function toolbar_mainbody($vars) { global $CFG; require_once $CFG->dirroot . 'lib/filelib.php'; // to ensure file_get_contents() if (isloggedin()) { $toolbar = file_get_contents($CFG->dirroot . "mod/toolbar/toolbar.inc"); } else { //$toolbar = file_get_contents($CFG->dirroot . "mod/toolbar/toolbarloggedout.inc"); } if (isset($vars[1]) && $vars[1] == 'box') { $css = file_get_contents($CFG->dirroot . "mod/toolbar/css-box"); } else { $css = file_get_contents($CFG->dirroot . "mod/toolbar/css"); } $css = str_replace("{{url}}", $CFG->wwwroot, $css); $toolbar .= "{$css}"; $toolbar = str_replace("{{url}}", $CFG->wwwroot, $toolbar); $toolbar = str_replace("{{menu}}", templates_variables_substitute(array(array(), "menu")), $toolbar); $toolbar = str_replace("{{topmenu}}", templates_variables_substitute(array(array(), "topmenu")), $toolbar); $toolbar = str_replace("{{logon}}", __gettext("Log on:"), $toolbar); $toolbar = str_replace("{{username}}", __gettext("Username"), $toolbar); $toolbar = str_replace("{{password}}", __gettext("Password"), $toolbar); $toolbar = str_replace("{{poweredby}}", __gettext("Powered by Elgg"), $toolbar); $toolbar = str_replace("{{remember}}", __gettext("Remember me"), $toolbar); if (isloggedin()) { $toolbar = str_replace("{{usericon}}", "<a href=\"{$CFG->wwwroot}{$_SESSION['username']}\">" . user_icon_html($_SESSION['userid'], 50) . "</a>", $toolbar); } else { $toolbar = str_replace("{{usericon}}", user_icon_html(-1, 50), $toolbar); } return $toolbar; }
/** * */ function User($var) { global $CFG; $this->exists = false; // Both username or userid may be passed if (is_numeric($var)) { // Numeric, we probably received a userid $info = get_record('users', 'ident', $var); } elseif (is_string($var)) { // String, we probably recieved a username $info = get_record('users', 'username', $var); } if (!empty($info)) { $this->exists = true; $this->ident = $info->ident; $this->username = $info->username; $this->email = $info->email; $this->name = user_name($info->ident); $this->alias = $info->alias; $this->code = $info->code; $this->icon_quota = $info->icon_quota; $this->file_quota = $info->file_quota; $this->user_type = $info->user_type; $this->owner = $info->owner; ereg('^([a-zA-Z]*) (.*)', $this->name, $groups); $this->firstname = trim($groups[1]); $this->lastname = trim($groups[2]); // Load the weblog id's, starting with communities // Need to select two fields to collect instead of just u.ident else // this very handy datalib function will return false... $communities = get_records_sql('SELECT DISTINCT u.ident,u.name FROM ' . $CFG->prefix . 'friends f JOIN ' . $CFG->prefix . 'users u ON u.ident = f.friend WHERE f.owner = ? AND u.user_type = ?', array($this->ident, 'community')); $this->blogs = array(); // Add the own weblog id (is same as user id) $this->blogs[] = $this->ident; // Add the communities if ($communities) { foreach ($communities as $community) { $this->blogs[] = $community->ident; } } $this->icon = user_icon_html($info->ident, 100, true); } }
global $CFG; global $db; // Search criteria are passed in $parameter from run("search:display") $handle = 0; foreach ($data['profile:details'] as $profiletype) { if ($profiletype->internal_name == $parameter[0] && $profiletype->field_type == "keywords") { $handle = 1; } } if ($handle) { $sub_result = ""; $searchline = "tagtype = " . $db->qstr($parameter[0]) . " AND tag = " . $db->qstr($parameter[1]) . ""; $searchline = "(" . run("users:access_level_sql_where", $_SESSION['userid']) . ") and " . $searchline; $searchline = str_replace("owner", "t.owner", $searchline); //$parameter[1] = stripslashes($parameter[1]); if ($result = get_record_sql('SELECT DISTINCT u.* FROM ' . $CFG->prefix . 'tags t JOIN ' . $CFG->prefix . 'users u ON u.ident = t.owner WHERE ' . $searchline)) { foreach ($result as $key => $info) { $icon = user_icon_html($info->ident, 100, true); $sub_result .= "\t\t\t<item>\n"; $sub_result .= "\t\t\t\t<name><![CDATA[" . htmlspecialchars(stripslashes(user_name($info->ident)), ENT_COMPAT, 'utf-8') . "]]></name>\n"; $sub_result .= "\t\t\t\t<link>" . url . htmlspecialchars($info->username, ENT_COMPAT, 'utf-8') . "</link>\n"; $sub_result .= "\t\t\t\t<link>{$icon}</link>\n"; $sub_result .= "\t\t\t</item>\n"; } } if ($sub_result != "") { $run_result .= "\t\t<profiles tagtype=\"" . addslashes(htmlspecialchars($parameter[0], ENT_COMPAT, 'utf-8')) . "\">\n" . $sub_result . "\t\t</profiles>\n"; } }
