/** * show thread * * @param integer $intThreadId * @return bool */ function showThread($intThreadId) { global $objDatabase, $_ARRAYLANG; $objFWUser = \FWUser::getFWUserObject(); $this->_communityLogin(); $intThreadId = intval($intThreadId); if (!empty($_REQUEST['notification_update']) && $_REQUEST['notification_update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION']) { $this->_updateNotification($intThreadId); } $intCatId = !empty($_REQUEST['category_id']) ? intval($_REQUEST['category_id']) : '0'; if ($intCatId == 0) { $intCatId = $this->_getCategoryIdFromThread($intThreadId); } if (empty($intCatId)) { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum'); die; } if ($objFWUser->objUser->login()) { $this->_objTpl->touchBlock('notificationRow'); } else { $this->_objTpl->hideBlock('notificationRow'); } $intPostId = !empty($_REQUEST['postid']) ? intval($_REQUEST['postid']) : 0; $intPostId = $intPostId == 0 && !empty($_REQUEST['post_id']) ? intval($_REQUEST['post_id']) : $intPostId; $this->_objTpl->setVariable('FORUM_EDIT_POST_ID', $intPostId); $_REQUEST['act'] = !empty($_REQUEST['act']) ? $_REQUEST['act'] : ''; if ($_REQUEST['act'] == 'delete') { if ($this->_checkAuth($intCatId, 'delete')) { if ($this->_deletePost($intCatId, $intThreadId, $_REQUEST['postid'])) { $this->_objTpl->setVariable('TXT_FORUM_SUCCESS', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETED_SUCCESSFULLY']); } else { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETE_FAILED']); } } else { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); } } $pos = !empty($_REQUEST['pos']) ? intval($_REQUEST['pos']) : 0; $this->_objTpl->setVariable(array('FORUM_PAGING_POS' => $pos)); if (!empty($_REQUEST['preview_new'])) { $pos = $this->_getLastPos($intPostId, $intThreadId); } if (!empty($_REQUEST['postid'])) { if ($_REQUEST['act'] == 'quote') { $pos = $this->_getLastPos($intPostId, $intThreadId); } if ($_REQUEST['act'] == 'edit') { $pos = $this->_getEditPos($intPostId, $intThreadId); } } if (!empty($_REQUEST['l']) && $_REQUEST['l'] == 1) { $pos = $this->_getEditPos($intPostId, $intThreadId); } $arrPosts = $this->createPostArray($intThreadId, $pos); if (!empty($_REQUEST['preview_edit']) && $_REQUEST['post_id'] != 0 && $_REQUEST['act'] != 'quote') { $intPostId = intval($intPostId); $pos = $this->_getEditPos($intPostId, $intThreadId); $arrPosts = $this->createPostArray($intThreadId, $pos); $arrPosts[$intPostId]['subject'] = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : $_ARRAYLANG['TXT_FORUM_NO_SUBJECT']; $arrPosts[$intPostId]['content'] = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput(contrexx_input2raw($_REQUEST['message'])); } $userId = $objFWUser->objUser->login() ? $objFWUser->objUser->getId() : 0; $icon = !empty($_REQUEST['icons']) ? intval($_REQUEST['icons']) : 1; if ($_REQUEST['act'] == 'edit') { //submit is an edit $arrEditedPost = $this->_getPostingData($intPostId); $subject = addcslashes(htmlentities($arrEditedPost['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\'); $content = $arrEditedPost['content']; $keywords = addcslashes(htmlentities($arrEditedPost['keywords'], ENT_QUOTES, CONTREXX_CHARSET), '\\'); $attachment = $arrEditedPost['attachment']; $this->_objTpl->setVariable('FORUM_POST_EDIT_USERID', $arrPosts[$intPostId]['user_id']); if (!empty($attachment)) { $this->_objTpl->setVariable('TXT_FORUM_DELETE_ATTACHMENT', sprintf($_ARRAYLANG['TXT_FORUM_DELETE_ATTACHMENT'], $attachment)); } $this->_objTpl->touchBlock('updatePost'); $this->_objTpl->hideBlock('createPost'); $this->_objTpl->hideBlock('previewNewPost'); $this->_objTpl->touchBlock('previewEditPost'); } else { //new post if ($this->_objTpl->blockExists('delAttachment')) { $this->_objTpl->hideBlock('delAttachment'); } $subject = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : ''; $content = !empty($_REQUEST['message']) ? contrexx_input2raw(strip_tags($_REQUEST['message'])) : ''; $keywords = !empty($_REQUEST['keywords']) ? contrexx_strip_tags($_REQUEST['keywords']) : ''; $attachment = !empty($_REQUEST['attachment']) ? contrexx_strip_tags($_REQUEST['attachment']) : ''; $this->_objTpl->touchBlock('createPost'); $this->_objTpl->hideBlock('updatePost'); $this->_objTpl->touchBlock('previewNewPost'); $this->_objTpl->hideBlock('previewEditPost'); } if ($_REQUEST['act'] == 'quote') { $quoteContent = $this->_getPostingData($intPostId); $subject = 'RE: ' . addcslashes(htmlentities($quoteContent['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\'); $content = '[quote=' . $arrPosts[$intPostId]['user_name'] . ']' . strip_tags($quoteContent['content']) . '[/quote]'; } $firstPost = current($arrPosts); if ($this->_arrSettings['wysiwyg_editor'] == 1) { //IF WYSIWIG enabled.. $strMessageInputHTML = new \Cx\Core\Wysiwyg\Wysiwyg('message', $content, 'bbcode'); } else { //plain textarea $strMessageInputHTML = '<textarea style="width: 400px; height: 150px;" rows="5" cols="10" name="message">' . contrexx_raw2xhtml($content) . '</textarea>'; } $this->_objTpl->setGlobalVariable(array('FORUM_JAVASCRIPT_GOTO' => $this->getJavascript('goto'), 'FORUM_JAVASCRIPT_DELETE' => $this->getJavascript('deletePost'), 'FORUM_JAVASCRIPT_SCROLLTO' => $this->getJavascript('scrollto'), 'FORUM_SCROLLPOS' => !empty($_REQUEST['scrollpos']) ? intval($_REQUEST['scrollpos']) : '0', 