/** * Generates the HTML to display the user profile tab * @param moscomprofilerTab $tab the tab database entry * @param moscomprofilerUser $user the user being displayed * @param int $ui 1 for front-end, 2 for back-end * @return mixed either string HTML for tab content, or false if ErrorMSG generated */ function getDisplayTab($tab, $user, $ui) { global $_CB_framework, $_CB_database, $ueConfig; // Display shortest connection path / Degree of relationship: $return = ""; if ($_CB_framework->myId() != $user->id && $_CB_framework->myId() > 0 && isset($ueConfig['connectionPath']) && $ueConfig['connectionPath'] && $ueConfig['allowConnections']) { $return .= $this->_writeTabDescription($tab, $user); $return .= "\t\t<div class=\"cbConnectionPaths\">"; $i = 0; $cbCon = new cbConnection($_CB_framework->myId()); $congroups = $cbCon->getDegreeOfSepPath($_CB_framework->myId(), $user->id); $directConDetails = $cbCon->getConnectionDetails($_CB_framework->myId(), $user->id); if (is_array($congroups) && count($congroups) > 2) { cbArrayToInts($congroups); $query = "SELECT u.name,u.email,u.username,c.avatar,c.avatarapproved, u.id " . "\n FROM #__comprofiler AS c" . "\n LEFT JOIN #__users AS u ON c.id=u.id" . "\n WHERE c.id IN (" . implode(',', $congroups) . ")" . "\n AND c.approved=1 AND c.confirmed=1 AND c.banned=0 AND u.block=0"; $_CB_database->setQuery($query); $connections = $_CB_database->loadObjectList('id'); $prevConID = null; $prevConName = null; if (isset($connections[$user->id])) { $live_site = $_CB_framework->getCfg('live_site'); $return .= _UE_CONNECTIONPATH1 . getNameFormat($connections[$user->id]->name, $connections[$user->id]->username, $ueConfig['name_format']) . " ( " . $cbCon->getDegreeOfSep() . _UE_CONNECTIONPATH2; foreach ($congroups as $congroup) { if ($i != 0) { $return .= ' <img src="' . $live_site . '/components/com_comprofiler/images/arrow.png" alt="" /> '; } $conName = getNameFormat($connections[$congroup]->name, $connections[$congroup]->username, $ueConfig['name_format']); if ($congroup != $_CB_framework->myId() && isset($connections[$congroup])) { $conDetail = $cbCon->getConnectionDetails($prevConID, $congroup); $conAvatar = getFieldValue('image', $connections[$congroup]->avatar, $connections[$congroup]); $tipField = "<b>" . _UE_CONNECTEDSINCE . "</b> : " . dateConverter($conDetail->membersince, 'Y-m-d', $ueConfig['date_format']); if (getLangDefinition($conDetail->type) != null) { $tipField .= "<br /><b>" . _UE_CONNECTIONTYPE . "</b> : " . getConnectionTypes($conDetail->type); } if ($conDetail->description != null) { $tipField .= "<br /><b>" . _UE_CONNECTEDCOMMENT . "</b> : " . htmlspecialchars($conDetail->description); } $tipField .= "<div style=\"text-align:center;margin:8px;\">" . htmlspecialchars(preg_replace('/onclick\\s*=\\s*".+"/Uis', "", $conAvatar), ENT_QUOTES) . "</div>"; $tipTitle = $prevConName . _UE_DETAILSABOUT . str_replace("'", "&#039;", $conName); $htmltext = $conName; $href = 'javascript:void(0)'; if ($congroup != $user->id) { $href = cbSef("index.php?option=com_comprofiler&task=userProfile&user="******"<br />" . sprintf(_UE_DIRECTCONNECTIONPENDINGACCEPTANCE, getNameFormat($user->name, $user->username, $ueConfig['name_format'])); } } else { $return .= _UE_NOESTABLISHEDCONNECTION . getNameFormat($user->name, $user->username, $ueConfig['name_format']); } } elseif (is_array($congroups) && count($congroups) == 2) { $return .= _UE_DIRECTCONNECTION . getNameFormat($user->name, $user->username, $ueConfig['name_format']); } else { if ($directConDetails !== false && $directConDetails->pending) { $return .= "<br />" . sprintf(_UE_DIRECTCONNECTIONPENDINGACCEPTANCE, getNameFormat($user->name, $user->username, $ueConfig['name_format'])); } else { $return .= _UE_NOESTABLISHEDCONNECTION . getNameFormat($user->name, $user->username, $ueConfig['name_format']); } } $return .= "</div>"; } return $return; }
