/** * page code function */ function PageCompPageMainCode($iLoggedID) { $member['ID'] = (int) $iLoggedID; $p_arr = getProfileInfo($member['ID']); if ($_POST['CHANGE_STATUS']) { $sStatus = ""; switch ($_POST['CHANGE_STATUS']) { case 'SUSPEND': if ($p_arr['Status'] == 'Active') { $sStatus = "Suspended"; } break; case 'ACTIVATE': if ($p_arr['Status'] == 'Suspended') { $sStatus = "Active"; } break; } if (mb_strlen($sStatus) > 0) { db_res("UPDATE `Profiles` SET `Status` = '{$sStatus}' WHERE `ID` = {$member['ID']}"); } createUserDataFile($p_arr['ID']); reparseObjTags('profile', $member['ID']); $p_arr = getProfileInfo($member['ID']); } $aData = array('profile_status_caption' => _t("_Profile status"), 'status' => $p_arr['Status'], 'status_lang_key' => _t('__' . $p_arr['Status'])); $aForm = array('form_attrs' => array('action' => BX_DOL_URL_ROOT . 'change_status.php', 'method' => 'post', 'name' => 'form_change_status'), 'inputs' => array('status' => array('type' => 'hidden', 'name' => 'CHANGE_STATUS', 'value' => ''), 'subscribe' => array('type' => 'submit', 'name' => 'subscribe', 'value' => ''))); switch ($p_arr['Status']) { case 'Active': $aForm['inputs']['status']['value'] = 'SUSPEND'; $aForm['inputs']['subscribe']['value'] = _t('_Suspend account'); $oForm = new BxTemplFormView($aForm); $aData['form'] = $oForm->getCode(); $aData['message'] = _t("_PROFILE_CAN_SUSPEND"); break; case 'Suspended': $aForm['inputs']['status']['value'] = 'ACTIVATE'; $aForm['inputs']['subscribe']['value'] = _t('_Activate account'); $oForm = new BxTemplFormView($aForm); $aData['form'] = $oForm->getCode(); $aData['message'] = _t("_PROFILE_CAN_ACTIVATE"); break; default: $aData['message'] = _t("_PROFILE_CANT_ACTIVATE/SUSPEND"); $aData['form'] = ''; break; } return $GLOBALS['oSysTemplate']->parseHtmlByName('change_status.html', $aData); }
function uploadFile($sFile, $sDesc, $sTags, $iUser) { global $dir; if ($_FILES['uploadFile']['error'] != 0) { $sCode = '<div class="uploadStatus">' . _t("_File upload error") . '</div>'; } else { $aFileInfo = getimagesize($_FILES['uploadFile']['tmp_name']); if (!$aFileInfo) { $sCode = '<div class="uploadStatus">' . _t("_You uploaded not image file") . '</div>'; } else { $ext = false; switch ($aFileInfo['mime']) { case 'image/jpeg': $ext = 'jpg'; break; case 'image/gif': $ext = 'gif'; break; case 'image/png': $ext = 'png'; break; default: $ext = false; } if (!$ext) { $sCode = '<div class="uploadStatus">' . _t("_You uploaded not JPEG, GIF or PNG file") . '</div>'; } else { $sCode = '<div class="uploadStatus">' . _t("_Upload successful") . '</div>'; $sActive = getParam("enable_shPhotoActivation") == 'on' ? 'true' : 'false'; $sQuery = "INSERT INTO `sharePhotoFiles` (`medProfId`,`medTitle`,`medExt`,`medDesc`,`medTags`,`medDate`,`Approved`) VALUES('{$iUser}','{$sFile}','{$ext}','{$sDesc}','{$sTags}',NOW(),'{$sActive}')"; db_res($sQuery); $iNew = mysql_insert_id(); reparseObjTags('photo', $iNew); $sNewFileName = $dir['sharingImages'] . $iNew . '.' . $ext; $sNewMainName = $dir['sharingImages'] . $iNew . '_m.' . $ext; $sNewThumbName = $dir['sharingImages'] . $iNew . '_t.' . $ext; if (!move_uploaded_file($_FILES['uploadFile']['tmp_name'], $sNewFileName)) { $sCode = '<div class="uploadStatus">' . _t("_Couldn\\'t move file") . '</div>'; } else { chmod($sNewFileName, 0644); $iWidth = (int) getParam("max_photo_width"); $iHeight = (int) getParam("max_photo_height"); $iThumbW = (int) getParam("max_thumb_width"); $iThumbH = (int) getParam("max_thumb_height"); if (imageResize($sNewFileName, $sNewMainName, $iWidth, $iHeight) != IMAGE_ERROR_SUCCESS) { $sCode = '<div class="uploadStatus">' . _t("_Upload failed") . '</div>'; } else { imageResize($sNewMainName, $sNewThumbName, $iThumbW, $iThumbH); header("Location:viewPhoto.php?fileID=" . $iNew); exit; } } } } } return $sCode; }
/** * SQL Updating fields of Advertisement * * @param $iEditAdvertisementID ID`s of editing Advertisement * @return Text presentation of data */ function ActionUpdateAdvertisementID($iEditAdvertisementID) { $sCheckPostSQL = "SELECT `IDProfile`\r\n\t\t\t\t\t\t\tFROM `ClassifiedsAdvertisements`\r\n\t\t\t\t\t\t\tWHERE `ID`={$iEditAdvertisementID}\r\n\t\t\t\t\t\t"; $aAdvOwner = db_arr($sCheckPostSQL); $iAdvOwner = $aAdvOwner['IDProfile']; $iVisitorID = (int) $_COOKIE['memberID']; if (($iVisitorID == $iAdvOwner || $this->bAdminMode) && $iEditAdvertisementID > 0) { if ($this->bAdminMode == FALSE) { $sRestrictRes = $this->RestrictAction($iVisitorID); if ($sRestrictRes != '') { return $sRestrictRes; } //if ($this->RestrictAction($iVisitorID)) return; } require_once BX_DIRECTORY_PATH_INC . 'tags.inc.php'; $sSuccUpd = _t("_SUCC_UPD_ADV"); $sFailUpd = _t("_FAIL_UPD_ADV"); $sCategoryID = process_db_input($_POST['Classified']); $sSubCategoryID = process_db_input($_POST['SubClassified']); $sCustomFieldValue1 = (int) $_POST['CustomFieldValue1']; $sCustomFieldValue2 = (int) $_POST['CustomFieldValue2']; $sTags = process_db_input($_POST['Tags']); $aTags = explodeTags($sTags); $sTags = implode(",", $aTags); $sSubject = $this->process_html_db_input($_POST['subject']); $sMessage = $this->process_html_db_input($_POST['message']); $changeCat = ($sCategoryID > 0 and $sSubCategoryID > 0) ? "`IDClassifiedsSubs`='{$sSubCategoryID}', " : ''; //1. get a new files and return string-array $sNewMedias = $this->parseUploadedFiles($iAdvOwner); //2. get current media datas from cls $aAdvData = $this->GetAdvertisementData($iEditAdvertisementID); $sMediaIDs = $aAdvData['Media']; //3. merge both $aOldChunks = preg_split("/[,]+/", $sMediaIDs, -1, PREG_SPLIT_NO_EMPTY); $aNewChunks = preg_split("/[,]+/", $sNewMedias, -1, PREG_SPLIT_NO_EMPTY); $aResultChunks = array_merge($aNewChunks, $aOldChunks); $sResultChunks = implode(",", $aResultChunks); $sPicsAddSQL = count($aNewChunks) > 0 ? "`Media` = '{$sResultChunks}'," : ''; //$sNewUri = uriGenerate($sSubject, 'ClassifiedsAdvertisements', 'EntryUri', 50); //4. update result $sQuery = "\r\n\t\t\t\tUPDATE `ClassifiedsAdvertisements` SET\r\n\t\t\t\t{$changeCat}\r\n\t\t\t\t`Subject`='{$sSubject}',\r\n\t\t\t\t`Message`='{$sMessage}',\r\n\t\t\t\t`CustomFieldValue1`={$sCustomFieldValue1},\r\n\t\t\t\t`CustomFieldValue2`={$sCustomFieldValue2},\r\n\t\t\t\t{$sPicsAddSQL}\r\n\t\t\t\t`Tags`='{$sTags}'\r\n\t\t\t\tWHERE `ID`={$iEditAdvertisementID}\r\n\t\t\t"; $vSqlRes = db_res($sQuery); $sRet = mysql_affected_rows() > 0 ? _t($sSuccUpd) : _t($sFailUpd); reparseObjTags('ad', $iEditAdvertisementID); $this->UseDefaultCF(); return MsgBox($sRet) . $this->ActionPrintAdvertisement($iEditAdvertisementID); } elseif ($iVisitorID != $iAdvOwner) { return MsgBox(_t('_Hacker String')); } else { return MsgBox(_t('_Error Occured')); } }
function video_parseTags($iId) { reparseObjTags('video', $iId); }
/** * Adding a New Post SQL * * @param $iLastID - returning Last Inserted ID (SQL) (just try) * @return HTML presentation of data */ function ActionAddNewPost(&$iLastID) { global $dir; $this->CheckLogged(); $iCategoryID = process_db_input((int) $_POST['categoryID']); $sCheckPostSQL = "SELECT `OwnerID`\n\t\t\t\t\t\t\tFROM `BlogCategories`\n\t\t\t\t\t\t\tWHERE `CategoryID`={$iCategoryID}\n\t\t\t\t\t\t"; $aCategoryOwner = db_arr($sCheckPostSQL); $iCategoryOwnerID = $aCategoryOwner['OwnerID']; if ($this->aBlogConf['visitorID'] == $iCategoryOwnerID && $iCategoryID > 0) { $sPostCaption = process_db_input($_POST['caption']); $sPostUri = uriGenerate($sPostCaption, 'BlogPosts', 'PostUri'); $sPostText = process_db_input($_POST['blogText']); $commentPerm = process_db_input($_POST['commentPerm']); $readPerm = process_db_input($_POST['readPerm']); $sTagsPerm = process_db_input($_POST['tags']); $aTags = explodeTags($sTagsPerm); $sTagsPerm = implode(",", $aTags); $queryActionAdd = " INSERT INTO "; $sAutoApprovalVal = getParam('blogAutoApproval') == 'on' ? "approval" : "disapproval"; $addQuery = "\n\t\t\t\t{$queryActionAdd} `BlogPosts`\n\t\t\t\tSET\n\t\t\t\t\t`CategoryID` = '{$iCategoryID}',\n\t\t\t\t\t`PostCaption` = '{$sPostCaption}',\n\t\t\t\t\t`PostUri` = '{$sPostUri}',\n\t\t\t\t\t`PostText` = '{$sPostText}',\n\t\t\t\t\t`PostReadPermission` = '{$readPerm}',\n\t\t\t\t\t`PostCommentPermission` = '{$commentPerm}',\n\t\t\t\t\t`PostStatus` = '{$sAutoApprovalVal}',\n\t\t\t\t\t`Tags` = '{$sTagsPerm}',\n\t\t\t\t\t`PostDate` = NOW()\n\t\t\t"; $sRet = _t('_failed_to_add_post'); if (db_res($addQuery)) { $iLastId = mysql_insert_id(); $this->iLastPostedPostID = $iLastId; if (0 < $_FILES['BlogPic']['size'] && 0 < strlen($_FILES['BlogPic']['name']) && 0 < $iLastId) { $sFileName = 'blog_' . $iLastId; $sExt = moveUploadedImage($_FILES, 'BlogPic', $dir['blogImage'] . $sFileName, '', false); if (strlen($sExt) && !(int) $sExt) { imageResize($dir['blogImage'] . $sFileName . $sExt, $dir['blogImage'] . 'small_' . $sFileName . $sExt, $this->iIconSize / 2, $this->iIconSize / 2); imageResize($dir['blogImage'] . $sFileName . $sExt, $dir['blogImage'] . 'big_' . $sFileName . $sExt, $this->iThumbSize, $this->iThumbSize); chmod($dir['blogImage'] . 'small_' . $sFileName . $sExt, 0644); chmod($dir['blogImage'] . 'big_' . $sFileName . $sExt, 0644); $query = "UPDATE `BlogPosts` SET `PostPhoto` = '" . $sFileName . $sExt . "' WHERE `PostID` = '{$iLastId}'"; db_res($query); @unlink($dir['blogImage'] . $sFileName . $sExt); } } if ($iLastId > 0) { $sRet = _t('_post_successfully_added'); reparseObjTags('blog', $iLastId); } } return MsgBox($sRet); } elseif ($this->aBlogConf['visitorID'] != $iCategoryOwnerID) { return MsgBox(_t('_Hacker String')); } else { return MsgBox(_t('_Error Occured')); } }
/** * page code function */ function PageCompPageMainCode() { global $ID; global $ConfCode; global $site; global $newusernotify; global $dir; $autoApproval_ifJoin = isAutoApproval('join'); $p_arr = getProfileInfo($ID); if (!$p_arr) { $_page['header'] = _t("_Error"); $_page['header_text'] = _t("_Profile Not found"); $ret = "<table width=\"100%\" cellpadding=4 cellspacing=4><td align=center class=text2>"; $ret .= _t('_Profile Not found Ex'); $ret .= "</td></table>"; return $ret; } ob_start(); echo "<table width=\"100%\" cellpadding=4 cellspacing=4><td align=center class=text2>"; if ($p_arr['Status'] == 'Unconfirmed') { $ConfCodeReal = base64_encode(base64_encode(crypt($p_arr[Email], "secret_confirmation_string"))); if (strcmp($ConfCode, $ConfCodeReal) != 0) { ?> <b><?php echo _t("_Profile activation failed"); ?> </b><br /><br /> <?php echo _t("_EMAIL_CONF_FAILED_EX"); ?> <br /> <center><form action="<?php echo $_SERVER[PHP_SELF]; ?> " method=get> <input type=hidden name="ConfID" value="<?php echo $ID; ?> "> <table class=text> <td><b><?php echo _t("_Confirmation code"); ?> :</b> </td> <td><input class=no name="ConfCode"></td> <td> </td> <td><input class=no type="submit" value=" <?php echo _t("_Submit"); ?> "></td> </table> </form></center> <?php } else { if ($autoApproval_ifJoin) { $status = 'Active'; $message = getParam("t_Activation"); $subject = getParam('t_Activation_subject'); sendMail($p_arr['Email'], $subject, $message, $p_arr['ID']); } else { $status = 'Approval'; } $update = db_res("UPDATE `Profiles` SET `Status` = '{$status}' WHERE `ID` = '{$ID}';"); createUserDataFile($ID); reparseObjTags('profile', $ID); // Promotional membership if (getParam('enable_promotion_membership') == 'on') { $memership_days = getParam('promotion_membership_days'); setMembership($p_arr['ID'], MEMBERSHIP_ID_PROMOTION, $memership_days, true); } echo _t("_EMAIL_CONF_SUCCEEDED", $site['title']); ?> <br /><br /> <center><a href="member.php"><b><?php echo _t("_Continue"); ?> >></b></a></center> <?php if ($newusernotify) { $message = "New user {$p_arr['NickName']} with email {$p_arr['Email']} has been confirmed,\nhis/her ID is {$p_arr['ID']}.\n--\n{$site['title']} mail delivery system\n<Auto-generated e-mail, please, do not reply>\n"; $subject = "New user confirmed"; sendMail($site['email_notify'], $subject, $message); } } } else { echo _t('_ALREADY_ACTIVATED'); } echo "</td></table>"; $ret = ob_get_contents(); ob_end_clean(); return $ret; }
