function display() { global $conn, $config, $lang; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); require_once $config['basepath'] . '/include/user.inc.php'; $userclass = new user(); require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); require_once $config['basepath'] . '/include/blog_functions.inc.php'; $blog_functions = new blog_functions(); // Make Sure we passed the PageID $display = ''; if (!isset($_GET['ArticleID']) && intval($_GET['ArticleID']) <= 0) { $display .= "ERROR. PageID not sent"; } else { $blog_id = intval($_GET['ArticleID']); //Check if we posted a comment. if (isset($_SESSION['userID']) && $_SESSION['userID'] > 0 && isset($_POST['comment_text']) && strlen($_POST['comment_text']) > 0) { require_once $config['basepath'] . '/include/blog_editor.inc.php'; $blog_comment = $misc->make_db_safe(blog_editor::htmlEncodeText($_POST['comment_text'])); if ($config['blog_requires_moderation'] == 1) { $moderated = 0; } else { $moderated = 1; } $sql = "INSERT INTO " . $config['table_prefix'] . "blogcomments (userdb_id,blogcomments_timestamp,blogcomments_text,blogmain_id,blogcomments_moderated) VALUES\n\t\t\t\t(" . intval($_SESSION['userID']) . "," . time() . ",{$blog_comment},{$blog_id},{$moderated});"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } } //$display .= '<div class="page_display">'; $sql = "SELECT blogmain_full,blogmain_id FROM " . $config['table_prefix'] . "blogmain WHERE blogmain_id=" . $blog_id; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $full = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogmain_full']), ENT_NOQUOTES, $config['charset']); //$full = $misc->make_db_unsafe($recordSet->fields['blogmain_full']); $full = preg_replace('/\\<hr.*?\\>/', '', $full, 1); $id = $recordSet->fields['blogmain_id']; if ($config["wysiwyg_execute_php"] == 1) { ob_start(); $full = str_replace("<!--<?php", "<?php", $full); $full = str_replace("?>-->", "?>", $full); eval('?>' . "{$full}" . '<?php '); $full = ob_get_contents(); ob_end_clean(); } //Load Template $page->load_page($config['template_path'] . '/blog_article.html'); //Start Replacing Tags $blog_title = $blog_functions->get_blog_title($id); $page->page = $page->parse_template_section($page->page, 'blog_title', $blog_title); $blog_author = $blog_functions->get_blog_author($id); $page->page = $page->parse_template_section($page->page, 'blog_author', $blog_author); $blog_comment_count = $blog_functions->get_blog_comment_count($id); $page->page = $page->parse_template_section($page->page, 'blog_comment_count', $blog_comment_count); $blog_date_posted = $blog_functions->get_blog_date($id); $page->page = $page->parse_template_section($page->page, 'blog_date_posted', $blog_date_posted); $page->page = $page->parse_template_section($page->page, 'blog_full_article', $full); // Allow Admin To Edit # if (isset($_SESSION['editblog']) && $_SESSION['admin_privs'] == 'yes' && $config["wysiwyg_show_edit"] == 1) { $admin_edit_link .= "{$config['baseurl']}/admin/index.php?action=edit_blog&id={$id}"; $page->page = $page->parse_template_section($page->page, 'admin_edit_link', $admin_edit_link); $page->page = $page->cleanup_template_block('admin_edit_link', $page->page); } else { $page->page = $page->remove_template_block('admin_edit_link', $page->page); } //Deal with COmments $sql = "SELECT blogcomments_id,userdb_id,blogcomments_timestamp,blogcomments_text FROM " . $config['table_prefix'] . "blogcomments WHERE blogmain_id = " . $id . " AND blogcomments_moderated = 1 ORDER BY blogcomments_timestamp ASC;"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $blog_comment_template = ''; while (!$recordSet->EOF) { //Load DB Values $comment_author_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']); $blogcomments_id = $misc->make_db_unsafe($recordSet->fields['blogcomments_id']); $blogcomments_timestamp = $misc->make_db_unsafe($recordSet->fields['blogcomments_timestamp']); $blogcomments_text = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogcomments_text']), ENT_NOQUOTES, $config['charset']); //Load Template Block $blog_comment_template .= $page->get_template_section('blog_article_comment_item_block'); //Lookup Blog Author.. $author_type = $userclass->get_user_type($comment_author_id); if ($author_type == 'member') { $author_display = $userclass->get_user_name($comment_author_id); } else { $author_display = $userclass->get_user_last_name($comment_author_id) . ', ' . $userclass->get_user_first_name($comment_author_id); } $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_author', $author_display); if ($config['date_format'] == 1) { $format = "m/d/Y"; } elseif ($config['date_format'] == 2) { $format = "Y/d/m"; } elseif ($config['date_format'] == 3) { $format = "d/m/Y"; } $blog_comment_date_posted = date($format, "{$blogcomments_timestamp}"); $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_date_posted', $blog_comment_date_posted); $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_text', $blogcomments_text); $recordSet->MoveNext(); } $page->replace_template_section('blog_article_comment_item_block', $blog_comment_template); //Render Add New Comment if ($config['url_style'] == '1') { $article_url = 'index.php?action=blog_view_article&ArticleID=' . $id; } else { $url_title = str_replace("/", "", $blog_title); $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title)); $article_url = 'article-' . urlencode($url_title) . '-' . $id . '.html'; } $page->page = $page->parse_template_section($page->page, 'blog_comments_post_url', $article_url); //Render Page Out //$page->replace_tags(array('templated_search_form', 'featured_listings_horizontal', 'featured_listings_vertical', 'company_name', 'link_printer_friendly')); $page->replace_permission_tags(); $display .= $page->return_page(); } return $display; }
function show_vtour($listingID, $popup = true) { global $lang, $conn, $config, $jscript; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); $display = ''; if (isset($_GET['listingID'])) { if ($_GET['listingID'] != "") { require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); $page->load_page($config['template_path'] . '/' . $config['vtour_template']); $listingID = intval($listingID); $page->replace_listing_field_tags($listingID); $a = 0; $sql = "SELECT vtourimages_caption, vtourimages_description, vtourimages_file_name, vtourimages_rank FROM " . $config['table_prefix'] . "vtourimages WHERE (listingsdb_id = {$listingID}) ORDER BY vtourimages_rank"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $num_images = $recordSet->RecordCount(); if ($num_images > 0) { $vtinit = 0; $vtopts .= '<form action="/">' . "\r\n"; $vtopts .= "<p><select id=\"tourmenu\" onchange=\"swapTour(this)\"> \n"; $vtparams = "'<param name=\"file\" value=\"ptviewer:{$vtinit}\" />'+ \n"; $vtjs = ''; while (!$recordSet->EOF) { $caption = $misc->make_db_unsafe($recordSet->fields['vtourimages_caption']); $description = $conn->qstr($misc->make_db_unsafe($recordSet->fields['vtourimages_description'])); $file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']); // $imageID = $misc->make_db_unsafe ($recordSet->fields['vtourimages_id']); if ($caption == '') { $caption = 'Virtual Tour Image ' . $a; } $vtopts .= "<option value=\"{$a}\">{$caption}</option> \n"; $vtparams .= "'<param name=\"pano{$a}\" value=\"{file={$config['vtour_view_images_path']}/{$file_name}}{auto=0.1}{pan=-45}{fov=" . $config['vtour_fov'] . "}\" />'+ \n"; $album = "<param name=\"Album\" value=\"{$config['vtour_view_images_path']}/{$file_name}\" /> \n"; $vtjs .= "tour[{$a}] = {$description}; \n"; $a++; $ext = substr(strrchr($file_name, '.'), 1); $recordSet->MoveNext(); } // end while $vtopts .= "</select></p>\n"; $vtopts .= '</form>' . "\r\n"; } // end if ($num_images > 0) if ($ext == 'jpg') { // if it's a jpg file then use PTViewer for spherical pano images // First Define the Javascript to be placed in the head $jscript .= '<script type="text/javascript">' . "\r\n"; $jscript .= '<!--' . "\r\n"; $jscript .= 'inittour = (' . $vtinit . '*1);' . "\r\n"; $jscript .= 'tour = new Array();' . "\r\n"; $jscript .= $vtjs; $jscript .= 'function swapTour(w)' . "\r\n"; $jscript .= '{' . "\r\n"; $jscript .= ' si = w.selectedIndex;' . "\r\n"; $jscript .= ' x = w.options[si].value;' . "\r\n"; $jscript .= ' n = (x*1);' . "\r\n"; $jscript .= ' if (n >= 0)' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' newPano(n);' . "\r\n"; $jscript .= ' newText(n);' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= '}' . "\r\n"; $jscript .= 'function newPano(n)' . "\r\n"; $jscript .= '{' . "\r\n"; $jscript .= ' if(n)' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' if(getptv())' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' getptv().newPanoFromList(n);' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= ' else' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' n=inittour;' . "\r\n"; $jscript .= ' if(getptv())' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' getptv().newPanoFromList(n);' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= '} ' . "\r\n"; $jscript .= 'function newText(n,id)' . "\r\n"; $jscript .= '{' . "\r\n"; $jscript .= ' if(!id)' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' id=\'desc\';' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= ' if (document.layers)' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' x = document.layers[id];' . "\r\n"; $jscript .= ' x.document.open();' . "\r\n"; $jscript .= ' x.document.write(tour[n]);' . "\r\n"; $jscript .= ' x.document.close();' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= ' else if(document.all)' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' x = eval(\'document.all.\' + id);' . "\r\n"; $jscript .= ' x.innerHTML = tour[n];' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= ' else if (document.getElementById)' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' x = document.getElementById(id);' . "\r\n"; $jscript .= ' x.innerHTML = \'\';' . "\r\n"; $jscript .= ' x.innerHTML = tour[n];' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= '}' . "\r\n"; $jscript .= 'function getptv()' . "\r\n"; $jscript .= '{' . "\r\n"; $jscript .= 'var forAll=\'\';' . "\r\n"; $jscript .= ' if (document.ptviewer)' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' forAll = document.ptviewer;' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= ' else if (document.applets)' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' forAll = document.applets[\'ptviewer\'];' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= ' else if (document.getElementById)' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' forAll = document.getElementById(\'ptviewer\');' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= ' else if (document.getElementByName)' . "\r\n"; $jscript .