/** * Generates the HTML to display the user profile tab * * @param \CB\Database\Table\TabTable $tab the tab database entry * @param \CB\Database\Table\UserTable $user the user being displayed * @param int $ui 1 for front-end, 2 for back-end * @return string|boolean Either string HTML for tab content, or false if ErrorMSG generated */ public function getDisplayTab($tab, $user, $ui) { global $_CB_framework, $_CB_database, $ueConfig; $return = null; if ($_CB_framework->myId() != $user->id && $_CB_framework->myId() > 0 && (isset($ueConfig['connectionPath']) && $ueConfig['connectionPath']) && $ueConfig['allowConnections']) { $myCBUser = CBuser::getInstance((int) $user->id, false); $myName = $myCBUser->getField('formatname', null, 'html', 'none', 'profile', 0, true); $myAvatar = $myCBUser->getField('avatar', null, 'html', 'none', 'profile', 0, true, array('_hideApproval' => 1)); $i = 0; $cbCon = new cbConnection($_CB_framework->myId()); $conGroups = $cbCon->getDegreeOfSepPath($_CB_framework->myId(), $user->id); $directConDetails = $cbCon->getConnectionDetails($_CB_framework->myId(), $user->id); $addConnURL = $_CB_framework->viewUrl('addconnection', true, array('connectionid' => (int) $user->id)); $removeConnURL = $_CB_framework->viewUrl('removeconnection', true, array('connectionid' => (int) $user->id)); $acceptConnURL = $_CB_framework->viewUrl('acceptconnection', true, array('connectionid' => (int) $user->id)); $denyConnURL = $_CB_framework->viewUrl('denyconnection', true, array('connectionid' => (int) $user->id)); if ($ueConfig['conNotifyType'] != 0) { cbValidator::loadValidation(); $tooltipTitle = sprintf(CBTxt::T('UE_CONNECTTO', 'Connect to %s'), $myName); $ooltipHTML = '<div class="form-group cb_form_line clearfix">' . CBTxt::Th('UE_CONNECTIONINVITATIONMSG', 'Personalize your invitation to connect by adding a message that will be included with your connection.') . '</div>' . '<form action="' . $addConnURL . '" method="post" id="connOverForm" name="connOverForm" class="cb_form cbValidation">' . '<div class="form-group cb_form_line clearfix">' . '<label for="message" class="control-label">' . CBTxt::T('UE_MESSAGE', 'Message') . '</label>' . '<div class="cb_field">' . '<textarea cols="40" rows="8" name="message" class="form-control"></textarea>' . '</div>' . '</div>' . '<div class="form-group cb_form_line clearfix">' . '<input type="submit" class="btn btn-primary cbConnReqSubmit" value="' . htmlspecialchars(CBTxt::Th('UE_SENDCONNECTIONREQUEST', 'Request Connection')) . '"' . cbValidator::getSubmitBtnHtmlAttributes() . ' />' . ' <input type="button" id="cbConnReqCancel" class="btn btn-default cbConnReqCancel cbTooltipClose" value="' . htmlspecialchars(CBTxt::Th('UE_CANCELCONNECTIONREQUEST', 'Cancel')) . '" />' . '</div>' . '</form>'; $tooltip = cbTooltip($ui, $ooltipHTML, $tooltipTitle, 400, null, null, null, 'data-hascbtooltip="true" data-cbtooltip-modal="true"'); } else { $tooltip = null; } $connected = '<div class="cbConnectionPaths alert alert-info">' . CBTxt::Th('CONNECTIONS_YOU_ARE_DIRECTLY_CONNECTED_WITH_USER', 'You are directly connected with [user]', array('[user]' => $myAvatar)) . '</div>'; $requestConnection = '<div class="cbConnectionPaths alert alert-info clearfix">' . '<div class="cbConnPathMessage col-sm-8">' . CBTxt::Th('CONNECTIONS_YOU_HAVE_NO_CONNECTION_WITH_USER', 'You have no established connection with [user]', array('[user]' => $myAvatar)) . '</div>' . '<div class="cbConnPathActions col-sm-4 text-right">' . '<input type="button" value="' . htmlspecialchars(CBTxt::Th('Request Connection')) . '" class="btn btn-success cbConnPathAccept"' . ($tooltip ? ' ' . $tooltip : ' onclick="location.href = \'' . addslashes($addConnURL) . '\';"') . ' />' . '</div>' . '</div>'; $cancelRequest = '<div class="cbConnectionPaths alert alert-info clearfix">' . '<div class="cbConnPathMessage col-sm-8">' . CBTxt::Th('CONNECTIONS_YOUR_CONNECTION_REQUEST_WITH_USER_IS_PENDING', 'Your connection request with [user] is pending acceptance', array('[user]' => $myAvatar)) . '</div>' . '<div class="cbConnPathActions col-sm-4 text-right">' . '<input type="button" value="' . htmlspecialchars(CBTxt::Th('Cancel Request')) . '" class="btn btn-danger cbConnPathReject" onclick="if ( confirm( \'' . addslashes(CBTxt::T('UE_CONFIRMREMOVECONNECTION', 'Are you sure you want to remove this connection?')) . '\' ) ) { location.href = \'' . addslashes($removeConnURL) . '\'; } else { return false }" />' . '</div>' . '</div>'; $acceptDenyRequest = '<div class="cbConnectionPaths alert alert-info clearfix">' . '<div class="cbConnPathMessage col-sm-8">' . CBTxt::Th('CONNECTIONS_THE_CONNECTION_WITH_USER_IS_PENDING_YOUR_ACCEPTANCE', 'The connection with [user] is pending your acceptance', array('[user]' => $myAvatar)) . '</div>' . '<div class="cbConnPathActions col-sm-4 text-right">' . '<input type="button" value="' . htmlspecialchars(CBTxt::Th('Accept')) . '" class="btn btn-success cbConnPathAccept" onclick="location.href = \'' . addslashes($acceptConnURL) . '\';" />' . ' <input type="button" value="' . htmlspecialchars(CBTxt::Th('Reject')) . '" class="btn btn-danger cbConnPathReject" onclick="if ( confirm( \'' . addslashes(CBTxt::T('UE_CONFIRMREMOVECONNECTION', 'Are you sure you want to remove this connection?')) . '\' ) ) { location.href = \'' . addslashes($denyConnURL) . '\'; } else { return false }" />' . '</div>' . '</div>'; $return .= $this->_writeTabDescription($tab, $user); if (is_array($conGroups) && count($conGroups) > 2) { cbArrayToInts($conGroups); $query = "SELECT u.name, u.email, u.username, c.avatar, c.avatarapproved, u.id " . "\n FROM #__comprofiler AS c" . "\n LEFT JOIN #__users AS u ON c.id=u.id" . "\n WHERE c.id IN (" . implode(',', $conGroups) . ")" . "\n AND c.approved=1 AND c.confirmed=1 AND c.banned=0 AND u.block=0"; $_CB_database->setQuery($query); $connections = $_CB_database->loadObjectList('id'); $prevConID = null; $prevConName = null; if (isset($connections[$user->id])) { $return .= '<div class="cbConnectionPaths alert alert-info">' . CBTxt::Th('CONNECTIONS_YOUR_CONNECTION_PATH_TO_USER_OF_DEGREE_IS', 'Your connection path to [user] of [degrees] degrees is ', array('[user]' => $myAvatar, '[degrees]' => $cbCon->getDegreeOfSep())); foreach ($conGroups as $conGroup) { $cbUser = CBuser::getInstance((int) $conGroup); if (!$cbUser) { $cbUser = CBuser::getInstance(null); } if ($i != 0) { $return .= ' <span class="fa fa-chevron-right fa-sm"></span> '; } $conName = $cbUser->getField('formatname', null, 'html', 'none', 'profile', 0, true); $conAvatar = $cbUser->getField('avatar', null, 'html', 'none', 'profile', 0, true, array('_hideApproval' => 1)); if ($conGroup != $_CB_framework->myId() && isset($connections[$conGroup])) { $conDetail = $cbCon->getConnectionDetails($prevConID, $conGroup); $tipField = getConnectionTab::renderConnectionToolTip($conDetail); $tipField .