function registerMember() { $bEnAff = getParam('en_aff') == 'on'; $oPC = new BxDolProfilesController(); //convert to profile $aProfile = $this->oPF->getProfileFromValues($this->aValues[0]); //create it list($iMemID, $sStatus) = $oPC->createProfile($aProfile); if (!$iMemID) { return array(false, 'Fail'); } if ($this->bCouple) { //convert $aProfile = $this->oPF->getProfileFromValues($this->aValues[1]); //create list($iMem1ID, $sStatus1) = $oPC->createProfile($aProfile, false, $iMemID); if (!$iMem1ID) { $oPC->deleteProfile($iMemID); return array(false, 'Fail'); } } //send new user notification if (getParam('newusernotify') == 'on') { $oPC->sendNewUserNotify($iMemID); } // Affiliate and friend checking if ($bEnAff && $_COOKIE['idAff']) { $vRes = db_res("SELECT `ID` FROM `aff` WHERE `ID` = {$_COOKIE['idAff']} AND `Status` = 'active'"); if (mysql_num_rows($vRes)) { $vRes = db_res("INSERT INTO `aff_members` (`idAff`,`idProfile`) VALUES ('{$_COOKIE['idAff']}', '{$iMemID}')"); } } if ($bEnAff && $_COOKIE['idFriend']) { $iFriendID = getID($_COOKIE['idFriend']); if ($iFriendID) { $vRes = db_res("UPDATE `Profiles` SET `aff_num` = `aff_num` + 1 WHERE `ID` = '{$iFriendID}'"); createUserDataFile($iFriendID); } } reparseObjTags('profile', $iMemID); return array($iMemID, $sStatus); }
function deleteMedia($iFile, $logged = array()) { $iFile = (int) $iFile; $sqlQuery = "SELECT `{$this->aTableFields['medProfId']}`"; $sqlQuery .= isset($this->aTableFields['medExt']) ? ", `{$this->aTableFields['medExt']}`" : ""; $sqlQuery .= "FROM `{$this->sMainTable}` WHERE `{$this->aTableFields['medID']}`={$iFile}"; $aFile = db_arr($sqlQuery); if (!$aFile) { return false; } if ($logged['admin']) { } elseif ($logged['member']) { $iMemberID = (int) $_COOKIE['memberID']; if ($aFile[$this->aTableFields['medProfId']] != $iMemberID) { return false; } } else { return false; } switch ($this->sType) { case 'photo': $aFName[] = $iFile . '.' . $aFile['medExt']; $aFName[] = $iFile . '_t.' . $aFile['medExt']; $aFName[] = $iFile . '_m.' . $aFile['medExt']; $sCmtsName = 'sharedPhoto'; break; case 'music': $aFName[] = $iFile . '.mp3'; $sCmtsName = 'sharedMusic'; break; case 'video': $aFName[] = $iFile . '.flv'; $aFName[] = $iFile . '.mpg'; $aFName[] = $iFile . '.jpg'; $aFName[] = $iFile . '_small.jpg'; $sCmtsName = 'sharedVideo'; break; } foreach ($aFName as $sVal) { $sFilePath = $this->sFilesPath . $sVal; @unlink($sFilePath); } db_res("DELETE FROM `{$this->sMainTable}` WHERE `{$this->aTableFields['medID']}`={$iFile}"); reparseObjTags($this->sType, $iFile); $oVoting = new BxDolVoting('g' . $this->sType, 0, 0); $oVoting->deleteVotings($iFile); $oCmts = new BxDolCmts($sCmtsName, $iFile); $oCmts->onObjectDelete(); header('Location:' . $_SERVER["HTTP_REFERER"]); }
function mp3_parseTags($iId) { reparseObjTags('music', $iId); }
/** * function for New/Edit event * @return Text Result */ function SDAddEvent($iEventID = -1) { //for update event //print $iEventID; global $dir; global $logged; global $site; if (!$logged['member'] && !$logged['admin']) { member_auth(0); } // collect information about current member $aMember['ID'] = (int) $_COOKIE['memberID']; $aMemberData = getProfileInfo($aMember['ID']); // common $sEventTitle = process_db_input($_POST['event_title']); $sEventDesc = $this->process_html_db_input($_POST['event_desc']); $sEventStatusMessage = process_db_input($_POST['event_statusmsg']); // event place $sEventCountry = process_db_input($_POST['event_country']); $sEventCity = process_db_input($_POST['event_city']); $EventPlace = process_db_input($_POST['event_place']); $sTags = process_db_input($_POST['event_tags']); $aTags = explodeTags($sTags); $sTags = implode(",", $aTags); $sPictureName = $sBaseName; $aScan = getimagesize($_FILES['event_photo']['tmp_name']); if (in_array($aScan[2], array(1, 2, 3, 6)) && 0 < strlen($_FILES['event_photo']['name'])) { $sCurrentTime = time(); if ($iEventID == -1) { $sBaseName = 'g_' . $sCurrentTime . '_1'; } else { $sBaseName = db_value("SELECT `PhotoFilename` FROM `SDatingEvents` WHERE `ID`={$iEventID} LIMIT 1"); if ($sBaseName != "") { if (ereg("([a-z0-9_]+)\\.", $sBaseName, $aRegs)) { $sBaseName = $aRegs[1]; } } else { $sBaseName = $sBaseName != "" ? $sBaseName : 'g_' . $sCurrentTime . '_1'; } } $sExt = moveUploadedImage($_FILES, 'event_photo', $dir['tmp'] . $sBaseName, '', false); $sBaseName .