function main($id, $mode) { global $db, $user, $auth, $template; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; include $phpbb_root_path . 'includes/functions_favorites.' . $phpEx; $favfunct = new favorite_functions(); $action = request_var('action', ''); $submit = isset($_POST['submit']) ? true : false; $form_key = 'acp_favorites'; add_form_key($form_key); $this->tpl_name = 'acp_favorites'; $error = array(); switch ($mode) { case 'settings': /** * Validation types are: * string, int, bool, * script_path (absolute path in url - beginning with / and no trailing slash), * rpath (relative), rwpath (realtive, writable), path (relative path, but able to escape the root), wpath (writable) */ $display_vars = array('title' => 'ACP_FAVORITES_SETTINGS', 'vars' => array('legend1' => 'ACP_FAVORITES_SETTINGS', 'favorites_flist_length' => array('lang' => 'FAVORITES_FLIST_LENGTH', 'validate' => 'int', 'type' => 'text:3:4', 'explain' => true, 'append' => ' ' . $user->lang['FAVORITES_ROWS']), 'favorites_add_button_pos' => array('lang' => 'FAVORITES_ADD_BUTTON_POS', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_add_button_pos', 'explain' => true))); $this->new_config = $config; $cfg_array = isset($_REQUEST['config']) ? utf8_normalize_nfc(request_var('config', array('' => ''), true)) : $this->new_config; validate_config_vars($display_vars['vars'], $cfg_array, $error); if ($submit && !check_form_key($form_key)) { $error[] = $user->lang['FORM_INVALID']; } // Do not write values if there is an error if (sizeof($error)) { $submit = false; } // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to... foreach ($display_vars['vars'] as $config_name => $null) { if (strpos($config_name, 'legend') !== false) { continue; } if (!array_key_exists($config_name, $cfg_array)) { if ($config_name == 'favorites_flist_length') { $this->new_config[$config_name] = 10; set_config($config_name, 10); } else { if ($config_name == 'favorites_add_button_pos') { $this->new_config[$config_name] = 1; set_config($config_name, 1); } else { $this->new_config[$config_name] = 0; } } continue; } $this->new_config[$config_name] = $config_value = $cfg_array[$config_name]; if ($config_name == 'favorites_flist_length') { if ((int) $config_value < 1) { $config_value = 10; } } if ($config_name == 'favorites_add_button_pos') { if ((int) $config_value < 1 || (int) $config_value > 3) { $config_value = 1; } } if ($submit) { set_config($config_name, $config_value); } } if ($submit) { add_log('admin', 'LOG_CONFIG_' . strtoupper($mode)); $favfunct->refresh_forum_favorites(0); trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action)); } $this->page_title = $display_vars['title']; $template->assign_vars(array('L_TITLE' => $user->lang[$display_vars['title']], 'L_TITLE_EXPLAIN' => $user->lang[$display_vars['title'] . '_EXPLAIN'], 'S_ERROR' => sizeof($error) ? 1 : 0, 'ERROR_MSG' => implode('<br />', $error), 'S_SETTINGS' => true, 'U_ACTION' => $this->u_action)); // Output relevant page foreach ($display_vars['vars'] as $config_key => $vars) { if (!is_array($vars) && strpos($config_key, 'legend') === false) { continue; } if (strpos($config_key, 'legend') !== false) { $template->assign_block_vars('options', array('S_LEGEND' => true, 'LEGEND' => isset($user->lang[$vars]) ? $user->lang[$vars] : $vars)); continue; } $type = explode(':', $vars['type']); $l_explain = ''; if ($vars['explain'] && isset($vars['lang_explain'])) { $l_explain = isset($user->lang[$vars['lang_explain']]) ? $user->lang[$vars['lang_explain']] : $vars['lang_explain']; } else { if ($vars['explain']) { $l_explain = isset($user->lang[$vars['lang'] . '_EXPLAIN']) ? $user->lang[$vars['lang'] . '_EXPLAIN'] : ''; } } $template->assign_block_vars('options', array('KEY' => $config_key, 'TITLE' => isset($user->lang[$vars['lang']]) ? $user->lang[$vars['lang']] : $vars['lang'], 'S_EXPLAIN' => $vars['explain'], 'TITLE_EXPLAIN' => $l_explain, 'CONTENT' => build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars))); unset($display_vars['vars'][$config_key]); } break; case 'categories': $action = isset($_POST['create']) ? 