<?php
/// Copyright (c) 2004-2012, Needlworks / Tatter Network Foundation
/// All rights reserved. Licensed under the GPL.
/// See the GNU General Public License for more details. (/documents/LICENSE, /documents/COPYRIGHT)
$IV = array('POST' => array('group' => array('int'), 'url' => array('url')));
require ROOT . '/library/preprocessor.php';
requireStrictRoute();
if (strpos($_POST['url'], 'http://') !== 0) {
$_POST['url'] = 'http://' . $_POST['url'];
}
$result = array('error' => addFeed(getBlogId(), $_POST['group'], $_POST['url']));
ob_start();
printFeeds($blogid, $_POST['group']);
$result['view'] = escapeCData(ob_get_contents());
ob_end_clean();
Respond::PrintResult($result);
function importOPMLFromFile($blogid, $xml)
{
global $database, $service;
$xmls = new XMLStruct();
if (!$xmls->open($xml, $service['encoding'])) {
return array(1, null);
}
if ($xmls->getAttribute('/opml/body/outline', 'title')) {
$result = array(0, 0);
for ($i = 0; $xmls->getAttribute("/opml/body/outline[{$i}]", 'title'); $i++) {
if ($xmls->getAttribute("/opml/body/outline[{$i}]", 'xmlUrl')) {
$result[addFeed($blogid, $group = 0, $xmls->getAttribute("/opml/body/outline[{$i}]", 'xmlUrl'), false, $xmls->getAttribute("/opml/body/outline[{$i}]", 'htmlUrl'), $xmls->getAttribute("/opml/body/outline[{$i}]", 'title'), $xmls->getAttribute("/opml/body/outline[{$i}]", 'description'))] += 1;
}
for ($j = 0; $xmls->getAttribute("/opml/body/outline[{$i}]/outline[{$j}]", 'title'); $j++) {
if ($xmls->getAttribute("/opml/body/outline[{$i}]/outline[{$j}]", 'xmlUrl')) {
$result[addFeed($blogid, $group = 0, $xmls->getAttribute("/opml/body/outline[{$i}]/outline[{$j}]", 'xmlUrl'), false, $xmls->getAttribute("/opml/body/outline[{$i}]/outline[{$j}]", 'htmlUrl'), $xmls->getAttribute("/opml/body/outline[{$i}]/outline[{$j}]", 'title'), $xmls->getAttribute("/opml/body/outline[{$i}]/outline[{$j}]", 'description'))] += 1;
}
}
}
} else {
return array(2, null);
}
return array(0, array('total' => array_sum($result), 'success' => $result[0]));
}
/**
* Function used to create collections
*/
function create_collection($array = NULL)
{
global $db, $userquery;
if ($array == NULL) {
$array = $_POST;
}
if (is_array($_FILES)) {
$array = array_merge($array, $_FILES);
}
$this->validate_form_fields($array);
if (!error()) {
$fields = $this->load_required_fields($array);
$collection_fields = array_merge($fields, $this->load_other_fields($array));
if (count($this->custom_collection_fields) > 0) {
$collection_fields = array_merge($collection_fields, $this->custom_collection_fields);
}
foreach ($collection_fields as $field) {
$name = formObj::rmBrackets($field['name']);
$val = $array[$name];
if ($field['use_func_val']) {
$val = $field['validate_function']($val);
}
if (!empty($field['db_field'])) {
$query_field[] = $field['db_field'];
}
if (is_array($val)) {
$new_val = '';
foreach ($val as $v) {
$new_val .= "#" . $v . "# ";
}
$val = $new_val;
}
if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) {
$val = $val;
} else {
$val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val));
}
if (!empty($field['db_field'])) {
$query_val[] = $val;
}
}
// date_added
$query_field[] = "date_added";
$query_val[] = NOW();
// user
$query_field[] = "userid";
if ($array['userid']) {
$query_val[] = $userid = $array['userid'];
} else {
$query_val[] = $userid = userid();
}
// active
