupAdvancedEditor('/javascript/submitstory_adveditor.js');
if ($story->EditElements('postmode') === 'html') {
$storyform->set_var('show_texteditor', 'none');
$storyform->set_var('show_htmleditor', '');
} else {
$storyform->set_var('show_texteditor', '');
$storyform->set_var('show_htmleditor', 'none');
}
} else {
$storyform->set_file('storyform', 'submitstory.thtml');
if ($story->EditElements('postmode') === 'html') {
$storyform->set_var('show_texteditor', 'none');
$storyform->set_var('show_htmleditor', '');
} else {
$storyform->set_var('show_texteditor', '');
$storyform->set_var('show_htmleditor', 'none');
}
}
$storyform->set_var('lang_username', $LANG12[27]);
if (!COM_isAnonUser()) {
$storyform->set_var('story_username', $_USER['username']);
$storyform->set_var('author', COM_getDisplayName());
$storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
$storyform->set_var('lang_loginout', $LANG12[34]);
} else {
$storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
$storyform->set_var('lang_loginout', $LANG12[2]);
if (!$_CONF['disable_new_user_registration']) {
$storyform->set_var('separator', ' | ');
$storyform->set_var('seperator', ' | ');
$storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => 'nofollow')));
}
}
$storyform->set_var('lang_title', $LANG12[10]);
$storyform->set_var('story_title', $story->EditElements('title'));
$storyform->set_var('lang_topic', $LANG12[28]);
$tlist = TOPIC_getTopicSelectionControl('article', '', false, false, false);
$storyform->set_var('topic_selection', $tlist);
if (empty($tlist)) {
$retval .= COM_showMessage(101);
return $retval;
}
$storyform->set_var('story_topic_options', $tlist);
$storyform->set_var('lang_story', $LANG12[29]);
$storyform->set_var('lang_introtext', $LANG12[54]);
$storyform->set_var('lang_bodytext', $LANG12[55]);
$storyform->set_var('story_introtext', $story->EditElements('introtext'));
$storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
$storyform->set_var('lang_postmode', $LANG12[36]);
$postmode = $story->EditElements('postmode');
$storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
$allowed_html = '';
foreach (array('plaintext', 'html') as $pm) {
$allowed_html .= COM_allowedHTML('story.edit', false, 1, $pm);
}
$allowed_html .= COM_allowedAutotags();
$storyform->set_var('allowed_html', $allowed_html);
$storyform->set_var('story_uid', $story->EditElements('uid'));
$storyform->set_var('story_sid', $story->EditElements('sid'));
$storyform->set_var('story_date', $story->EditElements('unixdate'));
$storyform->set_var('lang_preview', $LANG12[32]);
PLG_templateSetVars('story', $storyform);
if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
$storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
}
$retval .= COM_startBlock($LANG12[6], 'submitstory.html');
$storyform->parse('theform', 'storyform');
$retval .= $storyform->finish($storyform->get_var('theform'));
$retval .= COM_endBlock();
return $retval;
}
/**
* Displays the contact form
*
* @param int $uid User ID of article author
* @param bool $cc Whether to send a copy of the message to the author
* @param string $subject Subject of email
* @param string $message Text of message to send
* @return string HTML for the contact form
*
*/
function CONTACT_contactform($uid, $cc = false, $subject = '', $message = '')
{
global $_CONTACT_CONF, $_CONF, $_TABLES, $_USER, $LANG08, $LANG_CONTACT_1;
$retval = '';
if (COM_isAnonUser() && $_CONTACT_CONF['contactloginrequired'] == 1) {
$retval .= SEC_loginRequiredForm();
} else {
$result = DB_query("SELECT emailfromadmin,emailfromuser FROM {$_TABLES['userprefs']} WHERE uid = '{$uid}'");
$P = DB_fetchArray($result);
if (SEC_inGroup('Root') || SEC_hasRights('user.mail')) {
$isAdmin = true;
} else {
$isAdmin = false;
}
$displayname = COM_getDisplayName($uid);
if ($P['emailfromadmin'] == 1 && $isAdmin || $P['emailfromuser'] == 1 && !$isAdmin) {
if ($cc) {
$cc = ' checked="checked"';
}
$retval = '';
$mail_template = COM_newTemplate($_CONF['path'] . 'plugins/contact/templates');
$mail_template->set_file('form', 'contactuserform.thtml');
$mail_template->set_var('contact_form', $LANG_CONTACT_1['contact_form']);
$mail_template->set_var('form_message', $_CONTACT_CONF['message']);
$mail_template->set_var('lang_username', $LANG_CONTACT_1['name']);
$mail_template->set_var('add_your_name', $LANG_CONTACT_1['add_your_name']);
if (COM_isAnonUser()) {
$sender = '';
if (isset($_POST['author'])) {
$sender = strip_tags($_POST['author']);
$sender = substr($sender, 0, strcspn($sender, "\r\n"));
$sender = htmlspecialchars(trim($sender), ENT_QUOTES);
}
$mail_template->set_var('username', $sender);
} else {
$mail_template->set_var('username', COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']));
}
$mail_template->set_var('lang_useremail', $LANG_CONTACT_1['email']);
$mail_template->set_var('add_valid_address', $LANG_CONTACT_1['add_valid_address']);
if (COM_isAnonUser()) {
$email = '';
if (isset($_POST['authoremail'])) {
$email = strip_tags($_POST['authoremail']);
$email = substr($email, 0, strcspn($email, "\r\n"));
$email = htmlspecialchars(trim($email), ENT_QUOTES);
}
$mail_template->set_var('useremail', $email);
} else {
$mail_template->set_var('useremail', $_USER['email']);
}
$mail_template->set_var('cc', $cc);
$mail_template->set_var('lang_cc', $LANG08[36]);
$mail_template->set_var('lang_cc_description', $LANG08[37]);
$mail_template->set_var('lang_message', $LANG_CONTACT_1['message']);
$mail_template->set_var('message', htmlspecialchars($message));
$mail_template->set_var('lang_submit', $LANG08[16]);
$mail_template->set_var('uid', $uid);
PLG_templateSetVars('contact', $mail_template);
$mail_template->parse('output', 'form');
$retval .= $mail_template->finish($mail_template->get_var('output'));
} else {
$retval = COM_startBlock($LANG08[10] . ' ' . $displayname, '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $LANG08[35];
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
}
}
return $retval;
}
/**
* Displays a login form
* This is the version of the login form displayed in the content area of the
* page (not the side bar). It will present all options (remote authentication
* - including OpenID, new registration link, etc.) according to the current
* configuration settings.
*
* @param array $use_config options to override some of the defaults
* @return string HTML of the login form
*/
function SEC_loginForm($use_config = array())
{
global $_CONF, $LANG01, $LANG04, $_SCRIPTS;
$retval = '';
$have_remote_login = false;
$default_config = array('hide_forgotpw_link' => false, 'hidden_fields' => '', 'no_oauth_login' => false, 'no_3rdparty_login' => false, 'no_openid_login' => false, 'no_newreg_link' => false, 'no_plugin_vars' => false, 'title' => $LANG04[65], 'message' => $LANG04[66], 'button_text' => $LANG04[80]);
$config = array_merge($default_config, $use_config);
$loginform = COM_newTemplate($_CONF['path_layout'] . 'users');
$loginform->set_file('login', 'loginform.thtml');
$loginform->set_var('start_block_loginagain', COM_startBlock($config['title']));
$loginform->set_var('lang_message', $config['message']);
if ($config['no_newreg_link'] || $_CONF['disable_new_user_registration']) {
$loginform->set_var('lang_newreglink', '');
} else {
$loginform->set_var('lang_newreglink', $LANG04[123]);
}
$loginform->set_var('lang_username', $LANG04[2]);
$loginform->set_var('lang_password', $LANG01[57]);
if ($config['hide_forgotpw_link']) {
$loginform->set_var('lang_forgetpassword', '');
$loginform->set_var('forgetpassword_link', '');
} else {
$loginform->set_var('lang_forgetpassword', $LANG04[25]);
$forget = COM_createLink($LANG04[25], $_CONF['site_url'] . '/users.php?mode=getpassword', array('rel' => 'nofollow'));
$loginform->set_var('forgetpassword_link', $forget);
}
$loginform->set_var('lang_login', $config['button_text']);
$loginform->set_var('lang_remote_login', $LANG04[167]);
$loginform->set_var('lang_remote_login_desc', $LANG04[168]);
$loginform->set_var('end_block', COM_endBlock());
// 3rd party remote authentification.