= $sExt; $sPictureName = $sBaseName; $sThumbName = 'thumb_' . $sBaseName; $sIconName = 'icon_' . $sBaseName; // resize for thumbnail $vRes = imageResize($dir['tmp'] . $sBaseName, $dir['sdatingImage'] . $sThumbName, $this->iThumbSize, $this->iThumbSize); if ($vRes != IMAGE_ERROR_SUCCESS) { return SDATING_ERROR_PHOTO_PROCESS; } $vRes = imageResize($dir['tmp'] . $sBaseName, $dir['sdatingImage'] . $sPictureName, $this->iImgSize, $this->iImgSize); if ($vRes != IMAGE_ERROR_SUCCESS) { return SDATING_ERROR_PHOTO_PROCESS; } $vRes = imageResize($dir['tmp'] . $sBaseName, $dir['sdatingImage'] . $sIconName, $this->iIconSize, $this->iIconSize); if ($vRes != IMAGE_ERROR_SUCCESS) { return SDATING_ERROR_PHOTO_PROCESS; } unlink($dir['tmp'] . $sBaseName); chmod($dir['sdatingImage'] . $sPictureName, 0644); chmod($dir['sdatingImage'] . $sThumbName, 0644); chmod($dir['sdatingImage'] . $sIconName, 0644); $sEventPhotoFilename = process_db_input($sPictureName); } else { $sEventPhotoFilename = ''; } $sPictureSQL = ''; if ($iEventID > 0 && $sEventPhotoFilename != '') { $sPictureSQL = "`PhotoFilename` = '{$sEventPhotoFilename}',"; } // event date $sEventStart = strtotime($_REQUEST['event_start']); if ($sEventStart == -1) { return SDATING_ERROR_WRONG_DATE_FORMAT; } if ($this->bAdminMode) { $sEventEnd = strtotime($_POST['event_end']); //if ( $sEventEnd == -1 ) // return SDATING_ERROR_WRONG_DATE_FORMAT; $sEventSaleStart = strtotime($_POST['event_sale_start']); //if ( $sEventSaleStart == -1 ) // return SDATING_ERROR_WRONG_DATE_FORMAT; $sEventSaleEnd = strtotime($_POST['event_sale_end']); //if ( $sEventSaleEnd == -1 ) // return SDATING_ERROR_WRONG_DATE_FORMAT; //if ( $sEventEnd < $sEventStart || $sEventSaleEnd < $sEventSaleStart || $sEventStart < $sEventSaleStart ) // return SDATING_ERROR_WRONG_DATE_FORMAT; $sEventEndVal = "FROM_UNIXTIME( {$sEventEnd} )"; $sEventSaleStartVal = "FROM_UNIXTIME( {$sEventSaleStart} )"; $sEventSaleEndVal = "FROM_UNIXTIME( {$sEventSaleEnd} )"; } else { $sEventEndVal = 'NOW()'; $sEventSaleStartVal = 'NOW()'; $sEventSaleEndVal = 'NOW()'; } // event responsible $sEventRespId = $this->bAdminMode ? 0 : process_db_input($aMemberData['ID'], 0, 1); $sEventRespName = $this->bAdminMode ? _t('Admin') : process_db_input($aMemberData['NickName'], 0, 1); $sEventRespEmail = $this->bAdminMode ? $site['email'] : process_db_input($aMemberData['Email'], 0, 1); $sEventRespPhone = $this->bAdminMode ? '666' : process_db_input($aMemberData['Phone'], 0, 1); $iEventAgeLowerFilter = (int) getParam('search_start_age'); $iEventAgeUpperFilter = (int) getParam('search_end_age'); $sEventMembershipFilter = "\\'all\\'"; $iEventCountF = (int) $_POST['event_count_female']; $iEventCountM = (int) $_POST['event_count_male']; $dEventPriceF = '0.00'; $dEventPriceM = '0.00'; $dEventPriceC = '0.00'; // choose options $iEventChoosePeriod = 5; // allow to view participants $iEventAllowView = '1'; if ($iEventID == -1) { $sNewUri = uriGenerate($sEventTitle, 'SDatingEvents', 'EntryUri', 100); //Commented elements /*`EventEnd` = FROM_UNIXTIME( {$sEventEnd} ),*/ /*`TicketSaleStart` = FROM_UNIXTIME( {$sEventSaleStart} ),*/ /*`TicketSaleEnd` = FROM_UNIXTIME( {$sEventSaleEnd} ),*/ $vRes = db_res("INSERT INTO `SDatingEvents` SET\r\n\t\t\t\t\t\t`Title` = '{$sEventTitle}',\r\n\t\t\t\t\t\t`EntryUri` = '{$sNewUri}',\r\n\t\t\t\t\t\t`Description` = '{$sEventDesc}',\r\n\t\t\t\t\t\t`Status` = 'Active',\r\n\t\t\t\t\t\t`StatusMessage` = '{$sEventStatusMessage}',\r\n\t\t\t\t\t\t`Country` = '{$sEventCountry}',\r\n\t\t\t\t\t\t`City` = '{$sEventCity}',\r\n\t\t\t\t\t\t`Place` = '{$EventPlace}',\r\n\t\t\t\t\t\t`PhotoFilename` = '{$sEventPhotoFilename}',\r\n\t\t\t\t\t\t`EventStart` = FROM_UNIXTIME( {$sEventStart} ),\r\n\t\t\t\t\t\t`EventEnd` = {$sEventEndVal},\r\n\t\t\t\t\t\t`TicketSaleStart` = {$sEventSaleStartVal},\r\n\t\t\t\t\t\t`TicketSaleEnd` = {$sEventSaleEndVal},\r\n\t\t\t\t\t\t`ResponsibleID` = '{$sEventRespId}',\r\n\t\t\t\t\t\t`ResponsibleName` = '{$sEventRespName}',\r\n\t\t\t\t\t\t`ResponsibleEmail` = '{$sEventRespEmail}',\r\n\t\t\t\t\t\t`ResponsiblePhone` = '{$sEventRespPhone}',\r\n\t\t\t\t\t\t`EventSexFilter` = 'female,male',\r\n\t\t\t\t\t\t`EventAgeLowerFilter` = {$iEventAgeLowerFilter},\r\n\t\t\t\t\t\t`EventAgeUpperFilter` = {$iEventAgeUpperFilter},\r\n\t\t\t\t\t\t`EventMembershipFilter` = '{$sEventMembershipFilter}',\r\n\t\t\t\t\t\t`TicketCountFemale` = {$iEventCountF},\r\n\t\t\t\t\t\t`TicketCountMale` = {$iEventCountM},\r\n\t\t\t\t\t\t`TicketPriceFemale` = {$dEventPriceF},\r\n\t\t\t\t\t\t`TicketPriceMale` = {$dEventPriceM},\r\n\t\t\t\t\t\t`ChoosePeriod` = {$iEventChoosePeriod},\r\n\t\t\t\t\t\t`AllowViewParticipants` = {$iEventAllowView},\r\n\t\t\t\t\t\t`Tags` = '{$sTags}'\r\n\t\t\t\t\t\t"); $iLastID = mysql_insert_id(); if ($iLastID > 0) { $this->iLastInsertedID = $iLastID; reparseObjTags('event', $iLastID); } } else { //$sNewUri = uriGenerate($sEventTitle, 'SDatingEvents', 'EntryUri', 100); //Commented elements /*`EventEnd` = FROM_UNIXTIME( {$sEventEnd} ),*/ /*`TicketSaleStart` = FROM_UNIXTIME( {$sEventSaleStart} ),*/ /*`TicketSaleEnd` = FROM_UNIXTIME( {$sEventSaleEnd} ),*/ $vRes = db_res("UPDATE `SDatingEvents` SET\r\n\t\t\t\t\t\t`Title` = '{$sEventTitle}',\r\n\t\t\t\t\t\t`Description` = '{$sEventDesc}',\r\n\t\t\t\t\t\t`Status` = 'Active',\r\n\t\t\t\t\t\t`StatusMessage` = '{$sEventStatusMessage}',\r\n\t\t\t\t\t\t`Country` = '{$sEventCountry}',\r\n\t\t\t\t\t\t`City` = '{$sEventCity}',\r\n\t\t\t\t\t\t`Place` = '{$EventPlace}',\r\n\t\t\t\t\t\t{$sPictureSQL}\r\n\t\t\t\t\t\t`EventStart` = FROM_UNIXTIME( {$sEventStart} ),\r\n\t\t\t\t\t\t`EventEnd` = {$sEventEndVal},\r\n\t\t\t\t\t\t`TicketSaleStart` = {$sEventSaleStartVal},\r\n\t\t\t\t\t\t`TicketSaleEnd` = {$sEventSaleEndVal},\r\n\t\t\t\t\t\t`ResponsibleID` = '{$sEventRespId}',\r\n\t\t\t\t\t\t`ResponsibleName` = '{$sEventRespName}',\r\n\t\t\t\t\t\t`ResponsibleEmail` = '{$sEventRespEmail}',\r\n\t\t\t\t\t\t`ResponsiblePhone` = '{$sEventRespPhone}',\r\n\t\t\t\t\t\t`EventSexFilter` = 'female,male',\r\n\t\t\t\t\t\t`EventAgeLowerFilter` = {$iEventAgeLowerFilter},\r\n\t\t\t\t\t\t`EventAgeUpperFilter` = {$iEventAgeUpperFilter},\r\n\t\t\t\t\t\t`EventMembershipFilter` = '{$sEventMembershipFilter}',\r\n\t\t\t\t\t\t`TicketCountFemale` = {$iEventCountF},\r\n\t\t\t\t\t\t`TicketCountMale` = {$iEventCountM},\r\n\t\t\t\t\t\t`TicketPriceFemale` = {$dEventPriceF},\r\n\t\t\t\t\t\t`TicketPriceMale` = {$dEventPriceM},\r\n\t\t\t\t\t\t`ChoosePeriod` = {$iEventChoosePeriod},\r\n\t\t\t\t\t\t`AllowViewParticipants` = {$iEventAllowView},\r\n\t\t\t\t\t\t`Tags` = '{$sTags}'\r\n\t\t\t\t\t\tWHERE `ID` = {$iEventID}\r\n\t\t\t\t\t\t"); reparseObjTags('event', $iEventID); } return SDATING_ERROR_SUCCESS; }