$query_field[] = "active";
$query_val[] = "yes";
// type
$query_field[] = 'type';
$query_val[] = 'photos';
$insert_id = $db->insert(tbl($this->section_tbl), $query_field, $query_val);
addFeed(array('action' => 'add_collection', 'object_id' => $insert_id, 'object' => 'collection'));
//Incrementing usr collection
$db->update(tbl("users"), array("total_collections"), array("|f|total_collections+1"), " userid='" . $userid . "'");
e(lang("collect_added_msg"), "m");
return $insert_id;
}
}
/**
* Function used to create new groups
* @Author : Fawaz Tahir, Arslan Hassan
* @Params : array { Group Input Details }
* @since : 15 December 2009
*/
function create_group($array, $user = false, $redirect_to_group = false)
{
global $db;
if ($array == NULL) {
$array = $_POST;
}
if (is_array($_FILES)) {
$array = array_merge($array, $_FILES);
}
$this->validate_form_fields($array);
if (!error()) {
$group_fields = $this->load_required_fields($array);
$group_fields = array_merge($group_fields, $this->load_other_fields());
//Adding Custom Signup Fields
if (count($this->custom_group_fields) > 0) {
$group_fields = array_merge($group_fields, $this->custom_group_fields);
}
foreach ($group_fields as $field) {
$name = formObj::rmBrackets($field['name']);
$val = $array[$name];
if ($field['use_func_val']) {
$val = $field['validate_function']($val);
}
if (!empty($field['db_field'])) {
$query_field[] = $field['db_field'];
}
if (is_array($val)) {
$new_val = '';
foreach ($val as $v) {
$new_val .= "#" . $v . "# ";
}
$val = $new_val;
}
if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) {
$val = $val;
} else {
$val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val));
}
if (!empty($field['db_field'])) {
$query_val[] = $val;
}
}
}
if (!error()) {
//UID
$query_field[] = "userid";
$query_val[] = $user;
//DATE ADDED
$query_field[] = "date_added";
$query_val[] = now();
$query_field[] = "total_members";
$query_val[] = 1;
//Inserting IN Database now
$db->insert(tbl($this->gp_tbl), $query_field, $query_val);
$insert_id = $db->insert_id();
//Owner Joiing Group
ignore_errors();
$db->insert(tbl($this->gp_mem_tbl), array("group_id", "userid", "date_added", "active"), array($insert_id, $user, now(), 'yes'));
//$this->join_group($insert_id,$user,false);
//Updating User Total Groups
$this->update_user_total_groups($user);
//Adding Feed
addFeed(array('action' => 'create_group', 'object_id' => $insert_id, 'object' => 'group'));
//Updating Group Thumb
if (!empty($array['thumb_file']['tmp_name'])) {
$this->create_group_image($insert_id, $array['thumb_file']);
}
if ($redirect_to_group) {
$grp_details = $this->get_details($insert_id);
redirect_to(group_link(array('details' => $grp_details)));
}
//loggin Upload
$log_array = array('success' => 'yes', 'action_obj_id' => $insert_id, 'details' => "created new group");
insert_log('add_group', $log_array);
return $insert_id;
}
}
function insert_photo($array = NULL)
{
global $db, $eh;
if ($array == NULL) {
$array = $_POST;
}
if (is_array($_FILES)) {
$array = array_merge($array, $_FILES);
}
$this->validate_form_fields($array);
if (!error()) {
$forms = $this->load_required_forms($array);
$oForms = $this->load_other_forms($array);
$FullForms = array_merge($forms, $oForms);
foreach ($FullForms as $field) {
$name = formObj::rmBrackets($field['name']);
$val = $array[$name];
if ($field['use_func_val']) {