$services = '';
if (!$config['no_3rdparty_login'] && $_CONF['user_login_method']['3rdparty'] && $_CONF['usersubmission'] == 0) {
$modules = SEC_collectRemoteAuthenticationModules();
if (count($modules) > 0) {
if (!$_CONF['user_login_method']['standard'] && count($modules) == 1) {
$select = '<input type="hidden" name="service" value="' . $modules[0] . '"' . XHTML . '>' . $modules[0];
} else {
// Build select
$select = '<select name="service">';
if ($_CONF['user_login_method']['standard']) {
$select .= '<option value="">' . $_CONF['site_name'] . '</option>';
}
foreach ($modules as $service) {
$select .= '<option value="' . $service . '">' . $service . '</option>';
}
$select .= '</select>';
}
$loginform->set_file('services', 'services.thtml');
$loginform->set_var('lang_service', $LANG04[121]);
$loginform->set_var('select_service', $select);
$loginform->parse('output', 'services');
$services .= $loginform->finish($loginform->get_var('output'));
}
}
if (!empty($config['hidden_fields'])) {
// allow caller to (ab)use {services} for hidden fields
$services .= $config['hidden_fields'];
}
$loginform->set_var('services', $services);
// OpenID remote authentification.
if (!$config['no_openid_login'] && $_CONF['user_login_method']['openid'] && $_CONF['usersubmission'] == 0 && !$_CONF['disable_new_user_registration']) {
$have_remote_login = true;
$_SCRIPTS->setJavascriptFile('login', '/javascript/login.js');
$loginform->set_file('openid_login', '../loginform_openid.thtml');
$loginform->set_var('lang_openid_login', $LANG01[128]);
$loginform->set_var('input_field_size', 40);
// for backward compatibility - not used any more
$app_url = isset($_SERVER['SCRIPT_URI']) ? $_SERVER['SCRIPT_URI'] : 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
$loginform->set_var('app_url', $app_url);
$loginform->parse('output', 'openid_login');
$loginform->set_var('openid_login', $loginform->finish($loginform->get_var('output')));
} else {
$loginform->set_var('openid_login', '');
}
// OAuth remote authentification.
if (!$config['no_oauth_login'] && $_CONF['user_login_method']['oauth'] && $_CONF['usersubmission'] == 0 && !$_CONF['disable_new_user_registration']) {
$have_remote_login = true;
$_SCRIPTS->setJavascriptFile('login', '/javascript/login.js');
$modules = SEC_collectRemoteOAuthModules();
if (count($modules) == 0) {
$loginform->set_var('oauth_login', '');
} else {
$html_oauth = '';
// Grab oauth icons from theme
if ($_CONF['theme_oauth_icons']) {
$icon_path = $_CONF['layout_url'] . '/images/';
} else {
$icon_path = $_CONF['site_url'] . '/images/';
}
foreach ($modules as $service) {
$loginform->set_file('oauth_login', '../loginform_oauth.thtml');
$loginform->set_var('oauth_service', $service);
$loginform->set_var('lang_oauth_service', $LANG01[$service]);
// for sign in image
$loginform->set_var('oauth_sign_in_image', $icon_path . $service . '-login-icon.png');
$loginform->parse('output', 'oauth_login');
$html_oauth .= $loginform->finish($loginform->get_var('output'));
}
$loginform->set_var('oauth_login', $html_oauth);
}
} else {
$loginform->set_var('oauth_login', '');
}
if ($have_remote_login) {
$loginform->set_var('remote_login_class', 'remote-login-enabled');
}
if (!$config['no_plugin_vars']) {
PLG_templateSetVars('loginform', $loginform);
}
$loginform->parse('output', 'login');
$retval .= $loginform->finish($loginform->get_var('output'));
return $retval;
}
/**
* Takes an article class and renders HTML in the specified template and style.
*
* Formats the given article into HTML. Called by index.php, article.php,
* submit.php and admin/story.php (Preview mode for the last two).
*
* @param object $story The story to display, an instance of the Story class.
* @param string $index n = 'Compact display' for list of stories. p = 'Preview' mode. Else full display of article.
* @param string $storytpl The template to use to render the story.
* @param string $query A search query, if one was specified.
*
* @return string Article as formated HTML.
*
* Note: Formerly named COM_Article, and re-written totally since then.
*/
function STORY_renderArticle(&$story, $index = '', $storytpl = 'storytext.thtml', $query = '')
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG05, $LANG11, $LANG_TRB, $_IMAGE_TYPE, $mode;
static $storycounter = 0;
if (empty($storytpl)) {
$storytpl = 'storytext.thtml';
}
$introtext = $story->displayElements('introtext');
$bodytext = $story->displayElements('bodytext');
if (!empty($query)) {
$introtext = COM_highlightQuery($introtext, $query);
$bodytext = COM_highlightQuery($bodytext, $query);
}
$article = new Template($_CONF['path_layout']);
$article->set_file(array('article' => $storytpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml'));
$article->set_var('xhtml', XHTML);
$article->set_var('layout_url', $_CONF['layout_url']);
$article->set_var('site_url', $_CONF['site_url']);
$article->set_var('site_admin_url', $_CONF['site_admin_url']);
$article->set_var('site_name', $_CONF['site_name']);
$article->set_var('story_date', $story->DisplayElements('date'));
$article->set_var('story_date_short', $story->DisplayElements('shortdate'));
$article->set_var('story_date_only', $story->DisplayElements('dateonly'));
if ($_CONF['hideviewscount'] != 1) {
$article->set_var('lang_views', $LANG01[106]);
$article->set_var('story_hits', $story->DisplayElements('hits'));
}
$article->set_var('story_id', $story->getSid());
if ($_CONF['contributedbyline'] == 1) {
$article->set_var('lang_contributed_by', $LANG01[1]);
$article->set_var('contributedby_uid', $story->DisplayElements('uid'));
$fullname = $story->DisplayElements('fullname');
$username = $story->DisplayElements('username');
$article->set_var('contributedby_user', $username);
if (empty($fullname)) {
$article->set_var('contributedby_fullname', $username);
} else {
$article->set_var('contributedby_fullname', $fullname);
}
$authorname = COM_getDisplayName($story->DisplayElements('uid'), $username, $fullname);
$article->set_var('contributedby_author', $authorname);
$article->set_var('author', $authorname);
if ($story->DisplayElements('uid') > 1) {
$profileUrl = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $story->DisplayElements('uid');
$article->set_var('start_contributedby_anchortag', '<a class="storybyline" href="' . $profileUrl . '">');
$article->set_var('end_contributedby_anchortag', '</a>');
$article->set_var('contributedby_url', $profileUrl);
}
$photo = '';
if ($_CONF['allow_user_photo'] == 1) {
$authphoto = $story->DisplayElements('photo');
if (empty($authphoto)) {
$authphoto = '(none)';
// user does not have a photo
}
$photo = USER_getPhoto($story->DisplayElements('uid'), $authphoto, $story->DisplayElements('email'));
}
if (!empty($photo)) {
$article->set_var('contributedby_photo', $photo);
$article->set_var('author_photo', $photo);
$camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>';
$article->set_var('camera_icon', COM_createLink($camera_icon, $profileUrl));
} else {
$article->set_var('contributedby_photo', '');
$article->set_var('author_photo', '');
$article->set_var('camera_icon', '');
}
}
$topicname = $story->DisplayElements('topic');
$article->set_var('story_topic_id', $story->DisplayElements('tid'));
$article->set_var('story_topic_name', $topicname);
$topicurl = $_CONF['site_url'] . '/index.php?topic=' . $story->DisplayElements('tid');
if ((!isset($_USER['noicons']) or $_USER['noicons'] != 1) and $story->DisplayElements('show_topic_icon') == 1) {
$imageurl = $story->DisplayElements('imageurl');
if (!empty($imageurl)) {
$imageurl = COM_getTopicImageUrl($imageurl);
$article->set_var('story_topic_image_url', $imageurl);
$topicimage = '<img src="' . $imageurl . '" class="float' . $_CONF['article_image_align'] . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
$article->set_var('story_anchortag_and_image', COM_createLink($topicimage, $topicurl, array('rel' => "category")));
$article->set_var('story_topic_image', $topicimage);
$topicimage_noalign = '<img src="' . $imageurl . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>';
$article->set_var('story_anchortag_and_image_no_align', COM_createLink($topicimage_noalign, $topicurl, array('rel' => "category")));
$article->set_var('story_topic_image_no_align', $topicimage_noalign);
}
}
$article->set_var('story_topic_url', $topicurl);
$recent_post_anchortag = '';
$articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
$article->set_var('story_title', $story->DisplayElements('title'));
$article->set_var('lang_permalink', $LANG01[127]);
$show_comments = true;
// n = 'Compact display' for list of stories. p = 'Preview' mode.
