function BxOSiSearchUnit(&$oConfig, $_oTemplate = null)
{
$this->_oConfig = $oConfig;
$this->sHomePath = $this->_oConfig->getHomePath();
$this->sHomeUrl = $this->_oConfig->getHomeUrl();
$this->aPermalinks = array('param' => 'permalinks_osi', 'enabled' => array('file' => ''), 'disabled' => array('file' => ''));
$this->bShowCheckboxes = false;
if (isAdmin() || isModerator()) {
$this->aCurrent['restriction']['status'] = '';
$this->bShowCheckboxes = true;
}
parent::BxBaseSearchResultText();
$this->oOsiTemplate = $_oTemplate;
}
function BxAdsSearchUnit()
{
$oMain = $this->getAdsMain();
$this->sHomePath = $oMain->_oConfig->getHomePath();
$this->sHomeUrl = $oMain->_oConfig->getHomeUrl();
$this->aPermalinks = array('param' => 'permalinks_module_ads', 'enabled' => array('file' => 'ads/entry/{uri}', 'category' => 'ads/cat/{uri}', 'subcategory' => 'ads/subcat/{uri}', 'tag' => 'ads/tag/{uri}', 'browseAll' => 'ads/', 'admin_file' => 'ads/entry/{uri}', 'admin_category' => 'ads/cat/{uri}', 'admin_subcategory' => 'ads/subcat/{uri}', 'admin_tag' => 'ads/tag/{uri}', 'admin_browseAll' => 'ads/'), 'disabled' => array('file' => 'classifieds.php?ShowAdvertisementID={id}', 'category' => 'classifieds.php?bClassifiedID={id}', 'subcategory' => 'classifieds.php?bSubClassifiedID={id}', 'tag' => 'classifieds_tags.php?tag={uri}', 'browseAll' => 'classifieds.php', 'admin_file' => 'classifieds.php?ShowAdvertisementID={id}', 'admin_category' => 'classifieds.php?bClassifiedID={id}', 'admin_subcategory' => 'classifieds.php?bSubClassifiedID={id}', 'admin_tag' => 'classifieds_tags.php?tag={uri}', 'admin_browseAll' => 'classifieds.php'));
$this->bShowCheckboxes = false;
if (isAdmin() || isModerator()) {
//$this->aCurrent['restriction']['activeStatus'] = '';
//$this->bShowCheckboxes = true;
}
parent::BxBaseSearchResultText();
//$this->sTemplUnit = file_get_contents( $this->sHomeUrl . 'templates/base/'.$this->sTU.'.html' );
$this->sSelectedUnit = 'unit_ads';
$this->iPostViewType = $iPostViewType;
}
/**
* Saves the user edit tab postdata into the tab's permanent storage
* @param object tab reflecting the tab database entry
* @param object mosUser reflecting the user being displayed
* @param int 1 for front-end, 2 for back-end
* @param array _POST data for saving edited tab content as generated with getEditTab
* @returns mixed : either string HTML for tab content, or false if ErrorMSG generated
*/
function saveEditTab($tab, &$user, $ui, $postdata) {
global $_CB_framework;
// Get all relevant tab parameters - these settings are global and set by the admin
$tabparams = $this->_pgGetTabParameters($user);
$isModerator=isModerator($_CB_framework->myId());
// Short Greeting:
$cb_pgshortgreeting = cbGetParam($_POST, "cb_pgshortgreeting", "");
$user->cb_pgshortgreeting = cbUnEscapeSQL($cb_pgshortgreeting);
// Enable Gallery:
if ($tabparams["pgallowuserenable"]=="1" || $ui==2 || $isModerator) {
$cb_pgenable = cbGetParam($_POST, "cb_pgenable", null);
if ($cb_pgenable) {
$user->cb_pgenable = $cb_pgenable;
}
}
// Enable Autopublish Items:
if ($tabparams["pgallowautopublishoverride"] || $ui==2 || $isModerator) {
if ($tabparams["pgautopublish"]) {
$cb_pgautopublish = cbGetParam($_POST, "cb_pgautopublish", null);
if ($cb_pgautopublish) {
$user->cb_pgautopublish = $cb_pgautopublish;
}
}
}
// Auto-approve Items setting in backend or frontend for moderators:
if ( ($ui == 2 && $tabparams["pgallowautoapproveoverride"]) || ($isModerator && $tabparams["pgallowautoapproveoverride"]) ) {
$cb_pgautoapprove = cbGetParam($_POST, "cb_pgautoapprove", null);
if ($cb_pgautoapprove) {
$user->cb_pgautoapprove = $cb_pgautoapprove;
}
}
/* Not needed, done by CB fields: */
if ($ui == 2 || $isModerator) {
// Item Quota (setting only in backend and frontend for moderators):
$cb_pgtotalquotaitems = cbGetParam($_POST, "cb_pgtotalquotaitems", null);
if (is_numeric($cb_pgtotalquotaitems)) {
$user->cb_pgtotalquotaitems = $cb_pgtotalquotaitems;
}
}
if ($ui == 2 || $isModerator) {
// Storage Quota (setting only in backend and frontend for moderators):
$cb_pgtotalquotasize = cbGetParam($_POST, "cb_pgtotalquotasize", null);
if (is_numeric($cb_pgtotalquotasize)) {
$user->cb_pgtotalquotasize = $cb_pgtotalquotasize;
}
}
if ($ui == 2 || $isModerator) {
// Maximum Single Upload Size (setting only in backend and frontend for moderators):
$cb_pguploadsize = cbGetParam($_POST, "cb_pguploadsize", null);
if (is_numeric($cb_pguploadsize)) {
$user->cb_pguploadsize = $cb_pguploadsize;
}
}
if ($ui == 2 || $isModerator) {
// Current Item Count Usage (information field only):
$cb_pgtotalitems = cbGetParam($_POST, "cb_pgtotalitems", null);
if (is_numeric($cb_pgtotalitems)) {
$user->cb_pgtotalitems = $cb_pgtotalitems;
}
}
if ($ui == 2 || $isModerator) {
// Current Item Size Usage (information field only):
$cb_pgtotalsize = cbGetParam($_POST, "cb_pgtotalsize", null);
if (is_numeric($cb_pgtotalsize)) {
$user->cb_pgtotalsize = $cb_pgtotalsize;
}
}
if ($ui == 2 || $isModerator) {
// Last Update Date (information field only):
$cb_pglastupdate = cbGetParam($_POST, "cb_pglastupdate", null);
if ($cb_pglastupdate !== null) {
$user->cb_pglastupdate = $cb_pglastupdate;
}
}
// Access Mode:
if ($tabparams["pgallowaccessmodeoverride"] || $ui ==2 || $isModerator) {
$cb_pgaccessmode = cbGetParam($_POST, "cb_pgaccessmode", null);
if ($cb_pgaccessmode) {
$user->cb_pgaccessmode = $cb_pgaccessmode;
}
}
// Display Format:
if ($tabparams["pgallowdisplayformatoverride"] || $ui ==2 || $isModerator) {
$cb_pgdisplayformat = cbGetParam($_POST, "cb_pgdisplayformat", null);
if ($cb_pgdisplayformat) {
$user->cb_pgdisplayformat = $cb_pgdisplayformat;
}
}
}
$servername = "okenso.com";
$username = "******";
$password = "******";
$dbname = "dev";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$error = false;
$error_message = "";
$data = json_decode(file_get_contents('php://input'), true);
$user = $data["username"];
$viewer = $data["viewer"];
$channelname = $data["channelname"];
$channelowner = $data["channelowner"];
if (isAdmin($conn, $user) || isOwner($conn, $user, $channelname, $channelowner) || isModerator($conn, $user, $channelname, $channelowner)) {
removeViewer($conn, $viewer, $channelname, $channelowner);
} else {
$error = true;
$error_message = "You do not have permission to remove a viewer from this channel";
}
$conn->close();
$response = array('error' => $error, 'error_message' => $error_message, 'viewer' => $viewer);
echo json_encode($response);
function removeViewer($conn, $viewer, $channelname, $channelowner)
{
$sql = "DELETE FROM private_view_channels WHERE\n prv_username = \"" . $viewer . "\" AND prv_chname = \"" . $channelname . "\" AND prv_chowner = \"" . $channelowner . "\";";
$conn->query($sql);
}
?>
function getProfileViewActions($iProfileId, $bDynamic = false)
{
global $oTemplConfig;
$iProfileId = (int) $iProfileId;
if (!$iProfileId) {
return '';
}
$aProfileInfo = getProfileInfo($iProfileId);
if (empty($aProfileInfo)) {
return '';
}
$iViewerId = getLoggedId();
// prepare all needed keys
$aConfig = array('url' => BX_DOL_URL_ROOT, 'anonym_mode' => '', 'member_id' => $iViewerId, 'member_pass' => getPassword($iViewerId));
$aMainKeys = array('cpt_edit', 'cpt_send_letter', 'cpt_fave', 'cpt_befriend', 'cpt_remove_friend', 'cpt_get_mail', 'cpt_share', 'cpt_report', 'cpt_block', 'cpt_unblock', 'cpt_activate', 'cpt_ban', 'cpt_delete', 'cpt_delete_spam', 'cpt_feature', 'act_activate', 'act_ban', 'act_feature');
$aMain = array_fill_keys($aMainKeys, '');
if (isMember($iViewerId)) {
$aMain['cpt_edit'] = _t('_EditProfile');
$aMain['cpt_send_letter'] = _t('_SendLetter');
$aMain['cpt_fave'] = _t('_Fave');
$aMain['cpt_remove_fave'] = _t('_Remove Fave');
$aMain['cpt_befriend'] = _t('_Befriend');
$aMain['cpt_remove_friend'] = _t('_Remove friend');
$aMain['cpt_get_mail'] = _t('_Get E-mail');
$aMain['cpt_share'] = $this->isAllowedShare($this->_aProfile) ? _t('_Share') : '';
$aMain['cpt_report'] = _t('_Report Spam');
$aMain['cpt_block'] = _t('_Block');
$aMain['cpt_unblock'] = _t('_Unblock');
}
if (isAdmin($iViewerId) || isModerator($iViewerId) and $iViewerId != $iProfileId) {
$sMsgKeyStart = '_adm_btn_mp_';
// delete
$aMain['cpt_delete'] = _t($sMsgKeyStart . 'delete');
// delete spam
$aMain['cpt_delete_spam'] = _t($sMsgKeyStart . 'delete_spammer');
// activate / deactivate
$sTypeActiv = 'activate';
if ($aProfileInfo['Status'] == 'Active') {
$sTypeActiv = 'de' . $sTypeActiv;
}
$aMain['cpt_activate'] = _t($sMsgKeyStart . $sTypeActiv);
$aMain['act_activate'] = $sTypeActiv;
// ban / unban
$sTypeBan = 'ban';
if (isLoggedBanned($aProfileInfo['ID'])) {
$sTypeBan = 'un' . $sTypeBan;
}
$aMain['cpt_ban'] = _t($sMsgKeyStart . $sTypeBan);
$aMain['act_ban'] = $sTypeBan;
// feature / unfeature
$sTypeFeat = 'featured';
$aMain['cpt_feature'] = _t('_Feature it');
if ((int) $aProfileInfo['Featured']) {
$sTypeFeat = 'un' . $sTypeFeat;
$aMain['cpt_feature'] = _t('_De-Feature it');
}
$aMain['act_feature'] = $sTypeFeat;
}
//--- Subscription integration ---//
$oSubscription = BxDolSubscription::getInstance();
$sAddon = $oSubscription->getData($bDynamic);
$aButton = $oSubscription->getButton($iViewerId, 'profile', '', $iProfileId);
$aMain['sbs_profile_title'] = $aButton['title'];
$aMain['sbs_profile_script'] = $aButton['script'];
//--- Subscription integration ---//
$aCheckGreet = checkAction(getLoggedId(), ACTION_ID_SEND_VKISS);
$aMain['cpt_greet'] = $aCheckGreet[CHECK_ACTION_RESULT] == CHECK_ACTION_RESULT_ALLOWED ? _t('_Greet') : '';