<?php global $CFG; // Given a user ID as a parameter, will display a list of communities if (isset($parameter[0])) { $community_id = (int) $parameter[0]; $community_name = user_info('username', $community_id); $community_owner = user_info('owner', $community_id); $result = run('community:members:data', array($community_id)); $i = 1; if (!empty($result)) { foreach ($result as $key => $info) { $link = $CFG->wwwroot . $info->username . "/"; $friends_name = user_name($info->ident); $info->icon = run("icons:get", $info->ident); $friends_icon = user_icon_html($info->ident, COMMUNITY_ICON_SIZE); // $friends_menu = run("users:infobox:menu",array($info->ident)); $functions = array(); if ($community_owner != $info->ident && $community_owner == $_SESSION['userid']) { $msg = "onclick=\"return confirm('" . __gettext("Are you sure you want to separate this user from the community?") . "')\""; $functions[] = "<a href=\"" . $CFG->wwwroot . $community_name . "/community/separate/" . $info->ident . "\" {$msg}>" . __gettext("Separate") . "</a>"; } else { if ($community_owner == $info->ident) { $functions[] = "<b>(" . __gettext("Owner") . ")</b>"; } } $functions = implode("\n", array_map(create_function('$entry', "return \"<li>\$entry</li>\";"), $functions)); $members .= templates_draw(array('context' => 'community_member', 'name' => $friends_name, 'icon' => $friends_icon, 'link' => $link, 'functions' => $functions)); if ($i % COMMUNITY_MEMBERS_PER_ROW == 0) { $members .= "</tr><tr>"; }
/** * Display a comment. * * @param unknown_type $comment_obj */ function commentwall_displaycomment($comment_obj) { global $CFG; $html = ""; $owner_username = user_info("name", $comment_obj->wallowner); $comment_owner_username = $comment_obj->comment_owner != 0 ? user_info("name", $comment_obj->comment_owner) : __gettext("Anonymous User"); $icon = $comment_obj->comment_owner != 0 ? user_info('icon', $comment_obj->comment_owner) : -1; $userlogo = user_icon_html($comment_obj->comment_owner, 60, true); // $CFG->wwwroot.'_icon/user/'.$icon.'/w/50'; $userlink = $comment_obj->comment_owner != 0 ? $CFG->wwwroot . user_info("username", $comment_obj->comment_owner) . "/" : ""; $date = date("l jS F Y, g:ia", $comment_obj->posted); $text = $comment_obj->content; $replytowall = __gettext("Post reply"); $replytootherwall = sprintf(__gettext("Reply on %s's wall"), $comment_owner_username); $delete = __gettext("Delete"); $doaction = "{$CFG->wwwroot}mod/commentwall/do_action.php?owner=" . page_owner() . "&return_url=" . urlencode($_SERVER['REQUEST_URI']); $replybar = ""; if (isloggedin()) { //$replybar .= "<a href=\"#commentwall_form_-1\">$replytowall</a>"; if ($comment_obj->wallowner != $comment_obj->comment_owner && $comment_obj->comment_owner != 0) { $replybar .= "<a href=\"{$CFG->wwwroot}mod/commentwall/index.php?owner={$comment_obj->comment_owner}&wallowner={$comment_obj->comment_owner}&comment_owner={$_SESSION['userid']}&reply={$comment_obj->ident}&return_url=" . urlencode($_SERVER['REQUEST_URI']) . "\">{$replytootherwall}</a> | "; } if (commentwall_permissions_check($comment_obj->comment_owner) || commentwall_permissions_check($comment_obj->wallowner)) { $replybar .= "<a href=\"{$doaction}&action=commentwall::delete&ident={$comment_obj->ident}\">{$delete}</a>"; } } $html = templates_draw(array('context' => "commentwallobject", 'userlogo' => $userlogo, 'userlink' => $userlink, 'usertxt' => $comment_owner_username, 'date' => $date, 'text' => $text, 'replybar' => $replybar)); return $html; }
<table id="search_table" cellpadding="0" cellspacing="0"> <tr> <td width="10%" colspan="2">{$icontoggle}</td> <td width="25%" valign="top"><b>{$name}</b></td> <td width="25%" valign="top"><b>{$description}</b></td> <td width="12%" valign="top"><b>{$connections}</b></td> <td width="12%" valign="top"><b>{$posts}</b></td> <td width="16%" valign="top"><b>{$type}</b></td> </tr> END; foreach ($results as $result) { $blogposts = count_records("weblog_posts", "weblog", $result->ident); $description = get_field("profile_data", "value", "owner", $result->ident, "name", 'minibio'); $icon_html = user_icon_html($result->ident); $name = htmlspecialchars($result->name); $iconcode = "<a href=\"{$CFG->wwwroot}{$result->username}\">{$icon_html}</a>"; if (!$displayicons) { // Uncomment this if we move to Javascript unhide // $iconcode = "<span style=\"display:none\" class=\"iconhide\">".$iconcode."</span>"; $iconcode = " "; } $rowspan = ""; $plus = ""; if (!empty($filter)) { if ($drilldown != $result->ident) { $plus = "<a href=\"index.php?display={$display}&searchtype={$searchtype}&filter={$filter}&drilldown=" . $result->ident . "#drilldown" . $result->ident . "\">+</a>"; } else { $plus = "<a href=\"index.php?display={$display}&searchtype={$searchtype}&filter={$filter}\">-</a>"; $rowspan = "rowspan=\"2\"";
<?php global $CFG, $USER; global $page_owner; $textlib = textlib_get_instance(); // If this is someone else's portfolio, display the user's icon //$run_result .= "<li id=\"sidebar_user\">"; $info = get_record('users', 'ident', $page_owner); if (!($tagline = get_field_sql('SELECT value FROM ' . $CFG->prefix . 'profile_data WHERE owner = ' . $page_owner . " AND name = 'minibio'\n AND (" . run("users:access_level_sql_where", $USER->ident) . ")"))) { $tagline = " "; } $ul_username = user_info('username', $page_owner); $info->icon = run("icons:get", $page_owner); $icon = user_icon_html($info->ident, 67); $name = stripslashes(user_name($info->ident)); //$name = run("profile:display:name"); $url = url . $info->username . "/"; $lmshosts = ''; if ($info->ident == $USER->ident) { // fetch aliases if ($aliases = get_records('users_alias', 'user_id', $USER->ident)) { foreach ($aliases as $alias) { if (!empty($CFG->lmshosts) && is_array($CFG->lmshosts) && array_key_exists($alias->installid, $CFG->lmshosts)) { $name = $alias->installid; if (!empty($CFG->lmshosts[$alias->installid]['name'])) { $name = $CFG->lmshosts[$alias->installid]['name']; } $lmshosts .= '<a href="' . $CFG->lmshosts[$alias->installid]['baseurl'] . '">' . $name . '</a><br />'; } }