function deleteMedia($iFile, $sType, $sExt = '') { global $dir; global $logged; $sType = $sType == 'Video' ? 'Movie' : $sType; // delete voting require_once BX_DIRECTORY_PATH_CLASSES . 'BxDolVoting.php'; if ($logged['admin']) { } elseif ($logged['member']) { $iMemberID = (int) $_COOKIE['memberID']; if ($sType == 'Photo') { $sTableName = "`share{$sType}Files`"; $sQuery = "SELECT * FROM {$sTableName} WHERE `medID`='{$iFile}'"; } else { $sTableName = "`Ray{$sType}Files`"; $sQuery = "SELECT `ID` as `medID`,\r\n\t \t\t\t\t\t `Title` as `medTitle`,\r\n\t \t\t\t\t\t `Description` as `medDesc`,\r\n\t \t\t\t\t\t `Date` as `medDate`,\r\n\t \t\t\t\t\t `Owner` as `medProfId`\r\n\t \t\t\t FROM {$sTableName} \r\n\t \t\t\t WHERE `ID`='{$iFile}'"; } $aFile = db_arr($sQuery); if (!$aFile) { return false; } if ($aFile['medProfId'] != $iMemberID) { return false; } } else { return false; } $aFName = array(); switch ($sType) { case 'Music': $sTableName = "`Ray{$sType}Files`"; $sModPath = 'ray/modules/music/files/'; $aFName[] = $iFile . '.mp3'; $oVoting = new BxDolVoting('gmusic', 0, 0); $sTagsType = 'music'; break; case 'Photo': $sTableName = "`share{$sType}Files`"; $sModPath = 'media/images/sharingImages/'; $aFName[] = $iFile . '.' . $sExt; $aFName[] = $iFile . '_t.' . $sExt; $aFName[] = $iFile . '_m.' . $sExt; $oVoting = new BxDolVoting('gphoto', 0, 0); $sTagsType = 'photo'; break; case 'Movie': $sTableName = "`Ray{$sType}Files`"; $sModPath = 'ray/modules/movie/files/'; $aFName[] = $iFile . '.jpg'; $aFName[] = $iFile . '_small.jpg'; $aFName[] = $iFile . '.flv'; $aFName[] = $iFile . '.mpg'; $oVoting = new BxDolVoting('gvideo', 0, 0); $sTagsType = 'video'; break; } foreach ($aFName as $iK => $sVal) { $sFilePath = BX_DIRECTORY_PATH_ROOT . $sModPath . $sVal; @unlink($sFilePath); } $sCond = $sType == 'Photo' ? " `medID`='{$iFile}'" : "`ID`='{$iFile}'"; db_res("DELETE FROM {$sTableName} WHERE {$sCond}"); reparseObjTags($sTagsType, $iFile); $oVoting->deleteVotings($iFile); header('Location:' . $_SERVER["HTTP_REFERER"]); }
createUserDataFile((int) $iId); reparseObjTags('profile', (int) $iId); $aProfile = getProfileInfo($iId); $aMail = $oEmailTemplate->parseTemplate('t_Activation', array(), $iId); sendMail($aProfile['Email'], $aMail['subject'], $aMail['body'], $iId, array(), 'html', false, true); $oAlert = new BxDolAlerts('profile', 'change_status', (int) $iId, 0, array('status' => 'Active')); $oAlert->alert(); } echo "<script>window.parent." . BX_DOL_ADM_MP_JS_NAME . ".reload();</script>"; exit; } else { if (isset($_POST['adm-mp-deactivate']) && (bool) $_POST['members']) { $GLOBALS['MySQL']->query("UPDATE `Profiles` SET `Status`='Approval' WHERE `ID` IN ('" . implode("','", $_POST['members']) . "')"); foreach ($_POST['members'] as $iId) { createUserDataFile((int) $iId); reparseObjTags('profile', (int) $iId); $oAlert = new BxDolAlerts('profile', 'change_status', (int) $iId, 0, array('status' => 'Approval')); $oAlert->alert(); } echo "<script>window.parent." . BX_DOL_ADM_MP_JS_NAME . ".reload();</script>"; exit; } else { if (isset($_POST['adm-mp-ban']) && (bool) $_POST['members']) { foreach ($_POST['members'] as $iId) { $GLOBALS['MySQL']->query("REPLACE INTO `sys_admin_ban_list` SET `ProfID`='" . $iId . "', `Time`='0', `DateTime`=NOW()"); } echo "<script>window.parent." . BX_DOL_ADM_MP_JS_NAME . ".reload();</script>"; exit; } else { if (isset($_POST['adm-mp-unban']) && (bool) $_POST['members']) { $GLOBALS['MySQL']->query("DELETE FROM `sys_admin_ban_list` WHERE `ProfID` IN ('" . implode("','", $_POST['members']) . "')");
function uploadFile($sFile, $sDesc, $sTags, $iUser) { global $dir; if ($_FILES['uploadFile']['error'] != 0) { $sCode = '<div class="uploadStatus">' . _t("_File upload error") . '</div>'; } else { $aFileInfo = getimagesize($_FILES['uploadFile']['tmp_name']); if (!$aFileInfo) { $sCode = '<div class="uploadStatus">' . _t("_You uploaded not image file") . '</div>'; } else { $ext = false; switch ($aFileInfo['mime']) { case 'image/jpeg': $ext = 'jpg'; break; case 'image/gif': $ext = 'gif'; break; case 'image/png': $ext = 'png'; break; default: $ext = false; } if (!$ext) { $sCode = '<div class="uploadStatus">' . _t("_You uploaded not JPEG, GIF or PNG file") . '</div>'; } else { $sCode = '<div class="uploadStatus">' . _t("_Upload successful") . '</div>'; $sActive = getParam("enable_shPhotoActivation") == 'on' ? 