'create' : request_var('action', ''); $save = isset($_REQUEST['save']) ? true : false; $u_action = $this->u_action; if ($action == 'edit') { $u_action .= "&action={$action}"; } $template->assign_vars(array('L_TITLE' => $user->lang['ACP_FAVORITES_CATEGORIES_CONFIG'], 'L_TITLE_EXPLAIN' => $user->lang['ACP_FAVORITES_CATEGORIES_CONFIG_EXPLAIN'], 'S_ERROR' => sizeof($error) ? true : false, 'ERROR_MSG' => implode('<br />', $error), 'S_SETTINGS' => false, 'S_CAT_OPTIONS' => $action == 'edit' ? true : false, 'U_ACTION' => $u_action)); switch ($action) { case 'activate': $cat_id = request_var('cat_id', 0); if (!$cat_id) { trigger_error($user->lang['NO_CAT_ID'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql = 'UPDATE ' . FAVORITES_CATEGORY_TABLE . "\n\t\t\t\t\t\t\tSET category_active = 1\n\t\t\t\t\t\t\tWHERE category_id = " . intval($cat_id); $db->sql_query($sql); $sql = 'SELECT category_name FROM ' . FAVORITES_CATEGORY_TABLE . "\n\t\t\t\t\t\t\tWHERE category_id = " . intval($cat_id); $result = $db->sql_query($sql); $cat_name = (string) $db->sql_fetchfield('category_name'); $db->sql_freeresult($result); add_log('admin', 'LOG_FAVORITES_CAT_ACTIVATE', $cat_name); break; case 'deactivate': $cat_id = request_var('cat_id', 0); if (!$cat_id) { trigger_error($user->lang['NO_CAT_ID'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql = 'UPDATE ' . FAVORITES_CATEGORY_TABLE . "\n\t\t\t\t\t\t\tSET category_active = 0\n\t\t\t\t\t\t\tWHERE category_id = " . intval($cat_id); $db->sql_query($sql); $sql = 'SELECT category_name FROM ' . FAVORITES_CATEGORY_TABLE . "\n\t\t\t\t\t\t\tWHERE category_id = " . intval($cat_id); $result = $db->sql_query($sql); $cat_name = (string) $db->sql_fetchfield('category_name'); $db->sql_freeresult($result); add_log('admin', 'LOG_FAVORITES_CAT_DEACTIVATE', $cat_name); break; case 'move_up': case 'move_down': $cat_order = request_var('order', 0); $order_total = $cat_order * 2 + ($action == 'move_up' ? -1 : 1); $sql = 'UPDATE ' . FAVORITES_CATEGORY_TABLE . "\n\t\t\t\t\t\t\tSET category_order = {$order_total} - category_order \n\t\t\t\t\t\t\tWHERE " . $db->sql_in_set('category_order', array($cat_order, $action == 'move_up' ? $cat_order - 1 : $cat_order + 1)); $db->sql_query($sql); break; case 'create': //get the new category name $new_cat = request_var('new_category_name', ''); if (!$new_cat) { trigger_error($user->lang['NO_CAT_TITLE'] . adm_back_link($this->u_action), E_USER_WARNING); } //figure out what order it should have $sql = 'SELECT MAX(category_order) as max_order FROM ' . FAVORITES_CATEGORY_TABLE; $result = $db->sql_query($sql); $new_cat_order = (int) $db->sql_fetchfield('max_order'); $new_cat_order++; $db->sql_freeresult($result); //create the new category $sql_ary = array('category_name' => $new_cat, 'category_order' => (int) $new_cat_order, 'category_active' => 0); $db->sql_query('INSERT INTO ' . FAVORITES_CATEGORY_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $db->sql_query($sql); break; case 'edit': $cat_id = request_var('cat_id', 0); if (!$cat_id) { trigger_error($user->lang['NO_CAT_ID'] . adm_back_link($this->u_action), E_USER_WARNING); } $cat = $favfunct->get_category_info($cat_id); if (!$save) { //display options //get current category name $template->assign_vars(array('CATEGORY_ID' => $cat['category_id'], 'CATEGORY_NAME' => $cat['category_name'])); } else { //save new input and return to main page $new_name = request_var('cat_name', ''); if (strcmp($cat['category_name'], $new_name) == 0) { trigger_error($user->lang['NO_CHANGE_CAT_TITLE'] . adm_back_link($this->u_action), E_USER_WARNING); } if (!$new_name) { trigger_error($user->lang['NO_CAT_TITLE'] . adm_back_link($this->u_action), E_USER_WARNING); } $sql = 'UPDATE ' . FAVORITES_CATEGORY_TABLE . "\n\t\t\t\t\t\t\t\tSET category_name = '" . $db->sql_escape($new_name) . "' \n\t\t\t\t\t\t\t\tWHERE category_id = " . intval($cat_id); $db->sql_query($sql); add_log('admin', 'LOG_FAVORITES_CAT_RENAME', $cat['category_name'], $new_name); trigger_error($user->lang['CHANGED_CATEGORY_TITLE'] . adm_back_link($this->u_action)); } break; case 'delete': $cat_id = request_var('cat_id', 0); $cat_id = intval($cat_id); if (!