'FORUM_JAVASCRIPT_INSERT_TEXT' => $this->getJavascript('insertText', array($intCatId, $intThreadId, $firstPost)), 'FORUM_NAME' => $this->_shortenString($firstPost['subject'], $this->_maxStringlength), 'FORUM_TREE' => $this->_createNavTree($intCatId) . '<a title="' . $this->_arrTranslations[$intCatId][$this->_intLangId]['name'] . '" href="index.php?section=Forum&cmd=board&id=' . $intCatId . '">' . $this->_shortenString($this->_arrTranslations[$intCatId][$this->_intLangId]['name'], $this->_maxStringlength) . '</a> > ', 'FORUM_DROPDOWN' => $this->createForumDD('forum_quickaccess', $intCatId, 'onchange="gotoForum(this);"', ''), 'TXT_FORUM_COMMA_SEPARATED_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_COMMA_SEPARATED_KEYWORDS'], 'TXT_FORUM_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_KEYWORDS'], 'TXT_FORUM_FILE_ATTACHMENT' => $_ARRAYLANG['TXT_FORUM_FILE_ATTACHMENT'], 'TXT_FORUM_RATING' => $_ARRAYLANG['TXT_FORUM_RATING'], 'TXT_FORUM_ADD_POST' => $_ARRAYLANG['TXT_FORUM_ADD_POST'], 'TXT_FORUM_SUBJECT' => $_ARRAYLANG['TXT_FORUM_SUBJECT'], 'TXT_FORUM_MESSAGE' => $_ARRAYLANG['TXT_FORUM_MESSAGE'], 'TXT_FORUM_RESET' => $_ARRAYLANG['TXT_FORUM_RESET'], 'TXT_FORUM_CREATE_POST' => $_ARRAYLANG['TXT_FORUM_CREATE_POST'], 'TXT_FORUM_ICON' => $_ARRAYLANG['TXT_FORUM_ICON'], 'TXT_FORUM_QUOTE' => $_ARRAYLANG['TXT_FORUM_QUOTE'], 'TXT_FORUM_EDIT' => $_ARRAYLANG['TXT_FORUM_EDIT'], 'TXT_FORUM_DELETE' => $_ARRAYLANG['TXT_FORUM_DELETE'], 'TXT_FORUM_PREVIEW' => $_ARRAYLANG['TXT_FORUM_PREVIEW'], 'TXT_FORUM_UPDATE_POST' => $_ARRAYLANG['TXT_FORUM_UPDATE_POST'], 'TXT_FORUM_NOTIFY_NEW_POSTS' => $_ARRAYLANG['TXT_FORUM_NOTIFY_NEW_POSTS'], 'TXT_FORUM_QUICKACCESS' => $_ARRAYLANG['TXT_FORUM_QUICKACCESS'], 'TXT_FORUM_UPDATE_NOTIFICATION' => $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION'], 'TXT_FORUM_THREAD_ACTION_DESC' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DESC'], 'TXT_FORUM_THREAD_ACTION_MOVE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE'], 'TXT_FORUM_THREAD_ACTION_CLOSE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_CLOSE_' . $firstPost['is_locked']], 'TXT_FORUM_THREAD_ACTION_STICKY' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_STICKY_' . $firstPost['is_sticky']], 'TXT_FORUM_THREAD_ACTION_DELETE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DELETE'], 'TXT_FORUM_CHOOSE_FILE' => $_ARRAYLANG['TXT_FORUM_CHOOSE_FILE'], 'FORUM_NOTIFICATION_CHECKBOX_CHECKED' => $this->_hasNotification($intThreadId) ? 'checked="checked"' : '', 'FORUM_SUBJECT' => stripslashes($subject), 'FORUM_KEYWORDS' => stripslashes($keywords), 'FORUM_ATTACHMENT_OLDNAME' => $attachment, 'FORUM_MESSAGE_INPUT' => $strMessageInputHTML, 'FORUM_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode(), 'FORUM_THREAD_ID' => $intThreadId, 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_POSTS_PAGING' => getPaging($this->_postCount, $pos, '§ion=Forum&cmd=thread&id=' . $intThreadId, $_ARRAYLANG['TXT_FORUM_OVERVIEW_POSTINGS'], true, $this->_arrSettings['posting_paging']))); if ($objFWUser->objUser->login()) { $this->_objTpl->hideBlock('captcha'); } else { $this->_objTpl->touchBlock('captcha'); } $this->_setIcons($this->_getIcons()); if (!$this->_checkAuth($intCatId, 'read')) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); return false; } $intCounter = 0; foreach ($arrPosts as $postId => $arrValues) { $strRating = '<span id="forum_current_rating_' . $postId . '" class="rating_%s">%s</span>'; if ($arrValues['rating'] == 0) { $class = 'none'; } elseif ($arrValues['rating'] > 0) { $class = 'pos'; } else { $class = 'neg'; } $strRating = sprintf($strRating, $class, $arrValues['rating']); $strUserProfileLink = $arrValues['user_id'] > 0 ? '<a title="' . $arrValues['user_name'] . '" href="index.php?section=Access&cmd=user&id=' . $arrValues['user_id'] . '">' . $arrValues['user_name'] . '</a>' : $this->_anonymousName; $arrAttachment = $this->_getAttachment($arrValues['attachment']); $this->_objTpl->setGlobalVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1)); $quoteLink = "id=" . $intThreadId . "&act=quote&postid=" . $postId; $quoteLinkLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Forum") . "&cmd=thread&" . htmlentities($quoteLink) . "';"; $quoteLinkNotLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Login") . "&redirect=" . base64_encode("index.php?section=Forum&cmd=thread&" . $quoteLink) . "';"; $this->_objTpl->setVariable(array('FORUM_POST_DATE' => $arrValues['time_created'], 'FORUM_POST_LAST_EDITED' => $arrValues['time_edited'] != date(ASCMS_DATE_FORMAT, 0) ? $_ARRAYLANG['TXT_FORUM_LAST_EDITED'] . $arrValues['time_edited'] : '', 'FORUM_USER_ID' => $arrValues['user_id'], 'FORUM_USER_NAME' => $strUserProfileLink, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . $arrValues['post_number'], 'FORUM_POST_ICON' => $arrValues['post_icon'], 'FORUM_POST_SUBJECT' => $arrValues['subject'], 'FORUM_POST_MESSAGE' => $arrValues['content'], 'FORUM_POST_RATING' => $strRating, 'FORUM_POST_ATTACHMENT_LINK' => $arrAttachment['webpath'], 'FORUM_POST_ATTACHMENT_FILENAME' => $arrAttachment['name'], 'FORUM_POST_ATTACHMENT_ICON' => $arrAttachment['icon'], 'FORUM_POST_ATTACHMENT_FILESIZE' => $arrAttachment['size'], 'FORUM_QUOTE_ONCLICK' => $this->_checkAuth($intCatId, 'write') ? $quoteLinkLoggedIn : $quoteLinkNotLoggedIn)); if (!