$aMain = array_merge($aProfileInfo, $aConfig, $aMain);
return $sAddon . $this->genObjectsActions($aMain, 'Profile');
}
function canReview($id, $meta, $parid)
{
return isModerator($id) && $meta[$parid]['user'] != $_SERVER['REMOTE_USER'] && $meta[$parid]['ip'] != clientIP(true);
}
private function getAuto( $user, $rawPassword, $extras, $trigger ) {
$cbUser = new CBuser();
$cbUser->load( (int) $user->id );
if ( ( ! isset( $user->gids ) ) || ( isset( $user->gids ) && ( ! is_array( $user->gids ) ) ) ) {
$gids = array( $user->gid );
} else {
$gids = $user->gids;
}
if ( $user->id ) {
array_unshift( $gids, -3 );
if ( isModerator( $user->id ) ) {
array_unshift( $gids, -5 );
} else {
array_unshift( $gids, -4 );
}
} else {
array_unshift( $gids, -2 );
}
array_unshift( $gids, -1 );
$access = explode( '|*|', $trigger->get( 'access' ) );
if ( ! array_intersect( $access, $gids ) ) {
return;
}
$conditionals = count( explode( "\n", $trigger->get( 'field' ) ) );
for ( $i = 0, $n = $conditionals; $i < $n; $i++ ) {
if ( ! cbgjautoClass::getFieldMatch( $user, $cbUser, $extras, cbgjClass::getHTMLCleanParam( true, "field$i", null, null, $trigger->get( 'field' ) ), cbgjClass::getCleanParam( true, "operator$i", null, null, $trigger->get( 'operator' ) ), cbgjClass::getHTMLCleanParam( true, "value$i", null, null, $trigger->get( 'value' ) ) ) ) {
return;
}
}
$plugin = cbgjClass::getPlugin();
$exclude = $trigger->get( 'exclude' );
if ( $exclude ) {
cbArrayToInts( explode( ',', $exclude ) );
$exclude = array_unique( $exclude );
if ( in_array( $user->id, $exclude ) ) {
return;
}
}
$params = $trigger->getParams();
if ( ( $params->get( 'auto', null ) == 3 ) && $params->get( 'cat_name', null ) ) {
$owner = (int) $cbUser->replaceUserVars( $params->get( 'cat_owner', $user->id ), true, true, $extras );
if ( ! $owner ) {
$owner = (int) $user->id;
}
$parent = (int) $params->get( 'cat_parent', 0 );
$name = trim( strip_tags( $cbUser->replaceUserVars( $params->get( 'cat_name', null ), true, true, $extras ) ) );
$description = $cbUser->replaceUserVars( $params->get( 'cat_description', null ), true, true, $extras );
if ( $params->get( 'cat_unique', 1 ) ) {
$where = array( array( 'user_id', '=', $owner ), array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );
} else {
$where = array( array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );
}
$row = cbgjData::getCategories( null, $where, null, null, false );
if ( ! $row->get( 'id' ) ) {
$row->set( 'published', 1 );
$row->set( 'parent', (int) $parent );
$row->set( 'user_id', $owner );
$row->set( 'name', $name );
if ( $plugin->params->get( 'category_editor', 1 ) >= 2 ) {
$row->set( 'description', cbgjClass::getFilteredText( $description ) );
} else {
$row->set( 'description', trim( strip_tags( $description ) ) );
}
$row->set( 'access', (int) $plugin->params->get( 'category_access_default', -2 ) );
$row->set( 'types', $params->get( 'types', $plugin->params->get( 'category_types_default', '1|*|2|*|3' ) ) );
$row->set( 'create', (int) $plugin->params->get( 'category_create_default', 1 ) );
$row->set( 'create_access', (int) $plugin->params->get( 'category_createaccess_default', -1 ) );
$row->set( 'nested', (int) $plugin->params->get( 'category_nested_default', 1 ) );
$row->set( 'nested_access', (int) $plugin->params->get( 'category_nestedaccess_default', -1 ) );
$row->set( 'date', cbgjClass::getUTCDate() );
$row->set( 'ordering', 99999 );
$row->store();
}
} elseif ( ( $params->get( 'auto', null ) == 2 ) && $params->get( 'category', null ) && $params->get( 'grp_name', null ) ) {
if ( ( $params->get( 'category', null ) == -1 ) && $params->get( 'cat_name', null ) ) {
$owner = (int) $cbUser->replaceUserVars( $params->get( 'cat_owner', $user->id ), true, true, $extras );
if ( ! $owner ) {
$owner = (int) $user->id;
}
$parent = (int) $params->get( 'cat_parent', 0 );
$name = trim( strip_tags( $cbUser->replaceUserVars( $params->get( 'cat_name', null ), true, true, $extras ) ) );
$description = $cbUser->replaceUserVars( $params->get( 'cat_description', null ), true, true, $extras );
if ( $params->get( 'cat_unique', 1 ) ) {
$where = array( array( 'user_id', '=', $owner ), array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );
} else {
$where = array( array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );
}
$category = cbgjData::getCategories( null, $where, null, null, false );
if ( ! $category->get( 'id' ) ) {
$category->set( 'published', 1 );
$category->set( 'parent', (int) $parent );
$category->set( 'user_id', $owner );
$category->set( 'name', $name );
if ( $plugin->params->get( 'category_editor', 1 ) >= 2 ) {
$category->set( 'description', cbgjClass::getFilteredText( $description ) );
} else {
$category->set( 'description', trim( strip_tags( $description ) ) );
}
$category->set( 'access', (int) $plugin->params->get( 'category_access_default', -2 ) );
$category->set( 'types', $params->get( 'types', $plugin->params->get( 'category_types_default', '1|*|2|*|3' ) ) );
$category->set( 'create', (int) $plugin->params->get( 'category_create_default', 1 ) );
$category->set( 'create_access', (int) $plugin->params->get( 'category_createaccess_default', -1 ) );
$category->set( 'nested', (int) $plugin->params->get( 'category_nested_default', 1 ) );
$category->set( 'nested_access', (int) $plugin->params->get( 'category_nestedaccess_default', -1 ) );
$category->set( 'date', cbgjClass::getUTCDate() );
$category->set( 'ordering', 99999 );
$category->store();
}
} else {
$category = cbgjData::getCategories( null, array( 'id', '=', (int) $params->get( 'category', null ) ), null, null, false );
}
if ( $category->get( 'id' ) ) {
$owner = (int) $cbUser->replaceUserVars( $params->get( 'grp_owner', $user->id ), true, true, $extras );
if ( ! $owner ) {
$owner = (int) $user->id;
}
$parent = (int) $params->get( 'grp_parent', 0 );
$name = trim( strip_tags( $cbUser->replaceUserVars( $params->get( 'grp_name', null ), true, true, $extras ) ) );
$description = $cbUser->replaceUserVars( $params->get( 'grp_description', null ), true, true, $extras );
$join = false;
if ( $params->get( 'grp_unique', 1 ) ) {
$where = array( array( 'category', '=', (int) $category->get( 'id' ) ), array( 'user_id', '=', $owner ), array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );
} else {
$where = array( array( 'category', '=', (int) $category->get( 'id' ) ), array( 'name', '=', $name ), array( 'parent', '=', (int) $parent ) );
if ( $params->get( 'grp_autojoin', 1 ) ) {
$join = true;
}
}
$row = cbgjData::getGroups( null, $where, null, null, false );
if ( ! $row->get( 'id' ) ) {
$row->set( 'published', 1 );
$row->set( 'category', (int) $category->get( 'id' ) );
$row->set( 'parent', (int) $parent );
$row->set( 'user_id', $owner );
$row->set( 'name', $name );
if ( $plugin->params->get( 'group_editor', 1 ) >= 2 ) {
$row->set( 'description', cbgjClass::getFilteredText( $description ) );
} else {
$row->set( 'description', trim( strip_tags( $description ) ) );
}
$row->set( 'access', (int) $plugin->params->get( 'group_access_default', -2 ) );
$row->set( 'type', (int) $params->get( 'type', $plugin->params->get( 'group_type_default', 1 ) ) );
$row->set( 'nested', (int) $plugin->params->get( 'group_nested_default', 1 ) );
$row->set( 'nested_access', (int) $plugin->params->get( 'group_nestedaccess_default', -1 ) );
$row->set( 'date', cbgjClass::getUTCDate() );
$row->set( 'ordering', 1 );
if ( $row->store() ) {
$row->storeOwner( $row->get( 'user_id' ) );
if ( $row->get( 'user_id' ) != $user->id ) {
$usr = cbgjData::getUsers( null, array( array( 'group', '=', (int) $row->get( 'id' ) ), array( 'user_id', '=', (int) $user->id ) ), null, null, false );
if ( ! $usr->get( 'id' ) ) {
$usr->set( 'user_id', (int) $user->id );
$usr->set( 'group', (int) $row->get( 'id' ) );
$usr->set( 'date', cbgjClass::getUTCDate() );
$usr->set( 'status', 1 );
$usr->store();
}
}
}
} elseif ( $join ) {
$usr = cbgjData::getUsers( null, array( array( 'group', '=', (int) $row->get( 'id' ) ), array( 'user_id', '=', (int) $user->id ) ), null, null, false );
if ( ! $usr->get( 'id' ) ) {
$usr->set( 'user_id', (int) $user->id );
$usr->set( 'group', (int) $row->get( 'id' ) );
$usr->set( 'date', cbgjClass::getUTCDate() );
$usr->set( 'status', (int) $params->get( 'status', 1 ) );
if ( $usr->store() ) {
if ( $usr->get( 'status' ) == 4 ) {
$row->storeOwner( $usr->get( 'user_id' ) );
}
}
}
}
}
} elseif ( ( $params->get( 'auto', null ) == 1 ) && $params->get( 'groups', null ) ) {
$groups = $params->get( 'groups', null );
if ( $groups ) {
$groups = explode( '|*|', $groups );
cbArrayToInts( $groups );
}
if ( $groups ) foreach ( $groups as $groupId ) {
$group = cbgjData::getGroups( null, array( 'id', '=', (int) $groupId ), null, null, false );
if ( $group->get( 'id' ) ) {
$row = cbgjData::getUsers( null, array( array( 'group', '=', (int) $group->get( 'id' ) ), array( 'user_id', '=', (int) $user->id ) ), null, null, false );
if ( ! $row->get( 'id' ) ) {
$row->set( 'user_id', (int) $user->id );
$row->set( 'group', (int) $group->get( 'id' ) );
$row->set( 'date', cbgjClass::getUTCDate() );
$row->set( 'status', (int) $params->get( 'status', 1 ) );
if ( $row->store() ) {
if ( $row->get( 'status' ) == 4 ) {
$group->storeOwner( $row->get( 'user_id' ) );
}
}
}
}
}
} elseif ( ( $params->get( 'auto', null ) == 4 ) && $params->get( 'groups', null ) ) {
$groups = $params->get( 'groups', null );
if ( $groups ) {
$groups = explode( '|*|', $groups );
cbArrayToInts( $groups );
}