= ' {' . "\r\n"; $jscript .= ' forAll = document.getElementByName(\'ptviewer\');' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= 'return forAll;' . "\r\n"; $jscript .= '}' . "\r\n"; $jscript .= 'function AutorotationStartRight()' . "\r\n"; $jscript .= '{' . "\r\n"; $jscript .= 'getptv().startAutoPan(0.1, 0.0, 1.0 );' . "\r\n"; $jscript .= '}' . "\r\n"; $jscript .= 'function AutorotationStartLeft()' . "\r\n"; $jscript .= '{' . "\r\n"; $jscript .= 'getptv().startAutoPan(-0.1,0.0,1.0);' . "\r\n"; $jscript .= '}' . "\r\n"; $jscript .= 'function AutorotationStop()' . "\r\n"; $jscript .= '{' . "\r\n"; $jscript .= 'getptv().stopAutoPan();' . "\r\n"; $jscript .= '}' . "\r\n"; $jscript .= 'function ZoomItIn()' . "\r\n"; $jscript .= '{' . "\r\n"; $jscript .= 'getptv().startAutoPan(0, 0, .995);' . "\r\n"; $jscript .= '}' . "\r\n"; $jscript .= 'function ZoomItOut()' . "\r\n"; $jscript .= '{' . "\r\n"; $jscript .= 'getptv().startAutoPan(0, 0, 1.005);' . "\r\n"; $jscript .= '}' . "\r\n"; $jscript .= 'function StopItZoom()' . "\r\n"; $jscript .= '{' . "\r\n"; $jscript .= 'getptv().stopAutoPan();' . "\r\n"; $jscript .= '}' . "\r\n"; $jscript .= 'if (document.images)' . "\r\n"; $jscript .= ' { // Active Images' . "\r\n"; $jscript .= ' backon = new Image();' . "\r\n"; $jscript .= ' backon.src = "' . $config['template_url'] . '/images/vtour_backon.gif";' . "\r\n"; $jscript .= ' backoff = new Image();' . "\r\n"; $jscript .= ' backoff.src = "' . $config['template_url'] . '/images/vtour_back.gif";' . "\r\n"; $jscript .= ' pauseon = new Image();' . "\r\n"; $jscript .= ' pauseon.src = "' . $config['template_url'] . '/images/vtour_pauseon.gif";' . "\r\n"; $jscript .= ' pauseoff = new Image();' . "\r\n"; $jscript .= ' pauseoff.src = "' . $config['template_url'] . '/images/vtour_pause.gif";' . "\r\n"; $jscript .= ' forwardon = new Image();' . "\r\n"; $jscript .= ' forwardon.src = "' . $config['template_url'] . '/images/vtour_forwardon.gif";' . "\r\n"; $jscript .= ' forwardoff = new Image();' . "\r\n"; $jscript .= ' forwardoff.src = "' . $config['template_url'] . '/images/vtour_forward.gif";' . "\r\n"; $jscript .= ' zoom_outon = new Image();' . "\r\n"; $jscript .= ' zoom_outon.src = "' . $config['template_url'] . '/images/vtour_zoom_outon.gif";' . "\r\n"; $jscript .= ' zoom_outoff = new Image();' . "\r\n"; $jscript .= ' zoom_outoff.src = "' . $config['template_url'] . '/images/vtour_zoom_out.gif";' . "\r\n"; $jscript .= ' zoom_inon = new Image();' . "\r\n"; $jscript .= ' zoom_inon.src = "' . $config['template_url'] . '/images/vtour_zoom_inon.gif";' . "\r\n"; $jscript .= ' zoom_inoff = new Image();' . "\r\n"; $jscript .= ' zoom_inoff.src = "' . $config['template_url'] . '/images/vtour_zoom_in.gif";' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= '// Function to \'activate\' images.' . "\r\n"; $jscript .= 'function imgOn(imgName) {' . "\r\n"; $jscript .= ' if (document.images) {' . "\r\n"; $jscript .= ' document.images[imgName].src = eval(imgName + "on.src");' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= '}' . "\r\n"; $jscript .= '// Function to \'deactivate\' images.' . "\r\n"; $jscript .= 'function imgOff(imgName) {' . "\r\n"; $jscript .= ' if (document.images) {' . "\r\n"; $jscript .= ' document.images[imgName].src = eval(imgName + "off.src");' . "\r\n"; $jscript .= ' }' . "\r\n"; $jscript .= '}' . "\r\n"; $jscript .= '-->' . "\r\n"; $jscript .= '</script>' . "\r\n"; // Code for the {vtour} Tag Replacement $bar_y = $config['vtour_height'] - 10; $show_ptviewer = '<script type="text/javascript">' . "\r\n"; $show_ptviewer .= '<!--' . "\r\n"; $show_ptviewer .= 'ptoutput(\'<applet code="ptviewer.class" archive="ptviewer.jar" height="' . $config['vtour_height'] . '" width="' . $config['vtour_width'] . '" id="ptviewer" name="ptviewer">\'+' . "\r\n"; $show_ptviewer .= '\'<param name="code" value="ptviewer" />\'+' . "\r\n"; $show_ptviewer .= '\'<param name="archive" value="ptviewer.jar" />\'+' . "\r\n"; $show_ptviewer .= '\'<param name="quality" value="3" />\'+' . "\r\n"; $show_ptviewer .= '\'<param name="pan" value="180" />\'+' . "\r\n"; $show_ptviewer .= '\'<param name="view_height" value="' . $config['vtour_height'] . '" />\'+' . "\r\n"; $show_ptviewer .= '\'<param name="mass" value="20" />\'+' . "\r\n"; $show_ptviewer .= '\'<param name="bar_y" value="' . $bar_y . '" />\'+' . "\r\n"; $show_ptviewer .= '\'<param name="bar_x" value="0" />\'+' . "\r\n"; $show_ptviewer .= '\'<param name="cursor" value="move" />\'+' . "\r\n"; $show_ptviewer .= '\'<param name="wait" value="' . $config['template_url'] . '/images/vtour-load.jpg" />\'+' . "\r\n"; $show_ptviewer .= '\'<param name="barcolor" value="FF0000" />\'+' . "\r\n"; $show_ptviewer .= '\'<param name="bar_width" value="' . $config['vtour_width'] . '" />\'+' . "\r\n"; $show_ptviewer .= $vtparams; $show_ptviewer .= '\'<\\/applet>\');' . "\r\n"; $show_ptviewer .= '//-->' . "\r\n"; $show_ptviewer .= '</script>' . "\r\n"; // Replace all the vtour tags $page->page = str_replace('{vtour}', $show_ptviewer, $page->page); $vtour_left_button = '<a onmouseover="imgOn(\'back\')" onmouseout="imgOff(\'back\')" onmousedown="AutorotationStartLeft()"><img src="' . $config['template_url'] . '/images/vtour_back.gif" id="back" alt="Back" /></a>' . "\r\n"; $page->page = str_replace('{vtour_left_button}', $vtour_left_button, $page->page); $vtour_pause_button = '<a onmouseover="imgOn(\'pause\')" onmouseout="imgOff(\'pause\')" onmousedown="AutorotationStop()"><img src="' . $config['template_url'] . '/images/vtour_pause.gif" id="pause" alt="Pause" /></a>' . "\r\n"; $page->page = str_replace('{vtour_pause_button}', $vtour_pause_button, $page->page); $vtour_right_button = '<a onmouseover="imgOn(\'forward\')" onmouseout="imgOff(\'forward\')" onmousedown="AutorotationStartRight()"><img src="' . $config['template_url'] . '/images/vtour_forward.gif" id="forward" alt="Forward" /></a>' . "\r\n"; $page->page = str_replace('{vtour_right_button}', $vtour_right_button, $page->page); $vtour_zoomout_button = '<a onmouseover="imgOn(\'zoom_out\')" onmouseout="imgOff(\'zoom_out\')" onmousedown="ZoomItOut()" onmouseup="StopItZoom()"><img src="' . $config['template_url'] . '/images/vtour_zoom_out.gif" id="zoom_out" alt="Zoom Out" /></a>' . "\r\n"; $page->page = str_replace('{vtour_zoomout_button}', $vtour_zoomout_button, $page->page); $vtour_zoomin_button = '<a onmouseover="imgOn(\'zoom_in\')" onmouseout="imgOff(\'zoom_in\')" onmousedown="ZoomItIn()" onmouseup="StopItZoom()"><img src="' . $config['template_url'] . '/images/vtour_zoom_in.gif" id="zoom_in" alt="Zoom In" /></a>' . "\r\n"; $page->page = str_replace('{vtour_zoomin_button}', $vtour_zoomin_button, $page->page); $page->page = str_replace('{vtour_select}', $vtopts, $page->page); $vtour_description = '<div id="desc"></div>' . "\r\n"; $page->page = str_replace('{vtour_description}', $vtour_description, $page->page); // Need to have an onload command in the body tag or else the vtour doesn't load the text description properly $onload = 'onload="newText(inittour)"'; $page->page = str_replace('{onload}', $onload, $page->page); } elseif ($ext == 'egg') { // if it's a .egg then use the egg solution for their proprietory file format $egg_solution = '<!--[if !IE]>-->' . "\r\n"; $egg_solution .= '<object codetype="application/java" classid="java:EggApplet.class" archive="' . $config['baseurl'] . '/e3D.jar" width="' . $config['vtour_width'] . '" height="' . $config['vtour_height'] . '">' . "\r\n"; $egg_solution .= $album; $egg_solution .= '<param name="Icons" value="' . $config['baseurl'] . '/applet.ear" />' . "\r\n"; $egg_solution .= '</object>' . "\r\n"; $egg_solution .= '<!--<![endif]-->' . "\r\n"; $egg_solution .= '<object classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93" codebase="http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab" width="' . $config['vtour_width'] . '" height="' . $config['vtour_height'] . '">' . "\r\n"; $egg_solution .= '<param name="code" value="EggApplet" />' . "\r\n"; $egg_solution .= '<param name="archive" value="' . $config['baseurl'] . '/e3D.jar" />' . "\r\n"; $egg_solution .= $album; $egg_solution .= '<param name="Icons" value="' . $config['baseurl'] . '/applet.ear" />' . "\r\n"; $egg_solution .= '</object>' . "\r\n"; // Replace all the vtour tags $page->page = str_replace('{vtour}', $egg_solution, $page->page); $vtour_left_button = ''; $page->page = str_replace('{vtour_left_button}', $vtour_left_button, $page->page); $vtour_pause_button = ''; $page->page = str_replace('{vtour_pause_button}', $vtour_pause_button, $page->page); $vtour_right_button = ''; $page->page = str_replace('{vtour_right_button}', $vtour_right_button, $page->page); $vtour_zoomout_button = ''; $page->page = str_replace('{vtour_zoomout_button}', $vtour_zoomout_button, $page->page); $vtour_zoomin_button = ''; $page->page = str_replace('{vtour_zoomin_button}', $vtour_zoomin_button, $page->page); $vtopts = ''; $page->page = str_replace('{vtour_select}', $vtopts, $page->page); $vtour_description = ''; $page->page = str_replace('{vtour_description}', $vtour_description, $page->page); // Need to have an onload command in the body tag or else the vtour doesn't load the text description properly $onload = ''; $page->page = str_replace('{onload}', $onload, $page->page); } else { // if it's not a .jpg or .egg let them know it's not supported. $unsupported_vtour = $lang['unsupported_vtour']; // Replace all the vtour tags $page->page = str_replace('{vtour}', $unsupported_vtour, $page->page); $vtour_left_button = ''; $page->page = str_replace('{vtour_left_button}', $vtour_left_button, $page->page); $vtour_pause_button = ''; $page->page = str_replace('{vtour_pause_button}', $vtour_pause_button, $page->page); $vtour_right_button = ''; $page->page = str_replace('{vtour_right_button}', $vtour_right_button, $page->page); $vtour_zoomout_button = ''; $page->page = str_replace('{vtour_zoomout_button}', $vtour_zoomout_button, $page->page); $vtour_zoomin_button = ''; $page->page = str_replace('{vtour_zoomin_button}', $vtour_zoomin_button, $page->page); $vtopts = ''; $page->page = str_replace('{vtour_select}', $vtopts, $page->page); $vtour_description = ''; $page->page = str_replace('{vtour_description}', $vtour_description, $page->page); // Need to have an onload command in the body tag or else the vtour doesn't load the text description properly $onload = ''; $page->page = str_replace('{onload}', $onload, $page->page); } //end else $ext = Unsupported if ($popup == false) { $page->page = $page->remove_template_block('vtour_header', $page->page); $page->page = $page->remove_template_block('vtour_footer', $page->page); $page->page = $page->remove_template_block('vtour_content', $page->page); } else { $page->page = $page->cleanup_template_block('vtour_header', $page->page); $page->page = $page->cleanup_template_block('vtour_footer', $page->page); $page->page = $page->cleanup_template_block('vtour_content', $page->page); } $page->page = str_replace('{template_url}', $config['template_url'], $page->page); $display = $page->return_page(); } else { $display .= "<a href=\"index.php\">{$lang['perhaps_you_were_looking_something_else']}</a>"; } } else { $display .= "<a href=\"index.php\">{$lang['perhaps_you_were_looking_something_else']}</a>"; } return $display; }