= '<div style="text-align: center; margin: 8px;">' . $cbUser->getField('avatar', null, 'html', 'none', 'list', 0, true) . '</div>'; $tipTitle = $prevConName . CBTxt::T('UE_DETAILSABOUT', ' Details About [PERSON_NAME]', array('[PERSON_NAME]' => htmlspecialchars($conName))); if ($conGroup != $user->id) { $href = $_CB_framework->userProfileUrl((int) $conGroup); } else { $href = null; } $return .= cbTooltip($ui, $tipField, $tipTitle, 300, null, $conAvatar, $href); } else { $return .= $conAvatar; } $i++; $prevConID = $conGroup; $prevConName = $conName; } $return .= '</div>'; if ($directConDetails !== false && $directConDetails->pending) { $return .= $cancelRequest; } elseif ($directConDetails !== false && !$directConDetails->accepted) { $return .= $acceptDenyRequest; } elseif ($directConDetails === false) { $return .= $requestConnection; } } else { $return .= $requestConnection; } } elseif (is_array($conGroups) && count($conGroups) == 2) { $return .= $connected; } else { if ($directConDetails !== false && $directConDetails->pending) { $return .= $cancelRequest; } elseif ($directConDetails !== false && !$directConDetails->accepted) { $return .= $acceptDenyRequest; } else { $return .= $requestConnection; } } } return $return; }
/** * Checks if user has increment access to this field * * @param FieldTable $field * @param UserTable $user * @return boolean */ private function getIncrementAccess(&$field, &$user) { global $_CB_framework, $_CB_database; static $cache = array(); $myId = (int) $_CB_framework->myId(); $userId = (int) $user->get('id'); $fieldId = (int) $field->get('fieldid'); $ipAddresses = cbGetIParray(); $ipAddress = trim(array_shift($ipAddresses)); $incrementDelay = $field->params->get('points_inc_delay', null); $customDelay = $field->params->get('points_inc_delay_custom', null); $cacheId = $myId . $userId . $fieldId; if (!isset($cache[$cacheId])) { $ratingAccess = (int) $field->params->get('points_access', 1); $excludeSelf = (int) $field->params->get('points_access_exclude', 0); $includeSelf = (int) $field->params->get('points_access_include', 0); $viewAccessLevel = (int) $field->params->get('points_access_custom', 1); $access = false; switch ($ratingAccess) { case 8: if (Application::MyUser()->canViewAccessLevel($viewAccessLevel) && ($userId == $myId && !$excludeSelf || $userId != $myId)) { $access = true; } break; case 7: if (Application::MyUser()->isModeratorFor(Application::User((int) $userId)) && ($userId == $myId && !$excludeSelf || $userId != $myId)) { $access = true; } break; case 6: if ($userId != $myId) { $cbConnection = new cbConnection($userId); if ($cbConnection->getConnectionDetails($userId, $myId) !== false) { $access = true; } } else { if ($userId == $myId && $includeSelf) { $access = true; } } break; case 5: if ($myId == 0 && $userId != $myId || $userId == $myId && $includeSelf) { $access = true; } break; case 4: if ($myId > 0 && ($userId == $myId && !$excludeSelf || $userId != $myId)) { $access = true; } break; case 3: if ($userId != $myId) { $access = true; } break; case 2: if ($userId == $myId) { $access = true; } break; case 1: default: if ($userId == $myId && !