if ($index != 'n' && $index != 'p' || !empty($query)) {
$attributes = ' class="non-ul"';
$attr_array = array('class' => 'non-ul');
if (!empty($query)) {
$attributes .= ' rel="bookmark"';
$attr_array['rel'] = 'bookmark';
}
$article->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '"' . $attributes . '>');
$article->set_var('end_storylink_anchortag', '</a>');
$article->set_var('story_title_link', COM_createLink($story->DisplayElements('title'), $articleUrl, $attr_array));
} else {
$article->set_var('story_title_link', $story->DisplayElements('title'));
}
if ($index == 'n' || $index == 'p') {
if (empty($bodytext)) {
$article->set_var('story_introtext', $introtext);
$article->set_var('story_text_no_br', $introtext);
} else {
if ($_CONF['allow_page_breaks'] == 1 and $index == 'n') {
$story_page = 1;
// page selector
if (is_numeric($mode)) {
$story_page = $mode;
if ($story_page <= 0) {
$story_page = 1;
$mode = 0;
} elseif ($story_page > 1) {
$introtext = '';
}
}
$article_array = explode('[page_break]', $bodytext);
$pagelinks = COM_printPageNavigation($articleUrl, $story_page, count($article_array), 'mode=', $_CONF['url_rewrite'], $LANG01[118]);
if (count($article_array) > 1) {
$bodytext = $article_array[$story_page - 1];
}
$article->set_var('page_selector', $pagelinks);
if ($_CONF['page_break_comments'] == 'last' and $story_page < count($article_array) or $_CONF['page_break_comments'] == 'first' and $story_page != 1) {
$show_comments = false;
}
$article->set_var('story_page', $story_page);
}
$article->set_var('story_introtext', $introtext . '<br' . XHTML . '><br' . XHTML . '>' . $bodytext);
$article->set_var('story_text_no_br', $introtext . ' ' . $bodytext);
}
$article->set_var('story_introtext_only', $introtext);
$article->set_var('story_bodytext_only', $bodytext);
if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && SEC_hasRights('story.ping')) {
$url = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&id=' . $story->getSid();
$article->set_var('send_trackback_link', COM_createLink($LANG_TRB['send_trackback'], $url));
$pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
$article->set_var('send_trackback_icon', COM_createLink($pingico, $url));
$article->set_var('send_trackback_url', $url);
$article->set_var('lang_send_trackback_text', $LANG_TRB['send_trackback']);
}
$article->set_var('story_display', $index == 'p' ? 'preview' : 'article');
$article->set_var('story_counter', 0);
} else {
$article->set_var('story_introtext', $introtext);
$article->set_var('story_text_no_br', $introtext);
$article->set_var('story_introtext_only', $introtext);
if (!empty($bodytext)) {
$article->set_var('lang_readmore', $LANG01[2]);
$article->set_var('lang_readmore_words', $LANG01[62]);
$numwords = COM_numberFormat(count(explode(' ', COM_getTextContent($bodytext))));
$article->set_var('readmore_words', $numwords);
$article->set_var('readmore_link', COM_createLink($LANG01[2], $articleUrl, array('class' => 'story-read-more-link')) . ' (' . $numwords . ' ' . $LANG01[62] . ') ');
$article->set_var('start_readmore_anchortag', '<a href="' . $articleUrl . '" class="story-read-more-link">');
$article->set_var('end_readmore_anchortag', '</a>');
$article->set_var('read_more_class', 'class="story-read-more-link"');
}
if ($story->DisplayElements('commentcode') >= 0 and $show_comments) {
$commentsUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#comments';
$article->set_var('comments_url', $commentsUrl);
$article->set_var('comments_text', COM_numberFormat($story->DisplayElements('comments')) . ' ' . $LANG01[3]);
$article->set_var('comments_count', COM_numberFormat($story->DisplayElements('comments')));
$article->set_var('lang_comments', $LANG01[3]);
$comments_with_count = sprintf($LANG01[121], COM_numberFormat($story->DisplayElements('comments')));
if ($story->DisplayElements('comments') > 0) {
$result = DB_query("SELECT UNIX_TIMESTAMP(date) AS day,username,fullname,{$_TABLES['comments']}.uid as cuid FROM {$_TABLES['comments']},{$_TABLES['users']} WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid AND sid = '" . $story->getsid() . "' ORDER BY date desc LIMIT 1");
$C = DB_fetchArray($result);
$recent_post_anchortag = '<span class="storybyline">' . $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . COM_getDisplayName($C['cuid'], $C['username'], $C['fullname']) . '</span>';
$article->set_var('comments_with_count', COM_createLink($comments_with_count, $commentsUrl));
$article->set_var('start_comments_anchortag', '<a href="' . $commentsUrl . '">');
$article->set_var('end_comments_anchortag', '</a>');
} else {
$article->set_var('comments_with_count', $comments_with_count);
$recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/comment.php?sid=' . $story->getsid() . '&pid=0&type=article');
}
if ($story->DisplayElements('commentcode') == 0) {
$postCommentUrl = $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&pid=0&type=article';
$article->set_var('post_comment_link', COM_createLink($LANG01[60], $postCommentUrl, array('rel' => 'nofollow')));
/*
$article->set_var( 'subscribe_link',
COM_createLink('Nubbies', '', array('rel' => 'nofollow'))
);
*/
$article->set_var('lang_post_comment', $LANG01[60]);
$article->set_var('start_post_comment_anchortag', '<a href="' . $postCommentUrl . '" rel="nofollow">');
$article->set_var('end_post_comment_anchortag', '</a>');
}
}
if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && $story->DisplayElements('trackbackcode') >= 0 && $show_comments) {
$num_trackbacks = COM_numberFormat($story->DisplayElements('trackbacks'));
$trackbacksUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#trackback';
$article->set_var('trackbacks_url', $trackbacksUrl);
$article->set_var('trackbacks_text', $num_trackbacks . ' ' . $LANG_TRB['trackbacks']);
$article->set_var('trackbacks_count', $num_trackbacks);
$article->set_var('lang_trackbacks', $LANG_TRB['trackbacks']);
$article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl));
if (SEC_hasRights('story.ping')) {
$pingurl = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&id=' . $story->getSid();
$pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>';
$article->set_var('send_trackback_icon', COM_createLink($pingico, $pingurl));
}
if ($story->DisplayElements('trackbacks') > 0) {
$article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl));
} else {
$article->set_var('trackbacks_with_count', sprintf($LANG01[122], $num_trackbacks));
}
}
if ($_CONF['hideemailicon'] == 1 || empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
$article->set_var('email_icon', '');
} else {
$emailUrl = $_CONF['site_url'] . '/profiles.php?sid=' . $story->getSid() . '&what=emailstory';
$emailicon = '<img src="' . $_CONF['layout_url'] . '/images/mail.' . $_IMAGE_TYPE . '" alt="' . $LANG01[64] . '" title="' . $LANG11[2] . '"' . XHTML . '>';
$article->set_var('email_icon', COM_createLink($emailicon, $emailUrl));
$article->set_var('email_story_url', $emailUrl);
$article->set_var('lang_email_story', $LANG11[2]);
$article->set_var('lang_email_story_alt', $LANG01[64]);
}
$printUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&mode=print');
if ($_CONF['hideprintericon'] == 1) {
$article->set_var('print_icon', '');
} else {
$printicon = '<img src="' . $_CONF['layout_url'] . '/images/print.' . $_IMAGE_TYPE . '" alt="' . $LANG01[65] . '" title="' . $LANG11[3] . '"' . XHTML . '>';