public static function listing_view() { global $conn, $lang, $config; $display = ''; if (isset($_GET['listingID']) && $_GET['listingID'] != "" && is_numeric($_GET['listingID'])) { $sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_id=' . $_GET['listingID']; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $num = $recordSet->RecordCount(); if ($num != 0) { // first, check to see whether the listing is currently active $show_listing = listing_pages::checkActive($_GET['listingID']); if ($show_listing == "yes") { require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); //Lookup Class $sql2 = "SELECT class_id FROM " . $config['table_prefix_no_lang'] . "classlistingsdb WHERE listingsdb_id = {$_GET['listingID']}"; $recordSet2 = $conn->SelectLimit($sql2, 1, 0); $num = $recordSet2->RecordCount(); if ($recordSet2 === false) { $misc->log_error($sql2); } $class = $recordSet2->fields['class_id']; if (file_exists($config['template_path'] . '/listing_detail_pclass' . $class . '.html')) { $page->load_page($config['template_path'] . '/listing_detail_pclass' . $class . '.html'); } else { $page->load_page($config['template_path'] . '/' . $config['listing_template']); } $sections = explode(',', $config['template_listing_sections']); foreach ($sections as $section) { $replace = listing_pages::renderTemplateArea($section, $_GET['listingID']); $page->replace_tag($section, $replace); } $page->replace_listing_field_tags($_GET['listingID']); // Check to see if listing owner is an admin only. $is_admin = listing_pages::getListingAgentAdminStatus($_GET['listingID']); if ($is_admin == true && $config["show_listedby_admin"] == 0) { $page->page = $page->remove_template_block('show_listed_by_admin', $page->page); $page->page = $page->cleanup_template_block('!show_listed_by_admin', $page->page); } else { $page->page = $page->cleanup_template_block('show_listed_by_admin', $page->page); $page->page = $page->remove_template_block('!show_listed_by_admin', $page->page); } if ($config['show_next_prev_listing_page'] == 1) { $next_prev = listing_pages::listing_next_prev(); $page->page = str_replace('{next_prev}', $next_prev, $page->page); } else { $page->page = str_replace('{next_prev}', '', $page->page); } require_once $config['basepath'] . '/include/vtour.inc.php'; $goodvtour = vtours::goodvtour($_GET['listingID']); if ($goodvtour == true) { $page->page = $page->cleanup_template_block('vtour_tab', $page->page); } else { $page->page = $page->remove_template_block('vtour_tab', $page->page); } $display .= $page->return_page(); } else { $display .= $lang['this_listing_is_not_active']; } } else { $display .= "<a href=\"index.php\">{$lang['perhaps_you_were_looking_something_else']}</a>"; } } else { $display .= "<a href=\"index.php\">{$lang['perhaps_you_were_looking_something_else']}</a>"; } return $display; }
function edit_listings($only_my_listings = true) { global $conn, $lang, $config, $listingID; if ($only_my_listings == false) { $security = login::loginCheck('edit_all_listings', true); } else { $security = login::loginCheck('Agent', true); } $display = ''; if ($security === true) { require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); require_once $config['basepath'] . '/include/forms.inc.php'; $forms = new forms(); require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); // $display .= '<span class="section_header">'.$lang['listings_editor'].'<span><br /><br />'; if (!isset($_GET['delete'])) { $_GET['delete'] = ''; } if ($_GET['delete'] != '') { if ($_SESSION['admin_privs'] == 'yes' || $_SESSION['edit_all_listings'] == 'yes') { listing_editor::delete_listing($_GET['delete'], false); } else { listing_editor::delete_listing($_GET['delete'], true); } } if (!isset($_POST['action'])) { $_POST['action'] = ''; } if ($_POST['action'] == "update_listing") { if ($_SESSION['admin_privs'] == 'yes' || $_SESSION['edit_all_listings'] == 'yes') { $display .= listing_editor::update_listing(false); } else { $display .= listing_editor::update_listing(true); } } // end if $action == "update listing" if (!isset($_GET['edit'])) { $_GET['edit'] = ''; } if (isset($_POST['lookup_field']) && isset($_POST['lookup_value'])) { $_SESSION['edit_listing_qeb_lookup_field'] = $_POST['lookup_field']; $_SESSION['edit_listing_qeb_lookup_value'] = $_POST['lookup_value']; } if (isset($_SESSION['edit_listing_qeb_lookup_field']) && isset($_SESSION['edit_listing_qeb_lookup_value'])) { if ($_SESSION['edit_listing_qeb_lookup_field'] != 'listingsdb_id') { $_POST['lookup_field'] = $_SESSION['edit_listing_qeb_lookup_field']; $_POST['lookup_value'] = $_SESSION['edit_listing_qeb_lookup_value']; } } if (isset($_POST['filter'])) { $_SESSION['edit_listing_qeb_filter'] = $_POST['filter']; } if (isset($_SESSION['edit_listing_qeb_filter'])) { $_POST['filter'] = $_SESSION['edit_listing_qeb_filter']; } if (isset($_POST['agent_filter'])) { $_SESSION['edit_listing_qeb_agent_filter'] = $_POST['agent_filter']; } if (isset($_SESSION['edit_listing_qeb_agent_filter'])) { $_POST['agent_filter'] = $_SESSION['edit_listing_qeb_agent_filter']; } if (isset($_POST['pclass_filter'])) { $_SESSION['edit_listing_qeb_pclass_filter'] = $_POST['pclass_filter']; } if (isset($_SESSION['edit_listing_qeb_pclass_filter'])) { $_POST['pclass_filter'] = $_SESSION['edit_listing_qeb_pclass_filter']; } if (isset($_POST['lookup_field']) && isset($_POST['lookup_value']) && $_POST['lookup_field'] == 'listingsdb_id' && $_POST['lookup_value'] != '') { $_GET['edit'] = intval($_POST['lookup_value']); } if ($only_my_listings == TRUE) { unset($_POST['agent_filter']); } if ($_GET['edit'] != "") { $edit = intval($_GET['edit']); // first, grab the listings's main info if ($only_my_listings == true) { $sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_notes, userdb_id, listingsdb_last_modified, listingsdb_featured, listingsdb_active, listingsdb_mlsexport, listingsdb_expiration FROM " . $config['table_prefix'] . "listingsdb WHERE (listingsdb_id = {$edit}) AND (userdb_id = '{$_SESSION['userID']}')"; } else { $sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_notes, userdb_id, listingsdb_last_modified, listingsdb_featured, listingsdb_active, listingsdb_mlsexport, listingsdb_expiration FROM " . $config['table_prefix'] . "listingsdb WHERE (listingsdb_id = {$edit})"; } $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } if ($recordSet->RecordCount() > 0) { // collect up the main DB's various fields $listing_ID = $misc->make_db_unsafe($recordSet->fields['listingsdb_id']); $edit_title = $misc->make_db_unsafe($recordSet->fields['listingsdb_title']); $edit_notes = $misc->make_db_unsafe($recordSet->fields['listingsdb_notes']); $edit_mlsexport = $misc->make_db_unsafe($recordSet->fields['listingsdb_mlsexport']); $edit_or_owner = $recordSet->fields['userdb_id']; $last_modified = $recordSet->UserTimeStamp($recordSet->fields['listingsdb_last_modified'], 'D M j G:i:s T Y'); $edit_featured = $recordSet->fields['listingsdb_featured']; $edit_active = $recordSet->fields['listingsdb_active']; $expiration = $recordSet->UserTimeStamp($recordSet->fields['listingsdb_expiration'], $config["date_format_timestamp"]); // now, display all that stuff $display .= '<table class="form_main">'; $display .= '<tr>'; $display .= '<td colspan="3" class="row_main">'; if ($only_my_listings == true) { $display .= '<span class="section_header"><a href="index.php?action=edit_my_listings">' . $lang['listings_editor'] . '</a></span><br />'; } else { $display .= '<span class="section_header"><a href="index.php?action=edit_listings">' . $lang['listings_editor'] . '</a></span><br />'; } $display .= '<h3>' . $lang['admin_listings_editor_modify_listing'] . ' (<a href="' . $config['baseurl'] . '/index.php?action=listingview&listingID=' . $listing_ID . '" target="_preview">' . $lang['preview'] . '</a>)</h3>'; $display .= '</td>'; $display .= '</tr>'; $display .= '<tr>'; $display .= '<td valign="top" align="center" class="row_main">'; $display .= '<b>' . $lang['images'] . '</b>'; $display .= '<br />'; $display .= '<hr width="75%" />'; $display .= '<form action="index.php?action=edit_listing_images" method="post" name="edit_listing_images"><input type="hidden" name="edit" value="' . $_GET['edit'] . '" /><a href="javascript:document.edit_listing_images.submit()">' . $lang['edit_images'] . '</a></form>'; $display .= '<br />'; $sql = "SELECT listingsimages_caption, listingsimages_file_name, listingsimages_thumb_file_name FROM " . $config['table_prefix'] . "listingsimages WHERE (listingsdb_id = {$edit}) ORDER BY listingsimages_rank"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $caption = $misc->make_db_unsafe($recordSet->fields['listingsimages_caption']); $thumb_file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_thumb_file_name']); $file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_file_name']); // gotta grab the image size $thumb_imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}"); $thumb_imagewidth = $thumb_imagedata[0]; $thumb_imageheight = $thumb_imagedata[1]; $thumb_max_width = $config['thumbnail_width']; $thumb_max_height = $config['thumbnail_height']; $resize_by = $config['resize_thumb_by']; $shrinkage = 1; if ($thumb_max_width == $thumb_imagewidth || $thumb_max_height == $thumb_imageheight) { $thumb_displaywidth = $thumb_imagewidth; $thumb_displayheight = $thumb_imageheight; } else { if ($resize_by == 'width') { $shrinkage = $thumb_imagewidth / $thumb_max_width; $thumb_displaywidth = $thumb_max_width; $thumb_displayheight = round($thumb_imageheight / $shrinkage); } elseif ($resize_by == 'height') { $shrinkage = $thumb_imageheight / $thumb_max_height; $thumb_displayheight = $thumb_max_height; $thumb_displaywidth = round($thumb_imagewidth / $shrinkage); } elseif ($resize_by == 'both') { $thumb_displayheight = $thumb_max_height; $thumb_displaywidth = $thumb_max_width; } } $display .= "<a href=\"{$config['listings_view_images_path']}/{$file_name}\" target=\"_thumb\"> "; $display .= "<img src=\"{$config['listings_view_images_path']}/{$thumb_file_name}\" height=\"{$thumb_displayheight}\" width=\"{$thumb_displaywidth}\" alt=\"{$thumb_file_name}\" /></a><br /> "; $display .