$val = $field['validate_function']($val);
}
if (!empty($field['db_field'])) {
$query_field[] = $field['db_field'];
}
if (is_array($val)) {
$new_val = '';
foreach ($val as $v) {
$new_val .= "#" . $v . "# ";
}
$val = $new_val;
}
if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) {
$val = $val;
} else {
$val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val));
}
if (empty($val) && !empty($field['default_value'])) {
$val = $field['default_value'];
}
if (!empty($field['db_field'])) {
$query_val[] = $val;
}
}
$query_field[] = "userid";
if (!$array['userid']) {
$userid = userid();
$query_val[] = $userid;
} else {
$query_val[] = $array['userid'];
$userid = $array['userid'];
}
$query_field[] = "date_added";
$query_val[] = NOW();
$query_field[] = "owner_ip";
$query_val[] = $_SERVER['REMOTE_ADDR'];
$query_field[] = "ext";
$query_val[] = $array['ext'];
$query_field[] = "photo_key";
//$query_val[] = $array['photo_key'];
$query_val[] = $this->photo_key();
$query_field[] = "filename";
$query_val[] = $array['filename'];
if ($array['server_url'] && $array['server_url'] != "undefined") {
$query_field[] = "server_url";
$query_val[] = $array['server_url'];
}
if ($array['folder'] && $array['folder'] != "undefined") {
$query_field[] = "file_directory";
$query_val[] = $array['folder'];
}
if ($array['is_avatar'] == true) {
$query_field[] = 'is_avatar';
$query_val[] = true;
}
$insert_id = $db->insert(tbl($this->p_tbl), $query_field, $query_val);
$photo = $this->get_photo($insert_id);
$this->collection->add_collection_item($insert_id, $photo['collection_id']);
/*
* EXIF should be added here
*/
/* insert_exif_data( $photo ); */
/*
* Extract colors
*/
/* insert_photo_colors( $photo ); */
/* if ( !$array['server_url'] || $array['server_url'] == 'undefined' )
$this->generate_photos( $photo );*/
//$eh->flush();
e(sprintf(lang("photo_is_saved_now"), $photo['photo_title']), "m");
$db->update(tbl("users"), array("total_photos"), array("|f|total_photos+1"), " userid='" . $userid . "'");
//Adding Photo Feed
addFeed(array('action' => 'upload_photo', 'object_id' => $insert_id, 'object' => 'photo'));
return $insert_id;
}
}
}
$args = parseArgs($argv);
$indexCounter = 0;
if (isset($args['h'])) {
echoHelp($argv);
exit(0);
}
if (isset($args['updateusage'])) {
updateDiskUsage();
}
if (isset($args['updatefeeds'])) {
updateFeeds();
}
if (isset($args['addfeed'])) {
if (isset($args[$indexCounter])) {
addFeed($args[$indexCounter++]);
} else {
echoError($argv);
}
}
if (isset($args['addtorrent'])) {
if (isset($args[$indexCounter]) && isset($args[$indexCounter + 1])) {
addTorrent($args[$indexCounter++], $args[$indexCounter++]);
} else {
echoError($argv);
}
}
exit(0);
/*
* From: http://pwfisher.com/nucleus/index.php?itemid=45
*/
/**
* Function used to add content to favorits
*/
function add_to_fav($id)
{
global $db;
$id = mysql_clean($id);
//First checking weather object exists or not
if ($this->exists($id)) {
if (userid()) {
if (!$this->fav_check($id)) {
$db->insert(tbl($this->fav_tbl), array('type', 'id', 'userid', 'date_added'), array($this->type, $id, userid(), NOW()));
addFeed(array('action' => 'add_favorite', 'object_id' => $id, 'object' => 'video'));
//Loggin Favorite
$log_array = array('success' => 'yes', 'details' => "added " . $this->name . " to favorites", 'action_obj_id' => $id, 'action_done_id' => $db->insert_id());