$article->set_var('print_icon', COM_createLink($printicon, $printUrl, array('rel' => 'nofollow')));
$article->set_var('print_story_url', $printUrl);
$article->set_var('lang_print_story', $LANG11[3]);
$article->set_var('lang_print_story_alt', $LANG01[65]);
}
$article->set_var('story_display', 'index');
$storycounter++;
$article->set_var('story_counter', $storycounter);
}
$article->set_var('article_url', $articleUrl);
$article->set_var('recent_post_anchortag', $recent_post_anchortag);
if ($story->checkAccess() == 3 and SEC_hasrights('story.edit') and $index != 'p') {
$article->set_var('edit_link', COM_createLink($LANG01[4], $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' . $story->getSid()));
$article->set_var('edit_url', $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' . $story->getSid());
$article->set_var('lang_edit_text', $LANG01[4]);
$editicon = $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE;
$editiconhtml = '<img src="' . $editicon . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>';
$article->set_var('edit_icon', COM_createLink($editiconhtml, $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' . $story->getSid()));
$article->set_var('edit_image', $editiconhtml);
}
if ($story->DisplayElements('featured') == 1) {
$article->set_var('lang_todays_featured_article', $LANG05[4]);
$article->parse('story_bodyhtml', 'featuredbodytext', true);
PLG_templateSetVars('featuredstorytext', $article);
$article->parse('finalstory', 'featuredarticle');
} elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE and $story->DisplayElements('expire') <= time()) {
$article->parse('story_bodyhtml', 'archivestorybodytext', true);
PLG_templateSetVars('archivestorytext', $article);
$article->parse('finalstory', 'archivearticle');
} else {
$article->parse('story_bodyhtml', 'bodytext', true);
PLG_templateSetVars('storytext', $article);
$article->parse('finalstory', 'article');
}
return $article->finish($article->get_var('finalstory'));
}
function displayThumb($s, $sortOrder, $force = 0)
{
global $_USER, $_CONF, $_MG_CONF, $MG_albums, $_TABLES, $_MG_USERPREFS, $LANG_MG03, $LANG_MG01, $glversion, $ratedIds;
$retval = '';
$T = new Template(MG_getTemplatePath($this->album_id));
if ($MG_albums[$this->album_id]->display_columns == 1) {
$media_cell_image_template = 'album_page_body_media_cell_1.thtml';
} else {
$media_cell_image_template = 'album_page_body_media_cell.thtml';
}
if ($force) {
$media_cell_image_template = 'album_page_body_media_cell.thtml';
}
$T->set_file(array('media_cell_image' => $media_cell_image_template, 'media_rate_results' => 'album_page_body_media_cell_rating.thtml', 'media_comments' => 'album_page_body_media_cell_comment.thtml', 'media_views' => 'album_page_body_media_cell_view.thtml', 'media_cell_keywords' => 'album_page_body_media_cell_keywords.thtml', 'mp3_podcast' => 'mp3_podcast.thtml'));
$F = new Template($_MG_CONF['template_path']);
$F->set_var('media_frame', $MG_albums[$this->album_id]->imageFrameTemplate);
// --- set the default thumbnail
switch ($this->type) {
case 0:
// standard image
$default_thumbnail = 'tn/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext;
if (!file_exists($_MG_CONF['path_mediaobjects'] . $default_thumbnail)) {
$default_thumbnail = 'tn/' . $this->filename[0] . '/' . $this->filename . '.jpg';
}
break;
case 1:
// video file
switch ($this->mime_type) {
case 'video/x-flv':
$default_thumbnail = 'placeholder_flv.svg';
break;
case 'application/x-shockwave-flash':
$default_thumbnail = 'placeholder_flash.svg';
break;
case 'video/mpeg':
case 'video/x-mpeg':
case 'video/x-mpeq2a':
if ($_MG_CONF['use_wmp_mpeg'] == 1) {
$default_thumbnail = 'placeholder_video.svg';
break;
}
case 'video/x-motion-jpeg':
case 'video/quicktime':
case 'video/x-qtc':
case 'audio/mpeg':
case 'video/x-m4v':
$default_thumbnail = 'placeholder_quicktime.svg';
break;
case 'asf':
case 'video/x-ms-asf':
case 'video/x-ms-asf-plugin':
case 'video/avi':
case 'video/msvideo':
case 'video/x-msvideo':
case 'video/avs-video':
case 'video/x-ms-wmv':
case 'video/x-ms-wvx':
case 'video/x-ms-wm':
case 'application/x-troff-msvideo':
case 'application/x-ms-wmz':
case 'application/x-ms-wmd':
$default_thumbnail = 'placeholder_video.svg';
break;
default:
$default_thumbnail = 'placeholder_video.svg';
break;
}
break;
case 2:
// music file
$default_thumbnail = 'placeholder_audio.svg';
break;
case 4:
// other files
switch ($this->mime_type) {
case 'application/zip':
case 'zip':
case 'arj':
case 'rar':
case 'gz':
$default_thumbnail = 'zip.png';
break;
case 'pdf':
case 'application/pdf':
$default_thumbnail = 'placeholder_pdf.svg';
break;
default:
if (isset($_MG_CONF['dt'][$this->mime_ext])) {
$default_thumbnail = $_MG_CONF['dt'][$this->mime_ext];
} else {
switch ($this->mime_ext) {
case 'pdf':
$default_thumbnail = 'placeholder_pdf.svg';
break;
case 'arj':
$default_thumbnail = 'zip.png';
break;
case 'gz':
$default_thumbnail = 'zip.png';
break;
default:
$default_thumbnail = 'generic.png';
break;
}
}
break;
}
break;
case 5:
case 'embed':
if (preg_match("/youtube/i", $this->remote_url)) {
$default_thumbnail = 'youtube.png';
} else {
if (preg_match("/google/i", $this->remote_url)) {
$default_thumbnail = 'googlevideo.png';
} else {
$default_thumbnail = 'remote.png';
}
}
break;
}
if ($this->tn_attached == 1) {
$media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/' . $default_thumbnail;
$media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . $default_thumbnail;
foreach ($_MG_CONF['validExtensions'] as $ext) {
if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $this->filename[0] . '/tn_' . $this->filename . $ext)) {
$media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/tn/' . $this->filename[0] . '/tn_' . $this->filename . $ext;
$media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . 'tn/' . $this->filename[0] . '/tn_' . $this->filename . $ext;
break;
}
}
} else {
$media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/' . $default_thumbnail;
$media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . $default_thumbnail;
}
// type == 1 video
// type == 2 audio
if (($this->type == 1 || $this->type == 2 || $this->type == 5) && ($MG_albums[$this->album_id]->playback_type == 0 || $MG_albums[$this->album_id]->playback_type == 1) && $_MG_CONF['popup_from_album'] == 1) {
if ($MG_albums[$this->album_id]->playback_type == 0) {
if ($this->type == 2) {
// determine what type of player we will use (WMP, QT or Flash)
$player = $_MG_CONF['mp3_player'];
if (isset($_MG_USERPREFS['mp3_player']) && $_MG_USERPREFS['mp3_player'] != -1) {
$player = $_MG_USERPREFS['mp3_player'];
}
switch ($player) {
case 0:
// WMP
$new_y = 260;
$new_x = 340;
break;
case 1:
// QT
$new_y = 25;
$new_x = 350;
break;
case 2:
$new_y = 360;
$new_x = 580;
break;
}
if ($this->mime_type == 'audio/mpeg') {
$new_y = 360;
$new_x = 580;
}
if ($this->tn_attached == 1 && $player != 2) {
$tnsize = @getimagesize($media_thumbnail_file);
$new_y += $tnsize[0];
if ($tnsize[1] > $new_x) {
$new_x = $tnsize[1];
}
}
if ($MG_albums[$this->album_id]->playback_type == 0) {
$url_display_item = "javascript:showVideo('" . $_MG_CONF['site_url'] . '/video.php?n=' . $this->id . "'," . $new_y . ',' . $new_x . ')';
} else {
$url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
}
$resolution_x = $new_x;
$resolution_y = $new_y;
} else {
// must be a video...
// set the default playback options...