= "<b>{$caption}</b><br /><br />"; $recordSet->MoveNext(); } // end while $display .= '</td>'; if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havevtours'] == "yes") { $display .= '<td valign="top" align="center" class="row_main">'; $display .= '<b>' . $lang['vtours'] . '</b>'; $display .= '<br />'; $display .= '<hr width="75%" />'; $display .= '<form action="index.php?action=edit_vtour_images" method="post" name="edit_vtour_images"><input type="hidden" name="edit" value="' . $edit . '" /><a href="javascript:document.edit_vtour_images.submit()">' . $lang['edit_vtours'] . '</a></form>'; $display .= '<br />'; $sql = "SELECT vtourimages_caption, vtourimages_file_name, vtourimages_thumb_file_name FROM " . $config['table_prefix'] . "vtourimages WHERE (listingsdb_id = '{$edit}') ORDER BY vtourimages_rank"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $caption = $misc->make_db_unsafe($recordSet->fields['vtourimages_caption']); $thumb_file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_thumb_file_name']); $file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']); $ext = substr(strrchr($file_name, '.'), 1); if ($ext == 'jpg') { // gotta grab the image size $imagedata = GetImageSize("{$config['vtour_upload_path']}/{$thumb_file_name}"); $imagewidth = $imagedata[0]; $imageheight = $imagedata[1]; $shrinkage = $config['thumbnail_width'] / $imagewidth; $displaywidth = $imagewidth * $shrinkage; $displayheight = $imageheight * $shrinkage; $display .= "<a href=\"{$config['vtour_view_images_path']}/{$file_name}\" target=\"_thumb\">"; $display .= "<img src=\"{$config['vtour_view_images_path']}/{$thumb_file_name}\" height=\"{$displayheight}\" width=\"{$displaywidth}\" alt=\"{$thumb_file_name}\" /></a><br /> "; $display .= "<strong>{$caption}</strong><br /><br />"; $recordSet->MoveNext(); } elseif ($ext == 'egg') { $display .= "<img src=\"{$config['baseurl']}/images/eggimage.gif\" alt=\"eggimage.gif\" /><br /> "; $recordSet->MoveNext(); } else { $display .= $file_name . '<br />' . $lang['unsupported_vtour'] . '<br /><br />'; $recordSet->MoveNext(); } } // end while if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havefiles'] == "yes") { $display .= '<br />'; } else { $display .= '</td>'; } } // Place the Files list and edit files link on the edit listing page if we are allowed to have files. if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havefiles'] == "yes") { if ($_SESSION['admin_privs'] == "yes" || $_SESSION['havevtours'] == "yes") { $display .= '<br />'; } else { $display .= '<td valign="top" align="center" class="row_main">'; } $display .= '<b>' . $lang['files'] . '</b>'; $display .= '<br />'; $display .= '<hr width="75%" />'; $display .= '<form action="index.php?action=edit_listing_files" method="post" name="edit_listing_files"><input type="hidden" name="edit" value="' . $_GET['edit'] . '" /><a href="javascript:document.edit_listing_files.submit()">' . $lang['edit_files'] . '</a></form>'; $display .= '<br />'; $sql = "SELECT listingsfiles_id, listingsfiles_caption, listingsfiles_file_name FROM " . $config['table_prefix'] . "listingsfiles WHERE (listingsdb_id = '{$_GET['edit']}')"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $caption = $misc->make_db_unsafe($recordSet->fields['listingsfiles_caption']); $file_name = $misc->make_db_unsafe($recordSet->fields['listingsfiles_file_name']); $file_id = $misc->make_db_unsafe($recordSet->fields['listingsfiles_id']); $iconext = substr(strrchr($file_name, '.'), 1); $iconpath = $config["file_icons_path"] . '/' . $iconext . '.png'; if (file_exists($iconpath)) { $icon = $config["listings_view_file_icons_path"] . '/' . $iconext . '.png'; } else { $icon = $config["listings_view_file_icons_path"] . '/default.png'; } $file_download_url = 'index.php?action=create_download&ID=' . $edit . '&file_id=' . $file_id . '&type=listing'; $display .= '<a href="' . $config['baseurl'] . '/' . $file_download_url . '" target="_thumb">'; $display .= '<img src="' . $icon . '" height="' . $config["file_icon_height"] . '" width="' . $config["file_icon_width"] . '" alt="' . $file_name . '" /><br />'; $display .= '<strong>' . $file_name . '</strong></a><br />'; $display .= '<strong>' . $caption . '</strong><br /><br />'; $recordSet->MoveNext(); } // end while $display .= '</td>'; } $display .= '<td class="row_main">'; //START FORM VALIDATION if (isset($_POST['property_class'])) { $class_sql = ''; foreach ($_POST['property_class'] as $class_id) { if (empty($class_sql)) { $class_sql .= ' class_id = ' . $class_id; } else { $class_sql .= ' OR class_id = ' . $class_id; } $display .= '<input type="hidden" name="property_class[]" value="' . $class_id . '" />'; } $pclass_list = ''; $sql = "SELECT DISTINCT(listingsformelements_id) FROM " . $config['table_prefix_no_lang'] . "classformelements WHERE " . $class_sql; $recordSet = $conn->execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { if (empty($pclass_list)) { $pclass_list .= $recordSet->fields['listingsformelements_id']; } else { $pclass_list .= ',' . $recordSet->fields['listingsformelements_id']; } $recordSet->Movenext(); } if ($pclass_list == '') { $pclass_list = 0; } $sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required from " . $config['table_prefix'] . "listingsformelements WHERE listingsformelements_id IN (" . $pclass_list . ") ORDER BY listingsformelements_rank, listingsformelements_field_name"; } else { $sql = "SELECT listingsformelements_field_type, listingsformelements_field_name, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required from " . $config['table_prefix'] . "listingsformelements ORDER BY listingsformelements_rank, listingsformelements_field_name"; } $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $display .= "\r\n<script type=\"text/javascript\" >\r\n"; $display .= "<!--\r\n"; $display .= "function validate_form()\r\n"; $display .= "{\r\n"; $display .= "var msg=\"\"\r\n"; $display .= "valid = true;\r\n"; $display .= "if ( document.update_listing.title.value == \"\" )\r\n"; $display .= "{\r\n"; $display .= "msg += '{$lang['forgot_field']} {$lang['admin_listings_editor_title']} {$lang['admin_template_editor_field']}.\\r\\n';\r\n"; $display .= "valid = false;\r\n"; $display .= "}\r\n"; while (!$recordSet->EOF) { $field_name = $recordSet->fields['listingsformelements_field_name']; $field_caption = $recordSet->fields['listingsformelements_field_caption']; $required = $recordSet->fields['listingsformelements_required']; if ($required == 'Yes') { $display .= "if ( document.update_listing.{$field_name}.value == \"\" )\r\n"; $display .= "{\r\n"; $display .= "msg += '" . html_entity_decode($lang[forgot_field]) . " {$field_caption} " . html_entity_decode($lang[admin_template_editor_field]) . ".\\r\\n';\r\n"; $display .= "valid = false;\r\n"; $display .= "}\r\n"; } $recordSet->MoveNext(); } $display .= "if (msg != \"\")\r\n"; $display .= "{\r\n"; $display .= "alert (msg);"; $display .= "}\r\n"; $display .= "return valid;\r\n"; $display .= "}\r\n"; $display .= "//-->\r\n"; $display .= "</script>\r\n"; //END FORM VALIDATION $display .= '<table>'; if ($only_my_listings == true) { $display .= '<form name="update_listing" action="index.php?action=edit_my_listings&edit=' . $_GET['edit'] . '" method="post" onsubmit="return validate_form ( );">'; } else { $display .= '<form name="update_listing" action="index.php?action=edit_listings&edit=' . $_GET['edit'] . '" method="post" onsubmit="return validate_form ( );">'; } $display .= '<input type="hidden" name="action" value="update_listing">'; $display .= '<input type="hidden" name="edit" value="' . $_GET['edit'] . '">'; $display .= '<tr>'; $display .= '<td align="right"><b>' . $lang['admin_listings_editor_title'] . ': <font color="red">*</font></b></td>'; $display .= '<td align="left"> <input type="text" name="title" value="' . $edit_title . '"></td></tr>'; // Display Property Classes $sql2 = 'SELECT class_id FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE listingsdb_id =' . $listing_ID; $recordSet2 = $conn->execute($sql2); if ($recordSet2 === false) { $misc->log_error($sql2); } $selected_class_id = array(); while (!$recordSet2->EOF) { $selected_class_id[] = $recordSet2->fields['class_id']; $recordSet2->MoveNext(); } $sql2 = 'SELECT class_id,class_name FROM ' . $config['table_prefix'] . 'class'; $recordSet2 = $conn->execute($sql2); if ($recordSet2 === false) { $misc->log_error($sql2); } $display .= '<tr><td align="right"><b>' . $lang['admin_listings_editor_property_class'] . '</b></td><td align="left">'; $display .= '<select name="pclass[]"'; if ($config["multiple_pclass_selection"] == '1') { $display .= ' multiple="multiple" size="5"'; } $display .= '>'; while (!$recordSet2->EOF) { $class_id = $recordSet2->fields['class_id']; $class_name = $misc->make_db_unsafe($recordSet2->fields['class_name']); if (in_array($class_id, $selected_class_id, true)) { $display .= '<option value="' . $class_id . '" selected="selected">' . $class_name . '</option>'; } else { $display .= '<option value="' . $class_id . '">' . $class_name . '</option>'; } $recordSet2->MoveNext(); } $display .= '</select></td></tr>'; // End property Class Display if ($_SESSION['featureListings'] == "yes" || $_SESSION['admin_privs'] == "yes") { $display .= '<tr><td align="right"><b>' . $lang['admin_listings_editor_featured'] . ':</b></td><td align="left">'; $display .= '<select name="featured" size="1">'; $display .= '<option value="' . $edit_featured . '">' . $lang['' . $edit_featured . ''] . '</option>'; $display .= '<option value="">-----</option>'; $display .= '<option value="yes">' . $lang['yes'] . '</option>'; $display .= '<option value="no">' . $lang['no'] . '</option>'; $display .= '</select></td></tr>'; } // end if ($featureListings == "yes") if ($_SESSION['admin_privs'] == "yes" || $_SESSION['moderator'] == 'yes') { $display .= '<tr><td align="right"><b>' . $lang['admin_listings_active'] . ':</b></td><td align="left">'; $display .= '<select name="edit_active" size="1">'; $display .= '<option value="' . $edit_active . '">' . $lang['' . $edit_active . ''] . '</option>'; $display .= '<option value="">-----</option>'; $display .= '<option value="yes">' . $lang['yes'] . '</option>'; $display .= '<option value="no">' . $lang['no'] . '</option>'; $display .= '</select></td></tr>'; if ($config['moderate_listings'] == 1 && $edit_active == 'no') { $display .= '<tr><td align="right"><b>' . $lang['admin_send_notices'] . ':</b></td><td align="left">'; $display .= '<select name="send_notices" size="1">'; $display .= '<option value="no">' . $lang['no'] . '</option>'; $display .= '<option value="yes">' . $lang['yes'] . '</option>'; $display .= '</select>'; $display .