global $page_owner; if (user_type($page_owner) == "person" && run("permissions:check", array("userdetails:change", $page_owner))) { $title = run("profile:display:name") . " :: " . __gettext("Community invitations") . ""; if ($pending_requests = get_records_sql('SELECT fr.ident AS request_id,u.* FROM ' . $CFG->prefix . 'friends_requests fr LEFT JOIN ' . $CFG->prefix . 'users u ON u.ident = fr.owner WHERE fr.friend = ? AND u.user_type = \'community\' ORDER BY u.name ASC', array($page_owner))) { $body = "<p>" . __gettext("The following comunities would like to invite you to become a member.") . "</p>"; foreach ($pending_requests as $pending_user) { $where = run("users:access_level_sql_where", $_SESSION['userid']); if ($description = get_record_select('profile_data', "({$where}) and name = 'minibio' and owner = " . $pending_user->ident)) { $description = "<p>" . stripslashes($description->value) . "</p>"; } else { $description = "<p> </p>"; } $request_id = $pending_user->request_id; $pending_user->name = run("profile:display:name", $pending_user->ident); $col1 = "<p><b>" . $pending_user->name . "</b></p>" . $description; $col1 .= "<p>"; $col1 .= "<a href=\"" . url . $pending_user->username . "/\">" . __gettext("Profile") . "</a> | "; $col1 .= "<a href=\"" . url . $pending_user->username . "/weblog/\">" . __gettext("Blog") . "</a></p>"; $col2 = "<p><a href=\"" . url . "mod/community/user_community_invitations.php?action=community:approve:invitation&request_id={$request_id}\">" . __gettext("Accept") . "</a> | <a href=\"" . url . "mod/community/user_community_invitations.php?action=community:decline:invitation&request_id={$request_id}\">Decline</a></p>"; $ident = $pending_user->ident; $pending_user->icon = run("icons:get", $pending_user->ident); $body .= templates_draw(array('context' => 'adminTable', 'name' => user_icon_html($pending_user->ident), 'column1' => $col1, 'column2' => $col2)); } } else { $body = "<p>" . __gettext("You have no pending community membership invitations.") . "</p>"; } $run_result = templates_draw(array('context' => 'contentholder', 'title' => $title, 'body' => $body)); } }
if (is_array($result)) { $numfriends = count($result); if ($numfriends > 1000) { $result = array_slice($result, 0, 1000); $body .= '<p>' . sprintf(__gettext("Displaying 1000 most recently active people, of %d found."), $numfriends) . '</p>'; } } $i = 1; if (!empty($result)) { foreach ($result as $key => $info) { $link = $CFG->wwwroot . $info->username . "/"; $friends_name = run("profile:display:name", $info->ident); $info->icon = run("icons:get", $info->ident); $friends_menu = run("users:infobox:menu", array($info->ident, "friendsof")); $friends_menu = run("users:infobox:delete", array($info->ident, "friendsof")); $friends_icon = user_icon_html($info->ident, FRIENDS_ICON_SIZE); $friends .= templates_draw(array('context' => 'friends_friend', 'name' => $friends_name, 'icon' => $friends_icon, 'link' => $link, 'friend_menu' => $friends_menu)); if ($i % FRIENDS_PER_ROW == 0) { $friends .= "</tr><tr>"; } $i++; } } else { if ($user_id == $_SESSION['userid']) { $friends .= "<td><p>" . __gettext("Nobody's listed you as a friend! Maybe you need to start chatting to some other users?") . "</p></td>"; } else { $friends .= "<td><p>" . __gettext("This user isn't currently listed as anyone's friend. Maybe you could be the first?") . "</p></td>"; } } } $run_result = templates_draw(array('context' => 'friends_friends', 'friends' => $friends));
END; $run_result .= run("foaf:generate:fields", $parameter); $run_result .= "\t\t<vCard:ADR rdf:parseType=\"Resource\">\n"; $run_result .= run("vcard:generate:fields:adr", $parameter); $run_result .= "\t\t</vCard:ADR>\n"; if ($friends = get_records_sql('SELECT u.* FROM ' . $CFG->prefix . 'friends f JOIN ' . $CFG->prefix . 'users u ON u.ident = f.friend WHERE f.owner = ?', array($user->ident))) { foreach ($friends as $friend) { $name = htmlspecialchars(stripslashes($friend->name), ENT_COMPAT, 'utf-8'); $email = htmlspecialchars(sha1("mailto:" . $friend->email), ENT_COMPAT, 'utf-8'); $username = htmlspecialchars($friend->username, ENT_COMPAT, 'utf-8'); $personalurl = url . $username . "/"; $foafurl = $personalurl . "foaf/"; if ($friend->icon != -1) { $iconurl = user_icon_html($friend->ident, 100, true); $iconstring = "<foaf:depiction rdf:resource=\"{$iconurl}\" />"; } else { $iconstring = ""; } $extras = run("foaf:knows:elements", $friend->ident); $run_result .= <<<END <foaf:knows> <foaf:Person> <foaf:nick>{$username}</foaf:nick> <foaf:name>{$name}</foaf:name> <foaf:mbox_sha1sum>{$email}</foaf:mbox_sha1sum> <foaf:homepage rdf:resource="{$personalurl}"/> <rdfs:seeAlso rdf:resource="{$foafurl}"/> {$iconstring}