$objFWUser->objUser->login() && !$this->_checkAuth($intCatId, 'write')) { $button = '<input type="button" value="' . $_ARRAYLANG['TXT_FORUM_CREATE_POST'] . '" onclick="location.href=\'' . \Cx\Core\Csrf\Controller\Csrf::enhanceURI('index.php?section=Login') . '&redirect=' . base64_encode($_SERVER['REQUEST_URI']) . '\';" />'; $this->_objTpl->setVariable(array('FORUM_POST_REPLY_REDIRECT' => $button)); } $this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId, 'FORUM_RATING_POST_ID' => $postId)); if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'edit') || $objFWUser->objUser->login() && $arrValues['user_id'] == $objFWUser->objUser->getId())) { $this->_objTpl->touchBlock('postEdit'); } else { $this->_objTpl->hideBlock('postEdit'); } if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'write') || !$firstPost['is_locked'])) { $this->_objTpl->touchBlock('postQuote'); } else { $this->_objTpl->hideBlock('postQuote'); } if ($this->_checkAuth($intCatId, 'delete') && $arrValues['post_number'] != 1) { $this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId)); $this->_objTpl->touchBlock('postDelete'); } else { $this->_objTpl->hideBlock('postDelete'); } if ($this->_objTpl->blockExists('rating')) { if ($objFWUser->objUser->login() && !$this->_hasRated($postId)) { $this->_objTpl->parse('rating'); } else { $this->_objTpl->hideBlock('rating'); } } if ($this->_objTpl->blockExists('attachment')) { if (!empty($arrValues['attachment'])) { $this->_objTpl->parse('attachment'); } else { $this->_objTpl->hideBlock('attachment'); } } $this->_objTpl->parse('forumPosts'); } if (!$this->_checkAuth($intCatId, 'write') || $firstPost['is_locked'] == 1) { $this->_objTpl->hideBlock('addPost'); $this->_objTpl->hideBlock('addPostAnchor'); } else { $this->_objTpl->touchBlock('addPostAnchor'); } // initialize the uploader $this->initForumUploader(); //addpost code if (!empty($_REQUEST['create']) && $_REQUEST['create'] == $_ARRAYLANG['TXT_FORUM_CREATE_POST']) { if (!$this->_checkAuth($intCatId, 'write') && $firstPost['is_locked'] != 1) { //auth check $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); $this->_objTpl->hideBlock('addPost'); return false; } if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) { //captcha check return false; } if (strlen(trim($content)) < $this->_minPostlength) { //content check $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength)); return false; } if (false !== ($match = $this->_hasBadWords($content))) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1])); return false; } $fileInfo = $this->_handleUpload('forum_attachment'); if ($fileInfo === false) { //an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload() return false; } $lastPostIdQuery = ' SELECT max( id ) as last_post_id FROM ' . DBPREFIX . 'module_forum_postings WHERE category_id = ' . $intCatId . ' AND thread_id = ' . $intThreadId; if (($objRSmaxId = $objDatabase->SelectLimit($lastPostIdQuery, 1)) !== false) { $intPrevPostId = $objRSmaxId->fields['last_post_id']; } else { die('Database error: ' . $objDatabase->ErrorMsg()); } $insertQuery = 'INSERT INTO ' . DBPREFIX . 'module_forum_postings ( id, category_id, thread_id, prev_post_id, user_id, time_created, time_edited, is_locked, is_sticky, rating, views, icon, keywords, subject, content, attachment ) VALUES ( NULL, ' . $intCatId . ', ' . $intThreadId . ', ' . $intPrevPostId . ', ' . $userId . ', ' . time() . ', 0, 0, 0, 0, 0, ' . $icon . ",\n '{$keywords}' ,'" . $subject . "', '" . contrexx_raw2db($content) . "', '" . $fileInfo['name'] . "'\n )"; if ($objDatabase->Execute($insertQuery) !== false) { $lastInsertId = $objDatabase->Insert_ID(); $this->updateViewsNewItem($intCatId, $lastInsertId, true); $this->_updateNotification($intThreadId); $this->_sendNotifications($intThreadId, $subject, $content); $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); } \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId)); die; } if (!empty($_REQUEST['preview_new'])) { $content = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput($content); if (false !== ($match = $this->_hasBadWords($content))) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1])); return false; } if (strlen(trim($content)) < $this->_minPostlength) { //content check $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength)); return false; } $this->_objTpl->setVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1, 'FORUM_POST_DATE' => date(ASCMS_DATE_FORMAT, time()), 'FORUM_USER_ID' => $userId, 'FORUM_USER_NAME' => $objFWUser->objUser->login() ? '<a href="index.php?section=Access&cmd=user&id=' . $userId . '" title="' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '">' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '</a>' : $this->_anonymousName, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . ($this->_postCount + 1), 'FORUM_POST_ICON' => $this->getThreadIcon($icon), 'FORUM_POST_SUBJECT' => stripslashes($subject), 'FORUM_POST_MESSAGE' => $content, 'FORUM_POST_RATING' => '0')); $this->_objTpl->touchBlock('createPost'); $this->_objTpl->hideBlock('updatePost'); if ($this->_objTpl->blockExists('attachment')) { $this->_objTpl->hideBlock('attachment'); } $this->_objTpl->hideBlock('postEdit'); $this->_objTpl->hideBlock('postQuote'); $this->_objTpl->touchBlock('previewNewPost'); $this->_objTpl->hideBlock('previewEditPost'); $this->_objTpl->parse('forumPosts'); } if (!empty($_REQUEST['update']) && $_REQUEST['update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_POST']) { if (strlen(trim($content)) < $this->_minPostlength) { //content size check $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength)); return false; } if (!