= ' <a href="#" class="tooltip"><img src="images/info.gif" width="16" height="16" /><span>' . $lang['send_notices_tool_tip'] . '</span></a>'; $display .= '</td></tr>'; } } // end if ($featureListings == "yes") if (($_SESSION['admin_privs'] == "yes" || $_SESSION['edit_expiration'] == "yes") && $config['use_expiration'] == "1") { $display .= '<tr><td align="right" class="row_main"><b>' . $lang['expiration'] . ':</b></td><td align="left"><input type="text" name="edit_expiration" value="' . $expiration . '" onFocus="javascript:vDateType=\'' . $config['date_format'] . '\'" onKeyUp="DateFormat(this,this.value,event,false,\'' . $config['date_format'] . '\')" onBlur="DateFormat(this,this.value,event,true,\'' . $config['date_format'] . '\')" />(' . $config['date_format_long'] . ')</td></tr>'; } // end if ($admin_privs == "yes" and $config[use_expiration] = "yes") if ($config["export_listings"] == 1 && $_SESSION['export_listings'] == "yes") { $display .= '<tr><td align="right"><strong>' . $lang['admin_listings_editor_mlsexport'] . ':</strong></td><td align="left">'; $display .= '<select name="mlsexport" size="1">'; $display .= '<option value="' . $edit_mlsexport . '">' . $lang['' . $edit_mlsexport . ''] . '</option>'; $display .= '<option value="">-----</option>'; $display .= '<option value="yes">' . $lang['yes'] . '</option>'; $display .= '<option value="no">' . $lang['no'] . '</option>'; $display .= '</select>'; $display .= '</td></tr>'; } else { $display .= '<input type="hidden" name="mlsexport" value="no" />'; } // Display Agent selection Option to reassign listing if ($_SESSION['admin_privs'] == "yes" || $_SESSION['edit_all_listings'] == "yes") { $display .= '<tr><td align="right"><b>' . $lang['listing_editor_listing_agent'] . ':</b></td>'; $display .= '<td align="left" class="row_main"><select name="or_owner" size="1">'; // find the name of the agent listed as ID in $edit_or_owner $sql = "SELECT userdb_user_first_name, userdb_user_last_name FROM " . $config['table_prefix'] . "userdb WHERE (userdb_id = {$edit_or_owner})"; $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } // strip slashes so input appears correctly $agent_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']); $agent_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']); $display .= "<option value=\"{$edit_or_owner}\">{$agent_last_name},{$agent_first_name}</option>"; // fill list with names of all agents $sql = "SELECT userdb_id, userdb_user_first_name, userdb_user_last_name FROM " . $config['table_prefix'] . "userdb where userdb_is_agent = 'yes' or userdb_is_admin = 'yes' ORDER BY userdb_user_last_name,userdb_user_first_name"; $ADODB_FETCH_MODE = ADODB_FETCH_ASSOC; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { // strip slashes so input appears correctly $agent_ID = $recordSet->fields['userdb_id']; $agent_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']); $agent_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']); $display .= "<option value=\"{$agent_ID}\">{$agent_last_name},{$agent_first_name}</option>"; $recordSet->MoveNext(); } $display .= "</select></td>"; $display .= '</tr>'; } else { $display .= '<input type="hidden" name="or_owner" value="' . $edit_or_owner . '" />'; } // Show Notes Field if ($config["show_notes_field"] == 1) { $display .= '<tr><td align="right"><b>' . $lang['admin_listings_editor_notes'] . ':</b><br /><div class="small">(' . $lang['admin_listings_editor_notes_note'] . ')</div></td><td align="left"> <textarea name="notes" rows="6" cols="40">' . $edit_notes . '</textarea></td></tr>'; } else { $display .= '<input type="hidden" name="notes" value="' . $edit_notes . '" />'; } // Show Listing Fields for this property class $sql = 'SELECT class_id from ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE listingsdb_id =' . $edit; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $class_sql = ''; while (!$recordSet->EOF()) { $class_id = $recordSet->fields['class_id']; if (empty($class_sql)) { $class_sql .= ' class_id = ' . $class_id; } else { $class_sql .= ' OR class_id = ' . $class_id; } $recordSet->MoveNext(); } $class_list = ''; $sql = "SELECT DISTINCT(listingsformelements_id) FROM " . $config['table_prefix_no_lang'] . "classformelements WHERE " . $class_sql; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { if (empty($class_list)) { $class_list .= $recordSet->fields['listingsformelements_id']; } else { $class_list .= ',' . $recordSet->fields['listingsformelements_id']; } $recordSet->MoveNext(); } if ($class_list == '') { $class_list = 0; } $sql = "SELECT listingsformelements_field_name, listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption, listingsformelements_default_text, listingsformelements_field_elements, listingsformelements_required, listingsformelements_field_length, listingsformelements_tool_tip FROM " . $config['table_prefix'] . "listingsformelements left join " . $config['table_prefix'] . "listingsdbelements on listingsdbelements_field_name = listingsformelements_field_name AND listingsdb_id = {$edit} WHERE listingsformelements_id IN (" . $class_list . ") ORDER BY listingsformelements_rank"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $field_name = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_name']); if (isset($_POST[$field_name])) { if (is_array($_POST[$field_name])) { $field_value = ""; foreach ($_POST[$field_name] as $feature_item) { $feature_item = $misc->make_db_unsafe($feature_item); $field_value .= "||{$feature_item}"; } // end while // now remove the first two characters $feature_insert_length = strlen($field_value); $feature_insert_length = $feature_insert_length - 2; $field_value = substr($field_value, 2, $feature_insert_length); } else { $field_value = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']); } } else { $field_value = $misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']); } $field_type = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_type']); $field_caption = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_caption']); $default_text = $misc->make_db_unsafe($recordSet->fields['listingsformelements_default_text']); $field_elements = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_elements']); $required = $misc->make_db_unsafe($recordSet->fields['listingsformelements_required']); $field_length = $misc->make_db_unsafe($recordSet->fields['listingsformelements_field_length']); $tool_tip = $misc->make_db_unsafe($recordSet->fields['listingsformelements_tool_tip']); // pass the data to the function $display .= $forms->renderExistingFormElement($field_type, $field_name, $field_value, $field_caption, $default_text, $required, $field_elements, $field_length, $tool_tip); $recordSet->MoveNext(); } //$editid = substr($edit, 1, -1) * 1; if ($only_my_listings == true) { $edit_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&edit=' . $edit; $delete_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&delete=' . $edit; } else { $edit_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&edit=' . $edit; $delete_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&delete=' . $edit; } $display .= '<tr><td colspan="2" align="center">' . $lang[required_form_text] . '</td></tr>'; $display .= '<tr><td colspan="2" align="center"><input type="submit" value="' . $lang[update_button] . '"> <a href="' . $delete_link . '" onclick="return confirmDelete()">' . $lang[admin_listings_editor_delete_listing] . '</a></td></tr></table></form>'; $display .= '</td></tr></table>'; } else { $display .= '<center><span class="redtext">' . $lang['admin_listings_editor_invalid_listing'] . '</span></center>'; $next_prev = '<center>' . $misc->next_prev($num_rows, $_GET['cur_page'], "", '', TRUE) . '</center>'; // put in the next/previous stuff $display .= listing_editor::show_quick_edit_bar($next_prev, $only_my_listings); } } else { // show all the listings $sql_filter = ''; if (isset($_POST['filter'])) { if ($_POST['filter'] == 'active') { $sql_filter = " AND listingsdb_active = 'yes' "; } if ($_POST['filter'] == 'inactive') { $sql_filter = " AND listingsdb_active = 'no' "; } if ($_POST['filter'] == 'expired') { $sql_filter = " AND listingsdb_expiration < " . $conn->DBDate(time()); } if ($_POST['filter'] == 'featured') { $sql_filter = " AND listingsdb_featured = 'yes' "; } if ($_POST['filter'] == 'created_1week') { $sql_filter = " AND listingsdb_creation_date >= " . $conn->DBDate(date('Y-m-d', strtotime('-1 week'))); } if ($_POST['filter'] == 'created_1month') { $sql_filter = " AND listingsdb_creation_date >= " . $conn->DBDate(date('Y-m-d', strtotime('-1 month'))); } if ($_POST['filter'] == 'created_3month') { $sql_filter = " AND listingsdb_creation_date >= " . $conn->DBDate(date('Y-m-d', strtotime('-3 month'))); } } $lookup_sql = ''; if (isset($_POST['lookup_field']) && isset($_POST['lookup_value']) && $_POST['lookup_field'] != 'listingsdb_id' && $_POST['lookup_field'] != 'listingsdb_title' && $_POST['lookup_value'] != '') { $lookup_field = $misc->make_db_safe($_POST['lookup_field']); $lookup_value = $misc->make_db_safe('%' . $_POST['lookup_value'] . '%'); $sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdbelements WHERE listingsdbelements_field_name = ' . $lookup_field . ' AND listingsdbelements_field_value LIKE ' . $lookup_value; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $listing_ids = array(); while (!$recordSet->EOF) { $listing_ids[] = $recordSet->fields['listingsdb_id']; $recordSet->MoveNext(); } if (count($listing_ids) > 0) { $listing_ids = implode(',', $listing_ids); } else { $listing_ids = '0'; } $lookup_sql = ' AND listingsdb_id IN (' . $listing_ids . ') '; } if (isset($_POST['lookup_field']) && isset($_POST['lookup_value']) && $_POST['lookup_field'] == 'listingsdb_title' && $_POST['lookup_value'] != '') { $lookup_value = $misc->make_db_safe('%' . $_POST['lookup_value'] . '%'); $sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_title LIKE ' . $lookup_value; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $listing_ids = array(); while (!$recordSet->EOF) { $listing_ids[] = $recordSet->fields['listingsdb_id']; $recordSet->MoveNext(); } if (count($listing_ids) > 0) { $listing_ids = implode(',', $listing_ids); } else { $listing_ids = '0'; } $lookup_sql = ' AND listingsdb_id IN (' . $listing_ids . ') '; } if (isset($_POST['pclass_filter']) && $_POST['pclass_filter'] != '') { $pclass_filter = $misc->make_db_safe($_POST['pclass_filter']); $sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE class_id = ' . $pclass_filter; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $listing_ids = array(); while (!