function templates_variables_substitute($param) { global $CFG; $variables = $param[0]; $template_variable = $param[1]; $run_result = ''; // Substitute variables in templates: // where {{variablename}} is found in the template, this function is passed // "variablename" and returns the proper variable global $menubar; global $submenubar; global $metatags; global $PAGE; global $template_id; global $template_name; global $db; //error_log("tvs " . print_r($template_variable,1)); $result = ""; if (isset($variables[$template_variable])) { $result .= $variables[$template_variable]; } else { $vars = array(); if (substr_count($template_variable, ":") > 0) { $vars = explode(":", $template_variable); $template_variable = $vars[0]; } switch ($template_variable) { case "username": if (logged_on) { $result = $_SESSION['username']; } else { $result = __gettext("Guest"); } break; case "usericonid": if (logged_on) { $result = user_info("icon", $_SESSION['userid']); } else { $result = 0; } break; case "name": if (logged_on) { $result = htmlspecialchars($_SESSION['name'], ENT_COMPAT, 'utf-8'); } else { $result = __gettext("Guest"); } break; case "userfullname": if (logged_on) { $result = __gettext("Welcome") . " " . htmlspecialchars($_SESSION['name'], ENT_COMPAT, 'utf-8'); } else { $result = __gettext("Welcome") . " " . __gettext("Guest") . " [<a href=\"" . url . "login/index.php\">" . __gettext("Log in") . "</a>]"; } break; case "menu": if (logged_on) { $result = templates_draw(array('menuitems' => menu_join('', $PAGE->menu), 'context' => 'menu')); } break; case "submenu": $result = templates_draw(array('submenuitems' => menu_join(' | ', $PAGE->menu_sub), 'context' => 'submenu')); break; case "topmenu": $result = templates_draw(array('topmenuitems' => menu_join('', $PAGE->menu_top), 'context' => 'topmenu')); break; case "url": $result = url; break; case "sitename": $result = $CFG->sitename; break; case "tagline": $result = $CFG->tagline; break; case "metatags": if (!empty($template_name)) { // use a defined style $result = '<link href="' . $CFG->wwwroot . '_templates/css/' . $template_name . '" rel="stylesheet" type="text/css" />' . "\n"; } else { // use whatever's in $template['css'] $result = "<style type=\"text/css\">\n" . templates_draw(array('template' => $template_name, 'context' => 'css')) . "\n</style>\n"; } // locate css at end $result = $metatags . "\n" . $result; break; case 'perf': $perf = get_performance_info(); if (defined('ELGG_PERFTOLOG')) { error_log("PERF: " . $perf['txt']); } if (defined('ELGG_PERFTOFOOT') || $CFG->debug > 7 || $CFG->perfdebug > 7) { $result = $perf['html']; } break; case 'randomusers': $result = ""; if (isset($vars[1])) { $vars[1] = (int) $vars[1]; } else { $vars[1] = 3; } if ($users = get_records_sql("SELECT DISTINCT u.*,i.filename AS iconfile, " . $db->random . " as rand \n FROM " . $CFG->prefix . "profile_data t JOIN " . $CFG->prefix . "users u ON u.ident = t.owner\n LEFT JOIN " . $CFG->prefix . "icons i ON i.ident = u.icon \n WHERE t.name IN (?,?,?) AND u.icon != ? AND t.access = ? AND u.user_type = ? \n ORDER BY rand LIMIT " . $vars[1], array('biography', 'minibio', 'interests', -1, 'PUBLIC', 'person'))) { $usercount = 0; foreach ($users as $user) { if ($usercount > 0) { $result .= ", "; } else { $result .= " "; } $result .= "<a href=\"" . $CFG->wwwroot . $user->username . "/\">" . $user->name . "</a>"; $usercount++; } } else { $result .= __gettext("Sorry, no users have filled in their profiles yet."); } break; case 'people': $result = ""; if (isset($vars[1])) { $vars[1] = $db->qstr($vars[1]); } else { $vars[1] = "'interests'"; } if (isset($vars[2])) { $vars[2] = $db->qstr($vars[2]); } else { $vars[2] = "'foo'"; } if (isset($vars[3])) { $vars[3] = (int) $vars[3]; } else { $vars[3] = 5; } $users = get_records_sql("SELECT users.*, icons.filename as iconfile, icons.ident as iconid FROM " . $CFG->prefix . "tags LEFT JOIN " . $CFG->prefix . "users ON users.ident = tags.owner left join " . $CFG->prefix . "icons on icons.ident = users.icon WHERE tags.tag = " . $vars[2] . " AND tags.tagtype = " . $vars[1] . " AND users.icon != -1 AND tags.access = 'PUBLIC' and users.user_type = 'person' ORDER BY rand( ) LIMIT " . $vars[3]); if (sizeof($users) > 0 && is_array($users)) { $result .= <<<END <table width="550px" border="0" cellpadding="0" cellspacing="0"> <tr> END; foreach ($users as $user) { $icon_html = user_icon_html($user->ident, 67); $result .= <<<END <td align="center"> <div class="image_holder"> <a href="{$CFG->wwwroot}{$user->username}/">{$icon_html}</a> </div> <div class="userdetails"> <p><a href="{$CFG->wwwroot}{$user->username}/">{$user->name}</a></p> </div> END; } $result .= <<<END <tr> </table> END; } break; case "toptags": if (isset($vars[1])) { $vars[1] = $db->qstr($vars[1]); } else { $vars[1] = "'town'"; } if ($tags = get_records_sql("SELECT tag, count(ident) as numtags FROM `" . $CFG->prefix . "tags` WHERE access = 'public' and tagtype=" . $vars[1] . " group by tag order by numtags desc limit 20")) { $tag_count = 0; foreach ($tags as $tag) { $result .= "<a href=\"" . url . "tag/" . urlencode(htmlspecialchars(strtolower($tag->tag), ENT_COMPAT, 'utf-8')) . "\" title=\"" . htmlspecialchars($tag->tag, ENT_COMPAT, 'utf-8') . " (" . $tag->numtags . ")\">"; $result .