$playback_options['play'] = $_MG_CONF['swf_play'];
$playback_options['menu'] = $_MG_CONF['swf_menu'];
$playback_options['quality'] = $_MG_CONF['swf_quality'];
$playback_options['height'] = $_MG_CONF['swf_height'];
$playback_options['width'] = $_MG_CONF['swf_width'];
$playback_options['loop'] = $_MG_CONF['swf_loop'];
$playback_options['scale'] = $_MG_CONF['swf_scale'];
$playback_options['wmode'] = $_MG_CONF['swf_wmode'];
$playback_options['allowscriptaccess'] = $_MG_CONF['swf_allowscriptaccess'];
$playback_options['bgcolor'] = $_MG_CONF['swf_bgcolor'];
$playback_options['swf_version'] = $_MG_CONF['swf_version'];
$playback_options['flashvars'] = $_MG_CONF['swf_flashvars'];
$poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($this->id) . "'");
while ($poRow = DB_fetchArray($poResult)) {
$playback_options[$poRow['option_name']] = $poRow['option_value'];
}
if ($this->resolution_x > 0) {
$resolution_x = $this->resolution_x;
$resolution_y = $this->resolution_y;
} else {
if ($this->media_resolution_x == 0 && $this->remote_media != 1) {
$size = @filesize($_MG_CONF['path_mediaobjects'] . 'orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext);
// skip files over 8M in size..
if ($size < 8388608) {
$ThisFileInfo = IMG_getMediaMetaData($_MG_CONF['path_mediaobjects'] . 'orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext);
if ($ThisFileInfo['video']['resolution_x'] < 1 || $ThisFileInfo['video']['resolution_y'] < 1) {
if (isset($ThisFileInfo['meta']['onMetaData']['width']) && isset($ThisFileInfo['meta']['onMetaData']['height'])) {
$resolution_x = $ThisFileInfo['meta']['onMetaData']['width'];
$resolution_y = $ThisFileInfo['meta']['onMetaData']['height'];
} else {
$resolution_x = -1;
$resolution_y = -1;
}
} else {
$resolution_x = $ThisFileInfo['video']['resolution_x'];
$resolution_y = $ThisFileInfo['video']['resolution_y'];
}
if ($resolution_x != 0) {
$sql = "UPDATE " . $_TABLES['mg_media'] . " SET media_resolution_x=" . intval($resolution_x) . ",media_resolution_y=" . intval($resolution_y) . " WHERE media_id='" . DB_escapeString($this->id) . "'";
DB_query($sql, 1);
}
}
} else {
$resolution_x = $this->resolution_x;
$resolution_y = $this->resolution_y;
}
}
$resolution_x = $playback_options['width'];
$resolution_y = $playback_options['height'];
if ($resolution_x < 1 || $resolution_y < 1) {
$resolution_x = 480;
$resolution_y = 320;
} else {
$resolution_x = $resolution_x + 40;
$resolution_y = $resolution_y + 40;
}
if ($this->mime_type == 'video/x-flv' && $_MG_CONF['use_flowplayer'] != 1) {
$resolution_x = $resolution_x + 60;
if ($resolution_x < 590) {
$resolution_x = 590;
}
$resolution_y = $resolution_y + 80;
if ($resolution_y < 500) {
$resolution_y = 500;
}
}
if ($this->type == 5) {
$resolution_x = 460;
$resolution_y = 380;
}
$url_display_item = "javascript:showVideo('" . $_MG_CONF['site_url'] . '/video.php?n=' . $this->id . "'," . $resolution_y . ',' . $resolution_x . ')';
}
} else {
$url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
}
// check to see if comments and rating are enabled, if not, put a link to edit...
if ($MG_albums[$this->album_id]->access == 3) {
$T->set_var(array('edit_link' => '<br/><a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=mediaedit&s=1&album_id=' . $this->album_id . '&mid=' . $this->id . '">' . $LANG_MG01['edit'] . '</a>'));
} else {
$T->set_var(array('edit_link' => ''));
}
} else {
if ($MG_albums[$this->album_id]->useAlternate == 1 && $this->type != 5 && !empty($this->remote_url)) {
$url_display_item = $this->remote_url;
} else {
$url_display_item = $_MG_CONF['site_url'] . '/media.php?f=0' . '&sort=' . $sortOrder . '&s=' . $this->id;
}
}
if ($this->type == 4) {
// other
$url_display_item = $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id;
}
if (strstr($media_thumbnail_file, '.svg')) {
$media_size = array($MG_albums[$this->album_id]->tnWidth, $MG_albums[$this->album_id]->tnHeight);
} else {
$media_size = @getimagesize($media_thumbnail_file);
}
if ($media_size == false) {
if ($this->type == 2) {
$default_thumbnail = 'placeholder_audio.svg';
} else {
$default_thumbnail = 'placeholder.svg';
}
$media_thumbnail = $_MG_CONF['mediaobjects_url'] . '/' . $default_thumbnail;
$media_thumbnail_file = $_MG_CONF['path_mediaobjects'] . $default_thumbnail;
$media_size = array($tn_width, $tn_height);
//@getimagesize($media_thumbnail_file);
}
$media_time = MG_getUserDateTimeFormat($this->time);
$upload_time = MG_getUserDateTimeFormat($this->upload_time);
$url_media_item = $url_display_item;
// -- decide what thumbnail size to use, small, medium, large...
if (isset($_MG_USERPREFS['tn_size']) && $_MG_USERPREFS['tn_size'] != -1) {
$tn_size = $_MG_USERPREFS['tn_size'];
} else {
$tn_size = $MG_albums[$this->album_id]->tn_size;
}
switch ($tn_size) {
case '0':
//small
$tn_height = 100;
$tn_width = 100;
break;
case '1':
//medium
$tn_height = 150;
$tn_width = 150;
break;
case '2':
$tn_height = 200;
$tn_width = 200;
break;
case '3':
case '4':
$tn_height = $MG_albums[$this->album_id]->tnHeight;
$tn_width = $MG_albums[$this->album_id]->tnWidth;
if ($tn_height == 0) {
$tn_height = 200;
}
if ($tn_width == 0) {
$tn_width = 200;
}
break;
default:
$tn_height = 150;
$tn_width = 150;
break;
}
if ($media_size[0] > $media_size[1]) {
// landscape
$ratio = $media_size[0] / $tn_width;
$newwidth = $tn_width;
$newheight = round($media_size[1] / $ratio);
} else {
$ratio = $media_size[1] / $tn_height;
if ($ratio == 0) {
$newheight = $tn_height;
$newwidth = $tn_width;
} else {
$newheight = $tn_height;
$newwidth = round($media_size[0] / $ratio);
}
}
if ($media_size[0] > $media_size[1]) {
$ratio = $media_size[0] / 50;
$smallwidth = 50;
$smallheight = round($media_size[1] / $ratio);
} else {
$ratio = $media_size[1] / 50;
if ($ratio == 0) {
$smallheight = 50;
$smallwidth = 50;
} else {
$smallheight = 50;
$smallwidth = round($media_size[0] / $ratio);
}
}
if ($this->owner_id != "" && $this->owner_id > 1) {
$username = DB_getItem($_TABLES['users'], 'username', "uid=" . intval($this->owner_id));
} else {
$username = '******';
}
if (!isset($resolution_x)) {
$resolution_x = $newwidth;
}
if (!isset($resolution_y)) {
$resolution_y = $newheight;
}
if ($this->mime_type == 'audio/mpeg' && $MG_albums[$this->album_id]->mp3ribbon) {
$T->set_var(array('mp3_file' => $_MG_CONF['mediaobjects_url'] . '/orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext, 'site_url' => $_MG_CONF['site_url'], 'id' => $this->mime_ext . rand()));
$T->parse('mp3_podcast', 'mp3_podcast');
} else {
$T->set_var(array('mp3_podcast' => ''));
}
/*
* build the small rating bar
*
*/
if ($MG_albums[$this->album_id]->enable_rating > 0) {
$uid = COM_isAnonUser() ? 1 : $_USER['uid'];
$static = false;
// check to see if we are the owner, if so, no rating for us...