$recordSet->EOF) { $listing_ids[] = $recordSet->fields['listingsdb_id']; $recordSet->MoveNext(); } if (count($listing_ids) > 0) { $listing_ids = implode(',', $listing_ids); } else { $listing_ids = '0'; } $pclass_sql = ' AND listingsdb_id IN (' . $listing_ids . ') '; } if (isset($_POST['agent_filter']) && $_POST['agent_filter'] != '') { $agent_filter = $misc->make_db_safe($_POST['agent_filter']); $sql = 'SELECT listingsdb_id FROM ' . $config['table_prefix'] . 'listingsdb WHERE userdb_id = ' . $agent_filter; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $listing_ids = array(); while (!$recordSet->EOF) { $listing_ids[] = $recordSet->fields['listingsdb_id']; $recordSet->MoveNext(); } if (count($listing_ids) > 0) { $listing_ids = implode(',', $listing_ids); } else { $listing_ids = '0'; } $agent_sql = ' AND listingsdb_id IN (' . $listing_ids . ') '; } // grab the number of listings from the db if ($only_my_listings == true) { $sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_mlsexport, listingsdb_notes,\tlistingsdb_expiration, listingsdb_active, listingsdb_featured, listingsdb_hit_count, userdb_emailaddress FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "userdb WHERE " . $config['table_prefix'] . "listingsdb.userdb_id = " . $config['table_prefix'] . "userdb.userdb_id AND (" . $config['table_prefix'] . "userdb.userdb_id = '{$_SESSION['userID']}') {$sql_filter} {$lookup_sql} {$pclass_sql} {$agent_sql} ORDER BY listingsdb_id ASC"; } else { $sql = "SELECT listingsdb_id, listingsdb_title, listingsdb_mlsexport, listingsdb_notes,\tlistingsdb_expiration, listingsdb_active, listingsdb_featured, listingsdb_hit_count, userdb_emailaddress FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "userdb WHERE " . $config['table_prefix'] . "listingsdb.userdb_id = " . $config['table_prefix'] . "userdb.userdb_id {$sql_filter} {$lookup_sql} {$pclass_sql} {$agent_sql} ORDER BY listingsdb_id ASC"; } $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $num_rows = $recordSet->RecordCount(); if (!isset($_GET['cur_page'])) { $_GET['cur_page'] = 0; } $next_prev = '<center>' . $misc->next_prev($num_rows, $_GET['cur_page'], "", '', TRUE) . '</center>'; // put in the next/previous stuff $display .= listing_editor::show_quick_edit_bar($next_prev, $only_my_listings); // build the string to select a certain number of listings per page $limit_str = $_GET['cur_page'] * $config['listings_per_page']; $recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str); if ($recordSet === false) { $misc->log_error($sql); } $count = 0; $display .= "<br /><br />"; $page->load_page($config['admin_template_path'] . '/edit_listings.html'); $page->replace_lang_template_tags(); $page->replace_tags(); $addons = $page->load_addons(); $listing_section = $page->get_template_section('listing_dataset'); while (!$recordSet->EOF) { // alternate the colors if ($count == 0) { $count = $count + 1; } else { $count = 0; } $listing .= $listing_section; // strip slashes so input appears correctly $title = $misc->make_db_unsafe($recordSet->fields['listingsdb_title']); $notes = $misc->make_db_unsafe($recordSet->fields['listingsdb_notes']); $active = $misc->make_db_unsafe($recordSet->fields['listingsdb_active']); $featured = $misc->make_db_unsafe($recordSet->fields['listingsdb_featured']); $mlsexport = $misc->make_db_unsafe($recordSet->fields['listingsdb_mlsexport']); $email = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']); $formatted_expiration = $recordSet->UserTimeStamp($recordSet->fields['listingsdb_expiration'], $config["date_format_timestamp"]); $listingID = $recordSet->fields['listingsdb_id']; $hit_count = $misc->make_db_unsafe($recordSet->fields['listingsdb_hit_count']); if ($active == 'yes') { $active = '<span class="edit_listings_' . $active . '">' . $lang['yes'] . '</span>'; } elseif ($active == 'no') { $active = '<span class="edit_listings_' . $active . '">' . $lang['no'] . '</span>'; } if ($featured == 'yes') { $featured = '<span class="edit_listings_' . $featured . '">' . $lang['yes'] . '</span>'; } elseif ($featured == 'no') { $featured = '<span class="edit_listings_' . $featured . '">' . $lang['no'] . '</span>'; } //Add filters to link if (isset($_POST['lookup_field']) && isset($_POST['lookup_value'])) { $_GET['lookup_field'] = $_POST['lookup_field']; $_GET['lookup_value'] = $_POST['lookup_value']; } if (isset($_GET['lookup_field']) && isset($_GET['lookup_value'])) { $_POST['lookup_field'] = $_GET['lookup_field']; $_POST['lookup_value'] = $_GET['lookup_value']; } if ($only_my_listings == true) { $edit_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&edit=' . $listingID; $delete_link = $config['baseurl'] . '/admin/index.php?action=edit_my_listings&delete=' . $listingID; } else { $edit_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&edit=' . $listingID; $delete_link = $config['baseurl'] . '/admin/index.php?action=edit_listings&delete=' . $listingID; } $email_link = 'mailto:' . $email; $listing = $page->replace_listing_field_tags($listingID, $listing); $listing = $page->parse_template_section($listing, 'listingid', $listingID); $listing = $page->parse_template_section($listing, 'edit_listing_link', $edit_link); $listing = $page->parse_template_section($listing, 'delete_listing_link', $delete_link); $listing = $page->parse_template_section($listing, 'email_agent_link', $email_link); $listing = $page->parse_template_section($listing, 'listing_active_status', $active); $listing = $page->parse_template_section($listing, 'listing_featured_status', $featured); $listing = $page->parse_template_section($listing, 'listing_expiration', $formatted_expiration); $listing = $page->parse_template_section($listing, 'listing_notes', $notes); $listing = $page->parse_template_section($listing, 'row_num_even_odd', $count); $listing = $page->parse_template_section($listing, 'listing_hit_count', $hit_count); $addon_fields = $page->get_addon_template_field_list($addons); $listing = $page->parse_addon_tags($listing, $addon_fields); if ($config["use_expiration"] == 0) { $listing = $page->remove_template_block('show_expiration', $listing); } else { $listing = $page->cleanup_template_block('show_expiration', $listing); } $recordSet->MoveNext(); } // end while $page->replace_template_section('listing_dataset', $listing); $page->replace_permission_tags(); $display .= $page->return_page(); } // end if $edit == "" } else { $display .= '<div class="error_text">' . $lang['access_denied'] . '</div>'; } return $display; }
/** * user::view_user() * * @param $type * @return */ function view_users() { global $conn, $config, $lang, $agent_id; require_once $config['basepath'] . '/include/misc.inc.php'; require_once $config['basepath'] . '/include/images.inc.php'; require_once $config['basepath'] . '/include/class/template/core.inc.php'; $misc = new misc(); $display = ''; $user_section = ''; $page = new page_user(); $page->load_page($config['template_path'] . '/view_users_default.html'); //Get User Count $sql = "SELECT count(userdb_id) as user_count FROM " . $config['table_prefix'] . "userdb where userdb_is_agent = 'yes' and userdb_active = 'yes' order by userdb_rank,userdb_user_name"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $num_rows = $recordSet->fields['user_count']; if ($config["show_admin_on_agent_list"] == 0) { $options = "userdb_is_agent = 'yes'"; } else { $options = "(userdb_is_agent = 'yes' or userdb_is_admin = 'yes')"; } $sql = "SELECT userdb_user_name, userdb_user_first_name, userdb_user_last_name, userdb_id FROM " . $config['table_prefix'] . "userdb where " . $options . " and userdb_active = 'yes' order by userdb_rank,userdb_user_name"; //Handle Pagnation if (!isset($_GET['cur_page'])) { $_GET['cur_page'] = 0; } $limit_str = intval($_GET['cur_page']) * $config['users_per_page']; $some_num = intval($_GET['cur_page']) + 1; $next_prev = $misc->next_prev($num_rows, intval($_GET['cur_page']), $guidestring); // put in the next/previous stuff $recordSet = $conn->SelectLimit($sql, $config['users_per_page'], $limit_str); //$recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']); $last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']); $agent_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']); $agent_link = user::get_agent_link($recordSet->fields['userdb_id']); $agent_contact_link = user::contact_agent_link($agent_id); $agent_fields = user::renderUserInfo($agent_id); $user_section .= $page->get_template_section('user_block'); $user_section = $page->parse_template_section($user_section, 'agent_first_name', $first_name); $user_section = $page->parse_template_section($user_section, 'agent_last_name', $last_name); $user_section = $page->parse_template_section($user_section, 'agent_id', $agent_id); $user_section = $page->parse_template_section($user_section, 'agent_contact_link', $agent_contact_link); $user_section = $page->parse_template_section($user_section, 'agent_fields', $agent_fields); $user_section = $page->parse_template_section($user_section, 'agent_link', $agent_link); // Insert Agent Image $sql2 = "SELECT userimages_thumb_file_name FROM " . $config['table_prefix'] . "userimages WHERE userdb_id = {$agent_id} ORDER BY userimages_rank"; $recordSet2 = $conn->Execute($sql2); if ($recordSet2 === false) { $misc->log_error($sql2); } $num_images = $recordSet2->RecordCount(); if ($num_images == 0) { if ($config['show_no_photo'] == 1) { $agent_image = '<img src="images/nophoto.gif" alt="' . $lang['no_photo'] . '" />'; $raw_agent_image = 'images/nophoto.gif'; $user_section = $page->cleanup_template_block('agent_image_thumb_1', $user_section); } else { $agent_image = ''; $raw_agent_image = ''; } $user_section = $page->parse_template_section($user_section, 'agent_image_thumb_1', $agent_image); $user_section = $page->parse_template_section($user_section, 'raw_agent_image_thumb_1', $raw_agent_image); $user_section = $page->remove_template_block('agent_image_thumb_[1-9]', $user_section); } $x = 1; while (!$recordSet2->EOF) { $thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['userimages_thumb_file_name']); if ($thumb_file_name != "") { // gotta grab the image size $imagedata = GetImageSize("{$config['user_upload_path']}/{$thumb_file_name}"); $imagewidth = $imagedata[0]; $imageheight = $imagedata[1]; $shrinkage = $config['thumbnail_width'] / $imagewidth; $displaywidth = $imagewidth * $shrinkage; $displayheight = $imageheight * $shrinkage; $agent_image = '<img src="' . $config['user_view_images_path'] . '/' . $thumb_file_name . '" height="' . $displayheight . '" width="' . $displaywidth . '" alt="' . $thumb_file_name . '" />'; $raw_agent_image = $config['user_view_images_path'] . '/' . $thumb_file_name; } // end if ($thumb_file_name != "") // We have the image so insert it into the section. $user_section = $page->parse_template_section($user_section, 'agent_image_thumb_' . $x, $agent_image); $user_section = $page->parse_template_section($user_section, 'raw_agent_image_thumb_' . $x, $raw_agent_image); $user_section = $page->cleanup_template_block('agent_image_thumb_' . $x, $user_section); $x++; $recordSet2->MoveNext(); } // end while $user_section = preg_replace('{agent_image_thumb_(.*?)}', '', $user_section); $user_section = preg_replace('{raw_agent_image_thumb_(.*?)}', '', $user_section); $user_section = $page->remove_template_block('agent_image_thumb_[1-9]', $user_section); $recordSet->MoveNext(); } $page->replace_template_section('user_block', $user_section); $page->page = str_replace('{next_prev}', $next_prev, $page->page); return $page->page; }