$cat_id) { trigger_error($user->lang['NO_CAT_ID'] . adm_back_link($this->u_action), E_USER_WARNING); } if (confirm_box(true)) { //Get category name and log message $cat = $favfunct->get_category_info($cat_id); add_log('admin', 'LOG_FAVORITES_CAT_DELETE', $cat['category_name']); //Delete all info from tables $sql = 'DELETE FROM ' . FAVORITES_CATEGORY_TABLE . " WHERE category_id = {$cat_id}"; //intval'd above so safe here $db->sql_query($sql); $sql = 'DELETE FROM ' . FAVORITES_SPECIAL_TABLE . " WHERE category_id = {$cat_id}"; $db->sql_query($sql); $sql = 'DELETE FROM ' . FAVORITES_USER_TABLE . " WHERE category_id = {$cat_id}"; $db->sql_query($sql); } else { confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('i' => $id, 'mode' => $mode, 'id' => $cat_id, 'action' => 'delete'))); } break; } if ($action != 'edit') { $categories = $favfunct->get_favorites_categories(1); foreach ($categories as $cat) { $active_lang = !$cat['category_active'] ? 'ACTIVATE' : 'DEACTIVATE'; $active_value = !$cat['category_active'] ? 'activate' : 'deactivate'; $id = $cat['category_id']; $order = $cat['category_order']; $template->assign_block_vars('categories', array('CATEGORY_ID' => $cat['category_id'], 'CATEGORY_NAME' => $cat['category_name'], 'L_ACTIVATE_DEACTIVATE' => $user->lang[$active_lang], 'U_ACTIVATE_DEACTIVATE' => $this->u_action . "&action={$active_value}&cat_id={$id}", 'U_EDIT' => $this->u_action . "&action=edit&cat_id={$id}", 'U_TRANSLATE' => $this->u_action . "&action=edit&cat_id={$id}&step=3", 'U_DELETE' => $this->u_action . "&action=delete&cat_id={$id}", 'U_MOVE_UP' => $this->u_action . "&action=move_up&order={$order}", 'U_MOVE_DOWN' => $this->u_action . "&action=move_down&order={$order}")); } } break; default: trigger_error('NO_MODE', E_USER_ERROR); break; } }
/** * Adds a favorite to a user's list. Passed array should have the following keys * * 'user_id' (int) - The userid you want to add to. * 'category_id' (int) - The category you to add to. * 'listitem_text' (string) - The text of the new favorite * 'listitem_url' (string) - The URL of the new favorite * * Checks for already existing item with same name. Returns 1 if successful, or an error code (listed below) * -1 = Invalid or missing user id passed * -2 = Invalid or missing category id passed * -3 = Invalid or missing item text passed * -4 = Item already exists in user's list */ function add_favorite_user($data) { global $db; //get data and return error if missing essential information $uid = $data['user_id'] ? $data['user_id'] : 0; $catid = $data['category_id'] ? $data['category_id'] : 0; $text = $data['listitem_text'] ? $data['listitem_text'] : ''; $url = $data['listitem_url'] ? $data['listitem_url'] : ''; $uid = intval($uid); $catid = intval($catid); if (!$uid) { return FAVORITES_ERR_INVALID_UID; //Invalid user ID } elseif (!$catid || $catid < 1) { return FAVORITES_ERR_INVALID_CATID; //Invalid category ID } elseif (!$text) { return FAVORITES_ERR_INVALID_TEXT; //Invalid item text } //check if already exists $sql = 'SELECT listitem_text FROM ' . FAVORITES_USER_TABLE . ' WHERE listitem_text = "' . $db->sql_escape($text) . "\" \n\t\t\tAND user_id={$uid} AND category_id={$catid}"; //uid and catid already intval'd so safe here $result = $db->sql_query($sql); $exists = $db->sql_fetchfield('listitem_text'); $db->sql_freeresult($result); if ($exists) { return FAVORITES_ERR_ITEM_EXISTS; //Item already in user's list } else { //figure out what item number it will be $sql = 'SELECT MAX(listitem_id) as max_id FROM ' . FAVORITES_USER_TABLE . " WHERE user_id = {$uid} AND category_id = {$catid}"; $result = $db->sql_query($sql); $new_id = (int) $db->sql_fetchfield('max_id'); $new_id++; $db->sql_freeresult($result); $sql_ary = array('user_id' => $uid, 'category_id' => $catid, 'listitem_id' => $new_id, 'listitem_text' => $text, 'listitem_url' => $url); $db->sql_query('INSERT INTO ' . FAVORITES_USER_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $favfunct = new favorite_functions(); $favfunct->refresh_forum_favorites($catid); return FAVORITES_SUCCESS; //Successfully added item } }