$this->_checkAuth($intCatId, 'edit') && (!$objFWUser->objUser->login() || $arrValues['user_id'] != $objFWUser->objUser->getId())) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); $this->_objTpl->hideBlock('postEdit'); return false; } if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) { $this->_objTpl->touchBlock('updatePost'); $this->_objTpl->hideBlock('createPost'); return false; } if (false !== ($match = $this->_hasBadWords($content))) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1])); return false; } $fileInfo = $this->_handleUpload('forum_attachment'); if ($fileInfo === false) { //an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload() return false; } if (empty($_POST['forum_delete_attachment']) && empty($fileInfo['name']) && !empty($_REQUEST['forum_attachment_oldname'])) { $fileInfo['name'] = contrexx_addslashes($_REQUEST['forum_attachment_oldname']); } elseif (!empty($_POST['forum_delete_attachment']) && $_POST['forum_delete_attachment'] == 1 || !empty($_REQUEST['forum_attachment_oldname']) && $fileInfo['name'] != $_REQUEST['forum_attachment_oldname']) { unlink(\Cx\Core\Core\Controller\Cx::instanciate()->getWebsiteMediaForumUploadPath() . '/' . str_replace(array('./', '.\\'), '', $_REQUEST['forum_attachment_oldname'])); } $updateQuery = 'UPDATE ' . DBPREFIX . 'module_forum_postings SET time_edited = ' . mktime() . ', icon = ' . $icon . ', subject = \'' . $subject . '\', keywords = \'' . $keywords . '\', content = \'' . contrexx_raw2db($content) . '\', attachment = \'' . $fileInfo['name'] . '\' WHERE id = ' . $intPostId; if ($objDatabase->Execute($updateQuery) !== false) { $this->updateViews($intThreadId, $intPostId); $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); } \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId)); die; } if (!empty($_REQUEST['preview_edit'])) { $this->_objTpl->touchBlock('updatePost'); $this->_objTpl->hideBlock('createPost'); $this->_objTpl->hideBlock('previewNewPost'); $this->_objTpl->touchBlock('previewEditPost'); } $hasAccess = false; foreach (array('STICKY', 'MOVE', 'CLOSE', 'DELETE') as $action) { if (!$this->_checkAuth($intCatId, strtolower($action))) { $this->_objTpl->setVariable('FORUM_THREAD_ACTIONS_DISABLED_' . $action, 'disabled="disabled"'); } else { $hasAccess = true; } } if ($this->_objTpl->blockExists('threadActionsSelect')) { if ($userId < 1 || !$hasAccess) { $this->_objTpl->hideBlock('threadActionsSelect'); } else { $this->_objTpl->touchBlock('threadActionsSelect'); } } if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'move' && !empty($_REQUEST['id'])) { $thread = intval($_REQUEST['id']); $newCat = intval($_REQUEST['moveToThread']); $oldCat = $this->_getCategoryIdFromThread($thread); $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `category_id` = {$newCat} WHERE `thread_id` = " . $thread; if ($objDatabase->Execute($query)) { $intMovedPosts = $objDatabase->Affected_Rows(); $query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `thread_id` = {$thread}"; $objRS = $objDatabase->SelectLimit($query, 1); $intMovedPostLastId = $objRS->fields['lastid']; $query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$oldCat}"; $objRS = $objDatabase->SelectLimit($query, 1); $query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` - 1, `post_count` = `post_count` - {$intMovedPosts}, `last_post_id` = " . (intval($objRS->fields['lastid']) > 0 ? intval($objRS->fields['lastid']) : 0) . " WHERE `category_id` = {$oldCat}"; $objDatabase->Execute($query); $query = "SELECT `id` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$newCat} GROUP BY `time_created` DESC"; $objRS = $objDatabase->Execute($query); $query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` + 1, `post_count` = `post_count` + {$intMovedPosts}, `last_post_id` = " . $objRS->fields['id'] . " WHERE `category_id` = {$newCat}"; $objDatabase->Execute($query); $this->_objTpl->hideBlock('moveForm'); $this->_objTpl->setVariable(array('TXT_THREAD_ACTION_' . ($success ? 'SUCCESS' : 'ERROR') => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE' . (!$success ? 'UN' : '') . 'SUCCESSFUL'], 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_THREAD_ID' => $intThreadId)); \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $thread); } } if (!empty($_GET['a'])) { $this->_objTpl->setVariable(array('TXT_FORUM_' . ($_GET['r'] == 1 ? 'SUCCESS' : 'ERROR') => '<br />' . $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_' . strtoupper($_GET['a']) . '_' . (!$_GET['r'] ? 'UN' : '') . 'SUCCESSFUL' . $_GET['s']])); } $success = false; if (!empty($_REQUEST['thread_actions'])) { $action = contrexx_addslashes($_REQUEST['thread_actions']); if ($this->_checkAuth($intCatId, $action)) { switch ($action) { case 'move': $arrForums = $this->createForumArray($this->_intLangId); foreach ($arrForums as $intCatID => $arrThread) { $strOptions .= '<option value="' . $intCatID . '" ' . ($arrThread['level'] == 0 ? 