'true' : 'false'; $sPhotoUri = uriGenerate($sFile, 'sharePhotoFiles', 'medUri'); $sQuery = "INSERT INTO `sharePhotoFiles` (`medProfId`,`medTitle`,`medUri`,`medExt`,`medDesc`,`medTags`,`medDate`,`Approved`) VALUES('{$iUser}','{$sFile}','{$sPhotoUri}','{$ext}','{$sDesc}','{$sTags}'," . time() . ",'{$sActive}')"; db_res($sQuery); $iNew = mysql_insert_id(); reparseObjTags('photo', $iNew); $sNewFileName = $dir['sharingImages'] . $iNew . '.' . $ext; $sNewMainName = $dir['sharingImages'] . $iNew . '_m.' . $ext; $sNewThumbName = $dir['sharingImages'] . $iNew . '_t.' . $ext; $iUpload = (int) preg_replace('/\\D/', '', ini_get('upload_max_filesize')); $iPost = (int) preg_replace('/\\D/', '', ini_get('post_max_size')); $iMin = $iUpload > $iPost ? $iPost : $iUpload; if ($_FILES['uploadFile']['size'] && $_FILES['uploadFile']['size'] > $iMin * 1024 * 1024) { $sCode = '<div class="uploadStatus">' . _t("_SIZE_TOO_BIG") . '</div>'; } else { if (!move_uploaded_file($_FILES['uploadFile']['tmp_name'], $sNewFileName)) { $sCode = '<div class="uploadStatus">' . _t("_Couldn\\'t move file") . '</div>'; } else { chmod($sNewFileName, 0644); $iWidth = (int) getParam("max_photo_width"); $iHeight = (int) getParam("max_photo_height"); $iThumbW = (int) getParam("max_thumb_width"); $iThumbH = (int) getParam("max_thumb_height"); if (imageResize($sNewFileName, $sNewMainName, $iWidth, $iHeight) != IMAGE_ERROR_SUCCESS) { $sCode = '<div class="uploadStatus">' . _t("_Upload failed") . '</div>'; } else { imageResize($sNewMainName, $sNewThumbName, $iThumbW, $iThumbH); $bPermalink = getParam('permalinks_gallery_photos') == 'on' ? true : false; $sFileLink = getFileUrl($iNew, $sPhotoUri, 'photo', $bPermalink); header("Location:" . $sFileLink); exit; } } } $sqlDelete = "DELETE FROM `sharePhotoFiles` WHERE `medID`='{$iNew}'"; db_res($sqlDelete); } } } return $sCode; }
function process() { if (!$this->iProfileID) { return _t('_Profile not specified'); } if (!$this->iArea) { return _t('_You cannot edit this profile'); } /* @var $this->oPC BxDolProfilesController */ $this->oPC = new BxDolProfilesController(); //get profile info array $this->aProfiles[0] = $this->oPC->getProfileInfo($this->iProfileID); if (!$this->aProfiles[0]) { return _t('_Profile not found'); } if ($this->aProfiles[0]['Couple']) { // load couple profile $this->aProfiles[1] = $this->oPC->getProfileInfo($this->aProfiles[0]['Couple']); if (!$this->aProfiles[1]) { return _t('_Couple profile not found'); } $this->bCouple = true; //couple enabled } /* @var $this->oPF BxDolProfileFields */ $this->oPF = new BxDolProfileFields($this->iArea); if (!$this->oPF->aArea) { return 'Profile Fields cache not loaded. Cannot continue.'; } $this->aCoupleMutualFields = $this->oPF->getCoupleMutualFields(); //collect blocks $this->aBlocks = $this->oPF->aArea; //collect items $this->aItems = array(); foreach ($this->aBlocks as $aBlock) { foreach ($aBlock['Items'] as $iItemID => $aItem) { $this->aItems[$iItemID] = $aItem; } } $this->aValues[0] = $this->oPF->getValuesFromProfile($this->aProfiles[0]); // set default values if ($this->bCouple) { $this->aValues[1] = $this->oPF->getValuesFromProfile($this->aProfiles[1]); } // set default values $this->aOldValues = $this->aValues; $sStatusText = ''; if (isset($_POST['do_submit'])) { $this->oPF->processPostValues($this->bCouple, $this->aValues, $this->aErrors, 0, $this->iProfileID); if (empty($this->aErrors[0]) and empty($this->aErrors[1]) and !$this->bAjaxMode) { // do not save in ajax mode $this->saveProfile(); $sStatusText = '_Save profile successful'; reparseObjTags('profile', $this->iProfileID); } } if ($this->bAjaxMode) { //print_r( $_POST ); $this->showErrorsJson(); exit; } else { ob_start(); $this->showEditForm($sStatusText); return ob_get_clean(); } }
function ApproveSelectedAdv() { $sSuccUpd = _t("_SUCC_UPD_ADV"); $sFailUpd = _t("_FAIL_UPD_ADV"); if (isset($_REQUEST['Check']) && is_array($_REQUEST['Check'])) { foreach ($_REQUEST['Check'] as $iKey => $iVal) { $query = "UPDATE `ClassifiedsAdvertisements` SET `Status` = 'active' WHERE `ID` = {$iVal} LIMIT 1"; $sqlRes = db_res($query); reparseObjTags('ad', $iVal); } } $ret = mysql_affected_rows() != 0 ? _t($sSuccUpd) : _t($sFailUpd); return MsgBox($ret); }
/** * Perform change of status with clearing profile(s) cache and sending mail about activation * * @param mixed $mixedIds - array of IDs or single int ID of profile(s) * @param string $sStatus - given status * @param boolean $bSendActMail - send email about activation or not (works with 'Active' status only * @return boolean - TRUE on success / FALSE on failure */ function bx_admin_profile_change_status($mixedIds, $sStatus, $bSendActMail = FALSE) { if (!$mixedIds || is_array($mixedIds) && empty($mixedIds)) { return FALSE; } if (!is_array($mixedIds)) { $mixedIds = array((int) $mixedIds); } $sStatus = strip_tags($sStatus); $oEmailTemplate = new BxDolEmailTemplates(); foreach ($mixedIds as $iId) { $iId = (int) $iId; if (!$GLOBALS['MySQL']->query("UPDATE `Profiles` SET `Status` = '{$sStatus}' WHERE `ID` = {$iId}")) { break; } createUserDataFile($iId); reparseObjTags('profile', $iId); if ($sStatus == 'Active' && $bSendActMail) { if (BxDolModule::getInstance('BxWmapModule')) { BxDolService::call('wmap', 'response_entry_add', array('profiles', $iId)); } $aProfile = getProfileInfo($iId); $aMail = $oEmailTemplate->parseTemplate('t_Activation', array(), $iId); sendMail($aProfile['Email'], $aMail['subject'], $aMail['body'], $iId, array(), 'html', FALSE, TRUE); } $oAlert = new BxDolAlerts('profile', 'change_status', $iId, 0, array('status' => $sStatus)); $oAlert->alert(); } return TRUE; }