if (isset($_USER['uid']) && $_USER['uid'] == $this->owner_id) {
$static = true;
$voted = 0;
} else {
if (in_array($this->id, $ratedIds)) {
$static = true;
$voted = 1;
} else {
$static = 0;
$voted = 0;
}
}
if ($MG_albums[$this->album_id]->enable_rating == 1 && COM_isAnonUser()) {
$static = true;
}
if ($_MG_CONF['use_large_stars'] == 1) {
$starSize = '';
} else {
$starSize = 'sm';
}
$rating_box = RATING_ratingBar('mediagallery', $this->id, $this->votes, $this->rating, $voted, 5, $static, $starSize);
} else {
$rating_box = '';
}
$T->set_var('rating_box', '<center>' . $rating_box . '</center>');
$fs_bytes = @filesize($_MG_CONF['path_mediaobjects'] . 'orig/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext);
$fileSize = MG_get_size($fs_bytes);
$direct_url = 'disp/' . $this->filename[0] . '/' . $this->filename . '.' . $this->mime_ext;
if (!file_exists($_MG_CONF['path_mediaobjects'] . $direct_url)) {
$direct_url = 'disp/' . $this->filename[0] . '/' . $this->filename . '.jpg';
}
if ($MG_albums[$this->album_id]->access == 3) {
$edit_item = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=mediaedit&s=1&album_id=' . $this->album_id . '&mid=' . $this->id . '">' . $LANG_MG01['edit'] . '</a>';
} else {
$edit_item = '';
}
$L = new Template(MG_getTemplatePath($this->album_id));
$L->set_file('media_link', 'medialink.thtml');
$L->set_var('href', $url_media_item);
if ($this->type == 0) {
if ($this->remote == 1) {
$L->set_var('hrefdirect', $this->remote_url);
} else {
$L->set_var('hrefdirect', $_MG_CONF['mediaobjects_url'] . '/' . $direct_url);
}
}
$caption = PLG_replaceTags(str_replace('$', '$', $this->title), 'mediagallery', 'media_description');
if ($this->owner_id == $_USER['uid'] || SEC_hasRights('mediagallery.admin')) {
$caption .= '<br />(' . $this->id . ')';
}
$L->set_var('caption', $caption);
$L->set_var('id', 'id' . rand());
$L->parse('media_link_start', 'media_link');
$media_start_link = $L->finish($L->get_var('media_link_start'));
$T->set_var(array('play_now' => '', 'download_now' => $_MG_CONF['site_url'] . '/download.php?mid=' . $this->id, 'play_in_popup' => "javascript:showVideo('" . $_MG_CONF['site_url'] . '/video.php?n=' . $this->id . "'," . $resolution_y . ',' . $resolution_x . ')', 'row_height' => $tn_height + 40, 'media_title' => PLG_replaceTags($this->title, 'mediagallery', 'media_title'), 'media_description' => PLG_replaceTags(nl2br($this->description), 'mediagallery', 'media_description'), 'media_tag' => strip_tags($this->title), 'media_time' => $media_time[0], 'upload_time' => $upload_time[0], 'media_owner' => $username, 'site_url' => $_MG_CONF['site_url'], 'lang_published' => $LANG_MG03['published'], 'lang_on' => $LANG_MG03['on'], 'lang_hyphen' => $this->album == '' ? '' : '-', 'media_link_start' => $media_start_link, 'media_link_end' => '</a>', 'artist' => $this->artist, 'musicalbum' => $this->album != '' ? $this->album : '', 'genre' => $this->genre != '' ? $this->genre : '', 'alt_edit_link' => $edit_item, 'filesize' => $fileSize, 'media_id' => $this->id, 'raw_media_thumbnail' => $media_thumbnail, 'display_url' => $url_media_item));
// frame template variables
$F->set_var(array('media_id' => $this->id, 'media_link_start' => $media_start_link, 'media_link_end' => '</a>', 'url_media_item' => $url_media_item, 'url_display_item' => $url_display_item, 'media_thumbnail' => $media_thumbnail, 'media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"', 'media_height' => $newheight, 'media_width' => $newwidth, 'border_width' => $newwidth + 15, 'border_height' => $newheight + 15, 'row_height' => $tn_height + 40, 'frWidth' => $newwidth - $MG_albums[$this->album_id]->frWidth, 'frHeight' => $newheight - $MG_albums[$this->album_id]->frHeight, 'media_tag' => strip_tags($this->description), 'filesize' => $fileSize));
$F->parse('media', 'media_frame');
$media_item_thumbnail = $F->finish($F->get_var('media'));
$T->set_var(array('media_item_thumbnail' => $media_item_thumbnail, 'url_media_item' => $url_media_item, 'url_display_item' => $url_display_item, 'media_thumbnail' => $media_thumbnail, 'media_size' => 'width="' . $newwidth . '" height="' . $newheight . '"'));
if ($MG_albums[$this->album_id]->enable_keywords) {
if (!empty($this->keywords)) {
$kwText = '';
$keyWords = array();
$keyWords = explode(' ', $this->keywords);
$numKeyWords = count($keyWords);
for ($i = 0; $i < $numKeyWords; $i++) {
$keyWords[$i] = str_replace('"', ' ', $keyWords[$i]);
$searchKeyword = $keyWords[$i];
$keyWords[$i] = str_replace('_', ' ', $keyWords[$i]);
$kwText .= '<a href="' . $_MG_CONF['site_url'] . '/search.php?mode=search&swhere=1&keywords=' . $searchKeyword . '&keyType=any">' . $keyWords[$i] . '</a> ';
}
$T->set_var(array('media_keywords' => $kwText, 'lang_keywords' => $LANG_MG01['keywords']));
$T->parse('media_cell_keywords', 'media_cell_keywords');
} else {
$T->set_var('lang_keywords', '');
}
} else {
$T->set_var(array('media_cell_keywords' => '', 'lang_keywords' => ''));
}
if ($MG_albums[$this->album_id]->enable_rating) {
$rating = $LANG_MG03['rating'] . ': <strong> ' . $this->rating / 2 . '</strong>/5 (' . $this->votes . ' ' . $LANG_MG03['votes'] . ')';
$T->set_var('media_rating', $rating);
$T->parse('media_rate_results', 'media_rate_results');
}
if ($MG_albums[$this->album_id]->enable_comments) {
if ($this->type == 4 || $this->type == 1 && $MG_albums[$this->album_id]->playback_type != 2 || $this->type == 2 && $MG_albums[$this->album_id]->playback_type != 2 || $this->type == 5 && $MG_albums[$this->album_id]->playback_type != 2) {
$cmtLink = '<a href="' . $_MG_CONF['site_url'] . '/media.php?f=0' . '&sort=' . $sortOrder . '&s=' . $this->id . '">' . $LANG_MG03['comments'] . '</a>';
$cmtLink_alt = '';
} else {
$cmtLink = $LANG_MG03['comments'];
$cmtLink_alt = '<a href="' . $_MG_CONF['site_url'] . '/media.php?f=0' . '&sort=' . $sortOrder . '&s=' . $this->id . '">' . $LANG_MG03['comments'] . '</a>';
}
$T->set_var(array('media_comments_count' => $this->comments, 'lang_comments' => $cmtLink, 'lang_comments_hot' => $cmtLink_alt));
$T->parse('media_comments', 'media_comments');
}
if ($MG_albums[$this->album_id]->enable_views) {
$T->set_var(array('media_views_count' => $this->views, 'lang_views' => $LANG_MG03['views']));
$T->parse('media_views', 'media_views');
}
$T->set_var(array('max-width' => $tn_width));
PLG_templateSetVars('mediagallery', $T);
$T->parse('media_cell', 'media_cell_image');
$retval = $T->finish($T->get_var('media_cell'));
return $retval;
}
/**
* Shows the user their menu options
*
* This shows the average Joe User their menu options. This is the user block on the left side
*
* @param string $help Help file to show
* @param string $title Title of Menu
* @param string $position Side being shown on 'left', 'right'. Though blank works not likely.
* @see function COM_adminMenu
*
*/
function COM_userMenu($help = '', $title = '', $position = '')
{
global $_TABLES, $_CONF, $LANG01, $LANG04, $_BLOCK_TEMPLATE;
$retval = '';
if (!COM_isAnonUser()) {
$usermenu = COM_newTemplate($_CONF['path_layout']);
if (isset($_BLOCK_TEMPLATE['useroption'])) {
$templates = explode(',', $_BLOCK_TEMPLATE['useroption']);
$usermenu->set_file(array('option' => $templates[0], 'current' => $templates[1]));
} else {
$usermenu->set_file(array('option' => 'useroption.thtml', 'current' => 'useroption_off.thtml'));
}
$usermenu->set_var('block_name', str_replace('_', '-', 'user_block'));
if (empty($title)) {
$title = DB_getItem($_TABLES['blocks'], 'title', "name='user_block'");
}
// what's our current URL?