'disabled="disabled"' : '') . '>' . str_repeat(' ', $arrThread['level'] * 2) . $arrThread['name'] . '</option>'; } $this->_objTpl->setVariable(array('FORUM_THREADS' => $strOptions)); $success = true; $suffix = ''; \Env::get('cx')->getPage()->setTitle($_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE']); break; case 'close': $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_locked` = IF(`is_locked` = '0' OR `is_locked` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']); if ($objDatabase->Execute($query) !== false) { $success = true; } $suffix = '_' . $firstPost['is_locked']; break; case 'sticky': $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_sticky` = IF(`is_sticky` = '0' OR `is_sticky` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']); if ($objDatabase->Execute($query) !== false) { $success = true; } $suffix = '_' . $firstPost['is_sticky']; break; default: break; } if ($action != 'move') { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&a=' . $action . '&r=' . $success . '&s=' . $suffix); } } else { $this->_objTpl->setVariable('TXT_THREAD_ACTION_ERROR', $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); } $this->_objTpl->parse('threadActions'); $this->_objTpl->touchBlock('threadActions'); $this->_objTpl->hideBlock('threadDisplay'); } else { $this->updateViews($intThreadId, $intPostId); $this->_objTpl->hideBlock('threadActions'); } return true; }
/** * create an array containing all posts from the specified thread * if the second argument $pos is -1, then all posts are being returned, otherwise * it will be limited to the thread_paging setting * * if $intThreadId = 0 and $pos = -1, then all posts from all threads are returned * * @param integer $intThreadId ID of the thread * @param integer $pos position at which the posts will be read from (for paging) * @return array $arrReturn */ function createPostArray($intThreadId = 0, $pos = 0) { global $objDatabase, $_ARRAYLANG; $intThreadId = intval($intThreadId); $arrReturn = array(); if ($intThreadId > 0) { $WHERE = ' WHERE thread_id=' . $intThreadId; } elseif ($pos < 0) { $WHERE = ' '; } $objRSCount = $objDatabase->SelectLimit(' SELECT count(1) AS `cnt` FROM ' . DBPREFIX . 'module_forum_postings ' . $WHERE, 1); if ($objRSCount !== false) { $this->_postCount = $objRSCount->fields['cnt']; } if ($pos == -1) { $this->_arrSettings['posting_paging'] = $this->_postCount + 1; $pos = 0; } $objResult = $objDatabase->SelectLimit('SELECT id, category_id, thread_id, user_id, time_created, time_edited, is_locked, is_sticky, rating, views, icon, keywords, subject, content, attachment FROM ' . DBPREFIX . 'module_forum_postings ' . $WHERE . ' ORDER BY prev_post_id, time_created ASC ', $this->_arrSettings['posting_paging'], $pos); $intReplies = $objResult->RecordCount(); $postNumber = $pos + 1; while (!$objResult->EOF) { $strAuthor = $this->_getUserName($objResult->fields['user_id']); // $content = stripslashes($objResult->fields['content']); $content = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput($objResult->fields['content']); $arrReturn[$objResult->fields['id']] = array('id' => $objResult->fields['id'], 'thread_id' => $objResult->fields['thread_id'], 'category_id' => $objResult->fields['category_id'], 'user_id' => $objResult->fields['user_id'], 'user_name' => $strAuthor, 'time_created' => date(ASCMS_DATE_FORMAT, $objResult->fields['time_created']), 'time_edited' => date(ASCMS_DATE_FORMAT, $objResult->fields['time_edited']), 'timestamp_created' => $objResult->fields['time_created'], 'timestamp_edited' => $objResult->fields['time_edited'], 'is_locked' => intval($objResult->fields['is_locked']), 'is_sticky' => intval($objResult->fields['is_sticky']), 'rating' => intval($objResult->fields['rating']), 'post_icon' => $this->getThreadIcon($objResult->fields['icon']), 'replies' => $intReplies, 'views' => intval($objResult->fields['views']), 'icon' => intval($objResult->fields['icon']), 'keywords' => htmlspecialchars($objResult->fields['keywords'], ENT_QUOTES, CONTREXX_CHARSET), 'subject' => !trim($objResult->fields['subject']) == '' ? htmlspecialchars($objResult->fields['subject'], ENT_QUOTES, CONTREXX_CHARSET) : $_ARRAYLANG['TXT_FORUM_NO_SUBJECT'], 'content' => $content, 'attachment' => htmlspecialchars($objResult->fields['attachment'], ENT_QUOTES, CONTREXX_CHARSET), 'post_number' => $postNumber++); $objResult->MoveNext(); } return $arrReturn; }
/** * Show the message when the user clicks on the notification * * @global $_ARRAYLANG $objDatabase $_CORELANG */ function showMessage() { global $_ARRAYLANG, $objDatabase, $_CORELANG; if (!empty($_GET["msgID"])) { $messageID = $_GET["msgID"]; } $arrMessage = $this->createEntryShowMessage($messageID); if ($_REQUEST['status'] == "outboxmsg") { $this->_objTpl->setVariable(array('PRIVATE_MESSAGE_ID' => $messageID, 'PRIVATE_MESSAGE_TITLE' => $arrMessage["message_title"], 'PRIVATE_MESSAGE_TEXT' => \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput($arrMessage["message"]), 'U2U_USER_JOINED' => $arrMessage["registerd_date"], 'MESSAGE_AUTHOR_NAME' => $arrMessage["username"], 'MESSAGE_SENT_DATE' => $arrMessage["date_time"], 'TXT_PRIVATE_MESSAGE' => $_ARRAYLANG['TXT_U2U_PRIVATE_MESSAGE'], 'TXT_U2U_ENTRY_ADD_SUCCESS_MESSAGE' => $_ARRAYLANG['TXT_U2U_ENTRY_ADD_SUCCESS_MESSAGE'], 'TXT_U2U_AUTHOR' => $_ARRAYLANG['TXT_U2U_RECEIPENT_USER_OUTBOX'], 