$excludeSelf || $userId != $myId) { $access = true; } break; } $cache[$cacheId] = $access; } $canAccess = $cache[$cacheId]; if ($canAccess && $incrementDelay) { $query = 'SELECT ' . $_CB_database->NameQuote('date') . "\n FROM " . $_CB_database->NameQuote('#__comprofiler_ratings') . "\n WHERE " . $_CB_database->NameQuote('type') . " = " . $_CB_database->Quote('field') . "\n AND " . $_CB_database->NameQuote('item') . " = " . $fieldId . "\n AND " . $_CB_database->NameQuote('target') . " = " . $userId . "\n AND " . $_CB_database->NameQuote('user_id') . " = " . $myId; if ($myId == 0) { $query .= "\n AND " . $_CB_database->NameQuote('ip_address') . " = " . $_CB_database->Quote($ipAddress); } $query .= "\n ORDER BY " . $_CB_database->NameQuote('date') . " DESC"; $_CB_database->setQuery($query, 0, 1); $incrementDate = $_CB_database->loadResult(); if ($incrementDate) { if ($incrementDelay == 'FOREVER') { $canAccess = false; } elseif ($incrementDelay == 'CUSTOM') { if ($customDelay && $_CB_framework->getUTCTimestamp(strtoupper($customDelay), $_CB_framework->getUTCTimestamp($incrementDate)) >= $_CB_framework->getUTCNow()) { $canAccess = false; } } elseif ($_CB_framework->getUTCTimestamp($incrementDelay, $_CB_framework->getUTCTimestamp($incrementDate)) >= $_CB_framework->getUTCNow()) { $canAccess = false; } } } return $canAccess; }
/** * @param cbautoactionsActionTable $trigger * @param UserTable $user */ public function execute( $trigger, $user ) { global $ueConfig; if ( ! $user->get( 'id' ) ) { if ( $trigger->getParams()->get( 'debug', false, GetterInterface::BOOLEAN ) ) { var_dump( CBTxt::T( 'AUTO_ACTION_CONNECTION_NO_USER', ':: Action [action] :: Connection skipped due to no user', array( '[action]' => (int) $trigger->get( 'id' ) ) ) ); } return; } foreach ( $trigger->getParams()->subTree( 'connection' ) as $row ) { /** @var ParamsInterface $row */ $users = $trigger->getSubstituteString( $row->get( 'users', null, GetterInterface::STRING ) ); if ( $users ) { $users = explode( ',', $users ); cbArrayToInts( $users ); $message = $trigger->getSubstituteString( $row->get( 'message', null, GetterInterface::RAW ), false ); $mutual = $row->get( 'mutual', 2, GetterInterface::INT ); $cross = $row->get( 'cross', 1, GetterInterface::INT ); $notify = $row->get( 'notify', 0, GetterInterface::BOOLEAN ); if ( $mutual ) { $oldMutual = $ueConfig['useMutualConnections']; $ueConfig['useMutualConnections'] = ( $mutual == 1 ? '1' : '0' ); } if ( $cross ) { $oldCross = $ueConfig['autoAddConnections']; $ueConfig['autoAddConnections'] = ( $cross == 1 ? '1' : '0' ); } if ( $row->get( 'direction', 0, GetterInterface::BOOLEAN ) ) { foreach ( $users as $userId ) { if ( $userId != $user->get( 'id' ) ) { $connections = new cbConnection( $userId ); if ( ! $connections->getConnectionDetails( $userId, $user->get( 'id' ) ) ) { $connections->addConnection( $user->get( 'id' ), $message, $notify ); } } } } else { $connections = new cbConnection( $user->get( 'id' ) ); foreach ( $users as $userId ) { if ( $userId != $user->get( 'id' ) ) { if ( ! $connections->getConnectionDetails( $user->get( 'id' ), $userId ) ) { $connections->addConnection( $userId, $message, $notify ); } } } } if ( $mutual ) { $ueConfig['useMutualConnections'] = $oldMutual; } if ( $cross ) { $ueConfig['autoAddConnections'] = $oldCross; } } } }