if ( $groups ) foreach ( $groups as $groupId ) {
$group = cbgjData::getGroups( null, array( 'id', '=', (int) $groupId ), null, null, false );
if ( $group->get( 'id' ) ) {
$row = cbgjData::getUsers( null, array( array( 'group', '=', (int) $group->get( 'id' ) ), array( 'user_id', '=', (int) $user->id ) ), null, null, false );
if ( $row->get( 'id' ) && ( $row->get( 'status' ) != 4 ) ) {
$row->deleteAll();
}
}
}
}
}
/**
* Function will generate block with actions;
*/
function getBlockCode_ActionsBlock()
{
$sCode = '';
if (!$this->aPollInfo) {
return MsgBox(_t('_Empty'));
}
// prepare all needed keys
$aUnitInfo = array('ViewerID' => (int) $this->iMemberId, 'ID' => (int) $this->aPollInfo['id_poll'], 'BaseUri' => $this->oModule->_oConfig->getBaseUri());
$aUnitInfo['base_url'] = BX_DOL_URL_ROOT . $aUnitInfo['BaseUri'];
$aUnitInfo['approved_cpt'] = '';
$aUnitInfo['approved_act'] = '';
$aUnitInfo['del_poll_title'] = $aUnitInfo['del_poll_url'] = $aUnitInfo['del_poll_script'];
if (isLogged() && ($this->aPollInfo['id_profile'] == $this->iMemberId || isAdmin())) {
$sDeleteLink = $this->oModule->getModulePath() . '&action=delete_poll&id=' . $aUnitInfo['ID'];
$aUnitInfo['del_poll_title'] = _t('_bx_poll_delete');
$aUnitInfo['del_poll_url'] = $sDeleteLink;
$aUnitInfo['del_poll_script'] = "if(confirm('" . bx_js_string(_t('_Are_you_sure')) . "')) window.open ('" . $sDeleteLink . "','_self'); return false;";
}
$sMainPrefix = 'bx_poll';
if (isAdmin($this->iMemberId) || isModerator($this->iMemberId) && $this->aPollInfo['id_profile'] != $this->iMemberId) {
$sMsg = '_';
$iAppr = 1;
if ($this->aPollInfo['poll_approval'] == 1) {
$sMsg .= 'dis';
$iAppr = 0;
}
$aUnitInfo['approved_cpt'] = _t('_' . $sMainPrefix . $sMsg . 'approve');
$aUnitInfo['approved_act'] = $iAppr;
}
$oSubscription = BxDolSubscription::getInstance();
$aButton = $oSubscription->getButton($this->iMemberId, $sMainPrefix, '', $this->aPollInfo['id_poll']);
$sCode .= $oSubscription->getData();
$aUnitInfo['sbs_poll_title'] = $aButton['title'];
$aUnitInfo['sbs_poll_script'] = $aButton['script'];
$aUnitInfo['TitleShare'] = $this->oModule->isAllowedShare($this->aPollInfo) ? _t('_Share') : '';
if (BxDolRequest::serviceExists('wall', 'get_repost_js_click')) {
$sCode .= BxDolService::call('wall', 'get_repost_js_script');
$aUnitInfo['repostCpt'] = _t('_Repost');
$aUnitInfo['repostScript'] = BxDolService::call('wall', 'get_repost_js_click', array($this->iMemberId, $sMainPrefix, 'add', $this->aPollInfo['id_poll']));
}
$sActions = $GLOBALS['oFunctions']->genObjectsActions($aUnitInfo, $sMainPrefix);
if (empty($sActions)) {
return '';
}
return $sCode . $sActions;
}
function PageCompAds($oAds)
{
$sRetHtml = '';
$sRetHtml .= $oAds->PrintCommandForms();
if ($_REQUEST) {
if (false !== bx_get('action')) {
switch (bx_get('action')) {
case '3':
echo $oAds->actionSearch();
exit;
break;
case '2':
$iClassifiedSubID = (int) bx_get('FilterSubCat');
$sRetHtml .= $oAds->PrintSubRecords($iClassifiedSubID);
break;
case '1':
$iClassifiedID = (int) bx_get('FilterCat');
$sRetHtml .= $oAds->PrintAllSubRecords($iClassifiedID);
break;
case 'report':
$iCommentID = (int) bx_get('commentID');
print $oAds->GenReportSubmitForm($iCommentID);
exit;
case 'post_report':
print $oAds->ActionReportSubmit();
exit;
case 'show_calendar':
$sRetHtml .= $oAds->GenAdsCalendar();
break;
case 'show_calendar_ads':
$sRetHtml .= $oAds->GenAdsByDate();
break;
case 'show_featured':
$sRetHtml .= $oAds->GenAllAds('featured');
break;
case 'show_categories':
$sRetHtml .= $oAds->genCategoriesBlock();
break;
case 'show_all_ads':
$sRetHtml .= $oAds->GenAllAds();
break;
case 'show_popular':
$sRetHtml .= $oAds->GenAllAds('popular');
break;
case 'show_top_rated':
$sRetHtml .= $oAds->GenAllAds('top');
break;
case 'my_page':
$sRetHtml .= $oAds->GenMyPageAdmin();
break;
case 'tags':
$sRetHtml .= $oAds->GenTagsPage();
break;
}
} elseif (false !== bx_get('bClassifiedID') && (int) bx_get('bClassifiedID') > 0 || false !== bx_get('catUri') && bx_get('catUri') != '') {
$iClassifiedID = (int) bx_get('bClassifiedID') > 0 ? (int) bx_get('bClassifiedID') : (int) db_value("SELECT `ID` FROM `{$oAds->_oConfig->sSQLCatTable}` WHERE `CEntryUri`='" . process_db_input(bx_get('catUri'), BX_TAGS_STRIP) . "' LIMIT 1");
if ($iClassifiedID > 0) {
$sRetHtml .= $oAds->PrintAllSubRecords($iClassifiedID);
}
} elseif (false !== bx_get('bSubClassifiedID') && (int) bx_get('bSubClassifiedID') > 0 || false !== bx_get('scatUri') && bx_get('scatUri') != '') {
$iSubClassifiedID = (int) bx_get('bSubClassifiedID') > 0 ? (int) bx_get('bSubClassifiedID') : (int) db_value("SELECT `ID` FROM `{$oAds->_oConfig->sSQLSubcatTable}` WHERE `SEntryUri`='" . process_db_input(bx_get('scatUri'), BX_TAGS_STRIP) . "' LIMIT 1");
if ($iSubClassifiedID > 0) {
$sRetHtml .= $oAds->PrintSubRecords($iSubClassifiedID);
}
} elseif (false !== bx_get('ShowAdvertisementID') && (int) bx_get('ShowAdvertisementID') > 0 || false !== bx_get('entryUri') && bx_get('entryUri') != '') {
$iID = (int) bx_get('ShowAdvertisementID') > 0 ? (int) bx_get('ShowAdvertisementID') : (int) db_value("SELECT `ID` FROM `{$oAds->_oConfig->sSQLPostsTable}` WHERE `EntryUri`='" . process_db_input(bx_get('entryUri'), BX_TAGS_STRIP) . "' LIMIT 1");
$oAds->ActionPrintAdvertisement($iID);
bx_import('PageView', $oAds->_aModule);
$oAPV = new BxAdsPageView($oAds, $iID);
$sRetHtml .= $oAPV->getCode();
} elseif (false !== bx_get('UsersOtherListing')) {
$iProfileID = (int) bx_get('IDProfile');
if ($iProfileID > -1) {
$sRetHtml .= $oAds->getMemberAds($iProfileID);
}
} elseif (false !== bx_get('DeleteAdvertisementID')) {
$id = (int) bx_get('DeleteAdvertisementID');
if ($id > 0) {
$sRetHtml .= $oAds->ActionDeleteAdvertisement($id);
$sRetHtml .= $oAds->GenMyPageAdmin('manage');
}
} elseif (false !== bx_get('ActivateAdvertisementID')) {
$iAdID = (int) bx_get('ActivateAdvertisementID');
if ($iAdID > 0 && ($oAds->bAdminMode || isModerator($oAds->_iVisitorID))) {
$sStatus = bx_get('ActType') == 'active' ? 'active' : 'inactive';
$oAds->_oDb->setPostStatus($iAdID, $sStatus);
$oAds->ActionPrintAdvertisement($iAdID);
bx_import('PageView', $oAds->_aModule);
$oAPV = new BxAdsPageView($oAds, $iAdID);
$sRetHtml .= $oAPV->getCode();
}
} elseif (false !== bx_get('BuyNow')) {
$advId = (int) bx_get('IDAdv');
if ($advId > 0) {
$sRetHtml .= $oAds->ActionBuyAdvertisement($advId);
}
} elseif (false !== bx_get('BuySendNow')) {
$advId = (int) bx_get('IDAdv');
if ($advId > 0) {
$sRetHtml .= $oAds->ActionBuySendMailAdvertisement($advId);
}
} else {
$sRetHtml .= $oAds->getAdsMainPage();
}
} else {
$sRetHtml .= $oAds->getAdsMainPage();
}
return $sRetHtml;
}
/**
*
*
* @param moscomprofilerFields $field
* @param moscomprofilerUser $user
* @param string $reason 'profile' for user profile view, 'edit' for profile edit, 'register' for registration, 'list' for user-lists
* @param boolean $displayFieldIcons
* @return string HTML: <tag type="$type" value="$value" xxxx="xxx" yy="y" />
*/
function _htmlEditForm(&$field, &$user, $reason, $displayFieldIcons = true)
{
global $_CB_framework, $_CB_database, $ueConfig;
if ($field->name == 'avatar' && !($ueConfig['allowAvatarUpload'] || $ueConfig['allowAvatarGallery'])) {
return null;
}
$name = $field->name;
$nameapproved = $field->name . 'approved';
$required = $this->_isRequired($field, $user, $reason);
$existingAvatar = false;
if ($user && $user->id) {
// we can not trust the following, as if another field did error out, it's wrong:
// $existingAvatar = ( $user->$name != null );
// so load from database:
$realDatabaseUser = new moscomprofilerUser($_CB_database);
if ($realDatabaseUser->load((int) $user->id)) {
$existingAvatar = $realDatabaseUser->{$name} != null;
}
}
$html = '<div>';
$choices = array();
if ($reason == 'register' || $reason == 'edit' && $user->id == 0) {
if ($required == 0) {
$choices[] = moscomprofilerHTML::makeOption('', _UE_AVATAR_NONE);
}
} else {
if ($existingAvatar || $required == 0) {
$choices[] = moscomprofilerHTML::makeOption('', _UE_AVATAR_NO_CHANGE);
}
}
if ($name != 'avatar' || $ueConfig['allowAvatarUpload']) {
$choices[] = moscomprofilerHTML::makeOption('upload', $existingAvatar ? _UE_AVATAR_UPLOAD_NEW : _UE_AVATAR_UPLOAD);
}
if ($name == 'avatar' && $ueConfig['allowAvatarGallery']) {
$choices[] = moscomprofilerHTML::makeOption('gallery', _UE_AVATAR_SELECT);
}
if ($_CB_framework->getUi() == 2 && $existingAvatar && $user->{$nameapproved} == 0) {
$choices[] = moscomprofilerHTML::makeOption('approve', _UE_APPROVE_IMAGE);
}
if ($existingAvatar && $required == 0) {
$choices[] = moscomprofilerHTML::makeOption('delete', _UE_DELETE_AVATAR);
}
$html .= '<div>';
if ($reason != 'register' && $user->id != 0 && $existingAvatar) {
$html .= $this->_avatarHtml($field, $user, $reason) . ' ';
}
if ($reason == 'edit' && $existingAvatar && $user->{$nameapproved} == 0 && isModerator($_CB_framework->myId())) {
$html .= $this->_avatarHtml($field, $user, $reason, false, 10) . ' ';
}
if (count($choices) > 1) {
$additional = ' class="inputbox"';
if ($_CB_framework->getUi() == 1 && $reason == 'edit' && $field->readonly) {
$additional .= ' disabled="disabled"';
}
$html .= moscomprofilerHTML::selectList($choices, $name . '__choice', $additional, 'value', 'text', '', $required, true, false);
/*
$js = " $('#cbimg_upload_" . $name . ",#cbimg_gallery_" . $name . "').hide();"
. "\n $('#" . $name . "__choice').click( function() {"
. "\n var choice = $(this).val();"
. "\n if ( choice == '' ) {"
. "\n $('#cbimg_upload_" . $name . "').slideUp('slow');"