= $tag->tag . "</a>"; if ($tag_count < sizeof($tags) - 1) { $result .= ", "; } $tag_count++; } } break; case "populartags": $result = ""; if ($tags = get_records_sql("SELECT tag, count(ident) as numtags FROM `" . $CFG->prefix . "tags` WHERE access = 'public' and tag!='' group by tag having numtags > 1 order by ident desc limit 20")) { $max = 0; foreach ($tags as $tag) { if ($tag->numtags > $max) { $max = $tag->numtags; } } $tag_count = 0; foreach ($tags as $tag) { if ($max > 1) { $size = round(log($tag->numtags) / log($max) * 300); } else { $size = 100; } $result .= "<a href=\"" . url . "tag/" . urlencode(htmlspecialchars(strtolower($tag->tag), ENT_COMPAT, 'utf-8')) . "\" style=\"font-size: {$size}%\" title=\"" . htmlspecialchars($tag->tag, ENT_COMPAT, 'utf-8') . " (" . $tag->numtags . ")\">"; $result .= $tag->tag . "</a>"; if ($tag_count < sizeof($tags) - 1) { $result .= ", "; } $tag_count++; } } break; default: break; } } if (!empty($CFG->templates->variables_substitute) && !empty($CFG->templates->variables_substitute[$template_variable])) { if (is_array($CFG->templates->variables_substitute[$template_variable])) { foreach ($CFG->templates->variables_substitute[$template_variable] as $sub_function) { $result .= $sub_function($vars); } } elseif (is_callable($CFG->templates->variables_substitute[$template_variable])) { $result .= $CFG->templates->variables_substitute[$template_variable]($vars); } } $run_result .= $result; return $run_result; }
} if ($users = get_records_sql($sql)) { $run_result .= "<h2>" . __gettext("Users and communities with files or folders in category") . " '" . $parameter[1] . "'</h2>\n"; $body = "<table><tr>"; $i = 1; $w = 100; if (sizeof($users) > 4) { $w = 50; } foreach ($users as $key => $info) { $friends_userid = $info->ident; $friends_name = user_name($info->ident); $info->icon = run("icons:get", $info->ident); $friends_menu = run("users:infobox:menu", array($info->ident)); $link_keyword = urlencode($parameter[1]); $friends_icon = user_icon_html($info->ident, $w); $body .= <<<END <td align="center"> <p> <a href="{$CFG->wwwroot}search/index.php?file={$link_keyword}&owner={$friends_userid}"> {$friends_icon}</a><br /> <span class="userdetails"> {$friends_name} {$friends_menu} </span> </p> </td> END; if ($i % 5 == 0) { $body .= "\n</tr><tr>\n"; }
if (isset($parameter)) { global $CFG, $profile_id; $msg = $parameter; $sent = optional_param('sent'); $author = new StdClass(); $authorid = $sent == 1 ? $msg->to_id : $msg->from_id; if ($authorInfo = get_record('users', 'ident', $authorid)) { $author->username = $authorInfo->username; $author->fullname = htmlspecialchars($authorInfo->name, ENT_COMPAT, 'utf-8'); $author->ident = $authorInfo->ident; } else { $author->username = ""; $author->fullname = ""; $author->ident = -1; } $author->icon = '<a href="' . url . $author->username . '/">' . user_icon_html($author->ident) . "</a>"; $date = strftime("%d %b %Y, %H:%M", $msg->posted); $title = run("weblogs:text:process", $msg->title); $body = run("weblogs:text:process", $msg->body); $reply = __gettext("Reply"); $returnConfirm = __gettext("Are you sure you want to permanently delete this message?"); $Delete = __gettext("Delete"); $from_msg = __gettext("To:"); if (!$sent) { $from_msg = __gettext("From:"); $links = '<a href="' . $CFG->wwwroot . 'mod/messages/compose.php?action=reply&msg_id=' . $msg->ident . '&to=' . $msg->from_id . '">' . $reply . '</a> |'; } $links .= ' <a href="' . $CFG->wwwroot . 'mod/messages/messages_actions.php?action=delete&sent=' . $sent . '&msg_id=' . $msg->ident . '" onclick="return confirm(\'' . $returnConfirm . '\')">' . $Delete . '</a> |'; // Updated the message to the read status if ($msg->status == "unread" && $msg->to_id == $profile_id) { $msg->status = "read";
function blog_executive_summary_keyword($vars) { global $CFG; $body = ""; if (!isset($vars[1])) { $blog_posts = 2; } else { $blog_posts = $vars[1]; } $where = run("users:access_level_sql_where", $_SESSION['userid']); if (!isset($vars[2]) || $vars[2] == "all") { $posts = get_records_sql("select * from " . $CFG->prefix . "weblog_posts where ({$where}) order by posted desc limit {$blog_posts}"); } else { $blog_id = (int) user_info_username('ident', $vars[2]); $posts = get_records_sql("select * from " . $CFG->prefix . "weblog_posts where ({$where}) and weblog = {$blog_id} order by posted desc limit {$blog_posts}"); } if (is_array($posts) && !empty($posts)) { foreach ($posts as $post) { $body .= "<div class=\"frontpage-blog-executive-summary\">"; $body .= "<div class=\"frontpage-blog-executive-icon\"><img src=\"" . user_icon_html($post->weblog, 100, true) . "\" align=\"left\" class=\"usericon\" /></div>"; $body .= "<h4>" . $post->title . "</h4>"; $body .= "<p class=\"frontpage-blog-date\">" . strftime("%B %d, %Y", $post->posted) . "</p>"; $postbodyarray = explode(" ", preg_replace("|\\w{3,10}://[\\w\\.\\-_]+(:\\d+)?[^\\s\"\\'<>\\(\\)\\{\\}]*|", "", strip_tags($post->body)), 30); $body .= "<p class=\"frontpage-blog-content\">" . implode(" ", array_slice($postbodyarray, 0, sizeof($postbodyarray) - 1)) . " ...</p>"; $body .= "<p class=\"frontpage-blog-from\">" . __gettext("From:") . " <a href=\"{$CFG->wwwroot}" . user_info("username", $post->weblog) . "\">" . user_info("name", $post->weblog) . "</a> - "; $body .= "<a href=\"{$CFG->wwwroot}" . user_info("username", $post->weblog) . "/weblog/" . $post->ident . ".html\">" . __gettext("Read more") . "</a></p>"; $body .= "</div>"; } } return $body; }