function main($id, $mode) { global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; $favfunct = new favorite_functions(); $preview = isset($_POST['preview']) ? true : false; $submit = isset($_POST['submit']) ? true : false; $error = $data = array(); $s_hidden_fields = ''; $uid = $user->data['user_id']; switch ($mode) { case 'edit': $favorites_listitems = $favorites_listitem_text = array(); //get the favorites list for this user $favorites_listitems = $favfunct->get_user_favorites((int) $user->data['user_id']); $box_text = array(); //setup how the boxes will be displayed. if there's a URL then show it foreach ($favorites_listitems as $catid => $cat) { $temp_ary = array(); foreach ($cat as $row) { $temp_ary[] = $row['listitem_url'] ? implode(", ", $row) : $row['listitem_text']; } $box_text[$catid] = $temp_ary ? implode("\n", $temp_ary) : ' '; } unset($favorites_listitems); //pull category names from database here //store them in $favorites_categories $favorites_categories = $favfunct->get_favorites_categories(); foreach ($favorites_categories as $cat) { $text_to_show = ""; if (isset($box_text[$cat['category_id']])) { $text_to_show = $box_text[$cat['category_id']] ? $box_text[$cat['category_id']] : ""; } $data[] = array('favorites_box' => utf8_normalize_nfc(request_var('favorites_box_' . $cat['category_id'], $text_to_show, true)), 'category_name' => utf8_normalize_nfc($cat['category_name']), 'category_id' => (int) $cat['category_id']); } if ($submit) { //get the text from the box, and split it up into a two dimensional array //first is row/item number, second has [0]=text, [1]=url (optional) foreach ($data as $cat) { $favorites_listitems = $unique_check = array(); //Set to blank if doesn't exist if (!array_key_exists($cat['category_id'], $box_text)) { $box_text[$cat['category_id']] = ''; } //Don't bother if nothing changed if (strcmp($cat['favorites_box'], $box_text[$cat['category_id']]) == 0) { continue; } //Check for duplicate entries and compile the new list if ($cat['favorites_box']) { $favoriteslist = explode("\n", trim($cat['favorites_box'])); foreach ($favoriteslist as $line) { $linearray = explode(",", trim($line)); array_walk($linearray, 'trim_value'); if (!isset($unique_check[strtoupper($linearray[0])])) { $unique_check[strtoupper($linearray[0])] = true; $favorites_listitems[] = array($linearray[0], isset($linearray[1]) ? $linearray[1] : ''); } else { $error[] = sprintf($user->lang['FAVORITES_DUP_DELETE_ERROR'], $linearray[0]); } } } $i = 1; foreach ($favorites_listitems as $item) { $where_fields = array('user_id' => $uid, 'category_id' => $cat['category_id'], 'listitem_id' => $i); $sql_ary = array('listitem_text' => $item[0], 'listitem_url' => $item[1] ? $item[1] : ''); $i++; $favfunct->update_insert(FAVORITES_USER_TABLE, $sql_ary, $where_fields); } $sql = 'DELETE FROM ' . FAVORITES_USER_TABLE . ' WHERE user_id = ' . intval($uid) . ' AND category_id = ' . intval($cat['category_id']) . " AND listitem_id >= {$i}"; $db->sql_query($sql); $favfunct->refresh_forum_favorites($cat['category_id']); unset($i); } //display confirmation message to the user $message = $user->lang['FAVORITES_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>'); //if there are errors, display them and don't auto-redirect if (sizeof($error) == 0) { meta_refresh(3, $this->u_action); trigger_error($message); } else { trigger_error(implode('<br />', $error) . '<br /><br />' . $message); } } $template->assign_vars(array('ERROR' => sizeof($error) ? implode('<br />', $error) : '')); foreach ($data as $cat) { $template->assign_block_vars('favorites_boxes', array('ID' => 'favorites_box_' . $cat['category_id'], 'FAVORITES_BOX' => $cat['favorites_box'], 'L_CATEGORY_NAME' => $user->lang['FAVORITES_CAT_PREFIX'] . $cat['category_name'])); } break; case 