$thisUrl = COM_getCurrentURL();
$retval .= COM_startBlock($title, $help, COM_getBlockTemplate('user_block', 'header', $position));
// This function will show the user options for all installed plugins
// (if any)
$plugin_options = PLG_getUserOptions();
$nrows = count($plugin_options);
for ($i = 0; $i < $nrows; $i++) {
$plg = current($plugin_options);
$usermenu->set_var('option_label', $plg->adminlabel);
if (!empty($plg->numsubmissions)) {
$usermenu->set_var('option_count', '(' . $plg->numsubmissions . ')');
} else {
$usermenu->set_var('option_count', '');
}
$usermenu->set_var('option_url', $plg->adminurl);
if ($thisUrl == $plg->adminurl) {
$retval .= $usermenu->parse('item', 'current');
} else {
$retval .= $usermenu->parse('item', 'option');
}
next($plugin_options);
}
$url = $_CONF['site_url'] . '/usersettings.php';
$usermenu->set_var('option_label', $LANG01[48]);
$usermenu->set_var('option_count', '');
$usermenu->set_var('option_url', $url);
if ($thisUrl == $url) {
$retval .= $usermenu->parse('item', 'current');
} else {
$retval .= $usermenu->parse('item', 'option');
}
$url = $_CONF['site_url'] . '/users.php?mode=logout';
$usermenu->set_var('option_label', $LANG01[19]);
$usermenu->set_var('option_count', '');
$usermenu->set_var('option_url', $url);
$retval .= $usermenu->finish($usermenu->parse('item', 'option'));
$retval .= COM_endBlock(COM_getBlockTemplate('user_block', 'footer', $position));
} else {
$retval .= COM_startBlock($LANG01[47], $help, COM_getBlockTemplate('user_block', 'header', $position));
$login = COM_newTemplate($_CONF['path_layout']);
$login->set_file('form', 'loginform.thtml');
$login->set_var('lang_username', $LANG01[21]);
$login->set_var('lang_password', $LANG01[57]);
$login->set_var('lang_forgetpassword', $LANG01[119]);
$login->set_var('lang_login', $LANG01[58]);
if ($_CONF['disable_new_user_registration']) {
$login->set_var('lang_signup', '');
} else {
$login->set_var('lang_signup', $LANG01[59]);
}
// 3rd party remote authentification.
if ($_CONF['user_login_method']['3rdparty'] && !$_CONF['usersubmission']) {
$modules = SEC_collectRemoteAuthenticationModules();
if (count($modules) == 0) {
$user_templates->set_var('services', '');
} else {
if (!$_CONF['user_login_method']['standard'] && count($modules) == 1) {
$select = '<input type="hidden" name="service" value="' . $modules[0] . '"' . XHTML . '>' . $modules[0];
} else {
// Build select
$select = '<select name="service" id="service">';
if ($_CONF['user_login_method']['standard']) {
$select .= '<option value="">' . $_CONF['site_name'] . '</option>';
}
foreach ($modules as $service) {
$select .= '<option value="' . $service . '">' . $service . '</option>';
}
$select .= '</select>';
}
$login->set_file('services', 'blockservices.thtml');
$login->set_var('lang_service', $LANG04[121]);
$login->set_var('select_service', $select);
$login->parse('output', 'services');
$login->set_var('services', $login->finish($login->get_var('output')));
}
} else {
$login->set_var('services', '');
}
// OpenID remote authentification.
if ($_CONF['user_login_method']['openid'] && $_CONF['usersubmission'] == 0 && !$_CONF['disable_new_user_registration']) {
$login->set_file('openid_login', 'loginform_openid.thtml');
$login->set_var('lang_openid_login', $LANG01[128]);
$login->set_var('input_field_size', 18);
$login->set_var('app_url', $_CONF['site_url'] . '/users.php');
$login->parse('output', 'openid_login');
$login->set_var('openid_login', $login->finish($login->get_var('output')));
} else {
$login->set_var('openid_login', '');
}
// OAuth remote authentification.
if ($_CONF['user_login_method']['oauth'] && $_CONF['usersubmission'] == 0 && !$_CONF['disable_new_user_registration']) {
$modules = SEC_collectRemoteOAuthModules();
if (count($modules) == 0) {
$login->set_var('oauth_login', '');
} else {
$html_oauth = '';
foreach ($modules as $service) {
$login->set_file('oauth_login', 'loginform_oauth.thtml');
$login->set_var('oauth_service', $service);
// for sign in image
$login->set_var('oauth_sign_in_image', $_CONF['site_url'] . '/images/login-with-' . $service . '.png');
$login->set_var('oauth_sign_in_image_style', '');
$login->parse('output', 'oauth_login');
$html_oauth .= $login->finish($login->get_var('output'));
}
$login->set_var('oauth_login', $html_oauth);
}
} else {
$login->set_var('oauth_login', '');
}
PLG_templateSetVars('loginblock', $login);
$retval .= $login->finish($login->parse('output', 'form'));
$retval .= COM_endBlock(COM_getBlockTemplate('user_block', 'footer', $position));
}
return $retval;
}
/**
* Display form to email a story to someone.
*
* @param string $sid ID of article to email
* @return string HTML for email story form
*
*/
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG08, $LANG_LOGIN;
require_once $_CONF['path_system'] . 'lib-story.php';
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
$retval = COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$login = new Template($_CONF['path_layout'] . 'submit');
$login->set_file(array('login' => 'submitloginrequired.thtml'));
$login->set_var('xhtml', XHTML);
$login->set_var('site_url', $_CONF['site_url']);
$login->set_var('site_admin_url', $_CONF['site_admin_url']);
$login->set_var('layout_url', $_CONF['layout_url']);
$login->set_var('login_message', $LANG_LOGIN[2]);
$login->set_var('lang_login', $LANG_LOGIN[3]);
$login->set_var('lang_newuser', $LANG_LOGIN[4]);
$login->parse('output', 'login');
$retval .= $login->finish($login->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
return $retval;
}
$story = new Story();
$result = $story->loadFromDatabase($sid, 'view');
if ($result != STORY_LOADED_OK) {
return COM_refresh($_CONF['site_url'] . '/index.php');
}
if ($msg > 0) {
$retval .= COM_showMessage($msg);
}
if (empty($from) && empty($fromemail)) {
if (!COM_isAnonUser()) {
$from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
$fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
}
}
$mail_template = new Template($_CONF['path_layout'] . 'profiles');
$mail_template->set_file('form', 'contactauthorform.thtml');
$mail_template->set_var('xhtml', XHTML);
$mail_template->set_var('site_url', $_CONF['site_url']);
$mail_template->set_var('site_admin_url', $_CONF['site_admin_url']);
$mail_template->set_var('layout_url', $_CONF['layout_url']);
$mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
$mail_template->set_var('lang_title', $LANG08[31]);
$mail_template->set_var('story_title', $story->displayElements('title'));
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
$mail_template->set_var('story_url', $url);
$link = COM_createLink($story->displayElements('title'), $url);
$mail_template->set_var('story_link', $link);
$mail_template->set_var('lang_fromname', $LANG08[20]);
$mail_template->set_var('name', $from);
$mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
$mail_template->set_var('email', $fromemail);
$mail_template->set_var('lang_toname', $LANG08[18]);
$mail_template->set_var('toname', $to);
$mail_template->set_var('lang_toemailaddress', $LANG08[19]);
$mail_template->set_var('toemail', $toemail);
$mail_template->set_var('lang_cc', $LANG08[36]);
$mail_template->set_var('lang_cc_description', $LANG08[37]);
$mail_template->set_var('lang_shortmessage', $LANG08[27]);
$mail_template->set_var('shortmsg', htmlspecialchars($shortmsg));
$mail_template->set_var('lang_warning', $LANG08[22]);
$mail_template->set_var('lang_sendmessage', $LANG08[16]);
$mail_template->set_var('story_id', $sid);
$mail_template->set_var('end_block', COM_endBlock());
PLG_templateSetVars('emailstory', $mail_template);
$mail_template->parse('output', 'form');
$retval .= $mail_template->finish($mail_template->get_var('output'));
return $retval;
}
/**
* Displays the comment form
*
* @param string $title Title of comment
* @param string $comment Text of comment
* @param string $sid ID of object comment belongs to
* @param int $pid ID of parent comment
* @param string $type Type of object comment is posted to
* @param string $mode Mode, e.g. 'preview'
* @param string $postmode Indicates if comment is plain text or HTML
* @return string HTML for comment form
*
*/
function CMT_commentForm($title, $comment, $sid, $pid = '0', $type, $mode, $postmode)
{
global $_CONF, $_TABLES, $_USER, $LANG03, $LANG12, $LANG_LOGIN, $LANG_ACCESS;
$retval = '';
$cid = 0;
$edit_comment = '';
$filter = sanitizer::getInstance();
$AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']);
$filter->setAllowedelements($AllowedElements);
$filter->setNamespace('glfusion', 'comment');
// never trust $uid ...