function generic_comments_annotate($object_id, $object_type, $parameters = NULL) { global $CFG; global $page_owner; // prevent some notices $comment_sort = null; $commentsbody = null; $sort_sequence = null; $owner_username = user_info('username', $page_owner); // create a form to display comments for this object, and then display the comments for one page $default_comment_form_text = __gettext("Add a comment"); // gettext variable if (!$parameters) { $comment_form_type = 'integrated'; $comment_form_text = $default_comment_form_text; } else { if (isset($parameters['comment_form_type'])) { $comment_form_type = $parameters['comment_form_type']; } else { $comment_form_type = 'integrated'; } if (isset($parameters['comment_form_text'])) { $comment_form_text = $parameters['comment_form_text']; } else { $comment_form_text = $default_comment_form_text; } } if (in_array($comment_form_type, array('integrated', 'separate'))) { $item_details = ""; if ($object_type == "file::file" || $object_type == "file::folder") { $item_details = display_run_displayobject('file', $object_id, $object_type); } if ($object_type == "mediastream::media") { $item_details = display_run_displayobject('mediastream', $object_id, $object_type); } $run_result = <<<END <form action="{$CFG->wwwroot}mod/generic_comments/action_redirection.php" method="post"> <h2>{$comment_form_text}</h2> END; // $field = display_input_field(array("new_comment","","longtext")); $field = <<<END <textarea name="new_comment" id="new_comment"></textarea> END; if (logged_on) { $userid = $_SESSION['userid']; } else { $userid = -1; } $field .= <<<END <input type="hidden" name="action" value="comment:add" /> <input type="hidden" name="object_id" value="{$object_id}" /> <input type="hidden" name="object_type" value="{$object_type}" /> <input type="hidden" name="owner" value="{$userid}" /> <input type="hidden" name="comment_form_type" value="{$comment_form_type}" /> <input type="hidden" name="comment_sort" value="{$comment_sort}" /> END; $run_result .= templates_draw(array('context' => 'databox1', 'name' => __gettext("Your comment text"), 'column1' => $field)); if (logged_on) { $comment_name = $_SESSION['name']; } else { $comment_name = __gettext("Guest"); } $run_result .= templates_draw(array('context' => 'databox1', 'name' => __gettext("Your name"), 'column1' => "<input type=\"text\" name=\"postedname\" value=\"" . htmlspecialchars($comment_name, ENT_COMPAT, 'utf-8') . "\" />")); $run_result .= templates_draw(array('context' => 'databox1', 'name' => ' ', 'column1' => "<input type=\"submit\" value=\"" . __gettext("Add comment") . "\" />")); $run_result .= <<<END </form> END; // get the comments $commentsbody = ""; //which page of comments to display (page numbers are 0-based) $page = optional_param('commentpage', 0, PARAM_INT); $sort_sequence = optional_param('comment_sort', ''); //$perpage = 20; // set to 0/false to disable paging $perpage = 5; // set to 0/false to disable paging - set to 5 for testing - KJ $offset = $page * $perpage; if ($sort_sequence != 'DESC') { $sort_sequence = 'ASC'; } if ($comment_form_type == 'integrated') { $thispageurl = generic_comments_add_parameter_to_url(get_url($object_id, $object_type), 'comment_sort', $sort_sequence); } elseif ($comment_form_type == 'separate') { $thispageurl = $CFG->wwwroot . "mod/generic_comments/comment_page.php?object_id={$object_id}&object_type={$object_type}&comment_sort={$sort_sequence}"; } if ($comments = get_records_sql("SELECT * FROM {$CFG->prefix}comments WHERE object_id = {$object_id} AND object_type = '{$object_type}' ORDER BY posted {$sort_sequence}")) { $numcomments = count($comments); $pagelinks = ''; if (!empty($perpage) && $numcomments > $perpage) { $comments = array_slice($comments, $offset, $perpage); $numpages = ceil($numcomments / $perpage); $pagelinks = __gettext("Page: "); for ($i = 1; $i <= $numpages; $i++) { $pagenum = $i - 1; if ($pagenum != $page) { if ($pagenum) { $pageurl = generic_comments_add_parameter_to_url($thispageurl, 'commentpage', $pagenum); } //$pageurl = $thispageurl . (($pagenum) ? '.' . $pagenum : ''); $pagelinks .= ' <a href="' . $pageurl . '">' . $i . '</a>'; } else { $pagelinks .= ' ' . $i . ' '; } } //$thispageurl .