'TXT_U2U_MESSAGE_SENT_DATE' => $_ARRAYLANG['TXT_U2U_MESSAGE_SENT_DATE'], 'TXT_U2U_OUTBOX_SEND_MESSAGE' => $_ARRAYLANG['TXT_U2U_OUTBOX_SEND_MESSAGE'], 'TXT_U2U_USER_JOINED_DATE' => $_ARRAYLANG['TXT_U2U_USER_JOINED_DATE'], 'TXT_U2U_DELETE_THIS_MESSAGE' => $_ARRAYLANG['TXT_U2U_DELETE_THIS_MESSAGE'], 'TXT_U2U_DELETE_MESSAGE' => $_ARRAYLANG['TXT_U2U_DELETE_MESSAGE'], 'TXT_U2U_DELETE_STRING' => $_ARRAYLANG['TXT_U2U_DELETE_STRING'])); $this->_objTpl->hideBlock('showForwardandReply'); } else { $this->_objTpl->setVariable(array('PRIVATE_MESSAGE_ID' => $messageID, 'PRIVATE_MESSAGE_TITLE' => $arrMessage["message_title"], 'PRIVATE_MESSAGE_TEXT' => \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput($arrMessage["message"]), 'U2U_USER_JOINED' => $arrMessage["registerd_date"], 'MESSAGE_AUTHOR_NAME' => $arrMessage["username"], 'MESSAGE_SENT_DATE' => $arrMessage["date_time"], 'TXT_PRIVATE_MESSAGE' => $_ARRAYLANG['TXT_U2U_PRIVATE_MESSAGE'], 'TXT_U2U_ENTRY_ADD_SUCCESS_MESSAGE' => $_ARRAYLANG['TXT_U2U_ENTRY_ADD_SUCCESS_MESSAGE'], 'TXT_U2U_AUTHOR' => $_ARRAYLANG['TXT_U2U_AUTHOR'], 'TXT_U2U_MESSAGE_SENT_DATE' => $_ARRAYLANG['TXT_U2U_MESSAGE_SENT_DATE'], 'TXT_U2U_USER_JOINED_DATE' => $_ARRAYLANG['TXT_U2U_USER_JOINED_DATE'], 'TXT_U2U_DELETE_THIS_MESSAGE' => $_ARRAYLANG['TXT_U2U_DELETE_THIS_MESSAGE'], 'TXT_U2U_DELETE_MESSAGE' => $_ARRAYLANG['TXT_U2U_DELETE_MESSAGE'], 'TXT_U2U_DELETE_STRING' => $_ARRAYLANG['TXT_U2U_DELETE_STRING'], 'TXT_U2U_FORWARD' => $_ARRAYLANG['TXT_U2U_FORWARD'], 'TXT_U2U_REPLY' => $_ARRAYLANG['TXT_U2U_REPLY'])); $this->_objTpl->hideBlock('sendMessageOutbox'); } }
/** * Shows all existing comments of the entry with the id $intEntryId. * * @global array * @global array * @global ADONewConnection * @param integer $intEntryId: The comments of this entry will shown. */ function showComments($intEntryId) { global $_CORELANG, $_ARRAYLANG, $objDatabase; $this->_strPageTitle = $_ARRAYLANG['TXT_BLOG_ENTRY_MANAGE_COMMENTS']; $this->_objTpl->loadTemplateFile('module_blog_entries_comments.html', true, true); $this->_objTpl->setVariable(array('TXT_COMMENTS_TITLE' => $_ARRAYLANG['TXT_BLOG_ENTRY_MANAGE_COMMENTS'], 'TXT_COMMENTS_DATE' => $_ARRAYLANG['TXT_BLOG_ENTRY_VOTES_DATE'], 'TXT_COMMENTS_SUBJECT' => $_ARRAYLANG['TXT_BLOG_ENTRY_ADD_SUBJECT'], 'TXT_COMMENTS_CONTENT' => $_ARRAYLANG['TXT_BLOG_ENTRY_MANAGE_COMMENT'], 'TXT_COMMENTS_LANGUAGE' => $_ARRAYLANG['TXT_BLOG_ENTRY_COMMENTS_LANGUAGE'], 'TXT_COMMENTS_USER' => $_CORELANG['TXT_USER'], 'TXT_COMMENTS_ACTION' => $_ARRAYLANG['TXT_BLOG_CATEGORY_MANAGE_ACTIONS'], 'TXT_COMMENTS_MARKED' => $_ARRAYLANG['TXT_BLOG_CATEGORY_MANAGE_SUBMIT_MARKED'], 'TXT_COMMENTS_SELECT_ALL' => $_ARRAYLANG['TXT_BLOG_CATEGORY_MANAGE_SUBMIT_SELECT'], 'TXT_COMMENTS_DESELECT_ALL' => $_ARRAYLANG['TXT_BLOG_CATEGORY_MANAGE_SUBMIT_DESELECT'], 'TXT_COMMENTS_SUBMIT_SELECT' => $_ARRAYLANG['TXT_BLOG_CATEGORY_MANAGE_SUBMIT_ACTION'], 'TXT_COMMENTS_SUBMIT_ACTIVATE' => $_ARRAYLANG['TXT_BLOG_CATEGORY_MANAGE_SUBMIT_ACTIVATE'], 'TXT_COMMENTS_SUBMIT_DEACTIVATE' => $_ARRAYLANG['TXT_BLOG_CATEGORY_MANAGE_SUBMIT_DEACTIVATE'], 'TXT_COMMENTS_SUBMIT_DELETE' => $_ARRAYLANG['TXT_BLOG_CATEGORY_MANAGE_SUBMIT_DELETE'], 'TXT_COMMENTS_SUBMIT_DELETE_JS' => $_ARRAYLANG['TXT_BLOG_ENTRY_COMMENTS_DELETE_JS_ALL'], 'TXT_COMMENTS_DELETE_JS' => $_ARRAYLANG['TXT_BLOG_ENTRY_COMMENTS_DELETE_JS'], 'TXT_COMMENTS_BUTTON_BACK' => ucfirst($_CORELANG['TXT_BACK']))); $intEntryId = intval($intEntryId); $intPagingPosition = isset($_GET['pos']) ? intval($_GET['pos']) : 0; if ($intEntryId > 0) { // TODO: $arrEntries is not defined // @$this->_objTpl->setVariable('COMMENTS_SUBJECT', $arrEntries[$intEntryId]['subject']); $objCommentsResult = $objDatabase->Execute('SELECT comment_id, lang_id, is_active, time_created, user_id, user_name, subject, comment FROM ' . DBPREFIX . 'module_blog_comments WHERE message_id=' . $intEntryId . ' ORDER BY time_created DESC, comment_id DESC LIMIT ' . $intPagingPosition . ',' . $this->getPagingLimit() . ' '); if ($objCommentsResult->RecordCount() > 0) { $objFWUser = \FWUser::getFWUserObject(); $intRowClass = 1; while (!$objCommentsResult->EOF) { $this->_objTpl->setVariable(array('TXT_IMGALT_STATUS' => $_ARRAYLANG['TXT_BLOG_ENTRY_COMMENTS_STATUS'], 'TXT_IMGALT_EDIT' => $_ARRAYLANG['TXT_BLOG_ENTRY_COMMENTS_EDIT'], 'TXT_IMGALT_DELETE' => $_ARRAYLANG['TXT_BLOG_ENTRY_COMMENTS_DELETE'])); $strComment = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput($objCommentsResult->fields['comment']); $strComment = strlen($strComment) > 60 ? substr($strComment, 0, 60) . ' ...' : $strComment; $this->_objTpl->setVariable(array('COMMENT_ROWCLASS' => $intRowClass % 2 == 0 ? 'row1' : 'row2', 'COMMENT_ID' => $objCommentsResult->fields['comment_id'], 'COMMENT_STATUS_ICON' => $objCommentsResult->fields['is_active'] == 1 ? 'led_green' : 'led_red', 'COMMENT_DATE' => date(ASCMS_DATE_FORMAT, $objCommentsResult->fields['time_created']), 'COMMENT_SUBJECT' => htmlentities(stripslashes($objCommentsResult->fields['subject']), ENT_QUOTES, CONTREXX_CHARSET), 'COMMENT_CONTENT' => stripslashes($strComment), 'COMMENT_LANGUAGE' => $this->_arrLanguages[$objCommentsResult->fields['lang_id']]['long'], 'COMMENT_USER' => $objCommentsResult->fields['user_id'] != 0 && ($objUser = $objFWUser->objUser->getUser($objCommentsResult->fields['user_id'])) !