'view_list': //Add the image graphics $template->assign_vars(array('IMG_ADD_BUTTON' => $user->img('icon_ffavorites_add', '', '', '', 'src'), 'IMG_SEARCH_BUTTON' => $user->img('icon_ffavorites_search', '', '', '', 'src'))); //pull category names from database here //store them in order in $favorites_categories $favorites_categories = $favfunct->get_favorites_categories(); //Check to make sure categories have been set if (sizeof($favorites_categories) == 0) { // //If no categories, display an error message. $template->assign_vars(array('MESSAGE' => $user->lang['FAVORITES_NOCATS_ERROR'], 'ERROR' => 1)); break; } //get the category to view $catid = request_var('catid', 0); //If none is set, use the first active one if ($catid == 0) { $catid = $favorites_categories[0]['category_id']; } //Load all the categories to the template variable, and figure out the name of the current one foreach ($favorites_categories as $cat) { $template->assign_block_vars('categories', array('NAME' => $cat['category_name'], 'ID' => $cat['category_id'])); if ($cat['category_id'] == $catid) { $template->assign_vars(array('CURRENT_CAT_NAME' => $cat['category_name'])); } } $button_before = $button_after = $button_col = false; $button_pos = $config['favorites_add_button_pos']; switch ($button_pos) { case 1: default: $button_before = true; break; case 2: $button_after = true; break; case 3: $button_col = true; break; } $template->assign_vars(array('CURRENT_CAT' => $catid, 'S_BUTTON_BEFORE' => $button_before, 'S_BUTTON_AFTER' => $button_after, 'S_BUTTON_COL' => $button_col)); $message = ''; //Add favorite item to user's list if requested $add_item = request_var('add_item', 'null'); if ($add_item != 'null') { $add_text = utf8_normalize_nfc(request_var('text', '', true)); $add_url = utf8_normalize_nfc(request_var('url', '', true)); $result = $favfunct->add_favorite_user(array('user_id' => $uid, 'category_id' => $catid, 'listitem_text' => $add_text, 'listitem_url' => $add_url)); switch ((int) $result) { case FAVORITES_SUCCESS: $message = sprintf($user->lang['FAVORITES_ADD_SUCCESS'], $add_text); break; case FAVORITES_ERR_INVALID_UID: $message = $user->lang['FAVORITES_UID_ERROR']; break; case FAVORITES_ERR_INVALID_CATID: $message = $user->lang['FAVORITES_CATID_ERROR']; break; case FAVORITES_ERR_INVALID_TEXT: $message = $user->lang['FAVORITES_TEXT_ERROR']; break; case FAVORITES_ERR_ITEM_EXISTS: $message = $user->lang['FAVORITES_DUP_ITEM_ERROR']; break; default: $message = $user->lang['FAVORITES_GENERIC_ERROR']; break; } $template->assign_vars(array('MESSAGE' => $message)); } //Display list of users with selected favorite if requested $view_users = request_var('view_users', 'null'); if ($view_users != 'null') { if ($message) { $message .= '<br /><br />'; } $text = utf8_normalize_nfc(request_var('text', '', true)); if (!$text) { $message .= $user->lang['FAVORITES_TEXT_ERROR']; } else { $result = $favfunct->get_favorite_users(array('category_id' => $catid, 'listitem_text' => $text)); $message .= sprintf($user->lang['FAVORITES_SEARCH_RESULTS'], sizeof($result), $text) . '<br /><br />'; foreach ($result as $row) { $message .= '<a href="' . append_sid("{$phpbb_root_path}memberlist.{$phpEx}?mode=viewprofile&u=" . intval($row['user_id'])) . '">' . $row['username'] . '</a>, '; } $message = substr($message, 0, -2); } $template->assign_vars(array('MESSAGE' => $message)); } //Get list of forum favorites from the database $fav_list_ary = $favfunct->get_forum_favorites($catid); for ($i = 0, $size = sizeof($fav_list_ary); $i < $size; $i++) { $template->assign_block_vars('fav_list', array('COUNT' => $fav_list_ary[$i]['listitem_count'], 'TEXT' => $fav_list_ary[$i]['listitem_text'], 'URL' => $fav_list_ary[$i]['listitem_url'])); } break; } $template->assign_vars(array('L_TITLE' => $user->lang['UCP_FAVORITES_' . strtoupper($mode)], 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => $this->u_action)); // Set desired template $this->tpl_name = 'ucp_favorites_' . $mode; $this->page_title = 'UCP_FAVORITES_' . strtoupper($mode); }