= '.' . $page; $thispageurl = generic_comments_add_parameter_to_url($thispageurl, 'commentpage', $page); } foreach ($comments as $comment) { $commentmenu = ""; if (isloggedin() && ($comment->owner == $_SESSION['userid'] || run("permissions:check", array("comment:delete", $_SESSION['userid'], $comment->object_id, $comment->object_type)))) { $Delete = __gettext("Delete"); $commentmenu = <<<END \t <a href="{$CFG->wwwroot}mod/generic_comments/action_redirection.php?action=comment:delete&comment_form_type={$comment_form_type}&comment_delete={$comment->ident}">{$Delete}</a> END; } $comment->postedname = htmlspecialchars($comment->postedname, ENT_COMPAT, 'utf-8'); // turn commentor name into a link if they're a registered user // add rel="nofollow" to comment links if they're not if ($comment->owner > 0) { $commentownerusername = user_info('username', $comment->owner); $comment->postedname = '<a href="' . url . $commentownerusername . '/">' . $comment->postedname . '</a>'; $comment->icon = '<a href="' . url . $commentownerusername . '/">' . user_icon_html($comment->owner, 50) . "</a>"; $comment->body = run("weblogs:text:process", array($comment->body, false)); } else { $comment->icon = "<img src=\"" . $CFG->wwwroot . "_icons/data/default.png\" width=\"50\" height=\"50\" align=\"left\" alt=\"\" />"; $comment->body = run("weblogs:text:process", array($comment->body, true)); } $commentsbody .= templates_draw(array('context' => 'embeddedcomment', 'postedname' => $comment->postedname, 'body' => '<a name="cmt' . $comment->ident . '" id="cmt' . $comment->ident . '"></a>' . $comment->body, 'posted' => strftime("%A, %d %B %Y, %H:%M %Z", $comment->posted), 'usericon' => $comment->icon, 'permalink' => $thispageurl . "#cmt" . $comment->ident, 'links' => $commentmenu)); } $commentsbody = templates_draw(array('context' => 'embeddedcomments', 'paging' => $pagelinks, 'comments' => $commentsbody)); } $body = $item_details . $commentsbody . $run_result; } elseif ($comment_form_type == 'summary') { $count = count_records('comments', 'object_id', $object_id, 'object_type', $object_type); if (!isset($count) || $count == 0) { $comment_count = "0 " . __gettext("comments") . "."; } elseif ($count == 1) { $comment_count = "1 " . __gettext("comment") . "."; } else { $comment_count = $count . " " . __gettext("comments") . "."; } if ($parameters && strtoupper($parameters['comment_sort']) == 'DESC') { $comment_sort = '&comment_sort=DESC'; } $body = "<p>{$comment_count} <a href=\"{$CFG->wwwroot}mod/generic_comments/comment_page.php?object_id={$object_id}&object_type={$object_type}{$comment_sort}\">{$comment_form_text}</a>"; } elseif ($comment_form_type == 'inline') { // Funky javascript inline editing $count = count_records('comments', 'object_id', $object_id, 'object_type', $object_type); if (!isset($count) || $count == 0) { $comment_count = "0 " . __gettext("comments") . "."; } elseif ($count == 1) { $comment_count = "1 " . __gettext("comment") . "."; } else { $comment_count = $count . " " . __gettext("comments") . "."; } if ($parameters && strtoupper($parameters['comment_sort']) == 'DESC') { $comment_sort = '&comment_sort=DESC'; } // $field = display_input_field(array("new_comment","","longtext")); $field = <<<END \t\t<textarea name="new_comment" id="new_comment"></textarea> END; if (logged_on) { $userid = $_SESSION['userid']; } else { $userid = -1; } /* There now follows a selection of nasty hacks. Yes yes, I know this is ugly, but it means that it falls back cleanly if no javascript is supported. TODO: There must be a better way, but i'm too tired just now to think of one.*/ if (logged_on) { $comment_name = $_SESSION['name']; } else { $comment_name = __gettext("Guest"); } $thispageurl = generic_comments_add_parameter_to_url(get_url($object_id, $object_type), 'comment_sort', $sort_sequence); $comment_name_enc = templates_draw(array('context' => 'databox1', 'name' => __gettext("Your name"), 'column1' => "<input type=\"text\" name=\"postedname\" value=\"" . htmlspecialchars($comment_name, ENT_COMPAT, 'utf-8') . "\" />")); $postcomment = __gettext("Post comment..."); if ($comments = get_records_sql("SELECT * FROM {$CFG->prefix}comments WHERE object_id = {$object_id} AND object_type = '{$object_type}' ORDER BY posted {$sort_sequence}")) { $numcomments = count($comments); $pagelinks = ''; if (!empty($perpage) && $numcomments > $perpage) { $comments = array_slice($comments, $offset, $perpage); $numpages = ceil($numcomments / $perpage); $pagelinks = __gettext("Page: "); for ($i = 1; $i <= $numpages; $i++) { $pagenum = $i - 1; if ($pagenum != $page) { if ($pagenum) { $pageurl = generic_comments_add_parameter_to_url($thispageurl, 'commentpage', $pagenum); } //$pageurl = $thispageurl . (($pagenum) ? '.' . $pagenum : ''); $pagelinks .= ' <a href="' . $pageurl . '">' . $i . '</a>'; } else { $pagelinks .= ' ' . $i . ' '; } } //$thispageurl .