insert_log($this->name . '_favorite', $log_array);
//e(sprintf(lang('add_fav_message'),$this->name),'m');
e('<div class="alert alert-success">This video has been added to your favorites</div>', "m");
} else {
e(sprintf(lang('already_fav_message'), $this->name));
}
} else {
e(lang("you_not_logged_in"));
}
} else {
e(sprintf(lang("obj_not_exists"), $this->name));
}
}
function addSong()
{
global $wpdb;
$event_type = 'projects';
if ($_POST) {
$name = $_POST['name'];
$link = $_POST['link'];
$type = $_POST['type'];
$user_id = $_POST['user'];
if ($wpdb->insert('songs', array('user_id' => $user_id, 'name' => $name, 'link' => $link))) {
$song_id = $wpdb->insert_id;
$time = time();
$time_end = strtotime('+3 day', $time);
if ($wpdb->insert('projects', array('user_id' => $user_id, 'song_id' => $song_id, 'status' => 'pending', 'type' => $type, 'dt_add' => $time, 'dt_end' => $time_end))) {
$project_id = $wpdb->insert_id;
//id вставленной записи
addFeed($project_id, $event_type, $user_id, $time);
}
}
}
die;
}
/**
* Function used to validate signup form
*/
function signup_user($array = NULL, $send_signup_email = true)
{
global $LANG, $db, $userquery;
if ($array == NULL) {
$array = $_POST;
}
if (is_array($_FILES)) {
$array = array_merge($array, $_FILES);
}
$this->validate_form_fields($array);
//checking terms and policy agreement
if ($array['agree'] != 'yes' && !has_access('admin_access', true)) {
e(lang('usr_ament_err'));
}
if (!verify_captcha()) {
e(lang('usr_ccode_err'));
}
if (!error()) {
$signup_fields = $this->load_signup_fields($array);
//Adding Custom Signup Fields
if (count($this->custom_signup_fields) > 0) {
$signup_fields = array_merge($signup_fields, $this->custom_signup_fields);
}
foreach ($signup_fields as $field) {
$name = formObj::rmBrackets($field['name']);
$val = $array[$name];
if ($field['use_func_val']) {
$val = $field['validate_function']($val);
}
//Overrides use_func_val
if ($field['value_function'] && function_exists($field['value_function'])) {
$val = $field['value_function']($val);
}
if (!empty($field['db_field'])) {
$query_field[] = $field['db_field'];
}
if (is_array($val)) {
$new_val = '';
foreach ($val as $v) {
$new_val .= "#" . $v . "# ";
}
$val = $new_val;
}
if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) {
$val = mysql_clean($val);
} else {
$val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val));
}
if (!empty($field['db_field'])) {
$query_val[] = $val;
}
}
// Setting Verification type
if (EMAIL_VERIFICATION == '1') {
$status = 'unverified';
$welcome_email = 'no';
} else {
$status = 'verified';
$welcome_email = 'yes';
}
if (config('user_moderation') == 'yes') {
$active = 'no';
} else {
$active = 'yes';
}
if (has_access('admin_access', true)) {
if ($array['status'] == 'verified') {
$status = 'verified';
$welcome_email = 'yes';
} else {
$status = 'unverified';
$welcome_email = 'no';
}
if ($array['active'] == 'yes') {
$active = 'yes';
} else {
$active = 'yes';
}
$query_field[] = "level";
$query_val[] = $array['level'];
}
$query_field[] = "status";
$query_val[] = $status;
$query_field[] = "active";
$query_val[] = $active;
$query_field[] = "\twelcome_email_sent";
$query_val[] = $welcome_email;
//Creating AV Code
$avcode = RandomString(10);
$query_field[] = "avcode";
$query_val[] = $avcode;
//Signup IP
$signup_ip = $_SERVER['REMOTE_ADDR'];
$query_field[] = "signup_ip";
$query_val[] = $signup_ip;