. "\n $('#cbimg_gallery_" . $name . "').slideUp('slow');"
. "\n } else if ( choice == 'upload' ) {"
. "\n $('#cbimg_upload_" . $name . "').slideDown('slow');"
. "\n $('#cbimg_gallery_" . $name . "').slideUp('slow');"
. "\n } else if ( choice == 'gallery' ) {"
. "\n $('#cbimg_upload_" . $name . "').slideUp('slow');"
. "\n $('#cbimg_gallery_" . $name . "').slideDown('slow');"
. "\n }"
. "\n } ).click();"
;
*/
static $functOut = false;
if (!$functOut) {
$js = "function cbslideImage(choice,uplodid,galleryid) {" . "\n\tif ( ( choice == '' ) || ( choice == 'approve' ) || ( choice == 'delete' ) ) {" . "\n\t\t\$(uplodid).slideUp('slow');" . "\n\t\t\$(galleryid).slideUp('slow');" . "\n\t} else if ( choice == 'upload' ) {" . "\n\t\t\$(uplodid).slideDown('slow');" . "\n\t\t\$(galleryid).slideUp('slow');" . "\n\t} else if ( choice == 'gallery' ) {" . "\n\t\t\$(uplodid).slideUp('slow');" . "\n\t\t\$(galleryid).slideDown('slow');" . "\n\t}" . "\n}";
$_CB_framework->outputCbJQuery($js);
$functOut = true;
}
$js = "\$('#cbimg_upload_" . $name . ",#cbimg_gallery_" . $name . "').hide();" . "\n\t{" . "\n\t \$('#" . $name . "__choice').click( function() {" . "\n\t\tcbslideImage( \$(this).val(), '#cbimg_upload_" . $name . "', '#cbimg_gallery_" . $name . "' );" . "\n\t } ).click();" . "\n\t \$('#" . $name . "__choice').change( function() {" . "\n\t\tcbslideImage( \$(this).val(), '#cbimg_upload_" . $name . "', '#cbimg_gallery_" . $name . "' );" . "\n\t } );" . "\n\t}";
$_CB_framework->outputCbJQuery($js);
} else {
$html .= '<input type="hidden" name="' . $name . '__choice" value="' . $choices[0]->value . '" />';
}
$html .= $this->_fieldIconsHtml($field, $user, 'htmledit', $reason, 'select', '', null, '', array(), $displayFieldIcons, $required);
$html .= '</div>';
if ($name != 'avatar' || $ueConfig['allowAvatarUpload']) {
$button = $reason == 'register' ? _UE_REGISTER : ($_CB_framework->getUi() == 2 ? _UE_SAVE : _UE_UPDATE);
$saveFieldName = $field->name;
$saveFieldRequired = $field->required;
$field->name .= '__file';
if ($field->required && $user && isset($user->{$saveFieldName}) && $user->{$saveFieldName}) {
$field->required = 0;
}
$html .= '<div id="cbimg_upload_' . $name . '">' . '<p>' . sprintf(_UE_UPLOAD_DIMENSIONS_AVATAR, $this->_getImageFieldParam($field, 'avatarWidth'), $this->_getImageFieldParam($field, 'avatarHeight'), $this->_getImageFieldParam($field, 'avatarSize')) . '</p>' . '<div>' . _UE_UPLOAD_SELECT_FILE . ' ' . '<input type="file" name="' . $name . '__file" value="" class="inputbox" />' . '</div>' . '<p>' . ($ueConfig['reg_enable_toc'] ? sprintf(_UE_AVATAR_DISCLAIMER_TERMS, $button, "<a href='" . cbSef(htmlspecialchars($ueConfig['reg_toc_url'])) . "' target='_BLANK'> " . _UE_AVATAR_TOC_LINK . "</a>") : sprintf(_UE_AVATAR_DISCLAIMER, $button)) . '</p>' . '</div>';
$field->name = $saveFieldName;
$field->required = $saveFieldRequired;
}
if ($name == 'avatar' && $ueConfig['allowAvatarGallery']) {
$live_site = $_CB_framework->getCfg('live_site');
$avatar_gallery_path = $_CB_framework->getCfg('absolute_path') . '/images/comprofiler/gallery';
$avatar_images = array();
$avatar_images = display_avatar_gallery($avatar_gallery_path);
$html .= '<div id="cbimg_gallery_' . $name . '">' . "\n\t<table width='100%' border='0' cellpadding='4' cellspacing='2'>" . "\n\t\t<tr align='center' valign='middle'>";
for ($i = 0; $i < count($avatar_images); $i++) {
$j = $i + 1;
$avatar_name = ucfirst(str_replace('_', ' ', preg_replace('/^(.*)\\..*$/', '\\1', $avatar_images[$i])));
$html .= "\n\t\t\t<td>" . '<input type="radio" name="' . $name . '__gallery" id="' . $name . '__gallery_' . $i . '" value="' . $avatar_images[$i] . '" />' . '<label for="' . $name . '__gallery_' . $i . '">' . '<img src="' . $live_site . '/images/comprofiler/gallery/' . $avatar_images[$i] . '" alt="' . $avatar_name . '" title="' . $avatar_name . '" />' . '</label>' . '</td>';
if (function_exists('fmod')) {
if (!fmod($j, 5)) {
$html .= "</tr>\n\t\t<tr align=\"center\" valign=\"middle\">";
}
} else {
if (!fmodReplace($j, 5)) {
// PHP < 4.2.0...
$html .= "</tr>\n\t\t<tr align=\"center\" valign=\"middle\">";
}
}
}
$html .= "\n\t\t</tr>\n\t\t" . "\n\t</table>" . '</div>';
}
$html .= '</div>';
return $html;
}
/**
* Method for ajax approval / disaproval from action button ;
*
* @return : (text) - Html response ;
*/
function actionApprove($iPollId, $iApprove = 1)
{
$iPollId = (int) $iPollId;
if ($iPollId) {
$iActionerId = getLoggedId();
$iApprove = (int) $iApprove;
$sJQueryJS = genAjaxyPopupJS($iPollId);
if (isAdmin($iActionerId) || isModerator($iActionerId)) {
if (!$this->_oDb->setStatus($iPollId, $iApprove)) {
$sMsg = '_Error';
} else {
$sMsg = '_Saved';
}
} else {
$sMsg = '_Access denied';
}
header('Content-Type: text/html; charset=UTF-8');
echo MsgBox(_t($sMsg)) . $sJQueryJS;
exit;
}
}
/**
* Perform admin or moderator actions
*
* @param $sAction string
* @param $iViewerId integer
* @param $iTargetId integer
* @return mixed - HTML code or FALSE
*/
function PageListControl($sAction, $iViewerId, $iTargetId)
{
$sAction = clear_xss($sAction);
$iViewerId = (int) $iViewerId;
$iTargetId = (int) $iTargetId;
$mixedRes = FALSE;
$sMsg = '_Error';
if (isAdmin($iViewerId) or isModerator($iViewerId) and $iViewerId != $iTargetId) {
switch ($sAction) {
case 'activate':
case 'deactivate':
$mixedRes = _setStatus($iTargetId, $sAction);
break;
case 'ban':
if (bx_admin_profile_ban_control($iTargetId)) {
$sMsg = '_Success';
}
$mixedRes = MsgBox(_t($sMsg));
break;
case 'unban':
if (bx_admin_profile_ban_control($iTargetId, FALSE)) {
$sMsg = '_Success';
}
$mixedRes = MsgBox(_t($sMsg));
break;
case 'featured':
case 'unfeatured':
$mixedRes = _setFeature($iTargetId, $sAction);
break;
case 'delete':
profile_delete($iTargetId);
$mixedRes = MsgBox(_t('_Success')) . genAjaxyPopupJS($iTargetId, 'ajaxy_popup_result_div', BX_DOL_URL_ROOT . 'browse.php');
break;
case 'delete_spam':
profile_delete($iTargetId, TRUE);
$mixedRes = MsgBox(_t('_Success')) . genAjaxyPopupJS($iTargetId, 'ajaxy_popup_result_div', BX_DOL_URL_ROOT . 'browse.php');
break;
default:
}
}
return $mixedRes;
}
static function userProfile($user, $option, $submitvalue)
{
global $_CB_framework, $ueConfig, $_POST, $_PLUGINS;
$_PLUGINS->loadPluginGroup('user');
$results = $_PLUGINS->trigger('onBeforeUserProfileRequest', array(&$user, 1));
if ($_PLUGINS->is_errors()) {
echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n";
exit;
}
$cbTemplate = HTML_comprofiler::_cbTemplateLoad();
$cbMyIsModerator = isModerator($_CB_framework->myId());
$cbUserIsModerator = isModerator($user->id);
$showProfile = 1;
if ($user->banned != 0 || $user->block == 1 && $user->confirmed && $user->approved) {
echo "<font color='red'>";
if ($user->banned != 0) {
if ($_CB_framework->myId() != $user->id) {
echo _UE_USERPROFILEBANNED;
} else {
echo _UE_BANNED_CHANGE_PROFILE;
}
}
if ($user->block == 1 && $user->confirmed && $user->approved) {
echo _UE_USERPROFILEBLOCKED;
}
if ($_CB_framework->myId() != $user->id && $cbMyIsModerator != 1) {
$showProfile = 0;
} else {
if ($user->block == 1) {
echo ": " . _UE_LOGIN_BLOCKED;
}
if ($user->banned != 0) {
echo "<br />" . nl2br($user->bannedreason);
}
}
echo "<br /></font>";
}
if (!$user->confirmed) {
echo "<font color='red'>" . _UE_USER_NOT_CONFIRMED . "</font><br />";
}
if (!$user->approved) {
echo "<font color='red'>" . _UE_USER_NOT_APPROVED . "</font><br />";
}
if ((!$user->confirmed || !$user->approved) && $cbMyIsModerator != 1) {
$showProfile = 0;
}
if ($showProfile == 1) {
$results = $_PLUGINS->trigger('onBeforeUserProfileDisplay', array(&$user, 1, $cbUserIsModerator, $cbMyIsModerator));
if ($_PLUGINS->is_errors()) {
echo "<script type=\"text/javascript\">alert(\"" . $_PLUGINS->getErrorMSG() . "\"); window.history.go(-1); </script>\n";
exit;
}
$output = 'html';
$cbUser =& CBuser::getInstance($user->id);
$_CB_framework->displayedUser((int) $user->id);
$userViewTabs = $cbUser->getProfileView();
/*
$tabs = new cbTabs( 0, 1 );
$userViewTabs = $tabs->getViewTabs($user); // this loads, registers menu and user status and renders the tabs
*/
$_CB_framework->setPageTitle(cbUnHtmlspecialchars(getNameFormat($user->name, $user->username, $ueConfig['name_format'])));
$_CB_framework->appendPathWay(getNameFormat($user->name, $user->username, $ueConfig['name_format']));
outputCbTemplate(1);
initToolTip(1);
$_CB_framework->document->addHeadScriptDeclaration('
function cbConnSubmReq() {
cClick();
document.connOverForm.submit();
}
function confirmSubmit() {
if (confirm("' . _UE_CONFIRMREMOVECONNECTION . '"))
return true ;
else
return false ;
}
');
if (is_array($results)) {
echo implode('', $results);
}
echo "\n\t<div class=\"cbProfile\"><div id=\"cbProfileInner\">";
echo HTML_comprofiler::_cbTemplateRender($cbTemplate, $user, 'Profile', 'drawProfile', array(&$user, &$userViewTabs), $output);
echo "</div><div class=\"cbClr\"></div></div>\n" . "<div class=\"cbClr\"></div>";
// end of cbProfile floating div
$tab = null;
if (isset($_GET['tab'])) {
$tab = urldecode(stripslashes(cbGetParam($_GET, 'tab', '')));
} elseif (isset($_POST['tab'])) {
$tab = stripslashes(cbGetParam($_POST, 'tab', ''));
}
if ($tab) {
$_CB_framework->outputCbJQuery("showCBTab('" . addslashes($tab) . "');");
}
if ($_CB_framework->myId() != $user->id) {
recordViewHit($_CB_framework->myId(), $user->id, getenv('REMOTE_ADDR'));
}
$_PLUGINS->trigger('onAfterUserProfileDisplay', array($user, true));
}
}
$objid = $objData["objid"];
// Fetch artist's data.