== false ? '<a href="index.php?cmd=Access&act=user&tpl=modify&id=' . $objCommentsResult->fields['user_id'] . '" title="' . htmlentities($objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '">' . htmlentities($objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '</a>' : htmlentities(stripslashes($objCommentsResult->fields['user_name']), ENT_QUOTES, CONTREXX_CHARSET))); $this->_objTpl->parse('showComments'); $objCommentsResult->MoveNext(); ++$intRowClass; } //Show paging if needed if ($this->countComments($intEntryId) > $this->getPagingLimit()) { $strPaging = getPaging($this->countComments($intEntryId), $intPagingPosition, '&cmd=Blog&act=showComments&id=' . $intEntryId, '<strong>' . $_ARRAYLANG['TXT_BLOG_ENTRY_VOTES_DETAILS'] . '</strong>', true, $this->getPagingLimit()); $this->_objTpl->setVariable('COMMENTS_PAGING', $strPaging); } } else { $this->_objTpl->setVariable('TXT_COMMENTS_NONE', $_ARRAYLANG['TXT_BLOG_ENTRY_COMMENTS_NONE']); $this->_objTpl->parse('noComments'); } } else { $this->_strErrMessage = $_ARRAYLANG['TXT_BLOG_ENTRY_EDIT_ERROR_ID']; } }
/** * Shows detail-page (content, voting & comments) for a single message. It checks also for new comments (POST) or votings (GET). * * @global array * @global ADONewConnection * @global array * @param integer $intMessageId: The details of this page will be shown */ function showDetails($intMessageId) { global $_CORELANG, $_ARRAYLANG, $objDatabase, $_CONFIG; $this->initUserId(); $intMessageId = intval($intMessageId); if ($intMessageId < 1) { \Cx\Core\Csrf\Controller\Csrf::header("Location: index.php?section=Blog"); } //Empty form-values $strName = ''; $strEMail = ''; $strWWW = ''; $strSubject = ''; $strComment = ''; //Check for new votings if (isset($_POST['vote'])) { $this->addVoting($intMessageId, $_POST['vote']); } //Check for new comments if (isset($_POST['frmAddComment_MessageId'])) { $this->addComment(); if (!empty($this->_strErrorMessage) || !\FWUser::getFWUserObject()->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) { //Error occured, get previous entered values $strName = htmlentities($_POST['frmAddComment_Name'], ENT_QUOTES, CONTREXX_CHARSET); $strEMail = htmlentities($_POST['frmAddComment_EMail'], ENT_QUOTES, CONTREXX_CHARSET); $strWWW = htmlentities($_POST['frmAddComment_WWW'], ENT_QUOTES, CONTREXX_CHARSET); $strSubject = htmlentities($_POST['frmAddComment_Subject'], ENT_QUOTES, CONTREXX_CHARSET); $strComment = contrexx_stripslashes(html_entity_decode($_POST['frmAddComment_Comment'], ENT_QUOTES, CONTREXX_CHARSET)); } } //Count new hit $this->addHit($intMessageId); //After processing new actions: show page $arrEntries = $this->createEntryArray($this->_intLanguageId); //Loop over socializing-networks $strNetworks = ''; $arrNetworks = $this->createNetworkArray(); if (count($arrNetworks) > 0) { $strPageUrl = urlencode(\Cx\Core\Routing\Url::fromModuleAndCmd('Blog', 'details', '', array('id' => $intMessageId))->toString()); foreach ($arrNetworks as $arrNetworkValues) { if (key_exists($this->_intLanguageId, $arrNetworkValues['status'])) { $strUrl = str_replace('[URL]', $strPageUrl, $arrNetworkValues['submit']); $strUrl = str_replace('[SUBJECT]', $arrEntries[$intMessageId]['subject'], $strUrl); $strNetworks .= '<a href="' . $strUrl . '" title="' . $arrNetworkValues['name'] . ' (' . $arrNetworkValues['www'] . ')" target="_blank">' . $arrNetworkValues['icon_img'] . '</a> '; } } } //Show message-part $this->_objTpl->setVariable(array('BLOG_DETAILS_ID' => $intMessageId, 'BLOG_DETAILS_TITLE' => $arrEntries[$intMessageId]['subject'], 'BLOG_DETAILS_POSTED' => $this->getPostedByString($arrEntries[$intMessageId]['user_name'], $arrEntries[$intMessageId]['time_created']), 'BLOG_DETAILS_POSTED_ICON' => $this->getPostedByIcon($arrEntries[$intMessageId]['time_created']), 'BLOG_DETAILS_CONTENT' => html_entity_decode($arrEntries[$intMessageId]['translation'][$this->_intLanguageId]['content']), 'BLOG_DETAILS_IMAGE' => $arrEntries[$intMessageId]['translation'][$this->_intLanguageId]['image'] != '' ? '<img src="' . $arrEntries[$intMessageId]['translation'][$this->_intLanguageId]['image'] . '" title="' . $arrEntries[$intMessageId]['subject'] . '" alt="' . $arrEntries[$intMessageId]['subject'] . '" />' : '', 'BLOG_DETAILS_NETWORKS' => $strNetworks)); //Show voting-part if ($this->_arrSettings['blog_voting_activated']) { $this->_objTpl->setVariable(array('TXT_VOTING' => $_ARRAYLANG['TXT_BLOG_FRONTEND_OVERVIEW_VOTING'], 'TXT_VOTING_ACTUAL' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_VOTING_ACTUAL'], 'TXT_VOTING_AVG' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_VOTING_AVG'], 'TXT_VOTING_COUNT' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_VOTING_COUNT'], 'TXT_VOTING_USER' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_VOTING_USER'])); $this->_objTpl->setVariable(array('BLOG_DETAILS_VOTING_BAR' => $this->getRatingBar($intMessageId), 'BLOG_DETAILS_VOTING_AVG' => 'Ø ' . $arrEntries[$intMessageId]['votes_avg'], 'BLOG_DETAILS_VOTING_COUNT' => $arrEntries[$intMessageId]['votes'], 'BLOG_DETAILS_VOTING_USER' => $this->hasUserAlreadyVoted($intMessageId) ? $this->getUserVotingForMessage($intMessageId) : $this->getVotingBar($intMessageId))); } else { $this->_objTpl->hideBlock('votingPart'); } //Show comment-part if ($this->_arrSettings['blog_comments_activated']) { //comments