//Date Joined
$now = NOW();
$query_field[] = "doj";
$query_val[] = $now;
/**
* A VERY IMPORTANT PART OF
* OUR SIGNUP SYSTEM IS
* SESSION KEY AND CODE
* WHEN A USER IS LOGGED IN
* IT IS ONLY VALIDATED BY
* ITS SIGNUP KEY AND CODE
*
*/
$sess_key = $this->create_session_key($_COOKIE['PHPSESSID'], $array['password']);
$sess_code = $this->create_session_code();
$query_field[] = "user_session_key";
$query_val[] = $sess_key;
$query_field[] = "user_session_code";
$query_val[] = $sess_code;
$query = "INSERT INTO " . tbl("users") . " (";
$total_fields = count($query_field);
//Adding Fields to query
$i = 0;
foreach ($query_field as $qfield) {
$i++;
$query .= $qfield;
if ($i < $total_fields) {
$query .= ',';
}
}
$query .= ") VALUES (";
$i = 0;
//Adding Fields Values to query
foreach ($query_val as $qval) {
$i++;
$query .= "'{$qval}'";
if ($i < $total_fields) {
$query .= ',';
}
}
//Finalzing Query
$query .= ")";
$db->Execute($query);
$insert_id = $db->insert_id();
$db->insert(tbl($userquery->dbtbl['user_profile']), array("userid"), array($insert_id));
if (!has_access('admin_access', true) && EMAIL_VERIFICATION && $send_signup_email) {
global $cbemail;
$tpl = $cbemail->get_template('email_verify_template');
$more_var = array('{username}' => post('username'), '{password}' => post('password'), '{email}' => post('email'), '{avcode}' => $avcode);
if (!is_array($var)) {
$var = array();
}
$var = array_merge($more_var, $var);
$subj = $cbemail->replace($tpl['email_template_subject'], $var);
$msg = nl2br($cbemail->replace($tpl['email_template'], $var));
//Now Finally Sending Email
//cbmail(array('to'=>post('email'),'from'=>WEBSITE_EMAIL,'subject'=>$subj,'content'=>$msg));
} elseif (!has_access('admin_access', true) && $send_signup_email) {
//$this->send_welcome_email($insert_id);
}
$log_array = array('username' => $array['username'], 'userid' => $insert_id, 'userlevel' => $array['level'], 'useremail' => $array['email'], 'success' => 'yes', 'details' => sprintf("%s signed up", $array['username']));
//Login Signup
insert_log('signup', $log_array);
//Adding User has Signup Feed
addFeed(array('action' => 'signup', 'object_id' => $insert_id, 'object' => 'signup', 'uid' => $insert_id));
return $insert_id;
}
return false;
}
function submit_upload($array = NULL)
{
global $eh, $Cbucket, $db, $userquery;
if (!$array) {
$array = $_POST;
}
// $_POST['embed_code'] = htmlspecialchars($_POST['embed_code']);
$this->validate_video_upload_form($array, TRUE);
if (empty($eh->error_list)) {
$required_fields = $this->loadRequiredFields($array);
$location_fields = $this->loadLocationFields($array);
$option_fields = $this->loadOptionFields($array);
$upload_fields = array_merge($required_fields, $location_fields, $option_fields);
//Adding Custom Upload Fields
if (count($this->custom_upload_fields) > 0) {
$upload_fields = array_merge($upload_fields, $this->custom_upload_fields);
}
//Adding Custom Form Fields
if (count($this->custom_form_fields) > 0) {
$upload_fields = array_merge($upload_fields, $this->custom_form_fields);
}
$userid = userid();
if (!userid() && has_access('allow_video_upload', true, false)) {
$userid = $userquery->get_anonymous_user();
//$userid = $user['userid'];
} elseif (userid() && !has_access('allow_video_upload', true, true)) {
return false;
}
if (is_array($_FILES)) {
$array = array_merge($array, $_FILES);
}