$result = sql_query("SELECT `useid`, `useUsername` FROM `users` " . "WHERE `useid` = '" . $objData["objCreator"] . "' LIMIT 1");
$useData = mysql_fetch_assoc($result);
// This does not work until abuCreator is added. The addition of abuCreator will probably also result in other code modification.
$useData["abuseCases"] = intval(mysql_result(sql_query("SELECT COUNT(*) FROM `abuses` WHERE `abuCreator` = '" . $objData["objCreator"] . "'"), 0));
$useData["abusePercent"] = round(intval(mysql_result(sql_query("SELECT COUNT(*) FROM `abuses` WHERE `abuCreator` = '" . $objData["objCreator"] . "' AND ((`abuMod` = '-' AND `abusMod` = '-') OR (`aburMod` = '-'))"), 0)) / $useData["abuseCases"] * 100);
// Fetch reporter's data.
$result = sql_query("SELECT `useid`, `useUsername` FROM `users` " . "WHERE `useid` = '" . $objData["abuSubmitter"] . "' LIMIT 1");
$repData = mysql_fetch_assoc($result);
$repData["abuseCases"] = intval(mysql_result(sql_query("SELECT COUNT(*) FROM `abuses` WHERE `abuSubmitter` = '" . $objData["abuSubmitter"] . "'"), 0));
$repData["abusePercent"] = round(intval(mysql_result(sql_query("SELECT COUNT(*) FROM `abuses` WHERE `abuSubmitter` = '" . $objData["abuSubmitter"] . "' AND ((`abuMod` = '-' AND `abusMod` = '-') OR (`aburMod` = '-'))"), 0)) / $repData["abuseCases"] * 100);
// Determine the current user's access level.
$accessLevel = 0;
// No access.
if ($objData["abuMod"] == "?" && isModerator()) {
$accessLevel = 1;
// Moderator.
} elseif ($objData["abuMod"] != "?" && $objData["abusMod"] == "?" && isSModerator()) {
$accessLevel = 2;
// Supermoderator.
} elseif ($objData["abuMod"] != "?" && $objData["abusMod"] != "?" && $objData["abuMod"] != $objData["abusMod"] && isAdmin()) {
$accessLevel = 3;
// Administrator.
}
if ($objData["abuResolved"]) {
$accessLevel = 0;
}
// This abuse case is resolved.
if ($accessLevel > 0 && isset($_POST["submit"])) {
// Check if we got a correct decision: "+" or "-"
$GLOBALS['oTopMenu']->setCurrentProfileID($iProfileId);
$_page_cont[$iIndex]['page_main_code'] = $oPoll->searchMy();
} else {
member_auth(0);
}
break;
case 'show_poll_info':
case 'poll_home':
// draw polls question on menu's panel;
$aPollInfo = current($oPoll->_oDb->getPollInfo($iPollId));
$sCode = '';
$sInitPart = $oPoll->getInitPollPage();
if ($aPollSettings['action'] == 'show_poll_info') {
$isAllowView = FALSE;
if (!empty($aPollInfo)) {
if ((int) $aPollInfo['poll_approval'] == 1 || isAdmin($iProfileId) || isModerator($iProfileId)) {
$isAllowView = TRUE;
}
}
if ($isAllowView) {
$oViewPoll = bx_instance($aModule['class_prefix'] . 'View', array($aPollSettings['action'], $aModule, $oPoll, $iPollId), $aModule);
$sPageTitle = $aPollInfo['poll_question'];
$sPageCaption = _t('_bx_poll_view', $aPollInfo['poll_question']);
$_page['header'] = $sPageCaption;
$_page['header_text'] = $sPageCaption;
$oPoll->_oTemplate->addJsTranslation(array('_Are_you_sure'));
$oPoll->_oTemplate->setPageDescription($aPollInfo['poll_question']);
$oPoll->_oTemplate->addPageKeywords($aPollInfo['poll_answers'], BX_POLL_ANS_DIVIDER);
if (mb_strlen($sPageTitle) > $oPoll->sPollHomeTitleLenght) {
$sPageTitle = mb_substr($sPageTitle, 0, $oPoll->sPollHomeTitleLenght) . '...';
}
function deleteComment($commentId)
{
$cData = getComment($commentId);
if ($cData[0]['user'] == getActiveUserID() || isAdmin() || isModerator()) {
$link = getDBConnection();
if (mysqli_select_db($link, getDBName())) {
$commentId = intval($commentId);
mysqli_query($link, "DELETE FROM newsComments WHERE id = {$commentId}");
}
}
}
/**
* Generate users details
*
* @param moscomprofilerUser $user
* @param object $forum
* @return object
*/
function getUserDetails( $user, $forum ) {
global $_CB_database, $_CB_framework;
static $usersdetailsCache = array();
if ( ! isset( $usersdetailsCache[$user->id] ) ) {
if ( ( isset ( $forum->config['showuserstats'] ) ? $forum->config['showuserstats'] : $forum->config['showstats'] ) || ( ! $forum->config['showranking'] && ! $forum->config['showkarma'] && ! ( isset ( $forum->config['poststats'] ) ? $forum->config['poststats'] : $forum->config['postStats'] ) ) ) {
if ( ( ( $forum->component == 'com_fireboard' ) && ( $forum->version >= '1.0.3' ) ) || ( $forum->component == 'com_kunena' ) ) {
$supportsDbRanks = ', ' . $_CB_database->NameQuote( 'rank' );
} else {
$supportsDbRanks = null;
}
$userDetails = $this->getUserSettings( $user, $forum, $supportsDbRanks );
if ( ( isset( $userDetails->posts ) ) && $userDetails->posts != 0 ) {
if ( $forum->config['showranking'] ) {
$uIsAdm = isModerator( $user->id );
$uIsMod = $userDetails->moderator;
$pathImage = $_CB_framework->getCfg( 'live_site' ) . '/components/' . $forum->component;
if ( $supportsDbRanks ) {
if ( $userDetails->rank != 0 ) {
$where = $_CB_database->NameQuote( 'rank_id' ) . ' = ' . (int) $userDetails->rank;
} else {
$where = $_CB_database->NameQuote( 'rank_min' ) . ' <= ' . (int) $userDetails->posts
. "\n ORDER BY " . $_CB_database->NameQuote( 'rank_min' ) . ' DESC';
}
$query = 'SELECT ' . $_CB_database->NameQuote( 'rank_title' )
. ', ' . $_CB_database->NameQuote( 'rank_image' )
. "\n FROM " . $_CB_database->NameQuote( '#__' . $forum->prefix . '_ranks' )
. "\n WHERE " . $where;
$_CB_database->setQuery( $query, 0, 1 );
$userRank = null;
$_CB_database->loadObject( $userRank );
$pathImage = $pathImage . $this->params->get( 'TemplateRank', '/template/default/images' );
$rText = $userRank->rank_title;
$rImg = $pathImage . '/ranks/' . $userRank->rank_image;
} else {
$userDetails->rank = 1;
for ( $i = 1; $i <= 5; $i++ ) {
$rankPrev = $forum->config['rank' . ( ( ( $i > 1 ) ? ( $i - 1 ) : $i ) )];
$rank = $forum->config['rank' . $i];
if ( $userDetails->posts <= $rank && ( $userDetails->posts > $rankPrev ) ) {
$userDetails->rank = $i;
} elseif ( ( $i == 5 ) && ( $userDetails->posts > $rank ) ) {
$userDetails->rank = 6;
}
}
$rText = $forum->config['rank' . $userDetails->rank . 'txt'];
$rImg = $pathImage . '/ranks/rank' . $userDetails->rank . '.gif';
}
if ( ( $userDetails->rank == 0 ) && $uIsMod ) {
$rText = CBTxt::T( 'Moderator' );
$rImg = $pathImage . '/ranks/rankmod.gif';
}
if ( ( $userDetails->rank == 0 ) && $uIsAdm ) {
$rText = CBTxt::T( 'Administrator' );
$rImg = $pathImage . '/ranks/rankadmin.gif';
}
if ( $forum->config['rankimages'] ) {
$userDetails->msg_userrankimg = '<img src="' . htmlspecialchars( $rImg ) . '" alt="' . htmlspecialchars( $rText ) . '" border="0" />';
}
$userDetails->msg_userrank = $rText;
}
} else {
$userDetails = false;
}
} else {
$userDetails = false;
}
$usersdetailsCache[$user->id] = $userDetails;
}
return $usersdetailsCache[$user->id];
}
function drawUsersList( $uid, $listid, $searchFormValuesRAW ) {
global $_CB_database, $_CB_framework, $ueConfig, $Itemid, $_PLUGINS;
$search = null;
$searchGET = cbGetParam( $searchFormValuesRAW, 'search' );
$limitstart = (int) cbGetParam( $searchFormValuesRAW, 'limitstart', 0 );
$searchmode = (int) cbGetParam( $searchFormValuesRAW, 'searchmode', 0 );
$randomParam = (int) cbGetParam( $searchFormValuesRAW, 'rand', 0 );
// old search on formated name:
/* if ( $searchPOST || count( $_POST ) ) {
// simple spoof check security
cbSpoofCheck( 'usersList' );
if ( cbGetParam( $searchFormValuesRAW, "action" ) == "search" ) {
$search = $searchPOST;
}
} else
if ( isset( $searchFormValuesRAW['limitstart'] ) ) {
$search = stripslashes( $searchGET );
}
*/
// get my user and gets the list of user lists he is allowed to see (ACL):
$myCbUser =& CBuser::getInstance( $uid );
if ( $myCbUser === null ) {
$myCbUser =& CBuser::getInstance( null );
}
$myUser =& $myCbUser->getUserData();
/*
$myUser = new moscomprofilerUser( $_CB_database );
if ( $uid ) {
$myUser->load( (int) $uid );
}
*/
$useraccessgroupSQL = " AND useraccessgroupid IN (".implode(',',getChildGIDS(userGID($uid))).")";
$_CB_database->setQuery( "SELECT listid, title FROM #__comprofiler_lists WHERE published=1" . $useraccessgroupSQL . " ORDER BY ordering" );
$plists = $_CB_database->loadObjectList();
$lists = array();
$publishedlists = array();
for ( $i=0, $n=count( $plists ); $i < $n; $i++ ) {
$plist =& $plists[$i];
$listTitleNoHtml = strip_tags( cbReplaceVars( getLangDefinition( $plist->title ), $myUser, false, false ) );
$publishedlists[] = moscomprofilerHTML::makeOption( $plist->listid, $listTitleNoHtml );
}
// select either list selected or default list to which he has access (ACL):
if ( $listid == 0 ) {
$_CB_database->setQuery( "SELECT listid FROM #__comprofiler_lists "
. "\n WHERE `default`=1 AND published=1" . $useraccessgroupSQL );
$listid = (int) $_CB_database->loadresult();
if ( $listid == 0 && ( count( $plists ) > 0 ) ) {
$listid = (int) $plists[0]->listid;
}
}
if ( ! ( $listid > 0 ) ) {
echo _UE_NOLISTFOUND;
return;
}
// generates the drop-down list of lists:
if ( count( $plists ) > 1 ) {
$lists['plists'] = moscomprofilerHTML::selectList( $publishedlists, 'listid', 'class="inputbox" size="1" onchange="this.form.submit();"', 'value', 'text', $listid, 1 );
}
// loads the list record:
$row = new moscomprofilerLists( $_CB_database );
if ( ( ! $row->load( (int) $listid ) ) || ( $row->published != 1 ) ) {
echo _UE_LIST_DOES_NOT_EXIST;
return;
}
if ( ! allowAccess( $row->useraccessgroupid,'RECURSE', userGID($uid) ) ) {