if (COM_isAnonUser()) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
$commentuid = $uid;
if (($mode == 'edit' || $mode == 'preview_edit') && isset($_REQUEST['cid'])) {
$cid = COM_applyFilter($_REQUEST['cid']);
$commentuid = DB_getItem($_TABLES['comments'], 'uid', "cid = " . (int) $cid);
}
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
$retval .= SEC_loginRequiredForm();
return $retval;
} else {
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
$last = 0;
if ($mode != 'edit' && $mode != 'preview' && $mode != 'preview_new' && $mode != 'preview_edit') {
//not edit mode or preview changes
$last = COM_checkSpeedlimit('comment');
}
if ($last > 0) {
$retval .= COM_showMessageText($LANG03[7] . $last . $LANG03[8], $LANG12[26], false);
} else {
if (empty($postmode)) {
$postmode = $_CONF['comment_postmode'];
}
$AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']);
$filter->setPostmode($postmode);
$filter->setCensorData(true);
$filter->setAllowedElements($AllowedElements);
$comment = $filter->filterHTML($comment);
$display_comment = $filter->displayText($comment);
$edit_comment = $filter->editableText($comment);
$filter->setPostmode('text');
$title = $filter->displayText($title);
$title = $filter->editableText($title);
$filter->setPostmode($postmode);
$_POST['title'] = $title;
$_POST['comment'] = $display_comment;
// Preview mode:
if (($mode == $LANG03[14] || $mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') && !empty($title) && !empty($comment)) {
$start = new Template($_CONF['path_layout'] . 'comment');
$start->set_file(array('comment' => 'startcomment.thtml'));
$start->set_var('hide_if_preview', 'style="display:none"');
// Clean up all the vars
$A = array();
foreach ($_POST as $key => $value) {
if ($key == 'pid' || $key == 'cid') {
$A[$key] = (int) COM_applyFilter($_POST[$key], true);
} else {
if ($key == 'title' || $key == 'comment') {
// these have already been filtered above
$A[$key] = $_POST[$key];
} else {
if ($key == 'username') {
$A[$key] = @htmlspecialchars(COM_checkWords(strip_tags($_POST[$key])), ENT_QUOTES, COM_getEncodingt());
} else {
$A[$key] = COM_applyFilter($_POST[$key]);
}
}
}
}
//correct time and username for edit preview
if ($mode == 'preview' || $mode == 'preview_new' || $mode == 'preview_edit') {
$A['nice_date'] = DB_getItem($_TABLES['comments'], 'UNIX_TIMESTAMP(date)', "cid = " . (int) $cid);
if ($_USER['uid'] != $commentuid) {
$A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $commentuid);
}
}
if (empty($A['username'])) {
$A['username'] = DB_getItem($_TABLES['users'], 'username', "uid = " . (int) $uid);
}
$author_id = PLG_getItemInfo($type, $sid, 'author');
$thecomments = CMT_getComment($A, 'flat', $type, 'ASC', false, true, 0, $author_id);
$start->set_var('comments', $thecomments);
$retval .= '<a name="comment_entry"></a>';
$retval .= COM_startBlock($LANG03[14]) . $start->finish($start->parse('output', 'comment')) . COM_endBlock();
} else {
if ($mode == 'preview_new' || $mode == 'preview_edit') {
$retval .= COM_showMessageText($LANG03[12], $LANG03[17], true);
$mode = 'error';
}
}
$comment_template = new Template($_CONF['path_layout'] . 'comment');
$comment_template->set_file('form', 'commentform.thtml');
if ($mode == 'preview_new') {
$comment_template->set_var('mode', 'new');
$comment_template->set_var('show_anchor', '');
} else {
if ($mode == 'preview_edit') {
$comment_template->set_var('mode', 'edit');
$comment_template->set_var('show_anchor', '');
} else {
$comment_template->set_var('mode', $mode);
$comment_template->set_var('show_anchor', 1);
}
}
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
if ($_CONF['show_fullname'] == 1) {
$comment_template->set_var('lang_username', $LANG_ACCESS['name']);
} else {
$comment_template->set_var('lang_username', $LANG03[5]);
}
$comment_template->set_var('sid', $sid);
$comment_template->set_var('pid', $pid);
$comment_template->set_var('type', $type);
if ($mode == 'edit' || $mode == 'preview_edit') {
//edit modes
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[41]));
$comment_template->set_var('cid', '<input type="hidden" name="cid" value="' . @htmlspecialchars(COM_applyFilter($_REQUEST['cid']), ENT_COMPAT, COM_getEncodingt()) . '"/>');
} else {
$comment_template->set_var('start_block_postacomment', COM_startBlock($LANG03[1]));
$comment_template->set_var('cid', '');
}
$comment_template->set_var('CSRF_TOKEN', SEC_createToken());
$comment_template->set_var('token_name', CSRF_TOKEN);
if (!COM_isAnonUser()) {
$comment_template->set_var('uid', $_USER['uid']);
$name = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
$comment_template->set_var('username', $name);
$comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=logout');
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[03]);
$comment_template->set_var('username_disabled', 'disabled="disabled"');
$comment_template->set_var('suballowed', true);
$isSub = 0;
if ($mode == 'preview_edit' || $mode == 'preview_new') {
$isSub = isset($_POST['subscribe']) ? 1 : 0;
} else {
if (PLG_isSubscribed('comment', $type, $sid)) {
$isSub = 1;
}
}
if ($isSub == 0) {
$subchecked = '';
} else {
$subchecked = 'checked="checked"';
}
$comment_template->set_var('subchecked', $subchecked);
} else {
//Anonymous user
$comment_template->set_var('uid', 1);
if (isset($_POST['username'])) {
$name = $filter->sanitizeUsername(COM_applyFilter($_POST['username']));
//for preview
} else {
$name = $LANG03[24];
//anonymous user
}
$usernameblock = '<input type="text" name="username" size="16" value="' . $name . '" maxlength="32"/>';
$comment_template->set_var('username', $name);
// $usernameblock);
$comment_template->set_var('action_url', $_CONF['site_url'] . '/users.php?mode=new');
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
$comment_template->set_var('username_disabled', '');
}
if ($postmode == 'html') {
$comment_template->set_var('htmlmode', true);
}
$comment_template->set_var('lang_title', $LANG03[16]);
$comment_template->set_var('title', @htmlspecialchars($title, ENT_COMPAT, COM_getEncodingt()));
$comment_template->set_var('lang_comment', $LANG03[9]);
$comment_template->set_var('comment', $edit_comment);
$comment_template->set_var('lang_postmode', $LANG03[2]);
$comment_template->set_var('postmode', $postmode);
$comment_template->set_var('postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $postmode));
$comment_template->set_var('allowed_html', $filter->getAllowedHTML() . '<br/>' . COM_AllowedAutotags('', false, 'glfusion', 'comment'));
$comment_template->set_var('lang_importantstuff', $LANG03[18]);
$comment_template->set_var('lang_instr_line1', $LANG03[19]);
$comment_template->set_var('lang_instr_line2', $LANG03[20]);
$comment_template->set_var('lang_instr_line3', $LANG03[21]);
$comment_template->set_var('lang_instr_line4', $LANG03[22]);
$comment_template->set_var('lang_instr_line5', $LANG03[23]);
if ($mode == 'edit' || $mode == 'preview_edit') {
//editing comment or preview changes
$comment_template->set_var('lang_preview', $LANG03[28]);
} else {
//new comment
$comment_template->set_var('lang_preview', $LANG03[14]);
}
if (function_exists('msg_replaceEmoticons')) {
$comment_template->set_var('smilies', msg_showsmilies());
}
$comment_template->unset_var('save_type');
PLG_templateSetVars('comment', $comment_template);
if ($mode == 'preview_edit' || $mode == 'edit' && $_CONF['skip_preview'] == 1) {
//for editing
$comment_template->set_var('save_type', 'saveedit');
$comment_template->set_var('lang_save', $LANG03[29]);
$comment_template->set_var('save_option', '<input type="submit" name="saveedit" value="' . $LANG03[29] . '"/>');
} elseif ($_CONF['skip_preview'] == 1 || $mode == 'preview_new') {
//new comment
$comment_template->set_var('save_type', 'savecomment');
$comment_template->set_var('lang_save', $LANG03[11]);
$comment_template->set_var('save_option', '<input type="submit" name="savecomment" value="' . $LANG03[11] . '"/>');
}
$comment_template->set_var('end_block', COM_endBlock());
$comment_template->parse('output', 'form');
$retval .= $comment_template->finish($comment_template->get_var('output'));
}
}
return $retval;
}