= '.' . $page; $thispageurl = generic_comments_add_parameter_to_url($thispageurl, 'commentpage', $page); } foreach ($comments as $comment) { $commentmenu = ""; if (isloggedin() && ($comment->owner == $_SESSION['userid'] || run("permissions:check", array("comment:delete", $_SESSION['userid'], $comment->object_id, $comment->object_type)))) { $returnConfirm = __gettext("Are you sure you want to permanently delete this comment?"); $Delete = __gettext("Delete"); $commentmenu = <<<END \t <a href="{$CFG->wwwroot}mod/generic_comments/action_redirection.php?action=comment:delete&comment_form_type={$comment_form_type}&comment_delete={$comment->ident}" onclick="return confirm('{$returnConfirm}')">{$Delete}</a> END; } $comment->postedname = htmlspecialchars($comment->postedname, ENT_COMPAT, 'utf-8'); // turn commentor name into a link if they're a registered user // add rel="nofollow" to comment links if they're not if ($comment->owner > 0) { $commentownerusername = user_info('username', $comment->owner); $comment->postedname = '<a href="' . url . $commentownerusername . '/">' . $comment->postedname . '</a>'; $comment->icon = '<a href="' . url . $commentownerusername . '/">' . user_icon_html($comment->owner, 50) . "</a>"; $comment->body = run("weblogs:text:process", array($comment->body, false)); } else { $comment->icon = "<img src=\"" . $CFG->wwwroot . "_icons/data/default.png\" width=\"50\" height=\"50\" align=\"left\" alt=\"\" />"; $comment->body = run("weblogs:text:process", array($comment->body, true)); } $commentsbody .= templates_draw(array('context' => 'embeddedcomment', 'postedname' => $comment->postedname, 'body' => '<a name="cmt' . $comment->ident . '" id="cmt' . $comment->ident . '"></a>' . $comment->body, 'posted' => strftime("%A, %d %B %Y, %H:%M %Z", $comment->posted), 'usericon' => $comment->icon, 'permalink' => $thispageurl . "#cmt" . $comment->ident, 'links' => $commentmenu)); } $commentsbody = templates_draw(array('context' => 'embeddedcomments', 'paging' => $pagelinks, 'comments' => $commentsbody)); } $bodyfrm = <<<END \t\t\t<span style="cursor:hand; cursor:pointer" onclick="showhide('oid_{$object_id}')">{$comment_count} {$comment_form_text}</span> \t\t\t<div id="oid_{$object_id}" style="display:none"> \t\t\t\t{$commentsbody} \t\t\t\t<form id="comment_{$object_id}"> \t\t\t\t\t{$field} \t\t\t\t\t<input type="hidden" name="action" value="comment:add" /> \t\t\t\t\t<input type="hidden" name="object_id" value="{$object_id}" /> \t\t\t\t\t<input type="hidden" name="object_type" value="{$object_type}" /> \t\t\t\t\t<input type="hidden" name="owner" value="{$userid}" /> \t\t\t\t\t<input type="hidden" name="comment_form_type" value="integrated" /> \t\t\t\t\t<input type="hidden" name="comment_sort" value="{$comment_sort}" /> \t\t\t\t\t{$comment_name_enc} \t\t\t\t</form> \t\t\t\t<div id="ajaxmessages_{$object_id}"></div> \t\t\t\t<div id="ajaxmessages_post_{$object_id}"><input type="button" style="cursor:hand; cursor:pointer" onclick="sendcomment('{$CFG->wwwroot}mod/generic_comments/action_redirection.php','comment_{$object_id}', {$object_id})" value="{$postcomment}" /></div> \t\t\t</div> END; $body = ""; foreach (explode("\n", addslashes($bodyfrm)) as $line) { $body .= "document.write(\"" . trim($line) . "\");"; } } return $body; }
$comment->postedname = htmlspecialchars($comment->postedname, ENT_COMPAT, 'utf-8'); // turn commentor name into a link if they're a registered user // add rel="nofollow" to comment links if they're not if ($comment->owner > 0) { $commentownerusername = user_info('username', $comment->owner); $comment->postedname = '<a href="' . url . $commentownerusername . '/">' . $comment->postedname . '</a>'; $comment->icon = '<a href="' . url . $commentownerusername . '/">' . user_icon_html($comment->owner, 50) . "</a>"; $comment->body = run("weblogs:text:process", array($comment->body, false)); } else { $comment->icon = "<img src=\"" . user_icon_html(-1, 50) . "\" width=\"50\" height=\"50\" align=\"left\" alt=\"\" />"; $comment->body = run("weblogs:text:process", array($comment->body, true)); } $commentsbody .= templates_draw(array('context' => 'weblogcomment', 'postedname' => $comment->postedname, 'body' => '<a name="cmt' . $comment->ident . '" id="cmt' . $comment->ident . '"></a>' . $comment->body, 'posted' => strftime("%A, %d %B %Y, %H:%M %Z", $comment->posted), 'usericon' => $comment->icon, 'permalink' => $thispageurl . "#cmt" . $comment->ident, 'links' => $commentmenu)); } $commentsbody = templates_draw(array('context' => 'weblogcomments', 'paging' => $pagelinks, 'comments' => $commentsbody, 'comments_str' => $commentsStr)); } $run_result .= templates_draw(array('context' => 'weblogpost', 'date' => $date, 'username' => $username, 'usericon' => icon_html($usericon), 'body' => $body, 'fullname' => $fullname, 'title' => $postTitle, 'comments' => $commentsbody, 'links' => $links, 'postedby' => $postedby)); if (logged_on || !$CFG->disable_publiccomments && user_flag_get("publiccomments", $post->owner)) { $run_result .= run("weblogs:comments:add", $post); } else { $run_result .= "<p>" . __gettext("You must be logged in to post a comment.") . "</p>"; } $run_result .= run("weblogs:interesting:form", $post->ident); } else { // post is missing or prohibited $run_result .= templates_draw(array('context' => 'weblogpost', 'date' => "", 'username' => "", 'usericon' => user_icon_html(-1), 'body' => $body, 'fullname' => "", 'title' => $postTitle, 'comments' => "", 'links' => $links, 'postedby' => $postedby)); } } else { $run_result .= templates_draw(array('context' => 'weblogpost', 'date' => $date, 'username' => $username, 'usericon' => icon_html($usericon), 'body' => $body, 'fullname' => $fullname, 'title' => $postTitle, 'commentslink' => $comments, 'links' => $links, 'postedby' => $postedby)); } }