echo _UE_NOT_AUTHORIZED;
return;
}
$params = new cbParamsBase( $row->params );
$hotlink_protection = $params->get( 'hotlink_protection', 0 );
if ( $hotlink_protection == 1 ) {
if ( ( $searchGET !== null ) || $limitstart ) {
cbSpoofCheck( 'usersList', 'GET' );
}
}
$limit = (int) $params->get( 'list_limit' );
if ( $limit == 0 ) {
$limit = (int) $ueConfig['num_per_page'];
}
$showPaging = $params->get( 'list_paging', 1 );
if ( $showPaging != 1 ) {
$limitstart = 0;
}
$isModerator = isModerator( $_CB_framework->myId() );
$_PLUGINS->loadPluginGroup( 'user' );
// $plugSearchFieldsArray = $_PLUGINS->trigger( 'onStartUsersList', array( &$listid, &$row, &$search, &$limitstart, &$limit ) );
$_PLUGINS->trigger( 'onStartUsersList', array( &$listid, &$row, &$search, &$limitstart, &$limit ) );
// handles the users allowed to be listed in the list by ACL:
$allusergids = array();
$usergids = explode( ',', $row->usergroupids );
/* This was a bug tending to list admins when "public backend" was checked, and all frontend users when "public backend was checked. Now just ignore them:
foreach( $usergids AS $usergid ) {
$allusergids[] = $usergid;
if ($usergid==29 || $usergid==30) {
$groupchildren = array();
$groupchildren = $_CB_framework->acl->get_group_children( $usergid, 'ARO','RECURSE' );
$allusergids = array_merge($allusergids,$groupchildren);
}
}
*/
$allusergids = array_diff( $usergids, array( 29, 30 ) );
$usergids = implode( ",", $allusergids );
// build SQL Select query:
$random = 0;
if( $row->sortfields != '' ) {
$matches = null;
if ( preg_match( '/^RAND\(\)\s(ASC|DESC)$/', $row->sortfields, $matches ) ) {
// random sorting needs to have same seed on pages > 1 to not have probability to show same users:
if ( $limitstart ) {
$random = (int) $randomParam;
}
if ( ! $random ) {
$random = rand( 0, 32767 );
}
$row->sortfields = 'RAND(' . (int) $random . ') ' . $matches[1];
}
$orderby = "\n ORDER BY " . $row->sortfields;
}
$filterby = '';
if ( $row->filterfields != '' ) {
$filterRules = utf8RawUrlDecode( substr( $row->filterfields, 1 ) );
if ( $_CB_framework->myId() ) {
$user = new moscomprofilerUser( $_CB_database );
if ( $user->load( (int) $_CB_framework->myId() ) ) {
$filterRules = cbReplaceVars( $filterRules, $user, array( $_CB_database, 'getEscaped' ), false, array() );
}
}
$filterby = " AND ". $filterRules;
}
// Prepare part after SELECT .... " and before "FROM" :
$tableReferences = array( '#__comprofiler' => 'ue', '#__users' => 'u' );
// Fetch all fields:
$tabs = $myCbUser->_getCbTabs(); // new cbTabs( 0, 1 ); //TBD: later: this private method should not be called here, but the whole users-list should go into there and be called here.
$allFields = $tabs->_getTabFieldsDb( null, $myUser, 'list' );
// $_CB_database->setQuery( "SELECT * FROM #__comprofiler_fields WHERE published = 1" );
// $allFields = $_CB_database->loadObjectList( 'fieldid', 'moscomprofilerFields', array( &$_CB_database ) );
//Make columns array. This array will later be constructed from the tabs table:
$columns = array();
for ( $i = 1; $i < 50; ++$i ) {
$enabledVar = "col".$i."enabled";
if ( ! isset( $row->$enabledVar ) ) {
break;
}
$titleVar = "col".$i."title";
$fieldsVar = "col".$i."fields";
$captionsVar = "col".$i."captions";
if ( $row->$enabledVar == 1 ) {
$col = new stdClass();
$col->fields = ( $row->$fieldsVar ? explode( '|*|', $row->$fieldsVar ) : array() );
$col->title = $row->$titleVar;
$col->titleRendered = $myCbUser->replaceUserVars( $col->title );
$col->captions = $row->$captionsVar;
// $col->sort = 1; //All columns can be sorted
$columns[$i] = $col;
}
}
// build fields and tables accesses, also check for searchable fields:
$searchableFields = array();
$fieldsSQL = cbUsersList::getFieldsSQL( $columns, $allFields, $tableReferences, $searchableFields, $params );
$_PLUGINS->trigger( 'onAfterUsersListFieldsSql', array( &$columns, &$allFields, &$tableReferences ) );
$tablesSQL = array();
$joinsSQL = array();
$tablesWhereSQL = array( 'block' => 'u.block = 0',
'approved' => 'ue.approved = 1',
'confirmed' => 'ue.confirmed = 1'
);
if ( checkJversion() == 2 ) {
$joinsSQL[] = 'JOIN #__user_usergroup_map g ON g.`user_id` = u.`id`';
}
if ( ! $isModerator ) {
$tablesWhereSQL['banned'] = 'ue.banned = 0';
}
if ( $usergids ) {
if ( checkJversion() == 2 ) {
$tablesWhereSQL['gid'] = 'g.group_id IN (' . $usergids . ')';
} else {
$tablesWhereSQL['gid'] = 'u.gid IN (' . $usergids . ')';
}
}
foreach ( $tableReferences as $table => $name ) {
$tablesSQL[] = $table . ' ' . $name;
if ( $name != 'u' ) {
$tablesWhereSQL[] = "u.`id` = " . $name . ".`id`";
}
}
// handles search criterias:
$list_compare_types = $params->get( 'list_compare_types', 0 );
$searchVals = new stdClass();
$searchesFromFields = $tabs->applySearchableContents( $searchableFields, $searchVals, $searchFormValuesRAW, $list_compare_types );
$whereFields = $searchesFromFields->reduceSqlFormula( $tableReferences, $joinsSQL, TRUE );
if ( $whereFields ) {
$tablesWhereSQL[] = '(' . $whereFields . ')';
/*
if ( $search === null ) {
$search = '';
}
*/
}
$_PLUGINS->trigger( 'onBeforeUsersListBuildQuery', array( &$tablesSQL, &$joinsSQL, &$tablesWhereSQL ) );
$queryFrom = "FROM " . implode( ', ', $tablesSQL )
. ( count( $joinsSQL ) ? "\n " . implode( "\n ", $joinsSQL ) : '' )
. "\n WHERE " . implode( "\n AND ", $tablesWhereSQL );
// handles old formatted names search:
/*
if ( $search != '' ) {
$searchSQL = cbEscapeSQLsearch( strtolower( $_CB_database->getEscaped( $search ) ) );
$queryFrom .= " AND (";
$searchFields = array();
if ( $ueConfig['name_format']!='3' ) {
$searchFields[] = "u.name LIKE '%%s%'";
}
if ( $ueConfig['name_format']!='1' ) {
$searchFields[] = "u.username LIKE '%%s%'";
}
if ( is_array( $plugSearchFieldsArray ) ) {
foreach ( $plugSearchFieldsArray as $v ) {
if ( is_array( $v ) ) {
$searchFields = array_merge( $searchFields, $v );
}
}
}
$queryFrom .= str_replace( '%s', $searchSQL, implode( " OR ", $searchFields ) );
$queryFrom .= ")";
}
*/
$queryFrom .= " " . $filterby;
$_PLUGINS->trigger( 'onBeforeUsersListQuery', array( &$queryFrom, 1, $listid ) ); // $uid = 1
$errorMsg = null;
// counts number of users and loads the listed fields of the users if not in search-form-only mode:
if ( $searchmode == 0 ) {
if ( checkJversion() == 2 ) {
$_CB_database->setQuery( "SELECT COUNT(DISTINCT u.id) " . $queryFrom );
} else {
$_CB_database->setQuery( "SELECT COUNT(*) " . $queryFrom );
}
$total = $_CB_database->loadResult();
if ( ( $limit > $total ) || ( $limitstart >= $total ) ) {
$limitstart = 0;
}
// $query = "SELECT u.id, ue.banned, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby
if ( checkJversion() == 2 ) {
$query = "SELECT DISTINCT ue.*, u.*, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby;
} else {
$query = "SELECT ue.*, u.*, '' AS 'NA' " . ( $fieldsSQL ? ", " . $fieldsSQL . " " : '' ) . $queryFrom . " " . $orderby;
}
$_CB_database->setQuery( $query, (int) $limitstart, (int) $limit );
$users = $_CB_database->loadObjectList( null, 'moscomprofilerUser', array( &$_CB_database ) );
if ( ! $_CB_database->getErrorNum() ) {
// creates the CBUsers in cache corresponding to the $users:
foreach ( array_keys( $users ) as $k) {
CBuser::setUserGetCBUserInstance( $users[$k] );
}
} else {
$users = array();
$errorMsg = _UE_ERROR_IN_QUERY_TURN_SITE_DEBUG_ON_TO_VIEW;
}
if ( count( get_object_vars( $searchVals ) ) > 0 ) {
$search = '';
} else {
$search = null;
}
} else {
$total = null;
$users = array();
if ( $search === null ) {
$search = '';
}
}
// Compute itemId of users in users-list:
if ( $Itemid ) {
$option_itemid = (int) $Itemid;
} else {
$option_itemid = getCBprofileItemid( 0 );
}
HTML_comprofiler::usersList( $row, $users, $columns, $allFields, $lists, $listid, $search, $searchmode, $option_itemid, $limitstart, $limit, $total, $myUser, $searchableFields, $searchVals, $tabs, $list_compare_types, $showPaging, $hotlink_protection, $errorMsg, $random );
}
}
?>
">Редактировать</button>
<?php
}
?>
<?php
if (isAdmin() || isModerator()) {
?>
<button type = "submit" name = "delete" onclick = "deleteComment(<?php
echo $newsId . "," . $comment['id'];
?>
); return false;" class = "btn btn-danger">Удалить</button>
<?php
}
if (isAdmin() || isModerator() || getActiveUser() === $comment['user']) {
?>
</div>
<?php
}
?>
</div>
<?php
}
?>
<?php
if (getActiveUserID() != -1) {
$commentText = "Отправить";
if ($commentId != -1) {
<?php
session_start();
include_once 'student.php';
include_once 'enterprise.php';
include_once 'recovery.php';
$body = file_get_contents('php://input');
if (isset($body)) {
$json = json_decode($body);
if (isset($json) && isModerator($_SESSION['id']) && $_SESSION['type'] == "student") {
if (unfeatureCasestudy($json->casestudyID)) {
$message = array('success' => 'Case was successfully unfeatured');
} else {
$message = array('error' => 'Case was not successfully unfeatured. DatabaseError');
}
} else {
$message = array('error' => 'Case was not successfully unfeatured. Userunauthorized');
}
}
$JSONresponse = json_encode($message);
echo $JSONresponse;
/**
* Checks if a given action is allowed for a given member and updates action information if the
* action is performed.