function renderNotifyListings($listingIDArray, $search_title, $user_name, $email) { global $conn, $lang, $config, $db_type, $current_ID; //Load the Core Template class and the Misc Class require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); require_once $config['basepath'] . '/include/listing.inc.php'; $listingclass = new listing_pages(); //Declare an empty display variable to hold all output from function. $display = ''; //If We have a $current_ID save it $old_current_ID = ''; if ($current_ID != '') { $old_current_ID = $current_ID; } //Load the Notify Listing Template specified in the Site Config $page->load_page($config['template_path'] . '/' . $config['notify_listings_template']); // Determine if the template uses rows. // First item in array is the row conent second item is the number of block per block row $notify_template_row = $page->get_template_section_row('notify_listing_block_row'); if (is_array($notify_template_row)) { $row = $notify_template_row[0]; $col_count = $notify_template_row[1]; $user_rows = true; $x = 1; //Create an empty array to hold the row conents $new_row_data = array(); } else { $user_rows = false; } $notify_template_section = ''; foreach ($listingIDArray as $current_ID) { if ($user_rows == true && $x > $col_count) { //We are at then end of a row. Save the template section as a new row. $new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row); //$new_row_data[] = $notify_template_section; $notify_template_section = $page->get_template_section('notify_listing_block'); $x = 1; } else { $notify_template_section .= $page->get_template_section('notify_listing_block'); } $listing_title = $listingclass->get_title($current_ID); if ($config['url_style'] == '1') { $notify_url = $config['baseurl'] . '/index.php?action=listingview&listingID=' . $current_ID; // ##### } else { $url_title = str_replace("/", "", $listing_title); $url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title)); $notify_url = $config['baseurl'] . '/listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html'; // ##### } $notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section); $notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section); $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_url', $notify_url); $notify_template_section = $page->parse_template_section($notify_template_section, 'listingid', $current_ID); // Setup Image Tags $sql2 = "SELECT listingsimages_thumb_file_name,listingsimages_file_name\n\t\t\t\t\tFROM " . $config['table_prefix'] . "listingsimages\n\t\t\t\t\tWHERE (listingsdb_id = {$current_ID})\n\t\t\t\t\tORDER BY listingsimages_rank"; $recordSet2 = $conn->SelectLimit($sql2, 1, 0); if ($recordSet2 === false) { $misc->log_error($sql2); } if ($recordSet2->RecordCount() > 0) { $thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_thumb_file_name']); $file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_file_name']); if ($thumb_file_name != "" && file_exists("{$config['listings_upload_path']}/{$thumb_file_name}")) { // gotta grab the thumbnail image size $imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}"); $imagewidth = $imagedata[0]; $imageheight = $imagedata[1]; $shrinkage = $config['thumbnail_width'] / $imagewidth; $notify_thumb_width = $imagewidth * $shrinkage; $notify_thumb_height = $imageheight * $shrinkage; $notify_thumb_src = $config['listings_view_images_path'] . '/' . $thumb_file_name; // gotta grab the thumbnail image size $imagedata = GetImageSize("{$config['listings_upload_path']}/{$file_name}"); $imagewidth = $imagedata[0]; $imageheight = $imagedata[1]; $notify_width = $imagewidth; $notify_height = $imageheight; $notify_src = $config['listings_view_images_path'] . '/' . $file_name; } } else { if ($config['show_no_photo'] == 1) { $imagedata = GetImageSize($config['basepath'] . "/images/nophoto.gif"); $imagewidth = $imagedata[0]; $imageheight = $imagedata[1]; $shrinkage = $config['thumbnail_width'] / $imagewidth; $notify_thumb_width = $imagewidth * $shrinkage; $notify_thumb_height = $imageheight * $shrinkage; $notify_thumb_src = $config['baseurl'] . '/images/nophoto.gif'; $notify_width = $notify_thumb_width; $notify_height = $notify_thumb_height; $notify_src = $config['baseurl'] . '/images/nophoto.gif'; } else { $notify_thumb_width = ''; $notify_thumb_height = ''; $notify_thumb_src = ''; $notify_width = ''; $notify_height = ''; $notify_src = ''; } } if (!empty($notify_thumb_src)) { $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_src', $notify_thumb_src); $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_height', $notify_thumb_height); $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_thumb_width', $notify_thumb_width); $notify_template_section = $page->cleanup_template_block('notify_img', $notify_template_section); } else { $notify_template_section = $page->remove_template_block('notify_img', $notify_template_section); } if (!empty($notify_src)) { $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_src', $notify_src); $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_height', $notify_height); $notify_template_section = $page->parse_template_section($notify_template_section, 'notify_large_width', $notify_width); $notify_template_section = $page->cleanup_template_block('notify_img_large', $notify_template_section); } else { $notify_template_section = $page->remove_template_block('notify_img_large', $notify_template_section); } if ($user_rows == true) { $x++; } } if ($user_rows == true) { $notify_template_section = $page->cleanup_template_block('notify_listing', $notify_template_section); $new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row); $replace_row = ''; foreach ($new_row_data as $rows) { $replace_row .= $rows; } $page->replace_template_section_row('notify_listing_block_row', $replace_row); } else { $page->replace_template_section('notify_listing_block', $notify_template_section); } $page->replace_permission_tags(); $page->replace_urls(); $page->auto_replace_tags(); $page->replace_lang_template_tags(); $display .= $page->return_page(); $current_ID = ''; if ($old_current_ID != '') { $current_ID = $old_current_ID; } return $display; }
function next_prev($num_rows, $cur_page, $guidestring = '', $template = '', $admin = FALSE) { global $lang, $config; require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); if (isset($template) && $template != '') { $template_file = 'next_prev_' . $template . '.html'; } else { $template_file = 'next_prev.html'; } if ($admin == TRUE) { $page->load_page($config['admin_template_path'] . '/' . $template_file); } else { $page->load_page($config['template_path'] . '/' . $template_file); } $guidestring = ''; $guidestring_no_action = ''; $guidestring_with_sort = ''; // Save GET foreach ($_GET as $k => $v) { if ($v && $k != 'cur_page' && $k != 'PHPSESSID') { if (is_array($v)) { foreach ($v as $vitem) { $guidestring .= '&' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}"); } } else { $guidestring .= '&' . urlencode("{$k}") . '=' . urlencode("{$v}"); } } if ($v && $k != 'cur_page' && $k != 'PHPSESSID' && $k != 'action') { if (is_array($v)) { foreach ($v as $vitem) { $guidestring_no_action .= '&' . urlencode("{$k}") . '[]=' . urlencode("{$vitem}"); } } else { $guidestring_no_action .= '&' . urlencode("{$k}") . '=' . urlencode("{$v}"); } } } $page->page = str_replace('{nextprev_guidestring}', $guidestring, $page->page); $page->page = str_replace('{nextprev_guidestring_no_action}', $guidestring_no_action, $page->page); if ($cur_page == "") { $cur_page = 0; } $page_num = $cur_page + 1; $page->page = str_replace('{nextprev_num_rows}', $num_rows, $page->page); if ($_GET['action'] == 'view_log') { $items_per_page = 25; $page->page = str_replace('{nextprev_page_type}', $lang['log'], $page->page); $page->page = str_replace('{nextprev_meet_your_search}', $lang['logs_meet_your_search'], $page->page); if ($num_rows == 1) { $page->page = $page->remove_template_block('!nextprev_num_of_rows_is_1', $page->page); $page->page = $page->cleanup_template_block('nextprev_num_of_rows_is_1', $page->page); } else { $page->page = $page->remove_template_block('nextprev_num_of_rows_is_1', $page->page); $page->page = $page->cleanup_template_block('!nextprev_num_of_rows_is_1', $page->page); } } elseif ($_GET['action'] == 'view_users') { $items_per_page = $config['users_per_page']; $page->page = str_replace('{nextprev_page_type}', $lang['agent'], $page->page); $page->page = str_replace('{nextprev_meet_your_search}', $lang['agents'], $page->page); if ($num_rows == 1) { $page->page = $page->remove_template_block('!nextprev_num_of_rows_is_1', $page->page); $page->page = $page->cleanup_template_block('nextprev_num_of_rows_is_1', $page->page); } else { $page->page = $page->remove_template_block('nextprev_num_of_rows_is_1', $page->page); $page->page = $page->cleanup_template_block('!nextprev_num_of_rows_is_1', $page->page); } } else { $items_per_page = $config['listings_per_page']; $page->page = str_replace('{nextprev_page_type}', $lang['listing'], $page->page); $page->page = str_replace('{nextprev_meet_your_search}', $lang['listings_meet_your_search'], $page->page); if ($num_rows == 1) { $page->page = $page->remove_template_block('!nextprev_num_of_rows_is_1', $page->page); $page->page = $page->cleanup_template_block('nextprev_num_of_rows_is_1', $page->page); } else { $page->page = $page->remove_template_block('nextprev_num_of_rows_is_1', $page->page); $page->page = $page->cleanup_template_block('!nextprev_num_of_rows_is_1', $page->page); } } $total_num_page = ceil($num_rows / $items_per_page); if ($total_num_page == 0) { $listing_num_min = 0; $listing_num_max = 0; } else { $listing_num_min = $cur_page * $items_per_page + 1; if ($page_num == $total_num_page) { $listing_num_max = $num_rows; } else { $listing_num_max = $page_num * $items_per_page; } } $page->page = str_replace('{nextprev_listing_num_min}', $listing_num_min, $page->page); $page->page = str_replace('{nextprev_listing_num_max}', $listing_num_max, $page->page); $prevpage = $cur_page - 1; $nextpage = $cur_page + 1; $next10page = $cur_page + 10; $prev10page = $cur_page - 10; $next_minus10page = $cur_page - 10; $page->page = str_replace('{nextprev_nextpage}', $nextpage, $page->page); $page->page = str_replace('{nextprev_prevpage}', $prevpage, $page->page); $page->page = str_replace('{nextprev_next10page}', $next10page, $page->page); $page->page = str_replace('{nextprev_prev10page}', $prev10page, $page->page); if ($_GET['action'] == 'searchresults') { $page->page = $page->cleanup_template_block('nextprev_show_save_search', $page->page); } else { $page->page = $page->remove_template_block('nextprev_show_save_search', $page->page); } if ($_GET['action'] == 'searchresults') { $page->page = $page->cleanup_template_block('nextprev_show_refine_search', $page->page); } else { $page->page = $page->remove_template_block('nextprev_show_refine_search', $page->page); } if ($page_num <= 1) { $page->page = $page->cleanup_template_block('nextprev_is_firstpage', $page->page); $page->page = $page->remove_template_block('!nextprev_is_firstpage', $page->page); } if ($page_num > 1) { $page->page = $page->cleanup_template_block('!nextprev_is_firstpage', $page->page); $page->page = $page->remove_template_block('nextprev_is_firstpage', $page->page); } //end if ($page_num > 10) // begin 10 page menu selection $count = $cur_page; //Determine Where to Start the Page Count At $count_start = $count - 10; if ($count_start < 0) { $count_start = 0; $real_count_start = 0; } else { while (!preg_match("/0\$/", $count_start)) { $count_start++; } } //echo 'Count Start '.