/** * @param int $userId * @return mixed */ public function isAuthorized( $userId ) { global $_PLUGINS; static $cache = array(); $id = (int) $this->get( 'id' ); $owner = (int) $this->get( 'user_id' ); $userId = (int) $userId; if ( ! isset( $cache[$userId][$id] ) ) { $rules = explode( '|*|', $this->get( 'rule' ) ); $cache[$userId][$id] = false; $_PLUGINS->trigger( 'privacy_onBeforeIsAuthorized', array( &$cache[$userId][$id], $rules, $userId, $this ) ); if ( empty( $rules ) || in_array( '0', $rules ) || ( $userId == $owner ) ) { $cache[$userId][$id] = true; } elseif ( in_array( '1', $rules ) ) { if ( $userId > 0 ) { $cache[$userId][$id] = true; } } elseif ( in_array( '99', $rules ) ) { $cache[$userId][$id] = false; } else { $types = array(); foreach ( $rules as $rule ) { if ( substr( $rule, 0, 5 ) == 'CONN-' ) { $types[] = str_replace( 'CONN-', '', $rule ); } } $access = array(); foreach ( $rules as $rule ) { if ( substr( $rule, 0, 7 ) == 'ACCESS-' ) { $access[] = str_replace( 'ACCESS-', '', $rule ); } } $groups = array(); foreach ( $rules as $rule ) { if ( substr( $rule, 0, 6 ) == 'GROUP-' ) { $groups[] = str_replace( 'GROUP-', '', $rule ); } } if ( ( $cache[$userId][$id] == false ) && ( in_array( '2', $rules ) || $types ) ) { static $connections = array(); if ( ! isset( $connections[$userId][$owner] ) ) { $cbConnection = new cbConnection( $userId ); $connections[$userId][$owner] = $cbConnection->getConnectionDetails( $owner, $userId ); } $connection = $connections[$userId][$owner]; if ( $connection && ( $connection->accepted == 1 ) && ( $connection->pending == 0 ) ) { if ( in_array( '2', $rules ) ) { $cache[$userId][$id] = true; } else { if ( $connection->type ) { $connTypes = explode( '|*|', $connection->type ); foreach ( $connTypes as $connType ) { if ( in_array( trim( htmlspecialchars( $connType ) ), $types ) ) { $cache[$userId][$id] = true; } } } } } } if ( ( $cache[$userId][$id] == false ) && in_array( '3', $rules ) ) { static $subConnections = array(); if ( ! isset( $subConnections[$userId][$owner] ) ) { $cbConnection = new cbConnection( $userId ); $subConnections[$userId][$owner] = $cbConnection->getDegreeOfSepPathArray( $owner, $userId, 1, 2 ); } if ( ! empty( $subConnections[$userId][$owner] ) ) { $cache[$userId][$id] = true; } } if ( ( $cache[$userId][$id] == false ) && $access ) { static $accessLevels = array(); if ( ! isset( $accessLevels[$userId] ) ) { $accessLevels[$userId] = Application::User( $userId )->getAuthorisedViewLevels(); } $usersAccess = $accessLevels[$userId]; foreach ( $access as $accessLevel ) { if ( ( $cache[$userId][$id] == false ) && in_array( $accessLevel, $usersAccess ) ) { $cache[$userId][$id] = true; } } } if ( ( $cache[$userId][$id] == false ) && $groups ) { static $userGroups = array(); if ( ! isset( $userGroups[$userId] ) ) { $userGroups[$userId] = Application::User( $userId )->getAuthorisedGroups(); } $usersGroups = $userGroups[$userId]; foreach ( $groups as $group ) { if ( ( $cache[$userId][$id] == false ) && in_array( $group, $usersGroups ) ) { $cache[$userId][$id] = true; } } } } $_PLUGINS->trigger( 'privacy_onAfterIsAuthorized', array( &$cache[$userId][$id], $rules, $userId, $this ) ); } return $cache[$userId][$id]; }
/** * Checks if two users are completely conntected (accepted and not pending) * * @param int $fromUser * @param int $toUser * * @return bool */ static public function isConnected( $fromUser, $toUser ) { static $cache = array(); if ( ! isset( $cache[$fromUser][$toUser] ) ) { if ( Application::Config()->get( 'allowConnections' ) ) { $cbConnection = new \cbConnection( $fromUser ); $details = $cbConnection->getConnectionDetails( $fromUser, $toUser ); $connected = ( ( $details !== false ) && ( $details->get( 'pending' ) == 0 ) && ( $details->get( 'accepted' ) == 1 ) ? true : false ); } else { $connected = false; } $cache[$fromUser][$toUser] = $connected; } return $cache[$fromUser][$toUser]; }