*
* @param int $iMemberId - ID of a member that is going to perform an action
* @param int $actionID - ID of the action itself
* @param boolean $performAction - if true, then action information is updated, i.e. action
* is 'performed'
*
* @return array( CHECK_ACTION_RESULT => CHECK_ACTION_RESULT_ constant,
* CHECK_ACTION_MESSAGE => CHECK_ACTION_MESSAGE_ constant,
* CHECK_ACTION_PARAMETER => additional action parameter (string) )
*
*
* NOTES:
*
* $result[CHECK_ACTION_MESSAGE] contains a message with detailed information about the result,
* already processed by the language file
*
* if $result[CHECK_ACTION_RESULT] == CHECK_ACTION_RESULT_ALLOWED then this node contains
* an empty string
*
* The error messages themselves are stored in the language file. Additional variables are
* passed to the languages.inc.php function _t_ext() as an array and can be used there in the form of
* {0}, {1}, {2} ...
*
* Additional variables passed to the lang. file on errors (can be used in error messages):
*
* For all errors:
*
* $arg0[CHECK_ACTION_LANG_FILE_ACTION] = name of the action
* $arg0[CHECK_ACTION_LANG_FILE_MEMBERSHIP]= name of the current membership
*
* CHECK_ACTION_RESULT_LIMIT_REACHED:
*
* $arg0[CHECK_ACTION_LANG_FILE_LIMIT] = limit on number of actions allowed for the member
* $arg0[CHECK_ACTION_LANG_FILE_PERIOD] = period that the limit is set for (in hours, 0 if unlimited)
*
* CHECK_ACTION_RESULT_NOT_ALLOWED_BEFORE:
*
* $arg0[CHECK_ACTION_LANG_FILE_BEFORE] = date/time since when the action is allowed
*
* CHECK_ACTION_RESULT_NOT_ALLOWED_AFTER:
*
* $arg0[CHECK_ACTION_LANG_FILE_AFTER] = date/time since when the action is not allowed
*
* $result[CHECK_ACTION_PARAMETER] contains an additional parameter that can be considered
* when performing the action (like the number of profiles to show in search result)
*/
function checkAction($iMemberId, $actionID, $performAction = false, $iForcedProfID = 0, $isCheckMemberStatus = true)
{
global $logged;
global $site;
//output array initialization
$result = array();
$arrLangFileParams = array();
$dateFormat = "F j, Y, g:i a";
//used when displaying error messages
//input validation
$iMemberId = (int) $iMemberId;
$actionID = (int) $actionID;
$performAction = $performAction ? true : false;
//get current member's membership information
$arrMembership = getMemberMembershipInfo($iMemberId);
$arrLangFileParams[CHECK_ACTION_LANG_FILE_MEMBERSHIP] = $arrMembership['Name'];
$arrLangFileParams[CHECK_ACTION_LANG_FILE_SITE_EMAIL] = $site['email'];
//profile active check
if ($arrMembership['ID'] != MEMBERSHIP_ID_NON_MEMBER || $logged['admin'] || $logged['moderator']) {
$iDestID = $iMemberId;
if ((isAdmin() || isModerator()) && $iForcedProfID > 0) {
$iDestID = $iForcedProfID;
$performAction = false;
}
if ($isCheckMemberStatus) {
$active = getProfileInfo($iDestID);
if ($active['Status'] != 'Active') {
$result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_NOT_ACTIVE;
$result[CHECK_ACTION_MESSAGE] = _t_ext(CHECK_ACTION_MESSAGE_NOT_ACTIVE, $arrLangFileParams);
return $result;
}
}
}
//get permissions for the current action
$resMembershipAction = db_res("\n SELECT\tName,\n IDAction,\n AllowedCount,\n AllowedPeriodLen,\n UNIX_TIMESTAMP(AllowedPeriodStart) as AllowedPeriodStart,\n UNIX_TIMESTAMP(AllowedPeriodEnd) as AllowedPeriodEnd,\n AdditionalParamValue\n FROM\t`sys_acl_actions`\n LEFT JOIN `sys_acl_matrix`\n ON\t`sys_acl_matrix`.IDAction = `sys_acl_actions`.ID\n AND `sys_acl_matrix`.IDLevel = {$arrMembership['ID']}\n WHERE\t`sys_acl_actions`.ID = {$actionID}");
//no such action
if ($resMembershipAction->rowCount() < 1) {
echo "<br /><b>checkAction()</b> fatal error. Unknown action ID: {$actionID}<br />";
exit;
}
$arrAction = $resMembershipAction->fetch();
$result[CHECK_ACTION_PARAMETER] = $arrAction['AdditionalParamValue'];
$arrLangFileParams[CHECK_ACTION_LANG_FILE_ACTION] = _t('_mma_' . str_replace(' ', '_', $arrAction['Name']));
//action is not allowed for the current membership
if (is_null($arrAction['IDAction'])) {
$result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_NOT_ALLOWED;
$result[CHECK_ACTION_MESSAGE] = _t_ext(CHECK_ACTION_MESSAGE_NOT_ALLOWED, $arrLangFileParams);
return $result;
}
//Check fixed period limitations if present (also for non-members)
if ($arrAction['AllowedPeriodStart'] && time() < $arrAction['AllowedPeriodStart']) {
$arrLangFileParams[CHECK_ACTION_LANG_FILE_BEFORE] = date($dateFormat, $arrAction['AllowedPeriodStart']);
$result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_NOT_ALLOWED_BEFORE;
$result[CHECK_ACTION_MESSAGE] = _t_ext(CHECK_ACTION_MESSAGE_NOT_ALLOWED_BEFORE, $arrLangFileParams);
return $result;
}
if ($arrAction['AllowedPeriodEnd'] && time() > $arrAction['AllowedPeriodEnd']) {
$arrLangFileParams[CHECK_ACTION_LANG_FILE_AFTER] = date($dateFormat, $arrAction['AllowedPeriodEnd']);
$result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_NOT_ALLOWED_AFTER;
$result[CHECK_ACTION_MESSAGE] = _t_ext(CHECK_ACTION_MESSAGE_NOT_ALLOWED_AFTER, $arrLangFileParams);
return $result;
}
//if non-member, allow action without performing further checks
if ($arrMembership['ID'] == MEMBERSHIP_ID_NON_MEMBER) {
$result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_ALLOWED;
return $result;
}
//check other limitations (for members only)
$allowedCnt = (int) $arrAction['AllowedCount'];
//number of allowed actions
//if not specified or 0, number of
//actions is unlimited
$periodLen = (int) $arrAction['AllowedPeriodLen'];
//period for AllowedCount in hours
//if not specified, AllowedCount is
//treated as total number of actions
//permitted
//number of actions is limited
if ($allowedCnt > 0) {
//get current action info for the member
$actionTrack = db_res("SELECT ActionsLeft,\n UNIX_TIMESTAMP(ValidSince) as ValidSince\n FROM `sys_acl_actions_track`\n WHERE IDAction = {$actionID} AND IDMember = {$iMemberId}");
$actionsLeft = $performAction ? $allowedCnt - 1 : $allowedCnt;
$validSince = time();
//member is requesting/performing this action for the first time,
//and there is no corresponding record in sys_acl_actions_track table
if ($actionTrack->rowCount() <= 0) {
//add action to sys_acl_actions_track table
db_res("\n INSERT INTO `sys_acl_actions_track` (IDAction, IDMember, ActionsLeft, ValidSince)\n VALUES ({$actionID}, {$iMemberId}, {$actionsLeft}, FROM_UNIXTIME({$validSince}))");
$result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_ALLOWED;
return $result;
}
//action has been requested/performed at least once at this point
//and there is a corresponding record in sys_acl_actions_track table
$actionTrack = $actionTrack->fetch();
//action record in sys_acl_actions_track table is out of date
$periodEnd = (int) $actionTrack['ValidSince'] + $periodLen * 3600;
//ValidSince is in seconds, PeriodLen is in hours
if ($periodLen > 0 && $periodEnd < time()) {
db_res("\n UPDATE\t`sys_acl_actions_track`\n SET\t\tActionsLeft = {$actionsLeft}, ValidSince = FROM_UNIXTIME({$validSince})\n WHERE\tIDAction = {$actionID} AND IDMember = {$iMemberId}");
$result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_ALLOWED;
return $result;
}
//action record is up to date
$actionsLeft = (int) $actionTrack['ActionsLeft'];
//action limit reached for now
if ($actionsLeft <= 0) {
$arrLangFileParams[CHECK_ACTION_LANG_FILE_LIMIT] = $allowedCnt;
$arrLangFileParams[CHECK_ACTION_LANG_FILE_PERIOD] = $periodLen;
$result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_LIMIT_REACHED;
$result[CHECK_ACTION_MESSAGE] = '<div style="width: 80%">' . _t_ext(CHECK_ACTION_MESSAGE_LIMIT_REACHED, $arrLangFileParams) . ($periodLen > 0 ? _t_ext(CHECK_ACTION_MESSAGE_MESSAGE_EVERY_PERIOD, $arrLangFileParams) : '') . '.</div>';
return $result;
}
if ($performAction) {
$actionsLeft--;
db_res("\n UPDATE `sys_acl_actions_track`\n SET ActionsLeft = {$actionsLeft}\n WHERE IDAction = {$actionID} AND IDMember = {$iMemberId}");
}
}
$result[CHECK_ACTION_RESULT] = CHECK_ACTION_RESULT_ALLOWED;
return $result;
}
//found difference
break;
}
}
} else {
$aDiff[$sName] = $mNew;
}
} else {
if ($mNew != $mOld) {
$aDiff[$sName] = $mNew;
}
}
}
return $aDiff;
}
}
$_page['name_index'] = 25;
$_page['css_name'] = 'pedit.css';
$_page['extra_js'] .= '<script type="text/javascript" language="JavaScript" src="' . $site['plugins'] . 'jquery/jquery.form.min.js"></script>';
$_page['extra_js'] .= '<script type="text/javascript" language="JavaScript" src="inc/js/pedit.js"></script>';
check_logged();
if (!(isAdmin() || isModerator() || isLogged() && getLoggedId() == bx_get('ID'))) {
$GLOBALS['oSysTemplate']->displayAccessDenied();
exit;
}
$_page['header'] = _t('_Edit Profile');
$_page['header_text'] = _t('_Edit Profile');
$_ni = $_page['name_index'];
$oEditProc = new BxDolPEditProcessor();
$_page_cont[$_ni]['page_main_code'] = $oEditProc->getCode();
PageCode();
public function handle_parser_cache_use(Doku_Event &$event, $param)
{
global $ACT;
$cache =& $event->data;
if (empty($cache->page) || empty($cache->mode) || $cache->mode != 'xhtml' || !@file_exists(metaFN($cache->page, '.translate'))) {
return;
}
# Ensure refresh on plugin update
$cache->depends['files'][] = dirname(__FILE__) . '/plugin.info.txt';