function profile_delete($ID) { global $MySQL; global $dir; global $site; global $logged; $ID = (int) $ID; if (!$ID) { return false; } if (!getProfileInfo($ID)) { return false; } modules_del($ID); db_res("DELETE FROM `VKisses` WHERE `ID` = '{$ID}' OR `Member` = '{$ID}'"); db_res("DELETE FROM `Profiles` WHERE `ID` = '{$ID}'"); if (!mysql_affected_rows()) { return false; } db_res("DELETE FROM `BlockList` WHERE `ID` = '{$ID}' OR `Profile` = '{$ID}';"); db_res("DELETE FROM `ProfilesTrack` WHERE `Member` = '{$ID}' OR `Profile` = '{$ID}'"); db_res("DELETE FROM `Messages` WHERE Recipient = {$ID} "); db_res("DELETE FROM `Guestbook` WHERE Recipient = {$ID} "); db_res("DELETE FROM `aff_members` WHERE idProfile = {$ID}"); db_res("DELETE FROM `HotList` WHERE ID = {$ID} OR Profile = {$ID}"); db_res("DELETE FROM `FriendList` WHERE ID = {$ID} OR Profile = {$ID}"); db_res("DELETE FROM `BlockList` WHERE ID = {$ID} OR Profile = {$ID}"); db_res("DELETE FROM `BoughtContacts` WHERE `IDBuyer` = {$ID} OR `IDContact` = {$ID}"); db_res("DELETE FROM `ProfileMemLevels` WHERE `IDMember` = {$ID}"); db_res("DELETE FROM `ProfilesComments` WHERE `Sender` = {$ID} OR `Recipient` = {$ID}"); db_res("DELETE FROM `ProfilesPolls` WHERE `id_profile` = {$ID}"); db_res("DELETE FROM `Tags` WHERE `ID` = {$ID} AND `Type` = 'profile'"); db_res("DELETE FROM `GroupsMembers` WHERE `memberID` = {$ID}"); // delete profile votings require_once BX_DIRECTORY_PATH_CLASSES . 'BxDolVoting.php'; $oVotingProfile = new BxDolVoting('profile', 0, 0); $oVotingProfile->deleteVotings($ID); // delete profile comments require_once BX_DIRECTORY_PATH_CLASSES . 'BxDolCmts.php'; $oCmts = new BxDolCmts('profile', $ID); $oCmts->onObjectDelete(); // delete all comments in all comments' systems, this user posted $oCmts->onAuthorDelete($ID); // Clean gallery $albumsRes = db_res("SELECT `ID` FROM `GalleryAlbums` WHERE `IDMember` = {$ID}"); while ($albumArr = mysql_fetch_assoc($albumsRes)) { $albumID = $albumArr['ID']; $objectsRes = db_res("SELECT `Filename`, `ThumbFilename` FROM `GalleryObjects` WHERE `IDAlbum` = {$albumID}"); while ($objectArr = mysql_fetch_assoc($objectsRes)) { @unlink("{$dir['gallery']}{$objectArr['Filename']}"); if (strlen($objectArr['ThumbFilename']) && file_exists("{$dir['gallery']}{$objectArr['ThumbFilename']}")) { @unlink("{$dir['gallery']}{$objectArr['ThumbFilename']}"); } } db_res("DELETE FROM `GalleryObjects` WHERE `IDAlbum` = {$albumID}"); } db_res("DELETE FROM `GalleryAlbums` WHERE `IDMember` = {$ID}"); // Clean customizations $customArr = db_arr("SELECT `BackgroundFilename` FROM `ProfilesSettings` WHERE `IDMember` = {$ID}"); if (strlen($customArr['BackgroundFilename']) && file_exists($dir['profileImage'] . $customArr['BackgroundFilename']) && is_file($dir['profileImage'] . $customArr['BackgroundFilename'])) { unlink($dir['profileImage'] . $customArr['BackgroundFilename']); } db_res("DELETE FROM `ProfilesSettings` WHERE `IDMember` = {$ID}"); // delete media $rMedia = db_res("SELECT `med_id`, `med_file`, `med_type` FROM `media` WHERE `med_prof_id` = {$ID}"); $oVotingMedia = new BxDolVoting('media', 0, 0); while ($aMedia = mysql_fetch_assoc($rMedia)) { switch ($aMedia['med_type']) { case 'photo': $medDir = $dir['profileImage'] . $ID . "/"; @unlink($medDir . 'icon_' . $aMedia['med_file']); @unlink($medDir . 'photo_' . $aMedia['med_file']); @unlink($medDir . 'thumb_' . $aMedia['med_file']); break; case 'audio': $medDir = $dir['profileSound'] . $ID . "/"; @unlink($medDir . $aMedia['med_file']); break; case 'video': $medDir = $dir['profileVideo'] . $ID . "/"; @unlink($medDir . $aMedia['med_file']); break; } // delete media voting $oVotingMedia->deleteVotings($aMedia['med_id']); } $aMem = array(); $aMedia = array('photo', 'music', 'video'); foreach ($aMedia as $sVal) { $oMedia = new BxDolSharedMedia($sVal, $site, $dir, $aMem); $oMedia->deleteUserGallery($ID, $logged); } db_res("DELETE FROM `media` WHERE `med_prof_id` = {$ID}"); @rmdir($dir['profileImage'] . $ID); @rmdir($dir['profileVideo'] . $ID); @rmdir($dir['profileSound'] . $ID); //Clean blogs $aBlog = db_arr("SELECT `ID` FROM `Blogs` WHERE `OwnerID` = {$ID}"); $iBlogID = $aBlog['ID']; if ($iBlogID > 0) { //Clean blogs $oBlogs = new BxDolBlogs(TRUE); $oBlogs->bAdminMode = TRUE; (int) ($_REQUEST['DeleteBlogID'] = $iBlogID); $oBlogs->ActionDeleteBlogSQL(); } //delete user classifieds $oClassifieds = new BxDolClassifieds(); $oClassifieds->bAdminMode = TRUE; $oClassifieds->DeleteProfileAdvertisement($ID); //delete user events $oEvents = new BxDolEvents(); $oEvents->bAdminMode = TRUE; $oEvents->DeleteProfileEvents($ID); //delete cache file $sCacheFile = $dir['cache'] . 'user' . $ID . '.php'; @unlink($sCacheFile); reparseObjTags('profile', $ID); }
break; case "Confirm Email": activation_mail($val, 0); break; case "Send Message": profile_send_message($val, $_POST['Message']); break; case 'Activate': db_res("UPDATE `Profiles` SET `Status` = 'Active' WHERE `ID` = '" . (int) $val . "'"); createUserDataFile((int) $val); reparseObjTags('profile', (int) $val); break; case 'Approval': db_res("UPDATE `Profiles` SET `Status` = 'Approval' WHERE `ID` = '" . (int) $val . "'"); createUserDataFile((int) $val); reparseObjTags('profile', (int) $val); break; case 'Ban': if ((int) $val > 0 && (int) $_REQUEST['time_hrs'] > 0) { $iBanTime = (int) $_REQUEST['time_hrs'] * 3600; $sCheckBanSQL = "SELECT * FROM `AdminBanList` WHERE `ProfID`='{$val}' LIMIT 1"; db_res($sCheckBanSQL); if (mysql_affected_rows() == 1) { $sBamSQL = "UPDATE `AdminBanList` SET `Time`='{$iBanTime}', `DateTime`=NOW() WHERE `ProfID`='{$val}'"; } else { $sBamSQL = "INSERT INTO `AdminBanList` SET `Time`='{$iBanTime}', `DateTime`=NOW(), `ProfID`='{$val}'"; } db_res($sBamSQL); } break; case 'UnBan':