foreach ($upload_fields as $field) {
$name = formObj::rmBrackets($field['name']);
$val = $array[$name];
if ($field['use_func_val']) {
$val = $field['validate_function']($val);
}
if (!empty($field['db_field'])) {
$query_field[] = $field['db_field'];
}
if (is_array($val)) {
$new_val = '';
foreach ($val as $v) {
$new_val .= "#" . $v . "# ";
}
$val = $new_val;
}
if (!$field['clean_func'] || !apply_func($field['clean_func'], $val) && !is_array($field['clean_func'])) {
$val = mysql_clean($val);
} else {
$val = apply_func($field['clean_func'], sql_free($val));
}
if (empty($val) && !empty($field['default_value'])) {
$val = $field['default_value'];
}
if (!empty($field['db_field'])) {
$query_val[] = $val;
}
}
//Adding Video Code
$query_field[] = "file_name";
$file_name = mysql_clean($array['file_name']);
$query_val[] = $file_name;
//ADding Video Key
$query_field[] = "videokey";
$query_val[] = $this->video_keygen();
if (!isset($array['file_directory']) && isset($array['time_stamp'])) {
$query_field[] = "file_directory";
$file_directory = create_dated_folder(NULL, $array['time_stamp']);
$query_val[] = $file_directory;
//pr($array,true);exit();
} elseif (isset($array['file_directory'])) {
$query_field[] = "file_directory";
$file_directory = mysql_clean($array['file_directory']);
$query_val[] = $file_directory;
}
//Userid
$query_field[] = "userid";
if (!$array['userid']) {
$query_val[] = $userid;
} else {
$query_val[] = $array['userid'];
}
//video_version
$query_field[] = "video_version";
$query_val[] = '2.7';
//Upload Ip
$query_field[] = "uploader_ip";
$query_val[] = $_SERVER['REMOTE_ADDR'];
$activation = ACTIVATION;
//Setting Activation Option
if ($activation == 0) {
$active = 'yes';
} else {
$active = 'no';
}
$query_field[] = "active";
$query_val[] = $active;
$query_field[] = "date_added";
$query_val[] = now();
$query = "INSERT INTO " . tbl("video") . " (";
$total_fields = count($query_field);
//Adding Fields to query
$i = 0;
foreach ($query_field as $qfield) {
$i++;
$query .= $qfield;
if ($i < $total_fields) {
$query .= ',';
}
}
$query .= ") VALUES (";
$i = 0;
//Adding Fields Values to query
foreach ($query_val as $qval) {
$i++;
$query .= "'{$qval}'";
if ($i < $total_fields) {
$query .= ',';
}
}
//Finalzing Query
$query .= ")";
//exit($query);
if (!userid() && !has_access('allow_video_upload', false, false)) {
e(lang("you_not_logged_in"));
//exit();
} else {
$insert_id = file_name_exists($file_name);
if (!$insert_id) {
$db->Execute($query);
$insert_id = $db->insert_id();
//loggin Upload
$log_array = array('success' => 'yes', 'action_obj_id' => $insert_id, 'userid' => $userid, 'details' => "uploaded a video");
insert_log('upload_video', $log_array);
$db->update(tbl("users"), array("total_videos"), array("|f|total_videos+1"), " userid='" . $userid . "'");
}
}
}
//Adding Video Feed
addFeed(array('action' => 'upload_video', 'object_id' => $insert_id, 'object' => 'video'));
return $insert_id;
}
/**
* Function used to add comment
* This is more advance function ,
* in this function functions can be applied on comments
*/
function add_comment($comment, $obj_id, $reply_to = NULL, $type = 'v', $obj_owner = NULL, $obj_link = NULL, $force_name_email = false)
{
global $userquery, $eh, $db, $Cbucket;
//Checking maximum comments characters allowed
if (defined("MAX_COMMENT_CHR")) {
$comment_len = strlen($comment);