if (substr($ACT, 0, 7) == 'export_') {
# Don't write XHTML page and XHTML export data into
# the same cache file.
# Props to Michitux for suggesting this
$cache->cache .= '_export';
} else {
# Separate cache file for each moderator
if (isModerator($cache->page)) {
$cache->cache .= '.' . urlencode($_SERVER['REMOTE_USER']);
}
# Ensure refresh with every new review
$cache->depends['files'][] = metaFN($cache->page, '.translate');
}
}
} else {
$class_sfx = '';
$pretext = '';
$posttext = '';
}
$results = null;
$query = "SELECT banned FROM #__comprofiler WHERE id = " . $_CB_framework->myId();
$_CB_database->setQuery($query);
$banStatus = $_CB_database->loadResult();
if ($banStatus === null) {
trigger_error($_CB_database->getErrorMsg(), E_USER_WARNING);
}
if ($banStatus > 0) {
$results .= "<div><a href='" . $_CB_framework->userProfileUrl() . "' class='mod_login" . $class_sfx . "'>" . ($banStatus == 1 ? _UE_PLEAE_CHECK_PROFILE : _UE_BANSTATUS_UNBAN_REQUEST_PENDING) . "</a></div>";
}
if (isModerator($_CB_framework->myId())) {
$query = "SELECT count(*) FROM #__comprofiler WHERE avatarapproved=0 AND approved=1 AND confirmed=1 AND banned=0";
$_CB_database->setQuery($query);
$totalimages = $_CB_database->loadResult();
if ($totalimages === null) {
trigger_error($_CB_database->getErrorMsg(), E_USER_WARNING);
}
$query = "SELECT count(*) FROM #__comprofiler_userreports WHERE reportedstatus=0";
$_CB_database->setQuery($query);
$totaluserreports = $_CB_database->loadResult();
if ($totaluserreports === null) {
trigger_error($_CB_database->getErrorMsg(), E_USER_WARNING);
}
$query = "SELECT count(*) FROM #__comprofiler WHERE banned=2 AND approved=1 AND confirmed=1";
$_CB_database->setQuery($query);
$totalunban = $_CB_database->loadResult();
function BxBaseProfileGenerator($ID)
{
global $site;
$this->aMutualFriends = array();
BxDolProfile::BxDolProfile($ID, 0);
$this->oVotingView = new BxTemplVotingView('profile', (int) $ID);
$this->oCmtsView = new BxDolCmtsProfile('profile', (int) $ID);
//$this->ID = $this->_iProfileID;
$this->oTemplConfig = new BxTemplConfig($site);
//$this->sColumnsOrder = getParam( 'profile_view_cols' );
//INSERT INTO `sys_options` VALUES('profile_view_cols', 'thin,thick', 0, 'Profile view columns order', 'digit', '', '', NULL, '');
if ($this->_iProfileID) {
$this->getProfileData();
if ($this->_aProfile) {
if (isMember()) {
$iMemberId = getLoggedId();
if ($iMemberId == $this->_iProfileID) {
$this->owner = true;
if ($_REQUEST['editable']) {
$this->bPFEditable = true;
$iPFArea = 2;
// Edit Owner
} else {
$iPFArea = isAdmin() ? 5 : 6;
}
// View Owner
} else {
$iPFArea = isAdmin() ? 5 : 6;
}
} elseif (isModerator()) {
$iPFArea = 7;
} else {
$iPFArea = 8;
}
$this->oPF = new BxDolProfileFields($iPFArea);
if (!$this->oPF->aBlocks) {
return false;
}
$this->aPFBlocks = $this->oPF->aBlocks;
if ($this->bCouple) {
$this->aCoupleMutualItems = $this->oPF->getCoupleMutualFields();
}
$this->iFriendsPerPage = (int) getParam('friends_per_page');
$this->FindMutualFriends($iMemberId, $_GET['page'], $_GET['per_page']);
} else {
return false;
}
} else {
return false;
}
}
function pendingApprovalUsers($option) {
global $_CB_framework, $_CB_database, $ueConfig;
$isModerator = isModerator( $_CB_framework->myId() );
if($ueConfig['allowModUserApproval']==0) {
echo _UE_FUNCTIONALITY_DISABLED;
exit();
}
if (!$isModerator){
cbNotAuth();
return;
}
$_CB_database->setQuery( "SELECT u.id, u.name, u.username, u.email, u.registerDate "
."\n FROM #__users u, #__comprofiler c "
."\n WHERE u.id=c.id AND c.approved=0 AND c.confirmed=1" );
$rows = $_CB_database->loadObjectList();
HTML_comprofiler::pendingApprovalUsers($option, $rows);
}
function isAdmin($iId = 0)
{
if (isAdmin($iId)) {
return true;
} else {
return isModerator($iId);
}
}
/**
* Generates the HTML to display the user profile tab
* @param moscomprofilerTab $tab the tab database entry
* @param moscomprofilerUser $user the user being displayed
* @param int $ui 1 for front-end, 2 for back-end
* @return mixed either string HTML for tab content, or false if ErrorMSG generated
*/
function getDisplayTab($tab,$user,$ui) {
global $_CB_framework, $_PLUGINS, $_CB_OneTwoRowsStyleToggle;
$params=$this->params;
if ( ! $this->menuList ) { // in case status is called before onBeforeUserProfileDisplay
$this->prepareStatus( $user, $ui, isModerator( $user->id ), isModerator( $_CB_framework->myId() ) );
}
// add plugins' status:
$pm = $_PLUGINS->getMenus();
for ($i=0, $pmc=count($pm); $i<$pmc; $i++) {
if($pm[$i]['position'] == "menuList") {
$this->menuList->addObjectItem( $pm[$i]['arrayPos'], $pm[$i]['caption'],
isset($pm[$i]['url']) ?$pm[$i]['url'] :"",
isset($pm[$i]['target'])?$pm[$i]['target'] :"",
isset($pm[$i]['img']) ?$pm[$i]['img'] :null,
isset($pm[$i]['alt']) ?$pm[$i]['alt'] :null,
isset($pm[$i]['tooltip'])?$pm[$i]['tooltip']:null,
isset($pm[$i]['keystroke'])?$pm[$i]['keystroke']:null );
}
}
// display User Status window:
// display Menu:
switch ($params->get('statusFormat', 'menuList')) {
case "no":
$return = "";
$return .= $this->_writeTabDescription( $tab, $user, 'cbUserStatusDescription' );
break;
case "menuBar":
$idCounter = 1;
$return = $this->menuList->displayMenu($idCounter);
$return .= $this->_writeTabDescription( $tab, $user, 'cbUserStatusDescription' );
break;
case "menuUL":
$return = "";
$return .= $this->_writeTabDescription( $tab, $user, 'cbUserStatusDescription' );
$idCounter = $_CB_OneTwoRowsStyleToggle;
$tableContent = $this->menuList->displayMenu($idCounter);
if ( $tableContent != '' ) {
$_CB_OneTwoRowsStyleToggle = ($idCounter&1 ? 2 : 1);
$return .= '<div class="cbStatusList">' . $tableContent . '</div>';
}
break;
case "menuList":
case "menuDivs":
default:
$return = "";
$return .= $this->_writeTabDescription( $tab, $user, 'cbUserStatusDescription' );
$idCounter = $_CB_OneTwoRowsStyleToggle;
$tableContent = $this->menuList->displayMenu($idCounter);
if ( $tableContent != '' ) {
$_CB_OneTwoRowsStyleToggle = ($idCounter&1 ? 2 : 1);
$return .= '<table class="cbStatusList">' . $tableContent . '</table>';
}
break;
}
return $return;
}
function isAdmin()
{
return isAdmin($this->_iVisitorID) || isModerator($this->_iVisitorID);
}
$showConnectionRequests = (int) $params->get('show_connections', 1);
if ($params->get('pretext')) {
$preText = $cbUser->replaceUserVars($params->get('pretext'));
} else {
$preText = null;
}
if ($params->get('posttext')) {
$postText = $cbUser->replaceUserVars($params->get('posttext'));
} else {
$postText = null;
}
$bannedStatus = (int) $user->get('banned');
if ($showBanned && !$bannedStatus) {
$showBanned = 0;
}
if (isModerator((int) $user->get('id'))) {
if ($showImageApproval) {
$query = 'SELECT ' . $_CB_database->NameQuote('name') . "\n FROM " . $_CB_database->NameQuote('#__comprofiler_fields') . "\n WHERE " . $_CB_database->NameQuote('type') . " = " . $_CB_database->Quote('image');
$_CB_database->setQuery($query);
$imageFields = $_CB_database->loadResultArray();
$imgApprovSelect = array();
$imgApprovWhere = array();
if ($imageFields) {
foreach ($imageFields as $imageField) {
$imgApprovSelect[] = $_CB_database->NameQuote($imageField . 'approved');
$imgApprovWhere[] = "( " . $_CB_database->NameQuote($imageField) . " != '' AND " . $_CB_database->NameQuote($imageField) . " IS NOT NULL AND " . $_CB_database->NameQuote($imageField . 'approved') . " = 0 )";
}
}
$query = 'SELECT ' . implode(', ', $imgApprovSelect) . "\n FROM " . $_CB_database->NameQuote('#__comprofiler') . "\n WHERE ( " . implode(' OR ', $imgApprovWhere) . " )" . "\n AND " . $_CB_database->NameQuote('approved') . " = 1" . "\n AND " . $_CB_database->NameQuote('confirmed') . " = 1" . "\n AND " . $_CB_database->NameQuote('banned') . " = 0";
$_CB_database->setQuery($query);
$imageApprovalResults = $_CB_database->loadAssocList();