/** * page code function */ function PageCompPageMainCode($iID, $sConfCode) { global $site; $ID = (int) $iID; $ConfCode = clear_xss($sConfCode); $p_arr = getProfileInfo($ID); if (!$p_arr) { $_page['header'] = _t("_Error"); $_page['header_text'] = _t("_Profile Not found"); return MsgBox(_t('_Profile Not found Ex')); } $aCode = array('message_status' => '', 'message_info' => '', 'bx_if:form' => array('condition' => false, 'content' => array('form' => '')), 'bx_if:next' => array('condtion' => false, 'content' => array('next_url' => ''))); if ($p_arr['Status'] == 'Unconfirmed') { $ConfCodeReal = base64_encode(base64_encode(crypt($p_arr[Email], CRYPT_EXT_DES ? "secret_co" : "se"))); if (strcmp($ConfCode, $ConfCodeReal) != 0) { $aForm = array('form_attrs' => array('action' => BX_DOL_URL_ROOT . 'profile_activate.php', 'method' => 'post', 'name' => 'form_change_status'), 'inputs' => array('conf_id' => array('type' => 'hidden', 'name' => 'ConfID', 'value' => $ID), 'conf_code' => array('type' => 'text', 'name' => 'ConfCode', 'value' => '', 'caption' => _t("_Confirmation code")), 'submit' => array('type' => 'submit', 'name' => 'submit', 'value' => _t("_Submit")))); $oForm = new BxTemplFormView($aForm); $aCode['message_status'] = _t("_Profile activation failed"); $aCode['message_info'] = _t("_EMAIL_CONF_FAILED_EX"); $aCode['bx_if:form']['condition'] = true; $aCode['bx_if:form']['content']['form'] = $oForm->getCode(); } else { $aCode['bx_if:next']['condition'] = true; $aCode['bx_if:next']['content']['next_url'] = BX_DOL_URL_ROOT . 'member.php'; if (isAutoApproval('join')) { $status = 'Active'; $rEmailTemplate = new BxDolEmailTemplates(); $aTemplate = $rEmailTemplate->getTemplate('t_Activation'); sendMail($p_arr['Email'], $aTemplate['Subject'], $aTemplate['Body'], $p_arr['ID']); $aCode['message_info'] = _t("_PROFILE_CONFIRM"); } else { $status = 'Approval'; $aCode['message_info'] = _t("_EMAIL_CONF_SUCCEEDED", $site['title']); } $update = db_res("UPDATE `Profiles` SET `Status` = '{$status}' WHERE `ID` = '{$ID}';"); createUserDataFile($ID); reparseObjTags('profile', $ID); // Promotional membership if (getParam('enable_promotion_membership') == 'on') { $memership_days = getParam('promotion_membership_days'); setMembership($p_arr['ID'], MEMBERSHIP_ID_PROMOTION, $memership_days, true); } // check couple profile; if ($p_arr['Couple']) { $update = db_res("UPDATE `Profiles` SET `Status` = '{$status}' WHERE `ID` = '{$p_arr['Couple']}';"); createUserDataFile($p_arr['Couple']); reparseObjTags('profile', $p_arr['Couple']); //Promotional membership if (getParam('enable_promotion_membership') == 'on') { $memership_days = getParam('promotion_membership_days'); setMembership($p_arr['Couple'], MEMBERSHIP_ID_PROMOTION, $memership_days, true); } } if (getParam('newusernotify')) { $oEmailTemplates = new BxDolEmailTemplates(); $aTemplate = $oEmailTemplates->getTemplate('t_UserConfirmed'); sendMail($site['email_notify'], $aTemplate['Subject'], $aTemplate['Body'], $p_arr['ID']); } } } else { $aCode['message_info'] = _t('_ALREADY_ACTIVATED'); } return $GLOBALS['oSysTemplate']->parseHtmlByName('profile_activate.html', $aCode); }
/** * page code function */ function PageCompPageMainCode() { global $dir; $member['ID'] = (int) $_COOKIE['memberID']; ob_start(); $p_arr = getProfileInfo($member['ID']); if ($_POST['CHANGE_STATUS']) { switch ($_POST['CHANGE_STATUS']) { case 'SUSPEND': if ($p_arr['Status'] == 'Active') { db_res("UPDATE `Profiles` SET `Status` = 'Suspended' WHERE `ID` = '{$member['ID']}';"); modules_block($p_arr['ID']); } break; case 'ACTIVATE': if ($p_arr['Status'] == 'Suspended') { db_res("UPDATE `Profiles` SET `Status` = 'Active' WHERE `ID` = {$member['ID']}"); // call modules to add user to modules $check_res = checkAction($member['ID'], ACTION_ID_USE_CHAT); if ($check_res[CHECK_ACTION_RESULT] == CHECK_ACTION_RESULT_ALLOWED) { modules_unblock($p_arr['ID'], 'chat'); } $check_res = checkAction($member['ID'], ACTION_ID_USE_FORUM); if ($check_res[CHECK_ACTION_RESULT] == CHECK_ACTION_RESULT_ALLOWED) { modules_unblock($p_arr['ID'], 'forum'); } } break; } createUserDataFile($p_arr['ID']); reparseObjTags('profile', $member['ID']); $p_arr = getProfileInfo($member['ID']); } echo "<table width=\"100%\" cellpadding=4 cellspacing=4><td align=center class=text2>"; echo _t("_Profile status"); ?> : <b><font class=prof_stat_<?php echo $p_arr['Status']; ?> > <?php echo _t("__{$p_arr['Status']}"); ?> </font></b><br /> <?php switch ($p_arr['Status']) { case 'Active': echo _t("_PROFILE_CAN_SUSPEND"); ?> <br /><br /><form action="<?php echo $_SERVER['PHP_SELF']; ?> " method=post> <input type=hidden name=CHANGE_STATUS value=SUSPEND> <center><input class=no type=submit value="<?php echo _t("_Suspend account"); ?> "></center> </form> <?php break; case 'Suspended': echo _t("_PROFILE_CAN_ACTIVATE"); ?> <br /><br /><form action="<?php echo $_SERVER['PHP_SELF']; ?> " method=post> <input type=hidden name=CHANGE_STATUS value=ACTIVATE> <center><input class=no type=submit value="<?php echo _t("_Activate account"); ?> "></center> </form> <?php break; default: echo _t("_PROFILE_CANT_ACTIVATE/SUSPEND"); break; } echo "</td></table>"; $ret = ob_get_contents(); ob_end_clean(); return $ret; }
function insertMediaToDb($sFileName) { $sMediaType = process_db_input($this->sMediaType); $sFileName = process_db_input($sFileName); $sFileTitle = process_db_input($_POST['title']); $sStatus = getParam("autoApproval_Photo") == 'on' ? 'active' : 'passive'; $iResult = $this->oMediaQuery->insertMedia($this->iProfileID, $sMediaType, $sFileName, $sFileTitle, $sStatus); if (0 < $iResult) { if (getParam("autoApproval_ifPhoto") != 'on') { $sqlQuery = "UPDATE `Profiles` set `Status`='Approval' WHERE `ID`={$this->iProfileID}"; db_res($sqlQuery); createUserDataFile($this->iProfileID); reparseObjTags('profile', $this->iProfileID); } return true; } else { return false; } }