if ($comment_len > MAX_COMMENT_CHR) {
e(sprintf("'%d' characters allowed for comment", MAX_COMMENT_CHR));
} elseif ($comment_len < 5) {
e("Comment is too short. It should be atleast 5 characters");
}
}
if (!verify_captcha()) {
e(lang('usr_ccode_err'));
}
if (empty($comment)) {
e(lang("pelase_enter_something_for_comment"));
}
$params = array('comment' => $comment, 'obj_id' => $obj_id, 'reply_to' => $reply_to, 'type' => $type);
$this->validate_comment_functions($params);
/*
if($type=='video' || $type=='v')
{
if(!$this->video_exists($obj_id))
e(lang("class_vdo_del_err"));
//Checking owner of video
if(!USER_COMMENT_OWN)
{
if(userid()==$this->get_vid_owner($obj_id));
e(lang("usr_cmt_err2"));
}
}
*/
if (!userid() && $Cbucket->configs['anonym_comments'] != 'yes') {
e(lang("you_not_logged_in"));
}
if (!userid() && $Cbucket->configs['anonym_comments'] == 'yes' || $force_name_email) {
//Checking for input name and email
if (empty($_POST['name'])) {
e(lang("please_enter_your_name"));
}
if (empty($_POST['email'])) {
e(lang("please_enter_your_email"));
}
$name = mysql_clean($_POST['name']);
$email = mysql_clean($_POST['email']);
}
//pr(error_list(),true);
if (empty($eh->error_list)) {
$db->insert(tbl("comments"), array('type,comment,type_id,userid,date_added,parent_id,anonym_name,anonym_email', 'comment_ip', 'type_owner_id'), array($type, $comment, $obj_id, userid(), NOW(), $reply_to, $name, $email, $_SERVER['REMOTE_ADDR'], $obj_owner));
$cid = $db->insert_id();
$db->update(tbl("users"), array("total_comments"), array("|f|total_comments+1"), " userid='" . userid() . "'");
e(lang("grp_comment_msg"), "m");
$own_details = $userquery->get_user_field_only($obj_owner, 'email');
$username = username();
$username = $username ? $username : post('name');
$useremail = $email;
$fullname = $username;
if ($userquery->udetails['fullname']) {
$fullname = $userquery->udetails['fullname'];
}
//Adding Comment Log
$log_array = array('success' => 'yes', 'action_obj_id' => $cid, 'action_done_id' => $obj_id, 'details' => "made a comment", 'username' => $username, 'useremail' => $useremail);
insert_log($type . '_comment', $log_array);
//sending email
if (SEND_COMMENT_NOTIFICATION == 'yes' && $own_details) {
global $cbemail;
$tpl = $cbemail->get_template('user_comment_email');
$more_var = array('{username}' => $username, '{fullname}' => $fullname, '{obj_link}' => $obj_link . '#comment_' . $cid, '{comment}' => $comment, '{obj}' => get_obj_type($type));
if (!is_array($var)) {
$var = array();
}
$var = array_merge($more_var, $var);
$subj = $cbemail->replace($tpl['email_template_subject'], $var);
$msg = nl2br($cbemail->replace($tpl['email_template'], $var));
//Now Finally Sending Email
cbmail(array('to' => $own_details, 'from' => WEBSITE_EMAIL, 'subject' => $subj, 'content' => $msg));
}
//Adding Video Feed
addFeed(array('action' => 'comment_video', 'comment_id' => $cid, 'object_id' => $obj_id, 'object' => 'video'));
return $cid;
}
return false;
}
<?php
include_once "header.php";
?>
<?php
include_once "db.php";
include_once "sourlib.php";
if (stripslashes(!$_POST['checksubmit']) && checkCookie()) {
showFeedsform();
} else {
if (checkCookie()) {
$site = stripslashes($_POST['site']);
$url = stripslashes($_POST['url']);
addFeed($site, $url);
} else {
echo "please <a href='login.php'>login</a> in order to change the site settings!";
}
}
?>
</body>
</html>