are activated $this->_objTpl->setVariable(array('TXT_COMMENTS' => $_ARRAYLANG['TXT_BLOG_FRONTEND_OVERVIEW_COMMENTS'], 'TXT_COMMENT_ADD' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD'], 'TXT_COMMENT_ADD_NAME' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_NAME'], 'TXT_COMMENT_ADD_EMAIL' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_EMAIL'], 'TXT_COMMENT_ADD_WWW' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_WWW'], 'TXT_COMMENT_ADD_SUBJECT' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_SUBJECT'], 'TXT_COMMENT_ADD_COMMENT' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_COMMENT'], 'TXT_COMMENT_ADD_RESET' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_RESET'], 'TXT_COMMENT_ADD_SUBMIT' => $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_SUBMIT'])); if (\FWUser::getFWUserObject()->objUser->login()) { $this->_objTpl->hideBlock('comment_captcha'); } else { $this->_objTpl->setVariable(array('TXT_COMMENT_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'], 'COMMENT_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode())); $this->_objTpl->parse('comment_captcha'); } $this->_objTpl->setVariable(array('BLOG_DETAILS_COMMENTS_JAVASCRIPT' => $this->getJavascript('comments'))); $objFWUser = \FWUser::getFWUserObject(); $objCommentsResult = $objDatabase->Execute('SELECT comment_id, time_created, user_id, user_name, user_mail, user_www, subject, comment FROM ' . DBPREFIX . 'module_blog_comments WHERE message_id=' . $intMessageId . ' AND lang_id=' . $this->_intLanguageId . ' AND is_active="1" ORDER BY time_created ASC, comment_id ASC '); if ($objCommentsResult->RecordCount() > 0) { while (!$objCommentsResult->EOF) { //Get username and avatar $strUserName = ''; $strUserAvatar = '<img src="' . ASCMS_BLOG_IMAGES_WEB_PATH . '/no_avatar.gif" alt="' . $strUserName . '" />'; $objUser = $objFWUser->objUser->getUser($objCommentsResult->fields['user_id']); if ($objCommentsResult->fields['user_id'] == 0 || $objUser === false) { $strUserName = $objCommentsResult->fields['user_name']; } else { $strUserName = contrexx_raw2xhtml(\FWUser::getParsedUserTitle($objUser)); if ($objUser->getProfileAttribute('picture') != '') { $strUserAvatar = '<img src="' . ASCMS_ACCESS_PROFILE_IMG_WEB_PATH . '/' . $objUser->getProfileAttribute('picture') . '" alt="' . $strUserName . '" />'; } } //Parse comment $this->_objTpl->setVariable(array('BLOG_DETAILS_COMMENT_ID' => $objCommentsResult->fields['comment_id'], 'BLOG_DETAILS_COMMENT_TITLE' => htmlentities(stripslashes($objCommentsResult->fields['subject']), ENT_QUOTES, CONTREXX_CHARSET), 'BLOG_DETAILS_COMMENT_POSTED' => $this->getPostedByString($strUserName, date(ASCMS_DATE_FORMAT, $objCommentsResult->fields['time_created'])), 'BLOG_DETAILS_COMMENT_CONTENT' => \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput($objCommentsResult->fields['comment']), 'BLOG_DETAILS_COMMENT_AVATAR' => $strUserAvatar)); $this->_objTpl->parse('showCommentRows'); $objCommentsResult->MoveNext(); } } else { $this->_objTpl->setVariable('TXT_COMMENTS_NONE_EXISTING', $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_NONE_EXISTING']); $this->_objTpl->parse('showNoCommentRows'); } if ($this->_arrSettings['blog_comments_anonymous'] || $this->_intCurrentUserId != 0) { //Anonymous comments allowed or user is logged in //Fill Add-Comment-Form //Determine the desired editor if ($this->_arrSettings['blog_comments_editor'] == 'wysiwyg') { $strEditor = new \Cx\Core\Wysiwyg\Wysiwyg('frmAddComment_Comment', $strComment, 'bbcode'); } else { $strEditor = '<textarea name="frmAddComment_Comment" rows="12" cols="80" class="blogCommentTextarea">' . $strComment . '</textarea>'; } $this->_objTpl->setVariable(array('BLOG_DETAILS_COMMENT_ADD_MESSAGE_ID' => $intMessageId, 'BLOG_DETAILS_COMMENT_ADD_NAME' => $this->_intCurrentUserId == 0 ? '<input type="text" name="frmAddComment_Name" value="' . $strName . '" class="blogCommentInput" />' : contrexx_raw2xhtml(\FWUser::getParsedUserTitle($objFWUser->objUser)), 'BLOG_DETAILS_COMMENT_ADD_EMAIL' => $this->_intCurrentUserId == 0 ? '<input type="text" name="frmAddComment_EMail" value="' . $strEMail . '" class="blogCommentInput" />' : contrexx_raw2xhtml($objFWUser->objUser->getEmail()), 'BLOG_DETAILS_COMMENT_ADD_WWW' => $this->_intCurrentUserId == 0 ? '<input type="text" name="frmAddComment_WWW" value="' . $strWWW . '" class="blogCommentInput" />' : contrexx_raw2xhtml($objFWUser->objUser->getProfileAttribute('website')), 'BLOG_DETAILS_COMMENT_ADD_SUBJECT' => $strSubject, 'BLOG_DETAILS_COMMENT_ADD_COMMENT' => $strEditor)); } else { //Anonymous comments arent allowed and the user isn't logged in -> Hide block! $this->_objTpl->setVariable('BLOG_DETAILS_COMMENT_ADD_ERROR', $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_LOGGED_IN']); $this->_objTpl->hideBlock('commentAddPart'); } } else { //Comments dectivated - hide comment block $this->_objTpl->hideBlock('commentPart'); } //Finally parse info / error messages if (empty($this->_strStatusMessage)) { $this->_objTpl->hideBlock('showOkay'); } else { $this->_objTpl->setVariable('BLOG_DETAILS_COMMENT_OKAY', $this->_strStatusMessage); } if (empty($this->_strErrorMessage)) { $this->_objTpl->hideBlock('showError'); } else { $this->_objTpl->setVariable('BLOG_DETAILS_COMMENT_ERROR', $this->_strErrorMessage); } }