$count_start.'<br />'; //$count = ($count - $lastnum); $page_section_part = $page->get_template_section('nextprev_page_section'); $page_section = ''; $reverse_count = $count_start; while ($count > $count_start) { //echo 'Count '.$count.'<br />'; //echo 'Reverse Count '.$reverse_count.'<br />'; // If the last number is a zero, it's divisible by 10 check it... if (preg_match("/0\$/", $count)) { break; } $page_section .= $page_section_part; $disp_count = $reverse_count + 1; $page_section = str_replace('{nextprev_count}', $reverse_count, $page_section); $page_section = str_replace('{nextprev_disp_count}', $disp_count, $page_section); $page_section = $page->cleanup_template_block('nextprev_page_other', $page_section); $page_section = $page->remove_template_block('nextprev_page_current', $page_section); $count--; $reverse_count++; } $count = $cur_page; while ($count < $total_num_page) { $page_section .= $page_section_part; $disp_count = $count + 1; $page_section = str_replace('{nextprev_count}', $count, $page_section); $page_section = str_replace('{nextprev_disp_count}', $disp_count, $page_section); if ($page_num == $disp_count) { // the currently selected page $page_section = $page->cleanup_template_block('nextprev_page_current', $page_section); $page_section = $page->remove_template_block('nextprev_page_other', $page_section); } else { $page_section = $page->cleanup_template_block('nextprev_page_other', $page_section); $page_section = $page->remove_template_block('nextprev_page_current', $page_section); } $count++; // If the last number is a zero, it's divisible by 10 check it... if (!($count % 10)) { break; } } // end while ($count <= 10) $page->replace_template_section('nextprev_page_section', $page_section); if ($page_num >= $total_num_page) { $page->page = $page->cleanup_template_block('nextprev_lastpage', $page->page); $page->page = $page->remove_template_block('!nextprev_lastpage', $page->page); } if ($page_num < $total_num_page) { $diff = $total_num_page - $cur_page; $page->page = $page->cleanup_template_block('!nextprev_lastpage', $page->page); $page->page = $page->remove_template_block('nextprev_lastpage', $page->page); } //end if // search buttons if ($page_num >= 11) { // previous 10 page $page->page = $page->cleanup_template_block('nextprev_prev_100_button', $page->page); $page->page = $page->remove_template_block('!nextprev_prev_100_button', $page->page); } else { $page->page = $page->cleanup_template_block('!nextprev_prev_100_button', $page->page); $page->page = $page->remove_template_block('nextprev_prev_100_button', $page->page); } // Next 100 button if ($cur_page < $total_num_page - $config['listings_per_page'] && $total_num_page > 10) { $page->page = $page->cleanup_template_block('nextprev_next_100_button', $page->page); $page->page = $page->remove_template_block('!nextprev_next_100_button', $page->page); } else { $page->page = $page->cleanup_template_block('!nextprev_next_100_button', $page->page); $page->page = $page->remove_template_block('nextprev_next_100_button', $page->page); } if ($_GET['action'] == 'view_log' && $_SESSION['admin_privs'] == "yes") { $page->page = $page->cleanup_template_block('nextprev_clearlog', $page->page); } else { $page->page = $page->remove_template_block('nextprev_clearlog', $page->page); } return $page->page; }
function edit_post_comments() { global $conn, $lang, $config; $security = login::loginCheck('can_access_blog_manager', true); $display = ''; $blog_user_type = intval($_SESSION['blog_user_type']); if ($security === true) { require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); //Load the Core Template require_once $config['basepath'] . '/include/class/template/core.inc.php'; $page = new page_user(); require_once $config['basepath'] . '/include/user.inc.php'; $userclass = new user(); require_once $config['basepath'] . '/include/blog_functions.inc.php'; $blog_functions = new blog_functions(); //Load TEmplate File $page->load_page($config['admin_template_path'] . '/blog_edit_comments.html'); // Do we need to save? if (isset($_GET['id'])) { $post_id = intval($_GET['id']); //Get Blog Post Information $blog_title = $blog_functions->get_blog_title($post_id); $page->page = $page->parse_template_section($page->page, 'blog_title', $blog_title); $blog_author = $blog_functions->get_blog_author($post_id); $page->page = $page->parse_template_section($page->page, 'blog_author', $blog_author); $blog_date_posted = $blog_functions->get_blog_date($post_id); $page->page = $page->parse_template_section($page->page, 'blog_date_posted', $blog_date_posted); //Handle any deletions and comment approvals before we load the comments if (isset($_GET['caction']) && $_GET['caction'] == 'delete') { if (isset($_GET['cid'])) { $cid = intval($_GET['cid']); //Do permission checks. if ($blog_user_type < 4) { //Throw Error $display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />'; unset($_GET['caction']); $display .= $this->edit_post_comments(); return $display; } //Delete $sql = 'DELETE FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id; //Load Record Set $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } } } if (isset($_GET['caction']) && $_GET['caction'] == 'approve') { if (isset($_GET['cid'])) { $cid = intval($_GET['cid']); //Do permission checks. if ($blog_user_type < 4) { //Throw Error $display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />'; unset($_GET['caction']); $display .= $this->edit_post_comments(); return $display; } //Delete $sql = 'UPDATE ' . $config['table_prefix'] . 'blogcomments SET blogcomments_moderated = 1 WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id; //Load Record Set $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } } } //Ok Load the comments. $sql = 'SELECT * FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogmain_id = ' . $post_id . ' ORDER BY blogcomments_timestamp ASC'; //Load Record Set $recordSet = $conn->Execute($sql); if (!$recordSet) { $misc->log_error($sql); } //Handle Next prev $num_rows = $recordSet->RecordCount(); if (!isset($_GET['cur_page'])) { $_GET['cur_page'] = 0; } $limit_str = $_GET['cur_page'] * $config['listings_per_page']; $recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str); if ($recordSet === false) { $misc->log_error($sql); } $blog_comment_template = ''; while (!$recordSet->EOF) { //Load DB Values $comment_author_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']); $blogcomments_id = $misc->make_db_unsafe($recordSet->fields['blogcomments_id']); $blogcomments_moderated = $misc->make_db_unsafe($recordSet->fields['blogcomments_moderated']); $blogcomments_timestamp = $misc->make_db_unsafe($recordSet->fields['blogcomments_timestamp']); $blogcomments_text = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogcomments_text']), ENT_NOQUOTES, $config['charset']); //Load Template Block $blog_comment_template .= $page->get_template_section('blog_article_comment_item_block'); //Lookup Blog Author.. $author_type = $userclass->get_user_type($comment_author_id); if ($author_type == 'member') { $author_display = $userclass->get_user_name($comment_author_id); } else { $author_display = $userclass->get_user_last_name($comment_author_id) . ', ' . $userclass->get_user_first_name($comment_author_id); } $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_author', $author_display); if ($config['date_format'] == 1) { $format = "m/d/Y"; } elseif ($config['date_format'] == 2) { $format = "Y/d/m"; } elseif ($config['date_format'] == 3) { $format = "d/m/Y"; } $blog_comment_date_posted = date($format, "{$blogcomments_timestamp}"); $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_date_posted', $blog_comment_date_posted); $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_text', $blogcomments_text); //Add Delete COmment Link //{blog_comment_delete_url} $blog_comment_delete_url = 'index.php?action=edit_blog_post_comments&id=' . $post_id . '&caction=delete&cid=' . $blogcomments_id; $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_delete_url', $blog_comment_delete_url); $blog_comment_approve_url = 'index.php?action=edit_blog_post_comments&id=' . $post_id . '&caction=approve&cid=' . $blogcomments_id; $blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_approve_url', $blog_comment_approve_url); //Do Security Checks if ($blog_user_type < 4) { $blog_comment_template = $page->remove_template_block('blog_article_comment_approve', $blog_comment_template); $blog_comment_template = $page->remove_template_block('blog_article_comment_delete', $blog_comment_template); } //Handle Moderation if ($blogcomments_moderated == 1) { $blog_comment_template = $page->remove_template_block('blog_article_comment_approve', $blog_comment_template); } else { $blog_comment_template = $page->cleanup_template_block('blog_article_comment_approve', $blog_comment_template); } $recordSet->MoveNext(); } $page->replace_template_section('blog_article_comment_item_block', $blog_comment_template); $next_prev = $misc->next_prev($num_rows, $_GET['cur_page'], "", 'blog', TRUE); $page->replace_tag('next_prev', $next_prev); $page->replace_permission_tags(); $page->auto_replace_tags('', true); $display .= $page->return_page(); } } return $display; }